packages/binutils
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!19 binutils update to 2.34

Browse Source 
Merge pull request !19 from yixiangzhike/master
This commit is contained in:
openeuler-ci-bot 2020-07-24 14:40:51 +08:00 committed by Gitee
commit 2a823ab534
24 changed files with 436 additions and 2095 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
BFD-Exclude-sections-with-no-content-from-compress-c.patch Normal file
View File

@ -0,0 +1,82 @@
From 9f57ab49b32bc14c0ff3834876a185af0a4c6e6b Mon Sep 17 00:00:00 2001
From: Tamar Christina <tamar.christina@arm.com>
Date: Tue, 21 Apr 2020 15:16:21 +0100
Subject: [PATCH] BFD: Exclude sections with no content from compress check.
The check in bfd_get_full_section_contents is trying to check that we don't
allocate more space for a section than the size of the section is on disk.
Previously we excluded linker created sections since they didn't have a size on
disk. However we also need to exclude sections with no content as well such as
the BSS section. Space for these would not have been allocated by the assembler
and so the check would incorrectly fail.
bfd/ChangeLog:
PR binutils/24753
* compress.c (bfd_get_full_section_contents): Exclude sections with no
content.
gas/ChangeLog:
PR binutils/24753
* testsuite/gas/arm/pr24753.d: New test.
* testsuite/gas/arm/pr24753.s: New test.
(cherry picked from commit c36876fe5b5bac1c404ab2ca82bfbfb2ed9a2717)
---
bfd/compress.c | 3 +++
gas/testsuite/gas/arm/pr24753.d | 7 +++++++
gas/testsuite/gas/arm/pr24753.s | 12 ++++++++++++
3 files changed, 24 insertions(+)
create mode 100644 gas/testsuite/gas/arm/pr24753.d
create mode 100644 gas/testsuite/gas/arm/pr24753.s
diff --git a/bfd/compress.c b/bfd/compress.c
index ce6bb2b..728ba39 100644
--- a/bfd/compress.c
+++ b/bfd/compress.c
@@ -255,6 +255,9 @@ bfd_get_full_section_contents (bfd *abfd, sec_ptr sec, bfd_byte **ptr)
/* PR 24753: Linker created sections can be larger than
the file size, eg if they are being used to hold stubs. */
&& (bfd_section_flags (sec) & SEC_LINKER_CREATED) == 0
+ /* PR 24753: Sections which have no content should also be
+ excluded as they contain no size on disk. */
+ && (bfd_section_flags (sec) & SEC_HAS_CONTENTS) != 0
/* The MMO file format supports its own special compression
technique, but it uses COMPRESS_SECTION_NONE when loading
a section's contents. */
diff --git a/gas/testsuite/gas/arm/pr24753.d b/gas/testsuite/gas/arm/pr24753.d
new file mode 100644
index 0000000..01990d1
--- /dev/null
+++ b/gas/testsuite/gas/arm/pr24753.d
@@ -0,0 +1,7 @@
+#skip: *-*-pe *-*-wince *-*-vxworks
+#objdump: -d
+#name: PR24753: Don't error on sections with no content size mismatch with file
+
+.*: +file format .*arm.*
+
+#...
diff --git a/gas/testsuite/gas/arm/pr24753.s b/gas/testsuite/gas/arm/pr24753.s
new file mode 100644
index 0000000..5ba33fd
--- /dev/null
+++ b/gas/testsuite/gas/arm/pr24753.s
@@ -0,0 +1,12 @@
+.text
+.global _start
+_start:
+ nop
+
+.section .text2, "ax", %progbits
+_func:
+ nop
+
+.bss
+.fill 0x8000
+
--
1.8.3.1

91
CVE-2019-17450.patch
View File

@ -1,91 +0,0 @@
From 063c511bd79281f33fd33f0964541a73511b9e2b Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Wed, 9 Oct 2019 00:07:29 +1030
Subject: [PATCH] PR25078, stack overflow in function find_abstract_instance
PR 25078
* dwarf2.c (find_abstract_instance): Delete orig_info_ptr, add
recur_count. Error on recur_count reaching 100 rather than
info_ptr matching orig_info_ptr. Adjust calls.
---
bfd/dwarf2.c | 35 +++++++++++++++++------------------
1 file changed, 17 insertions(+), 18 deletions(-)
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
index ed6dcd4..e954d23 100644
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -2812,13 +2812,13 @@ static bfd_boolean comp_unit_maybe_decode_line_info (struct comp_unit *,
struct dwarf2_debug *);
static bfd_boolean
-find_abstract_instance (struct comp_unit * unit,
- bfd_byte * orig_info_ptr,
- struct attribute * attr_ptr,
- const char ** pname,
- bfd_boolean * is_linkage,
- char ** filename_ptr,
- int * linenumber_ptr)
+find_abstract_instance (struct comp_unit *unit,
+ struct attribute *attr_ptr,
+ unsigned int recur_count,
+ const char **pname,
+ bfd_boolean *is_linkage,
+ char **filename_ptr,
+ int *linenumber_ptr)
{
bfd *abfd = unit->abfd;
bfd_byte *info_ptr;
@@ -2829,6 +2829,14 @@ find_abstract_instance (struct comp_unit * unit,
struct attribute attr;
const char *name = NULL;
+ if (recur_count == 100)
+ {
+ _bfd_error_handler
+ (_("DWARF error: abstract instance recursion detected"));
+ bfd_set_error (bfd_error_bad_value);
+ return FALSE;
+ }
+
/* DW_FORM_ref_addr can reference an entry in a different CU. It
is an offset from the .debug_info section, not the current CU. */
if (attr_ptr->form == DW_FORM_ref_addr)
@@ -2962,15 +2970,6 @@ find_abstract_instance (struct comp_unit * unit,
info_ptr, info_ptr_end);
if (info_ptr == NULL)
break;
- /* It doesn't ever make sense for DW_AT_specification to
- refer to the same DIE. Stop simple recursion. */
- if (info_ptr == orig_info_ptr)
- {
- _bfd_error_handler
- (_("DWARF error: abstract instance recursion detected"));
- bfd_set_error (bfd_error_bad_value);
- return FALSE;
- }
switch (attr.name)
{
case DW_AT_name:
@@ -2984,7 +2983,7 @@ find_abstract_instance (struct comp_unit * unit,
}
break;
case DW_AT_specification:
- if (!find_abstract_instance (unit, info_ptr, &attr,
+ if (!find_abstract_instance (unit, &attr, recur_count + 1,
&name, is_linkage,
filename_ptr, linenumber_ptr))
return FALSE;
@@ -3200,7 +3199,7 @@ scan_unit_for_symbols (struct comp_unit *unit)
case DW_AT_abstract_origin:
case DW_AT_specification:
- if (!find_abstract_instance (unit, info_ptr, &attr,
+ if (!find_abstract_instance (unit, &attr, 0,
&func->name,
&func->is_linkage,
&func->file,
--
1.8.3.1

41
CVE-2019-17451.patch
View File

@ -1,41 +0,0 @@
From 7e030e9e32ad36334dd5ca6781f619f52095ceed Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Wed, 9 Oct 2019 10:47:13 +1030
Subject: [PATCH 2/2] PR25070, SEGV in function _bfd_dwarf2_find_nearest_line
Evil testcase with two debug info sections, with sizes of 2aaaabac4ec1
and ffffd5555453b140 result in a total size of 1. Reading the first
section of course overflows the buffer and tramples on other memory.
PR 25070
* dwarf2.c (_bfd_dwarf2_slurp_debug_info): Catch overflow of
total_size calculation.
---
bfd/dwarf2.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
index af312b30d5..26bfb25eb3 100644
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -4424,7 +4424,16 @@ _bfd_dwarf2_slurp_debug_info (bfd *abfd, bfd *debug_bfd,
for (total_size = 0;
msec;
msec = find_debug_info (debug_bfd, debug_sections, msec))
- total_size += msec->size;
+ {
+ /* Catch PR25070 testcase overflowing size calculation here. */
+ if (total_size + msec->size < total_size
+ || total_size + msec->size < msec->size)
+ {
+ bfd_set_error (bfd_error_no_memory);
+ return FALSE;
+ }
+ total_size += msec->size;
+ }
stash->info_ptr_memory = (bfd_byte *) bfd_malloc (total_size);
if (stash->info_ptr_memory == NULL)
--
2.19.1

26
Fix-array-overrun-when-disassembling-corrupt-TIC30-binaries.patch
View File

@ -1,26 +0,0 @@
From efea62b44631289f995db16faf70979d6592580b Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Tue, 29 Oct 2019 15:35:30 +0000
Subject: [PATCH] Fix array overrun when disassembling corrupt TIC30 binaries.
* tic30-dis.c (print_branch): Correct size of operand array.
---
opcodes/tic30-dis.c | 2 +-
1 files changed, 1 insertions(+), 1 deletion(-)
diff --git a/opcodes/tic30-dis.c b/opcodes/tic30-dis.c
index a28be83..29948f4 100644
--- a/opcodes/tic30-dis.c
+++ b/opcodes/tic30-dis.c
@@ -607,7 +607,7 @@ print_branch (disassemble_info *info,
unsigned long insn_word,
struct instruction *insn)
{
- char operand[2][13] =
+ char operand[2][OPERAND_BUFFER_LEN] =
{
{0},
{0}
--
2.9.3

98
Fix-buffer-overrun-in-TIC30-disassembler.patch
View File

@ -1,98 +0,0 @@
From bbf9a0b5eef3599a1c6a7a3bea40da9f2c37df83 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Mon, 28 Oct 2019 16:15:34 +0000
Subject: [PATCH] Fix buffer overrun in TIC30 disassembler.
* tic30-dis.c (OPERAND_BUFFER_LEN): Define. Use as length of
operand buffer. Set value to 15 not 13.
(get_register_operand): Use OPERAND_BUFFER_LEN.
(get_indirect_operand): Likewise.
(print_two_operand): Likewise.
(print_three_operand): Likewise.
(print_oar_insn): Likewise.
---
opcodes/tic30-dis.c | 24 +++++++++++++++++-------
1 files changed, 17 insertions(+), 7 deletions(-)
diff --git a/opcodes/tic30-dis.c b/opcodes/tic30-dis.c
index 668c519..a28be83 100644
--- a/opcodes/tic30-dis.c
+++ b/opcodes/tic30-dis.c
@@ -188,6 +188,8 @@ get_tic30_instruction (unsigned long insn_word, struct instruction *insn)
return 1;
}
+#define OPERAND_BUFFER_LEN 15
+
static int
get_register_operand (unsigned char fragment, char *buffer)
{
@@ -199,7 +201,8 @@ get_register_operand (unsigned char fragment, char *buffer)
{
if ((fragment & 0x1F) == current_reg->opcode)
{
- strcpy (buffer, current_reg->name);
+ strncpy (buffer, current_reg->name, OPERAND_BUFFER_LEN);
+ buffer[OPERAND_BUFFER_LEN - 1] = 0;
return 1;
}
}
@@ -250,18 +253,25 @@ get_indirect_operand (unsigned short fragment,
int bufcnt;
len = strlen (current_ind->syntax);
+
for (i = 0, bufcnt = 0; i < len; i++, bufcnt++)
{
buffer[bufcnt] = current_ind->syntax[i];
+
if (bufcnt > 0
+ && bufcnt < OPERAND_BUFFER_LEN - 1
&& buffer[bufcnt - 1] == 'a'
&& buffer[bufcnt] == 'r')
buffer[++bufcnt] = arnum + '0';
- if (buffer[bufcnt] == '('
+
+ if (bufcnt < OPERAND_BUFFER_LEN - 1
+ && buffer[bufcnt] == '('
&& current_ind->displacement == DISP_REQUIRED)
{
- sprintf (&buffer[bufcnt + 1], "%u", disp);
- bufcnt += strlen (&buffer[bufcnt + 1]);
+ snprintf (buffer + (bufcnt + 1),
+ OPERAND_BUFFER_LEN - (bufcnt + 1),
+ "%u", disp);
+ bufcnt += strlen (buffer + (bufcnt + 1));
}
}
buffer[bufcnt + 1] = '\0';
@@ -342,7 +352,7 @@ print_two_operand (disassemble_info *info,
struct instruction *insn)
{
char name[12];
- char operand[2][13] =
+ char operand[2][OPERAND_BUFFER_LEN] =
{
{0},
{0}
@@ -429,7 +439,7 @@ print_three_operand (disassemble_info *info,
unsigned long insn_word,
struct instruction *insn)
{
- char operand[3][13] =
+ char operand[3][OPERAND_BUFFER_LEN] =
{
{0},
{0},
@@ -475,7 +485,7 @@ print_par_insn (disassemble_info *info,
{
size_t i, len;
char *name1, *name2;
- char operand[2][3][13] =
+ char operand[2][3][OPERAND_BUFFER_LEN] =
{
{
{0},
--
2.9.3

