This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Crash in DT_FINI_ARRAY

From: Andreas Schwab <schwab at suse dot de>
To: libc-hacker at sources dot redhat dot com
Date: Fri, 24 Jan 2003 22:28:37 +0100
Subject: Re: Crash in DT_FINI_ARRAY
References: <jer8b4qaij.fsf@sykes.suse.de>

Roland asked me to create a test, and that promptly revealed another bug.

Andreas.

2003-01-24  Andreas Schwab  <schwab@suse.de>

	* elf/dl-close.c (_dl_close): Don't relocate DT_FINI_ARRAY
	elements, and process them backwards.
	* elf/Makefile ($(objpfx)tst-array4): New target.
	($(objpfx)tst-array4.out): Likewise.
	(tests) [$(have-initfini-array) = yes]: Add tst-array4.
	* elf/tst-array4.c: New file.
	* elf/tst-array4.exp: Likewise.

--- elf/Makefile.~1.254.~	2003-01-16 11:19:30.000000000 +0100
+++ elf/Makefile	2003-01-24 21:40:51.000000000 +0100
@@ -121,7 +121,7 @@ endif
 
 tests = tst-tls1 tst-tls2 tst-tls9
 ifeq (yes,$(have-initfini-array))
-tests += tst-array1 tst-array2 tst-array3
+tests += tst-array1 tst-array2 tst-array3 tst-array4
 endif
 ifeq (yes,$(build-static))
 tests-static = tst-tls1-static tst-tls2-static
@@ -594,6 +594,12 @@ $(objpfx)tst-array3.out: $(objpfx)tst-ar
 	  $(objpfx)tst-array3 > $@
 	cmp $@ tst-array1.exp > /dev/null
 
+$(objpfx)tst-array4: $(libdl)
+$(objpfx)tst-array4.out: $(objpfx)tst-array4 $(objpfx)tst-array2dep.so
+	$(elf-objpfx)$(rtld-installed-name) \
+	  --library-path $(rpath-link)$(patsubst %,:%,$(sysdep-library-path)) \
+	  $< > $@
+	cmp $@ tst-array4.exp > /dev/null
 
 check-textrel-CFLAGS = -O
 $(objpfx)check-textrel: check-textrel.c
--- elf/dl-close.c.~1.93.~	2003-01-16 11:19:32.000000000 +0100
+++ elf/dl-close.c	2003-01-24 22:16:12.000000000 +0100
@@ -238,10 +238,9 @@ _dl_close (void *_map)
 				    + imap->l_info[DT_FINI_ARRAY]->d_un.d_ptr);
 		  unsigned int sz = (imap->l_info[DT_FINI_ARRAYSZ]->d_un.d_val
 				     / sizeof (ElfW(Addr)));
-		  unsigned int cnt;
 
-		  for (cnt = 0; cnt < sz; ++cnt)
-		    ((fini_t) (imap->l_addr + array[cnt])) ();
+		  while (sz-- > 0)
+		    ((fini_t) array[sz]) ();
 		}
 
 	      /* Next try the old-style destructor.  */
--- /dev/null	2002-12-10 23:57:13.000000000 +0100
+++ elf/tst-array4.c	2003-01-24 20:46:10.000000000 +0100
@@ -0,0 +1,18 @@
+#include <dlfcn.h>
+
+#define main array1_main
+#include "tst-array1.c"
+#undef main
+
+int
+main (void)
+{
+  void *handle = dlopen ("tst-array2dep.so", RTLD_LAZY);
+
+  array1_main ();
+
+  if (handle != NULL)
+    dlclose (handle);
+
+  return 0;
+}
--- /dev/null	2002-12-10 23:57:13.000000000 +0100
+++ elf/tst-array4.exp	2003-01-24 21:38:48.000000000 +0100
@@ -0,0 +1,19 @@
+preinit array 0
+preinit array 1
+preinit array 2
+init
+init array 0
+init array 1
+init array 2
+DSO init
+DSO init array 0
+DSO init array 1
+DSO init array 2
+DSO fini array 2
+DSO fini array 1
+DSO fini array 0
+DSO fini
+fini array 2
+fini array 1
+fini array 0
+fini

-- 
Andreas Schwab, SuSE Labs, schwab@suse.de
SuSE Linux AG, Deutschherrnstr. 15-19, D-90429 Nürnberg
Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."

Follow-Ups:
- Re: Crash in DT_FINI_ARRAY
  - From: Ulrich Drepper

References:
- Crash in DT_FINI_ARRAY
  - From: Andreas Schwab

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]