Skip to content

Hoist value access outside section without lock #6342

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 6, 2025
Merged

Hoist value access outside section without lock #6342

merged 1 commit into from
Mar 6, 2025

Conversation

contificate
Copy link
Contributor

The runtime lock is not being held when String_val(...) is used on OCaml values. Instead, we duplicate the strings whilst holding the lock, then use (and free) the values without the lock.

Thanks to @last-genius for spotting this. It's a bad pattern used in other places with less consequence (e.g. Int_val is unboxed and cannot be relocated), but they should all be changed - I just wanted to quickly address this in particular, since it's my mistake.

Hoist value access outside section without lock
d88446c 
The runtime lock is not being held when String_val(...) is used on OCaml
values. Instead, we duplicate the strings whilst holding the lock, then
use (and free) the values without the lock.

Signed-off-by: Colin James <colin.barr@cloud.com>
@contificate contificate requested a review from last-genius March 6, 2025 14:49
@contificate contificate added this pull request to the merge queue Mar 6, 2025
@lindig
Copy link
Contributor

lindig commented Mar 6, 2025
edited
Loading

Is the release of the runtime lock in this case an optimisation and this would work without releasing it? The OCaml value is copied to local variables, which can't move, and later the memory is freed.

@contificate
Copy link
Contributor Author

Is the release of the runtime lock in this case an optimisation and this would work without releasing it? The OCaml value is copied to local variables, which can move, and later the memory is freed.

Yeah, the lock could remain held for the duration of the call. I believe, on some implementations, you can configure the setting parameter such that it expends a lot of iterations within crypt_r, so it's released here to allow other threads to be scheduled while we do that.

The problem in the previous code is that the lock is released but then we refer to an OCaml (block) value which, as you say, could be relocated by another thread triggering GC movement. There are other cases where this is done which we should guard against, as pointed out by Andriy, but those are less important as they are working with local values (like integers passed by value from OCaml to C, so no chance of dereferencing a moved object). Still, we should abide by the OCaml manual and ensure we aren't doing that everywhere. I wanted to quickly address this snippet in particular because I wrote the erroneous stub.

Merged via the queue into xapi-project:master with commit 3a5b8d0 Mar 6, 2025
17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@psafont psafont psafont approved these changes

@last-genius last-genius last-genius approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@contificate @lindig @psafont @last-genius