This is an archive of the discontinued LLVM Phabricator instance.

jain98 retitled this revision from Adds support for GOT relocations to i386 backend to Adds support for GOT relocations to i386/ELF backend.Dec 18 2022, 8:10 PM

jain98 edited the summary of this revision. (Show Details)

Fixed a binary path issue in tests

Harbormaster completed remote builds in B203839: Diff 483855.Dec 18 2022, 9:00 PM

This looks great, and it's a big step forward for the i386 backend. (Side note: I had no idea how steep the learning curve on this one would be -- nice work getting through it!)

LGTM. :)

llvm/test/ExecutionEngine/JITLink/i386/ELF_external_to_absolute_conversion.s
28–32	This sequence is trying to access the non-existent GOT-entry, which is why it crashes at runtime. I think the assembly can be reduced to the i386 equivalent of the x86-64 sequence: .text .globl main .p2align 4, 0x90 .type main,@function main: .L0$pb: movl $_GLOBAL_OFFSET_TABLE_-.L0$pb, %eax movl $foo@GOTOFF, %eax xorl %eax, %eax retl .size main, .-main The '$' symbol at the start of the expression means that we're treating the result of the expression as an immediate, not an address to be loaded from. The immediate values that we move into `%eax` will be zeros, but since `%eax` isn't used anyway we can disregard that.

This revision is now accepted and ready to land.Dec 23 2022, 7:58 PM

Closed by commit rG1b123d9fb5aa: Adds support for GOT relocations to i386/ELF backend (authored by jain98). · Explain WhyDec 24 2022, 6:07 PM

This revision was automatically updated to reflect the committed changes.

jain98 added a commit: rG1b123d9fb5aa: Adds support for GOT relocations to i386/ELF backend.

jain98 added inline comments.Dec 24 2022, 6:38 PM

llvm/test/ExecutionEngine/JITLink/i386/ELF_external_to_absolute_conversion.s
28–32	This sequence is trying to access the non-existent GOT-entry, which is why it crashes at runtime. I didn't quite get that. I think, you're referring to this instruction - movl a@GOTOFF(%eax), %eax I thought this instruction was using `a`'s offset from the GOT symbol - not accessing any GOT entry? Could you point to the specific instruction that you were referring to in your comment? I do think I understand why the seg fault might be happening though. Essentially `a@GOTOFF(%eax)` ends up being `a@GOTOFF(0x00000000)`? Which is likely out of the JITLink process' memory. If that is indeed the case, I have another question. The assembly that I used from the test was actually generated by Clang. Is it just that Clang uses a different linker that can actually handle the code that it's producing without seg-faulting?

lhames added inline comments.Jan 9 2023, 8:48 PM

llvm/test/ExecutionEngine/JITLink/i386/ELF_external_to_absolute_conversion.s
28–32	I thought this instruction was using a's offset from the GOT symbol - not accessing any GOT entry? Could you point to the specific instruction that you were referring to in your comment? Oh you're right -- `GOTOFF` references the symbol, not the GOT entry for the symbol. Sorry for the confusion! In that case you're absolutely right -- this should work even if there's no GOT synthesized. It looks like the problem is that the `R_386_GOTPC` relocation has an addend embedded in it, but it's not being included in the Edge construction: ELF_external_to_absolute_conversion.i386.o: file format elf32-i386 Disassembly of section .text: 00000000 <main>: 0: 55 push %ebp 1: 89 e5 mov %esp,%ebp 3: 50 push %eax 4: e8 00 00 00 00 call 9 <main+0x9> 9: 58 pop %eax a: 81 c0 03 00 00 00 add $0x3,%eax. <-- 0x00000003 addend embedded here at fixup location. 10: c7 45 fc 00 00 00 00 movl $0x0,-0x4(%ebp) 17: 8b 80 00 00 00 00 mov 0x0(%eax),%eax 1d: 83 c4 04 add $0x4,%esp 20: 5d pop %ebp 21: c3 ret Edge from debugging output: 0xb7ab600c (block + 0x0000000c), addend = +0x00000000, kind = Delta32, target = _GLOBAL_OFFSET_TABLE_ You just need to read that addend out when constructing the edge. E.g. here's the MachO_x86_64 backend doing something similar: https://github.com/llvm/llvm-project/blob/5a58b19f9c93f3ac51bcde318508131ae78aa10c/llvm/lib/ExecutionEngine/JITLink/MachO_x86_64.cpp#L342 The missing addend is causing the variable reference to point to the page _before_ the data section, which is usually outside allocated memory -- that's triggering the crash, not the missing GOT. Once you fix that I think your original test case should just work -- sorry for the bad advice above!

jain98 marked 2 inline comments as done.Jan 13 2023, 6:28 PM

jain98 added inline comments.

llvm/test/ExecutionEngine/JITLink/i386/ELF_external_to_absolute_conversion.s
28–32	Thanks for the detailed explanation Lang! The solution and the problem make sense for the most part. I'm confused about one thing though. What is causing the embedded addend to be present? In the testcase we're looking at what we need is the address of the GOT in `%eax`. I'll try to clarify my question. Disassembly of section .text: 00000000 <main>: 0: 55 push %ebp 1: 89 e5 mov %esp,%ebp 3: 50 push %eax 4: e8 00 00 00 00 call 9 <main+0x9> 9: 58 pop %eax // After this instruction %eax will contain the address 9 a: 81 c0 03 00 00 00 add $0x3,%eax. // This is the fixup location and we should be adding the (GOT-9) to %eax here, no? 10: c7 45 fc 00 00 00 00 movl $0x0,-0x4(%ebp) 17: 8b 80 00 00 00 00 mov 0x0(%eax),%eax 1d: 83 c4 04 add $0x4,%esp 20: 5d pop %ebp 21: c3 ret Looking at a few other objects it looks like the embedded addend has something to do with the byte number, of an instruction, where the fixup location starts, but it still doesn't make sense to me, why that is the case. Additionally, is there a way I can access this "byte number of the start of fixup location" using `jitlink-check`?

lhames added inline comments.Jan 13 2023, 7:02 PM

llvm/test/ExecutionEngine/JITLink/i386/ELF_external_to_absolute_conversion.s
28–32	No worries. :) What is causing the embedded addend to be present? In the testcase we're looking at what we need is the address of the GOT in %eax... Agreed. The addend ends up being a small but crucial part of that calculation. Taking the example above, the address loaded into `%eax` by the `pop` will be the address of the `pop` instruction itself (the `call` will have placed the address of the next address on the stack, and the next instruction is the `pop` itself). Now in the `add` instruction you need to add some delta `D` to `%eax` to cause it to be equal to `GOT`. The usual linker calculation is the delta from _the address being fixed up_ (i.e. the address of the operand field of the `add`) to the target (the `_GLOBAL_OFFSET_TABLE_` symbol), but in this case the address being fixed up isn't the same as the address in `%eax` (the address of the `pop`) -- it's off by exactly 3 bytes: 1 byte for the `pop` instruction, and two bytes for the opcode field of the `add`. So the addend of `3` is ELF trying to help us out and make the linker math simple: `D = GOT - Address of Fixup + Addend`, with `Addend` implicitly capturing the smaller delta between the value stored in `%eax` and `Address of Fixup`. Additionally, is there a way I can access this "byte number of the start of fixup location" using jitlink-check? You can, but you don't usually want to -- you would read the fixed-up operand value using `decode_operand`, then compare it to the expected value. You'll have to find the `decode_operand` index by trial and error, but it should end up looking something like this: calll .L0$pb .L0$pb: popl %eax .globl GOTPC GOTPC: addl $_GLOBAL_OFFSET_TABLE_+(.Ltmp0-.L0$pb), %eax #jitlink-check: decode_operand(GOTPC, <idx>) = _GLOBAL_OFFSET_TABLE_ - (GOTPC + 2) where GOTPC + 2 gives you the fixup location -- two bytes into the `add`.

jain98 marked 2 inline comments as done.Jan 13 2023, 7:20 PM

jain98 added inline comments.

llvm/test/ExecutionEngine/JITLink/i386/ELF_external_to_absolute_conversion.s
28–32	Thanks, I think that makes sense! It seems like the addend is present because of the way the R_386_GOTPC relocation is calculated (GOT - fixup location), that the compiler is giving us the remaining delta to arrive at the correct GOT address. I'll have a patch out for this shortly. Thanks for talking through this :).

Revision Contents

Path

Size

llvm/

include/

llvm/

ExecutionEngine/

JITLink/

i386.h

124 lines

lib/

ExecutionEngine/

JITLink/

ELF_i386.cpp

87 lines

i386.cpp

8 lines

test/

ExecutionEngine/

JITLink/

i386/

ELF_external_to_absolute_conversion.s

41 lines

ELF_i386_small_pic_relocations.s

68 lines

Diff 485214

llvm/include/llvm/ExecutionEngine/JITLink/i386.h

Show First 20 Lines • Show All 75 Lines • ▼ Show 20 Lines	enum EdgeKind_i386 : Edge::Kind {
/// Fixup <- Target - (Fixup + 4) + Addend : int16		/// Fixup <- Target - (Fixup + 4) + Addend : int16
///		///
/// Errors:		/// Errors:
/// - The result of the fixup expression must fit into an int16, otherwise		/// - The result of the fixup expression must fit into an int16, otherwise
/// an out-of-range error will be returned.		/// an out-of-range error will be returned.
///		///
PCRel16,		PCRel16,

/// A 64-bit GOT delta.		/// A 32-bit delta.
		///
		/// Delta from the fixup to the target.
		///
		/// Fixup expression:
		/// Fixup <- Target - Fixup + Addend : int64
		///
		/// Errors:
		/// - The result of the fixup expression must fit into an int32, otherwise
		/// an out-of-range error will be returned.
		Delta32,

		/// A 32-bit GOT delta.
///		///
/// Delta from the global offset table to the target.		/// Delta from the global offset table to the target.
///		///
/// Fixup expression:		/// Fixup expression:
/// Fixup <- Target - GOTSymbol + Addend : int32		/// Fixup <- Target - GOTSymbol + Addend : int32
///		///
/// Errors:		/// Errors:
/// - ASSERTION Failure to a null pointer GOTSymbol, which the GOT section		/// - ASSERTION Failure to a null pointer GOTSymbol, which the GOT section
/// symbol was not been defined.		/// symbol was not been defined.
Delta32FromGOT,		Delta32FromGOT,

