mongodb/mongo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

SERVER-120938 Fix extensions_verify_visibility task on dynamic and sanitizer build variants

Browse Source 
GitOrigin-RevId: e940b3763988822ffc36b030480c0b7740fe4e19
This commit is contained in:
Daniel Segel 2026-03-04 15:01:54 -08:00 committed by MongoDB Bot
parent 0b50ea103e
commit 3fef01fe5a
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
evergreen/verify_all_extensions_visibility.sh
View File

@ -81,7 +81,7 @@ info "extension dir: $EXT_DIR"
# Collect all extension .so files except libno_symbol_bad_extension.so.
mapfile -t so_files < <(
find "$EXT_DIR" -maxdepth 1 -name '*.so' ! -name '*no_symbol_bad_extension*' | sort
find "$EXT_DIR" -maxdepth 1 -name '*_extension*.so' ! -name '*no_symbol_bad_extension*' | sort
)
if [[ ${#so_files[@]} -eq 0 ]]; then

4
evergreen/verify_extension_visibility_test.sh
View File

@ -110,7 +110,7 @@ ext_ldd="$(ldd_libs_basename "$EXT_SO")"
# Base regex for allowed dependencies (common to both direct and transitive)
# NOTE: This is still a shared object (dlopen), so libc + loader will be dynamic.
# Policy exceptions: OpenSSL (libcrypto/libssl) may be dynamic. libgcc_s is allowed because the server dynamically links it.
ALLOWED_DEPS_BASE='ld-linux.*\.so\.[0-9]+|libc\.so\.[0-9]+|libm\.so\.[0-9]+|libresolv\.so\.[0-9]+|libdl\.so\.[0-9]+|libpthread\.so\.[0-9]+|librt\.so\.[0-9]+|libcrypto\.so\.[0-9]+|libssl\.so\.[0-9]+|libgcc_s\.so\.[0-9]+|linux-vdso\.so\.[0-9]+'
ALLOWED_DEPS_BASE='ld-linux.*\.so\.[0-9.]+|libc\.so\.[0-9.]+|libm\.so\.[0-9.]+|libresolv\.so\.[0-9.]+|libdl\.so\.[0-9.]+|libpthread\.so\.[0-9.]+|librt\.so\.[0-9.]+|libcrypto\.so\.[0-9.]+|libssl\.so\.[0-9.]+|libgcc_s\.so\.[0-9.]+|linux-vdso\.so\.[0-9.]+'
# 2a) Check direct dependencies (DT_NEEDED) - stricter control
# Direct dependencies are what the extension explicitly links against.
@ -128,7 +128,7 @@ fi
# Transitive deps come from libraries that the extension links against.
# For example, if extension links OpenSSL, OpenSSL might pull in libz.
# libz is allowed transitively (via OpenSSL) but not as a direct dependency.
ALLOWED_TRANSITIVE_DEPS_REGEX="^(${ALLOWED_DEPS_BASE}|libz\.so\.[0-9]+)$"
ALLOWED_TRANSITIVE_DEPS_REGEX="^(${ALLOWED_DEPS_BASE}|libz\.so\.[0-9.]+)$"
unexpected_transitive_deps="$(echo "$ext_ldd" | grep -Ev "${ALLOWED_TRANSITIVE_DEPS_REGEX}" || true)"
if [[ -n "$unexpected_transitive_deps" ]]; then