------- Comment #22 from rogerio at rilhas dot com 2010-08-12 17:24 ------- (In reply to comment #21) > Even without optimization (as the compilation script uses), the program > crashes.
Right, that was the point of introducing the 1000-character buffer. With it it crashes always. > To be concrete about what's going wrong based on what the assembly > code actually looks like (GCC version Ubuntu 4.4.3-4ubuntu5): > bug_example: > pushl %ebp > movl %esp, %ebp > subl $1048, %esp # space for buffer > movl 8(%ebp), %eax # move string elsewhere > movl %eax, -1020(%ebp) > movl %gs:20, %eax # stuff for stack checking > movl %eax, -12(%ebp) > xorl %eax, %eax > movb $0, -1012(%ebp) > leal 12(%ebp), %eax # address of i to stack > movl %eax, 4(%esp) > leal -1020(%ebp), %eax # address of (copied) strp to stack > movl %eax, (%esp) > call bug_example_2 > movl -12(%ebp), %eax > xorl %gs:20, %eax > je .L6 > call __stack_chk_fail > .L6: > leave > ret > .size bug_example, .-bug_example > You are assuming that in `bug_example' that the parameters passed to > `bug_example_2' must be the addresses of those variables *as they were passed > on the stack*. This is certainly one way of implementing it, but it is not > mandated by the standard (as comment #9 points out). You are absolutelly right, I fully agree that a non-cdecl conformant GCC would not need to pass parameters on the stack. It only has to pass parameters on the stack (in a very well-defined way) if it claims to be cdecl-compliant. But even with the cdecl specifier in the source the generated assembly code is wrong. Hence a bug. Hadn't you realized yet that that is my point from the start???? -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45265
