New user self-registration is disabled due to spam. For an account please email bugs-admin@lists.llvm.org with your e-mail address and full name.

Bug 38707 - SROA can create badly-aligned/misaligned slices
Summary: SROA can create badly-aligned/misaligned slices
Status: RESOLVED FIXED
Alias: None
Product: libraries
Classification: Unclassified
Component: Scalar Optimizations (show other bugs)
Version: 7.0
Hardware: PC Linux
: P enhancement
Assignee: Unassigned LLVM Bugs
URL:
Keywords:
Depends on:
Blocks: release-7.0.0
  Show dependency tree
 
Reported: 2018-08-26 03:10 PDT by Ariel Ben-Yehuda
Modified: 2018-09-04 02:56 PDT (History)
10 users (show)

See Also:
Fixed By Commit(s):


Attachments
IR that reproduces the bug (9.42 KB, text/plain)
2018-08-26 03:10 PDT, Ariel Ben-Yehuda
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Ariel Ben-Yehuda 2018-08-26 03:10:18 PDT
Created attachment 20770 [details]
IR that reproduces the bug

I found a case in which SROA replaces an aligned access to an alloca with an access to a new alloca that is differently aligned, which e.g. causes crashes on SPARC (this appears to be the root cause of https://github.com/rust-lang/rust/issues/53181).

In the attached IR, %_587 is an aligned alloca, and the pre-SROA code goes as follows

```
  %CrateLint = type { [0 x i8], i8, [11 x i8] }
...
  %_587 = alloca %CrateLint, align 4
...
bb10.i:
  ; %26 is 4 bytes offset into the alloca, and therefore dword-aligned
  %19 = getelementptr inbounds %CrateLint, %CrateLint* %_587, i64 0, i32 2, i64 3
  br label %bb13.i

bb13.i:
  %_14.sroa.0.0.in.in.i = phi i8* [ %21, %bb12.i ], [ %20, %bb11.i ], [ %19, %bb10.i ]
  %_14.sroa.0.0.in.i = bitcast i8* %_14.sroa.0.0.in.in.i to i32*
  %_14.sroa.0.0.i = load i32, i32* %_14.sroa.0.0.in.i, align 4
  ...
```

This loads `%_14.sroa.0.0.i` from a 4-aligned address. However, SROA generates the following code:

```
  %_587.sroa.3 = alloca [7 x i8]
bb10.i:                                           ; preds = %start
  %_587.sroa.3.3..sroa_idx = getelementptr inbounds [7 x i8], [7 x i8]* %_587.sroa.3, i64 0, i64 3
  br label %bb13.i
bb13.i:                                           ; preds = %bb12.i, %bb11.i, %bb10.i
  %_14.sroa.0.0.in.in.i = phi i8* [ %_587.sroa.6.0..sroa_cast7, %bb12.i ], [ %_587.sroa.6.0..sroa_cast6, %bb11.i ], [ %_587.sroa.3.3..sroa_idx, %bb10.i ]
  ...
  %_14.sroa.0.0.in.i = bitcast i8* %_14.sroa.0.0.in.in.i to i32*
  %_14.sroa.0.0.i = load i32, i32* %_14.sroa.0.0.in.i, align 4
  ...
```

This performs the dword-aligned load out of `%_587.sroa.3.3..sroa_idx`, which is aligned 3 (mod 4), and therefore definitely not dword-aligned.

Attached the minified reproducing IR (I hope that it doesn't have UB - I can send the fuller IR if you want, but it is much larger).
Comment 1 Ariel Ben-Yehuda 2018-08-27 09:41:43 PDT
cc
Comment 2 Ariel Ben-Yehuda 2018-08-27 09:42:21 PDT
cc @chandlerc & @davide - I think you know SROA well?
Comment 3 Eli Friedman 2018-08-27 17:51:46 PDT
Looking.
Comment 4 Eli Friedman 2018-08-27 18:22:41 PDT
https://reviews.llvm.org/D51335 .
Comment 5 John Paul Adrian Glaubitz 2018-08-27 18:36:37 PDT
Testing whether this patch fixes: https://github.com/rust-lang/rust/issues/53181
Comment 6 John Paul Adrian Glaubitz 2018-08-27 23:43:17 PDT
(In reply to John Paul Adrian Glaubitz from comment #5)
> Testing whether this patch fixes:
> https://github.com/rust-lang/rust/issues/53181

I can confirm that the patch fixes the Rust issue on sparc64 above.
Comment 7 Sylvestre Ledru 2018-08-30 02:22:41 PDT
Hans, we probably want to backport this one to 7 too.
Comment 8 Eli Friedman 2018-08-30 11:59:55 PDT
r341094
Comment 9 Hans Wennborg 2018-08-31 08:53:21 PDT
(In reply to Eli Friedman from comment #8)
> r341094

Thanks! Merged in r341220.