This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [RFC][BZ #16549] Add sanity check for condvar alignment.


On Mon, 2014-03-31 at 09:09 +0200, Florian Weimer wrote:
> On 02/11/2014 11:44 PM, Joseph S. Myers wrote:
> > On Tue, 11 Feb 2014, Florian Weimer wrote:
> >
> >> I think the real issue here is our lack of error checking for the futex system
> >> call.  strace on the test case shows this:
> >
> > I'm not sure what we would do with an error here.  Cf
> > <https://sourceware.org/glibc/wiki/Style_and_Conventions#Invalid_pointers>
> > noting that a crash or assertion failure on an invalid NULL pointer is
> > better than returning an error value that would likely be ignored by the
> > buggy caller (although it's not obvious to me that diagnosing a misaligned
> > pointer through an assertion is worthwhile anyway).
> 
> We'd probably have to abort anyway in contexts where an unexpected error 
> occurs.  But I find it rather questionable that we completely discard 
> the system call results in most cases.
> 
> Here, the glibc behavior happens to be correctâsilently not locking is 
> allowed if the pointer is invalid.  But I don't think we know for sure 
> that all unexpected futex errors are due to precondition violations by 
> user code.

I think that even this isn't documented in the code, that this is the
intention in the current implementation.  And AFAIA, this is a correct
assumption currently.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]