[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #25 from howarth at nitro dot med dot uc dot edu 2010-09-03 23:37 --- Fixed at r163823. -- howarth at nitro dot med dot uc dot edu changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484
[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #24 from jakub at gcc dot gnu dot org 2010-09-03 14:50 --- Subject: Bug 45484 Author: jakub Date: Fri Sep 3 14:50:20 2010 New Revision: 163824 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=163824 Log: PR middle-end/45484 * dwarf2out.c (flush_queued_reg_saves): Rename to... (dwarf2out_flush_queued_reg_saves): ... this. No longer static. (dwarf2out_frame_debug): Adjust callers. * dwarf2out.h (dwarf2out_flush_queued_reg_saves): New prototype. * config/i386/i386.c (output_set_got): Call it. Modified: branches/gcc-4_5-branch/gcc/ChangeLog branches/gcc-4_5-branch/gcc/config/i386/i386.c branches/gcc-4_5-branch/gcc/dwarf2out.c branches/gcc-4_5-branch/gcc/dwarf2out.h -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484
[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #23 from jakub at gcc dot gnu dot org 2010-09-03 14:47 --- Subject: Bug 45484 Author: jakub Date: Fri Sep 3 14:46:39 2010 New Revision: 163823 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=163823 Log: PR middle-end/45484 * dwarf2out.c (flush_queued_reg_saves): Rename to... (dwarf2out_flush_queued_reg_saves): ... this. No longer static. (dwarf2out_frame_debug_expr, dwarf2out_frame_debug): Adjust callers. * dwarf2out.h (dwarf2out_flush_queued_reg_saves): New prototype. * config/i386/i386.c (output_set_got): Call it. Modified: trunk/gcc/ChangeLog trunk/gcc/config/i386/i386.c trunk/gcc/dwarf2out.c trunk/gcc/dwarf2out.h -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484
[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #22 from howarth at nitro dot med dot uc dot edu 2010-09-02 17:39 --- (In reply to comment #21) > Created an attachment (id=21670) --> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=21670&action=view) [edit] > gcc46-pr45484.patch > ... Jakub, Thanks. This patch when applied to r163660 on x86_64-apple-darwin10 appears to totally eliminate the ICEs which were occurring 50% of time previously. -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484
[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #21 from jakub at gcc dot gnu dot org 2010-09-02 16:16 --- Created an attachment (id=21670) --> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=21670&action=view) gcc46-pr45484.patch The last valgrind error is my fault, we don't need a BARRIER there, any instruction that flushes the queued ones will do. So, either we do something like in this patch, or dwarf2out.c would need to record the size of barrier_args_size and for BARRIERs with higher INSN_UID just use offset 0 (i.e. args_size before offset -= args_size;). But the latter would be more code and uglier. -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484
[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #20 from ebotcazou at gcc dot gnu dot org 2010-09-02 15:27 --- > It is very likely that the stack usage change triggers this bug. Not clear what you mean by this exactly, but I can reproduce the valgrind error with the revision 163629 compiler. -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484
[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #19 from howarth at nitro dot med dot uc dot edu 2010-09-02 15:21 --- (In reply to comment #17) > No idea if it is correct: > > diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c > index b550d86..decfd65 100644 > --- a/gcc/config/i386/i386.c > +++ b/gcc/config/i386/i386.c > @@ -8121,6 +8121,7 @@ output_set_got (rtx dest, rtx label ATTRIBUTE_UNUSED) >if (dwarf2out_do_frame ()) > { > rtx insn; > + dwarf2out_frame_debug (NULL_RTX, false); > start_sequence (); > insn = emit_barrier (); > end_sequence (); > This change alone applied to r163600 just crashes the compiler. /Users/howarth/darwin_objdir/gcc/xgcc -B/Users/howarth/darwin_objdir/gcc/ -c ./sprintf-chk.c -w -Os -lm -m32 ./sprintf-chk.c: In function test1: ./sprintf-chk.c:77:1: internal compiler error: in dwarf2out_frame_debug, at dwarf2out.c:2714 -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484
[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #18 from hjl dot tools at gmail dot com 2010-09-02 14:49 --- It is very likely that the stack usage change triggers this bug. -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484
[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #17 from hjl dot tools at gmail dot com 2010-09-02 14:43 --- No idea if it is correct: diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c index b550d86..decfd65 100644 --- a/gcc/config/i386/i386.c +++ b/gcc/config/i386/i386.c @@ -8121,6 +8121,7 @@ output_set_got (rtx dest, rtx label ATTRIBUTE_UNUSED) if (dwarf2out_do_frame ()) { rtx insn; + dwarf2out_frame_debug (NULL_RTX, false); start_sequence (); insn = emit_barrier (); end_sequence (); -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484
