gcc does not generate correct code while building PIC

Hey guys,

I have been exploring building PIC using the gcc toolchain and I think there is a bug.

I first build a shared library using 

arm-none-eabi-gcc -shared -mcpu=cortex-m4 -mthumb -Wall -g -fPIC -fmessage-length=0 --specs=nosys.specs mylib.c -o libmylib.so

and then link to my code using the follwing

arm-none-eabi-gcc -x assembler-with-cpp -c -O0 -mcpu=cortex-m4 -mthumb -Wall -fmessage-length=0 -fPIC startup.S -o startup.o
arm-none-eabi-gcc -c -mcpu=cortex-m4 -mthumb -Wall -g -fmessage-length=0 --specs=nosys.specs -fPIC  main.c -o main.o
arm-none-eabi-ld startup.o main.o -g -nostdlib -T./stm32_linker.ld -L. -lmylib -o main.elf

Full code is at https://github.com/rgujju/STM32-projects/tree/master/got_plt , generate the required code using 'make got_plt'. I have also attached the disassembly of the code at the end for convenience.

What I expect is the function call to <library_function> to go through the GOT and PLT and eventually go into the .dynamic section. I understand that i will have to build a dynamic linker for the actual call to <library_function> work but i just want to check if it runs till this point correctly first. But the code gives a fault at 0x800010c. The branch to the instruction at 0x800010c is from 0x8000126. The value of ip at 0x8000126 is 0x200000a0, hence the PC gets loaded with 0x800010c. The CFSR value after the fault is 0x00020001 which is IACCVIOL and INVSTATE. INVSTATE occurs when the last bit is not set to 1 for a thumb2 instruction. So I changed the 0x800010c to 0x800010d and it seems to work fine.

So my question is, is this actually a bug in gcc or am i doing something wrong?

Thanks a lot for your help.

EDIT: I am using arm gcc 9-2019-q4-major

EDIT: Added GBD output

From https://interrupt.memfault.com/blog/cortex-m-fault-debug

INVSTATE - Indicates the processor has tried to execute an instruction with an invalid Execution Program Status Register (EPSR) value. Among other things the ESPR tracks whether or not the processor is in thumb mode state. Instructions which use “interworking addresses”2 (bx & blx or ldr & ldm when loading a pc-relative value) must set bit[0] of the instruction to 1 as this is used to update ESPR.T. If this rule is violated, a INVSTATE exception will be generated. When writing C code, the compiler will take care of this automatically, but this is a common bug which can arise when hand-writing assembly.

main.elf:     file format elf32-littlearm


Disassembly of section .vector_table:

08000000 <vtable>:
 8000000:	20001000 	andcs	r1, r0, r0
 8000004:	08000009 	stmdaeq	r0, {r0, r3}

08000008 <reset_handler>:
 8000008:	480b      	ldr	r0, [pc, #44]	; (8000038 <__main_loop+0x2>)
 800000a:	4685      	mov	sp, r0
 800000c:	2000      	movs	r0, #0
 800000e:	490b      	ldr	r1, [pc, #44]	; (800003c <__main_loop+0x6>)
 8000010:	4a0b      	ldr	r2, [pc, #44]	; (8000040 <__main_loop+0xa>)
 8000012:	4b0c      	ldr	r3, [pc, #48]	; (8000044 <__main_loop+0xe>)
 8000014:	e002      	b.n	800001c <copy_sidata_loop>

08000016 <copy_sidata>:
 8000016:	581c      	ldr	r4, [r3, r0]
 8000018:	500c      	str	r4, [r1, r0]
 800001a:	3004      	adds	r0, #4

0800001c <copy_sidata_loop>:
 800001c:	1844      	adds	r4, r0, r1
 800001e:	4294      	cmp	r4, r2
 8000020:	d3f9      	bcc.n	8000016 <copy_sidata>
 8000022:	2000      	movs	r0, #0
 8000024:	4908      	ldr	r1, [pc, #32]	; (8000048 <__main_loop+0x12>)
 8000026:	4a09      	ldr	r2, [pc, #36]	; (800004c <__main_loop+0x16>)
 8000028:	e001      	b.n	800002e <reset_bss_loop>

0800002a <reset_bss>:
 800002a:	6008      	str	r0, [r1, #0]
 800002c:	3104      	adds	r1, #4

0800002e <reset_bss_loop>:
 800002e:	4291      	cmp	r1, r2
 8000030:	d3fb      	bcc.n	800002a <reset_bss>
 8000032:	f000 b80d 	b.w	8000050 <main>

08000036 <__main_loop>:
 8000036:	e7fe      	b.n	8000036 <__main_loop>
 8000038:	20001000 	andcs	r1, r0, r0
 800003c:	20000000 	andcs	r0, r0, r0
 8000040:	200000a4 	andcs	r0, r0, r4, lsr #1
 8000044:	08000134 	stmdaeq	r0, {r2, r4, r5, r8}
 8000048:	200000a4 	andcs	r0, r0, r4, lsr #1
 800004c:	200000b0 	strhcs	r0, [r0], -r0	; <UNPREDICTABLE>

Disassembly of section .text:

08000050 <main>:
unsigned int x;
unsigned int y;
unsigned int z;

int main ( void )
{
 8000050:	b598      	push	{r3, r4, r7, lr}
 8000052:	af00      	add	r7, sp, #0
 8000054:	4c09      	ldr	r4, [pc, #36]	; (800007c <main+0x2c>)
 8000056:	447c      	add	r4, pc
	x=7;
 8000058:	4b09      	ldr	r3, [pc, #36]	; (8000080 <main+0x30>)
 800005a:	58e3      	ldr	r3, [r4, r3]
 800005c:	461a      	mov	r2, r3
 800005e:	2307      	movs	r3, #7
 8000060:	6013      	str	r3, [r2, #0]
	y=8;
 8000062:	4b08      	ldr	r3, [pc, #32]	; (8000084 <main+0x34>)
 8000064:	58e3      	ldr	r3, [r4, r3]
 8000066:	461a      	mov	r2, r3
 8000068:	2308      	movs	r3, #8
 800006a:	6013      	str	r3, [r2, #0]
	z=library_function(77);
 800006c:	204d      	movs	r0, #77	; 0x4d
 800006e:	f000 f855 	bl	800011c <.plt+0x10>
 8000072:	4602      	mov	r2, r0
 8000074:	4b04      	ldr	r3, [pc, #16]	; (8000088 <main+0x38>)
 8000076:	58e3      	ldr	r3, [r4, r3]
 8000078:	601a      	str	r2, [r3, #0]

	while(1){
 800007a:	e7fe      	b.n	800007a <main+0x2a>
 800007c:	1800002e 	stmdane	r0, {r1, r2, r3, r5}
 8000080:	00000000 	andeq	r0, r0, r0
 8000084:	00000008 	andeq	r0, r0, r8
 8000088:	00000004 	andeq	r0, r0, r4

