[llvm-bugs] [Bug 29171] New: Stack frame size can overflow signed 32-bit values on 64-bit targets.
via llvm-bugs
llvm-bugs at lists.llvm.org
Sun Aug 28 16:41:21 PDT 2016
https://llvm.org/bugs/show_bug.cgi?id=29171
Bug ID: 29171
Summary: Stack frame size can overflow signed 32-bit values on
64-bit targets.
Product: new-bugs
Version: 3.9
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: new bugs
Assignee: unassignedbugs at nondot.org
Reporter: edy.burt at gmail.com
CC: llvm-bugs at lists.llvm.org
Classification: Unclassified
The following two functions generate differently signed stack offsets:
void good() {
int buf[(1 << 29) - 1];
buf[0] = 0;
}
void bad() {
int buf[(1 << 29) + 1];
buf[0] = 0;
}
good(): # @good()
push rbp
mov rbp, rsp
sub rsp, 2147483520
mov dword ptr [rbp - 2147483648], 0
add rsp, 2147483520
pop rbp
ret
bad(): # @bad()
push rbp
mov rbp, rsp
sub rsp, 2147483536
mov dword ptr [rbp + 2147483632], 0
add rsp, 2147483536
pop rbp
ret
As you can see, the mov ends up with a positive 64-bit offset from a negative
32-bit offset, instead of having it be sign-extended.
Also happens with stack pointer subtractions, on at least x64 and AArch64.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20160828/de9df252/attachment.html>
More information about the llvm-bugs
mailing list