Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932096AbdHRDWO (ORCPT ); Thu, 17 Aug 2017 23:22:14 -0400 Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:58669 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753775AbdHRDWL (ORCPT ); Thu, 17 Aug 2017 23:22:11 -0400 Subject: Re: [PATCH v3 net-next] bpf/verifier: track liveness for pruning To: Edward Cree , , Alexei Starovoitov , Daniel Borkmann References: CC: , , iovisor-dev From: Alexei Starovoitov Message-ID: <89ff34f7-84ee-0e0a-3766-5b4d046189bf@fb.com> Date: Thu, 17 Aug 2017 20:21:41 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [2620:10d:c091:180::1:eb19] X-ClientProxiedBy: BN3PR05CA0004.namprd05.prod.outlook.com (2603:10b6:400::14) To BL2PR15MB0961.namprd15.prod.outlook.com (2603:10b6:201:15::23) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4f70e999-c6f6-4905-ce52-08d4e5e842ad X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(300000503095)(300135400095)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095);SRVR:BL2PR15MB0961; X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0961;3:Z1g3B7N0ss00CL9BwAJt43/2acAlGE2voZiHoJ25vn0yOMxoSToBfPQUz4lkD1OFgg39r5PIFeQ8Y3ImO/jI2edBfkzqnnq/F7HgVZ8Tt+O6HjpMrYnNWr6oI3qqPnpgR3b9LUB9Dwyey2AlpAHR+9TzKVGWgBGIZxTYyGrZb23n/DxXKMeXqh+nd0pXb/mKMsJVr7Fg/5DuoazfLdXbr3Q9lbI+R1Nty5c4wQtj7hNYlg8hXs1nFerRTSfbTwx3;25:pQFmbBIzN+r+ZDvzypDYFkV9Bn0FpY7Vw6E1Pi74oHMPjjsVna4+OwZzHQQEDjvQE+BZIXM1kgf4+8npqTHbwtDVC+ez3aRy5k+iZkxy/AiFaZHnalexy1DnSxD7ZfOsYUEENssPfXV3Bfb5c+NVSJCsayiINRjj+n/xYyUDNX/pVLV9VMPqFuPX5lHGZMOcfmEUv5HHp+7uTEgWPeJ6NtPc3MslyviBGJnKfcb79IY6R9uZKX6OKcSPcapQPyRgSkOFEpd9Sye+Ipkj1tnkPlUXiQDwKrSyRiBpA51igrqzklGK85jmpsZamWLP6z1v5oXThdrhNth9UbO4fX9zGA==;31:Qc6IOTKO/d+8uA3Y74NgINRH0HmtlW1Ujd8RK1wHsf8dLy/S3IgV+Gu6K1ZlSvVRPUZmADvvXbOOfmVJF5bpr8iuJ0PzApI5YRoc0rl9FSjJD9jM6Fcfxuz+8NWCdj5ZFlquw4yY74uyg2TwH1k9zhTYydBhhTTAE846kZVZsqRADdYkMUHTx018DZkHG5rocEizl3viJmz68dUumEQQQz0jZ3dqv3Hd69sjv+1Xv2Q= X-MS-TrafficTypeDiagnostic: BL2PR15MB0961: X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0961;20:0120ySKzMNZoKgUjchjANbGaKnJH+C4HSZnlxF/fDk9dTWW5mQGnrrZus6Tph0Pbe9EwRvQMMIjpbkUTbdlCaQUZGyP8p4GUewRBrAYdwt0wW1v52CSKTZqPQx5XeFAq/XbDXba4fgyUycjc4WegBbWE8hRcfCpu0MJNwsj63K/LFQCStE2WcAZot5Y5ZfIeQBbNLRmgeCo6XUE8MPixIBuTWu9dSOVkriQgSyeU87nhL5P6DcoSwqLvRT3Lv7VVssZgXZoCw19FVBdxFj75ubOHySr6yeQS4eNw2HHOegwSG9/l//iV/IV40wO2zdCUx8Eq+uhec7bekGOPhqpoOeAJvGT5XE+NpunPlpgNyyTUMA5twnKURqAOd4DPNkWxuTeLkDsdQgMde/4KaajGkVq3VFtZyLE9/NrKrnK5ETWOwHpGQfxhwHCdBmpoE7dQa05n952H5BUR3uS9oSDBdBYJtUSmb8gsbcYqDFMpzkqfN62mVmsdt2yf9hbGhHBl;4:tMmLUtxVwm37NJhecFaKFJWcXPc8qziqW8jWAOvbC3MQHTRdLo6W/JikWINwG6Ej3PCvgjtNhsDtBH0TCPdkCzz3gv8xkWgbbPdFmpdrRYQqGgKJj8WGJhoLe9xU/brhADdHE1p6qc02lagjlfM/n19xwEsKzW/+d9EfFz3cHsbN8a09rymryWgwexETzGrz05Hw9F6573rBK5dlFeWoatTeqivWDDFPRoqfMD6KI5PeVYZuaG2zX7A8yWcMLspE+rNNuhSCBYK58dLyiZMjJp1a/t0bYmGdLWPx1nqeHLs= X-Exchange-Antispam-Report-Test: UriScan:(21532816269658); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(93006095)(93001095)(100000703101)(100105400095)(3002001)(10201501046)(6041248)(20161123555025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123564025)(20161123562025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:BL2PR15MB0961;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:BL2PR15MB0961; X-Forefront-PRVS: 040359335D X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(7370300001)(4630300001)(6009001)(39830400002)(377454003)(199003)(24454002)(189002)(5660300001)(36756003)(54356999)(76176999)(50986999)(7350300001)(189998001)(4326008)(42186005)(53936002)(101416001)(31686004)(6246003)(47776003)(25786009)(65806001)(65956001)(65826007)(86362001)(68736007)(6486002)(81166006)(31696002)(23676002)(7736002)(97736004)(64126003)(33646002)(4001350100001)(50466002)(305945005)(53546010)(81156014)(2906002)(230700001)(8676002)(105586002)(6666003)(83506001)(2950100002)(1706002)(6116002)(229853002)(478600001)(106356001)(42262002);DIR:OUT;SFP:1102;SCL:1;SRVR:BL2PR15MB0961;H:[IPv6:2620:10d:c0a1:1110:8000::2300];FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTDJQUjE1TUIwOTYxOzIzOkZxZjRFSm1EZ1VvM3RBS3BTeDk3MFFhcTdv?= =?utf-8?B?eXd1T3BrczEzdHNHTjk5L0krRHBZMGFPdk1FQmJ5dmVGdmhQMVRrdjdSaWdK?= =?utf-8?B?QUZKY0RaREJ6bklZQStiSUZtWDlnTjRNYjlNa3JoTU9SSEZSb096MXIwS3h0?= =?utf-8?B?ckdid1lmSTNJTDlSOUJLSzhmRWpUYk9wWldQWmFld0w3aWt0a0FGb1NJbzY2?= =?utf-8?B?clY3K3lGZHNRQ3ovU2FLc2R3eU02YVlZVnhDdWxSQ2FZZkx0OUZDcEltdC9D?= =?utf-8?B?TlYwNEpyMmtoY0pBSjA1NTNvTWxMbmNLd0J0Z1R1SVhiSHNYQmJpeHgyaUR5?= =?utf-8?B?djV5TFpwcHhtSFM5TnoxTlVQZjB5cVU0SUtJbk1jVVRHZjJjN0xDaUttdVVY?= =?utf-8?B?TmUvaUs4UGNaejIrbnpNVGh4cXVXb3dQZjM5ekc4c3JPQW1ZMlFzY2dWWHNh?= =?utf-8?B?TmlIUytTQ3QrcFliSDhjTms0b2NEZkZvZHlaR1ltWEp4REVtNEFIeFJ3Ukxr?= =?utf-8?B?dE41YmNheTlPaEhqOHNaQlpBbHgwTG9xeUVaVGNNY2FHRmhuWEtJeXAwVTA0?= =?utf-8?B?bnZ6Y3p0c2RZVm4wRE12WWdMT2Vnb1BwTUg4Wnk4N3RFcGl4UUw3QktGb21m?= =?utf-8?B?SXRqQUUxelMvU1hHeGp2L2x5MGhRQ1ZDSXhGQUNBaUMzaEFRT05aV0h2SjRL?= =?utf-8?B?N2dJZVIxdWFNTnVUTEJSMm9aV0ZEYndOMHNIRHNNdHRGaVY2bXluYlV3M2M5?= =?utf-8?B?MDI1S203dFI0Uk80VjI3U0d3K0tlWkMreW5iUkxZNXZvZDRQOHZIU1JMSzFn?= =?utf-8?B?OE1Id0JEaWxHVXNEUlJaYnlOdjh2NFJVRzBhYllmNU83NmVqdm40NUhBTU9o?= =?utf-8?B?a3IwL0N6UUpaSk5HVWcwMnVxRloxSE9LWnNVTDh0T3g0aTJLbWdGN1NjSU1l?= =?utf-8?B?RmVNcHB5UUlYM2puL1ovVEJ5ZWw4QjZkbGVqMVIwSUMwbjByOC9NeE9iM2Y0?= =?utf-8?B?UkpCeDRub3dIQ1llWjAwL2V2bWZkanQ1Sjgwck9nLzg1OTM3anVId01qRzBm?= =?utf-8?B?RWVuQnhCelNDRExLTktSSTJhRTJaaHlOVHJGdklES2FvZGlaWmdWdDBhbHpu?= =?utf-8?B?alUwd3ZXZzVKcU1PcUJRamUyVWUrclBJK1NuOEtGOHYyTU9vTnlSZ2pGSTg1?= =?utf-8?B?ZERPZXhsL2NIUGVxL056THBmR0hDemErNXV0citkN0hTb0dIVVdZZmJWa09s?= =?utf-8?B?WXZxam5EU1FiLzRScVNnaEtTdXkzNXhJMjBtcHdveFlmckMwUWxZb2hobC9H?= =?utf-8?B?ZmQzZ0xLY2NiY1ludkM3QXVIU25sWllBa2o0bzl4M1FKNmxhYlpjcnlTa1pq?= =?utf-8?B?N1k5OGMxVnFKSXJFVTIwbEtWdDU0Ym5iMnNlSC81ekIxd2Yxd1ZueDZSZTlK?= =?utf-8?B?MUJtSWdsUlkxdTROcUJTL215d0xBWjc5NGcvUXUycVNQTzg1RmgxYkdPRDJh?= =?utf-8?B?U2xGRUVDZ1V4MzJnU2RRNXBYNlFISkNidnk1UVBGZTIwLzBsMUtPTExlRzFn?= =?utf-8?B?U0V1TEJPUGJSZUhkcW9BSEw0T1hOMW1adTJBbXQvTjBvZ1VXT1c4QWFXQnN0?= =?utf-8?B?OXZGUzI2WjRTSy8xT01IL2ZZa2hLdlZKQ0M0ZnNZdUpGWWs3U2phMzRtVjVk?= =?utf-8?B?TlZHMHFYVVlkbS9NTElpZ2VuUFdUTTNVRjU0UENVUHJjV0tPQmdsMERuNGMw?= =?utf-8?Q?WGFW8m9bWSiYXHQmMo7tw0HpEPHNqmEUvP3IY=3D?= X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0961;6:DKxNYHI3G9D+kkgRUdlsIqpSMIYQ7u1V9W1cgp2gpoUI+Y0Mql88Mphvo4SBaVytgufM+Kdiu6JpMxqt5KWxs975E0PSmyXYho29jZu+B6DKukXL4mDkenR7upMtPvM7LmDj7p6of0iFUqD2pI6oZy3vdq1yCBksqVXWLxBr7WVAOOPInsv279YavS8MFaXPZJ/FQJA1+yXS5GBewkGRvKx4A6NfHWm1nM4s1/L+vNVQ1mCiV4j8Z0U6q1kBBrA7QB0bdatdqfMJF5ycbnh24TJoq1qKNcyanLfOCW9zLNchayCfk290mvaXIhCgK9FfSbWcag5EJJCB3Ciid6RqlQ==;5:fgAA0y+3jslz1uisipnHIZB97g41MOrtYEWtH+J1UymCzYDM/M5ZAzg/YGRzGe5BnHsv3la5Z6wzrjs8fzSs0wQJ7+4SSQoVYBVY7ltyfiXdVhx1djLPC8u5VnOwSHdF65tl0tDsXeS/6xK2Thm7aw==;24:q/lxqV30o7/p0mQ2PpSYp1WoFIxfwvY86pqo+t+RJQXQtOR0fvalpTUQn89WfNTUwsDZXxeB2VabTILotjJ2CVZn77//OuLK62OVxyiuK/w=;7:N02Gh2ChT2Ksye5h6RPwcYVE5IGrVE7gXLQuvzLURA3GJBc2pE6PCEAxfiFeJ/g/T31L5yaJgFM94EHGGP8OfdFnk6AgGhtnWhxJxIjh6cLTHHt2EqlyFFubXBQCPruAVPbJhN99bpaYgkRBvsT79obwqRqEKw9ENm+7wKf+LEKvOjLTMl1rC4I/TLi9FmXAnBzsR3jt56ZPSwoRIY9NVTqqjCfg0Uk4JgVZOYI46UM= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0961;20:Wi0Ak7+e7JPhY2JfvmQ2oZuEVujYdu0n6INCCliZq0UuX9W0VKOgudub1DCf50pVudCeQPGDDvltNYzkhKG6Om5J0JQh20Csa5Zu9BobMGieu+qv11rZIBPcdmcY2p+E7zQJx8FXKBmeXb0zvOTkm3jR5ERXEx7Ohf3eL4fK9GY= X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Aug 2017 03:21:46.6036 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL2PR15MB0961 X-OriginatorOrg: fb.com X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-08-17_14:,, signatures=0 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 3575 Lines: 81 On 8/15/17 12:34 PM, Edward Cree wrote: > State of a register doesn't matter if it wasn't read in reaching an exit; > a write screens off all reads downstream of it from all explored_states > upstream of it. > This allows us to prune many more branches; here are some processed insn > counts for some Cilium programs: > Program before after > bpf_lb_opt_-DLB_L3.o 6515 3361 > bpf_lb_opt_-DLB_L4.o 8976 5176 > bpf_lb_opt_-DUNKNOWN.o 2960 1137 > bpf_lxc_opt_-DDROP_ALL.o 95412 48537 > bpf_lxc_opt_-DUNKNOWN.o 141706 78718 > bpf_netdev.o 24251 17995 > bpf_overlay.o 10999 9385 > > The runtime is also improved; here are 'time' results in ms: > Program before after > bpf_lb_opt_-DLB_L3.o 24 6 > bpf_lb_opt_-DLB_L4.o 26 11 > bpf_lb_opt_-DUNKNOWN.o 11 2 > bpf_lxc_opt_-DDROP_ALL.o 1288 139 > bpf_lxc_opt_-DUNKNOWN.o 1768 234 > bpf_netdev.o 62 31 > bpf_overlay.o 15 13 > > Signed-off-by: Edward Cree this is one ingenious hack. Love it! I took me whole day to understand most of it, but I still have few questions: > + > +static void propagate_liveness(const struct bpf_verifier_state *state, > + struct bpf_verifier_state *parent) here the name 'parent' is very confusing, since for the first iteration of the loop below it transfers lives from 'neighbor' state to the current state and only then traverses the link of parents in the current. Would be good to document it, since I was struggling the most with this name until I realized that the way you build parent link list in is_state_visited() is actual sequence of roughly basic blocks and the name 'parent' applies there, but not for the first iteration of this function. > @@ -3407,6 +3501,14 @@ static int is_state_visited(struct bpf_verifier_env *env, int insn_idx) > memcpy(&new_sl->state, &env->cur_state, sizeof(env->cur_state)); > new_sl->next = env->explored_states[insn_idx]; > env->explored_states[insn_idx] = new_sl; > + /* connect new state to parentage chain */ > + env->cur_state.parent = &new_sl->state; > + /* clear liveness marks in current state */ > + for (i = 0; i < BPF_REG_FP; i++) > + env->cur_state.regs[i].live = REG_LIVE_NONE; > + for (i = 0; i < MAX_BPF_STACK / BPF_REG_SIZE; i++) > + if (env->cur_state.stack_slot_type[i * BPF_REG_SIZE] == STACK_SPILL) > + env->cur_state.spilled_regs[i].live = REG_LIVE_NONE; and this part I don't get at all. It seems you're trying to sort-of do per-fake-basic block liveness analysis, but our state_list_marks are not correct if we go with canonical basic block definition, since we mark the jump insn and not insn after the branch and not every basic block boundary is properly detected. So if algorithm should only work for basic blocks (for sequences of instructions without control flow changes) then it's broken. If it should work with control flow insns then it should also work for the whole chain of insns from the first one till bpf_exit... So I tried removing two above clearing loops and results are much better: before after bpf_lb-DLB_L3.o 2604 1120 bpf_lb-DLB_L4.o 11159 1371 bpf_lb-DUNKNOWN.o 1116 485 bpf_lxc-DDROP_ALL.o 34566 12758 bpf_lxc-DUNKNOWN.o 53267 18337 bpf_netdev.o 17843 10564 bpf_overlay.o 8672 5513 but it feels too good to be true and probably not correct. So either way we need to fix something it seems.