Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / 1bcc7bac8f1bf50d73b7505ea069f7a0efa620ce / . / clang / test / CodeGenCXX / catch-undef-behavior.cpp
blob: d08fe764cdbf8196708ebee20127b977b57ffe92 [file] [log] [blame]
Alexey Samsonov21d2dda2015-03-09 21:50:19 +0000[diff] [blame]1// RUN: %clang_cc1 -std=c++11 -fsanitize=signed-integer-overflow,integer-divide-by-zero,float-divide-by-zero,shift-base,shift-exponent,unreachable,return,vla-bound,alignment,null,vptr,object-size,float-cast-overflow,bool,enum,array-bounds,function -fsanitize-recover=signed-integer-overflow,integer-divide-by-zero,float-divide-by-zero,shift-base,shift-exponent,vla-bound,alignment,null,vptr,object-size,float-cast-overflow,bool,enum,array-bounds,function -emit-llvm %s -o - -triple x86_64-linux-gnu | FileCheck %s
Alexey Samsonov88459522015-01-12 22:39:12 +0000[diff] [blame]2// RUN: %clang_cc1 -std=c++11 -fsanitize=vptr,address -fsanitize-recover=vptr,address -emit-llvm %s -o - -triple x86_64-linux-gnu | FileCheck %s --check-prefix=CHECK-ASAN
3// RUN: %clang_cc1 -std=c++11 -fsanitize=vptr -fsanitize-recover=vptr -emit-llvm %s -o - -triple x86_64-linux-gnu | FileCheck %s --check-prefix=DOWNCAST-NULL
Peter Collingbourne69b004d2015-02-25 23:18:42 +0000[diff] [blame]4// RUN: %clang_cc1 -std=c++11 -fsanitize=function -emit-llvm %s -o - -triple x86_64-linux-gnux32 | FileCheck %s --check-prefix=CHECK-X32
5// RUN: %clang_cc1 -std=c++11 -fsanitize=function -emit-llvm %s -o - -triple i386-linux-gnu | FileCheck %s --check-prefix=CHECK-X86
NAKAMURA Takumif65421a2015-03-09 22:32:03 +0000[diff] [blame]6// REQUIRES: asserts
Richard Smith69d0d262012-08-24 00:54:33 +0000[diff] [blame]7
Richard Smithbe024a82012-12-18 00:22:45 +0000[diff] [blame]8struct S {
9 double d;
10 int a, b;
11 virtual int f();
12};
13
Alexey Samsonov6c124142014-07-18 17:50:06 +0000[diff] [blame]14// Check that type descriptor global is not modified by ASan.
15// CHECK-ASAN: [[TYPE_DESCR:@[0-9]+]] = private unnamed_addr constant { i16, i16, [4 x i8] } { i16 -1, i16 0, [4 x i8] c"'S'\00" }
16
17// Check that type mismatch handler is not modified by ASan.
18// CHECK-ASAN: private unnamed_addr global { { [{{.*}} x i8]*, i32, i32 }, { i16, i16, [4 x i8] }*, i8*, i8 } { {{.*}}, { i16, i16, [4 x i8] }* [[TYPE_DESCR]], {{.*}} }
19
Richard Smith2c5868c2013-02-13 21:18:23 +0000[diff] [blame]20struct T : S {};
21
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]22// CHECK-LABEL: @_Z17reference_binding
Richard Smithbe024a82012-12-18 00:22:45 +0000[diff] [blame]23void reference_binding(int *p, S *q) {
Richard Smith69d0d262012-08-24 00:54:33 +0000[diff] [blame]24 // C++ core issue 453: If an lvalue to which a reference is directly bound
25 // designates neither an existing object or function of an appropriate type,
26 // nor a region of storage of suitable size and alignment to contain an object
27 // of the reference's type, the behavior is undefined.
28
29 // CHECK: icmp ne {{.*}}, null
30
31 // CHECK: %[[SIZE:.*]] = call i64 @llvm.objectsize.i64
32 // CHECK-NEXT: icmp uge i64 %[[SIZE]], 4
33
34 // CHECK: %[[PTRINT:.*]] = ptrtoint
35 // CHECK-NEXT: %[[MISALIGN:.*]] = and i64 %[[PTRINT]], 3
36 // CHECK-NEXT: icmp eq i64 %[[MISALIGN]], 0
37 int &r = *p;
Richard Smith69d0d262012-08-24 00:54:33 +0000[diff] [blame]38
Richard Smithbe024a82012-12-18 00:22:45 +0000[diff] [blame]39 // A reference is not required to refer to an object within its lifetime.
40 // CHECK-NOT: __ubsan_handle_dynamic_type_cache_miss
41 S &r2 = *q;
42}
Richard Smith69d0d262012-08-24 00:54:33 +0000[diff] [blame]43
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]44// CHECK-LABEL: @_Z13member_access
Alexey Samsonov6c124142014-07-18 17:50:06 +0000[diff] [blame]45// CHECK-ASAN-LABEL: @_Z13member_access
Richard Smith69d0d262012-08-24 00:54:33 +0000[diff] [blame]46void member_access(S *p) {
Richard Smith10483562012-10-25 21:59:45 +0000[diff] [blame]47 // (1a) Check 'p' is appropriately sized and aligned for member access.
