1/* Look up a symbol in the loaded objects.
2 Copyright (C) 1995-2024 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <https://www.gnu.org/licenses/>. */
18
19#include <libintl.h>
20#include <stdlib.h>
21#include <string.h>
22#include <unistd.h>
23#include <ldsodefs.h>
24#include <dl-hash.h>
25#include <dl-machine.h>
26#include <dl-new-hash.h>
27#include <dl-protected.h>
28#include <sysdep-cancel.h>
29#include <libc-lock.h>
30#include <tls.h>
31#include <atomic.h>
32#include <elf_machine_sym_no_match.h>
33
34#include <assert.h>
35
36#define VERSTAG(tag) (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGIDX (tag))
37
38struct sym_val
39 {
40 const ElfW(Sym) *s;
41 struct link_map *m;
42 };
43
44
45/* Statistics function. */
46#ifdef SHARED
47# define bump_num_relocations() ++GL(dl_num_relocations)
48#else
49# define bump_num_relocations() ((void) 0)
50#endif
51
52/* Utility function for do_lookup_x. The caller is called with undef_name,
53 ref, version, flags and type_class, and those are passed as the first
54 five arguments. The caller then computes sym, symidx, strtab, and map
55 and passes them as the next four arguments. Lastly the caller passes in
56 versioned_sym and num_versions which are modified by check_match during
57 the checking process. */
58static const ElfW(Sym) *
59check_match (const char *const undef_name,
60 const ElfW(Sym) *const ref,
61 const struct r_found_version *const version,
62 const int flags,
63 const int type_class,
64 const ElfW(Sym) *const sym,
65 const Elf_Symndx symidx,
66 const char *const strtab,
67 const struct link_map *const map,
68 const ElfW(Sym) **const versioned_sym,
69 int *const num_versions)
70{
71 unsigned int stt = ELFW(ST_TYPE) (sym->st_info);
72 assert (ELF_RTYPE_CLASS_PLT == 1);
73 if (__glibc_unlikely ((sym->st_value == 0 /* No value. */
74 && sym->st_shndx != SHN_ABS
75 && stt != STT_TLS)
76 || elf_machine_sym_no_match (sym)
77 || (type_class & (sym->st_shndx == SHN_UNDEF))))
78 return NULL;
79
80 /* Ignore all but STT_NOTYPE, STT_OBJECT, STT_FUNC,
81 STT_COMMON, STT_TLS, and STT_GNU_IFUNC since these are no
82 code/data definitions. */
83#define ALLOWED_STT \
84 ((1 << STT_NOTYPE) | (1 << STT_OBJECT) | (1 << STT_FUNC) \
85 | (1 << STT_COMMON) | (1 << STT_TLS) | (1 << STT_GNU_IFUNC))
86 if (__glibc_unlikely (((1 << stt) & ALLOWED_STT) == 0))
87 return NULL;
88
89 if (sym != ref && strcmp (strtab + sym->st_name, undef_name))
90 /* Not the symbol we are looking for. */
91 return NULL;
92
93 const ElfW(Half) *verstab = map->l_versyms;
94 if (version != NULL)
95 {
96 if (__glibc_unlikely (verstab == NULL))
97 {
98 /* We need a versioned symbol but haven't found any. If
99 this is the object which is referenced in the verneed
100 entry it is a bug in the library since a symbol must
101 not simply disappear.
102
103 It would also be a bug in the object since it means that
104 the list of required versions is incomplete and so the
105 tests in dl-version.c haven't found a problem.*/
106 assert (version->filename == NULL
107 || ! _dl_name_match_p (version->filename, map));
108
109 /* Otherwise we accept the symbol. */
110 }
111 else
112 {
113 /* We can match the version information or use the
114 default one if it is not hidden. */
115 ElfW(Half) ndx = verstab[symidx] & 0x7fff;
116 if ((map->l_versions[ndx].hash != version->hash
117 || strcmp (map->l_versions[ndx].name, version->name))
118 && (version->hidden || map->l_versions[ndx].hash
119 || (verstab[symidx] & 0x8000)))
120 /* It's not the version we want. */
121 return NULL;
122 }
123 }
124 else
125 {
126 /* No specific version is selected. There are two ways we
127 can got here:
128
129 - a binary which does not include versioning information
130 is loaded
131
132 - dlsym() instead of dlvsym() is used to get a symbol which
133 might exist in more than one form
134
135 If the library does not provide symbol version information
136 there is no problem at all: we simply use the symbol if it
137 is defined.
138
139 These two lookups need to be handled differently if the
140 library defines versions. In the case of the old
141 unversioned application the oldest (default) version
142 should be used. In case of a dlsym() call the latest and
143 public interface should be returned. */
144 if (verstab != NULL)
145 {
146 if ((verstab[symidx] & 0x7fff)
147 >= ((flags & DL_LOOKUP_RETURN_NEWEST) ? 2 : 3))
148 {
149 /* Don't accept hidden symbols. */
150 if ((verstab[symidx] & 0x8000) == 0
151 && (*num_versions)++ == 0)
152 /* No version so far. */
153 *versioned_sym = sym;
154
155 return NULL;
156 }
157 }
158 }
159
160 /* There cannot be another entry for this symbol so stop here. */
161 return sym;
162}
163
164/* Utility function for do_lookup_unique. Add a symbol to TABLE. */
165static void
166enter_unique_sym (struct unique_sym *table, size_t size,
167 unsigned int hash, const char *name,
168 const ElfW(Sym) *sym, const struct link_map *map)
169{
170 size_t idx = hash % size;
171 size_t hash2 = 1 + hash % (size - 2);
172 while (table[idx].name != NULL)
173 {
174 idx += hash2;
175 if (idx >= size)
176 idx -= size;
177 }
178
179 table[idx].hashval = hash;
180 table[idx].name = name;
181 table[idx].sym = sym;
182 table[idx].map = map;
183}
184
185/* Mark MAP as NODELETE according to the lookup mode in FLAGS. During
186 initial relocation, NODELETE state is pending only. */
187static void
188mark_nodelete (struct link_map *map, int flags)
189{
190 if (flags & DL_LOOKUP_FOR_RELOCATE)
191 map->l_nodelete_pending = true;
192 else
193 map->l_nodelete_active = true;
194}
195
196/* Return true if MAP is marked as NODELETE according to the lookup
197 mode in FLAGS> */
198static bool
199is_nodelete (struct link_map *map, int flags)
200{
201 /* Non-pending NODELETE always counts. Pending NODELETE only counts
202 during initial relocation processing. */
203 return map->l_nodelete_active
204 || ((flags & DL_LOOKUP_FOR_RELOCATE) && map->l_nodelete_pending);
205}
206
207/* Utility function for do_lookup_x. Lookup an STB_GNU_UNIQUE symbol
208 in the unique symbol table, creating a new entry if necessary.
209 Return the matching symbol in RESULT. */
210static void
211do_lookup_unique (const char *undef_name, unsigned int new_hash,
212 struct link_map *map, struct sym_val *result,
213 int type_class, const ElfW(Sym) *sym, const char *strtab,
214 const ElfW(Sym) *ref, const struct link_map *undef_map,
215 int flags)
216{
217 /* We have to determine whether we already found a symbol with this
218 name before. If not then we have to add it to the search table.
219 If we already found a definition we have to use it. */
220
221 struct unique_sym_table *tab
222 = &GL(dl_ns)[map->l_ns]._ns_unique_sym_table;
223
224 __rtld_lock_lock_recursive (tab->lock);
225
226 struct unique_sym *entries = tab->entries;
227 size_t size = tab->size;
228 if (entries != NULL)
229 {
230 size_t idx = new_hash % size;
231 size_t hash2 = 1 + new_hash % (size - 2);
232 while (1)
233 {
234 if (entries[idx].hashval == new_hash
235 && strcmp (entries[idx].name, undef_name) == 0)
236 {
237 if ((type_class & ELF_RTYPE_CLASS_COPY) != 0)
238 {
239 /* We possibly have to initialize the central
240 copy from the copy addressed through the
241 relocation. */
242 result->s = sym;
243 result->m = map;
244 }
245 else
246 {
247 result->s = entries[idx].sym;
248 result->m = (struct link_map *) entries[idx].map;
249 }
250 __rtld_lock_unlock_recursive (tab->lock);
251 return;
252 }
253
254 if (entries[idx].name == NULL)
255 break;
256
257 idx += hash2;
258 if (idx >= size)
259 idx -= size;
260 }
261
262 if (size * 3 <= tab->n_elements * 4)
263 {
264 /* Expand the table. */
265#ifdef RTLD_CHECK_FOREIGN_CALL
266 /* This must not happen during runtime relocations. */
267 assert (!RTLD_CHECK_FOREIGN_CALL);
268#endif
269 size_t newsize = _dl_higher_prime_number (n: size + 1);
270 struct unique_sym *newentries
271 = calloc (nmemb: sizeof (struct unique_sym), size: newsize);
272 if (newentries == NULL)
273 {
274 nomem:
275 __rtld_lock_unlock_recursive (tab->lock);
276 _dl_fatal_printf (fmt: "out of memory\n");
277 }
278
279 for (idx = 0; idx < size; ++idx)
280 if (entries[idx].name != NULL)
281 enter_unique_sym (table: newentries, size: newsize, hash: entries[idx].hashval,
282 name: entries[idx].name, sym: entries[idx].sym,
283 map: entries[idx].map);
284
285 tab->free (entries);
286 tab->size = newsize;
287 size = newsize;
288 entries = tab->entries = newentries;
289 tab->free = __rtld_free;
290 }
291 }
292 else
293 {
294#ifdef RTLD_CHECK_FOREIGN_CALL
295 /* This must not happen during runtime relocations. */
296 assert (!RTLD_CHECK_FOREIGN_CALL);
297#endif
298
299#define INITIAL_NUNIQUE_SYM_TABLE 31
300 size = INITIAL_NUNIQUE_SYM_TABLE;
301 entries = calloc (nmemb: sizeof (struct unique_sym), size: size);
302 if (entries == NULL)
303 goto nomem;
304
305 tab->entries = entries;
306 tab->size = size;
307 tab->free = __rtld_free;
308 }
309
310 if ((type_class & ELF_RTYPE_CLASS_COPY) != 0)
311 enter_unique_sym (table: entries, size, hash: new_hash, name: strtab + sym->st_name, sym: ref,
312 map: undef_map);
313 else
314 {
315 enter_unique_sym (table: entries, size,
316 hash: new_hash, name: strtab + sym->st_name, sym, map);
317
318 if (map->l_type == lt_loaded && !is_nodelete (map, flags))
319 {
320 /* Make sure we don't unload this object by
321 setting the appropriate flag. */
322 if (__glibc_unlikely (GLRO (dl_debug_mask) & DL_DEBUG_BINDINGS))
323 _dl_debug_printf (fmt: "\
324marking %s [%lu] as NODELETE due to unique symbol\n",
325 map->l_name, map->l_ns);
326 mark_nodelete (map, flags);
327 }
328 }
329 ++tab->n_elements;
330
331 __rtld_lock_unlock_recursive (tab->lock);
332
333 result->s = sym;
334 result->m = (struct link_map *) map;
335}
336
337/* Inner part of the lookup functions. We return a value > 0 if we
338 found the symbol, the value 0 if nothing is found and < 0 if
339 something bad happened. */
340static int
341__attribute_noinline__
342do_lookup_x (const char *undef_name, unsigned int new_hash,
343 unsigned long int *old_hash, const ElfW(Sym) *ref,
344 struct sym_val *result, struct r_scope_elem *scope, size_t i,
345 const struct r_found_version *const version, int flags,
346 struct link_map *skip, int type_class, struct link_map *undef_map)
347{
348 size_t n = scope->r_nlist;
349 /* Make sure we read the value before proceeding. Otherwise we
350 might use r_list pointing to the initial scope and r_nlist being
351 the value after a resize. That is the only path in dl-open.c not
352 protected by GSCOPE. A read barrier here might be to expensive. */
353 __asm volatile ("" : "+r" (n), "+m" (scope->r_list));
354 struct link_map **list = scope->r_list;
355
356 do
357 {
358 const struct link_map *map = list[i]->l_real;
359
360 /* Here come the extra test needed for `_dl_lookup_symbol_skip'. */
361 if (map == skip)
362 continue;
363
364 /* Don't search the executable when resolving a copy reloc. */
365 if ((type_class & ELF_RTYPE_CLASS_COPY) && map->l_type == lt_executable)
366 continue;
367
368 /* Do not look into objects which are going to be removed,
369 except when the referencing object itself is being removed.
370
371 The second part covers the situation when an object lazily
372 binds to another object while running its destructor, but the
373 destructor of the other object has already run, so that
374 dlclose has set l_removed. It may not always be obvious how
375 to avoid such a scenario to programmers creating DSOs,
376 particularly if C++ vague linkage is involved and triggers
377 symbol interposition.
378
379 Accepting these to-be-removed objects makes the lazy and
380 BIND_NOW cases more similar. (With BIND_NOW, the symbol is
381 resolved early, before the destructor call, so the issue does
382 not arise.). Behavior matches the constructor scenario: the
383 implementation allows binding to symbols of objects whose
384 constructors have not run. In fact, not doing this would be
385 mostly incompatible with symbol interposition. */
386 if (map->l_removed && !(undef_map != NULL && undef_map->l_removed))
387 continue;
388
389 /* Print some debugging info if wanted. */
390 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_SYMBOLS))
391 _dl_debug_printf (fmt: "symbol=%s; lookup in file=%s [%lu]\n",
392 undef_name, DSO_FILENAME (map->l_name),
393 map->l_ns);
394
395 /* If the hash table is empty there is nothing to do here. */
396 if (map->l_nbuckets == 0)
397 continue;
398
399 Elf_Symndx symidx;
400 int num_versions = 0;
401 const ElfW(Sym) *versioned_sym = NULL;
402
403 /* The tables for this map. */
404 const ElfW(Sym) *symtab = (const void *) D_PTR (map, l_info[DT_SYMTAB]);
405 const char *strtab = (const void *) D_PTR (map, l_info[DT_STRTAB]);
406
407 const ElfW(Sym) *sym;
408 const ElfW(Addr) *bitmask = map->l_gnu_bitmask;
409 if (__glibc_likely (bitmask != NULL))
410 {
411 ElfW(Addr) bitmask_word
412 = bitmask[(new_hash / __ELF_NATIVE_CLASS)
413 & map->l_gnu_bitmask_idxbits];
414
415 unsigned int hashbit1 = new_hash & (__ELF_NATIVE_CLASS - 1);
416 unsigned int hashbit2 = ((new_hash >> map->l_gnu_shift)
417 & (__ELF_NATIVE_CLASS - 1));
418
419 if (__glibc_unlikely ((bitmask_word >> hashbit1)
420 & (bitmask_word >> hashbit2) & 1))
421 {
422 Elf32_Word bucket = map->l_gnu_buckets[new_hash
423 % map->l_nbuckets];
424 if (bucket != 0)
425 {
426 const Elf32_Word *hasharr = &map->l_gnu_chain_zero[bucket];
427
428 do
429 if (((*hasharr ^ new_hash) >> 1) == 0)
430 {
431 symidx = ELF_MACHINE_HASH_SYMIDX (map, hasharr);
432 sym = check_match (undef_name, ref, version, flags,
433 type_class, sym: &symtab[symidx], symidx,
434 strtab, map, versioned_sym: &versioned_sym,
435 num_versions: &num_versions);
436 if (sym != NULL)
437 goto found_it;
438 }
439 while ((*hasharr++ & 1u) == 0);
440 }
441 }
442 /* No symbol found. */
443 symidx = SHN_UNDEF;
444 }
445 else
446 {
447 if (*old_hash == 0xffffffff)
448 *old_hash = _dl_elf_hash (name_arg: undef_name);
449
450 /* Use the old SysV-style hash table. Search the appropriate
451 hash bucket in this object's symbol table for a definition
452 for the same symbol name. */
453 for (symidx = map->l_buckets[*old_hash % map->l_nbuckets];
454 symidx != STN_UNDEF;
455 symidx = map->l_chain[symidx])
456 {
457 sym = check_match (undef_name, ref, version, flags,
458 type_class, sym: &symtab[symidx], symidx,
459 strtab, map, versioned_sym: &versioned_sym,
460 num_versions: &num_versions);
461 if (sym != NULL)
462 goto found_it;
463 }
464 }
465
466 /* If we have seen exactly one versioned symbol while we are
467 looking for an unversioned symbol and the version is not the
468 default version we still accept this symbol since there are
469 no possible ambiguities. */
470 sym = num_versions == 1 ? versioned_sym : NULL;
471
472 if (sym != NULL)
473 {
474 found_it:
475 /* Hidden and internal symbols are local, ignore them. */
476 if (__glibc_unlikely (dl_symbol_visibility_binds_local_p (sym)))
477 goto skip;
478
479 if (ELFW(ST_VISIBILITY) (sym->st_other) == STV_PROTECTED)
480 _dl_check_protected_symbol (undef_name, undef_map, ref, map,
481 type_class);
482
483 switch (ELFW(ST_BIND) (sym->st_info))
484 {
485 case STB_WEAK:
486 /* Weak definition. Use this value if we don't find another. */
487 if (__glibc_unlikely (GLRO(dl_dynamic_weak)))
488 {
489 if (! result->s)
490 {
491 result->s = sym;
492 result->m = (struct link_map *) map;
493 }
494 break;
495 }
496 /* FALLTHROUGH */
497 case STB_GLOBAL:
498 /* Global definition. Just what we need. */
499 result->s = sym;
500 result->m = (struct link_map *) map;
501 return 1;
502
503 case STB_GNU_UNIQUE:;
504 do_lookup_unique (undef_name, new_hash, map: (struct link_map *) map,
505 result, type_class, sym, strtab, ref,
506 undef_map, flags);
507 return 1;
508
509 default:
510 /* Local symbols are ignored. */
511 break;
512 }
513 }
514
515skip:
516 ;
517 }
518 while (++i < n);
519
520 /* We have not found anything until now. */
521 return 0;
522}
523
524
525/* Add extra dependency on MAP to UNDEF_MAP. */
526static int
527add_dependency (struct link_map *undef_map, struct link_map *map, int flags)
528{
529 struct link_map *runp;
530 unsigned int i;
531 int result = 0;
532
533 /* Avoid self-references and references to objects which cannot be
534 unloaded anyway. */
535 if (undef_map == map)
536 return 0;
537
538 /* Avoid references to objects which cannot be unloaded anyway. We
539 do not need to record dependencies if this object goes away
540 during dlopen failure, either. IFUNC resolvers with relocation
541 dependencies may pick an dependency which can be dlclose'd, but
542 such IFUNC resolvers are undefined anyway. */
543 assert (map->l_type == lt_loaded);
544 if (is_nodelete (map, flags))
545 return 0;
546
547 struct link_map_reldeps *l_reldeps
548 = atomic_forced_read (undef_map->l_reldeps);
549
550 /* Make sure l_reldeps is read before l_initfini. */
551 atomic_read_barrier ();
552
553 /* Determine whether UNDEF_MAP already has a reference to MAP. First
554 look in the normal dependencies. */
555 struct link_map **l_initfini = atomic_forced_read (undef_map->l_initfini);
556 if (l_initfini != NULL)
557 {
558 for (i = 0; l_initfini[i] != NULL; ++i)
559 if (l_initfini[i] == map)
560 return 0;
561 }
562
563 /* No normal dependency. See whether we already had to add it
564 to the special list of dynamic dependencies. */
565 unsigned int l_reldepsact = 0;
566 if (l_reldeps != NULL)
567 {
568 struct link_map **list = &l_reldeps->list[0];
569 l_reldepsact = l_reldeps->act;
570 for (i = 0; i < l_reldepsact; ++i)
571 if (list[i] == map)
572 return 0;
573 }
574
575 /* Save serial number of the target MAP. */
576 unsigned long long serial = map->l_serial;
577
578 /* Make sure nobody can unload the object while we are at it. */
579 if (__glibc_unlikely (flags & DL_LOOKUP_GSCOPE_LOCK))
580 {
581 /* We can't just call __rtld_lock_lock_recursive (GL(dl_load_lock))
582 here, that can result in ABBA deadlock. */
583 THREAD_GSCOPE_RESET_FLAG ();
584 __rtld_lock_lock_recursive (GL(dl_load_lock));
585 /* While MAP value won't change, after THREAD_GSCOPE_RESET_FLAG ()
