From: Mark H Weaver <mhw@netris.org>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: Andy Wingo <wingo@igalia.com>, 28211@debbugs.gnu.org
Subject: bug#28211: Stack marking issue in multi-threaded code
Date: Fri, 29 Jun 2018 19:18:07 -0400 [thread overview]
Message-ID: <87efgpw5ao.fsf@netris.org> (raw)
In-Reply-To: <87muvdthp4.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Fri, 29 Jun 2018 23:18:31 +0200")
Hi Ludovic,
ludo@gnu.org (Ludovic Courtès) writes:
> Mark H Weaver <mhw@netris.org> skribis:
>
>> ludo@gnu.org (Ludovic Courtès) writes:
>
> [...]
>
>>> I’m thinking we could perhaps add a compiler barrier before ‘vp->fp = new_fp’
>>> statements, but in practice it’s not necessary here (x86_64, gcc 7).
>>>
>>> Thoughts?
>
> I just pushed the patch as 23af45e248e8e2bec99c712842bf24d6661abbe2.
>
>> Indeed, we need something to ensure that the compiler won't reorder
>> these writes. My recommendation would be to use the 'volatile'
>> qualifier in the declarations of both the 'fp' field of 'struct scm_vm'
>> and the stack element modified by SCM_FRAME_SET_DYNAMIC_LINK.
>>
>> Maybe something like this:
>>
>> diff --git a/libguile/frames.h b/libguile/frames.h
>> index ef2db3df5..8554f886b 100644
>> --- a/libguile/frames.h
>> +++ b/libguile/frames.h
>> @@ -89,6 +89,7 @@
>> union scm_vm_stack_element
>> {
>> scm_t_uintptr as_uint;
>> + volatile scm_t_uintptr as_volatile_uint;
>
> [...]
>
>> +#define SCM_FRAME_SET_DYNAMIC_LINK(fp, dl) ((fp)[1].as_volatile_uint = ((dl) - (fp)))
>
> I’m not sure this is exactly what we need.
>
> What I had in mind, to make sure the vp->fp assignment really happens
> after the SCM_FRAME_SET_DYNAMIC_LINK, was to do something like this:
>
> SCM_FRAME_SET_RETURN_ADDRESS (new_fp, …);
> SCM_FRAME_SET_DYNAMIC_LINK (new_fp, …);
>
> asm volatile ("" : : : "memory");
>
> vp->fp = new_fp;
>
> I think that more accurately reflects what we want, WDYT?
>
> It’s GCC-specific though (I don’t think Clang implements ‘asm’ in a
> compatible way, does it?) and I suppose we’d have to ignore the non-GCC
> case.
Right, the problem is that the "asm volatile" solution is not portable.
To my mind, it's fine to optionally use GCC extensions for improved
performance, but I think we should ensure that Guile works reliably when
compiled with any conforming C compiler.
What problem do you see with my proposed portable solution? If I
understand C99 section 5.1.2.3 paragraph 2 correctly, compilers are not
permitted to reorder accesses to volatile objects as long as there is a
sequence point between them.
I should say that I'm not confident that _either_ of these proposed
solutions will adequately address all of the possible problems that
could occur when GC is performed on VM threads stopped at arbitrary
points in their execution.
Mark
next prev parent reply other threads:[~2018-06-29 23:20 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-23 22:20 bug#28211: Grafting code triggers GC/thread-safety issue on Guile 2.2.2 Ludovic Courtès
2017-08-23 22:48 ` Ludovic Courtès
2018-04-24 16:03 ` Ludovic Courtès
2018-05-08 21:55 ` Ludovic Courtès
2018-05-09 0:32 ` Mark H Weaver
2018-05-09 7:17 ` Ludovic Courtès
2018-05-09 9:11 ` Andy Wingo
2018-05-10 6:50 ` Mark H Weaver
2018-05-10 7:53 ` Andy Wingo
2018-06-29 15:03 ` bug#28211: Stack marking issue in multi-threaded code Ludovic Courtès
2018-06-29 16:54 ` Mark H Weaver
2018-06-29 21:18 ` Ludovic Courtès
2018-06-29 23:18 ` Mark H Weaver [this message]
2018-06-30 20:53 ` Ludovic Courtès
2018-06-30 21:49 ` Mark H Weaver
2018-07-01 10:12 ` Andy Wingo
2018-07-03 19:01 ` Mark H Weaver
2020-03-12 21:59 ` bug#28211: Stack marking issue in multi-threaded code, 2020 edition Ludovic Courtès
2020-03-13 22:38 ` Ludovic Courtès
2020-03-17 21:16 ` Andy Wingo
2018-05-10 15:48 ` bug#28211: Grafting code triggers GC/thread-safety issue on Guile 2.2.2 Mark H Weaver
2018-05-10 16:01 ` Mark H Weaver
2018-07-02 10:28 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87efgpw5ao.fsf@netris.org \
--to=mhw@netris.org \
--cc=28211@debbugs.gnu.org \
--cc=ludo@gnu.org \
--cc=wingo@igalia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).