<html>
    <head>
      <base href="https://bugs.llvm.org/">
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - Coalescer segfault"
   href="https://bugs.llvm.org/show_bug.cgi?id=37253">37253</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>Coalescer segfault
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>libraries
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>trunk
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>PC
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>Linux
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>NEW
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>enhancement
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>P
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>Register Allocator
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>unassignedbugs@nondot.org
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>bevin.hansson@ericsson.com
          </td>
        </tr>

        <tr>
          <th>CC</th>
          <td>llvm-bugs@lists.llvm.org
          </td>
        </tr></table>
      <p>
        <div>
        <pre>Created <span class=""><a href="attachment.cgi?id=20228" name="attach_20228" title="reproducer">attachment 20228</a> <a href="attachment.cgi?id=20228&action=edit" title="reproducer">[details]</a></span>
reproducer

Running the attached IR with llc causes the following crash:

$ llc -optimize-regalloc -O0 preproc.opt.ll
Stack dump:
0.      Program arguments: build/bin/llc -optimize-regalloc -O0
./preproc.opt.ll 
1.      Running pass 'Function Pass Manager' on module './preproc.opt.ll'.
2.      Running pass 'Simple Register Coalescing' on function '@fn1'
#0 0x0000000001cc96aa llvm::sys::PrintStackTrace(llvm::raw_ostream&)
/home/ebevhan/work/master/build/../lib/Support/Unix/Signals.inc:402:0
#1 0x0000000001cc786e llvm::sys::RunSignalHandlers()
/home/ebevhan/work/master/build/../lib/Support/Signals.cpp:50:0
#2 0x0000000001cc79bc SignalHandler(int)
/home/ebevhan/work/master/build/../lib/Support/Unix/Signals.inc:242:0
#3 0x00007f308848d390 __restore_rt
(/lib/x86_64-linux-gnu/libpthread.so.0+0x11390)
#4 0x00000000015f09c3 _ZN4llvm21MCRegUnitRootIteratorC4EjPKNS_14MCRegisterInfoE
/home/ebevhan/work/master/build/../include/llvm/MC/MCRegisterInfo.h:650:0
#5 0x00000000015f09c3 joinReservedPhysReg
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:1809:0
#6 0x00000000015f09c3 joinIntervals
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:3106:0
#7 0x00000000015f09c3 joinCopy
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:1695:0
#8 0x00000000015f09c3 (anonymous
namespace)::RegisterCoalescer::copyCoalesceWorkList(llvm::MutableArrayRef<llvm::MachineInstr*>)
(.constprop.324)
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:3179:0
#9 0x00000000015f280d joinAllIntervals
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:3338:0
#10 0x00000000015f280d (anonymous
namespace)::RegisterCoalescer::runOnMachineFunction(llvm::MachineFunction&)
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:3378:0
#11 0x0000000001515b71
llvm::MachineFunctionPass::runOnFunction(llvm::Function&)
/home/ebevhan/work/master/build/../lib/CodeGen/MachineFunctionPass.cpp:62:0
#12 0x00000000017ca652 llvm::FPPassManager::runOnFunction(llvm::Function&)
/home/ebevhan/work/master/build/../lib/IR/LegacyPassManager.cpp:1520:0
#13 0x00000000017ca703 llvm::FPPassManager::runOnModule(llvm::Module&)
/home/ebevhan/work/master/build/../lib/IR/LegacyPassManager.cpp:1541:0
#14 0x00000000017ca29f runOnModule
/home/ebevhan/work/master/build/../lib/IR/LegacyPassManager.cpp:1597:0
#15 0x00000000017ca29f llvm::legacy::PassManagerImpl::run(llvm::Module&)
/home/ebevhan/work/master/build/../lib/IR/LegacyPassManager.cpp:1700:0
#16 0x0000000000768f3b compileModule(char**, llvm::LLVMContext&)
(.constprop.409) /home/ebevhan/work/master/build/../tools/llc/llc.cpp:575:0
#17 0x00000000006dc255 main
/home/ebevhan/work/master/build/../tools/llc/llc.cpp:345:0
#18 0x00007f30871ea830 __libc_start_main
/build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:325:0
#19 0x000000000075e899 _start (build/bin/llc+0x75e899)
Segmentation fault (core dumped)

The segfault is on the specified line:

  for (MachineBasicBlock *Pred : MBB.predecessors()) {
    VNInfo *PVal = IntA.getVNInfoBefore(LIS->getMBBEndIdx(Pred));
 -> MachineInstr *DefMI = LIS->getInstructionFromIndex(PVal->def);
    if (!DefMI || !DefMI->isFullCopy()) {
      CopyLeftBB = Pred;
      continue;
    }

The cause seems to be that the coalescer has previously removed the def it is
trying to perform PRE on since it is undef:
48B    %vreg0<def> = COPY %vreg4<undef>; GR16:%vreg0,%vreg4
    Eliminating copy of <undef> value
...
64B    %vreg12<def> = COPY %vreg0<undef>; GR16:%vreg12,%vreg0
    Eliminating copy of <undef> value

So PVal is null and we get a segfault. The crash can be eliminated by checking
for null:
   MachineBasicBlock *CopyLeftBB = nullptr;
   for (MachineBasicBlock *Pred : MBB.predecessors()) {
     VNInfo *PVal = IntA.getVNInfoBefore(LIS->getMBBEndIdx(Pred));
+    if (!PVal) {
+      CopyLeftBB = Pred;
+      continue;
+    }
     MachineInstr *DefMI = LIS->getInstructionFromIndex(PVal->def);
     if (!DefMI || !DefMI->isFullCopy()) {
       CopyLeftBB = Pred;

but I'm unsure if this is the correct solution or simply patching a symptom.</pre>
        </div>
      </p>


      <hr>
      <span>You are receiving this mail because:</span>

      <ul>
          <li>You are on the CC list for the bug.</li>
      </ul>
    </body>
</html>