[Bug binutils/11973] New: mn10300 assembler produce incorrect calls address for far calls (32bit) when command contain nonzero stack and/or saving registers
$ diff -ub /usr/src/binutils-2.20.51-2/gas/config/tc-mn10300.c.orig /usr/src/binutils-2.20.51-2/gas/config/tc-mn10300.c --- tc-mn10300.c.orig 2010-03-03 20:51:43.00100 +0200 +++ tc-mn10300.c2010-09-03 12:41:04.383203900 +0300 @@ -689,6 +689,8 @@ fragP->fr_literal[offset] = 0xdd; fragP->fr_literal[offset + 5] = fragP->fr_literal[offset + 3]; fragP->fr_literal[offset + 6] = fragP->fr_literal[offset + 4]; + fragP->fr_literal[offset + 3] = 0; + fragP->fr_literal[offset + 4] = 0; fix_new (fragP, fragP->fr_fix + 1, 4, fragP->fr_symbol, fragP->fr_offset + 1, 1, BFD_RELOC_32_PCREL); -- Summary: mn10300 assembler produce incorrect calls address for far calls (32bit) when command contain nonzero stack and/or saving registers Product: binutils Version: 2.20 Status: NEW Severity: critical Priority: P2 Component: binutils AssignedTo: unassigned at sources dot redhat dot com ReportedBy: DaLiV at apollo dot lv CC: bug-binutils at gnu dot org http://sourceware.org/bugzilla/show_bug.cgi?id=11973 --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ bug-binutils mailing list bug-binutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug gas/11974] New: windows x86_64 sign extension
The parser for windows x86_64 does sign extensions
on values from 0x8000 to 0x
even for constant 64-bit values.
Even if 32-bit is the norm for constant expressions,
at least MOVABS instruction is supposed to accept 64-bit immediate values,
but the sign extension mechanism is still applied in that case.
This happens in config/tc-i386.c
in i386_finalize_immediate.
Linux assembler is not affected as
`use_rela_relocations' variable is set to 1
for 64 bit ELF target objects.
This creates incompatible output from a single assembler source.
Example <<<
source file: test-sign.s <<<
.data
test:
.quad 0
.text
.global _settest1
_settest1:
movq$0x8001,%rax
movq%rax,test
retq
.global _settest2
_settest2:
movq$0x18001,%rax
movq%rax,test
retq
.global _gettest
_gettest:
movqtest,%rax
retq
.global _test_push_imm
_test_push_imm:
pushq %rbp
movq%rsp,%rbp
pushq $0x8001
movq-8(%rbp),%rax
movq%rax,test
leaveq
retq
.global _settestmovabs
_settestmovabs:
movabsq $0x8001,%rax
retq
End of source <<<
Source file test.c <<<
#include
extern void settest1 ();
extern void settest2 ();
extern void settestmovabs ();
extern long long int gettest ();
int
main ()
{
long long int res;
res = gettest ();
if (res != 0)
printf ("Error for value 0\n");
settest2 ();
res = gettest ();
if (res != (long long int) (0x18001))
printf ("Error for value 0x18001\n");
settest1 ();
res = gettest ();
if (res != (long long int) (0x8001))
printf ("Error for value 0x8001\n");
settestmovabs ();
res = gettest ();
if (res != (long long int) (0x8001))
printf ("Error for value 0x8001\n");
return 0;
}
End of source <<<
Assemble sign-test.s using GNU as for x86_64 windows
as -o test-sign.o test-sign.s
Compile test.c:
gcc -o test.exe test-sign.o test.c
Run ./test.exe:
$ ./test
Error for value 0x8001 with settest1
Error for value 0x8001 with settestmovabs
--
Summary: windows x86_64 sign extension
Product: binutils
Version: 2.21 (HEAD)
Status: NEW
Severity: normal
Priority: P2
Component: gas
AssignedTo: unassigned at sources dot redhat dot com
ReportedBy: muller at ics dot u-strasbg dot fr
CC: bug-binutils at gnu dot org
GCC host triplet: x86_64-w64-mingw32
http://sourceware.org/bugzilla/show_bug.cgi?id=11974
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
___
bug-binutils mailing list
bug-binutils@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-binutils
two patches for bugs in BFD/peXXigen.c
Hi,
while working on free software ports to Windows CE I noticed two bugs in
binutils' BFD support for some PE files (for example, kmail-mobile.exe built
with MSVC). Fixes for both are included below. Copyright assignments by g10
Code GmbH are on file at the FSF. If you need anything else, just let me
know. The file that triggers these bugs can be found at:
ftp://ftp.g10code.com/people/marcus/kmail-mobile-binutils-test.exe.gz
The first issue concerns import tables where the thunk table is found in a
different section. In this case, BFD tries to load DATASIZE bytes from that
section at the beginning of the thunk array, but DATASIZE is the remaining
bytes in the import table section starting from the beginning of the import
table. This number is in no way related to the size of the thunk table or the
section in which this thunk table is to be found. So, my patch introduces a
new size, limit_size, which is correctly calculated and used in the
appropriate places. Without the patch, no import symbols would be shown for
kmail-mobile.exe (Visual Studio 2008, Windows CE), because the data section is
in this case not large enough to read DATASIZE bytes from it. With the patch,
loading LIMIT_SIZE bytes succeeds and all import symbols are shown correctly.
