[Bug c/35895] New: gcc puts code in rodata section with -Os -g -funit-at-a-time

[Bug c/35895] New: gcc puts code in rodata section with -Os -g -funit-at-a-time

[rostedt at goodmis dot org]

gcc can place code into the .rodata section. I found this while debugging a
crash in Ingo Molnar's sched-devel kernel. In the kernel code
arch/x86/kernel/alternative.c the static inline function costant_test_bit was
placed into the rodata. Later on in the kernel boot up sequence, the rodata
section is protected with the NX bit in the page tables. The next time the code
in the rodata is executed we get a crash.

I'll attach a file that shows this behaviour. I tried to strip it down but too
many modifications to the file makes the issue disappear. I compiled the code
with the -E option and saved that file to get rid of any header information
that would prevent you from seeing the issue.

I have also trimmed down the arguments that I pass in to :

rostedt@gandalf:~/gcc$ gcc -fno-strict-aliasing -Os -m64 -funit-at-a-time  -g
-c -o alt.o alt.c 
rostedt@gandalf:~/gcc$ nm alt.o | grep constant_test_bit
0000000000000090 r constant_test_bit
rostedt@gandalf:~/gcc$ gcc -v                         
Using built-in specs.
Target: x86_64-unknown-linux-gnu
Configured with: ../gcc-4.2.2/configure --prefix=/usr/local/dist
--program-prefix=dist- --without-doc --enable-bootstrap --enable-64-bit-bfd
Thread model: posix
gcc version 4.2.2


I've compiled this version of gcc myself, but I have also seen this issue in
the  Red Hat Enterprise Linux version of gcc: 

[root@bxrhel51 linux-x86-sched-devel.git]# gcc -v
Using built-in specs.
Target: x86_64-redhat-linux
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --enable-shared --enable-threads=posix
--enable-checking=release --with-system-zlib --enable-__cxa_atexit
--disable-libunwind-exceptions --enable-libgcj-multifile
--enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk
--disable-dssi --enable-plugin
--with-java-home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre --with-cpu=generic
--host=x86_64-redhat-linux
Thread model: posix
gcc version 4.1.2 20070626 (Red Hat 4.1.2-14)


Also note that the call is in fact to the .rodata as seen with:

objdump -Dra alt.o :

  8e:   e8 00 00 00 00          callq  93 <alternatives_smp_module_add+0x30>
                        8f: R_X86_64_PC32       .rodata+0x8c

Disassembly of section .rodata:
[...]
0000000000000090 <constant_test_bit>:
  90:   89 f9                   mov    %edi,%ecx
  92:   bf 40 00 00 00          mov    $0x40,%edi
  97:   89 c8                   mov    %ecx,%eax
  99:   99                      cltd   
  9a:   f7 ff                   idiv   %edi
  9c:   89 d1                   mov    %edx,%ecx
  9e:   48 63 d0                movslq %eax,%rdx
  a1:   48 8b 04 d6             mov    (%rsi,%rdx,8),%rax
  a5:   48 d3 e8                shr    %cl,%rax
  a8:   83 e0 01                and    $0x1,%eax
  ab:   c3                      retq   
  ac:   00 00                   add    %al,(%rax)


-- 
           Summary: gcc puts code in rodata section with -Os -g -funit-at-a-
                    time
           Product: gcc
           Version: 4.2.2
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: rostedt at goodmis dot org
 GCC build triplet: x86_64-unknown-linux-gnu
  GCC host triplet: x86_64-unknown-linux-gnu
GCC target triplet: x86_64-unknown-linux-gnu


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=35895

[Bug c/35895] gcc puts code in rodata section with -Os -g -funit-at-a-time

[rostedt at goodmis dot org]

------- Comment #1 from rostedt at goodmis dot org  2008-04-09 22:20 -------
Created an attachment (id=15461)
 --> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=15461&action=view)
alternative.c file compiled with -E and with some stipping

This is a gzipped version that shows the problem.

Do the following:

gcc -fno-strict-aliasing -Os -m64 -funit-at-a-time  -g -c -o alt.o alt.c

And examine the alt.o to see that several functions are in the .rodata section.

use: objdump -Dra alt.o | less
and search for 'Disassembly of section .rodata:'


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=35895

[Bug c/35895] gcc puts code in rodata section with -Os -g -funit-at-a-time

[pinskia at gcc dot gnu dot org]

------- Comment #2 from pinskia at gcc dot gnu dot org  2008-04-09 22:34 -------
The toplevel asm has:
asm("\t.section .rodata, \"a\"\nintelnops: "
 ".byte 0x90\n" ".byte 0x89,0xf6\n" ".byte 0x8d,0x76,0x00\n" ".byte
0x8d,0x74,0x26,0x00\n" ".byte 0x90\n" ".byte 0x8d,0x74,0x26,0x00\n" ".byte
0x8d,0xb6,0x00,0x00,0x00,0x00\n"
 ".byte 0x8d,0xb4,0x26,0x00,0x00,0x00,0x00\n" ".byte 0x90\n" ".byte
0x8d,0xb4,0x26,0x00,0x00,0x00,0x00\n");

GCC assumes the toplevel asm will not change the section, you need to use
.previous or what ever other method to push/pop the section.


-- 

pinskia at gcc dot gnu dot org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
         Resolution|                            |INVALID


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=35895