Debian Bug report logs - #422147
ld: Segfault when generating map file.

version graph

Package: binutils; Maintainer for binutils is Matthias Klose <doko@debian.org>; Source for binutils is src:binutils.

Reported by: Kurt Roeckx <kurt@roeckx.be>

Date: Thu, 3 May 2007 19:57:02 UTC

Severity: important

Found in version binutils/2.17cvs20070426-4

Fixed in version 2.17cvs20070426-7

Done: Jonathan Nieder <jrnieder@gmail.com>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, James Troup <james@nocrew.org>:
Bug#422147; Package binutils. Full text and rfc822 format available.

Acknowledgement sent to Kurt Roeckx <kurt@roeckx.be>:
New Bug report received and forwarded. Copy sent to James Troup <james@nocrew.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Kurt Roeckx <kurt@roeckx.be>
To: submit@bugs.debian.org
Subject: ld: Segfault when generating map file.
Date: Thu, 3 May 2007 21:55:56 +0200
Package: binutils
Version: 2.17.20070210cvs-1
Severity: important

Hi,

When building openipmi 2.0.7-1 and trying to make a shared library and
generating a map file, ld segfaults:
x86_64-linux-gnu-gcc -shared  .libs/md5.o .libs/md2.o .libs/ipmi_auth.o .libs/ipmi_malloc.o .libs/ilist.o .libs/locks.o .libs/hash.o .libs/locked_list.o .libs/os_handler.o  -lcurses  -Wl,-Map -Wl,libOpenIPMIutils.map -Wl,-soname -Wl,libOpenIPMIutils.so.0 -o .libs/libOpenIPMIutils.so.0.0.1
collect2: ld terminated with signal 11 [Segmentation fault]
Which generated this command:
/usr/bin/ld --eh-frame-hdr -m elf_x86_64 --hash-style=gnu -shared -o .libs/libOpenIPMIutils.so.0.0.1 /usr/lib/gcc/x86_64-linux-gnu/4.1.3/../../../../lib/crti.o /usr/lib/gcc/x86_64-linux-gnu/4.1.3/crtbeginS.o -L/usr/lib/gcc/x86_64-linux-gnu/4.1.3 -L/usr/lib/gcc/x86_64-linux-gnu/4.1.3 -L/usr/lib/gcc/x86_64-linux-gnu/4.1.3/../../../../lib -L/lib/../lib -L/usr/lib/../lib .libs/ipmi_malloc.o -Map libOpenIPMIutils.map -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc
--as-needed -lgcc_s --no-as-needed /usr/lib/gcc/x86_64-linux-gnu/4.1.3/crtendS.o /usr/lib/gcc/x86_64-linux-gnu/4.1.3/../../../../lib/crtn.o

It seems this is the minimal command to reproduce it:
ld -o .libs/libOpenIPMIutils.so.0.0.1  .libs/ipmi_malloc.o -Map file

This only seems to be trigger by ipmi_malloc.o, which has a common
symbol: malloc_os_hnd.  And it seems to be having the problems when
it tries to print that to the map file.

ltrace shows:
bfd_demangle(0x689100, 0x6a24da, 3, 0, 10)       = 0
fputs(NULL, 0x688ec0 <unfinished ...>

Core was generated by `/usr/bin/ld -o .libs/libOpenIPMIutils.so.0.0.1 .libs/ipmi_malloc.o -Map file'.
Program terminated with signal 11, Segmentation fault.
#0  0x00002b0f554839f0 in strlen () from /lib/libc.so.6
(gdb) bt
#0  0x00002b0f554839f0 in strlen () from /lib/libc.so.6
#1  0x00002b0f5546d23e in fputs () from /lib/libc.so.6
#2  0x0000000000421124 in vfinfo (fp=0x688ec0, fmt=0x43c355 "",
    arg=0x7fff55bc7460, is_warning=0) at ../../ld/ldmisc.c:400
#3  0x00000000004216e2 in minfo (fmt=0x43c353 "%s") at ../../ld/ldmisc.c:483
#4  0x00000000004159af in lang_one_common (h=0x68b9c0, info=0x0)
    at ../../ld/ldlang.c:5272
#5  0x00002b0f5513b8ed in bfd_hash_traverse (table=0x68b4a0,
    func=0x4157eb <lang_one_common>, info=0x0) at ../../bfd/hash.c:582
#6  0x00002b0f5513c20e in bfd_link_hash_traverse (table=0x68b4a0,
    func=0x4157eb <lang_one_common>, info=0x0) at ../../bfd/linker.c:612
#7  0x00000000004157b9 in lang_common () at ../../ld/ldlang.c:5204
#8  0x0000000000416424 in lang_process () at ../../ld/ldlang.c:5741
#9  0x000000000041a442 in main (argc=6, argv=0x7fff55bc7868)
    at ../../ld/ldmain.c:518
(gdb) frame 2
#2  0x0000000000421124 in vfinfo (fp=0x688ec0, fmt=0x43c355 "",
    arg=0x7fff55bc7460, is_warning=0) at ../../ld/ldmisc.c:400
400                   fprintf (fp, "%s", va_arg (arg, char *));
(gdb) frame 4
#4  0x00000000004159af in lang_one_common (h=0x68b9c0, info=0x0)
    at ../../ld/ldlang.c:5272
5272          minfo ("%s", name);
(gdb) p name
$2 = 0x0
(gdb) p h->root.string
$3 = 0x6a24da "malloc_os_hnd"


When debbuging inside bfd_demangle() I get:
bfd_demangle (abfd=0x689100, name=0x6a24da "malloc_os_hnd", options=3)
    at ../../bfd/bfd.c:1729
[...]
1756      res = cplus_demangle (name, options);
(gdb) p res
$3 = 0x0

And in cplus_demangle():
cplus_demangle (mangled=0x6a24da "malloc_os_hnd", options=3)
    at ../../libiberty/cplus-dem.c:851

Which goes to:
cplus_demangle_v3 (mangled=0x6a24da "malloc_os_hnd", options=259)
    at ../../libiberty/cp-demangle.c:4182
4182      return d_demangle (mangled, options, &alc);
(gdb) s
d_demangle (mangled=0x6a24da "malloc_os_hnd", options=259, palc=0x7fffdf0a7918)
    at ../../libiberty/cp-demangle.c:4023
4023      d_growable_string_init (&dgs, 0);
(gdb) n
4025      status = d_demangle_callback (mangled, options,
(gdb) s
d_demangle_callback (mangled=0x6a24da "malloc_os_hnd", options=259,
    callback=0x2b14cbcf3797 <d_growable_string_callback_adapter>,
    opaque=0x7fffdf0a78c0) at ../../libiberty/cp-demangle.c:3948
3948      if (mangled[0] == '_' && mangled[1] == 'Z')
(gdb) n
3950      else if (strncmp (mangled, "_GLOBAL_", 8) == 0
(gdb)
3967          if ((options & DMGL_TYPES) == 0)
(gdb)
3968            return 0;

This return 0 will result in it returning NULL.

I have no idea where it's going wrong.


Kurt




Information forwarded to debian-bugs-dist@lists.debian.org, James Troup <james@nocrew.org>:
Bug#422147; Package binutils. Full text and rfc822 format available.

Acknowledgement sent to Martin Michlmayr <tbm@cyrius.com>:
Extra info received and forwarded to list. Copy sent to James Troup <james@nocrew.org>. Full text and rfc822 format available.

Message #10 received at 422147@bugs.debian.org (full text, mbox):

From: Martin Michlmayr <tbm@cyrius.com>
To: Kurt Roeckx <kurt@roeckx.be>, 422147@bugs.debian.org
Subject: Re: Bug#422147: ld: Segfault when generating map file.
Date: Thu, 3 May 2007 22:35:26 +0200
* Kurt Roeckx <kurt@roeckx.be> [2007-05-03 21:55]:
> It seems this is the minimal command to reproduce it:
> ld -o .libs/libOpenIPMIutils.so.0.0.1  .libs/ipmi_malloc.o -Map file

I just noticed this too, but it seems the segfault is gone with
2.17.50.20070503.

gclcvs also appears to fail in a similar way (although I haven't
looked at the traceback), but again it's gone with 2.17.50.20070503.

-- 
Martin Michlmayr
http://www.cyrius.com/



Information forwarded to debian-bugs-dist@lists.debian.org, James Troup <james@nocrew.org>:
Bug#422147; Package binutils. Full text and rfc822 format available.

Acknowledgement sent to Kurt Roeckx <kurt@roeckx.be>:
Extra info received and forwarded to list. Copy sent to James Troup <james@nocrew.org>. Full text and rfc822 format available.

Message #15 received at 422147@bugs.debian.org (full text, mbox):

From: Kurt Roeckx <kurt@roeckx.be>
To: 422147@bugs.debian.org
Subject: Re: Bug#422147: ld: Segfault when generating map file.
Date: Thu, 17 May 2007 13:10:26 +0200
notfound 422147 2.17.20070210cvs-1
found 422147 2.17cvs20070426-4

On Thu, May 03, 2007 at 10:35:26PM +0200, Martin Michlmayr wrote:
> * Kurt Roeckx <kurt@roeckx.be> [2007-05-03 21:55]:
> > It seems this is the minimal command to reproduce it:
> > ld -o .libs/libOpenIPMIutils.so.0.0.1  .libs/ipmi_malloc.o -Map file
> 
> I just noticed this too, but it seems the segfault is gone with
> 2.17.50.20070503.
> 
> gclcvs also appears to fail in a similar way (although I haven't
> looked at the traceback), but again it's gone with 2.17.50.20070503.

I got the version numbers wrong. 2.17cvs20070426-4 is the first one I
saw the problem with, 2.17cvs20070426-6 still has it.

The version from experimental (2.17.20070406cvs-2) doesn't
have the problem.  2.17.20070210cvs-1 was an old version from
experimental I had, and I don't think it had the problem.

I've never tested 2.17cvs20070426-1 - 2.17cvs20070426-3.


Kurt




Bug marked as not found in version 2.17.20070210cvs-1. Request was from Kurt Roeckx <kurt@roeckx.be> to control@bugs.debian.org. (Thu, 17 May 2007 11:12:06 GMT) Full text and rfc822 format available.

Bug marked as found in version 2.17cvs20070426-4. Request was from Kurt Roeckx <kurt@roeckx.be> to control@bugs.debian.org. (Thu, 17 May 2007 11:12:08 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, James Troup <james@nocrew.org>:
Bug#422147; Package binutils. Full text and rfc822 format available.

Acknowledgement sent to Daniel Schepler <schepler@math.unipd.it>:
Extra info received and forwarded to list. Copy sent to James Troup <james@nocrew.org>. Full text and rfc822 format available.

Message #24 received at 422147@bugs.debian.org (full text, mbox):

From: Daniel Schepler <schepler@math.unipd.it>
To: 422147@bugs.debian.org
Subject: binutils still segfaulting
Date: Fri, 18 May 2007 18:13:10 -0400
Version: 2.17cvs20070426-6

I'm still seeing binutils segfaulting with similar messages to the one in this
bug report, with the version in unstable.  For example, from my pbuilder
build log for cmucl:

...
gcc -g -rdynamic -Xlinker --export-dynamic -Xlinker -Map -Xlinker foo -o ,lisp \
                lisp.o coreparse.o alloc.o monitor.o print.o interr.o vars.o parse.o interrupt.o search.o validate.o globals.o dynbind.o breakpoint.o regnames.o backtrace.o save.o purify.o socket.o runprog.o time.o x86-arch.o x86-assem.o linux-stubs.o Linux-os.o os-common.o elf.o e_rem_pio2.o k_rem_pio2.o gencgc.o version.o \
                -ldl -lm
collect2: ld terminated with signal 11 [Segmentation fault]
make[2]: *** [lisp] Error 1
make[2]: Leaving directory `/tmp/buildd/cmucl-19d-20061116/target/lisp'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/tmp/buildd/cmucl-19d-20061116'
make: *** [build-arch-stamp] Error 2
-- 
Daniel Schepler



Information forwarded to debian-bugs-dist@lists.debian.org, Matthias Klose <doko@debian.org>:
Bug#422147; Package binutils. (Fri, 03 Jun 2011 23:39:09 GMT) Full text and rfc822 format available.

Acknowledgement sent to Jonathan Nieder <jrnieder@gmail.com>:
Extra info received and forwarded to list. Copy sent to Matthias Klose <doko@debian.org>. (Fri, 03 Jun 2011 23:39:09 GMT) Full text and rfc822 format available.

Message #29 received at 422147@bugs.debian.org (full text, mbox):

From: Jonathan Nieder <jrnieder@gmail.com>
To: Daniel Schepler <dschepler@gmail.com>
Cc: 422147@bugs.debian.org
Subject: Re: binutils still segfaulting
Date: Fri, 3 Jun 2011 18:36:19 -0500
Hi Daniel,

Daniel Schepler wrote:

> I'm still seeing binutils segfaulting with similar messages to the one in this
> bug report, with the version in unstable.  For example, from my pbuilder
> build log for cmucl:
> 
> ...
> gcc -g -rdynamic -Xlinker --export-dynamic -Xlinker -Map -Xlinker foo -o ,lisp \
>                 lisp.o coreparse.o alloc.o monitor.o print.o interr.o vars.o parse.o interrupt.o search.o validate.o globals.o dynbind.o breakpoint.o regnames.o backtrace.o save.o purify.o socket.o runprog.o time.o x86-arch.o x86-assem.o linux-stubs.o Linux-os.o os-common.o elf.o e_rem_pio2.o k_rem_pio2.o gencgc.o version.o \
>                 -ldl -lm
> collect2: ld terminated with signal 11 [Segmentation fault]

If you are still able to reproduce this, could you provide a minimal
self-contained testcase (i.e., all relevant object files including
shared libraries and an "ld" command to trigger the segfault)?  If
not, that information would be useful too, of course.

Regards,
Jonathan




Reply sent to Jonathan Nieder <jrnieder@gmail.com>:
You have taken responsibility. (Mon, 17 Oct 2011 03:03:04 GMT) Full text and rfc822 format available.

Notification sent to Kurt Roeckx <kurt@roeckx.be>:
Bug acknowledged by developer. (Mon, 17 Oct 2011 03:03:04 GMT) Full text and rfc822 format available.

Message #34 received at 422147-done@bugs.debian.org (full text, mbox):

From: Jonathan Nieder <jrnieder@gmail.com>
To: 422147-done@bugs.debian.org
Subject: Re: ld: Segfault when generating map file.
Date: Sun, 16 Oct 2011 22:00:51 -0500
Version: 2.17cvs20070426-7

Kurt Roeckx wrote:

> collect2: ld terminated with signal 11 [Segmentation fault]
[...]
> ld -o .libs/libOpenIPMIutils.so.0.0.1  .libs/ipmi_malloc.o -Map file
[...]
> #4  0x00000000004159af in lang_one_common (h=0x68b9c0, info=0x0)
>     at ../../ld/ldlang.c:5272
> 5272          minfo ("%s", name);
> (gdb) p name
> $2 = 0x0

Fixed by binutils-2_18~548 (* ldlang.c (lang_one_common): Likewise.,
2007-04-28), presumably.  Thanks again for your help.




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 14 Nov 2011 07:35:25 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 18 08:09:54 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.