Message ID | 20200731230820.1742553-14-keescook@chromium.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | Warn on orphan section placement | expand |
On Fri, Jul 31, 2020 at 04:07:57PM -0700, Kees Cook wrote: > From: Nick Desaulniers <ndesaulniers@google.com> > > Basically, consider .text.{hot|unlikely|unknown}.* part of .text, too. > > When compiling with profiling information (collected via PGO > instrumentations or AutoFDO sampling), Clang will separate code into > .text.hot, .text.unlikely, or .text.unknown sections based on profiling > information. After D79600 (clang-11), these sections will have a > trailing `.` suffix, ie. .text.hot., .text.unlikely., .text.unknown.. > > When using -ffunction-sections together with profiling infomation, > either explicitly (FGKASLR) or implicitly (LTO), code may be placed in > sections following the convention: > .text.hot.<foo>, .text.unlikely.<bar>, .text.unknown.<baz> > where <foo>, <bar>, and <baz> are functions. (This produces one section > per function; we generally try to merge these all back via linker script > so that we don't have 50k sections). > > For the above cases, we need to teach our linker scripts that such > sections might exist and that we'd explicitly like them grouped > together, otherwise we can wind up with code outside of the > _stext/_etext boundaries that might not be mapped properly for some > architectures, resulting in boot failures. > > If the linker script is not told about possible input sections, then > where the section is placed as output is a heuristic-laiden mess that's > non-portable between linkers (ie. BFD and LLD), and has resulted in many > hard to debug bugs. Kees Cook is working on cleaning this up by adding > --orphan-handling=warn linker flag used in ARCH=powerpc to additional > architectures. In the case of linker scripts, borrowing from the Zen of > Python: explicit is better than implicit. > > Also, ld.bfd's internal linker script considers .text.hot AND > .text.hot.* to be part of .text, as well as .text.unlikely and > .text.unlikely.*. I didn't see support for .text.unknown.*, and didn't > see Clang producing such code in our kernel builds, but I see code in > LLVM that can produce such section names if profiling information is > missing. That may point to a larger issue with generating or collecting > profiles, but I would much rather be safe and explicit than have to > debug yet another issue related to orphan section placement. > > Reported-by: Jian Cai <jiancai@google.com> > Suggested-by: Fāng-ruì Sòng <maskray@google.com> > Tested-by: Luis Lozano <llozano@google.com> > Tested-by: Manoj Gupta <manojgupta@google.com> > Acked-by: Kees Cook <keescook@chromium.org> > Cc: stable@vger.kernel.org > Link: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=add44f8d5c5c05e08b11e033127a744d61c26aee > Link: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=1de778ed23ce7492c523d5850c6c6dbb34152655 > Link: https://reviews.llvm.org/D79600 > Link: https://bugs.chromium.org/p/chromium/issues/detail?id=1084760 > Debugged-by: Luis Lozano <llozano@google.com> > Signed-off-by: Nick Desaulniers <ndesaulniers@google.com> > Signed-off-by: Kees Cook <keescook@chromium.org> > --- > include/asm-generic/vmlinux.lds.h | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h > index 2593957f6e8b..af5211ca857c 100644 > --- a/include/asm-generic/vmlinux.lds.h > +++ b/include/asm-generic/vmlinux.lds.h > @@ -561,7 +561,10 @@ > */ > #define TEXT_TEXT \ > ALIGN_FUNCTION(); \ > - *(.text.hot TEXT_MAIN .text.fixup .text.unlikely) \ > + *(.text.hot .text.hot.*) \ > + *(TEXT_MAIN .text.fixup) \ > + *(.text.unlikely .text.unlikely.*) \ > + *(.text.unknown .text.unknown.*) \ > NOINSTR_TEXT \ > *(.text..refcount) \ > *(.ref.text) \ > -- > 2.25.1 > This also changes the ordering to place all hot resp unlikely sections separate from other text, while currently it places the hot/unlikely bits of each file together with the rest of the code in that file. That seems like a reasonable change and should be mentioned in the commit message. However, the history of their being together comes from 9bebe9e5b0f3 ("kbuild: Fix .text.unlikely placement") which seems to indicate there was some problem with having them separated out, although I don't quite understand what the issue was from the commit message. Cc Andi and Michal to see if they remember.
