Re: [PATCH 1/1] RISC-V: fix stack access before allocation.
On 11/27/22 22:28, Fei Gao wrote: In current riscv stack frame allocation, 2 steps are used. The first step allocates memories at least for callee saved GPRs and FPRs, and the second step allocates the rest if stack size is greater than signed 12-bit range. But it's observed in some cases, like gcc.target/riscv/stack_frame.c in my patch, callee saved FPRs fail to be included in the first step allocation, so we get generated instructions like this: li t0,-16384 addisp,sp,-48 addit0,t0,752 ... fsw fs4,-4(sp) #issue here of accessing before allocation ... add sp,sp,t0 "fsw fs4,-4(sp)" has issue here of accessing stack before allocation. Although "add sp,sp,t0" reserves later the memory for fs4, it exposes a risk when an interrupt comes in between "fsw fs4,-4(sp)" and "add sp,sp,t0", resulting in a corruption in the stack storing fs4 after interrupt context saving and a failure to get the correct value of fs4 later. This patch fixes issue above, adapts testcases identified in regression tests, and add a new testcase for the change. gcc/ChangeLog: * config/riscv/riscv.cc (riscv_first_stack_step): gcc/testsuite/ChangeLog: * gcc.target/riscv/pr93304.c: Adapt testcase for the change, constrain match to assembly instructions only. * gcc.target/riscv/rvv/base/spill-11.c: Adapt testcase for the change. * gcc.target/riscv/stack_frame.c: New test. They key here is that the MIN_FIRST_STEP wasn't including the FP save space. The stack layout diagram before riscv_stack_align, combined with the info you provided made that pretty clear. Good job tracking it down -- these can be tough to reproduce and thus tough to debug/fix. I made minor adjustments to the ChangeLog and committed your change to the trunk. Thanks, Jeff
[PATCH 1/1] RISC-V: fix stack access before allocation.
In current riscv stack frame allocation, 2 steps are used. The first step
allocates memories at least for callee saved GPRs and FPRs, and the second step
allocates the rest if stack size is greater than signed 12-bit range. But it's
observed in some cases, like gcc.target/riscv/stack_frame.c in my patch, callee
saved FPRs fail to be included in the first step allocation, so we get
generated instructions like this:
li t0,-16384
addisp,sp,-48
addit0,t0,752
...
fsw fs4,-4(sp) #issue here of accessing before allocation
...
add sp,sp,t0
"fswfs4,-4(sp)" has issue here of accessing stack before allocation.
Although "add sp,sp,t0" reserves later the memory for fs4, it exposes a risk
when an interrupt comes in between "fsw fs4,-4(sp)" and "addsp,sp,t0",
resulting in a corruption in the stack storing fs4 after interrupt context
saving and a failure to get the correct value of fs4 later.
This patch fixes issue above, adapts testcases identified in regression tests,
and add a new testcase for the change.
gcc/ChangeLog:
* config/riscv/riscv.cc (riscv_first_stack_step):
gcc/testsuite/ChangeLog:
* gcc.target/riscv/pr93304.c: Adapt testcase for the change, constrain
match to assembly instructions only.
* gcc.target/riscv/rvv/base/spill-11.c: Adapt testcase for the change.
* gcc.target/riscv/stack_frame.c: New test.
---
gcc/config/riscv/riscv.cc | 2 +-
gcc/testsuite/gcc.target/riscv/pr93304.c | 2 +-
.../gcc.target/riscv/rvv/base/spill-11.c | 3 +--
gcc/testsuite/gcc.target/riscv/stack_frame.c | 26 +++
4 files changed, 29 insertions(+), 4 deletions(-)
create mode 100644 gcc/testsuite/gcc.target/riscv/stack_frame.c
diff --git a/gcc/config/riscv/riscv.cc b/gcc/config/riscv/riscv.cc
index 7ec4ce97e6c..8d94765b4ba 100644
--- a/gcc/config/riscv/riscv.cc
+++ b/gcc/config/riscv/riscv.cc
@@ -4903,7 +4903,7 @@ riscv_first_stack_step (struct riscv_frame_info *frame)
return frame_total_constant_size;
HOST_WIDE_INT min_first_step =
-RISCV_STACK_ALIGN ((frame->total_size -
frame->fp_sp_offset).to_constant());
+RISCV_STACK_ALIGN ((frame->total_size -
frame->frame_pointer_offset).to_constant());
HOST_WIDE_INT max_first_step = IMM_REACH / 2 - PREFERRED_STACK_BOUNDARY / 8;
HOST_WIDE_INT min_second_step = frame_total_constant_size - max_first_step;
gcc_assert (min_first_step <= max_first_step);
diff --git a/gcc/testsuite/gcc.target/riscv/pr93304.c
b/gcc/testsuite/gcc.target/riscv/pr93304.c
index ce2dc4d6921..76975ff81c5 100644
--- a/gcc/testsuite/gcc.target/riscv/pr93304.c
+++ b/gcc/testsuite/gcc.target/riscv/pr93304.c
@@ -16,4 +16,4 @@ foo (void)
regradless of the REG_ALLOC_ORDER.
