If this code dealing with possible conversion of inline plt sequences
is ever executed, ld will hang. A binary with such sequences and of
code size larger than approximately 90% the reach of an unconditional
branch is the trigger. Oops.
* elf64-ppc.c (ppc64_elf_inline_plt): Do increment rel in for loop.
ihex_set_section_contents sorts records stored on the tdata.ihex_data
list by address, but ihex_write_object_contents went too far in
assuming they were not overlapping. This patch fixes the problem by
not assuming anything about addresses in ihex_write_object_contents.
PR 25648
* ihex.c (ihex_write_object_contents): Don't assume ordering of
addresses here. Remove dead code.
* wasm-module.c (wasm_scan): Sanity check file name length
before allocating memory. Move common section setup code. Do
without bfd_tell to calculate section size.
binutils* objcopy.c (check_new_section_flags): New function. Reject the
SEC_COFF_SHARED flag if the target is not a COFF binary.
(copy_object): Call check_new_section_flags.
(setup_section): Likewise.
* doc/binutils.texi (objcopy): Add a note that the 'share' section
flag cannot be applied to ELF binaries.
bfd * elf.c (_bfd_elf_set_section_contents): Replace call to abort
with error messages and failure return values.
bfd/
2020-03-05 Max Filippov <jcmvbkbc@gmail.com>
* elf32-xtensa.c (shrink_dynamic_reloc_sections): Shrink dynamic
relocation sections for any removed reference to a dynamic symbol.
* elf-bfd.h (struct elf_backend_data): Add new fields:
init_secondary_reloc_section, slurp_secondary_reloc_section,
write_secondary_reloc_section.
(_bfd_elf_init_secondary_reloc_section): Prototype.
(_bfd_elf_slurp_secondary_reloc_section): Prototype.
(_bfd_elf_write_secondary_reloc_section): Prototype.
* elf.c ( bfd_section_from_shdr): Invoke the new
init_secondary_reloc_section backend function, if defined, when a
second reloc section is encountered.
(swap_out_syms): Invoke the new symbol_section_index function, if
defined, when computing the section index of an OS/PROC specific
symbol.
(_bfd_elf_init_secondary_reloc_section): New function.
(_bfd_elf_slurp_secondary_reloc_section): New function.
(_bfd_elf_write_secondary_reloc_section): New function.
(_bfd_elf_copy_special_section_fields): New function.
* elfcode.h (elf_write_relocs): Invoke the new
write_secondary_relocs function, if defined, in order to emit
secondary relocs.
(elf_slurp_reloc_table): Invoke the new slurp_secondary_relocs
function, if defined, in order to read in secondary relocs.
* elfxx-target.h (elf_backend_copy_special_section_fields):
Provide a non-NULL default definition.
(elf_backend_init_secondary_reloc_section): Likewise.
(elf_backend_slurp_secondary_reloc_section): Likewise.
(elf_backend_write_secondary_reloc_section): Likewise.
(struct elf_backend_data elfNN_bed): Add initialisers for the new
fields.
* configure.ac (score_elf32_[bl]e_vec): Add elf64.lo
* configure: Regenerate.
This patch adds a sanity check for the size of an armap.
* archive64.c (_bfd_archive_64_bit_slurp_armap): Check parsed_size
against file size before allocating memory. Use bfd_alloc rather
than bfd_zalloc for carsym/strings memory.
The ELF gABI says in part of sh_addralign: "The value of sh_addr must
be congruent to 0, modulo the value of sh_addralign."
* elf.c (elf_fake_sections): Ensure sh_addralign is such that
sh_addr mod sh_addalign is zero.
It didn't take long for oss-fuzz to find double frees due to a bug in
the cleanup logic. It's seen when reading in any alpha-vms object
file except when alpha_vms_vec is the default. But alpha_vms_vec is
of course the default when building for --target=alpha-dec-vms (and
naturally what I used to test the cleanup support since that is the
only target with a cleanup that does anything currently).
Anyway, the bug is that if bfd_check_format_matches is to preserve a
match the cleanup for that match can't be run. Quite obviously that
would destroy part of the match state.
* format.c (struct bfd_preserve): Add cleanup field.
(bfd_preserve_save): Add cleanup param and save.