[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #16 from hjl dot tools at gmail dot com 2010-09-02 14:40 --- output_set_got in i386.c has #ifdef DWARF2_UNWIND_INFO /* Ensure all queued register saves are flushed before the call. */ if (dwarf2out_do_frame ()) { rtx insn; start_sequence (); insn = emit_barrier (); end_sequence (); dwarf2out_frame_debug (insn, false); } #endif We inserted an instruction. But we are using the old barrier_args_size. It looks wrong to me. -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484
[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #15 from hjl dot tools at gmail dot com 2010-09-02 14:22 --- A smaller testcase: --- extern void abort (void); extern void *chk_fail_buf[]; extern volatile int chk_fail_allowed; void test3 (void) { chk_fail_allowed = 1; if (__builtin_setjmp (chk_fail_buf) == 0) abort (); chk_fail_allowed = 0; } --- -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484
[Bug middle-end/45484] Invalid memory access in gcc.c-torture/execute/builtins/sprintf-chk.c
--- Comment #14 from hjl dot tools at gmail dot com 2010-09-02 13:52 --- On Linux/x86, -fPIC triggered invalid memory access: [...@gnu-6 gcc]$ valgrind --tool=memcheck ./cc1 -fpreprocessed /tmp/sprintf-chk.i -quiet -dumpbase sprintf-chk.i -m32 -mtune=generic -march=x86-64 -auxbase sprintf-chk -Os -w -version -fpic -o sprintf-chk.s ==8036== Memcheck, a memory error detector ==8036== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al. ==8036== Using Valgrind-3.5.0 and LibVEX; rerun with -h for copyright info ==8036== Command: ./cc1 -fpreprocessed /tmp/sprintf-chk.i -quiet -dumpbase sprintf-chk.i -m32 -mtune=generic -march=x86-64 -auxbase sprintf-chk -Os -w -version -fpic -o sprintf-chk.s ==8036== GNU C (GCC) version 4.6.0 20100901 (experimental) (x86_64-unknown-linux-gnu) compiled by GNU C version 4.4.4 20100630 (Red Hat 4.4.4-10), GMP version 4.3.2, MPFR version 2.4.2-p3, MPC version 0.8.1 GGC heuristics: --param ggc-min-expand=30 --param ggc-min-heapsize=4096 GNU C (GCC) version 4.6.0 20100901 (experimental) (x86_64-unknown-linux-gnu) compiled by GNU C version 4.4.4 20100630 (Red Hat 4.4.4-10), GMP version 4.3.2, MPFR version 2.4.2-p3, MPC version 0.8.1 GGC heuristics: --param ggc-min-expand=30 --param ggc-min-heapsize=4096 Compiler executable checksum: 5013623740daff515d54e379ca68fe2e ==8036== Invalid read of size 8 ==8036==at 0x67F8A2: dwarf2out_notice_stack_adjust (dwarf2out.c:1624) ==8036==by 0x681BD7: dwarf2out_frame_debug (dwarf2out.c:2744) ==8036==by 0xCC2DD1: output_set_got (i386.c:8127) ==8036==by 0xEACFD2: output_615 (i386.md:11477) ==8036==by 0x719262: get_insn_template (final.c:1731) ==8036==by 0x71A9C7: final_scan_insn (final.c:2609) ==8036==by 0x719178: final (final.c:1716) ==8036==by 0x71D885: rest_of_handle_final (final.c:4235) ==8036==by 0x8F68AA: execute_one_pass (passes.c:1568) ==8036==by 0x8F6A99: execute_pass_list (passes.c:1623) ==8036==by 0x8F6ABA: execute_pass_list (passes.c:1624) ==8036==by 0x8F6ABA: execute_pass_list (passes.c:1624) ==8036== Address 0xb8ee848 is 0 bytes after a block of size 2,472 alloc'd ==8036==at 0x4A0515D: malloc (vg_replace_malloc.c:195) ==8036==by 0x1118BB3: xmalloc (xmalloc.c:147) ==8036==by 0x67EFA1: compute_barrier_args_size (dwarf2out.c:1429) ==8036==by 0x67F873: dwarf2out_notice_stack_adjust (dwarf2out.c:1619) ==8036==by 0x681BD7: dwarf2out_frame_debug (dwarf2out.c:2744) ==8036==by 0x719E79: final_scan_insn (final.c:2015) ==8036==by 0x719178: final (final.c:1716) ==8036==by 0x71D885: rest_of_handle_final (final.c:4235) ==8036==by 0x8F68AA: execute_one_pass (passes.c:1568) ==8036==by 0x8F6A99: execute_pass_list (passes.c:1623) ==8036==by 0x8F6ABA: execute_pass_list (passes.c:1624) ==8036==by 0x8F6ABA: execute_pass_list (passes.c:1624) ==8036== ==8036== ==8036== HEAP SUMMARY: ==8036== in use at exit: 432,089 bytes in 1,754 blocks ==8036== total heap usage: 15,425 allocs, 13,671 frees, 7,502,579 bytes allocated ==8036== ==8036== LEAK SUMMARY: ==8036==definitely lost: 0 bytes in 0 blocks ==8036==indirectly lost: 0 bytes in 0 blocks ==8036== possibly lost: 16,064 bytes in 2 blocks ==8036==still reachable: 416,025 bytes in 1,752 blocks ==8036== suppressed: 0 bytes in 0 blocks ==8036== Rerun with --leak-check=full to see details of leaked memory ==8036== ==8036== For counts of detected and suppressed errors, rerun with: -v ==8036== ERROR SUMMARY: 5 errors from 1 contexts (suppressed: 6 from 6) [...@gnu-6 gcc]$ -- hjl dot tools at gmail dot com changed: What|Removed |Added CC||ubizjak at gmail dot com GCC build triplet|x86_64-apple-darwin10 | GCC host triplet|x86_64-apple-darwin10 | GCC target triplet|x86_64-apple-darwin10 | Summary|r163660 ICEs gcc.c- |Invalid memory access in |torture/execute/builtins/spr|gcc.c- |intf-chk.c compilation, -Os|torture/execute/builtins/spr |at -m32 |intf-chk.c Target Milestone|--- |4.6.0 http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45484