This is another one where not cleaning up sufficiently after
processing one file can lead to errors when processing the next file.
We have ngnuchains non-zero but gnuchains NULL in the following:
off < ngnuchains && (gnuchains[off] & 1) == 0
* readelf.c (process_symbol_table): Clear ngnuchains, ngnubuckets
and nbuckets.
This patch is aimed at fixing a number of oss-fuzz segfaults that
don't reproduce reliably with their current infrastructure, the
problem being that one invocation of readelf is effectively being run
on multiple object files. I believe that these segfaults could be
reliably reproduced with just two fuzzed objects being presented to
readelf, but those inputs are currently not identified by oss-fuzz.
So there is some guesswork involved in this patch. The idea here is
to clear stashed data such as symtab_shndx_list that is processed
using section header info, at the same time that header info is
cleared.
* readelf.c (process_section_headers): Free dynamic symbols etc.
earlier.
This fixes two leaks found in the new code supporting display of
dynamic symbols retrieved via dynamic tags.
* readelf.c (get_num_dynamic_syms): Formatting. Don't return
on error without freeing.
(process_dynamic_section): Don't recreate dynamic symbols from
dynamic tag info when the dynamic symbols have already been
read via section headers.
VDUP (neon) instructions can be conditional, but this is not taken into
account in the current master. This commit fixes that by i) fixing the
VDUP instruction masks and ii) adding logic for disassembling
conditional neon instructions.
opcodes * arm-dis.c (neon_opcodes): Fix VDUP instruction masks.
(print_insn_neon): Support disassembly of conditional
instructions.
binutils* testsuite/binutils-all/arm/vdup-cond.d: New test for testing that
conditional VDUP instructions are disassembled correctly.
* testsuite/binutils-all/arm/vdup-cond.s: New file used by
vdup-cond.d.
* testsuite/binutils-all/arm/vdup-thumb.d: New test for testing
that VDUP instructions (which are conditional in A32) can be
disassembled in thumb mode.
* testsuite/binutils-all/arm/vdup-cond.s: New file used by
vdup-thumb.d.
I find this useful when needing to compare compiler output, where the
address of the instruction and the value of symbols results in
unwanted differences.
* objdump.c (no_addresses): New static var.
(usage): Print help for --no-addresses.
(long_options): Add --no-addresses entry.
(objdump_print_addr_with_sym, objdump_print_addr): Omit symbol address.
(disassemble_bytes): Don't print current line address, or reloc
address.
* doc/binutils.texi: Document objdump --no-addresses.
When readelf is processing more than one file, static bss vars won't
start out as zero for the second file unless they are cleared.
* readelf.c (process_symbol_table): Zero gnubuckets, gnuchains
etc. after freeing.
When reconstructing dynamic symbol table from the PT_DYNAMIC segment,
compute dynamic symbol table size from hash table. For DT_HASH, the
number of dynamic symbol table entries equals the number of chains.
For DT_GNU_HASH/DT_MIPS_XHASH, only defined symbols with non-STB_LOCAL
indings are in hash table. Since DT_GNU_HASH/DT_MIPS_XHASH place all
symbols with STB_LOCAL binding before symbols with other bindings and
all undefined symbols defined ones in dynamic symbol table, the highest
symbol index in DT_GNU_HASH/DT_MIPS_XHASH is the highest dynamic symbol
table index.
Rewrite print_dynamic_symbol to dump dynamic symbol table for --dyn-syms
and --syms --use-dynamic.
binutils/
PR binutils/25707
* readelf.c (nbuckets): New.
(nchains): Likewise.
(buckets): Likewise.
(chains): Likewise.
(ngnubuckets): Likewise.
(gnubuckets): Likewise.
(gnuchains): Likewise.
(mipsxlat): Likewise.
(ngnuchains): Likewise.
(gnusymidx): Likewise.
(VALID_SYMBOL_NAME): Likewise.
(VALID_DYNAMIC_NAME): Use it.
(get_dynamic_data): Moved before process_dynamic_section.
(get_num_dynamic_syms): New function.
(process_dynamic_section): Use DT_SYMTAB, DT_SYMENT, DT_HASH,
DT_GNU_HASH and DT_MIPS_XHASH to reconstruct dynamic symbol
table. Use DT_STRTAB and DT_STRSZ to reconstruct dynamic string
table.
(get_symbol_index_type): Don't print "bad section index" when
there is no section header.
(print_dynamic_symbol): Rewrite.
(process_symbol_table): Call print_dynamic_symbol to dump dynamic
symbol table.
ld/
PR binutils/25707
* testsuite/ld-arm/armthumb-lib.sym: Updated.
* testsuite/ld-arm/farcall-mixed-app.sym: Likewise.
* testsuite/ld-arm/farcall-mixed-app2.sym: Likewise.
* testsuite/ld-arm/fdpic-main-m.sym: Likewise.
* testsuite/ld-arm/fdpic-main.sym: Likewise.
* testsuite/ld-arm/fdpic-shared-m.sym: Likewise.
* testsuite/ld-arm/fdpic-shared.sym: Likewise.
* testsuite/ld-arm/mixed-app.sym: Likewise.
* testsuite/ld-arm/mixed-lib.sym: Likewise.
* testsuite/ld-arm/preempt-app.sym: Likewise.
* testsuite/ld-elf/hash.d: Likewise.
* testsuite/ld-elf/pr13195.d: Likewise.
* testsuite/ld-elfvsb/hidden2.d: Likewise.
* testsuite/ld-mips-elf/hash2.d: Likewise.
A couple of ld ifunc tests currently FAIL on 64-bit Solaris/x86:
FAIL: ld-ifunc/ifunc-10-x86-64
FAIL: ld-ifunc/ifunc-11-x86-64
FAIL: ld-ifunc/ifunc-12-x86-64
FAIL: ld-ifunc/ifunc-13-x86-64
FAIL: ld-ifunc/ifunc-14a-x86-64
FAIL: ld-ifunc/ifunc-14b-x86-64
FAIL: ld-ifunc/ifunc-14c-x86-64
FAIL: ld-ifunc/ifunc-14d-x86-64
FAIL: ld-ifunc/ifunc-14e-x86-64
FAIL: ld-ifunc/ifunc-14f-x86-64
FAIL: ld-ifunc/ifunc-15-x86-64
FAIL: ld-ifunc/ifunc-17a-x86-64
FAIL: ld-ifunc/ifunc-17b-x86-64
FAIL: ld-ifunc/ifunc-2-local-x86-64-now
FAIL: ld-ifunc/ifunc-2-local-x86-64
FAIL: ld-ifunc/ifunc-2-x86-64-now
FAIL: ld-ifunc/ifunc-2-x86-64
FAIL: ld-ifunc/ifunc-20-x86-64
FAIL: ld-ifunc/pr17154-x86-64-now
FAIL: ld-ifunc/pr17154-x86-64
For one, the actual error is weird:
./ld-new: target elf64-x86-64 not found
failed with: <./ld-new: target elf64-x86-64 not found>, no expected output
FAIL: ld-ifunc/ifunc-10-x86-64
although ld -V does report the elf_x86_64 emulation as supported:
$ ./ld/ld-new -V
GNU ld (GNU Binutils) 2.34.50.20200328
Supported emulations:
elf_x86_64_sol2
elf_x86_64
[...]
When using ld -m elf_x86_64_sol2 instead, one of the testcases links
successfully.
However, there's no point in pursuing this: Solaris does not support
ifunc, as can be seen in <sys/elf.h>:
/*
* GNU/Linux specific symbol type not used by Solaris
*/
#define STT_GNU_IFUNC 10
and never will, given that it has symbol capabilities as solution to
effectively the same problem:
http://www.linker-aliens.org/blogs/rie/entry/symbol_capabilitie/
Therefore this patch disables ifunc testing on Solaris completely by
removing Solaris from binutils/testsuite/lib/binutils-common.exp
(supports_gnu_osabi). The ifunc part is justified above. SHF_GNU_MBIND is
in the OS-specific range and conflicts with
#define SHF_SUNW_REALLOC 0x01000000 /* internal: krtld realloc */
While the comment suggests this might be relocatable without too much
problems, the description of mbind (no formal spec AFAICS, just the
comment in the binutils patch submission) strongly suggests that this
isn't relevant to Solaris at all.
Indirectly, clearing supports_gnu_osabi on Solaris disables
supports_gnu_unique. Again, Solaris <sys/elf.h> has
/*
* GNU/Linux specific binding not used by Solaris
*/
#define STB_GNU_UNIQUE 10
so this seems the right thing to do.
Afterwards, one can remove the explicit mentions of *-*-solaris2* in
quite a number of (but not all) the ld-ifunc dump file notarget lists.
There's one fallout, though: two gas tests now XPASS because they are
xfail'ed for !supports_gnu_osabi:
XPASS: mbind sections 12
XPASS: mbind section contents 16
XPASS: mbind sections 16
XPASS: mbind section contents 16
To fix that, I've changed
#xfail: ![supports_gnu_osabi]
to notarget.
Tested on x86_64-pc-solaris2.11, i386-pc-solaris2.11,
x86_64-pc-linux-gnu, and i686-pc-linux-gnu.
ld:
* testsuite/ld-ifunc/ifunc-10-i386.d: Remove *-*-solaris2* from
notarget.
* ifunc-11-i386.d: Likewise.
* ifunc-12-i386.d: Likewise.
* ifunc-13-i386.d: Likewise.
* ifunc-14a-i386.d: Likewise.
* ifunc-14b-i386.d: Likewise.
* ifunc-14c-i386.d: Likewise.
* ifunc-14d-i386.d: Likewise.
* ifunc-14e-i386.d: Likewise.
* ifunc-14f-i386.d: Likewise.
* ifunc-15-i386.d: Likewise.
* ifunc-16-i386-now.d: Likewise.
* ifunc-16-i386.d: Likewise.
* ifunc-17a-i386.d: Likewise.
* ifunc-17b-i386.d: Likewise.
* ifunc-18a-i386.d: Likewise.
* ifunc-18b-i386.d: Likewise.
* ifunc-19a-i386.d: Likewise.
* ifunc-19b-i386.d: Likewise.
* ifunc-2-i386-now.d: Likewise.
* ifunc-2-i386.d: Likewise.
* ifunc-2-local-i386-now.d: Likewise.
* ifunc-2-local-i386.d: Likewise.
* ifunc-20-i386.d: Likewise.
* ifunc-21-i386.d: Likewise.
* ifunc-22-i386.d: Likewise.
* ifunc-5a-i386.d: Likewise.
* ifunc-5a-local-i386.d: Likewise.
* ifunc-5b-i386.d: Likewise.
* ifunc-5b-local-i386.d: Likewise.
* ifunc-5r-local-i386.d: Likewise.
* ifunc-6a-i386.d: Likewise.
* ifunc-6b-i386.d: Likewise.
* ifunc-7a-i386.d: Likewise.
* ifunc-7b-i386.d: Likewise.
* ifunc-8-i386.d: Likewise.
* ifunc-9-i386.d: Likewise.
* pr17154-i386-now.d: Likewise.
* pr17154-i386.d: Likewise.
* ifunc-23a-x86.d: Remove notarget.
* ifunc-24a-x86.d: Likewise.
* ifunc-25a-x86.d: Likewise.
gas:
* testsuite/gas/elf/section12a.d: Use notarget instead of xfail.
* testsuite/gas/elf/section12b.d: Likewise.
* testsuite/gas/elf/section16a.d: Likewise.
* testsuite/gas/elf/section16b.d: Likewise.
binutils:
* testsuite/lib/binutils-common.exp (supports_gnu_osabi): Don't
enable on *-*-solaris*.
PR binutils/pr25662
bfd * libcoff-in.h (struct pe_tdata): Rename the insert_timestamp
field to timestamp and make it an integer.
* libcoff.h: Regenerate.
* peXXigen.c (_bfd_XXi_only_swap_filehdr_out): Test the timestamp
field in the pe_data structure rather than the insert_timestamp
field.
binutils* objcopy.c (copy_object): When copying PE format files set the
timestamp field in the pe_data structure if the preserve_dates
flag is set.
* testsuite/binutils-all/objcopy.exp (objcopy_test) Use
--preserve-dates in place of the -p option, in order to make its
effect more obvious.
ld * emultempl/pe.em (after_open): Replace initialisation of the
insert_timestamp field in the pe_data structure with an
initialisation of the timestamp field.
* emultemp/pep.em: Likewise.
* pe-dll.c (fill_edata): Use the timestamp field in the pe_data
structure instead of the insert_timestamp field.
Last patch didn't manage to xfail spu due to clear_xfail *-*-*elf*.
Clearing *-*-*elf* dates back to a time when we had rather a lot more
setup_xfail patterns, so limiting it to hppa*-*-*elf*. Also,
mips-*-irix ought to have been mips-*-irix* and I'm having second
thoughts about xfailing mips and hiding what looks like a problem: If
the mips target is supposed to emit names for local section symbols
and does so for objcopy, why isn't it doing the same for ld? Also,
lots more mips targets would be subject to this test failing. So I'm
backing out those xfails and leaving it to someone more knowledgeable
about mips.
* testsuite/binutils-all/objcopy.exp (objcopy_test): Only
clear_xfail hppa*-*-*elf*. Revert mips xfails.
xfails spu due to a note section getting a different vma, and some
mips targets that give section symbols a name string. I added -p
for the executable test in an attempt to fix all the pe target fails,
but that doesn't preserve the date/time for some reason.
* testsuite/binutils-all/objcopy.exp (objcopy_test): Move xfails
from here to calls. Remove "m8*-*-*" entry. Don't xfail tic54x
but do xfail spu, mipstx39 and mips-sgi-irix for the executable
test. Pass "-p" to objcopy for the executable test.
binutils/ChangeLog:
2020-03-27 Jozef Lawrynowicz <jozef.l@mittosystems.com>
PR binutils/25662
* testsuite/binutils-all/objcopy.exp (objcopy_test): Add argument to
specify whether an object file or executable should be built and tested.
Change test names to report whether an object file or executable is
being tested.
* testsuite/binutils-all/pr25662.ld: New test.
* testsuite/binutils-all/pr25662.s: New test.
This patch fixes a leak of qualified_name caused by 4c83662712 and a
double free introduced by fd486f32d1. Not breaking out of the loop
results in an error: "failed to seek to next archive header". That's
slightly better than silently preventing the possibility of endless
loops.
* readelf.c (process_archive): Don't double free qualified_name.
Don't break out of loop with "negative" archive_file_size, just
set file offset to max.
With a crafted "negative" ar_hdr.ar_size it is possible to make
readelf loop. This patch catches the overflow in a file offset
calculation.
* readelf.c (process_archive): Prevent endless loop.
Extend _bfd_elf_get_symbol_version_string for nm -D to display symbol
version. _bfd_elf_get_symbol_version_name is added to avoid updating
all XXX_get_symbol_version_string functions.
bfd/
PR binutils/25708
* elf-bfd.h (_bfd_elf_get_symbol_version_name): New.
* elf.c (_bfd_elf_get_symbol_version_name): New function. Based
on the previous _bfd_elf_get_symbol_version_string.
(_bfd_elf_get_symbol_version_string): Use it.
binutils/
PR binutils/25708
* nm.c (SYM_NAME): Removed.
(print_symname): Add a pointer to struct extended_symbol_info
argument. Call _bfd_elf_get_symbol_version_name to get symbol
version.
(print_symdef_entry): Pass NULL to print_symname.
