[PATCH] D52272: [InstCombine] Disable strcmp->memcmp transform for MSan.

Matt Morehouse via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Wed Sep 19 12:00:09 PDT 2018 

morehouse created this revision.
morehouse added reviewers: eugenis, xbolva00.
Herald added a subscriber: hiraditya.

The strcmp->memcmp transform can make the resulting memcmp read
uninitialized data, which MSan doesn't like.

Resolves https://github.com/google/sanitizers/issues/993.


https://reviews.llvm.org/D52272

Files:
  llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
  llvm/test/Transforms/InstCombine/strcmp-memcmp.ll


Index: llvm/test/Transforms/InstCombine/strcmp-memcmp.ll
===================================================================
--- llvm/test/Transforms/InstCombine/strcmp-memcmp.ll
+++ llvm/test/Transforms/InstCombine/strcmp-memcmp.ll
@@ -542,4 +542,19 @@
   ret i32 0
 }
 
+define i32 @strcmp_memcmp_msan([12 x i8]* dereferenceable (12) %buf) sanitize_memory {
+; CHECK-LABEL: @strcmp_memcmp_msan(
+; CHECK-NEXT:    [[STRING:%.*]] = getelementptr inbounds [12 x i8], [12 x i8]* [[BUF:%.*]], i64 0, i64 0
+; CHECK-NEXT:    [[CALL:%.*]] = call i32 @strcmp(i8* nonnull [[STRING]], i8* getelementptr inbounds ([4 x i8], [4 x i8]* @key, i64 0, i64 0))
+; CHECK-NEXT:    [[CMP:%.*]] = icmp eq i32 [[CALL]], 0
+; CHECK-NEXT:    [[CONV:%.*]] = zext i1 [[CMP]] to i32
+; CHECK-NEXT:    ret i32 [[CONV]]
+;
+  %string = getelementptr inbounds [12 x i8], [12 x i8]* %buf, i64 0, i64 0
+  %call = call i32 @strcmp(i8* nonnull %string, i8* getelementptr inbounds ([4 x i8], [4 x i8]* @key, i64 0, i64 0))
+  %cmp = icmp eq i32 %call, 0
+  %conv = zext i1 %cmp to i32
+  ret i32 %conv
+}
+
 declare i32 @memcmp(i8* nocapture, i8* nocapture, i64)
Index: llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
===================================================================
--- llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
+++ llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
@@ -171,7 +171,10 @@
 
   if (!isDereferenceableAndAlignedPointer(Str, 1, APInt(64, Len), DL))
     return false;
-    
+
+  if (CI->getFunction()->hasFnAttribute(Attribute::SanitizeMemory))
+    return false;
+
   return true;
 }
 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D52272.166163.patch
Type: text/x-patch
Size: 1588 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20180919/256fc527/attachment.bin>

More information about the llvm-commits mailing list