		/// A GOT entry offset within GOT getter/constructor, transformed to
		/// Delta32FromGOT pointing at the GOT entry for the original target.
		///
		/// Indicates that this edge should be transformed into a Delta32FromGOT
		/// targeting the GOT entry for the edge's current target, maintaining the
		/// same addend.
		/// A GOT entry for the target should be created if one does not already
		/// exist.
		///
		/// Edges of this kind are usually handled by a GOT builder pass inserted by
		/// default
		///
		/// Fixup expression:
		/// NONE
		///
		/// Errors:
		/// - ASSERTION Failure to handle edges of this kind prior to the fixup
		/// phase will result in an assert/unreachable during the fixup phase
		RequestGOTAndTransformToDelta32FromGOT,
};		};

/// Returns a string name for the given i386 edge. For debugging purposes		/// Returns a string name for the given i386 edge. For debugging purposes
/// only		/// only
const char *getEdgeKindName(Edge::Kind K);		const char *getEdgeKindName(Edge::Kind K);

/// Returns true if the given uint32_t value is in range for a uint16_t.		/// Returns true if the given uint32_t value is in range for a uint16_t.
inline bool isInRangeForImmU16(uint32_t Value) {		inline bool isInRangeForImmU16(uint32_t Value) {
return Value <= std::numeric_limits<uint16_t>::max();		return Value <= std::numeric_limits<uint16_t>::max();
}		}

/// Returns true if the given int32_t value is in range for an int16_t.		/// Returns true if the given int32_t value is in range for an int16_t.
inline bool isInRangeForImmS16(int32_t Value) {		inline bool isInRangeForImmS16(int32_t Value) {
return (Value >= std::numeric_limits<int16_t>::min() &&		return (Value >= std::numeric_limits<int16_t>::min() &&
Value <= std::numeric_limits<int16_t>::max());		Value <= std::numeric_limits<int16_t>::max());
}		}

/// Apply fixup expression for edge to block content.		/// Apply fixup expression for edge to block content.
inline Error applyFixup(LinkGraph &G, Block &B, const Edge &E) {		inline Error applyFixup(LinkGraph &G, Block &B, const Edge &E,
		const Symbol *GOTSymbol) {
using namespace i386;		using namespace i386;
using namespace llvm::support;		using namespace llvm::support;

char *BlockWorkingMem = B.getAlreadyMutableContent().data();		char *BlockWorkingMem = B.getAlreadyMutableContent().data();
char *FixupPtr = BlockWorkingMem + E.getOffset();		char *FixupPtr = BlockWorkingMem + E.getOffset();
auto FixupAddress = B.getAddress() + E.getOffset();		auto FixupAddress = B.getAddress() + E.getOffset();

switch (E.getKind()) {		switch (E.getKind()) {
Show All 28 Lines	int32_t Value =
E.getTarget().getAddress() - (FixupAddress + 4) + E.getAddend();		E.getTarget().getAddress() - (FixupAddress + 4) + E.getAddend();
if (LLVM_LIKELY(isInRangeForImmS16(Value)))		if (LLVM_LIKELY(isInRangeForImmS16(Value)))
(little16_t )FixupPtr = Value;		(little16_t )FixupPtr = Value;
else		else
return makeTargetOutOfRangeError(G, B, E);		return makeTargetOutOfRangeError(G, B, E);
break;		break;
}		}

		case i386::Delta32: {
		int32_t Value = E.getTarget().getAddress() - FixupAddress + E.getAddend();
		(little32_t )FixupPtr = Value;
		break;
		}

		case i386::Delta32FromGOT: {
		assert(GOTSymbol && "No GOT section symbol");
		int32_t Value =
		E.getTarget().getAddress() - GOTSymbol->getAddress() + E.getAddend();
		(little32_t )FixupPtr = Value;
		break;
		}

default:		default:
return make_error<JITLinkError>(		return make_error<JITLinkError>(
"In graph " + G.getName() + ", section " + B.getSection().getName() +		"In graph " + G.getName() + ", section " + B.getSection().getName() +
"unsupported edge kind" + getEdgeKindName(E.getKind()));		"unsupported edge kind" + getEdgeKindName(E.getKind()));
}		}

return Error::success();		return Error::success();
}		}

		/// i386 pointer size.
		constexpr uint32_t PointerSize = 4;

		/// i386 null pointer content.
		extern const char NullPointerContent[PointerSize];

		/// Creates a new pointer block in the given section and returns an anonymous
		/// symbol pointing to it.
		///
		/// If InitialTarget is given then an Pointer32 relocation will be added to the
		/// block pointing at InitialTarget.
		///
		/// The pointer block will have the following default values:
		/// alignment: 32-bit
		/// alignment-offset: 0
		/// address: highest allowable (~7U)
		inline Symbol &createAnonymousPointer(LinkGraph &G, Section &PointerSection,
		Symbol *InitialTarget = nullptr,
		uint64_t InitialAddend = 0) {
		auto &B = G.createContentBlock(PointerSection, NullPointerContent,
		orc::ExecutorAddr(), 8, 0);
		if (InitialTarget)
		B.addEdge(Pointer32, 0, *InitialTarget, InitialAddend);
		return G.addAnonymousSymbol(B, 0, PointerSize, false, false);
		}

		/// Global Offset Table Builder.
		class GOTTableManager : public TableManager<GOTTableManager> {
		public:
		static StringRef getSectionName() { return "$__GOT"; }

		bool visitEdge(LinkGraph &G, Block *B, Edge &E) {
		Edge::Kind KindToSet = Edge::Invalid;
		switch (E.getKind()) {
		case i386::Delta32FromGOT: {
		// we need to make sure that the GOT section exists, but don't otherwise
		// need to fix up this edge
		getGOTSection(G);
		return false;
		}
		case i386::RequestGOTAndTransformToDelta32FromGOT:
		KindToSet = i386::Delta32FromGOT;
		break;
		default:
		return false;
		}
		assert(KindToSet != Edge::Invalid &&
		"Fell through switch, but no new kind to set");
		DEBUG_WITH_TYPE("jitlink", {
		dbgs() << " Fixing " << G.getEdgeKindName(E.getKind()) << " edge at "
		<< B->getFixupAddress(E) << " (" << B->getAddress() << " + "
		<< formatv("{0:x}", E.getOffset()) << ")\n";
		});
		E.setKind(KindToSet);
		E.setTarget(getEntryForTarget(G, E.getTarget()));
		return true;
		}

		Symbol &createEntry(LinkGraph &G, Symbol &Target) {
		return createAnonymousPointer(G, getGOTSection(G), &Target);
		}

		private:
		Section &getGOTSection(LinkGraph &G) {
		if (!GOTSection)
		GOTSection = &G.createSection(getSectionName(), orc::MemProt::Read);
		return *GOTSection;
		}

		Section *GOTSection = nullptr;
		};

} // namespace llvm::jitlink::i386		} // namespace llvm::jitlink::i386

#endif // LLVM_EXECUTIONENGINE_JITLINK_I386_H		#endif // LLVM_EXECUTIONENGINE_JITLINK_I386_H

llvm/lib/ExecutionEngine/JITLink/ELF_i386.cpp

Show All 11 Lines

#include "llvm/ExecutionEngine/JITLink/ELF_i386.h"		#include "llvm/ExecutionEngine/JITLink/ELF_i386.h"
#include "ELFLinkGraphBuilder.h"		#include "ELFLinkGraphBuilder.h"
#include "JITLinkGeneric.h"		#include "JITLinkGeneric.h"
#include "llvm/BinaryFormat/ELF.h"		#include "llvm/BinaryFormat/ELF.h"
#include "llvm/ExecutionEngine/JITLink/i386.h"		#include "llvm/ExecutionEngine/JITLink/i386.h"
#include "llvm/Object/ELFObjectFile.h"		#include "llvm/Object/ELFObjectFile.h"

		#include "DefineExternalSectionStartAndEndSymbols.h"

#define DEBUG_TYPE "jitlink"		#define DEBUG_TYPE "jitlink"

using namespace llvm;		using namespace llvm;
using namespace llvm::jitlink;		using namespace llvm::jitlink;

		namespace {
		constexpr StringRef ELFGOTSymbolName = "_GLOBAL_OFFSET_TABLE_";

		Error buildTables_ELF_i386(LinkGraph &G) {
		LLVM_DEBUG(dbgs() << "Visiting edges in graph:\n");

		i386::GOTTableManager GOT;
		visitExistingEdges(G, GOT);
		return Error::success();
		}
		} // namespace

namespace llvm::jitlink {		namespace llvm::jitlink {

class ELFJITLinker_i386 : public JITLinker<ELFJITLinker_i386> {		class ELFJITLinker_i386 : public JITLinker<ELFJITLinker_i386> {
friend class JITLinker<ELFJITLinker_i386>;		friend class JITLinker<ELFJITLinker_i386>;

public:		public:
ELFJITLinker_i386(std::unique_ptr<JITLinkContext> Ctx,		ELFJITLinker_i386(std::unique_ptr<JITLinkContext> Ctx,
std::unique_ptr<LinkGraph> G, PassConfiguration PassConfig)		std::unique_ptr<LinkGraph> G, PassConfiguration PassConfig)
: JITLinker(std::move(Ctx), std::move(G), std::move(PassConfig)) {}		: JITLinker(std::move(Ctx), std::move(G), std::move(PassConfig)) {
		getPassConfig().PostAllocationPasses.push_back(
		[this](LinkGraph &G) { return getOrCreateGOTSymbol(G); });
		}

private:		private:
		Symbol *GOTSymbol = nullptr;

		Error getOrCreateGOTSymbol(LinkGraph &G) {
		auto DefineExternalGOTSymbolIfPresent =
		createDefineExternalSectionStartAndEndSymbolsPass(
		[&](LinkGraph &LG, Symbol &Sym) -> SectionRangeSymbolDesc {
		if (Sym.getName() == ELFGOTSymbolName)
		if (auto *GOTSection = G.findSectionByName(
		i386::GOTTableManager::getSectionName())) {
		GOTSymbol = &Sym;
		return {*GOTSection, true};
		}
		return {};
		});

		// Try to attach _GLOBAL_OFFSET_TABLE_ to the GOT if it's defined as an
		// external.
		if (auto Err = DefineExternalGOTSymbolIfPresent(G))
		return Err;

		// If we succeeded then we're done.
		if (GOTSymbol)
		return Error::success();

		// Otherwise look for a GOT section: If it already has a start symbol we'll
		// record it, otherwise we'll create our own.
		// If there's a GOT section but we didn't find an external GOT symbol...
		if (auto *GOTSection =
		G.findSectionByName(i386::GOTTableManager::getSectionName())) {

		// Check for an existing defined symbol.
		for (auto *Sym : GOTSection->symbols())
		if (Sym->getName() == ELFGOTSymbolName) {
		GOTSymbol = Sym;
		return Error::success();
		}

		// If there's no defined symbol then create one.
		SectionRange SR(*GOTSection);

		if (SR.empty()) {
		GOTSymbol =
		&G.addAbsoluteSymbol(ELFGOTSymbolName, orc::ExecutorAddr(), 0,
		Linkage::Strong, Scope::Local, true);
		} else {
		GOTSymbol =
		&G.addDefinedSymbol(*SR.getFirstBlock(), 0, ELFGOTSymbolName, 0,
		Linkage::Strong, Scope::Local, false, true);
		}
		}

		return Error::success();
		}

Error applyFixup(LinkGraph &G, Block &B, const Edge &E) const {		Error applyFixup(LinkGraph &G, Block &B, const Edge &E) const {
return i386::applyFixup(G, B, E);		return i386::applyFixup(G, B, E, GOTSymbol);
}		}
};		};

template <typename ELFT>		template <typename ELFT>
class ELFLinkGraphBuilder_i386 : public ELFLinkGraphBuilder<ELFT> {		class ELFLinkGraphBuilder_i386 : public ELFLinkGraphBuilder<ELFT> {
private:		private:
static Expected<i386::EdgeKind_i386> getRelocationKind(const uint32_t Type) {		static Expected<i386::EdgeKind_i386> getRelocationKind(const uint32_t Type) {
using namespace i386;		using namespace i386;
switch (Type) {		switch (Type) {
case ELF::R_386_NONE:		case ELF::R_386_NONE:
return EdgeKind_i386::None;		return EdgeKind_i386::None;
case ELF::R_386_32:		case ELF::R_386_32:
return EdgeKind_i386::Pointer32;		return EdgeKind_i386::Pointer32;
case ELF::R_386_PC32:		case ELF::R_386_PC32:
return EdgeKind_i386::PCRel32;		return EdgeKind_i386::PCRel32;
case ELF::R_386_16:		case ELF::R_386_16:
return EdgeKind_i386::Pointer16;		return EdgeKind_i386::Pointer16;
case ELF::R_386_PC16:		case ELF::R_386_PC16:
return EdgeKind_i386::PCRel16;		return EdgeKind_i386::PCRel16;
		case ELF::R_386_GOT32:
		return EdgeKind_i386::RequestGOTAndTransformToDelta32FromGOT;
case ELF::R_386_GOTPC:		case ELF::R_386_GOTPC:
		return EdgeKind_i386::Delta32;
		case ELF::R_386_GOTOFF:
return EdgeKind_i386::Delta32FromGOT;		return EdgeKind_i386::Delta32FromGOT;
}		}

return make_error<JITLinkError>("Unsupported i386 relocation:" +		return make_error<JITLinkError>("Unsupported i386 relocation:" +
formatv("{0:d}", Type));		formatv("{0:d}", Type));
}		}

Error addRelocations() override {		Error addRelocations() override {
Show All 34 Lines	if (!GraphSymbol)
SymbolIndex, (*ObjSymbol)->st_shndx,		SymbolIndex, (*ObjSymbol)->st_shndx,
Base::GraphSymbols.size()),		Base::GraphSymbols.size()),
inconvertibleErrorCode());		inconvertibleErrorCode());

Expected<i386::EdgeKind_i386> Kind = getRelocationKind(Rel.getType(false));		Expected<i386::EdgeKind_i386> Kind = getRelocationKind(Rel.getType(false));
if (!Kind)		if (!Kind)
return Kind.takeError();		return Kind.takeError();

// TODO: To be removed when GOT relative relocations are supported.
if (*Kind == i386::EdgeKind_i386::Delta32FromGOT)
return Error::success();

int64_t Addend = 0;		int64_t Addend = 0;

auto FixupAddress = orc::ExecutorAddr(FixupSection.sh_addr) + Rel.r_offset;		auto FixupAddress = orc::ExecutorAddr(FixupSection.sh_addr) + Rel.r_offset;
Edge::OffsetT Offset = FixupAddress - BlockToFix.getAddress();		Edge::OffsetT Offset = FixupAddress - BlockToFix.getAddress();
Edge GE(Kind, Offset, GraphSymbol, Addend);		Edge GE(Kind, Offset, GraphSymbol, Addend);
LLVM_DEBUG({		LLVM_DEBUG({
dbgs() << " ";		dbgs() << " ";
printEdge(dbgs(), BlockToFix, GE, i386::getEdgeKindName(*Kind));		printEdge(dbgs(), BlockToFix, GE, i386::getEdgeKindName(*Kind));
dbgs() << "\n";		dbgs() << "\n";
});		});

BlockToFix.addEdge(std::move(GE));		BlockToFix.addEdge(std::move(GE));

return Error::success();		return Error::success();
}		}

public:		public:
ELFLinkGraphBuilder_i386(StringRef FileName, const object::ELFFile<ELFT> &Obj,		ELFLinkGraphBuilder_i386(StringRef FileName, const object::ELFFile<ELFT> &Obj,
const Triple T)		const Triple T)
: ELFLinkGraphBuilder<ELFT>(Obj, std::move(T), FileName,		: ELFLinkGraphBuilder<ELFT>(Obj, std::move(T), FileName,
i386::getEdgeKindName) {}		i386::getEdgeKindName) {}
Show All 24 Lines	void link_ELF_i386(std::unique_ptr<LinkGraph> G,
std::unique_ptr<JITLinkContext> Ctx) {		std::unique_ptr<JITLinkContext> Ctx) {
PassConfiguration Config;		PassConfiguration Config;
const Triple &TT = G->getTargetTriple();		const Triple &TT = G->getTargetTriple();
if (Ctx->shouldAddDefaultTargetPasses(TT)) {		if (Ctx->shouldAddDefaultTargetPasses(TT)) {
if (auto MarkLive = Ctx->getMarkLivePass(TT))		if (auto MarkLive = Ctx->getMarkLivePass(TT))
Config.PrePrunePasses.push_back(std::move(MarkLive));		Config.PrePrunePasses.push_back(std::move(MarkLive));
else		else
Config.PrePrunePasses.push_back(markAllSymbolsLive);		Config.PrePrunePasses.push_back(markAllSymbolsLive);

		// Add an in-place GOT build pass.
		Config.PostPrunePasses.push_back(buildTables_ELF_i386);
}		}
if (auto Err = Ctx->modifyPassConfig(*G, Config))		if (auto Err = Ctx->modifyPassConfig(*G, Config))
return Ctx->notifyFailed(std::move(Err));		return Ctx->notifyFailed(std::move(Err));

ELFJITLinker_i386::link(std::move(Ctx), std::move(G), std::move(Config));		ELFJITLinker_i386::link(std::move(Ctx), std::move(G), std::move(Config));
}		}

} // namespace llvm::jitlink		} // namespace llvm::jitlink

llvm/lib/ExecutionEngine/JITLink/i386.cpp

Show All 22 Lines	const char *getEdgeKindName(Edge::Kind K) {
case Pointer32:		case Pointer32:
return "Pointer32";		return "Pointer32";
case PCRel32:		case PCRel32:
return "PCRel32";		return "PCRel32";
case Pointer16:		case Pointer16:
return "Pointer16";		return "Pointer16";
case PCRel16:		case PCRel16:
return "PCRel16";		return "PCRel16";
		case Delta32:
		return "Delta32";
		case Delta32FromGOT:
		return "Delta32FromGOT";
		case RequestGOTAndTransformToDelta32FromGOT:
		return "RequestGOTAndTransformToDelta32FromGOT";
}		}

return getGenericEdgeKindName(K);		return getGenericEdgeKindName(K);
}		}

		const char NullPointerContent[PointerSize] = {0x00, 0x00, 0x00, 0x00};
} // namespace llvm::jitlink::i386		} // namespace llvm::jitlink::i386

llvm/test/ExecutionEngine/JITLink/i386/ELF_external_to_absolute_conversion.s

This file was added.

				# RUN: llvm-mc -triple=i386-unknown-linux-gnu -filetype=obj -o %t %s
				# RUN: llvm-jitlink -noexec %t
				#
				# Check that symbol scope is demoted to local when external symbols are
				# converted to absolutes. This is demotion is necessary to avoid "unexpected
				# definition" errors.
				#
				# The reference to _GLOBAL_OFFSET_TABLE_ will trigger creation of an external
				# _GLOBAL_OFFSET_TABLE_ symbol, and the GOTOFF relocation will force creation
				# of a GOT symbol without actually introducing any GOT entries. Together these
				# should cause the external _GLOBAL_OFFSET_TABLE_ symbol to be converted to an
				# absolute symbol with address zero. If the scope is not demoted correctly this
				# will trigger an "unexpected definition" error.

				.text
				.globl main
				.p2align 4, 0x90
				.type main,@function
				main:
				pushl %ebp
				movl %esp, %ebp
				pushl %eax
				calll .L0$pb
				.L0$pb:
				popl %eax
				.Ltmp0:
				addl $_GLOBAL_OFFSET_TABLE_+(.Ltmp0-.L0$pb), %eax
				movl $0, -4(%ebp)
				movl a@GOTOFF(%eax), %eax
				addl $4, %esp
				popl %ebp
				retl
				lhamesUnsubmitted Done Reply Inline Actions This sequence is trying to access the non-existent GOT-entry, which is why it crashes at runtime. I think the assembly can be reduced to the i386 equivalent of the x86-64 sequence: .text .globl main .p2align 4, 0x90 .type main,@function main: .L0$pb: movl $_GLOBAL_OFFSET_TABLE_-.L0$pb, %eax movl $foo@GOTOFF, %eax xorl %eax, %eax retl .size main, .-main The '$' symbol at the start of the expression means that we're treating the result of the expression as an immediate, not an address to be loaded from. The immediate values that we move into `%eax` will be zeros, but since `%eax` isn't used anyway we can disregard that. lhames: This sequence is trying to access the non-existent GOT-entry, which is why it crashes at…
				jain98AuthorUnsubmitted Done Reply Inline Actions This sequence is trying to access the non-existent GOT-entry, which is why it crashes at runtime. I didn't quite get that. I think, you're referring to this instruction - movl a@GOTOFF(%eax), %eax I thought this instruction was using `a`'s offset from the GOT symbol - not accessing any GOT entry? Could you point to the specific instruction that you were referring to in your comment? I do think I understand why the seg fault might be happening though. Essentially `a@GOTOFF(%eax)` ends up being `a@GOTOFF(0x00000000)`? Which is likely out of the JITLink process' memory. If that is indeed the case, I have another question. The assembly that I used from the test was actually generated by Clang. Is it just that Clang uses a different linker that can actually handle the code that it's producing without seg-faulting? jain98: > This sequence is trying to access the non-existent GOT-entry, which is why it crashes at…
				lhamesUnsubmitted Done Reply Inline Actions I thought this instruction was using a's offset from the GOT symbol - not accessing any GOT entry? Could you point to the specific instruction that you were referring to in your comment? Oh you're right -- `GOTOFF` references the symbol, not the GOT entry for the symbol. Sorry for the confusion! In that case you're absolutely right -- this should work even if there's no GOT synthesized. It looks like the problem is that the `R_386_GOTPC` relocation has an addend embedded in it, but it's not being included in the Edge construction: ELF_external_to_absolute_conversion.i386.o: file format elf32-i386 Disassembly of section .text: 00000000 <main>: 0: 55 push %ebp 1: 89 e5 mov %esp,%ebp 3: 50 push %eax 4: e8 00 00 00 00 call 9 <main+0x9> 9: 58 pop %eax a: 81 c0 03 00 00 00 add $0x3,%eax. <-- 0x00000003 addend embedded here at fixup location. 10: c7 45 fc 00 00 00 00 movl $0x0,-0x4(%ebp) 17: 8b 80 00 00 00 00 mov 0x0(%eax),%eax 1d: 83 c4 04 add $0x4,%esp 20: 5d pop %ebp 21: c3 ret Edge from debugging output: 0xb7ab600c (block + 0x0000000c), addend = +0x00000000, kind = Delta32, target = _GLOBAL_OFFSET_TABLE_ You just need to read that addend out when constructing the edge. E.g. here's the MachO_x86_64 backend doing something similar: https://github.com/llvm/llvm-project/blob/5a58b19f9c93f3ac51bcde318508131ae78aa10c/llvm/lib/ExecutionEngine/JITLink/MachO_x86_64.cpp#L342 The missing addend is causing the variable reference to point to the page _before_ the data section, which is usually outside allocated memory -- that's triggering the crash, not the missing GOT. Once you fix that I think your original test case should just work -- sorry for the bad advice above! lhames: > I thought this instruction was using a's offset from the GOT symbol - not accessing any GOT…
				jain98AuthorUnsubmitted Done Reply Inline Actions Thanks for the detailed explanation Lang! The solution and the problem make sense for the most part. I'm confused about one thing though. What is causing the embedded addend to be present? In the testcase we're looking at what we need is the address of the GOT in `%eax`. I'll try to clarify my question. Disassembly of section .text: 00000000 <main>: 0: 55 push %ebp 1: 89 e5 mov %esp,%ebp 3: 50 push %eax 4: e8 00 00 00 00 call 9 <main+0x9> 9: 58 pop %eax // After this instruction %eax will contain the address 9 a: 81 c0 03 00 00 00 add $0x3,%eax. // This is the fixup location and we should be adding the (GOT-9) to %eax here, no? 10: c7 45 fc 00 00 00 00 movl $0x0,-0x4(%ebp) 17: 8b 80 00 00 00 00 mov 0x0(%eax),%eax 1d: 83 c4 04 add $0x4,%esp 20: 5d pop %ebp 21: c3 ret Looking at a few other objects it looks like the embedded addend has something to do with the byte number, of an instruction, where the fixup location starts, but it still doesn't make sense to me, why that is the case. Additionally, is there a way I can access this "byte number of the start of fixup location" using `jitlink-check`? jain98: Thanks for the detailed explanation Lang! The solution and the problem make sense for the most…
				lhamesUnsubmitted Not Done Reply Inline Actions No worries. :) What is causing the embedded addend to be present? In the testcase we're looking at what we need is the address of the GOT in %eax... Agreed. The addend ends up being a small but crucial part of that calculation. Taking the example above, the address loaded into `%eax` by the `pop` will be the address of the `pop` instruction itself (the `call` will have placed the address of the next address on the stack, and the next instruction is the `pop` itself). Now in the `add` instruction you need to add some delta `D` to `%eax` to cause it to be equal to `GOT`. The usual linker calculation is the delta from _the address being fixed up_ (i.e. the address of the operand field of the `add`) to the target (the `_GLOBAL_OFFSET_TABLE_` symbol), but in this case the address being fixed up isn't the same as the address in `%eax` (the address of the `pop`) -- it's off by exactly 3 bytes: 1 byte for the `pop` instruction, and two bytes for the opcode field of the `add`. So the addend of `3` is ELF trying to help us out and make the linker math simple: `D = GOT - Address of Fixup + Addend`, with `Addend` implicitly capturing the smaller delta between the value stored in `%eax` and `Address of Fixup`. Additionally, is there a way I can access this "byte number of the start of fixup location" using jitlink-check? You can, but you don't usually want to -- you would read the fixed-up operand value using `decode_operand`, then compare it to the expected value. You'll have to find the `decode_operand` index by trial and error, but it should end up looking something like this: calll .L0$pb .L0$pb: popl %eax .globl GOTPC GOTPC: addl $_GLOBAL_OFFSET_TABLE_+(.Ltmp0-.L0$pb), %eax #jitlink-check: decode_operand(GOTPC, <idx>) = _GLOBAL_OFFSET_TABLE_ - (GOTPC + 2) where GOTPC + 2 gives you the fixup location -- two bytes into the `add`. lhames: No worries. :) > What is causing the embedded addend to be present? In the testcase we're…
				jain98AuthorUnsubmitted Done Reply Inline Actions Thanks, I think that makes sense! It seems like the addend is present because of the way the R_386_GOTPC relocation is calculated (GOT - fixup location), that the compiler is giving us the remaining delta to arrive at the correct GOT address. I'll have a patch out for this shortly. Thanks for talking through this :). jain98: Thanks, I think that makes sense! It seems like the addend is present because of the way the…
				.size main, .-main


				.type a,@object # @a
				.data
				.p2align 2
				a:
				.long 42 # 0x2a
				.size a, 4
				No newline at end of file

llvm/test/ExecutionEngine/JITLink/i386/ELF_i386_small_pic_relocations.s

This file was added.

				# RUN: rm -rf %t && mkdir -p %t
				# RUN: llvm-mc -triple=i386-unknown-linux-gnu -position-independent \
				# RUN: -filetype=obj -o %t/elf_sm_pic_reloc.o %s
				# RUN: llvm-jitlink -noexec \
				# RUN: -slab-allocate 100Kb -slab-address 0xfff00000 -slab-page-size 4096 \
				# RUN: -check %s %t/elf_sm_pic_reloc.o
				#
				# Test ELF small/PIC relocations.

				.text
				.globl main
				.p2align 4, 0x90
				.type main,@function
				main:
				ret
				.size main, .-main


				# Test GOT32 handling.
				#
				# We want to check both the offset to the GOT entry and its contents.
				# jitlink-check: decode_operand(test_got, 4) = got_addr(elf_sm_pic_reloc.o, named_data1) - _GLOBAL_OFFSET_TABLE_
				# jitlink-check: *{4}(got_addr(elf_sm_pic_reloc.o, named_data1)) = named_data1
				#
				# jitlink-check: decode_operand(test_got+6, 4) = got_addr(elf_sm_pic_reloc.o, named_data2) - _GLOBAL_OFFSET_TABLE_
				# jitlink-check: *{4}(got_addr(elf_sm_pic_reloc.o, named_data2)) = named_data2

				.globl test_got
				.p2align 4, 0x90
				.type test_got,@function
				test_got:
				leal named_data1@GOT, %eax
				leal named_data2@GOT, %eax
				.size test_got, .-test_got



				# Test GOTOFF64 handling.
				# jitlink-check: decode_operand(test_gotoff, 1) = named_func - _GLOBAL_OFFSET_TABLE_
				.globl test_gotoff
				.p2align 4, 0x90
				.type test_gotoff,@function
				test_gotoff:
				mov $named_func@GOTOFF, %eax
				.size test_gotoff, .-test_gotoff


				.globl named_func
				.p2align 4, 0x90
				.type named_func,@function
				named_func:
				xor %eax, %eax
				.size named_func, .-named_func


				.data

				.type named_data1,@object
				.p2align 3
				named_data1:
				.quad 42
				.size named_data1, 8

				.type named_data2,@object
				.p2align 3
				named_data2:
				.quad 42
				.size named_data2, 8

This is an archive of the discontinued LLVM Phabricator instance.

Adds support for GOT relocations to i386/ELF backendClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 485214

llvm/include/llvm/ExecutionEngine/JITLink/i386.h

llvm/lib/ExecutionEngine/JITLink/ELF_i386.cpp

llvm/lib/ExecutionEngine/JITLink/i386.cpp

llvm/test/ExecutionEngine/JITLink/i386/ELF_external_to_absolute_conversion.s

llvm/test/ExecutionEngine/JITLink/i386/ELF_i386_small_pic_relocations.s

Adds support for GOT relocations to i386/ELF backend
ClosedPublic