1 //===- Relocations.cpp ----------------------------------------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // This file contains platform-independent functions to process relocations. 10 // I'll describe the overview of this file here. 11 // 12 // Simple relocations are easy to handle for the linker. For example, 13 // for R_X86_64_PC64 relocs, the linker just has to fix up locations 14 // with the relative offsets to the target symbols. It would just be 15 // reading records from relocation sections and applying them to output. 16 // 17 // But not all relocations are that easy to handle. For example, for 18 // R_386_GOTOFF relocs, the linker has to create new GOT entries for 19 // symbols if they don't exist, and fix up locations with GOT entry 20 // offsets from the beginning of GOT section. So there is more than 21 // fixing addresses in relocation processing. 22 // 23 // ELF defines a large number of complex relocations. 24 // 25 // The functions in this file analyze relocations and do whatever needs 26 // to be done. It includes, but not limited to, the following. 27 // 28 // - create GOT/PLT entries 29 // - create new relocations in .dynsym to let the dynamic linker resolve 30 // them at runtime (since ELF supports dynamic linking, not all 31 // relocations can be resolved at link-time) 32 // - create COPY relocs and reserve space in .bss 33 // - replace expensive relocs (in terms of runtime cost) with cheap ones 34 // - error out infeasible combinations such as PIC and non-relative relocs 35 // 36 // Note that the functions in this file don't actually apply relocations 37 // because it doesn't know about the output file nor the output file buffer. 38 // It instead stores Relocation objects to InputSection's Relocations 39 // vector to let it apply later in InputSection::writeTo. 40 // 41 //===----------------------------------------------------------------------===// 42 43 #include "Relocations.h" 44 #include "Config.h" 45 #include "LinkerScript.h" 46 #include "OutputSections.h" 47 #include "SymbolTable.h" 48 #include "Symbols.h" 49 #include "SyntheticSections.h" 50 #include "Target.h" 51 #include "Thunks.h" 52 #include "lld/Common/ErrorHandler.h" 53 #include "lld/Common/Memory.h" 54 #include "lld/Common/Strings.h" 55 #include "llvm/ADT/SmallSet.h" 56 #include "llvm/Demangle/Demangle.h" 57 #include "llvm/Support/Endian.h" 58 #include "llvm/Support/raw_ostream.h" 59 #include <algorithm> 60 61 using namespace llvm; 62 using namespace llvm::ELF; 63 using namespace llvm::object; 64 using namespace llvm::support::endian; 65 using namespace lld; 66 using namespace lld::elf; 67 68 static Optional<std::string> getLinkerScriptLocation(const Symbol &sym) { 69 for (BaseCommand *base : script->sectionCommands) 70 if (auto *cmd = dyn_cast<SymbolAssignment>(base)) 71 if (cmd->sym == &sym) 72 return cmd->location; 73 return None; 74 } 75 76 static std::string getDefinedLocation(const Symbol &sym) { 77 const char msg[] = "\n>>> defined in "; 78 if (sym.file) 79 return msg + toString(sym.file); 80 if (Optional<std::string> loc = getLinkerScriptLocation(sym)) 81 return msg + *loc; 82 return ""; 83 } 84 85 // Construct a message in the following format. 86 // 87 // >>> defined in /home/alice/src/foo.o 88 // >>> referenced by bar.c:12 (/home/alice/src/bar.c:12) 89 // >>> /home/alice/src/bar.o:(.text+0x1) 90 static std::string getLocation(InputSectionBase &s, const Symbol &sym, 91 uint64_t off) { 92 std::string msg = getDefinedLocation(sym) + "\n>>> referenced by "; 93 std::string src = s.getSrcMsg(sym, off); 94 if (!src.empty()) 95 msg += src + "\n>>> "; 96 return msg + s.getObjMsg(off); 97 } 98 99 void elf::reportRangeError(uint8_t *loc, const Relocation &rel, const Twine &v, 100 int64_t min, uint64_t max) { 101 ErrorPlace errPlace = getErrorPlace(loc); 102 std::string hint; 103 if (rel.sym && !rel.sym->isLocal()) 104 hint = "; references " + lld::toString(*rel.sym); 105 if (!errPlace.srcLoc.empty()) 106 hint += "\n>>> referenced by " + errPlace.srcLoc; 107 if (rel.sym && !rel.sym->isLocal()) 108 hint += getDefinedLocation(*rel.sym); 109 110 if (errPlace.isec && errPlace.isec->name.startswith(".debug")) 111 hint += "; consider recompiling with -fdebug-types-section to reduce size " 112 "of debug sections"; 113 114 errorOrWarn(errPlace.loc + "relocation " + lld::toString(rel.type) + 115 " out of range: " + v.str() + " is not in [" + Twine(min).str() + 116 ", " + Twine(max).str() + "]" + hint); 117 } 118 119 void elf::reportRangeError(uint8_t *loc, int64_t v, int n, const Symbol &sym, 120 const Twine &msg) { 121 ErrorPlace errPlace = getErrorPlace(loc); 122 std::string hint; 123 if (!sym.getName().empty()) 124 hint = "; references " + lld::toString(sym) + getDefinedLocation(sym); 125 errorOrWarn(errPlace.loc + msg + " is out of range: " + Twine(v) + 126 " is not in [" + Twine(llvm::minIntN(n)) + ", " + 127 Twine(llvm::maxIntN(n)) + "]" + hint); 128 } 129 130 // Build a bitmask with one bit set for each 64 subset of RelExpr. 131 static constexpr uint64_t buildMask() { return 0; } 132 133 template <typename... Tails> 134 static constexpr uint64_t buildMask(int head, Tails... tails) { 135 return (0 <= head && head < 64 ? uint64_t(1) << head : 0) | 136 buildMask(tails...); 137 } 138 139 // Return true if `Expr` is one of `Exprs`. 140 // There are more than 64 but less than 128 RelExprs, so we divide the set of 141 // exprs into [0, 64) and [64, 128) and represent each range as a constant 142 // 64-bit mask. Then we decide which mask to test depending on the value of 143 // expr and use a simple shift and bitwise-and to test for membership. 144 template <RelExpr... Exprs> static bool oneof(RelExpr expr) { 145 assert(0 <= expr && (int)expr < 128 && 146 "RelExpr is too large for 128-bit mask!"); 147 148 if (expr >= 64) 149 return (uint64_t(1) << (expr - 64)) & buildMask((Exprs - 64)...); 150 return (uint64_t(1) << expr) & buildMask(Exprs...); 151 } 152 153 static RelType getMipsPairType(RelType type, bool isLocal) { 154 switch (type) { 155 case R_MIPS_HI16: 156 return R_MIPS_LO16; 157 case R_MIPS_GOT16: 158 // In case of global symbol, the R_MIPS_GOT16 relocation does not 159 // have a pair. Each global symbol has a unique entry in the GOT 160 // and a corresponding instruction with help of the R_MIPS_GOT16 161 // relocation loads an address of the symbol. In case of local 162 // symbol, the R_MIPS_GOT16 relocation creates a GOT entry to hold 163 // the high 16 bits of the symbol's value. A paired R_MIPS_LO16 164 // relocations handle low 16 bits of the address. That allows 165 // to allocate only one GOT entry for every 64 KBytes of local data. 166 return isLocal ? R_MIPS_LO16 : R_MIPS_NONE; 167 case R_MICROMIPS_GOT16: 168 return isLocal ? R_MICROMIPS_LO16 : R_MIPS_NONE; 169 case R_MIPS_PCHI16: 170 return R_MIPS_PCLO16; 171 case R_MICROMIPS_HI16: 172 return R_MICROMIPS_LO16; 173 default: 174 return R_MIPS_NONE; 175 } 176 } 177 178 // True if non-preemptable symbol always has the same value regardless of where 179 // the DSO is loaded. 180 static bool isAbsolute(const Symbol &sym) { 181 if (sym.isUndefWeak()) 182 return true; 183 if (const auto *dr = dyn_cast<Defined>(&sym)) 184 return dr->section == nullptr; // Absolute symbol. 185 return false; 186 } 187 188 static bool isAbsoluteValue(const Symbol &sym) { 189 return isAbsolute(sym) || sym.isTls(); 190 } 191 192 // Returns true if Expr refers a PLT entry. 193 static bool needsPlt(RelExpr expr) { 194 return oneof<R_PLT, R_PLT_PC, R_PLT_GOTPLT, R_PPC32_PLTREL, R_PPC64_CALL_PLT>( 195 expr); 196 } 197 198 // Returns true if Expr refers a GOT entry. Note that this function 199 // returns false for TLS variables even though they need GOT, because 200 // TLS variables uses GOT differently than the regular variables. 201 static bool needsGot(RelExpr expr) { 202 return oneof<R_GOT, R_GOT_OFF, R_MIPS_GOT_LOCAL_PAGE, R_MIPS_GOT_OFF, 203 R_MIPS_GOT_OFF32, R_AARCH64_GOT_PAGE_PC, R_GOT_PC, R_GOTPLT, 204 R_AARCH64_GOT_PAGE>(expr); 205 } 206 207 // True if this expression is of the form Sym - X, where X is a position in the 208 // file (PC, or GOT for example). 209 static bool isRelExpr(RelExpr expr) { 210 return oneof<R_PC, R_GOTREL, R_GOTPLTREL, R_MIPS_GOTREL, R_PPC64_CALL, 211 R_PPC64_RELAX_TOC, R_AARCH64_PAGE_PC, R_RELAX_GOT_PC, 212 R_RISCV_PC_INDIRECT, R_PPC64_RELAX_GOT_PC>(expr); 213 } 214 215 // Returns true if a given relocation can be computed at link-time. 216 // 217 // For instance, we know the offset from a relocation to its target at 218 // link-time if the relocation is PC-relative and refers a 219 // non-interposable function in the same executable. This function 220 // will return true for such relocation. 221 // 222 // If this function returns false, that means we need to emit a 223 // dynamic relocation so that the relocation will be fixed at load-time. 224 static bool isStaticLinkTimeConstant(RelExpr e, RelType type, const Symbol &sym, 225 InputSectionBase &s, uint64_t relOff) { 226 // These expressions always compute a constant 227 if (oneof<R_GOTPLT, R_GOT_OFF, R_MIPS_GOT_LOCAL_PAGE, R_MIPS_GOTREL, 228 R_MIPS_GOT_OFF, R_MIPS_GOT_OFF32, R_MIPS_GOT_GP_PC, 229 R_AARCH64_GOT_PAGE_PC, R_GOT_PC, R_GOTONLY_PC, R_GOTPLTONLY_PC, 230 R_PLT_PC, R_PLT_GOTPLT, R_PPC32_PLTREL, R_PPC64_CALL_PLT, 231 R_PPC64_RELAX_TOC, R_RISCV_ADD, R_AARCH64_GOT_PAGE>(e)) 232 return true; 233 234 // These never do, except if the entire file is position dependent or if 235 // only the low bits are used. 236 if (e == R_GOT || e == R_PLT) 237 return target->usesOnlyLowPageBits(type) || !config->isPic; 238 239 if (sym.isPreemptible) 240 return false; 241 if (!config->isPic) 242 return true; 243 244 // The size of a non preemptible symbol is a constant. 245 if (e == R_SIZE) 246 return true; 247 248 // For the target and the relocation, we want to know if they are 249 // absolute or relative. 250 bool absVal = isAbsoluteValue(sym); 251 bool relE = isRelExpr(e); 252 if (absVal && !relE) 253 return true; 254 if (!absVal && relE) 255 return true; 256 if (!absVal && !relE) 257 return target->usesOnlyLowPageBits(type); 258 259 assert(absVal && relE); 260 261 // Allow R_PLT_PC (optimized to R_PC here) to a hidden undefined weak symbol 262 // in PIC mode. This is a little strange, but it allows us to link function 263 // calls to such symbols (e.g. glibc/stdlib/exit.c:__run_exit_handlers). 264 // Normally such a call will be guarded with a comparison, which will load a 265 // zero from the GOT. 266 if (sym.isUndefWeak()) 267 return true; 268 269 // We set the final symbols values for linker script defined symbols later. 270 // They always can be computed as a link time constant. 271 if (sym.scriptDefined) 272 return true; 273 274 error("relocation " + toString(type) + " cannot refer to absolute symbol: " + 275 toString(sym) + getLocation(s, sym, relOff)); 276 return true; 277 } 278 279 static RelExpr toPlt(RelExpr expr) { 280 switch (expr) { 281 case R_PPC64_CALL: 282 return R_PPC64_CALL_PLT; 283 case R_PC: 284 return R_PLT_PC; 285 case R_ABS: 286 return R_PLT; 287 default: 288 return expr; 289 } 290 } 291 292 static RelExpr fromPlt(RelExpr expr) { 293 // We decided not to use a plt. Optimize a reference to the plt to a 294 // reference to the symbol itself. 