<< Back to previous view

[PCC-375] storage used twice with -xtemps Created: 06/Aug/11  Updated: 06/Aug/11

Status: Resolved
Project: pcc
Component/s: i386 target
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major
Reporter: Iain Hibbert Assignee: Anders Magnusson
Resolution: Fixed Votes: 0
Environment: NetBSD/i386

File Attachments: File test.c    

 Description   
as reported by Szabolcs Nagy on pcc-list, the following code extracted from OpenSSL sha512.c test code

long long x;

void
foo(unsigned char *md)
{
        long long t = x;

        *(md++) = (unsigned char)(t >> 8);
        *(md++) = (unsigned char)(t);
}

when compiled with -xtemps produces code that clobbers a register stored on stack. the output assembler
shows the problem

        .text
        .align 4
        .globl foo
        .type foo,@function
foo:
        pushl %ebp
        movl %esp,%ebp
        subl $12,%esp
        movl %ebx,-4(%ebp) ; <- ebx is stored here
        movl %esi,-8(%ebp)
        movl %edi,-12(%ebp)
.L99:
        movl 8(%ebp),%ebx
.L101:
        movl x+4,%edi
        movl x,%esi
        movb $8,%cl
        movl %esi,%eax
        movl %edi,%edx
        shrdl %edx,%eax
        sarl %cl,%edx
        testb $32,%cl
        je 1f
        movl %edx,%eax
        sarl $31,%edx
1:
        incl %ebx
        movb %al,-1(%ebx)
        movl %esi,-4(%ebp) ; <- the same location is used as scratch register
        movb -4(%ebp),%al
        incl %ebx
        movb %al,-1(%ebx)
.L100:
        movl -4(%ebp),%ebx ; <- ebx is restored with corrupted value
        movl -8(%ebp),%esi
        movl -12(%ebp),%edi
        leave
        ret
        .size foo,.-foo

and the test.c program attached includes a wrapper that displays the corrupted register in the parent function

 Comments   
Comment by Anders Magnusson [ 06/Aug/11 05:15 PM ]
Thanks, should be fixed now. It was a deep-down bug to find.
Generated at Mon Sep 01 20:34:40 CEST 2014 using JIRA Enterprise Edition, Version: 3.13.1-#333.