Bug 9939 - MCheck is not thread safe - can report false errors on multi threaded apps
Summary: MCheck is not thread safe - can report false errors on multi threaded apps
Status: RESOLVED WONTFIX
Alias: None
Product: glibc
Classification: Unclassified
Component: libc (show other bugs)
Version: 2.4
: P2 normal
Target Milestone: ---
Assignee: Ulrich Drepper
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-03-11 15:08 UTC by Wayne Johnson
Modified: 2014-07-01 20:39 UTC (History)
2 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:
fweimer: security-


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Wayne Johnson 2009-03-11 15:08:27 UTC
MCheck is not thread safe - can report false errors on multi threaded apps.  

mcheck.c uses the __malloc_hook (et al) feature of malloc.c & arena.c to
intercept memory requests.  During it's processing, it swaps the _hooks back to
their original values and recursively calls the memory request in order to do
the actual memory request.  While this hook is swapped out, another thread could
call the memory request and at that point get memory that bypassed mcheck.  This
memory will then be reported as corrupt if it is freed with the mcheck hook back
in place.

Possible fixes:
1) Add linkage to malloc.c's _int_malloc (el al) functions that would allow
mcheck to access the memory allocation without having to go through the code
implementing the hooks.

2) Change or add a new hook set that allows the hooker to wrapper the call, not
just intercept it.

3) Write a separate memory pool routine for use in mcheck.  (yuck).
Comment 1 Ulrich Drepper 2009-03-11 15:14:19 UTC
This is by design.  This can never be changed without breaking various ABIs.