295 switch (expr) { 296 case R_PLT_PC: 297 case R_PPC32_PLTREL: 298 return R_PC; 299 case R_PPC64_CALL_PLT: 300 return R_PPC64_CALL; 301 case R_PLT: 302 return R_ABS; 303 case R_PLT_GOTPLT: 304 return R_GOTPLTREL; 305 default: 306 return expr; 307 } 308 } 309 310 // Returns true if a given shared symbol is in a read-only segment in a DSO. 311 template <class ELFT> static bool isReadOnly(SharedSymbol &ss) { 312 using Elf_Phdr = typename ELFT::Phdr; 313 314 // Determine if the symbol is read-only by scanning the DSO's program headers. 315 const SharedFile &file = ss.getFile(); 316 for (const Elf_Phdr &phdr : 317 check(file.template getObj<ELFT>().program_headers())) 318 if ((phdr.p_type == ELF::PT_LOAD || phdr.p_type == ELF::PT_GNU_RELRO) && 319 !(phdr.p_flags & ELF::PF_W) && ss.value >= phdr.p_vaddr && 320 ss.value < phdr.p_vaddr + phdr.p_memsz) 321 return true; 322 return false; 323 } 324 325 // Returns symbols at the same offset as a given symbol, including SS itself. 326 // 327 // If two or more symbols are at the same offset, and at least one of 328 // them are copied by a copy relocation, all of them need to be copied. 329 // Otherwise, they would refer to different places at runtime. 330 template <class ELFT> 331 static SmallSet<SharedSymbol *, 4> getSymbolsAt(SharedSymbol &ss) { 332 using Elf_Sym = typename ELFT::Sym; 333 334 SharedFile &file = ss.getFile(); 335 336 SmallSet<SharedSymbol *, 4> ret; 337 for (const Elf_Sym &s : file.template getGlobalELFSyms<ELFT>()) { 338 if (s.st_shndx == SHN_UNDEF || s.st_shndx == SHN_ABS || 339 s.getType() == STT_TLS || s.st_value != ss.value) 340 continue; 341 StringRef name = check(s.getName(file.getStringTable())); 342 Symbol *sym = symtab->find(name); 343 if (auto *alias = dyn_cast_or_null<SharedSymbol>(sym)) 344 ret.insert(alias); 345 } 346 347 // The loop does not check SHT_GNU_verneed, so ret does not contain 348 // non-default version symbols. If ss has a non-default version, ret won't 349 // contain ss. Just add ss unconditionally. If a non-default version alias is 350 // separately copy relocated, it and ss will have different addresses. 351 // Fortunately this case is impractical and fails with GNU ld as well. 352 ret.insert(&ss); 353 return ret; 354 } 355 356 // When a symbol is copy relocated or we create a canonical plt entry, it is 357 // effectively a defined symbol. In the case of copy relocation the symbol is 358 // in .bss and in the case of a canonical plt entry it is in .plt. This function 359 // replaces the existing symbol with a Defined pointing to the appropriate 360 // location. 361 static void replaceWithDefined(Symbol &sym, SectionBase *sec, uint64_t value, 362 uint64_t size) { 363 Symbol old = sym; 364 365 sym.replace(Defined{sym.file, sym.getName(), sym.binding, sym.stOther, 366 sym.type, value, size, sec}); 367 368 sym.pltIndex = old.pltIndex; 369 sym.gotIndex = old.gotIndex; 370 sym.verdefIndex = old.verdefIndex; 371 sym.exportDynamic = true; 372 sym.isUsedInRegularObj = true; 373 } 374 375 // Reserve space in .bss or .bss.rel.ro for copy relocation. 376 // 377 // The copy relocation is pretty much a hack. If you use a copy relocation 378 // in your program, not only the symbol name but the symbol's size, RW/RO 379 // bit and alignment become part of the ABI. In addition to that, if the 380 // symbol has aliases, the aliases become part of the ABI. That's subtle, 381 // but if you violate that implicit ABI, that can cause very counter- 382 // intuitive consequences. 383 // 384 // So, what is the copy relocation? It's for linking non-position 385 // independent code to DSOs. In an ideal world, all references to data 386 // exported by DSOs should go indirectly through GOT. But if object files 387 // are compiled as non-PIC, all data references are direct. There is no 388 // way for the linker to transform the code to use GOT, as machine 389 // instructions are already set in stone in object files. This is where 390 // the copy relocation takes a role. 391 // 392 // A copy relocation instructs the dynamic linker to copy data from a DSO 393 // to a specified address (which is usually in .bss) at load-time. If the 394 // static linker (that's us) finds a direct data reference to a DSO 395 // symbol, it creates a copy relocation, so that the symbol can be 396 // resolved as if it were in .bss rather than in a DSO. 397 // 398 // As you can see in this function, we create a copy relocation for the 399 // dynamic linker, and the relocation contains not only symbol name but 400 // various other information about the symbol. So, such attributes become a 401 // part of the ABI. 402 // 403 // Note for application developers: I can give you a piece of advice if 404 // you are writing a shared library. You probably should export only 405 // functions from your library. You shouldn't export variables. 406 // 407 // As an example what can happen when you export variables without knowing 408 // the semantics of copy relocations, assume that you have an exported 409 // variable of type T. It is an ABI-breaking change to add new members at 410 // end of T even though doing that doesn't change the layout of the 411 // existing members. That's because the space for the new members are not 412 // reserved in .bss unless you recompile the main program. That means they 413 // are likely to overlap with other data that happens to be laid out next 414 // to the variable in .bss. This kind of issue is sometimes very hard to 415 // debug. What's a solution? Instead of exporting a variable V from a DSO, 416 // define an accessor getV(). 417 template <class ELFT> static void addCopyRelSymbol(SharedSymbol &ss) { 418 // Copy relocation against zero-sized symbol doesn't make sense. 419 uint64_t symSize = ss.getSize(); 420 if (symSize == 0 || ss.alignment == 0) 421 fatal("cannot create a copy relocation for symbol " + toString(ss)); 422 423 // See if this symbol is in a read-only segment. If so, preserve the symbol's 424 // memory protection by reserving space in the .bss.rel.ro section. 425 bool isRO = isReadOnly<ELFT>(ss); 426 BssSection *sec = 427 make<BssSection>(isRO ? ".bss.rel.ro" : ".bss", symSize, ss.alignment); 428 OutputSection *osec = (isRO ? in.bssRelRo : in.bss)->getParent(); 429 430 // At this point, sectionBases has been migrated to sections. Append sec to 431 // sections. 432 if (osec->sectionCommands.empty() || 433 !isa<InputSectionDescription>(osec->sectionCommands.back())) 434 osec->sectionCommands.push_back(make<InputSectionDescription>("")); 435 auto *isd = cast<InputSectionDescription>(osec->sectionCommands.back()); 436 isd->sections.push_back(sec); 437 osec->commitSection(sec); 438 439 // Look through the DSO's dynamic symbol table for aliases and create a 440 // dynamic symbol for each one. This causes the copy relocation to correctly 441 // interpose any aliases. 442 for (SharedSymbol *sym : getSymbolsAt<ELFT>(ss)) 443 replaceWithDefined(*sym, sec, 0, sym->size); 444 445 mainPart->relaDyn->addSymbolReloc(target->copyRel, sec, 0, ss); 446 } 447 448 // MIPS has an odd notion of "paired" relocations to calculate addends. 449 // For example, if a relocation is of R_MIPS_HI16, there must be a 450 // R_MIPS_LO16 relocation after that, and an addend is calculated using 451 // the two relocations. 452 template <class ELFT, class RelTy> 453 static int64_t computeMipsAddend(const RelTy &rel, const RelTy *end, 454 InputSectionBase &sec, RelExpr expr, 455 bool isLocal) { 456 if (expr == R_MIPS_GOTREL && isLocal) 457 return sec.getFile<ELFT>()->mipsGp0; 458 459 // The ABI says that the paired relocation is used only for REL. 460 // See p. 4-17 at ftp://www.linux-mips.org/pub/linux/mips/doc/ABI/mipsabi.pdf 461 if (RelTy::IsRela) 462 return 0; 463 464 RelType type = rel.getType(config->isMips64EL); 465 uint32_t pairTy = getMipsPairType(type, isLocal); 466 if (pairTy == R_MIPS_NONE) 467 return 0; 468 469 const uint8_t *buf = sec.data().data(); 470 uint32_t symIndex = rel.getSymbol(config->isMips64EL); 471 472 // To make things worse, paired relocations might not be contiguous in 473 // the relocation table, so we need to do linear search. *sigh* 474 for (const RelTy *ri = &rel; ri != end; ++ri) 475 if (ri->getType(config->isMips64EL) == pairTy && 476 ri->getSymbol(config->isMips64EL) == symIndex) 477 return target->getImplicitAddend(buf + ri->r_offset, pairTy); 478 479 warn("can't find matching " + toString(pairTy) + " relocation for " + 480 toString(type)); 481 return 0; 482 } 483 484 // Returns an addend of a given relocation. If it is RELA, an addend 485 // is in a relocation itself. If it is REL, we need to read it from an 486 // input section. 487 template <class ELFT, class RelTy> 488 static int64_t computeAddend(const RelTy &rel, const RelTy *end, 489 InputSectionBase &sec, RelExpr expr, 490 bool isLocal) { 491 int64_t addend; 492 RelType type = rel.getType(config->isMips64EL); 493 494 if (RelTy::IsRela) { 495 addend = getAddend<ELFT>(rel); 496 } else { 497 const uint8_t *buf = sec.data().data(); 498 addend = target->getImplicitAddend(buf + rel.r_offset, type); 499 } 500 501 if (config->emachine == EM_PPC64 && config->isPic && type == R_PPC64_TOC) 502 addend += getPPC64TocBase(); 503 if (config->emachine == EM_MIPS) 504 addend += computeMipsAddend<ELFT>(rel, end, sec, expr, isLocal); 505 506 return addend; 507 } 508 509 // Custom error message if Sym is defined in a discarded section. 510 template <class ELFT> 511 static std::string maybeReportDiscarded(Undefined &sym) { 512 auto *file = dyn_cast_or_null<ObjFile<ELFT>>(sym.file); 513 if (!file || !sym.discardedSecIdx || 514 file->getSections()[sym.discardedSecIdx] != &InputSection::discarded) 515 return ""; 516 ArrayRef<Elf_Shdr_Impl<ELFT>> objSections = 517 CHECK(file->getObj().sections(), file); 518 519 std::string msg; 520 if (sym.type == ELF::STT_SECTION) { 521 msg = "relocation refers to a discarded section: "; 522 msg += CHECK( 523 file->getObj().getSectionName(objSections[sym.discardedSecIdx]), file); 524 } else { 525 msg = "relocation refers to a symbol in a discarded section: " + 526 toString(sym); 527 } 528 msg += "\n>>> defined in " + toString(file); 529 530 Elf_Shdr_Impl<ELFT> elfSec = objSections[sym.discardedSecIdx - 1]; 531 if (elfSec.sh_type != SHT_GROUP) 532 return msg; 533 534 // If the discarded section is a COMDAT. 535 StringRef signature = file->getShtGroupSignature(objSections, elfSec); 536 if (const InputFile *prevailing = 537 symtab->comdatGroups.lookup(CachedHashStringRef(signature))) 538 msg += "\n>>> section group signature: " + signature.str() + 539 "\n>>> prevailing definition is in " + toString(prevailing); 540 return msg; 541 } 542 543 // Undefined diagnostics are collected in a vector and emitted once all of 544 // them are known, so that some postprocessing on the list of undefined symbols 545 // can happen before lld emits diagnostics. 