[release/10.0] JIT: fix crash in LSRA seen on VMR build on AVX-512 machines #119270
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
During the second stage bootstrap build VMR on an AVX-512 capable machine, we end up in `try_SPILL_COST` looking at a K-reg spill candidate without an assigned interval, and crash. This happens because the preceding heuristic `try_REG_ORDER` fails to find a register when it should, because mask register numbers are greater than 63 and we shift 1ULL by this amount to build a mask, which is undefined behavior. The fix is to always look up the mask via table fetch, which is set up to handle mask register numbers properly. Fixes the crash seen in #119070.
Member
|
@dotnet/jit-contrib PTAL |
jeffschwMSFT
approved these changes
Sep 2, 2025
Member
jeffschwMSFT
left a comment
jeffschwMSFT
left a comment
There was a problem hiding this comment.
approved. please get a code review. we can merge when ready
jeffschwMSFT
added
Servicing-approved
Contributor
|
Tagging subscribers to this area: @JulieLeeMSFT, @jakobbotsch |
jakobbotsch
approved these changes
Sep 2, 2025
tannergooding
approved these changes
Sep 2, 2025
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backport of #119206 to release/10.0
/cc @AndyAyersMS
Customer Impact
Found by @omajid
Regression
The compiler was executing
1ULL << xforx > 63as part of a chain of allocation heuristics. This shift is undefined behavior, and when the JIT was built with GCC and running on AVX-512, the heuristic unexpectedly started failing. The next heuristic up was not prepared for this and caused and AV.The bug was introduced when we extended LSRA to support in #113988; this created more than 64 allocatable registers on xarch.
Testing
Verified locally that source builds passed; @omajid also verified the fix worked.
Risk
Low. No diffs. There was an alternate code available that can handle more than 64 registers which we already using for ARM64; now we use it for all ISAs.