Date: Thu, 29 Sep 2011 15:43:45 GMT From: Naoyuki Tai <ntai@smartfruit.com> To: freebsd-gnats-submit@FreeBSD.org Subject: arm/161128: gcc 4.2.1 ARM produces bad code with -fstack-protector Message-ID: <201109291543.p8TFhj06009701@red.freebsd.org> Resent-Message-ID: <201109291550.p8TFoC98032809@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 161128
>Category: arm
>Synopsis: gcc 4.2.1 ARM produces bad code with -fstack-protector
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-arm
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Sep 29 15:50:12 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Naoyuki Tai
>Release: FreeBSD 8.2 Release
>Organization:
>Environment:
FreeBSD 8.2 Release ARM
>Description:
This is first manifested as arm/154189, but any application or library that uses -fstack-protector causes crash due to the compiler bug.
So far, I discovered this in lang/perl5.xx and net/avahi-app.
Here is one of manifestation from perl5.10.
This is the assembler output of locale.c in perl5.10, with no -fstack-protector.
Perl_new_collate:
@ args = 0, pretend = 0, frame = 104
@ frame_needed = 1, uses_anonymous_args = 0
mov ip, sp
stmfd sp!, {r4, r5, r6, fp, ip, lr, pc}
sub fp, ip, #4
sub sp, sp, #104
ldr r6, .L48
.LPIC2:
add r6, pc, r6
subs r5, r0, #0
bne .L31
ldr r3, .L48+4
And the data segment .L48 is
L48:
.word _GLOBAL_OFFSET_TABLE_-(.LPIC2+8)
.word PL_collation_name(GOT)
Here is the assembler output of locale.c with the -fstack-protector.
Perl_new_collate:
@ args = 0, pretend = 0, frame = 104
@ frame_needed = 1, uses_anonymous_args = 0
mov ip, sp
stmfd sp!, {r4, r5, r6, fp, ip, lr, pc}
sub fp, ip, #4
sub sp, sp, #104
ldr r6, .L49
.LPIC2:
add r6, pc, r6
ldr r3, .L49+4
And the data segment is
.L49:
.word _GLOBAL_OFFSET_TABLE_-(.LPIC2+8)
.word __stack_chk_guard(GOT)
.word PL_collation_name(GOT)
Notice the last "ldr r3, .L49+4".
It is loading r3 register from __stack_chk_guard(GOT) instead of
PL_collation_name(GOT).
So, I think that the arm backend has a bug that it is producing wrong
offsets in the data segment when the stack protector is used.
After noticing this, I took out the "-fstack-protector" from build and
the build succeeds.
It may be the problem that the combination of -fPIC and
-fstack-protector is used.
In any case, it is clear that the GCC's arm backend has a bug.
cc --version
cc (GCC) 4.2.1 20070719 [FreeBSD]
Copyright (C) 2007 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
>How-To-Repeat:
Method 1:
Build lang/perl.5.12 on arm.
Method 2:
Build net/avahi-app on arm and run. avahi-daemon crashes.
>Fix:
Obviously, the correct fix is to fix the compiler, and I have no idea how.
If you need these ports to run without crash, after "make configure", take out the -fstack-protector from the Makefiles and what not under expanded "work" directory.
Alternatively, modify the C compiler to ignore -fstack-protector directive.
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201109291543.p8TFhj06009701>