llvm-project/llvm/test/Instrumentation/SanitizerCoverage/gep-tracing.ll

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

42 lines
1.4 KiB
LLVM
Raw Normal View History

; Test -sanitizer-coverage-trace-geps=1
; RUN: opt < %s -sancov -sanitizer-coverage-level=1 -sanitizer-coverage-trace-geps=1 -S | FileCheck %s
[NewPM][Sancov] Make Sancov a Module Pass instead of 2 Passes This patch merges the sancov module and funciton passes into one module pass. The reason for this is because we ran into an out of memory error when attempting to run asan fuzzer on some protobufs (pc.cc files). I traced the OOM error to the destructor of SanitizerCoverage where we only call appendTo[Compiler]Used which calls appendToUsedList. I'm not sure where precisely in appendToUsedList causes the OOM, but I am able to confirm that it's calling this function *repeatedly* that causes the OOM. (I hacked sancov a bit such that I can still create and destroy a new sancov on every function run, but only call appendToUsedList after all functions in the module have finished. This passes, but when I make it such that appendToUsedList is called on every sancov destruction, we hit OOM.) I don't think the OOM is from just adding to the SmallSet and SmallVector inside appendToUsedList since in either case for a given module, they'll have the same max size. I suspect that when the existing llvm.compiler.used global is erased, the memory behind it isn't freed. I could be wrong on this though. This patch works around the OOM issue by just calling appendToUsedList at the end of every module run instead of function run. The same amount of constants still get added to llvm.compiler.used, abd we make the pass usage and logic simpler by not having any inter-pass dependencies. Differential Revision: https://reviews.llvm.org/D66988 llvm-svn: 370971
2019-09-05 04:30:29 +08:00
; RUN: opt < %s -passes='module(sancov-module)' -sanitizer-coverage-level=1 -sanitizer-coverage-trace-geps=1 -S | FileCheck %s
target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"
target triple = "x86_64-unknown-linux-gnu"
define void @gep_1(i32* nocapture %a, i32 %i) {
entry:
%idxprom = sext i32 %i to i64
%arrayidx = getelementptr inbounds i32, i32* %a, i64 %idxprom
store i32 0, i32* %arrayidx, align 4
ret void
}
; CHECK-LABEL: define void @gep_1(i32* nocapture %a, i32 %i)
; CHECK: call void @__sanitizer_cov_trace_gep(i64 %idxprom)
; CHECK: ret void
define void @gep_2([1000 x i32]* nocapture %a, i32 %i, i32 %j) {
entry:
%idxprom = sext i32 %j to i64
%idxprom1 = sext i32 %i to i64
%arrayidx2 = getelementptr inbounds [1000 x i32], [1000 x i32]* %a, i64 %idxprom1, i64 %idxprom
store i32 0, i32* %arrayidx2, align 4
ret void
}
; CHECK-LABEL: define void @gep_2([1000 x i32]* nocapture %a, i32 %i, i32 %j)
; CHECK: call void @__sanitizer_cov_trace_gep(i64 %idxprom1)
; CHECK: call void @__sanitizer_cov_trace_gep(i64 %idxprom)
; CHECK: ret void
; Just make sure we don't insturment this one and don't crash
define void @gep_3(<2 x i8*> %a, i32 %i, i32 %j) {
entry:
%0 = getelementptr i8, <2 x i8*> %a, <2 x i64> <i64 8, i64 8>
ret void
}