On Sun, 2018-05-27 at 14:25 +0200, Mark Wielaard wrote:
> The new DWARF5 .debug_loclists sections are like .debug_rnglists, but
> plus locations. For Split Dwarf GCC generates the .debug_loclists fully
> in the split .dwo file. Any references to addresses need to be resolved
> through
there could
also be DIEs in an .debug_type or from other/multiple (comdat) sections.
New tests are added for dwarf-4, dwarf-5, split-dwarf-4, split-dwarf-5
and version 4 and 5 dwo files.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 13 +++
libdw/dwarf_cuoff
On Tue, 2018-05-29 at 23:57 +0200, Mark Wielaard wrote:
> dwarf_die_addr_die can be used to turn an Dwarf_Die addr back into a
> full Dwarf_Die, just given the original Dwarf debug handle. This now
> also works for Dwarf_Dies which originated from a split Dwarf. Whenever
> a split
On Mon, 2018-05-28 at 13:32 +0200, Mark Wielaard wrote:
> Handle all new DW_LLE opcodes in .debug_loclists in dwarf_getlocation.
> __libdw_read_begin_end_pair_inc now also handles a default location
> (which is simply the range [0,-1]). Since expression blocks can now
> also c
Set version to 0.171. Update po/*.po files.
Mention DWARF5, split dwarf and GNU DebugFission support in NEWS.
Signed-off-by: Mark Wielaard
I think we are ready for a release now. For people who like to try
out a tar ball, there is now an rc1 (0.170.99) at:
https://sourceware.org/elfutils/ftp/rc
We were using loclistsptr instead of locsptr in print_debug_loc_section.
https://sourceware.org/bugzilla/show_bug.cgi?id=23247
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 5 +
src/readelf.c | 2 +-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/ChangeLog b/src
On Mon, 2018-05-28 at 16:32 +0200, Mark Wielaard wrote:
> Add debug-dump=addr which will show the .debug_addr section tables.
> The only tricky bit is the fact that GNU DebugFission, a DWARF4
> extension, didn't produce unit table headers. So if we see a mixed
> DWARF4/5 .debug_a
On Mon, 2018-05-28 at 17:03 +0200, Mark Wielaard wrote:
> The .debug_str_offsets tables are indirect string offsets into the
> .debug_str section. For DWARF5 they can be in both the main, skeleton
> and split dwarf (.dwo) files.
>
> For DWARF4 with the GNU DebugFission extension
On Mon, 2018-05-28 at 17:33 +0200, Mark Wielaard wrote:
> Found by valgrind when trying to match a split unit from a .dwo file
> that doesn't contain the split unit (as first) match. We would close
> the split Dwarf too early, before we had inspected all units in it.
>
>
ndirs is read from the debug data and should be size checked before use.
https://sourceware.org/bugzilla/show_bug.cgi?id=23248
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 5 +
libdw/dwarf_getsrclines.c | 6 --
2 files changed, 9 insertions(+), 2 deletions(-)
diff
Add explicit test in get-units-invalid for dwarf_cuoffset and
dwarf_dieoffset.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 4
libdw/dwarf_dieoffset.c | 2 +-
tests/ChangeLog | 5 +
tests/get-units-invalid.c | 14 +-
4 files changed, 23
Test that the low high pc attributes can be properly resolved also
in split dwarf setups.
Signed-off-by: Mark Wielaard
---
tests/ChangeLog | 9 +
tests/low_high_pc.c | 28 ++--
tests/run-low_high_pc.sh | 15 +++
3 files changed, 46
On Tue, 2018-05-29 at 09:57 +0200, Mark Wielaard wrote:
> Commit 314e9d7d "readelf: Handle .debug_info first if any other debug
> section needs it" introduced a regression when handling multiple files.
> The implicit and explicit printing of debuginfo weren't reset and so
arf-4 -gsplit-dwarf -O2".
