Commit 82345e8
solib_bootstrap: fix x86-64 ld.so jump clobbering entry address
The x86-64 inline asm restoring the kernel stack and jumping to ld.so:
"mov %[sp], %%rsp\n"
"xor %%edx, %%edx\n" // required: rdx = 0 for ld.so startup ABI
"jmpq *%[entry]\n"
GCC at -O0 allocated %[entry] (ldso_entry) to rdx, causing the xor to
zero the jump target before the jmpq executed → SIGSEGV at address 0x0
on every x86-64 ExecSolib launch.
The fix is to pin ldso_entry to rax via the "a" constraint. Using the
"rdx" clobber alone is not sufficient: GCC is permitted to allocate
input operands into clobbered registers because inputs are consumed
before the asm fires. A specific register constraint ("a" = rax) is
the correct and optimization-safe solution.
With the fix, GCC emits:
mov %rcx, %rsp ; stack_top in rcx (or any non-rax "r")
xor %edx, %edx ; zero rdx (harmless: entry is in rax)
jmpq *%rax ; jump to ldso_entry
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>1 parent e3c4da7 commit 82345e8
1 file changed
+11
-4
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
337 | 337 | | |
338 | 338 | | |
339 | 339 | | |
| 340 | + | |
| 341 | + | |
| 342 | + | |
| 343 | + | |
| 344 | + | |
| 345 | + | |
| 346 | + | |
340 | 347 | | |
341 | 348 | | |
342 | | - | |
| 349 | + | |
343 | 350 | | |
344 | | - | |
345 | | - | |
346 | | - | |
| 351 | + | |
| 352 | + | |
| 353 | + | |
347 | 354 | | |
348 | 355 | | |
349 | 356 | | |
| |||
0 commit comments