Bug 227686

Summary:	www/firefox: clang 6.0 crashes during build
Product:	Ports & Packages	Reporter:	Jan Beich <jbeich>
Component:	Individual Port(s)	Assignee:	freebsd-toolchain (Nobody) <toolchain>
Status:	Closed FIXED
Severity:	Affects Only Me	CC:	brooks
Priority:	---	Keywords:	regression
Version:	Latest	Flags:	jbeich: maintainer-feedback? (brooks)
Hardware:	i386
OS:	Any
Bug Depends on:
Bug Blocks:	225330, 227679

Description Jan Beich freebsd_committer

2018-04-22 06:45:42 UTC

Regression range: base r332632 (good) and base r332849 (bad).

/usr/bin/c++ -o Unified_cpp_dom_system0.o -c -I/wrkdirs/usr/ports/www/firefox/work/.build/dist/stl_wrappers -I/wrkdirs/usr/ports/www/firefox/work/.build/dist/system_wrappers -include /wrkdirs/usr/ports/www/firefox/work/mozilla-release-239e434d6d2b8e1e2b697c3416d1e96d48fe98e5/config/gcc_hidden.h -DNDEBUG=1 -DTRIMMED=1 -DOS_POSIX=1 -DOS_FREEBSD=1 -DOS_BSD=1 '-DDLL_PREFIX="lib"' '-DDLL_SUFFIX=".so"' -DSTATIC_EXPORTABLE_JS_API -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -I/wrkdirs/usr/ports/www/firefox/work/mozilla-release-239e434d6d2b8e1e2b697c3416d1e96d48fe98e5/dom/system -I/wrkdirs/usr/ports/www/firefox/work/.build/dom/system -I/wrkdirs/usr/ports/www/firefox/work/.build/ipc/ipdl/_ipdlheaders -I/wrkdirs/usr/ports/www/firefox/work/mozilla-release-239e434d6d2b8e1e2b697c3416d1e96d48fe98e5/ipc/chromium/src -I/wrkdirs/usr/ports/www/firefox/work/mozilla-release-239e434d6d2b8e1e2b697c3416d1e96d48fe98e5/ipc/glue -I/wrkdirs/usr/ports/www/firefox/work/mozilla-release-239e434d6d2b8e1e2b697c3416d1e96d48fe98e5/dom/base -I/wrkdirs/usr/ports/www/firefox/work/mozilla-release-239e434d6d2b8e1e2b697c3416d1e96d48fe98e5/dom/bindings -I/wrkdirs/usr/ports/www/firefox/work/mozilla-release-239e434d6d2b8e1e2b697c3416d1e96d48fe98e5/js/xpconnect/loader -I/wrkdirs/usr/ports/www/firefox/work/mozilla-release-239e434d6d2b8e1e2b697c3416d1e96d48fe98e5/xpcom/base -I/wrkdirs/usr/ports/www/firefox/work/.build/dist/include -I/usr/local/include/nspr -I/usr/local/include/nss -I/usr/local/include/nss/nss -I/usr/local/include -I/usr/local/include -I/usr/local/include/pixman-1 -fPIC -DMOZILLA_CLIENT -include /wrkdirs/usr/ports/www/firefox/work/.build/mozilla-config.h -Qunused-arguments -D_GLIBCXX_USE_C99 -D_GLIBCXX_USE_C99_MATH_TR1 -D_DECLARE_C99_LDBL_MATH -DLIBICONV_PLUG -isystem /usr/local/include -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -Qunused-arguments -Wall -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wsign-compare -Wtype-limits -Wunreachable-code -Wunreachable-code-return -Wwrite-strings -Wno-invalid-offsetof -Wclass-varargs -Wloop-analysis -Wc++1z-compat -Wcomma -Wimplicit-fallthrough -Wstring-conversion -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wformat -Wformat-security -Wno-gnu-zero-variadic-macro-arguments -Wno-unknown-warning-option -Wno-return-type-c-linkage -fno-sized-deallocation -O2 -pipe -O3 -DLIBICONV_PLUG -fstack-protector -isystem /usr/local/include -fno-strict-aliasing -DLIBICONV_PLUG -isystem /usr/local/include -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pipe -I/usr/local/include -O2 -O3 -fno-omit-frame-pointer  -MD -MP -MF .deps/Unified_cpp_dom_system0.o.pp   /wrkdirs/usr/ports/www/firefox/work/.build/dom/system/Unified_cpp_dom_system0.cpp
Assertion failed: (isReg() && "This is not a register operand!"), function getReg, file /usr/local/poudriere/jails/head-i386/usr/src/contrib/llvm/include/llvm/CodeGen/MachineOperand.h, line 333.
c++: error: unable to execute command: Abort trap (core dumped)
c++: error: clang frontend command failed due to signal (use -v to see invocation)
FreeBSD clang version 6.0.0 (tags/RELEASE_600/final 326565) (based on LLVM 6.0.0)
Target: i386-unknown-freebsd12.0
Thread model: posix
InstalledDir: /usr/bin

http://beefy11.nyi.freebsd.org/data/head-i386-default/p467853_s332849/logs/errors/firefox-59.0.2_6,1.log
http://beefy11.nyi.freebsd.org/data/head-i386-default/p467853_s332849/logs/errors/libxul-45.9.0_11.log

vs. green logs

http://beefy11.nyi.freebsd.org/data/head-i386-default/p467743_s332632/logs/firefox-59.0.2_6,1.log
http://beefy11.nyi.freebsd.org/data/head-i386-default/p467743_s332632/logs/libxul-45.9.0_11.log

Comment 1 Jan Beich freebsd_committer

2018-04-22 06:55:03 UTC

Can someone bisect?

dom/system/nsDeviceSensors.cpp preprocessed: https://ptpb.pw/sdnj (11 Mb)
Clang 6.0 command line arguments: https://ptpb.pw/-Urk

Comment 2 Jan Beich freebsd_committer

2018-04-22 14:25:37 UTC

Note, every Gecko port is affected:
- mail/thunderbird
- www/firefox-esr
- www/firefox
- www/libxul
- www/palemoon
- www/seamonkey
- www/waterfox

Comment 3 Jan Beich freebsd_committer

2018-04-22 14:31:51 UTC

Nevermind comment 2, my guess was bogus. www/palemoon and www/waterfox are affected but mail/thunderbird, www/firefox-esr, www/seamonkey are not. Maybe the stars haven't aligned on ESR52. ;)

Comment 4 Dimitry Andric freebsd_committer

2018-04-22 17:56:43 UTC

I can reproduce, it's caused by r332833 (the upstream fixes for EFLAGS).  I'm going to make a minimized test case, and figure out which of the upstream revisions caused it.

Comment 5 commit-hook freebsd_committer

2018-04-23 23:09:01 UTC

A commit references this bug:

Author: dim
Date: Mon Apr 23 23:07:58 UTC 2018
New revision: 332898
URL: https://svnweb.freebsd.org/changeset/base/332898

Log:
  Pull in r329771 from upstream llvm trunk (by Craig Topper):

    [X86] In X86FlagsCopyLowering, when rewriting a memory setcc we need
    to emit an explicit MOV8mr instruction.

    Previously the code only knew how to handle setcc to a register.

    This should fix a crash in the chromium build.

  This fixes various assertion failures while building ports targeting
  i386:
  * www/firefox: isReg() && "This is not a register operand!"
  * www/iridium, www/qt5-webengine: (I.atEnd() || std::next(I) ==
    def_instr_end()) && "getVRegDef assumes a single definition or no
    definition"
  * devel/powerpc64-gcc: FromReg != ToReg && "Cannot replace a reg with
    itself"

  Reported by:	jbeich
  PR:		225330, 227686, 227698, 227699
  MFC after:	1 week
  X-MFC-With:	r332833

Changes:
  head/contrib/llvm/lib/Target/X86/X86FlagsCopyLowering.cpp

Comment 6 Jan Beich freebsd_committer

2018-04-26 15:52:07 UTC

www/firefox builds fine on 12.0-CURRENT but devel/llvm60 still crashes. Brooks, can you either back out ports r467849 or import base r332898 as well?

Comment 7 commit-hook freebsd_committer

2018-04-27 17:41:54 UTC

A commit references this bug:

Author: jbeich
Date: Fri Apr 27 17:41:18 UTC 2018
New revision: 468476
URL: https://svnweb.freebsd.org/changeset/ports/468476

Log:
  devel/llvm60: apply i386 crashfix after r467849

  PR:		227686, 227698
  Approved by:	portmgr blanket

Changes:
  head/devel/llvm60/Makefile
  head/devel/llvm60/files/patch-fsvn-r332898

Comment 8 commit-hook freebsd_committer

2018-04-27 19:22:22 UTC

A commit references this bug:

Author: dim
Date: Fri Apr 27 19:21:41 UTC 2018
New revision: 333070
URL: https://svnweb.freebsd.org/changeset/base/333070

Log:
  MFC r332833:

  Recommit r332501, with an additional upstream fix for "Cannot lower
  EFLAGS copy that lives out of a basic block!" errors on i386.

