OS:Linux Arch:X86_64 The binutils fuzz test code: https://github.com/google/oss-fuzz/tree/master/projects/binutils Memory leakage occurs in the following cases: 1.fuzz_addr2line 2.fuzz_dwarf 3.fuzz_objcopy 4.fuzz_objdump 1.fuzz_addr2line: When the bfd_check_format_matches interface is used, the user needs to release the memory, which is a test case problem rather than binutils problem. It is verified that the input parameter matching of the bfd_check_format_matches function of the test case is empty and released to solve the leak problem. + if (matching!=NULL) {free(matching);} Leaked Memory: ==95==ERROR: LeakSanitizer: detected memory leaks Direct leak of 445824 byte(s) in 108 object(s) allocated from: #0 0x5221bd in malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3 #1 0x56ad44 in bfd_malloc /src/binutils-gdb/bfd/libbfd.c:289:9 #2 0x566455 in bfd_check_format_matches /src/binutils-gdb/bfd/format.c:258:47 #3 0x55539b in fuzz_preconditions_check /src/binutils-gdb/binutils/./ada_addr2line.h:72:9 #4 0x5557fd in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_addr2line.c:65:7 #5 0x45a991 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #6 0x45a0b5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #7 0x45c457 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19 #8 0x45d1e5 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5 #9 0x44b368 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #10 0x4753e2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #11 0x7f505229782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) SUMMARY: AddressSanitizer: 445824 byte(s) leaked in 108 allocation(s). 2.fuzz_dwarf: The leakage problem of this test case is the same as the problem (1.fuzz_addr2line),(The matching input parameter is not released),The function of the bfd_check_format_matches() interface used in the fuzz test case is incomplete. This problem is not caused by the bintuils itself. Leaked Memory: ==70==ERROR: LeakSanitizer: detected memory leaks Direct leak of 57792 byte(s) in 14 object(s) allocated from: #0 0x52263d in malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3 #1 0x91c1b4 in bfd_malloc /src/binutils-gdb/bfd/libbfd.c:289:9 #2 0x9178c5 in bfd_check_format_matches /src/binutils-gdb/bfd/format.c:258:47 #3 0x5585d5 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_dwarf.c:36:7 #4 0x45ae11 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #5 0x45a535 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #6 0x45c8d7 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19 #7 0x45d665 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5 #8 0x44b7e8 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #9 0x475862 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #10 0x7fe2148de82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) SUMMARY: AddressSanitizer: 57792 byte(s) leaked in 14 allocation(s). 3.fuzz_objcopy: Leakage point 1: The main interface of the test case does not release the memory. This problem occurs in the test case. Leakage point 2: The release function clean_symbol_htabs() needs to be added to invoke the open-source public memory release function htab_delete. Release the created lists one by one. Leakage point 3: 1>. After leak point 2 is rectified, a new leak point exists. The possible patch https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=d6e1d48c83b165c129cb0aa78905f7ca80a1f682, however, is incomplete. 2>. This community patch only fixes the leak under the failed branch of the make_tempdir() function. When the make_tempdir() function is successfully executed, the outer function needs to release the function by adding the free(dir); operation before the end of copy_archive(). Leaked Memory: ++ tail -300 fuzz_objcopy-address.log #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554bfc in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1039:25 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #8 0x45c647 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19 #9 0x45d3af in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5 #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 992 byte(s) in 4 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554bf0 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1038:25 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #8 0x45c647 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19 #9 0x45d3af in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5 #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c50 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1048:36 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5 #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c44 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1045:28 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5 #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c38 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1044:26 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5 #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c2c in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1043:30 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5 #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c20 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1042:29 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5 #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c14 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1041:28 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5 #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c08 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1040:24 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5 #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554bfc in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1039:25 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5 #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554bf0 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1038:25 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5 #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c50 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1048:36 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3 #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c44 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1045:28 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3 #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c38 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1044:26 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3 #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c2c in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1043:30 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3 #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c20 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1042:29 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3 #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c14 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1041:28 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3 #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554c08 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1040:24 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3 #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554bfc in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1039:25 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3 #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Indirect leak of 248 byte(s) in 1 object(s) allocated from: #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12 #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29 #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10 #4 0x554bf0 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1038:25 #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3 #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3 #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3 #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) SUMMARY: AddressSanitizer: 1963440 byte(s) leaked in 10908 allocation(s). 4.fuzz_objdump: Leakage point 1: The disassemble_data() function in the binutils/objdump.c code allocates space for the pointer sorted_syms. However, the corresponding memory is not released before being returned in the failure process. Leakage point 2: The bfd_fatal() interface invokes the exit interface to forcibly end the process. (bfd_fatal() is invoked by many codes and cannot be modified.) In many failed processes in the binutils source code, exit is invoked to force the process to end, instead of exiting according to the normal failure process. Therefore, some dynamically allocated memory is not cleared through the normal release operation. Instead, resources are released after the process ends. Leaked Memory: ==30==ERROR: LeakSanitizer: detected memory leaks Direct leak of 18 byte(s) in 18 object(s) allocated from: #0 0x52263d in malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3 #1 0x1488a48 in xmalloc /src/binutils-gdb/libiberty/./xmalloc.c:147:12 #2 0x55ce51 in disassemble_data /src/binutils-gdb/binutils/./fuzz_objdump.h:3631:30 #3 0x55a999 in dump_bfd /src/binutils-gdb/binutils/./fuzz_objdump.h:5154:5 #4 0x559bfb in display_object_bfd /src/binutils-gdb/binutils/./fuzz_objdump.h #5 0x558285 in display_file /src/binutils-gdb/binutils/./fuzz_objdump.h:5327:3 #6 0x558fca in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objdump.c:80:3 #7 0x45ae11 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 #8 0x45a535 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 #9 0x45c8d7 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19 #10 0x45d665 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5 #11 0x44b7e8 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 #12 0x475862 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 #13 0x7fd383c8682f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) SUMMARY: AddressSanitizer: 18 byte(s) leaked in 18 allocation(s).
Created attachment 14277 [details] Fix some memory leaks in objcopy.c I try to fix memory leak about symbol_htabs in objcopy. Please check it out
Created attachment 14278 [details] Fix memory leak in objcopy.c Fix memory leak in objcopy.c Please check it out.
Created attachment 14279 [details] Fix some memory leaks in dwarf.c and objdump.c I try to fix memory leak about free_debug_xxxx. Please check it out
The master branch has been updated by Alan Modra <amodra@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=450da4bd38ae529a6879baafe59b1e88507b5fd9 commit 450da4bd38ae529a6879baafe59b1e88507b5fd9 Author: Alan Modra <amodra@gmail.com> Date: Tue Aug 16 00:16:49 2022 +0930 PR29362, some binutils memory leaks 2022-08-16 Alan Modra <amodra@gmail.com> Cunlong Li <shenxiaogll@163.com> PR 29362 * dwarf.c (free_debug_information): New function, extracted.. (free_debug_memory): ..from here. (process_debug_info): Use it when before clearing out unit debug_information. Clear all fields. * objcopy.c (delete_symbol_htabs): New function. (main): Call it via xatexit. (copy_archive): Free "dir". * objdump.c (free_debug_section): Free reloc_info.
Thanks for the patches!