This is the mail archive of the
libstdc++@gcc.gnu.org
mailing list for the libstdc++ project.
Re: State of support for the ISO C++ Transactional Memory TS and remanining work
- From: Szabolcs Nagy <szabolcs dot nagy at arm dot com>
- To: Torvald Riegel <triegel at redhat dot com>, libstdc++ <libstdc++ at gcc dot gnu dot org>
- Cc: GCC Patches <gcc-patches at gcc dot gnu dot org>, Jonathan Wakely <jwakely at redhat dot com>, Jason Merrill <jason at redhat dot com>
- Date: Tue, 10 Nov 2015 17:26:29 +0000
- Subject: Re: State of support for the ISO C++ Transactional Memory TS and remanining work
- Authentication-results: sourceware.org; auth=none
- References: <1447028347 dot 7192 dot 118 dot camel at localhost dot localdomain>
On 09/11/15 00:19, Torvald Riegel wrote:
Hi,
I'd like to summarize the current state of support for the TM TS, and
outline the current plan for the work that remains to complete the
support.
I'm aware we're at the end of stage 1, but I'm confident we can still
finish this work and hope to include it in GCC 6 because:
(1) most of the support is already in GCC, and we have a big head start
in the space of TM so it would be unfortunate to not waste that by not
delivering support for the TM TS,
(2) this is a TS and support for it is considered experimental,
(3) most of the affected code is in libitm or the compiler's TM passes,
which has to be enabled explicitly by the user.
Currently, we have complete support for the syntax and all necessary
instrumentation except the exception handling bits listed below. libitm
has a good set of STM and HTM-based algorithms.
What is missing on the compiler side is essentially a change of how we
support atomic_noexcept and atomic_cancel, in particular exception
handling. Instead of just using a finally block as done currently, the
compiler need to build a catch clause so that it can actively intercept
exceptions that escape an atomic_noexcept or atomic_cancel. For
atomic_noexcept, the compiler needs to include a call to abort() in the
catch clause.
For atomic_cancel, it needs to call ITM_commitTransactionEH in the catch
clause, and use NULL as exception argument. This can then be used by
libitm to look at the currently being handled exception and (a) check
whether the type support transaction cancellation as specified by the TS
and (b) pick out the allocations that belong to this exception and roll
back everything else before rethrowing this exception.
For (a), it's probably best to place this check into libstdc++
(specifically, libsupc++ I suppose) because support for transaction
cancellation is a property that library parts of the standard (or the
TS) require, and that has to match the implementation in libstdc++.
Attached is a patch by Jason that implements this check. This adds one
symbol, which should be okay we hope.
does that mean libitm will depend on libstdc++?
i think the tm runtime should not depend on c++,
so it is usable from c code.
For (b), our plan is to track the additional allocations that happen
when during construction of the exception types that support
cancellation (eg, creating the what() string for logic_error). There
are several ways to do that, one of that being that we create custom
transactional clones of those constructors that tell libitm that either
such a constructor is currently running or explicitly list the
allocations that have been made by the constructor; eventually, we would
always (copy) construct into memory returned by cxa_allocate_exception,
which then makes available the necessary undo information when such an
exception is handled in libitm.
The other big piece of missing support is making sure that the functions
that are specified in the TS as transaction_safe are indeed that. I
believe we do not need to actually add such annotations to any libstdc++
functions that are already transaction-safe and completely defined in
headers -- those functions are implicitly transaction-safe, and we can
thus let the compiler isntrument them at the point of use inside of a
transaction.
If a supposedly transaction-safe function is not defined in a header,
we'd need a transaction_safe annotation at the declaration. Jason has
implemented the TM TS feature test macro, so we can only add the
annotation if the user has enabled support for the TM TS in the
respective compilation process.
sounds ugly: the function type (transaction-safety)
depends on the visibility of the definition..
We also need ensure that there is a transaction clode of the function.
This will add symbols to libstdc++, but these all have their own special
prefix in the mangled name. I'd like to get feedback on how to best
trigger the insturmentation and make it a part of a libstdc++ build.
(If that would show to be too problematic, we could still fall back to
writing transacitonal clones manually.)
For the clones of the constructors of the types that support
cancellation, I suppose manually written clones might be easier than
automatic instrumentation.
I've not yet created tests for the full list of functions specified as
transaction-safe in the TS, but my understanding is that this list was
created after someone from the ISO C++ TM study group looked at libstdc
++'s implementation and investigated which functions might be feasible
to be declared transaction-safe in it.
is that list available somewhere?
libitm seems to try to allow allocating functions in
transactions, but syscalls are not supposed to be
transaction safe.
are allocating functions prohibited?
I'm looking forward to your feedback.
Thanks,
Torvald
i'm not familiar with libitm, but i see several implementation
issues:
xmalloc
the runtime exits on memory allocation failure,
so it is not possible to use it safely.
(i think it should be possible to roll back the
transaction in case of internal allocation failure
and retry with a strategy that does not need dynamic
allocation).
GTM_error, GTM_fatal
the runtime may print error messages to stderr.
stderr is owned by the application.
hw details
i'm not sure if cacheline size is just an optimization
here or if the hw tm implementations depend on it.
detecting such details correctly at runtime can be ugly..
(the ppc/s390 code call getauxval, that is not in the
iso c/c++ implementation reserved namespace.)
uint64_t GTM::gtm_spin_count_var = 1000;
i guess this was supposed to be tunable.
it seems libitm needs some knobs (strategy, retries,
spin counts), but there is no easy way to adapt these
for a target/runtime environment.
memory footprint
there is large amount of global data, e.g.
#define LOCK_ARRAY_SIZE (1024 * 1024)
extern gtm_stmlock gtm_stmlock_array[LOCK_ARRAY_SIZE];
..and per thread data in gtm_thread with unbounded undolog
and nested transaction checkpoints.
stack_top/bottom
when filtering out memory operations during rollback
that would change the stack:
if there are objects immediately below the stack then sp-256
is not a valid limit, but i think it makes sense to expect
at least one guard page there + space for signal delivery
and then 256 can be bigger (e.g. PAGE_SIZE).
sys_futex0
i'm not sure why this has arch specific implementations
for some targets but not others. (syscall is not in the
implementation reserved namespace).
gtm_futex_wait/wake are updated in a non-atomic way.
these are the issues i noticed that may matter if this
is going to be a supported compiler runtime.