[llvm] r245588 - Fix a debug location handling bug in GVN.

Adrian Prantl via llvm-commits llvm-commits at lists.llvm.org
Thu Aug 20 14:01:59 PDT 2015 

> On Aug 20, 2015, at 12:27 PM, David Blaikie <dblaikie at gmail.com> wrote:
> 
> 
> 
> On Thu, Aug 20, 2015 at 11:40 AM, Adrian Prantl <aprantl at apple.com> wrote:
> 
>> On Aug 20, 2015, at 11:34 AM, David Blaikie <dblaikie at gmail.com> wrote:
>> 
>> 
>> 
>> On Thu, Aug 20, 2015 at 11:23 AM, Adrian Prantl via llvm-commits <llvm-commits at lists.llvm.org> wrote:
>> Author: adrian
>> Date: Thu Aug 20 13:23:56 2015
>> New Revision: 245588
>> 
>> URL: http://llvm.org/viewvc/llvm-project?rev=245588&view=rev
>> Log:
>> Fix a debug location handling bug in GVN.
>> Caught by the famous "DebugLoc describes the currect SubProgram" assertion.
>> 
>> Huzzah! \o/ ;) (sorry, I know they're a pain to track down, but it's a great way to find debug info quality bugs that would produce really shitty debug info if it weren't for this assertion)
> 
> Oh yes.
> 
>>  
>> When GVN is removing a nonlocal load it updates the debug location of the
>> SSA value it replaced the load with with the one of the load.
>> 
>> I guess I'm not quite following here (knowing next to nothing about GVN) - could you explain this in more detail? What transformation is GVN performing on a call?
> 
> GVN is eliminating the load (and store) to @f and replaces all uses of the load with the value that is stored in @f, which is %call. It then used to transfer the DebugLoc of the load to the value it’s replacing it with (in this case %call). This triggers the assertion because %call happens to be, well, a call.
> 
>>  
>> In the
>> testcase this actually overwrites a valid debug location with an empty one.
>> 
>> In reality GVN has to make an arbitrary choice between two equally valid
>> debug locations. This patch changes to behavior to only update the
>> location if the value doesn't already have a debug location.
>> 
>> Added:
>>     llvm/trunk/test/DebugInfo/gvn.ll
>> Modified:
>>     llvm/trunk/lib/Transforms/Scalar/GVN.cpp
>> 
>> Modified: llvm/trunk/lib/Transforms/Scalar/GVN.cpp
>> URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Transforms/Scalar/GVN.cpp?rev=245588&r1=245587&r2=245588&view=diff
>> ==============================================================================
>> --- llvm/trunk/lib/Transforms/Scalar/GVN.cpp (original)
>> +++ llvm/trunk/lib/Transforms/Scalar/GVN.cpp Thu Aug 20 13:23:56 2015
>> @@ -1744,7 +1744,8 @@ bool GVN::processNonLocalLoad(LoadInst *
>>      if (isa<PHINode>(V))
>>        V->takeName(LI);
>>      if (Instruction *I = dyn_cast<Instruction>(V))
>> -      I->setDebugLoc(LI->getDebugLoc());
>> +      if (LI->getDebugLoc())
>> +        I->setDebugLoc(LI->getDebugLoc());
>>      if (V->getType()->getScalarType()->isPointerTy())
>>        MD->invalidateCachedPointerInfo(V);
>>      markInstructionForDeletion(LI);
>> 
>> Added: llvm/trunk/test/DebugInfo/gvn.ll
>> URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/DebugInfo/gvn.ll?rev=245588&view=auto
>> ==============================================================================
>> --- llvm/trunk/test/DebugInfo/gvn.ll (added)
>> +++ llvm/trunk/test/DebugInfo/gvn.ll Thu Aug 20 13:23:56 2015
>> @@ -0,0 +1,135 @@
>> +; RUN: opt < %s -O2 -gvn -S | FileCheck %s
>> +;
>> +; Produced at -O2 from:
>> 
>> Do you have the original reproduction -cc1 line, by chance? I'd be curious to see if this test case can be simplified a bit further to make the interesting part(s) more obvious.
> 
> Testcase-golfing! :-)
> 
> It’s very hard to reduce it any more from source, because it needs this specific chain of simplify-cfg and gvn:
>   clang -cc1 -triple arm64-apple-ios -emit-llvm -gdwarf-2 -O2 file.c -o -
> 
> Hmm, can't seem to reproduce it with this (& I don't mind just the full command line that crashes clang - rather than having to take it from clang to opt, etc, if you have that) - any ideas? (I'm trying to reproduce at r245521, FWIW)

This is the setup I used for delta/creduce:

$ cat test.sh
set -e
clang-3.8 -cc1 -triple arm64-apple-ios -emit-llvm -main-file-name action.c -gdwarf-2 -O2 -x c action.i -o action.ll &>/dev/null
FileCheck test.sh <action.ll
echo SUCCESS
# CHECK: tail call i32 @pid_for_task({{.*\)[^,]+$}}

$ cat action.i
struct context {
  int cur_pid
};
int a, b, c, f, d;
int pid_for_task(int);
sample(struct context *p1)
{
  if (c)
    b = a;
  if (a && p1->cur_pid)
    sample_internal();
}
callback() {
  f = pid_for_task(d);
  sample(&f);
}

I noticed that when running the test through opt running through opt -gvn alone did not reproduce the error, but running through opt -O2 -gvn did, although none of the passes running before gvn (or after) changed the IR, so it is possible that there is nondeterminism involved.
I also tried to add an assertion into GVN and running bugpoint on the IR, but it failed to reduce the testcase any further.

-- adrian
>  
> 
> -- adrian
> 
>> +; struct context {
>> +;   int cur_pid
>> +; };
>> +; int a, b, c, f, d;
>> +; int pid_for_task(int);
>> +; sample(struct context *p1)
>> +; {
>> +;   if (c)
>> +;     b = a;
>> +;   if (a && p1->cur_pid)
>> +;     sample_internal();
>> +; }
>> +; callback() {
>> +;   f = pid_for_task(d);
>> +;   sample(&f);
>> +; }
>> +
>> +target datalayout = "e-m:o-i64:64-i128:128-n32:64-S128"
>> +target triple = "arm64-apple-ios"
>> +
>> +%struct.context = type { i32 }
>> +
>> + at c = common global i32 0, align 4
>> + at a = common global i32 0, align 4
>> + at b = common global i32 0, align 4
>> + at d = common global i32 0, align 4
>> + at f = common global i32 0, align 4
>> +
>> +; Function Attrs: nounwind
>> +declare i32 @sample_internal(...)
>> +
>> +; Function Attrs: nounwind
>> +define i32 @callback() #0 {
>> +entry:
>> +  %0 = load i32, i32* @d, align 4, !dbg !37
>> +
>> +  ; Verify that the call still has a debug location after GVN.
>> +  ; CHECK: %call = tail call i32 @pid_for_task(i32 %0) #{{[0-9]}}, !dbg
>> +  %call = tail call i32 @pid_for_task(i32 %0) #3, !dbg !37
>> +
>> +  store i32 %call, i32* @f, align 4, !dbg !37
>> +  tail call void @llvm.dbg.value(metadata %struct.context* bitcast (i32* @f to %struct.context*), i64 0, metadata !25, metadata !26) #3, !dbg !38
>> +  %1 = load i32, i32* @c, align 4, !dbg !40
>> +  %tobool.i = icmp eq i32 %1, 0, !dbg !40
>> +  %.pr.i = load i32, i32* @a, align 4, !dbg !41
>> +  br i1 %tobool.i, label %if.end.i, label %if.then.i, !dbg !42
>> +
>> +if.then.i:                                        ; preds = %entry
>> +  store i32 %.pr.i, i32* @b, align 4, !dbg !43
>> +  br label %if.end.i, !dbg !43
>> +
>> +if.end.i:                                         ; preds = %if.then.i, %entry
>> +  %tobool1.i = icmp eq i32 %.pr.i, 0, !dbg !41
>> +
>> +  ; This instruction has no debug location -- in this
>> +  ; particular case it was removed by a bug in SimplifyCFG.
>> +  %2 = load i32, i32* @f, align 4
>> +
>> +  ; GVN is supposed to replace the load of @f with a direct reference to %call.
>> +  ; CHECK: %tobool2.i = icmp eq i32 %call, 0, !dbg
>> +  %tobool2.i = icmp eq i32 %2, 0, !dbg !41
>> +
>> +  %or.cond = or i1 %tobool1.i, %tobool2.i, !dbg !41
>> +  br i1 %or.cond, label %sample.exit, label %if.then.3.i, !dbg !41
>> +
>> +if.then.3.i:                                      ; preds = %if.end.i
>> +  %call.i = tail call i32 bitcast (i32 (...)* @sample_internal to i32 ()*)() #3, !dbg !44
>> +  br label %sample.exit, !dbg !44
>> +
>> +sample.exit:                                      ; preds = %if.end.i, %if.then.3.i
>> +  ret i32 undef, !dbg !45
>> +}
>> +
>> +declare i32 @pid_for_task(i32) #1
>> +
>> +; Function Attrs: nounwind readnone
>> +declare void @llvm.dbg.value(metadata, i64, metadata, metadata) #2
