Bug 27652 - OpenRISC: PLT got offset overflow in big binaries
Summary: OpenRISC: PLT got offset overflow in big binaries
Status: NEW
Alias: None
Product: binutils
Classification: Unclassified
Component: ld (show other bugs)
Version: 2.35
: P2 normal
Target Milestone: ---
Assignee: Stafford Horne
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-03-26 00:27 UTC by Stafford Horne
Modified: 2022-06-22 06:29 UTC (History)
2 users (show)

See Also:
Host:
Target: or1k-*-*
Build:
Last reconfirmed:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stafford Horne 2021-03-26 00:27:13 UTC
As discussed in Bug 21464

When creating the PLT in or1k_elf_finish_dynamic_symbol the plt_reloc address may have a 16-bit overflow in the l.ori instruction the overflow is not checked, and creates binaries that will crash during runtime symbol lookup.

This was found via a glibc test failure:

FAIL: nptl/tst-audit-threads - works with LD_BIND_NOW=1, fails because PLT is too large and overruns instruction 16-bit immediate.

.plt

   75e70:       19 80 00 0b     l.movhi r12,0xb
   75e74:       85 8c 95 64     l.lwz r12,-27292(r12)
   75e78:       44 00 60 00     l.jr r12
   75e7c:       a9 60 ff f0     l.ori r11,r0,0xfff0

   75e80:       19 80 00 0b     l.movhi r12,0xb
   75e84:       85 8c 95 68     l.lwz r12,-27288(r12)
   75e88:       44 00 60 00     l.jr r12
   75e8c:       a9 60 ff fc     l.ori r11,r0,0xfffc

   75e90:       19 80 00 0b     l.movhi r12,0xb
   75e94:       85 8c 95 6c     l.lwz r12,-27284(r12)
   75e98:       44 00 60 00     l.jr r12
   75e9c:       a9 61 00 08     l.ori r11,r1,0x8    < r0 changed to r1 from overflow