From nobody Sat Apr  5 00:48:17 2025
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZTxfT64mDz5shSS;
	Sat, 05 Apr 2025 00:48:17 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4ZTxfT5ChCz3lLK;
	Sat, 05 Apr 2025 00:48:17 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1743814097;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=LL8njGV6qVyjQh6BG31Lc6xMmnPZRcOG8qGEZEI0/v8=;
	b=N2qpKdv58i9PUJ50qdyuIhIG3qmLTxQs5jOhCl4dBE03LuUfO7S4Rmlk22U2Fp4ZPAsVBq
	9eynttQTCR8LanALaLziJYVHJaNl/oY05huGxmXs5//Ag1a8/ABh/EldoH+ameeQNd6KuU
	0Mo18h8VeMPz/MgtXlcRB7OJkvav07n8/FsdtHBN6Ep2obNfrkW1g6maYTr8gi4hK9is8b
	N+Siq42dMaWzg8ZGvmvK9AsE0VeiBBVC59FFVlJ/GkSBYmJQgX6Sv+kEbUzhEedlJo7tBG
	ewRrP54vzyTAhapzVCTPtzPpCnfkCBoXQ0ig2XxV0tdPdpXIq3QjaMd/EcFhxQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1743814097; a=rsa-sha256; cv=none;
	b=o9Rxohe9tt/rnV8xGSoqstDfJvCoVU9eaGFarmG0beRX7U7MNt82POSpykjaS8jrRYnnij
	wxywPb9kfOns0AJiBAqEuaf4L4MBSOAbeJbDTcUtrLwumll2QUFKdLG3e8lQgWhnxHr9/W
	1DpZNi1QrY0gPe2BjuW7yB/kSfKYuR9HuJuWqVAjBpeh2QulAxNM+BAwVtvjSnhXMv8xhv
	OpVnmyMkYPj999kiQSS8rx/y9kylLGPv/C1nPMffH+9Z345WxqGqCCgHX1swQVEFB76sxq
	cuCoak3DNz9iQfdZ7bKB9Jr3sv3UTUobJDmpDWR/C+sjSiFTdhi5O4mGGFpFWw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1743814097;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=LL8njGV6qVyjQh6BG31Lc6xMmnPZRcOG8qGEZEI0/v8=;
	b=jRIbnoRgJkVpVRO3eCq102Eu7KZgtbDGb3MYUtvUGbMlTxKguCrOkviTNNUgvC1gCOeLX6
	UFr9POOnBxfhu5GIpXXY6OkDktvQUIloKlFNRa9lE5qIuj02Ng3jiiXBKOGZDG8iAElhMC
	WwlNJmZdPnZW+Xjv/6gAlmX8N9UjIUNtBZPw66UT79hJtYXU3yfgtwDwqw50YoIY6Qv5/H
	tT03sff9iy5PManhsba1PSuAoV6o4fbpkQIJGYDpQwPq4cD+8g5JYB+0ZO7L+Zg0sF/bAM
	pN61FPzHPD5geapzXNtRprjpAiLMXn/xdwBPUcDMl2HLl4tiTTwpy/BVmEBDpw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ZTxfT4l5yz17C1;
	Sat, 05 Apr 2025 00:48:17 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 5350mHqo012856;
	Sat, 5 Apr 2025 00:48:17 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 5350mHXh012853;
	Sat, 5 Apr 2025 00:48:17 GMT
	(envelope-from git)
Date: Sat, 5 Apr 2025 00:48:17 GMT
Message-Id: <202504050048.5350mHXh012853@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Kyle Evans <kevans@FreeBSD.org>
Subject: git: 23427c8e1fed - main - libc: allow __cxa_atexit handlers
  to be added during __cxa_finalize
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kevans
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 23427c8e1fedb9fc68ad0bd27a59c7ffd2b3008c
Auto-Submitted: auto-generated

The branch main has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=23427c8e1fedb9fc68ad0bd27a59c7ffd2b3008c

commit 23427c8e1fedb9fc68ad0bd27a59c7ffd2b3008c
Author:     Aurélien Croc de Suray <freebsd@ap2c.com>
AuthorDate: 2025-04-05 00:47:53 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2025-04-05 00:47:53 +0000

    libc: allow __cxa_atexit handlers to be added during __cxa_finalize
    
    science/dlib-cpp reveals an interesting scenario that works fine on
    other platforms but not on FreeBSD; notably, it ends up creating a new
    global object from some destructor which is called during
    __cxa_finalize.  This breaks when libdlib is dlopen()ed and then
    subsequently dlclose()ed, as we never end up invoking the created
    object's dtor until program exit when the shlib is already unmapped.
    
    Fix it by noting when we're in the middle of __cxa_finalize for a dso,
    and then restarting the search if __cxa_atexit() was called in the
    middle somewhere.
    
