Uploaded image for project: 'Harmony'
  1. Harmony
  2. HARMONY-5996

[HARMONY][JIT][OPTIMIZER] Assumption in array base address load asscoiated symbolic analysis of dabce caused bug

Add voteWatch issue
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Critical
    • Resolution: Unresolved
    • None
    • None
    • DRLVM
    • None
    • Windows
    • Moderate

    Description

      In function code:
      void DynamicABCE::fillTemplate(ArrayAccessTemplate* arrayAccess, Inst* checkInst) {
      ....
      Node* node = checkInst->getNode()->getUnconditionalEdgeTarget();
      for (Inst* inst = (Inst*)node->getFirstInst(); inst != NULL; inst = inst->getNextInst())

      { ... }

      else if (opcode == Op_AddScaledIndex &&
      arrayAccess->index == inst->getSrc(1) && arrayAccess->array == NULL)

      { assert(ldBaseInst == NULL); ldBaseInst = inst->getSrc(0)->asSsaOpnd()->getInst(); assert(ldBaseInst->getOpcode() == Op_LdArrayBaseAddr); arrayAccess->array = ldBaseInst->getSrc(0)->asSsaOpnd(); break; }

      }
      ...
      }

      The code "assert(ldBaseInst->getOpcode() == Op_LdArrayBaseAddr);" assumes that after bound checking, the direct target block will access array immediately, and the array access instruction in it will use "Op_LdArrayBaseAddr" instruction to access the array base. However, this kind assumption is very tender.

      In server: scimark.sor.small.
      After loop peeling, phi instruction is generated for LDBASE instruction, this time LDVAR instruction will be used to get the variable from Phi. The assertion will fail and bug will happen.

      There may be two kind solutions:
      1. In IR building, record the array access information.
      2. Or more accurate symbolic is used to find the array base load instruction.

      Thanks!

      Buqi

      Attachments

        1. dabce_fillTemplate_bug.h.patch
          0.6 kB
          Cheng, BuQi
        2. dabce_fillTemplate_bug.cpp.patch
          2 kB
          Cheng, BuQi

        Activity

          People

            Unassigned Unassigned
            bcheng Cheng, BuQi

            Dates

              Created:
              Updated:

              Slack

                Issue deployment