[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 Gabriel Ravier changed: What|Removed |Added CC||gabravier at gmail dot com -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 Sam James changed: What|Removed |Added See Also||https://gcc.gnu.org/bugzill ||a/show_bug.cgi?id=115498 CC||sam at gentoo dot org -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 Alan Modra changed: What|Removed |Added Version|2.36.1 |2.36 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 Shaohua Li changed: What|Removed |Added Resolution|WORKSFORME |FIXED -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 --- Comment #8 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Alan Modra : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0d872fca0293041a5cb7c54a4a04855323563d8e commit 0d872fca0293041a5cb7c54a4a04855323563d8e Author: Alan Modra Date: Tue May 11 17:57:04 2021 +0930 PR27836, readelf -w pointer comparison UB PR 27836 * dwarf.c (display_debug_frames): Don't compare pointers derived from user input. Test offset against bounds instead. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 --- Comment #7 from Shaohua Li --- A follow-up consequence is that since the guard in dwarf.c:8802 behaves differently in two binaries, `cie` would be different. In you check the final output, `cie=` values are also different. Even worse, `cie` field would change per run. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 --- Comment #6 from Shaohua Li --- In dwarf.c:8818 (cie_scan = look_for;), `look_for` now is actually a negative value (it's a pointer, so this's an integer overflow), so that `cie_scan` would be assigned an invalid address/value. There're a few follow-up uses of `cie_scan`, which are potentially dangerous. Nevertheless, a direct impact is the final outputs for two compiled binaries are different, which probably should be avoided as a program's semantics better be consistent across compilers. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 --- Comment #5 from Alan Modra --- The subject of your bug is "Illegal memory accessed". Where did this illegal memory access occur? -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 --- Comment #4 from Shaohua Li --- Hi Alan, I think you might have misunderstood me. There wouldn't be any segv with the poc file. I just would like to point out that gcc11 and clang12 compiled binaries would give out different results. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 Alan Modra changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|--- |WORKSFORME Assignee|unassigned at sourceware dot org |amodra at gmail dot com --- Comment #3 from Alan Modra --- The only way I could reproduce a readelf segv with your testcase and compilers I had available was to introduce an error in the source, replacing line 8802 with if (0 && look_for <= saved_start) I think you may have found a bug in clang12 rather than an error in readelf. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 --- Comment #2 from Shaohua Li --- Compiler: gcc11 & clang12 Platform: Ubuntu 20.04 LTS, x86_64 Summary: I compiled Binutils with gcc11 and clang12 separately, then run with `readelf -w poc`. I found that the last line in two outputs were different. For gcc11, it was: "0044 004e 100e4500 FDE..." For clang12, it was: "0044 100e4500 FDE..." Then I checked the source code and found that the guard in dwarf.c:8802 would be evaluated differently in two compiled binaries. The root cause is in dwarf.c:8797, where `look_for` would be a negative value in the clang12-compiled binary. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 --- Comment #1 from Shaohua Li --- Created attachment 13428 --> https://sourceware.org/bugzilla/attachment.cgi?id=13428&action=edit poc file for `readelf -w` -- You are receiving this mail because: You are on the CC list for the bug.
