search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
28.62k stars 11.83k forks source link

Crash in coalescer #5782

Closed asl closed 14 years ago

asl commented 14 years ago
Bugzilla Link 5410
Resolution FIXED
Resolved on Nov 13, 2009 14:38
Version trunk
OS Linux
Attachments Original bytecode, Bugpoint reduction
CC @stoklund

Extended Description

Consider the attached bytecode (both original & bugpoint-reduced). Running llc yields a crash in coalescer:

$ ./llc -mcpu=cortex-a8 bugpoint-reduced-simplified.bc 0 llc 0x0000000000cb28d6 1 llc 0x0000000000cb2e72 2 libpthread.so.0 0x00007f0e3041b6f0 3 llc 0x0000000000a3306f llvm::SimpleRegisterCoalescing::JoinIntervals(llvm::LiveInterval&, llvm::LiveInterval&, bool&) + 2527 4 llc 0x0000000000a3931e llvm::SimpleRegisterCoalescing::JoinCopy(llvm::CopyRec&, bool&) + 7898 5 llc 0x0000000000a39f9a llvm::SimpleRegisterCoalescing::CopyCoalesceInMBB(llvm::MachineBasicBlock*, std::vector<llvm::CopyRec, std::allocator >&) + 1142 6 llc 0x0000000000a3a14e llvm::SimpleRegisterCoalescing::joinIntervals() + 232 7 llc 0x0000000000a3a66f llvm::SimpleRegisterCoalescing::runOnMachineFunction(llvm::MachineFunction&) + 735 8 llc 0x00000000009b8cb5 llvm::MachineFunctionPass::runOnFunction(llvm::Function&) + 83 9 llc 0x0000000000c3595f llvm::FPPassManager::runOnFunction(llvm::Function&) + 329 10 llc 0x0000000000c375ef llvm::FunctionPassManagerImpl::run(llvm::Function&) + 111 11 llc 0x0000000000c37796 llvm::FunctionPassManager::run(llvm::Function&) + 112 12 llc 0x0000000000401ec0 main + 3064 13 libc.so.6 0x00007f0e2f744a44 __libc_start_main + 244 14 llc 0x0000000000400249 Stack dump:

  1. Program arguments: ./llc -mcpu=cortex-a8 bugpoint-reduced-simplified.bc
  2. Running pass 'Simple Register Coalescing' on function '@aaa'

valgrind is not quite as well:

$ valgrind ./llc -mcpu=cortex-a8 bugpoint-reduced-simplified.bc ==19537== Memcheck, a memory error detector. ==19537== Copyright (C) 2002-2008, and GNU GPL'd, by Julian Seward et al. ==19537== Using LibVEX rev 1884, a library for dynamic binary translation. ==19537== Copyright (C) 2004-2008, and GNU GPL'd, by OpenWorks LLP. ==19537== Using valgrind-3.4.1, a dynamic binary instrumentation framework. ==19537== Copyright (C) 2000-2008, and GNU GPL'd, by Julian Seward et al. ==19537== For more details, rerun with: -v ==19537== ==19537== Invalid read of size 8 ==19537== at 0xA3306F: llvm::SimpleRegisterCoalescing::JoinIntervals(llvm::LiveInterval&, llvm::LiveInterval&, bool&) (SimpleRegisterCoalescing.cpp:2233) ==19537== by 0xA3931D: llvm::SimpleRegisterCoalescing::JoinCopy(llvm::CopyRec&, bool&) (SimpleRegisterCoalescing.cpp:1652) ==19537== by 0xA39F99: llvm::SimpleRegisterCoalescing::CopyCoalesceInMBB(llvm::MachineBasicBlock*, std::vector<llvm::CopyRec, std::allocator >&) (SimpleRegisterCoalescing.cpp:2427) ==19537== by 0xA3A14D: llvm::SimpleRegisterCoalescing::joinIntervals() (SimpleRegisterCoalescing.cpp:2448) ==19537== by 0xA3A66E: llvm::SimpleRegisterCoalescing::runOnMachineFunction(llvm::MachineFunction&) (SimpleRegisterCoalescing.cpp:2717) ==19537== by 0x9B8CB4: llvm::MachineFunctionPass::runOnFunction(llvm::Function&) (MachineFunctionPass.cpp:27) ==19537== by 0xC3595E: llvm::FPPassManager::runOnFunction(llvm::Function&) (PassManager.cpp:1330) ==19537== by 0xC375EE: llvm::FunctionPassManagerImpl::run(llvm::Function&) (PassManager.cpp:1282) ==19537== by 0xC37795: llvm::FunctionPassManager::run(llvm::Function&) (PassManager.cpp:1212) ==19537== by 0x401EBF: main (llc.cpp:392) ==19537== Address 0x10 is not stack'd, malloc'd or (recently) free'd

llvmbot commented 14 years ago

Fixed. http://lists.cs.uiuc.edu/pipermail/llvm-commits/Week-of-Mon-20091109/091071.html

llvmbot commented 14 years ago

Testing a fix.

llvmbot commented 14 years ago

It's a livevariables bug:

    BL <ga:@bbb>, %R0<kill>, %R1<kill>, %R2<kill>, %R0<imp-def,dead>, %R1<imp-def,dead>, %R2<imp-def,dead>, %R3<imp-def,dead>, %R12<imp-def,dead>, %LR<imp-def,dead>, %D0<imp-def,dead>, %D1<imp-def,\

dead>, %D2<imp-def,dead>, %D3<imp-def,dead>, %D4<imp-def,dead>, %D5<imp-def,dead>, %D6<imp-def,dead>, %D7<imp-def,dead>, %D16<imp-def,dead>, %D17<imp-def,dead>, %D18<imp-def,dead>, %D19<imp-def,dead>, \ %D20<imp-def,dead>, %D21<imp-def,dead>, %D22<imp-def,dead>, %D23<imp-def,dead>, %D24<imp-def,dead>, %D25<imp-def,dead>, %D26<imp-def,dead>, %D27<imp-def,dead>, %D28<imp-def,dead>, %D29<imp-def,dead>, %\ D30<imp-def,dead>, %D31<imp-def,dead>, %CPSR<imp-def,dead>, %FPSCR<imp-def,dead>, %S1, %S2, %S3 ADJCALLSTACKUP 0, 0, 14, %reg0, %SP, %SP %reg1423 = VMOVS %S0, 14, %reg0

Note D0 def on the call instruction is marked dead. But its subreg S0 is used below.

1ba3d143-a64b-4671-82b2-0b31cfb91709 commented 14 years ago

It looks like getLiveRangeContaining is returning NULL.

Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000010 0x000000010096c639 in llvm::SimpleRegisterCoalescing::JoinIntervals (this=0x10251dd80, LHS=@0x10252c4d0, RHS=@0x10252bf30, Swapped=@0x7fff5fbff1c8) at /Users/jolesen/g/llvm/lib/CodeGen/SimpleRegisterCoalescing.cpp:2233 2233 RHS.getLiveRangeContaining(VNI->def.getPrevSlot())->valno; (gdb) p VNI $1 = (llvm::VNInfo *) 0x102845dd0 (gdb) bt

​0 0x000000010096c639 in llvm::SimpleRegisterCoalescing::JoinIntervals (this=0x10251dd80, LHS=@0x10252c4d0, RHS=@0x10252bf30, Swapped=@0x7fff5fbff1c8) at /Users/jolesen/g/llvm/lib/CodeGen/SimpleRegisterCoalescing.cpp:2233

​1 0x00000001009728be in llvm::SimpleRegisterCoalescing::JoinCopy (this=0x10251dd80, TheCopy=@0x10252c290, Again=@0x7fff5fbff354) at /Users/jolesen/g/llvm/lib/CodeGen/SimpleRegisterCoalescing.cpp:1652

​2 0x00000001009734cd in llvm::SimpleRegisterCoalescing::CopyCoalesceInMBB (this=0x10251dd80, MBB=0x10283f228, TryAgain=@0x7fff5fbff3d0) at /Users/jolesen/g/llvm/lib/CodeGen/SimpleRegisterCoalescing.cpp:2427

​3 0x000000010097366f in llvm::SimpleRegisterCoalescing::joinIntervals (this=0x10251dd80) at /Users/jolesen/g/llvm/lib/CodeGen/SimpleRegisterCoalescing.cpp:2448

​4 0x0000000100973b9d in llvm::SimpleRegisterCoalescing::runOnMachineFunction (this=0x10251dd80, fn=@0x102526540) at /Users/jolesen/g/llvm/lib/CodeGen/SimpleRegisterCoalescing.cpp:2717

​5 0x00000001008df459 in llvm::MachineFunctionPass::runOnFunction (this=0x10251dd80, F=@0x102510d50) at /Users/jolesen/g/llvm/lib/CodeGen/MachineFunctionPass.cpp:27

​6 0x0000000100b3b642 in llvm::FPPassManager::runOnFunction (this=0x10250f510, F=@0x102510d50) at /Users/jolesen/g/llvm/lib/VMCore/PassManager.cpp:1330

​7 0x0000000100b3d41f in llvm::FunctionPassManagerImpl::run (this=0x10250f160, F=@0x102510d50) at /Users/jolesen/g/llvm/lib/VMCore/PassManager.cpp:1282

​8 0x0000000100b3d5ce in llvm::FunctionPassManager::run (this=0x7fff5fbff820, F=@0x102510d50) at /Users/jolesen/g/llvm/lib/VMCore/PassManager.cpp:1212

​9 0x000000010002fc01 in main (argc=2, argv=0x7fff5fbff9e8) at /Users/jolesen/g/llvm/tools/llc/llc.cpp:392