* [Bug target/100211] [9/10/11/12 Regression] aarch64: OOB accesses in aarch64_{save,restore}_callee_saves
2021-04-22 14:28 [Bug target/100211] New: aarch64: OOB accesses in aarch64_{save,restore}_callee_saves acoplan at gcc dot gnu.org
@ 2021-07-19 7:51 ` pinskia at gcc dot gnu.org
2022-01-21 12:18 ` rguenth at gcc dot gnu.org
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: pinskia at gcc dot gnu.org @ 2021-07-19 7:51 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100211
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Last reconfirmed| |2021-07-19
Summary|aarch64: OOB accesses in |[9/10/11/12 Regression]
|aarch64_{save,restore}_call |aarch64: OOB accesses in
|ee_saves |aarch64_{save,restore}_call
| |ee_saves
Known to work| |6.0
Status|UNCONFIRMED |NEW
Target Milestone|--- |9.5
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
The loop does:
for (regno = aarch64_next_callee_save (start, limit);
regno <= limit;
regno = aarch64_next_callee_save (regno + 1, limit))
Really this:
bool reg_is_wrapped_separately[LAST_SAVED_REGNUM];
Should be:
bool reg_is_wrapped_separately[LAST_SAVED_REGNUM + 1];
In aarch64.h. It has been wrong since r7-5127 .
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug target/100211] [9/10/11/12 Regression] aarch64: OOB accesses in aarch64_{save,restore}_callee_saves
2021-04-22 14:28 [Bug target/100211] New: aarch64: OOB accesses in aarch64_{save,restore}_callee_saves acoplan at gcc dot gnu.org
2021-07-19 7:51 ` [Bug target/100211] [9/10/11/12 Regression] " pinskia at gcc dot gnu.org
@ 2022-01-21 12:18 ` rguenth at gcc dot gnu.org
2022-05-27 9:45 ` [Bug target/100211] [10/11/12/13 " rguenth at gcc dot gnu.org
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: rguenth at gcc dot gnu.org @ 2022-01-21 12:18 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100211
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |internal-improvement
Priority|P3 |P2
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug target/100211] [10/11/12/13 Regression] aarch64: OOB accesses in aarch64_{save,restore}_callee_saves
2021-04-22 14:28 [Bug target/100211] New: aarch64: OOB accesses in aarch64_{save,restore}_callee_saves acoplan at gcc dot gnu.org
2021-07-19 7:51 ` [Bug target/100211] [9/10/11/12 Regression] " pinskia at gcc dot gnu.org
2022-01-21 12:18 ` rguenth at gcc dot gnu.org
@ 2022-05-27 9:45 ` rguenth at gcc dot gnu.org
2022-06-28 10:44 ` jakub at gcc dot gnu.org
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: rguenth at gcc dot gnu.org @ 2022-05-27 9:45 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100211
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|9.5 |10.4
--- Comment #2 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 9 branch is being closed
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug target/100211] [10/11/12/13 Regression] aarch64: OOB accesses in aarch64_{save,restore}_callee_saves
2021-04-22 14:28 [Bug target/100211] New: aarch64: OOB accesses in aarch64_{save,restore}_callee_saves acoplan at gcc dot gnu.org
` (2 preceding siblings ...)
2022-05-27 9:45 ` [Bug target/100211] [10/11/12/13 " rguenth at gcc dot gnu.org
@ 2022-06-28 10:44 ` jakub at gcc dot gnu.org
2023-07-07 10:39 ` [Bug target/100211] [11/12/13/14 " rguenth at gcc dot gnu.org
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: jakub at gcc dot gnu.org @ 2022-06-28 10:44 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100211
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|10.4 |10.5
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
GCC 10.4 is being released, retargeting bugs to GCC 10.5.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug target/100211] [11/12/13/14 Regression] aarch64: OOB accesses in aarch64_{save,restore}_callee_saves
2021-04-22 14:28 [Bug target/100211] New: aarch64: OOB accesses in aarch64_{save,restore}_callee_saves acoplan at gcc dot gnu.org
` (3 preceding siblings ...)
