apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 51851] New: Error in apr_atomic_xchgptr
Date Tue, 20 Sep 2011 18:23:09 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=51851

             Bug #: 51851
           Summary: Error in apr_atomic_xchgptr
           Product: APR
           Version: HEAD
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: APR
        AssignedTo: bugs@apr.apache.org
        ReportedBy: mattiase@acm.org
    Classification: Unclassified


The version of apr_atomic_xchgptr() in atomic/unix/ia32.c is completely broken:

APR_DECLARE(void*) apr_atomic_xchgptr(volatile void **mem, void *with)
{
    void *prev;
#if APR_SIZEOF_VOIDP == 4
    asm volatile ("xchgl %2, %1"
                  : "=a" (prev), "+m" (*mem)
                  : "0" (with));
#elif APR_SIZEOF_VOIDP == 8
    asm volatile ("xchgq %q2, %1"
                  : "=a" (prev), "+m" (*mem)
                  : "r" ((unsigned long)with));
#else
#error APR_SIZEOF_VOIDP value not supported
#endif
    return prev;
}

For x86-64, the generated asm will be something like

  a0:   48 87 37                xchg   %rsi,(%rdi)
  a3:   c3                      retq   

which is clearly wrong; the return value (%rax) isn't set, so the function
returns garbage. This makes svn crash on startup when this code is used.
Suggested patch:

--- atomic/unix/ia32.c  (revision 1173061)
+++ atomic/unix/ia32.c  (arbetskopia)
@@ -117,7 +117,7 @@
 #elif APR_SIZEOF_VOIDP == 8
     asm volatile ("xchgq %q2, %1"
                   : "=a" (prev), "+m" (*mem)
-                  : "r" ((unsigned long)with));
+                  : "0" ((unsigned long)with));
 #else
 #error APR_SIZEOF_VOIDP value not supported
 #endif

The cast to unsigned long should really go away as well; it just breaks the
code on IL32P64 platforms for no good reason.

By the way, the same function in atomic/unix/builtins.c is correct, but it adds
an mfence instruction. I'm not sure that is needed - the XCHG instruction has
an implicit memory fence.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org


Mime
View raw message