1 //===- Thunks.cpp --------------------------------------------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===---------------------------------------------------------------------===// 8 // 9 // This file contains Thunk subclasses. 10 // 11 // A thunk is a small piece of code written after an input section 12 // which is used to jump between "incompatible" functions 13 // such as MIPS PIC and non-PIC or ARM non-Thumb and Thumb functions. 14 // 15 // If a jump target is too far and its address doesn't fit to a 16 // short jump instruction, we need to create a thunk too, but we 17 // haven't supported it yet. 18 // 19 // i386 and x86-64 don't need thunks. 20 // 21 //===---------------------------------------------------------------------===// 22 23 #include "Thunks.h" 24 #include "Config.h" 25 #include "InputSection.h" 26 #include "OutputSections.h" 27 #include "Symbols.h" 28 #include "SyntheticSections.h" 29 #include "Target.h" 30 #include "lld/Common/ErrorHandler.h" 31 #include "lld/Common/Memory.h" 32 #include "llvm/BinaryFormat/ELF.h" 33 #include "llvm/Support/Casting.h" 34 #include "llvm/Support/Endian.h" 35 #include "llvm/Support/ErrorHandling.h" 36 #include "llvm/Support/MathExtras.h" 37 #include <cstdint> 38 #include <cstring> 39 40 using namespace llvm; 41 using namespace llvm::object; 42 using namespace llvm::ELF; 43 using namespace lld; 44 using namespace lld::elf; 45 46 namespace { 47 48 // AArch64 long range Thunks 49 class AArch64ABSLongThunk final : public Thunk { 50 public: 51 AArch64ABSLongThunk(Symbol &dest, int64_t addend) : Thunk(dest, addend) {} 52 uint32_t size() override { return 16; } 53 void writeTo(uint8_t *buf) override; 54 void addSymbols(ThunkSection &isec) override; 55 }; 56 57 class AArch64ADRPThunk final : public Thunk { 58 public: 59 AArch64ADRPThunk(Symbol &dest, int64_t addend) : Thunk(dest, addend) {} 60 uint32_t size() override { return 12; } 61 void writeTo(uint8_t *buf) override; 62 void addSymbols(ThunkSection &isec) override; 63 }; 64 65 // Base class for ARM thunks. 66 // 67 // An ARM thunk may be either short or long. A short thunk is simply a branch 68 // (B) instruction, and it may be used to call ARM functions when the distance 69 // from the thunk to the target is less than 32MB. Long thunks can branch to any 70 // virtual address and can switch between ARM and Thumb, and they are 71 // implemented in the derived classes. This class tries to create a short thunk 72 // if the target is in range, otherwise it creates a long thunk. 73 class ARMThunk : public Thunk { 74 public: 75 ARMThunk(Symbol &dest) : Thunk(dest, 0) {} 76 77 bool getMayUseShortThunk(); 78 uint32_t size() override { return getMayUseShortThunk() ? 4 : sizeLong(); } 79 void writeTo(uint8_t *buf) override; 80 bool isCompatibleWith(const InputSection &isec, 81 const Relocation &rel) const override; 82 83 // Returns the size of a long thunk. 84 virtual uint32_t sizeLong() = 0; 85 86 // Writes a long thunk to Buf. 87 virtual void writeLong(uint8_t *buf) = 0; 88 89 private: 90 // This field tracks whether all previously considered layouts would allow 91 // this thunk to be short. If we have ever needed a long thunk, we always 92 // create a long thunk, even if the thunk may be short given the current 93 // distance to the target. We do this because transitioning from long to short 94 // can create layout oscillations in certain corner cases which would prevent 95 // the layout from converging. 96 bool mayUseShortThunk = true; 97 }; 98 99 // Base class for Thumb-2 thunks. 100 // 101 // This class is similar to ARMThunk, but it uses the Thumb-2 B.W instruction 102 // which has a range of 16MB. 103 class ThumbThunk : public Thunk { 104 public: 105 ThumbThunk(Symbol &dest) : Thunk(dest, 0) { alignment = 2; } 106 107 bool getMayUseShortThunk(); 108 uint32_t size() override { return getMayUseShortThunk() ? 4 : sizeLong(); } 109 void writeTo(uint8_t *buf) override; 110 bool isCompatibleWith(const InputSection &isec, 111 const Relocation &rel) const override; 112 113 // Returns the size of a long thunk. 114 virtual uint32_t sizeLong() = 0; 115 116 // Writes a long thunk to Buf. 117 virtual void writeLong(uint8_t *buf) = 0; 118 119 private: 120 // See comment in ARMThunk above. 