[libvirt] [PATCH 3/3] virCommand: use procfs to learn opened FDs
Eric Blake
eblake at redhat.com
Mon Jul 15 14:23:25 UTC 2019
On 7/14/19 12:23 AM, Florian Weimer wrote:
> * Eric Blake:
>
>> Does anyone know if glibc guarantees that opendir/readdir in between
>> multi-threaded fork() and exec() is safe, even though POSIX does not
>> guarantee that safety in general?
>
> glibc supports malloc after multi-threaded fork as an extension (or as
> a bug, because it makes malloc not async-signal-safe).
It's not a bug for glibc to provide guarantees above what POSIX
requires, but IS a bug for applications to depend on those guarantees
without realizing they are non-portable.
>
> If you do not want to use opendir/readdir, issuing getdents64 directly
> and parsing the buffer is your best option right now. (Lowering the
> RLIMIT_NOFILE limit does not enable probing for stray descriptors,
> unfortunately.) But opendir/readdir after fork should be fine,
> really.
Thanks for checking; I'm okay with the patch that started this thread
going in libvirt if we tweak it to also include a big fat comment
stating that use of opendir/readdir is not safe in general, but should
be safe in this specific use (because glibc adds async-signal safety to
those functions that was not required by POSIX), since the patch is only
using opendir on Linux.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20190715/836e2d34/attachment-0001.sig>
More information about the libvir-list
mailing list