admin管理员组文章数量:1208155
This simple library
$ cat foo.c
int glob;
int foo() {
return 0;
}
__attribute__((constructor))
void init() {
glob = foo();
}
$ gcc -g -O0 -shared -fPIC foo.c -o libfoo.so
loads fine when I link it normally:
$ cat prog1.c
extern int foo();
int main() {
return foo();
}
$ gcc -g -O0 prog1.c libfoo.so
$ LD_LIBRARY_PATH=. ./a.out
but crashes if I load it via dlopen:
$ cat prog2.c
#include <dlfcn.h>
int main() {
dlopen("./libfoo.so", RTLD_LAZY | RTLD_GLOBAL);
return 0;
}
$ gcc -g -O0 prog2.c -ldl
$ ./a.out
Segmentation fault
When I inspect it in gdb it looks like it crashes in init trying to store to address which does not match glob. I tested in Ubuntu 24.04 (Glibc 2.39) and Debian 11.11 (Glibc 2.31).
This simple library
$ cat foo.c
int glob;
int foo() {
return 0;
}
__attribute__((constructor))
void init() {
glob = foo();
}
$ gcc -g -O0 -shared -fPIC foo.c -o libfoo.so
loads fine when I link it normally:
$ cat prog1.c
extern int foo();
int main() {
return foo();
}
$ gcc -g -O0 prog1.c libfoo.so
$ LD_LIBRARY_PATH=. ./a.out
but crashes if I load it via dlopen:
$ cat prog2.c
#include <dlfcn.h>
int main() {
dlopen("./libfoo.so", RTLD_LAZY | RTLD_GLOBAL);
return 0;
}
$ gcc -g -O0 prog2.c -ldl
$ ./a.out
Segmentation fault
When I inspect it in gdb it looks like it crashes in init trying to store to address which does not match glob. I tested in Ubuntu 24.04 (Glibc 2.39) and Debian 11.11 (Glibc 2.31).
1 Answer
Reset to default 1Answered by Mike Kashkarov
glob is also a name of Glibc function, exported from libc.so. So in dlopen case glob is resolved to address in Glibc's read-only memory segment and we get a crash when writing to it.
本文标签: cCrash when dlopening shared library which accesses global variable in constructorStack Overflow
版权声明:本文标题:c - Crash when dlopening shared library which accesses global variable in constructor - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1738739138a2109745.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论