2004-01-05 10:05:09

by Zhu Yi

[permalink] [raw]
Subject: [Bugfix] Set more than 32K pid_max


I found this is a bug in alloc_pidmap(). If one sets
/proc/sys/kernel/pid_max more than 32768, "map" will
increases 1 at (pid from 32767 to 32768)

110: map = pidmap_array + pid / BITS_PER_PAGE;

But at

126: map = next_free_map(map, &max_steps);

"map" will increase 1 again, because offset == 0.

This is not correct, but only happens when pid_max > 32k.



--- pid.c.old 2004-01-05 14:53:03.000000000 +0800
+++ pid.c 2004-01-05 17:27:53.000000000 +0800
@@ -122,6 +122,8 @@
}

if (!offset || !atomic_read(&map->nr_free)) {
+ if (!offset)
+ map--;
next_map:
map = next_free_map(map, &max_steps);
if (!map)


--
-----------------------------------------------------------------
Opinions expressed are those of the author and do not represent
Intel Corp.

Zhu Yi (Chuyee)

GnuPG v1.0.6 (GNU/Linux)
http://cn.geocities.com/chewie_chuyee/gpg.txt or
$ gpg --keyserver wwwkeys.pgp.net --recv-keys 71C34820
1024D/71C34820 C939 2B0B FBCE 1D51 109A 55E5 8650 DB90 71C3 4820


2004-01-06 03:15:45

by Marcos D. Marado Torres

[permalink] [raw]
Subject: Re: [Bugfix] Set more than 32K pid_max (reformatted)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 6 Jan 2004, Zhu, Yi wrote:

> if (!offset || !atomic_read(&map->nr_free)) {
> + if (!offser)

I suppose it should be "if (!offset)"...

Mind Booster Noori

- --
==================================================
Marcos Daniel Marado Torres AKA Mind Booster Noori
/"\ http://student.dei.uc.pt/~marado
\ / [email protected]
X ASCII Ribbon Campaign
/ \ against HTML e-mail and Micro$oft attachments
==================================================

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQE/+igomNlq8m+oD34RAgGcAJ9p12OYiL/XKCJu4JPczbNO8+P6rwCg3Wdz
eIkeuX3q4JuVHaLeGXGIDIA=
=vP/K
-----END PGP SIGNATURE-----

2004-01-06 03:06:41

by Zhu Yi

[permalink] [raw]
Subject: [Bugfix] Set more than 32K pid_max (reformatted)


Hi Andrew and Ingo,

Would any of you review the below patch? I think it is a bug and the fix
is obvious. The bug can be reproduced as follow:

$ echo 40000 > /proc/sys/kernel/pid_max
$ # suppose current latest pid is 2198
$ for((i=2199;i<32768;i++));do ps; done
$ ps
PID TTY TIME CMD
2274 pts/0 00:00:00 bash
65536 pts/0 00:00:00 ps
$ ps
PID TTY TIME CMD
2274 pts/0 00:00:00 bash
300 pts/0 00:00:00 ps


Thanks Petri Koistinen reformatted the patch as follow.

--- linux-2.5/kernel/pid.c.orig 2004-01-05 17:54:46.000000000 +0200
+++ linux-2.5/kernel/pid.c 2004-01-05 17:55:35.000000000 +0200
@@ -122,6 +122,8 @@
}

if (!offset || !atomic_read(&map->nr_free)) {
+ if (!offser)
+ map--;
next_map:
map = next_free_map(map, &max_steps);
if (!map)


On Mon, 5 Jan 2004, Zhu, Yi wrote:
>
> I found this is a bug in alloc_pidmap(). If one sets
> /proc/sys/kernel/pid_max more than 32768, "map" will
> increases 1 at (pid from 32767 to 32768)
>
> 110: map = pidmap_array + pid / BITS_PER_PAGE;
>
> But at
>
> 126: map = next_free_map(map, &max_steps);
>
> "map" will increase 1 again, because offset == 0.
>
> This is not correct, but only happens when pid_max > 32k.

--
-----------------------------------------------------------------
Opinions expressed are those of the author and do not represent
Intel Corp.

Zhu Yi (Chuyee)

GnuPG v1.0.6 (GNU/Linux)
http://cn.geocities.com/chewie_chuyee/gpg.txt or
$ gpg --keyserver wwwkeys.pgp.net --recv-keys 71C34820
1024D/71C34820 C939 2B0B FBCE 1D51 109A 55E5 8650 DB90 71C3 4820

2004-01-06 03:32:47

by Zhu Yi

[permalink] [raw]
Subject: Re: [Bugfix] Set more than 32K pid_max (reformatted)

On Tue, 6 Jan 2004, Marcos D. Marado Torres wrote:

> >???????? if (!offset || !atomic_read(&map->nr_free)) {
> > +?????????????? if (!offser)
>
> I suppose it should be "if (!offset)"...

Yes, my mistake. Thanks!

2004-01-06 18:10:43

by Petri T. Koistinen

[permalink] [raw]
Subject: Re: [Bugfix] Set more than 32K pid_max (reformatted)

Hi!

On Tue, 6 Jan 2004, Zhu, Yi wrote:

> On Tue, 6 Jan 2004, Marcos D. Marado Torres wrote:
>
> > >???????? if (!offset || !atomic_read(&map->nr_free))=
> {
> > > +?????????????? if (!offser)
> >
> > I suppose it should be "if (!offset)"...
>
> Yes, my mistake. Thanks!

Nope, my fault. Here it goes one more time, hopefully right.

Petri

--- linux-2.6/kernel/pid.c.orig 2004-01-05 17:54:46.000000000 +0200
+++ linux-2.6/kernel/pid.c 2004-01-05 17:55:35.000000000 +0200
@@ -122,6 +122,8 @@
}

if (!offset || !atomic_read(&map->nr_free)) {
+ if (!offset)
+ map--;
next_map:
map = next_free_map(map, &max_steps);
if (!map)

2004-03-29 15:46:16

by Zhu Yi

[permalink] [raw]
Subject: Re: [Bugfix] Set more than 32K pid_max (reformatted)

On Tue, 6 Jan 2004, Marcos D. Marado Torres wrote:

> >???????? if (!offset || !atomic_read(&map->nr_free)) {
> > +?????????????? if (!offser)
>
> I suppose it should be "if (!offset)"...

Yes, my mistake. Thanks!

2004-03-29 15:46:16

by Marcos D. Marado Torres

[permalink] [raw]
Subject: Re: [Bugfix] Set more than 32K pid_max (reformatted)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 6 Jan 2004, Zhu, Yi wrote:

> if (!offset || !atomic_read(&map->nr_free)) {
> + if (!offser)

I suppose it should be "if (!offset)"...

Mind Booster Noori

- --
==================================================
Marcos Daniel Marado Torres AKA Mind Booster Noori
/"\ http://student.dei.uc.pt/~marado
\ / [email protected]
X ASCII Ribbon Campaign
/ \ against HTML e-mail and Micro$oft attachments
==================================================

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQE/+igomNlq8m+oD34RAgGcAJ9p12OYiL/XKCJu4JPczbNO8+P6rwCg3Wdz
eIkeuX3q4JuVHaLeGXGIDIA=
=vP/K
-----END PGP SIGNATURE-----