dlopen() and dlclose() are not MT-safe?
Kostik Belousov
kostikbel at gmail.com
Wed Mar 22 17:43:23 UTC 2006
On Wed, Mar 22, 2006 at 11:32:09PM +0900, Kazuaki Oda wrote:
> Hello,
>
> I compiled the following code on 6.1-PRERELEASE and ran:
>
> dltest.c
> ----------------------------------------------------------------------
> #include <err.h>
> #include <dlfcn.h>
> #include <pthread.h>
> #include <stdio.h>
> #include <stdlib.h>
> #include <unistd.h>
>
> #define NTHREADS 10
>
> void *func(void *dummy);
>
> int main(void)
> {
> pthread_t tids[NTHREADS];
> int error;
> int i;
>
> for (i = 0; i < NTHREADS; i++) {
> error = pthread_create(&tids[i], NULL, func, NULL);
> if (error)
> errc(1, error, "pthread_create");
> }
>
> for (;;)
> sleep(1);
>
> /* NOTREACHED */
>
> exit(0);
> }
>
> void *func(void *dummy)
> {
> void *h;
>
> for (;;) {
> if ((h = dlopen("/usr/lib/libm.so", RTLD_NOW)) == NULL)
> errx(1, "dlopen: %s", dlerror());
> if (dlclose(h) == -1)
> errx(1, "dlclose: %s", dlerror());
> }
>
> /* NOTREACHED */
>
> return (NULL);
> }
> ----------------------------------------------------------------------
>
> % cc -Wall -o dltest dltest.c -lpthread
> % ./dltest
> ld-elf.so.1: assert failed: /usr/src/libexec/rtld-elf/rtld.c:2445
> Segmentation fault (core dumped)
>
> % cc -Wall -o dltest dltest.c -lthr
> % ./dltest
> % ld-elf.so.1: assert failed: /usr/src/libexec/rtld-elf/rtld.c:1723
> Abort (core dumped)
>
> Hmm, it seems dlopen() and dlclose() are not MT-safe. Is this a known
> issue?
>
> --
> Kazuaki Oda
The following patch put some relief for the problem:
Index: libexec/rtld-elf/rtld.c ===================================================================
RCS file: /usr/local/arch/ncvs/src/libexec/rtld-elf/rtld.c,v
retrieving revision 1.112
diff -u -r1.112 rtld.c
--- libexec/rtld-elf/rtld.c 24 Dec 2005 15:37:30 -0000 1.112
+++ libexec/rtld-elf/rtld.c 22 Mar 2006 17:33:06 -0000
@@ -1688,6 +1688,12 @@
wlock_release(rtld_bind_lock, lockstate);
objlist_call_fini(&list_fini);
lockstate = wlock_acquire(rtld_bind_lock);
+ if (root->refcount == 0) {
+ _rtld_error("%s: object busy", root->path);
+ wlock_release(rtld_bind_lock, lockstate);
+ return -1;
+ }
+
objlist_remove_unref(&list_fini);
/* Finish cleaning up the newly-unreferenced objects. */
But it still allows for the mess of _init/_fini simultaneous calls
from different threads. SUSv3 does not mention constructors/destructors.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20060322/26f50d11/attachment.pgp
More information about the freebsd-hackers
mailing list