Re: 2.0.32 exit.c bug when CLONE_FILES? [2.1.65 also]

Bill Hawes (whawes@star.net)
Tue, 25 Nov 1997 08:55:55 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Bill Hawes: "Re: 2.1.65 oops"
Previous message: Andi Kleen: "Re: fork: out of memory"
Maybe in reply to: Ingo Molnar: "2.0.32 exit.c bug when CLONE_FILES? [2.1.65 also]"

Ingo Molnar wrote:
> Dan Hollis has sent me some very interesting oopses. There still seems to
> be a bug/race in sys_close() / close_fp() <==> sys_exit() / close_files()
> / close_fp(), when there is CLONE_FILES between two processes. (bug
> present in 2.1.65 also, i think)
>
> so far this only seems to happen in the Roxan webserver, which uses
> the CLONE_FILES clone() flag.
>
> at first glance, the exit.c:close_files() code does not seem to be safe
> when we sleep between two close_fp()'s, because we carry
> files->open_fds.fds_bits[j] over the blocking point, and 'set' might not
> be valid at that point anymore, possibly resulting in two parallel
> close_fp()'s for the same filepointer.

Hi Ingo,
I just took a quick look at the 2.1.65 code, and I don't see how you
would get more than one call to close_files() in the first place. The
close_files() is called from exit_files only when the use count of the
files structure goes to 0, and that should happen for exactly one clone
task. Unless the files structure use counts are messed up, the
close_files routine should be working on the last reference to the
files.

Regards,
Bill

Next message: Bill Hawes: "Re: 2.1.65 oops"
Previous message: Andi Kleen: "Re: fork: out of memory"
Maybe in reply to: Ingo Molnar: "2.0.32 exit.c bug when CLONE_FILES? [2.1.65 also]"