Skip to content

Fix use of uninitialized memory in pcntl SIGCHLD handling #11536

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Fix use of uninitialized memory in pcntl SIGCHLD handling #11536

wants to merge 1 commit into from

Conversation

iluuu1994
Copy link
Member

psig needs to stay the tail, so that we don't get a dangling element on the end.

@iluuu1994 iluuu1994 requested a review from nielsdos June 26, 2023 09:24
iluuu1994
iluuu1994 commented Jun 26, 2023
View reviewed changes
@nielsdos
Copy link
Member

I'm a bit lost in understanding where the uninitialized memory problem is, and how this fixes it. I need a bit of help understanding this, sorry :/

I have one comment though: the reason I had a goto single_signal; is because I was afraid that a failure of waitpid in the first iteration will cause the psig fields to be uninitialized.

@iluuu1994
Copy link
Member Author

No worries! For context: https://github.com/php/php-src/actions/runs/5372867556/jobs/9746699882

The problem is that previously, we would run psig = psig->next; at the end of the loop for SIGCHLD. This means that, when the loop is finished, we're not pointing to the last element of the used signals, but to the fist unused one. However, the code below it treats psig as the last used one, using its next as the new PCNTL_G(spares). So, we have an unused element at the end of the signal chain, which has its signo uninitialized, thus causing the MSAN failure.

@nielsdos
Copy link
Member

Ooooh I get it. Thanks.
Yeah, then this patch looks good, except for the single signal case. It is possible to hit if we get a race where one thread consumes all children in the waitpid loop.

@iluuu1994 iluuu1994 force-pushed the gh-11498-fix-uninitialized-memory branch from 183f71a to c57b07d Compare June 26, 2023 16:42
nielsdos
nielsdos approved these changes Jun 26, 2023
View reviewed changes
Copy link
Member

@nielsdos nielsdos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks.
Code looks okay. Im happy if CI is happy with this

@iluuu1994
Fix use of uninitialized memory in pcntl SIGCHLD handling
cbb97f7 
psig needs to stay the tail, so that we don't get a dangling element on the end.
@iluuu1994 iluuu1994 force-pushed the gh-11498-fix-uninitialized-memory branch from c57b07d to cbb97f7 Compare June 26, 2023 16:55
@iluuu1994 iluuu1994 closed this in 003cf9d Jun 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dunglas dunglas dunglas left review comments

@Girgias Girgias Girgias left review comments

@nielsdos nielsdos nielsdos approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@iluuu1994 @nielsdos @dunglas @Girgias