From patchwork Wed Nov 28 21:03:33 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: [4.8] Fix PR48076
Date: Wed, 28 Nov 2012 11:03:33 -0000
From: Richard Henderson <rth@redhat.com>
X-Patchwork-Id: 202548
Message-Id: <50B67C25.5020502@redhat.com>
To: GCC Patches <gcc-patches@gcc.gnu.org>

Thanks to Torvald for the many sanity checks analyzing this problem.

Tested on x86_64 and alpha-linux.


r~
PR libgcc/48076
        * emutls.c (__emutls_get_address): Avoid race condition between
        obj->loc.offset read and emutls_key initialization.


diff --git a/libgcc/emutls.c b/libgcc/emutls.c
index 22ea440..f1b653b 100644
--- a/libgcc/emutls.c
+++ b/libgcc/emutls.c
@@ -136,7 +136,7 @@ __emutls_get_address (struct __emutls_object *obj)
 #ifndef __GTHREADS
   abort ();
 #else
-  pointer offset = obj->loc.offset;
+  pointer offset = __atomic_load_n (&obj->loc.offset, __ATOMIC_ACQUIRE);
 
   if (__builtin_expect (offset == 0, 0))
     {
@@ -147,7 +147,7 @@ __emutls_get_address (struct __emutls_object *obj)
       if (offset == 0)
 	{
 	  offset = ++emutls_size;
-	  obj->loc.offset = offset;
+	  __atomic_store_n (&obj->loc.offset, offset, __ATOMIC_RELEASE);
 	}
       __gthread_mutex_unlock (&emutls_mutex);
     }