This is an archive of the discontinued LLVM Phabricator instance.

Differential D82112

[RFC][BPF] Implement getUserCost() for BPFTargetTransformInfo
AbandonedPublic

Authored by yonghong-song on Jun 18 2020, 10:53 AM.

Download Raw Diff

Details

Reviewers

ast

Summary

This patch tries to partially prevent speculative code motion for BPF.

First, some use cases on why we want to prevent speculative code motion.

Use case 1: bpf map value or some other data with a range.

data = bpf_map_lookup_elem(&map, &key);
if (!data) return 0;
payload = data->payload;
len = bpf_probe_read_kernel_str(payload, 16, &task->comm);
if (len <= 16) 
  payload += len;
...

The compiler may generate code like:

data = bpf_map_lookup_elem(&map, &key);
if (!data) return 0;
payload = data->payload;
len = bpf_probe_read_kernel_str(payload, 16, &task->comm);
new_payload = payload + len;
if (len > 16) 
  new_payload = payload
...

The "payload + len" may cause kernel verifier failure as
the "len" can be anything at this moment.

Use case 2: CO-RE relocatons

field_exist = ... 
if (field_exist) {
  offset = non-memory-access-builtin-expr1;
} else {
  offset = non-memory-access-builtin-expr2;
}   
use "offset" to read kernel memory

The compiler may generate code like:

field_exist = ... 
offset = non-memory-access-builtin-expr1;
if (!field_exist)
  offset = non-memory-access-builtin-expr2;
use "offset" to read kernel memory

This may cause failures since if field_exist is false and
libbpf is not able to perform relation
for "offset = non-memory-access-builtin-expr1".
The instruction itself will be rewritten as
an illegal instruction and this will cause
program load failures.

To address the above issues, people use

. inline assembly
. artificial complex control flow

to prevent the above optimizations.

This patch tries to do with a more user friendly way.
BPF backend TargetTransformInfo implements getUserCost()
to return UserCost INT_MAX for TCK_SizeAndLatency
to prevent compiler moving codes speculatively.
An option "adjustopt", false by default, is added to
enable this adjustment.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

yonghong-song created this revision.Jun 18 2020, 10:53 AM

Herald added projects: Restricted Project, Restricted Project. · View Herald TranscriptJun 18 2020, 10:53 AM

Herald added subscribers: llvm-commits, cfe-commits, hiraditya. · View Herald Transcript

Harbormaster failed remote builds in B60855: Diff 271773!Jun 18 2020, 10:55 AM

Abandon this one. The current approach is to add "user barriers" in an IR phase before simplifyCFG/instrcombine to disable unfavorable speculative code motion.

Revision Contents

Path

Size

clang/

lib/

Basic/

Targets/

BPF.h

3 lines

llvm/

lib/

Target/

BPF/

3 lines

4 lines

1 line

2 lines

8 lines

BPFTargetTransformInfo.h

51 lines

Diff 271773

clang/lib/Basic/Targets/BPF.h

Show First 20 Lines • Show All 42 Lines • ▼ Show 20 Lines	BPFTargetInfo(const llvm::Triple &Triple, const TargetOptions &)
MaxAtomicInlineWidth = 64;		MaxAtomicInlineWidth = 64;
TLSSupported = false;		TLSSupported = false;
}		}

void getTargetDefines(const LangOptions &Opts,		void getTargetDefines(const LangOptions &Opts,
MacroBuilder &Builder) const override;		MacroBuilder &Builder) const override;

bool hasFeature(StringRef Feature) const override {		bool hasFeature(StringRef Feature) const override {
return Feature == "bpf" \|\| Feature == "alu32" \|\| Feature == "dwarfris";		return Feature == "bpf" \|\| Feature == "alu32" \|\| Feature == "dwarfris" \|\|
		Feature == "adjustopt";
}		}

void setFeatureEnabled(llvm::StringMap<bool> &Features, StringRef Name,		void setFeatureEnabled(llvm::StringMap<bool> &Features, StringRef Name,
bool Enabled) const override {		bool Enabled) const override {
Features[Name] = Enabled;		Features[Name] = Enabled;
}		}

