Skip to content

[X86] Avoid crashing in PIC mode on narrowing to i8 followed by extension to i32 #145965

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[X86] Avoid crashing in PIC mode on narrowing to i8 followed by extension to i32 #145965

wants to merge 1 commit into from
+29 −1

Conversation

Ralender
Copy link
Collaborator

No description provided.

@Ralender Ralender requested a review from topperc June 26, 2025 20:43
@Ralender Ralender self-assigned this Jun 26, 2025
@Ralender Ralender added bug Indicates an unexpected problem or unintended behavior llvm:crash labels Jun 26, 2025
@llvmbot llvmbot added backend:X86 llvm:SelectionDAG SelectionDAGISel as well labels Jun 26, 2025
@llvmbot
Copy link
Member

llvmbot commented Jun 26, 2025
edited
Loading

@llvm/pr-subscribers-llvm-selectiondag

@llvm/pr-subscribers-backend-x86

Author: None (Ralender)

Changes

Full diff: https://github.com/llvm/llvm-project/pull/145965.diff

2 Files Affected:

  • (modified) llvm/lib/CodeGen/SelectionDAG/InstrEmitter.cpp (+2-1)
  • (added) llvm/test/CodeGen/X86/x86-access-to-global.ll (+27)
diff --git a/llvm/lib/CodeGen/SelectionDAG/InstrEmitter.cpp b/llvm/lib/CodeGen/SelectionDAG/InstrEmitter.cpp
index 4b7a9127b3fc3..dfa6c06fe29f2 100644
--- a/llvm/lib/CodeGen/SelectionDAG/InstrEmitter.cpp
+++ b/llvm/lib/CodeGen/SelectionDAG/InstrEmitter.cpp
@@ -631,7 +631,8 @@ void InstrEmitter::EmitSubregNode(SDNode *Node, VRBaseMapType &VRBaseMap,
 void
 InstrEmitter::EmitCopyToRegClassNode(SDNode *Node,
                                      VRBaseMapType &VRBaseMap) {
-  Register VReg = getVR(Node->getOperand(0), VRBaseMap);
+  RegisterSDNode *R = dyn_cast<RegisterSDNode>(Node->getOperand(0));
+  unsigned VReg = R ? R->getReg() : getVR(Node->getOperand(0), VRBaseMap);
 
   // Create the new VReg in the destination class and emit a copy.
   unsigned DstRCIdx = Node->getConstantOperandVal(1);
diff --git a/llvm/test/CodeGen/X86/x86-access-to-global.ll b/llvm/test/CodeGen/X86/x86-access-to-global.ll
new file mode 100644
index 0000000000000..9e09a035ac519
--- /dev/null
+++ b/llvm/test/CodeGen/X86/x86-access-to-global.ll
@@ -0,0 +1,27 @@
+; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py UTC_ARGS: --version 5
+; RUN: llc -relocation-model=pic < %s | FileCheck %s
+
+target datalayout = "e-m:e-p:32:32-p270:32:32-p271:32:32-p272:64:64-f64:32:64-f80:32-n8:16:32-S128"
+target triple = "i386-unknown-linux-gnu"
+
+@.str = external dso_local global i32
+
+define i1 @test() {
+; CHECK-LABEL: test:
+; CHECK:       # %bb.0:
+; CHECK-NEXT:    calll .L0$pb
+; CHECK-NEXT:    .cfi_adjust_cfa_offset 4
+; CHECK-NEXT:  .L0$pb:
+; CHECK-NEXT:    popl %eax
+; CHECK-NEXT:    .cfi_adjust_cfa_offset -4
+; CHECK-NEXT:  .Ltmp0:
+; CHECK-NEXT:    addl $_GLOBAL_OFFSET_TABLE_+(.Ltmp0-.L0$pb), %eax
+; CHECK-NEXT:    movl $.str@GOTOFF, %ecx
+; CHECK-NEXT:    addb %al, %cl
+; CHECK-NEXT:    sete %al
+; CHECK-NEXT:    retl
+  %i = ptrtoint ptr @.str to i8
+  %p = zext i8 %i to i32
+  %c = icmp eq i32 %p, 0
+  ret i1 %c
+}