In theory, t2 should not used in such small program if regrename
not executed incorrectly, because t0-a2 should be enough. */
-/* { dg-final { scan-assembler-not "t2" } } */
+/* { dg-final { scan-assembler-not {\t[a-zA-Z0-9]+\t.*t2} } } */
diff --git a/gcc/testsuite/gcc.target/riscv/rvv/base/spill-11.c
b/gcc/testsuite/gcc.target/riscv/rvv/base/spill-11.c
index c2f68b86d90..f5223491665 100644
--- a/gcc/testsuite/gcc.target/riscv/rvv/base/spill-11.c
+++ b/gcc/testsuite/gcc.target/riscv/rvv/base/spill-11.c
@@ -21,9 +21,8 @@ void fn3 (char*);
** slli\tt1,t0,1
** add\tsp,sp,t1
** li\tt0,8192
-** addi\tt0,t0,-208
+** addi\tt0,t0,-192
** add\tsp,sp,t0
-** addi\tsp,sp,16
** tail\t__riscv_restore_2
*/
int stack_save_restore_2 (float a1, float a2, float a3, float a4,
diff --git a/gcc/testsuite/gcc.target/riscv/stack_frame.c
b/gcc/testsuite/gcc.target/riscv/stack_frame.c
new file mode 100644
index 000..485a52d5133
--- /dev/null
+++ b/gcc/testsuite/gcc.target/riscv/stack_frame.c
@@ -0,0 +1,26 @@
+/* { dg-do compile } */
+/* { dg-options "-O2 -march=rv32imafc -mabi=ilp32f" } */
+char my_getchar();
+float getf();
+
+float foo()
+{
+ char volatile array[3120];
+ float volatile farray[3120];
+ float sum = 0;
+ float f1 = getf();
+ float f2 = getf();
+ float f3 = getf();
+ float f4 = getf();
+
+ for (int i = 0; i < 3120; i++)
+ {
+array[i] = my_getchar();
+farray[i] = my_getchar() * 1.2;
+sum += array[i] + farray[i] + f1 + f2 + f3 + f4;
+ }
+
+ return sum;
+}
+
+/* { dg-final { scan-assembler-not {,-[0-9]+\(sp\)} } } */
--
2.17.1
[PATCH 1/1] RISC-V: fix stack access before allocation.
In current riscv stack frame allocation, 2 steps are used. The first step
allocates memories at least for callee saved GPRs and FPRs, and the second step
allocates the rest if stack size is greater than signed 12-bit range. But it's
observed in some cases, like gcc.target/riscv/stack_frame.c in my patch, callee
saved FPRs fail to be included in the first step allocation, so we get
generated instructions like this:
li t0,-16384
addisp,sp,-48
addit0,t0,752
...
fsw fs4,-4(sp) #issue here of accessing before allocation
...
add sp,sp,t0
"fswfs4,-4(sp)" has issue here of accessing stack before allocation.
Although "add sp,sp,t0" reserves later the memory for fs4, it exposes a risk
when an interrupt comes in between "fsw fs4,-4(sp)" and "addsp,sp,t0",
resulting in a corruption in the stack storing fs4 after interrupt context
saving and a failure to get the correct value of fs4 later.
This patch fixes issue above, adapts testcases identified in regression tests,
and add a new testcase for the change.
gcc/ChangeLog:
* config/riscv/riscv.cc (riscv_first_stack_step):
gcc/testsuite/ChangeLog:
* gcc.target/riscv/pr93304.c: Adapt testcase for the change, constrain
match to assembly instructions only.
* gcc.target/riscv/rvv/base/spill-11.c: Adapt testcase for the change.
* gcc.target/riscv/stack_frame.c: New test.
---
gcc/config/riscv/riscv.cc | 2 +-
gcc/testsuite/gcc.target/riscv/pr93304.c | 2 +-
.../gcc.target/riscv/rvv/base/spill-11.c | 3 +--
gcc/testsuite/gcc.target/riscv/stack_frame.c | 26 +++
4 files changed, 29 insertions(+), 4 deletions(-)
create mode 100644 gcc/testsuite/gcc.target/riscv/stack_frame.c
diff --git a/gcc/config/riscv/riscv.cc b/gcc/config/riscv/riscv.cc
index 7ec4ce97e6c..8d94765b4ba 100644
--- a/gcc/config/riscv/riscv.cc
+++ b/gcc/config/riscv/riscv.cc
@@ -4903,7 +4903,7 @@ riscv_first_stack_step (struct riscv_frame_info *frame)
return frame_total_constant_size;
HOST_WIDE_INT min_first_step =
-RISCV_STACK_ALIGN ((frame->total_size -
frame->fp_sp_offset).to_constant());
+RISCV_STACK_ALIGN ((frame->total_size -
frame->frame_pointer_offset).to_constant());
HOST_WIDE_INT max_first_step = IMM_REACH / 2 - PREFERRED_STACK_BOUNDARY / 8;
HOST_WIDE_INT min_second_step = frame_total_constant_size - max_first_step;
gcc_assert (min_first_step <= max_first_step);
diff --git a/gcc/testsuite/gcc.target/riscv/pr93304.c
b/gcc/testsuite/gcc.target/riscv/pr93304.c
index ce2dc4d6921..76975ff81c5 100644
--- a/gcc/testsuite/gcc.target/riscv/pr93304.c
+++ b/gcc/testsuite/gcc.target/riscv/pr93304.c
@@ -16,4 +16,4 @@ foo (void)
regradless of the REG_ALLOC_ORDER.
In theory, t2 should not used in such small program if regrename
not executed incorrectly, because t0-a2 should be enough. */
-/* { dg-final { scan-assembler-not "t2" } } */
+/* { dg-final { scan-assembler-not {\t[a-zA-Z0-9]+\t.*t2} } } */
diff --git a/gcc/testsuite/gcc.target/riscv/rvv/base/spill-11.c
b/gcc/testsuite/gcc.target/riscv/rvv/base/spill-11.c
index c2f68b86d90..f5223491665 100644
--- a/gcc/testsuite/gcc.target/riscv/rvv/base/spill-11.c
+++ b/gcc/testsuite/gcc.target/riscv/rvv/base/spill-11.c
@@ -21,9 +21,8 @@ void fn3 (char*);
** slli\tt1,t0,1
** add\tsp,sp,t1
** li\tt0,8192
-** addi\tt0,t0,-208
+** addi\tt0,t0,-192
** add\tsp,sp,t0
-** addi\tsp,sp,16
** tail\t__riscv_restore_2
*/
int stack_save_restore_2 (float a1, float a2, float a3, float a4,
diff --git a/gcc/testsuite/gcc.target/riscv/stack_frame.c
b/gcc/testsuite/gcc.target/riscv/stack_frame.c
new file mode 100644
index 000..485a52d5133
--- /dev/null
+++ b/gcc/testsuite/gcc.target/riscv/stack_frame.c
@@ -0,0 +1,26 @@
+/* { dg-do compile } */
+/* { dg-options "-O2 -march=rv32imafc -mabi=ilp32f" } */
+char my_getchar();
+float getf();
+
+float foo()
+{
+ char volatile array[3120];
+ float volatile farray[3120];
+ float sum = 0;
+ float f1 = getf();
+ float f2 = getf();
+ float f3 = getf();
+ float f4 = getf();
+
+ for (int i = 0; i < 3120; i++)
+ {
+array[i] = my_getchar();
+farray[i] = my_getchar() * 1.2;
+sum += array[i] + farray[i] + f1 + f2 + f3 + f4;
+ }
+
+ return sum;
+}
+
+/* { dg-final { scan-assembler-not {,-[0-9]+\(sp\)} } } */
--
2.17.1
