[Bug c/26549] New: pointer truncation in arch/powerpc/kernel/prom_init.c

Fri, 03 Mar 2006 08:43:18 -0800 

The address of variable val in prom_init_stdout is passed to prom_getprop.
prom_getprop casts the pointer to u32 and passes it to call_prom in the hope
that OpenFirmware stores something there.
But the pointer is truncated in the lower bits and the expected value is
stored somewhere else.
This gcc bug does not exist in SLES9 gcc33 toolchain, but it is present in
gcc4.0+, likely also in gcc3.4. Compiling a testcase without any -O produces
also correct code.

In my testing I had a stackpointer of 0x0023e6b4. val was at offset 120, 
wich has address 0x0023e72c. But the value passed to OF was 0x0023e728.

c00000000040b710:       3b 01 00 78     addi    r24,r1,120
...
c00000000040b754:       57 08 00 38     rlwinm  r8,r24,0,0,28
...
c00000000040b784:       80 01 00 78     lwz     r0,120(r1)
...
c00000000040b798:       90 1b 00 0c     stw     r0,12(r27)
...

simple testcase:

int f(unsigned);
void g(void)
{
        unsigned a;
        unsigned int b = (unsigned long)(void*)(&a);
        f(b);
}

asm should look like this:
   c:   38 61 00 70     addi    r3,r1,112
  10:   78 63 00 20     clrldi  r3,r3,32
  14:   48 00 00 01     bl      14 <.g+0x14>

But instead it looks like:
   c:   38 61 00 70     addi    r3,r1,112
  10:   54 63 00 36     rlwinm  r3,r3,0,0,27
  14:   48 00 00 01     bl      14 <.g+0x14>


So just uninline prom_getprop to workaround this gcc bug.

c000000000409034 <.prom_getprop>:
c000000000409054:       7c bc 2b 78     mr      r28,r5
c000000000409074:       7b 88 00 20     clrldi  r8,r28,32
...
c00000000040b29c <.prom_init>:
c00000000040b47c:       e8 82 a1 d8     ld      r4,-24104(r2)
c00000000040b480:       80 61 00 74     lwz     r3,116(r1)
c00000000040b484:       7f 85 e3 78     mr      r5,r28
c00000000040b488:       38 c0 00 10     li      r6,16
c00000000040b48c:       4b c1 c2 95     bl      c000000000027720
<.prom_getprop>
...
c00000000040b4b4:       80 61 00 74     lwz     r3,116(r1)


Signed-off-by: Olaf Hering <[EMAIL PROTECTED]>

 arch/powerpc/kernel/prom_init.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

Index: linux-2.6.16-rc5-olh/arch/powerpc/kernel/prom_init.c
===================================================================
--- linux-2.6.16-rc5-olh.orig/arch/powerpc/kernel/prom_init.c
+++ linux-2.6.16-rc5-olh/arch/powerpc/kernel/prom_init.c
@@ -421,8 +421,8 @@ static int __init prom_next_node(phandle
                        return 1;
        }
 }
-
-static int inline prom_getprop(phandle node, const char *pname,
+/* do not mark as inline to work around gcc bug */
+static int __init prom_getprop(phandle node, const char *pname,
                               void *value, size_t valuelen)
 {
        return call_prom("getprop", 4, 1, node, ADDR(pname),


-- 
           Summary: pointer truncation in arch/powerpc/kernel/prom_init.c
           Product: gcc
           Version: 4.1.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: olh at suse dot de
 GCC build triplet: powerpc64-linux
  GCC host triplet: powerpc64-linux
GCC target triplet: powerpc64-linux


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26549

Reply via email to