1//===- Relocations.cpp ----------------------------------------------------===// 2// 3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4// See https://llvm.org/LICENSE.txt for license information. 5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6// 7//===----------------------------------------------------------------------===// 8// 9// This file contains platform-independent functions to process relocations. 10// I'll describe the overview of this file here. 11// 12// Simple relocations are easy to handle for the linker. For example, 13// for R_X86_64_PC64 relocs, the linker just has to fix up locations 14// with the relative offsets to the target symbols. It would just be 15// reading records from relocation sections and applying them to output. 16// 17// But not all relocations are that easy to handle. For example, for 18// R_386_GOTOFF relocs, the linker has to create new GOT entries for 19// symbols if they don't exist, and fix up locations with GOT entry 20// offsets from the beginning of GOT section. So there is more than 21// fixing addresses in relocation processing. 22// 23// ELF defines a large number of complex relocations. 24// 25// The functions in this file analyze relocations and do whatever needs 26// to be done. It includes, but not limited to, the following. 27// 28// - create GOT/PLT entries 29// - create new relocations in .dynsym to let the dynamic linker resolve 30// them at runtime (since ELF supports dynamic linking, not all 31// relocations can be resolved at link-time) 32// - create COPY relocs and reserve space in .bss 33// - replace expensive relocs (in terms of runtime cost) with cheap ones 34// - error out infeasible combinations such as PIC and non-relative relocs 35// 36// Note that the functions in this file don't actually apply relocations 37// because it doesn't know about the output file nor the output file buffer. 38// It instead stores Relocation objects to InputSection's Relocations 39// vector to let it apply later in InputSection::writeTo. 40// 41//===----------------------------------------------------------------------===// 42 43#include "Relocations.h" 44#include "Config.h" 45#include "LinkerScript.h" 46#include "OutputSections.h" 47#include "SymbolTable.h" 48#include "Symbols.h" 49#include "SyntheticSections.h" 50#include "Target.h" 51#include "Thunks.h" 52#include "lld/Common/ErrorHandler.h" 53#include "lld/Common/Memory.h" 54#include "lld/Common/Strings.h" 55#include "llvm/ADT/SmallSet.h" 56#include "llvm/Demangle/Demangle.h" 57#include "llvm/Support/Endian.h" 58#include "llvm/Support/raw_ostream.h" 59#include <algorithm> 60 61using namespace llvm; 62using namespace llvm::ELF; 63using namespace llvm::object; 64using namespace llvm::support::endian; 65using namespace lld; 66using namespace lld::elf; 67 68static Optional<std::string> getLinkerScriptLocation(const Symbol &sym) { 69 for (BaseCommand *base : script->sectionCommands) 70 if (auto *cmd = dyn_cast<SymbolAssignment>(base)) 71 if (cmd->sym == &sym) 72 return cmd->location; 73 return None; 74} 75 76static std::string getDefinedLocation(const Symbol &sym) { 77 std::string msg = "\n>>> defined in "; 78 if (sym.file) 79 msg += toString(sym.file); 80 else if (Optional<std::string> loc = getLinkerScriptLocation(sym)) 81 msg += *loc; 82 return msg; 83} 84 85// Construct a message in the following format. 86// 87// >>> defined in /home/alice/src/foo.o 88// >>> referenced by bar.c:12 (/home/alice/src/bar.c:12) 89// >>> /home/alice/src/bar.o:(.text+0x1) 90static std::string getLocation(InputSectionBase &s, const Symbol &sym, 91 uint64_t off) { 92 std::string msg = getDefinedLocation(sym) + "\n>>> referenced by "; 93 std::string src = s.getSrcMsg(sym, off); 94 if (!src.empty()) 95 msg += src + "\n>>> "; 96 return msg + s.getObjMsg(off); 97} 98 99void elf::reportRangeError(uint8_t *loc, const Relocation &rel, const Twine &v, 100 int64_t min, uint64_t max) { 101 ErrorPlace errPlace = getErrorPlace(loc); 102 std::string hint; 103 if (rel.sym && !rel.sym->isLocal()) 104 hint = "; references " + lld::toString(*rel.sym) + 105 getDefinedLocation(*rel.sym); 106 107 if (errPlace.isec && errPlace.isec->name.startswith(".debug")) 108 hint += "; consider recompiling with -fdebug-types-section to reduce size " 109 "of debug sections"; 110 111 errorOrWarn(errPlace.loc + "relocation " + lld::toString(rel.type) + 112 " out of range: " + v.str() + " is not in [" + Twine(min).str() + 113 ", " + Twine(max).str() + "]" + hint); 114} 115 116namespace { 117// Build a bitmask with one bit set for each RelExpr. 118// 119// Constexpr function arguments can't be used in static asserts, so we 120// use template arguments to build the mask. 121// But function template partial specializations don't exist (needed 122// for base case of the recursion), so we need a dummy struct. 123template <RelExpr... Exprs> struct RelExprMaskBuilder { 124 static inline uint64_t build() { return 0; } 125}; 126 127// Specialization for recursive case. 128template <RelExpr Head, RelExpr... Tail> 129struct RelExprMaskBuilder<Head, Tail...> { 130 static inline uint64_t build() { 131 static_assert(0 <= Head && Head < 64, 132 "RelExpr is too large for 64-bit mask!"); 133 return (uint64_t(1) << Head) | RelExprMaskBuilder<Tail...>::build(); 134 } 135}; 136} // namespace 137 138// Return true if `Expr` is one of `Exprs`. 139// There are fewer than 64 RelExpr's, so we can represent any set of 140// RelExpr's as a constant bit mask and test for membership with a 141// couple cheap bitwise operations. 142template <RelExpr... Exprs> bool oneof(RelExpr expr) { 143 assert(0 <= expr && (int)expr < 64 && 144 "RelExpr is too large for 64-bit mask!"); 145 return (uint64_t(1) << expr) & RelExprMaskBuilder<Exprs...>::build(); 146} 147 148// This function is similar to the `handleTlsRelocation`. MIPS does not 149// support any relaxations for TLS relocations so by factoring out MIPS 150// handling in to the separate function we can simplify the code and do not 151// pollute other `handleTlsRelocation` by MIPS `ifs` statements. 152// Mips has a custom MipsGotSection that handles the writing of GOT entries 153// without dynamic relocations. 154static unsigned handleMipsTlsRelocation(RelType type, Symbol &sym, 155 InputSectionBase &c, uint64_t offset, 156 int64_t addend, RelExpr expr) { 157 if (expr == R_MIPS_TLSLD) { 158 in.mipsGot->addTlsIndex(*c.file); 159 c.relocations.push_back({expr, type, offset, addend, &sym}); 160 return 1; 161 } 162 if (expr == R_MIPS_TLSGD) { 163 in.mipsGot->addDynTlsEntry(*c.file, sym); 164 c.relocations.push_back({expr, type, offset, addend, &sym}); 165 return 1; 166 } 167 return 0; 168} 169 170// Notes about General Dynamic and Local Dynamic TLS models below. They may 171// require the generation of a pair of GOT entries that have associated dynamic 172// relocations. The pair of GOT entries created are of the form GOT[e0] Module 173// Index (Used to find pointer to TLS block at run-time) GOT[e1] Offset of 174// symbol in TLS block. 175// 176// Returns the number of relocations processed. 177template <class ELFT> 178static unsigned 179handleTlsRelocation(RelType type, Symbol &sym, InputSectionBase &c, 180 typename ELFT::uint offset, int64_t addend, RelExpr expr) { 181 if (!sym.isTls()) 182 return 0; 183 184 if (config->emachine == EM_MIPS) 185 return handleMipsTlsRelocation(type, sym, c, offset, addend, expr); 186 187 if (oneof<R_AARCH64_TLSDESC_PAGE, R_TLSDESC, R_TLSDESC_CALL, R_TLSDESC_PC>( 188 expr) && 189 config->shared) { 190 if (in.got->addDynTlsEntry(sym)) { 191 uint64_t off = in.got->getGlobalDynOffset(sym); 192 mainPart->relaDyn->addReloc( 193 {target->tlsDescRel, in.got, off, !sym.isPreemptible, &sym, 0}); 194 } 195 if (expr != R_TLSDESC_CALL) 196 c.relocations.push_back({expr, type, offset, addend, &sym}); 197 return 1; 198 } 199 200 bool toExecRelax = !config->shared && config->emachine != EM_ARM && 201 config->emachine != EM_HEXAGON && 202 config->emachine != EM_RISCV; 203 204 // If we are producing an executable and the symbol is non-preemptable, it 205 // must be defined and the code sequence can be relaxed to use Local-Exec. 206 // 207 // ARM and RISC-V do not support any relaxations for TLS relocations, however, 208 // we can omit the DTPMOD dynamic relocations and resolve them at link time 209 // because them are always 1. This may be necessary for static linking as 210 // DTPMOD may not be expected at load time. 211 bool isLocalInExecutable = !sym.isPreemptible && !config->shared; 212 213 // Local Dynamic is for access to module local TLS variables, while still 214 // being suitable for being dynamically loaded via dlopen. GOT[e0] is the 215 // module index, with a special value of 0 for the current module. GOT[e1] is 216 // unused. There only needs to be one module index entry. 217 if (oneof<R_TLSLD_GOT, R_TLSLD_GOTPLT, R_TLSLD_PC, R_TLSLD_HINT>( 218 expr)) { 219 // Local-Dynamic relocs can be relaxed to Local-Exec. 220 if (toExecRelax) { 221 c.relocations.push_back( 222 {target->adjustRelaxExpr(type, nullptr, R_RELAX_TLS_LD_TO_LE), type, 223 offset, addend, &sym}); 224 return target->getTlsGdRelaxSkip(type); 225 } 226 if (expr == R_TLSLD_HINT) 227 return 1; 228 if (in.got->addTlsIndex()) { 229 if (isLocalInExecutable) 230 in.got->relocations.push_back( 231 {R_ADDEND, target->symbolicRel, in.got->getTlsIndexOff(), 1, &sym}); 232 else 233 mainPart->relaDyn->addReloc(target->tlsModuleIndexRel, in.got, 234 in.got->getTlsIndexOff(), nullptr); 235 } 236 c.relocations.push_back({expr, type, offset, addend, &sym}); 237 return 1; 238 } 239 240 // Local-Dynamic relocs can be relaxed to Local-Exec. 241 if (expr == R_DTPREL && toExecRelax) { 242 c.relocations.push_back( 243 {target->adjustRelaxExpr(type, nullptr, R_RELAX_TLS_LD_TO_LE), type, 244 offset, addend, &sym}); 245 return 1; 246 } 247 248 // Local-Dynamic sequence where offset of tls variable relative to dynamic 249 // thread pointer is stored in the got. This cannot be relaxed to Local-Exec. 250 if (expr == R_TLSLD_GOT_OFF) { 251 if (!sym.isInGot()) { 252 in.got->addEntry(sym); 253 uint64_t off = sym.getGotOffset(); 254 in.got->relocations.push_back( 255 {R_ABS, target->tlsOffsetRel, off, 0, &sym}); 256 } 257 c.relocations.push_back({expr, type, offset, addend, &sym}); 258 return 1; 259 } 260 261 if (oneof<R_AARCH64_TLSDESC_PAGE, R_TLSDESC, R_TLSDESC_CALL, R_TLSDESC_PC, 262 R_TLSGD_GOT, R_TLSGD_GOTPLT, R_TLSGD_PC>(expr)) { 263 if (!toExecRelax) { 264 if (in.got->addDynTlsEntry(sym)) { 265 uint64_t off = in.got->getGlobalDynOffset(sym); 266 267 if (isLocalInExecutable) 268 // Write one to the GOT slot. 269 in.got->relocations.push_back( 270 {R_ADDEND, target->symbolicRel, off, 1, &sym}); 271 else 272 mainPart->relaDyn->addReloc(target->tlsModuleIndexRel, in.got, off, &sym); 273 274 // If the symbol is preemptible we need the dynamic linker to write 275 // the offset too. 276 uint64_t offsetOff = off + config->wordsize; 277 if (sym.isPreemptible) 278 mainPart->relaDyn->addReloc(target->tlsOffsetRel, in.got, offsetOff, 279 &sym); 280 else 281 in.got->relocations.push_back( 282 {R_ABS, target->tlsOffsetRel, offsetOff, 0, &sym}); 283 } 284 c.relocations.push_back({expr, type, offset, addend, &sym}); 285 return 1; 286 } 287 288 // Global-Dynamic relocs can be relaxed to Initial-Exec or Local-Exec 289 // depending on the symbol being locally defined or not. 290 if (sym.isPreemptible) { 291 c.relocations.push_back( 292 {target->adjustRelaxExpr(type, nullptr, R_RELAX_TLS_GD_TO_IE), type, 293 offset, addend, &sym}); 294 if (!sym.isInGot()) { 295 in.got->addEntry(sym); 296 mainPart->relaDyn->addReloc(target->tlsGotRel, in.got, sym.getGotOffset(), 297 &sym); 298 } 299 } else { 300 c.relocations.push_back( 301 {target->adjustRelaxExpr(type, nullptr, R_RELAX_TLS_GD_TO_LE), type, 302 offset, addend, &sym}); 303 } 304 return target->getTlsGdRelaxSkip(type); 305 } 306 307 // Initial-Exec relocs can be relaxed to Local-Exec if the symbol is locally 308 // defined. 309 if (oneof<R_GOT, R_GOTPLT, R_GOT_PC, R_AARCH64_GOT_PAGE_PC, R_GOT_OFF, 310 R_TLSIE_HINT>(expr) && 311 toExecRelax && isLocalInExecutable) { 312 c.relocations.push_back({R_RELAX_TLS_IE_TO_LE, type, offset, addend, &sym}); 313 return 1; 314 } 315 316 if (expr == R_TLSIE_HINT) 317 return 1; 318 return 0; 319} 320 321static RelType getMipsPairType(RelType type, bool isLocal) { 322 switch (type) { 323 case R_MIPS_HI16: 324 return R_MIPS_LO16; 325 case R_MIPS_GOT16: 326 // In case of global symbol, the R_MIPS_GOT16 relocation does not 327 // have a pair. Each global symbol has a unique entry in the GOT 328 // and a corresponding instruction with help of the R_MIPS_GOT16 329 // relocation loads an address of the symbol. In case of local 330 // symbol, the R_MIPS_GOT16 relocation creates a GOT entry to hold 331 // the high 16 bits of the symbol's value. A paired R_MIPS_LO16 332 // relocations handle low 16 bits of the address. That allows 333 // to allocate only one GOT entry for every 64 KBytes of local data. 334 return isLocal ? R_MIPS_LO16 : R_MIPS_NONE; 335 case R_MICROMIPS_GOT16: 336 return isLocal ? R_MICROMIPS_LO16 : R_MIPS_NONE; 337 case R_MIPS_PCHI16: 338 return R_MIPS_PCLO16; 339 case R_MICROMIPS_HI16: 340 return R_MICROMIPS_LO16; 341 default: 342 return R_MIPS_NONE; 343 } 344} 345 346// True if non-preemptable symbol always has the same value regardless of where 347// the DSO is loaded. 348static bool isAbsolute(const Symbol &sym) { 349 if (sym.isUndefWeak()) 350 return true; 351 if (const auto *dr = dyn_cast<Defined>(&sym)) 352 return dr->section == nullptr; // Absolute symbol. 353 return false; 354} 355 356static bool isAbsoluteValue(const Symbol &sym) { 357 return isAbsolute(sym) || sym.isTls(); 358} 359 360// Returns true if Expr refers a PLT entry. 361static bool needsPlt(RelExpr expr) { 362 return oneof<R_PLT_PC, R_PPC32_PLTREL, R_PPC64_CALL_PLT, R_PLT>(expr); 363} 364 365// Returns true if Expr refers a GOT entry. Note that this function 366// returns false for TLS variables even though they need GOT, because 367// TLS variables uses GOT differently than the regular variables. 368static bool needsGot(RelExpr expr) { 369 return oneof<R_GOT, R_GOT_OFF, R_MIPS_GOT_LOCAL_PAGE, R_MIPS_GOT_OFF, 370 R_MIPS_GOT_OFF32, R_AARCH64_GOT_PAGE_PC, R_GOT_PC, R_GOTPLT>( 371 expr); 372} 373 374// True if this expression is of the form Sym - X, where X is a position in the 375// file (PC, or GOT for example). 376static bool isRelExpr(RelExpr expr) { 377 return oneof<R_PC, R_GOTREL, R_GOTPLTREL, R_MIPS_GOTREL, R_PPC64_CALL, 378 R_PPC64_RELAX_TOC, R_AARCH64_PAGE_PC, R_RELAX_GOT_PC, 379 R_RISCV_PC_INDIRECT>(expr); 380} 381 382// Returns true if a given relocation can be computed at link-time. 383// 384// For instance, we know the offset from a relocation to its target at 385// link-time if the relocation is PC-relative and refers a 386// non-interposable function in the same executable. This function 387// will return true for such relocation. 388// 389// If this function returns false, that means we need to emit a 390// dynamic relocation so that the relocation will be fixed at load-time. 391static bool isStaticLinkTimeConstant(RelExpr e, RelType type, const Symbol &sym, 392 InputSectionBase &s, uint64_t relOff) { 393 // These expressions always compute a constant 394 if (oneof<R_DTPREL, R_GOTPLT, R_GOT_OFF, R_TLSLD_GOT_OFF, 395 R_MIPS_GOT_LOCAL_PAGE, R_MIPS_GOTREL, R_MIPS_GOT_OFF, 396 R_MIPS_GOT_OFF32, R_MIPS_GOT_GP_PC, R_MIPS_TLSGD, 397 R_AARCH64_GOT_PAGE_PC, R_GOT_PC, R_GOTONLY_PC, R_GOTPLTONLY_PC, 398 R_PLT_PC, R_TLSGD_GOT, R_TLSGD_GOTPLT, R_TLSGD_PC, R_PPC32_PLTREL, 399 R_PPC64_CALL_PLT, R_PPC64_RELAX_TOC, R_RISCV_ADD, R_TLSDESC_CALL, 400 R_TLSDESC_PC, R_AARCH64_TLSDESC_PAGE, R_TLSLD_HINT, R_TLSIE_HINT>( 401 e)) 402 return true; 403 404 // These never do, except if the entire file is position dependent or if 405 // only the low bits are used. 406 if (e == R_GOT || e == R_PLT || e == R_TLSDESC) 407 return target->usesOnlyLowPageBits(type) || !config->isPic; 408 409 if (sym.isPreemptible) 410 return false; 411 if (!config->isPic) 412 return true; 413 414 // The size of a non preemptible symbol is a constant. 415 if (e == R_SIZE) 416 return true; 417 418 // For the target and the relocation, we want to know if they are 419 // absolute or relative. 420 bool absVal = isAbsoluteValue(sym); 421 bool relE = isRelExpr(e); 422 if (absVal && !relE) 423 return true; 424 if (!absVal && relE) 425 return true; 426 if (!absVal && !relE) 427 return target->usesOnlyLowPageBits(type); 428 429 assert(absVal && relE); 430 431 // Allow R_PLT_PC (optimized to R_PC here) to a hidden undefined weak symbol 432 // in PIC mode. This is a little strange, but it allows us to link function 433 // calls to such symbols (e.g. glibc/stdlib/exit.c:__run_exit_handlers). 434 // Normally such a call will be guarded with a comparison, which will load a 435 // zero from the GOT. 436 if (sym.isUndefWeak()) 437 return true; 438 439 // We set the final symbols values for linker script defined symbols later. 440 // They always can be computed as a link time constant. 441 if (sym.scriptDefined) 442 return true; 443 444 error("relocation " + toString(type) + " cannot refer to absolute symbol: " + 445 toString(sym) + getLocation(s, sym, relOff)); 446 return true; 447} 448 449static RelExpr toPlt(RelExpr expr) { 450 switch (expr) { 451 case R_PPC64_CALL: 452 return R_PPC64_CALL_PLT; 453 case R_PC: 454 return R_PLT_PC; 455 case R_ABS: 456 return R_PLT; 457 default: 458 return expr; 459 } 460} 461 462static RelExpr fromPlt(RelExpr expr) { 463 // We decided not to use a plt. Optimize a reference to the plt to a 464 // reference to the symbol itself. 465 switch (expr) { 466 case R_PLT_PC: 467 case R_PPC32_PLTREL: 468 return R_PC; 469 case R_PPC64_CALL_PLT: 470 return R_PPC64_CALL; 471 case R_PLT: 472 return R_ABS; 473 default: 474 return expr; 475 } 476} 477 478// Returns true if a given shared symbol is in a read-only segment in a DSO. 479template <class ELFT> static bool isReadOnly(SharedSymbol &ss) { 480 using Elf_Phdr = typename ELFT::Phdr; 481 482 // Determine if the symbol is read-only by scanning the DSO's program headers. 483 const SharedFile &file = ss.getFile(); 484 for (const Elf_Phdr &phdr : 485 check(file.template getObj<ELFT>().program_headers())) 486 if ((phdr.p_type == ELF::PT_LOAD || phdr.p_type == ELF::PT_GNU_RELRO) && 487 !(phdr.p_flags & ELF::PF_W) && ss.value >= phdr.p_vaddr && 488 ss.value < phdr.p_vaddr + phdr.p_memsz) 489 return true; 490 return false; 491} 492 493// Returns symbols at the same offset as a given symbol, including SS itself. 494// 495// If two or more symbols are at the same offset, and at least one of 496// them are copied by a copy relocation, all of them need to be copied. 497// Otherwise, they would refer to different places at runtime. 498template <class ELFT> 499static SmallSet<SharedSymbol *, 4> getSymbolsAt(SharedSymbol &ss) { 500 using Elf_Sym = typename ELFT::Sym; 501 502 SharedFile &file = ss.getFile(); 503 504 SmallSet<SharedSymbol *, 4> ret; 505 for (const Elf_Sym &s : file.template getGlobalELFSyms<ELFT>()) { 506 if (s.st_shndx == SHN_UNDEF || s.st_shndx == SHN_ABS || 507 s.getType() == STT_TLS || s.st_value != ss.value) 508 continue; 509 StringRef name = check(s.getName(file.getStringTable())); 510 Symbol *sym = symtab->find(name); 511 if (auto *alias = dyn_cast_or_null<SharedSymbol>(sym)) 512 ret.insert(alias); 513 } 514 return ret; 515} 516 517// When a symbol is copy relocated or we create a canonical plt entry, it is 518// effectively a defined symbol. In the case of copy relocation the symbol is 519// in .bss and in the case of a canonical plt entry it is in .plt. This function 520// replaces the existing symbol with a Defined pointing to the appropriate 521// location. 522static void replaceWithDefined(Symbol &sym, SectionBase *sec, uint64_t value, 523 uint64_t size) { 524 Symbol old = sym; 525 526 sym.replace(Defined{sym.file, sym.getName(), sym.binding, sym.stOther, 527 sym.type, value, size, sec}); 528 529 sym.pltIndex = old.pltIndex; 530 sym.gotIndex = old.gotIndex; 531 sym.verdefIndex = old.verdefIndex; 532 sym.exportDynamic = true; 533 sym.isUsedInRegularObj = true; 534} 535 536// Reserve space in .bss or .bss.rel.ro for copy relocation. 537// 538// The copy relocation is pretty much a hack. If you use a copy relocation 539// in your program, not only the symbol name but the symbol's size, RW/RO 540// bit and alignment become part of the ABI. In addition to that, if the 541// symbol has aliases, the aliases become part of the ABI. That's subtle, 542// but if you violate that implicit ABI, that can cause very counter- 543// intuitive consequences. 544// 545// So, what is the copy relocation? It's for linking non-position 546// independent code to DSOs. In an ideal world, all references to data 547// exported by DSOs should go indirectly through GOT. But if object files 548// are compiled as non-PIC, all data references are direct. There is no 549// way for the linker to transform the code to use GOT, as machine 550// instructions are already set in stone in object files. This is where 551// the copy relocation takes a role. 552// 553// A copy relocation instructs the dynamic linker to copy data from a DSO 554// to a specified address (which is usually in .bss) at load-time. If the 555// static linker (that's us) finds a direct data reference to a DSO 556// symbol, it creates a copy relocation, so that the symbol can be 557// resolved as if it were in .bss rather than in a DSO. 558// 559// As you can see in this function, we create a copy relocation for the 560// dynamic linker, and the relocation contains not only symbol name but 561// various other information about the symbol. So, such attributes become a 562// part of the ABI. 563// 564// Note for application developers: I can give you a piece of advice if 565// you are writing a shared library. You probably should export only 566// functions from your library. You shouldn't export variables. 567// 568// As an example what can happen when you export variables without knowing 569// the semantics of copy relocations, assume that you have an exported 570// variable of type T. It is an ABI-breaking change to add new members at 571// end of T even though doing that doesn't change the layout of the 572// existing members. That's because the space for the new members are not 573// reserved in .bss unless you recompile the main program. That means they 574// are likely to overlap with other data that happens to be laid out next 575// to the variable in .bss. This kind of issue is sometimes very hard to 576// debug. What's a solution? Instead of exporting a variable V from a DSO, 577// define an accessor getV(). 578template <class ELFT> static void addCopyRelSymbol(SharedSymbol &ss) { 579 // Copy relocation against zero-sized symbol doesn't make sense. 580 uint64_t symSize = ss.getSize(); 581 if (symSize == 0 || ss.alignment == 0) 582 fatal("cannot create a copy relocation for symbol " + toString(ss)); 583 584 // See if this symbol is in a read-only segment. If so, preserve the symbol's 585 // memory protection by reserving space in the .bss.rel.ro section. 586 bool isRO = isReadOnly<ELFT>(ss); 587 BssSection *sec = 588 make<BssSection>(isRO ? ".bss.rel.ro" : ".bss", symSize, ss.alignment); 589 OutputSection *osec = (isRO ? in.bssRelRo : in.bss)->getParent(); 590 591 // At this point, sectionBases has been migrated to sections. Append sec to 592 // sections. 593 if (osec->sectionCommands.empty() || 594 !isa<InputSectionDescription>(osec->sectionCommands.back())) 595 osec->sectionCommands.push_back(make<InputSectionDescription>("")); 596 auto *isd = cast<InputSectionDescription>(osec->sectionCommands.back()); 597 isd->sections.push_back(sec); 598 osec->commitSection(sec); 599 600 // Look through the DSO's dynamic symbol table for aliases and create a 601 // dynamic symbol for each one. This causes the copy relocation to correctly 602 // interpose any aliases. 603 for (SharedSymbol *sym : getSymbolsAt<ELFT>(ss)) 604 replaceWithDefined(*sym, sec, 0, sym->size); 605 606 mainPart->relaDyn->addReloc(target->copyRel, sec, 0, &ss); 607} 608 609// MIPS has an odd notion of "paired" relocations to calculate addends. 610// For example, if a relocation is of R_MIPS_HI16, there must be a 611// R_MIPS_LO16 relocation after that, and an addend is calculated using 612// the two relocations. 613template <class ELFT, class RelTy> 614static int64_t computeMipsAddend(const RelTy &rel, const RelTy *end, 615 InputSectionBase &sec, RelExpr expr, 616 bool isLocal) { 617 if (expr == R_MIPS_GOTREL && isLocal) 618 return sec.getFile<ELFT>()->mipsGp0; 619 620 // The ABI says that the paired relocation is used only for REL. 621 // See p. 4-17 at ftp://www.linux-mips.org/pub/linux/mips/doc/ABI/mipsabi.pdf 622 if (RelTy::IsRela) 623 return 0; 624 625 RelType type = rel.getType(config->isMips64EL); 626 uint32_t pairTy = getMipsPairType(type, isLocal); 627 if (pairTy == R_MIPS_NONE) 628 return 0; 629 630 const uint8_t *buf = sec.data().data(); 631 uint32_t symIndex = rel.getSymbol(config->isMips64EL); 632 633 // To make things worse, paired relocations might not be contiguous in 634 // the relocation table, so we need to do linear search. *sigh* 635 for (const RelTy *ri = &rel; ri != end; ++ri) 636 if (ri->getType(config->isMips64EL) == pairTy && 637 ri->getSymbol(config->isMips64EL) == symIndex) 638 return target->getImplicitAddend(buf + ri->r_offset, pairTy); 639 640 warn("can't find matching " + toString(pairTy) + " relocation for " + 641 toString(type)); 642 return 0; 643} 644 645// Returns an addend of a given relocation. If it is RELA, an addend 646// is in a relocation itself. If it is REL, we need to read it from an 647// input section. 648template <class ELFT, class RelTy> 649static int64_t computeAddend(const RelTy &rel, const RelTy *end, 650 InputSectionBase &sec, RelExpr expr, 651 bool isLocal) { 652 int64_t addend; 653 RelType type = rel.getType(config->isMips64EL); 654 655 if (RelTy::IsRela) { 656 addend = getAddend<ELFT>(rel); 657 } else { 658 const uint8_t *buf = sec.data().data(); 659 addend = target->getImplicitAddend(buf + rel.r_offset, type); 660 } 661 662 if (config->emachine == EM_PPC64 && config->isPic && type == R_PPC64_TOC) 663 addend += getPPC64TocBase(); 664 if (config->emachine == EM_MIPS) 665 addend += computeMipsAddend<ELFT>(rel, end, sec, expr, isLocal); 666 667 return addend; 668} 669 670// Custom error message if Sym is defined in a discarded section. 671template <class ELFT> 672static std::string maybeReportDiscarded(Undefined &sym) { 673 auto *file = dyn_cast_or_null<ObjFile<ELFT>>(sym.file); 674 if (!file || !sym.discardedSecIdx || 675 file->getSections()[sym.discardedSecIdx] != &InputSection::discarded) 676 return ""; 677 ArrayRef<Elf_Shdr_Impl<ELFT>> objSections = 678 CHECK(file->getObj().sections(), file); 679 680 std::string msg; 681 if (sym.type == ELF::STT_SECTION) { 682 msg = "relocation refers to a discarded section: "; 683 msg += CHECK( 684 file->getObj().getSectionName(&objSections[sym.discardedSecIdx]), file); 685 } else { 686 msg = "relocation refers to a symbol in a discarded section: " + 687 toString(sym); 688 } 689 msg += "\n>>> defined in " + toString(file); 690 691 Elf_Shdr_Impl<ELFT> elfSec = objSections[sym.discardedSecIdx - 1]; 692 if (elfSec.sh_type != SHT_GROUP) 693 return msg; 694 695 // If the discarded section is a COMDAT. 696 StringRef signature = file->getShtGroupSignature(objSections, elfSec); 697 if (const InputFile *prevailing = 698 symtab->comdatGroups.lookup(CachedHashStringRef(signature))) 699 msg += "\n>>> section group signature: " + signature.str() + 700 "\n>>> prevailing definition is in " + toString(prevailing); 701 return msg; 702} 703 704// Undefined diagnostics are collected in a vector and emitted once all of 705// them are known, so that some postprocessing on the list of undefined symbols 706// can happen before lld emits diagnostics. 707struct UndefinedDiag { 708 Symbol *sym; 709 struct Loc { 710 InputSectionBase *sec; 711 uint64_t offset; 712 }; 713 std::vector<Loc> locs; 714 bool isWarning; 715}; 716 717static std::vector<UndefinedDiag> undefs; 718 719// Check whether the definition name def is a mangled function name that matches 720// the reference name ref. 721static bool canSuggestExternCForCXX(StringRef ref, StringRef def) { 722 llvm::ItaniumPartialDemangler d; 723 std::string name = def.str(); 724 if (d.partialDemangle(name.c_str())) 725 return false; 726 char *buf = d.getFunctionName(nullptr, nullptr); 727 if (!buf) 728 return false; 729 bool ret = ref == buf; 730 free(buf); 731 return ret; 732} 733 734// Suggest an alternative spelling of an "undefined symbol" diagnostic. Returns 735// the suggested symbol, which is either in the symbol table, or in the same 736// file of sym. 737template <class ELFT> 738static const Symbol *getAlternativeSpelling(const Undefined &sym, 739 std::string &pre_hint, 740 std::string &post_hint) { 741 DenseMap<StringRef, const Symbol *> map; 742 if (auto *file = dyn_cast_or_null<ObjFile<ELFT>>(sym.file)) { 743 // If sym is a symbol defined in a discarded section, maybeReportDiscarded() 744 // will give an error. Don't suggest an alternative spelling. 745 if (file && sym.discardedSecIdx != 0 && 746 file->getSections()[sym.discardedSecIdx] == &InputSection::discarded) 747 return nullptr; 748 749 // Build a map of local defined symbols. 750 for (const Symbol *s : sym.file->getSymbols()) 751 if (s->isLocal() && s->isDefined()) 752 map.try_emplace(s->getName(), s); 753 } 754 755 auto suggest = [&](StringRef newName) -> const Symbol * { 756 // If defined locally. 757 if (const Symbol *s = map.lookup(newName)) 758 return s; 759 760 // If in the symbol table and not undefined. 761 if (const Symbol *s = symtab->find(newName)) 762 if (!s->isUndefined()) 763 return s; 764 765 return nullptr; 766 }; 767 768 // This loop enumerates all strings of Levenshtein distance 1 as typo 769 // correction candidates and suggests the one that exists as a non-undefined 770 // symbol. 771 StringRef name = sym.getName(); 772 for (size_t i = 0, e = name.size(); i != e + 1; ++i) { 773 // Insert a character before name[i]. 774 std::string newName = (name.substr(0, i) + "0" + name.substr(i)).str(); 775 for (char c = '0'; c <= 'z'; ++c) { 776 newName[i] = c; 777 if (const Symbol *s = suggest(newName)) 778 return s; 779 } 780 if (i == e) 781 break; 782 783 // Substitute name[i]. 784 newName = std::string(name); 785 for (char c = '0'; c <= 'z'; ++c) { 786 newName[i] = c; 787 if (const Symbol *s = suggest(newName)) 788 return s; 789 } 790 791 // Transpose name[i] and name[i+1]. This is of edit distance 2 but it is 792 // common. 793 if (i + 1 < e) { 794 newName[i] = name[i + 1]; 795 newName[i + 1] = name[i]; 796 if (const Symbol *s = suggest(newName)) 797 return s; 798 } 799 800 // Delete name[i]. 801 newName = (name.substr(0, i) + name.substr(i + 1)).str(); 802 if (const Symbol *s = suggest(newName)) 803 return s; 804 } 805 806 // Case mismatch, e.g. Foo vs FOO. 807 for (auto &it : map) 808 if (name.equals_lower(it.first)) 809 return it.second; 810 for (Symbol *sym : symtab->symbols()) 811 if (!sym->isUndefined() && name.equals_lower(sym->getName())) 812 return sym; 813 814 // The reference may be a mangled name while the definition is not. Suggest a 815 // missing extern "C". 