<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><br class=""><div><blockquote type="cite" class=""><div class="">On 28 Sep 2017, at 03:47, David Blaikie <<a href="mailto:dblaikie@gmail.com" class="">dblaikie@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" style="font-family: HelveticaNeue; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><br class=""><br class=""><div class="gmail_quote"><div dir="ltr" class="">On Wed, Sep 20, 2017 at 6:15 PM Dean Michael Berris via Phabricator <<a href="mailto:reviews@reviews.llvm.org" class="">reviews@reviews.llvm.org</a>> wrote:<br class=""></div><blockquote class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left-width: 1px; border-left-style: solid; border-left-color: rgb(204, 204, 204); padding-left: 1ex;">dberris added a comment.<br class=""><br class="">Thanks for the review!<br class=""><br class=""><br class=""><br class="">================<br class="">Comment at: lib/xray/xray_fdr_logging_impl.h:110<br class=""> // call so that it can be initialized on first use instead of as a global.<br class="">-struct ThreadLocalData {<br class="">+struct alignas(64) ThreadLocalData {<br class=""> BufferQueue::Buffer Buffer;<br class="">----------------<br class="">dblaikie wrote:<br class="">> Presumably this should use LLVM_ALIGNAS?<br class="">><br class="">> Is this related to the rest of the patch, if so, how? Is it for correctness or performance?<br class="">It's related in that we'd like to use aligned uninitialised storage to store one of these objects. We'd the buffer to not only be correctly sized but also aligned correctly, </blockquote><blockquote class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left-width: 1px; border-left-style: solid; border-left-color: rgb(204, 204, 204); padding-left: 1ex;">since we're going to interpret the buffer's address as a different type (punning? aliasing?</blockquote><div class=""><br class="">Not sure I follow, the buffer:<br class=""><br class=""> thread_local std::aligned_storage<sizeof(ThreadLocalData),<br class=""> alignof(ThreadLocalData)>::type TLSBuffer;<br class=""><br class="">is requested to be of the appropriate alignment for ThreadLocalData? So why would ThreadLocalData need to request any specific alignment itself?<br class=""><br class=""></div></div></div></div></blockquote><div><br class=""></div><div>I thought you'd need the specific alignment so that pointers of the type would be properly aligned -- thus helping the compiler decide more appropriate aligned versions of the operations on members. If that's not the case, then that's fine.</div><br class=""><blockquote type="cite" class=""><div class=""><div dir="ltr" style="font-family: HelveticaNeue; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><div class="gmail_quote"><div class="">Or do you mean the contents of the Buffer member will be used to store other things? Then perhaps it'd be more appropriate to put the alignment attribute on the member? (& an assert somewhere that compares the alignment of the thing being stored with the alignment of the buffer itself).<br class=""> </div><blockquote class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left-width: 1px; border-left-style: solid; border-left-color: rgb(204, 204, 204); padding-left: 1ex;">I can never get the right terminology for that). The performance benefit is a side-effect of the correctness issue (since we have non-trivially destructible things in it).<br class=""><br class="">BTW, I can't use LLVM_ALIGNAS because that seems to be undefined in compiler-rt. :/<br class=""></blockquote><div class=""><br class="">Is using the attribute directly sufficiently portable for compiler-rt? Are there other uses of alignment in compiler-rt to compare/check against?<br class=""> </div></div></div></div></blockquote><div><br class=""></div><div>It's C++11, and all of compiler-rt seems to be written with the requirement of C++11 so it's suitably portable that way. Removed it anyway.</div><br class=""><blockquote type="cite" class=""><div class=""><div dir="ltr" style="font-family: HelveticaNeue; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><div class="gmail_quote"><blockquote class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left-width: 1px; border-left-style: solid; border-left-color: rgb(204, 204, 204); padding-left: 1ex;"><br class=""><br class="">================<br class="">Comment at: lib/xray/xray_fdr_logging_impl.h:145<br class="">+// the FDR logging implementation. The implementation details require a bit of<br class="">+// care to maintain, so document the semantics that we want to achieve here.<br class="">+//<br class="">----------------<br class="">dblaikie wrote:<br class="">> "so document the semantics that we want to achieve here" seems weird - that sounds like a patch note or feature request (& somewhat redundant, it feels like - the reader can probably see that the semantics are documented below), rather than a statement of fact.<br class="">><br class="">> "the semantics are documented below" or maybe "The following semantics are intended:" or skip this comment entirely? Not sure.<br class="">I like skipping it. Stream of consciousness comments at the end of the day don't come out very well. :)<br class=""><br class=""><br class="">================<br class="">Comment at: lib/xray/xray_fdr_logging_impl.h:175-183<br class="">+// We're doing this to avoid using a `thread_local` object that has a<br class="">+// non-trivial destructor, because the C++ runtime might call std::malloc(...)