ArrayRef<Builtin::Info> getTargetBuiltins() const override;		ArrayRef<Builtin::Info> getTargetBuiltins() const override;
▲ Show 20 Lines • Show All 43 Lines • Show Last 20 Lines

llvm/lib/Target/BPF/BPF.td

Show All 26 Lines	def DummyFeature : SubtargetFeature<"dummy", "isDummyMode",
"true", "unused feature">;		"true", "unused feature">;

def ALU32 : SubtargetFeature<"alu32", "HasAlu32", "true",		def ALU32 : SubtargetFeature<"alu32", "HasAlu32", "true",
"Enable ALU32 instructions">;		"Enable ALU32 instructions">;

def DwarfRIS: SubtargetFeature<"dwarfris", "UseDwarfRIS", "true",		def DwarfRIS: SubtargetFeature<"dwarfris", "UseDwarfRIS", "true",
"Disable MCAsmInfo DwarfUsesRelocationsAcrossSections">;		"Disable MCAsmInfo DwarfUsesRelocationsAcrossSections">;

		def AdjustOpt : SubtargetFeature<"adjustopt", "HasAdjustOpt", "true",
		"Adjust Optimizations for Verifier Friendly Code">;

def BPFInstPrinter : AsmWriter {		def BPFInstPrinter : AsmWriter {
string AsmWriterClassName = "InstPrinter";		string AsmWriterClassName = "InstPrinter";
bit isMCAsmWriter = 1;		bit isMCAsmWriter = 1;
}		}

def BPFAsmParser : AsmParser {		def BPFAsmParser : AsmParser {
bit HasMnemonicFirst = 0;		bit HasMnemonicFirst = 0;
}		}
Show All 14 Lines

llvm/lib/Target/BPF/BPFSubtarget.h

Show First 20 Lines • Show All 51 Lines • ▼ Show 20 Lines	protected:
bool HasJmp32;		bool HasJmp32;

// whether the cpu supports alu32 instructions.		// whether the cpu supports alu32 instructions.
bool HasAlu32;		bool HasAlu32;

// whether we should enable MCAsmInfo DwarfUsesRelocationsAcrossSections		// whether we should enable MCAsmInfo DwarfUsesRelocationsAcrossSections
bool UseDwarfRIS;		bool UseDwarfRIS;

		// whether to adjust optimization for verifier friendly codes
		bool HasAdjustOpt;

public:		public:
// This constructor initializes the data members to match that		// This constructor initializes the data members to match that
// of the specified triple.		// of the specified triple.
BPFSubtarget(const Triple &TT, const std::string &CPU, const std::string &FS,		BPFSubtarget(const Triple &TT, const std::string &CPU, const std::string &FS,
const TargetMachine &TM);		const TargetMachine &TM);

BPFSubtarget &initializeSubtargetDependencies(StringRef CPU, StringRef FS);		BPFSubtarget &initializeSubtargetDependencies(StringRef CPU, StringRef FS);

// ParseSubtargetFeatures - Parses features string setting specified		// ParseSubtargetFeatures - Parses features string setting specified
// subtarget options. Definition of function is auto generated by tblgen.		// subtarget options. Definition of function is auto generated by tblgen.
void ParseSubtargetFeatures(StringRef CPU, StringRef FS);		void ParseSubtargetFeatures(StringRef CPU, StringRef FS);
bool getHasJmpExt() const { return HasJmpExt; }		bool getHasJmpExt() const { return HasJmpExt; }
bool getHasJmp32() const { return HasJmp32; }		bool getHasJmp32() const { return HasJmp32; }
bool getHasAlu32() const { return HasAlu32; }		bool getHasAlu32() const { return HasAlu32; }
bool getUseDwarfRIS() const { return UseDwarfRIS; }		bool getUseDwarfRIS() const { return UseDwarfRIS; }
		bool getHasAdjustOpt() const { return HasAdjustOpt; }

