InstCombine crash (from GEP with NULL pointer used in computing object size?) #9600
Description
| Bugzilla Link | 9228 |
| Resolution | FIXED |
| Resolved on | Feb 15, 2011 17:13 |
| Version | trunk |
| OS | All |
| Reporter | LLVM Bugzilla Contributor |
Extended Description
If I run "opt -instcombine bug.ll -o /dev/null" with the following program:
define <4 x float> @f(i32 %a) nounwind alwaysinline {
entry:
%dim = insertelement <4 x i32> undef, i32 %a, i32 0
%dim30 = insertelement <4 x i32> %dim, i32 %a, i32 1
%dim31 = insertelement <4 x i32> %dim30, i32 %a, i32 2
%dim32 = insertelement <4 x i32> %dim31, i32 %a, i32 3
%offset_ptr = getelementptr <4 x float>* null, i32 1
%offset_int = ptrtoint <4 x float>* %offset_ptr to i64
%sizeof32 = trunc i64 %offset_int to i32
%smearinsert33 = insertelement <4 x i32> undef, i32 %sizeof32, i32 0
%smearinsert34 = insertelement <4 x i32> %smearinsert33, i32 %sizeof32, i32 1
%smearinsert35 = insertelement <4 x i32> %smearinsert34, i32 %sizeof32, i32 2
%smearinsert36 = insertelement <4 x i32> %smearinsert35, i32 %sizeof32, i32 3
%delta_scale = mul <4 x i32> %dim32, %smearinsert36
%offset_delta = add <4 x i32> zeroinitializer, %delta_scale
%offset_varying_delta = add <4 x i32> %offset_delta, undef
ret <4 x float> undef
}
I get the following crash from TOT of the dev branch:
opt: /home/mmp/llvm-dev-src/include/llvm/Support/Casting.h:213: typename llvm::cast_retty<X, Y*>::ret_type llvm::cast_or_null(Y*) [with X = llvm::ConstantInt, Y = llvm::Constant]: Assertion `isa(Val) && "cast_or_null() argument of incompatible type!"' failed.
0 opt 0x0000000000d0ffb5
1 opt 0x0000000000d0fda8
2 libpthread.so.0 0x00002b6774e478f0
3 libc.so.6 0x00002b6775a3ca75 gsignal + 53
4 libc.so.6 0x00002b6775a405c0 abort + 384
5 libc.so.6 0x00002b6775a35941 __assert_fail + 241
6 opt 0x0000000000977f57 llvm::cast_retty<llvm::ConstantInt, llvm::Constant*>::ret_type llvm::cast_or_null<llvm::ConstantInt, llvm::Constant>(llvm::Constant*) + 92
7 opt 0x00000000009a7e04 bool llvm::PatternMatch::cst_pred_tyllvm::PatternMatch::is_one::matchllvm::Value(llvm::Value*) + 114
8 opt 0x0000000000a7a32e bool llvm::PatternMatch::match<llvm::Value, llvm::PatternMatch::cst_pred_tyllvm::PatternMatch::is_one >(llvm::Value*, llvm::PatternMatch::cst_pred_tyllvm::PatternMatch::is_one const&) + 35
9 opt 0x0000000000a75063
10 opt 0x0000000000a7547e llvm::SimplifyMulInst(llvm::Value*, llvm::Value*, llvm::TargetData const*, llvm::DominatorTree const*) + 58
11 opt 0x00000000009ab28c
12 opt 0x000000000096d87c llvm::InstVisitor<llvm::InstCombiner, llvm::Instruction*>::visit(llvm::Instruction&) + 376
13 opt 0x000000000096ab67
14 opt 0x000000000096af7f
15 opt 0x0000000000c8e095 llvm::FPPassManager::runOnFunction(llvm::Function&) + 407
16 opt 0x0000000000c8e2b2 llvm::FPPassManager::runOnModule(llvm::Module&) + 102
17 opt 0x0000000000c8e5e5 llvm::MPPassManager::runOnModule(llvm::Module&) + 459
18 opt 0x0000000000c8eae3 llvm::PassManagerImpl::run(llvm::Module&) + 125
19 opt 0x0000000000c8f039 llvm::PassManager::run(llvm::Module&) + 39
20 opt 0x0000000000839b3f main + 4242
21 libc.so.6 0x00002b6775a27c4d __libc_start_main + 253
22 opt 0x000000000082a779
Stack dump:
0. Program arguments: opt -instcombine x.ll -o /dev/null
- Running pass 'Function Pass Manager' on module 'x.ll'.
- Running pass 'Combine redundant instructions' on function '@f'
[1] 5247 abort opt -instcombine x.ll -o /dev/null
The problem seems to be related to the GEP with a NULL base pointer:
#3 0x0000000000977f57 in llvm::cast_or_null<llvm::ConstantInt, llvm::Constant> (Val=0x12819a8)
at /home/mmp/llvm-dev-src/include/llvm/Support/Casting.h:213
213 assert(isa(Val) && "cast_or_null() argument of incompatible type!");
(gdb) call Val->dump()
i32 ptrtoint (<4 x float>* getelementptr (<4 x float>* null, i32 1) to i32)
(gdb)