[patch] libstdc++/58038 libstdc++/60421 fix overflows in std::this_thread::sleep

public inbox for gcc-patches@gcc.gnu.org
 help / color / mirror / Atom feed

* [patch] libstdc++/58038 libstdc++/60421 fix overflows in std::this_thread::sleep_for()
@ 2015-03-26 19:59 Jonathan Wakely
  2015-04-11 11:50 ` Jonathan Wakely
  0 siblings, 1 reply; 2+ messages in thread
From: Jonathan Wakely @ 2015-03-26 19:59 UTC (permalink / raw)
  To: libstdc++, gcc-patches

[-- Attachment #1: Type: text/plain, Size: 1403 bytes --]

We have a couple of bugs where durations with unsigned representations
result in negative or huge time_t values, which result in not sleeping
at all or sleeping for billions of years (or merely for decades if you
have a 32-bit time_t).

This change simply returns early for time points in the past or
negative durations.

Tested x86_64-linux, powerpc64le-linux, committed to trunk.


For stage 1 ...

We can still overflow in this_thread::sleep_for() here:

  auto __s = chrono::duration_cast<chrono::seconds>(__rtime);

if __rtime uses a uint64_t rep and has a value larger than
chrono::seconds::max(), and also here:

      static_cast<std::time_t>(__s.count()),

if time_t is 32-bit and __s has a value larger than it can hold.

We should limit the __s value to duration<time_t>::max() but detecting
those overflows reliably is more complicated than we can manage for
gcc5, and only happens for crazy durations anyway.

We should also handle nanosleep() returning early and setting EINTR,
and also loop in sleep_until() to handle clock adjustments:

  auto __now = _Clock::now();
  if (_Clock::is_steady)
    {
      if (__now < __atime)
        sleep_for(__atime - __now);
      return;
    }
  while (__now < __atime)
    {
      sleep_for(__atime - __now);
      __now = _Clock::now();
    }

I also need to finish reviewing <condition_variable>, <mutex> and
<shared_mutex> for similar problems.


[-- Attachment #2: patch.txt --]
[-- Type: text/x-patch, Size: 4313 bytes --]

commit c6ffd1648328a4f2f2bbaac11378725c08409a95
Author: Jonathan Wakely <jwakely@redhat.com>
Date:   Thu Mar 5 23:43:08 2015 +0000

    	PR libstdc++/58038
    	PR libstdc++/60421
    	* include/std/thread (this_thread::sleep_for): Check for negative
    	durations.
    	(this_thread::sleep_until): Check for times in the past.
    	* testsuite/30_threads/this_thread/58038.cc: New.
    	* testsuite/30_threads/this_thread/60421.cc: New.

diff --git a/libstdc++-v3/include/std/thread b/libstdc++-v3/include/std/thread
index 2f9e69a..ebbda62 100644
--- a/libstdc++-v3/include/std/thread
+++ b/libstdc++-v3/include/std/thread
@@ -279,6 +279,8 @@ _GLIBCXX_END_NAMESPACE_VERSION
       inline void
       sleep_for(const chrono::duration<_Rep, _Period>& __rtime)
       {
+	if (__rtime <= __rtime.zero())
+	  return;
 	auto __s = chrono::duration_cast<chrono::seconds>(__rtime);
 	auto __ns = chrono::duration_cast<chrono::nanoseconds>(__rtime - __s);
 #ifdef _GLIBCXX_USE_NANOSLEEP
@@ -297,7 +299,11 @@ _GLIBCXX_END_NAMESPACE_VERSION
     template<typename _Clock, typename _Duration>
       inline void
       sleep_until(const chrono::time_point<_Clock, _Duration>& __atime)
-      { sleep_for(__atime - _Clock::now()); }
+      {
+	auto __now = _Clock::now();
+	if (__now < __atime)
+	  sleep_for(__atime - __now);
+      }
 
