[llvm] 0513b03 - [X86] Avoid miscompile in combineOr (X86ISelLowering.cpp)

Bjorn Pettersson via llvm-commits llvm-commits at lists.llvm.org
Thu Sep 29 12:26:02 PDT 2022 

Author: Bjorn Pettersson
Date: 2022-09-29T21:24:31+02:00
New Revision: 0513b0305acde91a0a5f7f5ea4061476011f0d1d

URL: https://github.com/llvm/llvm-project/commit/0513b0305acde91a0a5f7f5ea4061476011f0d1d
DIFF: https://github.com/llvm/llvm-project/commit/0513b0305acde91a0a5f7f5ea4061476011f0d1d.diff

LOG: [X86] Avoid miscompile in combineOr (X86ISelLowering.cpp)

In combineOr (X86ISelLowering.cpp) there is a DAG combine that rewrite
a "(0 - SetCC) | C" pattern into something simpler given that a LEA
can be used. Another requirement is that C has some specific value,
for example 1 or 7. When checking those requirements the code used a
32-bit unsigned variable to store the value of C. So for a 64-bit OR
this could miscompile in case any of the 32 most significant bits in
C were non zero.

This patch adds fixes the bug by using a large enough type for the
C value.

The faulty code seem to have been introduced by commit 9bceb8981d32fe
(D131358).

Reviewed By: RKSimon

Differential Revision: https://reviews.llvm.org/D134892

Added: 
    

Modified: 
    llvm/lib/Target/X86/X86ISelLowering.cpp
    llvm/test/CodeGen/X86/or-lea.ll

Removed: 
    


################################################################################
diff  --git a/llvm/lib/Target/X86/X86ISelLowering.cpp b/llvm/lib/Target/X86/X86ISelLowering.cpp
index 1dcc94cb1fce3..ec6c4e520d572 100644
--- a/llvm/lib/Target/X86/X86ISelLowering.cpp
+++ b/llvm/lib/Target/X86/X86ISelLowering.cpp
@@ -48592,7 +48592,7 @@ static SDValue combineOr(SDNode *N, SelectionDAG &DAG,
 
     if (Cond.getOpcode() == X86ISD::SETCC && Cond.hasOneUse()) {
       if (auto *CN = dyn_cast<ConstantSDNode>(N1)) {
-        unsigned Val = CN->getZExtValue();
+        uint64_t Val = CN->getZExtValue();
         if (Val == 1 || Val == 2 || Val == 3 || Val == 4 || Val == 7 || Val == 8) {
           X86::CondCode CCode = (X86::CondCode)Cond.getConstantOperandVal(0);
           CCode = X86::GetOppositeBranchCondition(CCode);

diff  --git a/llvm/test/CodeGen/X86/or-lea.ll b/llvm/test/CodeGen/X86/or-lea.ll
index db690556750de..ab9b917803248 100644
--- a/llvm/test/CodeGen/X86/or-lea.ll
+++ b/llvm/test/CodeGen/X86/or-lea.ll
@@ -811,10 +811,12 @@ define i64 @or_large_constant(i64 %x) {
 ;
 ; X64-LABEL: or_large_constant:
 ; X64:       # %bb.0: # %entry
-; X64-NEXT:    xorl %eax, %eax
+; X64-NEXT:    xorl %ecx, %ecx
 ; X64-NEXT:    cmpq $2, %rdi
-; X64-NEXT:    setl %al
-; X64-NEXT:    leaq -1(%rax,%rax), %rax
+; X64-NEXT:    setge %cl
+; X64-NEXT:    negq %rcx
+; X64-NEXT:    movabsq $549755813889, %rax # imm = 0x8000000001
+; X64-NEXT:    orq %rcx, %rax
 ; X64-NEXT:    retq
 entry:
   %cmp = icmp sgt i64 %x, 1

More information about the llvm-commits mailing list