diff --git a/.gitignore b/.gitignore
index 455e075..11423a0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,3 +8,4 @@
 /valgrind-3.9.0-svn20140318r13876.tar.bz2
 /valgrind-3.9.0-svn20140319r13879.tar.bz2
 /valgrind-3.9.0-svn20140513r13961.tar.bz2
+/valgrind-3.9.0-svn20140715r14165.tar.bz2
diff --git a/sources b/sources
index 25a3517..405783d 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-34d2a36bb23bbfa5d6969cdcdab95dcb  valgrind-3.9.0-svn20140513r13961.tar.bz2
+292e552468663f50eab5e5c43adfc8b5  valgrind-3.9.0-svn20140715r14165.tar.bz2
diff --git a/valgrind-3.9.0-aarch64-glibc-2.19.90-gcc-4.9.patch b/valgrind-3.9.0-aarch64-glibc-2.19.90-gcc-4.9.patch
deleted file mode 100644
index 8a70a14..0000000
--- a/valgrind-3.9.0-aarch64-glibc-2.19.90-gcc-4.9.patch
+++ /dev/null
@@ -1,143 +0,0 @@
-commit 4e8ca2298aa12f10a40134f0aac161954597952e
-Author: sewardj <sewardj@a5019735-40e9-0310-863c-91ae7b9d1cf9>
-Date:   Thu May 15 16:47:56 2014 +0000
-
-    Enable: sys_add_key, sys_keyctl, apparently needed by glibc-2.19.90 on
-    arm64-linux.
-    
-    
-    git-svn-id: svn://svn.valgrind.org/valgrind/trunk@13972 a5019735-40e9-0310-863c-91ae7b9d1cf9
-
-diff --git a/coregrind/m_syswrap/syswrap-arm64-linux.c b/coregrind/m_syswrap/syswrap-arm64-linux.c
-index b82b06b..c6de921 100644
---- a/coregrind/m_syswrap/syswrap-arm64-linux.c
-+++ b/coregrind/m_syswrap/syswrap-arm64-linux.c
-@@ -1024,6 +1024,8 @@ static SyscallTableEntry syscall_main_table[] = {
-    GENX_(__NR_brk,               sys_brk),               // 214
-    GENXY(__NR_munmap,            sys_munmap),            // 215
-    GENX_(__NR_mremap,            sys_mremap),            // 216
-+   LINX_(__NR_add_key,           sys_add_key),           // 217
-+   LINXY(__NR_keyctl,            sys_keyctl),            // 219
-    PLAX_(__NR_clone,             sys_clone),             // 220
-    GENX_(__NR_execve,            sys_execve),            // 221
- 
-@@ -1342,9 +1344,7 @@ static SyscallTableEntry syscall_main_table[] = {
- //ZZ    LINXY(__NR_msgrcv,            sys_msgrcv),         
- //ZZ    LINXY(__NR_msgctl,            sys_msgctl),         // 304
- //ZZ 
--//ZZ    LINX_(__NR_add_key,           sys_add_key),        // 286
- //ZZ    LINX_(__NR_request_key,       sys_request_key),    // 287
--//ZZ    LINXY(__NR_keyctl,            sys_keyctl),         // not 288...
- //ZZ //   LINX_(__NR_ioprio_set,        sys_ioprio_set),     // 289
- //ZZ 
- //ZZ //   LINX_(__NR_ioprio_get,        sys_ioprio_get),     // 290
-commit e013b24c6f62fda9836f5b0378573f1f7923ec8a
-Author: sewardj <sewardj@8f6e269a-dfd6-0310-a8e1-e2731360e62c>
-Date:   Thu May 15 16:49:21 2014 +0000
-
-    Initial front-end fixings needed to handle code generated by gcc-4.9
-    on arm64-linux.
-    
-    
-    git-svn-id: svn://svn.valgrind.org/vex/trunk@2862 8f6e269a-dfd6-0310-a8e1-e2731360e62c
-
-diff --git a/VEX/priv/guest_arm64_toIR.c b/VEX/priv/guest_arm64_toIR.c
-index 862eb20..85b2f2d 100644
---- a/VEX/priv/guest_arm64_toIR.c
-+++ b/VEX/priv/guest_arm64_toIR.c
-@@ -1004,6 +1004,8 @@ static IRExpr* getQRegLO ( UInt qregNo, IRType ty )
- {
-    Int off = offsetQRegLane(qregNo, ty, 0);
-    switch (ty) {
-+      case Ity_I8:
-+      case Ity_I16:
-       case Ity_I32: case Ity_I64:
-       case Ity_F32: case Ity_F64: case Ity_V128:
-          break;
-@@ -7102,6 +7104,20 @@ Bool dis_ARM64_simd_and_fp(/*MB_OUT*/DisResult* dres, UInt insn)
-       /* else it's really an ORR; fall through. */
-    }
- 
-+   /* ---------------- CMEQ_d_d_#0 ---------------- */
-+   /* 
-+      010 11110 11 10000 0100 110 n d
-+   */
-+   if ((INSN(31,0) & 0xFFFFFC00) == 0x5EE09800) {
-+      UInt nn = INSN(9,5);
-+      UInt dd = INSN(4,0);
-+      putQReg128(dd, unop(Iop_ZeroHI64ofV128,
-+                          binop(Iop_CmpEQ64x2, getQReg128(nn),
-+                                mkV128(0x0000))));
-+      DIP("cmeq d%u, d%u, #0\n", dd, nn);
-+      return True;
-+   }
-+
-    vex_printf("ARM64 front end: simd_and_fp\n");
-    return False;
- #  undef INSN
-commit 5a75f1c5aad7e96a7f785fc05afecec96fab8166
-Author: sewardj <sewardj@8f6e269a-dfd6-0310-a8e1-e2731360e62c>
-Date:   Fri May 16 11:20:07 2014 +0000
-
-    Implement SHL_d_d_#imm.
-    
-    
-    git-svn-id: svn://svn.valgrind.org/vex/trunk@2863 8f6e269a-dfd6-0310-a8e1-e2731360e62c
-
-diff --git a/VEX/priv/guest_arm64_toIR.c b/VEX/priv/guest_arm64_toIR.c
-index 85b2f2d..25659b8 100644
---- a/VEX/priv/guest_arm64_toIR.c
-+++ b/VEX/priv/guest_arm64_toIR.c
-@@ -7106,7 +7106,7 @@ Bool dis_ARM64_simd_and_fp(/*MB_OUT*/DisResult* dres, UInt insn)
- 
-    /* ---------------- CMEQ_d_d_#0 ---------------- */
-    /* 
--      010 11110 11 10000 0100 110 n d
-+      010 11110 11 10000 0100 110 n d   CMEQ Dd, Dn, #0
-    */
-    if ((INSN(31,0) & 0xFFFFFC00) == 0x5EE09800) {
-       UInt nn = INSN(9,5);
-@@ -7118,6 +7118,22 @@ Bool dis_ARM64_simd_and_fp(/*MB_OUT*/DisResult* dres, UInt insn)
-       return True;
-    }
- 
-+   /* ---------------- SHL_d_d_#imm ---------------- */
-+   /* 31         22 21  18 15     9 4
-+      010 111110 1  ih3 ib 010101 n d  SHL Dd, Dn, #(ih3:ib)
-+   */
-+   if (INSN(31,22) == BITS10(0,1,0,1,1,1,1,1,0,1)
-+       && INSN(15,10) == BITS6(0,1,0,1,0,1)) {
-+      UInt nn = INSN(9,5);
-+      UInt dd = INSN(4,0);
-+      UInt sh = INSN(21,16);
-+      vassert(sh < 64);
-+      putQReg128(dd, unop(Iop_ZeroHI64ofV128,
-+                          binop(Iop_ShlN64x2, getQReg128(nn), mkU8(sh))));
-+      DIP("shl d%u, d%u, #%u\n", dd, nn, sh);
-+      return True;
-+   }
-+
-    vex_printf("ARM64 front end: simd_and_fp\n");
-    return False;
- #  undef INSN
-diff --git a/VEX/priv/host_arm64_isel.c b/VEX/priv/host_arm64_isel.c
-index eb06cdf..470df6b 100644
---- a/VEX/priv/host_arm64_isel.c
-+++ b/VEX/priv/host_arm64_isel.c
-@@ -5543,10 +5543,14 @@ static HReg iselV128Expr_wrk ( ISelEnv* env, IRExpr* e )
-                   default:
-                      vassert(0);
-                }
