llvm.org GIT mirror llvm / 5e81213
[msan] Implement sanitize_memory attribute. Shadow checks are disabled and memory loads always produce fully initialized values in functions that don't have a sanitize_memory attribute. Value and argument shadow is propagated as usual. This change also updates blacklist behaviour to match the above. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@176247 91177308-0d34-0410-b5e6-96231b3b80d8 Evgeniy Stepanov 6 years ago
2 changed file(s) with 100 addition(s) and 49 deletion(s). Raw diff Collapse all Expand all
417417 SmallVector ShadowPHINodes, OriginPHINodes;
418418 ValueMap ShadowMap, OriginMap;
419419 bool InsertChecks;
420 bool LoadShadow;
420421 OwningPtr VAHelper;
421422
422423 struct ShadowOriginAndInsertPoint {
431432 SmallVector StoreList;
432433
433434 MemorySanitizerVisitor(Function &F, MemorySanitizer &MS)
434 : F(F), MS(MS), VAHelper(CreateVarArgHelper(F, MS, *this)) {
435 InsertChecks = !MS.BL->isIn(F);
435 : F(F), MS(MS), VAHelper(CreateVarArgHelper(F, MS, *this)) {
436 LoadShadow = InsertChecks =
437 !MS.BL->isIn(F) &&
438 F.getAttributes().hasAttribute(AttributeSet::FunctionIndex,
439 Attribute::SanitizeMemory);
440
436441 DEBUG(if (!InsertChecks)
437 dbgs() << "MemorySanitizer is not inserting checks into '"
438 << F.getName() << "'\n");
442 dbgs() << "MemorySanitizer is not inserting checks into '"
443 << F.getName() << "'\n");
439444 }
440445
441446 void materializeStores() {
830835 IRBuilder<> IRB(&I);
831836 Type *ShadowTy = getShadowTy(&I);
832837 Value *Addr = I.getPointerOperand();
833 Value *ShadowPtr = getShadowPtr(Addr, ShadowTy, IRB);
834 setShadow(&I, IRB.CreateAlignedLoad(ShadowPtr, I.getAlignment(), "_msld"));
838 if (LoadShadow) {
839 Value *ShadowPtr = getShadowPtr(Addr, ShadowTy, IRB);
840 setShadow(&I,
841 IRB.CreateAlignedLoad(ShadowPtr, I.getAlignment(), "_msld"));
842 } else {
843 setShadow(&I, getCleanShadow(&I));
844 }
835845
836846 if (ClCheckAccessAddress)
837847 insertCheck(I.getPointerOperand(), &I);
838848
839849 if (MS.TrackOrigins) {
840 unsigned Alignment = std::max(kMinOriginAlignment, I.getAlignment());
841 setOrigin(&I, IRB.CreateAlignedLoad(getOriginPtr(Addr, IRB), Alignment));
850 if (LoadShadow) {
851 unsigned Alignment = std::max(kMinOriginAlignment, I.getAlignment());
852 setOrigin(&I,
853 IRB.CreateAlignedLoad(getOriginPtr(Addr, IRB), Alignment));
854 } else {
855 setOrigin(&I, getCleanOrigin());
856 }
842857 }
843858 }
844859
14041419 Value *Addr = I.getArgOperand(0);
14051420
14061421 Type *ShadowTy = getShadowTy(&I);
1407 Value *ShadowPtr = getShadowPtr(Addr, ShadowTy, IRB);
1408 // We don't know the pointer alignment (could be unaligned SSE load!).
1409 // Have to assume to worst case.
1410 setShadow(&I, IRB.CreateAlignedLoad(ShadowPtr, 1, "_msld"));
1422 if (LoadShadow) {
1423 Value *ShadowPtr = getShadowPtr(Addr, ShadowTy, IRB);
1424 // We don't know the pointer alignment (could be unaligned SSE load!).
1425 // Have to assume to worst case.
