This is an archive of the discontinued LLVM Phabricator instance.

Differential D124457

[AArch64][SVE] Only fold frame indexes referencing SVE objects into SVE loads/stores
ClosedPublic

Authored by bsmith on Apr 26 2022, 8:08 AM.

Details

Reviewers
paulwalker-arm
peterwaller-arm
sdesmalen
efriedma
Commits
rG96bbd359edbf: [AArch64][SVE] Only fold frame indexes referencing SVE objects into SVE…
Summary

Currently we always fold frame indexes into SVE load/store instructions,
however these instructions can only encode VL scaled offests. This means
that when we are accessing a fixed length stack object with these
instructions, the folded in frame index gets pulled back out during frame
lowering. This can cause issues when we have no spare registers and no
emergency spill slot.

Rather than causing issues like this, don't fold in frame indexes that
reference fixed length objects.

Fixes: #55041

Diff Detail

Unit TestsFailed

TimeTest
60,020 msx64 debian > libFuzzer.libFuzzer::fuzzer-leak.test
60,050 msx64 debian > libFuzzer.libFuzzer::large.test

Event Timeline

bsmith created this revision.Apr 26 2022, 8:08 AM
Herald added a reviewer: efriedma. · View Herald TranscriptApr 26 2022, 8:08 AM
Herald added a project: Restricted Project. · View Herald Transcript
Herald added subscribers: ctetreau, psnobl, arphaman and 3 others. · View Herald Transcript
bsmith requested review of this revision.Apr 26 2022, 8:08 AM
Herald added a project: Restricted Project. · View Herald TranscriptApr 26 2022, 8:08 AM
Herald added a subscriber: llvm-commits. · View Herald Transcript
rscottmanley added a subscriber: rscottmanley.Apr 26 2022, 8:25 AM
Harbormaster completed remote builds in B161401: Diff 425223.Apr 26 2022, 8:55 AM
efriedma added a comment.Apr 26 2022, 9:30 AM

Is FrameIndex 0 actually reliably located in a position that doesn't have an offset? That seems unlikely to me, especially if variable-size allocation becomes involved.

Alternatively, we could fix the code that decides whether we need an emergency spill slot. But I guess there's not really much point to attempting to fold the frame indexes in the first place.

bsmith added a comment.Apr 27 2022, 3:13 AM
In D124457#3474976, @efriedma wrote:

Is FrameIndex 0 actually reliably located in a position that doesn't have an offset? That seems unlikely to me, especially if variable-size allocation becomes involved.

Hm, you might be right. It seems a shame to regress cases where the index would be zero, but I'm not sure there is way to tell at this point if the offset will resolve to zero?

Alternatively, we could fix the code that decides whether we need an emergency spill slot. But I guess there's not really much point to attempting to fold the frame indexes in the first place.

I considered that, the issue though is finding the correct condition to do this in without being far too conservative, I think you'd have to do it by traversing the function finding all SVE load/stores and checking what they access, which doesn't seem very nice for an issue we are creating for ourselves.

bsmith added a comment.Apr 27 2022, 6:38 AM
In D124457#3476866, @bsmith wrote:
In D124457#3474976, @efriedma wrote:

Is FrameIndex 0 actually reliably located in a position that doesn't have an offset? That seems unlikely to me, especially if variable-size allocation becomes involved.

Hm, you might be right. It seems a shame to regress cases where the index would be zero, but I'm not sure there is way to tell at this point if the offset will resolve to zero?

Alternatively, we could fix the code that decides whether we need an emergency spill slot. But I guess there's not really much point to attempting to fold the frame indexes in the first place.

I considered that, the issue though is finding the correct condition to do this in without being far too conservative, I think you'd have to do it by traversing the function finding all SVE load/stores and checking what they access, which doesn't seem very nice for an issue we are creating for ourselves.

Thinking about this some more, in the interest of not regressing and given this isn't a correctness issue, perhaps we can leave it like this and 'assume' frame index zero has a zero offset, if it is not it will just get pulled back out like it does now (hence no correctness issue), it just may still be possible (although probably incredibly hard) to produce a crash due to lack of emergency spill slot. If it does turn out to be an issue still we can always come back and remove this assumption if necessary.

bsmith updated this revision to Diff 425510.Apr 27 2022, 6:55 AM
  • Update test to use update_llc_test_checks.py script
paulwalker-arm added a comment.Apr 27 2022, 6:55 AM

I'm inclined to agree given this patch is more mitigation rather than an actual fix. Is it not possible to include a minimised version of the original crashing test case? just as a no crash test. I ask because otherwise somebody could easily remove this mitigation without realising the mistake.

llvm/lib/Target/AArch64/AArch64ISelDAGToDAG.cpp
5105

I know we have the if (N.getOpcode() != ISD::ADD) test below but I think it's better to have an explicit return false for invalid values for FI.

bsmith updated this revision to Diff 425519.Apr 27 2022, 7:52 AM
  • Add testcase protecting original issue
  • Add explict false return for invalid frame index
Harbormaster completed remote builds in B161606: Diff 425519.Apr 27 2022, 8:58 AM
Matt added a subscriber: Matt.Apr 27 2022, 11:07 AM
paulwalker-arm accepted this revision.Apr 27 2022, 4:03 PM
This revision is now accepted and ready to land.Apr 27 2022, 4:03 PM
cameron.mcinally added a subscriber: cameron.mcinally.May 2 2022, 7:00 AM
This revision was landed with ongoing or failed builds.May 3 2022, 3:03 AM
Closed by commit rG96bbd359edbf: [AArch64][SVE] Only fold frame indexes referencing SVE objects into SVE… (authored by bsmith). · Explain Why
This revision was automatically updated to reflect the committed changes.
bsmith added a commit: rG96bbd359edbf: [AArch64][SVE] Only fold frame indexes referencing SVE objects into SVE….
sdesmalen mentioned this in D146056: [AArch64][SVE] Fix the indexed addressing mode when FI = 0..Mar 14 2023, 8:28 AM
sdesmalen mentioned this in rG93b89bee471f: [AArch64][SVE] Fix the indexed addressing mode when FI = 0..Mar 15 2023, 6:40 AM

Revision Contents

PathSize
llvm/
lib/
Target/
AArch64/
16 lines
test/
CodeGen/
AArch64/
25 lines

Diff 425223

llvm/lib/Target/AArch64/AArch64ISelDAGToDAG.cpp

Show First 20 LinesShow All 5,086 Lines▼ Show 20 Lines
/// Base + OffImm * sizeof(MemVT) for Min >= OffImm <= Max /// Base + OffImm * sizeof(MemVT) for Min >= OffImm <= Max
/// where Root is the memory access using N for its address. /// where Root is the memory access using N for its address.
template <int64_t Min, int64_t Max> template <int64_t Min, int64_t Max>
bool AArch64DAGToDAGISel::SelectAddrModeIndexedSVE(SDNode *Root, SDValue N, bool AArch64DAGToDAGISel::SelectAddrModeIndexedSVE(SDNode *Root, SDValue N,
SDValue &Base, SDValue &Base,
SDValue &OffImm) { SDValue &OffImm) {
const EVT MemVT = getMemVTFromNode(*(CurDAG->getContext()), Root); const EVT MemVT = getMemVTFromNode(*(CurDAG->getContext()), Root);
const DataLayout &DL = CurDAG->getDataLayout(); const DataLayout &DL = CurDAG->getDataLayout();
const MachineFrameInfo &MFI = MF->getFrameInfo();
if (N.getOpcode() == ISD::FrameIndex) { if (N.getOpcode() == ISD::FrameIndex) {
int FI = cast<FrameIndexSDNode>(N)->getIndex(); int FI = cast<FrameIndexSDNode>(N)->getIndex();
// We can only encode VL scaled offsets, so only fold in frame indexes
// referencing SVE objects.
if (FI == 0 || MFI.getStackID(FI) == TargetStackID::ScalableVector) {
Base = CurDAG->getTargetFrameIndex(FI, TLI->getPointerTy(DL)); Base = CurDAG->getTargetFrameIndex(FI, TLI->getPointerTy(DL));
OffImm = CurDAG->getTargetConstant(0, SDLoc(N), MVT::i64); OffImm = CurDAG->getTargetConstant(0, SDLoc(N), MVT::i64);
return true; return true;
} }
paulwalker-armUnsubmitted
Not Done
ReplyInline Actions

