[LLVMbugs] [Bug 18736] New: clang crashes on valid code at -O1 on x86_64-linux-gnu in 32-bit mode
bugzilla-daemon at llvm.org
bugzilla-daemon at llvm.org
Wed Feb 5 00:59:35 PST 2014
http://llvm.org/bugs/show_bug.cgi?id=18736
Bug ID: 18736
Summary: clang crashes on valid code at -O1 on x86_64-linux-gnu
in 32-bit mode
Product: clang
Version: trunk
Hardware: PC
OS: All
Status: NEW
Severity: normal
Priority: P
Component: -New Bugs
Assignee: unassignedclangbugs at nondot.org
Reporter: su at cs.ucdavis.edu
CC: llvmbugs at cs.uiuc.edu
Classification: Unclassified
The current clang trunk crashes when compiling the following testcase at -O1 in
32-bit mode (but not in 64-bit mode) on x86_64-linux-gnu.
This is a regression from clang 3.4.
$ clang-trunk -v
clang version 3.5 (trunk 200793)
Target: x86_64-unknown-linux-gnu
Thread model: posix
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.6
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.6.4
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.7
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.7.3
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.8
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.8.1
Selected GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.8
$
$ clang-trunk -m32 -O0 small.c; a.out
$ clang-trunk -m64 -O1 small.c; a.out
$ clang-3.4 -m32 -O1 small.c; a.out
$
$ clang-trunk -m32 -O1 small.c
# In Register Scavenger
# Machine code for function fn1: Post SSA
Frame Objects:
fi#0: size=4, align=4, at location [SP-20]
fi#1: size=4, align=4, at location [SP-24]
fi#2: size=4, align=4, at location [SP-28]
fi#3: size=4, align=4, at location [SP-32]
fi#4: size=4, align=4, at location [SP-36]
fi#5: size=4, align=4, at location [SP-40]
fi#6: size=1, align=1, at location [SP-41]
fi#7: size=4, align=4, at location [SP-4]
fi#8: size=4, align=4, at location [SP-8]
fi#9: size=4, align=4, at location [SP-12]
fi#10: size=4, align=4, at location [SP-16]
Function Live Ins: %ECX in %vreg6
BB#0: derived from LLVM BB %entry
Live Ins: %ECX %EBP %EBX %EDI %ESI
PUSH32r %EBP<kill>, %ESP<imp-def>, %ESP<imp-use>; flags: FrameSetup
PUSH32r %EBX<kill>, %ESP<imp-def>, %ESP<imp-use>; flags: FrameSetup
PUSH32r %EDI<kill>, %ESP<imp-def>, %ESP<imp-use>; flags: FrameSetup
PUSH32r %ESI<kill>, %ESP<imp-def>, %ESP<imp-use>; flags: FrameSetup
%ESP<def,tied1> = SUB32ri8 %ESP<tied0>, 28, %EFLAGS<imp-def,dead>; flags:
FrameSetup
%EAX<def> = COPY %ECX
