This is the mail archive of the mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[PATCH, testsuite]: RFA: Fix gcc.c-torture/execute/multi-ix.c stack corruption for small STACK_SIZEs


When gcc.c-torture/execute/multi-ix.c is compiled using i.e. -DSTACK_SIZE=2048, CHUNK gets calculated as 5.
The problem is, that we assign a0[i0] = i0, where i0 is calculated via s() and i0=a0[0] as 39.

Having a0[39] = 39; where

typedef int l[CHUNK];
 l a0, a1, a2, a3, a4, a5, a6, a7, a8, a9;

surely leads to troubles when CHUNK is less than 40.

2008-03-26 Uros Bizjak <>

* gcc.c-torture/execute/multi-ix.c: Limit CHUNK size between 1 and 500.
(main): Exit early for CHUNK less than 40 to avoid stack corruption.

Patch was tested on x86_64-pc-linux-gnu.

OK for mainline?

On a related note, I find a bit suspicious that following test:

--cut here--
int main()
printf ("%i\n", (STACK_SIZE-40*sizeof(int)-256*sizeof(void *))/40/sizeof(int));
return 0;
--cut here--

$gcc -O2 -m64 -DSTACK_SIZE=2048

returns quite unexpected result. I think that the test on LP64 targets should return zero.

Index: multi-ix.c
--- multi-ix.c	(revision 133609)
+++ multi-ix.c	(working copy)
@@ -21,8 +21,14 @@
    Subtract the last two off STACK_SIZE and figure out what the maximum
    chunk size can be.  We make the last bit conservative to account for
-   register saves and other processor-dependent saving.  */
-#define CHUNK ((STACK_SIZE-40*sizeof(int)-256*sizeof(void *))/40/sizeof(int))
+   register saves and other processor-dependent saving.  Limit the
+   chunk size with some sane values.  */
+#define MIN(X,Y) ((X) < (Y) ? (X) : (Y))
+#define MAX(X,Y) ((X) > (Y) ? (X) : (Y))
+#define CHUNK (MIN (500, MAX (1,					\
+	(STACK_SIZE-40*sizeof(int)-256*sizeof(void *))/40/sizeof(int))))
 #define CHUNK 500
@@ -146,6 +152,11 @@
 main ()
+  /* CHUNK needs to be at least 40 to avoid stack corruption,
+     since index variable i0 in "a[i0] = i0" equals 39.  */
+  if (CHUNK < 40)
+    exit (0);
   f (1);
   exit (0);

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]