Richard Smith69d0d262012-08-24 00:54:33 +0000[diff] [blame]48
49 // CHECK: icmp ne {{.*}}, null
50
51 // CHECK: %[[SIZE:.*]] = call i64 @llvm.objectsize.i64
52 // CHECK-NEXT: icmp uge i64 %[[SIZE]], 24
53
54 // CHECK: %[[PTRINT:.*]] = ptrtoint
55 // CHECK-NEXT: %[[MISALIGN:.*]] = and i64 %[[PTRINT]], 7
56 // CHECK-NEXT: icmp eq i64 %[[MISALIGN]], 0
57
Richard Smith10483562012-10-25 21:59:45 +0000[diff] [blame]58 // (1b) Check that 'p' actually points to an 'S'.
59
60 // CHECK: %[[VPTRADDR:.*]] = bitcast {{.*}} to i64*
David Blaikiea953f282015-02-27 21:19:58 +0000[diff] [blame]61 // CHECK-NEXT: %[[VPTR:.*]] = load i64, i64* %[[VPTRADDR]]
Richard Smith10483562012-10-25 21:59:45 +0000[diff] [blame]62 //
63 // hash_16_bytes:
64 //
65 // If this number changes, it indicates that either the mangled name of ::S
66 // has changed, or that LLVM's hashing function has changed. The latter case
67 // is OK if the hashing function is still stable.
Richard Smith94211562012-10-25 22:27:30 +0000[diff] [blame]68 //
69 // The two hash values are for 64- and 32-bit Clang binaries, respectively.
70 // FIXME: We should produce a 64-bit value either way.
71 //
72 // CHECK-NEXT: xor i64 {{-4030275160588942838|2562089159}}, %[[VPTR]]
Richard Smith10483562012-10-25 21:59:45 +0000[diff] [blame]73 // CHECK-NEXT: mul i64 {{.*}}, -7070675565921424023
74 // CHECK-NEXT: lshr i64 {{.*}}, 47
75 // CHECK-NEXT: xor i64
76 // CHECK-NEXT: xor i64 %[[VPTR]]
77 // CHECK-NEXT: mul i64 {{.*}}, -7070675565921424023
78 // CHECK-NEXT: lshr i64 {{.*}}, 47
79 // CHECK-NEXT: xor i64
80 // CHECK-NEXT: %[[HASH:.*]] = mul i64 {{.*}}, -7070675565921424023
81 //
82 // Check the hash against the table:
83 //
84 // CHECK-NEXT: %[[IDX:.*]] = and i64 %{{.*}}, 127
David Blaikie218b7832015-02-27 19:18:17 +0000[diff] [blame]85 // CHECK-NEXT: getelementptr inbounds [128 x i64], [128 x i64]* @__ubsan_vptr_type_cache, i32 0, i64 %[[IDX]]
David Blaikiea953f282015-02-27 21:19:58 +0000[diff] [blame]86 // CHECK-NEXT: %[[CACHEVAL:.*]] = load i64, i64*
Richard Smith10483562012-10-25 21:59:45 +0000[diff] [blame]87 // CHECK-NEXT: icmp eq i64 %[[CACHEVAL]], %[[HASH]]
88 // CHECK-NEXT: br i1
89
Will Dietz3676d562012-12-30 20:53:28 +0000[diff] [blame]90 // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss({{.*}}, i64 %{{.*}}, i64 %[[HASH]])
Will Dietz88e02332012-12-02 19:50:33 +0000[diff] [blame]91 // CHECK-NOT: unreachable
92 // CHECK: {{.*}}:
Richard Smith10483562012-10-25 21:59:45 +0000[diff] [blame]93
Richard Smith69d0d262012-08-24 00:54:33 +0000[diff] [blame]94 // (2) Check 'p->b' is appropriately sized and aligned for a load.
95
96 // FIXME: Suppress this in the trivial case of a member access, because we
97 // know we've just checked the member access expression itself.
98
99 // CHECK: %[[SIZE:.*]] = call i64 @llvm.objectsize.i64
100 // CHECK-NEXT: icmp uge i64 %[[SIZE]], 4
101
102 // CHECK: %[[PTRINT:.*]] = ptrtoint
103 // CHECK-NEXT: %[[MISALIGN:.*]] = and i64 %[[PTRINT]], 3
104 // CHECK-NEXT: icmp eq i64 %[[MISALIGN]], 0
105 int k = p->b;
106
Richard Smith10483562012-10-25 21:59:45 +0000[diff] [blame]107 // (3a) Check 'p' is appropriately sized and aligned for member function call.