(bfd_preserve_restore): Return cleanup.
(bfd_preserve_finish): Call the cleanup for the discarded match.
(bfd_check_format_matches): Pass cleanup to bfd_preserve_save,
and clear when preserving a match. Restore cleanup too when
restoring that match.
The object_p (and archive_p, core_file_p) functions are not supposed
to have any target specific malloc'd memory attached to the bfd on
their return. This should be obvious on a failure return, but it's
also true for a successful return. The reason is that even though the
object_p recognises the file, that particular target may not be used
and thus the bfd won't be closed calling close_and_cleanup for the
target that allocated the memory.
It turns out that the object_p bfd_target* return value isn't needed.
In all cases except ld/plugin.c the target is abfd->xvec and with
ld/plugin.c the target isn't used. So this patch returns a cleanup
function from object_p instead, called in bfd_check_format_matches to
tidy the bfd before trying a different target match. The only cleanup
that does anything at this stage is the alpha-vms one.
bfd/
* targets.c (bfd_cleanup): New typedef.
(struct bfd <_bfd_check_format>): Return a bfd_cleanup.
* libbfd-in.h (_bfd_no_cleanup): Define.
* format.c (bfd_reinit): Add cleanup parameter, call it.
(bfd_check_format_matches): Set cleanup from _bfd_check_format
call and pass to bfd_reinit. Delete temp, use abfd->xvec instead.
* aout-target.h (callback, object_p): Return bfd_cleanup.
* aout-tic30.c (tic30_aout_callback, tic30_aout_object_p): Likewise.
* archive.c (bfd_generic_archive_p): Likewise.
* binary.c (binary_object_p): Likewise.
* coff-alpha.c (alpha_ecoff_object_p): Likewise.
* coff-ia64.c (ia64coff_object_p): Likewise.
* coff-rs6000.c (_bfd_xcoff_archive_p, rs6000coff_core_p): Likewise.
* coff-sh.c (coff_small_object_p): Likewise.
* coff-stgo32.c (go32_check_format): Likewise.
* coff64-rs6000.c (xcoff64_archive_p, rs6000coff_core_p),
(xcoff64_core_p): Likewise.
* coffgen.c (coff_real_object_p, coff_object_p): Likewise.
* elf-bfd.h (bfd_elf32_object_p, bfd_elf32_core_file_p),
(bfd_elf64_object_p, bfd_elf64_core_file_p): Likewise.
* elfcode.h (elf_object_p): Likewise.
* elfcore.h (elf_core_file_p): Likewise.
* i386msdos.c (msdos_object_p): Likewise.
* ihex.c (ihex_object_p): Likewise.
* libaout.h (some_aout_object_p): Likewise.
* libbfd-in.h (bfd_generic_archive_p, _bfd_dummy_target),
(_bfd_vms_lib_alpha_archive_p, _bfd_vms_lib_ia64_archive_p): Likewise.
* libbfd.c (_bfd_dummy_target): Likewise.
* libcoff-in.h (coff_object_p): Likewise.
* mach-o-aarch64.c (bfd_mach_o_arm64_object_p),
(bfd_mach_o_arm64_core_p): Likewise.
* mach-o-arm.c (bfd_mach_o_arm_object_p),
(bfd_mach_o_arm_core_p): Likewise.
* mach-o-i386.c (bfd_mach_o_i386_object_p),
(bfd_mach_o_i386_core_p): Likewise.
* mach-o-x86-64.c (bfd_mach_o_x86_64_object_p),
(bfd_mach_o_x86_64_core_p): Likewise.
* mach-o.c (bfd_mach_o_header_p, bfd_mach_o_gen_object_p),
(bfd_mach_o_gen_core_p, bfd_mach_o_fat_archive_p): Likewise.
* mach-o.h (bfd_mach_o_object_p, bfd_mach_o_core_p),
(bfd_mach_o_fat_archive_p, bfd_mach_o_header_p): Likewise.
* mmo.c (mmo_object_p): Likewise.
* pef.c (bfd_pef_object_p, bfd_pef_xlib_object_p): Likewise.
* peicode.h (coff_real_object_p, pe_ILF_object_p),
(pe_bfd_object_p): Likewise.
* plugin.c (ld_plugin_object_p, bfd_plugin_object_p): Likewise.
* ppcboot.c (ppcboot_object_p): Likewise.
* rs6000-core.c (rs6000coff_core_p): Likewise.
* som.c (som_object_setup, som_object_p): Likewise.
* srec.c (srec_object_p, symbolsrec_object_p): Likewise.
* tekhex.c (tekhex_object_p): Likewise.
* vms-alpha.c (alpha_vms_object_p): Likewise.
* vms-lib.c (_bfd_vms_lib_archive_p, _bfd_vms_lib_alpha_archive_p),
(_bfd_vms_lib_ia64_archive_p, _bfd_vms_lib_txt_archive_p): Likewise.
* wasm-module.c (wasm_object_p): Likewise.
* xsym.c (bfd_sym_object_p): Likewise.
* xsym.h (bfd_sym_object_p): Likewise.
* aoutx.h (some_aout_object_p): Likewise, and callback parameter
return type.
* pdp11.c (some_aout_object_p): Likewise.
* plugin.c (register_ld_plugin_object_p): Update object_p
parameter type.
* plugin.h (register_ld_plugin_object_p): Likewise.
* bfd-in2.h: Regenerate.
* libbfd.h: Regenerate.
* libcoff.h: Regenerate.
ld/
* plugin.c (plugin_object_p): Return a bfd_cleanup.
(plugin_cleanup): New function.
This patch arranges for symbols defined in .sdata and .sbss to be
reported by nm with 'g' and 's' flags, for coff targets that support
.sdata and .sbss.
The assembler changes regarding SEC_SMALL_DATA are really just
documentation. As far as I'm aware, this won't change any assembler
output.
bfd/
* coff-alpha.c (alpha_ecoff_le_vec): Add SEC_SMALL_DATA to
applicable section flags.
* coff-mips.c (mips_ecoff_le_vec, mips_ecoff_be_vec): Likewise.
(mips_ecoff_bele_vec): Likewise.
* coffcode.h (sec_to_styp_flags): Set SEC_SMALL_DATA for .sdata
and .sbss sections.
* ecoff.c (_bfd_ecoff_new_section_hook): Likewise.
(_bfd_ecoff_styp_to_sec_flags): Likewise.
gas/
* config/tc-m32r.c (md_begin): Set SEC_SMALL_DATA on .scommon section.
* config/tc-mips.c (s_change_sec): Set SEC_SMALL_DATA for .sdata
and .sbss sections.
* config/tc-score.c: Delete !BFD_ASSEMBLER code throughout.
(s3_s_change_sec): Set SEC_SMALL_DATA for .sbss section.
(s3_s_score_lcomm): Likewise.
* config/tc-score7.c: Similarly.
* read.c (bss_alloc): Set SEC_SMALL_DATA for .sbss section.
For those ELF targets that have .sdata or .sbss sections, or similar
sections, arrange to mark the sections with the SEC_SMALL_DATA flag.
This fixes regressions in nm symbol type caused by removing .sdata
and .sbss from coff_section_type with commit 49d9fd42ac.
* elf32-m32r.c (m32r_elf_section_flags): New function.
(elf_backend_section_flags): Define.
* elf32-nds32.c (nds32_elf_section_flags): New function.
(elf_backend_section_flags): Define.
* elf32-ppc.c (ppc_elf_section_from_shdr): Set SEC_SMALL_DATA for
.sbss and .sdata sections.
* elf32-v850.c (v850_elf_section_from_shdr): Set SEC_SMALL_DATA
for SHF_V850_GPREL sections.
* elf64-alpha.c (elf64_alpha_section_from_shdr): Delete outdated
FIXME.
* elf64-hppa.c (elf64_hppa_section_from_shdr): Set SEC_SMALL_DATA
for SHF_PARISC_SHORT sections.
* elf64-ppc.c (ppc64_elf_section_flags): New function.
(elf_backend_section_flags): Define.
* elfxx-mips.c (_bfd_mips_elf_section_from_shdr): Set SEC_SMALL_DATA
for SHF_MIPS_GPREL sections. Delete FIXME.
