27140 – ppc32 segmentation fault in make_stub

Bug 27140 - ppc32 segmentation fault in make_stub

Summary: ppc32 segmentation fault in make_stub

Status:	RESOLVED FIXED

Alias:	None

Product:	binutils
Classification:	Unclassified
Component:	gold (show other bugs)
Version:	2.35

Importance:	P2 normal
Target Milestone:	2.36
Assignee:	Alan Modra

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-01-01 14:19 UTC by marillat
Modified:	2022-06-22 06:29 UTC (History)
CC List:	2 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
fix under test (983 bytes, patch) 2021-01-02 11:26 UTC, Alan Modra	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description marillat 2021-01-01 14:19:26 UTC

Debian unstable binutils 2.35.1-6
I did a bug report to the Debian BTS without reply from the maintainer
https://bugs.debian.org/973746

See the bug report for links to the source code.

Here is the output of coredumpctl and gdb backtrace.

$ coredumpctl debug 2504
           PID: 2504 (ld.gold)
           UID: 1000 (marillat)
           GID: 1000 (marillat)
        Signal: 11 (SEGV)
     Timestamp: Fri 2021-01-01 15:14:29 CET (2min 33s ago)
  Command Line: /usr/bin/ld.gold --build-id --eh-frame-hdr --secure-plt -m elf32ppclinux --hash-style=gnu --as-needed -dynamic-linker /lib/ld.so.1 -pie -o kodi-xrandr /usr/lib/gcc/powerpc-linux-gnu/10/../../../powerpc-linux-gnu/Scrt1.o /usr/lib/gcc/powerpc-linux-gnu/10/../../../powerpc-linux-gnu/crti.o /usr/lib/gcc/powerpc-linux-gnu/10/crtbeginS.o -L/usr/lib/gcc/powerpc-linux-gnu/10 -L/usr/lib/gcc/powerpc-linux-gnu/10/../../../powerpc-linux-gnu -L/usr/lib/gcc/powerpc-linux-gnu/10/../../../../lib -L/lib/powerpc-linux-gnu -L/lib/../lib -L/usr/lib/powerpc-linux-gnu -L/usr/lib/../lib -L/usr/lib/gcc/powerpc-linux-gnu/10/../../.. -z relro -latomic CMakeFiles/kodi-xrandr.dir/xbmc-xrandr.c.o /usr/lib/powerpc-linux-gnu/libX11.so /usr/lib/powerpc-linux-gnu/libXext.so -lm /usr/lib/powerpc-linux-gnu/libXrandr.so -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib/gcc/powerpc-linux-gnu/10/crtendS.o /usr/lib/gcc/powerpc-linux-gnu/10/../../../powerpc-linux-gnu/crtn.o
    Executable: /usr/bin/powerpc-linux-gnu-ld.gold
 Control Group: /user.slice/user-1000.slice/session-1.scope
          Unit: session-1.scope
         Slice: user-1000.slice
       Session: 1
     Owner UID: 1000 (marillat)
       Boot ID: bf7611aa70244104a29b20dfb517d897
    Machine ID: a9ca514759314ba39bd1dcfad4093fcf
      Hostname: fabian.marillat.net
       Storage: /var/lib/systemd/coredump/core.ld\x2egold.1000.bf7611aa70244104a29b20dfb517d897.2504.1609510469000000.zst
       Message: Process 2504 (ld.gold) of user 1000 dumped core.
                
                Stack trace of thread 2504:
                #0  0x00000000008be83c _ZNK12_GLOBAL__N_114Target_powerpcILi32ELb1EE11Branch_info9make_stubEPNS_10Stub_tableILi32ELb1EEES5_PN4gold12Symbol_tableE.lto_priv.0 (powerpc-linux-gnu-ld.gold + 0x8e83c)
                #1  0x0000000000896854 _ZN12_GLOBAL__N_114Target_powerpcILi32ELb1EE8do_relaxEiPKN4gold13Input_objectsEPNS2_12Symbol_tableEPNS2_6LayoutEPKNS2_4TaskE.lto_priv.0 (powerpc-linux-gnu-ld.gold + 0x66854)
                #2  0x0000000000960164 _ZN4gold18Layout_task_runner3runEPNS_9WorkqueueEPKNS_4TaskE (powerpc-linux-gnu-ld.gold + 0x130164)
                #3  0x0000000000917cf4 _ZN4gold13Task_function3runEPNS_9WorkqueueE (powerpc-linux-gnu-ld.gold + 0xe7cf4)
                #4  0x0000000000a25e48 _ZN4gold9Workqueue17find_and_run_taskEi (powerpc-linux-gnu-ld.gold + 0x1f5e48)
                #5  0x000000000085f62c main (powerpc-linux-gnu-ld.gold + 0x2f62c)
                #6  0x00000000001a5ce0 generic_start_main (libc.so.6 + 0x25ce0)
                #7  0x00000000001a5e80 __libc_start_main (libc.so.6 + 0x25e80)

GNU gdb (Debian 10.1-1.5) 10.1
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "powerpc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/powerpc-linux-gnu-ld.gold...
Reading symbols from /usr/lib/debug/.build-id/ff/7d96c8d7422d15e71f1dbb89939a91c6d52ced.debug...

