CodeGen assert on invalid inline assembly

[pageexec]

Bugzilla Link	9506
Version	trunk
OS	Linux
CC	@chandlerc,@rovka,@kbeyls,@pageexec

Extended Description

the following code extracted from linux/arch/x86/kvm/emulate.c triggers an assert with r127872.

void f(void)
{
unsigned long _tmp, _rax, _rdx, _val, _eflags;
unsigned char _ex;

    __asm__ __volatile__ (
            "idivl %6;"
            : "=m" (_eflags), "=&r" (_tmp),
              "+a" (_rax), "+d" (_rdx), "+qm"(_ex)
            : "i" (0x1234), "m" (_val),
              "a" (_rax), "d" (_rdx));

}

clang output:

clang: /src/llvm/lib/CodeGen/TwoAddressInstructionPass.cpp:1159: virtual bool::TwoAddressInstructionPass::runOnMachineFunction(llvm::MachineFunction&): Assertion `i == DstIdx || !mi->getOperand(i).isReg() || mi->getOperand(i).getReg() != regA' failed.
0 libLLVM-3.0svn.so 0xa16c10b8
Stack dump:
0. Program arguments: clang -cc1 -triple i386-pc-linux-gnu -emit-obj -mrelax-all -disable-free -main-file-name a.c -mrelocation-model static -mdisable-fp-elim -masm-verbose -mconstructor-aliases -target-cpu pentium4 -target-linker-version 2.21 -momit-leaf-frame-pointer -resource-dir /src/build.i386/bin/../lib/clang/3.0 -ferror-limit 19 -fmessage-length 277 -fgnu-runtime -fdiagnostics-show-option -fcolor-diagnostics -o a.o -x c a.c

1.  <eof> parser at end of file
   

2.  Code generation
   

3.  Running pass 'Function Pass Manager' on module 'a.c'.
   

4.  Running pass 'Two-Address instruction pass' on function '@f'
   

clang: error: unable to execute command: Aborted
clang: error: clang frontend command failed due to signal 1 (use -v to see invocation)

[lattner]

The asm has "+a" (which is a read/modify/write of eax) and "a" (which is a read of eax. This should be rejected by the frontend in an ideal world. A source fix is to remove the "a" (_rax), "d" (_rdx) inputs. The compiler shouldn't crash on this though.

[pageexec]

The asm has "+a" (which is a read/modify/write of eax) and "a" (which is a read
of eax. This should be rejected by the frontend in an ideal world.

yes, i agree, it works with gcc only because with optimization enabled (as is the case with linux) it deduces that the two inputs are the same (consistent). now with that said, i'm afraid in the not so ideal world this construct may occur every now and then ('it works with gcc') so maybe some simple cases like this could still be special cased in clang?

[lattner]

In an ideal world, we would reject this with a compile-time error instead of crashing. This is low priority though.

[llvmbot]

This appears to be fixed; the code extract compiles fine for me in:

clang version 3.3 (trunk 171631) (llvm/trunk 171630)

[chandlerc]

This is not fixed, it crashes trunk Clang. We should at least error sensibly on this. I don't think this blocks anything though as it is QoI.

[kbeyls]

Just recording another example - on AArch64 - that seems to trigger the same issue:

$ cat t.c
unsigned long long foo(unsigned long long arg)
{
register unsigned long long result asm("x0");

__asm__ __volatile__(
        "   mov     x0, %[arg]\n"
        "   hlt     #​0xf000\n"
: "=r" (result)
: [arg] "N" (arg)
);

return result;

