https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94791
Bug ID: 94791 Summary: aarch64: -pg profiling is broken with pac-ret Product: gcc Version: 10.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: target Assignee: unassigned at gcc dot gnu.org Reporter: nsz at gcc dot gnu.org Target Milestone: --- int foo(int x) { return x; } gcc -pg -mbranch-protection=pac-ret gives foo: hint 25 // paciasp stp x29, x30, [sp, -32]! mov x29, sp mov x1, x30 str w0, [sp, 28] mov x0, x1 // passing signed return address bl _mcount ldr w0, [sp, 28] ldp x29, x30, [sp], 32 hint 29 // autiasp ret _mcount needs a valid code address as argument so different calls from the same call site can be correlated and the caller can be identified (e.g. with dladdr). either pac should be removed with xpaclri or x30 saved into another temp reg before paciasp.