586 it can e.g. point to unallocated memory. So avoid the optimizer
587 treating the above read from MAP->l_serial as ensurance it
588 can safely dereference it. */
589 map = atomic_forced_read (map);
590
591 /* From this point on it is unsafe to dereference MAP, until it
592 has been found in one of the lists. */
593
594 /* Redo the l_initfini check in case undef_map's l_initfini
595 changed in the mean time. */
596 if (undef_map->l_initfini != l_initfini
597 && undef_map->l_initfini != NULL)
598 {
599 l_initfini = undef_map->l_initfini;
600 for (i = 0; l_initfini[i] != NULL; ++i)
601 if (l_initfini[i] == map)
602 goto out_check;
603 }
604
605 /* Redo the l_reldeps check if undef_map's l_reldeps changed in
606 the mean time. */
607 if (undef_map->l_reldeps != NULL)
608 {
609 if (undef_map->l_reldeps != l_reldeps)
610 {
611 struct link_map **list = &undef_map->l_reldeps->list[0];
612 l_reldepsact = undef_map->l_reldeps->act;
613 for (i = 0; i < l_reldepsact; ++i)
614 if (list[i] == map)
615 goto out_check;
616 }
617 else if (undef_map->l_reldeps->act > l_reldepsact)
618 {
619 struct link_map **list
620 = &undef_map->l_reldeps->list[0];
621 i = l_reldepsact;
622 l_reldepsact = undef_map->l_reldeps->act;
623 for (; i < l_reldepsact; ++i)
624 if (list[i] == map)
625 goto out_check;
626 }
627 }
628 }
629 else
630 __rtld_lock_lock_recursive (GL(dl_load_lock));
631
632 /* The object is not yet in the dependency list. Before we add
633 it make sure just one more time the object we are about to
634 reference is still available. There is a brief period in
635 which the object could have been removed since we found the
636 definition. */
637 runp = GL(dl_ns)[undef_map->l_ns]._ns_loaded;
638 while (runp != NULL && runp != map)
639 runp = runp->l_next;
640
641 if (runp != NULL)
642 {
643 /* The object is still available. */
644
645 /* MAP could have been dlclosed, freed and then some other dlopened
646 library could have the same link_map pointer. */
647 if (map->l_serial != serial)
648 goto out_check;
649
650 /* Redo the NODELETE check, as when dl_load_lock wasn't held
651 yet this could have changed. */
652 if (is_nodelete (map, flags))
653 goto out;
654
655 /* If the object with the undefined reference cannot be removed ever
656 just make sure the same is true for the object which contains the
657 definition. */
658 if (undef_map->l_type != lt_loaded || is_nodelete (map, flags))
659 {
660 if (__glibc_unlikely (GLRO (dl_debug_mask) & DL_DEBUG_BINDINGS)
661 && !is_nodelete (map, flags))
662 {
663 if (undef_map->l_name[0] == '\0')
664 _dl_debug_printf (fmt: "\
665marking %s [%lu] as NODELETE due to reference from main program\n",
666 map->l_name, map->l_ns);
667 else
668 _dl_debug_printf (fmt: "\
669marking %s [%lu] as NODELETE due to reference from %s [%lu]\n",
670 map->l_name, map->l_ns,
671 undef_map->l_name, undef_map->l_ns);
672 }
673 mark_nodelete (map, flags);
674 goto out;
675 }
676
677 /* Add the reference now. */
678 if (__glibc_unlikely (l_reldepsact >= undef_map->l_reldepsmax))
679 {
680 /* Allocate more memory for the dependency list. Since this
681 can never happen during the startup phase we can use
682 `realloc'. */
683 struct link_map_reldeps *newp;
684 unsigned int max
685 = undef_map->l_reldepsmax ? undef_map->l_reldepsmax * 2 : 10;
686
687#ifdef RTLD_PREPARE_FOREIGN_CALL
688 RTLD_PREPARE_FOREIGN_CALL;
689#endif
690
691 newp = malloc (size: sizeof (*newp) + max * sizeof (struct link_map *));
