public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/11449] crypt/crypt_util.c: __init_des_r() needs memory barrier
[not found] <bug-11449-131@http.sourceware.org/bugzilla/>
@ 2011-07-22 22:28 ` prince.cse99 at gmail dot com
2011-07-23 3:27 ` drepper.fsp at gmail dot com
` (2 subsequent siblings)
3 siblings, 0 replies; 6+ messages in thread
From: prince.cse99 at gmail dot com @ 2011-07-22 22:28 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=11449
Abdullah Muzahid <prince.cse99 at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
CC| |prince.cse99 at gmail dot
| |com
Resolution|FIXED |
--- Comment #3 from Abdullah Muzahid <prince.cse99 at gmail dot com> 2011-07-22 22:28:12 UTC ---
Hi,
I am a phd student in University of Illinois in CS dept. Recently I have been
working on memory model related bugs in software. I was experimenting with this
bug. And I found out that the bug is not properly fixed. __init_des_r() uses
a double checked locking(DCL) pattern. To make DCL work, we need to use 2
barrier - one before setting small_tables_initialized flag and one after
reading it in line 365 (just before acquiring the lock). The fix puts the first
barrier but not the second one. Now consider the following scenario
Thread 1 Thread 2
eperm32tab[..] |= BITMASK[bit % 24]; if(small_tables_initialized == 0)
atomic_write_barrier();
small_tables_initialized = 1; sb[sg][inx ] = eperm32tab[...];
Now in Power-PC memory model, it is perfectly valid to execute read operations
to different addresses out of order as long as there is no barrier in between
them. Although thread 2 issues the instructions in order, it is possible that
the second read (...= experm32tab[...]) will execute before the first read of
the flag. This is shown here.
Thread 1 Thread 2
sb[sg][inx ] = eperm32tab[...];
eperm32tab[..] |= BITMASK[bit % 24];
atomic_write_barrier();
small_tables_initialized = 1;
if(small_tables_initialized == 0)
As a result, although the condition of the if statement for thread 2 becomes
true, it will end up using wrong value of eperm32tab[...]. So, you need to put
a read_barrier after the if statement (i.e at line 491 before clearmem
operation). More on DCL can be found here
http://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html
Thanks.
-Abdullah Muzahid
PhD Student
CS, UIUC
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/11449] crypt/crypt_util.c: __init_des_r() needs memory barrier
[not found] <bug-11449-131@http.sourceware.org/bugzilla/>
2011-07-22 22:28 ` [Bug libc/11449] crypt/crypt_util.c: __init_des_r() needs memory barrier prince.cse99 at gmail dot com
@ 2011-07-23 3:27 ` drepper.fsp at gmail dot com
2011-07-23 5:20 ` prince.cse99 at gmail dot com
2014-06-30 18:21 ` fweimer at redhat dot com
3 siblings, 0 replies; 6+ messages in thread
From: drepper.fsp at gmail dot com @ 2011-07-23 3:27 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=11449
Ulrich Drepper <drepper.fsp at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |FIXED
--- Comment #4 from Ulrich Drepper <drepper.fsp at gmail dot com> 2011-07-23 03:27:04 UTC ---
(In reply to comment #3)
> Now in Power-PC memory model, it is perfectly valid to execute read operations
> to different addresses out of order as long as there is no barrier in between
> them. Although thread 2 issues the instructions in order, it is possible that
> the second read (...= experm32tab[...]) will execute before the first read of
> the flag. This is shown here.
>
> Thread 1 Thread 2
> sb[sg][inx ] = eperm32tab[...];
> eperm32tab[..] |= BITMASK[bit % 24];
> atomic_write_barrier();
> small_tables_initialized = 1;
The only reason I made a change is because it doesn't disturb x86. Your models
need adjustment to reality since you completely ignore the memset calls.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/11449] crypt/crypt_util.c: __init_des_r() needs memory barrier
[not found] <bug-11449-131@http.sourceware.org/bugzilla/>
2011-07-22 22:28 ` [Bug libc/11449] crypt/crypt_util.c: __init_des_r() needs memory barrier prince.cse99 at gmail dot com
2011-07-23 3:27 ` drepper.fsp at gmail dot com
@ 2011-07-23 5:20 ` prince.cse99 at gmail dot com
2014-06-30 18:21 ` fweimer at redhat dot com
3 siblings, 0 replies; 6+ messages in thread
From: prince.cse99 at gmail dot com @ 2011-07-23 5:20 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=11449
--- Comment #5 from Abdullah Muzahid <prince.cse99 at gmail dot com> 2011-07-23 05:19:35 UTC ---
If you consider only x86 machines, then you dont need the write barrier also
because in x86 writes do not get reordered.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/11449] crypt/crypt_util.c: __init_des_r() needs memory barrier
[not found] <bug-11449-131@http.sourceware.org/bugzilla/>
` (2 preceding siblings ...)
2011-07-23 5:20 ` prince.cse99 at gmail dot com
@ 2014-06-30 18:21 ` fweimer at redhat dot com
3 siblings, 0 replies; 6+ messages in thread
From: fweimer at redhat dot com @ 2014-06-30 18:21 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=11449
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Flags| |security-
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/11449] crypt/crypt_util.c: __init_des_r() needs memory barrier
2010-03-29 20:45 [Bug libc/11449] New: " solar at openwall dot com
2010-03-29 20:49 ` [Bug libc/11449] " solar at openwall dot com
@ 2010-04-03 20:46 ` drepper at redhat dot com
1 sibling, 0 replies; 6+ messages in thread
From: drepper at redhat dot com @ 2010-04-03 20:46 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From drepper at redhat dot com 2010-04-03 20:45 -------
Fixed in git.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
http://sourceware.org/bugzilla/show_bug.cgi?id=11449
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/11449] crypt/crypt_util.c: __init_des_r() needs memory barrier
2010-03-29 20:45 [Bug libc/11449] New: " solar at openwall dot com
@ 2010-03-29 20:49 ` solar at openwall dot com
2010-04-03 20:46 ` drepper at redhat dot com
1 sibling, 0 replies; 6+ messages in thread
From: solar at openwall dot com @ 2010-03-29 20:49 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From solar at openwall dot com 2010-03-29 20:49 -------
Created an attachment (id=4688)
--> (http://sourceware.org/bugzilla/attachment.cgi?id=4688&action=view)
Proposed patch (adds #include's, uses sig_atomic_t, uses atomic_write_barrier)
--
http://sourceware.org/bugzilla/show_bug.cgi?id=11449
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2014-06-30 18:21 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <bug-11449-131@http.sourceware.org/bugzilla/>
2011-07-22 22:28 ` [Bug libc/11449] crypt/crypt_util.c: __init_des_r() needs memory barrier prince.cse99 at gmail dot com
2011-07-23 3:27 ` drepper.fsp at gmail dot com
2011-07-23 5:20 ` prince.cse99 at gmail dot com
2014-06-30 18:21 ` fweimer at redhat dot com
2010-03-29 20:45 [Bug libc/11449] New: " solar at openwall dot com
2010-03-29 20:49 ` [Bug libc/11449] " solar at openwall dot com
2010-04-03 20:46 ` drepper at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).