Re: bin/53465: ld.elf_so crashes when memcpy obj->tlsinit data

[Joerg Sonnenberger <joerg%bec.de@localhost>]

On Mon, Jul 23, 2018 at 04:55:01PM +0000, ? ?? wrote:
> The following reply was made to PR bin/53465; it has been noted by GNATS.
> 
> From: ? ?? <zh_jq%outlook.com@localhost>
> To: "gnats-bugs%netbsd.org@localhost" <gnats-bugs%netbsd.org@localhost>
> Cc: "netbsd-bugs%netbsd.org@localhost" <netbsd-bugs%netbsd.org@localhost>
> Subject: Re: bin/53465: ld.elf_so crashes when memcpy obj->tlsinit data
> Date: Mon, 23 Jul 2018 16:19:05 +0000
> 
>  Now I have a simple c file to reproduce the problem:
>  ----
>  #include <stdio.h>
>  
>  _Thread_local int a =3D 1;
>  
>  int main(int argc, char *argv[])
>  {
>          printf("run ok\n");
>          return 0;
>  }
>  ----
>  Use the following to compile:
>  gcc -o ld-test -fPIE -pie ../src/_pstatd/ld_test.c
>  The run ld-test, you will get the crash.

Ah, PIE. Yes, that explains it. Missing relocbase. Attached patch covers
that.

Joerg

diff -r 38c5563055d2 libexec/ld.elf_so/headers.c
--- a/libexec/ld.elf_so/headers.c	Fri Jul 20 07:12:50 2018 +0000
+++ b/libexec/ld.elf_so/headers.c	Mon Jul 23 21:37:34 2018 +0200
@@ -449,7 +449,8 @@
 			obj->tlssize = ph->p_memsz;
 			obj->tlsalign = ph->p_align;
 			obj->tlsinitsize = ph->p_filesz;
-			obj->tlsinit = (void *)(uintptr_t)ph->p_vaddr;
+			obj->tlsinit = (void *)(obj->relocbase +
+			    (uintptr_t)ph->p_vaddr);
 			dbg(("headers: %s %p phsize %" PRImemsz,
 			    "PT_TLS", (void *)(uintptr_t)vaddr,
 			     ph->p_memsz));