[Bug gcov-profile/60008] New: x86_64: Segmentation fault if compiled with -fcall-saved-rdi -O2 --coverage

peter.oberparleiter at de dot ibm.com gcc-bugzilla@gcc.gnu.org
Fri Jan 31 13:13:00 GMT 2014 

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60008

            Bug ID: 60008
           Summary: x86_64: Segmentation fault if compiled with
                    -fcall-saved-rdi -O2 --coverage
           Product: gcc
           Version: 4.9.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: gcov-profile
          Assignee: unassigned at gcc dot gnu.org
          Reporter: peter.oberparleiter at de dot ibm.com

Programs compiled on x86_64 with GCC and options "-fcall-saved-rdi -O2
--coverage" cause a segmentation fault.

Minimal test case:
echo "int main() { return 0; }" | gcc -xc - -o /tmp/test --coverage -O2
-fcall-saved-rdi && /tmp/test

Release:
- gcc version 4.9.0 20140116 (experimental) [master revision
  c334d99:760dcd4:018db0b6e750f01880f0d601e1cf167948f55ab5] (GCC)
  Configured with: configure --prefix=gcc-head-install --enable-shared
  --with-system-zlib --enable-threads=posix --enable-__cxa_atexit
  --enable-checking --enable-gnu-indirect-function --program-suffix=-4.9.0
  --with-as=binutils/install/bin/as --with-ld=binutils/install/bin/ld
  --enable-languages=c

Also found on:
- gcc version 4.8.2 20131212 (Red Hat 4.8.2-7) (GCC)
- gcc version 4.7.2 (Debian 4.7.2-5)
- gcc version 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC)

Environment:
GNU/Linux

Additional information:
The cause for the segmentation fault can be found when comparing the
generated constructor functions:

gcc --coverage -O2 -fcall-saved-rdi
0000000000400c10 <_GLOBAL__I_65535_0_main>:
  400c10:       57                      push   %rdi
  400c11:       5f                      pop    %rdi
  400c12:       e9 09 00 00 00          jmpq   400c20 <__gcov_init>

-> Nothing is loaded into %rdi, __gcov_init() accesses random memory

gcc --coverage -O2
0000000000400c10 <_GLOBAL__I_65535_0_main>:
  400c10:       48 83 ec 08             sub    $0x8,%rsp
  400c14:       bf 60 2a 60 00          mov    $0x602a60,%edi
  400c19:       48 83 c4 08             add    $0x8,%rsp
  400c1d:       e9 0e 00 00 00          jmpq   400c30 <__gcov_init>

-> %rdi contains pointer to gcov_info structure when __gcov_init() is called

gcc --coverage -fcall-saved-rdi
0000000000400c11 <_GLOBAL__I_65535_0_main>:
  400c11:       55                      push   %rbp
  400c12:       48 89 e5                mov    %rsp,%rbp
  400c15:       57                      push   %rdi
  400c16:       48 83 ec 08             sub    $0x8,%rsp
  400c1a:       bf 80 2a 60 00          mov    $0x602a80,%edi
  400c1f:       e8 0c 00 00 00          callq  400c30 <__gcov_init>
  400c24:       48 83 c4 08             add    $0x8,%rsp
  400c28:       5f                      pop    %rdi
  400c29:       c9                      leaveq
  400c2a:       c3                      retq

-> %rdi contains pointer to gcov_info structure when __gcov_init() is called

More information about the Gcc-bugs mailing list