Disassembly of section .interp:

0800008c <.interp>:
 800008c:	7273752f 	rsbsvc	r7, r3, #197132288	; 0xbc00000
 8000090:	62696c2f 	rsbvs	r6, r9, #12032	; 0x2f00
 8000094:	2e646c2f 	cdpcs	12, 6, cr6, cr4, cr15, {1}
 8000098:	312e6f73 			; <UNDEFINED> instruction: 0x312e6f73
 800009c:	Address 0x000000000800009c is out of bounds.


Disassembly of section .dynsym:

080000a0 <.dynsym>:
 80000a0:	00000000 	andeq	r0, r0, r0
 80000a4:	00000000 	andeq	r0, r0, r0
 80000a8:	00000000 	andeq	r0, r0, r0
 80000ac:	00000000 	andeq	r0, r0, r0
 80000b0:	0000000d 	andeq	r0, r0, sp
 80000b4:	00000000 	andeq	r0, r0, r0
 80000b8:	00000000 	andeq	r0, r0, r0
 80000bc:	00000012 	andeq	r0, r0, r2, lsl r0
 80000c0:	0000001e 	andeq	r0, r0, lr, lsl r0
 80000c4:	08000051 	stmdaeq	r0, {r0, r4, r6}
 80000c8:	0000003c 	andeq	r0, r0, ip, lsr r0
 80000cc:	00020012 	andeq	r0, r2, r2, lsl r0

Disassembly of section .dynstr:

080000d0 <.dynstr>:
 80000d0:	62696c00 	rsbvs	r6, r9, #0, 24
 80000d4:	696c796d 	stmdbvs	ip!, {r0, r2, r3, r5, r6, r8, fp, ip, sp, lr}^
 80000d8:	6f732e62 	svcvs	0x00732e62
 80000dc:	62696c00 	rsbvs	r6, r9, #0, 24
 80000e0:	79726172 	ldmdbvc	r2!, {r1, r4, r5, r6, r8, sp, lr}^
 80000e4:	6e75665f 	mrcvs	6, 3, r6, cr5, cr15, {2}
 80000e8:	6f697463 	svcvs	0x00697463
 80000ec:	616d006e 	cmnvs	sp, lr, rrx
 80000f0:	Address 0x00000000080000f0 is out of bounds.


Disassembly of section .hash:

080000f4 <.hash>:
 80000f4:	00000001 	andeq	r0, r0, r1
 80000f8:	00000003 	andeq	r0, r0, r3
 80000fc:	00000002 	andeq	r0, r0, r2
 8000100:	00000000 	andeq	r0, r0, r0
 8000104:	00000000 	andeq	r0, r0, r0
 8000108:	00000001 	andeq	r0, r0, r1

Disassembly of section .plt:

0800010c <.plt>:
 800010c:	b500      	push	{lr}
 800010e:	f8df e008 	ldr.w	lr, [pc, #8]	; 8000118 <.plt+0xc>
 8000112:	44fe      	add	lr, pc
 8000114:	f85e ff08 	ldr.w	pc, [lr, #8]!
 8000118:	17ffff7c 			; <UNDEFINED> instruction: 0x17ffff7c
 800011c:	f64f 7c78 	movw	ip, #65400	; 0xff78
 8000120:	f2c1 7cff 	movt	ip, #6143	; 0x17ff
 8000124:	44fc      	add	ip, pc
 8000126:	f8dc f000 	ldr.w	pc, [ip]
 800012a:	e7fd      	b.n	8000128 <.plt+0x1c>

Disassembly of section .rel.dyn:

0800012c <.rel.dyn>:
 800012c:	200000a0 	andcs	r0, r0, r0, lsr #1
 8000130:	00000116 	andeq	r0, r0, r6, lsl r1

Disassembly of section .dynamic:

20000000 <_DYNAMIC>:
20000000:	00000001 	andeq	r0, r0, r1
20000004:	00000001 	andeq	r0, r0, r1
20000008:	00000004 	andeq	r0, r0, r4
2000000c:	080000f4 	stmdaeq	r0, {r2, r4, r5, r6, r7}
20000010:	00000005 	andeq	r0, r0, r5
20000014:	080000d0 	stmdaeq	r0, {r4, r6, r7}
20000018:	00000006 	andeq	r0, r0, r6
2000001c:	080000a0 	stmdaeq	r0, {r5, r7}
20000020:	0000000a 	andeq	r0, r0, sl
20000024:	00000023 	andeq	r0, r0, r3, lsr #32
20000028:	0000000b 	andeq	r0, r0, fp
2000002c:	00000010 	andeq	r0, r0, r0, lsl r0
20000030:	00000015 	andeq	r0, r0, r5, lsl r0
20000034:	00000000 	andeq	r0, r0, r0
20000038:	00000003 	andeq	r0, r0, r3
2000003c:	20000094 	mulcs	r0, r4, r0
20000040:	00000002 	andeq	r0, r0, r2
20000044:	00000008 	andeq	r0, r0, r8
20000048:	00000014 	andeq	r0, r0, r4, lsl r0
2000004c:	00000011 	andeq	r0, r0, r1, lsl r0
20000050:	00000017 	andeq	r0, r0, r7, lsl r0
20000054:	0800012c 	stmdaeq	r0, {r2, r3, r5, r8}
20000058:	00000000 	andeq	r0, r0, r0
2000005c:	00000000 	andeq	r0, r0, r0
20000060:	00000000 	andeq	r0, r0, r0
20000064:	00000000 	andeq	r0, r0, r0
20000068:	00000000 	andeq	r0, r0, r0
2000006c:	00000000 	andeq	r0, r0, r0
20000070:	00000000 	andeq	r0, r0, r0
20000074:	00000000 	andeq	r0, r0, r0
20000078:	00000000 	andeq	r0, r0, r0
2000007c:	00000000 	andeq	r0, r0, r0
20000080:	00000000 	andeq	r0, r0, r0
20000084:	00000000 	andeq	r0, r0, r0