(print_symbol_info_bsd): Update call to print_symname.
(print_symbol_info_sysv): Likewise.
(print_symbol_info_posix): Likewise.
ld/
PR binutils/25708
* testsuite/ld-elf/pr25708.d: New file.
PR 25676
bfd * dwarf2.c (struct varinfo): Add unit_offset field to record the
location of the varinfo in the unit's debug info data. Change the
type of the stack field to a boolean.
(lookup_var_by_offset): New function. Returns the varinfo
structure for the variable described at the given offset in the
unit's debug info.
(scan_unit_for_symbols): Add support for variables which have the
DW_AT_specification attribute.
binutils* testsuite/binutils-all/dw4.s: New test source file.
* testsuite/binutils-all/nm.exp: Run the new test.
process_symbol_table () has
unsigned long num_syms;
...
for (si = 0, psym = symtab; si < num_syms; si++, psym++)
We should use unsigned long to iterate over num_syms.
* readelf.c (process_symbol_table): Use unsigned long for si.
Better than warning about bfd types, just don't include bfd.h and
warn against including the header again.
* elfcomm.c: Don't include bfd.h or bucomm.h.
(program_name): Declare.
(process_archive_index_and_symbols): Replace bfd_boolean with int,
and substitute FALSE and TRUE.
(setup_archive, setup_nested_archive): Likewise.
* elfcomm.h: Likewise.
This extracts code reading symbol tables into a common function that
tidies up after errors. I've also changed an error reporting multiple
string tables to an error on multiple symbol tables.
* readelf.c (get_symbols): New function.
(process_relocs, ia64_process_unwind, hppa_process_unwind),
(arm_process_unwind, get_symbol_for_build_attribute): Use it.
* unwind-ia64.c (unw_decode_uleb128): Prevent overlarge shifts.
Detect shift overflows and check that terminating byte is found.
Print an error on a bad uleb128.
In git commit fd486f32d1 I put some static variables used by
get_symbol_for_build_attribute in a file scope ba_cache struct. This
was to prevent leaks in get_symbol_for_build_attribute, and to tidy up
before readelf exited. The patch wasn't quite right though. When
readelf processes more than one file it was possible to double free
arrays allocated in get_symbol_for_build_attribute.
* readelf.c (process_file): Clean ba_cache.
bfd/ChangeLog:
* elf.c (elfcore_grok_netbsd_note): Add support for
NT_NETBSDCORE_LWPSTATUS notes.
binutils/ChangeLog:
* readelf.c (get_netbsd_elfcore_note_type): Add support for
NT_NETBSDCORE_LWPSTATUS notes.
include/ChangeLog:
* elf/common.h (NT_NETBSDCORE_LWPSTATUS): New define.
* elfcomm.c (get_archive_member_name): Always return malloc'd
string or NULL.
* elfedit.c (process_archive): Tidy memory on all return paths.
* readelf.c (process_archive): Likewise.
(process_symbol_table): Likewise.
(ba_cache): New, replacing ..
(get_symbol_for_build_attribute): ..static vars here. Free
strtab and symtab before loading new ones. Reject symtab without
valid strtab in loop, breaking out of loop on valid symtab.
(process_file): Free ba_cache symtab and strtab here, resetting
ba_cache.
* readelf.c (process_section_headers): Don't just set
filedata->section_headers NULL, free it first. Similarly for
dynamic_symbols, dynamic_strings, dynamic_syminfo and
symtab_shndx_list. Zero associated counts too.
(process_object): Free symtab_shndx_list.
(process_file): Free various allocated filedata tables.
PR 25611
PR 25614
* dwarf.h (DWARF2_Internal_LineInfo): Add li_address_size and
li_segment_size fields.
* dwarf.c (read_debug_line_header): Record the address size and
segment selector size values (if present) in the lineinfo
structure.
(display_formatted_table): Warn if the format count is empty but
the table itself is not empty.
Display the format count and entry count at the start of the table
dump.
