[Bug ld/30697] New: bfd TLS handling (with local-dynamic model) broken w

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug ld/30697] New: bfd TLS handling (with local-dynamic model) broken w

From:	sam at gentoo dot org
Subject:	[Bug ld/30697] New: bfd TLS handling (with local-dynamic model) broken with large GOT causing Python 3.12 to segfault
Date:	Sat, 29 Jul 2023 14:12:38 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=30697

            Bug ID: 30697
           Summary: bfd TLS handling (with local-dynamic model) broken
                    with large GOT causing Python 3.12 to segfault
           Product: binutils
           Version: 2.40
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ld
          Assignee: unassigned at sourceware dot org
          Reporter: sam at gentoo dot org
                CC: amonakov at gmail dot com, arsen at aarsen dot me,
                    toolchain at gentoo dot org
  Target Milestone: ---

Originally reported downstream in Gentoo at https://bugs.gentoo.org/909544 and
then to Python at https://github.com/python/cpython/issues/106428.

* With GCC 12, Python 3.12 builds fine on ppc32. With GCC 13, Python 3.12
segfaults.
* Python 3.12 bisect:
https://github.com/python/cpython/commit/f8abfa331421e2c28388c5162f37820495e3c2ee
(they started using TLS)
* GCC 13 bisect:
https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=1d561e1851c466a4952081caef17747781609b00
(ipa-visibility: Optimize TLS access)

The latter commit co-author, Alexander Monakov, helpfully analysed the bug
downstream in Gentoo (https://bugs.gentoo.org/909544#c12):
>I can reproduce it. It's a BFD linker bug. With another linker (CC='gcc 
>-fuse-ld=gold') it works fine. The linker seems to >mishandle one of these 
>relocations when GOT is big:
> 
>        addis 3,3,_Py_tss_tstate@dtprel@ha
>        addi 3,3,_Py_tss_tstate@dtprel@l
> 
>Single-stepping in GDB shows that the resulting value of r3 differs from 
>actual address of _Py_tss_tstate (as computed by >GDB, which in principle 
>could also be wrong) by 0x1000.
> 
>You can reproduce it with any GCC version by specifying TLS model in python 
>source explicitly:
> 
>diff --git a/Python/pystate.c b/Python/pystate.c
>index cdd975f..ef8b9f6 100644
>--- a/Python/pystate.c
>+++ b/Python/pystate.c
>@@ -63,6 +63,7 @@ extern "C" {
> 
> 
> #ifdef HAVE_THREAD_LOCAL
>+__attribute__((tls_model("local-dynamic")))
> _Py_thread_local PyThreadState *_Py_tss_tstate = NULL;
> #endif
> 
> 
>(or you can specify the "global-dynamic" model explicitly to paper over the 
>linker bug with new GCC)

I'll upload a (large) reproducer shortly.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug ld/30697] New: bfd TLS handling (with local-dynamic model) broken with large GOT causing Python 3.12 to segfault, sam at gentoo dot org <=
- [Bug ld/30697] bfd TLS handling (with local-dynamic model) broken with large GOT causing Python 3.12 to segfault, sam at gentoo dot org, 2023/07/29

Prev by Date: [Bug binutils/14072] Incorrect handling of config.h and/or sysdep.h causing problems
Next by Date: [Bug ld/30697] bfd TLS handling (with local-dynamic model) broken with large GOT causing Python 3.12 to segfault
Previous by thread: [Bug binutils/14072] Incorrect handling of config.h and/or sysdep.h causing problems
Next by thread: [Bug ld/30697] bfd TLS handling (with local-dynamic model) broken with large GOT causing Python 3.12 to segfault
Index(es):
- Date
- Thread