Disassembly of section .got:

20000088 <.got>:
20000088:	200000a4 	andcs	r0, r0, r4, lsr #1
2000008c:	200000a8 	andcs	r0, r0, r8, lsr #1
20000090:	200000ac 	andcs	r0, r0, ip, lsr #1

Disassembly of section .got.plt:

20000094 <_GLOBAL_OFFSET_TABLE_>:
20000094:	20000000 	andcs	r0, r0, r0
20000098:	00000000 	andeq	r0, r0, r0
2000009c:	00000000 	andeq	r0, r0, r0
200000a0:	0800010c 	stmdaeq	r0, {r2, r3, r8}

Disassembly of section .bss:

200000a4 <x>:
unsigned int x;
200000a4:	00000000 	andeq	r0, r0, r0

200000a8 <z>:
unsigned int z;
200000a8:	00000000 	andeq	r0, r0, r0

200000ac <y>:
unsigned int y;
200000ac:	00000000 	andeq	r0, r0, r0

Disassembly of section .dynamic_allocations:

200000b0 <_ssystem_ram>:
200000b0:	00000000 	andeq	r0, r0, r0
200000b4:	00000000 	andeq	r0, r0, r0
200000b8:	00000000 	andeq	r0, r0, r0
200000bc:	00000000 	andeq	r0, r0, r0
200000c0:	00000000 	andeq	r0, r0, r0
200000c4:	00000000 	andeq	r0, r0, r0
200000c8:	00000000 	andeq	r0, r0, r0
200000cc:	00000000 	andeq	r0, r0, r0
200000d0:	00000000 	andeq	r0, r0, r0
200000d4:	00000000 	andeq	r0, r0, r0
200000d8:	00000000 	andeq	r0, r0, r0
200000dc:	00000000 	andeq	r0, r0, r0
200000e0:	00000000 	andeq	r0, r0, r0
200000e4:	00000000 	andeq	r0, r0, r0
200000e8:	00000000 	andeq	r0, r0, r0
200000ec:	00000000 	andeq	r0, r0, r0
200000f0:	00000000 	andeq	r0, r0, r0
200000f4:	00000000 	andeq	r0, r0, r0
200000f8:	00000000 	andeq	r0, r0, r0
200000fc:	00000000 	andeq	r0, r0, r0
20000100:	00000000 	andeq	r0, r0, r0
20000104:	00000000 	andeq	r0, r0, r0
20000108:	00000000 	andeq	r0, r0, r0
2000010c:	00000000 	andeq	r0, r0, r0
20000110:	00000000 	andeq	r0, r0, r0
20000114:	00000000 	andeq	r0, r0, r0
20000118:	00000000 	andeq	r0, r0, r0
2000011c:	00000000 	andeq	r0, r0, r0
20000120:	00000000 	andeq	r0, r0, r0
20000124:	00000000 	andeq	r0, r0, r0
20000128:	00000000 	andeq	r0, r0, r0
2000012c:	00000000 	andeq	r0, r0, r0
20000130:	00000000 	andeq	r0, r0, r0
20000134:	00000000 	andeq	r0, r0, r0
20000138:	00000000 	andeq	r0, r0, r0
2000013c:	00000000 	andeq	r0, r0, r0
20000140:	00000000 	andeq	r0, r0, r0
20000144:	00000000 	andeq	r0, r0, r0
20000148:	00000000 	andeq	r0, r0, r0
2000014c:	00000000 	andeq	r0, r0, r0
20000150:	00000000 	andeq	r0, r0, r0
20000154:	00000000 	andeq	r0, r0, r0
20000158:	00000000 	andeq	r0, r0, r0
2000015c:	00000000 	andeq	r0, r0, r0
20000160:	00000000 	andeq	r0, r0, r0
20000164:	00000000 	andeq	r0, r0, r0
20000168:	00000000 	andeq	r0, r0, r0
2000016c:	00000000 	andeq	r0, r0, r0
20000170:	00000000 	andeq	r0, r0, r0
20000174:	00000000 	andeq	r0, r0, r0
20000178:	00000000 	andeq	r0, r0, r0
2000017c:	00000000 	andeq	r0, r0, r0
20000180:	00000000 	andeq	r0, r0, r0
20000184:	00000000 	andeq	r0, r0, r0
20000188:	00000000 	andeq	r0, r0, r0
2000018c:	00000000 	andeq	r0, r0, r0
20000190:	00000000 	andeq	r0, r0, r0
20000194:	00000000 	andeq	r0, r0, r0
20000198:	00000000 	andeq	r0, r0, r0
2000019c:	00000000 	andeq	r0, r0, r0
200001a0:	00000000 	andeq	r0, r0, r0
200001a4:	00000000 	andeq	r0, r0, r0
200001a8:	00000000 	andeq	r0, r0, r0
200001ac:	00000000 	andeq	r0, r0, r0
200001b0:	00000000 	andeq	r0, r0, r0
200001b4:	00000000 	andeq	r0, r0, r0
200001b8:	00000000 	andeq	r0, r0, r0
200001bc:	00000000 	andeq	r0, r0, r0
200001c0:	00000000 	andeq	r0, r0, r0
200001c4:	00000000 	andeq	r0, r0, r0
200001c8:	00000000 	andeq	r0, r0, r0
200001cc:	00000000 	andeq	r0, r0, r0
200001d0:	00000000 	andeq	r0, r0, r0
200001d4:	00000000 	andeq	r0, r0, r0
200001d8:	00000000 	andeq	r0, r0, r0
200001dc:	00000000 	andeq	r0, r0, r0
200001e0:	00000000 	andeq	r0, r0, r0
200001e4:	00000000 	andeq	r0, r0, r0
200001e8:	00000000 	andeq	r0, r0, r0
200001ec:	00000000 	andeq	r0, r0, r0
200001f0:	00000000 	andeq	r0, r0, r0
200001f4:	00000000 	andeq	r0, r0, r0
200001f8:	00000000 	andeq	r0, r0, r0
200001fc:	00000000 	andeq	r0, r0, r0
20000200:	00000000 	andeq	r0, r0, r0
20000204:	00000000 	andeq	r0, r0, r0
20000208:	00000000 	andeq	r0, r0, r0
2000020c:	00000000 	andeq	r0, r0, r0
20000210:	00000000 	andeq	r0, r0, r0
20000214:	00000000 	andeq	r0, r0, r0
20000218:	00000000 	andeq	r0, r0, r0
2000021c:	00000000 	andeq	r0, r0, r0
20000220:	00000000 	andeq	r0, r0, r0
20000224:	00000000 	andeq	r0, r0, r0
20000228:	00000000 	andeq	r0, r0, r0
2000022c:	00000000 	andeq	r0, r0, r0
20000230:	00000000 	andeq	r0, r0, r0
20000234:	00000000 	andeq	r0, r0, r0
20000238:	00000000 	andeq	r0, r0, r0
2000023c:	00000000 	andeq	r0, r0, r0
20000240:	00000000 	andeq	r0, r0, r0
20000244:	00000000 	andeq	r0, r0, r0
20000248:	00000000 	andeq	r0, r0, r0
2000024c:	00000000 	andeq	r0, r0, r0
20000250:	00000000 	andeq	r0, r0, r0
20000254:	00000000 	andeq	r0, r0, r0
20000258:	00000000 	andeq	r0, r0, r0
2000025c:	00000000 	andeq	r0, r0, r0
20000260:	00000000 	andeq	r0, r0, r0
20000264:	00000000 	andeq	r0, r0, r0
20000268:	00000000 	andeq	r0, r0, r0
2000026c:	00000000 	andeq	r0, r0, r0
20000270:	00000000 	andeq	r0, r0, r0
20000274:	00000000 	andeq	r0, r0, r0
20000278:	00000000 	andeq	r0, r0, r0
2000027c:	00000000 	andeq	r0, r0, r0
20000280:	00000000 	andeq	r0, r0, r0
20000284:	00000000 	andeq	r0, r0, r0
20000288:	00000000 	andeq	r0, r0, r0
2000028c:	00000000 	andeq	r0, r0, r0
20000290:	00000000 	andeq	r0, r0, r0
20000294:	00000000 	andeq	r0, r0, r0
20000298:	00000000 	andeq	r0, r0, r0
2000029c:	00000000 	andeq	r0, r0, r0
200002a0:	00000000 	andeq	r0, r0, r0
200002a4:	00000000 	andeq	r0, r0, r0
200002a8:	00000000 	andeq	r0, r0, r0
200002ac:	00000000 	andeq	r0, r0, r0
200002b0:	00000000 	andeq	r0, r0, r0
200002b4:	00000000 	andeq	r0, r0, r0
200002b8:	00000000 	andeq	r0, r0, r0
200002bc:	00000000 	andeq	r0, r0, r0
200002c0:	00000000 	andeq	r0, r0, r0
200002c4:	00000000 	andeq	r0, r0, r0
200002c8:	00000000 	andeq	r0, r0, r0
200002cc:	00000000 	andeq	r0, r0, r0
200002d0:	00000000 	andeq	r0, r0, r0
200002d4:	00000000 	andeq	r0, r0, r0
200002d8:	00000000 	andeq	r0, r0, r0
200002dc:	00000000 	andeq	r0, r0, r0
200002e0:	00000000 	andeq	r0, r0, r0
200002e4:	00000000 	andeq	r0, r0, r0
200002e8:	00000000 	andeq	r0, r0, r0
200002ec:	00000000 	andeq	r0, r0, r0
200002f0:	00000000 	andeq	r0, r0, r0
200002f4:	00000000 	andeq	r0, r0, r0
200002f8:	00000000 	andeq	r0, r0, r0
200002fc:	00000000 	andeq	r0, r0, r0
20000300:	00000000 	andeq	r0, r0, r0
20000304:	00000000 	andeq	r0, r0, r0
20000308:	00000000 	andeq	r0, r0, r0
2000030c:	00000000 	andeq	r0, r0, r0
20000310:	00000000 	andeq	r0, r0, r0
20000314:	00000000 	andeq	r0, r0, r0
20000318:	00000000 	andeq	r0, r0, r0
2000031c:	00000000 	andeq	r0, r0, r0
20000320:	00000000 	andeq	r0, r0, r0
20000324:	00000000 	andeq	r0, r0, r0
20000328:	00000000 	andeq	r0, r0, r0
2000032c:	00000000 	andeq	r0, r0, r0
20000330:	00000000 	andeq	r0, r0, r0
20000334:	00000000 	andeq	r0, r0, r0
20000338:	00000000 	andeq	r0, r0, r0
2000033c:	00000000 	andeq	r0, r0, r0
20000340:	00000000 	andeq	r0, r0, r0
20000344:	00000000 	andeq	r0, r0, r0
20000348:	00000000 	andeq	r0, r0, r0
2000034c:	00000000 	andeq	r0, r0, r0
20000350:	00000000 	andeq	r0, r0, r0
20000354:	00000000 	andeq	r0, r0, r0
20000358:	00000000 	andeq	r0, r0, r0
2000035c:	00000000 	andeq	r0, r0, r0
20000360:	00000000 	andeq	r0, r0, r0
20000364:	00000000 	andeq	r0, r0, r0
20000368:	00000000 	andeq	r0, r0, r0
2000036c:	00000000 	andeq	r0, r0, r0
20000370:	00000000 	andeq	r0, r0, r0
20000374:	00000000 	andeq	r0, r0, r0
20000378:	00000000 	andeq	r0, r0, r0
2000037c:	00000000 	andeq	r0, r0, r0
20000380:	00000000 	andeq	r0, r0, r0
20000384:	00000000 	andeq	r0, r0, r0
20000388:	00000000 	andeq	r0, r0, r0
2000038c:	00000000 	andeq	r0, r0, r0
20000390:	00000000 	andeq	r0, r0, r0
20000394:	00000000 	andeq	r0, r0, r0
20000398:	00000000 	andeq	r0, r0, r0
2000039c:	00000000 	andeq	r0, r0, r0
200003a0:	00000000 	andeq	r0, r0, r0
200003a4:	00000000 	andeq	r0, r0, r0
200003a8:	00000000 	andeq	r0, r0, r0
200003ac:	00000000 	andeq	r0, r0, r0
200003b0:	00000000 	andeq	r0, r0, r0
200003b4:	00000000 	andeq	r0, r0, r0
200003b8:	00000000 	andeq	r0, r0, r0
200003bc:	00000000 	andeq	r0, r0, r0
200003c0:	00000000 	andeq	r0, r0, r0
200003c4:	00000000 	andeq	r0, r0, r0
200003c8:	00000000 	andeq	r0, r0, r0
200003cc:	00000000 	andeq	r0, r0, r0
200003d0:	00000000 	andeq	r0, r0, r0
200003d4:	00000000 	andeq	r0, r0, r0
200003d8:	00000000 	andeq	r0, r0, r0
200003dc:	00000000 	andeq	r0, r0, r0
200003e0:	00000000 	andeq	r0, r0, r0
200003e4:	00000000 	andeq	r0, r0, r0
200003e8:	00000000 	andeq	r0, r0, r0
200003ec:	00000000 	andeq	r0, r0, r0
200003f0:	00000000 	andeq	r0, r0, r0
200003f4:	00000000 	andeq	r0, r0, r0
200003f8:	00000000 	andeq	r0, r0, r0
200003fc:	00000000 	andeq	r0, r0, r0
20000400:	00000000 	andeq	r0, r0, r0
20000404:	00000000 	andeq	r0, r0, r0
20000408:	00000000 	andeq	r0, r0, r0
2000040c:	00000000 	andeq	r0, r0, r0
20000410:	00000000 	andeq	r0, r0, r0
20000414:	00000000 	andeq	r0, r0, r0
20000418:	00000000 	andeq	r0, r0, r0
2000041c:	00000000 	andeq	r0, r0, r0
20000420:	00000000 	andeq	r0, r0, r0
20000424:	00000000 	andeq	r0, r0, r0
20000428:	00000000 	andeq	r0, r0, r0
2000042c:	00000000 	andeq	r0, r0, r0
20000430:	00000000 	andeq	r0, r0, r0
20000434:	00000000 	andeq	r0, r0, r0
20000438:	00000000 	andeq	r0, r0, r0
2000043c:	00000000 	andeq	r0, r0, r0
20000440:	00000000 	andeq	r0, r0, r0
20000444:	00000000 	andeq	r0, r0, r0
20000448:	00000000 	andeq	r0, r0, r0
2000044c:	00000000 	andeq	r0, r0, r0
20000450:	00000000 	andeq	r0, r0, r0
20000454:	00000000 	andeq	r0, r0, r0
20000458:	00000000 	andeq	r0, r0, r0
2000045c:	00000000 	andeq	r0, r0, r0
20000460:	00000000 	andeq	r0, r0, r0
20000464:	00000000 	andeq	r0, r0, r0
20000468:	00000000 	andeq	r0, r0, r0
2000046c:	00000000 	andeq	r0, r0, r0
20000470:	00000000 	andeq	r0, r0, r0
20000474:	00000000 	andeq	r0, r0, r0
20000478:	00000000 	andeq	r0, r0, r0
2000047c:	00000000 	andeq	r0, r0, r0
20000480:	00000000 	andeq	r0, r0, r0
20000484:	00000000 	andeq	r0, r0, r0
20000488:	00000000 	andeq	r0, r0, r0
2000048c:	00000000 	andeq	r0, r0, r0
20000490:	00000000 	andeq	r0, r0, r0
20000494:	00000000 	andeq	r0, r0, r0
20000498:	00000000 	andeq	r0, r0, r0
2000049c:	00000000 	andeq	r0, r0, r0
200004a0:	00000000 	andeq	r0, r0, r0
200004a4:	00000000 	andeq	r0, r0, r0
200004a8:	00000000 	andeq	r0, r0, r0
200004ac:	00000000 	andeq	r0, r0, r0

Disassembly of section .ARM.attributes:

00000000 <.ARM.attributes>:
   0:	00002e41 	andeq	r2, r0, r1, asr #28
   4:	61656100 	cmnvs	r5, r0, lsl #2
   8:	01006962 	tsteq	r0, r2, ror #18
   c:	00000024 	andeq	r0, r0, r4, lsr #32
  10:	726f4305 	rsbvc	r4, pc, #335544320	; 0x14000000
  14:	2d786574 	cfldr64cs	mvdx6, [r8, #-464]!	; 0xfffffe30
  18:	0600344d 	streq	r3, [r0], -sp, asr #8
  1c:	094d070d 	stmdbeq	sp, {r0, r2, r3, r8, r9, sl}^
  20:	14041202 	strne	r1, [r4], #-514	; 0xfffffdfe
  24:	17011501 	strne	r1, [r1, -r1, lsl #10]
  28:	1a011803 	bne	4603c <_Min_Leftover_RAM+0x45c3c>
  2c:	Address 0x000000000000002c is out of bounds.


Disassembly of section .comment:

00000000 <.comment>:
   0:	3a434347 	bcc	10d0d24 <_Min_Leftover_RAM+0x10d0924>
   4:	4e472820 	cdpmi	8, 4, cr2, cr7, cr0, {1}
   8:	6f542055 	svcvs	0x00542055
   c:	20736c6f 	rsbscs	r6, r3, pc, ror #24
  10:	20726f66 	rsbscs	r6, r2, r6, ror #30
  14:	206d7241 	rsbcs	r7, sp, r1, asr #4
  18:	65626d45 	strbvs	r6, [r2, #-3397]!	; 0xfffff2bb
  1c:	64656464 	strbtvs	r6, [r5], #-1124	; 0xfffffb9c
  20:	6f725020 	svcvs	0x00725020
  24:	73736563 	cmnvc	r3, #415236096	; 0x18c00000
  28:	2073726f 	rsbscs	r7, r3, pc, ror #4
  2c:	30322d39 	eorscc	r2, r2, r9, lsr sp
  30:	712d3931 			; <UNDEFINED> instruction: 0x712d3931
  34:	616d2d34 	cmnvs	sp, r4, lsr sp
  38:	29726f6a 	ldmdbcs	r2!, {r1, r3, r5, r6, r8, r9, sl, fp, sp, lr}^
  3c:	322e3920 	eorcc	r3, lr, #32, 18	; 0x80000
  40:	3220312e 	eorcc	r3, r0, #-2147483637	; 0x8000000b
  44:	31393130 	teqcc	r9, r0, lsr r1
  48:	20353230 	eorscs	r3, r5, r0, lsr r2
  4c:	6c657228 	sfmvs	f7, 2, [r5], #-160	; 0xffffff60
  50:	65736165 	ldrbvs	r6, [r3, #-357]!	; 0xfffffe9b
  54:	415b2029 	cmpmi	fp, r9, lsr #32
  58:	612f4d52 			; <UNDEFINED> instruction: 0x612f4d52
  5c:	392d6d72 	pushcc	{r1, r4, r5, r6, r8, sl, fp, sp, lr}
  60:	6172622d 	cmnvs	r2, sp, lsr #4
  64:	2068636e 	rsbcs	r6, r8, lr, ror #6
  68:	69766572 	ldmdbvs	r6!, {r1, r4, r5, r6, r8, sl, sp, lr}^
  6c:	6e6f6973 			; <UNDEFINED> instruction: 0x6e6f6973
  70:	37373220 	ldrcc	r3, [r7, -r0, lsr #4]!
  74:	5d393935 			; <UNDEFINED> instruction: 0x5d393935
  78:	Address 0x0000000000000078 is out of bounds.


Disassembly of section .debug_info:

00000000 <.debug_info>:
   0:	00000076 	andeq	r0, r0, r6, ror r0
   4:	00000004 	andeq	r0, r0, r4
   8:	01040000 	mrseq	r0, (UNDEF: 4)
   c:	00000000 	andeq	r0, r0, r0
  10:	0000cc0c 	andeq	ip, r0, ip, lsl #24
  14:	00009900 	andeq	r9, r0, r0, lsl #18
  18:	00005000 	andeq	r5, r0, r0
  1c:	00003c08 	andeq	r3, r0, r8, lsl #24
  20:	00000000 	andeq	r0, r0, r0
  24:	00780200 	rsbseq	r0, r8, r0, lsl #4
  28:	350e0601 	strcc	r0, [lr, #-1537]	; 0xfffff9ff
  2c:	05000000 	streq	r0, [r0, #-0]
  30:	0000a403 	andeq	sl, r0, r3, lsl #8
  34:	07040320 	streq	r0, [r4, -r0, lsr #6]
  38:	000000d3 	ldrdeq	r0, [r0], -r3
  3c:	01007902 	tsteq	r0, r2, lsl #18
  40:	00350e07 	eorseq	r0, r5, r7, lsl #28
  44:	03050000 	movweq	r0, #20480	; 0x5000
  48:	200000ac 	andcs	r0, r0, ip, lsr #1
  4c:	01007a02 	tsteq	r0, r2, lsl #20
  50:	00350e08 	eorseq	r0, r5, r8, lsl #28
  54:	03050000 	movweq	r0, #20480	; 0x5000
  58:	200000a8 	andcs	r0, r0, r8, lsr #1
  5c:	0000e004 	andeq	lr, r0, r4
  60:	050a0100 	streq	r0, [sl, #-256]	; 0xffffff00
  64:	00000072 	andeq	r0, r0, r2, ror r0
  68:	08000050 	stmdaeq	r0, {r4, r6}
  6c:	0000003c 	andeq	r0, r0, ip, lsr r0
  70:	04059c01 	streq	r9, [r5], #-3073	; 0xfffff3ff
  74:	746e6905 	strbtvc	r6, [lr], #-2309	; 0xfffff6fb
  78:	Address 0x0000000000000078 is out of bounds.


Disassembly of section .debug_abbrev:

00000000 <.debug_abbrev>:
   0:	25011101 	strcs	r1, [r1, #-257]	; 0xfffffeff
   4:	030b130e 	movweq	r1, #45838	; 0xb30e
   8:	110e1b0e 	tstne	lr, lr, lsl #22
   c:	10061201 	andne	r1, r6, r1, lsl #4
  10:	02000017 	andeq	r0, r0, #23
  14:	08030034 	stmdaeq	r3, {r2, r4, r5}
  18:	0b3b0b3a 	bleq	ec2d08 <_Min_Leftover_RAM+0xec2908>
  1c:	13490b39 	movtne	r0, #39737	; 0x9b39
  20:	1802193f 	stmdane	r2, {r0, r1, r2, r3, r4, r5, r8, fp, ip}
  24:	24030000 	strcs	r0, [r3], #-0
  28:	3e0b0b00 	vmlacc.f64	d0, d11, d0
  2c:	000e030b 	andeq	r0, lr, fp, lsl #6
  30:	002e0400 	eoreq	r0, lr, r0, lsl #8
  34:	0e03193f 			; <UNDEFINED> instruction: 0x0e03193f
  38:	0b3b0b3a 	bleq	ec2d28 <_Min_Leftover_RAM+0xec2928>
  3c:	19270b39 	stmdbne	r7!, {r0, r3, r4, r5, r8, r9, fp}
  40:	01111349 	tsteq	r1, r9, asr #6
  44:	18400612 	stmdane	r0, {r1, r4, r9, sl}^
  48:	00194296 	mulseq	r9, r6, r2
  4c:	00240500 	eoreq	r0, r4, r0, lsl #10
  50:	0b3e0b0b 	bleq	f82c84 <_Min_Leftover_RAM+0xf82884>
  54:	00000803 	andeq	r0, r0, r3, lsl #16
  58:	Address 0x0000000000000058 is out of bounds.


