From: Jonathan Wakely <jwakely@redhat.com>
To: Thomas Rodgers <trodgers@redhat.com>
Cc: Thomas Rodgers <rodgert@appliantology.com>,
gcc Patches <gcc-patches@gcc.gnu.org>,
"libstdc++" <libstdc++@gcc.gnu.org>,
Thomas Rodgers <rodgert@twrodgers.com>
Subject: Re: [PATCH] libstdc++: Clear padding bits in atomic compare_exchange
Date: Tue, 18 Jan 2022 21:48:19 +0000 [thread overview]
Message-ID: <CACb0b4=7gDb8F6oWyLnF7sWyw99PxoC+FJZZFRnfzwDNt5-Ghg@mail.gmail.com> (raw)
In-Reply-To: <CAMmuTO_LDCtQ5nkdLg4yhp-Ar97bATvQkq0s+mG-ggOdTn=WBQ@mail.gmail.com>
On Tue, 2 Nov 2021 at 01:26, Thomas Rodgers <trodgers@redhat.com> wrote:
> This should address Jonathan's feedback and adds support for atomic_ref<T>
>
>This change implements P0528 which requires that padding bits not
>participate in atomic compare exchange operations. All arguments to the
>generic template are 'sanitized' by the __builtin_clearpadding intrisic
The name of the intrinsic and the word "instrinsic" have typos.
>before they are used in comparisons. This alrequires that any stores
>also sanitize the incoming value.
>
>Signed-off-by: Thomas Rodgers <trodgers@redhat.com>
>
>libstdc++=v3/ChangeLog:
Typo
>
> * include/std/atomic (atomic<T>::atomic(_Tp): clear padding for
Unclosed paren.
>+#if __has_builtin(__builtin_clear_padding)
Instead of checking this built-in at every call site, can't we just make
__maybe_has_padding return false if the built-in isn't supported?
__clear_padding already handles the case where the built-in isn't supported.
>+ template<typename _Tp>
>+ constexpr bool
>+ __maybe_has_padding()
>+ {
>+#if __has_builtin(__has_unique_object_representations)
>+ return !__has_unique_object_representations(_Tp)
>+ && !is_floating_point<_Tp>::value;
>+#else
>+ return true;
>+#endif
>+ }
So make that:
template<typename _Tp>
constexpr bool
__maybe_has_padding()
{
#if ! __has_builtin(__builtin_clear_padding)
return false;
#elif __has_builtin(__has_unique_object_representations)
return !__has_unique_object_representations(_Tp)
&& !is_floating_point<_Tp>::value;
#else
return true;
#endif
}
>+ if _GLIBCXX14_CONSTEXPR (__atomic_impl::__maybe_has_padding<_Tp>())
>+ {
This needs to be _GLIBCXX17_CONSTEXPR (everywhere that `if constexpr` is
used).
>+ {
>+ alignas(_Tp) unsigned char __buf[sizeof(_Tp)];
>+ __builtin_memcpy(__buf, std::__addressof(__e), sizeof(_Tp));
alignas(_Tp) unsigned char __buf[sizeof(_Tp)];
_Tp* __exp = ::new((void*)__buf) _Tp(__e);
>+ auto* __exp =
__atomic_impl::__clear_padding(*reinterpret_cast<_Tp*>(__buf));
And then you don't need the reinterpret_cast:
__exp = __atomic_impl::__clear_padding(__exp);
>+ auto* __des = __atomic_impl::__clear_padding(__i);
>+ if (__atomic_compare_exchange(std::__addressof(__val), __exp, __des,
__weak,
>+ int(__s), int(__f)))
>+ return true;
> template<typename _Tp>
> _GLIBCXX_ALWAYS_INLINE void
> store(_Tp* __ptr, _Val<_Tp> __t, memory_order __m) noexcept
>- { __atomic_store(__ptr, std::__addressof(__t), int(__m)); }
>+ {
>+#if __has_builtin(__builtin_clear_padding)
>+ if _GLIBCXX14_CONSTEXPR (__maybe_has_padding<_Tp>())
>+ __clear_padding(__t);
>+#endif
>+ __atomic_store(__ptr, std::__addressof(__t), int(__m));
>+ }
>
All calls to __clear_padding need to be qualified.
