[Bug middle-end/29683] New: Arg split between stack/regs can cause stack corruption

[Bug middle-end/29683] New: Arg split between stack/regs can cause stack corruption

[jconner at apple dot com]

On targets which allow a function argument to be split between registers and
the stack, values can be corrupted by later function calls.

Specifically - this code:

~~~~~~~~~~

/* { dg-do run } */
/* { dg-options "-Os -fno-inline-functions" } */

void abort (void);

typedef struct {
  int x[7];
} agg7;

typedef struct {
  int mbr1;
  int mbr2;
} agg2;

int expected = 31415;
agg7 filler;

int GetConst (agg7 filler, agg2 split)
{
  return expected;
}

void VerifyValues (agg7 filler, int last_reg, int first_stack, int
second_stack)
{
  if (first_stack != 123 || second_stack != expected)
    abort ();
}

void RunTest (agg2 a)
{
  int result;

  result = GetConst (filler, a);
  VerifyValues (filler, 0, a.mbr1, result);
}

int main(void)
{
  agg2 result = {123, 456};
  RunTest (result);
  return 0;
}

~~~~~~~~~~

compiled with "gcc -O1" incorrectly aborts.


-- 
           Summary: Arg split between stack/regs can cause stack corruption
           Product: gcc
           Version: 4.3.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: middle-end
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: jconner at apple dot com
  GCC host triplet: powerpc-apple-darwin8
GCC target triplet: powerpc-apple-darwin8


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] Arg split between stack/regs can cause stack corruption

[jconner at apple dot com]

------- Comment #1 from jconner at apple dot com  2006-11-01 19:11 -------
What's happening is that TER is inserting the call to GetConst in place of
'result' in the call to VerifyValues, as such:

(pre-TER)
  result_4 = GetConst (filler, a);
  VerifyValues (filler, 0, a$mbr1_5, result_4);

(post-TER)
  VerifyValues (filler, 0, a$mbr1, GetConst (filler, a));

While this itself isn't a problem, it exposes a problem in the argument
handling mechanism where an argument split between regs/stack doesn't correctly
detect collision with other in-use stack locations.  I believe this is a
problem on platforms that ACCUMULATE_OUTGOING_ARGS.  I have a patch I'll send
out for consideration.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] Arg split between stack/regs can cause stack corruption

[patchapp at dberlin dot org]

------- Comment #2 from patchapp at dberlin dot org  2006-12-13 01:55 -------
Subject: Bug number PR middle-end/29683

A patch for this bug has been added to the patch tracker.
The mailing list url for the patch is
http://gcc.gnu.org/ml/gcc-patches/2006-12/msg00915.html


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] Arg split between stack/regs can cause stack corruption

[jconner at gcc dot gnu dot org]

------- Comment #3 from jconner at gcc dot gnu dot org  2007-01-04 01:37 -------
Subject: Bug 29683

Author: jconner
Date: Thu Jan  4 01:37:15 2007
New Revision: 120425

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=120425
Log:
2007-03-01  Josh Conner  <jconner@apple.com>

        PR middle-end/29683
        * calls.c (compute_argument_addresses): Set stack and stack_slot
        for partial args, too.
        (store_one_arg): Use locate.size.constant for the size when
        generating a save_area.

2007-03-01  Josh Conner  <jconner@apple.com>

        PR middle-end/29683
        * gcc.dg/pr29683.c: New.

Added:
    trunk/gcc/testsuite/gcc.dg/pr29683.c
Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/calls.c
    trunk/gcc/testsuite/ChangeLog


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[pinskia at gcc dot gnu dot org]

-- 

pinskia at gcc dot gnu dot org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Arg split between stack/regs|[4.1/4.2 Regression] Arg
                   |can cause stack corruption  |split between stack/regs can
                   |                            |cause stack corruption
   Target Milestone|---                         |4.1.2


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[mmitchel at gcc dot gnu dot org]

-- 

mmitchel at gcc dot gnu dot org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Priority|P3                          |P1


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[jconner at apple dot com]

------- Comment #4 from jconner at apple dot com  2007-01-25 17:11 -------
I'll investigate fixing this in the 4.1 and 4.2 branches, as well.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[patchapp at dberlin dot org]

------- Comment #5 from patchapp at dberlin dot org  2007-01-27 02:10 -------
Subject: Bug number PR middle-end/29683

A patch for this bug has been added to the patch tracker.
The mailing list url for the patch is
http://gcc.gnu.org/ml/gcc-patches/2007-01/msg02228.html


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[jconner at gcc dot gnu dot org]

------- Comment #6 from jconner at gcc dot gnu dot org  2007-01-29 16:58 -------
Subject: Bug 29683

Author: jconner
Date: Mon Jan 29 16:58:04 2007
New Revision: 121289

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=121289
Log:
2007-01-29  Josh Conner  <jconner@apple.com>

        PR middle-end/29683
        * calls.c (compute_argument_addresses): Set stack and stack_slot
        for partial args, too.
        (store_one_arg): Use locate.size.constant for the size when
        generating a save_area.

Modified:
    branches/gcc-4_2-branch/gcc/ChangeLog
    branches/gcc-4_2-branch/gcc/calls.c


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[jconner at gcc dot gnu dot org]

------- Comment #7 from jconner at gcc dot gnu dot org  2007-01-29 16:59 -------
Subject: Bug 29683

Author: jconner
Date: Mon Jan 29 16:59:35 2007
New Revision: 121290

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=121290
Log:
2007-01-29  Josh Conner  <jconner@apple.com>

        PR middle-end/29683
        * gcc.dg/pr29683.c: New.

Added:
    branches/gcc-4_2-branch/gcc/testsuite/gcc.dg/pr29683.c
Modified:
    branches/gcc-4_2-branch/gcc/testsuite/ChangeLog


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[jconner at gcc dot gnu dot org]

------- Comment #8 from jconner at gcc dot gnu dot org  2007-01-29 17:08 -------
Subject: Bug 29683

Author: jconner
Date: Mon Jan 29 17:08:31 2007
New Revision: 121291

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=121291
Log:
2007-01-29  Josh Conner  <jconner@apple.com>

        PR middle-end/29683
        * calls.c (compute_argument_addresses): Set stack and stack_slot
        for partial args, too.
        (store_one_arg): Use locate.size.constant for the size when
        generating a save_area.

Modified:
    branches/gcc-4_1-branch/gcc/ChangeLog
    branches/gcc-4_1-branch/gcc/calls.c


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[jconner at gcc dot gnu dot org]

------- Comment #9 from jconner at gcc dot gnu dot org  2007-01-29 17:09 -------
Subject: Bug 29683

Author: jconner
Date: Mon Jan 29 17:09:38 2007
New Revision: 121292

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=121292
Log:
2007-01-29  Josh Conner  <jconner@apple.com>

        PR middle-end/29683
        * gcc.dg/pr29683.c: New.

Added:
    branches/gcc-4_1-branch/gcc/testsuite/gcc.dg/pr29683.c
Modified:
    branches/gcc-4_1-branch/gcc/testsuite/ChangeLog


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[jconner at apple dot com]

------- Comment #10 from jconner at apple dot com  2007-01-29 17:11 -------
Same fix that was applied to mainline resolved the issue in 4.1 and 4.2
branches.  Checked in to both of those branches.


-- 

jconner at apple dot com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
         Resolution|                            |FIXED


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[ebotcazou at gcc dot gnu dot org]

------- Comment #11 from ebotcazou at gcc dot gnu dot org  2007-01-30 06:17 -------
> Same fix that was applied to mainline resolved the issue in 4.1 and 4.2
> branches.  Checked in to both of those branches.

You probably shouldn't have do that on the 4.1 branch:
  http://gcc.gnu.org/ml/gcc/2007-01/msg01151.html

Mark, does the RC1 contain the patch?


-- 

ebotcazou at gcc dot gnu dot org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ebotcazou at gcc dot gnu dot
                   |                            |org, mark at codesourcery
                   |                            |dot com


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[mark at codesourcery dot com]

------- Comment #12 from mark at codesourcery dot com  2007-01-30 06:39 -------
Subject: Re:  [4.1/4.2 Regression] Arg split between
 stack/regs can cause stack corruption

ebotcazou at gcc dot gnu dot org wrote:
> ------- Comment #11 from ebotcazou at gcc dot gnu dot org  2007-01-30 06:17 -------
>> Same fix that was applied to mainline resolved the issue in 4.1 and 4.2
>> branches.  Checked in to both of those branches.
> 
> You probably shouldn't have do that on the 4.1 branch:
>   http://gcc.gnu.org/ml/gcc/2007-01/msg01151.html
> 
> Mark, does the RC1 contain the patch?

No, it does not.  The RC1 sources were from yesterday afternoon, and
Josh's patch was not committed until today.  (Both times are PST.)

It's pretty hard to keep track of all the GCC mail to see when things
are frozen, etc.  And, I did approve the patch for 4.1, prior to the
freeze.  So, it's a very easy mistake to make.

Josh, please leave the patch checked in.  If we need an RC2 anyhow, then
having this patch in is fine.  If not, then I may pull it out before the
official release.

Thanks,


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683

[Bug middle-end/29683] [4.1/4.2 Regression] Arg split between stack/regs can cause stack corruption

[ebotcazou at gcc dot gnu dot org]

------- Comment #13 from ebotcazou at gcc dot gnu dot org  2007-01-30 07:13 -------
> Josh, please leave the patch checked in.  If we need an RC2 anyhow, then
> having this patch in is fine.  If not, then I may pull it out before the
> official release.

OK, but I'd replace "may" by "will" because calls.c is a rather hot spot.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29683