Debian Bug report logs - #534879
fakeroot: chmod race

version graph

Package: fakeroot; Maintainer for fakeroot is Clint Adams <clint@debian.org>; Source for fakeroot is src:fakeroot.

Reported by: Samuel Thibault <sthibault@debian.org>

Date: Sat, 27 Jun 2009 22:00:02 UTC

Severity: important

Found in version fakeroot/1.12.2

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Clint Adams <schizo@debian.org>:
Bug#534879; Package fakeroot. (Sat, 27 Jun 2009 22:00:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Samuel Thibault <sthibault@debian.org>:
New Bug report received and forwarded. Copy sent to Clint Adams <schizo@debian.org>. (Sat, 27 Jun 2009 22:00:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Samuel Thibault <sthibault@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Cc: debian-hurd@lists.debian.org
Subject: fakeroot: chmod race
Date: Sat, 27 Jun 2009 23:49:28 +0200
Package: fakeroot
Version: 1.12.2
Severity: important

Hello,

We're getting FTBFSs on hurd-i386 because of /usr/bin/diff getting
644 instead of 755. This is apparently due to a race in fakeroot-tcp
triggered by install -s, which does the following:

- copy the target file, which is now 600
- fork()
  - in the child exec strip(target file), which calls chmod(600) after
    stripping the file.
  - in the parent wait for the child
- chmod(target file, 755)

sometimes chmod() doesn't have effect. If I put a sleep right before
chmod() (or even just a printf), things are ok.

Looking at the chmod implementation of fakeroot, it just sends a message
to the fakeroot-tcp daemon, which updates the permissions there.  The
race is that the message to fakeroot-tcp corresponding to strip's
chmod(600) may be processed after the one from install's chmod(755),
as the fakeroot-tcp daemon processes messages just in socket order and
doesn't make the client wait for completion of chmod...

Samuel

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.30 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages fakeroot depends on:
ii  libc6                         2.9-12     GNU C Library: Shared libraries

fakeroot recommends no packages.

fakeroot suggests no packages.

-- no debconf information




Information forwarded to debian-bugs-dist@lists.debian.org, Clint Adams <schizo@debian.org>:
Bug#534879; Package fakeroot. (Mon, 17 Aug 2009 00:30:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Eduardo Habkost <ehabkost@raisama.net>:
Extra info received and forwarded to list. Copy sent to Clint Adams <schizo@debian.org>. (Mon, 17 Aug 2009 00:30:06 GMT) Full text and rfc822 format available.

Message #10 received at 534879@bugs.debian.org (full text, mbox):

From: Eduardo Habkost <ehabkost@raisama.net>
To: 534879@bugs.debian.org
Cc: Clint Adams <schizo@debian.org>
Subject: [PATCH] fakeroot: test script for faked-tcp race (debian bug #534879)
Date: Sun, 16 Aug 2009 21:27:28 -0300
Hi,

The following patch adds a test that tries to trigger the race mentioned
on debian bug #534879.

I got failures only if using TCP, but maybe the race exists if using
sysv, being just harder to reproduce.

---
 test/Makefile.am  |    5 +++
 test/checktiming  |   91 +++++++++++++++++++++++++++++++++++++++++++++++++++
 test/t.timing     |    4 ++
 test/timedchown.c |   94 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 test/timedstat.c  |   68 ++++++++++++++++++++++++++++++++++++++
 5 files changed, 262 insertions(+), 0 deletions(-)
 create mode 100755 test/checktiming
 create mode 100755 test/t.timing
 create mode 100644 test/timedchown.c
 create mode 100644 test/timedstat.c

diff --git a/test/Makefile.am b/test/Makefile.am
index c7448b0..e12b6e9 100644
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -22,4 +22,9 @@ TESTS_ENVIRONMENT =				\
 CLEANFILES = tmp* tartest.tar.gz hda3
 
 check_SCRIPTS = $(TESTS) echo_arg tartest compare-tar defs
+check_PROGRAMS = timedstat timedchown
+
+timedstat_SOURCES = timedstat.c
+timedchown_SOURCES = timedchown.c
+
 EXTRA_DIST = $(check_SCRIPTS) tartest.tar.gz.uue
diff --git a/test/checktiming b/test/checktiming
new file mode 100755
index 0000000..b7ec131
--- /dev/null
+++ b/test/checktiming
@@ -0,0 +1,91 @@
+#!/bin/sh
+# fakeroot load-test
+#
+# This test tests if fakeroot breaks under load, especially ordering
+# of calls between different processes.
+#
+# Copyright (c) 2009 Eduardo Habkost <ehabkost@raisama.net>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+set -e
+
+tmp="$1"
+
+chmod_flood()
+{
+	while :;do
+		chmod 0777 $tmp/dummy.$1.*
+		chmod 0600 $tmp/dummy.$1.*
+	done
+}
+
+create_dummy_files()
+{
+	echo Creating dummy files:
+	for t in `seq 1 $threads`;do
+		for n in `seq 1 $files`;do
+			touch $tmp/dummy.$t.$n
+		done
+		echo -n .
+	done
+	echo
+}
+
+start_flooding()
+{
+	pids=
+	echo Creating flooder threads:
+	for t in `seq 1 $threads`;do
+		chmod_flood $t 2>/dev/null &
+		pids="$pids $!"
+		echo -n .
+	done
+	echo
+	trap terminate_threads EXIT INT
+}
+
+terminate_threads()
+{
+	[ -n "$pids" ] && kill $pids
+	wait
+	pids=
+}
+
+
+mkdir -p "$tmp"
+
+threads=2
+files=20
+
+create_dummy_files
+start_flooding
+
+set -x
+
+
+touch $tmp/testfile
+
+mkfifo $tmp/replies
+
+./timedchown 10 20 $tmp/testfile 1000 1000 $tmp/replies \
+	| ./timedstat $tmp/testfile $tmp/replies
+
+terminate_threads
+exit 0
diff --git a/test/t.timing b/test/t.timing
new file mode 100755
index 0000000..6cb3c9c
--- /dev/null
+++ b/test/t.timing
@@ -0,0 +1,4 @@
+#!/bin/sh
+. ./defs || exit 1
+
+run_fakeroot -- ${srcdir}/checktiming $tmp
diff --git a/test/timedchown.c b/test/timedchown.c
new file mode 100644
index 0000000..4327070
--- /dev/null
+++ b/test/timedchown.c
@@ -0,0 +1,94 @@
+/* Small utility to test ordering and timing on fakeroot
+ *
+ * Copyright (c) 2009 Eduardo Habkost <ehabkost@raisama.net>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <stdio.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <stdlib.h>
+
+
+FILE *reply_fifo;
+
+void doit(const char *file, uid_t uid, uid_t uid2, int count)
+{
+	int i;
+	char reply[256];
+
+	fprintf(stderr, "dummy chown requests:\n");
+	fflush(stderr);
+
+	/* first, flood faked with other calls */
+	for (i = 0; i < count; i++) {
+		if (chown(file, uid2, -1) < 0)
+			exit(1);
+	}
+
+	fprintf(stderr, "real chown request:\n");
+	fflush(stderr);
+
+	/* now, send the real chown call: */
+	if (chown(file, uid, -1) < 0)
+		exit(1);
+
+	fprintf(stderr, "uid changed to %d. notifying.\n", (int)uid);
+	fflush(stderr);
+
+	/* tell the other side we are done */
+	printf("%d\n", (int)uid);
+	fflush(stdout);
+
+	/* wait for the other side to reply */
+	if (!fgets(reply, 256, reply_fifo))
+		exit(1);
+
+	fprintf(stderr, "got reply: %s\n", reply);
+	fflush(stderr);
+
+}
+
+int main(int argc, const char *argv[])
+{
+	const char *file;
+	uid_t uid1, uid2;
+	int floodcount, loopcount, i;
+
+	if (argc < 6)
+		return 1;
+
+	uid1 = atoi(argv[1]);
+	uid2 = atoi(argv[2]);
+	file = argv[3];
+	floodcount = atoi(argv[4]);
+	loopcount = atoi(argv[5]);
+	reply_fifo = fopen(argv[6], "r");
+	if (!reply_fifo)
+		return 1;
+
+	for (i = 0; i < loopcount; i++) {
+		/* alternate between uid1 and uid2 */
+		doit(file, uid1, uid2, floodcount);
+		doit(file, uid2, uid1, floodcount);
+	}
+}
diff --git a/test/timedstat.c b/test/timedstat.c
new file mode 100644
index 0000000..135a0bd
--- /dev/null
+++ b/test/timedstat.c
@@ -0,0 +1,68 @@
+/* Small utility to test ordering and timing on fakeroot
+ *
+ * Copyright (c) 2009 Eduardo Habkost <ehabkost@raisama.net>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <stdio.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+
+FILE *reply_fifo;
+
+int main(int argc, const char *argv[])
+{
+	const char *filename;
+
+	if (argc < 1)
+		return 1;
+
+	filename = argv[1];
+	reply_fifo = fopen(argv[2], "w");
+	if (!reply_fifo)
+		return 1;
+
+	while (1) {
+		uid_t uid;
+		char buf[256];
+
+		if (!fgets(buf, 256, stdin))
+			return 0;
+
+		uid = atoi(buf);
+
+		struct stat st;
+		if (stat(argv[1], &st) < 0)
+			return 1;
+
+		printf("expected uid: %d. mode: 0%o, uid: %d\n", (int)uid, (int)st.st_mode, (int)st.st_uid);
+
+		if (uid != st.st_uid) {
+			fprintf(stderr, "FAIL: %d != %d\n", (int)uid, (int)st.st_uid);
+			return 1;
+		}
+
+		fprintf(reply_fifo, "ok\n");
+		fflush(reply_fifo);
+	}
+}
-- 
1.6.4

