asm goto with outputs
play

Asm Goto with Outputs 2020 LLVM Viruual Developers Meeting Bill - PowerPoint PPT Presentation

Feb 16, 2023 •434 likes •686 views

Proprietary + Confidential Asm Goto with Outputs 2020 LLVM Viruual Developers Meeting Bill Wendling & Nick Desaulniers Proprietary + Confidential Motivation Proprietary + Confidential Asm goto use cases Exceptionsfault handler

  1. Proprietary + Confidential Asm Goto with Outputs 2020 LLVM Viruual Developers’ Meeting Bill Wendling & Nick Desaulniers

  2. Proprietary + Confidential Motivation

  3. Proprietary + Confidential Asm goto use cases ● Exceptions—fault handler fixups ● Tracing—replacing branches (original use case) Runtime devirtualization ●

  4. Proprietary + Confidential Curiously recurring inline asm .pushsection This pattern occurs throughout the Linux kernel: asm goto(".pushsection foo" ".long %l0" ".popsection" : : : : comefrom); /* ... */ comefrom:; By storing the address of a label into a different ELF section (via inline asm), if we have the machinery to parse ELF sections, then we may revisit the statement (or otherwise store information) about our program to find at runtime.

  5. Proprietary + Confidential Proprietary + Confidential

  6. Proprietary + Confidential Interrupts & Exceptions “Vectored events” where the CPU may be able to backup register state to memory for recovery then jump to registered handler routines. Interrupts ● ○ Maskable (ignorable) ○ Non-maskable Exceptions ● Aborts (unable to proceed) ○ ○ Traps (debugging, kernel fp handling; increments program counter) ■ Software interrupts or “programmed exceptions” Faults (potentially recoverable) ○

  7. Proprietary + Confidential Exceptions (fault handler fjxups) Example from arch/x86/include/asm/uaccess.h for writing to syscall arguments from userspace, (simplified, see also Documentation/x86/exception-tables.rst ): #define __put_user_goto(x, addr, label) \ asm volatile goto( \ "1: mov %0,%1" \ ".pushsection __ex_table" \ ".long 1b" \ ".long %l2" \ ".long ex_handler_uaccess" \ ".popsection" \ : : "ir"(x), "m"(addr)) \ : : label) where addr comes from userspace (i.e. can’t trust), might fault if not paged in or is invalid.

  8. Proprietary + Confidential Exceptions (fault handler fjxups) Example from arch/x86/kvm/vmx/vmx.c (simplified): int kvm_cpu_vmxon(long vmxon_pointer) { asm volatile goto("1: vmxon %[vmxon_pointer]\n\t" ".pushsection __ex_table\n" ".long 1b\n" ".long %l[fault]\n" ".long ex_handler_uaccess\n" ".popsection\n" : : [vmxon_pointer] "m"(vmxon_pointer) : : fault); return 0; fault: printk("oh no!\n"); return -EFAULT; }

  9. Proprietary + Confidential Proprietary + Confidential Tracing Motivating example: We want on rare occasions to call the trace function; on other occasions we'd like to keep the overhead to the absolute minimum. We can patch the nop instruction (“ nop sled”) at run time by finding data stored in this section to be an unconditional branch to the stored label. #define TRACE1(NUM) \ do { \ asm goto ("0: nop;" \ ".pushsection trace_table;" \ ".long 0b, %l0;" \ ".popsection" \ : : : : trace#NUM); \ if (0) { trace#NUM: trace(); } \ } while (0) #define TRACE TRACE1(__COUNTER__)

  10. Proprietary + Confidential

  11. Proprietary + Confidential Proprietary + Confidential Deviruualization If we could runtime patch conditional jump instructions in or out, what else could we replace at runtime? How about turning indirect calls that change infrequently or not at all into direct calls? (Relief from Spectre) Pretty dangerous; requires at least icache flushes, trickier for variable length encoded ISAs (hint: nop sleds!).

  12. Proprietary + Confidential Nituy-Grituy Details

  13. Proprietary + Confidential Overarching goals ● Allows asm goto to behave the same as a normal asm block on the default / fallthrough path. Allows the programmer to optimize code further: ● ○ No longer need to use memory for outputs. ○ Improve the programmers ability to reuse labels as exceptional cases. Reduce the amount of generated code—e.g. unsafe_get_user() . ○

  14. Proprietary + Confidential Ambiguous cases 1. Multiple asm goto statements with the same target, but non-mutually satisfiable output constraints. a. I maintain that asm goto statements shouldn't jump to the same basic block, but normal transformations may make it impossible to enforce that assertion. 2. Jumping to labels where the output variable is out of scope. a. Shouldn’t be able to refer to out of scope variables, but maybe something gross like this. int foo() { int y; asm goto("..." : "=r"(y) : : : label); int x = bar(); if (0) { label: y = x; } return y; }

  15. Proprietary + Confidential Asm goto with outputs details ● GCC didn't implement asm goto with outputs, due to an internal restriction. In our implementation, outputs are supported only on the fallthrough path. ● Supporting outputs on the indirect branches is very messy. E.g. it's not clear how to resolve PHI nodes ○ when a destination block has its address taken. x 1 = ... x 2 = ... asm goto ... asm goto ... default default indirect: Address of the indirect block may be used as data in asm x 3 = 𝚾 (x 1 , x 2 ) block.

  16. Proprietary + Confidential Design details ● callbr is converted to INLINEASM_BR in MIR ( M achine IR ) MIR allows for multiple terminators at the end of blocks. ○

  17. Proprietary + Confidential Design details ● callbr is converted to INLINEASM_BR in MIR ( M achine IR ) MIR allows for multiple terminators at the end of blocks. ○ ● ASM goto's representation as a terminator in MIR didn't fit well with clang's back-end restrictions—i.e. there cannot be a non-terminator after a terminator.

  18. Proprietary + Confidential Design details ● callbr is converted to INLINEASM_BR in MIR ( M achine IR ) MIR allows for multiple terminators at the end of blocks. ○ ● ASM goto's representation as a terminator in MIR didn't fit well with clang's back-end restrictions—i.e. there cannot be a non-terminator after a terminator. Difficult to represent moving values from an asm goto call into registers before the end of the block, ○ because there cannot be non-terminators ( MOV instructions) after terminators. ■ Could place moves in separate fallthrough block, but "live in" analysis isn't ran until late in MIR processing.

  19. Proprietary + Confidential Design details ● callbr is converted to INLINEASM_BR in MIR ( M achine IR ) MIR allows for multiple terminators at the end of blocks. ○ ● ASM goto's representation as a terminator in MIR didn't fit well with clang's back-end restrictions—i.e. there cannot be a non-terminator after a terminator. Difficult to represent moving values from an asm goto call into registers before the end of the block, ○ because there cannot be non-terminators ( MOV instructions) after terminators. ■ Could place moves in separate fallthrough block, but "live in" analysis isn't ran until late in MIR processing. Live range splits may need to spill after an asm goto, resulting again in a non-terminator after terminator ○ violation.

  20. Proprietary + Confidential Design details ● callbr is converted to INLINEASM_BR in MIR ( M achine IR ) MIR allows for multiple terminators at the end of blocks. ○ ● ASM goto's representation as a terminator in MIR didn't fit well with clang's back-end restrictions—i.e. there cannot be a non-terminator after a terminator. Difficult to represent moving values from an asm goto call into registers before the end of the block, ○ because there cannot be non-terminators ( MOV instructions) after terminators. ■ Could place moves in separate fallthrough block, but "live in" analysis isn't ran until late in MIR processing. Live range splits may need to spill after an asm goto, resulting again in a non-terminator after terminator ○ violation. ● Ultimately, we decided that the asm goto representation in MIR shouldn't be a terminator (thanks, James!). ○ However, we must ensure that uses of non-output variables on the indirect branches are defined before the asm block.

