From: Jacek Caban <jacek@codeweavers.com>
To: LIU Hao <lh_mouse@126.com>,
i.nixman@autistici.org,
"mingw-w64-public@lists.sourceforge.net"
<mingw-w64-public@lists.sourceforge.net>
Cc: Wakely <jwakely@redhat.com>,
libstdc++@gcc.gnu.org, gcc-patches@gcc.gnu.org,
Eric Botcazou <ebotcazou@adacore.com>
Subject: Re: Adding a new thread model to GCC
Date: Mon, 24 Oct 2022 22:50:16 +0200 [thread overview]
Message-ID: <4651c417-6dcf-4570-1796-43bfa140c6fc@codeweavers.com> (raw)
In-Reply-To: <8a3105e7-c7aa-7f70-d8ae-2808ca126291@126.com>
On 10/24/22 05:40, LIU Hao via Gcc-patches wrote:
> 在 2022/10/21 20:34, i.nixman@autistici.org 写道:
>>
>> got it...
>> anyway it seems logical to me the way I proposed :)
>>
>>
>
> Below is a message forwarded from mingw-w64-public, elaborating the
> necessity of a new thread model.
>
> As there are objections from other mingw-w64 developers, I am putting
> those patches against mingw-w64-crt on hold for now. Despite that, all
> threading facilities - mutexes, condition variables, once flags, etc.
> - are still fully functional within the mcf thread model.
>
> In addition, I will keep maintaining my personal builds (from GCC 12
> release branch) with these patches at https://gcc-mcf.lhmouse.com/.
>
>
> -------- Forwarded Message --------
> 在 2022/10/23 18:06, Jacek Caban 写道:
> >
> > Please, let's not do that. It's possible to fix existing
> implementations, we don't need to make
> > things more complicated than they are.
> >
>
> Okay okay, I think I have to compose a thorough list of problems that
> we are facing at the moment, and had better have a permalink to the
> mailing list archive that I can reference elsewhere. I have been tired
> of repeating the same grounds of arguments again and again:
>
>
> 1. In a DLL, destructors of static objects and callbacks that are
> registered
> with `atexit()`, are executed by `LdrShutdownProcess()`, after all
> the other
> thread have been terminated `ZwTerminateProcessO(NULL, status)`.
> This means
> that, if another thread has been terminated while holding a mutex,
> the mutex
> can never get unlocked. If a destructor attempts to lock the same
> mutex,
> deadlocks will occur. Destructors of executables do not suffer
> from this
> issue, because they are executed before `RtlExitUserProcess()`.
>
> Standard behavior: Static destructors and exit callbacks should be
> executed
> while other threads are running. If another thread attempts to
> access a
> destroyed object, the behavior is undefined; the user is
> responsible to
> prevent this from happening, by joining or suspending it.
>
>
> 2. Following 1, in a DLL, static destructors and exit callbacks are still
> invoked when `_Exit()` or `quick_exit()` is called.
>
> Standard behavior: `_Exit()` should not perform any cleanup; not
> even open
> files are flushed. `quick_exit()` shall invoke all quick-exit
> callbacks in
> reverse order, then call `_Exit()`.
>
>
> 3. There is a use-after-free bug [1] about thread-local destructors. I
> suspect
> this is caused by emutls, because GCC uses `__cxa_thread_atexit()` to
> register thread-local destructors, which could interleave with
> `emutls_destroy()`.
>
> Standard behavior: This is not allowed to happen. mcfgthread
> solves this
> issue by running thread-local destructors and thread-specific key
> destructors as two separate passes [3].
>
> [1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80816
> [2]
> https://github.com/gcc-mirror/gcc/blob/f84e4fb44aa26b71fbc64e0532fd24d96e5caa3f/libgcc/emutls.c#L96
> [3]
> https://github.com/lhmouse/mcfgthread/blob/63e034d375caf585e2921cd3455f1048feb2172d/src/xglobals.c#L249
>
>
> 4. In the win32 thread model, thread-specific key destructors are
> called at
> process exit [4], after static destructors.
>
> Standard behavior: They shall be called only when a thread exits,
> and the
> associated thread-specific values are not a null pointer. They
> shall not be
> called when a program terminates; instead, users are responsible for
> deallocating such resources before calling `exit()`. This
> requirement is
> missing in POSIX, but formally specified by ISO/IEC 9899:2017, as
> the 4th
> paragraph in '7.26.6.1 The tss_create function'.
>
> [4]
> https://github.com/mingw-w64/mingw-w64/blob/d0a034a04d312434b842c4869a8a900568d8db98/mingw-w64-crt/crt/tlsthrd.c#L134
Those 4 points describes problems that you solve in the new threading
model, but there is no reason they can't be fixed for existing threading
models. In fact, ideally they would be fixed for all threading models.
Except now we need to worry about one more threading model, meaning that
future bugs will be even harder to fix.
>
> 5. Wait operations, of timed mutexes and condition variables, should take
> absolute time points as `struct timespec`.
>
> Standard behavior: Both POSIX and ISO C specifies them as such,
> while all
> Windows APIs take relative durations as a 32-bit integer of
> milliseconds,
> which can also easily get overflown.
This also may be supported in existing threading models. Overflow is
trivial to fix by waiting in a loop. (There are other reasons why OS
support for absolute timeout is slightly better, but the price of this
design decision makes it questionable. I plan to elaborate more on that
on mingw ML, but I need to find time to do a bit of research first).
Jacek
next prev parent reply other threads:[~2022-10-24 20:51 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-01 18:34 LIU Hao
2022-10-01 20:02 ` Bernhard Reutner-Fischer
2022-10-21 9:58 ` Jonathan Wakely
2022-10-21 10:09 ` i.nixman
2022-10-21 10:48 ` Jonathan Wakely
2022-10-21 10:55 ` i.nixman
2022-10-21 11:36 ` LIU Hao
2022-10-21 11:54 ` i.nixman
2022-10-21 12:19 ` LIU Hao
2022-10-21 12:34 ` i.nixman
2022-10-24 3:40 ` LIU Hao
2022-10-24 20:50 ` Jacek Caban [this message]
2022-10-21 11:44 ` Eric Botcazou
2022-10-21 11:55 ` i.nixman
2022-10-24 6:53 ` i.nixman
2022-10-24 8:15 ` Eric Botcazou
2022-10-24 8:20 ` i.nixman
2022-10-31 9:18 ` Eric Botcazou
2022-10-31 15:22 ` i.nixman
2022-11-01 5:22 ` i.nixman
2022-11-01 9:09 ` Eric Botcazou
2022-11-02 12:05 ` i.nixman
2022-11-02 21:27 ` Eric Botcazou
2022-11-02 21:40 ` i.nixman
2022-12-16 17:18 ` Jonathan Wakely
2022-12-16 19:20 ` Eric Botcazou
2022-12-22 12:21 ` Jonathan Yong
2022-12-22 12:28 ` i.nixman
2022-12-23 23:59 ` Jonathan Yong
2022-12-24 5:58 ` NightStrike
2022-12-24 6:27 ` i.nixman
2022-12-24 13:50 ` i.nixman
2022-12-24 15:42 ` i.nixman
2022-12-24 15:57 ` i.nixman
2022-12-24 21:22 ` i.nixman
2022-12-25 1:10 ` Jonathan Yong
2023-01-09 21:56 ` Eric Botcazou
2022-12-24 6:22 ` i.nixman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4651c417-6dcf-4570-1796-43bfa140c6fc@codeweavers.com \
--to=jacek@codeweavers.com \
--cc=ebotcazou@adacore.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=i.nixman@autistici.org \
--cc=jwakely@redhat.com \
--cc=lh_mouse@126.com \
--cc=libstdc++@gcc.gnu.org \
--cc=mingw-w64-public@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).