https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71051
Bug ID: 71051 Summary: incorrect sparc64 code generated, inevitable jump to null function pointer Product: gcc Version: 5.3.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c Assignee: unassigned at gcc dot gnu.org Reporter: martin at netbsd dot org Target Milestone: --- Created attachment 38464 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=38464&action=edit striped down example C code Attached is a reduced example of code that is part of the NetBSD C startup, it is used to call all destructors in a shared binary before unloading the module. There is some linker magic used to fill the dtor pointer array. We hit the issue in the wild, but the stripped attached example shows the invalid code. We have seen similar issues on other architectures, so it is likely not sparc64 specific, but this case has been analyzed best. The loop over the dtors is terminated when the current dtor pointer is >= __DTOR_LIST_END__, and the generated asm code goes like: or %i4, %l44(__DTOR_LIST_END__), %i4 cmp %i5, %i4 blu,pt %xcc, .LL5 mov 0, %g1 If the branch to .LL5 is taken, %g1 will always be NULL. So not surprisingly we crash by jumping to 0: .LL5: call %g1, 0 add %i5, 8, %i5 This is with the 5.3 version integrated in NetBSD-current: > cc -v Using built-in specs. COLLECT_GCC=cc COLLECT_LTO_WRAPPER=/usr/libexec/lto-wrapper Target: sparc64--netbsd Configured with: /usr/src/tools/gcc/../../external/gpl3/gcc/dist/configure --target=sparc64--netbsd --enable-long-long --enable-threads --with-bugurl=http://www.NetBSD.org/Misc/send-pr.html --with-pkgversion='NetBSD nb1 20160317' --with-system-zlib --enable-__cxa_atexit --enable-libstdcxx-threads --enable-libstdcxx-time=rt --with-mpc-lib=/var/obj/mknative/sparc64/usr/src/external/lgpl3/mpc/lib/libmpc --with-mpfr-lib=/var/obj/mknative/sparc64/usr/src/external/lgpl3/mpfr/lib/libmpfr --with-gmp-lib=/var/obj/mknative/sparc64/usr/src/external/lgpl3/gmp/lib/libgmp --with-mpc-include=/usr/src/external/lgpl3/mpc/dist/src --with-mpfr-include=/usr/src/external/lgpl3/mpfr/dist/src --with-gmp-include=/usr/src/external/lgpl3/gmp/lib/libgmp/arch/sparc64 --enable-tls --disable-multilib --disable-symvers --disable-libstdcxx-pch --build=x86_64-unknown-netbsd7.0. --host=sparc64--netbsd --with-sysroot=/var/obj/mknative/sparc64/usr/src/destdir.sparc64 Thread model: posix gcc version 5.3.0 (nb1 20160317) and the compiler invocation w.as cc -Wall -Wextra -O2 -fno-strict-aliasing -fwrapv -c -S example.c