From 1dcd685fa8498b0056ab3dc9db9df2f3ac3a02c4 Mon Sep 17 00:00:00 2001
From: Evgeniy Stepanov <eugeni.stepanov@gmail.com>
Date: Fri, 3 Mar 2017 01:12:43 +0000
Subject: [PATCH] [msan] Handle x86_sse_stmxcsr and x86_sse_ldmxcsr.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@296848 91177308-0d34-0410-b5e6-96231b3b80d8
---
 .../Instrumentation/MemorySanitizer.cpp       | 50 ++++++++++++++++--
 test/Instrumentation/MemorySanitizer/csr.ll   | 52 +++++++++++++++++++
 2 files changed, 98 insertions(+), 4 deletions(-)
 create mode 100644 test/Instrumentation/MemorySanitizer/csr.ll

diff --git a/lib/Transforms/Instrumentation/MemorySanitizer.cpp b/lib/Transforms/Instrumentation/MemorySanitizer.cpp
index 09c6169574a..b028285a06a 100644
--- a/lib/Transforms/Instrumentation/MemorySanitizer.cpp
+++ b/lib/Transforms/Instrumentation/MemorySanitizer.cpp
@@ -1037,15 +1037,19 @@ struct MemorySanitizerVisitor : public InstVisitor<MemorySanitizerVisitor> {
     OriginMap[V] = Origin;
   }
 
+  Constant *getCleanShadow(Type *OrigTy) {
+    Type *ShadowTy = getShadowTy(OrigTy);
+    if (!ShadowTy)
+      return nullptr;
+    return Constant::getNullValue(ShadowTy);
+  }
+
   /// \brief Create a clean shadow value for a given value.
   ///
   /// Clean shadow (all zeroes) means all bits of the value are defined
   /// (initialized).
   Constant *getCleanShadow(Value *V) {
-    Type *ShadowTy = getShadowTy(V);
-    if (!ShadowTy)
-      return nullptr;
-    return Constant::getNullValue(ShadowTy);
+    return getCleanShadow(V->getType());
   }
 
   /// \brief Create a dirty shadow of a given shadow type.
@@ -2324,11 +2328,49 @@ struct MemorySanitizerVisitor : public InstVisitor<MemorySanitizerVisitor> {
     setOriginForNaryOp(I);
   }
 
+  void handleStmxcsr(IntrinsicInst &I) {
+    IRBuilder<> IRB(&I);
+    Value* Addr = I.getArgOperand(0);
+    Type *Ty = IRB.getInt32Ty();
+    Value *ShadowPtr = getShadowPtr(Addr, Ty, IRB);
+
+    IRB.CreateStore(getCleanShadow(Ty),
+                    IRB.CreatePointerCast(ShadowPtr, Ty->getPointerTo()));
+
+    if (ClCheckAccessAddress)
+      insertShadowCheck(Addr, &I);
+  }
+
+  void handleLdmxcsr(IntrinsicInst &I) {
+    if (!InsertChecks) return;
+
+    IRBuilder<> IRB(&I);
+    Value *Addr = I.getArgOperand(0);
+    Type *Ty = IRB.getInt32Ty();
+    unsigned Alignment = 1;
+
+    if (ClCheckAccessAddress)
+      insertShadowCheck(Addr, &I);
+
+    Value *Shadow = IRB.CreateAlignedLoad(getShadowPtr(Addr, Ty, IRB),
+                                          Alignment, "_ldmxcsr");
+    Value *Origin = MS.TrackOrigins
+                        ? IRB.CreateLoad(getOriginPtr(Addr, IRB, Alignment))
+                        : getCleanOrigin();
+    insertShadowCheck(Shadow, Origin, &I);
+  }
+
   void visitIntrinsicInst(IntrinsicInst &I) {
     switch (I.getIntrinsicID()) {
     case llvm::Intrinsic::bswap:
       handleBswap(I);
       break;
+    case llvm::Intrinsic::x86_sse_stmxcsr:
+      handleStmxcsr(I);
+      break;
+    case llvm::Intrinsic::x86_sse_ldmxcsr:
+      handleLdmxcsr(I);
+      break;
     case llvm::Intrinsic::x86_avx512_vcvtsd2usi64:
     case llvm::Intrinsic::x86_avx512_vcvtsd2usi32:
     case llvm::Intrinsic::x86_avx512_vcvtss2usi64:
diff --git a/test/Instrumentation/MemorySanitizer/csr.ll b/test/Instrumentation/MemorySanitizer/csr.ll
new file mode 100644
index 00000000000..c4e3a3f7392
--- /dev/null
+++ b/test/Instrumentation/MemorySanitizer/csr.ll
@@ -0,0 +1,52 @@
+; RUN: opt < %s -msan -msan-check-access-address=0 -S | FileCheck %s
+; RUN: opt < %s -msan -msan-check-access-address=1 -S | FileCheck %s --check-prefix=ADDR
+
+target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128"
+target triple = "x86_64-unknown-linux-gnu"
+
+declare void @llvm.x86.sse.stmxcsr(i8*)
+declare void @llvm.x86.sse.ldmxcsr(i8*)
+
+define void @getcsr(i32 *%p) sanitize_memory {
+entry:
+  %0 = bitcast i32* %p to i8*
+  call void @llvm.x86.sse.stmxcsr(i8* %0)
+  ret void
+}
+
+; CHECK-LABEL: @getcsr(
+; CHECK: store i32 0, i32*
+; CHECK: call void @llvm.x86.sse.stmxcsr(
+; CHECK: ret void
+
+; ADDR-LABEL: @getcsr(
+; ADDR: %[[A:.*]] = load i64, i64* getelementptr inbounds {{.*}} @__msan_param_tls, i32 0, i32 0), align 8
+; ADDR: %[[B:.*]] = icmp ne i64 %[[A]], 0
+; ADDR: br i1 %[[B]], label {{.*}}, label
+; ADDR: call void @__msan_warning_noreturn()
+; ADDR: call void @llvm.x86.sse.stmxcsr(
+; ADDR: ret void
+
+; Function Attrs: nounwind uwtable
+define void @setcsr(i32 *%p) sanitize_memory {
+entry:
+  %0 = bitcast i32* %p to i8*
+  call void @llvm.x86.sse.ldmxcsr(i8* %0)
+  ret void
+}
+
+; CHECK-LABEL: @setcsr(
+; CHECK: %[[A:.*]] = load i32, i32* %{{.*}}, align 1
+; CHECK: %[[B:.*]] = icmp ne i32 %[[A]], 0
+; CHECK: br i1 %[[B]], label {{.*}}, label
+; CHECK: call void @__msan_warning_noreturn()
+; CHECK: call void @llvm.x86.sse.ldmxcsr(
+; CHECK: ret void
+
+; ADDR-LABEL: @setcsr(
+; ADDR: %[[A:.*]] = load i64, i64* getelementptr inbounds {{.*}} @__msan_param_tls, i32 0, i32 0), align 8
+; ADDR: %[[B:.*]] = icmp ne i64 %[[A]], 0
+; ADDR: br i1 %[[B]], label {{.*}}, label
+; ADDR: call void @__msan_warning_noreturn()
+; ADDR: call void @llvm.x86.sse.ldmxcsr(
+; ADDR: ret void
-- 
2.50.1