linux-riscv.lists.infradead.org archive mirror
 help / color / mirror / Atom feed
From: Pu Lehui <pulehui@huaweicloud.com>
To: "Björn Töpel" <bjorn@kernel.org>,
	bpf@vger.kernel.org, linux-riscv@lists.infradead.org,
	netdev@vger.kernel.org
Cc: Song Liu <song@kernel.org>, Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Andrii Nakryiko <andrii@kernel.org>,
	Martin KaFai Lau <martin.lau@linux.dev>,
	Eduard Zingerman <eddyz87@gmail.com>, Yonghong Song <yhs@fb.com>,
	John Fastabend <john.fastabend@gmail.com>,
	KP Singh <kpsingh@kernel.org>,
	Stanislav Fomichev <sdf@google.com>, Hao Luo <haoluo@google.com>,
	Jiri Olsa <jolsa@kernel.org>, Palmer Dabbelt <palmer@dabbelt.com>,
	Luke Nelson <luke.r.nels@gmail.com>,
	Pu Lehui <pulehui@huawei.com>
Subject: Re: [PATCH bpf-next v2 4/4] riscv, bpf: Mixing bpf2bpf and tailcalls
Date: Fri, 2 Feb 2024 17:44:04 +0800	[thread overview]
Message-ID: <160aaa6f-7efb-4a29-ab6f-dcf938d3419f@huaweicloud.com> (raw)
In-Reply-To: <87jznowbmf.fsf@all.your.base.are.belong.to.us>

[-- Attachment #1: Type: text/plain, Size: 3694 bytes --]



On 2024/2/1 21:35, Björn Töpel wrote:
> Pu Lehui <pulehui@huaweicloud.com> writes:
> 
>> On 2024/2/1 18:10, Björn Töpel wrote:
>>> Pu Lehui <pulehui@huaweicloud.com> writes:
>>>
>>>>>> @@ -252,10 +220,7 @@ static void __build_epilogue(bool is_tail_call, struct rv_jit_context *ctx)
>>>>>>     		emit_ld(RV_REG_S5, store_offset, RV_REG_SP, ctx);
>>>>>>     		store_offset -= 8;
>>>>>>     	}
>>>>>> -	if (seen_reg(RV_REG_S6, ctx)) {
>>>>>> -		emit_ld(RV_REG_S6, store_offset, RV_REG_SP, ctx);
>>>>>> -		store_offset -= 8;
>>>>>> -	}
>>>>>> +	emit_ld(RV_REG_TCC, store_offset, RV_REG_SP, ctx);
>>>>>
>>>>> Why do you need to restore RV_REG_TCC? We're passing RV_REG_TCC (a6) as
>>>>> an argument at all call-sites, and for tailcalls we're loading from the
>>>>> stack.
>>>>>
>>>>> Is this to fake the a6 argument for the tail-call? If so, it's better to
>>>>> move it to emit_bpf_tail_call(), instead of letting all programs pay for
>>>>> it.
>>>>
>>>> Yes, we can remove this duplicate load. will do that at next version.
>>>
>>> Hmm, no remove, but *move* right? Otherwise a6 can contain gargabe on
>>> entering the tailcall?
>>>
>>> Move it before __emit_epilogue() in the tailcall, no?
>>>
>>
>> IIUC, we don't need to load it again. In emit_bpf_tail_call function, we
>> load TCC from stack to A6, A6--, then store A6 back to stack. Then
>> unwind the current stack and jump to target bpf prog, during this
>> period, we did not touch the A6 register, do we still need to load it again?
> 
> a6 has to be populated prior each call -- including tailcalls. An
> example, how it can break:
> 
> main_prog() -> prologue (a6 := 0; push a6) -> bpf_helper() (random
> kernel path that clobbers a6) -> tailcall(foo()) (unwinds stack, enters

It's OK to clobbers A6 reg for helper/kfunc call, because we will load 
TCC from stack to A6 reg before jump to tailcall target prog. In 
addition, I found that we can remove the store A6 back to stack command 
from the tailcall process. I try to describe the process involved:

PS: I'm attaching a picture to avoid the formatting below.