%ECX<def> = MOV32rm %noreg, 1, %noreg, <ga:@a+34>, %noreg; mem:LD4[bitcast
([9 x i8]* getelementptr inbounds (%struct.anon* @a, i32 0, i32 1, i32 0, i32
1) to i72*)](align=1)
%EDX<def> = MOV32rm %noreg, 1, %noreg, <ga:@a+38>, %noreg; mem:LD4[bitcast
([9 x i8]* getelementptr inbounds (%struct.anon* @a, i32 0, i32 1, i32 0, i32
1) to i72*)+4](align=1)
%ECX<def,tied1> = SHRD32rri8 %ECX<kill,tied0>, %EDX, 5,
%EFLAGS<imp-def,dead>
%EDX<def,tied1> = SHR32ri %EDX<kill,tied0>, 5, %EFLAGS<imp-def,dead>
%EDX<def> = MOVSX32rr8 %DL, %EDX<imp-use,kill>
%ECX<def,tied1> = SHR32ri %ECX<kill,tied0>, 23, %EFLAGS<imp-def,dead>
%EDX<def,tied1> = SHL32ri %EDX<kill,tied0>, 9, %EFLAGS<imp-def,dead>
%EDI<def> = COPY %ECX
%EDI<def,tied1> = OR32rr %EDI<kill,tied0>, %EDX, %EFLAGS<imp-def,dead>
%EBX<def> = MOVZX32rm8 %noreg, 1, %noreg, <ga:@b+12>, %noreg;
mem:LD1[bitcast ([9 x i8]* getelementptr inbounds (%struct.S3* @b, i32 0, i32
0, i32 1) to i72*)+8]
%EBP<def> = COPY %EDI
%EBP<def,tied1> = SHL32ri %EBP<kill,tied0>, 13, %EFLAGS<imp-def,dead>
%EDI<def,tied1> = SHR32ri %EDI<kill,tied0>, 19, %EFLAGS<imp-def,dead>
%EDI<def,tied1> = AND32ri8 %EDI<kill,tied0>, 7, %EFLAGS<imp-def,dead>
%ESI<def> = MOV32ri 8191
%EBX<def,tied1> = AND32ri %EBX<kill,tied0>, 248, %EFLAGS<imp-def,dead>
%EBX<def,tied1> = ADD32rr_DB %EBX<kill,tied0>, %EDI<kill>,
%EFLAGS<imp-def,dead>
%EDI<def> = MOV32rm %noreg, 1, %noreg, <ga:@b+8>, %noreg; mem:LD4[bitcast
([9 x i8]* getelementptr inbounds (%struct.S3* @b, i32 0, i32 0, i32 1) to
i72*)+4](align=1)
%EDI<def,tied1> = AND32rr %EDI<kill,tied0>, %ESI<kill>,
%EFLAGS<imp-def,dead>
%EDI<def,tied1> = ADD32rr_DB %EDI<kill,tied0>, %EBP<kill>,
%EFLAGS<imp-def,dead>
%EDX<def,dead,tied1> = OR32rr %EDX<kill,tied0>, %ECX<kill>,
%EFLAGS<imp-def>
%ECX<def> = MOV32rm %noreg, 1, %noreg, <ga:@b+4>, %noreg; mem:LD4[bitcast
([9 x i8]* getelementptr inbounds (%struct.S3* @b, i32 0, i32 0, i32 1) to
i72*)](align=1)
MOV32mr %noreg, 1, %noreg, <ga:@b+4>, %noreg, %ECX<kill>; mem:ST4[bitcast
([9 x i8]* getelementptr inbounds (%struct.S3* @b, i32 0, i32 0, i32 1) to
i72*)](align=1)
MOV32mr %noreg, 1, %noreg, <ga:@b+8>, %noreg, %EDI<kill>; mem:ST4[bitcast
([9 x i8]* getelementptr inbounds (%struct.S3* @b, i32 0, i32 0, i32 1) to
i72*)+4](align=1)
MOV8mr %noreg, 1, %noreg, <ga:@b+12>, %noreg, %BL, %EBX<imp-use,kill>;
mem:ST1[bitcast ([9 x i8]* getelementptr inbounds (%struct.S3* @b, i32 0, i32
0, i32 1) to i72*)+8]
JE_4 <BB#2>, %EFLAGS<imp-use>