I know we have the if (N.getOpcode() != ISD::ADD) test below but I think it's better to have an explicit return false for invalid values for FI.

paulwalker-arm: I know we have the `if (N.getOpcode() != ISD::ADD)` test below but I think it's better to have…
}
if (MemVT == EVT()) if (MemVT == EVT())
return false; return false;
if (N.getOpcode() != ISD::ADD) if (N.getOpcode() != ISD::ADD)
return false; return false;
SDValue VScale = N.getOperand(1); SDValue VScale = N.getOperand(1);
Show All 9 Linesbool AArch64DAGToDAGISel::SelectAddrModeIndexedSVE(SDNode *Root, SDValue N,
int64_t Offset = MulImm / MemWidthBytes; int64_t Offset = MulImm / MemWidthBytes;
if (Offset < Min || Offset > Max) if (Offset < Min || Offset > Max)
return false; return false;
Base = N.getOperand(0); Base = N.getOperand(0);
if (Base.getOpcode() == ISD::FrameIndex) { if (Base.getOpcode() == ISD::FrameIndex) {
int FI = cast<FrameIndexSDNode>(Base)->getIndex(); int FI = cast<FrameIndexSDNode>(Base)->getIndex();
// We can only encode VL scaled offsets, so only fold in frame indexes
// referencing SVE objects.
if (FI == 0 || MFI.getStackID(FI) == TargetStackID::ScalableVector)
Base = CurDAG->getTargetFrameIndex(FI, TLI->getPointerTy(DL)); Base = CurDAG->getTargetFrameIndex(FI, TLI->getPointerTy(DL));
} }
OffImm = CurDAG->getTargetConstant(Offset, SDLoc(N), MVT::i64); OffImm = CurDAG->getTargetConstant(Offset, SDLoc(N), MVT::i64);
return true; return true;
} }
/// Select register plus register addressing mode for SVE, with scaled /// Select register plus register addressing mode for SVE, with scaled
/// offset. /// offset.
▲ Show 20 LinesShow All 57 LinesShow Last 20 Lines

llvm/test/CodeGen/AArch64/sve-fixed-length-frame-offests.ll

  • This file was added.
; RUN: llc -debug < %s 2>&1 | FileCheck %s
; REQUIRES: asserts
target triple = "aarch64-unknown-linux-gnu"
; CHECK-LABEL: Instruction selection ends:
; CHECK: t{{[0-9]+}}: ch = ST1D_IMM<Mem:(volatile store (s512) into %ir.r0)> t{{[0-9]+}}, t{{[0-9]+}}, TargetFrameIndex:i64<0>, TargetConstant:i64<0>
; CHECK: [[ADD:t[0-9]+]]: i64 = ADDXri TargetFrameIndex:i64<1>, TargetConstant:i32<0>, TargetConstant:i32<0>
; CHECK: t{{[0-9]+}}: ch = ST1D_IMM<Mem:(volatile store (s512) into %ir.r1)> t{{[0-9]+}}, t{{[0-9]+}}, [[ADD]], TargetConstant:i64<0>
; Ensure that only no offset frame indexes are folded into SVE load/stores when
; accessing fixed width objects.
define void @foo(<8 x i64>* %a) #0 {
entry:
%r0 = alloca <8 x i64>
%r1 = alloca <8 x i64>
%r = load volatile <8 x i64>, <8 x i64>* %a
store volatile <8 x i64> %r, <8 x i64>* %r0
store volatile <8 x i64> %r, <8 x i64>* %r1
ret void
}
attributes #0 = { nounwind "target-features"="+sve" vscale_range(4,4) }