AW: dlopen: Segfault due to overwriting .so file after it was loaded and loading it again

["Wendeborn, Jonathan" <Jonathan.Wendeborn@bruker.com>]

Hi,

Thank you for your quick answer!
I don't have Boost installed globally, so I had to adjust the command:
g++9 -g3 -O0 -Wall -Wextra -Wsign-conversion -std=c++17 -fsanitize=address  -o test2 test.cpp  -I/home/Jonathan.Wendeborn/.boost/1.70/include/  -L/home/Jonathan.Wendeborn/.boost/1.70/bin/boost/linux-x86_64-gcc9-debug  -Wl,-Bstatic -lboost_filesystem -lboost_system  -Wl,-Bdynamic -ldl

This is the output:
./test2
pre load
loaded
pre load
loaded
AddressSanitizer:DEADLYSIGNAL
=================================================================
==2872455==ERROR: AddressSanitizer: SEGV on unknown address 0x000000657726 (pc 0x000000657726 bp 0x000000000000 sp 0x7ffc91e7d0a8 T0)
==2872455==The signal is caused by a READ memory access.
AddressSanitizer:DEADLYSIGNAL
AddressSanitizer: nested bug in the same thread, aborting.

I didn't test my program with a different .so before, so I copied libboost_regex.so to libSomething.so and get a Segfault, too:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==2872492==ERROR: AddressSanitizer: SEGV on unknown address 0x000000019bd0 (pc 0x000000019bd0 bp 0x7ffe22f7b9f0 sp 0x7ffe22f7b938 T0)
==2872492==The signal is caused by a READ memory access.

It doesn't crash when doing this with libboost_system.so, though.

Best regards,
Jonathan


-----Ursprüngliche Nachricht-----
Von: Konstantin Kharlamov <hi-angel@yandex.ru> 
Gesendet: Freitag, 20. November 2020 08:18
An: Wendeborn, Jonathan <Jonathan.Wendeborn@bruker.com>; libc-help@sourceware.org
Betreff: Re: dlopen: Segfault due to overwriting .so file after it was loaded and loading it again

**EXTERNAL EMAIL**

On Fri, 2020-11-20 at 06:52 +0000, Wendeborn, Jonathan via Libc-help wrote:
> Hi,
>
> I am a C++ developer but usually programming and debugging on Windows 
> (so please excuse any wrong terms). Now I'm compiling my program on 
> Linux (gcc
> 9.3.0 on Debian Bullseye with Boost 1.70) for the first time and get a 
> Segfault in my unit tests.
> Luckily I was able to write a reproducer and boil it down to my code 
> overwriting the .so file after having it loaded (and unloaded):

I can't seem to reproduce it. I modified paths in your testcase as fololows:

    #include <boost/filesystem/operations.hpp>
    #include <boost/dll/shared_library.hpp>
    #include <iostream>

    void doit() {
        boost::filesystem::copy_file("/tmp/libSomething.so", "/tmp/libSomething2.so", boost::filesystem::copy_option::overwrite_if_exists);

        boost::dll::shared_library l;
        std::cout << "pre load" << std::endl;
        l.load("/tmp/libSomething2.so");
        std::cout << "loaded" << std::endl;
    }
    int main() {
        doit();
        doit();
        return 0;
    }

And I build it with

    g++ test.cpp -o a -g3 -O0 -Wall -Wextra -Wsign-conversion -std=c++17 -fsanitize=address -ldl -lboost_filesystem -lboost_system

Running it I get no segfault, just output:

    λ ./a
    pre load
    loaded
    pre load
    loaded

Please try placing the lib into `/tmp/libSomething` and running the app, do you still see crash?