121 bool mayUseShortThunk = true; 122 }; 123 124 // Specific ARM Thunk implementations. The naming convention is: 125 // Source State, TargetState, Target Requirement, ABS or PI, Range 126 class ARMV7ABSLongThunk final : public ARMThunk { 127 public: 128 ARMV7ABSLongThunk(Symbol &dest) : ARMThunk(dest) {} 129 130 uint32_t sizeLong() override { return 12; } 131 void writeLong(uint8_t *buf) override; 132 void addSymbols(ThunkSection &isec) override; 133 }; 134 135 class ARMV7PILongThunk final : public ARMThunk { 136 public: 137 ARMV7PILongThunk(Symbol &dest) : ARMThunk(dest) {} 138 139 uint32_t sizeLong() override { return 16; } 140 void writeLong(uint8_t *buf) override; 141 void addSymbols(ThunkSection &isec) override; 142 }; 143 144 class ThumbV7ABSLongThunk final : public ThumbThunk { 145 public: 146 ThumbV7ABSLongThunk(Symbol &dest) : ThumbThunk(dest) {} 147 148 uint32_t sizeLong() override { return 10; } 149 void writeLong(uint8_t *buf) override; 150 void addSymbols(ThunkSection &isec) override; 151 }; 152 153 class ThumbV7PILongThunk final : public ThumbThunk { 154 public: 155 ThumbV7PILongThunk(Symbol &dest) : ThumbThunk(dest) {} 156 157 uint32_t sizeLong() override { return 12; } 158 void writeLong(uint8_t *buf) override; 159 void addSymbols(ThunkSection &isec) override; 160 }; 161 162 // Implementations of Thunks for older Arm architectures that do not support 163 // the movt/movw instructions. These thunks require at least Architecture v5 164 // as used on processors such as the Arm926ej-s. There are no Thumb entry 165 // points as there is no Thumb branch instruction on these architecture that 166 // can result in a thunk 167 class ARMV5ABSLongThunk final : public ARMThunk { 168 public: 169 ARMV5ABSLongThunk(Symbol &dest) : ARMThunk(dest) {} 170 171 uint32_t sizeLong() override { return 8; } 172 void writeLong(uint8_t *buf) override; 173 void addSymbols(ThunkSection &isec) override; 174 bool isCompatibleWith(const InputSection &isec, 175 const Relocation &rel) const override; 176 }; 177 178 class ARMV5PILongThunk final : public ARMThunk { 179 public: 180 ARMV5PILongThunk(Symbol &dest) : ARMThunk(dest) {} 181 182 uint32_t sizeLong() override { return 16; } 183 void writeLong(uint8_t *buf) override; 184 void addSymbols(ThunkSection &isec) override; 185 bool isCompatibleWith(const InputSection &isec, 186 const Relocation &rel) const override; 187 }; 188 189 // Implementations of Thunks for Arm v6-M. Only Thumb instructions are permitted 190 class ThumbV6MABSLongThunk final : public ThumbThunk { 191 public: 192 ThumbV6MABSLongThunk(Symbol &dest) : ThumbThunk(dest) {} 193 194 uint32_t sizeLong() override { return 12; } 195 void writeLong(uint8_t *buf) override; 196 void addSymbols(ThunkSection &isec) override; 197 }; 198 199 class ThumbV6MPILongThunk final : public ThumbThunk { 200 public: 201 ThumbV6MPILongThunk(Symbol &dest) : ThumbThunk(dest) {} 202 203 uint32_t sizeLong() override { return 16; } 204 void writeLong(uint8_t *buf) override; 205 void addSymbols(ThunkSection &isec) override; 206 }; 207 208 // MIPS LA25 thunk 209 class MipsThunk final : public Thunk { 210 public: 211 MipsThunk(Symbol &dest) : Thunk(dest, 0) {} 212 213 uint32_t size() override { return 16; } 214 void writeTo(uint8_t *buf) override; 215 void addSymbols(ThunkSection &isec) override; 216 InputSection *getTargetInputSection() const override; 217 }; 218 219 // microMIPS R2-R5 LA25 thunk 220 class MicroMipsThunk final : public Thunk { 221 public: 222 MicroMipsThunk(Symbol &dest) : Thunk(dest, 0) {} 223 224 uint32_t size() override { return 14; } 225 void writeTo(uint8_t *buf) override; 226 void addSymbols(ThunkSection &isec) override; 227 InputSection *getTargetInputSection() const override; 228 }; 229 230 // microMIPS R6 LA25 thunk 231 class MicroMipsR6Thunk final : public Thunk { 232 public: 233 MicroMipsR6Thunk(Symbol &dest) : Thunk(dest, 0) {} 234 235 uint32_t size() override { return 12; } 236 void writeTo(uint8_t *buf) override; 237 void addSymbols(ThunkSection &isec) override; 238 InputSection *getTargetInputSection() const override; 239 }; 240 241 class PPC32PltCallStub final : public Thunk { 242 public: 243 // For R_PPC_PLTREL24, Thunk::addend records the addend which will be used to 244 // decide the offsets in the call stub. 245 PPC32PltCallStub(const InputSection &isec, const Relocation &rel, 246 Symbol &dest) 247 : Thunk(dest, rel.addend), file(isec.file) {} 248 uint32_t size() override { return 16; } 249 void writeTo(uint8_t *buf) override; 250 void addSymbols(ThunkSection &isec) override; 251 bool isCompatibleWith(const InputSection &isec, const Relocation &rel) const override; 252 253 private: 254 // Records the call site of the call stub. 255 const InputFile *file; 256 }; 257 258 class PPC32LongThunk final : public Thunk { 259 public: 260 PPC32LongThunk(Symbol &dest, int64_t addend) : Thunk(dest, addend) {} 261 uint32_t size() override { return config->isPic ? 32 : 16; } 262 void writeTo(uint8_t *buf) override; 263 void addSymbols(ThunkSection &isec) override; 264 }; 265 266 // PPC64 Plt call stubs. 267 // Any call site that needs to call through a plt entry needs a call stub in 268 // the .text section. The call stub is responsible for: 269 // 1) Saving the toc-pointer to the stack. 270 // 2) Loading the target functions address from the procedure linkage table into 271 // r12 for use by the target functions global entry point, and into the count 272 // register. 273 // 3) Transferring control to the target function through an indirect branch. 274 class PPC64PltCallStub final : public Thunk { 275 public: 276 PPC64PltCallStub(Symbol &dest) : Thunk(dest, 0) {} 277 uint32_t size() override { return 20; } 278 void writeTo(uint8_t *buf) override; 279 void addSymbols(ThunkSection &isec) override; 280 }; 281 282 // A bl instruction uses a signed 24 bit offset, with an implicit 4 byte 283 // alignment. This gives a possible 26 bits of 'reach'. If the call offset is 284 // larger then that we need to emit a long-branch thunk. The target address 285 // of the callee is stored in a table to be accessed TOC-relative. Since the 286 // call must be local (a non-local call will have a PltCallStub instead) the 287 // table stores the address of the callee's local entry point. For 288 // position-independent code a corresponding relative dynamic relocation is 289 // used. 290 class PPC64LongBranchThunk : public Thunk { 291 public: 292 uint32_t size() override { return 16; } 293 void writeTo(uint8_t *buf) override; 294 void addSymbols(ThunkSection &isec) override; 295 296 protected: 297 PPC64LongBranchThunk(Symbol &dest, int64_t addend) : Thunk(dest, addend) {} 298 }; 299 300 class PPC64PILongBranchThunk final : public PPC64LongBranchThunk { 301 public: 302 PPC64PILongBranchThunk(Symbol &dest, int64_t addend) 303 : PPC64LongBranchThunk(dest, addend) { 304 assert(!dest.isPreemptible); 305 if (Optional<uint32_t> index = 306 in.ppc64LongBranchTarget->addEntry(&dest, addend)) { 307 mainPart->relaDyn->addReloc( 308 {target->relativeRel, in.ppc64LongBranchTarget, *index * UINT64_C(8), 309 true, &dest, 310 addend + getPPC64GlobalEntryToLocalEntryOffset(dest.stOther)}); 311 } 312 } 313 }; 314 315 class PPC64PDLongBranchThunk final : public PPC64LongBranchThunk { 316 public: 317 PPC64PDLongBranchThunk(Symbol &dest, int64_t addend) 318 : PPC64LongBranchThunk(dest, addend) { 319 in.ppc64LongBranchTarget->addEntry(&dest, addend); 320 } 321 }; 322 323 } // end anonymous namespace 324 325 Defined *Thunk::addSymbol(StringRef name, uint8_t type, uint64_t value, 326 InputSectionBase §ion) { 327 Defined *d = addSyntheticLocal(name, type, value, /*size=*/0, section); 328 syms.push_back(d); 329 return d; 330 } 331 332 void Thunk::setOffset(uint64_t newOffset) { 333 for (Defined *d : syms) 334 d->value = d->value - offset + newOffset; 335 offset = newOffset; 336 } 337 338 // AArch64 long range Thunks 339 340 static uint64_t getAArch64ThunkDestVA(const Symbol &s, int64_t a) { 341 uint64_t v = s.isInPlt() ? s.getPltVA() : s.getVA(a); 342 return v; 343 } 344 345 void AArch64ABSLongThunk::writeTo(uint8_t *buf) { 346 const uint8_t data[] = { 347 0x50, 0x00, 0x00, 0x58, // ldr x16, L0 348 0x00, 0x02, 0x1f, 0xd6, // br x16 349 0x00, 0x00, 0x00, 0x00, // L0: .xword S 350 0x00, 0x00, 0x00, 0x00, 351 }; 352 uint64_t s = getAArch64ThunkDestVA(destination, addend); 353 memcpy(buf, data, sizeof(data)); 354 target->relocateNoSym(buf + 8, R_AARCH64_ABS64, s); 355 } 356 357 void AArch64ABSLongThunk::addSymbols(ThunkSection &isec) { 358 addSymbol(saver.save("__AArch64AbsLongThunk_" + destination.getName()), 359 STT_FUNC, 0, isec); 360 addSymbol("$x", STT_NOTYPE, 0, isec); 361 addSymbol("$d", STT_NOTYPE, 8, isec); 362 } 363 364 // This Thunk has a maximum range of 4Gb, this is sufficient for all programs 365 // using the small code model, including pc-relative ones. At time of writing 366 // clang and gcc do not support the large code model for position independent 367 // code so it is safe to use this for position independent thunks without 368 // worrying about the destination being more than 4Gb away. 369 void AArch64ADRPThunk::writeTo(uint8_t *buf) { 370 const uint8_t data[] = { 371 0x10, 0x00, 0x00, 0x90, // adrp x16, Dest R_AARCH64_ADR_PREL_PG_HI21(Dest) 372 0x10, 0x02, 0x00, 0x91, // add x16, x16, R_AARCH64_ADD_ABS_LO12_NC(Dest) 373 0x00, 0x02, 0x1f, 0xd6, // br x16 374 }; 375 uint64_t s = getAArch64ThunkDestVA(destination, addend); 376 uint64_t p = getThunkTargetSym()->getVA(); 377 memcpy(buf, data, sizeof(data)); 378 target->relocateNoSym(buf, R_AARCH64_ADR_PREL_PG_HI21, 379 getAArch64Page(s) - getAArch64Page(p)); 380 target->relocateNoSym(buf + 4, R_AARCH64_ADD_ABS_LO12_NC, s); 381 } 382 383 void AArch64ADRPThunk::addSymbols(ThunkSection &isec) { 384 addSymbol(saver.save("__AArch64ADRPThunk_" + destination.getName()), STT_FUNC, 385 0, isec); 386 addSymbol("$x", STT_NOTYPE, 0, isec); 387 } 388 389 // ARM Target Thunks 390 static uint64_t getARMThunkDestVA(const Symbol &s) { 391 uint64_t v = s.isInPlt() ? s.getPltVA() : s.getVA(); 392 return SignExtend64<32>(v); 393 } 394 395 // This function returns true if the target is not Thumb and is within 2^26, and 396 // it has not previously returned false (see comment for mayUseShortThunk). 397 bool ARMThunk::getMayUseShortThunk() { 398 if (!mayUseShortThunk) 399 return false; 400 uint64_t s = getARMThunkDestVA(destination); 401 if (s & 1) { 402 mayUseShortThunk = false; 403 return false; 404 } 405 uint64_t p = getThunkTargetSym()->getVA(); 406 int64_t offset = s - p - 8; 407 mayUseShortThunk = llvm::isInt<26>(offset); 408 return mayUseShortThunk; 409 } 410 411 void ARMThunk::writeTo(uint8_t *buf) { 412 if (!getMayUseShortThunk()) { 413 writeLong(buf); 414 return; 415 } 416 417 uint64_t s = getARMThunkDestVA(destination); 418 uint64_t p = getThunkTargetSym()->getVA(); 419 int64_t offset = s - p - 8; 420 const uint8_t data[] = { 421 0x00, 0x00, 0x00, 0xea, // b S 422 }; 423 memcpy(buf, data, sizeof(data)); 424 target->relocateNoSym(buf, R_ARM_JUMP24, offset); 425 } 426 427 bool ARMThunk::isCompatibleWith(const InputSection &isec, 428 const Relocation &rel) const { 429 // Thumb branch relocations can't use BLX 430 return rel.type != R_ARM_THM_JUMP19 && rel.type != R_ARM_THM_JUMP24; 431 } 432 433 // This function returns true if the target is Thumb and is within 2^25, and 434 // it has not previously returned false (see comment for mayUseShortThunk). 435 bool ThumbThunk::getMayUseShortThunk() { 436 if (!mayUseShortThunk) 437 return false; 438 uint64_t s = getARMThunkDestVA(destination); 439 if ((s & 1) == 0) { 440 mayUseShortThunk = false; 441 return false; 442 } 443 uint64_t p = getThunkTargetSym()->getVA() & ~1; 444 int64_t offset = s - p - 4; 445 mayUseShortThunk = llvm::isInt<25>(offset); 446 return mayUseShortThunk; 447 } 448 449 void ThumbThunk::writeTo(uint8_t *buf) { 450 if (!getMayUseShortThunk()) { 451 writeLong(buf); 452 return; 453 } 454 455 uint64_t s = getARMThunkDestVA(destination); 456 uint64_t p = getThunkTargetSym()->getVA(); 457 int64_t offset = s - p - 4; 458 const uint8_t data[] = { 459 0x00, 0xf0, 0x00, 0xb0, // b.w S 460 }; 461 memcpy(buf, data, sizeof(data)); 462 target->relocateNoSym(buf, R_ARM_THM_JUMP24, offset); 463 } 464 465 bool ThumbThunk::isCompatibleWith(const InputSection &isec, 466 const Relocation &rel) const { 467 // ARM branch relocations can't use BLX 468 return rel.type != R_ARM_JUMP24 && rel.type != R_ARM_PC24 && rel.type != R_ARM_PLT32; 469 } 470 471 void ARMV7ABSLongThunk::writeLong(uint8_t *buf) { 472 const uint8_t data[] = { 473 0x00, 0xc0, 0x00, 0xe3, // movw ip,:lower16:S 474 0x00, 0xc0, 0x40, 0xe3, // movt ip,:upper16:S 475 0x1c, 0xff, 0x2f, 0xe1, // bx ip 476 }; 477 uint64_t s = getARMThunkDestVA(destination); 478 memcpy(buf, data, sizeof(data)); 479 target->relocateNoSym(buf, R_ARM_MOVW_ABS_NC, s); 480 target->relocateNoSym(buf + 4, R_ARM_MOVT_ABS, s); 481 } 482 483 void ARMV7ABSLongThunk::addSymbols(ThunkSection &isec) { 484 addSymbol(saver.save("__ARMv7ABSLongThunk_" + destination.getName()), 485 STT_FUNC, 0, isec); 486 addSymbol("$a", STT_NOTYPE, 0, isec); 487 } 488 489 void ThumbV7ABSLongThunk::writeLong(uint8_t *buf) { 490 const uint8_t data[] = { 491 0x40, 0xf2, 0x00, 0x0c, // movw ip, :lower16:S 492 0xc0, 0xf2, 0x00, 0x0c, // movt ip, :upper16:S 493 0x60, 0x47, // bx ip 494 }; 495 uint64_t s = getARMThunkDestVA(destination); 496 memcpy(buf, data, sizeof(data)); 497 target->relocateNoSym(buf, R_ARM_THM_MOVW_ABS_NC, s); 498 target->relocateNoSym(buf + 4, R_ARM_THM_MOVT_ABS, s); 499 } 500 501 void ThumbV7ABSLongThunk::addSymbols(ThunkSection &isec) { 502 addSymbol(saver.save("__Thumbv7ABSLongThunk_" + destination.getName()), 503 STT_FUNC, 1, isec); 504 addSymbol("$t", STT_NOTYPE, 0, isec); 505 } 506 507 void ARMV7PILongThunk::writeLong(uint8_t *buf) { 508 const uint8_t data[] = { 509 0xf0, 0xcf, 0x0f, 0xe3, // P: movw ip,:lower16:S - (P + (L1-P) + 8) 510 0x00, 0xc0, 0x40, 0xe3, // movt ip,:upper16:S - (P + (L1-P) + 8) 511 0x0f, 0xc0, 0x8c, 0xe0, // L1: add ip, ip, pc 512 0x1c, 0xff, 0x2f, 0xe1, // bx ip 513 }; 514 uint64_t s = getARMThunkDestVA(destination); 515 uint64_t p = getThunkTargetSym()->getVA(); 516 int64_t offset = s - p - 16; 517 memcpy(buf, data, sizeof(data)); 518 target->relocateNoSym(buf, R_ARM_MOVW_PREL_NC, offset); 519 target->relocateNoSym(buf + 4, R_ARM_MOVT_PREL, offset); 520 } 521 522 void ARMV7PILongThunk::addSymbols(ThunkSection &isec) { 523 addSymbol(saver.save("__ARMV7PILongThunk_" + destination.getName()), STT_FUNC, 524 0, isec); 525 addSymbol("$a", STT_NOTYPE, 0, isec); 526 } 527 528 void ThumbV7PILongThunk::writeLong(uint8_t *buf) { 529 const uint8_t data[] = { 530 0x4f, 0xf6, 0xf4, 0x7c, // P: movw ip,:lower16:S - (P + (L1-P) + 4) 531 0xc0, 0xf2, 0x00, 0x0c, // movt ip,:upper16:S - (P + (L1-P) + 4) 532 0xfc, 0x44, // L1: add ip, pc 533 0x60, 0x47, // bx ip 534 }; 535 uint64_t s = getARMThunkDestVA(destination); 536 uint64_t p = getThunkTargetSym()->getVA() & ~0x1; 537 int64_t offset = s - p - 12; 538 memcpy(buf, data, sizeof(data)); 539 target->relocateNoSym(buf, R_ARM_THM_MOVW_PREL_NC, offset); 540 target->relocateNoSym(buf + 4, R_ARM_THM_MOVT_PREL, offset); 541 } 542 543 void ThumbV7PILongThunk::addSymbols(ThunkSection &isec) { 544 addSymbol(saver.save("__ThumbV7PILongThunk_" + destination.getName()), 545 STT_FUNC, 1, isec); 546 addSymbol("$t", STT_NOTYPE, 0, isec); 547 } 548 549 void ARMV5ABSLongThunk::writeLong(uint8_t *buf) { 550 const uint8_t data[] = { 551 0x04, 0xf0, 0x1f, 0xe5, // ldr pc, [pc,#-4] ; L1 552 0x00, 0x00, 0x00, 0x00, // L1: .word S 553 }; 554 memcpy(buf, data, sizeof(data)); 555 target->relocateNoSym(buf + 4, R_ARM_ABS32, getARMThunkDestVA(destination)); 556 } 557 558 void ARMV5ABSLongThunk::addSymbols(ThunkSection &isec) { 559 addSymbol(saver.save("__ARMv5ABSLongThunk_" + destination.getName()), 560 STT_FUNC, 0, isec); 561 addSymbol("$a", STT_NOTYPE, 0, isec); 562 addSymbol("$d", STT_NOTYPE, 4, isec); 563 } 564 565 bool ARMV5ABSLongThunk::isCompatibleWith(const InputSection &isec, 566 const Relocation &rel) const { 567 // Thumb branch relocations can't use BLX 568 return rel.type != R_ARM_THM_JUMP19 && rel.type != R_ARM_THM_JUMP24; 569 } 570 571 void ARMV5PILongThunk::writeLong(uint8_t *buf) { 572 const uint8_t data[] = { 573 0x04, 0xc0, 0x9f, 0xe5, // P: ldr ip, [pc,#4] ; L2 574 0x0c, 0xc0, 0x8f, 0xe0, // L1: add ip, pc, ip 575 0x1c, 0xff, 0x2f, 0xe1, // bx ip 576 0x00, 0x00, 0x00, 0x00, // L2: .word S - (P + (L1 - P) + 8) 577 }; 578 uint64_t s = getARMThunkDestVA(destination); 579 uint64_t p = getThunkTargetSym()->getVA() & ~0x1; 580 memcpy(buf, data, sizeof(data)); 581 target->relocateNoSym(buf + 12, R_ARM_REL32, s - p - 12); 582 } 583 584 void ARMV5PILongThunk::addSymbols(ThunkSection &isec) { 585 addSymbol(saver.save("__ARMV5PILongThunk_" + destination.getName()), STT_FUNC, 586 0, isec); 587 addSymbol("$a", STT_NOTYPE, 0, isec); 588 addSymbol("$d", STT_NOTYPE, 12, isec); 589 } 590 591 bool ARMV5PILongThunk::isCompatibleWith(const InputSection &isec, 592 const Relocation &rel) const { 593 // Thumb branch relocations can't use BLX 594 return rel.type != R_ARM_THM_JUMP19 && rel.type != R_ARM_THM_JUMP24; 595 } 596 597 void ThumbV6MABSLongThunk::writeLong(uint8_t *buf) { 598 // Most Thumb instructions cannot access the high registers r8 - r15. As the 599 // only register we can corrupt is r12 we must instead spill a low register 600 // to the stack to use as a scratch register. We push r1 even though we 601 // don't need to get some space to use for the return address. 602 const uint8_t data[] = { 603 0x03, 0xb4, // push {r0, r1} ; Obtain scratch registers 604 0x01, 0x48, // ldr r0, [pc, #4] ; L1 605 0x01, 0x90, // str r0, [sp, #4] ; SP + 4 = S 606 0x01, 0xbd, // pop {r0, pc} ; restore r0 and branch to dest 607 0x00, 0x00, 0x00, 0x00 // L1: .word S 608 }; 609 uint64_t s = getARMThunkDestVA(destination); 610 memcpy(buf, data, sizeof(data)); 611 target->relocateNoSym(buf + 8, R_ARM_ABS32, s); 612 } 613 614 void ThumbV6MABSLongThunk::addSymbols(ThunkSection &isec) { 615 addSymbol(saver.save("__Thumbv6MABSLongThunk_" + destination.getName()), 616 STT_FUNC, 1, isec); 617 addSymbol("$t", STT_NOTYPE, 0, isec); 618 addSymbol("$d", STT_NOTYPE, 8, isec); 619 } 620 621 void ThumbV6MPILongThunk::writeLong(uint8_t *buf) { 622 // Most Thumb instructions cannot access the high registers r8 - r15. As the 623 // only register we can corrupt is ip (r12) we must instead spill a low 624 // register to the stack to use as a scratch register. 