This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
c/3710: segfaulting code generated with -O2 -fomit-frame-pointer (kernel!)
- To: gcc-gnats at gcc dot gnu dot org
- Subject: c/3710: segfaulting code generated with -O2 -fomit-frame-pointer (kernel!)
- From: hcs at icshu dot com
- Date: 17 Jul 2001 13:49:33 -0000
- Reply-To: hcs at icshu dot com
>Number: 3710
>Category: c
>Synopsis: segfaulting code generated with -O2 -fomit-frame-pointer (kernel!)
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: unassigned
>State: open
>Class: wrong-code
>Submitter-Id: net
>Arrival-Date: Tue Jul 17 06:56:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Csaba Halasz
>Release: gcc version 3.0.1 20010626 (prerelease)
>Organization:
>Environment:
http://www.codesourcery.com/gcc-compile.shtml
>Description:
Bad code generated for the loop marked "Set the p-boxes"
.L16:
movl bf_pbox(,%edx,4), %eax
movl -44(%ebp), %ebp <-- !!!
movl %eax, (%ebp,%edx,4)
incl %edx
decw %di
jns .L16
All the other stuff is needed otherwise the bug does not occur. This is an extract from the blowfish cipher in the international kernel patch.
>How-To-Repeat:
/*
Compile with
gcc -O2 -fomit-frame-pointer loopbug.c
*/
#define u8 unsigned char
#define u32 unsigned int
struct cipher_context;
struct cipher_context {
u32 *keyinfo;
};
static u32 bf_pbox[16 + 2] = {0, };
static u32 bf_sbox[256 * 4] = {0, };
typedef struct blow_key {
u32 P[18];
u32 S[1024];
} blow_key;
int
blowfish_encrypt (struct cipher_context *cx,
const u8 * in8, u8 * out8, int size, int atomic)
{
return 0;
}
/* Sets the blowfish S and P boxes for encryption and decryption. */
int
blowfish_set_key (struct cipher_context *cx,
unsigned char *key, int keybytes, int atomic)
{
blow_key *key2 = (blow_key *) cx->keyinfo;
short i;
short j;
short count;
u32 data[2];
u32 *P = key2->P;
u32 *S = key2->S;
/* Copy the initialization s-boxes */
for (i = 0, count = 0; i < 256; i++)
for (j = 0; j < 4; j++, count++)
S[count] = bf_sbox[count];
/* Set the p-boxes */
for (i = 0; i < 16 + 2; i++)
P[i] = bf_pbox[i];
for (i = 0; i < 16 + 2; i += 2) {
blowfish_encrypt (cx, (u8 *) data, (u8 *) data, 8, atomic);
P[i] = data[0];
P[i + 1] = data[1];
}
for (i = 0; i < 4; i++) {
for (j = 0, count = i * 256; j < 256; j += 2, count += 2) {
blowfish_encrypt (cx, (u8 *) data, (u8 *) data, 8,
atomic);
S[count] = data[0];
S[count + 1] = data[1];
}
}
return 0;
}
int main(int argc, char* argv[])
{
struct cipher_context cx;
struct blow_key bk;
cx.keyinfo = (u32*)&bk;
blowfish_set_key(&cx, "1234567890123456", 16, 0);
return 0;
}
>Fix:
use gcc-2.95 (and even that reloads a constant in each iteration!)
>Release-Note:
>Audit-Trail:
>Unformatted: