Skip to content

Commit e72c949

Browse files
eugeniseugenis
authored
[msan] Overflow intrinsics. (#88210)
1 parent 323d3ab commit e72c949

File tree

2 files changed

+59
-68
lines changed

2 files changed

+59
-68
lines changed

llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3715,8 +3715,32 @@ struct MemorySanitizerVisitor : public InstVisitor<MemorySanitizerVisitor> {
37153715
setOrigin(&I, getOrigin(&I, 0));
37163716
}
37173717

3718+
void handleArithmeticWithOverflow(IntrinsicInst &I) {
3719+
IRBuilder<> IRB(&I);
3720+
Value *Shadow0 = getShadow(&I, 0);
3721+
Value *Shadow1 = getShadow(&I, 1);
3722+
Value *ShadowElt0 = IRB.CreateOr(Shadow0, Shadow1);
3723+
Value *ShadowElt1 =
3724+
IRB.CreateICmpNE(ShadowElt0, getCleanShadow(ShadowElt0));
3725+
3726+
Value *Shadow = PoisonValue::get(getShadowTy(&I));
3727+
Shadow = IRB.CreateInsertValue(Shadow, ShadowElt0, 0);
3728+
Shadow = IRB.CreateInsertValue(Shadow, ShadowElt1, 1);
3729+
3730+
setShadow(&I, Shadow);
3731+
setOriginForNaryOp(I);
3732+
}
3733+
37183734
void visitIntrinsicInst(IntrinsicInst &I) {
37193735
switch (I.getIntrinsicID()) {
3736+
case Intrinsic::uadd_with_overflow:
3737+
case Intrinsic::sadd_with_overflow:
3738+
case Intrinsic::usub_with_overflow:
3739+
case Intrinsic::ssub_with_overflow:
3740+
case Intrinsic::umul_with_overflow:
3741+
case Intrinsic::smul_with_overflow:
3742+
handleArithmeticWithOverflow(I);
3743+
break;
37203744
case Intrinsic::abs:
37213745
handleAbsIntrinsic(I);
37223746
break;

