[Bug ld/23030] --gc-sections on ia64 removes needed unwind sections

[glaubitz at physik dot fu-berlin.de]

https://sourceware.org/bugzilla/show_bug.cgi?id=23030

John Paul Adrian Glaubitz  changed:

   What|Removed |Added

 CC||glaubitz at physik dot 
fu-berlin.d
   ||e

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug ld/23030] New: --gc-sections on ia64 removes needed unwind sections

[jason.duerstock at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=23030

Bug ID: 23030
   Summary: --gc-sections on ia64 removes needed unwind sections
   Product: binutils
   Version: 2.31 (HEAD)
Status: UNCONFIRMED
  Severity: normal
  Priority: P2
 Component: ld
  Assignee: unassigned at sourceware dot org
  Reporter: jason.duerstock at gmail dot com
  Target Milestone: ---

After enabling --gc-sections on ia64, it appeared that things functioned
properly.  However, after rebuilding gcc, it was clear that something broke in
libstdc++6.  After rebuilding gcc with --print-gc-sections, the following
snippet appeared to clarify the situation:

/usr/bin/ia64-linux-gnu-ld: Removing unused section
'.IA_64.unwind_info.text.__cxa_throw' in file
'../libsupc++/.libs/libsupc++convenience.a(eh_throw.o)'
/usr/bin/ia64-linux-gnu-ld: Removing unused section
'.IA_64.unwind.text.__cxa_throw' in file
'../libsupc++/.libs/libsupc++convenience.a(eh_throw.o)'

Both of these sections need to be kept for functions that are not removed.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug gold/23016] assert in output.h on mix of .eh_frame types for x86_64

[ccoutant at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=23016

Cary Coutant  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 Resolution|--- |FIXED

--- Comment #3 from Cary Coutant  ---
Fixed on trunk.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/23025] inconsistent disassemble of vcvtpd2dq

[cvs-commit at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=23025

--- Comment #5 from cvs-commit at gcc dot gnu.org  ---
The gdb-8.1-branch branch has been updated by H.J. Lu :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f13be04ec6cc83947d8c4997aa48296a915b637f

commit f13be04ec6cc83947d8c4997aa48296a915b637f
Author: H.J. Lu 
Date:   Wed Apr 4 04:36:44 2018 -0700

i386: Clear vex instead of vex.evex

"vex" has many fields to control how to decode an instruction.  Clear
all fields in "vex" before decoding an instruction to avoid using values
left from the previous instruction.

gas/

PR gdb/23028
PR binutils/23025
* testsuite/gas/i386/prefix.s: Add tests for vcvtpd2dq with
VEX and EVEX prefixes.
* testsuite/gas/i386/prefix.d: Updated.

opcodes/

PR gdb/23028
PR binutils/23025
* i386-dis.c (get_valid_dis386): Don't set vex.prefix nor vex.w
to 0.
(print_insn): Clear vex instead of vex.evex.

(cherry picked from commit caf0678c84b5b55fbc4bcc853954745a4ad8b658)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/23025] inconsistent disassemble of vcvtpd2dq

[hjl.tools at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=23025

H.J. Lu  changed:

   What|Removed |Added

   See Also||https://sourceware.org/bugz
   ||illa/show_bug.cgi?id=23028

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/23025] inconsistent disassemble of vcvtpd2dq

[cvs-commit at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=23025

--- Comment #3 from cvs-commit at gcc dot gnu.org  ---
The binutils-2_30-branch branch has been updated by H.J. Lu
:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aa15ca261023bb03b22a356787786aa5521ce2f8

commit aa15ca261023bb03b22a356787786aa5521ce2f8
Author: H.J. Lu 
Date:   Wed Apr 4 04:36:44 2018 -0700

i386: Clear vex instead of vex.evex

"vex" has many fields to control how to decode an instruction.  Clear
all fields in "vex" before decoding an instruction to avoid using values
left from the previous instruction.

gas/

PR binutils/23025
* testsuite/gas/i386/prefix.s: Add tests for vcvtpd2dq with
VEX and EVEX prefixes.
* testsuite/gas/i386/prefix.d: Updated.

opcodes/

PR binutils/23025
* i386-dis.c (get_valid_dis386): Don't set vex.prefix nor vex.w
to 0.
(print_insn): Clear vex instead of vex.evex.

