5e7c66013b
The Hexagon XRay sled was 5 words (20 bytes) and the patched sequence clobbered r31 (the link register) via callr without saving it first. When the trampoline returned, the instrumented function's own allocframe would then save the wrong return address, causing a crash or misrouted return. Expand the sled to 7 words (28 bytes) and wrap the call with allocframe(#0)/deallocframe so the caller's r31:30 are preserved across the trampoline call. Detailed fixes: - HexagonAsmPrinter: emit 6 nop words after the jump (7 words total) - xray_hexagon.cpp: patch allocframe(#0) as first word, immext+r7 (func ID), immext+r6 (trampoline), callr r6, deallocframe; write the first word last for atomicity - xray_trampoline_hexagon.S: complete rewrite -- properly load and dereference the global handler pointer, save/restore r0-r5 and r31, add stack frame with correct 8-byte alignment, add jumpr r31 to actually return from trampolines - xray_interface.cpp: update Hexagon cSledLength from 20 to 28 - Update lit tests for 6-nop sled
The LLVM Compiler Infrastructure ================================ This directory and its subdirectories contain source code for LLVM, a toolkit for the construction of highly optimized compilers, optimizers, and runtime environments. LLVM is open source software. You may freely distribute it under the terms of the license agreement found in LICENSE.txt. Please see the documentation provided in docs/ for further assistance with LLVM, and in particular docs/GettingStarted.rst for getting started with LLVM and docs/README.txt for an overview of LLVM's documentation setup. If you are writing a package for LLVM, see docs/Packaging.rst for our suggestions.