New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
_Py_atomic_* not actually atomic on Windows with MSVC #74932
Comments
_Py_atomic_store and _Py_atomic_load are not implemented as atomic operations on Windows when using Visual Studio to build. This might cause hard to troubleshoot behaviour, especially in third party hosting applications.. |
Unless you've got an example of this causing actual issues, it should only go into 3.7. All platforms supported by Windows guarantee atomicity for aligned, pointer-sized reads and writes, but there appear to be memory fencing semantics in here too. I don't understand entirely why we need this code at all, so I'll let Victor or Serhiy comment. |
The general issue those macros want to prevent is that modern CPUs have a tendency to execute a lot of stuff out-of-order, *including* memory operations. From the perspective of a single hardware core (or thread, really), that's fine since it has a logically consistent view of the machine's state (it knows which operations have been reordered, which values have been committed to cache or not, etc.). But what happens when another hardware core examines in-memory state at the same time? It might find values changing in a different order than the programmer had intended. If it's important that the visible order hasn't been changed, you have a bug. Note that C "volatile" is not enough: it only prevents the *compiler* from re-ordering or eliding memory accesses, but not the CPU. As such, "volatile" is only useful if you have a single word-sized piece of state that you need to inspect from several threads at once. But the eval loop uses several of them, and therefore needs to prevent the CPU from writing or reading them in the wrong order (which may produce synchronization bugs such as deadlocks). Also note that traditionally, x86 has a "strong" memory ordering model which prevents nasty kinds of reorderings to happen. But other architectures such as ARM or SPARC can have much weaker memory models (IIRC, we had sporadic hangs on an ARM buildbot a long time ago, because of that, but I can't find a reference). I admit I'm unable to vouch that the current code is correct. Jeffrey Yasskin did the original change adding the Py_atomic types and using them in the GIL implementation. |
Antoine said it best. It's very hard to prove that this code is correct or incorrect as it requires multiple threads accessing the same variable and very specific timings to produce an actual issue. My PR only solved half of the issue because I didn't really have a good idea for how to handle the load macro but I think it out today so I'll be updating the PR. Would there be any interest of implementing them for MSVC/ARM as well? It's basically the same code so not much work, however I don't have a platform to actually test it. |
Sure, since you're there. It's not easy to test, but I know people who are doing it, so it'll get noticed eventually. Maybe there's some sort of stress test we can write that is likely to encounter issues? I've done that before to detect concurrency issues in particularly complex code. |
Has enough time passed that you can use the C11 atomic types and operations instead of special-casing these for each compiler? (e.g. http://en.cppreference.com/w/c/atomic/atomic_store) |
Unfortunately not: """Python versions greater than or equal to 3.6 use C89 with several select C99 features: [...]""" (PEP-7). |
Microsoft don't spend much time on the C compiler features, still lacking C99 features so I don't have much hope of getting C11 support anytime soon or at all. One could of course implement a cross platform stdatomic library that matches the C11 spec. |
This commit added *a lot* of warnings - http://buildbot.python.org/all/builders/AMD64%20Windows10%203.x/builds/1056 Most are of the form: I can't obviously see where they are coming from, but someone please fix them. |
My guess would be the cast from uintptr_t to intptr_t in the return type. I'll look into this, when possible, should have some time later this week or over the weekend. |
Thanks to Segev Finer for submitting the PR which fixed the warnings! |
When working on clang-cl support, I was advised here https://reviews.llvm.org/D47672#1131325 that we may be using hardware lock elision incorrectly. Copying from there:
I believe if we just use the simple _InterlockedExchange/_InterlockedCompareExchange intrinsics, things should be safer. |
I would be ok with reverting to the non-HLE variants. Does anyone want to test the performance implications on TSX-enabled hardware? |
The HLE variants were simply chosen to match the semantics on other It would be interesting seeing some benchmarks but I don't have any idea on On Thu, 14 Jun 2018, 21:32 Antoine Pitrou, <report@bugs.python.org> wrote:
|
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: