public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "goldstein.w.n at gmail dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug libc/29863] Segmentation fault in memcmp-sse2.S if memory contents can concurrently change
Date: Tue, 13 Dec 2022 20:18:07 +0000 [thread overview]
Message-ID: <bug-29863-131-0IXawz17IW@http.sourceware.org/bugzilla/> (raw)
In-Reply-To: <bug-29863-131@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=29863
--- Comment #10 from Noah Goldstein <goldstein.w.n at gmail dot com> ---
(In reply to Noah Goldstein from comment #9)
> (In reply to K.S. Bhaskar from comment #8)
> > (In reply to Andrew Pinski from comment #6)
> > > (In reply to Narayanan Iyer from comment #5)
> > > > Seems to me you are saying that `memcmp()` can only be called on memory that
> > > > is guaranteed to be never changing. And that it should never be called on a
> > > > shared memory buffer whose contents could be concurrently changing as it
> > > > goes into undefined behavior territory. That does not sound right to me as
> > > > we have been using `memcmp()` with shared memory (where multiple processes
> > > > write to that memory buffer all the time) for the past 25+ years on a
> > > > variety of architectures and operating systems and have never once seen a
> > > > SIG-11 in memcmp().
> > >
> > > That does not mean it is correctly well defined code.
> > > memcmp cannot be used on memory which is going to be changed under its back.
> > > since it is not atomic.
> >
> > Since memcmp() is not atomic, it is of course appropriate for the the
> > results of the comparison to have a race condition. However, since the
> > addresses by which a process has that memory mapped don't change, a SIG-11
> > should never occur. Even if all other processes which have that memory
> > mapped terminate while the memcmp() is running in a process, that process
> > will not unmap the memory and it will remain valid (assuming it was valid to
> > start with).
>
> memcmp() is incorrect if the values change from under it. How that
> incorrectness will manifest is completely undefined.
Out of curiosity what is the use-case that causes this to happen? Is it
idiomatic in some way?
I'm unhappy that the code causes a SIG-11 in this case, but changing
it to harden against this case is not free for correct usage performance
so I'm not really convinced it's worth supporting this buggy usage unless
this bug is common to some idiomatic schema (although even then, I'm not
sure whether we could harden the entire string/mem library to that
usage or even what changes that would imply).
--
You are receiving this mail because:
You are on the CC list for the bug.
next prev parent reply other threads:[~2022-12-13 20:18 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-07 10:49 [Bug libc/29863] New: " nars at yottadb dot com
2022-12-12 13:02 ` [Bug libc/29863] " nars at yottadb dot com
2022-12-13 18:26 ` pinskia at gcc dot gnu.org
2022-12-13 18:28 ` pinskia at gcc dot gnu.org
2022-12-13 18:33 ` nars at yottadb dot com
2022-12-13 18:39 ` pinskia at gcc dot gnu.org
2022-12-13 18:45 ` nars at yottadb dot com
2022-12-13 18:52 ` pinskia at gcc dot gnu.org
2022-12-13 19:13 ` goldstein.w.n at gmail dot com
2022-12-13 19:36 ` bhaskar at yottadb dot com
2022-12-13 20:09 ` goldstein.w.n at gmail dot com
2022-12-13 20:18 ` goldstein.w.n at gmail dot com [this message]
2022-12-13 20:46 ` nars at yottadb dot com
2022-12-13 21:09 ` hjl.tools at gmail dot com
2022-12-13 21:53 ` bhaskar at yottadb dot com
2022-12-13 23:01 ` goldstein.w.n at gmail dot com
2022-12-13 23:16 ` nars at yottadb dot com
2022-12-13 23:39 ` goldstein.w.n at gmail dot com
2022-12-14 0:14 ` goldstein.w.n at gmail dot com
2022-12-14 7:45 ` sam at gentoo dot org
2022-12-14 15:40 ` nars at yottadb dot com
2022-12-14 18:17 ` nars at yottadb dot com
2023-05-14 21:46 ` ppluzhnikov at google dot com
2023-05-14 21:48 ` ppluzhnikov at google dot com
2023-05-14 21:49 ` ppluzhnikov at google dot com
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-29863-131-0IXawz17IW@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=glibc-bugs@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).