https://sourceware.org/bugzilla/show_bug.cgi?id=29892
Bug ID: 29892 Summary: Field `file_table` of `struct module *module` is uninitialized Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14513 --> https://sourceware.org/bugzilla/attachment.cgi?id=14513&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 52 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 192 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 66 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 95 /binutils-gdb/build/binutils/addr2line: unknown source command 99 /binutils-gdb/build/binutils/addr2line: unknown source command 116 /binutils-gdb/build/binutils/addr2line: unknown source command 105 /binutils-gdb/build/binutils/addr2line: unknown source command 103 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 95 /binutils-gdb/build/binutils/addr2line: unknown source command 84 /binutils-gdb/build/binutils/addr2line: unknown source command 88 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 148 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 161 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 95 /binutils-gdb/build/binutils/addr2line: unknown source command 98 /binutils-gdb/build/binutils/addr2line: unknown source command 99 /binutils-gdb/build/binutils/addr2line: unknown source command 109 /binutils-gdb/build/binutils/addr2line: unknown source command 116 /binutils-gdb/build/binutils/addr2line: unknown source command 110 /binutils-gdb/build/binutils/addr2line: unknown source command 109 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 95 /binutils-gdb/build/binutils/addr2line: unknown source command 69 /binutils-gdb/build/binutils/addr2line: unknown source command 84 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 228 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 18 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 164 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 95 /binutils-gdb/build/binutils/addr2line: unknown source command 98 /binutils-gdb/build/binutils/addr2line: unknown source command 99 /binutils-gdb/build/binutils/addr2line: unknown source command 99 /binutils-gdb/build/binutils/addr2line: unknown source command 97 /binutils-gdb/build/binutils/addr2line: unknown source command 115 /binutils-gdb/build/binutils/addr2line: unknown source command 97 /binutils-gdb/build/binutils/addr2line: unknown source command 101 /binutils-gdb/build/binutils/addr2line: unknown source command 95 /binutils-gdb/build/binutils/addr2line: unknown source command 69 /binutils-gdb/build/binutils/addr2line: unknown source command 84 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 AddressSanitizer:DEADLYSIGNAL ================================================================= ==172769==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x7f7f32ca7066 bp 0x7ffe23f9a990 sp 0x7ffe23f9a0d8 T0) ==172769==The signal is caused by a READ memory access. ==172769==Hint: this fault was caused by a dereference of a high value address (see register values below). Dissassemble the provided pc to learn which register was used. #0 0x7f7f32ca7066 in __sanitizer::internal_strlen(char const*) ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cpp:167 #1 0x7f7f32c382ed in printf_common ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors_format.inc:551 #2 0x7f7f32c386cc in __interceptor_vprintf ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1660 #3 0x7f7f32c387c6 in __interceptor_printf ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1718 #4 0x564e4c920af9 in translate_addresses ../../binutils/addr2line.c:392 #5 0x564e4c920fbc in process_file ../../binutils/addr2line.c:470 #6 0x564e4c9215b1 in main ../../binutils/addr2line.c:579 #7 0x7f7f329dbd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #8 0x7f7f329dbe3f in __libc_start_main_impl ../csu/libc-start.c:392 #9 0x564e4c91f244 in _start (/binutils-gdb/build/binutils/addr2line+0x343244) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV ../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cpp:167 in __sanitizer::internal_strlen(char const*) ==172769==ABORTING ``` # Analysis The field `file_table` of `struct module *module` is created at [1] but without being initialized, and then its uninitialized field is used to assign `*file`[2], which is a pointer to a global variable `filename`[3]. Later on when this variable is used[4], the segmentation fault occurs. [1] https://github.com/bminor/binutils-gdb/blob/85f9067d3a47d51a46ba369c60fdec752da0f885/bfd/vms-alpha.c#L4340 [2] https://github.com/bminor/binutils-gdb/blob/85f9067d3a47d51a46ba369c60fdec752da0f885/bfd/vms-alpha.c#L4926 [3] https://github.com/bminor/binutils-gdb/blob/85f9067d3a47d51a46ba369c60fdec752da0f885/binutils/addr2line.c#L167 [4] https://github.com/bminor/binutils-gdb/blob/85f9067d3a47d51a46ba369c60fdec752da0f885/binutils/addr2line.c#L392 -- You are receiving this mail because: You are on the CC list for the bug.