[Openmp-commits] [PATCH] D39439: [OpenMP]Fix race condition in omp_init_lock
Adam Azarchs via Phabricator via Openmp-commits
openmp-commits at lists.llvm.org
Mon Oct 30 16:48:09 PDT 2017
adam-azarchs created this revision.
adam-azarchs added a project: OpenMP.
This is a partial fix for bug 34050.
This prevents callers of omp_set_lock (which does not hold `__kmp_global_lock`) from
ever seeing an uninitialized version of `__kmp_i_lock_table.table`.
It does not solve a use-after-free race condition if omp_set_lock obtains a pointer to
`__kmp_i_lock_table.table` before it is updated and then attempts to dereference
afterwards. That race is far less likely and can be handled in a separate patch.
The unit test usually segfaults on the current trunk revision. It passes with the patch.
https://reviews.llvm.org/D39439
Files:
runtime/src/kmp_lock.cpp
runtime/test/lock/omp_init_lock.c
testsuite/omp_testsuite.h
Index: testsuite/omp_testsuite.h
===================================================================
--- testsuite/omp_testsuite.h
+++ testsuite/omp_testsuite.h
@@ -46,6 +46,8 @@
int crosstest_omp_parallel_if(FILE * logfile); /* Crosstest for omp parallel if */
int test_omp_lock(FILE * logfile); /* Test for omp_lock */
int crosstest_omp_lock(FILE * logfile); /* Crosstest for omp_lock */
+int test_omp_init_lock(FILE * logfile); /* Test for omp_init_lock */
+int crosstest_omp_init_lock(FILE * logfile); /* Crosstest for omp_init_lock */
int test_omp_parallel_shared(FILE * logfile); /* Test for omp parallel shared */
int crosstest_omp_parallel_shared(FILE * logfile); /* Crosstest for omp parallel shared */
int test_omp_task_imp_shared(FILE * logfile); /* Test for omp task */
Index: runtime/test/lock/omp_init_lock.c
===================================================================
--- runtime/test/lock/omp_init_lock.c
+++ runtime/test/lock/omp_init_lock.c
@@ -0,0 +1,36 @@
+// RUN: %libomp-compile-and-run
+#include "omp_testsuite.h"
+#include <stdio.h>
+
+int test_omp_init_lock() {
+ int i;
+#pragma omp parallel for schedule(static) num_threads(NUM_TASKS)
+ for (i = 0; i < LOOPCOUNT; i++) {
+ int j;
+ omp_lock_t lcks[1000];
+ for (j = 0; j < 1000; j++) {
+ omp_init_lock(&lcks[j]);
+ }
+ for (j = 0; j < 1000 * 100; j++) {
+ omp_set_lock(&lcks[j / 100]);
+ omp_unset_lock(&lcks[j / 100]);
+ }
+ for (j = 0; j < 1000; j++) {
+ omp_init_lock(&lcks[j]);
+ }
+ }
+
+ return 1;
+}
+
+int main() {
+ int i;
+ int num_failed = 0;
+
+ for (i = 0; i < REPETITIONS; i++) {
+ if (!test_omp_init_lock()) {
+ num_failed++;
+ }
+ }
+ return num_failed;
+}
Index: runtime/src/kmp_lock.cpp
===================================================================
--- runtime/src/kmp_lock.cpp
+++ runtime/src/kmp_lock.cpp
@@ -3059,11 +3059,12 @@
if (idx == __kmp_i_lock_table.size) {
// Double up the space for block pointers
int row = __kmp_i_lock_table.size / KMP_I_LOCK_CHUNK;
- kmp_indirect_lock_t **old_table = __kmp_i_lock_table.table;
- __kmp_i_lock_table.table = (kmp_indirect_lock_t **)__kmp_allocate(
+ kmp_indirect_lock_t **new_table = (kmp_indirect_lock_t **)__kmp_allocate(
2 * row * sizeof(kmp_indirect_lock_t *));
- KMP_MEMCPY(__kmp_i_lock_table.table, old_table,
+ KMP_MEMCPY(new_table, __kmp_i_lock_table.table,
row * sizeof(kmp_indirect_lock_t *));
+ kmp_indirect_lock_t **old_table = __kmp_i_lock_table.table;
+ __kmp_i_lock_table.table = new_table;
__kmp_free(old_table);
// Allocate new objects in the new blocks
for (int i = row; i < 2 * row; ++i)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D39439.120911.patch
Type: text/x-patch
Size: 2746 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/openmp-commits/attachments/20171030/4323a0ba/attachment.bin>
More information about the Openmp-commits
mailing list