https://sourceware.org/bugzilla/show_bug.cgi?id=26154
Bug ID: 26154 Summary: nm-new: attempting free on address which was not malloc() Product: binutils Version: 2.34 Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: feidiyin at gmail dot com Target Milestone: --- Created attachment 12645 --> https://sourceware.org/bugzilla/attachment.cgi?id=12645&action=edit The Poc to trigger this bug When I was fuzzing nm-new with ASAN, I got this ERROR: ==1352==ERROR: AddressSanitizer: attempting free on address which was not malloc()-ed: 0xf3f03b60 in thread T0 #0 0xf7ad1a84 in free (/usr/lib32/libasan.so.2+0x96a84) #1 0x84784a3 in _bfd_coff_free_symbols /home/yinqidi/experiment/binutils-2.34/bfd/coffgen.c:1782 #2 0x84784a3 in _bfd_coff_close_and_cleanup /home/yinqidi/experiment/binutils-2.34/bfd/coffgen.c:3180 #3 0x80b8254 in bfd_close_all_done /home/yinqidi/experiment/binutils-2.34/bfd/opncls.c:789 #4 0x80b8254 in bfd_close /home/yinqidi/experiment/binutils-2.34/bfd/opncls.c:759 #5 0x805ae7c in display_file /home/yinqidi/experiment/binutils-2.34/binutils/nm.c:1392 #6 0x804f335 in main /home/yinqidi/experiment/binutils-2.34/binutils/nm.c:1860 #7 0xf7898636 in __libc_start_main (/lib/i386-linux-gnu/libc.so.6+0x18636) #8 0x8050efb (/home/yinqidi/experiment/binutils-2.34/binutils/nm-new+0x8050efb) 0xf3f03b60 is located 736 bytes inside of 1745-byte region [0xf3f03880,0xf3f03f51) allocated by thread T0 here: #0 0xf7ad1f8e in calloc (/usr/lib32/libasan.so.2+0x96f8e) #1 0x80aae3e in bfd_malloc /home/yinqidi/experiment/binutils-2.34/bfd/libbfd.c:275 #2 0x80aae3e in bfd_zmalloc /home/yinqidi/experiment/binutils-2.34/bfd/libbfd.c:360 #3 0x867ba8b (/home/yinqidi/experiment/binutils-2.34/binutils/nm-new+0x867ba8b) SUMMARY: AddressSanitizer: bad-free ??:0 free ==1352==ABORTING -- You are receiving this mail because: You are on the CC list for the bug.