lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Wed, 31 Oct 2007 14:25:34 -0400
From:	Tony Battersby <tonyb@...ernetics.com>
To:	linux-kernel@...r.kernel.org, viro@...iv.linux.org.uk
Subject: BUG? task->nsproxy == NULL after main calls pthread_exit

After the main thread in a multi-threaded program calls pthread_exit()
while other threads are still running, attempting to open files in /proc
(like /proc/mounts) fails because get_proc_task(inode)->nsproxy == NULL
(see fs/proc/base.c::mounts_open).  I tested kernel 2.6.12 + glibc 2.3.5
and kernel 2.6.23 + glibc 2.6.1 with the same results.  Here is a
program to illustrate:

#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <pthread.h>

static void *thread_func(void *x)
{
   for (;;)
      {
      int fd;

      fd = open("/proc/mounts", O_RDONLY);
      if (fd == -1)
         {
         perror("open /proc/mounts");
         abort();
         }
      close(fd);

      printf("/proc/mounts still accessible\n");

      sleep(1);
      }

   return NULL;
}

int main(int argc, char *argv[])
{
   pthread_t thr;
   pthread_attr_t thread_attr;

   pthread_attr_init(&thread_attr);
   pthread_attr_setdetachstate(&thread_attr, PTHREAD_CREATE_DETACHED);
   pthread_create(&thr, &thread_attr, &thread_func, NULL);
   sleep(5);
   printf("main thread calling pthread_exit...\n");
   pthread_exit(NULL);

   return 0;
}

Compile with "-D_REENTRANT -lpthread".  Output:

/proc/mounts still accessible
/proc/mounts still accessible
/proc/mounts still accessible
/proc/mounts still accessible
/proc/mounts still accessible
main thread calling pthread_exit...
open /proc/mounts: Invalid argument
Aborted

If it is valid for main() to call pthread_exit() while leaving other
threads running, then this is a bug.  If it is not valid, then this
problem can be ignored, but let me know if that is the case.  AFAIK,
everything else seems to work in this situation; problems opening files
in /proc being the only exception that I have encountered so far.

Thanks,
Tony Battersby

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