Created attachment 1152911 [details] Null 01 bug Hi, I have informed this bug to upstream, reporting it here just for bug tracking, thanks. Null dereference bug in lastest git code. 0x2aaaaaceba60 <_dwarf_set_line_table_regs_default_values+112> mov rax,QWORD PTR [rip+0x24189] # 0x2aaaaad0fbf0 <_dwarf_line_table_regs_default_values+80> 0x2aaaaaceba67 <_dwarf_set_line_table_regs_default_values+119> mov QWORD PTR [rdi+0x50],rax 0x2aaaaaceba6b <_dwarf_set_line_table_regs_default_values+123> ret 0x2aaaaaceba6c nop DWORD PTR [rax+0x0] 0x2aaaaaceba70 <_dwarf_file_name_is_full_path> movzx edx,BYTE PTR [rdi] <- $pc 0x2aaaaaceba73 <_dwarf_file_name_is_full_path+3> mov eax,0x1 0x2aaaaaceba78 <_dwarf_file_name_is_full_path+8> cmp dl,0x2f 0x2aaaaaceba7b <_dwarf_file_name_is_full_path+11> je 0x2aaaaacebaa8 <_dwarf_file_name_is_full_path+56> 0x2aaaaaceba7d <_dwarf_file_name_is_full_path+13> xor eax,eax -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------[source:./dwarf_line.c+84]-- 80 */ 81 int 82 _dwarf_file_name_is_full_path(Dwarf_Small *fname) 83 { 84 Dwarf_Small firstc = *fname; <- $pc 85 if (is_path_separator(firstc)) { 86 /* Full path. */ 87 return 1; 88 } --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------[trace]-- #0 _dwarf_file_name_is_full_path (fname=0x0) at ./dwarf_line.c:84 #1 0x00002aaaaacf40e0 in construct_at_path_from_parts (mc=0x65bff0) at dwarf_macro5.c:700 #2 dwarf_get_macro_startend_file (macro_context=macro_context@entry=0x65bff0, op_number=op_number@entry=1, line_number=line_number@entry=0x7fffffffd898, name_index_to_line_tab=name_index_to_line_tab@entry=0x7fffffffd8a0, src_file_name=src_file_name@entry=0x7fffffffd8b0, error=error@entry=0x7fffffffd8b8) at dwarf_macro5.c:774 gef> p fname $8 = (Dwarf_Small *) 0x0 The arg (Dwarf_Small *fname) of _dwarf_file_name_is_full_path() is not checked before using.
libdwarf-20160507-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-f36c5935e5
libdwarf-20160507-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-f36c5935e5
libdwarf-20160507-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.