[PATCH][GOLD] Fix overflow check in R_ARM_THM_JUMP11 and R_ARM_THM_JUMP8.

[PATCH][GOLD] Fix overflow check in R_ARM_THM_JUMP11 and R_ARM_THM_JUMP8.

[Doug Kwan (關振德)]

[-- Attachment #1: Type: text/plain, Size: 792 bytes --]

Hi Ian,

    This patch fixes problems in overflow checking of
R_ARM_THM_JUMP{11,8}.  It also adds two new tests.

-Doug


2011-06-25  Doug Kwan  <dougkwan@google.com>

        * arm.cc (Arm_relocate_functions::thm_jump8,
        Arm_relocate_functions::thm_jump11): Use a wider signed
        type to compute offset.
        * testsuite/Makefile.am: Add new tests arm_thm_jump11 and
        arm_thm_jump8.
        * testsuite/Makefile.in: Regenerate.
        * testsuite/arm_branch_in_range.sh: Check test results of
        arm_thm_jump11 and arm_thm_jump8.
        * testsuite/arm_thm_jump11.s: New test source file.
        * testsuite/arm_thm_jump11.t: New linker script.
        * testsuite/arm_thm_jump8.s: New test source file.
        * testsuite/arm_thm_jump8.t: New linker script.

[-- Attachment #2: patch-thm-jump.txt --]
[-- Type: text/plain, Size: 11087 bytes --]

Index: gold/arm.cc
===================================================================
RCS file: /cvs/src/src/gold/arm.cc,v
retrieving revision 1.134
diff -u -u -p -r1.134 arm.cc
--- gold/arm.cc	24 Jun 2011 16:40:34 -0000	1.134
+++ gold/arm.cc	25 Jun 2011 06:50:33 -0000
@@ -3356,13 +3356,14 @@ class Arm_relocate_functions : public Re
 	    Arm_address address)
   {
     typedef typename elfcpp::Swap<16, big_endian>::Valtype Valtype;
-    typedef typename elfcpp::Swap<16, big_endian>::Valtype Reltype;
     Valtype* wv = reinterpret_cast<Valtype*>(view);
     Valtype val = elfcpp::Swap<16, big_endian>::readval(wv);
-    Reltype addend = utils::sign_extend<8>((val & 0x00ff) << 1);
-    Reltype x = (psymval->value(object, addend) - address);
-    elfcpp::Swap<16, big_endian>::writeval(wv, (val & 0xff00) | ((x & 0x01fe) >> 1));
-    return (utils::has_overflow<8>(x)
+    int32_t addend = utils::sign_extend<8>((val & 0x00ff) << 1);
+    int32_t x = (psymval->value(object, addend) - address);
+    elfcpp::Swap<16, big_endian>::writeval(wv, ((val & 0xff00)
+                                                | ((x & 0x01fe) >> 1)));
+    // We do a 9-bit overflow check because x is right-shifted by 1 bit.
+    return (utils::has_overflow<9>(x)
 	    ? This::STATUS_OVERFLOW
 	    : This::STATUS_OKAY);
   }
@@ -3375,13 +3376,14 @@ class Arm_relocate_functions : public Re
 	    Arm_address address)
   {
     typedef typename elfcpp::Swap<16, big_endian>::Valtype Valtype;
-    typedef typename elfcpp::Swap<16, big_endian>::Valtype Reltype;
     Valtype* wv = reinterpret_cast<Valtype*>(view);
     Valtype val = elfcpp::Swap<16, big_endian>::readval(wv);
-    Reltype addend = utils::sign_extend<11>((val & 0x07ff) << 1);
-    Reltype x = (psymval->value(object, addend) - address);
-    elfcpp::Swap<16, big_endian>::writeval(wv, (val & 0xf800) | ((x & 0x0ffe) >> 1));
-    return (utils::has_overflow<11>(x)
+    int32_t addend = utils::sign_extend<11>((val & 0x07ff) << 1);
+    int32_t x = (psymval->value(object, addend) - address);
+    elfcpp::Swap<16, big_endian>::writeval(wv, ((val & 0xf800)
+                                                | ((x & 0x0ffe) >> 1)));
+    // We do a 12-bit overflow check because x is right-shifted by 1 bit.
+    return (utils::has_overflow<12>(x)
 	    ? This::STATUS_OVERFLOW
 	    : This::STATUS_OKAY);
   }
Index: gold/testsuite/Makefile.am
===================================================================
RCS file: /cvs/src/src/gold/testsuite/Makefile.am,v
retrieving revision 1.166
diff -u -u -p -r1.166 Makefile.am
--- gold/testsuite/Makefile.am	25 Jun 2011 00:40:56 -0000	1.166
+++ gold/testsuite/Makefile.am	25 Jun 2011 06:50:33 -0000
@@ -2027,7 +2027,8 @@ check_DATA += arm_bl_in_range.stdout arm
 	thumb2_bl_in_range.stdout thumb2_bl_out_of_range.stdout \
 	thumb_blx_in_range.stdout thumb_blx_out_of_range.stdout \
 	thumb2_blx_in_range.stdout thumb2_blx_out_of_range.stdout \
-	thumb_bl_out_of_range_local.stdout
+	thumb_bl_out_of_range_local.stdout arm_thm_jump11.stdout \
+	arm_thm_jump8.stdout
 
 arm_bl_in_range.stdout: arm_bl_in_range
 	$(TEST_OBJDUMP) -D $< > $@
@@ -2128,10 +2129,29 @@ thumb_bl_out_of_range_local: thumb_bl_ou
 thumb_bl_out_of_range_local.o: thumb_bl_out_of_range_local.s
 	$(TEST_AS) -o $@ -march=armv5te $<
 
