diff options
| author | Tejas Belagod <tejas.belagod@arm.com> | 2014-11-25 14:51:24 +0800 |
|---|---|---|
| committer | Andrew Hsieh <andrewhsieh@google.com> | 2015-03-30 21:19:59 -0700 |
| commit | e20a4f0299d03097bbf2b05331825901ff9681a0 (patch) | |
| tree | 82bab5250e525150e068fb23e66083a3b3bc9f82 /binutils-2.25/bfd | |
| parent | 29bc0005408451ccd5a490b226d59b9794fa0f6e (diff) | |
| download | toolchain_binutils-e20a4f0299d03097bbf2b05331825901ff9681a0.zip toolchain_binutils-e20a4f0299d03097bbf2b05331825901ff9681a0.tar.gz toolchain_binutils-e20a4f0299d03097bbf2b05331825901ff9681a0.tar.bz2 | |
Fixed Cortex-A53 Erratum 835769 -- LD segfaults with unordered maps.
The BFD/LD patch for Cortex-A53 erratum 835769
(https://sourceware.org/ml/binutils/2014-10/msg00199.html)
does not handle a particular case of the AArch64 ELF ABI where mapping
symbols are allowed to be unordered in the symbol table (not in address order).
The unordering causes section maps to be traversed with incorrect span boundaries
(in the erratum scanning function) which causes memory faults. The attached
patch fixes this issue by ordering the section maps by their 'vma' before
starting to traverse them.
While this is not an issue with a the GNU toolchain, it is a potential issue
with Clang/LLVM. We have observed at least one case where LLVM generates an
ELF object with mapping symbols unordered in the symbol table and causes a fault.
We have been unable to construct a test case with the GNU toolchain. We have verified
by manual inspection the correctness of the traversal with this patch for an
LLVM-generated ELF object which triggered this issue. This patch has been bootstrapped
on aarch64-linux and regressed.
Diffstat (limited to 'binutils-2.25/bfd')
| -rw-r--r-- | binutils-2.25/bfd/elfnn-aarch64.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/binutils-2.25/bfd/elfnn-aarch64.c b/binutils-2.25/bfd/elfnn-aarch64.c index 19ad4d2..0879db9 100644 --- a/binutils-2.25/bfd/elfnn-aarch64.c +++ b/binutils-2.25/bfd/elfnn-aarch64.c @@ -2937,6 +2937,29 @@ aarch64_erratum_sequence (uint32_t insn_1, uint32_t insn_2) return FALSE; } +/* Used to order a list of mapping symbols by address. */ + +static int +elf_aarch64_compare_mapping (const void *a, const void *b) +{ + const elf_aarch64_section_map *amap = (const elf_aarch64_section_map *) a; + const elf_aarch64_section_map *bmap = (const elf_aarch64_section_map *) b; + + if (amap->vma > bmap->vma) + return 1; + else if (amap->vma < bmap->vma) + return -1; + else if (amap->type > bmap->type) + /* Ensure results do not depend on the host qsort for objects with + multiple mapping symbols at the same address by sorting on type + after vma. */ + return 1; + else if (amap->type < bmap->type) + return -1; + else + return 0; +} + static bfd_boolean erratum_835769_scan (bfd *input_bfd, struct bfd_link_info *info, @@ -2974,6 +2997,10 @@ erratum_835769_scan (bfd *input_bfd, return TRUE; sec_data = elf_aarch64_section_data (section); + + qsort (sec_data->map, sec_data->mapcount, + sizeof (elf_aarch64_section_map), elf_aarch64_compare_mapping); + for (span = 0; span < sec_data->mapcount; span++) { unsigned int span_start = sec_data->map[span].vma; |