| Message ID | 20180307211001.25449-1-daniel@iogearbox.net |
|---|---|
| State | Accepted, archived |
| Delegated to: | BPF Maintainers |
| Headers | show |
| Series | [bpf] bpf, x64: increase number of passes | expand |
On Wed, 2018-03-07 at 22:10 +0100, Daniel Borkmann wrote: > In Cilium some of the main programs we run today are hitting 9 passes > on x64's JIT compiler, and we've had cases already where we surpassed > the limit where the JIT then punts the program to the interpreter > instead, leading to insertion failures due to > CONFIG_BPF_JIT_ALWAYS_ON > or insertion failures due to the prog array owner being JITed but the > program to insert not (both must have the same JITed/non-JITed > property). > > One concrete case the program image shrunk from 12,767 bytes down to > 10,288 bytes where the image converged after 16 steps. I've measured > that this took 340us in the JIT until it converges on my i7-6600U. > Thus, > increase the original limit we had from day one where the JIT covered > cBPF only back then before we run into the case (as similar with the > complexity limit) where we trip over this and hit program rejections. > Also add a cond_resched() into the compilation loop, the JIT process > runs without any locks and may sleep anyway. > > Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> > Acked-by: Alexei Starovoitov <ast@kernel.org> > --- > arch/x86/net/bpf_jit_comp.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/net/bpf_jit_comp.c > b/arch/x86/net/bpf_jit_comp.c > index 45e4eb5..ce5b2eb 100644 > --- a/arch/x86/net/bpf_jit_comp.c > +++ b/arch/x86/net/bpf_jit_comp.c > @@ -1188,7 +1188,7 @@ struct bpf_prog *bpf_int_jit_compile(struct > bpf_prog *prog) > * may converge on the last pass. In such case do one more > * pass to emit the final image > */ > - for (pass = 0; pass < 10 || image; pass++) { > + for (pass = 0; pass < 20 || image; pass++) { > proglen = do_jit(prog, addrs, image, oldproglen, > &ctx); > if (proglen <= 0) { > image = NULL; > @@ -1215,6 +1215,7 @@ struct bpf_prog *bpf_int_jit_compile(struct > bpf_prog *prog) > } > } > oldproglen = proglen; > + cond_resched(); > } > > if (bpf_jit_enable > 1) Thanks ! Reviewed-by: Eric Dumazet <edumazet@google.com>
On Wed, Mar 07, 2018 at 10:10:01PM +0100, Daniel Borkmann wrote: > In Cilium some of the main programs we run today are hitting 9 passes > on x64's JIT compiler, and we've had cases already where we surpassed > the limit where the JIT then punts the program to the interpreter > instead, leading to insertion failures due to CONFIG_BPF_JIT_ALWAYS_ON > or insertion failures due to the prog array owner being JITed but the > program to insert not (both must have the same JITed/non-JITed property). > > One concrete case the program image shrunk from 12,767 bytes down to > 10,288 bytes where the image converged after 16 steps. I've measured > that this took 340us in the JIT until it converges on my i7-6600U. Thus, > increase the original limit we had from day one where the JIT covered > cBPF only back then before we run into the case (as similar with the > complexity limit) where we trip over this and hit program rejections. > Also add a cond_resched() into the compilation loop, the JIT process > runs without any locks and may sleep anyway. > > Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> > Acked-by: Alexei Starovoitov <ast@kernel.org> Applied to bpf tree, Thanks Daniel!
diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c index 45e4eb5..ce5b2eb 100644 --- a/arch/x86/net/bpf_jit_comp.c +++ b/arch/x86/net/bpf_jit_comp.c @@ -1188,7 +1188,7 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) * may converge on the last pass. In such case do one more * pass to emit the final image */ - for (pass = 0; pass < 10 || image; pass++) { + for (pass = 0; pass < 20 || image; pass++) { proglen = do_jit(prog, addrs, image, oldproglen, &ctx); if (proglen <= 0) { image = NULL; @@ -1215,6 +1215,7 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) } } oldproglen = proglen; + cond_resched(); } if (bpf_jit_enable > 1)