search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
28.55k stars 11.8k forks source link

"llc" crash #87192

Open cpython-java opened 6 months ago

cpython-java commented 6 months ago

description

when i use 'llc' to translate an IR, crash happened. I don't know whether it's a bug of 'llc' and want to be sure about it.

thank you for your help!

ir

; ModuleID = '1360'
source_filename = "M"

@my_format_str_int = private unnamed_addr constant [4 x i8] c"%d\0A\00", align 1
@my_format_str_float = private unnamed_addr constant [4 x i8] c"%f\0A\00", align 1

define i32 @main() {
BB:
  %A = alloca i16, align 8
  store i64 1, ptr %A, align 4
  %0 = call i16 @my_func_1(i16 -32768, i16 -32768)
  %1 = zext i16 %0 to i32
  %B = or i16 32767, %0
  %2 = call i32 (ptr, ...) @printf(ptr @my_format_str_int, i32 %1)
  store i16 %B, ptr %A, align 2
  ret i32 0
}

declare i32 @printf(ptr, ...)

define internal i16 @my_func_1(i16 %0, i16 %1) {
my_block_1:
  br label %BB1

BB1:                                              ; preds = %my_block_1
  %my_new_inst_2 = and i16 %0, %1
  br label %BB

BB:                                               ; preds = %BB1
  %A = alloca i1, align 1
  %G1 = getelementptr ptr, ptr %A, i8 -128
  %G3 = getelementptr ptr, ptr %A, i8 0
  %G = getelementptr ptr, ptr %G1, i8 -128
  %C = icmp sle i1 false, true
  store i1 %C, ptr %G, align 1
  store ptr %G3, ptr %G, align 8
  ret i16 %my_new_inst_2
}

cmd

./llc temp -mtriple=aarch64 -O=0 -mcpu=a64fx -mattr=+zcmllc -> 17.0.4

error info

llc: /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/build/lib/Target/AArch64/AArch64GenAsmWriter.inc:20896: static const char *llvm::AArch64InstPrinter::getRegisterName(llvm::MCRegister, unsigned int): Assertion `RegNo && RegNo < 716 && "Invalid register number!"' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace.
Stack dump:
0.  Program arguments: ./llc 1360.ll -mtriple=aarch64 -O=0 -mcpu=a64fx -mattr=+zcm
1.  Running pass 'Function Pass Manager' on module '1360.ll'.
2.  Running pass 'AArch64 Assembly Printer' on function '@main'
 #0 0x0000000000e05eeb backtrace (./llc+0xe05eeb)
 #1 0x000000000f79b765 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Support/Unix/Signals.inc:602:11
 #2 0x000000000f79cffb PrintStackTraceSignalHandler(void*) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Support/Unix/Signals.inc:675:1
 #3 0x000000000f793628 llvm::sys::RunSignalHandlers() /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Support/Signals.cpp:104:5
 #4 0x000000000f7a17eb SignalHandler(int) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Support/Unix/Signals.inc:413:1
 #5 0x00007f24c378b520 (/lib/x86_64-linux-gnu/libc.so.6+0x42520)
 #6 0x00007f24c37dfa7c pthread_kill (/lib/x86_64-linux-gnu/libc.so.6+0x96a7c)
 #7 0x00007f24c378b476 gsignal (/lib/x86_64-linux-gnu/libc.so.6+0x42476)
 #8 0x00007f24c37717f3 abort (/lib/x86_64-linux-gnu/libc.so.6+0x287f3)
 #9 0x00007f24c377171b (/lib/x86_64-linux-gnu/libc.so.6+0x2871b)
#10 0x00007f24c3782e96 (/lib/x86_64-linux-gnu/libc.so.6+0x39e96)
#11 0x0000000008b11d28 llvm::AArch64InstPrinter::getRegisterName(llvm::MCRegister, unsigned int) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/build/lib/Target/AArch64/AArch64GenAsmWriter.inc:21639:10
#12 0x0000000008b2caac llvm::AArch64InstPrinter::printRegName(llvm::raw_ostream&, llvm::MCRegister) const /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Target/AArch64/MCTargetDesc/AArch64InstPrinter.cpp:63:28
#13 0x0000000008b0aac0 llvm::AArch64InstPrinter::printShiftedRegister(llvm::MCInst const*, unsigned int, llvm::MCSubtargetInfo const&, llvm::raw_ostream&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Target/AArch64/MCTargetDesc/AArch64InstPrinter.cpp:1249:16
#14 0x0000000008ae91b9 llvm::AArch64InstPrinter::printInstruction(llvm::MCInst const*, unsigned long, llvm::MCSubtargetInfo const&, llvm::raw_ostream&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/build/lib/Target/AArch64/AArch64GenAsmWriter.inc:19358:5
#15 0x0000000008b35667 llvm::AArch64InstPrinter::printInst(llvm::MCInst const*, unsigned long, llvm::StringRef, llvm::MCSubtargetInfo const&, llvm::raw_ostream&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Target/AArch64/MCTargetDesc/AArch64InstPrinter.cpp:0:5
#16 0x000000000d7084ef llvm::MCTargetStreamer::prettyPrintAsm(llvm::MCInstPrinter&, unsigned long, llvm::MCInst const&, llvm::MCSubtargetInfo const&, llvm::raw_ostream&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/MC/MCStreamer.cpp:1072:15
#17 0x000000000d4b1662 (anonymous namespace)::MCAsmStreamer::emitInstruction(llvm::MCInst const&, llvm::MCSubtargetInfo const&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/MC/MCAsmStreamer.cpp:2401:5
#18 0x000000000a4d273a llvm::AsmPrinter::EmitToStreamer(llvm::MCStreamer&, llvm::MCInst const&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/CodeGen/AsmPrinter/AsmPrinter.cpp:402:1
#19 0x000000000197d1ee (anonymous namespace)::AArch64AsmPrinter::emitInstruction(llvm::MachineInstr const*) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp:1774:3
#20 0x000000000a4f21e9 llvm::AsmPrinter::emitFunctionBody() /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/CodeGen/AsmPrinter/AsmPrinter.cpp:1729:13
#21 0x000000000197301a (anonymous namespace)::AArch64AsmPrinter::runOnMachineFunction(llvm::MachineFunction&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp:154:5
#22 0x000000000b3c32da llvm::MachineFunctionPass::runOnFunction(llvm::Function&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/CodeGen/MachineFunctionPass.cpp:91:8
#23 0x000000000d03238b llvm::FPPassManager::runOnFunction(llvm::Function&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/IR/LegacyPassManager.cpp:1435:27
#24 0x000000000d04cf9b llvm::FPPassManager::runOnModule(llvm::Module&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/IR/LegacyPassManager.cpp:1481:16
#25 0x000000000d033b15 (anonymous namespace)::MPPassManager::runOnModule(llvm::Module&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/IR/LegacyPassManager.cpp:1550:27
#26 0x000000000d032d23 llvm::legacy::PassManagerImpl::run(llvm::Module&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/IR/LegacyPassManager.cpp:535:44
#27 0x000000000d04dab4 llvm::legacy::PassManager::run(llvm::Module&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/IR/LegacyPassManager.cpp:1677:3
#28 0x0000000000e85914 compileModule(char**, llvm::LLVMContext&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/tools/llc/llc.cpp:754:41
#29 0x0000000000e7df38 main /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/tools/llc/llc.cpp:416:22
#30 0x00007f24c3772d90 (/lib/x86_64-linux-gnu/libc.so.6+0x29d90)
#31 0x00007f24c3772e40 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e40)
#32 0x0000000000dceece _start (./llc+0xdceece)
llvmbot commented 6 months ago

@llvm/issue-subscribers-backend-aarch64

Author: None (cpython-java)

# description when i use 'llc' to translate an IR, crash happened. I don't know whether it's a bug of 'llc' and want to be sure about it. thank you for your help! # ir ``` ; ModuleID = '1360' source_filename = "M" @my_format_str_int = private unnamed_addr constant [4 x i8] c"%d\0A\00", align 1 @my_format_str_float = private unnamed_addr constant [4 x i8] c"%f\0A\00", align 1 define i32 @main() { BB: %A = alloca i16, align 8 store i64 1, ptr %A, align 4 %0 = call i16 @my_func_1(i16 -32768, i16 -32768) %1 = zext i16 %0 to i32 %B = or i16 32767, %0 %2 = call i32 (ptr, ...) @printf(ptr @my_format_str_int, i32 %1) store i16 %B, ptr %A, align 2 ret i32 0 } declare i32 @printf(ptr, ...) define internal i16 @my_func_1(i16 %0, i16 %1) { my_block_1: br label %BB1 BB1: ; preds = %my_block_1 %my_new_inst_2 = and i16 %0, %1 br label %BB BB: ; preds = %BB1 %A = alloca i1, align 1 %G1 = getelementptr ptr, ptr %A, i8 -128 %G3 = getelementptr ptr, ptr %A, i8 0 %G = getelementptr ptr, ptr %G1, i8 -128 %C = icmp sle i1 false, true store i1 %C, ptr %G, align 1 store ptr %G3, ptr %G, align 8 ret i16 %my_new_inst_2 } ``` # cmd `./llc temp -mtriple=aarch64 -O=0 -mcpu=a64fx` (`llc` -> `17.0.4`) # error info ``` llc: /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/build/lib/Target/AArch64/AArch64GenAsmWriter.inc:20896: static const char *llvm::AArch64InstPrinter::getRegisterName(llvm::MCRegister, unsigned int): Assertion `RegNo && RegNo < 716 && "Invalid register number!"' failed. PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace. Stack dump: 0. Program arguments: ./llc 1360.ll -mtriple=aarch64 -O=0 -mcpu=a64fx -mattr=+zcm 1. Running pass 'Function Pass Manager' on module '1360.ll'. 2. Running pass 'AArch64 Assembly Printer' on function '@main' #0 0x0000000000e05eeb backtrace (./llc+0xe05eeb) #1 0x000000000f79b765 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Support/Unix/Signals.inc:602:11 #2 0x000000000f79cffb PrintStackTraceSignalHandler(void*) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Support/Unix/Signals.inc:675:1 #3 0x000000000f793628 llvm::sys::RunSignalHandlers() /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Support/Signals.cpp:104:5 #4 0x000000000f7a17eb SignalHandler(int) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Support/Unix/Signals.inc:413:1 #5 0x00007f24c378b520 (/lib/x86_64-linux-gnu/libc.so.6+0x42520) #6 0x00007f24c37dfa7c pthread_kill (/lib/x86_64-linux-gnu/libc.so.6+0x96a7c) #7 0x00007f24c378b476 gsignal (/lib/x86_64-linux-gnu/libc.so.6+0x42476) #8 0x00007f24c37717f3 abort (/lib/x86_64-linux-gnu/libc.so.6+0x287f3) #9 0x00007f24c377171b (/lib/x86_64-linux-gnu/libc.so.6+0x2871b) #10 0x00007f24c3782e96 (/lib/x86_64-linux-gnu/libc.so.6+0x39e96) #11 0x0000000008b11d28 llvm::AArch64InstPrinter::getRegisterName(llvm::MCRegister, unsigned int) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/build/lib/Target/AArch64/AArch64GenAsmWriter.inc:21639:10 #12 0x0000000008b2caac llvm::AArch64InstPrinter::printRegName(llvm::raw_ostream&, llvm::MCRegister) const /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Target/AArch64/MCTargetDesc/AArch64InstPrinter.cpp:63:28 #13 0x0000000008b0aac0 llvm::AArch64InstPrinter::printShiftedRegister(llvm::MCInst const*, unsigned int, llvm::MCSubtargetInfo const&, llvm::raw_ostream&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Target/AArch64/MCTargetDesc/AArch64InstPrinter.cpp:1249:16 #14 0x0000000008ae91b9 llvm::AArch64InstPrinter::printInstruction(llvm::MCInst const*, unsigned long, llvm::MCSubtargetInfo const&, llvm::raw_ostream&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/build/lib/Target/AArch64/AArch64GenAsmWriter.inc:19358:5 #15 0x0000000008b35667 llvm::AArch64InstPrinter::printInst(llvm::MCInst const*, unsigned long, llvm::StringRef, llvm::MCSubtargetInfo const&, llvm::raw_ostream&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Target/AArch64/MCTargetDesc/AArch64InstPrinter.cpp:0:5 #16 0x000000000d7084ef llvm::MCTargetStreamer::prettyPrintAsm(llvm::MCInstPrinter&, unsigned long, llvm::MCInst const&, llvm::MCSubtargetInfo const&, llvm::raw_ostream&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/MC/MCStreamer.cpp:1072:15 #17 0x000000000d4b1662 (anonymous namespace)::MCAsmStreamer::emitInstruction(llvm::MCInst const&, llvm::MCSubtargetInfo const&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/MC/MCAsmStreamer.cpp:2401:5 #18 0x000000000a4d273a llvm::AsmPrinter::EmitToStreamer(llvm::MCStreamer&, llvm::MCInst const&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/CodeGen/AsmPrinter/AsmPrinter.cpp:402:1 #19 0x000000000197d1ee (anonymous namespace)::AArch64AsmPrinter::emitInstruction(llvm::MachineInstr const*) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp:1774:3 #20 0x000000000a4f21e9 llvm::AsmPrinter::emitFunctionBody() /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/CodeGen/AsmPrinter/AsmPrinter.cpp:1729:13 #21 0x000000000197301a (anonymous namespace)::AArch64AsmPrinter::runOnMachineFunction(llvm::MachineFunction&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp:154:5 #22 0x000000000b3c32da llvm::MachineFunctionPass::runOnFunction(llvm::Function&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/CodeGen/MachineFunctionPass.cpp:91:8 #23 0x000000000d03238b llvm::FPPassManager::runOnFunction(llvm::Function&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/IR/LegacyPassManager.cpp:1435:27 #24 0x000000000d04cf9b llvm::FPPassManager::runOnModule(llvm::Module&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/IR/LegacyPassManager.cpp:1481:16 #25 0x000000000d033b15 (anonymous namespace)::MPPassManager::runOnModule(llvm::Module&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/IR/LegacyPassManager.cpp:1550:27 #26 0x000000000d032d23 llvm::legacy::PassManagerImpl::run(llvm::Module&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/IR/LegacyPassManager.cpp:535:44 #27 0x000000000d04dab4 llvm::legacy::PassManager::run(llvm::Module&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/lib/IR/LegacyPassManager.cpp:1677:3 #28 0x0000000000e85914 compileModule(char**, llvm::LLVMContext&) /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/tools/llc/llc.cpp:754:41 #29 0x0000000000e7df38 main /home/jiangbo/compiler_test/llvm/llvm-project-llvmorg-17.0.4/llvm/tools/llc/llc.cpp:416:22 #30 0x00007f24c3772d90 (/lib/x86_64-linux-gnu/libc.so.6+0x29d90) #31 0x00007f24c3772e40 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e40) #32 0x0000000000dceece _start (./llc+0xdceece) ```
svs-quic commented 6 months ago

Can try to reproduce this on llvm18? I dont see this issue on the latest code base.

cpython-java commented 6 months ago

Can try to reproduce this on llvm18? I dont see this issue on the latest code base.

I test here:https://godbolt.org/z/YndPMGGa4

isn't it a lastest code??thank you for you response!

svs-quic commented 6 months ago

Can try to reproduce this on llvm18? I dont see this issue on the latest code base.

I test here:https://godbolt.org/z/YndPMGGa4

isn't it a lastest code??thank you for you response!

Thanks. I had missed adding the -mattr=+zcm in the command line. I am able to reproduce the crash with that flag.

cpython-java commented 6 months ago

Can try to reproduce this on llvm18? I dont see this issue on the latest code base.

I test here:https://godbolt.org/z/YndPMGGa4 isn't it a lastest code??thank you for you response!

Thanks. I had missed adding the -mattr=+zcm in the command line. I am able to reproduce the crash with that flag.

I'm very sorry that I give a wrong cmd! It should be ./llc temp -mtriple=aarch64 -O=0 -mcpu=a64fx -mattr=+zcm

svs-quic commented 6 months ago

Reduced test case:

; ModuleID = '1360'
source_filename = "M"

@my_format_str_int = private unnamed_addr constant [4 x i8] c"%d\0A\00", align 1

define i32 @main() {
BB:
  %A = alloca i16, align 8
  store i64 1, ptr %A, align 4
  %0 = call i16 @my_func_1(i16 -32768, i16 -32768)
  %1 = zext i16 %0 to i32
  %B = or i16 32767, %0
  %2 = call i32 (ptr, ...) @printf(ptr @my_format_str_int, i32 %1)
  store i16 %B, ptr %A, align 2
  ret i32 0
}

declare i32 @printf(ptr, ...)

declare i16 @my_func_1(i16 %0, i16 %1)

We generate the following copy instruction

$w0 = COPY $wzr

which gets converted into

$x0 = ORRXrr $xzr, undef $noreg, implicit $wzr

after PostRAPseudoExpansion. The $noreg that gets generated causes the crash.

The following block of code in AArch64InstrInfo.cpp is responsible for generating the above code:

if (Subtarget.hasZeroCycleRegMove()) {
        // Cyclone recognizes "ORR Xd, XZR, Xm" as a zero-cycle register move.
        MCRegister DestRegX = TRI->getMatchingSuperReg(
            DestReg, AArch64::sub_32, &AArch64::GPR64spRegClass);
        MCRegister SrcRegX = TRI->getMatchingSuperReg(
            SrcReg, AArch64::sub_32, &AArch64::GPR64spRegClass);
        // This instruction is reading and writing X registers.  This may upset
        // the register scavenger and machine verifier, so we need to indicate
        // that we are reading an undefined value from SrcRegX, but a proper
        // value from SrcReg.
        BuildMI(MBB, I, DL, get(AArch64::ORRXrr), DestRegX)
            .addReg(AArch64::XZR)
            .addReg(SrcRegX, RegState::Undef)
            .addReg(SrcReg, RegState::Implicit | getKillRegState(KillSrc));

There is no wzr register in AArch64::GPR64spRegClass and so the getMatchingSuperReg call returns noreg for SrcRegX

cpython-java commented 6 months ago

Reduced test case:

; ModuleID = '1360'
source_filename = "M"

@my_format_str_int = private unnamed_addr constant [4 x i8] c"%d\0A\00", align 1

define i32 @main() {
BB:
  %A = alloca i16, align 8
  store i64 1, ptr %A, align 4
  %0 = call i16 @my_func_1(i16 -32768, i16 -32768)
  %1 = zext i16 %0 to i32
  %B = or i16 32767, %0
  %2 = call i32 (ptr, ...) @printf(ptr @my_format_str_int, i32 %1)
  store i16 %B, ptr %A, align 2
  ret i32 0
}

declare i32 @printf(ptr, ...)

declare i16 @my_func_1(i16 %0, i16 %1)

We generate the following copy instruction

$w0 = COPY $wzr

which gets converted into

$x0 = ORRXrr $xzr, undef $noreg, implicit $wzr

after PostRAPseudoExpansion. The $noreg that gets generated causes the crash.

The following block of code in AArch64InstrInfo.cpp is responsible for generating the above code:

if (Subtarget.hasZeroCycleRegMove()) {
        // Cyclone recognizes "ORR Xd, XZR, Xm" as a zero-cycle register move.
        MCRegister DestRegX = TRI->getMatchingSuperReg(
            DestReg, AArch64::sub_32, &AArch64::GPR64spRegClass);
        MCRegister SrcRegX = TRI->getMatchingSuperReg(
            SrcReg, AArch64::sub_32, &AArch64::GPR64spRegClass);
        // This instruction is reading and writing X registers.  This may upset
        // the register scavenger and machine verifier, so we need to indicate
        // that we are reading an undefined value from SrcRegX, but a proper
        // value from SrcReg.
        BuildMI(MBB, I, DL, get(AArch64::ORRXrr), DestRegX)
            .addReg(AArch64::XZR)
            .addReg(SrcRegX, RegState::Undef)
            .addReg(SrcReg, RegState::Implicit | getKillRegState(KillSrc));

There is no wzr register in AArch64::GPR64spRegClass and so the getMatchingSuperReg call returns noreg for SrcRegX

So, it's a bug from the file "AArch64InstrInfo.cpp". I get it. Thank you for your explaination very much!!!

svs-quic commented 6 months ago

Reduced test case:

; ModuleID = '1360'
source_filename = "M"

@my_format_str_int = private unnamed_addr constant [4 x i8] c"%d\0A\00", align 1

define i32 @main() {
BB:
  %A = alloca i16, align 8
  store i64 1, ptr %A, align 4
  %0 = call i16 @my_func_1(i16 -32768, i16 -32768)
  %1 = zext i16 %0 to i32
  %B = or i16 32767, %0
  %2 = call i32 (ptr, ...) @printf(ptr @my_format_str_int, i32 %1)
  store i16 %B, ptr %A, align 2
  ret i32 0
}

declare i32 @printf(ptr, ...)

declare i16 @my_func_1(i16 %0, i16 %1)

We generate the following copy instruction $w0 = COPY $wzr which gets converted into $x0 = ORRXrr $xzr, undef $noreg, implicit $wzr after PostRAPseudoExpansion. The $noreg that gets generated causes the crash. The following block of code in AArch64InstrInfo.cpp is responsible for generating the above code:

if (Subtarget.hasZeroCycleRegMove()) {
        // Cyclone recognizes "ORR Xd, XZR, Xm" as a zero-cycle register move.
        MCRegister DestRegX = TRI->getMatchingSuperReg(
            DestReg, AArch64::sub_32, &AArch64::GPR64spRegClass);
        MCRegister SrcRegX = TRI->getMatchingSuperReg(
            SrcReg, AArch64::sub_32, &AArch64::GPR64spRegClass);
        // This instruction is reading and writing X registers.  This may upset
        // the register scavenger and machine verifier, so we need to indicate
        // that we are reading an undefined value from SrcRegX, but a proper
        // value from SrcReg.
        BuildMI(MBB, I, DL, get(AArch64::ORRXrr), DestRegX)
            .addReg(AArch64::XZR)
            .addReg(SrcRegX, RegState::Undef)
            .addReg(SrcReg, RegState::Implicit | getKillRegState(KillSrc));

There is no wzr register in AArch64::GPR64spRegClass and so the getMatchingSuperReg call returns noreg for SrcRegX

So, it's a bug from the file "AArch64InstrInfo.cpp". I get it. Thank you for your explaination very much!!!

Oh no. I was just explaining why the crash is happening. I dont know much about the zcm extension to comment on whether we are doing something incorrect here. Someone with a better understanding will need to comment on this.