CVE-2017-15025

[rshariffdeen]

Repair module doesn't generate any candidates and failed to find the top-location for suggested fix-locations

[2023-02-22 03:01:26.301] [info] parsing expression: (@var(integer, lh.line_range) != 0)
[2023-02-22 03:01:26.301] [info] converting parse tree to expression...
[2023-02-22 03:01:26.330] [info] parsing expression: (@var(integer, lh.line_range) != 0)
[2023-02-22 03:01:26.331] [info] converting parse tree to expression...
[2023-02-22 03:01:26.331] [info] parsing expression: (@var(integer, lh.line_range) != 0)
[2023-02-22 03:01:26.332] [info] converting parse tree to expression...
[2023-02-22 03:01:26.332] [info] parsing expression: (@var(integer, lh.line_range) != 0)
[2023-02-22 03:01:26.332] [info] converting parse tree to expression...
[2023-02-22 03:01:26.333] [info] parsing expression: (@var(integer, lh.line_range) != 0)
[2023-02-22 03:01:26.333] [info] converting parse tree to expression...
[2023-02-22 03:01:26.967] [info] saving fix localization to disk: /experiment/vulnloc/binutils/CVE-2017-15025/analysis/localization.json
[2023-02-22 03:01:26.967] [info] saved fix localization to disk: /experiment/vulnloc/binutils/CVE-2017-15025/analysis/localization.json
[2023-02-22 03:01:27.060] [error] bad fix location [/experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2441:3]: unable to find statement
[2023-02-22 03:01:27.064] [error] bad fix location [/experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2453:19]: unable to find statement
[2023-02-22 03:01:27.067] [error] bad fix location [/experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2453:8]: unable to find statement
[2023-02-22 03:01:27.071] [error] bad fix location [/experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2454:8]: unable to find statement
[2023-02-22 03:01:27.074] [error] bad fix location [/experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2455:8]: unable to find statement
[2023-02-22 03:01:27.167] [error] bad fix location [/experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2441:3]: unable to find statement
[2023-02-22 03:01:27.171] [error] bad fix location [/experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2453:19]: unable to find statement
[2023-02-22 03:01:27.175] [error] bad fix location [/experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2453:8]: unable to find statement
[2023-02-22 03:01:27.178] [error] bad fix location [/experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2454:8]: unable to find statement
[2023-02-22 03:01:27.182] [error] bad fix location [/experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2455:8]: unable to find statement
[2023-02-22 03:01:27.182] [info] writing linter report to disk
[2023-02-22 03:01:27.182] [info] wrote linter report to disk
2023-02-22 03:01:27.185 | DEBUG    | crashrepair.shell:__call__:36 - executing: make clean  > /dev/null 2>&1
2023-02-22 03:01:31.194 | DEBUG    | crashrepair.shell:__call__:36 - executing: exit 0
2023-02-22 03:01:31.197 | DEBUG    | crashrepair.shell:__call__:36 - executing: bear make CC=crepair-cc CXX=crepair-cxx CFLAGS='-ldl  -Wno-error -g' CXXFLAGS='-ldl  -Wno-error -g' LDFLAGS='-ldl -L/klee/build/lib -lkleeRuntest  -Wno-error -g' > /dev/null 2>&1 
2023-02-22 03:03:50.979 | INFO     | crashrepair.scenario:generate:386 - generating candidate repairs in implicated files: {'/experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c'}
2023-02-22 03:03:50.980 | DEBUG    | crashrepair.shell:__call__:36 - executing: /opt/crashrepair/bin/crashrepairfix --output-to /experiment/vulnloc/binutils/CVE-2017-15025/candidates.json --localization-filename /experiment/vulnloc/binutils/CVE-2017-15025/analysis/localization.json -p /experiment/vulnloc/binutils/CVE-2017-15025/src/compile_commands.json /experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c -extra-arg=-I/opt/llvm11/lib/clang/11.1.0/include/
[2023-02-22 03:03:51.000] [info] parsing expression: (@var(integer, lh.line_range) != 0)
[2023-02-22 03:03:51.000] [info] converting parse tree to expression...
[2023-02-22 03:03:51.000] [debug] converting node with type: crashrepairfix::not_equals
[2023-02-22 03:03:51.000] [debug] converting node with type: crashrepairfix::integer
[2023-02-22 03:03:51.000] [debug] converting node with type: crashrepairfix::variable
[2023-02-22 03:03:51.000] [debug] loading state values from file: /experiment/vulnloc/binutils/CVE-2017-15025/analysis/values/#experiment#vulnloc#binutils#CVE-2017-15025#src#bfd#.#dwarf2.c:2441:3.csv
[2023-02-22 03:03:51.000] [debug] retrieved header line from state values file: 
[2023-02-22 03:03:51.000] [debug] state values file contains 0 columns
[2023-02-22 03:03:51.000] [debug] loaded 1 state rows
[2023-02-22 03:03:51.000] [info] parsing expression: (@var(integer, lh.line_range) != 0)
[2023-02-22 03:03:51.001] [info] converting parse tree to expression...
[2023-02-22 03:03:51.001] [debug] converting node with type: crashrepairfix::not_equals
[2023-02-22 03:03:51.001] [debug] converting node with type: crashrepairfix::integer
[2023-02-22 03:03:51.001] [debug] converting node with type: crashrepairfix::variable
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.line_range, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.line_range, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.opcode_base, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.opcode_base, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.minimum_instruction_length, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.minimum_instruction_length, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.maximum_ops_per_insn, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.maximum_ops_per_insn, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(op_code, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.opcode_base, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.opcode_base, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(op_code, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(line_ptr, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(line_ptr, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(end_sequence, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(address, integer)
[2023-02-22 03:03:51.001] [debug] loading state values from file: /experiment/vulnloc/binutils/CVE-2017-15025/analysis/values/#experiment#vulnloc#binutils#CVE-2017-15025#src#bfd#.#dwarf2.c:2453:19.csv
[2023-02-22 03:03:51.001] [debug] retrieved header line from state values file: lh;lh.line_range;lh.opcode_base;lh.minimum_instruction_length;lh.maximum_ops_per_insn;op_code;line_ptr;end_sequence;address
[2023-02-22 03:03:51.001] [debug] state values file contains 9 columns
[2023-02-22 03:03:51.001] [debug] reading value for column: lh
[2023-02-22 03:03:51.001] [debug] reading value for column: lh.line_range
[2023-02-22 03:03:51.001] [debug] reading value for column: lh.opcode_base
[2023-02-22 03:03:51.001] [debug] reading value for column: lh.minimum_instruction_length
[2023-02-22 03:03:51.001] [debug] reading value for column: lh.maximum_ops_per_insn
[2023-02-22 03:03:51.001] [debug] reading value for column: op_code
[2023-02-22 03:03:51.001] [debug] reading value for column: line_ptr
[2023-02-22 03:03:51.001] [debug] reading value for column: end_sequence
[2023-02-22 03:03:51.001] [debug] reading value for column: address
[2023-02-22 03:03:51.001] [debug] loaded 1 state rows
[2023-02-22 03:03:51.001] [info] parsing expression: (@var(integer, lh.line_range) != 0)
[2023-02-22 03:03:51.001] [info] converting parse tree to expression...
[2023-02-22 03:03:51.001] [debug] converting node with type: crashrepairfix::not_equals
[2023-02-22 03:03:51.001] [debug] converting node with type: crashrepairfix::integer
[2023-02-22 03:03:51.001] [debug] converting node with type: crashrepairfix::variable
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.line_range, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.line_range, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.opcode_base, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.opcode_base, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.minimum_instruction_length, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.minimum_instruction_length, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.maximum_ops_per_insn, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.maximum_ops_per_insn, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(op_code, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.opcode_base, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(lh.opcode_base, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(op_code, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(line_ptr, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(line_ptr, pointer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(end_sequence, integer)
[2023-02-22 03:03:51.001] [debug] loaded variable: Variable(address, integer)
[2023-02-22 03:03:51.001] [debug] loading state values from file: /experiment/vulnloc/binutils/CVE-2017-15025/analysis/values/#experiment#vulnloc#binutils#CVE-2017-15025#src#bfd#.#dwarf2.c:2453:8.csv
[2023-02-22 03:03:51.001] [debug] retrieved header line from state values file: lh;lh.line_range;lh.opcode_base;lh.minimum_instruction_length;lh.maximum_ops_per_insn;op_code;line_ptr;end_sequence;address
[2023-02-22 03:03:51.001] [debug] state values file contains 9 columns
[2023-02-22 03:03:51.001] [debug] reading value for column: lh
[2023-02-22 03:03:51.001] [debug] reading value for column: lh.line_range
[2023-02-22 03:03:51.001] [debug] reading value for column: lh.opcode_base
[2023-02-22 03:03:51.001] [debug] reading value for column: lh.minimum_instruction_length
[2023-02-22 03:03:51.001] [debug] reading value for column: lh.maximum_ops_per_insn
[2023-02-22 03:03:51.001] [debug] reading value for column: op_code
[2023-02-22 03:03:51.001] [debug] reading value for column: line_ptr
[2023-02-22 03:03:51.001] [debug] reading value for column: end_sequence
[2023-02-22 03:03:51.001] [debug] reading value for column: address
[2023-02-22 03:03:51.001] [debug] loaded 1 state rows
[2023-02-22 03:03:51.001] [info] parsing expression: (@var(integer, lh.line_range) != 0)
[2023-02-22 03:03:51.002] [info] converting parse tree to expression...
[2023-02-22 03:03:51.002] [debug] converting node with type: crashrepairfix::not_equals
[2023-02-22 03:03:51.002] [debug] converting node with type: crashrepairfix::integer
[2023-02-22 03:03:51.002] [debug] converting node with type: crashrepairfix::variable
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.line_range, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.line_range, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.opcode_base, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.opcode_base, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.minimum_instruction_length, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.minimum_instruction_length, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.maximum_ops_per_insn, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.maximum_ops_per_insn, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(op_code, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.opcode_base, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.opcode_base, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(op_code, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(line_ptr, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(line_ptr, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(end_sequence, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(op_index, integer)
