bug-binutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/15157] New: readelf crash (double free?)


From: paul.marinescu at imperial dot ac.uk
Subject: [Bug binutils/15157] New: readelf crash (double free?)
Date: Tue, 19 Feb 2013 11:00:37 +0000

http://sourceware.org/bugzilla/show_bug.cgi?id=15157

             Bug #: 15157
           Summary: readelf crash (double free?)
           Product: binutils
           Version: 2.23
            Status: NEW
          Severity: normal
          Priority: P2
         Component: binutils
        AssignedTo: address@hidden
        ReportedBy: address@hidden
    Classification: Unclassified


Created attachment 6878
  --> http://sourceware.org/bugzilla/attachment.cgi?id=6878
bug trigger. readelf -wR buggy1.o

I came across a bug which in readelf which seems to be present in
2.23.52.20130219 as well. I attached the input file to reproduce. The output on
my machine (64bit Fedora 16) is

$ binutils/readelf -wR buggy1.o 
Contents of the .debug_ranges section:

    Offset   Begin    End
    00000000 00000000 00000002 
    00000000 <End of list>
    00000010 00000000 00000002 
    00000010 <End of list>

*** glibc detected *** binutils/readelf: double free or corruption (out):
0x000000000179e630 ***
======= Backtrace: =========
/lib64/libc.so.6[0x376887da76]
/lib64/libc.so.6[0x376887ed5e]
binutils/readelf[0x41ce33]
binutils/readelf[0x41d452]
binutils/readelf[0x41eb12]
binutils/readelf[0x420e9c]
/lib64/libc.so.6(__libc_start_main+0xed)[0x376882169d]
binutils/readelf[0x401799]
======= Memory map: ========
00400000-0045f000 r-xp 00000000 fd:00 2771716                           
/home/pdm110/binutils-latest/binutils/readelf
0045f000-00462000 rw-p 0005e000 fd:00 2771716                           
/home/pdm110/binutils-latest/binutils/readelf
00462000-00464000 rw-p 00000000 00:00 0 
0179c000-017bd000 rw-p 00000000 00:00 0                                  [heap]
3768400000-3768422000 r-xp 00000000 fd:03 2883586                       
/lib64/ld-2.14.90.so
3768621000-3768622000 r--p 00021000 fd:03 2883586                       
/lib64/ld-2.14.90.so
3768622000-3768623000 rw-p 00022000 fd:03 2883586                       
/lib64/ld-2.14.90.so
3768623000-3768624000 rw-p 00000000 00:00 0 
3768800000-37689ad000 r-xp 00000000 fd:03 2883587                       
/lib64/libc-2.14.90.so
37689ad000-3768bad000 ---p 001ad000 fd:03 2883587                       
/lib64/libc-2.14.90.so
3768bad000-3768bb1000 r--p 001ad000 fd:03 2883587                       
/lib64/libc-2.14.90.so
3768bb1000-3768bb3000 rw-p 001b1000 fd:03 2883587                       
/lib64/libc-2.14.90.so
3768bb3000-3768bb8000 rw-p 00000000 00:00 0 
3769c00000-3769c17000 r-xp 00000000 fd:03 2883596                       
/lib64/libz.so.1.2.5
3769c17000-3769e16000 ---p 00017000 fd:03 2883596                       
/lib64/libz.so.1.2.5
3769e16000-3769e17000 rw-p 00016000 fd:03 2883596                       
/lib64/libz.so.1.2.5
376a000000-376a015000 r-xp 00000000 fd:03 2883600                       
/lib64/libgcc_s-4.6.3-20120306.so.1
376a015000-376a214000 ---p 00015000 fd:03 2883600                       
/lib64/libgcc_s-4.6.3-20120306.so.1
376a214000-376a215000 rw-p 00014000 fd:03 2883600                       
/lib64/libgcc_s-4.6.3-20120306.so.1
7f6ab5120000-7f6ab5222000 rw-p 00000000 00:00 0 
7f6ab5222000-7f6abb645000 r--p 00000000 fd:03 1069018                   
/usr/lib/locale/locale-archive
7f6abb645000-7f6abb648000 rw-p 00000000 00:00 0 
7f6abb65c000-7f6abb65d000 rw-p 00000000 00:00 0 
7fff7834e000-7fff7836f000 rw-p 00000000 00:00 0                         
[stack]
7fff783ff000-7fff78400000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                 
[vsyscall]
Aborted


objdump on the other hand seems to be fine. binutils/objdump -WR buggy1.o says

Can't get contents for section '.debug_ranges'.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]