[llvm-bugs] [Bug 49015] New: Stack is misaligned for an SSE instruction

Wed Feb 3 00:56:32 PST 2021

https://bugs.llvm.org/show_bug.cgi?id=49015

            Bug ID: 49015
           Summary: Stack is misaligned for an SSE instruction
           Product: libraries
           Version: 11.0
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: Backend: X86
          Assignee: unassignedbugs at nondot.org
          Reporter: mfatihbakir at gmail.com
                CC: craig.topper at gmail.com, llvm-bugs at lists.llvm.org,
                    llvm-dev at redking.me.uk, pengfei.wang at intel.com,
                    spatel+llvm at rotateright.com

Hello,

LLVM seems to emit a `movaps  %xmm0, (%rsp)` promptly after it pushes 40 bytes
to a 16 bytes aligned stack, which causes a general protection fault. `movaps`
requires the memory operands to be 16 bytes aligned.

I tried to isolate this as much as possible and put the source code, the LLVM
IR and the emitted code to this gist and explained a bit more in a comment:
https://gist.github.com/FatihBAKIR/8bc6529c5bd801af1be3edcbdcbdabb3

At the time the instruction is executed, RSP is at 0x20fb18, which is
misaligned in the entry to this function.

The code is compiled with the following flags: `-target x86_64-none-elf
-mno-red-zone -fno-stack-protector -fomit-frame-pointer -mno-avx
-ffunction-sections -fdata-sections -ffreestanding -flto -fno-rtti
-fno-exceptions -fno-unwind-tables -fno-threadsafe-statics -Os -nostdlib
-nostdinc -std=gnu++2a`

Apologies if I'm missing something obvious.

How to reproduce:

It's difficult to deliver the exact environment to try the code as is, but I
tried to simplify it as much as possible to this:

```
#include <cstdint>
#include <vector>

class network_device {
    struct buffer;
    std::vector<buffer> m_buffers;

    void queue_rx_buf(buffer&& buf);

    void isr(void* f, int num);
};
struct virtio_net_hdr {
    uint8_t flags;
    uint8_t gso_type;
    uint16_t hdr_len;
    uint16_t gso_size;
    uint16_t csum_start;
    uint16_t csum_offset;
    uint16_t num_buffers;

};

struct network_device::buffer {
    virtio_net_hdr* header;
    void* data;
};

void network_device::isr(void* f, int num) {
    auto isr_status = 1;
    if (isr_status & 1) {
        auto buf = std::move(m_buffers.front());
        *buf.header = {};
        m_buffers.erase(m_buffers.begin());
        queue_rx_buf(std::move(buf));
    }
}
```
(Godbolt: https://godbolt.org/z/GY8o55)

Compiling this with `-mno-red-zone -fno-stack-protector -fomit-frame-pointer
-mno-avx -ffunction-sections -fdata-sections -fno-rtti -fno-exceptions
-fno-unwind-tables -fno-threadsafe-statics -Os -std=gnu++2a` emits code that
starts by pushing 24 bytes to the stack, again breaking the 16 bytes alignment
of %RSP:

```
tos::virtio::network_device::isr(void*, int): #
@tos::virtio::network_device::isr(void*, int)
        push    rbx
        sub     rsp, 16
        mov     rbx, rdi
        mov     rax, qword ptr [rdi]
        movups  xmm0, xmmword ptr [rax]
        movaps  xmmword ptr [rsp], xmm0
```

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20210203/4f42b000/attachment.html>