http://gcc.gnu.org/bugzilla/show_bug.cgi?id=50201
Jouko Orava <jouko.orava at iki dot fi> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jouko.orava at iki dot fi --- Comment #6 from Jouko Orava <jouko.orava at iki dot fi> --- Confirmed. The second test case still segfaults when run if compiled with -static in Linux 3.8.0 x86_64 kernel on Ubuntu 12.04.4 LTS, using gfortran 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5). When gdb is run on the static binary, it warns that "no loadable sections found in added symbol-file system-supplied DSO at 0x7ffff7ffd000". gdb backtrace: (gdb) run Program received signal SIGSEGV, Segmentation fault. 0x0000000000000000 in ?? () (gdb) bt #0 0x0000000000000000 in ?? () #1 0x000000000040bb83 in write_float () #2 0x0000000000404d27 in formatted_transfer () #3 0x000000000040318a in _gfortran_transfer_array () #4 0x00000000004013a5 in MAIN__ () at fdp1.f90:4 (gdb) info registers rax 0x1 1 rbx 0x6fb6e8 7321320 rcx 0x27 39 rdx 0x4be712 4974354 rsi 0x31 49 rdi 0x7fffffffdb80 140737488345984 rbp 0x28 0x28 rsp 0x7fffffffdab8 0x7fffffffdab8 r8 0x0 0 r9 0x0 0 r10 0x0 0 r11 0xb33333333333 197032483697459 r12 0x7fffffffddc0 140737488346560 r13 0x7fffffffdb80 140737488345984 r14 0x0 0 r15 0x0 0 rip 0x0 0 eflags 0x10202 [ IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x63 99 gs 0x0 0 The disassembly of the write_float () up to the segmentation fault: 000000000040ba60 <write_float>: 40ba60: 41 57 push %r15 40ba62: 41 56 push %r14 40ba64: 41 55 push %r13 40ba66: 41 54 push %r12 40ba68: 49 89 fc mov %rdi,%r12 40ba6b: 55 push %rbp 40ba6c: bd 28 00 00 00 mov $0x28,%ebp 40ba71: 53 push %rbx 40ba72: 48 89 f3 mov %rsi,%rbx 40ba75: 48 81 ec 08 01 00 00 sub $0x108,%rsp 40ba7c: 44 8b 2e mov (%rsi),%r13d 40ba7f: 64 48 8b 04 25 28 00 mov %fs:0x28,%rax 40ba86: 00 00 40ba88: 48 89 84 24 f8 00 00 mov %rax,0xf8(%rsp) 40ba8f: 00 40ba90: 31 c0 xor %eax,%eax 40ba92: 41 83 fd 1e cmp $0x1e,%r13d 40ba96: 74 0a je 40baa2 <write_float+0x42> 40ba98: 41 83 fd 1c cmp $0x1c,%r13d 40ba9c: 0f 85 06 05 00 00 jne 40bfa8 <write_float+0x548> 40baa2: 83 f9 08 cmp $0x8,%ecx 40baa5: 0f 84 4a 05 00 00 je 40bff5 <write_float+0x595> 40baab: 0f 8e 6f 08 00 00 jle 40c320 <write_float+0x8c0> 40bab1: 83 f9 0a cmp $0xa,%ecx 40bab4: 0f 84 7e 08 00 00 je 40c338 <write_float+0x8d8> 40baba: 83 f9 10 cmp $0x10,%ecx 40babd: 0f 1f 00 nopl (%rax) 40bac0: 0f 85 63 08 00 00 jne 40c329 <write_float+0x8c9> 40bac6: 66 0f 6f 02 movdqa (%rdx),%xmm0 40baca: 66 0f 7f 44 24 40 movdqa %xmm0,0x40(%rsp) 40bad0: e8 9b 27 01 00 callq 41e270 <__trunctfdf2> 40bad5: 66 44 0f 50 f0 movmskpd %xmm0,%r14d 40bada: 66 0f 6f 54 24 40 movdqa 0x40(%rsp),%xmm2 40bae0: 41 83 e6 01 and $0x1,%r14d 40bae4: 66 0f db 15 44 30 0b pand 0xb3044(%rip),%xmm2 # 4beb30 <CSWTCH.109+0xb0> 40baeb: 00 40baec: 66 0f 6f 0d 4c 30 0b movdqa 0xb304c(%rip),%xmm1 # 4beb40 <CSWTCH.109+0xc0> 40baf3: 00 40baf4: 66 0f 6f c2 movdqa %xmm2,%xmm0 40baf8: 66 0f 7f 54 24 10 movdqa %xmm2,0x10(%rsp) 40bafe: e8 ed 25 01 00 callq 41e0f0 <__unordtf2> 40bb03: 48 85 c0 test %rax,%rax 40bb06: 66 0f 6f 54 24 10 movdqa 0x10(%rsp),%xmm2 40bb0c: 0f 85 8e 0c 00 00 jne 40c7a0 <write_float+0xd40> 40bb12: 66 0f 6f 0d 26 30 0b movdqa 0xb3026(%rip),%xmm1 # 4beb40 <CSWTCH.109+0xc0> 40bb19: 00 40bb1a: 66 0f 6f c2 movdqa %xmm2,%xmm0 40bb1e: e8 8d 2c 01 00 callq 41e7b0 <__getf2> 40bb23: 48 85 c0 test %rax,%rax 40bb26: 0f 8f 74 0c 00 00 jg 40c7a0 <write_float+0xd40> 40bb2c: 45 85 f6 test %r14d,%r14d 40bb2f: 74 14 je 40bb45 <write_float+0xe5> 40bb31: 66 0f 6f 44 24 40 movdqa 0x40(%rsp),%xmm0 40bb37: 66 0f ef 05 11 30 0b pxor 0xb3011(%rip),%xmm0 # 4beb50 <CSWTCH.109+0xd0> 40bb3e: 00 40bb3f: 66 0f 7f 44 24 40 movdqa %xmm0,0x40(%rsp) 40bb45: 66 0f ef c9 pxor %xmm1,%xmm1 40bb49: 4c 8d ac 24 c0 00 00 lea 0xc0(%rsp),%r13 40bb50: 00 40bb51: 66 0f 6f 44 24 40 movdqa 0x40(%rsp),%xmm0 40bb57: e8 14 30 01 00 callq 41eb70 <__eqtf2> 40bb5c: 8d 4d ff lea -0x1(%rbp),%ecx 40bb5f: 66 0f 6f 44 24 40 movdqa 0x40(%rsp),%xmm0 40bb65: 48 85 c0 test %rax,%rax 40bb68: ba 12 e7 4b 00 mov $0x4be712,%edx 40bb6d: be 31 00 00 00 mov $0x31,%esi 40bb72: 4c 89 ef mov %r13,%rdi 40bb75: b8 01 00 00 00 mov $0x1,%eax 40bb7a: 41 0f 94 c7 sete %r15b 40bb7e: e8 7d 44 bf ff callq 0 <__libc_tsd_LOCALE> 40bb83: 83 3b 20 cmpl $0x20,(%rbx) Jumping over the __libc_tsd_LOCALE call (setting breakpoint at 0x40bb7e, and jumping to 0x40bb8c or 0x40c70a) four times avoids the segmentation fault, but the output consists of 16 ?.*** ?.*** ?.*** ?.*** where the ? refers to code \xb6 (182), and * to ASCII NUL (zero). If I've understood the situation correctly, __libc_tsd_LOCALE is supposed to be a per-thread pointer, initialized to point to a structure that defines the current locale settings. (That matches the current GNU libc code, at least.) Calling __libc_tsd_LOCAL seems obviously incorrect.