  21. Proprietary + Confidential Finally, the end! ● Clang-built Linux ( https://clangbuiltlinux.github.io/ ) is a renewed effort to make clang a first-class citizen in the Linux world. ● It's mutually beneficial for the gcc and clang communities to collaborate on Linux support. ● Both compilers bring different things to the table: Warnings, sanitizers, code health tools, ideas for language extensions, etc. ○

  22. Proprietary + Confidential One more thing...

  23. Proprietary + Confidential AGwO and beyond the infjnite Linux: Commit 587f17018a2c Kconfig: add config option for asm goto w/ outputs tcmalloc: Commit https://github.com/google/tcmalloc/commit/ca9fa6e5a5b283eebcf008ba081491a0d946f57d Leverage asm goto with output to optimize new fast path further.

  24. Proprietary + Confidential Also... We're running Clang-built Linux at Google now!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Tang, Goto et al., 2017, MNRAS, 466,4568 Liu, Goto et al. submitted Tomo GOTO

Tang, Goto et al., 2017, MNRAS, 466,4568 Liu, Goto et al. submitted Tomo GOTO

Tang, Goto et al., 2017, MNRAS, 466,4568 Liu, Goto et al. submitted Tomo GOTO Tomo GOTO When, and how the Universe was

380 views • 20 slides
indicators Julia Slay, NEF Introductions around the room The first distinction: outputs

indicators Julia Slay, NEF Introductions around the room The first distinction: outputs

Outputs, outcomes and indicators Julia Slay, NEF Introductions around the room The first distinction: outputs Outputs Outputs are a quantitative summary of an activity. For example, the activity is we provide training and the output

560 views • 20 slides
Codec Chips Tribute to Prof. Goto Jinjia Zhou 1 , Dajiang Zhou 2 , Satoshi Goto 2 1 Hosei

Codec Chips Tribute to Prof. Goto Jinjia Zhou 1 , Dajiang Zhou 2 , Satoshi Goto 2 1 Hosei

100x Evolution of Vid ideo Codec Chips Tribute to Prof. Goto Jinjia Zhou 1 , Dajiang Zhou 2 , Satoshi Goto 2 1 Hosei University, Tokyo, Japan 2 Waseda University, Kitakyushu, Japan Prof. Goto has been my supervisor from 2008 to 2015. (M.S ->

464 views • 27 slides
Theory of Computer Science D3. GOTO-Computability Malte Helmert University of Basel April 25,

Theory of Computer Science D3. GOTO-Computability Malte Helmert University of Basel April 25,

Theory of Computer Science D3. GOTO-Computability Malte Helmert University of Basel April 25, 2016 WHILE vs. Turing GOTO Programs GOTO vs. WHILE Turing vs. GOTO Summary Overview: Computability Theory Computability Theory imperative

1.09k views • 32 slides
GoTo PRESSURE RELIEF CUSHION The new GoTo Pressure Relief Cushion is available in 2 sizes to pair

GoTo PRESSURE RELIEF CUSHION The new GoTo Pressure Relief Cushion is available in 2 sizes to pair

GoTo PRESSURE RELIEF CUSHION The new GoTo Pressure Relief Cushion is available in 2 sizes to pair with each size of GoTo Seat. 2 1 167-101 167-201 Who is it for? Current and new customers can benefjt from the Pressure Relief Cushion.

486 views • 12 slides
Gamification: Behind the buzz Unity Studios GOTO, October 2013 Unity Studios GOTO,

Gamification: Behind the buzz Unity Studios GOTO, October 2013 Unity Studios GOTO,

Gamification: Behind the buzz Unity Studios GOTO, October 2013 Unity Studios GOTO, October 2013 Gamification Ux to the next level Emotional content / context Inverse persona Using game tech, and game techniques Unity

461 views • 28 slides
PRESENTATION #5 OUTPUTS 1.2 & 3.2: NORTHERN CAPE HUB, R&D AND SUPPORT TO CULTIVATION GEF

PRESENTATION #5 OUTPUTS 1.2 & 3.2: NORTHERN CAPE HUB, R&D AND SUPPORT TO CULTIVATION GEF

PRESENTATION #5 OUTPUTS 1.2 & 3.2: NORTHERN CAPE HUB, R&D AND SUPPORT TO CULTIVATION GEF Full-Sized Project (FSP): Development of value chains for products derived from genetic resources OUTPUTS 1.2 & 3.2: Bioprospecting R R&D