2022-06-28 10:44 ` jakub at gcc dot gnu.org
@ 2023-07-07 10:39 ` rguenth at gcc dot gnu.org
2024-06-16 0:09 ` [Bug target/100211] [11/12/13/14/15 " pinskia at gcc dot gnu.org
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: rguenth at gcc dot gnu.org @ 2023-07-07 10:39 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100211
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|10.5 |11.5
--- Comment #4 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 10 branch is being closed.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug target/100211] [11/12/13/14/15 Regression] aarch64: OOB accesses in aarch64_{save,restore}_callee_saves
2021-04-22 14:28 [Bug target/100211] New: aarch64: OOB accesses in aarch64_{save,restore}_callee_saves acoplan at gcc dot gnu.org
` (4 preceding siblings ...)
2023-07-07 10:39 ` [Bug target/100211] [11/12/13/14 " rguenth at gcc dot gnu.org
@ 2024-06-16 0:09 ` pinskia at gcc dot gnu.org
2024-06-16 20:58 ` cvs-commit at gcc dot gnu.org
2024-06-16 21:00 ` pinskia at gcc dot gnu.org
7 siblings, 0 replies; 9+ messages in thread
From: pinskia at gcc dot gnu.org @ 2024-06-16 0:09 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100211
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |aarch64-sve
Assignee|unassigned at gcc dot gnu.org |pinskia at gcc dot gnu.org
Status|NEW |ASSIGNED
--- Comment #5 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Let me take a look at this.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug target/100211] [11/12/13/14/15 Regression] aarch64: OOB accesses in aarch64_{save,restore}_callee_saves
2021-04-22 14:28 [Bug target/100211] New: aarch64: OOB accesses in aarch64_{save,restore}_callee_saves acoplan at gcc dot gnu.org
` (5 preceding siblings ...)
2024-06-16 0:09 ` [Bug target/100211] [11/12/13/14/15 " pinskia at gcc dot gnu.org
@ 2024-06-16 20:58 ` cvs-commit at gcc dot gnu.org
2024-06-16 21:00 ` pinskia at gcc dot gnu.org
7 siblings, 0 replies; 9+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2024-06-16 20:58 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100211
--- Comment #6 from GCC Commits <cvs-commit at gcc dot gnu.org> ---
The trunk branch has been updated by Andrew Pinski <pinskia@gcc.gnu.org>:
https://gcc.gnu.org/g:33caee556c130b2dcf311480314e942a43d6b368
commit r15-1359-g33caee556c130b2dcf311480314e942a43d6b368
Author: Andrew Pinski <quic_apinski@quicinc.com>
Date: Sun Jun 16 10:53:15 2024 -0700
aarch64: Fix reg_is_wrapped_separately array size [PR100211]
Currrently the size of the array reg_is_wrapped_separately is
LAST_SAVED_REGNUM.
But LAST_SAVED_REGNUM could be regno that is being saved. So the size needs
to be `LAST_SAVED_REGNUM + 1` like aarch64_frame->reg_offset is.
Committed as obvious after a bootstrap/test for aarch64-linux-gnu.
gcc/ChangeLog:
PR target/100211
* config/aarch64/aarch64.h (machine_function): Fix the size
of reg_is_wrapped_separately.
Signed-off-by: Andrew Pinski <quic_apinski@quicinc.com>
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug target/100211] [11/12/13/14/15 Regression] aarch64: OOB accesses in aarch64_{save,restore}_callee_saves
2021-04-22 14:28 [Bug target/100211] New: aarch64: OOB accesses in aarch64_{save,restore}_callee_saves acoplan at gcc dot gnu.org
` (6 preceding siblings ...)
2024-06-16 20:58 ` cvs-commit at gcc dot gnu.org
@ 2024-06-16 21:00 ` pinskia at gcc dot gnu.org
7 siblings, 0 replies; 9+ messages in thread
From: pinskia at gcc dot gnu.org @ 2024-06-16 21:00 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100211
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Target Milestone|11.5 |15.0
Status|ASSIGNED |RESOLVED
--- Comment #7 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Fixed on the trunk.
Note this has not caused any wrong because there is some padding between
reg_is_wrapped_separately and the next field (call_via) due to 83 not being a
multiple of alignof(rtx) (which is either 4 or 8 depending on pointer size).
bool reg_is_wrapped_separately[LAST_SAVED_REGNUM + 1];
/* One entry for each general purpose register. */
rtx call_via[SP_REGNUM];
So we can close this without needing to backporting it.
^ permalink raw reply [flat|nested] 9+ messages in thread