From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugs-return-165735-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 818 invoked by alias); 9 Nov 2005 02:11:54 -0000
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
Received: (qmail 788 invoked by uid 48); 9 Nov 2005 02:11:51 -0000
Date: Wed, 09 Nov 2005 02:11:00 -0000
Message-ID: <20051109021151.787.qmail@sourceware.org>
X-Bugzilla-Reason: CC
References: <bug-24675-11653@http.gcc.gnu.org/bugzilla/>
Subject: [Bug target/24675] Stack corruption in ARM arch. if 64bit variable is passed to a function of which the low 32 use the register and the up 32 use the stack
In-Reply-To: <bug-24675-11653@http.gcc.gnu.org/bugzilla/>
Reply-To: gcc-bugzilla@gcc.gnu.org
To: gcc-bugs@gcc.gnu.org
From: "armcc2000 at yahoo dot com" <gcc-bugzilla@gcc.gnu.org>
X-SW-Source: 2005-11/txt/msg01221.txt.bz2
List-Id: <gcc-bugs.sourceware.org>



------- Comment #2 from armcc2000 at yahoo dot com  2005-11-09 02:11 -------
Here's a slightly smaller test case:

------------------------------------------------------------
extern void foo (int f1, int f2, int f3, int f4, int f5, int f6);

void good (int g1, int g2, int g3, int g4, int g5)
{
        foo (0, 0, 0, 0, 0, 0);
}

void bad (int b1, int b2, int b3, long long b45)
{
        foo (0, 0, 0, 0, 0, 0);
}
------------------------------------------------------------

Compiled with gcc 4.0.1 (-Os), this gives:

        .file   "tst.c"
        .text
        .align  2
        .global good
        .type   good, %function
good:
        @ args = 4, pretend = 0, frame = 0
        @ frame_needed = 0, uses_anonymous_args = 0
        str     lr, [sp, #-4]!
        mov     ip, #0
        sub     sp, sp, #8
        mov     r0, ip
        mov     r1, ip
        mov     r2, ip
        mov     r3, ip
        str     ip, [sp, #0]
        str     ip, [sp, #4]
        bl      foo
        add     sp, sp, #8
        ldmfd   sp!, {pc}
        .size   good, .-good
        .align  2
        .global bad
        .type   bad, %function
bad:
        @ args = 8, pretend = 4, frame = 0
        @ frame_needed = 0, uses_anonymous_args = 0
        @ link register save eliminated.
        mov     ip, #0
        sub     sp, sp, #4
        str     r3, [sp, #0]
        mov     r0, ip
        mov     r1, ip
        mov     r2, ip
        mov     r3, ip
        @ lr needed for prologue
        str     ip, [sp, #4]
        str     ip, [sp, #8]    <-- BANG... caller's stack is overwritten !!
        add     sp, sp, #4
        b       foo
        .size   bad, .-bad
        .ident  "GCC: (GNU) 4.0.1"

------------------------------------------------------------

The bug is also present in 3.4.4


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=24675