Created attachment 11615 [details] inputs that trigger bugs - Intel Xeon Gold 5118 processors and 256 GB memory - Linux n18-065-139 4.19.0-1-amd64 #1 SMP Debian 4.19.12-1 (2018-12-22) x86_64 GNU/Linux - clang version 4.0.0 (tags/RELEASE_400/final) - version: commit c72e75a64030b0f6535a80481f37968ad55c333a (Feb 19 2019) - run objdump -x input_file - asan report ==1243005==ERROR: AddressSanitizer failed to allocate 0xffffffa000 (1099511603200) bytes of LargeMmapAllocator (error code: 12) ==1243005==Process memory map follows: 0x000000400000-0x00000041d000 /mnt/raid/user/chenpeng/FuzzingBench/build/asan/install/bin/objdump 0x00000041d000-0x000000996000 /mnt/raid/user/chenpeng/FuzzingBench/build/asan/install/bin/objdump 0x000000996000-0x000000bc9000 /mnt/raid/user/chenpeng/FuzzingBench/build/asan/install/bin/objdump 0x000000bca000-0x000000bcb000 /mnt/raid/user/chenpeng/FuzzingBench/build/asan/install/bin/objdump 0x000000bcb000-0x000000c78000 /mnt/raid/user/chenpeng/FuzzingBench/build/asan/install/bin/objdump 0x000000c78000-0x0000018e9000 0x00007fff7000-0x00008fff7000 0x00008fff7000-0x02008fff7000 0x02008fff7000-0x10007fff8000 0x600000000000-0x602000000000 0x602000000000-0x602000010000 0x602000010000-0x602e00000000 0x602e00000000-0x602e00010000 0x602e00010000-0x603000000000 0x603000000000-0x603000010000 0x603000010000-0x603e00000000 0x603e00000000-0x603e00010000 0x603e00010000-0x604000000000 0x604000000000-0x604000010000 0x604000010000-0x604e00000000 0x604e00000000-0x604e00010000 0x604e00010000-0x606000000000 0x606000000000-0x606000010000 0x606000010000-0x606e00000000 0x606e00000000-0x606e00010000 0x606e00010000-0x607000000000 0x607000000000-0x607000010000 0x607000010000-0x607e00000000 0x607e00000000-0x607e00010000 0x607e00010000-0x608000000000 0x608000000000-0x608000010000 0x608000010000-0x608e00000000 0x608e00000000-0x608e00010000 0x608e00010000-0x60b000000000 0x60b000000000-0x60b000010000 0x60b000010000-0x60be00000000 0x60be00000000-0x60be00010000 0x60be00010000-0x60c000000000 0x60c000000000-0x60c000010000 0x60c000010000-0x60ce00000000 0x60ce00000000-0x60ce00010000 0x60ce00010000-0x60f000000000 0x60f000000000-0x60f000010000 0x60f000010000-0x60fe00000000 0x60fe00000000-0x60fe00010000 0x60fe00010000-0x610000000000 0x610000000000-0x610000010000 0x610000010000-0x610e00000000 0x610e00000000-0x610e00010000 0x610e00010000-0x611000000000 0x611000000000-0x611000010000 0x611000010000-0x611e00000000 0x611e00000000-0x611e00010000 0x611e00010000-0x612000000000 0x612000000000-0x612000010000 0x612000010000-0x612e00000000 0x612e00000000-0x612e00010000 0x612e00010000-0x614000000000 0x614000000000-0x614000010000 0x614000010000-0x614e00000000 0x614e00000000-0x614e00010000 0x614e00010000-0x616000000000 0x616000000000-0x616000010000 0x616000010000-0x616e00000000 0x616e00000000-0x616e00010000 0x616e00010000-0x618000000000 0x618000000000-0x618000010000 0x618000010000-0x618e00000000 0x618e00000000-0x618e00010000 0x618e00010000-0x619000000000 0x619000000000-0x619000010000 0x619000010000-0x619e00000000 0x619e00000000-0x619e00010000 0x619e00010000-0x61a000000000 0x61a000000000-0x61a000010000 0x61a000010000-0x61ae00000000 0x61ae00000000-0x61ae00010000 0x61ae00010000-0x61b000000000 0x61b000000000-0x61b000010000 0x61b000010000-0x61be00000000 0x61be00000000-0x61be00010000 0x61be00010000-0x61d000000000 0x61d000000000-0x61d000010000 0x61d000010000-0x61de00000000 0x61de00000000-0x61de00010000 0x61de00010000-0x61f000000000 0x61f000000000-0x61f000010000 0x61f000010000-0x61fe00000000 0x61fe00000000-0x61fe00010000 0x61fe00010000-0x621000000000 0x621000000000-0x621000010000 0x621000010000-0x621e00000000 