[Git][ghc/ghc][master] Don’t store the async exception masking state in CATCH frames
Marge Bot (@marge-bot)
gitlab at gitlab.haskell.org
Tue Sep 19 12:45:40 UTC 2023
Marge Bot pushed to branch master at Glasgow Haskell Compiler / GHC
Commits:
8b61dfd6 by Alexis King at 2023-09-19T08:45:13-04:00
Don’t store the async exception masking state in CATCH frames
- - - - -
14 changed files:
- libraries/ghc-heap/GHC/Exts/Heap/Closures.hs
- libraries/ghc-heap/GHC/Exts/Stack/Constants.hsc
- libraries/ghc-heap/GHC/Exts/Stack/Decode.hs
- libraries/ghc-heap/tests/stack_misc_closures.hs
- libraries/ghc-heap/tests/stack_misc_closures_c.c
- rts/Continuation.c
- rts/Exception.cmm
- rts/RaiseAsync.c
- rts/Schedule.c
- rts/include/rts/storage/Closures.h
- + testsuite/tests/rts/continuations/T23513.hs
- + testsuite/tests/rts/continuations/T23513.stdout
- testsuite/tests/rts/continuations/all.T
- utils/deriveConstants/Main.hs
Changes:
=====================================
libraries/ghc-heap/GHC/Exts/Heap/Closures.hs
=====================================
@@ -412,7 +412,6 @@ data GenStackFrame b =
| CatchFrame
{ info_tbl :: !StgInfoTable
- , exceptions_blocked :: !Word
, handler :: !b
}
=====================================
libraries/ghc-heap/GHC/Exts/Stack/Constants.hsc
=====================================
@@ -23,10 +23,6 @@ offsetStgCatchFrameHandler :: WordOffset
offsetStgCatchFrameHandler = byteOffsetToWordOffset $
(#const OFFSET_StgCatchFrame_handler) + (#size StgHeader)
-offsetStgCatchFrameExceptionsBlocked :: WordOffset
-offsetStgCatchFrameExceptionsBlocked = byteOffsetToWordOffset $
- (#const OFFSET_StgCatchFrame_exceptions_blocked) + (#size StgHeader)
-
sizeStgCatchFrame :: Int
sizeStgCatchFrame = bytesToWords $
(#const SIZEOF_StgCatchFrame_NoHdr) + (#size StgHeader)
=====================================
libraries/ghc-heap/GHC/Exts/Stack/Decode.hs
=====================================
@@ -331,12 +331,10 @@ unpackStackFrame (StackSnapshot stackSnapshot#, index) = do
updatee = updatee'
}
CATCH_FRAME -> do
- let exceptions_blocked' = getWord stackSnapshot# (index + offsetStgCatchFrameExceptionsBlocked)
- handler' = getClosureBox stackSnapshot# (index + offsetStgCatchFrameHandler)
+ let handler' = getClosureBox stackSnapshot# (index + offsetStgCatchFrameHandler)
pure $
CatchFrame
{ info_tbl = info,
- exceptions_blocked = exceptions_blocked',
handler = handler'
}
UNDERFLOW_FRAME -> do
=====================================
libraries/ghc-heap/tests/stack_misc_closures.hs
=====================================
@@ -113,11 +113,10 @@ main = do
\case
CatchFrame {..} -> do
assertEqual (tipe info_tbl) CATCH_FRAME
- assertEqual exceptions_blocked 1
assertConstrClosure 1 handler
e -> error $ "Wrong closure type: " ++ show e
traceM "Test 4"
- testSize any_catch_frame# 3
+ testSize any_catch_frame# 2
traceM "Test 5"
test any_catch_stm_frame# $
\case
=====================================
libraries/ghc-heap/tests/stack_misc_closures_c.c
=====================================
@@ -25,7 +25,6 @@ void create_any_catch_frame(Capability *cap, StgStack *stack, StgWord w) {
StgCatchFrame *catchF = (StgCatchFrame *)stack->sp;
SET_HDR(catchF, &stg_catch_frame_info, CCS_SYSTEM);
StgClosure *payload = rts_mkWord(cap, w);
- catchF->exceptions_blocked = 1;
catchF->handler = payload;
}
=====================================
rts/Continuation.c
=====================================
@@ -374,12 +374,12 @@ StgClosure *captureContinuationAndAbort(Capability *cap, StgTSO *tso, StgPromptT
// 1. We walk the stack to find the prompt frame to capture up to (if any).
//
// 2. If we successfully find a matching prompt, we proceed with the actual
- // by allocating space for the continuation, performing the necessary
- // copying, and unwinding the stack.
+ // capture by allocating space for the continuation, performing the
+ // necessary copying, and unwinding the stack.
//
// These variables are modified in Phase 1 to keep track of how far we had to
// walk before finding the prompt frame. Afterwards, Phase 2 consults them to
- // determine how to proceed with the actual capture.
+ // determine how to proceed.
StgWord total_words = 0;
bool in_first_chunk = true;
=====================================
rts/Exception.cmm
=====================================
@@ -393,16 +393,14 @@ stg_killMyself
* kind of return to the activation record underneath us on the stack.
*/
-#define CATCH_FRAME_FIELDS(w_,p_,info_ptr,p1,p2,exceptions_blocked,handler) \
+#define CATCH_FRAME_FIELDS(w_,p_,info_ptr,p1,p2,handler) \
w_ info_ptr, \
PROF_HDR_FIELDS(w_,p1,p2) \
- w_ exceptions_blocked, \
p_ handler
INFO_TABLE_RET(stg_catch_frame, CATCH_FRAME,
- CATCH_FRAME_FIELDS(W_,P_,info_ptr, p1, p2,
- exceptions_blocked,handler))
+ CATCH_FRAME_FIELDS(W_,P_,info_ptr, p1, p2,handler))
return (P_ ret)
{
return (ret);
@@ -411,12 +409,7 @@ INFO_TABLE_RET(stg_catch_frame, CATCH_FRAME,
stg_catchzh ( P_ io, /* :: IO a */
P_ handler /* :: Exception -> IO a */ )
{
- W_ exceptions_blocked;
-
STK_CHK_GEN();
-
- exceptions_blocked =
- TO_W_(StgTSO_flags(CurrentTSO)) & (TSO_BLOCKEX | TSO_INTERRUPTIBLE);
TICK_CATCHF_PUSHED();
/* Apply R1 to the realworld token */
@@ -424,8 +417,7 @@ stg_catchzh ( P_ io, /* :: IO a */
TICK_SLOW_CALL_fast_v();
jump stg_ap_v_fast
- (CATCH_FRAME_FIELDS(,,stg_catch_frame_info, CCCS, 0,
- exceptions_blocked, handler))
+ (CATCH_FRAME_FIELDS(,,stg_catch_frame_info, CCCS, 0, handler))
(io);
}
@@ -599,26 +591,28 @@ retry_pop_stack:
frame = Sp;
if (frame_type == CATCH_FRAME)
{
+ // Note: if this branch is updated, there is a good chance that
+ // corresponding logic in `raiseAsync` must be updated to match!
+ // See Note [Apply the handler directly in raiseAsync] in RaiseAsync.c.
+
Sp = Sp + SIZEOF_StgCatchFrame;
- if ((StgCatchFrame_exceptions_blocked(frame) & TSO_BLOCKEX) == 0) {
+
+ W_ flags;
+ flags = TO_W_(StgTSO_flags(CurrentTSO));
+ if ((flags & TSO_BLOCKEX) == 0) {
Sp_adj(-1);
Sp(0) = stg_unmaskAsyncExceptionszh_ret_info;
}
/* Ensure that async exceptions are masked when running the handler.
- */
- StgTSO_flags(CurrentTSO) = %lobits32(
- TO_W_(StgTSO_flags(CurrentTSO)) | TSO_BLOCKEX | TSO_INTERRUPTIBLE);
-
- /* The interruptible state is inherited from the context of the
+ *
+ * The interruptible state is inherited from the context of the
* catch frame, but note that TSO_INTERRUPTIBLE is only meaningful
* if TSO_BLOCKEX is set. (we got this wrong earlier, and #4988
* was a symptom of the bug).
