This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cortex M3 compiler optimization producing incorrect disassembled code

Note: This was originally posted on 20th May 2009 at http://forums.arm.com

I am seeing that Cortex M3 compiler is producing incorrect disassembled code.
I am using ARM RVCT 3.0 Build 440

    myMain
    $t
    .ROM_SECTION
        0x00000040:    e92d5ff0    -.._    PUSH     {r4-r12,lr}
        0x00000044:    491d        .I      LDR      r1,[pc,#116]  ; [0xbc] = 0x42700
        0x00000046:    4f1d        .O      LDR      r7,[pc,#116]  ; [0xbc] = 0x42700
        0x00000048:    780a        .x      LDRB     r2,[r1,#0]
        0x0000004a:    7849        Ix      LDRB     r1,[r1,#1]
        0x0000004c:    f8dfb070    ..p.    LDR      r11,[pc,#112]  ; [0xc0] = 0x20001a2c
        0x00000050:    2000        .       MOVS     r0,#0
        0x00000052:    2404        .$      MOVS     r4,#4
        0x00000054:    1d3f        ?.      ADDS     r7,r7,#4
        0x00000056:    f04f080f    O...    MOV      r8,#0xf
        0x0000005a:    f1ab0a04    ....    SUB      r10,r11,#4
        0x0000005e:    428a        .B      CMP      r2,r1
        0x00000060:    d311        ..      BCC      0x86  ; myMain + 70
        0x00000062:    4680        .F      MOV      r8,r0
        0x00000064:    e018        ..      B        0x98  ; myMain + 88
        0x00000066:    2104        .!      MOVS     r1,#4
        0x00000068:    f8d76250    ..Pb    LDR      r6,[r7,#0x250]
        0x0000006c:    462b        +F      MOV      r3,r5
        0x0000006e:    4652        RF      MOV      r2,r10
        0x00000070:    200d        .       MOVS     r0,#0xd
        0x00000072:    47b0        .G      BLX      r6
        0x00000074:    2104        .!      MOVS     r1,#4
        0x00000076:    f8d76250    ..Pb    LDR      r6,[r7,#0x250]
        0x0000007a:    462b        +F      MOV      r3,r5
        0x0000007c:    465a        ZF      MOV      r2,r11
        0x0000007e:    2018        .       MOVS     r0,#0x18
        0x00000080:    47b0        .G      BLX      r6
        0x00000082:    1e64        d.      SUBS     r4,r4,#1
        0x00000084:    e003        ..      B        0x8e  ; myMain + 78
        0x00000086:    eba80900    ....    SUB      r9,r8,r0
        0x0000008a:    eb000559    ..Y.    ADD      r5,r0,r9,LSR #1
        0x0000008e:    f1b90f01    ....    CMP      r9,#1
        0x00000092:    d001        ..      BEQ      0x98  ; myMain + 88
        0x00000094:    2c00        .,      CMP      r4,#0
        0x00000096:    d1e6        ..      BNE      0x66  ; myMain + 38
        0x00000098:    2104        .!      MOVS     r1,#4
        0x0000009a:    f8d74250    ..PB    LDR      r4,[r7,#0x250]
        0x0000009e:    4643        CF      MOV      r3,r8
        0x000000a0:    4652        RF      MOV      r2,r10
        0x000000a2:    200d        .       MOVS     r0,#0xd
        0x000000a4:    47a0        .G      BLX      r4
        0x000000a6:    f8d74250    ..PB    LDR      r4,[r7,#0x250]
        0x000000aa:    4643        CF      MOV      r3,r8
        0x000000ac:    465a        ZF      MOV      r2,r11
        0x000000ae:    46a4        .F      MOV      r12,r4
        0x000000b0:    e8bd5ff0    ..._    POP      {r4-r12,lr}
        0x000000b4:    2104        .!      MOVS     r1,#4
        0x000000b6:    2018        .       MOVS     r0,#0x18
        0x000000b8:    4760        `G      BX       r12
    $d
        0x000000ba:    0000        ..      DCW    0
        0x000000bc:    00042700    .'..    DCD    272128
        0x000000c0:    20001a2c    ,..     DCD    536877612

See the lst file especially the following two places

        0x0000009a:    f8d74250    ..PB    LDR      r4,[r7,#0x250]
        0x0000009e:    4643        CF      MOV      r3,r8
        0x000000a0:    4652        RF      MOV      r2,r10
        0x000000a2:    200d        .       MOVS     r0,#0xd
        0x000000a4:    47a0        .G      BLX      r4
        0x000000a6:    f8d74250    ..PB    LDR      r4,[r7,#0x250]
        0x000000aa:    4643        CF      MOV      r3,r8
        0x000000ac:    465a        ZF      MOV      r2,r11
        0x000000ae:    46a4        .F      MOV      r12,r4
        0x000000b0:    e8bd5ff0    ..._    POP      {r4-r12,lr}
        0x000000b4:    2104        .!      MOVS     r1,#4
        0x000000b6:    2018        .       MOVS     r0,#0x18
        0x000000b8:    4760        `G      BX       r12

This is basically 2 calls to the same function with different arguments
The second call is done using BX r12, but see that before that the contents of r12 are corrupted using the POP {r4-r12,lr} instruction.

Does anyone has any clue why does this happen. Or is this a known bug?
I have also attached the C code for someone to test.

Parents

Peter Harris over 12 years ago

Note: This was originally posted on 21st May 2009 at http://forums.arm.com

It looks like a compiler bug to me....

It is worth noting that you are using quite an old build of the compiler - build 688 is the latest build of RVCT 3.0.
* Patch download here: [url="http://www.arm.com/support/downloads/RVDS_30.html"]http://www.arm.com/support/downloads/RVDS_30.html[/url]

Can you try patching and see if the problem still remains?

I've tried compiling on RVCT 4.0 [Build 400] and the bug seems to have gone away:

myMain 0x00000040: e92d5ff0 -.._ PUSH {r4-r12,lr} .... snip .... 0x000000a2: 47a8 .G BLX r5 .... snip .... 0x000000aa: 46ac .F MOV r12,r5 0x000000ac: e8bd4ff0 ...O POP {r4-r11,lr} .... snip .... 0x000000b4: f85deb04 ]... POP {lr} 0x000000b8: 4760 `G BX r12

It now pops the original value of r12 in to the lr (and corrupts it, which is OK because r12 corruption is allowed in the ARM ABI), and then restores the real with the second pop.
Cancel
Vote up 0 Vote down

Cancel

Reply

Peter Harris over 12 years ago

Note: This was originally posted on 21st May 2009 at http://forums.arm.com

It looks like a compiler bug to me....

It is worth noting that you are using quite an old build of the compiler - build 688 is the latest build of RVCT 3.0.
* Patch download here: [url="http://www.arm.com/support/downloads/RVDS_30.html"]http://www.arm.com/support/downloads/RVDS_30.html[/url]

Can you try patching and see if the problem still remains?

I've tried compiling on RVCT 4.0 [Build 400] and the bug seems to have gone away:

myMain 0x00000040: e92d5ff0 -.._ PUSH {r4-r12,lr} .... snip .... 0x000000a2: 47a8 .G BLX r5 .... snip .... 0x000000aa: 46ac .F MOV r12,r5 0x000000ac: e8bd4ff0 ...O POP {r4-r11,lr} .... snip .... 0x000000b4: f85deb04 ]... POP {lr} 0x000000b8: 4760 `G BX r12

It now pops the original value of r12 in to the lr (and corrupts it, which is OK because r12 corruption is allowed in the ARM ABI), and then restores the real with the second pop.
Cancel
Vote up 0 Vote down

Cancel

Children

No data