Re: bug in debian glibc
On Fri, Oct 31, 2003 at 12:14:23PM +0300, Alexander Vodomerov wrote:
> Hello!
Please, please, DO NOT report bugs directly to me. If you just wanted
to ping the maintainers, send additional mail to the list or file a bug
report.
> I'm user of Debian unstable. Recently I discovered a bug in GNU libc-2.3.2 on
> Linux on i386 platform (version 2.3.2.ds1-8).
> The bug is in pthread syscalls implementation which brokes internal pthread
> structres, preventing pthread_cancel from correct work. Here is an example.
> I create thread, then I'm trying to cancel it, but it continues to work,
> ignoring cancel request.
You reported this against 2.3.2-9. I didn't respond because I was
preparing 2.3.2.ds1-8. I assume you've retested against the new
version?
Anyway, I see the bug, it was fixed in CVS in:
2003-10-02 Ulrich Drepper <drepper@redhat.com>
* sysdeps/unix/sysv/linux/i386/sysdep-cancel.h: Fix saving and
restoring of the old cancellation type.
I'll update the Debian package. Later.
>
> #include <pthread.h>
> #include <unistd.h>
> #include <sys/stat.h>
> #include <unistd.h>
> #include <fcntl.h>
>
> void* bug (void *t)
> {
> int fd;
> int a;
>
> pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, 0);
>
> fd = open("/dev/zero", O_RDONLY);
> printf("opened fd = %d\n", fd);
> close(fd);
>
> while (1) {
> a++;
> }
> }
>
> int main()
> {
> pthread_t th;
> int retval;
>
> pthread_create(&th, 0, bug, 0);
> usleep(100000);
> pthread_cancel(th);
> pthread_join(th, &retval);
> }
>
> This happens because thread cancel type has been wiped in close(). Further
> investigations shows that close() function is written as assembly macro,
> defined in linuxthreads/sysdeps/unix/sysv/linux/i386/sysdep-cancel.h.
> If pthread is available, macro defines to the following:
> CENABLE
> SAVE_OLDTYPE_##args
> PUSHARGS_##args
> DOCARGS_##args
> movl $SYS_ify (syscall_name), %eax;
> int $0x80
> POPARGS_##args;
> POPCARGS_##args
> cmpl $-4095, %eax;
> jae SYSCALL_ERROR_LABEL
> If syscall has one paramers (as in case of close), value returned from CENABLE
> (which is defined to call __pthread_enable_asynccancel) will be overwritten
> in the next statements. This result in calling __pthread_disable_asynccancel
> call with wrong parameters. All this things broke cancel handling in thread
> structure, preventing pthread_cancel from work.
> Not only close() but any syscall with 1 paramer will do the same!
>
> My system:
> [alex@lorien alex]$ dpkg -l|grep libc6
> ii libc6 2.3.2.ds1-8 GNU C Library: Shared libraries and Timezone
> ii libc6-dbg 2.3.2.ds1-8 GNU C Library: Libraries with debugging symb
> ii libc6-dev 2.3.2.ds1-8 GNU C Library: Development Libraries and Hea
>
> Please, reply that you have received this bug report. If you have no time
> right now I will try to fix it myself (I'll send you a patch in an few days
> probably). BTW, I've seen the same behaviour in RedHat 9, probably bug is in
> glibc (but glibc from gnu.org contain other code, which seems to be right).
>
> With best regards,
> Alexander Vodomerov.
>
--
Daniel Jacobowitz
MontaVista Software Debian GNU/Linux Developer
Reply to: