From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 8730 invoked by alias); 14 Mar 2011 23:12:08 -0000 Received: (qmail 8718 invoked by uid 22791); 14 Mar 2011 23:12:07 -0000 X-SWARE-Spam-Status: No, hits=-2.8 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 X-Spam-Check-By: sourceware.org Received: from localhost (HELO gcc.gnu.org) (127.0.0.1) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Mon, 14 Mar 2011 23:12:02 +0000 From: "m.k.edwards at gmail dot com" To: gcc-bugs@gcc.gnu.org Subject: [Bug target/48126] New: arm_output_sync_loop: misplaced memory barrier, missing clrex / dummy strex X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: target X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: m.k.edwards at gmail dot com X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: Message-ID: X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Date: Mon, 14 Mar 2011 23:12:00 -0000 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org X-SW-Source: 2011-03/txt/msg01485.txt.bz2 http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48126 Summary: arm_output_sync_loop: misplaced memory barrier, missing clrex / dummy strex Product: gcc Version: 4.5.2 Status: UNCONFIRMED Severity: normal Priority: P3 Component: target AssignedTo: unassigned@gcc.gnu.org ReportedBy: m.k.edwards@gmail.com Created attachment 23656 --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=23656 Patch alters DMB placement and adds CLREXNE The ARMv6+ implementation of __sync_*_compare_and_swap branches on a failed compare. There are two (theoretical, as I understand it) flaws in this branch path. One, it skips past the memory barrier at the end of the critical region, which could cause memory accesses to get speculated in. Two, it doesn't perform a clrex (or, for older armv6, a dummy strex) to clear the local monitor. This may not be a practical problem in most userland code, but it's at least not technically correct according to ARM docs, and it interferes with auditing locking code using valgrind/qemu/etc. The attached patch fixes these two issues for ARMv7-a / Thumb2 targets. However, the "clrexne" part of it is not correct for older ARMv6 variants which lack clrex or the ability to add a conditional on it (or for assemblers which can't handle the Thumb2 "it" opcode when assembling for ARM).