https://sourceware.org/bugzilla/show_bug.cgi?id=18420
Bug ID: 18420 Summary: Segfault in readelf with --unwind option Product: binutils Version: 2.25 Status: NEW Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: duretsimon73 at gmail dot com Target Milestone: --- Created attachment 8318 --> https://sourceware.org/bugzilla/attachment.cgi?id=8318&action=edit ELF 32-bit MSB executable, IA-64, version 1, dynamically linked, interpreter /usr/lib/hpux32/uld.so:/usr/lib/hpux32/dld.so, stripped, too many notes (256) Hello, the attached file cause a segfault on readelf when used with --unwind option (or --all) Here are information about the crash : GNU readelf (GNU Binutils) 2.25.51.20150516 Copyright (C) 2015 Free Software Foundation, Inc. This program is free software; you may redistribute it under the terms of the GNU General Public License version 3 or (at your option) any later version. This program has absolutely no warranty. Program received signal SIGSEGV, Segmentation fault. [----------------------------------registers-----------------------------------] RAX: 0x6ed001 RBX: 0x6ed000 RCX: 0x0 RDX: 0x2d ('-') RSI: 0x7ffff7bd3970 --> 0x0 RDI: 0x7ffff7bd2740 --> 0xfbad2a84 RBP: 0x0 RSP: 0x7fffffffe400 --> 0xd ('\r') RIP: 0x425b9f (<unw_decode_p2_p5+255>: movzx ebp,BYTE PTR [rbx]) R8 : 0x7ffff7bd3970 --> 0x0 R9 : 0x7ffff7fc4700 (0x00007ffff7fc4700) R10: 0x97 R11: 0x246 R12: 0xaaaaaaaaaaaaaaab R13: 0x117db4 R14: 0x6a70b8 --> 0x100100d8de0300 R15: 0x34 ('4') EFLAGS: 0x10206 (carry PARITY adjust zero sign trap INTERRUPT direction overflow) [-------------------------------------code-------------------------------------] 0x425b93 <unw_decode_p2_p5+243>: nop DWORD PTR [rax+rax*1+0x0] 0x425b98 <unw_decode_p2_p5+248>: lea rax,[rbx+0x1] 0x425b9c <unw_decode_p2_p5+252>: test r13,r13 => 0x425b9f <unw_decode_p2_p5+255>: movzx ebp,BYTE PTR [rbx] 0x425ba2 <unw_decode_p2_p5+258>: mov rbx,rax 0x425ba5 <unw_decode_p2_p5+261>: jne 0x425be0 <unw_decode_p2_p5+320> 0x425ba7 <unw_decode_p2_p5+263>: mov ecx,r13d 0x425baa <unw_decode_p2_p5+266>: movzx edx,bpl [------------------------------------stack-------------------------------------] 0000| 0x7fffffffe400 --> 0xd ('\r') 0008| 0x7fffffffe408 --> 0x7ffff7883139 (<printf+153>: add rsp,0xd8) 0016| 0x7fffffffe410 --> 0x7fffffffe4e0 --> 0x1 0024| 0x7fffffffe418 --> 0x3000000018 0032| 0x7fffffffe420 --> 0x7fffffffe4f0 --> 0x7ffff7003162 0040| 0x7fffffffe428 --> 0x7fffffffe430 --> 0x43f859 --> 0x726f746f4d007270 ('pr') 0048| 0x7fffffffe430 --> 0x43f859 --> 0x726f746f4d007270 ('pr') 0056| 0x7fffffffe438 --> 0x448ae3 --> 0x53444e5f52003150 ('P1') [------------------------------------------------------------------------------] Legend: code, data, rodata, value Stopped reason: SIGSEGV 0x0000000000425b9f in unw_decode_p2_p5 (dp=<optimized out>, code=<optimized out>, arg=<optimized out>) at unwind-ia64.c:780 780 UNW_DEC_SPILL_MASK ("P4", dp, arg); gdb-peda$ bt #0 0x0000000000425b9f in unw_decode_p2_p5 (dp=<optimized out>, code=<optimized out>, arg=<optimized out>) at unwind-ia64.c:780 #1 0x00000000004118e9 in dump_ia64_unwind (aux=<optimized out>) at readelf.c:6738 #2 ia64_process_unwind (file=0x7ffff7bd2740 <_IO_2_1_stdout_>) at readelf.c:7019 #3 0x0000000000423e63 in process_unwind (file=0x67f010) at readelf.c:8435 #4 process_object (file_name=file_name@entry=0x7fffffffeb80 "./pown/file", file=file@entry=0x67f010) at readelf.c:16015 #5 0x0000000000401d41 in process_file (file_name=0x7fffffffeb80 "./pown/file") at readelf.c:16397 #6 main (argc=0x3, argv=0x7fffffffe898) at readelf.c:16468 #7 0x00007ffff7854800 in __libc_start_main () from /usr/lib/libc.so.6 #8 0x0000000000401f19 in _start () Best regards, Tosh -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils