open(2) and unshare(2) with CLONE_FILES could race

rr-debugger / rr

Record and Replay Framework

http://rr-project.org/

Other

9.1k stars 581 forks source link

open(2) and unshare(2) with CLONE_FILES could race #2446

Open khuey opened 4 years ago

khuey commented 4 years ago

A similar race to the one handled in ac321e492e3c517ee5a26d990271728c55a732c7, if a task is descheduled in an open(2) and another task sharing its FdTable unshares we may not pick up the correct state of the FdTable when we clone it.

The fix here might be to wait for the outstanding open(2) to complete before allowing the unshare(2) to move forward.

rocallahan commented 4 years ago

The fix here might be to wait for the outstanding open(2) to complete before allowing the unshare(2) to move forward.

Doing this could cause deadlocks in contrived cases, e.g. if open opens a FIFO, but the other end is opened by the unshare thread after the unshare.