I was looking at elf_backend_section_flags as a means of setting
SEC_SMALL_DATA for .sdata, .sbss and the like, and condidered adding
an asection* parameter to access the section name easily before
realising that hdr->bfd_section of course makes the section
available. So no new parameter needed. In fact the flagword*
parameter isn't needed either, so out it goes.
The patch also tidies some horrible code in _bfd_elf_new_section_hook
that can change whether known ABI sections have sh_type and sh_flags
set up depending on which of the bfd_make_section functions is used.
(Some of those set section flags before _bfd_elf_new_section_hook is
called, others leave the flags zero.) The function also had some
hacks for .init_array and .fini_array to affect how
_bfd_elf_init_private_section_data behaved for those sections. It's
cleaner to do that in _bfd_elf_init_private_section_data. So that all
goes and we now init sh_type and sh_flags for all known ABI sections
in _bfd_elf_new_section_hook. _bfd_elf_init_private_section_data is
changed to suit, and now doesn't just single out SHT_INIT_ARRAY and
SHT_FINI_ARRAY but rather any of the special section types.
The _bfd_elf_new_section_hook change resulting in
+FAIL: ld-aarch64/erratum835769-843419
exposing some errors in the aarch64 backend. elfNN_aarch64_size_stubs
should not be looking at linker created sections in the stub bfd. Nor
should code like "symtab_hdr = &elf_tdata (input_bfd)->symtab_hdr" be
run without first checking that input_bfd is ELF.
* elf-bfd.h (elf_backend_section_flags): Remove flagword* param.
* elf.c (_bfd_elf_make_section_from_shdr): Set section flags before
calling elf_backend_section_flags with adjusted params. Use
newsect->flags past that point.
(_bfd_elf_new_section_hook): Always set sh_type and sh_flags for
special sections.
(_bfd_elf_init_private_section_data): Allow normal sh_type sections
to have their type overridden, and all sh_flags but processor and
os specific.
* elf32-arm.c (elf32_arm_section_flags): Adjust for changed params.
* elf32-mep.c (mep_elf_section_flags): Likewise.
* elf32-nios2.c (nios2_elf32_section_flags): Likewise.
* elf64-alpha.c (elf64_alpha_section_flags): Likewise.
* elf64-ia64-vms.c (elf64_ia64_section_flags): Likewise.
* elfnn-ia64.c (elfNN_ia64_section_flags): Likewise.
* elfnn-aarch64.c (elfNN_aarch64_size_stubs): Exclude the linker
stub BFD and non-aarch64 input files when scanning for stubs.
When realloc fails it doesn't free the old memory. In BFD we usually
will exit with an error on a realloc fail, so want to tidy up memory
on error paths. That's done by bfd_realloc_or_free.
* vms-alpha.c (vms_get_remaining_object_record): Use
bfd_realloc_or_free rather than bfd_realloc.
(add_symbol_entry, vector_grow1, alpha_vms_slurp_relocs): Likewise.
(dst_define_location, parse_module): Likewise, and check realloc
return status before using memory. Return status from function
adjusting all callers.
This patch simplifies reading of image headers. It's really not worth
trying to avoid re-reading a 12 byte buffer and then read in
VMS_BLOCK_SIZE chunks, better just to throw the buffer away and use
_bfd_malloc_and_read which does checks against file size.
* vms-alpha.c (alpha_vms_object_p): Use _bfd_malloc_and_read.
Remove duplicate undersize check.
PR 24511
* syms.c (stt): Trim off all but 'e', 'i' and 'p' entries.
(coff_section_type): Adjust comment.
(decode_section_type): Likewise. Call coff_section_type before
decode_section_type.
(bfd_decode_symclass): Use 'c' for common sections other than
the standard one.
If you manage to put an xcoff object file into a non-xcoff archive
(created by first putting a non-xcoff object file into it), and have
xcoff support compiled into libbfd, then objdump -x on the archive
can segfault. The problem is that _bfd_xcoff_stat_arch_elt expects
abfd->arelt_data->arch_header to be one of the xcoff variants, but
arelt_data is generated depending on the archive format, *not* the
element format.
* bfd.c (bfd_stat_arch_elt): Use vector of containing archive,
if file is an archive element.
* bfd-in2.h: Regenerate.
