This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
Re: Q: ld-linux.2 bug in glibc2.2.2?
- To: Andreas Jaeger <aj at suse dot de>
- Subject: Re: Q: ld-linux.2 bug in glibc2.2.2?
- From: Basile STARYNKEVITCH <basile dot starynkevitch at wanadoo dot fr>
- Date: Tue, 27 Feb 2001 10:34:55 +0100 (CET)
- Cc: binutils at sourceware dot cygnus dot com, bug-glibc at gnu dot org
- References: <15002.50814.994780.459295@amadeus.lesours><hoy9usy3vu.fsf@gee.suse.de><15003.23310.519300.64426@amadeus.lesours><hoitlwwlmz.fsf@gee.suse.de>
>>>"Andreas" == Andreas Jaeger <aj@suse.de> writes on glibc-bug
mailing list
Andreas> If your binary is broken, it's a bug in your binary [...]
Andreas> Basile STARYNKEVITCH <basile.starynkevitch@wanadoo.fr>
Andreas> writes:
I did put on "http://www.tunes.org/~basile/glibcbug.tgz" an example of
ld-linux core dump glibc2.2.2 or 2.2.1, Linux/x86 (AMD-K6),
Debian/testing [=sid] distribution, 2.2.18 kernel, gcc 2.95.3, ld
2.10.91 from binutils 2.10.1.0.2-1 debian package. This is an ldscript
with a tiny main2.c in C.
Basile> Well, I have no warning or error message. Neither from ld not
Basile> from the dynamic linker. I would expect that ld-linux.2 should
Basile> be able to run an ELF executable -very similar to gcc produced
Basile> ones- for which /usr/bin/ld does not give any error or
Basile> warning. The ldscript I use contains all the sections from
Basile> /usr/lib/ldscripts/elf_i386.x
Andreas> You might hit a bug - but without a description it's not
Andreas> possible to tell.
I found the bug. The .dynamic section was wrongly placed. So the
DYNAMIC segment was also wrongly placed.
Ok, it was a bug in the ldscript; but I think that it should have been
detected either at compile&link time by ld from binutils, or at
dynamic-link time by ld-linux.so.2. I've got no warning or error
message, just a core dump (in /lib/ld-linux.so.2)
The buggy ldscript incorrectly placed the .dynamic section after the
.bss section. So the resulting data segment was wrong. (the .bss
section had the same offset as the .dynamic section in the ELF
executable).
To circumvent the bug, I did apply the following patch to the ldscript
file in my glibcbug.tgz (see URL above):
################
*** ldscript 2001/02/27 08:03:38 1.1
--- ldscript 2001/02/27 08:09:36
***************
*** 216,221 ****
--- 216,224 ----
KEEP (*(.dtors))
}
.got : { *(.got.plt) *(.got) }
+ .dynamic :
+ { KEEP(*(.dynamic)) } :data :dynamic
+
_edata = .;
PROVIDE (edata = .);
__bss_start = .;
***************
*** 246,253 ****
. = ALIGN(32 / 8);
_end = .;
PROVIDE (end = .);
! .dynamic :
! { KEEP(*(.dynamic)) } :data :dynamic
/***************** debugging and info ****************/
--- 249,255 ----
. = ALIGN(32 / 8);
_end = .;
PROVIDE (end = .);
!
/***************** debugging and info ****************/
################
But I still think that I should have gotten a warning or error either
at static linking&loading time by ld (from binutils) or at dynamic
linking time by ld-linux.so.2 (from glibc). I got neither of them, but
ld-linux.so crashed with a core dump.
I understand that this is a catchy issue.... there is an implicit
contract between binutils and glibc regarding ELF layout, and neither
of these tools do the appropriate checks. (Which probably should be
done by binutils which has more information).
--
Basile STARYNKEVITCH -- http://perso.wanadoo.fr/starynkevitch/basile/
email: basile dot starynkevitch at wanadoo dot fr (France)
alias: basile at tunes dot org host: http://lesours.dyndns.org/
8, rue de la Faïencerie, 92340 Bourg La Reine, phone: 1.46.65.45.53