don't access dlclose'd dynamic ioengine object after close

Alexey reported this bug when using dynamically loaded IO engines;
a segfault on the line where we set the dlhandle to NULL after
the dlclose.

I think this is because ops points to the thing we obtained from dlsym:

	ops = dlsym(dlhandle, engine_lib);

and after the final dlclose, the object no longer exists and efforts
to set the handle within it will fail for obvious reasons.
I'm not sure why I hadn't seen this before.

Fixes-RH-Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1956963
Reported-by: Alexey Dobriyan <adobriyan@gmail.com>
Fixes: f6931a1 ("fio: move dynamic library handle to io_ops structure")
Tested-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

diff --git a/ioengines.c b/ioengines.c
index 3561bb4e6ed0da7289e1079a2d0ffbc7e8f9aa1d..dd61af07a4432c802ba53d18535c2dc44ea2a8bf 100644 (file)
--- a/ioengines.c
+++ b/ioengines.c
@@ -234,7 +234,6 @@ void free_ioengine(struct thread_data *td)
        if (td->io_ops->dlhandle) {
                dprint(FD_IO, "dlclose ioengine %s\n", td->io_ops->name);
                dlclose(td->io_ops->dlhandle);
-               td->io_ops->dlhandle = NULL;
        }
 
        td->io_ops = NULL;