diff options
| author | Changbin Du <changbin.du@huawei.com> | 2026-01-08 19:38:36 +0800 |
|---|---|---|
| committer | Jonathan Corbet <corbet@lwn.net> | 2026-01-12 08:45:38 -0700 |
| commit | bbf8c67aa6ae8bd588f097510d887dad071f9f43 (patch) | |
| tree | 82a9f0abb844700c8b279d2ad3994e0ac483c215 /tools/lib/python/jobserver.py | |
| parent | be5c6ec66030b77bc0dbc775e6c0b625f7526545 (diff) | |
tools: jobserver: Prevent deadlock caused by incorrect jobserver configuration and enhance error reporting
When using GNU Make's jobserver feature in kernel builds, a bug in MAKEFLAGS
propagation caused "--jobserver-auth=r,w" to reference an unintended file
descriptor. This led to infinite loops in jobserver-exec's os.read() calls
due to empty token.
My shell opened /etc/passwd for some reason without closing it, and as a
result, all child processes inherited this fd 3.
$ ls -l /proc/self/fd
total 0
lrwx------ 1 changbin changbin 64 Dec 25 13:03 0 -> /dev/pts/1
lrwx------ 1 changbin changbin 64 Dec 25 13:03 1 -> /dev/pts/1
lrwx------ 1 changbin changbin 64 Dec 25 13:03 2 -> /dev/pts/1
lr-x------ 1 changbin changbin 64 Dec 25 13:03 3 -> /etc/passwd
lr-x------ 1 changbin changbin 64 Dec 25 13:03 4 -> /proc/1421383/fd
In this case, the `make` should open a new file descriptor for jobserver
control, but clearly, it did not do so and instead still passed fd 3 as
"--jobserver-auth=3,4" in MAKEFLAGS. (The version of my gnu make is 4.3)
This update ensures robustness against invalid jobserver configurations,
even when `make` incorrectly pass non-pipe file descriptors.
* Rejecting empty reads to prevent infinite loops on EOF.
* Clearing `self.jobs` to avoid writing to incorrect files if invalid tokens
are detected.
* Printing detailed error messages to stderr to inform the user.
Cc: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Reviewed-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Signed-off-by: Changbin Du <changbin.du@huawei.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Message-ID: <20260108113836.2976527-1-changbin.du@huawei.com>
Diffstat (limited to 'tools/lib/python/jobserver.py')
| -rwxr-xr-x | tools/lib/python/jobserver.py | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/tools/lib/python/jobserver.py b/tools/lib/python/jobserver.py index a24f30ef4fa8..616411087725 100755 --- a/tools/lib/python/jobserver.py +++ b/tools/lib/python/jobserver.py @@ -91,6 +91,10 @@ class JobserverExec: while True: try: slot = os.read(self.reader, 8) + if not slot: + # Clear self.jobs to prevent us from probably writing incorrect file. + self.jobs = b"" + raise ValueError("unexpected empty token from jobserver fd, invalid '--jobserver-auth=' setting?") self.jobs += slot except (OSError, IOError) as e: if e.errno == errno.EWOULDBLOCK: @@ -105,7 +109,8 @@ class JobserverExec: # to sit here blocked on our child. self.claim = len(self.jobs) + 1 - except (KeyError, IndexError, ValueError, OSError, IOError): + except (KeyError, IndexError, ValueError, OSError, IOError) as e: + print(f"jobserver: warning: {repr(e)}", file=sys.stderr) # Any missing environment strings or bad fds should result in just # not being parallel. self.claim = None |