From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 12774 invoked by alias); 3 Jun 2014 22:26:58 -0000 Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org Received: (qmail 12749 invoked by uid 48); 3 Jun 2014 22:26:54 -0000 From: "hideaki.kimura at gmail dot com" To: glibc-bugs@sourceware.org Subject: [Bug nptl/17013] New: pthread_cond_broadcast could call lll_unlock() twice, breaking the shared data Date: Tue, 03 Jun 2014 22:26:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: nptl X-Bugzilla-Version: 2.18 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: hideaki.kimura at gmail dot com X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2014-06/txt/msg00025.txt.bz2 https://sourceware.org/bugzilla/show_bug.cgi?id=17013 Bug ID: 17013 Summary: pthread_cond_broadcast could call lll_unlock() twice, breaking the shared data Product: glibc Version: 2.18 Status: NEW Severity: normal Priority: P2 Component: nptl Assignee: unassigned at sourceware dot org Reporter: hideaki.kimura at gmail dot com CC: drepper.fsp at gmail dot com This reports an already-fixed bug that was in glibc 2.18 and 2.19. The fix will be in the upcoming glibc 2.20, but many linux distros would employ it much later. For helping backport request in individual linux distros, I'd like to put relevant information here. An example error case I hit: - Several waitors wait on pthread_cond_wait with holding mutex. - One signal-er calls broadcast with holding mutex - The thread that invoked pthread_cond_broadcast occasionally hangs. When I attach gdb, the hanging thread is waiting at lll_lock_wait() even though there are no concurrent threads. According to the commit history, it was caused by a commit on Feb 2013; commit 8313cb997d2d("FUTEX_*_REQUEUE_PI support for non-x86 code"). Then, it was fixed by this commit on Apr 2014; https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8f630cca5c36941db1cb48726016bbed80ec1041 So, the affected versions of glibc should be 2.18 and 2.19. Yang/Siddhesh, does it sound right? -- You are receiving this mail because: You are on the CC list for the bug.