Bug 199450 - clang 3.6 crash building lang/spidermonkey
Summary: clang 3.6 crash building lang/spidermonkey
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: arm (show other bugs)
Version: CURRENT
Hardware: arm Any
: --- Affects Some People
Assignee: freebsd-arm (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-04-14 18:27 UTC by Sean Bruno
Modified: 2018-05-28 19:48 UTC (History)
1 user (show)

See Also:


Attachments
c source file from clang36 crash (672.61 KB, application/x-compressed-tar)
2015-04-14 18:29 UTC, Sean Bruno
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Sean Bruno freebsd_committer 2015-04-14 18:27:43 UTC
./jscompartment.h:536:11: note: in instantiation of member function 'JS::AutoVectorRooter<js::WrapperValue>::AutoVectorRooter' requested here
        : AutoVectorRooter<WrapperValue>(cx, WRAPVECTOR)
          ^
Assertion failed: ((PartVT.isInteger() || PartVT == MVT::x86mmx) && ValueVT.isInteger() && "Unknown mismatch!"), function getCopyToParts, file /usr/local/poudriere/jails/11armv6hf/usr/src/lib/clang/libllvmselectiondag/../../../contrib/llvm/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp, line 398.
Stack dump:
0.	Program arguments: /nxb-bin/usr/bin/c++ -cc1 -triple armv6--freebsd11.0-gnueabihf -emit-obj -disable-free -main-file-name FoldConstants.cpp -mrelocation-model pic -pic-level 2 -mthread-model posix -relaxed-aliasing -masm-verbose -mconstructor-aliases -target-cpu arm1176jzf-s -target-abi aapcs-linux -mfloat-abi hard -dwarf-column-info -ffunction-sections -fdata-sections -coverage-file /wrkdirs/usr/ports/lang/spidermonkey24/work/mozjs-24.2.0/js/src/FoldConstants.o -resource-dir /nxb-bin/usr/bin/../lib/clang/3.6.0 -dependency-file .deps/FoldConstants.o.pp -MT FoldConstants.o -sys-header-deps -MP -include ./js-confdefs.h -D NO_NSPR_10_SUPPORT -D IMPL_MFBT -D EXPORT_JS_API -D USE_ZLIB -D NDEBUG -D TRIMMED -D USE_SYSTEM_MALLOC=1 -D ENABLE_ASSEMBLER=1 -D ENABLE_JIT=1 -D MOZILLA_CLIENT -I ./../../mfbt/double-conversion -I ./../../intl/icu/source/common -I ./../../intl/icu/source/i18n -I . -I . -I ./dist/include -I /usr/local/include/nspr -I . -I ./assembler -I ./yarr -I /usr/local/include -I /usr/local/include -internal-isystem /usr/include/c++/v1 -O2 -Wall -Wpointer-arith -Woverloaded-virtual -Werror=return-type -Wtype-limits -Wempty-body -Werror=conversion-null -Wsign-compare -Wno-invalid-offsetof -Wno-c++0x-extensions -Wno-extended-offsetof -Wno-unknown-warning-option -Wno-return-type-c-linkage -Wno-mismatched-tags -fdeprecated-macro -fdebug-compilation-dir /wrkdirs/usr/ports/lang/spidermonkey24/work/mozjs-24.2.0/js/src -ferror-limit 19 -fmessage-length 0 -fvisibility hidden -mstackrealign -fno-rtti -fno-signed-char -fobjc-runtime=gnustep -fdiagnostics-show-option -vectorize-loops -vectorize-slp -o FoldConstants.o -x c++ /wrkdirs/usr/ports/lang/spidermonkey24/work/mozjs-24.2.0/js/src/frontend/FoldConstants.cpp 
1.	<eof> parser at end of file
2.	Code generation
3.	Running pass 'Function Pass Manager' on module '/wrkdirs/usr/ports/lang/spidermonkey24/work/mozjs-24.2.0/js/src/frontend/FoldConstants.cpp'.
4.	Running pass 'ARM Instruction Selection' on function '@_ZN2js8frontend13FoldConstantsINS0_16FullParseHandlerEEEbP9JSContextPNT_4NodeEPNS0_6ParserIS5_EEbb'
c++: error: unable to execute command: Abort trap (core dumped)
c++: error: clang frontend command failed due to signal (use -v to see invocation)
FreeBSD clang version 3.6.0 (tags/RELEASE_360/final 230434) 20150225
Target: armv6--freebsd11.0-gnueabihf
Thread model: posix
c++: note: diagnostic msg: PLEASE submit a bug report to https://bugs.freebsd.org/submit/ and include the crash backtrace, preprocessed source, and associated run script.
c++: note: diagnostic msg: 
********************

PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
c++: note: diagnostic msg: /tmp/FoldConstants-411daf.cpp
c++: note: diagnostic msg: /tmp/FoldConstants-411daf.sh
c++: note: diagnostic msg:
Comment 1 Sean Bruno freebsd_committer 2015-04-14 18:29:36 UTC
Created attachment 155594 [details]
c source file from clang36 crash
Comment 2 Sean Bruno freebsd_committer 2015-04-14 18:29:57 UTC
root@11armv6hf-default:~ # clang -v
FreeBSD clang version 3.6.0 (tags/RELEASE_360/final 230434) 20150225
Target: armv6--freebsd11.0-gnueabihf
Thread model: posix
Comment 3 Dimitry Andric freebsd_committer 2015-04-14 19:32:47 UTC
Also results in an assertion with upstream, clang trunk r234702:

