Use the parking_lot locking primitives

[faern]

This PR adds the parking_lot code to libstd and uses it for the sys_common::{mutex,rwlock,condvar,remutex} implementations.

This has been discussed in https://internals.rust-lang.org/t/standard-library-synchronization-primitives-and-undefined-behavior/8439/9

Thanks @Amanieu for mentoring when doing this, and basically all the code is his as well of course.

Fixes #35836
Fixes #53127

[rust-highfive]

r? @withoutboats

(rust_highfive has picked a reviewer for you, use r? to override)

[Centril]

r? @RalfJung

[Amanieu]

Just to be clear, this PR only changes the "back-end" of the mutex implementation. There are no changes to the public Mutex API in libstd. API changes (such as const fn support) can be done in a later PR.

[nagisa]

There are no changes to the public Mutex API in libstd.

Isn’t there a difference between fairness of native Mutex and parking_lot’s Mutex?

EDIT: on some of the platforms, that is.

[Amanieu]

Isn’t there a difference between fairness of native Mutex and parking_lot’s Mutex?

Any fairness was "implementation-defined" in the current implementation.

[Centril]

Some observations; applies generally throughout the PR but I picked a few spots to illustrate. :)

[Centril]

Some observations; applies generally throughout the PR but I picked a few spots to illustrate. :)

[Centril]

Documentation is a bit unclear re. when this is UB and not; do you mean "must" by "should"?
(Do a review of the PR in general to make the safety invariants clearer and more definitive... For example "Behavior is undefined if X")

[Amanieu]

This is an internal API which is only used in the internals of parking_lot_core. Regarding your question: I used "should" here because you don't want to issue a system call while holding a lock, to keep lock durations short.

[rust-highfive]

The job x86_64-gnu-llvm-5.0 of your PR failed on Travis (raw log). Through arcane magic we have determined that the following fragments from the build log may contain information about the problem.

Click to expand the log.

travis_time:end:1c3ab440:start=1543686799054107223,finish=1543686801424514854,duration=2370407631
$ git checkout -qf FETCH_HEAD
travis_fold:end:git.checkout

Encrypted environment variables have been removed for security reasons.
See https://docs.travis-ci.com/user/pull-requests/#Pull-Requests-and-Security-Restrictions
$ export SCCACHE_BUCKET=rust-lang-ci-sccache2
$ export SCCACHE_REGION=us-west-1
Setting environment variables from .travis.yml
$ export IMAGE=x86_64-gnu-llvm-5.0
---
travis_time:start:test_codegen
Check compiletest suite=codegen mode=codegen (x86_64-unknown-linux-gnu -> x86_64-unknown-linux-gnu)
[00:58:14] 
[00:58:14] running 119 tests
[00:58:17] i..ii...iii..iiii.....i...i.........i..iii.............i.....i.....ii...i..i.ii..............i...ii. 100/119
[00:58:18] .ii.i.....iiii.....
[00:58:18] 
[00:58:18]  finished in 3.641
[00:58:18] travis_fold:end:test_codegen

---
travis_time:start:test_debuginfo
Check compiletest suite=debuginfo mode=debuginfo-both (x86_64-unknown-linux-gnu -> x86_64-unknown-linux-gnu)
[00:58:33] 
[00:58:33] running 118 tests
[00:58:58] .iiiii...i.....i..i...i..i.i..i.i..i.....i..i....i..........iiii.........i.i....i...i.......ii.i.i.i 100/118
[00:59:02] ......iii.i.....ii
[00:59:02] 
[00:59:02]  finished in 29.112
[00:59:02] travis_fold:end:test_debuginfo

---
[01:15:16] travis_fold:start:test_stage1-std
travis_time:start:test_stage1-std
Testing std stage1 (x86_64-unknown-linux-gnu -> x86_64-unknown-linux-gnu)
[01:15:16]    Compiling std v0.0.0 (/checkout/src/libstd)
[01:15:19] error[E0432]: unresolved import `super::ReentrantMutex`
[01:15:19]   --> src/libstd/sys_common/parking_lot/remutex.rs:93:9
[01:15:19]    |
[01:15:19] 93 |     use super::ReentrantMutex;
[01:15:19]    |         ^^^^^^^^^^^^^^^^^^^^^ no `ReentrantMutex` in `sys_common::parking_lot::remutex`. Did you mean to use `RawReentrantMutex`?
[01:15:19] 
[01:15:19] error[E0432]: unresolved imports `Condvar`, `Mutex`
[01:15:19]    --> src/libstd/sys_common/parking_lot/condvar.rs:402:10
[01:15:19]     |
[01:15:19] 402 |     use {Condvar, Mutex};
[01:15:19]     |          ^^^^^^^  ^^^^^ no `Mutex` in the root
[01:15:19]     |          no `Condvar` in the root
[01:15:19] 
[01:15:19] 
j/cores/core.*; do EXE=$(echo $CORE | sed 's|obj/cores/core\.[0-9]*\.!checkout!\(.*\)|\1|;y|!|/|'); if [ -f "$EXE" ]; then printf travis_fold":start:crashlog\n\033[31;1m%s\033[0m\n" "$CORE"; gdb --batch -q -c "$CORE" "$EXE" -iex 'set auto-load off' -iex 'dir src/' -iex 'set sysroot .' -ex bt -ex q; echo travis_fold":"end:crashlog; fi; done || true

I'm a bot! I can only do what humans tell me to, so if this was not helpful or you have suggestions for improvements, please ping or otherwise contact @TimNN. (Feature Requests)

[rust-highfive]

The job x86_64-gnu-llvm-5.0 of your PR failed on Travis (raw log). Through arcane magic we have determined that the following fragments from the build log may contain information about the problem.

Click to expand the log.

travis_time:end:1f2f2f49:start=1543692321136569642,finish=1543692323399010557,duration=2262440915
$ git checkout -qf FETCH_HEAD
travis_fold:end:git.checkout

Encrypted environment variables have been removed for security reasons.
See https://docs.travis-ci.com/user/pull-requests/#Pull-Requests-and-Security-Restrictions
$ export SCCACHE_BUCKET=rust-lang-ci-sccache2
$ export SCCACHE_REGION=us-west-1
Setting environment variables from .travis.yml
$ export IMAGE=x86_64-gnu-llvm-5.0
---
travis_time:start:test_codegen
Check compiletest suite=codegen mode=codegen (x86_64-unknown-linux-gnu -> x86_64-unknown-linux-gnu)
[00:56:54] 
[00:56:54] running 119 tests
[00:56:57] i..ii...iii..iiii.....i...i.........i..iii.............i.....i.....ii...i..i.ii..............i...ii. 100/119
[00:56:57] .ii.i.....iiii.....
[00:56:57] 
[00:56:57]  finished in 3.461
[00:56:57] travis_fold:end:test_codegen

---
travis_time:start:test_debuginfo
Check compiletest suite=debuginfo mode=debuginfo-both (x86_64-unknown-linux-gnu -> x86_64-unknown-linux-gnu)
[00:57:12] 
[00:57:12] running 118 tests
[00:57:36] .iiiii...i.....i..i...i..i.i..i.i..i.....i..i....i..........iiii.........i.i....i...i.......ii.i.i.i 100/118
[00:57:40] ......iii.i.....ii
[00:57:40] 
[00:57:40]  finished in 28.444
[00:57:40] travis_fold:end:test_debuginfo

I'm a bot! I can only do what humans tell me to, so if this was not helpful or you have suggestions for improvements, please ping or otherwise contact @TimNN. (Feature Requests)

[rust-highfive]

The job x86_64-gnu-llvm-5.0 of your PR failed on Travis (raw log). Through arcane magic we have determined that the following fragments from the build log may contain information about the problem.

Click to expand the log.

travis_time:end:13ee08a4:start=1543709531669510421,finish=1543709533977542973,duration=2308032552
$ git checkout -qf FETCH_HEAD
travis_fold:end:git.checkout

Encrypted environment variables have been removed for security reasons.
See https://docs.travis-ci.com/user/pull-requests/#Pull-Requests-and-Security-Restrictions
$ export SCCACHE_BUCKET=rust-lang-ci-sccache2
$ export SCCACHE_REGION=us-west-1
Setting environment variables from .travis.yml
$ export IMAGE=x86_64-gnu-llvm-5.0
---
travis_time:start:test_codegen
Check compiletest suite=codegen mode=codegen (x86_64-unknown-linux-gnu -> x86_64-unknown-linux-gnu)
[00:59:22] 
[00:59:22] running 119 tests
[00:59:25] i..ii...iii..iiii.....i...i.........i..iii.............i.....i.....ii...i..i.ii..............i...ii. 100/119
[00:59:25] .ii.i.....iiii.....
[00:59:25] 
[00:59:25]  finished in 3.668
[00:59:25] travis_fold:end:test_codegen

