<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - [DebugInfo] ICE from inconsistent LiveDebugValues state"

   href="https://bugs.llvm.org/show_bug.cgi?id=42773">42773</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>[DebugInfo] ICE from inconsistent LiveDebugValues state

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>libraries

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>trunk

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Keywords</th>

          <td>wrong-debug

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>Common Code Generator Code

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>jeremy.morse.llvm@gmail.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>aprantl@apple.com, chackz0x12@gmail.com, llvm-bugs@lists.llvm.org, orlando.hyams@sony.com, paul.robinson@am.sony.com, stephen.tozer@sony.com, vsk@apple.com, Wolfgang_Pieb@playstation.sony.com

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Created <span class=""><a href="attachment.cgi?id=22293" name="attach_22293" title="Crash reproducer">attachment 22293</a> <a href="attachment.cgi?id=22293&action=edit" title="Crash reproducer">[details]</a></span>

Crash reproducer

While building clang-3.4 with asan (for various reasons) I ran into an

assertion failure when building llvm-3.4's SparcISelLower.cpp. I'm using

clang/llvm trunk @ r366789, building the old copy of clang in RelWithDebInfo

mode and -fsanitize=address added to CXXFLAGS, and using a pre-built version of

tblgen because old-tblgen doesn't work under asan. I'm attaching a modified

version of live-debug-values-restore.mir that reproduces the crash

In r363256 [0] I added fragment-tracking to LiveDebugValues, so that

independent variable fragments would be tracked independently. This builds a

map of which-fragments-overlap-others at the start. However, it seems I missed

the fact that the spill-restorer [1] creates an empty expression when restoring

from a stack slot. This introduces DBG_VALUEs with no fragment to the mix,

_after_ the overlap map has been built.

In the attached reproducer (the "g" function, see the MIR) I spill-and-restore

a fragment in block %bb.1, which erronously becomes a DBG_VALUE with no

fragment. In %bb.2 another spill and restore happens in a slightly different

location; what happens then is:

 * ProcessVarLoc [2] closes the open range of the {32,32} fragment

 * A new location is inserted into the open ranges [3], however, it doesn't 

   "take" because the new DBG_VALUE with no fragment is already open.

 * We now have two open machine locations, but only one open variable;

   assertions galore fire.

Part of the problem is ProcessVarLoc using two DBG_VALUEs as sources of the

fragment, but a mix of no-fragment/fragmented DBG_VALUEs is going to fire

assertions later in compilation anyway.

It's awkward / difficult to recover the correct expression for [1], see bug

42772. IMO the best fix for now is to give [1] the correct fragment, even if

some of the overall expression is lost. A bad location is strictly better than

the compiler crashing.

This is also in the 9.0 release, so I'll submit a pull-up at some point.

[0] <a href="https://reviews.llvm.org/rL363256">https://reviews.llvm.org/rL363256</a>

[1]

<a href="https://github.com/llvm/llvm-project/blob/12aca5de026bd15663596c392ac828f8078bca6b/llvm/lib/CodeGen/LiveDebugValues.cpp#L696">https://github.com/llvm/llvm-project/blob/12aca5de026bd15663596c392ac828f8078bca6b/llvm/lib/CodeGen/LiveDebugValues.cpp#L696</a>

[2]

<a href="https://github.com/llvm/llvm-project/blob/12aca5de026bd15663596c392ac828f8078bca6b/llvm/lib/CodeGen/LiveDebugValues.cpp#L638">https://github.com/llvm/llvm-project/blob/12aca5de026bd15663596c392ac828f8078bca6b/llvm/lib/CodeGen/LiveDebugValues.cpp#L638</a>

[3]

<a href="https://github.com/llvm/llvm-project/blob/12aca5de026bd15663596c392ac828f8078bca6b/llvm/lib/CodeGen/LiveDebugValues.cpp#L641">https://github.com/llvm/llvm-project/blob/12aca5de026bd15663596c392ac828f8078bca6b/llvm/lib/CodeGen/LiveDebugValues.cpp#L641</a></pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>