Miscompilation of portable-simd with nightly-2025-02-12 on arm64 Linux

[bjorn3]

I've so far reduced it to

#![feature(portable_simd)]

use core_simd::simd::prelude::*;
use test_helpers::*;

#[test]
fn lanes_3() {
    test_1(&|x: [usize; 3]| {
        let result_1: [u8; 3] = Simd::<usize, 3>::cast::<u8>(x.into()).into();
        let result_2: [u8; 3] =
            x.iter().copied().map(|x| x as u8).collect::<Vec<_>>().try_into().unwrap();
        proptest::prop_assert_eq!(&result_1, &result_2);
        Ok(())
    });
}

dist/cargo-clif build --manifest-path build/portable-simd/crates/core_simd/Cargo.toml --test cast && __RUST_TEST_INVOKE=lanes_3 build/portable-simd/target/debug/deps/cast-13b6f2e0b7cfecc1
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.02s
Segmentation fault (core dumped)

This crash is not consistent and seems to depend on the ASLR seed.

[bjorn3]

With RUSTFLAGS="-Zmir-opt-level=0" the crash happens at:

Program received signal SIGSEGV, Segmentation fault.
core_simd::core_simd::simd::num::uint::{impl#9}::cast<3, u8> () at /home/gh-bjorn3/cg_clif/build/portable-simd/crates/core_simd/src/simd/num/uint.rs:142
142	                unsafe { core::intrinsics::simd::simd_as(self) }
(gdb) disassemble 
Dump of assembler code for function _ZN119_$LT$core_simd..core_simd..vector..Simd$LT$usize$C$_$GT$$u20$as$u20$core_simd..core_simd..simd..num..uint..SimdUint$GT$4cast17hc01e281d875c6bdfE:
   0x0000bf03b11b0368 <+0>:	stp	x29, x30, [sp, #-16]!
   0x0000bf03b11b036c <+4>:	mov	x29, sp
   0x0000bf03b11b0370 <+8>:	sub	sp, sp, #0x40
   0x0000bf03b11b0374 <+12>:	add	x6, sp, #0x10
   0x0000bf03b11b0378 <+16>:	mov	x4, #0x20                  	// #32
   0x0000bf03b11b037c <+20>:	udiv	x7, x6, x4
   0x0000bf03b11b0380 <+24>:	msub	x8, x7, x4, x6
   0x0000bf03b11b0384 <+28>:	mov	x7, #0x20                  	// #32
   0x0000bf03b11b0388 <+32>:	sub	x7, x7, x8
=> 0x0000bf03b11b038c <+36>:	ldr	x10, [x0]
   0x0000bf03b11b0390 <+40>:	ldr	x9, [x0, #8]
   0x0000bf03b11b0394 <+44>:	ldr	x8, [x0, #16]
   0x0000bf03b11b0398 <+48>:	str	x10, [x6, x7]
   0x0000bf03b11b039c <+52>:	add	x10, x6, #0x8
   0x0000bf03b11b03a0 <+56>:	str	x9, [x10, x7]
   0x0000bf03b11b03a4 <+60>:	add	x9, x6, #0x10
   0x0000bf03b11b03a8 <+64>:	str	x8, [x9, x7]
   0x0000bf03b11b03ac <+68>:	ldr	x10, [x6, x7]
   0x0000bf03b11b03b0 <+72>:	mov	x11, sp
   0x0000bf03b11b03b4 <+76>:	strb	w10, [x11]
   0x0000bf03b11b03b8 <+80>:	add	x10, x6, #0x8
   0x0000bf03b11b03bc <+84>:	ldr	x12, [x10, x7]
   0x0000bf03b11b03c0 <+88>:	add	x11, sp, #0x1
   0x0000bf03b11b03c4 <+92>:	strb	w12, [x11]
   0x0000bf03b11b03c8 <+96>:	add	x11, x6, #0x10
   0x0000bf03b11b03cc <+100>:	ldr	x13, [x11, x7]
   0x0000bf03b11b03d0 <+104>:	add	x12, sp, #0x2
   0x0000bf03b11b03d4 <+108>:	strb	w13, [x12]
   0x0000bf03b11b03d8 <+112>:	mov	x14, sp
   0x0000bf03b11b03dc <+116>:	ldr	w0, [x14]
   0x0000bf03b11b03e0 <+120>:	add	sp, sp, #0x40
   0x0000bf03b11b03e4 <+124>:	ldp	x29, x30, [sp], #16
   0x0000bf03b11b03e8 <+128>:	ret
End of assembler dump.
(gdb) p/x $x0
$1 = 0x304f5d698271c4ce

[bjorn3]

I suspect I messed up the alignment logic in create_stack_slot. Adding + 1 to

rustc_codegen_cranelift/src/common.rs

Line 402 in 28a241f

size: (size + align) / abi_align * abi_align,

is enough to stop the crashing.

[bjorn3]

Turns out at multiple places I was using the preferred alignment rather than abi alignment and the size is not necessarily a multiple of the preferred alignment, while it is always a multiple of the abi alignment. create_stack_slot was written under the assumption that the size is a multiple of the passed in alignment.

[bjorn3]

Fixed by c27715b

[bjorn3]

rust-lang/rust#137078 will sync the subtree.