This is the mail archive of the libffi-discuss@sourceware.org mailing list for the libffi project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: bug in libffi with selinux and a fork

From: Andrew Haley <aph at redhat dot com>
To: Victor Stinner <victor dot stinner at haypocalc dot com>
Cc: libffi-discuss at sources dot redhat dot com
Date: Tue, 27 Oct 2009 12:42:45 +0000
Subject: Re: bug in libffi with selinux and a fork
References: <200910271331.39501.victor.stinner@haypocalc.com>

Victor Stinner wrote:

I found a bug in libffi using the Python module ctypes. strace output: ------- statfs("/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0 gettimeofday({1256588283, 889671}, NULL) = 0 open("/tmp/ffijhzWrH", O_RDWR|O_CREAT|O_EXCL, 0600) = 3 unlink("/tmp/ffijhzWrH") = 0 ftruncate(3, 4096) = 0 mmap2(NULL, 4096, PROT_READ|PROT_EXEC, MAP_SHARED, 3, 0) = 0xc41000 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_SHARED, 3, 0) = 0xb7c7d000 -------

The problem is that the memory mapping used for the callback (closure) is shared. In my example (see attached file), the callback is destroyed in a child process, and then is broken in the parent.

I found this bug on Python 2.6.2 and Fedora 12 (Beta).

Hmmm, interesting. This is going to be quite hard to fix.

Why is the child process destroying the closure, anyway?

Andrew.

Follow-Ups:
- Re: bug in libffi with selinux and a fork
  - From: Victor Stinner

References:
- bug in libffi with selinux and a fork
  - From: Victor Stinner

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]