546 struct UndefinedDiag { 547 Symbol *sym; 548 struct Loc { 549 InputSectionBase *sec; 550 uint64_t offset; 551 }; 552 std::vector<Loc> locs; 553 bool isWarning; 554 }; 555 556 static std::vector<UndefinedDiag> undefs; 557 558 // Check whether the definition name def is a mangled function name that matches 559 // the reference name ref. 560 static bool canSuggestExternCForCXX(StringRef ref, StringRef def) { 561 llvm::ItaniumPartialDemangler d; 562 std::string name = def.str(); 563 if (d.partialDemangle(name.c_str())) 564 return false; 565 char *buf = d.getFunctionName(nullptr, nullptr); 566 if (!buf) 567 return false; 568 bool ret = ref == buf; 569 free(buf); 570 return ret; 571 } 572 573 // Suggest an alternative spelling of an "undefined symbol" diagnostic. Returns 574 // the suggested symbol, which is either in the symbol table, or in the same 575 // file of sym. 576 template <class ELFT> 577 static const Symbol *getAlternativeSpelling(const Undefined &sym, 578 std::string &pre_hint, 579 std::string &post_hint) { 580 DenseMap<StringRef, const Symbol *> map; 581 if (auto *file = dyn_cast_or_null<ObjFile<ELFT>>(sym.file)) { 582 // If sym is a symbol defined in a discarded section, maybeReportDiscarded() 583 // will give an error. Don't suggest an alternative spelling. 584 if (file && sym.discardedSecIdx != 0 && 585 file->getSections()[sym.discardedSecIdx] == &InputSection::discarded) 586 return nullptr; 587 588 // Build a map of local defined symbols. 589 for (const Symbol *s : sym.file->getSymbols()) 590 if (s->isLocal() && s->isDefined() && !s->getName().empty()) 591 map.try_emplace(s->getName(), s); 592 } 593 594 auto suggest = [&](StringRef newName) -> const Symbol * { 595 // If defined locally. 596 if (const Symbol *s = map.lookup(newName)) 597 return s; 598 599 // If in the symbol table and not undefined. 600 if (const Symbol *s = symtab->find(newName)) 601 if (!s->isUndefined()) 602 return s; 603 604 return nullptr; 605 }; 606 607 // This loop enumerates all strings of Levenshtein distance 1 as typo 608 // correction candidates and suggests the one that exists as a non-undefined 609 // symbol. 610 StringRef name = sym.getName(); 611 for (size_t i = 0, e = name.size(); i != e + 1; ++i) { 612 // Insert a character before name[i]. 613 std::string newName = (name.substr(0, i) + "0" + name.substr(i)).str(); 614 for (char c = '0'; c <= 'z'; ++c) { 615 newName[i] = c; 616 if (const Symbol *s = suggest(newName)) 617 return s; 618 } 619 if (i == e) 620 break; 621 622 // Substitute name[i]. 623 newName = std::string(name); 624 for (char c = '0'; c <= 'z'; ++c) { 625 newName[i] = c; 626 if (const Symbol *s = suggest(newName)) 627 return s; 628 } 629 630 // Transpose name[i] and name[i+1]. This is of edit distance 2 but it is 631 // common. 632 if (i + 1 < e) { 633 newName[i] = name[i + 1]; 634 newName[i + 1] = name[i]; 635 if (const Symbol *s = suggest(newName)) 636 return s; 637 } 638 639 // Delete name[i]. 640 newName = (name.substr(0, i) + name.substr(i + 1)).str(); 641 if (const Symbol *s = suggest(newName)) 642 return s; 643 } 644 645 // Case mismatch, e.g. Foo vs FOO. 646 for (auto &it : map) 647 if (name.equals_insensitive(it.first)) 648 return it.second; 649 for (Symbol *sym : symtab->symbols()) 650 if (!sym->isUndefined() && name.equals_insensitive(sym->getName())) 651 return sym; 652 653 // The reference may be a mangled name while the definition is not. Suggest a 654 // missing extern "C". 655 if (name.startswith("_Z")) { 656 std::string buf = name.str(); 657 llvm::ItaniumPartialDemangler d; 658 if (!d.partialDemangle(buf.c_str())) 659 if (char *buf = d.getFunctionName(nullptr, nullptr)) { 660 const Symbol *s = suggest(buf); 661 free(buf); 662 if (s) { 663 pre_hint = ": extern \"C\" "; 664 return s; 665 } 666 } 667 } else { 668 const Symbol *s = nullptr; 669 for (auto &it : map) 670 if (canSuggestExternCForCXX(name, it.first)) { 671 s = it.second; 672 break; 673 } 674 if (!s) 675 for (Symbol *sym : symtab->symbols()) 676 if (canSuggestExternCForCXX(name, sym->getName())) { 677 s = sym; 678 break; 679 } 680 if (s) { 681 pre_hint = " to declare "; 682 post_hint = " as extern \"C\"?"; 683 return s; 684 } 685 } 686 687 return nullptr; 688 } 689 690 template <class ELFT> 691 static void reportUndefinedSymbol(const UndefinedDiag &undef, 692 bool correctSpelling) { 693 Symbol &sym = *undef.sym; 694 695 auto visibility = [&]() -> std::string { 696 switch (sym.visibility) { 697 case STV_INTERNAL: 698 return "internal "; 699 case STV_HIDDEN: 700 return "hidden "; 701 case STV_PROTECTED: 702 return "protected "; 703 default: 704 return ""; 705 } 706 }; 707 708 std::string msg = maybeReportDiscarded<ELFT>(cast<Undefined>(sym)); 709 if (msg.empty()) 710 msg = "undefined " + visibility() + "symbol: " + toString(sym); 711 712 const size_t maxUndefReferences = 3; 713 size_t i = 0; 714 for (UndefinedDiag::Loc l : undef.locs) { 715 if (i >= maxUndefReferences) 716 break; 717 InputSectionBase &sec = *l.sec; 718 uint64_t offset = l.offset; 719 720 msg += "\n>>> referenced by "; 721 std::string src = sec.getSrcMsg(sym, offset); 722 if (!src.empty()) 723 msg += src + "\n>>> "; 724 msg += sec.getObjMsg(offset); 725 i++; 726 } 727 728 if (i < undef.locs.size()) 729 msg += ("\n>>> referenced " + Twine(undef.locs.size() - i) + " more times") 730 .str(); 731 732 if (correctSpelling) { 733 std::string pre_hint = ": ", post_hint; 734 if (const Symbol *corrected = getAlternativeSpelling<ELFT>( 735 cast<Undefined>(sym), pre_hint, post_hint)) { 736 msg += "\n>>> did you mean" + pre_hint + toString(*corrected) + post_hint; 737 if (corrected->file) 738 msg += "\n>>> defined in: " + toString(corrected->file); 739 } 740 } 741 742 if (sym.getName().startswith("_ZTV")) 743 msg += 744 "\n>>> the vtable symbol may be undefined because the class is missing " 745 "its key function (see https://lld.llvm.org/missingkeyfunction)"; 746 747 if (undef.isWarning) 748 warn(msg); 749 else 750 error(msg, ErrorTag::SymbolNotFound, {sym.getName()}); 751 } 752 753 template <class ELFT> void elf::reportUndefinedSymbols() { 754 // Find the first "undefined symbol" diagnostic for each diagnostic, and 755 // collect all "referenced from" lines at the first diagnostic. 756 DenseMap<Symbol *, UndefinedDiag *> firstRef; 757 for (UndefinedDiag &undef : undefs) { 758 assert(undef.locs.size() == 1); 759 if (UndefinedDiag *canon = firstRef.lookup(undef.sym)) { 760 canon->locs.push_back(undef.locs[0]); 761 undef.locs.clear(); 762 } else 763 firstRef[undef.sym] = &undef; 764 } 765 766 // Enable spell corrector for the first 2 diagnostics. 767 for (auto it : enumerate(undefs)) 768 if (!it.value().locs.empty()) 769 reportUndefinedSymbol<ELFT>(it.value(), it.index() < 2); 770 undefs.clear(); 771 } 772 773 // Report an undefined symbol if necessary. 774 // Returns true if the undefined symbol will produce an error message. 775 static bool maybeReportUndefined(Symbol &sym, InputSectionBase &sec, 776 uint64_t offset) { 777 if (!sym.isUndefined()) 778 return false; 779 // If versioned, issue an error (even if the symbol is weak) because we don't 780 // know the defining filename which is required to construct a Verneed entry. 781 if (*sym.getVersionSuffix() == '@') { 782 undefs.push_back({&sym, {{&sec, offset}}, false}); 783 return true; 784 } 785 if (sym.isWeak()) 786 return false; 787 788 bool canBeExternal = !sym.isLocal() && sym.visibility == STV_DEFAULT; 789 if (config->unresolvedSymbols == UnresolvedPolicy::Ignore && canBeExternal) 790 return false; 791 792 // clang (as of 2019-06-12) / gcc (as of 8.2.1) PPC64 may emit a .rela.toc 793 // which references a switch table in a discarded .rodata/.text section. The 794 // .toc and the .rela.toc are incorrectly not placed in the comdat. The ELF 795 // spec says references from outside the group to a STB_LOCAL symbol are not 796 // allowed. Work around the bug. 797 // 798 // PPC32 .got2 is similar but cannot be fixed. Multiple .got2 is infeasible 799 // because .LC0-.LTOC is not representable if the two labels are in different 800 // .got2 801 if (cast<Undefined>(sym).discardedSecIdx != 0 && 802 (sec.name == ".got2" || sec.name == ".toc")) 803 return false; 804 805 bool isWarning = 806 (config->unresolvedSymbols == UnresolvedPolicy::Warn && canBeExternal) || 807 config->noinhibitExec; 808 undefs.push_back({&sym, {{&sec, offset}}, isWarning}); 809 return !isWarning; 810 } 811 812 // MIPS N32 ABI treats series of successive relocations with the same offset 813 // as a single relocation. The similar approach used by N64 ABI, but this ABI 814 // packs all relocations into the single relocation record. Here we emulate 815 // this for the N32 ABI. Iterate over relocation with the same offset and put 816 // theirs types into the single bit-set. 817 template <class RelTy> static RelType getMipsN32RelType(RelTy *&rel, RelTy *end) { 818 RelType type = 0; 819 uint64_t offset = rel->r_offset; 820 821 int n = 0; 822 while (rel != end && rel->r_offset == offset) 823 type |= (rel++)->getType(config->isMips64EL) << (8 * n++); 824 return type; 825 } 826 827 // .eh_frame sections are mergeable input sections, so their input 828 // offsets are not linearly mapped to output section. For each input 829 // offset, we need to find a section piece containing the offset and 830 // add the piece's base address to the input offset to compute the 831 // output offset. That isn't cheap. 832 // 833 // This class is to speed up the offset computation. When we process 834 // relocations, we access offsets in the monotonically increasing 835 // order. So we can optimize for that access pattern. 836 // 837 // For sections other than .eh_frame, this class doesn't do anything. 838 namespace { 839 class OffsetGetter { 840 public: 841 explicit OffsetGetter(InputSectionBase &sec) { 842 if (auto *eh = dyn_cast<EhInputSection>(&sec)) 843 pieces = eh->pieces; 844 } 845 846 // Translates offsets in input sections to offsets in output sections. 847 // Given offset must increase monotonically. We assume that Piece is 848 // sorted by inputOff. 849 uint64_t get(uint64_t off) { 850 if (pieces.empty()) 851 return off; 852 853 while (i != pieces.size() && pieces[i].inputOff + pieces[i].size <= off) 854 ++i; 855 if (i == pieces.size()) 856 fatal(".eh_frame: relocation is not in any piece"); 857 858 // Pieces must be contiguous, so there must be no holes in between. 859 assert(pieces[i].inputOff <= off && "Relocation not in any piece"); 860 861 // Offset -1 means that the piece is dead (i.e. garbage collected). 862 if (pieces[i].outputOff == -1) 863 return -1; 864 return pieces[i].outputOff + off - pieces[i].inputOff; 865 } 866 867 private: 868 ArrayRef<EhSectionPiece> pieces; 869 size_t i = 0; 870 }; 871 } // namespace 872 873 static void addRelativeReloc(InputSectionBase *isec, uint64_t offsetInSec, 874 Symbol &sym, int64_t addend, RelExpr expr, 875 RelType type) { 876 Partition &part = isec->getPartition(); 877 878 // Add a relative relocation. If relrDyn section is enabled, and the 879 // relocation offset is guaranteed to be even, add the relocation to 880 // the relrDyn section, otherwise add it to the relaDyn section. 881 // relrDyn sections don't support odd offsets. Also, relrDyn sections 882 // don't store the addend values, so we must write it to the relocated 883 // address. 884 if (part.relrDyn && isec->alignment >= 2 && offsetInSec % 2 == 0) { 885 isec->relocations.push_back({expr, type, offsetInSec, addend, &sym}); 886 part.relrDyn->relocs.push_back({isec, offsetInSec}); 887 return; 888 } 889 part.relaDyn->addRelativeReloc(target->relativeRel, isec, offsetInSec, sym, 890 addend, type, expr); 891 } 892 893 template <class PltSection, class GotPltSection> 894 static void addPltEntry(PltSection *plt, GotPltSection *gotPlt, 895 RelocationBaseSection *rel, RelType type, Symbol &sym) { 896 plt->addEntry(sym); 897 gotPlt->addEntry(sym); 898 rel->addReloc({type, gotPlt, sym.getGotPltOffset(), 899 sym.isPreemptible ? DynamicReloc::AgainstSymbol 900 : DynamicReloc::AddendOnlyWithTargetVA, 901 sym, 0, R_ABS}); 902 } 903 904 static void addGotEntry(Symbol &sym) { 905 in.got->addEntry(sym); 906 uint64_t off = sym.getGotOffset(); 907 908 // If preemptible, emit a GLOB_DAT relocation. 909 if (sym.isPreemptible) { 910 mainPart->relaDyn->addReloc({target->gotRel, in.got, off, 911 DynamicReloc::AgainstSymbol, sym, 0, R_ABS}); 912 return; 913 } 914 915 // Otherwise, the value is either a link-time constant or the load base 916 // plus a constant. 917 if (!config->isPic || isAbsolute(sym)) 918 in.got->relocations.push_back({R_ABS, target->symbolicRel, off, 0, &sym}); 919 else 920 addRelativeReloc(in.got, off, sym, 0, R_ABS, target->symbolicRel); 921 } 922 923 static void addTpOffsetGotEntry(Symbol &sym) { 924 in.got->addEntry(sym); 925 uint64_t off = sym.getGotOffset(); 926 if (!sym.isPreemptible && !config->isPic) { 927 in.got->relocations.push_back({R_TPREL, target->symbolicRel, off, 0, &sym}); 928 return; 929 } 930 mainPart->relaDyn->addAddendOnlyRelocIfNonPreemptible( 931 target->tlsGotRel, in.got, off, sym, target->symbolicRel); 932 } 933 934 // Return true if we can define a symbol in the executable that 935 // contains the value/function of a symbol defined in a shared 936 // library. 937 static bool canDefineSymbolInExecutable(Symbol &sym) { 938 // If the symbol has default visibility the symbol defined in the 939 // executable will preempt it. 940 // Note that we want the visibility of the shared symbol itself, not 941 // the visibility of the symbol in the output file we are producing. That is 942 // why we use Sym.stOther. 943 if ((sym.stOther & 0x3) == STV_DEFAULT) 944 return true; 945 946 // If we are allowed to break address equality of functions, defining 947 // a plt entry will allow the program to call the function in the 948 // .so, but the .so and the executable will no agree on the address 949 // of the function. Similar logic for objects. 950 return ((sym.isFunc() && config->ignoreFunctionAddressEquality) || 951 (sym.isObject() && config->ignoreDataAddressEquality)); 952 } 953 954 // The reason we have to do this early scan is as follows 955 // * To mmap the output file, we need to know the size 956 // * For that, we need to know how many dynamic relocs we will have. 957 // It might be possible to avoid this by outputting the file with write: 958 // * Write the allocated output sections, computing addresses. 959 // * Apply relocations, recording which ones require a dynamic reloc. 960 // * Write the dynamic relocations. 961 // * Write the rest of the file. 962 // This would have some drawbacks. For example, we would only know if .rela.dyn 963 // is needed after applying relocations. If it is, it will go after rw and rx 964 // sections. Given that it is ro, we will need an extra PT_LOAD. This 965 // complicates things for the dynamic linker and means we would have to reserve 966 // space for the extra PT_LOAD even if we end up not using it. 967 template <class ELFT> 968 static void processRelocAux(InputSectionBase &sec, RelExpr expr, RelType type, 969 uint64_t offset, Symbol &sym, int64_t addend) { 970 // If the relocation is known to be a link-time constant, we know no dynamic 971 // relocation will be created, pass the control to relocateAlloc() or 972 // relocateNonAlloc() to resolve it. 973 // 974 // The behavior of an undefined weak reference is implementation defined. For 975 // non-link-time constants, we resolve relocations statically (let 976 // relocate{,Non}Alloc() resolve them) for -no-pie and try producing dynamic 977 // relocations for -pie and -shared. 978 // 979 // The general expectation of -no-pie static linking is that there is no 980 // dynamic relocation (except IRELATIVE). Emitting dynamic relocations for 981 // -shared matches the spirit of its -z undefs default. -pie has freedom on 982 // choices, and we choose dynamic relocations to be consistent with the 983 // handling of GOT-generating relocations. 984 if (isStaticLinkTimeConstant(expr, type, sym, sec, offset) || 985 (!config->isPic && sym.isUndefWeak())) { 986 sec.relocations.push_back({expr, type, offset, addend, &sym}); 987 return; 988 } 989 990 bool canWrite = (sec.flags & SHF_WRITE) || !config->zText; 991 if (canWrite) { 992 RelType rel = target->getDynRel(type); 993 if (expr == R_GOT || (rel == target->symbolicRel && !sym.isPreemptible)) { 994 addRelativeReloc(&sec, offset, sym, addend, expr, type); 995 return; 996 } else if (rel != 0) { 997 if (config->emachine == EM_MIPS && rel == target->symbolicRel) 998 rel = target->relativeRel; 999 sec.getPartition().relaDyn->addSymbolReloc(rel, &sec, offset, sym, addend, 1000 type); 1001 1002 // MIPS ABI turns using of GOT and dynamic relocations inside out. 1003 // While regular ABI uses dynamic relocations to fill up GOT entries 1004 // MIPS ABI requires dynamic linker to fills up GOT entries using 1005 // specially sorted dynamic symbol table. This affects even dynamic 1006 // relocations against symbols which do not require GOT entries 1007 // creation explicitly, i.e. do not have any GOT-relocations. So if 1008 // a preemptible symbol has a dynamic relocation we anyway have 1009 // to create a GOT entry for it. 1010 // If a non-preemptible symbol has a dynamic relocation against it, 1011 // dynamic linker takes it st_value, adds offset and writes down 1012 // result of the dynamic relocation. In case of preemptible symbol 1013 // dynamic linker performs symbol resolution, writes the symbol value 1014 // to the GOT entry and reads the GOT entry when it needs to perform 1015 // a dynamic relocation. 1016 // ftp://www.linux-mips.org/pub/linux/mips/doc/ABI/mipsabi.pdf p.4-19 1017 if (config->emachine == EM_MIPS) 1018 in.mipsGot->addEntry(*sec.file, sym, addend, expr); 1019 return; 1020 } 1021 } 1022 1023 // When producing an executable, we can perform copy relocations (for 1024 // STT_OBJECT) and canonical PLT (for STT_FUNC). 1025 if (!config->shared) { 1026 if (!canDefineSymbolInExecutable(sym)) { 1027 errorOrWarn("cannot preempt symbol: " + toString(sym) + 1028 getLocation(sec, sym, offset)); 1029 return; 1030 } 1031 1032 if (sym.isObject()) { 1033 // Produce a copy relocation. 1034 if (auto *ss = dyn_cast<SharedSymbol>(&sym)) { 1035 if (!config->zCopyreloc) 1036 error("unresolvable relocation " + toString(type) + 1037 " against symbol '" + toString(*ss) + 1038 "'; recompile with -fPIC or remove '-z nocopyreloc'" + 1039 getLocation(sec, sym, offset)); 1040 addCopyRelSymbol<ELFT>(*ss); 1041 } 1042 sec.relocations.push_back({expr, type, offset, addend, &sym}); 1043 return; 1044 } 1045 1046 // This handles a non PIC program call to function in a shared library. In 1047 // an ideal world, we could just report an error saying the relocation can 1048 // overflow at runtime. In the real world with glibc, crt1.o has a 1049 // R_X86_64_PC32 pointing to libc.so. 1050 // 1051 // The general idea on how to handle such cases is to create a PLT entry and 1052 // use that as the function value. 1053 // 1054 // For the static linking part, we just return a plt expr and everything 1055 // else will use the PLT entry as the address. 1056 // 1057 // The remaining problem is making sure pointer equality still works. We 1058 // need the help of the dynamic linker for that. We let it know that we have 1059 // a direct reference to a so symbol by creating an undefined symbol with a 1060 // non zero st_value. Seeing that, the dynamic linker resolves the symbol to 1061 // the value of the symbol we created. This is true even for got entries, so 1062 // pointer equality is maintained. To avoid an infinite loop, the only entry 1063 // that points to the real function is a dedicated got entry used by the 1064 // plt. That is identified by special relocation types (R_X86_64_JUMP_SLOT, 1065 // R_386_JMP_SLOT, etc). 1066 1067 // For position independent executable on i386, the plt entry requires ebx 1068 // to be set. This causes two problems: 1069 // * If some code has a direct reference to a function, it was probably 1070 // compiled without -fPIE/-fPIC and doesn't maintain ebx. 1071 // * If a library definition gets preempted to the executable, it will have 1072 // the wrong ebx value. 1073 if (sym.isFunc()) { 1074 if (config->pie && config->emachine == EM_386) 1075 errorOrWarn("symbol '" + toString(sym) + 1076 "' cannot be preempted; recompile with -fPIE" + 1077 getLocation(sec, sym, offset)); 1078 if (!sym.isInPlt()) 1079 addPltEntry(in.plt, in.gotPlt, in.relaPlt, target->pltRel, sym); 1080 if (!sym.isDefined()) { 1081 replaceWithDefined( 1082 sym, in.plt, 1083 target->pltHeaderSize + target->pltEntrySize * sym.pltIndex, 0); 1084 if (config->emachine == EM_PPC) { 1085 // PPC32 canonical PLT entries are at the beginning of .glink 1086 cast<Defined>(sym).value = in.plt->headerSize; 1087 in.plt->headerSize += 16; 1088 cast<PPC32GlinkSection>(in.plt)->canonical_plts.push_back(&sym); 1089 } 1090 } 1091 sym.needsPltAddr = true; 1092 sec.relocations.push_back({expr, type, offset, addend, &sym}); 1093 return; 1094 } 1095 } 1096 1097 errorOrWarn("relocation " + toString(type) + " cannot be used against " + 1098 (sym.getName().empty() ? "local symbol" 1099 : "symbol '" + toString(sym) + "'") + 1100 "; recompile with -fPIC" + getLocation(sec, sym, offset)); 1101 } 1102 1103 // This function is similar to the `handleTlsRelocation`. MIPS does not 1104 // support any relaxations for TLS relocations so by factoring out MIPS 1105 // handling in to the separate function we can simplify the code and do not 1106 // pollute other `handleTlsRelocation` by MIPS `ifs` statements. 1107 // Mips has a custom MipsGotSection that handles the writing of GOT entries 1108 // without dynamic relocations. 