Illegal load hoist #2

pjaaskel · 2015-11-15T17:14:17Z

I found that in some tests there is illegal code motion when running with higher optimizations. It moves a 16b load across a byte write that touches part of that word.

This is likely a gcc codegen bug, but could be something with type based alias analysis, or similar because gccbrig heavily casts pointers to different types depending on the memory access width at hand.

;; ************ Correct code optimized with -O1:

    leaq    128(%rbp,%rax), %rdx
                ;; byte 1 stored here
    movb    %r8b, (%rdx)
    movzbl  1(%rsi), %r8d
    leaq    129(%rbp,%rax), %rsi
                ;; byte 2 stored here
    movb    %r8b, (%rsi)
    movq    8(%rbx), %rax

                ;; The 16b load that accesses both bytes
    movswl  (%rdx), %r8d

;; ************ Broken code optimized with -O2:

    leaq    128(%rbp,%rax), %rdi
    movq    %rcx, %rdx
    addq    (%rbx), %rdx
    movzbl  (%rdx), %esi
                ;; byte 1 stored here
    movb    %sil, (%rdi)
    movzbl  1(%rdx), %esi

                ;; Illegal hoist above the store below!
    movswl  (%rdi), %edx

                ;; this modifies the 2nd byte:
    movb    %sil, 129(%rax,%rbp)

operand #2 for COMPONENT_REF. * gcc-interface/utils2.c (gnat_save_expr): Likewise. (gnat_protect_expr): Likewise. (gnat_stabilize_reference_1): Likewise. (gnat_rewrite_reference): Do not bother about operand #3 for ARRAY_REF. (get_inner_constant_reference): Likewise. (gnat_invariant_expr): Likewise. * gcc-interface/trans.c (fold_constant_decl_in_expr): Likewise. git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@235701 138bc75d-0d04-0410-961f-82ee72b054a4

2017-07-13 Martin Liska <[email protected]> * dwarf2out.c (gen_pointer_type_die): Remove dead code. (gen_reference_type_die): Likewise. * stor-layout.c: Remove Pascal-related comment. git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@250184 138bc75d-0d04-0410-961f-82ee72b054a4

When -fcf-protection -mcet is used, I got FAIL: g++.dg/eh/sighandle.C (gdb) bt #0 _Unwind_RaiseException (exc=exc@entry=0x416ed0) at /export/gnu/import/git/sources/gcc/libgcc/unwind.inc:140 #1 0x00007ffff7d9936b in __cxxabiv1::__cxa_throw (obj=<optimized out>, tinfo=0x403dd0 <typeinfo for int@@CXXABI_1.3>, dest=0x0) at /export/gnu/import/git/sources/gcc/libstdc++-v3/libsupc++/eh_throw.cc:90 #2 0x0000000000401255 in sighandler (signo=11, si=0x7fffffffd6f8, uc=0x7fffffffd5c0) at /export/gnu/import/git/sources/gcc/gcc/testsuite/g++.dg/eh/sighandle.C:9 #3 <signal handler called> <<<< Signal frame which isn't on shadow stack #4 dosegv () at /export/gnu/import/git/sources/gcc/gcc/testsuite/g++.dg/eh/sighandle.C:14 #5 0x00000000004012e3 in main () at /export/gnu/import/git/sources/gcc/gcc/testsuite/g++.dg/eh/sighandle.C:30 (gdb) p frames $6 = 5 (gdb) frame count should be 4, not 5. This patch skips signal frames when unwinding shadow stack. gcc/testsuite/ PR libgcc/85334 * g++.dg/torture/pr85334.C: New test. libgcc/ PR libgcc/85334 * unwind-generic.h (_Unwind_Frames_Increment): New. * config/i386/shadow-stack-unwind.h (_Unwind_Frames_Increment): Likewise. * unwind.inc (_Unwind_RaiseException_Phase2): Increment frame count with _Unwind_Frames_Increment. (_Unwind_ForcedUnwind_Phase2): Likewise. git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@259502 138bc75d-0d04-0410-961f-82ee72b054a4

pjaaskel changed the title ~~miscompilation / illegal code hoist?~~ Illegal load hoist Nov 15, 2015

pjaaskel closed this as completed Nov 15, 2015

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Illegal load hoist #2

Illegal load hoist #2

pjaaskel commented Nov 15, 2015

Illegal load hoist #2

Illegal load hoist #2

Comments

pjaaskel commented Nov 15, 2015