http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45867
Eric Botcazou <ebotcazou at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target| |sparc64-elf Status|UNCONFIRMED |RESOLVED CC| |ebotcazou at gcc dot | |gnu.org Resolution| |WORKSFORME Summary|Sparc64: bogus %g4 |reference to %g4 in code |reference in libgcc |generated for sparc64-elf |__udivti3() | --- Comment #1 from Eric Botcazou <ebotcazou at gcc dot gnu.org> 2010-10-02 13:40:39 UTC --- > As can be seen in the output, there is a strange extra instruction, 'add > %g1, %g4, %g1'. %g4 is not initialized anywhere in the function but any > previous value will be used. Thus the __clz_tab table access can lead to > crashes. This may in theory even have some security implications if %g4 value > could be feasibly controlled by an attacker. The attacker is supposed to be you here. The sparc64-elf compiler defaults to the CM_EMBMEDANY memory model: TARGET_CM_EMBMEDANY: 64-bit address space. The text and data segments have a maximum size of 2GB (31-bit span) and may be located anywhere in memory. The global register %g4 contains the start address of the data segment. Programs are statically linked and PIC is not supported.