diff options
| -rw-r--r-- | compiler-rt/test/msan/select_float_origin.cc | 24 | ||||
| -rw-r--r-- | llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp | 7 | ||||
| -rw-r--r-- | llvm/test/Instrumentation/MemorySanitizer/missing_origin.ll | 14 |
3 files changed, 42 insertions, 3 deletions
diff --git a/compiler-rt/test/msan/select_float_origin.cc b/compiler-rt/test/msan/select_float_origin.cc new file mode 100644 index 00000000000..ca8f3a83b0e --- /dev/null +++ b/compiler-rt/test/msan/select_float_origin.cc @@ -0,0 +1,24 @@ +// Regression test for origin propagation in "select i1, float, float". +// https://code.google.com/p/memory-sanitizer/issues/detail?id=78 + +// RUN: %clangxx_msan -O2 -fsanitize-memory-track-origins %s -o %t && not %run %t >%t.out 2>&1 +// RUN: FileCheck %s < %t.out + +// RUN: %clangxx_msan -O2 -fsanitize-memory-track-origins=2 %s -o %t && not %run %t >%t.out 2>&1 +// RUN: FileCheck %s < %t.out + +#include <stdio.h> +#include <sanitizer/msan_interface.h> + +int main() { + volatile bool b = true; + float x, y; + __msan_allocated_memory(&x, sizeof(x)); + __msan_allocated_memory(&y, sizeof(y)); + float z = b ? x : y; + if (z > 0) printf(".\n"); + // CHECK: Uninitialized value was created by a heap allocation + // CHECK: {{#0 0x.* in .*__msan_allocated_memory}} + // CHECK: {{#1 0x.* in main .*select_float_origin.cc:}}[[@LINE-6]] + return 0; +} diff --git a/llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp b/llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp index fecf5bedf5a..15a67d7c697 100644 --- a/llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp +++ b/llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp @@ -2452,9 +2452,10 @@ struct MemorySanitizerVisitor : public InstVisitor<MemorySanitizerVisitor> { } // a = select b, c, d // Oa = Sb ? Ob : (b ? Oc : Od) - setOrigin(&I, IRB.CreateSelect( - Sb, getOrigin(I.getCondition()), - IRB.CreateSelect(B, getOrigin(C), getOrigin(D)))); + setOrigin( + &I, IRB.CreateSelect(Sb, getOrigin(I.getCondition()), + IRB.CreateSelect(B, getOrigin(I.getTrueValue()), + getOrigin(I.getFalseValue())))); } } diff --git a/llvm/test/Instrumentation/MemorySanitizer/missing_origin.ll b/llvm/test/Instrumentation/MemorySanitizer/missing_origin.ll index 673e85369a3..f7385b9dd4c 100644 --- a/llvm/test/Instrumentation/MemorySanitizer/missing_origin.ll +++ b/llvm/test/Instrumentation/MemorySanitizer/missing_origin.ll @@ -17,3 +17,17 @@ entry: ; CHECK: [[A:%.*]] = load i32* {{.*}}@__msan_param_origin_tls, ; CHECK: store i32 [[A]], i32* @__msan_retval_origin_tls ; CHECK: ret <4 x i32> + + +; Regression test for origin propagation in "select i1, float, float". +; https://code.google.com/p/memory-sanitizer/issues/detail?id=78 + +define float @SelectFloat(i1 %b, float %x, float %y) nounwind uwtable sanitize_memory { +entry: + %z = select i1 %b, float %x, float %y + ret float %z +} + +; CHECK-LABEL: @SelectFloat( +; CHECK-NOT: select {{.*}} i32 0, i32 0 +; CHECK: ret float |
