30911 – SelectionDAG crash

LLVM Bugzilla is read-only and represents the historical archive of all LLVM issues filled before November 26, 2021. Use github to submit LLVM bugs

Bug 30911 - SelectionDAG crash

Summary: SelectionDAG crash

Status:	RESOLVED FIXED

Alias:	None

Product:	libraries
Classification:	Unclassified
Component:	Backend: ARM (show other bugs)
Version:	trunk
Hardware:	PC All

Importance:	P normal
Assignee:	Unassigned LLVM Bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2016-11-03 19:28 PDT by Michael Kruse
Modified:	2017-04-11 01:54 PDT (History)
CC List:	9 users (show)

See Also:
Fixed By Commit(s):

Attachments
Test case derived from oggenc with Polly (5.81 KB, text/plain) 2016-11-03 19:28 PDT, Michael Kruse	Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Kruse 2016-11-03 19:28:37 PDT

Created attachment 17553 [details]
Test case derived from oggenc with Polly

The attached test case crashes with llc. LLVM trunk r285921 on Windows 10 and Linux x86_64. Target architecture is arm-linux-gnueabihf.

Test case is derived from test-suite's oggenc.c with code generated by Polly and reduced using bugpoint -llc-safe.

> Debug\bin\llc.exe oggenc.ll
Wrote crash dump file "C:\Users\MEINER~1\AppData\Local\Temp\llc.exe-762294.dmp"
#0 0x01810ad2 llvm::SUnit::getNode(void)const  c:\users\meinersbur\src\llvm\include\llvm\codegen\scheduledag.h:372:0
#1 0x01f18e30 `anonymous namespace'::ScheduleDAGRRList::DelayForLiveRegsBottomUp c:\users\meinersbur\src\llvm\lib\codegen\selectiondag\scheduledagrrlist.cpp:1312:0
#2 0x01f192f4 `anonymous namespace'::ScheduleDAGRRList::PickNodeToScheduleBottomUp c:\users\meinersbur\src\llvm\lib\codegen\selectiondag\scheduledagrrlist.cpp:1368:0
#3 0x01f19d98 `anonymous namespace'::ScheduleDAGRRList::ListScheduleBottomUp c:\users\meinersbur\src\llvm\lib\codegen\selectiondag\scheduledagrrlist.cpp:1508:0
#4 0x01f15c79 `anonymous namespace'::ScheduleDAGRRList::Schedule c:\users\meinersbur\src\llvm\lib\codegen\selectiondag\scheduledagrrlist.cpp:350:0
#5 0x020c8c2c llvm::ScheduleDAGSDNodes::Run(class llvm::SelectionDAG *,class llvm::MachineBasicBlock *) c:\users\meinersbur\src\llvm\lib\codegen\selectiondag\scheduledagsdnodes.cpp:63:0
#6 0x01f3a2dd llvm::SelectionDAGISel::CodeGenAndEmitDAG(void) c:\users\meinersbur\src\llvm\lib\codegen\selectiondag\selectiondagisel.cpp:870:0
#7 0x01f385a3 llvm::SelectionDAGISel::SelectBasicBlock(class llvm::ilist_iterator<struct llvm::ilist_detail::node_options<class llvm::Instruction,1,0,void>,0,1>,class llvm::ilist_iterator<struct llvm::ilist_detail::node_options<class llvm::Instruction,1,0,void>,0,1>,bool &) c:\users\meinersbur\src\llvm\lib\codegen\selectiondag\selectiondagisel.cpp:684:0
#8 0x01f382e6 llvm::SelectionDAGISel::SelectAllBasicBlocks(class llvm::Function const &) c:\users\meinersbur\src\llvm\lib\codegen\selectiondag\selectiondagisel.cpp:1554:0
#9 0x01f31ee7 llvm::SelectionDAGISel::runOnMachineFunction(class llvm::MachineFunction &) c:\users\meinersbur\src\llvm\lib\codegen\selectiondag\selectiondagisel.cpp:509:0
#10 0x010f1038 `anonymous namespace'::ARMDAGToDAGISel::runOnMachineFunction c:\users\meinersbur\src\llvm\lib\target\arm\armiseldagtodag.cpp:70:0
#11 0x0173553b llvm::MachineFunctionPass::runOnFunction(class llvm::Function &) c:\users\meinersbur\src\llvm\lib\codegen\machinefunctionpass.cpp:62:0
#12 0x01bda535 llvm::FPPassManager::runOnFunction(class llvm::Function &) c:\users\meinersbur\src\llvm\lib\ir\legacypassmanager.cpp:1509:0
#13 0x01bda6da llvm::FPPassManager::runOnModule(class llvm::Module &) c:\users\meinersbur\src\llvm\lib\ir\legacypassmanager.cpp:1530:0
#14 0x01bdb71e `anonymous namespace'::MPPassManager::runOnModule c:\users\meinersbur\src\llvm\lib\ir\legacypassmanager.cpp:1586:0
#15 0x01bdbdfa llvm::legacy::PassManagerImpl::run(class llvm::Module &) c:\users\meinersbur\src\llvm\lib\ir\legacypassmanager.cpp:1689:0
#16 0x01bd63dd llvm::legacy::PassManager::run(class llvm::Module &) c:\users\meinersbur\src\llvm\lib\ir\legacypassmanager.cpp:1721:0
#17 0x00d42897 compileModule c:\users\meinersbur\src\llvm\tools\llc\llc.cpp:526:0
#18 0x00d4335c main c:\users\meinersbur\src\llvm\tools\llc\llc.cpp:282:0
#19 0x024d7dae invoke_main f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:64:0
#20 0x024d7c30 _scrt_common_main_seh f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:253:0
#21 0x024d7acd _scrt_common_main f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:296:0
#22 0x024d7dc8 mainCRTStartup f:\dd\vctools\crt\vcstartup\src\startup\exe_main.cpp:17:0
#23 0x75178694 (C:\WINDOWS\System32\KERNEL32.DLL+0x18694)
#24 0x77ccfb54 (C:\WINDOWS\SYSTEM32\ntdll.dll+0x5fb54)
#25 0x77ccfb24 (C:\WINDOWS\SYSTEM32\ntdll.dll+0x5fb24)