1109 static unsigned handleMipsTlsRelocation(RelType type, Symbol &sym, 1110 InputSectionBase &c, uint64_t offset, 1111 int64_t addend, RelExpr expr) { 1112 if (expr == R_MIPS_TLSLD) { 1113 in.mipsGot->addTlsIndex(*c.file); 1114 c.relocations.push_back({expr, type, offset, addend, &sym}); 1115 return 1; 1116 } 1117 if (expr == R_MIPS_TLSGD) { 1118 in.mipsGot->addDynTlsEntry(*c.file, sym); 1119 c.relocations.push_back({expr, type, offset, addend, &sym}); 1120 return 1; 1121 } 1122 return 0; 1123 } 1124 1125 // Notes about General Dynamic and Local Dynamic TLS models below. They may 1126 // require the generation of a pair of GOT entries that have associated dynamic 1127 // relocations. The pair of GOT entries created are of the form GOT[e0] Module 1128 // Index (Used to find pointer to TLS block at run-time) GOT[e1] Offset of 1129 // symbol in TLS block. 1130 // 1131 // Returns the number of relocations processed. 1132 template <class ELFT> 1133 static unsigned 1134 handleTlsRelocation(RelType type, Symbol &sym, InputSectionBase &c, 1135 typename ELFT::uint offset, int64_t addend, RelExpr expr) { 1136 if (!sym.isTls()) 1137 return 0; 1138 1139 if (config->emachine == EM_MIPS) 1140 return handleMipsTlsRelocation(type, sym, c, offset, addend, expr); 1141 1142 if (oneof<R_AARCH64_TLSDESC_PAGE, R_TLSDESC, R_TLSDESC_CALL, R_TLSDESC_PC, 1143 R_TLSDESC_GOTPLT>(expr) && 1144 config->shared) { 1145 if (in.got->addDynTlsEntry(sym)) { 1146 uint64_t off = in.got->getGlobalDynOffset(sym); 1147 mainPart->relaDyn->addAddendOnlyRelocIfNonPreemptible( 1148 target->tlsDescRel, in.got, off, sym, target->tlsDescRel); 1149 } 1150 if (expr != R_TLSDESC_CALL) 1151 c.relocations.push_back({expr, type, offset, addend, &sym}); 1152 return 1; 1153 } 1154 1155 // ARM, Hexagon and RISC-V do not support GD/LD to IE/LE relaxation. For 1156 // PPC64, if the file has missing R_PPC64_TLSGD/R_PPC64_TLSLD, disable 1157 // relaxation as well. 1158 bool toExecRelax = !config->shared && config->emachine != EM_ARM && 1159 config->emachine != EM_HEXAGON && 1160 config->emachine != EM_RISCV && 1161 !c.file->ppc64DisableTLSRelax; 1162 1163 // If we are producing an executable and the symbol is non-preemptable, it 1164 // must be defined and the code sequence can be relaxed to use Local-Exec. 1165 // 1166 // ARM and RISC-V do not support any relaxations for TLS relocations, however, 1167 // we can omit the DTPMOD dynamic relocations and resolve them at link time 1168 // because them are always 1. This may be necessary for static linking as 1169 // DTPMOD may not be expected at load time. 1170 bool isLocalInExecutable = !sym.isPreemptible && !config->shared; 1171 1172 // Local Dynamic is for access to module local TLS variables, while still 1173 // being suitable for being dynamically loaded via dlopen. GOT[e0] is the 1174 // module index, with a special value of 0 for the current module. GOT[e1] is 1175 // unused. There only needs to be one module index entry. 1176 if (oneof<R_TLSLD_GOT, R_TLSLD_GOTPLT, R_TLSLD_PC, R_TLSLD_HINT>( 1177 expr)) { 1178 // Local-Dynamic relocs can be relaxed to Local-Exec. 1179 if (toExecRelax) { 1180 c.relocations.push_back( 1181 {target->adjustTlsExpr(type, R_RELAX_TLS_LD_TO_LE), type, offset, 1182 addend, &sym}); 1183 return target->getTlsGdRelaxSkip(type); 1184 } 1185 if (expr == R_TLSLD_HINT) 1186 return 1; 1187 if (in.got->addTlsIndex()) { 1188 if (isLocalInExecutable) 1189 in.got->relocations.push_back( 1190 {R_ADDEND, target->symbolicRel, in.got->getTlsIndexOff(), 1, &sym}); 1191 else 1192 mainPart->relaDyn->addReloc( 1193 {target->tlsModuleIndexRel, in.got, in.got->getTlsIndexOff()}); 1194 } 1195 c.relocations.push_back({expr, type, offset, addend, &sym}); 1196 return 1; 1197 } 1198 1199 // Local-Dynamic relocs can be relaxed to Local-Exec. 1200 if (expr == R_DTPREL) { 1201 if (toExecRelax) 1202 expr = target->adjustTlsExpr(type, R_RELAX_TLS_LD_TO_LE); 1203 c.relocations.push_back({expr, type, offset, addend, &sym}); 1204 return 1; 1205 } 1206 1207 // Local-Dynamic sequence where offset of tls variable relative to dynamic 1208 // thread pointer is stored in the got. This cannot be relaxed to Local-Exec. 1209 if (expr == R_TLSLD_GOT_OFF) { 1210 if (!sym.isInGot()) { 1211 in.got->addEntry(sym); 1212 uint64_t off = sym.getGotOffset(); 1213 in.got->relocations.push_back( 1214 {R_ABS, target->tlsOffsetRel, off, 0, &sym}); 1215 } 1216 c.relocations.push_back({expr, type, offset, addend, &sym}); 1217 return 1; 1218 } 1219 1220 if (oneof<R_AARCH64_TLSDESC_PAGE, R_TLSDESC, R_TLSDESC_CALL, R_TLSDESC_PC, 1221 R_TLSDESC_GOTPLT, R_TLSGD_GOT, R_TLSGD_GOTPLT, R_TLSGD_PC>(expr)) { 1222 if (!toExecRelax) { 1223 if (in.got->addDynTlsEntry(sym)) { 1224 uint64_t off = in.got->getGlobalDynOffset(sym); 1225 1226 if (isLocalInExecutable) 1227 // Write one to the GOT slot. 1228 in.got->relocations.push_back( 1229 {R_ADDEND, target->symbolicRel, off, 1, &sym}); 1230 else 1231 mainPart->relaDyn->addSymbolReloc(target->tlsModuleIndexRel, in.got, 1232 off, sym); 1233 1234 // If the symbol is preemptible we need the dynamic linker to write 1235 // the offset too. 1236 uint64_t offsetOff = off + config->wordsize; 1237 if (sym.isPreemptible) 1238 mainPart->relaDyn->addSymbolReloc(target->tlsOffsetRel, in.got, 1239 offsetOff, sym); 1240 else 1241 in.got->relocations.push_back( 1242 {R_ABS, target->tlsOffsetRel, offsetOff, 0, &sym}); 1243 } 1244 c.relocations.push_back({expr, type, offset, addend, &sym}); 1245 return 1; 1246 } 1247 1248 // Global-Dynamic relocs can be relaxed to Initial-Exec or Local-Exec 1249 // depending on the symbol being locally defined or not. 1250 if (sym.isPreemptible) { 1251 c.relocations.push_back( 1252 {target->adjustTlsExpr(type, R_RELAX_TLS_GD_TO_IE), type, offset, 1253 addend, &sym}); 1254 if (!sym.isInGot()) { 1255 in.got->addEntry(sym); 1256 mainPart->relaDyn->addSymbolReloc(target->tlsGotRel, in.got, 1257 sym.getGotOffset(), sym); 1258 } 1259 } else { 1260 c.relocations.push_back( 1261 {target->adjustTlsExpr(type, R_RELAX_TLS_GD_TO_LE), type, offset, 1262 addend, &sym}); 1263 } 1264 return target->getTlsGdRelaxSkip(type); 1265 } 1266 1267 if (oneof<R_GOT, R_GOTPLT, R_GOT_PC, R_AARCH64_GOT_PAGE_PC, R_GOT_OFF, 1268 R_TLSIE_HINT>(expr)) { 1269 // Initial-Exec relocs can be relaxed to Local-Exec if the symbol is locally 1270 // defined. 1271 if (toExecRelax && isLocalInExecutable) { 1272 c.relocations.push_back( 1273 {R_RELAX_TLS_IE_TO_LE, type, offset, addend, &sym}); 1274 } else if (expr != R_TLSIE_HINT) { 1275 if (!sym.isInGot()) 1276 addTpOffsetGotEntry(sym); 1277 // R_GOT needs a relative relocation for PIC on i386 and Hexagon. 1278 if (expr == R_GOT && config->isPic && !target->usesOnlyLowPageBits(type)) 1279 addRelativeReloc(&c, offset, sym, addend, expr, type); 1280 else 1281 c.relocations.push_back({expr, type, offset, addend, &sym}); 1282 } 1283 return 1; 1284 } 1285 1286 return 0; 1287 } 1288 1289 template <class ELFT, class RelTy> 1290 static void scanReloc(InputSectionBase &sec, OffsetGetter &getOffset, RelTy *&i, 1291 RelTy *start, RelTy *end) { 1292 const RelTy &rel = *i; 1293 uint32_t symIndex = rel.getSymbol(config->isMips64EL); 1294 Symbol &sym = sec.getFile<ELFT>()->getSymbol(symIndex); 1295 RelType type; 1296 1297 // Deal with MIPS oddity. 1298 if (config->mipsN32Abi) { 1299 type = getMipsN32RelType(i, end); 1300 } else { 1301 type = rel.getType(config->isMips64EL); 1302 ++i; 1303 } 1304 1305 // Get an offset in an output section this relocation is applied to. 1306 uint64_t offset = getOffset.get(rel.r_offset); 1307 if (offset == uint64_t(-1)) 1308 return; 1309 1310 // Error if the target symbol is undefined. Symbol index 0 may be used by 1311 // marker relocations, e.g. R_*_NONE and R_ARM_V4BX. Don't error on them. 1312 if (symIndex != 0 && maybeReportUndefined(sym, sec, rel.r_offset)) 1313 return; 1314 1315 const uint8_t *relocatedAddr = sec.data().begin() + rel.r_offset; 1316 RelExpr expr = target->getRelExpr(type, sym, relocatedAddr); 1317 1318 // Ignore R_*_NONE and other marker relocations. 1319 if (expr == R_NONE) 1320 return; 1321 1322 // Read an addend. 1323 int64_t addend = computeAddend<ELFT>(rel, end, sec, expr, sym.isLocal()); 1324 1325 if (config->emachine == EM_PPC64) { 1326 // We can separate the small code model relocations into 2 categories: 1327 // 1) Those that access the compiler generated .toc sections. 1328 // 2) Those that access the linker allocated got entries. 1329 // lld allocates got entries to symbols on demand. Since we don't try to 1330 // sort the got entries in any way, we don't have to track which objects 1331 // have got-based small code model relocs. The .toc sections get placed 1332 // after the end of the linker allocated .got section and we do sort those 1333 // so sections addressed with small code model relocations come first. 1334 if (isPPC64SmallCodeModelTocReloc(type)) 1335 sec.file->ppc64SmallCodeModelTocRelocs = true; 1336 1337 // Record the TOC entry (.toc + addend) as not relaxable. See the comment in 1338 // InputSectionBase::relocateAlloc(). 1339 if (type == R_PPC64_TOC16_LO && sym.isSection() && isa<Defined>(sym) && 1340 cast<Defined>(sym).section->name == ".toc") 1341 ppc64noTocRelax.insert({&sym, addend}); 1342 1343 if ((type == R_PPC64_TLSGD && expr == R_TLSDESC_CALL) || 1344 (type == R_PPC64_TLSLD && expr == R_TLSLD_HINT)) { 1345 if (i == end) { 1346 errorOrWarn("R_PPC64_TLSGD/R_PPC64_TLSLD may not be the last " 1347 "relocation" + 1348 getLocation(sec, sym, offset)); 1349 return; 1350 } 1351 1352 // Offset the 4-byte aligned R_PPC64_TLSGD by one byte in the NOTOC case, 1353 // so we can discern it later from the toc-case. 1354 if (i->getType(/*isMips64EL=*/false) == R_PPC64_REL24_NOTOC) 1355 ++offset; 1356 } 1357 } 1358 1359 // Relax relocations. 1360 // 1361 // If we know that a PLT entry will be resolved within the same ELF module, we 1362 // can skip PLT access and directly jump to the destination function. For 1363 // example, if we are linking a main executable, all dynamic symbols that can 1364 // be resolved within the executable will actually be resolved that way at 1365 // runtime, because the main executable is always at the beginning of a search 1366 // list. We can leverage that fact. 1367 if (!sym.isPreemptible && (!sym.isGnuIFunc() || config->zIfuncNoplt)) { 1368 if (expr != R_GOT_PC) { 1369 // The 0x8000 bit of r_addend of R_PPC_PLTREL24 is used to choose call 1370 // stub type. It should be ignored if optimized to R_PC. 1371 if (config->emachine == EM_PPC && expr == R_PPC32_PLTREL) 1372 addend &= ~0x8000; 1373 // R_HEX_GD_PLT_B22_PCREL (call a@GDPLT) is transformed into 1374 // call __tls_get_addr even if the symbol is non-preemptible. 1375 if (!(config->emachine == EM_HEXAGON && 1376 (type == R_HEX_GD_PLT_B22_PCREL || 1377 type == R_HEX_GD_PLT_B22_PCREL_X || 1378 type == R_HEX_GD_PLT_B32_PCREL_X))) 1379 expr = fromPlt(expr); 1380 } else if (!isAbsoluteValue(sym)) { 1381 expr = target->adjustGotPcExpr(type, addend, relocatedAddr); 1382 } 1383 } 1384 1385 // If the relocation does not emit a GOT or GOTPLT entry but its computation 1386 // uses their addresses, we need GOT or GOTPLT to be created. 1387 // 1388 // The 5 types that relative GOTPLT are all x86 and x86-64 specific. 1389 if (oneof<R_GOTPLTONLY_PC, R_GOTPLTREL, R_GOTPLT, R_PLT_GOTPLT, 1390 R_TLSDESC_GOTPLT, R_TLSGD_GOTPLT>(expr)) { 1391 in.gotPlt->hasGotPltOffRel = true; 1392 } else if (oneof<R_GOTONLY_PC, R_GOTREL, R_PPC64_TOCBASE, R_PPC64_RELAX_TOC>( 1393 expr)) { 1394 in.got->hasGotOffRel = true; 1395 } 1396 1397 // Process TLS relocations, including relaxing TLS relocations. Note that 1398 // R_TPREL and R_TPREL_NEG relocations are resolved in processRelocAux. 1399 if (expr == R_TPREL || expr == R_TPREL_NEG) { 1400 if (config->shared) { 1401 errorOrWarn("relocation " + toString(type) + " against " + toString(sym) + 1402 " cannot be used with -shared" + 1403 getLocation(sec, sym, offset)); 1404 return; 1405 } 1406 } else if (unsigned processed = handleTlsRelocation<ELFT>( 1407 type, sym, sec, offset, addend, expr)) { 1408 i += (processed - 1); 1409 return; 1410 } 1411 1412 // We were asked not to generate PLT entries for ifuncs. Instead, pass the 1413 // direct relocation on through. 1414 if (sym.isGnuIFunc() && config->zIfuncNoplt) { 1415 sym.exportDynamic = true; 1416 mainPart->relaDyn->addSymbolReloc(type, &sec, offset, sym, addend, type); 1417 return; 1418 } 1419 1420 // Non-preemptible ifuncs require special handling. First, handle the usual 1421 // case where the symbol isn't one of these. 1422 if (!sym.isGnuIFunc() || sym.isPreemptible) { 1423 // If a relocation needs PLT, we create PLT and GOTPLT slots for the symbol. 1424 if (needsPlt(expr) && !sym.isInPlt()) 1425 addPltEntry(in.plt, in.gotPlt, in.relaPlt, target->pltRel, sym); 1426 1427 // Create a GOT slot if a relocation needs GOT. 1428 if (needsGot(expr)) { 1429 if (config->emachine == EM_MIPS) { 1430 // MIPS ABI has special rules to process GOT entries and doesn't 1431 // require relocation entries for them. A special case is TLS 1432 // relocations. In that case dynamic loader applies dynamic 1433 // relocations to initialize TLS GOT entries. 1434 // See "Global Offset Table" in Chapter 5 in the following document 1435 // for detailed description: 1436 // ftp://www.linux-mips.org/pub/linux/mips/doc/ABI/mipsabi.pdf 1437 in.mipsGot->addEntry(*sec.file, sym, addend, expr); 1438 } else if (!sym.isInGot()) { 1439 addGotEntry(sym); 1440 } 1441 } 1442 } else { 1443 // Handle a reference to a non-preemptible ifunc. These are special in a 1444 // few ways: 1445 // 1446 // - Unlike most non-preemptible symbols, non-preemptible ifuncs do not have 1447 // a fixed value. But assuming that all references to the ifunc are 1448 // GOT-generating or PLT-generating, the handling of an ifunc is 1449 // relatively straightforward. We create a PLT entry in Iplt, which is 1450 // usually at the end of .plt, which makes an indirect call using a 1451 // matching GOT entry in igotPlt, which is usually at the end of .got.plt. 1452 // The GOT entry is relocated using an IRELATIVE relocation in relaIplt, 1453 // which is usually at the end of .rela.plt. Unlike most relocations in 1454 // .rela.plt, which may be evaluated lazily without -z now, dynamic 1455 // loaders evaluate IRELATIVE relocs eagerly, which means that for 1456 // IRELATIVE relocs only, GOT-generating relocations can point directly to 1457 // .got.plt without requiring a separate GOT entry. 1458 // 1459 // - Despite the fact that an ifunc does not have a fixed value, compilers 1460 // that are not passed -fPIC will assume that they do, and will emit 1461 // direct (non-GOT-generating, non-PLT-generating) relocations to the 1462 // symbol. This means that if a direct relocation to the symbol is 1463 // seen, the linker must set a value for the symbol, and this value must 1464 // be consistent no matter what type of reference is made to the symbol. 1465 // This can be done by creating a PLT entry for the symbol in the way 1466 // described above and making it canonical, that is, making all references 1467 // point to the PLT entry instead of the resolver. In lld we also store 1468 // the address of the PLT entry in the dynamic symbol table, which means 1469 // that the symbol will also have the same value in other modules. 1470 // Because the value loaded from the GOT needs to be consistent with 1471 // the value computed using a direct relocation, a non-preemptible ifunc 1472 // may end up with two GOT entries, one in .got.plt that points to the 1473 // address returned by the resolver and is used only by the PLT entry, 1474 // and another in .got that points to the PLT entry and is used by 1475 // GOT-generating relocations. 1476 // 1477 // - The fact that these symbols do not have a fixed value makes them an 1478 // exception to the general rule that a statically linked executable does 1479 // not require any form of dynamic relocation. To handle these relocations 1480 // correctly, the IRELATIVE relocations are stored in an array which a 1481 // statically linked executable's startup code must enumerate using the 1482 // linker-defined symbols __rela?_iplt_{start,end}. 1483 if (!sym.isInPlt()) { 1484 // Create PLT and GOTPLT slots for the symbol. 1485 sym.isInIplt = true; 1486 1487 // Create a copy of the symbol to use as the target of the IRELATIVE 1488 // relocation in the igotPlt. This is in case we make the PLT canonical 1489 // later, which would overwrite the original symbol. 1490 // 1491 // FIXME: Creating a copy of the symbol here is a bit of a hack. All 1492 // that's really needed to create the IRELATIVE is the section and value, 1493 // so ideally we should just need to copy those. 1494 auto *directSym = make<Defined>(cast<Defined>(sym)); 1495 addPltEntry(in.iplt, in.igotPlt, in.relaIplt, target->iRelativeRel, 1496 *directSym); 1497 sym.pltIndex = directSym->pltIndex; 1498 } 1499 if (needsGot(expr)) { 1500 // Redirect GOT accesses to point to the Igot. 1501 // 1502 // This field is also used to keep track of whether we ever needed a GOT 1503 // entry. If we did and we make the PLT canonical later, we'll need to 1504 // create a GOT entry pointing to the PLT entry for Sym. 1505 sym.gotInIgot = true; 1506 } else if (!needsPlt(expr)) { 1507 // Make the ifunc's PLT entry canonical by changing the value of its 1508 // symbol to redirect all references to point to it. 1509 auto &d = cast<Defined>(sym); 1510 d.section = in.iplt; 1511 d.value = sym.pltIndex * target->ipltEntrySize; 1512 d.size = 0; 1513 // It's important to set the symbol type here so that dynamic loaders 1514 // don't try to call the PLT as if it were an ifunc resolver. 1515 d.type = STT_FUNC; 1516 1517 if (sym.gotInIgot) { 1518 // We previously encountered a GOT generating reference that we 1519 // redirected to the Igot. Now that the PLT entry is canonical we must 1520 // clear the redirection to the Igot and add a GOT entry. As we've 1521 // changed the symbol type to STT_FUNC future GOT generating references 1522 // will naturally use this GOT entry. 1523 // 1524 // We don't need to worry about creating a MIPS GOT here because ifuncs 1525 // aren't a thing on MIPS. 1526 sym.gotInIgot = false; 1527 addGotEntry(sym); 1528 } 1529 } 1530 } 1531 1532 processRelocAux<ELFT>(sec, expr, type, offset, sym, addend); 1533 } 1534 1535 // R_PPC64_TLSGD/R_PPC64_TLSLD is required to mark `bl __tls_get_addr` for 1536 // General Dynamic/Local Dynamic code sequences. If a GD/LD GOT relocation is 1537 // found but no R_PPC64_TLSGD/R_PPC64_TLSLD is seen, we assume that the 1538 // instructions are generated by very old IBM XL compilers. Work around the 1539 // issue by disabling GD/LD to IE/LE relaxation. 1540 template <class RelTy> 1541 static void checkPPC64TLSRelax(InputSectionBase &sec, ArrayRef<RelTy> rels) { 1542 // Skip if sec is synthetic (sec.file is null) or if sec has been marked. 1543 if (!sec.file || sec.file->ppc64DisableTLSRelax) 1544 return; 1545 bool hasGDLD = false; 1546 for (const RelTy &rel : rels) { 1547 RelType type = rel.getType(false); 1548 switch (type) { 1549 case R_PPC64_TLSGD: 1550 case R_PPC64_TLSLD: 1551 return; // Found a marker 1552 case R_PPC64_GOT_TLSGD16: 1553 case R_PPC64_GOT_TLSGD16_HA: 1554 case R_PPC64_GOT_TLSGD16_HI: 1555 case R_PPC64_GOT_TLSGD16_LO: 1556 case R_PPC64_GOT_TLSLD16: 1557 case R_PPC64_GOT_TLSLD16_HA: 1558 case R_PPC64_GOT_TLSLD16_HI: 1559 case R_PPC64_GOT_TLSLD16_LO: 1560 hasGDLD = true; 1561 break; 1562 } 1563 } 1564 if (hasGDLD) { 1565 sec.file->ppc64DisableTLSRelax = true; 1566 warn(toString(sec.file) + 1567 ": disable TLS relaxation due to R_PPC64_GOT_TLS* relocations without " 1568 "R_PPC64_TLSGD/R_PPC64_TLSLD relocations"); 1569 } 1570 } 1571 1572 template <class ELFT, class RelTy> 1573 static void scanRelocs(InputSectionBase &sec, ArrayRef<RelTy> rels) { 1574 OffsetGetter getOffset(sec); 1575 1576 // Not all relocations end up in Sec.Relocations, but a lot do. 1577 sec.relocations.reserve(rels.size()); 1578 1579 if (config->emachine == EM_PPC64) 1580 checkPPC64TLSRelax<RelTy>(sec, rels); 1581 1582 // For EhInputSection, OffsetGetter expects the relocations to be sorted by 1583 // r_offset. In rare cases (.eh_frame pieces are reordered by a linker 1584 // script), the relocations may be unordered. 1585 SmallVector<RelTy, 0> storage; 1586 if (isa<EhInputSection>(sec)) 1587 rels = sortRels(rels, storage); 1588 1589 for (auto i = rels.begin(), end = rels.end(); i != end;) 1590 scanReloc<ELFT>(sec, getOffset, i, rels.begin(), end); 1591 1592 // Sort relocations by offset for more efficient searching for 1593 // R_RISCV_PCREL_HI20 and R_PPC64_ADDR64. 1594 if (config->emachine == EM_RISCV || 1595 (config->emachine == EM_PPC64 && sec.name == ".toc")) 1596 llvm::stable_sort(sec.relocations, 1597 [](const Relocation &lhs, const Relocation &rhs) { 1598 return lhs.offset < rhs.offset; 1599 }); 1600 } 1601 1602 template <class ELFT> void elf::scanRelocations(InputSectionBase &s) { 1603 const RelsOrRelas<ELFT> rels = s.template relsOrRelas<ELFT>(); 1604 if (rels.areRelocsRel()) 1605 scanRelocs<ELFT>(s, rels.rels); 1606 else 1607 scanRelocs<ELFT>(s, rels.relas); 1608 } 1609 1610 static bool mergeCmp(const InputSection *a, const InputSection *b) { 1611 // std::merge requires a strict weak ordering. 1612 if (a->outSecOff < b->outSecOff) 1613 return true; 1614 1615 if (a->outSecOff == b->outSecOff) { 1616 auto *ta = dyn_cast<ThunkSection>(a); 1617 auto *tb = dyn_cast<ThunkSection>(b); 1618 1619 // Check if Thunk is immediately before any specific Target 1620 // InputSection for example Mips LA25 Thunks. 1621 if (ta && ta->getTargetInputSection() == b) 1622 return true; 1623 1624 // Place Thunk Sections without specific targets before 1625 // non-Thunk Sections. 1626 if (ta && !tb && !ta->getTargetInputSection()) 1627 return true; 1628 } 1629 1630 return false; 1631 } 1632 1633 // Call Fn on every executable InputSection accessed via the linker script 1634 // InputSectionDescription::Sections. 1635 static void forEachInputSectionDescription( 1636 ArrayRef<OutputSection *> outputSections, 1637 llvm::function_ref<void(OutputSection *, InputSectionDescription *)> fn) { 1638 for (OutputSection *os : outputSections) { 1639 if (!