[Bug binutils/25962] New: [nm] crash at vms_add

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/25962] New: [nm] crash at vms_add_index at vms-lib.c:157

From:	dkcjd2000 at gmail dot com
Subject:	[Bug binutils/25962] New: [nm] crash at vms_add_index at vms-lib.c:157
Date:	Sat, 09 May 2020 15:43:42 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=25962

            Bug ID: 25962
           Summary: [nm] crash at  vms_add_index  at vms-lib.c:157
           Product: binutils
           Version: 2.34
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: dkcjd2000 at gmail dot com
  Target Milestone: ---

Created attachment 12520
  --> https://sourceware.org/bugzilla/attachment.cgi?id=12520&action=edit
crash test case

Hello,
I'm currently developing a new fuzzing feature, and I found a crash in nm.

It crashed in vms_add_index  at vms-lib.c:157

I built it with Ubuntu 16.04 with gcc 5.4.0, and the following command to build
nm from the source:
./configure --enable-targets=all ; make clean all -j 4; make install

You can reproduce the crash with the following command:
./nm <attached file>

The stack trace is :
Program received signal SIGSEGV, Segmentation fault.
0x00000000006d555c in vms_add_index (cs=cs@entry=0x7fffffffdeb0,
name=name@entry=0xb15450 "", idx_vbn=<optimized out>,
idx_off=idx_off@entry=4132)
    at vms-lib.c:157
157       cs->idx[cs->nbr].file_offset = (idx_vbn - 1) * VMS_BLOCK_SIZE +
idx_off;
(gdb) bt
#0  0x00000000006d555c in vms_add_index (cs=cs@entry=0x7fffffffdeb0,
name=name@entry=0xb15450 "", idx_vbn=<optimized out>,
idx_off=idx_off@entry=4132)
    at vms-lib.c:157
#1  0x00000000006d563d in vms_add_indexes_from_list (abfd=abfd@entry=0xb15290,
cs=cs@entry=0x7fffffffdeb0, name=name@entry=0xb15450 "",
    rfa=0x7fffffffd980, rfa@entry=0x7fffffffda46) at vms-lib.c:186
#2  0x00000000006d5953 in vms_traverse_index (abfd=abfd@entry=0xb15290,
vbn=<optimized out>, cs=cs@entry=0x7fffffffdeb0) at vms-lib.c:363
#3  0x00000000006d5ad1 in vms_lib_read_index (abfd=abfd@entry=0xb15290,
idx=idx@entry=0, nbrel=nbrel@entry=0x7fffffffdf3c) at vms-lib.c:414
#4  0x00000000006d5d73 in _bfd_vms_lib_archive_p (abfd=0xb15290,
kind=kind@entry=vms_lib_ia64) at vms-lib.c:524
#5  0x00000000006d753a in _bfd_vms_lib_ia64_archive_p (abfd=<optimized out>) at
vms-lib.c:651
#6  0x000000000040d6a9 in bfd_check_format_matches (abfd=abfd@entry=0xb15290,
format=format@entry=bfd_archive, matching=matching@entry=0x0)
    at format.c:328
#7  0x000000000040dbf9 in bfd_check_format (abfd=abfd@entry=0xb15290,
format=format@entry=bfd_archive) at format.c:94
#8  0x0000000000404679 in display_file (filename=0x7fffffffe5b0
"./report/crash4") at nm.c:1371
#9  0x0000000000404d50 in main (argc=2, argv=0x7fffffffe318) at nm.c:1860

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/25962] New: [nm] crash at vms_add_index at vms-lib.c:157, dkcjd2000 at gmail dot com <=
- [Bug binutils/25962] [nm] crash at vms_add_index at vms-lib.c:157, amodra at gmail dot com, 2020/05/11

Prev by Date: [Bug binutils/25961] [nm] crash at _IO_flush_all_lockp at genops.c:779
Next by Date: [Bug binutils/25963] New: [nm] crash at __memcpy_avx_unaligned () at memcpy-avx-unaligned.S:245
Previous by thread: [Bug binutils/25961] New: [nm] crash at _IO_flush_all_lockp at genops.c:779
Next by thread: [Bug binutils/25962] [nm] crash at vms_add_index at vms-lib.c:157
Index(es):
- Date
- Thread