I spotted these by inspection, but Steven said on irc that this sort of infloop has actually been seen in practice.
>From 8907a0affff35f6637ccd560a3e872caf1fab36d Mon Sep 17 00:00:00 2001 From: Jim Meyering <[email protected]> Date: Fri, 20 Mar 2009 13:38:34 +0100 Subject: [PATCH] avoid infloop upon out-of-memory or out-of-semaphores * coroipc.c (cslib_service_connect): Upon shmget failure loop only when errno == EEXIST. Any other error now translates to res_setup.error. Likewise for semget. --- lib/coroipc.c | 26 +++++++++++++++++++------- 1 files changed, 19 insertions(+), 7 deletions(-) diff --git a/lib/coroipc.c b/lib/coroipc.c index e3aa299..48a3caa 100644 --- a/lib/coroipc.c +++ b/lib/coroipc.c @@ -315,20 +315,32 @@ cslib_service_connect ( /* * Allocate a shared memory segment */ - do { + while (1) { shmkey = random(); - ipc_segment->shmid = shmget (shmkey, sizeof (struct shared_memory), - IPC_CREAT|IPC_EXCL|0600); - } while (ipc_segment->shmid == -1); + if ((ipc_segment->shmid + = shmget (shmkey, sizeof (struct shared_memory), + IPC_CREAT|IPC_EXCL|0600)) != -1) { + break; + } + if (errno != EEXIST) { + goto error_exit; + } + } /* * Allocate a semaphore segment */ - do { + while (1) { semkey = random(); - ipc_segment->semid = semget (semkey, 3, IPC_CREAT|IPC_EXCL|0600); ipc_segment->euid = geteuid (); - } while (ipc_segment->semid == -1); + if ((ipc_segment->semid = + semget (semkey, 3, IPC_CREAT|IPC_EXCL|0600)) != -1) { + break; + } + if (errno != EEXIST) { + goto error_exit; + } + } /* * Attach to shared memory segment -- 1.6.2.rc1.285.gc5f54 _______________________________________________ Openais mailing list [email protected] https://lists.linux-foundation.org/mailman/listinfo/openais
