This is an archive of the discontinued LLVM Phabricator instance.

Differential D154121

[BOLT][Instrumentation] Fix indirect call profile in PIE
ClosedPublic

Authored by treapster on Jun 29 2023, 10:55 AM.

Details

Reviewers
rafauler
Amir
maksfb
Commits
rGdfc759929644: [BOLT][Instrumentation] Add test for append-pid option
rGa86dd9ae6066: [BOLT][Instrumentation] Fix indirect call profile in PIE
Summary

Proof-of-concept on how we may fix PIE indCall profile.
Here we create a getter for base address of .text and substract it's return value from recorded PC values. It converts them to static addresses, which then may be used to find the corresponding indirect call descriptions. The getter works by loading static address of __hot_end via leaq, then loading dynamic address via rip-relative leaq and returning the difference. I picked the end of text because it is the closest point of .text to the runtime library, which means it will almost certainly be within the reach of load instructions (important for future AArch64 support), and because __hot_end is easy to reuse.

Diff Detail

Event Timeline

treapster created this revision.Jun 29 2023, 10:55 AM
Herald added a reviewer: rafauler. · View Herald TranscriptJun 29 2023, 10:55 AM
Herald added a reviewer: Amir. · View Herald Transcript
Herald added a reviewer: maksfb. · View Herald Transcript
Herald added a project: Restricted Project. · View Herald Transcript
Herald added subscribers: ayermolo, kristof.beyls. · View Herald Transcript
treapster requested review of this revision.Jun 29 2023, 10:55 AM
Herald added a subscriber: yota9. · View Herald TranscriptJun 29 2023, 10:55 AM
treapster added a parent revision: D153771: [BOLT][Instrumentation] Fix hash table memory corruption and append-pid option.Jun 29 2023, 10:56 AM
treapster edited the summary of this revision. (Show Details)
treapster edited the summary of this revision. (Show Details)
treapster edited the summary of this revision. (Show Details)
treapster edited the summary of this revision. (Show Details)Jun 29 2023, 10:58 AM
treapster added a comment.Jun 29 2023, 11:03 AM

While this works on our server, i get the following error on my x86_64 laptop:

FAILED: CMakeFiles/bolt_rt_instr_osx.dir/instr.cpp.o 
/usr/bin/clang++  -I/home/denis/randomshit/build/tools/bolt/bolt_rt-bins -O3 -DNDEBUG -std=c++17 -target x86_64-apple-darwin19.6.0 -ffreestanding -fno-exceptions -fno-rtti -fno-stack-protector -mno-sse -fPIC -MD -MT CMakeFiles/bolt_rt_instr_osx.dir/instr.cpp.o -MF CMakeFiles/bolt_rt_instr_osx.dir/instr.cpp.o.d -o CMakeFiles/bolt_rt_instr_osx.dir/instr.cpp.o -c /home/denis/randomshit/llvm-project/bolt/runtime/instr.cpp
In file included from /home/denis/randomshit/llvm-project/bolt/runtime/instr.cpp:44:
/home/denis/randomshit/llvm-project/bolt/runtime/common.h:146:48: error: 32-bit absolute addressing is not supported in 64-bit mode
  __asm__ volatile("leaq __hot_end(%%rip), %0\n\t"
                                               ^
<inline asm>:2:2: note: instantiated into assembly here
        leaq __hot_end, %rcx
        ^

I don't get why it says 32-bit addressing when leaq is 64-bit instruction? Changing it to movq makes no difference, but it definetely has something to do with OSX which i know nothing about.

treapster edited the summary of this revision. (Show Details)Jun 29 2023, 11:11 AM
treapster edited the summary of this revision. (Show Details)
treapster edited the summary of this revision. (Show Details)Jun 29 2023, 11:25 AM
treapster edited the summary of this revision. (Show Details)
Harbormaster completed remote builds in B242171: Diff 535898.Jun 29 2023, 11:36 AM
treapster updated this revision to Diff 535938.Jun 29 2023, 11:45 AM

Turns out, the cause of the issue was getBaseAddress() being in the extern "C" block(it wasn't on the server). Although i still don't get why it had such effect. Also, sorry for all the edits - i just tried to make underscores work in the diff description, but apparently there is no way without backticks.

