'Infinite recursion in binutils 2.27 (ld, gdb, c++filt)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       binutils-bugs
Subject:    Infinite recursion in binutils 2.27 (ld, gdb, c++filt)
From:       Matthieu Monrocq <matthieu.monrocq () imc ! com>
Date:       2016-09-29 15:20:49
Message-ID: 1475162449227.65881 () imc ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hello,


We are hitting an infinite recursion in "ld", eventually leading to a stackoverflow \
and segfault, when using the --version-script option with a C++ symbol (which \
"forces" ld to demangle symbols).


This bug also affects our versions of c++filt and gdb.



Commands used:


$ /opt/imc/gcc-6.2.0/bin/g++ -fPIC -std=c++14 -O3 -ggdb -o main.cpp.o -c main.cpp

$ /opt/imc/gcc-6.2.0/bin/g++ -fPIC -std=c++14 -shared -o libCrash.so main.cpp.o \
                -Wl,--version-script=simple.map
collect2: fatal error: ld terminated with signal 11 [Segmentation fault]
compilation terminated.



And:


$ c++filt _ZSt7forwardIRP22XxxxxxxxXxxxxxxXxxxxxxI28XxxxxxxxXxxxXxxxXxxxXxxxxxxxZN3TBQ \
26XxxxxxxxXxxxXxxxXxxxxxxxxxINS2_14TBQXxxxXxxxxxxINS2_8TBQXxxxxINS2_12XxXxxXxxxxxxINS2 \
_15XxxxxxxxXxxxxxxEEEEEEENS2_10TBQXxxxxxxEE5xxxxxEvEUlRT_RT0_PT1_E_Z28xxxxxxXxxxxxxxXx \
xxxxxXxxxxxxIS1_SJ_ESt10unique_ptrI31XxxxxxxxXxxxxxxXxxxxxxXxxxxxxxxISD_ESt14default_d \
eleteISN_EESF_EUlR5XxxxxE_ZSK_IS1_SJ_ESQ_SF_EUlvE0_EEOSD_RNSt16remove_referenceISD_E4typeE
 Segmentation fault



Versions used:


$ cat /etc/centos-release
CentOS Linux release 7.2.1511 (Core)


$ /opt/imc/gcc-6.2.0/bin/g++ --version
g++ (GCC) 6.2.0


$ c++filt --version
GNU c++filt version 2.23.52.0.1-55.el7 20130226


$ /opt/imc/gcc-6.2.0/bin/ld --version
GNU ld (GNU Binutils) 2.27


$ gdb --version
GNU gdb (GDB) Red Hat Enterprise Linux 7.10.50.20151113-33.el7



Notes:

The symbols reported in those bug reports do not crash my c++filt:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61233

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61460

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61805

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72822


However the symbol reported in this one does crash c++filt (although not ld):

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70909


Kind Regards,

Matthieu Monrocq

IMC financial markets | Strawinskylaan 377, WTC D-tower, 1077 XX Amsterdam | \
www.imc.com<http://www.imc.nl/> P +31 (0)20 798 8601 | E \
matthieu.monrocq@imc.com<mailto:julien.lehuen@imc.nl>

________________________________

The information in this e-mail is intended only for the person or entity to which it \
is addressed.

It may contain confidential and /or privileged material. If someone other than the \
intended recipient should receive this e-mail, he / she shall not be entitled to \
read, disseminate, disclose or duplicate it.

If you receive this e-mail unintentionally, please inform us immediately by "reply" \
and then delete it from your system. Although this information has been compiled with \
great care, neither IMC Financial Markets & Asset Management nor any of its related \
entities shall accept any responsibility for any errors, omissions or other \
inaccuracies in this information or for the consequences thereof, nor shall it be \
bound in any way by the contents of this e-mail or its attachments. In the event of \
incomplete or incorrect transmission, please return the e-mail to the sender and \
permanently delete this message and any attachments.

Messages and attachments are scanned for all known viruses. Always scan attachments \
before opening them.


