On Tuesday, October 11, 2016 10:51:46 AM CEST Josh Poimboeuf wrote: > > 3) 0xFC244C03-config: > drivers/scsi/fnic/fnic_main.o: warning: objtool: fnic_log_q_error() falls > through to next function fnic_handle_link_event() > drivers/scsi/snic/snic_res.o: warning: objtool: .text: unexpected end of > section > > These look like another bad gcc bug which is truncating functions:
Same bug for both of them? > > 0000000000000940 <snic_log_q_error>: > 940: 55 push %rbp > 941: 48 89 e5 mov %rsp,%rbp > 944: 53 push %rbx > 945: 48 89 fb mov %rdi,%rbx > 948: e8 00 00 00 00 callq 94d <snic_log_q_error+0xd> > 949: R_X86_64_PC32 __sanitizer_cov_trace_pc-0x4 > 94d: 8b 83 58 02 00 00 mov 0x258(%rbx),%eax > 953: 85 c0 test %eax,%eax > 955: 75 08 jne 95f <snic_log_q_error+0x1f> > 957: e8 00 00 00 00 callq 95c <snic_log_q_error+0x1c> > 958: R_X86_64_PC32 __sanitizer_cov_trace_pc-0x4 > 95c: 5b pop %rbx > 95d: 5d pop %rbp > 95e: c3 retq > 95f: e8 00 00 00 00 callq 964 <snic_log_q_error+0x24> > 960: R_X86_64_PC32 __sanitizer_cov_trace_pc-0x4 > 964: 48 8b 83 10 1c 00 00 mov 0x1c10(%rbx),%rax > 96b: 48 8d 78 50 lea 0x50(%rax),%rdi > 96f: e8 00 00 00 00 callq 974 <snic_log_q_error+0x34> > 970: R_X86_64_PC32 ioread32-0x4 > 974: 83 bb 58 02 00 00 01 cmpl $0x1,0x258(%rbx) > 97b: 76 da jbe 957 <snic_log_q_error+0x17> > 97d: e8 00 00 00 00 callq 982 <snic_log_q_error+0x42> > 97e: R_X86_64_PC32 __sanitizer_cov_trace_pc-0x4 > > [end of file] > > Notice how it just falls off the end of the function. We had a similar > bug before: > > https://lkml.kernel.org/r/20160413033649.7r3msnmo3trtq47z@treble I remember that nightmare :( > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646 > > I'm not sure yet if this is the same gcc bug or a different one. Maybe > it's related to the new GCC_PLUGIN_SANCOV? I've reduced one of the test cases to this now: /* gcc-6 -O2 -fno-strict-aliasing -fno-reorder-blocks -fno-omit-frame-pointer -Wno-pointer-sign -fsanitize-coverage=trace-pc -Wall -Werror -c snic_res.c -o snic_res.o */ typedef int spinlock_t; extern unsigned int ioread32(void *); struct vnic_wq_ctrl { unsigned int error_status; }; struct vnic_wq { struct vnic_wq_ctrl *ctrl; } mempool_t; struct snic { unsigned int wq_count; __attribute__ ((__aligned__)) struct vnic_wq wq[1]; spinlock_t wq_lock[1]; }; unsigned int snic_log_q_error_err_status; void snic_log_q_error(struct snic *snic) { unsigned int i; for (i = 0; i < snic->wq_count; i++) snic_log_q_error_err_status = ioread32(&snic->wq[i].ctrl->error_status); } which gets compiled into 0000000000000000 <snic_log_q_error>: 0: 55 push %rbp 1: 48 89 e5 mov %rsp,%rbp 4: 53 push %rbx 5: 48 89 fb mov %rdi,%rbx 8: 48 83 ec 08 sub $0x8,%rsp c: e8 00 00 00 00 callq 11 <snic_log_q_error+0x11> d: R_X86_64_PC32 __sanitizer_cov_trace_pc-0x4 11: 8b 03 mov (%rbx),%eax 13: 85 c0 test %eax,%eax 15: 75 11 jne 28 <snic_log_q_error+0x28> 17: 48 83 c4 08 add $0x8,%rsp 1b: 5b pop %rbx 1c: 5d pop %rbp 1d: e9 00 00 00 00 jmpq 22 <snic_log_q_error+0x22> 1e: R_X86_64_PC32 __sanitizer_cov_trace_pc-0x4 22: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) 28: e8 00 00 00 00 callq 2d <snic_log_q_error+0x2d> 29: R_X86_64_PC32 __sanitizer_cov_trace_pc-0x4 2d: 48 8b 7b 10 mov 0x10(%rbx),%rdi 31: e8 00 00 00 00 callq 36 <snic_log_q_error+0x36> 32: R_X86_64_PC32 ioread32-0x4 36: 89 05 00 00 00 00 mov %eax,0x0(%rip) # 3c <snic_log_q_error+0x3c> 38: R_X86_64_PC32 snic_log_q_error_err_status-0x4 3c: 83 3b 01 cmpl $0x1,(%rbx) 3f: 76 d6 jbe 17 <snic_log_q_error+0x17> 41: e8 00 00 00 00 callq 46 <snic_log_q_error+0x46> 42: R_X86_64_PC32 __sanitizer_cov_trace_pc-0x4 Arnd