1 |
97 |
khays |
#source: tlsbinpic.s
|
2 |
|
|
#source: tlsbin.s
|
3 |
|
|
#as: -m31
|
4 |
|
|
#ld: -shared -melf_s390
|
5 |
|
|
#objdump: -dzrj.text
|
6 |
|
|
#target: s390-*-*
|
7 |
|
|
|
8 |
|
|
# PT_TLS layout is:
|
9 |
|
|
# Offset from Offset from Name
|
10 |
|
|
# TCB base TCB end
|
11 |
|
|
# 0x00 -0xa0 sg1..sg2
|
12 |
|
|
# 0x20 -0x80 sl1..sl2
|
13 |
|
|
# 0x40 -0x60 sh1..sh2
|
14 |
|
|
# 0x60 -0x40 bg1..bg2
|
15 |
|
|
# 0x80 -0x20 bl1..bl2
|
16 |
|
|
|
17 |
|
|
.*: +file format elf32-s390
|
18 |
|
|
|
19 |
|
|
Disassembly of section .text:
|
20 |
|
|
|
21 |
|
|
0+[0-9a-f]+ :
|
22 |
|
|
# function prolog
|
23 |
|
|
+[0-9a-f]+: 90 6e f0 18 stm %r6,%r14,24\(%r15\)
|
24 |
|
|
+[0-9a-f]+: a7 d5 00 24 bras %r13,[0-9a-f]+
|
25 |
|
|
# _GLOBAL_OFFSET_TABLE_
|
26 |
|
|
+[0-9a-f]+: [0-9a-f ]+ .long 0x[0-9a-f]+
|
27 |
|
|
# __tls_get_addr@plt-.LT1
|
28 |
|
|
+[0-9a-f]+: [0-9a-f ]+ .long 0x[0-9a-f]+
|
29 |
|
|
# sG1@tlsgd
|
30 |
|
|
+[0-9a-f]+: 00 00 00 28 .long 0x00000028
|
31 |
|
|
# sG2@tlsgd
|
32 |
|
|
+[0-9a-f]+: 00 00 00 20 .long 0x00000020
|
33 |
|
|
# sg1@tlsgd
|
34 |
|
|
+[0-9a-f]+: ff ff ff 60 .long 0xffffff60
|
35 |
|
|
# sl1@tlsgd
|
36 |
|
|
+[0-9a-f]+: ff ff ff 80 .long 0xffffff80
|
37 |
|
|
# sh1@tlsgd
|
38 |
|
|
+[0-9a-f]+: ff ff ff a0 .long 0xffffffa0
|
39 |
|
|
# sl1@tlsldm
|
40 |
|
|
+[0-9a-f]+: 00 00 00 00 .long 0x00000000
|
41 |
|
|
# sl1@dtpoff
|
42 |
|
|
+[0-9a-f]+: ff ff ff 80 .long 0xffffff80
|
43 |
|
|
# sl2@dtpoff
|
44 |
|
|
+[0-9a-f]+: ff ff ff 84 .long 0xffffff84
|
45 |
|
|
# sh1@tlsldm
|
46 |
|
|
+[0-9a-f]+: 00 00 00 00 .long 0x00000000
|
47 |
|
|
# sh1@dtpoff
|
48 |
|
|
+[0-9a-f]+: ff ff ff a0 .long 0xffffffa0
|
49 |
|
|
# sh2@dtpoff
|
50 |
|
|
+[0-9a-f]+: ff ff ff a4 .long 0xffffffa4
|
51 |
|
|
# sG2@gotntpoff
|
52 |
|
|
+[0-9a-f]+: 00 00 00 20 .long 0x00000020
|
53 |
|
|
# sg1@gotntpoff
|
54 |
|
|
+[0-9a-f]+: ff ff ff 60 .long 0xffffff60
|
55 |
|
|
# sl1@gotntpoff
|
56 |
|
|
+[0-9a-f]+: ff ff ff 80 .long 0xffffff80
|
57 |
|
|
# sh1@gotntpoff
|
58 |
|
|
+[0-9a-f]+: ff ff ff a0 .long 0xffffffa0
|
59 |
|
|
# function prolog
|
60 |
|
|
+[0-9a-f]+: 18 ef lr %r14,%r15
|
61 |
|
|
+[0-9a-f]+: 58 c0 d0 00 l %r12,0\(%r13\)
|
62 |
|
|
+[0-9a-f]+: a7 fa ff a0 ahi %r15,-96
|
63 |
|
|
+[0-9a-f]+: 41 cc d0 00 la %r12,0\(%r12,%r13\)
|
64 |
|
|
+[0-9a-f]+: 50 e0 e0 00 st %r14,0\(%r14\)
|
65 |
|
|
# Extract TCB and load branch offset
|
66 |
|
|
+[0-9a-f]+: b2 4f 00 90 ear %r9,%a0
|
67 |
|
|
+[0-9a-f]+: 58 70 d0 04 l %r7,4\(%r13\)
|
68 |
|
|
# GD -> IE because variable is not defined in executable
|
69 |
|
|
+[0-9a-f]+: 58 20 d0 08 l %r2,8\(%r13\)
|
70 |
|
|
+[0-9a-f]+: 58 22 c0 00 l %r2,0\(%r2,%r12\)
|
71 |
|
|
+[0-9a-f]+: 41 22 90 00 la %r2,0\(%r2,%r9\)
|
72 |
|
|
# GD -> IE because variable is not defined in executable where
|
73 |
|
|
# the variable is referenced through IE too
|
74 |
|
|
+[0-9a-f]+: 58 20 d0 0c l %r2,12\(%r13\)
|
75 |
|
|
+[0-9a-f]+: 58 22 c0 00 l %r2,0\(%r2,%r12\)
|
76 |
|
|
+[0-9a-f]+: 41 22 90 00 la %r2,0\(%r2,%r9\)
|
77 |
|
|
# GD -> LE with global variable defined in executable
|
78 |
|
|
+[0-9a-f]+: 58 20 d0 10 l %r2,16\(%r13\)
|
79 |
|
|
+[0-9a-f]+: 47 00 00 00 nop 0
|
80 |
|
|
+[0-9a-f]+: 41 22 90 00 la %r2,0\(%r2,%r9\)
|
81 |
|
|
# GD -> LE with local variable defined in executable
|
82 |
|
|
+[0-9a-f]+: 58 20 d0 14 l %r2,20\(%r13\)
|
83 |
|
|
+[0-9a-f]+: 47 00 00 00 nop 0
|
84 |
|
|
+[0-9a-f]+: 41 22 90 00 la %r2,0\(%r2,%r9\)
|
85 |
|
|
# GD -> LE with hidden variable defined in executable
|
86 |
|
|
+[0-9a-f]+: 58 20 d0 18 l %r2,24\(%r13\)
|
87 |
|
|
+[0-9a-f]+: 47 00 00 00 nop 0
|
88 |
|
|
+[0-9a-f]+: 41 22 90 00 la %r2,0\(%r2,%r9\)
|
89 |
|
|
# LD -> LE
|
90 |
|
|
+[0-9a-f]+: 58 20 d0 1c l %r2,28\(%r13\)
|
91 |
|
|
+[0-9a-f]+: 47 00 00 00 nop 0
|
92 |
|
|
+[0-9a-f]+: 41 32 90 00 la %r3,0\(%r2,%r9\)
|
93 |
|
|
+[0-9a-f]+: 58 40 d0 20 l %r4,32\(%r13\)
|
94 |
|
|
+[0-9a-f]+: 41 54 30 00 la %r5,0\(%r4,%r3\)
|
95 |
|
|
+[0-9a-f]+: 58 40 d0 24 l %r4,36\(%r13\)
|
96 |
|
|
+[0-9a-f]+: 41 54 30 00 la %r5,0\(%r4,%r3\)
|
97 |
|
|
# LD -> LE against hidden variables
|
98 |
|
|
+[0-9a-f]+: 58 20 d0 28 l %r2,40\(%r13\)
|
99 |
|
|
+[0-9a-f]+: 47 00 00 00 nop 0
|
100 |
|
|
+[0-9a-f]+: 41 32 90 00 la %r3,0\(%r2,%r9\)
|
101 |
|
|
+[0-9a-f]+: 58 40 d0 2c l %r4,44\(%r13\)
|
102 |
|
|
+[0-9a-f]+: 41 54 30 00 la %r5,0\(%r4,%r3\)
