[Bug ld/32896] GNU ld does not enforce PT_TLS segment p_offset/p_vaddr congruity with p_align

Mon, 28 Apr 2025 06:11:30 -0700 

https://sourceware.org/bugzilla/show_bug.cgi?id=32896

--- Comment #5 from Matthew Malcomson <mmalcomson at nvidia dot com> ---
I think that this proposed patch could allow putting the PT_TLS segment offset
past the end of the file (that I think was a problem in
https://sourceware.org/bugzilla/show_bug.cgi?id=12921 ).

This because it doesn't adjust the `off` that indicates position into the file.

Very artificial testcase below showing this as a possibility (with the proposed
patch applied).


vshcmd: > cat tbss-outside-file.s
    # Testcase to stress-test the patch that H. J. Lu suggested.
        .section        .gcc_except_table,"aw",@progbits
    .align 4
        .ascii "Odd number of chars"

        .section        .tbss,"awT",@nobits
        .align 10
        .type   abc, @object
        .size   abc, 4
abc:
        .zero   4

        .text
        .global _start
_start:
tls-segfault [11:33:10] $ 
vshcmd: > ../build-aarch64-none-linux-gnu/install/bin/aarch64-none-linux-gnu-as
\
vshcmd: >   tbss-outside-file.s -o tbss-outside-file.o
vshcmd: > ../build-aarch64-none-linux-gnu/install/bin/aarch64-none-linux-gnu-ld
\
vshcmd: >   tbss-outside-file.o -o tbss-outside-file
vshcmd: >
../build-aarch64-none-linux-gnu/install/bin/aarch64-none-linux-gnu-readelf
--segments --wide tbss-outside-file \
vshcmd: >   | grep -E '(^Program|VirtAddr|TLS)'
vshcmd: >
../build-aarch64-none-linux-gnu/install/bin/aarch64-none-linux-gnu-readelf
--segments --wide tbss-outside-file
> tls-segfault [11:33:18] $ > tls-segfault [11:33:18] $ > Program Headers:
  Type           Offset   VirtAddr           PhysAddr           FileSiz  MemSiz
  Flg Align
  TLS            0x010400 0x0000000000410400 0x0000000000410400 0x000000
0x000004 R   0x400
tls-segfault [11:33:18] $ 
Elf file type is EXEC (Executable file)
Entry point 0x4000e8
There are 3 program headers, starting at offset 64

Program Headers:
  Type           Offset   VirtAddr           PhysAddr           FileSiz  MemSiz
  Flg Align
  LOAD           0x000000 0x0000000000400000 0x0000000000400000 0x010013
0x010013 RW  0x10000
  TLS            0x010400 0x0000000000410400 0x0000000000410400 0x000000
0x000004 R   0x400
  GNU_RELRO      0x010000 0x0000000000410000 0x0000000000410000 0x000013
0x010000 R   0x1

 Section to Segment mapping:
  Segment Sections...
   00     .gcc_except_table 
   01     .tbss 
   02     .gcc_except_table 
tls-segfault [11:33:18] $ 
vshcmd: > # Seems like this could trigger the same problem as was seen in issue
vshcmd: > # 12921 https://sourceware.org/bugzilla/show_bug.cgi?id=12921#c6
vshcmd: > du --bytes tbss-outside-file \
vshcmd: >   | python3 -c 'import sys; a = sys.stdin.readline().split();
print(hex(int(a[0])), a[1])'
> 0x103d0 tbss-outside-file
tls-segfault [11:33:20] $

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Reply via email to