Created attachment 11031 [details] bug.o Original bug found on libressl: https://bugs.gentoo.org/656104 libressl itself has a bug that triggers binutils SIGSEGV. See fix if you are interested: https://github.com/libressl-portable/portable/pull/426 Steps to reproduce: Source file: // $ cat bug.i __asm__(".section .gnu.warning."); a() { b(); } Build as: $ hppa2.0-unknown-linux-gnu-gcc -fPIC -c bug.i -o bug.o $ hppa2.0-unknown-linux-gnu-gcc -shared -fPIC bug.o -o libbug.so ... collect2: fatal error: ld terminated with signal 11 [Segmentation fault], core dumped bug.o is also attached. gdb backtrace: Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007f761db022b4 in sprintf (__fmt=0x7f761db67feb "%08x_%s+%x", __s=0x55a62a3c5fb0 "\020p<*\246U") at /usr/include/bits/stdio2.h:33 33 return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1, (gdb) bt #0 0x00007f761db022b4 in sprintf (__fmt=0x7f761db67feb "%08x_%s+%x", __s=0x55a62a3c5fb0 "\020p<*\246U") at /usr/include/bits/stdio2.h:33 #1 hppa_stub_name (hh=hh@entry=0x55a62a1d1040, rela=<optimized out>, rela=<optimized out>, sym_sec=<optimized out>, input_section=<optimized out>) at /usr/src/debug/cross-hppa2.0-unknown-linux-gnu/binutils-2.30-r2/binutils-2.30/bfd/elf32-hppa.c:468 #2 0x00007f761db02399 in hppa_get_stub_entry (sym_sec=sym_sec@entry=0x0, hh=hh@entry=0x55a62a1d1040, rela=rela@entry=0x55a62a200b20, htab=htab@entry=0x55a62a1cfe90, input_section=<optimized out>) at /usr/src/debug/cross-hppa2.0-unknown-linux-gnu/binutils-2.30-r2/binutils-2.30/bfd/elf32-hppa.c:517 #3 0x00007f761db045ab in final_link_relocate (info=0x55a629ef2a60 <link_info>, hh=0x55a62a1d1040, sym_sec=<optimized out>, htab=0x55a62a1cfe90, value=<optimized out>, rela=0x55a62a200b20, contents=0x55a62a402aa0 "k\302?\331\b\003\002A\b\036\002Co\301", input_section=0x55a62a1fe920) at /usr/src/debug/cross-hppa2.0-unknown-linux-gnu/binutils-2.30-r2/binutils-2.30/bfd/elf32-hppa.c:3274 #4 elf32_hppa_relocate_section (output_bfd=output_bfd@entry=0x55a62a1cdb00, info=0x55a629ef2a60 <link_info>, input_bfd=input_bfd@entry=0x55a62a1eac50, input_section=input_section@entry=0x55a62a1fe920, contents=0x55a62a402aa0 "k\302?\331\b\003\002A\b\036\002Co\301", relocs=relocs@entry=0x55a62a200b20, local_syms=0x55a62a1fc1a0, local_sections=0x55a62a402fa0) at /usr/src/debug/cross-hppa2.0-unknown-linux-gnu/binutils-2.30-r2/binutils-2.30/bfd/elf32-hppa.c:4174 #5 0x00007f761db2bb60 in elf_link_input_bfd (flinfo=flinfo@entry=0x7fffab228070, input_bfd=input_bfd@entry=0x55a62a1eac50) at /usr/src/debug/cross-hppa2.0-unknown-linux-gnu/binutils-2.30-r2/binutils-2.30/bfd/elflink.c:10715 #6 0x00007f761db2d6af in bfd_elf_final_link () at /usr/src/debug/cross-hppa2.0-unknown-linux-gnu/binutils-2.30-r2/binutils-2.30/bfd/elflink.c:12033 #7 0x00007f761db0553b in elf32_hppa_final_link (abfd=0x55a62a1cdb00, info=0x55a629ef2a60 <link_info>) at /usr/src/debug/cross-hppa2.0-unknown-linux-gnu/binutils-2.30-r2/binutils-2.30/bfd/elf32-hppa.c:3143 #8 0x000055a629c9541f in ldwrite () at /usr/src/debug/cross-hppa2.0-unknown-linux-gnu/binutils-2.30-r2/binutils-2.30/ld/ldwrite.c:581 #9 0x000055a629c7df30 in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/cross-hppa2.0-unknown-linux-gnu/binutils-2.30-r2/binutils-2.30/ld/ldmain.c:456
Minimal reproducer does not require any external objects: $ hppa2.0-unknown-linux-gnu-ld -shared -o libbug.so bug.o
The master branch has been updated by Alan Modra <amodra@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7455c018e45766ab7193cbd45f98f781e0dc7d84 commit 7455c018e45766ab7193cbd45f98f781e0dc7d84 Author: Alan Modra <amodra@gmail.com> Date: Mon May 21 21:29:25 2018 +0930 PR23207, hppa ld SIGSEGVs on invalid object files We don't create PLT call stubs for anything in non-alloc sections, so it doesn't pay to go looking for them. The problem is that non-alloc sections aren't processed by group_sections and thus don't get a link_sec set up for them. PR 23207 * elf32-hppa.c (final_link_relocate): Don't look for plt call stubs in non-alloc sections.