On Fri, Jul 31, 2020 at 11:51:28PM -0400, Arvind Sankar wrote: > On Fri, Jul 31, 2020 at 04:07:57PM -0700, Kees Cook wrote: > > From: Nick Desaulniers <ndesaulniers@google.com> > > > > Basically, consider .text.{hot|unlikely|unknown}.* part of .text, too. > > > > When compiling with profiling information (collected via PGO > > instrumentations or AutoFDO sampling), Clang will separate code into > > .text.hot, .text.unlikely, or .text.unknown sections based on profiling > > information. After D79600 (clang-11), these sections will have a > > trailing `.` suffix, ie. .text.hot., .text.unlikely., .text.unknown.. > > > > When using -ffunction-sections together with profiling infomation, > > either explicitly (FGKASLR) or implicitly (LTO), code may be placed in > > sections following the convention: > > .text.hot.<foo>, .text.unlikely.<bar>, .text.unknown.<baz> > > where <foo>, <bar>, and <baz> are functions. (This produces one section > > per function; we generally try to merge these all back via linker script > > so that we don't have 50k sections). > > > > For the above cases, we need to teach our linker scripts that such > > sections might exist and that we'd explicitly like them grouped > > together, otherwise we can wind up with code outside of the > > _stext/_etext boundaries that might not be mapped properly for some > > architectures, resulting in boot failures. > > > > If the linker script is not told about possible input sections, then > > where the section is placed as output is a heuristic-laiden mess that's > > non-portable between linkers (ie. BFD and LLD), and has resulted in many > > hard to debug bugs. Kees Cook is working on cleaning this up by adding > > --orphan-handling=warn linker flag used in ARCH=powerpc to additional > > architectures. In the case of linker scripts, borrowing from the Zen of > > Python: explicit is better than implicit. > > > > Also, ld.bfd's internal linker script considers .text.hot AND > > .text.hot.* to be part of .text, as well as .text.unlikely and > > .text.unlikely.*. I didn't see support for .text.unknown.*, and didn't > > see Clang producing such code in our kernel builds, but I see code in > > LLVM that can produce such section names if profiling information is > > missing. That may point to a larger issue with generating or collecting > > profiles, but I would much rather be safe and explicit than have to > > debug yet another issue related to orphan section placement. > > > > Reported-by: Jian Cai <jiancai@google.com> > > Suggested-by: Fāng-ruì Sòng <maskray@google.com> > > Tested-by: Luis Lozano <llozano@google.com> > > Tested-by: Manoj Gupta <manojgupta@google.com> > > Acked-by: Kees Cook <keescook@chromium.org> > > Cc: stable@vger.kernel.org > > Link: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=add44f8d5c5c05e08b11e033127a744d61c26aee > > Link: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=1de778ed23ce7492c523d5850c6c6dbb34152655 > > Link: https://reviews.llvm.org/D79600 > > Link: https://bugs.chromium.org/p/chromium/issues/detail?id=1084760 > > Debugged-by: Luis Lozano <llozano@google.com> > > Signed-off-by: Nick Desaulniers <ndesaulniers@google.com> > > Signed-off-by: Kees Cook <keescook@chromium.org> > > --- > > include/asm-generic/vmlinux.lds.h | 5 ++++- > > 1 file changed, 4 insertions(+), 1 deletion(-) > > > > diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h > > index 2593957f6e8b..af5211ca857c 100644 > > --- a/include/asm-generic/vmlinux.lds.h > > +++ b/include/asm-generic/vmlinux.lds.h > > @@ -561,7 +561,10 @@ > > */ > > #define TEXT_TEXT \ > > ALIGN_FUNCTION(); \ > > - *(.text.hot TEXT_MAIN .text.fixup .text.unlikely) \ > > + *(.text.hot .text.hot.*) \ > > + *(TEXT_MAIN .text.fixup) \ > > + *(.text.unlikely .text.unlikely.*) \ > > + *(.text.unknown .text.unknown.