From 4442d117189e0a5aac0bc7c5c8c670c6b2e62347 Mon Sep 17 00:00:00 2001
From: Craig Topper <craig.topper@intel.com>
Date: Thu, 28 May 2020 17:00:56 -0700
Subject: [PATCH] [X86] Fix a nullptr dereference in
 X86Subtarget::classifyLocalReference when compiling with -mcmodel=medium
 -fpic and using a constant pool

LowerConstantPool passes a nullptr into classifyLocalReference. The medium code model handling for PIC will try to deference it using isa. This patch switches to isa_and_nonnull.

Differential Revision: https://reviews.llvm.org/D80763
---
 lib/Target/X86/X86Subtarget.cpp    |  4 ++-
 test/CodeGen/X86/code-model-elf.ll | 43 ++++++++++++++++++++++++++++++
 2 files changed, 46 insertions(+), 1 deletion(-)

diff --git a/lib/Target/X86/X86Subtarget.cpp b/lib/Target/X86/X86Subtarget.cpp
index 8f7185cc5fa..975cbabb30f 100644
--- a/lib/Target/X86/X86Subtarget.cpp
+++ b/lib/Target/X86/X86Subtarget.cpp
@@ -88,7 +88,9 @@ X86Subtarget::classifyLocalReference(const GlobalValue *GV) const {
 
       // Medium is a hybrid: RIP-rel for code, GOTOFF for DSO local data.
       case CodeModel::Medium:
-        if (isa<Function>(GV))
+        // Constant pool and jump table handling pass a nullptr to this
+        // function so we need to use isa_and_nonnull.
+        if (isa_and_nonnull<Function>(GV))
           return X86II::MO_NO_FLAG; // All code is RIP-relative
         return X86II::MO_GOTOFF;    // Local symbols use GOTOFF.
       }
diff --git a/test/CodeGen/X86/code-model-elf.ll b/test/CodeGen/X86/code-model-elf.ll
index f7ffd6ea1eb..82d0d1ef591 100644
--- a/test/CodeGen/X86/code-model-elf.ll
+++ b/test/CodeGen/X86/code-model-elf.ll
@@ -439,6 +439,49 @@ define dso_local i32 @load_thread_data() #0 {
   ret i32 %1
 }
 
+define dso_local float @load_constant_pool(float %x) #0 {
+; SMALL-STATIC-LABEL: load_constant_pool:
+; SMALL-STATIC:       # %bb.0:
+; SMALL-STATIC-NEXT:    addss {{\.LCPI.*}}(%rip), %xmm0
+; SMALL-STATIC-NEXT:    retq
+;
+; MEDIUM-STATIC-LABEL: load_constant_pool:
+; MEDIUM-STATIC:       # %bb.0:
+; MEDIUM-STATIC-NEXT:    movabsq ${{\.LCPI.*}}, %rax
+; MEDIUM-STATIC-NEXT:    addss (%rax), %xmm0
+; MEDIUM-STATIC-NEXT:    retq
+;
+; LARGE-STATIC-LABEL: load_constant_pool:
+; LARGE-STATIC:       # %bb.0:
+; LARGE-STATIC-NEXT:    movabsq ${{\.LCPI.*}}, %rax
+; LARGE-STATIC-NEXT:    addss (%rax), %xmm0
+; LARGE-STATIC-NEXT:    retq
+;
+; SMALL-PIC-LABEL: load_constant_pool:
+; SMALL-PIC:       # %bb.0:
+; SMALL-PIC-NEXT:    addss {{\.LCPI.*}}(%rip), %xmm0
+; SMALL-PIC-NEXT:    retq
+;
+; MEDIUM-PIC-LABEL: load_constant_pool:
+; MEDIUM-PIC:       # %bb.0:
+; MEDIUM-PIC-NEXT:    leaq _GLOBAL_OFFSET_TABLE_(%rip), %rax
+; MEDIUM-PIC-NEXT:    movabsq ${{\.LCPI.*}}@GOTOFF, %rcx
+; MEDIUM-PIC-NEXT:    addss (%rax,%rcx), %xmm0
+; MEDIUM-PIC-NEXT:    retq
+;
+; LARGE-PIC-LABEL: load_constant_pool:
+; LARGE-PIC:       # %bb.0:
+; LARGE-PIC-NEXT:  .L11$pb:
+; LARGE-PIC-NEXT:    leaq .L11$pb(%rip), %rax
+; LARGE-PIC-NEXT:    movabsq $_GLOBAL_OFFSET_TABLE_-.L11$pb, %rcx
+; LARGE-PIC-NEXT:    addq %rax, %rcx
+; LARGE-PIC-NEXT:    movabsq ${{\.LCPI.*}}@GOTOFF, %rax
+; LARGE-PIC-NEXT:    addss (%rcx,%rax), %xmm0
+; LARGE-PIC-NEXT:    retq
+  %a = fadd float %x, 1.0
+  ret float %a
+}
+
 attributes #0 = { noinline nounwind uwtable }
 
 !llvm.module.flags = !{!0, !1, !2}