$ ~/obj/llvm-234702-trunk-freebsd11-i386-ninja-rel-1/bin/clang -cc1 -triple armv6--freebsd11.0-gnueabihf -emit-obj -disable-free -main-file-name FoldConstants.cpp -mrelocation-model pic -pic-level 2 -mthread-model posix -relaxed-aliasing -masm-verbose -mconstructor-aliases -target-cpu arm1176jzf-s -target-abi aapcs-linux -mfloat-abi hard -dwarf-column-info -ffunction-sections -fdata-sections -sys-header-deps -D NO_NSPR_10_SUPPORT -D IMPL_MFBT -D EXPORT_JS_API -D USE_ZLIB -D NDEBUG -D TRIMMED -D USE_SYSTEM_MALLOC=1 -D ENABLE_ASSEMBLER=1 -D ENABLE_JIT=1 -D MOZILLA_CLIENT -O2 -Wall -Wpointer-arith -Woverloaded-virtual -Werror=return-type -Wtype-limits -Wempty-body -Werror=conversion-null -Wsign-compare -Wno-invalid-offsetof -Wno-c++0x-extensions -Wno-extended-offsetof -Wno-unknown-warning-option -Wno-return-type-c-linkage -Wno-mismatched-tags -fdeprecated-macro -ferror-limit 19 -fmessage-length 0 -fvisibility hidden -mstackrealign -fno-rtti -fno-signed-char -fobjc-runtime=gnustep -fdiagnostics-show-option -vectorize-loops -vectorize-slp -x c++ FoldConstants-1fef3a.cpp
[...]

Assertion failed: ((PartVT.isInteger() || PartVT == MVT::x86mmx) && ValueVT.isInteger() && "Unknown mismatch!"), function getCopyToParts, file /share/dim/src/llvm/trunk/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp, line 399.
Abort trap (core dumped)

I will attempt to reduce, and report upstream.
Comment 4 Dimitry Andric freebsd_committer 2015-04-14 19:46:20 UTC
Reduced to just a bit of inline asm:

$ cat toint32.c
// clang -cc1 -triple armv6--freebsd11.0-gnueabihf -emit-obj toint32.c

int ToInt32(double d)
{
    int i;
    unsigned tmp0;
    unsigned tmp1;
    unsigned tmp2;
    asm (
"   mov     %1, %R4, LSR #20\n"
"   bic     %1, %1, #(1 << 11)\n"
"   orr     %R4, %R4, #(1 << 20)\n"
"   sub     %1, %1, #0xff\n"
"   subs    %1, %1, #0x300\n"
"   bmi     8f\n"
"   subs    %3, %1, #52\n"
"   bmi     1f\n"
"   bic     %2, %3, #0xff\n"
"   orr     %3, %3, %2, LSR #3\n"
"   mov     %Q4, %Q4, LSL %3\n"
"   b       2f\n"
"1:\n"
"   rsb     %3, %1, #52\n"
"   mov     %Q4, %Q4, LSR %3\n"
"2:\n"
"   subs    %3, %1, #31\n"
"   mov     %1, %R4, LSL #11\n"
"   bmi     3f\n"
"   bic     %2, %3, #0xff\n"
"   orr     %3, %3, %2, LSR #3\n"
"   mov     %2, %1, LSL %3\n"
"   b       4f\n"
"3:\n"
"   rsb     %3, %3, #0\n"
"   mov     %2, %1, LSR %3\n"
"4:\n"
"   orr     %Q4, %Q4, %2\n"
"   eor     %Q4, %Q4, %R4, ASR #31\n"
"   add     %0, %Q4, %R4, LSR #31\n"
"   b       9f\n"
"8:\n"
"   mov     %0, #0\n"
"9:\n"
    : "=r" (i), "=&r" (tmp0), "=&r" (tmp1), "=&r" (tmp2), "=&r" (d)
    : "4" (d)
    : "cc"
        );
    return i;
}
Comment 5 Dimitry Andric freebsd_committer 2015-04-14 19:49:16 UTC
Sorry, it also needs -target-cpu arm1176jzf-s to assert, e.g.:

clang -cc1 -triple armv6--freebsd11.0-gnueabihf -emit-obj -target-cpu arm1176jzf-s toint32.c
Comment 6 Dimitry Andric freebsd_committer 2015-04-14 20:01:02 UTC
Further reduced to:

a, b, c, d;
double e;
fn1() { asm("" : "=r"(a), "=&r"(b), "=&r"(c), "=&r"(d), "=&r"(e) : "4"(e)); }

Reported upstream: http://llvm.org/PR23229
Comment 7 Eitan Adler freebsd_committer freebsd_triage 2018-05-28 19:48:42 UTC
batch change:

For bugs that match the following
-  Status Is In progress 
AND
- Untouched since 2018-01-01.
AND
- Affects Base System OR Documentation

DO:

Reset to open status.


Note:
I did a quick pass but if you are getting this email it might be worthwhile to double check to see if this bug ought to be closed.