[LLVMbugs] [Bug 21081] New: Windows implementation of segmented stacks uses invalid TCB slot
bugzilla-daemon at llvm.org
bugzilla-daemon at llvm.org
Fri Sep 26 09:21:37 PDT 2014
http://llvm.org/bugs/show_bug.cgi?id=21081
Bug ID: 21081
Summary: Windows implementation of segmented stacks uses
invalid TCB slot
Product: libraries
Version: trunk
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: Backend: X86
Assignee: unassignedbugs at nondot.org
Reporter: andersrb at gmail.com
CC: llvmbugs at cs.uiuc.edu
Classification: Unclassified
The implementation of segmented stacks for i686 and x86_64 Windows uses the
'pvArbitrary' (aka 'ArbitraryUserPointer') field of the TCB to store the stack
limit (`$fs:0x14` on win32 or `$gs:0x28` on win64).
As indicated by Raymond Chen[1] this slot is, contrary to some information, not
free for use by applications, and will cause various mysterious bugs.
This has been a major source of pain in Rust[2][3][4], which at this point only
uses segmented stacks for stack overflow protection, and is presently switching
to stack probes instead.
I'm not aware of other candidate TCB slots to use for this purpose, so
segmented stacks on Windows may not be viable with the current technique.
[1]: http://stackoverflow.com/questions/9261455/tib-custom-storage
[2]: https://github.com/rust-lang/rust/issues/13259
[3]: https://github.com/rust-lang/rust/issues/13073
[4]: https://github.com/rust-lang/rust/issues/10315
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20140926/2d7fbcb2/attachment.html>
More information about the llvm-bugs
mailing list