Opened 15 years ago
Last modified 2 years ago
#3127 assigned bug
NULL pointer access inside fork()
| Reported by: | bhaible | Owned by: | nobody |
|---|---|---|---|
| Priority: | normal | Milestone: | R1 |
| Component: | System/Kernel | Version: | R1/pre-alpha1 |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: | ||
| Platform: | All |
Description
While running a configure script in tight memory situation, I got an application crash. Clicking on the "Debug" button of the error dialog, I was presented a gdb session the shell that was executing the configure script. At the top, function fork().
To reproduce:
- Start Haiku in QEMU with 256 MB RAM allocated to it,
- Open a Terminal.
- $ tar xvfz testdir3.tar.gz
- $ cd testdir3
- $ ./configure --host=i586-pc-haiku --build=i586-pc-haiku
--prefix=/boot/home/config CPPFLAGS="-Wall" 2>&1 | tee log1
- Wait a couple of hours.
Change History (7)
comment:1 by , 15 years ago
comment:2 by , 15 years ago
The general memory tightness is apparently caused by a kernel memory leak (cf. #3128). Generally fork() should report ENOMEM instead of crashing, but if the virtual memory is really exhausted, touching previously unused stack will definitely crash programs, since the stacks are over-committing. And there's little else we can do in such a case. The syslog (/var/log/syslog) should help to verify whether the page fault happened on the stack.
follow-up: 4 comment:3 by , 15 years ago
We could let fork() reserve one or two stack pages for the new team, so that it could fail with ENOMEM in most of these cases as well.
follow-up: 5 comment:4 by , 15 years ago
Replying to axeld:
We could let fork() reserve one or two stack pages for the new team, so that it could fail with ENOMEM in most of these cases as well.
That doesn't make much sense. fork() is not supposed to return an error code in the child. Crashing really is the only option I'm afraid.
comment:5 by , 15 years ago
Replying to bonefish:
That doesn't make much sense. fork() is not supposed to return an error code in the child. Crashing really is the only option I'm afraid.
Who said it would do that? The areas of the new team are allocated in the parent, so we can also commit memory there for the child; if that fails, we can let fork() fail which would cause it to return ENOMEM in the parent process, before the child has been started.
comment:6 by , 7 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:7 by , 2 years ago
| Component: | - General → System/Kernel |
|---|
I would guess that's not too surprising - if it runs out of memory there is little it can do. But I keep it open to have a deeper look at it first.