[all-commits] [llvm/llvm-project] 28b1dc: [BOLT] Allow function fragments to point to one ju...

Huan Nguyen via All-commits all-commits at lists.llvm.org
Fri Jun 17 16:22:43 PDT 2022 

  Branch: refs/heads/main
  Home:   https://github.com/llvm/llvm-project
  Commit: 28b1dcb12280c3527c350352fb156347defc7092
      https://github.com/llvm/llvm-project/commit/28b1dcb12280c3527c350352fb156347defc7092
  Author: Huan Nguyen <nhuhuan at yahoo.com>
  Date:   2022-06-17 (Fri, 17 Jun 2022)

  Changed paths:
    M bolt/include/bolt/Core/BinaryContext.h
    M bolt/lib/Core/BinaryContext.cpp
    M bolt/lib/Core/BinaryFunction.cpp
    M bolt/lib/Rewrite/RewriteInstance.cpp
    A bolt/test/X86/split-func-jump-table-fragment-bidirection.s

  Log Message:
  -----------
  [BOLT] Allow function fragments to point to one jump table

Resolve a crash related to split functions

Due to split function optimization, a function can be divided to two

fragments, and both fragments can access same jump table. This
violates 
the assumption that a jump table can only have one parent
function, 
which causes a crash during instrumentation.

We want to support the case: different functions cannot access same
jump tables, but different fragments of same function can!

As all fragments are from same function, we point JT::Parent to one
specific fragment. Right now it is the first disassembled fragment, but
we can point it to the function's main fragment later.

Functions are disassembled sequentially. Previously, at the end of
processing a function, JT::OffsetEntries is cleared, so other fragment
can no longer reuse JT::OffsetEntries. To extend the support for split
function, we only clear JT::OffsetEntries after all functions are
disassembled.

Let say A.hot and A.cold access JT of three targets {X, Y, Z}, where
X and Y are in A.hot, and Z is in A.cold. Suppose that A.hot is
disassembled first, JT::OffsetEntries = {X',Y',INVALID_OFFSET}. When
A.cold is disassembled, it cannot reuse JT::OffsetEntries above due to
different fragment start. A simple solution:
A.hot  = {X',Y',INVALID_OFFSET}
A.cold = {INVALID_OFFSET, INVALID_OFFSET, INVALID_OFFSET}

We update the assertion to allow different fragments of same function
to get the same JumpTable object.

Potential improvements:
A.hot  = {X',Y',INVALID_OFFSET}
A.cold = {INVALID_OFFSET, INVALID_OFFSET, Z'}
The main issue is A.hot and A.cold have separate CFGs, thus jump table
targets are still constrained within fragment bounds.

Future improvements:
A.hot  = {X, Y, Z}
A.cold = {X, Y, Z}

Reviewed By: Amir

Differential Revision: https://reviews.llvm.org/D127924

More information about the All-commits mailing list