  Pull in r325446 from upstream clang trunk (by me):

    [X86] Add 'sahf' CPU feature to frontend

    Summary:
    Make clang accept `-msahf` (and `-mno-sahf`) flags to activate the
    `+sahf` feature for the backend, for bug 36028 (Incorrect use of
    pushf/popf enables/disables interrupts on amd64 kernels).  This was
    originally submitted in bug 36037 by Jonathan Looney
    <jonlooney@gmail.com>.

    As described there, GCC also uses `-msahf` for this feature, and the
    backend already recognizes the `+sahf` feature. All that is needed is
    to teach clang to pass this on to the backend.

    The mapping of feature support onto CPUs may not be complete; rather,
    it was chosen to match LLVM's idea of which CPUs support this feature
    (see lib/Target/X86/X86.td).

    I also updated the affected test case (CodeGen/attr-target-x86.c) to
    match the emitted output.

    Reviewers: craig.topper, coby, efriedma, rsmith

    Reviewed By: craig.topper

    Subscribers: emaste, cfe-commits

    Differential Revision: https://reviews.llvm.org/D43394

  Pull in r328944 from upstream llvm trunk (by Chandler Carruth):

    [x86] Expose more of the condition conversion routines in the public
    API for X86's instruction information. I've now got a second patch
    under review that needs these same APIs. This bit is nicely
    orthogonal and obvious, so landing it. NFC.

  Pull in r329414 from upstream llvm trunk (by Craig Topper):

    [X86] Merge itineraries for CLC, CMC, and STC.

    These are very simple flag setting instructions that appear to only
    be a single uop. They're unlikely to need this separation.

  Pull in r329657 from upstream llvm trunk (by Chandler Carruth):

    [x86] Introduce a pass to begin more systematically fixing PR36028
    and similar issues.

    The key idea is to lower COPY nodes populating EFLAGS by scanning the
    uses of EFLAGS and introducing dedicated code to preserve the
    necessary state in a GPR. In the vast majority of cases, these uses
    are cmovCC and jCC instructions. For such cases, we can very easily
    save and restore the necessary information by simply inserting a
    setCC into a GPR where the original flags are live, and then testing
    that GPR directly to feed the cmov or conditional branch.

    However, things are a bit more tricky if arithmetic is using the
    flags.  This patch handles the vast majority of cases that seem to
    come up in practice: adc, adcx, adox, rcl, and rcr; all without
    taking advantage of partially preserved EFLAGS as LLVM doesn't
    currently model that at all.

    There are a large number of operations that techinaclly observe
    EFLAGS currently but shouldn't in this case -- they typically are
    using DF.  Currently, they will not be handled by this approach.
    However, I have never seen this issue come up in practice. It is
    already pretty rare to have these patterns come up in practical code
    with LLVM. I had to resort to writing MIR tests to cover most of the
    logic in this pass already.  I suspect even with its current amount
    of coverage of arithmetic users of EFLAGS it will be a significant
    improvement over the current use of pushf/popf. It will also produce
    substantially faster code in most of the common patterns.

    This patch also removes all of the old lowering for EFLAGS copies,
    and the hack that forced us to use a frame pointer when EFLAGS copies
    were found anywhere in a function so that the dynamic stack
    adjustment wasn't a problem. None of this is needed as we now lower
    all of these copies directly in MI and without require stack
    adjustments.

    Lots of thanks to Reid who came up with several aspects of this
    approach, and Craig who helped me work out a couple of things
    tripping me up while working on this.

    Differential Revision: https://reviews.llvm.org/D45146

  Pull in r329673 from upstream llvm trunk (by Chandler Carruth):

    [x86] Model the direction flag (DF) separately from the rest of
    EFLAGS.

    This cleans up a number of operations that only claimed te use EFLAGS
    due to using DF. But no instructions which we think of us setting
    EFLAGS actually modify DF (other than things like popf) and so this
    needlessly creates uses of EFLAGS that aren't really there.

