Submitted By: Matt Burgess Date: 2011-10-07 Initial Package Version: 2.14.1 Upstream Status: From upstream Origin: Matt Burgess Description: Fixes Firefox crashes and a bug when programs link to SDL. --- elf/dl-close.c 2011-10-07 09:48:55.000000000 +0000 +++ elf/dl-close.c 2011-10-07 19:43:10.346411120 +0000 @@ -119,17 +119,8 @@ if (map->l_direct_opencount > 0 || map->l_type != lt_loaded || dl_close_state != not_pending) { - if (map->l_direct_opencount == 0) - { - if (map->l_type == lt_loaded) - dl_close_state = rerun; - else if (map->l_type == lt_library) - { - struct link_map **oldp = map->l_initfini; - map->l_initfini = map->l_orig_initfini; - _dl_scope_free (oldp); - } - } + if (map->l_direct_opencount == 0 && map->l_type == lt_loaded) + dl_close_state = rerun; /* There are still references to this object. Do nothing more. */ if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0)) --- elf/dl-deps.c 2011-10-07 09:48:55.000000000 +0000 +++ elf/dl-deps.c 2011-10-07 19:43:10.348432639 +0000 @@ -478,6 +478,7 @@ nneeded * sizeof needed[0]); atomic_write_barrier (); l->l_initfini = l_initfini; + l->l_free_initfini = 1; } /* If we have no auxiliary objects just go on to the next map. */ @@ -678,6 +679,7 @@ l_initfini[nlist] = NULL; atomic_write_barrier (); map->l_initfini = l_initfini; + map->l_free_initfini = 1; if (l_reldeps != NULL) { atomic_write_barrier (); @@ -686,7 +688,7 @@ _dl_scope_free (old_l_reldeps); } if (old_l_initfini != NULL) - map->l_orig_initfini = old_l_initfini; + _dl_scope_free (old_l_initfini); if (errno_reason) _dl_signal_error (errno_reason == -1 ? 0 : errno_reason, objname, --- elf/dl-libc.c 2011-10-07 09:48:55.000000000 +0000 +++ elf/dl-libc.c 2011-10-07 19:43:10.352411141 +0000 @@ -279,6 +279,10 @@ if (! old->dont_free) free (old); } + + /* Free the initfini dependency list. */ + if (l->l_free_initfini) + free (l->l_initfini); } if (__builtin_expect (GL(dl_ns)[ns]._ns_global_scope_alloc, 0) != 0 --- elf/rtld.c 2011-10-07 09:48:55.000000000 +0000 +++ elf/rtld.c 2011-10-07 19:43:10.355406263 +0000 @@ -2263,6 +2263,7 @@ lnp->dont_free = 1; lnp = lnp->next; } + l->l_free_initfini = 0; if (l != &GL(dl_rtld_map)) _dl_relocate_object (l, l->l_scope, GLRO(dl_lazy) ? RTLD_LAZY : 0, --- include/link.h 2011-10-07 09:48:55.000000000 +0000 +++ include/link.h 2011-10-07 19:43:10.357462703 +0000 @@ -192,6 +192,9 @@ during LD_TRACE_PRELINKING=1 contains any DT_SYMBOLIC libraries. */ + unsigned int l_free_initfini:1; /* Nonzero if l_initfini can be + freed, ie. not allocated with + the dummy malloc in ld.so. */ /* Collected information about own RPATH directories. */ struct r_search_path_struct l_rpath_dirs; @@ -240,9 +243,6 @@ /* List of object in order of the init and fini calls. */ struct link_map **l_initfini; - /* The init and fini list generated at startup, saved when the - object is also loaded dynamically. */ - struct link_map **l_orig_initfini; /* List of the dependencies introduced through symbol binding. */ struct link_map_reldeps --- resolv/res_query.c 2011-10-07 09:48:55.000000000 +0000 +++ resolv/res_query.c 2011-10-07 19:43:10.361412711 +0000 @@ -122,6 +122,7 @@ int *resplen2) { HEADER *hp = (HEADER *) answer; + HEADER *hp2; int n, use_malloc = 0; u_int oflags = statp->_flags; @@ -239,26 +240,25 @@ /* __libc_res_nsend might have reallocated the buffer. */ hp = (HEADER *) *answerp; - /* We simplify the following tests by assigning HP to HP2. It - is easy to verify that this is the same as ignoring all - tests of HP2. */ - HEADER *hp2 = answerp2 ? (HEADER *) *answerp2 : hp; - - if (n < (int) sizeof (HEADER) && answerp2 != NULL - && *resplen2 > (int) sizeof (HEADER)) + /* We simplify the following tests by assigning HP to HP2 or + vice versa. It is easy to verify that this is the same as + ignoring all tests of HP or HP2. */ + if (answerp2 == NULL || *resplen2 < (int) sizeof (HEADER)) { - /* Special case of partial answer. */ - assert (hp != hp2); - hp = hp2; + hp2 = hp; } - else if (answerp2 != NULL && *resplen2 < (int) sizeof (HEADER) - && n > (int) sizeof (HEADER)) + else { - /* Special case of partial answer. */ - assert (hp != hp2); - hp2 = hp; + hp2 = (HEADER *) *answerp2; + if (n < (int) sizeof (HEADER)) + { + hp = hp2; + } } + /* Make sure both hp and hp2 are defined */ + assert((hp != NULL) && (hp2 != NULL)); + if ((hp->rcode != NOERROR || ntohs(hp->ancount) == 0) && (hp2->rcode != NOERROR || ntohs(hp2->ancount) == 0)) { #ifdef DEBUG