[Bug c/40216] New: Optimization error when compiling bfd/ecofflink.c on x86_64

Wed, 20 May 2009 20:46:14 -0700 

When compiling bfd/ecofflink.c from binutils-2.15.94.0.2.2 on an x86_64, there
is an optimization bug which can cause the ld command to segfault.

One can see the problem in the output of objdump -S ecofflink.o: (my comments
are preceded by "^^^^^")

  newbuf = (char *) bfd_realloc (*buf, (bfd_size_type) have + want);
    2018:       48 8d 2c 02             lea    (%rdx,%rax,1),%rbp
    201c:       48 89 ee                mov    %rbp,%rsi
    201f:       e8 00 00 00 00          callq  2024
<bfd_ecoff_debug_one_external+0xf4>
  if (newbuf == NULL)
    2024:       48 85 c0                test   %rax,%rax
    2027:       0f 84 b3 00 00 00       je     20e0
<bfd_ecoff_debug_one_external+0x1b0>
    return FALSE;
  *buf = newbuf;
  *bufend = *buf + have + want;
    202d:       48 8b b3 10 01 00 00    mov    0x110(%rbx),%rsi
^^^^^ this is putting the current value of debug->external_ext (which may be
null) into %rsi
    2034:       48 8b 93 b0 00 00 00    mov    0xb0(%rbx),%rdx
        want = ALLOC_SIZE;
    }
  newbuf = (char *) bfd_realloc (*buf, (bfd_size_type) have + want);
  if (newbuf == NULL)
    return FALSE;
  *buf = newbuf;
    203b:       48 89 83 10 01 00 00    mov    %rax,0x110(%rbx)
^^^^^ this is putting the newly allocated pointer into debug->external_ext
  *bufend = *buf + have + want;
    2042:       48 01 e8                add    %rbp,%rax
    2045:       48 89 83 20 01 00 00    mov    %rax,0x120(%rbx)
                             (char **) &debug->external_ext_end,
                             (symhdr->iextMax + 1) * (size_t)
external_ext_size))
        return FALSE;
    }

  esym->asym.iss = symhdr->issExtMax;
    204c:       48 8b 0c 24             mov    (%rsp),%rcx
    2050:       48 8b 83 80 00 00 00    mov    0x80(%rbx),%rax

  (*swap_ext_out) (abfd, esym,
    2057:       48 8b 7c 24 08          mov    0x8(%rsp),%rdi
                             (char **) &debug->external_ext_end,
                             (symhdr->iextMax + 1) * (size_t)
external_ext_size))
        return FALSE;
    }

  esym->asym.iss = symhdr->issExtMax;
    205c:       48 89 41 08             mov    %rax,0x8(%rcx)

  (*swap_ext_out) (abfd, esym,
    2060:       49 0f af 54 24 48       imul   0x48(%r12),%rdx
    2066:       48 8d 14 16             lea    (%rsi,%rdx,1),%rdx
^^^^^ This is using %rsi, which is the (possbily null) value of
debug->external_ext *before* it was set to the proper allocated value.
    206a:       48 89 ce                mov    %rcx,%rsi
    206d:       ff 54 24 10             callq  *0x10(%rsp)
                   ((char *) debug->external_ext
                    + symhdr->iextMax * swap->external_ext_size));

The *(swap_ext_out) function will then segfault if its third parameter is null.

The compiler command line and output follows:

$ gcc -v -save-temps -DHAVE_CONFIG_H -I. -I../../binutils-2.15.94.0.2.2/bfd -I.
-D_GNU_SOURCE -I../../binutils-2.15.94.0.2.2/include
-I../../binutils-2.15.94.0.2.2/intl -I../intl -W -Wall -Wstrict-prototypes
-Wmissing-prototypes -g -O2 -c ../../binutils-2.15.94.0.2.2/bfd/ecofflink.c
Using built-in specs.
Target: x86_64-redhat-linux
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla
--enable-bootstrap --enable-shared --enable-threads=posix
--enable-checking=release --with-system-zlib --enable-__cxa_atexit
--disable-libunwind-exceptions
--enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk
--disable-dssi --enable-plugin
--with-java-home=/usr/lib/jvm/java-1.5.0-gcj-1.5.0.0/jre
--enable-libgcj-multifile --enable-java-maintainer-mode
--with-ecj-jar=/usr/share/java/eclipse-ecj.jar --disable-libjava-multilib
--with-cpu=generic --build=x86_64-redhat-linux
Thread model: posix
gcc version 4.3.0 20080428 (Red Hat 4.3.0-8) (GCC) 
COLLECT_GCC_OPTIONS='-v' '-save-temps' '-DHAVE_CONFIG_H' '-I.'
'-I../../binutils-2.15.94.0.2.2/bfd' '-I.' '-D_GNU_SOURCE'
'-I../../binutils-2.15.94.0.2.2/include' '-I../../binutils-2.15.94.0.2.2/intl'
'-I../intl' '-W' '-Wall' '-Wstrict-prototypes' '-Wmissing-prototypes' '-g'
'-O2' '-c' '-E' '-mtune=generic'
 /usr/libexec/gcc/x86_64-redhat-linux/4.3.0/cc1 -E -quiet -v -I.
-I../../binutils-2.15.94.0.2.2/bfd -I. -I../../binutils-2.15.94.0.2.2/include
-I../../binutils-2.15.94.0.2.2/intl -I../intl -DHAVE_CONFIG_H -D_GNU_SOURCE
../../binutils-2.15.94.0.2.2/bfd/ecofflink.c -mtune=generic -W -Wall
-Wstrict-prototypes -Wmissing-prototypes -fworking-directory -O2
-fpch-preprocess
ignoring nonexistent directory
"/usr/lib/gcc/x86_64-redhat-linux/4.3.0/include-fixed"
ignoring nonexistent directory
"/usr/lib/gcc/x86_64-redhat-linux/4.3.0/../../../../x86_64-redhat-linux/include"
ignoring duplicate directory "."
#include "..." search starts here:
#include <...> search starts here:
 .
 ../../binutils-2.15.94.0.2.2/bfd
 ../../binutils-2.15.94.0.2.2/include
 ../../binutils-2.15.94.0.2.2/intl
 ../intl
 /usr/local/include
 /usr/lib/gcc/x86_64-redhat-linux/4.3.0/include
 /usr/include
End of search list.
COMPILER_PATH=/usr/libexec/gcc/x86_64-redhat-linux/4.3.0/:/usr/libexec/gcc/x86_64-redhat-linux/4.3.0/:/usr/libexec/gcc/x86_64-redhat-linux/:/usr/lib/gcc/x86_64-redhat-linux/4.3.0/:/usr/lib/gcc/x86_64-redhat-linux/:/usr/libexec/gcc/x86_64-redhat-linux/4.3.0/:/usr/libexec/gcc/x86_64-redhat-linux/:/usr/lib/gcc/x86_64-redhat-linux/4.3.0/:/usr/lib/gcc/x86_64-redhat-linux/
LIBRARY_PATH=/usr/lib/gcc/x86_64-redhat-linux/4.3.0/:/usr/lib/gcc/x86_64-redhat-linux/4.3.0/:/usr/lib/gcc/x86_64-redhat-linux/4.3.0/../../../../lib64/:/lib/../lib64/:/usr/lib/../lib64/:/usr/lib/gcc/x86_64-redhat-linux/4.3.0/../../../:/lib/:/usr/lib/
COLLECT_GCC_OPTIONS='-v' '-save-temps' '-DHAVE_CONFIG_H' '-I.'
'-I../../binutils-2.15.94.0.2.2/bfd' '-I.' '-D_GNU_SOURCE'
'-I../../binutils-2.15.94.0.2.2/include' '-I../../binutils-2.15.94.0.2.2/intl'
'-I../intl' '-W' '-Wall' '-Wstrict-prototypes' '-Wmissing-prototypes' '-g'
'-O2' '-c' '-E' '-mtune=generic'
Using built-in specs.
Target: x86_64-redhat-linux
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla
--enable-bootstrap --enable-shared --enable-threads=posix
--enable-checking=release --with-system-zlib --enable-__cxa_atexit
--disable-libunwind-exceptions
--enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk
--disable-dssi --enable-plugin
--with-java-home=/usr/lib/jvm/java-1.5.0-gcj-1.5.0.0/jre
--enable-libgcj-multifile --enable-java-maintainer-mode
--with-ecj-jar=/usr/share/java/eclipse-ecj.jar --disable-libjava-multilib
--with-cpu=generic --build=x86_64-redhat-linux
Thread model: posix
gcc version 4.3.0 20080428 (Red Hat 4.3.0-8) (GCC) 
COLLECT_GCC_OPTIONS='-v' '-save-temps' '-DHAVE_CONFIG_H' '-I.'
'-I../../binutils-2.15.94.0.2.2/bfd' '-I.' '-D_GNU_SOURCE'
'-I../../binutils-2.15.94.0.2.2/include' '-I../../binutils-2.15.94.0.2.2/intl'
'-I../intl' '-W' '-Wall' '-Wstrict-prototypes' '-Wmissing-prototypes' '-g'
'-O2' '-c' '-o' '/users/hblurfrushan/.ccache/tmp.hash.els-d60685.13738.o'
'-mtune=generic'
 /usr/libexec/gcc/x86_64-redhat-linux/4.3.0/cc1 -fpreprocessed
/users/hblurfrushan/.ccache/ecofflink.tmp.els-d60685.13738.i -quiet -dumpbase
ecofflink.tmp.els-d60685.13738.i -mtune=generic -auxbase-strip
/users/hblurfrushan/.ccache/tmp.hash.els-d60685.13738.o -g -O2 -W -Wall
-Wstrict-prototypes -Wmissing-prototypes -version -o
ecofflink.tmp.els-d60685.13738.s
GNU C (GCC) version 4.3.0 20080428 (Red Hat 4.3.0-8) (x86_64-redhat-linux)
        compiled by GNU C version 4.3.0 20080428 (Red Hat 4.3.0-8), GMP version
4.2.2, MPFR version 2.3.0-p2.
warning: MPFR header version 2.3.0-p2 differs from library version 2.3.1.
GGC heuristics: --param ggc-min-expand=100 --param ggc-min-heapsize=131072
Compiler executable checksum: 5ba4849f47331d70d30074ce61c70f61
COLLECT_GCC_OPTIONS='-v' '-save-temps' '-DHAVE_CONFIG_H' '-I.'
'-I../../binutils-2.15.94.0.2.2/bfd' '-I.' '-D_GNU_SOURCE'
'-I../../binutils-2.15.94.0.2.2/include' '-I../../binutils-2.15.94.0.2.2/intl'
'-I../intl' '-W' '-Wall' '-Wstrict-prototypes' '-Wmissing-prototypes' '-g'
'-O2' '-c' '-o' '/users/hblurfrushan/.ccache/tmp.hash.els-d60685.13738.o'
'-mtune=generic'
 as -V -Qy -o /users/hblurfrushan/.ccache/tmp.hash.els-d60685.13738.o
ecofflink.tmp.els-d60685.13738.s
GNU assembler version 2.18.50.0.6 (x86_64-redhat-linux) using BFD version
version 2.18.50.0.6-7.fc9 20080403
COMPILER_PATH=/usr/libexec/gcc/x86_64-redhat-linux/4.3.0/:/usr/libexec/gcc/x86_64-redhat-linux/4.3.0/:/usr/libexec/gcc/x86_64-redhat-linux/:/usr/lib/gcc/x86_64-redhat-linux/4.3.0/:/usr/lib/gcc/x86_64-redhat-linux/:/usr/libexec/gcc/x86_64-redhat-linux/4.3.0/:/usr/libexec/gcc/x86_64-redhat-linux/:/usr/lib/gcc/x86_64-redhat-linux/4.3.0/:/usr/lib/gcc/x86_64-redhat-linux/
LIBRARY_PATH=/usr/lib/gcc/x86_64-redhat-linux/4.3.0/:/usr/lib/gcc/x86_64-redhat-linux/4.3.0/:/usr/lib/gcc/x86_64-redhat-linux/4.3.0/../../../../lib64/:/lib/../lib64/:/usr/lib/../lib64/:/usr/lib/gcc/x86_64-redhat-linux/4.3.0/../../../:/lib/:/usr/lib/
COLLECT_GCC_OPTIONS='-v' '-save-temps' '-DHAVE_CONFIG_H' '-I.'
'-I../../binutils-2.15.94.0.2.2/bfd' '-I.' '-D_GNU_SOURCE'
'-I../../binutils-2.15.94.0.2.2/include' '-I../../binutils-2.15.94.0.2.2/intl'
'-I../intl' '-W' '-Wall' '-Wstrict-prototypes' '-Wmissing-prototypes' '-g'
'-O2' '-c' '-o' '/users/hblurfrushan/.ccache/tmp.hash.els-d60685.13738.o'
'-mtune=generic'


-- 
           Summary: Optimization error when compiling bfd/ecofflink.c on
                    x86_64
           Product: gcc
           Version: 4.3.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: dahowell at directv dot com


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=40216

Reply via email to