[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug ld/20317] New: Segmentation fault in ld; in valid write in bfd_sect
|
From: |
dpovey at gmail dot com |
|
Subject: |
[Bug ld/20317] New: Segmentation fault in ld; in valid write in bfd_section_from_shdr |
|
Date: |
Thu, 30 Jun 2016 00:25:43 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=20317
Bug ID: 20317
Summary: Segmentation fault in ld; in valid write in
bfd_section_from_shdr
Product: binutils
Version: 2.22
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: ld
Assignee: unassigned at sourceware dot org
Reporter: dpovey at gmail dot com
Target Milestone: ---
This problem occurs when compiling the software OpenFst version 1.5.3 on Debian
7.10 using gcc 4.7.2 and 'ld' version 7.10.
It manifests itself by 'ld' crashing with a segmentation fault.
I found the 'ld' command line by running the g++ link line with -Wl,-debug, and
ran it with valgrind, and this is what I found. I hope this is enough for
someone familiar with the code to locate the bug.
Sorry the gdb output below is so long- it looks like it couldn't follow the
stack properly- but I think it may provide enough information.
address@hidden ~/soft/openfst-1.5.3/src/script $ valgrind --db-attach=yes
/usr/bin/ld --sysroot=/ --build-id --no-add-needed --eh-frame-hdr -m elf_x86_64
--hash-style=both -shared -o .libs/libfstscript.so.4.0.0
-L/usr/lib/gcc/x86_64-linux-gnu/4.7
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../../lib -L/lib/x86_64-linux-gnu
-L/lib/../lib -L/usr/lib/x86_64-linux-gnu -L/usr/lib/../lib
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../..
-L/usr/lib/gcc/x86_64-linux-gnu/4.7
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../../lib -L/lib/x86_64-linux-gnu
-L/lib/../lib -L/usr/lib/x86_64-linux-gnu -L/usr/lib/../lib
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../..
/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu/crti.o
/usr/lib/gcc/x86_64-linux-gnu/4.7/crtbeginS.o .libs/arciterator-class.o
.libs/arcsort.o .libs/closure.o .libs/compile.o .libs/compose.o .libs/concat.o
.libs/connect.o .libs/convert.o .libs/decode.o .libs/determinize.o
.libs/difference.o .libs/disambiguate.o .libs/draw.o .libs/encode.o
.libs/encodemapper-class.o .libs/epsnormalize.o .libs/equal.o
.libs/equivalent.o .libs/fst-class.o .libs/info.o .libs/intersect.o
.libs/invert.o .libs/isomorphic.o .libs/map.o .libs/minimize.o .libs/print.o
.libs/project.o .libs/prune.o .libs/push.o .libs/randequivalent.o
.libs/randgen.o .libs/relabel.o .libs/replace.o .libs/reverse.o
.libs/reweight.o .libs/rmepsilon.o .libs/script-impl.o
.libs/shortest-distance.o .libs/shortest-path.o .libs/stateiterator-class.o
.libs/synchronize.o .libs/text-io.o .libs/topsort.o .libs/union.o
.libs/weight-class.o .libs/verify.o -rpath
/home/jtrmal/soft/openfst-1.5.3/src/lib/.libs ../lib/.libs/libfst.so -ldl
-lstdc++ -lm -lc -lgcc_s /usr/lib/gcc/x86_64-linux-gnu/4.7/crtendS.o
/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu/crtn.o -soname
libfstscript.so.4
==44639== Memcheck, a memory error detector
==44639== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==44639== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==44639== Command: /usr/bin/ld --sysroot=/ --build-id --no-add-needed
--eh-frame-hdr -m elf_x86_64 --hash-style=both -shared -o
.libs/libfstscript.so.4.0.0 -L/usr/lib/gcc/x86_64-linux-gnu/4.7
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../../lib -L/lib/x86_64-linux-gnu
-L/lib/../lib -L/usr/lib/x86_64-linux-gnu -L/usr/lib/../lib
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../..
