From owner-freebsd-bugs  Tue Jun 13  9:30:19 2000
Delivered-To: freebsd-bugs@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP id 1BF6037BF84
	for <freebsd-bugs@FreeBSD.org>; Tue, 13 Jun 2000 09:30:01 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) id JAA44754;
	Tue, 13 Jun 2000 09:30:00 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: from privatecube.privatelabs.com (privatecube.privatelabs.com [198.143.31.30])
	by hub.freebsd.org (Postfix) with ESMTP id 5D03C37BF03
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 13 Jun 2000 09:24:05 -0700 (PDT)
	(envelope-from mi@privatelabs.com)
Received: from misha.privatelabs.com (root@misha.privatelabs.com [198.143.31.6])
	by privatecube.privatelabs.com (8.9.3/8.9.2) with ESMTP id MAA25696
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 13 Jun 2000 12:22:34 -0400
Received: (from mi@localhost)
	by misha.privatelabs.com (8.9.3/8.9.3) id MAA61270;
	Tue, 13 Jun 2000 12:23:01 -0400 (EDT)
	(envelope-from mi)
Message-Id: <200006131623.MAA61270@misha.privatelabs.com>
Date: Tue, 13 Jun 2000 12:23:01 -0400 (EDT)
From: Mikhail Teterin <mi@privatelabs.com>
Reply-To: mi@aldan.algebra.com
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.2
Subject: i386/19245: -fexpensive-optimizations buggy (even with -O)
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         19245
>Category:       i386
>Synopsis:       -fexpensive-optimizations buggy (even with -O)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jun 13 09:30:00 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     Mikhail Teterin
>Release:        FreeBSD 4.0-STABLE i386
>Organization:
Virtual Estates, Inc.
>Environment:

	CPU: Pentium II/Pentium II Xeon/Celeron (334.09-MHz 686-class CPU)
	Pentium Pro MTRR support enabled


>Description:

	The attached piece of code, when compiled with
	``-O -fexpensive-optimizations'', produces incorrect
	binary on FreeBSD-4.0 .

	I tested the same compiler line on Mandrake Linux (an
	identical machine hardware-wise) and it compiles correctly.

	Mandrake's cc is the same as on FreeBSD:

		Reading specs from
			/usr/lib/gcc-lib/i586-mandrake-linux/2.95.2/specs
		gcc version 2.95.2 19991024 (release)
			vs. our
		Using builtin specs.
		gcc version 2.95.2 19991024 (release)

	But their assembler is newer:

		GNU assembler version 2.9.5 (i686-pc-linux-gnu)
		using BFD version 2.9.5.0.16
			vs. our
		GNU assembler version 2.9.1 (i386-unknown-freebsdelf),
		using BFD version 2.9.1

>How-To-Repeat:

	Save the C-code below into a file bug.c. Then compile it with
		cc -O -fexpensive-optimizations bug.c -o bug

	As you can see from the code, the hostname output by both
	printfs shoud be the same, and on Linux and on FreeBSD without
	the -fexpensive-optimizations flag it is:

	Calling rfc1035QuestionPack with hostname 0xbffffe32 (./bug)
	In rfc1035QuestionPack: hostname is 0xbffffe32 (./bug)

	Yet, with the -fexpensive-optimizations flag, the hostname
	argument is passed in the register, which, apparently, is
	sometimes not loaded with the value and remains zero, resulting
	in:

	Calling rfc1035QuestionPack with hostname 0xbfbff8f0 (./bug)
	In rfc1035QuestionPack: hostname is 0x0 ((null))

	The code is stripped from the squid23's lib/rfc1035.c (I found
	this because squid was crashing on every request and restarting)
	-- I tried to reduce it to the bare minimum needed to reproduce
	the bug.

	/* beginning of end.c */

#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <sys/types.h>
#include <assert.h>
#include <strings.h>

static off_t
rfc1035QuestionPack(char *buf,
    size_t sz,
    const char *hostname,
    unsigned short class
    )
{
    off_t off = 0;
    unsigned short s;
    printf("In rfc1035QuestionPack: hostname is %p (%s)\n",
	hostname, hostname);
    s = htons(class);
    memcpy(buf + off, &s, sizeof(s));
    off += sizeof(s);
    assert(off <= sz);
    return off;
}

static unsigned short
rfc1035BuildAQuery(const char *hostname, char *buf, size_t sz)
{
    off_t offset = 0;
    printf("Calling rfc1035QuestionPack with hostname %p (%s)\n",
	hostname, hostname);
    offset += rfc1035QuestionPack(buf + offset,
	sz - offset,
	hostname,
	1
    );
    return 0;
}

int main(int argc, char *argv[]) {
	char buf[1024];
	rfc1035BuildAQuery(argv[argc - 1], buf, 1024);
	return 0;
}
	/* end of bug.c */

>Fix:
	Get the new assembler/binutils and add -fno-expensive-optimizations
	to all CFLAGS in the meantime. Anything else?

>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message