This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug c/71051] New: incorrect sparc64 code generated, inevitable jump to null function pointer


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71051

            Bug ID: 71051
           Summary: incorrect sparc64 code generated, inevitable jump to
                    null function pointer
           Product: gcc
           Version: 5.3.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: martin at netbsd dot org
  Target Milestone: ---

Created attachment 38464
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=38464&action=edit
striped down example C code

Attached is a reduced example of code that is part of the NetBSD C startup, it
is used to call all destructors in a shared binary before unloading the module.
There is some linker magic used to fill the dtor pointer array.

We hit the issue in the wild, but the stripped attached example shows the
invalid code. We have seen similar issues on other architectures, so it is
likely not sparc64 specific, but this case has been analyzed best.

The loop over the dtors is terminated when the current dtor pointer is >=
__DTOR_LIST_END__, and the generated asm code goes like:

        or      %i4, %l44(__DTOR_LIST_END__), %i4
        cmp     %i5, %i4
        blu,pt  %xcc, .LL5
         mov    0, %g1

If the branch to .LL5 is taken, %g1 will always be NULL. So not surprisingly we
crash by jumping to 0:

.LL5:
        call    %g1, 0
         add    %i5, 8, %i5


This is with the 5.3 version integrated in NetBSD-current:

> cc -v
Using built-in specs.
COLLECT_GCC=cc
COLLECT_LTO_WRAPPER=/usr/libexec/lto-wrapper
Target: sparc64--netbsd
Configured with: /usr/src/tools/gcc/../../external/gpl3/gcc/dist/configure
--target=sparc64--netbsd --enable-long-long --enable-threads
--with-bugurl=http://www.NetBSD.org/Misc/send-pr.html --with-pkgversion='NetBSD
nb1 20160317' --with-system-zlib --enable-__cxa_atexit
--enable-libstdcxx-threads --enable-libstdcxx-time=rt
--with-mpc-lib=/var/obj/mknative/sparc64/usr/src/external/lgpl3/mpc/lib/libmpc
--with-mpfr-lib=/var/obj/mknative/sparc64/usr/src/external/lgpl3/mpfr/lib/libmpfr
--with-gmp-lib=/var/obj/mknative/sparc64/usr/src/external/lgpl3/gmp/lib/libgmp
--with-mpc-include=/usr/src/external/lgpl3/mpc/dist/src
--with-mpfr-include=/usr/src/external/lgpl3/mpfr/dist/src
--with-gmp-include=/usr/src/external/lgpl3/gmp/lib/libgmp/arch/sparc64
--enable-tls --disable-multilib --disable-symvers --disable-libstdcxx-pch
--build=x86_64-unknown-netbsd7.0. --host=sparc64--netbsd
--with-sysroot=/var/obj/mknative/sparc64/usr/src/destdir.sparc64
Thread model: posix
gcc version 5.3.0 (nb1 20160317) 

and the compiler invocation w.as

cc -Wall -Wextra -O2 -fno-strict-aliasing -fwrapv -c -S example.c

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]