<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - Unstable call instruction disassembly output if empty sections in linked ELF"

   href="https://bugs.llvm.org/show_bug.cgi?id=45411">45411</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>Unstable call instruction disassembly output if empty sections in linked ELF

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>tools

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>trunk

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Windows NT

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>llvm-objdump

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>jh7370.2008@my.bristol.ac.uk

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>llvm-bugs@lists.llvm.org

          </td>

        </tr></table>

      <p>

        <div>

        <pre>If a fully-linked ELF (i.e. not ET_REL) containing empty sections is

disassembled, the output of call instructions may be unstable - the symbol

referenced may change between runs, even though the input is unchanged. My

guess is that the use of partition_point does not work reliably when there are

multiple sections with the same address - it appears to sometimes pick the

empty section and therefore not use the symbols from the right section at all.

More generally, the disassembler probably shouldn't be using section

information in identifying symbols at all when disassembling a fully linked

ELF, but perhaps that's outside the scope of this issue.

Reproducible (in all cases, "bob" should be picked, not the absolute symbol):

// bar.s

.global _start

.global bob

.global abs

abs = 1

.section .section.call,"ax",@progbits

_start:

  call bob@PLT

.section .section.empty,"ax"

.section .section.bob,"ax"

bob:

  ret

C:\Work\TempWork> C:\llvm\build\Debug\bin\clang.exe -c bar.s

C:\Work\TempWork> C:\llvm\build\Debug\bin\ld.lld.exe bar.o -o bar.elf

C:\Work\TempWork> C:\llvm\build\Debug\bin\llvm-objdump -d bar.elf

bar.elf:        file format elf64-x86-64

Disassembly of section .section.call:

0000000000201120 <_start>:

  201120: e8 00 00 00 00                callq   0x201125 <abs+0x201124>

Disassembly of section .section.bob:

0000000000201125 <bob>:

  201125: c3                            retq

C:\Work\TempWork> C:\llvm\build\Debug\bin\llvm-objdump -d bar.elf

bar.elf:        file format elf64-x86-64

Disassembly of section .section.call:

0000000000201120 <_start>:

  201120: e8 00 00 00 00                callq   0x201125 <bob>

Disassembly of section .section.bob:

0000000000201125 <bob>:

  201125: c3                            retq</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>