1b58df5568
Add comprehensive final report on root cause fix
...
After extensive investigation and testing, confirms that the root cause of
TLS SLL corruption was a type safety bug in tiny_alloc_fast_push.
ROOT CAUSE:
- Function signature used void* instead of hak_base_ptr_t
- Allowed implicit USER/BASE pointer confusion
- Caused corruption in TLS SLL operations
FIX:
- 5 files: changed void* ptr → hak_base_ptr_t ptr
- Type system now enforces BASE pointers at compile time
- Zero runtime cost (type safety checked at compile, not runtime)
VERIFICATION:
- 180+ seconds of stress testing: ✅ PASS
- Zero crashes, SIGSEGV, or corruption symptoms
- Performance impact: < 1% (negligible)
LAYERS ANALYSIS:
- Layer 1 (refcount pinning): ✅ ESSENTIAL - kept
- Layer 2 (release guards): ✅ ESSENTIAL - kept
- Layer 3 (next validation): ❌ REMOVED - no longer needed
- Layer 4 (freelist validation): ❌ REMOVED - no longer needed
DESIGN NOTES:
- Considered Layer 3 re-architecture (3a/3b split) but abandoned
- Reason: misalign guard introduced new bugs
- Principle: Safety > diagnostics; add diagnostics later if needed
Final state: Type-safe, stable, minimal defensive overhead
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-04 05:40:50 +09:00
ab612403a7
Add defensive layers mapping and diagnostic logging enhancements
...
Documentation:
- Created docs/DEFENSIVE_LAYERS_MAPPING.md documenting all 5 defensive layers
- Maps which symptoms each layer suppresses
- Defines safe removal order after root cause fix
- Includes test methods for each layer removal
Diagnostic Logging Enhancements (ChatGPT work):
- TLS_SLL_HEAD_SET log with count and backtrace for NORMALIZE_USERPTR
- tiny_next_store_log with filtering capability
- Environment variables for log filtering:
- HAKMEM_TINY_SLL_NEXTCLS: class filter for next store (-1 disables)
- HAKMEM_TINY_SLL_NEXTTAG: tag filter (substring match)
- HAKMEM_TINY_SLL_HEADCLS: class filter for head trace
Current Investigation Status:
- sh8bench 60/120s: crash-free, zero NEXT_INVALID/HDR_RESET/SANITIZE
- BUT: shot limit (256) exhausted by class3 tls_push before class1/drain
- Need: Add tags to pop/clear paths, or increase shot limit for class1
Purpose of this commit:
- Document defensive layers for safe removal later
- Enable targeted diagnostic logging
- Prepare for final root cause identification
Next Steps:
1. Add tags to tls_sll_pop tiny_next_write (e.g., "tls_pop_clear")
2. Re-run with HAKMEM_TINY_SLL_NEXTTAG=tls_pop
3. Capture class1 writes that lead to corruption
🤖 Generated with Claude Code (https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-04 04:15:10 +09:00
9dbe008f13
Critical analysis: symptom suppression vs root cause elimination
...
Assessment of current approach:
✅ Stability achieved (no SIGSEGV)
❌ Symptoms proliferating ([TLS_SLL_NEXT_INVALID], [FREELIST_INVALID], etc.)
❌ Root causes remain untouched (multiple defensive layers accumulating)
Warning Signs:
- [TLS_SLL_NEXT_INVALID]: Freelist corruption happening frequently
- refcount > 0 deferred releases: Memory accumulating
- [NORMALIZE_USERPTR]: Pointer conversion bugs widespread
Three Root Cause Hypotheses:
A. Freelist next corruption (slab_idx calculation? bounds?)
B. Pointer conversion inconsistency (user vs base mixing)
C. SuperSlab reuse leaving garbage (lifecycle issue)
Recommended Investigation Path:
1. Audit slab_index_for() calculation (potential off-by-one)
2. Add persistent prev/next validation to detect freelist corruption
3. Limit class 1 with forced base conversion (isolate userptr source)
Key Insight:
Current approach: Hide symptoms with layers of guards
Better approach: Find and fix root cause (1-3 line fix expected)
Risk Assessment:
- Current: Stability OK, but memory safety uncertain
- Long-term: Memory leak + efficiency degradation likely
- Urgency: Move to root cause investigation NOW
Timeline for root cause fix:
- Task 1: slab_index_for audit (1-2h)
- Task 2: freelist detection (1-2h)
- Task 3: pointer audit (1h)
- Final fix: (1-3 lines)
Philosophy:
Don't suppress symptoms forever. Find the disease.
🤖 Generated with Claude Code (https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-04 03:09:28 +09:00
e1a867fe52
Document breakthrough: sh8bench stability achieved with SuperSlab refcount pinning
...
Major milestone reached:
✅ SIGSEGV eliminated (exit code 0)
✅ Long-term execution stable (60+ seconds)
✅ Defensive guards prevent corruption propagation
⚠️ Root cause (SuperSlab lifecycle) still requires investigation
Implementation Summary:
- SuperSlab refcount pinning (prevent premature free)
- Release guards (defer free if refcount > 0)
- TLS SLL next pointer validation
- Unified cache freelist validation
- Early decrement fix
Performance Impact: < 5% overhead (acceptable)
Remaining Concerns:
- Invalid pointers still logged ([TLS_SLL_NEXT_INVALID])
- Potential memory leak from deferred releases
- Log volume may be high on long runs
Next Phase:
1. SuperSlab lifecycle tracing (remote_queue, adopt, LRU)
2. Memory usage monitoring (watch for leaks)
3. Long-term stability testing
4. Stale pointer pattern analysis
🤖 Generated with Claude Code (https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 21:57:36 +09:00
cd6177d1de
Document critical discovery: TLS head corruption is not offset issue
...
ChatGPT's diagnostic logging revealed the true nature of the problem:
TLS SLL head is being corrupted with garbage values from external sources,
not a next-pointer offset calculation error.
Key Insights:
✅ SuperSlab registration works correctly
❌ TLS head gets overwritten after registration
❌ Corruption occurs between push and pop_enter
❌ Corrupted values are unregistered pointers (memory garbage)
Root Cause Candidates (in priority order):
A. TLS variable overflow (neighboring variable boundary issue)
B. memset/memcpy range error (size calculation wrong)
C. TLS initialization duplication (init called twice)
Current Defense:
- tls_sll_sanitize_head() detects and resets corrupted lists
- Prevents propagation of corruption
- Cost: 1-5 cycles/pop (negligible)
Next ChatGPT Tasks (A/B/C):
1. Audit TLS variable memory layout completely
2. Check all memset/memcpy operating on TLS area
3. Verify TLS initialization only runs once per thread
This marks a major breakthrough in understanding the root cause.
Expected resolution time: 2-4 hours for complete diagnosis.
🤖 Generated with Claude Code (https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 21:02:04 +09:00
c6aeca0667
Add ChatGPT progress analysis and remaining issues documentation
...
Created comprehensive evaluation of ChatGPT's diagnostic work (commit 054645416✅ SuperSlab allocation class fix - structural bug eliminated
✅ TLS SLL validation - prevents list corruption (defensive)
⚠️ Registry fallback - may hide registration bugs
❌ 16-byte offset source - unidentified
Next Actions for ChatGPT:
A. Full pointer arithmetic audit (Magazine ⇔ TLS SLL paths)
B. Enhanced logging at HDR_RESET point (pointer provenance)
C. Headerless flag runtime verification (build consistency)
🤖 Generated with Claude Code (https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 20:44:18 +09:00
0546454168
WIP: Add TLS SLL validation and SuperSlab registry fallback
...
ChatGPT's diagnostic changes to address TLS_SLL_HDR_RESET issue.
