Bug 1520805

Summary: kexec-tools build Segmentation fault
Product: [Fedora] Fedora Reporter: Dave Young <ruyang>
Component: binutilsAssignee: Nick Clifton <nickc>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 28CC: aoliva, dvlasenk, fweimer, jakub, kdump-team-bugs, nickc
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: binutils-2.29-9.fc27 binutils-2.29.1-8.fc28 binutils-2.29-13.fc27 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-03-13 23:17:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
purgatory.ro.sym none

Description Dave Young 2017-12-05 08:06:00 UTC 
Description of problem:

with below CFLAGS, kexec-tools can not build:
--specs=/usr/lib/rpm/redhat/redhat-annobin-cc1

segfault happened while strip the purgatory:

gcc -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches  -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fno-strict-aliasing -Wall -Wstrict-prototypes -fno-zero-initialized-in-bss -mcmodel=large -Os -fno-builtin -ffreestanding -fno-zero-initialized-in-bss -fno-PIC -fno-PIE -fno-stack-protector -mcmodel=large -Wl,--no-undefined -nostartfiles -nostdlib -nodefaultlibs -e purgatory_start -r -Wl,-Map=purgatory/purgatory.map -o purgatory/purgatory.ro.sym purgatory/purgatory.o purgatory/printf.o purgatory/string.o purgatory/arch/x86_64/entry64-32.o purgatory/arch/x86_64/entry64.o purgatory/arch/x86_64/setup-x86_64.o purgatory/arch/x86_64/stack.o purgatory/arch/x86_64/purgatory-x86_64.o purgatory/arch/i386/entry32-16.o purgatory/arch/i386/entry32-16-debug.o purgatory/arch/i386/crashdump_backup.o purgatory/arch/i386/console-x86.o purgatory/arch/i386/vga.o purgatory/arch/i386/pic.o purgatory/sha256.o
strip --strip-debug -o purgatory/purgatory.ro purgatory/purgatory.ro.sym
make: *** [purgatory/Makefile:69: purgatory/purgatory.ro] Segmentation fault (core dumped)

koji build link:
https://kojipkgs.fedoraproject.org//work/tasks/6067/23536067/build.log

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Dave Young 2017-12-05 08:07:32 UTC 
For any info about kexec-tools please let me know..
Comment 2 Florian Weimer 2017-12-05 08:42:50 UTC 
Backtrace:

(gdb) r
Starting program: /usr/bin/strip --strip-debug -o foo purgatory.ro.sym
Missing separate debuginfos, use: dnf debuginfo-install glibc-2.26.9000-28.fc28.x86_64

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7ae3b36 in bfd_elf64_write_relocs (abfd=0x5555557960e0, 
    sec=0x555555797c50, data=0x7fffffffe2b4) at elfcode.h:962
962	      src_rela.r_info = ELF_R_INFO (n, ptr->howto->type);
(gdb) bt full
#0  0x00007ffff7ae3b36 in bfd_elf64_write_relocs (abfd=0x5555557960e0, 
    sec=0x555555797c50, data=0x7fffffffe2b4) at elfcode.h:962
        src_rela = {r_offset = 220, r_info = 4294967297, r_addend = 0}
        ptr = 0x555555794f28
        sym = 0x55555579b550
        n = <optimized out>
        failedp = 0x7fffffffe2b4
        rela_hdr = <optimized out>
        extsize = 24
        dst_rela = 0x5555557aa2c8 ""
        last_sym_idx = 1
        addr_offset = 0
        swap_out = 0x7ffff7ae2760 <bfd_elf64_swap_reloca_out>
        idx = 1
        last_sym = 0x55555579b550
        sec = 0x555555797c50
        data = 0x7fffffffe2b4
        abfd = 0x5555557960e0
        failedp = 0x7fffffffe2b4
#1  0x00007ffff7acf28c in bfd_map_over_sections (
    abfd=abfd@entry=0x5555557960e0, 
    operation=0x7ffff7ae39d0 <bfd_elf64_write_relocs>, 
    user_storage=user_storage@entry=0x7fffffffe2b4) at section.c:1398
        sect = 0x555555797c50
        i = 8
        __PRETTY_FUNCTION__ = "bfd_map_over_sections"
#2  0x00007ffff7aeef7d in _bfd_elf_write_object_contents (
    abfd=0x5555557960e0) at elf.c:6308
        bed = 0x7ffff7dcf900 <elf64_bed>
        i_shdrp = 0x555555799690
        failed = 0
        count = <optimized out>
        num_sec = <optimized out>
        t = <optimized out>
#3  0x00007ffff7acc65a in bfd_close (abfd=0x5555557960e0) at opncls.c:731
No locals.
#4  0x0000555555561b06 in copy_file (
    input_filename=0x7fffffffe80b "purgatory.ro.sym", 
    output_filename=0x7fffffffe807 "foo", input_target=<optimized out>, 
    output_target=<optimized out>, input_arch=0x0) at objcopy.c:3366
        obfd = 0x5555557960e0
        ibfd = 0x55555578f210
        obj_matching = 0x0
        core_matching = 0x15323294
        size = <optimized out>
#5  0x000055555555ba56 in strip_main (argv=<optimized out>, 
    argc=<optimized out>) at objcopy.c:4284
        hold_status = 0
        statbuf = {st_dev = 140737354132056, st_ino = 0, st_nlink = 0, 
          st_mode = 0, st_uid = 0, st_gid = 4294967295, __pad0 = 0, 
          st_rdev = 0, st_size = 140737354113640, 
          st_blksize = 140737354131152, st_blocks = 0, st_atim = {
            tv_sec = 0, tv_nsec = 0}, st_mtim = {tv_sec = 0, 
            tv_nsec = 0}, st_ctim = {tv_sec = 0, tv_nsec = 0}, 
          __glibc_reserved = {15774463, 194, 140737488348294}}
        tmpname = 0x7fffffffe807 "foo"
        input_target = 0x0
        output_target = 0x0
        show_version = <optimized out>
        c = <optimized out>
        i = <optimized out>
        formats_info = <optimized out>
        output_file = 0x7fffffffe807 "foo"
#6  main (argc=<optimized out>, argv=<optimized out>) at objcopy.c:5391
No locals.
(gdb)
Comment 3 Florian Weimer 2017-12-05 08:43:50 UTC 
Created attachment 1363064 [details]
purgatory.ro.sym

ELF file reproducing the crash
Comment 4 Florian Weimer 2017-12-05 08:45:25 UTC 
A segmentation fault in strip is a binutils bug, first and foremost.
Comment 5 Dave Young 2017-12-07 02:51:08 UTC 
Nick, can you please have a look?
Comment 6 Nick Clifton 2017-12-07 14:35:05 UTC 
Hi Dave,

> Nick, can you please have a look?

Looking at it now.  It is a generic bug - ie it also exists in the current FSF
sources.

I think that the problem is connected with strip removing the relocs for the 
notes generated by the annobin plugin.  But I am not sure, yet, why it is
happening.

Cheers
  Nick
Comment 7 Nick Clifton 2017-12-07 15:12:42 UTC 
Hi Dave,

  The bug is in the note merging code in the strip/objcopy sources.  I am
  working on a fix, but in the meantime you can workaround the problem by
  adding the --no-merge-notes option to the strip command line.  IE:

  strip --strip-debug --no-merge-notes -o purgatory/purgatory.ro purgatory/purgatory.ro.sym

Cheers
  Nick
Comment 8 Dave Young 2017-12-08 01:00:31 UTC 
Nick,

Great, will go with the workaround now, thanks!

Dave
Comment 9 Nick Clifton 2017-12-08 10:12:51 UTC 
    Hi Dave,

      Right - I have found the problem.  It was actually the reloc stripping code in objcopy/strip that was the problem.  I have created a patch and applied it to the FSF sources and rawhide/F27.  So please try either of these, and let me know if you have any further problems:

    binutils-2.29-9.fc27
    binutils-2.29.1-7.fc28

    Cheers
      Nick
Comment 10 Dave Young 2017-12-20 07:02:36 UTC 
Hi Nick,

binutils-2.29.1-9.fc28 works for me, but seems 2.29.1-7 does not work.

Thanks
Dave
Comment 11 Nick Clifton 2017-12-20 08:24:44 UTC 
Hi Dave,

  Ah yes - a snafu on my end - I updated the release number for the rawhide
  rpm but failed to actually check in the patch that fixes the problem.  Doh.

  It should now be really fixed in 2.29.1-8...

Cheers
  Nick
Comment 12 Fedora End Of Life 2018-02-20 15:32:09 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 28 development cycle.
Changing version to '28'.
Comment 13 Fedora Update System 2018-03-08 14:21:05 UTC 
binutils-2.29-13.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2018-1e994c659e
Comment 14 Fedora Update System 2018-03-08 16:24:28 UTC 
binutils-2.29-13.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-1e994c659e
Comment 15 Fedora Update System 2018-03-13 23:17:55 UTC 
binutils-2.29-13.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.