bug-binutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug ld/30787] New: DT_JMPREL/DT_PLTRELSZ incorrect when PLT and REL/REL

From: peadar at arista dot com
Subject: [Bug ld/30787] New: DT_JMPREL/DT_PLTRELSZ incorrect when PLT and REL/RELA relocations share an ELF output section
Date: Tue, 22 Aug 2023 20:00:11 +0000 
https://sourceware.org/bugzilla/show_bug.cgi?id=30787

            Bug ID: 30787
           Summary: DT_JMPREL/DT_PLTRELSZ incorrect when PLT and REL/RELA
                    relocations share an ELF output section
           Product: binutils
           Version: 2.42 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: ld
          Assignee: unassigned at sourceware dot org
          Reporter: peadar at arista dot com
  Target Milestone: ---

Created attachment 15080
  --> https://sourceware.org/bugzilla/attachment.cgi?id=15080&action=edit
Reproduce problem

By default, PLT and standard REL/RELA relocations end up in .rel[a].plt and
.rel[a].dyn

However, there's no requirement that the different relocations will be output
in separate ELF sections, as far as I can gather.

The output of these fields currently just emits the VMA of the output section
and the size of that output section for DT_JMPREL and DT_PLTRELSZ dynamic
entries. In the case that there are other relocations in the section, this
means that some relocations can be processed multiple times.

For x86_64, this looks like it's generally idempotent, but on i686, we can get
double-processing of R_386_RELATIVE relocations, which use the previous
resolution as the offset for the second one. 

This seems to be a regression introduced by
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=9577f60b5a1 

Easy repro in attached repro.tar.gz, suggested fix in patch.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]