[Bug target/96536] -fcf-protection code in i386.md:restore_stack_nonlocal uses invalid compare-and-jump rtl

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

From: "ubizjak at gmail dot com" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug target/96536] -fcf-protection code in i386.md:restore_stack_nonlocal uses invalid compare-and-jump rtl
Date: Mon, 17 Aug 2020 14:39:45 +0000	[thread overview]
Message-ID: <bug-96536-4-U7SOMWwmxN@http.gcc.gnu.org/bugzilla/> (raw)
In-Reply-To: <bug-96536-4@http.gcc.gnu.org/bugzilla/>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96536

--- Comment #6 from Uroš Bizjak <ubizjak at gmail dot com> ---
(In reply to Hongtao.liu from comment #1)
> I'm testing patch like
>
>        emit_insn ((word_mode == SImode)
>                  ? gen_incsspsi (reg_255)
>                  : gen_incsspdi (reg_255));
> -      tmp = gen_rtx_SET (reg_adj, gen_rtx_MINUS (ptr_mode,
> -                                                reg_adj,
> -                                                GEN_INT (255)));
> -      clob = gen_rtx_CLOBBER (VOIDmode, gen_rtx_REG (CCmode, FLAGS_REG));
> -      tmp = gen_rtx_PARALLEL (VOIDmode, gen_rtvec (2, tmp, clob));
> -      emit_insn (tmp);
> -
> -      tmp = gen_rtx_COMPARE (CCmode, reg_adj, GEN_INT (255));
> +      emit_insn ((ptr_mode == SImode)
> +                 ? gen_subsi3 (reg_adj, reg_adj, GEN_INT (255))
> +                 : gen_subdi3 (reg_adj, reg_adj, GEN_INT (255)));
> +      tmp = gen_rtx_COMPARE (CCmode, reg_adj, const0_rtx);
>        flags = gen_rtx_REG (CCmode, FLAGS_REG);
>        emit_insn (gen_rtx_SET (flags, tmp));

The above part is not correct. The original code compares result with 255, your
patch compares result with 0.

So, the minimum patch (for backport) should just introduce:

--cut here--
diff --git a/gcc/config/i386/i386.md b/gcc/config/i386/i386.md
index 292de142e90..6c207be3512 100644
--- a/gcc/config/i386/i386.md
+++ b/gcc/config/i386/i386.md
@@ -18695,6 +18695,10 @@
       tmp = gen_rtx_PARALLEL (VOIDmode, gen_rtvec (2, tmp, clob));
       emit_insn (tmp);

+      tmp = gen_rtx_COMPARE (CCZmode, reg_ssp, const0_rtx);
+      flags = gen_rtx_REG (CCZmode, FLAGS_REG);
+      emit_insn (gen_rtx_SET (flags, tmp));
+
       /* Compare and jump over adjustment code.  */
       noadj_label = gen_label_rtx ();
       flags = gen_rtx_REG (CCZmode, FLAGS_REG);
--cut here--

The patch creates correct form of sub insn (tested with cet-sjlj-1.c testcase):

#(insn 15 14 16 2 (parallel [
#            (set (reg:CCZ 17 flags)
#                (compare:CCZ (minus:DI (reg:DI 0 ax [85])
#                        (mem:DI (const:DI (plus:DI (symbol_ref:DI ("buf")
[flags 0x2] <var_decl 0x7f41c308cb40 buf>)
#                                    (const_int 16 [0x10]))) [2  S8 A8]))
#                    (const_int 0 [0])))
#            (set (reg:DI 0 ax [85])
#                (minus:DI (reg:DI 0 ax [85])
#                    (mem:DI (const:DI (plus:DI (symbol_ref:DI ("buf") [flags
0x2] <var_decl 0x7f41c308cb40 buf>)
#                                (const_int 16 [0x10]))) [2  S8 A8])))
#        ]) "cet-sjlj-1.c":16:3 262 {*subdi_2}
#     (nil))
        subq    buf+16(%rip), %rax      # 15    [c=8 l=7]  *subdi_2/1

next prev parent reply	other threads:[~2020-08-17 14:39 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-08 10:36 [Bug target/96536] New: " rsandifo at gcc dot gnu.org
2020-08-10  8:43 ` [Bug target/96536] " crazylht at gmail dot com
2020-08-10  9:04 ` ubizjak at gmail dot com
2020-08-10  9:32 ` crazylht at gmail dot com
2020-08-13 21:06 ` ubizjak at gmail dot com
2020-08-14  6:33 ` crazylht at gmail dot com
2020-08-17 14:39 ` ubizjak at gmail dot com [this message]
2020-08-18  8:54 ` crazylht at gmail dot com
2020-08-18 15:32 ` cvs-commit at gcc dot gnu.org
2020-08-18 15:36 ` cvs-commit at gcc dot gnu.org
2020-08-18 16:49 ` cvs-commit at gcc dot gnu.org
2020-08-18 17:49 ` cvs-commit at gcc dot gnu.org
2020-08-18 17:50 ` ubizjak at gmail dot com

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-96536-4-U7SOMWwmxN@http.gcc.gnu.org/bugzilla/ \
    --to=gcc-bugzilla@gcc.gnu.org \
    --cc=gcc-bugs@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).