From e25b385a34be602f567ff14e1c322cb015706317 Mon Sep 17 00:00:00 2001 From: Adhemerval Zanella Date: Mon, 11 Jan 2016 19:55:27 +0000 Subject: [PATCH] [sanitizer] [msan] Fix origin store of array types This patch fixes the memory sanitizer origin store instrumentation for array types. This can be triggered by cases where frontend lowers function return to array type instead of aggregation. For instance, the C code: -- struct mypair { int64_t x; int y; }; mypair my_make_pair(int64_t x, int y) { mypair p; p.x = x; p.y = y; return p; } int foo (int p) { mypair z = my_make_pair(p, 0); return z.y + z.x; } -- It will be lowered with target set to aarch64-linux and -O0 to: -- [...] define i32 @_Z3fooi(i32 %p) #0 { [...] %call = call [2 x i64] @_Z12my_make_pairxi(i64 %conv, i32 0) %1 = bitcast %struct.mypair* %z to [2 x i64]* store [2 x i64] %call, [2 x i64]* %1, align 8 [...] -- The origin store will emit a 'icmp' to test each store value again the TLS origin array. However since 'icmp' does not support ArrayType the memory instrumentation phase will bail out with an error. This patch change it by using the same strategy used for struct type on array. It fixes the 'test/msan/insertvalue_origin.cc' for aarch64 (the -O0 case). git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257375 91177308-0d34-0410-b5e6-96231b3b80d8 --- .../Instrumentation/MemorySanitizer.cpp | 2 +- .../MemorySanitizer/origin-array.ll | 23 +++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 test/Instrumentation/MemorySanitizer/origin-array.ll diff --git a/lib/Transforms/Instrumentation/MemorySanitizer.cpp b/lib/Transforms/Instrumentation/MemorySanitizer.cpp index 5a7bce5a541..34aaa7f27d6 100644 --- a/lib/Transforms/Instrumentation/MemorySanitizer.cpp +++ b/lib/Transforms/Instrumentation/MemorySanitizer.cpp @@ -692,7 +692,7 @@ struct MemorySanitizerVisitor : public InstVisitor { const DataLayout &DL = F.getParent()->getDataLayout(); unsigned OriginAlignment = std::max(kMinOriginAlignment, Alignment); unsigned StoreSize = DL.getTypeStoreSize(Shadow->getType()); - if (isa(Shadow->getType())) { + if (Shadow->getType()->isAggregateType()) { paintOrigin(IRB, updateOrigin(Origin, IRB), getOriginPtr(Addr, IRB, Alignment), StoreSize, OriginAlignment); diff --git a/test/Instrumentation/MemorySanitizer/origin-array.ll b/test/Instrumentation/MemorySanitizer/origin-array.ll new file mode 100644 index 00000000000..d9936ff8e78 --- /dev/null +++ b/test/Instrumentation/MemorySanitizer/origin-array.ll @@ -0,0 +1,23 @@ +; RUN: opt < %s -msan -msan-check-access-address=0 -msan-track-origins=2 -S | FileCheck %s + +target datalayout = "e-m:e-i64:64-i128:128-n32:64-S128" +target triple = "aarch64-unknown-linux-gnu" + +; Check origin handling of array types. + +define void @foo([2 x i64] %v, [2 x i64]* %p) sanitize_memory { +entry: + store [2 x i64] %v, [2 x i64]* %p, align 8 + ret void +} + +; CHECK-LABEL: @foo +; CHECK: [[PARAM:%[01-9a-z]+]] = load {{.*}} @__msan_param_tls +; CHECK: [[ORIGIN:%[01-9a-z]+]] = load {{.*}} @__msan_param_origin_tls + +; CHECK: [[TMP1:%[01-9a-z]+]] = ptrtoint +; CHECK: [[TMP2:%[01-9a-z]+]] = xor i64 [[TMP1]] +; CHECK: [[TMP3:%[01-9a-z]+]] = inttoptr i64 [[TMP2]] to [2 x i64]* +; CHECK: store [2 x i64] [[PARAM]], [2 x i64]* [[TMP3]] + +; CHECK: {{.*}} call i32 @__msan_chain_origin(i32 {{.*}}[[ORIGIN]]) -- 2.34.1