-L/usr/lib/gcc/x86_64-linux-gnu/4.7
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../../lib -L/lib/x86_64-linux-gnu
-L/lib/../lib -L/usr/lib/x86_64-linux-gnu -L/usr/lib/../lib
-L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../..
/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu/crti.o
/usr/lib/gcc/x86_64-linux-gnu/4.7/crtbeginS.o .libs/arciterator-class.o
.libs/arcsort.o .libs/closure.o .libs/compile.o .libs/compose.o .libs/concat.o
.libs/connect.o .libs/convert.o .libs/decode.o .libs/determinize.o
.libs/difference.o .libs/disambiguate.o .libs/draw.o .libs/encode.o
.libs/encodemapper-class.o .libs/epsnormalize.o .libs/equal.o
.libs/equivalent.o .libs/fst-class.o .libs/info.o .libs/intersect.o
.libs/invert.o .libs/isomorphic.o .libs/map.o .libs/minimize.o .libs/print.o
.libs/project.o .libs/prune.o .libs/push.o .libs/randequivalent.o
.libs/randgen.o .libs/relabel.o .libs/replace.o .libs/reverse.o
.libs/reweight.o .libs/rmepsilon.o .libs/script-impl.o
.libs/shortest-distance.o .libs/shortest-path.o .libs/stateiterator-class.o
.libs/synchronize.o .libs/text-io.o .libs/topsort.o .libs/union.o
.libs/weight-class.o .libs/verify.o -rpath
/home/jtrmal/soft/openfst-1.5.3/src/lib/.libs ../lib/.libs/libfst.so -ldl
-lstdc++ -lm -lc -lgcc_s /usr/lib/gcc/x86_64-linux-gnu/4.7/crtendS.o
/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu/crtn.o -soname
libfstscript.so.4
==44639==
==44639== Invalid write of size 4
==44639== at 0x4E9D3B4: bfd_section_from_shdr (in
/usr/lib/libbfd-2.22-system.so)
==44639== by 0x4E8FCBD: bfd_elf64_object_p (in
/usr/lib/libbfd-2.22-system.so)
==44639== by 0x4E7239F: bfd_check_format_matches (in
/usr/lib/libbfd-2.22-system.so)
==44639== by 0x41DD11: ??? (in /usr/bin/ld.bfd)
==44639== by 0x41E39B: ??? (in /usr/bin/ld.bfd)
==44639== by 0x4128E7: ??? (in /usr/bin/ld.bfd)
==44639== by 0x413602: ??? (in /usr/bin/ld.bfd)
==44639== by 0x415A19: ??? (in /usr/bin/ld.bfd)
==44639== by 0x405186: ??? (in /usr/bin/ld.bfd)
==44639== by 0x556DEAC: (below main) (libc-start.c:244)
==44639== Address 0x117d6130 is 0 bytes after a block of size 3,344 alloc'd
==44639== at 0x4C28BED: malloc (vg_replace_malloc.c:263)
==44639== by 0x4EF3E74: _objalloc_alloc (in /usr/lib/libbfd-2.22-system.so)
==44639== by 0x4E73DE8: bfd_alloc (in /usr/lib/libbfd-2.22-system.so)
==44639== by 0x4E73EA5: bfd_zalloc (in /usr/lib/libbfd-2.22-system.so)
==44639== by 0x4E9D15E: bfd_section_from_shdr (in
/usr/lib/libbfd-2.22-system.so)
==44639== by 0x4E9DF07: bfd_section_from_shdr (in
/usr/lib/libbfd-2.22-system.so)
==44639== by 0x4E8FCBD: bfd_elf64_object_p (in
/usr/lib/libbfd-2.22-system.so)
==44639== by 0x4E7239F: bfd_check_format_matches (in
/usr/lib/libbfd-2.22-system.so)
==44639== by 0x41DD11: ??? (in /usr/bin/ld.bfd)
==44639== by 0x41E39B: ??? (in /usr/bin/ld.bfd)
==44639== by 0x4128E7: ??? (in /usr/bin/ld.bfd)
==44639== by 0x413602: ??? (in /usr/bin/ld.bfd)
==44639==
==44639==
==44639== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- y
==44639== starting debugger with cmd: /usr/bin/gdb -nw /proc/47491/fd/1024
47491
GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /proc/47491/fd/1024...(no debugging symbols found)...done.
