[llvm-bugs] [Bug 31279] New: Crash when using metadata, label or token type for function parameter
via llvm-bugs
llvm-bugs at lists.llvm.org
Mon Dec 5 12:47:41 PST 2016
https://llvm.org/bugs/show_bug.cgi?id=31279
Bug ID: 31279
Summary: Crash when using metadata, label or token type for
function parameter
Product: tools
Version: 3.9
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: lli
Assignee: unassignedbugs at nondot.org
Reporter: mewbaz at gmail.com
CC: llvm-bugs at lists.llvm.org
Classification: Unclassified
Created attachment 17714
--> https://llvm.org/bugs/attachment.cgi?id=17714&action=edit
Crash dump of a.ll and b.ll running lli through GDB.
The following four LLVM IR programs causes lli to crash with a SIGSEGV.
See attached crash dumps with GDB output.
Note, it is possible to control the value of rax based on the length of the
register name in a.ll.
The three remaining crashes in b.ll, c.ll and d.ll are all based on NULL
pointer dereferences.
Contents of a.ll:
```
define i32 @main() {
call i32 @llvm.read_register.i32(metadata !"esi")
ret i32 42
}
declare i32 @llvm.read_register.i32(metadata)
```
Contents of b.ll:
```
define i32 @main() {
ret i32 42
}
define i32 @foo(metadata %x) {
ret i32 32
}
```
Contents of c.ll:
```
define i32 @main() {
ret i32 42
}
define i32 @foo(label %x) {
ret i32 32
}
```
Contents of d.ll:
```
define i32 @main() {
ret i32 42
}
define i32 @foo(token %x) {
ret i32 32
}
```
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20161205/6458872f/attachment.html>
More information about the llvm-bugs
mailing list