[Bug ld/13581] New: R_X86_64_PC32 against global symbol can't be used for PIC on x32

Tue, 10 Jan 2012 11:45:42 -0800 

http://sourceware.org/bugzilla/show_bug.cgi?id=13581

             Bug #: 13581
           Summary: R_X86_64_PC32 against global symbol can't be used for
                    PIC on x32
           Product: binutils
           Version: 2.23 (HEAD)
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ld
        AssignedTo: unassig...@sourceware.org
        ReportedBy: hjl.to...@gmail.com
    Classification: Unclassified


[hjl@gnu-6 gold-2]$ cat x.c
#include <stdio.h>

int bar;
extern void foo ();

int
main ()
{
  printf ("main: %d\n", bar);
  foo ();
  printf ("main: %d\n", bar);
  bar += 3;
  foo ();
  printf ("main: %d\n", bar);
  return 0;
}
[hjl@gnu-6 gold-2]$ cat y.c
#include <stdio.h>

extern int bar;

void
foo ()
{
  printf ("bar: %d\n", bar);
  bar += 2;
}
[hjl@gnu-6 gold-2]$ make
/usr/gcc-4.6.3-x32/bin/gcc  -mx32 -g  -c y.c
/usr/gcc-4.6.3-x32/bin/gcc  -shared  -mx32 -g  -o y.so y.o
/usr/gcc-4.6.3-x32/bin/gcc  -mx32 -g  -o x x.c y.so -Wl,-rpath,.
./x
main: 0
make: *** [all] Segmentation fault
[hjl@gnu-6 gold-2]$ gdb x
GNU gdb (GDB) 7.3.50.20110914-cvs
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /export/home/hjl/bugs/binutils/x32/gold-2/x...done.
(gdb) r
Starting program: /export/home/hjl/bugs/binutils/x32/gold-2/x 
main: 0

Program received signal SIGSEGV, Segmentation fault.
foo () at y.c:8
8      printf ("bar: %d\n", bar);
(gdb) disass
Dump of assembler code for function foo:
   0xf7dfb454 <+0>:    push   %rbp
   0xf7dfb455 <+1>:    mov    %esp,%ebp
=> 0xf7dfb457 <+3>:    mov    0x88053c3(%rip),%edx        # 0x600820
   0xf7dfb45d <+9>:    mov    $0xf7dfb4d2,%eax
   0xf7dfb462 <+14>:    mov    %eax,%eax
   0xf7dfb464 <+16>:    mov    %edx,%esi
   0xf7dfb466 <+18>:    mov    %rax,%rdi
   0xf7dfb469 <+21>:    mov    $0x0,%eax
   0xf7dfb46e <+26>:    callq  0xf7a8a1f0 <printf>
   0xf7dfb473 <+31>:    mov    0x88053a7(%rip),%eax        # 0x600820
   0xf7dfb479 <+37>:    add    $0x2,%eax
   0xf7dfb47c <+40>:    mov    %eax,0x880539e(%rip)        # 0x600820
   0xf7dfb482 <+46>:    pop    %rbp
   0xf7dfb483 <+47>:    retq   
End of assembler dump.
(gdb) p &bar
$1 = (int *) 0x600820
(gdb) p $rip
$2 = 4158633047
(gdb) p/x $rip
$3 = 0xf7dfb457
(gdb) p/x $rip + 0x88053c3
$4 = 0x10060081a
(gdb) quit
A debugging session is active.

    Inferior 1 [process 10205] will be killed.

Quit anyway? (y or n) y
[hjl@gnu-6 gold-2]$ readelf -r y.o

Relocation section '.rela.text' at offset 0x80c contains 5 entries:
 Offset     Info    Type            Sym.Value  Sym. Name + Addend
00000005  00001002 R_X86_64_PC32     00000000   bar - 4
0000000a  0000050a R_X86_64_32       00000000   .rodata + 0
0000001b  00001102 R_X86_64_PC32     00000000   printf - 4
00000021  00001002 R_X86_64_PC32     00000000   bar - 4
0000002a  00001002 R_X86_64_PC32     00000000   bar - 4

Here 0x88053c3(%rip) overflows 32bit address space.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

Reply via email to