Comment 1 Thierry Carrez (RETIRED) 2005-05-16 04:36:48 UTC

Reassigning to hardened

Comment 2 solar (RETIRED) 2005-05-16 05:07:36 UTC

Unassigning from hardened.. This is a Q/A problem. 
shared libs must not contain text relocations. Portage will refuse to install shared libs like this in the future.
The rumored proper fix is reported to be to "not" --enable-assembler in MySQL
that gets later used by the libphp4.so

well, disabling the assembly code is more like a workaround, not a real fix ;-). it obviously points to some assembly that is not PIC, i'll look at it but make no promises for fixing it, ideally upstream should handle it (do they know about this at all?).

Comment 4 Robin Johnson 2005-05-16 11:21:15 UTC

I'm not going to use --disable-assembler, as that is a workaround with a large performance impact in this case.

See bug 42968 and tell me HOW to fix the PIC asm, and I'll gladly take a stab at it. Upstream was informed previously, but considered it very low priority (eg submit a patch and we'll take it).

Comment 5 solar (RETIRED) 2005-05-16 11:52:27 UTC

USE=pic and disable would be an acceptable compromise till such time as a proper asm fix exists.

"USE=pic and disable would be an acceptable compromise till such time as a proper asm fix exists."

could you repeat please? either I didn't understand or the sentence has some typos...

Comment 7 solar (RETIRED) 2005-05-16 16:01:18 UTC

Pedro comment #5 was in response to comment #4

IE: I'm letting robbat2 know that despite the performance gains from 
using --enable-assembler it's acceptable to use --disable-assembler in
the case when pic is found in the users USE flags. This will allow mysql
to built properly for those that need it to be and will probably solves 
the php bugs that people have with not being able to enable memory
protection after relocatable section blah.. The pic flag in portage is 
more or less meant for this very thing. Lets watch and see how 42968 
progresses first. Kevin might come up with a patch that will make things
even faster while fixing a general ELF q/a problem. 

Comment 8 solar (RETIRED) 2005-05-16 17:54:40 UTC

*** This bug has been marked as a duplicate of 42968 ***

after changing --enable-assembler into --disable-assembler and recompiling  
mod_php, the result is the same. libphp4.so still has TEXTREL. apparently it  
isn't so because of mysql...  
 
since it isn't solved, maybe the bug should be marked as open again? 

(In reply to comment #9)
> after changing --enable-assembler into --disable-assembler and recompiling  
> mod_php, the result is the same. libphp4.so still has TEXTREL. apparently it  
> isn't so because of mysql...  

can you post (attach) the 'readelf -a /path/to/libphp4.so' output please (if
it's too big, then just -edr instead of -a)?

> since it isn't solved, maybe the bug should be marked as open again? 

if libphp4.so has textrels (we'll see that from the above output) then it's
indeed a different bug.

Created attachment 59119 [details]
output of readelf -a /usr/lib/apache2/extramodules/libphp4.so

gzipped text with output of readelf -a /usr/lib/apache2/extramodules/libphp4.so

scanelf shows that libphp4.so indeed has text relocations even when recompiled 
with "fixed" mysql. 
 
gw root # scanelf -a /usr/lib/apache2/extramodules/libphp4.so  
 TYPE    PAX   STK/REL TEXTREL RPATH NEEDED INTERP  FILE 
ET_DYN  PeMRxS RW- R-- TEXTREL   -   
libcrypt.so.1,libnsl.so.1,libsablot.so.0,libexpat.so.0,libaspell.so.15,libpspell.so.15,libpdf.so.2,libz.so.1,libtiff.so.3,libpng.so.3,libmysqlclient.so.12,libmhash.so.2,libmcrypt.so.4,libltdl.so.3,libssl.so.0.9.7,libcrypto.so.0.9.7,libpam.so.0,libgmp.so.3,libjpeg.so.62,libexslt.so.0,libxslt.so.1,libdb-4.1.so,libdb.so.2,libgdbm.so.3,libbz2.so.1,libresolv.so.2,libm.so.6,libxmlparse.so.0,libxmltok.so.0,libcurl.so.3,libdl.so.2,libxml2.so.2,libnetsnmp.so.5,libwrap.so.0,libc.so.6   
-    /usr/lib/apache2/extramodules/libphp4.so 
gw root #  

Comment 13 solar (RETIRED) 2005-05-17 08:11:30 UTC

I just added elfutils-0.108 to the tree (~arch) which includes a program named 
eu-findtextrel
I'm not sure if <=elfutils-0.101 contains this util or not, but it appears as if 
it will come in quite handy in helping tack down the source of TEXTREL's in the 
future.

Could you please give it a try.
eu-findtextrel /usr/lib/apache2/extramodules/libphp4.so > php-textrel.x

(In reply to comment #12)
> scanelf shows that libphp4.so indeed has text relocations even when recompiled 
> with "fixed" mysql. 

indeed, it has a lot of them, i think it's due to some other library or at least
a subtree in php not having been compiled as PIC, i'll take a look. in the
meantime you can reopen this bug ;-)

(In reply to comment #13) 
> I just added elfutils-0.108 to the tree (~arch) which includes a program 
named  
> eu-findtextrel 
> I'm not sure if <=elfutils-0.101 contains this util or not, but it appears as 
if  
> it will come in quite handy in helping tack down the source of TEXTREL's in 
the  
> future. 
>  
> Could you please give it a try. 
> eu-findtextrel /usr/lib/apache2/extramodules/libphp4.so > php-textrel.x 
 
attaching output of eu-findtextrel and reopening bug. 

Created attachment 59199 [details]
output of eu-findtextrel /usr/lib/apache2/extramodules/libphp4.so

output of eu-findtextrel /usr/lib/apache2/extramodules/libphp4.so, trying to
find sources of textrelocations.

Comment 17 Robin Johnson 2005-05-31 15:17:03 UTC

passing this onto PHP guys, since it is not due to MySQL

I'm having the same problems with php5. I get the same error. Cannot 
load /usr/lib/apache/libphp5.so into 
server: /usr/lib/apache/libphp5.so: cannot make segment 
writable for relocation: Permission denied

I've traced the error back to the switch --with-mysql=/xxx/xxx/ when compiling 
php from source. In case of emerge that probably would be mysql. I've still 
haven't found a solution for this problem. Any help would be great 

took a look at it finally, and the fix is simple: add

   myconf="${myconf} --with-pic"

to the ebuild (src_compile) and configure will prefer building and using PIC
instead of the apparent default of non-PIC.

Comment 20 Luca Longinotti (RETIRED) 2005-10-15 13:21:04 UTC

Ok thanks for looking into this, though we already do that... All the PHP
eclasses (both for new and old style PHP) do:
# fix ELF-related problems
    if has_pic ; then
        myconf="${myconf} --with-pic"
    fi
So we already added that, now I've not tried lately to run mod_php with TEXTRELs
disabled, but in theory the fix was already there. :)
It would be great if you could test this with one of the new dev-lang/php PHP
ebuilds, thanks.
Best regards, CHTEKK.

something's amiss here. let's see dev-php/mod_php-4.4.0-r3 which i was playing
with (note that the original report was for mod_php as well, not for php itself).

regardless of pic in USE, configure doesn't get passed --with-pic here (and
while we're at it, the pic USE flag should not play a role, a shared lib must be
PIC, without textrels) and the resulting .so has textrels all over the place.
now i don't know if the mod_php ebuild was supposed to pick up whatever changes
you had in the eclasses or not, but it definitely doesn't work as it is, hence
my suggested quick fix. based on what you said i suggest you 1. get rid of the
USE=pic dependence 2. use that eclass/whatever in the mod_php ebuilds as well.

Comment 22 Luca Longinotti (RETIRED) 2005-10-15 14:06:37 UTC

There is no "pic" USE flag for any PHP ebuild, has_pic is a function from the
flag-o-matic eclass that just checks that the system on wich we're building does
indeed support PIC code. Also, mod_php is being deprecated in favour of
dev-lang/php, wich builds all three SAPIs depending on USE flags "apache2" "cli"
"cgi", there you can also see very well if --with-pic gets added, "Enabling PIC
support" should appear after it enables/disables the extensions, and indeed the
finished mod_php has --with-pic in it, I just have no Hardened system with
TEXTRELs disabled on wich to test it. For more informations on dev-lang/php see [1].
Best regards, CHTEKK.

[1]
http://svn.gnqs.org/projects/gentoo-php-overlay/file/docs/php-upgrading.html?format=raw

hmm, things are still not clear to me...

1. has_pic doesn't check for PIC support (what would that mean anyway?), it
   checks for the presence of -fPIC/-fpic in CFLAGS, therefore it's effectively
   the same as what the pic USE flag does (or did in the past), iirc. in other
   words, unless -fPIC is in someone's CFLAGS (very bad idea), has_pic won't do
   much good for you (emerge mod_php yourself if you don't believe it). note
   also that has_pic is marked as DEPRECATED in flag-o-matic.eclass.

   quite honestly i don't understand why you need this has_pic or any PIC
   related check at all, any package that builds shared libs must build them
   without text relocations (which means that it must be compiled with -fPIC or
   -fpic, and if it has assembly code then that has to be properly written too,
   see our previous work on mysql and others) and i think most if not all of
   them already provide proper configure switches for that effect.
  
2. even if dev-php/mod_php is deprecated, it should be fixed as there are
   apparently people using it (see comment #18), and use_pic doesn't do what
   you think it does.

3. i don't know how dev-lang/php is supposed to build with -fPIC, but if, as you
   say, it relies on has_pic then it's failing as well (just tried it on
dev-lang/php-5.0.5-r1):

     checking whether to force non-PIC code in shared modules... yes

   and of course i see -prefer-non-pic all over the place during compilation
   and then the QA checks trigger at the end too:

     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/curl.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/dba.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/ftp.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/gettext.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/gmp.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/iconv.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/mbstring.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/mcrypt.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/ncurses.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/openssl.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/pcntl.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/sockets.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/sysvmsg.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/sysvsem.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/sysvshm.so
     TEXTREL usr/lib/php5/lib/php/extensions/no-debug-zts-20041030/zlib.so
     TEXTREL usr/lib/apache2/modules/libphp5.so

   so the question is, how did you guys manage to compile this thing without
   text relocations (note that all this happened on a non-hardened gentoo)?

Comment 24 Sebastian Bergmann (RETIRED) 2005-10-15 15:21:52 UTC

PHP's configure script uses -prefer-non-pic

  # Disable PIC where it is known to be safe to do so,
  # to avoid the performance hit from the lost register

Benchmarks showed that building PHP with -prefer-non-pic increases performance
by 15-20%.

(In reply to comment #24)
> PHP's configure script uses -prefer-non-pic
> 
>   # Disable PIC where it is known to be safe to do so,
>   # to avoid the performance hit from the lost register

uhm, what do they mean by 'safe to do so'? apparently they don't have the
slightest idea about text relocations as they compile *everything* as non-PIC.
anyway, can gentoo fix it at least for hardened then?

> Benchmarks showed that building PHP with -prefer-non-pic increases performance
> by 15-20%.

and what would be those benchmarks? i can hardly imagine that the PIC function
prologues and variable accesses incur such a performance hit unless there's some
other problem hidden there already (e.g., small functions that could/should be
inlined aren't, data variables are exported from a shared library (bad idea),
too many symbols are visible outside of the shared library without purpose, etc).

Comment 26 Luca Longinotti (RETIRED) 2005-10-15 16:12:07 UTC

(In reply to comment #23)
> hmm, things are still not clear to me...
> 
> 1. has_pic doesn't check for PIC support (what would that mean anyway?), it
>    checks for the presence of -fPIC/-fpic in CFLAGS, therefore it's effectively
>    the same as what the pic USE flag does (or did in the past), iirc. in other
>    words, unless -fPIC is in someone's CFLAGS (very bad idea), has_pic won't do
>    much good for you (emerge mod_php yourself if you don't believe it). note
>    also that has_pic is marked as DEPRECATED in flag-o-matic.eclass.
> 
>    quite honestly i don't understand why you need this has_pic or any PIC
>    related check at all, any package that builds shared libs must build them
>    without text relocations (which means that it must be compiled with -fPIC or
>    -fpic, and if it has assembly code then that has to be properly written too,
>    see our previous work on mysql and others) and i think most if not all of
>    them already provide proper configure switches for that effect.

Ok yeah you're right on this, it may well be from what I see that all this
problem derives from has_pic use, since I just tried to compile PHP 4.4.0 on a
Hardened system (where has_pic returned true, and I have no special flags in my
CFLAGS), and enabling --with-pic let it compile withouth warnings about
TEXTRELs. I'll attach shortly a patch to fix this in the php-sapi.eclass, so it
uses the new gcc-specs-pie function from toolchain-funcs eclass, wich should
correctly detect things on all Gentoo systems (how I see it, it returns false
only if you explicitly disable PIE code, and in that case it should be correct
to not build with --with-pic).

> 2. even if dev-php/mod_php is deprecated, it should be fixed as there are
>    apparently people using it (see comment #18), and use_pic doesn't do what
>    you think it does.

If there are problems with it they will be fixed, it's just that we now normally
require a confirmation of bugs also in dev-lang/php, and if they're not
reproducible, then simply migrate over to dev-lang/php, but I see that the bug
probably also appears there (if it indeed is the has_pic that causes problems).

Best regards, CHTEKK.

Comment 27 Luca Longinotti (RETIRED) 2005-10-15 16:14:04 UTC

Created attachment 70761 [details, diff]
Patch to fix usage of has_pic in php-sapi.eclass

This also displays an "Enabling PIC support" during emerge, so you can be sure
if it triggered or not.
Best regards, CHTEKK.

(In reply to comment #26)
> I'll attach shortly a patch to fix this in the php-sapi.eclass, so it
> uses the new gcc-specs-pie function from toolchain-funcs eclass, wich should
> correctly detect things on all Gentoo systems (how I see it, it returns false
> only if you explicitly disable PIE code, and in that case it should be correct
> to not build with --with-pic).

this is still not good, there're hardened gcc profiles that don't build PIEs by
default and hence will trigger your nopie check and still build a shared library
with text relocations. that is, PIE determines the executable file format, not
that of the shared library, don't tie the two together. according to comment #24
the reason for not enabling PIC shared libs by default was some performance
problem, i'd like to know what they are exactly as the bug is there and
producing text relocations for a 'fix' is completely wrong. in case anyone has
doubts about the badness of textrelocs, read Ulrich Drepper's DSO howto at

 http://people.redhat.com/drepper/dsohowto.pdf 

page 13 in particular.

Comment 29 Luca Longinotti (RETIRED) 2005-10-15 17:13:35 UTC

> this is still not good, there're hardened gcc profiles that don't build PIEs by
> default and hence will trigger your nopie check and still build a shared library
> with text relocations. that is, PIE determines the executable file format, not
> that of the shared library, don't tie the two together.

Yeah sorry, saw that too when trying out on a non-hardened system for example,
bad me for not testing that before attaching the patch. :( Sorry again, at least
I can confirm that hard-enabling --with-pic fixes the TEXTRELs.

> according to comment #24
> the reason for not enabling PIC shared libs by default was some performance
> problem, i'd like to know what they are exactly as the bug is there and
> producing text relocations for a 'fix' is completely wrong. in case anyone has
> doubts about the badness of textrelocs, read Ulrich Drepper's DSO howto at
> 
>  http://people.redhat.com/drepper/dsohowto.pdf 
> 
> page 13 in particular.

Sebastian, any more precise informations on those performance problems? Anyway I
think we should choose "fix the TEXTREL problem" over performance, any another
toughts? I'd vote for enabling --with-pic unconditionally then, from what I
understand it's the best way to go, solves the problem and anything should
support it per http://www.gentoo.org/proj/en/hardened/pic-internals.xml, the
only drawback could be a performance decrease. Sorry if some of my ideas may
sound strange, but I'm really no expert on the toolchain's inner workings and
far to sleepy atm, so till tomorrow, CHTEKK.

Comment 30 Sebastian Bergmann (RETIRED) 2005-10-15 23:04:34 UTC

There were several discussions about this on the php-internals mailinglist, just
search the archives.

Comment 31 Luca Longinotti (RETIRED) 2005-10-16 03:33:33 UTC

(In reply to comment #30)
> There were several discussions about this on the php-internals mailinglist, just
> search the archives.

Found only this commenting on performance loss for PIC enabled PHP:
http://marc.theaimsgroup.com/?l=php-dev&m=105976279031095&w=2
But generally the view is that with PIC enabled, PHP will really slow down.
Just an idea, we could simply add a "hardened" USE flag to PHP (not
"hardenedphp", thats something else), and make --with-pic dependant on that one.
Also, we do an ewarn at the beginning and end of the ebuild to warn the user
that building without "hardened" enabled will get him a PHP that is faster, but
with TEXTRELs. Since has_pic or gcc-specs-pie aren't reliable as checks, a USE
hardened should be (the user can directly turn it on/off), normally that one is
already set for Hardened-Gentoo systems too, and with the warnings in the ebuild
and on our documentation (once it's finished) they'll also know what to do. Any
toughts on this? While TEXTRELs are evil, killing off 20% and more performance
is too on a loaded webserver...
Best regards, CHTEKK.

(In reply to comment #30)
> There were several discussions about this on the php-internals mailinglist, just
> search the archives.

i think i found the relevant ones and all seem to come from one Rasmus Lerdorf who
once stated that he gained 10-20% performance by going with a non-PIC build. what
he didn't show is the exact benchmarks and performance numbers, let alone profiles
so it's kinda hard to assess what he was measuring. has any of you guys reproduced
any of these tests? if so, what are the details? if not, can you do it now? also,
once you're into benchmarking, i'd like someone to measure the effect of adding
-Bsymbolic to LDFLAGS, that should reduce a lot of unnecessary .plt redirections
in the .so and could very well make up for the performance loss (my stats on
libphp5.so show that it has some 5778 functions that are forced to go through
the .plt, probably for no good reason, -Bsymbolic would eliminate the function
call overhead on all of that).

Comment 33 Kevin F. Quinn (RETIRED) 2005-10-16 07:14:29 UTC

Just to pipe in here :)

has_pic() - one of my pet hates.  People use it all over the place, with
everyone thinking it does something different, one of the main reasons I marked
it "DEPRECATED" (that, and it's meaningless anyway!).  I think it was created to
provide a simple way for ebuilds to detect when the hardened compiler has
"switched on PIC" - however that completely misses the point as the hardened
compiler doesn't "switch on PIC", it switches on PIE for non-PIC objects (so
that they can be linked into position-independent executables).  Later people
started using it to conditionally fix broken asm code in particular, where
upstream deliberately build non-PIC objects for their shared libraries - exposed
by the hardened compiler which switches on -fPIE which it otherwise wouldn't do
(because -fPIC would be present).

re. performance issues - I simply don't believe PIC code is so much slower than
non-PIC code as such.  Certainly claims of 25%-30% are not credible.  What is
likely happening if someone does see such a large performance difference, is
that some apps provide optimised non-PIC assembler code, and fall back to
unoptimised C functions when they have to build PIC.  The performance drop has
nothing to do with PIC being significantly slower than non-PIC per se, but
everything to do with the difference between a piece of hand-optimised
case-specific assembler and a generic C function.  Happens a lot in the media
packages.

I suspect that the report of a 25-30% hit was due to things like the
longlong2str function that didn't have an optimised PIC assembler version in
mysql (see bug #42968).  Certainly it'd be worth measuring performance of php
properly to get some real data.

Comment 34 Luca Longinotti (RETIRED) 2005-10-16 08:46:52 UTC

Ok, I've done some benchmarking using the bench.php benchmark from
http://cvs.php.net/co.php/ZendEngine2/bench.php?r=1.4.
All the benchmarks were done locally on my machine, here some specs:
MinasTirith / # uname -a
Linux MinasTirith 2.6.11-gentoo-r9 #2 SMP Tue Jun 7 00:44:14 CEST 2005 i686
Intel(R) Pentium(R) 4 CPU 3.20GHz GenuineIntel GNU/Linux
It's a Intel P4 3.2 Ghz, with HT enabled (SMP kernel) and running in 32bit-only
mode, it's got 1024MB DDR-RAM and a 60gb ATA133 HD.
I have benchmarked PHP 4.4.1RC1, one series of tests consisted in directly
executing the bench.php from commandline using the PHP cli binary, and the other
series of tests consisted in browsing to bench.php and executing through mod_php
under Apache2.0.54 with MPM-Prefork, the cache of the browser (Firefox) I used
was always completely cleared between test runs.
Each benchmark was repeated three times, and was done for the following PHP
configurations:
- normal PHP
- PHP --with-pic
- PHP --with-pic and -Bsymbolic appended to LDFLAGS
The results are all available here:
http://dl.longitekk.com/cli_phpbench.txt
http://dl.longitekk.com/mod_phpbench.txt
As you can see, --with-pic indeed slows down PHP, in CLI mode indeed up to 20%,
and in mod_php about the same. Further, adding -Bsymbolic, slows down the CLI
PHP even more (very little though), but indeed speeds up mod_php, wich still is
about three seconds slower than a non-PIC build, and probably adding -Bsymbolic
to the non-PIC build would have made that one also faster, thus increasing the
difference again (I'm not sure on this though, didn't test that, it just seems
logical).
Best regards, CHTEKK.

ok, now we're getting somewhere. more questions too ;-)

1. what's this CLI version exactly? in particular, does it link to a shared
   php.so (which does the real work) or is everything linked into the main
   executable? i'm asking this because using PIC in the main exe is meaningless
   for performance evaluation (well, it'd matter for a PIE build, but let's fix
   things one by one), we care about the shared lib only.

2. for me the more interesting results are for mod_php. as i suspected, part of
   the overhead is due to the function calls going through the .plt, i'd like to
   see what -Bsymbolic does to the non-PIC build though. i'd also like to see
   the detailed numbers like you did for the CLI build (if that's possible), to
   see which benchmarks take the more significant hits (probably the same as in
   the CLI version, but double checking it never hurts). next, we'd have to do
   some profiling to see where the difference is exactly, i'll see if i can set
   it up here, else i'll have to ask you to do it (it'll need some tweaking in
   CFLAGS like adding -pg).

3. these tests appear to be more like microbenchmarks, whose results show worst
   case performance, i wouldn't draw far-reaching conclusions on 'average' real
   life app performance impact. are there tests that exercise whole apps or at 
   least a bigger code base?

I cannot tell you much about the issue, but I can point you to some links /
benchmarks:

Rasmus suggestion:
 ->
http://groups.google.de/group/mailing.www.php-dev/browse_frm/thread/97ce816a91f91024/a0c339bcc2b98c60#a0c339bcc2b98c60

Benchmark:
 ->
http://www.schlossnagle.org/~george/blog/index.php?/archives/58-The-DSO-Myth.html
 ->
http://www.schlossnagle.org/~george/blog/index.php?/archives/57-The-DSO-Myth-Part-2.html

-- comment from Rasmus (google cache from old blog): --
"George, just because you use a DSO doesn't mean you have to use PIC. You can
compile a shared library non-pic. If a shared library is only ever loaded into a
single thing, like Apache in this case, the benefits of PIC are minimal anyway,
and you still get all the benefits of not needing to recompile your Apache when
you upgrade your PHP. So build yourself a non-pic libphp4.so and benchmark again."

 ->
http://www.schlossnagle.org/~george/blog/index.php?/archives/56-The-DSO-Myth-Part-3.html

the raw benchmark results:
 -> http://www.omniti.com/~george/php/stats2
 
More blogs/benchmarks:
 -> http://ilia.ws/archives/28-PHPApache-Static-vs-DSO.html
 -> http://www.derickrethans.nl/pic_vs_nonpic_take_2.php

And there are some entries in php.internals weekly summeries (from zend.com): 
 -> http://php.zend.com/zend/week/index.php
(search for "pic")

Comment 37 Luca Longinotti (RETIRED) 2005-10-16 09:44:07 UTC

(In reply to comment #35)
> ok, now we're getting somewhere. more questions too ;-)

Heh well, ok. :)

> 1. what's this CLI version exactly? in particular, does it link to a shared
>    php.so (which does the real work) or is everything linked into the main
>    executable? i'm asking this because using PIC in the main exe is meaningless
>    for performance evaluation (well, it'd matter for a PIE build, but let's fix
>    things one by one), we care about the shared lib only.

Yeah, php CLI build is the php binary that can be called from commandline to
execute PHP scripts via commandline, it does not load any php.so library, all
the PHP stuff is condensed into the binary itself. I tought that probably PIC in
a binary wouldn't matter much performancewise, but it's still a good comparison
method I think and anyway confirms that PIC seems to be slower. mod_php instead
is a shared library that gets loaded into Apache.