(cherry picked from commit caf0678c84b5b55fbc4bcc853954745a4ad8b658)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/23025] inconsistent disassemble of vcvtpd2dq

[hjl.tools at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=23025

H.J. Lu  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED
   Target Milestone|--- |2.31

--- Comment #4 from H.J. Lu  ---
Fixed on master and 2.30 branch.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/23008] Stack Overflow(Stack Exhaustion) in demangle related functions

[matz at suse dot de]

https://sourceware.org/bugzilla/show_bug.cgi?id=23008

Michael Matz  changed:

   What|Removed |Added

 CC||matz at suse dot de

--- Comment #11 from Michael Matz  ---
All seems to work as designed.  The testcase contains a large number of 'F'
characters, and demangling each one of them entails:

5  0x005ec0f8 in demangle_nested_args (work=0x7fffd540,
mangled=0x7fffd2a0, 
declp=0x7f800050) at ../../libiberty/cplus-dem.c:4713
4713  result = demangle_args (work, mangled, declp);
#4  0x005ea8f9 in demangle_args (work=0x7fffd540,
mangled=0x7fffd2a0, declp=0x7f800050)
at ../../libiberty/cplus-dem.c:4659
4659  if (!do_arg (work, mangled, ))
#3  0x005eb99e in do_arg (work=0x7fffd540, mangled=0x7fffd2a0,
result=0x7f7ffbe0)
at ../../libiberty/cplus-dem.c:4332
4332  if (!do_type (work, mangled, work->previous_argument))
#2  0x005cbf15 in do_type (work=0x7fffd540, mangled=0x7fffd2a0,
result=0x603318d0)
at ../../libiberty/cplus-dem.c:3719
3719  if (!demangle_nested_args (work, mangled, )
#1  0x005ec0f8 in demangle_nested_args (work=0x7fffd540,
mangled=0x7fffd2a0, 
declp=0x7f7ff370) at ../../libiberty/cplus-dem.c:4713
4713  result = demangle_args (work, mangled, declp);

That progresses *mangled by one character.  When compiled with clang, the above
sequence of five calls needs 3296 bytes on the stack.  The testcase
contains more than 2542 'F' characters in a row, and together that needs more
than 8MB of stack, leading to the abort.

When compiled with GCC -fsanitize-address the above sequence only needs 912
bytes on stack (per 'F' character), so it progresses until 
(gdb) p *mangled
$10 = 0x78b6cc  'F' ...
before segfaulting due to stack overflow (with clang it only gets until
mbuffer+2550).

When compiled without sanitizer (with GCC) the above sequence of calls only
needs 400 bytes per stack.  The testcase contains 11586 'F' characters, so that
is within the normal stack limit and no problem occurs.

If the compiler is more clever (the above is with gcc-6 and -O0) then the
sequence of calls will need less stack space, and hence not reproduce the
problem.  I'm not sure if anything needs fixing, the demangler works as
designed, you ask it to demangle a nested structure that's 11000 levels deep,
and a stack overflow occurs.  As expected.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/23025] inconsistent disassemble of vcvtpd2dq

[cvs-commit at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=23025

--- Comment #2 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by H.J. Lu :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=caf0678c84b5b55fbc4bcc853954745a4ad8b658

commit caf0678c84b5b55fbc4bcc853954745a4ad8b658
Author: H.J. Lu 
Date:   Wed Apr 4 04:36:44 2018 -0700

i386: Clear vex instead of vex.evex

"vex" has many fields to control how to decode an instruction.  Clear
all fields in "vex" before decoding an instruction to avoid using values
left from the previous instruction.

gas/

PR binutils/23025
* testsuite/gas/i386/prefix.s: Add tests for vcvtpd2dq with
VEX and EVEX prefixes.
* testsuite/gas/i386/prefix.d: Updated.

opcodes/

PR binutils/23025
* i386-dis.c (get_valid_dis386): Don't set vex.prefix nor vex.w
to 0.
(print_insn): Clear vex instead of vex.evex.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/23027] New: Array Out-of-bound

[mishra.dhiraj95 at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=23027

Bug ID: 23027
   Summary: Array Out-of-bound
   Product: binutils
   Version: 2.25
Status: UNCONFIRMED
  Severity: normal
  Priority: P2
 Component: binutils
  Assignee: unassigned at sourceware dot org
  Reporter: mishra.dhiraj95 at gmail dot com
  Target Milestone: ---

Created attachment 10931
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10931=edit
Unique hang copied to POC

Hi Team, 

We found a unique hang while assessing binutils v2.25 using afl-fuzz.

Steps to reproduce:

./readelf -a POC

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils