From 78554e8137a116d34cc3c0cde8827864cf35f10b Mon Sep 17 00:00:00 2001 From: Nicolai Haehnle Date: Tue, 18 Jul 2017 14:54:41 +0000 Subject: [PATCH] AMDGPU: Fix crash when folding immediates into multiple uses Summary: When an immediate is folded by constant folding, we re-scan the entire use list for two reasons: 1. The constant folding may have created a new use of the same reg. 2. The constant folding may have removed an additional use in the list we're currently traversing (e.g., constant folding an S_ADD_I32 c, c). However, this could previously lead to a crash when an unrelated use was added twice into the FoldList. Since we re-scan the whole list anyway, we might as well just clear the FoldList again before we do so. Using a MIR test to show this because real code seems to trigger the issue only in connection with some really subtle control flow structures. Fixes GL45-CTS.shading_language_420pack.binding_images on gfx9. Reviewers: arsenm Subscribers: kzhuravl, wdng, yaxunl, dstuttard, tpr, llvm-commits, t-tye Differential Revision: https://reviews.llvm.org/D35416 git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@308314 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Target/AMDGPU/SIFoldOperands.cpp | 1 + test/CodeGen/MIR/AMDGPU/fold-multiple.mir | 40 +++++++++++++++++++++++ 2 files changed, 41 insertions(+) create mode 100644 test/CodeGen/MIR/AMDGPU/fold-multiple.mir diff --git a/lib/Target/AMDGPU/SIFoldOperands.cpp b/lib/Target/AMDGPU/SIFoldOperands.cpp index 3af242d9ea6..0aad8f0843d 100644 --- a/lib/Target/AMDGPU/SIFoldOperands.cpp +++ b/lib/Target/AMDGPU/SIFoldOperands.cpp @@ -653,6 +653,7 @@ void SIFoldOperands::foldInstOperand(MachineInstr &MI, // again. The same constant folded instruction could also have a second // use operand. NextUse = MRI->use_begin(Dst.getReg()); + FoldList.clear(); continue; } diff --git a/test/CodeGen/MIR/AMDGPU/fold-multiple.mir b/test/CodeGen/MIR/AMDGPU/fold-multiple.mir new file mode 100644 index 00000000000..a5da33a997d --- /dev/null +++ b/test/CodeGen/MIR/AMDGPU/fold-multiple.mir @@ -0,0 +1,40 @@ +# RUN: llc --mtriple=amdgcn--amdhsa -mcpu=fiji -verify-machineinstrs -run-pass si-fold-operands,si-shrink-instructions %s -o - | FileCheck %s +--- | + define amdgpu_kernel void @test() #0 { + ret void + } + + attributes #0 = { nounwind } + +... +--- + +# This used to crash / trigger an assertion, because re-scanning the use list +# after constant-folding the definition of %3 lead to the definition of %2 +# being processed twice. + +# CHECK-LABEL: name: test +# CHECK: %2 = V_LSHLREV_B32_e32 2, killed %0, implicit %exec +# CHECK: %4 = V_AND_B32_e32 8, killed %2, implicit %exec + +name: test +tracksRegLiveness: true +registers: + - { id: 0, class: vgpr_32 } + - { id: 1, class: sreg_32 } + - { id: 2, class: vgpr_32 } + - { id: 3, class: sreg_32 } + - { id: 4, class: vgpr_32 } + - { id: 5, class: sreg_128 } +body: | + bb.0 (%ir-block.0): + %0 = IMPLICIT_DEF + %1 = S_MOV_B32 2 + %2 = V_LSHLREV_B32_e64 %1, killed %0, implicit %exec + %3 = S_LSHL_B32 %1, killed %1, implicit-def dead %scc + %4 = V_AND_B32_e64 killed %2, killed %3, implicit %exec + %5 = IMPLICIT_DEF + BUFFER_STORE_DWORD_OFFSET killed %4, killed %5, 0, 0, 0, 0, 0, implicit %exec + S_ENDPGM + +... -- 2.49.0