port-arm/58625: /usr/tests/libexec/ld.elf_so/t_ifunc_now crashes on aarch64

[martin%NetBSD.org@localhost]

>Number:         58625
>Category:       port-arm
>Synopsis:       /usr/tests/libexec/ld.elf_so/t_ifunc_now crashes on aarch64
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    port-arm-maintainer
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Aug 22 07:35:00 +0000 2024
>Originator:     Martin Husemann
>Release:        NetBSD 10.99.11
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD h-pulse.aprisoft.de 10.99.11 NetBSD 10.99.11 (GENERIC64) #457: Wed Aug 21 12:02:36 CEST 2024 martin%seven-days-to-the-wolves.aprisoft.de@localhost:/work/src/sys/arch/evbarm/compile/GENERIC64 evbarm
Architecture: aarch64
Machine: evbarm
>Description:

Running tests in /usr/tests/libexec/ld.elf_so reports a bogus test program:

Failed (bogus) test programs:
    t_ifunc_now

and leaves a t_ifunc_now.core around.

gdb says:

Reading symbols from t_ifunc_now...
(No debugging symbols found in t_ifunc_now)
[New process 2008]
Core was generated by `t_ifunc_now'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x0000fffff3a712ac in _rtld_call_ifunc () from /usr/libexec/ld.elf_so
(gdb) bt
#0  0x0000fffff3a712ac in _rtld_call_ifunc () from /usr/libexec/ld.elf_so
#1  0x0000fffff3a76a18 in _rtld_call_init_functions ()
   from /usr/libexec/ld.elf_so
#2  0x0000fffff3a773dc in _rtld () from /usr/libexec/ld.elf_so
#3  0x0000fffff3a70b10 in _rtld_start () from /usr/libexec/ld.elf_so
(gdb) x/16i $pc-16
   0xfffff3a7129c <_rtld_call_ifunc+172>:       ldp     x21, x22, [sp, #16]
   0xfffff3a712a0 <_rtld_call_ifunc+176>:       ldr     x30, [sp, #56]
   0xfffff3a712a4 <_rtld_call_ifunc+180>:       ldp     x19, x20, [sp], #64
   0xfffff3a712a8 <_rtld_call_ifunc+184>:       ret
=> 0xfffff3a712ac <_rtld_call_ifunc+188>:       str     x23, [x24, x25]
   0xfffff3a712b0 <_rtld_call_ifunc+192>:       ldp     x23, x24, [sp, #32]
   0xfffff3a712b4 <_rtld_call_ifunc+196>:       ldr     x25, [sp, #48]
   0xfffff3a712b8 <_rtld_call_ifunc+200>:       
    b   0xfffff3a71210 <_rtld_call_ifunc+32>
   0xfffff3a712bc:      nop
   0xfffff3a712c0 <_rtld_bind>: stp     x19, x20, [sp, #-64]!
   0xfffff3a712c4 <_rtld_bind+4>:       mov     x19, x0
   0xfffff3a712c8 <_rtld_bind+8>:       
    mov w0, #0x18                       // #24
   0xfffff3a712cc <_rtld_bind+12>:      stp     x21, x22, [sp, #16]
   0xfffff3a712d0 <_rtld_bind+16>:      umull   x20, w1, w0
   0xfffff3a712d4 <_rtld_bind+20>:      ldr     x21, [x19, #152]
   0xfffff3a712d8 <_rtld_bind+24>:      str     x30, [sp, #32]
(gdb) info reg
[..]
x23            0x8671270           140972656
x24            0x8670000           140967936
x25            0x1ff90             130960
x26            0xfffffff2afb8      281474975838136
x27            0xfeee56ea7000      280299613876224
x28            0xfffff3aa0070      281474769748080
x29            0x0                 0
x30            0xfffff3a71284      281474769556100
sp             0xfffffff2ad70      0xfffffff2ad70
pc             0xfffff3a712ac      0xfffff3a712ac <_rtld_call_ifunc+188>
cpsr           0x80000000          [ EL=0 BTYPE=0 N ]
fpsr           0x0                 [ ]
fpcr           0x0                 [ Len=0 Stride=0 RMode=0 ]
(gdb) x/x (0x8670000+0x1ff90)
0x868ff90 <*ABS*@got.plt>:      0x00000e40


>How-To-Repeat:

cd /usr/tests/libexec/ld.elf_so && atf-run t_ifunc_now

>Fix:
n/a