This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
Hi,
On Tue, 6 Sep 2011, Andreas Jaeger wrote:
> On Tuesday, September 06, 2011 05:44:04 Ulrich Drepper wrote:
> > On Thu, Sep 1, 2011 at 03:42, Andreas Schwab <schwab@redhat.com> wrote:
> > > You can find my original patch in the libc-hacker archive.
> >
> > That patch is not correct. It might not cause a crash but it does
> > cause an explicit dlopen/dlclose of an DSO which was previously opened
> > as a dependencies of a dlopen call to have a different scope.
> >
> > I haven't seen any report with a reproducible description of a
> > problem. I haven't even seen anything close to a description of the
> > situation. Just some gdb backtrace and that's not sufficient.
>
> Michael, didn't you have a testcase for this one? It was bnc#703140,
Sure, attached (valgrind will show the error, with MALLOC_PERTURB it
crashes, without it might or might not crash). But the problem is
obvious, it frees an array which is used afterwards when the same dso is
loaded again. The crux is the microoptimization of sharing l_initfini and
l_searchlist.r_list memory.
Here's the comment I added after analysis:
struct link_map **oldp = map->l_initfini;
map->l_initfini = map->l_orig_initfini;
- _dl_scope_free (oldp);
+ /* We can't remove the l_initfini memory because
+ it's shared with l_searchlist.r_list. We don't clear
+ the latter so when we dlopen this object again that
+ entry would point to stale memory. And we don't want
+ to recompute it as it would involve a new call to
+ map_object_deps.
+ _dl_scope_free (oldp); */
Ciao,
Michael.Attachment:
lib-bug-dlsym.tar-gz
Description: Binary data
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |