https://sourceware.org/bugzilla/show_bug.cgi?id=29872
Bug ID: 29872 Summary: objdump SEGV in display_debug_lines_decoded dwarf.c:5524 (5413) Product: binutils Version: 2.39 Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: 13579and24680 at gmail dot com Target Milestone: --- Created attachment 14492 --> https://sourceware.org/bugzilla/attachment.cgi?id=14492&action=edit Generated by my fuzzer and afl-tmin This is another bug not fixed by previous bug. Reference : https://sourceware.org/bugzilla/show_bug.cgi?id=29870 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f2f58a399cf3f946983398cdfe52d0eaa72bf877 --------------------------------------------------------------------- # version $ ./binutils-gdb/binutils/objdump --version GNU objdump (GNU Binutils) 2.39.50.20221210 Copyright (C) 2022 Free Software Foundation, Inc. This program is free software; you may redistribute it under the terms of the GNU General Public License version 3 or (at your option) any later version. This program has absolutely no warranty. --------------------------------------------------------------------- # make $ git clone git://sourceware.org/git/binutils-gdb.git $ cd binutils-gdb $ ./configure $ make --------------------------------------------------------------------- # crash $ ./binutils-gdb/binutils/objdump -WL poc ./binutils-gdb/binutils/objdump: warning: poc has a section extending past end of file poc: file format elf64-little Contents of the .debug_line section: ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb/binutils/objdump: Warning: Unrecognized form: 0x30 (null): File name Line number Starting address View Stmt fish: Job 1, './binutils-gdb/binutils/objdump…' terminated by signal SIGSEGV (Address boundary error) --------------------------------------------------------------------- # ASAN report $ ./binutils-gdb_asan_no_fuzz/binutils/objdump -WL poc ./binutils-gdb_asan_no_fuzz/binutils/objdump: warning: poc has a section extending past end of file poc: file format elf64-little Contents of the .debug_line section: ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 ./binutils-gdb_asan_no_fuzz/binutils/objdump: Warning: Unrecognized form: 0x30 (null): File name Line number Starting address View Stmt AddressSanitizer:DEADLYSIGNAL ================================================================= ==807239==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f6c4871a6e5 bp 0x7ffca38a0580 sp 0x7ffca389fcf8 T0) ==807239==The signal is caused by a READ memory access. ==807239==Hint: address points to the zero page. #0 0x7f6c4871a6e4 (/lib/x86_64-linux-gnu/libc.so.6+0x1886e4) #1 0x7f6c487f190b in __interceptor_strlen ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:352 #2 0x55d8a2ccd94d in display_debug_lines_decoded dwarf.c:5524 #3 0x55d8a2cce061 in display_debug_lines dwarf.c:5655 #4 0x55d8a2ca38c4 in dump_dwarf_section objdump.c:4396 #5 0x55d8a2df215d in bfd_map_over_sections /home/a13579/fuzz_binutils-gdb/binutils-gdb_asan_no_fuzz/bfd/section.c:1366 #6 0x55d8a2ca3af3 in dump_dwarf objdump.c:4434 #7 0x55d8a2caa110 in dump_bfd objdump.c:5636 #8 0x55d8a2caa4e5 in display_object_bfd objdump.c:5715 #9 0x55d8a2caa816 in display_any_bfd objdump.c:5801 #10 0x55d8a2caa890 in display_file objdump.c:5822 #11 0x55d8a2cac1b9 in main objdump.c:6230 #12 0x7f6c485b6082 in __libc_start_main ../csu/libc-start.c:308 #13 0x55d8a2c9039d in _start (/home/a13579/fuzz_binutils-gdb/binutils-gdb_asan_no_fuzz/binutils/objdump+0x13b39d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x1886e4) ==807239==ABORTING --------------------------------------------------------------------- # ASAN report after apply previous patch $ ./binutils-gdb_patch/binutils/objdump -WL poc (... output too long ignore) AddressSanitizer:DEADLYSIGNAL ================================================================= ==892104==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fae5f20f616 bp 0x7ffd81cb2ae0 sp 0x7ffd81cb2208 T0) ==892104==The signal is caused by a READ memory access. ==892104==Hint: address points to the zero page. #0 0x7fae5f20f615 in __sanitizer::internal_strlen(char const*) ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cc:164 #1 0x7fae5f186174 in printf_common ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors_format.inc:544 #2 0x7fae5f186dec in __interceptor_vprintf ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1600 #3 0x7fae5f186ee6 in __interceptor_printf ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1658 #4 0x5643efc7cdff in display_debug_lines_decoded dwarf.c:5413 #5 0x5643efc7e074 in display_debug_lines dwarf.c:5655 #6 0x5643efc538c4 in dump_dwarf_section objdump.c:4396 #7 0x5643efda2170 in bfd_map_over_sections /home/a13579/fuzz_binutils-gdb/binutils-gdb_patch/bfd/section.c:1366 #8 0x5643efc53af3 in dump_dwarf objdump.c:4434 #9 0x5643efc5a110 in dump_bfd objdump.c:5636 #10 0x5643efc5a4e5 in display_object_bfd objdump.c:5715 #11 0x5643efc5a816 in display_any_bfd objdump.c:5801 #12 0x5643efc5a890 in display_file objdump.c:5822 #13 0x5643efc5c1b9 in main objdump.c:6230 #14 0x7fae5ef15082 in __libc_start_main ../csu/libc-start.c:308 #15 0x5643efc4039d in _start (/home/a13579/fuzz_binutils-gdb/binutils-gdb_patch/binutils/objdump+0x13b39d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cc:164 in __sanitizer::internal_strlen(char const*) ==892104==ABORTING -- You are receiving this mail because: You are on the CC list for the bug.