public inbox for glibc-bugs@sourceware.org help / color / mirror / Atom feed
* [Bug dynamic-link/30425] New: Symbol lookup during dlclose may fail unnecessarily @ 2023-05-05 20:31 fweimer at redhat dot com 2023-05-05 20:34 ` [Bug dynamic-link/30425] " fweimer at redhat dot com ` (3 more replies) 0 siblings, 4 replies; 5+ messages in thread From: fweimer at redhat dot com @ 2023-05-05 20:31 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=30425 Bug ID: 30425 Summary: Symbol lookup during dlclose may fail unnecessarily Product: glibc Version: unspecified Status: NEW Severity: normal Priority: P2 Component: dynamic-link Assignee: unassigned at sourceware dot org Reporter: fweimer at redhat dot com Target Milestone: --- Once an object is under removal, all its symbols become unavailable for symbol resolution, due to this check in do_lookup_x: /* Do not look into objects which are going to be removed. */ if (map->l_removed) continue; This can cause mysterious crashes during dlclose, particularly if function symbols are weak due to GCC's C++ vague linkage implementation. This (admittedly silly) patch fixes the downstream reproducer, but we should add a C test case for this as well. diff --git a/elf/dl-lookup.c b/elf/dl-lookup.c index 05f36a2507..ecc1896c9d 100644 --- a/elf/dl-lookup.c +++ b/elf/dl-lookup.c @@ -366,8 +366,10 @@ do_lookup_x (const char *undef_name, unsigned int new_hash, if ((type_class & ELF_RTYPE_CLASS_COPY) && map->l_type == lt_executable) continue; - /* Do not look into objects which are going to be removed. */ - if (map->l_removed) + /* Do not look into objects which are going to be removed. + References from a map that is under removal are allowed, to + enable lazy binding during dlclose. */ + if (map->l_removed && !undef_map->l_removed) continue; /* Print some debugging info if wanted. */ -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug dynamic-link/30425] Symbol lookup during dlclose may fail unnecessarily 2023-05-05 20:31 [Bug dynamic-link/30425] New: Symbol lookup during dlclose may fail unnecessarily fweimer at redhat dot com @ 2023-05-05 20:34 ` fweimer at redhat dot com 2023-05-21 14:24 ` fw at deneb dot enyo.de ` (2 subsequent siblings) 3 siblings, 0 replies; 5+ messages in thread From: fweimer at redhat dot com @ 2023-05-05 20:34 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=30425 Florian Weimer <fweimer at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fweimer at redhat dot com Flags| |security- -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug dynamic-link/30425] Symbol lookup during dlclose may fail unnecessarily 2023-05-05 20:31 [Bug dynamic-link/30425] New: Symbol lookup during dlclose may fail unnecessarily fweimer at redhat dot com 2023-05-05 20:34 ` [Bug dynamic-link/30425] " fweimer at redhat dot com @ 2023-05-21 14:24 ` fw at deneb dot enyo.de 2023-05-22 13:24 ` fweimer at redhat dot com 2023-06-05 16:09 ` fweimer at redhat dot com 3 siblings, 0 replies; 5+ messages in thread From: fw at deneb dot enyo.de @ 2023-05-21 14:24 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=30425 Florian Weimer <fw at deneb dot enyo.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fw at deneb dot enyo.de --- Comment #1 from Florian Weimer <fw at deneb dot enyo.de> --- The patch should check that undef_map is not NULL; there are other such checks in elf/dl-lookup.c. The situation is a bit more complicated because dlclose sets l_removed to false only after running destructors for that DSO, so at least two DSOs are required, and symbol interposition or some other ordering violation. -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug dynamic-link/30425] Symbol lookup during dlclose may fail unnecessarily 2023-05-05 20:31 [Bug dynamic-link/30425] New: Symbol lookup during dlclose may fail unnecessarily fweimer at redhat dot com 2023-05-05 20:34 ` [Bug dynamic-link/30425] " fweimer at redhat dot com 2023-05-21 14:24 ` fw at deneb dot enyo.de @ 2023-05-22 13:24 ` fweimer at redhat dot com 2023-06-05 16:09 ` fweimer at redhat dot com 3 siblings, 0 replies; 5+ messages in thread From: fweimer at redhat dot com @ 2023-05-22 13:24 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=30425 Florian Weimer <fweimer at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|unassigned at sourceware dot org |fweimer at redhat dot com Status|NEW |ASSIGNED --- Comment #2 from Florian Weimer <fweimer at redhat dot com> --- Patch posted: [PATCH v2] elf: Make more functions available for binding during dlclose (bug 30425) <https://sourceware.org/pipermail/libc-alpha/2023-May/148370.html> -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug dynamic-link/30425] Symbol lookup during dlclose may fail unnecessarily 2023-05-05 20:31 [Bug dynamic-link/30425] New: Symbol lookup during dlclose may fail unnecessarily fweimer at redhat dot com ` (2 preceding siblings ...) 2023-05-22 13:24 ` fweimer at redhat dot com @ 2023-06-05 16:09 ` fweimer at redhat dot com 3 siblings, 0 replies; 5+ messages in thread From: fweimer at redhat dot com @ 2023-06-05 16:09 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=30425 Florian Weimer <fweimer at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Target Milestone|--- |2.38 Status|ASSIGNED |RESOLVED --- Comment #3 from Florian Weimer <fweimer at redhat dot com> --- Fixed via: commit d0f07f7df8d9758c838674b70144ac73bcbd1634 Author: Florian Weimer <fweimer@redhat.com> Date: Tue May 30 13:25:50 2023 +0200 elf: Make more functions available for binding during dlclose (bug 30425) Previously, after destructors for a DSO have been invoked, ld.so refused to bind against that DSO in all cases. Relax this restriction somewhat if the referencing object is itself a DSO that is being unloaded. This assumes that the symbol reference is not going to be stored anywhere. The situation in the test case can arise fairly easily with C++ and objects that are built with different optimization levels and therefore define different functions with vague linkage. Reviewed-by: Carlos O'Donell <carlos@redhat.com> -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-06-05 16:09 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2023-05-05 20:31 [Bug dynamic-link/30425] New: Symbol lookup during dlclose may fail unnecessarily fweimer at redhat dot com 2023-05-05 20:34 ` [Bug dynamic-link/30425] " fweimer at redhat dot com 2023-05-21 14:24 ` fw at deneb dot enyo.de 2023-05-22 13:24 ` fweimer at redhat dot com 2023-06-05 16:09 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).