[LLVMbugs] [Bug 5461] New: alloca generated code overwrites return address on the stack
bugzilla-daemon at cs.uiuc.edu
bugzilla-daemon at cs.uiuc.edu
Tue Nov 10 17:11:21 PST 2009
http://llvm.org/bugs/show_bug.cgi?id=5461
Summary: alloca generated code overwrites return address on the
stack
Product: libraries
Version: trunk
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Backend: X86
AssignedTo: unassignedbugs at nondot.org
ReportedBy: vargaz at gmail.com
CC: llvmbugs at cs.uiuc.edu
Testcase:
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
define private i32 @foo () {
BB0:
ret i32 0
}
define i32 @"main"() {
%1 = alloca [5 x i8], align 16 ; <[5 x i8]*> [#uses=1]
%.sub = getelementptr inbounds [5 x i8]* %1, i64 0, i64 0 ; <i8*> [#uses=1]
call void @llvm.memset.i32(i8* %.sub, i8 0, i32 16, i32 16)
%2 = call i32 @foo() ; <i32> [#uses=1]
ret i32 %2
}
declare void @llvm.memset.i32(i8 *, i8,
i32, i32)
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Platform: debian unstable on amd64.
Compile with:
llvm-as bug.ll && llc bug.bc && gcc bug.s
Generated code:
00000000004004b0 <main>:
4004b0: 48 83 ec 08 sub $0x8,%rsp
4004b4: 0f 57 c0 xorps %xmm0,%xmm0
4004b7: 0f 29 04 24 movaps %xmm0,(%rsp)
4004bb: e8 e0 ff ff ff callq 4004a0 <frame_dummy+0x30>
4004c0: 48 83 c4 08 add $0x8,%rsp
4004c4: c3 retq
The movaps instruction will overwrite the return address on the stack, causing
a crash.
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the llvm-bugs
mailing list