Successors according to CFG: BB#2(12) BB#1(20)
BB#1: derived from LLVM BB %if.then
Live Ins: %EAX
Predecessors according to CFG: BB#0
%CX<def> = MOV16rm %noreg, 1, %noreg, <ga:@c+28>, %noreg; mem:LD2[bitcast
(%struct.S3* @c to i8*)+28](align=1)
MOV16mr %EAX, 1, %noreg, 28, %noreg, %CX<kill>; mem:ST2[%0+28](align=1)
%ECX<def> = MOV32rm %noreg, 1, %noreg, <ga:@c+24>, %noreg; mem:LD4[bitcast
(%struct.S3* @c to i8*)+24](align=1)
MOV32mr %EAX, 1, %noreg, 24, %noreg, %ECX<kill>; mem:ST4[%0+24](align=1)
%XMM0<def> = MOVSDrm %noreg, 1, %noreg, <ga:@c+16>, %noreg; mem:LD8[bitcast
(%struct.S3* @c to i8*)+16](align=1)
MOVSDmr %EAX, 1, %noreg, 16, %noreg, %XMM0<kill>; mem:ST8[%0+16](align=1)
%XMM0<def> = MOVSDrm %noreg, 1, %noreg, <ga:@c+8>, %noreg; mem:LD8[bitcast
(%struct.S3* @c to i8*)+8](align=1)
MOVSDmr %EAX, 1, %noreg, 8, %noreg, %XMM0<kill>; mem:ST8[%0+8](align=1)
%XMM0<def> = MOVSDrm %noreg, 1, %noreg, <ga:@c>, %noreg; mem:LD8[bitcast
(%struct.S3* @c to i8*)](align=1)
Successors according to CFG: BB#3
BB#3: derived from LLVM BB %if.then
Live Ins: %AH %AL %AX %EAX %XMM0
Predecessors according to CFG: BB#1 BB#2
MOVSDmr %EAX<kill>, 1, %noreg, 0, %noreg, %XMM0<kill>; mem:ST8[%0](align=1)
%ESP<def,tied1> = ADD32ri8 %ESP<tied0>, 28, %EFLAGS<imp-def,dead>
%ESI<def> = POP32r %ESP<imp-def>, %ESP<imp-use>
%EDI<def> = POP32r %ESP<imp-def>, %ESP<imp-use>
%EBX<def> = POP32r %ESP<imp-def>, %ESP<imp-use>
%EBP<def> = POP32r %ESP<imp-def>, %ESP<imp-use>
RETL
BB#2: derived from LLVM BB %if.end
Live Ins: %EAX
Predecessors according to CFG: BB#0
%EDX<def> = MOV32ri 45
%EDI<def> = MOV32rm %noreg, 1, %noreg, <ga:@a+8>, %noreg; mem:LD4[bitcast
([9 x i8]* getelementptr inbounds (%struct.anon* @a, i32 0, i32 0, i32 0, i32
1) to i72*)+4](align=1)
MOV32mr %ESP, 1, %noreg, 16, %noreg, %EDI; mem:ST4[FixedStack2]
%ESI<def> = MOVZX32rm8 %noreg, 1, %noreg, <ga:@a+12>, %noreg;
mem:LD1[bitcast ([9 x i8]* getelementptr inbounds (%struct.anon* @a, i32 0, i32
0, i32 0, i32 1) to i72*)+8]
MOV32mr %ESP, 1, %noreg, 12, %noreg, %ESI; mem:ST4[FixedStack3]
%CH<def> = MOV8ri 64
%CH<def,tied1> = SUB8rr %CH<kill,tied0>, %DL, %EFLAGS<imp-def,dead>,
%EDX<imp-use,kill>
MOV8mr %ESP, 1, %noreg, 3, %noreg, %CH; mem:ST1[FixedStack6]
%EBX<def> = COPY %ESI
%CL<def> = COPY %CH
%EBX<def,tied1> = SHL32rCL %EBX<kill,tied0>, %EFLAGS<imp-def,dead>,
%CL<imp-use>
%ECX<def,dead> = MOV32ri 45, %CL<imp-def>
%EBP<def> = MOV32rm %noreg, 1, %noreg, <ga:@a+4>, %noreg; mem:LD4[bitcast
