[PATCH] D94355: [Passes] Add relative lookup table converter pass

Fri, 10 Dec 2021 13:15:57 -0800 

dim added subscribers: emaste, jrtc27, dim.
dim added a comment.

FWIW, this commit turned out to break the FreeBSD dns/bind916 port, see 
https://bugs.freebsd.org/259921.

The short story is that the bind9 code on and after this line: 
https://gitlab.isc.org/isc-projects/bind9/-/blob/main/lib/isc/log.c#L1525 gets 
changed from something like:

  .Ltmp661:
          #DEBUG_VALUE: isc_log_doit:category_channels <- $r12
          .loc    3 0 58                          # log.c:0:58
          xorl    %eax, %eax
          testl   %r15d, %r15d
          setg    %al
          movl    %r15d, %ecx
          negl    %ecx
          movq    %rcx, -840(%rbp)                # 8-byte Spill
          leaq    8328(%r13), %rcx
          #DEBUG_VALUE: isc_log_doit:matched <- 0
          movq    %rcx, -808(%rbp)                # 8-byte Spill
  .Ltmp662:
          .loc    3 1552 25 is_stmt 1             # log.c:1552:25

to using a relative lookup table:

  .Ltmp661:
          #DEBUG_VALUE: isc_log_doit:category_channels <- $r12
          .loc    3 0 58                          # log.c:0:58
          xorl    %eax, %eax
          testl   %r15d, %r15d
          setg    %al
          movl    %r15d, %edx
          negl    %edx
          leaq    reltable.isc_log_doit(%rip), %rcx
          movq    %rdx, -848(%rbp)                # 8-byte Spill
          movslq  (%rcx,%rdx,4), %rdx
          addq    %rcx, %rdx
          movq    %rdx, -840(%rbp)                # 8-byte Spill
          leaq    8328(%r13), %rcx
          #DEBUG_VALUE: isc_log_doit:matched <- 0
          movq    %rcx, -808(%rbp)                # 8-byte Spill
  .Ltmp662:
          .loc    3 1552 25 is_stmt 1             # log.c:1552:25

However, the value of `%rcx` at the `movslq (%rcx,%rdx,4), %rdx` statement 
becomes -2, so it attempts to access data before `reltable.isc_log_doit`. As 
that is in `.rodata`, this leads to a segfault.

The current working theory is that some code is hoisted out of the do-while 
loop starting at 
https://gitlab.isc.org/isc-projects/bind9/-/blob/main/lib/isc/log.c#L1531, in 
particular the `[-level]` accesses on lines 1613 and 1843:

                                  snprintf(level_string, sizeof(level_string),
                                           "%s: ", log_level_strings[-level]);
  ...
                          } else {
                                  syslog_level = syslog_map[-level];
                          }

but maybe these negative offsets confuse the lookup table converter?


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D94355/new/

https://reviews.llvm.org/D94355

_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
  • [PATCH] D94355: [Pa... Dimitry Andric via Phabricator via cfe-commits

Reply via email to