[LLVMdev] Fail to load a pointer to a function inside MCJIT-ed code when it is reload from ObjectCache

Cheng Zhu chengzhu at gmail.com
Thu Sep 11 14:45:43 PDT 2014 

Thank you Lang. I attached the ELF object file here for your reference.
Here is the IR dump of JittedOpExpr LLVM function. IrExprGetValue1 LLVM
function calls to external function expr->evalfunc(expr, econtext, isNull,
isDone); which should be pointed by 0x7fe4801fa1f8. However, only the first
time MCJIT generated object point to expr->evalfunc but second time when
program load from object cache does not. In the second time, before program
load object cache, brand new llvm::Module and llvm::ExecutionEngine are
created. IrExprGetValue is saved in file as IR format and will be loaded
into module every run. JittedOpExpr and other LLVM function are created and
associated with the new Module.

; Function Attrs: uwtable
define i64 @IrExprGetValue1(%struct.ExprState* %expr, %struct.ExprContext*
%econtext, i8* %isNull, i32* %isDone) #0 {
entry:
  %expr.addr = alloca %struct.ExprState*, align 8
  %econtext.addr = alloca %struct.ExprContext*, align 8
  %isNull.addr = alloca i8*, align 8
  %isDone.addr = alloca i32*, align 8
  store %struct.ExprState* %expr, %struct.ExprState** %expr.addr, align 8
  store %struct.ExprContext* %econtext, %struct.ExprContext**
%econtext.addr, align 8
  store i8* %isNull, i8** %isNull.addr, align 8
  store i32* %isDone, i32** %isDone.addr, align 8
  %0 = load %struct.ExprState** %expr.addr, align 8
  %evalfunc = getelementptr inbounds %struct.ExprState* %0, i32 0, i32 2
  %evalfunc1 = bitcast {}** %evalfunc to i64 (%struct.ExprState*,
%struct.ExprContext*, i8*, i32*)**
  %1 = load i64 (%struct.ExprState*, %struct.ExprContext*, i8*, i32*)**
%evalfunc1, align 8
  %2 = load %struct.ExprState** %expr.addr, align 8
  %3 = load %struct.ExprContext** %econtext.addr, align 8
  %4 = load i8** %isNull.addr, align 8
  %5 = load i32** %isDone.addr, align 8
  %call = call i64 %1(%struct.ExprState* %2, %struct.ExprContext* %3, i8*
%4, i32* %5)
  ret i64 %call
}

define i64 @JittedIntLit() {
entry:
  ret i64 5
}

define i64 @JittedOpExpr(%struct.ExprState* %expr, %struct.ExprContext*
%econtext, i8* %isNull, i32* %isDone) {
entry:
  %lhs = call i64 @IrExprGetValue1(%struct.ExprState* inttoptr (i64
140715076067816 to %struct.ExprState*), %struct.ExprContext* %econtext, i8*
%isNull, i32* %isDone)
  %rhs = call i64 @JittedIntLit()
  %tmp_add = add i64 %lhs, %rhs
  ret i64 %tmp_add
}

and /samba/data/gDB2/src/ptcompiler/compiler/llvm_ir/GaussDB.ir contains

extern "C"
Datum IrExprGetValue(ExprState* expr, ExprContext *econtext, bool *isNull,
ExprDoneCond *isDone) {
  return expr->evalfunc(expr, econtext, isNull, isDone);
}

Cheng

On Thu, Sep 11, 2014 at 1:26 PM, Lang Hames <lhames at gmail.com> wrote:

> Hi Cheng,
>
> It sounds like the either (1) 0x7fe4801fa1f8 is part of the environment,
> and it's not being configured the same way the 2nd time around, or (2) The
> JIT is handling on-disk objects differently from in-memory ones. The first
> option is more likely.
>
> It would be helpful if you could attach the object that was stored in your
> cache.
>
> Cheers,
> Lang.
>
> On Thu, Sep 11, 2014 at 10:58 AM, Cheng Zhu <chengzhu at gmail.com> wrote:
>
>> Hi, All
>>
>> I have a problem to reuse mcjit jitted code loaded from ObjectCache from
>> a file. In the first run, I use MCJIT generate function JittedOpExpr object
>> code as following and it runs OK. 0x7fe4801fa1f8 at instruction
>> 0x00007fe4cc6c2014 points to 0x69382E which is the beginning of ExecEvalVar
>> function. Then I save the object code into a file after implementing
>> notifyObjectCompiled method.
>>
>>
>>                     IrExprGetValue:
>> 0x00007fe4cc6c2000:   push %rbp
>> 0x00007fe4cc6c2001:   mov %rsp,%rbp
>> 0x00007fe4cc6c2004:   mov 0x10(%rdi),%rax
>> 0x00007fe4cc6c2008:   pop %rbp
>> 0x00007fe4cc6c2009:   jmpq *%rax
>> 0x00007fe4cc6c200b:   nopl 0x0(%rax,%rax,1)
>>                     JittedOpExpr:
>> 0x00007fe4cc6c2010:   push %rbp
>> 0x00007fe4cc6c2011:   mov %rsp,%rbp
>> *0x00007fe4cc6c2014:   movabs $0x7fe4801fa1f8,%rax*
>> 0x00007fe4cc6c201e:   movabs $0x7fe4801fa1e8,%rdi
>> 0x00007fe4cc6c2028:   callq *(%rax)
>> 0x00007fe4cc6c202a:   add $0x5,%rax
>> 0x00007fe4cc6c202e:   pop %rbp
>> 0x00007fe4cc6c202f:   retq
>> 0x00007fe4cc6c2030:   adc $0x0,%al
>> 0x00007fe4cc6c2032:   add %al,(%rax)
>> 0x00007fe4cc6c2034:   add %al,(%rax)
>>
>> *0x7fe4801fa1f8 -> 0x69382E*
>> *                    ExecEvalVar*(ExprState*, ExprContext*, bool*,
>> ExprDoneCond*):
>> 0x000000000069382e:   push %rbp
>> 0x000000000069382f:   mov %rsp,%rbp
>> 0x0000000000693832:   push %r12
>>
>> In the next run, I buildedunction of JittedOpExpr again and loaded
>> compiled object from that saved binary file using getObject and went
>> through getPointertoFunction from MCJIT execution engine, I got the
>> following object code in memory. But this time 0x7fe4801fa1f8 points to
>> 0x0, so when callq *(%rax) it couldn't find the ExecEvalVar anymore. I
>> followed the blog "Object Caching with the Kaleidoscope Example Problem"
>> written by Andy Kaylor by implementing my own MCJITObjectCache class. Did I
>> miss anything here? Thank you very much.
>>
>>                     IrExprGetValue:
>> 0x00007fe4cc6c2000:   push %rbp
>> 0x00007fe4cc6c2001:   mov %rsp,%rbp
>> 0x00007fe4cc6c2004:   mov 0x10(%rdi),%rax
>> 0x00007fe4cc6c2008:   pop %rbp
>> 0x00007fe4cc6c2009:   jmpq *%rax
>> 0x00007fe4cc6c200b:   nopl 0x0(%rax,%rax,1)
>>                     JittedOpExpr:
>> 0x00007fe4cc6c2010:   push %rbp
>> 0x00007fe4cc6c2011:   mov %rsp,%rbp
>> *0x00007fe4cc6c2014:   movabs $0x7fe4801fa1f8,%rax*
>> 0x00007fe4cc6c201e:   movabs $0x7fe4801fa1e8,%rdi
>> 0x00007fe4cc6c2028:   callq *(%rax)
>> 0x00007fe4cc6c202a:   add $0x5,%rax
>> 0x00007fe4cc6c202e:   pop %rbp
>> 0x00007fe4cc6c202f:   retq
>>
>> *but 0x7fe4801fa1f8 -> 000000000*
>>
>> --
>> Best regards
>>
>> Cheng
>>
>> _______________________________________________
>> LLVM Developers mailing list
>> LLVMdev at cs.uiuc.edu         http://llvm.cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
>>
>>
>


-- 
Best regards

Cheng
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20140911/8ccf291e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jitted_int_add
Type: application/octet-stream
Size: 1272 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20140911/8ccf291e/attachment.obj>

More information about the llvm-dev mailing list