1447166 – gcc 7.0.1-0.15.fc27 optimizes out pagefault_disable() on aarch64 kernel

Bug 1447166 - gcc 7.0.1-0.15.fc27 optimizes out pagefault_disable() on aarch64 kernel

Summary: gcc 7.0.1-0.15.fc27 optimizes out pagefault_disable() on aarch64 kernel

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	gcc
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Jakub Jelinek
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-05-02 01:07 UTC by Laura Abbott
Modified:	2017-05-23 13:30 UTC (History)
CC List:	6 users (show)
Fixed In Version:	gcc-7.1.1-1.fc27
Clone Of:
Environment:
Last Closed:	2017-05-23 13:30:25 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
uaccess.h containing pagefault_disable() and pagefault_enable() (3.58 KB, text/plain) 2017-05-02 01:07 UTC, Laura Abbott	no flags	Details
snippet of incorrectly generated assembly (1.77 KB, text/plain) 2017-05-02 01:07 UTC, Laura Abbott	no flags	Details
snippet of correctly generated assembly (2.23 KB, text/plain) 2017-05-02 01:08 UTC, Laura Abbott	no flags	Details
preprocessed maccess.i (829.31 KB, text/plain) 2017-05-02 14:32 UTC, Laura Abbott	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
GNU Compiler Collection	80591	0	None	None	None	2017-05-02 09:11:41 UTC

Description Laura Abbott 2017-05-02 01:07:11 UTC

Created attachment 1275539 [details]
uaccess.h containing pagefault_disable() and pagefault_enable()

Current kernels fail to boot on aarch64 and spew warnings

[    0.000000] ------------[ cut here ]------------
[    0.000000] WARNING: CPU: 0 PID: 0 at ./include/linux/uaccess.h:15 __probe_kernel_read+0xc8/0xd0
[    0.000000] Modules linked in:
[    0.000000] 
[    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.11.0-rc7-bootwut #93
[    0.000000] Hardware name: APM X-Gene Mustang board (DT)
[    0.000000] task: ffff000009009c00 task.stack: ffff000008ff0000
[    0.000000] PC is at __probe_kernel_read+0xc8/0xd0
[    0.000000] LR is at __probe_kernel_read+0x5c/0xd0
[    0.000000] pc : [<ffff000008251dd0>] lr : [<ffff000008251d64>] pstate: 800000c5
[    0.000000] sp : ffff000008ff3ee0
[    0.000000] x29: ffff000008ff3ee0 x28: 0000004001000018 
[    0.000000] x27: 0000000000000000 x26: 0000000000000000 
[    0.000000] x25: 0000000000000038 x24: 0000000000040000 
[    0.000000] x23: ffff8003ffa1f600 x22: 0000000000000001 
[    0.000000] x21: ffff000008ff3f8f x20: ffffffffffffffff 
[    0.000000] x19: ffff000009009c00 x18: ffff8003ffecad18 
[    0.000000] x17: 0000000000000000 x16: 0000000000000000 
[    0.000000] x15: 000000007c274a1c x14: 0000000000000000 
[    0.000000] x13: 0000000000000000 x12: 0000000000000002 
[    0.000000] x11: ffff000009194ac8 x10: 0000000000000022 
[    0.000000] x9 : 0000000000000021 x8 : 0000000000003ff0 
[    0.000000] x7 : 0000000000003fff x6 : ffff000008ff3f90 
[    0.000000] x5 : ffff000008ff3f90 x4 : ffff000009886c60 
[    0.000000] x3 : 0000000000000064 x2 : 0000000000000001 
[    0.000000] x1 : 00000000ffffffff x0 : 0000000000000000 
[    0.000000] 
[    0.000000] ---[ end trace bec787061c40ac80 ]---
[    0.000000] Call trace:
[    0.000000] Exception stack(0xffff000008ff3d00 to 0xffff000008ff3e30)
[    0.000000] 3d00: ffff000009009c00 0001000000000000 ffff000008ff3ee0 ffff000008251dd0
[    0.000000] 3d20: 00000000800000c5 000000000000003d ffff000008fb6000 ffff00000904a668
[    0.000000] 3d40: 0000000000000000 00000000000000c0 0000000000000000 0000000000000000
[    0.000000] 3d60: 0000000000000001 0000000000000000 ffff0000082849e8 ffff000009001458
[    0.000000] 3d80: 0000000000000000 0000000000000028 0000000000000001 0000000000000001
[    0.000000] 3da0: ffff000000000000 ffff000000000000 0000000000000000 00000000ffffffff
[    0.000000] 3dc0: 0000000000000001 0000000000000064 ffff000009886c60 ffff000008ff3f90
[    0.000000] 3de0: ffff000008ff3f90 0000000000003fff 0000000000003ff0 0000000000000021
[    0.000000] 3e00: 0000000000000022 ffff000009194ac8 0000000000000002 0000000000000000
[    0.000000] 3e20: 0000000000000000 000000007c274a1c
[    0.000000] [<ffff000008251dd0>] __probe_kernel_read+0xc8/0xd0
[    0.000000] [<ffff000008284a38>] kmem_cache_create+0xa0/0x2f0
[    0.000000] [<ffff000008e2284c>] ptlock_cache_init+0x24/0x34
[    0.000000] [<ffff000008e009e8>] start_kernel+0x20c/0x3e0
[    0.000000] [<ffff000008e001e0>] __primary_switched+0x64/0x6c
[    0.000000] ------------[ cut here ]------------

