Bug 1027101

Summary: Race condition using ATOMIC_FASTBINS.
Product: Red Hat Enterprise Linux 6 Reporter: Divya <dbasant>
Component: glibcAssignee: Carlos O'Donell <codonell>
Status: CLOSED ERRATA QA Contact: Arjun Shankar <ashankar>
Severity: high Docs Contact:
Priority: urgent    
Version: 6.4CC: alanm, ashankar, bhubbard, bkunal, dberry, dkochuka, fweimer, law, mfranc, michele, mosvald, mschuppe, pfrankli, sdenham, spoyarek, ssahani, tbowling, vgaikwad, yohmura
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: glibc-2.12-1.137.el6 Doc Type: Bug Fix
Doc Text:
Certain code paths used by the C library's memory allocator "fastbins" feature, enabled by default (mallopt option M_MXFAST set to non-zero), were not thread-safe. When the non-safe code paths executed they could cause corruption in the allocator that would lead to a program segfault. The thread-unsafe code paths have been made thread-safe and should no longer cause application segfaults.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-14 04:42:12 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 994246, 1023566, 1056252, 1070830, 1091162    
Attachments:
Description Flags
Reproducer program none

Description Divya 2013-11-06 07:20:23 UTC 
Created attachment 820228 [details]
Reproducer program

Description of problem:
Attached reproducer seem have a random issue of heap corruption.

Version-Release number of selected component (if applicable):
glibc-2.12-1.107.el6_4.4

How reproducible:
Always

Steps to Reproduce:
1. Compile and run the attached reproducer script under valgrind

Actual results:
data race condition and write conflicts

Expected results:
Should run without encountering race conditions

Additional info:
Upstream bugzilla for the same if reported at https://sourceware.org/bugzilla/show_bug.cgi?id=15073
Comment 1 RHEL Program Management 2013-11-10 09:15:41 UTC 
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 28 Tomas Heinrich 2014-03-18 10:37:36 UTC 
*** Bug 985329 has been marked as a duplicate of this bug. ***
Comment 48 errata-xmlrpc 2014-10-14 04:42:12 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2014-1391.html
Comment 49 Brad Hubbard 2015-08-17 21:06:23 UTC 
Making this bug public.
Comment 50 Florian Weimer 2016-03-31 07:13:37 UTC 
*** Bug 1320423 has been marked as a duplicate of this bug. ***