]> git.proxmox.com Git - rustc.git/blob - compiler/rustc_data_structures/src/sip128.rs
projects / rustc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
New upstream version 1.63.0+dfsg1
[rustc.git] / compiler / rustc_data_structures / src / sip128.rs
1 //! This is a copy of `core::hash::sip` adapted to providing 128 bit hashes.
2
3 use std::hash::Hasher;
4 use std::mem::{self, MaybeUninit};
5 use std::ptr;
6
7 #[cfg(test)]
8 mod tests;
9
10 // The SipHash algorithm operates on 8-byte chunks.
11 const ELEM_SIZE: usize = mem::size_of::<u64>();
12
13 // Size of the buffer in number of elements, not including the spill.
14 //
15 // The selection of this size was guided by rustc-perf benchmark comparisons of
16 // different buffer sizes. It should be periodically reevaluated as the compiler
17 // implementation and input characteristics change.
18 //
19 // Using the same-sized buffer for everything we hash is a performance versus
20 // complexity tradeoff. The ideal buffer size, and whether buffering should even
21 // be used, depends on what is being hashed. It may be worth it to size the
22 // buffer appropriately (perhaps by making SipHasher128 generic over the buffer
23 // size) or disable buffering depending on what is being hashed. But at this
24 // time, we use the same buffer size for everything.
25 const BUFFER_CAPACITY: usize = 8;
26
27 // Size of the buffer in bytes, not including the spill.
28 const BUFFER_SIZE: usize = BUFFER_CAPACITY * ELEM_SIZE;
29
30 // Size of the buffer in number of elements, including the spill.
31 const BUFFER_WITH_SPILL_CAPACITY: usize = BUFFER_CAPACITY + 1;
32
33 // Size of the buffer in bytes, including the spill.
34 const BUFFER_WITH_SPILL_SIZE: usize = BUFFER_WITH_SPILL_CAPACITY * ELEM_SIZE;
35
36 // Index of the spill element in the buffer.
37 const BUFFER_SPILL_INDEX: usize = BUFFER_WITH_SPILL_CAPACITY - 1;
38
39 #[derive(Debug, Clone)]
40 #[repr(C)]
41 pub struct SipHasher128 {
42 // The access pattern during hashing consists of accesses to `nbuf` and
43 // `buf` until the buffer is full, followed by accesses to `state` and
44 // `processed`, and then repetition of that pattern until hashing is done.
45 // This is the basis for the ordering of fields below. However, in practice
46 // the cache miss-rate for data access is extremely low regardless of order.
47 nbuf: usize, // how many bytes in buf are valid
48 buf: [MaybeUninit<u64>; BUFFER_WITH_SPILL_CAPACITY], // unprocessed bytes le
49 state: State, // hash State
50 processed: usize, // how many bytes we've processed
51 }
52
53 #[derive(Debug, Clone, Copy)]
54 #[repr(C)]
55 struct State {
56 // v0, v2 and v1, v3 show up in pairs in the algorithm,
57 // and simd implementations of SipHash will use vectors
58 // of v02 and v13. By placing them in this order in the struct,
59 // the compiler can pick up on just a few simd optimizations by itself.
60 v0: u64,
61 v2: u64,
62 v1: u64,
63 v3: u64,
64 }
65
66 macro_rules! compress {
67 ($state:expr) => {{ compress!($state.v0, $state.v1, $state.v2, $state.v3) }};
68 ($v0:expr, $v1:expr, $v2:expr, $v3:expr) => {{
69 $v0 = $v0.wrapping_add($v1);
70 $v1 = $v1.rotate_left(13);
71 $v1 ^= $v0;
72 $v0 = $v0.rotate_left(32);
73 $v2 = $v2.wrapping_add($v3);
74 $v3 = $v3.rotate_left(16);
75 $v3 ^= $v2;
76 $v0 = $v0.wrapping_add($v3);
77 $v3 = $v3.rotate_left(21);
78 $v3 ^= $v0;
79 $v2 = $v2.wrapping_add($v1);
80 $v1 = $v1.rotate_left(17);
81 $v1 ^= $v2;
82 $v2 = $v2.rotate_left(32);
83 }};
84 }
85
86 // Copies up to 8 bytes from source to destination. This performs better than
87 // `ptr::copy_nonoverlapping` on microbenchmarks and may perform better on real
88 // workloads since all of the copies have fixed sizes and avoid calling memcpy.
