public inbox for gcc-prs@sourceware.org
help / color / mirror / Atom feed
From: hcs@icshu.com
To: gcc-gnats@gcc.gnu.org
Subject: c/3710: segfaulting code generated with -O2 -fomit-frame-pointer (kernel!)
Date: Tue, 17 Jul 2001 06:56:00 -0000 [thread overview]
Message-ID: <20010717134933.12669.qmail@sourceware.cygnus.com> (raw)
>Number: 3710
>Category: c
>Synopsis: segfaulting code generated with -O2 -fomit-frame-pointer (kernel!)
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: unassigned
>State: open
>Class: wrong-code
>Submitter-Id: net
>Arrival-Date: Tue Jul 17 06:56:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Csaba Halasz
>Release: gcc version 3.0.1 20010626 (prerelease)
>Organization:
>Environment:
http://www.codesourcery.com/gcc-compile.shtml
>Description:
Bad code generated for the loop marked "Set the p-boxes"
.L16:
movl bf_pbox(,%edx,4), %eax
movl -44(%ebp), %ebp <-- !!!
movl %eax, (%ebp,%edx,4)
incl %edx
decw %di
jns .L16
All the other stuff is needed otherwise the bug does not occur. This is an extract from the blowfish cipher in the international kernel patch.
>How-To-Repeat:
/*
Compile with
gcc -O2 -fomit-frame-pointer loopbug.c
*/
#define u8 unsigned char
#define u32 unsigned int
struct cipher_context;
struct cipher_context {
u32 *keyinfo;
};
static u32 bf_pbox[16 + 2] = {0, };
static u32 bf_sbox[256 * 4] = {0, };
typedef struct blow_key {
u32 P[18];
u32 S[1024];
} blow_key;
int
blowfish_encrypt (struct cipher_context *cx,
const u8 * in8, u8 * out8, int size, int atomic)
{
return 0;
}
/* Sets the blowfish S and P boxes for encryption and decryption. */
int
blowfish_set_key (struct cipher_context *cx,
unsigned char *key, int keybytes, int atomic)
{
blow_key *key2 = (blow_key *) cx->keyinfo;
short i;
short j;
short count;
u32 data[2];
u32 *P = key2->P;
u32 *S = key2->S;
/* Copy the initialization s-boxes */
for (i = 0, count = 0; i < 256; i++)
for (j = 0; j < 4; j++, count++)
S[count] = bf_sbox[count];
/* Set the p-boxes */
for (i = 0; i < 16 + 2; i++)
P[i] = bf_pbox[i];
for (i = 0; i < 16 + 2; i += 2) {
blowfish_encrypt (cx, (u8 *) data, (u8 *) data, 8, atomic);
P[i] = data[0];
P[i + 1] = data[1];
}
for (i = 0; i < 4; i++) {
for (j = 0, count = i * 256; j < 256; j += 2, count += 2) {
blowfish_encrypt (cx, (u8 *) data, (u8 *) data, 8,
atomic);
S[count] = data[0];
S[count + 1] = data[1];
}
}
return 0;
}
int main(int argc, char* argv[])
{
struct cipher_context cx;
struct blow_key bk;
cx.keyinfo = (u32*)&bk;
blowfish_set_key(&cx, "1234567890123456", 16, 0);
return 0;
}
>Fix:
use gcc-2.95 (and even that reloads a constant in each iteration!)
>Release-Note:
>Audit-Trail:
>Unformatted:
next reply other threads:[~2001-07-17 6:56 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-07-17 6:56 hcs [this message]
2001-11-18 13:26 rodrigc
2001-11-18 14:16 rodrigc
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010717134933.12669.qmail@sourceware.cygnus.com \
--to=hcs@icshu.com \
--cc=gcc-gnats@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).