[Bug dynamic-link/16133] New: Access to __thread variable may call malloc

[Bug dynamic-link/16133] New: Access to __thread variable may call malloc

[ppluzhnikov at google dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16133

            Bug ID: 16133
           Summary: Access to __thread variable may call malloc
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: dynamic-link
          Assignee: unassigned at sourceware dot org
          Reporter: ppluzhnikov at google dot com

Discussion thread:
https://sourceware.org/ml/libc-alpha/2012-06/msg00335.html

ppluzhnikov>

When writing CPU or heap profilers, one frequently desires to have fast
and async-signal-safe access to thread-local variables.

The __thread variables generally fit the bill (at least on Linux/x86),
when the variable is in the main executable, or in a directly-linked DSO.

But when the DSO is dlopen()ed (and does not use initial-exec TLS model),
the first access to TLS variable from a given thread triggers a call to
malloc (with the following stack):

#0  0x00007f10ea319c97 in malloc () from /lib64/libc.so.6
#1  0x00007f10eac75b6c in tls_get_addr_tail () from /lib64/ld-linux-x86-64.so.2
#2  0x00007f10eac76760 in __tls_get_addr () from /lib64/ld-linux-x86-64.so.2
#3  ... profiler accessing __thread variable ...
#4 <signal handler>

iant>
We are currently in an unpleasant situation where it is very easy and
natural to use TLS variables--you just refer to them by name--and using
them in a signal handler almost always works just fine.  Except that in
some highly specific but not completely implausible circumstances it
crashes incomprehensibly.  This is not a good thing, it's a lurking time
bomb.



Proposed patch:
http://www.sourceware.org/ml/libc-alpha/2013-10/msg00128.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/16133] Access to __thread variable may call malloc

[carlos at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16133

Carlos O'Donell <carlos at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |carlos at redhat dot com
   Target Milestone|---                         |2.19

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/16133] Access to __thread variable may call malloc

[ppluzhnikov at google dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16133

Paul Pluzhnikov <ppluzhnikov at google dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #1 from Paul Pluzhnikov <ppluzhnikov at google dot com> ---
After a long slog, Andrew's patch has been split into 4 and committed:

https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=7f507ee17aee720fa423fa38502bc3caa0dd03d7
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=1f33d36a8a9e78c81bed59b47f260723f56bb7e6
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=35e8f7ab94c910659de9d507aa0f3e1f8973d914
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=69a17d9d245dc3551792e95e1823cc2d877592f3

Note: GNU2 TLS variant is still broken (calls malloc).

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/16133] Access to __thread variable may call malloc

[cvs-commit at gcc dot gnu.org]

http://sourceware.org/bugzilla/show_bug.cgi?id=16133

--- Comment #2 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  a494421f5268df333c589d71104a39bb6a9cff19 (commit)
      from  2112e176757483dd25a7cf38ead63a237bf5e52e (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a494421f5268df333c589d71104a39bb6a9cff19

commit a494421f5268df333c589d71104a39bb6a9cff19
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
Date:   Sat Jan 11 16:59:43 2014 -0800

    BZ 16133 has been fixed (async signal safe TLS).

-----------------------------------------------------------------------

Summary of changes:
 NEWS |   10 +++++-----
 1 files changed, 5 insertions(+), 5 deletions(-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/16133] Access to __thread variable may call malloc

[cvs-commit at gcc dot gnu.org]

http://sourceware.org/bugzilla/show_bug.cgi?id=16133

--- Comment #3 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, allan/revert-TLS-changes has been created
        at  063f2598738c340558462923d2b17a665713ed2e (commit)

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=063f2598738c340558462923d2b17a665713ed2e

commit 063f2598738c340558462923d2b17a665713ed2e
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 12:51:40 2014 +1000

    Revert "BZ 16133 has been fixed (async signal safe TLS)."

    This reverts commit a494421f5268df333c589d71104a39bb6a9cff19.

    Conflicts:
        NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c364820b18326c354ce371daff340b97da3d03db

commit c364820b18326c354ce371daff340b97da3d03db
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 12:20:11 2014 +1000

    Revert "Patch [1/4] async-signal safe TLS."

    This reverts commit 69a17d9d245dc3551792e95e1823cc2d877592f3.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c1543ec02e4dbbb39a7c452f72aa82a933f5232a

commit c1543ec02e4dbbb39a7c452f72aa82a933f5232a
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 12:19:56 2014 +1000

    Revert "Patch 3/4 of the effort to make TLS access async-signal-safe."

    This reverts commit 35e8f7ab94c910659de9d507aa0f3e1f8973d914.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=40cd533ceca15faddd466a7fdd1831d8a1bfbce6

commit 40cd533ceca15faddd466a7fdd1831d8a1bfbce6
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 12:19:19 2014 +1000

    Revert "Patch 2/4 of the effort to make TLS access async-signal-safe."

    This reverts commit 1f33d36a8a9e78c81bed59b47f260723f56bb7e6.

    Conflicts:
        elf/dl-misc.c

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9ca53ad185c8e50d0488ef0a419930e48b14f182

commit 9ca53ad185c8e50d0488ef0a419930e48b14f182
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 12:17:23 2014 +1000

    Revert "Async-signal safe TLS."

    This reverts commit 7f507ee17aee720fa423fa38502bc3caa0dd03d7.

    Conflicts:
        ChangeLog
        nptl/tst-tls7.c
        nptl/tst-tls7mod.c

-----------------------------------------------------------------------

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/16133] Access to __thread variable may call malloc

[cvs-commit at gcc dot gnu.org]

http://sourceware.org/bugzilla/show_bug.cgi?id=16133

--- Comment #4 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, allan/revert-TLS-changes has been deleted
       was  063f2598738c340558462923d2b17a665713ed2e

- Log -----------------------------------------------------------------
063f2598738c340558462923d2b17a665713ed2e Revert "BZ 16133 has been fixed (async
signal safe TLS)."
-----------------------------------------------------------------------

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/16133] Access to __thread variable may call malloc

[cvs-commit at gcc dot gnu.org]

http://sourceware.org/bugzilla/show_bug.cgi?id=16133

--- Comment #5 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, allan/revert-TLS-changes has been created
        at  b3ece0e0a4912bfedd6da72f2ae1cf5d1b10731b (commit)

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b3ece0e0a4912bfedd6da72f2ae1cf5d1b10731b

commit b3ece0e0a4912bfedd6da72f2ae1cf5d1b10731b
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 21:22:19 2014 +1000

    Revert "BZ 16133 has been fixed (async signal safe TLS)."

    This reverts commit a494421f5268df333c589d71104a39bb6a9cff19.

    Conflicts:
        NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=59cf6f94f13991336bd958a4491ee9d57109a7bd

commit 59cf6f94f13991336bd958a4491ee9d57109a7bd
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 21:21:09 2014 +1000

    Revert "Patch [1/4] async-signal safe TLS."

    This reverts commit 69a17d9d245dc3551792e95e1823cc2d877592f3.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=097c7e230df0e16bf950456676a48281e9f3a905

commit 097c7e230df0e16bf950456676a48281e9f3a905
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 21:21:00 2014 +1000

    Revert "Patch 3/4 of the effort to make TLS access async-signal-safe."

    This reverts commit 35e8f7ab94c910659de9d507aa0f3e1f8973d914.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddd7cff1fc7ca773ee02981f5c2f80116a32b325

commit ddd7cff1fc7ca773ee02981f5c2f80116a32b325
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 21:19:51 2014 +1000

    Revert "Patch 2/4 of the effort to make TLS access async-signal-safe."

    This reverts commit 1f33d36a8a9e78c81bed59b47f260723f56bb7e6.

    Conflicts:
        elf/dl-misc.c

    Also reverts the follow commits that were bug fixes to new code introduced
    in the above commit:
    063b2acbce83549df82ab30f5af573f1b9c4bd19
    b627fdd58554bc36bd344dc40a8787c4b7a9cc46
    e81c64bba13d2d8b2a4e53254a82cc80f27c8497

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=57f6ca1e5d4d50961e904a986b86174614316653

commit 57f6ca1e5d4d50961e904a986b86174614316653
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 21:14:59 2014 +1000

    Revert "Async-signal safe TLS."

    This reverts commit 7f507ee17aee720fa423fa38502bc3caa0dd03d7.

    Conflicts:
        ChangeLog
        nptl/tst-tls7.c
        nptl/tst-tls7mod.c

-----------------------------------------------------------------------

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/16133] Access to __thread variable may call malloc

[ppluzhnikov at google dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16133

Paul Pluzhnikov <ppluzhnikov at google dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|FIXED                       |---

--- Comment #6 from Paul Pluzhnikov <ppluzhnikov at google dot com> ---
Fixes reverted. Re-opening.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/16133] Access to __thread variable may call malloc

[ppluzhnikov at google dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16133

Paul Pluzhnikov <ppluzhnikov at google dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Version|unspecified                 |2.19
   Target Milestone|2.19                        |2.20

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/16133] Access to __thread variable may call malloc

[cvs-commit at gcc dot gnu.org]

http://sourceware.org/bugzilla/show_bug.cgi?id=16133

--- Comment #8 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  f482dbbec775bf72eb6510b6091fca141893c466 (commit)
       via  bf06bcee84d4c19a99925c0f58026a8cbd87a688 (commit)
       via  8b6785f0836011cace9a77f3c24e51a7379238a0 (commit)
       via  dd654bf9ba1848bf9ed250f8ebaa5097c383dcf8 (commit)
       via  73d61e4f6c65da714c0f8a3a233725322553ceba (commit)
      from  27e839f6f068b6109c6bf2f634f4426b48723218 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f482dbbec775bf72eb6510b6091fca141893c466

commit f482dbbec775bf72eb6510b6091fca141893c466
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 21:22:19 2014 +1000

    Revert "BZ 16133 has been fixed (async signal safe TLS)."

    This reverts commit a494421f5268df333c589d71104a39bb6a9cff19.

    Conflicts:
        NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bf06bcee84d4c19a99925c0f58026a8cbd87a688

commit bf06bcee84d4c19a99925c0f58026a8cbd87a688
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 21:21:09 2014 +1000

    Revert "Patch [1/4] async-signal safe TLS."

    This reverts commit 69a17d9d245dc3551792e95e1823cc2d877592f3.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8b6785f0836011cace9a77f3c24e51a7379238a0

commit 8b6785f0836011cace9a77f3c24e51a7379238a0
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 21:21:00 2014 +1000

    Revert "Patch 3/4 of the effort to make TLS access async-signal-safe."

    This reverts commit 35e8f7ab94c910659de9d507aa0f3e1f8973d914.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dd654bf9ba1848bf9ed250f8ebaa5097c383dcf8

commit dd654bf9ba1848bf9ed250f8ebaa5097c383dcf8
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 21:19:51 2014 +1000

    Revert "Patch 2/4 of the effort to make TLS access async-signal-safe."

    This reverts commit 1f33d36a8a9e78c81bed59b47f260723f56bb7e6.

    Conflicts:
        elf/dl-misc.c

    Also reverts the follow commits that were bug fixes to new code introduced
    in the above commit:
    063b2acbce83549df82ab30f5af573f1b9c4bd19
    b627fdd58554bc36bd344dc40a8787c4b7a9cc46
    e81c64bba13d2d8b2a4e53254a82cc80f27c8497

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=73d61e4f6c65da714c0f8a3a233725322553ceba

commit 73d61e4f6c65da714c0f8a3a233725322553ceba
Author: Allan McRae <allan@archlinux.org>
Date:   Wed Feb 5 21:14:59 2014 +1000

    Revert "Async-signal safe TLS."

    This reverts commit 7f507ee17aee720fa423fa38502bc3caa0dd03d7.

    Conflicts:
        ChangeLog
        nptl/tst-tls7.c
        nptl/tst-tls7mod.c

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                           |   46 -----------
 NEWS                                |   12 ++--
 elf/Versions                        |    1 -
 elf/dl-misc.c                       |  142 ----------------------------------
 elf/dl-open.c                       |    5 +-
 elf/dl-reloc.c                      |   48 +----------
 elf/dl-tls.c                        |  144 ++++++++++++-----------------------
 nptl/ChangeLog                      |    9 +--
 nptl/Makefile                       |   12 +---
 nptl/allocatestack.c                |   19 ++---
 nptl/tst-tls7.c                     |  143 ----------------------------------
 nptl/tst-tls7mod.c                  |   40 ----------
 sysdeps/generic/ldsodefs.h          |   16 ----
 sysdeps/mach/hurd/dl-sysdep.h       |    7 --
 sysdeps/unix/sysv/linux/dl-sysdep.c |   46 -----------
 sysdeps/unix/sysv/linux/dl-sysdep.h |    4 -
 16 files changed, 72 insertions(+), 622 deletions(-)
 delete mode 100644 nptl/tst-tls7.c
 delete mode 100644 nptl/tst-tls7mod.c

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/16133] Access to __thread variable may call malloc

[cvs-commit at gcc dot gnu.org]

http://sourceware.org/bugzilla/show_bug.cgi?id=16133

--- Comment #7 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, allan/revert-TLS-changes has been deleted
       was  b3ece0e0a4912bfedd6da72f2ae1cf5d1b10731b

- Log -----------------------------------------------------------------
b3ece0e0a4912bfedd6da72f2ae1cf5d1b10731b Revert "BZ 16133 has been fixed (async
signal safe TLS)."
-----------------------------------------------------------------------

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/16133] Access to __thread variable may call malloc

[fweimer at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16133

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |fweimer at redhat dot com

-- 
You are receiving this mail because:
You are on the CC list for the bug.