Launchpad has imported 9 comments from the remote bug at
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=121689.

If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
https://documentation.ubuntu.com/launchpad/user/reference/bugs/multi-project-bugs/about-multi-project-bugs/#bugs-in-external-trackers.

------------------------------------------------------------------------
On 2025-08-27T09:49:28+00:00 Christian Ehrhardt wrote:

Created attachment 62212
the preprocessed file (*.i*) that triggers the bug - from a qemu 10.1 build

Hi,
For the report here I'll focus on what a gcc bug report should have per [1]
But if you want more details, background how it was found or built files with 
debuginfo to look at the effective compiler output in good and bad case, you 
might look at the Ubuntu bug [2] and would probably find it. 


# the exact version of GCC

$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/powerpc64le-linux-gnu/15/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none
OFFLOAD_TARGET_DEFAULT=1
Target: powerpc64le-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 15.2.0-1ubuntu1' 
--with-bugurl=file:///usr/share/doc/gcc-15/README.Bugs 
--enable-languages=c,ada,c++,go,d,fortran,objc,obj-c++,m2,rust,cobol,algol68 
--prefix=/usr --with-gcc-major-version-only --program-suffix=-15 
--program-prefix=powerpc64le-linux-gnu- --enable-shared 
--enable-linker-build-id --libexecdir=/usr/libexec --without-included-gettext 
--enable-threads=posix --libdir=/usr/lib --enable-nls --enable-bootstrap 
--enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes 
--with-default-libstdcxx-abi=new --enable-libstdcxx-backtrace 
--enable-gnu-unique-object --enable-plugin --enable-default-pie 
--with-system-zlib --enable-libphobos-checking=release 
--with-target-system-zlib=auto --with-libphobos-druntime-only=yes 
--enable-objc-gc=auto --enable-secureplt --with-cpu=power9 
--enable-targets=powerpcle-linux --disable-multilib --enable-multiarch 
--disable-werror --with-long-double-128 --with-long-double-format=ieee 
--enable-offload-targets=nvptx-none=/build/gcc-15-4HtANx/gcc-15-15.2.0/debian/tmp-nvptx/usr
 --enable-offload-defaulted --without-cuda-driver --enable-checking=release 
--build=powerpc64le-linux-gnu --host=powerpc64le-linux-gnu 
--target=powerpc64le-linux-gnu --with-build-config=bootstrap-lto-lean 
--enable-link-serialization=1
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 15.2.0 (Ubuntu 15.2.0-1ubuntu1)


# the system type;

- A VM matching the Ubuntu build and test environments.
- 2 cpus, 4 gb memory
- Running Ubuntu 25.10 questing [6] daily builds
- Chip POWER9 (architected), altivec supported, 2.3 (pvr 004e 1203)


# the options given when GCC was configured/built
From [4][5] which is Ubuntu building the toolchain I got the following, if in 
doubt more can be found in that build log.

Configured with: -v
         --with-pkgversion='Ubuntu 15.2.0-1ubuntu1'
         --with-bugurl='file:///usr/share/doc/gcc-15/README.Bugs'
         
--enable-languages=c,ada,c++,go,d,fortran,objc,obj-c++,m2,rust,cobol,algol68
         --prefix=/usr
         --with-gcc-major-version-only
         --program-suffix=-15
         --program-prefix=powerpc64le-linux-gnu-
         --enable-shared
         --enable-linker-build-id
         --libexecdir=/usr/libexec
         --without-included-gettext
         --enable-threads=posix
         --libdir=/usr/lib
         --enable-nls
         --enable-bootstrap
         --enable-clocale=gnu
         --enable-libstdcxx-debug
         --enable-libstdcxx-time=yes
         --with-default-libstdcxx-abi=new
         --enable-libstdcxx-backtrace
         --enable-gnu-unique-object
         --enable-plugin
         --enable-default-pie
         --with-system-zlib
         --enable-libphobos-checking=release
         --with-target-system-zlib=auto
         --with-libphobos-druntime-only=yes
         --enable-objc-gc=auto
         --enable-secureplt
         --with-cpu=power9
         --enable-targets=powerpcle-linux
         --disable-multilib
         --enable-multiarch
         --disable-werror
         --with-long-double-128
         --with-long-double-format=ieee
         
