[cfe-dev] libc++: Race condition in facets initialization?

Andrew Parker andrew.j.c.parker at gmail.com
Wed Jul 8 04:32:17 PDT 2015


It's difficult for me to give you a repo because the whole thing relies on
our custom runtime.  I'll give you a brief description of what I have
though.

I'm just creating a dll and linking against the static windows CRT.  I rely
on the MSVC _CRT_INIT function to call static ctrs so I basically get
whatever MSVC gives me.  The offending code is as simple as:

std::cout << std::endl;

in a "main" function.  main being the first (significant) thing I call
after _CRT_INIT has returned.

Obviously no guarantees you'd be able to repro given we both probably have
changed the source and likely have quite different runtimes.

Re generally porting to msvc.  I've spent some fairly painful time getting
as far as I have.  Many of the issues I've faced relate to working around
MS's poor compiler support for MSVC.  There are numerous changes that I
think would be beneficial to the code base.  I haven't made any progress
with trying to submit them because:

a) I'm too busy.
b) I'm not familiar with the submission process.
c) I don't know whether changes would be readily accepted based on me
saying "this fixes X with MSVC".  Is there any automated testing for MSVC?
Would moderators accept code on the basis that "it doesn't break anything
else and trust me it makes Windows better"?

Roughly the changes I've made fall into 3 categories:

- Workarounds for poor compiler support.
- Fixes to libc++ fallbacks when certain features aren't available.  For
example, when _LIBCPP_HAS_NO_VARIADICS is defined the fallbacks for certain
code don't actually work.
- Minor bug fixes to libcpp (there are very few in this category and mostly
innocuous).



On Wed, Jul 8, 2015 at 6:29 PM, mfaithfull at btopenworld.com <
mfaithfull at btopenworld.com> wrote:

> I don't have a solution for you but I am very interested to stay in the
> loop on this one. I already have a 'working' port of libc++ to MSVC . It is
> highly operational but by no means thoroughly tested and 6 months out of
> date in terms of libc++ updates. I may have the same initialization order
> issue or I may not. I have implemented custom static initialization across
> this and several other libraries that operate together.
> Do you have a code example that triggers the bug?
>
> Matthew Faithfull.
>
> ----- Reply message -----
> From: "Andrew Parker" <andrew.j.c.parker at gmail.com>
> To: <cfe-dev at cs.uiuc.edu>
> Subject: [cfe-dev] libc++: Race condition in facets initialization?
> Date: Wed, Jul 8, 2015 10:32
>
> And excuse the misleading title.  It's not a race condtion.  I just have
> other stuff on the brain!  Should probably read:
>
> libc++: Order of static initialization issue with facets ?
>
> On Wed, Jul 8, 2015 at 5:26 PM, Andrew Parker <
> andrew.j..c.parker at gmail.com <andrew.j.c.parker at gmail.com>> wrote:
>
>> I'm currently porting libc++ to work with MSVC.  I'm seeing a crash when
>> I call the insertion operator on std::err.  I've traced the problem down to
>> static initialization order of the static locale::id member of
>> the ctype<char> facet.
>>
>> I've looked over the code several times and am convinced that there's a
>> genuine issue here.  It's entirely possible that the changes I've made for
>> MSVC (or just the use of MSVC itself) may be causing unexpected problems.
>> Hence the need for a second opinion.
>>
>> Here's a rough overview of the chain of events:
>>
>> - static constructors for my binary are called.
>> - ios_base::Init::Init() called to initialize std::cout, std::cerr etc..
>> - const locale& locale::__imp::make_classic() called during
>> initialization of first basic_streambuf.
>> - Enter locale::__imp::__imp(size_t refs) to start constructing and
>> installing facets into the locale.
>>
>> The cause of my particular crash is when we install ctype<char>, i.e.
>> install(&make<_VSTD::ctype<char> >(nullptr, false, 1u));
>>
>> The install member of locale::__imp looks like:
>>
>> template <class F> void install(F* f) {install(f, f->id.__get());}
>>
>> The thing to note here is that the id member of *f is actually a static
>> member of ctype<char> (the template param F is resolving to ctype<char>
>> here). The call to get() looks at the once flag member of ctype<char>::id,
>> which is zero as the id variable is static an zero initialized.  This means
>> the member __id_ of id is set to the next available id (__next_id) and
>> installed at that index in the locale.
>>
>> Things go wrong later when the static ctr for locale::id ctype<char>::id
>> is called.  This effectively zero initializes the id again.  Later on when
>> use_facet is called (during my call to the std::cerr insertion operator)
>> the id gets set again (to __next_id).  This index is invalid and causes a
>> crash when looked up in the locale.
>>
>> It seems to me that this issue would affect all of the static id members
>> of the various facets.  Any thoughts anyone?  How could this have never
>> been seen before?  Is it possible GCC/clang somehow skirt around this bug?
>>
>> I want to be sure it's not me stuffing things up before I start writing
>> patches.
>>
>> Thanks
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20150708/c7d7d1b0/attachment.html>


More information about the cfe-dev mailing list