This commit implements support for 'Svadu' extension. Because it does not
add any instructions or CSRs (but adds bits to existing CSRs), this commit
only adds extension name support and implication to the 'Zicsr' extension.
This is based on the "Hardware Updating of PTE A/D Bits (Svadu)"
specification, version 1.0-rc1 (Frozen):
<https://github.com/riscv/riscv-svadu/releases/tag/v1.0-rc1>
bfd/ChangeLog:
* elfxx-riscv.c (riscv_implicit_subsets): Add implication from
'Svadu' to 'Zicsr'. (riscv_supported_std_s_ext) Add 'Svadu'.
This commit adds now stable and approved 'Smcntrpmf' extension defined by
the RISC-V Cycle and Instret Privilege Mode Filtering specification.
Note that, because mcyclecfg and minstretcfg CSRs conflict with the
privileged specification version 1.9.1, CSRs for this extension are only
enabled on the privileged specification version 1.10 or later.
By checking the base privileged specification, we no longer need to change
the design of base CSR handling.
This is based on the specification version v1.0_rc1 (Frozen):
<32b752c40d>
bfd/ChangeLog:
* elfxx-riscv.c (riscv_implicit_subsets): Add implication rule from
the new 'Smcntrpmf' extension. (riscv_supported_std_s_ext): Add
'Smcntrpmf' to the supported S extension list.
gas/ChangeLog:
* config/tc-riscv.c (enum riscv_csr_class): Add new CSR classes
CSR_CLASS_SMCNTRPMF and CSR_CLASS_SMCNTRPMF_32.
(riscv_csr_address): Add handling for new CSR classes.
* testsuite/gas/riscv/csr-dw-regnums.s: Add new CSRs. Move
"mscounteren" and "mhcounteren" CSRs and note that they are now
aliases.
* testsuite/gas/riscv/csr-dw-regnums.d: Reflect the change.
* testsuite/gas/riscv/csr.s: Add new CSRs. Move "mscounteren"
and "mhcounteren" CSRs and note that they are now reused for
the 'Smcntrpmf' extension.
* testsuite/gas/riscv/csr-version-1p9p1.d: Reflect the changes of
csr.s.
* testsuite/gas/riscv/csr-version-1p9p1.l: Likewise.
* testsuite/gas/riscv/csr-version-1p10.d: Likewise.
* testsuite/gas/riscv/csr-version-1p10.l: Likewise.
* testsuite/gas/riscv/csr-version-1p11.d: Likewise.
* testsuite/gas/riscv/csr-version-1p11.l: Likewise.
* testsuite/gas/riscv/csr-version-1p12.d: Likewise.
* testsuite/gas/riscv/csr-version-1p12.l: Likewise.
include/ChangeLog:
* opcode/riscv-opc.h: Add new CSRs noting that this extension is
incompatible with the privileged specification version 1.9.1.
Move "mscounteren" and "mhcounteren" CSRs, make them aliases and
reuse the CSR numbers from the 'Smcntrpmf' extension.
(CSR_MSCOUNTEREN, CSR_MHCOUNTEREN) Remove as "mscounteren" and
"mhcounteren" are now aliases and new CSR macros are used instead.
(CSR_MCYCLECFG, CSR_MINSTRETCFG, CSR_MCYCLECFGH, CSR_MINSTRETCFGH):
New CSR macros.
According to the ratified privileged specification (version 20211203),
it says:
> The hypervisor extension depends on an "I" base integer ISA with 32 x
> registers (RV32I or RV64I), not RV32E, which has only 16 x registers.
Also in the latest draft, it also prohibits RV64E with the 'H' extension.
This commit prohibits the combination of 'E' and 'H' extensions.
bfd/ChangeLog:
* elfxx-riscv.c (riscv_parse_check_conflicts): Prohibit 'E' and
'H' combinations.
gas/ChangeLog:
* testsuite/gas/riscv/march-fail-rv32eh.d: New failure test to
make sure that RV32E + 'H' is prohibited.
* testsuite/gas/riscv/march-fail-rv32eh.l: Likewise.
Error messages such as "conflicting CPU architectures 10/16" are not
very to understand, so this patch replaces the numbers with the
description they actually mean:
"conflicting CPU architectures ARM v7E-M vs Pre v4"
2023-09-01 Christophe Lyon <christophe.lyon@linaro.org>
bfd/
* elf32-arm.c (tag_cpu_arch_combine): Add name_table parameter and
use it.
(elf32_arm_merge_eabi_attributes): Update call to
tag_cpu_arch_combine.
ld/
* testsuite/ld-arm/attr-merge-9.out: Update expected error
message.
* testsuite/ld-arm/attr-merge-arch-2.d: Likewise.
This reverts commit 8bb23cdbb4.
My earlier patch to simplifify the @node uses in the BFD manual didn't
take into account (1) that BFD doesn't use the ordinary texinfo
sectioning commands, and (2) that some users are stuck on very ancient
versions of makeinfo.
This patch reverts the change.
I went through the entire manual using the spacebar, trying to find
the original problem I reported in the change, but couldn't. I don't
know why. Anyway, all this means is that, with this reversion,
editing the node structure will be slightly less convenient.
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30703
2023-08-30 Tom Tromey <tom@tromey.com>
PR binutils/30703
* doc/webassembly.texi, doc/bfd.texi: Revert 8bb23cdb, adding
parameters back to @node.
Check DT_SYMTAB only on non-IR object of archive member to avoid crash
on LLVM IR object with NULL elf_tdata.
PR ld/30811
* elflink.c (elf_link_is_defined_archive_symbol): Check
DT_SYMTAB only on non-IR object.
Pattern rules in doc/local.mk exist that specify how to make
libbfd.texi from libfd.h or libbfd.c. Since both files exist and the
libbfd.h rule is first, libbfd.h is used. libbfd.h doesn't contain
the documentation..
* doc/local.mk (doc/%stamp): Put rule making this from %.c
before %.h rule.
* Makefile.in: Regenerate.
* libbfd.c (Byte swapping routines): Don't omit description.
There isn't any reason to think that a particular buffer size is
ideal in bfd, so let's just not define it.
* libbfd-in.h (DEFAULT_BUFFERSIZE): Don't define.
* libbfd.h: Regenerate.
* archive.c (AR_WRITE_BUFFERSIZE): Substitute value.
* vms-lib.c (_bfd_vms_lib_write_archive_contents): Likewise.
* coff-rs6000.c (do_copy): Likewise, and use sizeof.
A low level function like coff_swap_aux_in really has no business
concatenating multiple auxents for the old PE multi-aux scheme of
handling long file names. In doing so, it assumes multiple internal
auxent buffers are available, which they are not in most calls to
bfd_coff_swap_aux_in, both inside BFD and outside, eg. GDB. Buffer
overflow fun. Concatenating multiple auxents belongs at a higher
level.
This required some changes to coff_get_normalized_symtab, which now
uses the external auxents to access the concatenated file name.
(Internal auxents are larger than the x_fname array, so the pieces of
the file name are not adjacent as they are in the external auxents.)
* coffswap.h (coff_swap_aux_in): Do not write more than one
internal auxent.
* coffcode.h (coff_bigobj_swap_aux_in): Likewise.
* coffgen.c (coff_get_normalized_symtab): Normalize strings
after swapping in each symbol so that external auxents are
available. Use external auxents for multi-aux long file
names. Formatting. Wrap long lines. Remove excess parens
and unnecessary casts. Don't zalloc when only the string
terminator needs zeroing, and memcpy rather than strncpy.
Delete unnecessary sanity check with unsigned _n_offset.
Return with failure if debug section can't be read, to avoid
trying to read it multiple times. Correct sanity check
against debug section size.
I missed another field that needs freeing. Also, oss-fuzz found a
case with a C_FILE sym using multiple auxents for a long file name
which overflowed the single auxent buffer. I'm going to fix that
problem in swap_aux_in too, but we may as well avoid it here too,
saving unnecessary work.
* coffcode.h (comdat_delf): Free comdat_name.
(fill_comdat_hash): Only look at symbols with one auxent.
Following the arrangement in GCC select a 64-bit ABI by default, either
n32 or n64, rather than o32 for `mipsisa64*-*-linux*' targets, just as
with the corresponding `mips64*-*-linux*' targets.
I was looking at dos_message and wondering why we have H_PUT_32
in _bfd_XXi_only_swap_filehdr_out but no H_GET_32 in pe_bfd_object_p.
On a big-endian machine this would result in scrambling the code and
strings constained in dos_message. Rather than fix the lack of
H_GET_32 in pe_bfd_object_p, I decided it doesn't make sense to store
dos_message internally as an array of ints.
include/
* coff/internal.h (struct internal_extra_pe_filehdr): Make
dos_message a char array.
* coff/msdos.h (struct external_DOS_hdr): Flatten dos_message.
* coff/pe.h (struct external_PEI_filehdr): Likewise.
bfd/
* libcoff-in.h (struct pe_tdata): Make dos_message a char array.
* libcoff.h: Regenerate.
* peXXigen.c (_bfd_XXi_only_swap_filehdr_out): memcpy dos_message
to output.
