Created attachment 15887 [details] poc Hello, We are currently working on fuzz testing feature, and we found a **memory leak** on `ld`. The stack traces are as follow: ``` /data/swj/optfuzz/benchmark/binutils-2.43/bins/bin/ld -w /tmp/bug /data/swj/optfuzz/benchmark/binutils-2.43/bins/bin/ld: warning: /tmp/bug has a section extending past end of file ================================================================= ==3147400==ERROR: LeakSanitizer: detected memory leaks Direct leak of 2080 byte(s) in 2 object(s) allocated from: #0 0x55cf25a88dce in __interceptor_malloc (/data/swj/optfuzz/benchmark/binutils-2.43/bins/bin/ld+0x1dcdce) (BuildId: d9731e405748db264b62c84ded760ba4f068cb0a) #1 0x55cf25ffb69b in xmalloc /data/swj/optfuzz/benchmark/binutils-2.43/libiberty/./xmalloc.c:149:12 #2 0x55cf25b909fa in add_link_order_input_section /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldelfgen.c:65:17 #3 0x55cf25b8f2cb in link_order_scan /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldelfgen.c:130:10 #4 0x55cf25b8eea4 in link_order_scan /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldelfgen.c:105:8 #5 0x55cf25b8ef8d in link_order_scan /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldelfgen.c:114:11 #6 0x55cf25b8e002 in ldelf_map_segments /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldelfgen.c:274:8 #7 0x55cf25b5d8d4 in gldelf_x86_64_after_allocation /data/swj/optfuzz/benchmark/binutils-2.43/ld/eelf_x86_64.c:151:5 #8 0x55cf25b43036 in ldemul_after_allocation /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldemul.c:90:3 #9 0x55cf25b04dc0 in lang_process /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldlang.c:8473:3 #10 0x55cf25b2e34c in main /data/swj/optfuzz/benchmark/binutils-2.43/ld/./ldmain.c:529:3 #11 0x7fda55f1b082 in __libc_start_main /build/glibc-LcI20x/glibc-2.31/csu/../csu/libc-start.c:308:16 Direct leak of 1928 byte(s) in 171 object(s) allocated from: #0 0x55cf25a88dce in __interceptor_malloc (/data/swj/optfuzz/benchmark/binutils-2.43/bins/bin/ld+0x1dcdce) (BuildId: d9731e405748db264b62c84ded760ba4f068cb0a) #1 0x55cf25ffb69b in xmalloc /data/swj/optfuzz/benchmark/binutils-2.43/libiberty/./xmalloc.c:149:12 #2 0x55cf25ffb8dd in xstrdup /data/swj/optfuzz/benchmark/binutils-2.43/libiberty/./xstrdup.c:34:24 #3 0x55cf25ad4ff7 in yylex /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldlex.l:401:21 #4 0x55cf25ac43fa in yyparse /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldgram.c:2520:16 #5 0x55cf25b2dee3 in main /data/swj/optfuzz/benchmark/binutils-2.43/ld/./ldmain.c:434:7 #6 0x7fda55f1b082 in __libc_start_main /build/glibc-LcI20x/glibc-2.31/csu/../csu/libc-start.c:308:16 Direct leak of 800 byte(s) in 1 object(s) allocated from: #0 0x55cf25a88dce in __interceptor_malloc (/data/swj/optfuzz/benchmark/binutils-2.43/bins/bin/ld+0x1dcdce) (BuildId: d9731e405748db264b62c84ded760ba4f068cb0a) #1 0x55cf25bc4ad2 in bfd_malloc /data/swj/optfuzz/benchmark/binutils-2.43/bfd/libbfd.c:291:9 #2 0x55cf25d39021 in bfd_elf_final_link /data/swj/optfuzz/benchmark/binutils-2.43/bfd/elflink.c:12905:44 #3 0x55cf25b33d0e in ldwrite /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldwrite.c:550:8 #4 0x55cf25b2e4e9 in main /data/swj/optfuzz/benchmark/binutils-2.43/ld/./ldmain.c:556:3 #5 0x7fda55f1b082 in __libc_start_main /build/glibc-LcI20x/glibc-2.31/csu/../csu/libc-start.c:308:16 Direct leak of 338 byte(s) in 12 object(s) allocated from: #0 0x55cf25a88dce in __interceptor_malloc (/data/swj/optfuzz/benchmark/binutils-2.43/bins/bin/ld+0x1dcdce) (BuildId: d9731e405748db264b62c84ded760ba4f068cb0a) #1 0x55cf25ffb69b in xmalloc /data/swj/optfuzz/benchmark/binutils-2.43/libiberty/./xmalloc.c:149:12 #2 0x55cf25ffb840 in xmemdup /data/swj/optfuzz/benchmark/binutils-2.43/libiberty/./xmemdup.c:37:18 #3 0x55cf25ad5462 in yylex /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldlex.l:442:17 #4 0x55cf25ac43fa in yyparse /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldgram.c:2520:16 #5 0x55cf25b2dee3 in main /data/swj/optfuzz/benchmark/binutils-2.43/ld/./ldmain.c:434:7 #6 0x7fda55f1b082 in __libc_start_main /build/glibc-LcI20x/glibc-2.31/csu/../csu/libc-start.c:308:16 Direct leak of 258 byte(s) in 129 object(s) allocated from: #0 0x55cf25a88dce in __interceptor_malloc (/data/swj/optfuzz/benchmark/binutils-2.43/bins/bin/ld+0x1dcdce) (BuildId: d9731e405748db264b62c84ded760ba4f068cb0a) #1 0x55cf25ffb69b in xmalloc /data/swj/optfuzz/benchmark/binutils-2.43/libiberty/./xmalloc.c:149:12 #2 0x55cf25ffb8dd in xstrdup /data/swj/optfuzz/benchmark/binutils-2.43/libiberty/./xstrdup.c:34:24 #3 0x55cf25ad53e6 in yylex /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldlex.l:435:21 #4 0x55cf25ac43fa in yyparse /data/swj/optfuzz/benchmark/binutils-2.43/ld/ldgram.c:2520:16 #5 0x55cf25b2dee3 in main /data/swj/optfuzz/benchmark/binutils-2.43/ld/./ldmain.c:434:7 #6 0x7fda55f1b082 in __libc_start_main /build/glibc-LcI20x/glibc-2.31/csu/../csu/libc-start.c:308:16 SUMMARY: AddressSanitizer: 5404 byte(s) leaked in 315 allocation(s). ``` **Step to reproduce** We configured `objudmp` using `CFLAGS="-g -fsanitize=address" ./configure --prefix=$(pwd)/ ` and build it using `make -j `, and run it with: ``` ./ld -w ``` The input file is attached. **Environment** - OS: Ubuntu 20.04.6 LTS - Clang version: Ubuntu clang version 14.0.6 - binutils version: 2.43 https://ftp.gnu.org/gnu/binutils/binutils-2.43.tar.xz Thank you.
**Step to reproduce** We configured `ld` using `CFLAGS="-g -fsanitize=address" ./configure --prefix=$(pwd)/ ` and build it using `make -j `, and run it with: ``` ./ld -w
There are many known memory leaks in 2.43 ld. There will be many memory leaks in the upcoming 2.44 release too, because I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master.