This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [RFC] "a number of longstanding race condition bugs present in glibc"

From: Rich Felker <dalias at aerifal dot cx>
To: Adhemerval Zanella <azanella at linux dot vnet dot ibm dot com>
Cc: "GNU C. Library" <libc-alpha at sourceware dot org>
Date: Thu, 6 Mar 2014 13:08:59 -0500
Subject: Re: [RFC] "a number of longstanding race condition bugs present in glibc"
Authentication-results: sourceware.org; auth=none
References: <5318AF96 dot 8020501 at linux dot vnet dot ibm dot com>

On Thu, Mar 06, 2014 at 02:25:42PM -0300, Adhemerval Zanella wrote:
> Hi Rich,
> 
> Chatting with Siddhesh and Carlos, they told me GLIBC does have some issues condition variables
> (I need to check if there is a BZ for that), and also the sem_post issue. Are these the the
> "a number of longstanding race condition bugs present in glibc" you cited at 
> http://www.phoronix.com/scan.php?page=news_item&px=MTYyMzM ?

Those are definitely included, but the big ones are the cancellation
races described on my blog at:

http://ewontfix.com/2/

and in glibc issue #12683:

https://sourceware.org/bugzilla/show_bug.cgi?id=12683

These make it virtually impossible to use cancellation safely. (At the
very least you would have to block cancellation around all
cancellation points which allocate or free resources.)

Since then, attempts to follow up with the Austin Group seem to have
clarified (see issue #614, http://austingroupbugs.net/view.php?id=614,
and issue 529 which was referenced in the response to it) that the
requirements on side effects in the event of cancellation are as I
interpret them. A related glibc issue (symptom of the same design
problem) is:

https://sourceware.org/bugzilla/show_bug.cgi?id=14147

A few other race-related issues present in glibc (and which musl's
implementation of pthreads avoids) are:

https://sourceware.org/bugzilla/show_bug.cgi?id=12889
https://sourceware.org/bugzilla/show_bug.cgi?id=13065
https://sourceware.org/bugzilla/show_bug.cgi?id=14749
https://sourceware.org/bugzilla/show_bug.cgi?id=14830
https://sourceware.org/bugzilla/show_bug.cgi?id=15368

And one which musl shares (musl's POSIX aio is very immature and due
for an overhaul):

https://sourceware.org/bugzilla/show_bug.cgi?id=14942

That should cover all the ones I reported. You mentioned sem_post and
cond var issues; I believe they are:

https://sourceware.org/bugzilla/show_bug.cgi?id=12674
https://sourceware.org/bugzilla/show_bug.cgi?id=13165

There may be a few more I'm forgetting.

Thanks for the interest and prompting me to make this list. If I have
time I might expand on it a bit and turn it into a blog post. I'd be
very happy to increase the level of awareness about these bugs and get
some attention on fixing them.

Rich

Follow-Ups:
- Re: [RFC] "a number of longstanding race condition bugs present in glibc"
  - From: Rich Felker

References:
- [RFC] "a number of longstanding race condition bugs present in glibc"
  - From: Adhemerval Zanella

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]