1112265 – [abrt] binutils: bfd_plugin_get_symbols_in_object_only(): ar killed by SIGSEGV

Bug 1112265 - [abrt] binutils: bfd_plugin_get_symbols_in_object_only(): ar killed by SIGSEGV

Summary: [abrt] binutils: bfd_plugin_get_symbols_in_object_only(): ar killed by SIGSEGV

Keywords:
Status:	CLOSED EOL
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	binutils
Sub Component:
Version:	20
Hardware:	x86_64
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Nick Clifton
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:	https://retrace.fedoraproject.org/faf...
Whiteboard:	abrt_hash:26e432936e2f9680c513aa28e22...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-06-23 12:50 UTC by Vladimír Štill
Modified:	2015-06-29 21:17 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2015-06-29 21:17:07 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
File: backtrace (27.48 KB, text/plain) 2014-06-23 12:50 UTC, Vladimír Štill	no flags	Details
File: cgroup (172 bytes, text/plain) 2014-06-23 12:50 UTC, Vladimír Štill	no flags	Details
File: core_backtrace (2.73 KB, text/plain) 2014-06-23 12:50 UTC, Vladimír Štill	no flags	Details
File: dso_list (1.41 KB, text/plain) 2014-06-23 12:50 UTC, Vladimír Štill	no flags	Details
File: environ (4.47 KB, text/plain) 2014-06-23 12:50 UTC, Vladimír Štill	no flags	Details
File: exploitable (82 bytes, text/plain) 2014-06-23 12:50 UTC, Vladimír Štill	no flags	Details
File: limits (1.29 KB, text/plain) 2014-06-23 12:50 UTC, Vladimír Štill	no flags	Details
File: maps (6.60 KB, text/plain) 2014-06-23 12:50 UTC, Vladimír Štill	no flags	Details
File: open_fds (484 bytes, text/plain) 2014-06-23 12:50 UTC, Vladimír Štill	no flags	Details
File: proc_pid_status (931 bytes, text/plain) 2014-06-23 12:50 UTC, Vladimír Štill	no flags	Details
File: var_log_messages (9.44 KB, text/plain) 2014-06-23 12:50 UTC, Vladimír Štill	no flags	Details
Small test using LLVMgold plugin with ar, ranlib and ld.gold (751 bytes, application/x-gzip) 2014-09-24 05:48 UTC, Mike Farnsworth	no flags	Details
View All

Description Vladimír Štill 2014-06-23 12:50:17 UTC

Description of problem:
While trying to create llvm-bitcode archive file with from multiple .bc files:
ar r  --plugin /usr/lib64/llvm/LLVMgold.so ../libpdc.a <files>
ar crasches with SIGSEGV
Bitcode files generated with:
clang -c -emit-llvm -nobuiltininc -nostdinc -Xclang -nostdsysteminc -nostdinc++ -g <file>

As far as I know the same problem exists on Fedora from version 18 (as can be seen in test logs of DIVINE modelchecker: 
http://divine.fi.muni.cz/hydra/build/5900912/log/raw
http://divine.fi.muni.cz/hydra/build/5900909/log/raw
http://divine.fi.muni.cz/hydra/build/5900916/log/raw
but I don't think these logs will be usefull)

The same command succeeds on Ubuntu 13.10 and on NixOS.