89 //
90 // This is specifically designed for copies of up to 8 bytes, because that's the
91 // maximum of number bytes needed to fill an 8-byte-sized element on which
92 // SipHash operates. Note that for variable-sized copies which are known to be
93 // less than 8 bytes, this function will perform more work than necessary unless
94 // the compiler is able to optimize the extra work away.
95 #[inline]
96 unsafe fn copy_nonoverlapping_small(src: *const u8, dst: *mut u8, count: usize) {
97 debug_assert!(count <= 8);
98
99 if count == 8 {
100 ptr::copy_nonoverlapping(src, dst, 8);
101 return;
102 }
103
104 let mut i = 0;
105 if i + 3 < count {
106 ptr::copy_nonoverlapping(src.add(i), dst.add(i), 4);
107 i += 4;
108 }
109
110 if i + 1 < count {
111 ptr::copy_nonoverlapping(src.add(i), dst.add(i), 2);
112 i += 2
113 }
114
115 if i < count {
116 *dst.add(i) = *src.add(i);
117 i += 1;
118 }
119
120 debug_assert_eq!(i, count);
121 }
122
123 // # Implementation
124 //
125 // This implementation uses buffering to reduce the hashing cost for inputs
126 // consisting of many small integers. Buffering simplifies the integration of
127 // integer input--the integer write function typically just appends to the
128 // buffer with a statically sized write, updates metadata, and returns.
129 //
130 // Buffering also prevents alternating between writes that do and do not trigger
131 // the hashing process. Only when the entire buffer is full do we transition
132 // into hashing. This allows us to keep the hash state in registers for longer,
133 // instead of loading and storing it before and after processing each element.
134 //
135 // When a write fills the buffer, a buffer processing function is invoked to
136 // hash all of the buffered input. The buffer processing functions are marked
137 // `#[inline(never)]` so that they aren't inlined into the append functions,
138 // which ensures the more frequently called append functions remain inlineable
139 // and don't include register pushing/popping that would only be made necessary
140 // by inclusion of the complex buffer processing path which uses those
141 // registers.
142 //
143 // The buffer includes a "spill"--an extra element at the end--which simplifies
144 // the integer write buffer processing path. The value that fills the buffer can
145 // be written with a statically sized write that may spill over into the spill.
146 // After the buffer is processed, the part of the value that spilled over can be
147 // written from the spill to the beginning of the buffer with another statically
148 // sized write. This write may copy more bytes than actually spilled over, but
149 // we maintain the metadata such that any extra copied bytes will be ignored by
150 // subsequent processing. Due to the static sizes, this scheme performs better
151 // than copying the exact number of bytes needed into the end and beginning of
152 // the buffer.
153 //
154 // The buffer is uninitialized, which improves performance, but may preclude
155 // efficient implementation of alternative approaches. The improvement is not so
156 // large that an alternative approach should be disregarded because it cannot be
157 // efficiently implemented with an uninitialized buffer. On the other hand, an
158 // uninitialized buffer may become more important should a larger one be used.
159 //
160 // # Platform Dependence
161 //
162 // The SipHash algorithm operates on byte sequences. It parses the input stream
163 // as 8-byte little-endian integers. Therefore, given the same byte sequence, it
164 // produces the same result on big- and little-endian hardware.
165 //
166 // However, the Hasher trait has methods which operate on multi-byte integers.
167 // How they are converted into byte sequences can be endian-dependent (by using
168 // native byte order) or independent (by consistently using either LE or BE byte
169 // order). It can also be `isize` and `usize` size dependent (by using the
170 // native size), or independent (by converting to a common size), supposing the
171 // values can be represented in 32 bits.
172 //
173 // In order to make `SipHasher128` consistent with `SipHasher` in libstd, we
174 // choose to do the integer to byte sequence conversion in the platform-
175 // dependent way. Clients can achieve platform-independent hashing by widening
176 // `isize` and `usize` integers to 64 bits on 32-bit systems and byte-swapping
177 // integers on big-endian systems before passing them to the writing functions.