* peicode.h (pe_mkobject): Don't memset already zeroed pe_opthdr.
Tidy allocation of tdata.pe_obj_data. Set up dos_message from..
(default_dos_message): ..this. New static array.
Entries added to the hash table with bfd_malloc ought to be freed when
the hash table is deleted. This patch adds the necessary del_f to the
htab_create call, and delays creating the table until an
IMAGE_SCN_LNK_COMDAT symbol is read.
* peicode.h (pe_mkobject): Move comdat_hash creation..
(htab_hash_flags, htab_eq_flags): ..and these support functions..
* coffcode.h (handle_COMDAT): ..to here, renaming support to
(comdat_hashf, comdat_eqf): ..this and adding..
(comdat_delf): ..this new function.
A bfd_cleanup function needs to run when only tdata is correct for the
bfd. The xvec may have changed during bfd_check_format and thus the
flavour may be incorrect. The format won't have changed but checking
is superfluous. (In contrast to _bfd_free_cached_info or
_close_and_cleanup where we do need to check things.)
Not getting this correct leaked comdat_hash.
Also, pe_ILF_cleanup ought to call coff_object_cleanup as do all PE
files.
* coffgen.c (coff_object_cleanup): Don't check bfd flavour or
format.
* peicode.h (pe_ILF_cleanup): Call coff_object_cleanup.
Sanity check aux entries used by PE to extend a C_FILE name. See
coffswap.h:coff_swap_aux_in. The existing check only catered for
n_numaux == 1.
* coffcode.h (fill_comdat_hash): Properly sanity check n_numaux.
Formatting.
(handle_COMDAT): Formatting.
While documented to not be reliable, it is still odd for objcopy to
silently produce bad output when converting COFF/PE object files to ELF
ones. The issue there is that relocation addends all are screwed up by
subtracting the symbol's section offset. In the COFF/PE world, to my
knowledge, section contents stores the addends alone, not the result of
symbol value plus addend. Hence the compensation talked about in a
comment ahead of the sole use site of CALC_ADDEND() may need to account
for the VMA (which is always zero for object files anyway), but not for
the symbol value.
The coff-sh.c adjustment is based upon guessing that behavior there is
the same. Note also how coff-aarch64.c short-circuits CALC_ADDEND()
altogether, which may suggest that a much simpler macro might do for the
COFF_WITH_PE case in the three arch-specific files touched here.
For (at least) Arm/WinCE this actually results in more appropriate
objdump output as well, as can be seen in the one testcase which has its
expectations adjusted (the generated binary doesn't change).
Code in som_write_symbol_strings neglected to allow for padding, which
can result in a buffer overflow. It also used xrealloc, which we're
not supposed to use in libbfd because libbfd isn't supposed to call
exit. Also a realloc is perhaps not a good idea when none of the
buffer contents are needed, so replace with free, bfd_malloc. There
were three copies of the string handling code, so rather than fix them
all I've extracted them to a function. This necessitated making one
of the fields in struct som_symbol unsigned.
* som.c (add_string): New function.
(som_write_space_strings, som_write_symbol_strings): Use it.
* som.h (som_symbol_type <stringtab_offset>): Make unsigned.
As commit fa4f2d46f9 did for x86, there a few other targets that
wrongly use the output section rather than the dynamic section for
DT_JMPREL and others.
* elfnn-kvx.c (elfNN_kvx_finish_dynamic_sections): Use input
section for DT_JMPREL.
* elf32-sh.c (sh_elf_finish_dynamic_sections): Use input
section for DT_JMPREL and DT_PLTRELSZ.
* elf32-nds32.c (nds32_elf_finish_dynamic_sections): Likewise,
and for DT_PLTGOT and when adjusting DT_RELA.
If a linker script does not place the PLT relocations and "normal"
relocations in separate ELF sections, `ld` will currently output incorrect
values for DT_JMPREL and DT_PLTRELSZ - they cover the entire ELF section,
rather than just the PLT relocations
Don't ignore the extent of the BFD section - use the size of the srelplt
BFD section and its offset from the output_secttion
bfd/
PR ld/30787
* elfxx-x86.c (_bfd_x86_elf_finish_dynamic_sections): Use input
section for DT_JMPREL and DT_PLTRELSZ.
ld/
PR ld/30787
* testsuite/ld-i386/i386.exp: Run pr30787.
* testsuite/ld-x86-64/x86-64.exp: Likewise.
* testsuite/ld-i386/pr30787.d: New file.
* testsuite/ld-i386/pr30787.s: Likewise.
* testsuite/ld-i386/pr30787.t: Likewise.
