Bug 712166

Summary: [abrt] binutils-2.20.51.0.7-8.fc14: __mempcpy_sse2: Process /usr/bin/ld.bfd was killed by signal 11 (SIGSEGV)
Product: [Fedora] Fedora Reporter: John Reiser <jreiser>
Component: binutilsAssignee: Nick Clifton <nickc>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 14CC: jakub, jreiser, nickc
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard: abrt_hash:bc23071d75689594d3c87abb5085cf3dcd7799b9
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-06-10 14:58:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace
none
custom loader script "foo.lds" none

Description John Reiser 2011-06-09 16:52:59 UTC 
abrt version: 1.1.18
architecture: x86_64
Attached file: backtrace, 19242 bytes
cmdline: ld -m elf_i386 --script foo.lds hello.o -lc
component: binutils
Attached file: coredump, 2838528 bytes
crash_function: __mempcpy_sse2
executable: /usr/bin/ld.bfd
kernel: 2.6.35.13-91.fc14.x86_64
package: binutils-2.20.51.0.7-8.fc14
rating: 4
reason: Process /usr/bin/ld.bfd was killed by signal 11 (SIGSEGV)
release: Fedora release 14 (Laughlin)
time: 1307638218
uid: 500

How to reproduce
-----
1. Custom loader script, based on default script; will attach to BZ report if I can.
2.
3.
Comment 1 John Reiser 2011-06-09 16:53:01 UTC 
Created attachment 503941 [details]
File: backtrace
Comment 2 John Reiser 2011-06-09 16:56:21 UTC 
Created attachment 503942 [details]
custom loader script "foo.lds"

Customer linker script foo.lds was created by modifying the default script that was generated by "ld -m elf_i386 --verbose".
Comment 3 John Reiser 2011-06-10 03:14:47 UTC 
Package: binutils-2.20.51.0.7-8.fc14
Architecture: x86_64
OS Release: Fedora release 14 (Laughlin)


How to reproduce
-----
1. custom linker script
2.
3.
Comment 4 John Reiser 2011-06-10 03:28:41 UTC 
One of the instances of this crash is associated with statement order in SECTIONS.

The order:
  .note.gnu.build-id : { *(.note.gnu.build-id) } :note :text
  .interp         : { *(.interp) } :interp :text
works.

The reverse order:
  .interp         : { *(.interp) } :interp :text
  .note.gnu.build-id : { *(.note.gnu.build-id) } :note :text
crashes.
Comment 5 John Reiser 2011-06-10 03:32:39 UTC 
(In reply to comment #4)
> The order:
>   .note.gnu.build-id : { *(.note.gnu.build-id) } :note :text
>   .interp         : { *(.interp) } :interp :text
> works.
> 
> The reverse order:
>   .interp         : { *(.interp) } :interp :text
>   .note.gnu.build-id : { *(.note.gnu.build-id) } :note :text
> crashes.

Both orders work when the _next_ statement is
  .hash           : { *(.hash) } :text
instead of
  .hash           : { *(.hash) }
with no ":text" on the end.
Comment 6 Nick Clifton 2011-06-10 14:58:31 UTC 
Hi John,

  The underlying problem here is that your custom linker script is broken - it is using the ":note" syntax to assign the .note.gnu.build-id section to the "note" segment, but then it is not resetting the segment assignment for the sections that follow.  So they are all also put into the "note" segment as well, which changes their behaviour and generally breaks things.  As you noted adding ":text" to the .hash section assignment fixes this.

  The linker itself should not seg-fault upon such occurrence however, so I have applied a patch to the F14 and F15 binutils releases to fix this:

  binutils-2.20.51.0.7-9.fc14
  binutils-2.21.51.0.6-4.fc15

The patch is a slimmed down version of a larger patch that I have applied to the FSF binutils sources: http://sources.redhat.com/ml/binutils/2011-06/msg00142.html
I have not applied a patch to the rawhide version of binutils since the FSF version will appear in the next release of H.J.'s binutils tarball.

Cheers
  Nick