RFC: Isolated state concurrency in C++
11 views
Skip to first unread message
Yifei Teng
Feb 16, 2023, 5:09:11 PM2/16/23
to eng-council-discuss
Hi folks,
Please take a look at this RFC I've written about following a set of patterns to reduce use-after-free and data races in C++:
Thanks,
Yifei
Yifei Teng
Feb 16, 2023, 6:05:27 PM2/16/23
to eng-council-discuss
My previous email was probably too terse a description so here's a more complete summary, powered by ChatGPT:
Fuchsia C++ code has multiple threading models which cause memory corruption errors and make debugging code difficult. The proposal suggests that most asynchronous Fuchsia C++ code adopt "isolated state concurrency" which means each object is never accessed from two threads concurrently. This proposal will be achieved via async framework improvements, establishing guidelines, FIDL, component, driver runtime libraries, documentation and examples. Adopting this proposal will simplify reasoning about asynchronous code and reduce the likelihood of data races and use-after-frees, especially in driver components. The proposal calls for a few migrations, each with a backstop mechanism and a soft migration plan. This proposal calls for the associated dispatcher of an async object to be a synchronized dispatcher and to use async::synchronization_checker to check this invariant at runtime. Async objects should not be accessed concurrently. The API for scheduling an asynchronous operation must provide a facility to cancel the call via RAII.
Thanks,
Fuchsia C++ code has multiple threading models which cause memory corruption errors and make debugging code difficult. The proposal suggests that most asynchronous Fuchsia C++ code adopt "isolated state concurrency" which means each object is never accessed from two threads concurrently. This proposal will be achieved via async framework improvements, establishing guidelines, FIDL, component, driver runtime libraries, documentation and examples. Adopting this proposal will simplify reasoning about asynchronous code and reduce the likelihood of data races and use-after-frees, especially in driver components. The proposal calls for a few migrations, each with a backstop mechanism and a soft migration plan. This proposal calls for the associated dispatcher of an async object to be a synchronized dispatcher and to use async::synchronization_checker to check this invariant at runtime. Async objects should not be accessed concurrently. The API for scheduling an asynchronous operation must provide a facility to cancel the call via RAII.
Thanks,
Yifei
Yifei Teng
Mar 10, 2023, 6:10:34 PM3/10/23
to eng-council-discuss, Yifei Teng
Hi! I've started iterating on this RFC and added a few stakeholders. May I request to move the "Isolated state async C++" RFC to the Iterate status?
Thanks,
Yifei
Adam Barth
Mar 10, 2023, 6:20:29 PM3/10/23
to Yifei Teng, eng-council-discuss
Done!
--
All posts must follow the Fuchsia Code of Conduct https://fuchsia.dev/fuchsia-src/CODE_OF_CONDUCT or may be removed.
---
You received this message because you are subscribed to the Google Groups "eng-council-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to eng-council-dis...@fuchsia.dev.
To view this discussion on the web visit https://groups.google.com/a/fuchsia.dev/d/msgid/eng-council-discuss/f5d670c1-2659-4faf-92be-81dc0c27a508n%40fuchsia.dev.
Reply all
Reply to author
Forward
0 new messages