Fix jit crash on aarch64, mips

Message ID	1454599887-18335-1-git-send-email-dmalcolm@redhat.com
State	New
Headers	show Return-Path: <gcc-patches-return-420772-incoming=patchwork.ozlabs.org@gcc.gnu.org> DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:from :to:cc:subject:date:message-id:mime-version:content-type :content-transfer-encoding; q=dns; s=default; b=AV8cSkAXBiQpHrQ4 IPWZH4I0VdohHZKAWRlMrG0VUgBTkTregpKKnsUUhZlqW6d9cFRBdduBKMs6Uu9m jKKtKSGJSeI+s1hMEsNQ/iWAzmHzPSFUSuWtnpTK8FXaGB+Mik4l79dOtaTqaQNc xoXvpo3QNLFjqsi+3MZisxR6xbM= Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk Sender: gcc-patches-owner@gcc.gnu.org From: David Malcolm <dmalcolm@redhat.com> To: gcc-patches@gcc.gnu.org Cc: David Malcolm <dmalcolm@redhat.com> Subject: [PATCH] Fix jit crash on aarch64, mips Date: Thu, 4 Feb 2016 10:31:27 -0500 Message-Id: <1454599887-18335-1-git-send-email-dmalcolm@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit

Message ID

1454599887-18335-1-git-send-email-dmalcolm@redhat.com

State

New

Headers

DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender:from
	:to:cc:subject:date:message-id:mime-version:content-type
	:content-transfer-encoding; q=dns; s=default; b=AV8cSkAXBiQpHrQ4
	IPWZH4I0VdohHZKAWRlMrG0VUgBTkTregpKKnsUUhZlqW6d9cFRBdduBKMs6Uu9m
	jKKtKSGJSeI+s1hMEsNQ/iWAzmHzPSFUSuWtnpTK8FXaGB+Mik4l79dOtaTqaQNc
	xoXvpo3QNLFjqsi+3MZisxR6xbM=
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
Sender: gcc-patches-owner@gcc.gnu.org
From: David Malcolm <dmalcolm@redhat.com>
To: gcc-patches@gcc.gnu.org
Cc: David Malcolm <dmalcolm@redhat.com>
Subject: [PATCH] Fix jit crash on aarch64, mips
Date: Thu,  4 Feb 2016 10:31:27 -0500
Message-Id: <1454599887-18335-1-git-send-email-dmalcolm@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Commit Message

David Malcolm Feb. 4, 2016, 3:31 p.m. UTC

The jit testsuite was showing numerous segfaults and fatal
errors for trunk on aarch64; typically on the 2nd iteration of each
test, with errors like:
 test-volatile.c.exe: fatal error: pass ‘rnreg’ not found but is referenced by new pass ‘whole-program’
where the new pass' name varies, and can be bogus, e.g.:
 test-nested-loops.c.exe: fatal error: pass 'rnreg' not found but is referenced by new pass '/tmp/libgccjit-FMb7g3/fake.c'

This is a regression relative to gcc 5.

The root cause is that aarch64_register_fma_steering builds and
registers an "fma_steering" pass after "rnreg", but the
  struct register_pass_info
containing the arguments to register_pass is marked "static".
Hence after the 1st iteration, the pointer to the pass isn't touched,
and we have a use-after-free of the 1st iteration's pass_fma_steering.

The attached patch removes the "static" from the relevant local, so
that the pass pointer is updated before each call to register_pass.

With this patch, the jit testsuite runs successfully (8514 passes) on
gcc113 (aarch64-unknown-linux-gnu).

I used grep to see if there were any other
  "static struct register_pass_info"
in the code, and there's one in the mips backend, so I did the same
change there (untested).

Bootstrap on aarch64 in progress; I don't have mips handy.

OK for trunk if it passes?

gcc/ChangeLog:
	* config/aarch64/cortex-a57-fma-steering.c
	(aarch64_register_fma_steering): Remove "static" from arguments
	to register_pass.
	* config/mips/frame-header-opt.c (mips_register_frame_header_opt):
	Likewise.
---
 gcc/config/aarch64/cortex-a57-fma-steering.c | 2 +-
 gcc/config/mips/frame-header-opt.c           | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Comments

James Greenhalgh Feb. 4, 2016, 3:35 p.m. UTC | #1

On Thu, Feb 04, 2016 at 10:31:27AM -0500, David Malcolm wrote:
> The jit testsuite was showing numerous segfaults and fatal
> errors for trunk on aarch64; typically on the 2nd iteration of each
> test, with errors like:
>  test-volatile.c.exe: fatal error: pass ‘rnreg’ not found but is referenced by new pass ‘whole-program’
> where the new pass' name varies, and can be bogus, e.g.:
>  test-nested-loops.c.exe: fatal error: pass 'rnreg' not found but is referenced by new pass '/tmp/libgccjit-FMb7g3/fake.c'
> 
> This is a regression relative to gcc 5.
> 
> The root cause is that aarch64_register_fma_steering builds and
> registers an "fma_steering" pass after "rnreg", but the
>   struct register_pass_info
> containing the arguments to register_pass is marked "static".
> Hence after the 1st iteration, the pointer to the pass isn't touched,
> and we have a use-after-free of the 1st iteration's pass_fma_steering.
> 
> The attached patch removes the "static" from the relevant local, so
> that the pass pointer is updated before each call to register_pass.
> 
> With this patch, the jit testsuite runs successfully (8514 passes) on
> gcc113 (aarch64-unknown-linux-gnu).
> 
> I used grep to see if there were any other
>   "static struct register_pass_info"
> in the code, and there's one in the mips backend, so I did the same
> change there (untested).
> 
> Bootstrap on aarch64 in progress; I don't have mips handy.
> 
> OK for trunk if it passes?

The AArch64 part is OK (assuming bootstrap and test succeed), thanks.

James

> 
> gcc/ChangeLog:
> 	* config/aarch64/cortex-a57-fma-steering.c
> 	(aarch64_register_fma_steering): Remove "static" from arguments
> 	to register_pass.
> 	* config/mips/frame-header-opt.c (mips_register_frame_header_opt):
> 	Likewise.
> ---
>  gcc/config/aarch64/cortex-a57-fma-steering.c | 2 +-
>  gcc/config/mips/frame-header-opt.c           | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
>

diff --git a/gcc/config/aarch64/cortex-a57-fma-steering.c b/gcc/config/aarch64/cortex-a57-fma-steering.c
index 5d2ec87..21159fe 100644
--- a/gcc/config/aarch64/cortex-a57-fma-steering.c
+++ b/gcc/config/aarch64/cortex-a57-fma-steering.c
@@ -1082,7 +1082,7 @@  aarch64_register_fma_steering ()
 {
   opt_pass *pass_fma_steering = make_pass_fma_steering (g);
 
-  static struct register_pass_info fma_steering_info
+  struct register_pass_info fma_steering_info
     = { pass_fma_steering, "rnreg", 1, PASS_POS_INSERT_AFTER };
 
   register_pass (&fma_steering_info);
diff --git a/gcc/config/mips/frame-header-opt.c b/gcc/config/mips/frame-header-opt.c
index cc51577..9c3674a 100644
--- a/gcc/config/mips/frame-header-opt.c
+++ b/gcc/config/mips/frame-header-opt.c
@@ -98,7 +98,7 @@  void
 mips_register_frame_header_opt (void)
 {
   opt_pass *p = make_pass_ipa_frame_header_opt (g);
-  static struct register_pass_info f =
+  struct register_pass_info f =
     {p, "comdats", 1, PASS_POS_INSERT_AFTER };
   register_pass (&f);
 }

Fix jit crash on aarch64, mips

Commit Message

Comments

Patch