*) \ > > NOINSTR_TEXT \ > > *(.text..refcount) \ > > *(.ref.text) \ > > -- > > 2.25.1 > > > > This also changes the ordering to place all hot resp unlikely sections separate > from other text, while currently it places the hot/unlikely bits of each file > together with the rest of the code in that file. That seems like a reasonable Oh, hmm, yes, we aren't explicitly using SORT() here. Does that mean the input sections were entirely be ordered in compilation unit link order, even in the case of orphan sections? (And I think either way, the answer isn't the same between bfd and lld.) I actually thought the like-named input sections were collected together first with lld, but bfd strictly appended to the output section. I guess it's time for me to stare at -M output from ld... Regardless, this patch is attempting to fix the problem where bfd and lld lay out the orphans differently (as mentioned above, lld seems to sort them in a way that is not strictly appended, and bfd seems to sort them strictly appended). In the case of being appended to the .text output section, this would cause boot failures due to _etext not covering the resulting sections (which this[1] also encountered and fixed to be more robust for such appended collection -- that series actually _depends_ on orphan handling doing the appending, because there is no current way to map wildcard input sections to their own separate output sections). > change and should be mentioned in the commit message. > > However, the history of their being together comes from > > 9bebe9e5b0f3 ("kbuild: Fix .text.unlikely placement") > > which seems to indicate there was some problem with having them separated out, > although I don't quite understand what the issue was from the commit message. Looking at this again, I actually wonder if we have bigger issues here with dead code elimination: #ifdef CONFIG_LD_DEAD_CODE_DATA_ELIMINATION #define TEXT_MAIN .text .text.[0-9a-zA-Z_]* ... that would catch: .text.hot .text.fixup .text.unlikely and .text.unknown but not .text.hot.*, etc (i.e. the third dot isn't matched, which is, I assume, why Clang switched to adding a trailing dot). However, this patch lists .text.hot .text.hot.* first, so they'd get pulled to the front correctly, but the trailing ones (with 2 dots) would not, since they'd match the TEXT_MAIN wildcard first. (This problem actually existed before this patch too, and is not the fault of 9bebe9e5b0f3, but rather the addition of TEXT_MAIN, which could potentially match .text.unlikely and .text.fixup) Unless I'm totally wrong and the bfd docs don't match the behavior? e.g. if I have a link order of ".foo.before", ".foo.after", and ".foo.middle", and this rule: .foo : { *(.foo.before .foo.* .foo.after) } do I get this (first match): .foo.before .foo.after .foo.middle or (most specific match): .foo.before .foo.middle .foo.after ? As I said, now that I'm able to better articulate these questions, I'll go get answers from -M output. :) Perhaps we need to fix TEXT_MAIN not TEXT_TEXT? TEXT_TEXT is for collecting .text, .text.[^\.]* and *.text, where, effectively, .text and .text[^\.]* are defined by TEXT_MAIN. i.e. adding 3-dot "text" input sections needs to likely be included in TEXT_MAIN Anyway, I'll keep looking at this... (In the meantime, perhaps we can take Arvind's series, and the earlier portions of the orphan series where asm-generic/vmlinux.lds.h and other things are cleaned up...) -Kees [1] https://lore.kernel.org/lkml/20200717170008.5949-6-kristen@linux.intel.com/
On Fri, Jul 31, 2020 at 11:18:02PM -0700, Kees Cook wrote: > On Fri, Jul 31, 2020 at 11:51:28PM -0400, Arvind Sankar wrote: > > > > This also changes the ordering to place all hot resp unlikely sections separate > > from other text, while currently it places the hot/unlikely bits of each file > > together with the rest of the code in that file. That seems like a reasonable > > Oh, hmm, yes, we aren't explicitly using SORT() here. Does that mean the > input sections were entirely be ordered in compilation unit link order, > even in the case of orphan sections? (And I think either way, the answer > isn't the same between bfd and lld.) I actually thought the like-named > input sections were collected together first with lld, but bfd strictly > appended to the output section. I guess it's time for me to stare at -M > output from ld... I don't know what happened to the orphans previously. But .text.hot and .text.unlikely will now change ordering. It sounds from below like this wasn't intentional? Though it does seem to be how BFD's default linker scripts lay it out. > > Regardless, this patch is attempting to fix the problem where bfd and lld > lay out the orphans differently (as mentioned above, lld seems to sort > them in a way that is not strictly appended, and bfd seems to sort them > strictly appended). In the case of being appended to the .text