[llvm-bugs] [Bug 51681] New: [ARM] Thumb `__builtin_longjmp` back to ARM broken for Linux

via llvm-bugs llvm-bugs at lists.llvm.org
Mon Aug 30 15:19:45 PDT 2021 

https://bugs.llvm.org/show_bug.cgi?id=51681

            Bug ID: 51681
           Summary: [ARM] Thumb `__builtin_longjmp` back to ARM broken for
                    Linux
           Product: libraries
           Version: trunk
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Backend: ARM
          Assignee: unassignedbugs at nondot.org
          Reporter: xtkoba at gmail.com
                CC: llvm-bugs at lists.llvm.org, smithp352 at googlemail.com,
                    Ties.Stuij at arm.com

Created attachment 25205
  --> https://bugs.llvm.org/attachment.cgi?id=25205&action=edit
Repro

$ cat thumb-blj.c

void blj(void *jmp_buf[5])
{
  __asm__ __volatile__ ("movs r2, #0\n\t"
                        "mov r11, r2" : : : "r2", "r11");
  __builtin_longjmp(jmp_buf, 1);
  return;
}

$ cat arm-bsj.c

void *jmp_buf[5];

void blj(void *[5]);

int foo(void)
{
  volatile int i = 0;
  if (__builtin_setjmp(jmp_buf) == 0) {
    i++;
    blj(jmp_buf);
  } else {
    i++;
  }
  return i;
}

int main(void)
{
  return foo() - 2;
}

$ clang -mthumb thumb-blj.c -c
$ clang -marm arm-bsj.c thumb-blj.o

Then

$ ./a.out

will segfault.

This is because R11 is not restored from the jump buffer. Let's look at the
disassembly of thumb-blj.o:

$ llvm-objdump thumb-blj.o -d

thumb-blj.o:    file format elf32-littlearm

Disassembly of section .text:

00000000 <blj>:
       0: 80 b5         push    {r7, lr}
       2: 6f 46         mov     r7, sp
       4: 4d f8 04 bd   str     r11, [sp, #-4]!
       8: 81 b0         sub     sp, #4
       a: 00 90         str     r0, [sp]
       c: 00 22         movs    r2, #0
       e: 93 46         mov     r11, r2
      10: 00 98         ldr     r0, [sp]
      12: 00 21         movs    r1, #0
      14: 81 68         ldr     r1, [r0, #8]
      16: 8d 46         mov     sp, r1
      18: 41 68         ldr     r1, [r0, #4]
      1a: 07 68         ldr     r7, [r0]
      1c: 03 68         ldr     r3, [r0]
      1e: 08 47         bx      r1

I suppose the instruction at 0x1c is intended to be something like

        ldr     r11, [r0]

but this is illegal for Thumb because R11 is a high register.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20210830/8a046321/attachment.html>

More information about the llvm-bugs mailing list