public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/31596] New: On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault
@ 2024-04-02 15:20 xiaojiangfeng at huawei dot com
2024-04-02 16:05 ` [Bug libc/31596] " hjl.tools at gmail dot com
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: xiaojiangfeng at huawei dot com @ 2024-04-02 15:20 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=31596
Bug ID: 31596
Summary: On the llvm-arm32 platform, dlopen("not_exist.so", -1)
triggers segmentation fault
Product: glibc
Version: 2.34
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: libc
Assignee: unassigned at sourceware dot org
Reporter: xiaojiangfeng at huawei dot com
CC: drepper.fsp at gmail dot com
Target Milestone: ---
The following are my reproduction cases:
```
#include <dlfcn.h>
int main(void)
{
(void)dlopen("not_exist.so", -1);
return 0;
}
```
However, this case cannot be reproduced in a common environment.
I reproduced this issue in the arm32 environment.
Glibc in the environment is compiled using the Clang compiler.
The glibc version is 2.34. (The patches that supports Clang
compilation has been applied to this version)
I have not figured out why the lcatch variable
in the _dl_signal_error function is null.
As a result, the exception branch
fatal_error(0, NULL, NULL, NULL, "invalid mode parameter")
is executed.
Maybe my Clang compiler's compilation parameters
are not configured properly.
I will try to follow up on this issue and update the progress.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/31596] On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault
2024-04-02 15:20 [Bug libc/31596] New: On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault xiaojiangfeng at huawei dot com
@ 2024-04-02 16:05 ` hjl.tools at gmail dot com
2024-04-02 16:30 ` hjl.tools at gmail dot com
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2024-04-02 16:05 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=31596
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Status|UNCONFIRMED |NEW
CC| |hjl.tools at gmail dot com
Last reconfirmed| |2024-04-02
--- Comment #1 from H.J. Lu <hjl.tools at gmail dot com> ---
objname in
void
_dl_signal_error (int errcode, const char *objname, const char *occasion,
const char *errstring)
is NULL in
dlfcn/dlinfo.c: _dl_signal_error (0, NULL, NULL, N_("unsupported dlinfo
request"));
dlfcn/dlmopen.c: _dl_signal_error (EINVAL, NULL, NULL, N_("invalid
namespace"));
dlfcn/dlmopen.c: _dl_signal_error (EINVAL, NULL, NULL, N_("invalid mode"));
dlfcn/dlopen.c: _dl_signal_error (0, NULL, NULL, _("invalid mode
parameter"));
elf/dl-fptr.c: _dl_signal_error (errno, NULL, NULL,
elf/dl-fptr.c: _dl_signal_error (errno, NULL, NULL,
elf/dl-fptr.c: _dl_signal_error (0, NULL, NULL,
elf/dl-hwcaps.c: _dl_signal_error (ENOMEM, NULL, NULL,
elf/dl-hwcaps.c: _dl_signal_error (ENOMEM, NULL, NULL,
elf/dl-load.c: _dl_signal_error (ENOMEM, NULL, NULL,
elf/dl-load.c: _dl_signal_error (ENOMEM, NULL, NULL, errstring);
elf/dl-load.c: _dl_signal_error (ENOMEM, NULL, NULL, errstring);
elf/dl-sym.c: _dl_signal_error (0, NULL, NULL, N_("\
sysdeps/hppa/dl-fptr.c: _dl_signal_error (errno, NULL, NULL,
sysdeps/hppa/dl-fptr.c: _dl_signal_error (errno, NULL, NULL,
sysdeps/hppa/dl-fptr.c: _dl_signal_error (0, NULL, NULL,
sysdeps/mips/dl-trampoline.c: _dl_signal_error (0, NULL, NULL, "cannot find
runtime link map");
We should handle it properly.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/31596] On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault
2024-04-02 15:20 [Bug libc/31596] New: On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault xiaojiangfeng at huawei dot com
2024-04-02 16:05 ` [Bug libc/31596] " hjl.tools at gmail dot com
@ 2024-04-02 16:30 ` hjl.tools at gmail dot com
2024-04-02 16:33 ` hjl.tools at gmail dot com
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2024-04-02 16:30 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=31596
--- Comment #2 from H.J. Lu <hjl.tools at gmail dot com> ---
We have:
---
void
_dl_signal_error (int errcode, const char *objname, const char *occasion,
const char *errstring)
{
struct rtld_catch *lcatch = get_catch ();
if (! errstring)
errstring = N_("DYNAMIC LINKER BUG!!!");
if (lcatch != NULL)
{
_dl_exception_create (lcatch->exception, objname, errstring);
*lcatch->errcode = errcode;
/* We do not restore the signal mask because none was saved. */
__longjmp (lcatch->env[0].__jmpbuf, 1);
}