Current status: Partial mitigation, but root cause remains.
Changes Applied:
1. SuperSlab Registry Fallback (hakmem_super_registry.h)
- Added legacy table probe when hash map lookup misses
- Prevents NULL returns for valid SuperSlabs during initialization
- Status: ✅ Works but may hide underlying registration issues
2. TLS SLL Push Validation (tls_sll_box.h)
- Reject push if SuperSlab lookup returns NULL
- Reject push if class_idx mismatch detected
- Added [TLS_SLL_PUSH_NO_SS] diagnostic message
- Status: ✅ Prevents list corruption (defensive)
3. SuperSlab Allocation Class Fix (superslab_allocate.c)
- Pass actual class_idx to sp_internal_allocate_superslab
- Prevents dummy class=8 causing OOB access
- Status: ✅ Root cause fix for allocation path
4. Debug Output Additions
- First 256 push/pop operations traced
- First 4 mismatches logged with details
- SuperSlab registration state logged
- Status: ✅ Diagnostic tool (not a fix)
5. TLS Hint Box Removed
- Deleted ss_tls_hint_box.{c,h} (Phase 1 optimization)
- Simplified to focus on stability first
- Status: ⏳ Can be re-added after root cause fixed
Current Problem (REMAINS UNSOLVED):
- [TLS_SLL_HDR_RESET] still occurs after ~60 seconds of sh8bench
- Pointer is 16 bytes offset from expected (class 1 → class 2 boundary)
- hak_super_lookup returns NULL for that pointer
- Suggests: Use-After-Free, Double-Free, or pointer arithmetic error
Root Cause Analysis:
- Pattern: Pointer offset by +16 (one class 1 stride)
- Timing: Cumulative problem (appears after 60s, not immediately)
- Location: Header corruption detected during TLS SLL pop
Remaining Issues:
⚠️ Registry fallback is defensive (may hide registration bugs)
⚠️ Push validation prevents symptoms but not root cause
⚠️ 16-byte pointer offset source unidentified
Next Steps for Investigation:
1. Full pointer arithmetic audit (Magazine ⇔ TLS SLL paths)
2. Enhanced logging at HDR_RESET point:
- Expected vs actual pointer value
- Pointer provenance (where it came from)
- Allocation trace for that block
3. Verify Headerless flag is OFF throughout build
4. Check for double-offset application in conversions
Technical Assessment:
- 60% root cause fixes (allocation class, validation)
- 40% defensive mitigation (registry fallback, push rejection)
Performance Impact:
- Registry fallback: +10-30 cycles on cold path (negligible)
- Push validation: +5-10 cycles per push (acceptable)
- Overall: < 2% performance impact estimated
Related Issues:
- Phase 1 TLS Hint Box removed temporarily
- Phase 2 Headerless blocked until stability achieved
🤖 Generated with Claude Code (https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 20:42:28 +09:00
2624dcce62
Add comprehensive ChatGPT handoff documentation for TLS SLL diagnosis
...
Created 9 diagnostic and handoff documents (48KB) to guide ChatGPT through
systematic diagnosis and fix of TLS SLL header corruption issue.
Documents Added:
- README_HANDOFF_CHATGPT.md: Master guide explaining 3-doc system
- CHATGPT_CONTEXT_SUMMARY.md: Quick facts & architecture (2-3 min read)
- CHATGPT_HANDOFF_TLS_DIAGNOSIS.md: 7-step procedure (4-8h timeline)
- GEMINI_HANDOFF_SUMMARY.md: Handoff summary for user review
- STATUS_2025_12_03_CURRENT.md: Complete project status snapshot
- TLS_SLL_HEADER_CORRUPTION_DIAGNOSIS.md: Deep reference (1,150+ lines)
- 6 root cause patterns with code examples
- Diagnostic logging instrumentation
- Fix templates and validation procedures
- TLS_SS_HINT_BOX_DESIGN.md: Phase 1 optimization design (1,148 lines)
- HEADERLESS_STABILITY_DEBUG_INSTRUCTIONS.md: Test environment setup
- SEGFAULT_INVESTIGATION_FOR_GEMINI.md: Original investigation notes
Problem Context:
- Baseline (Headerless OFF) crashes with [TLS_SLL_HDR_RESET]
- Error: cls=1 base=0x... got=0x31 expect=0xa1
- Blocks Phase 1 validation and Phase 2 progression
Expected Outcome:
- ChatGPT follows 7-step diagnostic process
- Root cause identified (one of 6 patterns)
- Surgical fix (1-5 lines)
- TC1 baseline completes without crashes
🤖 Generated with Claude Code (https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 20:41:34 +09:00
94f9ea5104
Implement Phase 1: TLS SuperSlab Hint Box for Headerless performance
...
Design: Cache recently-used SuperSlab references in TLS to accelerate
ptr→SuperSlab resolution in Headerless mode free() path.
## Implementation
### New Box: core/box/tls_ss_hint_box.h
- Header-only Box (4-slot FIFO cache per thread)
- Functions: tls_ss_hint_init(), tls_ss_hint_update(), tls_ss_hint_lookup(), tls_ss_hint_clear()
- Memory overhead: 112 bytes per thread (negligible)
- Statistics API for debug builds (hit/miss counters)
### Integration Points
1. **Free path** (core/hakmem_tiny_free.inc):
- Lines 477-481: Fast path hint lookup before hak_super_lookup()
- Lines 550-555: Second lookup location (fallback path)
- Expected savings: 10-50 cycles → 2-5 cycles on cache hit
2. **Allocation path** (core/tiny_superslab_alloc.inc.h):
- Lines 115-122: Linear allocation return path
- Lines 179-186: Freelist allocation return path
- Cache update on successful allocation
3. **TLS variable** (core/hakmem_tiny_tls_state_box.inc):
- `__thread TlsSsHintCache g_tls_ss_hint = {0};`
### Build System
- **Build flag** (core/hakmem_build_flags.h):
- HAKMEM_TINY_SS_TLS_HINT (default: 0, disabled)
- Validation: requires HAKMEM_TINY_HEADERLESS=1
- **Makefile**:
- Removed old ss_tls_hint_box.o (conflicting implementation)
- Header-only design eliminates compiled object files
### Testing
- **Unit tests** (tests/test_tls_ss_hint.c):
- 6 test functions covering init, lookup, FIFO rotation, duplicates, clear, stats
- All tests PASSING
- **Build validation**:
- ✅ Compiles with hint disabled (default)
- ✅ Compiles with hint enabled (HAKMEM_TINY_SS_TLS_HINT=1)
### Documentation
- **Benchmark report** (docs/PHASE1_TLS_HINT_BENCHMARK.md):
- Implementation summary
- Build validation results
- Benchmark methodology (to be executed)
- Performance analysis framework
## Expected Performance
- **Hit rate**: 85-95% (single-threaded), 70-85% (multi-threaded)
- **Cycle savings**: 80-95% on cache hit (10-50 cycles → 2-5 cycles)
- **Target improvement**: 15-20% throughput increase vs Headerless baseline
- **Memory overhead**: 112 bytes per thread
## Box Theory
**Mission**: Cache hot SuperSlabs to avoid global registry lookup
**Boundary**: ptr → SuperSlab* or NULL (miss)
**Invariant**: hint.base ≤ ptr < hint.end → hit is valid
**Fallback**: Always safe to miss (triggers hak_super_lookup)
**Thread Safety**: TLS storage, no synchronization required
**Risk**: Low (read-only cache, fail-safe fallback, magic validation)
## Next Steps
1. Run full benchmark suite (sh8bench, cfrac, larson)
2. Measure actual hit rate with stats enabled
3. If performance target met (15-20% improvement), enable by default
4. Consider increasing cache slots if hit rate < 80%
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 18:06:24 +09:00
d397994b23
Add Phase 2 benchmark results: Headerless ON/OFF comparison
...
