[SelectionDAG] PPC out-of-bound access when compiling i128 vectors #59320

DataCorrupted · 2022-12-03T05:20:48Z

When compiling the following code using ppc: https://godbolt.org/z/WP7PnjYbW
There will be an out of bound access in debug build, crash on release build.

define void  @f(i128 %V, i8 %Idx, <2 x i128> %L, <2 x i128>* %G) {
BB:
  %B1 = and i8 %Idx, -128
  %I = insertelement <2 x i128> <i128 42, i128 42>, i128 %V, i8 %B1
  %B2 = ashr <2 x i128> %L, %I
  store <2 x i128> %B2, <2 x i128>* %G, align 32
  ret void
}

Here is a stack trace on debug build, it seems some place has a mis calculated index.

llc: /home/peter/aflplusplus-isel/llvm-fix/llvm/include/llvm/ADT/SmallVector.h:298: llvm::SmallVectorTemplateCommon::const_reference llvm::SmallVectorTemplateCommon<(anonymous namespace)::BitPermutationSelector::ValueBit>::operator[](llvm::SmallVectorTemplateCommon::size_type) const [T = (anonymous namespace)::BitPermutationSelector::ValueBit]: Assertion `idx < size()' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace.
Stack dump:
0.      Program arguments: ./bin/llc -mtriple=ppc32 crash/ppc32/1/function-pass-manager/tracedepth_0__hash_0x4fa9d65e2cba1c7b/id:000776,sig:11,src:009157+009628,time:182458797,execs:9381044,op:libAFLCustomIRMutator.so,pos:0.bc
1.      Running pass 'Function Pass Manager' on module 'crash/ppc32/1/function-pass-manager/tracedepth_0__hash_0x4fa9d65e2cba1c7b/id:000776,sig:11,src:009157+009628,time:182458797,execs:9381044,op:libAFLCustomIRMutator.so,pos:0.bc'.
2.      Running pass 'PowerPC DAG->DAG Pattern Instruction Selection' on function '@f'
 #0 0x00007f9662a0c4ba llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Support/Unix/Signals.inc:567:11
 #1 0x00007f9662a0c66b PrintStackTraceSignalHandler(void*) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Support/Unix/Signals.inc:641:1
 #2 0x00007f9662a0acc6 llvm::sys::RunSignalHandlers() /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Support/Signals.cpp:104:5
 #3 0x00007f9662a0cd95 SignalHandler(int) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Support/Unix/Signals.inc:412:1
 #4 0x00007f96611ca980 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x12980)
 #5 0x00007f96604c6e87 raise /build/glibc-CVJwZb/glibc-2.27/signal/../sysdeps/unix/sysv/linux/raise.c:51:0
 #6 0x00007f96604c87f1 abort /build/glibc-CVJwZb/glibc-2.27/stdlib/abort.c:81:0
 #7 0x00007f96604b83fa __assert_fail_base /build/glibc-CVJwZb/glibc-2.27/assert/assert.c:89:0
 #8 0x00007f96604b8472 (/lib/x86_64-linux-gnu/libc.so.6+0x30472)
 #9 0x00007f9671249419 llvm::SmallVectorTemplateCommon<(anonymous namespace)::BitPermutationSelector::ValueBit, void>::operator[](unsigned long) const /home/peter/aflplusplus-isel/llvm-fix/llvm/include/llvm/ADT/SmallVector.h:0:5
#10 0x00007f96712475fa (anonymous namespace)::BitPermutationSelector::getValueBits(llvm::SDValue, unsigned int) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Target/PowerPC/PPCISelDAGToDAG.cpp:1507:21
#11 0x00007f967124794f (anonymous namespace)::BitPermutationSelector::getValueBits(llvm::SDValue, unsigned int) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Target/PowerPC/PPCISelDAGToDAG.cpp:1542:30
#12 0x00007f967124794f (anonymous namespace)::BitPermutationSelector::getValueBits(llvm::SDValue, unsigned int) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Target/PowerPC/PPCISelDAGToDAG.cpp:1542:30
#13 0x00007f967124794f (anonymous namespace)::BitPermutationSelector::getValueBits(llvm::SDValue, unsigned int) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Target/PowerPC/PPCISelDAGToDAG.cpp:1542:30
#14 0x00007f967124600c (anonymous namespace)::BitPermutationSelector::Select(llvm::SDNode*) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Target/PowerPC/PPCISelDAGToDAG.cpp:2674:9
#15 0x00007f967123d2a6 (anonymous namespace)::PPCDAGToDAGISel::tryBitPermutation(llvm::SDNode*) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Target/PowerPC/PPCISelDAGToDAG.cpp:3938:17
#16 0x00007f96712275b4 (anonymous namespace)::PPCDAGToDAGISel::Select(llvm::SDNode*) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Target/PowerPC/PPCISelDAGToDAG.cpp:5037:7
#17 0x00007f9663207139 llvm::SelectionDAGISel::DoInstructionSelection() /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/CodeGen/SelectionDAG/SelectionDAGISel.cpp:1166:5
#18 0x00007f966320618a llvm::SelectionDAGISel::CodeGenAndEmitDAG() /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/CodeGen/SelectionDAG/SelectionDAGISel.cpp:937:3
#19 0x00007f9663204b5d llvm::SelectionDAGISel::SelectBasicBlock(llvm::ilist_iterator<llvm::ilist_detail::node_options<llvm::Instruction, true, false, void>, false, true>, llvm::ilist_iterator<llvm::ilist_detail::node_options<llvm::Instruction, true, false, void>, false, true>, bool&) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/CodeGen/SelectionDAG/SelectionDAGISel.cpp:689:1
#20 0x00007f96632045fb llvm::SelectionDAGISel::SelectAllBasicBlocks(llvm::Function const&) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/CodeGen/SelectionDAG/SelectionDAGISel.cpp:1604:11
#21 0x00007f9663201ba6 llvm::SelectionDAGISel::runOnMachineFunction(llvm::MachineFunction&) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/CodeGen/SelectionDAG/SelectionDAGISel.cpp:468:3
#22 0x00007f96712271a9 (anonymous namespace)::PPCDAGToDAGISel::runOnMachineFunction(llvm::MachineFunction&) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/Target/PowerPC/PPCISelDAGToDAG.cpp:167:7
#23 0x00007f966619ac35 llvm::MachineFunctionPass::runOnFunction(llvm::Function&) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/CodeGen/MachineFunctionPass.cpp:91:8
#24 0x00007f96653529e6 llvm::FPPassManager::runOnFunction(llvm::Function&) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/IR/LegacyPassManager.cpp:1430:23
#25 0x00007f9665357812 llvm::FPPassManager::runOnModule(llvm::Module&) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/IR/LegacyPassManager.cpp:1476:16
#26 0x00007f96653532b9 (anonymous namespace)::MPPassManager::runOnModule(llvm::Module&) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/IR/LegacyPassManager.cpp:1545:23
#27 0x00007f9665352e2d llvm::legacy::PassManagerImpl::run(llvm::Module&) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/IR/LegacyPassManager.cpp:535:16
#28 0x00007f9665357af1 llvm::legacy::PassManager::run(llvm::Module&) /home/peter/aflplusplus-isel/llvm-fix/llvm/lib/IR/LegacyPassManager.cpp:1672:3
#29 0x00000000004199ac compileModule(char**, llvm::LLVMContext&) /home/peter/aflplusplus-isel/llvm-fix/llvm/tools/llc/llc.cpp:736:41
#30 0x0000000000417d52 main /home/peter/aflplusplus-isel/llvm-fix/llvm/tools/llc/llc.cpp:417:13
#31 0x00007f96604a9c87 __libc_start_main /build/glibc-CVJwZb/glibc-2.27/csu/../csu/libc-start.c:344:0
#32 0x000000000041755a _start (./bin/llc+0x41755a)
Aborted

