OK, here's what I get when I run that test in GDB:
Program received signal SIGSEGV, Segmentation fault.
dwarf_frame_register (fs=0x600000000000be00, regno=<optimized out>,
ops_mem=0x60000fffffffb2d0, ops=0x60000fffffffb2c8,
nops=0x60000fffffffb2c0) at dwarf_frame_register.c:105
105 get_uleb128 (block.length, p);
(gdb) bt
#0 dwarf_frame_register (fs=0x600000000000be00, regno=<optimized out>,
ops_mem=0x60000fffffffb2d0, ops=0x60000fffffffb2c8,
nops=0x60000fffffffb2c0) at dwarf_frame_register.c:105
#1 0x4000000000001900 in print_register (arg=<optimized out>, regno=1,
setname=0x20000000004c9b18 "integer", prefix=0x20000000004c8890 "",
regname=0x60000fffffffb328 "r1", bits=-19768, type=675872) at
addrcfi.c:100
#2 0x20000000000a5020 in dwfl_module_register_names
(mod=0x60000000000062d0,
func=<optimized out>, arg=0x60000fffffffb3a0)
at dwfl_module_register_names.c:74
#3 0x4000000000001bd0 in handle_cfi (stuff=0x60000fffffffb3a0,
pc=268436672,
which=0x4000000000002318 ".debug_frame", dwfl=0x60000000000042f0,
cfi=<optimized out>) at addrcfi.c:153
#4 handle_cfi (dwfl=0x60000000000042f0,
which=0x4000000000002318 ".debug_frame", cfi=0x6000000000007420,
pc=268436672, stuff=0x60000fffffffb3a0) at addrcfi.c:107
#5 0x4000000000001f50 in handle_address (pc=268436672,
dwfl=0x60000000000042f0) at addrcfi.c:167
#6 0x40000000000010b0 in main (argc=4, argv=0x60000fffffffb678)
at addrcfi.c:216
The code is this:
Dwarf_Block block;
const uint8_t *p = fs->cache->data->d.d_buf + reg->value;
get_uleb128 (block.length, p);
//CRASH HERE
block.data = (void *) p;
The problem is that `p` is not a valid pointer.
(gdb) print p
$11 = (const uint8_t *) 0x60000000004c9ea2 <Address 0x60000000004c9ea2 out
of bounds>
However, the base address looks OK:
(gdb) print fs->cache->data->d
$3 = {d_buf = 0x600000000000b830, d_type = ELF_T_BYTE, d_version = 1,
d_size = 64, d_off = 0, d_align = 4}
But the register value is quite large:
(gdb) print reg->value
$12 = 4974194
(gdb) print *reg
$14 = {rule = reg_val_expression, value = 4974194}
And thus the computed address is wrong, though the `reg->rule` value looks
OK (reg_val_expression == 7). I'm looking for more information, but
hopefully that should give you as much info as I have.
Patrick
On Tue, Oct 1, 2013 at 1:43 PM, Kurt Roeckx <k...@roeckx.be> wrote:
> Hi,
>
> The new elfutils (0.157-1) segfaults on IA64. I've been trying
> to debug this on merulo but ran into #691576. When using a core
> file I also don't get any backtrace.
>
> The problem I'm seeing is:
> (sid_ia64-dchroot)kroeckx@merulo:~/elfutils-0.157/tests$
> LD_LIBRARY_PATH=../libelf:../libdw:../backends/
> /home/kroeckx/elfutils-0.157/tests/addrcfi -e testfileppc32.bz2 0x100004c0
> dwarf_cfi_addrframe (.eh_frame): no matching address range
> .debug_frame has 0x100004c0 => [0x100004c0, 0x100004d0):
> return address in reg65
> CFA location expression: bregx(1)
> integer reg0 (r0): undefined
> Segmentation fault (core dumped)
>
> While the output should be something like:
> dwarf_cfi_addrframe (.eh_frame): no matching address range
> .debug_frame has 0x100004c0 => [0x100004c0, 0x100004d0):
> return address in reg65
> CFA location expression: bregx(1)
> integer reg0 (r0): undefined
> integer reg1 (r1): location expression: call_frame_cfa nop
> stack_value
> integer reg2 (r2): same_value
> integer reg3 (r3): undefined
> [...]
>
> Can someone help me get any useful information about this?
>
>
>
> Kurt
>
>
> --
> To UNSUBSCRIBE, email to debian-ia64-requ...@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmas...@lists.debian.org
> Archive: http://lists.debian.org/20131001184346.ga19...@roeckx.be
>
>