[2023-02-22 03:03:51.002] [debug] loading state values from file: /experiment/vulnloc/binutils/CVE-2017-15025/analysis/values/#experiment#vulnloc#binutils#CVE-2017-15025#src#bfd#.#dwarf2.c:2454:8.csv
[2023-02-22 03:03:51.002] [debug] retrieved header line from state values file: lh;lh.line_range;lh.opcode_base;lh.minimum_instruction_length;lh.maximum_ops_per_insn;op_code;line_ptr;end_sequence;op_index
[2023-02-22 03:03:51.002] [debug] state values file contains 9 columns
[2023-02-22 03:03:51.002] [debug] reading value for column: lh
[2023-02-22 03:03:51.002] [debug] reading value for column: lh.line_range
[2023-02-22 03:03:51.002] [debug] reading value for column: lh.opcode_base
[2023-02-22 03:03:51.002] [debug] reading value for column: lh.minimum_instruction_length
[2023-02-22 03:03:51.002] [debug] reading value for column: lh.maximum_ops_per_insn
[2023-02-22 03:03:51.002] [debug] reading value for column: op_code
[2023-02-22 03:03:51.002] [debug] reading value for column: line_ptr
[2023-02-22 03:03:51.002] [debug] reading value for column: end_sequence
[2023-02-22 03:03:51.002] [debug] reading value for column: op_index
[2023-02-22 03:03:51.002] [debug] loaded 1 state rows
[2023-02-22 03:03:51.002] [info] parsing expression: (@var(integer, lh.line_range) != 0)
[2023-02-22 03:03:51.002] [info] converting parse tree to expression...
[2023-02-22 03:03:51.002] [debug] converting node with type: crashrepairfix::not_equals
[2023-02-22 03:03:51.002] [debug] converting node with type: crashrepairfix::integer
[2023-02-22 03:03:51.002] [debug] converting node with type: crashrepairfix::variable
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.line_range, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.line_range, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.opcode_base, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.opcode_base, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.minimum_instruction_length, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.minimum_instruction_length, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.maximum_ops_per_insn, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.maximum_ops_per_insn, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(op_code, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.opcode_base, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(lh.opcode_base, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(op_code, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(line_ptr, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(line_ptr, pointer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(end_sequence, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(line_ptr, integer)
[2023-02-22 03:03:51.002] [debug] loaded variable: Variable(line_ptr, pointer)
[2023-02-22 03:03:51.002] [debug] loading state values from file: /experiment/vulnloc/binutils/CVE-2017-15025/analysis/values/#experiment#vulnloc#binutils#CVE-2017-15025#src#bfd#.#dwarf2.c:2455:8.csv
[2023-02-22 03:03:51.002] [debug] retrieved header line from state values file: lh;lh.line_range;lh.opcode_base;lh.minimum_instruction_length;lh.maximum_ops_per_insn;op_code;line_ptr;end_sequence
[2023-02-22 03:03:51.002] [debug] state values file contains 8 columns
[2023-02-22 03:03:51.002] [debug] reading value for column: lh
[2023-02-22 03:03:51.002] [debug] reading value for column: lh.line_range
[2023-02-22 03:03:51.002] [debug] reading value for column: lh.opcode_base
[2023-02-22 03:03:51.002] [debug] reading value for column: lh.minimum_instruction_length
[2023-02-22 03:03:51.002] [debug] reading value for column: lh.maximum_ops_per_insn
[2023-02-22 03:03:51.002] [debug] reading value for column: op_code
[2023-02-22 03:03:51.002] [debug] reading value for column: line_ptr
[2023-02-22 03:03:51.002] [debug] reading value for column: end_sequence
[2023-02-22 03:03:51.002] [debug] loaded 1 state rows
[2023-02-22 03:03:51.002] [info] generating patches...
[2023-02-22 03:03:51.120] [warning] unable to find statement at location: /experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2441:3
[2023-02-22 03:03:51.123] [warning] unable to find statement at location: /experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2453:19
[2023-02-22 03:03:51.127] [warning] unable to find statement at location: /experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2453:8
[2023-02-22 03:03:51.131] [warning] unable to find statement at location: /experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2454:8
[2023-02-22 03:03:51.134] [warning] unable to find statement at location: /experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2455:8
[2023-02-22 03:03:51.231] [warning] unable to find statement at location: /experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2441:3
[2023-02-22 03:03:51.234] [warning] unable to find statement at location: /experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2453:19
[2023-02-22 03:03:51.238] [warning] unable to find statement at location: /experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2453:8
[2023-02-22 03:03:51.241] [warning] unable to find statement at location: /experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2454:8
[2023-02-22 03:03:51.245] [warning] unable to find statement at location: /experiment/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2455:8
[2023-02-22 03:03:51.245] [info] writing 0 mutations to disk: /experiment/vulnloc/binutils/CVE-2017-15025/candidates.json
[2023-02-22 03:03:51.245] [info] wrote mutations to disk

