https://sourceware.org/bugzilla/show_bug.cgi?id=20317
--- Comment #1 from Dan Povey <dpovey at gmail dot com> --- OK, I compiled binutils from source with debug, and I got it in a debugger. The error occurs in bfd.c line 2084, in the statement sections_being_created [shindex] = FALSE; where shindex is 832, and it looks like the size of the 'sections_being_created' array is also 832. I don't understand what the code is doing but I printed some variables that seem to be relevant, please see below. Dan --------- jtrmal@a12 /usr/src/binutils/binutils-2.22 $ cd ~jtrmal/soft/openfst-1.5.3/src/script jtrmal@a12 ~/soft/openfst-1.5.3/src/script $ valgrind --db-attach=yes /usr/src/binutils/binutils-2.22/ld/ld-new --sysroot=/ --build-id --no-add-needed --eh-frame-hdr -m elf_x86_64 --hash-style=both -shared -o .libs/libfstscript.so.4.0.0 -L/usr/lib/gcc/x86_64-linux-gnu/4.7 -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../../lib -L/lib/x86_64-linux-gnu -L/lib/../lib -L/usr/lib/x86_64-linux-gnu -L/usr/lib/../lib -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../.. -L/usr/lib/gcc/x86_64-linux-gnu/4.7 -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../../lib -L/lib/x86_64-linux-gnu -L/lib/../lib -L/usr/lib/x86_64-linux-gnu -L/usr/lib/../lib -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../.. /usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu/crti.o /usr/lib/gcc/x86_64-linux-gnu/4.7/crtbeginS.o .libs/arciterator-class.o .libs/arcsort.o .libs/closure.o .libs/compile.o .libs/compose.o .libs/concat.o .libs/connect.o .libs/convert.o .libs/decode.o .libs/determinize.o .libs/difference.o .libs/disambiguate.o .libs/draw.o .libs/encode.o .libs/encodemapper-class.o .libs/epsnormalize.o .libs/equal.o .libs/equivalent.o .libs/fst-class.o .libs/info.o .libs/intersect.o .libs/invert.o .libs/isomorphic.o .libs/map.o .libs/minimize.o .libs/print.o .libs/project.o .libs/prune.o .libs/push.o .libs/randequivalent.o .libs/randgen.o .libs/relabel.o .libs/replace.o .libs/reverse.o .libs/reweight.o .libs/rmepsilon.o .libs/script-impl.o .libs/shortest-distance.o .libs/shortest-path.o .libs/stateiterator-class.o .libs/synchronize.o .libs/text-io.o .libs/topsort.o .libs/union.o .libs/weight-class.o .libs/verify.o -rpath /home/jtrmal/soft/openfst-1.5.3/src/lib/.libs ../lib/.libs/libfst.so -ldl -lstdc++ -lm -lc -lgcc_s /usr/lib/gcc/x86_64-linux-gnu/4.7/crtendS.o /usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu/crtn.o -soname libfstscript.so.4 ==17439== Memcheck, a memory error detector ==17439== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al. ==17439== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info ==17439== Command: /usr/src/binutils/binutils-2.22/ld/ld-new --sysroot=/ --build-id --no-add-needed --eh-frame-hdr -m elf_x86_64 --hash-style=both -shared -o .libs/libfstscript.so.4.0.0 -L/usr/lib/gcc/x86_64-linux-gnu/4.7 -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../../lib -L/lib/x86_64-linux-gnu -L/lib/../lib -L/usr/lib/x86_64-linux-gnu -L/usr/lib/../lib -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../.. -L/usr/lib/gcc/x86_64-linux-gnu/4.7 -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../../../lib -L/lib/x86_64-linux-gnu -L/lib/../lib -L/usr/lib/x86_64-linux-gnu -L/usr/lib/../lib -L/usr/lib/gcc/x86_64-linux-gnu/4.7/../../.. /usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu/crti.o /usr/lib/gcc/x86_64-linux-gnu/4.7/crtbeginS.o .libs/arciterator-class.o .libs/arcsort.o .libs/closure.o .libs/compile.o .libs/compose.o .libs/concat.o .libs/connect.o .libs/convert.o .libs/decode.o .libs/determinize.o .libs/difference.o .libs/disambiguate.o .libs/draw.o .libs/encode.o .libs/encodemapper-class.o .libs/epsnormalize.o .libs/equal.o .libs/equivalent.o .libs/fst-class.o .libs/info.o .libs/intersect.o .libs/invert.o .libs/isomorphic.o .libs/map.o .libs/minimize.o .libs/print.o .libs/project.o .libs/prune.o .libs/push.o .libs/randequivalent.o .libs/randgen.o .libs/relabel.o .libs/replace.o .libs/reverse.o .libs/reweight.o .libs/rmepsilon.o .libs/script-impl.o .libs/shortest-distance.o .libs/shortest-path.o .libs/stateiterator-class.o .libs/synchronize.o .libs/text-io.o .libs/topsort.o .libs/union.o .libs/weight-class.o .libs/verify.o -rpath /home/jtrmal/soft/openfst-1.5.3/src/lib/.libs ../lib/.libs/libfst.so -ldl -lstdc++ -lm -lc -lgcc_s /usr/lib/gcc/x86_64-linux-gnu/4.7/crtendS.o /usr/lib/gcc/x86_64-linux-gnu/4.7/../../../x86_64-linux-gnu/crtn.o -soname libfstscript.so.4 ==17439== ==17439== Invalid write of size 4 ==17439== at 0x460B24: bfd_section_from_shdr (elf.c:2084) ==17439== by 0x4536BD: bfd_elf64_object_p (elfcode.h:807) ==17439== by 0x4385EF: bfd_check_format_matches (format.c:172) ==17439== by 0x41C2D1: ldfile_try_open_bfd (ldfile.c:316) ==17439== by 0x41C95B: ldfile_open_file (ldfile.c:428) ==17439== by 0x410EA7: load_symbols (ldlang.c:2703) ==17439== by 0x411BC2: open_input_bfds (ldlang.c:3296) ==17439== by 0x413FD9: lang_process (ldlang.c:6570) ==17439== by 0x403746: main (ldmain.c:405) ==17439== Address 0x114d1130 is 0 bytes after a block of size 3,344 alloc'd ==17439== at 0x4C28BED: malloc (vg_replace_malloc.c:263) ==17439== by 0x4B9FF4: _objalloc_alloc (objalloc.c:143) ==17439== by 0x43A0A8: bfd_alloc (opncls.c:931) ==17439== by 0x43A165: bfd_zalloc (opncls.c:980) ==17439== by 0x4608DE: bfd_section_from_shdr (elf.c:1614) ==17439== by 0x461667: bfd_section_from_shdr (elf.c:1904) ==17439== by 0x4536BD: bfd_elf64_object_p (elfcode.h:807) ==17439== by 0x4385EF: bfd_check_format_matches (format.c:172) ==17439== by 0x41C2D1: ldfile_try_open_bfd (ldfile.c:316) ==17439== by 0x41C95B: ldfile_open_file (ldfile.c:428) ==17439== by 0x410EA7: load_symbols (ldlang.c:2703) ==17439== by 0x411BC2: open_input_bfds (ldlang.c:3296) ==17439== ==17439== ==17439== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- y ==17439== starting debugger with cmd: /usr/bin/gdb -nw /proc/19907/fd/1024 19907 GNU gdb (GDB) 7.4.1-debian Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /proc/19907/fd/1024...done. Attaching to program: /proc/19907/fd/1024, process 19907 Reading symbols from /usr/lib/valgrind/vgpreload_core-amd64-linux.so...Reading symbols from /usr/lib/debug/usr/lib/valgrind/vgpreload_core-amd64-linux.so...done. done. Loaded symbols for /usr/lib/valgrind/vgpreload_core-amd64-linux.so Reading symbols from /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so...Reading symbols from /usr/lib/debug/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so...done. done. Loaded symbols for /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so Reading symbols from /lib/x86_64-linux-gnu/libz.