c/1624: incorrect stack adjustment with -fomit-frame-pointer on x86

drepper@redhat.com drepper@redhat.com
Thu Jan 11 17:26:00 GMT 2001 

>Number:         1624
>Category:       c
>Synopsis:       incorrect stack adjustment with -fomit-frame-pointer on x86
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    unassigned
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jan 11 17:26:00 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Ulrich Drepper
>Release:        unknown-1.0
>Organization:
>Environment:
Linux x86
>Description:
The appended code crashes if it is compiled with

   -O3 -fomit-frame-pointer

It works fine without -fomit-frame-pointer.

The problem is that the return address is taken from the wrong stack slot.  There is one more value left on the stack (the content of %ebx) which means the main() returns to somewhere in the data area (where %ebx points to).
>How-To-Repeat:
gcc -O3 -fomit-frame-pointer -o t tst-setjmp.i
./t
>Fix:

>Release-Note:
>Audit-Trail:
>Unformatted:
----gnatsweb-attachment----
Content-Type: application/octet-stream; name="tst-setjmp.i"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="tst-setjmp.i"

dHlwZWRlZiBzdHJ1Y3QKICB7CiAgICB1bnNpZ25lZCBsb25nIGludCBfX3ZhbFsoMTAyNCAvICg4
ICogc2l6ZW9mICh1bnNpZ25lZCBsb25nIGludCkpKV07CiAgfSBfX3NpZ3NldF90Owp0eXBlZGVm
IGludCBfX2ptcF9idWZbNl07CnR5cGVkZWYgc3RydWN0IF9fam1wX2J1Zl90YWcKICB7CiAgICBf
X2ptcF9idWYgX19qbXBidWY7CiAgICBpbnQgX19tYXNrX3dhc19zYXZlZDsKICAgIF9fc2lnc2V0
X3QgX19zYXZlZF9tYXNrOwogIH0gam1wX2J1ZlsxXTsKZXh0ZXJuIGludCBfX3NpZ3NldGptcCAo
am1wX2J1ZiBfX2VudiwgaW50IF9fc2F2ZW1hc2spOwpleHRlcm4gdm9pZCBsb25nam1wIChqbXBf
YnVmIF9fZW52LCBpbnQgX192YWwpCiAgICAgICAgICAgICBfX2F0dHJpYnV0ZV9fICgoX19ub3Jl
dHVybl9fKSk7CnR5cGVkZWYgc3RydWN0IF9JT19GSUxFIEZJTEU7CmV4dGVybiBGSUxFICpzdGRv
dXQ7CmV4dGVybiBpbnQgZnB1dHMgKF9fY29uc3QgY2hhciAqX19yZXN0cmljdCBfX3MsIEZJTEUg
Kl9fcmVzdHJpY3QgX19zdHJlYW0pCiAgICAgICAgICAgIDsKZXh0ZXJuIGludCBwdXRzIChfX2Nv
bnN0IGNoYXIgKl9fcyk7CmV4dGVybiBpbnQgZnByaW50ZiAoRklMRSAqX19yZXN0cmljdCBfX3N0
cmVhbSwKICAgICAgICAgICAgICAgICAgICBfX2NvbnN0IGNoYXIgKl9fcmVzdHJpY3QgX19mb3Jt
YXQsIC4uLik7CgpzdGF0aWMgam1wX2J1ZiBlbnY7CnN0YXRpYyBpbnQgbGFzdF92YWx1ZSA9IC0x
LCBsb3NlID0gMDsKc3RhdGljIHZvaWQKanVtcCAoaW50IHZhbCkKewogIGxvbmdqbXAgKGVudiwg
dmFsKTsKfQppbnQKbWFpbiAodm9pZCkKewogIGludCB2YWx1ZTsKICB2YWx1ZSA9IF9fc2lnc2V0
am1wICgoZW52KSwgMCk7CiAgaWYgKHZhbHVlICE9IGxhc3RfdmFsdWUgKyAxKQogICAgewogICAg
ICBmcHV0cygiU2hvdWxkbid0IGhhdmUgIiwgc3Rkb3V0KTsKICAgICAgbG9zZSA9IDE7CiAgICB9
CiAgbGFzdF92YWx1ZSA9IHZhbHVlOwogIHN3aXRjaCAodmFsdWUpCiAgICB7CiAgICBjYXNlIDA6
CiAgICAgIHB1dHMoIlNhdmVkIGVudmlyb25tZW50LiIpOwogICAgICBqdW1wICgwKTsKICAgIGRl
ZmF1bHQ6CiAgICAgIGZwcmludGYgKHN0ZG91dCwgIkp1bXBlZCB0byAlZC5cbiIsIHZhbHVlKTsK
ICAgICAgaWYgKHZhbHVlIDwgMTApCiAgICAgICAganVtcCAodmFsdWUgKyAxKTsKICAgIH0KICBp
ZiAoIWxvc2UgJiYgdmFsdWUgPT0gMTApCiAgICB7CiAgICAgIGV4dGVybiBpbnQgc2V0am1wIChq
bXBfYnVmKTsKICAgICAgbGFzdF92YWx1ZSA9IC0xOwogICAgICBsb3NlID0gMDsKICAgICAgdmFs
dWUgPSBzZXRqbXAgKGVudik7CiAgICAgIGlmICh2YWx1ZSAhPSBsYXN0X3ZhbHVlICsgMSkKICAg
ICAgICB7CiAgICAgICAgICBmcHV0cygiU2hvdWxkbid0IGhhdmUgIiwgc3Rkb3V0KTsKICAgICAg
ICAgIGxvc2UgPSAxOwogICAgICAgIH0KICAgICAgbGFzdF92YWx1ZSA9IHZhbHVlOwogICAgICBz
d2l0Y2ggKHZhbHVlKQogICAgICAgIHsKICAgICAgICBjYXNlIDA6CiAgICAgICAgICBwdXRzKCJT
YXZlZCBlbnZpcm9ubWVudC4iKTsKICAgICAgICAgIGp1bXAgKDApOwogICAgICAgIGRlZmF1bHQ6
CiAgICAgICAgICBmcHJpbnRmIChzdGRvdXQsICJKdW1wZWQgdG8gJWQuXG4iLCB2YWx1ZSk7CiAg
ICAgICAgICBpZiAodmFsdWUgPCAxMCkKICAgICAgICAgICAganVtcCAodmFsdWUgKyAxKTsKICAg
ICAgICB9CiAgICB9CiAgaWYgKCFsb3NlICYmIHZhbHVlID09IDEwKQogICAgewogICAgICBsYXN0
X3ZhbHVlID0gLTE7CiAgICAgIGxvc2UgPSAwOwogICAgICB2YWx1ZSA9IF9fc2lnc2V0am1wICgo
ZW52KSwgMCk7CiAgICAgIGlmICh2YWx1ZSAhPSBsYXN0X3ZhbHVlICsgMSkKICAgICAgICB7CiAg
ICAgICAgICBmcHV0cygiU2hvdWxkbid0IGhhdmUgIiwgc3Rkb3V0KTsKICAgICAgICAgIGxvc2Ug
PSAxOwogICAgICAgIH0KICAgICAgbGFzdF92YWx1ZSA9IHZhbHVlOwogICAgICBzd2l0Y2ggKHZh
bHVlKQogICAgICAgIHsKICAgICAgICBjYXNlIDA6CiAgICAgICAgICBwdXRzKCJTYXZlZCBlbnZp
cm9ubWVudC4iKTsKICAgICAgICAgIGp1bXAgKDApOwogICAgICAgIGRlZmF1bHQ6CiAgICAgICAg
ICBmcHJpbnRmIChzdGRvdXQsICJKdW1wZWQgdG8gJWQuXG4iLCB2YWx1ZSk7CiAgICAgICAgICBp
ZiAodmFsdWUgPCAxMCkKICAgICAgICAgICAganVtcCAodmFsdWUgKyAxKTsKICAgICAgICB9CiAg
ICB9CiAgaWYgKGxvc2UgfHwgdmFsdWUgIT0gMTApCiAgICBwdXRzICgiVGVzdCBGQUlMRUQhIik7
CiAgZWxzZQogICAgcHV0cyAoIlRlc3Qgc3VjY2VlZGVkISIpOwogIHJldHVybiBsb3NlID8gMSA6
IDA7Cn0K

More information about the Gcc-bugs mailing list