arsenm
arsenm reviewed Jun 27, 2025
View reviewed changes
llvm/lib/CodeGen/SelectionDAG/InstrEmitter.cpp
@@ -631,7 +631,8 @@ void InstrEmitter::EmitSubregNode(SDNode *Node, VRBaseMapType &VRBaseMap,
void
InstrEmitter::EmitCopyToRegClassNode(SDNode *Node,
VRBaseMapType &VRBaseMap) {
Register VReg = getVR(Node->getOperand(0), VRBaseMap);
RegisterSDNode *R = dyn_cast<RegisterSDNode>(Node->getOperand(0));
unsigned VReg = R ? R->getReg() : getVR(Node->getOperand(0), VRBaseMap);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
unsigned VReg = R ? R->getReg() : getVR(Node->getOperand(0), VRBaseMap);
Register VReg = R ? R->getReg() : getVR(Node->getOperand(0), VRBaseMap);

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks like a workaround that just happens to work in this situation. If I run your test I see the "Node emitted out of order - late"" assert, which usually indicates there's a cycle in the DAG

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like we have a COPY_TO_REGCLASS of X86ISD::GlobalBaseReg. X86ISD::GlobalBaseReg is selected as virtual register %0. But I guess it wasn't added to the VRBaseMap.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like we have a COPY_TO_REGCLASS of X86ISD::GlobalBaseReg. X86ISD::GlobalBaseReg is selected as virtual register %0, but it's not in the VRBaseMap.

I don't think there's a cycle involved in this case.

Copy link
Collaborator Author

@Ralender Ralender Jun 27, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From what I remember, there is no cycle and the issue is what topperc described.
arsenm, do you still think its the wrong fix ?
I am not familiar with this part of the code.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still seems wrong. The value should already be in the map

Copy link
Collaborator Author

@Ralender Ralender Jun 28, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I looked around, it doesn't appear that X86ISD::GlobalBaseReg usually in the in the VRBaseMap.
it is usually handled by:

llvm-project/llvm/lib/CodeGen/SelectionDAG/InstrEmitter.cpp

Line 408 in 372c808

} else if (RegisterSDNode *R = dyn_cast<RegisterSDNode>(Op)) {

or

llvm-project/llvm/lib/CodeGen/SelectionDAG/InstrEmitter.cpp

Line 1264 in 372c808

if (RegisterSDNode *R = dyn_cast<RegisterSDNode>(SrcVal))

So maybe it should be in the VRBaseMap but that is not the current behavior.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems like a weird case where X86 invented a hack for a presumably constant register that avoids the chain use. Is there a reason this can't just use CopyFromReg for these in the first place? Alternatively we could have a TargetConstantRegister node type

@jayfoad
Copy link
Contributor

jayfoad commented Jun 27, 2025

Avoid crashing in PIC mode on narrowing to i8 followed by extention

Typo, should be "extension" :)

@Ralender Ralender changed the title [X86] Avoid crashing in PIC mode on narrowing to i8 followed by extention to i32 [X86] Avoid crashing in PIC mode on narrowing to i8 followed by extension to i32 Jun 27, 2025
@Ralender
Copy link
Collaborator Author

Avoid crashing in PIC mode on narrowing to i8 followed by extention

Typo, should be "extension" :)

Fixed

@Ralender Ralender force-pushed the FixCrashWith1BytePIC branch from 92031f9 to effcd90 Compare June 27, 2025 14:32
@Ralender Ralender requested a review from arsenm June 27, 2025 14:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@topperc topperc Awaiting requested review from topperc

@arsenm arsenm Awaiting requested review from arsenm

Assignees

@Ralender Ralender

Labels
backend:X86 bug Indicates an unexpected problem or unintended behavior llvm:crash llvm:SelectionDAG SelectionDAGISel as well
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Ralender @llvmbot @jayfoad @arsenm @topperc