https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89493
Bug ID: 89493 Summary: Stack smashing on armv7hl Product: gcc Version: 9.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: ada Assignee: unassigned at gcc dot gnu.org Reporter: pavel at zhukoff dot net Target Milestone: --- Created attachment 45816 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=45816&action=edit reproducer Reporting this for ada as reproducer is part of gprbuild (gprinstall) code. In some cases (return from exception handler) stack pointer is set to weird value and either stack smashing protection or storage error occurs. it's easy and 100% reproducible in Fedora linux distribution https://bugzilla.redhat.com/show_bug.cgi?id=1677173 gcc-9.0.1-0.4.fc30.armv7hl gprbuild-2018-12.fc30.armv7hl All other architectures (x86, s390x, ppc64le and aarch64 work fine) We were able to strip reproducer to ~200 LOC (attached) # gprbuild -v -cargs:Ada -O2 -g # valgrind ./exe/process ==29563== Memcheck, a memory error detector ==29563== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==29563== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info ==29563== Command: ./exe/process ==29563== warning: file does not exist '/tmp/a/satrace.log' ==29563== Warning: client switching stacks? SP change: 0xbdef07c0 --> 0x68818 ==29563== to suppress, use: --max-stackframe=1108836440 or greater aaa ==29563== Invalid write of size 4 ==29563== at 0x40C04: system__secondary_stack__ss_release (in /tmp/test/exe/process) ==29563== Address 0x68754 is 12 bytes inside data symbol "ada_main__sec_default_sized_stacks" ==29563== ==29563== Invalid read of size 4 ==29563== at 0x1A09C: _ada_process (process.adb:119) ==29563== Address 0x687ec is 164 bytes inside data symbol "ada_main__sec_default_sized_stacks" ==29563== ==29563== Invalid read of size 4 ==29563== at 0x1A0A4: _ada_process (process.adb:119) ==29563== Address 0xe1a02026 is not stack'd, malloc'd or (recently) free'd