+arm_thm_jump11.stdout: arm_thm_jump11
+	$(TEST_OBJDUMP) -D $< > $@
+
+arm_thm_jump11: arm_thm_jump11.o ../ld-new
+	../ld-new -T $(srcdir)/arm_thm_jump11.t -o $@ $<
+
+arm_thm_jump11.o: arm_thm_jump11.s
+	$(TEST_AS) -o $@ $<
+
+arm_thm_jump8.stdout: arm_thm_jump8
+	$(TEST_OBJDUMP) -D $< > $@
+
+arm_thm_jump8: arm_thm_jump8.o ../ld-new
+	../ld-new -T $(srcdir)/arm_thm_jump8.t -o $@ $<
+
+arm_thm_jump8.o: arm_thm_jump8.s
+	$(TEST_AS) -o $@ $<
+
 MOSTLYCLEANFILES += arm_bl_in_range arm_bl_out_of_range thumb_bl_in_range \
 	thumb_bl_out_of_range thumb2_bl_in_range thumb2_bl_out_of_range \
 	thumb_blx_in_range thumb_blx_out_of_range thumb2_blx_in_range \
-	thumb2_blx_out_of_range thumb_bl_out_of_range_local
+	thumb2_blx_out_of_range thumb_bl_out_of_range_local arm_thm_jump11 \
+	arm_thm_jump8
 
