[Bug c/70646] Corrupt truncated function
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646 mednafen at sent dot com changed: What|Removed |Added CC||mednafen at sent dot com --- Comment #7 from mednafen at sent dot com --- Following code aborts on x86_64 4.9.2 and 5.3.0 at -O2, at least: #pragma GCC optimize("no-unit-at-a-time") typedef unsigned char u8; typedef unsigned long long u64; static inline __attribute__((always_inline)) u64 __swab64p(const u64 *p) { return (__builtin_constant_p((u64)(*p)) ? ((u64)( (((u64)(*p) & (u64)0x00ffULL) << 56) | (((u64)(*p) & (u64)0xff00ULL) << 40) | (((u64)(*p) & (u64)0x00ffULL) << 24) | (((u64)(*p) & (u64)0xff00ULL) << 8) | (((u64)(*p) & (u64)0x00ffULL) >> 8) | (((u64)(*p) & (u64)0xff00ULL) >> 24) | (((u64)(*p) & (u64)0x00ffULL) >> 40) | (((u64)(*p) & (u64)0xff00ULL) >> 56))) : __builtin_bswap64(*p)); } static inline u64 wwn_to_u64(void *wwn) { return __swab64p(wwn); } void __attribute__((noinline,noclone)) broken(u64* shost) { u8 node_name[8] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; *shost = wwn_to_u64(node_name); } void __attribute__((noinline,noclone)) dummy(void) { __builtin_abort(); } int main(int argc, char* argv[]) { u64 v; broken(&v); if(v != (u64)-1) __builtin_abort(); return 0; }
[Bug c/70646] Corrupt truncated function
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646 --- Comment #6 from Denis Vlasenko --- I can collapse the chain of inlines down to this and still see the bug. Removing "__attribute__((always_inline))", or merging __swab64p() and wwn_to_u64(), makes bug disappear. typedef unsigned char u8; typedef unsigned int u32; typedef unsigned long long u64; static inline __attribute__((always_inline)) u64 __swab64p(const u64 *p) { return (__builtin_constant_p((u64)(*p)) ? ((u64)( (((u64)(*p) & (u64)0x00ffULL) << 56) | (((u64)(*p) & (u64)0xff00ULL) << 40) | (((u64)(*p) & (u64)0x00ffULL) << 24) | (((u64)(*p) & (u64)0xff00ULL) << 8) | (((u64)(*p) & (u64)0x00ffULL) >> 8) | (((u64)(*p) & (u64)0xff00ULL) >> 24) | (((u64)(*p) & (u64)0x00ffULL) >> 40) | (((u64)(*p) & (u64)0xff00ULL) >> 56))) : __builtin_bswap64(*p)); } static inline u64 wwn_to_u64(void *wwn) { return __swab64p(wwn); } struct Scsi_Host { void *shost_data; unsigned long hostdata[0]; }; static inline void *shost_priv(struct Scsi_Host *shost) { return (void *)shost->hostdata; } typedef struct scsi_qla_host { u8 fabric_node_name[8]; u32 device_flags; } scsi_qla_host_t; struct fc_host_attrs { u64 fabric_name; }; static void qla2x00_get_host_fabric_name(struct Scsi_Host *shost) { scsi_qla_host_t *vha = shost_priv(shost); u8 node_name[8] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; u64 fabric_name = wwn_to_u64(node_name); if (vha->device_flags & 0x1) fabric_name = wwn_to_u64(vha->fabric_node_name); (((struct fc_host_attrs *)(shost)->shost_data)->fabric_name) = fabric_name; } void *get_host_fabric_name = qla2x00_get_host_fabric_name;
[Bug c/70646] Corrupt truncated function
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646 --- Comment #5 from Denis Vlasenko --- Even smaller reproducer. Bug disappears if "__attribute__((always_inline))" is removed everywhere. typedef unsigned char u8; typedef unsigned int u32; typedef unsigned long long u64; static inline __attribute__((__const__)) u64 __fswab64(u64 val) { return __builtin_bswap64(val); } static inline __attribute__((always_inline)) u64 __swab64p(const u64 *p) { return (__builtin_constant_p((u64)(*p)) ? ((u64)( (((u64)(*p) & (u64)0x00ffULL) << 56) | (((u64)(*p) & (u64)0xff00ULL) << 40) | (((u64)(*p) & (u64)0x00ffULL) << 24) | (((u64)(*p) & (u64)0xff00ULL) << 8) | (((u64)(*p) & (u64)0x00ffULL) >> 8) | (((u64)(*p) & (u64)0xff00ULL) >> 24) | (((u64)(*p) & (u64)0x00ffULL) >> 40) | (((u64)(*p) & (u64)0xff00ULL) >> 56))) : __fswab64(*p)); } static inline __attribute__((always_inline)) u64 __be64_to_cpup(const u64 *p) { return __swab64p((u64 *)p); } static inline __attribute__((always_inline)) u64 get_unaligned_be64(const void *p) { return __be64_to_cpup((u64 *)p); } static inline u64 wwn_to_u64(u8 *wwn) { return get_unaligned_be64(wwn); } struct Scsi_Host { void *shost_data; unsigned long hostdata[0]; }; static inline void *shost_priv(struct Scsi_Host *shost) { return (void *)shost->hostdata; } typedef struct scsi_qla_host { u8 fabric_node_name[8]; u32 device_flags; } scsi_qla_host_t; struct fc_host_attrs { u64 fabric_name; }; static void qla2x00_get_host_fabric_name(struct Scsi_Host *shost) { scsi_qla_host_t *vha = shost_priv(shost); u8 node_name[8] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; u64 fabric_name = wwn_to_u64(node_name); if (vha->device_flags & 0x1) fabric_name = wwn_to_u64(vha->fabric_node_name); (((struct fc_host_attrs *)(shost)->shost_data)->fabric_name) = fabric_name; } void *get_host_fabric_name = qla2x00_get_host_fabric_name;
[Bug c/70646] Corrupt truncated function
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646 --- Comment #4 from Denis Vlasenko --- Shorter reproducer: typedef __signed__ char __s8; typedef unsigned char __u8; typedef __signed__ short __s16; typedef unsigned short __u16; typedef __signed__ int __s32; typedef unsigned int __u32; __extension__ typedef __signed__ long long __s64; __extension__ typedef unsigned long long __u64; typedef signed char s8; typedef unsigned char u8; typedef signed short s16; typedef unsigned short u16; typedef signed int s32; typedef unsigned int u32; typedef signed long long s64; typedef unsigned long long u64; typedef __u64 __be64; static inline __attribute__((no_instrument_function)) __attribute__((__const__)) __u64 __fswab64(__u64 val) { return __builtin_bswap64(val); } static inline __attribute__((no_instrument_function)) __attribute__((always_inline)) __u64 __swab64p(const __u64 *p) { return (__builtin_constant_p((__u64)(*p)) ? ((__u64)( (((__u64)(*p) & (__u64)0x00ffULL) << 56) | (((__u64)(*p) & (__u64)0xff00ULL) << 40) | (((__u64)(*p) & (__u64)0x00ffULL) << 24) | (((__u64)(*p) & (__u64)0xff00ULL) << 8) | (((__u64)(*p) & (__u64)0x00ffULL) >> 8) | (((__u64)(*p) & (__u64)0xff00ULL) >> 24) | (((__u64)(*p) & (__u64)0x00ffULL) >> 40) | (((__u64)(*p) & (__u64)0xff00ULL) >> 56))) : __fswab64(*p)); } static inline __attribute__((no_instrument_function)) __attribute__((always_inline)) __u64 __be64_to_cpup(const __be64 *p) { return __swab64p((__u64 *)p); } static inline __attribute__((no_instrument_function)) __attribute__((always_inline)) u64 get_unaligned_be64(const void *p) { return __be64_to_cpup((__be64 *)p); } static inline __attribute__((no_instrument_function)) u64 wwn_to_u64(u8 *wwn) { return get_unaligned_be64(wwn); } struct Scsi_Host { unsigned long base; unsigned long io_port; unsigned char n_io_port; unsigned char dma_channel; unsigned int irq; void *shost_data; unsigned long hostdata[0] __attribute__ ((aligned (sizeof(unsigned long; }; static inline __attribute__((no_instrument_function)) void *shost_priv(struct Scsi_Host *shost) { return (void *)shost->hostdata; } typedef struct scsi_qla_host { u8 fabric_node_name[8]; u32 device_flags; } scsi_qla_host_t; struct fc_host_attrs { u64 node_name; u64 port_name; u64 permanent_port_name; u32 supported_classes; u8 supported_fc4s[32]; u32 supported_speeds; u32 maxframe_size; u16 max_npiv_vports; char serial_number[80]; char manufacturer[80]; char model[256]; char model_description[256]; char hardware_version[64]; char driver_version[64]; char firmware_version[64]; char optionrom_version[64]; u32 port_id; u8 active_fc4s[32]; u32 speed; u64 fabric_name; }; static void qla2x00_get_host_fabric_name(struct Scsi_Host *shost) { scsi_qla_host_t *vha = shost_priv(shost); u8 node_name[8] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; u64 fabric_name = wwn_to_u64(node_name); if (vha->device_flags & 0x1) fabric_name = wwn_to_u64(vha->fabric_node_name); (((struct fc_host_attrs *)(shost)->shost_data)->fabric_name) = fabric_name; } void *get_host_fabric_name = qla2x00_get_host_fabric_name;
[Bug c/70646] Corrupt truncated function
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646 Denis Vlasenko changed: What|Removed |Added CC||vda.linux at googlemail dot com --- Comment #3 from Denis Vlasenko --- I can reproduce it with: $ gcc -v Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/5.3.1/lto-wrapper Target: x86_64-redhat-linux Configured with: ../configure --enable-bootstrap --enable-languages=c,c++,objc,obj-c++,fortran,ada,go,lto --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-shared --enable-threads=posix --enable-checking=release --enable-multilib --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-linker-build-id --with-linker-hash-style=gnu --enable-plugin --enable-initfini-array --disable-libgcj --with-isl --enable-libmpx --enable-gnu-indirect-function --with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux Thread model: posix gcc version 5.3.1 20160406 (Red Hat 5.3.1-6) (GCC) No fancy compiler flags are necessary to thigger it. Without "-fno-omit-frame-pointer", function loses its two remaining insns, I see an empty body: .type qla2x00_get_host_fabric_name, @function qla2x00_get_host_fabric_name: .LFB4504: .cfi_startproc .cfi_endproc .LFE4504: .size qla2x00_get_host_fabric_name, .-qla2x00_get_host_fabric_name Simple "gcc -Os qla_attr.i.c -S" would do. gcc -O2 produces a normally-looking function.
