This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[review v2] Remove all loaded objects if dlopen fails, ignoring NODELETE [BZ #20839]

From: "Florian Weimer (Code Review)" <gerrit at gnutoolchain-gerrit dot osci dot io>
To: Florian Weimer <fweimer at redhat dot com>, Florian Weimer <fw at deneb dot enyo dot de>, libc-alpha at sourceware dot org
Cc: Christian Häggström <gnugerrit at kalvdans dot no-ip dot org>
Date: Wed, 13 Nov 2019 07:56:17 -0500
Subject: [review v2] Remove all loaded objects if dlopen fails, ignoring NODELETE [BZ #20839]
Auto-submitted: auto-generated
References: <gerrit.1572549639000.Ib2a3d86af6f92d75baca65431d74783ee0dbc292@gnutoolchain-gerrit.osci.io>
Reply-to: gnutoolchain-gerrit at osci dot io

Florian Weimer has posted comments on this change.

Change URL: https://gnutoolchain-gerrit.osci.io/r/c/glibc/+/471
......................................................................


Patch Set 2:

(3 comments)

Thanks, I pushed a new version.

| --- elf/dl-lookup.c
| +++ elf/dl-lookup.c
| @@ -315,6 +315,17 @@ #define INITIAL_NUNIQUE_SYM_TABLE 31
| -	   setting the appropriate flag.  */
| -	((struct link_map *) map)->l_flags_1 |= DF_1_NODELETE;
| +	{
| +	  /* Make sure we don't unload this object by
| +	     setting the appropriate flag.  */
| +	  if (__glibc_unlikely (GLRO (dl_debug_mask) & DL_DEBUG_BINDINGS)
| +	      && map->l_nodelete == link_map_nodelete_inactive)
| +	    _dl_debug_printf ("\
| +marking %s [%lu] as NODELETE due to unique symbol\n",
| +			      map->l_name, map->l_ns);

PS1, Line 322:

Which part do you mean? The current code uses this style
(_dl_debug_printf in an if statement with a flag check). Changing that
would be a separate cleanup.

| +	  if (flags & DL_LOOKUP_FOR_RELOCATE)
| +	    map->l_nodelete = link_map_nodelete_pending;
| +	  else
| +	    map->l_nodelete = link_map_nodelete_active;
| +	}
|      }
|    ++tab->n_elements;
|  
|  #ifdef SHARED
| --- include/link.h
| +++ include/link.h
| @@ -82,7 +85,19 @@ enum link_map_nodelete
| + /* This link map can be deallocated.  */
| + link_map_nodelete_inactive,
| +
| + /* This link map cannot be deallocated.  */
| + link_map_nodelete_active,
| +
| + /* This link map cannot be deallocated after dlopen has succeded.
| +    dlopen turns this into link_map_nodelete_active.  dlclose treats
| +    this intermediate state as link_map_nodelete_active.  */
| + link_map_nodelete_pending,

PS1, Line 94:

The existing code uses both styles, see lt_executable (also in struct
link_map) and DL_LOOKUP_ADD_DEPENDENCY. So I'm not sure what to do
here.

| +};
| +
|  
|  /* Structure describing a loaded shared object.  The `l_next' and `l_prev'
|     members form a chain of all the shared objects loaded at startup.
|  
|     These data structures exist in space used by the run-time dynamic linker;
|     modifying them may have disastrous results.
|  

 ...

| @@ -199,15 +214,19 @@ struct link_map
|  						 during LD_TRACE_PRELINKING=1
|  						 contains any DT_SYMBOLIC
|  						 libraries.  */
|      unsigned int l_free_initfini:1; /* Nonzero if l_initfini can be
|  				       freed, ie. not allocated with
|  				       the dummy malloc in ld.so.  */
|  
| +    /* Actually of type enum link_map_nodelete.  Separate byte due to
| +       concurrent access.  Only valid for l_type == lt_loaded.  */
| +    unsigned char l_nodelete;

PS1, Line 223:

There is a read of this variable in add_dependency in elf/dl-lookup.c,
for a double-checked locking pattern (sort of). Link map updates
happen under the loader lock, but there are some cases where we read
things outside the lock (see l_scope, THREAD_GSCOPE_* etc.). This
concurrency pattern is not new, before this change we used l_flags_1
in a similar, technically unsound way.

Anyway, I updated the comment.

I could switch this access to a relaxed MO load if I made the variable
uint32_t. (We do not have one-byte atomics.)

I added a comment an initializer to link_map_nodelete_inactive.
Thanks.

| +
|  #include <link_map.h>
|  
|      /* Collected information about own RPATH directories.  */
|      struct r_search_path_struct l_rpath_dirs;
|  
|      /* Collected results of relocation while profiling.  */
|      struct reloc_result
|      {

-- 
Gerrit-Project: glibc
Gerrit-Branch: master
Gerrit-Change-Id: Ib2a3d86af6f92d75baca65431d74783ee0dbc292
Gerrit-Change-Number: 471
Gerrit-PatchSet: 2
Gerrit-Owner: Florian Weimer <fweimer@redhat.com>
Gerrit-Reviewer: Florian Weimer <fw@deneb.enyo.de>
Gerrit-Reviewer: Florian Weimer <fweimer@redhat.com>
Gerrit-CC: Christian Häggström <gnugerrit@kalvdans.no-ip.org>
Gerrit-Comment-Date: Wed, 13 Nov 2019 12:56:17 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Christian Häggström <gnugerrit@kalvdans.no-ip.org>
Gerrit-MessageType: comment

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]