[LLVMbugs] [Bug 9228] New: InstCombine crash (from GEP with NULL pointer used in computing object size?)

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Tue Feb 15 11:12:17 PST 2011 

http://llvm.org/bugs/show_bug.cgi?id=9228

           Summary: InstCombine crash (from GEP with NULL pointer used in
                    computing object size?)
           Product: new-bugs
           Version: trunk
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P
         Component: new bugs
        AssignedTo: unassignedbugs at nondot.org
        ReportedBy: matt at pharr.org
                CC: llvmbugs at cs.uiuc.edu


If I run "opt -instcombine bug.ll -o /dev/null" with the following program:

define <4 x float> @f(i32 %a) nounwind alwaysinline {
entry:
  %dim = insertelement <4 x i32> undef, i32 %a, i32 0
  %dim30 = insertelement <4 x i32> %dim, i32 %a, i32 1
  %dim31 = insertelement <4 x i32> %dim30, i32 %a, i32 2
  %dim32 = insertelement <4 x i32> %dim31, i32 %a, i32 3

  %offset_ptr = getelementptr <4 x float>* null, i32 1
  %offset_int = ptrtoint <4 x float>* %offset_ptr to i64
  %sizeof32 = trunc i64 %offset_int to i32

  %smearinsert33 = insertelement <4 x i32> undef, i32 %sizeof32, i32 0
  %smearinsert34 = insertelement <4 x i32> %smearinsert33, i32 %sizeof32, i32 1
  %smearinsert35 = insertelement <4 x i32> %smearinsert34, i32 %sizeof32, i32 2
  %smearinsert36 = insertelement <4 x i32> %smearinsert35, i32 %sizeof32, i32 3

  %delta_scale = mul <4 x i32> %dim32, %smearinsert36
  %offset_delta = add <4 x i32> zeroinitializer, %delta_scale

  %offset_varying_delta = add <4 x i32> %offset_delta, undef

  ret <4 x float> undef
}

I get the following crash from TOT of the dev branch:

opt: /home/mmp/llvm-dev-src/include/llvm/Support/Casting.h:213: typename
llvm::cast_retty<X, Y*>::ret_type llvm::cast_or_null(Y*) [with X =
llvm::ConstantInt, Y = llvm::Constant]: Assertion `isa<X>(Val) &&
"cast_or_null<Ty>() argument of incompatible type!"' failed.
0  opt             0x0000000000d0ffb5
1  opt             0x0000000000d0fda8
2  libpthread.so.0 0x00002b6774e478f0
3  libc.so.6       0x00002b6775a3ca75 gsignal + 53
4  libc.so.6       0x00002b6775a405c0 abort + 384
5  libc.so.6       0x00002b6775a35941 __assert_fail + 241
6  opt             0x0000000000977f57 llvm::cast_retty<llvm::ConstantInt,
llvm::Constant*>::ret_type llvm::cast_or_null<llvm::ConstantInt,
llvm::Constant>(llvm::Constant*) + 92
7  opt             0x00000000009a7e04 bool
llvm::PatternMatch::cst_pred_ty<llvm::PatternMatch::is_one>::match<llvm::Value>(llvm::Value*)
+ 114
8  opt             0x0000000000a7a32e bool
llvm::PatternMatch::match<llvm::Value,
llvm::PatternMatch::cst_pred_ty<llvm::PatternMatch::is_one> >(llvm::Value*,
llvm::PatternMatch::cst_pred_ty<llvm::PatternMatch::is_one> const&) + 35
9  opt             0x0000000000a75063
10 opt             0x0000000000a7547e llvm::SimplifyMulInst(llvm::Value*,
llvm::Value*, llvm::TargetData const*, llvm::DominatorTree const*) + 58
11 opt             0x00000000009ab28c
12 opt             0x000000000096d87c llvm::InstVisitor<llvm::InstCombiner,
llvm::Instruction*>::visit(llvm::Instruction&) + 376
13 opt             0x000000000096ab67
14 opt             0x000000000096af7f
15 opt             0x0000000000c8e095
llvm::FPPassManager::runOnFunction(llvm::Function&) + 407
16 opt             0x0000000000c8e2b2
llvm::FPPassManager::runOnModule(llvm::Module&) + 102
17 opt             0x0000000000c8e5e5
llvm::MPPassManager::runOnModule(llvm::Module&) + 459
18 opt             0x0000000000c8eae3 llvm::PassManagerImpl::run(llvm::Module&)
+ 125
19 opt             0x0000000000c8f039 llvm::PassManager::run(llvm::Module&) +
39
20 opt             0x0000000000839b3f main + 4242
21 libc.so.6       0x00002b6775a27c4d __libc_start_main + 253
22 opt             0x000000000082a779
Stack dump:
0.    Program arguments: opt -instcombine x.ll -o /dev/null 
1.    Running pass 'Function Pass Manager' on module 'x.ll'.
2.    Running pass 'Combine redundant instructions' on function '@f'
[1]    5247 abort      opt -instcombine x.ll -o /dev/null

The problem seems to be related to the GEP with a NULL base pointer:

#3  0x0000000000977f57 in llvm::cast_or_null<llvm::ConstantInt, llvm::Constant>
(Val=0x12819a8)
    at /home/mmp/llvm-dev-src/include/llvm/Support/Casting.h:213
213      assert(isa<X>(Val) && "cast_or_null<Ty>() argument of incompatible
type!");
(gdb) call Val->dump()
i32 ptrtoint (<4 x float>* getelementptr (<4 x float>* null, i32 1) to i32)
(gdb)

-- 
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the llvm-bugs mailing list