From 79f488cbd95ca6989031a7ace5ec382313d31b3c Mon Sep 17 00:00:00 2001 From: Eric Sandeen Date: Fri, 7 May 2021 16:13:05 -0500 Subject: [PATCH] don't access dlclose'd dynamic ioengine object after close Alexey reported this bug when using dynamically loaded IO engines; a segfault on the line where we set the dlhandle to NULL after the dlclose. I think this is because ops points to the thing we obtained from dlsym: ops = dlsym(dlhandle, engine_lib); and after the final dlclose, the object no longer exists and efforts to set the handle within it will fail for obvious reasons. I'm not sure why I hadn't seen this before. Fixes-RH-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1956963 Reported-by: Alexey Dobriyan Fixes: f6931a1 ("fio: move dynamic library handle to io_ops structure") Tested-by: Alexey Dobriyan Signed-off-by: Eric Sandeen Signed-off-by: Jens Axboe --- ioengines.c | 1 - 1 file changed, 1 deletion(-) diff --git a/ioengines.c b/ioengines.c index 3561bb4e..dd61af07 100644 --- a/ioengines.c +++ b/ioengines.c @@ -234,7 +234,6 @@ void free_ioengine(struct thread_data *td) if (td->io_ops->dlhandle) { dprint(FD_IO, "dlclose ioengine %s\n", td->io_ops->name); dlclose(td->io_ops->dlhandle); - td->io_ops->dlhandle = NULL; } td->io_ops = NULL; -- 2.26.2