>+ return __compare_exchange(*__ptr, __expected, __desired, true,
>+ __success, __failure);
So do calls to __compare_exchange.
>
> explicit
> __atomic_ref(_Tp& __t) : _M_ptr(std::__addressof(__t))
>- { __glibcxx_assert(((uintptr_t)_M_ptr % required_alignment) == 0); }
>+ {
>+ __glibcxx_assert(((uintptr_t)_M_ptr % required_alignment) == 0);
>+#if __cplusplus > 201402L && __has_builtin(__builtin_clear_padding)
>+ __builtin_clear_padding(_M_ptr);
>+#endif
>+ }
Is this safe to do?
What if multiple threads all create a std::atomic_ref round the same object
at once, they'll all try to clear padding, and so race, won't they?
I don't think we can clear padding on atomic_ref construction, only on
store and RMW operations.
>--- a/libstdc++-v3/include/std/atomic
>+++ b/libstdc++-v3/include/std/atomic
>@@ -228,13 +228,12 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
> atomic& operator=(const atomic&) = delete;
> atomic& operator=(const atomic&) volatile = delete;
>
>-#if __cplusplus > 201703L && __has_builtin(__builtin_clear_padding)
> constexpr atomic(_Tp __i) noexcept : _M_i(__i)
>- { __builtin_clear_padding(std::__addressof(_M_i)); }
>-#else
>- constexpr atomic(_Tp __i) noexcept : _M_i(__i)
>- { }
>+ {
>+#if __cplusplus > 201402L && __has_builtin(__builtin_clear_padding)
>+ __builtin_clear_padding(std::__addressof(_M_i));
> #endif
>+ }
>
Is this an incremental patch relative to the first one?
The changes to this file look correct.
>--- /dev/null
>+++
b/libstdc++-v3/testsuite/29_atomics/atomic_ref/compare_exchange_padding.cc
>@@ -0,0 +1,43 @@
>+// { dg-options "-std=gnu++2a" }
>+// { dg-do run { target c++2a } }
This new test is using "2a" not "20".
next prev parent reply other threads:[~2022-01-18 21:48 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-23 18:08 Thomas Rodgers
2021-09-23 19:07 ` Jakub Jelinek
2021-09-23 20:15 ` Thomas Rodgers
2021-09-23 20:15 ` Jonathan Wakely
2021-09-27 14:10 ` Thomas Rodgers
2021-09-29 12:13 ` Jonathan Wakely
2021-09-29 12:18 ` Jonathan Wakely
2021-09-29 12:28 ` Jakub Jelinek
2021-09-29 18:22 ` Thomas Rodgers
2021-09-29 18:29 ` Jakub Jelinek
2021-11-02 1:25 ` Thomas Rodgers
2021-11-02 7:49 ` Jakub Jelinek
2021-11-03 3:06 ` Thomas Rodgers
2021-11-02 8:49 ` Daniel Krügler
2022-01-18 21:48 ` Jonathan Wakely [this message]
2022-08-25 10:11 ` Patch ping (was Re: [PATCH] libstdc++: Clear padding bits in atomic compare_exchange) Jakub Jelinek
2022-09-01 22:57 ` Thomas Rodgers
2022-09-07 11:56 ` Jonathan Wakely
2022-09-07 22:06 ` Thomas Rodgers
2022-09-09 18:36 ` Rainer Orth
2022-09-09 18:46 ` Iain Sandoe
2022-09-09 19:01 ` Thomas Rodgers
2022-09-09 20:14 ` Jonathan Wakely
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CACb0b4=7gDb8F6oWyLnF7sWyw99PxoC+FJZZFRnfzwDNt5-Ghg@mail.gmail.com' \
--to=jwakely@redhat.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=libstdc++@gcc.gnu.org \
--cc=rodgert@appliantology.com \
--cc=rodgert@twrodgers.com \
--cc=trodgers@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).