Signed-off-by: Mark Wielaard
---
tests/ChangeLog | 10 ++
tests/run-get-units-split.sh | 5 +++--
tests/run-unit-info.sh | 5 +++--
tests/test-subr.sh | 39 +--
4 files changed, 53 insert
On Tue, 2018-05-29 at 12:08 +0200, Mark Wielaard wrote:
> GNU DebugFission .debug_loc location lists uses the .debug_loc section
> in the split dwarf .dwo file. The encoding is a mix of old style DWARF
> .debug_loc and new style .debug_loclists.
Pushed to master.
On Wed, 2018-05-30 at 00:11 +0200, Mark Wielaard wrote:
> On Tue, 2018-05-29 at 23:57 +0200, Mark Wielaard wrote:
> > dwarf_die_addr_die can be used to turn an Dwarf_Die addr back into a
> > full Dwarf_Die, just given the original Dwarf debug handle. This now
> > also works
On Thu, May 31, 2018 at 01:02:44PM +0200, Mark Wielaard wrote:
> Add explicit test in get-units-invalid for dwarf_cuoffset and
> dwarf_dieoffset.
And that test caught another bug on 32bit systems!
> Dwarf_Off
> dwarf_dieoffset (Dwarf_Die *die)
> {
> - return (die == NULL
On Wed, May 30, 2018 at 12:04:48PM +0200, Mark Wielaard wrote:
> We were using loclistsptr instead of locsptr in print_debug_loc_section.
>
> https://sourceware.org/bugzilla/show_bug.cgi?id=23247
Pushed to master.
On Wed, May 30, 2018 at 03:54:52PM +0200, Mark Wielaard wrote:
> ndirs is read from the debug data and should be size checked before use.
>
> https://sourceware.org/bugzilla/show_bug.cgi?id=23248
Pushed to master.
combines an normal -gdwarf-4 object with a
-gsplit-dwarf object. libdw already got this right, but add a
run-varlocs.sh test to make sure.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 5 +
src/readelf.c | 14 +-
tests
s its own thing to print .debug_types and make
section_info imply section_types. Add a testcase to make sure
.debug_types is now printed.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 9
src/readelf.c | 16 +++---
tests/ChangeLog| 6 +++
te
ng about the order in which
they appear with dwarf_cfi_addrframe () by just giving an address you
are interested in and using dwarf_frame_info (), dwarf_frame_cfa () and
dwarf_frame_register () to extract the information (which might be
less/different than what you would get from the "raw" Dwarf_CFI_Entry).
Cheers,
Mark
On Thu, 2018-05-31 at 14:16 +0200, Mark Wielaard wrote:
> Test that the low high pc attributes can be properly resolved also
> in split dwarf setups.
Pushed to master.
On Thu, 2018-05-31 at 14:40 +0200, Mark Wielaard wrote:
> Introduce testrun_on_self_exe and testrun_on_self_lib.
> Some tests cannot handle (unrelocated) ET_REL object files.
> run-get-units-split.sh and run-unit-info.sh only handle executables
> and shared libraries. This allows runni
We would give up if one of them failed. With this fixed a self-test with
make check succeeds when building elfutils itself with CFLAGS set to
"-gdwarf-4 -gdwarf-split -O2".
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 7 +++
libdw/libdw_find_split_un
On Fri, 2018-06-01 at 02:51 +0200, Mark Wielaard wrote:
> Normal and split dwarf from GNU DebugFission look the same, but should
> be treated competely separtely. When having a file with both skeletons
> and real compile units only note the secoffsets into the real .debug_loc
>
On Fri, 2018-06-01 at 04:11 +0200, Mark Wielaard wrote:
> Commit 314e9d7d "readelf: Handle .debug_info first if any other debug
> section needs it" disabled section_info printing if it was already
> handled. But section_types was an alias for section_info. So unless
> secti
On Fri, 2018-06-01 at 13:23 +0200, Mark Wielaard wrote:
> We would give up if one of them failed. With this fixed a self-test with
> make check succeeds when building elfutils itself with CFLAGS set to
> "-gdwarf-4 -gdwarf-split -O2".