0x621e00000000-0x621e00010000 0x621e00010000-0x624000000000 0x624000000000-0x624000010000 0x624000010000-0x624e00000000 0x624e00000000-0x624e00010000 0x624e00010000-0x62d000000000 0x62d000000000-0x62d000020000 0x62d000020000-0x62de00000000 0x62de00000000-0x62de00010000 0x62de00010000-0x640000000000 0x640000000000-0x640000003000 0x7f1ecf066000-0x7f1ecfae0000 /usr/lib/locale/locale-archive 0x7f1ecfae0000-0x7f1ecfd00000 0x7f1ecfdec000-0x7f1ecff00000 0x7f1ecff01000-0x7f1ecff08000 /usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache 0x7f1ecff08000-0x7f1ed22c2000 0x7f1ed22c2000-0x7f1ed22e4000 /lib/x86_64-linux-gnu/libc-2.28.so 0x7f1ed22e4000-0x7f1ed242c000 /lib/x86_64-linux-gnu/libc-2.28.so 0x7f1ed242c000-0x7f1ed2478000 /lib/x86_64-linux-gnu/libc-2.28.so 0x7f1ed2478000-0x7f1ed2479000 /lib/x86_64-linux-gnu/libc-2.28.so 0x7f1ed2479000-0x7f1ed247d000 /lib/x86_64-linux-gnu/libc-2.28.so 0x7f1ed247d000-0x7f1ed247f000 /lib/x86_64-linux-gnu/libc-2.28.so 0x7f1ed247f000-0x7f1ed2483000 0x7f1ed2483000-0x7f1ed2486000 /lib/x86_64-linux-gnu/libgcc_s.so.1 0x7f1ed2486000-0x7f1ed2497000 /lib/x86_64-linux-gnu/libgcc_s.so.1 0x7f1ed2497000-0x7f1ed249a000 /lib/x86_64-linux-gnu/libgcc_s.so.1 0x7f1ed249a000-0x7f1ed249b000 /lib/x86_64-linux-gnu/libgcc_s.so.1 0x7f1ed249b000-0x7f1ed249c000 /lib/x86_64-linux-gnu/libgcc_s.so.1 0x7f1ed249c000-0x7f1ed249d000 /lib/x86_64-linux-gnu/libgcc_s.so.1 0x7f1ed249d000-0x7f1ed249e000 /lib/x86_64-linux-gnu/libdl-2.28.so 0x7f1ed249e000-0x7f1ed249f000 /lib/x86_64-linux-gnu/libdl-2.28.so 0x7f1ed249f000-0x7f1ed24a0000 /lib/x86_64-linux-gnu/libdl-2.28.so 0x7f1ed24a0000-0x7f1ed24a1000 /lib/x86_64-linux-gnu/libdl-2.28.so 0x7f1ed24a1000-0x7f1ed24a2000 /lib/x86_64-linux-gnu/libdl-2.28.so 0x7f1ed24a2000-0x7f1ed24af000 /lib/x86_64-linux-gnu/libm-2.28.so 0x7f1ed24af000-0x7f1ed254e000 /lib/x86_64-linux-gnu/libm-2.28.so 0x7f1ed254e000-0x7f1ed2623000 /lib/x86_64-linux-gnu/libm-2.28.so 0x7f1ed2623000-0x7f1ed2624000 /lib/x86_64-linux-gnu/libm-2.28.so 0x7f1ed2624000-0x7f1ed2625000 /lib/x86_64-linux-gnu/libm-2.28.so 0x7f1ed2625000-0x7f1ed2627000 /lib/x86_64-linux-gnu/librt-2.28.so 0x7f1ed2627000-0x7f1ed262b000 /lib/x86_64-linux-gnu/librt-2.28.so 0x7f1ed262b000-0x7f1ed262d000 /lib/x86_64-linux-gnu/librt-2.28.so 0x7f1ed262d000-0x7f1ed262e000 /lib/x86_64-linux-gnu/librt-2.28.so 0x7f1ed262e000-0x7f1ed262f000 /lib/x86_64-linux-gnu/librt-2.28.so 0x7f1ed262f000-0x7f1ed2635000 /lib/x86_64-linux-gnu/libpthread-2.28.so 0x7f1ed2635000-0x7f1ed2644000 /lib/x86_64-linux-gnu/libpthread-2.28.so 0x7f1ed2644000-0x7f1ed264a000 /lib/x86_64-linux-gnu/libpthread-2.28.so 0x7f1ed264a000-0x7f1ed264b000 /lib/x86_64-linux-gnu/libpthread-2.28.so 0x7f1ed264b000-0x7f1ed264c000 /lib/x86_64-linux-gnu/libpthread-2.28.so 0x7f1ed264c000-0x7f1ed2650000 0x7f1ed2650000-0x7f1ed265f000 0x7f1ed265f000-0x7f1ed2660000 /lib/x86_64-linux-gnu/ld-2.28.so 0x7f1ed2660000-0x7f1ed267e000 /lib/x86_64-linux-gnu/ld-2.28.so 0x7f1ed267e000-0x7f1ed2686000 /lib/x86_64-linux-gnu/ld-2.28.so 0x7f1ed2686000-0x7f1ed2687000 /lib/x86_64-linux-gnu/ld-2.28.so 0x7f1ed2687000-0x7f1ed2688000 /lib/x86_64-linux-gnu/ld-2.28.so 0x7f1ed2688000-0x7f1ed2689000 0x7ffc80989000-0x7ffc809aa000 [stack] 0x7ffc809ea000-0x7ffc809ed000 [vvar] 0x7ffc809ed000-0x7ffc809ef000 [vdso] ==1243005==End of process memory map. ==1243005==AddressSanitizer CHECK failed: /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler-rt/lib/sanitizer_common/sanitizer_common.cc:120 "((0 && "unable to mmap")) != (0)" (0x0, 0x0) #0 0x4cbcef in __asan::AsanCheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler-rt/lib/asan/asan_rtl.cc:69:3 #1 0x4df64f