Harbormaster completed remote builds in B242195: Diff 535938.Jun 29 2023, 12:51 PM
treapster updated this revision to Diff 537647.Jul 6 2023, 3:04 AM

Wait for profile in test - depends on D154436

treapster added a parent revision: D154436: [BOLT][Instrumentation] Keep profile open in WatchProcess.Jul 6 2023, 3:05 AM
Harbormaster completed remote builds in B243421: Diff 537647.Jul 6 2023, 3:06 AM
treapster mentioned this in D154436: [BOLT][Instrumentation] Keep profile open in WatchProcess.Jul 6 2023, 3:29 AM
treapster removed a parent revision: D153771: [BOLT][Instrumentation] Fix hash table memory corruption and append-pid option.Jul 7 2023, 6:43 AM
treapster added a comment.Jul 7 2023, 8:26 AM

Currently i cannot reproduce a failure which happens in CI

treapster updated this revision to Diff 538153.Jul 7 2023, 8:27 AM

getBaseAddress -> getTextBaseAddress
Use movabsq to allow big addresses
Add a comment

Harbormaster completed remote builds in B243785: Diff 538153.Jul 7 2023, 8:53 AM
treapster updated this revision to Diff 538593.Jul 10 2023, 5:34 AM

Quote variables in bash

Harbormaster completed remote builds in B244108: Diff 538593.Jul 10 2023, 5:46 AM
treapster updated this revision to Diff 538595.Jul 10 2023, 5:46 AM

Add -fpie compiler flag
Hope it helps with failures

Harbormaster completed remote builds in B244110: Diff 538595.Jul 10 2023, 5:54 AM
treapster updated this revision to Diff 538640.Jul 10 2023, 7:35 AM

Change test to no-pie to check if PIE is the issue. If the failure persists, it must be bash script.
Unfortunately i can't reproduce it locally so i have to poke it in random places.

Harbormaster completed remote builds in B244140: Diff 538640.Jul 10 2023, 7:45 AM
treapster updated this revision to Diff 538645.Jul 10 2023, 7:52 AM

Changing test to no-pie made no difference. Now i replace wait_file calls with sleeps and if it passes, the script is definitely the issue. Even though i have no idea why.

Harbormaster completed remote builds in B244143: Diff 538645.Jul 10 2023, 8:01 AM
treapster updated this revision to Diff 538668.Jul 10 2023, 8:45 AM

Okay, this is stupid: it seems debian in CI just lacks fuser command, or it's not in path. I couldn't see the error because of stderr redirection to /dev/null. Here i add more return code checks and we should get an error that fuser is not found. What should we do next?

Harbormaster completed remote builds in B244162: Diff 538668.Jul 10 2023, 8:54 AM
treapster updated this revision to Diff 538680.Jul 10 2023, 9:07 AM

For now i just added fuser requirement to the test.

Harbormaster completed remote builds in B244172: Diff 538680.Jul 10 2023, 9:36 AM
hzq added a subscriber: hzq.Jul 13 2023, 8:15 PM
treapster added a comment.Jul 17 2023, 12:32 AM

Gentle ping

treapster updated this revision to Diff 544669.Jul 27 2023, 2:48 AM
  • Use fuser -s instead of /dev/null redirection
  • Fix wait_file.sh invoked with one extra argument
Harbormaster completed remote builds in B248482: Diff 544669.Jul 27 2023, 3:03 AM
treapster updated this revision to Diff 544695.Jul 27 2023, 4:06 AM

Pushed wrong patch last time

Harbormaster completed remote builds in B248504: Diff 544695.Jul 27 2023, 4:13 AM
treapster updated this revision to Diff 544704.Jul 27 2023, 4:30 AM

(once again) use -s flag with fuser

Harbormaster completed remote builds in B248512: Diff 544704.Jul 27 2023, 4:38 AM
treapster added a comment.Aug 7 2023, 2:42 AM

Ping

rafauler added a comment.Aug 7 2023, 5:35 PM

Thanks! I can start looking into this next week (and the week after it) during my shift.

treapster added a comment.Aug 22 2023, 8:17 AM

Ping

rafauler accepted this revision.Aug 23 2023, 12:18 PM

Thanks for working on this. LGTM

This revision is now accepted and ready to land.Aug 23 2023, 12:18 PM
Closed by commit rGa86dd9ae6066: [BOLT][Instrumentation] Fix indirect call profile in PIE (authored by treapster). · Explain WhyAug 23 2023, 1:51 PM
This revision was automatically updated to reflect the committed changes.
treapster added a commit: rGa86dd9ae6066: [BOLT][Instrumentation] Fix indirect call profile in PIE.
Herald added a project: Restricted Project. · View Herald TranscriptAug 23 2023, 1:51 PM
Herald added a subscriber: llvm-commits. · View Herald Transcript
treapster added a commit: rGdfc759929644: [BOLT][Instrumentation] Add test for append-pid option.Aug 23 2023, 1:51 PM

