1 // RUN: %clangxx_msan -fsanitize-memory-track-origins=2 -m64 -DOFFSET=0 -O3 %s -o %t && \ 2 // RUN: not %run %t >%t.out 2>&1 3 // RUN: FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-Z1 < %t.out 4 5 // RUN: %clangxx_msan -fsanitize-memory-track-origins=2 -DOFFSET=10 -m64 -O3 %s -o %t && \ 6 // RUN: not %run %t >%t.out 2>&1 7 // RUN: FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-Z2 < %t.out 8 9 10 // RUN: %clangxx_msan -mllvm -msan-instrumentation-with-call-threshold=0 -fsanitize-memory-track-origins=2 -m64 -DOFFSET=0 -O3 %s -o %t && \ 11 // RUN: not %run %t >%t.out 2>&1 12 // RUN: FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-Z1 < %t.out 13 14 // RUN: %clangxx_msan -mllvm -msan-instrumentation-with-call-threshold=0 -fsanitize-memory-track-origins=2 -DOFFSET=10 -m64 -O3 %s -o %t && \ 15 // RUN: not %run %t >%t.out 2>&1 16 // RUN: FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-Z2 < %t.out 17 18 19 #include <stdio.h> 20 #include <string.h> 21 22 int xx[10000]; 23 int yy[10000]; 24 volatile int idx = 30; 25 26 __attribute__((noinline)) 27 void fn_g(int a, int b) { 28 xx[idx] = a; xx[idx + 10] = b; 29 } 30 31 __attribute__((noinline)) 32 void fn_f(int a, int b) { 33 fn_g(a, b); 34 } 35 36 __attribute__((noinline)) 37 void fn_h() { 38 memcpy(&yy, &xx, sizeof(xx)); 39 } 40 41 int main(int argc, char *argv[]) { 42 int volatile z1; 43 int volatile z2; 44 fn_f(z1, z2); 45 fn_h(); 46 return yy[idx + OFFSET]; 47 } 48 49 // CHECK: WARNING: MemorySanitizer: use-of-uninitialized-value 50 // CHECK: {{#0 .* in main .*chained_origin_memcpy.cc:46}} 51 52 // CHECK: Uninitialized value was stored to memory at 53 // CHECK: {{#1 .* in fn_h.*chained_origin_memcpy.cc:38}} 54 55 // CHECK: Uninitialized value was stored to memory at 56 // CHECK: {{#0 .* in fn_g.*chained_origin_memcpy.cc:28}} 57 // CHECK: {{#1 .* in fn_f.*chained_origin_memcpy.cc:33}} 58 59 // CHECK-Z1: Uninitialized value was created by an allocation of 'z1' in the stack frame of function 'main' 60 // CHECK-Z2: Uninitialized value was created by an allocation of 'z2' in the stack frame of function 'main' 61 // CHECK: {{#0 .* in main.*chained_origin_memcpy.cc:41}} 62