284
Fix-potential-array-overruns-when-disassembling-corrupt-v850.patch
View File

@ -1,284 +0,0 @@
From 5103274ffc537711574f9611cb64c51fa9a65546 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Mon, 4 Nov 2019 12:02:20 +0000
Subject: [PATCH] Fix potential array overruns when disassembling corrupt v850
binaries.
* v850-dis.c (get_v850_sreg_name): New function. Returns the name
of a v850 system register. Move the v850_sreg_names array into
this function.
(get_v850_reg_name): Likewise for ordinary register names.
(get_v850_vreg_name): Likewise for vector register names.
(get_v850_cc_name): Likewise for condition codes.
* get_v850_float_cc_name): Likewise for floating point condition
codes.
(get_v850_cacheop_name): Likewise for cache-ops.
(get_v850_prefop_name): Likewise for pref-ops.
(disassemble): Use the new accessor functions.
---
opcodes/ChangeLog | 14 +++++
opcodes/v850-dis.c | 175 +++++++++++++++++++++++++++++++++++------------------
1 files changed, 115 insertions(+), 60 deletions(-)
diff --git a/opcodes/v850-dis.c b/opcodes/v850-dis.c
index 84cf2d3..f8b5d1c 100644
--- a/opcodes/v850-dis.c
+++ b/opcodes/v850-dis.c
@@ -25,53 +25,7 @@
#include "opcode/v850.h"
#include "disassemble.h"
#include "opintl.h"
-
-static const char *const v850_reg_names[] =
-{
- "r0", "r1", "r2", "sp", "gp", "r5", "r6", "r7",
- "r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15",
- "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
- "r24", "r25", "r26", "r27", "r28", "r29", "ep", "lp"
-};
-
-static const char *const v850_sreg_names[] =
-{
- "eipc/vip/mpm", "eipsw/mpc", "fepc/tid", "fepsw/ppa", "ecr/vmecr", "psw/vmtid",
- "sr6/fpsr/vmadr/dcc", "sr7/fpepc/dc0",
- "sr8/fpst/vpecr/dcv1", "sr9/fpcc/vptid", "sr10/fpcfg/vpadr/spal", "sr11/spau",
- "sr12/vdecr/ipa0l", "eiic/vdtid/ipa0u", "feic/ipa1l", "dbic/ipa1u",
- "ctpc/ipa2l", "ctpsw/ipa2u", "dbpc/ipa3l", "dbpsw/ipa3u", "ctbp/dpa0l",
- "dir/dpa0u", "bpc/dpa0u", "asid/dpa1l",
- "bpav/dpa1u", "bpam/dpa2l", "bpdv/dpa2u", "bpdm/dpa3l", "eiwr/dpa3u",
- "fewr", "dbwr", "bsel"
-};
-
-static const char *const v850_cc_names[] =
-{
- "v", "c/l", "z", "nh", "s/n", "t", "lt", "le",
- "nv", "nc/nl", "nz", "h", "ns/p", "sa", "ge", "gt"
-};
-
-static const char *const v850_float_cc_names[] =
-{
- "f/t", "un/or", "eq/neq", "ueq/ogl", "olt/uge", "ult/oge", "ole/ugt", "ule/ogt",
- "sf/st", "ngle/gle", "seq/sne", "ngl/gl", "lt/nlt", "nge/ge", "le/nle", "ngt/gt"
-};
-
-
-static const char *const v850_vreg_names[] =
-{
- "vr0", "vr1", "vr2", "vr3", "vr4", "vr5", "vr6", "vr7", "vr8", "vr9",
- "vr10", "vr11", "vr12", "vr13", "vr14", "vr15", "vr16", "vr17", "vr18",
- "vr19", "vr20", "vr21", "vr22", "vr23", "vr24", "vr25", "vr26", "vr27",
- "vr28", "vr29", "vr30", "vr31"
-};
-
-static const char *const v850_cacheop_names[] =
-{
- "chbii", "cibii", "cfali", "cisti", "cildi", "chbid", "chbiwbd",
- "chbwbd", "cibid", "cibiwbd", "cibwbd", "cfald", "cistd", "cildd"
-};
+#include "libiberty.h"
static const int v850_cacheop_codes[] =
{
@@ -79,9 +33,6 @@ static const int v850_cacheop_codes[] =
0x07, 0x24, 0x26, 0x27, 0x44, 0x64, 0x65, -1
};
-static const char *const v850_prefop_names[] =
-{ "prefi", "prefd" };
-
static const int v850_prefop_codes[] =
{ 0x00, 0x04, -1};
@@ -217,6 +168,110 @@ get_operand_value (const struct v850_operand *operand,
return value;
}
+static const char *
+get_v850_sreg_name (unsigned int reg)
+{
+ static const char *const v850_sreg_names[] =
+ {
+ "eipc/vip/mpm", "eipsw/mpc", "fepc/tid", "fepsw/ppa", "ecr/vmecr", "psw/vmtid",
+ "sr6/fpsr/vmadr/dcc", "sr7/fpepc/dc0",
+ "sr8/fpst/vpecr/dcv1", "sr9/fpcc/vptid", "sr10/fpcfg/vpadr/spal", "sr11/spau",
+ "sr12/vdecr/ipa0l", "eiic/vdtid/ipa0u", "feic/ipa1l", "dbic/ipa1u",
+ "ctpc/ipa2l", "ctpsw/ipa2u", "dbpc/ipa3l", "dbpsw/ipa3u", "ctbp/dpa0l",
+ "dir/dpa0u", "bpc/dpa0u", "asid/dpa1l",
+ "bpav/dpa1u", "bpam/dpa2l", "bpdv/dpa2u", "bpdm/dpa3l", "eiwr/dpa3u",
+ "fewr", "dbwr", "bsel"
+ };
+
+ if (reg < ARRAY_SIZE (v850_sreg_names))
+ return v850_sreg_names[reg];
+ return _("<invalid s-reg number>");
+}
+
+static const char *
+get_v850_reg_name (unsigned int reg)
+{
+ static const char *const v850_reg_names[] =
+ {
+ "r0", "r1", "r2", "sp", "gp", "r5", "r6", "r7",
+ "r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15",
+ "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
+ "r24", "r25", "r26", "r27", "r28", "r29", "ep", "lp"
+ };
+
+ if (reg < ARRAY_SIZE (v850_reg_names))
+ return v850_reg_names[reg];
+ return _("<invalid reg number>");
+}
+
+static const char *
+get_v850_vreg_name (unsigned int reg)
+{
+ static const char *const v850_vreg_names[] =
+ {
+ "vr0", "vr1", "vr2", "vr3", "vr4", "vr5", "vr6", "vr7", "vr8", "vr9",
+ "vr10", "vr11", "vr12", "vr13", "vr14", "vr15", "vr16", "vr17", "vr18",
+ "vr19", "vr20", "vr21", "vr22", "vr23", "vr24", "vr25", "vr26", "vr27",
+ "vr28", "vr29", "vr30", "vr31"
+ };
+
+ if (reg < ARRAY_SIZE (v850_vreg_names))
+ return v850_vreg_names[reg];
+ return _("<invalid v-reg number>");
+}
+
+static const char *
+get_v850_cc_name (unsigned int reg)
+{
+ static const char *const v850_cc_names[] =
+ {
+ "v", "c/l", "z", "nh", "s/n", "t", "lt", "le",
+ "nv", "nc/nl", "nz", "h", "ns/p", "sa", "ge", "gt"
+ };
+
+ if (reg < ARRAY_SIZE (v850_cc_names))
+ return v850_cc_names[reg];
+ return _("<invalid CC-reg number>");
+}
+
+static const char *
+get_v850_float_cc_name (unsigned int reg)
+{
+ static const char *const v850_float_cc_names[] =
+ {
+ "f/t", "un/or", "eq/neq", "ueq/ogl", "olt/uge", "ult/oge", "ole/ugt", "ule/ogt",
+ "sf/st", "ngle/gle", "seq/sne", "ngl/gl", "lt/nlt", "nge/ge", "le/nle", "ngt/gt"
+ };
+
+ if (reg < ARRAY_SIZE (v850_float_cc_names))
+ return v850_float_cc_names[reg];
+ return _("<invalid float-CC-reg number>");
+}
+
+static const char *
+get_v850_cacheop_name (unsigned int reg)
+{
+ static const char *const v850_cacheop_names[] =
+ {
+ "chbii", "cibii", "cfali", "cisti", "cildi", "chbid", "chbiwbd",
+ "chbwbd", "cibid", "cibiwbd", "cibwbd", "cfald", "cistd", "cildd"
+ };
+
+ if (reg < ARRAY_SIZE (v850_cacheop_names))
+ return v850_cacheop_names[reg];
+ return _("<invalid cacheop number>");
+}
+
+static const char *
+get_v850_prefop_name (unsigned int reg)
+{
+ static const char *const v850_prefop_names[] =
+ { "prefi", "prefd" };
+
+ if (reg < ARRAY_SIZE (v850_prefop_names))
+ return v850_prefop_names[reg];
+ return _("<invalid prefop number>");
+}
static int
disassemble (bfd_vma memaddr,
@@ -425,16 +480,16 @@ disassemble (bfd_vma memaddr,
switch (flag)
{
case V850_OPERAND_REG:
- info->fprintf_func (info->stream, "%s", v850_reg_names[value]);
+ info->fprintf_func (info->stream, "%s", get_v850_reg_name (value));
break;
case (V850_OPERAND_REG|V850_REG_EVEN):
- info->fprintf_func (info->stream, "%s", v850_reg_names[value * 2]);
+ info->fprintf_func (info->stream, "%s", get_v850_reg_name (value * 2));
break;
case V850_OPERAND_EP:
info->fprintf_func (info->stream, "ep");
break;
case V850_OPERAND_SRG:
- info->fprintf_func (info->stream, "%s", v850_sreg_names[value]);
+ info->fprintf_func (info->stream, "%s", get_v850_sreg_name (value));
break;
case V850E_OPERAND_REG_LIST:
{
@@ -496,7 +551,7 @@ disassemble (bfd_vma memaddr,
else
shown_one = 1;
- info->fprintf_func (info->stream, "%s", v850_reg_names[first]);
+ info->fprintf_func (info->stream, "%s", get_v850_reg_name (first));
for (bit++; bit < 32; bit++)
if ((mask & (1 << bit)) == 0)
@@ -506,7 +561,7 @@ disassemble (bfd_vma memaddr,
if (last > first + 1)
{
- info->fprintf_func (info->stream, " - %s", v850_reg_names[ last - 1 ]);
+ info->fprintf_func (info->stream, " - %s", get_v850_reg_name (last - 1));
}
}
}
@@ -520,11 +575,11 @@ disassemble (bfd_vma memaddr,
break;
case V850_OPERAND_CC:
- info->fprintf_func (info->stream, "%s", v850_cc_names[value]);
+ info->fprintf_func (info->stream, "%s", get_v850_cc_name (value));
break;
case V850_OPERAND_FLOAT_CC:
- info->fprintf_func (info->stream, "%s", v850_float_cc_names[value]);
+ info->fprintf_func (info->stream, "%s", get_v850_float_cc_name (value));
break;
case V850_OPERAND_CACHEOP:
@@ -536,7 +591,7 @@ disassemble (bfd_vma memaddr,
if (value == v850_cacheop_codes[idx])
{
info->fprintf_func (info->stream, "%s",
- v850_cacheop_names[idx]);
+ get_v850_cacheop_name (idx));
goto MATCH_CACHEOP_CODE;
}
}
@@ -554,7 +609,7 @@ disassemble (bfd_vma memaddr,
if (value == v850_prefop_codes[idx])
{
info->fprintf_func (info->stream, "%s",
- v850_prefop_names[idx]);
+ get_v850_prefop_name (idx));
goto MATCH_PREFOP_CODE;
}
}
@@ -564,7 +619,7 @@ disassemble (bfd_vma memaddr,
break;
case V850_OPERAND_VREG:
- info->fprintf_func (info->stream, "%s", v850_vreg_names[value]);
+ info->fprintf_func (info->stream, "%s", get_v850_vreg_name (value));
break;
default:
--
2.9.3

34
Import-a-fix-from-the-mainline-sources-that-prevents.patch Normal file
View File

@ -0,0 +1,34 @@
From 82f439d028c65663a0baf0a17ef5c4a2ea5c84a7 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Tue, 11 Feb 2020 15:55:25 +0000
Subject: [PATCH] Import a fix from the mainline sources that prevents a
potential illegal memory access when parsing PE binaries.
PR 25447
* coffgen.c (_bfd_coff_close_and_cleanup): Do not clear the keep
syms and keep strings flags as these may have been set in order to
prevent a bogus call to free.
---
bfd/coffgen.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/bfd/coffgen.c b/bfd/coffgen.c
index 2bfcf1a..3ddd2d8 100644
--- a/bfd/coffgen.c
+++ b/bfd/coffgen.c
@@ -3175,8 +3175,10 @@ _bfd_coff_close_and_cleanup (bfd *abfd)
&& bfd_family_coff (abfd)
&& coff_data (abfd) != NULL)
{
- obj_coff_keep_syms (abfd) = FALSE;
- obj_coff_keep_strings (abfd) = FALSE;
+ /* PR 25447:
+ Do not clear the keep_syms and keep_strings flags.
+ These may have been set by pe_ILF_build_a_bfd() indicating
+ that the syms and strings pointers are not to be freed. */
if (!_bfd_coff_free_symbols (abfd))
return FALSE;
}
--
1.8.3.1

