[CIR][CodeGen] Emit RunCleanupsScope's dtor properly for ExprWithCleanups #1581
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bruteforceboy
force-pushed
the
vector-fix
branch
from
f5b2465 to
f1a0ff0
Compare
Member
|
Looks like tests are failing |
Contributor
Author
Oh, I didn't notice ( It seems this PR#1580 made quite a number of changes. I will update the test in a few hours. |
terapines-osc-cir
pushed a commit
to Terapines/clangir
that referenced
this pull request
Sep 2, 2025
…nups (llvm#1581) The following code snippet crashes during CIR CodeGen using `clang tmp.cpp -Xclang -emit-cir -S -o -`: ``` #include <vector> void foo() { std::vector<int> v(1); } ``` The crash is: ``` mlir::Operation* mlir::Block::getTerminator(): Assertion `mightHaveTerminator()' failed. ``` What happens is the scope created [here](https://github.com/llvm/clangir/blob/c7b27ece0971c632f2ebec26bc855ee9b118ffcc/clang/lib/CIR/CodeGen/CIRGenExprScalar.cpp#L2370C1-L2381C10) is malformed. The operations inside the scope using `--mlir-print-assume-verified` looks something like: ``` %0 = cir.alloca !cir.record<class "std::allocator<int>" padded {!cir.int<u, 8>} #cir.record.decl.ast>, !cir.ptr<!cir.record<class "std::allocator<int>" padded {!cir.int<u, 8>} #cir.record.decl.ast>>, ["ref.tmp0"] {alignment = 1 : i64} %1 = cir.load <<UNKNOWN SSA VALUE>> : !cir.ptr<!cir.int<u, 64>>, !cir.int<u, 64> %2 = cir.load <<UNKNOWN SSA VALUE>> : !cir.ptr<!cir.ptr<!cir.record<class "std::allocator<int>" padded {!cir.int<u, 8>} #cir.record.decl.ast>>>, !cir.ptr<!cir.record<class "std::allocator<int>" padded {!cir.int<u, 8>} #cir.record.decl.ast>> cir.call @_ZNSaIiEC1ERKS_(%0, %2) : (!cir.ptr<!cir.record<class "std::allocator<int>" padded {!cir.int<u, 8>} #cir.record.decl.ast>>, !cir.ptr<!cir.record<class "std::allocator<int>" padded {!cir.int<u, 8>} #cir.record.decl.ast>>) -> () extra(#cir<extra({nothrow = #cir.nothrow})>) %3 = cir.call @_ZNSt6vectorIiSaIiEE11_S_max_sizeERKS0_(%0) : (!cir.ptr<!cir.record<class "std::allocator<int>" padded {!cir.int<u, 8>} #cir.record.decl.ast>>) -> !cir.int<u, 64> extra(#cir<extra({nothrow = #cir.nothrow})>) %4 = cir.cmp(gt, %1, %3) : !cir.int<u, 64>, !cir.bool cir.yield %4 : !cir.bool cir.call @_ZNSaIiED1Ev(%0) : (!cir.ptr<!cir.record<class "std::allocator<int>" padded {!cir.int<u, 8>} #cir.record.decl.ast>>) -> () extra(#cir<extra({nothrow = #cir.nothrow})>) ``` `_ZNSaIiED1Ev` is `std::allocator<int>::~allocator()`. So, the destructor comes after the YieldOp has been created, which is wrong. The destructor comes from the destruction of [`RunCleanupScope`](https://github.com/llvm/clangir/blob/c7b27ece0971c632f2ebec26bc855ee9b118ffcc/clang/lib/CIR/CodeGen/CIRGenFunction.h#L1369) since `LexicalScope` inherits from it. RunCleanupsScope's dtor should come before the yield is created! This PR fixes this by calling `ForceCleanup` before creating the yield, so the YieldOp becomes the last operation in the scope. I found this bug using the code snippet above, but I have added a reduced version, using [creduce](https://github.com/csmith-project/creduce), as a test, because [std-cxx.h](https://github.com/llvm/clangir/blob/main/clang/test/CIR/Inputs/std-cxx.h) doesn't quite replicate `std::vector` correctly.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The following code snippet crashes during CIR CodeGen using
clang tmp.cpp -Xclang -emit-cir -S -o -:The crash is:
What happens is the scope created here is malformed. The operations inside the scope using
--mlir-print-assume-verifiedlooks something like:_ZNSaIiED1Evisstd::allocator<int>::~allocator(). So, the destructor comes after the YieldOp has been created, which is wrong. The destructor comes from the destruction ofRunCleanupScopesinceLexicalScopeinherits from it. RunCleanupsScope's dtor should come before the yield is created!This PR fixes this by calling
ForceCleanupbefore creating the yield, so the YieldOp becomes the last operation in the scope. I found this bug using the code snippet above, but I have added a reduced version, using creduce, as a test, because std-cxx.h doesn't quite replicatestd::vectorcorrectly.