---
travis_time:start:test_debuginfo
Check compiletest suite=debuginfo mode=debuginfo-both (x86_64-unknown-linux-gnu -> x86_64-unknown-linux-gnu)
[00:59:41] 
[00:59:41] running 118 tests
[01:00:07] .iiiii...i.....i..i...i..i.i..i.i..i.....i..i....i..........iiii.........i.i....i...i.......ii.i.i.i 100/118
[01:00:11] ......iii.i.....ii
[01:00:11] 
[01:00:11]  finished in 30.123
[01:00:11] travis_fold:end:test_debuginfo

---
[01:17:03] travis_fold:start:test_stage1-std
travis_time:start:test_stage1-std
Testing std stage1 (x86_64-unknown-linux-gnu -> x86_64-unknown-linux-gnu)
[01:17:03]    Compiling std v0.0.0 (/checkout/src/libstd)
[01:17:06] error[E0432]: unresolved imports `Condvar`, `Mutex`
[01:17:06]    --> src/libstd/sys_common/parking_lot/condvar.rs:399:10
[01:17:06]     |
[01:17:06] 399 |     use {Condvar, Mutex};
[01:17:06]     |          ^^^^^^^  ^^^^^ no `Mutex` in the root
[01:17:06]     |          no `Condvar` in the root
[01:17:06] 
[01:17:19] error: aborting due to previous error
[01:17:19] 
[01:17:19] 
[01:17:19] For more information about this error, try `rustc --explain E0432`.
[01:17:19] error: Could not compile `std`.
[01:17:19] 
[01:17:19] To learn more, run the command again with --verbose.
[01:17:19] 
[01:17:19] 
[01:17:19] command did not execute successfully: "/checkout/obj/build/x86_64-unknown-linux-gnu/stage0/bin/cargo" "test" "--target" "x86_64-unknown-linux-gnu" "-j" "4" "--release" "--locked" "--color" "always" "--features" "panic-unwind backtrace" "--manifest-path" "/checkout/src/libstd/Cargo.toml" "-p" "std" "--" "--quiet"
[01:17:19] 
[01:17:19] 
[01:17:19] failed to run: /checkout/obj/build/bootstrap/debug/bootstrap test
[01:17:19] Build completed unsuccessfully in 0:29:07
[01:17:19] Build completed unsuccessfully in 0:29:07
[01:17:19] make: *** [check] Error 1
[01:17:19] Makefile:58: recipe for target 'check' failed
The command "stamp sh -x -c "$RUN_SCRIPT"" exited with 2.
travis_time:start:00ae4529
$ date && (curl -fs --head https://google.com | grep ^Date: | sed 's/Date: //g' || true)
Sun Dec  2 01:29:43 UTC 2018

I'm a bot! I can only do what humans tell me to, so if this was not helpful or you have suggestions for improvements, please ping or otherwise contact @TimNN. (Feature Requests)

[bors]

☔️ The latest upstream changes (presumably #56275) made this pull request unmergeable. Please resolve the merge conflicts.

[RalfJung]

r? @RalfJung

FYI, I will not have time to look at this "+4168 −2426" PR this week. I should be able to get to it next week though.

I also feel slightly overwhelmed by the importance of this and would appreciate a co-reviewer -- maybe someone who actually has reviewed libstd code before :D

[faern]

I should add that I'm currently working on improving this code. Will likely push changes in a day or two. I have already backported some of the feedback here directly to parking_lot and have managed to, at least slightly, reduce the amount of unsafe. As soon as I have reached some good state and my tests pass I will push things here.

[bors]

☔️ The latest upstream changes (presumably #56066) made this pull request unmergeable. Please resolve the merge conflicts.

[faern]

I could post some kind of benchmarks. The parking_lot repo has a benchmark sub-crate in it that can perform some micro benchmarking of the Mutex and RwLock types. Please keep in mind these are micro benchmarks, and also that the numbers varies quite a lot between runs as well.

Mutex

Built using latest nightly rustc/libstd:

$ cargo +nightly run --release --bin mutex -- 2 1 0 1 2
- Running with 2 threads
- 1 iterations inside lock, 0 iterations outside lock
- 1 seconds per test
        name         |    average     |     median     |    std.dev.   
parking_lot::Mutex   |  27880.651 kHz |  27643.931 kHz |    784.495 kHz
std::sync::Mutex     |   5760.698 kHz |   5983.312 kHz |    244.146 kHz
pthread_mutex_t      |   7557.519 kHz |   7640.839 kHz |    258.375 kHz

Built using the code currently in this PR (stage1 compiler):

$ cargo +stage1 run --release --bin mutex -- 2 1 0 1 2
- Running with 2 threads
- 1 iterations inside lock, 0 iterations outside lock
- 1 seconds per test
        name         |    average     |     median     |    std.dev.   
parking_lot::Mutex   |  26761.369 kHz |  28265.800 kHz |   3176.551 kHz
std::sync::Mutex     |  21122.531 kHz |  20840.200 kHz |   1490.975 kHz
pthread_mutex_t      |   7654.629 kHz |   7509.882 kHz |    648.945 kHz

RwLock

Built using latest nightly rustc/libstd:

$ cargo +nightly run --release --bin rwlock -- 1 1 1 0 1 2
- Running with 1 writer threads and 1 reader threads
- 1 iterations inside lock, 0 iterations outside lock
- 1 seconds per test
parking_lot::RwLock  - [write]  44619.796 kHz [read]  11551.274 kHz
seqlock::SeqLock     - [write]  27633.108 kHz [read]  31532.853 kHz
std::sync::RwLock    - [write]   6450.503 kHz [read]   4018.782 kHz
pthread_rwlock_t     - [write]  11007.401 kHz [read]   8722.818 kHz

Built using the code currently in this PR (stage1 compiler):

$ cargo +stage1 run --release --bin rwlock -- 1 1 1 0 1 2
- Running with 1 writer threads and 1 reader threads
- 1 iterations inside lock, 0 iterations outside lock
- 1 seconds per test
parking_lot::RwLock  - [write]  38818.641 kHz [read]  15724.790 kHz
seqlock::SeqLock     - [write]  27193.925 kHz [read]  38514.387 kHz
std::sync::RwLock    - [write]  34072.830 kHz [read]   2120.811 kHz
pthread_rwlock_t     - [write]   9255.783 kHz [read]   8181.922 kHz

All of the above was on Linux.

[rust-highfive]

The job x86_64-gnu-llvm-5.0 of your PR failed on Travis (raw log). Through arcane magic we have determined that the following fragments from the build log may contain information about the problem.

Click to expand the log.

travis_time:end:10272717:start=1544322055945677727,finish=1544322057030175499,duration=1084497772
$ git checkout -qf FETCH_HEAD
travis_fold:end:git.checkout

Encrypted environment variables have been removed for security reasons.
See https://docs.travis-ci.com/user/pull-requests/#Pull-Requests-and-Security-Restrictions
$ export SCCACHE_BUCKET=rust-lang-ci-sccache2
$ export SCCACHE_REGION=us-west-1
Setting environment variables from .travis.yml
$ export IMAGE=x86_64-gnu-llvm-5.0
---
travis_time:start:test_codegen
Check compiletest suite=codegen mode=codegen (x86_64-unknown-linux-gnu -> x86_64-unknown-linux-gnu)
[00:57:15] 
[00:57:15] running 120 tests
[00:57:18] i..ii...iii..iiii.....i...i..........i..iii.............i.....i.....ii...i..i.ii..............i...ii 100/120
[00:57:19] ..ii.i.....iiii.....
[00:57:19] 
[00:57:19]  finished in 3.598
[00:57:19] travis_fold:end:test_codegen

---
travis_time:start:test_debuginfo
Check compiletest suite=debuginfo mode=debuginfo-both (x86_64-unknown-linux-gnu -> x86_64-unknown-linux-gnu)
[00:57:34] 
[00:57:34] running 118 tests
[00:57:58] .iiiii...i.....i..i...i..i.i..i.i..i.....i..i....i..........iiii.........i.i....i...i.......ii.i.i.i 100/118
[00:58:02] ......iii.i.....ii
[00:58:02] 
[00:58:02]  finished in 28.802
[00:58:02] travis_fold:end:test_debuginfo

I'm a bot! I can only do what humans tell me to, so if this was not helpful or you have suggestions for improvements, please ping or otherwise contact @TimNN. (Feature Requests)

[faern]

I was able to remove the boxing of the inner locking type in the std::sync locking types. Since it's no longer important to keep the locks fixed at one memory address we don't need the box. For std::sync::Mutex this reduced indirection resulted in approximately 5% speedup in micro benchmarks on Linux, when there is contention. Compared to the performance std::sync::Mutex had with the code in this PR just before removing the boxing (the benchmarks posted above).

EDIT: Worth noting that this also affects the size of the synchronization structs. Mutex<()> went from 16 to 2 bytes.

[Amanieu]

@bors try

[bors]

⌛️ Trying commit e0d5bc1 with merge 8f8fabb...

[jethrogb]

As mentioned in the comment just above, src/UnwindRustSgx.h in libunwind needs to be updated, and this PR will need to pull in the changes in src/ci/docker/dist-various-2/Dockerfile. @VardhanThigle can you help with this?

[faern]

I'm aware, but good you pointed it out. This won't be merged just yet, we just do a test run. But we can probably go ahead and create a PR in libunwind for the change. Here you go: fortanix/libunwind#4

It's a bit of a chicken and egg problem. But the libunwind PR must be merged first, so we can update the commit id in the dockerfile in this PR. I assume that's the way to go.

Would be awesome if you two who are familiar with the platform could verify that these two PRs work together as intended.

[faern]

I see that libunwind is not a submodule of your llvm-project repository. The files seem copied over? I think it's best if you update your libraries as you see fit and then ping me with the new commit id :)

[jethrogb]

cc75f6e51b7dafe1dbd2ad16d969fcd3ff446053

[faern]

The link https://github.com/fortanix/llvm-project/archive/cc75f6e51b7dafe1dbd2ad16d969fcd3ff446053.tar.gz does not work. Nor do I see any new commits pushed to llvm-project 🤔

[jethrogb]

I'm seeing a hang in std::io::buffered::tests::panic_in_write_doesnt_flush_in_drop after the second thread has exited, join never returns. Backtrace excerpt:

#0  0x00007ffff00b33a6 in std::parking_lot::condvar::Condvar::wait_until_internal::haec9e821d58c63ec ()
#1  0x00007ffff01192ae in std::thread::park::h55b748bc253e86f5 ()
#2  0x00007ffff007cbb2 in std::sync::mpsc::oneshot::Packet$LT$T$GT$::recv::h9344b3a4c5e28c0d ()
#3  0x00007ffff000dfce in std::sync::mpsc::Receiver$LT$T$GT$::recv::h18960999ebdd9329 ()
#4  0x00007ffff0119c9e in std::thread::JoinHandle$LT$T$GT$::join::h5220ab83fba0a8b1 ()
#5  0x00007ffff00955ee in std::io::buffered::tests::panic_in_write_doesnt_flush_in_drop::hb734fd606fd827e8 ()

(It's stuck in the wait usercall).

I'm still trying to figure out if this is a bug in unwinding or in parking_lot's SGX implementation.

[faern]

This backtrace, and your description, sounds very similar to the hangs we saw when discovering the problem around fork() and parking_lot not being fork safe. See these threads: #56410 (comment) and #56410 (comment)

I have no idea if this is remotely related. But just dropping this info here for now.

[faern]

Your backtrace shows the still alive thread and that it's waiting for the spawned thread to return its exiting result. I don't think the bug is in any code running in this thread. I think the interesting part is how the other thread exits and what stops it from storing/sending its exit value before dying. Could as you say very well be a bug in the unwinding code for example.

[faern]

I don't really get how it's supposed to work. I'm looking at this code: https://github.com/rust-lang/rust/blob/master/src/libstd/sys/sgx/thread.rs#L32-L33

Is this where it executes the closure that is the thread's closure? It just runs the closure, without catching any panics. So if it unwinds, will it ever reach let _ = self.done.send(()); and actually tell the parent thread that it's done?

EDIT: Err.. The panic catching is done much higher up. Never mind me. I need to stop looking at code for today.

[jethrogb]

Ok, the second thread does call notify_one_slow, but it never calls send. Instead, it just calls insecure_time (via Instant::now) a lot (this is extremely slow on SGX), and then exits.

[bors]

☀️ Try build successful - checks-travis
Build commit: 8f8fabb