382
More-signed-overflow-fixes.patch
View File

@ -1,382 +0,0 @@
From 2480b6fa946bb2d2dc993b1c4a83a8e1258a75e8 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Wed, 18 Dec 2019 15:37:44 +1030
Subject: [PATCH] More signed overflow fixes
The arc fix in create_map avoiding signed overflow by casting an
unsigned char to unsigned int before shifting, shows one of the
dangers of blinding doing that. The problem in this case was that the
variable storing the value, newAuxRegister->address, was a long.
Using the unsigned cast meant that the 32-bit value was zero extended
when long is 64 bits. Previously we had a sign extension. Net result
was that comparisons in arcExtMap_auxRegName didn't match. Of course,
I could have cast the 32-bit unsigned value back to signed before
storing in a long, but it's neater to just use an unsigned int for the
address.
opcodes/
* alpha-opc.c (OP): Avoid signed overflow.
* arm-dis.c (print_insn): Likewise.
* mcore-dis.c (print_insn_mcore): Likewise.
* pj-dis.c (get_int): Likewise.
* ppc-opc.c (EBD15, EBD15BI): Likewise.
* score7-dis.c (s7_print_insn): Likewise.
* tic30-dis.c (print_insn_tic30): Likewise.
* v850-opc.c (insert_SELID): Likewise.
* vax-dis.c (print_insn_vax): Likewise.
* arc-ext.c (create_map): Likewise.
(struct ExtAuxRegister): Make "address" field unsigned int.
(arcExtMap_auxRegName): Pass unsigned address.
(dump_ARC_extmap): Adjust.
* arc-ext.h (arcExtMap_auxRegName): Update prototype.
---
opcodes/alpha-opc.c | 2 +-
opcodes/arc-ext.c | 10 ++++----
opcodes/arc-ext.h | 2 +-
opcodes/arm-dis.c | 6 ++---
opcodes/mcore-dis.c | 57 ++++++++++++++++++++------------------------
opcodes/pj-dis.c | 8 +++----
opcodes/ppc-opc.c | 4 ++--
opcodes/score7-dis.c | 6 ++---
opcodes/tic30-dis.c | 6 +++--
opcodes/v850-opc.c | 8 ++-----
opcodes/vax-dis.c | 3 ++-
11 files changed, 53 insertions(+), 59 deletions(-)
diff --git a/opcodes/alpha-opc.c b/opcodes/alpha-opc.c
index 3123a1c..f813e6e 100644
--- a/opcodes/alpha-opc.c
+++ b/opcodes/alpha-opc.c
@@ -332,7 +332,7 @@ const unsigned alpha_num_operands = sizeof(alpha_operands)/sizeof(*alpha_operand
/* Macros used to form opcodes. */
/* The main opcode. */
-#define OP(x) (((x) & 0x3F) << 26)
+#define OP(x) (((x) & 0x3Fu) << 26)
#define OP_MASK 0xFC000000
/* Branch format instructions. */
diff --git a/opcodes/arc-ext.c b/opcodes/arc-ext.c
index d792079..687993d 100644
--- a/opcodes/arc-ext.c
+++ b/opcodes/arc-ext.c
@@ -53,7 +53,7 @@
struct ExtAuxRegister
{
- long address;
+ unsigned address;
char * name;
struct ExtAuxRegister * next;
};
@@ -191,8 +191,8 @@ create_map (unsigned char *block,
char *aux_name = xstrdup ((char *) (p + 6));
newAuxRegister->name = aux_name;
- newAuxRegister->address = (p[2] << 24) | (p[3] << 16)
- | (p[4] << 8) | p[5];
+ newAuxRegister->address = (((unsigned) p[2] << 24) | (p[3] << 16)
+ | (p[4] << 8) | p[5]);
newAuxRegister->next = arc_extension_map.auxRegisters;
arc_extension_map.auxRegisters = newAuxRegister;
break;
@@ -406,7 +406,7 @@ arcExtMap_condCodeName (int code)
/* Get the name of an extension auxiliary register. */
const char *
-arcExtMap_auxRegName (long address)
+arcExtMap_auxRegName (unsigned address)
{
/* Walk the list of auxiliary register names and find the name. */
struct ExtAuxRegister *r;
@@ -463,7 +463,7 @@ dump_ARC_extmap (void)
while (r)
{
- printf ("AUX : %s %ld\n", r->name, r->address);
+ printf ("AUX : %s %u\n", r->name, r->address);
r = r->next;
}
diff --git a/opcodes/arc-ext.h b/opcodes/arc-ext.h
index 50b2ecb..077891c 100644
--- a/opcodes/arc-ext.h
+++ b/opcodes/arc-ext.h
@@ -125,7 +125,7 @@ extern void build_ARC_extmap (bfd *);
/* Accessor functions. */
extern enum ExtReadWrite arcExtMap_coreReadWrite (int);
extern const char * arcExtMap_coreRegName (int);
-extern const char * arcExtMap_auxRegName (long);
+extern const char * arcExtMap_auxRegName (unsigned);
extern const char * arcExtMap_condCodeName (int);
extern const extInstruction_t *arcExtMap_insn (int, unsigned long long);
extern struct arc_opcode *arcExtMap_genOpcode (const extInstruction_t *,
diff --git a/opcodes/arm-dis.c b/opcodes/arm-dis.c
index b6cccc5..fde0c96 100644
--- a/opcodes/arm-dis.c
+++ b/opcodes/arm-dis.c
@@ -6444,7 +6444,7 @@ static int
print_insn (bfd_vma pc, struct disassemble_info *info, bfd_boolean little)
{
unsigned char b[4];
- long given;
+ unsigned long given;
int status;
int is_thumb = FALSE;
int is_data = FALSE;
@@ -6732,9 +6732,9 @@ print_insn (bfd_vma pc, struct disassemble_info *info, bfd_boolean little)
status = info->read_memory_func (pc, (bfd_byte *) b, 4, info);
if (little_code)
- given = (b[0]) | (b[1] << 8) | (b[2] << 16) | (b[3] << 24);
+ given = (b[0]) | (b[1] << 8) | (b[2] << 16) | ((unsigned) b[3] << 24);
else
- given = (b[3]) | (b[2] << 8) | (b[1] << 16) | (b[0] << 24);
+ given = (b[3]) | (b[2] << 8) | (b[1] << 16) | ((unsigned) b[0] << 24);
}
else
{
diff --git a/opcodes/mcore-dis.c b/opcodes/mcore-dis.c
index c56ee83..5f48783 100644
--- a/opcodes/mcore-dis.c
+++ b/opcodes/mcore-dis.c
@@ -196,18 +196,14 @@ print_insn_mcore (bfd_vma memaddr,
case BR:
{
- long val = inst & 0x3FF;
+ uint32_t val = ((inst & 0x3FF) ^ 0x400) - 0x400;
- if (inst & 0x400)
- val |= 0xFFFFFC00;
-
- (*print_func) (stream, "\t0x%lx", (long)(memaddr + 2 + (val << 1)));
+ val = memaddr + 2 + (val << 1);
+ (*print_func) (stream, "\t0x%x", val);
if (strcmp (mcore_table[i].name, "bsr") == 0)
{
/* For bsr, we'll try to get a symbol for the target. */
- val = memaddr + 2 + (val << 1);
-
if (info->print_address_func && val != 0)
{
(*print_func) (stream, "\t// ");
@@ -219,19 +215,18 @@ print_insn_mcore (bfd_vma memaddr,
case BL:
{
- long val;
- val = (inst & 0x000F);
- (*print_func) (stream, "\t%s, 0x%lx",
+ uint32_t val = inst & 0x000F;
+ (*print_func) (stream, "\t%s, 0x%x",
grname[(inst >> 4) & 0xF],
- (long) (memaddr - (val << 1)));
+ (uint32_t) (memaddr - (val << 1)));
}
break;
case LR:
{
- unsigned long val;
+ uint32_t val;
- val = (memaddr + 2 + ((inst & 0xFF) << 2)) & 0xFFFFFFFC;
+ val = (memaddr + 2 + ((inst & 0xFF) << 2)) & ~3;
/* We are not reading an instruction, so allow
reads to extend beyond the next symbol. */
@@ -244,27 +239,27 @@ print_insn_mcore (bfd_vma memaddr,
}
if (info->endian == BFD_ENDIAN_LITTLE)
- val = (ibytes[3] << 24) | (ibytes[2] << 16)
- | (ibytes[1] << 8) | (ibytes[0]);
+ val = (((unsigned) ibytes[3] << 24) | (ibytes[2] << 16)
+ | (ibytes[1] << 8) | (ibytes[0]));
else
- val = (ibytes[0] << 24) | (ibytes[1] << 16)
- | (ibytes[2] << 8) | (ibytes[3]);
+ val = (((unsigned) ibytes[0] << 24) | (ibytes[1] << 16)
+ | (ibytes[2] << 8) | (ibytes[3]));
/* Removed [] around literal value to match ABI syntax 12/95. */
- (*print_func) (stream, "\t%s, 0x%lX", grname[(inst >> 8) & 0xF], val);
+ (*print_func) (stream, "\t%s, 0x%X", grname[(inst >> 8) & 0xF], val);
if (val == 0)
- (*print_func) (stream, "\t// from address pool at 0x%lx",
- (long) (memaddr + 2
- + ((inst & 0xFF) << 2)) & 0xFFFFFFFC);
+ (*print_func) (stream, "\t// from address pool at 0x%x",
+ (uint32_t) (memaddr + 2
+ + ((inst & 0xFF) << 2)) & ~3);
}
break;
case LJ:
{
- unsigned long val;
+ uint32_t val;
- val = (memaddr + 2 + ((inst & 0xFF) << 2)) & 0xFFFFFFFC;
+ val = (memaddr + 2 + ((inst & 0xFF) << 2)) & ~3;
/* We are not reading an instruction, so allow
reads to extend beyond the next symbol. */
@@ -277,14 +272,14 @@ print_insn_mcore (bfd_vma memaddr,
}
if (info->endian == BFD_ENDIAN_LITTLE)
- val = (ibytes[3] << 24) | (ibytes[2] << 16)
- | (ibytes[1] << 8) | (ibytes[0]);
+ val = (((unsigned) ibytes[3] << 24) | (ibytes[2] << 16)
+ | (ibytes[1] << 8) | (ibytes[0]));
else
- val = (ibytes[0] << 24) | (ibytes[1] << 16)
- | (ibytes[2] << 8) | (ibytes[3]);
+ val = (((unsigned) ibytes[0] << 24) | (ibytes[1] << 16)
+ | (ibytes[2] << 8) | (ibytes[3]));
/* Removed [] around literal value to match ABI syntax 12/95. */
- (*print_func) (stream, "\t0x%lX", val);
+ (*print_func) (stream, "\t0x%X", val);
/* For jmpi/jsri, we'll try to get a symbol for the target. */
if (info->print_address_func && val != 0)
{
@@ -293,9 +288,9 @@ print_insn_mcore (bfd_vma memaddr,
}
else
{
- (*print_func) (stream, "\t// from address pool at 0x%lx",
- (long) (memaddr + 2
- + ((inst & 0xFF) << 2)) & 0xFFFFFFFC);
+ (*print_func) (stream, "\t// from address pool at 0x%x",
+ (uint32_t) (memaddr + 2
+ + ((inst & 0xFF) << 2)) & ~3);
}
}
break;
diff --git a/opcodes/pj-dis.c b/opcodes/pj-dis.c
index 9c959f1..66a7e7f 100644
--- a/opcodes/pj-dis.c
+++ b/opcodes/pj-dis.c
@@ -32,10 +32,10 @@ get_int (bfd_vma memaddr, int *iptr, struct disassemble_info *info)
unsigned char ival[4];
int status = info->read_memory_func (memaddr, ival, 4, info);
- *iptr = (ival[0] << 24)
- | (ival[1] << 16)
- | (ival[2] << 8)
- | (ival[3] << 0);
+ *iptr = (((unsigned) ival[0] << 24)
+ | (ival[1] << 16)
+ | (ival[2] << 8)
+ | (ival[3] << 0));
return status;
}
diff --git a/opcodes/ppc-opc.c b/opcodes/ppc-opc.c
index 4a0fca5..ed6cb78 100644
--- a/opcodes/ppc-opc.c
+++ b/opcodes/ppc-opc.c
@@ -2720,7 +2720,7 @@ const unsigned int num_powerpc_operands = (sizeof (powerpc_operands)
/* A BD15 form instruction for extended conditional branch mnemonics. */
#define EBD15(op, aa, bo, lk) \
- (((op) & 0x3f) << 26) \
+ (((op) & 0x3fu) << 26) \
| (((aa) & 0xf) << 22) \
| (((bo) & 0x3) << 20) \
| ((lk) & 1)
@@ -2729,7 +2729,7 @@ const unsigned int num_powerpc_operands = (sizeof (powerpc_operands)
/* A BD15 form instruction for extended conditional branch mnemonics
with BI. */
#define EBD15BI(op, aa, bo, bi, lk) \
- ((((op) & 0x3f) << 26) \
+ ((((op) & 0x3fu) << 26) \
| (((aa) & 0xf) << 22) \
| (((bo) & 0x3) << 20) \
| (((bi) & 0x3) << 16) \
diff --git a/opcodes/score7-dis.c b/opcodes/score7-dis.c
index 9d21ef8..53d18ea 100644
--- a/opcodes/score7-dis.c
+++ b/opcodes/score7-dis.c
@@ -871,7 +871,7 @@ int
s7_print_insn (bfd_vma pc, struct disassemble_info *info, bfd_boolean little)
{
unsigned char b[4];
- long given;
+ unsigned long given;
long ridparity;
int status;
bfd_boolean insn_pce_p = FALSE;
@@ -907,11 +907,11 @@ s7_print_insn (bfd_vma pc, struct disassemble_info *info, bfd_boolean little)
if (little)
{
- given = (b[0]) | (b[1] << 8) | (b[2] << 16) | (b[3] << 24);
+ given = (b[0]) | (b[1] << 8) | (b[2] << 16) | ((unsigned) b[3] << 24);
}
else
{
- given = (b[0] << 24) | (b[1] << 16) | (b[2] << 8) | (b[3]);
+ given = ((unsigned) b[0] << 24) | (b[1] << 16) | (b[2] << 8) | (b[3]);
}
if ((given & 0x80008000) == 0x80008000)
diff --git a/opcodes/tic30-dis.c b/opcodes/tic30-dis.c
index 3f07450..8b93ca6 100644
--- a/opcodes/tic30-dis.c
+++ b/opcodes/tic30-dis.c
@@ -696,8 +696,10 @@ print_insn_tic30 (bfd_vma pc, disassemble_info *info)
bfd_vma bufaddr = pc - info->buffer_vma;
/* Obtain the current instruction word from the buffer. */
- insn_word = (*(info->buffer + bufaddr) << 24) | (*(info->buffer + bufaddr + 1) << 16) |
- (*(info->buffer + bufaddr + 2) << 8) | *(info->buffer + bufaddr + 3);
+ insn_word = (((unsigned) *(info->buffer + bufaddr) << 24)
+ | (*(info->buffer + bufaddr + 1) << 16)
+ | (*(info->buffer + bufaddr + 2) << 8)
+ | *(info->buffer + bufaddr + 3));
_pc = pc / 4;
/* Get the instruction refered to by the current instruction word
and print it out based on its type. */
diff --git a/opcodes/v850-opc.c b/opcodes/v850-opc.c
index 57f2051..17d1871 100644
--- a/opcodes/v850-opc.c
+++ b/opcodes/v850-opc.c
@@ -693,14 +693,10 @@ extract_WIDTH_L (unsigned long insn, int * invalid)
static unsigned long
insert_SELID (unsigned long insn, long selid, const char ** errmsg)
{
- unsigned long ret;
-
- if (selid > 0x1f || selid < 0)
+ if ((unsigned long) selid > 0x1f)
* errmsg = _(selid_out_of_range);
- ret = (insn | ((selid & 0x1f) << 27));
-
- return ret;
+ return insn | ((selid & 0x1fUL) << 27);
}
static unsigned long
diff --git a/opcodes/vax-dis.c b/opcodes/vax-dis.c
index 5e5a625..36868d5 100644
--- a/opcodes/vax-dis.c
+++ b/opcodes/vax-dis.c
@@ -440,7 +440,8 @@ print_insn_vax (bfd_vma memaddr, disassemble_info *info)
int offset;
FETCH_DATA (info, buffer + 4);
- offset = buffer[3] << 24 | buffer[2] << 16 | buffer[1] << 8 | buffer[0];
+ offset = ((unsigned) buffer[3] << 24 | buffer[2] << 16
+ | buffer[1] << 8 | buffer[0]);
(*info->fprintf_func) (info->stream, ".long 0x%08x", offset);
return 4;
--
2.19.1