The text was updated successfully, but these errors were encountered:

llvmbot · 2022-12-03T05:22:50Z

@llvm/issue-subscribers-backend-powerpc

DataCorrupted · 2022-12-03T05:58:37Z

Identical to #59074, closing.

DataCorrupted added backend:PowerPC llvm:codegen labels Dec 3, 2022

EugeneZelenko added the crash Prefer [crash-on-valid] or [crash-on-invalid] label Dec 3, 2022

DataCorrupted closed this as completed Dec 3, 2022

EugeneZelenko closed this as not planned Won't fix, can't repro, duplicate, stale Dec 3, 2022

EugeneZelenko added duplicate Resolved as duplicate and removed llvm:codegen labels Dec 3, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[SelectionDAG] PPC out-of-bound access when compiling i128 vectors #59320

[SelectionDAG] PPC out-of-bound access when compiling i128 vectors #59320

DataCorrupted commented Dec 3, 2022

llvmbot commented Dec 3, 2022

DataCorrupted commented Dec 3, 2022

[SelectionDAG] PPC out-of-bound access when compiling i128 vectors #59320

[SelectionDAG] PPC out-of-bound access when compiling i128 vectors #59320

Comments

DataCorrupted commented Dec 3, 2022

llvmbot commented Dec 3, 2022

DataCorrupted commented Dec 3, 2022