[valgrind] [Bug 495112] New: s390x: GCC miscompiles coredump-elf.c

Sun, 20 Oct 2024 14:25:03 -0700 

https://bugs.kde.org/show_bug.cgi?id=495112

            Bug ID: 495112
           Summary: s390x: GCC miscompiles coredump-elf.c
    Classification: Developer tools
           Product: valgrind
           Version: unspecified
          Platform: Other
                OS: Linux
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: general
          Assignee: jsew...@acm.org
          Reporter: flo2...@eich-krohm.de
  Target Milestone: ---

Created attachment 175067
  --> https://bugs.kde.org/attachment.cgi?id=175067&action=edit
Reproducer

The symptom is this compiler warning:

In function ‘fill_prstatus’,
    inlined from ‘dump_one_thread’ at m_coredump/coredump-elf.c:804:7:
m_coredump/coredump-elf.c:451:32: warning: array subscript ‘struct
vki_user_regs_struct[0]
’ is partly outside array bounds of ‘struct vki_elf_prstatus[1]’
[-Warray-bounds=]
  451 | #  define DO(n)  regs->gprs[n] = arch->vex.guest_r##n
      |                  ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~
m_coredump/coredump-elf.c:452:4: note: in expansion of macro ‘DO’
  452 |    DO(0);  DO(1);  DO(2);  DO(3);  DO(4);  DO(5);  DO(6);  DO(7);
      |    ^~
m_coredump/coredump-elf.c: In function ‘dump_one_thread’:
m_coredump/coredump-elf.c:774:28: note: at offset 112 into object ‘prstatus’ of
size 336
  774 |    struct vki_elf_prstatus prstatus;
      |                            ^~~~~~~~
....
and many more for every invocation of the DO macro.

The warning is incorrect because it is not struct vki_user_regs_struct that
is being indexed but vki_user_regs_struct::gprs. I condensed a small
reproducer.
Taking a closer look it turns out that the reproducer gets miscompiled.
In the .s file there should be a reference to the global variable "vexstuff"
but
it is missing. I guess it's reasonable to conclude that coredump-elf.c will get
miscompiled as well.

This occurs both with gcc (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.0 as well
as stock 14.2.0 (latest released version). One of the folks at IBM maintaining
the 
s390x backend for GCC confirmed that this is a known bug.

The fix is to reduce the optimisation level with a function attribute like so:

diff --git a/coregrind/m_coredump/coredump-elf.c
b/coregrind/m_coredump/coredump-elf.c
index a4632d9e2..22c6d4946 100644
--- a/coregrind/m_coredump/coredump-elf.c
+++ b/coregrind/m_coredump/coredump-elf.c
@@ -241,6 +241,9 @@ static void fill_prpsinfo(const ThreadState *tst,
 }
 #endif

+#if __GNUC__*10000 + __GNUC_MINOR__*100 + __GNUC__PATCHLEVEL__ <= 140200
+__attribute__((optimize(1)))
+#endif
 static void fill_prstatus(const ThreadState *tst, 
                          /*OUT*/struct vki_elf_prstatus *prs, 
                          const vki_siginfo_t *si)

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to