uaccess.h is attached and contains the associated functions

The code for __probe_kernel_read is fairly straight forward

long __probe_kernel_read(void *dst, const void *src, size_t size)
{
        long ret;
        mm_segment_t old_fs = get_fs();

        set_fs(KERNEL_DS);
        pagefault_disable();
        ret = __copy_from_user_inatomic(dst,
                        (__force const void __user *)src, size);
        pagefault_enable();
        set_fs(old_fs);

        return ret ? -EFAULT : 0;
}

with gcc 7.0.1-0.15.fc27 and gcc 7.0.1-0.16.fc27, the following block corresponding to pagefault_disable seems to be missing

ffff00000825223c:       b9620260        ldr     w0, [x19, #8704]
ffff000008252240:       11000400        add     w0, w0, #0x1
ffff000008252244:       b9220260        str     w0, [x19, #8704]

If I downgrade to gcc 7.0.1-0.14.fc27 the block is emitted correctly (assembly snippet attached)

I haven't tried to reduce this to a smaller test case than the kernel. I can provide more information if necessary.

Comment 1 Laura Abbott 2017-05-02 01:07:55 UTC

Created attachment 1275540 [details]
snippet of incorrectly generated assembly

Comment 2 Laura Abbott 2017-05-02 01:08:33 UTC

Created attachment 1275541 [details]
snippet of correctly generated assembly

Comment 3 Laura Abbott 2017-05-02 01:09:23 UTC

https://koji.fedoraproject.org/koji/buildinfo?buildID=882333 is the last working kernel build, https://koji.fedoraproject.org/koji/buildinfo?buildID=882846 is the first bad kernel build

Comment 4 Jeff Law 2017-05-02 02:43:28 UTC

What we really need here is the .i file which is the CPP output that we can feed directly back into the compiler and command line.

You can get the .i file by adding "-save-temps" to the command line.  While I've got no doubt Marek & Jakub can get that themselves, it's almost certainly easier for you to get the .i file.

Comment 5 Jakub Jelinek 2017-05-02 08:09:38 UTC

From kernel-debuginfo.aarch64 the gcc command line seems to be:
-mlittle-endian -mgeneral-regs-only -mpc-relative-literal-loads -mabi=lp64 -g -O2 -std=gnu90 -p -fno-strict-aliasing -fno-common -fno-PIE -fno-asynchronous-unwind-tables -fno-delete-null-pointer-checks -fno-stack-protector -fno-omit-frame-pointer -fno-optimize-sibling-calls -fvar-tracking-assignments -fno-inline-functions-called-once -fno-strict-overflow -fconserve-stack --param allow-store-data-races=0
(with -I and -D options ommitted).  But at least from kernel-debuginfo files it is impossible to recreate the preprocessed file, the kernel headers maze is a mess.

Comment 6 Laura Abbott 2017-05-02 14:32:08 UTC

Created attachment 1275708 [details]
preprocessed maccess.i

Thanks for the quick turn around and reporting upstream. To help with future bug reporting, does the attached .i file look like what you wanted? This can be generated for any kernel file by doing 'make path/to/file.i' (e.g. make mm/maccess.i)

Comment 7 Jakub Jelinek 2017-05-23 13:30:25 UTC

Should be fixed in gcc-7.1.1-1.fc{26,27}.

Note You need to log in before you can comment on or make changes to this bug.