Bug 42891

Summary: variable argument list with more than 8 entries, only low 4 bytes are passed
Product: [Retired] Red Hat Linux Reporter: Paul Pluzhnikov <paul>
Component: gccAssignee: Jakub Jelinek <jakub>
Status: CLOSED NOTABUG QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.1   
Target Milestone: ---   
Target Release: ---   
Hardware: ia64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-05-30 19:05:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Paul Pluzhnikov 2001-05-30 18:02:52 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; COM+ 
1.0.2204)

Description of problem:
It appears that __builtin_stdarg_start improperly uses
st4 instead of st8 when spilling out 9th argument

How reproducible:
Always

Steps to Reproduce:
1. Compile program below with 'gcc stdarg.c'
--- cut here --- stdarg.c ---
#include <stdarg.h>
#include <stdio.h>

void func2(int i, va_list args)
{
    void *p;
    printf("%d ---\n", i);
    for (; i; i--) {
        p = va_arg(args, void *);
        printf("%p\n", p);
    }
    printf("\n");
}

void func(int i, ...)
{
    va_list ap;

    va_start(ap, i);
    func2(i, ap);
    va_end(ap);
}

int main(int argc, char *argv[])
{
    int i;
    
    func(9, &i, &i, &i, &i, &i, &i, &i, &i, &i);
    func(8, &i, &i, &i, &i, &i, &i, &i, 0);
    
    return 0;
}
--- cut here --- stdarg.c ---
2. Run it: ./a.out


Actual Results:  
9 ---
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0

8 ---
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000fff00000000

Note that last line has only the low half-word cleared

Expected Results:  
9 ---
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0

8 ---
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
0x80000ffffffff5a0
(nil)

Additional info:

uname -a
Linux angus 2.4.0-0.99.11smp #1 SMP Wed Jan 24 13:38:34 EST 2001 ia64 
unknown

gcc -v
Reading specs from /usr/lib/gcc-lib/ia64-redhat-linux/2.96/specs
gcc version 2.96 20000731 (Red Hat Linux 7.1 2.96-84)

cat /etc/issue

Red Hat Linux release 7.0.90 (Fisher)
Kernel 2.4.0-0.99.11smp on an ia64

Comment 1 Bill Nottingham 2001-05-30 19:05:25 UTC
Using NULL instead of 0 to terminate the list avoids this.

Comment 2 Jakub Jelinek 2001-06-01 08:02:01 UTC
This is not a bug, it is a feature of the IA-64 ABI. You have to use proper
types for the arguments matching ..., if it is expecting a pointer, you should
pass a pointer, not integer (so NULL will do and in this case 0L would do as
well).