Bug 784242

Summary: wrong code generated for _itoa() from glibc 2.15
Product: [Fedora] Fedora Reporter: Dan Horák <dan>
Component: gccAssignee: Jakub Jelinek <jakub>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: brueckner, jakub
Target Milestone: ---   
Target Release: ---   
Hardware: s390   
OS: Unspecified   
Whiteboard:
Fixed In Version: gcc-4.7.0-0.10.fc17 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-01-27 10:40:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
gdb output and disassembly of _itoa() from glibc-2.15-2
none
disassembly of _itoa() from glibc-2.15-1 none

Description Dan Horák 2012-01-24 11:32:35 UTC 
Created attachment 557192 [details]
gdb output and disassembly of _itoa() from glibc-2.15-2

It seems that gcc 4.7 generates wrong code in the _itoa() function from glibc-2.15.

Symptoms are segfaults when running binaries with glibc-2.15-2.fc17 (http://s390.koji.fedoraproject.org/koji/buildinfo?buildID=94051) that was built with gcc-4.7.0-0.8.fc17. When glibc-2.15-1.fc17 (built with gcc 4.6) is installed then same binaries run without segfaults.

<mock-chroot>gdb --args /usr/libexec/gcc/s390-redhat-linux/4.7.0/cc1 /tmp/a.i
GNU gdb (GDB) Fedora (7.4.50.20120103-8.fc17)
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "s390-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/libexec/gcc/s390-redhat-linux/4.7.0/cc1...Reading symbols from /usr/lib/debug/usr/libexec/gcc/s390-redhat-linux/4.7.0/cc1.debug...done.
done.
(gdb) run
Starting program: /usr/libexec/gcc/s390-redhat-linux/4.7.0/cc1 /tmp/a.i

Program received signal SIGSEGV, Segmentation fault.
_itoa (value=<optimized out>, buflim=0x7ffff1d7 "\230\200\216\210z\177\377\361\240\373\255\200\001", base=10, upper_case=0) at _itoa.c:437
437			  *--buflim = digits[rem];
Missing separate debuginfos, use: debuginfo-install gmp-5.0.2-3.fc17.s390 libmpc-0.9-2.fc17.2.s390 mpfr-3.1.0-2.fc17.s390 zlib-1.2.5-6.fc17.s390
(gdb) where
#0  _itoa (value=<optimized out>, buflim=0x7ffff1d7 "\230\200\216\210z\177\377\361\240\373\255\200\001", base=10, upper_case=0) at _itoa.c:437
#1  0x7ddaac9c in _IO_vfprintf_internal (s=0x7ffff238, format=<optimized out>, ap=0x7ffff348) at vfprintf.c:1567
#2  0x7ddd2e6e in _IO_vasprintf (result_ptr=0x7ffff344, format=0xa8713e "__SIZEOF_INT__=%lld", args=0x7ffff348) at vasprintf.c:64
#3  0x00a4d59c in cpp_define_formatted (pfile=pfile@entry=0xcd1d20, fmt=fmt@entry=0xa8713e "__SIZEOF_INT__=%lld") at ../../libcpp/directives.c:2370
#4  0x009312a0 in define_builtin_macros_for_type_sizes (pfile=0xcd1d20) at ../../gcc/cppbuiltin.c:133
#5  define_language_independent_builtin_macros (pfile=pfile@entry=0xcd1d20) at ../../gcc/cppbuiltin.c:188
#6  0x00911eba in c_cpp_builtins (pfile=0xcd1d20) at ../../gcc/c-family/c-cppbuiltin.c:690
#7  0x00914026 in c_finish_options () at ../../gcc/c-family/c-opts.c:1332
#8  0x00916184 in c_common_parse_file () at ../../gcc/c-family/c-opts.c:1107
#9  0x009b2da8 in compile_file () at ../../gcc/toplev.c:557
#10 do_compile () at ../../gcc/toplev.c:1938
#11 toplev_main (argc=2, argv=0x7ffff6c4) at ../../gcc/toplev.c:2014
#12 0x7dd7fb10 in __libc_start_main (main=0x6571bc <main>, argc=2, ubp_av=0x7ffff6c4, init=<optimized out>, fini=0xa55aa0 <__libc_csu_fini>, 
    rtld_fini=0x7dfeeed4 <_dl_fini>, stack_end=0x7ffff658) at libc-start.c:226
#13 0x008f1622 in _start ()
Comment 1 Dan Horák 2012-01-24 11:38:42 UTC 
Created attachment 557198 [details]
disassembly of _itoa() from glibc-2.15-1
Comment 3 Jakub Jelinek 2012-01-24 14:48:17 UTC 
Indeed,
char * _itoa (unsigned long long, char *, unsigned, int);

char buf[64];
int
main (void)
{
  char *p = _itoa (4LL, buf, 10, 0);
  return 0;
}
linked statically against 2.15-1.s390 libc.a works, and against 2.15-2.s390 libc.a segfaults.
Comment 4 Jakub Jelinek 2012-01-26 13:39:26 UTC 
Should be fixed in gcc-4.7.0-0.10.fc17, but you need to remove the miscompiled glibc from the buildroots first, then build this gcc, then rebuild glibc.