[msan] Fix origin propagation for select of floats.

author Evgeniy Stepanov <eugeni.stepanov@gmail.com>

Fri, 28 Nov 2014 11:17:58 +0000 (11:17 +0000)

committer Evgeniy Stepanov <eugeni.stepanov@gmail.com>

Fri, 28 Nov 2014 11:17:58 +0000 (11:17 +0000)
author Evgeniy Stepanov <eugeni.stepanov@gmail.com>
Fri, 28 Nov 2014 11:17:58 +0000 (11:17 +0000)
committer Evgeniy Stepanov <eugeni.stepanov@gmail.com>
Fri, 28 Nov 2014 11:17:58 +0000 (11:17 +0000)
diff --git a/compiler-rt/test/msan/select_float_origin.cc b/compiler-rt/test/msan/select_float_origin.cc

new file mode 100644 (file)

index 0000000..ca8f3a8
--- /dev/null
+++ b/compiler-rt/test/msan/select_float_origin.cc
@@ -0,0 +1,24 @@
+// Regression test for origin propagation in "select i1, float, float".
+// https://code.google.com/p/memory-sanitizer/issues/detail?id=78
+
+// RUN: %clangxx_msan -O2 -fsanitize-memory-track-origins %s -o %t && not %run %t >%t.out 2>&1
+// RUN: FileCheck %s < %t.out
+
+// RUN: %clangxx_msan -O2 -fsanitize-memory-track-origins=2 %s -o %t && not %run %t >%t.out 2>&1
+// RUN: FileCheck %s < %t.out
+
+#include <stdio.h>
+#include <sanitizer/msan_interface.h>
+
+int main() {
+  volatile bool b = true;
+  float x, y;
+  __msan_allocated_memory(&x, sizeof(x));
+  __msan_allocated_memory(&y, sizeof(y));
+  float z = b ? x : y;
+  if (z > 0) printf(".\n");
+  // CHECK: Uninitialized value was created by a heap allocation
+  // CHECK: {{#0 0x.* in .*__msan_allocated_memory}}
+  // CHECK: {{#1 0x.* in main .*select_float_origin.cc:}}[[@LINE-6]]
+  return 0;
+}
diff --git a/llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp b/llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp

index fecf5be..15a67d7 100644 (file)
--- a/llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp
+++ b/llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp
@@ -2452,9 +2452,10 @@ struct MemorySanitizerVisitor : public InstVisitor<MemorySanitizerVisitor> {
        }
        // a = select b, c, d
        // Oa = Sb ? Ob : (b ? Oc : Od)
-      setOrigin(&I, IRB.CreateSelect(
-                        Sb, getOrigin(I.getCondition()),
-                        IRB.CreateSelect(B, getOrigin(C), getOrigin(D))));
+      setOrigin(
+          &I, IRB.CreateSelect(Sb, getOrigin(I.getCondition()),
+                               IRB.CreateSelect(B, getOrigin(I.getTrueValue()),
+                                                getOrigin(I.getFalseValue()))));
      }
    }
  
diff --git a/llvm/test/Instrumentation/MemorySanitizer/missing_origin.ll b/llvm/test/Instrumentation/MemorySanitizer/missing_origin.ll

index 673e853..f7385b9 100644 (file)
--- a/llvm/test/Instrumentation/MemorySanitizer/missing_origin.ll
+++ b/llvm/test/Instrumentation/MemorySanitizer/missing_origin.ll
@@ -17,3 +17,17 @@ entry:
  ; CHECK: [[A:%.*]] = load i32* {{.*}}@__msan_param_origin_tls,
  ; CHECK: store i32 [[A]], i32* @__msan_retval_origin_tls
  ; CHECK: ret <4 x i32>
+
+
+; Regression test for origin propagation in "select i1, float, float".
+; https://code.google.com/p/memory-sanitizer/issues/detail?id=78
+
+define float @SelectFloat(i1 %b, float %x, float %y) nounwind uwtable sanitize_memory {
+entry:
+  %z = select i1 %b, float %x, float %y
+  ret float %z
+}
+
+; CHECK-LABEL: @SelectFloat(
+; CHECK-NOT: select {{.*}} i32 0, i32 0
+; CHECK: ret float
author	Evgeniy Stepanov <eugeni.stepanov@gmail.com>
	Fri, 28 Nov 2014 11:17:58 +0000 (11:17 +0000)
committer	Evgeniy Stepanov <eugeni.stepanov@gmail.com>
	Fri, 28 Nov 2014 11:17:58 +0000 (11:17 +0000)
compiler-rt/test/msan/select_float_origin.cc	[new file with mode: 0644]	patch \| blob
llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp		patch \| blob \| history
llvm/test/Instrumentation/MemorySanitizer/missing_origin.ll		patch \| blob \| history