[Bug target/36480] New: stack-protector causes bad ARM PIC code generated

[Bug target/36480] New: stack-protector causes bad ARM PIC code generated

[dougkwan at google dot com]

The ARM back-end avoids marking a function as needing PIC in
require_pic_register().  The code there checks if the current IR-type is
IR_GIMPLE or not.  The logic does not work when both -fPIC and
-fstack-protector are given.  The stack protector prologue is generated very
early in RTL expansion when the IR-type is still IR_GIMPLE.  Hence, the current
code ends up using a PIC regiser never gets initialized properly.  

---
extern int sprintf (char *, const char*, ...);

void
test (void)
{
 char buf[10];
 sprintf(buf, "aaaa");
}
---

compiled using top-of-trunk on 6/9/2008

../install/bin/arm-elf-gcc -O2 -S -fdump-rtl-expand -fpic -fstack-protector 
bug.c

Note that vreg 133 is used in insn 4 but never assigned a value.

;;
;; Full RTL generated for this function:
;;
(note 1 0 7 NOTE_INSN_DELETED)

(note 7 1 10 2 [bb 2] NOTE_INSN_BASIC_BLOCK)

(insn 10 7 11 2 bug.c:7 (set (reg:SI 139)
        (unspec:SI [
                (const:SI (minus:SI (const (symbol_ref:SI
("_GLOBAL_OFFSET_TABLE_")))
                        (const:SI (plus:SI (unspec:SI [
                                        (const_int 0 [0x0])
                                    ] 21)
                                (const_int 8 [0x8])))))
            ] 3)) -1 (nil))

(insn 11 10 12 2 bug.c:7 (set (reg:SI 139)
        (unspec:SI [
                (plus:SI (reg:SI 139)
                    (const (plus:SI (pc)
                            (const_int 8 [0x8]))))
                (const_int 0 [0x0])
            ] 4)) -1 (nil))

(insn 12 11 2 2 bug.c:7 (use (reg:SI 139)) -1 (nil))

(note 2 12 3 2 NOTE_INSN_FUNCTION_BEG)

(insn 3 2 4 2 bug.c:5 (set (reg:SI 135)
        (unspec:SI [
                (symbol_ref:SI ("__stack_chk_guard") [flags 0x40] <var_decl
0xf7ec6f78 __stack_chk_guard>)
            ] 3)) -1 (nil))

(insn 4 3 5 2 bug.c:5 (set (reg/f:SI 134)
        (mem/u/c:SI (plus:SI (reg:SI 133)
                (reg:SI 135)) [0 S4 A32])) -1 (expr_list:REG_EQUAL
(symbol_ref:SI ("__stack_chk_guard") [flags 0x40] <var_decl 0xf7ec6f78
__stack_chk_guard>)
        (nil)))


-- 
           Summary: stack-protector causes bad ARM PIC code generated
           Product: gcc
           Version: 4.4.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: target
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: dougkwan at google dot com
 GCC build triplet: i686-unknown-linux-gnu
  GCC host triplet: i686-unknown-linux-gnu
GCC target triplet: arm-unknown-elf


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=36480

[Bug target/36480] stack-protector causes bad ARM PIC code generated

[dougkwan at google dot com]

------- Comment #1 from dougkwan at google dot com  2009-02-12 03:04 -------
I have a test case now.  The toolchain is built with gcc trunk, binutils-2.18,
gdb-6.71 and newlib-1.16.0 for target arm-eabi

---
#include <stdlib.h>
extern int sprintf (char *, const char*, ...);

int
main (void)
{
  char buf[10];
  sprintf(buf, "aaaa");
  return 0;
}
----

#
# Test case exits with an error code if compiled with "-fstack-protector -fpic"
#
sh-3.1$ arm-eabi-gcc -fstack-protector -fpic bug.csh-3.1$ arm-eabi-gdb a.out
GNU gdb 6.7.1
Copyright (C) 2007 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "--host=i686-unknown-linux-gnu --target=arm-eabi"...
(gdb) target sim
Connected to the simulator.
(gdb) load a.out
Loading section .init, size 0x18 vma 0x8000
Loading section .text, size 0x2af8 vma 0x8018
Loading section .fini, size 0x18 vma 0xab10
Loading section .rodata, size 0xd4 vma 0xab28
Loading section .ARM.exidx, size 0x8 vma 0xabfc
Loading section .eh_frame, size 0x4 vma 0xac04
Loading section .init_array, size 0x8 vma 0x12c08
Loading section .fini_array, size 0x4 vma 0x12c10
Loading section .jcr, size 0x4 vma 0x12c14
Loading section .got, size 0x10 vma 0x12c18
Loading section .data, size 0x930 vma 0x12c28
Start address 0x80ac
Transfer rate: 109248 bits in <1 sec.
(gdb) run
Starting program: /usr/local/google/data/dougkwan/arm-elf/test/a.out 

Program exited with code 0377.
(gdb) quit

#
# It exits normally with "-fstack-protector" only
#
sh-3.1$ arm-eabi-gcc -fstack-protector  bug.c
sh-3.1$ arm-eabi-gdb a.out
GNU gdb 6.7.1
Copyright (C) 2007 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "--host=i686-unknown-linux-gnu --target=arm-eabi"...
(gdb) target sim
Connected to the simulator.
(gdb) load a.out
Loading section .init, size 0x18 vma 0x8000
Loading section .text, size 0x2adc vma 0x8018
Loading section .fini, size 0x18 vma 0xaaf4
Loading section .rodata, size 0xd4 vma 0xab0c
Loading section .ARM.exidx, size 0x8 vma 0xabe0
Loading section .eh_frame, size 0x4 vma 0xabe8
Loading section .init_array, size 0x8 vma 0x12bec
Loading section .fini_array, size 0x4 vma 0x12bf4
Loading section .jcr, size 0x4 vma 0x12bf8
Loading section .data, size 0x930 vma 0x12c00
Start address 0x80ac
Transfer rate: 108896 bits in <1 sec.
(gdb) run
Starting program: /usr/local/google/data/dougkwan/arm-elf/test/a.out 

Program exited normally.
(gdb) quit

#
# It also exits normally if "-O2" is given in addition to "-fstack-protector
-fpic"
#
sh-3.1$ arm-eabi-gcc -fstack-protector -fpic  -O2 bug.c
sh-3.1$ arm-eabi-gdb a.out
GNU gdb 6.7.1
Copyright (C) 2007 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "--host=i686-unknown-linux-gnu --target=arm-eabi"...
(gdb) target sim
Connected to the simulator.
(gdb) load a.out
Loading section .init, size 0x18 vma 0x8000
Loading section .text, size 0x2ae0 vma 0x8018
Loading section .fini, size 0x18 vma 0xaaf8
Loading section .rodata, size 0xd4 vma 0xab10
Loading section .ARM.exidx, size 0x8 vma 0xabe4
Loading section .eh_frame, size 0x4 vma 0xabec
Loading section .init_array, size 0x8 vma 0x12bf0
Loading section .fini_array, size 0x4 vma 0x12bf8
Loading section .jcr, size 0x4 vma 0x12bfc
Loading section .got, size 0x10 vma 0x12c00
Loading section .data, size 0x930 vma 0x12c10
Start address 0x80ac
Transfer rate: 109056 bits in <1 sec.
(gdb) run
Starting program: /usr/local/google/data/dougkwan/arm-elf/test/a.out 

Program exited normally.
(gdb) quit


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=36480

[Bug target/36480] stack-protector causes bad ARM PIC code generated

[dougkwan at google dot com]

------- Comment #2 from dougkwan at google dot com  2009-02-12 09:15 -------


*** This bug has been marked as a duplicate of 35965 ***


-- 

dougkwan at google dot com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
         Resolution|                            |DUPLICATE


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=36480