[llvm] [DeadStoreElimination] Optimize tautological assignments (PR #75744)
Shreyansh Chouhan via llvm-commits
llvm-commits at lists.llvm.org
Tue Jan 23 04:17:27 PST 2024
BK1603 wrote:
Just an update, still looking into this (I only get time for this during weekends.)
The crash is happening during the RegAllocGreedy pass. Specifically when we call `InterferenceCache::get`
```
InterferenceCache::Entry *InterferenceCache::get(MCRegister PhysReg) {
unsigned char E = PhysRegEntries[PhysReg.id()];
if (E < CacheEntries && Entries[E].getPhysReg() == PhysReg) {
if (!Entries[E].valid(LIUArray, TRI))
Entries[E].revalidate(LIUArray, TRI);
return &Entries[E];
}
// No valid entry exists, pick the next round-robin entry.
E = RoundRobin;
if (++RoundRobin == CacheEntries)
RoundRobin = 0;
for (unsigned i = 0; i != CacheEntries; ++i) {
// Skip entries that are in use.
if (Entries[E].hasRefs()) {
if (++E == CacheEntries)
E = 0;
continue;
}
Entries[E].reset(PhysReg, LIUArray, TRI, MF);
PhysRegEntries[PhysReg] = E;
return &Entries[E];
}
llvm_unreachable("Ran out of interference cache entries.");
}
```
Instead of getting the actual pointer to the cache entry, we are getting the index of the entry. This later causes a segfault when we try to call `setEntry` on this returned index. (It in turn calls `Entry->addRef` and entry becomes an invalid address.) From what I can understand right now, this happens because
the condition `Entries[E].hasRefs()` ends up always being true. The variable `RefCount` is unsigned, and it underflows and wraps around to a value greater than 0 again, and we are never able to go to the `Entries[e].reset(PhysReg, LIUArray, TRI, MF)` line.
https://github.com/llvm/llvm-project/pull/75744
More information about the llvm-commits
mailing list