Bug 1764235 - glibc: malloc: Set and reset all hooks for tracing (Bug 16573)
Summary: glibc: malloc: Set and reset all hooks for tracing (Bug 16573)
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: glibc
Version: 8.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: 8.0
Assignee: Carlos O'Donell
QA Contact: qe-baseos-tools-bugs
Zuzana Zoubkova
URL:
Whiteboard:
Depends On:
Blocks: 1746918
TreeView+ depends on / blocked
 
Reported: 2019-10-22 13:58 UTC by Carlos O'Donell
Modified: 2020-04-28 16:50 UTC (History)
7 users (show)

Fixed In Version: glibc-2.28-92
Doc Type: Bug Fix
Doc Text:
.`mtrace` no longer hangs when internal failures occur Previously, a defect in the `mtrace` tool implementation could cause memory tracing to hang. To fix this issue, the `mtrace` memory tracing implementation has been made more robust to avoid the hang even in the face of internal failures. As a result, users can now call `mtrace` and it no longer hangs, completing in bounded time.
Clone Of:
Environment:
Last Closed: 2020-04-28 16:50:19 UTC
Type: Bug
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:1828 None None None 2020-04-28 16:50:46 UTC
Sourceware 16573 P2 RESOLVED mtrace hangs when MALLOC_TRACE is defined 2020-04-29 15:48:59 UTC

Description Carlos O'Donell 2019-10-22 13:58:50 UTC
commit e621246ec6393ea08ae50310f9d5e72500f8c9bc
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Mon Apr 8 17:35:05 2019 -0400

    malloc: Set and reset all hooks for tracing (Bug 16573)
    
    If an error occurs during the tracing operation, particularly during a
    call to lock_and_info() which calls _dl_addr, we may end up calling back
    into the malloc-subsystem and relock the loader lock and deadlock. For
    all intents and purposes the call to _dl_addr can call any of the malloc
    family API functions and so we should disable all tracing before calling
    such loader functions.  This is similar to the strategy that the new
    malloc tracer takes when calling the real malloc, namely that all
    tracing ceases at the boundary to the real function and any faults at
    that point are the purvue of the library (though the new tracer does
    this on a per-thread basis in an MT-safe fashion). Since the new tracer
    and the hook deprecation are not yet complete we must fix these issues
    where we can.
    
    Tested on x86_64 with no regressions.
    
    Co-authored-by: Kwok Cheung Yeung <kcy@codesourcery.com>
    Reviewed-by: DJ Delorie <dj@redhat.com>

Please also verify upstream branch backports:

release/2.30/master - May be required. Please check.
release/2.29/master - May be required. Please check.
release/2.28/master - May be required. Please check.

Comment 2 Sergey Kolosov 2020-03-23 18:16:39 UTC
Verified with a test case from https://sourceware.org/bugzilla/show_bug.cgi?id=16573, it doesn't hang:
[root@host bz1764235-glibc-malloc-Set-and-reset-all-hooks-for-tracing]# cat mtrace_test.c 
#include <stdlib.h>
#include <mcheck.h>

int main(void)
{
    char *a;

    mtrace();
    a = (char*) malloc(8);
    free(a);
    free(a);
    muntrace();
}

[root@host bz1764235-glibc-malloc-Set-and-reset-all-hooks-for-tracing]# gcc mtrace_test.c -o mtrace_test
[root@host bz1764235-glibc-malloc-Set-and-reset-all-hooks-for-tracing]# MALLOC_TRACE='mtrace.log' ./mtrace_test 
free(): double free detected in tcache 2
Aborted (core dumped)
[root@host bz1764235-glibc-malloc-Set-and-reset-all-hooks-for-tracing]#

Comment 8 errata-xmlrpc 2020-04-28 16:50:19 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:1828


Note You need to log in before you can comment on or make changes to this bug.