[Bug c/121689] New: gcc-15.2 makes qemu riscv emulation on ppc64 jump into an if (false) when -fgcse is enabled.

Wed, 27 Aug 2025 02:49:48 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=121689

            Bug ID: 121689
           Summary: gcc-15.2 makes qemu riscv emulation on ppc64 jump into
                    an if (false) when -fgcse is enabled.
           Product: gcc
           Version: 15.2.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: christian.ehrhardt at canonical dot com
  Target Milestone: ---

Created attachment 62212
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=62212&action=edit
the preprocessed file (*.i*) that triggers the bug - from a qemu 10.1 build

Hi,
For the report here I'll focus on what a gcc bug report should have per [1]
But if you want more details, background how it was found or built files with
debuginfo to look at the effective compiler output in good and bad case, you
might look at the Ubuntu bug [2] and would probably find it. 


# the exact version of GCC

$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/powerpc64le-linux-gnu/15/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none
OFFLOAD_TARGET_DEFAULT=1
Target: powerpc64le-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 15.2.0-1ubuntu1'
--with-bugurl=file:///usr/share/doc/gcc-15/README.Bugs
--enable-languages=c,ada,c++,go,d,fortran,objc,obj-c++,m2,rust,cobol,algol68
--prefix=/usr --with-gcc-major-version-only --program-suffix=-15
--program-prefix=powerpc64le-linux-gnu- --enable-shared
--enable-linker-build-id --libexecdir=/usr/libexec --without-included-gettext
--enable-threads=posix --libdir=/usr/lib --enable-nls --enable-bootstrap
--enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes
--with-default-libstdcxx-abi=new --enable-libstdcxx-backtrace
--enable-gnu-unique-object --enable-plugin --enable-default-pie
--with-system-zlib --enable-libphobos-checking=release
--with-target-system-zlib=auto --with-libphobos-druntime-only=yes
--enable-objc-gc=auto --enable-secureplt --with-cpu=power9
--enable-targets=powerpcle-linux --disable-multilib --enable-multiarch
--disable-werror --with-long-double-128 --with-long-double-format=ieee
--enable-offload-targets=nvptx-none=/build/gcc-15-4HtANx/gcc-15-15.2.0/debian/tmp-nvptx/usr
--enable-offload-defaulted --without-cuda-driver --enable-checking=release
--build=powerpc64le-linux-gnu --host=powerpc64le-linux-gnu
--target=powerpc64le-linux-gnu --with-build-config=bootstrap-lto-lean
--enable-link-serialization=1
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 15.2.0 (Ubuntu 15.2.0-1ubuntu1)


# the system type;

- A VM matching the Ubuntu build and test environments.
- 2 cpus, 4 gb memory
- Running Ubuntu 25.10 questing [6] daily builds
- Chip POWER9 (architected), altivec supported, 2.3 (pvr 004e 1203)


# the options given when GCC was configured/built
>From [4][5] which is Ubuntu building the toolchain I got the following, if in
doubt more can be found in that build log.

Configured with: -v
         --with-pkgversion='Ubuntu 15.2.0-1ubuntu1'
         --with-bugurl='file:///usr/share/doc/gcc-15/README.Bugs'
        
--enable-languages=c,ada,c++,go,d,fortran,objc,obj-c++,m2,rust,cobol,algol68
         --prefix=/usr
         --with-gcc-major-version-only
         --program-suffix=-15
         --program-prefix=powerpc64le-linux-gnu-
         --enable-shared
         --enable-linker-build-id
         --libexecdir=/usr/libexec
         --without-included-gettext
         --enable-threads=posix
         --libdir=/usr/lib
         --enable-nls
         --enable-bootstrap
         --enable-clocale=gnu
         --enable-libstdcxx-debug
         --enable-libstdcxx-time=yes
         --with-default-libstdcxx-abi=new
         --enable-libstdcxx-backtrace
         --enable-gnu-unique-object
         --enable-plugin
         --enable-default-pie
         --with-system-zlib
         --enable-libphobos-checking=release
         --with-target-system-zlib=auto
         --with-libphobos-druntime-only=yes
         --enable-objc-gc=auto
         --enable-secureplt
         --with-cpu=power9
         --enable-targets=powerpcle-linux
         --disable-multilib
         --enable-multiarch
         --disable-werror
         --with-long-double-128
         --with-long-double-format=ieee
        
--enable-offload-targets=nvptx-none=/<<PKGBUILDDIR>>/debian/tmp-nvptx/usr
         --enable-offload-defaulted
         --without-cuda-driver
         --enable-checking=release
         --build=powerpc64le-linux-gnu
         --host=powerpc64le-linux-gnu
         --target=powerpc64le-linux-gnu
         --with-build-config=bootstrap-lto-lean
         --enable-link-serialization=1


# the complete command line that triggers the bug;

>From qemu build ninja -v:

[2/2] gcc-15 -m64 -mlittle-endian -Ilibqemu-riscv64-softmmu.a.p -I. -I..
-Itarget/riscv -I../target/riscv -Isubprojects/libvduse
-I../subprojects/libvduse -Iqapi -Itrace -Iui -Iui/shader
-I/usr/include/p11-kit-1 -I/usr/include/pixman-1 -I/usr/include/libpng16
-I/usr/include/spice-server -I/usr/include/spice-1 -I/usr/include/glib-2.0
-I/usr/lib/powerpc64le-linux-gnu/glib-2.0/include -I/usr/include/sysprof-6
-I/usr/include/libmount -I/usr/include/blkid -I/usr/include/gio-unix-2.0
-I/usr/include/pipewire-0.3 -I/usr/include/spa-0.2 -I/usr/include/fuse3
-I/usr/include/powerpc64le-linux-gnu -fdiagnostics-color=auto -Wall
-Winvalid-pch -Werror -std=gnu11 -O2 -g -fstack-protector-strong -Wempty-body
-Wendif-labels -Wexpansion-to-defined -Wformat-security -Wformat-y2k
-Wignored-qualifiers -Wimplicit-fallthrough=2 -Winit-self
-Wmissing-format-attribute -Wmissing-prototypes -Wnested-externs
-Wold-style-declaration -Wold-style-definition -Wredundant-decls -Wshadow=local
-Wstrict-prototypes -Wtype-limits -Wundef -Wvla -Wwrite-strings
-Wno-missing-include-dirs -Wno-psabi -Wno-shift-negative-value -isystem
/root/qemu/linux-headers -isystem linux-headers -iquote . -iquote /root/qemu
-iquote /root/qemu/include -iquote /root/qemu/host/include/ppc64 -iquote
/root/qemu/host/include/generic -iquote /root/qemu/tcg/ppc -pthread
-D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -fno-strict-aliasing
-fno-common -fwrapv -ftrivial-auto-var-init=zero -fzero-call-used-regs=used-gpr
-O2 -g -Wno-implicit-fallthrough -Wno-error=address -Wno-error=type-limits
-save-temps -fPIE -isystem /usr/include/mit-krb5 -D_REENTRANT -D_DEFAULT_SOURCE
-D_XOPEN_SOURCE=600 -DNCURSES_WIDECHAR=1 -isystem../linux-headers
-isystemlinux-headers -DCOMPILING_PER_TARGET
'-DCONFIG_TARGET="riscv64-softmmu-config-target.h"'
'-DCONFIG_DEVICES="riscv64-softmmu-config-devices.h"' -MD -MQ
libqemu-riscv64-softmmu.a.p/target_riscv_pmu.c.o -MF
libqemu-riscv64-softmmu.a.p/target_riscv_pmu.c.o.d -o
libqemu-riscv64-softmmu.a.p/target_riscv_pmu.c.o -c ../target/riscv/pmu.c


# the compiler output (error messages, warnings, etc.); and

There is no warning/error message reported.
The issue can be seen when running the code.

# the preprocessed file (*.i*) that triggers the bug

I'll attach target_riscv_pmu.c.i

# Minimal background

This was spotted testing the new qemu 10.1, but actually found an issue with
gcc-15 which was also recently updated in Ubuntu 25.10. The non pre-processed
code (so you can see the surroundings) matches [3] from the qemu project.
This is emulating riscv in qemu and the same code runs fine on x86, arm64,
s390x - but on ppc64 as the build and host platform it fails.

When building with -O2 I found it failing, and eventually debugging made me
able to verify that the smallest set of good/bad is
- bad: CFLAGS="-O2 -g"
- good: CFLAGS="-O2 -g -fno-gcse"

The behavior then is odd as it executes inside a seemingly false condition

## code ##
qemu.git/target/riscv/pmu.c

  192 static void riscv_pmu_icount_update_priv(CPURISCVState *env,
  193 target_ulong newpriv, bool new_virt)
  194 {
  195 uint64_t *snapshot_prev, *snapshot_new;
  196 uint64_t current_icount;
  197 uint64_t *counter_arr;
  198 uint64_t delta;
  199
  200 if (icount_enabled()) {
  201 current_icount = icount_get_raw();
  202 } else {
  203 current_icount = cpu_get_host_ticks();
  204 }
  205 ...

Thread 3 "qemu-system-ris" hit Breakpoint 1, riscv_pmu_icount_update_priv
(env=0x10147c310, newpriv=1, new_virt=false) at ../target/riscv/pmu.c:200
200 if (icount_enabled()) {
(gdb) n
203 current_icount = cpu_get_host_ticks();
(gdb) n
206 if (env->virt_enabled) {
(gdb) n
211 counter_arr = env->pmu_fixed_ctrs[1].counter;
(gdb) n
212 snapshot_prev = env->pmu_fixed_ctrs[1].counter_prev;
(gdb) n
215 if (new_virt) {
(gdb) n
216 g_assert(newpriv <= PRV_S);
(gdb) p new_virt
$1 = false

For awareness of the project this was also reported to qemu [7].

[1]: https://gcc.gnu.org/bugs/#need
[2]: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/2120835
[3]:
https://gitlab.com/qemu-project/qemu/-/blame/v10.1.0/target/riscv/pmu.c?ref_type=tags#L206
[4]:
https://launchpad.net/ubuntu/+source/gcc-15/15.2.0-1ubuntu1/+build/31076840
[5]:
https://launchpadlibrarian.net/810820637/buildlog_ubuntu-questing-ppc64el.gcc-15_15.2.0-1ubuntu1_BUILDING.txt.gz
[6]: https://discourse.ubuntu.com/t/questing-quokka-release-schedule/36462
[7]: https://lists.gnu.org/archive/html/qemu-devel/2025-08/msg03901.html

Reply via email to