This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: Re: [PATCH 1/1] dl-load: add memory barrier before updating the next.
- From: Torvald Riegel <triegel at redhat dot com>
- To: v dot narang at samsung dot com
- Cc: Szabolcs Nagy <szabolcs dot nagy at arm dot com>, Maninder Singh <maninder1 dot s at samsung dot com>, "libc-alpha at sourceware dot org" <libc-alpha at sourceware dot org>, "nd at arm dot com" <nd at arm dot com>, PANKAJ MISHRA <pankaj dot m at samsung dot com>, 이학봉 <hakbong5 dot lee at samsung dot com>, AMIT SAHRAWAT <a dot sahrawat at samsung dot com>, Ajeet Kumar Yadav <ajeet dot y at samsung dot com>
- Date: Sat, 18 Mar 2017 19:22:27 +0100
- Subject: Re: Re: [PATCH 1/1] dl-load: add memory barrier before updating the next.
- Authentication-results: sourceware.org; auth=none
- Authentication-results: ext-mx03.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
- Authentication-results: ext-mx03.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=triegel at redhat dot com
- Dkim-filter: OpenDKIM Filter v2.11.0 mx1.redhat.com A5A0080F8E
- Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com A5A0080F8E
- References: <58CC1A81.7060701@arm.com> <1489641122-35462-1-git-send-email-maninder1.s@samsung.com> <CGME20170316051208epcas5p2d15680536ba99a6f05ecd6906750cd98@epcms5p2> <20170318091200epcms5p2303972982afcf9d822bc1d1687865562@epcms5p2>
On Sat, 2017-03-18 at 09:12 +0000, Vaneet Narang wrote:
> >only adding a barrier on the write side is not
>
> >correct
>
>
> Reason for adding barrier only in writer path is because reader path has conditional
> check. Since instructions has dependency so Instruction reordering is not possible.
>
> Writer Code: add_name_to_object() | Reader Code: _dl_name_match_p()
> |
> newname->name = memcpy( ...) | struct libname_list *runp = map->l_libname;
> newname->next = NULL; | while (runp != NULL)
> newname->dont_free = 0; | if (strcmp (name, runp->name) == 0)
> lastp->next = newname; | return 1;
> | else
> | runp = runp->next;
While that may be true for a particular HW memory model, this is not
guaranteed on the level of C code. (It's unlikely that a compiler would
transform the code so that this wouldn't work in practice, and some
software such as the Linux kernel assumes that this won't ever happen.
Nonetheless, for valid C11 code, you must avoid the data race, and you
must tell the compiler that you need this particular ordering.)
As Szabolcs has mentioned, atomic loads with memory_order_consume as
memory order are intended to be the mechanism that allows a program to
state that it depends on such dependencies; however, there are
specification bugs in how memory_order_consume is currently specified.
Therefore, we'd just use an memory_order_acquire load instead to get the
value for runp in the code above.
> In Reader code if runp is not NULL only then it reads runp->name So i don't think instruction reordering
> with conditional case is possible so barrier is required.
> If there is any instruction reordering happens in writer side as lastp->next updated before newname->name
> then we can face issue in reader side. So this is the reason why i added barrier only in writer side.
>
> We have been facing issue in reader side where we get runp->next as valid but runp->next->name is NULL
> which results in NULL pointer access in strcmp but when we check coredump then we see runp->next->name
> so we are suspecting race condition.
> I don't see any issue with code as name is updated before next so only reason we can suspect for race
> is instruction reordering at writer side.
Generally, in glibc we want to reason about concurrent code based on the
C11 memory model. This ensures that the code is portable across
architectures.