816 if (name.startswith("_Z")) { 817 std::string buf = name.str(); 818 llvm::ItaniumPartialDemangler d; 819 if (!d.partialDemangle(buf.c_str())) 820 if (char *buf = d.getFunctionName(nullptr, nullptr)) { 821 const Symbol *s = suggest(buf); 822 free(buf); 823 if (s) { 824 pre_hint = ": extern \"C\" "; 825 return s; 826 } 827 } 828 } else { 829 const Symbol *s = nullptr; 830 for (auto &it : map) 831 if (canSuggestExternCForCXX(name, it.first)) { 832 s = it.second; 833 break; 834 } 835 if (!s) 836 for (Symbol *sym : symtab->symbols()) 837 if (canSuggestExternCForCXX(name, sym->getName())) { 838 s = sym; 839 break; 840 } 841 if (s) { 842 pre_hint = " to declare "; 843 post_hint = " as extern \"C\"?"; 844 return s; 845 } 846 } 847 848 return nullptr; 849} 850 851template <class ELFT> 852static void reportUndefinedSymbol(const UndefinedDiag &undef, 853 bool correctSpelling) { 854 Symbol &sym = *undef.sym; 855 856 auto visibility = [&]() -> std::string { 857 switch (sym.visibility) { 858 case STV_INTERNAL: 859 return "internal "; 860 case STV_HIDDEN: 861 return "hidden "; 862 case STV_PROTECTED: 863 return "protected "; 864 default: 865 return ""; 866 } 867 }; 868 869 std::string msg = maybeReportDiscarded<ELFT>(cast<Undefined>(sym)); 870 if (msg.empty()) 871 msg = "undefined " + visibility() + "symbol: " + toString(sym); 872 873 const size_t maxUndefReferences = 3; 874 size_t i = 0; 875 for (UndefinedDiag::Loc l : undef.locs) { 876 if (i >= maxUndefReferences) 877 break; 878 InputSectionBase &sec = *l.sec; 879 uint64_t offset = l.offset; 880 881 msg += "\n>>> referenced by "; 882 std::string src = sec.getSrcMsg(sym, offset); 883 if (!src.empty()) 884 msg += src + "\n>>> "; 885 msg += sec.getObjMsg(offset); 886 i++; 887 } 888 889 if (i < undef.locs.size()) 890 msg += ("\n>>> referenced " + Twine(undef.locs.size() - i) + " more times") 891 .str(); 892 893 if (correctSpelling) { 894 std::string pre_hint = ": ", post_hint; 895 if (const Symbol *corrected = getAlternativeSpelling<ELFT>( 896 cast<Undefined>(sym), pre_hint, post_hint)) { 897 msg += "\n>>> did you mean" + pre_hint + toString(*corrected) + post_hint; 898 if (corrected->file) 899 msg += "\n>>> defined in: " + toString(corrected->file); 900 } 901 } 902 903 if (sym.getName().startswith("_ZTV")) 904 msg += 905 "\n>>> the vtable symbol may be undefined because the class is missing " 906 "its key function (see https://lld.llvm.org/missingkeyfunction)"; 907 908 if (undef.isWarning) 909 warn(msg); 910 else 911 error(msg); 912} 913 914template <class ELFT> void elf::reportUndefinedSymbols() { 915 // Find the first "undefined symbol" diagnostic for each diagnostic, and 916 // collect all "referenced from" lines at the first diagnostic. 917 DenseMap<Symbol *, UndefinedDiag *> firstRef; 918 for (UndefinedDiag &undef : undefs) { 919 assert(undef.locs.size() == 1); 920 if (UndefinedDiag *canon = firstRef.lookup(undef.sym)) { 921 canon->locs.push_back(undef.locs[0]); 922 undef.locs.clear(); 923 } else 924 firstRef[undef.sym] = &undef; 925 } 926 927 // Enable spell corrector for the first 2 diagnostics. 928 for (auto it : enumerate(undefs)) 929 if (!it.value().locs.empty()) 930 reportUndefinedSymbol<ELFT>(it.value(), it.index() < 2); 931 undefs.clear(); 932} 933 934// Report an undefined symbol if necessary. 935// Returns true if the undefined symbol will produce an error message. 936static bool maybeReportUndefined(Symbol &sym, InputSectionBase &sec, 937 uint64_t offset) { 938 if (!sym.isUndefined() || sym.isWeak()) 939 return false; 940 941 bool canBeExternal = !sym.isLocal() && sym.visibility == STV_DEFAULT; 942 if (config->unresolvedSymbols == UnresolvedPolicy::Ignore && canBeExternal) 943 return false; 944 945 // clang (as of 2019-06-12) / gcc (as of 8.2.1) PPC64 may emit a .rela.toc 946 // which references a switch table in a discarded .rodata/.text section. The 947 // .toc and the .rela.toc are incorrectly not placed in the comdat. The ELF 948 // spec says references from outside the group to a STB_LOCAL symbol are not 949 // allowed. Work around the bug. 950 // 951 // PPC32 .got2 is similar but cannot be fixed. Multiple .got2 is infeasible 952 // because .LC0-.LTOC is not representable if the two labels are in different 953 // .got2 954 if (cast<Undefined>(sym).discardedSecIdx != 0 && 955 (sec.name == ".got2" || sec.name == ".toc")) 956 return false; 957 958 bool isWarning = 959 (config->unresolvedSymbols == UnresolvedPolicy::Warn && canBeExternal) || 960 config->noinhibitExec; 961 undefs.push_back({&sym, {{&sec, offset}}, isWarning}); 962 return !isWarning; 963} 964 965// MIPS N32 ABI treats series of successive relocations with the same offset 966// as a single relocation. The similar approach used by N64 ABI, but this ABI 967// packs all relocations into the single relocation record. Here we emulate 968// this for the N32 ABI. Iterate over relocation with the same offset and put 969// theirs types into the single bit-set. 970template <class RelTy> static RelType getMipsN32RelType(RelTy *&rel, RelTy *end) { 971 RelType type = 0; 972 uint64_t offset = rel->r_offset; 973 974 int n = 0; 975 while (rel != end && rel->r_offset == offset) 976 type |= (rel++)->getType(config->isMips64EL) << (8 * n++); 977 return type; 978} 979 980// .eh_frame sections are mergeable input sections, so their input 981// offsets are not linearly mapped to output section. For each input 982// offset, we need to find a section piece containing the offset and 983// add the piece's base address to the input offset to compute the 984// output offset. That isn't cheap. 985// 986// This class is to speed up the offset computation. When we process 987// relocations, we access offsets in the monotonically increasing 988// order. So we can optimize for that access pattern. 989// 990// For sections other than .eh_frame, this class doesn't do anything. 991namespace { 992class OffsetGetter { 993public: 994 explicit OffsetGetter(InputSectionBase &sec) { 995 if (auto *eh = dyn_cast<EhInputSection>(&sec)) 996 pieces = eh->pieces; 997 } 998 999 // Translates offsets in input sections to offsets in output sections. 1000 // Given offset must increase monotonically. We assume that Piece is 1001 // sorted by inputOff. 1002 uint64_t get(uint64_t off) { 1003 if (pieces.empty()) 1004 return off; 1005 1006 while (i != pieces.size() && pieces[i].inputOff + pieces[i].size <= off) 1007 ++i; 1008 if (i == pieces.size()) 1009 fatal(".eh_frame: relocation is not in any piece"); 1010 1011 // Pieces must be contiguous, so there must be no holes in between. 1012 assert(pieces[i].inputOff <= off && "Relocation not in any piece"); 1013 1014 // Offset -1 means that the piece is dead (i.e. garbage collected). 1015 if (pieces[i].outputOff == -1) 1016 return -1; 1017 return pieces[i].outputOff + off - pieces[i].inputOff; 1018 } 1019 1020private: 1021 ArrayRef<EhSectionPiece> pieces; 1022 size_t i = 0; 1023}; 1024} // namespace 1025 1026static void addRelativeReloc(InputSectionBase *isec, uint64_t offsetInSec, 1027 Symbol *sym, int64_t addend, RelExpr expr, 1028 RelType type) { 1029 Partition &part = isec->getPartition(); 1030 1031 // Add a relative relocation. If relrDyn section is enabled, and the 1032 // relocation offset is guaranteed to be even, add the relocation to 1033 // the relrDyn section, otherwise add it to the relaDyn section. 1034 // relrDyn sections don't support odd offsets. Also, relrDyn sections 1035 // don't store the addend values, so we must write it to the relocated 1036 // address. 1037 if (part.relrDyn && isec->alignment >= 2 && offsetInSec % 2 == 0) { 1038 isec->relocations.push_back({expr, type, offsetInSec, addend, sym}); 1039 part.relrDyn->relocs.push_back({isec, offsetInSec}); 1040 return; 1041 } 1042 part.relaDyn->addReloc(target->relativeRel, isec, offsetInSec, sym, addend, 1043 expr, type); 1044} 1045 1046template <class PltSection, class GotPltSection> 1047static void addPltEntry(PltSection *plt, GotPltSection *gotPlt, 1048 RelocationBaseSection *rel, RelType type, Symbol &sym) { 1049 plt->addEntry(sym); 1050 gotPlt->addEntry(sym); 1051 rel->addReloc( 1052 {type, gotPlt, sym.getGotPltOffset(), !sym.isPreemptible, &sym, 0}); 1053} 1054 1055static void addGotEntry(Symbol &sym) { 1056 in.got->addEntry(sym); 1057 1058 RelExpr expr = sym.isTls() ? R_TLS : R_ABS; 1059 uint64_t off = sym.getGotOffset(); 1060 1061 // If a GOT slot value can be calculated at link-time, which is now, 1062 // we can just fill that out. 1063 // 1064 // (We don't actually write a value to a GOT slot right now, but we 1065 // add a static relocation to a Relocations vector so that 1066 // InputSection::relocate will do the work for us. We may be able 1067 // to just write a value now, but it is a TODO.) 1068 bool isLinkTimeConstant = 1069 !sym.isPreemptible && (!config->isPic || isAbsolute(sym)); 1070 if (isLinkTimeConstant) { 1071 in.got->relocations.push_back({expr, target->symbolicRel, off, 0, &sym}); 1072 return; 1073 } 1074 1075 // Otherwise, we emit a dynamic relocation to .rel[a].dyn so that 1076 // the GOT slot will be fixed at load-time. 1077 if (!sym.isTls() && !sym.isPreemptible && config->isPic && !isAbsolute(sym)) { 1078 addRelativeReloc(in.got, off, &sym, 0, R_ABS, target->symbolicRel); 1079 return; 1080 } 1081 mainPart->relaDyn->addReloc( 1082 sym.isTls() ? target->tlsGotRel : target->gotRel, in.got, off, &sym, 0, 1083 sym.isPreemptible ? R_ADDEND : R_ABS, target->symbolicRel); 1084} 1085 1086// Return true if we can define a symbol in the executable that 1087// contains the value/function of a symbol defined in a shared 1088// library. 1089static bool canDefineSymbolInExecutable(Symbol &sym) { 1090 // If the symbol has default visibility the symbol defined in the 1091 // executable will preempt it. 1092 // Note that we want the visibility of the shared symbol itself, not 1093 // the visibility of the symbol in the output file we are producing. That is 1094 // why we use Sym.stOther. 1095 if ((sym.stOther & 0x3) == STV_DEFAULT) 1096 return true; 1097 1098 // If we are allowed to break address equality of functions, defining 1099 // a plt entry will allow the program to call the function in the 1100 // .so, but the .so and the executable will no agree on the address 1101 // of the function. Similar logic for objects. 1102 return ((sym.isFunc() && config->ignoreFunctionAddressEquality) || 1103 (sym.isObject() && config->ignoreDataAddressEquality)); 1104} 1105 1106// The reason we have to do this early scan is as follows 1107// * To mmap the output file, we need to know the size 1108// * For that, we need to know how many dynamic relocs we will have. 1109// It might be possible to avoid this by outputting the file with write: 1110// * Write the allocated output sections, computing addresses. 