else
fatal_error (errcode, objname, occasion, errstring);
}
---
Under what conditions will get_catch return NULL?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/31596] On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault
2024-04-02 15:20 [Bug libc/31596] New: On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault xiaojiangfeng at huawei dot com
2024-04-02 16:05 ` [Bug libc/31596] " hjl.tools at gmail dot com
2024-04-02 16:30 ` hjl.tools at gmail dot com
@ 2024-04-02 16:33 ` hjl.tools at gmail dot com
2024-04-02 19:24 ` hjl.tools at gmail dot com
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2024-04-02 16:33 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=31596
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |WAITING
--- Comment #3 from H.J. Lu <hjl.tools at gmail dot com> ---
There is
#if IS_IN (rtld)
static struct rtld_catch *rtld_catch_notls;
#endif
static struct rtld_catch *
get_catch (void)
{
#if IS_IN (rtld)
if (!__rtld_tls_init_tp_called)
return rtld_catch_notls;
else
#endif
return THREAD_GETMEM (THREAD_SELF, rtld_catch);
}
I don't see how it can return NULL.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/31596] On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault
2024-04-02 15:20 [Bug libc/31596] New: On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault xiaojiangfeng at huawei dot com
` (2 preceding siblings ...)
2024-04-02 16:33 ` hjl.tools at gmail dot com
@ 2024-04-02 19:24 ` hjl.tools at gmail dot com
2024-04-08 16:41 ` cvs-commit at gcc dot gnu.org
2024-04-08 16:42 ` hjl.tools at gmail dot com
5 siblings, 0 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2024-04-02 19:24 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=31596
--- Comment #4 from H.J. Lu <hjl.tools at gmail dot com> ---
_dl_signal_error should only be called from _dl_catch_exception
and get_catch shouldn't return NULL. _dl_exception_create can
handle objname == NULL.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/31596] On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault
2024-04-02 15:20 [Bug libc/31596] New: On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault xiaojiangfeng at huawei dot com
` (3 preceding siblings ...)
2024-04-02 19:24 ` hjl.tools at gmail dot com
@ 2024-04-08 16:41 ` cvs-commit at gcc dot gnu.org
2024-04-08 16:42 ` hjl.tools at gmail dot com
5 siblings, 0 replies; 7+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2024-04-08 16:41 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=31596
--- Comment #5 from Sourceware Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by H.J. Lu <hjl@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1cce91d8aed5c3eca2b6f47767c82d9ed3e9e33f
commit 1cce91d8aed5c3eca2b6f47767c82d9ed3e9e33f
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Mon Apr 8 09:06:09 2024 -0700
elf: Check objname before calling fatal_error
_dl_signal_error may be called with objname == NULL. _dl_exception_create
checks objname == NULL. But fatal_error doesn't. Check objname before
calling fatal_error. This fixes BZ #31596.
Reviewed-by: Sunil K Pandey <skpgkp2@gmail.com>
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/31596] On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault
2024-04-02 15:20 [Bug libc/31596] New: On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault xiaojiangfeng at huawei dot com
` (4 preceding siblings ...)
2024-04-08 16:41 ` cvs-commit at gcc dot gnu.org
@ 2024-04-08 16:42 ` hjl.tools at gmail dot com
5 siblings, 0 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2024-04-08 16:42 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=31596
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|WAITING |RESOLVED
Target Milestone|--- |2.40
Resolution|--- |FIXED
--- Comment #6 from H.J. Lu <hjl.tools at gmail dot com> ---
Fixed for 2.40.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2024-04-08 16:42 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-04-02 15:20 [Bug libc/31596] New: On the llvm-arm32 platform, dlopen("not_exist.so", -1) triggers segmentation fault xiaojiangfeng at huawei dot com
2024-04-02 16:05 ` [Bug libc/31596] " hjl.tools at gmail dot com
2024-04-02 16:30 ` hjl.tools at gmail dot com
2024-04-02 16:33 ` hjl.tools at gmail dot com
2024-04-02 19:24 ` hjl.tools at gmail dot com
2024-04-08 16:41 ` cvs-commit at gcc dot gnu.org
2024-04-08 16:42 ` hjl.tools at gmail dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).