[mips-gnu-discuss] Re: ld.so seg faults on code built with -fpie -pie
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[mips-gnu-discuss] Re: ld.so seg faults on code built with -fpie -pie
- To: mips-gnu-discuss@xxxxxxxxxxxxxxxx
- Subject: [mips-gnu-discuss] Re: ld.so seg faults on code built with -fpie -pie
- From: Jay Foad <jay.foad@xxxxxxxxx>
- Date: Sun, 21 Feb 2010 14:59:11 +0000
> I'm using Sourcery G++ Lite 4.4-57 for MIPS GNU/Linux to build a large
> C application with -fpie -pie. When I try to run it under qemu-mipsel,
> it crashes in ld.so.
>
> objdump -R complains:
>
> BFD: hello(.rel.dyn): relocation 1227 has invalid symbol index 16777215
> BFD: hello(.rel.dyn): relocation 1228 has invalid symbol index 16777215
> [...]
>
> objdump -j .rel.dyn -s shows:
>
> Contents of section .rel.dyn:
> 83ac 00000000 00000000 e8d31000 03000000 ................
> 83bc ecd31000 03000000 f0d31000 03000000 ................
> [...]
> a49c f8e31000 031a0100 00e41000 031a0100 ................
> a4ac 08e41000 031a0100 10e41000 031a0100 ................
> [...]
> a9fc 8ced1000 03170300 e0df1000 03ffffff ................
> aa0c ecdf1000 03ffffff 00e01000 03ffffff ................
>
> So the relocations are all R_MIPS_REL32. First there are some with
> symbol table index 0, then some with normal symbol table indexes, and
> then some with index 0xffffff.
>
> ld.so (elf_dynamic_do_rel() in elf/do-rel.h) tries to interpret
> 0xffffff as a normal symbol table index, and ends up reading way off
> the end of some of its tables, hence the seg fault.
>
> Is it valid to have a symbol table index of 0xffffff like this?
Apparently not. It looks like this is a binutils bug:
http://sourceware.org/bugzilla/show_bug.cgi?id=10858
There's a patch attached to the bug, which the Debian folks have
applied, but it's still not fixed in the upstream binutils sources.
Thanks,
Jay.