Provided a somewhat specific set of local variables, and as long as the code of
the function doesn't make any other function calls, gcc will decrease %rsp but
an incorrect and too small value. This leads to local variables being
corrupted when the execution is interrupted; this happens notably in the
kernel where interrupts use the stack of the thread they interrupted.
The file that I will hopefully be able to attach to that report demonstrates
the issue, if you look at the assembler output. With the function call
commented out, gcc sets up the stack that way:
movq %rsp, %rbp
subq $152, %rsp
and later access one of the local variables with:
movl $0, -272(%rbp,%rax,4)
When the function call is uncommented, the subq instruction here will correctly
substract 272 to %rsp.
I've compiled a 4.4.2 for the sole purpose of doing this bug report; NetBSD
comes with 4.1.3 and that's where the bug was initially spotted.
--
Summary: Incorrect stack setup on x86_64
Product: gcc
Version: 4.4.2
Status: UNCONFIRMED
Severity: major
Priority: P3
Component: c
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: cube at cubidou dot net
GCC build triplet: x86_64-unknown-netbsd4.99.60
GCC host triplet: x86_64-unknown-netbsd4.99.60
GCC target triplet: x86_64-unknown-netbsd4.99.60
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41990