$ bin/llc oggenc.ll
#0 0x0000000001307be8 llvm::sys::PrintStackTrace(llvm::raw_ostream&) (bin/llc+0x1307be8)
#1 0x000000000130583e llvm::sys::RunSignalHandlers() (bin/llc+0x130583e)
#2 0x00000000013059b2 SignalHandler(int) (bin/llc+0x13059b2)
#3 0x00007f5b5a9f13e0 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x113e0)
#4 0x000000000114ebd1 (anonymous namespace)::ScheduleDAGRRList::PickNodeToScheduleBottomUp() [clone .constprop.284] (bin/llc+0x114ebd1)
#5 0x00000000011516e2 (anonymous namespace)::ScheduleDAGRRList::Schedule() (bin/llc+0x11516e2)
#6 0x00000000011d7d99 llvm::SelectionDAGISel::CodeGenAndEmitDAG() (bin/llc+0x11d7d99)
#7 0x00000000011e211c llvm::SelectionDAGISel::SelectAllBasicBlocks(llvm::Function const&) (bin/llc+0x11e211c)
#8 0x00000000011e4339 llvm::SelectionDAGISel::runOnMachineFunction(llvm::MachineFunction&) [clone .part.722] [clone .constprop.746] (bin/llc+0x11e4339)
#9 0x000000000082fa54 (anonymous namespace)::ARMDAGToDAGISel::runOnMachineFunction(llvm::MachineFunction&) (bin/llc+0x82fa54)
#10 0x0000000000cb6f95 llvm::MachineFunctionPass::runOnFunction(llvm::Function&) (bin/llc+0xcb6f95)
#11 0x0000000000f86ea3 llvm::FPPassManager::runOnFunction(llvm::Function&) (bin/llc+0xf86ea3)
#12 0x0000000000f86f6c llvm::FPPassManager::runOnModule(llvm::Module&) (bin/llc+0xf86f6c)
#13 0x0000000000f86a0d llvm::legacy::PassManagerImpl::run(llvm::Module&) (bin/llc+0xf86a0d)
#14 0x00000000005e6bef compileModule(char**, llvm::LLVMContext&) [clone .constprop.340] (bin/llc+0x5e6bef)
#15 0x00000000005a2580 main (bin/llc+0x5a2580)
#16 0x00007f5b59b60830 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x20830)
#17 0x00000000005da489 _start (bin/llc+0x5da489)
Stack dump:
0.      Program arguments: bin/llc oggenc.ll
1.      Running pass 'Function Pass Manager' on module 'oggenc.ll'.
2.      Running pass 'ARM Instruction Selection' on function '@dradbg'
Segmentation fault (core dumped)

Comment 1 Eli Friedman 2016-11-09 16:59:43 PST

The following patch seems to fix the issue, but I have no idea if it's actually right:

diff --git a/lib/CodeGen/SelectionDAG/ScheduleDAGRRList.cpp b/lib/CodeGen/SelectionDAG/ScheduleDAGRRList.cpp
index 3549ccd..551a8ce 100644
--- a/lib/CodeGen/SelectionDAG/ScheduleDAGRRList.cpp
+++ b/lib/CodeGen/SelectionDAG/ScheduleDAGRRList.cpp
@@ -1308,7 +1308,7 @@ DelayForLiveRegsBottomUp(SUnit *SU, SmallVectorImpl<unsigned> &LRegs) {
     if (Node->getMachineOpcode() == (unsigned)TII->getCallFrameDestroyOpcode()) {
       // Check the special calling-sequence resource.
       unsigned CallResource = TRI->getNumRegs();
-      if (LiveRegDefs[CallResource]) {
+      if (LiveRegGens[CallResource]) {
         SDNode *Gen = LiveRegGens[CallResource]->getNode();
         while (SDNode *Glued = Gen->getGluedNode())
           Gen = Glued;

Comment 2 Hans Wennborg 2017-01-30 16:49:55 PST

Reproduces with 3.9 as well as trunk and 4.0, so not a recent regression.

Comment 3 Tobias Grosser 2017-02-02 09:33:52 PST

Arnaud, James, do you happen to know who at ARM can give feedback to this bugreport?

Comment 4 Arnaud de Grandmaison 2017-02-03 03:05:15 PST

I do not think we have DAG scheduler experts at hand, so you'd better move this into a proper patch + testcase and get a review on Phabricator: you'll get much more visibility from the wider community.

Comment 5 Tobias Grosser 2017-02-03 03:06:33 PST

I see. Eli / Michael you wanna submit this for review?

Comment 6 Michael Kruse 2017-02-03 09:01:07 PST

I think the issue goes a lot deeper than checking the wrong item. As far as I understand, LiveRegDefs are supposed to be set/null exactly when the entry in LiveRegGens is. 

Here the SelectionDAG for BB8:

SelectionDAG has 178 nodes:
  t0: ch = EntryToken
  t95: i32 = MOVi TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
  t2: i32,ch = CopyFromReg t0, Register:i32 %vreg3
  t10: i32,ch = CopyFromReg t0, Register:i32 %vreg5
  t18: i32,ch = CopyFromReg t0, Register:i32 %vreg1
  t38: i32,ch = CopyFromReg t0, Register:i32 %vreg0
  t480: i32,i32 = ADDSri IMPLICIT_DEF:i32, TargetConstant:i32<1>, TargetConstant:i32<14>, Register:i32 %noreg
  t247: i32 = MOVsi t18, TargetConstant:i32<249>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
  t363: i32 = MOVsi t38, TargetConstant:i32<249>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
    t519: ch,glue = CopyToReg t0, Register:i32 %CPSR, t480:1
  t470: i32,i32 = ADCri t95, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg, t519:1
    t481: i32,glue = CMPri t95, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg
  t482: i32 = MOVCCr t95, IMPLICIT_DEF:i32, TargetConstant:i32<1>, Register:i32 %CPSR, t481:1
    t182: ch = STRi12<Mem:ST4[FixedStack0]> t95, TargetFrameIndex:i32<0>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t0
  t189: i32,ch,glue = ADJCALLSTACKDOWN TargetConstant:i32<4>, TargetConstant:i32<14>, Register:i32 %noreg, t182
    t249: ch = STRi12<Mem:ST4[FixedStack1]> t95, TargetFrameIndex:i32<1>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t0
  t254: i32,ch,glue = ADJCALLSTACKDOWN TargetConstant:i32<4>, TargetConstant:i32<14>, Register:i32 %noreg, t249
    t279: ch = STRi12<Mem:ST4[FixedStack2]> t95, TargetFrameIndex:i32<2>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t0
  t282: i32,ch,glue = ADJCALLSTACKDOWN TargetConstant:i32<4>, TargetConstant:i32<14>, Register:i32 %noreg, t279
    t323: ch = STRi12<Mem:ST4[FixedStack3]> t95, TargetFrameIndex:i32<3>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t0
  t326: i32,ch,glue = ADJCALLSTACKDOWN TargetConstant:i32<4>, TargetConstant:i32<14>, Register:i32 %noreg, t323
    t365: ch = STRi12<Mem:ST4[FixedStack4]> t95, TargetFrameIndex:i32<4>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t0
  t370: i32,ch,glue = ADJCALLSTACKDOWN TargetConstant:i32<4>, TargetConstant:i32<14>, Register:i32 %noreg, t365
    t403: ch = STRi12<Mem:ST4[FixedStack5]> t95, TargetFrameIndex:i32<5>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t0
  t406: i32,ch,glue = ADJCALLSTACKDOWN TargetConstant:i32<4>, TargetConstant:i32<14>, Register:i32 %noreg, t403
      t471: i32,i32 = RSBSri t480, TargetConstant:i32<1>, TargetConstant:i32<14>, Register:i32 %noreg
    t518: ch,glue = CopyToReg t0, Register:i32 %CPSR, t471:1
  t462: i32,i32 = RSCri t470, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg, t518:1
    t468: ch,glue = CopyToReg t0, Register:i32 %CPSR, t462:1
  t469: i32 = MOVCCi t95, TargetConstant:i32<1>, TargetConstant:i32<11>, Register:i32 %CPSR, t468:1
    t465: ch,glue = CopyToReg t0, Register:i32 %CPSR, t462:1
  t466: i32 = MOVCCi t95, TargetConstant:i32<1>, TargetConstant:i32<11>, Register:i32 %CPSR, t465:1
      t181: i32 = ADDri TargetFrameIndex:i32<0>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
      t191: i32,ch = CopyFromReg t189:1, Register:i32 %SP
    t192: ch = STRi12<Mem:ST4[Stack]> t181, t191, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t189:1
  t194: ch,glue = CopyToReg t192, Register:i32 %R0, t482
  t196: ch,glue = CopyToReg t194, Register:i32 %R1, t482, t194:1
  t198: ch,glue = CopyToReg t196, Register:i32 %R2, IMPLICIT_DEF:i32, t196:1
      t322: i32 = ADDri TargetFrameIndex:i32<3>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
      t327: i32,ch = CopyFromReg t326:1, Register:i32 %SP
    t328: ch = STRi12<Mem:ST4[Stack]> t322, t327, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t326:1
      t494: i32,glue = CMPri t469, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg
    t495: i32 = MOVCCi t480, TargetConstant:i32<1>, TargetConstant:i32<1>, Register:i32 %CPSR, t494:1
  t329: ch,glue = CopyToReg t328, Register:i32 %R0, t495
      t248: i32 = ADDri TargetFrameIndex:i32<1>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
      t255: i32,ch = CopyFromReg t254:1, Register:i32 %SP
    t256: ch = STRi12<Mem:ST4[Stack]> t248, t255, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t254:1
      t498: i32,glue = CMPri t466, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg
    t499: i32 = MOVCCi t480, TargetConstant:i32<1>, TargetConstant:i32<1>, Register:i32 %CPSR, t498:1
  t257: ch,glue = CopyToReg t256, Register:i32 %R0, t499
  t200: ch,glue = CopyToReg t198, Register:i32 %R3, IMPLICIT_DEF:i32, t198:1
      t496: i32,glue = CMPri t469, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg
    t497: i32 = MOVCCi t470, TargetConstant:i32<0>, TargetConstant:i32<1>, Register:i32 %CPSR, t496:1
  t330: ch,glue = CopyToReg t329, Register:i32 %R1, t497, t329:1
      t500: i32,glue = CMPri t466, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg
    t501: i32 = MOVCCi t470, TargetConstant:i32<0>, TargetConstant:i32<1>, Register:i32 %CPSR, t500:1
  t258: ch,glue = CopyToReg t257, Register:i32 %R1, t501, t257:1
  t203: i32,ch,glue = BL TargetExternalSymbol:i32'__mulodi4', Register:i32 %R0, Register:i32 %R1, Register:i32 %R2, Register:i32 %R3, RegisterMask:Untyped, t200, t200:1
  t331: ch,glue = CopyToReg t330, Register:i32 %R2, t18, t330:1
  t259: ch,glue = CopyToReg t258, Register:i32 %R2, t18, t258:1
  t205: i32,ch,glue = ADJCALLSTACKUP TargetConstant:i32<4>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t203:1, t203:2
  t332: ch,glue = CopyToReg t331, Register:i32 %R3, t247, t331:1
  t260: ch,glue = CopyToReg t259, Register:i32 %R3, t247, t259:1
  t206: i32,ch,glue = CopyFromReg t205:1, Register:i32 %R0, t205:2
  t333: i32,ch,glue = BL TargetExternalSymbol:i32'__mulodi4', Register:i32 %R0, Register:i32 %R1, Register:i32 %R2, Register:i32 %R3, RegisterMask:Untyped, t332, t332:1
  t261: i32,ch,glue = BL TargetExternalSymbol:i32'__mulodi4', Register:i32 %R0, Register:i32 %R1, Register:i32 %R2, Register:i32 %R3, RegisterMask:Untyped, t260, t260:1
  t455: i32,i32 = ADDSrr t206, IMPLICIT_DEF:i32, TargetConstant:i32<14>, Register:i32 %noreg
  t334: i32,ch,glue = ADJCALLSTACKUP TargetConstant:i32<4>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t333:1, t333:2
  t262: i32,ch,glue = ADJCALLSTACKUP TargetConstant:i32<4>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t261:1, t261:2
      t402: i32 = ADDri TargetFrameIndex:i32<5>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
      t407: i32,ch = CopyFromReg t406:1, Register:i32 %SP
    t408: ch = STRi12<Mem:ST4[Stack]> t402, t407, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t406:1
  t409: ch,glue = CopyToReg t408, Register:i32 %R0, t455
  t335: i32,ch,glue = CopyFromReg t334:1, Register:i32 %R0, t334:2
  t263: i32,ch,glue = CopyFromReg t262:1, Register:i32 %R0, t262:2
      t207: i32,ch,glue = CopyFromReg t206:1, Register:i32 %R1, t206:2
      t516: ch,glue = CopyToReg t0, Register:i32 %CPSR, t455:1
    t454: i32,i32 = ADCri t207, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg, t516:1
  t410: ch,glue = CopyToReg t409, Register:i32 %R1, t454, t409:1
      t364: i32 = ADDri TargetFrameIndex:i32<4>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
      t371: i32,ch = CopyFromReg t370:1, Register:i32 %SP
    t372: ch = STRi12<Mem:ST4[Stack]> t364, t371, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t370:1
  t373: ch,glue = CopyToReg t372, Register:i32 %R0, t335
      t278: i32 = ADDri TargetFrameIndex:i32<2>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
      t283: i32,ch = CopyFromReg t282:1, Register:i32 %SP
    t284: ch = STRi12<Mem:ST4[Stack]> t278, t283, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t282:1
  t285: ch,glue = CopyToReg t284, Register:i32 %R0, t263
  t411: ch,glue = CopyToReg t410, Register:i32 %R2, t38, t410:1
    t336: i32,ch,glue = CopyFromReg t335:1, Register:i32 %R1, t335:2
  t374: ch,glue = CopyToReg t373, Register:i32 %R1, t336, t373:1
    t264: i32,ch,glue = CopyFromReg t263:1, Register:i32 %R1, t263:2
  t286: ch,glue = CopyToReg t285, Register:i32 %R1, t264, t285:1
  t412: ch,glue = CopyToReg t411, Register:i32 %R3, t363, t411:1
  t375: ch,glue = CopyToReg t374, Register:i32 %R2, t38, t374:1
  t287: ch,glue = CopyToReg t286, Register:i32 %R2, IMPLICIT_DEF:i32, t286:1
  t413: i32,ch,glue = BL TargetExternalSymbol:i32'__mulodi4', Register:i32 %R0, Register:i32 %R1, Register:i32 %R2, Register:i32 %R3, RegisterMask:Untyped, t412, t412:1
  t376: ch,glue = CopyToReg t375, Register:i32 %R3, t363, t375:1
