rpms/glibc
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4a5520db4f
glibc/glibc-2.14.1-fix-segfault-at-dl-lookup.patch

119 lines
3.9 KiB
Diff
Raw Normal View History

rebuilt with enable-obsolete-rpc required by pwdutils [release 2.19-2mamba;Sun Apr 20 2014]
2024-01-05 23:07:54 +01:00
On Monday, June 06, 2011 13:00:50 Mike Frysinger wrote:
> On Monday, June 06, 2011 04:51:29 Andreas Schwab wrote:
> > Paweł Sikora <pluto@agmk.net> writes:
> > > git bisect shows first bad commit:
> > >
> > > 4bff6e0175ed195871f4e01cc4c4c33274b8f6e3 is the first bad commit
> > > commit 4bff6e0175ed195871f4e01cc4c4c33274b8f6e3
> > > Author: Andreas Schwab <schwab@redhat.com>
> > > Date: Fri Feb 25 20:49:48 2011 -0500
> > >
> > > Fix memory leak in dlopen with RTLD_NOLOAD.
> >
> > See <http://sourceware.org/ml/libc-hacker/2010-09/msg00009.html> and
> > <http://sourceware.org/ml/libc-hacker/2011-02/msg00004.html> for the
> > original, working patches.
>
> thanks, i'm seeing basically the same crash with the mpd server (music
> daemon)
in case it's helpful to someone else, this is the patch i'm using
-mike
partially revert 4bff6e0175ed195871f4e01cc4c4c33274b8f6e3
http://sourceware.org/ml/libc-alpha/2011-06/msg00006.html
--- a/elf/dl-libc.c
+++ b/elf/dl-libc.c
@@ -279,6 +279,10 @@ libc_freeres_fn (free_mem)
if (! old->dont_free)
free (old);
}
+
+ /* Free the initfini dependency list. */
+ if (l->l_free_initfini)
+ free (l->l_initfini);
}
if (__builtin_expect (GL(dl_ns)[ns]._ns_global_scope_alloc, 0) != 0
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -2240,6 +2240,7 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n",
lnp->dont_free = 1;
lnp = lnp->next;
}
+ l->l_free_initfini = 0;
if (l != &GL(dl_rtld_map))
_dl_relocate_object (l, l->l_scope, GLRO(dl_lazy) ? RTLD_LAZY : 0,
--- a/elf/dl-close.c
+++ b/elf/dl-close.c
@@ -119,17 +119,8 @@ _dl_close_worker (struct link_map *map)
if (map->l_direct_opencount > 0 || map->l_type != lt_loaded
|| dl_close_state != not_pending)
{
- if (map->l_direct_opencount == 0)
- {
- if (map->l_type == lt_loaded)
- dl_close_state = rerun;
- else if (map->l_type == lt_library)
- {
- struct link_map **oldp = map->l_initfini;
- map->l_initfini = map->l_orig_initfini;
- _dl_scope_free (oldp);
- }
- }
+ if (map->l_direct_opencount == 0 && map->l_type == lt_loaded)
+ dl_close_state = rerun;
/* There are still references to this object. Do nothing more. */
if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0))
--- a/elf/dl-deps.c
+++ b/elf/dl-deps.c
@@ -478,6 +478,7 @@ _dl_map_object_deps (struct link_map *map,
nneeded * sizeof needed[0]);
atomic_write_barrier ();
l->l_initfini = l_initfini;
+ l->l_free_initfini = 1;
}
/* If we have no auxiliary objects just go on to the next map. */
@@ -662,6 +663,7 @@ Filters not supported with LD_TRACE_PRELINKING"));
l_initfini[nlist] = NULL;
atomic_write_barrier ();
map->l_initfini = l_initfini;
+ map->l_free_initfini = 1;
if (l_reldeps != NULL)
{
atomic_write_barrier ();diff --git a/include/link.h b/include/link.h
@@ -686,5 +686,5 @@ Filters not supported with LD_TRACE_PRELINKING"));
_dl_scope_free (old_l_reldeps);
}
if (old_l_initfini != NULL)
- map->l_orig_initfini = old_l_initfini;
+ _dl_scope_free (old_l_initfini);
--- a/include/link.h
+++ b/include/link.h
@@ -192,6 +192,9 @@ struct link_map
during LD_TRACE_PRELINKING=1
contains any DT_SYMBOLIC
libraries. */
+ unsigned int l_free_initfini:1; /* Nonzero if l_initfini can be
+ freed, ie. not allocated with
+ the dummy malloc in ld.so. */
/* Collected information about own RPATH directories. */
struct r_search_path_struct l_rpath_dirs;
@@ -240,9 +240,6 @@ struct link_map
/* List of object in order of the init and fini calls. */
struct link_map **l_initfini;
- /* The init and fini list generated at startup, saved when the
- object is also loaded dynamically. */
- struct link_map **l_orig_initfini;
/* List of the dependencies introduced through symbol binding. */
struct link_map_reldeps
Reference in New Issue Copy Permalink