>Number:         5399
>Category:       target
>Synopsis:       arm/thumb: pointer indirections when using -fpic
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    unassigned
>State:          open
>Class:          wrong-code
>Submitter-Id:   net
>Arrival-Date:   Wed Jan 16 02:26:00 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     avbidder@acter.ch (Adrian von Bidder)
>Release:        3.1 20020115 (experimental)
>Organization:
acter ag, zürich
>Environment:
System: Linux atlas 2.4.16 #4 Fri Dec 7 07:58:59 CET 2001 i686 unknown
Architecture: i686
binutils are cvs from 20010115 also. Same config opts as for gcc.
host: i686-pc-linux-gnu
build: i686-pc-linux-gnu
target: arm-unknown-elf
configured with: ../gcc-HEAD/configure --enable-checking --enable-languages=c --prefix=/home/avbidder/hacking-toolchain/inst --target=arm-elf --with-cpu=arm7tdmi
>Description:
The simple C program

main(){ 
        foo("hello george!\n");
}

compiled with -mthumb -fpic (other options don't matter. I use -O3
-mpic-register=r6 -msingle-pic-base as this is what I really use and I find the
asm output is more readable, too).

creates asm output:
=====
...
        .section        .rodata
...
.LC0:
        .ascii  "hello george!\n\000"
        .align  2
.LC1:
        .word   .LC0
... [main:]
    ldr     r0, .L2
    ldr     r1, [r6, r0]
    ldr     r0, [r1]
    bl      foo
...
.L2:
        .word   .LC1(GOTOFF)
...
====
The problem is - afaics - the GOTOFF (instead of GOT). In the linked binary,
.L2 contains the offset of .LC1 from start of GOT, which is start of data, too,
and not the offset of a GOT entry for .LC1. So the first load loads .L2, the
second load already loads the string pointer .LC1 and the third load then loads
the first four bytes of the string itself...


>How-To-Repeat:
see above
>Fix:
	
>Release-Note:
>Audit-Trail:
>Unformatted: