You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
.text .intel_syntax noprefix .file "test.c" .globl bar # -- Begin function bar .p2align 4,0x90 .type bar,@functionbar: # @bar# %bb.0:pushedxpushecxpusheaxcall .L0$pb.L0$pb:popeax.Ltmp0:addeax, offset _GLOBAL_OFFSET_TABLE_+(.Ltmp0-.L0$pb) # load the function pointer intoeaxmoveax, dword ptr [eax+ foo@GOT] # then immediately popeax from the stack?????popeaxpopecxpopedx # then jump to eax which is not a function pointer??????jmpeax # TAILCALL.Lfunc_end0: .size bar, .Lfunc_end0-bar # -- End function .ident "clang version 13.0.0" .section".note.GNU-stack","",@progbits
Reproduced on Clang 13.0.0.
The text was updated successfully, but these errors were encountered:
Don't ask me how I stumbled on this one.
The bug
LLVM will load the GOT address of
bar
intoeax
, thenpop eax
, then jump to the address ineax
register.Since
eax
is popped from the stack, it jumps to a garbage address.What is expected to happen
Either LLVM must
eax
ret
(does that mess with CET?)musttail
to be used with this attribute.example code
clang --target=i386-linux-gnu -fPIC -march=i386 -O2 -S file.c -masm=intel
Reproduced on Clang 13.0.0.
The text was updated successfully, but these errors were encountered: