Re: Preventing preemption of 'protected' symbols in GNU ld 2.26

[Joe Groff <jgroff@apple.com>]

> On Mar 28, 2016, at 5:11 AM, H.J. Lu <hjl.tools@gmail.com> wrote:
> 
> On Thu, Mar 24, 2016 at 11:31 AM, Cary Coutant <ccoutant@gmail.com> wrote:
>>>>> What relocation do you propose to access external protected
>>>>> symbol on x86 for non-PIC code?
>>>> 
>>>> Non-PIC code can still use a GOT, can't it?
>>> 
>>> Yes.
>> 
>> Right.
>> 
>> Some additional thoughts:
>> 
>> - This has nothing to do with PIE. Non-PIC-non-PIE code has been
>> living with this restriction for at least 18 years (since visiblity
>> was introduced into the gABI).
>> 
>> - This has nothing to do with Ulrich's diatribe against protected
>> visibility, which applies only to function symbols (and really only to
>> one platform, due to how function pointer comparison works).
> 
> Copy relocation and protected symbol are mutually exclusive.
> Since copy relocation is the part of x86 psABIs, it limits
> protected symbol effectiveness on x86.  In glibc, we add a
> local alias to symbol we want to protect and access the local
> alias within glibc without GOT.

I had thought about doing this as a workaround for us, but if I understand correctly, this could result in two canonical copies of the object in the process's memory. For what we're using protected symbols for in Swift, we really want only one canonical object, and would prefer that protected references from the executable go through a GOT, similar to how references to external symbols always work in Mach-O.

>> - You don't need to go full-on PIC to reference a protected data
>> symbol in a shared library. You can always statically initialize a
>> pointer variable, and go indirect through that ("poor-man's PIC").
>> 
>> - We could add support for __attribute__((dllimport)) or
>> __declspec(dllimport) when declaring an external variable that is
>> expected to be defined in a shared library (ideally, that attribute
>> ought to be placed in the library's public interface). The compiler
>> can generate a PIC-style reference for that variable without
>> penalizing all the other variables in the main program. This is how
>> HP-UX compilers work on PA and Itanium (using #pragma external).
> 
> This is a useful feature, similar to -fno-plt, like -fgot, but only on
> selective symbols.

"protected" is already selective, though. The code generator had to intentionally set protected visibility on symbols.

> 
>> - Compilers could also generate tentative PIC-style references, with
>> sufficient relocations to allow the linker to convert the indirect
>> reference to a direct reference when possible (changing the second
>> load into a nop or copy). HP-UX also does this.
> 
> I extended the x86 psABIs with relaxable GOT relocations and
> implemented the similar linker optimization in ld in binutils 2.26
> and gold also implemented the subset of the linker optimization.
> 
>> - Indirect references from PIC code to a protected symbol penalize the
>> common case (referencing a symbol within its own module) to support
>> the uncommon case, while introducing the nasty side effects of a COPY
>> relocation.
>> 
>> - COPY relocations are evil. They bind an application to a specific
>> version of a shared library's ABI, and introduce a hidden startup
>> cost. If we're going to make any changes, we should be moving towards
>> elimination of COPY relocations, rather than disabling features that
>> were designed to improve performance.
> 
> Copy relocation can improve performance.  Google enabled copy
> relocations for PIE in ld/gold and GCC to improve prefomance by
> up to 5%:
> 
> https://gcc.gnu.org/ml/gcc-patches/2014-05/msg01215.html
> 
> It is in GCC 5.

Did you look at what the costs were in startup time and dirty pages by using copy relocations? What do you do if the size of the definition changes in a new version of the library?

-Joe