From patchwork Tue Feb 27 13:09:36 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Andreas Krebbel <krebbel@linux.ibm.com>
X-Patchwork-Id: 207215
Return-Path: <binutils-bounces+ouuuleilei=gmail.com@sourceware.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id
 bq27csp2682544dyb;
        Tue, 27 Feb 2024 05:09:58 -0800 (PST)
X-Forwarded-Encrypted: i=3;
 AJvYcCXHDEy3mcCs/xsSbujbRthQISZMExCiIt3DOCPomRe5xnSdIFD5XipR4zO7rSdEXk9ZmTteFQ8wRmdyPyUqh+DtzVpksA==
X-Google-Smtp-Source: 
 AGHT+IHhJUeP5oEdiMrhUm7MZ7x5xdVVcZGjH8raDjqIHg7kVdc4lBlD60gQWjTBlc8tumGF/2QP
X-Received: by 2002:ac8:5d51:0:b0:42e:8e36:63a1 with SMTP id
 g17-20020ac85d51000000b0042e8e3663a1mr4501156qtx.6.1709039398243;
        Tue, 27 Feb 2024 05:09:58 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1709039398; cv=pass;
        d=google.com; s=arc-20160816;
        b=wpivSQ2OEPvowARa8OHLSIhpEbz/FTqYkajiYtfLMg1kFyIIyz7x+MKXbDY4g2sW+f
         70e1n2UoIaUttDJM88MbJJxXiQHNkn/znVbyYoesVSUoItUsCvVqyqhgBi80pznkekCP
         qs2RTqg5SM078J/+2L8NbraHhXNRG5L5rjFLkMuDlt0bpAXHDY7CrdtnoaLEM4UZeWJP
         V3UiwvYF005PbW/qf1fUXAJDs1Ab7lFY3GDVRJz8EQAk+V61+MwcL7U/D5aKazq1wBGZ
         FrZPB9ujI3SSdsJPvwbj8dBZwErJ0c1zER9nY3j3gxttm5DdYGT1wwDFfRRVWlfL/rQ/
         mFpw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=errors-to:list-subscribe:list-help:list-post:list-archive
         :list-unsubscribe:list-id:precedence:content-transfer-encoding
         :mime-version:message-id:date:subject:to:from:dkim-signature
         :arc-filter:dmarc-filter:delivered-to;
        bh=Vo5a/eDN6t0q/Cd9NHHJHvxTcLo3XnCOKpNK0w8Xr64=;
        fh=NLxAvL/bDfPg4AGOtxqvQlND8vazkZrNzKLY8+LAbBY=;
        b=uamGTkF95QaOdIVucoNK1KpKtDewLNwxQmkUErTJVnrkPB1xIlqyXEmPzSBqTijhl2
         I1xXAuAOnhH3W51WTc+BF33xZ2Llu+SKZ8iI9GHNO3UKk91JqwP1Yq2TiIlui5v3thqr
         pBIg+GkeEj9S73TI+/F/qGUgXiwmziFv+eCt5A/HwnWjMl1K2OkznqbaYTXqVE6HvQ0N
         hv6l7E/kyT6uPKcX9/wWtbdtjBlncjeQagbB7XTCV4Bq6lonteIUbBrio+GZUQ/T9EOR
         h+AtG9JcCXvvIlWpY/sYYCkfa6wWicl/BMh+zamvKA1OCTYeKlmZSUFx7D84IvfZlENo
         7ulw==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@ibm.com header.s=pp1 header.b=lZP3rBtv;
       arc=pass (i=1);
       spf=pass (google.com: domain of
 binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org";
       dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com
Received: from server2.sourceware.org (server2.sourceware.org.
 [2620:52:3:1:0:246e:9693:128c])
        by mx.google.com with ESMTPS id
 g12-20020ac8580c000000b0042e7f719b1asi5594461qtg.554.2024.02.27.05.09.58
        for <ouuuleilei@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 27 Feb 2024 05:09:58 -0800 (PST)
Received-SPF: pass (google.com: domain of
 binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 client-ip=2620:52:3:1:0:246e:9693:128c;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@ibm.com header.s=pp1 header.b=lZP3rBtv;
       arc=pass (i=1);
       spf=pass (google.com: domain of
 binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org";
       dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id EA0F43858291
	for <ouuuleilei@gmail.com>; Tue, 27 Feb 2024 13:09:57 +0000 (GMT)
X-Original-To: binutils@sourceware.org
Delivered-To: binutils@sourceware.org
Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com
 [148.163.156.1])
 by sourceware.org (Postfix) with ESMTPS id 4F0423858C36
 for <binutils@sourceware.org>; Tue, 27 Feb 2024 13:09:43 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 4F0423858C36
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=linux.ibm.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linux.ibm.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 4F0423858C36
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=148.163.156.1
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1709039386; cv=none;
 b=Ir9o4+fcfEn5IvAFzC42dGwBOUK1bokaRuJzrQVyu8kHxIPSMii+lrQEo2bguNKh4Hi4NgObpJPT2E81dGM3nj3g3WFou/GVQkauSsfumNjx61dIUO5oqqQwquTgekHQt4L3pU0V+RTOeRgMasxsTSpK8OFcPyy8wf4Hzi8w490=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1709039386; c=relaxed/simple;
