From a026ae1b03feae10179816acb3c7d36e83547d4c Mon Sep 17 00:00:00 2001 From: Willem Date: Thu, 9 Oct 2014 22:20:19 -0700 Subject: Add (currently failing) test to check for correct long double alignment in varargs on x86_64. --- test/Feature/VarArgLongDouble.c | 43 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 test/Feature/VarArgLongDouble.c (limited to 'test/Feature') diff --git a/test/Feature/VarArgLongDouble.c b/test/Feature/VarArgLongDouble.c new file mode 100644 index 00000000..189d1dcc --- /dev/null +++ b/test/Feature/VarArgLongDouble.c @@ -0,0 +1,43 @@ +// RUN: %llvmgcc %s -emit-llvm -O0 -c -o %t.bc +// RUN: rm -rf %t.klee-out +// RUN: %klee --output-dir=%t.klee-out %t.bc | FileCheck %s +// XFAIL: + +#include +#include +#include + +void ld_after_zero(int first,...) +{ + va_list ap; + long double dub; + + va_start(ap, first); + + while (va_arg(ap, int) != 0) + ; + + dub = va_arg(ap, long double); + + printf("%Lf\n", dub); + +} + +int main() { + long double dub = 1.123456; + int zero = 0; + int one = 1; + + // AMD64-ABI 3.5.7p5: Step 7. Align l->overflow_arg_area upwards to a 16 + // byte boundary if alignment needed by type exceeds 8 byte boundary. + // + // the long double dub requires 16 byte alignment. + // we try passing one,zero and one, one, zero + // at least on those will align dub such that it needs the extra alignment + ld_after_zero(one, zero, dub); + // CHECK: 1.123456 + ld_after_zero(one, one, zero, dub); + // CHECK-NEXT: 1.123456 + + return 0; +} -- cgit 1.4.1 From 4af13aa1ae965a3fff9f005a78674efdc49ce3f7 Mon Sep 17 00:00:00 2001 From: Willem Date: Thu, 9 Oct 2014 23:17:16 -0700 Subject: Fixed passing of long double (and other big types) in var_args on x86_64. Removed XFAIL tag from the Feature/VarArgLongDouble.c test Fixed Executor to (more) correctly handle the alignment of types larger than 64bit (such as long double) when those are passed in var_args on x86_64. Specifically: From http://www.x86-64.org/documentation/abi.pdf AMD64-ABI 3.5.7p5: Step 7. Align l->overflow_arg_area upwards to a 16 byte boundary if alignment needed by type exceeds 8 byte boundary. --- lib/Core/Executor.cpp | 29 +++++++++++++++++++++++------ test/Feature/VarArgLongDouble.c | 1 - 2 files changed, 23 insertions(+), 7 deletions(-) (limited to 'test/Feature') diff --git a/lib/Core/Executor.cpp b/lib/Core/Executor.cpp index 314e5b82..f6f73845 100644 --- a/lib/Core/Executor.cpp +++ b/lib/Core/Executor.cpp @@ -1260,6 +1260,8 @@ void Executor::executeCall(ExecutionState &state, return; } } else { + Expr::Width WordSize = Context::get().getPointerWidth(); + if (callingArgs < funcArgs) { terminateStateOnError(state, "calling function with too few arguments", "user.err"); @@ -1271,12 +1273,18 @@ void Executor::executeCall(ExecutionState &state, for (unsigned i = funcArgs; i < callingArgs; i++) { // FIXME: This is really specific to the architecture, not the pointer // size. This happens to work fir x86-32 and x86-64, however. - Expr::Width WordSize = Context::get().getPointerWidth(); if (WordSize == Expr::Int32) { size += Expr::getMinBytesForWidth(arguments[i]->getWidth()); } else { - size += llvm::RoundUpToAlignment(arguments[i]->getWidth(), - WordSize) / 8; + Expr::Width argWidth = arguments[i]->getWidth(); + // AMD64-ABI 3.5.7p5: Step 7. Align l->overflow_arg_area upwards to a 16 + // byte boundary if alignment needed by type exceeds 8 byte boundary. + // + // Alignment requirements for scalar types is the same as their size + if (argWidth > Expr::Int64) { + size = llvm::RoundUpToAlignment(size, 16); + } + size += llvm::RoundUpToAlignment(argWidth, WordSize) / 8; } } @@ -1286,20 +1294,29 @@ void Executor::executeCall(ExecutionState &state, terminateStateOnExecError(state, "out of memory (varargs)"); return; } + + if ((WordSize == Expr::Int64) && (mo->address & 15)) { + // Both 64bit Linux/Glibc and 64bit MacOSX should align to 16 bytes. + klee_warning_once(0, "While allocating varargs: malloc did not align to 16 bytes."); + } + ObjectState *os = bindObjectInState(state, mo, true); unsigned offset = 0; for (unsigned i = funcArgs; i < callingArgs; i++) { // FIXME: This is really specific to the architecture, not the pointer // size. This happens to work fir x86-32 and x86-64, however. - Expr::Width WordSize = Context::get().getPointerWidth(); if (WordSize == Expr::Int32) { os->write(offset, arguments[i]); offset += Expr::getMinBytesForWidth(arguments[i]->getWidth()); } else { assert(WordSize == Expr::Int64 && "Unknown word size!"); + + Expr::Width argWidth = arguments[i]->getWidth(); + if (argWidth > Expr::Int64) { + offset = llvm::RoundUpToAlignment(offset, 16); + } os->write(offset, arguments[i]); - offset += llvm::RoundUpToAlignment(arguments[i]->getWidth(), - WordSize) / 8; + offset += llvm::RoundUpToAlignment(argWidth, WordSize) / 8; } } } diff --git a/test/Feature/VarArgLongDouble.c b/test/Feature/VarArgLongDouble.c index 189d1dcc..ae553131 100644 --- a/test/Feature/VarArgLongDouble.c +++ b/test/Feature/VarArgLongDouble.c @@ -1,7 +1,6 @@ // RUN: %llvmgcc %s -emit-llvm -O0 -c -o %t.bc // RUN: rm -rf %t.klee-out // RUN: %klee --output-dir=%t.klee-out %t.bc | FileCheck %s -// XFAIL: #include #include -- cgit 1.4.1