[Bug ld/23839] New: ld generates a corrupted relocation table for .ARM.exidx sections

Sun, 28 Oct 2018 06:45:02 -0700 

https://sourceware.org/bugzilla/show_bug.cgi?id=23839

            Bug ID: 23839
           Summary: ld generates a corrupted relocation table for
                    .ARM.exidx sections
           Product: binutils
           Version: 2.30
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: ld
          Assignee: unassigned at sourceware dot org
          Reporter: blastrock at free dot fr
  Target Milestone: ---

I have a bug where my unwind tables are corrupted because of a faulty
relocation in the .rel.ARM.exidx section of my output executable.

I just discovered https://sourceware.org/bugzilla/show_bug.cgi?id=20595 which
is fixed, but it seems like this is the exact bug I am seeing.

I have applied the following patch to catch my issue:

diff -ru binutils-2.30.orig/bfd/elf32-arm.c binutils-2.30/bfd/elf32-arm.c
--- binutils-2.30.orig/bfd/elf32-arm.c  2018-10-28 14:32:50.434311154 +0100
+++ binutils-2.30/bfd/elf32-arm.c       2018-10-28 14:33:48.771218065 +0100
@@ -12275,6 +12275,9 @@
   relend = relocs + input_section->reloc_count;
   for (; rel < relend; rel++)
     {
+      if (rel->r_offset < 0 || rel->r_offset >= input_section->size)
+        printf("that's an overflow !!!\n");
+
       int                         r_type;
       reloc_howto_type *          howto;
       unsigned long               r_symndx;

And indeed, some relocations are applied to addresses that are outside of the
concerned section. This is my first time digging in ld's code so please tell me
if this is actually normal behavior.

So I assumed that's because of exidx entries merging and I reached the same
workaround described here:
https://sourceware.org/bugzilla/show_bug.cgi?id=20595#c1 .

I can see some rests of #20595's fix around elf32-arm.c:14823 (still on
binutils 2.30), but I don't understand what those external or internal
relocations and swap in and out functions are.

I could reproduce my issue on binutils 2.31, but I did all my investigation on
2.30.

Please tell me if I can help investigate the issue. I can provide a
reproduction case but I couldn't simplify it so it implies lots of objects,
libraries and a custom toolchain.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

Reply via email to