cc: Fix TLS variable access on Linux x86-64

jgarzik · claude · jgarzik · commit ffb625e7273d · 2026-01-16T19:16:11.000-05:00
Thread-local variables (_Thread_local/__thread) were crashing on Linux
because the codegen used RIP-relative addressing instead of FS segment.

- Add MemAddr::TlsIE for %fs:symbol@TPOFF addressing
- Track TLS symbols in X86_64CodeGen
- Generate correct TLS access for loads/stores on Linux

Before: movl tls_var(%rip), %eax  (crash)
After:  movl %fs:tls_var@TPOFF, %eax  (correct)

Co-Authored-By: Claude Opus 4.5 &lt;noreply@anthropic.com&gt;
diff --git a/cc/arch/x86_64/codegen.rs b/cc/arch/x86_64/codegen.rs
@@ -49,6 +49,8 @@ pub struct X86_64CodeGen {
     pub(super) unique_label_counter: u32,
     /// External symbols (need GOT access on macOS)
     pub(super) extern_symbols: HashSet<String>,
+    /// Thread-local storage symbols (need TLS access via FS segment)
+    pub(super) tls_symbols: HashSet<String>,
     /// Position-independent code mode (for shared libraries)
     pic_mode: bool,
     /// Long double constants to emit (label_bits -> value_bits)
@@ -70,6 +72,7 @@ impl X86_64CodeGen {
             num_fixed_fp_params: 0,
             unique_label_counter: 0,
             extern_symbols: HashSet::new(),
+            tls_symbols: HashSet::new(),
             pic_mode: false,
             ld_constants: HashMap::new(),
             double_constants: HashMap::new(),
@@ -110,7 +113,12 @@ impl X86_64CodeGen {
                 } else {
                     Symbol::global(name.clone())
                 };
-                GpOperand::Mem(MemAddr::RipRelative(symbol))
+                // Use TLS addressing for thread-local variables (Linux only)
+                if self.tls_symbols.contains(name) && self.base.target.os == Os::Linux {
+                    GpOperand::Mem(MemAddr::TlsIE(symbol))
+                } else {
+                    GpOperand::Mem(MemAddr::RipRelative(symbol))
+                }
             }
         }
     }
@@ -1448,8 +1456,14 @@ impl X86_64CodeGen {
                 }
             }
             Loc::Global(name) => {
-                // LIR: RIP-relative memory-to-register move
+                // LIR: memory-to-register move
                 // Use local symbol for labels starting with '.' (e.g., .LC0 for string constants)
+                let symbol = if name.starts_with('.') {
+                    Symbol::local(name.clone())
+                } else {
+                    Symbol::global(name.clone())
+                };
+
                 if self.needs_got_access(&name) {
                     // External symbols on macOS: load address from GOT, then load value
                     // Use R11 as temp if dst is R11, otherwise use dst
@@ -1467,12 +1481,15 @@ impl X86_64CodeGen {
                         }),
                         dst: GpOperand::Reg(dst),
                     });
+                } else if self.tls_symbols.contains(&name) && self.base.target.os == Os::Linux {
+                    // Thread-local storage: use FS segment (initial-exec model)
+                    self.push_lir(X86Inst::Mov {
+                        size: op_size,
+                        src: GpOperand::Mem(MemAddr::TlsIE(symbol)),
+                        dst: GpOperand::Reg(dst),
+                    });
                 } else {
-                    let symbol = if name.starts_with('.') {
-                        Symbol::local(name.clone())
-                    } else {
-                        Symbol::global(name.clone())
-                    };
+                    // Regular RIP-relative access
                     self.push_lir(X86Inst::Mov {
                         size: op_size,
                         src: GpOperand::Mem(MemAddr::RipRelative(symbol)),
@@ -1842,21 +1859,28 @@ impl X86_64CodeGen {
                     } else {
                         Symbol::global(name.clone())
                     };
+                    // Choose addressing mode: TLS or RIP-relative
+                    let mem_addr =
+                        if self.tls_symbols.contains(&name) && self.base.target.os == Os::Linux {
+                            MemAddr::TlsIE(symbol)
+                        } else {
+                            MemAddr::RipRelative(symbol)
+                        };
                     if mem_size <= 16 {
                         // LIR: sign/zero extending load from global
                         let src_size = OperandSize::from_bits(mem_size);
                         if is_unsigned {
                             self.push_lir(X86Inst::Movzx {
                                 src_size,
                                 dst_size: OperandSize::B32,
-                                src: GpOperand::Mem(MemAddr::RipRelative(symbol.clone())),
+                                src: GpOperand::Mem(mem_addr.clone()),
                                 dst: dst_reg,
                             });
                         } else {
                             self.push_lir(X86Inst::Movsx {
                                 src_size,
                                 dst_size: OperandSize::B32,
-                                src: GpOperand::Mem(MemAddr::RipRelative(symbol.clone())),
+                                src: GpOperand::Mem(mem_addr.clone()),
                                 dst: dst_reg,
                             });
                         }
@@ -1865,7 +1889,7 @@ impl X86_64CodeGen {
                         let op_size = OperandSize::from_bits(reg_size);
                         self.push_lir(X86Inst::Mov {
                             size: op_size,
-                            src: GpOperand::Mem(MemAddr::RipRelative(symbol)),
+                            src: GpOperand::Mem(mem_addr),
                             dst: GpOperand::Reg(dst_reg),
                         });
                     }
@@ -2022,6 +2046,12 @@ impl X86_64CodeGen {
                 // Use local symbol for labels starting with '.' (e.g., .LC0 for string constants)
                 let is_local_label = name.starts_with('.');
                 let op_size = OperandSize::from_bits(mem_size);
+                let symbol = if is_local_label {
+                    Symbol::local(name.clone())
+                } else {
+                    Symbol::global(name.clone())
+                };
+
                 if self.needs_got_access(&name) {
                     // External symbols on macOS: load address from GOT, then store
                     self.push_lir(X86Inst::Mov {
@@ -2037,12 +2067,14 @@ impl X86_64CodeGen {
                             offset: insn.offset as i32,
                         }),
                     });
+                } else if self.tls_symbols.contains(&name) && self.base.target.os == Os::Linux {
+                    // Thread-local storage: use FS segment (initial-exec model)
+                    self.push_lir(X86Inst::Mov {
+                        size: op_size,
+                        src: GpOperand::Reg(value_reg),
+                        dst: GpOperand::Mem(MemAddr::TlsIE(symbol)),
+                    });
                 } else {
-                    let symbol = if is_local_label {
-                        Symbol::local(name.clone())
-                    } else {
-                        Symbol::global(name.clone())
-                    };
                     // LIR: store to global via RIP-relative
                     self.push_lir(X86Inst::Mov {
                         size: op_size,
@@ -3578,6 +3610,14 @@ impl CodeGenerator for X86_64CodeGen {
         self.base.emit_debug = module.debug;
         self.extern_symbols = module.extern_symbols.clone();
 
+        // Collect thread-local storage symbols
+        self.tls_symbols = module
+            .globals
+            .iter()
+            .filter(|g| g.is_thread_local)
+            .map(|g| g.name.clone())
+            .collect();
+
         // Emit file header
         self.emit_header();
 
diff --git a/cc/arch/x86_64/lir.rs b/cc/arch/x86_64/lir.rs
@@ -35,6 +35,10 @@ pub enum MemAddr {
 
     /// symbol@GOTPCREL(%rip) - GOT-relative addressing for external symbols on macOS
     GotPcrel(Symbol),
+
+    /// %fs:symbol@TPOFF - Thread-local storage initial-exec model (Linux x86-64)
+    /// Uses FS segment register to access thread-local variables
+    TlsIE(Symbol),
 }
 
 impl MemAddr {
@@ -54,6 +58,10 @@ impl MemAddr {
             MemAddr::GotPcrel(sym) => {
                 format!("{}@GOTPCREL(%rip)", sym.format_for_target(target))
             }
+            MemAddr::TlsIE(sym) => {
+                // Thread-local storage initial-exec model: %fs:symbol@TPOFF
+                format!("%fs:{}@TPOFF", sym.format_for_target(target))
+            }
         }
     }
 }
diff --git a/m4/tests/integration.rs b/m4/tests/integration.rs
@@ -94,7 +94,6 @@ fn load_fixture(name: &str) -> TestPlan {
     }
 }
 
-
 /// Checker for expect_error tests - only check that stderr is non-empty if expected
 fn expect_error_checker(plan: &TestPlan, output: &Output) {
     let stdout = String::from_utf8_lossy(&output.stdout);
@@ -105,7 +104,11 @@ fn expect_error_checker(plan: &TestPlan, output: &Output) {
         assert!(!output.stderr.is_empty(), "expected stderr to be non-empty");
     }
 
-    assert_eq!(output.status.code(), Some(plan.expected_exit_code), "exit code mismatch");
+    assert_eq!(
+        output.status.code(),
+        Some(plan.expected_exit_code),
+        "exit code mismatch"
+    );
 }
 
 /// Checker for stdout_regex tests
@@ -123,7 +126,11 @@ fn stdout_regex_checker(regex_pattern: &str) -> impl Fn(&TestPlan, &Output) + '_
         let stderr = String::from_utf8_lossy(&output.stderr);
         assert_eq!(stderr.as_ref(), &plan.expected_err, "stderr mismatch");
 
-        assert_eq!(output.status.code(), Some(plan.expected_exit_code), "exit code mismatch");
+        assert_eq!(
+            output.status.code(),
+            Some(plan.expected_exit_code),
+            "exit code mismatch"
+        );
     }
 }
 
@@ -207,7 +214,9 @@ fn file() {
         cmd: String::from("m4"),
         args: vec![String::from("fixtures/integration_tests/file.m4")],
         stdin_data: String::new(),
-        expected_out: String::from("fixtures/integration_tests/file.m4\nfixtures/integration_tests/include/file.m4"),
+        expected_out: String::from(
+            "fixtures/integration_tests/file.m4\nfixtures/integration_tests/include/file.m4",
+        ),
         expected_err: String::new(),
         expected_exit_code: 0,
     });

Original file line number	Diff line number	Diff line change
`@@ -35,6 +35,10 @@ pub enum MemAddr {`
`35`	`35`
`36`	`36`	`/// symbol@GOTPCREL(%rip) - GOT-relative addressing for external symbols on macOS`
`37`	`37`	`GotPcrel(Symbol),`
	`38`	`+`
	`39`	`+ /// %fs:symbol@TPOFF - Thread-local storage initial-exec model (Linux x86-64)`
	`40`	`+ /// Uses FS segment register to access thread-local variables`
	`41`	`+ TlsIE(Symbol),`
`38`	`42`	`}`
`39`	`43`
`40`	`44`	`impl MemAddr {`
`@@ -54,6 +58,10 @@ impl MemAddr {`
`54`	`58`	`MemAddr::GotPcrel(sym) => {`
`55`	`59`	`format!("{}@GOTPCREL(%rip)", sym.format_for_target(target))`
`56`	`60`	`}`
	`61`	`+ MemAddr::TlsIE(sym) => {`
	`62`	`+ // Thread-local storage initial-exec model: %fs:symbol@TPOFF`
	`63`	`+ format!("%fs:{}@TPOFF", sym.format_for_target(target))`
	`64`	`+ }`
`57`	`65`	`}`
`58`	`66`	`}`
`59`	`67`	`}`