[BusyBox] Bug#212764: 2 race conditions in init implementation

Guillaume Morin guillaume at morinfr.org
Fri Oct 3 16:37:34 UTC 2003


Dans un message du 03 oct à 13:53, Vladimir N. Oleynik écrivait :
> >There is a race here. If the child exits before the SIGCHLD is
> >unblocked, wait() will block forever.
> 
> Really?!
> WHY?
> We blocked, not ignored SIGCHLD. If sigchld raised then signal pending
> before unblocked. We don`t loses this signal.

That's true, I was smoking crack here. There is still a race here but
for this reason, see below.

> >I have fixed the bug by replacing the wait() call in waitfor() with a
> >waitpid() call and handle the error.
> >
> >- 2nd race condition
> 
> And same point.

This one is not the same. You unblocked the signal before the second
fork(). It is not a blocking/unblocking problem here. 

There is a race between the call to signal() and the signal handler
(child_handler()). If the handler is called before signal(), the code
will loop forever since waitpid will return -1 with errno == ECHILD.

It is the same for the first race. If the handler is called before
wait(), wait() will block.

BTW, the SIGCHLD handler reaps all zombies, how can you expect that the
unchecked calls to wait() and waitpid() will succeed on SMP ?

It should work if, at the beginning of run(), you change the SIGCHLD
handler to SIG_DFL and restore the old one at the end of the function.
But I think the current fix is better.

> Glenn,
> 
> I recomended restore previous version from CVS before realy
> demonstrating problem.

I recommend you leave it in the CVS. Testing return codes is good
practice and it is basically what the patch does. Furthermore, the
current handler _is_ reaping any zombies so using waitpid() and testing
for errno == ECHILD really makes sense IMO.

Yes, I changed a wait() into waitpid() but the use of wait() is
pointless since we're waiting for a specific pid, we might just be
reaping other zombies that we may want to test later. 

Please tell me if I am missing anything.

Guillaume.

PS: please keep me CC'ed.

-- 
Guillaume Morin <guillaume at morinfr.org>

       Burn the books they've got too many names and psychoses. All this
  incriminating evidence would surely haunt me if someone broke into my house.
                              (Alanis Morissette)



More information about the busybox mailing list