[LLVMdev] Bug in X86CompilationCallback_SSE

Corrado Zoccolo czoccolo at gmail.com
Tue Mar 10 16:11:24 PDT 2009 

Hello.
I found that the X86CompilationCallback_SSE wrapper for
X86CompilationCallback2 is not setting up properly for the PIC
invocation.
Before you can correctly invoke a function via the Procedure Linkage
Table (plt), the ABI mandates that ebx is pointing to the GOT (Global
Offset Table) (see http://www.greyhat.ch/lab/downloads/pic.html)

Dump of assembler code for function X86CompilationCallback_SSE:
0xb74544f8 <X86CompilationCallback_SSE+0>:      push   %ebp
0xb74544f9 <X86CompilationCallback_SSE+1>:      mov    %esp,%ebp
0xb74544fb <X86CompilationCallback_SSE+3>:      push   %eax
0xb74544fc <X86CompilationCallback_SSE+4>:      push   %edx
0xb74544fd <X86CompilationCallback_SSE+5>:      push   %ecx
0xb74544fe <X86CompilationCallback_SSE+6>:      and    $0xfffffff0,%esp
0xb7454501 <X86CompilationCallback_SSE+9>:      sub    $0x40,%esp
0xb7454504 <X86CompilationCallback_SSE+12>:     movaps %xmm0,(%esp)
0xb7454508 <X86CompilationCallback_SSE+16>:     movaps %xmm1,0x10(%esp)
0xb745450d <X86CompilationCallback_SSE+21>:     movaps %xmm2,0x20(%esp)
0xb7454512 <X86CompilationCallback_SSE+26>:     movaps %xmm3,0x30(%esp)
0xb7454517 <X86CompilationCallback_SSE+31>:     sub    $0x10,%esp
0xb745451a <X86CompilationCallback_SSE+34>:     mov    0x4(%ebp),%eax
0xb745451d <X86CompilationCallback_SSE+37>:     mov    %eax,0x4(%esp)
0xb7454521 <X86CompilationCallback_SSE+41>:     mov    %ebp,(%esp)
0xb7454524 <X86CompilationCallback_SSE+44>:     call   0xb729e348
<X86CompilationCallback2 at plt>
0xb7454529 <X86CompilationCallback_SSE+49>:     add    $0x10,%esp
0xb745452c <X86CompilationCallback_SSE+52>:     movaps 0x30(%esp),%xmm3
0xb7454531 <X86CompilationCallback_SSE+57>:     movaps 0x20(%esp),%xmm2
0xb7454536 <X86CompilationCallback_SSE+62>:     movaps 0x10(%esp),%xmm1
0xb745453b <X86CompilationCallback_SSE+67>:     movaps (%esp),%xmm0
0xb745453f <X86CompilationCallback_SSE+71>:     mov    %ebp,%esp
0xb7454541 <X86CompilationCallback_SSE+73>:     sub    $0xc,%esp
0xb7454544 <X86CompilationCallback_SSE+76>:     pop    %ecx
0xb7454545 <X86CompilationCallback_SSE+77>:     pop    %edx
0xb7454546 <X86CompilationCallback_SSE+78>:     pop    %eax
0xb7454547 <X86CompilationCallback_SSE+79>:     pop    %ebp
0xb7454548 <X86CompilationCallback_SSE+80>:     ret

This bug is uncovered only when the pointer to the compilation
callback is handed to a function residing in a different .so library,
and called from there (e.g. if called from python's ctypes ffi).

Corrado

-- 
__________________________________________________________________________

dott. Corrado Zoccolo                          mailto:czoccolo at gmail.com
PhD - Department of Computer Science - University of Pisa, Italy
--------------------------------------------------------------------------

More information about the llvm-dev mailing list