[Bug 286593] devel/llvm15: wrong stack guard check on armv7
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 05 May 2025 08:02:29 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=286593
Bug ID: 286593
Summary: devel/llvm15: wrong stack guard check on armv7
Product: Ports & Packages
Version: Latest
Hardware: arm
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: brooks@FreeBSD.org
Reporter: fuz@FreeBSD.org
CC: Andrew@FreeBSD.org
Assignee: brooks@FreeBSD.org
Flags: maintainer-feedback?(brooks@FreeBSD.org)
Debugging a crash caused during the compilation of emulators/uae on armv7
FreeBSD 14.2, it appears that devel/llvm15 generates wrong code for stack
checks. The cc we ship with base generates this sort of code in main:
00000000 <main>:
0: e92d4ff0 push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
4: e28db01c add r11, sp, #28
8: e24dd004 sub sp, sp, #4
c: ed2d8b04 vpush {d8, d9}
10: e24dde19 sub sp, sp, #400
14: e3000000 movw r0, #0x0
00000014: R_ARM_MOVW_ABS_NC __stack_chk_guard
18: e3400000 movt r0, #0x0
00000018: R_ARM_MOVT_ABS __stack_chk_guard
1c: e5900000 ldr r0, [r0]
20: e50b0038 str r0, [r11, #-0x38]
i.e. the stack check guard token is loaded from __stack_chk_guard and then
saved on the stack. When compiling the same file with devel/llvm15, I get this
however:
00000000 <main>:
0: e92d4ff0 push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
4: e28db01c add r11, sp, #28
8: e24dd004 sub sp, sp, #4
c: ed2d8b04 vpush {d8, d9}
10: e24ddf72 sub sp, sp, #456
14: e3000000 movw r0, #0x0
00000014: R_ARM_MOVW_ABS_NC __stack_chk_guard
18: e3400000 movt r0, #0x0
00000018: R_ARM_MOVT_ABS __stack_chk_guard
1c: e5900000 ldr r0, [r0]
20: e5900000 ldr r0, [r0]
24: e50b0038 str r0, [r11, #-0x38]
This code differs in that there is an extra dereference of __stack_chk_guard.
As __stack_chk_guard holds a random number, this dereference is unlikely to go
right, crashing the program.
Please investigate.
--
You are receiving this mail because:
You are the assignee for the bug.