llvm dev - Oct 2010 - [LLVMdev] Implementing the hotpatch attribute for X86

On 10/26/10 5:24 PM, Michael Spencer wrote:
> The linker adds the padding. Also, the first instruction just has to
> be two bytes or longer. Not exactly two bytes.
How then does the linker know to add the padding? I assume there's a
PE-COFF attribute that will do that, but what about other file formats,
like ELF or Mach-O? Bear in mind that I'm doing this for the Wine
project, so I'm very concerned about those two formats.

Chip

On Tue, Oct 26, 2010 at 7:27 PM, Charles Davis <cdavis at
mymail.mines.edu> wrote:
> On 10/26/10 5:24 PM, Michael Spencer wrote:
>> The linker adds the padding. Also, the first instruction just has to
>> be two bytes or longer. Not exactly two bytes.
> How then does the linker know to add the padding? I assume there's a
> PE-COFF attribute that will do that,
Nope, that information is not in the object file. You have to pass
/FUNCTIONPADMIN to the linker which then figures it out.
> but what about other file formats,
> like ELF or Mach-O? Bear in mind that I'm doing this for the Wine
> project, so I'm very concerned about those two formats.
>
> Chip
There is no standard hotpatch ABI/toolchain for those object file
formats. Although a quick search brought up various projects working
on it. On ELF I believe you can just fiddle with the GOT and PLT to
hook functions, which is all hotpatching is. The reason COFF and
Windows DLLs require the extra effort is because of the way they are
setup.

I don't know how GCC handles this case. They may do the padding in the
compiler. You are going to have to look at exactly what GCC does and
whatever hotpatch loader Wine uses to figure out what to do, but it
will most likely be incompatible with the Windows implementation.

- Michael Spencer

> I don't know how GCC handles this case. They may do the padding in the
> compiler. You are going to have to look at exactly what GCC does and
> whatever hotpatch loader Wine uses to figure out what to do, but it
> will most likely be incompatible with the Windows implementation.
Why? I don't see how this might be incompatible with what MS linker does;
in any case the end result should be the same.

gcc just emits series of bytes before the function (16 in 32 bit code,
32 - in 64 bit code).
0xcccccccc is used as a filler.

-- 
With best regards, Anton Korobeynikov
Faculty of Mathematics and Mechanics, Saint Petersburg State University