[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/25070] New: SEGV in function _bfd_dwarf2_find_nearest_line
From: |
bugzilla.sourceware at qiushi dot ac.cn |
Subject: |
[Bug binutils/25070] New: SEGV in function _bfd_dwarf2_find_nearest_line |
Date: |
Mon, 07 Oct 2019 16:33:50 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=25070
Bug ID: 25070
Summary: SEGV in function _bfd_dwarf2_find_nearest_line
Product: binutils
Version: 2.34 (HEAD)
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: bugzilla.sourceware at qiushi dot ac.cn
Target Milestone: ---
Created attachment 12025
--> https://sourceware.org/bugzilla/attachment.cgi?id=12025&action=edit
poc file
I'm using latest binutils-gdb to fuzz, and find some crashes.
git version: 816228ed09dc867fa16dc5458277d649885d98fe
```
# ./nm-new -A -a -l -S -s --special-syms --synthetic --with-symbol-versions -D
poc1_segv__bfd_dwarf2_find_nearest_line
/d/p/aflasan/binutils-latest/nm-new: warning:
poc1_segv__bfd_dwarf2_find_nearest_line has a corrupt section with a size
(1e0000000008) larger than the file size
/d/p/aflasan/binutils-latest/nm-new: warning:
poc1_segv__bfd_dwarf2_find_nearest_line has a corrupt section with a size
(2aaaabac4ec1) larger than the file size
/d/p/aflasan/binutils-latest/nm-new: warning:
poc1_segv__bfd_dwarf2_find_nearest_line has a corrupt section with a size
(ffffd5555453b140) larger than the file size
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
unknown type [0xff000001] section `.debug_aranges'
/d/p/aflasan/binutils-latest/nm-new: warning:
poc1_segv__bfd_dwarf2_find_nearest_line has a corrupt section with a size
(1e0000000008) larger than the file size
/d/p/aflasan/binutils-latest/nm-new: warning:
poc1_segv__bfd_dwarf2_find_nearest_line has a corrupt section with a size
(2aaaabac4ec1) larger than the file size
/d/p/aflasan/binutils-latest/nm-new: warning:
poc1_segv__bfd_dwarf2_find_nearest_line has a corrupt section with a size
(ffffd5555453b140) larger than the file size
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
warning: sh_link not set for section `.debug_aranges'
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
version count (11) does not match symbol count (16)
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
attempt to load strings from a non-string section (number 0)
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
attempt to load strings from a non-string section (number 0)
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
attempt to load strings from a non-string section (number 0)
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
attempt to load strings from a non-string section (number 0)
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
attempt to load strings from a non-string section (number 0)
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
attempt to load strings from a non-string section (number 0)
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
attempt to load strings from a non-string section (number 0)
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
attempt to load strings from a non-string section (number 0)
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
attempt to load strings from a non-string section (number 0)
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
attempt to load strings from a non-string section (number 0)
/d/p/aflasan/binutils-latest/nm-new: poc1_segv__bfd_dwarf2_find_nearest_line:
attempt to load strings from a non-string section (number 0)
ASAN:SIGSEGV
=================================================================
==45359==ERROR: AddressSanitizer: SEGV on unknown address 0x000000007200 (pc
0x0000006aa438 bp 0x0ffffffffb7e sp 0x7fffffffdb50 T0)
#0 0x6aa437 in _bfd_dwarf2_find_nearest_line dwarf2.c:4724
#1 0x5862a1 in _bfd_elf_find_nearest_line
/d/prog/binutils-gdb/bfd/elf.c:9005
#2 0x40da6e in print_symbol /d/prog/binutils-gdb/binutils/nm.c:1008
#3 0x40ed78 in print_symbols /d/prog/binutils-gdb/binutils/nm.c:1088
#4 0x40ed78 in display_rel_file /d/prog/binutils-gdb/binutils/nm.c:1210
#5 0x4119f5 in display_file /d/prog/binutils-gdb/binutils/nm.c:1377
#6 0x407bc7 in main /d/prog/binutils-gdb/binutils/nm.c:1858
#7 0x7ffff6679b96 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
#8 0x409958 in _start (/d/p/aflasan/binutils-latest/nm-new+0x409958)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV dwarf2.c:4724 _bfd_dwarf2_find_nearest_line
==45359==ABORTING
```
Reproducible docker image has been pushed to
`zjuchenyuan/dockerized_poc:binutils-pocs`
Dockerfile:
```
FROM zjuchenyuan/afl
ENV AFL_USE_ASAN=1
RUN git clone git://sourceware.org/git/binutils-gdb.git --depth 50 &&\
cd binutils-gdb &&\
git checkout 816228ed09dc867fa16dc5458277d649885d98fe &&\
./configure --disable-shared &&\
for i in bfd libiberty opcodes libctf; do cd $i; ./configure
--disable-shared && make -j; cd ..; done &&\
cd binutils &&\
./configure --disable-shared &&\
make objdump nm-new size readelf cxxfilt
RUN apt install -y gdb &&\
echo -e "set pagination off\nset confirm off" > /root/.gdbinit
ADD . /
RUN ./binutils-gdb/binutils/nm-new -A -a -l -S -s --special-syms --synthetic
--with-symbol-versions -D poc1_segv__bfd_dwarf2_find_nearest_line || exit 0
```
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/25070] New: SEGV in function _bfd_dwarf2_find_nearest_line,
bugzilla.sourceware at qiushi dot ac.cn <=
- [Bug binutils/25070] SEGV in function _bfd_dwarf2_find_nearest_line, amodra at gmail dot com, 2019/10/08
- [Bug binutils/25070] SEGV in function _bfd_dwarf2_find_nearest_line, amodra at gmail dot com, 2019/10/08
- [Bug binutils/25070] SEGV in function _bfd_dwarf2_find_nearest_line, amodra at gmail dot com, 2019/10/08
- [Bug binutils/25070] SEGV in function _bfd_dwarf2_find_nearest_line, cvs-commit at gcc dot gnu.org, 2019/10/09
- [Bug binutils/25070] SEGV in function _bfd_dwarf2_find_nearest_line, amodra at gmail dot com, 2019/10/09
- [Bug binutils/25070] SEGV in function _bfd_dwarf2_find_nearest_line, trupti_pardeshi at persistent dot co.in, 2019/10/23
- [Bug binutils/25070] SEGV in function _bfd_dwarf2_find_nearest_line, nickc at redhat dot com, 2019/10/24
- [Bug binutils/25070] SEGV in function _bfd_dwarf2_find_nearest_line, trupti_pardeshi at persistent dot co.in, 2019/10/24