Version-Release number of selected component:
binutils-2.23.88.0.1-13.fc20

Additional info:
reporter:       libreport-2.2.2
backtrace_rating: 4
cmdline:        ar r --plugin /usr/lib64/llvm/LLVMgold.so ../libpdc.a functions/stdio//fseek.c.bc functions/stdio//vfscanf.c.bc functions/stdio//ferror.c.bc functions/stdio//fgetc.c.bc functions/stdio//vprintf.c.bc functions/stdio//vscanf.c.bc functions/stdio//_PDCLIB_print.c.bc functions/stdio//ftrylockfile.c.bc functions/stdio//getc.c.bc functions/stdio//puts.c.bc functions/stdio//fread.c.bc functions/stdio//_PDCLIB_prepread.c.bc functions/stdio//clearerr.c.bc functions/stdio//_PDCLIB_fvopen.c.bc functions/stdio//rewind.c.bc functions/stdio//getchar.c.bc functions/stdio//_PDCLIB_flushbuffer.c.bc functions/stdio//funlockfile.c.bc functions/stdio//flockfile.c.bc functions/stdio//_PDCLIB_seek.c.bc functions/stdio//vsscanf.c.bc functions/stdio//rename.c.bc functions/stdio//snprintf.c.bc functions/stdio//_PDCLIB_filemode.c.bc functions/stdio//feof.c.bc functions/stdio//fclose.c.bc functions/stdio//fflush.c.bc functions/stdio//_PDCLIB_ftell64.c.bc functions/stdio//fscanf.c.bc functions/stdio//ungetc.c.bc functions/stdio//fgetpos.c.bc functions/stdio//setvbuf.c.bc functions/stdio//fprintf.c.bc functions/stdio//putchar.c.bc functions/stdio//fwrite.c.bc functions/stdio//printf.c.bc functions/stdio//vfprintf.c.bc functions/stdio//fputs.c.bc functions/stdio//ftell.c.bc functions/stdio//vsnprintf.c.bc functions/stdio//sprintf.c.bc functions/stdio//getline.c.bc functions/stdio//perror.c.bc functions/stdio//setbuf.c.bc functions/stdio//scanf.c.bc functions/stdio//_PDCLIB_prepwrite.c.bc functions/stdio//tmpnam.c.bc functions/stdio//gets.c.bc functions/stdio//putc.c.bc functions/stdio//fputc.c.bc functions/stdio//fgets.c.bc functions/stdio//_PDCLIB_scan.c.bc functions/stdio//vsprintf.c.bc functions/stdio//fopen.c.bc functions/stdio//_PDCLIB_fillbuffer.c.bc functions/stdio//freopen.c.bc functions/stdio//fsetpos.c.bc functions/stdio//sscanf.c.bc functions/string//strtok.c.bc functions/string//strcat.c.bc functions/string//strrchr.c.bc functions/string//strnlen.c.bc functions/string//memset.c.bc functions/string//strndup.c.bc functions/string//rawmemchr.c.bc functions/string//memchr.c.bc functions/string//memmove.c.bc functions/string//strxfrm.c.bc functions/string//strerror.c.bc functions/string//strcmp.c.bc functions/string//strerror_r.c.bc functions/string//strchrnul.c.bc functions/string//memcpy.c.bc functions/string//strcpy.c.bc functions/string//strcoll.c.bc functions/string//strncmp.c.bc functions/string//strstr.c.bc functions/string//strlen.c.bc functions/string//memcmp.c.bc functions/string//strspn.c.bc functions/string//strncat.c.bc functions/string//strchr.c.bc functions/string//stpcpy.c.bc functions/string//strncasecmp.c.bc functions/string//strpbrk.c.bc functions/string//vasprintf.c.bc functions/string//strncpy.c.bc functions/string//strcasecmp.c.bc functions/string//strdup.c.bc functions/string//strcspn.c.bc functions/string//mempcpy.c.bc functions/locale//_PDCLIB_unicodedata.c.bc functions/locale//_PDCLIB_mb_cur_max.c.bc functions/locae//localeconv.c.bc functions/ctype//isgraph.c.bc functions/ctype//isdigit.c.bc functions/ctype//isupper.c.bc functions/ctype//isspace.c.bc functions/ctype//toupper.c.bc functions/ctype//ispunct.c.bc functions/ctype//isascii.c.bc functions/ctype//isxdigit.c.bc functions/ctype//islower.c.bc functions/ctype//isalpha.c.bc functions/ctype//isblank.c.bc functions/ctype//iscntrl.c.bc functions/ctype//isalnum.c.bc functions/ctype//isprint.c.bc functions/ctype//tolower.c.bc functions/uchar//c16rtomb.c.bc functions/uchar//_PDCLIB_c32slen.c.bc functions/uchar//c32rtomb.c.bc functions/uchar//_PDCLIB_mbsrtoc32s.c.bc functions/uchar//mbrtoc32.c.bc functions/uchar//_PDCLIB_c32srtombs.c.bc functions/uchar//_PDCLIB_c16slen.c.bc functions/uchar//mbrtoc16.c.bc functions/time//strftime.c.bc functions/wchar//wcstok.c.bc functions/wchar//wcscspn.c.bc functions/wchar//wcscpy.c.bc functions/wchar//wmemcpy.c.bc functions/wchar//mbrtowc.c.bc functions/wchar//wcscmp.c.bc functions/wchar//wcslen.c.bc functions/wchar//wcsstr.c.bc functio
crash_function: bfd_plugin_get_symbols_in_object_only
executable:     /usr/bin/ar
kernel:         3.14.8-200.fc20.x86_64
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 bfd_plugin_get_symbols_in_object_only at plugin.c:151
 #1 add_symbols at plugin.c:278
 #2 claim_file_hook at gold-plugin.cpp:354
 #3 bfd_plugin_object_p at plugin.c:450
 #4 bfd_check_format_matches at format.c:202
 #5 bfd_check_format at format.c:95
 #6 _bfd_write_archive_contents at archive.c:2132
 #7 bfd_close at opncls.c:719
 #8 write_archive at ar.c:1125
 #9 replace_members at ar.c:1366

Potential duplicate: bug 879026

Comment 1 Vladimír Štill 2014-06-23 12:50:22 UTC

Created attachment 911415 [details]
File: backtrace

Comment 2 Vladimír Štill 2014-06-23 12:50:24 UTC

Created attachment 911416 [details]
File: cgroup

Comment 3 Vladimír Štill 2014-06-23 12:50:27 UTC

Created attachment 911417 [details]
File: core_backtrace

Comment 4 Vladimír Štill 2014-06-23 12:50:29 UTC

Created attachment 911418 [details]
File: dso_list

Comment 5 Vladimír Štill 2014-06-23 12:50:31 UTC

Created attachment 911419 [details]
File: environ

Comment 6 Vladimír Štill 2014-06-23 12:50:33 UTC

Created attachment 911420 [details]
File: exploitable

Comment 7 Vladimír Štill 2014-06-23 12:50:35 UTC

Created attachment 911421 [details]
File: limits

Comment 8 Vladimír Štill 2014-06-23 12:50:37 UTC

Created attachment 911422 [details]
File: maps

Comment 9 Vladimír Štill 2014-06-23 12:50:39 UTC

Created attachment 911423 [details]
File: open_fds

Comment 10 Vladimír Štill 2014-06-23 12:50:41 UTC

Created attachment 911424 [details]
File: proc_pid_status

Comment 11 Vladimír Štill 2014-06-23 12:50:43 UTC

Created attachment 911426 [details]
File: var_log_messages

Comment 12 Vladimír Štill 2014-06-23 14:03:21 UTC

While trying to eliminate possible sources of this bug I built binutils 2.23.2 from upstream with following configure params:
./configure --enable-shared --enable-gold --enable-plugins --prefix=/opt/binutils
using those binutils and LLVMgold.so from llvm package ar does succeed.

Comment 13 Erwan Legrand 2014-07-29 16:53:58 UTC

Another user experienced a similar problem:

Run gdb --args ranlib --plugin=/usr/lib64/llvm/LLVMgold.so xyz.a

reporter:       libreport-2.2.3
backtrace_rating: 4
cmdline:        ranlib --plugin=/usr/lib64/llvm/LLVMgold.so libcmgwutils/libcmgwutils_32.a libcmgwutils/libcmgwutils.a
crash_function: bfd_plugin_get_symbols_in_object_only
executable:     /usr/bin/ranlib
kernel:         3.13.10-200.fc20.x86_64
package:        binutils-2.23.88.0.1-13.fc20
reason:         ranlib killed by SIGSEGV
runlevel:       N 5
type:           CCpp
uid:            1000

Comment 14 Erwan Legrand 2014-07-30 14:10:41 UTC

This looks like a duplicate of Bug 1101144.

Comment 15 Mike Farnsworth 2014-09-24 05:48:01 UTC

Created attachment 940677 [details]
Small test using LLVMgold plugin with ar, ranlib and ld.gold

Here's a quick test showing the crash.  Make thusly to trigger the crash:

make CXX=clang++ GOLD=ON AR_GOLD=ON

Comment 16 Fedora End Of Life 2015-05-29 12:11:53 UTC

This message is a reminder that Fedora 20 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 20. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '20'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 20 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

Comment 17 Erwan Legrand 2015-05-29 12:47:45 UTC

I can still reproduce this with Fedora 21. Moreover, this makes systemd-coredump consume 100% cpu during more than 3 minutes.

Comment 18 Fedora End Of Life 2015-06-29 21:17:07 UTC

Fedora 20 changed to end-of-life (EOL) status on 2015-06-23. Fedora 20 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.