(os->flags & SHF_ALLOC) || !(os->flags & SHF_EXECINSTR)) 1640 continue; 1641 for (BaseCommand *bc : os->sectionCommands) 1642 if (auto *isd = dyn_cast<InputSectionDescription>(bc)) 1643 fn(os, isd); 1644 } 1645 } 1646 1647 // Thunk Implementation 1648 // 1649 // Thunks (sometimes called stubs, veneers or branch islands) are small pieces 1650 // of code that the linker inserts inbetween a caller and a callee. The thunks 1651 // are added at link time rather than compile time as the decision on whether 1652 // a thunk is needed, such as the caller and callee being out of range, can only 1653 // be made at link time. 1654 // 1655 // It is straightforward to tell given the current state of the program when a 1656 // thunk is needed for a particular call. The more difficult part is that 1657 // the thunk needs to be placed in the program such that the caller can reach 1658 // the thunk and the thunk can reach the callee; furthermore, adding thunks to 1659 // the program alters addresses, which can mean more thunks etc. 1660 // 1661 // In lld we have a synthetic ThunkSection that can hold many Thunks. 1662 // The decision to have a ThunkSection act as a container means that we can 1663 // more easily handle the most common case of a single block of contiguous 1664 // Thunks by inserting just a single ThunkSection. 1665 // 1666 // The implementation of Thunks in lld is split across these areas 1667 // Relocations.cpp : Framework for creating and placing thunks 1668 // Thunks.cpp : The code generated for each supported thunk 1669 // Target.cpp : Target specific hooks that the framework uses to decide when 1670 // a thunk is used 1671 // Synthetic.cpp : Implementation of ThunkSection 1672 // Writer.cpp : Iteratively call framework until no more Thunks added 1673 // 1674 // Thunk placement requirements: 1675 // Mips LA25 thunks. These must be placed immediately before the callee section 1676 // We can assume that the caller is in range of the Thunk. These are modelled 1677 // by Thunks that return the section they must precede with 1678 // getTargetInputSection(). 1679 // 1680 // ARM interworking and range extension thunks. These thunks must be placed 1681 // within range of the caller. All implemented ARM thunks can always reach the 1682 // callee as they use an indirect jump via a register that has no range 1683 // restrictions. 1684 // 1685 // Thunk placement algorithm: 1686 // For Mips LA25 ThunkSections; the placement is explicit, it has to be before 1687 // getTargetInputSection(). 1688 // 1689 // For thunks that must be placed within range of the caller there are many 1690 // possible choices given that the maximum range from the caller is usually 1691 // much larger than the average InputSection size. Desirable properties include: 1692 // - Maximize reuse of thunks by multiple callers 1693 // - Minimize number of ThunkSections to simplify insertion 1694 // - Handle impact of already added Thunks on addresses 1695 // - Simple to understand and implement 1696 // 1697 // In lld for the first pass, we pre-create one or more ThunkSections per 1698 // InputSectionDescription at Target specific intervals. A ThunkSection is 1699 // placed so that the estimated end of the ThunkSection is within range of the 1700 // start of the InputSectionDescription or the previous ThunkSection. For 1701 // example: 1702 // InputSectionDescription 1703 // Section 0 1704 // ... 1705 // Section N 1706 // ThunkSection 0 1707 // Section N + 1 1708 // ... 1709 // Section N + K 1710 // Thunk Section 1 1711 // 1712 // The intention is that we can add a Thunk to a ThunkSection that is well 1713 // spaced enough to service a number of callers without having to do a lot 1714 // of work. An important principle is that it is not an error if a Thunk cannot 1715 // be placed in a pre-created ThunkSection; when this happens we create a new 1716 // ThunkSection placed next to the caller. This allows us to handle the vast 1717 // majority of thunks simply, but also handle rare cases where the branch range 1718 // is smaller than the target specific spacing. 1719 // 1720 // The algorithm is expected to create all the thunks that are needed in a 1721 // single pass, with a small number of programs needing a second pass due to 1722 // the insertion of thunks in the first pass increasing the offset between 1723 // callers and callees that were only just in range. 1724 // 1725 // A consequence of allowing new ThunkSections to be created outside of the 1726 // pre-created ThunkSections is that in rare cases calls to Thunks that were in 1727 // range in pass K, are out of range in some pass > K due to the insertion of 1728 // more Thunks in between the caller and callee. When this happens we retarget 1729 // the relocation back to the original target and create another Thunk. 1730 1731 // Remove ThunkSections that are empty, this should only be the initial set 1732 // precreated on pass 0. 1733 1734 // Insert the Thunks for OutputSection OS into their designated place 1735 // in the Sections vector, and recalculate the InputSection output section 1736 // offsets. 1737 // This may invalidate any output section offsets stored outside of InputSection 1738 void ThunkCreator::mergeThunks(ArrayRef<OutputSection *> outputSections) { 1739 forEachInputSectionDescription( 1740 outputSections, [&](OutputSection *os, InputSectionDescription *isd) { 1741 if (isd->thunkSections.empty()) 1742 return; 1743 1744 // Remove any zero sized precreated Thunks. 1745 llvm::erase_if(isd->thunkSections, 1746 [](const std::pair<ThunkSection *, uint32_t> &ts) { 1747 return ts.first->getSize() == 0; 1748 }); 1749 1750 // ISD->ThunkSections contains all created ThunkSections, including 1751 // those inserted in previous passes. Extract the Thunks created this 1752 // pass and order them in ascending outSecOff. 1753 std::vector<ThunkSection *> newThunks; 1754 for (std::pair<ThunkSection *, uint32_t> ts : isd->thunkSections) 1755 if (ts.second == pass) 1756 newThunks.push_back(ts.first); 1757 llvm::stable_sort(newThunks, 1758 [](const ThunkSection *a, const ThunkSection *b) { 1759 return a->outSecOff < b->outSecOff; 1760 }); 1761 1762 // Merge sorted vectors of Thunks and InputSections by outSecOff 1763 std::vector<InputSection *> tmp; 1764 tmp.reserve(isd->sections.size() + newThunks.size()); 1765 1766 std::merge(isd->sections.begin(), isd->sections.end(), 1767 newThunks.begin(), newThunks.end(), std::back_inserter(tmp), 1768 mergeCmp); 1769 1770 isd->sections = std::move(tmp); 1771 }); 1772 } 1773 1774 // Find or create a ThunkSection within the InputSectionDescription (ISD) that 1775 // is in range of Src. An ISD maps to a range of InputSections described by a 1776 // linker script section pattern such as { .text .text.* }. 1777 ThunkSection *ThunkCreator::getISDThunkSec(OutputSection *os, 1778 InputSection *isec, 1779 InputSectionDescription *isd, 1780 const Relocation &rel, 1781 uint64_t src) { 1782 for (std::pair<ThunkSection *, uint32_t> tp : isd->thunkSections) { 1783 ThunkSection *ts = tp.first; 1784 uint64_t tsBase = os->addr + ts->outSecOff + rel.addend; 1785 uint64_t tsLimit = tsBase + ts->getSize() + rel.addend; 1786 if (target->inBranchRange(rel.type, src, 1787 (src > tsLimit) ? tsBase : tsLimit)) 1788 return ts; 1789 } 1790 1791 // No suitable ThunkSection exists. This can happen when there is a branch 1792 // with lower range than the ThunkSection spacing or when there are too 1793 // many Thunks. Create a new ThunkSection as close to the InputSection as 1794 // possible. Error if InputSection is so large we cannot place ThunkSection 1795 // anywhere in Range. 1796 uint64_t thunkSecOff = isec->outSecOff; 1797 if (!target->inBranchRange(rel.type, src, 1798 os->addr + thunkSecOff + rel.addend)) { 1799 thunkSecOff = isec->outSecOff + isec->getSize(); 1800 if (!target->inBranchRange(rel.type, src, 1801 os->addr + thunkSecOff + rel.addend)) 1802 fatal("InputSection too large for range extension thunk " + 1803 isec->getObjMsg(src - (os->addr + isec->outSecOff))); 1804 } 1805 return addThunkSection(os, isd, thunkSecOff); 1806 } 1807 1808 // Add a Thunk that needs to be placed in a ThunkSection that immediately 1809 // precedes its Target. 1810 ThunkSection *ThunkCreator::getISThunkSec(InputSection *isec) { 1811 ThunkSection *ts = thunkedSections.lookup(isec); 1812 if (ts) 1813 return ts; 1814 1815 // Find InputSectionRange within Target Output Section (TOS) that the 1816 // InputSection (IS) that we need to precede is in. 1817 OutputSection *tos = isec->getParent(); 1818 for (BaseCommand *bc : tos->sectionCommands) { 1819 auto *isd = dyn_cast<InputSectionDescription>(bc); 1820 if (!isd || isd->sections.empty()) 1821 continue; 1822 1823 InputSection *first = isd->sections.front(); 1824 InputSection *last = isd->sections.back(); 1825 1826 if (isec->outSecOff < first->outSecOff || last->outSecOff < isec->outSecOff) 1827 continue; 1828 1829 ts = addThunkSection(tos, isd, isec->outSecOff); 1830 thunkedSections[isec] = ts; 1831 return ts; 1832 } 1833 1834 return nullptr; 1835 } 1836 1837 // Create one or more ThunkSections per OS that can be used to place Thunks. 1838 // We attempt to place the ThunkSections using the following desirable 1839 // properties: 1840 // - Within range of the maximum number of callers 1841 // - Minimise the number of ThunkSections 1842 // 1843 // We follow a simple but conservative heuristic to place ThunkSections at 1844 // offsets that are multiples of a Target specific branch range. 1845 // For an InputSectionDescription that is smaller than the range, a single 1846 // ThunkSection at the end of the range will do. 1847 // 1848 // For an InputSectionDescription that is more than twice the size of the range, 1849 // we place the last ThunkSection at range bytes from the end of the 1850 // InputSectionDescription in order to increase the likelihood that the 1851 // distance from a thunk to its target will be sufficiently small to 1852 // allow for the creation of a short thunk. 