[Bug gold/13290] New: gold crashes when relinking a truncated object

Wed, 12 Oct 2011 15:42:46 -0700 

http://sourceware.org/bugzilla/show_bug.cgi?id=13290

             Bug #: 13290
           Summary: gold crashes when relinking a truncated object
           Product: binutils
           Version: 2.23 (HEAD)
            Status: NEW
          Severity: normal
          Priority: P2
         Component: gold
        AssignedTo: i...@airs.com
        ReportedBy: z...@linux.fjfi.cvut.cz
                CC: ccout...@google.com
    Classification: Unclassified
              Host: x86_64-linux-gnu
            Target: x86_64-linux-gnu


Created attachment 5981
  --> http://sourceware.org/bugzilla/attachment.cgi?id=5981
Archive with the particular objects used to reproduce this.

Trying to relink a truncated object (removed last byte) with gold results in
crash:

$ ld.gold -r -o test.o elfsection.cc.o elfstrtab.cc-corrupted.o
ld.gold: error: elfstrtab.cc-corrupted.o: section name section has wrong type:
1686719741
Segmentation fault

Here is what I see with gdb:

Program received signal SIGSEGV, Segmentation fault.

#0  0x00007ffff711e89b in memchr () from /lib/x86_64-linux-gnu/libc.so.6
#1  0x00007ffff7125b8a in memmem () from /lib/x86_64-linux-gnu/libc.so.6
#2  0x00000000005173ff in gold::Sized_relobj_file<64, false>::do_read_symbols
(this=0x958820, sd=0x958b00) at object.cc:611
#3  0x000000000057aef2 in read_symbols (sd=0x958b00, this=0x958820) at
object.h:563
#4  gold::Read_symbols::do_read_symbols (this=0x8e39d0,
workqueue=0x7fffffffe110) at readsyms.cc:399
#5  0x000000000057b1d9 in gold::Read_symbols::run (this=0x8e39d0,
workqueue=0x7fffffffe110) at readsyms.cc:165
#6  0x00000000005c84b5 in gold::Workqueue::find_and_run_task
(this=0x7fffffffe110, thread_number=0) at workqueue.cc:319
#7  0x00000000005c87fa in gold::Workqueue::process (this=0x7fffffffe110,
thread_number=0) at workqueue.cc:495
#8  0x0000000000406a31 in main (argc=6, argv=0x7fffffffe338) at main.cc:248


With ld.bfd I get the expected:
$ ld.bfd -r -o test.o elfsection.cc.o elfstrtab.cc-corrupted.o
elfstrtab.cc-corrupted.o: file not recognized: File truncated


The underlying cause might be the same as for bug #13288, but as the
manifestation is quite different, I'm creating a separate issue for this.

Note that the crash also happens when instead of relinking, the whole set of
the compiled objects is linked together to produce the application executable
(if needed, the sources I used to reproduce this issue are available at
git://zub.lamer.la/elf-dynpatch).

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

Reply via email to