Coverage Report

Created: 2018-08-19 14:04

/Users/buildslave/jenkins/workspace/clang-stage2-coverage-R/llvm/tools/lld/ELF/Arch/X86.cpp
Line
Count
Source (jump to first uncovered line)
1
//===- X86.cpp ------------------------------------------------------------===//
2
//
3
//                             The LLVM Linker
4
//
5
// This file is distributed under the University of Illinois Open Source
6
// License. See LICENSE.TXT for details.
7
//
8
//===----------------------------------------------------------------------===//
9
10
#include "InputFiles.h"
11
#include "Symbols.h"
12
#include "SyntheticSections.h"
13
#include "Target.h"
14
#include "lld/Common/ErrorHandler.h"
15
#include "llvm/Support/Endian.h"
16
17
using namespace llvm;
18
using namespace llvm::support::endian;
19
using namespace llvm::ELF;
20
using namespace lld;
21
using namespace lld::elf;
22
23
namespace {
24
class X86 : public TargetInfo {
25
public:
26
  X86();
27
  RelExpr getRelExpr(RelType Type, const Symbol &S,
28
                     const uint8_t *Loc) const override;
29
  int64_t getImplicitAddend(const uint8_t *Buf, RelType Type) const override;
30
  void writeGotPltHeader(uint8_t *Buf) const override;
31
  RelType getDynRel(RelType Type) const override;
32
  void writeGotPlt(uint8_t *Buf, const Symbol &S) const override;
33
  void writeIgotPlt(uint8_t *Buf, const Symbol &S) const override;
34
  void writePltHeader(uint8_t *Buf) const override;
35
  void writePlt(uint8_t *Buf, uint64_t GotPltEntryAddr, uint64_t PltEntryAddr,
36
                int32_t Index, unsigned RelOff) const override;
37
  void relocateOne(uint8_t *Loc, RelType Type, uint64_t Val) const override;
38
39
  RelExpr adjustRelaxExpr(RelType Type, const uint8_t *Data,
40
                          RelExpr Expr) const override;
41
  void relaxTlsGdToIe(uint8_t *Loc, RelType Type, uint64_t Val) const override;
42
  void relaxTlsGdToLe(uint8_t *Loc, RelType Type, uint64_t Val) const override;
43
  void relaxTlsIeToLe(uint8_t *Loc, RelType Type, uint64_t Val) const override;
44
  void relaxTlsLdToLe(uint8_t *Loc, RelType Type, uint64_t Val) const override;
45
};
46
} // namespace
47
48
126
X86::X86() {
49
126
  CopyRel = R_386_COPY;
50
126
  GotRel = R_386_GLOB_DAT;
51
126
  PltRel = R_386_JUMP_SLOT;
52
126
  IRelativeRel = R_386_IRELATIVE;
53
126
  RelativeRel = R_386_RELATIVE;
54
126
  TlsGotRel = R_386_TLS_TPOFF;
55
126
  TlsModuleIndexRel = R_386_TLS_DTPMOD32;
56
126
  TlsOffsetRel = R_386_TLS_DTPOFF32;
57
126
  GotEntrySize = 4;
58
126
  GotPltEntrySize = 4;
59
126
  PltEntrySize = 16;
60
126
  PltHeaderSize = 16;
61
126
  TlsGdRelaxSkip = 2;
62
126
  TrapInstr = 0xcccccccc; // 0xcc = INT3
63
126
}
64
65
28
static bool hasBaseReg(uint8_t ModRM) { return (ModRM & 0xc7) != 0x5; }
66
67
RelExpr X86::getRelExpr(RelType Type, const Symbol &S,
68
186
                        const uint8_t *Loc) const {
69
186
  switch (Type) {
70
186
  case R_386_8:
71
47
  case R_386_16:
72
47
  case R_386_32:
73
47
  case R_386_TLS_LDO_32:
74
47
    return R_ABS;
75
47
  case R_386_TLS_GD:
76
6
    return R_TLSGD_GOT_FROM_END;
77
47
  case R_386_TLS_LDM:
78
4
    return R_TLSLD_GOT_FROM_END;
79
47
  case R_386_PLT32:
80
29
    return R_PLT_PC;
81
47
  case R_386_PC8:
82
27
  case R_386_PC16:
83
27
  case R_386_PC32:
84
27
    return R_PC;
85
27
  case R_386_GOTPC:
86
6
    return R_GOTONLY_PC_FROM_END;
87
27
  case R_386_TLS_IE:
88
17
    return R_GOT;
89
28
  case R_386_GOT32:
90
28
  case R_386_GOT32X:
91
28
    // These relocations are arguably mis-designed because their calculations
92
28
    // depend on the instructions they are applied to. This is bad because we
93
28
    // usually don't care about whether the target section contains valid
94
28
    // machine instructions or not. But this is part of the documented ABI, so
95
28
    // we had to implement as the standard requires.
