Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 29 Aug 2014 20:40:41 +0200
From: Jens Gustedt <jens.gustedt@...ia.fr>
To: musl@...ts.openwall.com
Subject: Re: C threads, v. 6.2

Am Freitag, den 29.08.2014, 11:56 -0400 schrieb Rich Felker:
> On Fri, Aug 29, 2014 at 09:56:39AM +0200, Jens Gustedt wrote:
> > Am Donnerstag, den 28.08.2014, 19:38 -0400 schrieb Rich Felker:
> > > Perhaps I should clarify: what I mean by "what we're doing" is
> > > defining pthread_mutex_t and mtx_t as separate structs with identical
> > > contents (a single union with no tag). Your latest version with
> > > __pthread_mutex_t is not a possibility because it changes the C++ ABI.
> > >
> > > In principle we could do something like with the definition of
> > > pthread_t where it changes depending on whether the header is being
> > > used in a C or C++ program, but that's quite ugly and not something
> > > I'd much like to do...
> > > 
> > > Is your conclusion still that it's okay? I think so but I just want to
> > > confirm.
> > 
> > Ok, now I see.
> > 
> > (for the discussion let's just take mutexes as example, similar would
> > apply for cv)
> > 
> > Yes, done carefully this would be an option. By carefully meaning that
> > we have to ensure that all TU see only either type, not both.
> > 
> > For pthread this would be easy, basically nothing changes, good.
> > 
> > For C threads that base themselves on pthread this would be a pain. We
> > have to call pthread functions with mutex parameters. We couldn't just
> > simply include the pthread.h header, since this would drag in the
> > pthread type definitinions.
> > 
> > 
> > We could get away with it, by some hackery
> > 
> > ** Option 1:
> > 
> > C threads do something like the following in all C thread TU, or have
> > an intermediate header "threads_impl.h" that does this
> > 
> > typedef mtx_t pthread_mutex_t
> > #define __DEFINED_pthread_mutex_t
> > 
> > #include "pthread_impl.h"
> > 
> > ** Option 2:
> > 
> > In "pthread_impl.h" have:
> > 
> > typedef pthread_mutex_t __pthread_mutex_t;
> > 
> > In "threads_impl.h" have:
> > 
> > typedef mtx_t __pthread_mutex_t;
> > 
> > and then let all __pthread_xxxxx functions that we provide to be used
> > by the C thread implementation use __pthread_mutex_t.
> 
> Or maybe, Option 3: Just don't include pthread_impl.h or pthread.h at
> all in the C11 wrapper files for these types. These are only a few
> files and they don't need access to any pthread types because they're
> just wrappers.

They are not just wrappers, there are some real functions, at least
for the time being, and this would close down a migration path to
separate implementations.

We could look into it, how the use of pthread_impl.h could be reduced,
but I don't think it can completely be avoided.

> > All of this would explode in our face the day a user wants to use
> > pthread_mutex_t and mtx_t in the same application. A use case could be
> > that he uses one library that protects CS with pthread_mutex_t and
> > another that uses mtx_t. Now suddenly we have code that sees two
> > different types, with possibly subtle bugs due to aliasing.
> 
> How so? The TUs that see both types cannot touch the contents of them
> at all, since they're opaque types.

I have the impression that I still don't get where you are heading
for.

These are *not* opaque types. In both models we have to expose a type
to the user code such that user code may declare a mutex variable, for
example. User code that uses both interfaces and has a pointer to
pthread_mutex_t and another pointer to mtx_t will either "know" that
both are the same type, or that the two types differ. There is no in
between. And according to that one may alias the other (or not).

> Also I'm still not convinced that any aliasing of the struct objects
> happens (there is no access of whole structs, assignment of structs,
> etc. in the relevant code), only of the int and void* members, which
> have the correct effective types.

I am not sure that such an aliasing model is reasonable. All struct
decompose to basic types at the end. What you are saying sounds to me
as if you are claiming that for

struct A0 { double d; int a; } va;
struct B0 { int b; double e; } vb;

the fact that va.a and vb.b are both int leads to some possible
conclusion whether or not they could be aliasing.

My reading of the aliasing rule says that they will never alias since
they are parts of objects of different type. For that argument nothing
changes if we have

struct A1 { int a; } *pa;
struct B1 { int b; } *pb;

for pa->a and pb->b. pa and pb point to differently typed objects so
they can't alias, and so pa->a and pb->b can't alias.

So whether or not pthread_mutex_t and mtx_t are the same type or not
matters.

Jens

-- 
:: INRIA Nancy Grand Est ::: AlGorille ::: ICube/ICPS :::
:: ::::::::::::::: office Strasbourg : +33 368854536   ::
:: :::::::::::::::::::::: gsm France : +33 651400183   ::
:: ::::::::::::::: gsm international : +49 15737185122 ::
:: http://icube-icps.unistra.fr/index.php/Jens_Gustedt ::



Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.