1111// * Apply relocations, recording which ones require a dynamic reloc. 1112// * Write the dynamic relocations. 1113// * Write the rest of the file. 1114// This would have some drawbacks. For example, we would only know if .rela.dyn 1115// is needed after applying relocations. If it is, it will go after rw and rx 1116// sections. Given that it is ro, we will need an extra PT_LOAD. This 1117// complicates things for the dynamic linker and means we would have to reserve 1118// space for the extra PT_LOAD even if we end up not using it. 1119template <class ELFT, class RelTy> 1120static void processRelocAux(InputSectionBase &sec, RelExpr expr, RelType type, 1121 uint64_t offset, Symbol &sym, const RelTy &rel, 1122 int64_t addend) { 1123 // If the relocation is known to be a link-time constant, we know no dynamic 1124 // relocation will be created, pass the control to relocateAlloc() or 1125 // relocateNonAlloc() to resolve it. 1126 // 1127 // The behavior of an undefined weak reference is implementation defined. If 1128 // the relocation is to a weak undef, and we are producing an executable, let 1129 // relocate{,Non}Alloc() resolve it. 1130 if (isStaticLinkTimeConstant(expr, type, sym, sec, offset) || 1131 (!config->shared && sym.isUndefWeak())) { 1132 sec.relocations.push_back({expr, type, offset, addend, &sym}); 1133 return; 1134 } 1135 1136 bool canWrite = (sec.flags & SHF_WRITE) || !config->zText; 1137 if (canWrite) { 1138 RelType rel = target->getDynRel(type); 1139 if (expr == R_GOT || (rel == target->symbolicRel && !sym.isPreemptible)) { 1140 addRelativeReloc(&sec, offset, &sym, addend, expr, type); 1141 return; 1142 } else if (rel != 0) { 1143 if (config->emachine == EM_MIPS && rel == target->symbolicRel) 1144 rel = target->relativeRel; 1145 sec.getPartition().relaDyn->addReloc(rel, &sec, offset, &sym, addend, 1146 R_ADDEND, type); 1147 1148 // MIPS ABI turns using of GOT and dynamic relocations inside out. 1149 // While regular ABI uses dynamic relocations to fill up GOT entries 1150 // MIPS ABI requires dynamic linker to fills up GOT entries using 1151 // specially sorted dynamic symbol table. This affects even dynamic 1152 // relocations against symbols which do not require GOT entries 1153 // creation explicitly, i.e. do not have any GOT-relocations. So if 1154 // a preemptible symbol has a dynamic relocation we anyway have 1155 // to create a GOT entry for it. 1156 // If a non-preemptible symbol has a dynamic relocation against it, 1157 // dynamic linker takes it st_value, adds offset and writes down 1158 // result of the dynamic relocation. In case of preemptible symbol 1159 // dynamic linker performs symbol resolution, writes the symbol value 1160 // to the GOT entry and reads the GOT entry when it needs to perform 1161 // a dynamic relocation. 1162 // ftp://www.linux-mips.org/pub/linux/mips/doc/ABI/mipsabi.pdf p.4-19 1163 if (config->emachine == EM_MIPS) 1164 in.mipsGot->addEntry(*sec.file, sym, addend, expr); 1165 return; 1166 } 1167 } 1168 1169 // When producing an executable, we can perform copy relocations (for 1170 // STT_OBJECT) and canonical PLT (for STT_FUNC). 1171 if (!config->shared) { 1172 if (!canDefineSymbolInExecutable(sym)) { 1173 errorOrWarn("cannot preempt symbol: " + toString(sym) + 1174 getLocation(sec, sym, offset)); 1175 return; 1176 } 1177 1178 if (sym.isObject()) { 1179 // Produce a copy relocation. 1180 if (auto *ss = dyn_cast<SharedSymbol>(&sym)) { 1181 if (!config->zCopyreloc) 1182 error("unresolvable relocation " + toString(type) + 1183 " against symbol '" + toString(*ss) + 1184 "'; recompile with -fPIC or remove '-z nocopyreloc'" + 1185 getLocation(sec, sym, offset)); 1186 addCopyRelSymbol<ELFT>(*ss); 1187 } 1188 sec.relocations.push_back({expr, type, offset, addend, &sym}); 1189 return; 1190 } 1191 1192 // This handles a non PIC program call to function in a shared library. In 1193 // an ideal world, we could just report an error saying the relocation can 1194 // overflow at runtime. In the real world with glibc, crt1.o has a 1195 // R_X86_64_PC32 pointing to libc.so. 1196 // 1197 // The general idea on how to handle such cases is to create a PLT entry and 1198 // use that as the function value. 1199 // 1200 // For the static linking part, we just return a plt expr and everything 1201 // else will use the PLT entry as the address. 1202 // 1203 // The remaining problem is making sure pointer equality still works. We 1204 // need the help of the dynamic linker for that. We let it know that we have 1205 // a direct reference to a so symbol by creating an undefined symbol with a 1206 // non zero st_value. Seeing that, the dynamic linker resolves the symbol to 1207 // the value of the symbol we created. This is true even for got entries, so 1208 // pointer equality is maintained. To avoid an infinite loop, the only entry 1209 // that points to the real function is a dedicated got entry used by the 1210 // plt. That is identified by special relocation types (R_X86_64_JUMP_SLOT, 1211 // R_386_JMP_SLOT, etc). 1212 1213 // For position independent executable on i386, the plt entry requires ebx 1214 // to be set. This causes two problems: 1215 // * If some code has a direct reference to a function, it was probably 1216 // compiled without -fPIE/-fPIC and doesn't maintain ebx. 1217 // * If a library definition gets preempted to the executable, it will have 1218 // the wrong ebx value. 1219 if (sym.isFunc()) { 1220 if (config->pie && config->emachine == EM_386) 1221 errorOrWarn("symbol '" + toString(sym) + 1222 "' cannot be preempted; recompile with -fPIE" + 1223 getLocation(sec, sym, offset)); 1224 if (!sym.isInPlt()) 1225 addPltEntry(in.plt, in.gotPlt, in.relaPlt, target->pltRel, sym); 1226 if (!sym.isDefined()) { 1227 replaceWithDefined( 1228 sym, in.plt, 1229 target->pltHeaderSize + target->pltEntrySize * sym.pltIndex, 0); 1230 if (config->emachine == EM_PPC) { 1231 // PPC32 canonical PLT entries are at the beginning of .glink 1232 cast<Defined>(sym).value = in.plt->headerSize; 1233 in.plt->headerSize += 16; 1234 cast<PPC32GlinkSection>(in.plt)->canonical_plts.push_back(&sym); 1235 } 1236 } 1237 sym.needsPltAddr = true; 1238 sec.relocations.push_back({expr, type, offset, addend, &sym}); 1239 return; 1240 } 1241 } 1242 1243 if (config->isPic) { 1244 if (!canWrite && !isRelExpr(expr)) 1245 errorOrWarn( 1246 "can't create dynamic relocation " + toString(type) + " against " + 1247 (sym.getName().empty() ? "local symbol" 1248 : "symbol: " + toString(sym)) + 1249 " in readonly segment; recompile object files with -fPIC " 1250 "or pass '-Wl,-z,notext' to allow text relocations in the output" + 1251 getLocation(sec, sym, offset)); 1252 else 1253 errorOrWarn( 1254 "relocation " + toString(type) + " cannot be used against " + 1255 (sym.getName().empty() ? "local symbol" : "symbol " + toString(sym)) + 1256 "; recompile with -fPIC" + getLocation(sec, sym, offset)); 1257 return; 1258 } 1259 1260 errorOrWarn("symbol '" + toString(sym) + "' has no type" + 1261 getLocation(sec, sym, offset)); 1262} 1263 1264template <class ELFT, class RelTy> 1265static void scanReloc(InputSectionBase &sec, OffsetGetter &getOffset, RelTy *&i, 1266 RelTy *end) { 1267 const RelTy &rel = *i; 1268 uint32_t symIndex = rel.getSymbol(config->isMips64EL); 1269 Symbol &sym = sec.getFile<ELFT>()->getSymbol(symIndex); 1270 RelType type; 1271 1272 // Deal with MIPS oddity. 1273 if (config->mipsN32Abi) { 1274 type = getMipsN32RelType(i, end); 1275 } else { 1276 type = rel.getType(config->isMips64EL); 1277 ++i; 1278 } 1279 1280 // Get an offset in an output section this relocation is applied to. 1281 uint64_t offset = getOffset.get(rel.r_offset); 1282 if (offset == uint64_t(-1)) 1283 return; 1284 1285 // Error if the target symbol is undefined. Symbol index 0 may be used by 1286 // marker relocations, e.g. R_*_NONE and R_ARM_V4BX. Don't error on them. 1287 if (symIndex != 0 && maybeReportUndefined(sym, sec, rel.r_offset)) 1288 return; 1289 1290 const uint8_t *relocatedAddr = sec.data().begin() + rel.r_offset; 1291 RelExpr expr = target->getRelExpr(type, sym, relocatedAddr); 1292 1293 // Ignore R_*_NONE and other marker relocations. 1294 if (expr == R_NONE) 1295 return; 1296 1297 if (sym.isGnuIFunc() && !config->zText && config->warnIfuncTextrel) { 1298 warn("using ifunc symbols when text relocations are allowed may produce " 1299 "a binary that will segfault, if the object file is linked with " 1300 "old version of glibc (glibc 2.28 and earlier). If this applies to " 1301 "you, consider recompiling the object files without -fPIC and " 1302 "without -Wl,-z,notext option. Use -no-warn-ifunc-textrel to " 1303 "turn off this warning." + 1304 getLocation(sec, sym, offset)); 1305 } 1306 1307 // Read an addend. 1308 int64_t addend = computeAddend<ELFT>(rel, end, sec, expr, sym.isLocal()); 1309 1310 if (config->emachine == EM_PPC64) { 1311 // We can separate the small code model relocations into 2 categories: 1312 // 1) Those that access the compiler generated .toc sections. 1313 // 2) Those that access the linker allocated got entries. 1314 // lld allocates got entries to symbols on demand. Since we don't try to 1315 // sort the got entries in any way, we don't have to track which objects 1316 // have got-based small code model relocs. The .toc sections get placed 1317 // after the end of the linker allocated .got section and we do sort those 1318 // so sections addressed with small code model relocations come first. 1319 if (isPPC64SmallCodeModelTocReloc(type)) 1320 sec.file->ppc64SmallCodeModelTocRelocs = true; 1321 1322 // Record the TOC entry (.toc + addend) as not relaxable. See the comment in 1323 // InputSectionBase::relocateAlloc(). 1324 if (type == R_PPC64_TOC16_LO && sym.isSection() && isa<Defined>(sym) && 1325 cast<Defined>(sym).section->name == ".toc") 1326 ppc64noTocRelax.insert({&sym, addend}); 1327 } 1328 1329 // Relax relocations. 1330 // 1331 // If we know that a PLT entry will be resolved within the same ELF module, we 1332 // can skip PLT access and directly jump to the destination function. For 1333 // example, if we are linking a main executable, all dynamic symbols that can 1334 // be resolved within the executable will actually be resolved that way at 1335 // runtime, because the main executable is always at the beginning of a search 1336 // list. We can leverage that fact. 1337 if (!sym.isPreemptible && (!sym.isGnuIFunc() || config->zIfuncNoplt)) { 1338 if (expr == R_GOT_PC && !isAbsoluteValue(sym)) { 1339 expr = target->adjustRelaxExpr(type, relocatedAddr, expr); 1340 } else { 1341 // The 0x8000 bit of r_addend of R_PPC_PLTREL24 is used to choose call 1342 // stub type. It should be ignored if optimized to R_PC. 1343 if (config->emachine == EM_PPC && expr == R_PPC32_PLTREL) 1344 addend &= ~0x8000; 1345 // R_HEX_GD_PLT_B22_PCREL (call a@GDPLT) is transformed into 1346 // call __tls_get_addr even if the symbol is non-preemptible. 1347 if (!(config->emachine == EM_HEXAGON && 1348 (type == R_HEX_GD_PLT_B22_PCREL || 1349 type == R_HEX_GD_PLT_B22_PCREL_X || 1350 type == R_HEX_GD_PLT_B32_PCREL_X))) 1351 expr = fromPlt(expr); 1352 } 1353 } 1354 1355 // If the relocation does not emit a GOT or GOTPLT entry but its computation 1356 // uses their addresses, we need GOT or GOTPLT to be created. 1357 // 1358 // The 4 types that relative GOTPLT are all x86 and x86-64 specific. 1359 if (oneof<R_GOTPLTONLY_PC, R_GOTPLTREL, R_GOTPLT, R_TLSGD_GOTPLT>(expr)) { 1360 in.gotPlt->hasGotPltOffRel = true; 1361 } else if (oneof<R_GOTONLY_PC, R_GOTREL, R_PPC64_TOCBASE, R_PPC64_RELAX_TOC>( 1362 expr)) { 1363 in.got->hasGotOffRel = true; 1364 } 1365 1366 // Process some TLS relocations, including relaxing TLS relocations. 1367 // Note that this function does not handle all TLS relocations. 1368 if (unsigned processed = 1369 handleTlsRelocation<ELFT>(type, sym, sec, offset, addend, expr)) { 1370 i += (processed - 1); 1371 return; 1372 } 1373 1374 // We were asked not to generate PLT entries for ifuncs. Instead, pass the 1375 // direct relocation on through. 1376 if (sym.isGnuIFunc() && config->zIfuncNoplt) { 1377 sym.exportDynamic = true; 1378 mainPart->relaDyn->addReloc(type, &sec, offset, &sym, addend, R_ADDEND, type); 1379 return; 1380 } 1381 1382 // Non-preemptible ifuncs require special handling. First, handle the usual 1383 // case where the symbol isn't one of these. 1384 if (!sym.isGnuIFunc() || sym.isPreemptible) { 1385 // If a relocation needs PLT, we create PLT and GOTPLT slots for the symbol. 1386 if (needsPlt(expr) && !sym.isInPlt()) 1387 addPltEntry(in.plt, in.gotPlt, in.relaPlt, target->pltRel, sym); 1388 1389 // Create a GOT slot if a relocation needs GOT. 1390 if (needsGot(expr)) { 1391 if (config->emachine == EM_MIPS) { 1392 // MIPS ABI has special rules to process GOT entries and doesn't 1393 // require relocation entries for them. A special case is TLS 1394 // relocations. In that case dynamic loader applies dynamic 1395 // relocations to initialize TLS GOT entries. 1396 // See "Global Offset Table" in Chapter 5 in the following document 1397 // for detailed description: 1398 // ftp://www.linux-mips.org/pub/linux/mips/doc/ABI/mipsabi.pdf 1399 in.mipsGot->addEntry(*sec.file, sym, addend, expr); 1400 } else if (!sym.isInGot()) { 1401 addGotEntry(sym); 1402 } 1403 } 1404 } else { 1405 // Handle a reference to a non-preemptible ifunc. These are special in a 1406 // few ways: 1407 // 1408 // - Unlike most non-preemptible symbols, non-preemptible ifuncs do not have 1409 // a fixed value. But assuming that all references to the ifunc are 1410 // GOT-generating or PLT-generating, the handling of an ifunc is 1411 // relatively straightforward. We create a PLT entry in Iplt, which is 1412 // usually at the end of .plt, which makes an indirect call using a 1413 // matching GOT entry in igotPlt, which is usually at the end of .got.plt. 1414 // The GOT entry is relocated using an IRELATIVE relocation in relaIplt, 1415 // which is usually at the end of .rela.plt. Unlike most relocations in 1416 // .rela.plt, which may be evaluated lazily without -z now, dynamic 1417 // loaders evaluate IRELATIVE relocs eagerly, which means that for 1418 // IRELATIVE relocs only, GOT-generating relocations can point directly to 1419 // .got.plt without requiring a separate GOT entry. 1420 // 1421 // - Despite the fact that an ifunc does not have a fixed value, compilers 1422 // that are not passed -fPIC will assume that they do, and will emit 1423 // direct (non-GOT-generating, non-PLT-generating) relocations to the 1424 // symbol. This means that if a direct relocation to the symbol is 1425 // seen, the linker must set a value for the symbol, and this value must 1426 // be consistent no matter what type of reference is made to the symbol. 1427 // This can be done by creating a PLT entry for the symbol in the way 1428 // described above and making it canonical, that is, making all references 1429 // point to the PLT entry instead of the resolver. In lld we also store 1430 // the address of the PLT entry in the dynamic symbol table, which means 1431 // that the symbol will also have the same value in other modules. 1432 // Because the value loaded from the GOT needs to be consistent with 1433 // the value computed using a direct relocation, a non-preemptible ifunc 1434 // may end up with two GOT entries, one in .got.plt that points to the 1435 // address returned by the resolver and is used only by the PLT entry, 1436 // and another in .got that points to the PLT entry and is used by 1437 // GOT-generating relocations. 1438 // 1439 // - The fact that these symbols do not have a fixed value makes them an 1440 // exception to the general rule that a statically linked executable does 1441 // not require any form of dynamic relocation. To handle these relocations 1442 // correctly, the IRELATIVE relocations are stored in an array which a 1443 // statically linked executable's startup code must enumerate using the 1444 // linker-defined symbols __rela?_iplt_{start,end}. 1445 if (!sym.isInPlt()) { 1446 // Create PLT and GOTPLT slots for the symbol. 1447 sym.isInIplt = true; 1448 1449 // Create a copy of the symbol to use as the target of the IRELATIVE 1450 // relocation in the igotPlt. This is in case we make the PLT canonical 1451 // later, which would overwrite the original symbol. 1452 // 1453 // FIXME: Creating a copy of the symbol here is a bit of a hack. All 1454 // that's really needed to create the IRELATIVE is the section and value, 1455 // so ideally we should just need to copy those. 1456 auto *directSym = make<Defined>(cast<Defined>(sym)); 1457 addPltEntry(in.iplt, in.igotPlt, in.relaIplt, target->iRelativeRel, 1458 *directSym); 1459 sym.pltIndex = directSym->pltIndex; 1460 } 1461 if (needsGot(expr)) { 1462 // Redirect GOT accesses to point to the Igot. 1463 // 1464 // This field is also used to keep track of whether we ever needed a GOT 1465 // entry. If we did and we make the PLT canonical later, we'll need to 1466 // create a GOT entry pointing to the PLT entry for Sym. 1467 sym.gotInIgot = true; 1468 } else if (!needsPlt(expr)) { 1469 // Make the ifunc's PLT entry canonical by changing the value of its 1470 // symbol to redirect all references to point to it. 1471 auto &d = cast<Defined>(sym); 1472 d.section = in.iplt; 1473 d.value = sym.pltIndex * target->ipltEntrySize; 1474 d.size = 0; 1475 // It's important to set the symbol type here so that dynamic loaders 1476 // don't try to call the PLT as if it were an ifunc resolver. 1477 d.type = STT_FUNC; 1478 1479 if (sym.gotInIgot) { 1480 // We previously encountered a GOT generating reference that we 1481 // redirected to the Igot. Now that the PLT entry is canonical we must 1482 // clear the redirection to the Igot and add a GOT entry. As we've 1483 // changed the symbol type to STT_FUNC future GOT generating references 1484 // will naturally use this GOT entry. 1485 // 1486 // We don't need to worry about creating a MIPS GOT here because ifuncs 1487 // aren't a thing on MIPS. 1488 sym.gotInIgot = false; 1489 addGotEntry(sym); 1490 } 1491 } 1492 } 1493 1494 processRelocAux<ELFT>(sec, expr, type, offset, sym, rel, addend); 1495} 1496 1497template <class ELFT, class RelTy> 1498static void scanRelocs(InputSectionBase &sec, ArrayRef<RelTy> rels) { 1499 OffsetGetter getOffset(sec); 1500 1501 // Not all relocations end up in Sec.Relocations, but a lot do. 1502 sec.relocations.reserve(rels.size()); 1503 1504 for (auto i = rels.begin(), end = rels.end(); i != end;) 1505 scanReloc<ELFT>(sec, getOffset, i, end); 1506 1507 // Sort relocations by offset for more efficient searching for 1508 // R_RISCV_PCREL_HI20 and R_PPC64_ADDR64. 1509 if (config->emachine == EM_RISCV || 1510 (config->emachine == EM_PPC64 && sec.name == ".toc")) 1511 llvm::stable_sort(sec.relocations, 1512 [](const Relocation &lhs, const Relocation &rhs) { 1513 return lhs.offset < rhs.offset; 1514 }); 1515} 1516 1517template <class ELFT> void elf::scanRelocations(InputSectionBase &s) { 1518 if (s.areRelocsRela) 1519 scanRelocs<ELFT>(s, s.relas<ELFT>()); 1520 else 1521 scanRelocs<ELFT>(s, s.rels<ELFT>()); 1522} 1523 1524static bool mergeCmp(const InputSection *a, const InputSection *b) { 1525 // std::merge requires a strict weak ordering. 1526 if (a->outSecOff < b->outSecOff) 1527 return true; 1528 1529 if (a->outSecOff == b->outSecOff) { 1530 auto *ta = dyn_cast<ThunkSection>(a); 1531 auto *tb = dyn_cast<ThunkSection>(b); 1532 1533 // Check if Thunk is immediately before any specific Target 1534 // InputSection for example Mips LA25 Thunks. 1535 if (ta && ta->getTargetInputSection() == b) 1536 return true; 1537 1538 // Place Thunk Sections without specific targets before 1539 // non-Thunk Sections. 1540 if (ta && !tb && !ta->getTargetInputSection()) 1541 return true; 1542 } 1543 1544 return false; 1545} 1546 1547// Call Fn on every executable InputSection accessed via the linker script 1548// InputSectionDescription::Sections. 1549static void forEachInputSectionDescription( 1550 ArrayRef<OutputSection *> outputSections, 1551 llvm::function_ref<void(OutputSection *, InputSectionDescription *)> fn) { 1552 for (OutputSection *os : outputSections) { 1553 if (!(os->flags & SHF_ALLOC) || !(os->flags & SHF_EXECINSTR)) 1554 continue; 1555 for (BaseCommand *bc : os->sectionCommands) 1556 if (auto *isd = dyn_cast<InputSectionDescription>(bc)) 1557 fn(os, isd); 1558 } 1559} 1560 1561// Thunk Implementation 1562// 1563// Thunks (sometimes called stubs, veneers or branch islands) are small pieces 1564// of code that the linker inserts inbetween a caller and a callee. The thunks 1565// are added at link time rather than compile time as the decision on whether 1566// a thunk is needed, such as the caller and callee being out of range, can only 1567// be made at link time. 1568// 1569// It is straightforward to tell given the current state of the program when a 1570// thunk is needed for a particular call. The more difficult part is that 1571// the thunk needs to be placed in the program such that the caller can reach 1572// the thunk and the thunk can reach the callee; furthermore, adding thunks to 1573// the program alters addresses, which can mean more thunks etc. 1574// 1575// In lld we have a synthetic ThunkSection that can hold many Thunks. 1576// The decision to have a ThunkSection act as a container means that we can 1577// more easily handle the most common case of a single block of contiguous 1578// Thunks by inserting just a single ThunkSection. 1579// 1580// The implementation of Thunks in lld is split across these areas 1581// Relocations.cpp : Framework for creating and placing thunks 1582// Thunks.cpp : The code generated for each supported thunk 1583// Target.cpp : Target specific hooks that the framework uses to decide when 1584// a thunk is used 1585// Synthetic.cpp : Implementation of ThunkSection 1586// Writer.cpp : Iteratively call framework until no more Thunks added 1587// 1588// Thunk placement requirements: 1589// Mips LA25 thunks. These must be placed immediately before the callee section 1590// We can assume that the caller is in range of the Thunk. These are modelled 1591// by Thunks that return the section they must precede with 1592// getTargetInputSection(). 1593// 1594// ARM interworking and range extension thunks. These thunks must be placed 1595// within range of the caller. All implemented ARM thunks can always reach the 1596// callee as they use an indirect jump via a register that has no range 1597// restrictions. 1598// 1599// Thunk placement algorithm: 1600// For Mips LA25 ThunkSections; the placement is explicit, it has to be before 1601// getTargetInputSection(). 1602// 1603// For thunks that must be placed within range of the caller there are many 1604// possible choices given that the maximum range from the caller is usually 1605// much larger than the average InputSection size. Desirable properties include: 1606// - Maximize reuse of thunks by multiple callers 1607// - Minimize number of ThunkSections to simplify insertion 1608// - Handle impact of already added Thunks on addresses 1609// - Simple to understand and implement 1610// 1611// In lld for the first pass, we pre-create one or more ThunkSections per 1612// InputSectionDescription at Target specific intervals. A ThunkSection is 1613// placed so that the estimated end of the ThunkSection is within range of the 1614// start of the InputSectionDescription or the previous ThunkSection. For 1615// example: 1616// InputSectionDescription 1617// Section 0 1618// ... 1619// Section N 1620// ThunkSection 0 1621// Section N + 1 1622// ... 1623// Section N + K 1624// Thunk Section 1 1625// 1626// The intention is that we can add a Thunk to a ThunkSection that is well 1627// spaced enough to service a number of callers without having to do a lot 1628// of work. An important principle is that it is not an error if a Thunk cannot 1629// be placed in a pre-created ThunkSection; when this happens we create a new 1630// ThunkSection placed next to the caller. This allows us to handle the vast 1631// majority of thunks simply, but also handle rare cases where the branch range 1632// is smaller than the target specific spacing. 1633// 1634// The algorithm is expected to create all the thunks that are needed in a 1635// single pass, with a small number of programs needing a second pass due to 1636// the insertion of thunks in the first pass increasing the offset between 1637// callers and callees that were only just in range. 1638// 1639// A consequence of allowing new ThunkSections to be created outside of the 1640// pre-created ThunkSections is that in rare cases calls to Thunks that were in 1641// range in pass K, are out of range in some pass > K due to the insertion of 1642// more Thunks in between the caller and callee. When this happens we retarget 1643// the relocation back to the original target and create another Thunk. 1644 1645// Remove ThunkSections that are empty, this should only be the initial set 1646// precreated on pass 0. 1647 1648// Insert the Thunks for OutputSection OS into their designated place 1649// in the Sections vector, and recalculate the InputSection output section 1650// offsets. 1651// This may invalidate any output section offsets stored outside of InputSection 1652void ThunkCreator::mergeThunks(ArrayRef<OutputSection *> outputSections) { 1653 forEachInputSectionDescription( 1654 outputSections, [&](OutputSection *os, InputSectionDescription *isd) { 1655 if (isd->thunkSections.empty()) 1656 return; 1657 1658 // Remove any zero sized precreated Thunks. 1659 llvm::erase_if(isd->thunkSections, 1660 [](const std::pair<ThunkSection *, uint32_t> &ts) { 1661 return ts.first->getSize() == 0; 1662 }); 1663 1664 // ISD->ThunkSections contains all created ThunkSections, including 1665 // those inserted in previous passes. Extract the Thunks created this 1666 // pass and order them in ascending outSecOff. 1667 std::vector<ThunkSection *> newThunks; 1668 for (std::pair<ThunkSection *, uint32_t> ts : isd->thunkSections) 1669 if (ts.second == pass) 1670 newThunks.push_back(ts.first); 1671 llvm::stable_sort(newThunks, 1672 [](const ThunkSection *a, const ThunkSection *b) { 1673 return a->outSecOff < b->outSecOff; 1674 }); 1675 1676 // Merge sorted vectors of Thunks and InputSections by outSecOff 1677 std::vector<InputSection *> tmp; 1678 tmp.reserve(isd->sections.size() + newThunks.size()); 1679 1680 std::merge(isd->sections.begin(), isd->sections.end(), 1681 newThunks.begin(), newThunks.end(), std::back_inserter(tmp), 1682 mergeCmp); 1683 1684 isd->sections = std::move(tmp); 1685 }); 1686} 1687 1688// Find or create a ThunkSection within the InputSectionDescription (ISD) that 1689// is in range of Src. An ISD maps to a range of InputSections described by a 1690// linker script section pattern such as { .text .text.* }. 1691ThunkSection *ThunkCreator::getISDThunkSec(OutputSection *os, InputSection *isec, 1692 InputSectionDescription *isd, 1693 uint32_t type, uint64_t src) { 1694 for (std::pair<ThunkSection *, uint32_t> tp : isd->thunkSections) { 1695 ThunkSection *ts = tp.first; 1696 uint64_t tsBase = os->addr + ts->outSecOff; 1697 uint64_t tsLimit = tsBase + ts->getSize(); 1698 if (target->inBranchRange(type, src, (src > tsLimit) ? tsBase : tsLimit)) 1699 return ts; 1700 } 1701 1702 // No suitable ThunkSection exists. This can happen when there is a branch 1703 // with lower range than the ThunkSection spacing or when there are too 1704 // many Thunks. Create a new ThunkSection as close to the InputSection as 1705 // possible. Error if InputSection is so large we cannot place ThunkSection 1706 // anywhere in Range. 1707 uint64_t thunkSecOff = isec->outSecOff; 1708 if (!target->inBranchRange(type, src, os->addr + thunkSecOff)) { 1709 thunkSecOff = isec->outSecOff + isec->getSize(); 1710 if (!target->inBranchRange(type, src, os->addr + thunkSecOff)) 1711 fatal("InputSection too large for range extension thunk " + 1712 isec->getObjMsg(src - (os->addr + isec->outSecOff))); 1713 } 1714 return addThunkSection(os, isd, thunkSecOff); 1715} 1716 1717// Add a Thunk that needs to be placed in a ThunkSection that immediately 1718// precedes its Target. 1719ThunkSection *ThunkCreator::getISThunkSec(InputSection *isec) { 1720 ThunkSection *ts = thunkedSections.lookup(isec); 1721 if (ts) 1722 return ts; 1723 1724 // Find InputSectionRange within Target Output Section (TOS) that the 1725 // InputSection (IS) that we need to precede is in. 1726 OutputSection *tos = isec->getParent(); 1727 for (BaseCommand *bc : tos->sectionCommands) { 1728 auto *isd = dyn_cast<InputSectionDescription>(bc); 1729 if (!isd || isd->sections.empty()) 1730 continue; 1731 1732 InputSection *first = isd->sections.front(); 1733 InputSection *last = isd->sections.back(); 1734 1735 if (isec->outSecOff < first->outSecOff || last->outSecOff < isec->outSecOff) 1736 continue; 1737 1738 ts = addThunkSection(tos, isd, isec->outSecOff); 1739 thunkedSections[isec] = ts; 1740 return ts; 1741 } 1742 1743 return nullptr; 1744} 1745 1746// Create one or more ThunkSections per OS that can be used to place Thunks. 1747// We attempt to place the ThunkSections using the following desirable 1748// properties: 1749// - Within range of the maximum number of callers 1750// - Minimise the number of ThunkSections 1751// 1752// We follow a simple but conservative heuristic to place ThunkSections at 1753// offsets that are multiples of a Target specific branch range. 1754// For an InputSectionDescription that is smaller than the range, a single 1755// ThunkSection at the end of the range will do. 1756// 1757// For an InputSectionDescription that is more than twice the size of the range, 1758// we place the last ThunkSection at range bytes from the end of the 1759// InputSectionDescription in order to increase the likelihood that the 1760// distance from a thunk to its target will be sufficiently small to 1761// allow for the creation of a short thunk. 1762void ThunkCreator::createInitialThunkSections( 1763 ArrayRef<OutputSection *> outputSections) { 1764 uint32_t thunkSectionSpacing = target->getThunkSectionSpacing(); 1765 1766 forEachInputSectionDescription( 1767 outputSections, [&](OutputSection *os, InputSectionDescription *isd) { 1768 if (isd->sections.empty()) 1769 return; 1770 1771 uint32_t isdBegin = isd->sections.front()->outSecOff; 1772 uint32_t isdEnd = 1773 isd->sections.back()->outSecOff + isd->sections.back()->getSize(); 1774 uint32_t lastThunkLowerBound = -1; 1775 if (isdEnd - isdBegin > thunkSectionSpacing * 2) 1776 lastThunkLowerBound = isdEnd - thunkSectionSpacing; 1777 1778 uint32_t isecLimit; 1779 uint32_t prevIsecLimit = isdBegin; 1780 uint32_t thunkUpperBound = isdBegin + thunkSectionSpacing; 1781 1782 for (const InputSection *isec : isd->sections) { 1783 isecLimit = isec->outSecOff + isec->getSize(); 1784 if (isecLimit > thunkUpperBound) { 1785 addThunkSection(os, isd, prevIsecLimit); 1786 thunkUpperBound = prevIsecLimit + thunkSectionSpacing; 1787 } 1788 if (isecLimit > lastThunkLowerBound) 1789 break; 1790 prevIsecLimit = isecLimit; 1791 } 1792 addThunkSection(os, isd, isecLimit); 1793 }); 1794} 1795 1796ThunkSection *ThunkCreator::addThunkSection(OutputSection *os, 1797 InputSectionDescription *isd, 1798 uint64_t off) { 1799 auto *ts = make<ThunkSection>(os, off); 1800 ts->partition = os->partition; 1801 if ((config->fixCortexA53Errata843419 || config->fixCortexA8) && 1802 !isd->sections.empty()) { 1803 // The errata fixes are sensitive to addresses modulo 4 KiB. When we add 1804 // thunks we disturb the base addresses of sections placed after the thunks 1805 // this makes patches we have generated redundant, and may cause us to 1806 // generate more patches as different instructions are now in sensitive 1807 // locations. When we generate more patches we may force more branches to 1808 // go out of range, causing more thunks to be generated. In pathological 1809 // cases this can cause the address dependent content pass not to converge. 