const BPFInstrInfo *getInstrInfo() const override { return &InstrInfo; }		const BPFInstrInfo *getInstrInfo() const override { return &InstrInfo; }
const BPFFrameLowering *getFrameLowering() const override {		const BPFFrameLowering *getFrameLowering() const override {
return &FrameLowering;		return &FrameLowering;
}		}
const BPFTargetLowering *getTargetLowering() const override {		const BPFTargetLowering *getTargetLowering() const override {
return &TLInfo;		return &TLInfo;
}		}
Show All 10 Lines

llvm/lib/Target/BPF/BPFSubtarget.cpp

Show All 32 Lines	BPFSubtarget &BPFSubtarget::initializeSubtargetDependencies(StringRef CPU,
return *this;		return *this;
}		}

void BPFSubtarget::initializeEnvironment() {		void BPFSubtarget::initializeEnvironment() {
HasJmpExt = false;		HasJmpExt = false;
HasJmp32 = false;		HasJmp32 = false;
HasAlu32 = false;		HasAlu32 = false;
UseDwarfRIS = false;		UseDwarfRIS = false;
		HasAdjustOpt = false;
}		}

void BPFSubtarget::initSubtargetFeatures(StringRef CPU, StringRef FS) {		void BPFSubtarget::initSubtargetFeatures(StringRef CPU, StringRef FS) {
if (CPU == "probe")		if (CPU == "probe")
CPU = sys::detail::getHostCPUNameForBPF();		CPU = sys::detail::getHostCPUNameForBPF();
if (CPU == "generic" \|\| CPU == "v1")		if (CPU == "generic" \|\| CPU == "v1")
return;		return;
if (CPU == "v2") {		if (CPU == "v2") {
Show All 16 Lines

llvm/lib/Target/BPF/BPFTargetMachine.h

Show All 28 Lines	public:

const BPFSubtarget *getSubtargetImpl() const { return &Subtarget; }		const BPFSubtarget *getSubtargetImpl() const { return &Subtarget; }
const BPFSubtarget *getSubtargetImpl(const Function &) const override {		const BPFSubtarget *getSubtargetImpl(const Function &) const override {
return &Subtarget;		return &Subtarget;
}		}

TargetPassConfig *createPassConfig(PassManagerBase &PM) override;		TargetPassConfig *createPassConfig(PassManagerBase &PM) override;

		TargetTransformInfo getTargetTransformInfo(const Function &F) override;

TargetLoweringObjectFile *getObjFileLowering() const override {		TargetLoweringObjectFile *getObjFileLowering() const override {
return TLOF.get();		return TLOF.get();
}		}
};		};
}		}

#endif		#endif

llvm/lib/Target/BPF/BPFTargetMachine.cpp

//===-- BPFTargetMachine.cpp - Define TargetMachine for BPF ---------------===//		//===-- BPFTargetMachine.cpp - Define TargetMachine for BPF ---------------===//
//		//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.		// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.		// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception		// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//		//
//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//
//		//
// Implements the info about BPF target spec.		// Implements the info about BPF target spec.
//		//
//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//

#include "BPFTargetMachine.h"		#include "BPFTargetMachine.h"
#include "BPF.h"		#include "BPF.h"
		#include "BPFTargetTransformInfo.h"
#include "MCTargetDesc/BPFMCAsmInfo.h"		#include "MCTargetDesc/BPFMCAsmInfo.h"
#include "TargetInfo/BPFTargetInfo.h"		#include "TargetInfo/BPFTargetInfo.h"
		#include "llvm/Analysis/TargetTransformInfo.h"
		#include "llvm/CodeGen/BasicTTIImpl.h"
#include "llvm/CodeGen/Passes.h"		#include "llvm/CodeGen/Passes.h"
#include "llvm/CodeGen/TargetLoweringObjectFileImpl.h"		#include "llvm/CodeGen/TargetLoweringObjectFileImpl.h"
#include "llvm/CodeGen/TargetPassConfig.h"		#include "llvm/CodeGen/TargetPassConfig.h"
#include "llvm/IR/LegacyPassManager.h"		#include "llvm/IR/LegacyPassManager.h"
#include "llvm/Support/FormattedStream.h"		#include "llvm/Support/FormattedStream.h"
#include "llvm/Support/TargetRegistry.h"		#include "llvm/Support/TargetRegistry.h"
#include "llvm/Target/TargetOptions.h"		#include "llvm/Target/TargetOptions.h"
using namespace llvm;		using namespace llvm;
▲ Show 20 Lines • Show All 65 Lines • ▼ Show 20 Lines	public:
void addPreEmitPass() override;		void addPreEmitPass() override;
};		};
}		}