The second issue concerns the support for compressed pdata support for Windows
CE. In this code is a simple memory leak. First, the whole section is
malloced and copied to TDATA, then immediately TDATA is overwritten with a
much smaller buffer to which only the required section data is copied, leaking
memory in the size of the section for each entry in the table. For
kmail-mobile.exe, the table is very large (hundreds of entries), leaking
Gigabytes of memory quickly and basically creating denial of service attack.
Thanks a lot,
Marcus Brinkmann
mar...@g10code.com
--
g10 Code GmbH http://g10code.com AmtsGer. Wuppertal HRB 14459
Hüttenstr. 61 Geschäftsführung Werner Koch
D-40699 Erkrath -=- The GnuPG Experts -=- USt-Id DE215605608
2010-09-03 Marcus Brinkmann
* peXXigen.c (pe_print_idata): Use correct size limit to load
thunk table from different section.
Index: peXXigen.c
===
RCS file: /cvs/src/src/bfd/peXXigen.c,v
retrieving revision 1.64
diff -u -p -r1.64 peXXigen.c
--- peXXigen.c 27 Jun 2010 04:07:53 - 1.64
+++ peXXigen.c 2 Sep 2010 23:02:08 -
@@ -1226,6 +1226,7 @@ pe_print_idata (bfd * abfd, void * vfile
bfd_size_type ft_datasize;
int ft_idx;
int ft_allocated = 0;
+ bfd_size_type limit_size;
fprintf (file, _("\tvma: Hint/Ord Member-Name Bound-To\n"));
@@ -1262,17 +1263,19 @@ pe_print_idata (bfd * abfd, void * vfile
{
ft_data = data;
ft_idx = first_thunk - adj;
+ limit_size = section->size - ft_idx;
}
else
{
ft_idx = first_thunk - (ft_section->vma - extra->ImageBase);
- ft_data = (bfd_byte *) bfd_malloc (datasize);
+ limit_size = ft_section->size - ft_idx;
+ ft_data = (bfd_byte *) bfd_malloc (limit_size);
if (ft_data == NULL)
continue;
- /* Read datasize bfd_bytes starting at offset ft_idx. */
+ /* Read limit_size bfd_bytes starting at offset ft_idx. */
if (! bfd_get_section_contents
- (abfd, ft_section, ft_data, (bfd_vma) ft_idx, datasize))
+ (abfd, ft_section, ft_data, (bfd_vma) ft_idx, limit_size))
{
free (ft_data);
continue;
@@ -1285,7 +1288,7 @@ pe_print_idata (bfd * abfd, void * vfile
/* Print HintName vector entries. */
#ifdef COFF_WITH_pex64
- for (j = 0; j < datasize; j += 8)
+ for (j = 0; j < limit_size; j += 8)
{
unsigned long member = bfd_get_32 (abfd, data + idx + j);
unsigned long member_high = bfd_get_32 (abfd, data + idx + j + 4);
@@ -1316,7 +1319,7 @@ pe_print_idata (bfd * abfd, void * vfile
fprintf (file, "\n");
}
#else
- for (j = 0; j < datasize; j += 4)
+ for (j = 0; j < limit_size; j += 4)
{
unsigned long member = bfd_get_32 (abfd, data + idx + j);
2010-09-03 Marcus Brinkmann
* peXXigen.c (_bfd_XX_print_ce_compressed_pdata): Fix memory leak.