178 // This causes the input byte sequence to look identical on big- and little-
179 // endian systems (supposing `isize` and `usize` values can be represented in 32
180 // bits), which ensures platform-independent results.
181 impl SipHasher128 {
182 #[inline]
183 pub fn new_with_keys(key0: u64, key1: u64) -> SipHasher128 {
184 let mut hasher = SipHasher128 {
185 nbuf: 0,
186 buf: MaybeUninit::uninit_array(),
187 state: State {
188 v0: key0 ^ 0x736f6d6570736575,
189 // The XOR with 0xee is only done on 128-bit algorithm version.
190 v1: key1 ^ (0x646f72616e646f6d ^ 0xee),
191 v2: key0 ^ 0x6c7967656e657261,
192 v3: key1 ^ 0x7465646279746573,
193 },
194 processed: 0,
195 };
196
197 unsafe {
198 // Initialize spill because we read from it in `short_write_process_buffer`.
199 *hasher.buf.get_unchecked_mut(BUFFER_SPILL_INDEX) = MaybeUninit::zeroed();
200 }
201
202 hasher
203 }
204
205 #[inline]
206 pub fn short_write<const LEN: usize>(&mut self, bytes: [u8; LEN]) {
207 let nbuf = self.nbuf;
208 debug_assert!(LEN <= 8);
209 debug_assert!(nbuf < BUFFER_SIZE);
210 debug_assert!(nbuf + LEN < BUFFER_WITH_SPILL_SIZE);
211
212 if nbuf + LEN < BUFFER_SIZE {
213 unsafe {
214 // The memcpy call is optimized away because the size is known.
215 let dst = (self.buf.as_mut_ptr() as *mut u8).add(nbuf);
216 ptr::copy_nonoverlapping(bytes.as_ptr(), dst, LEN);
217 }
218
219 self.nbuf = nbuf + LEN;
220
221 return;
222 }
223
224 unsafe { self.short_write_process_buffer(bytes) }
225 }
226
227 // A specialized write function for values with size <= 8 that should only
228 // be called when the write would cause the buffer to fill.
229 //
230 // SAFETY: the write of `x` into `self.buf` starting at byte offset
231 // `self.nbuf` must cause `self.buf` to become fully initialized (and not
232 // overflow) if it wasn't already.
233 #[inline(never)]
234 unsafe fn short_write_process_buffer<const LEN: usize>(&mut self, bytes: [u8; LEN]) {
235 let nbuf = self.nbuf;
236 debug_assert!(LEN <= 8);
237 debug_assert!(nbuf < BUFFER_SIZE);
238 debug_assert!(nbuf + LEN >= BUFFER_SIZE);
239 debug_assert!(nbuf + LEN < BUFFER_WITH_SPILL_SIZE);
240
241 // Copy first part of input into end of buffer, possibly into spill
242 // element. The memcpy call is optimized away because the size is known.
243 let dst = (self.buf.as_mut_ptr() as *mut u8).add(nbuf);
244 ptr::copy_nonoverlapping(bytes.as_ptr(), dst, LEN);
245
246 // Process buffer.
247 for i in 0..BUFFER_CAPACITY {
248 let elem = self.buf.get_unchecked(i).assume_init().to_le();
249 self.state.v3 ^= elem;
250 Sip24Rounds::c_rounds(&mut self.state);
251 self.state.v0 ^= elem;
252 }
253
254 // Copy remaining input into start of buffer by copying LEN - 1
255 // elements from spill (at most LEN - 1 bytes could have overflowed
256 // into the spill). The memcpy call is optimized away because the size
257 // is known. And the whole copy is optimized away for LEN == 1.
258 let dst = self.buf.as_mut_ptr() as *mut u8;
259 let src = self.buf.get_unchecked(BUFFER_SPILL_INDEX) as *const _ as *const u8;
260 ptr::copy_nonoverlapping(src, dst, LEN - 1);
261
262 // This function should only be called when the write fills the buffer.
263 // Therefore, when LEN == 1, the new `self.nbuf` must be zero.
