[Pkg-bluetooth-maintainers] Bug#856487: libsbc1: compiling with gcc > 4.9 causes stack corruption
Niels Thykier
niels at thykier.net
Wed Apr 26 07:34:00 UTC 2017
On Mon, 17 Apr 2017 17:02:32 +0100 Paul Brook <paul at nowt.org> wrote:
> Package: libsbc1
> Version: 1.3-1+b2
> Followup-For: Bug #856487
>
> Not a stack corruption.
>
> This is miscompilation of sbc_analyze_4b_8s_armv6. gcc appears to look
> into the asm function and decides that it does not clobber r3 (which the
> normal ARM ABI says is call clobbered). The last out += out_stride ends
> up incrementing the pointer by an arbitrary amount.
>
Hi Paul,
Many thanks for finding the bug and the solution to it.
> The attached patch works around the bug.
>
@Bluetooth maintainers: Could you please apply the patch below for stretch?
> I'm not entirely sure whether this is a gcc bug or not, but at best it's
> surprising behavior from gcc. I've attached a reduced testcase for the toolchain
> folks to argue over (compile with gcc -O2, tested with gcc 6.3.0-2 from
> sid).
>
> Paul
>
@ARM porters: I will let you be the judge of this and forward it to GCC
as necessary. (The test case is available from:
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=856487;filename=gcc-naked-bug.c;msg=130)
Thanks,
~Niels
> diff -ur clean/sbc/sbc_primitives_armv6.c sbc-1.3/sbc/sbc_primitives_armv6.c
> --- clean/sbc/sbc_primitives_armv6.c 2013-04-30 17:19:23.000000000 +0100
> +++ sbc-1.3/sbc/sbc_primitives_armv6.c 2017-04-17 16:43:49.918809345 +0100
> @@ -102,6 +102,7 @@
> "pop {r8-r11}\n"
> "stmia r1, {r4, r5, r6, r7}\n"
> "pop {r1, r4-r7, pc}\n"
> + :::"r0", "r2", "r3", "ip"
> );
> }
>
> @@ -258,6 +259,7 @@
> "pop {r8-r11}\n"
> "stmia r1!, {r4, r5, r6, r7}\n"
> "pop {r1, r4-r7, pc}\n"
> + :::"r0", "r2", "r3", "ip"
> );
> }
>
More information about the Pkg-bluetooth-maintainers
mailing list