Subject: Re: Apache & ld.elf_so
To: None <port-pmax@NetBSD.ORG>
From: Michael L. Hitch <mhitch@lightning.oscs.montana.edu>
List: port-mips
Date: 06/15/1998 21:21:17
On Jun 15,  9:09pm, "Michael L. Hitch" wrote:
> On Jun 16, 10:23am, Toru Nishimura wrote:
> > NetBSD/newsmips (and macppc) guy, Masanori Tsubai, reported me
> > privately that he could reproduce the symptom and found that the
> > problem was around;
> > 
> > 	_rtld_load_object()::src/libexec/ld.elf_so/load.c
> > 
> > He tracked down there was something wrong in updating _rtld_objlist
> > linked list, but failed to fix it.  Probably things are worse and
> > deeper than they look like.  So, please submit this rt_ld trouble to
> > PR database, with high severity.  The report/query PR page in
> > www.netbsd.org is very handy to use. 
...
>   Ah ha!  I just found the problem.  When dlclose() removes an unused
> object, it neglects to update _rtld_objtail.  When dlopen() is called
> again, it allocats the same memory for the object, and then links it
> to the entry pointed to by _rtld_objtail - which is the same object
> being added.

  And here is a fix that worked for my test program.

Index: rtld.c
===================================================================
RCS file: /cvsroot/src/libexec/ld.elf_so/rtld.c,v
retrieving revision 1.6
diff -u -r1.6 rtld.c
--- rtld.c	1998/03/25 04:13:02	1.6
+++ rtld.c	1998/06/16 03:17:05
@@ -431,6 +431,8 @@
 		}
 		_rtld_linkmap_delete(obj);
 		*linkp = obj->next;
+		if (obj->next == NULL)
+		    _rtld_objtail = linkp;
 		free(obj);
 	    } else
 		linkp = &obj->next;

-- 
Michael L. Hitch			mhitch@montana.edu
Computer Consultant
Information Technology Center
Montana State University	Bozeman, MT	USA