xls
xls copied to clipboard
google
SIGSEGV when running under JIT
Found using the XLS fuzzer over the weekend (~Mar 2)
With test.ir:
package subrosa
top fn function_0(param: bits[40], param__1: bits[20]) -> (bits[1], bits[40]) {
literal.3: bits[40] = literal(value=549755813889, id=3)
umul.4: bits[80] = umul(param, literal.3, id=4)
bit_slice.5: bits[1] = bit_slice(umul.4, start=79, width=1, id=5)
zero_ext.6: bits[40] = zero_ext(bit_slice.5, new_bit_count=40, id=6)
zero_ext.7: bits[20] = zero_ext(bit_slice.5, new_bit_count=20, id=7)
not.8: bits[1] = not(bit_slice.5, id=8)
reverse.9: bits[40] = reverse(zero_ext.6, id=9)
uge.10: bits[1] = uge(zero_ext.7, param__1, id=10)
concat.11: bits[41] = concat(not.8, reverse.9, id=11)
zero_ext.12: bits[40] = zero_ext(uge.10, new_bit_count=40, id=12)
encode.13: bits[6] = encode(concat.11, id=13)
bit_slice.14: bits[1] = bit_slice(zero_ext.12, start=0, width=1, id=14)
zero_ext.15: bits[40] = zero_ext(encode.13, new_bit_count=40, id=15)
ret tuple.16: (bits[1], bits[40]) = tuple(bit_slice.14, zero_ext.15, id=16)
}
eval_ir_main --input="bits[40]:0xff_ffff_ffff; bits[20]:0x5_5555" --use_llvm_jit test.ir fails with SIGSEGV, giving a stack trace something like:
PC: @ 0x561cd503b369 (unknown) llvm::EVT::isExtendedVector()
@ 0x561cd630c439 928 FailureSignalHandler()
@ 0x7f5059d5be80 687822648 (unknown)
@ 0x561cd503b369 8 llvm::EVT::isExtendedVector()
@ 0x561cd4ca011a 544 llvm::SelectionDAG::getNode()
@ 0x561cd46686dc 288 combineX86AddSub()
@ 0x561cd4653de1 1488 llvm::X86TargetLowering::PerformDAGCombine()
@ 0x561cd4bb9d4a 336 (anonymous namespace)::DAGCombiner::combine()
@ 0x561cd4bb8a8a 1696 llvm::SelectionDAG::Combine()
@ 0x561cd4d16297 480 llvm::SelectionDAGISel::CodeGenAndEmitDAG()
@ 0x561cd4d158fb 800 llvm::SelectionDAGISel::SelectAllBasicBlocks()
@ 0x561cd4d13577 336 llvm::SelectionDAGISel::runOnMachineFunction()
@ 0x561cd4801332 32 (anonymous namespace)::X86DAGToDAGISel::runOnMachineFunction()
@ 0x561cd4ad7d70 976 llvm::MachineFunctionPass::runOnFunction()
@ 0x561cd5cca1f5 208 llvm::FPPassManager::runOnFunction()
@ 0x561cd5cd0be4 48 llvm::FPPassManager::runOnModule()
@ 0x561cd5cca94a 352 llvm::legacy::PassManagerImpl::run()
@ 0x561cd454055c 320 llvm::orc::SimpleCompiler::operator()()
@ 0x561cd455c686 64 llvm::orc::ThreadSafeModule::withModuleDo<>()
@ 0x561cd455c50e 144 llvm::orc::IRCompileLayer::emit()
@ 0x561cd455ca2d 160 llvm::orc::IRTransformLayer::emit()
@ 0x561cd455e814 176 llvm::orc::BasicIRLayerMaterializationUnit::materialize()
@ 0x561cd454e18f 32 llvm::orc::ExecutionSession::runOnCurrentThread()
@ 0x561cd454ede3 96 llvm::orc::ExecutionSession::dispatchOutstandingMUs()
@ 0x561cd4550f83 288 llvm::orc::ExecutionSession::OL_completeLookup()
@ 0x561cd45596bb 48 llvm::orc::InProgressFullLookupState::complete()
@ 0x561cd45430fc 224 llvm::orc::ExecutionSession::OL_applyQueryPhase1()
@ 0x561cd4542539 112 llvm::orc::ExecutionSession::lookup()
@ 0x561cd454f22d 224 llvm::orc::ExecutionSession::lookup()
@ 0x561cd454f585 160 llvm::orc::ExecutionSession::lookup()
@ 0x561cd454f970 112 llvm::orc::ExecutionSession::lookup()
@ 0x561cd451d7c7 176 xls::OrcJit::LoadSymbol()
@ 0x561cd44edb0e 768 xls::(anonymous namespace)::BuildFunctionAndDependencies()
@ 0x561cd44ec67f 560 xls::BuildFunction()
@ 0x561cd44ea604 1488 xls::FunctionJit::CreateInternal()
@ 0x561cd44ea273 32 xls::FunctionJit::Create()
@ 0x561cd41bf429 720 xls::(anonymous namespace)::Eval()
@ 0x561cd41b69c0 1184 xls::(anonymous namespace)::RealMain()
@ 0x561cd41b4dd0 432 main
@ 0x7f5059bec3d4 192 __libc_start_main
