Bug 140487 - [RHAS2.1] Bad declaration of __syscall_poll can cause bogus values for timeout to be passed to the kernel
[RHAS2.1] Bad declaration of __syscall_poll can cause bogus values for timeou...
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: glibc (Show other bugs)
ia64 Linux
medium Severity medium
: ---
: ---
Assigned To: Jakub Jelinek
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2004-11-22 20:09 EST by Manish Singh
Modified: 2007-11-30 17:06 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-04-28 11:16:04 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Test case (193 bytes, text/plain)
2004-11-22 20:15 EST, Manish Singh
no flags Details
Patch to glibc to fix this. (460 bytes, patch)
2004-11-22 20:18 EST, Manish Singh
no flags Details | Diff

  None (edit)
Description Manish Singh 2004-11-22 20:09:22 EST
Declaration of __syscall_poll uses int for timeout, but the kernel
expects a long. This can cause a huge timeout to be passed to kernel
in some circumstances.
Comment 1 Manish Singh 2004-11-22 20:15:35 EST
Created attachment 107271 [details]
Test case

Compile with test case:

gcc -O0 -o testpoll testpoll.c

(-O0 is important)

Run. This is supposed to be an 8 millisecond timeout. It hangs, and the alarm
fires. If you strace:

poll(0, 0, 4294967304
)		  = -1 EINTR (Interrupted system call)
Comment 2 Manish Singh 2004-11-22 20:18:05 EST
Created attachment 107272 [details]
Patch to glibc to fix this.

This just makes the declaration match reality, so the compiler knows generate
the code to turn an int into a long safely.
Comment 3 Jakub Jelinek 2004-11-23 16:16:29 EST
Wonder why kernel chose long when POSIX requires int.
Anyway, fix scheduled for U7.
Comment 4 Jakub Jelinek 2005-02-15 09:04:58 EST
Should be fixed in glibc-2.2.4-32.19 in dist-2.1AS-errata-candidate.
Comment 5 John Flanagan 2005-04-28 11:16:04 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.