[torquedev] Double free and touches of freed memory inside pbs_server

Eygene Ryabinkin rea+maui at grid.kiae.ru
Thu Aug 5 21:48:47 MDT 2010


Thu, Aug 05, 2010 at 01:23:29PM -0700, Garrick Staples wrote:
> On Thu, Aug 05, 2010 at 11:39:47PM +0400, Eygene Ryabinkin alleged:
> > It relays the request to the MOM and it is put to the working queue.
> > Meanwhile, when the request flow continues, the passed request pointer
> > is freed (before MOM's answer is worked out).
> > 
> > So, not every server->mom request should fail, only those which resulted
> > from the client-initiated request that involves server->mom secondary
> > request(s).
> 
> So qrun, qdel, and qsig should have the same problem?

Why?  They are just user-space commands that initiate requests to the
server from the client side -- they don't relay commands to the MOM,
aren't they?

They could initiate the problems within the pbs_server, but I am not so
familiar with the workflow involved with these 3 commands.  Though, I'd
rather say that qalter should be the main headache, since it alters the
attributes (resource limits) and this is the way how relay_to_mom() can
be called inside req_modifyjob().

Do you see some problems with the logics I had outlined in my initial
posting and/or Bugzilla report?
-- 
Eygene Ryabinkin, Russian Research Centre "Kurchatov Institute"


More information about the torquedev mailing list