[llvm-bugs] [Bug 35477] New: wrong ASM for attribute naked with build option O0

via llvm-bugs llvm-bugs at lists.llvm.org
Thu Nov 30 00:26:28 PST 2017 

https://bugs.llvm.org/show_bug.cgi?id=35477

            Bug ID: 35477
           Summary: wrong ASM for attribute naked with build option O0
           Product: new-bugs
           Version: 5.0
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: new bugs
          Assignee: unassignedbugs at nondot.org
          Reporter: yejun.guo at intel.com
                CC: llvm-bugs at lists.llvm.org

I narrowed down this issue on ubuntu 16.04 x64 on Intel CPU.

the issue only happens with build option -O0, there is no issue with -O1/O2.

Here is the source code, please ignore the meaning of code, it is just used to
show the issue.

fun.cpp:
void  __attribute__((naked,noinline)) myfun(int a, int b, int* c, char* d)
{
    __asm__ volatile(                                           \
        "mov %%fs:0, %%rax\n"                                                  
\
        "mov %P[tls](%%rax), %%rax\n"                           \
        "test %%rax, %%rax\n"                                   \
        "je 1f\n"                                               \
        "jmp *%P[api](%%rax)\n"                                 \
        "1:\n"                                                  \
                "retq\n"                                                       
                \
        :                                                       \
        : [tls] "i" (5),                                                       
                \
          [api] "i" (6)                                                        
                        \
        : "cc", "%rdi", "%rsi", "%rdx", "%rcx", "%r8", "%r9",   \
          "%xmm0", "%xmm1", "%xmm2", "%xmm3", "%xmm4", "%xmm5", \
          "%xmm6", "%xmm7"                                      \
    );
}


And build the code with:
/work/llvm_dist/llvm50/bin/clang++ -g -O0 -shared -fPIC -o libfun.so fun.cpp


Then, run:
objdump -d libfun.so


We can see the asm of myfun:
0000000000000620 <_Z5myfuniiPiPc>:
 620:   89 7d fc                mov    %edi,-0x4(%rbp)
 623:   89 75 f8                mov    %esi,-0x8(%rbp)
 626:   48 89 55 f0             mov    %rdx,-0x10(%rbp)
 62a:   48 89 4d e8             mov    %rcx,-0x18(%rbp)
 62e:   64 48 8b 04 25 00 00    mov    %fs:0x0,%rax
 635:   00 00 
 637:   48 8b 40 05             mov    0x5(%rax),%rax
 63b:   48 85 c0                test   %rax,%rax
 63e:   0f 84 03 00 00 00       je     647 <_Z5myfuniiPiPc+0x27>
 644:   ff 60 06                jmpq   *0x6(%rax)
 647:   c3                      retq   


When myfun is called, the %rbp and %rsp are not saved, it is still in the stack
of the caller function, so the first 4 instructions overwrite the data in the
stack. This is not correct.


As with -O2 build option, the first 4 instructions are not generated, and so it
works.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20171130/947ca3de/attachment-0001.html>

More information about the llvm-bugs mailing list