xref: /llvm-project/llvm/test/Instrumentation/MemorySanitizer/X86/vararg_call.ll (revision fe7f5f9126cea9ceba703d5bd07b766181f2bd72) 
1; RUN: opt < %s -msan-check-access-address=0 -S -passes=msan 2>&1 | FileCheck %s
2; RUN: opt < %s -msan-check-access-address=0 -msan-track-origins=1 -S -passes=msan 2>&1 | FileCheck %s "--check-prefixes=CHECK,CHECK-ORIGIN"
3; RUN: opt < %s -msan-check-access-address=0 -S -passes="msan<track-origins=1>" 2>&1 | FileCheck %s "--check-prefixes=CHECK,CHECK-ORIGIN"
4; RUN: opt < %s -msan-check-access-address=0 -msan-track-origins=2 -S -passes=msan 2>&1 | FileCheck %s "--check-prefixes=CHECK,CHECK-ORIGIN"
5
6; Test that shadow and origin are stored for variadic function params.
7
8target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"
9target triple = "x86_64-unknown-linux-gnu"
10
11%struct.__va_list_tag = type { i32, i32, ptr, ptr }
12
13define dso_local i32 @test(i32 %a, i32 %b, i32 %c) local_unnamed_addr {
14entry:
15  %call = tail call i32 (i32, ...) @sum(i32 3, i32 %a, i32 %b, i32 %c)
16  ret i32 %call
17}
18
19; CHECK: store i32 0, {{.*}} @__msan_param_tls {{.*}} i64 8
20; CHECK: store i32 0, {{.*}} @__msan_param_tls {{.*}} i64 16
21; CHECK: store i32 0, {{.*}} @__msan_param_tls {{.*}} i64 24
22; CHECK: store i32 0, {{.*}} @__msan_va_arg_tls {{.*}} i64 8
23; CHECK-ORIGIN: store i32 0, {{.*}} @__msan_va_arg_origin_tls {{.*}} i64 8
24; CHECK: store i32 0, {{.*}} @__msan_va_arg_tls {{.*}} i64 16
25; CHECK-ORIGIN: store i32 0, {{.*}} @__msan_va_arg_origin_tls {{.*}} i64 16
26; CHECK: store i32 0, {{.*}} @__msan_va_arg_tls {{.*}} i64 24
27; CHECK-ORIGIN: store i32 0, {{.*}} @__msan_va_arg_origin_tls {{.*}} i64 24
28
29define dso_local i32 @sum(i32 %n, ...) local_unnamed_addr #0 {
30entry:
31  %args = alloca [1 x %struct.__va_list_tag], align 16
32  call void @llvm.lifetime.start.p0(i64 24, ptr nonnull %args) #2
33  call void @llvm.va_start(ptr nonnull %args)
34  %cmp9 = icmp sgt i32 %n, 0
35  br i1 %cmp9, label %for.body.lr.ph, label %for.end
36
37; CHECK: call void @llvm.memcpy.{{.*}} [[SHADOW_COPY:%[_0-9a-z]+]], {{.*}} @__msan_va_arg_tls
38; CHECK-ORIGIN: call void @llvm.memcpy{{.*}} [[ORIGIN_COPY:%[_0-9a-z]+]], {{.*}} @__msan_va_arg_origin_tls
39
40; CHECK: call void @llvm.va_start
41; CHECK: call void @llvm.memcpy.{{.*}}, {{.*}} [[SHADOW_COPY]], i{{.*}} [[REGSAVE:[0-9]+]]
42; CHECK-ORIGIN: call void @llvm.memcpy.{{.*}}, {{.*}} [[ORIGIN_COPY]], i{{.*}} [[REGSAVE]]
43
44; CHECK: [[OVERFLOW_SHADOW:%[_0-9a-z]+]] = getelementptr i8, ptr [[SHADOW_COPY]], i{{.*}} [[REGSAVE]]
45; CHECK: call void @llvm.memcpy.{{.*}}[[OVERFLOW_SHADOW]]
46; CHECK-ORIGIN: [[OVERFLOW_ORIGIN:%[_0-9a-z]+]] = getelementptr i8, ptr [[ORIGIN_COPY]], i{{.*}} [[REGSAVE]]
47; CHECK-ORIGIN: call void @llvm.memcpy.{{.*}}[[OVERFLOW_ORIGIN]]
48
49for.body.lr.ph:                                   ; preds = %entry
50  %0 = getelementptr inbounds [1 x %struct.__va_list_tag], ptr %args, i64 0, i64 0, i32 3
51  %overflow_arg_area_p = getelementptr inbounds [1 x %struct.__va_list_tag], ptr %args, i64 0, i64 0, i32 2
52  %gp_offset.pre = load i32, ptr %args, align 16
53  br label %for.body
54
55for.body:                                         ; preds = %vaarg.end, %for.body.lr.ph
56  %gp_offset = phi i32 [ %gp_offset.pre, %for.body.lr.ph ], [ %gp_offset12, %vaarg.end ]
57  %sum.011 = phi i32 [ 0, %for.body.lr.ph ], [ %add, %vaarg.end ]
58  %i.010 = phi i32 [ 0, %for.body.lr.ph ], [ %inc, %vaarg.end ]
59  %fits_in_gp = icmp ult i32 %gp_offset, 41
60  br i1 %fits_in_gp, label %vaarg.in_reg, label %vaarg.in_mem
61
62vaarg.in_reg:                                     ; preds = %for.body
63  %reg_save_area = load ptr, ptr %0, align 16
64  %1 = sext i32 %gp_offset to i64
65  %2 = getelementptr i8, ptr %reg_save_area, i64 %1
66  %3 = add i32 %gp_offset, 8
67  store i32 %3, ptr %args, align 16
68  br label %vaarg.end
69
70vaarg.in_mem:                                     ; preds = %for.body
71  %overflow_arg_area = load ptr, ptr %overflow_arg_area_p, align 8
72  %overflow_arg_area.next = getelementptr i8, ptr %overflow_arg_area, i64 8
73  store ptr %overflow_arg_area.next, ptr %overflow_arg_area_p, align 8
74  br label %vaarg.end
75
76vaarg.end:                                        ; preds = %vaarg.in_mem, %vaarg.in_reg
77  %gp_offset12 = phi i32 [ %3, %vaarg.in_reg ], [ %gp_offset, %vaarg.in_mem ]
78  %vaarg.addr.in = phi ptr [ %2, %vaarg.in_reg ], [ %overflow_arg_area, %vaarg.in_mem ]
79  %4 = load i32, ptr %vaarg.addr.in, align 4
80  %add = add nsw i32 %4, %sum.011
81  %inc = add nuw nsw i32 %i.010, 1
82  %exitcond = icmp eq i32 %inc, %n
83  br i1 %exitcond, label %for.end, label %for.body
84
85for.end:                                          ; preds = %vaarg.end, %entry
86  %sum.0.lcssa = phi i32 [ 0, %entry ], [ %add, %vaarg.end ]
87  call void @llvm.va_end(ptr nonnull %args)
88  call void @llvm.lifetime.end.p0(i64 24, ptr nonnull %args) #2
89  ret i32 %sum.0.lcssa
90}
91
92
93; Function Attrs: argmemonly nounwind
94declare void @llvm.lifetime.start.p0(i64, ptr nocapture) #1
95
96; Function Attrs: nounwind
97declare void @llvm.va_start(ptr) #2
98
99; Function Attrs: nounwind
100declare void @llvm.va_end(ptr) #2
101
102; Function Attrs: argmemonly nounwind
103declare void @llvm.lifetime.end.p0(i64, ptr nocapture) #1
104
105declare dso_local i80 @sum_i80(i32, ...) local_unnamed_addr
106
107; Unaligned types like i80 should also work.
108define dso_local i80 @test_i80(i80 %a, i80 %b, i80 %c) local_unnamed_addr {
109entry:
110  %call = tail call i80 (i32, ...) @sum_i80(i32 3, i80 %a, i80 %b, i80 %c)
111  ret i80 %call
112}
113
114