This is an archive of the discontinued LLVM Phabricator instance.

[ELF] Fix incorrect deduplication of MergeSyntheticSection's
AbandonedPublic

Authored by andrewng on Mar 26 2018, 8:29 AM.

Download Raw Diff

Details

Reviewers

ruiu
• espindola

Summary

The Data member of MergeSyntheticSection, which is used by ICF to check
equality of section contents, is always empty. This can result in
incorrect and dangerous deduplication when using --icf=all and
--ignore-data-address-equality.

This simple fix populates the Data of MergeSyntheticSection with the
intended contents in finalizeContents and uses Data for writeTo.

Fixes bug PR36910.

Diff Detail

Event Timeline

andrewng created this revision.Mar 26 2018, 8:29 AM

Herald added subscribers: arichardson, emaste. · View Herald TranscriptMar 26 2018, 8:29 AM

Seems reasonable. I will just do a quick check on the performance impact.

• espindola added inline comments.Mar 26 2018, 8:53 AM

test/ELF/icf-not-equal-merged-sections.s
6	The test would be a bit more dependable if you checked the content of the output with objdump/readelf/readobj. As written the test would still pass if we changed the icf message and regressed this fix.

In D44898#1048263, @espindola wrote:

Seems reasonable. I will just do a quick check on the performance impact.

Yes, that would be my only concern too, but I decided to keep it simple first.

test/ELF/icf-not-equal-merged-sections.s
6	Good point! I will look at adding this.

Updated test to address review comments.

• espindola added inline comments.Mar 26 2018, 9:19 AM

ELF/SyntheticSections.cpp
2442	At least clang is not finding an operator new[] to use. I had to manually call the Allocate function for this to build: new (BAlloc.Allocate<uint8_t>(Size)) uint8_t[Size] I guess we could also add new[] to Support/Allocator.h

Updated to fix issue with clang compilation.

LGTM.

Some tests got a bit faster (clang) and some a bit slower (scylla).

This revision is now accepted and ready to land.Mar 26 2018, 11:31 AM

Doesn't this increase lld's memory usage significantly? Mergeable string table tend to be large, and it seems with this patch you keep a copy of an entire section in memory.

In D44898#1048634, @ruiu wrote:

Doesn't this increase lld's memory usage significantly? Mergeable string table tend to be large, and it seems with this patch you keep a copy of an entire section in memory.

True. That would be a reasonable explanation for scylla getting slower.

We could inspect the individual buffers in the StringTableBuilders, but it is not clear if it is worth it.

Maybe the best option is just disabling ICF of synthetic sections?

How much did Scylla get slower?

Maybe the best option is just disabling ICF of synthetic sections?

That sounds like a better way of fixing the issue.

In D44898#1048688, @ruiu wrote:

How much did Scylla get slower?

Maybe the best option is just disabling ICF of synthetic sections?

That sounds like a better way of fixing the issue.

Yes, for large mergeable sections, this could significantly increase memory usage.

Disabling ICF for synthetic sections would be a way to fix the issue and I don't think it would have much negative impact in practice, i.e. ICF of these sections is not common.

In D44898#1048688, @ruiu wrote:

How much did Scylla get slower?

2.8%. Somehow clang-fsds got 2.39% faster.

page faults got worse on all test cases, but on scylla they got worse by 15%. That is consistent with the extra allocations being responsible for the slowdown.

2.8%. Somehow clang-fsds got 2.39% faster.

That speedup is interesting. I don't have a good theory to explain it though.

Even if this patch is somewhat performance-neutral, we still should avoid extra memory allocation if we can. Let's try ignoring synthetic sections in ICF. That's I think better.

andrewng mentioned this in D44923: [ELF] Disable ICF for synthetic sections.Mar 27 2018, 6:03 AM

In D44898#1048789, @ruiu wrote:

2.8%. Somehow clang-fsds got 2.39% faster.

That speedup is interesting. I don't have a good theory to explain it though.

Even if this patch is somewhat performance-neutral, we still should avoid extra memory allocation if we can. Let's try ignoring synthetic sections in ICF. That's I think better.

Alternative fix here: D44923.

We can close this one, right?

Abandoned in favour of D44923.

Revision Contents

Path

Size

ELF/

SyntheticSections.h

3 lines

SyntheticSections.cpp

23 lines

test/

ELF/

icf-not-equal-merged-sections.s

18 lines

Diff 139795

ELF/SyntheticSections.h

	Show First 20 Lines • Show All 678 Lines • ▼ Show 20 Lines

	// MergeSyntheticSection is a class that allows us to put mergeable sections			// MergeSyntheticSection is a class that allows us to put mergeable sections
	// with different attributes in a single output sections. To do that			// with different attributes in a single output sections. To do that
	// we put them into MergeSyntheticSection synthetic input sections which are			// we put them into MergeSyntheticSection synthetic input sections which are
	// attached to regular output sections.			// attached to regular output sections.
	class MergeSyntheticSection : public SyntheticSection {			class MergeSyntheticSection : public SyntheticSection {
	public:			public:
	void addSection(MergeInputSection *MS);			void addSection(MergeInputSection *MS);
				void writeTo(uint8_t *Buf) override;

