bug#28211: Grafting code triggers GC/thread-safety issue on Guile 2.2.2

unofficial mirror of bug-guix@gnu.org 
 help / color / mirror / code / Atom feed

From: Andy Wingo <wingo@igalia.com>
To: Mark H Weaver <mhw@netris.org>
Cc: 28211@debbugs.gnu.org
Subject: bug#28211: Grafting code triggers GC/thread-safety issue on Guile 2.2.2
Date: Thu, 10 May 2018 09:53:18 +0200	[thread overview]
Message-ID: <87tvrg3q1d.fsf@igalia.com> (raw)
In-Reply-To: <87fu30dmx3.fsf@netris.org> (Mark H. Weaver's message of "Thu, 10 May 2018 02:50:32 -0400")

On Thu 10 May 2018 08:50, Mark H Weaver <mhw@netris.org> writes:

> Andy Wingo <wingo@igalia.com> writes:
>
>> On Wed 09 May 2018 02:32, Mark H Weaver <mhw@netris.org> writes:
>>
>>> However, I think it's _far_ more likely that the NULL argument on the
>>> stack was copied from memory shared by multiple threads without proper
>>> thread synchronization.
>>
>> I think this is unlikely on x86 given its total-store-ordering memory
>> model.  I agree with you about the value of barriers, but I don't think
>> they are part of this bug that Ludo is seeing.
>
> I think you're forgetting about the C compiler.  It's true that x86
> machine code has a TSO memory model, but C does not.  In the absence of
> barriers, the C compiler may freely reorder stores to non-volatile,
> non-atomic objects.  In particular, it is free to reorder the
> initialization of an object with the write of that object's address.
>
> I admit that I haven't checked whether GCC 5.5.0 does this in practice.
> Do you have reason to believe that it never does so?

Oh I agree with you here as well, and compiler reordering could well be
happening here.  My suspicions are however that it's not happening.  In
libguile, we rarely mutate shared state, and in that case it's usually
within mutexes.  The main source of mutation in libguile is
initialization -- but there that's on a fresh object local to a thread,
and we try to avoid publishing that object to other threads without a
barrier (atomic or mutex), and in any case such publishing is usually
outside of the region that a compiler can work on.

There is the possibility of mutation via e.g. vector-set!, but hopefully
we aren't doing that on shared data; likewise in Scheme there are
barriers (the atomic box instructions and mutexes, both of which are
compiler barriers as well).  It's still possible to write Scheme
programs with races, of course, but I don't think that's what's
happening here.

I could be misunderstanding things of course!

Andy

next prev parent reply	other threads:[~2018-05-10  7:54 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-08-23 22:20 bug#28211: Grafting code triggers GC/thread-safety issue on Guile 2.2.2 Ludovic Courtès
2017-08-23 22:48 ` Ludovic Courtès
2018-04-24 16:03 ` Ludovic Courtès
2018-05-08 21:55   ` Ludovic Courtès
2018-05-09  0:32     ` Mark H Weaver
2018-05-09  7:17       ` Ludovic Courtès
2018-05-09  9:11       ` Andy Wingo
2018-05-10  6:50         ` Mark H Weaver
2018-05-10  7:53           ` Andy Wingo [this message]
2018-06-29 15:03             ` bug#28211: Stack marking issue in multi-threaded code Ludovic Courtès
2018-06-29 16:54               ` Mark H Weaver
2018-06-29 21:18                 ` Ludovic Courtès
2018-06-29 23:18                   ` Mark H Weaver
2018-06-30 20:53                     ` Ludovic Courtès
2018-06-30 21:49                       ` Mark H Weaver
2018-07-01 10:12                         ` Andy Wingo
2018-07-03 19:01                           ` Mark H Weaver
2020-03-12 21:59               ` bug#28211: Stack marking issue in multi-threaded code, 2020 edition Ludovic Courtès
2020-03-13 22:38                 ` Ludovic Courtès
2020-03-17 21:16                 ` Andy Wingo
2018-05-10 15:48     ` bug#28211: Grafting code triggers GC/thread-safety issue on Guile 2.2.2 Mark H Weaver
2018-05-10 16:01       ` Mark H Weaver
2018-07-02 10:28 ` Ludovic Courtès

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87tvrg3q1d.fsf@igalia.com \
    --to=wingo@igalia.com \
    --cc=28211@debbugs.gnu.org \
    --cc=mhw@netris.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).