[valgrind] [Bug 393062] New: Reading build-id ELF note through phdrs triggers "debuginfo reader: ensure_valid failed"

Thu, 12 Apr 2018 12:50:15 -0700 

https://bugs.kde.org/show_bug.cgi?id=393062

            Bug ID: 393062
           Summary: Reading build-id ELF note through phdrs triggers
                    "debuginfo reader: ensure_valid failed"
           Product: valgrind
           Version: unspecified
          Platform: Other
               URL: https://bugzilla.redhat.com/show_bug.cgi?id=1566639
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: NOR
         Component: general
          Assignee: jsew...@acm.org
          Reporter: m...@klomp.org
  Target Milestone: ---

Reported against the Fedora valgrind package.

valgrind /usr/bin/Xvfb :10
==7018== Memcheck, a memory error detector
==7018== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==7018== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==7018== Command: ./build/hw/vfb/Xvfb :10
==7018== 
==7018== Valgrind: debuginfo reader: ensure_valid failed:
==7018== Valgrind:   during call to ML_(img_get)
==7018== Valgrind:   request for range [460632, +12) exceeds
==7018== Valgrind:   valid image size of 333064 for image:
==7018== Valgrind:  
"/usr/lib/debug/.build-id/3e/30f2307639da3a66b4c72c310049c659461253.debug"
==7018== 
==7018== Valgrind: debuginfo reader: Possibly corrupted debuginfo file.
==7018== Valgrind: I can't recover.  Giving up.  Sorry.
==7018== 

The issue is triggered when trying to read the build-id from a .debug file
through the phdrs. The phdrs in a .debug file might not be valid (they are a
copy of the main ELF file) and so even if a build-id is found it might be
invalid (but we might not know). We really shouldn't even try.

This patch fixes the issue:

diff --git a/coregrind/m_debuginfo/readelf.c b/coregrind/m_debuginfo/readelf.c
index 70c28e629..8bd3e049c 100644
--- a/coregrind/m_debuginfo/readelf.c
+++ b/coregrind/m_debuginfo/readelf.c
@@ -1137,7 +1137,11 @@ HChar* find_buildid(DiImage* img, Bool rel_ok, Bool
search_shdrs)

       ElfXX_Ehdr ehdr;
       ML_(img_get)(&ehdr, img, 0, sizeof(ehdr));
-      for (i = 0; i < ehdr.e_phnum; i++) {
+      /* Skip the phdrs when we have to search the shdrs. In separate
+         .debug files the phdrs might not be valid (they are a copy of
+         the main ELF file) and might trigger assertions when getting
+        image notes based on them. */
+      for (i = 0; !search_shdrs && i < ehdr.e_phnum; i++) {
          ElfXX_Phdr phdr;
          ML_(img_get)(&phdr, img,
                       ehdr.e_phoff + i * ehdr.e_phentsize, sizeof(phdr));

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to