diff options
author | Andreas Schwab <schwab@suse.de> | 2018-11-08 14:28:22 +0100 |
---|---|---|
committer | Andreas Schwab <schwab@suse.de> | 2018-12-13 12:22:30 +0100 |
commit | f21e8f8ca466320fed38bdb71526c574dae98026 (patch) | |
tree | b4d30072a2ae6abdf42ed0e980d49e877894ec66 | |
parent | 3d265911c2aac65d978f679101594f9071024874 (diff) | |
download | glibc-f21e8f8ca466320fed38bdb71526c574dae98026.tar.gz glibc-f21e8f8ca466320fed38bdb71526c574dae98026.tar.xz glibc-f21e8f8ca466320fed38bdb71526c574dae98026.zip |
Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bug 23861)
In the read lock function (__pthread_rwlock_rdlock_full) there was a code path which would fail to reload __readers while waiting for PTHREAD_RWLOCK_RWAITING to change. This failure to reload __readers into a local value meant that various conditionals used the old value of __readers and with only two threads left it could result in an indefinite stall of one of the readers (waiting for PTHREAD_RWLOCK_RWAITING to go to zero, but it never would).
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | nptl/Makefile | 3 | ||||
-rw-r--r-- | nptl/pthread_rwlock_common.c | 2 | ||||
-rw-r--r-- | nptl/tst-rwlock-pwn.c | 87 |
4 files changed, 95 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog index 787dab87a8..cd35115ede 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,11 @@ 2018-12-13 Andreas Schwab <schwab@suse.de> + [BZ #23861] * nptl/pthread_rwlock_common.c: Reindent. Fix typos. + (__pthread_rwlock_rdlock_full): Update expected value for + __readers while waiting on PTHREAD_RWLOCK_RWAITING. + * nptl/tst-rwlock-pwn.c: New file. + * nptl/Makefile (tests): Add tst-rwlock-pwn. 2018-12-12 Joseph Myers <joseph@codesourcery.com> diff --git a/nptl/Makefile b/nptl/Makefile index 34ae830276..b01f2b0626 100644 --- a/nptl/Makefile +++ b/nptl/Makefile @@ -318,7 +318,8 @@ tests = tst-attr1 tst-attr2 tst-attr3 tst-default-attr \ tst-minstack-throw \ tst-cnd-basic tst-mtx-trylock tst-cnd-broadcast \ tst-cnd-timedwait tst-thrd-detach tst-mtx-basic tst-thrd-sleep \ - tst-mtx-recursive tst-tss-basic tst-call-once tst-mtx-timedlock + tst-mtx-recursive tst-tss-basic tst-call-once tst-mtx-timedlock \ + tst-rwlock-pwn tests-internal := tst-rwlock19 tst-rwlock20 \ tst-sem11 tst-sem12 tst-sem13 \ diff --git a/nptl/pthread_rwlock_common.c b/nptl/pthread_rwlock_common.c index 5dd534271a..85fc1bcfc7 100644 --- a/nptl/pthread_rwlock_common.c +++ b/nptl/pthread_rwlock_common.c @@ -314,7 +314,7 @@ __pthread_rwlock_rdlock_full (pthread_rwlock_t *rwlock, harmless because the flag is just about the state of __readers, and all threads set the flag under the same conditions. */ - while ((atomic_load_relaxed (&rwlock->__data.__readers) + while (((r = atomic_load_relaxed (&rwlock->__data.__readers)) & PTHREAD_RWLOCK_RWAITING) != 0) { int private = __pthread_rwlock_get_private (rwlock); diff --git a/nptl/tst-rwlock-pwn.c b/nptl/tst-rwlock-pwn.c new file mode 100644 index 0000000000..c39dd70973 --- /dev/null +++ b/nptl/tst-rwlock-pwn.c @@ -0,0 +1,87 @@ +/* Test rwlock with PREFER_WRITER_NONRECURSIVE_NP (bug 23861). + Copyright (C) 2018 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <pthread.h> +#include <support/xthread.h> + +/* We choose 10 iterations because this happens to be able to trigger the + stall on contemporary hardware. */ +#define LOOPS 10 +/* We need 3 threads to trigger bug 23861. One thread as a writer, and + two reader threads. The test verifies that the second-to-last reader + is able to notify the *last* reader that it should be done waiting. + If the second-to-last reader fails to notify the last reader or does + so incorrectly then the last reader may stall indefinitely. */ +#define NTHREADS 3 + +_Atomic int do_exit; +pthread_rwlockattr_t mylock_attr; +pthread_rwlock_t mylock; + +void * +run_loop (void *a) +{ + while (!do_exit) + { + if (random () & 1) + { + xpthread_rwlock_wrlock (&mylock); + xpthread_rwlock_unlock (&mylock); + } + else + { + xpthread_rwlock_rdlock (&mylock); + xpthread_rwlock_unlock (&mylock); + } + } + return NULL; +} + +int +do_test (void) +{ + xpthread_rwlockattr_init (&mylock_attr); + xpthread_rwlockattr_setkind_np (&mylock_attr, + PTHREAD_RWLOCK_PREFER_WRITER_NONRECURSIVE_NP); + xpthread_rwlock_init (&mylock, &mylock_attr); + + for (int n = 0; n < LOOPS; n++) + { + pthread_t tids[NTHREADS]; + do_exit = 0; + for (int i = 0; i < NTHREADS; i++) + tids[i] = xpthread_create (NULL, run_loop, NULL); + /* Let the threads run for some time. */ + sleep (1); + printf ("Exiting..."); + fflush (stdout); + do_exit = 1; + for (int i = 0; i < NTHREADS; i++) + xpthread_join (tids[i]); + printf ("done.\n"); + } + pthread_rwlock_destroy (&mylock); + pthread_rwlockattr_destroy (&mylock_attr); + return 0; +} + +#define TIMEOUT (DEFAULT_TIMEOUT + 3 * LOOPS) +#include <support/test-driver.c> |