[Bug binutils/25249] New: Memory leak in microblaze-dis.c
https://sourceware.org/bugzilla/show_bug.cgi?id=25249 Bug ID: 25249 Summary: Memory leak in microblaze-dis.c Product: binutils Version: 2.34 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: xhwu_steven at 163 dot com Target Milestone: --- Created attachment 12106 --> https://sourceware.org/bugzilla/attachment.cgi?id=12106&action=edit Compile binutils with ASAN, and read this file as input. ASAN log: ==60==ERROR: LeakSanitizer: detected memory leaks Direct leak of 3 byte(s) in 1 object(s) allocated from: #0 0x483514 in __strdup /src/llvm-project/compiler-rt/lib/asan/asan_interceptors.cpp:468:3 #1 0x6e76d0 in get_field /src/binutils-gdb/opcodes/microblaze-dis.c:46:11 #2 0x6e6826 in print_insn_microblaze /src/binutils-gdb/opcodes/microblaze-dis.c #3 0x4ca15d in LLVMFuzzerTestOneInput /src/binutils-gdb/fuzz/fuzz_disassemble.c:71:13 #4 0x51a8c6 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15 #5 0x4cb0af in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:292:6 #6 0x4d8d12 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:774:9 #7 0x4ca6f7 in main /src/libfuzzer/FuzzerMain.cpp:19:10 #8 0x7f801cfda82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Direct leak of 3 byte(s) in 1 object(s) allocated from: #0 0x483514 in __strdup /src/llvm-project/compiler-rt/lib/asan/asan_interceptors.cpp:468:3 #1 0x6e76d0 in get_field /src/binutils-gdb/opcodes/microblaze-dis.c:46:11 #2 0x6e64b9 in print_insn_microblaze /src/binutils-gdb/opcodes/microblaze-dis.c:296:36 #3 0x4ca15d in LLVMFuzzerTestOneInput /src/binutils-gdb/fuzz/fuzz_disassemble.c:71:13 #4 0x51a8c6 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15 #5 0x4cb0af in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:292:6 #6 0x4d8d12 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:774:9 #7 0x4ca6f7 in main /src/libfuzzer/FuzzerMain.cpp:19:10 #8 0x7f801cfda82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) SUMMARY: AddressSanitizer: 6 byte(s) leaked in 2 allocation(s). Code here: int print_insn_microblaze(bfd_vma memaddr, struct disassemble_info * info): ... ... case INST_TYPE_RD_R1: print_func (stream, "\t%s, %s", get_field_rd (inst), get_field_r1 (inst)); ... -- You are receiving this mail because: You are on the CC list for the bug.
Re: Memory leak in binutils
Hi Xiaohan, Are you running the fuzz target from ? https://github.com/google/oss-fuzz/blob/master/projects/binutils/fuzz_disassemble.c Did you apply this patch before compiling it ? https://github.com/google/oss-fuzz/blob/master/projects/binutils/patch.diff Cheers, Philippe > Le 4 déc. 2019 à 12:14, Xiaohan Wu a écrit : > > Hello, I got a memory leak bug in binutils. > > ASAN log: > > ==29347==ERROR: LeakSanitizer: detected memory leaks > > Direct leak of 3 byte(s) in 1 object(s) allocated from: > #0 0x483514 in __strdup > /src/llvm-project/compiler-rt/lib/asan/asan_interceptors.cpp:468:3 > #1 0x6e76d0 in get_field /src/binutils-gdb/opcodes/microblaze-dis.c:46:11 > #2 0x6e6826 in print_insn_microblaze > /src/binutils-gdb/opcodes/microblaze-dis.c > #3 0x4ca15d in LLVMFuzzerTestOneInput > /src/binutils-gdb/fuzz/fuzz_disassemble.c:71:13 > #4 0x51a8c6 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, > unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15 > #5 0x516ee0 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned > long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:470:3 > #6 0x51c4bf in fuzzer::Fuzzer::MutateAndTestOne() > /src/libfuzzer/FuzzerLoop.cpp:698:19 > #7 0x51fcfd in fuzzer::Fuzzer::Loop(std::__1::vector fuzzer::fuzzer_allocator >&) > /src/libfuzzer/FuzzerLoop.cpp:830:5 > #8 0x4d8f81 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char > const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:824:6 > #9 0x4ca6f7 in main /src/libfuzzer/FuzzerMain.cpp:19:10 > #10 0x7f6ac80e982f in __libc_start_main > (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) > > Direct leak of 3 byte(s) in 1 object(s) allocated from: > #0 0x483514 in __strdup > /src/llvm-project/compiler-rt/lib/asan/asan_interceptors.cpp:468:3 > #1 0x6e76d0 in get_field /src/binutils-gdb/opcodes/microblaze-dis.c:46:11 > #2 0x6e64b9 in print_insn_microblaze > /src/binutils-gdb/opcodes/microblaze-dis.c:296:36 > #3 0x4ca15d in LLVMFuzzerTestOneInput > /src/binutils-gdb/fuzz/fuzz_disassemble.c:71:13 > #4 0x51a8c6 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, > unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15 > #5 0x516ee0 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned > long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:470:3 > #6 0x51c4bf in fuzzer::Fuzzer::MutateAndTestOne() > /src/libfuzzer/FuzzerLoop.cpp:698:19 > #7 0x51fcfd in fuzzer::Fuzzer::Loop(std::__1::vector fuzzer::fuzzer_allocator >&) > /src/libfuzzer/FuzzerLoop.cpp:830:5 > #8 0x4d8f81 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char > const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:824:6 > #9 0x4ca6f7 in main /src/libfuzzer/FuzzerMain.cpp:19:10 > #10 0x7f6ac80e982f in __libc_start_main > (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) > > SUMMARY: AddressSanitizer: 6 byte(s) leaked in 2 allocation(s). > INFO: to ignore leaks on libFuzzer side use -detect_leaks=0. > > MS: 1 ChangeByte-; base unit: a1be622c3abbca83b3dff1e93a6b232e18dd7e98 > 0xc6,0xc,0x0,0x4,0x26,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x50, > \xc6\x0c\x00\x04&\x00\x00\x00\x00\x00\x00\x00\x00P > artifact_prefix='./'; Test unit written to > ./leak-0dbec89599a608e357f7a41d42cc041ae064df6a > Base64: xgwABCYAAFA= > > > And leak file attached. > > Yours, > Skyvast > > smime.p7s Description: S/MIME cryptographic signature
Memory leak in binutils
Hello, I got a memory leak bug in binutils. ASAN log: ==29347==ERROR: LeakSanitizer: detected memory leaks Direct leak of 3 byte(s) in 1 object(s) allocated from: #0 0x483514 in __strdup /src/llvm-project/compiler-rt/lib/asan/asan_interceptors.cpp:468:3 #1 0x6e76d0 in get_field /src/binutils-gdb/opcodes/microblaze-dis.c:46:11 #2 0x6e6826 in print_insn_microblaze /src/binutils-gdb/opcodes/microblaze-dis.c #3 0x4ca15d in LLVMFuzzerTestOneInput /src/binutils-gdb/fuzz/fuzz_disassemble.c:71:13 #4 0x51a8c6 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15 #5 0x516ee0 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:470:3 #6 0x51c4bf in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:698:19 #7 0x51fcfd in fuzzer::Fuzzer::Loop(std::__1::vector >&) /src/libfuzzer/FuzzerLoop.cpp:830:5 #8 0x4d8f81 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:824:6 #9 0x4ca6f7 in main /src/libfuzzer/FuzzerMain.cpp:19:10 #10 0x7f6ac80e982f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Direct leak of 3 byte(s) in 1 object(s) allocated from: #0 0x483514 in __strdup /src/llvm-project/compiler-rt/lib/asan/asan_interceptors.cpp:468:3 #1 0x6e76d0 in get_field /src/binutils-gdb/opcodes/microblaze-dis.c:46:11 #2 0x6e64b9 in print_insn_microblaze /src/binutils-gdb/opcodes/microblaze-dis.c:296:36 #3 0x4ca15d in LLVMFuzzerTestOneInput /src/binutils-gdb/fuzz/fuzz_disassemble.c:71:13 #4 0x51a8c6 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15 #5 0x516ee0 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:470:3 #6 0x51c4bf in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:698:19 #7 0x51fcfd in fuzzer::Fuzzer::Loop(std::__1::vector >&) /src/libfuzzer/FuzzerLoop.cpp:830:5 #8 0x4d8f81 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:824:6 #9 0x4ca6f7 in main /src/libfuzzer/FuzzerMain.cpp:19:10 #10 0x7f6ac80e982f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) SUMMARY: AddressSanitizer: 6 byte(s) leaked in 2 allocation(s). INFO: to ignore leaks on libFuzzer side use -detect_leaks=0. MS: 1 ChangeByte-; base unit: a1be622c3abbca83b3dff1e93a6b232e18dd7e98 0xc6,0xc,0x0,0x4,0x26,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x50, \xc6\x0c\x00\x04&\x00\x00\x00\x00\x00\x00\x00\x00P artifact_prefix='./'; Test unit written to ./leak-0dbec89599a608e357f7a41d42cc041ae064df6a Base64: xgwABCYAAFA= And leak file attached. Yours, Skyvast leak-0dbec89599a608e357f7a41d42cc041ae064df6a Description: Binary data
