• Advertisement
  • entries
    627
  • comments
    1447
  • views
    1008964

Concurrent programming bug - the solution

Sign in to follow this  

949 views

In my last post I outlined a bug that recently bit me in a reference-counting mechanism in a concurrent system.

If you haven't solved the mystery yet, here's some hints from common guesses I've seen from various people:

  • The reference count is implemented using atomic intrinsics.
  • Atomicity and alignment are proven correct for the platform in question.
  • Mutual exclusion and other locking mechanisms are not necessary for the solution.
  • Reference counts are "correct" at all times in that there is no leaked reference.
  • RAII is already in use, so it will not magically make the problem go away.
    If you're still scratching your head, here's one last clue: the bug manifests as accessing a deleted object in memory. I strongly encourage everyone to try and figure it out before reading on to the following spoilers.


    [rollup="Spoiler hint 1"]Note that the critical assumption is that the asynchronous task will take longer than the controller code to complete.[/rollup]

    [rollup="Spoiler hint 2"]Consider carefully what happens if the first async task returns before execution of the controller code reaches the second refcount increment.[/rollup]

    [rollup=Solution]There is an edge case where the first async task completes while the first thread is suspended (or otherwise moving "slowly"). In this situation, the reference count returns to 0 after the task completes, and the resource is freed. When we go to hand off the object to the second async task, it's already been destroyed!

    The fix for this problem is to have the controller logic initialize the reference count to 1 instead of 0, and do an extra ref decrement before exiting the control function. This ensures that the resource lives long enough for the control logic to completely hand it off to the async tasks and take care of any error handling or other complexities that need to be managed. The reason this was tricky to find was that the error handling and early-exit conditions are complex in the actual code, and offered an endless list of red herrings that I spent a ton of time chasing.

    Moral #1: always initialize reference counts to positive values. Or, as someone cleverly put it, never hand off references to something you don't own yourself.

    Moral #2: thorough examination of assumptions can be critical to truly solving (as opposed to indefinitely masking) concurrency bugs. If you find yourself very sure that something is true, and can't possibly be the problem, go check it carefully. You might be surprised about what is and isn't guaranteed in the concurrent world.[/rollup]

    A couple lucky people picked up the solution pretty fast, but for the most part this seems like something that most programmers I've shown this to are not thinking about. Ironically, a few have had "aha!" moments where they recalled various coding conventions and rules about reference counting, and suddenly understood why those rules exist.


    Thanks for playing!
Sign in to follow this  


1 Comment


Recommended Comments

I had an issue just like this recently. Testing the most efficient way to store a stream of ~1 gb of data per second to an SSD array. I was creating x number of threads, then I would WaitForMultipleObjects on these threads.

 

It is a 24 core machine with hyperthreading, and there are those who thought using all cores simultaneously would be the best way (huh?!). When testing 16 or 24 threads, it would occasionally crash!

 

It turns out the problem was exactly the same very similar to yours. A thread would actually finish and exit prior to finishing the creation of all, say, 24. Occasionally, windows would reuse the thread id on a proceeding thread of the set. When this happened, WaitForMultipleObjects would die while waiting for the same thread id twice (a known but understated issue).

 

Go figure. Thanks for sharing yours!  [edit - not exactly the same]

Share this comment


Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Advertisement