output > section, this would cause boot failures due to _etext not covering the > resulting sections (which this[1] also encountered and fixed to be more > robust for such appended collection -- that series actually _depends_ on > orphan handling doing the appending, because there is no current way > to map wildcard input sections to their own separate output sections). > > > change and should be mentioned in the commit message. > > > > However, the history of their being together comes from > > > > 9bebe9e5b0f3 ("kbuild: Fix .text.unlikely placement") > > > > which seems to indicate there was some problem with having them separated out, > > although I don't quite understand what the issue was from the commit message. > > Looking at this again, I actually wonder if we have bigger issues here > with dead code elimination: > > #ifdef CONFIG_LD_DEAD_CODE_DATA_ELIMINATION > #define TEXT_MAIN .text .text.[0-9a-zA-Z_]* > ... > > that would catch: .text.hot .text.fixup .text.unlikely and .text.unknown > but not .text.hot.*, etc (i.e. the third dot isn't matched, which is, > I assume, why Clang switched to adding a trailing dot). However, this > patch lists .text.hot .text.hot.* first, so they'd get pulled to the > front correctly, but the trailing ones (with 2 dots) would not, since > they'd match the TEXT_MAIN wildcard first. (This problem actually existed > before this patch too, and is not the fault of 9bebe9e5b0f3, but rather > the addition of TEXT_MAIN, which could potentially match .text.unlikely > and .text.fixup) The existing comment on TEXT_TEXT mentions that issue. However, note that the dead code stuff is only available currently on mips and ppc, and is hidden behind EXPERT for those, so I'm not sure if anyone actually uses it. 9bebe9e5b0f3 predates LD_DEAD_CODE_DATA_ELIMINATION, and there were no wildcards I can see in .text at the time, which is why I don't understand what problem is referred to in the commit message. Btw, for the FGKASLR stuff, instead of keeping the output sections per function, couldn't you generate a table of functions with sizes, and use that when randomizing the order? Then the sections themselves could be collected into .text explicitly.
> However, the history of their being together comes from > > 9bebe9e5b0f3 ("kbuild: Fix .text.unlikely placement") > > which seems to indicate there was some problem with having them separated out, > although I don't quite understand what the issue was from the commit message. Separating it out is less efficient. Gives worse packing for the hot part if they are not aligned to 64byte boundaries, which they are usually not. It also improves packing of the cold part, but that probably doesn't matter. -Andi
On Mon, Aug 03, 2020 at 12:05:06PM -0700, Andi Kleen wrote: > > However, the history of their being together comes from > > > > 9bebe9e5b0f3 ("kbuild: Fix .text.unlikely placement") > > > > which seems to indicate there was some problem with having them separated out, > > although I don't quite understand what the issue was from the commit message. > > Separating it out is less efficient. Gives worse packing for the hot part > if they are not aligned to 64byte boundaries, which they are usually not. > > It also improves packing of the cold part, but that probably doesn't matter. > > -Andi Why is that? Both .text and .text.hot have alignment of 2^4 (default function alignment on x86) by default, so it doesn't seem like it should matter for packing density. Avoiding interspersing cold text among regular/hot text seems like it should be a net win. That old commit doesn't reference efficiency -- it says there was some problem with matching when they were separated out, but there were no wildcard section names back then. commit 9bebe9e5b0f3109a14000df25308c2971f872605 Author: Andi Kleen <ak@linux.intel.com> Date: Sun Jul 19 18:01:19 2015 -0700 kbuild: Fix .text.unlikely placement When building a kernel with .text.unlikely text the unlikely text for each translation unit was put next to the main .text code in the final vmlinux. The problem is that the linker doesn't allow more specific submatches of a section name in a different linker script statement after the main match. So we need to move them all into one line. With that change .text.unlikely is at the end of everything again. I also moved .text.hot into the same statement though, even though that's not strictly needed. Signed-off-by: Andi Kleen <ak@linux.intel.com> Signed-off-by: Michal Marek <mmarek@suse.com> diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h index 8bd374d3cf21..1781e54ea6d3 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -412,12 +412,10 @@ * during second ld run in second ld pass when generating System.map */ #define TEXT_TEXT \ ALIGN_FUNCTION(); \ - *(.text.hot) \ - *(.text .text.fixup) \ + *(.text.hot .text .text.fixup .text.unlikely) \ *(.ref.text) \ MEM_KEEP(init.text) \ MEM_KEEP(exit.text) \ - *(.text.unlikely) /* sched.text is aling to function alignment to secure we have same
On 2020-08-03, Arvind Sankar wrote: >On Mon, Aug 03, 2020 at 12:05:06PM -0700, Andi Kleen wrote: >> > However, the history of their being together comes from >> > >> > 9bebe9e5b0f3 ("kbuild: Fix .text.unlikely placement") >> > >> > which seems to indicate there was some problem with having them separated out, >> > although I don't quite understand what the issue was from the commit message. >> >> Separating it out is less efficient. Gives worse packing for the hot part >> if they are not aligned to 64byte boundaries, which they are usually not. >> >> It also improves packing of the cold part, but that probably doesn't matter. >> >> -Andi > >Why is that? Both .text and .text.hot have alignment of 2^4 (default >function alignment on x86) by default, so it doesn't seem like it should >matter for packing density. Avoiding interspersing cold text among >regular/hot text seems like it should be a net win. > >That old commit doesn't reference efficiency -- it says there was some >problem with matching when they were separated out, but there were no >wildcard section names back then. I just want to share some context. GNU ld's internal linker script does impose a particular input section order by specifying separate input section descriptions: .text : { *(.text.unlikely .text.*_unlikely .text.unlikely.*) *(.text.exit .text.exit.*) *(.text.startup .text.startup.*) *(.text.hot .text.hot.*) *(SORT(.text.sorted.*)) # binutils 5fa5f8f5fe494ba4fe98c11899a5464cd164ec75, invented for GCC's call graph profiling. LLVM doesn't use it *(.text .stub .text.* .gnu.linkonce.t.*) ... This order is a bit arbitrary. gold and LLD have -z keep-text-section-prefix. With the option, there can be several output sections, with the '.unlikely'/'.exit'/'.startup'/etc suffix. This has the advantage that the hot/unlikely/exit/etc attribution of a particular function is more obvious: [ 2] .text PROGBITS 000000000040007c 00007c 000003 00 AX 0 0 4 [ 3] .text.startup PROGBITS 000000000040007f 00007f 000001 00 AX 0 0 1 [ 4] .text.exit PROGBITS 0000000000400080 000080 000002 00 AX 0 0 1 [ 5] .text.unlikely PROGBITS 0000000000400082 000082 000001 00 AX 0 0 1 ... In our case we only need one output section....... If we place all text sections in one input section description: *(.text.unlikely .text.*_unlikely .text.exit .text.exit.* .text.startup .text.startup.* .text.hot .text.hot.* ... ) In many cases the input sections are laid out in the input order. In LLD there are two ordering cases: * If clang PGO (-fprofile-use=) is enabled, .llvm.call-graph-profile will be created automatically. LLD can perform reordering **within an input section description**. The ordering is quite complex, you can read https://github.com/llvm/llvm-project/blob/master/lld/ELF/CallGraphSort.cpp#L9 if you are curious:) I don't know the performance improvement of this heuristic. (I don't think the original paper cgo2017-hfsort-final1.pdf took ThinLTO into account, so the result might not reflect realistic work loads where both ThinLTO and PGO are used) This, if matters, likely only matters for very large executable, not the case for the kernel. * On some RISC architectures (ARM/AArch64/PowerPC), the ordered sections (due to either .llvm.call-graph-profile or --symbol-reordering-file=; the two can't be used together) are placed in a suitable place in the input section description ( http://reviews.llvm.org/D44969 ) In summary, using one (large) input section description may have some performance improvement with LLD but I don't think it will be significant. There may be some size improvement for ARM/AArch64/PowerPC if someone wants to test. >commit 9bebe9e5b0f3109a14000df25308c2971f872605 >Author: Andi