(In reply to cvs-commit@gcc.gnu.org from comment #2) > The master branch has been updated by Alan Modra <amodra@sourceware.org>: > > https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git; > h=7455c018e45766ab7193cbd45f98f781e0dc7d84 > > commit 7455c018e45766ab7193cbd45f98f781e0dc7d84 > Author: Alan Modra <amodra@gmail.com> > Date: Mon May 21 21:29:25 2018 +0930 This seems to fix the minimal reproducer, but not original bug. ld still SIGSEGVs. Bigger minimal file that still SIGSEGVs: // $ cat bug.i a() { b(); } __asm__(".section .gnu.warning."); c() { b(); } Same steps to reproduce: $ hppa2.0-unknown-linux-gnu-gcc -fPIC -c bug.i -o bug.o $ hppa2.0-unknown-linux-gnu-gcc -shared -fPIC bug.o -o libbug.so Will attach bigger object file as well.
Created attachment 11033 [details] bug-2.o
(In reply to Sergei Trofimovich from comment #4) > Created attachment 11033 [details] > bug-2.o crash backtrace for it: $ gdb --args ~/dev/git/binutils-gdb-hppa2.0/ld/ld-new -shared -o libbug.so bug.o ... (gdb) bt #0 0x00005555555c980b in hppa_stub_name (input_section=0x0, sym_sec=0x0, hh=0x555555906b50, rela=0x55555591f8d0) at ../../binutils-gdb/bfd/elf32-hppa.c:469 #1 0x00005555555cdd61 in elf32_hppa_size_stubs (output_bfd=0x555555903f20, stub_bfd=0x555555918580, info=0x5555558ebd20 <link_info>, multi_subspace=0, group_size=1, add_stub_section=0x5555555a2b59 <hppaelf_add_stub_section>, layout_sections_again=0x5555555a2c58 <hppaelf_layout_sections_again>) at ../../binutils-gdb/bfd/elf32-hppa.c:2925 #2 0x00005555555a2e07 in gldhppalinux_after_allocation () at ehppalinux.c:354 #3 0x000055555559af2a in ldemul_after_allocation () at ../../binutils-gdb/ld/ldemul.c:76 #4 0x0000555555590259 in lang_process () at ../../binutils-gdb/ld/ldlang.c:7403 #5 0x000055555559466e in main (argc=5, argv=0x7fffffffcd98) at ../../binutils-gdb/ld/ldmain.c:438
Created attachment 11034 [details] bug-orig.o bug-orig.o is an object file produced by gcc on libressl-2.6.4
The master branch has been updated by Alan Modra <amodra@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=215f527155ea776fff3f2f836d5da1e300e8c370 commit 215f527155ea776fff3f2f836d5da1e300e8c370 Author: Alan Modra <amodra@gmail.com> Date: Tue May 22 18:34:18 2018 +0930 PR23207, hppa ld SIGSEGVs on invalid object files The last patch was enough to cure the testcase, but not the original object file. This patch does the same for hppa as is done for ppc64, simply test for the section belonging to a group. I've also restricted stubs to load, alloc, code sections. PR 23207 * elf32-hppa.c (hppa_get_stub_entry): Return NULL when link_sec is NULL. (elf32_hppa_size_stubs): Only create stubs for load, alloc, code sections. (final_link_relocate): Revert last change.
Fixed