[Attachment #5 (text/html)]

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none"><!--P{margin-top:0;margin-bottom:0;} \
--></style> </head>
<body dir="ltr" style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:Calibri,Arial,Helvetica,sans-serif;">
 <p>Hello,</p>
<p><br>
</p>
<p>We are hitting an infinite recursion in &quot;ld&quot;, eventually leading to a \
stackoverflow and segfault, when using the --version-script option with a C&#43;&#43; \
symbol (which &quot;forces&quot; ld to demangle symbols).<br> </p>
<p><br>
</p>
<p>This bug also affects our versions of c&#43;&#43;filt and gdb.</p>
<p><br>
</p>
<p><br>
</p>
<p>Commands used:</p>
<p><br>
</p>
<p>$ /opt/imc/gcc-6.2.0/bin/g&#43;&#43; -fPIC -std=c&#43;&#43;14 -O3 -ggdb -o \
main.cpp.o -c main.cpp<br> <br>
$ /opt/imc/gcc-6.2.0/bin/g&#43;&#43; -fPIC -std=c&#43;&#43;14 -shared -o libCrash.so \
                main.cpp.o -Wl,--version-script=simple.map<br>
collect2: fatal error: ld terminated with signal 11 [Segmentation fault]<br>
compilation terminated.<br>
</p>
<p><br>
</p>
<p><br>
</p>
<p>And:</p>
<p><br>
</p>
<p>$ c&#43;&#43;filt \
_ZSt7forwardIRP22XxxxxxxxXxxxxxxXxxxxxxI28XxxxxxxxXxxxXxxxXxxxXxxxxxxxZN3TBQ26Xxxxxxxx \
XxxxXxxxXxxxxxxxxxINS2_14TBQXxxxXxxxxxxINS2_8TBQXxxxxINS2_12XxXxxXxxxxxxINS2_15Xxxxxxx \
xXxxxxxxEEEEEEENS2_10TBQXxxxxxxEE5xxxxxEvEUlRT_RT0_PT1_E_Z28xxxxxxXxxxxxxxXxxxxxxXxxxx \
xxIS1_SJ_ESt10unique_ptrI31XxxxxxxxXxxxxxxXxxxxxxXxxxxxxxxISD_ESt14default_deleteISN_E \
ESF_EUlR5XxxxxE_ZSK_IS1_SJ_ESQ_SF_EUlvE0_EEOSD_RNSt16remove_referenceISD_E4typeE<br> \
Segmentation fault<br> <br>
</p>
<p><br>
</p>
<p>Versions used:</p>
<p><br>
</p>
<p>$ cat /etc/centos-release<br>
CentOS Linux release 7.2.1511 (Core) <br>
<br>
</p>
<p>$ /opt/imc/gcc-6.2.0/bin/g&#43;&#43; --version<br>
g&#43;&#43; (GCC) 6.2.0<br>
<br>
</p>
<p>$ c&#43;&#43;filt --version<br>
GNU c&#43;&#43;filt version 2.23.52.0.1-55.el7 20130226<br>
</p>
<p><br>
</p>
<p>$ /opt/imc/gcc-6.2.0/bin/ld --version<br>
GNU ld (GNU Binutils) 2.27<br>
<br>
</p>
<p>$ gdb --version<br>
GNU gdb (GDB) Red Hat Enterprise Linux 7.10.50.20151113-33.el7<br>
<br>
</p>
<p><br>
</p>
<p>Notes:<br>
</p>
<p><br>
The symbols reported in those bug reports do not crash my c&#43;&#43;filt:<br>
</p>
<p><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61233">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61233</a></p>
 <p><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61460">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61460</a><br>
 </p>
<p><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61805">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61805</a><br>
 </p>
<p><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72822">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72822</a></p>
 <p><br>
</p>
<p>However the symbol reported in this one does crash c&#43;&#43;filt (although not \
ld):<br> </p>
<p><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70909">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70909</a><br>
 </p>
<p><br>
</p>
<div id="Signature">
<div name="divtagdefaultwrapper" \
style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:; margin:0"> <span \
style="background-color:white" lang="en-US"><font face="Times New Roman" \
size="3"><span style="font-size:12pt"><font face="Georgia" color="#0092CD" \
size="2"><span style="font-size:9pt"><span style="background-color:white" \
lang="en-US"><font face="Times New Roman" size="3"><span style="font-size:12pt"><font \
face="Arial" color="#0092CD" size="2"><span style="font-size:9pt">Kind  Regards,<br>
<br>
</span></font></span></font></span><b>Matthieu Monrocq</b></span></font><font \
face="Georgia" color="#0092CD" size="2"><span \
style="font-size:9pt"></span></font><font face="Times"><br> \
</font></span></font></span><span style="background-color:white" lang="en-US"><font \
face="Times New Roman" size="3"><span style="font-size:12pt"><font face="Times"><br> \
</font><font face="Arial" color="#0092CD" size="2"><span style="font-size:9pt">IMC \
financial markets | Strawinskylaan 377, WTC D-tower, 1077 XX Amsterdam \
|&nbsp;</span></font><a id="NoLP" href="http://www.imc.nl/" target="_blank"><font \
face="Times"><font face="Times New Roman" color="#0092CD" size="2"><span \
style="font-size:9pt">www.imc.com</span></font><font face="Arial" color="#0092CD" \
size="2"><span style="font-size:9pt"></span></font></font></a><font face="Times"><br> \
</font><font face="Arial" color="#0092CD" size="2"><span style="font-size:9pt">P \
&#43;31 (0)20 798 8601 | E </span></font><a id="NoLP" \
href="mailto:julien.lehuen@imc.nl" target="_blank"><font face="Times"><font \
face="Times New Roman" color="#0092CD" size="2"><span style="font-size:9pt"><font \
face="Arial">matthieu.monrocq@imc.com</font></span></font><font face="Arial" \
color="#0092CD" size="2"><span style="font-size:9pt"></span></font></font></a><font \
face="Times"><br> </font></span></font></span></div>
</div>
<br>
<hr>
<font face="Arial" color="Gray" size="1"><br>
The information in this e-mail is intended only for the person or entity to which it \
is addressed.<br> <br>
It may contain confidential and /or privileged material. If someone other than the \
intended recipient should receive this e-mail, he / she shall not be entitled to \
read, disseminate, disclose or duplicate it.<br> <br>
If you receive this e-mail unintentionally, please inform us immediately by \
&quot;reply&quot; and then delete it from your system. Although this information has \
been compiled with great care, neither IMC Financial Markets &amp; Asset Management \
nor any of its related entities  shall accept any responsibility for any errors, \
omissions or other inaccuracies in this information or for the consequences thereof, \
nor shall it be bound in any way by the contents of this e-mail or its attachments. \
In the event of incomplete or incorrect  transmission, please return the e-mail to \
the sender and permanently delete this message and any attachments.<br> <br>
Messages and attachments are scanned for all known viruses. Always scan attachments \
before opening them.<br> </font>
</body>
</html>


["main.cpp" (text/x-c++src)]

#include <iostream>

extern "C" {
void _ZSt7forwardIRP22XxxxxxxxXxxxxxxXxxxxxxI28XxxxxxxxXxxxXxxxXxxxXxxxxxxxZN3TBQ26Xxx \
xxxxxXxxxXxxxXxxxxxxxxxINS2_14TBQXxxxXxxxxxxINS2_8TBQXxxxxINS2_12XxXxxXxxxxxxINS2_15Xx \
xxxxxxXxxxxxxEEEEEEENS2_10TBQXxxxxxxEE5xxxxxEvEUlRT_RT0_PT1_E_Z28xxxxxxXxxxxxxxXxxxxxx \
XxxxxxxIS1_SJ_ESt10unique_ptrI31XxxxxxxxXxxxxxxXxxxxxxXxxxxxxxxISD_ESt14default_delete \
ISN_EESF_EUlR5XxxxxE_ZSK_IS1_SJ_ESQ_SF_EUlvE0_EEOSD_RNSt16remove_referenceISD_E4typeE() \
{  std::cout << "Hello, World\n";
}
}

int main() {
    _ZSt7forwardIRP22XxxxxxxxXxxxxxxXxxxxxxI28XxxxxxxxXxxxXxxxXxxxXxxxxxxxZN3TBQ26Xxxx \
xxxxXxxxXxxxXxxxxxxxxxINS2_14TBQXxxxXxxxxxxINS2_8TBQXxxxxINS2_12XxXxxXxxxxxxINS2_15Xxx \
xxxxxXxxxxxxEEEEEEENS2_10TBQXxxxxxxEE5xxxxxEvEUlRT_RT0_PT1_E_Z28xxxxxxXxxxxxxxXxxxxxxX \
xxxxxxIS1_SJ_ESt10unique_ptrI31XxxxxxxxXxxxxxxXxxxxxxXxxxxxxxxISD_ESt14default_deleteI \
SN_EESF_EUlR5XxxxxE_ZSK_IS1_SJ_ESQ_SF_EUlvE0_EEOSD_RNSt16remove_referenceISD_E4typeE();
 }


["simple.map" (text/plain)]

{ global:
  extern "C++" {
    __wrap_memcpy;
  };
  local: *;
};


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic