This is the mail archive of the
libffi-discuss@sourceware.org
mailing list for the libffi project.
Re: bug in libffi with selinux and a fork
- From: Andrew Haley <aph at redhat dot com>
- To: Victor Stinner <victor dot stinner at haypocalc dot com>
- Cc: libffi-discuss at sources dot redhat dot com
- Date: Tue, 27 Oct 2009 12:42:45 +0000
- Subject: Re: bug in libffi with selinux and a fork
- References: <200910271331.39501.victor.stinner@haypocalc.com>
Victor Stinner wrote:
I found a bug in libffi using the Python module ctypes. strace output:
-------
statfs("/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0,
f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255,
f_frsize=4096}) = 0
gettimeofday({1256588283, 889671}, NULL) = 0
open("/tmp/ffijhzWrH", O_RDWR|O_CREAT|O_EXCL, 0600) = 3
unlink("/tmp/ffijhzWrH") = 0
ftruncate(3, 4096) = 0
mmap2(NULL, 4096, PROT_READ|PROT_EXEC, MAP_SHARED, 3, 0) = 0xc41000
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_SHARED, 3, 0) = 0xb7c7d000
-------
The problem is that the memory mapping used for the callback (closure) is
shared. In my example (see attached file), the callback is destroyed in a
child process, and then is broken in the parent.
I found this bug on Python 2.6.2 and Fedora 12 (Beta).
Hmmm, interesting. This is going to be quite hard to fix.
Why is the child process destroying the closure, anyway?
Andrew.