*/
- if ((StgCatchFrame_exceptions_blocked(frame) &
- (TSO_BLOCKEX | TSO_INTERRUPTIBLE)) == TSO_BLOCKEX) {
- StgTSO_flags(CurrentTSO) = %lobits32(
- TO_W_(StgTSO_flags(CurrentTSO)) & ~TSO_INTERRUPTIBLE);
+ if ((flags & (TSO_BLOCKEX | TSO_INTERRUPTIBLE)) != TSO_BLOCKEX) {
+ StgTSO_flags(CurrentTSO) = %lobits32(flags | TSO_BLOCKEX | TSO_INTERRUPTIBLE);
}
}
else /* CATCH_STM_FRAME */
=====================================
rts/RaiseAsync.c
=====================================
@@ -951,44 +951,36 @@ raiseAsync(Capability *cap, StgTSO *tso, StgClosure *exception,
case CATCH_FRAME:
// If we find a CATCH_FRAME, and we've got an exception to raise,
- // then build the THUNK raise(exception), and leave it on
- // top of the CATCH_FRAME ready to enter.
- //
+ // then set up the top of the stack to apply the handler;
+ // see Note [Apply the handler directly in raiseAsync].
{
- StgCatchFrame *cf = (StgCatchFrame *)frame;
- StgThunk *raise;
-
if (exception == NULL) break;
- // we've got an exception to raise, so let's pass it to the
- // handler in this frame.
- //
- raise = (StgThunk *)allocate(cap,sizeofW(StgThunk)+1);
- TICK_ALLOC_SE_THK(sizeofW(StgThunk)+1,0);
- SET_HDR(raise,&stg_raise_info,cf->header.prof.ccs);
- raise->payload[0] = exception;
+ StgClosure *handler = ((StgCatchFrame *)frame)->handler;
- // throw away the stack from Sp up to the CATCH_FRAME.
- //
- sp = frame - 1;
-
- /* Ensure that async exceptions are blocked now, so we don't get
- * a surprise exception before we get around to executing the
- * handler.
- */
- tso->flags |= TSO_BLOCKEX;
- if ((cf->exceptions_blocked & TSO_INTERRUPTIBLE) == 0) {
- tso->flags &= ~TSO_INTERRUPTIBLE;
- } else {
- tso->flags |= TSO_INTERRUPTIBLE;
+ // Throw away the stack from Sp up to and including the CATCH_FRAME.
+ sp = frame + stack_frame_sizeW((StgClosure *)frame);
+
+ // Unmask async exceptions after running the handler, if necessary.
+ if ((tso->flags & TSO_BLOCKEX) == 0) {
+ sp--;
+ sp[0] = (W_)&stg_unmaskAsyncExceptionszh_ret_info;
}
- /* Put the newly-built THUNK on top of the stack, ready to execute
- * when the thread restarts.
- */
- sp[0] = (W_)raise;
- sp[-1] = (W_)&stg_enter_info;
- stack->sp = sp-1;
+ // Ensure that async exceptions are masked while running the handler;
+ // see Note [Apply the handler directly in raiseAsync].
+ if ((tso->flags & (TSO_BLOCKEX | TSO_INTERRUPTIBLE)) != TSO_BLOCKEX) {
+ tso->flags |= TSO_BLOCKEX | TSO_INTERRUPTIBLE;
+ }
+
+ // Set up the top of the stack to apply the handler.
+ sp -= 4;
+ sp[0] = (W_)&stg_enter_info;
+ sp[1] = (W_)handler;
+ sp[2] = (W_)&stg_ap_pv_info;
+ sp[3] = (W_)exception;
+
+ stack->sp = sp;
RELAXED_STORE(&tso->what_next, ThreadRunGHC);
goto done;
}
@@ -1080,6 +1072,15 @@ raiseAsync(Capability *cap, StgTSO *tso, StgClosure *exception,
};
default:
+ // see Note [Update async masking state on unwind] in Schedule.c
+ if (*frame == (W_)&stg_unmaskAsyncExceptionszh_ret_info) {
+ tso->flags &= ~(TSO_BLOCKEX | TSO_INTERRUPTIBLE);
+ } else if (*frame == (W_)&stg_maskAsyncExceptionszh_ret_info) {
+ tso->flags |= TSO_BLOCKEX | TSO_INTERRUPTIBLE;
+ } else if (*frame == (W_)&stg_maskUninterruptiblezh_ret_info) {
+ tso->flags |= TSO_BLOCKEX;
+ tso->flags &= ~TSO_INTERRUPTIBLE;
+ }
break;
}
@@ -1098,3 +1099,26 @@ done:
return tso;
}
+
+/* Note [Apply the handler directly in raiseAsync]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+When we encounter a `catch#` frame while unwinding the stack due to an
+async exception, we need to set up the stack to resume execution by
+invoking the exception handler. One natural way to do it would be to
+simply place a `raise#` thunk on the top of the stack, ready to be
+entered. This would effectively convert the asynchronous exception to
+a synchronous one at a point where it’s known to be safe to do so.
+
+However, there is a danger to this strategy: if async exceptions are
+currently unmasked, it becomes possible for a second async exception
+to be delivered before we enter the application of `raise#`, which
+would result in the first exception being lost. The easiest way to
+prevent this race from happening is to have `raiseAsync` set up the
+stack to apply the handler directly, effectively emulating the
+behavior of `raise#`, as this allows exceptions to be preemptively
+masked before returning. This means `raiseAsync` must also push a
+frame to unmask async exceptions after the handler returns if
+necessary, just as `raise#` does.
+
+This strategy results in some logical duplication, but it is correct,
+and the duplicated logic is small enough to be acceptable. */
=====================================
rts/Schedule.c
=====================================
@@ -3019,19 +3019,6 @@ raiseExceptionHelper (StgRegTable *reg, StgTSO *tso, StgClosure *exception)
// thunks which are currently under evaluation.
//
- // OLD COMMENT (we don't have MIN_UPD_SIZE now):
- // LDV profiling: stg_raise_info has THUNK as its closure
- // type. Since a THUNK takes at least MIN_UPD_SIZE words in its
- // payload, MIN_UPD_SIZE is more appropriate than 1. It seems that
- // 1 does not cause any problem unless profiling is performed.
- // However, when LDV profiling goes on, we need to linearly scan
- // small object pool, where raise_closure is stored, so we should
- // use MIN_UPD_SIZE.
- //
- // raise_closure = (StgClosure *)RET_STGCALL1(P_,allocate,
- // sizeofW(StgClosure)+1);
- //
-
//
// Walk up the stack, looking for the catch frame. On the way,
// we update any closures pointed to from update frames with the
@@ -3094,12 +3081,52 @@ raiseExceptionHelper (StgRegTable *reg, StgTSO *tso, StgClosure *exception)
}
default:
+ // see Note [Update async masking state on unwind]
+ if (*p == (StgWord)&stg_unmaskAsyncExceptionszh_ret_info) {
+ tso->flags &= ~(TSO_BLOCKEX | TSO_INTERRUPTIBLE);
+ } else if (*p == (StgWord)&stg_maskAsyncExceptionszh_ret_info) {
+ tso->flags |= TSO_BLOCKEX | TSO_INTERRUPTIBLE;
+ } else if (*p == (StgWord)&stg_maskUninterruptiblezh_ret_info) {
+ tso->flags |= TSO_BLOCKEX;
+ tso->flags &= ~TSO_INTERRUPTIBLE;
+ }
p = next;
continue;
}
}
}
+/* Note [Update async masking state on unwind]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+When we raise an exception or capture a continuation, we unwind the
+stack by searching for an enclosing `catch#` or `prompt#` frame. If we
+unwind past frames intended to restore the async exception masking
+state, we must take care to reproduce their intended effect in order
+to ensure that async exceptions are properly unmasked or remasked.
+
+On paper, this seems as simple as updating `tso->flags` appropriately,
+but in fact there is one additional wrinkle: when async exceptions are
+*unmasked*, we must eagerly check for a pending async exception and
+raise it if necessary. This is not terribly involved, but it’s not
+trivial, either (see the definition of `stg_unmaskAsyncExceptionszh_ret`),
+so we’d prefer to avoid duplicating that logic in several places.
+
+Fortunately, when we’re unwinding the stack due to a raised exception,
+this detail is actually unimportant: `catch#` implicitly masks async
+exceptions while running the handler as we explicitly *don’t* want the
+thread to be interrupted before it has a chance to handle the
+exception. However, when capturing a continuation, we don’t have this
+luxury, so we take two different strategies:
+
+* When unwinding the stack due to a raised exception (synchonrous or
+ asynchronous), we just update `tso->flags` directly and take no
+ further action.
