[PATCH] D68236: Handle llvm.launder.invariant.group in msan.
Ilya Tokar via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Sep 30 11:54:02 PDT 2019
TokarIP created this revision.
TokarIP added a reviewer: Sanitizers.
Herald added subscribers: llvm-commits, hiraditya, Prazek.
Herald added a project: LLVM.
TokarIP edited the summary of this revision.
[MSan] handle llvm.launder.invariant.group
Msan used to give false-positives in
class Foo {
public:
virtual ~Foo() {};
};
// Return true iff *x is set.
bool f1(void **x, bool flag);
Foo* f() {
void *p;
bool found;
found = f1(&p,flag);
if (found) {
// p is always set here.
return static_cast<Foo*>(p); // False positive here.
}
return nullptr;
}
https://reviews.llvm.org/D68236
Files:
llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp
llvm/test/Instrumentation/MemorySanitizer/msan_llvm_launder_invariant.ll
Index: llvm/test/Instrumentation/MemorySanitizer/msan_llvm_launder_invariant.ll
===================================================================
--- /dev/null
+++ llvm/test/Instrumentation/MemorySanitizer/msan_llvm_launder_invariant.ll
@@ -0,0 +1,38 @@
+; Make sure MSan handles llvm.launder.invariant.group correctly.
+
+; RUN: opt < %s -msan -msan-kernel=1 -O1 -S | FileCheck -check-prefixes=CHECK %s
+; RUN: opt < %s -msan -O1 -S | FileCheck -check-prefixes=CHECK %s
+
+target datalayout = "e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128"
+target triple = "x86_64-unknown-linux-gnu"
+
+%class.Foo = type { i32 (...)** }
+ at flag = dso_local local_unnamed_addr global i8 0, align 1
+
+define dso_local %class.Foo* @_Z1fv() local_unnamed_addr #0 {
+entry:
+ %p = alloca i8*, align 8
+ %0 = bitcast i8** %p to i8*
+ call void @llvm.lifetime.start.p0i8(i64 8, i8* nonnull %0)
+ %1 = load i8, i8* @flag, align 1
+ %tobool = icmp ne i8 %1, 0
+ %call = call zeroext i1 @_Z2f1PPvb(i8** nonnull %p, i1 zeroext %tobool)
+ %2 = load i8*, i8** %p, align 8
+ %3 = call i8* @llvm.launder.invariant.group.p0i8(i8* %2)
+ %4 = bitcast i8* %3 to %class.Foo*
+ %retval.0 = select i1 %call, %class.Foo* %4, %class.Foo* null
+ call void @llvm.lifetime.end.p0i8(i64 8, i8* nonnull %0)
+ ret %class.Foo* %retval.0
+}
+
+; CHECK-NOT: call void @__msan_warning_noreturn
+
+declare dso_local zeroext i1 @_Z2f1PPvb(i8**, i1 zeroext) local_unnamed_addr
+
+declare i8* @llvm.launder.invariant.group.p0i8(i8*)
+
+declare void @llvm.lifetime.start.p0i8(i64 immarg, i8* nocapture)
+
+declare void @llvm.lifetime.end.p0i8(i64 immarg, i8* nocapture)
+
+attributes #0 = { sanitize_memory uwtable }
Index: llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp
===================================================================
--- llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp
+++ llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp
@@ -2562,6 +2562,12 @@
return false;
}
+ void handleLaunderInvariantGroup(IntrinsicInst &I) {
+ IRBuilder<> IRB(&I);
+ setShadow(&I, IRB.CreateBitCast(getShadow(&I, 0), getShadowTy(&I)));
+ setOrigin(&I, getOrigin(&I, 0));
+ }
+
void handleLifetimeStart(IntrinsicInst &I) {
if (!PoisonStack)
return;
@@ -2993,6 +2999,9 @@
case Intrinsic::lifetime_start:
handleLifetimeStart(I);
break;
+ case Intrinsic::launder_invariant_group:
+ handleLaunderInvariantGroup(I);
+ break;
case Intrinsic::bswap:
handleBswap(I);
break;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D68236.222469.patch
Type: text/x-patch
Size: 2558 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20190930/e644ef56/attachment.bin>
More information about the llvm-commits
mailing list