Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[RISCV] Fix a codegen crash in getSetCCResultType
This patch fixes some crashes coming from `RISCVISelLowering::getSetCCResultType`, which would occasionally return an EVT constructed from an invalid MVT, which has a null Type pointer. The attached test shows this happening currently for some fixed-length vectors, which hit this issue when the V extension was enabled, even though they're not legal types under the V extension. The fix was also pre-emptively extended to scalable vectors which can't be represented as an MVT, even though a test case couldn't be found for them. Reviewed By: craig.topper Differential Revision: https://reviews.llvm.org/D95434
- Loading branch information
1 parent
a8f51ea
commit 9a75a80
Showing
2 changed files
with
96 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,92 @@ | ||
| ; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py | ||
| ; RUN: llc -mtriple=riscv32 -mattr=+experimental-v -verify-machineinstrs < %s \ | ||
| ; RUN: | FileCheck %s --check-prefix=RV32 | ||
| ; RUN: llc -mtriple=riscv64 -mattr=+experimental-v -verify-machineinstrs < %s \ | ||
| ; RUN: | FileCheck %s --check-prefix=RV64 | ||
|
|
||
| ; This test would lead one of the DAGCombiner's visitVSELECT optimizations to | ||
| ; call getSetCCResultType, from which we'd return an invalid MVT (<3 x i1>) | ||
| ; upon seeing that the V extension is enabled. The invalid MVT has a null | ||
| ; Type*, which then segfaulted when accessed (as an EVT). | ||
| define void @vec3_setcc_crash(<3 x i8>* %in, <3 x i8>* %out) { | ||
| ; RV32-LABEL: vec3_setcc_crash: | ||
| ; RV32: # %bb.0: | ||
| ; RV32-NEXT: lw a0, 0(a0) | ||
| ; RV32-NEXT: lui a2, 16 | ||
| ; RV32-NEXT: addi a2, a2, -256 | ||
| ; RV32-NEXT: and a2, a0, a2 | ||
| ; RV32-NEXT: slli a3, a2, 16 | ||
| ; RV32-NEXT: srai a6, a3, 24 | ||
| ; RV32-NEXT: slli a4, a0, 24 | ||
| ; RV32-NEXT: srai a3, a4, 24 | ||
| ; RV32-NEXT: slli a4, a0, 8 | ||
| ; RV32-NEXT: mv a5, a0 | ||
| ; RV32-NEXT: bgtz a3, .LBB0_2 | ||
| ; RV32-NEXT: # %bb.1: | ||
| ; RV32-NEXT: mv a5, zero | ||
| ; RV32-NEXT: .LBB0_2: | ||
| ; RV32-NEXT: srai a4, a4, 24 | ||
| ; RV32-NEXT: andi a5, a5, 255 | ||
| ; RV32-NEXT: bgtz a6, .LBB0_4 | ||
| ; RV32-NEXT: # %bb.3: | ||
| ; RV32-NEXT: mv a2, zero | ||
| ; RV32-NEXT: j .LBB0_5 | ||
| ; RV32-NEXT: .LBB0_4: | ||
| ; RV32-NEXT: srli a2, a2, 8 | ||
| ; RV32-NEXT: .LBB0_5: | ||
| ; RV32-NEXT: slli a2, a2, 8 | ||
| ; RV32-NEXT: or a2, a5, a2 | ||
| ; RV32-NEXT: bgtz a4, .LBB0_7 | ||
| ; RV32-NEXT: # %bb.6: | ||
| ; RV32-NEXT: mv a0, zero | ||
| ; RV32-NEXT: j .LBB0_8 | ||
| ; RV32-NEXT: .LBB0_7: | ||
| ; RV32-NEXT: srli a0, a0, 16 | ||
| ; RV32-NEXT: .LBB0_8: | ||
| ; RV32-NEXT: sb a0, 2(a1) | ||
| ; RV32-NEXT: sh a2, 0(a1) | ||
| ; RV32-NEXT: ret | ||
| ; | ||
| ; RV64-LABEL: vec3_setcc_crash: | ||
| ; RV64: # %bb.0: | ||
| ; RV64-NEXT: lwu a0, 0(a0) | ||
| ; RV64-NEXT: lui a2, 16 | ||
| ; RV64-NEXT: addiw a2, a2, -256 | ||
| ; RV64-NEXT: and a2, a0, a2 | ||
| ; RV64-NEXT: slli a3, a2, 48 | ||
| ; RV64-NEXT: srai a6, a3, 56 | ||
| ; RV64-NEXT: slli a4, a0, 56 | ||
| ; RV64-NEXT: srai a3, a4, 56 | ||
| ; RV64-NEXT: slli a4, a0, 40 | ||
| ; RV64-NEXT: mv a5, a0 | ||
| ; RV64-NEXT: bgtz a3, .LBB0_2 | ||
| ; RV64-NEXT: # %bb.1: | ||
| ; RV64-NEXT: mv a5, zero | ||
| ; RV64-NEXT: .LBB0_2: | ||
| ; RV64-NEXT: srai a4, a4, 56 | ||
| ; RV64-NEXT: andi a5, a5, 255 | ||
| ; RV64-NEXT: bgtz a6, .LBB0_4 | ||
| ; RV64-NEXT: # %bb.3: | ||
| ; RV64-NEXT: mv a2, zero | ||
| ; RV64-NEXT: j .LBB0_5 | ||
| ; RV64-NEXT: .LBB0_4: | ||
| ; RV64-NEXT: srli a2, a2, 8 | ||
| ; RV64-NEXT: .LBB0_5: | ||
| ; RV64-NEXT: slli a2, a2, 8 | ||
| ; RV64-NEXT: or a2, a5, a2 | ||
| ; RV64-NEXT: bgtz a4, .LBB0_7 | ||
| ; RV64-NEXT: # %bb.6: | ||
| ; RV64-NEXT: mv a0, zero | ||
| ; RV64-NEXT: j .LBB0_8 | ||
| ; RV64-NEXT: .LBB0_7: | ||
| ; RV64-NEXT: srli a0, a0, 16 | ||
| ; RV64-NEXT: .LBB0_8: | ||
| ; RV64-NEXT: sb a0, 2(a1) | ||
| ; RV64-NEXT: sh a2, 0(a1) | ||
| ; RV64-NEXT: ret | ||
| %a = load <3 x i8>, <3 x i8>* %in | ||
| %cmp = icmp sgt <3 x i8> %a, zeroinitializer | ||
| %c = select <3 x i1> %cmp, <3 x i8> %a, <3 x i8> zeroinitializer | ||
| store <3 x i8> %c, <3 x i8>* %out | ||
| ret void | ||
| } |