From 6f9d4f595e4073807ad0e844cbb3b3d7158b76d5 Mon Sep 17 00:00:00 2001 From: Torvald Riegel Date: Wed, 17 Aug 2016 13:56:11 +0200 Subject: Fix incorrect double-checked locking related to _res_hconf.initialized. _res_hconf.initialized was not suitable for use in a multi-threaded environment due to the lack of atomics and memory barriers. Use of it was also unnecessary because _res_hconf_init did the right thing by using __libc_once. This patch fixes the glibc-internal uses by just calling _res_hconf_init unconditionally, and switches to a release MO atomic store for _res_hconf.initialized to fix the glibc side of the synchronization problem (which will maintain backward compatibility, but cannot fix the lack of acquire MO on any glibc-external loads). [BZ #20477] * resolv/res_hconf.c (do_init): Use atomic access. * resolv/res_hconf.h: Add comments. * nscd/aicache.c (addhstaiX): Call _res_hconf_init unconditionally. * nss/getXXbyYY_r.c (REENTRANT_NAME): Likewise. * sysdeps/posix/getaddrinfo.c (gaih_inet): Likewise. --- resolv/res_hconf.c | 3 ++- resolv/res_hconf.h | 9 +++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) (limited to 'resolv') diff --git a/resolv/res_hconf.c b/resolv/res_hconf.c index 5cd1289..093c268 100644 --- a/resolv/res_hconf.c +++ b/resolv/res_hconf.c @@ -348,7 +348,8 @@ do_init (void) arg_trimdomain_list (ENV_TRIM_OVERR, 1, envval); } - _res_hconf.initialized = 1; + /* See comments on the declaration of _res_hconf. */ + atomic_store_release (&_res_hconf.initialized, 1); } diff --git a/resolv/res_hconf.h b/resolv/res_hconf.h index b97734d..a3d23f3 100644 --- a/resolv/res_hconf.h +++ b/resolv/res_hconf.h @@ -25,6 +25,15 @@ struct hconf { + /* We keep the INITIALIZED member only for backwards compatibility. New + code should just call _res_hconf_init unconditionally. For this field + to be used safely, users must ensure that either (1) a call to + _res_hconf_init happens-before any load from INITIALIZED, or (2) an + assignment of zero to INITIALIZED happens-before any load from it, and + these loads use acquire MO if the intent is to skip calling + _res_hconf_init if the load returns a nonzero value. Such acquire MO + loads will then synchronize with the release MO store to INITIALIZED + in do_init in res_hconf.c; see pthread_once for more detail. */ int initialized; int unused1; int unused2[4]; -- cgit v1.1