From 174709d879a15590e00119c7f91dc2460aaf571c Mon Sep 17 00:00:00 2001 From: Martin Kuchta Date: Mon, 27 Aug 2018 18:54:46 +0200 Subject: [PATCH] pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538] (cherry picked from commit 99ea93ca31795469d2a1f1570f17a5c39c2eb7e2) --- ChangeLog | 8 ++++++++ NEWS | 1 + nptl/pthread_cond_common.c | 8 ++++++-- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 7e22bd1dfc..2b771ca994 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2018-08-27 Martin Kuchta + Torvald Riegel + + [BZ #23538] + * nptl/pthread_cond_common.c (__condvar_quiesce_and_switch_g1): + Update r to include the set wake-request flag if waiters are + remaining after spinning. + 2018-07-29 H.J. Lu [BZ #23459] diff --git a/NEWS b/NEWS index 61ac02cd69..a868a652f7 100644 --- a/NEWS +++ b/NEWS @@ -146,6 +146,7 @@ The following bugs are resolved with this release: [23236] Harden function pointers in _IO_str_fields [23313] libio: Disable vtable validation in case of interposition [23349] Various glibc headers no longer compatible with + [23538] pthread_cond_broadcast: Fix waiters-after-spinning case [23363] stdio-common/tst-printf.c has non-free license [23456] Wrong index_cpu_LZCNT [23459] COMMON_CPUID_INDEX_80000001 isn't populated for Intel processors diff --git a/nptl/pthread_cond_common.c b/nptl/pthread_cond_common.c index ffbbde4106..c99435e439 100644 --- a/nptl/pthread_cond_common.c +++ b/nptl/pthread_cond_common.c @@ -405,8 +405,12 @@ __condvar_quiesce_and_switch_g1 (pthread_cond_t *cond, uint64_t wseq, { /* There is still a waiter after spinning. Set the wake-request flag and block. Relaxed MO is fine because this is just about - this futex word. */ - r = atomic_fetch_or_relaxed (cond->__data.__g_refs + g1, 1); + this futex word. + + Update r to include the set wake-request flag so that the upcoming + futex_wait only blocks if the flag is still set (otherwise, we'd + violate the basic client-side futex protocol). */ + r = atomic_fetch_or_relaxed (cond->__data.__g_refs + g1, 1) | 1; if ((r >> 1) > 0) futex_wait_simple (cond->__data.__g_refs + g1, r, private);