https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96913
Sergei Trofimovich <slyfox at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |ASSIGNED
Last reconfirmed| |2020-09-06
Ever confirmed|0 |1
Assignee|unassigned at gcc dot gnu.org |slyfox at gcc dot
gnu.org
--- Comment #5 from Sergei Trofimovich <slyfox at gcc dot gnu.org> ---
(In reply to Sergei Trofimovich from comment #4)
> $ x86_64-pc-linux-gnu-nm tauthon | fgrep gcov_merge_top
> 000000000040387f t __gcov_merge_topn
> $ x86_64-pc-linux-gnu-nm libtauthon2.8.so.1.0 | fgrep gcov_merge_top
> 000000000029a202 t __gcov_merge_topn
>
> Don't know yet know where 'gi_ptr->merge' gets filled in to leak
> executable's symbol into binary.
Having looked at absolute addresses and address maps it's even more complicated
that that:
call trace:
tauthon : main()
-> libtauthon2.8.so.1.0 : execve()
->libtauthon2.8.so.1.0 : __gcov_execve()
->libtauthon2.8.so.1.0 : write_one_data()
There addresses of:
if (gi_ptr->merge[t_ix] == __gcov_merge_topn)
are:
- gi_ptr->merge[t_ix]: _struct.so:&__gcov_merge_topn
- __gcov_merge_topn: libtauthon2.8.so.1.0:&__gcov_merge_topn
Sent https://gcc.gnu.org/pipermail/gcc-patches/2020-September/553320.html for
review.
Claiming the bug.
