Tail call VM [2] #18720
Tail call VM [2] #18720
Conversation
| ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL zend_jit_func_trace_helper(ZEND_OPCODE_HANDLER_ARGS) | ||
| ZEND_OPCODE_HANDLER_RET ZEND_OPCODE_HANDLER_CCONV zend_jit_func_trace_helper(ZEND_OPCODE_HANDLER_ARGS) | ||
| { | ||
| ZEND_OPCODE_TAIL_CALL_EX(zend_jit_trace_counter_helper, | ||
| ((ZEND_JIT_COUNTER_INIT + JIT_G(hot_func) - 1) / JIT_G(hot_func))); | ||
| zend_jit_op_array_trace_extension *jit_extension = | ||
| (zend_jit_op_array_trace_extension*)ZEND_FUNC_INFO(&EX(func)->op_array); | ||
| size_t offset = jit_extension->offset; | ||
| uint32_t cost = ((ZEND_JIT_COUNTER_INIT + JIT_G(hot_func) - 1) / JIT_G(hot_func)); | ||
|
|
||
| *(ZEND_OP_TRACE_INFO(opline, offset)->counter) -= cost; | ||
|
|
||
| ZEND_OPCODE_TAIL_CALL(zend_jit_trace_counter_helper); |
There was a problem hiding this comment.
Tail-calling was not possible due to the extra arg in zend_jit_trace_counter_helper, so I removed it.
Alternative would be to define these handlers in IR, as we do for the hybrid JIT.
There was a problem hiding this comment.
I didn't understand why extra_arg became a problem
There was a problem hiding this comment.
Clang ˋmusttailˋ disallows calling functions with a different signature. Presumably this is to garantee portability. This is discussed here: https://blog.reverberate.org/2025/02/10/tail-call-updates.html
ext/opcache/jit/zend_jit_ir.c
Outdated
| * https://github.com/llvm/llvm-project/blob/a414877a7a5f000d01370acb1162eb1dea87f48c/llvm/lib/Target/X86/X86RegisterInfo.cpp#L319 | ||
| * https://github.com/llvm/llvm-project/blob/68bfe91b5a34f80dbcc4f0a7fa5d7aa1cdf959c2/llvm/lib/Target/X86/X86CallingConv.td#L1183 | ||
| */ | ||
| jit->ctx.fixed_regset |= (1<<5); |
There was a problem hiding this comment.
fixed_regs are the registers reserved for the register variables.
I remember there were some problems with RBP usage, but I don't remember the exact problem.
There was a problem hiding this comment.
In this case I add the register only to prevent the RA from using it. This is less expensive than adding it to the set of preserved registers. The same thing is done for the HYBRID VM a few lines below.
| ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL zend_jit_func_trace_helper(ZEND_OPCODE_HANDLER_ARGS) | ||
| ZEND_OPCODE_HANDLER_RET ZEND_OPCODE_HANDLER_CCONV zend_jit_func_trace_helper(ZEND_OPCODE_HANDLER_ARGS) | ||
| { | ||
| ZEND_OPCODE_TAIL_CALL_EX(zend_jit_trace_counter_helper, | ||
| ((ZEND_JIT_COUNTER_INIT + JIT_G(hot_func) - 1) / JIT_G(hot_func))); | ||
| zend_jit_op_array_trace_extension *jit_extension = | ||
| (zend_jit_op_array_trace_extension*)ZEND_FUNC_INFO(&EX(func)->op_array); | ||
| size_t offset = jit_extension->offset; | ||
| uint32_t cost = ((ZEND_JIT_COUNTER_INIT + JIT_G(hot_func) - 1) / JIT_G(hot_func)); | ||
|
|
||
| *(ZEND_OP_TRACE_INFO(opline, offset)->counter) -= cost; | ||
|
|
||
| ZEND_OPCODE_TAIL_CALL(zend_jit_trace_counter_helper); |
There was a problem hiding this comment.
I didn't understand why extra_arg became a problem
c8cb9d5 to
e334ae4
Compare
|
@dstogov I've addressed all issues, and all necessary IR changes have been merged, so this branch is now ready to be reviewed again, and hopefully merged :) Since your last review I've made the following notable change: As adding |
| uintptr_t __attribute__((preserve_none)) test(void) { | ||
| uintptr_t ret; | ||
| #if defined(__x86_64__) | ||
| __asm__ __volatile__( | ||
| /* XORing to make it unlikely the value exists in any other register */ | ||
| "movq %1, %%r12\n" | ||
| "xorq %3, %%r12\n" | ||
| "movq %2, %%r13\n" | ||
| "xorq %3, %%r13\n" | ||
| "xorq %%rax, %%rax\n" | ||
| "call fun\n" | ||
| : "=a" (ret) | ||
| : "r" (const1), "r" (const2), "r" (key) | ||
| : "r12", "r13" | ||
| ); |
There was a problem hiding this comment.
Why do we need these asm tests?
preserve_none is an unstable CLANG extension, but can't we just test CLANG version?
There was a problem hiding this comment.
These tests ensure that the tailcall VM will be enabled in all future versions of Clang as long as these expectations remain valid.
There was a problem hiding this comment.
