Home Explore Help
Register Sign In
RD_Software
/
ark1668ed-bsp
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 4605e12628
Branches Tags
ark1668ed-bsp
/
linux
/
Documentation
/
arch
/
x86
/
orc-unwinder.rst

orc-unwinder.rst 8.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182 
  1. .. SPDX-License-Identifier: GPL-2.0
    2. 

  2. 

  3. ============
    4. 

  4. ORC unwinder
    5. 

  5. ============
    6. 

  6. 

  7. Overview
    8. 

  8. ========
    9. 

  9. 

  10. The kernel CONFIG_UNWINDER_ORC option enables the ORC unwinder, which is
    11. 

  11. similar in concept to a DWARF unwinder.  The difference is that the
    12. 

  12. format of the ORC data is much simpler than DWARF, which in turn allows
    13. 

  13. the ORC unwinder to be much simpler and faster.
    14. 

  14. 

  15. The ORC data consists of unwind tables which are generated by objtool.
    16. 

  16. They contain out-of-band data which is used by the in-kernel ORC
    17. 

  17. unwinder.  Objtool generates the ORC data by first doing compile-time
    18. 

  18. stack metadata validation (CONFIG_STACK_VALIDATION).  After analyzing
    19. 

  19. all the code paths of a .o file, it determines information about the
    20. 

  20. stack state at each instruction address in the file and outputs that
    21. 

  21. information to the .orc_unwind and .orc_unwind_ip sections.
    22. 

  22. 

  23. The per-object ORC sections are combined at link time and are sorted and
    24. 

  24. post-processed at boot time.  The unwinder uses the resulting data to
    25. 

  25. correlate instruction addresses with their stack states at run time.
    26. 

  26. 

  27. 

  28. ORC vs frame pointers
    29. 

  29. =====================
    30. 

  30. 

  31. With frame pointers enabled, GCC adds instrumentation code to every
    32. 

  32. function in the kernel.  The kernel's .text size increases by about
    33. 

  33. 3.2%, resulting in a broad kernel-wide slowdown.  Measurements by Mel
    34. 

  34. Gorman [1]_ have shown a slowdown of 5-10% for some workloads.
    35. 

  35. 

  36. In contrast, the ORC unwinder has no effect on text size or runtime
    37. 

  37. performance, because the debuginfo is out of band.  So if you disable
    38. 

  38. frame pointers and enable the ORC unwinder, you get a nice performance
    39. 

  39. improvement across the board, and still have reliable stack traces.
    40. 

  40. 

  41. Ingo Molnar says:
    42. 

  42. 

  43.   "Note that it's not just a performance improvement, but also an
    44. 

  44.   instruction cache locality improvement: 3.2% .text savings almost
    45. 

  45.   directly transform into a similarly sized reduction in cache
    46. 

  46.   footprint. That can transform to even higher speedups for workloads
    47. 

  47.   whose cache locality is borderline."
    48. 

  48. 

  49. Another benefit of ORC compared to frame pointers is that it can
    50. 

  50. reliably unwind across interrupts and exceptions.  Frame pointer based
    51. 

  51. unwinds can sometimes skip the caller of the interrupted function, if it
    52. 

  52. was a leaf function or if the interrupt hit before the frame pointer was
    53. 

  53. saved.
    54. 

  54. 

  55. The main disadvantage of the ORC unwinder compared to frame pointers is
    56. 

  56. that it needs more memory to store the ORC unwind tables: roughly 2-4MB
    57. 

  57. depending on the kernel config.
    58. 

  58. 

  59. 

  60. ORC vs DWARF
    61. 

  61. ============
    62. 

  62. 

  63. ORC debuginfo's advantage over DWARF itself is that it's much simpler.
    64. 

  64. It gets rid of the complex DWARF CFI state machine and also gets rid of
    65. 

  65. the tracking of unnecessary registers.  This allows the unwinder to be
    66. 

  66. much simpler, meaning fewer bugs, which is especially important for
    67. 

  67. mission critical oops code.
    68. 

  68. 

  69. The simpler debuginfo format also enables the unwinder to be much faster
    70. 

  70. than DWARF, which is important for perf and lockdep.  In a basic
    71. 

  71. performance test by Jiri Slaby [2]_, the ORC unwinder was about 20x
    72. 

  72. faster than an out-of-tree DWARF unwinder.  (Note: That measurement was
    73. 

  73. taken before some performance tweaks were added, which doubled
    74. 

  74. performance, so the speedup over DWARF may be closer to 40x.)
    75. 

  75. 

  76. The ORC data format does have a few downsides compared to DWARF.  ORC
    77. 

  77. unwind tables take up ~50% more RAM (+1.3MB on an x86 defconfig kernel)
    78. 

  78. than DWARF-based eh_frame tables.
    79. 

  79. 

  80. Another potential downside is that, as GCC evolves, it's conceivable
    81. 

  81. that the ORC data may end up being *too* simple to describe the state of
    82. 

  82. the stack for certain optimizations.  But IMO this is unlikely because
    83. 

  83. GCC saves the frame pointer for any unusual stack adjustments it does,
    84. 

  84. so I suspect we'll really only ever need to keep track of the stack
    85. 

  85. pointer and the frame pointer between call frames.  But even if we do
    86. 

  86. end up having to track all the registers DWARF tracks, at least we will
    87. 

  87. still be able to control the format, e.g. no complex state machines.
    88. 

  88. 

  89. 

  90. ORC unwind table generation
    91. 

  91. ===========================
    92. 

  92. 

  93. The ORC data is generated by objtool.  With the existing compile-time
    94. 

  94. stack metadata validation feature, objtool already follows all code
    95. 

  95. paths, and so it already has all the information it needs to be able to
    96. 

  96. generate ORC data from scratch.  So it's an easy step to go from stack
    97. 

  97. validation to ORC data generation.
    98. 

  98. 

  99. It should be possible to instead generate the ORC data with a simple
    100. 

  100. tool which converts DWARF to ORC data.  However, such a solution would
    101. 

  101. be incomplete due to the kernel's extensive use of asm, inline asm, and
    102. 

  102. special sections like exception tables.
    103. 

  103. 

  104. That could be rectified by manually annotating those special code paths
    105. 

  105. using GNU assembler .cfi annotations in .S files, and homegrown
    106. 

  106. annotations for inline asm in .c files.  But asm annotations were tried
    107. 

  107. in the past and were found to be unmaintainable.  They were often
    108. 

  108. incorrect/incomplete and made the code harder to read and keep updated.
    109. 

  109. And based on looking at glibc code, annotating inline asm in .c files
    110. 

  110. might be even worse.
    111. 

  111. 

  112. Objtool still needs a few annotations, but only in code which does
    113. 

  113. unusual things to the stack like entry code.  And even then, far fewer
    114. 

  114. annotations are needed than what DWARF would need, so they're much more
    115. 

  115. maintainable than DWARF CFI annotations.
    116. 

  116. 

  117. So the advantages of using objtool to generate ORC data are that it
    118. 

  118. gives more accurate debuginfo, with very few annotations.  It also
    119. 

  119. insulates the kernel from toolchain bugs which can be very painful to
    120. 

  120. deal with in the kernel since we often have to workaround issues in
    121. 

  121. older versions of the toolchain for years.
    122. 

  122. 

  123. The downside is that the unwinder now becomes dependent on objtool's
    124. 

  124. ability to reverse engineer GCC code flow.  If GCC optimizations become
    125. 

  125. too complicated for objtool to follow, the ORC data generation might
    126. 

  126. stop working or become incomplete.  (It's worth noting that livepatch
    127. 

  127. already has such a dependency on objtool's ability to follow GCC code
    128. 

  128. flow.)
    129. 

  129. 

  130. If newer versions of GCC come up with some optimizations which break
    131. 

  131. objtool, we may need to revisit the current implementation.  Some
    132. 

  132. possible solutions would be asking GCC to make the optimizations more
    133. 

  133. palatable, or having objtool use DWARF as an additional input, or
    134. 

  134. creating a GCC plugin to assist objtool with its analysis.  But for now,
    135. 

  135. objtool follows GCC code quite well.
    136. 

  136. 

  137. 

  138. Unwinder implementation details
    139. 

  139. ===============================
    140. 

  140. 

  141. Objtool generates the ORC data by integrating with the compile-time
    142. 

  142. stack metadata validation feature, which is described in detail in
    143. 

  143. tools/objtool/Documentation/objtool.txt.  After analyzing all
    144. 

  144. the code paths of a .o file, it creates an array of orc_entry structs,
    145. 

  145. and a parallel array of instruction addresses associated with those
    146. 

  146. structs, and writes them to the .orc_unwind and .orc_unwind_ip sections
    147. 

  147. respectively.
    148. 

  148. 

  149. The ORC data is split into the two arrays for performance reasons, to
    150. 

  150. make the searchable part of the data (.orc_unwind_ip) more compact.  The
    151. 

  151. arrays are sorted in parallel at boot time.
    152. 

  152. 

  153. Performance is further improved by the use of a fast lookup table which
    154. 

  154. is created at runtime.  The fast lookup table associates a given address
    155. 

  155. with a range of indices for the .orc_unwind table, so that only a small
    156. 

  156. subset of the table needs to be searched.
    157. 

  157. 

  158. 

  159. Etymology
    160. 

  160. =========
    161. 

  161. 

  162. Orcs, fearsome creatures of medieval folklore, are the Dwarves' natural
    163. 

  163. enemies.  Similarly, the ORC unwinder was created in opposition to the
    164. 

  164. complexity and slowness of DWARF.
    165. 

  165. 

  166. "Although Orcs rarely consider multiple solutions to a problem, they do
    167. 

  167. excel at getting things done because they are creatures of action, not
    168. 

  168. thought." [3]_  Similarly, unlike the esoteric DWARF unwinder, the
    169. 

  169. veracious ORC unwinder wastes no time or siloconic effort decoding
    170. 

  170. variable-length zero-extended unsigned-integer byte-coded
    171. 

  171. state-machine-based debug information entries.
    172. 

  172. 

  173. Similar to how Orcs frequently unravel the well-intentioned plans of
    174. 

  174. their adversaries, the ORC unwinder frequently unravels stacks with
    175. 

  175. brutal, unyielding efficiency.
    176. 

  176. 

  177. ORC stands for Oops Rewind Capability.
    178. 

  178. 

  179. 

  180. .. [1] https://lore.kernel.org/r/20170602104048.jkkzssljsompjdwy@suse.de
    181. 

  181. .. [2] https://lore.kernel.org/r/d2ca5435-6386-29b8-db87-7f227c2b713a@suse.cz
    182. 

  182. .. [3] http://dustin.wikidot.com/half-orcs-and-orcs
    183.