}
$ clang -target aarch64 -c t.c
t.c:6:13: error: invalid operand for inline asm constraint 'N'
" mov x0, %[arg]\n"
^
clang-3.8: /work/llvm.org/llvm-git-clone/include/llvm/CodeGen/FunctionLoweringInfo.h:169: unsigned int llvm::FunctionLoweringInfo::InitializeRegForValue(const llvm::Value ): Assertion `R == 0 && "Already initialized this value register!"' failed.
#​0 0x176ff6a llvm::sys::PrintStackTrace(llvm::raw_ostream&) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x176ff6a)
#​1 0x176f466 llvm::sys::RunSignalHandlers() (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x176f466)
#​2 0x177185a SignalHandler(int) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x177185a)
#​3 0x7ff2a67d9cb0 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0xfcb0)
#​4 0x7ff2a5a140d5 gsignal /build/buildd/eglibc-2.15/signal/../nptl/sysdeps/unix/sysv/linux/raise.c:64:0
#​5 0x7ff2a5a1783b abort /build/buildd/eglibc-2.15/stdlib/abort.c:93:0
#​6 0x7ff2a5a0cd9e __assert_fail_base /build/buildd/eglibc-2.15/assert/assert.c:55:0
#​7 0x7ff2a5a0ce42 (/lib/x86_64-linux-gnu/libc.so.6+0x2ee42)
#​8 0x1cc0396 (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1cc0396)
#​9 0x1d41f97 llvm::SelectionDAGBuilder::getValueImpl(llvm::Value const) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1d41f97)
#​10 0x1d434c1 llvm::SelectionDAGBuilder::getNonRegisterValue(llvm::Value const*) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1d434c1)
#​11 0x1d43616 llvm::SelectionDAGBuilder::CopyValueToVirtualRegister(llvm::Value const*, unsigned int) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1d43616)
#​12 0x1d33b1b llvm::SelectionDAGBuilder::visit(llvm::Instruction const&) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1d33b1b)
#​13 0x1d7b908 llvm::SelectionDAGISel::SelectBasicBlock(llvm::ilist_iterator<llvm::Instruction const>, llvm::ilist_iterator<llvm::Instruction const>, bool&) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1d7b908)
#​14 0x1d7b135 llvm::SelectionDAGISel::SelectAllBasicBlocks(llvm::Function const&) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1d7b135)
#​15 0x1d77fce llvm::SelectionDAGISel::runOnMachineFunction(llvm::MachineFunction&) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1d77fce)
#​16 0x114dfbc llvm::MachineFunctionPass::runOnFunction(llvm::Function&) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x114dfbc)
#​17 0x14020bc llvm::FPPassManager::runOnFunction(llvm::Function&) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x14020bc)
#​18 0x14022fb llvm::FPPassManager::runOnModule(llvm::Module&) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x14022fb)
#​19 0x14027f7 llvm::legacy::PassManagerImpl::run(llvm::Module&) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x14027f7)
#​20 0x1879eed clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, llvm::raw_pwrite_stream*) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1879eed)
#​21 0x1e375b5 clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1e375b5)
#​22 0x21a18d3 clang::ParseAST(clang::Sema&, bool, bool) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x21a18d3)
#​23 0x1b7472e clang::FrontendAction::Execute() (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1b7472e)
#​24 0x1b4110c clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1b4110c)
#​25 0x1bf4e47 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x1bf4e47)
#​26 0x716204 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x716204)
#​27 0x714cf1 main (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x714cf1)
#​28 0x7ff2a59ff76d __libc_start_main /build/buildd/eglibc-2.15/csu/libc-start.c:258:0
#​29 0x711985 _start (/work/llvm.org/cmake-git-build/bin/clang-3.8+0x711985)
Stack dump:
0. Program arguments: /work/llvm.org/cmake-git-build/bin/clang-3.8 -cc1 -triple aarch64 -emit-obj -mrelax-all -disable-free -main-file-name t.c -mrelocation-model static -mthread-model posix -mdisable-fp-elim -fmath-errno -masm-verbose -mconstructor-aliases -fuse-init-array -target-cpu generic -target-feature +neon -target-abi aapcs -dwarf-column-info -coverage-file /work/triage/sdcomp25730/t.c -resource-dir /work/llvm.org/cmake-git-build/bin/../lib/clang/3.8.0 -fdebug-compilation-dir /work/triage/sdcomp25730 -ferror-limit 19 -fmessage-length 226 -mstackrealign -fallow-half-arguments-and-returns -fno-signed-char -fobjc-runtime=gcc -fdiagnostics-show-option -fcolor-diagnostics -o t.o -x c t.c

1.  <eof> parser at end of file
   

2.  Code generation
   

3.  Running pass 'Function Pass Manager' on module 't.c'.
   

4.  Running pass 'AArch64 Instruction Selection' on function '@foo'
   

clang-3.8: error: unable to execute command: Aborted
clang-3.8: error: clang frontend command failed due to signal (use -v to see invocation)
clang version 3.8.0 (http://llvm.org/git/clang.git 51dc7dd752b750c9deeeffcc5faf37218ac0973f)
Target: aarch64
Thread model: posix
clang-3.8: note: diagnostic msg: PLEASE submit a bug report to http://llvm.org/bugs/ and include the crash backtrace, preprocessed source, and associated run script.
clang-3.8: note: diagnostic msg:

---

PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-3.8: note: diagnostic msg: /tmp/t-56be1f.c
clang-3.8: note: diagnostic msg: /tmp/t-56be1f.sh
clang-3.8: note: diagnostic msg:

---

It seems a compiler error message is being produced, but in builds with assertions enabled, this causes an assertion failure still.

[rovka]

The assert for the AArch64 snippet has been fixed (Bug 24071), but the original x86 snippet still asserts.

[llvmbot]

Still reproducible with the test case from comment #​1:

$ clang -cc1 -emit-obj -o a.o /tmp/q.c
clang: llvm/lib/CodeGen/TwoAddressInstructionPass.cpp:1551: void (anonymous namespace)::TwoAddressInstructionPass::processTiedPairs(llvm::MachineInstr *, (anonymous namespace)::TwoAddressInstructionPass::TiedPairList &, unsigned int &): Assertion `i == DstIdx || !MI->getOperand(i).isReg() || MI->getOperand(i).getReg() != RegA' failed.
Stack dump:
0. Program arguments: clang -cc1 -emit-obj -o a.o /tmp/q.c

1.  <eof> parser at end of file
   

2.  Code generation
   

3.  Running pass 'Function Pass Manager' on module '/tmp/q.c'.
   

4.  Running pass 'Two-Address instruction pass' on function '@f'
   

[Endilll]

Still crashing as of unreleased Clang 17: https://godbolt.org/z/PceY9EEcY