warning: core file may not match specified executable file.
[New LWP 2504]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/powerpc-linux-gnu/libthread_db.so.1".
Core was generated by `/usr/bin/ld.gold --build-id --eh-frame-hdr --secure-plt -m elf32ppclinux --hash'.
Program terminated with signal SIGSEGV, Segmentation fault.
bt
#0  0x008be83c in (anonymous namespace)::Powerpc_relobj<32, true>::st_other (symndx=<optimized out>, this=<optimized out>) at ../../gold/powerpc.cc:389
389	../../gold/powerpc.cc: No such file or directory.
(gdb) bt
#0  0x008be83c in (anonymous namespace)::Powerpc_relobj<32, true>::st_other (symndx=<optimized out>, this=<optimized out>) at ../../gold/powerpc.cc:389
#1  (anonymous namespace)::Target_powerpc<32, true>::Branch_info::make_stub (this=0xeb0688, stub_table=0xe21d50, ifunc_stub_table=<optimized out>, symtab=<optimized out>) at ../../gold/powerpc.cc:3584
#2  0x00896854 in (anonymous namespace)::Target_powerpc<32, true>::do_relax (this=0xda1b40, pass=1, symtab=0xffe1edc0, layout=<optimized out>, task=<optimized out>) at ../../gold/powerpc.cc:3770
#3  0x00960164 in gold::Target::relax (task=0xe0f760, layout=0xffe1eb28, symtab=0xffe1edc0, input_objects=0xffe1f174, pass=1, this=0xda1b40) at ../../gold/target.h:395
#4  gold::Target::relax (task=0xe0f760, layout=0xffe1eb28, symtab=0xffe1edc0, input_objects=0xffe1f174, pass=1, this=0xda1b40) at ../../gold/target.h:388
#5  gold::Layout::finalize (task=0xe0f760, target=0xda1b40, symtab=<optimized out>, input_objects=0xffe1f174, this=0xffe1eb28) at ../../gold/layout.cc:3082
#6  gold::Layout_task_runner::run (this=<optimized out>, workqueue=<optimized out>, task=0xe0f760) at ../../gold/layout.cc:375
#7  0x00917cf4 in gold::Task_function::run (this=<optimized out>, workqueue=<optimized out>) at ../../gold/workqueue.h:178
#8  0x00a25e48 in gold::Workqueue::find_and_run_task (this=0xffe1f1dc, thread_number=0) at ../../gold/workqueue.cc:319
#9  0x0085f62c in gold::Workqueue::process (thread_number=<optimized out>, this=<optimized out>) at ../../gold/workqueue.cc:495
#10 main (argc=<optimized out>, argv=<optimized out>) at ../../gold/main.cc:252
(gdb)

Comment 1 Alan Modra 2021-01-02 11:26:27 UTC

Created attachment 13087 [details]
fix under test

Please try this out.  I don't have an easy way of building kodi myself at the moment.

Comment 2 marillat 2021-01-02 15:10:45 UTC

Comment on attachment 13087 [details]
fix under test

I rebuild binutils with this patch and started to rebuild kodi.
5 or 6 hours are needed to rebuild kodi...

Comment 3 marillat 2021-01-02 18:19:22 UTC

Kodi build fine now.
I'll add a comment to the Debian BTS.

Thank you very much.

Christian

Comment 4 Sourceware Commits 2021-01-03 02:21:48 UTC

The master branch has been updated by Alan Modra <amodra@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e3b53295d59d2e78292eaae4500243dd9e007ae4

commit e3b53295d59d2e78292eaae4500243dd9e007ae4
Author: Alan Modra <amodra@gmail.com>
Date:   Sat Jan 2 21:45:02 2021 +1030

    PR27140, ppc32 segmentation fault in make_stub
    
    This fixes a thinko in commit fa40fbe4849.  st_other global entry bits
    are relevant only for 64-bit ELFv2.  PowerPC gold leaves local sym
    vector of st_other bits as NULL for 32-bit, hence the segfault.
    
            PR 27140
            * powerpc.cc (Target_powerpc::Branch_info::make_stub): Only access
            object->st_other() when 64-bit.
            (Stub_table::add_long_branch_entry): Ignore "other" when 32-bit.

Comment 5 Sourceware Commits 2021-01-03 02:22:35 UTC

The binutils-2_35-branch branch has been updated by Alan Modra <amodra@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f8db4612c51d9980131268a1be06654846d9c8de

commit f8db4612c51d9980131268a1be06654846d9c8de
Author: Alan Modra <amodra@gmail.com>
Date:   Sat Jan 2 21:45:02 2021 +1030

    PR27140, ppc32 segmentation fault in make_stub
    
    This fixes a thinko in commit fa40fbe4849.  st_other global entry bits
    are relevant only for 64-bit ELFv2.  PowerPC gold leaves local sym
    vector of st_other bits as NULL for 32-bit, hence the segfault.
    
            PR 27140
            * powerpc.cc (Target_powerpc::Branch_info::make_stub): Only access
            object->st_other() when 64-bit.
            (Stub_table::add_long_branch_entry): Ignore "other" when 32-bit.
    
    (cherry picked from commit e3b53295d59d2e78292eaae4500243dd9e007ae4)

Comment 6 Alan Modra 2021-01-03 02:23:37 UTC

Fixed