← Back to index | Original Bugzilla link

Bug 8658 – Passing large structs to function b value causes stack corruption

Status: RESOLVED
Resolution: FIXED
Severity: normal
Priority: P2
Component: dmd
Product: D
Version: D2
Platform: x86
OS: Windows
Creation time: 2012-09-14T01:41:00Z
Last change time: 2013-11-26T01:10:10Z
Keywords: pull, wrong-code
Assigned to: nobody
Creator: r.sagitario

Comments

Comment #0 by r.sagitario — 2012-09-14T01:41:33Z

If the arguments passed to a function exceed 64kB the stack gets corrupted. Compiling and running this code without optimizations leads to a crash: struct S { int[16385] a; } void foo(S s) { } void main() { S s; for(int i = 0; i < 100; i++) foo(s); } This is caused by the frame pointer cleanup only popping the lower 16 bit of the used stack size: _D4test3fooFS4test1SZv comdat assume CS:_D4test3fooFS4test1SZv ret 4 _D4test3fooFS4test1SZv ends [Actually I never meant to do this, it happened because I thought I was passing a class reference.]

Comment #1 by maxim — 2012-09-14T09:19:36Z

(In reply to comment #0) > If the arguments passed to a function exceed 64kB the stack gets corrupted. > Compiling and running this code without optimizations leads to a crash: > <snip> Couple of comments: 1) This program doesn't crash in x64 linux 2) what exactly is requested: you allocate data on stack which certainly big enough to corrupt it, so?

Comment #2 by r.sagitario — 2012-09-14T09:28:26Z

Sorry, I didn't specify the platform: Windows 32-bit. I don't know if it happens elsewhere. What happens in the example is that each call pushes 16385 words onto the stack, but only 1 gets popped. For x64, the code might be different and the stack might be larger.

Comment #3 by yebblies — 2013-11-24T07:59:06Z

Deceptively difficult to fix. https://github.com/D-Programming-Language/dmd/pull/2875

Comment #4 by bugzilla — 2013-11-25T13:36:10Z

It is a problem on all platforms, but it is not expressed on the 64 bit ones because they use a caller-cleans-stack by default.

Comment #5 by bugzilla — 2013-11-25T23:41:04Z

While yebblies is fixing the code gen bug, we've also planned to make single objects that are larger than 64Kb illegal.

Comment #6 by yebblies — 2013-11-25T23:47:21Z

(In reply to comment #5) > While yebblies is fixing the code gen bug, we've also planned to make single > objects that are larger than 64Kb illegal. Illegal, or just @system?

Comment #7 by github-bugzilla — 2013-11-26T00:27:45Z

Commits pushed to master at https://github.com/D-Programming-Language/dmd https://github.com/D-Programming-Language/dmd/commit/c1b34cbbf155ea14eb68cf587a56797bd5c9994c Fix Issue 8658 - Passing large structs to function b value causes stack corruption https://github.com/D-Programming-Language/dmd/commit/fa89580c8b4cfc179295c5840fb8f208f479cb46 Merge pull request #2875 from yebblies/issue8658 Issue 8658 - Passing large structs to function b value causes stack corruption