--enable-offload-targets=nvptx-none=/<<PKGBUILDDIR>>/debian/tmp-nvptx/usr
         --enable-offload-defaulted
         --without-cuda-driver
         --enable-checking=release
         --build=powerpc64le-linux-gnu
         --host=powerpc64le-linux-gnu
         --target=powerpc64le-linux-gnu
         --with-build-config=bootstrap-lto-lean
         --enable-link-serialization=1


# the complete command line that triggers the bug;

From qemu build ninja -v:

[2/2] gcc-15 -m64 -mlittle-endian -Ilibqemu-riscv64-softmmu.a.p -I. -I..
-Itarget/riscv -I../target/riscv -Isubprojects/libvduse
-I../subprojects/libvduse -Iqapi -Itrace -Iui -Iui/shader
-I/usr/include/p11-kit-1 -I/usr/include/pixman-1 -I/usr/include/libpng16
-I/usr/include/spice-server -I/usr/include/spice-1
-I/usr/include/glib-2.0 -I/usr/lib/powerpc64le-linux-
gnu/glib-2.0/include -I/usr/include/sysprof-6 -I/usr/include/libmount
-I/usr/include/blkid -I/usr/include/gio-unix-2.0
-I/usr/include/pipewire-0.3 -I/usr/include/spa-0.2 -I/usr/include/fuse3
-I/usr/include/powerpc64le-linux-gnu -fdiagnostics-color=auto -Wall
-Winvalid-pch -Werror -std=gnu11 -O2 -g -fstack-protector-strong
-Wempty-body -Wendif-labels -Wexpansion-to-defined -Wformat-security
-Wformat-y2k -Wignored-qualifiers -Wimplicit-fallthrough=2 -Winit-self
-Wmissing-format-attribute -Wmissing-prototypes -Wnested-externs -Wold-
style-declaration -Wold-style-definition -Wredundant-decls
-Wshadow=local -Wstrict-prototypes -Wtype-limits -Wundef -Wvla -Wwrite-
strings -Wno-missing-include-dirs -Wno-psabi -Wno-shift-negative-value
-isystem /root/qemu/linux-headers -isystem linux-headers -iquote .
-iquote /root/qemu -iquote /root/qemu/include -iquote
/root/qemu/host/include/ppc64 -iquote /root/qemu/host/include/generic
-iquote /root/qemu/tcg/ppc -pthread -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64
-D_LARGEFILE_SOURCE -fno-strict-aliasing -fno-common -fwrapv -ftrivial-
auto-var-init=zero -fzero-call-used-regs=used-gpr -O2 -g -Wno-implicit-
fallthrough -Wno-error=address -Wno-error=type-limits -save-temps -fPIE
-isystem /usr/include/mit-krb5 -D_REENTRANT -D_DEFAULT_SOURCE
-D_XOPEN_SOURCE=600 -DNCURSES_WIDECHAR=1 -isystem../linux-headers
-isystemlinux-headers -DCOMPILING_PER_TARGET
'-DCONFIG_TARGET="riscv64-softmmu-config-target.h"'
'-DCONFIG_DEVICES="riscv64-softmmu-config-devices.h"' -MD -MQ libqemu-
riscv64-softmmu.a.p/target_riscv_pmu.c.o -MF libqemu-
riscv64-softmmu.a.p/target_riscv_pmu.c.o.d -o libqemu-
riscv64-softmmu.a.p/target_riscv_pmu.c.o -c ../target/riscv/pmu.c


# the compiler output (error messages, warnings, etc.); and

There is no warning/error message reported.
The issue can be seen when running the code.

# the preprocessed file (*.i*) that triggers the bug

I'll attach target_riscv_pmu.c.i

# Minimal background

This was spotted testing the new qemu 10.1, but actually found an issue with 
gcc-15 which was also recently updated in Ubuntu 25.10. The non pre-processed 
code (so you can see the surroundings) matches [3] from the qemu project.
This is emulating riscv in qemu and the same code runs fine on x86, arm64, 
s390x - but on ppc64 as the build and host platform it fails.

