dnrops
/
rust
mirror of https://github.com/rust-lang/rust.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Auto merge of #116123 - joboet:rewrite_native_tls, r=m-ou-se 

Rewrite native thread-local storage

(part of #110897)

The current native thread-local storage implementation has become quite messy, uses indescriptive names and unnecessarily adds code to the macro expansion. This PR tries to fix that by using a new implementation that also allows more layout optimizations and potentially increases performance by eliminating unnecessary TLS accesses.

This does not change the recursive initialization behaviour I described in [this comment](https://github.com/rust-lang/rust/issues/110897#issuecomment-1525705682), so it should be a library-only change. Changing that behaviour should be quite easy now, however.

r? `@m-ou-se`
`@rustbot` label +T-libs
This commit is contained in:
bors 2024-05-23 14:53:41 +00:00
parent ed172dbbaf 60bf1ab466
commit 9c8a58fdb8
10 changed files with 331 additions and 332 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

247
library/std/src/sys/thread_local/fast_local.rs
View File

@ -1,247 +0,0 @@
use super::lazy::LazyKeyInner;
use crate::cell::Cell;
use crate::sys::thread_local_dtor::register_dtor;
use crate::{fmt, mem, panic, ptr};
#[doc(hidden)]
#[allow_internal_unstable(thread_local_internals, cfg_target_thread_local, thread_local)]
#[allow_internal_unsafe]
#[unstable(feature = "thread_local_internals", issue = "none")]
#[rustc_macro_transparency = "semitransparent"]
pub macro thread_local_inner {
// used to generate the `LocalKey` value for const-initialized thread locals
(@key $t:ty, const $init:expr) => {{
#[inline]
#[deny(unsafe_op_in_unsafe_fn)]
unsafe fn __getit(
_init: $crate::option::Option<&mut $crate::option::Option<$t>>,
) -> $crate::option::Option<&'static $t> {
const INIT_EXPR: $t = $init;
// If the platform has support for `#[thread_local]`, use it.
#[thread_local]
// We use `UnsafeCell` here instead of `static mut` to ensure any generated TLS shims
// have a nonnull attribute on their return value.
static VAL: $crate::cell::UnsafeCell<$t> = $crate::cell::UnsafeCell::new(INIT_EXPR);
// If a dtor isn't needed we can do something "very raw" and
// just get going.
if !$crate::mem::needs_drop::<$t>() {
unsafe {
return $crate::option::Option::Some(&*VAL.get())
}
}
// 0 == dtor not registered
// 1 == dtor registered, dtor not run
// 2 == dtor registered and is running or has run
#[thread_local]
static STATE: $crate::cell::Cell<$crate::primitive::u8> = $crate::cell::Cell::new(0);
// Safety: Performs `drop_in_place(ptr as *mut $t)`, and requires
// all that comes with it.
unsafe extern "C" fn destroy(ptr: *mut $crate::primitive::u8) {
$crate::thread::local_impl::abort_on_dtor_unwind(|| {
let old_state = STATE.replace(2);
$crate::debug_assert_eq!(old_state, 1);
// Safety: safety requirement is passed on to caller.
unsafe { $crate::ptr::drop_in_place(ptr.cast::<$t>()); }
});
}
unsafe {
match STATE.get() {
// 0 == we haven't registered a destructor, so do
// so now.
0 => {
$crate::thread::local_impl::Key::<$t>::register_dtor(
VAL.get() as *mut $crate::primitive::u8,
destroy,
);
STATE.set(1);
$crate::option::Option::Some(&*VAL.get())
}
// 1 == the destructor is registered and the value
// is valid, so return the pointer.
1 => $crate::option::Option::Some(&*VAL.get()),
// otherwise the destructor has already run, so we
// can't give access.
_ => $crate::option::Option::None,
}
}
}
unsafe {
$crate::thread::LocalKey::new(__getit)
}
}},
// used to generate the `LocalKey` value for `thread_local!`
(@key $t:ty, $init:expr) => {
{
#[inline]
fn __init() -> $t { $init }
#[inline]
unsafe fn __getit(
init: $crate::option::Option<&mut $crate::option::Option<$t>>,
) -> $crate::option::Option<&'static $t> {
#[thread_local]
static __KEY: $crate::thread::local_impl::Key<$t> =
$crate::thread::local_impl::Key::<$t>::new();
unsafe {
__KEY.get(move || {
if let $crate::option::Option::Some(init) = init {
if let $crate::option::Option::Some(value) = init.take() {
return value;
}
if $crate::cfg!(debug_assertions) {
$crate::unreachable!("missing default value");
}
}
__init()
})
}
}
unsafe {
$crate::thread::LocalKey::new(__getit)
}
}
},
($(#[$attr:meta])* $vis:vis $name:ident, $t:ty, $($init:tt)*) => {
$(#[$attr])* $vis const $name: $crate::thread::LocalKey<$t> =
$crate::thread::local_impl::thread_local_inner!(@key $t, $($init)*);
},
}
#[derive(Copy, Clone)]
enum DtorState {
Unregistered,
Registered,
RunningOrHasRun,
}
// This data structure has been carefully constructed so that the fast path
// only contains one branch on x86. That optimization is necessary to avoid
// duplicated tls lookups on OSX.
//
// LLVM issue: https://bugs.llvm.org/show_bug.cgi?id=41722
pub struct Key<T> {
// If `LazyKeyInner::get` returns `None`, that indicates either:
// * The value has never been initialized
// * The value is being recursively initialized
// * The value has already been destroyed or is being destroyed
// To determine which kind of `None`, check `dtor_state`.
//
// This is very optimizer friendly for the fast path - initialized but
// not yet dropped.
inner: LazyKeyInner<T>,
// Metadata to keep track of the state of the destructor. Remember that
// this variable is thread-local, not global.
dtor_state: Cell<DtorState>,
}
impl<T> fmt::Debug for Key<T> {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.debug_struct("Key").finish_non_exhaustive()
}
}
impl<T> Key<T> {
pub const fn new() -> Key<T> {
Key { inner: LazyKeyInner::new(), dtor_state: Cell::new(DtorState::Unregistered) }
}
// note that this is just a publicly-callable function only for the
// const-initialized form of thread locals, basically a way to call the
// free `register_dtor` function defined elsewhere in std.
pub unsafe fn register_dtor(a: *mut u8, dtor: unsafe extern "C" fn(*mut u8)) {
unsafe {
register_dtor(a, dtor);
}
}
pub unsafe fn get<F: FnOnce() -> T>(&self, init: F) -> Option<&'static T> {
// SAFETY: See the definitions of `LazyKeyInner::get` and
// `try_initialize` for more information.
//
// The caller must ensure no mutable references are ever active to
// the inner cell or the inner T when this is called.
// The `try_initialize` is dependant on the passed `init` function
// for this.
unsafe {
match self.inner.get() {
Some(val) => Some(val),
None => self.try_initialize(init),
}
}
}
// `try_initialize` is only called once per fast thread local variable,
// except in corner cases where thread_local dtors reference other
// thread_local's, or it is being recursively initialized.
//
// Macos: Inlining this function can cause two `tlv_get_addr` calls to
// be performed for every call to `Key::get`.
// LLVM issue: https://bugs.llvm.org/show_bug.cgi?id=41722
#[inline(never)]
unsafe fn try_initialize<F: FnOnce() -> T>(&self, init: F) -> Option<&'static T> {
// SAFETY: See comment above (this function doc).
if !mem::needs_drop::<T>() || unsafe { self.try_register_dtor() } {
// SAFETY: See comment above (this function doc).
Some(unsafe { self.inner.initialize(init) })
} else {
None
}
}
// `try_register_dtor` is only called once per fast thread local
// variable, except in corner cases where thread_local dtors reference
// other thread_local's, or it is being recursively initialized.
unsafe fn try_register_dtor(&self) -> bool {
match self.dtor_state.get() {
DtorState::Unregistered => {
// SAFETY: dtor registration happens before initialization.
// Passing `self` as a pointer while using `destroy_value<T>`
// is safe because the function will build a pointer to a
// Key<T>, which is the type of self and so find the correct
// size.
unsafe { register_dtor(self as *const _ as *mut u8, destroy_value::<T>) };
self.dtor_state.set(DtorState::Registered);
true
}
DtorState::Registered => {
// recursively initialized
true
}
DtorState::RunningOrHasRun => false,
}
}
}
unsafe extern "C" fn destroy_value<T>(ptr: *mut u8) {
let ptr = ptr as *mut Key<T>;
// SAFETY:
//
// The pointer `ptr` has been built just above and comes from
// `try_register_dtor` where it is originally a Key<T> coming from `self`,
// making it non-NUL and of the correct type.
//
// Right before we run the user destructor be sure to set the
// `Option<T>` to `None`, and `dtor_state` to `RunningOrHasRun`. This
// causes future calls to `get` to run `try_initialize_drop` again,
// which will now fail, and return `None`.
//
// Wrap the call in a catch to ensure unwinding is caught in the event
// a panic takes place in a destructor.
if let Err(_) = panic::catch_unwind(panic::AssertUnwindSafe(|| unsafe {
let Key { inner, dtor_state } = &*ptr;
let value = inner.take();
dtor_state.set(DtorState::RunningOrHasRun);
drop(value);
})) {
rtabort!("thread local panicked on drop");
}
}

82
library/std/src/sys/thread_local/fast_local/eager.rs Normal file
View File

@ -0,0 +1,82 @@
use crate::cell::{Cell, UnsafeCell};
use crate::ptr::{self, drop_in_place};
use crate::sys::thread_local::abort_on_dtor_unwind;
use crate::sys::thread_local_dtor::register_dtor;
#[derive(Clone, Copy)]
enum State {
Initial,
Alive,
Destroyed,
}
#[allow(missing_debug_implementations)]
pub struct Storage<T> {
state: Cell<State>,
val: UnsafeCell<T>,
}
impl<T> Storage<T> {
pub const fn new(val: T) -> Storage<T> {
Storage { state: Cell::new(State::Initial), val: UnsafeCell::new(val) }
}
/// Get a reference to the TLS value. If the TLS variable has been destroyed,
/// `None` is returned.
///
/// # Safety
/// * The `self` reference must remain valid until the TLS destructor has been
/// run.
/// * The returned reference may only be used until thread destruction occurs
/// and may not be used after reentrant initialization has occurred.
///
// FIXME(#110897): return NonNull instead of lying about the lifetime.
#[inline]
pub unsafe fn get(&self) -> Option<&'static T> {
match self.state.get() {
// SAFETY: as the state is not `Destroyed`, the value cannot have
// been destroyed yet. The reference fulfills the terms outlined
// above.
State::Alive => unsafe { Some(&*self.val.get()) },
State::Destroyed => None,
State::Initial => unsafe { self.initialize() },
}
}
#[cold]
unsafe fn initialize(&self) -> Option<&'static T> {
// Register the destructor
// SAFETY:
// * the destructor will be called at thread destruction.
// * the caller guarantees that `self` will be valid until that time.
unsafe {
register_dtor(ptr::from_ref(self).cast_mut().cast(), destroy::<T>);
}
self.state.set(State::Alive);
// SAFETY: as the state is not `Destroyed`, the value cannot have
// been destroyed yet. The reference fulfills the terms outlined
// above.
unsafe { Some(&*self.val.get()) }
}
}
/// Transition an `Alive` TLS variable into the `Destroyed` state, dropping its
/// value.
///
/// # Safety
/// * Must only be called at thread destruction.
/// * `ptr` must point to an instance of `Storage` with `Alive` state and be
/// valid for accessing that instance.
unsafe extern "C" fn destroy<T>(ptr: *mut u8) {
// Print a nice abort message if a panic occurs.
abort_on_dtor_unwind(|| {
let storage = unsafe { &*(ptr as *const Storage<T>) };
// Update the state before running the destructor as it may attempt to
// access the variable.
storage.state.set(State::Destroyed);
unsafe {
drop_in_place(storage.val.get());
}
})
}

122
library/std/src/sys/thread_local/fast_local/lazy.rs Normal file
View File

@ -0,0 +1,122 @@
use crate::cell::UnsafeCell;
use crate::hint::unreachable_unchecked;
use crate::mem::forget;
use crate::ptr;
use crate::sys::thread_local::abort_on_dtor_unwind;
use crate::sys::thread_local_dtor::register_dtor;
pub unsafe trait DestroyedState: Sized {
fn register_dtor<T>(s: &Storage<T, Self>);
}
unsafe impl DestroyedState for ! {
fn register_dtor<T>(_: &Storage<T, !>) {}
}
unsafe impl DestroyedState for () {
fn register_dtor<T>(s: &Storage<T, ()>) {
unsafe {
register_dtor(ptr::from_ref(s).cast_mut().cast(), destroy::<T>);
}
}
}
enum State<T, D> {
Initial,
Alive(T),
Destroyed(D),
}
#[allow(missing_debug_implementations)]
pub struct Storage<T, D> {
state: UnsafeCell<State<T, D>>,
}
impl<T, D> Storage<T, D>
where
D: DestroyedState,
{
pub const fn new() -> Storage<T, D> {
Storage { state: UnsafeCell::new(State::Initial) }
}
/// Get a reference to the TLS value, potentially initializing it with the
/// provided parameters. If the TLS variable has been destroyed, `None` is
/// returned.
///
/// # Safety
/// * The `self` reference must remain valid until the TLS destructor is run,
/// at which point the returned reference is invalidated.
/// * The returned reference may only be used until thread destruction occurs
/// and may not be used after reentrant initialization has occurred.
///
// FIXME(#110897): return NonNull instead of lying about the lifetime.
#[inline]
pub unsafe fn get_or_init(
&self,
i: Option<&mut Option<T>>,
f: impl FnOnce() -> T,
) -> Option<&'static T> {
// SAFETY:
// No mutable reference to the inner value exists outside the calls to
// `replace`. The lifetime of the returned reference fulfills the terms
// outlined above.
let state = unsafe { &*self.state.get() };
match state {
State::Alive(v) => Some(v),
State::Destroyed(_) => None,
State::Initial => unsafe { self.initialize(i, f) },
}
}
#[cold]
unsafe fn initialize(
&self,
i: Option<&mut Option<T>>,
f: impl FnOnce() -> T,
) -> Option<&'static T> {
// Perform initialization
let v = i.and_then(Option::take).unwrap_or_else(f);
// SAFETY:
// If references to the inner value exist, they were created in `f`
// and are invalidated here. The caller promises to never use them
// after this.
let old = unsafe { self.state.get().replace(State::Alive(v)) };
match old {
// If the variable is not being recursively initialized, register
// the destructor. This might be a noop if the value does not need
// destruction.
State::Initial => D::register_dtor(self),
// Else, drop the old value. This might be changed to a panic.
val => drop(val),
}
// SAFETY:
// Initialization was completed and the state was set to `Alive`, so the
// reference fulfills the terms outlined above.
unsafe {
let State::Alive(v) = &*self.state.get() else { unreachable_unchecked() };
Some(v)
}
}
}
/// Transition an `Alive` TLS variable into the `Destroyed` state, dropping its
/// value.
///
/// # Safety
/// * Must only be called at thread destruction.
/// * `ptr` must point to an instance of `Storage<T, ()>` and be valid for
/// accessing that instance.
unsafe extern "C" fn destroy<T>(ptr: *mut u8) {
// Print a nice abort message if a panic occurs.
abort_on_dtor_unwind(|| {
let storage = unsafe { &*(ptr as *const Storage<T, ()>) };
// Update the state before running the destructor as it may attempt to
// access the variable.
let val = unsafe { storage.state.get().replace(State::Destroyed(())) };
drop(val);
})
}

122
library/std/src/sys/thread_local/fast_local/mod.rs Normal file
View File

@ -0,0 +1,122 @@
//! Thread local support for platforms with native TLS.
//!
//! To achieve the best performance, we choose from four different types for
//! the TLS variable, depending from the method of initialization used (`const`
//! or lazy) and the drop requirements of the stored type:
//!
//! | | `Drop` | `!Drop` |
//! |--------:|:--------------------:|:-------------------:|
//! | `const` | `EagerStorage<T>` | `T` |
//! | lazy | `LazyStorage<T, ()>` | `LazyStorage<T, !>` |
//!
//! For `const` initialization and `!Drop` types, we simply use `T` directly,
//! but for other situations, we implement a state machine to handle
//! initialization of the variable and its destructor and destruction.
//! Upon accessing the TLS variable, the current state is compared:
//!
//! 1. If the state is `Initial`, initialize the storage, transition the state
//! to `Alive` and (if applicable) register the destructor, and return a
//! reference to the value.
//! 2. If the state is `Alive`, initialization was previously completed, so
//! return a reference to the value.
//! 3. If the state is `Destroyed`, the destructor has been run already, so
//! return [`None`].
//!
//! The TLS destructor sets the state to `Destroyed` and drops the current value.
//!
//! To simplify the code, we make `LazyStorage` generic over the destroyed state
//! and use the `!` type (never type) as type parameter for `!Drop` types. This
//! eliminates the `Destroyed` state for these values, which can allow more niche
//! optimizations to occur for the `State` enum. For `Drop` types, `()` is used.
#![deny(unsafe_op_in_unsafe_fn)]
mod eager;
mod lazy;
pub use eager::Storage as EagerStorage;
pub use lazy::Storage as LazyStorage;
#[doc(hidden)]
#[allow_internal_unstable(
thread_local_internals,
cfg_target_thread_local,
thread_local,
never_type
)]
#[allow_internal_unsafe]
#[unstable(feature = "thread_local_internals", issue = "none")]
#[rustc_macro_transparency = "semitransparent"]
pub macro thread_local_inner {
// used to generate the `LocalKey` value for const-initialized thread locals
(@key $t:ty, const $init:expr) => {{
const __INIT: $t = $init;
#[inline]
#[deny(unsafe_op_in_unsafe_fn)]
unsafe fn __getit(
_init: $crate::option::Option<&mut $crate::option::Option<$t>>,
) -> $crate::option::Option<&'static $t> {
use $crate::thread::local_impl::EagerStorage;
use $crate::mem::needs_drop;
use $crate::ptr::addr_of;
if needs_drop::<$t>() {
#[thread_local]
static VAL: EagerStorage<$t> = EagerStorage::new(__INIT);
unsafe {
VAL.get()
}
} else {
#[thread_local]
static VAL: $t = __INIT;
unsafe {
$crate::option::Option::Some(&*addr_of!(VAL))
}
}
}
unsafe {
$crate::thread::LocalKey::new(__getit)
}
}},
// used to generate the `LocalKey` value for `thread_local!`
(@key $t:ty, $init:expr) => {{
#[inline]
fn __init() -> $t {
$init
}
#[inline]
#[deny(unsafe_op_in_unsafe_fn)]
unsafe fn __getit(
init: $crate::option::Option<&mut $crate::option::Option<$t>>,
) -> $crate::option::Option<&'static $t> {
use $crate::thread::local_impl::LazyStorage;
use $crate::mem::needs_drop;
if needs_drop::<$t>() {
#[thread_local]
static VAL: LazyStorage<$t, ()> = LazyStorage::new();
unsafe {
VAL.get_or_init(init, __init)
}
} else {
#[thread_local]
static VAL: LazyStorage<$t, !> = LazyStorage::new();
unsafe {
VAL.get_or_init(init, __init)
}
}
}
unsafe {
$crate::thread::LocalKey::new(__getit)
}
}},
($(#[$attr:meta])* $vis:vis $name:ident, $t:ty, $($init:tt)*) => {
$(#[$attr])* $vis const $name: $crate::thread::LocalKey<$t> =
$crate::thread::local_impl::thread_local_inner!(@key $t, $($init)*);
},
}

5
library/std/src/sys/thread_local/mod.rs
View File

@ -15,7 +15,7 @@ cfg_if::cfg_if! {
#[doc(hidden)]
mod fast_local;
#[doc(hidden)]
pub use fast_local::{Key, thread_local_inner};
pub use fast_local::{EagerStorage, LazyStorage, thread_local_inner};
} else {
#[doc(hidden)]
mod os_local;
@ -24,6 +24,9 @@ cfg_if::cfg_if! {
}
}
// Not used by the fast-local TLS anymore.
// FIXME(#110897): remove this.
#[allow(unused)]
mod lazy {
use crate::cell::UnsafeCell;
use crate::hint;

2
library/std/src/thread/mod.rs
View File

@ -205,7 +205,7 @@ cfg_if::cfg_if! {
#[doc(hidden)]
#[unstable(feature = "thread_local_internals", issue = "none")]
pub mod local_impl {
pub use crate::sys::thread_local::{thread_local_inner, Key, abort_on_dtor_unwind};
pub use crate::sys::thread_local::*;
}
}
}

2
src/tools/tidy/src/issues.txt
View File

@ -3988,8 +3988,6 @@ ui/test-attrs/issue-52557.rs
ui/test-attrs/issue-53675-a-test-called-panic.rs
ui/threads-sendsync/issue-24313.rs
ui/threads-sendsync/issue-29488.rs
ui/threads-sendsync/issue-43733-2.rs
ui/threads-sendsync/issue-43733.rs
ui/threads-sendsync/issue-4446.rs
ui/threads-sendsync/issue-4448.rs
ui/threads-sendsync/issue-8827.rs

30
tests/ui/threads-sendsync/issue-43733-2.rs
View File

@ -1,30 +0,0 @@
//@ needs-threads
//@ dont-check-compiler-stderr
#![feature(cfg_target_thread_local, thread_local_internals)]
// On platforms *without* `#[thread_local]`, use
// a custom non-`Sync` type to fake the same error.
#[cfg(not(target_thread_local))]
struct Key<T> {
_data: std::cell::UnsafeCell<Option<T>>,
_flag: std::cell::Cell<()>,
}
#[cfg(not(target_thread_local))]
impl<T> Key<T> {
const fn new() -> Self {
Key {
_data: std::cell::UnsafeCell::new(None),
_flag: std::cell::Cell::new(()),
}
}
}
#[cfg(target_thread_local)]
use std::thread::local_impl::Key;
static __KEY: Key<()> = Key::new();
//~^ ERROR `UnsafeCell<Option<()>>` cannot be shared between threads
//~| ERROR cannot be shared between threads safely [E0277]
fn main() {}

32
tests/ui/threads-sendsync/issue-43733.rs
View File

@ -1,32 +0,0 @@
//@ needs-threads
#![feature(thread_local)]
#![feature(cfg_target_thread_local, thread_local_internals)]
use std::cell::RefCell;
type Foo = std::cell::RefCell<String>;
#[cfg(target_thread_local)]
#[thread_local]
static __KEY: std::thread::local_impl::Key<Foo> = std::thread::local_impl::Key::new();
#[cfg(not(target_thread_local))]
static __KEY: std::thread::local_impl::Key<Foo> = std::thread::local_impl::Key::new();
fn __getit(_: Option<&mut Option<RefCell<String>>>) -> std::option::Option<&'static Foo> {
__KEY.get(Default::default)
//~^ ERROR call to unsafe function `Key::<T>::get` is unsafe
}
static FOO: std::thread::LocalKey<Foo> = std::thread::LocalKey::new(__getit);
//~^ ERROR call to unsafe function `LocalKey::<T>::new` is unsafe
fn main() {
FOO.with(|foo| println!("{}", foo.borrow()));
std::thread::spawn(|| {
FOO.with(|foo| *foo.borrow_mut() += "foo");
})
.join()
.unwrap();
FOO.with(|foo| println!("{}", foo.borrow()));
}

19
tests/ui/threads-sendsync/issue-43733.stderr
View File

@ -1,19 +0,0 @@
error[E0133]: call to unsafe function `Key::<T>::get` is unsafe and requires unsafe function or block
--> $DIR/issue-43733.rs:17:5
|
LL | __KEY.get(Default::default)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^ call to unsafe function
|
= note: consult the function's documentation for information on how to avoid undefined behavior
error[E0133]: call to unsafe function `LocalKey::<T>::new` is unsafe and requires unsafe function or block
--> $DIR/issue-43733.rs:21:42
|
LL | static FOO: std::thread::LocalKey<Foo> = std::thread::LocalKey::new(__getit);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ call to unsafe function
|
= note: consult the function's documentation for information on how to avoid undefined behavior
error: aborting due to 2 previous errors
For more information about this error, try `rustc --explain E0133`.