-- 
Eduardo




Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#534879; Package fakeroot. (Mon, 17 Aug 2009 01:45:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Clint Adams <schizo@debian.org>:
Extra info received and forwarded to list. (Mon, 17 Aug 2009 01:45:03 GMT) Full text and rfc822 format available.

Message #15 received at 534879@bugs.debian.org (full text, mbox):

From: Clint Adams <schizo@debian.org>
To: Eduardo Habkost <ehabkost@raisama.net>, 534879@bugs.debian.org
Subject: Re: Bug#534879: [PATCH] fakeroot: test script for faked-tcp race (debian bug #534879)
Date: Mon, 17 Aug 2009 01:44:14 +0000
On Sun, Aug 16, 2009 at 09:27:28PM -0300, Eduardo Habkost wrote:
> The following patch adds a test that tries to trigger the race mentioned
> on debian bug #534879.
> 
> I got failures only if using TCP, but maybe the race exists if using
> sysv, being just harder to reproduce.

I'm hesitant to commit this until we have a solution to the problem.




Information forwarded to debian-bugs-dist@lists.debian.org, Clint Adams <schizo@debian.org>:
Bug#534879; Package fakeroot. (Mon, 17 Aug 2009 02:15:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Eduardo Habkost <ehabkost@raisama.net>:
Extra info received and forwarded to list. Copy sent to Clint Adams <schizo@debian.org>. (Mon, 17 Aug 2009 02:15:03 GMT) Full text and rfc822 format available.

Message #20 received at 534879@bugs.debian.org (full text, mbox):

From: Eduardo Habkost <ehabkost@raisama.net>
To: Clint Adams <schizo@debian.org>
Cc: 534879@bugs.debian.org
Subject: Re: Bug#534879: [PATCH] fakeroot: test script for faked-tcp race (debian bug #534879)
Date: Sun, 16 Aug 2009 23:14:15 -0300
On Mon, Aug 17, 2009 at 01:44:14AM +0000, Clint Adams wrote:
> On Sun, Aug 16, 2009 at 09:27:28PM -0300, Eduardo Habkost wrote:
> > The following patch adds a test that tries to trigger the race mentioned
> > on debian bug #534879.
> > 
> > I got failures only if using TCP, but maybe the race exists if using
> > sysv, being just harder to reproduce.
> 
> I'm hesitant to commit this until we have a solution to the problem.

I wouldn't commit it before having a fix, either. I've just sent it
hopging it is useful for testing and debugging.

-- 
Eduardo




Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 21:30:59 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.