https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63481
Bug ID: 63481 Summary: "Improve prepare_shrink_wrap to sink more instructions" causes linux kernel failure Product: gcc Version: 5.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c Assignee: unassigned at gcc dot gnu.org Reporter: sasha.levin at oracle dot com Created attachment 33663 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=33663&action=edit good/bad kernel disasm I've updated gcc (since two weeks ago) and now my kernel fails to boot with: [ 38.896180] kernel BUG at block/blk-flush.c:212! [ 38.897035] invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC KASAN [ 38.898179] Dumping ftrace buffer: [ 38.898666] (ftrace buffer empty) [ 38.899186] Modules linked in: [ 38.899562] CPU: 6 PID: 0 Comm: swapper/6 Not tainted 3.17.0-rc7-next-20141003-sasha-00051-g8905629 #1329 [ 38.900882] task: ffff8800366f0000 ti: ffff8800366e4000 task.ti: ffff8800366e4000 [ 38.901745] RIP: blk_flush_complete_seq (block/blk-flush.c:212) [ 38.903026] RSP: 0000:ffff8801c3a03e08 EFLAGS: 00010002 [ 38.903717] RAX: 0000000000000008 RBX: ffff880033530000 RCX: 0000000000000003 [ 38.904619] RDX: dfffe90000000000 RSI: ffff8800334f4000 RDI: ffff8800335300a0 [ 38.905102] RBP: ffff8801c3a03e58 R08: 0000000000000000 R09: 0000000000000000 [ 38.905102] R10: 1ffff100b1888030 R11: 0000000000000000 R12: ffff8800334f4000 [ 38.905102] R13: 0000000000000000 R14: ffff8800335300a0 R15: 0000000000000000 [ 38.905102] FS: 0000000000000000(0000) GS:ffff8801c3a00000(0000) knlGS:0000000000000000 [ 38.905102] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b [ 38.905102] CR2: ffffffffa022d0c0 CR3: 0000000021a22000 CR4: 00000000000006a0 [ 38.905102] Stack: [ 38.905102] ffff8800366e4000 ffff880033530030 ffff8802e3bd1f70 ffffffff00000007 [ 38.905102] ffffffff9bfc6c23 ffff8800335300a8 ffff8800334f4000 0000000000000000 [ 38.905102] ffff8800334f3f78 ffff8800334f4020 ffff8801c3a03ec8 ffffffff9bfc6d4d [ 38.905102] Call Trace: [ 38.905102] <IRQ> [ 38.905102] ? flush_end_io (block/blk-flush.c:230) [ 38.905102] flush_end_io (block/blk-flush.c:243 (discriminator 2)) [ 38.905102] blk_mq_end_request (block/blk-mq.c:303) [ 38.905102] virtblk_request_done (drivers/block/virtio_blk.c:139) [ 38.905102] __blk_mq_complete_request_remote (block/blk-mq.c:311) [ 38.905102] ? blkdev_issue_zeroout (block/blk-mq.c:307) [ 38.905102] flush_smp_call_function_queue (kernel/smp.c:129 (discriminator 3) kernel/smp.c:254 (discriminator 3)) [ 38.905102] ? preempt_count_add (kernel/sched/core.c:2631) [ 38.905102] generic_smp_call_function_single_interrupt (kernel/smp.c:208) [ 38.905102] smp_call_function_single_interrupt (arch/x86/kernel/smp.c:317 arch/x86/kernel/smp.c:323) [ 38.905102] call_function_single_interrupt (arch/x86/kernel/entry_64.S:1020) [ 38.905102] <EOI> [ 38.905102] ? native_safe_halt (./arch/x86/include/asm/irqflags.h:50) [ 38.905102] ? trace_hardirqs_on (kernel/locking/lockdep.c:2609) [ 38.905102] default_idle (./arch/x86/include/asm/paravirt.h:111 arch/x86/kernel/process.c:313) [ 38.905102] arch_cpu_idle (arch/x86/kernel/process.c:305) [ 38.905102] cpu_idle_loop (kernel/sched/idle.c:120 kernel/sched/idle.c:226) [ 38.905102] cpu_startup_entry (??:?) [ 38.905102] start_secondary (arch/x86/kernel/smpboot.c:240) [ 38.905102] Code: 00 0f 84 ec 00 00 00 31 f6 48 89 df e8 aa 90 00 00 4c 89 e7 e8 92 91 00 00 44 89 e8 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 <0f> 0b 66 0f 1f 44 00 00 4c 8d ab a8 00 00 00 4d 8d 7c 24 30 4c All code ======== 0: 00 0f add %cl,(%rdi) 2: 84 ec test %ch,%ah 4: 00 00 add %al,(%rax) 6: 00 31 add %dh,(%rcx) 8: f6 (bad) 9: 48 89 df mov %rbx,%rdi c: e8 aa 90 00 00 callq 0x90bb 11: 4c 89 e7 mov %r12,%rdi 14: e8 92 91 00 00 callq 0x91ab 19: 44 89 e8 mov %r13d,%eax 1c: 48 83 c4 28 add $0x28,%rsp 20: 5b pop %rbx 21: 41 5c pop %r12 23: 41 5d pop %r13 25: 41 5e pop %r14 27: 41 5f pop %r15 29: 5d pop %rbp 2a: c3 retq 2b:* 0f 0b ud2 <-- trapping instruction 2d: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) 33: 4c 8d ab a8 00 00 00 lea 0xa8(%rbx),%r13 3a: 4d 8d 7c 24 30 lea 0x30(%r12),%r15 3f: 4c rex.WR ... Code starting with the faulting instruction =========================================== 0: 0f 0b ud2 2: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) 8: 4c 8d ab a8 00 00 00 lea 0xa8(%rbx),%r13 f: 4d 8d 7c 24 30 lea 0x30(%r12),%r15 14: 4c rex.WR ... [ 38.905102] RIP blk_flush_complete_seq (block/blk-flush.c:212) [ 38.905102] RSP <ffff8801c3a03e08> I've noticed that reverting to the older gcc version made it work fine again, so I've started a quick bisection which pointed at: "Improve prepare_shrink_wrap to sink more instructions" ( https://gcc.gnu.org/ml/gcc-patches/2014-09/msg00358.html ). I'm attaching good and bad .s files of the kernel's block/blk-mq.s, block/blk-flush.s and drivers/block/virtio_blk.s.