[Bug gold/23607] gold linker --threads --thread-count,2 causes ld segmen

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug gold/23607] gold linker --threads --thread-count,2 causes ld segmen

From:	slyfox at inbox dot ru
Subject:	[Bug gold/23607] gold linker --threads --thread-count,2 causes ld segmentation fault
Date:	Tue, 24 Nov 2020 22:38:04 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=23607

Sergei Trofimovich <slyfox at inbox dot ru> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |slyfox at inbox dot ru

--- Comment #7 from Sergei Trofimovich <slyfox at inbox dot ru> ---
For me the simplest reproducer is the following one-liner:

"""
$ echo 'int main() {}' | x86_64-pc-linux-gnu-gcc -flto -fuse-ld=gold
-Wl,--threads -Wl,--thread-count,32 -x c -
collect2: fatal error: ld terminated with signal 11 [Segmentation fault], core
dumped
compilation terminated.
"""

(gcc-master, binutils-2.35.1, x86_64-pc-linux-gnu target)

binutils backtrace:

"""
(gdb) bt
#0  gold::Pluginobj::get_symbol_resolution_info (this=0x7fdc10001010,
symtab=0x7ffe9622ef50, nsyms=<optimized out>, syms=<optimized out>,
version=<optimized out>)
    at ../../binutils-2.35.1/gold/plugin.cc:1293
#1  0x00007fdc94747c7a in write_resolution () at
/usr/src/debug/sys-devel/gcc-11.0.0_pre9999/gcc-11.0.0_pre9999/lto-plugin/lto-plugin.c:569
#2  all_symbols_read_handler () at
/usr/src/debug/sys-devel/gcc-11.0.0_pre9999/gcc-11.0.0_pre9999/lto-plugin/lto-plugin.c:749
#3  0x000055e7fdf1004f in gold::Plugin::all_symbols_read (this=<optimized out>)
at ../../binutils-2.35.1/gold/plugin.cc:403
#4  gold::Plugin_manager::all_symbols_read (this=0x55e7fe561360,
workqueue=workqueue@entry=0x7ffe9622ec50, task=task@entry=0x55e7fe5bacc0,
input_objects=<optimized out>,
    symtab=<optimized out>, dirpath=<optimized out>, mapfile=0x0,
last_blocker=0x55e7fe5bad20) at ../../binutils-2.35.1/gold/plugin.cc:856
#5  0x000055e7fdf1018c in gold::Plugin_hook::run (this=0x55e7fe5bacc0,
workqueue=0x7ffe9622ec50) at ../../binutils-2.35.1/gold/plugin.cc:1770
#6  0x000055e7fdf6ba70 in gold::Workqueue::find_and_run_task
(this=0x7ffe9622ec50, thread_number=23) at
../../binutils-2.35.1/gold/workqueue.cc:319
#7  0x000055e7fdf6bcca in gold::Workqueue::process (this=0x7ffe9622ec50,
thread_number=23) at ../../binutils-2.35.1/gold/workqueue.cc:495
#8  0x000055e7fdf6be23 in gold::Workqueue_threader_threadpool::process
(thread_number=<optimized out>, this=<optimized out>) at
../../binutils-2.35.1/gold/workqueue-internal.h:92
#9  gold::Workqueue_thread::thread_body (arg=0x55e7fe5b97d0) at
../../binutils-2.35.1/gold/workqueue-threads.cc:117
#10 0x00007fdc9444be6e in start_thread (arg=0x7fdc3c132640) at
pthread_create.c:463
#11 0x00007fdc94381a5f in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:95
(gdb) info threads
  Id   Target Id                           Frame
* 1    Thread 0x7fdc3c132640 (LWP 1087079)
gold::Pluginobj::get_symbol_resolution_info (this=0x7fdc10001010,
symtab=0x7ffe9622ef50, nsyms=<optimized out>, syms=<optimized out>,
    version=<optimized out>) at ../../binutils-2.35.1/gold/plugin.cc:1293
  2    Thread 0x7fdc90147640 (LWP 1087058) futex_wait_cancelable (private=0,
expected=0, futex_word=0x55e7fe567d24) at ../sysdeps/nptl/futex-internal.h:183
  ...
  32   Thread 0x7fdc2812d640 (LWP 1087084) futex_wait_cancelable (private=0,
expected=0, futex_word=0x55e7fe567d20) at ../sysdeps/nptl/futex-internal.h:183
"""

valgrind says with unexpected access happens at the same location::

"""
==1087267== Thread 30:
==1087267== Invalid read of size 1
==1087267==    at 0x458800:
gold::Pluginobj::get_symbol_resolution_info(gold::Symbol_table*, int,
ld_plugin_symbol*, int) const (plugin.cc:1295)
==1087267==    by 0x484BC79: write_resolution (lto-plugin.c:569)
==1087267==    by 0x484BC79: all_symbols_read_handler (lto-plugin.c:749)
==1087267==    by 0x45704E: all_symbols_read (plugin.cc:403)
==1087267==    by 0x45704E:
gold::Plugin_manager::all_symbols_read(gold::Workqueue*, gold::Task*,
gold::Input_objects*, gold::Symbol_table*, gold::Dirsearch*, gold::Mapfile*,
gold::Task_token**) (plugin.cc:856)
==1087267==    by 0x45718B: gold::Plugin_hook::run(gold::Workqueue*)
(plugin.cc:1770)
==1087267==    by 0x4B2A6F: gold::Workqueue::find_and_run_task(int)
(workqueue.cc:319)
==1087267==    by 0x4B2CC9: gold::Workqueue::process(int) (workqueue.cc:495)
==1087267==    by 0x4B2E22: process (workqueue-internal.h:92)
==1087267==    by 0x4B2E22: gold::Workqueue_thread::thread_body(void*)
(workqueue-threads.cc:117)
==1087267==    by 0x4B42E6D: start_thread (pthread_create.c:463)
==1087267==    by 0x4C55A5E: clone (clone.S:95)
==1087267==  Address 0x10 is not stack'd, malloc'd or (recently) free'd
==1087267==
==1087267==
==1087267== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
"""

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug gold/23607] gold linker --threads --thread-count,2 causes ld segmentation fault, slyfox at inbox dot ru <=
- [Bug gold/23607] gold linker --threads --thread-count,2 causes ld segmentation fault, slyfox at inbox dot ru, 2020/11/24
- [Bug gold/23607] gold linker --threads --thread-count,2 causes ld segmentation fault, hjl.tools at gmail dot com, 2020/11/24

Prev by Date: [Bug gold/26939] gold: Don't relax R_X86_64_GOTPCRELX when addend != -4
Next by Date: [Bug gold/26939] gold: Don't relax R_X86_64_GOTPCRELX when addend != -4
Previous by thread: [Bug gold/26939] New: gold: Don't relax R_X86_64_GOTPCRELX when addend != -4
Next by thread: [Bug gold/23607] gold linker --threads --thread-count,2 causes ld segmentation fault
Index(es):
- Date
- Thread