475 views • 14 slides
Automated Driving Are we taking the Human Factors Researcher out of the Loop? Sanna Pampel GOTO

Automated Driving Are we taking the Human Factors Researcher out of the Loop? Sanna Pampel GOTO

Automated Driving Are we taking the Human Factors Researcher out of the Loop? Sanna Pampel GOTO Conference London October 2016 GOTO Conference London October 2016 Why automation? By Marco Verch - Polizeiwagen Unfall, CC BY 2.0 GOTO

768 views • 40 slides
Experiences from the Research Outputs Team, UQ Library Helen Morgan, Fei Yu, Sarah Evans, Andrew

Experiences from the Research Outputs Team, UQ Library Helen Morgan, Fei Yu, Sarah Evans, Andrew

Experiences from the Research Outputs Team, UQ Library Helen Morgan, Fei Yu, Sarah Evans, Andrew Heath & Sharon Bunce The Research Outputs Team Knowledge Sharing and Training Global drivers behind the formation of the Research Outputs

751 views • 51 slides
2011 Census Outputs and dissemination Ian White: Head of Census Legislation, Parliamentary

2011 Census Outputs and dissemination Ian White: Head of Census Legislation, Parliamentary

2011 Census Outputs and dissemination Ian White: Head of Census Legislation, Parliamentary Support, and International Liaison PAMS 28 March 2012 2011 Census outputs and dissemination Confidence in the results Census outputs

299 views • 28 slides
ARDUINO SERIES BASIC DIGITAL INPUTS AND OUTPUTS 1. THE BASICS: INPUTS, OUTPUTS, SOURCES AND

ARDUINO SERIES BASIC DIGITAL INPUTS AND OUTPUTS 1. THE BASICS: INPUTS, OUTPUTS, SOURCES AND

ARDUINO SERIES BASIC DIGITAL INPUTS AND OUTPUTS 1. THE BASICS: INPUTS, OUTPUTS, SOURCES AND SINKS 2. CONNECT A SWITCH TO AN ARDUINO NORMALLY LOW OR HIGH 3. CONNECT AN LED TO AN ARDUINO INVERTED LOGIC OR REGULAR These slides are the

385 views • 5 slides
UMBC A B M A L T F O U M B C I M Y O R T 1 (12/11/06) I E S R C E O V

UMBC A B M A L T F O U M B C I M Y O R T 1 (12/11/06) I E S R C E O V

VLSI Design Verification and Test BIST II CMPE 646 Space Compaction Multiple Outputs We need to treat the general case of a k-output circuit. m k Test Set L LFSR CUT There are several possibilities: Multiplex the k outputs of the CUT.

319 views • 12 slides
improve outcomes for vulnerable people in Scotland? Outputs and Presentation pack Intentions

improve outcomes for vulnerable people in Scotland? Outputs and Presentation pack Intentions

How can data analytics improve outcomes for vulnerable people in Scotland? Outputs and Presentation pack Intentions and outputs of the event. We considered how the world is changing in terms of digital progress, and whether we can afford

339 views • 31 slides
The Effects of IT on Democracy Kate Gray (reformed political junkie) @grisgraygrau GOTO Berlin

The Effects of IT on Democracy Kate Gray (reformed political junkie) @grisgraygrau GOTO Berlin

The Effects of IT on Democracy Kate Gray (reformed political junkie) @grisgraygrau GOTO Berlin 2016 @grisgraygrau GOTO Berlin 2016 @grisgraygrau GOTO Berlin 2016 @grisgraygrau GOTO Berlin 2016 @grisgraygrau GOTO Berlin 2016 @grisgraygrau

510 views • 26 slides
Outputs update September 2011 Agenda Consultation Release plans : First release and

Outputs update September 2011 Agenda Consultation Release plans : First release and