Richard Smith69d0d262012-08-24 00:54:33 +0000[diff] [blame]108
109 // CHECK: icmp ne {{.*}}, null
110
111 // CHECK: %[[SIZE:.*]] = call i64 @llvm.objectsize.i64
112 // CHECK-NEXT: icmp uge i64 %[[SIZE]], 24
113
114 // CHECK: %[[PTRINT:.*]] = ptrtoint
115 // CHECK-NEXT: %[[MISALIGN:.*]] = and i64 %[[PTRINT]], 7
116 // CHECK-NEXT: icmp eq i64 %[[MISALIGN]], 0
Richard Smith10483562012-10-25 21:59:45 +0000[diff] [blame]117
118 // (3b) Check that 'p' actually points to an 'S'
119
David Blaikiea953f282015-02-27 21:19:58 +0000[diff] [blame]120 // CHECK: load i64, i64*
Richard Smith3750e772012-10-25 23:05:00 +0000[diff] [blame]121 // CHECK-NEXT: xor i64 {{-4030275160588942838|2562089159}},
Richard Smith10483562012-10-25 21:59:45 +0000[diff] [blame]122 // [...]
David Blaikie218b7832015-02-27 19:18:17 +0000[diff] [blame]123 // CHECK: getelementptr inbounds [128 x i64], [128 x i64]* @__ubsan_vptr_type_cache, i32 0, i64 %
Richard Smith10483562012-10-25 21:59:45 +0000[diff] [blame]124 // CHECK: br i1
Will Dietz3676d562012-12-30 20:53:28 +0000[diff] [blame]125 // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss({{.*}}, i64 %{{.*}}, i64 %{{.*}})
Will Dietz88e02332012-12-02 19:50:33 +0000[diff] [blame]126 // CHECK-NOT: unreachable
127 // CHECK: {{.*}}:
Richard Smith10483562012-10-25 21:59:45 +0000[diff] [blame]128
Richard Smith69d0d262012-08-24 00:54:33 +0000[diff] [blame]129 k = p->f();
130}
Richard Smith3e056de2012-08-25 00:32:28 +0000[diff] [blame]131
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]132// CHECK-LABEL: @_Z12lsh_overflow
Richard Smith3e056de2012-08-25 00:32:28 +0000[diff] [blame]133int lsh_overflow(int a, int b) {
Alexey Samsonov21d2dda2015-03-09 21:50:19 +0000[diff] [blame]134 // CHECK: %[[RHS_INBOUNDS:.*]] = icmp ule i32 %[[RHS:.*]], 31
135 // CHECK-NEXT: br i1 %[[RHS_INBOUNDS]], label %[[CHECK_BB:.*]], label %[[CONT_BB:.*]],
Alexey Samsonov48a9db02015-03-05 21:57:35 +0000[diff] [blame]136
Alexey Samsonov21d2dda2015-03-09 21:50:19 +0000[diff] [blame]137 // CHECK: [[CHECK_BB]]:
138 // CHECK-NEXT: %[[SHIFTED_OUT_WIDTH:.*]] = sub nuw nsw i32 31, %[[RHS]]
Richard Smith3e056de2012-08-25 00:32:28 +0000[diff] [blame]139 // CHECK-NEXT: %[[SHIFTED_OUT:.*]] = lshr i32 %[[LHS:.*]], %[[SHIFTED_OUT_WIDTH]]
140
141 // This is present for C++11 but not for C: C++ core issue 1457 allows a '1'
142 // to be shifted into the sign bit, but not out of it.
143 // CHECK-NEXT: %[[SHIFTED_OUT_NOT_SIGN:.*]] = lshr i32 %[[SHIFTED_OUT]], 1
144
145 // CHECK-NEXT: %[[NO_OVERFLOW:.*]] = icmp eq i32 %[[SHIFTED_OUT_NOT_SIGN]], 0
Alexey Samsonov21d2dda2015-03-09 21:50:19 +0000[diff] [blame]146 // CHECK-NEXT: br label %[[CONT_BB]]
Will Dietz11d0a9f2013-02-25 22:37:49 +0000[diff] [blame]147
Alexey Samsonov21d2dda2015-03-09 21:50:19 +0000[diff] [blame]148 // CHECK: [[CONT_BB]]:
149 // CHECK-NEXT: %[[VALID_BASE:.*]] = phi i1 [ true, {{.*}} ], [ %[[NO_OVERFLOW]], %[[CHECK_BB]] ]
150 // CHECK-NEXT: %[[VALID:.*]] = and i1 %[[RHS_INBOUNDS]], %[[VALID_BASE]]
Will Dietz11d0a9f2013-02-25 22:37:49 +0000[diff] [blame]151 // CHECK-NEXT: br i1 %[[VALID]]
152
153 // CHECK: call void @__ubsan_handle_shift_out_of_bounds