Kleen <ak@linux.intel.com> >Date: Sun Jul 19 18:01:19 2015 -0700 > > kbuild: Fix .text.unlikely placement > > When building a kernel with .text.unlikely text the unlikely text for > each translation unit was put next to the main .text code in the > final vmlinux. > > The problem is that the linker doesn't allow more specific submatches > of a section name in a different linker script statement after the > main match. > > So we need to move them all into one line. With that change > .text.unlikely is at the end of everything again. > > I also moved .text.hot into the same statement though, even though > that's not strictly needed. > > Signed-off-by: Andi Kleen <ak@linux.intel.com> > Signed-off-by: Michal Marek <mmarek@suse.com> > >diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h >index 8bd374d3cf21..1781e54ea6d3 100644 >--- a/include/asm-generic/vmlinux.lds.h >+++ b/include/asm-generic/vmlinux.lds.h >@@ -412,12 +412,10 @@ > * during second ld run in second ld pass when generating System.map */ > #define TEXT_TEXT \ > ALIGN_FUNCTION(); \ >- *(.text.hot) \ >- *(.text .text.fixup) \ >+ *(.text.hot .text .text.fixup .text.unlikely) \ > *(.ref.text) \ > MEM_KEEP(init.text) \ > MEM_KEEP(exit.text) \ >- *(.text.unlikely) > > > /* sched.text is aling to function alignment to secure we have same
> Why is that? Both .text and .text.hot have alignment of 2^4 (default > function alignment on x86) by default, so it doesn't seem like it should > matter for packing density. Avoiding interspersing cold text among You may lose part of a cache line on each unit boundary. Linux has a lot of units, some of them small. All these bytes add up. It's bad for TLB locality too. Sadly with all the fine grained protection changes the 2MB coverage is eroding anyways, but this makes it even worse. > regular/hot text seems like it should be a net win. > > That old commit doesn't reference efficiency -- it says there was some > problem with matching when they were separated out, but there were no > wildcard section names back then. It was about efficiency. -Andi
On 2020-08-03, Andi Kleen wrote: >> Why is that? Both .text and .text.hot have alignment of 2^4 (default >> function alignment on x86) by default, so it doesn't seem like it should >> matter for packing density. Avoiding interspersing cold text among > >You may lose part of a cache line on each unit boundary. Linux has >a lot of units, some of them small. All these bytes add up. > >It's bad for TLB locality too. Sadly with all the fine grained protection >changes the 2MB coverage is eroding anyways, but this makes it even worse. > Gives worse packing for the hot part > if they are not aligned to 64byte boundaries, which they are usually > not. I do not see how the 64-byte argument is related to this patch. If a function requires 64-byte alignment to be efficient, the compiler should communicate this fact by setting the alignment of its containing section to 64 bytes or above. If a text section has a 16-byte alignment, the linker can reorder it to an address which is a multiple of 16 but not a multiple of 64. I agree with your other statement that having a single input section description might be helpful. With more than one input section descrition, the linker has to respect the ordering requirement. With just one input section description, the linker has more freedom ordering sections if profitable. For example, LLD performs two ordering heuristics as my previous reply mentions. It'd be good if someone can measure the benefit. Personally I don't think this kind of ordering has significant benefit. (For arm/aarch64/powerpc there might be some size benefit due to fewer range extension thunks) >> regular/hot text seems like it should be a net win. > >> >> That old commit doesn't reference efficiency -- it says there was some >> problem with matching when they were separated out, but there were no >> wildcard section names back then. > >It was about efficiency. > >-Andi > >-- >You received this message because you are subscribed to the Google Groups "Clang Built Linux" group. >To unsubscribe from this group and stop receiving emails from it, send an email to clang-built-linux+unsubscribe@googlegroups.com. >To view this discussion on the web visit https://groups.google.com/d/msgid/clang-built-linux/20200804044532.GC1321588%40tassilo.jf.intel.com.
