[Bug ld/31148] New: Segmentation fault in bfd/elf32-hppa.c

[danglin at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=31148

            Bug ID: 31148
           Summary: Segmentation fault in bfd/elf32-hppa.c
           Product: binutils
           Version: 2.42 (HEAD)
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ld
          Assignee: unassigned at sourceware dot org
          Reporter: danglin at gcc dot gnu.org
  Target Milestone: ---

Executing on host: sh -c {gcc -B/home/dave/gnu/binutils/objdir/ld/tmpdir/ld/  
-
L=/home/dave/opt/test/hppa-unknown-linux-gnu/lib -L=/home/dave/opt/test/lib
-L=/
usr/local/lib -L=/lib -L=/usr/lib  -o tmpdir/vp.so -shared -Wl,-z,notext
-Wl,--c
ompress-debug-sections=zlib-gabi tmpdir/sh1p.o tmpdir/sh2p.o 2>&1}  /dev/null
ld
.tmp (timeout = 300)
spawn [open ...]
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`visi
bility_checkfunptr':
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:216:(.text+0x194):
undefin
ed reference to `visibility'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`visi
bility_check':
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:221:(.text+0x1b8):
undefin
ed reference to `visibility'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`visi
bility_checkvarptr':
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:277:(.text+0x1e4):
undefin
ed reference to `visibility_var'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new:
/home/dave/gnu/binutils/src/ld/t
estsuite/ld-vsb/sh1.c:277:(.text+0x1e8): undefined reference to
`visibility_var'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`visi
bility_checkvar':
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:282:(.text+0x1fc):
undefin
ed reference to `visibility_var'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new:
/home/dave/gnu/binutils/src/ld/t
estsuite/ld-vsb/sh1.c:282:(.text+0x200): undefined reference to
`visibility_var'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`visi
bility_varptr':
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:303:(.text+0x214):
undefin
ed reference to `visibility_var'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new:
tmpdir/sh1p.o:/home/dave/gnu/bin
utils/src/ld/testsuite/ld-vsb/sh1.c:304: more undefined references to
`visibilit
y_var' follow
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`.LC9
':
sh1.c:(.data.rel.ro+0x10): undefined reference to `visibility'
collect2: fatal error: ld terminated with signal 11 [Segmentation fault], core
dumped
compilation terminated.
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`visibility_checkfunptr':
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:216:(.text+0x194):
undefined reference to `visibility'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`visibility_check':
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:221:(.text+0x1b8):
undefined reference to `visibility'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`visibility_checkvarptr':
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:277:(.text+0x1e4):
undefined reference to `visibility_var'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new:
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:277:(.text+0x1e8):
undefined reference to `visibility_var'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`visibility_checkvar':
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:282:(.text+0x1fc):
undefined reference to `visibility_var'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new:
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:282:(.text+0x200):
undefined reference to `visibility_var'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`visibility_varptr':
/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:303:(.text+0x214):
undefined reference to `visibility_var'
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new:
tmpdir/sh1p.o:/home/dave/gnu/binutils/src/ld/testsuite/ld-vsb/sh1.c:304: more
undefined references to `visibility_var' follow
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new: tmpdir/sh1p.o: in function
`.LC9':
sh1.c:(.data.rel.ro+0x10): undefined reference to `visibility'
collect2: fatal error: ld terminated with signal 11 [Segmentation fault], core
dumped
compilation terminated.
PASS: visibility (hidden_undef)

dave@mx3210:~/gnu/binutils/objdir$ gdb -c ./ld/core
/home/dave/gnu/binutils/objdir/ld/.libs/ld-new
GNU gdb (Debian 13.2-1) 13.2
Copyright (C) 2023 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "hppa-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /home/dave/gnu/binutils/objdir/ld/.libs/ld-new...
[New LWP 17049]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/hppa-linux-gnu/libthread_db.so.1".
Core was generated by `/home/dave/gnu/binutils/objdir/ld/.libs/ld-new -plugin
/usr/libexec/gcc/hppa-li'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0xf8c25a64 in elf32_hppa_finish_dynamic_symbol (output_bfd=0xa5a70,
--Type <RET> for more, q to quit, c to continue without paging--
    info=<optimized out>, eh=0xa8568, sym=0xfa8adc5c)
    at ../../src/bfd/elf32-hppa.c:4224
4224                                   +
eh->root.u.def.section->output_section->vma);
(gdb) p eh->root.type
$1 = bfd_link_hash_undefined
(gdb) p eh->root.u.def.section->output_section
$2 = (struct bfd_section *) 0x0

The segmentation fault occurs in this code hunk:

          /* If this is a -Bsymbolic link and the symbol is defined
             locally or was forced to be local because of a version
             file, we just want to emit a RELATIVE reloc.  The entry
             in the global offset table will already have been
             initialized in the relocate_section function.  */
          if (!is_dyn)
            {
              rela.r_info = ELF32_R_INFO (0, R_PARISC_DIR32);
              rela.r_addend = (eh->root.u.def.value
                               + eh->root.u.def.section->output_offset
                               + eh->root.u.def.section->output_section->vma);
            }
          else
            {
              if ((eh->got.offset & 1) != 0)
                abort ();

              bfd_put_32 (output_bfd, 0,
                          htab->etab.sgot->contents + (eh->got.offset & ~1));
              rela.r_info = ELF32_R_INFO (eh->dynindx, R_PARISC_DIR32);
              rela.r_addend = 0;
            }

It appears we need to check either eh->root.type or
eh->root.u.def.section->output_section to avoid fault accessing
eh->root.u.def.section->output_section->vma?

Didn't pay attention to this before as test passes even with segmentation
fault.

-- 
You are receiving this mail because:
You are on the CC list for the bug.