[ChrisTimperley]

I'm trying to reproduce this one at the moment. Just a heads up that I've been stuck at the following stage in the analysis for roughly 10 minutes so far:

                Running Concolic Execution
                ------------------------------------------------------------------------------------------

                     Using Arguments: ['-A', '-a', '-l', '-S', '-s', '--special-syms', '--synthetic', '--with-symbol-versions', '-D', '$POC']
                     Using Input File: /CrashRepair/experiments/vulnloc/binutils/CVE-2017-15025/tests/1.bin
                building program
                        setting environment variables
                        cleaning files
                        configuring program
                        compiling program
                extracting bytecode
                generating ktest file
                executing klee in concolic mode

Edit: It's still stuck on this step after 25 minutes.

[ChrisTimperley]

This turned out to be the same problem as #54 (notice /src/bfd/./dwarf2.c) and is now fixed by 44117a4f491cfe9a933858035edcfa35fcb38bb4. Patch evaluation times are awful for binutils, so fixing #74 would make it much easier to run this scenario.

[rshariffdeen]

@ChrisTimperley : Repair generates patch that removes case statement and replace with if condition, when it should be inserting the if condition after the case statement. Resulting in zero plausible patches in commit 315b4e2

  {
    "diff": "@@ -2436,7 +2436,7 @@\n \t      break;\n \t    case DW_LNS_set_basic_block:\n \t      break;\n-\t    case DW_LNS_const_add_pc:\n+\t    if (!((lh.line_range != $
    "id": 0,
    "location": "/data/vulnloc/binutils/CVE-2017-15025/src/bfd/dwarf2.c:2439:6",
    "operator": "insert-conditional-control-flow",
    "replacements": [
      {
        "filename": "dwarf2.c",
        "length": 0,
        "offset": 69003,
        "text": "if (!((lh.line_range != 0))) { return NULL; } "
      }
    ]
  },

[ChrisTimperley]

@rshariffdeen the analysis stage now crashes for this bug when using the latest changes:

                             [fix-loc] decode_line_info, /data/vulnloc/binutils/CVE-2017-15025/src/bfd/./dwarf2.c:2442:34

        Localizing Constraints
        __________________________________________________________________________________________

        Unable to Localize a Crash Free Constraint
        Repair Failed
        Analysis Failed
        Runtime Error
        Error. Exiting...

Run time statistics:
-----------------------

        Startup: 0.000 minutes
        Build: 0 minutes
        Concrete Analysis: 1.144 minutes
        Concolic Analysis: 20.646 minutes
        Total Analysis: 21.830 minutes
        Localization: 0 minutes

CRepair exited with an error after 34.512 minutes 

[ChrisTimperley]

Moved discussion of underlying issue to #107. Note that this scenario now produces plausible patches.