From: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Tue, 1 Oct 2013 15:05:28 +0000 (+0530)
Subject: Fix PI mutex check in pthread_cond_broadcast and pthread_cond_signal
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=860ec8e62a01a9c9e5087aa4cfd3b5e03fc7649b;p=thirdparty%2Fglibc.git

Fix PI mutex check in pthread_cond_broadcast and pthread_cond_signal

Fixes BZ #15988.

The check had a typo - it checked for PTHREAD_MUTEX_ROBUST_NP instead
of PTHREAD_MUTEX_ROBUST_NORMAL_NP.  It has now been replaced by the
already existing convenience macro USE_REQUEUE_PI.
---

diff --git a/NEWS b/NEWS
index 9d7ca623c9f..8689dd0a294 100644
--- a/NEWS
+++ b/NEWS
@@ -23,7 +23,7 @@ Version 2.18
   15465, 15480, 15485, 15488, 15490, 15492, 15493, 15497, 15506, 15522,
   15529, 15532, 15536, 15553, 15577, 15583, 15618, 15627, 15631, 15654,
   15655, 15666, 15667, 15674, 15711, 15755, 15759, 15797, 15892, 15893,
-  15895.
+  15895, 15988.
 
 * CVE-2013-2207 Incorrectly granting access to another user's pseudo-terminal
   has been fixed by disabling the use of pt_chown (Bugzilla #15755).
diff --git a/nptl/ChangeLog b/nptl/ChangeLog
index eae507965f3..26ee3870a0f 100644
--- a/nptl/ChangeLog
+++ b/nptl/ChangeLog
@@ -1,3 +1,12 @@
+2013-10-01  Siddhesh Poyarekar  <siddhesh@redhat.com>
+
+	[BZ #15988]
+	* pthread_cond_broadcast.c (__pthread_cond_broadcast)
+	[lll_futex_cmp_requeue_pi && __ASSUME_REQUEUE_PI]: Use
+	USE_REQUEUE_PI.
+	* pthread_cond_signal.c (__pthread_cond_signal)
+	[lll_futex_cmd_requeue_pi && __ASSUME_REQUEUE_PI]: Likewise.
+
 2013-07-23  David S. Miller  <davem@davemloft.net>
 
 	* tst-cancel4.c (WRITE_BUFFER_SIZE): Adjust comment.
diff --git a/nptl/pthread_cond_broadcast.c b/nptl/pthread_cond_broadcast.c
index 0702ec0ec2b..7ba9efa0c0b 100644
--- a/nptl/pthread_cond_broadcast.c
+++ b/nptl/pthread_cond_broadcast.c
@@ -63,10 +63,7 @@ __pthread_cond_broadcast (cond)
 
 #if (defined lll_futex_cmp_requeue_pi \
      && defined __ASSUME_REQUEUE_PI)
-      int pi_flag = PTHREAD_MUTEX_PRIO_INHERIT_NP | PTHREAD_MUTEX_ROBUST_NP;
-      pi_flag &= mut->__data.__kind;
-
-      if (pi_flag == PTHREAD_MUTEX_PRIO_INHERIT_NP)
+      if (USE_REQUEUE_PI (mut))
 	{
 	  if (lll_futex_cmp_requeue_pi (&cond->__data.__futex, 1, INT_MAX,
 					&mut->__data.__lock, futex_val,
diff --git a/nptl/pthread_cond_signal.c b/nptl/pthread_cond_signal.c
index 102d0b380ce..ffc35dc9e1f 100644
--- a/nptl/pthread_cond_signal.c
+++ b/nptl/pthread_cond_signal.c
@@ -49,14 +49,9 @@ __pthread_cond_signal (cond)
 
 #if (defined lll_futex_cmp_requeue_pi \
      && defined __ASSUME_REQUEUE_PI)
-      int pi_flag = PTHREAD_MUTEX_PRIO_INHERIT_NP | PTHREAD_MUTEX_ROBUST_NP;
       pthread_mutex_t *mut = cond->__data.__mutex;
 
-      /* Do not use requeue for pshared condvars.  */
-      if (mut != (void *) ~0l)
-	pi_flag &= mut->__data.__kind;
-
-      if (__builtin_expect (pi_flag == PTHREAD_MUTEX_PRIO_INHERIT_NP, 0)
+      if (USE_REQUEUE_PI (mut)
 	/* This can only really fail with a ENOSYS, since nobody can modify
 	   futex while we have the cond_lock.  */
 	  && lll_futex_cmp_requeue_pi (&cond->__data.__futex, 1, 0,