https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98110
Bug ID: 98110 Summary: [11 Regression] dl-lookup.c in glibc is miscompiled by r11-5029 Product: gcc Version: 11.0 Status: UNCONFIRMED Severity: critical Priority: P3 Component: tree-optimization Assignee: unassigned at gcc dot gnu.org Reporter: hjl.tools at gmail dot com CC: jh at suse dot cz Target Milestone: --- Target: x86-64 Created attachment 49667 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=49667&action=edit A testcase On Linux/x86-64, r11-5029 miscompiled dl-lookup.c with -O2 -std=gnu11 -fgnu89-inline -O2 -g -Wall -Wwrite-strings -Wundef -Werror -fmerge-all-constants -frounding-math -fno-stack-protector -Wstrict-prototypes -Wold-style-definition -fmath-errno -fPIC -fno-stack-protector -mno-mmx -fexceptions -fasynchronous-unwind-tables -ftls-model=initial-exec _dl_lookup_symbol_x: .LVL199: .LFB73: .loc 1 835 1 view -0 .cfi_startproc .loc 1 835 1 is_stmt 0 view .LVU632 pushq %r15 .cfi_def_cfa_offset 16 .cfi_offset 15, -16 pushq %r14 .cfi_def_cfa_offset 24 .cfi_offset 14, -24 pushq %r13 .cfi_def_cfa_offset 32 .cfi_offset 13, -32 pushq %r12 .cfi_def_cfa_offset 40 .cfi_offset 12, -40 movq %rdi, %r12 pushq %rbp .cfi_def_cfa_offset 48 .cfi_offset 6, -48 movq %rdx, %rbp pushq %rbx .cfi_def_cfa_offset 56 .cfi_offset 3, -56 .LBB251: .LBB252: .LBB253: .LBB254: .LBB255: .LBB256: .loc 1 640 72 view .LVU633 #APP # 640 "dl-lookup.c" 1 mov %fs:16,%rax # 0 "" 2 #NO_APP Source has /* Make sure nobody can unload the object while we are at it. */ if (__glibc_unlikely (flags & DL_LOOKUP_GSCOPE_LOCK)) { /* We can't just call __rtld_lock_lock_recursive (GL(dl_load_lock)) here, that can result in ABBA deadlock. */ THREAD_GSCOPE_RESET_FLAG (); __rtld_lock_lock_recursive (GL(dl_load_lock)); /* While MAP value won't change, after THREAD_GSCOPE_RESET_FLAG () it can e.g. point to unallocated memory. So avoid the optimizer treating the above read from MAP->l_serial as ensurance it can safely dereference it. */ But the check is removed by GCC 11.