Adds some sanity checking to size values read from file.
* archive.c (do_slurp_bsd_armap): Increase minimum parsed_size, and
bfd_set_error on failing test. Don't bother changing bfd_error on
file read error. Check symdef_count is multiple of BSD_SYMDEF_SIZE.
Check sym name is within string buffer. Use size_t for some vars.
(do_slurp_coff_armap): Use size_t for some variables, fix size of
int_buf. Don't change bfd_error on file read error. Use
_bfd_mul_overflow when calculating carsym buffer size. Reorder
calculations to catch overflows before they occur. malloc and
free raw armap rather than using bfd_alloc. Read raw armap before
allocating carsym+strings buffer.
(_bfd_slurp_extended_name_table): Localize variables. Check
name size against file size.
git commit c893ce360a changed buffer management, in the process
introducing a bug on an error return path.
* vms-lib.c (vms_lib_read_index): Release correct buffer.
* elf32-rx.c (rx_elf_relocate_section): Use bfd_malloc rather than
malloc. Check for NULL return from bfd_malloc.
(rx_table_find, rx_table_map): Likewise.
(rx_set_section_contents): Check bfd_alloc return.
(rx_dump_symtab): Don't alloc internal_syms or external_syms.
This patch delays setting up DT_NEEDED dynamic tags until all object
files and libraries have been opened and their symbols processed,
rather than adding the tags while processing symbols. Tags are
ordered according to the position of the associated library on the
command line and linker scripts. It is still possible with
--as-needed libs that are mentioned more than once for tags to be
ordered according to which mention was needed. For example with
"--as-needed a.so b.so c.so b.so" when b.so is not needed by a.so or
any other prior object file but is needed by c.so, the order of tags
will be "A C B".
bfd/
PR 25593
* elf-bfd.h (struct elf_link_hash_table): Rename "loaded" to
"dyn_loaded".
(bfd_elf_add_dt_needed_tag): Declare.
* elf-strtab.c (_bfd_elf_strtab_restore): Handle NULL buf.
* elflink.c (bfd_elf_add_dt_needed_tag): Make global and rename
from elf_add_dt_needed_tag. Remove soname and doit param.
(elf_link_add_object_symbols): Don't use elf_add_dt_needed_tag
to see whether as-needed lib is already loaded, use dyn_loaded
list instead. When saving and restoring around as-needed lib
handle possibility that dynstr has not been initialised. Don't
add DT_NEEDED tags here. Limit dyn_loaded list to dynamic libs.
Mark libs loaded via DT_NEEDED entries of other libs with
DYN_NO_NEEDED if they should not be mentioned in DT_NEEDED of
the output.
(elf_link_check_versioned_symbol): Remove now unneccesary
DYNAMIC check when traversing dyn_loaded list.
ld/
PR 25593
* ldelf.c (ldelf_try_needed): Add DT_NEEDED lib to input_bfds.
(ldelf_after_open): Save state of input_bfds list before loading
DT_NEEDED libs. Traverse input_bfds list adding DT_NEEDED tags.
Restore input_bfds list.
* testsuite/ld-cris/gotplt1.d: Adjust for changed .dynstr order.
Archive element size is given by data in the archive, and thus is
subject to attack by fuzzers. The only harm this allows is allocation
of huge amounts of memory, but some systems don't handle that well.
So limit archive element size to archive file size.
* bfdio.c (bfd_get_file_size): Ignore bogus archive element sizes.
Since ar and ranlib don't need to know symbol types to work properly,
we should avoid calling lto-wrapper for them to speed them up.
bfd/
PR binutils/25584
* plugin.c (need_lto_wrapper_p): New.
(bfd_plugin_set_program_name): Add an int argument to set
need_lto_wrapper_p.
(get_lto_wrapper): Return FALSE if need_lto_wrapper_p isn't
set.
* plugin.h (bfd_plugin_set_program_name): Add an int argument.
binutils/
PR binutils/25584
* ar.c (main): Pass 0 to bfd_plugin_set_program_name.
* nm.c (main): Pass 1 to bfd_plugin_set_program_name.
Alan Modra
GDB Administrator
Nick Clifton
Max Filippov
H.J. Lu