ManagedStatic and order of destruction

I’m curious about the design rationale for how ManagedStatic instances are cleaned up, and I’m hoping someone can shed some light on it.

Currently, ManagedStatic objects are cleaned up when llvm_shutdown() traverses the global list of initialized objects and calls destroy() on each. This leads to two questions:

  1. An assertion enforces that the objects are deleted in reverse order of allocation. Is there any hard requirement for this, or is it only because of the way the linked list is created?

  2. Would anything change (functionally) if we simply called destroy() in the ManagedStatic destructor? Wouldn’t this be safer than relying on a client to call llvm_shutdown()? It seems like the whole purpose of llvm_shutdown() is to allow clients to free the data allocated by ManagedStatic instances. Could we not just give them an option, but by default clean up during global destruction?

Ping. Anyone with knowledge of detailed knowledge of the ManagedStatic implementation?

The use-case we are looking at is getting rid of llvm_shutdown() by cleaning up the ManagedStatic data when the global destructors run.

Right, I’m suggesting we keep llvm_shutdown() for users who want this control, but also destroy still-live ManagedStatic instances if llvm_shutdown() is not called. This helps in the case where there is not a clear time when llvm_shutdown() can be called, especially given that LLVM cannot be resurrected in the same process due to current limitations in the pass registry, and perhaps elsewhere.

Looking at this some more, there appears to be some cases where LLVM is causing memory leaks due to ManagedStatic (and perhaps undefined behavior).


The expected client behavior is to call llvm_shutdown() before returning from main(). This causes destroy() to be called on all ManagedStatic instances that have been accessed so far, deleting the child data and NULLing out the StaticList global. This includes PassRegistry.

After main terminates, the global destructors run, including the command-line option destructors. The “-print-before” and “-print-after” options use a PassNameParser instance. This parser is a sub-class of PassRegistrationListener, and the destructor for this class calls PassRegistry::getPassRegistry(). This call accesses a ManagedStatic instance. But, all ManagedStatic instances have already been cleaned up! This brings up two issues/questions:

  1. The ManagedStatic instance was cleaned-up, so the accessors re-create the object. Since all ManagedStatic instances were already cleaned-up, this new instance is leaked.

  2. Is this not undefined behavior? There is no guarantee which objects are destructed when, so is it even valid to assume that the ManagedStatic instance is still usable? Couldn’t the compile decide to write all 1s to the memory range used by the ManagedStatic instance? Or is there some guarantee that ManagedStatic is a POD type and won’t be touched until after all global destructors run?