https://sourceware.org/bugzilla/show_bug.cgi?id=30326
Bug ID: 30326
Summary: Use of uninitialized value in objdump.c
Product: binutils
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: ziqiaokong at gmail dot com
Target Milestone: ---
Created attachment 14808
--> https://sourceware.org/bugzilla/attachment.cgi?id=14808&action=edit
Contains both obj file and valgrind logs
Git commit hash: 929a05081ec2ca6448927b96f673b0cd9633a342 (not sure which
version it belongs to)
Steps to reproduce:
```
./configure
make -j
valgrind --leak-check=full --tool=memcheck ./binutils/objdump -D /path/to/obj
```
Valgrind output:
```
==297370== Memcheck, a memory error detector
==297370== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==297370== Using Valgrind-3.18.1 and LibVEX; rerun with -h for copyright info
==297370== Command: /binutils/binutils/objdump -D /work/tmpfs/obj
==297370==
BFD: warning: /work/tmpfs/obj has a section extending past end of file
/work/tmpfs/obj: unable to decompress section .debug_inXo
/work/tmpfs/obj: no group info for section '.debug_inXo'
/work/tmpfs/obj: file format elf32-i386
BFD: /work/tmpfs/obj: attempt to load strings from a non-string section (number
11)
BFD: /work/tmpfs/obj(.rela.debug_inXo): relocation 5 has invalid symbol index
257
==297370== Conditional jump or move depends on uninitialised value(s)
==297370== at 0x167998: compare_relocs (in /binutils/binutils/objdump)
==297370== by 0x48A540E: msort_with_tmp.part.0 (msort.c:82)
==297370== by 0x48A53C1: msort_with_tmp (msort.c:44)
==297370== by 0x48A53C1: msort_with_tmp.part.0 (msort.c:53)
==297370== by 0x48A53A4: msort_with_tmp (msort.c:44)
==297370== by 0x48A53A4: msort_with_tmp.part.0 (msort.c:52)
==297370== by 0x48A53C1: msort_with_tmp (msort.c:44)
==297370== by 0x48A53C1: msort_with_tmp.part.0 (msort.c:53)
==297370== by 0x48A53A4: msort_with_tmp (msort.c:44)
==297370== by 0x48A53A4: msort_with_tmp.part.0 (msort.c:52)
==297370== by 0x48A5A55: msort_with_tmp (msort.c:44)
==297370== by 0x48A5A55: qsort_r (msort.c:296)
==297370== by 0x16DECE: disassemble_data (in /binutils/binutils/objdump)
==297370== by 0x171908: dump_bfd (in /binutils/binutils/objdump)
==297370== by 0x171AE0: display_object_bfd (in /binutils/binutils/objdump)
==297370== by 0x171D4E: display_any_bfd (in /binutils/binutils/objdump)
==297370== by 0x171DC7: display_file (in /binutils/binutils/objdump)
==297370==
...
<Many similar reports, see attached full logs>
...
```
System environment:
```
[afl++ amdsuplus3] /binutils (master) # gcc --version
gcc (Ubuntu 11.3.0-1ubuntu1~22.04) 11.3.0
Copyright (C) 2021 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
[afl++ amdsuplus3] /binutils (master) # g++ --version
g++ (Ubuntu 11.3.0-1ubuntu1~22.04) 11.3.0
Copyright (C) 2021 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
[afl++ amdsuplus3] /binutils (master) # cat /etc/issue
Ubuntu 22.04.2 LTS \n \l
[afl++ amdsuplus3] /binutils (master) # uname -a
Linux amdsuplus3.inf.ethz.ch 5.4.0-144-generic #161-Ubuntu SMP Fri Feb 3
14:49:04 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
[afl++ amdsuplus3] /binutils (master) #
```
--
You are receiving this mail because:
You are on the CC list for the bug.
