[Bug binutils/28144] [2.37 regression] binutils build compile zero-sized mans (probably due to extra --no-split option)
https://sourceware.org/bugzilla/show_bug.cgi?id=28144 --- Comment #5 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Nick Clifton : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=88ae41e17980533927f98339bcb40015522f06c4 commit 88ae41e17980533927f98339bcb40015522f06c4 Author: Nick Clifton Date: Tue Aug 31 11:19:56 2021 +0100 Update the how-to-make-a-release document so that a check for empty manual pages is included. cf PR 28144 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28295] New: [c++filt] Stack overflow in demangle_path
https://sourceware.org/bugzilla/show_bug.cgi?id=28295 Bug ID: 28295 Summary: [c++filt] Stack overflow in demangle_path Product: binutils Version: unspecified Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: irfanariq at kaist dot ac.kr Target Milestone: --- Created attachment 13641 --> https://sourceware.org/bugzilla/attachment.cgi?id=13641&action=edit poc and full stack trace Hello, We are currently working on fuzz testing feature, and we found a crash on c++filt. The stack traces are as follow: ==617==ERROR: AddressSanitizer: stack-overflow on address 0x7fffe1fa7ff8 (pc 0x555911cd5385 bp 0x7fffe1fa8140 sp 0x7fffe1fa8000 T0) #0 0x555911cd5384 in demangle_path rust-demangle.c:674 #1 0x555911cd5e48 in demangle_path rust-demangle.c:774 #2 0x555911cd56a1 in demangle_path rust-demangle.c:696 #3 0x555911cd5e48 in demangle_path rust-demangle.c:774 #4 0x555911cd56a1 in demangle_path rust-demangle.c:696 ... #247 0x555911cd5e48 in demangle_path rust-demangle.c:774 #248 0x555911cd56a1 in demangle_path rust-demangle.c:696 #249 0x555911cd5e48 in demangle_path rust-demangle.c:774 #250 0x555911cd56a1 in demangle_path rust-demangle.c:696 We also attach the full stack trace in the attachment. **Step to reproduce** We configured c++filt using $ CFLAGS="-g -O0 -fsanitize=address" ./configure --disable-shared --enable-targets=all ,and built it using $ make -j10; make install ,and run it with: $ ./c++filt @ The input file is in the attachment. **Environment** - OS: Ubuntu 18.04.5 LTS - GCC version: gcc 7.5.0 - binutils version: commit (7de7786bb7db5159fc8a7bfa3df72381ff16a38c) of master branch on sourceware git (https://sourceware.org/git/?p=binutils-gdb.git;a=tree;h=7de7786bb7db5159fc8a7bfa3df72381ff16a38c;hb=7de7786bb7db5159fc8a7bfa3df72381ff16a38c) Thank you. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28296] New: [nm] Stack overflow in demangler_path
https://sourceware.org/bugzilla/show_bug.cgi?id=28296 Bug ID: 28296 Summary: [nm] Stack overflow in demangler_path Product: binutils Version: unspecified Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: irfanariq at kaist dot ac.kr Target Milestone: --- Created attachment 13642 --> https://sourceware.org/bugzilla/attachment.cgi?id=13642&action=edit poc and full stack trace Hello, We are currently working on fuzz testing feature, and we found a stack overflow error on nm. The stack traces are as follow: ==618==ERROR: AddressSanitizer: stack-overflow on address 0x7fff51a74ea8 (pc 0x7f55b9e42509 bp 0x7fff51a75710 sp 0x7fff51a74e80 T0) #0 0x7f55b9e42508 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x79508) #1 0x5592e730643c in str_buf_append rust-demangle.c:1493 #2 0x5592e7306483 in str_buf_demangle_callback rust-demangle.c:1500 #3 0x5592e72fffc4 in print_str rust-demangle.c:273 #4 0x5592e7302b82 in demangle_path rust-demangle.c:746 #5 0x5592e7302c00 in demangle_path rust-demangle.c:756 #6 0x5592e7303d65 in demangle_type rust-demangle.c:1031 #7 0x5592e7303cd3 in demangle_type rust-demangle.c:1024 #8 0x5592e7303348 in demangle_type rust-demangle.c:903 #9 0x5592e7302b91 in demangle_path rust-demangle.c:747 #10 0x5592e7302c00 in demangle_path rust-demangle.c:756 #11 0x5592e7303d65 in demangle_type rust-demangle.c:1031 #12 0x5592e7303cd3 in demangle_type rust-demangle.c:1024 #13 0x5592e7303348 in demangle_type rust-demangle.c:903 #14 0x5592e7302b91 in demangle_path rust-demangle.c:747 #15 0x5592e7302c00 in demangle_path rust-demangle.c:756 ... The full stack trace is attached. **Step to reproduce** We configured nm using $ CFLAGS="-g -O0 -fsanitize=address" ./configure --disable-shared --enable-targets=all , and built it using $ make -j10; make install , and run it with: $ ./nm -C The input file is attached. **Environment** - OS: Ubuntu 18.04.5 LTS - GCC version: gcc 7.5.0 - binutils version: commit (7de7786bb7db5159fc8a7bfa3df72381ff16a38c) of master branch on sourceware git (https://sourceware.org/git/?p=binutils-gdb.git;a=tree;h=7de7786bb7db5159fc8a7bfa3df72381ff16a38c;hb=7de7786bb7db5159fc8a7bfa3df72381ff16a38c) Thank you. -- You are receiving this mail because: You are on the CC list for the bug.
[PATCH binutils-gdb] Add support to eBPF atomic operations
eBPF atomic operations supported are: ADD, OR, AND,
XOR, CHG, CMP (compare and exchange). To keep backward
compatibility, atomic operations uses the same op-mode
that exchange and add operation.
Atomic instructions use f-imm32 to represent the opcode
as an extra encoding, a new f-op-atomic operand field was
declared with its offset member in zero and length in 32
bits allowing be used by CGEN as a constant value computing
in a right way the mask/value along with the class, size
and mode field operands, f-op-atomic contains the atomic
operation and it's endianness dependent:
63 39 32 317 0
+---+-+--+-+
| | | | |
+---+-+--+-+
||
|+--> OP_MODE_ATOMIC |
| OP_CLASS_STX |
| OP_SIZE_{DW | W}
+---> OP_ATOMIC_XX{ADD,OR,AND, ..}
Atomic instructions has the BPF_FETCH bit set, allowing be
fully compliant with gcc __atomic built-in functions.
Regression tests to the following targets were done:
bpf arm-linuxeabi arm-nacl arm-netbsdelf arm-nto arm-pe
arm-symbianelf arm-vxworks arm-wince-pe aarch64-linux alpha-dec-vms
alpha-linux alpha-linuxecoff alpha-netbsd alpha-unknown-freebsd4.7
am33_2.0-linux arc-linux-uclibc avr-elf bfin-elf cr16-elf cris-elf
crisv32-linux crx-elf d10v-elf d30v-elf dlx-elf epiphany-elf fr30-elf
frv-elf frv-linux ft32-elf h8300-elf hppa-linux hppa-hp-hpux10
hppa64-hp-hpux11.23 hppa64-linux mips-linux mips-vxworks mips64-linux
mipsel-linux-gnu mipsisa32el-linux mips64-openbsd mipstx39-elf
ia64-elf ia64-freebsd5 ia64-hpux ia64-linux ia64-netbsd ia64-vms
ip2k-elf iq2000-elf lm32-elf m32c-elf m32r-elf m68hc11-elf
m68hc12-elf m68k-elf m68k-linux m68k-netbsd mcore-elf mcore-pe
mep-elf metag-linux microblaze-elf mmix mn10200-elf mn10300-elf
moxie-elf ms1-elf msp430-elf mt-elf nds32le-elf nios2-linux or1k-elf
pdp11-dec-aout pj-elf powerpc-eabisim powerpc-eabivle powerpc-linux
powerpc-nto powerpc-wrs-vxworks powerpc64-linux powerpcle-cygwin
powerpcle-elf powerpc64le-linux ppc-lynxos pru-elf riscv32-elf
riscv64-elf rl78-elf rs6000-aix4.3.3 rs6000-aix5.1 rx-elf s390-linux
s390x-linux score-elf sh-linux sh-nto sh-pe sh-rtems sh-vxworks
shl-unknown-netbsdelf sparc-aout sparc-linux sparc-vxworks
sparc64-linux sparc-sun-solaris2.12 spu-elf tic30-unknown-aout
tic30-unknown-coff tic4x-coff tic54x-coff tic6x-elf tilegx-linux
tilepro-linux v850-elf vax-netbsdelf visium-elf i386-darwin
i386-lynxos i586-linux i686-nacl i686-pc-beos i686-pc-elf i686-pe
i686-vxworks x86_64-linux x86_64-w64-mingw32 x86_64-nacl xgate-elf
xstormy16-elf xtensa-elf z8k-coff z80-coff.
This patch relies on the functionality implemented in CGEN patch:
'Compute correct mask and values when offset in define-ifield is not 0.'
If an instruction field is defined in a long form, assigning
an offset different to 0 the mask and constant values are not
computed appropriately.
https://sourceware.org/pipermail/cgen/2021q3.txt
cpu/
* bpf.cpu (f-op-atomic): Define field for eBPF atomic (extra) opcodes.
(h-r0): Used by sim in compare and exchange eBPF atomic operation
(insn-atomic-op-XX): eBPF opcodes in BE and LE.
(insn-op-mode): Update code field (mode sub-field) to ATOMIC.
(define-callc-call-insn): Add a 'callc' instruction, CGEN now is
taking (f-regs) in the right place/value when mask/value is computed.
(dais): Add p-macro to expand eBPF atomics definitions.
gas/
* testsuite/gas/bpf/atomic-be.d: Adding eBPF atomic instructions.
* testsuite/gas/bpf/atomic.d: Likewise.
* testsuite/gas/bpf/atomic.s: Likewise.
include/
* opcode/cgen.h: Replace data from CGEN_INSN_INT by CGEN_INSN_LGUINT.
opcodes/
* cgen-dis.in: Replace data from CGEN_INSN_INT by CGEN_INSN_LGUINT.
* cgen-opc.c: Likewise.
* bpf-desc.c: Regenerate.
* bpf-desc.h: Likewise.
* bpf-opc.c: Likewise.
* bpf-opc.h: Likewise.
* bpf-dis.c: Likewise.
---
cpu/ChangeLog | 10 ++
cpu/bpf.cpu | 172 +++--
gas/ChangeLog | 6 +
gas/testsuite/gas/bpf/atomic-be.d | 14 ++-
gas/testsuite/gas/bpf/atomic.d| 14 ++-
gas/testsuite/gas/bpf/atomic.s| 11 +-
include/ChangeLog | 4 +
include/opcode/cgen.h | 12 +-
opcodes/bpf-desc.c| 112 +
opcodes/bpf-desc.h| 26 ++--
opcodes/bpf-dis.c | 2 +-
opcodes/bpf-opc.c | 202 +-
opcodes/bpf-opc.h | 14 ++-
opcodes/cgen-dis.c| 6 +-
opcodes/cgen-dis.in | 2 +-
opcodes/cgen-opc
[Bug binutils/28295] [c++filt] Stack overflow in demangle_path
https://sourceware.org/bugzilla/show_bug.cgi?id=28295 Alan Modra changed: What|Removed |Added Resolution|--- |MOVED Assignee|unassigned at sourceware dot org |amodra at gmail dot com Status|UNCONFIRMED |RESOLVED --- Comment #1 from Alan Modra --- Please report this bug to the owning project for libiberty, https://gcc.gnu.org/bugzilla/ -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28296] [nm] Stack overflow in demangler_path
https://sourceware.org/bugzilla/show_bug.cgi?id=28296 Alan Modra changed: What|Removed |Added Resolution|--- |MOVED Assignee|unassigned at sourceware dot org |amodra at gmail dot com Status|UNCONFIRMED |RESOLVED --- Comment #1 from Alan Modra --- As for pr28295, please report this to the gcc project. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28250] Null pointer dereference in objdump (debug.c -> debug_class_type_samep)
https://sourceware.org/bugzilla/show_bug.cgi?id=28250 Alan Modra changed: What|Removed |Added Ever confirmed|0 |1 Last reconfirmed||2021-09-01 Assignee|unassigned at sourceware dot org |amodra at gmail dot com Status|UNCONFIRMED |ASSIGNED --- Comment #1 from Alan Modra --- Thanks, yes this looks like a typo. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28250] Null pointer dereference in objdump (debug.c -> debug_class_type_samep)
https://sourceware.org/bugzilla/show_bug.cgi?id=28250 --- Comment #2 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Alan Modra : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=64cb17196c7b2365ec152991235e686e6dc27a18 commit 64cb17196c7b2365ec152991235e686e6dc27a18 Author: Alan Modra Date: Wed Sep 1 10:06:08 2021 +0930 PR28250, Null pointer dereference in debug_class_type_samep Typo fix, obviously should be m1->variants != NULL, not m1->variants == NULL. PR 28250 * debug.c (debug_class_type_samep): Correct m1->variants test. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27854] heap-buffer-overflow on objdump -D
https://sourceware.org/bugzilla/show_bug.cgi?id=27854 --- Comment #3 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Alan Modra : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=90f56146e5748bab6baca97b1470bbd144ae10e8 commit 90f56146e5748bab6baca97b1470bbd144ae10e8 Author: Yinjun Zhang Date: Wed Aug 25 21:01:17 2021 -0400 nfp: add validity check of island and me AddressSanitizer detects heap-buffer-overflow when running "objdump -D" for nfp .nffw files. PR 27854 * nfp-dis.c (_NFP_ISLAND_MAX, _NFP_ME_MAX): Define. (nfp_priv_data): ..and use here. (_print_instrs): Sanity check island and menum. Signed-off-by: Yinjun Zhang Signed-off-by: Simon Horman -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28250] Null pointer dereference in objdump (debug.c -> debug_class_type_samep)
https://sourceware.org/bugzilla/show_bug.cgi?id=28250 Alan Modra changed: What|Removed |Added Status|ASSIGNED|RESOLVED Target Milestone|--- |2.38 Resolution|--- |FIXED --- Comment #3 from Alan Modra --- Fixed -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27854] heap-buffer-overflow on objdump -D
https://sourceware.org/bugzilla/show_bug.cgi?id=27854 Alan Modra changed: What|Removed |Added Target Milestone|--- |2.38 Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #4 from Alan Modra --- Patch applied -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/28264] [2.37 Regression] ld.bfd crashes on linking efivar with LTO
https://sourceware.org/bugzilla/show_bug.cgi?id=28264 Alan Modra changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #9 from Alan Modra --- Fixed -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/28217] Syntax error when memory region contains a hyphen
https://sourceware.org/bugzilla/show_bug.cgi?id=28217 Alan Modra changed: What|Removed |Added Resolution|--- |FIXED Status|ASSIGNED|RESOLVED Target Milestone|--- |2.38 --- Comment #5 from Alan Modra --- Commit 4ffb22ec4040 and a3e8dd2ad3bc are also necessary to fix this bug. -- You are receiving this mail because: You are on the CC list for the bug.