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/x86_64-linux-gnu/libz.so.1 Reading symbols from /lib/x86_64-linux-gnu/libdl.so.2...Reading symbols from /usr/lib/debug/lib/x86_64-linux-gnu/libdl-2.13.so...done. done. Loaded symbols for /lib/x86_64-linux-gnu/libdl.so.2 Reading symbols from /lib/x86_64-linux-gnu/libc.so.6...Reading symbols from /usr/lib/debug/lib/x86_64-linux-gnu/libc-2.13.so...done. done. Loaded symbols for /lib/x86_64-linux-gnu/libc.so.6 Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/ld-linux-x86-64.so.2 Failed to read a valid object file image from memory. bfd_section_from_shdr (abfd=abfd@entry=0x1153aa90, shindex=shindex@entry=832) at elf.c:2084 2084 sections_being_created [shindex] = FALSE; (gdb) p shindex $1 = 832 (gdb) p num_sec No symbol "num_sec" in current context. (gdb) p abfd->tdata.elf_obj_data->num_elf_sections $2 = 3434 (gdb) p nesting $3 = 3 (gdb) p sections_being_created_abfd $4 = (bfd *) 0x113c6f90 (gdb) p abfd $5 = (bfd *) 0x1153aa90 (gdb) p sections_being_created_abfd->tdata.elf_obj_data->num_elf_sections $6 = 832 (gdb) (gdb) p *(abfd->tdata.elf_obj_data) $9 = { elf_header = {{ e_ident = "\177ELF\002\001\001\003\000\000\000\000\000\000\000", e_entry = 0, e_phoff = 0, e_shoff = 335600, e_version = 1, e_flags = 0, e_type = 1, e_machine = 62, e_ehsize = 64, e_phentsize = 0, e_phnum = 0, e_shentsize = 64, e_shnum = 3434, e_shstrndx = 3431 }}, elf_sect_ptr = 0x11589070, phdr = 0x0, segment_map = 0x0, strtab_ptr = 0x0, num_locals = 0, num_globals = 0, num_elf_sections = 3434, num_section_syms = 0, section_syms = 0x0, symtab_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, ---Type <return> to continue, or q <return> to quit--- sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, shstrtab_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, strtab_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, dynsymtab_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, ---Type <return> to continue, or q <return> to quit--- sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, dynstrtab_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, dynversym_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, ---Type <return> to continue, or q <return> to quit--- contents = 0x0 }, dynverref_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, dynverdef_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, symtab_shndx_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, ---Type <return> to continue, or q <return> to quit--- sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, symtab_section = 0, shstrtab_section = 0, strtab_section = 0, dynsymtab_section = 0, symtab_shndx_section = 0, dynversym_section = 0, dynverdef_section = 0, dynverref_section = 0, next_file_pos = 0, gp = 0, gp_size = 0, core_signal = 0, core_pid = 0, core_lwpid = 0, core_program = 0x0, core_command = 0x0, sym_hashes = 0x0, local_got = { refcounts = 0x0, offsets = 0x0, ents = 0x0 }, dt_name = 0x0, dt_audit = 0x0, program_header_size = 18446744073709551615, line_info = 0x0, find_line_info = 0x0, dwarf1_find_line_info = 0x0, ---Type <return> to continue, or q <return> to quit--- dwarf2_find_line_info = 0x0, local_stubs = 0x0, local_call_stubs = 0x0, eh_frame_hdr = 0x0, group_sect_ptr = 0x0, num_group = 0, cverdefs = 0, cverrefs = 0, stack_flags = 0, verdef = 0x0, verref = 0x0, elf_data_symbol = 0x0, elf_text_symbol = 0x0, elf_data_section = 0x0, elf_text_section = 0x0, eh_frame_section = 0x0, dyn_lib_class = DYN_NORMAL, linker = 0, bad_symtab = 0, flags_init = 0, symbuf = 0x0, known_obj_attributes = {{{ type = 0, i = 0, s = 0x0 } <repeats 71 times>}, {{ type = 0, i = 0, s = 0x0 } <repeats 71 times>}}, other_obj_attributes = {0x0, 0x0}, after_write_object_contents = 0, after_write_object_contents_info = 0x0, build_id_size = 0, build_id = 0x0, sdt_note_head = 0x0, ---Type <return> to continue, or q <return> to