[Bug binutils/25673] New: strip-new: SIGSEGV in _bfd_elf_write_secondary_reloc_section (elf.c:12676)

Sat, 14 Mar 2020 06:26:52 -0700 

https://sourceware.org/bugzilla/show_bug.cgi?id=25673

            Bug ID: 25673
           Summary: strip-new: SIGSEGV in
                    _bfd_elf_write_secondary_reloc_section (elf.c:12676)
           Product: binutils
           Version: 2.35 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: fdgkhdkgh at gmail dot com
  Target Milestone: ---

Created attachment 12376
  --> https://sourceware.org/bugzilla/attachment.cgi?id=12376&action=edit
file that reproduces this problem

OS : ubuntu 18.04.3
kernel : gnu/linux 5.0.0-32-generic
processor : Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
compiler : gcc 7.4.0


Steps to Reproduce :
download the sample from attachment

strip-new  -I  elf64-x86-64  --only-keep-debug  ./sample

gdb backtrace : 

gdb-peda$ bt
#0  _bfd_elf_write_secondary_reloc_section (abfd=0x5555558b9280,
sec=0x5555558c2930)
    at elf.c:12676
#1  0x00005555555c03be in bfd_elf64_write_relocs (abfd=0x5555558b9280,
sec=0x5555558c2930, 
    data=<optimized out>) at elfcode.h:991
#2  0x00005555555ace3c in bfd_map_over_sections
(abfd=abfd@entry=0x5555558b9280, 
    operation=0x5555555c0180 <bfd_elf64_write_relocs>, 
    user_storage=user_storage@entry=0x7fffffff1fa4) at section.c:1377
#3  0x00005555555cd6e7 in _bfd_elf_write_object_contents (abfd=0x5555558b9280)
at elf.c:6639
#4  0x00005555555ab8fa in bfd_close (abfd=0x5555558b9280) at opncls.c:755
#5  0x000055555558e9f6 in copy_file (input_filename=0x7fffffff26bd "./sample", 
    output_filename=0x7fffffff26c9 "./stripoutput", input_target=<optimized
out>, 
    output_target=<optimized out>, input_arch=0x0) at objcopy.c:3837
#6  0x00005555555885ce in strip_main (argv=<optimized out>, argc=<optimized
out>)
    at objcopy.c:4815
#7  main (argc=<optimized out>, argc@entry=0x7, argv=<optimized out>, 
    argv@entry=0x7fffffff2298) at objcopy.c:6013
#8  0x00007ffff7801b97 in __libc_start_main (main=0x555555586cb0 <main>,
argc=0x7, 
    argv=0x7fffffff2298, init=<optimized out>, fini=<optimized out>, 
    rtld_fini=<optimized out>, stack_end=0x7fffffff2288) at
../csu/libc-start.c:310
#9  0x00005555555897aa in _start ()

---------------

gdb report 

Program received signal SIGSEGV, Segmentation fault.

[----------------------------------registers-----------------------------------]
RAX: 0x60 ('`')
RBX: 0x5555558a4cc0 --> 0x2100000008 
RCX: 0x0 
RDX: 0x0 
RSI: 0x7ffff7bcd8b0 --> 0x0 
RDI: 0x7ffff7bcc680 --> 0xfbad2887 
RBP: 0x0 
RSP: 0x7fffffff1dc0 --> 0x5555558c2930 --> 0x5555558b19a5 (".got.plt")
RIP: 0x5555555d6778 (<_bfd_elf_write_secondary_reloc_section+360>:      mov   
rax,QWORD PTR [r15])
R8 : 0x7ffff7bcd8b0 --> 0x0 
R9 : 0x7ffff7fd2740 (0x00007ffff7fd2740)
R10: 0xa ('\n')
R11: 0x246 
R12: 0x0 
R13: 0x5555558d1fb0 --> 0x4c ('L')
R14: 0x5555558b9280 --> 0x5555558b93b0 ("./stripoutput")
R15: 0x0
EFLAGS: 0x10246 (carry PARITY adjust ZERO sign trap INTERRUPT direction
overflow)
[-------------------------------------code-------------------------------------]
   0x5555555d676a <_bfd_elf_write_secondary_reloc_section+346>: lea   
rax,[rcx+rax*1+0x20]
   0x5555555d676f <_bfd_elf_write_secondary_reloc_section+351>: 
    mov    QWORD PTR [rsp+0x20],rax
   0x5555555d6774 <_bfd_elf_write_secondary_reloc_section+356>: nop    DWORD
PTR [rax+0x0]
=> 0x5555555d6778 <_bfd_elf_write_secondary_reloc_section+360>: mov   
rax,QWORD PTR [r15]
   0x5555555d677b <_bfd_elf_write_secondary_reloc_section+363>: mov   
r12,QWORD PTR [rax]
   0x5555555d677e <_bfd_elf_write_secondary_reloc_section+366>: cmp    r12,rdx
   0x5555555d6781 <_bfd_elf_write_secondary_reloc_section+369>: 
    mov    QWORD PTR [rsp+0x58],r12
   0x5555555d6786 <_bfd_elf_write_secondary_reloc_section+374>: 
    je     0x5555555d67a2 <_bfd_elf_write_secondary_reloc_section+402>
[------------------------------------stack-------------------------------------]
0000| 0x7fffffff1dc0 --> 0x5555558c2930 --> 0x5555558b19a5 (".got.plt")
0008| 0x7fffffff1dc8 --> 0x0 
0016| 0x7fffffff1dd0 --> 0x5555556028f0 (<elf32_r_info>:        shl    rdi,0x8)
0024| 0x7fffffff1dd8 --> 0x7fffffff1e20 --> 0x5555558b9280 --> 0x5555558b93b0
("./stripoutput")
0032| 0x7fffffff1de0 --> 0x60 ('`')
0040| 0x7fffffff1de8 --> 0x5555558c5310 --> 0x400000009 
0048| 0x7fffffff1df0 --> 0x7fffffff1e18 --> 0x5555558ae3c0 --> 0x5555558b0740
("./sample")
0056| 0x7fffffff1df8 --> 0x5555558b9280 --> 0x5555558b93b0 ("./stripoutput")
[------------------------------------------------------------------------------]
Legend: code, data, rodata, value
Stopped reason: SIGSEGV
_bfd_elf_write_secondary_reloc_section (abfd=0x5555558b9280,
sec=0x5555558c2930)
    at elf.c:12676
12676                 sym = *ptr->sym_ptr_ptr;

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Reply via email to