[PATCH] PR middle-end/29683 detect stack collision of split args

Josh Conner jconner@apple.com
Wed Nov 1 19:52:00 GMT 2006

In PR29683, arguments that are split between the stack and registers can
corrupt other arguments.  In the example from the PR, we have a tree
stmt like:

  VerifyValues (filler, 0, a$mbr1, GetConst (filler, a));

Where the third argument to VerifyValues (a) is on the stack, and the
second argument to GetConst (a$mbr1) is split between the stack and
registers.  expand_call processes a$mbr1 before the call to GetConst,
and saves it onto the stack.  Then, when evaluating the call to
GetConst, there is logic in store_one_arg that should detect that we
need to overwrite the same stack location and save it aside:

      /* If this is being stored into a pre-allocated, fixed-size, \
	 stack area,
         save any previous data at that location.  */
      if (argblock && ! variable_size && arg->stack)


Unfortunately, this logic doesn't trigger for split arguments, since
arg->stack is NULL.

The attached patch addresses this by calculating arg->stack and
arg->stack_slot for split (partial) arguments, as well.  By doing this,
we enable store_one_arg to detect overlaps, and to save off the
conflicting locations as needed.  One slight modification is needed to
store_one_arg, so that it only saves off the size of the portion on the
stack, not the size of the whole argument.  Interestingly enough, the
other places where the save_area is manipulated were already using the
correct value (locate_size.constant, not expr_size (tree_value)).

I bootstrapped and verified no regressions on powerpc-apple-darwin8.8.0
(--enable-languages=c,c++,objc,obj-c++ --disable-multilib).  I also
verified on i686-pc-linux-gnu, although this platform is not susceptible
to this failure.  Finally, I also verified on sh-none-elf, hoping I
could reproduce this on a second platform, only to realize it didn't
accumulate outgoing args.  None the less, it passed all regression tests
as well.

Note that we should probably consider disabling TER-ing a function call
into a function call, as setting up a stack argument just to save it
aside is pretty inefficient.  I have a second patch for that, but I
thought it was important to fix the expand_call failure first.

OK for mainline?  Should this be considered for 4.2/4.1, as well?

- Josh

2006-11-01  Josh Conner  <jconner@apple.com>

	PR middle-end/29683
	* calls.c (compute_argument_addresses): Set stack and stack_slot
	for partial args, too.
	(store_one_arg): Use locate.size.constant for the size when
	generating a save_area.

2006-11-01  Josh Conner  <jconner@apple.com>

	PR middle-end/29683
	* gcc.dg/pr29683.c: New.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 29683.patch
URL: <http://gcc.gnu.org/pipermail/gcc-patches/attachments/20061101/3d3695c0/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: pr29683.c
URL: <http://gcc.gnu.org/pipermail/gcc-patches/attachments/20061101/3d3695c0/attachment.c>

More information about the Gcc-patches mailing list