Bug with Unix domain sockets under 2.0.35-5 (RedHat 5.1)

Perry Harrington (pedward@sun4.apsoft.com)
Tue, 20 Oct 1998 19:19:56 -0700 (PDT)

I encountered a bug with Unix domain sockets and select while
hacking away. My parent process inadvertantly cored and the
child went apeshit. Select returns 1 (and no longer blocks)
when the other end of the socketpair(2) goes byebye via core dump.

Here is a bit of sample code to exploit the prob:

gcc -Wall -o testcase testcase.c

------------------------------8<-------------------------------
#include <stdio.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <unistd.h>

void main(void)
{
int fd[2];
fd_set set;
char *invalid=NULL;

socketpair(AF_UNIX, SOCK_STREAM, 0, fd);

if(fork()) {
fprintf(stderr, "Waiting 5 seconds...\n");
close(fd[1]);
sleep(5);

fprintf(stderr, "BOOM!\n");
*invalid=0;
} else {
int i;
close(fd[0]);

/* this is me being nice :) */
i=0;

while (i<10) {
FD_ZERO(&set);

FD_SET(fd[1],&set);

fprintf(stderr, "Select returned %d\n", select(fd[1] + 1, &set, NULL, NULL, NULL));

i++;
}
}
}

------------------------------8<-------------------------------

--Perry

-- 
Perry Harrington       Linux rules all OSes.    APSoft      ()
email: perry@apsoft.com 			Think Blue. /\


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/