  t288: ch,glue = CopyToReg t287, Register:i32 %R3, IMPLICIT_DEF:i32, t287:1
  t414: i32,ch,glue = ADJCALLSTACKUP TargetConstant:i32<4>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t413:1, t413:2
  t377: i32,ch,glue = BL TargetExternalSymbol:i32'__mulodi4', Register:i32 %R0, Register:i32 %R1, Register:i32 %R2, Register:i32 %R3, RegisterMask:Untyped, t376, t376:1
  t289: i32,ch,glue = BL TargetExternalSymbol:i32'__mulodi4', Register:i32 %R0, Register:i32 %R1, Register:i32 %R2, Register:i32 %R3, RegisterMask:Untyped, t288, t288:1
  t378: i32,ch,glue = ADJCALLSTACKUP TargetConstant:i32<4>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t377:1, t377:2
  t290: i32,ch,glue = ADJCALLSTACKUP TargetConstant:i32<4>, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg, t289:1, t289:2
              t484: i32,glue = CMPrr t2, IMPLICIT_DEF:i32, TargetConstant:i32<14>, Register:i32 %noreg
            t485: i32 = MOVCCi t95, TargetConstant:i32<1>, TargetConstant:i32<9>, Register:i32 %CPSR, t484:1
                  t291: i32,ch,glue = CopyFromReg t290:1, Register:i32 %R0, t290:2
                t27: i32 = ADDrsi t2, t291, TargetConstant:i32<18>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
              t502: i32,glue = CMPrr t10, t27, TargetConstant:i32<14>, Register:i32 %noreg
            t503: i32 = MOVCCi t95, TargetConstant:i32<1>, TargetConstant:i32<9>, Register:i32 %CPSR, t502:1
          t359: i32 = ORRrr t485, t503, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
        t72: ch = CopyToReg t0, Register:i32 %vreg8, t359
                  t379: i32,ch,glue = CopyFromReg t378:1, Register:i32 %R0, t378:2
                t44: i32 = ADDrsi t10, t379, TargetConstant:i32<18>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
              t504: i32,glue = CMPrr IMPLICIT_DEF:i32, t44, TargetConstant:i32<14>, Register:i32 %noreg
            t505: i32 = MOVCCi t95, TargetConstant:i32<1>, TargetConstant:i32<9>, Register:i32 %CPSR, t504:1
                t47: i32,ch = CopyFromReg t0, Register:i32 %vreg4
              t488: i32,glue = CMPrr IMPLICIT_DEF:i32, t47, TargetConstant:i32<14>, Register:i32 %noreg
            t489: i32 = MOVCCi t95, TargetConstant:i32<1>, TargetConstant:i32<9>, Register:i32 %CPSR, t488:1
          t441: i32 = ORRrr t505, t489, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
        t75: ch = CopyToReg t0, Register:i32 %vreg9, t441
                t51: i32,ch = CopyFromReg t0, Register:i32 %vreg2
              t490: i32,glue = CMPrr t51, IMPLICIT_DEF:i32, TargetConstant:i32<14>, Register:i32 %noreg
            t491: i32 = MOVCCi t95, TargetConstant:i32<1>, TargetConstant:i32<9>, Register:i32 %CPSR, t490:1
                  t415: i32,ch,glue = CopyFromReg t414:1, Register:i32 %R0, t414:2
                t62: i32 = ADDrsi t10, t415, TargetConstant:i32<18>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
              t506: i32,glue = CMPrr t62, IMPLICIT_DEF:i32, TargetConstant:i32<14>, Register:i32 %noreg
            t507: i32 = MOVCCi t95, TargetConstant:i32<1>, TargetConstant:i32<9>, Register:i32 %CPSR, t506:1
          t446: i32 = ORRrr t491, t507, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
        t78: ch = CopyToReg t0, Register:i32 %vreg10, t446
                t66: i32,ch = CopyFromReg t0, Register:i32 %vreg6
              t492: i32,glue = CMPrr t66, IMPLICIT_DEF:i32, TargetConstant:i32<14>, Register:i32 %noreg
            t493: i32 = MOVCCi t95, TargetConstant:i32<1>, TargetConstant:i32<9>, Register:i32 %CPSR, t492:1
              t486: i32,glue = CMPrr t10, IMPLICIT_DEF:i32, TargetConstant:i32<14>, Register:i32 %noreg
            t487: i32 = MOVCCi t95, TargetConstant:i32<1>, TargetConstant:i32<9>, Register:i32 %CPSR, t486:1
          t444: i32 = ORRrr t493, t487, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
        t81: ch = CopyToReg t0, Register:i32 %vreg11, t444
      t84: ch = TokenFactor t72, t75, t78, t81
        t94: i32 = MOVi TargetConstant:i32<1>, TargetConstant:i32<14>, Register:i32 %noreg, Register:i32 %noreg
      t508: i32,glue = CMPri t94, TargetConstant:i32<0>, TargetConstant:i32<14>, Register:i32 %noreg
    t511: ch,glue = Bcc BasicBlock:ch< 0x425d5e8>, TargetConstant:i32<1>, Register:i32 %CPSR, t84, t508:1
  t87: ch = B BasicBlock:ch< 0x426f1f0>, t511


What happens is (chronologically backwards)

- LiveRegDefs[CallResource] is set while LiveRegGens[CallResource] is not in DelayForLiveRegsBottomUp

- LiveRegGens[CallResource] got its null value from CallSeqEndForStart[SU] in UnscheduleNodeBottomUp when unscheduling t189, the first call in the SelectionDAG.

- CallSeqEndForStart[SU] for t189 was supposed to be set in ReleasePredecessors, but since there is no call before t189, there is no previous call CallSeqEndForStart could be set to.


These commits could be related:
(r146087: Make sure we correctly set LiveRegGens when a call is unscheduled.) by Eli Friedman <eli.friedman@gmail.com>
(r143660: Reapply r143206, with fixes. Disallow physical register lifetimes across calls) by Dan Gohman <gohman@apple.com>

I submitted Eli's proposed patch as https://reviews.llvm.org/D29492. He introduced the CallSeqEndForStart in r146087, hence should be the expert for this.

Comment 7 Sam Parker 2017-03-31 08:58:18 PDT

Uploaded a patch to https://reviews.llvm.org/D31536.

Comment 8 Tobias Grosser 2017-03-31 09:24:32 PDT

Thank you Sam. This patch certainly prevents the attached test case from crashing. Will be great to see it upstreamed.

Comment 9 Sam Parker 2017-04-11 01:54:53 PDT

committed fix in r299926