This test will just hide the problem in case of possible incompatibility with future versions.
I wouldn't care about compatibility with future versions. They always may break something.
There was a problem hiding this comment.
By hard coding clang versions, we would have to regularly update the versions in the future, including in release branches.
The only thing we rely on is that arg1/arg2 are passed via r12/r13, that the return register is rax, and that callers don't expect any register to be saved. The last point is unlikely to change as that's the purpose of this function. This test would detect if arg1/arg2 or ret changes in a future version. It seemms to me that any other change to this calling convention would be unlikely to break the JIT?
Zend/zend_vm_gen.php
Outdated
| // Helper with parameter. Must use trampoline dispatch due to | ||
| // incompatible signature for tailcall. | ||
| out($f, "#undef ZEND_VM_DISPATCH\n"); | ||
| out($f, "#define ZEND_VM_DISPATCH(handler) ZEND_VM_DISPATCH_NOTAIL(handler)\n"); |
There was a problem hiding this comment.
Repeatable redefinition of the same macro looks very weird.
Can't we redefine it once - between generating code for TAIL_CALL and regular CALL handlers?
There was a problem hiding this comment.
We need this before VM helpers that take extra arguments, because __attribute__((musttail)) doesn't allow them to tailcall to helpers or handlers with a different number of args.
Currently, VM helpers with extra arguments are interleaved with normal VM helpers and opcode handlers.
Avoiding the repeated redefinition would require to group VM helpers with extra args together, however this may change code locality.
WDYT?
There was a problem hiding this comment.
I think that all TAIL_CALL handlers and helpers should be generated after/before all CALL handlers and helpers.
There was a problem hiding this comment.
I've made changes so that we generate handlers in this order:
- CALL handlers
- TAILCALL handlers and helpers without extra args
- TAILCALL helpers with extra args
The undef/define is used only once before the last group.
I feared this would affect the location of these function in memory, but it doesn't, and doesn't affect benchmarks.
| # define ZREG_FP 12 /* IR_REG_R12 */ | ||
| # define ZREG_IP 13 /* IR_REG_R13 */ |
There was a problem hiding this comment.
These registers are not marked as "fixed" any more, so IR may reuse them for something else.
At least it should be used for passing arguments to helper functions.
On the other hand, they are still used in RLOAD/RSTORE instructions.
I'm surprised how this can work. What do I miss?
There was a problem hiding this comment.
They are still marked as fixed :)
| opline->opcode == ZEND_GENERATOR_CREATE) { | ||
| opline->opcode == ZEND_GENERATOR_CREATE || | ||
| opline->opcode == ZEND_INCLUDE_OR_EVAL) { |
There was a problem hiding this comment.
Not really. This was not needed before because the trace returns IP|ZEND_VM_ENTER_BIT immediately after ZEND_INCLUDE_OR_EVAL (ZEND_INCLUDE_OR_EVAL ends tracing with ZEND_JIT_TRACE_STOP_INTERPRETER). But in TAILCALL VM we call IP->handler instead, so we need to decode IP first.
Was a left over of relying on IR for preserve_none support
This reverts commit f0d41731921711cddea8dcc1d56ed16af5c2098b.
…n is not necessary anymore
Related:
This part takes tail-calling and
preserve_nonefrom #17849:preserve_nonereduces register saving overhead in opcode handlersThis also implements JIT support.
Non-dispatching opcode handlers
JIT needs non-dispatching opcode handlers (opcode handlers that return instead of calling the next one). I've tried two approaches for this:
call_handlerzend_op->handleris a function that calls the real handler and dispatches.I've tried both approach (the first one in this branch, and the second one in master...arnaud-lb:php-src:hybrid-tailcall.
The second approach resulted in a slightly slower VM due to indirect dispatching, and JIT generated more spilling when calling handlers as they clobber all registers.
Therefore I've taken the first approach in this PR.
A 3rd approach would be to control dispatching via an additional handler parameter, or to pass a dispatch function to handlers, but I suspect this would have been slower.
Fixed regs and preserved regs
Thanks to the
preserve_noneconvention, JIT'ed code only has to preserverbp, which reduces the size of prologue/epilogue. Instead of preserving it, I add it to the set of fixed registers, so it's not used. This results in faster code.Also, quite conveniently,
preserve_nonereceives its first arguments via registers that are callee-saved in sysv. Therefore we can use the arg1 and arg2 regs as our fixed registers. This avoids moving arg1 and arg2 to SP/IP in prologue, or setting arg1/arg2 when tail-calling other handlers.Benchmarks:
base: Clang build of master, wall time
gcc: GCC build of master, wall time
valgrind: Clang build of master, valgrind instructions
Conclusion: Clang builds are now as fast GCC builds on the Symfony Demo benchmark in both JIT and non-JIT modes.
Issues
preserve_nonecalling convention is documented as unstable. JIT would break if it changed. I suggest checking this at build time, and disabling this optimization (tailcalling + preserve_none) ifpreserve_nonechanged. Edit: added a configure check.preserve_noneand ASAN, therefore we disable this if ASAN is enabled. Edit: This seems to be fixed in recent Clang versions.UPGRADING
TODO