maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

[MSAN] Instrument freeze instruction by clearing shadow 

Freeze always returns a defined value. This also prevents msan from
checking the input shadow, which happened because freeze wasn't
explicitly visited.

Differential Revision: https://reviews.llvm.org/D85040
This commit is contained in:
Gui Andrade 2020-07-31 18:53:15 +00:00
parent ee1c12708a
commit 3ebd1ba64f
2 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp
View File

@ -4068,6 +4068,12 @@ struct MemorySanitizerVisitor : public InstVisitor<MemorySanitizerVisitor> {
setOrigin(&I, getCleanOrigin());
}
void visitFreezeInst(FreezeInst &I) {
// Freeze always returns a fully defined value.
setShadow(&I, getCleanShadow(&I));
setOrigin(&I, getCleanOrigin());
}
void visitInstruction(Instruction &I) {
// Everything else: stop propagating and check for poisoned shadow.
if (ClDumpStrictInstructions)

23
llvm/test/Instrumentation/MemorySanitizer/freeze.ll Normal file
View File

@ -0,0 +1,23 @@
; RUN: opt < %s -msan-check-access-address=0 -S -passes=msan 2>&1 | FileCheck %s
; RUN: opt < %s -msan-check-access-address=0 -msan-track-origins=2 -S -passes=msan 2>&1 | FileCheck %s -check-prefixes=CHECK,CHECK-ORIGIN
; RUN: opt < %s -msan -msan-check-access-address=0 -S | FileCheck %s
target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128"
target triple = "x86_64-unknown-linux-gnu"
define i32 @nofreeze(i32* %ptr) sanitize_memory {
; CHECK-LABEL: @nofreeze
%val = load i32, i32* %ptr
; CHECK: [[SHADOW_PTR:%.*]] = inttoptr
; CHECK: [[SHADOW:%.*]] = load i32, i32* [[SHADOW_PTR]]
; CHECK: store i32 [[SHADOW]], {{.*}} @__msan_retval_tls
ret i32 %val
}
define i32 @freeze_inst(i32* %ptr) sanitize_memory {
; CHECK-LABEL: @freeze_inst
%val = load i32, i32* %ptr
%freeze_val = freeze i32 %val
; CHECK-NOT: __msan_warning
; CHECK: store i32 0, {{.*}} @__msan_retval_tls
ret i32 %freeze_val
}