From e62fc3d0b6ce923dcbc29eeb6ebc5808e6724f90 Mon Sep 17 00:00:00 2001 From: Matt Morehouse Date: Wed, 19 Sep 2018 19:37:24 +0000 Subject: [PATCH] [InstCombine] Disable strcmp->memcmp transform for MSan. Summary: The strcmp->memcmp transform can make the resulting memcmp read uninitialized data, which MSan doesn't like. Resolves https://github.com/google/sanitizers/issues/993. Reviewers: eugenis, xbolva00 Reviewed By: eugenis Subscribers: hiraditya, llvm-commits Differential Revision: https://reviews.llvm.org/D52272 llvm-svn: 342582 --- llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp | 5 ++++- llvm/test/Transforms/InstCombine/strcmp-memcmp.ll | 15 +++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp b/llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp index 8fa2279..3789181 100644 --- a/llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp +++ b/llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp @@ -171,7 +171,10 @@ static bool canTransformToMemCmp(CallInst *CI, Value *Str, uint64_t Len, if (!isDereferenceableAndAlignedPointer(Str, 1, APInt(64, Len), DL)) return false; - + + if (CI->getFunction()->hasFnAttribute(Attribute::SanitizeMemory)) + return false; + return true; } diff --git a/llvm/test/Transforms/InstCombine/strcmp-memcmp.ll b/llvm/test/Transforms/InstCombine/strcmp-memcmp.ll index e008b2d0..092a47f 100644 --- a/llvm/test/Transforms/InstCombine/strcmp-memcmp.ll +++ b/llvm/test/Transforms/InstCombine/strcmp-memcmp.ll @@ -542,4 +542,19 @@ define i32 @strncmp_memcmp_bad4([4 x i8]* dereferenceable (4) %buf) { ret i32 0 } +define i32 @strcmp_memcmp_msan([12 x i8]* dereferenceable (12) %buf) sanitize_memory { +; CHECK-LABEL: @strcmp_memcmp_msan( +; CHECK-NEXT: [[STRING:%.*]] = getelementptr inbounds [12 x i8], [12 x i8]* [[BUF:%.*]], i64 0, i64 0 +; CHECK-NEXT: [[CALL:%.*]] = call i32 @strcmp(i8* nonnull [[STRING]], i8* getelementptr inbounds ([4 x i8], [4 x i8]* @key, i64 0, i64 0)) +; CHECK-NEXT: [[CMP:%.*]] = icmp eq i32 [[CALL]], 0 +; CHECK-NEXT: [[CONV:%.*]] = zext i1 [[CMP]] to i32 +; CHECK-NEXT: ret i32 [[CONV]] +; + %string = getelementptr inbounds [12 x i8], [12 x i8]* %buf, i64 0, i64 0 + %call = call i32 @strcmp(i8* nonnull %string, i8* getelementptr inbounds ([4 x i8], [4 x i8]* @key, i64 0, i64 0)) + %cmp = icmp eq i32 %call, 0 + %conv = zext i1 %cmp to i32 + ret i32 %conv +} + declare i32 @memcmp(i8* nocapture, i8* nocapture, i64) -- 2.7.4