96
28
    //
97
28
    // x86 does not support PC-relative data access. Therefore, in order to
98
28
    // access GOT contents, a GOT address needs to be known at link-time
99
28
    // (which means non-PIC) or compilers have to emit code to get a GOT
100
28
    // address at runtime (which means code is position-independent but
101
28
    // compilers need to emit extra code for each GOT access.) This decision
102
28
    // is made at compile-time. In the latter case, compilers emit code to
103
28
    // load an GOT address to a register, which is usually %ebx.
104
28
    //
105
28
    // So, there are two ways to refer to symbol foo's GOT entry: foo@GOT or
106
28
    // foo@GOT(%reg).
107
28
    //
108
28
    // foo@GOT is not usable in PIC. If we are creating a PIC output and if we
109
28
    // find such relocation, we should report an error. foo@GOT is resolved to
110
28
    // an *absolute* address of foo's GOT entry, because both GOT address and
111
28
    // foo's offset are known. In other words, it's G + A.
112
28
    //
113
28
    // foo@GOT(%reg) needs to be resolved to a *relative* offset from a GOT to
114
28
    // foo's GOT entry in the table, because GOT address is not known but foo's
115
28
    // offset in the table is known. It's G + A - GOT.
116
28
    //
117
28
    // It's unfortunate that compilers emit the same relocation for these
118
28
    // different use cases. In order to distinguish them, we have to read a
119
28
    // machine instruction.
120
28
    //
121
28
    // The following code implements it. We assume that Loc[0] is the first
122
28
    // byte of a displacement or an immediate field of a valid machine
123
28
    // instruction. That means a ModRM byte is at Loc[-1]. By taking a look at
124
28
    // the byte, we can determine whether the instruction is register-relative
125
28
    // (i.e. it was generated for foo@GOT(%reg)) or absolute (i.e. foo@GOT).
126
28
    return hasBaseReg(Loc[-1]) ? 
R_GOT_FROM_END21
:
R_GOT7
;
127
28
  case R_386_TLS_GOTIE:
128
8
    return R_GOT_FROM_END;
129
28
  case R_386_GOTOFF:
130
4
    return R_GOTREL_FROM_END;
131
28
  case R_386_TLS_LE:
132
4
    return R_TLS;
133
28
  case R_386_TLS_LE_32:
134
4
    return R_NEG_TLS;
135
28
  case R_386_NONE:
136
1
    return R_NONE;
137
28
  default:
138
1
    return R_INVALID;
139
186
  }
140
186
}
141
142
RelExpr X86::adjustRelaxExpr(RelType Type, const uint8_t *Data,
143
8
                             RelExpr Expr) const {
144
8
  switch (Expr) {
145
8
  default:
146
4
    return Expr;
147
8
  case R_RELAX_TLS_GD_TO_IE:
148
2
    return R_RELAX_TLS_GD_TO_IE_END;
149
8
  case R_RELAX_TLS_GD_TO_LE:
150
2
    return R_RELAX_TLS_GD_TO_LE_NEG;
151
8
  }
152
8
}
153
154
17
void X86::writeGotPltHeader(uint8_t *Buf) const {
155
17
  write32le(Buf, InX::Dynamic->getVA());
156
17
}
157
158
13
void X86::writeGotPlt(uint8_t *Buf, const Symbol &S) const {
159
13
  // Entries in .got.plt initially points back to the corresponding
160
13
  // PLT entries with a fixed offset to skip the first instruction.
161
13
  write32le(Buf, S.getPltVA() + 6);
162
13
}
163
164
6
void X86::writeIgotPlt(uint8_t *Buf, const Symbol &S) const {
165
6
  // An x86 entry is the address of the ifunc resolver function.
166
6
  write32le(Buf, S.getVA());
167
6
}
168
169
25
RelType X86::getDynRel(RelType Type) const {
170
25
  if (Type == R_386_TLS_LE)
171
2
    return R_386_TLS_TPOFF;
172
23
  if (Type == R_386_TLS_LE_32)
173
2
    return R_386_TLS_TPOFF32;
174
21
  return Type;
175
21
}
176
177
9
void X86::writePltHeader(uint8_t *Buf) const {
178
9
  if (Config->Pic) {
179
4
    const uint8_t V[] = {
180
4
        0xff, 0xb3, 0x04, 0x00, 0x00, 0x00, // pushl GOTPLT+4(%ebx)
181
4
        0xff, 0xa3, 0x08, 0x00, 0x00, 0x00, // jmp *GOTPLT+8(%ebx)
182
4
        0x90, 0x90, 0x90, 0x90              // nop
183
4
    };
184
4
    memcpy(Buf, V, sizeof(V));
185
4
186
4
    uint32_t Ebx = InX::Got->getVA() + InX::Got->getSize();
187
4
    uint32_t GotPlt = InX::GotPlt->getVA() - Ebx;
188
4
    write32le(Buf + 2, GotPlt + 4);
189
4
    write32le(Buf + 8, GotPlt + 8);
190
4
    return;
191
4
  }
192
5
193
5
  const uint8_t PltData[] = {
194
5
      0xff, 0x35, 0, 0, 0, 0, // pushl (GOTPLT+4)
195
5
      0xff, 0x25, 0, 0, 0, 0, // jmp *(GOTPLT+8)
196
5
      0x90, 0x90, 0x90, 0x90, // nop
197
5
  };
198
5
  memcpy(Buf, PltData, sizeof(PltData));
199
5
  uint32_t GotPlt = InX::GotPlt->getVA();
200
5
  write32le(Buf + 2, GotPlt + 4);
201
5
  write32le(Buf + 8, GotPlt + 8);
202
5
}
203
204
void X86::writePlt(uint8_t *Buf, uint64_t GotPltEntryAddr,
205
                   uint64_t PltEntryAddr, int32_t Index,
206
19
                   unsigned RelOff) const {
207
19
  const uint8_t Inst[] = {
208
19
      0xff, 0x00, 0, 0, 0, 0, // jmp *foo_in_GOT or jmp *foo@GOT(%ebx)
209
19
      0x68, 0, 0, 0, 0,       // pushl $reloc_offset
210
19
      0xe9, 0, 0, 0, 0,       // jmp .PLT0@PC
211
19
  };
212
19
  memcpy(Buf, Inst, sizeof(Inst));
213
19
214
19
  if (Config->Pic) {
215
6
    // jmp *foo@GOT(%ebx)
216
6
    uint32_t Ebx = InX::Got->getVA() + InX::Got->getSize();
217
6
    Buf[1] = 0xa3;
218
6
    write32le(Buf + 2, GotPltEntryAddr - Ebx);
219
13
  } else {
220
13
    // jmp *foo_in_GOT
221
13
    Buf[1] = 0x25;
222
13
    write32le(Buf + 2, GotPltEntryAddr);
223
13
  }
224
19
225
19
  write32le(Buf + 7, RelOff);
226
19
  write32le(Buf + 12, -getPltEntryOffset(Index) - 16);
227
19
}
228
229
195
int64_t X86::getImplicitAddend(const uint8_t *Buf, RelType Type) const {
230
195
  switch (Type) {
231
195
  case R_386_8:
232
9
  case R_386_PC8:
233
9
    return SignExtend64<8>(*Buf);
234
10
  case R_386_16:
235
10
  case R_386_PC16:
236
10
    return SignExtend64<16>(read16le(Buf));
237
136
  case R_386_32:
238
136
  case R_386_GOT32:
239
136
  case R_386_GOT32X:
240
136
  case R_386_GOTOFF:
241
136
  case R_386_GOTPC:
242
136
  case R_386_PC32:
243
136
  case R_386_PLT32:
244
136
  case R_386_TLS_LDO_32:
245
136
  case R_386_TLS_LE:
246
136
    return SignExtend64<32>(read32le(Buf));
247
136
  default:
248
40
    return 0;
249
195
  }
250
195
}
251
252
154
void X86::relocateOne(uint8_t *Loc, RelType Type, uint64_t Val) const {
253
154
  switch (Type) {
254
154
  case R_386_8:
255
6
    // R_386_{PC,}{8,16} are not part of the i386 psABI, but they are
256
6
    // being used for some 16-bit programs such as boot loaders, so
257
6
    // we want to support them.
258
6
    checkIntUInt(Loc, Val, 8, Type);
259
6
    *Loc = Val;
260
6
    break;
261
154
  case R_386_PC8:
262
3
    checkInt(Loc, Val, 8, Type);
263
3
    *Loc = Val;
264
3
    break;
265
154
  case R_386_16:
266
5
    checkIntUInt(Loc, Val, 16, Type);
267
5
    write16le(Loc, Val);
268
5
    break;
269
154
  case R_386_PC16:
270
5
    // R_386_PC16 is normally used with 16 bit code. In that situation
271
5
    // the PC is 16 bits, just like the addend. This means that it can
272
5
    // point from any 16 bit address to any other if the possibility
273
5
    // of wrapping is included.
274
5
    // The only restriction we have to check then is that the destination
275
5
    // address fits in 16 bits. That is impossible to do here. The problem is
276
5
    // that we are passed the final value, which already had the
277
5
    // current location subtracted from it.
278
5
    // We just check that Val fits in 17 bits. This misses some cases, but
279
5
    // should have no false positives.
280
5
    checkInt(Loc, Val, 17, Type);
281
5
    write16le(Loc, Val);
282
5
    break;
283
154
  case R_386_32:
284
134
  case R_386_GLOB_DAT:
285
134
  case R_386_GOT32:
286
134
  case R_386_GOT32X:
287
134
  case R_386_GOTOFF:
288
134
  case R_386_GOTPC:
289
134
  case R_386_PC32:
290
134
  case R_386_PLT32:
291
134
  case R_386_RELATIVE:
292
134
  case R_386_TLS_DTPMOD32:
293
134
  case R_386_TLS_DTPOFF32:
294
134
  case R_386_TLS_GD:
295
134
  case R_386_TLS_GOTIE:
296
134
  case R_386_TLS_IE:
297
134
  case R_386_TLS_LDM:
298
134
  case R_386_TLS_LDO_32:
299
134
  case R_386_TLS_LE:
300
134
  case R_386_TLS_LE_32:
301
134
  case R_386_TLS_TPOFF:
302
134
  case R_386_TLS_TPOFF32:
303
134
    checkInt(Loc, Val, 32, Type);
304
134
    write32le(Loc, Val);
305
134
    break;
306
134
  default:
307
0
    error(getErrorLocation(Loc) + "unrecognized reloc " + Twine(Type));
308
154
  }
309
154
}
310
311
2
void X86::relaxTlsGdToLe(uint8_t *Loc, RelType Type, uint64_t Val) const {
312
2
  // Convert
313
2
  //   leal x@tlsgd(, %ebx, 1),
314
2
  //   call __tls_get_addr@plt
315
2
  // to
316
2
  //   movl %gs:0,%eax
317
2
  //   subl $x@ntpoff,%eax
318
2
  const uint8_t Inst[] = {
319
2
      0x65, 0xa1, 0x00, 0x00, 0x00, 0x00, // movl %gs:0, %eax
320
2
      0x81, 0xe8, 0, 0, 0, 0,             // subl Val(%ebx), %eax
321
2
  };
322
2
  memcpy(Loc - 3, Inst, sizeof(Inst));
323
2
  write32le(Loc + 5, Val);
324
2
}
325
326
2
void X86::relaxTlsGdToIe(uint8_t *Loc, RelType Type, uint64_t Val) const {
327
2
  // Convert
328
2
  //   leal x@tlsgd(, %ebx, 1),
329
2
  //   call __tls_get_addr@plt
330
2
  // to
331
2
  //   movl %gs:0, %eax
332
2
  //   addl x@gotntpoff(%ebx), %eax
333
2
  const uint8_t Inst[] = {
334
2
      0x65, 0xa1, 0x00, 0x00, 0x00, 0x00, // movl %gs:0, %eax
335
2
      0x03, 0x83, 0, 0, 0, 0,             // addl Val(%ebx), %eax
336
2
  };
337
2
  memcpy(Loc - 3, Inst, sizeof(Inst));
338
2
  write32le(Loc + 5, Val);
339
2
}
340
341
// In some conditions, relocations can be optimized to avoid using GOT.
