[llvm-bugs] [Bug 30501] New: AVX512: LLVM generates invalid instructions on Xeon Phi (SIGILL: illegal instruction operand), crashes ensue

via llvm-bugs llvm-bugs at lists.llvm.org
Fri Sep 23 01:21:27 PDT 2016 

https://llvm.org/bugs/show_bug.cgi?id=30501

            Bug ID: 30501
           Summary: AVX512: LLVM generates invalid instructions on Xeon
                    Phi (SIGILL: illegal instruction operand), crashes
                    ensue
           Product: libraries
           Version: trunk
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P
         Component: Backend: X86
          Assignee: unassignedbugs at nondot.org
          Reporter: wenzel.jakob at epfl.ch
                CC: llvm-bugs at lists.llvm.org
    Classification: Unclassified

Hi,

LLVM occasionally generates invalid instructions that crash my application
running on Xeon Phi (KNL).

I've been able to reduce one such crash to a minimal example compiled with the
following flags:

$ clang++ -march=knl -stdlib=libc++ -O0 -fno-rtti -fno-exceptions -o test
test.cpp


===========================


#include <immintrin.h>

#define ALWAYS_INLINE __attribute__ ((always_inline)) inline

struct KMask {
    __mmask8 k;
    ALWAYS_INLINE KMask(bool value) : k(__mmask8(value ? -1 : 0)) { }
};

int main(int /* argc */, char * /*argv */ []) {
    KMask m(true);
    return 0;
}

===========================

LLDB session illustrating the crash:

(lldb) target create "test"
Current executable set to 'test' (x86_64).
error: Unrecognized command 'rujn'.
(lldb) run
Process 83258 launched: '/home/wjakob/simdarray/test' (x86_64)
Process 83258 stopped
* thread #1: tid = 83258, 0x000000000040069d test`main + 45, name = 'test',
stop reason = signal SIGILL: illegal instruction operand
    frame #0: 0x000000000040069d test`main + 45
(lldb) d
test`main:
    0x400670 <+0>:  push   rbp
    0x400671 <+1>:  mov    rbp, rsp
    0x400674 <+4>:  xor    eax, eax
    0x400676 <+6>:  mov    ecx, 0xffffffff
    0x40067b <+11>: lea    rdx, [rbp - 0x28]
    0x40067f <+15>: mov    dword ptr [rbp - 0x10], 0x0
    0x400686 <+22>: mov    dword ptr [rbp - 0x14], edi
    0x400689 <+25>: mov    qword ptr [rbp - 0x20], rsi

===========================

This is the assembly output I get when compiling with "-S":

        .text
        .file   "test.cpp"
        .globl  main
        .p2align        4, 0x90
        .type   main, at function
main:                                   # @main
        .cfi_startproc
# BB#0:
        pushq   %rbp
.Ltmp0:
        .cfi_def_cfa_offset 16
.Ltmp1:
        .cfi_offset %rbp, -16
        movq    %rsp, %rbp
.Ltmp2:
        .cfi_def_cfa_register %rbp
        xorl    %eax, %eax
        movl    $4294967295, %ecx       # imm = 0xFFFFFFFF
        leaq    -40(%rbp), %rdx
        movl    $0, -16(%rbp)
        movl    %edi, -20(%rbp)
        movq    %rsi, -32(%rbp)
        movq    %rdx, -8(%rbp)
        movb    $1, -9(%rbp)
        movq    -8(%rbp), %rdx
        movb    -9(%rbp), %r8b
        kortestw        %r8b, %r8b
        movl    %eax, %edi
        cmovnel %ecx, %edi
        movb    %dil, %r8b
        movb    %r8b, (%rdx)
        popq    %rbp
        retq
.Lfunc_end0:
        .size   main, .Lfunc_end0-main
        .cfi_endproc

        .ident  "clang version 4.0.0 (trunk 282142)"
        .section        ".note.GNU-stack","", at progbits

===========================

This is the LLVM IR corresponding to the same code

; ModuleID = 'tests/testsuite.cpp'
source_filename = "tests/testsuite.cpp"
target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"
target triple = "x86_64-unknown-linux-gnu"

%struct.KMask = type { i8 }

; Function Attrs: norecurse nounwind uwtable
define i32 @main(i32, i8**) #0 {
  %3 = alloca %struct.KMask*, align 8
  %4 = alloca i8, align 1
  %5 = alloca i32, align 4
  %6 = alloca i32, align 4
  %7 = alloca i8**, align 8
  %8 = alloca %struct.KMask, align 1
  store i32 0, i32* %5, align 4
  store i32 %0, i32* %6, align 4
  store i8** %1, i8*** %7, align 8
  store %struct.KMask* %8, %struct.KMask** %3, align 8
  store i8 1, i8* %4, align 1
  %9 = load %struct.KMask*, %struct.KMask** %3, align 8
  %10 = getelementptr inbounds %struct.KMask, %struct.KMask* %9, i32 0, i32 0
  %11 = load i8, i8* %4, align 1
  %12 = trunc i8 %11 to i1
  %13 = select i1 %12, i32 -1, i32 0
  %14 = trunc i32 %13 to i8
  store i8 %14, i8* %10, align 1
  ret i32 0
}

attributes #0 = { norecurse nounwind uwtable
"correctly-rounded-divide-sqrt-fp-math"="false" "disable-tail-calls"="false"
"less-precise-fpmad"="false" "no-frame-pointer-elim"="true"
"no-frame-pointer-elim-non-leaf" "no-infs-fp-math"="false"
"no-jump-tables"="false" "no-nans-fp-math"="false"
"no-signed-zeros-fp-math"="false" "no-trapping-math"="false"
"stack-protector-buffer-size"="8" "target-cpu"="knl"
"target-features"="+adx,+aes,+avx,+avx2,+avx512cd,+avx512er,+avx512f,+avx512pf,+bmi,+bmi2,+cx16,+f16c,+fma,+fsgsbase,+fxsr,+lzcnt,+mmx,+movbe,+pclmul,+popcnt,+prefetchwt1,+rdrnd,+rdseed,+rtm,+sse,+sse2,+sse3,+sse4.1,+sse4.2,+ssse3,+x87,+xsave,+xsaveopt"
"unsafe-fp-math"="false" "use-soft-float"="false" }

!llvm.ident = !{!0}

!0 = !{!"clang version 4.0.0 (trunk 282142)"}

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20160923/b33c0d93/attachment-0001.html>

More information about the llvm-bugs mailing list