1810 // We fix this by rounding up the size of the ThunkSection to 4KiB, this 1811 // limits the insertion of a ThunkSection on the addresses modulo 4 KiB, 1812 // which means that adding Thunks to the section does not invalidate 1813 // errata patches for following code. 1814 // Rounding up the size to 4KiB has consequences for code-size and can 1815 // trip up linker script defined assertions. For example the linux kernel 1816 // has an assertion that what LLD represents as an InputSectionDescription 1817 // does not exceed 4 KiB even if the overall OutputSection is > 128 Mib. 1818 // We use the heuristic of rounding up the size when both of the following 1819 // conditions are true: 1820 // 1.) The OutputSection is larger than the ThunkSectionSpacing. This 1821 // accounts for the case where no single InputSectionDescription is 1822 // larger than the OutputSection size. This is conservative but simple. 1823 // 2.) The InputSectionDescription is larger than 4 KiB. This will prevent 1824 // any assertion failures that an InputSectionDescription is < 4 KiB 1825 // in size. 1826 uint64_t isdSize = isd->sections.back()->outSecOff + 1827 isd->sections.back()->getSize() - 1828 isd->sections.front()->outSecOff; 1829 if (os->size > target->getThunkSectionSpacing() && isdSize > 4096) 1830 ts->roundUpSizeForErrata = true; 1831 } 1832 isd->thunkSections.push_back({ts, pass}); 1833 return ts; 1834} 1835 1836static bool isThunkSectionCompatible(InputSection *source, 1837 SectionBase *target) { 1838 // We can't reuse thunks in different loadable partitions because they might 1839 // not be loaded. But partition 1 (the main partition) will always be loaded. 1840 if (source->partition != target->partition) 1841 return target->partition == 1; 1842 return true; 1843} 1844 1845static int64_t getPCBias(RelType type) { 1846 if (config->emachine != EM_ARM) 1847 return 0; 1848 switch (type) { 1849 case R_ARM_THM_JUMP19: 1850 case R_ARM_THM_JUMP24: 1851 case R_ARM_THM_CALL: 1852 return 4; 1853 default: 1854 return 8; 1855 } 1856} 1857 1858std::pair<Thunk *, bool> ThunkCreator::getThunk(InputSection *isec, 1859 Relocation &rel, uint64_t src) { 1860 std::vector<Thunk *> *thunkVec = nullptr; 1861 int64_t addend = rel.addend + getPCBias(rel.type); 1862 1863 // We use a ((section, offset), addend) pair to find the thunk position if 1864 // possible so that we create only one thunk for aliased symbols or ICFed 1865 // sections. There may be multiple relocations sharing the same (section, 1866 // offset + addend) pair. We may revert the relocation back to its original 1867 // non-Thunk target, so we cannot fold offset + addend. 1868 if (auto *d = dyn_cast<Defined>(rel.sym)) 1869 if (!d->isInPlt() && d->section) 1870 thunkVec = &thunkedSymbolsBySectionAndAddend[{ 1871 {d->section->repl, d->value}, addend}]; 1872 if (!thunkVec) 1873 thunkVec = &thunkedSymbols[{rel.sym, addend}]; 1874 1875 // Check existing Thunks for Sym to see if they can be reused 1876 for (Thunk *t : *thunkVec) 1877 if (isThunkSectionCompatible(isec, t->getThunkTargetSym()->section) && 1878 t->isCompatibleWith(*isec, rel) && 1879 target->inBranchRange(rel.type, src, 1880 t->getThunkTargetSym()->getVA(rel.addend) + 1881 getPCBias(rel.type))) 1882 return std::make_pair(t, false); 1883 1884 // No existing compatible Thunk in range, create a new one 1885 Thunk *t = addThunk(*isec, rel); 1886 thunkVec->push_back(t); 1887 return std::make_pair(t, true); 1888} 1889 1890// Return true if the relocation target is an in range Thunk. 1891// Return false if the relocation is not to a Thunk. If the relocation target 1892// was originally to a Thunk, but is no longer in range we revert the 1893// relocation back to its original non-Thunk target. 1894bool ThunkCreator::normalizeExistingThunk(Relocation &rel, uint64_t src) { 1895 if (Thunk *t = thunks.lookup(rel.sym)) { 1896 if (target->inBranchRange(rel.type, src, 1897 rel.sym->getVA(rel.addend) + getPCBias(rel.type))) 1898 return true; 1899 rel.sym = &t->destination; 1900 rel.addend = t->addend; 1901 if (rel.sym->isInPlt()) 1902 rel.expr = toPlt(rel.expr); 1903 } 1904 return false; 1905} 1906 1907// Process all relocations from the InputSections that have been assigned 1908// to InputSectionDescriptions and redirect through Thunks if needed. The 1909// function should be called iteratively until it returns false. 1910// 1911// PreConditions: 1912// All InputSections that may need a Thunk are reachable from 1913// OutputSectionCommands. 1914// 1915// All OutputSections have an address and all InputSections have an offset 1916// within the OutputSection. 1917// 1918// The offsets between caller (relocation place) and callee 1919// (relocation target) will not be modified outside of createThunks(). 1920// 1921// PostConditions: 1922// If return value is true then ThunkSections have been inserted into 1923// OutputSections. All relocations that needed a Thunk based on the information 1924// available to createThunks() on entry have been redirected to a Thunk. Note 1925// that adding Thunks changes offsets between caller and callee so more Thunks 1926// may be required. 1927// 1928// If return value is false then no more Thunks are needed, and createThunks has 1929// made no changes. If the target requires range extension thunks, currently 1930// ARM, then any future change in offset between caller and callee risks a 1931// relocation out of range error. 1932bool ThunkCreator::createThunks(ArrayRef<OutputSection *> outputSections) { 1933 bool addressesChanged = false; 1934 1935 if (pass == 0 && target->getThunkSectionSpacing()) 1936 createInitialThunkSections(outputSections); 1937 1938 // Create all the Thunks and insert them into synthetic ThunkSections. The 1939 // ThunkSections are later inserted back into InputSectionDescriptions. 1940 // We separate the creation of ThunkSections from the insertion of the 1941 // ThunkSections as ThunkSections are not always inserted into the same 1942 // InputSectionDescription as the caller. 1943 forEachInputSectionDescription( 1944 outputSections, [&](OutputSection *os, InputSectionDescription *isd) { 1945 for (InputSection *isec : isd->sections) 1946 for (Relocation &rel : isec->relocations) { 1947 uint64_t src = isec->getVA(rel.offset); 1948 1949 // If we are a relocation to an existing Thunk, check if it is 1950 // still in range. If not then Rel will be altered to point to its 1951 // original target so another Thunk can be generated. 1952 if (pass > 0 && normalizeExistingThunk(rel, src)) 1953 continue; 1954 1955 if (!target->needsThunk(rel.expr, rel.type, isec->file, src, 1956 *rel.sym, rel.addend)) 1957 continue; 1958 1959 Thunk *t; 1960 bool isNew; 1961 std::tie(t, isNew) = getThunk(isec, rel, src); 1962 1963 if (isNew) { 1964 // Find or create a ThunkSection for the new Thunk 1965 ThunkSection *ts; 1966 if (auto *tis = t->getTargetInputSection()) 1967 ts = getISThunkSec(tis); 1968 else 1969 ts = getISDThunkSec(os, isec, isd, rel.type, src); 1970 ts->addThunk(t); 1971 thunks[t->getThunkTargetSym()] = t; 1972 } 1973 1974 // Redirect relocation to Thunk, we never go via the PLT to a Thunk 1975 rel.sym = t->getThunkTargetSym(); 1976 rel.expr = fromPlt(rel.expr); 1977 1978 // On AArch64 and PPC, a jump/call relocation may be encoded as 1979 // STT_SECTION + non-zero addend, clear the addend after 1980 // redirection. 1981 if (config->emachine != EM_MIPS) 1982 rel.addend = -getPCBias(rel.type); 1983 } 1984 1985 for (auto &p : isd->thunkSections) 1986 addressesChanged |= p.first->assignOffsets(); 1987 }); 1988 1989 for (auto &p : thunkedSections) 1990 addressesChanged |= p.second->assignOffsets(); 1991 1992 // Merge all created synthetic ThunkSections back into OutputSection 1993 mergeThunks(outputSections); 1994 ++pass; 1995 return addressesChanged; 1996} 1997 1998// The following aid in the conversion of call x@GDPLT to call __tls_get_addr 1999// hexagonNeedsTLSSymbol scans for relocations would require a call to 2000// __tls_get_addr. 2001// hexagonTLSSymbolUpdate rebinds the relocation to __tls_get_addr. 2002bool elf::hexagonNeedsTLSSymbol(ArrayRef<OutputSection *> outputSections) { 2003 bool needTlsSymbol = false; 2004 forEachInputSectionDescription( 2005 outputSections, [&](OutputSection *os, InputSectionDescription *isd) { 2006 for (InputSection *isec : isd->sections) 2007 for (Relocation &rel : isec->relocations) 2008 if (rel.sym->type == llvm::ELF::STT_TLS && rel.expr == R_PLT_PC) { 2009 needTlsSymbol = true; 2010 return; 2011 } 2012 }); 2013 return needTlsSymbol; 2014} 2015 2016void elf::hexagonTLSSymbolUpdate(ArrayRef<OutputSection *> outputSections) { 2017 Symbol *sym = symtab->find("__tls_get_addr"); 2018 if (!sym) 2019 return; 2020 bool needEntry = true; 2021 forEachInputSectionDescription( 2022 outputSections, [&](OutputSection *os, InputSectionDescription *isd) { 2023 for (InputSection *isec : isd->sections) 2024 for (Relocation &rel : isec->relocations) 2025 if (rel.sym->type == llvm::ELF::STT_TLS && rel.expr == R_PLT_PC) { 2026 if (needEntry) { 2027 addPltEntry(in.plt, in.gotPlt, in.relaPlt, target->pltRel, 2028 *sym); 2029 needEntry = false; 2030 } 2031 rel.sym = sym; 2032 } 2033 }); 2034} 2035 2036template void elf::scanRelocations<ELF32LE>(InputSectionBase &); 2037template void elf::scanRelocations<ELF32BE>(InputSectionBase &); 2038template void elf::scanRelocations<ELF64LE>(InputSectionBase &); 2039template void elf::scanRelocations<ELF64BE>(InputSectionBase &); 2040template void elf::reportUndefinedSymbols<ELF32LE>(); 2041template void elf::reportUndefinedSymbols<ELF32BE>(); 2042template void elf::reportUndefinedSymbols<ELF64LE>(); 2043template void elf::reportUndefinedSymbols<ELF64BE>(); 2044