|
103 |
|
|
+[0-9a-f]+: 58 40 d0 30 l %r4,48\(%r13\)
|
104 |
|
|
+[0-9a-f]+: 41 54 30 00 la %r5,0\(%r4,%r3\)
|
105 |
|
|
# IE against global var
|
106 |
|
|
+[0-9a-f]+: 58 30 d0 34 l %r3,52\(%r13\)
|
107 |
|
|
+[0-9a-f]+: 58 33 c0 00 l %r3,0\(%r3,%r12\)
|
108 |
|
|
+[0-9a-f]+: 58 33 90 00 l %r3,0\(%r3,%r9\)
|
109 |
|
|
# IE -> LE against global var defined in exec
|
110 |
|
|
+[0-9a-f]+: 58 30 d0 38 l %r3,56\(%r13\)
|
111 |
|
|
+[0-9a-f]+: 18 43 lr %r4,%r3
|
112 |
|
|
+[0-9a-f]+: 07 00 nopr %r0
|
113 |
|
|
+[0-9a-f]+: 41 54 90 00 la %r5,0\(%r4,%r9\)
|
114 |
|
|
# IE -> LE against local var
|
115 |
|
|
+[0-9a-f]+: 58 30 d0 3c l %r3,60\(%r13\)
|
116 |
|
|
+[0-9a-f]+: 18 43 lr %r4,%r3
|
117 |
|
|
+[0-9a-f]+: 07 00 nopr %r0
|
118 |
|
|
+[0-9a-f]+: 41 54 90 00 la %r5,0\(%r4,%r9\)
|
119 |
|
|
# IE -> LE against hidden var
|
120 |
|
|
+[0-9a-f]+: 58 30 d0 40 l %r3,64\(%r13\)
|
121 |
|
|
+[0-9a-f]+: 18 43 lr %r4,%r3
|
122 |
|
|
+[0-9a-f]+: 07 00 nopr %r0
|
123 |
|
|
+[0-9a-f]+: 41 54 90 00 la %r5,0\(%r4,%r9\)
|
124 |
|
|
# IE against global var with small got access (no optimization)
|
125 |
|
|
+[0-9a-f]+: 58 30 c0 14 l %r3,20\(%r12\)
|
126 |
|
|
+[0-9a-f]+: 41 33 90 00 la %r3,0\(%r3,%r9\)
|
127 |
|
|
# IE against global var defined in exec with small got access
|
128 |
|
|
# (no optimization)
|
129 |
|
|
+[0-9a-f]+: 58 30 c0 18 l %r3,24\(%r12\)
|
130 |
|
|
+[0-9a-f]+: 41 33 90 00 la %r3,0\(%r3,%r9\)
|
131 |
|
|
# IE against local var with small got access (no optimization)
|
132 |
|
|
+[0-9a-f]+: 58 30 c0 10 l %r3,16\(%r12\)
|
133 |
|
|
+[0-9a-f]+: 41 33 90 00 la %r3,0\(%r3,%r9\)
|
134 |
|
|
# IE against hidden var with small got access (no optimization)
|
135 |
|
|
+[0-9a-f]+: 58 30 c0 1c l %r3,28\(%r12\)
|
136 |
|
|
+[0-9a-f]+: 41 33 90 00 la %r3,0\(%r3,%r9\)
|
137 |
|
|
# function epilog
|
138 |
|
|
+[0-9a-f]+: 98 6e f0 78 lm %r6,%r14,120\(%r15\)
|
139 |
|
|
+[0-9a-f]+: 07 fe br %r14
|
140 |
|
|
+[0-9a-f]+: 07 07 nopr %r7
|
141 |
|
|
+[0-9a-f]+: 07 07 nopr %r7
|
142 |
|
|
+[0-9a-f]+: 07 07 nopr %r7
|
143 |
|
|
+[0-9a-f]+: 07 07 nopr %r7
|
144 |
|
|
+[0-9a-f]+: 07 07 nopr %r7
|
145 |
|
|
+[0-9a-f]+: 07 07 nopr %r7
