From nobody@FreeBSD.org  Tue Aug 28 23:15:58 2001
Return-Path: <nobody@FreeBSD.org>
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 234AA37B406
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 28 Aug 2001 23:15:58 -0700 (PDT)
	(envelope-from nobody@FreeBSD.org)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.4/8.11.4) id f7T6FwW24091;
	Tue, 28 Aug 2001 23:15:58 -0700 (PDT)
	(envelope-from nobody)
Message-Id: <200108290615.f7T6FwW24091@freefall.freebsd.org>
Date: Tue, 28 Aug 2001 23:15:58 -0700 (PDT)
From: Petr Lampa <lampa@fee.vutbr.cz>
To: freebsd-gnats-submit@FreeBSD.org
Subject: gcc-2.95.3 -O2 optimalization bug
X-Send-Pr-Version: www-1.0

>Number:         30181
>Category:       gnu
>Synopsis:       gcc-2.95.3 -O2 optimalization bug
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Aug 28 23:20:00 PDT 2001
>Closed-Date:    Thu Jan 17 19:22:09 PST 2002
>Last-Modified:  Thu Jan 17 19:22:26 PST 2002
>Originator:     Petr Lampa
>Release:        4.3-RELEASE,4.3-STABLE,4.4-RC1
>Organization:
Dept. of Computer Science FEECS BUT
>Environment:
FreeBSD boco.fee.vutbr.cz 4.3-STABLE FreeBSD 4.3-STABLE #1: Thu Jul 19 08:48:56 CEST 2001 lampa@boco.fee.vutbr.cz:/src/sys/sys-44/compile/BOCO  i386

>Description:
gcc-2.95.3 (both FreeBSD port and original GNU version) generates
bad code for long long operations in some cases when -O2 is on:

#include <sys/types.h>
#include <netinet/in.h>

extern off_t
rfc1035NamePack(char *buf, size_t sz, const char *name);

static off_t
rfc1035QuestionPack(char *buf, size_t sz, const char *name, unsigned short type,
 unsigned short class)
{
    off_t off = 0;                  <-- this is long long
    unsigned short s;
    off += rfc1035NamePack(buf, sz, name);
    s = class;
    memcpy(buf + off, &s, sizeof(s));
    assert(off <= sz);
    return off;
}

The code is taken from squid-2.3.STABLE5, it's minimized to demonstrate bug.

gcc -v -O2 -S t.c
Using builtin specs.
gcc version 2.95.3 [FreeBSD] 20010315 (release)
 /usr/libexec/cpp -lang-c -v -D__GNUC__=2 -D__GNUC_MINOR__=95 -Di386 -D__FreeBSD
__=4 -D__FreeBSD_cc_version=440000 -Dunix -D__i386__ -D__FreeBSD__=4 -D__FreeBSD
_cc_version=440000 -D__unix__ -D__i386 -D__unix -Acpu(i386) -Amachine(i386) -Asy
stem(unix) -Asystem(FreeBSD) -D__OPTIMIZE__ -Acpu(i386) -Amachine(i386) -Di386 -
D__i386 -D__i386__ -D__ELF__ t.c /tmp/ccvoKazy.i
GNU CPP version 2.95.3 [FreeBSD] 20010315 (release) (i386 FreeBSD/ELF)
#include "..." search starts here:
#include <...> search starts here:
 /usr/include
 /usr/include
End of search list.
The following default directories have been omitted from the search path:
 /usr/include/g++
End of omitted list.
 /usr/libexec/cc1 /tmp/ccvoKazy.i -quiet -dumpbase t.c -O2 -version -o t.s
GNU C version 2.95.3 [FreeBSD] 20010315 (release) (i386-unknown-freebsd) compile
d by GNU C version 2.95.3 [FreeBSD] 20010315 (release).

      .file   "t.c"
        .version        "01.01"
gcc2_compiled.:
.text
        .p2align 2,0x90
        .type            rfc1035QuestionPack,@function
rfc1035QuestionPack:
        pushl %ebp
        movl %esp,%ebp
        subl $16,%esp
        pushl %edi
        pushl %esi
        movl 8(%ebp),%esi
        movl 12(%ebp),%eax
        xorl %edx,%edx       <---- this should be long long (%eax,%edx)
        movl %eax,12(%ebp)   <---- 2nd argument overwritten
        movl %edx,16(%ebp)   <---- 3rd argument overwritten
        movl 24(%ebp),%edi
        addl $-4,%esp
        pushl 16(%ebp)
        pushl %eax
        pushl %esi
        call rfc1035NamePack
        movl %eax,-8(%ebp)
        movl %edx,-4(%ebp)
        movl -8(%ebp),%eax
        movw %di,(%eax,%esi)
        addl $-12,%esp
        xorl %ecx,%ecx
        movl 12(%ebp),%eax
        movl 16(%ebp),%edx
        addl $16,%esp
        cmpl %edx,-4(%ebp)
        jg .L3
        jne .L4
        cmpl %eax,-8(%ebp)
        ja .L3
.L4:
        movl $1,%ecx
.L3:
        pushl %ecx
        call assert
        movl -8(%ebp),%eax
        movl -4(%ebp),%edx
        leal -24(%ebp),%esp
        popl %esi
        popl %esi
        popl %edi
        leave
        ret
.Lfe1:
        .size            rfc1035QuestionPack,.Lfe1-rfc1035QuestionPack
        .ident  "GCC: (GNU) c 2.95.3 [FreeBSD] 20010315 (release)"

>How-To-Repeat:
gcc -O2 t.c
>Fix:
Use -O optimalization only. This error may manifest anywhere where long long type is used (distribution, ports). This should be mentioned
in release notes.
gcc-3.0.1 seems to be fixed.
>Release-Note:
>Audit-Trail:

From: Bruce Evans <bde@zeta.org.au>
To: Petr Lampa <lampa@fee.vutbr.cz>
Cc: <freebsd-gnats-submit@FreeBSD.ORG>
Subject: Re: gnu/30181: gcc-2.95.3 -O2 optimalization bug
Date: Wed, 29 Aug 2001 22:30:00 +1000 (EST)

 On Tue, 28 Aug 2001, Petr Lampa wrote:
 
 > >Description:
 > gcc-2.95.3 (both FreeBSD port and original GNU version) generates
 > bad code for long long operations in some cases when -O2 is on:
 
 See also PR 19245.  It gives essentially the same example, with less
 analysis and more followup.
 
 Bruce
 

From: Kris Kennaway <kris@obsecurity.org>
To: Petr Lampa <lampa@fee.vutbr.cz>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: gnu/30181: gcc-2.95.3 -O2 optimalization bug
Date: Wed, 29 Aug 2001 14:01:18 -0700

 --sm4nu43k4a2Rpi4c
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 
 On Tue, Aug 28, 2001 at 11:15:58PM -0700, Petr Lampa wrote:
 
 > >How-To-Repeat:
 > gcc -O2 t.c
 > >Fix:
 > Use -O optimalization only. This error may manifest anywhere where
 > long long type is used (distribution, ports). This should be
 > mentioned in release notes.
 
 It's currently documented in /etc/make.conf.
 
 You need to report gcc bugs to the gcc developers; there's no-one in
 FreeBSD who tracks these down and fixes them locally.
 
 Kris
 
 --sm4nu43k4a2Rpi4c
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.0.6 (FreeBSD)
 Comment: For info see http://www.gnupg.org
 
 iD8DBQE7jVgeWry0BWjoQKURAiGNAKCkYuVS/XWAdy/NlIXFifQOSr/tJgCfSXGu
 v2JUZtQfoBHl+zH1dPTHdVw=
 =La0q
 -----END PGP SIGNATURE-----
 
 --sm4nu43k4a2Rpi4c--
Responsible-Changed-From-To: freebsd-bugs->obrien 
Responsible-Changed-By: obrien 
Responsible-Changed-When: Thu Aug 30 13:18:22 PDT 2001 
Responsible-Changed-Why:  
I wish people would make me aware of these PRs when they see them.... 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=30181 
Responsible-Changed-From-To: obrien->freebsd-bugs 
Responsible-Changed-By: obrien 
Responsible-Changed-When: Mon Sep 10 09:27:01 PDT 2001 
Responsible-Changed-Why:  

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=30181 
State-Changed-From-To: open->closed 
State-Changed-By: ashp 
State-Changed-When: Thu Jan 17 19:22:09 PST 2002 
State-Changed-Why:  
We don't currently have the manpower to fix bugs in GCC.  This should be 
filed with the GCC guys directly. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=30181 
>Unformatted:
