details: http://freenginx.org/hg/nginx/rev/92e14ce71b72
branches:
changeset: 9309:92e14ce71b72
user: Maxim Dounin <mdou...@mdounin.ru>
date: Wed Aug 07 03:56:23 2024 +0300
description:
Configure: adjusted optimization level for Sun C.
With "-fast" (and with "-xbuiltin=%all -xO4"), Sun C miscompiles
ngx_http_script_add_copy_code(), which is inlined into
ngx_http_script_compile(). From the assembly code it looks like
the code uses uninitialized register when calculating new p value
after memcpy:
movq %r15,%rdi
call _memcpy
leaq (%r15,rbx),%rax
movq (%r12),%rbx
movb $0x0000000000000000,(%rax)
Note that %rax is set to (%r15 + %rbx), but %rbx is only set after
it is used. As such, "*p = '\0'" tries to modify an unrelated memory
address, leading to a segmentation fault.
The issue was seen in tests which use null-terminated complex values:
proxy_ssl_certificate_vars.t, uwsgi_ssl_certificate_vars.t,
stream_proxy_ssl_certificate_vars.t. Tested with Sun C compilers
from Sun Studio 12.3, 12.4, 12.5, and 12.6.
Restructuring code, such as splitting ngx_cpymem() with a separate
"p += value->len" increment, fixes things, but it is not clear if its
the only place where such miscompilation can happen.
Fix is to use "-fast -xO3". Since IPO requires "-xO5", it is commented
out.
diffstat:
auto/cc/sunc | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
diffs (23 lines):
diff --git a/auto/cc/sunc b/auto/cc/sunc
--- a/auto/cc/sunc
+++ b/auto/cc/sunc
@@ -73,14 +73,16 @@ MODULE_LINK="-G"
# 20736 == 0x5100, Sun Studio 12.1
if [ "$ngx_sunc_ver" -ge 20736 ]; then
- ngx_fast="-fast"
+ ngx_fast="-fast -xO3"
else
# older versions had problems with bit-fields
- ngx_fast="-fast -xalias_level=any"
+ ngx_fast="-fast -xO3 -xalias_level=any"
fi
-IPO=-xipo
+IPO=
+#IPO=-xipo
+
CFLAGS="$CFLAGS $ngx_fast $IPO"
CORE_LINK="$CORE_LINK $ngx_fast $IPO"
