[llvm-bugs] [Bug 161030] [COFF] Invalid symbol table entry in compiled Windows exectuable file

Sat, 27 Sep 2025 18:28:13 -0700

Issue 161030
Summary [COFF] Invalid symbol table entry in compiled Windows exectuable file
Labels new issue
Assignees
Reporter mmk2147483647 
    After upgrading Clang/LLVM from 20.1.8 to 21.1.1 in MSYS2 on Windows 11,
CGO stops working with the following error messages:

```
# runtime/cgo
cgo: cannot parse $WORK\b003\_cgo_.o as ELF, Mach-O, PE or XCOFF
```

```
offset 0 is before the start of string table
```

It turns out that invalid COFF file is produced by LLVM.

Some entries in symbol table have their 8 bytes of name field being all zero,
which corresponds to an invalid 0 offset to the string table.

The problem can be easily reproduced by a simple hello world program.

```c
#include <stdio.h>

int main() {
  printf("Hello World\n");
}
```

```
clang -o hello.exe hello.c
```

The compiled executable runs successfully,
but objdump will expose the problem.

When objdump sees the invalid symbol names with offset 0,
it reads a string from the 4-byte header of the string table (which contains the size of the string table),
essentially reinterprets an integer into a string and outputs that string,
exposing the problem.

```
objdump.exe -t hello.exe
```

```

hello.exe:      file format coff-x86-64

SYMBOL TABLE:
[ 0](sec  2)(fl 0x00)(ty   0)(scl   2) (nx 0) 0x00000000 .refptr._MINGW_INSTALL_DEBUG_MATHERR
...
[35](sec  1)(fl 0x00)(ty  20)(scl   2) (nx 0) 0x000015c0 _cexit
[36](sec  2)(fl 0x00)(ty   0)(scl   2) (nx 0) 0x00000878 モ
...
[58](sec  2)(fl 0x00)(ty   0)(scl   2) (nx 0) 0x00000908 モ

[59](sec  1)(fl 0x00)(ty  20)(scl   2) (nx 0) 0x00001650 strlen
[60](sec  2)(fl 0x00)(ty   0)(scl   2) (nx 0) 0x00000918 モ

[61](sec  1)(fl 0x00)(ty  20)(scl   2) (nx 0) 0x00001640 memcpy
[62](sec  2)(fl 0x00)(ty   0)(scl   2) (nx 0) 0x00000830 モ
...
[67](sec  1)(fl 0x00)(ty  20)(scl   2) (nx 0) 0x00001620 exit
[68](sec  2)(fl 0x00)(ty   0)(scl   2) (nx 0) 0x000008c8 モ
...
[145](sec  1)(fl 0x00)(ty  20)(scl   2) (nx 0) 0x000016e0 abort
[146](sec  2)(fl 0x00)(ty   0)(scl   2) (nx 0) 0x000008c0 モ
...
[192](sec  1)(fl 0x00)(ty  20)(scl   2) (nx 0) 0x000017f0 strncmp
[193](sec  2)(fl 0x00)(ty   0)(scl   2) (nx 0) 0x00000920 モ
```

```
objdump.exe -d hello.exe
```

```
...
00000001400025c0 <_cexit>:
1400025c0: ff 25 b2 12 00 00           	jmpq	*0x12b2(%rip)           # 0x140003878 <モ
 # >
...
0000000140002650 <strlen>:
140002650: ff 25 c2 12 00 00           	jmpq	*0x12c2(%rip)           # 0x140003918 <モ
 # >
...
00000001400026e0 <abort>:
1400026e0: ff 25 da 11 00 00           	jmpq	*0x11da(%rip)           # 0x1400038c0 <モ
 # >
...
00000001400027f0 <strncmp>:
1400027f0: ff 25 2a 11 00 00            jmpq    *0x112a(%rip)           # 0x140003920 <モ
 # >
...
```

_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs

Reply via email to