quit--- has_gnu_symbols = 0, object_id = X86_64_ELF_DATA } (gdb) (gdb) p *(sections_being_created_abfd->tdata.elf_obj_data) $10 = { elf_header = {{ e_ident = "\177ELF\002\001\001\003\000\000\000\000\000\000\000", e_entry = 0, e_phoff = 0, e_shoff = 85440, e_version = 1, e_flags = 0, e_type = 1, e_machine = 62, e_ehsize = 64, e_phentsize = 0, e_phnum = 0, e_shentsize = 64, e_shnum = 832, e_shstrndx = 829 }}, elf_sect_ptr = 0x113e27f0, phdr = 0x0, segment_map = 0x0, strtab_ptr = 0x0, num_locals = 0, num_globals = 0, num_elf_sections = 832, num_section_syms = 0, section_syms = 0x0, symtab_hdr = { sh_name = 1, sh_type = 2, sh_flags = 0, sh_addr = 0, sh_offset = 138688, sh_size = 29568, sh_link = 831, sh_info = 785, sh_addralign = 8, ---Type <return> to continue, or q <return> to quit--- sh_entsize = 24, bfd_section = 0x0, contents = 0x0 }, shstrtab_hdr = { sh_name = 17, sh_type = 3, sh_flags = 0, sh_addr = 0, sh_offset = 58104, sh_size = 27331, sh_link = 0, sh_info = 0, sh_addralign = 1, sh_entsize = 0, bfd_section = 0x0, contents = 0x113e4240 "" }, strtab_hdr = { sh_name = 9, sh_type = 3, sh_flags = 0, sh_addr = 0, sh_offset = 168256, sh_size = 39567, sh_link = 0, sh_info = 0, sh_addralign = 1, sh_entsize = 0, bfd_section = 0x0, contents = 0x114d3bb0 "" }, dynsymtab_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, ---Type <return> to continue, or q <return> to quit--- sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, dynstrtab_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, dynversym_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, ---Type <return> to continue, or q <return> to quit--- contents = 0x0 }, dynverref_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, dynverdef_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, symtab_shndx_hdr = { sh_name = 0, sh_type = 0, sh_flags = 0, sh_addr = 0, sh_offset = 0, ---Type <return> to continue, or q <return> to quit--- sh_size = 0, sh_link = 0, sh_info = 0, sh_addralign = 0, sh_entsize = 0, bfd_section = 0x0, contents = 0x0 }, symtab_section = 830, shstrtab_section = 0, strtab_section = 0, dynsymtab_section = 0, symtab_shndx_section = 0, dynversym_section = 0, dynverdef_section = 0, dynverref_section = 0, next_file_pos = 0, gp = 0, gp_size = 8, core_signal = 0, core_pid = 0, core_lwpid = 0, core_program = 0x0, core_command = 0x0, sym_hashes = 0x1151afc0, local_got = { refcounts = 0x0, offsets = 0x0, ents = 0x0 }, dt_name = 0x0, dt_audit = 0x0, program_header_size = 18446744073709551615, line_info = 0x0, find_line_info = 0x0, dwarf1_find_line_info = 0x0, ---Type <return> to continue, or q <return> to quit--- dwarf2_find_line_info = 0x0, local_stubs = 0x0, local_call_stubs = 0x0, eh_frame_hdr = 0x0, group_sect_ptr = 0x114d1180, num_group = 307, cverdefs = 0, cverrefs = 0, stack_flags = 0, verdef = 0x0, verref = 0x0, elf_data_symbol = 0x0, elf_text_symbol = 0x0, elf_data_section = 0x0, elf_text_section = 0x0, eh_frame_section = 0x0, dyn_lib_class = DYN_NORMAL, linker = 0, bad_symtab = 0, flags_init = 0, symbuf = 0x0, known_obj_attributes = {{{ type = 0, i = 0, s = 0x0 } <repeats 71 times>}, {{ type = 0, i = 0, s = 0x0 } <repeats 71 times>}}, other_obj_attributes = {0x0, 0x0}, after_write_object_contents = 0, after_write_object_contents_info = 0x0, build_id_size = 0, build_id = 0x0, sdt_note_head = 0x0, ---Type <return> to continue, or q <return> to quit--- has_gnu_symbols = 0, object_id = X86_64_ELF_DATA } (gdb) (gdb) -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
