562593 – the tcf-server asserted if two shared libraries access the same exported variable

Bug 562593 - the tcf-server asserted if two shared libraries access the same exported variable

Summary: the tcf-server asserted if two shared libraries access the same exported vari...

Status:	RESOLVED FIXED

Alias:	None

Product:	TCF
Classification:	Tools
Component:	Agent (show other bugs)
Version:	unspecified
Hardware:	PC All

Importance:	P3 normal (vote)
Target Milestone:	1.7
Assignee:	Project Inbox
QA Contact:	Eugene Tarassov

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2020-04-29 03:29 EDT by wenyan xin
Modified:	2021-06-25 16:24 EDT (History)
CC List:	0 users

See Also:

Attachments
this file is the executive file that uses two shared library files (682 bytes, application/octet-stream) 2020-05-05 22:53 EDT, wenyan xin	no flags	Details
this is the shared libary file 1 (1.84 KB, application/octet-stream) 2020-05-05 22:54 EDT, wenyan xin	no flags	Details
this fle is the shared library file 2 (490 bytes, application/octet-stream) 2020-05-05 22:55 EDT, wenyan xin	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description wenyan xin

2020-04-29 03:29:04 EDT

In my case, there are one exective and two shared libraries.

If one global variable exports in one shared libary.

And all of the exective, shared library 1 and shared library 2 try to access the exported global variable, when access it in shared library 2, that cause the tcf-server assert and crash.

when I debug the txf-server process, I can find the assert happened at following statement in function elf_list_next in file agent/tcf/services/tcf_elf.c.

1627 ELF_File * elf_list_next(Context * ctx) {
...
1630     assert(state->ctx == ctx);    /* assert happened */

but if I changed the code as following, the issue gone.
-----------------------------

git diff --color
diff --git a/agent/tcf/services/tcf_elf.c b/agent/tcf/services/tcf_elf.c
index 9caa8ce..f15ceba 100644
--- a/agent/tcf/services/tcf_elf.c
+++ b/agent/tcf/services/tcf_elf.c
@@ -1624,6 +1624,15 @@ MemoryRegion * elf_list_region(Context * ctx) {

 ELF_File * elf_list_next(Context * ctx) {
     ElfListState * state = elf_list_state;
+
+    while (state->ctx != ctx)
+        state = state->next;
+
+    if (!state) {
+        errno = 0;
+        return NULL;
+    }
+
     assert(state != NULL);
     assert(state->ctx == ctx);
     assert(state->map.region_cnt > 0);
@@ -1648,6 +1657,12 @@ ELF_File * elf_list_next(Context * ctx) {

 void elf_list_done(Context * ctx) {
     ElfListState * state = elf_list_state;
+    while (state->ctx != ctx)
+        state = state->next;
+
+    if (!state)
+        return;
+
     assert(state != NULL);
     assert(state->ctx == ctx);
     elf_list_state = state->next;

Comment 1 Eugene Tarassov

2020-05-04 11:50:41 EDT

It looks like a bug in the ELF symbols reader.
Your changes is not a correct way to fix the bug.
Could you provide a test case?

Comment 2 wenyan xin

2020-05-05 22:53:43 EDT

Created attachment 282717 [details]
this file is the executive file that uses two shared library files

Comment 3 wenyan xin

2020-05-05 22:54:27 EDT

Created attachment 282718 [details]
this is the shared libary file 1

Comment 4 wenyan xin

2020-05-05 22:55:06 EDT

Created attachment 282719 [details]
this fle is the shared library file 2

Comment 5 wenyan xin

2020-05-05 23:02:00 EDT

thank you very much.

I have attached three files, the sharedLibTest.c file is for executive file, that will call the functions exported from shared library1 and 2.

the sharedLibTestLib.c file is for shared library 1.
the sharedLib2TestLib.c file is for shared library 2.

when I stopped at sharedLibTestLibRtn1() in sharedLib2TestLib.c file, the tcf agent will crash.

Comment 6 Eugene Tarassov

2020-05-08 19:46:19 EDT

Fixed.
Thanks!