Mathieu Trudel-Lapierre identified that the segfault is result of the patch
binutils-bz17512-misc.patch (aka
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=32a9d621c3c480aa093a089a36e36c35f68a4010
). I've dug deeper into this and the issue is that stack gets corrupted in
bfd/coffgen.c::coff_write_alien_symbol(), due to the added chunk:
@@ -1078,10 +1089,12 @@ coff_write_alien_symbol (bfd *abfd,
{
symbol->name = "";
if (isym != NULL)
- memset (isym, 0, sizeof(*isym));
+ memset (isym, 0, sizeof (*isym));
return TRUE;
}
native = dummy;
+ native->is_sym = TRUE;
+ native[1].is_sym = FALSE;
native->u.syment.n_type = T_NULL;
native->u.syment.n_flags = 0;
native->u.syment.n_numaux = 0;
The problem is the write to "native[1].is_sym", as the patch to make
dummy be a two element array of structs did not happen until after the
version of binutils in precise was released, in commit
https://sourceware.org/git/gitweb.cgi?p=binutils-
gdb.git;a=commitdiff;h=e7ebb214834628b2b0d9d3233febc9fef2912515 . This
means the write to native[1]->is_sym goes beyond the auto variables and
overwrites the return pointer, causing the segfault and corrupted stack
backtrace seen in gdb.
I'm currently working on a patch to address this.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1477350
Title:
Rgression building sbsigntool with binutils >= 2.22-6ubuntu1.2 in
precise
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1477350/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
