Add R_386_LOAD_GOT32

Change relocation in "call/jmp *puts@GOT[(%reg])" and "mov *foo@GOT[(%reg)], %reg" from R_386_GOT32 to R_386_LOAD_GOT32.
Add R_X86_64_INDBR_GOTPCREL
2025-11-16 12:34:43 +00:00 · 2015-09-02 05:16:01 -07:00 · 2015-09-02 05:14:26 -07:00
44 changed files with 912 additions and 75 deletions
--- a/bfd/bfd-in2.h
+++ b/bfd/bfd-in2.h
@@ -3175,6 +3175,7 @@ instruction.  */
  BFD_RELOC_386_TLS_DESC_CALL,
  BFD_RELOC_386_TLS_DESC,
  BFD_RELOC_386_IRELATIVE,
+  BFD_RELOC_386_LOAD_GOT32,

 /* x86-64/elf relocations  */
  BFD_RELOC_X86_64_GOT32,
@@ -3206,6 +3207,7 @@ instruction.  */
  BFD_RELOC_X86_64_IRELATIVE,
  BFD_RELOC_X86_64_PC32_BND,
  BFD_RELOC_X86_64_PLT32_BND,
+  BFD_RELOC_X86_64_INDBR_GOTPCREL,

 /* ns32k relocations  */
  BFD_RELOC_NS32K_IMM_8,
--- a/bfd/elf32-i386.c
+++ b/bfd/elf32-i386.c
@@ -29,6 +29,7 @@
 #include "objalloc.h"
 #include "hashtab.h"
 #include "dwarf2.h"
+#include "opcode/i386.h"

 /* 386 uses REL relocations instead of RELA.  */
 #define USE_REL	1
@@ -146,9 +147,12 @@ static reloc_howto_type elf_howto_table[]=
  HOWTO(R_386_IRELATIVE, 0, 2, 32, FALSE, 0, complain_overflow_bitfield,
 	bfd_elf_generic_reloc, "R_386_IRELATIVE",
 	TRUE, 0xffffffff, 0xffffffff, FALSE),
+  HOWTO(R_386_LOAD_GOT32, 0, 2, 32, FALSE, 0, complain_overflow_bitfield,
+	bfd_elf_generic_reloc, "R_386_LOAD_GOT32",
+	TRUE, 0xffffffff, 0xffffffff, FALSE),

  /* Another gap.  */
-#define R_386_ext2 (R_386_IRELATIVE + 1 - R_386_tls_offset)
+#define R_386_ext2 (R_386_LOAD_GOT32 + 1 - R_386_tls_offset)
 #define R_386_vt_offset (R_386_GNU_VTINHERIT - R_386_ext2)

 /* GNU extension to record C++ vtable hierarchy.  */
@@ -332,6 +336,10 @@ elf_i386_reloc_type_lookup (bfd *abfd ATTRIBUTE_UNUSED,
      TRACE ("BFD_RELOC_386_IRELATIVE");
      return &elf_howto_table[R_386_IRELATIVE - R_386_tls_offset];

+    case BFD_RELOC_386_LOAD_GOT32:
+      TRACE ("BFD_RELOC_386_LOAD_GOT32");
+      return &elf_howto_table[R_386_LOAD_GOT32 - R_386_tls_offset];
+
    case BFD_RELOC_VTABLE_INHERIT:
      TRACE ("BFD_RELOC_VTABLE_INHERIT");
      return &elf_howto_table[R_386_GNU_VTINHERIT - R_386_vt_offset];
@@ -1468,7 +1476,7 @@ elf_i386_tls_transition (struct bfd_link_info *info, bfd *abfd,

 /* Rename some of the generic section flags to better document how they
   are used here.  */
-#define need_convert_mov_to_lea sec_flg0
+#define need_convert_mov_and_branch sec_flg0

 /* Look through the relocs for a section during the first phase, and
   calculate needed space in the global offset table, procedure linkage
@@ -1580,6 +1588,7 @@ elf_i386_check_relocs (bfd *abfd,
 	    case R_386_PC32:
 	    case R_386_PLT32:
 	    case R_386_GOT32:
+	    case R_386_LOAD_GOT32:
 	      if (htab->elf.dynobj == NULL)
 		htab->elf.dynobj = abfd;
 	      if (!_bfd_elf_create_ifunc_sections (htab->elf.dynobj, info))
@@ -1637,6 +1646,7 @@ elf_i386_check_relocs (bfd *abfd,
 	  /* Fall through */

 	case R_386_GOT32:
+	case R_386_LOAD_GOT32:
 	case R_386_TLS_GD:
 	case R_386_TLS_GOTDESC:
 	case R_386_TLS_DESC_CALL:
@@ -1647,7 +1657,10 @@ elf_i386_check_relocs (bfd *abfd,
 	    switch (r_type)
 	      {
 	      default:
-	      case R_386_GOT32: tls_type = GOT_NORMAL; break;
+	      case R_386_GOT32:
+	      case R_386_LOAD_GOT32:
+		tls_type = GOT_NORMAL;
+		break;
 	      case R_386_TLS_GD: tls_type = GOT_TLS_GD; break;
 	      case R_386_TLS_GOTDESC:
 	      case R_386_TLS_DESC_CALL:
@@ -1940,9 +1953,9 @@ do_size:
 	    return FALSE;
 	}

-      if (r_type == R_386_GOT32
+      if ((r_type == R_386_GOT32 || r_type == R_386_LOAD_GOT32)
 	  && (h == NULL || h->type != STT_GNU_IFUNC))
-	sec->need_convert_mov_to_lea = 1;
+	sec->need_convert_mov_and_branch = 1;
    }

  return TRUE;
@@ -2066,6 +2079,7 @@ elf_i386_gc_sweep_hook (bfd *abfd,
 	case R_386_TLS_IE:
 	case R_386_TLS_GOTIE:
 	case R_386_GOT32:
+	case R_386_LOAD_GOT32:
 	  if (h != NULL)
 	    {
 	      if (h->got.refcount > 0)
@@ -2711,14 +2725,18 @@ elf_i386_readonly_dynrelocs (struct elf_link_hash_entry *h, void *inf)
 }

 /* Convert
-   mov foo@GOT(%reg), %reg
+   mov foo@GOT[(%reg)], %reg
   to
-   lea foo@GOTOFF(%reg), %reg
-   with the local symbol, foo.  */
+   lea foo[@GOTOFF(%reg)], %reg
+   with the local symbol, foo, and convert
+   call/jmp *foo@GOT[(%reg)]
+   to
+   nop call foo/jmp foo nop
+   with the locally defined function, foo.  */

 static bfd_boolean
-elf_i386_convert_mov_to_lea (bfd *abfd, asection *sec,
-			     struct bfd_link_info *link_info)
+elf_i386_convert_mov_and_branch (bfd *abfd, asection *sec,
+				 struct bfd_link_info *link_info)
 {
  Elf_Internal_Shdr *symtab_hdr;
  Elf_Internal_Rela *internal_relocs;
@@ -2735,7 +2753,7 @@ elf_i386_convert_mov_to_lea (bfd *abfd, asection *sec,

  /* Nothing to do if there is no need or no output.  */
  if ((sec->flags & (SEC_CODE | SEC_RELOC)) != (SEC_CODE | SEC_RELOC)
-      || sec->need_convert_mov_to_lea == 0
+      || sec->need_convert_mov_and_branch == 0
      || bfd_is_abs_section (sec->output_section))
    return TRUE;

@@ -2769,34 +2787,57 @@ elf_i386_convert_mov_to_lea (bfd *abfd, asection *sec,
      unsigned int r_symndx = ELF32_R_SYM (irel->r_info);
      unsigned int indx;
      struct elf_link_hash_entry *h;
+      bfd_vma roff;
+      unsigned int opcode;
+      unsigned int modrm;
+      bfd_boolean baseless;
+      unsigned int new_r_type;
+      const char *name;
+      Elf_Internal_Sym *isym;
+      unsigned int disp;
+      unsigned int nop;
+      bfd_vma nop_offset;

-      if (r_type != R_386_GOT32)
+      if (r_type != R_386_GOT32 && r_type != R_386_LOAD_GOT32)
 	continue;

-      /* Get the symbol referred to by the reloc.  */
+      roff = irel->r_offset;
+
+      if (roff < 2)
+	continue;
+
+      opcode = bfd_get_8 (abfd, contents + roff - 2);
+
+      if (!(opcode == 0x8b
+	    && (r_type == R_386_GOT32 || r_type == R_386_LOAD_GOT32))
+	  && !(opcode == 0xff && r_type == R_386_LOAD_GOT32))
+	continue;
+
+      /* Try to convert R_386_GOT32 and R_386_LOAD_GOT32.  Get the
+	 symbol referred to by the reloc.  */
      if (r_symndx < symtab_hdr->sh_info)
 	{
-	  Elf_Internal_Sym *isym;
-
 	  isym = bfd_sym_from_r_symndx (&htab->sym_cache,
 					abfd, r_symndx);

-	  /* STT_GNU_IFUNC must keep R_386_GOT32 relocation.  */
-	  if (ELF_ST_TYPE (isym->st_info) != STT_GNU_IFUNC
-	      && irel->r_offset >= 2
-	      && bfd_get_8 (abfd, contents + irel->r_offset - 2) == 0x8b)
+	  /* STT_GNU_IFUNC must keep GOT32 relocation.  */
+	  if (ELF_ST_TYPE (isym->st_info) != STT_GNU_IFUNC)
 	    {
-	      bfd_put_8 (abfd, 0x8d, contents + irel->r_offset - 2);
-	      irel->r_info = ELF32_R_INFO (r_symndx, R_386_GOTOFF);
 	      if (local_got_refcounts != NULL
 		  && local_got_refcounts[r_symndx] > 0)
 		local_got_refcounts[r_symndx] -= 1;
-	      changed_contents = TRUE;
-	      changed_relocs = TRUE;
+	      h = NULL;
+	      if (opcode == 0x8b)
+		/* Convert "mov *foo@GOT[(%reg)], %reg".  */
+		goto convert_mov_to_gotoff;
+	      else
+		/* Convert "call/jmp *foo@GOT[(%reg)]".  */
+		goto convert_branch_to_gotoff;
 	    }
 	  continue;
 	}

+      isym = NULL;
      indx = r_symndx - symtab_hdr->sh_info;
      h = elf_sym_hashes (abfd)[indx];
      BFD_ASSERT (h != NULL);
@@ -2805,21 +2846,176 @@ elf_i386_convert_mov_to_lea (bfd *abfd, asection *sec,
 	     || h->root.type == bfd_link_hash_warning)
 	h = (struct elf_link_hash_entry *) h->root.u.i.link;

-      /* STT_GNU_IFUNC must keep R_386_GOT32 relocation.  We also avoid
-	 optimizing _DYNAMIC since ld.so may use its link-time address.  */
-      if (h->def_regular
-	  && h->type != STT_GNU_IFUNC
-	  && h != htab->elf.hdynamic
-	  && SYMBOL_REFERENCES_LOCAL (link_info, h)
-	  && irel->r_offset >= 2
-	  && bfd_get_8 (abfd, contents + irel->r_offset - 2) == 0x8b)
+      if (opcode == 0xff && r_type == R_386_LOAD_GOT32)
 	{
-	  bfd_put_8 (abfd, 0x8d, contents + irel->r_offset - 2);
-	  irel->r_info = ELF32_R_INFO (r_symndx, R_386_GOTOFF);
-	  if (h->got.refcount > 0)
-	    h->got.refcount -= 1;
-	  changed_contents = TRUE;
-	  changed_relocs = TRUE;
+	  /* We have "call/jmp *foo@GOT[(%reg)]".  */
+	  if (h->def_regular
+	      && SYMBOL_REFERENCES_LOCAL (link_info, h))
+	    {
+	      /* The function is defined.  But STT_GNU_IFUNC must keep
+		 R_386_LOAD_GOT32 relocation.  */
+	      if (h->type != STT_GNU_IFUNC)
+		{
+convert_branch_to_gotoff:
+		  modrm = bfd_get_8 (abfd, contents + irel->r_offset - 1);
+		  /* Convert R_386_LOAD_GOT32 to R_386_PC32.  */
+		  if (modrm == 0x15
+		      || (modrm >= 0x90 && modrm <= 0x97))
+		    modrm = 0xe8;
+		  else if (modrm == 0x25
+			   || (modrm >= 0xa0 && modrm <= 0xa7))
+		    modrm = 0xe9;
+		  else
+		    /* Skip "lcall/ljmp *foo@GOT[(%reg)]". */
+		    continue;
+		  /* When converting to PC-relative relocation, we
+		     need to adjust addend by 4.  */
+		  disp = bfd_get_32 (abfd, contents + irel->r_offset);
+		  disp -= 4;
+		  if (modrm == 0xe9)
+		    {
+		      /* Convert to "jmp foo nop".  */
+		      nop = NOP_OPCODE;
+		      nop_offset = irel->r_offset + 3;
+		      irel->r_offset -= 1;
+		    }
+		  else
+		    {
+		      /* Convert to "nop call foo".  ADDR_PREFIX_OPCODE
+			 is a nop prefix.  */
+		      nop = ADDR_PREFIX_OPCODE;
+		      nop_offset = irel->r_offset - 2;
+		    }
+		  bfd_put_8 (abfd, nop, contents + nop_offset);
+		  bfd_put_8 (abfd, modrm, contents + irel->r_offset - 1);
+		  bfd_put_32 (abfd, disp, contents + irel->r_offset);
+		  irel->r_info = ELF32_R_INFO (r_symndx, R_386_PC32);
+		  if (h)
+		    {
+		      if (h->got.refcount > 0)
+			h->got.refcount -= 1;
+		    }
+		  changed_contents = TRUE;
+		  changed_relocs = TRUE;
+		}
+	    }
+	  else
+	    {
+	      /* The function is undefined.  */
+	      modrm = bfd_get_8 (abfd, contents + irel->r_offset - 1);
+	      baseless = (modrm & 0xc7) == 0x5;
+	      if (bfd_link_pic (link_info))
+		{
+		  /* For PIC, we leave "call/jmp *foo@GOT(%reg)" alone
+		     and disallow "call/jmp *foo@GOT" since we don't
+		     know what the GOT base is.  */
+		  if (baseless)
+		    {
+baseless_error:
+		      if (h)
+			name = h->root.root.string;
+		      else
+			name = bfd_elf_sym_name (abfd, symtab_hdr,
+						 isym, NULL);
+		      (*_bfd_error_handler)
+			(_("%B: direct GOT relocation R_386_LOAD_GOT32 against `%s' without base register can not be used when making a shared object"),
+			 abfd, name);
+		      goto error_return;
+		    }
+		}
+	      else if (!baseless)
+		{
+		  /* For non-PIC, convert "call/jmp *foo@GOT(%reg)"
+		     to "call/jmp *foo@GOT" since we don't know if
+		     REG is the GOT base.  No need to convert
+		     "call/jmp *foo@GOT".  */
+		  if (modrm >= 0x90 && modrm <= 0x97)
+		    /* Convert to "call *foo@GOT".  */
+		    modrm = 0x15;
+		  else if (modrm >= 0xa0 && modrm <= 0xa7)
+		    /* Convert to "jmp *foo@GOT".  */
+		    modrm = 0x25;
+		  else
+		    /* Skip "lcall/ljmp *foo@GOT(%reg)". */
+		    continue;
+		  bfd_put_8 (abfd, modrm, contents + irel->r_offset - 1);
+		  changed_contents = TRUE;
+		}
+	    }
+	}
+      else
+	{
+	  /* STT_GNU_IFUNC must keep GOT32 relocation.  */
+	  if (h->def_regular
+	      && h->type != STT_GNU_IFUNC
+	      && SYMBOL_REFERENCES_LOCAL (link_info, h))
+	    {
+	      /* Avoid optimizing _DYNAMIC since ld.so may use its
+		 link-time address.  Convert R_386_LOAD_GOT32 in
+		 "mov _DYNAMIC@GOT(%reg), %reg" to R_386_GOT32 to
+		 avoid adding the GOT base in non-PIC mode in
+		 elf_i386_relocate_section.  */
+	      if (h == htab->elf.hdynamic)
+		{
+		  if (r_type == R_386_LOAD_GOT32)
+		    {
+		      irel->r_info = ELF32_R_INFO (r_symndx,
+						   R_386_GOT32);
+		      changed_relocs = TRUE;
+		    }
+		  continue;
+		}
+
+	      if (h->got.refcount > 0)
+		h->got.refcount -= 1;
+
+convert_mov_to_gotoff:
+	      bfd_put_8 (abfd, 0x8d, contents + irel->r_offset - 2);
+	      modrm = bfd_get_8 (abfd, contents + irel->r_offset - 1);
+	      baseless = (modrm & 0xc7) == 0x5;
+	      /* For PIC, disallow "mov foo@GOT, %reg" since we don't
+		 know what the GOT base is.  */
+	      if (baseless && bfd_link_pic (link_info))
+		goto baseless_error;
+	      if (r_type == R_386_LOAD_GOT32
+		  && (baseless || !bfd_link_pic (link_info)))
+		new_r_type = R_386_32;
+	      else
+		new_r_type = R_386_GOTOFF;
+	      irel->r_info = ELF32_R_INFO (r_symndx, new_r_type);
+	      changed_contents = TRUE;
+	      changed_relocs = TRUE;
+	      /* For non-PIC, convert "lea foo@GOTOFF(%reg1), %reg2"
+		 to "lea foo, %reg2".  */
+	      if (!baseless && new_r_type == R_386_32)
+		goto convert_to_baseless;
+	    }
+	  else if (r_type == R_386_LOAD_GOT32)
+	    {
+	      /* Function is undefined.  */
+	      modrm = bfd_get_8 (abfd, contents + irel->r_offset - 1);
+	      baseless = (modrm & 0xc5) == 0x5;
+
+	      if (bfd_link_pic (link_info))
+		{
+		  /* For PIC, we leave "mov *foo@GOT(%reg), %reg" alone
+		     and disallow "mov foo@GOT, %reg" since we don't
+		     know what the GOT base is.  */
+		  if (baseless)
+		    goto baseless_error;
+		}
+	      else if (!baseless)
+		{
+		  /* For non-PIC, convert "mov foo@GOT(%reg1), %reg2"
+		     to "mov foo@GOT, %reg2" since the GOT base will be
+		     added in elf_i386_relocate_section.  No need to
+		     convert "mov foo@GOT, %reg".  */
+convert_to_baseless:
+		  modrm = 0x5 | (modrm & 0x38);
+		  bfd_put_8 (abfd, modrm, contents + irel->r_offset - 1);
+		  changed_contents = TRUE;
+		}
+	    }
 	}
    }

@@ -2905,7 +3101,7 @@ elf_i386_size_dynamic_sections (bfd *output_bfd, struct bfd_link_info *info)
 	{
 	  struct elf_dyn_relocs *p;

-	  if (!elf_i386_convert_mov_to_lea (ibfd, s, info))
+	  if (!elf_i386_convert_mov_and_branch (ibfd, s, info))
 	    return FALSE;

 	  for (p = ((struct elf_dyn_relocs *)
@@ -3655,6 +3851,7 @@ elf_i386_relocate_section (bfd *output_bfd,
 	      goto do_relocation;

 	    case R_386_GOT32:
+	    case R_386_LOAD_GOT32:
 	      base_got = htab->elf.sgot;
 	      off = h->got.offset;

@@ -3732,6 +3929,34 @@ elf_i386_relocate_section (bfd *output_bfd,
      eh = (struct elf_i386_link_hash_entry *) h;
      switch (r_type)
 	{
+	case R_386_LOAD_GOT32:
+	  /* Resolve "call/jmp *GOT[(%reg)]"/"mov GOT[(%reg)], %reg".  */
+	  if (h == NULL
+	      || (h->plt.offset == (bfd_vma) -1
+		  && h->got.offset == (bfd_vma) -1)
+	      || htab->elf.sgotplt == NULL)
+	    abort ();
+
+	  offplt = (htab->elf.sgotplt->output_section->vma
+		     + htab->elf.sgotplt->output_offset);
+
+	  /* It is relative to .got.plt section.  */
+	  if (h->got.offset != (bfd_vma) -1)
+	    /* Use GOT entry.  */
+	    relocation = (htab->elf.sgot->output_section->vma
+			  + htab->elf.sgot->output_offset
+			  + h->got.offset - offplt);
+	  else
+	    /* Use GOTPLT entry.  */
+	    relocation = (h->plt.offset / plt_entry_size - 1 + 3) * 4;
+
+	  /* If not PIC, add the .got.plt section address.  */
+	  if (!bfd_link_pic (info))
+	    relocation += offplt;
+
+	  unresolved_reloc = FALSE;
+	  break;
+
 	case R_386_GOT32:
 	  /* Relocation is to the entry for this symbol in the global
 	     offset table.  */
--- a/bfd/elf64-x86-64.c
+++ b/bfd/elf64-x86-64.c
@@ -31,6 +31,7 @@
 #include "dwarf2.h"
 #include "libiberty.h"

+#include "opcode/i386.h"
 #include "elf/x86-64.h"

 #ifdef CORE_HEADER
@@ -176,12 +177,15 @@ static reloc_howto_type x86_64_elf_howto_table[] =
  HOWTO(R_X86_64_PLT32_BND, 0, 2, 32, TRUE, 0, complain_overflow_signed,
 	bfd_elf_generic_reloc, "R_X86_64_PLT32_BND", FALSE, 0xffffffff, 0xffffffff,
 	TRUE),
+  HOWTO(R_X86_64_INDBR_GOTPCREL, 0, 2, 32, TRUE, 0, complain_overflow_signed,
+	bfd_elf_generic_reloc, "R_X86_64_INDBR_GOTPCREL", FALSE, 0xffffffff,
+	0xffffffff, TRUE),

  /* We have a gap in the reloc numbers here.
     R_X86_64_standard counts the number up to this point, and
     R_X86_64_vt_offset is the value to subtract from a reloc type of
     R_X86_64_GNU_VT* to form an index into this table.  */
-#define R_X86_64_standard (R_X86_64_PLT32_BND + 1)
+#define R_X86_64_standard (R_X86_64_INDBR_GOTPCREL + 1)
 #define R_X86_64_vt_offset (R_X86_64_GNU_VTINHERIT - R_X86_64_standard)

 /* GNU extension to record C++ vtable hierarchy.  */
@@ -253,8 +257,9 @@ static const struct elf_reloc_map x86_64_reloc_map[] =
  { BFD_RELOC_X86_64_TLSDESC_CALL, R_X86_64_TLSDESC_CALL, },
  { BFD_RELOC_X86_64_TLSDESC,	R_X86_64_TLSDESC, },
  { BFD_RELOC_X86_64_IRELATIVE,	R_X86_64_IRELATIVE, },
-  { BFD_RELOC_X86_64_PC32_BND,	R_X86_64_PC32_BND,},
-  { BFD_RELOC_X86_64_PLT32_BND,	R_X86_64_PLT32_BND,},
+  { BFD_RELOC_X86_64_PC32_BND,  R_X86_64_PC32_BND, },
+  { BFD_RELOC_X86_64_PLT32_BND,	R_X86_64_PLT32_BND, },
+  { BFD_RELOC_X86_64_INDBR_GOTPCREL, R_X86_64_INDBR_GOTPCREL, },
  { BFD_RELOC_VTABLE_INHERIT,	R_X86_64_GNU_VTINHERIT, },
  { BFD_RELOC_VTABLE_ENTRY,	R_X86_64_GNU_VTENTRY, },
 };
@@ -1545,7 +1550,7 @@ elf_x86_64_tls_transition (struct bfd_link_info *info, bfd *abfd,

 /* Rename some of the generic section flags to better document how they
   are used here.  */
-#define need_convert_mov_to_lea sec_flg0
+#define need_convert_mov_and_branch sec_flg0

 /* Look through the relocs for a section during the first phase, and
   calculate needed space in the global offset table, procedure
@@ -1726,6 +1731,7 @@ elf_x86_64_check_relocs (bfd *abfd, struct bfd_link_info *info,
 	    case R_X86_64_32S:
 	    case R_X86_64_PC64:
 	    case R_X86_64_GOTPCREL:
+	    case R_X86_64_INDBR_GOTPCREL:
 	    case R_X86_64_GOTPCREL64:
 	      if (htab->elf.dynobj == NULL)
 		htab->elf.dynobj = abfd;
@@ -1779,6 +1785,7 @@ elf_x86_64_check_relocs (bfd *abfd, struct bfd_link_info *info,

 	case R_X86_64_GOT32:
 	case R_X86_64_GOTPCREL:
+	case R_X86_64_INDBR_GOTPCREL:
 	case R_X86_64_TLSGD:
 	case R_X86_64_GOT64:
 	case R_X86_64_GOTPCREL64:
@@ -2144,9 +2151,10 @@ do_size:
 	    return FALSE;
 	}

-      if (r_type == R_X86_64_GOTPCREL
+      if ((r_type == R_X86_64_GOTPCREL
+	   || r_type == R_X86_64_INDBR_GOTPCREL)
 	  && (h == NULL || h->type != STT_GNU_IFUNC))
-	sec->need_convert_mov_to_lea = 1;
+	sec->need_convert_mov_and_branch = 1;
    }

  return TRUE;
@@ -2950,11 +2958,15 @@ elf_x86_64_readonly_dynrelocs (struct elf_link_hash_entry *h,
   mov foo@GOTPCREL(%rip), %reg
   to
   lea foo(%rip), %reg
-   with the local symbol, foo.  */
+   with the local symbol, foo, and convert
+   call/jmp *foo@GOTPCREL(%rip)
+   to
+   nop call foo/jmp foo nop
+   with the locally defined function, foo.  */

 static bfd_boolean
-elf_x86_64_convert_mov_to_lea (bfd *abfd, asection *sec,
-			       struct bfd_link_info *link_info)
+elf_x86_64_convert_mov_and_branch (bfd *abfd, asection *sec,
+				   struct bfd_link_info *link_info)
 {
  Elf_Internal_Shdr *symtab_hdr;
  Elf_Internal_Rela *internal_relocs;
@@ -2972,7 +2984,7 @@ elf_x86_64_convert_mov_to_lea (bfd *abfd, asection *sec,

  /* Nothing to do if there is no need or no output.  */
  if ((sec->flags & (SEC_CODE | SEC_RELOC)) != (SEC_CODE | SEC_RELOC)
-      || sec->need_convert_mov_to_lea == 0
+      || sec->need_convert_mov_and_branch == 0
      || bfd_is_abs_section (sec->output_section))
    return TRUE;

@@ -3011,11 +3023,13 @@ elf_x86_64_convert_mov_to_lea (bfd *abfd, asection *sec,
      char symtype;
      bfd_vma toff, roff;
      enum {
-	none, local, global
-      } convert_mov_to_lea;
+	none, mov_local, mov_global, relax
+      } convert_kind;
      unsigned int opcode;

-      if (r_type != R_X86_64_GOTPCREL)
+      if (r_type != R_X86_64_GOTPCREL
+	  && (r_symndx < symtab_hdr->sh_info
+	      || r_type != R_X86_64_INDBR_GOTPCREL))
 	continue;

      roff = irel->r_offset;
@@ -3026,18 +3040,23 @@ elf_x86_64_convert_mov_to_lea (bfd *abfd, asection *sec,
      opcode = bfd_get_8 (abfd, contents + roff - 2);

      /* PR ld/18591: Don't convert R_X86_64_GOTPCREL relocation if it
-         isn't for mov instruction.  */
-      if (opcode != 0x8b)
+         isn't for mov instruction.  Also support call/jmp instruction
+	 with R_X86_64_INDBR_GOTPCREL relocation.  */
+      if (!(opcode == 0x8b && r_type == R_X86_64_GOTPCREL)
+	  && !(opcode == 0xff && r_type == R_X86_64_INDBR_GOTPCREL))
 	continue;

      tsec = NULL;
-      convert_mov_to_lea = none;
+      convert_kind = none;

      /* Get the symbol referred to by the reloc.  */
      if (r_symndx < symtab_hdr->sh_info)
 	{
 	  Elf_Internal_Sym *isym;

+	  if (r_type != R_X86_64_GOTPCREL)
+	    abort ();
+
 	  /* Silence older GCC warning.  */
 	  h = NULL;

@@ -3060,7 +3079,7 @@ elf_x86_64_convert_mov_to_lea (bfd *abfd, asection *sec,
 		tsec = bfd_section_from_elf_index (abfd, isym->st_shndx);

 	      toff = isym->st_value;
-	      convert_mov_to_lea = local;
+	      convert_kind = mov_local;
 	    }
 	}
      else
@@ -3073,22 +3092,24 @@ elf_x86_64_convert_mov_to_lea (bfd *abfd, asection *sec,
 		 || h->root.type == bfd_link_hash_warning)
 	    h = (struct elf_link_hash_entry *) h->root.u.i.link;