Disassembly of section .debug_aranges:

00000000 <.debug_aranges>:
   0:	0000001c 	andeq	r0, r0, ip, lsl r0
   4:	00000002 	andeq	r0, r0, r2
   8:	00040000 	andeq	r0, r4, r0
   c:	00000000 	andeq	r0, r0, r0
  10:	08000050 	stmdaeq	r0, {r4, r6}
  14:	0000003c 	andeq	r0, r0, ip, lsr r0
  18:	00000000 	andeq	r0, r0, r0
  1c:	00000000 	andeq	r0, r0, r0

Disassembly of section .debug_line:

00000000 <.debug_line>:
   0:	00000045 	andeq	r0, r0, r5, asr #32
   4:	001d0003 	andseq	r0, sp, r3
   8:	01020000 	mrseq	r0, (UNDEF: 2)
   c:	000d0efb 	strdeq	r0, [sp], -fp
  10:	01010101 	tsteq	r1, r1, lsl #2
  14:	01000000 	mrseq	r0, (UNDEF: 0)
  18:	00010000 	andeq	r0, r1, r0
  1c:	6e69616d 	powvsez	f6, f1, #5.0
  20:	0000632e 	andeq	r6, r0, lr, lsr #6
  24:	05000000 	streq	r0, [r0, #-0]
  28:	02050001 	andeq	r0, r5, #1
  2c:	08000050 	stmdaeq	r0, {r4, r6}
  30:	05010a03 	streq	r0, [r1, #-2563]	; 0xfffff5fd
  34:	05594b03 	ldrbeq	r4, [r9, #-2819]	; 0xfffff4fd
  38:	03055904 	movweq	r5, #22788	; 0x5904
  3c:	0007054a 	andeq	r0, r7, sl, asr #10
  40:	3e010402 	cdpcc	4, 0, cr0, cr1, cr2, {0}
  44:	01000902 	tsteq	r0, r2, lsl #18
  48:	Address 0x0000000000000048 is out of bounds.


Disassembly of section .debug_str:

00000000 <.debug_str>:
   0:	20554e47 	subscs	r4, r5, r7, asr #28
   4:	20373143 	eorscs	r3, r7, r3, asr #2
   8:	2e322e39 	mrccs	14, 1, r2, cr2, cr9, {1}
   c:	30322031 	eorscc	r2, r2, r1, lsr r0
  10:	30313931 	eorscc	r3, r1, r1, lsr r9
  14:	28203532 	stmdacs	r0!, {r1, r4, r5, r8, sl, ip, sp}
  18:	656c6572 	strbvs	r6, [ip, #-1394]!	; 0xfffffa8e
  1c:	29657361 	stmdbcs	r5!, {r0, r5, r6, r8, r9, ip, sp, lr}^
  20:	52415b20 	subpl	r5, r1, #32, 22	; 0x8000
  24:	72612f4d 	rsbvc	r2, r1, #308	; 0x134
  28:	2d392d6d 	ldccs	13, cr2, [r9, #-436]!	; 0xfffffe4c
  2c:	6e617262 	cdpvs	2, 6, cr7, cr1, cr2, {3}
  30:	72206863 	eorvc	r6, r0, #6488064	; 0x630000
  34:	73697665 	cmnvc	r9, #105906176	; 0x6500000
  38:	206e6f69 	rsbcs	r6, lr, r9, ror #30
  3c:	35373732 	ldrcc	r3, [r7, #-1842]!	; 0xfffff8ce
  40:	205d3939 	subscs	r3, sp, r9, lsr r9
  44:	70636d2d 	rsbvc	r6, r3, sp, lsr #26
  48:	6f633d75 	svcvs	0x00633d75
  4c:	78657472 	stmdavc	r5!, {r1, r4, r5, r6, sl, ip, sp, lr}^
  50:	20346d2d 	eorscs	r6, r4, sp, lsr #26
  54:	68746d2d 	ldmdavs	r4!, {r0, r2, r3, r5, r8, sl, fp, sp, lr}^
  58:	20626d75 	rsbcs	r6, r2, r5, ror sp
  5c:	6c666d2d 	stclvs	13, cr6, [r6], #-180	; 0xffffff4c
  60:	2d74616f 	ldfcse	f6, [r4, #-444]!	; 0xfffffe44
  64:	3d696261 	sfmcc	f6, 2, [r9, #-388]!	; 0xfffffe7c
  68:	74666f73 	strbtvc	r6, [r6], #-3955	; 0xfffff08d
  6c:	616d2d20 	cmnvs	sp, r0, lsr #26
  70:	3d686372 	stclcc	3, cr6, [r8, #-456]!	; 0xfffffe38
  74:	766d7261 	strbtvc	r7, [sp], -r1, ror #4
  78:	6d2d6537 	cfstr32vs	mvfx6, [sp, #-220]!	; 0xffffff24
  7c:	20672d20 	rsbcs	r2, r7, r0, lsr #26
  80:	656d662d 	strbvs	r6, [sp, #-1581]!	; 0xfffff9d3
  84:	67617373 			; <UNDEFINED> instruction: 0x67617373
  88:	656c2d65 	strbvs	r2, [ip, #-3429]!	; 0xfffff29b
  8c:	6874676e 	ldmdavs	r4!, {r1, r2, r3, r5, r6, r8, r9, sl, sp, lr}^
  90:	2d20303d 	stccs	0, cr3, [r0, #-244]!	; 0xffffff0c
  94:	43495066 	movtmi	r5, #36966	; 0x9066
  98:	6f682f00 	svcvs	0x00682f00
  9c:	722f656d 	eorvc	r6, pc, #457179136	; 0x1b400000
  a0:	7469686f 	strbtvc	r6, [r9], #-2159	; 0xfffff791
  a4:	636f442f 	cmnvs	pc, #788529152	; 0x2f000000
  a8:	6e656d75 	mcrvs	13, 3, r6, cr5, cr5, {3}
  ac:	532f7374 			; <UNDEFINED> instruction: 0x532f7374
  b0:	32334d54 	eorscc	r4, r3, #84, 26	; 0x1500
  b4:	4d54532f 	ldclmi	3, cr5, [r4, #-188]	; 0xffffff44
  b8:	702d3233 	eorvc	r3, sp, r3, lsr r2
  bc:	656a6f72 	strbvs	r6, [sl, #-3954]!	; 0xfffff08e
  c0:	2f737463 	svccs	0x00737463
  c4:	5f746f67 	svcpl	0x00746f67
  c8:	00746c70 	rsbseq	r6, r4, r0, ror ip
  cc:	6e69616d 	powvsez	f6, f1, #5.0
  d0:	7500632e 	strvc	r6, [r0, #-814]	; 0xfffffcd2
  d4:	6769736e 	strbvs	r7, [r9, -lr, ror #6]!
  d8:	2064656e 	rsbcs	r6, r4, lr, ror #10
  dc:	00746e69 	rsbseq	r6, r4, r9, ror #28
  e0:	6e69616d 	powvsez	f6, f1, #5.0
  e4:	Address 0x00000000000000e4 is out of bounds.


