Statepoints vs gcroot for representing call safepoints

I recent discussion on LLVM commits w.r.t. the statepoint changes which are up for review, I managed to get myself confused and made a couple of inaccurate statements regarding the existing capabilities of gcroots vs the newly proposed statepoints.  This post is a (hopefully correct) summary of the similarities and differences.

For the purposes of this post, I am only talking about the semantics of the collector at a source language level call site.  The issues highlighted with gc root and safepoint poll sites in my previous post still stand, but I didn’t do a very good job (in retrospect) of distinguishing between safepoints at call sites, and additional checks + runtime calls inserted to ensure that running code checks for a safepoint request at some interval.  The points in that post apply to the later; this one talks about the former.

From a functional correctness standpoint, gc.root and statepoint are equivalent.  They can both support relocating collectors, including those which relocate roots.  To prevent future confusion, let me review how each works.

gc.root uses explicit spill slots in the IR in the form of allocas.  Each alloca escapes (through the gcroot call itself); as a result, the compiler must assume that any readwrite call can both consume and update the values in question.  Additionally, the fact that all calls are readwrite prevents reordering of unrelated loads past the call.  gcroot relies on the fact that no SSA value relocated at a call site is used at a site reachable from the call.  Instead, a new SSA value (whose relation to the original is unknown by the compiler) is introduced by loading from the (potentially clobbered) alloca.  gcroot creates a single stack map table for the entire function.  It is the compiled code’s responsibility to ensure that all values in the allocas are either valid live pointers or null.

Statepoints use most of the same techniques.  We rely on not having an SSA value used on both sides of a call, but we manage the relocation via explicit IR relocation operations, not loads and stores.  We require the call to be read/write to prevent reordering of unrelated loads.  Since the spill slots are not visible in the IR, we do not need the reasoning about escapes that gc.root does.

To explicitly state this again since I screwed this up once before, both statepoints and gc.roots can correctly represent relocation semantics in the IR.  In fact, the underlying reasoning about their correctness are rather similar.

They do differ fairly substantially in the details though.  Let’s consider a few examples.

SSA vs Memory – gcroot encodes relocations as memory operations (stores, clobbering calls, loads) where statepoint uses first class SSA values.  We believe this makes optimizations more straightforward.

Consider a simple optimization for null pointer relocation.  If the optimizer manages to establish that one of the value being relocated is null, propagating this across a statepoint is straightforward.  (For each gc.relocate, if source is null, replaceAllUsesWith null.)  Implementing this same optimization for gc.root is harder since the store and load may have been reordered from immediately around the call.  This isn’t an unsolvable problem by any means, but it would be a GVN change, not an InstCombine one.  In practice, we believe InstCombine style optimizations to be advantageous since they’re simpler to write and debug.  Arguably, they’re also more powerful given the current pipeline since they have multiple opportunities to trigger.

Derived Pointers – gcroot can represent derived pointers, but only via convention.  There is no convention specified, so it’s up to the frontend to create it’s own.  Statepoints define a convention (explicitly in the relocation operation) which makes describing optimizations straight forward.

One thing we plan to do with the statepoint representation is to implement an “easily derived pointer” optimization (to run near CodeGenPrep).  On X86, it’s far cheaper to recreate a GEP base + 5 derived pointer than relocate it.  Recognizing this case is quite straight forward given the statepoint representation.

A frontend could implement a similar optimization for gcroot at IR generation time.  You could also implement such an optimization over the load/call/store representation, but the implementation would be much more complex (analogous to the null optimization above).

To be fair, gc.root may need such an optimization less.  Since call-safepoints are inserted early, CSE has not yet run.  As a result, there may be fewer “easily derived pointers” live across a call.

Format – Statepoints use a standard format.  gc.root supports custom formats.  Either could be extended to support the other without much difficulty.

The more material difference between the two is that gc.root generates a single stack map for the entire function while statepoints generate a unique stack map per call site.  Having a single stack map imposes a slight penalty on code compiled with gc.root since dead values must explicitly be removed from the alloca (by a write of null).  In the wrong situation (say a tight loop with two calls), this could be material.

Lowering – Currently, both gc.root and statepoint lower to stack slots.  gc.root does this at the IR level, statepoints does so in SelectionDAG.

The design of statepoints is intended to allow pushing the explicit relocations back through the backend.  The reason this is desirable is that pointers can be left in callee saved registers over call sites.  Without substantial re-engineering, such a thing is not possible for gc.root.  The importance of this from a performance perspective is debatable.  It is my belief that the key benefit would be in a) reducing frame sizes (by not requiring spill slots), and b) avoiding spills around calls.

An advantage of gc.root is that the backend can remain largely ignorant of the gc.root mechanism.  By the point the backend encounters them, a gc.root is just another alloca.  One potential problem with the current implementation is that the escape is lost when lowering; the gcroot call is lowered to an entry into a side table and the alloca no longer escapes.  This is a source of possible bugs, but is also a straightforward fix.

As to the lowering currently implemented, it’s debatable which is better.  Statepoints optimize constants, and unifies based on SDValue.  As a result, two IR level values of different types (with the same bit pattern) can end up sharing the same stackslot.  However, it suffers when trying to assign stack slots.  We currently use heuristics, but you can end up with ugly shuffling of values around on the stack across basic blocks.  (There’s a number of ways to improve that, but it’s not yet implemented.)  gc.root doesn’t suffer from this problem since stack slots are assigned by the frontend.

Since the stack spills and reloads are visible at the IR layer, gcroot gets the full ability of the optimizer to remove redundant reloads.  Statepoints only get to leverage the pieces in the backend.  In theory, this could result in materially worse spill/reload code for statepoints.  In practice, this appears not to matter much provided the same value is assigned to the same slot across both calls, but I don’t actually have much data here to say anything conclusively yet.

I haven’t tried to measure frame size for gc.root vs statepoints.  I suspect that statepoints may come out slightly ahead, but I doubt this is material.  There are also cases (see “easily derived pointers” above), where gc.root may come out ahead.

IR Level Optimization – Both gc.root and statepoints cripple optimization (by design!).  gcroot works better with inlining today, but statepoints could be easily enhanced to handle this case.  (The same work would benefit symbolic patchpoints.)

It is my belief that statepoints are easier to optimize (i.e. teach to LICM), but this is purely my guess with no real evidence.  Both suffer from the fact that calls must be marked readwrite.  Not having to reason about memory seems easier, but I’m open to other arguments here.

Community Support & Compatibility
From a practical perspective, statepoints have active users behind them.  We are interested in continuing to enhance and optimize them in the public tree.  The same support does not seem to exist for gcroot.

The implementation of statepoints is largely aligned with that of patchpoints.  The implementation of gcroot is completely separate and poorly understood by the majority of the community.

It wouldn’t be hard to write a translation pass from gcroot to statepoints or from statepoints to gcroot.  If folks are concerned about compatibility, this would be a reasonable option.  The largest challenge to transparently replacing one with the other is in generating the right output format.

Summary
To summarize, gcroot and statepoints are functionally equivalent (modulo possible bugs.)  In their current form, the two are largely comparable with each having some benefits.  Long term, we believe a statepoint representation will allow better code generation and IR level optimization of code with safepoints inserted.  We believe statepoints to be easier to optimize both at the IR level and backend.

Again, the late safepoint proposal is independent and could be done with either representation.  It’s currently implemented on statepoints, but it could be extended to gcroot without too much work.