Thanks for your prompt feedback!
> On 30 Jul 2021, at 08:08, Alan Modra <amo...@gmail.com> wrote:
>
> On Thu, Jul 29, 2021 at 03:09:40PM +0000, He Jingxuan wrote:
>> Dear Alan,
>>
>> Thanks for your information!
>>
>> UBSan indeed has an option to turn on complaints about unsigned integer
>> overflow (-fsanitize=unsigned-integer-overflow). Unsigned integer overflow
>> has caused bugs in binutils that were fixed (see
>> https://sourceware.org/bugzilla/show_bug.cgi?id=24131 for example).
>>
>> Based on our inspection, most bugs reported by us result in wrong offsets or
>> addresses. The *.err files provide exact bug location and bug triggering
>> values, which can be used to quickly decide if the bugs are true or false
>> positives. Could you please take a deeper look into the bugs?
>
> ../../libiberty/argv.c:478:27: runtime error: unsigned integer overflow: 0 -
> 1 cannot be represented in type 'unsigned long'
> ../../libiberty/argv.c:478:14: runtime error: unsigned integer overflow: 3 +
> 18446744073709551615 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/bfdio.c:397:14: runtime error: unsigned integer overflow: 24 +
> 18446744073709551600 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elfcore.h:233:43: runtime error: unsigned integer overflow:
> 18446744073709537336 + 14280 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/coffcode.h:1921:56: runtime error: unsigned integer overflow: 0 - 1
> cannot be represented in type 'unsigned long'
>
> A bug. Lack of sanity checking.
>
> ../../bfd/coffcode.h:2601:27: runtime error: unsigned integer overflow:
> 18446744073265032094 + 444596226 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/coffcode.h:4392:43: runtime error: unsigned integer overflow: 0 -
> 335544324 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/coffcode.h:5079:26: runtime error: unsigned integer overflow: 76704
> - 4294967295 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/coffgen.c:1192:27: runtime error: unsigned integer overflow:
> 18446744073709490606 + 61235 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/coffgen.c:1676:38: runtime error: unsigned integer overflow:
> 18446744071562069503 * 18 cannot be represented in type 'unsigned long'
> ../../bfd/coffgen.c:1676:7: runtime error: unsigned integer overflow: 32799 +
> 18446744073709551598 cannot be represented in type 'unsigned long'
>
> Lack of sanity checking again.
>
> ../../bfd/coffgen.c:1988:30: runtime error: unsigned integer overflow:
> 4294967295 + 1 cannot be represented in type 'unsigned int'
>
> A bug.
>
> ../../bfd/elf.c:12069:41: runtime error: unsigned integer overflow:
> 18446744073709551604 + 32 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:12077:41: runtime error: unsigned integer overflow:
> 18446744073709551600 + 64 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:12062:56: runtime error: unsigned integer overflow:
> 18446744073709551580 + 64 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> peXXigen.c:561:26: runtime error: unsigned integer overflow: 4294967295 +
> 18446744073709551615 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> peXXigen.c:569:31: runtime error: unsigned integer overflow: 4294967295 +
> 18446744073709551615 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:5543:36: runtime error: unsigned integer overflow: 16777216 +
> 18446744073709289469 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:5715:20: runtime error: unsigned integer overflow: 128 -
> 2147483724 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:5717:15: runtime error: unsigned integer overflow: 0 - 1996
> cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:5789:32: runtime error: unsigned integer overflow:
> 18446744073709549620 + 1996 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:5791:33: runtime error: unsigned integer overflow: 262147 -
> 294915 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:6289:10: runtime error: unsigned integer overflow:
> 18446744073709551594 + 22 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:7265:10: runtime error: unsigned integer overflow: 0 - 22
> cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> i../../bfd/elf.c:7285:21: runtime error: unsigned integer overflow: 22 - 64
> cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:7299:21: runtime error: unsigned integer overflow: 0 - 7
> cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:7449:4: runtime error: unsigned integer overflow: 0 - 32
> cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:7614:32: runtime error: unsigned integer overflow: 0 -
> 134217728 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/elf.c:7615:32: runtime error: unsigned integer overflow: 0 -
> 335544322 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/tekhex.c:496:34: runtime error: unsigned integer overflow: 17476 -
> 13421772 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../bfd/tekhex.c:544:33: runtime error: unsigned integer overflow: 0 - 5
> cannot be represented in type 'unsigned int'
>
> Not a bug.
>
> ../../bfd/tekhex.c:893:37: runtime error: unsigned integer overflow:
> 18445843353784078336 + 900719925474099 cannot be represented in type
> 'unsigned long'
>
> Not a bug.
>
> ../../binutils/readelf.c:21264:2: runtime error: unsigned integer overflow:
> 18446744073709551615 + 1 cannot be represented in type 'unsigned long'
>
> A bug.
>
> ../../binutils/readelf.c:17095:45: runtime error: unsigned integer overflow:
> 0 - 32752 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../binutils/readelf.c:5586:13: runtime error: unsigned integer overflow:
> 4226819 - 1785358848 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../binutils/readelf.c:5586:28: runtime error: unsigned integer overflow:
> 18446744073178963944 + 536870912 cannot be represented in type 'unsigned long'
>
> Not a bug.
>
> ../../binutils/readelf.c:9312:17: runtime error: unsigned integer overflow:
> 18446744073709421054 + 4294967299 cannot be represented in type 'unsigned
> long'
>
> Not a bug.
>
> I'll be committing a few fixes for the real bugs you found.
>
> --
> Alan Modra
> Australia Development Lab, IBM
