I got the same bug and found it in BTS.
The last comment is incorrect.
The problem isn't "{"", 0}" - kernel doesn't treat it as terminator,
moreover it stops earlier - on {"linux-gate.so.1", 15}.
The problem is special location of dl_sysinfo_dso.
On my system using "cat /proc/self/maps":
ffffe000-fffff000 ---p 00000000 00:00 0
Base address of linux-gate.so.1 is greater than TASK_SIZE (c0000000).
This DSO is acessible from user space, but not from kernel space :-(
Can be tested by this:
----------------------------------------------------
#include <unistd.h>
#include <string.h>
#include <stdio.h>
#define DSO_BASE 0xffffe
int main()
{
char buf[4096], *gate;
int i;
gate = (char *)(DSO_BASE << 12);
memcpy(buf, gate, 4096);
i = write(1, buf+1, 3); /* "ELF" */
printf("\n%d\n", i);
i = write(1, gate+1, 3); /* "ELF" */
printf("\n%d\n", i);
return 0;
}
----------------------------------------------------
It prints "ELF" only once.
I think, that workaround might be to use something like
strdup() instead of simply passing pointer to l->l_libname->name.
around line 1200 in elf/rtld.c:
if (l->l_info[DT_SONAME] != NULL)
l->l_libname->name = ((char *) D_PTR (l, l_info[DT_STRTAB])
+ l->l_info[DT_SONAME]->d_un.d_val);
Regards
Petr
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
