[Bug c/121930] New: c/c++ front ends doesn't check __stack_chk_guard conflict

Fri, 12 Sep 2025 15:29:32 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=121930

            Bug ID: 121930
           Summary: c/c++ front ends doesn't check __stack_chk_guard
                    conflict
           Product: gcc
           Version: 15.2.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: hjl.tools at gmail dot com
  Target Milestone: ---

[hjl@gnu-cfl-3 pr121911]$ cat s.c
static int __stack_chk_guard;

int *
smash (char *p, int i)
{
  p[i] = __stack_chk_guard;
  return &__stack_chk_guard;
}
[hjl@gnu-cfl-3 pr121911]$ make CC=gcc s.s
gcc -fPIC -fstack-protector-all -mstack-protector-guard=global -S s.c
[hjl@gnu-cfl-3 pr121911]$ cat s.s
        .file   "s.c"
        .text
        .local  __stack_chk_guard
        .comm   __stack_chk_guard,4,4
        .globl  smash
        .type   smash, @function
smash:
.LFB0:
        .cfi_startproc
        pushq   %rbp
        .cfi_def_cfa_offset 16
        .cfi_offset 6, -16
        movq    %rsp, %rbp
        .cfi_def_cfa_register 6
        subq    $32, %rsp
        movq    %rdi, -24(%rbp)
        movl    %esi, -28(%rbp)
        movq    __stack_chk_guard@GOTPCREL(%rip), %rax
        movq    (%rax), %rsi
        movq    %rsi, -8(%rbp)
        xorl    %esi, %esi
        movl    __stack_chk_guard(%rip), %ecx
        movl    -28(%rbp), %eax
        movslq  %eax, %rdx
        movq    -24(%rbp), %rax
        addq    %rdx, %rax
        movl    %ecx, %edx
        movb    %dl, (%rax)
        leaq    __stack_chk_guard(%rip), %rax
                ^^^^^^^^^^^^ File scope variable.
        movq    %rax, %rdx
        movq    __stack_chk_guard@GOTPCREL(%rip), %rax
                ^^^^^^^^^^^^^^^^ Global variable.
        movq    -8(%rbp), %rdi
        subq    (%rax), %rdi
        je      .L3
        call    __stack_chk_fail@PLT
.L3:
        movq    %rdx, %rax
        leave
        .cfi_def_cfa 7, 8
        ret
        .cfi_endproc
.LFE0:
        .size   smash, .-smash
        .ident  "GCC: (GNU) 15.2.1 20250808 (Red Hat 15.2.1-1)"
        .section        .note.GNU-stack,"",@progbits
[hjl@gnu-cfl-3 pr121911]$

Reply via email to