Crash on module unload, when dlclose() fails

Post any defects you find in the released or beta versions of the ImageMagick software here. Include the ImageMagick version, OS, and any command-line required to reproduce the problem. Got a patch for a bug? Post it here.
Post Reply
User avatar
mi
Posts: 123
Joined: 2005-01-25T14:14:43-07:00
Contact:
Contact mi

Crash on module unload, when dlclose() fails

Post by mi »

Hello! I've modified our (FreeBSD's) dlclose() implementation to check for any atexit()-registered functions (or C++ destructors), which could be defined in the library being dlclose-ed.

This now causes PerlMagick to crash on exit, shortly after an attempt to dlclose EXR-module fails. The (probably smashed somewhat) stack looks like:

Code: Select all

#0  0x00000008095d6c60 in ?? ()
#1  0x0000000800facc15 in ClearMagickException (exception=0xc68140) at magick/exception.c:182
#2  0x0000000800facd6f in CatchException (exception=0xc68140) at magick/exception.c:231
#3  0x0000000800fe34c7 in DestroyModuleNode (module_info=0xc49480) at magick/module.c:855
#4  0x00000008010245e0 in DestroySplayTree (splay_info=0x515400) at magick/splay-tree.c:654
#5  0x0000000800fe2736 in DestroyModuleList () at magick/module.c:138
#6  0x0000000800fdedd9 in DestroyMagickList () at magick/magick.c:140
#7  0x0000000800fe0741 in MagickCoreTerminus () at magick/magick.c:1252
#8  0x0000000800dad08a in XS_Image__Magick_UNLOAD (cv=0xc57080) at Magick.xs:2149
#9  0x00000008006c01fc in Perl_pp_entersub () from /opt/lib/perl5/5.8.8/mach/CORE/libperl.so
#10 0x00000008006b8e9e in Perl_runops_standard () from /opt/lib/perl5/5.8.8/mach/CORE/libperl.so
#11 0x0000000800669cdc in Perl_call_sv () from /opt/lib/perl5/5.8.8/mach/CORE/libperl.so
#12 0x000000080066a0c7 in Perl_call_list () from /opt/lib/perl5/5.8.8/mach/CORE/libperl.so
#13 0x000000080066bc28 in perl_destruct () from /opt/lib/perl5/5.8.8/mach/CORE/libperl.so
#14 0x000000000040154e in main ()
The exception thrown by UnregisterModule() is:

Code: Select all

unable to close module `EXR': shared object /opt/lib/libHalf.so.4 provides a __cxa_atexit-registered function 0x803e1afd0 (static?)
I do not yet understand, why the exception is causing corruption (perhaps, the error message is too long for some buffer?), but it crashes quite repeatedly.

Not using OpenEXR, of course, works around the problem...
Top
User avatar
magick
Site Admin
Posts: 11064
Joined: 2003-05-31T11:32:55-07:00

Re: Crash on module unload, when dlclose() fails

Post by magick »

Unfortunately we cannot reproduce the problem and perusing the code suggests a corrupt stack. We currently do not have a solution for this problem other than not using OpenEXR.
Top
User avatar
mi
Posts: 123
Joined: 2005-01-25T14:14:43-07:00
Contact:
Contact mi

Re: Crash on module unload, when dlclose() fails

Post by mi »

Try reproducing the problem with the following patch:

Code: Select all

--- magick/module.c      2007-09-08 16:44:05.000000000 -0400
+++ magick/module.c      2007-09-16 02:04:09.000000000 -0400
@@ -1403,5 +1403,12 @@ static MagickBooleanType UnregisterModul
       return(MagickFalse);
     }
-  return(MagickTrue);
+  else
+    {
+      (void) ThrowMagickException(exception,GetMagickModule(),ModuleWarning,
+        "UnableToCloseModule","`%s': %s",module_info->tag,"fake error "
+message to test handling of the possible dlclose-failure /intentionally "
+made somewhat long. Meow, meow...");
+      return(MagickFalse);
+    }
 }
 #else
Top
User avatar
magick
Site Admin
Posts: 11064
Joined: 2003-05-31T11:32:55-07:00

Re: Crash on module unload, when dlclose() fails

Post by magick »

Your patch did not cause any problems in our test environment (Fedora Core 7). We verified against valgrind.
Top
Post Reply

Return to “Bugs”