When building with -O2 I found it failing, and eventually debugging made me 
able to verify that the smallest set of good/bad is
- bad: CFLAGS="-O2 -g"
- good: CFLAGS="-O2 -g -fno-gcse"

The behavior then is odd as it executes inside a seemingly false
condition

## code ##
qemu.git/target/riscv/pmu.c

  192 static void riscv_pmu_icount_update_priv(CPURISCVState *env,
  193 target_ulong newpriv, bool new_virt)
  194 {
  195 uint64_t *snapshot_prev, *snapshot_new;
  196 uint64_t current_icount;
  197 uint64_t *counter_arr;
  198 uint64_t delta;
  199
  200 if (icount_enabled()) {
  201 current_icount = icount_get_raw();
  202 } else {
  203 current_icount = cpu_get_host_ticks();
  204 }
  205 ...

Thread 3 "qemu-system-ris" hit Breakpoint 1, riscv_pmu_icount_update_priv 
(env=0x10147c310, newpriv=1, new_virt=false) at ../target/riscv/pmu.c:200
200 if (icount_enabled()) {
(gdb) n
203 current_icount = cpu_get_host_ticks();
(gdb) n
206 if (env->virt_enabled) {
(gdb) n
211 counter_arr = env->pmu_fixed_ctrs[1].counter;
(gdb) n
212 snapshot_prev = env->pmu_fixed_ctrs[1].counter_prev;
(gdb) n
215 if (new_virt) {
(gdb) n
216 g_assert(newpriv <= PRV_S);
(gdb) p new_virt
$1 = false

For awareness of the project this was also reported to qemu [7].

[1]: https://gcc.gnu.org/bugs/#need
[2]: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/2120835
[3]: 
https://gitlab.com/qemu-project/qemu/-/blame/v10.1.0/target/riscv/pmu.c?ref_type=tags#L206
[4]: https://launchpad.net/ubuntu/+source/gcc-15/15.2.0-1ubuntu1/+build/31076840
[5]: 
https://launchpadlibrarian.net/810820637/buildlog_ubuntu-questing-ppc64el.gcc-15_15.2.0-1ubuntu1_BUILDING.txt.gz
[6]: https://discourse.ubuntu.com/t/questing-quokka-release-schedule/36462
[7]: https://lists.gnu.org/archive/html/qemu-devel/2025-08/msg03901.html

Reply at:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2120835/comments/23

------------------------------------------------------------------------
On 2025-08-27T10:02:12+00:00 Christian Ehrhardt wrote:

Due to optimization the function riscv_pmu_icount_update_priv gets inlined into 
its only caller riscv_pmu_update_fixed_ctrs.
I was able to extract an objectdump of that function and will attach good (with 
-fno-gcse) and bad case obj code from that function.

Reply at:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2120835/comments/24

------------------------------------------------------------------------
On 2025-08-27T10:03:06+00:00 Christian Ehrhardt wrote:

Created attachment 62213
objdump of the oddly behaving function (inlined into caller) - good case with 
-fno-gcse

Reply at:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2120835/comments/25

------------------------------------------------------------------------
On 2025-08-27T10:03:25+00:00 Christian Ehrhardt wrote:

Created attachment 62214
objdump of the oddly behaving function (inlined into caller) - bad case

Reply at:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2120835/comments/26

------------------------------------------------------------------------
On 2025-09-11T05:36:44+00:00 Sjames-j wrote:

Could you try get a smaller standalone testcase? The first thing you
want is just the function that is miscompiled (and shows the difference
in assembly) in a file by "itself" (minimal set of typedefs, variables,
and so on).

We can go from there then.

Reply at:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2120835/comments/29

------------------------------------------------------------------------
On 2025-09-11T05:41:48+00:00 Sjames-j wrote:

(objdump + cvise, comparing with and without -fno-gcse will be good
enough to start.)

Reply at:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2120835/comments/30

------------------------------------------------------------------------
On 2025-11-24T08:38:07+00:00 Christian Ehrhardt wrote:

Hi,
Sorry I didn't get your ping about that earlier - thanks Doko for the hint.
I thought that is what the .in file is for and tried if that would build in an 
isolated way.

I picked the build command I saw and tested it against that.
I've done so in a /tmp directory with nothing but the .i file and removed all 
the includes from the commandline.

