summaryrefslogtreecommitdiff
path: root/src/thread/pthread_cond_timedwait.c
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2015-03-03 22:50:02 -0500
committerRich Felker <dalias@aerifal.cx>2015-03-03 22:50:02 -0500
commit56fbaa3bbe73f12af2bfbbcf2adb196e6f9fe264 (patch)
tree09fbe371b108e25bb2f9c90e74da356359950d29 /src/thread/pthread_cond_timedwait.c
parenteb4bd8d8bb5c9f535ee8250edd4efbd3d4f84c5a (diff)
downloadmusl-56fbaa3bbe73f12af2bfbbcf2adb196e6f9fe264.tar.gz
musl-56fbaa3bbe73f12af2bfbbcf2adb196e6f9fe264.tar.bz2
musl-56fbaa3bbe73f12af2bfbbcf2adb196e6f9fe264.tar.xz
musl-56fbaa3bbe73f12af2bfbbcf2adb196e6f9fe264.zip
make all objects used with atomic operations volatile
the memory model we use internally for atomics permits plain loads of values which may be subject to concurrent modification without requiring that a special load function be used. since a compiler is free to make transformations that alter the number of loads or the way in which loads are performed, the compiler is theoretically free to break this usage. the most obvious concern is with atomic cas constructs: something of the form tmp=*p;a_cas(p,tmp,f(tmp)); could be transformed to a_cas(p,*p,f(*p)); where the latter is intended to show multiple loads of *p whose resulting values might fail to be equal; this would break the atomicity of the whole operation. but even more fundamental breakage is possible. with the changes being made now, objects that may be modified by atomics are modeled as volatile, and the atomic operations performed on them by other threads are modeled as asynchronous stores by hardware which happens to be acting on the request of another thread. such modeling of course does not itself address memory synchronization between cores/cpus, but that aspect was already handled. this all seems less than ideal, but it's the best we can do without mandating a C11 compiler and using the C11 model for atomics. in the case of pthread_once_t, the ABI type of the underlying object is not volatile-qualified. so we are assuming that accessing the object through a volatile-qualified lvalue via casts yields volatile access semantics. the language of the C standard is somewhat unclear on this matter, but this is an assumption the linux kernel also makes, and seems to be the correct interpretation of the standard.
Diffstat (limited to 'src/thread/pthread_cond_timedwait.c')
-rw-r--r--src/thread/pthread_cond_timedwait.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/src/thread/pthread_cond_timedwait.c b/src/thread/pthread_cond_timedwait.c
index f5fd08c0..27b1a99a 100644
--- a/src/thread/pthread_cond_timedwait.c
+++ b/src/thread/pthread_cond_timedwait.c
@@ -29,8 +29,8 @@ int __pthread_setcancelstate(int, int *);
struct waiter {
struct waiter *prev, *next;
- int state, barrier;
- int *notify;
+ volatile int state, barrier;
+ volatile int *notify;
};
/* Self-synchronized-destruction-safe lock functions */
@@ -67,7 +67,8 @@ enum {
int __pthread_cond_timedwait(pthread_cond_t *restrict c, pthread_mutex_t *restrict m, const struct timespec *restrict ts)
{
struct waiter node = { 0 };
- int e, seq, *fut, clock = c->_c_clock, cs, shared=0, oldstate, tmp;
+ int e, seq, clock = c->_c_clock, cs, shared=0, oldstate, tmp;
+ volatile int *fut;
if ((m->_m_type&15) && (m->_m_lock&INT_MAX) != __pthread_self()->tid)
return EPERM;
@@ -175,7 +176,8 @@ done:
int __private_cond_signal(pthread_cond_t *c, int n)
{
struct waiter *p, *first=0;
- int ref = 0, cur;
+ volatile int ref = 0;
+ int cur;
lock(&c->_c_lock);
for (p=c->_c_tail; n && p; p=p->prev) {