bug-binutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug gas/13449] New: ARM: Unwind tables are created based on uninitializ


From: agraf at suse dot de
Subject: [Bug gas/13449] New: ARM: Unwind tables are created based on uninitialized memory
Date: Tue, 29 Nov 2011 12:32:22 +0000

http://sourceware.org/bugzilla/show_bug.cgi?id=13449

             Bug #: 13449
           Summary: ARM: Unwind tables are created based on uninitialized
                    memory
           Product: binutils
           Version: 2.23 (HEAD)
            Status: NEW
          Severity: critical
          Priority: P2
         Component: gas
        AssignedTo: address@hidden
        ReportedBy: address@hidden
                CC: address@hidden, address@hidden
    Classification: Unclassified
              Host: ARMv7 with HF
            Target: ARMv7 with HF


Hi,

While building packages for openSUSE-ARM, we realized that every time a program
wanted to throw an exception, hell broke lose. After a lot of debugging and
valgrind'ing, we found out that the ARM unwind tables contain garbage because
they get written out without being initialized to 0.

A simple failing test program:

#include <stdio.h>

int main(int argc, char **argv)
{
  try { throw -1; }
  catch (int) { fprintf(stderr, "We caught an exception of type int\n"); }
  return 0;
}

Working test output:

  We caught an exception of type int

Working unwind tables:

0x8640 <main>: @0x8734
  Personality routine: 0x85bc <__gxx_personality_v0@@CXXABI_1.3>
  0x97      vsp = r7
  0x03      vsp = vsp + 16
  0x84 0x08 pop {r7, r14}
  0xb0      finish
  0xb0      finish
  0xb0      finish

Failing test output:

  terminate called after throwing an instance of 'int'
  terminate called recursively
  Aborted (core dumped)

Failing unwind tables:

0x8634 <main>: 0xffffffd0
  Compact model 127
  [reserved]



valgrind output of gas:

==2009== Syscall param write(buf) points to uninitialised byte(s)
==2009==    at 0x48EE56C: write (in /lib/libc-2.14.1.so)
==2009==    by 0x48B51BB: _IO_file_write@@GLIBC_2.4 (fileops.c:1281)
==2009==    by 0x48B510F: new_do_write (fileops.c:535)
==2009==    by 0x48B5E1D: _IO_do_write@@GLIBC_2.4 (fileops.c:508)
==2009==    by 0x48B6907: _IO_switch_to_get_mode (genops.c:189)
==2009==    by 0x48B52D3: _IO_file_seekoff@@GLIBC_2.4 (fileops.c:991)
==2009==    by 0x48AF0AB: _IO_seekoff_unlocked (ioseekoff.c:71)
==2009==    by 0x48B4031: fseeko64 (fseeko64.c:42)
==2009==    by 0x73A79: bfd_seek (bfdio.c:315)
==2009==    by 0x5CB6F: _bfd_elf_write_object_contents (elf.c:5217)
==2009==    by 0x4099F: bfd_close (opncls.c:701)
==2009==    by 0x16E51: output_file_close (output-file.c:65)
==2009==  Address 0x4d500d7 is not stack'd, malloc'd or (recently) free'd
==2009==  Uninitialised value was created by a heap allocation
==2009==    at 0x482F694: malloc (vg_replace_malloc.c:263)
==2009==    by 0x7F353: xmalloc (xmalloc.c:147)
==2009==    by 0x48BE1D7: _obstack_begin (obstack.c:186)
==2009==    by 0x1C3E9: subseg_set_rest (subsegs.c:110)
==2009==    by 0x1C50D: subseg_force_new (subsegs.c:195)
==2009==    by 0x3B257: obj_elf_change_section (obj-elf.c:583)
==2009==    by 0x25A47: start_unwind_section (tc-arm.c:19828)
==2009==    by 0x3240D: create_unwind_entry (tc-arm.c:19857)
==2009==    by 0x1B59D: read_a_source_file (read.c:919)
==2009==    by 0xAEC1: main (as.c:1089)


We also created a temporary patch to make it work by just initializing all
memory properly:

Index: libiberty/xmalloc.c
===================================================================
--- libiberty/xmalloc.c.orig
+++ libiberty/xmalloc.c
@@ -60,6 +60,7 @@ function will be called to print an erro

 */

+#include <string.h>
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
@@ -145,6 +146,7 @@ xmalloc (size_t size)
   if (size == 0)
     size = 1;
   newmem = malloc (size);
+  memset(newmem, 0, size);
   if (!newmem)
     xmalloc_failed (size);


With that patch applied, unwind tables are created successfully.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]