Comment #1 on issue 56134 by evv...@gmail.com: elfutils:fuzz-libdwfl:
Use-of-uninitialized-value in check_section
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134#c1
Below is the full backtrace
```
==2272==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x5fb3c7 in check_section /src/elfutils/libdw/dwarf_begin_elf.c:265:7
#1 0x5f8d3e in global_read /src/elfutils/libdw/dwarf_begin_elf.c:444:14
#2 0x5f8d3e in dwarf_begin_elf /src/elfutils/libdw/dwarf_begin_elf.c:595:9
#3 0x53f28c in load_dw /src/elfutils/libdwfl/dwfl_module_getdwarf.c:1341:13
#4 0x53c5b9 in find_dw /src/elfutils/libdwfl/dwfl_module_getdwarf.c:1391:16
#5 0x53c5b9 in dwfl_module_getdwarf
/src/elfutils/libdwfl/dwfl_module_getdwarf.c:1446:3
#6 0x534b72 in LLVMFuzzerTestOneInput /src/fuzz-libdwfl.c:54:3
#7 0x43dcf3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*,
unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15
#8 0x429452 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned
long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
#9 0x42ecfc in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char
const*, unsigned long))
/src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:860:9
#10 0x458232 in main
/src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#11 0x7fe0978dd0b2 in __libc_start_main
/build/glibc-eX1tMB/glibc-2.31/csu/libc-start.c:308:16
#12 0x41f61d in _start
Uninitialized value was created by a heap allocation
#0 0x4e2310 in __interceptor_malloc
/src/llvm-project/compiler-rt/lib/msan/msan_interceptors.cpp:895:3
#1 0x6b9935 in convert_data /src/elfutils/libelf/elf_getdata.c:166:24
#2 0x6b9935 in __libelf_set_data_list_rdlock
/src/elfutils/libelf/elf_getdata.c:455:7
#3 0x6ba571 in __elf_getdata_rdlock /src/elfutils/libelf/elf_getdata.c:562:5
#4 0x6ba6cd in elf_getdata /src/elfutils/libelf/elf_getdata.c:580:12
#5 0x5faec7 in check_section /src/elfutils/libdw/dwarf_begin_elf.c:246:20
#6 0x5f8d3e in global_read /src/elfutils/libdw/dwarf_begin_elf.c:444:14
#7 0x5f8d3e in dwarf_begin_elf /src/elfutils/libdw/dwarf_begin_elf.c:595:9
#8 0x53f28c in load_dw /src/elfutils/libdwfl/dwfl_module_getdwarf.c:1341:13
#9 0x53c5b9 in find_dw /src/elfutils/libdwfl/dwfl_module_getdwarf.c:1391:16
#10 0x53c5b9 in dwfl_module_getdwarf
/src/elfutils/libdwfl/dwfl_module_getdwarf.c:1446:3
#11 0x534b72 in LLVMFuzzerTestOneInput /src/fuzz-libdwfl.c:54:3
#12 0x43dcf3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*,
unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15
#13 0x429452 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned
long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
#14 0x42ecfc in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char
const*, unsigned long))
/src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:860:9
#15 0x458232 in main
/src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#16 0x7fe0978dd0b2 in __libc_start_main
/build/glibc-eX1tMB/glibc-2.31/csu/libc-start.c:308:16
SUMMARY: MemorySanitizer: use-of-uninitialized-value
(/mnt/scratch0/clusterfuzz/bot/builds/clusterfuzz-builds_elfutils_3ee01cb67db1a71e7adeb7f3f14722ea62f13cd5/revisions/fuzz-libdwfl+0x5fb3c7)
```
Looks like it was introduced in
https://sourceware.org/git/?p=elfutils.git;a=commitdiff;h=fda09f5f188fb173b2123815be71ca4647a8adfb
--
You received this message because:
1. You were specifically CC'd on the issue
You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings
Reply to this email to add a comment.
