[Bug binutils/28186] New: AddressSanitizer: SEGV /home/tai/CVEs/binutils-2.37/bfd/elf.c:7991:30 in _bfd_elf_fixup_group_sections
https://sourceware.org/bugzilla/show_bug.cgi?id=28186 Bug ID: 28186 Summary: AddressSanitizer: SEGV /home/tai/CVEs/binutils-2.37/bfd/elf.c:7991:30 in _bfd_elf_fixup_group_sections Product: binutils Version: 2.37 Status: UNCONFIRMED Severity: critical Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: duytai.cse at gmail dot com Target Milestone: --- Created attachment 13590 --> https://sourceware.org/bugzilla/attachment.cgi?id=13590&action=edit input file I execute following command: ./strip-new id:00 -o /dev/null OUTPUT --- ./strip-new: id:00: invalid entry in SHT_GROUP section [15] ./strip-new: id:00: invalid entry in SHT_GROUP section [15] ./strip-new: id:00: no group info for section '.hnu.' ./strip-new: id:00: warning: secondary relocation section '.hnu.' for section .hnu. found - ignoring ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) elf.c:7991:25: runtime error: member access within null pointer of type 'struct bfd_section' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior elf.c:7991:25 in AddressSanitizer:DEADLYSIGNAL = ==423909==ERROR: AddressSanitizer: SEGV on unknown address 0x0040 (pc 0x009d820c bp 0x7ffc6fc347f0 sp 0x7ffc6fc34770 T0) ==423909==The signal is caused by a WRITE memory access. ==423909==Hint: address points to the zero page. #0 0x9d820c in _bfd_elf_fixup_group_sections /home/tai/CVEs/binutils-2.37/bfd/elf.c:7991:30 #1 0x9d97f2 in _bfd_elf_copy_private_header_data /home/tai/CVEs/binutils-2.37/bfd/elf.c:8024:10 #2 0x4e7795 in setup_bfd_headers /home/tai/CVEs/binutils-2.37/binutils/objcopy.c:3981:9 #3 0x4e7795 in copy_object /home/tai/CVEs/binutils-2.37/binutils/objcopy.c:2822:5 #4 0x4df7fd in copy_file /home/tai/CVEs/binutils-2.37/binutils/objcopy.c:3866:13 #5 0x4c64e7 in strip_main /home/tai/CVEs/binutils-2.37/binutils/objcopy.c:4856:7 #6 0x4c64e7 in main /home/tai/CVEs/binutils-2.37/binutils/objcopy.c:6052:5 #7 0x7f46fe8dd0b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16 #8 0x41c5ed in _start (/home/tai/CVEs/binutils-2.37/binutils/strip-new+0x41c5ed) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/tai/CVEs/binutils-2.37/bfd/elf.c:7991:30 in _bfd_elf_fixup_group_sections ==423909==ABORTING -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28187] New: AddressSanitizer: SEGV /home/tai/CVEs/binutils-2.37/bfd/elf.c:7991:30 in _bfd_elf_fixup_group_sections
https://sourceware.org/bugzilla/show_bug.cgi?id=28187 Bug ID: 28187 Summary: AddressSanitizer: SEGV /home/tai/CVEs/binutils-2.37/bfd/elf.c:7991:30 in _bfd_elf_fixup_group_sections Product: binutils Version: 2.37 Status: UNCONFIRMED Severity: critical Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: duytai.cse at gmail dot com Target Milestone: --- Created attachment 13591 --> https://sourceware.org/bugzilla/attachment.cgi?id=13591&action=edit id:00 I execute following command: ./strip-new id\:00 -o /dev/null -OUTPUT ./strip-new: id:00: invalid entry in SHT_GROUP section [15] ./strip-new: id:00: invalid entry in SHT_GROUP section [15] ./strip-new: id:00: no group info for section '.hnu.' ./strip-new: id:00: warning: secondary relocation section '.hnu.' for section .hnu. found - ignoring ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) ./strip-new: id:00: attempt to load strings from a non-string section (number 0) elf.c:7991:25: runtime error: member access within null pointer of type 'struct bfd_section' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior elf.c:7991:25 in AddressSanitizer:DEADLYSIGNAL = ==423909==ERROR: AddressSanitizer: SEGV on unknown address 0x0040 (pc 0x009d820c bp 0x7ffc6fc347f0 sp 0x7ffc6fc34770 T0) ==423909==The signal is caused by a WRITE memory access. ==423909==Hint: address points to the zero page. #0 0x9d820c in _bfd_elf_fixup_group_sections /home/tai/CVEs/binutils-2.37/bfd/elf.c:7991:30 #1 0x9d97f2 in _bfd_elf_copy_private_header_data /home/tai/CVEs/binutils-2.37/bfd/elf.c:8024:10 #2 0x4e7795 in setup_bfd_headers /home/tai/CVEs/binutils-2.37/binutils/objcopy.c:3981:9 #3 0x4e7795 in copy_object /home/tai/CVEs/binutils-2.37/binutils/objcopy.c:2822:5 #4 0x4df7fd in copy_file /home/tai/CVEs/binutils-2.37/binutils/objcopy.c:3866:13 #5 0x4c64e7 in strip_main /home/tai/CVEs/binutils-2.37/binutils/objcopy.c:4856:7 #6 0x4c64e7 in main /home/tai/CVEs/binutils-2.37/binutils/objcopy.c:6052:5 #7 0x7f46fe8dd0b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16 #8 0x41c5ed in _start (/home/tai/CVEs/binutils-2.37/binutils/strip-new+0x41c5ed) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/tai/CVEs/binutils-2.37/bfd/elf.c:7991:30 in _bfd_elf_fixup_group_sections ==423909==ABORTING -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28156] rename.c doesn't compile with MinGW
https://sourceware.org/bugzilla/show_bug.cgi?id=28156 --- Comment #3 from Eli Zaretskii --- (In reply to Alan Modra from comment #2) > Somewhat different patch committed to mainline. Please verify that it works > for you on mingw, and then I'll commit it on the branch too. Thanks, that patch works for me. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28158] nm --dynamic and readelf --dyn-syms vs. copy reloc symbols
https://sourceware.org/bugzilla/show_bug.cgi?id=28158 --- Comment #3 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by H.J. Lu : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f897689c880ed1049b708e6c1f9745c8604808e3 commit f897689c880ed1049b708e6c1f9745c8604808e3 Author: H.J. Lu Date: Sun Aug 1 07:26:20 2021 -0700 elf: Treat undefined version as hidden Since undefined version can't be used to resolve any references without the original definition, treat it as hidden. bfd/ PR binutils/28158 * elf.c (_bfd_elf_get_symbol_version_string): Treat undefined version as hidden. ld/ PR binutils/28158 * testsuite/ld-elf/linux-x86.exp: Run PR binutils/28158 tests. * testsuite/ld-elf/pr28158-1.c: New file. * testsuite/ld-elf/pr28158-2.S: Likewise. * testsuite/ld-elf/pr28158.nd: Likewise. * testsuite/ld-elf/pr28158.rd: Likewise. * testsuite/ld-elf/pr28158.t: Likewise. * testsuite/ld-elfvers/vers2.dsym: Updated. * testsuite/ld-elfvers/vers3.dsym: Likewise. * testsuite/ld-elfvers/vers6.dsym: Likewise. * testsuite/ld-elfvers/vers19.dsym: Likewise. * testsuite/ld-elfvers/vers22.dsym: Likewise. * testsuite/ld-elfvers/vers23.dsym: Likewise. * testsuite/ld-elfvers/vers23d.dsym: Likewise. * testsuite/ld-elfvers/vers27d4.dsym: Likewise. * testsuite/ld-elfvers/vers28c.dsym: Likewise. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28158] nm --dynamic and readelf --dyn-syms vs. copy reloc symbols
https://sourceware.org/bugzilla/show_bug.cgi?id=28158 H.J. Lu changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED Target Milestone|--- |2.38 --- Comment #4 from H.J. Lu --- Fixed for 2.38. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28156] rename.c doesn't compile with MinGW
https://sourceware.org/bugzilla/show_bug.cgi?id=28156 --- Comment #4 from cvs-commit at gcc dot gnu.org --- The binutils-2_37-branch branch has been updated by Alan Modra : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2e8e5a93a17ed97927d8ee968182994db1c915e0 commit 2e8e5a93a17ed97927d8ee968182994db1c915e0 Author: Alan Modra Date: Wed Aug 4 14:44:08 2021 +0930 PR28156, rename.c doesn't compile with MinGW Guard against lack of struct timespec definition. PR 28156 * rename.c (get_stat_atime, get_stat_mtime): Don't compile unless HAVE_UTIMENSAT is defined. (cherry picked from commit 47fcfcbadce36c7ccc00c69b4c80717a0d6b9288) -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28156] rename.c doesn't compile with MinGW
https://sourceware.org/bugzilla/show_bug.cgi?id=28156 Alan Modra changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #5 from Alan Modra --- Fixed -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28162] Segment fault on `objdump -S`
https://sourceware.org/bugzilla/show_bug.cgi?id=28162 Alan Modra changed: What|Removed |Added Resolution|--- |FIXED Assignee|unassigned at sourceware dot org |amodra at gmail dot com Status|UNCONFIRMED |RESOLVED --- Comment #1 from Alan Modra --- Fixed with commit 0613c3306cc7 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gold/28192] New: powerpc64le: gold generates wrong address with a relocation of symbol+offset@got@pcrel
https://sourceware.org/bugzilla/show_bug.cgi?id=28192
Bug ID: 28192
Summary: powerpc64le: gold generates wrong address with a
relocation of symbol+offset@got@pcrel
Product: binutils
Version: 2.36.1
Status: NEW
Severity: normal
Priority: P2
Component: gold
Assignee: ccoutant at gmail dot com
Reporter: tuliom at ascii dot art.br
CC: ian at airs dot com
Target Milestone: ---
I can reproduce this issue with the following:
$ cat test.c
/* Build with: gcc -shared -fuse-ld=gold -mcpu=power10 test.c -o libtest.so*/
#include
int
foo (int a, int b)
{
return a + b;
}
int
bar ()
{
void *p;
asm volatile ("pld %0,foo+16@got@pcrel" : "=r" (p));
printf ("foo() is at address%p\n", &foo);
printf ("foo()+16 is at address %p\n", p);
return 0;
}
$ cat main.c
/* Build with: gcc main.c -o main -L. -ltest
Run with: LD_LIBRARY_PATH=$(pwd) ./main */
extern int bar();
int
main ()
{
return bar();
}
Then we get:
$ LD_LIBRARY_PATH=$(pwd) ./main
foo() is at address0x77f40780
foo()+16 is at address 0x77f40780
We get the expected output when ld.bfd is used to link libtest.so:
$ LD_LIBRARY_PATH=$(pwd) ./main
foo() is at address0x77f40740
foo()+16 is at address 0x77f40750
--
You are receiving this mail because:
You are on the CC list for the bug.
[Bug gold/28192] powerpc64le: gold generates wrong address with a relocation of symbol+offset@got@pcrel
https://sourceware.org/bugzilla/show_bug.cgi?id=28192 Tulio Magno Quites Machado Filho changed: What|Removed |Added CC||amodra at gmail dot com, ||bergner at linux dot ibm.com -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gold/28192] powerpc64le: gold generates wrong address with a relocation of symbol+offset@got@pcrel
https://sourceware.org/bugzilla/show_bug.cgi?id=28192 --- Comment #1 from Andreas Schwab --- Does the addend in a GOT relocation actually have a useful meaning? -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gold/28192] powerpc64le: gold generates wrong address with a relocation of symbol+offset@got@pcrel
https://sourceware.org/bugzilla/show_bug.cgi?id=28192 Alan Modra changed: What|Removed |Added Assignee|ccoutant at gmail dot com |amodra at gmail dot com CC|amodra at gmail dot com| --- Comment #2 from Alan Modra --- (In reply to Andreas Schwab from comment #1) > Does the addend in a GOT relocation actually have a useful meaning? For most ABIs, no. ppc64 however is supposed to support it. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28165] objdump: global-buffer-overflow on rx_info_to_howto_rela in elf32-rx.c
https://sourceware.org/bugzilla/show_bug.cgi?id=28165 Alan Modra changed: What|Removed |Added Status|UNCONFIRMED |ASSIGNED Assignee|unassigned at sourceware dot org |amodra at gmail dot com Ever confirmed|0 |1 Last reconfirmed||2021-08-05 -- You are receiving this mail because: You are on the CC list for the bug.
