[lld] [LLD] Add flag to force PLT entries to have a BTI (PR #168365)

Peter Smith via llvm-commits llvm-commits at lists.llvm.org
Mon Nov 17 07:58:57 PST 2025 

smithp35 wrote:

Personally I would prefer not to have a command-line option as I think it would be easily missed by users. For example if I'm using BOLT with -mbranch-protection then I must remember to add a new flag. I'd prefer that we either choose to move LLD to always put BTI, or BOLT assumes that it has to deal with a PLT entry without one. Would like to get some feedback from other reviewers on that.

Looking at GNU ld in more detail it looks like it can generate PLT[N] entries without a BTI in some circumstances. This might tip the scales towards BOLT having to handle PLT entries without one, or else we'll need a corresponding binutils change.

Checking back through the history. When I first wrote the patch in https://reviews.llvm.org/D62609 I had a BTI on each entry with a FIXME in the code to optimise later. I found this line in the review:
```
ld.bfd does not put "bti c" on the plt[N] entries when --pie is used. This is because ld.bfd can guarantee that the PLT address won't escape, however there is one small case in LLD where an ifunc has its address taken using a non-got reference when the PLT address can escape. There is potential for optimisation there, but at the moment we have to choose the PLT size early so it isn't easy to apply.
```
I can confirm this with something like:
```
aarch64-none-linux-gnu-gcc sharedused.c -fpie -mbranch-protection=standard -osharedused.axf shared.so -Wl,-z force-bti --pie
```
For a trivial shared library with two functions f and g
```
00000000000006c0 <.plt>:
     6c0: d503245f      bti     c
     6c4: a9bf7bf0      stp     x16, x30, [sp, #-0x10]!
     6c8: f00000f0      adrp    x16, 0x1f000 <__FRAME_END__+0x1e668>
     6cc: f947fe11      ldr     x17, [x16, #0xff8]
     6d0: 913fe210      add     x16, x16, #0xff8
     6d4: d61f0220      br      x17
     6d8: d503201f      nop
     6dc: d503201f      nop
...
0000000000000700 <f at plt>:
     700: 90000110      adrp    x16, 0x20000 <_GLOBAL_OFFSET_TABLE_+0x48>
     704: f9400a11      ldr     x17, [x16, #0x10]
     708: 91004210      add     x16, x16, #0x10
     70c: d61f0220      br      x17
```
...
0000000000000730 <g at plt>:
     730: 90000110      adrp    x16, 0x20000 <_GLOBAL_OFFSET_TABLE_+0x48>
     734: f9401611      ldr     x17, [x16, #0x28]
     738: 9100a210      add     x16, x16, #0x28
```



https://github.com/llvm/llvm-project/pull/168365

More information about the llvm-commits mailing list