| Message ID | 87ikemqyd2.fsf@redhat.com |
|---|---|
| State | New |
| Headers |
Return-Path: <binutils-bounces~patchwork=sourceware.org@sourceware.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from vm01.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 788804BBC099 for <patchwork@sourceware.org>; Thu, 4 Dec 2025 11:32:19 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 788804BBC099 Authentication-Results: sourceware.org; dkim=pass (1024-bit key, unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=Wg5jmhgp X-Original-To: binutils@sourceware.org Delivered-To: binutils@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTP id 018374BC8947 for <binutils@sourceware.org>; Thu, 4 Dec 2025 11:29:19 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 018374BC8947 Authentication-Results: sourceware.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 018374BC8947 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1764847760; cv=none; b=aS3OZojX0nXlANwaTsRhurKrF+/jEoY08CBbYTHcjfOYGJ+qmJ35/iBLZLGBNiBp9Yx/a3uhpd8OUwvqCUEkqBXUOgcnoGsy1mbFjFTZkPKITr4n2apcAycc7GyNbjdzk97sK5rqUwuvrXQ1KELVNFt2CXd4dMeDp+OnpGfzeMU= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1764847760; c=relaxed/simple; bh=MmLbraD6AuWs4sbS4GvDKHKFc3Q8nxJcCEJiJk/ViJ8=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=Q9SFSvt7I4f7ddICV4TCb39f0ycrhBj5exHQRQR8MDd6XFb6PnTGBYcn/+3bmTe6/3VKTSFGWtB7kN/3U4Zh9QrTfjNqoFIra6FAvAVYluJVBPuvXEc6OPlK+r5vDgqa5NmrEeQB3IHpWUnPEciCt8+W15RLeurcSkItfCyacZs= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 018374BC8947 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1764847759; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=fxpGUssotJELfPQA0XLRYFolHSeekgoEDOLti918A28=; b=Wg5jmhgp132tCSbELgBIUZQ/mFkuDiQPryvXPRuYwKMfIT6Eb4CYjpFNTH1+1I1MztBkhN W9w/xVM5pjRbArZBbJmDmh2XODfDKUnM17MimA7qUUpPG+npAGqp9C3DBECKy9OEP8zQZ7 6/v7F/uv9Rq1DZbYjbdlftr+m51/bzU= Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-217-qoJNHWSBOdGFBNBx7DkJmQ-1; Thu, 04 Dec 2025 06:29:18 -0500 X-MC-Unique: qoJNHWSBOdGFBNBx7DkJmQ-1 X-Mimecast-MFC-AGG-ID: qoJNHWSBOdGFBNBx7DkJmQ_1764847757 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 7BDEB1956055 for <binutils@sourceware.org>; Thu, 4 Dec 2025 11:29:17 +0000 (UTC) Received: from prancer.redhat.com (unknown [10.45.224.111]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 810A019560A7 for <binutils@sourceware.org>; Thu, 4 Dec 2025 11:29:16 +0000 (UTC) From: Nick Clifton <nickc@redhat.com> To: binutils@sourceware.org Subject: Commit: readelf: warn about local symbols outside of a mergeable section Date: Thu, 04 Dec 2025 11:29:13 +0000 Message-ID: <87ikemqyd2.fsf@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: vD3XRoJuzYQ6cQNz_9MYccVqBJY6qDboZ3jtYPqWOLg_1764847757 X-Mimecast-Originator: redhat.com Content-Type: multipart/mixed; boundary="=-=-=" X-Spam-Status: No, score=-9.8 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED, SPF_HELO_PASS, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Binutils mailing list <binutils.sourceware.org> List-Unsubscribe: <https://sourceware.org/mailman/options/binutils>, <mailto:binutils-request@sourceware.org?subject=unsubscribe> List-Archive: <https://sourceware.org/pipermail/binutils/> List-Post: <mailto:binutils@sourceware.org> List-Help: <mailto:binutils-request@sourceware.org?subject=help> List-Subscribe: <https://sourceware.org/mailman/listinfo/binutils>, <mailto:binutils-request@sourceware.org?subject=subscribe> Errors-To: binutils-bounces~patchwork=sourceware.org@sourceware.org |
| Series |
Commit: readelf: warn about local symbols outside of a mergeable section
|
|
Commit Message
Nick Clifton
Dec. 4, 2025, 11:29 a.m. UTC
Hi Guys, Whilst investigating a problem with corrupt Risc-V debug information I discovered that some object files contained local symbols in the .debug_line_str section that referred to locations beyond the end of the section. This is problematic because when that section is merged with other .debug_line_str sections the symbol will no longer reference the correct location, and the merging code does not handle symbols that extend beyond the end of the section. So I have added a small patch to readelf to detect and warn about such symbols. Hopefully this should allow the quick location of problematic object files. Cheers Nick
Comments
On Thu, Dec 04, 2025 at 11:29:13AM +0000, Nick Clifton wrote: > Hi Guys, > > Whilst investigating a problem with corrupt Risc-V debug information > I discovered that some object files contained local symbols in the > .debug_line_str section that referred to locations beyond the end of > the section. This is problematic because when that section is merged > with other .debug_line_str sections the symbol will no longer > reference the correct location, and the merging code does not handle > symbols that extend beyond the end of the section. > > So I have added a small patch to readelf to detect and warn about such > symbols. Hopefully this should allow the quick location of > problematic object files. Nick, this is broken for executables and shared libraries, where ELF syms have st_value as their address. SHN_COMMON sym st_value also are not section offsets (but you shouldn't see those in SHF_MERGE sections). It show up as arm-linux and aarch64-linux testsuite regressions.
On Mon, Dec 08, 2025 at 05:41:04PM +1030, Alan Modra wrote: > On Thu, Dec 04, 2025 at 11:29:13AM +0000, Nick Clifton wrote: > > Hi Guys, > > > > Whilst investigating a problem with corrupt Risc-V debug information > > I discovered that some object files contained local symbols in the > > .debug_line_str section that referred to locations beyond the end of > > the section. This is problematic because when that section is merged > > with other .debug_line_str sections the symbol will no longer > > reference the correct location, and the merging code does not handle > > symbols that extend beyond the end of the section. > > > > So I have added a small patch to readelf to detect and warn about such > > symbols. Hopefully this should allow the quick location of > > problematic object files. > > Nick, this is broken for executables and shared libraries, where ELF > syms have st_value as their address. SHN_COMMON sym st_value also are > not section offsets (but you shouldn't see those in SHF_MERGE > sections). > > It show up as arm-linux and aarch64-linux testsuite regressions. This works for me, and I believe is the only case where anyone really cares about SHF_MERGE symbols being outside the section. From 1730f571c2690cdd276ba946540b664968a1c37a Mon Sep 17 00:00:00 2001 From: Alan Modra <amodra@gmail.com> Date: Mon, 8 Dec 2025 19:44:35 +1030 Subject: Re: Add warning message to readelf for local symbols Limit the warning to ET_REL. diff --git a/binutils/readelf.c b/binutils/readelf.c index 064c16056a2..fb321b713d3 100644 --- a/binutils/readelf.c +++ b/binutils/readelf.c @@ -14806,6 +14806,7 @@ print_symbol (Filedata * filedata, && ! is_special && is_valid && psym->st_shndx < filedata->file_header.e_shnum + && filedata->file_header.e_type == ET_REL && filedata->section_headers != NULL /* FIXME: Should we warn for non-mergeable sections ? */ && (filedata->section_headers[psym->st_shndx].sh_flags & SHF_MERGE)
Hi Alan, >> Nick, this is broken for executables and shared libraries, where ELF >> syms have st_value as their address. SHN_COMMON sym st_value also are >> not section offsets (but you shouldn't see those in SHF_MERGE >> sections). >> >> It show up as arm-linux and aarch64-linux testsuite regressions. > > This works for me, and I believe is the only case where anyone really > cares about SHF_MERGE symbols being outside the section. > > From 1730f571c2690cdd276ba946540b664968a1c37a Mon Sep 17 00:00:00 2001 > From: Alan Modra <amodra@gmail.com> > Date: Mon, 8 Dec 2025 19:44:35 +1030 > Subject: Re: Add warning message to readelf for local symbols > > Limit the warning to ET_REL. > > diff --git a/binutils/readelf.c b/binutils/readelf.c > index 064c16056a2..fb321b713d3 100644 > --- a/binutils/readelf.c > +++ b/binutils/readelf.c > @@ -14806,6 +14806,7 @@ print_symbol (Filedata * filedata, > && ! is_special > && is_valid > && psym->st_shndx < filedata->file_header.e_shnum > + && filedata->file_header.e_type == ET_REL > && filedata->section_headers != NULL > /* FIXME: Should we warn for non-mergeable sections ? */ > && (filedata->section_headers[psym->st_shndx].sh_flags & SHF_MERGE) Thanks for this. I will go ahead and apply this change, along with my fix for avoiding mapping symbols. Cheers Nick
On Mon, Dec 08, 2025 at 02:18:57PM +0000, Nick Clifton wrote: > Hi Alan, > > > > Nick, this is broken for executables and shared libraries, where ELF > > > syms have st_value as their address. SHN_COMMON sym st_value also are > > > not section offsets (but you shouldn't see those in SHF_MERGE > > > sections). > > > > > > It show up as arm-linux and aarch64-linux testsuite regressions. > > > > This works for me, and I believe is the only case where anyone really > > cares about SHF_MERGE symbols being outside the section. > > > > From 1730f571c2690cdd276ba946540b664968a1c37a Mon Sep 17 00:00:00 2001 > > From: Alan Modra <amodra@gmail.com> > > Date: Mon, 8 Dec 2025 19:44:35 +1030 > > Subject: Re: Add warning message to readelf for local symbols > > > > Limit the warning to ET_REL. > > > > diff --git a/binutils/readelf.c b/binutils/readelf.c > > index 064c16056a2..fb321b713d3 100644 > > --- a/binutils/readelf.c > > +++ b/binutils/readelf.c > > @@ -14806,6 +14806,7 @@ print_symbol (Filedata * filedata, > > && ! is_special > > && is_valid > > && psym->st_shndx < filedata->file_header.e_shnum > > + && filedata->file_header.e_type == ET_REL > > && filedata->section_headers != NULL > > /* FIXME: Should we warn for non-mergeable sections ? */ > > && (filedata->section_headers[psym->st_shndx].sh_flags & SHF_MERGE) > > Thanks for this. I will go ahead and apply this change, along with > my fix for avoiding mapping symbols. Do you really need to exclude mapping symbols? That just looks wrong to me.
Hi Alan, >> Thanks for this. I will go ahead and apply this change, along with >> my fix for avoiding mapping symbols. > > Do you really need to exclude mapping symbols? That just looks wrong > to me. I thought so too, but they were showing up in linker tests on AArch64 native builds so I added the check. Besides, what exactly does it mean for mapping symbols to be assigned to a mergeable section ? Is there any case where you would find both code and data in such a section ? I could not think of any scenario for this, but since it does happen I assumed that I was just missing something and so added the code to skip that kind of symbol. Cheers Nick
On Tue, Dec 09, 2025 at 09:22:16AM +0000, Nick Clifton wrote: > Hi Alan, > > > > Thanks for this. I will go ahead and apply this change, along with > > > my fix for avoiding mapping symbols. > > > > Do you really need to exclude mapping symbols? That just looks wrong > > to me. > > I thought so too, but they were showing up in linker tests on AArch64 native > builds so I added the check. > > Besides, what exactly does it mean for mapping symbols to be assigned to a > mergeable section ? Is there any case where you would find both code and > data in such a section ? I could not think of any scenario for this, but > since it does happen I assumed that I was just missing something and so > added the code to skip that kind of symbol. Yes, but that was when you incorrectly compared st_value in ET_EXEC and ET_DYN against section size, wasn't it? ELF symbol values in executables are addresses, not section offsets.
On 09.12.2025 10:22, Nick Clifton wrote: >>> Thanks for this. I will go ahead and apply this change, along with >>> my fix for avoiding mapping symbols. >> >> Do you really need to exclude mapping symbols? That just looks wrong >> to me. > > I thought so too, but they were showing up in linker tests on AArch64 native > builds so I added the check. > > Besides, what exactly does it mean for mapping symbols to be assigned to a > mergeable section ? Is there any case where you would find both code and > data in such a section ? Code snippets, e.g. for approaches like Linux'es alternatives patching, could easily be a mix of code and data, and they could also live in a mergeable section. Jan > I could not think of any scenario for this, but > since it does happen I assumed that I was just missing something and so > added the code to skip that kind of symbol. > > Cheers > Nick > >
diff --git a/binutils/readelf.c b/binutils/readelf.c index 425b7b78653..759c0367c72 100644 --- a/binutils/readelf.c +++ b/binutils/readelf.c @@ -14739,6 +14739,8 @@ print_symbol (Filedata * filedata, } } + bool is_valid = false; + /* Get the symbol's name. For section symbols without a specific name use the (already computed) section name. */ if (ELF_ST_TYPE (psym->st_info) == STT_SECTION @@ -14749,8 +14751,6 @@ print_symbol (Filedata * filedata, } else { - bool is_valid; - is_valid = valid_symbol_name (strtab, strtab_size, psym->st_name); sstr = is_valid ? strtab + psym->st_name : _("<corrupt>"); } @@ -14798,6 +14798,23 @@ print_symbol (Filedata * filedata, && filedata->file_header.e_ident[EI_OSABI] != ELFOSABI_SOLARIS) warn (_("local symbol %" PRIu64 " found at index >= %s's sh_info value of %u\n"), symbol_index, printable_section_name (filedata, section), section->sh_info); + + /* Local symbols whose value is larger than their section's size are suspicious + especially if that section is mergeable - and hence might change offsets of + the contents inside the section. */ + if (ELF_ST_BIND (psym->st_info) == STB_LOCAL + && ! is_special + && is_valid + && psym->st_shndx < filedata->file_header.e_shnum + && filedata->section_headers != NULL + /* FIXME: Should we warn for non-mergeable sections ? */ + && (filedata->section_headers[psym->st_shndx].sh_flags & SHF_MERGE) + && psym->st_value > filedata->section_headers[psym->st_shndx].sh_size) + warn (_("local symbol %s has a value (%#" PRIx64 ") which is larger than mergeable section %s's size (%#" PRIx64 ")\n"), + strtab + psym->st_name, + psym->st_value, + printable_section_name_from_index (filedata, psym->st_shndx, NULL), + filedata->section_headers[psym->st_shndx].sh_size); } static const char *