Pushed to master.
po in error diagnostics
Joshua Watt (1):
Use fallthrough attribute.
Mark Wielaard (115):
libelf: Sync elf.h from glibc.
Internationalized messages should not contain the '\v' escape sequence.
README: Add basic build instructions.
ar: Check whether ar header values fit.
libdw: Defi
Commit 00d89086 "tests: Split self_test_files into an exe, lib and obj
list" accidentially left the shared libraries in the self_test_files_exe.
Causing all shared libraries to be tested twice. Drop them and keep just
four ET_EXE files: addr2line, elfcmp, objdump and readelf.
Signed-of
r the build and coverage update and then inspect
the generated commit before pushing it.
See https://sourceware.org/elfutils/coverage/ for the latest coverage
data and https://sourceware.org/elfutils/coverage-version/ for previous
coverage data versions.
Cheers,
Mark
update-coverage.sh
Descri
We only call printf on stdout from one thread, so we don't need internal
stdio locking for stdout.
On my machine eu-readelf -N --debug-dump=info libxul.so > /dev/null
goes from 65 seconds to 63 seconds.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 4
src/readelf.c | 5 +
On my machine eu-readelf -N --debug-dump=info libxul.so > /dev/null
goes from 63 seconds to 57 seconds.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 7 +++
src/readelf.c | 12 ++--
2 files changed, 17 insertions(+), 2 deletions(-)
diff --git a/src/ChangeLog b/src/Change
seconds.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 20 +++
src/readelf.c | 182 --
2 files changed, 96 insertions(+), 106 deletions(-)
diff --git a/src/ChangeLog b/src/ChangeLog
index 9ee9650..37e2471 100644
--- a/src/ChangeLog
__libdwfl_addrsym is only used in the dwfl_module_addrsym.c source.
There is no need to mark this as a (shared) internal function.
Signed-off-by: Mark Wielaard
---
libdwfl/ChangeLog | 5 +
libdwfl/dwfl_module_addrsym.c | 9 ++---
libdwfl/libdwflP.h| 9
turn value, if it is zero, all is fine, if it is 1 you
reached the end, if it is -1 an error occurred. In that last case, if
you really want to try you can try. *next_off having changed after the
call means it might work (or not).
If you have an example of a "wrong" (or not recognized) CFI that would
be helpful.
Thanks,
Mark
The vendor array should have room for all vendor opcode, including
DW_MACRO_hi_user if used.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 5 +
src/readelf.c | 2 +-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/ChangeLog b/src/ChangeLog
index cc12d83..c376a5b 100644
be 1 (2 hex chars is just one 8 bit byte).
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 5 +
libdw/dwarf_getalt.c | 2 +-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index 17acb90..b9f177d 100644
--- a/libdw/ChangeLog
+++ b/libdw
In both handle_sysv_hash and handle_sysv_hash64 we check the has chain
isn't too long. If it is we would report an error and leak the lengths
array. Just clean up the array even in the error case.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 6 ++
src/readelf.c | 14
freeing.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 6 ++
libdw/dwarf_getsrclines.c | 21 -
2 files changed, 18 insertions(+), 9 deletions(-)
diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index b9f177d..f0ce901 100644
--- a/libdw/ChangeLog
+++ b/libdw
In the unlikely case that __libdw_findcu fails to find the associated
CU we would leak one arange because it wasn't linked into the arangelist
list yet. Make sure to free it immediately.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 5 +
libdw/dwarf_getaranges.c | 7 +
entry).
