bug-binutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug ld/30930] Broken BTI veneers: ld-2.41 links mame in a way which get

From: cvs-commit at gcc dot gnu.org
Subject: [Bug ld/30930] Broken BTI veneers: ld-2.41 links mame in a way which gets stuck on aarch64
Date: Thu, 09 Nov 2023 14:59:30 +0000 
https://sourceware.org/bugzilla/show_bug.cgi?id=30930

--- Comment #29 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot 
gnu.org> ---
The master branch has been updated by Szabolcs Nagy <nsz@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d3a8dfdef0797244d0f2f3a8ec5db8f1dcf1337b

commit d3a8dfdef0797244d0f2f3a8ec5db8f1dcf1337b
Author: Szabolcs Nagy <szabolcs.nagy@arm.com>
Date:   Mon Oct 16 13:18:13 2023 +0100

    bfd: aarch64: Fix broken BTI stub PR30930

    Input sections are grouped together that can use the same stub area
    (within reach) and these groups have a stable id.

    Stubs have a name generated from the stub group id and target symbol.
    When a relocation requires a stub with a name that already exists, the
    stub is reused instead of adding a new one.

    For an indirect branch stub another BTI stub may be inserted near the
    target to provide a BTI landing pad.

    The BTI stub can end up with the same stub group id and thus the same
    name as the indirect stub. This happens if the target symbol is within
    reach of the indirect branch stub. Then, due to the name collision,
    only a single stub was emmitted which branched to itself causing an
    infinite loop at runtime.

    A possible solution is to just name the BTI stubs differently, but
    since in the problematic case the indirect and BTI stub are in the
    same stub area, a better solution is to emit a single stub with a
    direct branch. The stub is still needed since the caller cannot reach
    the target directly and we also want a BTI landing pad in the stub in
    case other indirect stubs target the same symbol and thus need a BTI
    stub.

    In short we convert an indirect branch stub into a BTI stub when the
    target is within reach and has no BTI. It is a hassle to change the
    symbol of the stub so a BTI stub may end up with *_veneer instead of
    *_bti_veneer after the conversion, but this should not matter much.
    (Refactoring some of _bfd_aarch64_add_call_stub_entries would be
    useful but too much for this bug fix patch.)

    The same conversion to direct branch could be done even if the target
    did not need a BTI. The stub groups are fixed in the current logic so
    linking can fail if too many stubs are inserted and the section layout
    is changed too much, but this only happens in extreme cases that can
    be reasonably ignored. Because of this the target cannot go out of
    reach during stub insertion so the optimization is valid, but not
    implemented by this patch for the non-BTI case.

    Fixes bug 30930.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]