1426 setShadow(&I, IRB.CreateAlignedLoad(ShadowPtr, 1, "_msld"));
1427 } else {
1428 setShadow(&I, getCleanShadow(&I));
1429 }
1430
14111431
14121432 if (ClCheckAccessAddress)
14131433 insertCheck(Addr, &I);
14141434
1415 if (MS.TrackOrigins)
1416 setOrigin(&I, IRB.CreateLoad(getOriginPtr(Addr, IRB)));
1435 if (MS.TrackOrigins) {
1436 if (LoadShadow)
1437 setOrigin(&I, IRB.CreateLoad(getOriginPtr(Addr, IRB)));
1438 else
1439 setOrigin(&I, getCleanOrigin());
1440 }
14171441 return true;
14181442 }
14191443
1010
1111 ; Check instrumentation of stores
1212
13 define void @Store(i32* nocapture %p, i32 %x) nounwind uwtable {
13 define void @Store(i32* nocapture %p, i32 %x) nounwind uwtable sanitize_memory {
1414 entry:
1515 store i32 %x, i32* %p, align 4
1616 ret void
3838 ; Shadow store has the same alignment as the original store; origin store
3939 ; does not specify explicit alignment.
4040
41 define void @AlignedStore(i32* nocapture %p, i32 %x) nounwind uwtable {
41 define void @AlignedStore(i32* nocapture %p, i32 %x) nounwind uwtable sanitize_memory {
4242 entry:
4343 store i32 %x, i32* %p, align 32
4444 ret void
6363
6464
6565 ; load followed by cmp: check that we load the shadow and call __msan_warning.
66 define void @LoadAndCmp(i32* nocapture %a) nounwind uwtable {
66 define void @LoadAndCmp(i32* nocapture %a) nounwind uwtable sanitize_memory {
6767 entry:
6868 %0 = load i32* %a, align 4
6969 %tobool = icmp eq i32 %0, 0
8888 ; CHECK: ret void
8989
9090 ; Check that we store the shadow for the retval.
91 define i32 @ReturnInt() nounwind uwtable readnone {
91 define i32 @ReturnInt() nounwind uwtable readnone sanitize_memory {
9292 entry:
9393 ret i32 123
9494 }
9898 ; CHECK: ret i32
9999
100100 ; Check that we get the shadow for the retval.
101 define void @CopyRetVal(i32* nocapture %a) nounwind uwtable {
101 define void @CopyRetVal(i32* nocapture %a) nounwind uwtable sanitize_memory {
102102 entry:
103103 %call = tail call i32 @ReturnInt() nounwind
104104 store i32 %call, i32* %a, align 4
113113
114114
115115 ; Check that we generate PHIs for shadow.
116 define void @FuncWithPhi(i32* nocapture %a, i32* %b, i32* nocapture %c) nounwind uwtable {
116 define void @FuncWithPhi(i32* nocapture %a, i32* %b, i32* nocapture %c) nounwind uwtable sanitize_memory {
117117 entry:
118118 %tobool = icmp eq i32* %b, null
119119 br i1 %tobool, label %if.else, label %if.then
140140 ; CHECK: ret void
141141
142142 ; Compute shadow for "x << 10"
143 define void @ShlConst(i32* nocapture %x) nounwind uwtable {
143 define void @ShlConst(i32* nocapture %x) nounwind uwtable sanitize_memory {
144144 entry:
145145 %0 = load i32* %x, align 4
146146 %1 = shl i32 %0, 10
158158 ; CHECK: ret void
159159
160160 ; Compute shadow for "10 << x": it should have 'sext i1'.
161 define void @ShlNonConst(i32* nocapture %x) nounwind uwtable {
161 define void @ShlNonConst(i32* nocapture %x) nounwind uwtable sanitize_memory {
162162 entry:
163163 %0 = load i32* %x, align 4
164164 %1 = shl i32 10, %0
175175 ; CHECK: ret void
176176
177177 ; SExt
178 define void @SExt(i32* nocapture %a, i16* nocapture %b) nounwind uwtable {
178 define void @SExt(i32* nocapture %a, i16* nocapture %b) nounwind uwtable sanitize_memory {
179179 entry:
180180 %0 = load i16* %b, align 2
181181 %1 = sext i16 %0 to i32
194194
195195
196196 ; memset
197 define void @MemSet(i8* nocapture %x) nounwind uwtable {
197 define void @MemSet(i8* nocapture %x) nounwind uwtable sanitize_memory {
198198 entry:
199199 call void @llvm.memset.p0i8.i64(i8* %x, i8 42, i64 10, i32 1, i1 false)
200200 ret void
208208
209209
210210 ; memcpy
211 define void @MemCpy(i8* nocapture %x, i8* nocapture %y) nounwind uwtable {
211 define void @MemCpy(i8* nocapture %x, i8* nocapture %y) nounwind uwtable sanitize_memory {
212212 entry:
213213 call void @llvm.memcpy.p0i8.p0i8.i64(i8* %x, i8* %y, i64 10, i32 1, i1 false)
214214 ret void
222222
223223
224224 ; memmove is lowered to a call
225 define void @MemMove(i8* nocapture %x, i8* nocapture %y) nounwind uwtable {
225 define void @MemMove(i8* nocapture %x, i8* nocapture %y) nounwind uwtable sanitize_memory {
226226 entry:
227227 call void @llvm.memmove.p0i8.p0i8.i64(i8* %x, i8* %y, i64 10, i32 1, i1 false)
228228 ret void
237237
238238 ; Check that we propagate shadow for "select"
239239
240 define i32 @Select(i32 %a, i32 %b, i32 %c) nounwind uwtable readnone {
240 define i32 @Select(i32 %a, i32 %b, i32 %c) nounwind uwtable readnone sanitize_memory {
241241 entry:
242242 %tobool = icmp ne i32 %c, 0
243243 %cond = select i1 %tobool, i32 %a, i32 %b
254254 ; Select condition is flattened to i1, which is then used to select one of the
255255 ; argument origins.
256256
257 define <8 x i16> @SelectVector(<8 x i16> %a, <8 x i16> %b, <8 x i1> %c) nounwind uwtable readnone {
257 define <8 x i16> @SelectVector(<8 x i16> %a, <8 x i16> %b, <8 x i1> %c) nounwind uwtable readnone sanitize_memory {
258258 entry:
259259 %cond = select <8 x i1> %c, <8 x i16> %a, <8 x i16> %b
260260 ret <8 x i16> %cond
267267 ; CHECK-ORIGINS: ret <8 x i16>
268268
269269
270 define i8* @IntToPtr(i64 %x) nounwind uwtable readnone {
270 define i8* @IntToPtr(i64 %x) nounwind uwtable readnone sanitize_memory {
271271 entry:
272272 %0 = inttoptr i64 %x to i8*
273273 ret i8* %0
280280 ; CHECK: ret i8
281281
282282
283 define i8* @IntToPtr_ZExt(i16 %x) nounwind uwtable readnone {
283 define i8* @IntToPtr_ZExt(i16 %x) nounwind uwtable readnone sanitize_memory {
284284 entry:
285285 %0 = inttoptr i16 %x to i8*
286286 ret i8* %0
295295 ; Check that we insert exactly one check on udiv
296296 ; (2nd arg shadow is checked, 1st arg shadow is propagated)
297297
298 define i32 @Div(i32 %a, i32 %b) nounwind uwtable readnone {
298 define i32 @Div(i32 %a, i32 %b) nounwind uwtable readnone sanitize_memory {
299299 entry:
300300 %div = udiv i32 %a, %b
301301 ret i32 %div
312312
313313 ; Check that we propagate shadow for x<0, x>=0, etc (i.e. sign bit tests)
314314
315 define zeroext i1 @ICmpSLT(i32 %x) nounwind uwtable readnone {
315 define zeroext i1 @ICmpSLT(i32 %x) nounwind uwtable readnone sanitize_memory {
316316 %1 = icmp slt i32 %x, 0
317317 ret i1 %1
318318 }
324324 ; CHECK-NOT: call void @__msan_warning
325325 ; CHECK: ret i1
326326
327 define zeroext i1 @ICmpSGE(i32 %x) nounwind uwtable readnone {
327 define zeroext i1 @ICmpSGE(i32 %x) nounwind uwtable readnone sanitize_memory {
328328 %1 = icmp sge i32 %x, 0
329329 ret i1 %1
330330 }
336336 ; CHECK-NOT: call void @__msan_warning
337337 ; CHECK: ret i1
338338
339 define zeroext i1 @ICmpSGT(i32 %x) nounwind uwtable readnone {
339 define zeroext i1 @ICmpSGT(i32 %x) nounwind uwtable readnone sanitize_memory {
340340 %1 = icmp sgt i32 0, %x
341341 ret i1 %1
342342 }
348348 ; CHECK-NOT: call void @__msan_warning
349349 ; CHECK: ret i1
350350
351 define zeroext i1 @ICmpSLE(i32 %x) nounwind uwtable readnone {
351 define zeroext i1 @ICmpSLE(i32 %x) nounwind uwtable readnone sanitize_memory {
352352 %1 = icmp sle i32 0, %x
353353 ret i1 %1
354354 }
364364 ; Check that we propagate shadow for x<0, x>=0, etc (i.e. sign bit tests)
365365 ; of the vector arguments.
366366
367 define <2 x i1> @ICmpSLT_vector(<2 x i32*> %x) nounwind uwtable readnone {
367 define <2 x i1> @ICmpSLT_vector(<2 x i32*> %x) nounwind uwtable readnone sanitize_memory {
368368 %1 = icmp slt <2 x i32*> %x, zeroinitializer
369369 ret <2 x i1> %1
370370 }
380380 ; Check that we propagate shadow for unsigned relational comparisons with
381381 ; constants
382382
383 define zeroext i1 @ICmpUGTConst(i32 %x) nounwind uwtable readnone {
383 define zeroext i1 @ICmpUGTConst(i32 %x) nounwind uwtable readnone sanitize_memory {
384384 entry:
385385 %cmp = icmp ugt i32 %x, 7
386386 ret i1 %cmp
399399 ; Check that loads of shadow have the same aligment as the original loads.
400400 ; Check that loads of origin have the aligment of max(4, original alignment).
401401
402 define i32 @ShadowLoadAlignmentLarge() nounwind uwtable {
402 define i32 @ShadowLoadAlignmentLarge() nounwind uwtable sanitize_memory {
403403 %y = alloca i32, align 64
404404 %1 = load volatile i32* %y, align 64
405405 ret i32 %1
410410 ; CHECK: load volatile i32* {{.*}} align 64
411411 ; CHECK: ret i32
412412
413 define i32 @ShadowLoadAlignmentSmall() nounwind uwtable {
413 define i32 @ShadowLoadAlignmentSmall() nounwind uwtable sanitize_memory {
414414 %y = alloca i32, align 2
415415 %1 = load volatile i32* %y, align 2
416416 ret i32 %1
432432 ; Check that the same bit manipulation is applied to the shadow values.
433433 ; Check that there is a zero test of the shadow of %idx argument, where present.
434434
435 define i32 @ExtractElement(<4 x i32> %vec, i32 %idx) {
435 define i32 @ExtractElement(<4 x i32> %vec, i32 %idx) sanitize_memory {
436436 %x = extractelement <4 x i32> %vec, i32 %idx
437437 ret i32 %x
438438 }
443443 ; CHECK: extractelement
444444 ; CHECK: ret i32
445445
446 define <4 x i32> @InsertElement(<4 x i32> %vec, i32 %idx, i32 %x) {
446 define <4 x i32> @InsertElement(<4 x i32> %vec, i32 %idx, i32 %x) sanitize_memory {
447447 %vec1 = insertelement <4 x i32> %vec, i32 %x, i32 %idx
448448 ret <4 x i32> %vec1
449449 }
454454 ; CHECK: insertelement
455455 ; CHECK: ret <4 x i32>
456456
457 define <4 x i32> @ShuffleVector(<4 x i32> %vec, <4 x i32> %vec1) {
457 define <4 x i32> @ShuffleVector(<4 x i32> %vec, <4 x i32> %vec1) sanitize_memory {
458458 %vec2 = shufflevector <4 x i32> %vec, <4 x i32> %vec1,
459459 <4 x i32>
460460 ret <4 x i32> %vec2
468468
469469
470470 ; Test bswap intrinsic instrumentation
471 define i32 @BSwap(i32 %x) nounwind uwtable readnone {
471 define i32 @BSwap(i32 %x) nounwind uwtable readnone sanitize_memory {
472472 %y = tail call i32 @llvm.bswap.i32(i32 %x)
473473 ret i32 %y
474474 }
486486
487487 ; Store intrinsic.