    We wait until we've processed the initial set before starting over and
    processing the newly added handlers as if it were a complete set of
    handlers added during runtime.  The alternative is calling them as
    they're added to maintain a LIFO in terms of total ordering, but in
    theory a constructor could add another global object that also needs to
    be destroyed, and that object needs to be destroyed after the one that
    constructed it to avoid creating unexpected lifetime issues.
    
    This manifests in the pdlib PHP extension for dlib crashing, see [0].
    
    [0] https://github.com/goodspb/pdlib/issues/39
    
    PR:             285870
    Reviewed by:    kevans (also supplied commit message)
    MFC after:      1 week
---
 lib/libc/stdlib/atexit.c | 61 ++++++++++++++++++++++++++++--------------------
 1 file changed, 36 insertions(+), 25 deletions(-)

diff --git a/lib/libc/stdlib/atexit.c b/lib/libc/stdlib/atexit.c
index e5aa66c51f38..6e4a12f9e530 100644
--- a/lib/libc/stdlib/atexit.c
+++ b/lib/libc/stdlib/atexit.c
@@ -35,6 +35,7 @@
 #include "namespace.h"
 #include <errno.h>
 #include <link.h>
+#include <stdbool.h>
 #include <stddef.h>
 #include <stdlib.h>
 #include <unistd.h>
@@ -56,6 +57,8 @@ _Block_copy(void*);
 #define	ATEXIT_FN_CXA	2
 
 static pthread_mutex_t atexit_mutex = PTHREAD_MUTEX_INITIALIZER;
+static void *current_finalize_dso = NULL;
+static bool call_finalize_again = false;
 
 #define _MUTEX_LOCK(x)		if (__isthreaded) _pthread_mutex_lock(x)
 #define _MUTEX_UNLOCK(x)	if (__isthreaded) _pthread_mutex_unlock(x)
@@ -115,6 +118,9 @@ atexit_register(struct atexit_fn *fptr)
 		__atexit = p;
 	}
 	p->fns[p->ind++] = *fptr;
+	if (current_finalize_dso != NULL &&
+	    current_finalize_dso == fptr->fn_dso)
+		call_finalize_again = true;
 	_MUTEX_UNLOCK(&atexit_mutex);
 	return 0;
 }
@@ -208,33 +214,38 @@ __cxa_finalize(void *dso)
 	}
 
 	_MUTEX_LOCK(&atexit_mutex);
-	for (p = __atexit; p; p = p->next) {
-		for (n = p->ind; --n >= 0;) {
-			if (p->fns[n].fn_type == ATEXIT_FN_EMPTY)
-				continue; /* already been called */
-			fn = p->fns[n];
-			if (dso != NULL && dso != fn.fn_dso) {
-				/* wrong DSO ? */
-				if (!has_phdr || global_exit ||
-				    !__elf_phdr_match_addr(&phdr_info,
-				    fn.fn_ptr.cxa_func))
-					continue;
+	current_finalize_dso = dso;
+	do {
+		call_finalize_again = false;
+		for (p = __atexit; p; p = p->next) {
+			for (n = p->ind; --n >= 0;) {
+				if (p->fns[n].fn_type == ATEXIT_FN_EMPTY)
+					continue; /* already been called */
+				fn = p->fns[n];
+				if (dso != NULL && dso != fn.fn_dso) {
+					/* wrong DSO ? */
+					if (!has_phdr || global_exit ||
+					    !__elf_phdr_match_addr(&phdr_info,
+					    fn.fn_ptr.cxa_func))
+						continue;
+				}
+				/*
+				  Mark entry to indicate that this particular
+				  handler has already been called.
+				*/
+				p->fns[n].fn_type = ATEXIT_FN_EMPTY;
+				_MUTEX_UNLOCK(&atexit_mutex);
+
+				/* Call the function of correct type. */
+				if (fn.fn_type == ATEXIT_FN_CXA)
+					fn.fn_ptr.cxa_func(fn.fn_arg);
+				else if (fn.fn_type == ATEXIT_FN_STD)
+					fn.fn_ptr.std_func();
+				_MUTEX_LOCK(&atexit_mutex);
 			}
-			/*
-			  Mark entry to indicate that this particular handler
-			  has already been called.
-			*/
-			p->fns[n].fn_type = ATEXIT_FN_EMPTY;
-		        _MUTEX_UNLOCK(&atexit_mutex);
-		
-			/* Call the function of correct type. */
-			if (fn.fn_type == ATEXIT_FN_CXA)
-				fn.fn_ptr.cxa_func(fn.fn_arg);
-			else if (fn.fn_type == ATEXIT_FN_STD)
-				fn.fn_ptr.std_func();
-			_MUTEX_LOCK(&atexit_mutex);
 		}
-	}
+	} while (call_finalize_again);
+	current_finalize_dso = NULL;
 	_MUTEX_UNLOCK(&atexit_mutex);
 	if (dso == NULL)
 		_MUTEX_DESTROY(&atexit_mutex);