https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94972
Bug ID: 94972
Summary: Function multi-versioning binary may crash dynamic
linker
Product: gcc
Version: 9.1.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: target
Assignee: unassigned at gcc dot gnu.org
Reporter: d at ilvokhin dot com
Target Milestone: ---
Created attachment 48468
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=48468&action=edit
Simplified version of function multi-versioning example
I compiled simple binary (a simplified version of function multi-versioning
example from gcc.gnu.org) and do ldd -u -r on result.
This leads to ldd segfault in __cpu_indicator_init from libgcc_s.so.
Behaviour is observed at least for GCC 9.1.1 and 7.3.1 (both from Red Hat
devtoolset).
$ g++ --version
g++ (GCC) 9.1.1 20190605 (Red Hat 9.1.1-2)
Copyright (C) 2019 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
$ g++ tt.cpp -o cpp
$ ldd -u -r ./cpp
/usr/bin/ldd: line 116: 6148 Segmentation fault (core dumped)
LD_TRACE_LOADED_OBJECTS=1 LD_WARN=yes LD_BIND_NOW=yes
LD_LIBRARY_VERSION=$verify_out LD_VERBOSE= LD_DEBUG="unused" "$@
Backtrace is looks like that:
(gdb) bt
#0 0x00007efccf094c87 in __cpu_indicator_init () from /lib64/libgcc_s.so.1
#1 0x0000000000401178 in ?? ()
#2 0x00007fff5f97e220 in ?? ()
#3 0x00007efccf8bce5f in _dl_relocate_object () from
/lib64/ld-linux-x86-64.so.2
(gdb) disass
Dump of assembler code for function __cpu_indicator_init:
0x00007efccf094c70 <+0>: push %r15
0x00007efccf094c72 <+2>: push %r14
0x00007efccf094c74 <+4>: push %r13
0x00007efccf094c76 <+6>: push %r12
0x00007efccf094c78 <+8>: push %rbp
0x00007efccf094c79 <+9>: xor %ebp,%ebp
0x00007efccf094c7b <+11>: push %rbx
0x00007efccf094c7c <+12>: sub $0x18,%rsp
0x00007efccf094c80 <+16>: mov 0x212351(%rip),%rax #
0x7efccf2a6fd8
=> 0x00007efccf094c87 <+23>: mov (%rax),%eax
0x00007efccf094c89 <+25>: test %eax,%eax