	protected:			protected:
	MergeSyntheticSection(StringRef Name, uint32_t Type, uint64_t Flags,			MergeSyntheticSection(StringRef Name, uint32_t Type, uint64_t Flags,
	uint32_t Alignment)			uint32_t Alignment)
	: SyntheticSection(Flags, Type, Alignment, Name) {}			: SyntheticSection(Flags, Type, Alignment, Name) {}

	std::vector<MergeInputSection *> Sections;			std::vector<MergeInputSection *> Sections;
	};			};

	class MergeTailSection final : public MergeSyntheticSection {			class MergeTailSection final : public MergeSyntheticSection {
	public:			public:
	MergeTailSection(StringRef Name, uint32_t Type, uint64_t Flags,			MergeTailSection(StringRef Name, uint32_t Type, uint64_t Flags,
	uint32_t Alignment);			uint32_t Alignment);

	size_t getSize() const override;			size_t getSize() const override;
	void writeTo(uint8_t *Buf) override;
	void finalizeContents() override;			void finalizeContents() override;

	private:			private:
	llvm::StringTableBuilder Builder;			llvm::StringTableBuilder Builder;
	};			};

	class MergeNoTailSection final : public MergeSyntheticSection {			class MergeNoTailSection final : public MergeSyntheticSection {
	public:			public:
	MergeNoTailSection(StringRef Name, uint32_t Type, uint64_t Flags,			MergeNoTailSection(StringRef Name, uint32_t Type, uint64_t Flags,
	uint32_t Alignment)			uint32_t Alignment)
	: MergeSyntheticSection(Name, Type, Flags, Alignment) {}			: MergeSyntheticSection(Name, Type, Flags, Alignment) {}

	size_t getSize() const override { return Size; }			size_t getSize() const override { return Size; }
	void writeTo(uint8_t *Buf) override;
	void finalizeContents() override;			void finalizeContents() override;

	private:			private:
	// We use the most significant bits of a hash as a shard ID.			// We use the most significant bits of a hash as a shard ID.
	// The reason why we don't want to use the least significant bits is			// The reason why we don't want to use the least significant bits is
	// because DenseMap also uses lower bits to determine a bucket ID.			// because DenseMap also uses lower bits to determine a bucket ID.
	// If we use lower bits, it significantly increases the probability of			// If we use lower bits, it significantly increases the probability of
	// hash collisons.			// hash collisons.
	▲ Show 20 Lines • Show All 159 Lines • Show Last 20 Lines

ELF/SyntheticSections.cpp

Show First 20 Lines • Show All 2,401 Lines • ▼ Show 20 Lines	template <class ELFT> bool VersionNeedSection<ELFT>::empty() const {
return getNeedNum() == 0;		return getNeedNum() == 0;
}		}

void MergeSyntheticSection::addSection(MergeInputSection *MS) {		void MergeSyntheticSection::addSection(MergeInputSection *MS) {
MS->Parent = this;		MS->Parent = this;
Sections.push_back(MS);		Sections.push_back(MS);
}		}

		void MergeSyntheticSection::writeTo(uint8_t *Buf) {
		memcpy(Buf, Data.data(), Data.size());
		}

MergeTailSection::MergeTailSection(StringRef Name, uint32_t Type,		MergeTailSection::MergeTailSection(StringRef Name, uint32_t Type,
uint64_t Flags, uint32_t Alignment)		uint64_t Flags, uint32_t Alignment)
: MergeSyntheticSection(Name, Type, Flags, Alignment),		: MergeSyntheticSection(Name, Type, Flags, Alignment),
Builder(StringTableBuilder::RAW, Alignment) {}		Builder(StringTableBuilder::RAW, Alignment) {}

size_t MergeTailSection::getSize() const { return Builder.getSize(); }		size_t MergeTailSection::getSize() const { return Builder.getSize(); }

void MergeTailSection::writeTo(uint8_t *Buf) { Builder.write(Buf); }

void MergeTailSection::finalizeContents() {		void MergeTailSection::finalizeContents() {
// Add all string pieces to the string table builder to create section		// Add all string pieces to the string table builder to create section
// contents.		// contents.
for (MergeInputSection *Sec : Sections)		for (MergeInputSection *Sec : Sections)
for (size_t I = 0, E = Sec->Pieces.size(); I != E; ++I)		for (size_t I = 0, E = Sec->Pieces.size(); I != E; ++I)
if (Sec->Pieces[I].Live)		if (Sec->Pieces[I].Live)
Builder.add(Sec->getData(I));		Builder.add(Sec->getData(I));

// Fix the string table content. After this, the contents will never change.		// Fix the string table content. After this, the contents will never change.
Builder.finalize();		Builder.finalize();

