libffi & fork

[Gaash Hazan <gaash at qwilt dot com>]

Hi experts,

I am new to libffi, so forgive me for my ignorance.

I have a python crash involving ctypes and functions callbacks (read
closures) and fork. The crash happens when process is forked, some
callbacks are modified and a function callback is made. I suspect that
the problem could be related to libffi closures and fork.

dlmmap() at libffi/closures.c allocates memory block that has to be
both read-write and read-execute. To achieve that, libffi creates a
temp file and performs two mmap-s to the that file, the first
read-write and the 2nd read-execute.

7fe27d64f000-7fe27d650000 rw-s 00000000 08:02 1840563
? /tmp/ffiHf53x5 (deleted)
7fe27d650000-7fe27d651000 r-xs 00000000 08:02 1840563
? /tmp/ffiHf53x5 (deleted)

The thing is that those maps are marked as shared. Hence when the
process is forked the allocated(mapped) memory block is *shared*
between the processes (and not copied-on-write). So, when father
process changes something in that memory block, the child process will
be affected as well, creating unplanned shared-memory block between
the two processes. I suspect that this is not the intended behavior
and that it leads to the crash.

snips from /proc/XXX/maps: father PID=7975, child PID=7976
----------------------------------------------------------------------------------------
$cat /proc/7975/maps? | grep /tmp/
7fc537d49000-7fc537d4a000 rw-s 00000000 08:02 1840370
? /tmp/ffiqyLKFR (deleted)
7fc537d4a000-7fc537d4b000 r-xs 00000000 08:02 1840370
? /tmp/ffiqyLKFR (deleted)

$cat /proc/7976/maps? | grep /tmp/
7fc537d49000-7fc537d4a000 rw-s 00000000 08:02 1840370
? /tmp/ffiqyLKFR (deleted)
7fc537d4a000-7fc537d4b000 r-xs 00000000 08:02 1840370
? /tmp/ffiqyLKFR (deleted)

test .py:
-----------
import os,time
import ctypes
os.fork()
print str(os.getpid())
time.sleep( 1000)

system info: centos 6.0, pyhton 2.6.5, selinux disabled, x86_64. Also
tested with python 2.7.3

Thanks,
Gaash