264 // LEN is statically known, so the branch is optimized away.
265 self.nbuf = if LEN == 1 { 0 } else { nbuf + LEN - BUFFER_SIZE };
266 self.processed += BUFFER_SIZE;
267 }
268
269 // A write function for byte slices.
270 #[inline]
271 fn slice_write(&mut self, msg: &[u8]) {
272 let length = msg.len();
273 let nbuf = self.nbuf;
274 debug_assert!(nbuf < BUFFER_SIZE);
275
276 if nbuf + length < BUFFER_SIZE {
277 unsafe {
278 let dst = (self.buf.as_mut_ptr() as *mut u8).add(nbuf);
279
280 if length <= 8 {
281 copy_nonoverlapping_small(msg.as_ptr(), dst, length);
282 } else {
283 // This memcpy is *not* optimized away.
284 ptr::copy_nonoverlapping(msg.as_ptr(), dst, length);
285 }
286 }
287
288 self.nbuf = nbuf + length;
289
290 return;
291 }
292
293 unsafe { self.slice_write_process_buffer(msg) }
294 }
295
296 // A write function for byte slices that should only be called when the
297 // write would cause the buffer to fill.
298 //
299 // SAFETY: `self.buf` must be initialized up to the byte offset `self.nbuf`,
300 // and `msg` must contain enough bytes to initialize the rest of the element
301 // containing the byte offset `self.nbuf`.
302 #[inline(never)]
303 unsafe fn slice_write_process_buffer(&mut self, msg: &[u8]) {
304 let length = msg.len();
305 let nbuf = self.nbuf;
306 debug_assert!(nbuf < BUFFER_SIZE);
307 debug_assert!(nbuf + length >= BUFFER_SIZE);
308
309 // Always copy first part of input into current element of buffer.
310 // This function should only be called when the write fills the buffer,
311 // so we know that there is enough input to fill the current element.
312 let valid_in_elem = nbuf % ELEM_SIZE;
313 let needed_in_elem = ELEM_SIZE - valid_in_elem;
314
315 let src = msg.as_ptr();
316 let dst = (self.buf.as_mut_ptr() as *mut u8).add(nbuf);
317 copy_nonoverlapping_small(src, dst, needed_in_elem);
318
319 // Process buffer.
320
321 // Using `nbuf / ELEM_SIZE + 1` rather than `(nbuf + needed_in_elem) /
322 // ELEM_SIZE` to show the compiler that this loop's upper bound is > 0.
323 // We know that is true, because last step ensured we have a full
324 // element in the buffer.
325 let last = nbuf / ELEM_SIZE + 1;
326
327 for i in 0..last {
328 let elem = self.buf.get_unchecked(i).assume_init().to_le();
329 self.state.v3 ^= elem;
330 Sip24Rounds::c_rounds(&mut self.state);
331 self.state.v0 ^= elem;
332 }
333
334 // Process the remaining element-sized chunks of input.
335 let mut processed = needed_in_elem;
336 let input_left = length - processed;
337 let elems_left = input_left / ELEM_SIZE;
338 let extra_bytes_left = input_left % ELEM_SIZE;
339
340 for _ in 0..elems_left {
341 let elem = (msg.as_ptr().add(processed) as *const u64).read_unaligned().to_le();
342 self.state.v3 ^= elem;
343 Sip24Rounds::c_rounds(&mut self.state);
344 self.state.v0 ^= elem;
345 processed += ELEM_SIZE;
346 }
347
348 // Copy remaining input into start of buffer.
349 let src = msg.as_ptr().add(processed);
350 let dst = self.buf.as_mut_ptr() as *mut u8;
351 copy_nonoverlapping_small(src, dst, extra_bytes_left);
352
353 self.nbuf = extra_bytes_left;
354 self.processed += nbuf + processed;
355 }
356
357 #[inline]
358 pub fn finish128(mut self) -> (u64, u64) {
359 debug_assert!(self.nbuf < BUFFER_SIZE);
360
361 // Process full elements in buffer.
362 let last = self.nbuf / ELEM_SIZE;
363
364 // Since we're consuming self, avoid updating members for a potential
365 // performance gain.