625 const uint8_t data[] = { 626 0x01, 0xb4, // P: push {r0} ; Obtain scratch register 627 0x02, 0x48, // ldr r0, [pc, #8] ; L2 628 0x84, 0x46, // mov ip, r0 ; high to low register 629 0x01, 0xbc, // pop {r0} ; restore scratch register 630 0xe7, 0x44, // L1: add pc, ip ; transfer control 631 0xc0, 0x46, // nop ; pad to 4-byte boundary 632 0x00, 0x00, 0x00, 0x00, // L2: .word S - (P + (L1 - P) + 4) 633 }; 634 uint64_t s = getARMThunkDestVA(destination); 635 uint64_t p = getThunkTargetSym()->getVA() & ~0x1; 636 memcpy(buf, data, sizeof(data)); 637 target->relocateNoSym(buf + 12, R_ARM_REL32, s - p - 12); 638 } 639 640 void ThumbV6MPILongThunk::addSymbols(ThunkSection &isec) { 641 addSymbol(saver.save("__Thumbv6MPILongThunk_" + destination.getName()), 642 STT_FUNC, 1, isec); 643 addSymbol("$t", STT_NOTYPE, 0, isec); 644 addSymbol("$d", STT_NOTYPE, 12, isec); 645 } 646 647 // Write MIPS LA25 thunk code to call PIC function from the non-PIC one. 648 void MipsThunk::writeTo(uint8_t *buf) { 649 uint64_t s = destination.getVA(); 650 write32(buf, 0x3c190000); // lui $25, %hi(func) 651 write32(buf + 4, 0x08000000 | (s >> 2)); // j func 652 write32(buf + 8, 0x27390000); // addiu $25, $25, %lo(func) 653 write32(buf + 12, 0x00000000); // nop 654 target->relocateNoSym(buf, R_MIPS_HI16, s); 655 target->relocateNoSym(buf + 8, R_MIPS_LO16, s); 656 } 657 658 void MipsThunk::addSymbols(ThunkSection &isec) { 659 addSymbol(saver.save("__LA25Thunk_" + destination.getName()), STT_FUNC, 0, 660 isec); 661 } 662 663 InputSection *MipsThunk::getTargetInputSection() const { 664 auto &dr = cast<Defined>(destination); 665 return dyn_cast<InputSection>(dr.section); 666 } 667 668 // Write microMIPS R2-R5 LA25 thunk code 669 // to call PIC function from the non-PIC one. 670 void MicroMipsThunk::writeTo(uint8_t *buf) { 671 uint64_t s = destination.getVA(); 672 write16(buf, 0x41b9); // lui $25, %hi(func) 673 write16(buf + 4, 0xd400); // j func 674 write16(buf + 8, 0x3339); // addiu $25, $25, %lo(func) 675 write16(buf + 12, 0x0c00); // nop 676 target->relocateNoSym(buf, R_MICROMIPS_HI16, s); 677 target->relocateNoSym(buf + 4, R_MICROMIPS_26_S1, s); 678 target->relocateNoSym(buf + 8, R_MICROMIPS_LO16, s); 679 } 680 681 void MicroMipsThunk::addSymbols(ThunkSection &isec) { 682 Defined *d = addSymbol( 683 saver.save("__microLA25Thunk_" + destination.getName()), STT_FUNC, 0, isec); 684 d->stOther |= STO_MIPS_MICROMIPS; 685 } 686 687 InputSection *MicroMipsThunk::getTargetInputSection() const { 688 auto &dr = cast<Defined>(destination); 689 return dyn_cast<InputSection>(dr.section); 690 } 691 692 // Write microMIPS R6 LA25 thunk code 693 // to call PIC function from the non-PIC one. 694 void MicroMipsR6Thunk::writeTo(uint8_t *buf) { 695 uint64_t s = destination.getVA(); 696 uint64_t p = getThunkTargetSym()->getVA(); 697 write16(buf, 0x1320); // lui $25, %hi(func) 698 write16(buf + 4, 0x3339); // addiu $25, $25, %lo(func) 699 write16(buf + 8, 0x9400); // bc func 700 target->relocateNoSym(buf, R_MICROMIPS_HI16, s); 701 target->relocateNoSym(buf + 4, R_MICROMIPS_LO16, s); 702 target->relocateNoSym(buf + 8, R_MICROMIPS_PC26_S1, s - p - 12); 703 } 704 705 void MicroMipsR6Thunk::addSymbols(ThunkSection &isec) { 706 Defined *d = addSymbol( 707 saver.save("__microLA25Thunk_" + destination.getName()), STT_FUNC, 0, isec); 708 d->stOther |= STO_MIPS_MICROMIPS; 709 } 710 711 InputSection *MicroMipsR6Thunk::getTargetInputSection() const { 712 auto &dr = cast<Defined>(destination); 713 return dyn_cast<InputSection>(dr.section); 714 } 715 716 void elf::writePPC32PltCallStub(uint8_t *buf, uint64_t gotPltVA, 717 const InputFile *file, int64_t addend) { 718 if (!config->isPic) { 719 write32(buf + 0, 0x3d600000 | (gotPltVA + 0x8000) >> 16); // lis r11,ha 720 write32(buf + 4, 0x816b0000 | (uint16_t)gotPltVA); // lwz r11,l(r11) 721 write32(buf + 8, 0x7d6903a6); // mtctr r11 722 write32(buf + 12, 0x4e800420); // bctr 723 return; 724 } 725 uint32_t offset; 726 if (addend >= 0x8000) { 727 // The stub loads an address relative to r30 (.got2+Addend). Addend is 728 // almost always 0x8000. The address of .got2 is different in another object 729 // file, so a stub cannot be shared. 730 offset = gotPltVA - (in.ppc32Got2->getParent()->getVA() + 731 file->ppc32Got2OutSecOff + addend); 732 } else { 733 // The stub loads an address relative to _GLOBAL_OFFSET_TABLE_ (which is 734 // currently the address of .got). 735 offset = gotPltVA - in.got->getVA(); 736 } 737 uint16_t ha = (offset + 0x8000) >> 16, l = (uint16_t)offset; 738 if (ha == 0) { 739 write32(buf + 0, 0x817e0000 | l); // lwz r11,l(r30) 740 write32(buf + 4, 0x7d6903a6); // mtctr r11 741 write32(buf + 8, 0x4e800420); // bctr 742 write32(buf + 12, 0x60000000); // nop 743 } else { 744 write32(buf + 0, 0x3d7e0000 | ha); // addis r11,r30,ha 745 write32(buf + 4, 0x816b0000 | l); // lwz r11,l(r11) 746 write32(buf + 8, 0x7d6903a6); // mtctr r11 747 write32(buf + 12, 0x4e800420); // bctr 748 } 749 } 750 751 void PPC32PltCallStub::writeTo(uint8_t *buf) { 752 writePPC32PltCallStub(buf, destination.getGotPltVA(), file, addend); 753 } 754 755 void PPC32PltCallStub::addSymbols(ThunkSection &isec) { 756 std::string buf; 757 raw_string_ostream os(buf); 758 os << format_hex_no_prefix(addend, 8); 759 if (!config->isPic) 760 os << ".plt_call32."; 761 else if (addend >= 0x8000) 762 os << ".got2.plt_pic32."; 763 else 764 os << ".plt_pic32."; 765 os << destination.getName(); 766 addSymbol(saver.save(os.str()), STT_FUNC, 0, isec); 767 } 768 769 bool PPC32PltCallStub::isCompatibleWith(const InputSection &isec, 770 const Relocation &rel) const { 771 return !config->isPic || (isec.file == file && rel.addend == addend); 772 } 773 774 void PPC32LongThunk::addSymbols(ThunkSection &isec) { 775 addSymbol(saver.save("__LongThunk_" + destination.getName()), STT_FUNC, 0, 776 isec); 777 } 778 779 void PPC32LongThunk::writeTo(uint8_t *buf) { 780 auto ha = [](uint32_t v) -> uint16_t { return (v + 0x8000) >> 16; }; 781 auto lo = [](uint32_t v) -> uint16_t { return v; }; 782 uint32_t d = destination.getVA(addend); 783 if (config->isPic) { 784 uint32_t off = d - (getThunkTargetSym()->getVA() + 8); 785 write32(buf + 0, 0x7c0802a6); // mflr r12,0 786 write32(buf + 4, 0x429f0005); // bcl r20,r31,.+4 787 write32(buf + 8, 0x7d8802a6); // mtctr r12 788 write32(buf + 12, 0x3d8c0000 | ha(off)); // addis r12,r12,off@ha 789 write32(buf + 16, 0x398c0000 | lo(off)); // addi r12,r12,off@l 790 write32(buf + 20, 0x7c0803a6); // mtlr r0 791 buf += 24; 792 } else { 793 write32(buf + 0, 0x3d800000 | ha(d)); // lis r12,d@ha 794 write32(buf + 4, 0x398c0000 | lo(d)); // addi r12,r12,d@l 795 buf += 8; 796 } 797 write32(buf + 0, 0x7d8903a6); // mtctr r12 798 write32(buf + 4, 0x4e800420); // bctr 799 } 800 801 void elf::writePPC64LoadAndBranch(uint8_t *buf, int64_t offset) { 802 uint16_t offHa = (offset + 0x8000) >> 16; 803 uint16_t offLo = offset & 0xffff; 804 805 write32(buf + 0, 0x3d820000 | offHa); // addis r12, r2, OffHa 806 write32(buf + 4, 0xe98c0000 | offLo); // ld r12, OffLo(r12) 807 write32(buf + 8, 0x7d8903a6); // mtctr r12 808 write32(buf + 12, 0x4e800420); // bctr 809 } 810 811 void PPC64PltCallStub::writeTo(uint8_t *buf) { 812 int64_t offset = destination.getGotPltVA() - getPPC64TocBase(); 813 // Save the TOC pointer to the save-slot reserved in the call frame. 814 write32(buf + 0, 0xf8410018); // std r2,24(r1) 815 writePPC64LoadAndBranch(buf + 4, offset); 816 } 817 818 void PPC64PltCallStub::addSymbols(ThunkSection &isec) { 819 Defined *s = addSymbol(saver.save("__plt_" + destination.getName()), STT_FUNC, 820 0, isec); 821 s->needsTocRestore = true; 822 s->file = destination.file; 823 } 824 825 void PPC64LongBranchThunk::writeTo(uint8_t *buf) { 826 int64_t offset = in.ppc64LongBranchTarget->getEntryVA(&destination, addend) - 827 getPPC64TocBase(); 828 writePPC64LoadAndBranch(buf, offset); 829 } 830 831 void PPC64LongBranchThunk::addSymbols(ThunkSection &isec) { 832 addSymbol(saver.save("__long_branch_" + destination.getName()), STT_FUNC, 0, 833 isec); 834 } 835 836 Thunk::Thunk(Symbol &d, int64_t a) : destination(d), addend(a), offset(0) {} 837 838 Thunk::~Thunk() = default; 839 840 static Thunk *addThunkAArch64(RelType type, Symbol &s, int64_t a) { 841 if (type != R_AARCH64_CALL26 && type != R_AARCH64_JUMP26) 842 fatal("unrecognized relocation type"); 843 if (config->picThunk) 844 return make<AArch64ADRPThunk>(s, a); 845 return make<AArch64ABSLongThunk>(s, a); 846 } 847 848 // Creates a thunk for Thumb-ARM interworking. 