-	  /* STT_GNU_IFUNC must keep R_X86_64_GOTPCREL relocation.  We also
-	     avoid optimizing _DYNAMIC since ld.so may use its link-time
-	     address.  */
+	  /* STT_GNU_IFUNC must keep GOTPCREL relocations.  We also
+	     avoid optimizing R_X86_64_GOTPCREL relocation againt
+	     _DYNAMIC since ld.so may use its link-time address.  */
 	  if (h->def_regular
 	      && h->type != STT_GNU_IFUNC
-	      && h != htab->elf.hdynamic
+	      && (r_type == R_X86_64_INDBR_GOTPCREL
+		  || h != htab->elf.hdynamic)
 	      && SYMBOL_REFERENCES_LOCAL (link_info, h))
 	    {
 	      tsec = h->root.u.def.section;
 	      toff = h->root.u.def.value;
 	      symtype = h->type;
-	      convert_mov_to_lea = global;
+	      convert_kind
+		= r_type == R_X86_64_GOTPCREL ? mov_global : relax;
 	    }
 	}

-      if (convert_mov_to_lea == none)
+      if (convert_kind == none)
 	continue;

      if (tsec->sec_info_type == SEC_INFO_TYPE_MERGE)
@@ -3163,12 +3184,59 @@ elf_x86_64_convert_mov_to_lea (bfd *abfd, asection *sec,
 	    continue;
 	}

-      bfd_put_8 (abfd, 0x8d, contents + roff - 2);
+      if (convert_kind == relax)
+	{
+	  /* We have "call/jmp *foo@GOTPCREL(%rip)".  */
+	  unsigned int modrm;
+	  unsigned int nop;
+	  bfd_vma nop_offset;
+
+	  /* Convert R_X86_64_INDBR_GOTPCREL to R_X86_64_PC32.  */
+	  modrm = bfd_get_8 (abfd, contents + irel->r_offset - 1);
+	  switch (modrm)
+	    {
+	    default:
+	      /* Skip "lcall/ljmp *foo@GOTPCREL(%rip)".  */
+	      continue;
+	    case 0x15:
+	      modrm = 0xe8;
+	      break;
+	    case 0x25:
+	      modrm = 0xe9;
+	      break;
+	    }
+	  if (modrm == 0xe9)
+	    {
+	      unsigned int disp;
+	      /* Convert to "jmp foo nop".  */
+	      nop = NOP_OPCODE;
+	      nop_offset = irel->r_offset + 3;
+	      disp = bfd_get_32 (abfd, contents + irel->r_offset);
+	      irel->r_offset -= 1;
+	      bfd_put_32 (abfd, disp, contents + irel->r_offset);
+	    }
+	  else
+	    {
+	      /* Convert to "nop call foo".  ADDR_PREFIX_OPCODE
+		 is a nop prefix.  */
+	      nop = ADDR_PREFIX_OPCODE;
+	      nop_offset = irel->r_offset - 2;
+	    }
+	  bfd_put_8 (abfd, nop, contents + nop_offset);
+	  bfd_put_8 (abfd, modrm, contents + irel->r_offset - 1);
+	}
+      else
+	{
+	  /* Convert "mov foo@GOTPCREL(%rip), %reg" to
+	     "lea foo(%rip), %reg".  */
+	  bfd_put_8 (abfd, 0x8d, contents + roff - 2);
+	}
+
      irel->r_info = htab->r_info (r_symndx, R_X86_64_PC32);
      changed_contents = TRUE;
      changed_relocs = TRUE;

-      if (convert_mov_to_lea == local)
+      if (convert_kind == mov_local)
 	{
 	  if (local_got_refcounts != NULL
 	      && local_got_refcounts[r_symndx] > 0)
@@ -3267,7 +3335,7 @@ elf_x86_64_size_dynamic_sections (bfd *output_bfd,
 	{
 	  struct elf_dyn_relocs *p;

-	  if (!elf_x86_64_convert_mov_to_lea (ibfd, s, info))
+	  if (!elf_x86_64_convert_mov_and_branch (ibfd, s, info))
 	    return FALSE;

 	  for (p = (struct elf_dyn_relocs *)
@@ -3988,6 +4056,7 @@ elf_x86_64_relocate_section (bfd *output_bfd,
 	      goto do_relocation;

 	    case R_X86_64_GOTPCREL:
+	    case R_X86_64_INDBR_GOTPCREL:
 	    case R_X86_64_GOTPCREL64:
 	      base_got = htab->elf.sgot;
 	      off = h->got.offset;
@@ -4056,6 +4125,7 @@ elf_x86_64_relocate_section (bfd *output_bfd,
 	  /* Relocation is to the entry for this symbol in the global
 	     offset table.  */
 	case R_X86_64_GOTPCREL:
+	case R_X86_64_INDBR_GOTPCREL:
 	case R_X86_64_GOTPCREL64:
 	  /* Use global offset table entry as symbol value.  */
 	case R_X86_64_GOTPLT64:
@@ -4161,7 +4231,9 @@ elf_x86_64_relocate_section (bfd *output_bfd,

 	  relocation = base_got->output_section->vma
 		       + base_got->output_offset + off;
-	  if (r_type != R_X86_64_GOTPCREL && r_type != R_X86_64_GOTPCREL64)
+	  if (r_type != R_X86_64_GOTPCREL
+	      && r_type != R_X86_64_INDBR_GOTPCREL
+	      && r_type != R_X86_64_GOTPCREL64)
 	    relocation -= htab->elf.sgotplt->output_section->vma
 			  - htab->elf.sgotplt->output_offset;

--- a/bfd/libbfd.h
+++ b/bfd/libbfd.h
@@ -1292,6 +1292,7 @@ static const char *const bfd_reloc_code_real_names[] = { "@@uninitialized@@",
  "BFD_RELOC_386_TLS_DESC_CALL",
  "BFD_RELOC_386_TLS_DESC",
  "BFD_RELOC_386_IRELATIVE",
+  "BFD_RELOC_386_LOAD_GOT32",
  "BFD_RELOC_X86_64_GOT32",
  "BFD_RELOC_X86_64_PLT32",
  "BFD_RELOC_X86_64_COPY",
@@ -1321,6 +1322,7 @@ static const char *const bfd_reloc_code_real_names[] = { "@@uninitialized@@",
  "BFD_RELOC_X86_64_IRELATIVE",
  "BFD_RELOC_X86_64_PC32_BND",
  "BFD_RELOC_X86_64_PLT32_BND",
+  "BFD_RELOC_X86_64_INDBR_GOTPCREL",
  "BFD_RELOC_NS32K_IMM_8",
  "BFD_RELOC_NS32K_IMM_16",
  "BFD_RELOC_NS32K_IMM_32",
--- a/bfd/reloc.c
+++ b/bfd/reloc.c
@@ -2676,6 +2676,8 @@ ENUMX
  BFD_RELOC_386_TLS_DESC
 ENUMX
  BFD_RELOC_386_IRELATIVE
+ENUMX
+  BFD_RELOC_386_LOAD_GOT32
 ENUMDOC
  i386/elf relocations

@@ -2737,6 +2739,8 @@ ENUMX
  BFD_RELOC_X86_64_PC32_BND
 ENUMX
  BFD_RELOC_X86_64_PLT32_BND
+ENUMX
+  BFD_RELOC_X86_64_INDBR_GOTPCREL
 ENUMDOC
  x86-64/elf relocations

--- a/gas/config/tc-i386.c
+++ b/gas/config/tc-i386.c
@@ -2934,6 +2934,7 @@ tc_i386_fix_adjustable (fixS *fixP ATTRIBUTE_UNUSED)
      || fixP->fx_r_type == BFD_RELOC_386_GOTOFF
      || fixP->fx_r_type == BFD_RELOC_386_PLT32
      || fixP->fx_r_type == BFD_RELOC_386_GOT32
+      || fixP->fx_r_type == BFD_RELOC_386_LOAD_GOT32
      || fixP->fx_r_type == BFD_RELOC_386_TLS_GD
      || fixP->fx_r_type == BFD_RELOC_386_TLS_LDM
      || fixP->fx_r_type == BFD_RELOC_386_TLS_LDO_32
@@ -2947,6 +2948,7 @@ tc_i386_fix_adjustable (fixS *fixP ATTRIBUTE_UNUSED)
      || fixP->fx_r_type == BFD_RELOC_X86_64_PLT32
      || fixP->fx_r_type == BFD_RELOC_X86_64_GOT32
      || fixP->fx_r_type == BFD_RELOC_X86_64_GOTPCREL
+      || fixP->fx_r_type == BFD_RELOC_X86_64_INDBR_GOTPCREL
      || fixP->fx_r_type == BFD_RELOC_X86_64_TLSGD
      || fixP->fx_r_type == BFD_RELOC_X86_64_TLSLD
      || fixP->fx_r_type == BFD_RELOC_X86_64_DTPOFF32
@@ -3712,6 +3714,20 @@ md_assemble (char *line)
 	}
    }

+  /* We don't check BFD_RELOC_X86_64_GOTPCREL here since it is set
+     by i386_validate_fix from BFD_RELOC_32_PCREL. */
+  if (i.reloc[0] == BFD_RELOC_386_GOT32)
+    {
+      if (i.operands == 1
+	  && t->base_opcode == 0xff
+	  && (t->extension_opcode == 2 || t->extension_opcode == 4))
+	/* call/jmp *foo@GOT[(%reg])  */
+	i.reloc[0] = BFD_RELOC_386_LOAD_GOT32;
+      else if (i.operands == 2 && i.tm.base_opcode == 0x8b)
+	/* mov foo@GOT[(%reg]), %reg  */
+	i.reloc[0] = BFD_RELOC_386_LOAD_GOT32;
+    }
+
  if (i.rex != 0)
    add_prefix (REX_OPCODE | i.rex);