> 2. for me the more interesting results are for mod_php. as i suspected, part of
>    the overhead is due to the function calls going through the .plt, i'd like to
>    see what -Bsymbolic does to the non-PIC build though. 

I've tested this and added the results at the end of the two txt's containing my
benchmark results.

> i'd also like to see
>    the detailed numbers like you did for the CLI build (if that's possible), to
>    see which benchmarks take the more significant hits (probably the same as in
>    the CLI version, but double checking it never hurts).

This is possible, I just have to recompile and redo all the tests, should be all
done in about an hour I think.

> next, we'd have to do
>    some profiling to see where the difference is exactly, i'll see if i can set
>    it up here, else i'll have to ask you to do it (it'll need some tweaking in
>    CFLAGS like adding -pg).

Ok, this can be done, just guide me through what I need to do exactly, never did
profiling, or point me to some doc explaining it in detail.

> 3. these tests appear to be more like microbenchmarks, whose results show worst
>    case performance, i wouldn't draw far-reaching conclusions on 'average' real
>    life app performance impact. are there tests that exercise whole apps or at 
>    least a bigger code base?

Hmmm there probably are, but not that I'm aware of.

@ Andreas: thanks for all the links and infos!

Best regards, CHTEKK.

Comment 38 Luca Longinotti (RETIRED) 2005-10-16 11:08:01 UTC

Here are the mod_php benchmarks, with all the details:
http://dl.longitekk.com/mod_phpbench_detailed.txt
Take note that this is all from a recompile&rerun of all benchmarks, and it
seems that -Bsymbolic this time didn't change anything much... Why I have no
idea, it was passed to the build process...
I hope this helps further, best regards, CHTEKK.

(In reply to comment #38)
> Here are the mod_php benchmarks, with all the details:
> http://dl.longitekk.com/mod_phpbench_detailed.txt
> Take note that this is all from a recompile&rerun of all benchmarks, and it
> seems that -Bsymbolic this time didn't change anything much... Why I have no
> idea, it was passed to the build process...

hmm, that's weird, are you sure you didn't make a mistake somewhere? -Bsymbolic
can't have no effect and a rather visible effect at the same time ;-).

for profiling: http://www.gnu.org/software/binutils/manual/gprof-2.9.1/gprof.html
basically, you need -g -gp in CFLAGS then run apache which will produce an
output that have to be interpreted by gprof. you have to do this for both the
PIC and non-PIC mod_php so we can compare. as for the actual benchmarks, i'm
more interested in macrobenchmarks like this Smarty Demo that was mentioned in
one of the URLs (and shows an impossible result btw, a statically linked in
non-PIC mod_php can't possibly be slower than a non-PIC shared library), not
microbenchmarks.

Comment 40 Luca Longinotti (RETIRED) 2005-10-16 13:32:20 UTC

> hmm, that's weird, are you sure you didn't make a mistake somewhere? -Bsymbolic
> can't have no effect and a rather visible effect at the same time ;-).

Yeah I'm aware this sounds absurd... But it's what's happening, just to be sure
I compiled PHP another time, Apache was using the newly compiled mod_php, and
-Bsymbolic was added during the compile. But the results remained on an average
of about 30.580 seconds, still much more than the 29.637 seconds of the first
series of benchmarks I've done. So maybe it wasn't really -Bsymbolic, but just
some outside influence of something else that changed the values of my first
benchmarks, or exactly the contrary and something influences the values of my
current benchmarks? Boh, no clue on this, the testing environment remained the
same, the only application that got restarted is Apache to load the new
mod_php... But -Bsymbolic or not, PIC seems to hit PHP quite hard, and from what
 I understand profiling may help us track what slows it down, right?

> for profiling: http://www.gnu.org/software/binutils/manual/gprof-2.9.1/gprof.html
> basically, you need -g -gp in CFLAGS then run apache which will produce an
> output that have to be interpreted by gprof. you have to do this for both the
> PIC and non-PIC mod_php so we can compare. as for the actual benchmarks, i'm
> more interested in macrobenchmarks like this Smarty Demo that was mentioned in
> one of the URLs (and shows an impossible result btw, a statically linked in
> non-PIC mod_php can't possibly be slower than a non-PIC shared library), not
> microbenchmarks.

Ok I'll do that tomorrow when I have time. Btw what Smarty Demo are you
referring to? Couldn't find that in the URLs from Andreas. For macrobenchmarks I
could simply set up a phpMyAdmin or some webapp and let the Apache benchmark
suite test how long it takes for 1000 index.php's to show up, then change
mod_php and do it again, that's also how it was done in one of the links. I'd
then anyways profile both the macrobenchmark and the microbenchmark, since while
not being really "real-world" proof, it shows a serious drop in performance and
can show what is causing it imo. I'll then put the data from the profiler
somewhere for you to download and have a look at. Thanks for all the help! :)
Best regards, CHTEKK.

George mentioned it in his benchmark results:
http://www.omniti.com/~george/php/stats2

I think he's talking about the sample guestbook from smarty manual:
http://smarty.php.net/sampleapp/sampleapp_p1.php

Many people use it for benchmarking, because it loads a lot of code, similar to
"real world" applications. Another application often used for benchmarks like
that is phpMyAdmin (frontpage), which loads/executes even more "real world" PHP
code. (e.g. http://turck-mmcache.sourceforge.net/index_old.html#bench)

Comment 42 Luca Longinotti (RETIRED) 2005-11-03 08:48:19 UTC

Update on this: sorry, I really haven't time atm to do profiling etc., so for
now we introduced an interim solution: the "pic" USE flag. Old-style PHP will
not be changed, I don't want to change it's behaviour, and it will go away in
2-3 months anyway. For the new dev-lang/php ebuilds, like I said, we added the
"pic" USE flag wich enables/disables "--with-pic", that way it will work on
non-Hardened systems fast but with TEXTRELs, on Hardened-systems "pic" is turned
on by default, so it will work slower but without TEXTRELs, and in any case the
user has the possiblity to toggle the flag, so if you use a PaX kernel on a
non-Hardened system, simply enable the "pic" USE flag and it will work again
without TEXTRELs.
Best regards, CHTEKK.

Comment 43 SpanKY 2005-12-12 18:35:19 UTC

*** Bug 115258 has been marked as a duplicate of this bug. ***

Comment 44 Kevin F. Quinn (RETIRED) 2005-12-19 10:55:29 UTC

*** Bug 116069 has been marked as a duplicate of this bug. ***

Comment 45 Kevin F. Quinn (RETIRED) 2005-12-19 10:57:23 UTC

Lares reported textrels in dev-php/mod_php-4.4.0-r9:

TEXTREL usr/lib/php/extensions/no-debug-zts-20020429/java.so
TEXTREL usr/lib/apache2/modules/libphp4.so

the java.so one hasn't been mentioned here before.

Comment 46 Sandro Bonazzola (RETIRED) 2006-02-24 11:37:29 UTC

not strictly related to mod_php itself, but apply to the module for apache2 provided by dev-lang/php-5.1.1. It also have TEXTREL
TEXTREL usr/lib/apache2/modules/libphp5.so

Comment 47 Luca Longinotti (RETIRED) 2006-05-24 06:45:48 UTC

dev-php/mod_php is gone from the tree now, dev-lang/php remains with the USE flag "pic" to fix the TEXTRELS: enable it and you'll get a TEXTREL free PHP (java extension too here), but at the cost of it's speed.
Best regards, CHTEKK.

Comment 48 Mark Loeser (RETIRED) 2006-05-24 11:25:44 UTC

Sounds like this is fixed then.

Comment 49 Jakub Moc (RETIRED) 2006-09-21 00:08:02 UTC

*** Bug 148459 has been marked as a duplicate of this bug. ***

Comment 50 Luca Longinotti (RETIRED) 2006-09-21 11:29:41 UTC

*** Bug 148554 has been marked as a duplicate of this bug. ***

Comment 51 Jakub Moc (RETIRED) 2007-12-24 12:31:25 UTC

*** Bug 203221 has been marked as a duplicate of this bug. ***

Comment 52 Jakub Moc (RETIRED) 2008-02-18 16:16:07 UTC

*** Bug 210598 has been marked as a duplicate of this bug. ***