Outputs update September 2011 Agenda Consultation Release plans : First release and proposed running order for outputs Approach to dissemination Data feeds work Census analysis Address Engagement Field Online Data

428 views • 29 slides
Regular Relation (of strings) Relation: like a function, but multiple outputs ok Regular:

Regular Relation (of strings) Relation: like a function, but multiple outputs ok Regular:

a little pre-talk review Regular Relation (of strings) Relation: like a function, but multiple outputs ok Regular: finite-state a: Transducer: automaton w/ outputs b:b b ? a ? a:a a:c aaaaa ? ?:c

863 views • 53 slides
Advanced Lesson 34 Topic 34: Journey. Road travel common phrases Journey - an occasion when

Advanced Lesson 34 Topic 34: Journey. Road travel common phrases Journey - an occasion when

2 nd semester Advanced Lesson 34 Topic 34: Journey. Road travel common phrases Journey - an occasion when you travel from one place to another, especially when there is a long distance between the places. We had a long journey ahead of us.

445 views • 7 slides
Target-driven Visual Navigation in Indoor Scenes Using Deep Reinforcement Learning [Zhu et al.

Target-driven Visual Navigation in Indoor Scenes Using Deep Reinforcement Learning [Zhu et al.

REINFORCEMENT LEARNING FOR ROBOTICS Target-driven Visual Navigation in Indoor Scenes Using Deep Reinforcement Learning [Zhu et al. 2017] A. James E. Cagalawan james.cagalawan@gmail.com University of Waterloo June 27, 2018 (Note: Videos in

793 views • 45 slides
CSE543 - Introduction to Computer and Network Security Module: Access Control Professor Trent

CSE543 - Introduction to Computer and Network Security Module: Access Control Professor Trent

554 views • 31 slides
Transportation emissions are rising TITLE Emitting more because were driving more The built

Transportation emissions are rising TITLE Emitting more because were driving more The built

Transportation emissions are rising TITLE Emitting more because were driving more The built environment can force more driving or make driving less easy Clustered development Sprawling development allows drivers to take requires drivers

309 views • 26 slides
2018 Lecture 9 The speed of revolu@ons, the transi@on to electricity Revolu@ons are by nature

2018 Lecture 9 The speed of revolu@ons, the transi@on to electricity Revolu@ons are by nature

GEOS 24705 / ENST 24705 / ENSC 21100 2018 Lecture 9 The speed of revolu@ons, the transi@on to electricity Revolu@ons are by nature fast Revolu@on is @me of maximum change People talk about the coming Industrial Revolu0on of new technology

790 views • 40 slides
VAPD A Visionary System for Uncertainty Aware Decision Making in Crime Analysis Florian

VAPD A Visionary System for Uncertainty Aware Decision Making in Crime Analysis Florian

VAPD A Visionary System for Uncertainty Aware Decision Making in Crime Analysis Florian Stoffel, Dominik Sacha, Geoffrey Ellis, Daniel A. Keim 2 CCA Comparative Case Analysis CCA aims to find patterns in incidents or crime events that

430 views • 21 slides
Making C Less Dangerous in the Linux Kernel Kees Cook | @keescook LINUX.CONF.AU 21-25 January

Making C Less Dangerous in the Linux Kernel Kees Cook | @keescook LINUX.CONF.AU 21-25 January

Making C Less Dangerous in the Linux Kernel Kees Cook | @keescook LINUX.CONF.AU 21-25 January The Linux of Things | #LCA2019 | @linuxconfau 2019 Christchurch, NZ Making C Less Dangerous in the Linux Kernel Linux Conf AU January 25,

505 views • 29 slides
CMSC 430 Introduction to Compilers Programming Language Design and Implementation Introduction

CMSC 430 Introduction to Compilers Programming Language Design and Implementation Introduction

CMSC 430 Introduction to Compilers Programming Language Design and Implementation Introduction Fall 2018 Why take this course? Programming languages matter In theory, almost all languages are equivalent (Turing complete) In

493 views • 9 slides

More recommend