Attaching to program: /proc/47491/fd/1024, process 47491
Reading symbols from /usr/lib/valgrind/vgpreload_core-amd64-linux.so...Reading
symbols from
/usr/lib/debug/usr/lib/valgrind/vgpreload_core-amd64-linux.so...done.
done.
Loaded symbols for /usr/lib/valgrind/vgpreload_core-amd64-linux.so
Reading symbols from
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so...Reading symbols from
/usr/lib/debug/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so...done.
done.
Loaded symbols for /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so
Reading symbols from /usr/lib/libbfd-2.22-system.so...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libbfd-2.22-system.so
Reading symbols from /lib/x86_64-linux-gnu/libz.so.1...(no debugging symbols
found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libz.so.1
Reading symbols from /lib/x86_64-linux-gnu/libdl.so.2...Reading symbols from
/usr/lib/debug/lib/x86_64-linux-gnu/libdl-2.13.so...done.
done.
Loaded symbols for /lib/x86_64-linux-gnu/libdl.so.2
Reading symbols from /lib/x86_64-linux-gnu/libc.so.6...Reading symbols from
/usr/lib/debug/lib/x86_64-linux-gnu/libc-2.13.so...done.
done.
Loaded symbols for /lib/x86_64-linux-gnu/libc.so.6
Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols
found)...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Failed to read a valid object file image from memory.
0x0000000004e9d3b4 in bfd_section_from_shdr () from
/usr/lib/libbfd-2.22-system.so
(gdb) bt
#0 0x0000000004e9d3b4 in bfd_section_from_shdr () from
/usr/lib/libbfd-2.22-system.so
#1 0x0000000004e8fcbe in bfd_elf64_object_p () from
/usr/lib/libbfd-2.22-system.so
#2 0x0000000004e723a0 in bfd_check_format_matches () from
/usr/lib/libbfd-2.22-system.so
#3 0x000000000041dd12 in ?? ()
#4 0x000000000041e39c in ?? ()
#5 0x00000000004128e8 in ?? ()
#6 0x0000000000413603 in ?? ()
#7 0x0000000000415a1a in ?? ()
#8 0x0000000000405187 in ?? ()
#9 0x000000000556dead in __libc_start_main (main=<optimized out>,
argc=<optimized out>, ubp_av=<optimized out>, init=<optimized out>,
fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fefffa48) at
libc-start.c:244
#10 0x00000000004056c9 in ?? ()
#11 0x00000007fefffa48 in ?? ()
#12 0x000000000000001c in ?? ()
#13 0x0000000000000057 in ?? ()
#14 0x00000007feffff73 in ?? ()
#15 0x00000007feffff7f in ?? ()
#16 0x00000007feffff8b in ?? ()
#17 0x00000007feffff96 in ?? ()
#18 0x00000007feffffa6 in ?? ()
#19 0x00000007feffffb5 in ?? ()
#20 0x00000007feffffb8 in ?? ()
#21 0x00000007feffffc3 in ?? ()
#22 0x00000007feffffd5 in ?? ()
#23 0x00000007feffffdd in ?? ()
#24 0x00000007feffffe0 in ?? ()
#25 0x00000007fefffffc in ?? ()
#26 0x00000007ff000020 in ?? ()
#27 0x00000007ff00005e in ?? ()
#28 0x00000007ff000092 in ?? ()
#29 0x00000007ff0000aa in ?? ()
#30 0x00000007ff0000b8 in ?? ()
#31 0x00000007ff0000d4 in ?? ()