<br class="">+// to register calls to destructors. Deadlocks may arise when, for example, an<br class="">+// externally provided malloc implementation is XRay instrumented, and<br class="">+// initializing the thread-locals involves calling into malloc. A malloc<br class="">+// implementation that does global synchronization might be holding a lock for a<br class="">+// critical section, calling a function that might be XRay instrumented (and<br class="">----------------<br class="">dblaikie wrote:<br class="">> Maybe this goes into more detail than needed if the XRay runtime in general shouldn't be using the standard library for all these reasons - that's a general requirement that wouldn't need to be rejustified at every use case/implementation detail?<br class="">This is specifically for the function, since the original implementation (and the potentially more obvious solution) uses a thread-exit guard type (i.e. RAII but using a thread-local). Other parts of the implementation have avoided using memory allocation routines because of performance reasons but not entirely for correctness.<br class=""><br class=""><br class="">================<br class="">Comment at: lib/xray/xray_fdr_logging_impl.h:190-191<br class="">+ thread_local pthread_once_t key_once = PTHREAD_ONCE_INIT;<br class="">+ thread_local std::aligned_storage<sizeof(ThreadLocalData),<br class="">+ alignof(ThreadLocalData)>::type TLSBuffer;<br class="">+ // Ensure that we only actually ever do the pthread initialization once.<br class="">----------------<br class="">dblaikie wrote:<br class="">> Seems the goal in general was/is to move away from C++ standard library usage in the runtime library, right? Is there an attempt to pick and choose which parts can be relied upon, or is the overall goal to actually remove C++ standard library usage entirely, like other parts of compiler-rt?<br class="">><br class="">> If not, then maybe std::aligned_union<1, ThreadLocalData> might be marginally simpler here, but only marginally. (& I wouldn't say it's strictly better - since a union of only one thing is a bit strange)<br class="">I think I should document why we're using a thread-local uninitialized memory at all in this situation. :)<br class=""><br class="">First, the type ThreadLocalData isn't trivially destructable. If this was a thread_local object,</blockquote><div class=""><br class="">I wasn't intending to suggest using a thread_local object, but replacing the aligned_storage with aligned_union?<br class=""> </div></div></div></div></blockquote><div><br class=""></div><div>Just read up on std::aligned_union, it seems it's overkill for this case as it's equivalent to just the aligned storage. Used std::aligned_union anyway if that's more common to use than std::aligned_storage.</div><br class=""><blockquote type="cite" class=""><div class=""><div dir="ltr" style="font-family: HelveticaNeue; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><div class="gmail_quote"><blockquote class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left-width: 1px; border-left-style: solid; border-left-color: rgb(204, 204, 204); padding-left: 1ex;">we end up with the same problem we had in the first place -- having a thread_local object with a non-trivial destructor may cause the C++ runtime to call std::malloc(...) and introduce a deadlock when initialising the implementation as well as when destroying the object at thread-exit time.<br class=""><br class="">Second, having uninitialised buffer space makes the initialisation of the memory trivial. We do want uninitialised bytes because we don't need to zero out the bytes, since we're going to initialize it once using placement new anyway.<br class=""></blockquote><div class=""><br class="">I would imagine the union's probably uninitialized too?<br class=""> </div></div></div></div></blockquote><div><br class=""></div><div>The docs on std::aligned_union suggest you're right. But now it does look a little weird that it's a union with just one type.</div><br class=""><blockquote type="cite" class=""><div class=""><div dir="ltr" style="font-family: HelveticaNeue; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><div class="gmail_quote"><blockquote class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left-width: 1px; border-left-style: solid; border-left-color: rgb(204, 204, 204); padding-left: 1ex;"><br class="">So unfortunately, this is the solution that works and fits within the requirements we laid out. Updated with a bit more documentation on specifically why we're using an uninitialised aligned buffer. :)<br class=""><br class="">Removing the dependency on standard C++ library things that have runtime issues I think is a good goal, but is orthogonal to this particular change (since really we're just avoiding the use of `thread_local` non-trivially destructible objects).<br class=""></blockquote><div class=""><br class="">Is that philosophy consistent with the rest of compiler-rt? Picking bits of the standard library that are known/expected not to allocate or use other 'interesting' functions?<br class=""> </div></div></div></div></blockquote><div><br class=""></div><div>I'm not sure whether that's written down somewhere that I can read as policy (I sure haven't seen anything to that effect) or whether that's something I'd need to infer myself. For XRay, it's one of convenience -- if we can use something in the standard library for making things simpler, i.e. like using the algorithms and some utility types, then that should be fair game.</div><div><br class=""></div><div>Systematically removing the dependency on containers or things that have runtime components seem to be the minimum required to make this work without severely limiting the available tools we have from the STL. This change doesn't involve much of the STL aside from the aligned storage types. The avoidance of nontrivially destructible thread_local objects has more to do with the deadlock avoidance than anything else.</div></div></body></html>