366 let mut state = self.state;
367
368 for i in 0..last {
369 let elem = unsafe { self.buf.get_unchecked(i).assume_init().to_le() };
370 state.v3 ^= elem;
371 Sip24Rounds::c_rounds(&mut state);
372 state.v0 ^= elem;
373 }
374
375 // Get remaining partial element.
376 let elem = if self.nbuf % ELEM_SIZE != 0 {
377 unsafe {
378 // Ensure element is initialized by writing zero bytes. At most
379 // `ELEM_SIZE - 1` are required given the above check. It's safe
380 // to write this many because we have the spill and we maintain
381 // `self.nbuf` such that this write will start before the spill.
382 let dst = (self.buf.as_mut_ptr() as *mut u8).add(self.nbuf);
383 ptr::write_bytes(dst, 0, ELEM_SIZE - 1);
384 self.buf.get_unchecked(last).assume_init().to_le()
385 }
386 } else {
387 0
388 };
389
390 // Finalize the hash.
391 let length = self.processed + self.nbuf;
392 let b: u64 = ((length as u64 & 0xff) << 56) | elem;
393
394 state.v3 ^= b;
395 Sip24Rounds::c_rounds(&mut state);
396 state.v0 ^= b;
397
398 state.v2 ^= 0xee;
399 Sip24Rounds::d_rounds(&mut state);
400 let _0 = state.v0 ^ state.v1 ^ state.v2 ^ state.v3;
401
402 state.v1 ^= 0xdd;
403 Sip24Rounds::d_rounds(&mut state);
404 let _1 = state.v0 ^ state.v1 ^ state.v2 ^ state.v3;
405
406 (_0, _1)
407 }
408 }
409
410 impl Hasher for SipHasher128 {
411 #[inline]
412 fn write_u8(&mut self, i: u8) {
413 self.short_write(i.to_ne_bytes());
414 }
415
416 #[inline]
417 fn write_u16(&mut self, i: u16) {
418 self.short_write(i.to_ne_bytes());
419 }
420
421 #[inline]
422 fn write_u32(&mut self, i: u32) {
423 self.short_write(i.to_ne_bytes());
424 }
425
426 #[inline]
427 fn write_u64(&mut self, i: u64) {
428 self.short_write(i.to_ne_bytes());
429 }
430
431 #[inline]
432 fn write_usize(&mut self, i: usize) {
433 self.short_write(i.to_ne_bytes());
434 }
435
436 #[inline]
437 fn write_i8(&mut self, i: i8) {
438 self.short_write((i as u8).to_ne_bytes());
439 }
440
441 #[inline]
442 fn write_i16(&mut self, i: i16) {
443 self.short_write((i as u16).to_ne_bytes());
444 }
445
446 #[inline]
447 fn write_i32(&mut self, i: i32) {
448 self.short_write((i as u32).to_ne_bytes());
449 }
450
451 #[inline]
452 fn write_i64(&mut self, i: i64) {
453 self.short_write((i as u64).to_ne_bytes());
454 }
455
456 #[inline]
457 fn write_isize(&mut self, i: isize) {
458 self.short_write((i as usize).to_ne_bytes());
459 }
460
461 #[inline]
462 fn write(&mut self, msg: &[u8]) {
463 self.slice_write(msg);
464 }
465
466 #[inline]
467 fn write_str(&mut self, s: &str) {
468 // This hasher works byte-wise, and `0xFF` cannot show up in a `str`,
469 // so just hashing the one extra byte is enough to be prefix-free.
470 self.write(s.as_bytes());
471 self.write_u8(0xFF);
472 }
473
474 fn finish(&self) -> u64 {
475 panic!("SipHasher128 cannot provide valid 64 bit hashes")
476 }
477 }
478
479 #[derive(Debug, Clone, Default)]
480 struct Sip24Rounds;
481
482 impl Sip24Rounds {
483 #[inline]
484 fn c_rounds(state: &mut State) {
485 compress!(state);
486 compress!(state);
487 }
488
489 #[inline]
490 fn d_rounds(state: &mut State) {
491 compress!(state);
492 compress!(state);
493 compress!(state);
494 compress!(state);
495 }
496 }
backport for Debian buster