154 // CHECK-NOT: call void @__ubsan_handle_shift_out_of_bounds
Richard Smith3e056de2012-08-25 00:32:28 +0000[diff] [blame]155
156 // CHECK: %[[RET:.*]] = shl i32 %[[LHS]], %[[RHS]]
157 // CHECK-NEXT: ret i32 %[[RET]]
158 return a << b;
159}
Richard Smith9f9e5822012-10-04 23:52:29 +0000[diff] [blame]160
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]161// CHECK-LABEL: @_Z9no_return
Richard Smith9f9e5822012-10-04 23:52:29 +0000[diff] [blame]162int no_return() {
Bill Wendlinge1c4a1b2013-02-22 09:10:20 +0000[diff] [blame]163 // CHECK: call void @__ubsan_handle_missing_return(i8* bitcast ({{.*}}* @{{.*}} to i8*)) [[NR_NUW:#[0-9]+]]
Richard Smithe30752c2012-10-09 19:52:38 +0000[diff] [blame]164 // CHECK-NEXT: unreachable
Richard Smith9f9e5822012-10-04 23:52:29 +0000[diff] [blame]165}
Richard Smith1629da92012-12-13 07:11:50 +0000[diff] [blame]166
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]167// CHECK-LABEL: @_Z9sour_bool
Richard Smith1629da92012-12-13 07:11:50 +0000[diff] [blame]168bool sour_bool(bool *p) {
169 // CHECK: %[[OK:.*]] = icmp ule i8 {{.*}}, 1
170 // CHECK: br i1 %[[OK]]
Will Dietz3676d562012-12-30 20:53:28 +0000[diff] [blame]171 // CHECK: call void @__ubsan_handle_load_invalid_value(i8* bitcast ({{.*}}), i64 {{.*}})
Richard Smith1629da92012-12-13 07:11:50 +0000[diff] [blame]172 return *p;
173}
174
175enum E1 { e1a = 0, e1b = 127 } e1;
176enum E2 { e2a = -1, e2b = 64 } e2;
177enum E3 { e3a = (1u << 31) - 1 } e3;
178
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]179// CHECK-LABEL: @_Z14bad_enum_value
Richard Smith1629da92012-12-13 07:11:50 +0000[diff] [blame]180int bad_enum_value() {
181 // CHECK: %[[E1:.*]] = icmp ule i32 {{.*}}, 127
182 // CHECK: br i1 %[[E1]]
Will Dietz3676d562012-12-30 20:53:28 +0000[diff] [blame]183 // CHECK: call void @__ubsan_handle_load_invalid_value(
Richard Smith1629da92012-12-13 07:11:50 +0000[diff] [blame]184 int a = e1;
185
186 // CHECK: %[[E2HI:.*]] = icmp sle i32 {{.*}}, 127
187 // CHECK: %[[E2LO:.*]] = icmp sge i32 {{.*}}, -128
188 // CHECK: %[[E2:.*]] = and i1 %[[E2HI]], %[[E2LO]]
189 // CHECK: br i1 %[[E2]]
Will Dietz3676d562012-12-30 20:53:28 +0000[diff] [blame]190 // CHECK: call void @__ubsan_handle_load_invalid_value(
Richard Smith1629da92012-12-13 07:11:50 +0000[diff] [blame]191 int b = e2;
192
193 // CHECK: %[[E3:.*]] = icmp ule i32 {{.*}}, 2147483647
194 // CHECK: br i1 %[[E3]]
Will Dietz3676d562012-12-30 20:53:28 +0000[diff] [blame]195 // CHECK: call void @__ubsan_handle_load_invalid_value(
Richard Smith1629da92012-12-13 07:11:50 +0000[diff] [blame]196 int c = e3;
197 return a + b + c;
198}
Richard Smith2c5868c2013-02-13 21:18:23 +0000[diff] [blame]199
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]200// CHECK-LABEL: @_Z20bad_downcast_pointer
Alexey Samsonov32f59d82014-07-18 18:15:39 +0000[diff] [blame]201// DOWNCAST-NULL-LABEL: @_Z20bad_downcast_pointer
Richard Smith2c5868c2013-02-13 21:18:23 +0000[diff] [blame]202void bad_downcast_pointer(S *p) {
203 // CHECK: %[[NONNULL:.*]] = icmp ne {{.*}}, null
204 // CHECK: br i1 %[[NONNULL]],
205
Alexey Samsonov32f59d82014-07-18 18:15:39 +0000[diff] [blame]206 // A null poiner access is guarded without -fsanitize=null.
207 // DOWNCAST-NULL: %[[NONNULL:.*]] = icmp ne {{.*}}, null
208 // DOWNCAST-NULL: br i1 %[[NONNULL]],
209
Matt Arsenault2f152632013-10-07 19:00:18 +0000[diff] [blame]210 // CHECK: %[[SIZE:.*]] = call i64 @llvm.objectsize.i64.p0i8(
Richard Smith2c5868c2013-02-13 21:18:23 +0000[diff] [blame]211 // CHECK: %[[E1:.*]] = icmp uge i64 %[[SIZE]], 24
212 // CHECK: %[[MISALIGN:.*]] = and i64 %{{.*}}, 7
213 // CHECK: %[[E2:.*]] = icmp eq i64 %[[MISALIGN]], 0
214 // CHECK: %[[E12:.*]] = and i1 %[[E1]], %[[E2]]
215 // CHECK: br i1 %[[E12]],
216
217 // CHECK: call void @__ubsan_handle_type_mismatch
218 // CHECK: br label
219
220 // CHECK: br i1 %{{.*}},
221
222 // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss
223 // CHECK: br label
224 (void) static_cast<T*>(p);
225}
226
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]227// CHECK-LABEL: @_Z22bad_downcast_reference
Richard Smith2c5868c2013-02-13 21:18:23 +0000[diff] [blame]228void bad_downcast_reference(S &p) {
229 // CHECK: %[[E1:.*]] = icmp ne {{.*}}, null
230 // CHECK-NOT: br i1
Alexey Samsonove396bfc2014-11-11 22:03:54 +0000[diff] [blame]231
Matt Arsenault2f152632013-10-07 19:00:18 +0000[diff] [blame]232 // CHECK: %[[SIZE:.*]] = call i64 @llvm.objectsize.i64.p0i8(
Richard Smith2c5868c2013-02-13 21:18:23 +0000[diff] [blame]233 // CHECK: %[[E2:.*]] = icmp uge i64 %[[SIZE]], 24
Alexey Samsonove396bfc2014-11-11 22:03:54 +0000[diff] [blame]234
Richard Smith2c5868c2013-02-13 21:18:23 +0000[diff] [blame]235 // CHECK: %[[MISALIGN:.*]] = and i64 %{{.*}}, 7
236 // CHECK: %[[E3:.*]] = icmp eq i64 %[[MISALIGN]], 0
Alexey Samsonove396bfc2014-11-11 22:03:54 +0000[diff] [blame]237
238 // CHECK: %[[E12:.*]] = and i1 %[[E1]], %[[E2]]
Richard Smith2c5868c2013-02-13 21:18:23 +0000[diff] [blame]239 // CHECK: %[[E123:.*]] = and i1 %[[E12]], %[[E3]]
240 // CHECK: br i1 %[[E123]],
241
242 // CHECK: call void @__ubsan_handle_type_mismatch
243 // CHECK: br label
244
245 // CHECK: br i1 %{{.*}},
246
247 // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss
248 // CHECK: br label
249 (void) static_cast<T&>(p);
250}
Bill Wendlinge1c4a1b2013-02-22 09:10:20 +0000[diff] [blame]251
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]252// CHECK-LABEL: @_Z11array_index
Richard Smith539e4a72013-02-23 02:53:19 +0000[diff] [blame]253int array_index(const int (&a)[4], int n) {
254 // CHECK: %[[K1_OK:.*]] = icmp ult i64 %{{.*}}, 4
255 // CHECK: br i1 %[[K1_OK]]
256 // CHECK: call void @__ubsan_handle_out_of_bounds(
257 int k1 = a[n];
258
259 // CHECK: %[[R1_OK:.*]] = icmp ule i64 %{{.*}}, 4
260 // CHECK: br i1 %[[R1_OK]]
261 // CHECK: call void @__ubsan_handle_out_of_bounds(
262 const int *r1 = &a[n];
263
264 // CHECK: %[[K2_OK:.*]] = icmp ult i64 %{{.*}}, 8
265 // CHECK: br i1 %[[K2_OK]]
266 // CHECK: call void @__ubsan_handle_out_of_bounds(
267 int k2 = ((const int(&)[8])a)[n];
268
269 // CHECK: %[[K3_OK:.*]] = icmp ult i64 %{{.*}}, 4
270 // CHECK: br i1 %[[K3_OK]]
271 // CHECK: call void @__ubsan_handle_out_of_bounds(
272 int k3 = n[a];
273
274 return k1 + *r1 + k2;
275}
276
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]277// CHECK-LABEL: @_Z17multi_array_index
Richard Smith539e4a72013-02-23 02:53:19 +0000[diff] [blame]278int multi_array_index(int n, int m) {
279 int arr[4][6];
280
281 // CHECK: %[[IDX2_OK:.*]] = icmp ult i64 %{{.*}}, 6
282 // CHECK: br i1 %[[IDX2_OK]]
283 // CHECK: call void @__ubsan_handle_out_of_bounds(
284
285 // CHECK: %[[IDX1_OK:.*]] = icmp ult i64 %{{.*}}, 4
286 // CHECK: br i1 %[[IDX1_OK]]
287 // CHECK: call void @__ubsan_handle_out_of_bounds(
288 return arr[n][m];
289}
290
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]291// CHECK-LABEL: @_Z11array_arith
Richard Smith539e4a72013-02-23 02:53:19 +0000[diff] [blame]292int array_arith(const int (&a)[4], int n) {
293 // CHECK: %[[K1_OK:.*]] = icmp ule i64 %{{.*}}, 4
294 // CHECK: br i1 %[[K1_OK]]
295 // CHECK: call void @__ubsan_handle_out_of_bounds(
296 const int *k1 = a + n;
297
298 // CHECK: %[[K2_OK:.*]] = icmp ule i64 %{{.*}}, 8
299 // CHECK: br i1 %[[K2_OK]]
300 // CHECK: call void @__ubsan_handle_out_of_bounds(
301 const int *k2 = (const int(&)[8])a + n;
302
303 return *k1 + *k2;
304}
305
306struct ArrayMembers {
307 int a1[5];
308 int a2[1];
309};
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]310// CHECK-LABEL: @_Z18struct_array_index
Richard Smith539e4a72013-02-23 02:53:19 +0000[diff] [blame]311int struct_array_index(ArrayMembers *p, int n) {
312 // CHECK: %[[IDX_OK:.*]] = icmp ult i64 %{{.*}}, 5
313 // CHECK: br i1 %[[IDX_OK]]
314 // CHECK: call void @__ubsan_handle_out_of_bounds(
315 return p->a1[n];
316}
317
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]318// CHECK-LABEL: @_Z16flex_array_index
Richard Smith539e4a72013-02-23 02:53:19 +0000[diff] [blame]319int flex_array_index(ArrayMembers *p, int n) {
320 // CHECK-NOT: call void @__ubsan_handle_out_of_bounds(
321 return p->a2[n];
322}
323
Richard Smith2847b222013-02-24 01:56:24 +0000[diff] [blame]324extern int incomplete[];
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]325// CHECK-LABEL: @_Z22incomplete_array_index
Richard Smith2847b222013-02-24 01:56:24 +0000[diff] [blame]326int incomplete_array_index(int n) {
327 // CHECK-NOT: call void @__ubsan_handle_out_of_bounds(
328 return incomplete[n];
329}
330
Richard Smith539e4a72013-02-23 02:53:19 +0000[diff] [blame]331typedef __attribute__((ext_vector_type(4))) int V4I;
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]332// CHECK-LABEL: @_Z12vector_index
Richard Smith539e4a72013-02-23 02:53:19 +0000[diff] [blame]333int vector_index(V4I v, int n) {
334 // CHECK: %[[IDX_OK:.*]] = icmp ult i64 %{{.*}}, 4
335 // CHECK: br i1 %[[IDX_OK]]
336 // CHECK: call void @__ubsan_handle_out_of_bounds(
337 return v[n];
338}
339
Alexey Samsonovc9939332014-07-17 23:53:44 +0000[diff] [blame]340// CHECK-LABEL: @_Z12string_index
Richard Smith539e4a72013-02-23 02:53:19 +0000[diff] [blame]341char string_index(int n) {
342 // CHECK: %[[IDX_OK:.*]] = icmp ult i64 %{{.*}}, 6
343 // CHECK: br i1 %[[IDX_OK]]
344 // CHECK: call void @__ubsan_handle_out_of_bounds(
345 return "Hello"[n];
346}
347
Filipe Cabecinhas178a8df2013-08-08 01:08:17 +0000[diff] [blame]348class A // align=4
349{
350 int a1, a2, a3;
351};
352
353class B // align=8
354{
355 long b1, b2;
356};
357
358class C : public A, public B // align=16
359{
360 alignas(16) int c1;
361};
362
363// Make sure we check the alignment of the pointer after subtracting any
364// offset. The pointer before subtraction doesn't need to be aligned for
365// the destination type.
366
Nick Lewycky8b4e3792013-09-11 02:03:20 +0000[diff] [blame]367// CHECK-LABEL: define void @_Z16downcast_pointerP1B(%class.B* %b)
Filipe Cabecinhas178a8df2013-08-08 01:08:17 +0000[diff] [blame]368void downcast_pointer(B *b) {
369 (void) static_cast<C*>(b);
370 // Alignment check from EmitTypeCheck(TCK_DowncastPointer, ...)
David Blaikie218b7832015-02-27 19:18:17 +0000[diff] [blame]371 // CHECK: [[SUB:%[.a-z0-9]*]] = getelementptr i8, i8* {{.*}}, i64 -16
Filipe Cabecinhas178a8df2013-08-08 01:08:17 +0000[diff] [blame]372 // CHECK-NEXT: [[C:%[0-9]*]] = bitcast i8* [[SUB]] to %class.C*
373 // null check goes here
Filipe Cabecinhasb2eb1d92013-08-08 01:24:29 +0000[diff] [blame]374 // CHECK: [[FROM_PHI:%[0-9]*]] = phi %class.C* [ [[C]], {{.*}} ], {{.*}}
Filipe Cabecinhas178a8df2013-08-08 01:08:17 +0000[diff] [blame]375 // Objectsize check goes here
376 // CHECK: [[C_INT:%[0-9]*]] = ptrtoint %class.C* [[FROM_PHI]] to i64
377 // CHECK-NEXT: [[MASKED:%[0-9]*]] = and i64 [[C_INT]], 15
378 // CHECK-NEXT: [[TEST:%[0-9]*]] = icmp eq i64 [[MASKED]], 0
379 // AND the alignment test with the objectsize test.