1853 void ThunkCreator::createInitialThunkSections( 1854 ArrayRef<OutputSection *> outputSections) { 1855 uint32_t thunkSectionSpacing = target->getThunkSectionSpacing(); 1856 1857 forEachInputSectionDescription( 1858 outputSections, [&](OutputSection *os, InputSectionDescription *isd) { 1859 if (isd->sections.empty()) 1860 return; 1861 1862 uint32_t isdBegin = isd->sections.front()->outSecOff; 1863 uint32_t isdEnd = 1864 isd->sections.back()->outSecOff + isd->sections.back()->getSize(); 1865 uint32_t lastThunkLowerBound = -1; 1866 if (isdEnd - isdBegin > thunkSectionSpacing * 2) 1867 lastThunkLowerBound = isdEnd - thunkSectionSpacing; 1868 1869 uint32_t isecLimit; 1870 uint32_t prevIsecLimit = isdBegin; 1871 uint32_t thunkUpperBound = isdBegin + thunkSectionSpacing; 1872 1873 for (const InputSection *isec : isd->sections) { 1874 isecLimit = isec->outSecOff + isec->getSize(); 1875 if (isecLimit > thunkUpperBound) { 1876 addThunkSection(os, isd, prevIsecLimit); 1877 thunkUpperBound = prevIsecLimit + thunkSectionSpacing; 1878 } 1879 if (isecLimit > lastThunkLowerBound) 1880 break; 1881 prevIsecLimit = isecLimit; 1882 } 1883 addThunkSection(os, isd, isecLimit); 1884 }); 1885 } 1886 1887 ThunkSection *ThunkCreator::addThunkSection(OutputSection *os, 1888 InputSectionDescription *isd, 1889 uint64_t off) { 1890 auto *ts = make<ThunkSection>(os, off); 1891 ts->partition = os->partition; 1892 if ((config->fixCortexA53Errata843419 || config->fixCortexA8) && 1893 !isd->sections.empty()) { 1894 // The errata fixes are sensitive to addresses modulo 4 KiB. When we add 1895 // thunks we disturb the base addresses of sections placed after the thunks 1896 // this makes patches we have generated redundant, and may cause us to 1897 // generate more patches as different instructions are now in sensitive 1898 // locations. When we generate more patches we may force more branches to 1899 // go out of range, causing more thunks to be generated. In pathological 1900 // cases this can cause the address dependent content pass not to converge. 1901 // We fix this by rounding up the size of the ThunkSection to 4KiB, this 1902 // limits the insertion of a ThunkSection on the addresses modulo 4 KiB, 1903 // which means that adding Thunks to the section does not invalidate 1904 // errata patches for following code. 1905 // Rounding up the size to 4KiB has consequences for code-size and can 1906 // trip up linker script defined assertions. For example the linux kernel 1907 // has an assertion that what LLD represents as an InputSectionDescription 1908 // does not exceed 4 KiB even if the overall OutputSection is > 128 Mib. 1909 // We use the heuristic of rounding up the size when both of the following 1910 // conditions are true: 1911 // 1.) The OutputSection is larger than the ThunkSectionSpacing. This 1912 // accounts for the case where no single InputSectionDescription is 1913 // larger than the OutputSection size. This is conservative but simple. 1914 // 2.) The InputSectionDescription is larger than 4 KiB. This will prevent 1915 // any assertion failures that an InputSectionDescription is < 4 KiB 1916 // in size. 1917 uint64_t isdSize = isd->sections.back()->outSecOff + 1918 isd->sections.back()->getSize() - 1919 isd->sections.front()->outSecOff; 1920 if (os->size > target->getThunkSectionSpacing() && isdSize > 4096) 1921 ts->roundUpSizeForErrata = true; 1922 } 1923 isd->thunkSections.push_back({ts, pass}); 1924 return ts; 1925 } 1926 1927 static bool isThunkSectionCompatible(InputSection *source, 1928 SectionBase *target) { 1929 // We can't reuse thunks in different loadable partitions because they might 1930 // not be loaded. But partition 1 (the main partition) will always be loaded. 1931 if (source->partition != target->partition) 1932 return target->partition == 1; 1933 return true; 1934 } 1935 1936 static int64_t getPCBias(RelType type) { 1937 if (config->emachine != EM_ARM) 1938 return 0; 1939 switch (type) { 1940 case R_ARM_THM_JUMP19: 1941 case R_ARM_THM_JUMP24: 1942 case R_ARM_THM_CALL: 1943 return 4; 1944 default: 1945 return 8; 1946 } 1947 } 1948 1949 std::pair<Thunk *, bool> ThunkCreator::getThunk(InputSection *isec, 1950 Relocation &rel, uint64_t src) { 1951 std::vector<Thunk *> *thunkVec = nullptr; 1952 // Arm and Thumb have a PC Bias of 8 and 4 respectively, this is cancelled 1953 // out in the relocation addend. We compensate for the PC bias so that 1954 // an Arm and Thumb relocation to the same destination get the same keyAddend, 1955 // which is usually 0. 1956 int64_t keyAddend = rel.addend + getPCBias(rel.type); 1957 1958 // We use a ((section, offset), addend) pair to find the thunk position if 1959 // possible so that we create only one thunk for aliased symbols or ICFed 1960 // sections. There may be multiple relocations sharing the same (section, 1961 // offset + addend) pair. We may revert the relocation back to its original 1962 // non-Thunk target, so we cannot fold offset + addend. 1963 if (auto *d = dyn_cast<Defined>(rel.sym)) 1964 if (!d->isInPlt() && d->section) 1965 thunkVec = &thunkedSymbolsBySectionAndAddend[{ 1966 {d->section->repl, d->value}, keyAddend}]; 1967 if (!thunkVec) 1968 thunkVec = &thunkedSymbols[{rel.sym, keyAddend}]; 1969 1970 // Check existing Thunks for Sym to see if they can be reused 1971 for (Thunk *t : *thunkVec) 1972 if (isThunkSectionCompatible(isec, t->getThunkTargetSym()->section) && 1973 t->isCompatibleWith(*isec, rel) && 1974 target->inBranchRange(rel.type, src, 1975 t->getThunkTargetSym()->getVA(rel.addend))) 1976 return std::make_pair(t, false); 1977 1978 // No existing compatible Thunk in range, create a new one 1979 Thunk *t = addThunk(*isec, rel); 1980 thunkVec->push_back(t); 1981 return std::make_pair(t, true); 1982 } 1983 1984 // Return true if the relocation target is an in range Thunk. 1985 // Return false if the relocation is not to a Thunk. If the relocation target 1986 // was originally to a Thunk, but is no longer in range we revert the 1987 // relocation back to its original non-Thunk target. 1988 bool ThunkCreator::normalizeExistingThunk(Relocation &rel, uint64_t src) { 1989 if (Thunk *t = thunks.lookup(rel.sym)) { 1990 if (target->inBranchRange(rel.type, src, rel.sym->getVA(rel.addend))) 1991 return true; 1992 rel.sym = &t->destination; 1993 rel.addend = t->addend; 1994 if (rel.sym->isInPlt()) 1995 rel.expr = toPlt(rel.expr); 1996 } 1997 return false; 1998 } 1999 2000 // Process all relocations from the InputSections that have been assigned 2001 // to InputSectionDescriptions and redirect through Thunks if needed. The 2002 // function should be called iteratively until it returns false. 2003 // 2004 // PreConditions: 2005 // All InputSections that may need a Thunk are reachable from 2006 // OutputSectionCommands. 2007 // 2008 // All OutputSections have an address and all InputSections have an offset 2009 // within the OutputSection. 2010 // 2011 // The offsets between caller (relocation place) and callee 2012 // (relocation target) will not be modified outside of createThunks(). 2013 // 2014 // PostConditions: 2015 // If return value is true then ThunkSections have been inserted into 2016 // OutputSections. All relocations that needed a Thunk based on the information 2017 // available to createThunks() on entry have been redirected to a Thunk. Note 2018 // that adding Thunks changes offsets between caller and callee so more Thunks 2019 // may be required. 2020 // 2021 // If return value is false then no more Thunks are needed, and createThunks has 2022 // made no changes. If the target requires range extension thunks, currently 2023 // ARM, then any future change in offset between caller and callee risks a 2024 // relocation out of range error. 2025 bool ThunkCreator::createThunks(ArrayRef<OutputSection *> outputSections) { 2026 bool addressesChanged = false; 2027 2028 if (pass == 0 && target->getThunkSectionSpacing()) 2029 createInitialThunkSections(outputSections); 2030 2031 // Create all the Thunks and insert them into synthetic ThunkSections. The 2032 // ThunkSections are later inserted back into InputSectionDescriptions. 2033 // We separate the creation of ThunkSections from the insertion of the 2034 // ThunkSections as ThunkSections are not always inserted into the same 2035 // InputSectionDescription as the caller. 2036 forEachInputSectionDescription( 2037 outputSections, [&](OutputSection *os, InputSectionDescription *isd) { 2038 for (InputSection *isec : isd->sections) 2039 for (Relocation &rel : isec->relocations) { 2040 uint64_t src = isec->getVA(rel.offset); 2041 2042 // If we are a relocation to an existing Thunk, check if it is 2043 // still in range. If not then Rel will be altered to point to its 2044 // original target so another Thunk can be generated. 2045 if (pass > 0 && normalizeExistingThunk(rel, src)) 2046 continue; 2047 2048 if (!target->needsThunk(rel.expr, rel.type, isec->file, src, 2049 *rel.sym, rel.addend)) 2050 continue; 2051 2052 Thunk *t; 2053 bool isNew; 2054 std::tie(t, isNew) = getThunk(isec, rel, src); 2055 2056 if (isNew) { 2057 // Find or create a ThunkSection for the new Thunk 2058 ThunkSection *ts; 2059 if (auto *tis = t->getTargetInputSection()) 2060 ts = getISThunkSec(tis); 2061 else 2062 ts = getISDThunkSec(os, isec, isd, rel, src); 2063 ts->addThunk(t); 2064 thunks[t->getThunkTargetSym()] = t; 2065 } 2066 2067 // Redirect relocation to Thunk, we never go via the PLT to a Thunk 2068 rel.sym = t->getThunkTargetSym(); 2069 rel.expr = fromPlt(rel.expr); 2070 2071 // On AArch64 and PPC, a jump/call relocation may be encoded as 2072 // STT_SECTION + non-zero addend, clear the addend after 2073 // redirection. 2074 if (config->emachine != EM_MIPS) 2075 rel.addend = -getPCBias(rel.type); 2076 } 2077 2078 for (auto &p : isd->thunkSections) 2079 addressesChanged |= p.first->assignOffsets(); 2080 }); 2081 2082 for (auto &p : thunkedSections) 2083 addressesChanged |= p.second->assignOffsets(); 2084 2085 // Merge all created synthetic ThunkSections back into OutputSection 2086 mergeThunks(outputSections); 2087 ++pass; 2088 return addressesChanged; 2089 } 2090 2091 // The following aid in the conversion of call x@GDPLT to call __tls_get_addr 2092 // hexagonNeedsTLSSymbol scans for relocations would require a call to 2093 // __tls_get_addr. 2094 // hexagonTLSSymbolUpdate rebinds the relocation to __tls_get_addr. 2095 bool elf::hexagonNeedsTLSSymbol(ArrayRef<OutputSection *> outputSections) { 2096 bool needTlsSymbol = false; 2097 forEachInputSectionDescription( 2098 outputSections, [&](OutputSection *os, InputSectionDescription *isd) { 2099 for (InputSection *isec : isd->sections) 2100 for (Relocation &rel : isec->relocations) 2101 if (rel.sym->type == llvm::ELF::STT_TLS && rel.expr == R_PLT_PC) { 2102 needTlsSymbol = true; 2103 return; 2104 } 2105 }); 2106 return needTlsSymbol; 2107 } 2108 2109 void elf::hexagonTLSSymbolUpdate(ArrayRef<OutputSection *> outputSections) { 2110 Symbol *sym = symtab->find("__tls_get_addr"); 2111 if (!sym) 2112 return; 2113 bool needEntry = true; 2114 forEachInputSectionDescription( 2115 outputSections, [&](OutputSection *os, InputSectionDescription *isd) { 2116 for (InputSection *isec : isd->sections) 2117 for (Relocation &rel : isec->relocations) 2118 if (rel.sym->type == llvm::ELF::STT_TLS && rel.expr == R_PLT_PC) { 2119 if (needEntry) { 2120 addPltEntry(in.plt, in.gotPlt, in.relaPlt, target->pltRel, 2121 *sym); 2122 needEntry = false; 2123 } 2124 rel.sym = sym; 2125 } 2126 }); 2127 } 2128 2129 template void elf::scanRelocations<ELF32LE>(InputSectionBase &); 2130 template void elf::scanRelocations<ELF32BE>(InputSectionBase &); 2131 template void elf::scanRelocations<ELF64LE>(InputSectionBase &); 2132 template void elf::scanRelocations<ELF64BE>(InputSectionBase &); 2133 template void elf::reportUndefinedSymbols<ELF32LE>(); 2134 template void elf::reportUndefinedSymbols<ELF32BE>(); 2135 template void elf::reportUndefinedSymbols<ELF64LE>(); 2136 template void elf::reportUndefinedSymbols<ELF64BE>(); 2137