Control: tags -1 + moreinfo Hi Ben,
On Sat, Aug 06, 2022 at 01:11:55AM +0200, Ben Hutchings wrote: > Source: linux > Version: 5.19-1~exp1 > Severity: normal > Tags: upstream > > I'm doing some test builds of klibc > <https://git.kernel.org/pub/scm/libs/klibc/klibc.git> and found a > regression for arm64. What changed is binutils, and I've reported > bug #1016717 there, but it seems to be triggering an existing bug in > the kernel. > > Loading some of klibc's test programs (getoptlong.shared, > malloctest2.shared, setjmptest.shared, sigint.shared) fails, with > execve() returning EFAULT. This happens past the point of no return, > so the kernel kills the process with SIGSEGV. > > The reason for this seems to be that: > > 1. All of these programs have a BSS section but not a data section. > 2. The BSS section is not page-aligned (it now starts at 0xffe8). > 3. binfmt_elf assumes that a non-page-aligned BSS section is placed > immediately after a writable data section in memory, and tries to > clear memory from the start of the BSS section up to the page > boundary. > 4. In this case, there is no data section and no file mapping before > the BSS, so this results in an EFAULT. This happens past the point > of no return, so the kernel kills the process. > > With older versions of binutils, the BSS section was still misaligned > on arm64 but started within the same 4K page as another section. > > binfmt_elf should check whether it created a mapping before a non- > aligned BSS section; if not then it should round down the start of the > zero mapping instead of trying to clear part of a mapping that's not > there. Is this still an issue? Regards, Salvatore
