https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
--- Comment #17 from Vladimir Sadovnikov ---
Reproducible with 11.4.0
~$ export ASAN_OPTIONS=detect_stack_use_after_return=1
~$ g++ -fsanitize=address -Og test-case.cpp
~$ ./a.out
Aborted (core dumped)
~$ gcc --version
gcc (Ubuntu 11.4.0-1ubun
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
--- Comment #15 from Vladimir Sadovnikov ---
Hmmm. But why not? We're just looking for the value stored in %rbx register...
Here's scenario for GCC 7.5.0:
~/tmp> gcc --version
gcc (SUSE Linux) 7.5.0
Copyright (C) 2017 Free Software Foundation,
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
--- Comment #14 from Vladimir Sadovnikov ---
Seems that with GCC 7.6 it also will be reproducible because we have the same
code there:
```
40089c: bf 80 03 00 00 mov$0x380,%edi
4008a1: e8 6a fd ff ff call
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
--- Comment #13 from Vladimir Sadovnikov ---
Here is the full scenario:
~$ g++ --version
g++ (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.0
Copyright (C) 2021 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
--- Comment #12 from Vladimir Sadovnikov ---
Oh wow, it seems that this makes the code to crash:
```
export ASAN_OPTIONS=detect_stack_use_after_return=1
./test
```
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
--- Comment #11 from Vladimir Sadovnikov ---
I mean, this code may work in improper way if ASAN allocates only 0x20 bytes on
the stack:
```
138d: bf 80 03 00 00 mov$0x380,%edi
1392: e8 39 fd ff ff call
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
--- Comment #10 from Vladimir Sadovnikov ---
Sorry, I messed up %rbx with loading %rdx from stack.
But it seems that the ASAN-reladed code somehow modifies %rbx.
And now I'm not sure that the code generated by GCC 11.4.0 will work under
certain
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
--- Comment #7 from Vladimir Sadovnikov ---
Disassembly for GCC 11.4.0:
```
11e9 <_Z13gate_x1_curvePfPKfPKN3dsp11gate_knee_tEm>:
11e9: f3 0f 1e fa endbr64
11ed: 55 push %rbp
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
--- Comment #6 from Vladimir Sadovnikov ---
Here is disassembly of `test.cpp` function for GCC 7.5.0:
```
00400727 <_Z13gate_x1_curvePfPKfPKN3dsp11gate_knee_tEm>:
400727: 4c 8d 54 24 08 lea0x8(%rsp),%r10
40072c:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
Vladimir Sadovnikov changed:
What|Removed |Added
Status|RESOLVED|UNCONFIRMED
Resolution|FI
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
Vladimir Sadovnikov changed:
What|Removed |Added
Resolution|INVALID |FIXED
--- Comment #2 from Vladimi
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
Bug ID: 112510
Summary: Regression: ASAN code injection breaks alignment of
stack variables
Product: gcc
Version: 13.2.1
Status: UNCONFIRMED
Severity: normal
12 matches
Mail list logo
