This is the mail archive of the binutils@sources.redhat.com mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Segfault with -pie on IA64

From: Jim Wilson <wilson at specifixinc dot com>
To: Ian Wienand <ianw at gelato dot unsw dot edu dot au>
Cc: binutils at sources dot redhat dot com, jakub at redhat dot com
Date: 16 Nov 2003 18:27:12 -0800
Subject: Re: Segfault with -pie on IA64
References: <20031031044637.GG12478@cse.unsw.EDU.AU><1067586004.1114.179.camel@leaf.tuliptree.org> <20031101032327.GA28012@cse.unsw.EDU.AU>

On Fri, 2003-10-31 at 19:23, Ian Wienand wrote:
> Sorry, that was stupid of me, and thank you for looking anyway.  It
> happens for me with the debian linker

When I first looked at this, my IA-64 system was running debian stable (woody).
I now have both debian stable and debian testing (sarge) on my system.  I was
able to reproduce this problem using debian sarge.

The key to the problem is that you have to have a copy of crtbegin.o which
uses init_array/fini_array sections with FPTR64LSB relocs.  This happens only
if you have recent binutils and gcc versions, and I think only if you are
building a native, since gcc has to do a gas feature test to determine if it
is safe to use init_array/fini_array.

ld dies in elfxx-ia64.c set_fptr_entry because it tries to write into the
rel_fptr_sec (.rela.opd) section, but the section contents have not been
allocated yet.  That is, ia64_info->rel_fptr_sec->contents == 0.  This causes
a store to a zero-page address which gives a segfault.

The .rela.opd section contents were not initialized because it isn't in dynobj.
I don't fully understand the difference between dynobj and abfd here, but it
seems that if fptr_sec (.opd) is in dynobj, then its relocation section
rel_fptr_sec (.rela.opd) must be also.  The following patch does this, and
solves this problem.

While groping around to figure out what was wrong, I noticed a few other
minor things.
1) There is no .rela.opd section in the linker script.  This seems to be
harmless in that the orphan section code will handle it, but it seems like
it should really be in there since all of the other known sections are.
2) There is code in elfNN_ia64_size_dynamic_section that strips off all of
the zero size dynamic sections, including fptr_sec, but it doesn't handle
rel_fptr_sec.  I think it should.

2003-11-16  James E Wilson  <wilson@specifixinc.com>

	* elfxx-ia64.c (get_fptr): For fptr_rel, use dynobj not abfd.

Index: elfxx-ia64.c
===================================================================
RCS file: /cvs/src/src/bfd/elfxx-ia64.c,v
retrieving revision 1.108
diff -p -r1.108 elfxx-ia64.c
*** elfxx-ia64.c	5 Nov 2003 13:17:09 -0000	1.108
--- elfxx-ia64.c	17 Nov 2003 02:04:21 -0000
*************** get_fptr (abfd, info, ia64_info)
*** 1992,2000 ****
        if (info->pie)
  	{
  	  asection *fptr_rel;
! 	  fptr_rel = bfd_make_section(abfd, ".rela.opd");
  	  if (fptr_rel == NULL
! 	      || !bfd_set_section_flags (abfd, fptr_rel,
  					 (SEC_ALLOC | SEC_LOAD
  					  | SEC_HAS_CONTENTS
  					  | SEC_IN_MEMORY
--- 1993,2001 ----
        if (info->pie)
  	{
  	  asection *fptr_rel;
! 	  fptr_rel = bfd_make_section(dynobj, ".rela.opd");
  	  if (fptr_rel == NULL
! 	      || !bfd_set_section_flags (dynobj, fptr_rel,
  					 (SEC_ALLOC | SEC_LOAD
  					  | SEC_HAS_CONTENTS
  					  | SEC_IN_MEMORY
-- 
Jim Wilson, GNU Tools Support, http://www.SpecifixInc.com

Follow-Ups:
- Re: Segfault with -pie on IA64
  - From: Hans-Peter Nilsson
- Re: Segfault with -pie on IA64
  - From: Alan Modra

References:
- Re: Segfault with -pie on IA64
  - From: Ian Wienand

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]