<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - [ARM] Thumb `__builtin_longjmp` back to ARM broken for Linux"

   href="https://bugs.llvm.org/show_bug.cgi?id=51681">51681</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>[ARM] Thumb `__builtin_longjmp` back to ARM broken for Linux

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>libraries

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>trunk

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>enhancement

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>Backend: ARM

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>xtkoba@gmail.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>llvm-bugs@lists.llvm.org, smithp352@googlemail.com, Ties.Stuij@arm.com

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Created <span class=""><a href="attachment.cgi?id=25205" name="attach_25205" title="Repro">attachment 25205</a> <a href="attachment.cgi?id=25205&action=edit" title="Repro">[details]</a></span>

Repro

$ cat thumb-blj.c

void blj(void *jmp_buf[5])

{

  __asm__ __volatile__ ("movs r2, #0\n\t"

                        "mov r11, r2" : : : "r2", "r11");

  __builtin_longjmp(jmp_buf, 1);

  return;

}

$ cat arm-bsj.c

void *jmp_buf[5];

void blj(void *[5]);

int foo(void)

{

  volatile int i = 0;

  if (__builtin_setjmp(jmp_buf) == 0) {

    i++;

    blj(jmp_buf);

  } else {

    i++;

  }

  return i;

}

int main(void)

{

  return foo() - 2;

}

$ clang -mthumb thumb-blj.c -c

$ clang -marm arm-bsj.c thumb-blj.o

Then

$ ./a.out

will segfault.

This is because R11 is not restored from the jump buffer. Let's look at the

disassembly of thumb-blj.o:

$ llvm-objdump thumb-blj.o -d

thumb-blj.o:    file format elf32-littlearm

Disassembly of section .text:

00000000 <blj>:

       0: 80 b5         push    {r7, lr}

       2: 6f 46         mov     r7, sp

       4: 4d f8 04 bd   str     r11, [sp, #-4]!

       8: 81 b0         sub     sp, #4

       a: 00 90         str     r0, [sp]

       c: 00 22         movs    r2, #0

       e: 93 46         mov     r11, r2

      10: 00 98         ldr     r0, [sp]

      12: 00 21         movs    r1, #0

      14: 81 68         ldr     r1, [r0, #8]

      16: 8d 46         mov     sp, r1

      18: 41 68         ldr     r1, [r0, #4]

      1a: 07 68         ldr     r7, [r0]

      1c: 03 68         ldr     r3, [r0]

      1e: 08 47         bx      r1

I suppose the instruction at 0x1c is intended to be something like

        ldr     r11, [r0]

but this is illegal for Thumb because R11 is a high register.</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>