http://sourceware.org/bugzilla/show_bug.cgi?id=13449
Bug #: 13449
Summary: ARM: Unwind tables are created based on uninitialized
memory
Product: binutils
Version: 2.23 (HEAD)
Status: NEW
Severity: critical
Priority: P2
Component: gas
AssignedTo: unassig...@sourceware.org
ReportedBy: ag...@suse.de
CC: m...@suse.de, rguent...@suse.de
Classification: Unclassified
Host: ARMv7 with HF
Target: ARMv7 with HF
Hi,
While building packages for openSUSE-ARM, we realized that every time a program
wanted to throw an exception, hell broke lose. After a lot of debugging and
valgrind'ing, we found out that the ARM unwind tables contain garbage because
they get written out without being initialized to 0.
A simple failing test program:
#include <stdio.h>
int main(int argc, char **argv)
{
try { throw -1; }
catch (int) { fprintf(stderr, "We caught an exception of type int\n"); }
return 0;
}
Working test output:
We caught an exception of type int
Working unwind tables:
0x8640 <main>: @0x8734
Personality routine: 0x85bc <__gxx_personality_v0@@CXXABI_1.3>
0x97 vsp = r7
0x03 vsp = vsp + 16
0x84 0x08 pop {r7, r14}
0xb0 finish
0xb0 finish
0xb0 finish
Failing test output:
terminate called after throwing an instance of 'int'
terminate called recursively
Aborted (core dumped)
Failing unwind tables:
0x8634 <main>: 0xffffffd0
Compact model 127
[reserved]
valgrind output of gas:
==2009== Syscall param write(buf) points to uninitialised byte(s)
==2009== at 0x48EE56C: write (in /lib/libc-2.14.1.so)
==2009== by 0x48B51BB: _IO_file_write@@GLIBC_2.4 (fileops.c:1281)
==2009== by 0x48B510F: new_do_write (fileops.c:535)
==2009== by 0x48B5E1D: _IO_do_write@@GLIBC_2.4 (fileops.c:508)
==2009== by 0x48B6907: _IO_switch_to_get_mode (genops.c:189)
==2009== by 0x48B52D3: _IO_file_seekoff@@GLIBC_2.4 (fileops.c:991)
==2009== by 0x48AF0AB: _IO_seekoff_unlocked (ioseekoff.c:71)
==2009== by 0x48B4031: fseeko64 (fseeko64.c:42)
==2009== by 0x73A79: bfd_seek (bfdio.c:315)
==2009== by 0x5CB6F: _bfd_elf_write_object_contents (elf.c:5217)
==2009== by 0x4099F: bfd_close (opncls.c:701)
==2009== by 0x16E51: output_file_close (output-file.c:65)
==2009== Address 0x4d500d7 is not stack'd, malloc'd or (recently) free'd
==2009== Uninitialised value was created by a heap allocation
==2009== at 0x482F694: malloc (vg_replace_malloc.c:263)
==2009== by 0x7F353: xmalloc (xmalloc.c:147)
==2009== by 0x48BE1D7: _obstack_begin (obstack.c:186)
==2009== by 0x1C3E9: subseg_set_rest (subsegs.c:110)
==2009== by 0x1C50D: subseg_force_new (subsegs.c:195)
==2009== by 0x3B257: obj_elf_change_section (obj-elf.c:583)
==2009== by 0x25A47: start_unwind_section (tc-arm.c:19828)
==2009== by 0x3240D: create_unwind_entry (tc-arm.c:19857)
==2009== by 0x1B59D: read_a_source_file (read.c:919)
==2009== by 0xAEC1: main (as.c:1089)
We also created a temporary patch to make it work by just initializing all
memory properly:
Index: libiberty/xmalloc.c
===================================================================
--- libiberty/xmalloc.c.orig
+++ libiberty/xmalloc.c
@@ -60,6 +60,7 @@ function will be called to print an erro
*/
+#include <string.h>
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
@@ -145,6 +146,7 @@ xmalloc (size_t size)
if (size == 0)
size = 1;
newmem = malloc (size);
+ memset(newmem, 0, size);
if (!newmem)
xmalloc_failed (size);
With that patch applied, unwind tables are created successfully.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils
