http://gcc.gnu.org/bugzilla/show_bug.cgi?id=50818
Bug #: 50818 Summary: va_list is filled incorrectly in functions with ms_abi attribute on amd64 Classification: Unclassified Product: gcc Version: 4.4.5 Status: UNCONFIRMED Severity: normal Priority: P3 Component: target AssignedTo: unassig...@gcc.gnu.org ReportedBy: andrey.splosh...@kaspersky.com Created attachment 25567 --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=25567 preprocessed output Compile the following testcase on x86_64-linux-gnu target: void __attribute__((ms_abi)) callee (const char* fmt, ...) { __builtin_va_list ap; __builtin_va_start (ap, fmt); const char* p = __builtin_va_arg(ap, const char*); va_end (ap); } void caller () { const char* str = "arg"; test_proc1("a string: %s", str); } After I've built the code with default Debian/squeeze compiler (gcc (Debian 4.4.5-8) 4.4.5), I've got the following piece of code in callee: leaq -32(%rbp), %rax movl $8, (%rax) leaq -32(%rbp), %rax movl $48, 4(%rax) leaq -32(%rbp), %rax leaq 24(%rbp), %rdx movq %rdx, 8(%rax) It seems to me, that va_list is filled incorrectly: pointer to the argument is saved in overflow_arg_area, but gp_offset is set to 8 instead of 48 (according to "System V ABI, AMD64 supplement"). So the following va_arg is trying to extract the pointer from reg_save_area instead of overflow_arg_area.