[Bug ld/33199] New: SEGV in _bfd_x86_elf_create_sframe_plt

Wed, 23 Jul 2025 04:10:33 -0700 

https://sourceware.org/bugzilla/show_bug.cgi?id=33199

            Bug ID: 33199
           Summary: SEGV in _bfd_x86_elf_create_sframe_plt
           Product: binutils
           Version: 2.46 (HEAD)
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ld
          Assignee: unassigned at sourceware dot org
          Reporter: ro at gcc dot gnu.org
                CC: jpoimboe at redhat dot com
  Target Milestone: ---
            Target: amd64-pc-solaris2.11

On 64-bit Solaris/x86, 3 ld tests FAIL:

FAIL: LTO 4a
FAIL: LTO 4c
FAIL: LTO 4d

The failure is always the same:

collect2: fatal error: ld terminated with signal 11 [Segmentation Fault]
compilation terminated.

I could reproduce the failure with a way smaller testcase derived from LTO 4a:

$ ./ld-new -m elf_x86_64_sol2 -o tmpdir/lto-4a.exe /usr/lib/amd64/crt1.o
tmpdir/lto-4r-a.o tmpdir/dummy.o -lc

ld SEGVs here:

Thread 2 received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1 (LWP 1)]
0x0000000000456106 in _bfd_x86_elf_create_sframe_plt (
    plt_sec_type=plt_sec_type@entry=1, info=0x95ada0 <link_info>, 
    output_bfd=0x963de0)
    at /vol/src/gnu/binutils/hg/master/local/bfd/elfxx-x86.c:1848
1848              plt0_entry_size
(gdb) bt
#0  0x0000000000456106 in _bfd_x86_elf_create_sframe_plt (
    plt_sec_type=plt_sec_type@entry=1, info=0x95ada0 <link_info>, 
    output_bfd=0x963de0)
    at /vol/src/gnu/binutils/hg/master/local/bfd/elfxx-x86.c:1848
#1  0x0000000000457bb5 in _bfd_x86_elf_late_size_sections (
    output_bfd=<optimized out>, info=0x95ada0 <link_info>)
    at /vol/src/gnu/binutils/hg/master/local/bfd/elfxx-x86.c:2515
#2  0x0000000000487367 in bfd_elf_size_dynamic_sections (
    output_bfd=<optimized out>, soname=<optimized out>, rpath=rpath@entry=0x0, 
    filter_shlib=<optimized out>, audit=<optimized out>, 
    depaudit=<optimized out>, auxiliary_filters=<optimized out>, 
    info=<optimized out>, sinterpptr=<optimized out>)
    at /vol/src/gnu/binutils/hg/master/local/bfd/elflink.c:7725
#3  0x000000000043274f in ldelf_before_allocation (audit=0x95b3e8 <audit>, 
    depaudit=0x95b3e0 <depaudit>, 
    default_interpreter_name=0x592b0c "/lib/amd64/ld.so.1")
    at /vol/src/gnu/binutils/hg/master/local/ld/ldelf.c:1840
#4  0x00000000004198f8 in lang_process ()
    at /vol/src/gnu/binutils/hg/master/local/ld/ldlang.c:8626
#5  0x0000000000403edb in main (argc=<optimized out>, argv=<optimized out>)
    at /vol/src/gnu/binutils/hg/master/local/ld/ldmain.c:882

htab->plt.has_plt0 is 1 at this point, while htab->sframe_plt is NULL, which
causes the SEGV.

The code in question was introduced in

commit 938fb512184d90d24b86c42ef53ef33c943cbe8b
Author: Josh Poimboeuf <[email protected]>
Date:   Fri Nov 1 15:36:03 2024 -0700

    ld: fix wrong SFrame info for lazy IBT PLT

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Reply via email to