bug-binutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug ld/16924] New: PowerPC Relocation R_PPC_ADDR16 is using the wrong o


From: bcbrock at us dot ibm.com
Subject: [Bug ld/16924] New: PowerPC Relocation R_PPC_ADDR16 is using the wrong overflow checker
Date: Thu, 08 May 2014 22:19:31 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=16924

            Bug ID: 16924
           Summary: PowerPC Relocation R_PPC_ADDR16 is using the wrong
                    overflow checker
           Product: binutils
           Version: 2.25 (HEAD)
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ld
          Assignee: unassigned at sourceware dot org
          Reporter: bcbrock at us dot ibm.com

We believe there is a mistake in the definition of the R_PPC_ADDR16 relocation,
found in bfd/elf32-ppc.c

/* A standard 16 bit relocation. */
HOWTO (R_PPC_ADDR16, /* type */
0, /* rightshift */
1, /* size (0 = byte, 1 = short, 2 = long) */
16, /* bitsize */
FALSE, /* pc_relative */
0, /* bitpos */
complain_overflow_bitfield, /* complain_on_overflow */
bfd_elf_generic_reloc, /* special_function */
"R_PPC_ADDR16", /* name */
FALSE, /* partial_inplace */
0, /* src_mask */
0xffff, /* dst_mask */
FALSE), /* pcrel_offset */ 

We believe the checker should be "complain_overflow_signed" instead of
"complain_overflow_bitfield".

We discovered this issue because we are building a tiny embedded system and
(please humor me) we need to use R0 (treated as 0 here) as the base address of
our "small data area" to reference data addresses in the top 32KB of the memory
space with a single instruction. So for example, this 2-line assembler file:

    lwz 3, foo(0)
foo:

Can be assembled and linked with three variants of a simple linker script:

SECTIONS
{
    # . = 0xFFFE0000; #Variant 1, fails as it should
    # . = 0xFFFF0000; #Variant 2, does NOT fail, although it should
    # . = 0xFFFF8000; #Variant 3, works as it should
   .all . { *(*) }
}

Variant 1 fails as it should, because the address of foo has obviously
overflowed out of 16 signed bits.  Variant 3 works as it should as foo is a
legal address in the top 32 KB of memory, a 16-bit "negative" address. Variant
2 should fail but does not. We believe this is because the
"complain_overflow_bitfield" check  is checking for for 16 (not 17) equal sign
bits in the final relocated address.

Thanks, 

Bishop Brock

-- 
You are receiving this mail because:
You are on the CC list for the bug.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]