The following gives me what might be the same diff (I can't execute to
test it in this isolated fashion, but it looks like the diff that the
original build had).

gcc-15 -m64 -mlittle-endian -fdiagnostics-color=auto -Wall -Winvalid-pch
-Werror -std=gnu11 -O2 -g -fstack-protector-strong -Wempty-body -Wendif-
labels -Wexpansion-to-defined -Wformat-security -Wformat-y2k -Wignored-
qualifiers -Wimplicit-fallthrough=2 -Winit-self -Wmissing-format-
attribute -Wmissing-prototypes -Wnested-externs -Wold-style-declaration
-Wold-style-definition -Wredundant-decls -Wshadow=local -Wstrict-
prototypes -Wtype-limits -Wundef -Wvla -Wwrite-strings -Wno-missing-
include-dirs -Wno-psabi -Wno-shift-negative-value -pthread -D_GNU_SOURCE
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -fno-strict-aliasing -fno-
common -fwrapv -ftrivial-auto-var-init=zero -fzero-call-used-regs=used-
gpr -O2 -g -Wno-implicit-fallthrough -Wno-error=address -Wno-error=type-
limits -save-temps -fPIE -isystem /usr/include/mit-krb5 -D_REENTRANT
-D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -DNCURSES_WIDECHAR=1
-isystem../linux-headers -isystemlinux-headers -DCOMPILING_PER_TARGET
'-DCONFIG_TARGET="riscv64-softmmu-config-target.h"'
'-DCONFIG_DEVICES="riscv64-softmmu-config-devices.h"' -MD -MQ test-
pmu.c.o -MF test-pmu.c.o.d -o test-pmu.c.o.fails -c pmu.c.i

gcc-15 -m64 -mlittle-endian -fdiagnostics-color=auto -Wall -Winvalid-pch
-Werror -std=gnu11 -O2 -g -fno-gcse -fstack-protector-strong -Wempty-
body -Wendif-labels -Wexpansion-to-defined -Wformat-security
-Wformat-y2k -Wignored-qualifiers -Wimplicit-fallthrough=2 -Winit-self
-Wmissing-format-attribute -Wmissing-prototypes -Wnested-externs -Wold-
style-declaration -Wold-style-definition -Wredundant-decls
-Wshadow=local -Wstrict-prototypes -Wtype-limits -Wundef -Wvla -Wwrite-
strings -Wno-missing-include-dirs -Wno-psabi -Wno-shift-negative-value
-pthread -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -fno-
strict-aliasing -fno-common -fwrapv -ftrivial-auto-var-init=zero -fzero-
call-used-regs=used-gpr -O2 -g -Wno-implicit-fallthrough -Wno-
error=address -Wno-error=type-limits -save-temps -fPIE -isystem
/usr/include/mit-krb5 -D_REENTRANT -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600
-DNCURSES_WIDECHAR=1 -isystem../linux-headers -isystemlinux-headers
-DCOMPILING_PER_TARGET '-DCONFIG_TARGET="riscv64-softmmu-config-
target.h"' '-DCONFIG_DEVICES="riscv64-softmmu-config-devices.h"' -MD -MQ
test-pmu.c.o -MF test-pmu.c.o.d -o test-pmu.c.o.works -c pmu.c.i

objdump -dgS test-pmu.c.o.fails > test-pmu.c.o.fails.objdump
objdump -dgS test-pmu.c.o.works > test-pmu.c.o.works.objdump

I do not think that further stripping the .i file of more content has a
benefit here, does it?

Reply at:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2120835/comments/31

------------------------------------------------------------------------
On 2025-11-26T05:21:44+00:00 Sjames-j wrote:

It's pretty large as-is. Having a much smaller version makes it much
easier to analyse and turn into a standalone (runtime) testcase.

Reply at:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2120835/comments/32

------------------------------------------------------------------------
On 2026-06-12T06:55:49+00:00 Rguenth wrote:

GCC 15.3 is being released, retargeting bugs to GCC 15.4.

Reply at:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2120835/comments/33


** Changed in: gcc
       Status: Unknown => New

** Changed in: gcc
   Importance: Unknown => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2120835

Title:
  EDK2 tests for riscv emulation fail against qemu 10.1 on ppc64el

To manage notifications about this bug go to:
https://bugs.launchpad.net/gcc/+bug/2120835/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to