in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler-rt/lib/sanitizer_common/sanitizer_termination.cc:79:5 #2 0x4d0c5e in __sanitizer::ReportMmapFailureAndDie(unsigned long, char const*, char const*, int, bool) /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler-rt/lib/sanitizer_common/sanitizer_common.cc:120:3 #3 0x4d967b in __sanitizer::MmapOrDie(unsigned long, char const*, bool) /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler-rt/lib/sanitizer_common/sanitizer_posix.cc:132:5 #4 0x421e54 in __sanitizer::LargeMmapAllocator<__asan::AsanMapUnmapCallback>::Allocate(__sanitizer::AllocatorStats*, unsigned long, unsigned long) /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_allocator_secondary.h:41:9 #5 0x421c08 in __sanitizer::CombinedAllocator<__sanitizer::SizeClassAllocator64<__asan::AP64>, __sanitizer::SizeClassAllocatorLocalCache<__sanitizer::SizeClassAllocator64<__asan::AP64> >, __sanitizer::LargeMmapAllocator<__asan::AsanMapUnmapCallback> >::Allocate(__sanitizer::SizeClassAllocatorLocalCache<__sanitizer::SizeClassAllocator64<__asan::AP64> >*, unsigned long, unsigned long, bool, bool) /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_allocator_combined.h:70:24 #6 0x41f0bf in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler-rt/lib/asan/asan_allocator.cc:407:21 #7 0x4c43f0 in malloc /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:67:10 #8 0x605fb5 in bfd_malloc /mnt/raid/user/chenpeng/FuzzingBench/binutils/binutils-gdb/bfd/libbfd.c:275:9 #9 0x6a969b in _bfd_elf_slurp_version_tables /mnt/raid/user/chenpeng/FuzzingBench/binutils/binutils-gdb/bfd/elf.c:8556:31 #10 0x6a696f in _bfd_elf_print_private_bfd_data /mnt/raid/user/chenpeng/FuzzingBench/binutils/binutils-gdb/bfd/elf.c:1798:13 #11 0x4f65d5 in dump_bfd_private_header /mnt/raid/user/chenpeng/FuzzingBench/binutils/binutils-gdb/binutils/objdump.c:3181:3 #12 0x4f51f9 in dump_bfd /mnt/raid/user/chenpeng/FuzzingBench/binutils/binutils-gdb/binutils/objdump.c:3782:5 #13 0x4f4c71 in display_object_bfd /mnt/raid/user/chenpeng/FuzzingBench/binutils/binutils-gdb/binutils/objdump.c:3883:7 #14 0x4f4b67 in display_any_bfd /mnt/raid/user/chenpeng/FuzzingBench/binutils/binutils-gdb/binutils/objdump.c:3973:5 #15 0x4f424a in display_file /mnt/raid/user/chenpeng/FuzzingBench/binutils/binutils-gdb/binutils/objdump.c:3994:3 #16 0x4f3ab0 in main /mnt/raid/user/chenpeng/FuzzingBench/binutils/binutils-gdb/binutils/objdump.c:4304:6 #17 0x7f1ed22e609a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a) #18 0x41d639 in _start (/mnt/raid/user/chenpeng/FuzzingBench/build/asan/install/bin/objdump+0x41d639)
This also doesn't reproduce for me.
The testcase has a VERDEFS section claiming to be 0xffffff7f00 in size. I suppose we should inform the user that they hit an out-of-memory here rather than just silently ignoring the failure.
(In reply to Alan Modra from comment #2) > The testcase has a VERDEFS section claiming to be 0xffffff7f00 in size. I > suppose we should inform the user that they hit an out-of-memory here rather > than just silently ignoring the failure. Agree.
size can also trigger this: https://sourceware.org/bugzilla/show_bug.cgi?id=24238
The master branch has been updated by Alan Modra <amodra@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7d272a55caebfc26ab2e15d1e9439bac978b9bb7 commit 7d272a55caebfc26ab2e15d1e9439bac978b9bb7 Author: Alan Modra <amodra@gmail.com> Date: Wed Feb 20 12:06:31 2019 +1030 PR24233, Out of memory PR 24233 * objdump.c (dump_bfd_private_header): Print warning if bfd_print_private_bfd_data returns false.
objdump now reports that something went wrong when printing private headers.