@@ -4797,6 +4813,10 @@ match_template (void)
 	    }
 	  }

+      /* Force 0x8b encoding for "mov foo@GOT, %eax".  */
+      if (i.reloc[0] == BFD_RELOC_386_GOT32 && t->base_opcode == 0xa0)
+	continue;
+
      /* We check register size if needed.  */
      check_register = t->opcode_modifier.checkregsize;
      overlap0 = operand_type_and (i.types[0], operand_types[0]);
@@ -8224,7 +8244,14 @@ i386_finalize_displacement (segT exp_seg ATTRIBUTE_UNUSED, expressionS *exp,
      exp->X_op = O_subtract;
      exp->X_op_symbol = GOT_symbol;
      if (i.reloc[this_operand] == BFD_RELOC_X86_64_GOTPCREL)
-	i.reloc[this_operand] = BFD_RELOC_32_PCREL;
+	{
+	  if (i.operands == 1
+	      && i.types[this_operand].bitfield.jumpabsolute)
+	    /* Borrow the unused BFD_RELOC_X86_64_PC32_BND.  */
+	    i.reloc[this_operand] = BFD_RELOC_X86_64_PC32_BND;
+	  else
+	    i.reloc[this_operand] = BFD_RELOC_32_PCREL;
+	}
      else if (i.reloc[this_operand] == BFD_RELOC_X86_64_GOTOFF64)
 	i.reloc[this_operand] = BFD_RELOC_64;
      else
@@ -10335,6 +10362,14 @@ i386_validate_fix (fixS *fixp)
 	    abort ();
 	  fixp->fx_r_type = BFD_RELOC_X86_64_GOTPCREL;
 	}
+      else if (fixp->fx_r_type == BFD_RELOC_X86_64_PC32_BND)
+	{
+	  /* Covert the borrowed BFD_RELOC_X86_64_PC32_BND back to
+	     BFD_RELOC_X86_64_INDBR_GOTPCREL.  */
+	  if (!object_64bit)
+	    abort ();
+	  fixp->fx_r_type = BFD_RELOC_X86_64_INDBR_GOTPCREL;
+	}
      else
 	{
 	  if (!object_64bit)
@@ -10377,8 +10412,10 @@ tc_gen_reloc (asection *section ATTRIBUTE_UNUSED, fixS *fixp)
    case BFD_RELOC_X86_64_PLT32:
    case BFD_RELOC_X86_64_GOT32:
    case BFD_RELOC_X86_64_GOTPCREL:
+    case BFD_RELOC_X86_64_INDBR_GOTPCREL:
    case BFD_RELOC_386_PLT32:
    case BFD_RELOC_386_GOT32:
+    case BFD_RELOC_386_LOAD_GOT32:
    case BFD_RELOC_386_GOTOFF:
    case BFD_RELOC_386_GOTPC:
    case BFD_RELOC_386_TLS_GD:
@@ -10530,6 +10567,7 @@ tc_gen_reloc (asection *section ATTRIBUTE_UNUSED, fixS *fixp)
 	  case BFD_RELOC_X86_64_PLT32:
 	  case BFD_RELOC_X86_64_GOT32:
 	  case BFD_RELOC_X86_64_GOTPCREL:
+	  case BFD_RELOC_X86_64_INDBR_GOTPCREL:
 	  case BFD_RELOC_X86_64_TLSGD:
 	  case BFD_RELOC_X86_64_TLSLD:
 	  case BFD_RELOC_X86_64_GOTTPOFF:
--- a/gas/testsuite/gas/i386/got.d
+++ b/gas/testsuite/gas/i386/got.d
@@ -0,0 +1,29 @@
+#objdump: -dwr
+
+.*: +file format .*
+
+
+Disassembly of section .text:
+
+0+ <_start>:
+[ 	]*[a-f0-9]+:	b8 00 00 00 00       	mov    \$0x0,%eax	1: R_386_GOT32	foo
+[ 	]*[a-f0-9]+:	8b 05 00 00 00 00    	mov    0x0,%eax	7: R_386_LOAD_GOT32	foo
+[ 	]*[a-f0-9]+:	8b 80 00 00 00 00    	mov    0x0\(%eax\),%eax	d: R_386_LOAD_GOT32	foo
+[ 	]*[a-f0-9]+:	05 00 00 00 00       	add    \$0x0,%eax	12: R_386_GOT32	foo
+[ 	]*[a-f0-9]+:	03 05 00 00 00 00    	add    0x0,%eax	18: R_386_GOT32	foo
+[ 	]*[a-f0-9]+:	03 80 00 00 00 00    	add    0x0\(%eax\),%eax	1e: R_386_GOT32	foo
+[ 	]*[a-f0-9]+:	ff 15 00 00 00 00    	call   \*0x0	24: R_386_LOAD_GOT32	foo
+[ 	]*[a-f0-9]+:	ff 90 00 00 00 00    	call   \*0x0\(%eax\)	2a: R_386_LOAD_GOT32	foo
+[ 	]*[a-f0-9]+:	ff 25 00 00 00 00    	jmp    \*0x0	30: R_386_LOAD_GOT32	foo
+[ 	]*[a-f0-9]+:	ff a0 00 00 00 00    	jmp    \*0x0\(%eax\)	36: R_386_LOAD_GOT32	foo
+[ 	]*[a-f0-9]+:	b8 00 00 00 00       	mov    \$0x0,%eax	3b: R_386_GOT32	foo
+[ 	]*[a-f0-9]+:	8b 05 00 00 00 00    	mov    0x0,%eax	41: R_386_LOAD_GOT32	foo
+[ 	]*[a-f0-9]+:	8b 80 00 00 00 00    	mov    0x0\(%eax\),%eax	47: R_386_LOAD_GOT32	foo
+[ 	]*[a-f0-9]+:	05 00 00 00 00       	add    \$0x0,%eax	4c: R_386_GOT32	foo
+[ 	]*[a-f0-9]+:	03 05 00 00 00 00    	add    0x0,%eax	52: R_386_GOT32	foo
+[ 	]*[a-f0-9]+:	03 80 00 00 00 00    	add    0x0\(%eax\),%eax	58: R_386_GOT32	foo
+[ 	]*[a-f0-9]+:	ff 90 00 00 00 00    	call   \*0x0\(%eax\)	5e: R_386_LOAD_GOT32	foo
+[ 	]*[a-f0-9]+:	ff 15 00 00 00 00    	call   \*0x0	64: R_386_LOAD_GOT32	foo
+[ 	]*[a-f0-9]+:	ff a0 00 00 00 00    	jmp    \*0x0\(%eax\)	6a: R_386_LOAD_GOT32	foo
+[ 	]*[a-f0-9]+:	ff 25 00 00 00 00    	jmp    \*0x0	70: R_386_LOAD_GOT32	foo
+#pass
--- a/gas/testsuite/gas/i386/got.s
+++ b/gas/testsuite/gas/i386/got.s
@@ -0,0 +1,29 @@
+	.text
+_start:
+	movl	$foo@GOT, %eax
+	movl	foo@GOT, %eax
+	movl	foo@GOT(%eax), %eax
+
+	addl	$foo@GOT, %eax
+	addl	foo@GOT, %eax
+	addl	foo@GOT(%eax), %eax
+
+	call	*foo@GOT
+	call	*foo@GOT(%eax)
+	jmp	*foo@GOT
+	jmp	*foo@GOT(%eax)
+
+	.intel_syntax noprefix
+
+	mov	eax, offset foo@got
+	mov	eax, DWORD PTR [foo@GOT]
+	mov	eax, DWORD PTR [eax + foo@GOT]
+
+	add	eax, offset foo@got
+	add	eax, DWORD PTR [foo@GOT]
+	add	eax, DWORD PTR [eax + foo@GOT]
+
+	call	DWORD PTR [eax + foo@GOT]
+	call	DWORD PTR [foo@GOT]
+	jmp	DWORD PTR [eax + foo@GOT]
+	jmp	DWORD PTR [foo@GOT]
--- a/gas/testsuite/gas/i386/i386.exp
+++ b/gas/testsuite/gas/i386/i386.exp
@@ -404,6 +404,8 @@ if [expr ([istarget "i*86-*-*"] ||  [istarget "x86_64-*-*"]) && [gas_32_check]]
 	run_dump_test "relax-3"
 	run_dump_test "relax-4"

+	run_dump_test "got"
+
 	if {![istarget "*-*-nacl*"]} then {
 	    run_dump_test "iamcu-1"
 	    run_dump_test "iamcu-2"
@@ -778,6 +780,8 @@ if [expr ([istarget "i*86-*-*"] || [istarget "x86_64-*-*"]) && [gas_64_check]] t
 	run_dump_test "x86-64-jump"
 	run_dump_test "x86-64-branch-2"
 	run_list_test "x86-64-branch-3" "-al -mintel64"
+
+	run_dump_test "x86-64-gotpcrel"
    }

    set ASFLAGS "$old_ASFLAGS"
--- a/gas/testsuite/gas/i386/ilp32/x86-64-gotpcrel.d
+++ b/gas/testsuite/gas/i386/ilp32/x86-64-gotpcrel.d
@@ -0,0 +1,27 @@
+#source: ../x86-64-gotpcrel.s
+#objdump: -dwr
+#name: x86-64 (ILP32) gotpcrel
+
+.*: +file format .*
+
+
+Disassembly of section .text:
+
+0+ <_start>:
+[ 	]*[a-f0-9]+:	48 c7 c0 00 00 00 00 	mov    \$0x0,%rax	3: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	48 8b 04 25 00 00 00 00 	mov    0x0,%rax	b: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	48 8b 05 00 00 00 00 	mov    0x0\(%rip\),%rax        # 16 <_start\+0x16>	12: R_X86_64_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	48 8b 81 00 00 00 00 	mov    0x0\(%rcx\),%rax	19: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	ff 15 00 00 00 00    	callq  \*0x0\(%rip\)        # 23 <_start\+0x23>	1f: R_X86_64_INDBR_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	ff 90 00 00 00 00    	callq  \*0x0\(%rax\)	25: R_X86_64_INDBR_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	ff 25 00 00 00 00    	jmpq   \*0x0\(%rip\)        # 2f <_start\+0x2f>	2b: R_X86_64_INDBR_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	ff a1 00 00 00 00    	jmpq   \*0x0\(%rcx\)	31: R_X86_64_INDBR_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	48 c7 c0 00 00 00 00 	mov    \$0x0,%rax	38: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	48 8b 04 25 00 00 00 00 	mov    0x0,%rax	40: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	48 8b 05 00 00 00 00 	mov    0x0\(%rip\),%rax        # 4b <_start\+0x4b>	47: R_X86_64_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	48 8b 81 00 00 00 00 	mov    0x0\(%rcx\),%rax	4e: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	ff 15 00 00 00 00    	callq  \*0x0\(%rip\)        # 58 <_start\+0x58>	54: R_X86_64_INDBR_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	ff 90 00 00 00 00    	callq  \*0x0\(%rax\)	5a: R_X86_64_INDBR_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	ff 25 00 00 00 00    	jmpq   \*0x0\(%rip\)        # 64 <_start\+0x64>	60: R_X86_64_INDBR_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	ff a1 00 00 00 00    	jmpq   \*0x0\(%rcx\)	66: R_X86_64_INDBR_GOTPCREL	foo
+#pass
--- a/gas/testsuite/gas/i386/localpic.d
+++ b/gas/testsuite/gas/i386/localpic.d
@@ -3,7 +3,7 @@

