On Mon, Sep 15, 2025 at 9:51 AM Florian Weimer <f...@deneb.enyo.de> wrote:
>
> * H. J. Lu:
>
> > No, it doesn't work:
> >
> > [hjl@gnu-zen4-1 pr121911]$ cat bar.c
> > #include <stdlib.h>
> > #include <stddef.h>
> >
> > const size_t __stack_chk_guard = 0x2d853605a4d9a09cUL;
> >
> > void
> > __stack_chk_fail (void)
> > {
> > exit (0); /* pass */
> > }
> >
> > __attribute__ ((noipa, optimize ("stack-protector-all")))
> > void
> > smash (char *p, int i)
> > {
> > p[i] = 42;
> > }
> >
> > int
> > main (void)
> > {
> > char foo[255];
> >
> > /* smash stack */
> > for (int i = 0; i <= 400; i++)
> > smash (foo, i);
> >
> > return 1;
> > }
>
> I think the test seems invalid? In the smash function, its own return
> address is at a negative pointer offset from the start of the foo
> array.
I am testing an updated patch in:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=121911
--
H.J.
