Fix overflow checking for 32-bit pc-relative relocations on x32.
The problem here is that x32 is really using 64-bit addressing, while pretending to be 32-bit. Even though the object file format is 32-bit, we need to do the overflow checking with 64-bit arithmetic (because that's what the hardware will be using). This patch overrides the pcrela32_check functions in reloc.h with target-specific versions that do 64-bit checking. I've also updated the test case to use -Tdata instead of adding a huge .space directive, to reduce the size of the .o files. gold/ PR gold/19567 * reloc.h (Relocate_functions::Overflow_check): Add comments. * x86_64.cc (X86_64_relocate_functions): New class. (Target_x86_64::Relocate::relocate): Use the new class. * testsuite/Makefile.am (x86_64_overflow_pc32): Add -Tdata option. (x32_overflow_pc32): New test case. * testsuite/Makefile.in: Regenerate. * testsuite/x32_overflow_pc32.sh: New script. * testsuite/x86_64_overflow_pc32.s: Remove .space directive.
This commit is contained in:
Cary Coutant
parent
72c55146bb
commit
19ef3f4d2e
|
|
@ -1,3 +1,15 @@
|
|||
2016-02-06 Cary Coutant <ccoutant@gmail.com>
|
||||
|
||||
PR gold/19567
|
||||
* reloc.h (Relocate_functions::Overflow_check): Add comments.
|
||||
* x86_64.cc (X86_64_relocate_functions): New class.
|
||||
(Target_x86_64::Relocate::relocate): Use the new class.
|
||||
* testsuite/Makefile.am (x86_64_overflow_pc32): Add -Tdata option.
|
||||
(x32_overflow_pc32): New test case.
|
||||
* testsuite/Makefile.in: Regenerate.
|
||||
* testsuite/x32_overflow_pc32.sh: New script.
|
||||
* testsuite/x86_64_overflow_pc32.s: Remove .space directive.
|
||||
|
||||
2016-02-06 Cary Coutant <ccoutant@gmail.com>
|
||||
|
||||
PR gold/19577
|
||||
|
|
|
|||
|
|
@ -336,9 +336,14 @@ class Relocate_functions
|
|||
|
||||
enum Overflow_check
|
||||
{
|
||||
// No overflow checking.
|
||||
CHECK_NONE,
|
||||
// Check for overflow of a signed value.
|
||||
CHECK_SIGNED,
|
||||
// Check for overflow of an unsigned value.
|
||||
CHECK_UNSIGNED,
|
||||
// Check for overflow of a signed or unsigned value.
|
||||
// (i.e., no error if either signed or unsigned fits.)
|
||||
CHECK_SIGNED_OR_UNSIGNED
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -1080,14 +1080,30 @@ MOSTLYCLEANFILES += x86_64_overflow_pc32.err
|
|||
x86_64_overflow_pc32.o: x86_64_overflow_pc32.s
|
||||
$(TEST_AS) -o $@ $<
|
||||
x86_64_overflow_pc32.err: x86_64_overflow_pc32.o gcctestdir/ld
|
||||
@echo $(CXXLINK) -Bgcctestdir/ -shared -o x86_64_overflow_pc32 x86_64_overflow_pc32.o "2>$@"
|
||||
@if $(CXXLINK) -Bgcctestdir/ -shared -o x86_64_overflow_pc32 x86_64_overflow_pc32.o 2>$@; \
|
||||
@echo gcctestdir/ld -e bar -Tdata=0x81000000 -o x86_64_overflow_pc32 x86_64_overflow_pc32.o "2>$@"
|
||||
@if gcctestdir/ld -e bar -Tdata=0x81000000 -o x86_64_overflow_pc32 x86_64_overflow_pc32.o 2>$@; \
|
||||
then \
|
||||
echo 1>&2 "Link of x86_64_overflow_pc32 should have failed"; \
|
||||
rm -f $@; \
|
||||
exit 1; \
|
||||
fi
|
||||
|
||||
check_SCRIPTS += x32_overflow_pc32.sh
|
||||
check_DATA += x32_overflow_pc32.err
|
||||
MOSTLYCLEANFILES += x32_overflow_pc32.err
|
||||
x86_64_overflow_pc32.o: x86_64_overflow_pc32.s
|
||||
$(TEST_AS) -o $@ $<
|
||||
x32_overflow_pc32.o: x86_64_overflow_pc32.s
|
||||
$(TEST_AS) --x32 -o $@ $<
|
||||
x32_overflow_pc32.err: x32_overflow_pc32.o gcctestdir/ld
|
||||
@echo gcctestdir/ld -e bar -Tdata=0x81000000 -o x32_overflow_pc32 x32_overflow_pc32.o "2>$@"
|
||||
@if gcctestdir/ld -e bar -Tdata=0x81000000 -o x32_overflow_pc32 x32_overflow_pc32.o 2>$@; \
|
||||
then \
|
||||
echo 1>&2 "Link of x32_overflow_pc32 should have failed"; \
|
||||
rm -f $@; \
|
||||
exit 1; \
|
||||
fi
|
||||
|
||||
endif DEFAULT_TARGET_X86_64
|
||||
|
||||
if DEFAULT_TARGET_I386
|
||||
|
|
|
|||
|
|
@ -200,7 +200,8 @@ check_PROGRAMS = $(am__EXEEXT_1) $(am__EXEEXT_2) $(am__EXEEXT_3) \
|
|||
@GCC_TRUE@@HAVE_STATIC_TRUE@@NATIVE_LINKER_TRUE@@STATIC_TLS_TRUE@@TLS_TRUE@ tls_static_pic_test
|
||||
@FN_PTRS_IN_SO_WITHOUT_PIC_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@@TLS_TRUE@am__append_25 = tls_shared_nonpic_test
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@am__append_26 = x86_64_mov_to_lea.sh \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_overflow_pc32.sh
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_overflow_pc32.sh \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x32_overflow_pc32.sh
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@am__append_27 = x86_64_mov_to_lea1.stdout \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_mov_to_lea2.stdout \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_mov_to_lea3.stdout \
|
||||
|
|
@ -215,7 +216,8 @@ check_PROGRAMS = $(am__EXEEXT_1) $(am__EXEEXT_2) $(am__EXEEXT_3) \
|
|||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_mov_to_lea12.stdout \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_mov_to_lea13.stdout \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_mov_to_lea14.stdout \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_overflow_pc32.err
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_overflow_pc32.err \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x32_overflow_pc32.err
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@am__append_28 = x86_64_mov_to_lea1 \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_mov_to_lea2 \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_mov_to_lea3 \
|
||||
|
|
@ -230,7 +232,8 @@ check_PROGRAMS = $(am__EXEEXT_1) $(am__EXEEXT_2) $(am__EXEEXT_3) \
|
|||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_mov_to_lea12 \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_mov_to_lea13 \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_mov_to_lea14 \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_overflow_pc32.err
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x86_64_overflow_pc32.err \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ x32_overflow_pc32.err
|
||||
@DEFAULT_TARGET_I386_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@am__append_29 = i386_mov_to_lea.sh
|
||||
@DEFAULT_TARGET_I386_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@am__append_30 = i386_mov_to_lea1.stdout i386_mov_to_lea2.stdout \
|
||||
@DEFAULT_TARGET_I386_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ i386_mov_to_lea3.stdout i386_mov_to_lea4.stdout \
|
||||
|
|
@ -4445,6 +4448,8 @@ x86_64_mov_to_lea.sh.log: x86_64_mov_to_lea.sh
|
|||
@p='x86_64_mov_to_lea.sh'; $(am__check_pre) $(LOG_COMPILE) "$$tst" $(am__check_post)
|
||||
x86_64_overflow_pc32.sh.log: x86_64_overflow_pc32.sh
|
||||
@p='x86_64_overflow_pc32.sh'; $(am__check_pre) $(LOG_COMPILE) "$$tst" $(am__check_post)
|
||||
x32_overflow_pc32.sh.log: x32_overflow_pc32.sh
|
||||
@p='x32_overflow_pc32.sh'; $(am__check_pre) $(LOG_COMPILE) "$$tst" $(am__check_post)
|
||||
i386_mov_to_lea.sh.log: i386_mov_to_lea.sh
|
||||
@p='i386_mov_to_lea.sh'; $(am__check_pre) $(LOG_COMPILE) "$$tst" $(am__check_post)
|
||||
debug_msg.sh.log: debug_msg.sh
|
||||
|
|
@ -5491,13 +5496,25 @@ uninstall-am:
|
|||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@x86_64_overflow_pc32.o: x86_64_overflow_pc32.s
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ $(TEST_AS) -o $@ $<
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@x86_64_overflow_pc32.err: x86_64_overflow_pc32.o gcctestdir/ld
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ @echo $(CXXLINK) -Bgcctestdir/ -shared -o x86_64_overflow_pc32 x86_64_overflow_pc32.o "2>$@"
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ @if $(CXXLINK) -Bgcctestdir/ -shared -o x86_64_overflow_pc32 x86_64_overflow_pc32.o 2>$@; \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ @echo gcctestdir/ld -e bar -Tdata=0x81000000 -o x86_64_overflow_pc32 x86_64_overflow_pc32.o "2>$@"