[Bug ld/21565] Z80: Incorrect linkage of call instructions
https://sourceware.org/bugzilla/show_bug.cgi?id=21565 Sergey Belyashov changed: What|Removed |Added CC||sergey.belyashov at gmail dot com --- Comment #1 from Sergey Belyashov --- It is correct. Default linker script (*.ld file) contains 0x100 offset for .text. So produces binary should be loaded at address 0x100. It is done for CP/M compatibility (it is described by comment in the *.ld script). You may create your own linker script and place code in any location. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/25224] [Z80][PATCH] Add support for Zylog Z180 and eZ80 CPUs
https://sourceware.org/bugzilla/show_bug.cgi?id=25224 Sergey Belyashov changed: What|Removed |Added CC||amodra at gmail dot com, ||nickc at redhat dot com -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/25249] Memory leak in microblaze-dis.c
https://sourceware.org/bugzilla/show_bug.cgi?id=25249 Alan Modra changed: What|Removed |Added Target||microblaze-*-* Status|UNCONFIRMED |ASSIGNED Last reconfirmed||2019-12-05 Assignee|unassigned at sourceware dot org |amodra at gmail dot com Ever confirmed|0 |1 --- Comment #1 from Alan Modra --- Thanks, a useful leak report, rather than just the odd buffer not freed on exit. This one will consume memory on each insn disassembled. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/25249] Memory leak in microblaze-dis.c
https://sourceware.org/bugzilla/show_bug.cgi?id=25249 --- Comment #2 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Alan Modra : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=378fd436405b3051df34ac995b2e03fe1f3d1907 commit 378fd436405b3051df34ac995b2e03fe1f3d1907 Author: Alan Modra Date: Thu Dec 5 14:42:44 2019 +1030 PR25249, Memory leak in microblaze-dis.c PR 25249 * microblaze-dis.c (NUM_STRBUFS, STRBUF_SIZE): Define. (struct string_buf): New. (strbuf): New function. (get_field): Use strbuf rather than strdup of local temp. (get_field_imm, get_field_imm5, get_field_imm5_mbar): Likewise. (get_field_rfsl, get_field_imm15): Likewise. (get_field_rd, get_field_r1, get_field_r2): Update macros. (get_field_special): Likewise. Don't strcpy spr. Formatting. (print_insn_microblaze): Formatting. Init and pass string_buf to get_field functions. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/25249] Memory leak in microblaze-dis.c
https://sourceware.org/bugzilla/show_bug.cgi?id=25249 Alan Modra changed: What|Removed |Added Status|ASSIGNED|RESOLVED Resolution|--- |FIXED Target Milestone|--- |2.34 --- Comment #3 from Alan Modra --- Fixed -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/25249] Memory leak in microblaze-dis.c
https://sourceware.org/bugzilla/show_bug.cgi?id=25249 --- Comment #4 from Skyvast --- Thanks for your work! Credits by ADLab. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/25244] --print-memory-usage, division by zero if MEMORY length is zero
https://sourceware.org/bugzilla/show_bug.cgi?id=25244 Alan Modra changed: What|Removed |Added Status|UNCONFIRMED |ASSIGNED Last reconfirmed||2019-12-05 Assignee|unassigned at sourceware dot org |amodra at gmail dot com Ever confirmed|0 |1 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/25243] static linking with exceptions and iostream is broken on ARM
https://sourceware.org/bugzilla/show_bug.cgi?id=25243 Alan Modra changed: What|Removed |Added Status|UNCONFIRMED |ASSIGNED Last reconfirmed||2019-12-05 Assignee|unassigned at sourceware dot org |amodra at gmail dot com Ever confirmed|0 |1 --- Comment #2 from Alan Modra --- (In reply to Michael Olbrich from comment #1) > If I move the definition of __exidx_start inside the .ARM.exidx section in > ld/emulparams/armelf_linux_eabi.sh then everything works as expected. That is indeed the correct fix. -- You are receiving this mail because: You are on the CC list for the bug.
