Date: Sat, 12 Dec 1998 19:32:09 -0800 From: Don Lewis <Don.Lewis@tsc.tdk.com> To: Matthew Dillon <dillon@apollo.backplane.com>, Don Lewis <Don.Lewis@tsc.tdk.com> Cc: Peter Edwards <peter.edwards@isocor.ie>, Archie Cobbs <archie@whistle.com>, freebsd-current@FreeBSD.ORG Subject: Re: inetd: realloc/free bug Message-ID: <199812130332.TAA23232@salsa.gv.tsc.tdk.com> In-Reply-To: Matthew Dillon <dillon@apollo.backplane.com> "Re: inetd: realloc/free bug" (Dec 12, 5:58pm)
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 12, 5:58pm, Matthew Dillon wrote: } Subject: Re: inetd: realloc/free bug } :Your patch also doesn't eliminate all the race conditions. When } :a signal handler is invoked, it blocks reception of the signal that } :triggered it, but not the reception of other signals, so it is possible } } Sure it does. Look at the code. Line 410 or so of inetd.c You appear to be correct. } :Oh yeah, there is another race condition that I've never seen mentioned. } :In the case of TCP services where we do something like } : ctrl = accept(...); } : pid = fork(); } : if (pid == 0) { } : fiddle with fds } : exec(...); } : } } : close(ctrl); } :there is a problem if the child process runs, writes a bunch of data } :to the socket and exits before the parent process executes the close(). } :If this happens, the close() in the parent can hang for an indefinite } :period of time, until the client consumes the buffered data on the socket. } :I fixed this in BIND 4.x a few years ago using a pipe to synchronize } } I'm not sure I follow. close() on a socket descriptor does not block. In the case of BIND, close() blocks because SO_LINGER is set. As long as nothing run from inetd does this, we're probably OK. The reason that BIND uses SO_LINGER is: /* kernels that map pages for IO end up failing if the pipe is full * at exit and we take away the final buffer. this is really a kernel * bug but it's harmless on systems that are not broken, so... */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812130332.TAA23232>