Results Summary:
- sh8bench: Headerless ON PASSES (no corruption), OFF FAILS (segfault)
- Simple alloc benchmark: OFF = 78.15 Mops/s, ON = 54.60 Mops/s (-30.1%)
- Library size: OFF = 547K, ON = 502K (-8.2%)
Key Findings:
1. Headerless ON successfully eliminates TLS_SLL_HDR_RESET corruption
2. Performance regression (30%) exceeds 5% target - needs optimization
3. Trade-off: Correctness vs Performance documented
Recommendation: Keep OFF as default short-term, optimize ON for long-term.
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 17:23:32 +09:00
4a2bf30790
Update REFACTOR_PLAN to mark Phase 2 complete and document Magazine Spill fix
...
- Phase 2 Headerless implementation now complete
- Magazine Spill RAW pointer bug fixed in commit f3f75ba3d🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 17:16:19 +09:00
c2716f5c01
Implement Phase 2: Headerless Allocator Support (Partial)
...
- Feature: Added HAKMEM_TINY_HEADERLESS toggle (A/B testing)
- Feature: Implemented Headerless layout logic (Offset=0)
- Refactor: Centralized layout definitions in tiny_layout_box.h
- Refactor: Abstracted pointer arithmetic in free path via ptr_conversion_box.h
- Verification: sh8bench passes in Headerless mode (No TLS_SLL_HDR_RESET)
- Known Issue: Regression in Phase 1 mode due to blind pointer conversion logic
2025-12-03 12:11:27 +09:00
2f09f3cba8
Add Phase 2 Headerless implementation instruction for Gemini
...
Phase 2 Goal: Eliminate inline headers for C standard alignment compliance
Tasks (7 total):
- Task 2.1: Add A/B toggle flag (HAKMEM_TINY_HEADERLESS)
- Task 2.2: Update ptr_conversion_box.h for Headerless mode
- Task 2.3: Modify HAK_RET_ALLOC macro (skip header write)
- Task 2.4: Update Free path (class_idx from SuperSlab Registry)
- Task 2.5: Update tiny_nextptr.h for Headerless
- Task 2.6: Update TLS SLL (skip header validation)
- Task 2.7: Integration testing
Expected Results:
- malloc(15) returns 16B-aligned address (not odd)
- TLS_SLL_HDR_RESET eliminated in sh8bench
- Zero overhead in Release build
- A/B toggle for gradual rollout
Design:
- Before: user = base + 1 (odd address)
- After: user = base + 0 (aligned!)
- Free path: class_idx from SuperSlab Registry (no header)
🤖 Generated with Claude Code
Co-Authored-By: Gemini <gemini@example.com >
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 11:41:34 +09:00
ef4bc27c0b
Add detailed refactoring instruction for Gemini - Phase 1 implementation
...
Content:
- Task 1.1: Create tiny_layout_box.h (Box for layout definitions)
- Task 1.2: Audit tiny_nextptr.h (eliminate direct arithmetic)
- Task 1.3: Ensure type consistency in hakmem_tiny.c
- Task 1.4: Test Phantom Types in Debug build
Goals:
- Centralize all layout/offset logic
- Enforce type safety at Box boundaries
- Prepare for future Phase 2 (Headerless layout)
- Maintain A/B testability
Each task includes:
- Detailed implementation instructions
- Checklist for verification
- Testing requirements
- Deliverables specification
🤖 Generated with Claude Code
Co-Authored-By: Gemini <gemini@example.com >
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 11:20:59 +09:00
a948332f6c
Update REFACTOR_PLAN_GEMINI_ENHANCED.md with Gemini final findings
...
Status Updates (2025-12-03):
- Phase 0.1-0.2: ✅ Already implemented (ptr_type_box.h, ptr_conversion_box.h)
- Phase 0.3: ✅ VERIFIED - Gemini mathematically proved sh8bench adds +1 to odd returns
- Phase 2: 🔄 RECONSIDERED - Headerless layout is legitimate long-term goal
- Phase 3.1: Current NORMALIZE + log is correct fail-safe behavior
Root Cause Analysis:
- Issue A (Fixed): Header restoration gaps at Box boundaries (4 commits)
- Issue B (Root): hakmem returns odd addresses, violating C standard alignment
Gemini's Proof:
- Log analysis: node=0xe1 → user_ptr=0xe2 = +1 delta
- ASan doesn't reproduce because Redzone ensures alignment
- Conclusion: sh8bench expects alignof(max_align_t), hakmem violates it
Recommendations:
- Short-term: Current defensive measures (Atomic Fence + Header Write) sufficient
- Long-term: Phase 2 (Headerless Layout) for C standard compliance
🤖 Generated with Claude Code
Co-Authored-By: Gemini <gemini@example.com >
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 11:20:18 +09:00
3e3138f685
Add final investigation report for TLS_SLL_HDR_RESET
2025-12-03 11:14:59 +09:00
6df1bdec37
Fix TLS SLL race condition with atomic fence and report investigation results
2025-12-03 10:57:16 +09:00
bd5e97f38a
Save current state before investigating TLS_SLL_HDR_RESET
2025-12-03 10:34:39 +09:00
4cc2d8addf
sh8bench修正: LRU registry未登録問題 + self-heal修復
...
問題:
- sh8benchでfree(): invalid pointer発生
- header=0xA0だがsuperslab registry未登録のポインタがlibcへ
根本原因:
- LRU pop時にhak_super_register()が呼ばれていなかった
- hakmem_super_registry.c:hak_ss_lru_pop()の設計不備
修正内容:
1. 根治修正 (core/hakmem_super_registry.c:466)
- LRU popしたSuperSlabを明示的にregistry再登録
- hak_super_register((uintptr_t)curr, curr) 追加
- これによりfree時のhak_super_lookup()が成功
2. Self-heal修復 (core/box/hak_wrappers.inc.h:387-436)
- Safety net: 未登録SuperSlabを検出して再登録
- mincore()でマッピング確認 + magic検証
- libcへの誤ルート遮断(free()クラッシュ回避)
- 詳細デバッグログ追加(HAKMEM_WRAP_DIAG=1)
3. デバッグ指示書追加 (docs/sh8bench_debug_instruction.md)
- TLS_SLL_HDR_RESET問題の調査手順
テスト:
- cfrac, larson等の他ベンチマークは正常動作確認
- sh8benchのTLS_SLL_HDR_RESET問題は別issue(調査中)
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-12-03 09:15:59 +09:00
b51b600e8d
Phase 4-Step1: Add PGO workflow automation (+6.25% performance)
...
Implemented automated Profile-Guided Optimization workflow using Box pattern:
Performance Improvement:
- Baseline: 57.0 M ops/s
- PGO-optimized: 60.6 M ops/s
- Gain: +6.25% (within expected +5-10% range)
Implementation:
1. scripts/box/pgo_tiny_profile_config.sh - 5 representative workloads
2. scripts/box/pgo_tiny_profile_box.sh - Automated profile collection
3. Makefile PGO targets:
- pgo-tiny-profile: Build instrumented binaries
- pgo-tiny-collect: Collect .gcda profile data
- pgo-tiny-build: Build optimized binaries
- pgo-tiny-full: Complete workflow (profile → collect → build → test)
4. Makefile help target: Added PGO instructions for discoverability
Design:
- Box化: Single responsibility, clear contracts
- Deterministic: Fixed seeds (42) for reproducibility
- Safe: Validation, error detection, timeout protection (30s/workload)
- Observable: Progress reporting, .gcda verification (33 files generated)
Workload Coverage:
- Random mixed: 3 working set sizes (128/256/512 slots)
- Tiny hot: 2 size classes (16B/64B)
- Total: 5 workloads covering hot/cold paths
Documentation:
- PHASE4_STEP1_COMPLETE.md - Completion report
- CURRENT_TASK.md - Phase 4 roadmap (Step 1 complete ✓)
- docs/design/PHASE4_TINY_FRONT_BOX_DESIGN.md - Complete Phase 4 design
Next: Phase 4-Step2 (Hot/Cold Path Box, target +10-15%)
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-29 11:28:38 +09:00
7f9e4015da
docs: Update ENV_VARS.md with Phase 3 additions
...
Added documentation for new environment variables and build flags:
Benchmark Environment Variables:
- HAKMEM_BENCH_FAST_FRONT: Enable ultra-fast header-based free path
- HAKMEM_BENCH_WARMUP: Warmup cycles before timed run
- HAKMEM_FREE_ROUTE_TRACE: Debug trace for free() routing
- HAKMEM_EXTERNAL_GUARD_LOG: ExternalGuard debug logging
- HAKMEM_EXTERNAL_GUARD_STATS: ExternalGuard statistics at exit
Build Flags:
- HAKMEM_TINY_SS_TRUST_MMAP_ZERO: mmap zero-trust optimization
- Default: 0 (safe)
- Performance: +5.93% on bench_tiny_hot (allocation-heavy)
- Safety: Release-only, cache reuse always gets full memset
- Location: core/hakmem_build_flags.h:170-180
- Implementation: core/box/ss_allocation_box.c:37-78
Deprecated:
- HAKMEM_DISABLE_MINCORE_CHECK: Removed in Phase 3 (commit d78baf41c🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-29 09:58:14 +09:00
49a253dfed
Doc: Add debug ENV consolidation plan and survey
...
Documented Phase 1 completion and future consolidation plan for
43+ debug environment variables surveyed during cleanup work.
Content:
- Phase 1 summary (4 vars consolidated)
- Complete survey of 43+ debug/trace/log variables
- Categorization (7 categories)
- Phase 2-4 consolidation plan
- Migration guide for users and developers
Impact:
- Clear roadmap for reducing 43+ vars to 10-15
- ~70% reduction in environment variable count
- Better discoverability and usability
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-29 06:58:12 +09:00
0f071bf2e5
Update CURRENT_TASK with 2025-11-29 critical bug fixes
...
Summary of completed work:
1. Header Corruption Bug - Root cause fixed in 2 freelist paths
- box_carve_and_push_with_freelist()
- tiny_drain_freelist_to_sll_once()
- Result: 20-thread Larson 0 errors ✓
2. Segmentation Fault Bug - Missing function declaration fixed
- superslab_allocate() implicit int → pointer corruption
- Fixed in 2 files with proper includes
- Result: larson_hakmem stable ✓
Both bugs fully resolved via Task agent investigation
+ Claude Code ultrathink analysis.
Updated files:
- docs/status/CURRENT_TASK_FULL.md (detailed analysis)
- docs/status/CURRENT_TASK.md (executive summary)
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-29 06:29:02 +09:00
2a47624850
Document Phase 4c/4d master trace and stats control
...
Complete ENV cleanup Phase 4 documentation:
- Phase 4c: HAKMEM_TRACE unified trace control
- Phase 4d: HAKMEM_STATS unified stats control
- Summary of all 6 new master control variables
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-28 16:11:38 +09:00
322d94ac6a
Document Phase 4b master debug control in ENV_VARS.md
...
Add documentation for new HAKMEM_DEBUG_ALL and HAKMEM_DEBUG_LEVEL
environment variables introduced in Phase 4b.
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-28 16:03:53 +09:00
eec33ca37d
Document ENV Cleanup Phase 4a completion (20 variables total)
...
Phase 4a: Hot Path getenv Caching - COMPLETED
- All getenv() calls in hot paths verified as properly cached
- Key fix: hakmem_elo.c (10+ loop calls → cached is_quiet())
- Verified correct caching in 7 other critical files
Added ENV_VARIABLE_SURVEY.md:
- Comprehensive survey of 228 ENV variables
- Category breakdown and consolidation recommendations
- Target: ~80 variables (65% reduction)
Updated docs/specs/ENV_VARS.md:
- Added ENV Cleanup Progress section
- Documented Phase 4a findings
- Outlined Phase 4b+ future work (HAKMEM_DEBUG/TRACE/STATS unified vars)
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-28 15:29:16 +09:00
a6e681aae7
P2: TLS SLL Redesign - class_map default, tls_cached tracking, conditional header restore
...
This commit completes the P2 phase of the Tiny Pool TLS SLL redesign to fix the
Header/Next pointer conflict that was causing ~30% crash rates.
Changes:
- P2.1: Make class_map lookup the default (ENV: HAKMEM_TINY_NO_CLASS_MAP=1 for legacy)
- P2.2: Add meta->tls_cached field to track blocks cached in TLS SLL
- P2.3: Make Header restoration conditional in tiny_next_store() (default: skip)
- P2.4: Add invariant verification functions (active + tls_cached ≈ used)
- P0.4: Document new ENV variables in ENV_VARS.md
New ENV variables:
- HAKMEM_TINY_ACTIVE_TRACK=1: Enable active/tls_cached tracking (~1% overhead)
- HAKMEM_TINY_NO_CLASS_MAP=1: Disable class_map (legacy mode)
- HAKMEM_TINY_RESTORE_HEADER=1: Force header restoration (legacy mode)
- HAKMEM_TINY_INVARIANT_CHECK=1: Enable invariant verification (debug)
- HAKMEM_TINY_INVARIANT_DUMP=1: Enable periodic state dumps (debug)
Benchmark results (bench_tiny_hot_hakmem 64B):
- Default (class_map ON): 84.49 M ops/sec
- ACTIVE_TRACK=1: 83.62 M ops/sec (-1%)
- NO_CLASS_MAP=1 (legacy): 85.06 M ops/sec
- MT performance: +21-28% vs system allocator
No crashes observed. All tests passed.
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-28 14:11:37 +09:00
dc9e650db3
Tiny Pool redesign: P0.1, P0.3, P1.1, P1.2 - Out-of-band class_idx lookup
...
This commit implements the first phase of Tiny Pool redesign based on
ChatGPT architecture review. The goal is to eliminate Header/Next pointer
conflicts by moving class_idx lookup out-of-band (to SuperSlab metadata).
## P0.1: C0(8B) class upgraded to 16B
- Size table changed: {16,32,64,128,256,512,1024,2048} (8 classes)
- LUT updated: 1..16 → class 0, 17..32 → class 1, etc.