692 if (newp == NULL)
693 {
694 /* If we didn't manage to allocate memory for the list this is
695 no fatal problem. We simply make sure the referenced object
696 cannot be unloaded. This is semantically the correct
697 behavior. */
698 if (__glibc_unlikely (GLRO (dl_debug_mask) & DL_DEBUG_BINDINGS)
699 && !is_nodelete (map, flags))
700 _dl_debug_printf (fmt: "\
701marking %s [%lu] as NODELETE due to memory allocation failure\n",
702 map->l_name, map->l_ns);
703 /* In case of non-lazy binding, we could actually report
704 the memory allocation error, but for now, we use the
705 conservative approximation as well. */
706 mark_nodelete (map, flags);
707 goto out;
708 }
709 else
710 {
711 if (l_reldepsact)
712 memcpy (&newp->list[0], &undef_map->l_reldeps->list[0],
713 l_reldepsact * sizeof (struct link_map *));
714 newp->list[l_reldepsact] = map;
715 newp->act = l_reldepsact + 1;
716 atomic_write_barrier ();
717 void *old = undef_map->l_reldeps;
718 undef_map->l_reldeps = newp;
719 undef_map->l_reldepsmax = max;
720 if (old)
721 _dl_scope_free (old);
722 }
723 }
724 else
725 {
726 undef_map->l_reldeps->list[l_reldepsact] = map;
727 atomic_write_barrier ();
728 undef_map->l_reldeps->act = l_reldepsact + 1;
729 }
730
731 /* Display information if we are debugging. */
732 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES))
733 _dl_debug_printf (fmt: "\
734\nfile=%s [%lu]; needed by %s [%lu] (relocation dependency)\n\n",
735 DSO_FILENAME (map->l_name),
736 map->l_ns,
737 DSO_FILENAME (undef_map->l_name),
738 undef_map->l_ns);
739 }
740 else
741 /* Whoa, that was bad luck. We have to search again. */
742 result = -1;
743
744 out:
745 /* Release the lock. */
746 __rtld_lock_unlock_recursive (GL(dl_load_lock));
747
748 if (__glibc_unlikely (flags & DL_LOOKUP_GSCOPE_LOCK))
749 THREAD_GSCOPE_SET_FLAG ();
750
751 return result;
752
753 out_check:
754 if (map->l_serial != serial)
755 result = -1;
756 goto out;
757}
758
759
760/* Search loaded objects' symbol tables for a definition of the symbol
761 UNDEF_NAME, perhaps with a requested version for the symbol.
762
763 We must never have calls to the audit functions inside this function
764 or in any function which gets called. If this would happen the audit
765 code might create a thread which can throw off all the scope locking. */
766lookup_t
767_dl_lookup_symbol_x (const char *undef_name, struct link_map *undef_map,
768 const ElfW(Sym) **ref,
769 struct r_scope_elem *symbol_scope[],
770 const struct r_found_version *version,
771 int type_class, int flags, struct link_map *skip_map)
772{
773 const unsigned int new_hash = _dl_new_hash (str: undef_name);
774 unsigned long int old_hash = 0xffffffff;
775 struct sym_val current_value = { NULL, NULL };
776 struct r_scope_elem **scope = symbol_scope;
777
778 bump_num_relocations ();
779
780 /* DL_LOOKUP_RETURN_NEWEST does not make sense for versioned
781 lookups. */
782 assert (version == NULL || !(flags & DL_LOOKUP_RETURN_NEWEST));
783
784 size_t i = 0;
785 if (__glibc_unlikely (skip_map != NULL))
786 /* Search the relevant loaded objects for a definition. */
787 while ((*scope)->r_list[i] != skip_map)
788 ++i;
789
790 /* Search the relevant loaded objects for a definition. */
791 for (size_t start = i; *scope != NULL; start = 0, ++scope)
792 if (do_lookup_x (undef_name, new_hash, old_hash: &old_hash, ref: *ref,
793 result: &current_value, scope: *scope, i: start, version, flags,
794 skip: skip_map, type_class, undef_map) != 0)