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 5 +
src/readelf.c | 2 +-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/ChangeLog b/src/ChangeLog
index 1bb5696..ec07bb1 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,5 +1,10 @@
2018-06-05 Mark Wie
We would print a "fake" .debug_addr header, but didn't always setup the
unit_length (in case there was a mix of GNU DebugFission and DWARF5 tables).
Make sure to always set the unit_length (we do always calculate the next
unit offset already).
Signed-off-by: Mark Wielaard
---
sr
It is highly unlikely dwarf_formudata fails because we setup the attribute
ourselves, but better to explicitly mark diridx as bad if it does.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 5 +
libdw/dwarf_getsrclines.c | 5 +++--
2 files changed, 8 insertions(+), 2 deletions
On Mon, Jun 04, 2018 at 06:54:53PM +0200, Mark Wielaard wrote:
> We only call printf on stdout from one thread, so we don't need internal
> stdio locking for stdout.
>
> On my machine eu-readelf -N --debug-dump=info libxul.so > /dev/null
> goes from 65 seconds to 63 seconds.
Pushed to master.
On Mon, Jun 04, 2018 at 06:57:27PM +0200, Mark Wielaard wrote:
> On my machine eu-readelf -N --debug-dump=info libxul.so > /dev/null
> goes from 63 seconds to 57 seconds.
Pushed to master.
On Mon, Jun 04, 2018 at 07:05:16PM +0200, Mark Wielaard wrote:
> Since we are single threaded we can just use a static result buffer for
> format_dwarf_addr as long as we make sure to print the result before
> calling format_dwarf_addr again. This removes lots of malloc/free calls.
&
When using the varlocs test with a fuzzer using assert for internal
sanity checks is great to find issues. But when encountering bad data
using an assert is wrong. Just use error to show we handle the data
correctly (by reporting it is bad, instead of crashing).
Signed-off-by: Mark Wielaard
: Mark Wielaard
---
libdw/ChangeLog | 5 +
libdw/dwarf_getlocation_die.c | 8
2 files changed, 13 insertions(+)
diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index 21adeb7..b000492 100644
--- a/libdw/ChangeLog
+++ b/libdw/ChangeLog
@@ -1,3 +1,8 @@
+2018-06-06 Mark
On irc Tom pointed out that no was yes... oops.
Committed as obvious.
Also use yes_str and no_str in print_debug_abbrev_section
and print_form_data.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 6 ++
src/readelf.c | 6 +++---
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git
The afl fuzzer found a case where we tried reading an uleb for the DIE
abbrev code without properly checking the DIE address is inside the CU.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 4
libdw/libdwP.h | 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/libdw
When interning a CU make sure that address_size and offset_size are
either 4 or 8 bytes. We really don't (want to) handle any other size.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 6 ++
libdw/libdw_findcu.c | 13 +++--
2 files changed, 17 insertions(+), 2 dele
On Mon, Jun 04, 2018 at 07:05:16PM +0200, Mark Wielaard wrote:
> Since we are single threaded we can just use a static result buffer for
> format_dwarf_addr as long as we make sure to print the result before
> calling format_dwarf_addr again. This removes lots of malloc/free calls.
Almos
We don't really need to setup a buffer, print into it and then print it
out to stdout. Simplify the code by directly printing the address (and
symbol name).
Signed-off-by: Mark Wielaard
---
src/ChangeLog| 20 +++
src/readelf.c
at can be
dlopened on demand.
One extra issue is that dlopen code (and libebl in general) has pretty
bad error handling. If we clean up this code it would be nice to get
a better error mechanism for when a backend cannot be found.
Cheers,
Mark
er running on the varlocs testcase.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog| 6 ++
libdw/dwarf_getlocation_attr.c | 14 ++
2 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index 9d0b484..79fcf1e 100644
-
On Tue, 2018-06-05 at 00:04 +0200, Mark Wielaard wrote:
> __libdwfl_addrsym is only used in the dwfl_module_addrsym.c source.
> There is no need to mark this as a (shared) internal function.
Pushed to master.
