date:20170902

[Bug ld/22067] New: ld SIGSEGVs when links memtest86+: gldelf_x86_64_place_orphan

2017-09-02 Thread slyfox at inbox dot ru

https://sourceware.org/bugzilla/show_bug.cgi?id=22067

Bug ID: 22067
   Summary: ld SIGSEGVs when links memtest86+:
gldelf_x86_64_place_orphan
   Product: binutils
   Version: 2.29
Status: UNCONFIRMED
  Severity: normal
  Priority: P2
 Component: ld
  Assignee: unassigned at sourceware dot org
  Reporter: slyfox at inbox dot ru
  Target Milestone: ---

Created attachment 10388
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10388&action=edit
memtest-repro.tar.gz

The command (All binaries are attached in memtest-repro.tar.gz):

$ ld -T memtest.bin.lds bootsect.o setup.o -b binary memtest_shared.bin -o
memtest.bin

$ gdb --quiet /usr/bin/ld core.15679 
Reading symbols from /usr/bin/ld...Reading symbols from
/usr/lib64/debug//usr/x86_64-pc-linux-gnu/binutils-bin/2.29/ld.debug...done.
done.
[New LWP 15679]
Core was generated by `ld -T memtest.bin.lds bootsect.o setup.o -b binary
memtest_shared.bin -o memtes'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x55b7313ca4d1 in gldelf_x86_64_place_orphan (s=0x55b73198b8c8,
secname=0x55b7319c0973 ".text", constraint=382) at eelf_x86_64.c:1990
1990&& (elf_section_data (os->bfd_section)->this_hdr.sh_info
(gdb) bt full
#0  0x55b7313ca4d1 in gldelf_x86_64_place_orphan (s=0x55b73198b8c8,
secname=0x55b7319c0973 ".text", constraint=382) at eelf_x86_64.c:1990
hold = {{name = 0x55b731413168 ".text", flags = 283, os =
0x55b731962ca0, section = 0x55b73196e700, stmt = 0x55b731962e00, os_tail =
0x55b731962e20}, {
name = 0x55b73141315a ".rodata", flags = 299, os = 0x0, section =
0x0, stmt = 0x0, os_tail = 0x0}, {name = 0x55b7314131ad ".tdata", flags = 1315,
os = 0x0, section = 0x0, 
stmt = 0x0, os_tail = 0x0}, {name = 0x55b73141314e ".data", flags =
291, os = 0x0, section = 0x0, stmt = 0x0, os_tail = 0x0}, {name =
0x55b731413143 ".bss", flags = 1, os = 0x0, 
section = 0x55b73196e830, stmt = 0x55b731962eb0, os_tail =
0x55b731962ed0}, {name = 0x0, flags = 299, os = 0x0, section = 0x0, stmt = 0x0,
os_tail = 0x0}, {
name = 0x55b7314131b4 ".interp", flags = 299, os = 0x0, section =
0x0, stmt = 0x0, os_tail = 0x0}, {name = 0x55b7314131bc ".sdata", flags =
4194595, os = 0x0, section = 0x0, 
stmt = 0x0, os_tail = 0x0}, {name = 0x55b7314131c3 ".comment",
flags = 256, os = 0x0, section = 0x0, stmt = 0x0, os_tail = 0x0}}
orphan_init_done = 1
place = 
after = 
os = 0x55b731962e00
match_by_name = 0x0
isdyn = 
iself = 1
sh_type = 1
flags = 
nexts = 
#1  0x55b73109efd7 in ldlang_place_orphan (s=0x55b73198b8c8) at
/usr/src/debug/sys-devel/binutils-2.29/binutils-2.29/ld/ldlang.c:6376
os = 
name = 0x55b7319c0973 ".text"
constraint = 0
#2  lang_place_orphans () at
/usr/src/debug/sys-devel/binutils-2.29/binutils-2.29/ld/ldlang.c:6433
s = 0x55b73198b8c8
file = 0x55b73196cfa0
#3  lang_process () at
/usr/src/debug/sys-devel/binutils-2.29/binutils-2.29/ld/ldlang.c:7147
No locals.
#4  0x55b73108c308 in main (argc=, argv=) at
/usr/src/debug/sys-devel/binutils-2.29/binutils-2.29/ld/ldmain.c:445
start_time = 2365
start_sbrk = 0x55b731961000 ""

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug ld/22067] ld SIGSEGVs when links memtest86+: gldelf_x86_64_place_orphan

2017-09-02 Thread slyfox at inbox dot ru

https://sourceware.org/bugzilla/show_bug.cgi?id=22067

--- Comment #1 from Sergei Trofimovich  ---
Running ld from master under valgrind suggests the out-of-bounds
access is still there:

$ valgrind --quiet /home/slyfox/dev/git/binutils-gdb-x86_64/ld/ld-new -T
memtest.bin.lds bootsect.o setup.o -b binary memtest_shared.bin -o memtest.bin
==15789== Invalid read of size 4
==15789==at 0x194D98: _bfd_x86_elf_link_check_relocs (elfxx-x86.c:826)
==15789==by 0x152A2A: lang_check_relocs (ldlang.c:7052)
==15789==by 0x152A2A: lang_process (ldlang.c:7260)
==15789==by 0x1407A3: main (ldmain.c:432)
==15789==  Address 0x5411738 is 0 bytes after a block of size 72 alloc'd
==15789==at 0x4C2CEAF: malloc (vg_replace_malloc.c:299)
==15789==by 0x17DA02: bfd_malloc (libbfd.c:193)
==15789==by 0x17EC92: _bfd_generic_link_hash_table_create (linker.c:753)
==15789==by 0x14EA47: open_output (ldlang.c:3184)
==15789==by 0x14EA47: ldlang_open_output (ldlang.c:3198)
==15789==by 0x14C18F: lang_for_each_statement_worker (ldlang.c:958)
==15789==by 0x1524BF: lang_for_each_statement (ldlang.c:1001)
==15789==by 0x1524BF: lang_process (ldlang.c:7094)
==15789==by 0x1407A3: main (ldmain.c:432)
==15789==

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/13302] IRELATIVE relocation should come last

2017-09-02 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=13302

--- Comment #9 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by H.J. Lu :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5e2ac45d561dffec63af4c83a545b46db032c70c

commit 5e2ac45d561dffec63af4c83a545b46db032c70c
Author: H.J. Lu 
Date:   Sat Sep 2 07:37:05 2017 -0700

x86: Add _bfd_x86_elf_size_dynamic_sections

elf_i386_size_dynamic_sections and elf_x86_64_size_dynamic_sections are
very similar, except for the followings:

1. elf_i386_size_dynamic_sections checks GOT_TLS_IE and GOT_TLS_IE_BOTH.
elf_x86_64_size_dynamic_sections checks only GOT_TLS_IE.  Since
GOT_TLS_IE_BOTH is never true for x86-64, it is OK to check GOT_TLS_IE
for both i386 and x86-64.
2, x86-64 sets tlsdesc_plt, but i386 doesn't.  We set tlsdesc_plt only
if target_id == X86_64_ELF_DATA.
3. x86-64 has

  if (s != htab->elf.srelplt)
s->reloc_count = 0;

and i386 has

  s->reloc_count = 0;

i386 did have

  if (s != htab->srelplt)
s->reloc_count = 0;

in the original commit:

commit 67a4f2b710581acc83afecff55424af285ecbc28
Author: Alexandre Oliva 
Date:   Wed Jan 18 21:07:51 2006 +

But it was removed by

commit 5ae0bfb60a576344d7f701605346282c1144499e
Author: Richard Sandiford 
Date:   Tue Feb 28 07:16:12 2006 +

bfd/
* elf32-i386.c (elf_i386_link_hash_table): Add
next_tls_desc_index.
(elf_i386_link_hash_table_create): Initialize it.
(elf_i386_compute_jump_table_size): Use it instead of
srelplt->reloc_count.
(allocate_dynrelocs): Likewise.
(elf_i386_size_dynamic_sections): Likewise.
(elf_i386_relocate_section): Likewise.

A later commit:

commit e1f987424b7b3f5ac63a2a6ae044a202a44b8ff8
Author: H.J. Lu 
Date:   Fri Oct 21 15:13:37 2011 +

Put IRELATIVE relocations after JUMP_SLOT.

bfd/

2011-10-21  H.J. Lu  

PR ld/13302
* elf32-i386.c (elf_i386_link_hash_table): Add
next_jump_slot_index
and next_irelative_index.
(elf_i386_link_hash_table_create): Initialize
next_jump_slot_index
and next_irelative_index.
(elf_i386_allocate_dynrelocs): Increment reloc_count instead of
next_tls_desc_index.
(elf_i386_size_dynamic_sections): Set next_tls_desc_index and
next_irelative_index from reloc_count.
(elf_i386_finish_dynamic_symbol): Put R_386_IRELATIVE after
R_386_JUMP_SLOT.

changed it back to use reloc_count again. So it is correct to use

  if (s != htab->elf.srelplt)
s->reloc_count = 0;

for both i386 and x86-64 now.
4. i386 and x86-64 use different DT_XXXs.  They are handled by adding
them to elf_x86_link_hash_table.

With these changes, we can share _bfd_x86_elf_size_dynamic_sections in
elf32-i386.c and elf64-x86-64.c.

* elf32-i386.c (elf_i386_convert_load): Renamed to ...
(_bfd_i386_elf_convert_load): This.  Remove static.
(elf_i386_size_dynamic_sections): Removed.
(elf_backend_size_dynamic_sections): Likewise.
* elf64-x86-64.c (elf_x86_64_convert_load): Renamed to ...
(_bfd_x86_64_elf_convert_load): This.  Remove static.
(elf_x86_64_size_dynamic_sections): Removed.
(elf_backend_size_dynamic_sections): Likewise.
* elfxx-x86.c (_bfd_x86_elf_allocate_dynrelocs): Renamed to ...
(elf_x86_allocate_dynrelocs): This.  Make it static.
(_bfd_x86_elf_allocate_local_dynrelocs): Renamed to ...
(elf_x86_allocate_local_dynreloc): This.  Make it static.
(elf_i386_is_reloc_section): New function.
(elf_x86_64_is_reloc_section): Likewise.
(_bfd_x86_elf_link_hash_table_create): Initialize convert_load,
is_reloc_section, dt_reloc, dt_reloc_sz and dt_reloc_ent.
Rearrange got_entry_size initialization.
(_bfd_x86_elf_size_dynamic_sections): New function.
* elfxx-x86.h (elf_x86_link_hash_table): Add convert_load,
is_reloc_section, dt_reloc, dt_reloc_sz and dt_reloc_ent.
(_bfd_i386_elf_convert_load): New.
(_bfd_x86_64_elf_convert_load): Likewise.
(_bfd_x86_elf_size_dynamic_sections): Likewise.
(elf_backend_size_dynamic_sections): Likewise.
(_bfd_x86_elf_allocate_dynrelocs): Removed.
(_bfd_x86_elf_allocate_local_dynrelocs): Likewise.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug ld/22067] New: ld SIGSEGVs when links memtest86+: gldelf_x86_64_place_orphan

[Bug ld/22067] ld SIGSEGVs when links memtest86+: gldelf_x86_64_place_orphan

[Bug binutils/13302] IRELATIVE relocation should come last

3 matches

Site Navigation

Mail list logo

Footer information