1; RUN: opt < %s -S -passes=msan 2>&1 | FileCheck %s 2; RUN: opt < %s -msan -S | FileCheck %s 3 4target datalayout = "E-m:e-i64:64-n32:64" 5target triple = "powerpc64--linux" 6 7define i32 @foo(i32 %guard, ...) { 8 %vl = alloca i8*, align 8 9 %1 = bitcast i8** %vl to i8* 10 call void @llvm.lifetime.start.p0i8(i64 32, i8* %1) 11 call void @llvm.va_start(i8* %1) 12 call void @llvm.va_end(i8* %1) 13 call void @llvm.lifetime.end.p0i8(i64 32, i8* %1) 14 ret i32 0 15} 16 17; First, check allocation of the save area. 18 19; CHECK-LABEL: @foo 20; CHECK: [[A:%.*]] = load {{.*}} @__msan_va_arg_overflow_size_tls 21; CHECK: [[B:%.*]] = add i64 0, [[A]] 22; CHECK: [[C:%.*]] = alloca {{.*}} [[B]] 23 24; CHECK: call void @llvm.memcpy.p0i8.p0i8.i64(i8* align 8 [[C]], i8* align 8 bitcast ({{.*}} @__msan_va_arg_tls to i8*), i64 [[B]], i1 false) 25 26declare void @llvm.lifetime.start.p0i8(i64, i8* nocapture) #1 27declare void @llvm.va_start(i8*) #2 28declare void @llvm.va_end(i8*) #2 29declare void @llvm.lifetime.end.p0i8(i64, i8* nocapture) #1 30 31define i32 @bar() { 32 %1 = call i32 (i32, ...) @foo(i32 0, i32 1, i64 2, double 3.000000e+00) 33 ret i32 %1 34} 35 36; Save the incoming shadow value from the arguments in the __msan_va_arg_tls 37; array. The first argument is stored at position 4, since it's right 38; justified. 39; CHECK-LABEL: @bar 40; CHECK: store i32 0, i32* inttoptr (i64 add (i64 ptrtoint ([100 x i64]* @__msan_va_arg_tls to i64), i64 4) to i32*), align 8 41; CHECK: store i64 0, i64* inttoptr (i64 add (i64 ptrtoint ([100 x i64]* @__msan_va_arg_tls to i64), i64 8) to i64*), align 8 42; CHECK: store i64 0, i64* inttoptr (i64 add (i64 ptrtoint ([100 x i64]* @__msan_va_arg_tls to i64), i64 16) to i64*), align 8 43; CHECK: store {{.*}} 24, {{.*}} @__msan_va_arg_overflow_size_tls 44 45; Check vector argument. 46define i32 @bar2() { 47 %1 = call i32 (i32, ...) @foo(i32 0, <2 x i64> <i64 1, i64 2>) 48 ret i32 %1 49} 50 51; The vector is at offset 16 of parameter save area, but __msan_va_arg_tls 52; corresponds to offset 8+ of parameter save area - so the offset from 53; __msan_va_arg_tls is actually misaligned. 54; CHECK-LABEL: @bar2 55; CHECK: store <2 x i64> zeroinitializer, <2 x i64>* inttoptr (i64 add (i64 ptrtoint ([100 x i64]* @__msan_va_arg_tls to i64), i64 8) to <2 x i64>*), align 8 56; CHECK: store {{.*}} 24, {{.*}} @__msan_va_arg_overflow_size_tls 57 58; Check i64 array. 59define i32 @bar4() { 60 %1 = call i32 (i32, ...) @foo(i32 0, [2 x i64] [i64 1, i64 2]) 61 ret i32 %1 62} 63 64; CHECK-LABEL: @bar4 65; CHECK: store [2 x i64] zeroinitializer, [2 x i64]* bitcast ([100 x i64]* @__msan_va_arg_tls to [2 x i64]*), align 8 66; CHECK: store {{.*}} 16, {{.*}} @__msan_va_arg_overflow_size_tls 67 68; Check i128 array. 69define i32 @bar5() { 70 %1 = call i32 (i32, ...) @foo(i32 0, [2 x i128] [i128 1, i128 2]) 71 ret i32 %1 72} 73 74; CHECK-LABEL: @bar5 75; CHECK: store [2 x i128] zeroinitializer, [2 x i128]* inttoptr (i64 add (i64 ptrtoint ([100 x i64]* @__msan_va_arg_tls to i64), i64 8) to [2 x i128]*), align 8 76; CHECK: store {{.*}} 40, {{.*}} @__msan_va_arg_overflow_size_tls 77 78; Check 8-aligned byval. 79define i32 @bar6([2 x i64]* %arg) { 80 %1 = call i32 (i32, ...) @foo(i32 0, [2 x i64]* byval([2 x i64]) align 8 %arg) 81 ret i32 %1 82} 83 84; CHECK-LABEL: @bar6 85; CHECK: call void @llvm.memcpy.p0i8.p0i8.i64(i8* align 8 bitcast ([100 x i64]* @__msan_va_arg_tls to i8*), i8* align 8 {{.*}}, i64 16, i1 false) 86; CHECK: store {{.*}} 16, {{.*}} @__msan_va_arg_overflow_size_tls 87 88; Check 16-aligned byval. 89define i32 @bar7([4 x i64]* %arg) { 90 %1 = call i32 (i32, ...) @foo(i32 0, [4 x i64]* byval([4 x i64]) align 16 %arg) 91 ret i32 %1 92} 93 94; CHECK-LABEL: @bar7 95; CHECK: call void @llvm.memcpy.p0i8.p0i8.i64(i8* align 8 inttoptr (i64 add (i64 ptrtoint ([100 x i64]* @__msan_param_tls to i64), i64 8) to i8*), i8* align 8 {{.*}}, i64 32, i1 false) 96; CHECK: store {{.*}} 40, {{.*}} @__msan_va_arg_overflow_size_tls 97 98 99; Test that MSan doesn't generate code overflowing __msan_va_arg_tls when too many arguments are 100; passed to a variadic function. 101define dso_local i64 @many_args() { 102entry: 103 %ret = call i64 (i64, ...) @sum(i64 120, 104 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, 105 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, 106 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, 107 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, 108 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, 109 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, 110 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, 111 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, 112 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, 113 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, 114 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, 115 i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1, i64 1 116 ) 117 ret i64 %ret 118} 119 120; If the size of __msan_va_arg_tls changes the second argument of `add` must also be changed. 121; CHECK-LABEL: @many_args 122; CHECK: i64 add (i64 ptrtoint ([100 x i64]* @__msan_va_arg_tls to i64), i64 792) 123; CHECK-NOT: i64 add (i64 ptrtoint ([100 x i64]* @__msan_va_arg_tls to i64), i64 800) 124declare i64 @sum(i64 %n, ...) 125