849 // Arm Architectures v5 and v6 do not support Thumb2 technology. This means 850 // - MOVT and MOVW instructions cannot be used 851 // - Only Thumb relocation that can generate a Thunk is a BL, this can always 852 // be transformed into a BLX 853 static Thunk *addThunkPreArmv7(RelType reloc, Symbol &s) { 854 switch (reloc) { 855 case R_ARM_PC24: 856 case R_ARM_PLT32: 857 case R_ARM_JUMP24: 858 case R_ARM_CALL: 859 case R_ARM_THM_CALL: 860 if (config->picThunk) 861 return make<ARMV5PILongThunk>(s); 862 return make<ARMV5ABSLongThunk>(s); 863 } 864 fatal("relocation " + toString(reloc) + " to " + toString(s) + 865 " not supported for Armv5 or Armv6 targets"); 866 } 867 868 // Create a thunk for Thumb long branch on V6-M. 869 // Arm Architecture v6-M only supports Thumb instructions. This means 870 // - MOVT and MOVW instructions cannot be used. 871 // - Only a limited number of instructions can access registers r8 and above 872 // - No interworking support is needed (all Thumb). 873 static Thunk *addThunkV6M(RelType reloc, Symbol &s) { 874 switch (reloc) { 875 case R_ARM_THM_JUMP19: 876 case R_ARM_THM_JUMP24: 877 case R_ARM_THM_CALL: 878 if (config->isPic) 879 return make<ThumbV6MPILongThunk>(s); 880 return make<ThumbV6MABSLongThunk>(s); 881 } 882 fatal("relocation " + toString(reloc) + " to " + toString(s) + 883 " not supported for Armv6-M targets"); 884 } 885 886 // Creates a thunk for Thumb-ARM interworking or branch range extension. 887 static Thunk *addThunkArm(RelType reloc, Symbol &s) { 888 // Decide which Thunk is needed based on: 889 // Available instruction set 890 // - An Arm Thunk can only be used if Arm state is available. 891 // - A Thumb Thunk can only be used if Thumb state is available. 892 // - Can only use a Thunk if it uses instructions that the Target supports. 893 // Relocation is branch or branch and link 894 // - Branch instructions cannot change state, can only select Thunk that 895 // starts in the same state as the caller. 896 // - Branch and link relocations can change state, can select Thunks from 897 // either Arm or Thumb. 898 // Position independent Thunks if we require position independent code. 899 900 // Handle architectures that have restrictions on the instructions that they 901 // can use in Thunks. The flags below are set by reading the BuildAttributes 902 // of the input objects. InputFiles.cpp contains the mapping from ARM 903 // architecture to flag. 904 if (!config->armHasMovtMovw) { 905 if (!config->armJ1J2BranchEncoding) 906 return addThunkPreArmv7(reloc, s); 907 return addThunkV6M(reloc, s); 908 } 909 910 switch (reloc) { 911 case R_ARM_PC24: 912 case R_ARM_PLT32: 913 case R_ARM_JUMP24: 914 case R_ARM_CALL: 915 if (config->picThunk) 916 return make<ARMV7PILongThunk>(s); 917 return make<ARMV7ABSLongThunk>(s); 918 case R_ARM_THM_JUMP19: 919 case R_ARM_THM_JUMP24: 920 case R_ARM_THM_CALL: 921 if (config->picThunk) 922 return make<ThumbV7PILongThunk>(s); 923 return make<ThumbV7ABSLongThunk>(s); 924 } 925 fatal("unrecognized relocation type"); 926 } 927 928 static Thunk *addThunkMips(RelType type, Symbol &s) { 929 if ((s.stOther & STO_MIPS_MICROMIPS) && isMipsR6()) 930 return make<MicroMipsR6Thunk>(s); 931 if (s.stOther & STO_MIPS_MICROMIPS) 932 return make<MicroMipsThunk>(s); 933 return make<MipsThunk>(s); 934 } 935 936 static Thunk *addThunkPPC32(const InputSection &isec, const Relocation &rel, 937 Symbol &s) { 938 assert((rel.type == R_PPC_LOCAL24PC || rel.type == R_PPC_REL24 || 939 rel.type == R_PPC_PLTREL24) && 940 "unexpected relocation type for thunk"); 941 if (s.isInPlt()) 942 return make<PPC32PltCallStub>(isec, rel, s); 943 return make<PPC32LongThunk>(s, rel.addend); 944 } 945 946 static Thunk *addThunkPPC64(RelType type, Symbol &s, int64_t a) { 947 assert((type == R_PPC64_REL14 || type == R_PPC64_REL24) && 948 "unexpected relocation type for thunk"); 949 if (s.isInPlt()) 950 return make<PPC64PltCallStub>(s); 951 952 if (config->picThunk) 953 return make<PPC64PILongBranchThunk>(s, a); 954 955 return make<PPC64PDLongBranchThunk>(s, a); 956 } 957 958 Thunk *elf::addThunk(const InputSection &isec, Relocation &rel) { 959 Symbol &s = *rel.sym; 960 int64_t a = rel.addend; 961 962 if (config->emachine == EM_AARCH64) 963 return addThunkAArch64(rel.type, s, a); 964 965 if (config->emachine == EM_ARM) 966 return addThunkArm(rel.type, s); 967 968 if (config->emachine == EM_MIPS) 969 return addThunkMips(rel.type, s); 970 971 if (config->emachine == EM_PPC) 972 return addThunkPPC32(isec, rel, s); 973 974 if (config->emachine == EM_PPC64) 975 return addThunkPPC64(rel.type, s, a); 976 977 llvm_unreachable("add Thunk only supported for ARM, Mips and PowerPC"); 978 } 979