On Tue, 2018-06-05 at 21:06 +0200, Mark Wielaard wrote:
> The vendor array should have room for all vendor opcode, including
> DW_MACRO_hi_user if used.
Pushed to master.
On Tue, 2018-06-05 at 21:33 +0200, Mark Wielaard wrote:
> The MAX_BUILD_ID_BYTES is fairly large (64), while normally build-ids
> are only 20 bytes long. But if we would encounter a jumbo build-id we
> should have enough room to construct the full build-id path.
>
> We used to su
On Tue, 2018-06-05 at 23:06 +0200, Mark Wielaard wrote:
> When printing the GNU DebugFission location entries we want to print the
> start idx as begin, if we cannot find the address index.
> A copy/paste error set up end instead of begin in that case causing us
> to print garbage (in
On Tue, 2018-06-05 at 21:55 +0200, Mark Wielaard wrote:
> In both handle_sysv_hash and handle_sysv_hash64 we check the has chain
> isn't too long. If it is we would report an error and leak the lengths
> array. Just clean up the array even in the error case.
Pushed to master.
On Tue, 2018-06-05 at 22:33 +0200, Mark Wielaard wrote:
> If there were more than 256 directories in the table and there was
> illegal DWARF before we read them all, then we might not free the
> dirarray (or the wrong one). Fix by defining the dirarray early
> (before the first data
On Tue, 2018-06-05 at 22:44 +0200, Mark Wielaard wrote:
> In the unlikely case that __libdw_findcu fails to find the associated
> CU we would leak one arange because it wasn't linked into the arangelist
> list yet. Make sure to free it immediately.
Pushed to master.
On Tue, 2018-06-05 at 23:36 +0200, Mark Wielaard wrote:
> It is highly unlikely dwarf_formudata fails because we setup the attribute
> ourselves, but better to explicitly mark diridx as bad if it does.
Pushed to master.
On Tue, 2018-06-05 at 23:23 +0200, Mark Wielaard wrote:
> We would print a "fake" .debug_addr header, but didn't always setup the
> unit_length (in case there was a mix of GNU DebugFission and DWARF5 tables).
> Make sure to always set the unit_length (we do always calculat
e case of dwarf_getsrclines we would
allocate a giant amount of memory, even if there was no data to actually
read in. Sanity check that the directory and file counts seem reasonable
compared to the amount of data left (assume we need at least 1 byte of
data per form describing the dirs or files).
It is only a consistency issue if we actually have an cfi_debug and the
cfi_debug_bias is not zero (because they come from the same file as the
other debug data).
Signed-off-by: Mark Wielaard
---
tests/ChangeLog | 5 +
tests/varlocs.c | 3 ++-
2 files changed, 7 insertions(+), 1 deletion
ngth
value. To fix this detect and report bad DWARF data earlier.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 7 +++
libdw/dwarf_getlocation.c | 25 +++--
2 files changed, 26 insertions(+), 6 deletions(-)
diff --git a/libdw/ChangeLog b/libdw/Chang
On Wed, 2018-06-06 at 23:43 +0200, Mark Wielaard wrote:
> When using the varlocs test with a fuzzer using assert for internal
> sanity checks is great to find issues. But when encountering bad data
> using an assert is wrong. Just use error to show we handle the data
> correctly (by
On Thu, 2018-06-07 at 00:01 +0200, Mark Wielaard wrote:
> Found by afl fuzzer on varlocs test. varlocs sanity checks that the
> given offset in the opcode corresponds to the cuoffset of the returned
> DIE. In case the opcode offset was bogus this might fail because we
> might wra
The other dwarf unit/cu iterators handle a NULL Dwarf handle as an
existing error and return NULL. Don't crash.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 5 +
libdw/dwarf_get_units.c | 4
2 files changed, 9 insertions(+)
diff --git a/libdw/ChangeLog b/libdw/Chan
When the given Dwarf_Die was invalid we might crash and when the offset
was totally bogus we might succeed with a random abbrev.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 4
libdw/dwarf_getabbrev.c | 20 +---
tests/ChangeLog | 5 +
tests
If the target of a DW_OP_GNU_parameter_ref isn't a DW_TAG_formal_parameter
that is bad data (which varlocs should error on). But it isn't an internal
consistency check (for which varlocs should assert).