120
PR24960-Memory-leak-from-disassembler.patch
View File

@ -1,120 +0,0 @@
From 20135676fc4c3912297c313b3e0d3cbd6cc402e3 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Mon, 9 Dec 2019 20:34:49 +1030
Subject: [PATCH 1/1] PR24960, Memory leak from disassembler
PR 24960
include/
* dis-asm.h (disassemble_free_target): Declare.
opcodes/
* disassemble.c (disassemble_free_target): New function.
binutils/
* objdump.c (disassemble_data): Call disassemble_free_target.
---
binutils/objdump.c | 1 +
include/dis-asm.h | 5 ++++-
opcodes/disassemble.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++
6 files changed, 79 insertions(+), 1 deletion(-)
diff --git a/binutils/objdump.c b/binutils/objdump.c
index d48a73a..c10136e 100644
--- a/binutils/objdump.c
+++ b/binutils/objdump.c
@@ -2730,6 +2730,7 @@ disassemble_data (bfd *abfd)
if (aux.dynrelbuf != NULL)
free (aux.dynrelbuf);
free (sorted_syms);
+ disassemble_free_target (&disasm_info);
}
static bfd_boolean
diff --git a/include/dis-asm.h b/include/dis-asm.h
index c174650..82bf4dc 100644
--- a/include/dis-asm.h
+++ b/include/dis-asm.h
@@ -325,7 +325,10 @@ extern disassembler_ftype disassembler (enum bfd_architecture arc,
/* Amend the disassemble_info structure as necessary for the target architecture.
Should only be called after initialising the info->arch field. */
-extern void disassemble_init_for_target (struct disassemble_info * dinfo);
+extern void disassemble_init_for_target (struct disassemble_info *);
+
+/* Tidy any memory allocated by targets, such as info->private_data. */
+extern void disassemble_free_target (struct disassemble_info *);
/* Document any target specific options available from the disassembler. */
extern void disassembler_usage (FILE *);
diff --git a/opcodes/disassemble.c b/opcodes/disassemble.c
index f131ee8..7c91997 100644
--- a/opcodes/disassemble.c
+++ b/opcodes/disassemble.c
@@ -716,6 +716,65 @@ disassemble_init_for_target (struct disassemble_info * info)
}
}
+void
+disassemble_free_target (struct disassemble_info *info)
+{
+ if (info == NULL)
+ return;
+
+ switch (info->arch)
+ {
+ default:
+ return;
+
+#ifdef ARCH_bpf
+ case bfd_arch_bpf:
+#endif
+#ifdef ARCH_m32c
+ case bfd_arch_m32c:
+#endif
+#if defined ARCH_bpf || defined ARCH_m32c
+ if (info->private_data)
+ {
+ CGEN_BITSET *mask = info->private_data;
+ free (mask->bits);
+ }
+ break;
+#endif
+
+#ifdef ARCH_arc
+ case bfd_arch_arc:
+ break;
+#endif
+#ifdef ARCH_cris
+ case bfd_arch_cris:
+ break;
+#endif
+#ifdef ARCH_mmix
+ case bfd_arch_mmix:
+ break;
+#endif
+#ifdef ARCH_nfp
+ case bfd_arch_nfp:
+ break;
+#endif
+#ifdef ARCH_powerpc
+ case bfd_arch_powerpc:
+ break;
+#endif
+#ifdef ARCH_riscv
+ case bfd_arch_riscv:
+ break;
+#endif
+#ifdef ARCH_rs6000
+ case bfd_arch_rs6000:
+ break;
+#endif
+ }
+
+ free (info->private_data);
+}
+
/* Remove whitespace and consecutive commas from OPTIONS. */
char *
--
2.9.3

43
PR25585-PHDR-segment-not-covered-by-LOAD-segment.patch Normal file
View File

@ -0,0 +1,43 @@
From acc4a8b8ac83077819948126bc7501d35eb1ea74 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Sat, 22 Feb 2020 12:46:33 +1030
Subject: [PATCH] PR25585, PHDR segment not covered by LOAD segment
I closed this bug as invalid, but I think it is worth mentioning in NEWS
that older linkers didn't check PT_PHDR very well. The patch also allows
people to force an output file with --noinhibit-exec after the error.
bfd/
PR 25585
* elf.c (assign_file_positions_for_load_sections): Continue linking
on "PHDR segment not covered by LOAD segment" errors.
ld/
PR 25585
* NEWS: Mention better "PHDR segment not covered by LOAD segment"
checking.
(cherry picked from commit 7b3c27152b5695177a2cd5adc0d7b0255f99aca0)
---
bfd/elf.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/bfd/elf.c b/bfd/elf.c
index a8d98a6..f02b724 100644
--- a/bfd/elf.c
+++ b/bfd/elf.c
@@ -5934,7 +5934,11 @@ assign_file_positions_for_load_sections (bfd *abfd,
_bfd_error_handler (_("%pB: error: PHDR segment not covered"
" by LOAD segment"),
abfd);
- return FALSE;
+ if (link_info == NULL)
+ return FALSE;
+ /* Arrange for the linker to exit with an error, deleting
+ the output file unless --noinhibit-exec is given. */
+ link_info->callbacks->info ("%X");
}
/* Check that all sections are in a PT_LOAD segment.
--
1.8.3.1

104
PR25745-powerpc64-ld-overflows-string-buffer-in-stat.patch Normal file
View File

@ -0,0 +1,104 @@
From f7aec2b8e09768f284085259e08bfc1f61a0ae27 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Mon, 30 Mar 2020 09:28:02 +1030
Subject: [PATCH] PR25745, powerpc64-ld overflows string buffer in --stats mode
PR 25745
* elf64-ppc.c (ppc64_elf_build_stubs): Use asprintf to form
statistics message.
(cherry picked from commit 988b7300bc990abafd982bdcd217c58bc1e0679a)
---
bfd/elf64-ppc.c | 76 ++++++++++++++++++++++++++++++---------------------------
1 files changed, 40 insertions(+), 36 deletions(-)
diff --git a/bfd/elf64-ppc.c b/bfd/elf64-ppc.c
index bea722c..47ff648 100644
--- a/bfd/elf64-ppc.c
+++ b/bfd/elf64-ppc.c
@@ -14116,42 +14116,46 @@ ppc64_elf_build_stubs (struct bfd_link_info *info,
if (stats != NULL)
{
- size_t len;
- *stats = bfd_malloc (500);
- if (*stats == NULL)
- return FALSE;
-
- len = sprintf (*stats,
- ngettext ("linker stubs in %u group\n",
- "linker stubs in %u groups\n",
- stub_sec_count),
- stub_sec_count);
- sprintf (*stats + len, _(" branch %lu\n"
- " branch toc adj %lu\n"
- " branch notoc %lu\n"
- " branch both %lu\n"
- " long branch %lu\n"
- " long toc adj %lu\n"
- " long notoc %lu\n"
- " long both %lu\n"
- " plt call %lu\n"
- " plt call save %lu\n"
- " plt call notoc %lu\n"
- " plt call both %lu\n"
- " global entry %lu"),
- htab->stub_count[ppc_stub_long_branch - 1],
- htab->stub_count[ppc_stub_long_branch_r2off - 1],
- htab->stub_count[ppc_stub_long_branch_notoc - 1],
- htab->stub_count[ppc_stub_long_branch_both - 1],
- htab->stub_count[ppc_stub_plt_branch - 1],
- htab->stub_count[ppc_stub_plt_branch_r2off - 1],
- htab->stub_count[ppc_stub_plt_branch_notoc - 1],
- htab->stub_count[ppc_stub_plt_branch_both - 1],
- htab->stub_count[ppc_stub_plt_call - 1],
- htab->stub_count[ppc_stub_plt_call_r2save - 1],
- htab->stub_count[ppc_stub_plt_call_notoc - 1],
- htab->stub_count[ppc_stub_plt_call_both - 1],
- htab->stub_count[ppc_stub_global_entry - 1]);
+ char *groupmsg;
+ if (asprintf (&groupmsg,
+ ngettext ("linker stubs in %u group\n",
+ "linker stubs in %u groups\n",
+ stub_sec_count),
+ stub_sec_count) < 0)
+ *stats = NULL;
+ else
+ {
+ if (asprintf (stats, _("%s"
+ " branch %lu\n"
+ " branch toc adj %lu\n"
+ " branch notoc %lu\n"
+ " branch both %lu\n"
+ " long branch %lu\n"
+ " long toc adj %lu\n"
+ " long notoc %lu\n"
+ " long both %lu\n"
+ " plt call %lu\n"
+ " plt call save %lu\n"
+ " plt call notoc %lu\n"
+ " plt call both %lu\n"
+ " global entry %lu"),
+ groupmsg,
+ htab->stub_count[ppc_stub_long_branch - 1],
+ htab->stub_count[ppc_stub_long_branch_r2off - 1],
+ htab->stub_count[ppc_stub_long_branch_notoc - 1],
+ htab->stub_count[ppc_stub_long_branch_both - 1],
+ htab->stub_count[ppc_stub_plt_branch - 1],
+ htab->stub_count[ppc_stub_plt_branch_r2off - 1],
+ htab->stub_count[ppc_stub_plt_branch_notoc - 1],
+ htab->stub_count[ppc_stub_plt_branch_both - 1],
+ htab->stub_count[ppc_stub_plt_call - 1],
+ htab->stub_count[ppc_stub_plt_call_r2save - 1],
+ htab->stub_count[ppc_stub_plt_call_notoc - 1],
+ htab->stub_count[ppc_stub_plt_call_both - 1],
+ htab->stub_count[ppc_stub_global_entry - 1]) < 0)
+ *stats = NULL;
+ free (groupmsg);
+ }
}
return TRUE;
}
--
1.8.3.1

47
Prevent-a-left-shift-by-a-negative-value-when-disassembling.patch
View File

@ -1,47 +0,0 @@
From 993a00a986d0795a3cbb7a2dd0c640d8e6d66734 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Tue, 29 Oct 2019 10:01:27 +0000
Subject: [PATCH] Prevent a left shift by a negative value when disassembling
IA64 binaries.
* ia64-opc.c (locate_opcode_ent): Prevent a negative shift when
locating the bit to be tested.
---
opcodes/ia64-opc.c | 9 ++++++---
1 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/opcodes/ia64-opc.c b/opcodes/ia64-opc.c
index 5aa1198..ba60f8a 100644
--- a/opcodes/ia64-opc.c
+++ b/opcodes/ia64-opc.c
@@ -372,13 +372,16 @@ locate_opcode_ent (ia64_insn opcode, enum ia64_insn_type type)
bitpos[currstatenum] = currbitnum;
- /* Skip opval[0] bits in the instruction. */
+ /* Skip opval[0] bits in the instruction. */
if (op & 0x40)
{
currbitnum -= opval[0];
}
- /* The value of the current bit being tested. */
+ if (currbitnum < 0)
+ currbitnum = 0;
+
+ /* The value of the current bit being tested. */
currbit = opcode & (((ia64_insn) 1) << currbitnum) ? 1 : 0;
next_op = -1;
@@ -463,7 +466,7 @@ locate_opcode_ent (ia64_insn opcode, enum ia64_insn_type type)
if (next_op > 65535)
{
- abort ();
+ return -1;
}
/* Run through the list of opcodes to check, trying to find
--
2.9.3

31
Re-PR24511-nm-should-not-mark-symbols-in-.init_array.patch Normal file
View File

@ -0,0 +1,31 @@
From 40bfb9762747f8336b17c70a0173d10200fa62eb Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Thu, 27 Feb 2020 17:28:47 +1030
Subject: [PATCH] Re: PR24511, nm should not mark symbols in .init_array as "t"
PR 24511
* syms.c (bfd_decode_symclass): Reverse order of coff_section_type
and decode_section_type calls.
---
bfd/syms.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/bfd/syms.c b/bfd/syms.c
index 128cf19..8a8b74f 100644
--- a/bfd/syms.c
+++ b/bfd/syms.c
@@ -705,9 +705,9 @@ bfd_decode_symclass (asymbol *symbol)
c = 'a';
else if (symbol->section)
{
- c = decode_section_type (symbol->section);
+ c = coff_section_type (symbol->section->name);
if (c == '?')
- c = coff_section_type (symbol->section->name);
+ c = decode_section_type (symbol->section);
}
else
return '?';
--
1.8.3.1

307
Remove-more-shifts-for-sign-zero-extension.patch
View File

@ -1,307 +0,0 @@
From 1d61b032265e69317f42e8019e072506f11890c5 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Wed, 11 Dec 2019 16:45:14 +1030
Subject: [PATCH 026/109] Remove more shifts for sign/zero extension
cpu/
* epiphany.cpu (f-sdisp11): Don't sign extend with shifts.
* lm32.cpu (f-branch, f-vall): Likewise.
* m32.cpu (f-lab-8-16): Likewise.
opcodes/
* arc-dis.c (BITS): Don't truncate high bits with shifts.
* nios2-dis.c (nios2_print_insn_arg): Don't sign extend with shifts.
* tic54x-dis.c (print_instruction): Likewise.
* tilegx-opc.c (parse_insn_tilegx): Likewise.
* tilepro-opc.c (parse_insn_tilepro): Likewise.
* visium-dis.c (disassem_class0): Likewise.
* pdp11-dis.c (sign_extend): Likewise.
(SIGN_BITS): Delete.
* epiphany-ibld.c: Regenerate.
* lm32-ibld.c: Regenerate.
* m32c-ibld.c: Regenerate.
---
cpu/ChangeLog | 6 ++++++
cpu/epiphany.cpu | 9 +++++----
cpu/lm32.cpu | 8 ++++++--
cpu/m32c.cpu | 9 ++++++---
opcodes/ChangeLog | 14 ++++++++++++++
opcodes/arc-dis.c | 3 +--
opcodes/epiphany-ibld.c | 2 +-
opcodes/lm32-ibld.c | 4 ++--
opcodes/m32c-ibld.c | 4 ++--
opcodes/nios2-dis.c | 16 ++++++++--------
opcodes/pdp11-dis.c | 3 +--
opcodes/tic54x-dis.c | 3 +--
opcodes/tilegx-opc.c | 4 ++--
opcodes/tilepro-opc.c | 4 ++--
opcodes/visium-dis.c | 2 +-
15 files changed, 58 insertions(+), 33 deletions(-)
diff --git a/cpu/epiphany.cpu b/cpu/epiphany.cpu
index 9f873b3..02bce07 100644
--- a/cpu/epiphany.cpu
+++ b/cpu/epiphany.cpu
@@ -228,10 +228,11 @@
(set (ifield f-disp3) (and SI (ifield f-sdisp11) 7)))
(sequence () ;decode
(set (ifield f-sdisp11)
- (sra SI (sll SI (or SI (sll (ifield f-disp8) 3)
- (ifield f-disp3))
- 21)
- 21)))
+ (sub SI (xor (and (or (sll (ifield f-disp8) 3)
+ (ifield f-disp3))
+ #x7ff)
+ #x400)
+ #x400)))
)
(dnmf f-imm16 "Short immediate for move/add/sub" () UINT (f-imm8 f-imm-27-8)
diff --git a/cpu/lm32.cpu b/cpu/lm32.cpu
index 83c839f..ecd8160 100644
--- a/cpu/lm32.cpu
+++ b/cpu/lm32.cpu
@@ -128,11 +128,15 @@
(df f-branch "branch offset field" (PCREL-ADDR) 15 16 INT
((value pc) (sra SI (sub SI value pc) 2))
- ((value pc) (add SI pc (sra SI (sll SI value 16) 14)))
+ ((value pc) (add SI pc (sub (xor (sll (and value #xffff) 2)
+ #x20000)
+ #x20000)))
)
(df f-call "call offset field" (PCREL-ADDR) 25 26 INT
((value pc) (sra SI (sub SI value pc) 2))
- ((value pc) (add SI pc (sra SI (sll SI value 6) 4)))
+ ((value pc) (add SI pc (sub (xor (sll (and value #x3ffffff) 2)
+ #x8000000)
+ #x8000000)))
)
diff --git a/cpu/m32c.cpu b/cpu/m32c.cpu
index bcc3616..5a38f1b 100644
--- a/cpu/m32c.cpu
+++ b/cpu/m32c.cpu
@@ -956,9 +956,12 @@
)
(df f-lab-8-16 "16 bit pc relative signed offset" (PCREL-ADDR SIGN-OPT all-isas) 8 16 UINT
((value pc) (or SI (sll (and (sub value (add pc 1)) #xff) 8)
- (srl (and (sub value (add pc 1)) #xffff) 8)))
- ((value pc) (add SI (or (srl (and value #xffff) 8)
- (sra (sll (and value #xff) 24) 16)) (add pc 1)))
+ (srl (and (sub value (add pc 1)) #xff00) 8)))
+ ((value pc) (add SI (sub (xor (or (srl (and value #xff00) 8)
+ (sll (and value #xff) 8))
+ #x8000)
+ #x8000)
+ (add pc 1)))
)
(df f-lab-8-24 "24 bit absolute" (all-isas ABS-ADDR) 8 24 UINT
((value pc) (or SI
diff --git a/opcodes/arc-dis.c b/opcodes/arc-dis.c
index a038fa0..a47e81f 100644
--- a/opcodes/arc-dis.c
+++ b/opcodes/arc-dis.c
@@ -137,8 +137,7 @@ static bfd_boolean print_hex = FALSE;
(info->endian == BFD_ENDIAN_LITTLE ? bfd_getm32 (bfd_getl32 (buf)) \
: bfd_getb32 (buf))
-#define BITS(word,s,e) (((word) << (sizeof (word) * 8 - 1 - e)) >> \
- (s + (sizeof (word) * 8 - 1 - e)))
+#define BITS(word,s,e) (((word) >> (s)) & ((1ull << ((e) - (s)) << 1) - 1))
#define OPCODE_32BIT_INSN(word) (BITS ((word), 27, 31))
/* Functions implementation. */
diff --git a/opcodes/epiphany-ibld.c b/opcodes/epiphany-ibld.c
index 6e6fd7b..aa567d8 100644
--- a/opcodes/epiphany-ibld.c
+++ b/opcodes/epiphany-ibld.c
@@ -1092,7 +1092,7 @@ epiphany_cgen_extract_operand (CGEN_CPU_DESC cd,
length = extract_normal (cd, ex_info, insn_value, 0, 0, 23, 8, 32, total_length, pc, & fields->f_disp8);
if (length <= 0) break;
{
- FLD (f_sdisp11) = ((SI) (((((((FLD (f_disp8)) << (3))) | (FLD (f_disp3)))) << (21))) >> (21));
+ FLD (f_sdisp11) = ((((((((((FLD (f_disp8)) << (3))) | (FLD (f_disp3)))) & (2047))) ^ (1024))) - (1024));
}
}
break;
diff --git a/opcodes/lm32-ibld.c b/opcodes/lm32-ibld.c
index 4bc63fb..a79398d 100644
--- a/opcodes/lm32-ibld.c
+++ b/opcodes/lm32-ibld.c
@@ -680,7 +680,7 @@ lm32_cgen_extract_operand (CGEN_CPU_DESC cd,
{
long value;
length = extract_normal (cd, ex_info, insn_value, 0|(1<<CGEN_IFLD_SIGNED)|(1<<CGEN_IFLD_PCREL_ADDR), 0, 15, 16, 32, total_length, pc, & value);
- value = ((pc) + (((SI) (((value) << (16))) >> (14))));
+ value = ((pc) + (((((((((value) & (65535))) << (2))) ^ (131072))) - (131072))));
fields->f_branch = value;
}
break;
@@ -688,7 +688,7 @@ lm32_cgen_extract_operand (CGEN_CPU_DESC cd,
{
long value;
length = extract_normal (cd, ex_info, insn_value, 0|(1<<CGEN_IFLD_SIGNED)|(1<<CGEN_IFLD_PCREL_ADDR), 0, 25, 26, 32, total_length, pc, & value);
- value = ((pc) + (((SI) (((value) << (6))) >> (4))));
+ value = ((pc) + (((((((((value) & (67108863))) << (2))) ^ (134217728))) - (134217728))));
fields->f_call = value;
}
break;
diff --git a/opcodes/m32c-ibld.c b/opcodes/m32c-ibld.c
index 29c9411..8473e17 100644
--- a/opcodes/m32c-ibld.c
+++ b/opcodes/m32c-ibld.c
@@ -1489,7 +1489,7 @@ m32c_cgen_insert_operand (CGEN_CPU_DESC cd,
case M32C_OPERAND_LAB_8_16 :
{
long value = fields->f_lab_8_16;
- value = ((((((((value) - (((pc) + (1))))) & (255))) << (8))) | (((USI) (((((value) - (((pc) + (1))))) & (65535))) >> (8))));
+ value = ((((((((value) - (((pc) + (1))))) & (255))) << (8))) | (((USI) (((((value) - (((pc) + (1))))) & (65280))) >> (8))));
errmsg = insert_normal (cd, value, 0|(1<<CGEN_IFLD_SIGN_OPT)|(1<<CGEN_IFLD_PCREL_ADDR), 0, 8, 16, 32, total_length, buffer);
}
break;
@@ -2654,7 +2654,7 @@ m32c_cgen_extract_operand (CGEN_CPU_DESC cd,
{
long value;
length = extract_normal (cd, ex_info, insn_value, 0|(1<<CGEN_IFLD_SIGN_OPT)|(1<<CGEN_IFLD_PCREL_ADDR), 0, 8, 16, 32, total_length, pc, & value);
- value = ((((((USI) (((value) & (65535))) >> (8))) | (((SI) (((((value) & (255))) << (24))) >> (16))))) + (((pc) + (1))));
+ value = ((((((((((USI) (((value) & (65280))) >> (8))) | (((((value) & (255))) << (8))))) ^ (32768))) - (32768))) + (((pc) + (1))));
fields->f_lab_8_16 = value;
}
break;
diff --git a/opcodes/nios2-dis.c b/opcodes/nios2-dis.c
index adf0091..731860c 100644
--- a/opcodes/nios2-dis.c
+++ b/opcodes/nios2-dis.c
@@ -554,10 +554,10 @@ nios2_print_insn_arg (const char *argptr,
switch (op->format)
{
case iw_i_type:
- s = (int32_t) (GET_IW_I_IMM16 (opcode) << 16) >> 16;
+ s = ((GET_IW_I_IMM16 (opcode) & 0xffff) ^ 0x8000) - 0x8000;
break;
case iw_F2I16_type:
- s = (int32_t) (GET_IW_F2I16_IMM16 (opcode) << 16) >> 16;
+ s = ((GET_IW_F2I16_IMM16 (opcode) & 0xffff) ^ 0x8000) - 0x8000;
break;
default:
bad_opcode (op);
@@ -570,10 +570,10 @@ nios2_print_insn_arg (const char *argptr,
switch (op->format)
{
case iw_F2X4I12_type:
- s = (int32_t) (GET_IW_F2X4I12_IMM12 (opcode) << 20) >> 20;
+ s = ((GET_IW_F2X4I12_IMM12 (opcode) & 0xfff) ^ 0x800) - 0x800;
break;
case iw_F1X4I12_type:
- s = (int32_t) (GET_IW_F1X4I12_IMM12 (opcode) << 20) >> 20;
+ s = ((GET_IW_F1X4I12_IMM12 (opcode) & 0xfff) ^ 0x800) - 0x800;
break;
default:
bad_opcode (op);
@@ -673,10 +673,10 @@ nios2_print_insn_arg (const char *argptr,
switch (op->format)
{
case iw_i_type:
- o = (int32_t) (GET_IW_I_IMM16 (opcode) << 16) >> 16;
+ o = ((GET_IW_I_IMM16 (opcode) & 0xffff) ^ 0x8000) - 0x8000;
break;
case iw_F2I16_type:
- o = (int32_t) (GET_IW_F2I16_IMM16 (opcode) << 16) >> 16;
+ o = ((GET_IW_F2I16_IMM16 (opcode) & 0xffff) ^ 0x8000) - 0x8000;
break;
default:
bad_opcode (op);
@@ -690,7 +690,7 @@ nios2_print_insn_arg (const char *argptr,
switch (op->format)
{
case iw_I10_type:
- o = (int32_t) (GET_IW_I10_IMM10 (opcode) << 22) >> 21;
+ o = (((GET_IW_I10_IMM10 (opcode) & 0x3ff) ^ 0x400) - 0x400) << 1;
break;
default:
bad_opcode (op);
@@ -704,7 +704,7 @@ nios2_print_insn_arg (const char *argptr,
switch (op->format)
{
case iw_T1I7_type:
- o = (int32_t) (GET_IW_T1I7_IMM7 (opcode) << 25) >> 24;
+ o = (((GET_IW_T1I7_IMM7 (opcode) & 0x7f) ^ 0x40) - 0x40) << 1;
break;
default:
bad_opcode (op);
diff --git a/opcodes/pdp11-dis.c b/opcodes/pdp11-dis.c
index e9708e6..a19fbc0 100644
--- a/opcodes/pdp11-dis.c
+++ b/opcodes/pdp11-dis.c
@@ -31,8 +31,7 @@
#define F info->stream
/* Sign-extend a 16-bit number in an int. */
-#define SIGN_BITS (8 * sizeof (int) - 16)
-#define sign_extend(x) (((x) << SIGN_BITS) >> SIGN_BITS)
+#define sign_extend(x) ((((x) & 0xffff) ^ 0x8000) - 0x8000)
static int
read_word (bfd_vma memaddr, int *word, disassemble_info *info)
diff --git a/opcodes/tic54x-dis.c b/opcodes/tic54x-dis.c
index c4ecdda..d8b80a3 100644
--- a/opcodes/tic54x-dis.c
+++ b/opcodes/tic54x-dis.c
@@ -394,8 +394,7 @@ print_instruction (disassemble_info *info,
break;
}
case OP_k5:
- sprintf (operand[i], "#%d",
- (int) (((signed char) opcode & 0x1F) << 3) >> 3);
+ sprintf (operand[i], "#%d", ((opcode & 0x1F) ^ 0x10) - 0x10);
info->fprintf_func (info->stream, "%s%s", comma, operand[i]);
break;
case OP_k8u:
diff --git a/opcodes/tilegx-opc.c b/opcodes/tilegx-opc.c
index 49819e8..cc9ce86 100644
--- a/opcodes/tilegx-opc.c
+++ b/opcodes/tilegx-opc.c
@@ -8102,8 +8102,8 @@ parse_insn_tilegx (tilegx_bundle_bits bits,
if (op->is_signed)
{
/* Sign-extend the operand. */
- int shift = (int)((sizeof(int) * 8) - op->num_bits);
- raw_opval = (raw_opval << shift) >> shift;
+ unsigned int sign = 1u << (op->num_bits - 1);
+ raw_opval = ((raw_opval & (sign + sign - 1)) ^ sign) - sign;
}
/* Adjust PC-relative scaled branch offsets. */
diff --git a/opcodes/tilepro-opc.c b/opcodes/tilepro-opc.c
index ea15822..c71da3d 100644
--- a/opcodes/tilepro-opc.c
+++ b/opcodes/tilepro-opc.c
@@ -10220,8 +10220,8 @@ parse_insn_tilepro (tilepro_bundle_bits bits,
if (op->is_signed)
{
/* Sign-extend the operand. */
- int shift = (int)((sizeof(int) * 8) - op->num_bits);
- opval = (opval << shift) >> shift;
+ unsigned int sign = 1u << (op->num_bits - 1);
+ opval = ((opval & (sign + sign - 1)) ^ sign) - sign;
}
/* Adjust PC-relative scaled branch offsets. */
diff --git a/opcodes/visium-dis.c b/opcodes/visium-dis.c
index c71f8cf..41943ad 100644
--- a/opcodes/visium-dis.c
+++ b/opcodes/visium-dis.c
@@ -94,7 +94,7 @@ disassem_class0 (disassemble_info *info, unsigned int ins)
/* BRR instruction. */
{
unsigned cbf = (ins >> 27) & 0x000f;
- int displacement = ((int) (ins << 16)) >> 16;
+ int displacement = ((ins & 0xffff) ^ 0x8000) - 0x8000;
if (ins == 0)
(*info->fprintf_func) (info->stream, "nop");
--
1.8.3.1