380 // CHECK-NEXT: [[AND:%[0-9]*]] = and i1 {{.*}}, [[TEST]]
Filipe Cabecinhasb2eb1d92013-08-08 01:24:29 +0000[diff] [blame]381 // CHECK-NEXT: br i1 [[AND]]
Filipe Cabecinhas178a8df2013-08-08 01:08:17 +0000[diff] [blame]382}
383
Hal Finkela2347ba2014-07-18 15:52:10 +0000[diff] [blame]384// CHECK-LABEL: define void @_Z18downcast_referenceR1B(%class.B* dereferenceable({{[0-9]+}}) %b)
Filipe Cabecinhas178a8df2013-08-08 01:08:17 +0000[diff] [blame]385void downcast_reference(B &b) {
386 (void) static_cast<C&>(b);
387 // Alignment check from EmitTypeCheck(TCK_DowncastReference, ...)
David Blaikie218b7832015-02-27 19:18:17 +0000[diff] [blame]388 // CHECK: [[SUB:%[.a-z0-9]*]] = getelementptr i8, i8* {{.*}}, i64 -16
Filipe Cabecinhas178a8df2013-08-08 01:08:17 +0000[diff] [blame]389 // CHECK-NEXT: [[C:%[0-9]*]] = bitcast i8* [[SUB]] to %class.C*
390 // Objectsize check goes here
391 // CHECK: [[C_INT:%[0-9]*]] = ptrtoint %class.C* [[C]] to i64
392 // CHECK-NEXT: [[MASKED:%[0-9]*]] = and i64 [[C_INT]], 15
393 // CHECK-NEXT: [[TEST:%[0-9]*]] = icmp eq i64 [[MASKED]], 0
394 // AND the alignment test with the objectsize test.
Alexey Samsonove396bfc2014-11-11 22:03:54 +0000[diff] [blame]395 // CHECK: [[AND:%[0-9]*]] = and i1 {{.*}}, [[TEST]]
Filipe Cabecinhasb2eb1d92013-08-08 01:24:29 +0000[diff] [blame]396 // CHECK-NEXT: br i1 [[AND]]
Filipe Cabecinhas178a8df2013-08-08 01:08:17 +0000[diff] [blame]397}
398
Peter Collingbourne6b46e382014-12-03 02:37:10 +0000[diff] [blame]399// CHECK-LABEL: @_Z22indirect_function_callPFviE({{.*}} prologue <{ i32, i8* }> <{ i32 1413876459, i8* bitcast ({ i8*, i8* }* @_ZTIFvPFviEE to i8*) }>
Peter Collingbourne69b004d2015-02-25 23:18:42 +0000[diff] [blame]400// CHECK-X32: @_Z22indirect_function_callPFviE({{.*}} prologue <{ i32, i8* }> <{ i32 1413875435, i8* bitcast ({ i8*, i8* }* @_ZTIFvPFviEE to i8*) }>
401// CHECK-X86: @_Z22indirect_function_callPFviE({{.*}} prologue <{ i32, i8* }> <{ i32 1413875435, i8* bitcast ({ i8*, i8* }* @_ZTIFvPFviEE to i8*) }>
Peter Collingbourneb453cd62013-10-20 21:29:19 +0000[diff] [blame]402void indirect_function_call(void (*p)(int)) {
403 // CHECK: [[PTR:%[0-9]*]] = bitcast void (i32)* {{.*}} to <{ i32, i8* }>*
404
405 // Signature check
David Blaikie218b7832015-02-27 19:18:17 +0000[diff] [blame]406 // CHECK-NEXT: [[SIGPTR:%[0-9]*]] = getelementptr <{ i32, i8* }>, <{ i32, i8* }>* [[PTR]], i32 0, i32 0
David Blaikiea953f282015-02-27 21:19:58 +0000[diff] [blame]407 // CHECK-NEXT: [[SIG:%[0-9]*]] = load i32, i32* [[SIGPTR]]
Peter Collingbourneb453cd62013-10-20 21:29:19 +0000[diff] [blame]408 // CHECK-NEXT: [[SIGCMP:%[0-9]*]] = icmp eq i32 [[SIG]], 1413876459
409 // CHECK-NEXT: br i1 [[SIGCMP]]
410
411 // RTTI pointer check
David Blaikie218b7832015-02-27 19:18:17 +0000[diff] [blame]412 // CHECK: [[RTTIPTR:%[0-9]*]] = getelementptr <{ i32, i8* }>, <{ i32, i8* }>* [[PTR]], i32 0, i32 1
David Blaikiea953f282015-02-27 21:19:58 +0000[diff] [blame]413 // CHECK-NEXT: [[RTTI:%[0-9]*]] = load i8*, i8** [[RTTIPTR]]
Peter Collingbourneb453cd62013-10-20 21:29:19 +0000[diff] [blame]414 // CHECK-NEXT: [[RTTICMP:%[0-9]*]] = icmp eq i8* [[RTTI]], bitcast ({ i8*, i8* }* @_ZTIFviE to i8*)
415 // CHECK-NEXT: br i1 [[RTTICMP]]
416 p(42);
417}
418
Alexey Samsonoveb47d8a2014-10-13 23:59:00 +0000[diff] [blame]419namespace UpcastPointerTest {
420struct S {};
421struct T : S { double d; };
422struct V : virtual S {};
423
424// CHECK-LABEL: upcast_pointer
425S* upcast_pointer(T* t) {
426 // Check for null pointer
427 // CHECK: %[[NONNULL:.*]] = icmp ne {{.*}}, null
428 // CHECK: br i1 %[[NONNULL]]
429
430 // Check alignment
431 // CHECK: %[[MISALIGN:.*]] = and i64 %{{.*}}, 7
432 // CHECK: icmp eq i64 %[[MISALIGN]], 0
433
434 // CHECK: call void @__ubsan_handle_type_mismatch
435 return t;
436}
437
438V getV();
439
440// CHECK-LABEL: upcast_to_vbase
441void upcast_to_vbase() {
442 // No need to check for null here, as we have a temporary here.