>> +
>> +attributes #0 = { nounwind }
>> +attributes #2 = { nounwind readnone }
>> +attributes #3 = { nounwind }
>> +
>> +!llvm.dbg.cu = !{!0}
>> +!llvm.module.flags = !{!22, !23}
>> +!llvm.ident = !{!24}
>> +
>> +!0 = distinct !DICompileUnit(language: DW_LANG_C99, file: !1, producer: "clang version 3.8.0 (trunk 244473) (llvm/trunk 244644)", isOptimized: false, runtimeVersion: 0, emissionKind: 1, enums: !2, subprograms: !3, globals: !16)
>> +!1 = !DIFile(filename: "test.c", directory: "/")
>> +!2 = !{}
>> +!3 = !{!4, !13}
>> +!4 = !DISubprogram(name: "sample", scope: !5, file: !5, line: 6, type: !6, isLocal: false, isDefinition: true, scopeLine: 7, flags: DIFlagPrototyped, isOptimized: false, variables: !2)
>> +!5 = !DIFile(filename: "test.i", directory: "/")
>> +!6 = !DISubroutineType(types: !7)
>> +!7 = !{!8, !9}
>> +!8 = !DIBasicType(name: "int", size: 32, align: 32, encoding: DW_ATE_signed)
>> +!9 = !DIDerivedType(tag: DW_TAG_pointer_type, baseType: !10, size: 64, align: 64)
>> +!10 = !DICompositeType(tag: DW_TAG_structure_type, name: "context", file: !5, line: 1, size: 32, align: 32, elements: !11)
>> +!11 = !{!12}
>> +!12 = !DIDerivedType(tag: DW_TAG_member, name: "cur_pid", scope: !10, file: !5, line: 2, baseType: !8, size: 32, align: 32)
>> +!13 = !DISubprogram(name: "callback", scope: !5, file: !5, line: 13, type: !14, isLocal: false, isDefinition: true, scopeLine: 13, isOptimized: false, function: i32 ()* @callback, variables: !2)
>> +!14 = !DISubroutineType(types: !15)
>> +!15 = !{!8}
>> +!16 = !{!17, !18, !19, !20, !21}
>> +!17 = !DIGlobalVariable(name: "a", scope: !0, file: !5, line: 4, type: !8, isLocal: false, isDefinition: true, variable: i32* @a)
>> +!18 = !DIGlobalVariable(name: "b", scope: !0, file: !5, line: 4, type: !8, isLocal: false, isDefinition: true, variable: i32* @b)
>> +!19 = !DIGlobalVariable(name: "c", scope: !0, file: !5, line: 4, type: !8, isLocal: false, isDefinition: true, variable: i32* @c)
>> +!20 = !DIGlobalVariable(name: "f", scope: !0, file: !5, line: 4, type: !8, isLocal: false, isDefinition: true, variable: i32* @f)
>> +!21 = !DIGlobalVariable(name: "d", scope: !0, file: !5, line: 4, type: !8, isLocal: false, isDefinition: true, variable: i32* @d)
>> +!22 = !{i32 2, !"Dwarf Version", i32 2}
>> +!23 = !{i32 2, !"Debug Info Version", i32 3}
>> +!24 = !{!"clang version 3.8.0 (trunk 244473) (llvm/trunk 244644)"}
>> +!25 = !DILocalVariable(name: "p1", arg: 1, scope: !4, file: !5, line: 6, type: !9)
>> +!26 = !DIExpression()
>> +!27 = !DILocation(line: 6, scope: !4)
>> +!28 = !DILocation(line: 8, scope: !29)
>> +!29 = distinct !DILexicalBlock(scope: !4, file: !5, line: 8)
>> +!30 = !DILocation(line: 10, scope: !31)
>> +!31 = distinct !DILexicalBlock(scope: !4, file: !5, line: 10)
>> +!32 = !DILocation(line: 8, scope: !4)
>> +!33 = !DILocation(line: 9, scope: !29)
>> +!34 = !DILocation(line: 10, scope: !4)
>> +!35 = !DILocation(line: 11, scope: !31)
>> +!36 = !DILocation(line: 12, scope: !4)
>> +!37 = !DILocation(line: 14, scope: !13)
>> +!38 = !DILocation(line: 6, scope: !4, inlinedAt: !39)
>> +!39 = distinct !DILocation(line: 15, scope: !13)
>> +!40 = !DILocation(line: 8, scope: !29, inlinedAt: !39)
>> +!41 = !DILocation(line: 10, scope: !31, inlinedAt: !39)
>> +!42 = !DILocation(line: 8, scope: !4, inlinedAt: !39)
>> +!43 = !DILocation(line: 9, scope: !29, inlinedAt: !39)
>> +!44 = !DILocation(line: 11, scope: !31, inlinedAt: !39)
>> +!45 = !DILocation(line: 16, scope: !13)
>> 
>> 
>> _______________________________________________
>> llvm-commits mailing list
>> llvm-commits at lists.llvm.org
>> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits

More information about the llvm-commits mailing list