From 1848a0f239118b59444dfb1457fb472d997ff274 Mon Sep 17 00:00:00 2001 From: Mirko Vogt Date: Mon, 24 Jun 2013 14:51:22 +0000 Subject: [PATCH] add patch for eglibc version 2.15 This patch partially reverts an (e)glibc commit which fixed a memory leak, however introduced lookup errors in dlopen() with resulting segmentation faults in certain scenarios. References: - http://comments.gmane.org/gmane.comp.lib.glibc.user/1227 - http://sourceware.org/ml/libc-alpha/2011-06/msg00006.html SVN-Revision: 37029 --- ...050-all_glibc-2.14-leak-revert-crash.patch | 110 ++++++++++++++++++ 1 file changed, 110 insertions(+) create mode 100644 toolchain/eglibc/patches/2.15/050-all_glibc-2.14-leak-revert-crash.patch diff --git a/toolchain/eglibc/patches/2.15/050-all_glibc-2.14-leak-revert-crash.patch b/toolchain/eglibc/patches/2.15/050-all_glibc-2.14-leak-revert-crash.patch new file mode 100644 index 0000000000..d1e19aa448 --- /dev/null +++ b/toolchain/eglibc/patches/2.15/050-all_glibc-2.14-leak-revert-crash.patch @@ -0,0 +1,110 @@ +partially revert commit 4bff6e0175ed195871f4e01cc4c4c33274b8f6e3 - caused segmentation faults in dlopen + +References: +http://comments.gmane.org/gmane.comp.lib.glibc.user/1227 +http://sourceware.org/ml/libc-alpha/2011-06/msg00006.html + +diff --git a/libc/elf/dl-close.c b/libc/elf/dl-close.c +index 4b17bf8..733cc1b 100644 +--- a/libc/elf/dl-close.c ++++ b/libc/elf/dl-close.c +@@ -119,17 +119,8 @@ _dl_close_worker (struct link_map *map) + if (map->l_direct_opencount > 0 || map->l_type != lt_loaded + || dl_close_state != not_pending) + { +- if (map->l_direct_opencount == 0) +- { +- if (map->l_type == lt_loaded) +- dl_close_state = rerun; +- else if (map->l_type == lt_library) +- { +- struct link_map **oldp = map->l_initfini; +- map->l_initfini = map->l_orig_initfini; +- _dl_scope_free (oldp); +- } +- } ++ if (map->l_direct_opencount == 0 && map->l_type == lt_loaded) ++ dl_close_state = rerun; + + /* There are still references to this object. Do nothing more. */ + if (__builtin_expect (GLRO_dl_debug_mask & DL_DEBUG_FILES, 0)) +diff --git a/libc/elf/dl-deps.c b/libc/elf/dl-deps.c +index 51cb2fa..eddcbf0 100644 +--- a/libc/elf/dl-deps.c ++++ b/libc/elf/dl-deps.c +@@ -489,6 +489,7 @@ _dl_map_object_deps (struct link_map *map, + nneeded * sizeof needed[0]); + atomic_write_barrier (); + l->l_initfini = l_initfini; ++ l->l_free_initfini = 1; + } + + /* If we have no auxiliary objects just go on to the next map. */ +@@ -689,6 +690,7 @@ Filters not supported with LD_TRACE_PRELINKING")); + l_initfini[nlist] = NULL; + atomic_write_barrier (); + map->l_initfini = l_initfini; ++ map->l_free_initfini = 1; + if (l_reldeps != NULL) + { + atomic_write_barrier (); +@@ -697,7 +699,7 @@ Filters not supported with LD_TRACE_PRELINKING")); + _dl_scope_free (old_l_reldeps); + } + if (old_l_initfini != NULL) +- map->l_orig_initfini = old_l_initfini; ++ _dl_scope_free (old_l_initfini); + + if (errno_reason) + _dl_signal_error (errno_reason == -1 ? 0 : errno_reason, objname, +diff --git a/libc/elf/dl-libc.c b/libc/elf/dl-libc.c +index f44fa10..7563093 100644 +--- a/libc/elf/dl-libc.c ++++ b/libc/elf/dl-libc.c +@@ -284,6 +284,10 @@ libc_freeres_fn (free_mem) + if (! old->dont_free) + free (old); + } ++ ++ /* Free the initfini dependency list. */ ++ if (l->l_free_initfini) ++ free (l->l_initfini); + } + + if (__builtin_expect (GL(dl_ns)[ns]._ns_global_scope_alloc, 0) != 0 +diff --git a/libc/elf/rtld.c b/libc/elf/rtld.c +index b93a01f..2fc83ce 100644 +--- a/libc/elf/rtld.c ++++ b/libc/elf/rtld.c +@@ -2277,6 +2277,7 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n", + lnp->dont_free = 1; + lnp = lnp->next; + } ++ l->l_free_initfini = 0; + + if (l != &GL(dl_rtld_map)) + _dl_relocate_object (l, l->l_scope, GLRO(dl_lazy) ? RTLD_LAZY : 0, +diff --git a/libc/include/link.h b/libc/include/link.h +index e877104..b1b4065 100644 +--- a/libc/include/link.h ++++ b/libc/include/link.h +@@ -192,6 +192,9 @@ struct link_map + during LD_TRACE_PRELINKING=1 + contains any DT_SYMBOLIC + libraries. */ ++ unsigned int l_free_initfini:1; /* Nonzero if l_initfini can be ++ freed, ie. not allocated with ++ the dummy malloc in ld.so. */ + + /* Collected information about own RPATH directories. */ + struct r_search_path_struct l_rpath_dirs; +@@ -240,9 +243,6 @@ struct link_map + + /* List of object in order of the init and fini calls. */ + struct link_map **l_initfini; +- /* The init and fini list generated at startup, saved when the +- object is also loaded dynamically. */ +- struct link_map **l_orig_initfini; + + /* List of the dependencies introduced through symbol binding. */ + struct link_map_reldeps -- 2.30.2