[committed] libstdc++: Use acq_rel memory ordering [PR 99537]

Thu, 11 Mar 2021 09:54:33 -0800 

As Lewis Baker wrote in the PR:

> The 'fetch_sub()' operation in _M_release_ownership() should be using
> memory_order::acq_rel instead of memory_order::release. The use of
> 'release' only is insufficient as it does not synchronise with any
> corresponding 'acquire' operation.

> With the current implementation, it's possible that a prior write to
> one of the _M_value or _M_head data-members by a thread releasing the
> second-to-last reference might not be visible to another thread that
> releases the last reference and frees the memory, resulting in
> potential write to freed memory.

This simply changes the memory order to acq_rel as suggested.

libstdc++-v3/ChangeLog:

        PR libstdc++/99537
        * include/std/stop_token (_Stop_state_t::_M_release_ownership):
        Use acq_rel memory ordering.

Tested powerpc64le-linux. Committed to trunk.


commit 15825b17cf3fbf28181c51fe94a2898f448f915c
Author: Jonathan Wakely <jwak...@redhat.com>
Date:   Thu Mar 11 16:44:57 2021

    libstdc++: Use acq_rel memory ordering [PR 99537]
    
    As Lewis Baker wrote in the PR:
    
    > The 'fetch_sub()' operation in _M_release_ownership() should be using
    > memory_order::acq_rel instead of memory_order::release. The use of
    > 'release' only is insufficient as it does not synchronise with any
    > corresponding 'acquire' operation.
    
    > With the current implementation, it's possible that a prior write to
    > one of the _M_value or _M_head data-members by a thread releasing the
    > second-to-last reference might not be visible to another thread that
    > releases the last reference and frees the memory, resulting in
    > potential write to freed memory.
    
    This simply changes the memory order to acq_rel as suggested.
    
    libstdc++-v3/ChangeLog:
    
            PR libstdc++/99537
            * include/std/stop_token (_Stop_state_t::_M_release_ownership):
            Use acq_rel memory ordering.

diff --git a/libstdc++-v3/include/std/stop_token 
b/libstdc++-v3/include/std/stop_token
index 83905f6525f..fffc215d2a8 100644
--- a/libstdc++-v3/include/std/stop_token
+++ b/libstdc++-v3/include/std/stop_token
@@ -185,7 +185,7 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
       void
       _M_release_ownership() noexcept
       {
-       if (_M_owners.fetch_sub(1, memory_order::release) == 1)
+       if (_M_owners.fetch_sub(1, memory_order::acq_rel) == 1)
          delete this;
       }

Reply via email to