[BusyBox] Freeing memory from a signal handler in init?
Rob Landley
rob at landley.net
Mon May 31 03:45:57 UTC 2004
Okay, let's go over init/init.c:
ctrlaltdel_signal() is called as a signal handler, and it calls run_actions().
The CTRLALTDEL action is one of the ones that gets filtered as an automatic
run once, so after calling waitfor(action), it calls crappy_delete_function
(which I have a patch to remove and save 38 bytes while simplifying the code,
by the way, I just need to test it a bit first...) and of course in
delete_init_action it frees the action structure. From signal context.
Now I remember from linux-kernel that you can't malloc from signal context
because there's some weird lock in gcc that goes "boing" and it's a deadlock.
I'd presume free has the lock over the same structures, leading to the same
deadlock.
This probably has never been noticed before because the system is in the
process of rebooting, so who's going to notice a hang in init when it's
already forked off the process that does the reboot? but if somebody ever
redefines the CTRLALTDEL action to do a software suspend or something similar
(or just plain anything other than shutdown/reboot the system), it could
result in init not coming back.
Opinions?
Rob
--
www.linucon.org: Linux Expo and Science Fiction Convention
October 8-10, 2004 in Austin Texas. (I'm the con chair.)
More information about the busybox
mailing list