[Bug gold/21285] New: R_386_GOT32 for baseless case looks implemented incorrectly.

Wed, 22 Mar 2017 04:24:45 -0700 

https://sourceware.org/bugzilla/show_bug.cgi?id=21285

            Bug ID: 21285
           Summary: R_386_GOT32 for baseless case looks implemented
                    incorrectly.
           Product: binutils
           Version: 2.29 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: gold
          Assignee: ccoutant at gmail dot com
          Reporter: georgerim at gmail dot com
                CC: ian at airs dot com
  Target Milestone: ---

Created attachment 9926
  --> https://sourceware.org/bugzilla/attachment.cgi?id=9926&action=edit
got32-i386.s.tmp.o

According to ABI, R_386_GOT32
(https://github.com/hjl-tools/x86-psABI/wiki/intel386-psABI-draft.pdf) can be
calculated as G + A without base register when position-independent code is
disabled.

Imagine next asm code:
.text
.globl bar
.type bar, @function
 bar:

.globl foo
.type foo, @function
 foo:

_start:
  movl bar@GOT, %eax
  movl foo@GOT, %ebx
  movl bar@GOT(%eax), %eax
  movl foo@GOT(%ebx), %eax

I used llvm-mc -relax-relocations=false to compile it into got32-i386.s.tmp.o
(attached), its disassembly is:
Disassembly of section .text:
00000000 <bar>:
   0:   a1 00 00 00 00          mov    0x0,%eax
   5:   8b 1d 00 00 00 00       mov    0x0,%ebx
   b:   8b 80 00 00 00 00       mov    0x0(%eax),%eax
  11:   8b 83 00 00 00 00       mov    0x0(%ebx),%eax
Relocation section '.rel.text' at offset 0x8c contains 4 entries:
 Offset     Info    Type            Sym.Value  Sym. Name
00000001  00000203 R_386_GOT32       00000000   bar
00000007  00000303 R_386_GOT32       00000000   foo
0000000d  00000203 R_386_GOT32       00000000   bar
00000013  00000303 R_386_GOT32       00000000   foo

Notice that "mov 0x0,%eax" case is encoded using a1 and not 8b xx. Gold
implementation determines baseless case using following check:
baseless = (view[-1] & 0xc7) == 0x5;
(https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob;f=gold/i386.cc;h=0b447ef0d68f3ea8965091502d5a1302d69d1b32;hb=HEAD#l2895)

That works incorrectly with "a1 00 00 00 00", gold uses 0xa1 opcode in this
check, assuming it is ModRM byte, when it is not. And result calculation seems
to be broken:
 08048094 <bar>:
 8048094:       a1 fc ff ff ff          mov    0xfffffffc,%eax
 8048099:       8d 1d 94 80 04 08       lea    0x8048094,%ebx
 804809f:       8d 80 a0 e0 ff ff       lea    -0x1f60(%eax),%eax
 80480a5:       8d 83 a0 e0 ff ff       lea    -0x1f60(%ebx),%eax

0xfffffffc is offset in GOT, calculated using "G + A - GOT", when it should be
value calculated using "G + A" I think.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/bug-binutils

Reply via email to