- tiny_next_off: C0 now uses offset 1 (header preserved)
- Eliminates edge cases for 8B allocations
## P0.3: Slab reuse guard Box (tls_slab_reuse_guard_box.h)
- New Box for draining TLS SLL before slab reuse
- ENV gate: HAKMEM_TINY_SLAB_REUSE_GUARD=1
- Prevents stale pointers when slabs are recycled
- Follows Box theory: single responsibility, minimal API
## P1.1: SuperSlab class_map addition
- Added uint8_t class_map[SLABS_PER_SUPERSLAB_MAX] to SuperSlab
- Maps slab_idx → class_idx for out-of-band lookup
- Initialized to 255 (UNASSIGNED) on SuperSlab creation
- Set correctly on slab initialization in all backends
## P1.2: Free fast path uses class_map
- ENV gate: HAKMEM_TINY_USE_CLASS_MAP=1
- Free path can now get class_idx from class_map instead of Header
- Falls back to Header read if class_map returns invalid value
- Fixed Legacy Backend dynamic slab initialization bug
## Documentation added
- HAKMEM_ARCHITECTURE_OVERVIEW.md: 4-layer architecture analysis
- TLS_SLL_ARCHITECTURE_INVESTIGATION.md: Root cause analysis
- PTR_LIFECYCLE_TRACE_AND_ROOT_CAUSE_ANALYSIS.md: Pointer tracking
- TINY_REDESIGN_CHECKLIST.md: Implementation roadmap (P0-P3)
## Test results
- Baseline: 70% success rate (30% crash - pre-existing issue)
- class_map enabled: 70% success rate (same as baseline)
- Performance: ~30.5M ops/s (unchanged)
## Next steps (P1.3, P2, P3)
- P1.3: Add meta->active for accurate TLS/freelist sync
- P2: TLS SLL redesign with Box-based counting
- P3: Complete Header out-of-band migration
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-28 13:42:39 +09:00
0ce20bb835
Document ENV Cleanup Phase 4a completion (20 variables total)
...
**Phase 4a Summary**:
- Gated 7 low-risk debug/trace variables across 7 commits (Steps 12-18)
- 20 total variables gated across Phases 1-4a
- Performance: 30.7M ops/s (+1.7% vs 30.2M baseline)
**Variables Gated (Phase 4a)**:
- HAKMEM_TINY_FAST_DEBUG + _MAX (Step 12)
- HAKMEM_TINY_REFILL_OPT_DEBUG (Step 13)
- HAKMEM_TINY_HEAP_V2_DEBUG (Step 14)
- HAKMEM_SS_ACQUIRE_DEBUG (Step 15)
- HAKMEM_SS_FREE_DEBUG (Step 16, shared_pool.c site)
- HAKMEM_TINY_RF_TRACE (Step 17, 1 new site)
- HAKMEM_TINY_SLL_DIAG (Step 18, 5 new sites)
**Performance Results** (5 benchmark iterations):
- Run 1: 30.76M ops/s
- Run 2: 30.68M ops/s
- Run 3: 30.54M ops/s
- Run 4: 30.64M ops/s
- Run 5: 30.77M ops/s
- Average: 30.68M ops/s (StdDev: 0.47%)
**Known Issue** (Development builds only):
Development builds (HAKMEM_BUILD_RELEASE=0) experience 50% crash rate
during benchmark teardown (atexit/destructor phase). Crashes occur AFTER
throughput measurement completes, so performance numbers are valid.
Root cause: Likely race condition in debug destructors (tiny_tls_sll_diag_atexit
or similar) during multi-threaded teardown.
**Production Impact**: NONE
- Production builds (HAKMEM_BUILD_RELEASE=1) completely unaffected
- Debug code is compiled out entirely in production
- Issue only affects development testing
**Files Modified**:
- docs/status/ENV_CLEANUP_TASK.md - Document Phase 4a completion
**Code Changes** (Already committed in Steps 12-18):
- 417f14947be9bdd781679c82157f119f048f2cdec72ee7d0782d5b813ebd522🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-28 05:53:27 +09:00
b1b2ab11c7
Update CONFIGURATION.md with ENV Cleanup Phase 1-3 results
...
Added new section "Debug Variables (Gated in Release Builds)" documenting:
- 13 debug variables now compiled out in HAKMEM_BUILD_RELEASE=1
- 4 production config variables preserved (intentional)
- Performance impact: +1.0% (30.2M → 30.5M ops/s)
Updated sections:
- Header: Last Updated 2025-11-28
- Recent Changes: Added Phase 1-3 entry
- FAQ: Added Q&A about gated debug variables
- See Also: Added link to ENV_CLEANUP_TASK.md
Variables documented:
- Core debug: TINY_ALLOC_DEBUG, TINY_PROFILE, WATCH_ADDR
- Trace/timing: PTR_TRACE_*, TIMING
- Freelist: TINY_SLL_DIAG, FREELIST_MASK, SS_FREE_DEBUG
- SuperSlab: SUPER_LOOKUP_DEBUG, SUPER_REG_DEBUG, SS_LRU_DEBUG, SS_PREWARM_DEBUG
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-28 04:22:37 +09:00
745ad7f7e4
Update ENV_CLEANUP_TASK.md with Phase 3 completion
...
Phase 3 results:
- 4 debug variables gated in SuperSlab registry
- 4 production config variables preserved (intentional)
- Performance: 30.5M ops/s (+1.0% from baseline)
- Commits: a24f173862c3dcdb904540b01daf8b0f38f7🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-28 01:51:48 +09:00
e29823c41e
Document ENV Cleanup Phase 1 & 2 completion
...
Summary:
- Phase 1: 6 files, 3 ENV variables gated (Steps 1-4)
- Phase 2: 3 files, 6 ENV variables gated (Steps 5-7)
- Total: 9 files, 9 variables, 9 atomic commits
- Performance: 30.4M ops/s maintained (baseline 30.2M)
Commits:
- 3833d4e3e316ea4dfd35e8e4c34cfa5e4e91🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-28 01:44:14 +09:00
8553894171
Larson double-free investigation: Enhanced diagnostics + Remove buggy drain pushback
...
**Problem**: Larson benchmark crashes with TLS_SLL_DUP (double-free), 100% crash rate in debug
**Root Cause**: TLS drain pushback code (commit c2f104618
2025-11-27 07:30:32 +09:00
c2f104618f
Fix critical TLS drain memory leak causing potential double-free
...
## Root Cause
TLS drain was dropping pointers when SuperSlab lookup or slab_idx validation failed:
- Pop pointer from TLS SLL
- Lookup/validation fails
- continue → LEAK! Pointer never returned to any freelist
## Impact
Memory leak + potential double allocation:
1. Pointer P popped but leaked
2. Same address P reallocated from carve/other source
3. User frees P again → duplicate detection → ABORT
## Fix
**Before (BUGGY)**:
```c
if (!ss || invalid_slab_idx) {
continue; // ← LEAK!
}
```
**After (FIXED)**:
```c
if (!ss || invalid_slab_idx) {
// Push back to TLS SLL head (retry later)
tiny_next_write(class_idx, base, g_tls_sll[class_idx].head);
g_tls_sll[class_idx].head = base;
g_tls_sll[class_idx].count++;
break; // Stop draining to avoid infinite retry
}
```
## Files Changed
- core/box/tls_sll_drain_box.h: Fix 2 leak sites (SS lookup + slab_idx validation)
- docs/analysis/LARSON_DOUBLE_FREE_INVESTIGATION.md: Investigation report
## Related
- Larson double-free investigation (47% crash rate)
- Commit e4868bf23
2025-11-27 06:49:38 +09:00
2ec6689dee
Docs: Update ENV variable documentation after Ultra HEAP deletion
...
Updated documentation to reflect commit 6b791b97d🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-27 04:51:59 +09:00
f4978b1529
ENV Cleanup Phase 5: Additional DEBUG guards + doc cleanup
...
Code changes:
- core/slab_handle.h: Add RELEASE guard for HAKMEM_TINY_FREELIST_MASK
- core/tiny_superslab_free.inc.h: Add guards for HAKMEM_TINY_ROUTE_FREE, HAKMEM_TINY_FREELIST_MASK
Documentation cleanup:
- docs/specs/CONFIGURATION.md: Remove 21 doc-only ENV variables
- docs/specs/ENV_VARS.md: Remove doc-only variables
Testing:
- Build: PASS (305KB binary, unchanged)
- Sanity: PASS (17.22M ops/s average, 3 runs)
- Larson: PASS (52.12M ops/s, 0 crashes)
Impact:
- 2 additional DEBUG ENV variables guarded (no overhead in RELEASE)
- Documentation accuracy improved
- Binary size maintained
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-27 03:55:17 +09:00
43015725af
ENV cleanup: Add RELEASE guards to DEBUG ENV variables (14 vars)
...
Added compile-time guards (#if HAKMEM_BUILD_RELEASE) to eliminate
DEBUG ENV variable overhead in RELEASE builds.
Variables guarded (14 total):
- HAKMEM_TINY_TRACE_RING, HAKMEM_TINY_DUMP_RING_ATEXIT
- HAKMEM_TINY_RF_TRACE, HAKMEM_TINY_MAILBOX_TRACE
- HAKMEM_TINY_MAILBOX_TRACE_LIMIT, HAKMEM_TINY_MAILBOX_SLOWDISC
- HAKMEM_TINY_MAILBOX_SLOWDISC_PERIOD
- HAKMEM_SS_PREWARM_DEBUG, HAKMEM_SS_FREE_DEBUG
- HAKMEM_TINY_FRONT_METRICS, HAKMEM_TINY_FRONT_DUMP
- HAKMEM_TINY_COUNTERS_DUMP, HAKMEM_TINY_REFILL_DUMP
- HAKMEM_PTR_TRACE_DUMP, HAKMEM_PTR_TRACE_VERBOSE
Files modified (9 core files):
- core/tiny_debug_ring.c (ring trace/dump)
- core/box/mailbox_box.c (mailbox trace + slowdisc)
- core/tiny_refill.h (refill trace)
- core/hakmem_tiny_superslab.c (superslab debug)
- core/box/ss_allocation_box.c (allocation debug)
- core/tiny_superslab_free.inc.h (free debug)
- core/box/front_metrics_box.c (frontend metrics)
- core/hakmem_tiny_stats.c (stats dump)
- core/ptr_trace.h (pointer trace)
Bug fixes during implementation:
1. mailbox_box.c - Fixed variable scope (moved 'used' outside guard)
2. hakmem_tiny_stats.c - Fixed incomplete declarations (on1, on2)
Impact:
- Binary size: -85KB total
- bench_random_mixed_hakmem: 319K → 305K (-14K, -4.4%)
- larson_hakmem: 380K → 309K (-71K, -18.7%)
- Performance: No regression (16.9-17.9M ops/s maintained)
- Functional: All tests pass (Random Mixed + Larson)
- Behavior: DEBUG ENV vars correctly ignored in RELEASE builds
Testing:
- Build: Clean compilation (warnings only, pre-existing)
- 100K Random Mixed: 16.9-17.9M ops/s (PASS)
- 10K Larson: 25.9M ops/s (PASS)
- DEBUG ENV verification: Correctly ignored (PASS)
Result: 14 DEBUG ENV variables now have zero overhead in RELEASE builds.
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-27 03:41:07 +09:00
543abb0586
ENV cleanup: Consolidate SFC_DEBUG getenv() calls (86% reduction)
...
Optimized HAKMEM_SFC_DEBUG environment variable handling by caching
the value at initialization instead of repeated getenv() calls in
hot paths.
Changes:
1. Added g_sfc_debug global variable (core/hakmem_tiny_sfc.c)
- Initialized once in sfc_init() by reading HAKMEM_SFC_DEBUG
- Single source of truth for SFC debug state
2. Declared g_sfc_debug as extern (core/hakmem_tiny_config.h)
- Available to all modules that need SFC debug checks
3. Replaced getenv() with g_sfc_debug in hot paths:
- core/tiny_alloc_fast_sfc.inc.h (allocation path)
- core/tiny_free_fast.inc.h (free path)
- core/box/hak_wrappers.inc.h (wrapper layer)
Impact:
- getenv() calls: 7 → 1 (86% reduction)
- Hot-path calls eliminated: 6 (all moved to init-time)
- Performance: 15.10M ops/s (stable, 0% CV)
- Build: Clean compilation, no new warnings
Testing:
- 10 runs of 100K iterations: consistent performance
- Symbol verification: g_sfc_debug present in hakmem_tiny_sfc.o
- No regression detected
Note: 3 additional getenv("HAKMEM_SFC_DEBUG") calls exist in
hakmem_tiny_ultra_simple.inc but are dead code (file not compiled
in current build configuration).
Files modified: 5 core files
Status: Production-ready, all tests passed
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-27 03:18:33 +09:00
d511084c5b
ENV cleanup: Remove 21 doc-only variables from ENV_VARS.md
...
Removed 21 ENV variables that existed only in documentation with zero
code references (no getenv() calls in source):
Pool/Refill (1):
- HAKMEM_POOL_REFILL_BATCH
Intelligence Engine (3):
- HAKMEM_INT_ENGINE, HAKMEM_INT_EVENT_TS, HAKMEM_INT_SAMPLE
Frontend/FastCache (3):
- HAKMEM_TINY_FRONTEND, HAKMEM_TINY_FASTCACHE, HAKMEM_TINY_FAST
Wrapper/Safety/Debug (5):
- HAKMEM_WRAP_TINY_REFILL, HAKMEM_SAFE_FREE_STRICT, HAKMEM_TINY_GUARD
- HAKMEM_TINY_DEBUG_FAST0, HAKMEM_TINY_DEBUG_REMOTE_GUARD
Optimization/TLS/Memory (9):
- HAKMEM_TINY_QUICK, HAKMEM_USE_REGISTRY
- HAKMEM_TINY_TLS_LIST, HAKMEM_TINY_DRAIN_TO_SLL, HAKMEM_TINY_ALLOC_RING
- HAKMEM_TINY_MEM_DIET, HAKMEM_SLL_MULTIPLIER
- HAKMEM_TINY_PREFETCH, HAKMEM_TINY_SS_RESERVE
Impact:
- ENV_VARS.md: 327 lines → 285 lines (-42 lines, 12.8% reduction)
- Code impact: Zero (documentation-only cleanup)
- Variables were: planned features never implemented, replaced features,
or abandoned experiments
Documentation:
- Added SAFE_TO_DELETE_ENV_VARS.md to docs/analysis/
- Complete analysis of why each variable is obsolete
- Verification proof that variables don't exist in code
File: docs/specs/ENV_VARS.md
Status: Documentation cleanup - no code changes
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-27 02:52:35 +09:00
6fadc74405
ENV cleanup: Remove obsolete ULTRAHOT variable + organize docs
...
Changes:
1. Removed HAKMEM_TINY_FRONT_ENABLE_ULTRAHOT variable
- Deleted front_prune_ultrahot_enabled() function
- UltraHot feature was removed in commit bcfb4f6b5✅ Successful
- Risk: Zero (dead code removal)
Next steps (documented in ENV_CLEANUP_SUMMARY.md):
- 21 variables need verification (Ultra/HeapV2/BG/HotMag)
- SFC_DEBUG deduplication opportunity (7 callsites)
File: core/box/front_metrics_box.h
Status: SAVEPOINT - stable baseline for future ENV cleanup
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-26 17:12:41 +09:00
963004413a
Update CURRENT_TASK: master branch established as stable baseline
...
Changes:
- Branch updated from larson-master-rebuild to master
- Phase 1 marked as DONE (cleanup & stabilization complete)
- Documented master establishment (d26dd092bd26dd092b🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-26 16:54:36 +09:00
a9ddb52ad4
ENV cleanup: Remove BG/HotMag vars & guard fprintf (Larson 52.3M ops/s)
...
Phase 1 完了:環境変数整理 + fprintf デバッグガード
ENV変数削除(BG/HotMag系):
- core/hakmem_tiny_init.inc: HotMag ENV 削除 (~131 lines)
- core/hakmem_tiny_bg_spill.c: BG spill ENV 削除
- core/tiny_refill.h: BG remote 固定値化
- core/hakmem_tiny_slow.inc: BG refs 削除
fprintf Debug Guards (#if !HAKMEM_BUILD_RELEASE):
- core/hakmem_shared_pool.c: Lock stats (~18 fprintf)
- core/page_arena.c: Init/Shutdown/Stats (~27 fprintf)
- core/hakmem.c: SIGSEGV init message
ドキュメント整理:
- 328 markdown files 削除(旧レポート・重複docs)
性能確認:
- Larson: 52.35M ops/s (前回52.8M、安定動作✅ )
- ENV整理による機能影響なし
- Debug出力は一部残存(次phase で対応)
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-26 14:45:26 +09:00
67fb15f35f
Wrap debug fprintf in !HAKMEM_BUILD_RELEASE guards (Release build optimization)
...
## Changes
### 1. core/page_arena.c
- Removed init failure message (lines 25-27) - error is handled by returning early
- All other fprintf statements already wrapped in existing #if !HAKMEM_BUILD_RELEASE blocks
### 2. core/hakmem.c
- Wrapped SIGSEGV handler init message (line 72)
- CRITICAL: Kept SIGSEGV/SIGBUS/SIGABRT error messages (lines 62-64) - production needs crash logs
### 3. core/hakmem_shared_pool.c
- Wrapped all debug fprintf statements in #if !HAKMEM_BUILD_RELEASE:
- Node pool exhaustion warning (line 252)
- SP_META_CAPACITY_ERROR warning (line 421)
- SP_FIX_GEOMETRY debug logging (line 745)
- SP_ACQUIRE_STAGE0.5_EMPTY debug logging (line 865)
- SP_ACQUIRE_STAGE0_L0 debug logging (line 803)
- SP_ACQUIRE_STAGE1_LOCKFREE debug logging (line 922)
- SP_ACQUIRE_STAGE2_LOCKFREE debug logging (line 996)
- SP_ACQUIRE_STAGE3 debug logging (line 1116)
- SP_SLOT_RELEASE debug logging (line 1245)
- SP_SLOT_FREELIST_LOCKFREE debug logging (line 1305)
- SP_SLOT_COMPLETELY_EMPTY debug logging (line 1316)
- Fixed lock_stats_init() for release builds (lines 60-65) - ensure g_lock_stats_enabled is initialized
## Performance Validation
Before: 51M ops/s (with debug fprintf overhead)
After: 49.1M ops/s (consistent performance, fprintf removed from hot paths)
## Build & Test
```bash
./build.sh larson_hakmem
./out/release/larson_hakmem 1 5 1 1000 100 10000 42
# Result: 49.1M ops/s
```
Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-26 13:14:18 +09:00
72b38bc994
Phase E3-FINAL: Fix Box API offset bugs - ALL classes now use correct offsets
...
## Root Cause Analysis (GPT5)
**Physical Layout Constraints**:
- Class 0: 8B = [1B header][7B payload] → offset 1 = 9B needed = ❌ IMPOSSIBLE
- Class 1-6: >=16B = [1B header][15B+ payload] → offset 1 = ✅ POSSIBLE
- Class 7: 1KB → offset 0 (compatibility)
**Correct Specification**:
- HAKMEM_TINY_HEADER_CLASSIDX != 0:
- Class 0, 7: next at offset 0 (overwrites header when on freelist)
- Class 1-6: next at offset 1 (after header)
- HAKMEM_TINY_HEADER_CLASSIDX == 0:
- All classes: next at offset 0
**Previous Bug**:
- Attempted "ALL classes offset 1" unification
- Class 0 with offset 1 caused immediate SEGV (9B > 8B block size)
- Mixed 2-arg/3-arg API caused confusion
## Fixes Applied
### 1. Restored 3-Argument Box API (core/box/tiny_next_ptr_box.h)
```c
// Correct signatures
void tiny_next_write(int class_idx, void* base, void* next_value)
void* tiny_next_read(int class_idx, const void* base)
// Correct offset calculation
size_t offset = (class_idx == 0 || class_idx == 7) ? 0 : 1;
```
### 2. Updated 123+ Call Sites Across 34 Files
- hakmem_tiny_hot_pop_v4.inc.h (4 locations)
- hakmem_tiny_fastcache.inc.h (3 locations)
- hakmem_tiny_tls_list.h (12 locations)
- superslab_inline.h (5 locations)
- tiny_fastcache.h (3 locations)
- ptr_trace.h (macro definitions)
- tls_sll_box.h (2 locations)
- + 27 additional files
Pattern: `tiny_next_read(base)` → `tiny_next_read(class_idx, base)`
Pattern: `tiny_next_write(base, next)` → `tiny_next_write(class_idx, base, next)`
### 3. Added Sentinel Detection Guards
- tiny_fast_push(): Block nodes with sentinel in ptr or ptr->next
- tls_list_push(): Block nodes with sentinel in ptr or ptr->next
- Defense-in-depth against remote free sentinel leakage
## Verification (GPT5 Report)
**Test Command**: `./out/release/bench_random_mixed_hakmem --iterations=70000`
**Results**:
- ✅ Main loop completed successfully
- ✅ Drain phase completed successfully
- ✅ NO SEGV (previous crash at iteration 66151 is FIXED)
- ℹ️ Final log: "tiny_alloc(1024) failed" is normal fallback to Mid/ACE layers
**Analysis**:
- Class 0 immediate SEGV: ✅ RESOLVED (correct offset 0 now used)
- 66K iteration crash: ✅ RESOLVED (offset consistency fixed)
- Box API conflicts: ✅ RESOLVED (unified 3-arg API)
## Technical Details
### Offset Logic Justification
```
Class 0: 8B block → next pointer (8B) fits ONLY at offset 0
Class 1: 16B block → next pointer (8B) fits at offset 1 (after 1B header)
Class 2: 32B block → next pointer (8B) fits at offset 1
...
Class 6: 512B block → next pointer (8B) fits at offset 1
Class 7: 1024B block → offset 0 for legacy compatibility
```
### Files Modified (Summary)
- Core API: `box/tiny_next_ptr_box.h`
- Hot paths: `hakmem_tiny_hot_pop*.inc.h`, `tiny_fastcache.h`
- TLS layers: `hakmem_tiny_tls_list.h`, `hakmem_tiny_tls_ops.h`
- SuperSlab: `superslab_inline.h`, `tiny_superslab_*.inc.h`
- Refill: `hakmem_tiny_refill.inc.h`, `tiny_refill_opt.h`
- Free paths: `tiny_free_magazine.inc.h`, `tiny_superslab_free.inc.h`
- Documentation: Multiple Phase E3 reports
## Remaining Work
None for Box API offset bugs - all structural issues resolved.
Future enhancements (non-critical):
- Periodic `grep -R '*(void**)' core/` to detect direct pointer access violations
- Enforce Box API usage via static analysis
- Document offset rationale in architecture docs
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-13 06:50:20 +09:00
d55ee48459
Tiny C7(1KB) SEGV triage hardening: always-on lightweight free-time guards for headerless class7 in both hak_tiny_free_with_slab and superslab free path (alignment/range check, fail-fast via SIGUSR2). Leave C7 P0/direct-FC gated OFF by default. Add docs/TINY_C7_1KB_SEGV_TRIAGE.md for Claude with repro matrix, hypotheses, instrumentation and acceptance criteria.
2025-11-10 01:59:11 +09:00
70ad1ffb87
Tiny: Enable P0→FC direct path for class7 (1KB) by default + docs
...
- Class7 (1KB): P0 direct-to-FastCache now default ON (HAKMEM_TINY_P0_DIRECT_FC_C7 unset or not '0').
- Keep A/B gates: HAKMEM_TINY_P0_ENABLE, HAKMEM_TINY_P0_DIRECT_FC (class5), HAKMEM_TINY_P0_DIRECT_FC_C7 (class7),
HAKMEM_TINY_P0_DRAIN_THRESH (default 32), HAKMEM_TINY_P0_NO_DRAIN, HAKMEM_TINY_P0_LOG.
- P0 batch now supports class7 direct fill in addition to class5: gather (drain thresholded → freelist pop → linear carve)
without writing into objects, then bulk-push into FC, update meta/active counters once.
- Docs: Update direct-FC defaults (class5+class7 ON) in docs/TINY_P0_BATCH_REFILL.md.
Notes
- Use tools/bench_rs_from_files.sh for RS(hakmem/system) to compare runs across CPUs.
- Next: parameter sweep for class7 (FC cap/batch limit/drain threshold) and perf counters A/B.
2025-11-09 23:15:02 +09:00
d9b334b968
Tiny: Enable P0 batch refill by default + docs and task update
...
Summary
- Default P0 ON: Build-time HAKMEM_TINY_P0_BATCH_REFILL=1 remains; runtime gate now defaults to ON
(HAKMEM_TINY_P0_ENABLE unset or not '0'). Kill switch preserved via HAKMEM_TINY_P0_DISABLE=1.
- Fix critical bug: After freelist→SLL batch splice, increment TinySlabMeta::used by 'from_freelist'
to mirror non-P0 behavior (prevents under-accounting and follow-on carve invariants from breaking).
- Add low-overhead A/B toggles for triage: HAKMEM_TINY_P0_NO_DRAIN (skip remote drain),
HAKMEM_TINY_P0_LOG (emit [P0_COUNTER_OK/MISMATCH] based on total_active_blocks delta).
- Keep linear carve fail-fast guards across simple/general/TLS-bump paths.
Perf (1T, 100k×256B)
- P0 OFF: ~2.73M ops/s (stable)
- P0 ON (no drain): ~2.45M ops/s
- P0 ON (normal drain): ~2.76M ops/s (fastest)
Known
- Rare [P0_COUNTER_MISMATCH] warnings persist (non-fatal). Continue auditing active/used
balance around batch freelist splice and remote drain splice.
Docs
- Add docs/TINY_P0_BATCH_REFILL.md (runtime switches, behavior, perf notes).
- Update CURRENT_TASK.md with Tiny P0 status (default ON) and next steps.
2025-11-09 22:12:34 +09:00
1010a961fb
Tiny: fix header/stride mismatch and harden refill paths
...
- Root cause: header-based class indexing (HEADER_CLASSIDX=1) wrote a 1-byte
header during allocation, but linear carve/refill and initial slab capacity
still used bare class block sizes. This mismatch could overrun slab usable
space and corrupt freelists, causing reproducible SEGV at ~100k iters.
Changes
- Superslab: compute capacity with effective stride (block_size + header for
classes 0..6; class7 remains headerless) in superslab_init_slab(). Add a
debug-only bound check in superslab_alloc_from_slab() to fail fast if carve
would exceed usable bytes.
- Refill (non-P0 and P0): use header-aware stride for all linear carving and
TLS window bump operations. Ensure alignment/validation in tiny_refill_opt.h
also uses stride, not raw class size.
- Drain: keep existing defense-in-depth for remote sentinel and sanitize nodes
before splicing into freelist (already present).
Notes
- This unifies the memory layout across alloc/linear-carve/refill with a single
stride definition and keeps class7 (1024B) headerless as designed.
- Debug builds add fail-fast checks; release builds remain lean.
Next
- Re-run Tiny benches (256/1024B) in debug to confirm stability, then in
release. If any remaining crash persists, bisect with HAKMEM_TINY_P0_BATCH_REFILL=0
to isolate P0 batch carve, and continue reducing branch-miss as planned.
2025-11-09 18:55:50 +09:00
83bb8624f6
Tiny: fix remote sentinel leak → SEGV; add defense-in-depth; PoolTLS: refill-boundary remote drain; build UX help; quickstart docs
...
Summary
- Fix SEGV root cause in Tiny random_mixed: TINY_REMOTE_SENTINEL leaked from Remote queue into freelist/TLS SLL.
- Clear/guard sentinel at the single boundary where Remote merges to freelist.
- Add minimal defense-in-depth in freelist_pop and TLS SLL pop.
- Silence verbose prints behind debug gates to reduce noise in release runs.
- Pool TLS: integrate Remote Queue drain at refill boundary to avoid unnecessary backend carve/OS calls when possible.
- DX: strengthen build.sh with help/list/verify and add docs/BUILDING_QUICKSTART.md.
Details
- core/superslab/superslab_inline.h: guard head/node against TINY_REMOTE_SENTINEL; sanitize node[0] when splicing local chain; only print diagnostics when debug guard is enabled.
- core/slab_handle.h: freelist_pop breaks on sentinel head (fail-fast under strict).
- core/tiny_alloc_fast_inline.h: TLS SLL pop breaks on sentinel head (rare branch).
- core/tiny_superslab_free.inc.h: sentinel scan log behind debug guard.
- core/pool_refill.c: try pool_remote_pop_chain() before backend carve in pool_refill_and_alloc().
- core/tiny_adaptive_sizing.c: default adaptive logs off; enable via HAKMEM_ADAPTIVE_LOG=1.
- build.sh: add help/list/verify; EXTRA_MAKEFLAGS passthrough; echo pinned flags.
- docs/BUILDING_QUICKSTART.md: add one‑pager for targets/flags/env/perf/strace.
Verification (high level)
- Tiny random_mixed 10k 256/1024: SEGV resolved; runs complete.
- Pool TLS 1T/4T perf: HAKMEM >= system (≈ +0.7% 1T, ≈ +2.9% 4T); syscall counts ~10–13.
Known issues (to address next)
- Tiny random_mixed perf is weak vs system:
- 1T/500k/256: cycles/op ≈ 240 vs ~47 (≈5× slower), IPC ≈0.92, branch‑miss ≈11%.
- 1T/500k/1024: cycles/op ≈ 149 vs ~53 (≈2.8× slower), IPC ≈0.82, branch‑miss ≈10.5%.
- Hypothesis: frequent SuperSlab path for class7 (fast_cap=0), branchy refill/adopt, and hot-path divergence.
- Proposed next steps:
- Introduce fast_cap>0 for class7 (bounded TLS SLL) and a simpler batch refill.
- Add env‑gated Remote Side OFF for 1T A/B (reduce side-table and guards).
- Revisit likely/unlikely and unify adopt boundary sequencing (drain→bind→acquire) for Tiny.
2025-11-09 16:49:34 +09:00
0da9f8cba3
Phase 7 + Pool TLS 1.5b stabilization:\n- Add build hygiene (dep tracking, flag consistency, print-flags)\n- Add build.sh + verify_build.sh (unified recipe, freshness check)\n- Quiet verbose logs behind HAKMEM_DEBUG_VERBOSE\n- A/B free safety via HAKMEM_TINY_SAFE_FREE (mincore strict vs boundary)\n- Tweak Tiny header path to reduce noise; Pool TLS free guard optimized\n- Fix mimalloc link retention (--no-as-needed + force symbol)\n- Add docs/BUILD_PHASE7_POOL_TLS.md (cheatsheet)
2025-11-09 11:50:18 +09:00