 Relocation section '.rel.text' at offset 0x[0-9a-f]+ contains 1 entries:
 Offset     Info    Type            Sym.Value  Sym. Name
-[0-9a-f]+ +[0-9a-f]+ R_386_GOT32 +[0-9a-f]+ +foo
+[0-9a-f]+ +[0-9a-f]+ R_386_LOAD_GOT32 +[0-9a-f]+ +foo
 #...
 +[0-9]+: +[0-9a-f]+ +[0-9a-f]+ +NOTYPE +LOCAL +DEFAULT +[0-9]+ +foo
 #pass
--- a/gas/testsuite/gas/i386/mixed-mode-reloc32.d
+++ b/gas/testsuite/gas/i386/mixed-mode-reloc32.d
@@ -6,9 +6,9 @@

 RELOCATION RECORDS FOR \[.text\]:
 OFFSET[ 	]+TYPE[ 	]+VALUE[ 	]*
-[0-9a-f]+[ 	]+R_386_GOT32[ 	]+xtrn[ 	]*
+[0-9a-f]+[ 	]+R_386_LOAD_GOT32[ 	]+xtrn[ 	]*
 [0-9a-f]+[ 	]+R_386_PLT32[ 	]+xtrn[ 	]*
-[0-9a-f]+[ 	]+R_386_GOT32[ 	]+xtrn[ 	]*
+[0-9a-f]+[ 	]+R_386_LOAD_GOT32[ 	]+xtrn[ 	]*
 [0-9a-f]+[ 	]+R_386_PLT32[ 	]+xtrn[ 	]*
-[0-9a-f]+[ 	]+R_386_GOT32[ 	]+xtrn[ 	]*
+[0-9a-f]+[ 	]+R_386_LOAD_GOT32[ 	]+xtrn[ 	]*
 [0-9a-f]+[ 	]+R_386_PLT32[ 	]+xtrn[ 	]*
--- a/gas/testsuite/gas/i386/reloc32.d
+++ b/gas/testsuite/gas/i386/reloc32.d
@@ -18,7 +18,7 @@ Disassembly of section \.text:
 .*[ 	]+R_386_PC32[ 	]+xtrn
 .*[ 	]+R_386_PC8[ 	]+xtrn
 .*[ 	]+R_386_GOT32[ 	]+xtrn
-.*[ 	]+R_386_GOT32[ 	]+xtrn
+.*[ 	]+R_386_LOAD_GOT32[ 	]+xtrn
 .*[ 	]+R_386_GOTOFF[ 	]+xtrn
 .*[ 	]+R_386_GOTOFF[ 	]+xtrn
 .*[ 	]+R_386_GOTPC[ 	]+_GLOBAL_OFFSET_TABLE_
--- a/gas/testsuite/gas/i386/x86-64-gotpcrel.d
+++ b/gas/testsuite/gas/i386/x86-64-gotpcrel.d
@@ -0,0 +1,25 @@
+#objdump: -dwr
+
+.*: +file format .*
+
+
+Disassembly of section .text:
+
+0+ <_start>:
+[ 	]*[a-f0-9]+:	48 c7 c0 00 00 00 00 	mov    \$0x0,%rax	3: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	48 8b 04 25 00 00 00 00 	mov    0x0,%rax	b: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	48 8b 05 00 00 00 00 	mov    0x0\(%rip\),%rax        # 16 <_start\+0x16>	12: R_X86_64_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	48 8b 81 00 00 00 00 	mov    0x0\(%rcx\),%rax	19: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	ff 15 00 00 00 00    	callq  \*0x0\(%rip\)        # 23 <_start\+0x23>	1f: R_X86_64_INDBR_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	ff 90 00 00 00 00    	callq  \*0x0\(%rax\)	25: R_X86_64_INDBR_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	ff 25 00 00 00 00    	jmpq   \*0x0\(%rip\)        # 2f <_start\+0x2f>	2b: R_X86_64_INDBR_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	ff a1 00 00 00 00    	jmpq   \*0x0\(%rcx\)	31: R_X86_64_INDBR_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	48 c7 c0 00 00 00 00 	mov    \$0x0,%rax	38: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	48 8b 04 25 00 00 00 00 	mov    0x0,%rax	40: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	48 8b 05 00 00 00 00 	mov    0x0\(%rip\),%rax        # 4b <_start\+0x4b>	47: R_X86_64_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	48 8b 81 00 00 00 00 	mov    0x0\(%rcx\),%rax	4e: R_X86_64_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	ff 15 00 00 00 00    	callq  \*0x0\(%rip\)        # 58 <_start\+0x58>	54: R_X86_64_INDBR_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	ff 90 00 00 00 00    	callq  \*0x0\(%rax\)	5a: R_X86_64_INDBR_GOTPCREL	foo
+[ 	]*[a-f0-9]+:	ff 25 00 00 00 00    	jmpq   \*0x0\(%rip\)        # 64 <_start\+0x64>	60: R_X86_64_INDBR_GOTPCREL	foo-0x4
+[ 	]*[a-f0-9]+:	ff a1 00 00 00 00    	jmpq   \*0x0\(%rcx\)	66: R_X86_64_INDBR_GOTPCREL	foo
+#pass
--- a/gas/testsuite/gas/i386/x86-64-gotpcrel.s
+++ b/gas/testsuite/gas/i386/x86-64-gotpcrel.s
@@ -0,0 +1,23 @@
+	.text
+_start:
+	movq	$foo@GOTPCREL, %rax
+	movq	foo@GOTPCREL, %rax
+	movq	foo@GOTPCREL(%rip), %rax
+	movq	foo@GOTPCREL(%rcx), %rax
+
+	call	*foo@GOTPCREL(%rip)
+	call	*foo@GOTPCREL(%rax)
+	jmp	*foo@GOTPCREL(%rip)
+	jmp	*foo@GOTPCREL(%rcx)
+
+	.intel_syntax noprefix
+
+	mov	rax, offset foo@gotpcrel
+	mov	rax, QWORD PTR [foo@GOTPCREL]
+	mov	rax, QWORD PTR [rip + foo@GOTPCREL]
+	mov	rax, QWORD PTR [rcx + foo@GOTPCREL]
+
+	call	QWORD PTR [rip + foo@GOTPCREL]
+	call	QWORD PTR [rax + foo@GOTPCREL]
+	jmp	QWORD PTR [rip + foo@GOTPCREL]
+	jmp	QWORD PTR [rcx + foo@GOTPCREL]
--- a/include/elf/i386.h
+++ b/include/elf/i386.h
@@ -66,6 +66,8 @@ START_RELOC_NUMBERS (elf_i386_reloc_type)
     RELOC_NUMBER (R_386_TLS_DESC_CALL,40)
     RELOC_NUMBER (R_386_TLS_DESC,     41)
     RELOC_NUMBER (R_386_IRELATIVE,    42) /* Adjust indirectly by program base */
+     /* Load via 32 bit GOT entry */
+     RELOC_NUMBER (R_386_LOAD_GOT32,   43)

     /* Used by Intel.  */
     RELOC_NUMBER (R_386_USED_BY_INTEL_200, 200)
--- a/include/elf/x86-64.h
+++ b/include/elf/x86-64.h
@@ -76,6 +76,8 @@ START_RELOC_NUMBERS (elf_x86_64_reloc_type)
 						  signed with BND prefix  */
     RELOC_NUMBER (R_X86_64_PLT32_BND, 40)     /* 32 bit PLT address with
 						  BND prefix */
+     /* Indirect branch via 32 bit signed pc relative offset to GOT entry */
+     RELOC_NUMBER (R_X86_64_INDBR_GOTPCREL, 41)
     RELOC_NUMBER (R_X86_64_GNU_VTINHERIT, 250)       /* GNU C++ hack  */
     RELOC_NUMBER (R_X86_64_GNU_VTENTRY, 251)         /* GNU C++ hack  */
 END_RELOC_NUMBERS (R_X86_64_max)
--- a/ld/testsuite/ld-i386/got1.dd
+++ b/ld/testsuite/ld-i386/got1.dd
@@ -0,0 +1,19 @@
+#...
+[a-f0-9]+ <main>:
+[ 	]*[a-f0-9]+:	83 ec 0c             	sub    \$0xc,%esp
+[ 	]*[a-f0-9]+:	[ a-f0-9]+    	addr16 call [a-f0-9]+ <foo>
+[ 	]*[a-f0-9]+:	[ a-f0-9]+    	call   \*0x[a-f0-9]+
+[ 	]*[a-f0-9]+:	[ a-f0-9]+    	call   \*0x[a-f0-9]+
+[ 	]*[a-f0-9]+:	[ a-f0-9]+    	lea   *0x[a-f0-9]+,%eax
+[ 	]*[a-f0-9]+:	ff d0                	call   \*%eax
+[ 	]*[a-f0-9]+:	[ a-f0-9]+    	mov   *0x[a-f0-9]+,%eax
+[ 	]*[a-f0-9]+:	ff d0                	call   \*%eax
+[ 	]*[a-f0-9]+:	[ a-f0-9]+    	mov   *0x[a-f0-9]+,%eax
+[ 	]*[a-f0-9]+:	ff d0                	call   \*%eax
+[ 	]*[a-f0-9]+:	[ a-f0-9]+    	lea   *0x[a-f0-9]+,%ecx
+[ 	]*[a-f0-9]+:	ff d1                	call   \*%ecx
+[ 	]*[a-f0-9]+:	83 ec 0c             	sub    \$0xc,%esp
+[ 	]*[a-f0-9]+:	6a 00                	push   \$0x0
+[ 	]*[a-f0-9]+:	[ a-f0-9]+       	jmp    [a-f0-9]+ <myexit>
+[ 	]*[a-f0-9]+:	90                   	nop
+#pass
--- a/ld/testsuite/ld-i386/got1.out
+++ b/ld/testsuite/ld-i386/got1.out
@@ -0,0 +1,7 @@
+foo
+bar
+plt
+foo
+bar
+plt
+foo
--- a/ld/testsuite/ld-i386/got1a.S
+++ b/ld/testsuite/ld-i386/got1a.S
@@ -0,0 +1,20 @@
+	.text
+	.globl	main
+	.type	main, @function
+main:
+	subl	$12, %esp
+	call	*foo@GOT
+	call	*bar@GOT
+	call	*plt@GOT
+	movl	foo@GOT, %eax
+	call	*%eax
+	movl	bar@GOT, %eax
+	call	*%eax
+	movl	plt@GOT, %eax
+	call	*%eax
+	movl	foo@GOT(%ebx), %ecx
+	call	*%ecx
+	subl	$12, %esp
+	pushl	$0
+	jmp	*myexit@GOT
+	.size	main, .-main
--- a/ld/testsuite/ld-i386/got1b.c
+++ b/ld/testsuite/ld-i386/got1b.c
@@ -0,0 +1,7 @@
+#include <stdio.h>
+
+void
+foo (void)
+{
+  printf ("%s\n", __FUNCTION__);
+}
--- a/ld/testsuite/ld-i386/got1c.c
+++ b/ld/testsuite/ld-i386/got1c.c
@@ -0,0 +1,7 @@
+#include <stdlib.h>
+
+void
+myexit (int status)
+{
+  exit (status);
+}
--- a/ld/testsuite/ld-i386/got1d.S
+++ b/ld/testsuite/ld-i386/got1d.S
@@ -0,0 +1,54 @@
+	.globl	bar
+	.type	bar, @function
+bar:
+	pushl	%ebx
+	call	__x86.get_pc_thunk.cx
+	addl	$_GLOBAL_OFFSET_TABLE_, %ecx
+	subl	$24, %esp
+	leal	__FUNCTION__.1862@GOTOFF(%ecx), %eax
+	movl	%eax, (%esp)
+	call	*puts@GOT(%ecx)
+	addl	$24, %esp
+	popl	%ebx
+	ret
+	.size	bar, .-bar
+
+	.globl	plt
+	.type	plt, @function
+plt:
+	pushl	%esi
+	pushl	%ebx
+	call	__x86.get_pc_thunk.bx
+1:
+	addl	$_GLOBAL_OFFSET_TABLE_, %ebx
+	subl	$20, %esp
+	leal	__FUNCTION__.1866@GOTOFF(%ebx), %esi
+	movl	%esi, (%esp)
+	call	*puts@GOT(%ebx)
+	addl	$20, %esp
+	popl	%ebx
+	popl	%esi
+	ret
+	.section	.rodata
+	.type	__FUNCTION__.1866, @object
+	.size	__FUNCTION__.1866, 4
+__FUNCTION__.1866:
+	.string	"plt"
+	.type	__FUNCTION__.1862, @object
+	.size	__FUNCTION__.1862, 4
+__FUNCTION__.1862:
+	.string	"bar"
+	.section	.text.__x86.get_pc_thunk.bx,"axG",@progbits,__x86.get_pc_thunk.bx,comdat
+	.globl	__x86.get_pc_thunk.bx
+	.hidden	__x86.get_pc_thunk.bx
+	.type	__x86.get_pc_thunk.bx, @function
+__x86.get_pc_thunk.bx:
+	movl	(%esp), %ebx
+	ret
+	.section	.text.__x86.get_pc_thunk.cx,"axG",@progbits,__x86.get_pc_thunk.cx,comdat
+	.globl	__x86.get_pc_thunk.cx
+	.hidden	__x86.get_pc_thunk.cx
+	.type	__x86.get_pc_thunk.cx, @function
+__x86.get_pc_thunk.cx:
+	movl	(%esp), %ecx
+	ret
--- a/ld/testsuite/ld-i386/i386.exp
+++ b/ld/testsuite/ld-i386/i386.exp
@@ -291,6 +291,12 @@ run_dump_test "lea1c"
 run_dump_test "lea1d"
 run_dump_test "lea1e"
 run_dump_test "lea1f"
+run_dump_test "lea2a"
+run_dump_test "lea2b"
+run_dump_test "lea3a"
+run_dump_test "lea3b"
+run_dump_test "lea4a"
+run_dump_test "lea4b"
 run_dump_test "mov1a"
 run_dump_test "mov1b"

@@ -490,6 +496,22 @@ if { [isnative]
 	    {{readelf {-Wrd} pr18900b.rd}} \
 	    "pr18900b" \
 	] \
+	[list \
+	    "Build got1d.so" \
+	    "-shared" \
+	    "" \
+	    { got1d.S } \
+	    "" \
+	    "got1d.so" \
+	] \
+	[list \
+	    "Build gotpc1" \
+	    "tmpdir/got1d.so" \
+	    "" \
+	    { got1a.S got1b.c got1c.c } \
+	    {{objdump {-dw} got1.dd}} \
+	    "got1" \
+	] \
    ]

    run_ld_link_exec_tests [] [list \
@@ -552,6 +574,14 @@ if { [isnative]
 	    "pr18900" \
 	    "pr18900.out" \
 	] \
+	[list \
+	    "Run got1" \
+	    "tmpdir/got1d.so" \
+	    "" \
+	    { got1a.S got1b.c got1c.c } \
+	    "got1" \
+	    "got1.out" \
+	] \
    ]
 }

--- a/ld/testsuite/ld-i386/lea1c.d
+++ b/ld/testsuite/ld-i386/lea1c.d
@@ -9,5 +9,5 @@
 Disassembly of section .text:

 #...
-[ 	]*[a-f0-9]+:	8d 81 ([0-9a-f]{2} ){4} *	lea    -0x[a-f0-9]+\(%ecx\),%eax
+[ 	]*[a-f0-9]+:	8d 05 ([0-9a-f]{2} ){4} *	lea    0x[a-f0-9]+,%eax
 #pass
--- a/ld/testsuite/ld-i386/lea2.s
+++ b/ld/testsuite/ld-i386/lea2.s
@@ -0,0 +1,9 @@
+	.text
+	.globl	foo
+	.type	foo, @function
+foo:
+	ret
+	.globl	_start
+	.type	_start, @function
+_start:
+	movl	foo@GOT, %eax
--- a/ld/testsuite/ld-i386/lea2a.d
+++ b/ld/testsuite/ld-i386/lea2a.d
@@ -0,0 +1,4 @@
+#source: lea2.s
+#as: --32
+#ld: -Bsymbolic -shared -melf_i386
+#error: direct GOT relocation R_386_LOAD_GOT32 against `foo' without base register can not be used when making a shared object
--- a/ld/testsuite/ld-i386/lea2b.d
+++ b/ld/testsuite/ld-i386/lea2b.d
@@ -0,0 +1,13 @@
+#source: lea2.s
+#as: --32
+#ld: -melf_i386
+#objdump: -dw
+
+.*: +file format .*
+
+
+Disassembly of section .text:
+
+#...
+[ 	]*[a-f0-9]+:	8d 05 ([0-9a-f]{2} ){4} *	lea    0x[a-f0-9]+,%eax
+#pass
--- a/ld/testsuite/ld-i386/lea3.s
+++ b/ld/testsuite/ld-i386/lea3.s
@@ -0,0 +1,15 @@
+	.text
+	.globl	foo
+	.type	foo, @function
+foo:
+	ret
+	.type	bar, @function
+bar:
+	ret
+	.globl	_start
+	.type	_start, @function
+_start:
+	call	*foo@GOT
+	call	*bar@GOT
+	jmp	*foo@GOT
+	jmp	*bar@GOT
--- a/ld/testsuite/ld-i386/lea3a.d
+++ b/ld/testsuite/ld-i386/lea3a.d
@@ -0,0 +1,18 @@
+#source: lea3.s
+#as: --32
+#ld: -Bsymbolic -shared -melf_i386
+#objdump: -dw
+
+.*: +file format .*
+
+
+Disassembly of section .text:
+
+#...
+[ 	]*[a-f0-9]+:	67 e8 ([0-9a-f]{2} ){4}[ 	]*addr16 call [a-f0-9]+ <foo>
+[ 	]*[a-f0-9]+:	67 e8 ([0-9a-f]{2} ){4}[ 	]*addr16 call [a-f0-9]+ <bar>
+[ 	]*[a-f0-9]+:	[ a-f0-9]+       	jmp    [a-f0-9]+ <foo>
+[ 	]*[a-f0-9]+:	90                   	nop
+[ 	]*[a-f0-9]+:	[ a-f0-9]+       	jmp    [a-f0-9]+ <bar>
+[ 	]*[a-f0-9]+:	90                   	nop
+#pass
--- a/ld/testsuite/ld-i386/lea3b.d
+++ b/ld/testsuite/ld-i386/lea3b.d
@@ -0,0 +1,18 @@
+#source: lea3.s
+#as: --32
+#ld: -melf_i386
+#objdump: -dw
+
+.*: +file format .*
+
+
+Disassembly of section .text:
+
+#...
+[ 	]*[a-f0-9]+:	67 e8 ([0-9a-f]{2} ){4}[ 	]*addr16 call [a-f0-9]+ <foo>
+[ 	]*[a-f0-9]+:	67 e8 ([0-9a-f]{2} ){4}[ 	]*addr16 call [a-f0-9]+ <bar>
+[ 	]*[a-f0-9]+:	[ a-f0-9]+       	jmp    [a-f0-9]+ <foo>
+[ 	]*[a-f0-9]+:	90                   	nop
+[ 	]*[a-f0-9]+:	[ a-f0-9]+       	jmp    [a-f0-9]+ <bar>
+[ 	]*[a-f0-9]+:	90                   	nop
+#pass
--- a/ld/testsuite/ld-i386/lea4.s
+++ b/ld/testsuite/ld-i386/lea4.s
@@ -0,0 +1,8 @@
+	.text
+	.type	foo, @function
+foo:
+	ret
+	.globl	_start
+	.type	_start, @function
+_start:
+	movl	foo@GOT, %eax
--- a/ld/testsuite/ld-i386/lea4a.d
+++ b/ld/testsuite/ld-i386/lea4a.d
@@ -0,0 +1,4 @@
+#source: lea4.s
+#as: --32
+#ld: -Bsymbolic -shared -melf_i386
+#error: direct GOT relocation R_386_LOAD_GOT32 against `foo' without base register can not be used when making a shared object
--- a/ld/testsuite/ld-i386/lea4b.d
+++ b/ld/testsuite/ld-i386/lea4b.d
@@ -0,0 +1,13 @@
+#source: lea4.s
+#as: --32
+#ld: -melf_i386
+#objdump: -dw
+
+.*: +file format .*
+
+
+Disassembly of section .text:
+
+#...
+[ 	]*[a-f0-9]+:	8d 05 ([0-9a-f]{2} ){4} *	lea    0x[a-f0-9]+,%eax
+#pass
--- a/ld/testsuite/ld-i386/plt-main1.rd
+++ b/ld/testsuite/ld-i386/plt-main1.rd
@@ -1,3 +1,3 @@
 #...
-[0-9a-f ]+R_386_GOT32 +0+ +bar
+[0-9a-f ]+R_386_LOAD_GOT32 +0+ +bar
 #pass
--- a/ld/testsuite/ld-i386/plt-main3.rd
+++ b/ld/testsuite/ld-i386/plt-main3.rd
@@ -1,5 +1,5 @@
 #...
-[0-9a-f ]+R_386_GOT32 +0+ +bar
+[0-9a-f ]+R_386_(LOAD_|)GOT32 +0+ +bar
 #...
 [0-9a-f ]+R_386_PLT32 +0+ +bar
 #pass
--- a/ld/testsuite/ld-i386/plt-main4.rd
+++ b/ld/testsuite/ld-i386/plt-main4.rd
@@ -1,5 +1,5 @@
 #...
-[0-9a-f ]+R_386_GOT32 +0+ +foo
+[0-9a-f ]+R_386_LOAD_GOT32 +0+ +foo
 #...
 [0-9a-f ]+R_386_PLT32 +0+ +foo
 #pass
--- a/ld/testsuite/ld-x86-64/gotpcrel1.dd
+++ b/ld/testsuite/ld-x86-64/gotpcrel1.dd
@@ -0,0 +1,17 @@
+#...
+[a-f0-9]+ <main>:
+[ 	]*[a-f0-9]+:	48 83 ec 08          	sub    \$0x8,%rsp
+[ 	]*[a-f0-9]+:	[ a-f0-9]+    	addr32 callq [a-f0-9]+ <foo>
+[ 	]*[a-f0-9]+:	[ a-f0-9]+    	callq  \*0x[a-f0-9]+\(%rip\)        # [a-f0-9]+ <_DYNAMIC\+0x[a-f0-9]+>
+[ 	]*[a-f0-9]+:	[ a-f0-9]+    	callq  \*0x[a-f0-9]+\(%rip\)        # [a-f0-9]+ <_DYNAMIC\+0x[a-f0-9]+>
+[ 	]*[a-f0-9]+:	[ a-f0-9]+	lea    0x[a-f0-9]+\(%rip\),%rax        # [a-f0-9]+ <foo>
+[ 	]*[a-f0-9]+:	ff d0                	callq  \*%rax
+[ 	]*[a-f0-9]+:	[ a-f0-9]+	mov    0x[a-f0-9]+\(%rip\),%rcx        # [a-f0-9]+ <_DYNAMIC\+0x[a-f0-9]+>
+[ 	]*[a-f0-9]+:	ff d1                	callq  \*%rcx
+[ 	]*[a-f0-9]+:	[ a-f0-9]+	mov    0x[a-f0-9]+\(%rip\),%rdx        # [a-f0-9]+ <_DYNAMIC\+0x[a-f0-9]+>
+[ 	]*[a-f0-9]+:	ff d2                	callq  \*%rdx
+[ 	]*[a-f0-9]+:	31 ff                	xor    %edi,%edi
+[ 	]*[a-f0-9]+:	48 83 c4 08          	add    \$0x8,%rsp
+[ 	]*[a-f0-9]+:	[ a-f0-9]+       	jmpq   [a-f0-9]+ <myexit>
+[ 	]*[a-f0-9]+:	90                   	nop
+#pass
--- a/ld/testsuite/ld-x86-64/gotpcrel1.out
+++ b/ld/testsuite/ld-x86-64/gotpcrel1.out
@@ -0,0 +1,8 @@
+foo
+bar
+plt
+plt
+foo
+bar
+plt
+plt
--- a/ld/testsuite/ld-x86-64/gotpcrel1a.S
+++ b/ld/testsuite/ld-x86-64/gotpcrel1a.S
@@ -0,0 +1,18 @@
+	.text
+	.globl	main
+	.type	main, @function
+main:
+	subq	$8, %rsp
+	call   *foo@GOTPCREL(%rip)
+	call   *bar@GOTPCREL(%rip)
+	call   *plt@GOTPCREL(%rip)
+	movq   foo@GOTPCREL(%rip), %rax
+	call   *%rax
+	movq   bar@GOTPCREL(%rip), %rcx
+	call   *%rcx
+	movq   plt@GOTPCREL(%rip), %rdx
+	call   *%rdx
+	xorl	%edi, %edi
+	addq	$8, %rsp
+	jmp	*myexit@GOTPCREL(%rip)
+	.size	main, .-main
--- a/ld/testsuite/ld-x86-64/gotpcrel1b.c
+++ b/ld/testsuite/ld-x86-64/gotpcrel1b.c
@@ -0,0 +1,7 @@
+#include <stdio.h>
+
+void
+foo (void)
+{
+  printf ("%s\n", __FUNCTION__);
+}
--- a/ld/testsuite/ld-x86-64/gotpcrel1c.c
+++ b/ld/testsuite/ld-x86-64/gotpcrel1c.c
@@ -0,0 +1,7 @@
+#include <stdlib.h>
+
+void
+myexit (int status)
+{
+  exit (status);
+}
--- a/ld/testsuite/ld-x86-64/gotpcrel1d.S
+++ b/ld/testsuite/ld-x86-64/gotpcrel1d.S
@@ -0,0 +1,26 @@
+	.text
+	.globl	bar
+	.type	bar, @function
+bar:
+	leaq	__FUNCTION__.2215(%rip), %rdi
+	jmp   *puts@GOTPCREL(%rip)
+	.size	bar, .-bar
+	.globl	plt
+	.type	plt, @function
+plt:
+	leaq	__FUNCTION__.2219(%rip), %rdi
+	subq	$8, %rsp
+	call   *puts@GOTPCREL(%rip)
+	leaq	__FUNCTION__.2219(%rip), %rdi
+	addq	$8, %rsp
+	jmp	*puts@GOTPCREL(%rip)
+	.size	plt, .-plt
+	.section	.rodata
+	.type	__FUNCTION__.2219, @object
+	.size	__FUNCTION__.2219, 4
+__FUNCTION__.2219:
+	.string	"plt"
+	.type	__FUNCTION__.2215, @object
+	.size	__FUNCTION__.2215, 4
+__FUNCTION__.2215:
+	.string	"bar"
--- a/ld/testsuite/ld-x86-64/x86-64.exp
+++ b/ld/testsuite/ld-x86-64/x86-64.exp
@@ -500,6 +500,22 @@ if { [isnative] && [which $CC] != 0 } {
 	    {{readelf {-Wrd} pr18900b.rd}} \
 	    "pr18900b" \
 	] \
+	[list \
+	    "Build gotpcrel1d.so" \
+	    "-shared" \
+	    "" \
+	    { gotpcrel1d.S } \
+	    "" \
+	    "gotpcrel1d.so" \
+	] \
+	[list \
+	    "Build gotpcrel1" \
+	    "tmpdir/gotpcrel1d.so" \
+	    "" \
+	    { gotpcrel1a.S gotpcrel1b.c gotpcrel1c.c } \
+	    {{objdump {-dw} gotpcrel1.dd}} \
+	    "gotpcrel1" \
+	] \
    ]

    run_ld_link_exec_tests [] [list \
@@ -554,6 +570,14 @@ if { [isnative] && [which $CC] != 0 } {
 	    "pr18900" \
 	    "pr18900.out" \
 	] \
+	[list \
+	    "Run gotpcrel1" \
+	    "tmpdir/gotpcrel1d.so" \
+	    "" \
+	    { gotpcrel1a.S gotpcrel1b.c gotpcrel1c.c } \
+	    "gotpcrel1" \
+	    "gotpcrel1.out" \
+	] \
    ]

    if { [istarget "x86_64-*-linux*"] \