61
Stop-potential-illegal-memory-access-in-the-NS32K.patch
View File

@ -1,61 +0,0 @@
From d1e304bc27b737e0e7daf0029dd5f1e91a4898ed Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Mon, 28 Oct 2019 15:44:23 +0000
Subject: [PATCH] Stop potential illegal memory access in the NS32K
disassembler.
* ns32k-dis.c (bit_extract): Add sanitiy check of parameters.
(bit_extract_simple): Likewise.
(bit_copy): Likewise.
(pirnt_insn_ns32k): Ensure that uninitialised elements in the
index_offset array are not accessed.
---
opcodes/ns32k-dis.c | 10 +++++++++-
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/opcodes/ns32k-dis.c b/opcodes/ns32k-dis.c
index 1fffbd8..22a9389 100644
--- a/opcodes/ns32k-dis.c
+++ b/opcodes/ns32k-dis.c
@@ -265,6 +265,8 @@ bit_extract (bfd_byte *buffer, int offset, int count)
int result;
int bit;
+ if (offset < 0 || count < 0)
+ return 0;
buffer += offset >> 3;
offset &= 7;
bit = 1;
@@ -292,6 +294,8 @@ bit_extract_simple (bfd_byte *buffer, int offset, int count)
int result;
int bit;
+ if (offset < 0 || count < 0)
+ return 0;
buffer += offset >> 3;
offset &= 7;
bit = 1;
@@ -313,6 +317,8 @@ bit_extract_simple (bfd_byte *buffer, int offset, int count)
static void
bit_copy (bfd_byte *buffer, int offset, int count, char *to)
{
+ if (offset < 0 || count < 0)
+ return;
for (; count > 8; count -= 8, to++, offset += 8)
*to = bit_extract (buffer, offset, 8);
*to = bit_extract (buffer, offset, count);
@@ -836,8 +842,10 @@ print_insn_ns32k (bfd_vma memaddr, disassemble_info *info)
memaddr, arg_bufs[argnum],
index_offset[whicharg]);
d++;
- whicharg++;
+ if (whicharg++ >= 1)
+ break;
}
+
for (argnum = 0; argnum <= maxarg; argnum++)
{
bfd_vma addr;
--
2.9.3

316
Use-disassemble_info-private_data-in-place-of-insn_sets.patch
View File

@ -1,316 +0,0 @@
From 103ebbc35cc1975442e1e6233207d8d7b2016556 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Mon, 9 Dec 2019 22:46:26 +1030
Subject: [PATCH] Use disassemble_info.private_data in place of insn_sets
No cgen target uses private_data. This patch removes a
disassemble_info field that is only used by cgen, and instead uses
private_data. It also removes a macro that is no longer used.
include/
* dis-asm.h (struct disassemble_info): Delete insn_sets.
(INIT_DISASSEMBLE_INFO_NO_ARCH): Don't define.
opcodes/
* cgen-dis.in (print_insn_@arch@): Replace insn_sets with private_data.
* disassemble.c (disassemble_init_for_target): Likewise.
* bpf-dis.c: Regenerate.
* epiphany-dis.c: Regenerate.
* fr30-dis.c: Regenerate.
* frv-dis.c: Regenerate.
* ip2k-dis.c: Regenerate.
* iq2000-dis.c: Regenerate.
* lm32-dis.c: Regenerate.
* m32c-dis.c: Regenerate.
* m32r-dis.c: Regenerate.
* mep-dis.c: Regenerate.
* mt-dis.c: Regenerate.
* or1k-dis.c: Regenerate.
* xc16x-dis.c: Regenerate.
* xstormy16-dis.c: Regenerate.
---
include/dis-asm.h | 8 --------
opcodes/bpf-dis.c | 2 +-
opcodes/cgen-dis.in | 2 +-
opcodes/disassemble.c | 24 ++++++++++++------------
opcodes/epiphany-dis.c | 2 +-
opcodes/fr30-dis.c | 2 +-
opcodes/frv-dis.c | 2 +-
opcodes/ip2k-dis.c | 2 +-
opcodes/iq2000-dis.c | 2 +-
opcodes/lm32-dis.c | 2 +-
opcodes/m32c-dis.c | 2 +-
opcodes/m32r-dis.c | 2 +-
opcodes/mep-dis.c | 2 +-
opcodes/mt-dis.c | 2 +-
opcodes/or1k-dis.c | 2 +-
opcodes/xc16x-dis.c | 2 +-
opcodes/xstormy16-dis.c | 2 +-
17 files changed, 27 insertions(+), 35 deletions(-)
diff --git a/include/dis-asm.h b/include/dis-asm.h
index b4d5025..c174650 100644
--- a/include/dis-asm.h
+++ b/include/dis-asm.h
@@ -78,11 +78,6 @@ typedef struct disassemble_info
enum bfd_endian endian;
/* Endianness of code, for mixed-endian situations such as ARM BE8. */
enum bfd_endian endian_code;
- /* An arch/mach-specific bitmask of selected instruction subsets, mainly
- for processors with run-time-switchable instruction sets. The default,
- zero, means that there is no constraint. CGEN-based opcodes ports
- may use ISA_foo masks. */
- void *insn_sets;
/* Some targets need information about the current section to accurately
display insns. If this is NULL, the target disassembler function
@@ -394,9 +389,6 @@ extern void init_disassemble_info (struct disassemble_info *dinfo, void *stream,
/* For compatibility with existing code. */
#define INIT_DISASSEMBLE_INFO(INFO, STREAM, FPRINTF_FUNC) \
init_disassemble_info (&(INFO), (STREAM), (fprintf_ftype) (FPRINTF_FUNC))
-#define INIT_DISASSEMBLE_INFO_NO_ARCH(INFO, STREAM, FPRINTF_FUNC) \
- init_disassemble_info (&(INFO), (STREAM), (fprintf_ftype) (FPRINTF_FUNC))
-
#ifdef __cplusplus
}
diff --git a/opcodes/bpf-dis.c b/opcodes/bpf-dis.c
index c48bce8..99a292a 100644
--- a/opcodes/bpf-dis.c
+++ b/opcodes/bpf-dis.c
@@ -553,7 +553,7 @@ print_insn_bpf (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/cgen-dis.in b/opcodes/cgen-dis.in
index d1e06bf..cf3e872 100644
--- a/opcodes/cgen-dis.in
+++ b/opcodes/cgen-dis.in
@@ -388,7 +388,7 @@ print_insn_@arch@ (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/disassemble.c b/opcodes/disassemble.c
index aef2fd8..f131ee8 100644
--- a/opcodes/disassemble.c
+++ b/opcodes/disassemble.c
@@ -654,26 +654,26 @@ disassemble_init_for_target (struct disassemble_info * info)
/* This processor in fact is little endian. The value set here
reflects the way opcodes are written in the cgen description. */
info->endian = BFD_ENDIAN_BIG;
- if (! info->insn_sets)
+ if (!info->private_data)
{
- info->insn_sets = cgen_bitset_create (ISA_MAX);
+ info->private_data = cgen_bitset_create (ISA_MAX);
if (info->mach == bfd_mach_m16c)
- cgen_bitset_set (info->insn_sets, ISA_M16C);
+ cgen_bitset_set (info->private_data, ISA_M16C);
else
- cgen_bitset_set (info->insn_sets, ISA_M32C);
+ cgen_bitset_set (info->private_data, ISA_M32C);
}
break;
#endif
#ifdef ARCH_bpf
case bfd_arch_bpf:
- if (!info->insn_sets)
- {
- info->insn_sets = cgen_bitset_create (ISA_EBPFMAX);
- if (info->endian == BFD_ENDIAN_BIG)
- cgen_bitset_set (info->insn_sets, ISA_EBPFBE);
- else
- cgen_bitset_set (info->insn_sets, ISA_EBPFLE);
- }
+ if (!info->private_data)
+ {
+ info->private_data = cgen_bitset_create (ISA_EBPFMAX);
+ if (info->endian == BFD_ENDIAN_BIG)
+ cgen_bitset_set (info->private_data, ISA_EBPFBE);
+ else
+ cgen_bitset_set (info->private_data, ISA_EBPFLE);
+ }
break;
#endif
#ifdef ARCH_pru
diff --git a/opcodes/epiphany-dis.c b/opcodes/epiphany-dis.c
index 376d678..3c79031 100644
--- a/opcodes/epiphany-dis.c
+++ b/opcodes/epiphany-dis.c
@@ -629,7 +629,7 @@ print_insn_epiphany (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/fr30-dis.c b/opcodes/fr30-dis.c
index b83051b..2d1de96 100644
--- a/opcodes/fr30-dis.c
+++ b/opcodes/fr30-dis.c
@@ -650,7 +650,7 @@ print_insn_fr30 (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/frv-dis.c b/opcodes/frv-dis.c
index 9df0dd5..bf9d4f7 100644
--- a/opcodes/frv-dis.c
+++ b/opcodes/frv-dis.c
@@ -747,7 +747,7 @@ print_insn_frv (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/ip2k-dis.c b/opcodes/ip2k-dis.c
index 3d3e8be..bc758a6 100644
--- a/opcodes/ip2k-dis.c
+++ b/opcodes/ip2k-dis.c
@@ -639,7 +639,7 @@ print_insn_ip2k (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/iq2000-dis.c b/opcodes/iq2000-dis.c
index 422665e..2762b64 100644
--- a/opcodes/iq2000-dis.c
+++ b/opcodes/iq2000-dis.c
@@ -540,7 +540,7 @@ print_insn_iq2000 (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/lm32-dis.c b/opcodes/lm32-dis.c
index b18fb3d..274b63f 100644
--- a/opcodes/lm32-dis.c
+++ b/opcodes/lm32-dis.c
@@ -498,7 +498,7 @@ print_insn_lm32 (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/m32c-dis.c b/opcodes/m32c-dis.c
index 92b87f2..b368685 100644
--- a/opcodes/m32c-dis.c
+++ b/opcodes/m32c-dis.c
@@ -1242,7 +1242,7 @@ print_insn_m32c (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/m32r-dis.c b/opcodes/m32r-dis.c
index 8722d6b..c778b88 100644
--- a/opcodes/m32r-dis.c
+++ b/opcodes/m32r-dis.c
@@ -630,7 +630,7 @@ print_insn_m32r (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/mep-dis.c b/opcodes/mep-dis.c
index 13bcb47..79bd776 100644
--- a/opcodes/mep-dis.c
+++ b/opcodes/mep-dis.c
@@ -1538,7 +1538,7 @@ print_insn_mep (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/mt-dis.c b/opcodes/mt-dis.c
index 44e6720..00b3d06 100644
--- a/opcodes/mt-dis.c
+++ b/opcodes/mt-dis.c
@@ -641,7 +641,7 @@ print_insn_mt (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/or1k-dis.c b/opcodes/or1k-dis.c
index 74bf38f..dce00b3 100644
--- a/opcodes/or1k-dis.c
+++ b/opcodes/or1k-dis.c
@@ -534,7 +534,7 @@ print_insn_or1k (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/xc16x-dis.c b/opcodes/xc16x-dis.c
index 2c61e81..3081083 100644
--- a/opcodes/xc16x-dis.c
+++ b/opcodes/xc16x-dis.c
@@ -771,7 +771,7 @@ print_insn_xc16x (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
diff --git a/opcodes/xstormy16-dis.c b/opcodes/xstormy16-dis.c
index 2382d08..7da09f3 100644
--- a/opcodes/xstormy16-dis.c
+++ b/opcodes/xstormy16-dis.c
@@ -519,7 +519,7 @@ print_insn_xstormy16 (bfd_vma pc, disassemble_info *info)
cgen_bitset_add (isa, CGEN_COMPUTE_ISA (info));
}
#else
- isa = info->insn_sets;
+ isa = info->private_data;
#endif
/* If we've switched cpu's, try to find a handle we've used before */
--
1.8.3.1

27
bfd_check_format-memory-leak.patch
View File

@ -1,27 +0,0 @@
From 9d78076ef8ef07890ad89c1122bdf49932a979a5 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Fri, 20 Dec 2019 10:03:30 +1030
Subject: [PATCH] bfd_check_format memory leak
* format.c (bfd_check_format_matches): Free matching_vector when
not returning matching target strings.
---
bfd/format.c | 2 ++
1 files changed, 2 insertions(+)
diff --git a/bfd/format.c b/bfd/format.c
index 1d1363d..17b4855 100644
--- a/bfd/format.c
+++ b/bfd/format.c
@@ -513,6 +513,8 @@ bfd_check_format_matches (bfd *abfd, bfd_format format, char ***matching)
*(const char **) &matching_vector[match_count] = name;
}
}
+ else if (matching_vector)
+ free (matching_vector);
return FALSE;
}
--
1.8.3.1

BIN
binutils-2.33.1.tar.xz → binutils-2.34.tar.xz
View File

Binary file not shown.

51
binutils.spec
View File

@ -1,42 +1,32 @@
Summary: Binary utilities
Name: binutils
Version: 2.33.1
Release: 8
Version: 2.34
Release: 1
License: GPLv3+
URL: https://sourceware.org/binutils
Source: https://ftp.gnu.org/gnu/binutils/binutils-%{version}.tar.xz
Patch01: binutils-2.20.51.0.2-libtool-lib64.patch
Patch02: export-demangle.h-in-devel-package.patch
Patch0: binutils-2.20.51.0.2-libtool-lib64.patch
Patch1: export-demangle.h-in-devel-package.patch
#BUZ:845084
Patch03: binutils-2.22.52.0.4-no-config-h-check.patch
Patch2: binutils-2.22.52.0.4-no-config-h-check.patch
#BUG:1452111
Patch04: binutils-2.29-revert-PLT-elision.patch
Patch05: binutils-2.27-aarch64-ifunc.patch
Patch3: binutils-2.29-revert-PLT-elision.patch
Patch4: binutils-2.27-aarch64-ifunc.patch
#Stop gold from complaining about relocs
Patch06: binutils-gold-ignore-discarded-note-relocs.patch
Patch5: binutils-gold-ignore-discarded-note-relocs.patch
#PATCH-CVE-UPSTREAM
Patch7: CVE-2019-1010204.patch
Patch8: CVE-2019-17450.patch
Patch9: CVE-2019-17451.patch
Patch10: Fix-array-overrun-when-disassembling-corrupt-TIC30-binaries.patch
Patch11: Fix-potential-array-overruns-when-disassembling-corrupt-v850.patch
Patch12: Prevent-a-left-shift-by-a-negative-value-when-disassembling.patch
Patch13: Stop-potential-illegal-memory-access-in-the-NS32K.patch
Patch14: Fix-buffer-overrun-in-TIC30-disassembler.patch
Patch15: ubsan-ia64-left-shift-of-negative-value.patch
Patch16: Remove-more-shifts-for-sign-zero-extension.patch
Patch17: left-shift-of-cannot-be-represented-in-type-int.patch
Patch18: ubsan-cr16-left-shift-cannot-be-represented-in-type-int.patch
Patch19: More-signed-overflow-fixes.patch
Patch20: Use-disassemble_info-private_data-in-place-of-insn_sets.patch
Patch21: PR24960-Memory-leak-from-disassembler.patch
Patch22: bfd_check_format-memory-leak.patch
Patch23: NDS32-disassembly-of-odd-sized-sections.patch
Patch6: CVE-2019-1010204.patch
Patch7: Import-a-fix-from-the-mainline-sources-that-prevents.patch
Patch8: PR25585-PHDR-segment-not-covered-by-LOAD-segment.patch
Patch9: Re-PR24511-nm-should-not-mark-symbols-in-.init_array.patch
Patch10: powerpc64-ld-infinite-loop.patch
Patch11: PR25745-powerpc64-ld-overflows-string-buffer-in-stat.patch
Patch12: BFD-Exclude-sections-with-no-content-from-compress-c.patch
Patch13: gas-PR-25863-Fix-scalar-vmul-inside-it-block-when-as.patch
Patch14: NDS32-disassembly-of-odd-sized-sections.patch
Provides: bundled(libiberty)
@ -301,6 +291,7 @@ fi
%{_bindir}/ld.*
%ghost %{_bindir}/ld
%{_libdir}/lib*.so
%{_libdir}/libctf*
%exclude %{_libdir}/libbfd.so
%exclude %{_libdir}/libopcodes.so
@ -321,6 +312,12 @@ fi
%{_infodir}/bfd*info*
%changelog
* Fri Jul 24 2020 zhangxingliang <zhangxingliang3@huawei.com> - 2.34-1
- Type:update
- ID:NA
- SUG:NA
- DESC:update to 2.34
* Tue Jul 14 2020 linwei <linwei54@huawei.com> - 2.33.1-8
- Type:bugfix
- ID:NA

85
gas-PR-25863-Fix-scalar-vmul-inside-it-block-when-as.patch Normal file
View File

@ -0,0 +1,85 @@
From a72427b1ae01304da0b5170e1e53f68c6d46c1de Mon Sep 17 00:00:00 2001
From: Andre Simoes Dias Vieira <andre.simoesdiasvieira@arm.com>
Date: Mon, 4 May 2020 13:05:42 +0100
Subject: [PATCH] gas: PR 25863: Fix scalar vmul inside it block when
assembling for MVE
This fixes PR 25863 by fixing the condition in the parsing of vmul in
do_mve_vmull. It also simplifies the code in there fixing latent issues that
would lead to NEON code being accepted when it shouldn't.
2020-05-07 Andre Vieira <andre.simoesdiasvieira@arm.com>
Backport from mainline.
2020-05-04 Andre Vieira <andre.simoesdiasvieira@arm.com>
PR gas/25863
* config/tc-arm.c (do_mve_vmull): Fix scalar and NEON parsing of vmul.
* testsuite/gas/arm/mve-scalar-vmult-it.d: New test.
* testsuite/gas/arm/mve-scalar-vmult-it.s: New test.
---
gas/config/tc-arm.c | 12 +++---------
gas/testsuite/gas/arm/mve-scalar-vmul-it.d | 11 +++++++++++
gas/testsuite/gas/arm/mve-scalar-vmul-it.s | 5 +++++
3 files changed, 19 insertions(+), 9 deletions(-)
create mode 100644 gas/testsuite/gas/arm/mve-scalar-vmul-it.d
create mode 100644 gas/testsuite/gas/arm/mve-scalar-vmul-it.s
diff --git a/gas/config/tc-arm.c b/gas/config/tc-arm.c
index 8ad2d6d..7550f90 100644
--- a/gas/config/tc-arm.c
+++ b/gas/config/tc-arm.c
@@ -18221,19 +18221,13 @@ do_mve_vmull (void)
enum neon_shape rs = neon_select_shape (NS_HHH, NS_FFF, NS_DDD, NS_DDS,
NS_QQS, NS_QQQ, NS_QQR, NS_NULL);
- if (!ARM_CPU_HAS_FEATURE (cpu_variant, mve_ext)
- && inst.cond == COND_ALWAYS
+ if (inst.cond == COND_ALWAYS
&& ((unsigned)inst.instruction) == M_MNEM_vmullt)
{
+
if (rs == NS_QQQ)
{
-
- struct neon_type_el et = neon_check_type (3, rs, N_EQK , N_EQK,
- N_SUF_32 | N_F64 | N_P8
- | N_P16 | N_I_MVE | N_KEY);
- if (((et.type == NT_poly) && et.size == 8
- && ARM_CPU_IS_ANY (cpu_variant))
- || (et.type == NT_integer) || (et.type == NT_float))
+ if (!ARM_CPU_HAS_FEATURE (cpu_variant, mve_ext))
goto neon_vmul;
}
else
diff --git a/gas/testsuite/gas/arm/mve-scalar-vmul-it.d b/gas/testsuite/gas/arm/mve-scalar-vmul-it.d
new file mode 100644
index 0000000..f4564a5
--- /dev/null
+++ b/gas/testsuite/gas/arm/mve-scalar-vmul-it.d
@@ -0,0 +1,11 @@
+# name: Armv8.1-M Mainline scalar vmul instructions in it blocks (with MVE)
+# as: -march=armv8.1-m.main+mve.fp+fp.dp
+# objdump: -dr --prefix-addresses --show-raw-insn -marmv8.1-m.main
+
+.*: +file format .*arm.*
+
+Disassembly of section .text:
+[^>]*> bfbc itt lt
+[^>]*> ee20 0a81 vmullt.f32 s0, s1, s2
+[^>]*> ee21 0b02 vmullt.f64 d0, d1, d2
+#...
diff --git a/gas/testsuite/gas/arm/mve-scalar-vmul-it.s b/gas/testsuite/gas/arm/mve-scalar-vmul-it.s
new file mode 100644
index 0000000..e6c24ac
--- /dev/null
+++ b/gas/testsuite/gas/arm/mve-scalar-vmul-it.s
@@ -0,0 +1,5 @@
+.syntax unified
+.text
+itt lt
+vmullt.f32 s0, s1, s2
+vmullt.f64 d0, d1, d2
--
1.8.3.1

169
left-shift-of-cannot-be-represented-in-type-int.patch
View File

@ -1,169 +0,0 @@
From 76bba5ee850ea391ebdbb54dda5a06a567526dbf Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Tue, 10 Dec 2019 18:58:38 +1030
Subject: [PATCH] ubsan: left shift of cannot be represented in type 'int'
* dis-asm.h (INSN_HAS_RELOC, DISASSEMBLE_DATA),
(USER_SPECIFIED_MACHINE_TYPE, WIDE_OUTPUT): Make unsigned.
* opcode/tic80.h (TIC80_OPERAND_*): Likewise.
---
include/dis-asm.h | 8 ++++----
include/opcode/tic80.h | 36 ++++++++++++++++++------------------
2 files changed, 22 insertions(+), 22 deletions(-)
diff --git a/include/dis-asm.h b/include/dis-asm.h
index b4d5025..0e85c52 100644
--- a/include/dis-asm.h
+++ b/include/dis-asm.h
@@ -110,14 +110,14 @@ typedef struct disassemble_info
unsigned long flags;
/* Set if the disassembler has determined that there are one or more
relocations associated with the instruction being disassembled. */
-#define INSN_HAS_RELOC (1 << 31)
+#define INSN_HAS_RELOC (1u << 31)
/* Set if the user has requested the disassembly of data as well as code. */
-#define DISASSEMBLE_DATA (1 << 30)
+#define DISASSEMBLE_DATA (1u << 30)
/* Set if the user has specifically set the machine type encoded in the
mach field of this structure. */
-#define USER_SPECIFIED_MACHINE_TYPE (1 << 29)
+#define USER_SPECIFIED_MACHINE_TYPE (1u << 29)
/* Set if the user has requested wide output. */
-#define WIDE_OUTPUT (1 << 28)
+#define WIDE_OUTPUT (1u << 28)
/* Use internally by the target specific disassembly code. */
void *private_data;
diff --git a/include/opcode/tic80.h b/include/opcode/tic80.h
index 6a68859..240e9aa 100644
--- a/include/opcode/tic80.h
+++ b/include/opcode/tic80.h
@@ -138,68 +138,68 @@ extern const struct tic80_operand tic80_operands[];
/* This operand must be an even register number. Floating point numbers
for example are stored in even/odd register pairs. */
-#define TIC80_OPERAND_EVEN (1 << 0)
+#define TIC80_OPERAND_EVEN (1u << 0)
/* This operand must be an odd register number and must be one greater than
the register number of the previous operand. I.E. the second register in
an even/odd register pair. */
-#define TIC80_OPERAND_ODD (1 << 1)
+#define TIC80_OPERAND_ODD (1u << 1)
/* This operand takes signed values. */
-#define TIC80_OPERAND_SIGNED (1 << 2)
+#define TIC80_OPERAND_SIGNED (1u << 2)
/* This operand may be either a predefined constant name or a numeric value.
An example would be a condition code like "eq0.b" which has the numeric
value 0x2. */
-#define TIC80_OPERAND_NUM (1 << 3)
+#define TIC80_OPERAND_NUM (1u << 3)
/* This operand should be wrapped in parentheses rather than separated
from the previous one by a comma. This is used for various
instructions, like the load and store instructions, which want
their operands to look like "displacement(reg)" */
-#define TIC80_OPERAND_PARENS (1 << 4)
+#define TIC80_OPERAND_PARENS (1u << 4)
/* This operand is a PC relative branch offset. The disassembler prints
these symbolically if possible. Note that the offsets are taken as word
offsets. */
-#define TIC80_OPERAND_PCREL (1 << 5)
+#define TIC80_OPERAND_PCREL (1u << 5)
/* This flag is a hint to the disassembler for using hex as the prefered
printing format, even for small positive or negative immediate values.
Normally values in the range -999 to 999 are printed as signed decimal
values and other values are printed in hex. */
-#define TIC80_OPERAND_BITFIELD (1 << 6)
+#define TIC80_OPERAND_BITFIELD (1u << 6)
/* This operand may have a ":m" modifier specified by bit 17 in a short
immediate form instruction. */
-#define TIC80_OPERAND_M_SI (1 << 7)
+#define TIC80_OPERAND_M_SI (1u << 7)
/* This operand may have a ":m" modifier specified by bit 15 in a long
immediate or register form instruction. */
-#define TIC80_OPERAND_M_LI (1 << 8)
+#define TIC80_OPERAND_M_LI (1u << 8)
/* This operand may have a ":s" modifier specified in bit 11 in a long
immediate or register form instruction. */
-#define TIC80_OPERAND_SCALED (1 << 9)
+#define TIC80_OPERAND_SCALED (1u << 9)
/* This operand is a floating point value */
-#define TIC80_OPERAND_FLOAT (1 << 10)
+#define TIC80_OPERAND_FLOAT (1u << 10)
/* This operand is an byte offset from a base relocation. The lower
two bits of the final relocated address are ignored when the value is
written to the program counter. */
-#define TIC80_OPERAND_BASEREL (1 << 11)
+#define TIC80_OPERAND_BASEREL (1u << 11)
/* This operand is an "endmask" field for a shift instruction.
It is treated special in that it can have values of 0-32,
@@ -208,29 +208,29 @@ extern const struct tic80_operand tic80_operands[];
has no way of knowing from the instruction which value was
given at assembly time, so it just uses '0'. */
-#define TIC80_OPERAND_ENDMASK (1 << 12)
+#define TIC80_OPERAND_ENDMASK (1u << 12)
/* This operand is one of the 32 general purpose registers.
The disassembler prints these with a leading 'r'. */
-#define TIC80_OPERAND_GPR (1 << 27)
+#define TIC80_OPERAND_GPR (1u << 27)
/* This operand is a floating point accumulator register.
The disassembler prints these with a leading 'a'. */
-#define TIC80_OPERAND_FPA ( 1 << 28)
+#define TIC80_OPERAND_FPA (1u << 28)
/* This operand is a control register number, either numeric or
symbolic (like "EIF", "EPC", etc).
The disassembler prints these symbolically. */
-#define TIC80_OPERAND_CR (1 << 29)
+#define TIC80_OPERAND_CR (1u << 29)
/* This operand is a condition code, either numeric or
symbolic (like "eq0.b", "ne0.w", etc).
The disassembler prints these symbolically. */
-#define TIC80_OPERAND_CC (1 << 30)
+#define TIC80_OPERAND_CC (1u << 30)
/* This operand is a bit number, either numeric or
symbolic (like "eq.b", "or.f", etc).
@@ -238,7 +238,7 @@ extern const struct tic80_operand tic80_operands[];
Note that they appear in the instruction in 1's complement relative
to the values given in the manual. */
-#define TIC80_OPERAND_BITNUM (1 << 31)
+#define TIC80_OPERAND_BITNUM (1u << 31)
/* This mask is used to strip operand bits from an int that contains
both operand bits and a numeric value in the lsbs. */
--
1.8.3.1

33
powerpc64-ld-infinite-loop.patch Normal file
View File

@ -0,0 +1,33 @@
From de9c1b7cfe6e57ea8b677dc2de06e83de50f47c2 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Wed, 11 Mar 2020 14:43:16 +1030
Subject: [PATCH] powerpc64-ld infinite loop
If this code dealing with possible conversion of inline plt sequences
is ever executed, ld will hang. A binary with such sequences and of
code size larger than approximately 90% the reach of an unconditional
branch is the trigger. Oops.
* elf64-ppc.c (ppc64_elf_inline_plt): Do increment rel in for loop.
(cherry picked from commit 435edf0bf231240ccecb474b74ebb49dc8db2633)
---
bfd/elf64-ppc.c | 2 +-
1 files changed, 1 insertions(+), 1 deletion(-)
diff --git a/bfd/elf64-ppc.c b/bfd/elf64-ppc.c
index 73ea286..bea722c 100644
--- a/bfd/elf64-ppc.c
+++ b/bfd/elf64-ppc.c
@@ -7507,7 +7507,7 @@ ppc64_elf_inline_plt (struct bfd_link_info *info)
return FALSE;
relend = relstart + sec->reloc_count;
- for (rel = relstart; rel < relend; )
+ for (rel = relstart; rel < relend; rel++)
{
enum elf_ppc64_reloc_type r_type;
unsigned long r_symndx;
--
1.8.3.1

55
ubsan-cr16-left-shift-cannot-be-represented-in-type-int.patch
View File

@ -1,55 +0,0 @@
From 0ef562a4b5da6bc1f16b2ea801b228acafd033d8 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Tue, 10 Dec 2019 23:02:37 +1030
Subject: [PATCH] ubsan: cr16: left shift cannot be represented in type 'int'
This was:
unsigned long mask = SBM (instruction->match_bits);
with
#define SBM(offs) ((((1 << (32 - offs)) -1) << (offs)))
Well, there are a couple of problems. Firstly, the expression uses
int values (1 rather than 1u or 1ul) resulting in the ubsan error, and
secondly, a zero offs will result in a 32-bit shift which is undefined
if ints are only 32 bits.
* cr16-dis.c (EXTRACT, SBM): Rewrite.
(cr16_match_opcode): Delete duplicate bcond test.
---
opcodes/ChangeLog | 5 +++++
opcodes/cr16-dis.c | 11 ++++-------
2 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/opcodes/cr16-dis.c b/opcodes/cr16-dis.c
index 65cf91c..68fbe42 100644
--- a/opcodes/cr16-dis.c
+++ b/opcodes/cr16-dis.c
@@ -30,11 +30,11 @@
/* Extract 'n_bits' from 'a' starting from offset 'offs'. */
#define EXTRACT(a, offs, n_bits) \
- (n_bits == 32 ? (((a) >> (offs)) & 0xffffffffL) \
- : (((a) >> (offs)) & ((1 << (n_bits)) -1)))
+ (((a) >> (offs)) & ((1ul << ((n_bits) - 1) << 1) - 1))
-/* Set Bit Mask - a mask to set all bits starting from offset 'offs'. */
-#define SBM(offs) ((((1 << (32 - offs)) -1) << (offs)))
+/* Set Bit Mask - a mask to set all bits in a 32-bit word starting
+ from offset 'offs'. */
+#define SBM(offs) ((1ul << 31 << 1) - (1ul << (offs)))
typedef struct
{
@@ -329,9 +329,6 @@ cr16_match_opcode (void)
while (instruction >= cr16_instruction)
{
mask = build_mask ();
- /* Adjust mask for bcond with 32-bit size instruction */
- if ((IS_INSN_MNEMONIC("b") && instruction->size == 2))
- mask = 0xff0f0000;
if ((doubleWord & mask) == BIN (instruction->match,
instruction->match_bits))
--
2.9.3

44
ubsan-ia64-left-shift-of-negative-value.patch
View File

@ -1,44 +0,0 @@
From 8ff23dba80b80a9f47d75dd43812e041f6674763 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Tue, 10 Dec 2019 17:57:14 +1030
Subject: [PATCH] ubsan: ia64: left shift of negative value
Here, since val is signed:
*valuep = (val << scale);
* cpu-ia64-opc.c (ext_imms_scaled): Avoid undefined left shift
of negative values by using unsigned vars.
---
bfd/ChangeLog | 5 +++++
bfd/cpu-ia64-opc.c | 6 +++---
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/bfd/cpu-ia64-opc.c b/bfd/cpu-ia64-opc.c
index 84ee0e2..8df90be 100644
--- a/bfd/cpu-ia64-opc.c
+++ b/bfd/cpu-ia64-opc.c
@@ -186,7 +186,7 @@ ext_imms_scaled (const struct ia64_operand *self, ia64_insn code,
ia64_insn *valuep, int scale)
{
int i, bits = 0, total = 0;
- BFD_HOST_64_BIT val = 0, sign;
+ BFD_HOST_U_64_BIT val = 0, sign;
for (i = 0; i < NELEMS (self->field) && self->field[i].bits; ++i)
{
@@ -196,10 +196,10 @@ ext_imms_scaled (const struct ia64_operand *self, ia64_insn code,
total += bits;
}
/* sign extend: */
- sign = (BFD_HOST_64_BIT) 1 << (total - 1);
+ sign = (BFD_HOST_U_64_BIT) 1 << (total - 1);
val = (val ^ sign) - sign;
- *valuep = (val << scale);
+ *valuep = val << scale;
return 0;
}
--
2.9.3