Main prog
	A6 reg = 33
	STORE A6 value(TCC=33) to main prog stack
	...
	/* helper call/kfunc call (not call to bpf prog)*/
	LOAD TCC=33 from main prog stack to A6 reg
	call bpf_helper_prog1/kfunc1
		bpf_helper_prog1/kfunc1
			break A6 reg
			return Main prog
	/* it's ok to break A6 reg, because we have stored A6 value to main 
prog stack */
	...
	/* start tailcall(foo) */
	LOAD TCC=33 from main prog stack to A6 reg
	A6--: TCC=32
	STORE A6 value(TCC=32) to main prog stack
	UNWIND Main prog stack (at this time, A6 value 32 will not on any stack)
	/* at this time, A6 reg is not affected. */
	jump to foo()
		foo() --- tailcall target
			STORE A6 value(TCC=32) to foo prog stack
			...
			/* subprog call (call to bpf prog)*/
			LOAD TCC=32 from foo prog stack to A6 reg
			call subprog1
				subprog1
					STORE A6 value(TCC=32) to subprog1 stack
					...
					/* start tailcall(foo2) */
					LOAD TCC=32 from subprog1 stack to A6 reg
					A6--:TCC=31
					STORE A6 value(TCC=31) to subprog1 stack
					UNWIND subprog1 stack (at this time, `old` A6 value 32 still in foo 
prog stack)
					/* at this time, A6 reg is not affected. */
					jump to foo2()
						foo2() --- tailcall target
							STORE A6 value(TCC=31) to foo2 prog stack
							...
							UNWIND foo2 prog stack (at this time, `old` A6 value 32 still in 
foo prog stack)
							return to foo()
		...
		/* if have any call will load `old` A6 value 32 to A6 reg */
		...
		UNWIND foo prog stack (at this time, old A6 32 will not on any stack)
		return to the caller of Main prog

> foo() with a6 garbage, and push a6).
> 
> Am I missing something?

[-- Attachment #2: tailcalls.JPG --]
[-- Type: image/jpeg, Size: 92740 bytes --]

[-- Attachment #3: Type: text/plain, Size: 161 bytes --]

_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv

  reply	other threads:[~2024-02-02 16:30 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-01-30  4:09 [PATCH bpf-next v2 0/4] Mixing bpf2bpf and tailcalls for RV64 Pu Lehui
2024-01-30  4:09 ` [PATCH bpf-next v2 1/4] riscv, bpf: Remove redundant ctx->offset initialization Pu Lehui
2024-01-30 16:04   ` Björn Töpel
2024-01-30  4:09 ` [PATCH bpf-next v2 2/4] riscv, bpf: Using kvcalloc to allocate cache buffer Pu Lehui
2024-01-30 16:05   ` Björn Töpel
2024-01-30  4:09 ` [PATCH bpf-next v2 3/4] riscv, bpf: Add RV_TAILCALL_OFFSET macro to format tailcall offset Pu Lehui
2024-01-30 16:05   ` Björn Töpel
2024-01-30  4:09 ` [PATCH bpf-next v2 4/4] riscv, bpf: Mixing bpf2bpf and tailcalls Pu Lehui
2024-01-30 17:30   ` Björn Töpel
2024-02-01  8:22     ` Pu Lehui
2024-02-01 10:10       ` Björn Töpel
2024-02-01 12:10         ` Pu Lehui
2024-02-01 13:35           ` Björn Töpel
2024-02-02  9:44             ` Pu Lehui [this message]
2024-02-02 13:04               ` Björn Töpel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=160aaa6f-7efb-4a29-ab6f-dcf938d3419f@huaweicloud.com \
    --to=pulehui@huaweicloud.com \
    --cc=andrii@kernel.org \
    --cc=ast@kernel.org \
    --cc=bjorn@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=eddyz87@gmail.com \
    --cc=haoluo@google.com \
    --cc=john.fastabend@gmail.com \
    --cc=jolsa@kernel.org \
    --cc=kpsingh@kernel.org \
    --cc=linux-riscv@lists.infradead.org \
    --cc=luke.r.nels@gmail.com \
    --cc=martin.lau@linux.dev \
    --cc=netdev@vger.kernel.org \
    --cc=palmer@dabbelt.com \
    --cc=pulehui@huawei.com \
    --cc=sdf@google.com \
    --cc=song@kernel.org \
    --cc=yhs@fb.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).