* testsuite/ld-x86-64/pr30787.d: Likewise.
* testsuite/ld-x86-64/pr30787.s: Likewise.
* testsuite/ld-x86-64/pr30787.t: Likewise.
bfd/
* Makefile.am: Move elf32-kvx.lo from BFD32_BACKENDS to
BFD64_BACKENDS. Remove elfxx-kvx.lo from BFD32_BACKENDS.
Remove elfxx-kvx.c from BFD32_BACKENDS_CFILES.
* Makefile.in: Regenerate.
* config.bfd: Adjust targ_defvec and targ_selvecs and gate them
behind BFD64.
* configure.ac: Add target_size=64 to kvx_elf64_*vec.
* configure: Regenerate.
* elfnn-kvx.c (elfNN_kvx_stub_name): Cast rel->r_addend to
uint64_t to match format string.
(elfNN_kvx_relocate_section): Similarly for r_offset, and
use PRIx64 in format string.
* targets.c (_bfd_target_vector <kvx_elf32_vec>): Move inside
#ifdef BFD64.
ld/
* Makefile.am: Move eelf32kvx.c from ALL_EMULATION_SOURCES to
ALL_64_EMULATION_SOURCES.
* Makefile.in: Regenerate.
It is generally a good idea to avoid signed arithmetic on values
extracted from object files, to avoid ubsan warnings on overflow.
This patch replaces some uses of bfd_signed_vma in the kvx backend
with bfd_vma, and removes _bfd_kvx_elf_resolve_relocation, a
do-nothing function. In the process of making this patch I noticed
some dead code in the GOT entry handling, setting value to
got_entry_addr but using "off" in the _bfd_final_link_relocate call.
Since kvx_calculate_got_entry_vma also returns the GOT offset, I
presume the code is correct, but I've left the dead code and comment
there.
* elfxx-kvx.h (_bfd_kvx_elf_resolve_relocation): Delete.
* elfxx-kvx.c (kvx_signed_overflow): Rewrite using unsigned
arithmetic.
(_bfd_kvx_elf_resolve_relocation): Delete.
* elfnn-kvx.c (kvx_relocate): Update for
_bfd_kvx_elf_resolve_relocation removal.
(elfNN_kvx_final_link_relocate): Likewise. Don't use a signed
addend.
Some places matching the first char of a string against
bfd_get_symbol_leading_char, which may be zero, didn't check for the
string being "". This patch adds the check to stop accesses past the
end of the string and potential buffer overruns.
The dlltool one was found by oss-fuzz quite a while ago.
bfd/
* cofflink.c (_bfd_coff_link_input_bfd): Ensure a zero
bfd_get_symbol_leading_char doesn't lead to accessing past the
zero string terminator.
* linker.c (bfd_wrapped_link_hash_lookup): Likewise.
(unwrap_hash_lookup): Likewise.
binutils/
* dlltool.c (scan_filtered_symbols): Ensure a zero
bfd_get_symbol_leading_char doesn't lead to accessing past the
zero string terminator.
A misplaced line, resulting in testsuite errors when attempting to use
as -m32.
* config.bfd (kvx-*-linux*): Add targ_selvecs.
(kvx-*-*): Remove targ_selvecs.
The Scalable Matrix Extension v2 (SME2) defines a new register, ZT0, that
the Linux Kernel handles through a new NT_ARM_ZT register set.
Teach binutils/BFD about it so that gdb can make use of it for reading
and writing core files. This also enables readelf/objdump to show the
correct identification for the NT_ARM_ZT register set.
Validated under Fast Models.
Add required code to support core file dumps with NT_ARM_ZA and NT_ARM_SSVE
register sets in them.
These new register sets are dumped when SME is supported.
bfd_close ought to always call iovec->bclose so that cache_bclose is
called. If not, bfd_last_cache will be left pointing at freed memory.
This bug was found by oss-fuzz with the trigger being an old bug in
the ia64-vms support. Given a file of the "wrong" size,
elf64_vms_close_and_cleanup attempted to extend it, leading to an
error since the file was opened read-only by nm. nm bad_file bad_file
then hit the use-after-free when opening the second file.
commit 8219cab3f8 fixed multiple bugs of this type in bfd_close and
bfd_close_all_done, but didn't go quite far enough.
* elf64-ia64-vms.c (elf64_vms_close_and_cleanup): Don't
attempt to extend read-only files.
* opncls.c (bfd_close_all_done): Always call _close_and_cleanup.
An old bug in the ia64-vms support can be used to tickle another bug
in bfd_close_all_done. If _close_and_cleanup returns an error,
