On Fri, Nov 18, 2016 at 08:05:15PM +0100, Kurt Roeckx wrote: > On Fri, Nov 18, 2016 at 12:59:57PM +0100, Thorsten Glaser wrote: > > Breakpoint 1, OPENSSL_atexit (handler=handler@entry=0xf6745c50 > > <ssl_library_stop>) at crypto/init.c:604 > > 604 { > > > > There is our 0xf6745c50, which is ssl_library_stop… huh? > > [...] > > > > That’s .text of libssl.so.1.1! > > > > So it appears that dynamically loaded libraries are dismantled, > > and OPENSSL_cleanup() is called too late. This might even be a > > bug on other architectures; I’m changing the bug title before > > submitting. > > So that looks like this doesn't work: > /* > * Deliberately leak a reference to the handler. This will force the > * library/code containing the handler to remain loaded until we run > the > * atexit handler. If -znodelete has been used then this is > * unneccessary. > */ > { > DSO *dso = NULL; > > dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE); > DSO_free(dso); > }
According to b6d5ba1a9f004d637acac18ae3519fe063b6b5e1 we should be using -znodelete, but that probably didn't end up in the Debian packaging properly. Kurt