Confusing register usage encountered during V8 Arm64EC porting.

[scout-zeng]

We are working on v8 Arm64EC porting with the clang version 21.0.0git (https://chromium.googlesource.com/a/external/github.com/llvm/llvm-project 0900661) and v8 version 13.7.152.14.
Through some patches on V8 project, we successfully compiled the ARM64EC version of V8. However, when we tested a simple JavaScript script using the command d8.exe -e "console.log('hi')", we encountered a crash.

The assembly code where the exception occurred is as follows:

v8!v8::debug::ConsoleDelegate::`vcall'{24}'+0x8:
00007ffd`f55a5db8 a93e8881 stp         x1,x2,[x4,#-0x18]
00007ffd`f55a5dbc f000b46a adrp        x10,v8!_x64_code_ranges_to_entry_points+0x2e211 (00007ffd`f6c34000)
00007ffd`f55a5dc0 f81f8083 stur        x3,[x4,#-8]
00007ffd`f55a5dc4 f9400009 ldr         x9,[x0]
00007ffd`f55a5dc8 f9400d2b ldr         x11,[x9,#0x18]
00007ffd`f55a5dcc f943c949 ldr         x9,[x10,#0x790]
00007ffd`f55a5dd0 d000a16a adrp        x10,v8!_impchk_strlen+0x8 (00007ffd`f69d3000)
00007ffd`f55a5dd4 911dc14a add         x10,x10,#0x770

The arm64 native code is as follows:

0:000> u .
v8!v8::debug::ConsoleDelegate::`vcall'{24}':
00007ffe`2799df50 d10183ff sub         sp,sp,#0x60
00007ffe`2799df54 a9017bfd stp         fp,lr,[sp,#0x10]
00007ffe`2799df58 910043fd add         fp,sp,#0x10
00007ffe`2799df5c a9018ba1 stp         x1,x2,[fp,#0x18]
00007ffe`2799df60 f000a64a adrp        x10,v8!__guard_fids_table+0x190f5 (00007ffe`28e68000)
00007ffe`2799df64 a90293a3 stp         x3,x4,[fp,#0x28]
00007ffe`2799df68 a9039ba5 stp         x5,x6,[fp,#0x38]
00007ffe`2799df6c f90027a7 str         x7,[fp,#0x48]

The is no usage of x4 register.

We are confused about the x4 register usage, the value of x4 register is 000000000000000c. Obviously, we cannot access memory with x4-0x18, and then, there is an exception throw out. The usage of x4 register is quite strange. Based on the stack information we examined, we didn't find any writes to the x4 register, yet it is clearly being used here. I have no other way to continue investigating this issue, so i hope the LLVM community can provide some insights from the compiler's perspective.

[llvmbot]

@llvm/issue-subscribers-backend-aarch64

Author: None (scout-zeng)

We are working on v8 Arm64EC porting with the clang version 21.0.0git (https://chromium.googlesource.com/a/external/github.com/llvm/llvm-project 0900661) and v8 version 13.7.152.14. Through some patches on V8 project, we successfully compiled the ARM64EC version of V8. However, when we tested a simple JavaScript script using the command `d8.exe -e "console.log('hi')"`, we encountered a crash.

The assembly code where the exception occurred is as follows:

v8!v8::debug::ConsoleDelegate::`vcall'{24}'+0x8:
00007ffd`f55a5db8 a93e8881 stp         x1,x2,[x4,#-0x18]
00007ffd`f55a5dbc f000b46a adrp        x10,v8!_x64_code_ranges_to_entry_points+0x2e211 (00007ffd`f6c34000)
00007ffd`f55a5dc0 f81f8083 stur        x3,[x4,#-8]
00007ffd`f55a5dc4 f9400009 ldr         x9,[x0]
00007ffd`f55a5dc8 f9400d2b ldr         x11,[x9,#<!-- -->0x18]
00007ffd`f55a5dcc f943c949 ldr         x9,[x10,#<!-- -->0x790]
00007ffd`f55a5dd0 d000a16a adrp        x10,v8!_impchk_strlen+0x8 (00007ffd`f69d3000)
00007ffd`f55a5dd4 911dc14a add         x10,x10,#<!-- -->0x770

The arm64 native code is as follows:

0:000> u .
v8!v8::debug::ConsoleDelegate::`vcall'{24}':
00007ffe`2799df50 d10183ff sub         sp,sp,#<!-- -->0x60
00007ffe`2799df54 a9017bfd stp         fp,lr,[sp,#<!-- -->0x10]
00007ffe`2799df58 910043fd add         fp,sp,#<!-- -->0x10
00007ffe`2799df5c a9018ba1 stp         x1,x2,[fp,#<!-- -->0x18]
00007ffe`2799df60 f000a64a adrp        x10,v8!__guard_fids_table+0x190f5 (00007ffe`28e68000)
00007ffe`2799df64 a90293a3 stp         x3,x4,[fp,#<!-- -->0x28]
00007ffe`2799df68 a9039ba5 stp         x5,x6,[fp,#<!-- -->0x38]
00007ffe`2799df6c f90027a7 str         x7,[fp,#<!-- -->0x48]

The is no usage of x4 register.

We are confused about the x4 register usage, the value of x4 register is 000000000000000c. Obviously, we cannot access memory with x4-0x18, and then, there is an exception throw out. The usage of x4 register is quite strange. Based on the stack information we examined, we didn't find any writes to the x4 register, yet it is clearly being used here. I have no other way to continue investigating this issue, so i hope the LLVM community can provide some insights from the compiler's perspective.

[efriedma-quic]

Can you try with a newer LLVM version? This looks similar to #139856.

(See also https://learn.microsoft.com/en-us/windows/arm/arm64ec-abi#variadic-calling-convention)

[scout-zeng]

Can you try with a newer LLVM version? This looks similar to #139856.

(See also https://learn.microsoft.com/en-us/windows/arm/arm64ec-abi#variadic-calling-convention)

#139856 It looks similar to the issue we encountered. I'll try compiling with a newer version of clang.

[scout-zeng]

Thanks @efriedma-quic i have tried a new version of Clang, and this issue has been fixed.