This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug c++/45265] GCC has an intermittent bug when computing the address of function parameters
- From: "froydnj at gcc dot gnu dot org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: 12 Aug 2010 17:08:50 -0000
- Subject: [Bug c++/45265] GCC has an intermittent bug when computing the address of function parameters
- References: <bug-45265-19547@http.gcc.gnu.org/bugzilla/>
- Reply-to: gcc-bugzilla at gcc dot gnu dot org
------- Comment #21 from froydnj at gcc dot gnu dot org 2010-08-12 17:08 -------
Even without optimization (as the compilation script uses), the program
crashes. To be concrete about what's going wrong based on what the assembly
code actually looks like (GCC version Ubuntu 4.4.3-4ubuntu5):
bug_example:
pushl %ebp
movl %esp, %ebp
subl $1048, %esp # space for buffer
movl 8(%ebp), %eax # move string elsewhere
movl %eax, -1020(%ebp)
movl %gs:20, %eax # stuff for stack checking
movl %eax, -12(%ebp)
xorl %eax, %eax
movb $0, -1012(%ebp)
leal 12(%ebp), %eax # address of i to stack
movl %eax, 4(%esp)
leal -1020(%ebp), %eax # address of (copied) strp to stack
movl %eax, (%esp)
call bug_example_2
movl -12(%ebp), %eax
xorl %gs:20, %eax
je .L6
call __stack_chk_fail
.L6:
leave
ret
.size bug_example, .-bug_example
You are assuming that in `bug_example' that the parameters passed to
`bug_example_2' must be the addresses of those variables *as they were passed
on the stack*. This is certainly one way of implementing it, but it is not
mandated by the standard (as comment #9 points out).
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45265