Avoid confusing compiler with dynamically impossible statically invalid dereference in _dl_close_worker.

2 files changed, 18 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index 967a8c85ea..0b648bfb11 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
 2015-04-17  Roland McGrath  <roland@hack.frob.com>
 
+	* elf/dl-close.c (_dl_close_worker) [DL_NNS == 1]: Just assert that
+	IMAP->l_prev cannot be null, and #if out the code for the contrary
+	case, avoiding 'assert (nsid != LM_ID_BASE)' making the compiler
+	believe that NS (&_dl_ns[NSID]) could point outside the array.
+
 	* elf/dl-open.c (_dl_open): Use __glibc_unlikely in invalid namespace
 	check.  Reject NSID < 0 and NSID >= dl_nns, and check for DL_NNS==1,
 	before using NSID as an index.
diff --git a/elf/dl-close.c b/elf/dl-close.c
index cf8f9e0465..412f71d70b 100644
--- a/elf/dl-close.c
+++ b/elf/dl-close.c
@@ -641,9 +641,16 @@ _dl_close_worker (struct link_map *map)
 	  DL_UNMAP (imap);
 
 	  /* Finally, unlink the data structure and free it.  */
-	  if (imap->l_prev != NULL)
-	    imap->l_prev->l_next = imap->l_next;
-	  else
+#if DL_NNS == 1
+	  /* The assert in the (imap->l_prev == NULL) case gives
+	     the compiler license to warn that NS points outside
+	     the dl_ns array bounds in that case (as nsid != LM_ID_BASE
+	     is tantamount to nsid >= DL_NNS).  That should be impossible
+	     in this configuration, so just assert about it instead.  */
+	  assert (nsid == LM_ID_BASE);
+	  assert (imap->l_prev != NULL);
+#else
+	  if (imap->l_prev == NULL)
 	    {
 	      assert (nsid != LM_ID_BASE);
 	      ns->_ns_loaded = imap->l_next;
@@ -652,6 +659,9 @@ _dl_close_worker (struct link_map *map)
 		 we leave for debuggers to examine.  */
 	      r->r_map = (void *) ns->_ns_loaded;
 	    }
+	  else
+#endif
+	    imap->l_prev->l_next = imap->l_next;
 
 	  --ns->_ns_nloaded;
 	  if (imap->l_next != NULL)