 bh=ehBq04T8EAFHuZOqg3fHIrkY0dZWhlTUXGA3EPXCUyA=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=ujq9YIH/f0vPxCE2rvQSOK6IOeCvCd8YXh6sAK+I/oT8Qg9ACWRy6dKA2C0ijQomHr9p6G3vJVfLpUvvMxlMLN0xbNHmnKVmb5svksV+KglSHE+jvT2EQ/UKcEfIhKP8ZRWoKjzYTJramjV9+6qfu3qhis8OppBWPZL8AV4MJ0U=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: from pps.filterd (m0360083.ppops.net [127.0.0.1])
 by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
 41RClGh2029411
 for <binutils@sourceware.org>; Tue, 27 Feb 2024 13:09:42 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com;
 h=from : to : subject :
 date : message-id : mime-version : content-transfer-encoding; s=pp1;
 bh=Vo5a/eDN6t0q/Cd9NHHJHvxTcLo3XnCOKpNK0w8Xr64=;
 b=lZP3rBtvvq6pdl+z0y58cQgzHeilGfOBGZ/pZKx8KXR2XDjVDncq2Rn2n/S6eYNjX3eD
 rSXKeltUkoX/NND2uEAeDziHmClqrns8s89jjf6ArUQNuw0+0tZZSLX1pqvvdlLxZnTo
 IEzdndr9YA5faC8nLkrnx8nxWL34f8vKYBtLKzia/Mlap1U45iaNXKObzQn6Z/oMP94M
 I21e/GUCn30aNWhhBvVsw4o8rjwyH8SV9hIK1xqgsHmb+2dcnf79gOKm2NNJ199Qe91H
 tFMAWUNmz2Zb3HxHZ+5boU+uiKeVpwVhPqo0f1OPuR4rID2U1LBwfa/HNXeUI6Lx6Gck JQ==
Received: from ppma22.wdc07v.mail.ibm.com
 (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92])
 by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3whg1x0pjx-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
 for <binutils@sourceware.org>; Tue, 27 Feb 2024 13:09:42 +0000
Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1])
 by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id
 41RCPG3b021792
 for <binutils@sourceware.org>; Tue, 27 Feb 2024 13:09:40 GMT
Received: from smtprelay06.fra02v.mail.ibm.com ([9.218.2.230])
 by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3wfu5yywrj-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
 for <binutils@sourceware.org>; Tue, 27 Feb 2024 13:09:40 +0000
Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com
 [10.20.54.105])
 by smtprelay06.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id
 41RD9abR30736796
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
 for <binutils@sourceware.org>; Tue, 27 Feb 2024 13:09:38 GMT
Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1])
 by IMSVA (Postfix) with ESMTP id BFB862004B
 for <binutils@sourceware.org>; Tue, 27 Feb 2024 13:09:36 +0000 (GMT)
Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1])
 by IMSVA (Postfix) with ESMTP id 957D220040
 for <binutils@sourceware.org>; Tue, 27 Feb 2024 13:09:36 +0000 (GMT)
Received: from li-ecc9ffcc-3485-11b2-a85c-e633c5126265.fritz.box (unknown
 [9.179.12.12]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP
 for <binutils@sourceware.org>; Tue, 27 Feb 2024 13:09:36 +0000 (GMT)
From: Andreas Krebbel <krebbel@linux.ibm.com>
To: binutils@sourceware.org
Subject: [Committed] s390: Avoid reloc overflows on undefined weak symbols
Date: Tue, 27 Feb 2024 14:09:36 +0100
Message-ID: <20240227130936.54206-1-krebbel@linux.ibm.com>
X-Mailer: git-send-email 2.43.0
MIME-Version: 1.0
X-TM-AS-GCONF: 00
X-Proofpoint-ORIG-GUID: YTSsslxc-acphqm-CKmariTxU7IK8i0g
X-Proofpoint-GUID: YTSsslxc-acphqm-CKmariTxU7IK8i0g
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26
 definitions=2024-02-26_11,2024-02-27_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
 impostorscore=0 spamscore=0
 clxscore=1015 adultscore=0 bulkscore=0 priorityscore=1501 mlxlogscore=910
 suspectscore=0 mlxscore=0 phishscore=0 lowpriorityscore=0 malwarescore=0
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000
 definitions=main-2402270102
X-Spam-Status: No, score=-11.6 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL,
 SPF_HELO_NONE, SPF_PASS, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: binutils@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Binutils mailing list <binutils.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/binutils>,
 <mailto:binutils-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/binutils/>
List-Post: <mailto:binutils@sourceware.org>
List-Help: <mailto:binutils-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/binutils>,
 <mailto:binutils-request@sourceware.org?subject=subscribe>
Errors-To: binutils-bounces+ouuuleilei=gmail.com@sourceware.org
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1792057695964346237
X-GMAIL-MSGID: 1792057695964346237

Replace relative long addressing instructions of weak symbols, which
will definitely resolve to zero, with either a load address of 0, a
NOP, or a trapping insn.

This prevents the PC32DBL relocation from overflowing in case the
binary will be loaded at 4GB or more.

Committed to mainline. I'll push that also to release branches after
giving it some time in mainline.

bfd/ChangeLog:

	* bfd/elf64-s390.c (elf_s390_relocate_section): Replace
	instructions using undefined weak symbols with relative addressing
	to avoid relocation overflows.

ld/ChangeLog:
	* ld/testsuite/ld-s390/s390.exp:
	* ld/testsuite/ld-s390/8GB.ld: New test.
	* ld/testsuite/ld-s390/weakundef-1.dd: New test.
	* ld/testsuite/ld-s390/weakundef-1.s: New test.
---
 bfd/elf64-s390.c                    | 54 +++++++++++++++++++++++++++++
 ld/testsuite/ld-s390/8GB.ld         |  1 +
 ld/testsuite/ld-s390/s390.exp       |  3 ++
 ld/testsuite/ld-s390/weakundef-1.dd | 15 ++++++++
 ld/testsuite/ld-s390/weakundef-1.s  | 18 ++++++++++
 5 files changed, 91 insertions(+)
 create mode 100644 ld/testsuite/ld-s390/8GB.ld
 create mode 100644 ld/testsuite/ld-s390/weakundef-1.dd
 create mode 100644 ld/testsuite/ld-s390/weakundef-1.s

diff --git a/bfd/elf64-s390.c b/bfd/elf64-s390.c
index ab9ec3f5b48..74ac0180bf8 100644
--- a/bfd/elf64-s390.c
+++ b/bfd/elf64-s390.c
@@ -2475,6 +2475,60 @@ elf_s390_relocate_section (bfd *output_bfd,
 			    + h->plt.offset);
 	      goto do_relocation;
 	    }
+
+	  /* Replace relative long addressing instructions of weak
+	     symbols, which will definitely resolve to zero, with
+	     either a load address of 0, a NOP, or a trapping insn.
+	     This prevents the PC32DBL relocation from overflowing in
+	     case the binary will be loaded at 4GB or more.  */
+	  if (h != NULL
+	      && h->root.type == bfd_link_hash_undefweak
+	      && !h->root.linker_def
+	      && (bfd_link_executable (info)
+		  || ELF_ST_VISIBILITY (h->other) != STV_DEFAULT)
+	      && r_type == R_390_PC32DBL)
+	    {
+	      void *insn_start = contents + rel->r_offset - 2;
+	      uint16_t op = bfd_get_16 (input_bfd, insn_start) & 0xff0f;
+	      uint8_t reg = bfd_get_8 (input_bfd, insn_start + 1) & 0xf0;
+
+	      /* NOTE: The order of the if's is important!  */
+	      /* Replace load address relative long (larl) with load
+		 address (lay) */
+	      if (op == 0xc000)
+		{
+		  /* larl rX,<weak sym> -> lay rX,0(0)  */
+		  bfd_put_16 (output_bfd, 0xe300 | reg, insn_start);
+		  bfd_put_32 (output_bfd, 0x71, insn_start + 2);
+		  continue;
+		}
+	      /* Replace prefetch data relative long (pfdrl) with a NOP  */
+	      else if (op == 0xc602)
+		{
+		  /* Emit a 6-byte NOP: jgnop .  */
+		  bfd_put_16 (output_bfd, 0xc004, insn_start);
+		  bfd_put_32 (output_bfd, 0x0, insn_start + 2);
+		  continue;
+		}
+	      /* Replace the following instructions with a trap:
+		 - branch relative and save long (brasl)
+		 - load (logical) relative long (lrl, lgrl, lgfrl, llgfrl)
+		 - load (logical) halfword relative long (lhrl, lghrl, llhrl, llghrl)
+		 - store relative long (strl, stgrl)
+		 - store halfword relative long (sthrl)
+		 - execute relative long (exrl)
+		 - compare (logical) relative long (crl, clrl, cgrl, clgrl, cgfrl, clgfrl)
+		 - compare (logical) halfword relative long (chrl, cghrl, clhrl, clghrl)
+		 - branch relative on count high (brcth)  */
+	      else if (op == 0xc005 || (op & 0xff00) == 0xc400
+		       || (op & 0xff00) == 0xc600 || op == 0xcc06)
+		{
+		  /* Emit a 6-byte trap: jg .+2  */
+		  bfd_put_16 (output_bfd, 0xc0f4, insn_start);
+		  bfd_put_32 (output_bfd, 0x1, insn_start + 2);
+		  continue;
+		}
+	    }
 	  /* Fall through.  */
 
 	case R_390_8:
diff --git a/ld/testsuite/ld-s390/8GB.ld b/ld/testsuite/ld-s390/8GB.ld
new file mode 100644
index 00000000000..7ab94cb3ea5
--- /dev/null
+++ b/ld/testsuite/ld-s390/8GB.ld
@@ -0,0 +1 @@
+SECTIONS { . = 0x200000000; }
diff --git a/ld/testsuite/ld-s390/s390.exp b/ld/testsuite/ld-s390/s390.exp
index 27bfdeec275..6b97b6c07d9 100644
--- a/ld/testsuite/ld-s390/s390.exp
+++ b/ld/testsuite/ld-s390/s390.exp
@@ -85,6 +85,9 @@ set s390xtests {
      "-m64" {pltoffset-1.s}
      {{objdump "-dzrj.text --stop-address=16" pltoffset-1.dd}}
      "pltoffset-1"}
+    {"WEAKUNDEF1: overflow test"
+     "-m elf64_s390 -dT 8GB.ld --no-error-rwx-segments" "" "-m64" {weakundef-1.s}
+     {{objdump "-dzrj.text" weakundef-1.dd}} "weakundef-1"}
 }
 
 if [istarget "s390-*-*"] {
diff --git a/ld/testsuite/ld-s390/weakundef-1.dd b/ld/testsuite/ld-s390/weakundef-1.dd
new file mode 100644
index 00000000000..e5145245602
--- /dev/null
+++ b/ld/testsuite/ld-s390/weakundef-1.dd
@@ -0,0 +1,15 @@
+tmpdir/weakundef-1:     file format elf64-s390
+
+Disassembly of section .text:
+
+.* <foo>:
+.*:	c0 10 00 00 00 1e [	 ]*larl	%r1,20000003c <d>
+.*:	c0 10 00 00 00 1f [	 ]*larl	%r1,200000044 <wd>
+.*:	e3 10 00 00 00 71 [	 ]*lay	%r1,0
+.*:	c0 f4 00 00 00 01 [	 ]*jg	.*
+.*:	c0 f4 00 00 00 01 [	 ]*jg	.*
+.*:	c0 f4 00 00 00 01 [	 ]*jg	.*
+.*:	c0 f4 00 00 00 01 [	 ]*jg	.*
+.*:	c0 f4 00 00 00 01 [	 ]*jg	.*
+.*:	c0 f4 00 00 00 01 [	 ]*jg	.*
+.*:	c0 04 00 00 00 00 [	 ]*jgnop	.*
diff --git a/ld/testsuite/ld-s390/weakundef-1.s b/ld/testsuite/ld-s390/weakundef-1.s
new file mode 100644
index 00000000000..aeaef8d2456
--- /dev/null
+++ b/ld/testsuite/ld-s390/weakundef-1.s
@@ -0,0 +1,18 @@
+.text
+	.globl foo
+foo:
+	larl	%r1,d
+	larl	%r1,wd
+	larl	%r1,wu
+	brasl	%r1,wu
+	crl	%r1,wu
+	lrl	%r1,wu
+	strl	%r1,wu
+	exrl	%r1,wu
+	brcth	%r1,wu
+	pfdrl	%r1,wu
+	.weak	wd
+	.weak	wu
+.data
+d:	.quad 0x123
+wd:	.quad 0x123