443
444 // CHECK-NOT: br i1
445
446 // CHECK: call i64 @llvm.objectsize
447 // CHECK: call void @__ubsan_handle_type_mismatch
448 // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss
449 const S& s = getV();
450}
451}
452
Nick Lewycky8b4e3792013-09-11 02:03:20 +0000[diff] [blame]453namespace CopyValueRepresentation {
454 // CHECK-LABEL: define {{.*}} @_ZN23CopyValueRepresentation2S3aSERKS0_
455 // CHECK-NOT: call {{.*}} @__ubsan_handle_load_invalid_value
456 // CHECK-LABEL: define {{.*}} @_ZN23CopyValueRepresentation2S4aSEOS0_
457 // CHECK-NOT: call {{.*}} @__ubsan_handle_load_invalid_value
Rafael Espindolae5df59f2015-01-22 00:24:57 +0000[diff] [blame]458 // CHECK-LABEL: define {{.*}} @_ZN23CopyValueRepresentation2S1C2ERKS0_
Nick Lewycky8b4e3792013-09-11 02:03:20 +0000[diff] [blame]459 // CHECK-NOT: call {{.*}} __ubsan_handle_load_invalid_value
460 // CHECK-LABEL: define {{.*}} @_ZN23CopyValueRepresentation2S2C2ERKS0_
461 // CHECK: __ubsan_handle_load_invalid_value
Rafael Espindolae5df59f2015-01-22 00:24:57 +0000[diff] [blame]462 // CHECK-LABEL: define {{.*}} @_ZN23CopyValueRepresentation2S5C2ERKS0_
Nick Lewycky8b4e3792013-09-11 02:03:20 +0000[diff] [blame]463 // CHECK-NOT: call {{.*}} __ubsan_handle_load_invalid_value
464
465 struct CustomCopy { CustomCopy(); CustomCopy(const CustomCopy&); };
466 struct S1 {
467 CustomCopy CC;
468 bool b;
469 };
470 void callee1(S1);
471 void test1() {
472 S1 s11;
473 callee1(s11);
474 S1 s12;
475 s12 = s11;
476 }
477
478 static bool some_global_bool;
479 struct ExprCopy {
480 ExprCopy();
481 ExprCopy(const ExprCopy&, bool b = some_global_bool);
482 };
483 struct S2 {
484 ExprCopy EC;
485 bool b;
486 };
487 void callee2(S2);
488 void test2(void) {
489 S2 s21;
490 callee2(s21);
491 S2 s22;
492 s22 = s21;
493 }
494
495 struct CustomAssign { CustomAssign &operator=(const CustomAssign&); };
496 struct S3 {
497 CustomAssign CA;
498 bool b;
499 };
500 void test3() {
501 S3 x, y;
502 x = y;
503 }
504
505 struct CustomMove {
506 CustomMove();
507 CustomMove(const CustomMove&&);
508 CustomMove &operator=(const CustomMove&&);
509 };
510 struct S4 {
511 CustomMove CM;
512 bool b;
513 };
514 void test4() {
515 S4 x, y;
516 x = static_cast<S4&&>(y);
517 }
518
519 struct EnumCustomCopy {
520 EnumCustomCopy();
521 EnumCustomCopy(const EnumCustomCopy&);
522 };
523 struct S5 {
524 EnumCustomCopy ECC;
525 bool b;
526 };
527 void callee5(S5);
528 void test5() {
529 S5 s51;
530 callee5(s51);
531 S5 s52;
532 s52 = s51;
533 }
534}
535
Bill Wendlinge1c4a1b2013-02-22 09:10:20 +0000[diff] [blame]536// CHECK: attributes [[NR_NUW]] = { noreturn nounwind }