dl-open bug in glibc 2.0.97?

[Andreas Jaeger <aj@arthur.rhein-neckar.de>]

Hi,

I received the appended bug report from one of the Mnemonic developers 
who upgraded to 2.0.97 since they needed a thread safe dynamic
linker.  Now they get a consistently segfault using dlopen.

Any ideas what's broken?  I asked Kasper to report more details via
glibcbug.

Andreas

---

• To: aj@arthur.rhein-neckar.de
• Subject: dlopen in glibc-2.0.97; another bug?
• From: Kasper Peeters <K.Peeters@damtp.cam.ac.uk>
• Date: Tue, 20 Oct 1998 00:32:03 +0100 (BST)

Hi Andreas,

I can consistently segfault glibc-2.0.97 using dlopen by using it
multiple times (on different object files, that is): on the tenth use,
it fails (backtrace below).

Sorry for shortcutting the normal bugreport procedure, but the
Mnemonic project was just getting back on steam again after the
previous dlopen bug was fixed. If you haven't seen this before, please
let me know and I'll file a normal bugreport.

Best,
Kasper


Program received signal SIGSEGV, Segmentation fault.
_dl_lookup_symbol (undef_name=0x4039f054 "__tft8mMessage1Z5mTest",
ref=0xbfffebec, 
    symbol_scope=0x805244c, 
    reference_name=0x8052200
"/home/kasper/local.experiment/lib/msg/libtest_messages.so.0.1.1", 
    reloc_type=1) at dl-lookup.c:89
89            if (map->l_opencount == 0)
Current language:  auto; currently c
(gdb) bt
#0  _dl_lookup_symbol (undef_name=0x4039f054 "__tft8mMessage1Z5mTest",
ref=0xbfffebec, 
    symbol_scope=0x805244c, 
    reference_name=0x8052200
"/home/kasper/local.experiment/lib/msg/libtest_messages.so.0.1.1", 
    reloc_type=1) at dl-lookup.c:89
#1  0x4000aafd in _dl_relocate_object (l=0x8052248, scope=0x805244c,
lazy=0, 
    consider_profiling=0) at ../sysdeps/i386/dl-machine.h:326
#2  0x4017fe26 in dl_open_worker (a=0xbfffed38) at dl-open.c:118
#3  0x4000bb77 in _dl_catch_error (errstring=0xbfffed34,
operate=0x4017fd28 <dl_open_worker>, 
    args=0xbfffed38) at dl-error.c:162
#4  0x40180012 in _dl_open (
    file=0x804c488
"/home/kasper/local.experiment/lib/oil/testoil_interests.oil",
mode=258)
    at dl-open.c:222
#5  0x4004dfef in dlopen_doit (a=0xbfffee40) at dlopen.c:39
#6  0x4000bb77 in _dl_catch_error (errstring=0x804db3c,
operate=0x4004dfc8 <dlopen_doit>, 
    args=0xbfffee40) at dl-error.c:162
#7  0x4004e5e0 in _dlerror_run (operate=0x4004dfc8 <dlopen_doit>,
args=0xbfffee40)
    at dlerror.c:122
#8  0x4004e02c in dlopen (
    file=0x804c488
"/home/kasper/local.experiment/lib/oil/testoil_interests.oil",
mode=258)
    at dlopen.c:50

---

---

• To: aj@arthur.rhein-neckar.de
• Subject: more on that bug
• From: Kasper Peeters <K.Peeters@damtp.cam.ac.uk>
• Date: Tue, 20 Oct 1998 00:33:53 +0100 (BST)

O yes, it's the map that is null, but you guessed that:

 (gdb) print map
 $1 = (struct link_map *) 0x0


Kasper

---

-- 
 Andreas Jaeger   aj@arthur.rhein-neckar.de    jaeger@informatik.uni-kl.de
  for pgp-key finger ajaeger@aixd1.rhrk.uni-kl.de