([9 x i8]* getelementptr inbounds (%struct.anon* @a, i32 0, i32 0, i32 0, i32
1) to i72*)](align=1)
MOV32mr %ESP, 1, %noreg, 20, %noreg, %EBP; mem:ST4[FixedStack1]
%EDX<def> = MOV32r0 %EFLAGS<imp-def,dead>
TEST8ri %CH<kill>, 32, %EFLAGS<imp-def>
%EBX<def,tied1> = CMOVNE32rr %EBX<kill,tied0>, %EDX<kill>, %EFLAGS<imp-use>
%EBP<def,tied1> = SHRD32rrCL %EBP<kill,tied0>, %EDI, %EFLAGS<imp-def,dead>,
%CL<imp-use>
%ECX<def,dead> = MOV32ri 45, %CL<imp-def>
%EDI<def,tied1> = SHR32rCL %EDI<kill,tied0>, %EFLAGS<imp-def,dead>,
%CL<imp-use>
%EDX<def> = MOV32ri 45
TEST8ri %DL, 32, %EFLAGS<imp-def>, %EDX<imp-use,kill>
%EDI<def,tied1> = CMOVE32rr %EDI<kill,tied0>, %EBP<kill>, %EFLAGS<imp-use>
%EBP<def> = MOV32ri 0
%EBP<def,tied1> = CMOVNE32rr %EBP<kill,tied0>, %EBP, %EFLAGS<imp-use>
MOV32mr %ESP, 1, %noreg, 8, %noreg, %EBP<kill>; mem:ST4[FixedStack4]
%EDI<def,tied1> = OR32rr %EDI<kill,tied0>, %EBX<kill>,
%EFLAGS<imp-def,dead>
%EBX<def> = MOV32ri 45
%EBP<def> = COPY %ESI<kill>
%BL<def,tied1> = ADD8ri %BL<tied0>, -64, %EFLAGS<imp-def,dead>,
%EBX<imp-use,kill>, %EBX<imp-def>
%CL<def> = COPY %BL
%EDX<def> = MOV32r0 %EFLAGS<imp-def,dead>
%EBP<def,tied1> = SHRD32rrCL %EBP<kill,tied0>, %EDX, %EFLAGS<imp-def,dead>,
%CL<imp-use>
%ECX<def> = MOV32ri 45
%ESI<def> = MOVZX32rr8 %CL, %ECX<imp-use,kill>
MOV32mr %ESP, 1, %noreg, 24, %noreg, %ESI; mem:ST4[FixedStack0]
TEST8ri %BL, 32, %EFLAGS<imp-def>
%EBP<def,tied1> = CMOVNE32rr %EBP<kill,tied0>, %EDX<kill>, %EFLAGS<imp-use>
CMP32ri8 %ESI<kill>, 64, %EFLAGS<imp-def>
%EBP<def,tied1> = CMOVB32rr %EBP<kill,tied0>, %EDI<kill>, %EFLAGS<imp-use>
%ECX<def,dead> = MOV32ri 45, %CL<imp-def>
%EBP<def,tied1> = AND32rm %EBP<kill,tied0>, %noreg, 1, %noreg, <ga:@d>,
%noreg, %EFLAGS<imp-def,dead>; mem:LD4[getelementptr inbounds (%struct.anon.0*
@d, i32 0, i32 0)](align=1)(tbaa=<badref>)
%EBP<def,tied1> = AND32ri %EBP<kill,tied0>, 4194303, %EFLAGS<imp-def,dead>
%EDI<def> = COPY %EBP
%EDI<def,tied1> = SHL32rCL %EDI<kill,tied0>, %EFLAGS<imp-def,dead>,
%CL<imp-use>
%ECX<def,dead> = MOV32ri 45, %CL<imp-def>
MOV32mr %ESP, 1, %noreg, 4, %noreg, %EAX<kill>; mem:ST4[FixedStack5]
%EAX<def> = MOV32ri 8191
%ESI<def> = COPY %EDI
%EDX<def> = MOV32ri 45
TEST8ri %DL, 32, %EFLAGS<imp-def>, %EDX<imp-use,kill>
%EDX<def> = MOV32ri 0
%ESI<def,tied1> = CMOVNE32rr %ESI<kill,tied0>, %EDX<kill>, %EFLAGS<imp-use>
%EDX<def> = MOV32r0 %EFLAGS<imp-def,dead>
%EDX<def,tied1> = SHLD32rrCL %EDX<kill,tied0>, %EBP, %EFLAGS<imp-def,dead>,
%CL<imp-use>
%ECX<def> = MOV32ri 45
TEST8ri %CL, 32, %EFLAGS<imp-def>, %ECX<imp-use,kill>
%EDX<def,tied1> = CMOVNE32rr %EDX<kill,tied0>, %EDI<kill>, %EFLAGS<imp-use>
%EDI<def> = COPY %EBP
CMP32mi8 %ESP, 1, %noreg, 24, %noreg, 64, %EFLAGS<imp-def>;
mem:LD4[FixedStack0]
%ECX<def> = MOV32ri 0
%ESI<def,tied1> = CMOVAE32rr %ESI<kill,tied0>, %ECX<kill>, %EFLAGS<imp-use>
%CL<def> = COPY %BL
%EDI<def,tied1> = SHL32rCL %EDI<kill,tied0>, %EFLAGS<imp-def,dead>,
%CL<imp-use>
TEST8ri %BL, 32, %EFLAGS<imp-def>, %EBX<imp-use,kill>
%EBX<def> = MOV32ri 0
%EDI<def,tied1> = CMOVNE32rr %EDI<kill,tied0>, %EBX<kill>, %EFLAGS<imp-use>
%EBX<def> = MOV32r0 %EFLAGS<imp-def,dead>
%CL<def> = MOV8rm %ESP, 1, %noreg, 3, %noreg; mem:LD1[FixedStack6]
%EBP<def,tied1> = SHRD32rrCL %EBP<kill,tied0>, %EBX<kill>,
%EFLAGS<imp-def,dead>, %CL<imp-use>
TEST8ri %CL<kill>, 32, %EFLAGS<imp-def>
%ECX<def> = MOV32ri 0
%EBP<def,tied1> = CMOVNE32rr %EBP<kill,tied0>, %ECX, %EFLAGS<imp-use>
%EBP<def,tied1> = OR32rm %EBP<kill,tied0>, %ESP, 1, %noreg, 8, %noreg,
%EFLAGS<imp-def,dead>; mem:LD4[FixedStack4]
CMP32mi8 %ESP, 1, %noreg, 24, %noreg, 64, %EFLAGS<imp-def>;
mem:LD4[FixedStack0]
%EDX<def,tied1> = CMOVAE32rr %EDX<kill,tied0>, %ECX<kill>, %EFLAGS<imp-use>
%EBP<def,tied1> = CMOVAE32rr %EBP<kill,tied0>, %EDI<kill>, %EFLAGS<imp-use>
%ECX<def> = MOV32ri -1
%ECX<def,tied1> = AND32rm %ECX<kill,tied0>, %ESP, 1, %noreg, 20, %noreg,
%EFLAGS<imp-def,dead>; mem:LD4[FixedStack1]
%EAX<def,tied1> = AND32rm %EAX<kill,tied0>, %ESP, 1, %noreg, 16, %noreg,
%EFLAGS<imp-def,dead>; mem:LD4[FixedStack2]
%EBX<def> = MOV32ri 248
%EBX<def,tied1> = AND32rm %EBX<kill,tied0>, %ESP, 1, %noreg, 12, %noreg,
%EFLAGS<imp-def,dead>; mem:LD4[FixedStack3]
%EBX<def,tied1> = OR32rr %EBX<kill,tied0>, %EBP<kill>,
%EFLAGS<imp-def,dead>
%EAX<def,tied1> = OR32rr %EAX<kill,tied0>, %EDX<kill>,
%EFLAGS<imp-def,dead>
%ECX<def,tied1> = OR32rr %ECX<kill,tied0>, %ESI<kill>,
%EFLAGS<imp-def,dead>
MOV32mr %noreg, 1, %noreg, <ga:@a+8>, %noreg, %EAX<kill>; mem:ST4[bitcast
([9 x i8]* getelementptr inbounds (%struct.anon* @a, i32 0, i32 0, i32 0, i32
1) to i72*)+4](align=1)
MOV32mr %noreg, 1, %noreg, <ga:@a+4>, %noreg, %ECX<kill>; mem:ST4[bitcast
([9 x i8]* getelementptr inbounds (%struct.anon* @a, i32 0, i32 0, i32 0, i32
1) to i72*)](align=1)
MOV8mr %noreg, 1, %noreg, <ga:@a+12>, %noreg, %BL, %EBX<imp-use,kill>;
mem:ST1[bitcast ([9 x i8]* getelementptr inbounds (%struct.anon* @a, i32 0, i32
0, i32 0, i32 1) to i72*)+8]
%CX<def> = MOV16rm %noreg, 1, %noreg, <ga:@b+28>, %noreg; mem:LD2[bitcast
(%struct.S3* @b to i8*)+28](align=1)
%EAX<def> = MOV32rm %ESP, 1, %noreg, 4, %noreg; mem:LD4[FixedStack5]
MOV16mr %EAX, 1, %noreg, 28, %noreg, %CX<kill>; mem:ST2[%4+28](align=1)
%ECX<def> = MOV32rm %noreg, 1, %noreg, <ga:@b+24>, %noreg; mem:LD4[bitcast
(%struct.S3* @b to i8*)+24](align=1)
MOV32mr %EAX, 1, %noreg, 24, %noreg, %ECX<kill>; mem:ST4[%4+24](align=1)
%XMM0<def> = MOVSDrm %noreg, 1, %noreg, <ga:@b+16>, %noreg; mem:LD8[bitcast
(%struct.S3* @b to i8*)+16](align=1)
MOVSDmr %EAX, 1, %noreg, 16, %noreg, %XMM0<kill>; mem:ST8[%4+16](align=1)
%XMM0<def> = MOVSDrm %noreg, 1, %noreg, <ga:@b+8>, %noreg; mem:LD8[bitcast
(%struct.S3* @b to i8*)+8](align=1)
MOVSDmr %EAX, 1, %noreg, 8, %noreg, %XMM0<kill>; mem:ST8[%4+8](align=1)
%XMM0<def> = MOVSDrm %noreg, 1, %noreg, <ga:@b>, %noreg; mem:LD8[bitcast
(%struct.S3* @b to i8*)](align=1)
JMP_4 <BB#3>
Successors according to CFG: BB#3
# End machine code for function fn1.
*** Bad machine code: Using an undefined physical register ***
- function: fn1
- basic block: BB#2 if.end (0x35ee720)
- instruction: TEST8ri %CH<kill>, 32, %EFLAGS<imp-def>
- operand 0: %CH<kill>
fatal error: error in backend: Found 1 machine code errors.
clang: error: clang frontend command failed with exit code 70 (use -v to see
invocation)
clang version 3.5 (trunk 200793)
Target: i386-unknown-linux-gnu
Thread model: posix
clang: note: diagnostic msg: PLEASE submit a bug report to
http://llvm.org/bugs/ and include the crash backtrace, preprocessed source, and
associated run script.
clang: note: diagnostic msg:
********************
PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang: note: diagnostic msg: /tmp/small-962e79.c
clang: note: diagnostic msg: /tmp/small-962e79.sh
clang: note: diagnostic msg:
********************
$
-----------------------------
#pragma pack(1)
struct S0
{
int f1;
int:4;
int:24;
int f7:17;
int f8:22;
};
struct S3
{
struct S0 f0;
int f1;
struct S0 f5;
} b, c;
struct
{
struct S3 f0;
struct S3 f3;
} a;
struct
{
int f1;
} d;
static struct S3
fn1 ()
{
if ((b.f0.f8 = a.f3.f0.f7))
return c;
a.f0.f0.f8 &= d.f1;
return b;
}
void
fn2 ()
{
fn1 ();
}
int
main ()
{
fn2 ();
return 0;
}
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20140205/29af4e5b/attachment.html>
More information about the llvm-bugs
mailing list