[Bug gas/4558] New: branch on register condition accepts relocations >= 128K
If the displacement from a "br*" instruction to the target of
the branch is 128K or more, gas writes garbace into the displacement
field(s) instead of generating a relocation overflow error.
The branch on register condition instructions have a 16-bit signed
displacement field, but it is split into two pieces of the instruction.
The low 14 bits are at bits 0-13 of the instruction, bits 14 and 15
of the displacement are at bits 21-20 of the instruction.
The test case is very simple:
.text
1: nop
.skip (128 * 1024)
brz,pt %o0, 1b
Build this with "as -Av9a -o test.o test.s". GAS allows this
erroneously, instead of generating a relocation failure.
You can look at the assembler of the object file with
"objdump --disassemble test.o" you will see output like:
<.text>:
0: 01 00 00 00 nop
...
20004: 02 da 3f ff brz %o0, 0x4
20008: 01 00 00 00 nop
which is obviously bogus.
sparc-opc.c uses 'k' character class for the relocation, this is
handled in tc-sparc.c with:
case 'k':
the_insn.reloc = /* RELOC_WDISP2_14 */ BFD_RELOC_SPARC_WDISP16;
the_insn.pcrel = 1;
goto immediate;
The comment reference to the mythical "RELOC_WDISP2_14" is quite
curious :-)
Later down in tc-sparc.c we have the handler for BFD_RELOC_SPARC_WDISP16:
case BFD_RELOC_SPARC_WDISP16:
/* FIXME: simplify. */
if (((val > 0) && (val & ~0x3fffc))
|| ((val < 0) && (~(val - 1) & ~0x3fffc)))
as_bad_where (fixP->fx_file, fixP->fx_line,
_("relocation overflow"));
/* FIXME: The +1 deserves a comment. */
val = (val >> 2) + 1;
insn |= ((val & 0xc000) << 6) | (val & 0x3fff);
break;
And here we have the bug, the reloc range checking is wrong.
The masks should be 0x1fffc instead of 0x3fffc.
--
Summary: branch on register condition accepts relocations >= 128K
Product: binutils
Version: 2.18 (HEAD)
Status: NEW
Severity: normal
Priority: P2
Component: gas
AssignedTo: unassigned at sources dot redhat dot com
ReportedBy: davem at davemloft dot net
CC: bug-binutils at gnu dot org
GCC build triplet: sparc-unknown-linux-gnu
GCC host triplet: sparc-unknown-linux-gnu
GCC target triplet: sparc-unknown-liunx-gnu
http://sourceware.org/bugzilla/show_bug.cgi?id=4558
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
___
bug-binutils mailing list
bug-binutils@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug gas/4558] branch on register condition accepts relocations >= 128K
--- Additional Comments From davem at davemloft dot net 2007-05-28 07:33 --- Created an attachment (id=1868) --> (http://sourceware.org/bugzilla/attachment.cgi?id=1868&action=view) Fix for BFD_RELOC_SPARC_WDISP16 overflow checking. -- http://sourceware.org/bugzilla/show_bug.cgi?id=4558 --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ bug-binutils mailing list bug-binutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug gas/13441] binutils-2.22 gas on sparc64-linux rejects "smul" instructions breaking gcc bootstrap
http://sourceware.org/bugzilla/show_bug.cgi?id=13441 David S. Miller changed: What|Removed |Added CC||davem at davemloft dot net --- Comment #5 from David S. Miller 2011-11-27 22:06:16 UTC --- No, you need to update the entire toolchain. You suggested fix is not "simple" and in fact will regress the intended behavior. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug gas/13441] binutils-2.22 gas on sparc64-linux rejects "smul" instructions breaking gcc bootstrap
http://sourceware.org/bugzilla/show_bug.cgi?id=13441 David S. Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution||INVALID --- Comment #6 from David S. Miller 2011-11-27 22:07:00 UTC --- This is not a valid report, thus closing. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/15056] gld 2.23.1 mishandles R_SPARC_TLS_LDM_CALL
http://sourceware.org/bugzilla/show_bug.cgi?id=15056 --- Comment #3 from David S. Miller 2013-01-23 21:34:17 UTC --- Indeed, my change is in the 2.22 release, I just double checked. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/15056] gld 2.23.1 mishandles R_SPARC_TLS_LDM_CALL
http://sourceware.org/bugzilla/show_bug.cgi?id=15056 --- Comment #1 from David S. Miller 2013-01-23 19:23:47 UTC --- My first guess would be that this is caused by: 2011-10-18 David S. Miller PR binutils/13301 * elfxx-sparc.c (sparc_elf_find_reloc_at_ofs): New function. (_bfd_sparc_elf_relocate_section): Always move the __tls_get_addr call delay slot instruction forward 4 bytes when performing relaxation. I wonder why Eric never saw this problem, maybe he didn't test it on Solaris or something like that. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/15056] gld 2.23.1 mishandles R_SPARC_TLS_LDM_CALL
http://sourceware.org/bugzilla/show_bug.cgi?id=15056 --- Comment #10 from David S. Miller 2013-01-30 18:11:21 UTC --- Thanks a lot Alan, I'll take it from here. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/15056] gld 2.23.1 mishandles R_SPARC_TLS_LDM_CALL
http://sourceware.org/bugzilla/show_bug.cgi?id=15056 David S. Miller changed: What|Removed |Added Status|NEW |ASSIGNED AssignedTo|unassigned at sourceware|davem at davemloft dot net |dot org | --- Comment #11 from David S. Miller 2013-01-30 19:59:03 UTC --- Created attachment 6838 --> http://sourceware.org/bugzilla/attachment.cgi?id=6838 Fix for __tls_get_addr garbage collection on sparc. Rainer please give this patch a test. I'll try to put together a test case meanwhile. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/15056] gld 2.23.1 mishandles R_SPARC_TLS_LDM_CALL
http://sourceware.org/bugzilla/show_bug.cgi?id=15056 --- Comment #13 from David S. Miller 2013-01-31 04:07:01 UTC --- Yes, we are guarenteed that the symbol that's actually attached to the LDM_CALL and GD_CALL relocs will be referenced by other relocations. The TLS calls never exist by themselves, they always exist alongside other TLS relocations over the same symbol. BTW, tilegx and tilepro BFD elf backends have this same exact GC bug. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/15056] gld 2.23.1 mishandles R_SPARC_TLS_LDM_CALL
http://sourceware.org/bugzilla/show_bug.cgi?id=15056 --- Comment #15 from David S. Miller 2013-01-31 05:28:40 UTC --- Ok I ran Rainer's test case and my patch as attached doesn't work, but something along the line of Alan's suggestion does. I'll go figure this out. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/15056] gld 2.23.1 mishandles R_SPARC_TLS_LDM_CALL
http://sourceware.org/bugzilla/show_bug.cgi?id=15056 --- Comment #17 from David S. Miller 2013-01-31 07:14:10 UTC --- Alan that patch works, please check it in to mainline (and on any relevant active branch too). Thanks! -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
