From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 23658 invoked by alias); 5 Jan 2012 21:32:21 -0000 Received: (qmail 23649 invoked by uid 22791); 5 Jan 2012 21:32:20 -0000 X-SWARE-Spam-Status: No, hits=-2.8 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 X-Spam-Check-By: sourceware.org Received: from localhost (HELO sourceware.org) (127.0.0.1) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Thu, 05 Jan 2012 21:32:07 +0000 From: "P at draigBrady dot com" To: glibc-bugs@sources.redhat.com Subject: [Bug libc/13567] New: overflow in emulated timer_settime() on Linux/HPPA at least Date: Thu, 05 Jan 2012 21:32:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: libc X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: P at draigBrady dot com X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: drepper.fsp at gmail dot com X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: Message-ID: X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org X-SW-Source: 2012-01/txt/msg00032.txt.bz2 http://sourceware.org/bugzilla/show_bug.cgi?id=13567 Bug #: 13567 Summary: overflow in emulated timer_settime() on Linux/HPPA at least Product: glibc Version: 2.4 Status: NEW Severity: normal Priority: P2 Component: libc AssignedTo: drepper.fsp@gmail.com ReportedBy: P@draigBrady.com Classification: Unclassified Created attachment 6150 --> http://sourceware.org/bugzilla/attachment.cgi?id=6150 An strace of the problematic timeout run When testing recent coreutils releases on parisc linux, it was noticed that timer_settime($large_num) would cause the timer to immediately fire when $large_num spanned the 2038 boundary. This function is used by the `timeout` utility. Seems to me that time_t is overflowing, and being interpreted as a negative number. Note time_t is signed 32-bit on this platform. $ uname -srm Linux 2.6.22.19 parisc $ /lib/libc.so.6 GNU C Library stable release version 2.7, by Roland McGrath et al. Copyright (C) 2007 Free Software Foundation, Inc. ... Compiled by GNU CC version 4.3.2. Compiled on a Linux >>2.6.32-5-parisc<< system on 2011-01-07. Available extensions: crypt add-on version 2.1 by Michael Glad and others GNU Libidn by Simon Josefsson linuxthreads-0.10 by Xavier Leroy libthread_db work sponsored by Alpha Processor Inc Support for some architectures added on, not maintained in glibc core. BIND-8.2.3-T5B $ grep HAVE_TIMER_SETTIME ../lib/config.h #define HAVE_TIMER_SETTIME 1 $ nm timeout|grep ' U timer' U timer_create@@GLIBC_2.2 U timer_delete@@GLIBC_2.2 U timer_settime@@GLIBC_2.2 -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.