segfaults in _dl_fixup since 4af6982

Adhemerval Zanella adhemerval.zanella@linaro.org
Wed Oct 13 11:56:31 GMT 2021 


On 13/10/2021 08:44, Adhemerval Zanella wrote:
> 
> 
> On 13/10/2021 07:58, Adhemerval Zanella wrote:
>>
>>
>>> On 13 Oct 2021, at 06:19, Szabolcs Nagy <szabolcs.nagy@arm.com> wrote:
>>>
>>> The 10/13/2021 08:42, Manuel Lauss via Libc-alpha wrote:
>>>> [resend with libc-alpha]
>>>> Hi Adhemerval,
>>>>
>>>> Your recent commit 4af6982e4c9fc465ffb7a54b794aaaa134241f05 ("elf: Fix
>>>> elf_get_dynamic_info definition")  causes a lot (but not all) of my
>>>> applications
>>>> to segfault:
>>>>
>>>> Program received signal SIGSEGV, Segmentation fault.
>>>> _dl_fixup (l=<optimized out>, reloc_arg=<optimized out>) at dl-runtime.c:146
>>>> 146       return elf_machine_fixup_plt (l, result, refsym, sym, reloc,
>>>> rel_addr, value);
>>>> (gdb) bt
>>>> #0  _dl_fixup (l=<optimized out>, reloc_arg=<optimized out>) at dl-runtime.c:146
>>>> #1  0x00007ffff7fe251a in _dl_runtime_resolve_xsavec () at
>>>> ../sysdeps/x86_64/dl-trampoline.h:126
>>>> #2  0x000055555555634e in main (argc=1, argv=0x7fffffffd568) at
>>>> iconvconfig.c:288
>>>>
>>>> Reverting the commit fixes the problem. Gcc, python, etc seem to be
>>>> not affected, while for example iconvconfig and openssh are.
>>>
>>> on aarch64 buildbot i see
>>>
>>> FAIL: nptl/test-cond-printers
>>> FAIL: nptl/test-condattr-printers
>>> FAIL: nptl/test-mutex-printers
>>> FAIL: nptl/test-mutexattr-printers
>>> FAIL: nptl/test-rwlock-printers
>>> FAIL: nptl/test-rwlockattr-printers
>>>
>>> and
>>>
>>> $ cat nptl/test-cond-printers.out
>>> Error: Response does not match the expected pattern.
>>> Command: start
>>> Expected pattern: main
>>> Response:  Temporary breakpoint 1 at 0xac4: file test-cond-printers.c, line 36.
>>> Starting program: /work/glibc-aarch64-linux/build/build/nptl/test-cond-printers
>>>
>>> Program received signal SIGSEGV, Segmentation fault.
>>> _dl_fixup (l=<optimized out>, reloc_arg=<optimized out>) at dl-runtime.c:146
>>> 146       return elf_machine_fixup_plt (l, result, refsym, sym, reloc, rel_addr, value);
>>> (gdb)
>>>
>>>
>>> it seems to be a bind-now pie where PLT relocs are not yet
>>> processed when __libc_start_main is called but PLTGOT is
>>> already marked readonly so _dl_fixup crashes.
>>
>> I will check this out.
>>
> 
> I am trying to reproduce it on aarch64-linux-gnu without much success (using
> gcc 11.1.1 20210702 and ld 2.36.1.20210702). Neither ssh or iconvconfig fails
> when running through the built glibc (using ubuntu 21.04 one).
> 
> Any idea on how to reproduce it?
> 

Sigh... I think this is another fallback of RTLD_BOOTSTRAP.  I fixed the
elf_get_dynamic_info(), but there are lot of more usage that changes
the semantic of the nested functions (specifically on elf/do-rel.h
and dl-machine.h).

I will try to fix, I think we should define RTLD_BOOTSTRAP before the
fist dynamic-link.h in rtld.

More information about the Libc-alpha mailing list