From e8bc700a87b88751b82e132b10c4b96f311e0b3a Mon Sep 17 00:00:00 2001 From: Hal Finkel Date: Fri, 2 Aug 2013 21:13:42 +0000 Subject: [PATCH] Fix invalid function pointers in bugpoint ExtractLoops The ExtractLoops function tries to reduce the failing test case by extracting one or more loops from the misoptimized piece of the program. In doing this, ExtractLoops must keep the MiscompiledFunctions vector up-to-date by ensuring that the pointers refer to functions in the current failing program. Unfortunately, this is not trivial because: - ExtractLoops is iterative, and there are several early exits (and the MiscompiledFunctions vector must be consistent with the current program at every non-fatal exit point). - Several of the utility functions used by ExtractLoops (such as TestOptimizer, some of which are called through the TestFn callback parameter, and Linker::LinkModules) delete their inputs upon success. This change adds several updates of the MiscompiledFunctions vector at different points. The first is after the initial call to TestMergedProgram which checks that the loop-extracted program still works. The second is after the call to TestFn (TestOptimizer, for example). This function will delete its inputs (which is why the existing ExtractLoops logic cloned the inputs first). git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@187674 91177308-0d34-0410-b5e6-96231b3b80d8 --- tools/bugpoint/Miscompilation.cpp | 49 ++++++++++++++++++++++++++----- 1 file changed, 42 insertions(+), 7 deletions(-) diff --git a/tools/bugpoint/Miscompilation.cpp b/tools/bugpoint/Miscompilation.cpp index 5574303321c..771ec34b73c 100644 --- a/tools/bugpoint/Miscompilation.cpp +++ b/tools/bugpoint/Miscompilation.cpp @@ -337,8 +337,13 @@ static bool ExtractLoops(BugDriver &BD, false, Error, Failure); if (!New) return false; + // Delete the original and set the new program. - delete BD.swapProgramIn(New); + Module *Old = BD.swapProgramIn(New); + for (unsigned i = 0, e = MiscompiledFunctions.size(); i != e; ++i) + MiscompiledFunctions[i] = cast(VMap[MiscompiledFunctions[i]]); + delete Old; + if (Failure) { BD.switchToInterpreter(AI); @@ -366,21 +371,51 @@ static bool ExtractLoops(BugDriver &BD, outs() << " Testing after loop extraction:\n"; // Clone modules, the tester function will free them. - Module *TOLEBackup = CloneModule(ToOptimizeLoopExtracted); - Module *TNOBackup = CloneModule(ToNotOptimize); + Module *TOLEBackup = CloneModule(ToOptimizeLoopExtracted, VMap); + Module *TNOBackup = CloneModule(ToNotOptimize, VMap); + + for (unsigned i = 0, e = MiscompiledFunctions.size(); i != e; ++i) + MiscompiledFunctions[i] = cast(VMap[MiscompiledFunctions[i]]); + Failure = TestFn(BD, ToOptimizeLoopExtracted, ToNotOptimize, Error); if (!Error.empty()) return false; + + ToOptimizeLoopExtracted = TOLEBackup; + ToNotOptimize = TNOBackup; + if (!Failure) { outs() << "*** Loop extraction masked the problem. Undoing.\n"; // If the program is not still broken, then loop extraction did something // that masked the error. Stop loop extraction now. - delete TOLEBackup; - delete TNOBackup; + + std::vector > MisCompFunctions; + for (unsigned i = 0, e = MiscompiledFunctions.size(); i != e; ++i) { + Function *F = MiscompiledFunctions[i]; + MisCompFunctions.push_back(std::make_pair(F->getName(), + F->getFunctionType())); + } + + std::string ErrorMsg; + if (Linker::LinkModules(ToNotOptimize, ToOptimizeLoopExtracted, + Linker::DestroySource, &ErrorMsg)){ + errs() << BD.getToolName() << ": Error linking modules together:" + << ErrorMsg << '\n'; + exit(1); + } + + MiscompiledFunctions.clear(); + for (unsigned i = 0, e = MisCompFunctions.size(); i != e; ++i) { + Function *NewF = ToNotOptimize->getFunction(MisCompFunctions[i].first); + + assert(NewF && "Function not found??"); + MiscompiledFunctions.push_back(NewF); + } + + delete ToOptimizeLoopExtracted; + BD.setNewProgram(ToNotOptimize); return MadeChange; } - ToOptimizeLoopExtracted = TOLEBackup; - ToNotOptimize = TNOBackup; outs() << "*** Loop extraction successful!\n"; -- 2.34.1