[Bug gold/26748] New: SEGV on initialize

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug gold/26748] New: SEGV on initialize_shnum(dwp.cc:806)

From:	2060909445 at qq dot com
Subject:	[Bug gold/26748] New: SEGV on initialize_shnum(dwp.cc:806)
Date:	Sun, 18 Oct 2020 04:29:35 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=26748

            Bug ID: 26748
           Summary: SEGV on initialize_shnum(dwp.cc:806)
           Product: binutils
           Version: 2.35
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: gold
          Assignee: ccoutant at gmail dot com
          Reporter: 2060909445 at qq dot com
                CC: ian at airs dot com
  Target Milestone: ---

Created attachment 12906
  --> https://sourceware.org/bugzilla/attachment.cgi?id=12906&action=edit
a file that makes crash

binutils 2.35 on centos linux 7.7.1908

It can be reproduced by: 
dwp poc -o ./test_out

information below from valgrind:
==4157== Invalid read of size 8
==4157==    at 0x40C088: elfcpp::Elf_file<64, false,
gold::Object>::initialize_shnum() [clone .part.452] (elfcpp_file.h:443)
==4157==    by 0x4B4787: initialize_shnum (dwp.cc:806)
==4157==    by 0x4B4787: shnum (elfcpp_file.h:143)
==4157==    by 0x4B4787: gold::Sized_relobj_dwo<64, false>::setup()
(dwp.cc:778)
==4157==    by 0x41438F: sized_make_object<64, false> (dwp.cc:1106)
==4157==    by 0x41438F: gold::Dwo_file::make_object(gold::Dwp_output_file*)
(dwp.cc:1086)
==4157==    by 0x41AD03: gold::Dwo_file::read(gold::Dwp_output_file*)
(dwp.cc:888)
==4157==    by 0x40A62F: main (dwp.cc:2446)
==4157==  Address 0x96969611036b2309 is not stack'd, malloc'd or (recently)
free'd
==4157==
==4157==
==4157== Process terminating with default action of signal 11 (SIGSEGV)
==4157==  General Protection Fault
==4157==    at 0x40C088: elfcpp::Elf_file<64, false,
gold::Object>::initialize_shnum() [clone .part.452] (elfcpp_file.h:443)
==4157==    by 0x4B4787: initialize_shnum (dwp.cc:806)
==4157==    by 0x4B4787: shnum (elfcpp_file.h:143)
==4157==    by 0x4B4787: gold::Sized_relobj_dwo<64, false>::setup()
(dwp.cc:778)
==4157==    by 0x41438F: sized_make_object<64, false> (dwp.cc:1106)
==4157==    by 0x41438F: gold::Dwo_file::make_object(gold::Dwp_output_file*)
(dwp.cc:1086)
==4157==    by 0x41AD03: gold::Dwo_file::read(gold::Dwp_output_file*)
(dwp.cc:888)
==4157==    by 0x40A62F: main (dwp.cc:2446)
==4157==
==4157== HEAP SUMMARY:
==4157==     in use at exit: 32,377 bytes in 759 blocks
==4157==   total heap usage: 824 allocs, 65 frees, 43,697 bytes allocated
==4157==
==4157== LEAK SUMMARY:
==4157==    definitely lost: 0 bytes in 0 blocks
==4157==    indirectly lost: 0 bytes in 0 blocks
==4157==      possibly lost: 0 bytes in 0 blocks
==4157==    still reachable: 32,377 bytes in 759 blocks
==4157==                       of which reachable via heuristic:
==4157==                         stdstring          : 27,229 bytes in 717
blocks
==4157==         suppressed: 0 bytes in 0 blocks
==4157== Rerun with --leak-check=full to see details of leaked memory
==4157==
==4157== For lists of detected and suppressed errors, rerun with: -s
==4157== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug gold/26748] New: SEGV on initialize_shnum(dwp.cc:806), 2060909445 at qq dot com <=

Prev by Date: [Bug gold/26747] New: SEGV on convert_host(elfcpp_swap.h:194)
Next by Date: [Bug gold/26747] SEGV on convert_host(elfcpp_swap.h:194)
Previous by thread: [Bug gold/26747] New: SEGV on convert_host(elfcpp_swap.h:194)
Next by thread: [Bug gas/26753] New: aarch64: Internal error in ldst_lo12_determine_real_reloc_type
Index(es):
- Date
- Thread