This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug target/84521] [8 Regression] aarch64: Frame-pointer corruption with setjmp/longjmp and -fomit-frame-pointer
- From: "dmalcolm at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Thu, 22 Feb 2018 18:50:22 +0000
- Subject: [Bug target/84521] [8 Regression] aarch64: Frame-pointer corruption with setjmp/longjmp and -fomit-frame-pointer
- Auto-submitted: auto-generated
- References: <bug-84521-4@http.gcc.gnu.org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84521
--- Comment #1 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
Created attachment 43489
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=43489&action=edit
Reproducer
When compiled with:
gcc -DDUMP -g -O0 -fstack-protector-strong -Wall test.c
this runs to completion, and the x29 values show the function calls/returns:
x29 = 0x7ff2977910 : main : start of main
x29 = 0x7ff29778d0 : test_2 : start of test_2
x29 = 0x7ff29776a0 : test_1 : start of test_1
x29 = 0x7ff29776a0 : test_1 : zero return
x29 = 0x7ff2977690 : uses_longjmp : in uses_longjmp
x29 = 0x7ff2977740 : test_1 : non-zero return
x29 = 0x7ff2977690 : after_longjmp : after raise
x29 = 0x7ff2977740 : test_1 : end of test_1
x29 = 0x7ff29778d0 : test_2 : end of test_2
x29 = 0x7ff2977910 : main : end of main
On adding -fomit-frame-pointer, it crashes, and the x29 values show a
corruption after "uses_longjmp" which becomes a crash when the x29 value is
later used:
x29 = 0x7fff4709c0 : main : start of main
x29 = 0x7fff470960 : test_2 : start of test_2
x29 = 0x7fff470960 : test_1 : start of test_1
x29 = 0x7fff470960 : test_1 : zero return
x29 = 0x7fff470720 : uses_longjmp : in uses_longjmp
x29 = 0x7fff4707d0 : test_1 : non-zero return
x29 = 0x7fff4707d0 : after_longjmp : after raise
x29 = 0x7fff4707d0 : test_1 : end of test_1
x29 = 0x7fff4707d0 : test_2 : end of test_2
*** stack smashing detected ***: ./test-O0-omit-fp terminated