While working on an ELF tool of mine (ruby-elf/cowstats), I found that readelf -S (from binutils 2.18.50.0.9.20080822) segfaults on Solaris-specific section types. The file I'm going to attach is distributed with the source tarball of Firefox 3.0.2, and it's used as a test file for the crash handler (I'll be commenting with the license info since it's using some BSDish terms). Interestingly enough, eu-readelf from elfutils works fine. HTH, Diego
Created attachment 2961 [details] object file causing the crash // Copyright (c) 2007, Google Inc. // All rights reserved. // // Redistribution and use in source and binary forms, with or without // modification, are permitted provided that the following conditions are // met: // // * Redistributions of source code must retain the above copyright // notice, this list of conditions and the following disclaimer. // * Redistributions in binary form must reproduce the above // copyright notice, this list of conditions and the following disclaimer // in the documentation and/or other materials provided with the // distribution. // * Neither the name of Google Inc. nor the names of its // contributors may be used to endorse or promote products derived from // this software without specific prior written permission. // // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
I could not reproduce this with current mainline or 2.19 branch sources, with binutils hosted on both x86 and powerpc64. Perhaps you were bitten by a compiler bug? Details on where the segfault occurred might be useful. There are 31 section headers, starting at offset 0x32a4: Section Headers: [Nr] Name Type Addr Off Size ES Flg Lk Inf Al [ 0] NULL 00000000 000000 000000 00 0 0 0 [ 1] .interp PROGBITS 080500f4 0000f4 000011 00 A 0 0 1 [ 2] .SUNW_cap LOOS+ffffff5 08050108 000108 000010 08 A 0 0 4 [ 3] .hash HASH 08050118 000118 000154 04 A 5 0 4 [ 4] .SUNW_ldynsym LOOS+ffffff3 0805026c 00026c 0000f0 10 A 6 15 4 [ 5] .dynsym DYNSYM 0805035c 00035c 0002a0 10 A 6 1 4 [ 6] .dynstr STRTAB 080505fc 0005fc 0006ae 00 AS 0 0 1 [ 7] .SUNW_version VERNEED 08050cac 000cac 000070 01 A 6 3 4 [ 8] .SUNW_dynsymsort LOOS+ffffff1 08050d1c 000d1c 000068 04 A 4 0 4 [ 9] .rel.plt REL 08050d84 000d84 000068 08 AI 5 10 4 [10] .plt PROGBITS 08050dec 000dec 0000e0 10 AX 0 0 4 [11] .text PROGBITS 08050ed0 000ed0 0002d7 00 AX 0 0 16 [12] .init PROGBITS 080511a8 0011a8 0000be 00 AX 0 0 4 [13] .fini PROGBITS 08051268 001268 000065 00 AX 0 0 4 [14] .rodata PROGBITS 080512d0 0012d0 000050 00 A 0 0 4 [15] .got PROGBITS 08061320 001320 00004c 04 WA 0 0 4 [16] .dynamic DYNAMIC 0806136c 00136c 000178 08 WA 6 0 4 [17] .ex_shared PROGBITS 080614e4 0014e4 000038 00 WA 0 0 4 [18] .cpp_finidata PROGBITS 0806151c 00151c 00000c 00 WA 0 0 4 [19] .exception_ranges PROGBITS 08061528 001528 000068 00 WA 65280 0 4 [20] .data PROGBITS 08061590 001590 00005c 00 WA 0 0 4 [21] .bssf PROGBITS 080615ec 0015ec 000000 00 WA 0 0 1 [22] .bss NOBITS 080615ec 0015ec 000000 00 WA 0 0 1 [23] .symtab SYMTAB 00000000 0015ec 000680 10 24 63 4 [24] .strtab STRTAB 00000000 001c6c 000475 00 S 0 0 1 [25] .stab.index PROGBITS 00000000 0020e4 0000cc 0c 29 0 4 [26] .stab PROGBITS 00000000 0021b0 0004e0 0c 30 0 4 [27] .comment PROGBITS 00000000 002690 000036 00 0 0 1 [28] .shstrtab STRTAB 00000000 0026c6 000110 00 S 0 0 1 [29] .stab.indexstr STRTAB 00000000 0027d6 0003b1 00 0 0 1 [30] .stabstr STRTAB 00000000 002b87 00071c 00 0 0 1 Key to Flags: W (write), A (alloc), X (execute), M (merge), S (strings) I (info), L (link order), G (group), x (unknown) O (extra OS processing required) o (OS specific), p (processor specific)
The Linux binutils has a patch for PR 6412. Please try this patch: --- binutils/readelf.c.solaris 2008-10-11 18:47:31.000000000 -0700 +++ binutils/readelf.c 2008-10-11 18:46:18.000000000 -0700 @@ -4452,7 +4452,7 @@ process_section_headers (FILE *file) else printf (" %3s ", get_elf_section_flags (section->sh_flags)); - if (hole_in_shndx) + if (hole_in_shndx && original_shndx) { if (original_shndx[i].sh_link != section->sh_link) printf ("%2u/-%3u ",
Closing as per comment #2