|
146 |
|
|
+[0-9a-f]+: 07 07 nopr %r7
|
147 |
|
|
+[0-9a-f]+: 07 07 nopr %r7
|
148 |
|
|
|
149 |
|
|
0+[0-9a-f]+ <_start>:
|
150 |
|
|
# function prolog
|
151 |
|
|
+[0-9a-f]+: 90 6e f0 18 stm %r6,%r14,24\(%r15\)
|
152 |
|
|
+[0-9a-f]+: a7 d5 00 0c bras %r13,[0-9a-f]+ <_start\+0x1c>
|
153 |
|
|
# sG6@indntpoff
|
154 |
|
|
+[0-9a-f]+: 00 40 15 a4 .long 0x004015a4
|
155 |
|
|
# bg6@indntpoff
|
156 |
|
|
+[0-9a-f]+: ff ff ff d4 .long 0xffffffd4
|
157 |
|
|
# bl6@indntpoff
|
158 |
|
|
+[0-9a-f]+: ff ff ff f4 .long 0xfffffff4
|
159 |
|
|
# sh6@indntpoff
|
160 |
|
|
+[0-9a-f]+: ff ff ff b4 .long 0xffffffb4
|
161 |
|
|
# sg3@indntpoff
|
162 |
|
|
+[0-9a-f]+: ff ff ff 68 .long 0xffffff68
|
163 |
|
|
# function prolog
|
164 |
|
|
+[0-9a-f]+: 18 ef lr %r14,%r15
|
165 |
|
|
+[0-9a-f]+: a7 fa ff a0 ahi %r15,-96
|
166 |
|
|
+[0-9a-f]+: 50 e0 e0 00 st %r14,0\(%r14\)
|
167 |
|
|
# Extract TCB
|
168 |
|
|
+[0-9a-f]+: b2 4f 00 90 ear %r9,%a0
|
169 |
|
|
# IE against global var
|
170 |
|
|
+[0-9a-f]+: 58 30 d0 00 l %r3,0\(%r13\)
|
171 |
|
|
+[0-9a-f]+: 58 33 c0 00 l %r3,0\(%r3,%r12\)
|
172 |
|
|
+[0-9a-f]+: 41 33 90 00 la %r3,0\(%r3,%r9\)
|
173 |
|
|
# IE -> LE against global var defined in exec
|
174 |
|
|
+[0-9a-f]+: 58 30 d0 04 l %r3,4\(%r13\)
|
175 |
|
|
+[0-9a-f]+: 18 43 lr %r4,%r3
|
176 |
|
|
+[0-9a-f]+: 07 00 nopr %r0
|
177 |
|
|
+[0-9a-f]+: 41 54 90 00 la %r5,0\(%r4,%r9\)
|
178 |
|
|
# IE -> LE against local var
|
179 |
|
|
+[0-9a-f]+: 58 30 d0 08 l %r3,8\(%r13\)
|
180 |
|
|
+[0-9a-f]+: 18 43 lr %r4,%r3
|
181 |
|
|
+[0-9a-f]+: 07 00 nopr %r0
|
182 |
|
|
+[0-9a-f]+: 41 54 90 00 la %r5,0\(%r4,%r9\)
|
183 |
|
|
# IE -> LE against hidden but not local var
|
184 |
|
|
+[0-9a-f]+: 58 30 d0 0c l %r3,12\(%r13\)
|
185 |
|
|
+[0-9a-f]+: 18 43 lr %r4,%r3
|
186 |
|
|
+[0-9a-f]+: 07 00 nopr %r0
|
187 |
|
|
+[0-9a-f]+: 41 54 90 00 la %r5,0\(%r4,%r9\)
|
188 |
|
|
# LE, global var defined in exec
|
189 |
|
|
+[0-9a-f]+: 58 40 d0 10 l %r4,16\(%r13\)
|
190 |
|
|
+[0-9a-f]+: 41 54 90 00 la %r5,0\(%r4,%r9\)
|
191 |
|
|
# function epilog
|
192 |
|
|
+[0-9a-f]+: 98 6e f0 78 lm %r6,%r14,120\(%r15\)
|
193 |
|
|
+[0-9a-f]+: 07 fe br %r14
|