View | Details | Raw Unified | Return to bug 12871 | Differences between
and this patch

Collapse All | Expand All

(-)file_not_specified_in_diff (-21 / +35 lines)
Line  Link Here
0
mike
0
On Monday, June 06, 2011 04:51:29 Andreas Schwab wrote:
1
-- a/elf/dl-libc.c
1
> PaweĊ‚ Sikora <pluto@agmk.net> writes:
2
> > git bisect shows first bad commit:
3
> > 
4
> > 4bff6e0175ed195871f4e01cc4c4c33274b8f6e3 is the first bad commit
5
> > commit 4bff6e0175ed195871f4e01cc4c4c33274b8f6e3
6
> > Author: Andreas Schwab <schwab@redhat.com>
7
> > Date:   Fri Feb 25 20:49:48 2011 -0500
8
> > 
9
> >     Fix memory leak in dlopen with RTLD_NOLOAD.
10
> 
11
> See <http://sourceware.org/ml/libc-hacker/2010-09/msg00009.html> and
12
> <http://sourceware.org/ml/libc-hacker/2011-02/msg00004.html> for the
13
> original, working patches.
14
15
thanks, i'm seeing basically the same crash with the mpd server (music
16
daemon)
17
++ b/elf/dl-libc.c
Lines 279-284 libc_freeres_fn (free_mem) Link Here
279
	      if (! old->dont_free)
279
	      if (! old->dont_free)
280
		free (old);
280
		free (old);
281
	    }
281
	    }
282
283
	  /* Free the initfini dependency list.  */
284
	  if (l->l_free_initfini)
285
	    free (l->l_initfini);
282
	}
286
	}
283
287
284
      if (__builtin_expect (GL(dl_ns)[ns]._ns_global_scope_alloc, 0) != 0
288
      if (__builtin_expect (GL(dl_ns)[ns]._ns_global_scope_alloc, 0) != 0
285
-- a/elf/rtld.c
289
++ b/elf/rtld.c
Lines 2240-2245 ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n", Link Here
2240
	      lnp->dont_free = 1;
2240
	      lnp->dont_free = 1;
2241
	      lnp = lnp->next;
2241
	      lnp = lnp->next;
2242
	    }
2242
	    }
2243
	  l->l_free_initfini = 0;
2243
2244
2244
	  if (l != &GL(dl_rtld_map))
2245
	  if (l != &GL(dl_rtld_map))
2245
	    _dl_relocate_object (l, l->l_scope, GLRO(dl_lazy) ? RTLD_LAZY : 0,
2246
	    _dl_relocate_object (l, l->l_scope, GLRO(dl_lazy) ? RTLD_LAZY : 0,
2246
-- a/elf/dl-close.c
2247
++ b/elf/dl-close.c
Lines 119-135 _dl_close_worker (struct link_map *map) Link Here
119
  if (map->l_direct_opencount > 0 || map->l_type != lt_loaded
119
  if (map->l_direct_opencount > 0 || map->l_type != lt_loaded
120
      || dl_close_state != not_pending)
120
      || dl_close_state != not_pending)
121
    {
121
    {
122
      if (map->l_direct_opencount == 0)
122
      if (map->l_direct_opencount == 0 && map->l_type == lt_loaded)
123
	{
123
	dl_close_state = rerun;
124
	  if (map->l_type == lt_loaded)
125
	    dl_close_state = rerun;
126
	  else if (map->l_type == lt_library)
127
	    {
128
	      struct link_map **oldp = map->l_initfini;
129
	      map->l_initfini = map->l_orig_initfini;
130
	      _dl_scope_free (oldp);
131
	    }
132
	}
133
124
134
      /* There are still references to this object.  Do nothing more.  */
125
      /* There are still references to this object.  Do nothing more.  */
135
      if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0))
126
      if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0))
136
-- a/elf/dl-deps.c
127
++ b/elf/dl-deps.c
Lines 478-483 _dl_map_object_deps (struct link_map *map, Link Here
478
		  nneeded * sizeof needed[0]);
478
		  nneeded * sizeof needed[0]);
479
	  atomic_write_barrier ();
479
	  atomic_write_barrier ();
480
	  l->l_initfini = l_initfini;
480
	  l->l_initfini = l_initfini;
481
	  l->l_free_initfini = 1;
481
	}
482
	}
482
483
483
      /* If we have no auxiliary objects just go on to the next map.  */
484
      /* If we have no auxiliary objects just go on to the next map.  */
Lines 662-667 Filters not supported with LD_TRACE_PRELINKING")); Link Here
662
  l_initfini[nlist] = NULL;
663
  l_initfini[nlist] = NULL;
663
  atomic_write_barrier ();
664
  atomic_write_barrier ();
664
  map->l_initfini = l_initfini;
665
  map->l_initfini = l_initfini;
666
  map->l_free_initfini = 1;
665
  if (l_reldeps != NULL)
667
  if (l_reldeps != NULL)
666
    {
668
    {
667
      atomic_write_barrier ();diff --git a/include/link.h b/include/link.h
669
      atomic_write_barrier ();diff --git a/include/link.h b/include/link.h
Lines 686-690 Filters not supported with LD_TRACE_PRELINKING")); Link Here
686
      _dl_scope_free (old_l_reldeps);
686
      _dl_scope_free (old_l_reldeps);
687
    }
687
    }
688
  if (old_l_initfini != NULL)
688
  if (old_l_initfini != NULL)
689
      map->l_orig_initfini = old_l_initfini;
689
    _dl_scope_free (old_l_initfini);
690
}
690
}
691
-- a/include/link.h
691
++ b/include/link.h
Lines 192-197 struct link_map Link Here
192
						 during LD_TRACE_PRELINKING=1
192
						 during LD_TRACE_PRELINKING=1
193
						 contains any DT_SYMBOLIC
193
						 contains any DT_SYMBOLIC
194
						 libraries.  */
194
						 libraries.  */
195
    unsigned int l_free_initfini:1; /* Nonzero if l_initfini can be
196
				       freed, ie. not allocated with
197
				       the dummy malloc in ld.so.  */
195
198
196
    /* Collected information about own RPATH directories.  */
199
    /* Collected information about own RPATH directories.  */
197
    struct r_search_path_struct l_rpath_dirs;
200
    struct r_search_path_struct l_rpath_dirs;
Lines 240-248 struct link_map Link Here
240
240
241
    /* List of object in order of the init and fini calls.  */
241
    /* List of object in order of the init and fini calls.  */
242
    struct link_map **l_initfini;
242
    struct link_map **l_initfini;
243
    /* The init and fini list generated at startup, saved when the
244
       object is also loaded dynamically.  */
245
    struct link_map **l_orig_initfini;
246
243
247
    /* List of the dependencies introduced through symbol binding.  */
244
    /* List of the dependencies introduced through symbol binding.  */
248
    struct link_map_reldeps
245
    struct link_map_reldeps

Return to bug 12871