This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCHv5][PING^3][BZ #17833] _dl_close_worker() does not release inconsistent objects.
- From: Maxim Ostapenko <m dot ostapenko at partner dot samsung dot com>
- To: Andreas Schwab <schwab at suse dot de>, Pavel Kopyl <p dot kopyl at samsung dot com>
- Cc: "H.J. Lu" <hjl dot tools at gmail dot com>, Yury Gribov <y dot gribov at samsung dot com>, Roland McGrath <roland at hack dot frob dot com>, GNU C Library <libc-alpha at sourceware dot org>, Carlos O'Donell <carlos at redhat dot com>, Viacheslav Garbuzov <v dot garbuzov at samsung dot com>
- Date: Fri, 07 Aug 2015 18:58:05 +0300
- Subject: Re: [PATCHv5][PING^3][BZ #17833] _dl_close_worker() does not release inconsistent objects.
- Authentication-results: sourceware.org; auth=none
- References: <54BD4F65 dot 2090108 at samsung dot com> <CAMe9rOqiyuyNAtJDZGbfs+0kk0j16-Vowp5f0z_x2zfsd76fMQ at mail dot gmail dot com> <5553382F dot 3020906 at samsung dot com> <5565B5E5 dot 7060101 at samsung dot com> <CAMe9rOr8yDpnHtRFbL3M56Sx5FWX-FVqEstnwsgtW6H+khvziQ at mail dot gmail dot com> <5565C2A8 dot 60306 at samsung dot com> <CAMe9rOq++pD-ugdYFEte49v8TLZEM505J+=WzPTOT_Lo-MdDHQ at mail dot gmail dot com> <5565C862 dot 1040003 at samsung dot com> <CAMe9rOo7TStj3SX8OK8s3H3G=2Pyr1WKTW=R-=SzVFBWY8PF0A at mail dot gmail dot com> <5566395A dot 3090605 at samsung dot com> <CAMe9rOp4Jrz4AE3-C5VmJ0PLmxoST3phyEQt3t59ag6UGbimBw at mail dot gmail dot com> <5567892C dot 4070004 at samsung dot com> <5568A408 dot 2080903 at samsung dot com> <5592AB91 dot 2050709 at samsung dot com> <CAMe9rOoK64VuNfgZ-8_BTqes0tJcpc55atKw1k6ewBTwFzuGKg at mail dot gmail dot com> <5595C0F8 dot 3060300 at samsung dot com> <CAMe9rOof9j6RwGgNGuxXUgBnYXK0c_UAp3zN2Ne4JhHqiZMFEQ at mail dot gmail dot com> <559B829C dot 8080700 at samsung dot com> <CAMe9rOom4ttO2cGYGovagHpu3zy4L7qn+7E4jm7k=5rD+xgNaQ at mail dot gmail dot com> <559BFDDC dot 4010604 at samsung dot com> <mvmpp30o2nw dot fsf at hawking dot suse dot de>
Hi!
On 06/08/15 18:30, Andreas Schwab wrote:
Pavel Kopyl <p.kopyl@samsung.com> writes:
diff --git a/elf/dl-close.c b/elf/dl-close.c
index 412f71d..0595675 100644
--- a/elf/dl-close.c
+++ b/elf/dl-close.c
@@ -108,7 +108,7 @@ remove_slotinfo (size_t idx, struct dtv_slotinfo_list *listp, size_t disp,
void
-_dl_close_worker (struct link_map *map)
+_dl_close_worker (struct link_map *map, bool force)
{
/* One less direct use. */
--map->l_direct_opencount;
@@ -152,6 +152,10 @@ _dl_close_worker (struct link_map *map)
l->l_idx = idx;
maps[idx] = l;
++idx;
+
+ /* clear DF_1_NODELETE to force object deletion. */
+ if (force)
+ l->l_flags_1 &= ~DF_1_NODELETE;
This will remove the NODELETE flag from *all* loaded objects. That
doesn't make sense.
Andreas.
Indeed, we shouldn't remove NODELETE from all loaded objects, only for
buggy library. Here a draft patch that should fix the issue. Andreas,
does this look reasonable for you? If yes, I'll reformat it (e.g. add
proper ChangeLog entry etc) and send for review as BZ#18778 fix.
-Maxim
diff --git a/elf/dl-close.c b/elf/dl-close.c
index 9105277..5caf530 100644
--- a/elf/dl-close.c
+++ b/elf/dl-close.c
@@ -144,6 +144,14 @@ _dl_close_worker (struct link_map *map, bool force)
char done[nloaded];
struct link_map *maps[nloaded];
+ /* Clear DF_1_NODELETE to force object deletion. We don't need to touch
+ l_tls_dtor_count because forced object deletion only happens when an
+ error occurs during object load. Destructor registration for TLS
+ non-POD objects should not have happened till then for this
+ object. */
+ if (force)
+ map->l_flags_1 &= ~DF_1_NODELETE;
+
/* Run over the list and assign indexes to the link maps and enter
them into the MAPS array. */
int idx = 0;
@@ -153,13 +161,6 @@ _dl_close_worker (struct link_map *map, bool force)
maps[idx] = l;
++idx;
- /* Clear DF_1_NODELETE to force object deletion. We don't need to touch
- l_tls_dtor_count because forced object deletion only happens when an
- error occurs during object load. Destructor registration for TLS
- non-POD objects should not have happened till then for this
- object. */
- if (force)
- l->l_flags_1 &= ~DF_1_NODELETE;
}
assert (idx == nloaded);
diff --git a/elf/tst-nodelete.cc b/elf/tst-nodelete.cc
index 176cb68..4152bc3 100644
--- a/elf/tst-nodelete.cc
+++ b/elf/tst-nodelete.cc
@@ -1,12 +1,15 @@
#include "../dlfcn/dlfcn.h"
#include <stdio.h>
#include <stdlib.h>
+#include <gnu/lib-names.h>
static int
do_test (void)
{
int result = 0;
+ void *pthread = dlopen (LIBPTHREAD_SO, RTLD_LAZY);
+
/* This is a test for correct handling of dlopen failures for library that
is loaded with RTLD_NODELETE flag. The first dlopen should fail because
of undefined symbols in shared library. The second dlopen then verifies
@@ -30,6 +33,9 @@ do_test (void)
result = 1;
}
+ if (pthread)
+ dlclose (pthread);
+
/* This is a test for correct handling of dlopen failures for library
with unique symbols. The first dlopen should fail because of undefined
symbols in shared library. The second dlopen then verifies that library
diff --git a/elf/tst-znodelete-zlib.cc b/elf/tst-znodelete-zlib.cc
deleted file mode 100644
index 1e8f368..0000000
--- a/elf/tst-znodelete-zlib.cc
+++ /dev/null
@@ -1,6 +0,0 @@
-extern int not_exist (void);
-
-int foo (void)
-{
- return not_exist ();
-}