Bug 1332145
| Summary: | A approximate infinite loop bugs in dwarf_get_aranges_list() | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | lieanu <liuyue0310> | ||||
| Component: | libdwarf | Assignee: | Tom Hughes <tom> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | rawhide | CC: | orion, tom | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | libdwarf-20160507-1.fc24 | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2016-05-12 16:13:46 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
libdwarf-20160507-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-f36c5935e5 libdwarf-20160507-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-f36c5935e5 libdwarf-20160507-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report. |
Created attachment 1152901 [details] Infinit Loop bug Hi, I have informed this bug to upstream, reporting it here just for bug tracking, thanks. A approximate infinite loop bugs in latest dwarf git code. Bug in the while loop of dwarf_arange.c:251(latest git code). The context: gef> info b 8 breakpoint keep y 0x00002aaaaacdd54d in dwarf_get_aranges_list at dwarf_arange.c:166 breakpoint already hit 100001 times gef> p arange_ptr_past_end $9 = (Dwarf_Small *) 0xe965f040 <error: Cannot access memory at address 0xe965f040> gef> p arange_ptr $10 = (Dwarf_Small *) 0x722520 "" gef> p range_entry_size $11 = 8 gef> p address_size $12 = 4 '\004' gef> bt #0 dwarf_get_aranges_list (dbg=dbg@entry=0x654df0, chain_out=chain_out@entry=0x7fffffffda08, chain_count_out=chain_count_out@entry=0x7fffffffda00, error=error@entry=0x7fffffffda98) at dwarf_arange.c:179 #1 0x00002aaaaacdd8c3 in dwarf_get_aranges (dbg=dbg@entry=0x654df0, aranges=aranges@entry=0x7fffffffda90, returned_count=returned_count@entry=0x7fffffffda88, error=error@entry=0x7fffffffda98) at dwarf_arange.c:302 #2 0x000000000040f23b in print_aranges (dbg=0x654df0) at print_aranges.c:140 #3 0x0000000000407c8e in process_one_file (l_config_file_data=0x63bda0 <g_config_file_data>, archive=0, tied_file_name=0x0, file_name=0x654030 "collect_dir/crash423", elftied=0x0, elf=<optimized out>) at dwarfdump.c:1401 #4 main (argc=<optimized out>, argv=<optimized out>) at dwarfdump.c:645 After 100001 times loop, there are still need to loop (0xe965f040 - 0x722520 - 8)/4 = 977072838 times, It’s a huge number, should be prevented.