Page MenuHomeFreeBSD

__cxa_thread_call_dtors(3): fix dtor pointer validity check
ClosedPublic

Authored by kib on May 3 2024, 9:38 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Oct 13, 11:52 AM
Unknown Object (File)
Sep 24 2024, 1:04 PM
Unknown Object (File)
Sep 18 2024, 10:17 PM
Unknown Object (File)
Sep 18 2024, 7:25 PM
Unknown Object (File)
Sep 18 2024, 10:25 AM
Unknown Object (File)
Sep 18 2024, 2:23 AM
Unknown Object (File)
Sep 17 2024, 4:37 PM
Unknown Object (File)
Sep 11 2024, 12:27 AM
Subscribers

Details

Summary
When checking for the destructor pointer belonging to some still
loaded dso, do not limit the possible dso to the one instantiated the
destructor. For instance, dso could set up the dtr pointer to a function
from libcxx.

PR:     278701

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib requested review of this revision.May 3 2024, 9:38 AM

Does the cxa_thread_dtor::dso field serve any function after this change? I couldn't see any other references to it.

In D45074#1027845, @dim wrote:

Does the cxa_thread_dtor::dso field serve any function after this change? I couldn't see any other references to it.

It is unused indeed. I looked at the glibc code, they use it to deref the dso after dtr call, but then it would have the same issue. Musl seems to not have the cxa_* stuff at all.

I can remove the member, but prefer to keep it for now (not a rational decision).

I confirm that this change silences the message from https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=278701 and also that the destructor is actually being called.

Further as mentioned above by @dim the dso member is no longer used and can be removed together with the arguments of some functions, see the attached patch.{F82874513}

Thank you!

In D45074#1027873, @kib wrote:
In D45074#1027845, @dim wrote:

Does the cxa_thread_dtor::dso field serve any function after this change? I couldn't see any other references to it.

It is unused indeed. I looked at the glibc code, they use it to deref the dso after dtr call, but then it would have the same issue. Musl seems to not have the cxa_* stuff at all.

Yeah musl doesn't implement unloading DSOs altogether, avoiding a huge can of worms! That's apparently POSIX-compliant...

I can remove the member, but prefer to keep it for now (not a rational decision).

Oh it's fine, it might be handy for other things later, possibly in debug output or such.

This revision is now accepted and ready to land.May 3 2024, 11:18 AM