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ @if gcctestdir/ld -e bar -Tdata=0x81000000 -o x86_64_overflow_pc32 x86_64_overflow_pc32.o 2>$@; \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ then \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ echo 1>&2 "Link of x86_64_overflow_pc32 should have failed"; \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ rm -f $@; \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ exit 1; \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ fi
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@x86_64_overflow_pc32.o: x86_64_overflow_pc32.s
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ $(TEST_AS) -o $@ $<
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@x32_overflow_pc32.o: x86_64_overflow_pc32.s
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ $(TEST_AS) --x32 -o $@ $<
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@x32_overflow_pc32.err: x32_overflow_pc32.o gcctestdir/ld
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ @echo gcctestdir/ld -e bar -Tdata=0x81000000 -o x32_overflow_pc32 x32_overflow_pc32.o "2>$@"
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ @if gcctestdir/ld -e bar -Tdata=0x81000000 -o x32_overflow_pc32 x32_overflow_pc32.o 2>$@; \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ then \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ echo 1>&2 "Link of x32_overflow_pc32 should have failed"; \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ rm -f $@; \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ exit 1; \
|
||||
@DEFAULT_TARGET_X86_64_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ fi
|
||||
|
||||
@DEFAULT_TARGET_I386_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@i386_mov_to_lea1.o: i386_mov_to_lea1.s
|
||||
@DEFAULT_TARGET_I386_TRUE@@GCC_TRUE@@NATIVE_LINKER_TRUE@ $(TEST_AS) --32 -o $@ $<
|
||||
|
|
|
|||
|
|
@ -0,0 +1,42 @@
|
|||
#!/bin/sh
|
||||
|
||||
# x86_64_overflow_pc32.sh -- a test case for overflow checking.
|
||||
|
||||
# Copyright (C) 2016 Free Software Foundation, Inc.
|
||||
# Written by Cary Coutant <ccoutant@gmail.com>.
|
||||
|
||||
# This file is part of gold.
|
||||
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston,
|
||||
# MA 02110-1301, USA.
|
||||
|
||||
check()
|
||||
{
|
||||
if ! grep -q "$2" "$1"
|
||||
then
|
||||
echo "Did not find expected error in $1:"
|
||||
echo " $2"
|
||||
echo ""
|
||||
echo "Actual error output below:"
|
||||
cat "$1"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
# We don't know how the compiler might order these variables, so we
|
||||
# can't test for the actual offset from .data, hence the regexp.
|
||||
check x86_64_overflow_pc32.err "function bar: error: relocation overflow"
|
||||
|
||||
exit 0
|
||||
|
|
@ -1,5 +1,4 @@
|
|||
.data
|
||||
.space 0x8ff00000
|
||||
.hidden foo
|
||||
.globl foo
|
||||
foo:
|
||||
|
|
|
|||
|
|
@ -3347,6 +3347,52 @@ Target_x86_64<size>::do_finalize_sections(
|
|||
}
|
||||
}
|
||||
|
||||
// For x32, we need to handle PC-relative relocations using full 64-bit
|
||||
// arithmetic, so that we can detect relocation overflows properly.
|
||||
// This class overrides the pcrela32_check methods from the defaults in
|
||||
// Relocate_functions in reloc.h.
|
||||
|
||||
template<int size>
|
||||
class X86_64_relocate_functions : public Relocate_functions<size, false>
|
||||
{
|
||||
public:
|
||||
typedef Relocate_functions<size, false> Base;
|
||||
|
||||
// Do a simple PC relative relocation with the addend in the
|
||||
// relocation.
|
||||
static inline typename Base::Reloc_status
|
||||
pcrela32_check(unsigned char* view,
|
||||
typename elfcpp::Elf_types<64>::Elf_Addr value,
|
||||
typename elfcpp::Elf_types<64>::Elf_Swxword addend,
|
||||
typename elfcpp::Elf_types<64>::Elf_Addr address)
|
||||
{
|
||||
typedef typename elfcpp::Swap<32, false>::Valtype Valtype;
|
||||
Valtype* wv = reinterpret_cast<Valtype*>(view);
|
||||
value = value + addend - address;
|
||||
elfcpp::Swap<32, false>::writeval(wv, value);
|
||||
return (Bits<32>::has_overflow(value)
|
||||
? Base::RELOC_OVERFLOW : Base::RELOC_OK);
|
||||
}
|
||||
|
||||
// Do a simple PC relative relocation with a Symbol_value with the
|
||||
// addend in the relocation.
|
||||
static inline typename Base::Reloc_status
|
||||
pcrela32_check(unsigned char* view,
|
||||
const Sized_relobj_file<size, false>* object,
|
||||
const Symbol_value<size>* psymval,
|
||||
typename elfcpp::Elf_types<64>::Elf_Swxword addend,
|
||||
typename elfcpp::Elf_types<64>::Elf_Addr address)
|
||||
{
|
||||
typedef typename elfcpp::Swap<32, false>::Valtype Valtype;
|
||||
Valtype* wv = reinterpret_cast<Valtype*>(view);
|
||||
typename elfcpp::Elf_types<64>::Elf_Addr value =
|
||||
psymval->value(object, addend) - address;
|
||||
elfcpp::Swap<32, false>::writeval(wv, value);
|
||||
return (Bits<32>::has_overflow(value)
|
||||
? Base::RELOC_OVERFLOW : Base::RELOC_OK);
|
||||
}
|
||||
};
|
||||
|
||||
// Perform a relocation.
|
||||
|
||||
template<int size>
|
||||
|
|
@ -3364,7 +3410,7 @@ Target_x86_64<size>::Relocate::relocate(
|
|||
typename elfcpp::Elf_types<size>::Elf_Addr address,
|
||||
section_size_type view_size)
|
||||
{
|
||||
typedef Relocate_functions<size, false> Reloc_funcs;
|
||||
typedef X86_64_relocate_functions<size> Reloc_funcs;
|
||||
const elfcpp::Rela<size, false> rela(preloc);
|
||||
unsigned int r_type = elfcpp::elf_r_type<size>(rela.get_r_info());
|
||||
|
||||
|
|
@ -3476,7 +3522,7 @@ Target_x86_64<size>::Relocate::relocate(
|
|||
case elfcpp::R_X86_64_PC32:
|
||||
case elfcpp::R_X86_64_PC32_BND:
|
||||
rstatus = Reloc_funcs::pcrela32_check(view, object, psymval, addend,
|
||||
address, Reloc_funcs::CHECK_SIGNED);
|
||||
address);
|
||||
break;
|
||||
|
||||
case elfcpp::R_X86_64_16:
|
||||
|
|
@ -3507,7 +3553,7 @@ Target_x86_64<size>::Relocate::relocate(
|
|||
// behaves differently because psymval was set to point to
|
||||
// the PLT entry, rather than the symbol, in Scan::global().
|
||||
rstatus = Reloc_funcs::pcrela32_check(view, object, psymval, addend,
|
||||
address, Reloc_funcs::CHECK_SIGNED);
|
||||
address);
|
||||
break;
|
||||
|
||||
case elfcpp::R_X86_64_PLTOFF64:
|
||||
|
|
@ -3532,7 +3578,7 @@ Target_x86_64<size>::Relocate::relocate(
|
|||
gold_assert(gsym);
|
||||
typename elfcpp::Elf_types<size>::Elf_Addr value;
|
||||
value = target->got_plt_section()->address();
|
||||
Reloc_funcs::pcrela32(view, value, addend, address);
|
||||
Reloc_funcs::pcrela32_check(view, value, addend, address);
|
||||
}
|
||||
break;
|
||||
|
||||
|
|
@ -3577,8 +3623,7 @@ Target_x86_64<size>::Relocate::relocate(
|
|||
&& Target_x86_64<size>::can_convert_mov_to_lea(gsym))))
|
||||
{
|
||||
view[-2] = 0x8d;
|
||||
Reloc_funcs::pcrela32(view, object, psymval, addend,
|
||||
address);
|
||||
Reloc_funcs::pcrela32(view, object, psymval, addend, address);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -3596,7 +3641,7 @@ Target_x86_64<size>::Relocate::relocate(
|
|||
}
|
||||
typename elfcpp::Elf_types<size>::Elf_Addr value;
|
||||
value = target->got_plt_section()->address() + got_offset;
|
||||
Reloc_funcs::pcrela32(view, value, addend, address);
|
||||
Reloc_funcs::pcrela32_check(view, value, addend, address);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
|
|
|||
Loading…
Reference in New Issue