[Bug ld/32896] New: GNU ld does not enforce PT_TLS segment p_offset/p_vaddr congruity with p_align

Tue, 22 Apr 2025 07:28:54 -0700 

https://sourceware.org/bugzilla/show_bug.cgi?id=32896

            Bug ID: 32896
           Summary: GNU ld does not enforce PT_TLS segment
                    p_offset/p_vaddr congruity with p_align
           Product: binutils
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: ld
          Assignee: unassigned at sourceware dot org
          Reporter: mmalcomson at nvidia dot com
  Target Milestone: ---

Created attachment 16040
  --> https://sourceware.org/bugzilla/attachment.cgi?id=16040&action=edit
Testcase for the problem

With the below testcase, ld creates a binary whose PT_TLS section that does not
satisfy the alignment requirements of:
   p_offset % p_align == p_vaddr % p_align

Similar to https://sourceware.org/bugzilla/show_bug.cgi?id=25662 this does not
trigger any problem when running directly, but when editing the binary with
another tool that expects this property to hold the interaction is problematic.

In our case we had an executable that was edited with `patchelf` and the
problematic interaction ended up creating a binary which indexed its TLS data
in
the wrong place causing a segfault when running the binary.

It looks like there is nothing directly ensuring that the PT_TLS segment is
correctly aligned -- the segment just seems to have its file position
determined
according to the alignment PT_LOAD segment that contains it and the size of the
sections within that segment before the TLS sections.
Is that correct?

Build and test instructions for the testcase attached:

    vshcmd: > as misaligned-testcase.s -o misaligned-testcase.o
    vshcmd: > ld misaligned-testcase.o -o misaligned-testcase
    vshcmd: > readelf --segments --wide misaligned-testcase \
    vshcmd: >   | grep -E '(^Program|VirtAddr|TLS)'
    tls-segfault [15:23:17] $ tls-segfault [15:23:17] $ > Program Headers:
      Type           Offset   VirtAddr           PhysAddr           FileSiz 
MemSiz   Flg Align
      TLS            0x000fff 0x0000000000402000 0x0000000000402000 0x000000
0x000004 R   0x4
    tls-segfault [15:23:17] $ 

>From what I can see this behaviour has been around in many GNU ld versions.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Reply via email to