From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-prs-return-29368-listarch-gcc-prs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 24109 invoked by alias); 14 Feb 2003 05:26:00 -0000
Mailing-List: contact gcc-prs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Archive: <http://gcc.gnu.org/ml/gcc-prs/>
List-Post: <mailto:gcc-prs@gcc.gnu.org>
List-Help: <mailto:gcc-prs-help@gcc.gnu.org>
Sender: gcc-prs-owner@gcc.gnu.org
Received: (qmail 24086 invoked by uid 71); 14 Feb 2003 05:26:00 -0000
Resent-Date: 14 Feb 2003 05:26:00 -0000
Resent-Message-ID: <20030214052600.24085.qmail@sources.redhat.com>
Resent-From: gcc-gnats@gcc.gnu.org (GNATS Filer)
Resent-Cc: gcc-prs@gcc.gnu.org, gcc-bugs@gcc.gnu.org, bjb@gentoo.org,
  wwoods@gentoo.org, msterret@coat.com
Resent-Reply-To: gcc-gnats@gcc.gnu.org, agriffis@gentoo.org
Received: (qmail 22514 invoked by uid 48); 14 Feb 2003 05:21:16 -0000
Message-Id: <20030214052116.22513.qmail@sources.redhat.com>
Date: Fri, 14 Feb 2003 05:26:00 -0000
From: agriffis@gentoo.org
Reply-To: agriffis@gentoo.org
To: gcc-gnats@gcc.gnu.org
Cc: bjb@gentoo.org, wwoods@gentoo.org, msterret@coat.com
X-Send-Pr-Version: gnatsweb-2.9.3 (1.1.1.1.2.31)
X-GNATS-Notify: bjb@gentoo.org,wwoods@gentoo.org,msterret@coat.com
Subject: c/9700: va_start gets __offset wrong in some situations
X-SW-Source: 2003-02/txt/msg00605.txt.bz2
List-Id: <gcc-prs.sourceware.org>


>Number:         9700
>Category:       c
>Synopsis:       va_start gets __offset wrong in some situations
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    unassigned
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Feb 14 05:26:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator:     Aron Griffis
>Release:        3.2.2
>Organization:
>Environment:
Reading specs from /usr/lib/gcc-lib/alpha-unknown-linux-gnu/3.2.2/specs
Configured with: /usr/local/tmp/portage/gcc-3.2.2/work/gcc-3.2.2/configure --prefix=/usr --bindir=/usr/alpha-unknown-linux-gnu/gcc-bin/3.2 --includedir=/usr/lib/gcc-lib/alpha-unknown-linux-gnu/3.2.2/include --datadir=/usr/share/gcc-data/alpha-unknown-linux-gnu/3.2 --mandir=/usr/share/gcc-data/alpha-unknown-linux-gnu/3.2/man --infodir=/usr/share/gcc-data/alpha-unknown-linux-gnu/3.2/info --enable-shared --host=alpha-unknown-linux-gnu --target=alpha-unknown-linux-gnu --with-system-zlib --enable-languages=c,c++,ada,f77,objc,java --enable-threads=posix --enable-long-long --disable-checking --enable-cstdio=stdio --enable-clocale=generic --enable-__cxa_atexit --enable-version-specific-runtime-libs --with-gxx-include-dir=/usr/lib/gcc-lib/alpha-unknown-linux-gnu/3.2.2/include/g++-v3 --with-local-prefix=/usr/local --enable-shared --enable-nls --without-included-gettext
Thread model: posix
gcc version 3.2.2

This is an Alpha EV67 (XP1000).
>Description:
Found this while porting Gnome 2.2 to Alpha.  It appears that in some situations, va_start() sets up __offset to point to the last *named* argument instead of the first *unnamed* argument.

The bug is completely repeatable.  Note that I'm intentionally passing a va_list structure in the arguments to the function, that's not an accident.  It seems like the stack needs to be setup just right for this to occur.

The symptoms are the same with or without optimization enabled.
>How-To-Repeat:
#include <stdarg.h>
                                                                                
void func(char *a,
          char *b,
          char *c,
          char *d,
          char *e,
          va_list ap,
          const char *first_custom,
          ...)
{
    va_list custom_args;
    char *s;
    if (first_custom) {
        va_start (custom_args, first_custom);
                                                                                
        /*
         * Here we call va_arg and expect to get a 
         * pointer to "two";
         * instead we get a pointer to "one".
         */
        s = va_arg(custom_args, char *);
        printf ("%s\n", s);
                                                                                
        va_end (custom_args);
    }
}
                                                                                
int main() {
    va_list ap;
    func(0, 0, 0, 0, 0, ap, "one", "two", "three");
}
>Fix:

>Release-Note:
>Audit-Trail:
>Unformatted:
----gnatsweb-attachment----
Content-Type: application/octet-stream; name="va_start.i"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="va_start.i"

IyAxICJ2YV9zdGFydC5jIgojIDEgIjxidWlsdC1pbj4iCiMgMSAiPGNvbW1hbmQgbGluZT4iCiMg
MSAidmFfc3RhcnQuYyIKIyAxICIvdXNyL2xpYi9nY2MtbGliL2FscGhhLXVua25vd24tbGludXgt
Z251LzMuMi4yL2luY2x1ZGUvc3RkYXJnLmgiIDEgMwojIDQzICIvdXNyL2xpYi9nY2MtbGliL2Fs
cGhhLXVua25vd24tbGludXgtZ251LzMuMi4yL2luY2x1ZGUvc3RkYXJnLmgiIDMKdHlwZWRlZiBf
X2J1aWx0aW5fdmFfbGlzdCBfX2dudWNfdmFfbGlzdDsKIyAxMTAgIi91c3IvbGliL2djYy1saWIv
YWxwaGEtdW5rbm93bi1saW51eC1nbnUvMy4yLjIvaW5jbHVkZS9zdGRhcmcuaCIgMwp0eXBlZGVm
IF9fZ251Y192YV9saXN0IHZhX2xpc3Q7CiMgMiAidmFfc3RhcnQuYyIgMgoKdm9pZCBmdW5jKGNo
YXIgKmEsCiAgICAgICAgICBjaGFyICpiLAogICAgICAgICAgY2hhciAqYywKICAgICAgICAgIGNo
YXIgKmQsCiAgICAgICAgICBjaGFyICplLAogICAgICAgICAgdmFfbGlzdCBhcCwKICAgICAgICAg
IGNvbnN0IGNoYXIgKmZpcnN0X2N1c3RvbSwKICAgICAgICAgIC4uLikKewogICAgdmFfbGlzdCBj
dXN0b21fYXJnczsKICAgIGNoYXIgKnM7CiAgICBpZiAoZmlyc3RfY3VzdG9tKSB7CiAgICAgICAg
X19idWlsdGluX3N0ZGFyZ19zdGFydCgoY3VzdG9tX2FyZ3MpLGZpcnN0X2N1c3RvbSk7CgoKCgoK
ICAgICAgICBzID0gX19idWlsdGluX3ZhX2FyZyhjdXN0b21fYXJncywgY2hhciAqKTsKICAgICAg
ICBwcmludGYgKCIlc1xuIiwgcyk7CgogICAgICAgIF9fYnVpbHRpbl92YV9lbmQgKGN1c3RvbV9h
cmdzKTsKICAgIH0KfQoKaW50IG1haW4oKSB7CiAgICB2YV9saXN0IGFwOwogICAgZnVuYygwLCAw
LCAwLCAwLCAwLCBhcCwgIm9uZSIsICJ0d28iLCAidGhyZWUiKTsKfQo=