[Bug gold/20942] New: GOLD crashes when running in parallel

Wed, 07 Dec 2016 00:51:13 -0800 

https://sourceware.org/bugzilla/show_bug.cgi?id=20942

            Bug ID: 20942
           Summary: GOLD crashes when running in parallel
           Product: binutils
           Version: 2.28 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: gold
          Assignee: ccoutant at gmail dot com
          Reporter: boehme.marcel at gmail dot com
                CC: ian at airs dot com
  Target Milestone: ---

Dear all,

The following bug was found with AFLFast, a fork of AFL, in a 24 hour fuzzing
session on Binutils. Thanks also to Van-Thuan Pham.

The gold linker crashes with a Bus error for the following execution on Ubuntu
16.04 x86_64 in Binutils trunk and for preinstalled version v2.26.1 and on
Ubuntu 14.04 x86_64 for Binutils in trunk and preinstalled version v2.24.

$ touch a
$ for j in $(seq 1 4); do
    for i in $(seq 1 50); do 
      gold a; 
    done &
  done 2> error.log
$ grep "Bus" error.log

Very interesting Heisenbug. With a bit of playing around, I got this from ASAN:

==61901==ERROR: AddressSanitizer: SEGV on unknown address 0x7f2b8019a0b0 (pc
0x000001112169 bp 0x7ffe92e07e50 sp 0x7ffe92e07e20 T0)
./gold/ld-new: error: cannot open a: No such file or directory
    #0 0x1112168 in elfcpp::Sym_write<64, false>::put_st_name(unsigned int)
../../gold/../elfcpp/elfcpp.h:1522
    #1 0x16f4fef in void gold::Symbol_table::sized_write_symbol<64,
false>(gold::Sized_symbol<64>*, elfcpp::Elf_types<64>::Elf_Addr, unsigned int,
elfcpp::STB, gold::Stringpool_template<char> const*, unsigned char*) const
../../gold/symtab.cc:3223
    #2 0x16e36e6 in void gold::Symbol_table::sized_write_globals<64,
false>(gold::Stringpool_template<char> const*, gold::Stringpool_template<char>
const*, gold::Output_symtab_xindex*, gold::Output_symtab_xindex*,
gold::Output_file*) const ../../gold/symtab.cc:3139
    #3 0x16bb915 in
gold::Symbol_table::write_globals(gold::Stringpool_template<char> const*,
gold::Stringpool_template<char> const*, gold::Output_symtab_xindex*,
gold::Output_symtab_xindex*, gold::Output_file*) const
../../gold/symtab.cc:2938
./gold/ld-new: error: cannot open a: No such file or directory
    #4 0x11c4ff3 in gold::Write_symbols_task::run(gold::Workqueue*)
../../gold/layout.cc:5642
    #5 0x173d4f5 in gold::Workqueue::find_and_run_task(int)
../../gold/workqueue.cc:319
    #6 0x173ec3f in gold::Workqueue::process(int) ../../gold/workqueue.cc:495
    #7 0x405d95 in main ../../gold/main.cc:252
    #8 0x7f2b83a5bf44 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
    #9 0x405147  (./gold/ld-new+0x405147)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ../../gold/../elfcpp/elfcpp.h:1522 in
elfcpp::Sym_write<64, false>::put_st_name(unsigned int)
==61901==ABORTING

Best regards,
- Marcel

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

Reply via email to