tobast/talk-2019-10-OOPSLA19
1
0
Fork 0
forked from m2-internship/talk-2018-11-uppsala
Code Releases Activity

Compare commits

base: tobast:cf661b00a5201d4092a8d9f9a25ce93c37ad95b9
Branches Tags
tobast:master
m2-internship:master
...
compare: tobast:fc080b8d15884382ef8851de16c4aecfb163aa2f
Branches Tags
tobast:master
m2-internship:master

8 commits
cf661b00a5 ... fc080b8d15

Author SHA1 Message Date
Théophile Bastian fc080b8d15 Add slides about fixpoint 2019-10-18 11:34:17 +02:00
Théophile Bastian baca8da49a Add pictures on title slide 2019-10-18 10:40:13 +02:00
Théophile Bastian c5a0398449 Increase itemize itemsep 2019-10-17 16:33:56 +02:00
Théophile Bastian 36722963a1 Increase font size 2019-10-17 16:29:18 +02:00
Théophile Bastian 3b9768c76a Refactor "complex & slow" 2019-10-17 16:18:08 +02:00
Théophile Bastian 2870f6a51d Slide 11 not moving anymore 2019-10-17 15:21:32 +02:00
Théophile Bastian cfb31b5c3e Add slide before Unwinding data compilation 2019-10-17 15:17:58 +02:00
Théophile Bastian 67a5fbfe20 Enhance stack image 
Different stack frame sizes, no main RA, %rsp -> stack pointer
 2019-10-16 10:18:48 +02:00
6 changed files with 238 additions and 37 deletions
Show stats Expand all files Collapse all files

BIN
img/call_stack.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 16 KiB

After

Width:  |  Height:  |  Size: 16 KiB

BIN
img/fzn_circ.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 15 KiB

BIN
img/stephen_circ.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 124 KiB

262
slides.tex
View file

@ -1,6 +1,6 @@
% vim: spell spelllang=en
\documentclass[11pt,xcolor={usenames,dvipsnames}]{beamer}
\documentclass[12pt,xcolor={usenames,dvipsnames}]{beamer}
\usetheme{Warsaw}
\usepackage[utf8]{inputenc}
\usepackage[english]{babel}
@ -17,7 +17,7 @@
\usepackage{multirow}
\usepackage[many]{tcolorbox}
\usepackage[absolute,overlay]{textpos}
\usetikzlibrary{arrows.meta}
\usetikzlibrary{arrows.meta,shapes}
\usepackage{texlib/my_listings}
\usepackage{texlib/specific}
@ -33,15 +33,15 @@
\setbeamertemplate{navigation symbols}{}
\setbeamertemplate{headline}{}
\newcommand{\thenalert}[1]{\only<1>{#1}\only<2>{\alert{#1}}}
\newcommand{\slidecountline}{
\ifthenelse{\theframenumber = 0}
{}
{\insertframenumber/\inserttotalframenumber}}
\newcommand{\cmark}{\color{OliveGreen}\ding{52}}
\newcommand{\xmark}{\color{BrickRed}\ding{56}}
\let\tempone\itemize
\let\temptwo\enditemize
\renewenvironment{itemize}{\tempone\addtolength{\itemsep}{0.5\baselineskip}}{\temptwo}
\newcommand{\sectiontitleframe}{
\begin{frame}
\vfill
@ -56,6 +56,16 @@
morekeywords={gdb},
sensitive=false,
}
\lstdefinelanguage{cfiasm}{
morekeywords={cfi_startproc,cfi_def_cfa_offset,cfi_offset,cfi_def_cfa_register},
sensitive=false,
}
\newcommand{\thenalert}[1]{\only<1>{#1}\only<2>{\alert{#1}}}
\newcommand{\slidecountline}{
\ifthenelse{\theframenumber = 0}
{}
{\insertframenumber/\inserttotalframenumber}}
\setbeamertemplate{footline}
{
@ -71,6 +81,23 @@
\vskip0pt%
}
\setbeamercolor{block title}{use=structure,fg=white,bg=structure.fg!75!black}
\setbeamercolor{block title alerted}{use=alerted text,fg=white,bg=alerted
text.fg!75!black}
\setbeamercolor{block title example}{use=example text,fg=white,bg=example
text.fg!75!black}
%\setbeamertemplate{frametitle}{
% \leavevmode%
% \hbox{%
% \begin{beamercolorbox}[wd=\paperwidth,ht=2.25ex,dp=1ex,center]{title in head/foot}%
% \usebeamerfont{author in head/foot}\insertframetitle
% \end{beamercolorbox}%
% }
% \vskip0pt%
% %\color{black}\bfseries\insertframetitle\par\vskip-6pt\hrulefill
%}
\newcolumntype{b}{X}
\newcolumntype{s}{>{\hsize=.43\hsize}X}
@ -96,6 +123,7 @@
\vspace{-2em}
\begin{columns}
\begin{column}{0.55\textwidth}
\begin{tcolorbox}[halign=center, colframe=blue]
@ -103,7 +131,7 @@
\smallskip
\vspace{0.5em}
{\url{https://huit.re/frdwarf}}\\
{\small\url{https://huit.re/frdwarf}}\\
\vspace{0.5em}
\end{tcolorbox}
\end{column}
@ -119,6 +147,13 @@
\end{tcolorbox}
\end{column}
\end{columns}
\begin{textblock*}{0.22\textwidth}[0.5,0](0.15\paperwidth,0.38\paperheight)%
\includegraphics[width=\linewidth]{img/stephen_circ.jpg}
\end{textblock*}
\begin{textblock*}{0.22\textwidth}[0.5,0](0.85\paperwidth,0.38\paperheight)%
\includegraphics[width=\linewidth]{img/fzn_circ.jpg}
\end{textblock*}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@ -159,7 +194,7 @@ Segmentation fault.
\begin{column}{0.65\textwidth}
\begin{center}
\large\bf
How do we get the RA\@?\\Easy, \reg{rbp}!
How do we get the RA\@?
\vspace{2em}
@ -179,7 +214,6 @@ Segmentation fault.
\newcolumntype{a}{>{\columncolor{RedOrange}}l}
\begin{frame}{DWARF unwinding data}
\vspace{2em}
\tt \footnotesize
\begin{center}
\begin{tabular}{
@ -201,12 +235,11 @@ Segmentation fault.
0084a1e & rsp+40 & c-56 & c-48 & c-40 & c-32 & c-24 & c-16 & c-8 \\
\end{tabular}
\end{center}
\vspace{1em}
\only<1>{\vspace{19mm}}
\begin{columns}
\begin{column}{0.50\textwidth}
\only<2->{
\onslide<2->{
\begin{tcolorbox}[enhanced, halign=center, frame hidden, colback=YellowGreen]
\textbf{For each instruction\ldots}\\
(identified by its program counter)
@ -214,7 +247,7 @@ Segmentation fault.
}
\end{column}
\begin{column}{0.50\textwidth}
\only<3->{
\onslide<3->{
\begin{tcolorbox}[enhanced, halign=center, frame hidden,
interior style={right color=Apricot, left color=Thistle}]
