From 9fca35fc3486283562a7fcd9eb0ff845b0152d98 Mon Sep 17 00:00:00 2001 From: Tamar Christina Date: Tue, 27 Nov 2018 12:33:21 +0000 Subject: AArch64: Fix regression in Cortex A53 erratum when PIE. (PR ld/23904) The fix for PR ld/22263 causes TLS relocations using ADRP to be relaxed into MOVZ, however this causes issues for the erratum code. The erratum code scans the input sections looking for ADRP instructions and notes their location in the stream. It then later tries to find them again in order to generate the linker stubs. Due to the relaxation it instead finds a MOVZ and hard aborts. Since this relaxation is a valid one, and in which case the erratum no longer applies, it shouldn't abort but instead just continue. This changes the TLS relaxation code such that when it finds an ADRP and it relaxes it, it removes the erratum entry from the work list by changing the stub type into none so the stub is ignored. The entry is not actually removed as removal is a more expensive operation and we have already allocated the memory anyway. The clearing is done for IE->LE and GD->LE relaxations, and a testcase is added for the IE case. The GD case I believe to be impossible to get together with the erratum sequence due to the required BL which would break the sequence. However to cover all basis I have added the guard there as well. build on native hardware and regtested on aarch64-none-elf, aarch64-none-elf (32 bit host), aarch64-none-linux-gnu, aarch64-none-linux-gnu (32 bit host) Cross-compiled and regtested on aarch64-none-linux-gnu, aarch64_be-none-linux-gnu Testcase in PR23940 tested and works as expected now and benchmarks ran on A53 showing no regressions and no issues. bfd/ChangeLog: PR ld/23904 * elfnn-aarch64.c (_bfd_aarch64_adrp_p): Use existing constants. (_bfd_aarch64_erratum_843419_branch_to_stub): Use _bfd_aarch64_adrp_p. (struct erratum_835769_branch_to_stub_clear_data): New. (_bfd_aarch64_erratum_843419_clear_stub): New. (clear_erratum_843419_entry): New. (elfNN_aarch64_tls_relax): Use it. (elfNN_aarch64_relocate_section): Pass input_section. (aarch64_map_one_stub): Handle branch type none as valid. ld/ChangeLog: PR ld/23904 * testsuite/ld-aarch64/aarch64-elf.exp: Add erratum843419_tls_ie. * testsuite/ld-aarch64/erratum843419_tls_ie.d: New test. * testsuite/ld-aarch64/erratum843419_tls_ie.s: New test. --- bfd/elfnn-aarch64.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 73 insertions(+), 5 deletions(-) (limited to 'bfd/elfnn-aarch64.c') diff --git a/bfd/elfnn-aarch64.c b/bfd/elfnn-aarch64.c index e2cfa86..083f90b 100644 --- a/bfd/elfnn-aarch64.c +++ b/bfd/elfnn-aarch64.c @@ -3845,7 +3845,7 @@ _bfd_aarch64_erratum_835769_scan (bfd *input_bfd, static bfd_boolean _bfd_aarch64_adrp_p (uint32_t insn) { - return ((insn & 0x9f000000) == 0x90000000); + return ((insn & AARCH64_ADRP_OP_MASK) == AARCH64_ADRP_OP); } @@ -5077,7 +5077,7 @@ _bfd_aarch64_erratum_843419_branch_to_stub (struct bfd_hash_entry *gen_entry, + stub_entry->adrp_offset); insn = bfd_getl32 (contents + stub_entry->adrp_offset); - if ((insn & AARCH64_ADRP_OP_MASK) != AARCH64_ADRP_OP) + if (!_bfd_aarch64_adrp_p (insn)) abort (); bfd_signed_vma imm = @@ -5941,6 +5941,64 @@ bad_ifunc_reloc: # define movz_hw_R0 (0x52c00000) #endif +/* Structure to hold payload for _bfd_aarch64_erratum_843419_clear_stub, + it is used to identify the stub information to reset. */ + +struct erratum_843419_branch_to_stub_clear_data +{ + bfd_vma adrp_offset; + asection *output_section; +}; + +/* Clear the erratum information for GEN_ENTRY if the ADRP_OFFSET and + section inside IN_ARG matches. The clearing is done by setting the + stub_type to none. */ + +static bfd_boolean +_bfd_aarch64_erratum_843419_clear_stub (struct bfd_hash_entry *gen_entry, + void *in_arg) +{ + struct elf_aarch64_stub_hash_entry *stub_entry + = (struct elf_aarch64_stub_hash_entry *) gen_entry; + struct erratum_843419_branch_to_stub_clear_data *data + = (struct erratum_843419_branch_to_stub_clear_data *) in_arg; + + if (stub_entry->target_section != data->output_section + || stub_entry->stub_type != aarch64_stub_erratum_843419_veneer + || stub_entry->adrp_offset != data->adrp_offset) + return TRUE; + + /* Change the stub type instead of removing the entry, removing from the hash + table would be slower and we have already reserved the memory for the entry + so there wouldn't be much gain. Changing the stub also keeps around a + record of what was there before. */ + stub_entry->stub_type = aarch64_stub_none; + + /* We're done and there could have been only one matching stub at that + particular offset, so abort further traversal. */ + return FALSE; +} + +/* TLS Relaxations may relax an adrp sequence that matches the erratum 843419 + sequence. In this case the erratum no longer applies and we need to remove + the entry from the pending stub generation. This clears matching adrp insn + at ADRP_OFFSET in INPUT_SECTION in the stub table defined in GLOBALS. */ + +static void +clear_erratum_843419_entry (struct elf_aarch64_link_hash_table *globals, + bfd_vma adrp_offset, asection *input_section) +{ + if (globals->fix_erratum_843419) + { + struct erratum_843419_branch_to_stub_clear_data data; + data.adrp_offset = adrp_offset; + data.output_section = input_section; + + bfd_hash_traverse (&globals->stub_hash_table, + _bfd_aarch64_erratum_843419_clear_stub, &data); + } +} + /* Handle TLS relaxations. Relaxing is possible for symbols that use R_AARCH64_TLSDESC_ADR_{PAGE, LD64_LO12_NC, ADD_LO12_NC} during a static link. @@ -5951,8 +6009,9 @@ bad_ifunc_reloc: static bfd_reloc_status_type elfNN_aarch64_tls_relax (struct elf_aarch64_link_hash_table *globals, - bfd *input_bfd, bfd_byte *contents, - Elf_Internal_Rela *rel, struct elf_link_hash_entry *h) + bfd *input_bfd, asection *input_section, + bfd_byte *contents, Elf_Internal_Rela *rel, + struct elf_link_hash_entry *h) { bfd_boolean is_local = h == NULL; unsigned int r_type = ELFNN_R_TYPE (rel->r_info); @@ -5973,6 +6032,9 @@ elfNN_aarch64_tls_relax (struct elf_aarch64_link_hash_table *globals, Where R is x for LP64, and w for ILP32. */ bfd_putl32 (movz_R0, contents + rel->r_offset); + /* We have relaxed the adrp into a mov, we may have to clear any + pending erratum fixes. */ + clear_erratum_843419_entry (globals, rel->r_offset, input_section); return bfd_reloc_continue; } else @@ -6263,6 +6325,9 @@ elfNN_aarch64_tls_relax (struct elf_aarch64_link_hash_table *globals, { insn = bfd_getl32 (contents + rel->r_offset); bfd_putl32 (movz_R0 | (insn & 0x1f), contents + rel->r_offset); + /* We have relaxed the adrp into a mov, we may have to clear any + pending erratum fixes. */ + clear_erratum_843419_entry (globals, rel->r_offset, input_section); } return bfd_reloc_continue; @@ -6487,7 +6552,8 @@ elfNN_aarch64_relocate_section (bfd *output_bfd, howto = elfNN_aarch64_howto_from_bfd_reloc (bfd_r_type); BFD_ASSERT (howto != NULL); r_type = howto->type; - r = elfNN_aarch64_tls_relax (globals, input_bfd, contents, rel, h); + r = elfNN_aarch64_tls_relax (globals, input_bfd, input_section, + contents, rel, h); unresolved_reloc = 0; } else @@ -8074,6 +8140,8 @@ aarch64_map_one_stub (struct bfd_hash_entry *gen_entry, void *in_arg) if (!elfNN_aarch64_output_map_sym (osi, AARCH64_MAP_INSN, addr)) return FALSE; break; + case aarch64_stub_none: + break; default: abort (); -- cgit v1.1