[LLVMdev] Possible miscompilation?
Gary Benson
gbenson at redhat.com
Thu Jun 12 02:56:29 PDT 2008
Gordon Henriksen wrote:
> On 2008-06-11, at 13:16, Gary Benson wrote:
> > Duncan Sands wrote:
> > > Can you please attach IR which can be compiled to an executable
> > > (and shows the problem).
> >
> > I've been generating functions using a builder and then compiling
> > them with ExecutionEngine::getPointerToFunction(). Is there some
> > way I can get compilable IR from that?
>
> http://llvm.org/doxygen/namespacellvm.html#a322
Cool. Ok, compilable IR is attached. I can't see how I'd make an
executable of it as it contains inlined pointers (the code was never
designed to be dumped) but I compiled it with 'llc test.bc -o test.s'
and it is definitely miscompiled.
I apologise for it being so big, but every time I change the slightest
thing the bug will change or disappear. The section with the error in
is pretty short, however, just 100 or so lines (attached as test.s.part).
>From the trace I posted yesterday (also attached), at the top:
lines 2646-2648 print "632: iload"
lines 2649-2652 print "local_5_114 = 57" (the correct value)
>From line 2651 you can see that the 57 came from r26.
At the bottom:
lines 4901-4903 print "632: iload"
lines 4904-4907 print "local_5_420 = 261095424" (the junk value)
>From line 4906 you can see that the 261095424 also came from r26.
Looking at what happens to r26 in the meantime it seems it's being
used to hold temporary values:
lines 2684 and 2685 calculate an offset into an array which is
then used in line 2687.
line 2703 stores the high word of a pair of inlined pointers,
used in lines 2704 and 2711.
That last one is where the 261095424 comes from.
This is all with svn revision 52213 BTW.
Cheers,
Gary
--
http://gbenson.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test.bc.gz
Type: application/x-gzip
Size: 44689 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20080612/58edfb17/attachment.bin>
-------------- next part --------------
630: iload
local_4_113 = 0
632: iload
local_5_114 = 57
local_4_113 = 0
634: if_icmplt
132: aload_3
133: iload
135: caload
136: istore
138: iload
140: sipush
143: if_icmpge
146: iload
148: iload
150: if_icmplt
185: aload
187: iload
189: iinc
192: iload
194: i2b
195: bastore
196: iinc
199: goto
630: iload
local_4_419 = 1
632: iload
local_5_420 = 261095424
local_4_419 = 1
-------------- next part --------------
2646: li 3, 632
2647: mr 4, 13
2648: bl trace_bytecode
2649: lis 13, dump57 at ha
2650: la 3, dump56 at l(14)
2651: mr 4, 26
2652: bl print_value
2653: la 3, dump57 at l(13)
2654: mr 4, 27
2655: bl print_value
2656: ori 4, 21, 7712
2657: li 3, 634
2658: bl trace_bytecode
2659: lis 3, 4031
2660: lwz 3, -12952(3)
2661: cmplwi 0, 3, 1
2662: beq 0, BB10_218 # do_safepoint
2663: BB10_41: # safepointed
2664: cmpw 0, 27, 26
2665: bge 0, BB10_169 # bci_637
2666: BB10_42: # bci_132
2667: lis 21, 3984
2668: ori 4, 21, 6756
2669: li 3, 132
2670: bl trace_bytecode
2671: ori 4, 21, 6556
2672: li 3, 133
2673: bl trace_bytecode
2674: ori 4, 21, 6812
2675: li 3, 135
2676: cmplwi 2, 18, 0
2677: bl trace_bytecode
2678: beq 2, BB10_219 # null546
2679: BB10_43: # not_null547
2680: lwz 3, 8(18)
2681: cmpw 0, 27, 3
2682: bge 0, BB10_220 # out_of_bounds
2683: BB10_44: # in_bounds
2684: slwi 26, 27, 1
2685: add 26, 26, 18
2686: lis 21, 3984
2687: lhz 14, 12(26)
2688: ori 4, 21, 6828
2689: li 3, 136
2690: bl trace_bytecode
2691: ori 4, 21, 6556
2692: li 3, 138
2693: bl trace_bytecode
2694: ori 4, 21, 6516
2695: li 3, 140
2696: bl trace_bytecode
2697: ori 4, 21, 7724
2698: li 3, 143
2699: bl trace_bytecode
2700: cmpwi 0, 14, 127
2701: bgt 0, BB10_65 # bci_202
2702: BB10_45: # bci_146
2703: lis 26, 3984
2704: ori 21, 26, 6556
2705: li 3, 146
2706: mr 4, 21
2707: bl trace_bytecode
2708: li 3, 148
2709: mr 4, 21
2710: bl trace_bytecode
2711: ori 4, 26, 7712
2712: li 3, 150
2713: cmpw 2, 25, 22
2714: bl trace_bytecode
2715: blt 2, BB10_62 # bci_185
2985: BB10_62: # bci_185
2986: lis 21, 3984
2987: ori 4, 21, 6596
2988: li 3, 185
2989: bl trace_bytecode
2990: ori 13, 21, 6556
2991: li 3, 187
2992: mr 4, 13
2993: bl trace_bytecode
2994: ori 4, 21, 7516
2995: li 3, 189
2996: bl trace_bytecode
2997: li 3, 192
2998: mr 4, 13
2999: bl trace_bytecode
3000: ori 4, 21, 7584
3001: li 3, 194
3002: bl trace_bytecode
3003: ori 4, 21, 7148
3004: li 3, 195
3005: bl trace_bytecode
3006: extsb 14, 14
3007: addi 21, 25, 1
3008: cmplwi 0, 19, 0
3009: beq 0, BB10_235 # null599
3010: BB10_63: # not_null600
3011: lwz 3, 8(19)
3012: cmpw 0, 25, 3
3013: bge 0, BB10_236 # out_of_bounds601
3014: BB10_64: # in_bounds602
3015: add 25, 25, 19
3016: lis 13, 3984
3017: stb 14, 12(25)
3018: ori 4, 13, 7516
3019: li 3, 196
3020: bl trace_bytecode
3021: ori 4, 13, 7784
3022: li 3, 199
3023: addi 27, 27, 1
3024: bl trace_bytecode
3025: b BB10_166 # bci_630
4890: BB10_166: # bci_630
4891: lis 25, 3984
4892: lis 14, dump58 at ha
4893: ori 13, 25, 6556
4894: li 3, 630
4895: mr 4, 13
4896: bl trace_bytecode
4897: la 3, dump58 at l(14)
4898: mr 4, 27
4899: bl print_value
4900: lis 14, dump59 at ha
4901: li 3, 632
4902: mr 4, 13
4903: bl trace_bytecode
4904: lis 13, dump60 at ha
4905: la 3, dump59 at l(14)
4906: mr 4, 26
4907: bl print_value
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test.s.gz
Type: application/x-gzip
Size: 16111 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20080612/58edfb17/attachment-0001.bin>
More information about the llvm-dev
mailing list