This is an archive of the discontinued LLVM Phabricator instance.

Differential D81630

[BPF] fix incorrect type in BPFISelDAGToDAG readonly load optimization
ClosedPublic

Authored by yonghong-song on Jun 10 2020, 10:24 PM.

Details

Reviewers
ast
Commits
rGf5bad9cac5d3: [BPF] fix incorrect type in BPFISelDAGToDAG readonly load optimization
rG4db1878158a3: [BPF] fix incorrect type in BPFISelDAGToDAG readonly load optimization
Summary

In BPF Instruction Selection DAGToDAG transformation phase,
BPF backend had an optimization to turn load from readonly data
section to direct load of the values. This phase is implemented
before libbpf has readonly section support and before alu32
is supported.

This phase however may generate incorrect type when alu32 is
enabled. The following is an example,

-bash-4.4$ cat ~/tmp2/t.c
struct t { 
  unsigned char a;
  unsigned char b;
  unsigned char c;
};  
extern void foo(void *); 
int test() {
  struct t v = { 
    .b = 2,
  };  
  foo(&v);
  return 0;
}

The compiler will turn local variable "v" into a readonly section.
During instruction selection phase, the compiler generates two
loads from readonly section, one 2 byte load or 1 byte load, e.g., for 2 loads,

t8: i32,ch = load<(dereferenceable load 2 from `i8* getelementptr inbounds
     (%struct.t, %struct.t* @__const.test.v, i64 0, i32 0)`, align 1), 
     anyext from i16> t3, GlobalAddress:i64<%struct.t* @__const.test.v> 0, undef:i64
t9: ch = store<(store 2 into %ir.v1.sub1), trunc to i16> t3, t8, 
  FrameIndex:i64<0>, undef:i64

BPF backend changed t8 to i64 = Constant<2> and eventually the generated machine IR:

t10: i64 = MOV_ri TargetConstant:i64<2>
t40: i32 = SLL_ri_32 t10, TargetConstant:i32<8>
t41: i32 = OR_ri_32 t40, TargetConstant:i64<0>
t9: ch = STH32<Mem:(store 2 into %ir.v1.sub1)> t41, TargetFrameIndex:i64<0>,
    TargetConstant:i64<0>, t3

Note that t10 in the above is not correct. The type should be i32 and instruction
should be MOV_ri_32. The reason for incorrect insn selection is BPF insn selection
generated an i64 constant instead of an i32 constant as specified in the original
load instruction. Such incorrect insn sequence eventually caused the following
fatal error when a COPY insn tries to copy a 64bit register to a 32bit subregister.

Impossible reg-to-reg copy
UNREACHABLE executed at ../lib/Target/BPF/BPFInstrInfo.cpp:42!

This patch fixed the issue by using the load result type instead of always i64
when doing readonly load optimization.

Diff Detail

Event Timeline

yonghong-song created this revision.Jun 10 2020, 10:24 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 10 2020, 10:24 PM
Herald added subscribers: llvm-commits, hiraditya. · View Herald Transcript
yonghong-song added a comment.Jun 10 2020, 10:25 PM

Martin from Facebook reported this problem.

Harbormaster completed remote builds in B59919: Diff 270035.Jun 10 2020, 11:12 PM
ast accepted this revision.Jun 11 2020, 2:02 PM
This revision is now accepted and ready to land.Jun 11 2020, 2:02 PM
Closed by commit rG4db1878158a3: [BPF] fix incorrect type in BPFISelDAGToDAG readonly load optimization (authored by yonghong-song). · Explain WhyJun 11 2020, 7:48 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
llvm/
lib/
Target/
BPF/
2 lines
test/
CodeGen/
BPF/
50 lines

Diff 270292

llvm/lib/Target/BPF/BPFISelDAGToDAG.cpp

Show First 20 LinesShow All 298 Lines▼ Show 20 Linesvoid BPFDAGToDAGISel::PreprocessLoad(SDNode *Node,
else if (size == 4) else if (size == 4)
val = new_val.i; val = new_val.i;
else { else {
val = new_val.d; val = new_val.d;
} }
LLVM_DEBUG(dbgs() << "Replacing load of size " << size << " with constant " LLVM_DEBUG(dbgs() << "Replacing load of size " << size << " with constant "
<< val << '\n'); << val << '\n');
SDValue NVal = CurDAG->getConstant(val, DL, MVT::i64); SDValue NVal = CurDAG->getConstant(val, DL, LD->getValueType(0));
// After replacement, the current node is dead, we need to // After replacement, the current node is dead, we need to
// go backward one step to make iterator still work // go backward one step to make iterator still work
I--; I--;
SDValue From[] = {SDValue(Node, 0), SDValue(Node, 1)}; SDValue From[] = {SDValue(Node, 0), SDValue(Node, 1)};
SDValue To[] = {NVal, NVal}; SDValue To[] = {NVal, NVal};
CurDAG->ReplaceAllUsesOfValuesWith(From, To, 2); CurDAG->ReplaceAllUsesOfValuesWith(From, To, 2);
I++; I++;
▲ Show 20 LinesShow All 188 LinesShow Last 20 Lines

llvm/test/CodeGen/BPF/rodata_5.ll

  • This file was added.
; RUN: llc < %s -march=bpfel -mattr=+alu32 -verify-machineinstrs | FileCheck %s
; RUN: llc < %s -march=bpfeb -mattr=+alu32 -verify-machineinstrs | FileCheck %s
;
; Source Code:
; struct t {
; unsigned char a;
; unsigned char b;
; unsigned char c;
; };
; extern void foo(void *);
; int test() {
; struct t v = {
; .b = 2,
; };
; foo(&v);
; return 0;
; }
; Compilation flag:
; clang -target bpf -O2 -S -emit-llvm t.c
%struct.t = type { i8, i8, i8 }
@__const.test.v = private unnamed_addr constant %struct.t { i8 0, i8 2, i8 0 }, align 1
; Function Attrs: nounwind
define dso_local i32 @test() local_unnamed_addr {
entry:
%v1 = alloca [3 x i8], align 1
%v1.sub = getelementptr inbounds [3 x i8], [3 x i8]* %v1, i64 0, i64 0
call void @llvm.lifetime.start.p0i8(i64 3, i8* nonnull %v1.sub)
call void @llvm.memcpy.p0i8.p0i8.i64(i8* nonnull align 1 dereferenceable(3) %v1.sub, i8* nonnull align 1 dereferenceable(3) getelementptr inbounds (%struct.t, %struct.t* @__const.test.v, i64 0, i32 0), i64 3, i1 false)
call void @foo(i8* nonnull %v1.sub)
call void @llvm.lifetime.end.p0i8(i64 3, i8* nonnull %v1.sub)
ret i32 0
}
; CHECK-NOT: w{{[0-9]+}} = *(u16 *)
; CHECK-NOT: w{{[0-9]+}} = *(u8 *)
; CHECK: *(u16 *)(r10 - 4) = w{{[0-9]+}}
; CHECK: *(u8 *)(r10 - 2) = w{{[0-9]+}}
; Function Attrs: argmemonly nounwind willreturn
declare void @llvm.lifetime.start.p0i8(i64 immarg, i8* nocapture)
; Function Attrs: argmemonly nounwind willreturn
declare void @llvm.memcpy.p0i8.p0i8.i64(i8* noalias nocapture writeonly, i8* noalias nocapture readonly, i64, i1 immarg)
declare dso_local void @foo(i8*) local_unnamed_addr
; Function Attrs: argmemonly nounwind willreturn
declare void @llvm.lifetime.end.p0i8(i64 immarg, i8* nocapture)