Skip to content

x86_64 backend miscompilation #22274

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
andrewrk opened this issue Dec 19, 2024 · 1 comment
Closed

x86_64 backend miscompilation #22274

andrewrk opened this issue Dec 19, 2024 · 1 comment

Comments

@andrewrk
Copy link
Member

Zig Version

0.14.0-dev.2545+e2e363361

Steps to Reproduce and Observed Behavior

Obtain master branch stage3.

git checkout x86-miscomp-repro
stage3/bin/zig build -p self -Duse-llvm=false  --prominent-compile-errors -Dno-lib -Ddev=wasm
self/bin/zig build-exe ../test/standalone/simple/hello_world/hello.zig -target wasm32-wasi --debug-log link

Observe:

debug(link): updateExports '_start' nav=117
debug(link): flush export '_start' nav=InternPool.Nav.Index(117)
thread 862392 panic: integer overflow
Unwind error at address `exe:0x182c3b2` (error.AddressOutOfRange), trace may be incomplete

/home/andy/dev/zig/src/link/Wasm/Flush.zig:303:20: 0x159d037 in finish (main.zig)
            offset += size;
                   ^
/home/andy/dev/zig/src/link/Wasm.zig:2787:36: 0x15a85d1 in flushModule (main.zig)
    return wasm.flush_buffer.finish(wasm) catch |err| switch (err) {
                                   ^
/home/andy/dev/zig/src/link/Wasm.zig:2511:28: 0x13f336c in flush (main.zig)
    return wasm.flushModule(arena, tid, prog_node);
                           ^
/home/andy/dev/zig/src/link.zig:790:77: 0x1295f4d in flush (main.zig)
                return @as(*tag.Type(), @fieldParentPtr("base", base)).flush(arena, tid, prog_node);
                                                                            ^
/home/andy/dev/zig/src/Compilation.zig:2430:17: 0x11ba0ea in flush (main.zig)
        lf.flush(arena, tid, prog_node) catch |err| switch (err) {
                ^
/home/andy/dev/zig/src/Compilation.zig:2390:22: 0x11bfa9f in update (main.zig)
            try flush(comp, arena, .{
                     ^
/home/andy/dev/zig/src/main.zig:4450:20: 0x11f00ed in updateModule (main.zig)
    try comp.update(prog_node);
                   ^
/home/andy/dev/zig/src/main.zig:3640:21: 0x120898d in buildOutputType (main.zig)
        updateModule(comp, color, root_prog_node) catch |err| switch (err) {
                    ^
/home/andy/dev/zig/src/main.zig:268:31: 0x121f6ea in mainArgs (main.zig)
        return buildOutputType(gpa, arena, args, .{ .build = .Exe });
                              ^
/home/andy/dev/zig/src/main.zig:209:20: 0x11849de in main (main.zig)
    return mainArgs(gpa, arena, args);
                   ^
/home/andy/dev/zig/lib/std/start.zig:656:37: 0x11825a9 in posixCallMainAndExit (std.zig)
            const result = root.main() catch |err| {
                                    ^
/home/andy/dev/zig/lib/std/start.zig:271:5: 0x1182016 in _start (std.zig)
    asm volatile (switch (native_arch) {
    ^
fish: Job 1, 'self/bin/zig build-exe ../test/…' terminated by signal SIGABRT (Abort)

Expected Behavior

The same as the LLVM backend:

debug(link): updateExports '_start' nav=117
debug(link): flush export '_start' nav=InternPool.Nav.Index(117)
debug(link): total memory pages: 257
debug(link): Writing type section. Count: (9)
thread 862909 panic: attempt to use null value
/home/andy/dev/zig/src/link/Wasm.zig:3465:54: 0x1895667 in navAddr (zig)
    return wasm.flush_buffer.data_segments.get(ds_id).?;
                                                     ^
/home/andy/dev/zig/src/arch/wasm/Emit.zig:972:38: 0x1894fe5 in navRefOff (zig)
            const addr = wasm.navAddr(data.nav_index);
                                     ^
/home/andy/dev/zig/src/arch/wasm/Emit.zig:70:26: 0x173b816 in lowerToCode (zig)
            try navRefOff(wasm, code, .{ .nav_index = datas[inst].nav_index, .offset = 0 }, is_wasm32);
                         ^
/home/andy/dev/zig/src/arch/wasm/CodeGen.zig:1219:29: 0x1606a77 in lower (zig)
        try emit.lowerToCode();
                            ^
/home/andy/dev/zig/src/link/Wasm/Flush.zig:648:35: 0x15ff6f9 in finish (zig)
                try function.lower(wasm, binary_bytes);
                                  ^
/home/andy/dev/zig/src/link/Wasm.zig:2787:36: 0x14ed243 in flushModule (zig)
    return wasm.flush_buffer.finish(wasm) catch |err| switch (err) {
                                   ^
/home/andy/dev/zig/src/link/Wasm.zig:2511:28: 0x13f904f in flush (zig)
    return wasm.flushModule(arena, tid, prog_node);
                           ^
/home/andy/dev/zig/src/link.zig:790:77: 0x131beeb in flush (zig)
                return @as(*tag.Type(), @fieldParentPtr("base", base)).flush(arena, tid, prog_node);
                                                                            ^
/home/andy/dev/zig/src/Compilation.zig:2430:17: 0x131bd42 in flush (zig)
        lf.flush(arena, tid, prog_node) catch |err| switch (err) {
                ^
/home/andy/dev/zig/src/Compilation.zig:2390:22: 0x131ec25 in update (zig)
            try flush(comp, arena, .{
                     ^
/home/andy/dev/zig/src/main.zig:4450:20: 0x135595d in updateModule (zig)
    try comp.update(prog_node);
                   ^
/home/andy/dev/zig/src/main.zig:3640:21: 0x136e025 in buildOutputType (zig)
        updateModule(comp, color, root_prog_node) catch |err| switch (err) {
                    ^
/home/andy/dev/zig/src/main.zig:268:31: 0x12bbc69 in mainArgs (zig)
        return buildOutputType(gpa, arena, args, .{ .build = .Exe });
                              ^
/home/andy/dev/zig/src/main.zig:209:20: 0x12b90ca in main (zig)
    return mainArgs(gpa, arena, args);
                   ^
/home/andy/dev/zig/lib/std/start.zig:656:37: 0x12b8952 in posixCallMainAndExit (zig)
            const result = root.main() catch |err| {
                                    ^
/home/andy/dev/zig/lib/std/start.zig:271:5: 0x12b853d in _start (zig)
    asm volatile (switch (native_arch) {
    ^
???:?:?: 0x0 in ??? (???)
fish: Job 1, 'stage4/bin/zig build-exe ../tes…' terminated by signal SIGABRT (Abort)
@andrewrk andrewrk added bug Observed behavior contradicts documented or intended behavior arch-x86_64 64-bit x86 miscompilation The compiler reports success but produces semantically incorrect code. labels Dec 19, 2024
@andrewrk andrewrk added this to the 0.14.0 milestone Dec 19, 2024
@andrewrk andrewrk removed bug Observed behavior contradicts documented or intended behavior arch-x86_64 64-bit x86 miscompilation The compiler reports success but produces semantically incorrect code. labels Dec 19, 2024
@andrewrk andrewrk removed this from the 0.14.0 milestone Dec 19, 2024
@andrewrk
Copy link
Member Author

Duplicate of #20095

@andrewrk andrewrk marked this as a duplicate of #20095 Dec 19, 2024
@andrewrk andrewrk closed this as not planned Won't fix, can't repro, duplicate, stale Dec 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@andrewrk