795 break;
796
797 if (__glibc_unlikely (current_value.s == NULL))
798 {
799 if ((*ref == NULL || ELFW(ST_BIND) ((*ref)->st_info) != STB_WEAK)
800 && !(GLRO(dl_debug_mask) & DL_DEBUG_UNUSED))
801 {
802 /* We could find no value for a strong reference. */
803 const char *reference_name = undef_map ? undef_map->l_name : "";
804 const char *versionstr = version ? ", version " : "";
805 const char *versionname = (version && version->name
806 ? version->name : "");
807 struct dl_exception exception;
808 /* XXX We cannot translate the message. */
809 _dl_exception_create_format
810 (&exception, DSO_FILENAME (reference_name),
811 fmt: "undefined symbol: %s%s%s",
812 undef_name, versionstr, versionname);
813 _dl_signal_cexception (errcode: 0, exception: &exception, N_("symbol lookup error"));
814 _dl_exception_free (&exception);
815 }
816 *ref = NULL;
817 return 0;
818 }
819
820 int protected = (*ref
821 && ELFW(ST_VISIBILITY) ((*ref)->st_other) == STV_PROTECTED);
822 if (__glibc_unlikely (protected != 0))
823 {
824 /* It is very tricky. We need to figure out what value to
825 return for the protected symbol. */
826 if (type_class == ELF_RTYPE_CLASS_PLT)
827 {
828 if (current_value.s != NULL && current_value.m != undef_map)
829 {
830 current_value.s = *ref;
831 current_value.m = undef_map;
832 }
833 }
834 else
835 {
836 struct sym_val protected_value = { NULL, NULL };
837
838 for (scope = symbol_scope; *scope != NULL; i = 0, ++scope)
839 if (do_lookup_x (undef_name, new_hash, old_hash: &old_hash, ref: *ref,
840 result: &protected_value, scope: *scope, i, version, flags,
841 skip: skip_map, ELF_RTYPE_CLASS_PLT, NULL) != 0)
842 break;
843
844 if (protected_value.s != NULL && protected_value.m != undef_map)
845 {
846 current_value.s = *ref;
847 current_value.m = undef_map;
848 }
849 }
850 }
851
852 /* We have to check whether this would bind UNDEF_MAP to an object
853 in the global scope which was dynamically loaded. In this case
854 we have to prevent the latter from being unloaded unless the
855 UNDEF_MAP object is also unloaded. */
856 if (__glibc_unlikely (current_value.m->l_type == lt_loaded)
857 /* Don't do this for explicit lookups as opposed to implicit
858 runtime lookups. */
859 && (flags & DL_LOOKUP_ADD_DEPENDENCY) != 0
860 /* Add UNDEF_MAP to the dependencies. */
861 && add_dependency (undef_map, map: current_value.m, flags) < 0)
862 /* Something went wrong. Perhaps the object we tried to reference
863 was just removed. Try finding another definition. */
864 return _dl_lookup_symbol_x (undef_name, undef_map, ref,
865 symbol_scope: (flags & DL_LOOKUP_GSCOPE_LOCK)
866 ? undef_map->l_scope : symbol_scope,
867 version, type_class, flags, skip_map);
868
869 /* The object is used. */
870 if (__glibc_unlikely (current_value.m->l_used == 0))
871 current_value.m->l_used = 1;
872
873 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_BINDINGS))
874 {
875 const char *reference_name = undef_map->l_name;
876
877 _dl_debug_printf (fmt: "binding file %s [%lu] to %s [%lu]: %s symbol `%s'",
878 DSO_FILENAME (reference_name),
879 undef_map->l_ns,
880 DSO_FILENAME (current_value.m->l_name),
881 current_value.m->l_ns,
882 protected ? "protected" : "normal", undef_name);
883 if (version)
884 _dl_debug_printf_c (fmt: " [%s]\n", version->name);
885 else
886 _dl_debug_printf_c (fmt: "\n");
887 }
888
889
890 *ref = current_value.s;
891 return LOOKUP_VALUE (current_value.m);
892}
893

source code of glibc/elf/dl-lookup.c