llvm/test/Instrumentation/MemorySanitizer/overflow.ll

Lines changed: 35 additions & 68 deletions
Original file line numberDiff line numberDiff line change
@@ -10,16 +10,12 @@ define {i64, i1} @test_sadd_with_overflow(i64 %a, i64 %b) #0 {
1010
; CHECK-NEXT: [[TMP1:%.*]] = load i64, ptr @__msan_param_tls, align 8
1111
; CHECK-NEXT: [[TMP2:%.*]] = load i64, ptr inttoptr (i64 add (i64 ptrtoint (ptr @__msan_param_tls to i64), i64 8) to ptr), align 8
1212
; CHECK-NEXT: call void @llvm.donothing()
13-
; CHECK-NEXT: [[_MSCMP:%.*]] = icmp ne i64 [[TMP1]], 0
14-
; CHECK-NEXT: [[_MSCMP1:%.*]] = icmp ne i64 [[TMP2]], 0
15-
; CHECK-NEXT: [[_MSOR:%.*]] = or i1 [[_MSCMP]], [[_MSCMP1]]
16-
; CHECK-NEXT: br i1 [[_MSOR]], label [[TMP3:%.*]], label [[TMP4:%.*]], !prof [[PROF0:![0-9]+]]
17-
; CHECK: 3:
18-
; CHECK-NEXT: call void @__msan_warning_noreturn() #[[ATTR4:[0-9]+]]
19-
; CHECK-NEXT: unreachable
20-
; CHECK: 4:
13+
; CHECK-NEXT: [[TMP3:%.*]] = or i64 [[TMP1]], [[TMP2]]
14+
; CHECK-NEXT: [[TMP4:%.*]] = icmp ne i64 [[TMP3]], 0
15+
; CHECK-NEXT: [[TMP5:%.*]] = insertvalue { i64, i1 } poison, i64 [[TMP3]], 0
16+
; CHECK-NEXT: [[TMP6:%.*]] = insertvalue { i64, i1 } [[TMP5]], i1 [[TMP4]], 1
2117
; CHECK-NEXT: [[RES:%.*]] = call { i64, i1 } @llvm.sadd.with.overflow.i64(i64 [[A]], i64 [[B]])
22-
; CHECK-NEXT: store { i64, i1 } zeroinitializer, ptr @__msan_retval_tls, align 8
18+
; CHECK-NEXT: store { i64, i1 } [[TMP6]], ptr @__msan_retval_tls, align 8
2319
; CHECK-NEXT: ret { i64, i1 } [[RES]]
2420
;
2521
%res = call { i64, i1 } @llvm.sadd.with.overflow.i64(i64 %a, i64 %b)
@@ -32,16 +28,12 @@ define {i64, i1} @test_uadd_with_overflow(i64 %a, i64 %b) #0 {
3228
; CHECK-NEXT: [[TMP1:%.*]] = load i64, ptr @__msan_param_tls, align 8
3329
; CHECK-NEXT: [[TMP2:%.*]] = load i64, ptr inttoptr (i64 add (i64 ptrtoint (ptr @__msan_param_tls to i64), i64 8) to ptr), align 8
3430
; CHECK-NEXT: call void @llvm.donothing()
35-
; CHECK-NEXT: [[_MSCMP:%.*]] = icmp ne i64 [[TMP1]], 0
36-
; CHECK-NEXT: [[_MSCMP1:%.*]] = icmp ne i64 [[TMP2]], 0
37-
; CHECK-NEXT: [[_MSOR:%.*]] = or i1 [[_MSCMP]], [[_MSCMP1]]
38-
; CHECK-NEXT: br i1 [[_MSOR]], label [[TMP3:%.*]], label [[TMP4:%.*]], !prof [[PROF0]]
39-
; CHECK: 3:
40-
; CHECK-NEXT: call void @__msan_warning_noreturn() #[[ATTR4]]
41-
; CHECK-NEXT: unreachable
42-
; CHECK: 4:
31+
; CHECK-NEXT: [[TMP3:%.*]] = or i64 [[TMP1]], [[TMP2]]
32+
; CHECK-NEXT: [[TMP4:%.*]] = icmp ne i64 [[TMP3]], 0
33+
; CHECK-NEXT: [[TMP5:%.*]] = insertvalue { i64, i1 } poison, i64 [[TMP3]], 0
34+
; CHECK-NEXT: [[TMP6:%.*]] = insertvalue { i64, i1 } [[TMP5]], i1 [[TMP4]], 1
4335
; CHECK-NEXT: [[RES:%.*]] = call { i64, i1 } @llvm.uadd.with.overflow.i64(i64 [[A]], i64 [[B]])
44-
; CHECK-NEXT: store { i64, i1 } zeroinitializer, ptr @__msan_retval_tls, align 8
36+
; CHECK-NEXT: store { i64, i1 } [[TMP6]], ptr @__msan_retval_tls, align 8
4537
; CHECK-NEXT: ret { i64, i1 } [[RES]]
4638
;
4739
%res = call { i64, i1 } @llvm.uadd.with.overflow.i64(i64 %a, i64 %b)
@@ -54,16 +46,12 @@ define {i64, i1} @test_smul_with_overflow(i64 %a, i64 %b) #0 {
5446
; CHECK-NEXT: [[TMP1:%.*]] = load i64, ptr @__msan_param_tls, align 8
5547
; CHECK-NEXT: [[TMP2:%.*]] = load i64, ptr inttoptr (i64 add (i64 ptrtoint (ptr @__msan_param_tls to i64), i64 8) to ptr), align 8
5648
; CHECK-NEXT: call void @llvm.donothing()
57-
; CHECK-NEXT: [[_MSCMP:%.*]] = icmp ne i64 [[TMP1]], 0
58-
; CHECK-NEXT: [[_MSCMP1:%.*]] = icmp ne i64 [[TMP2]], 0
59-
; CHECK-NEXT: [[_MSOR:%.*]] = or i1 [[_MSCMP]], [[_MSCMP1]]
60-
; CHECK-NEXT: br i1 [[_MSOR]], label [[TMP3:%.*]], label [[TMP4:%.*]], !prof [[PROF0]]
61-
; CHECK: 3:
62-
; CHECK-NEXT: call void @__msan_warning_noreturn() #[[ATTR4]]
63-
; CHECK-NEXT: unreachable
64-
; CHECK: 4:
49+
; CHECK-NEXT: [[TMP3:%.*]] = or i64 [[TMP1]], [[TMP2]]
50+
; CHECK-NEXT: [[TMP4:%.*]] = icmp ne i64 [[TMP3]], 0
51+
; CHECK-NEXT: [[TMP5:%.*]] = insertvalue { i64, i1 } poison, i64 [[TMP3]], 0
52+
; CHECK-NEXT: [[TMP6:%.*]] = insertvalue { i64, i1 } [[TMP5]], i1 [[TMP4]], 1
6553
; CHECK-NEXT: [[RES:%.*]] = call { i64, i1 } @llvm.smul.with.overflow.i64(i64 [[A]], i64 [[B]])
66-
; CHECK-NEXT: store { i64, i1 } zeroinitializer, ptr @__msan_retval_tls, align 8
54+
; CHECK-NEXT: store { i64, i1 } [[TMP6]], ptr @__msan_retval_tls, align 8
6755
; CHECK-NEXT: ret { i64, i1 } [[RES]]
6856
;
6957
%res = call { i64, i1 } @llvm.smul.with.overflow.i64(i64 %a, i64 %b)
@@ -75,16 +63,12 @@ define {i64, i1} @test_umul_with_overflow(i64 %a, i64 %b) #0 {
7563
; CHECK-NEXT: [[TMP1:%.*]] = load i64, ptr @__msan_param_tls, align 8
7664
; CHECK-NEXT: [[TMP2:%.*]] = load i64, ptr inttoptr (i64 add (i64 ptrtoint (ptr @__msan_param_tls to i64), i64 8) to ptr), align 8
7765
; CHECK-NEXT: call void @llvm.donothing()
78-
; CHECK-NEXT: [[_MSCMP:%.*]] = icmp ne i64 [[TMP1]], 0
79-
; CHECK-NEXT: [[_MSCMP1:%.*]] = icmp ne i64 [[TMP2]], 0
80-
; CHECK-NEXT: [[_MSOR:%.*]] = or i1 [[_MSCMP]], [[_MSCMP1]]
81-
; CHECK-NEXT: br i1 [[_MSOR]], label [[TMP3:%.*]], label [[TMP4:%.*]], !prof [[PROF0]]
82-
; CHECK: 3:
83-
; CHECK-NEXT: call void @__msan_warning_noreturn() #[[ATTR4]]
84-
; CHECK-NEXT: unreachable
85-
; CHECK: 4:
66+
; CHECK-NEXT: [[TMP3:%.*]] = or i64 [[TMP1]], [[TMP2]]
67+
; CHECK-NEXT: [[TMP4:%.*]] = icmp ne i64 [[TMP3]], 0
68+
; CHECK-NEXT: [[TMP5:%.*]] = insertvalue { i64, i1 } poison, i64 [[TMP3]], 0
69+
; CHECK-NEXT: [[TMP6:%.*]] = insertvalue { i64, i1 } [[TMP5]], i1 [[TMP4]], 1
8670
; CHECK-NEXT: [[RES:%.*]] = call { i64, i1 } @llvm.umul.with.overflow.i64(i64 [[A]], i64 [[B]])
87-
; CHECK-NEXT: store { i64, i1 } zeroinitializer, ptr @__msan_retval_tls, align 8
71+
; CHECK-NEXT: store { i64, i1 } [[TMP6]], ptr @__msan_retval_tls, align 8
8872
; CHECK-NEXT: ret { i64, i1 } [[RES]]
8973
;
9074
%res = call { i64, i1 } @llvm.umul.with.overflow.i64(i64 %a, i64 %b)
@@ -96,16 +80,12 @@ define {i64, i1} @test_ssub_with_overflow(i64 %a, i64 %b) #0 {
9680
; CHECK-NEXT: [[TMP1:%.*]] = load i64, ptr @__msan_param_tls, align 8
9781
; CHECK-NEXT: [[TMP2:%.*]] = load i64, ptr inttoptr (i64 add (i64 ptrtoint (ptr @__msan_param_tls to i64), i64 8) to ptr), align 8
9882
; CHECK-NEXT: call void @llvm.donothing()
99-
; CHECK-NEXT: [[_MSCMP:%.*]] = icmp ne i64 [[TMP1]], 0
100-
; CHECK-NEXT: [[_MSCMP1:%.*]] = icmp ne i64 [[TMP2]], 0
101-
; CHECK-NEXT: [[_MSOR:%.*]] = or i1 [[_MSCMP]], [[_MSCMP1]]
102-
; CHECK-NEXT: br i1 [[_MSOR]], label [[TMP3:%.*]], label [[TMP4:%.*]], !prof [[PROF0]]
103-
; CHECK: 3:
104-
; CHECK-NEXT: call void @__msan_warning_noreturn() #[[ATTR4]]
105-
; CHECK-NEXT: unreachable
106-
; CHECK: 4:
83+
; CHECK-NEXT: [[TMP3:%.*]] = or i64 [[TMP1]], [[TMP2]]
84+
; CHECK-NEXT: [[TMP4:%.*]] = icmp ne i64 [[TMP3]], 0
85+
; CHECK-NEXT: [[TMP5:%.*]] = insertvalue { i64, i1 } poison, i64 [[TMP3]], 0
86+
; CHECK-NEXT: [[TMP6:%.*]] = insertvalue { i64, i1 } [[TMP5]], i1 [[TMP4]], 1
10787
; CHECK-NEXT: [[RES:%.*]] = call { i64, i1 } @llvm.ssub.with.overflow.i64(i64 [[A]], i64 [[B]])
108-
; CHECK-NEXT: store { i64, i1 } zeroinitializer, ptr @__msan_retval_tls, align 8
88+
; CHECK-NEXT: store { i64, i1 } [[TMP6]], ptr @__msan_retval_tls, align 8
10989
; CHECK-NEXT: ret { i64, i1 } [[RES]]
11090
;
11191
%res = call { i64, i1 } @llvm.ssub.with.overflow.i64(i64 %a, i64 %b)
@@ -117,16 +97,12 @@ define {i64, i1} @test_usub_with_overflow(i64 %a, i64 %b) #0 {
11797
; CHECK-NEXT: [[TMP1:%.*]] = load i64, ptr @__msan_param_tls, align 8
11898
; CHECK-NEXT: [[TMP2:%.*]] = load i64, ptr inttoptr (i64 add (i64 ptrtoint (ptr @__msan_param_tls to i64), i64 8) to ptr), align 8
11999
; CHECK-NEXT: call void @llvm.donothing()
120-
; CHECK-NEXT: [[_MSCMP:%.*]] = icmp ne i64 [[TMP1]], 0
121-
; CHECK-NEXT: [[_MSCMP1:%.*]] = icmp ne i64 [[TMP2]], 0
122-
; CHECK-NEXT: [[_MSOR:%.*]] = or i1 [[_MSCMP]], [[_MSCMP1]]
123-
; CHECK-NEXT: br i1 [[_MSOR]], label [[TMP3:%.*]], label [[TMP4:%.*]], !prof [[PROF0]]
124-
; CHECK: 3:
125-
; CHECK-NEXT: call void @__msan_warning_noreturn() #[[ATTR4]]
126-
; CHECK-NEXT: unreachable
127-
; CHECK: 4:
100+
; CHECK-NEXT: [[TMP3:%.*]] = or i64 [[TMP1]], [[TMP2]]
101+
; CHECK-NEXT: [[TMP4:%.*]] = icmp ne i64 [[TMP3]], 0
102+
; CHECK-NEXT: [[TMP5:%.*]] = insertvalue { i64, i1 } poison, i64 [[TMP3]], 0
103+
; CHECK-NEXT: [[TMP6:%.*]] = insertvalue { i64, i1 } [[TMP5]], i1 [[TMP4]], 1
128104
; CHECK-NEXT: [[RES:%.*]] = call { i64, i1 } @llvm.usub.with.overflow.i64(i64 [[A]], i64 [[B]])
129-
; CHECK-NEXT: store { i64, i1 } zeroinitializer, ptr @__msan_retval_tls, align 8
105+
; CHECK-NEXT: store { i64, i1 } [[TMP6]], ptr @__msan_retval_tls, align 8
130106
; CHECK-NEXT: ret { i64, i1 } [[RES]]
131107
;
132108
%res = call { i64, i1 } @llvm.usub.with.overflow.i64(i64 %a, i64 %b)
@@ -139,25 +115,16 @@ define {<4 x i32>, <4 x i1>} @test_sadd_with_overflow_vec(<4 x i32> %a, <4 x i32
139115
; CHECK-NEXT: [[TMP1:%.*]] = load <4 x i32>, ptr @__msan_param_tls, align 8
140116
; CHECK-NEXT: [[TMP2:%.*]] = load <4 x i32>, ptr inttoptr (i64 add (i64 ptrtoint (ptr @__msan_param_tls to i64), i64 16) to ptr), align 8
141117
; CHECK-NEXT: call void @llvm.donothing()
142-
; CHECK-NEXT: [[TMP3:%.*]] = bitcast <4 x i32> [[TMP1]] to i128
143-
; CHECK-NEXT: [[_MSCMP:%.*]] = icmp ne i128 [[TMP3]], 0
144-
; CHECK-NEXT: [[TMP4:%.*]] = bitcast <4 x i32> [[TMP2]] to i128
145-
; CHECK-NEXT: [[_MSCMP1:%.*]] = icmp ne i128 [[TMP4]], 0
146-
; CHECK-NEXT: [[_MSOR:%.*]] = or i1 [[_MSCMP]], [[_MSCMP1]]
147-
; CHECK-NEXT: br i1 [[_MSOR]], label [[TMP5:%.*]], label [[TMP6:%.*]], !prof [[PROF0]]
148-
; CHECK: 5:
149-
; CHECK-NEXT: call void @__msan_warning_noreturn() #[[ATTR4]]
150-
; CHECK-NEXT: unreachable
151-
; CHECK: 6:
118+
; CHECK-NEXT: [[TMP3:%.*]] = or <4 x i32> [[TMP1]], [[TMP2]]
119+
; CHECK-NEXT: [[TMP4:%.*]] = icmp ne <4 x i32> [[TMP3]], zeroinitializer
120+
; CHECK-NEXT: [[TMP5:%.*]] = insertvalue { <4 x i32>, <4 x i1> } poison, <4 x i32> [[TMP3]], 0
121+
; CHECK-NEXT: [[TMP6:%.*]] = insertvalue { <4 x i32>, <4 x i1> } [[TMP5]], <4 x i1> [[TMP4]], 1
152122
; CHECK-NEXT: [[RES:%.*]] = call { <4 x i32>, <4 x i1> } @llvm.sadd.with.overflow.v4i32(<4 x i32> [[A]], <4 x i32> [[B]])
153-
; CHECK-NEXT: store { <4 x i32>, <4 x i1> } zeroinitializer, ptr @__msan_retval_tls, align 8
123+
; CHECK-NEXT: store { <4 x i32>, <4 x i1> } [[TMP6]], ptr @__msan_retval_tls, align 8
154124
; CHECK-NEXT: ret { <4 x i32>, <4 x i1> } [[RES]]
155125
;
156126
%res = call { <4 x i32>, <4 x i1> } @llvm.sadd.with.overflow.v4i32(<4 x i32> %a, <4 x i32> %b)
157127
ret { <4 x i32>, <4 x i1> } %res
158128
}
159129

160130
attributes #0 = { sanitize_memory }
161-
;.
162-
; CHECK: [[PROF0]] = !{!"branch_weights", i32 1, i32 1000}
163-
;.

0 commit comments

Comments
 (0)