488488
489 define void @StoreIntrinsic(i8* %p, <4 x float> %x) nounwind uwtable {
489 define void @StoreIntrinsic(i8* %p, <4 x float> %x) nounwind uwtable sanitize_memory {
490490 call void @llvm.x86.sse.storeu.ps(i8* %p, <4 x float> %x)
491491 ret void
492492 }
503503
504504 ; Load intrinsic.
505505
506 define <16 x i8> @LoadIntrinsic(i8* %p) nounwind uwtable {
506 define <16 x i8> @LoadIntrinsic(i8* %p) nounwind uwtable sanitize_memory {
507507 %call = call <16 x i8> @llvm.x86.sse3.ldu.dq(i8* %p)
508508 ret <16 x i8> %call
509509 }
529529 ; Check that shadow is OR'ed, and origin is Select'ed
530530 ; And no shadow checks!
531531
532 define <8 x i16> @Paddsw128(<8 x i16> %a, <8 x i16> %b) nounwind uwtable {
532 define <8 x i16> @Paddsw128(<8 x i16> %a, <8 x i16> %b) nounwind uwtable sanitize_memory {
533533 %call = call <8 x i16> @llvm.x86.sse2.padds.w(<8 x i16> %a, <8 x i16> %b)
534534 ret <8 x i16> %call
535535 }
558558 ; Test handling of vectors of pointers.
559559 ; Check that shadow of such vector is a vector of integers.
560560
561 define <8 x i8*> @VectorOfPointers(<8 x i8*>* %p) nounwind uwtable {
561 define <8 x i8*> @VectorOfPointers(<8 x i8*>* %p) nounwind uwtable sanitize_memory {
562562 %x = load <8 x i8*>* %p
563563 ret <8 x i8*> %x
564564 }
573573
574574 declare void @llvm.va_copy(i8*, i8*) nounwind
575575
576 define void @VACopy(i8* %p1, i8* %p2) nounwind uwtable {
576 define void @VACopy(i8* %p1, i8* %p2) nounwind uwtable sanitize_memory {
577577 call void @llvm.va_copy(i8* %p1, i8* %p2) nounwind
578578 ret void
579579 }
586586 ; Test handling of volatile stores.
587587 ; Check that MemorySanitizer does not add a check of the value being stored.
588588
589 define void @VolatileStore(i32* nocapture %p, i32 %x) nounwind uwtable {
589 define void @VolatileStore(i32* nocapture %p, i32 %x) nounwind uwtable sanitize_memory {
590590 entry:
591591 store volatile i32 %x, i32* %p, align 4
592592 ret void
595595 ; CHECK: @VolatileStore
596596 ; CHECK-NOT: @__msan_warning
597597 ; CHECK: ret void
598
599
600 ; Test that checks are omitted but shadow propagation is kept if
601 ; sanitize_memory attribute is missing.
602
603 define i32 @NoSanitizeMemory(i32 %x) uwtable {
604 entry:
605 %tobool = icmp eq i32 %x, 0
606 br i1 %tobool, label %if.end, label %if.then
607
608 if.then: ; preds = %entry
609 tail call void @bar()
610 br label %if.end
611
612 if.end: ; preds = %entry, %if.then
613 ret i32 %x
614 }
615
616 declare void @bar()
617
618 ; CHECK: @NoSanitizeMemory
619 ; CHECK-NOT: @__msan_warning
620 ; CHECK: load i32* {{.*}} @__msan_param_tls
621 ; CHECK-NOT: @__msan_warning
622 ; CHECK: store {{.*}} @__msan_retval_tls
623 ; CHECK-NOT: @__msan_warning
624 ; CHECK: ret i32