Racing to Win: Using Race Conditions in Correct Concurrent Software

Utilizing race conditions to build
correct concurrent software
Racing to Win
Devon H. O’Dell | Engineer @Fastly | @dhobsd | [email protected] | https://9vx.org/

View Slide

•Devon H. O’Dell,
@dhobsd
•
•Performance and
debugging nut
•Zappa fan

View Slide

View Slide

Process A
stack
heap
text
Process B
stack
heap
text
Process C
stack
heap
text
Cache node

View Slide

Cache node
Process A
stack
heap
text
Process B
stack
heap
text
Process C
stack
heap
text
μslab

View Slide

Slab
allocator

View Slide

Object
Slab
Object Object Object Object Object Object Object Object Object Object

View Slide

Object
Allocation
Object Object Object Object Object Object Object Object Object Object
alloc() alloc() alloc()

View Slide

Object
Freeing
Object Object
Object Object Object Object Object Object Object Object
free( ) free( )
free( )

View Slide

Object Object Object Object Object Object Object Object Object Object Object

View Slide

Allocator Protocol
•A request to allocate receives a
response containing an object
•A request to free receives a response
when the supplied object is freed
•Allocate must not return allocated object
•Free must not release unallocated object

View Slide

Execution Histories
Time
A(allocate response)
A(allocate request)
B(allocate request)
B(allocate response)

View Slide

Protocol Violation!
Time
A(allocate request)
B(allocate request)

View Slide

A(allocation request)
B(allocation request)
A(allocation response)
B(allocation response)
Time

View Slide

https://cs.brown.edu/~mph/HerlihyW90/p463-herlihy.pdf
1990

View Slide

Sequential History
Time
A(allocate request)
{ }
A(free request)
A(free response)
{ }
B(allocate request)
{ }

View Slide

obj *allocate() { 
 
obj *h = freelist->head;
freelist->head = h->next; 
return h; 
}
void free(obj *o) {
o->next = freelist->head;
freelist->head = o;
}

View Slide

lock(&global_mutex); 
unlock(&global_mutex);
return h; 
}
void free(obj *o) {
lock(&global_mutex);
freelist->head = o;
unlock(&global_mutex);
}

View Slide

Snapshot Current Lock State
Update State to Locked
Was Snapshot Locked?
Yes
Done
No
Atomic
Test and Set Lock

View Slide

Set State Unlocked
Atomic
Test and Set Unlock

View Slide

typedef spinlock int
#define LOCKED 1
#define UNLOCKED 0
void lock(spinlock *m) {
while (atomic_tas(m, LOCKED) == LOCKED)
stall();
}
void unlock(spinlock *m) {
atomic_store(m, UNLOCKED);
}
Many code examples
derived from Concurrency Kit
http://concurrencykit.org

View Slide

void lock(spinlock *m) { 
stall(); 
}
A(TAS request)
A(TAS response)
{ }

View Slide

A(TAS request)
A(TAS response)
{ }
A(lock request)
A(lock response)
Time
TAS is embedded in Lock

View Slide

A(TAS request)
A(TAS response)
{ }
A(lock request)
A(lock response)
Time
TAS & Store can’t be reordered
B(unlock request)
B(unlock response)
B(Store request)
B(Store response)
{ }

View Slide

All execution histories
All sequentially-consistent
execution histories
All ??? execution histories
⊇
⊇

View Slide

All execution histories
All sequentially-consistent
execution histories
All linearizable execution
histories
⊇
⊇

View Slide

http://dl.acm.org/citation.cfm?id=176576
1994

View Slide

Linearizability
•Easier to use in formal verification
•Applies to individual objects
•Composable

View Slide

A(TAS request)
A(TAS response)
{ }
A(lock request)
A(lock response)
Time
Others can be reordered
B(unlock request)
B(unlock response)
B(Store request)
B(Store response)
{ }

View Slide

stall(); 
}
void unlock(spinlock *m) { 
atomic_store(m, UNLOCKED); 
}

View Slide

http://dl.acm.org/citation.cfm?id=69624.357207
1983

View Slide

lock(&global_lock); 
unlock(&global_lock);
return h; 
}
void free(obj *o) {
lock(&global_lock);
freelist->head = o;
unlock(&global_lock);
}

