https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91779

--- Comment #6 from Uroš Bizjak <ubizjak at gmail dot com> ---
Some debugging & tracing throug main shows the following:

There is an indirect call where we enter with stack pointer 0xffffce60, and
return with a stack pointer of 0xffffce80. Later, pushl misaligns the stack
pointer to 0xffffce7c.

        movzbl  C1@GOTOFF(%ebx), %eax   # 111   [c=9 l=7]  *movqi_internal/4
        pushl   4+d2@GOTOFF(%ebx)       # 166   [c=9 l=6]  *pushsi2
        pushl   d2@GOTOFF(%ebx) # 167   [c=9 l=6]  *pushsi2
        pushl   %eax    # 112   [c=4 l=1]  *pushqi2
        pushl   -96(%ebp)       # 113   [c=8 l=3]  *pushsi2
ce60    call    *-84(%ebp)      # 115   [c=4 l=3]  *call_pop
ce80    movzbl  -89(%ebp), %eax # 116   [c=8 l=4]  *movqi_internal/4
        pushl   %edi    # 118   [c=4 l=1]  *pushsi2
ce7c    movb    %al, -96(%ebp)  # 157   [c=4 l=3]  *movqi_internal/8
        call    ffi_closure_free@PLT    # 120   [c=0 l=5]  *call
ce7c    movsbl  -96(%ebp), %eax # 122   [c=12 l=4]  extendqisi2

The offending indirect call is defined as:

(call_insn 115 114 116 7 (parallel [
            (call (mem:QI (mem/f/c:SI (plus:SI (reg/f:SI 6 bp)
                            (const_int -84 [0xffffffffffffffac])) [23
callback_code+0 S4 A32]) [0 *callback_code.865_10 S1 A8])
                (const_int 32 [0x20]))
            (set (reg/f:SI 7 sp)
                (plus:SI (reg/f:SI 7 sp)
                    (const_int 20 [0x14])))
        ]) "../../testsuite/libffi.bhaible/test-callback.c":2325:13 673
{*call_pop}
     (expr_list:REG_ARGS_SIZE (const_int 12 [0xc])
        (expr_list:REG_CALL_DECL (nil)
            (nil)))
    (nil))

So, the function should pop 20 bytes from the stack, which is not the case.
According to the debug session, it pops 32 bytes.

The indirectly called function is:

ffi_closure_STDCALL () from ./libffi.so.7

So, the above function misaligns the stack.

Reply via email to