Signed-off-by: Mark Wielaard
---
tests/ChangeLog | 5 +
tests/varlocs.c | 3 ++
max_entries of offsets (so the user can
more clearly see what is wrong with their table).
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 7 +++
src/readelf.c | 12 ++--
2 files changed, 13 insertions(+), 6 deletions(-)
diff --git a/src/ChangeLog b/src/ChangeLog
index ca1917a
On Thu, 2018-06-07 at 20:50 +0200, Mark Wielaard wrote:
> The afl fuzzer found a case where we tried reading an uleb for the DIE
> abbrev code without properly checking the DIE address is inside the CU.
Pushed to master.
On Thu, 2018-06-07 at 23:44 +0200, Mark Wielaard wrote:
> When interning a CU make sure that address_size and offset_size are
> either 4 or 8 bytes. We really don't (want to) handle any other size.
Pushed to master.
On Thu, 2018-06-07 at 23:44 +0200, Mark Wielaard wrote:
> We don't really need to setup a buffer, print into it and then print it
> out to stdout. Simplify the code by directly printing the address (and
> symbol name).
Pushed to master, including a description of the other littl
On Fri, 2018-06-08 at 11:55 +0200, Mark Wielaard wrote:
> When constructing a "fake" Dwarf_Attribute for DW_OP_GNU_const_index,
> DW_OP_constx, DW_OP_GNU_addr_index or DW_OP_addrx, we would create a
> fake attribute pointing to the actual data in the .debug_addr section.
>
&
Bad DWARF could create a very long or circular DIE ref chain by linking
DW_AT_abstract_origin or DW_AT_specification to the DIE itself. Break
the chain after seeing a large number (16) of DIEs.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 6 ++
libdw
On Fri, Jun 08, 2018 at 04:06:29PM +0200, Mark Wielaard wrote:
> The afl fuzzer found that the way we handle "too many" directories or files
> in the (DWARF5 style) line table badly. In the case of eu-readelf we would
> print an endless stream of "bad directory" or &
On Fri, Jun 08, 2018 at 04:06:55PM +0200, Mark Wielaard wrote:
> It is only a consistency issue if we actually have an cfi_debug and the
> cfi_debug_bias is not zero (because they come from the same file as the
> other debug data).
Pushed to master.
On Fri, Jun 08, 2018 at 04:18:58PM +0200, Mark Wielaard wrote:
> The afl fuzzer running against the varlocs test detected we didn't report
> the value block of a DW_OP_implicit_value consistently when the DWARF was
> bad. Although this doesn't cause a crash it might result i
difference between readendp and readp is zero or greater, we
should cast the pointer difference to size_t (and unsigned type) instead
before comparing with the unsigned value.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 5 +
src/readelf.c | 14 +++---
2 files changed, 12 insertions
On Fri, 2018-06-08 at 20:45 +0200, Mark Wielaard wrote:
> The other dwarf unit/cu iterators handle a NULL Dwarf handle as an
> existing error and return NULL. Don't crash.
Pushed to master.
On Fri, 2018-06-08 at 20:47 +0200, Mark Wielaard wrote:
> When the given Dwarf_Die was invalid we might crash and when the offset
> was totally bogus we might succeed with a random abbrev.
Pushed to master.
On Fri, 2018-06-08 at 21:18 +0200, Mark Wielaard wrote:
> If the target of a DW_OP_GNU_parameter_ref isn't a DW_TAG_formal_parameter
> that is bad data (which varlocs should error on). But it isn't an internal
> consistency check (for which varlocs should assert).
