[Bug binutils/15202] New: display_debug_lines invalid memory access

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/15202] New: display_debug_lines invalid memory access

From:	paul.marinescu at imperial dot ac.uk
Subject:	[Bug binutils/15202] New: display_debug_lines invalid memory access
Date:	Tue, 26 Feb 2013 17:55:12 +0000

http://sourceware.org/bugzilla/show_bug.cgi?id=15202

             Bug #: 15202
           Summary: display_debug_lines invalid memory access
           Product: binutils
           Version: 2.23
            Status: NEW
          Severity: normal
          Priority: P2
         Component: binutils
        AssignedTo: address@hidden
        ReportedBy: address@hidden
    Classification: Unclassified


Created attachment 6900
  --> http://sourceware.org/bugzilla/attachment.cgi?id=6900
valgrind readelf -wL decodedline.o

readelf and objdump may access invalid memory when trying to display the
debug_line section. I attached below a sample output and the file used.

The problems seems to be related to inconsistent li_opcode_base fields. I used
binutils version 2.23.52.20130219 on an x64 machine.


==29732== Memcheck, a memory error detector
==29732== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==29732== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==29732== Command: /home/pdm/binutils/binutils/readelf -wL decodedline.o
==29732== 
Decoded dump of debug contents of section .debug_line:

CU: ./dw2-decodedline.c:
File name                            Line number    Starting address

directory/file1.c:
file1.c                                        1                   0


./dw2-decodedline.c:[++]
dw2-decodedline.c                              2                 0x1
==29732== Invalid read of size 1
==29732==    at 0x4237F0: read_leb128 (dwarf.c:208)
==29732==    by 0x4264D6: display_debug_lines (dwarf.c:2977)
==29732==    by 0x41D423: process_section_contents (readelf.c:10985)
==29732==    by 0x41EB11: process_object (readelf.c:13707)
==29732==    by 0x420E9B: main (readelf.c:14078)
==29732==  Address 0x4c2894e is 0 bytes after a block of size 94 alloc'd
==29732==    at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==29732==    by 0x402C2C: get_data (readelf.c:325)
==29732==    by 0x4133E8: load_specific_debug_section (readelf.c:10869)
==29732==    by 0x41D217: process_section_contents (readelf.c:10978)
==29732==    by 0x41EB11: process_object (readelf.c:13707)
==29732==    by 0x420E9B: main (readelf.c:14078)
==29732== 
==29732== Invalid read of size 1
==29732==    at 0x4237F0: read_leb128 (dwarf.c:208)
==29732==    by 0x4264F5: display_debug_lines (dwarf.c:2981)
==29732==    by 0x41D423: process_section_contents (readelf.c:10985)
==29732==    by 0x41EB11: process_object (readelf.c:13707)
==29732==    by 0x420E9B: main (readelf.c:14078)
==29732==  Address 0x4c2894f is 1 bytes after a block of size 94 alloc'd
==29732==    at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==29732==    by 0x402C2C: get_data (readelf.c:325)
==29732==    by 0x4133E8: load_specific_debug_section (readelf.c:10869)
==29732==    by 0x41D217: process_section_contents (readelf.c:10978)
==29732==    by 0x41EB11: process_object (readelf.c:13707)
==29732==    by 0x420E9B: main (readelf.c:14078)
==29732== 
==29732== Invalid read of size 1
==29732==    at 0x4237F0: read_leb128 (dwarf.c:208)
==29732==    by 0x426511: display_debug_lines (dwarf.c:2985)
==29732==    by 0x41D423: process_section_contents (readelf.c:10985)
==29732==    by 0x41EB11: process_object (readelf.c:13707)
==29732==    by 0x420E9B: main (readelf.c:14078)
==29732==  Address 0x4c28950 is 2 bytes after a block of size 94 alloc'd
==29732==    at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==29732==    by 0x402C2C: get_data (readelf.c:325)
==29732==    by 0x4133E8: load_specific_debug_section (readelf.c:10869)
==29732==    by 0x41D217: process_section_contents (readelf.c:10978)
==29732==    by 0x41EB11: process_object (readelf.c:13707)
==29732==    by 0x420E9B: main (readelf.c:14078)
==29732== 

==29732== 
==29732== HEAP SUMMARY:
==29732==     in use at exit: 0 bytes in 0 blocks
==29732==   total heap usage: 83 allocs, 83 frees, 15,230 bytes allocated
==29732== 
==29732== All heap blocks were freed -- no leaks are possible
==29732== 
==29732== For counts of detected and suppressed errors, rerun with: -v
==29732== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 2 from 2)

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/15202] New: display_debug_lines invalid memory access, paul.marinescu at imperial dot ac.uk <=

Prev by Date: [Bug binutils/15201] New: readelf invalid memory accesses (debug ranges)
Next by Date: [Bug binutils/15204] New: dwz causes addr2line to spew out errors
Previous by thread: [Bug binutils/15201] New: readelf invalid memory accesses (debug ranges)
Next by thread: [Bug binutils/15204] New: dwz causes addr2line to spew out errors
Index(es):
- Date
- Thread