From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/174 Path: news.gmane.org!not-for-mail From: Rich Felker Newsgroups: gmane.linux.lib.musl.general Subject: Re: Daily cluts reports - numeric, setuid, and mid-term evaluation Date: Fri, 15 Jul 2011 19:51:11 -0400 Message-ID: <20110715235111.GR16618@brightrain.aerifal.cx> References: <4E125DBC.9090809@gmail.com> <4E131E8F.9@gmail.com> <4E14C55E.6030808@gmail.com> <4E16141F.5060303@gmail.com> <4E17877E.30907@gmail.com> <20110709115301.GA6510@openwall.com> <20110710145201.GB133@brightrain.aerifal.cx> <4E1B8041.1050602@gmail.com> <4E1F8524.20108@gmail.com> <4E20C39C.7060502@gmail.com> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Trace: dough.gmane.org 1310774441 22781 80.91.229.12 (16 Jul 2011 00:00:41 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sat, 16 Jul 2011 00:00:41 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-258-gllmg-musl=m.gmane.org@lists.openwall.com Sat Jul 16 02:00:36 2011 Return-path: Envelope-to: gllmg-musl@lo.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by lo.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1QhsJ9-0004Qt-0f for gllmg-musl@lo.gmane.org; Sat, 16 Jul 2011 02:00:35 +0200 Original-Received: (qmail 26574 invoked by uid 550); 16 Jul 2011 00:00:34 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 26566 invoked from network); 16 Jul 2011 00:00:34 -0000 Content-Disposition: inline In-Reply-To: <4E20C39C.7060502@gmail.com> User-Agent: Mutt/1.5.21 (2010-09-15) Xref: news.gmane.org gmane.linux.lib.musl.general:174 Archived-At: On Sat, Jul 16, 2011 at 12:47:56AM +0200, Luka Marčetić wrote: > * Fixing setuid.c, which should do its job of testing > setuid/getuid in a threaded environment now - those who are > following are probably interested in the results: The test indeed > reports failure on certain libc's, but before I can say with > confidence that the test is correct, I'm going to need a second pair > of eyes, so if you're willing to review it please do fetch the file. > More about this in #musl. I'm glad you were able to get results! In the current form, the test isn't checking exactly what it's supposed to, but it's very close. What you're testing is for mismatch in the getuid() results for the first- and last-created threads. There are a couple problems with this but they're easily fixed: Issue 1: The first- and last-created threads are not necessarily the first and last threads to make the syscall. By checking that *all* threads have the same result, rather than just the first and last, you could find failures with a lot fewer tries. Issue 2: While I believe it's "A Bad Thing" and non-conformant for getuid() to ever return different results in different threads, the *dangerous* case is when setuid() reported success but didn't actually succeed in all threads. I would ignore the result (or only print a warning, and continue searching for a more serious failure) when setuid() returns -1. I sloppily made this change and no longer saw any failures in musl, though it seems like it might be deadlocking sometime... Haven't tested the change with glibc but I expect to still see failures. Rich