This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/11655] New: qsort() not thread safe, results to division by zero
- From: "tmo at iki dot fi" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 2 Jun 2010 08:49:16 -0000
- Subject: [Bug libc/11655] New: qsort() not thread safe, results to division by zero
- Reply-to: sourceware-bugzilla at sourceware dot org
Function qsort_r() is not thread-safe. This results to division by zero if two
threads call it at the same time, and both sort more than 1024 bytes of data.
Function contains code fragment
--
[A] if (phys_pages == 0) {
phys_pages = sysconf()
...
pagesize = sysconf()
}
[B] if (size / pagesize > phys_pages)
--
The first thread detects phys_pages being zero on [A] and may not yet have
assigned pagesize, when the second thread enters the code, sees phys_pages being
nonzero at [A], and performs division by zero pagesize at [B].
BR
--
Tero Mononen <tmo@iki.fi>
--
Summary: qsort() not thread safe, results to division by zero
Product: glibc
Version: 2.12
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: tmo at iki dot fi
CC: glibc-bugs at sources dot redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=11655
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.