Bug 22351 - Unaligned pthread_cond_t stopped working
Summary: Unaligned pthread_cond_t stopped working
Status: RESOLVED INVALID
Alias: None
Product: glibc
Classification: Unclassified
Component: nptl (show other bugs)
Version: 2.27
: P2 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-10-25 21:31 UTC by Tulio Magno Quites Machado Filho
Modified: 2017-11-02 11:02 UTC (History)
4 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:
fweimer: security-

Attachments
Modified version of nptl/tst-cond1.c (1.04 KB, text/x-csrc)
2017-10-25 21:31 UTC, Tulio Magno Quites Machado Filho 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tulio Magno Quites Machado Filho 2017-10-25 21:31:55 UTC 
Created attachment 10556 [details]
Modified version of nptl/tst-cond1.c

The attached program works well on glibc <= 2.24.

It has the following packed structure:

struct thread_info_t
{
  pthread_mutex_t mut;
  char c;
  pthread_cond_t cond;
};

If it's compiled on a glibc <= 2.24 machine and copied to a glibc >= 2.25 machine, it aborts.

Confirmed on x86_64 and powerpc64le.
Comment 1 Carlos O'Donell 2017-10-26 02:28:46 UTC 
(In reply to Tulio Magno Quites Machado Filho from comment #0)
> Created attachment 10556 [details]
> Modified version of nptl/tst-cond1.c
> 
> The attached program works well on glibc <= 2.24.
> 
> It has the following packed structure:
> 
> struct thread_info_t
> {
>   pthread_mutex_t mut;
>   char c;
>   pthread_cond_t cond;
> };
> 
> If it's compiled on a glibc <= 2.24 machine and copied to a glibc >= 2.25
> machine, it aborts.
> 
> Confirmed on x86_64 and powerpc64le.

In 2.25 we had the new pthread_cond_t.

Are we missing explicit padding somewhere to avoid problems with user use of pragma pack(1)?

I'm not entirely worried this isn't working, it's a bad idea to use pragma pack(1) like this, and it should be avoided, but since it worked previously, we probably need to audit any missing explicit padding?
Comment 2 Andreas Schwab 2017-10-26 08:07:18 UTC 
That it appeared to work previously is irrelevent, because it has always been broken.  The kernel requires 32-bit alignment of futex variables.
Comment 3 Tulio Magno Quites Machado Filho 2017-10-26 10:52:56 UTC 
(In reply to Carlos O'Donell from comment #1)
> Are we missing explicit padding somewhere to avoid problems with user use of
> pragma pack(1)?

No.  The problem happens because of atomic instruction that are not aligned at their natural boundary.

(In reply to Andreas Schwab from comment #2)
> That it appeared to work previously is irrelevent, because it has always
> been broken.  The kernel requires 32-bit alignment of futex variables.

For the record, it also fails with pragma pack(4).  Tested on powerpc64le.
Comment 4 Tulio Magno Quites Machado Filho 2017-10-26 18:46:59 UTC 
Re-opening this bug, so that my previous comment receive a reply.
Comment 5 Carlos O'Donell 2017-10-27 02:15:25 UTC 
(In reply to Tulio Magno Quites Machado Filho from comment #4)
> Re-opening this bug, so that my previous comment receive a reply.

There isn't much to say really. It's not supported. You have to know *exactly* how every structure in the packed structure is going to be accessed and if that's safe. In the case of POSIX threads, the person packing the structure doesn't know how it will be accessed, and violating the ABI by packing is a failure of the programmer. In some cases we can make this *safer* by introducing explicit padding, but the lead element can still be unaligned, and there is not way to fix that.

It can fail with any forced packing that happens to not honour what the actual structures need, including pack(4), on hppa you needed aligned(16) for the ldcw to work!

I think this is still a RESOLVED/INVALID use case.
Comment 6 Tulio Magno Quites Machado Filho 2017-10-27 11:09:54 UTC 
Thank you for the clarification!