Index: peXXigen.c
===
RCS file: /cvs/src/src/bfd/peXXigen.c,v
retrieving revision 1.64
diff -u -p -r1.64 peXXigen.c
--- peXXigen.c 27 Jun 2010 04:07:53 - 1.64
+++ peXXigen.c 2 Sep 2010 23:02:08 -
@@ -1828,7 +1831,6 @@ _bfd_XX_print_ce_compressed_pdata (bfd *
bfd_vma other_data;
bfd_vma prolog_length, function_length;
int flag32bit, exception_flag;
- bfd_byte *tdata = 0;
asection *tsection;
if (i + PDATA_ROW_SIZE > stop)
@@ -1860,36 +1862,29 @@ _bfd_XX_print_ce_compressed_pdata (bfd *
if (tsection && coff_section_data (abfd, tsection)
&& pei_section_data (abfd, tsection))
{
- if (bfd_malloc_and_get_section (abfd, tsection, & tdata)
[Bug binutils/11977] New: ld updates output timestamp even when compiler fails
When provided with a spurious filename on the command line, ld updates the
output file's timestamp even if compilation fails. Re-invoking make
consequently produces a message that the target is up to date.
Consider two files: ldtest.h (empty, not included), and ldtest.C:
$ cat ldtest.C
int
main( int argc, char *argv[] )
{
return 0;
}
Build it, ruin the source, build it (fails), build it again (succeeds):
$ make ldtest.borked
c++ -o ldtest.borked ldtest.C ldtest.h
$ make break
ldtest.c
mv ldtest.c ldtest.C
$ make ldtest.borked
c++ -o ldtest.borked ldtest.C ldtest.h
ldtest.C: In function int main(int, char**):
ldtest.C:4: error: r was not declared in this scope
ldtest.C:4: error: expected `;' before eturn
make: *** [ldtest.borked] Error 1
$ make ldtest.borked
make: `ldtest.borked' is up to date.
$ stat ldtest.C ldtest.borked | grep -E 'ldtest|Change'
File: `ldtest.C'
Change: 2010-09-03 12:56:18.14013 -0400
File: `ldtest.borked'
Change: 2010-09-03 12:56:24.168658000 -0400
If ldtest.h is not on the command line, the binary is not updated:
$ make fix
ldtest.c
mv ldtest.c ldtest.C
$ make ldtest
c++ -o ldtest ldtest.C
$ make break
ldtest.c
mv ldtest.c ldtest.C
$ make ldtest
c++ -o ldtest ldtest.C
ldtest.C: In function int main(int, char**):
ldtest.C:4: error: r was not declared in this scope
ldtest.C:4: error: expected `;' before eturn
make: *** [ldtest] Error 1
$ make ldtest
c++ -o ldtest ldtest.C
ldtest.C: In function int main(int, char**):
ldtest.C:4: error: r was not declared in this scope
ldtest.C:4: error: expected `;' before eturn
make: *** [ldtest] Error 1
$ stat ldtest.C ldtest | grep -E 'ldtest|Change'
File: `ldtest.C'
Change: 2010-09-03 13:05:18.469643000 -0400
File: `ldtest'
Change: 2010-09-03 13:05:15.407893000 -0400
$ ld -V
GNU ld version 2.17.50.0.6-6.el5 20061020
Supported emulations:
elf_x86_64
elf_i386
i386linux
While one might argue GIGO, this is an easy mistake to make. I submit ld should
make every effort not to produce invalid binaries, and in this case it discards
information from the compiler.
--
Summary: ld updates output timestamp even when compiler fails
Product: binutils
Version: 2.17
Status: NEW
Severity: normal
Priority: P2
Component: binutils
AssignedTo: unassigned at sources dot redhat dot com
ReportedBy: jklowden at schemamania dot org
CC: bug-binutils at gnu dot org
GCC target triplet: elf_x86_64
http://sourceware.org/bugzilla/show_bug.cgi?id=11977
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
___
bug-binutils mailing list
bug-binutils@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug gas/11974] windows x86_64 sign extension
--- Additional Comments From cvs-commit at gcc dot gnu dot org 2010-09-03 17:39 --- Subject: Bug 11974 CVSROOT:/cvs/src Module name:src Changes by: h...@sourceware.org 2010-09-03 17:38:38 Modified files: gas: ChangeLog gas/config : tc-i386.c gas/testsuite : ChangeLog gas/testsuite/gas/i386: immed64.d immed64.s Log message: Check flag_code instead of use_rela_relocations for 64bit. gas/ 2010-09-03 H.J. Lu PR gas/11974 * config/tc-i386.c (i386_finalize_immediate): Check flag_code instead of use_rela_relocations for 64bit. gas/testsuite/ 2010-09-03 H.J. Lu PR gas/11974 * gas/i386/immed64.s: Add more movabs tests. * gas/i386/immed64.d: Updated. Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/src/gas/ChangeLog.diff?cvsroot=src&r1=1.4240&r2=1.4241 http://sourceware.org/cgi-bin/cvsweb.cgi/src/gas/config/tc-i386.c.diff?cvsroot=src&r1=1.447&r2=1.448 http://sourceware.org/cgi-bin/cvsweb.cgi/src/gas/testsuite/ChangeLog.diff?cvsroot=src&r1=1.1728&r2=1.1729 http://sourceware.org/cgi-bin/cvsweb.cgi/src/gas/testsuite/gas/i386/immed64.d.diff?cvsroot=src&r1=1.3&r2=1.4 http://sourceware.org/cgi-bin/cvsweb.cgi/src/gas/testsuite/gas/i386/immed64.s.diff?cvsroot=src&r1=1.1&r2=1.2 --- Additional Comments From hjl dot tools at gmail dot com 2010-09-03 17:40 --- Fixed. -- What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED http://sourceware.org/bugzilla/show_bug.cgi?id=11974 --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ bug-binutils mailing list bug-binutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/11977] ld updates output timestamp even when compiler fails
--- Additional Comments From jklowden at schemamania dot org 2010-09-03 18:15 --- On further investigation, the linker might not be involved. "c++ -v" doesn't show collect2 being invoked. The problem might be caused by the way gcc invokes cc1plus. I wonder about "--output-pch= ldtest", below: $ c++ -o ldtest ldtest.C ldtest.h -v Using built-in specs. Target: x86_64-redhat-linux Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --enable-checking=release --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-libgcj-multifile --enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk --disable-dssi --enable-plugin --with-java-home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre --with-cpu=generic --host=x86_64-redhat-linux Thread model: posix gcc version 4.1.2 20080704 (Red Hat 4.1.2-44) /usr/libexec/gcc/x86_64-redhat-linux/4.1.2/cc1plus -quiet -v -D_GNU_SOURCE ldtest.C -quiet -dumpbase ldtest.C -mtune=generic -auxbase ldtest -version -o /tmp/ccI315nM.s ignoring nonexistent directory "/usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../x86_64-redhat-linux/include" #include "..." search starts here: #include <...> search starts here: /usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../include/c++/4.1.2 /usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../include/c++/4.1.2/x86_64-redhat-linux /usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../include/c++/4.1.2/backward /usr/local/include /usr/lib/gcc/x86_64-redhat-linux/4.1.2/include /usr/include End of search list. GNU C++ version 4.1.2 20080704 (Red Hat 4.1.2-44) (x86_64-redhat-linux) compiled by GNU C version 4.1.2 20080704 (Red Hat 4.1.2-44). GGC heuristics: --param ggc-min-expand=100 --param ggc-min-heapsize=131072 Compiler executable checksum: 2d02d8750f9b337bb19a7dd5b4e2167e ldtest.C: In function int main(int, char**): ldtest.C:4: error: r was not declared in this scope ldtest.C:4: error: expected `;' before eturn /usr/libexec/gcc/x86_64-redhat-linux/4.1.2/cc1plus -quiet -v -D_GNU_SOURCE ldtest.h -quiet -dumpbase ldtest.h -mtune=generic -auxbase ldtest -version -o /tmp/ccI315nM.s --output-pch= ldtest ignoring nonexistent directory "/usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../x86_64-redhat-linux/include" #include "..." search starts here: #include <...> search starts here: /usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../include/c++/4.1.2 /usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../include/c++/4.1.2/x86_64-redhat-linux /usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../include/c++/4.1.2/backward /usr/local/include /usr/lib/gcc/x86_64-redhat-linux/4.1.2/include /usr/include End of search list. GNU C++ version 4.1.2 20080704 (Red Hat 4.1.2-44) (x86_64-redhat-linux) compiled by GNU C version 4.1.2 20080704 (Red Hat 4.1.2-44). GGC heuristics: --param ggc-min-expand=100 --param ggc-min-heapsize=131072 Compiler executable checksum: 2d02d8750f9b337bb19a7dd5b4e2167e -- http://sourceware.org/bugzilla/show_bug.cgi?id=11977 --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ bug-binutils mailing list bug-binutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/11977] ld updates output timestamp even when compiler fails
--- Additional Comments From schwab at linux-m68k dot org 2010-09-03 18:47 --- Not a binutils bug. -- What|Removed |Added Status|NEW |RESOLVED Resolution||INVALID http://sourceware.org/bugzilla/show_bug.cgi?id=11977 --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ bug-binutils mailing list bug-binutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-binutils