Pushed to master.
On Fri, 2018-06-08 at 23:33 +0200, Mark Wielaard wrote:
> The afl fuzzer found that we would overflow the needed bytes when
> calculating how many index entries would fit in the .debug_loclists
> and .debug_rnglists tables. To fix this just calculate the max number
> of entries. I
print_form_data returns the new readp (or readendp on error) to show how
much data was consumed. But when reading the .debug_str_offsets section
we would reuse readp and readendp. This meant the wrong readp would be
returned to the caller.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 5
and various testcases.
Signed-off-by: Mark Wielaard
---
ChangeLog | 5 +
NEWS| 9 +
config/ChangeLog| 4 +
config/elfutils.spec.in | 7 +
configure.ac| 2 +-
po/ChangeLog| 4 +
po/de.po| 894
On Sun, 2018-06-10 at 17:01 +0200, Mark Wielaard wrote:
> Bad DWARF could create a very long or circular DIE ref chain by linking
> DW_AT_abstract_origin or DW_AT_specification to the DIE itself. Break
> the chain after seeing a large number (16) of DIEs.
Pushed to master.
On Mon, 2018-06-11 at 02:18 +0200, Mark Wielaard wrote:
> The afl fuzzer found that we did a wrong check in print_form_data when
> comparing the remaining bytes in the buffer to an (unsigned) value read.
> We were casting the value to ptrdiff_t which is a signed value and so
> might t
On Mon, Jun 11, 2018 at 11:33:14AM +0200, Mark Wielaard wrote:
> print_form_data returns the new readp (or readendp on error) to show how
> much data was consumed. But when reading the .debug_str_offsets section
> we would reuse readp and readendp. This meant the wrong readp would be
>
.
Thanks to running the afl fuzzer on eu-readelf and various testcases.
eu-readelf -N is ~15% faster.
* GIT SHORTLOG *
Mark Wielaard (31):
tests: Drop shared libraries from
self_test_files_exe.
readelf: Call __fsetlocking (stdout,
FSETLOCKING_BYCALLER).
readelf: Lookup gettext "yes" and
(string) "sl"
const_value (sdata) -1
name (string) "ul"
const_value (sdata) 18446744073709551615 (-1)
(for signed/unsigned int char, short and long)
Signed-off-by: Mark Wielaard
---
src/ChangeLog
Found by the afl fuzzer. The next offset (after a locview) comes from a
DIE loclist attribute. This could be a bogus value so large it overflows
the buffer and makes us print past the end of buffer.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 5 +
src/readelf.c | 4 +++-
2 files
Make sure to always set die->abbrev to DWARF_END_ABBREV on failure.
DWARF_END_ABBREV is also what the function reports on failure. And it
will prevent trying to lookup the abbrev ever again.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 5 +
libdw/libdwP.h | 5 +++--
2 files chan
cause we never reached and of the .debug_line buffer.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 4
libdw/memory-access.h | 5 +
src/ChangeLog | 5 +
src/readelf.c | 12 ++--
4 files changed, 20 insertions(+), 6 deletions(-)
diff --git a/
Found by afl-fuzz. When printing a DWARF_FORM_block4 we checked there
were only 2 bytes available (copy/paste from DW_FORM_block2 right
before). Obviously we need at least 4 bytes to read the length of a
DW_FORM_block4.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 5 +
src/readelf.c | 2
to generate the (static) executable and core file for the
test, but if it is unclear please ask.
Thanks,
Mark
gular block and that
dwarf_getlocation[s|_addr] doesn't treat it as location expression.
Signed-off-by: Mark Wielaard
---
libdw/dwarf_getlocation.c | 44 +++-
src/ChangeLog | 5 +
src/readelf.c | 15 ++-
3 files c
1001 - 1100 of 3433 matches
Mail list logo