+
+* When unwinding the stack due to a continuation capture, we update
+ the masking state *indirectly* by pushing an appropriate frame onto
+ the stack before we return. This strategy is described at length
+ in Note [Continuations and async exception masking] in Continuation.c. */
+
/* -----------------------------------------------------------------------------
findRetryFrameHelper
=====================================
rts/include/rts/storage/Closures.h
=====================================
@@ -281,7 +281,6 @@ typedef struct {
// Closure types: CATCH_FRAME
typedef struct {
StgHeader header;
- StgWord exceptions_blocked;
StgClosure *handler;
} StgCatchFrame;
=====================================
testsuite/tests/rts/continuations/T23513.hs
=====================================
@@ -0,0 +1,36 @@
+-- This test checks that restoring a continuation that captures a CATCH frame
+-- properly adjusts the async exception masking state.
+
+import Control.Exception
+import Data.IORef
+
+import ContIO
+
+data E = E deriving (Show)
+instance Exception E
+
+printMaskingState :: IO ()
+printMaskingState = print =<< getMaskingState
+
+main :: IO ()
+main = do
+ tag <- newPromptTag
+ ref <- newIORef Nothing
+ mask_ $ prompt tag $
+ catch (control0 tag $ \k ->
+ writeIORef ref (Just k))
+ (\E -> printMaskingState)
+ Just k <- readIORef ref
+
+ let execute_test = do
+ k (printMaskingState *> throwIO E)
+ printMaskingState
+
+ putStrLn "initially unmasked:"
+ execute_test
+
+ putStrLn "\ninitially interruptibly masked:"
+ mask_ execute_test
+
+ putStrLn "\ninitially uninterruptibly masked:"
+ uninterruptibleMask_ execute_test
=====================================
testsuite/tests/rts/continuations/T23513.stdout
=====================================
@@ -0,0 +1,14 @@
+initially unmasked:
+Unmasked
+MaskedInterruptible
+Unmasked
+
+initially interruptibly masked:
+MaskedInterruptible
+MaskedInterruptible
+MaskedInterruptible
+
+initially uninterruptibly masked:
+MaskedUninterruptible
+MaskedUninterruptible
+MaskedUninterruptible
=====================================
testsuite/tests/rts/continuations/all.T
=====================================
@@ -7,3 +7,5 @@ test('cont_exn_masking', [extra_files(['ContIO.hs'])], multimod_compile_and_run,
test('cont_missing_prompt_err', [extra_files(['ContIO.hs']), exit_code(1)], multimod_compile_and_run, ['cont_missing_prompt_err', ''])
test('cont_nondet_handler', [extra_files(['ContIO.hs'])], multimod_compile_and_run, ['cont_nondet_handler', ''])
test('cont_stack_overflow', [extra_files(['ContIO.hs'])], multimod_compile_and_run, ['cont_stack_overflow', '-with-rtsopts "-ki1k -kc2k -kb256"'])
+
+test('T23513', [extra_files(['ContIO.hs'])], multimod_compile_and_run, ['T23513', ''])
=====================================
utils/deriveConstants/Main.hs
=====================================
@@ -484,7 +484,6 @@ wanteds os = concat
,closureField Both "StgOrigThunkInfoFrame" "info_ptr"
,closureField C "StgCatchFrame" "handler"
- ,closureField C "StgCatchFrame" "exceptions_blocked"
,structSize C "StgRetFun"
,fieldOffset C "StgRetFun" "size"
View it on GitLab: https://gitlab.haskell.org/ghc/ghc/-/commit/8b61dfd6dfc78bfa6bb9449dac9a336e5d668b5e
--
View it on GitLab: https://gitlab.haskell.org/ghc/ghc/-/commit/8b61dfd6dfc78bfa6bb9449dac9a336e5d668b5e
You're receiving this email because of your account on gitlab.haskell.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.haskell.org/pipermail/ghc-commits/attachments/20230919/3fd93317/attachment-0001.html>
More information about the ghc-commits
mailing list