[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug ld/28924] New: ld-arm bug in encoding of blx calls jumping from thu
|
From: |
jori.bomanson at huld dot io |
|
Subject: |
[Bug ld/28924] New: ld-arm bug in encoding of blx calls jumping from thumb to arm instructions |
|
Date: |
Fri, 25 Feb 2022 08:53:49 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=28924
Bug ID: 28924
Summary: ld-arm bug in encoding of blx calls jumping from thumb
to arm instructions
Product: binutils
Version: 2.37
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: ld
Assignee: unassigned at sourceware dot org
Reporter: jori.bomanson at huld dot io
Target Milestone: ---
Created attachment 13996
--> https://sourceware.org/bugzilla/attachment.cgi?id=13996&action=edit
Small source file for reproducing the bug
We encountered a linking error in 11.1 and 11.2 of the ARM GNU Toolchain. There
seems to be a bug in encodings of calls using blx when jumping from thumb to
arm instructions. When the jump is exactly 2^24 + 2, the jump turns into a jump
of 2 instead of an indirect jump. If the jump is shorter, a direct jump is
generated correctly. If the jump is longer, an indirect jump is generated
correctly.
The bug can be reproduced for example on the ARM GNU Toolchain version
11.2-2022.02 for the AArch32 bare-metal target (arm-none-eabi) available for
x86_64 Linux hosted cross toolchains here: [Arm GNU Toolchain | Arm GNU
Toolchain Downloads – Arm
Developer](https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/downloads).
A small example for triggering this bug for the above toolchain is attached as
"test.cpp". For other versions of the toolchain, the example needs to be
tweaked, because it is sensitive to code size, which typically differs between
versions.
The bug goes away if `ERROR_CALL` in "test.cpp" is replaced by either of the
commented parts `//DIRECT_CALL` or `//INDIREC_CALL`.
To reproduce this bug, the file "test.cpp" can be compiled with:
arm-none-eabi-g++ -std=gnu++17 -mcpu=cortex-a9 -mfpu=vfpv3 -fdata-sections
-ffunction-sections -mfloat-abi=hard -O3 -save-temps=obj -fverbose-asm
--specs=nosys.specs test.cpp
Now if one disassembles the output using `arm-none-eabi-objdump -d a.out >
a.s`, then the resulting file a.s contains the following encoding of the first
call to f():
8036: f000 e800 blx 8038 <main+0x8>
This instruction represents a jump of two bytes forward to the address 8036 to
8038, which is wrong.
--
You are receiving this mail because:
You are on the CC list for the bug.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Bug ld/28924] New: ld-arm bug in encoding of blx calls jumping from thumb to arm instructions,
jori.bomanson at huld dot io <=