View Slide

stall(); 
}
void unlock(spinlock *m) { 
atomic_store(m, UNLOCKED); 
}

View Slide

Locked alloc/free (10s)
10,000,000
20,000,000
30,000,000
40,000,000
50,000,000
60,000,000
Threads
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
52,720,687
Test and Set
Spinlock Performance

View Slide

10,000,000
20,000,000
30,000,000
40,000,000
50,000,000
60,000,000
Threads
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
52,720,687
2,876,615
Test and Set

View Slide

10,000,000
20,000,000
30,000,000
40,000,000
50,000,000
60,000,000
Threads
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Test and Set

View Slide

10
100
1,000
10,000
100,000
1,000,000
10,000,000
100,000,000
Threads
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Test and Set

View Slide

typedef spinlock int; 
#define LOCKED 1 
#define UNLOCKED 0 
 
stall(); 
}

View Slide

while (*m == LOCKED)
stall();
}
Test and Test and Set

View Slide

10
100
1,000
10,000
100,000
1,000,000
10,000,000
100,000,000
Threads
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Test and Set T&T&S

View Slide

TAS + Backoff
uint64_t backoff = 0, exp = 0;
while (atomic_tas(m, LOCKED) == LOCKED) {
for (uint64_t b = 0; b < backoff; b++)
stall();
backoff = (1ULL << exp++);
}
}

View Slide

10,000,000
20,000,000
30,000,000
40,000,000
50,000,000
60,000,000
Threads
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Test and Set T&T&S TAS + EB

View Slide

stall(); 
}
stall(); 
}
spinlock global_lock = UNLOCKED

View Slide

stall(); 
}
stall(); 
}
spinlock global_lock = LOCKED

View Slide

A function is lock-free if at all times
at least one thread is
guaranteed to be making progress.
(Herlihy & Shavit)

View Slide

/* TODO linearize */ 
return h; 
}
void free(obj *o) {
/* TODO linearize */
freelist->head = o;
}

View Slide

Non-Blocking
Algorithms

View Slide

Compare
and Swap

View Slide

Compare-And-Swap
Cmpr and *
Old value
Destination
Address

View Slide

Compare-And-Swap
≠
Return false
Cmpr and *
Old value
Destination
Address

View Slide

Old value New value
=
Destination
Address
Copy to *
Return true
Cmpr and *
Compare-And-Swap
≠
Return false

View Slide

Old value New value
=
Destination
Address
Copy to *
Return true
Cmpr and *
Compare-And-Swap
≠
Return false
Atomic

View Slide

obj *allocate(slab *s) { 
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
} while (!cas(&s->head, a, b)); 
return a; 
}
slab head A B …

View Slide

slab head A B …
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}

View Slide

obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}
A B …
slab head

View Slide

B …
slab head
A
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}

View Slide

obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}
Cmpr and *
a
a
slab head A B …
b
a,
&s->head, b

View Slide

slab head Z
Cmpr and *
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}
a
a
b
a,
&s->head, b

View Slide

slab head Z A B
Cmpr and *
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}
a
a
b
a,
&s->head, b

View Slide

slab head B …
Cmpr and *
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}
a
a
b
a,
&s->head, b

View Slide

void free(slab *s, obj *o) {
do {
obj *t = s->head;
o->next = t;
} while (!cas(&s->head, t, o));
}
B …
slab head

View Slide

slab head A B …
do {
obj *t = s->head;
o->next = t;
}

View Slide

A B C
slab head

View Slide

obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}
A B C
slab head

View Slide

A B C
slab head
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}

View Slide

A B C
some_object = allocate(&shared_slab);
slab head
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}

View Slide

B C
A
slab head
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}

View Slide

B C
another_obj = allocate(&shared_slab);
A
slab head
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}

View Slide

C
A
B
slab head
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}

View Slide

free(some_object);
B
C
A
slab head
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}

View Slide

B
A C
slab head
free(some_object);
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}

View Slide

B
C
slab head
free(some_object);
A
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}

View Slide

B
B C
slab head
free(some_object);
A
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
return a; 
}

View Slide

The ABA Problem
“A reference about to be modiﬁed by a CAS changes
from a to b and back to a again. As a result, the CAS
succeeds even though its effect on the data structure
has changed and no longer has the desired effect.”
—Herlihy & Shavit, p. 235

View Slide

A B …
slab head
166
obj *a, *b; 
do { 
a = s->head; 
b = a->next; 
} while (!cas(a, b, &s->head)); 
return a; 
}

View Slide

slab orig, update; 
do { 
orig.gen = s->gen; 
orig.head = s->head; 
update.gen = orig.gen + 1; 
update.head = orig.head->next; 
} while (!dcas(s, &orig, &update)); 
return orig.head; 
}
A B …
slab head
166

View Slide

do {
obj *t = s->head;
o->next = t;
}

View Slide

alloc/free pairs (10s)
10,000,000
20,000,000
30,000,000
40,000,000
50,000,000
60,000,000
Threads
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
TAS T&T&S TAS + EB Concurrent Allocator
pthread
Allocator Throughput

View Slide

alloc/free pairs (10s)
10
100
1,000
10,000
100,000
1,000,000
10,000,000
100,000,000
Threads
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
TAS T&T&S TAS + EB Concurrent Allocator
pthread
Allocator Throughput

View Slide

CPU Cycles (rdtscp)

View Slide

Takeaways

View Slide

uslab.io

View Slide

View Slide

Thanks
@dhobsd | https://9vx.org | http://uslab.io
Come see us at the Fastly booth!

View Slide

Further Reading
•“Is Parallel Programming Hard, And, If So, What Can You Do About It?”,
created and edited by Paul McKenney, https://www.kernel.org/pub/
linux/kernel/people/paulmck/perfbook/perfbook.html
•“Nonblocking Algorithms and Scalable Multicore Programming”, Samy Al
Bahra, https://queue.acm.org/detail.cfm?id=2492433
•“What Every Programmer Should Know About Memory”, Ulrich Drepper,
http://www.akkadia.org/drepper/cpumemory.pdf

View Slide

•“The C++ Memory Model Meets High-Update-Rate Data Structures”,
Paul McKenney, http://www.rdrop.com/~paulmck/RCU/C++Updates.
2014.09.11a.pdf, https://www.youtube.com/watch?v=1Q-RH2tiyt0
•Obstruction-Free Algorithms can be Practically Wait-Free: Finch,
Luchangco, Moir, Shavit - 2005 http://people.csail.mit.edu/shanir/
publications/DISC2005.pdf
•Are Lock-Free Concurrent Algorithms Practically Wait-Free?: Alistarh,
Censor-Hillel, Shavit - 2013 http://arxiv.org/abs/1311.3200
Further Reading

View Slide

•“Lock-Free By Example”, Tony Van Eerd, https://www.youtube.com/
watch?v=Xf35TLFKiO8
•Concurrency Kit: http://concurrencykit.org
•µSlab: http://uslab.io
Further Reading

View Slide

• I assume reproduction rights to all images under fair use; this slide is for reference purposes and fair
attribution.
• Mario, Mario Kart, and other related franchises are registered trademarks of Nintendo and its
associates. I am in no way affiliated with or endorsed by Nintendo.
• Mario Kart 8 screenshot from eBash video game centers at http://ebash.com/wp-content/uploads/
2015/02/mariokart.jpg
• Lakitu stop light animation from IGN at http://31.media.tumblr.com/
bd374359bd39369cdbf25755d4b2e570/tumblr_mfj2dnGBTL1rfjowdo1_500.gif
• Brittney Griner blocking from Bleacher Report, but high-res source seems to have disappeared :(
Image Credits

View Slide

Racing to Win: Using Race Conditions in Correct Concurrent Software

Racing to Win: Using Race Conditions in Correct Concurrent Software

Devon H. O'Dell

More Decks by Devon H. O'Dell

Other Decks in Programming

Featured

Transcript