// finalize() fixed tail-optimized strings, so we can now get		// finalize() fixed tail-optimized strings, so we can now get
// offsets of strings. Get an offset for each string and save it		// offsets of strings. Get an offset for each string and save it
// to a corresponding StringPiece for easy access.		// to a corresponding StringPiece for easy access.
for (MergeInputSection *Sec : Sections)		for (MergeInputSection *Sec : Sections)
for (size_t I = 0, E = Sec->Pieces.size(); I != E; ++I)		for (size_t I = 0, E = Sec->Pieces.size(); I != E; ++I)
if (Sec->Pieces[I].Live)		if (Sec->Pieces[I].Live)
Sec->Pieces[I].OutputOff = Builder.getOffset(Sec->getData(I));		Sec->Pieces[I].OutputOff = Builder.getOffset(Sec->getData(I));
}

void MergeNoTailSection::writeTo(uint8_t *Buf) {		// Populate data.
for (size_t I = 0; I < NumShards; ++I)		size_t Size = Builder.getSize();
Shards[I].write(Buf + ShardOffsets[I]);		uint8_t *Buf = new (BAlloc) uint8_t[Size];
		espindolaUnsubmitted Not Done Reply Inline Actions At least clang is not finding an operator new[] to use. I had to manually call the Allocate function for this to build: new (BAlloc.Allocate<uint8_t>(Size)) uint8_t[Size] I guess we could also add new[] to Support/Allocator.h espindola: At least clang is not finding an operator new[] to use. I had to manually call the Allocate…
		Data = ArrayRef<uint8_t>(Buf, Size);
		memset(Buf, 0, Size);
		Builder.write(Buf);
}		}

// This function is very hot (i.e. it can take several seconds to finish)		// This function is very hot (i.e. it can take several seconds to finish)
// because sometimes the number of inputs is in an order of magnitude of		// because sometimes the number of inputs is in an order of magnitude of
// millions. So, we use multi-threading.		// millions. So, we use multi-threading.
//		//
// For any strings S and T, we know S is not mergeable with T if S's hash		// For any strings S and T, we know S is not mergeable with T if S's hash
// value is different from T's. If that's the case, we can safely put S and		// value is different from T's. If that's the case, we can safely put S and
Show All 36 Lines	void MergeNoTailSection::finalizeContents() {
// So far, section pieces have offsets from beginning of shards, but		// So far, section pieces have offsets from beginning of shards, but
// we want offsets from beginning of the whole section. Fix them.		// we want offsets from beginning of the whole section. Fix them.
parallelForEach(Sections, [&](MergeInputSection *Sec) {		parallelForEach(Sections, [&](MergeInputSection *Sec) {
for (size_t I = 0, E = Sec->Pieces.size(); I != E; ++I)		for (size_t I = 0, E = Sec->Pieces.size(); I != E; ++I)
if (Sec->Pieces[I].Live)		if (Sec->Pieces[I].Live)
Sec->Pieces[I].OutputOff +=		Sec->Pieces[I].OutputOff +=
ShardOffsets[getShardId(Sec->Pieces[I].Hash)];		ShardOffsets[getShardId(Sec->Pieces[I].Hash)];
});		});

		// Populate data.
		uint8_t *Buf = new (BAlloc) uint8_t[Size];
		Data = ArrayRef<uint8_t>(Buf, Size);
		memset(Buf, 0, Size);
		for (size_t I = 0; I < NumShards; ++I)
		Shards[I].write(Buf + ShardOffsets[I]);
}		}

static MergeSyntheticSection *createMergeSynthetic(StringRef Name,		static MergeSyntheticSection *createMergeSynthetic(StringRef Name,
uint32_t Type,		uint32_t Type,
uint64_t Flags,		uint64_t Flags,
uint32_t Alignment) {		uint32_t Alignment) {
bool ShouldTailMerge = (Flags & SHF_STRINGS) && Config->Optimize >= 2;		bool ShouldTailMerge = (Flags & SHF_STRINGS) && Config->Optimize >= 2;
if (ShouldTailMerge)		if (ShouldTailMerge)
▲ Show 20 Lines • Show All 221 Lines • Show Last 20 Lines

test/ELF/icf-not-equal-merged-sections.s

This file was added.

				# REQUIRES: x86

				# RUN: llvm-mc -filetype=obj -triple=x86_64-unknown-linux %s -o %t.o
				# RUN: ld.lld %t.o -o %t --icf=all --ignore-data-address-equality --print-icf-sections \| FileCheck -allow-empty %s

				# CHECK-NOT: selected section <internal>:(.rodata)
				espindolaUnsubmitted Not Done Reply Inline Actions The test would be a bit more dependable if you checked the content of the output with objdump/readelf/readobj. As written the test would still pass if we changed the icf message and regressed this fix. espindola: The test would be a bit more dependable if you checked the content of the output with…
				andrewngAuthorUnsubmitted Not Done Reply Inline Actions Good point! I will look at adding this. andrewng: Good point! I will look at adding this.

				.section .rodata.cst4,"aM",@progbits,4
				rodata4:
				.long 0x00112233
				.long 0x44556677
				.long 0x00112233
				.long 0x44556677

				.section .rodata.cst8,"aM",@progbits,8
				rodata8:
				.long 0x01234567
				.long 0x76543210