342
// This function does that for Initial Exec to Local Exec case.
343
10
void X86::relaxTlsIeToLe(uint8_t *Loc, RelType Type, uint64_t Val) const {
344
10
  // Ulrich's document section 6.2 says that @gotntpoff can
345
10
  // be used with MOVL or ADDL instructions.
346
10
  // @indntpoff is similar to @gotntpoff, but for use in
347
10
  // position dependent code.
348
10
  uint8_t Reg = (Loc[-1] >> 3) & 7;
349
10
350
10
  if (Type == R_386_TLS_IE) {
351
6
    if (Loc[-1] == 0xa1) {
352
2
      // "movl foo@indntpoff,%eax" -> "movl $foo,%eax"
353
2
      // This case is different from the generic case below because
354
2
      // this is a 5 byte instruction while below is 6 bytes.
355
2
      Loc[-1] = 0xb8;
356
4
    } else if (Loc[-2] == 0x8b) {
357
2
      // "movl foo@indntpoff,%reg" -> "movl $foo,%reg"
358
2
      Loc[-2] = 0xc7;
359
2
      Loc[-1] = 0xc0 | Reg;
360
2
    } else {
361
2
      // "addl foo@indntpoff,%reg" -> "addl $foo,%reg"
362
2
      Loc[-2] = 0x81;
363
2
      Loc[-1] = 0xc0 | Reg;
364
2
    }
365
6
  } else {
366
4
    assert(Type == R_386_TLS_GOTIE);
367
4
    if (Loc[-2] == 0x8b) {
368
2
      // "movl foo@gottpoff(%rip),%reg" -> "movl $foo,%reg"
369
2
      Loc[-2] = 0xc7;
370
2
      Loc[-1] = 0xc0 | Reg;
371
2
    } else {
372
2
      // "addl foo@gotntpoff(%rip),%reg" -> "leal foo(%reg),%reg"
373
2
      Loc[-2] = 0x8d;
374
2
      Loc[-1] = 0x80 | (Reg << 3) | Reg;
375
2
    }
376
4
  }
377
10
  write32le(Loc, Val);
378
10
}
379
380
4
void X86::relaxTlsLdToLe(uint8_t *Loc, RelType Type, uint64_t Val) const {
381
4
  if (Type == R_386_TLS_LDO_32) {
382
2
    write32le(Loc, Val);
383
2
    return;
384
2
  }
385
2
386
2
  // Convert
387
2
  //   leal foo(%reg),%eax
388
2
  //   call ___tls_get_addr
389
2
  // to
390
2
  //   movl %gs:0,%eax
391
2
  //   nop
392
2
  //   leal 0(%esi,1),%esi
393
2
  const uint8_t Inst[] = {
394
2
      0x65, 0xa1, 0x00, 0x00, 0x00, 0x00, // movl %gs:0,%eax
395
2
      0x90,                               // nop
396
2
      0x8d, 0x74, 0x26, 0x00,             // leal 0(%esi,1),%esi
397
2
  };
398
2
  memcpy(Loc - 2, Inst, sizeof(Inst));
399
2
}
400
401
namespace {
402
class RetpolinePic : public X86 {
403
public:
404
  RetpolinePic();
405
  void writeGotPlt(uint8_t *Buf, const Symbol &S) const override;
406
  void writePltHeader(uint8_t *Buf) const override;
407
  void writePlt(uint8_t *Buf, uint64_t GotPltEntryAddr, uint64_t PltEntryAddr,
408
                int32_t Index, unsigned RelOff) const override;
409
};
410
411
class RetpolineNoPic : public X86 {
412
public:
413
  RetpolineNoPic();
414
  void writeGotPlt(uint8_t *Buf, const Symbol &S) const override;
415
  void writePltHeader(uint8_t *Buf) const override;
416
  void writePlt(uint8_t *Buf, uint64_t GotPltEntryAddr, uint64_t PltEntryAddr,
417
                int32_t Index, unsigned RelOff) const override;
418
};
419
} // namespace
420
421
2
RetpolinePic::RetpolinePic() {
422
2
  PltHeaderSize = 48;
423
2
  PltEntrySize = 32;
424
2
}
425
426
4
void RetpolinePic::writeGotPlt(uint8_t *Buf, const Symbol &S) const {
427
4
  write32le(Buf, S.getPltVA() + 17);
428
4
}
429
430
2
void RetpolinePic::writePltHeader(uint8_t *Buf) const {
431
2
  const uint8_t Insn[] = {
432
2
      0xff, 0xb3, 0,    0,    0,    0,          // 0:    pushl GOTPLT+4(%ebx)
433
2
      0x50,                                     // 6:    pushl %eax
434
2
      0x8b, 0x83, 0,    0,    0,    0,          // 7:    mov GOTPLT+8(%ebx), %eax
435
2
      0xe8, 0x0e, 0x00, 0x00, 0x00,             // d:    call next
436
2
      0xf3, 0x90,                               // 12: loop: pause
437
2
      0x0f, 0xae, 0xe8,                         // 14:   lfence
438
2
      0xeb, 0xf9,                               // 17:   jmp loop
439
2
      0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, // 19:   int3; .align 16
440
2
      0x89, 0x0c, 0x24,                         // 20: next: mov %ecx, (%esp)
441
2
      0x8b, 0x4c, 0x24, 0x04,                   // 23:   mov 0x4(%esp), %ecx
442
2
      0x89, 0x44, 0x24, 0x04,                   // 27:   mov %eax ,0x4(%esp)
443
2
      0x89, 0xc8,                               // 2b:   mov %ecx, %eax
444
2
      0x59,                                     // 2d:   pop %ecx
445
2
      0xc3,                                     // 2e:   ret
446
2
      0xcc,                                     // 2f:   int3; padding
447
2
  };
448
2
  memcpy(Buf, Insn, sizeof(Insn));
449
2
450
2
  uint32_t Ebx = InX::Got->getVA() + InX::Got->getSize();
451
2
  uint32_t GotPlt = InX::GotPlt->getVA() - Ebx;
452
2
  write32le(Buf + 2, GotPlt + 4);
453
2
  write32le(Buf + 9, GotPlt + 8);
454
2
}
455
456
void RetpolinePic::writePlt(uint8_t *Buf, uint64_t GotPltEntryAddr,
457
                            uint64_t PltEntryAddr, int32_t Index,
458
4
                            unsigned RelOff) const {
459
4
  const uint8_t Insn[] = {
460
4
      0x50,                            // pushl %eax
461
4
      0x8b, 0x83, 0,    0,    0,    0, // mov foo@GOT(%ebx), %eax
462
4
      0xe8, 0,    0,    0,    0,       // call plt+0x20
463
4
      0xe9, 0,    0,    0,    0,       // jmp plt+0x12
464
4
      0x68, 0,    0,    0,    0,       // pushl $reloc_offset
465
4
      0xe9, 0,    0,    0,    0,       // jmp plt+0
466
4
      0xcc, 0xcc, 0xcc, 0xcc, 0xcc,    // int3; padding
467
4
  };
468
4
  memcpy(Buf, Insn, sizeof(Insn));
469
4
470
4
  uint32_t Ebx = InX::Got->getVA() + InX::Got->getSize();
471
4
  unsigned Off = getPltEntryOffset(Index);
472
4
  write32le(Buf + 3, GotPltEntryAddr - Ebx);
473
4
  write32le(Buf + 8, -Off - 12 + 32);
474
4
  write32le(Buf + 13, -Off - 17 + 18);
475
4
  write32le(Buf + 18, RelOff);
476
4
  write32le(Buf + 23, -Off - 27);
477
4
}
478
479
2
RetpolineNoPic::RetpolineNoPic() {
480
2
  PltHeaderSize = 48;
481
2
  PltEntrySize = 32;
482
2
}
483
484
4
void RetpolineNoPic::writeGotPlt(uint8_t *Buf, const Symbol &S) const {
485
4
  write32le(Buf, S.getPltVA() + 16);
486
4
}
487
488
2
void RetpolineNoPic::writePltHeader(uint8_t *Buf) const {
489
2
  const uint8_t Insn[] = {
490
2
      0xff, 0x35, 0,    0,    0,    0, // 0:    pushl GOTPLT+4
491
2
      0x50,                            // 6:    pushl %eax
492
2
      0xa1, 0,    0,    0,    0,       // 7:    mov GOTPLT+8, %eax
493
2
      0xe8, 0x0f, 0x00, 0x00, 0x00,    // c:    call next
494
2
      0xf3, 0x90,                      // 11: loop: pause
495
2
      0x0f, 0xae, 0xe8,                // 13:   lfence
496
2
      0xeb, 0xf9,                      // 16:   jmp loop
497
2
      0xcc, 0xcc, 0xcc, 0xcc, 0xcc,    // 18:   int3
498
2
      0xcc, 0xcc, 0xcc,                // 1f:   int3; .align 16
499
2
      0x89, 0x0c, 0x24,                // 20: next: mov %ecx, (%esp)
500
2
      0x8b, 0x4c, 0x24, 0x04,          // 23:   mov 0x4(%esp), %ecx
501
2
      0x89, 0x44, 0x24, 0x04,          // 27:   mov %eax ,0x4(%esp)
502
2
      0x89, 0xc8,                      // 2b:   mov %ecx, %eax
503
2
      0x59,                            // 2d:   pop %ecx
504
2
      0xc3,                            // 2e:   ret
505
2
      0xcc,                            // 2f:   int3; padding
506
2
  };
507
2
  memcpy(Buf, Insn, sizeof(Insn));
508
2
509
2
  uint32_t GotPlt = InX::GotPlt->getVA();
510
2
  write32le(Buf + 2, GotPlt + 4);
511
2
  write32le(Buf + 8, GotPlt + 8);
512
2
}
513
514
void RetpolineNoPic::writePlt(uint8_t *Buf, uint64_t GotPltEntryAddr,
515
                              uint64_t PltEntryAddr, int32_t Index,
516
4
                              unsigned RelOff) const {
517
4
  const uint8_t Insn[] = {
518
4
      0x50,                         // 0:  pushl %eax
519
4
      0xa1, 0,    0,    0,    0,    // 1:  mov foo_in_GOT, %eax
520
4
      0xe8, 0,    0,    0,    0,    // 6:  call plt+0x20
521
4
      0xe9, 0,    0,    0,    0,    // b:  jmp plt+0x11
522
4
      0x68, 0,    0,    0,    0,    // 10: pushl $reloc_offset
523
4
      0xe9, 0,    0,    0,    0,    // 15: jmp plt+0
524
4
      0xcc, 0xcc, 0xcc, 0xcc, 0xcc, // 1a: int3; padding
525
4
      0xcc,                         // 1f: int3; padding
526
4
  };
527
4
  memcpy(Buf, Insn, sizeof(Insn));
528
4
529
4
  unsigned Off = getPltEntryOffset(Index);
530
4
  write32le(Buf + 2, GotPltEntryAddr);
531
4
  write32le(Buf + 7, -Off - 11 + 32);
532
4
  write32le(Buf + 12, -Off - 16 + 17);
533
4
  write32le(Buf + 17, RelOff);
534
4
  write32le(Buf + 22, -Off - 26);
535
4
}
536
537
126
TargetInfo *elf::getX86TargetInfo() {
538
126
  if (Config->ZRetpolineplt) {
539
4
    if (Config->Pic) {
540
2
      static RetpolinePic T;
541
2
      return &T;
542
2
    }
543
2
    static RetpolineNoPic T;
544
2
    return &T;
545
2
  }
546
122
547
122
  static X86 T;
548
122
  return &T;
549
122
}