 check_SCRIPTS += arm_fix_v4bx.sh
 check_DATA += arm_fix_v4bx.stdout arm_fix_v4bx_interworking.stdout \
Index: gold/testsuite/arm_branch_in_range.sh
===================================================================
RCS file: /cvs/src/src/gold/testsuite/arm_branch_in_range.sh,v
retrieving revision 1.2
diff -u -u -p -r1.2 arm_branch_in_range.sh
--- gold/testsuite/arm_branch_in_range.sh	22 Mar 2010 22:48:05 -0000	1.2
+++ gold/testsuite/arm_branch_in_range.sh	25 Jun 2011 06:50:33 -0000
@@ -61,4 +61,13 @@ check thumb2_blx_in_range.stdout \
  " 2000006:	f400 c000 	blx	1000008 <_backward_target>"
 check thumb2_blx_in_range.stdout \
  " 200000c:	f3ff c7fe 	blx	300000c <_forward_target>"
+check arm_thm_jump11.stdout \
+ "    8804:	e400      	b.n	8008 <_backward_target>"
+check arm_thm_jump11.stdout \
+ "    8806:	e3ff      	b.n	9008 <_forward_target>"
+check arm_thm_jump8.stdout \
+ "    8104:	d080      	beq.n	8008 <_backward_target>"
+check arm_thm_jump8.stdout \
+ "    8106:	d07f      	beq.n	8208 <_forward_target>"
+
 exit 0
Index: gold/testsuite/arm_thm_jump11.s
===================================================================
RCS file: gold/testsuite/arm_thm_jump11.s
diff -N gold/testsuite/arm_thm_jump11.s
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ gold/testsuite/arm_thm_jump11.s	25 Jun 2011 06:50:33 -0000
@@ -0,0 +1,57 @@
+# arm_thm_jump11.s
+# Test R_ARM_THM_JUMP11 relocations just within the branch range limits.
+	.syntax	unified
+	.arch	armv5te
+
+	.section	.text.pre,"x"
+
+# Add padding so that target is just in branch range. 
+	.space	8
+
+	.global	_backward_target
+	.code	16
+	.thumb_func
+	.type	_backword_target, %function
+_backward_target:
+	bx	lr
+	.size	_backward_target, .-_backward_target
+	
+	.text
+
+# Define _start so that linker does not complain.
+	.global	_start
+	.code	32
+	.align	2
+	.type	_start, %function
+_start:
+	bx	lr
+	.size	_start, .-_start
+
+	.global	_backward_test
+	.code	16
+	.thumb_func
+	.type	_backward_test, %function
+_backward_test:
+	b.n	_backward_target
+	.size	_backward_test, .-_backward_test
+
+	.global	_forward_test
+	.code	16
+	.thumb_func
+	.type	_forward_test, %function
+_forward_test:
+	b.n	_forward_target
+	.size	_forward_test, .-_forward_test
+	
+	.section	.text.post,"x"
+
+# Add padding so that target is just in branch range. 
+	.space	8
+
+	.global	_forward_target
+	.code	16
+	.thumb_func
+	.type	_forward_target, %function
+_forward_target:
+	bx	lr
+	.size	_forward_target, .-_forward_target
Index: gold/testsuite/arm_thm_jump11.t
===================================================================
RCS file: gold/testsuite/arm_thm_jump11.t
diff -N gold/testsuite/arm_thm_jump11.t
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ gold/testsuite/arm_thm_jump11.t	25 Jun 2011 06:50:33 -0000
@@ -0,0 +1,36 @@
+/* arm_thm_jump11.t -- linker script to test R_ARM_THM_JUMP11 relocation.
+
+   Copyright 2011 Free Software Foundation, Inc.
+   Written by Doug Kwan <dougkwan@google.com>.
+
+   This file is part of gold.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston,
+   MA 02110-1301, USA.  */
+
+SECTIONS
+{
+  . = 0x8000;
+
+  .text.pre : { *(.text.pre) }
+  . = ALIGN(0x800);
+  .text : { *(.text) }
+  . = ALIGN(0x800);
+  .text.post : { *(.text.post) }
+  . += 0x1000;
+  .data : { *(.data) }
+  .bss : { *(.bss) }
+  .ARM.attributes : { *(.ARM.attributes) }
+}
Index: gold/testsuite/arm_thm_jump8.s
===================================================================
RCS file: gold/testsuite/arm_thm_jump8.s
diff -N gold/testsuite/arm_thm_jump8.s
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ gold/testsuite/arm_thm_jump8.s	25 Jun 2011 06:50:33 -0000
@@ -0,0 +1,57 @@
+# arm_thm_jump8.s
+# Test R_ARM_THM_JUMP8 relocations just within the branch range limits.
+	.syntax	unified
+	.arch	armv5te
+
+	.section	.text.pre,"x"
+
+# Add padding so that target is just in branch range. 
+	.space	8
+
+	.global	_backward_target
+	.code	16
+	.thumb_func
+	.type	_backword_target, %function
+_backward_target:
+	bx	lr
+	.size	_backward_target, .-_backward_target
+	
+	.text
+
+# Define _start so that linker does not complain.
+	.global	_start
+	.code	32
+	.align	2
+	.type	_start, %function
+_start:
+	bx	lr
+	.size	_start, .-_start
+
+	.global	_backward_test
+	.code	16
+	.thumb_func
+	.type	_backward_test, %function
+_backward_test:
+	beq.n	_backward_target
+	.size	_backward_test, .-_backward_test
+
+	.global	_forward_test
+	.code	16
+	.thumb_func
+	.type	_forward_test, %function
+_forward_test:
+	beq.n	_forward_target
+	.size	_forward_test, .-_forward_test
+	
+	.section	.text.post,"x"
+
+# Add padding so that target is just in branch range. 
+	.space	8
+
+	.global	_forward_target
+	.code	16
+	.thumb_func
+	.type	_forward_target, %function
+_forward_target:
+	bx	lr
+	.size	_forward_target, .-_forward_target
Index: gold/testsuite/arm_thm_jump8.t
===================================================================
RCS file: gold/testsuite/arm_thm_jump8.t
diff -N gold/testsuite/arm_thm_jump8.t
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ gold/testsuite/arm_thm_jump8.t	25 Jun 2011 06:50:33 -0000
@@ -0,0 +1,36 @@
+/* arm_thm_jump8.t -- linker script to test R_ARM_THM_JUMP8 relocation.
+
+   Copyright 2011 Free Software Foundation, Inc.
+   Written by Doug Kwan <dougkwan@google.com>.
+
+   This file is part of gold.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston,
+   MA 02110-1301, USA.  */
+
+SECTIONS
+{
+  . = 0x8000;
+
+  .text.pre : { *(.text.pre) }
+  . = ALIGN(0x100);
+  .text : { *(.text) }
+  . = ALIGN(0x100);
+  .text.post : { *(.text.post) }
+  . += 0x1000;
+  .data : { *(.data) }
+  .bss : { *(.bss) }
+  .ARM.attributes : { *(.ARM.attributes) }
+}

Re: [PATCH][GOLD] Fix overflow check in R_ARM_THM_JUMP11 and R_ARM_THM_JUMP8.

[Ian Lance Taylor]

"Doug Kwan (關振德)" <dougkwan@google.com> writes:

> 2011-06-25  Doug Kwan  <dougkwan@google.com>
>
>         * arm.cc (Arm_relocate_functions::thm_jump8,
>         Arm_relocate_functions::thm_jump11): Use a wider signed
>         type to compute offset.
>         * testsuite/Makefile.am: Add new tests arm_thm_jump11 and
>         arm_thm_jump8.
>         * testsuite/Makefile.in: Regenerate.
>         * testsuite/arm_branch_in_range.sh: Check test results of
>         arm_thm_jump11 and arm_thm_jump8.
>         * testsuite/arm_thm_jump11.s: New test source file.
>         * testsuite/arm_thm_jump11.t: New linker script.
>         * testsuite/arm_thm_jump8.s: New test source file.
>         * testsuite/arm_thm_jump8.t: New linker script.

This is OK.

Thanks.

Ian