ABA problem - Wikipedia

Jump to content

Search

Search

Donate

Create account

Log in

Personal tools

Donate

Create account

Log in

ABA problem

3 languages

日本語<br>Polski<br>Русский

Edit links

From Wikipedia, the free encyclopedia

Multithreading computing anomaly

In multithreaded computing, the ABA problem occurs during synchronization, when a location is read twice, has the same value for both reads, and the read value being the same twice is used to conclude that nothing has happened in the interim; however, another thread can execute between the two reads and change the value, do other work, then change the value back, thus fooling the first thread into thinking nothing has changed even though the second thread did work that violates that assumption.

The ABA problem occurs when multiple threads (or processes) accessing shared data interleave. Below is a sequence of events that illustrates the ABA problem:

Process

{\displaystyle P_{1}}

reads value A from some shared memory location,

{\displaystyle P_{1}}

is preempted, allowing process

{\displaystyle P_{2}}

to run,

{\displaystyle P_{2}}

writes value B to the shared memory location

{\displaystyle P_{2}}

writes value A to the shared memory location

{\displaystyle P_{2}}

is preempted, allowing process

{\displaystyle P_{1}}

to run,

{\displaystyle P_{1}}

reads value A from the shared memory location,

{\displaystyle P_{1}}

determines that the shared memory value has not changed and continues.

Although

{\displaystyle P_{1}}

can continue executing, it is possible that the behavior will not be correct due to the "hidden" modification in shared memory.

A common case of the ABA problem is encountered when implementing a lock-free data structure. If an item is removed from the list, deleted, and then a new item is allocated and added to the list, it is common for the allocated object to be at the same location as the deleted object due to MRU memory allocation. A pointer to the new item is thus often equal to a pointer to the old item, causing an ABA problem.

Examples<br>[edit]

Consider a software example (written in C++) of ABA using a lock-free stack:

/* Naive lock-free stack which suffers from ABA problem.*/<br>class Stack {<br>std::atomicObj*> top_ptr;<br>//<br>// Pops the top object and returns a pointer to it.<br>//<br>Obj* Pop() {<br>while (1) {<br>Obj* ret_ptr = top_ptr;<br>if (ret_ptr == nullptr) return nullptr;<br>// For simplicity, suppose that we can ensure that this dereference is safe<br>// (i.e., that no other thread has popped the stack in the meantime).<br>Obj* next_ptr = ret_ptr->next;<br>// If the top node is still ret, then assume no one has changed the stack.<br>// (That statement is not always true because of the ABA problem)<br>// Atomically replace top with next.<br>if (top_ptr.compare_exchange_weak(ret_ptr, next_ptr)) {<br>return ret_ptr;<br>// The stack has changed, start over.<br>//<br>// Pushes the object specified by obj_ptr to stack.<br>//<br>void Push(Obj* obj_ptr) {<br>while (1) {<br>Obj* next_ptr = top_ptr;<br>obj_ptr->next = next_ptr;<br>// If the top node is still next, then assume no one has changed the stack.<br>// (That statement is not always true because of the ABA problem)<br>// Atomically replace top with obj.<br>if (top_ptr.compare_exchange_weak(next_ptr, obj_ptr)) {<br>return;<br>// The stack has changed, start over.<br>};

This code can normally prevent problems from concurrent access, but suffers from ABA problems. Consider the following sequence:

Stack initially contains top → A → B → C

Thread 1 starts running pop:

ret_ptr = A;<br>next_ptr = B;

Thread 1 gets interrupted just before the compare_exchange_weak...

{ // Thread 2 runs pop:<br>ret_ptr = A;<br>next_ptr = B;<br>top_ptr.compare_exchange_weak(A, B) // Success, top = B<br>return A;<br>} // Now the stack is top → B → C<br>{ // Thread 2 runs pop again:<br>ret_ptr = B;<br>next_ptr = C;<br>top_ptr.compare_exchange_weak(B, C) // Success, top = C<br>return B;<br>} // Now the stack is top → C<br>delete B;<br>{ // Thread 2 now pushes A back onto the stack:<br>A->next_ptr = C;<br>top_ptr.compare_exchange_weak(C, A) // Success, top = A

Now the stack is top → A → C

When Thread 1 resumes:

compare_exchange_weak(A, B)

This instruction succeeds because it finds top == ret_ptr (both are A), so it sets top to next_ptr (which is B). As B has been deleted the program will access freed memory when it tries to look at the first element on the stack. In C++, as shown here, accessing freed memory is undefined behavior: this may result in crashes, data corruption or even just silently appear to work correctly. ABA bugs such as this can be difficult to debug.

Workarounds<br>[edit]

Tagged state reference<br>[edit]

A common workaround is to add extra "tag" or "stamp" bits to the quantity being considered. For example, an algorithm using compare and swap (CAS) on a pointer might use the low bits of the address to indicate how many times the pointer has been successfully modified. Because of this, the next compare-and-swap will fail, even if the addresses are the same, because the tag bits will not...