[Bug c/70646] Corrupt truncated function
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646 --- Comment #1 from Josh Poimboeuf --- Created attachment 38256 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=38256&action=edit Linux kernel config
[Bug c/70646] Corrupt truncated function
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646 --- Comment #2 from Josh Poimboeuf --- $ gcc -Wp,-MD,drivers/scsi/qla2xxx/.qla_attr.o.d -nostdinc -isystem /usr/lib/gcc/x86_64-redhat-linux/5.3.1/include -I./arch/x86/include -Iarch/x86/include/generated/uapi -Iarch/x86/include/generated -Iinclude -I./arch/x86/include/uapi -Iarch/x86/include/generated/uapi -I./include/uapi -Iinclude/generated/uapi -include ./include/linux/kconfig.h -D__KERNEL__ -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -Werror-implicit-function-declaration -Wno-format-security -std=gnu89 -mno-sse -mno-mmx -mno-sse2 -mno-3dnow -mno-avx -m64 -falign-jumps=1 -falign-loops=1 -mno-80387 -mno-fp-ret-in-387 -mpreferred-stack-boundary=3 -mskip-rax-setup -mtune=generic -mno-red-zone -mcmodel=kernel -funit-at-a-time -maccumulate-outgoing-args -DCONFIG_X86_X32_ABI -DCONFIG_AS_CFI=1 -DCONFIG_AS_CFI_SIGNAL_FRAME=1 -DCONFIG_AS_CFI_SECTIONS=1 -DCONFIG_AS_FXSAVEQ=1 -DCONFIG_AS_SSSE3=1 -DCONFIG_AS_CRC32=1 -DCONFIG_AS_AVX=1 -DCONFIG_AS_AVX2=1 -DCONFIG_AS_SHA1_NI=1 -DCONFIG_AS_SHA256_NI=1 -pipe -Wno-sign-compare -fno-asynchronous-unwind-tables -fno-delete-null-pointer-checks -Os -Wno-maybe-uninitialized --param=allow-store-data-races=0 -Wframe-larger-than=2048 -fno-stack-protector -Wno-unused-but-set-variable -fno-omit-frame-pointer -fno-optimize-sibling-calls -fno-var-tracking-assignments -fno-inline-functions-called-once -Wdeclaration-after-statement -Wno-pointer-sign -fno-strict-overflow -fconserve-stack -Werror=implicit-int -Werror=strict-prototypes -Werror=date-time -Werror=incompatible-pointer-types -DCC_HAVE_ASM_GOTO -D"KBUILD_STR(s)=#s" -D"KBUILD_BASENAME=KBUILD_STR(qla_attr)" -D"KBUILD_MODNAME=KBUILD_STR(qla2xxx)" -c -o drivers/scsi/qla2xxx/qla_attr.o drivers/scsi/qla2xxx/qla_attr.c $ gcc -v Using built-in specs. COLLECT_GCC=/usr/bin/gcc COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/5.3.1/lto-wrapper Target: x86_64-redhat-linux Configured with: ../configure --enable-bootstrap --enable-languages=c,c++,objc,obj-c++,fortran,ada,go,lto --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-shared --enable-threads=posix --enable-checking=release --enable-multilib --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-linker-build-id --with-linker-hash-style=gnu --enable-plugin --enable-initfini-array --disable-libgcj --with-default-libstdcxx-abi=gcc4-compatible --with-isl --enable-libmpx --enable-gnu-indirect-function --with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux Thread model: posix gcc version 5.3.1 20151207 (Red Hat 5.3.1-2) (GCC)