Re: Memory leak in binutils
On Wed, Dec 04, 2019 at 07:14:06PM +0800, Xiaohan Wu wrote: > Hello, I got a memory leak bug in binutils. > > ASAN log: > > ==29347==ERROR: LeakSanitizer: detected memory leaks > > Direct leak of 3 byte(s) in 1 object(s) allocated from: > #0 0x483514 in __strdup > /src/llvm-project/compiler-rt/lib/asan/asan_interceptors.cpp:468:3 > #1 0x6e76d0 in get_field > /src/binutils-gdb/opcodes/microblaze-dis.c:46:11 This is PR25249, fixed with git commit 378fd436405b3. -- Alan Modra Australia Development Lab, IBM
[Bug ld/25244] --print-memory-usage, division by zero if MEMORY length is zero
https://sourceware.org/bugzilla/show_bug.cgi?id=25244 --- Comment #1 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Alan Modra : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1769380a11463b907263ef5443de5d14559f2095 commit 1769380a11463b907263ef5443de5d14559f2095 Author: Alan Modra Date: Thu Dec 5 16:37:25 2019 +1030 PR25244, --print-memory-usage, division by zero if MEMORY length is zero PR 25244 * ldlang.c (lang_print_memory_usage): Don't print percent used when length is zero. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/25243] static linking with exceptions and iostream is broken on ARM
https://sourceware.org/bugzilla/show_bug.cgi?id=25243 --- Comment #3 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Alan Modra : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6e9ed99753f0730e85bd45eabb63f499e4d0eca3 commit 6e9ed99753f0730e85bd45eabb63f499e4d0eca3 Author: Alan Modra Date: Thu Dec 5 16:40:02 2019 +1030 PR25243, static linking with exceptions and iostream is broken on ARM PR 25243 * emulparams/armelf.sh (OTHER_READONLY_SECTIONS): Move definition of __exidx_start and __exidx_end into ARM.exidx. * emulparams/armelf_linux_eabi.sh (OTHER_READONLY_SECTIONS): Likewise. * emulparams/armsymbian.sh (OTHER_READONLY_SECTIONS): Similarly. * emulparams/elf32_tic6x_le.sh (OTHER_READONLY_SECTIONS): Similarly. * emulparams/armelf_fuchsia.sh: Source armelf_linux_eabi.sh, just redefining TEXT_START_ADDR. * emulparams/armelf_linux_fdpiceabi.sh: Source armelf_linux_eabi.sh, adding to OTHER_READONLY_SECTIONS. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/25244] --print-memory-usage, division by zero if MEMORY length is zero
https://sourceware.org/bugzilla/show_bug.cgi?id=25244 Alan Modra changed: What|Removed |Added Status|ASSIGNED|RESOLVED Resolution|--- |FIXED Target Milestone|--- |2.34 --- Comment #2 from Alan Modra --- Fixed. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/25243] static linking with exceptions and iostream is broken on ARM
https://sourceware.org/bugzilla/show_bug.cgi?id=25243 Alan Modra changed: What|Removed |Added Target Milestone|--- |2.34 --- Comment #4 from Alan Modra --- Fixed. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/25244] --print-memory-usage, division by zero if MEMORY length is zero
https://sourceware.org/bugzilla/show_bug.cgi?id=25244 --- Comment #3 from Pekka Seppänen --- I think there's a slight issue with this patch: It also omits the linefeed for that particular memory region, should the length be zero. -- You are receiving this mail because: You are on the CC list for the bug.