#32 0x00000007ff0000e6 in ?? ()
#33 0x00000007ff000113 in ?? ()
#34 0x00000007ff000137 in ?? ()
---Type <return> to continue, or q <return> to quit---
#35 0x00000007ff000175 in ?? ()
#36 0x00000007ff0001a9 in ?? ()
#37 0x00000007ff0001c1 in ?? ()
#38 0x00000007ff0001cf in ?? ()
#39 0x00000007ff0001eb in ?? ()
#40 0x00000007ff0001fd in ?? ()
#41 0x00000007ff00022a in ?? ()
#42 0x00000007ff00026d in ?? ()
#43 0x00000007ff00029b in ?? ()
#44 0x00000007ff0002b5 in ?? ()
#45 0x00000007ff0002c5 in ?? ()
#46 0x00000007ff0002d5 in ?? ()
#47 0x00000007ff0002e5 in ?? ()
#48 0x00000007ff0002f5 in ?? ()
#49 0x00000007ff000304 in ?? ()
#50 0x00000007ff000314 in ?? ()
#51 0x00000007ff000324 in ?? ()
#52 0x00000007ff000333 in ?? ()
#53 0x00000007ff000347 in ?? ()
#54 0x00000007ff00035a in ?? ()
#55 0x00000007ff00036f in ?? ()
#56 0x00000007ff00037c in ?? ()
#57 0x00000007ff00038b in ?? ()
#58 0x00000007ff0003a6 in ?? ()
#59 0x00000007ff0003bb in ?? ()
#60 0x00000007ff0003c9 in ?? ()
#61 0x00000007ff0003dc in ?? ()
#62 0x00000007ff0003ee in ?? ()
#63 0x00000007ff0003fb in ?? ()
#64 0x00000007ff00040d in ?? ()
#65 0x00000007ff00041c in ?? ()
#66 0x00000007ff00042f in ?? ()
#67 0x00000007ff00043b in ?? ()
#68 0x00000007ff00044c in ?? ()
#69 0x00000007ff00045a in ?? ()
#70 0x00000007ff00046a in ?? ()
---Type <return> to continue, or q <return> to quit---q
Quit
(gdb) c
Continuing.
Program received signal SIGSTOP, Stopped (signal).
0x0000000004e9d3b4 in bfd_section_from_shdr () from
/usr/lib/libbfd-2.22-system.so
(gdb) c
Continuing.
Program received signal SIGSTOP, Stopped (signal).
0x0000000004e9d3b4 in bfd_section_from_shdr () from
/usr/lib/libbfd-2.22-system.so
(gdb) c
Continuing.
Program received signal SIGSEGV, Segmentation fault.
ptmalloc_init () at arena.c:527
527 arena.c: No such file or directory.
(gdb) bt
#0 ptmalloc_init () at arena.c:527
#1 0x00000000055c9d07 in malloc_hook_ini (sz=93161280, caller=0x0) at
hooks.c:37
#2 0x0000000004ef3df0 in _objalloc_alloc () from
/usr/lib/libbfd-2.22-system.so
#3 0x0000000004e73de9 in bfd_alloc () from /usr/lib/libbfd-2.22-system.so
#4 0x0000000004e73ea6 in bfd_zalloc () from /usr/lib/libbfd-2.22-system.so
#5 0x0000000004e92b92 in _bfd_elf_new_section_hook () from
/usr/lib/libbfd-2.22-system.so
#6 0x0000000004e75a6f in ?? () from /usr/lib/libbfd-2.22-system.so
#7 0x0000000004e9c455 in _bfd_elf_make_section_from_shdr () from
/usr/lib/libbfd-2.22-system.so
#8 0x0000000004e9d22b in bfd_section_from_shdr () from
/usr/lib/libbfd-2.22-system.so
#9 0x0000000004e8fcbe in bfd_elf64_object_p () from
/usr/lib/libbfd-2.22-system.so
#10 0x0000000004e723a0 in bfd_check_format_matches () from
/usr/lib/libbfd-2.22-system.so
#11 0x000000000041dd12 in ?? ()
#12 0x000000000041e39c in ?? ()
#13 0x00000000004128e8 in ?? ()
#14 0x0000000000413603 in ?? ()