Disassembly of section .debug_frame:

00000000 <.debug_frame>:
   0:	0000000c 	andeq	r0, r0, ip
   4:	ffffffff 			; <UNDEFINED> instruction: 0xffffffff
   8:	7c020001 	stcvc	0, cr0, [r2], {1}
   c:	000d0c0e 	andeq	r0, sp, lr, lsl #24
  10:	0000001c 	andeq	r0, r0, ip, lsl r0
  14:	00000000 	andeq	r0, r0, r0
  18:	08000050 	stmdaeq	r0, {r4, r6}
  1c:	0000003c 	andeq	r0, r0, ip, lsr r0
  20:	83100e41 	tsthi	r0, #1040	; 0x410
  24:	87038404 	strhi	r8, [r3, -r4, lsl #8]
  28:	41018e02 	tstmi	r1, r2, lsl #28
  2c:	0000070d 	andeq	r0, r0, sp, lsl #14

.
.
.

0x08000068	13		y=8;
(gdb) si
0x0800006a	13		y=8;
(gdb) si
14		z=library_function(77);
(gdb) si
0x0800006e	14		z=library_function(77);
(gdb) si
0x0800011c in ?? ()
(gdb) si
0x08000120 in ?? ()
(gdb) si
0x08000124 in ?? ()
(gdb) si
0x08000126 in ?? ()
(gdb) si
0x0800010c in ?? ()
(gdb) info registers 
r0             0x4d                77
r1             0x200000b0          536871088
r2             0x200000ac          536871084
r3             0x8                 8
r4             0x20000088          536871048
r5             0x0                 0
r6             0x0                 0
r7             0x20000ff0          536874992
r8             0x0                 0
r9             0x0                 0
r10            0x0                 0
r11            0x0                 0
r12            0x200000a0          536871072
sp             0x20000ff0          0x20000ff0
lr             0x8000073           134217843
pc             0x800010c           0x800010c
xpsr           0x20000000          536870912
msp            0x20000ff0          0x20000ff0
psp            0x0                 0x0
control        0x0                 0 '\000'
faultmask      0x0                 0 '\000'
basepri        0x0                 0 '\000'
primask        0x0                 0 '\000'
fpscr          0x0                 0
(gdb) si
0x490b2000 in ?? ()
(gdb) info registers 
r0             0x4d                77
r1             0x200000b0          536871088
r2             0x200000ac          536871084
r3             0x8                 8
r4             0x20000088          536871048
r5             0x0                 0
r6             0x0                 0
r7             0x20000ff0          536874992
r8             0x0                 0
r9             0x0                 0
r10            0x0                 0
r11            0x0                 0
r12            0x200000a0          536871072
sp             0x20000fd0          0x20000fd0
lr             0xfffffff9          -7
pc             0x490b2000          0x490b2000
xpsr           0x20000003          536870915
msp            0x20000fd0          0x20000fd0
psp            0x0                 0x0
control        0x0                 0 '\000'
faultmask      0x0                 0 '\000'
basepri        0x0                 0 '\000'
primask        0x0                 0 '\000'
fpscr          0x0                 0
(gdb) quit
A debugging session is active.

	Inferior 1 [Remote target] will be killed.

Quit anyway? (y or n) y
Remote connection closed

  • Not sure if it matters, but I provide CPU options also to the linker. The "bug" you see is often in assembly if a lable is not "prefixed" with a .thumb_func .

  • This situation could be explained in a few other ways (apart from the one mentioned by 42Bastian Schick), each of which deals with decisions made under relevant ABIs.

    1. The dynamic linkers behave as if LD_BIND_NOW is always true. They always fix up the addresses up front, at the time the binaries are loaded (i.e. lazy binding isn't actually supported). This prevents the stub (@ 0x800010c here) from ever being called, and the crash is thus prevented.
    2. Or, if lazy binding is indeed supported, then there's some step that fixes up the thumb/arm mode for such stubs. The step could be performed either by the static linker (arm-none-eabi-ld), or by the kernel's elf loader, or by the dynamic linker.
    3. Or, this is a bug with the static linker (arm-none-eabi-ld).

    Looking at the behaviour of operating systems that run on such thumb-only machines can also provide more info about the expected behaviour.

  • Thumb2-only dynamic-linking support was added/augmented under this bug. It has been reopened to investigate the problem described in this topic.

More questions in this forum