Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp5145797ybi; Sat, 6 Jul 2019 22:55:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqzLszHrEpmzguy21EDMKpCdzapiNJ8+7wVFMsYozuOaLJuY2jyAy6A7OcZm6qvGpDs8CEOF X-Received: by 2002:a65:4304:: with SMTP id j4mr14754697pgq.419.1562478933042; Sat, 06 Jul 2019 22:55:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562478933; cv=none; d=google.com; s=arc-20160816; b=a4KPBhQthckEnRi6n64DyjYMnHWObX/cfM4a/n9b9/I5ITeSw0kpc7oJ8lTFbNwhww rLeJdeF/XSw/jK6HgUsHLIEdKAy+ylV76XCZU2Crwl6XTJvin1iz+G+DzevuNSvyuNsA mrx4gsEY5EWqSqdI+IA2PnM4q8jnM6ElK/ZQmLQ78SCCb9XfnptGGT8zf1YqbPSLMupj UEE2yLf5ybwMFwl19Fww3t6eTX2elRDDvF/VrIjcpbfGn0HJ7lESq4fwI8PpVRbK5Qlt N7zN4335d82Sk0KMGUqNkug4yD+Y+CBpjiGf0gAQ5SXJCsvjQtfCMjheAg7c07Tj5lYT urRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=BDH8cRFrZThEINUksn0QYQOK+fEuTVE0+kldtTsPMZk=; b=UZiRewG6O8tjZEjmpmRiSHRqx8jexwTr6rFlSUC1iRZX5wfQlaWDHTrBK2oPLrNBcc Gy5VBgON0q/QjwZB9YmtAjcZrWPnrnVPkrkUTgFf0MTreoPXWaHJzHHq2sg3rWbFqL1U 7YFXzfLMAZ6kYfzV8h3hOc2SvV3CpI51w5wRS5TpmERX0b0Sa4DYKa3BaZGjksrldLo3 Nyzp6bA+xnb/0iuai30WGTuT1JIL+1z369cFi0L5ZT0TMwbqA8JXuK5Y24KO1hP9YfRo XQEHSWWMUc5pd+ZfXoieOPM4zoLizVPyUT6G341BQD0RFMxebX5oJI7TJktnsJfGe7Lg ecsg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id cn1si13975037plb.204.2019.07.06.22.55.07; Sat, 06 Jul 2019 22:55:33 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726044AbfGGFwX (ORCPT + 99 others); Sun, 7 Jul 2019 01:52:23 -0400 Received: from mx1.redhat.com ([209.132.183.28]:37456 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725800AbfGGFwX (ORCPT ); Sun, 7 Jul 2019 01:52:23 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9A0A1306041F; Sun, 7 Jul 2019 05:52:17 +0000 (UTC) Received: from treble (ovpn-122-197.rdu2.redhat.com [10.10.122.197]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4DCAC1001B30; Sun, 7 Jul 2019 05:52:11 +0000 (UTC) Date: Sun, 7 Jul 2019 00:52:09 -0500 From: Josh Poimboeuf To: Ingo Molnar Cc: bp@alien8.de, hpa@zytor.com, songliubraving@fb.com, tglx@linutronix.de, rostedt@goodmis.org, kasong@redhat.com, daniel@iogearbox.net, ast@kernel.org, peterz@infradead.org, linux-kernel@vger.kernel.org, linux-tip-commits@vger.kernel.org Subject: Re: [tip:x86/urgent] bpf: Fix ORC unwinding in non-JIT BPF code Message-ID: <20190707055209.xqyopsnxfurhrkxw@treble> References: <881939122b88f32be4c374d248c09d7527a87e35.1561685471.git.jpoimboe@redhat.com> <20190706202942.GA123403@gmail.com> <20190707013206.don22x3tfldec4zm@treble> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20190707013206.don22x3tfldec4zm@treble> User-Agent: NeoMutt/20180716 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.46]); Sun, 07 Jul 2019 05:52:22 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Jul 06, 2019 at 08:32:06PM -0500, Josh Poimboeuf wrote: > On Sat, Jul 06, 2019 at 10:29:42PM +0200, Ingo Molnar wrote: > > Hm, I get this new build warning on x86-64 defconfig-ish kernels plus > > these enabled: > > > > CONFIG_BPF=y > > CONFIG_BPF_JIT=y > > > > kernel/bpf/core.o: warning: objtool: ___bpf_prog_run()+0x8da: sibling call from callable instruction with modified stack frame > > I assume you have CONFIG_RETPOLINE disabled? For some reason that > causes GCC to add 166 indirect jumps to that function, which is giving > objtool trouble. Looking into it. Alexei, do you have any objections to setting -fno-gcse for ___bpf_prog_run()? Either for the function or the file? Doing so seems to be recommended by the GCC manual for computed gotos. It would also "fix" one of the issues. More details below. Details: With CONFIG_RETPOLINE=n, there are a couple of GCC optimizations in ___bpf_prog_run() which objtool is having trouble with. 1) The function has: select_insn: goto *jumptable[insn->code]; And then a bunch of "goto select_insn" statements. GCC is basically replacing select_insn: jmp *jumptable(,%rax,8) ... ALU64_ADD_X: ... jmp select_insn ALU_ADD_X: ... jmp select_insn with select_insn: jmp *jumptable(, %rax, 8) ... ALU64_ADD_X: ... jmp *jumptable(, %rax, 8) ALU_ADD_X: ... jmp *jumptable(, %rax, 8) It does that 166 times. For some reason, it doesn't do the optimization with retpolines enabled. Objtool has never seen multiple indirect jump sites which use the same jump table. This is relatively trivial to fix (I already have a working patch). 2) After doing the first optimization, GCC then does another one which is a little trickier. It replaces: select_insn: jmp *jumptable(, %rax, 8) ... ALU64_ADD_X: ... jmp *jumptable(, %rax, 8) ALU_ADD_X: ... jmp *jumptable(, %rax, 8) with select_insn: mov jumptable, %r12 jmp *(%r12, %rax, 8) ... ALU64_ADD_X: ... jmp *(%r12, %rax, 8) ALU_ADD_X: ... jmp *(%r12, %rax, 8) The problem is that it only moves the jumptable address into %r12 once, for the entire function, then it goes through multiple recursive indirect jumps which rely on that %r12 value. But objtool isn't yet smart enough to be able to track the value across multiple recursive indirect jumps through the jump table. After some digging I found that the quick and easy fix is to disable -fgcse. In fact, this seems to be recommended by the GCC manual, for code like this: -fgcse Perform a global common subexpression elimination pass. This pass also performs global constant and copy propagation. Note: When compiling a program using computed gotos, a GCC extension, you may get better run-time performance if you disable the global common subexpression elimination pass by adding -fno-gcse to the command line. Enabled at levels -O2, -O3, -Os. This code indeed relies extensively on computed gotos. I don't know *why* disabling this optimization would improve performance. In fact I really don't see how it could make much of a difference either way. Anyway, using -fno-gcse makes optimization #2 go away and makes objtool happy, with only a fix for #1 needed. If -fno-gcse isn't an option, we might be able to fix objtool by using the "first_jump_src" thing which Peter added, improving it such that it also takes table jumps into account. -- Josh