(display_debug_lines_raw): Display the address size and segement
selector size fields, if present.
* testsuite/binutils-all/dw5.W: Update expected output.
gas * dwarf2dbg.c (DWARF2_FILE_TIME_NAME): Default to -1.
(DWARF2_FILE_SIZE_NAME): Default to -1.
(DWARF2_LINE_VERSION): Default to the current dwarf level or 3,
whichever is higher.
(DWARF2_LINE_MAX_OPS_PER_INSN): Provide a default value of 1.
(NUM_MD5_BYTES): Define.
(struct file entry): Add md5 field.
(get_filenum): Delete and replace with...
(get_basename): New function.
(get_directory_table_entry): New function.
(allocate_filenum): New function.
(allocate_filename_to_slot): New function.
(dwarf2_where): Use new functions.
(dwarf2_directive_filename): Add support for extended .file
pseudo-op.
(dwarf2_directive_loc): Allow the use of file number zero with
DWARF 5 or higher.
(out_file_list): Rename to...
(out_dir_and_file_list): Add DWARF 5 support.
(out_debug_line): Emit extra values into the section header for
DWARF 5.
(out_debug_str): Allow for file 0 to be used with DWARF 5.
* doc/as.texi (.file): Update the description of this pseudo-op.
* testsuite/gas/elf-dwarf-5-file0.s: Add more lines.
* testsuite/gas/elf-dwarf-5-file0.d: Update expected dump output.
* testsuite/gas/lns/lns-diag-1.l: Update expected error message.
* NEWS: Mention the new feature.
With the right set of options, the second block of code dealing with
padding can see a different section count. So don't use the new count.
Since I was editing those lines, I've also changed the code allocating
arrays a little.
array = malloc (n * sizeof (*array));
for an array of ints is just better than
array = malloc (n * sizeof (int));
It's easier to write correctly in the first place and more robust
against code changes that might modify the array element type.
PR 25651
* objcopy.c (copy_object): Test "gaps" not gap_fill_set or
pad_to_set on second block of code dealing with padding.
Replace "c" with "num_sec" and don't recalculate number of
sections on second block. Size arrays using sizeof (element)
rather than sizeof (element type).
ubsan complains about memcpy with a NULL src even when size is zero.
* objdump.c (disassemble_section): Don't call qsort unless
sym count is at least two.
(disassemble_data): Don't call memcpy with NULL src.
PR 25645
* readelf.c (dump_ia64_vms_dynamic_fixups): Pass size and nmemb
to get_data rather than multiplying.
(dump_ia64_vms_dynamic_relocs): Likewise.
(process_version_sections): Correct order of size and nmemb args
in get_data call.
(process_mips_specific): Likewise.
In commit 2b44a6a237 (" binutils: doc: make `make clean` clean more
things"), I moved the doc build artifacts to MOSTLYCLEANFILES, which
made them get removed by "make clean".
Because generating binutils.info requires makeinfo, and we do not want
to require makeinfo when building from the tarball, binutils.info should
not get removed by "make clean" (otherwise, it won't be included in the
tarball).
And to be consistent with other projects (e.g. ld and gas), we also want
to ship the built man pages in the tarball.
This patch puts back all these in MAINTAINERCLEANFILES, so that they are
bundled in the tarball, and only cleaned if you use "make
maintainer-clean".
Tested by building a source release and confirming they are present.
binutils/ChangeLog:
PR 25491
* doc/Makefile.am: Rename MOSTLYCLEANFILES to MAINTAINERCLEANFILES.
* doc/Makefile.in: Re-generate.
binutils* objcopy.c (check_new_section_flags): New function. Reject the
SEC_COFF_SHARED flag if the target is not a COFF binary.
(copy_object): Call check_new_section_flags.
(setup_section): Likewise.
* doc/binutils.texi (objcopy): Add a note that the 'share' section
flag cannot be applied to ELF binaries.
bfd * elf.c (_bfd_elf_set_section_contents): Replace call to abort
with error messages and failure return values.
