* [PATCH] Fix pthread_getattr_np
@ 2004-03-22 18:16 Jakub Jelinek
0 siblings, 0 replies; 2+ messages in thread
From: Jakub Jelinek @ 2004-03-22 18:16 UTC (permalink / raw)
To: Ulrich Drepper; +Cc: Glibc hackers
Hi!
On systems with more than 32 * 8 CPUs pthread_getattr_np would get into an
endless loop. Furthermore, if realloc fails, we certainly shouldn't
dereference NULL pointer, but break out of the loop (free (cpuset) is done
after the loop on failures).
The other change is just trying to avoid buffer overflows on systems with
more than 16 billion CPUs (res is a signed value, so if kernel returned
non-error, but bigger than INT_MAX, the following memcpy would do the wrong
thing on 64-bit arches (clear some area beyond end of buffer)).
2004-03-22 Jakub Jelinek <jakub@redhat.com>
* sysdeps/unix/sysv/linux/pthread_getaffinity.c
(__pthread_getaffinity_new): Use INT_MAX instead of UINT_MAX.
* pthread_getattr_np.c (pthread_getattr_np): Double size every cycle.
If realloc fails, break out of the loop.
--- libc/nptl/sysdeps/unix/sysv/linux/pthread_getaffinity.c.jj 2004-03-22 14:45:57.000000000 +0100
+++ libc/nptl/sysdeps/unix/sysv/linux/pthread_getaffinity.c 2004-03-22 15:18:42.402868578 +0100
@@ -34,7 +34,7 @@ __pthread_getaffinity_new (pthread_t th,
INTERNAL_SYSCALL_DECL (err);
int res = INTERNAL_SYSCALL (sched_getaffinity, err, 3, pd->tid,
- MIN (UINT_MAX, cpusetsize), cpuset);
+ MIN (INT_MAX, cpusetsize), cpuset);
if (INTERNAL_SYSCALL_ERROR_P (res, err))
return INTERNAL_SYSCALL_ERRNO (res, err);
--- libc/nptl/pthread_getattr_np.c.jj 2004-03-22 14:42:35.000000000 +0100
+++ libc/nptl/pthread_getattr_np.c 2004-03-22 15:11:39.416215690 +0100
@@ -135,16 +135,18 @@ pthread_getattr_np (thread_id, attr)
if (ret == 0)
{
- size_t size = 32;
+ size_t size = 16;
cpu_set_t *cpuset = NULL;
do
{
+ size <<= 1;
+
void *newp = realloc (cpuset, size);
if (newp == NULL)
{
- free (cpuset);
ret = ENOMEM;
+ break;
}
cpuset = (cpu_set_t *) newp;
Jakub
^ permalink raw reply [flat|nested] 2+ messages in thread* [PATCH] Fix pthread_getattr_np
@ 2007-06-22 10:05 Jakub Jelinek
0 siblings, 0 replies; 2+ messages in thread
From: Jakub Jelinek @ 2007-06-22 10:05 UTC (permalink / raw)
To: Ulrich Drepper; +Cc: Glibc hackers
Hi!
My reading of pthread_getattr_np is that following code will crash:
pthread_attr_t attr;
memset (&attr, 0xaa, sizeof (attr)); // Stress that attr is uninitialized
if (pthread_getattr_np (pthread_self (), &attr) == 0)
pthread_attr_destroy (&attr);
if sched_getaffinity returns ENOSYS.
One way to fix this is below, another would be e.g. to clear whole
pthread_attr_t at the start of pthread_getattr_np. That could cure even
crashes on invalid careless code like e.g. boehm-gc does:
my_pthread = pthread_self();
pthread_getattr_np (my_pthread, &attr);
pthread_attr_getstack (&attr, (void **) &stack_addr, &stack_size);
pthread_attr_destroy (&attr);
(which has to be fixed anyway).
2007-06-22 Jakub Jelinek <jakub@redhat.com>
* pthread_getattr_np.c (pthread_getattr_np): Clear cpuset and
cpusetsize if pthread_getaffinity_np failed with ENOSYS.
--- libc/nptl/pthread_getattr_np.c.jj 2007-06-04 08:42:05.000000000 +0200
+++ libc/nptl/pthread_getattr_np.c 2007-06-22 11:41:48.000000000 +0200
@@ -164,8 +164,12 @@ pthread_getattr_np (thread_id, attr)
{
free (cpuset);
if (ret == ENOSYS)
- /* There is no such functionality. */
- ret = 0;
+ {
+ /* There is no such functionality. */
+ ret = 0;
+ iattr->cpuset = NULL;
+ iattr->cpusetsize = 0;
+ }
}
}
Jakub
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-06-22 10:05 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-03-22 18:16 [PATCH] Fix pthread_getattr_np Jakub Jelinek
2007-06-22 10:05 Jakub Jelinek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).