[llvm-bugs] [Bug 37253] New: Coalescer segfault

via llvm-bugs llvm-bugs at lists.llvm.org
Thu Apr 26 06:07:43 PDT 2018 

https://bugs.llvm.org/show_bug.cgi?id=37253

            Bug ID: 37253
           Summary: Coalescer segfault
           Product: libraries
           Version: trunk
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Register Allocator
          Assignee: unassignedbugs at nondot.org
          Reporter: bevin.hansson at ericsson.com
                CC: llvm-bugs at lists.llvm.org

Created attachment 20228
  --> https://bugs.llvm.org/attachment.cgi?id=20228&action=edit
reproducer

Running the attached IR with llc causes the following crash:

$ llc -optimize-regalloc -O0 preproc.opt.ll
Stack dump:
0.      Program arguments: build/bin/llc -optimize-regalloc -O0
./preproc.opt.ll 
1.      Running pass 'Function Pass Manager' on module './preproc.opt.ll'.
2.      Running pass 'Simple Register Coalescing' on function '@fn1'
#0 0x0000000001cc96aa llvm::sys::PrintStackTrace(llvm::raw_ostream&)
/home/ebevhan/work/master/build/../lib/Support/Unix/Signals.inc:402:0
#1 0x0000000001cc786e llvm::sys::RunSignalHandlers()
/home/ebevhan/work/master/build/../lib/Support/Signals.cpp:50:0
#2 0x0000000001cc79bc SignalHandler(int)
/home/ebevhan/work/master/build/../lib/Support/Unix/Signals.inc:242:0
#3 0x00007f308848d390 __restore_rt
(/lib/x86_64-linux-gnu/libpthread.so.0+0x11390)
#4 0x00000000015f09c3 _ZN4llvm21MCRegUnitRootIteratorC4EjPKNS_14MCRegisterInfoE
/home/ebevhan/work/master/build/../include/llvm/MC/MCRegisterInfo.h:650:0
#5 0x00000000015f09c3 joinReservedPhysReg
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:1809:0
#6 0x00000000015f09c3 joinIntervals
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:3106:0
#7 0x00000000015f09c3 joinCopy
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:1695:0
#8 0x00000000015f09c3 (anonymous
namespace)::RegisterCoalescer::copyCoalesceWorkList(llvm::MutableArrayRef<llvm::MachineInstr*>)
(.constprop.324)
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:3179:0
#9 0x00000000015f280d joinAllIntervals
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:3338:0
#10 0x00000000015f280d (anonymous
namespace)::RegisterCoalescer::runOnMachineFunction(llvm::MachineFunction&)
/home/ebevhan/work/master/build/../lib/CodeGen/RegisterCoalescer.cpp:3378:0
#11 0x0000000001515b71
llvm::MachineFunctionPass::runOnFunction(llvm::Function&)
/home/ebevhan/work/master/build/../lib/CodeGen/MachineFunctionPass.cpp:62:0
#12 0x00000000017ca652 llvm::FPPassManager::runOnFunction(llvm::Function&)
/home/ebevhan/work/master/build/../lib/IR/LegacyPassManager.cpp:1520:0
#13 0x00000000017ca703 llvm::FPPassManager::runOnModule(llvm::Module&)
/home/ebevhan/work/master/build/../lib/IR/LegacyPassManager.cpp:1541:0
#14 0x00000000017ca29f runOnModule
/home/ebevhan/work/master/build/../lib/IR/LegacyPassManager.cpp:1597:0
#15 0x00000000017ca29f llvm::legacy::PassManagerImpl::run(llvm::Module&)
/home/ebevhan/work/master/build/../lib/IR/LegacyPassManager.cpp:1700:0
#16 0x0000000000768f3b compileModule(char**, llvm::LLVMContext&)
(.constprop.409) /home/ebevhan/work/master/build/../tools/llc/llc.cpp:575:0
#17 0x00000000006dc255 main
/home/ebevhan/work/master/build/../tools/llc/llc.cpp:345:0
#18 0x00007f30871ea830 __libc_start_main
/build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:325:0
#19 0x000000000075e899 _start (build/bin/llc+0x75e899)
Segmentation fault (core dumped)

The segfault is on the specified line:

  for (MachineBasicBlock *Pred : MBB.predecessors()) {
    VNInfo *PVal = IntA.getVNInfoBefore(LIS->getMBBEndIdx(Pred));
 -> MachineInstr *DefMI = LIS->getInstructionFromIndex(PVal->def);
    if (!DefMI || !DefMI->isFullCopy()) {
      CopyLeftBB = Pred;
      continue;
    }

The cause seems to be that the coalescer has previously removed the def it is
trying to perform PRE on since it is undef:
48B    %vreg0<def> = COPY %vreg4<undef>; GR16:%vreg0,%vreg4
    Eliminating copy of <undef> value
...
64B    %vreg12<def> = COPY %vreg0<undef>; GR16:%vreg12,%vreg0
    Eliminating copy of <undef> value

So PVal is null and we get a segfault. The crash can be eliminated by checking
for null:
   MachineBasicBlock *CopyLeftBB = nullptr;
   for (MachineBasicBlock *Pred : MBB.predecessors()) {
     VNInfo *PVal = IntA.getVNInfoBefore(LIS->getMBBEndIdx(Pred));
+    if (!PVal) {
+      CopyLeftBB = Pred;
+      continue;
+    }
     MachineInstr *DefMI = LIS->getInstructionFromIndex(PVal->def);
     if (!DefMI || !DefMI->isFullCopy()) {
       CopyLeftBB = Pred;

but I'm unsure if this is the correct solution or simply patching a symptom.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20180426/71117669/attachment.html>

More information about the llvm-bugs mailing list