TargetPassConfig *BPFTargetMachine::createPassConfig(PassManagerBase &PM) {		TargetPassConfig *BPFTargetMachine::createPassConfig(PassManagerBase &PM) {
return new BPFPassConfig(*this, PM);		return new BPFPassConfig(*this, PM);
}		}

		TargetTransformInfo
		BPFTargetMachine::getTargetTransformInfo(const Function &F) {
		return TargetTransformInfo(BPFTTIImpl(this, F));
		}

void BPFPassConfig::addIRPasses() {		void BPFPassConfig::addIRPasses() {

addPass(createBPFAdjustOpt());		addPass(createBPFAdjustOpt());
addPass(createBPFAbstractMemberAccess(&getBPFTargetMachine()));		addPass(createBPFAbstractMemberAccess(&getBPFTargetMachine()));
addPass(createBPFPreserveDIType());		addPass(createBPFPreserveDIType());

TargetPassConfig::addIRPasses();		TargetPassConfig::addIRPasses();
}		}
Show All 30 Lines

llvm/lib/Target/BPF/BPFTargetTransformInfo.h

This file was added.

				//===------ BPFTargetTransformInfo.h - BPF specific TTI ---------- C++ --===//
				//
				// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
				// See https://llvm.org/LICENSE.txt for license information.
				// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
				//
				//===----------------------------------------------------------------------===//
				//
				// This file a TargetTransformInfo::Concept conforming object specific to the
				// BPF target machine. It uses the target's detailed information to
				// provide more precise answers to certain TTI queries, while letting the
				// target independent and default TTI implementations handle the rest.
				//
				//===----------------------------------------------------------------------===//

				#ifndef LLVM_LIB_TARGET_BPF_BPFTARGETTRANSFORMINFO_H
				#define LLVM_LIB_TARGET_BPF_BPFTARGETTRANSFORMINFO_H

				#include "BPFTargetMachine.h"
				#include "llvm/Analysis/TargetTransformInfo.h"
				#include "llvm/CodeGen/BasicTTIImpl.h"

				namespace llvm {
				class BPFTTIImpl : public BasicTTIImplBase<BPFTTIImpl> {
				typedef BasicTTIImplBase<BPFTTIImpl> BaseT;
				typedef TargetTransformInfo TTI;
				friend BaseT;

				const BPFSubtarget *ST;
				const BPFTargetLowering *TLI;

				const BPFSubtarget *getST() const { return ST; }
				const BPFTargetLowering *getTLI() const { return TLI; }

				public:
				explicit BPFTTIImpl(const BPFTargetMachine *TM, const Function &F)
				: BaseT(TM, F.getParent()->getDataLayout()), ST(TM->getSubtargetImpl(F)),
				TLI(ST->getTargetLowering()) {}

				unsigned getUserCost(const User U, ArrayRef<const Value > Operands,
				TTI::TargetCostKind CostKind) {
				if (!ST->getHasAdjustOpt() \|\| CostKind != TTI::TCK_SizeAndLatency)
				return BaseT::getUserCost(U, Operands, CostKind);

				return INT_MAX;
				}
				};

				} // end namespace llvm

				#endif // LLVM_LIB_TARGET_BPF_BPFTARGETTRANSFORMINFO_H