--               if (op != ARM64vecsh_INVALID && amt > 0 && amt <= limit) {
-+               if (op != ARM64vecsh_INVALID && amt >= 0 && amt <= limit) {
-                   HReg src = iselV128Expr(env, argL);
-                   HReg dst = newVRegV(env);
--                  addInstr(env, ARM64Instr_VShiftImmV(op, dst, src, amt));
-+                  if (amt > 0) {
-+                     addInstr(env, ARM64Instr_VShiftImmV(op, dst, src, amt));
-+                  } else {
-+                     dst = src;
-+                  }
-                   return dst;
-                }
-             }
diff --git a/valgrind-3.9.0-format-security.patch b/valgrind-3.9.0-format-security.patch
deleted file mode 100644
index de298f7..0000000
--- a/valgrind-3.9.0-format-security.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git a/coregrind/m_gdbserver/remote-utils.c b/coregrind/m_gdbserver/remote-utils.c
-index d8dbe2a..b832d69 100644
---- a/coregrind/m_gdbserver/remote-utils.c
-+++ b/coregrind/m_gdbserver/remote-utils.c
-@@ -39,7 +39,7 @@
- static
- void sr_extended_perror (SysRes sr, const HChar *msg)
- {
--   sr_perror (sr, msg);
-+   sr_perror (sr, "%s", msg);
-    if (VG_(clo_verbosity) > 0 || VG_(debugLog_getLevel)() >= 1) {
-       Int i;
-       vki_sigset_t cursigset;
diff --git a/valgrind-3.9.0-msghdr.patch b/valgrind-3.9.0-msghdr.patch
deleted file mode 100644
index 85f18da..0000000
--- a/valgrind-3.9.0-msghdr.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-commit d67f20debc80ad98c76b0edb8fc44002ca9ea0cd
-Author: Mark Wielaard <mjw@redhat.com>
-Date:   Tue May 13 15:07:52 2014 +0200
-
-    Use safe_to_deref in coregrind syswrap-generic.c (msghdr_foreachfield).
-    
-    Call ML_(safe_to_deref) before using msghdr msg_name, msg_iov or msg_control.
-    Fixes bug #334705.
-
-diff --git a/coregrind/m_syswrap/syswrap-generic.c b/coregrind/m_syswrap/syswrap-generic.c
-index cdf64ea..f1207f4 100644
---- a/coregrind/m_syswrap/syswrap-generic.c
-+++ b/coregrind/m_syswrap/syswrap-generic.c
-@@ -951,13 +951,15 @@ void msghdr_foreachfield (
-    if ( recv )
-       foreach_func ( tid, False, fieldName, (Addr)&msg->msg_flags, sizeof( msg->msg_flags ) );
- 
--   if ( msg->msg_name ) {
-+   if ( ML_(safe_to_deref)(&msg->msg_name, sizeof (void *))
-+        && msg->msg_name ) {
-       VG_(sprintf) ( fieldName, "(%s.msg_name)", name );
-       foreach_func ( tid, False, fieldName, 
-                      (Addr)msg->msg_name, msg->msg_namelen );
-    }
- 
--   if ( msg->msg_iov ) {
-+   if ( ML_(safe_to_deref)(&msg->msg_iov, sizeof (void *))
-+        && msg->msg_iov ) {
-       struct vki_iovec *iov = msg->msg_iov;
-       UInt i;
- 
-@@ -975,7 +977,8 @@ void msghdr_foreachfield (
-       }
-    }
- 
--   if ( msg->msg_control ) 
-+   if ( ML_(safe_to_deref) (&msg->msg_control, sizeof (void *))
-+        && msg->msg_control )
-    {
-       VG_(sprintf) ( fieldName, "(%s.msg_control)", name );
-       foreach_func ( tid, False, fieldName, 
diff --git a/valgrind-3.9.0-ppc64-ifunc.patch b/valgrind-3.9.0-ppc64-ifunc.patch
deleted file mode 100644
index 2bc9be7..0000000
--- a/valgrind-3.9.0-ppc64-ifunc.patch
+++ /dev/null
@@ -1,32 +0,0 @@
---- valgrind/coregrind/vg_preloaded.c	(revision 14128)
-+++ valgrind/coregrind/vg_preloaded.c	(working copy)
-@@ -77,17 +77,28 @@
- {
-     OrigFn fn;
-     Addr result = 0;
-+    Addr fnentry;
- 
-     /* Call the original indirect function and get it's result */
-     VALGRIND_GET_ORIG_FN(fn);
-     CALL_FN_W_v(result, fn);
- 
-+#if defined(VGP_ppc64_linux)
-+   /* ppc64 uses function descriptors, so get the actual function entry
-+      address for the client request, but return the function descriptor
-+      from this function. */
-+    UWord *descr = (UWord*)result;
-+    fnentry = (void*)(descr[0]);
-+#else
-+    fnentry = result;
-+#endif
-+
-     /* Ask the valgrind core running on the real CPU (as opposed to this
-        code which runs on the emulated CPU) to update the redirection that
-        led to this function. This client request eventually gives control to
-        the function VG_(redir_add_ifunc_target) in m_redir.c  */
-     VALGRIND_DO_CLIENT_REQUEST_STMT(VG_USERREQ__ADD_IFUNC_TARGET,
--                                    fn.nraddr, result, 0, 0, 0);
-+                                    fn.nraddr, fnentry, 0, 0, 0);
-     return (void*)result;
- }
- 
diff --git a/valgrind.spec b/valgrind.spec
index 103bb30..cbfb401 100644
--- a/valgrind.spec
+++ b/valgrind.spec
@@ -1,12 +1,12 @@
 %{?scl:%scl_package valgrind}
 
-%define svn_date 20140513
-%define svn_rev 13961
+%define svn_date 20140715
+%define svn_rev 14165
 
 Summary: Tool for finding memory management bugs in programs
 Name: %{?scl_prefix}valgrind
 Version: 3.9.0
-Release: 17.svn%{?svn_date}r%{?svn_rev}%{?dist}
+Release: 18.svn%{?svn_date}r%{?svn_rev}%{?dist}
 Epoch: 1
 License: GPLv2+
 URL: http://www.valgrind.org/
@@ -57,17 +57,6 @@ Patch4: valgrind-3.9.0-ldso-supp.patch
 # KDE#327943 - s390x missing index/strchr suppression for ld.so bad backtrace?
 Patch5: valgrind-3.9.0-s390x-ld-supp.patch
 
-# KDE#334705 - sendmsg and recvmsg should guard against bogus msghdr fields
-Patch6: valgrind-3.9.0-msghdr.patch
-
-# KDE#334727 - Build fails with -Werror=format-security
-Patch7: valgrind-3.9.0-format-security.patch
-
-Patch8: valgrind-3.9.0-aarch64-glibc-2.19.90-gcc-4.9.patch
-
-# KDE#337094 - ifunc wrapper is broken on ppc64
-Patch9: valgrind-3.9.0-ppc64-ifunc.patch
-
 %if %{build_multilib}
 # Ensure glibc{,-devel} is installed for both multilib arches
 BuildRequires: /lib/libc.so.6 /usr/lib/libc.so /lib64/libc.so.6 /usr/lib64/libc.so
@@ -172,11 +161,6 @@ Valgrind User Manual for details.
 %patch5 -p1
 %endif
 
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
-%patch9 -p1
-
 %build
 # We need to use the software collection compiler and binutils if available.
 # The configure checks might otherwise miss support for various newer
@@ -330,6 +314,13 @@ echo ===============END TESTING===============
 %endif
 
 %changelog
+* Tue Jul 15 2014 Mark Wielaard <mjw@redhat.com> 3.9.0-18.svn20140715r14165
+- Update to upstream svn r14165.
+- Remove valgrind-3.9.0-ppc64-ifunc.patch.
+- Remove valgrind-3.9.0-aarch64-glibc-2.19.90-gcc-4.9.patch
+- Remove valgrind-3.9.0-format-security.patch
+- Remove valgrind-3.9.0-msghdr.patch
+
 * Fri Jul  4 2014 Mark Wielaard <mjw@redhat.com> 3.9.0-17.svn20140513r13961
 - Remove ppc multilib support (#1116110)
 - Add valgrind-3.9.0-ppc64-ifunc.patch