Bug 29362 - Some memory leaks occur when binutils code is tested using the binutils fuzz test suite.
Summary: Some memory leaks occur when binutils code is tested using the binutils fuzz ...
Status: RESOLVED FIXED
Alias: None
Product: binutils
Classification: Unclassified
Component: binutils (show other bugs)
Version: 2.37
: P2 minor
Target Milestone: ---
Assignee: Alan Modra
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-07-13 01:40 UTC by Cunlong Li
Modified: 2022-08-15 14:56 UTC (History)
0 users

See Also:
Host:
Target:
Build:
Last reconfirmed: 2022-08-15 00:00:00


Attachments
Fix some memory leaks in objcopy.c (912 bytes, patch)
2022-08-15 06:28 UTC, Cunlong Li
Details | Diff
Fix memory leak in objcopy.c (367 bytes, patch)
2022-08-15 06:31 UTC, Cunlong Li
Details | Diff
Fix some memory leaks in dwarf.c and objdump.c (567 bytes, patch)
2022-08-15 06:34 UTC, Cunlong Li
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Cunlong Li 2022-07-13 01:40:03 UTC
OS:Linux
Arch:X86_64
The binutils fuzz test code:
https://github.com/google/oss-fuzz/tree/master/projects/binutils

Memory leakage occurs in the following cases:
1.fuzz_addr2line
2.fuzz_dwarf
3.fuzz_objcopy
4.fuzz_objdump

1.fuzz_addr2line:
When the bfd_check_format_matches interface is used, the user needs to release the memory, which is a test case problem rather than binutils problem.
It is verified that the input parameter matching of the bfd_check_format_matches function of the test case is empty and released to solve the leak problem.
+ if (matching!=NULL) {free(matching);}

Leaked Memory:
==95==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 445824 byte(s) in 108 object(s) allocated from:
    #0 0x5221bd in malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
    #1 0x56ad44 in bfd_malloc /src/binutils-gdb/bfd/libbfd.c:289:9
    #2 0x566455 in bfd_check_format_matches /src/binutils-gdb/bfd/format.c:258:47
    #3 0x55539b in fuzz_preconditions_check /src/binutils-gdb/binutils/./ada_addr2line.h:72:9
    #4 0x5557fd in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_addr2line.c:65:7
    #5 0x45a991 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #6 0x45a0b5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #7 0x45c457 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19
    #8 0x45d1e5 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5
    #9 0x44b368 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #10 0x4753e2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #11 0x7f505229782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

SUMMARY: AddressSanitizer: 445824 byte(s) leaked in 108 allocation(s).


2.fuzz_dwarf:
The leakage problem of this test case is the same as the problem (1.fuzz_addr2line),(The matching input parameter is not released),The function of the bfd_check_format_matches() interface used in the fuzz test case is incomplete. This problem is not caused by the bintuils itself.

Leaked Memory:
==70==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 57792 byte(s) in 14 object(s) allocated from:
    #0 0x52263d in malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
    #1 0x91c1b4 in bfd_malloc /src/binutils-gdb/bfd/libbfd.c:289:9
    #2 0x9178c5 in bfd_check_format_matches /src/binutils-gdb/bfd/format.c:258:47
    #3 0x5585d5 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_dwarf.c:36:7
    #4 0x45ae11 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #5 0x45a535 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #6 0x45c8d7 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19
    #7 0x45d665 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5
    #8 0x44b7e8 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #9 0x475862 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #10 0x7fe2148de82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

SUMMARY: AddressSanitizer: 57792 byte(s) leaked in 14 allocation(s).


3.fuzz_objcopy:
Leakage point 1: The main interface of the test case does not release the memory. This problem occurs in the test case.

Leakage point 2: The release function clean_symbol_htabs() needs to be added to invoke the open-source public memory release function htab_delete. Release the created lists one by one.

Leakage point 3:
1>. After leak point 2 is rectified, a new leak point exists. The possible patch https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=d6e1d48c83b165c129cb0aa78905f7ca80a1f682, however, is incomplete.
2>. This community patch only fixes the leak under the failed branch of the make_tempdir() function. When the make_tempdir() function is successfully executed, the outer function needs to release the function by adding the free(dir); operation before the end of copy_archive().