    In fact, DF is so restrictive it is pretty easy to model. Only STD,
    CLD, and the whole-flags writes (WRFLAGS and POPF) need to model
    this.

    I've also somewhat cleaned up some of the flag management instruction
    definitions to be in the correct .td file.

    Adding this extra register also uncovered a failure to use the
    correct datatype to hold X86 registers, and I've corrected that as
    necessary here.

    Differential Revision: https://reviews.llvm.org/D45154

  Pull in r330264 from upstream llvm trunk (by Chandler Carruth):

    [x86] Fix PR37100 by teaching the EFLAGS copy lowering to rewrite
    uses across basic blocks in the limited cases where it is very
    straight forward to do so.

    This will also be useful for other places where we do some limited
    EFLAGS propagation across CFG edges and need to handle copy rewrites
    afterward. I think this is rapidly approaching the maximum we can and
    should be doing here. Everything else begins to require either heroic
    analysis to prove how to do PHI insertion manually, or somehow
    managing arbitrary PHI-ing of EFLAGS with general PHI insertion.
    Neither of these seem at all promising so if those cases come up,
    we'll almost certainly need to rewrite the parts of LLVM that produce
    those patterns.

    We do now require dominator trees in order to reliably diagnose
    patterns that would require PHI nodes. This is a bit unfortunate but
    it seems better than the completely mysterious crash we would get
    otherwise.

    Differential Revision: https://reviews.llvm.org/D45673

  Together, these should ensure clang does not use pushf/popf sequences to
  save and restore flags, avoiding problems with unrelated flags (such as
  the interrupt flag) being restored unexpectedly.

  Requested by:	jtl
  PR:		225330

  MFC r332898:

  Pull in r329771 from upstream llvm trunk (by Craig Topper):

    [X86] In X86FlagsCopyLowering, when rewriting a memory setcc we need
    to emit an explicit MOV8mr instruction.

    Previously the code only knew how to handle setcc to a register.

    This should fix a crash in the chromium build.

  This fixes various assertion failures while building ports targeting
  i386:
  * www/firefox: isReg() && "This is not a register operand!"
  * www/iridium, www/qt5-webengine: (I.atEnd() || std::next(I) ==
    def_instr_end()) && "getVRegDef assumes a single definition or no
    definition"
  * devel/powerpc64-gcc: FromReg != ToReg && "Cannot replace a reg with
    itself"

  Reported by:	jbeich
  PR:		225330, 227686, 227698, 227699

Changes:
_U  stable/11/
  stable/11/contrib/llvm/include/llvm/CodeGen/MachineBasicBlock.h
  stable/11/contrib/llvm/lib/CodeGen/MachineBasicBlock.cpp
  stable/11/contrib/llvm/lib/Target/X86/Disassembler/X86Disassembler.cpp
  stable/11/contrib/llvm/lib/Target/X86/X86.h
  stable/11/contrib/llvm/lib/Target/X86/X86FlagsCopyLowering.cpp
  stable/11/contrib/llvm/lib/Target/X86/X86ISelLowering.cpp
  stable/11/contrib/llvm/lib/Target/X86/X86ISelLowering.h
  stable/11/contrib/llvm/lib/Target/X86/X86InstrCompiler.td
  stable/11/contrib/llvm/lib/Target/X86/X86InstrInfo.cpp
  stable/11/contrib/llvm/lib/Target/X86/X86InstrInfo.h
  stable/11/contrib/llvm/lib/Target/X86/X86InstrInfo.td
  stable/11/contrib/llvm/lib/Target/X86/X86InstrSystem.td
  stable/11/contrib/llvm/lib/Target/X86/X86RegisterInfo.td
  stable/11/contrib/llvm/lib/Target/X86/X86Schedule.td
  stable/11/contrib/llvm/lib/Target/X86/X86ScheduleAtom.td
  stable/11/contrib/llvm/lib/Target/X86/X86TargetMachine.cpp
  stable/11/contrib/llvm/tools/clang/include/clang/Driver/Options.td
  stable/11/contrib/llvm/tools/clang/lib/Basic/Targets/X86.cpp
  stable/11/contrib/llvm/tools/clang/lib/Basic/Targets/X86.h
  stable/11/lib/clang/freebsd_cc_version.h
  stable/11/lib/clang/libllvm/Makefile