Hi, I encountered this problem while trying an application that uses SDL2.
It turns out that SDL2 opens, closes, and reopens some shared objects from
the X11 sets. And doing that in the specific order it does, one of the
eventual dlopen calls will crash. Here's a minimal test case:
$ ls -ctlah /usr/X11R6/lib/libX{cursor,randr}.so*
-rw-r--r-- 1 root wheel 47.2K Aug 16 19:57 /usr/X11R6/lib/libXrandr.so.7.0
-rw-r--r-- 1 root wheel 49.2K Aug 16 19:57 /usr/X11R6/lib/libXcursor.so.5.0
-rw-r--r-- 1 root wheel 43.0K Jun 30 2013 /usr/X11R6/lib/libXrandr.so.6.2
-rw-r--r-- 1 root wheel 47.6K Jun 30 2013 /usr/X11R6/lib/libXcursor.so.4.0
$ cat test.c
#include <dlfcn.h>
main() {
void *a, *b;
int flag = RTLD_NOW|RTLD_LOCAL;
a = dlopen("libXcursor.so", flag);
b = dlopen("libXrandr.so", flag);
dlclose(a);
dlclose(b);
dlopen("libXcursor.so", flag);
return 0;
}
$ cc test.c
$ ./a.out
Bus error (core dumped)
$ gdb a.out a.out.core
[ .. snip .. ]
#0 _dl_cache_grpsym_list (object=0x110be2bb7400) at
/usr/src/libexec/ld.so/library_subr.c:555
warning: Source file is more recent than executable.
555 _dl_link_grpsym(n->data, 0);
(gdb) p n
$1 = (struct dep_node *) 0xdfdfdfdfdfdfdfdf
(gdb) bt
#0 _dl_cache_grpsym_list (object=0x110be2bb7400)
at /usr/src/libexec/ld.so/library_subr.c:555
#1 0x0000110ba94082fd in _dl_cache_grpsym_list (object=0x110c140a0c00)
at /usr/src/libexec/ld.so/library_subr.c:558
#2 0x0000110ba94082fd in _dl_cache_grpsym_list (object=0x110c140a0800)
at /usr/src/libexec/ld.so/library_subr.c:558
#3 0x0000110ba9403267 in _dl_load_dep_libs (object=0x110c140a0800, flags=1,
booting=0)
at /usr/src/libexec/ld.so/loader.c:347
#4 0x0000110ba9405f99 in dlopen (libname=0x110921800dff "libXcursor.so",
flags=Variable "flags" is not available.)
at /usr/src/libexec/ld.so/dlfcn.c:107
#5 0x0000110921700dda in main () from /tmp/a.out
---
There are some other combinations of shared objects that will also result in
the same crash. It can be worked around by changing the order in which they
are opened or closed (changing both works too). Nothing in the man page
suggests to me that the order should be critical, so this looks like a bug.
I might dig deeper once I find the time, but perhaps someone already
familiar with the code might want to take a look at it before I waste a
week on it ;-)
-Henri
OpenBSD 5.6 (GENERIC.MP) #333: Fri Aug 8 00:20:21 MDT 2014
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 1047068672 (998MB)
avail mem = 1010466816 (963MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xf0760 (31 entries)
bios0: vendor American Megatrends Inc. version "0201" date 02/10/2010
bios0: ASUSTeK Computer INC. 1001PX
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG ECDT OEMB HPET GSCI SSDT
acpi0: wakeup devices P0P1(S4) P0P4(S4) P0P5(S4) P0P6(S4) P0P7(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Atom(TM) CPU N450 @ 1.66GHz, 2333.32 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF,PERF
cpu0: 512KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 166MHz
cpu0: mwait min=64, max=64, C-substates=0.2.2.0.2, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Atom(TM) CPU N450 @ 1.66GHz, 1666.48 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF,PERF
cpu1: 512KB 64b/line 8-way L2 cache
cpu1: smt 1, core 0, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec00000, version 20, 24 pins
ioapic0: misconfigured as apic 1, remapped to apid 2
acpimcfg0 at acpi0 addr 0xe0000000, bus 0-255
acpiec0 at acpi0
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 4 (P0P4)
acpiprt2 at acpi0: bus 2 (P0P5)
acpiprt3 at acpi0: bus -1 (P0P6)
acpiprt4 at acpi0: bus 1 (P0P7)
acpicpu0 at acpi0: C2, C1, PSS
acpicpu1 at acpi0: C2, C1, PSS
acpitz0 at acpi0: critical temperature is 98 degC
acpibat0 at acpi0: BAT0 model "1001PX" serial type LION oem "ASUS"
acpiac0 at acpi0: AC unit online
acpiasus0 at acpi0
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
acpibtn2 at acpi0: PWRB