#15 0x0000000000415a1a in ?? ()
#16 0x0000000000405187 in ?? ()
#17 0x000000000556dead in __libc_start_main (main=<optimized out>,
argc=<optimized out>, ubp_av=<optimized out>, init=<optimized out>,
fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fefffa48) at
libc-start.c:244
#18 0x00000000004056c9 in ?? ()
#19 0x00000007fefffa48 in ?? ()
#20 0x000000000000001c in ?? ()
#21 0x0000000000000057 in ?? ()
#22 0x00000007feffff73 in ?? ()
#23 0x00000007feffff7f in ?? ()
#24 0x00000007feffff8b in ?? ()
#25 0x00000007feffff96 in ?? ()
#26 0x00000007feffffa6 in ?? ()
#27 0x00000007feffffb5 in ?? ()
#28 0x00000007feffffb8 in ?? ()
#29 0x00000007feffffc3 in ?? ()
#30 0x00000007feffffd5 in ?? ()
#31 0x00000007feffffdd in ?? ()
#32 0x00000007feffffe0 in ?? ()
#33 0x00000007fefffffc in ?? ()
#34 0x00000007ff000020 in ?? ()
---Type <return> to continue, or q <return> to quit---
#35 0x00000007ff00005e in ?? ()
#36 0x00000007ff000092 in ?? ()
#37 0x00000007ff0000aa in ?? ()
#38 0x00000007ff0000b8 in ?? ()
#39 0x00000007ff0000d4 in ?? ()
#40 0x00000007ff0000e6 in ?? ()
#41 0x00000007ff000113 in ?? ()
#42 0x00000007ff000137 in ?? ()
#43 0x00000007ff000175 in ?? ()
#44 0x00000007ff0001a9 in ?? ()
#45 0x00000007ff0001c1 in ?? ()
#46 0x00000007ff0001cf in ?? ()
#47 0x00000007ff0001eb in ?? ()
#48 0x00000007ff0001fd in ?? ()
#49 0x00000007ff00022a in ?? ()
#50 0x00000007ff00026d in ?? ()
#51 0x00000007ff00029b in ?? ()
#52 0x00000007ff0002b5 in ?? ()
#53 0x00000007ff0002c5 in ?? ()
#54 0x00000007ff0002d5 in ?? ()
#55 0x00000007ff0002e5 in ?? ()
#56 0x00000007ff0002f5 in ?? ()
#57 0x00000007ff000304 in ?? ()
#58 0x00000007ff000314 in ?? ()
#59 0x00000007ff000324 in ?? ()
#60 0x00000007ff000333 in ?? ()
#61 0x00000007ff000347 in ?? ()
#62 0x00000007ff00035a in ?? ()
#63 0x00000007ff00036f in ?? ()
#64 0x00000007ff00037c in ?? ()
#65 0x00000007ff00038b in ?? ()
#66 0x00000007ff0003a6 in ?? ()
#67 0x00000007ff0003bb in ?? ()
#68 0x00000007ff0003c9 in ?? ()
#69 0x00000007ff0003dc in ?? ()
#70 0x00000007ff0003ee in ?? ()
---Type <return> to continue, or q <return> to quit---
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug ld/20317] New: Segmentation fault in ld; in valid write in bfd_section_from_shdr,
dpovey at gmail dot com <=
- [Bug ld/20317] Segmentation fault in ld; invalid write in bfd_section_from_shdr, dpovey at gmail dot com, 2016/06/29
- [Bug ld/20317] Segmentation fault in ld; invalid write in bfd_section_from_shdr, dpovey at gmail dot com, 2016/06/29
- [Bug ld/20317] Segmentation fault in ld; invalid write in bfd_section_from_shdr, dpovey at gmail dot com, 2016/06/29
- [Bug ld/20317] Segmentation fault in ld; invalid write in bfd_section_from_shdr, dpovey at gmail dot com, 2016/06/29
- [Bug ld/20317] Segmentation fault in ld; invalid write in bfd_section_from_shdr, amodra at gmail dot com, 2016/06/29