Re: segfault in ld.elf_so

To: Thomas Klausner <wiz%netbsd.org@localhost>
Subject: Re: segfault in ld.elf_so
From: RVP <rvp%SDF.ORG@localhost>
Date: Thu, 5 Feb 2026 06:43:12 +0000 (UTC)

On Wed, 4 Feb 2026, Thomas Klausner wrote:

On Fri, Jan 30, 2026 at 11:44:47PM +0100, RVP wrote:

2. Run the program with the new ld.elf_so and collect the (copious) debug
   output.


It's not that much, really:
[...]
[1]   Segmentation fault (core dumped) /tmp/wip/webkit-gtk/work/webkitgtk-2.50.4/tmp-...


No, there should be a lot more debug output--esp. the reloc. stuff.
Uncomment: `-DDEBUG', `-DRTLD_DEBUG' and `-DRTLD_DEBUG_RELOC'.

3. Run `readelf -Wa' on the program and the library it is crashing on when
   doing the PLT reloc. (if, indeed, it's crashing fixing up a library rather
   than the executable).


This is more, yes:
[...]
Program Headers:
 Type           Offset   VirtAddr           PhysAddr           FileSiz  MemSiz   Flg Align
 PHDR           0x000040 0x0000000000400040 0x0000000000400040 0x0001f8 0x0001f8 R   0x8
 INTERP         0x000238 0x0000000000400238 0x0000000000400238 0x000017 0x000017 R   0x1
     [Requesting program interpreter: /usr/libexec/ld.elf_so]
 LOAD           0x000000 0x0000000000400000 0x0000000000400000 0x004538 0x004538 R   0x1000
 LOAD           0x005000 0x0000000000405000 0x0000000000405000 0x00248e 0x00248e R E 0x1000
 LOAD           0x008000 0x0000000000408000 0x0000000000408000 0x000a7c 0x000a7c R   0x1000
 LOAD           0x009000 0x0000000000409000 0x0000000000409000 0x000940 0x000988 RW  0x1000
 DYNAMIC        0x009028 0x0000000000409028 0x0000000000409028 0x000290 0x000290 RW  0x8
 NOTE           0x000250 0x0000000000400250 0x0000000000400250 0x00002c 0x00002c R   0x4
 GNU_EH_FRAME   0x0087a8 0x00000000004087a8 0x00000000004087a8 0x00008c 0x00008c R   0x4


This is puzzling as well because,

a) there's no RELRO segment there (and there would've been one with if linked with `-Wl,-z,relro')

Dynamic section at offset 0x9028 contains 36 entries:
 Tag        Type                         Name/Value
[...]
0x0000000000000003 (PLTGOT)             0x4092d8
0x0000000000000002 (PLTRELSZ)           1608 (bytes)
0x0000000000000014 (PLTREL)             RELA
0x0000000000000017 (JMPREL)             0x403ef0
0x0000000000000007 (RELA)               0x403350
0x0000000000000008 (RELASZ)             2976 (bytes)
0x0000000000000009 (RELAENT)            24 (bytes)
0x0000000000000000 (NULL)               0x0


and,

b) the binary doesn't seem to have been linked with `-Wl,-z,now'.

So how is this crashing?

I'll see if I can get pkgsrc running for this later this weekend.

-RVP

References:
- segfault in ld.elf_so
  - From: Thomas Klausner
- Re: segfault in ld.elf_so
  - From: Thomas Klausner
- Re: segfault in ld.elf_so
  - From: Thomas Klausner
- Re: segfault in ld.elf_so
  - From: RVP

Prev by Date: daily CVS update output
Previous by Thread: Re: segfault in ld.elf_so
Next by Thread: MediaTek (FoxConn) bluetooth support?
Indexes:

Home | Main Index | Thread Index | Old Index