   _GLIBCXX_END_NAMESPACE_VERSION
   }
diff --git a/libstdc++-v3/testsuite/30_threads/this_thread/58038.cc b/libstdc++-v3/testsuite/30_threads/this_thread/58038.cc
new file mode 100644
index 0000000..afa861c
--- /dev/null
+++ b/libstdc++-v3/testsuite/30_threads/this_thread/58038.cc
@@ -0,0 +1,44 @@
+// Copyright (C) 2015 Free Software Foundation, Inc.
+//
+// This file is part of the GNU ISO C++ Library.  This library is free
+// software; you can redistribute it and/or modify it under the
+// terms of the GNU General Public License as published by the
+// Free Software Foundation; either version 3, or (at your option)
+// any later version.
+
+// This library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License along
+// with this library; see the file COPYING3.  If not see
+// <http://www.gnu.org/licenses/>.
+
+// { dg-options "-std=gnu++11" }
+// { dg-require-cstdint "" }
+// { dg-require-time "" }
+
+#include <thread>
+#include <chrono>
+
+void
+test01()
+{
+  auto now = std::chrono::system_clock::now();
+  std::this_thread::sleep_until(now  - 1ul * std::chrono::seconds(1));
+}
+
+void
+test02()
+{
+  auto now = std::chrono::steady_clock::now();
+  std::this_thread::sleep_until(now  - 1ul * std::chrono::seconds(1));
+}
+
+int
+main()
+{
+  test01();
+  test02();
+}
diff --git a/libstdc++-v3/testsuite/30_threads/this_thread/60421.cc b/libstdc++-v3/testsuite/30_threads/this_thread/60421.cc
new file mode 100644
index 0000000..ecc4deb
--- /dev/null
+++ b/libstdc++-v3/testsuite/30_threads/this_thread/60421.cc
@@ -0,0 +1,38 @@
+// Copyright (C) 2015 Free Software Foundation, Inc.
+//
+// This file is part of the GNU ISO C++ Library.  This library is free
+// software; you can redistribute it and/or modify it under the
+// terms of the GNU General Public License as published by the
+// Free Software Foundation; either version 3, or (at your option)
+// any later version.
+
+// This library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License along
+// with this library; see the file COPYING3.  If not see
+// <http://www.gnu.org/licenses/>.
+
+// { dg-options "-std=gnu++11" }
+// { dg-require-cstdint "" }
+// { dg-require-time "" }
+
+#include <thread>
+#include <chrono>
+#include <testsuite_hooks.h>
+
+void
+test01()
+{
+  std::this_thread::sleep_for(std::chrono::seconds(0));
+  std::this_thread::sleep_for(std::chrono::seconds(-1));
+  std::this_thread::sleep_for(std::chrono::duration<uint64_t>::zero());
+}
+
+int
+main()
+{
+  test01();
+}

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [patch] libstdc++/58038 libstdc++/60421 fix overflows in std::this_thread::sleep_for()
  2015-03-26 19:59 [patch] libstdc++/58038 libstdc++/60421 fix overflows in std::this_thread::sleep_for() Jonathan Wakely
@ 2015-04-11 11:50 ` Jonathan Wakely
  0 siblings, 0 replies; 2+ messages in thread
From: Jonathan Wakely @ 2015-04-11 11:50 UTC (permalink / raw)
  To: libstdc++, gcc-patches

On 26/03/15 19:59 +0000, Jonathan Wakely wrote:
>We have a couple of bugs where durations with unsigned representations
>result in negative or huge time_t values, which result in not sleeping
>at all or sleeping for billions of years (or merely for decades if you
>have a 32-bit time_t).
>
>This change simply returns early for time points in the past or
>negative durations.
>
>Tested x86_64-linux, powerpc64le-linux, committed to trunk.

Also committed to the 4.9 branch.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2015-04-11 11:50 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-03-26 19:59 [patch] libstdc++/58038 libstdc++/60421 fix overflows in std::this_thread::sleep_for() Jonathan Wakely
2015-04-11 11:50 ` Jonathan Wakely

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).