cpu0: Enhanced SpeedStep 2333 MHz: speeds: 1667, 1333, 1000 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Pineview DMI" rev 0x00
vga1 at pci0 dev 2 function 0 "Intel Pineview Video" rev 0x00
intagp0 at vga1
agp0 at intagp0: aperture at 0xd0000000, size 0x10000000
inteldrm0 at vga1
drm0 at inteldrm0
composite sync not supported
composite sync not supported
inteldrm0: 1024x600
wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
"Intel Pineview Video" rev 0x00 at pci0 dev 2 function 1 not configured
azalia0 at pci0 dev 27 function 0 "Intel 82801GB HD Audio" rev 0x02: msi
azalia0: codecs: Realtek ALC269
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x02: msi
pci1 at ppb0 bus 4
ppb1 at pci0 dev 28 function 1 "Intel 82801GB PCIE" rev 0x02: msi
pci2 at ppb1 bus 2
athn0 at pci2 dev 0 function 0 "Atheros AR2427" rev 0x01: apic 2 int 17
athn0: AR9285 rev 2 (1T1R), ROM rev 13, address 00:25:d3:d5:8a:5e
ppb2 at pci0 dev 28 function 3 "Intel 82801GB PCIE" rev 0x02: msi
pci3 at ppb2 bus 1
alc0 at pci3 dev 0 function 0 "Attansic Technology L2C" rev 0xc0: msi, address
48:5b:39:43:61:40
atphy0 at alc0 phy 0: F1 10/100/1000 PHY, rev. 11
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x02: apic 2 int 23
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x02: apic 2 int 19
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x02: apic 2 int 18
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x02: apic 2 int 16
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x02: apic 2 int 23
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb3 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xe2
pci4 at ppb3 bus 5
pcib0 at pci0 dev 31 function 0 "Intel NM10 LPC" rev 0x02
ahci0 at pci0 dev 31 function 2 "Intel 82801GR AHCI" rev 0x02: msi, AHCI 1.1
scsibus1 at ahci0: 32 targets
sd0 at scsibus1 targ 0 lun 0: <ATA, ST9160301AS, 0001> SCSI3 0/direct fixed
naa.5000c50020a8ce66
sd0: 152627MB, 512 bytes/sector, 312581808 sectors
ichiic0 at pci0 dev 31 function 3 "Intel 82801GB SMBus" rev 0x02: apic 2 int 21
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-6400CL5 SO-DIMM
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pms0: Synaptics touchpad, firmware 7.2
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
umass0 at uhub0 port 5 configuration 1 interface 0 "Generic Mass Storage
Device" rev 2.00/1.00 addr 2
umass0: using SCSI over Bulk-Only
scsibus2 at umass0: 2 targets, initiator 0
sd1 at scsibus2 targ 1 lun 0: <Multiple, Card Reader, 1.00> SCSI0 0/direct
removable serial.058f6366058F63666433
uvideo0 at uhub0 port 6 configuration 1 interface 0 "JMICRON TECHNOLOGIES CO.,
LTD. USB2.0 UVC VGA WebCam" rev 2.00/2.04 addr 3
video0 at uvideo0
uhub5 at uhub1 port 1 "PI Engineering Kinesis Keyboard Hub" rev 1.10/3.20 addr 2
uhidev0 at uhub5 port 2 configuration 1 interface 0 "P.I. Engineering product
0x0007" rev 1.10/3.20 addr 3
uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 variable keys, 6 key codes, country code 33
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
uhidev1 at uhub5 port 2 configuration 1 interface 1 "P.I. Engineering product
0x0007" rev 1.10/3.20 addr 3
uhidev1: iclass 3/0, 3 report ids
uhid0 at uhidev1 reportid 2: input=1, output=0, feature=0
uhid1 at uhidev1 reportid 3: input=3, output=0, feature=0
uhidev2 at uhub5 port 4 configuration 1 interface 0 "Logitech USB-PS/2 Optical
Mouse" rev 2.00/30.00 addr 4
uhidev2: iclass 3/1
ums0 at uhidev2: 8 buttons, Z dir
wsmouse1 at ums0 mux 0
uhidev3 at uhub2 port 1 configuration 1 interface 0 "SteelSeries Kana v2 Gaming
Mouse" rev 1.10/1.14 addr 2
uhidev3: iclass 3/0
uhid2 at uhidev3: input=32, output=32, feature=255
uhidev4 at uhub2 port 1 configuration 1 interface 1 "SteelSeries Kana v2 Gaming
Mouse" rev 1.10/1.14 addr 2
uhidev4: iclass 3/1
ums1 at uhidev4: 5 buttons, Z dir
wsmouse2 at ums1 mux 0
vscsi0 at root
scsibus3 at vscsi0: 256 targets
softraid0 at root
scsibus4 at softraid0: 256 targets
root on sd0a (3fd2f4716a6f5a44.a) swap on sd0b dump on sd0b
