From 7e5af9cecf7e4db91a18f923dcb882cf3f67ab23 Mon Sep 17 00:00:00 2001 From: Nathan Hjelm Date: Wed, 10 Dec 2014 12:51:44 -0700 Subject: [PATCH] opal_lifo: fix potential race condition when using 128-bit atomics On x86_64 reading a 128-bit value requires multiple instructions. Under some conditions if the counted pointer counter is read before the item pointer the fifo can be left in an inconsistent state. This commit forces the read of the counter to always be read first. The fifo does not appear to suffer from the same race. --- opal/class/opal_lifo.h | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/opal/class/opal_lifo.h b/opal/class/opal_lifo.h index 9d6e07d9c7..5f1ea972d7 100644 --- a/opal/class/opal_lifo.h +++ b/opal/class/opal_lifo.h @@ -122,7 +122,6 @@ static inline opal_list_item_t *opal_lifo_push_atomic (opal_lifo_t *lifo, /* to protect against ABA issues it is sufficient to only update the counter in pop */ if (opal_atomic_cmpset_ptr (&lifo->opal_lifo_head.data.item, next, item)) { - opal_atomic_wmb (); return next; } /* DO some kind of pause to release the bus */ @@ -139,10 +138,9 @@ static inline opal_list_item_t *opal_lifo_pop_atomic (opal_lifo_t* lifo) do { opal_counted_pointer_t old_head; + old_head.data.counter = lifo->opal_lifo_head.data.counter; opal_atomic_rmb (); - - old_head.value = lifo->opal_lifo_head.value; - item = old_head.data.item; + item = old_head.data.item = lifo->opal_lifo_head.data.item; if (item == &lifo->opal_lifo_ghost) { return NULL;