Backport upstream bug 13844 - fix for futex issue
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
eglibc |
Fix Released
|
Medium
|
|||
eglibc (Ubuntu) |
Fix Released
|
Undecided
|
Adam Conrad | ||
Precise |
Fix Released
|
High
|
Adam Conrad | ||
Quantal |
Fix Released
|
High
|
Adam Conrad |
Bug Description
[Impact / Justification]
There was a bug in glibc where custom lowlevellock implementations weren't being used, but rather the generic one was instead. This was a non-issue on most arches, however hppa, ARM, and Sparc needed their own custom implementation to have sane futexes. The patch from upstream fixes this by swapping a "" include for a <> include, which correctly walks sysdeps paths and grabs the arch-specific implementations.
[Test Case]
I don't personally have a good test for this, but there are several people very keen on having this fix in that will test quite heavily on my behalf, I'm told. I'll make sure they do so (and bonus points if they document their testcase)...
[Regression Potential]
This patch has zero effect on i386, x86_64, and powerpc, and the architecture this does effect (armel/armhf) was quite fundamentally broken, apparently, so the only risk here is that it remains broken, which I'm told by people who've already tested, it won't.
[Original Report]
There is a subtle futex bug in glibc 2.15 which is fixed dealt with by BZ #13844 (http://
This is being hit regularly when testing locks on ARM.
Can this be backported to precise and quantal (which I believe are both 2.15 based)?
The patch is here: http://
Changed in eglibc (Ubuntu Precise): | |
importance: | Undecided → High |
milestone: | none → precise-updates |
status: | New → Confirmed |
Changed in eglibc (Ubuntu Quantal): | |
importance: | Undecided → High |
milestone: | none → quantal-updates |
status: | New → Confirmed |
Changed in eglibc: | |
importance: | Unknown → Medium |
status: | Unknown → Fix Released |
Changed in eglibc (Ubuntu): | |
status: | New → Fix Released |
description: | updated |
Changed in eglibc (Ubuntu Precise): | |
assignee: | nobody → Adam Conrad (adconrad) |
Changed in eglibc (Ubuntu Quantal): | |
assignee: | nobody → Adam Conrad (adconrad) |
Changed in eglibc (Ubuntu): | |
assignee: | nobody → Adam Conrad (adconrad) |
Hi.
Because of the absence of the sparc32-linux specific version of this file, `nptl/sysdeps/ unix/sysv/ linux/libc- lowlevellock. c' is fetched when building `libc-lowlevell ock.o{, s}'. The latter contains just
. . .
#include "lowlevellock.c"
which leads to `nptl/sysdeps/ unix/sysv/ linux/lowlevell ock.c' being actually compiled instead of `nptl/sysdeps/ unix/sysv/ linux/sparc/ sparc32/ lowlevellock. c'.
As a consequence a futex can be accessed in a non-atomic way when using libc's internal locks, e.g. when performing output to the same stream from different threads.
For example, when the following test is run on a V8 host, this typically leads to a deadlock when all threads are waiting for a futex to become free and there is no one to release it. This happens particularly soon when it's executed this way at a multi-CPU host:
$ ./test.sparc32 5 > /dev/null
$ cat test.c
#include <pthread.h>
#include <stdio.h>
#include <stdlib.h>
void *
handler (void *arg)
{
for (;;)
printf ("Thread #%ld\n", (long) arg);
return NULL;
}
int
main (int argc, char **argv)
{
size_t i;
size_t nthreads = (size_t) atoi (argv[1]);
pthread_t *threads = (pthread_t *) malloc (nthreads * sizeof (pthread_t));
for (i = 0; i < nthreads; i++)
pthread_create (&threads[i], NULL, handler, (void *) i);
for (i = 0; i < nthreads; i++)
pthread_join (threads[i], NULL);
free (threads);
return 0;
}