\textbf{\ldots{}an expression to compute its return address
@ -237,29 +270,75 @@ Segmentation fault.
\end{lstlisting}
\pause{}
\vfill
\begin{itemize}
\item[\textbf{$\longrightarrow$}] \textbf{\alert{constructed} on-demand
by a \alert{Turing-complete stack machine}!}
\end{itemize}
\end{frame}
\begin{frame}{What does this imply?}
Your compiler actually generates codes for \alert{two machines}: your
processor and the DWARF VM\@.
\vfill{}
\begin{columns}
\begin{column}{0.5\textwidth}
\begin{center}
\begin{tikzpicture}
\begin{scope}[every node/.style={rectangle,thick,draw,scale=0.95}]
\node (cmd) at (0, 2.5) {
\lstbash{\$ gcc -S foo.c}
};
\node (asm) at (0, 0) {
\lstinputlisting[numbers=none, language=cfiasm]{src/main_cfi.s}
};
\end{scope}
\begin{scope}[>={Stealth[black]},
every path/.style={draw=black,very thick}]
\path [->] (cmd) -- (asm);
\end{scope}
\end{tikzpicture}
\medskip{}
\textbf{The \lstc{.cfi_*} is inline DWARF!}
\end{center}
\end{column}
\begin{column}{0.5\textwidth}
\begin{center}
\bf
$\implies$ if you write inline asm, you must write inline DWARF!
\end{center}
In \prog{glibc}, \prog{lowlevellock.h}:
\alert{off by one error in unwinding data}.
\lstinputlisting[language=gdb,numbers=none]{src/lowlevellock_backtrace}
\end{column}
\end{columns}
\only<2->{
\begin{textblock*}{0.90\textwidth}[0.5,0](0.5\paperwidth,0.17\paperheight)%
\begin{textblock*}{0.90\textwidth}[0.5,0](0.5\paperwidth,0.10\paperheight)%
\begin{tcolorbox}[halign=center, colframe=red, colback=Lavender]
\bf \huge
\bf \LARGE
Complex \,\& \,slow
\end{tcolorbox}
\end{textblock*}
}
\only<3->{
\begin{textblock*}{0.90\textwidth}[0.5,0](0.5\paperwidth,0.35\paperheight)%
\begin{textblock*}{0.90\textwidth}[0.5,0](0.5\paperwidth,0.30\paperheight)%
\begin{tcolorbox}[halign=center, colframe=red, colback=Lavender]
\huge
\textbf{Pervasive:}\\ relied upon by debuggers, profilers, C++
exceptions \\
\medskip{}
\textbf{$\leadsto$ not only for debuggers!}
\LARGE
\textbf{Pervasive:}\\ relied upon by profilers, debuggers,
aaand\ldots{}
\onslide<4->{
C++ exceptions. \\
\medskip{}
\textbf{$\leadsto$ not only for debuggers!}}
\end{tcolorbox}
\end{textblock*}
}
@ -369,18 +448,17 @@ Segmentation fault.
\firsttblrows{}%
\tblrowval{add}{\$0x68,\%rsp}{rsp+160}{c-8}
\tblrowval{pop}{\%rbx}{rsp+56}{c-8}
\tblrowval{pop}{\%rbp}{rsp+48}{c-8}
\end{tabularx}
\end{table}
\blknote{
\centering
\begin{overlayarea}{0.9\textwidth}{4.8ex}
\begin{overlayarea}{0.9\textwidth}{2.6em}
\only<4>{Upon function call, \alert{ra = *(\reg{rsp})}}
\only<5>{\texttt{push} decreases \reg{rsp} by 8: %
\alert{ra = *(\reg{rsp} + 8)}}
\only<6>{and again: %
\alert{ra = *(\reg{rsp} + 16)}}
\only<7>{This \texttt{mov} leaves \reg{rsp} untouched: %
\only<7>{This \texttt{mov} leaves \reg{rsp} untouched: \\%
\alert{ra = *(\reg{rsp} + 16)}}
\only<8>{The unwinding table captures an \alert{abstract execution}
of the code\ldots}
@ -410,8 +488,11 @@ Segmentation fault.
\item The fixpoints are immediate, cf article
\end{itemize}
\todo{Mettre en boîte}
Implemented on top of CMU's \prog{BAP}
\vspace{1em}
\begin{tcolorbox}[halign=center, colframe=OliveGreen, colback=YellowGreen]
\large
Implemented on top of CMU's \prog{BAP}
\end{tcolorbox}
\end{frame}
\begin{frame}{}
@ -427,6 +508,20 @@ Segmentation fault.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\section{Unwinding data compilation}
\begin{frame}
\begin{center}
\Huge
Unwinding data is
\textsc{slo\pause{}o\pause{}o\pause{}o\pause{}o\pause{}o\pause{}o\pause{}o\pause{}o\pause{}o\pause{}w}.
\end{center}
\vspace{2em}
\pause{}
So much that \prog{perf} doesn't use it by default! You must use
\lstbash{perf report --call-graph dwarf} explicitly!
\end{frame}
\sectiontitleframe{}
\subsection{Compilation ahead-of-time}
@ -440,7 +535,7 @@ Segmentation fault.
\lstinputlisting[basicstyle=\tiny\tt,numbers=none,language=]{src/dw_plt_abbr}
};
\only<2->{
\onslide<2->{
\node (table) at (0.5\textwidth, -0.23\textheight) {
\tiny\tt
\begin{tabular}{
@ -456,7 +551,7 @@ Segmentation fault.
\end{tabular}
};
}
\only<3->{
\onslide<3->{
\node (csrc) at (0, -0.6\textheight) {
\lstinputlisting[basicstyle=\tiny,numbers=none,language=C]{src/fib7/fib7.eh_elf_basic.c}
};
@ -501,16 +596,24 @@ Segmentation fault.
\subsection{Results}
\begin{frame}{Performances}
\begin{itemize}
\item \alert{Speedup}: x15 (\prog{gzip}) to x25 (\prog{hackbench}) vs.
libunwind
\begin{center}
\Large\bf Speedup vs. libunwind:
\begin{columns}
\begin{column}{0.5\textwidth}
\alert{x15} on gzip
\end{column}
\begin{column}{0.5\textwidth}
\alert{x25} on hackbench
\end{column}
\end{columns}
\end{center}
\begin{itemize}
\item libunwind: state of the art, aggressive caching.
\end{itemize}
\vfill
\item \alert{Space overhead}: x2.6 to x3 vs. DWARF
\end{itemize}
\begin{center}
\Large\bf Space overhead vs. DWARF:\\
\alert{x2.6 -- x3}
\end{center}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@ -543,4 +646,89 @@ Segmentation fault.
\end{center}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\section*{Extra slides}
\begin{frame}[noframenumbering]
\end{frame}
\begin{frame}[noframenumbering]{Fixpoint upon control flow merge}
\begin{columns}
\begin{column}{0.3\textwidth}
\begin{tikzpicture}
\begin{scope}[every node/.style={rectangle,thick,draw,scale=0.95}]
\node (if) at (0, 5) {\lstbash{if cnd}};
\node (then) at (-1, 3) { \lstbash{then A} };
\node (else) at (1, 3) { \lstbash{else B} };
\node (after) at (0, 1) { \lstbash{C} };
\end{scope}
\node [circle, thick, draw, minimum size=3em, color=red] (circafter) at (0, 1) {};
\begin{scope}[>={Stealth[black]}, every path/.style={draw=black,very thick}]
\path [->] (if) -- (then);
\path [->] (if) -- (else);
\path [->] (then) -- (after);
\path [->] (else) -- (after);
\end{scope}
\end{tikzpicture}
\end{column}
\begin{column}{0.6\textwidth}
\begin{center}
If eg.
\[
CFA(A) = c-48 \qquad CFA(B) = c-52
\]
no possible unwinding data for C, \alert{even for the
compiler}!
\vspace{1em}
Also, \alert{no possible clean function postlude}!
\vspace{2em}
$\implies$ $CFA(A) = CFA(B)$ and merge is immediate
\end{center}
\end{column}
\end{columns}
\end{frame}
\begin{frame}[noframenumbering]{Fixpoint upon loop control flow merge}
\begin{columns}
\begin{column}{0.3\textwidth}
\begin{tikzpicture}
\begin{scope}[every node/.style={rectangle,thick,draw,scale=0.95}]
\node (inbound) at (0, 7) {\lstbash{A}};
\node (while) at (0, 5) {\lstbash{for i in ...}};
\node (do) at (0, 3) { \lstbash{do a = array[i]; B} };
\node (done) at (0, 1) { \lstbash{C} };
\end{scope}
\node [ellipse, thick, draw, minimum width=10em, minimum height=3em, color=red] (circafter) at (0, 3) {};
\begin{scope}[>={Stealth[black]}, every path/.style={draw=black,very thick}]
\path [->] (inbound) -- (while);
\path [->] (while) edge[bend right] (do);
\path [->] (do) -- (done);
\path [->] (do) edge[bend right] (while);
\end{scope}
\end{tikzpicture}
\end{column}
\begin{column}{0.6\textwidth}
\begin{center}
{\large\alert{Variable stack frame size!}}
\vspace{1em}
We cannot hope for an invariant\dots\\
but the compiler cannot
either.
\vspace{1em}
{
\large\alert{$\implies$} the compiler will \alert{fallback to
\reg{rbp}}\\
}
even with \lstbash{--fomit-frame-pointer}
\end{center}
\end{column}
\end{columns}
\end{frame}
\end{document}

5
src/lowlevellock_backtrace Normal file
View file

@ -0,0 +1,5 @@
(gdb) backtrace
#0 0x406c2c in _L_lock_19
#1 0x406c2c in _L_lock_19
#2 0x4069c6 in abort
#3 0x401017 in main

8
src/main_cfi.s Normal file
View file

@ -0,0 +1,8 @@
main:
.cfi_startproc
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset 6, -16
movq %rsp, %rbp
.cfi_def_cfa_register 6
subq $32, %rsp