Leaked Memory:
++ tail -300 fuzz_objcopy-address.log
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554bfc in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1039:25
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #8 0x45c647 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19
    #9 0x45d3af in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5
    #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 992 byte(s) in 4 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554bf0 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1038:25
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #8 0x45c647 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19
    #9 0x45d3af in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5
    #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c50 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1048:36
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5
    #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c44 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1045:28
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5
    #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c38 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1044:26
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5
    #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c2c in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1043:30
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5
    #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c20 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1042:29
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5
    #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c14 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1041:28
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5
    #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c08 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1040:24
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5
    #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554bfc in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1039:25
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5
    #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554bf0 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1038:25
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45a2a5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #8 0x45cc4a in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:748:5
    #9 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #10 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #11 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #12 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c50 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1048:36
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3
    #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c44 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1045:28
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3
    #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c38 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1044:26
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3
    #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c2c in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1043:30
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3
    #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c20 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1042:29
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3
    #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c14 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1041:28
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3
    #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554c08 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1040:24
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3
    #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554bfc in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1039:25
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3
    #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 248 byte(s) in 1 object(s) allocated from:
    #0 0x522522 in calloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x11050f1 in xcalloc /src/binutils-gdb/libiberty/./xmalloc.c:162:12
    #2 0x10f55fe in htab_create_typed_alloc /src/binutils-gdb/libiberty/./hashtab.c:360:29
    #3 0x10f554f in htab_create_alloc /src/binutils-gdb/libiberty/./hashtab.c:285:10
    #4 0x554bf0 in create_symbol_htabs /src/binutils-gdb/binutils/./fuzz_objcopy.h:1038:25
    #5 0x559523 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objcopy.c:117:3
    #6 0x45ab81 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #7 0x45ca85 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3
    #8 0x45d049 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:792:3
    #9 0x44b558 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #10 0x4755d2 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #11 0x7f2fb86d482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

SUMMARY: AddressSanitizer: 1963440 byte(s) leaked in 10908 allocation(s).


4.fuzz_objdump:
Leakage point 1: The disassemble_data() function in the binutils/objdump.c code allocates space for the pointer sorted_syms. However, the corresponding memory is not released before being returned in the failure process.

Leakage point 2: The bfd_fatal() interface invokes the exit interface to forcibly end the process. (bfd_fatal() is invoked by many codes and cannot be modified.)
In many failed processes in the binutils source code, exit is invoked to force the process to end, instead of exiting according to the normal failure process. Therefore, some dynamically allocated memory is not cleared through the normal release operation. Instead, resources are released after the process ends.

Leaked Memory:
==30==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 18 byte(s) in 18 object(s) allocated from:
    #0 0x52263d in malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
    #1 0x1488a48 in xmalloc /src/binutils-gdb/libiberty/./xmalloc.c:147:12
    #2 0x55ce51 in disassemble_data /src/binutils-gdb/binutils/./fuzz_objdump.h:3631:30
    #3 0x55a999 in dump_bfd /src/binutils-gdb/binutils/./fuzz_objdump.h:5154:5
    #4 0x559bfb in display_object_bfd /src/binutils-gdb/binutils/./fuzz_objdump.h
    #5 0x558285 in display_file /src/binutils-gdb/binutils/./fuzz_objdump.h:5327:3
    #6 0x558fca in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_objdump.c:80:3
    #7 0x45ae11 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #8 0x45a535 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #9 0x45c8d7 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19
    #10 0x45d665 in fuzzer::Fuzzer::Loop(std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5
    #11 0x44b7e8 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #12 0x475862 in main /src/llvm/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #13 0x7fd383c8682f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

SUMMARY: AddressSanitizer: 18 byte(s) leaked in 18 allocation(s).
Comment 1 Cunlong Li 2022-08-15 06:28:59 UTC
Created attachment 14277 [details]
Fix some memory leaks in objcopy.c

I try to fix memory leak about symbol_htabs in objcopy.
Please check it out
Comment 2 Cunlong Li 2022-08-15 06:31:44 UTC
Created attachment 14278 [details]
Fix memory leak in objcopy.c

Fix memory leak in objcopy.c
Please check it out.
Comment 3 Cunlong Li 2022-08-15 06:34:07 UTC
Created attachment 14279 [details]
Fix some memory leaks in dwarf.c and objdump.c

I try to fix memory leak about free_debug_xxxx.
Please check it out
Comment 4 Sourceware Commits 2022-08-15 14:55:28 UTC
The master branch has been updated by Alan Modra <amodra@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=450da4bd38ae529a6879baafe59b1e88507b5fd9

commit 450da4bd38ae529a6879baafe59b1e88507b5fd9
Author: Alan Modra <amodra@gmail.com>
Date:   Tue Aug 16 00:16:49 2022 +0930

    PR29362, some binutils memory leaks
    
    2022-08-16  Alan Modra  <amodra@gmail.com>
                Cunlong Li  <shenxiaogll@163.com>
    
            PR 29362
            * dwarf.c (free_debug_information): New function, extracted..
            (free_debug_memory): ..from here.
            (process_debug_info): Use it when before clearing out unit
            debug_information.  Clear all fields.
            * objcopy.c (delete_symbol_htabs): New function.
            (main): Call it via xatexit.
            (copy_archive): Free "dir".
            * objdump.c (free_debug_section): Free reloc_info.
Comment 5 Alan Modra 2022-08-15 14:56:24 UTC
Thanks for the patches!