Bug 476136

Summary: Various SEGVs and ABRTs on binutils testcases
Product: [Fedora] Fedora Reporter: Roland McGrath <roland>
Component: elfutilsAssignee: Roland McGrath <roland>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 10CC: pmachata, roland
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-07-23 19:38:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 470055    

Description Roland McGrath 2008-12-12 04:04:10 UTC 
+++ This bug was initially created as a clone of Bug #470055 +++

Description of problem:
For testing binutils, I have gathered a collection of various crashers, which I use for regression testing. As part of testing errata for rhel5.3, I ported this testsuite for elfutils, and few of the crashers do indeed crash various elfutils too. 

Version-Release number of selected component (if applicable):
elfutils-0.137-3.el5 (RHEL5.3) on all architecture

How reproducible:
always

Steps to Reproduce:
1. $ eu-nm ./corrupt_dwarf
Segmentation fault

2. $ eu-nm -D ./strings.072
Segmentation fault

3. $ eu-strip -o xxx ./try.out
*** glibc detected *** eu-strip: munmap_chunk(): invalid pointer: 0x00007f3c95545010 ***
======= Backtrace: =========
/lib64/libc.so.6[0x3872478228]
/usr/lib64/libelf.so.1(elf_end+0x28d)[0x387f40477d]
eu-strip[0x40584d]
eu-strip[0x405a74]
/lib64/libc.so.6(__libc_start_main+0xfa)[0x387241e32a]
eu-strip[0x401ee9]
======= Memory map: ========
00400000-00409000 r-xp 00000000 fd:00 130003                             /usr/bin/eu-strip
00608000-0060b000 rw-p 00008000 fd:00 130003                             /usr/bin/eu-strip
00969000-00992000 rw-p 00969000 00:00 0                                  [heap]
3871200000-387121d000 r-xp 00000000 fd:00 16389                          /lib64/ld-2.8.so
387141c000-387141d000 r--p 0001c000 fd:00 16389                          /lib64/ld-2.8.so
387141d000-387141e000 rw-p 0001d000 fd:00 16389                          /lib64/ld-2.8.so
3872400000-3872562000 r-xp 00000000 fd:00 16396                          /lib64/libc-2.8.so
3872562000-3872762000 ---p 00162000 fd:00 16396                          /lib64/libc-2.8.so
3872762000-3872766000 r--p 00162000 fd:00 16396                          /lib64/libc-2.8.so
3872766000-3872767000 rw-p 00166000 fd:00 16396                          /lib64/libc-2.8.so
3872767000-387276c000 rw-p 3872767000 00:00 0 
3872c00000-3872c02000 r-xp 00000000 fd:00 16404                          /lib64/libdl-2.8.so
3872c02000-3872e02000 ---p 00002000 fd:00 16404                          /lib64/libdl-2.8.so
3872e02000-3872e03000 r--p 00002000 fd:00 16404                          /lib64/libdl-2.8.so
3872e03000-3872e04000 rw-p 00003000 fd:00 16404                          /lib64/libdl-2.8.so
387ec00000-387ec16000 r-xp 00000000 fd:00 16518                          /lib64/libgcc_s-4.3.0-20080428.so.1
387ec16000-387ee15000 ---p 00016000 fd:00 16518                          /lib64/libgcc_s-4.3.0-20080428.so.1
387ee15000-387ee16000 rw-p 00015000 fd:00 16518                          /lib64/libgcc_s-4.3.0-20080428.so.1
387f400000-387f413000 r-xp 00000000 fd:00 128512                         /usr/lib64/libelf-0.135.so
387f413000-387f612000 ---p 00013000 fd:00 128512                         /usr/lib64/libelf-0.135.so
387f612000-387f613000 r--p 00012000 fd:00 128512                         /usr/lib64/libelf-0.135.so
387f613000-387f614000 rw-p 00013000 fd:00 128512                         /usr/lib64/libelf-0.135.so
7f3c954ae000-7f3c95545000 rw-s 00000000 fd:03 2310609                    /home/afri/tmp/xxx
7f3c95545000-7f3c955b2000 rw-p 7f3c95545000 00:00 0 
7f3c955b2000-7f3c9a163000 r--p 00000000 fd:00 125178                     /usr/lib/locale/locale-archive
7f3c9a163000-7f3c9a165000 rw-p 7f3c9a163000 00:00 0 
7f3c9a17f000-7f3c9a181000 rw-p 7f3c9a17f000 00:00 0 
7fffa216b000-7fffa2180000 rw-p 7ffffffea000 00:00 0                      [stack]
7fffa21fe000-7fffa21ff000 r-xp 7fffa21fe000 00:00 0                      [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
Aborted
  
Actual results:
signalled

Expected results:
not signalled

--- Additional comment from pmuller on 2008-11-05 09:52:24 EDT ---

Created an attachment (id=322581)
crasher no 1

--- Additional comment from pmuller on 2008-11-05 09:53:30 EDT ---

Created an attachment (id=322582)
strings.072 testcase

--- Additional comment from pmuller on 2008-11-05 09:54:07 EDT ---

Created an attachment (id=322583)
try.out testcase
Comment 1 Roland McGrath 2008-12-12 05:26:37 UTC 
Fixed upstream
Comment 2 Fedora Update System 2009-01-01 01:20:49 UTC 
elfutils-0.138-1.fc10 has been submitted as an update for Fedora 10.
http://admin.fedoraproject.org/updates/elfutils-0.138-1.fc10
Comment 3 Fedora Update System 2009-01-01 01:20:54 UTC 
elfutils-0.138-1.fc9 has been submitted as an update for Fedora 9.
http://admin.fedoraproject.org/updates/elfutils-0.138-1.fc9
Comment 4 Fedora Update System 2009-01-07 09:23:47 UTC 
elfutils-0.138-1.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing-newkey update elfutils'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2009-0142
Comment 5 Fedora Update System 2009-01-07 09:24:41 UTC 
elfutils-0.138-1.fc10 has been pushed to the Fedora 10 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update elfutils'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2009-0151
Comment 6 Fedora Update System 2009-01-27 01:52:03 UTC 
elfutils-0.139-1.fc10 has been pushed to the Fedora 10 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update elfutils'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2009-1005
Comment 7 Roland McGrath 2009-07-23 19:38:57 UTC 
These bugs are fixed in current Fedora 10/11 updates of elfutils.