On Mon, Aug 03, 2020 at 09:45:32PM -0700, Andi Kleen wrote: > > Why is that? Both .text and .text.hot have alignment of 2^4 (default > > function alignment on x86) by default, so it doesn't seem like it should > > matter for packing density. Avoiding interspersing cold text among > > You may lose part of a cache line on each unit boundary. Linux has > a lot of units, some of them small. All these bytes add up. Separating out .text.unlikely, which isn't aligned, slightly _reduces_ this loss, but not by much -- just over 1K on a defconfig. More importantly, it moves cold code out of line (~320k on a defconfig), giving better code density for the hot code. For .text and .text.hot, you lose the alignment padding on every function boundary, not unit boundary, because of the 16-byte alignment. Whether .text.hot and .text are arranged by translation unit or not makes no difference. With *(.text.hot) *(.text) you get HHTT, with *(.text.hot .text) you get HTHT, but in both cases the individual chunks are already aligned to 16 bytes. If .text.hot _had_ different alignment requirements to .text, the HHTT should actually give better packing in general, I think. > > It's bad for TLB locality too. Sadly with all the fine grained protection > changes the 2MB coverage is eroding anyways, but this makes it even worse. > Yes, that could be true for .text.hot, depending on whether the hot functions are called from all over the kernel (in which case putting them together ought to be better) or mostly from regular text within the unit in which they appeared (in which case it would be better together with that code).
On Tue, Aug 04, 2020 at 12:06:49PM -0400, Arvind Sankar wrote: > On Mon, Aug 03, 2020 at 09:45:32PM -0700, Andi Kleen wrote: > > > Why is that? Both .text and .text.hot have alignment of 2^4 (default > > > function alignment on x86) by default, so it doesn't seem like it should > > > matter for packing density. Avoiding interspersing cold text among > > > > You may lose part of a cache line on each unit boundary. Linux has > > a lot of units, some of them small. All these bytes add up. > > Separating out .text.unlikely, which isn't aligned, slightly _reduces_ > this loss, but not by much -- just over 1K on a defconfig. More > importantly, it moves cold code out of line (~320k on a defconfig), > giving better code density for the hot code. > > For .text and .text.hot, you lose the alignment padding on every > function boundary, not unit boundary, because of the 16-byte alignment. > Whether .text.hot and .text are arranged by translation unit or not > makes no difference. > > With *(.text.hot) *(.text) you get HHTT, with *(.text.hot .text) you get > HTHT, but in both cases the individual chunks are already aligned to 16 > bytes. If .text.hot _had_ different alignment requirements to .text, the > HHTT should actually give better packing in general, I think. Okay, so at the end of the conversation, I think it looks like this patch is correct: it collects the hot, unlikely, etc into their own areas (e.g. HHTTUU is more correct than HTUHTU), so this patch stands as-is.
diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h index 2593957f6e8b..af5211ca857c 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -561,7 +561,10 @@ */ #define TEXT_TEXT \ ALIGN_FUNCTION(); \ - *(.text.hot TEXT_MAIN .text.fixup .text.unlikely) \ + *(.text.hot .text.hot.*) \ + *(TEXT_MAIN .text.fixup) \ + *(.text.unlikely .text.unlikely.*) \ + *(.text.unknown .text.unknown.*) \ NOINSTR_TEXT \ *(.text..refcount) \ *(.ref.text) \