[Crash-utility] [PATCH] extension: Fix crash segfaults when loading same extension with different names twice

HAGIO KAZUHITO(萩尾 一仁) k-hagio-ab at nec.com
Mon Mar 22 05:34:14 UTC 2021 

Hi Tao Liu,

-----Original Message-----
> If a same extension(Eg: extensions/trace.so) with two different names are loaded by
> "extend" command twice, it sometimes segfaults crash.
> 
> It's because crash uses RTLD_NOW|RTLD_GLOBAL flags of dlopen to load an extension.
> RTDL_GLOBAL will make symbols defined by this shared object available for
> symbol resolution of subsequently loaded shared objects. So symbols with the same
> name will be exported from the former to the latter. In this case, when 2 extensions
> only differ from file names, the subsequently loaded extension will have unexpected
> initial values for global varibles.

Thanks for the report.

> This patch adds RTLD_DEEPBIND flag to dlopen, making extensions using its
> own symbols preference to symbols with the same name contained by others.

This looks a big API change for crash extension modules.

As far as I've tested, getopt() in an extension module does not work well
with this patch:

# make extensions

crash> extend extensions/echo.so
./extensions/echo.so: shared object loaded
crash> echo test
test 
crash> echo test

crash> echo test test2
test2 
crash> echo test test2

crash> echo test

crash> echo test test2

crash> echo test test2 test3
test3

Can we fix this?  And probably all other modules using getopt() imitates
this echo.c, they will also need to be fixed to adopt the patch.
Also I'm concerned that there might be another regression.

Do we need to fix the issue at these costs?  or is there any better way?

Thanks,
Kazu

> 
> Signed-off-by: Tao Liu <ltao at redhat.com>
> ---
>  extensions.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/extensions.c b/extensions.c
> index d23b1e3..e07f9a9 100644
> --- a/extensions.c
> +++ b/extensions.c
> @@ -317,7 +317,7 @@ load_extension(char *lib)
>          *  _init() function before dlopen() returns below.
>  	*/
>  	pc->curext = ext;
> -	ext->handle = dlopen(ext->filename, RTLD_NOW|RTLD_GLOBAL);
> +	ext->handle = dlopen(ext->filename, RTLD_NOW|RTLD_GLOBAL|RTLD_DEEPBIND);
> 
>  	if (!ext->handle) {
>  		strcpy(buf, dlerror());
> --
> 2.29.2
> 
> --
> Crash-utility mailing list
> Crash-utility at redhat.com
> https://listman.redhat.com/mailman/listinfo/crash-utility

More information about the Crash-utility mailing list