Revision Contents

PathSize
bolt/
lib/
Rewrite/
5 lines
runtime/
14 lines
9 lines

Diff 552877

bolt/lib/Rewrite/RewriteInstance.cpp

Show First 20 LinesShow All 1,839 Lines▼ Show 20 Linesvoid RewriteInstance::adjustCommandLineOptions() {
if (!BC->HasRelocations && if (!BC->HasRelocations &&
opts::ReorderFunctions != ReorderFunctions::RT_NONE) { opts::ReorderFunctions != ReorderFunctions::RT_NONE) {
errs() << "BOLT-ERROR: function reordering only works when " errs() << "BOLT-ERROR: function reordering only works when "
<< "relocations are enabled\n"; << "relocations are enabled\n";
exit(1); exit(1);
} }
if (opts::ReorderFunctions != ReorderFunctions::RT_NONE && if (opts::Instrument ||
!opts::HotText.getNumOccurrences()) { (opts::ReorderFunctions != ReorderFunctions::RT_NONE &&
!opts::HotText.getNumOccurrences())) {
opts::HotText = true; opts::HotText = true;
} else if (opts::HotText && !BC->HasRelocations) { } else if (opts::HotText && !BC->HasRelocations) {
errs() << "BOLT-WARNING: hot text is disabled in non-relocation mode\n"; errs() << "BOLT-WARNING: hot text is disabled in non-relocation mode\n";
opts::HotText = false; opts::HotText = false;
} }
if (opts::HotText && opts::HotTextMoveSections.getNumOccurrences() == 0) { if (opts::HotText && opts::HotTextMoveSections.getNumOccurrences() == 0) {
opts::HotTextMoveSections.addValue(".stub"); opts::HotTextMoveSections.addValue(".stub");
▲ Show 20 LinesShow All 3,638 LinesShow Last 20 Lines

bolt/runtime/common.h

Show First 20 LinesShow All 159 Lines▼ Show 20 Linesint memcmp(const void *s1, const void *s2, size_t n) {
} }
return 0; return 0;
} }
} // extern "C" } // extern "C"
// Anonymous namespace covering everything but our library entry point // Anonymous namespace covering everything but our library entry point
namespace { namespace {
// Get the difference between runtime addrress of .text section and
// static address in section header table. Can be extracted from arbitrary
// pc value recorded at runtime to get the corresponding static address, which
// in turn can be used to search for indirect call description. Needed because
// indirect call descriptions are read-only non-relocatable data.
uint64_t getTextBaseAddress() {
uint64_t DynAddr;
uint64_t StaticAddr;
__asm__ volatile("leaq __hot_end(%%rip), %0\n\t"
"movabsq $__hot_end, %1\n\t"
: "=r"(DynAddr), "=r"(StaticAddr));
return DynAddr - StaticAddr;
}
constexpr uint32_t BufSize = 10240; constexpr uint32_t BufSize = 10240;
#define _STRINGIFY(x) #x #define _STRINGIFY(x) #x
#define STRINGIFY(x) _STRINGIFY(x) #define STRINGIFY(x) _STRINGIFY(x)
uint64_t __read(uint64_t fd, const void *buf, uint64_t count) { uint64_t __read(uint64_t fd, const void *buf, uint64_t count) {
uint64_t ret; uint64_t ret;
#if defined(__APPLE__) #if defined(__APPLE__)
▲ Show 20 LinesShow All 509 LinesShow Last 20 Lines

