solib_bootstrap: fix x86-64 ld.so jump clobbering entry address

The x86-64 inline asm restoring the kernel stack and jumping to ld.so:

    "mov %[sp], %%rsp\n"
    "xor %%edx, %%edx\n"   // required: rdx = 0 for ld.so startup ABI
    "jmp *%[entry]\n"

GCC at -O0 allocated %[entry] (ldso_entry) to rdx, causing the xor to
zero the jump target before the jmpq executed → SIGSEGV at address 0x0
on every x86-64 ExecSolib launch.

Fix: use "m" constraint for ldso_entry so GCC keeps it in a stack slot
(memory) instead of a register, making the xor harmless.  The jmpq
now emits "jmpq *-N(%rbp)" — an indirect memory jump — which reads
ldso_entry from the old frame after rsp has been restored.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>

Author: cataphract

ext/solib_bootstrap.c

@@ -337,13 +337,17 @@ noreturn void _dd_solib_bootstrap(void *stack_top) {
     // function is noreturn - we transfer control via inline asm.
 
 #ifdef __x86_64__
+    // Restore the original kernel stack and jump to ld.so's entry point.
+    // rdx must be 0 at ld.so startup (x86-64 ABI: rdx = rtld finalizer, 0 = none).
+    // Use "m" for ldso_entry to keep it in memory, avoiding any register
+    // allocation conflict with rdx (the xor would clobber a register input).
     uintptr_t ldso_entry = bs_ldso.entry;
     __asm__ volatile(
-        "mov %0, %%rsp\n"
+        "mov %[sp], %%rsp\n"
         "xor %%edx, %%edx\n"
-        "jmp *%1\n"
-        :: "r"(stack_top), "r"(ldso_entry)
-        : "memory"
+        "jmpq *%[entry]\n"
+        :: [sp] "r"(stack_top), [entry] "m"(ldso_entry)
+        : "rdx", "memory"
     );
 #elif defined(__aarch64__)
     uintptr_t ldso_entry = bs_ldso.entry;