On 08/11/2010 12:08 PM, Sagrailo wrote:
Trying to utilize code generated (cross-compiled) by GCC on a MIPS
architecture simulator. Basically, I've built (using crosstool-ng)
cross-compiler and other cross-* tools, and am now able to generate
code for MIPS target. The executable generated is then to be
disassembled by objdump, and then fed to MIPS architecture simulator
that I'm using (hoping to do some computer architecture related
research). In any case, the simulator is processing all the code from
the __start section without any issues, but then it hangs when the
jump is made to code from .MIPS.stubs section - this code in
particular:
004024b0<.MIPS.stubs>:
4024b0: 8f998010 lw t9,-32752(gp)
4024b4: 03e07821 move t7,ra
4024b8: 0320f809 jalr t9
The problem is that t9 is loaded with 0 here, and then trying to jump
to address zero is invalid. Now, I'm trying to understand what's
going on in this code, but to no avail so far; so - any suggestion on
what is this section of code intended for, and what kind of procedure
should be called through this JALR assembly instruction?
The is the Linux dynamic linker lazy resolution mechanism.
The dynamic linker must fill in -32752(gp) with the entry point for the
lazy resolver before it passes control to the application.
The resolver uses the value of ra to determine which symbol needs
resolution, then it patches the GOT with the proper value so that the
stub doesn't get called again.
I tried with
running the same executable on real MIPS hardware, and trace the
execution using "stepi" command in the debugger, and I can see
non-zero address is loaded into t9, and JALR is executed successfully
in that case. So I guess the problem is with the simulator not
loading the table pointed by GP properly, but as stated above I just
don't know what kind of procedure is to be called here (gdb doesn't
help further here)...
Thanks.