bolt/runtime/instr.cpp

Show First 20 LinesShow All 209 Lines▼ Show 20 Linesprivate:
bool Shared{false}; bool Shared{false};
Mutex M; Mutex M;
}; };
/// Used for allocating indirect call instrumentation counters. Initialized by /// Used for allocating indirect call instrumentation counters. Initialized by
/// __bolt_instr_setup, our initialization routine. /// __bolt_instr_setup, our initialization routine.
BumpPtrAllocator *GlobalAlloc; BumpPtrAllocator *GlobalAlloc;
// Base address which we substract from recorded PC values when searching for
// indirect call description entries. Needed because indCall descriptions are
// mapped read-only and contain static addresses. Initialized in
// __bolt_instr_setup.
uint64_t TextBaseAddress = 0;
// Storage for GlobalAlloc which can be shared if not using // Storage for GlobalAlloc which can be shared if not using
// instrumentation-file-append-pid. // instrumentation-file-append-pid.
void *GlobalMetadataStorage; void *GlobalMetadataStorage;
} // anonymous namespace } // anonymous namespace
// User-defined placement new operators. We only use those (as opposed to // User-defined placement new operators. We only use those (as opposed to
// overriding the regular operator new) so we can keep our allocator in the // overriding the regular operator new) so we can keep our allocator in the
▲ Show 20 LinesShow All 1,158 Lines▼ Show 20 Linesvoid visitIndCallCounter(IndirectCallHashTable::MapEntry &Entry,
ProfileWriterContext *Ctx) { ProfileWriterContext *Ctx) {
if (Entry.Val == 0) if (Entry.Val == 0)
return; return;
DEBUG(reportNumber("Target func 0x", Entry.Key, 16)); DEBUG(reportNumber("Target func 0x", Entry.Key, 16));
DEBUG(reportNumber("Target freq: ", Entry.Val, 10)); DEBUG(reportNumber("Target freq: ", Entry.Val, 10));
const IndCallDescription *CallsiteDesc = const IndCallDescription *CallsiteDesc =
&Ctx->IndCallDescriptions[CallsiteID]; &Ctx->IndCallDescriptions[CallsiteID];
const IndCallTargetDescription *TargetDesc = const IndCallTargetDescription *TargetDesc =
Ctx->lookupIndCallTarget(Entry.Key); Ctx->lookupIndCallTarget(Entry.Key - TextBaseAddress);
if (!TargetDesc) { if (!TargetDesc) {
DEBUG(report("Failed to lookup indirect call target\n")); DEBUG(report("Failed to lookup indirect call target\n"));
char LineBuf[BufSize]; char LineBuf[BufSize];
char *Ptr = LineBuf; char *Ptr = LineBuf;
Ptr = serializeLoc(*Ctx, Ptr, *CallsiteDesc, BufSize); Ptr = serializeLoc(*Ctx, Ptr, *CallsiteDesc, BufSize);
Ptr = strCopy(Ptr, "0 [unknown] 0 0 ", BufSize - (Ptr - LineBuf) - 40); Ptr = strCopy(Ptr, "0 [unknown] 0 0 ", BufSize - (Ptr - LineBuf) - 40);
Ptr = intToStr(Ptr, Entry.Val, 10); Ptr = intToStr(Ptr, Entry.Val, 10);
*Ptr++ = '\n'; *Ptr++ = '\n';
▲ Show 20 LinesShow All 203 Lines▼ Show 20 Lines
extern "C" void __bolt_instr_indirect_call(); extern "C" void __bolt_instr_indirect_call();
extern "C" void __bolt_instr_indirect_tailcall(); extern "C" void __bolt_instr_indirect_tailcall();
/// Initialization code /// Initialization code
extern "C" void __attribute((force_align_arg_pointer)) __bolt_instr_setup() { extern "C" void __attribute((force_align_arg_pointer)) __bolt_instr_setup() {
__bolt_ind_call_counter_func_pointer = __bolt_instr_indirect_call; __bolt_ind_call_counter_func_pointer = __bolt_instr_indirect_call;
__bolt_ind_tailcall_counter_func_pointer = __bolt_instr_indirect_tailcall; __bolt_ind_tailcall_counter_func_pointer = __bolt_instr_indirect_tailcall;
TextBaseAddress = getTextBaseAddress();
const uint64_t CountersStart = const uint64_t CountersStart =
reinterpret_cast<uint64_t>(&__bolt_instr_locations[0]); reinterpret_cast<uint64_t>(&__bolt_instr_locations[0]);
const uint64_t CountersEnd = alignTo( const uint64_t CountersEnd = alignTo(
reinterpret_cast<uint64_t>(&__bolt_instr_locations[__bolt_num_counters]), reinterpret_cast<uint64_t>(&__bolt_instr_locations[__bolt_num_counters]),
0x1000); 0x1000);
DEBUG(reportNumber("replace mmap start: ", CountersStart, 16)); DEBUG(reportNumber("replace mmap start: ", CountersStart, 16));
DEBUG(reportNumber("replace mmap stop: ", CountersEnd, 16)); DEBUG(reportNumber("replace mmap stop: ", CountersEnd, 16));
▲ Show 20 LinesShow All 129 LinesShow Last 20 Lines