-Wframe-larger-than in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_vp9_req_lat_if.c with ARCH=loongarch allmodconfig #2014
Labels
-Wframe-larger-than=
[ARCH] loongarch
This bug impacts ARCH=loongarch
[CONFIG] allmodconfig
Issue affects allmodconfig on certain architectures
[FIXED][LLVM] main
This bug was only present and fixed in an unreleased version of LLVM
Comments
nathanchance
added
[BUG] Untriaged
|
Thank you for pointing this out. I added two
; llc --mtriple loongarch64 -o t.s t.ll --mattr="+ual"
; warning: <unknown>:0:0: stack frame size (288) exceeds limit (64) in function 'vdec_vp9_slice_update_prob'
; llc --mtriple loongarch64 -o t.s t.ll --mattr="-ual"
; warning: <unknown>:0:0: stack frame size (1248) exceeds limit (64) in function 'vdec_vp9_slice_update_prob'
; llc --mtriple aarch64 -o t.s t.ll --mattr="-strict-align"
; warning: <unknown>:0:0: stack frame size (144) exceeds limit (64) in function 'vdec_vp9_slice_update_prob'
; llc --mtriple aarch64 -o t.s t.ll --mattr="+strict-align"
; warning: <unknown>:0:0: stack frame size (144) exceeds limit (64) in function 'vdec_vp9_slice_update_prob'
; ModuleID = 't.c'
source_filename = "t.c"
%struct.vdec_vp9_slice_frame_ctx = type { [4 x [2 x [2 x [16 x %struct.anon.0]]]], [16 x [4 x i8]], [0 x [4 x i8]] }
%struct.anon.0 = type { [6 x [3 x i8]] }
@vdec_vp9_slice_update_prob_instance = dso_local local_unnamed_addr global ptr null, align 8
@vdec_vp9_slice_update_prob_uh_4 = dso_local local_unnamed_addr global i32 0, align 4
@vdec_vp9_slice_update_prob_uh_0 = dso_local local_unnamed_addr global i8 0, align 1
@vdec_vp9_slice_update_prob_vsi = dso_local local_unnamed_addr global ptr null, align 8
@vdec_vp9_slice_framectx_map_helper_frame_ctx = dso_local local_unnamed_addr global ptr null, align 8
@vdec_vp9_slice_framectx_map_helper___p_size_field = dso_local local_unnamed_addr global i64 0, align 8
@vdec_vp9_slice_framectx_map_helper___trans_tmp_2 = dso_local local_unnamed_addr global i8 0, align 1
@vdec_vp9_slice_helper_map_framectx___trans_tmp_9 = dso_local local_unnamed_addr global i8 0, align 1
; Function Attrs: nounwind
define dso_local noundef signext i32 @vdec_vp9_slice_update_prob() local_unnamed_addr #0 {
%1 = load ptr, ptr @vdec_vp9_slice_update_prob_instance, align 8, !tbaa !4
%2 = getelementptr inbounds i8, ptr %1, i64 16
%3 = load i32, ptr @vdec_vp9_slice_update_prob_uh_4, align 4, !tbaa !8
%4 = sext i32 %3 to i64
%5 = getelementptr inbounds [4 x %struct.vdec_vp9_slice_frame_ctx], ptr %2, i64 0, i64 %4
%6 = getelementptr inbounds i8, ptr %1, i64 18704
%7 = load i8, ptr @vdec_vp9_slice_update_prob_uh_0, align 1, !tbaa !10
%8 = icmp eq i8 %7, 0
br i1 %8, label %9, label %13
9: ; preds = %0
%10 = load ptr, ptr @vdec_vp9_slice_update_prob_vsi, align 8, !tbaa !4
%11 = load i8, ptr %10, align 1, !tbaa !11
%12 = icmp ne i8 %11, 0
br label %13
13: ; preds = %9, %0
%14 = phi i1 [ true, %0 ], [ %12, %9 ]
%15 = getelementptr inbounds i8, ptr %1, i64 20522
%16 = getelementptr inbounds [4 x i8], ptr %15, i64 0, i64 %4
%17 = load i8, ptr %16, align 1, !tbaa !10
%18 = icmp eq i8 %17, 0
%19 = getelementptr inbounds i8, ptr %1, i64 20432
br i1 %18, label %84, label %20
20: ; preds = %13
%21 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%22 = shl i64 %21, 32
%23 = ashr exact i64 %22, 32
%24 = tail call signext i32 @__read_overflow2_field(i64 noundef %23, i64 noundef 8) #2
%25 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%26 = getelementptr inbounds i8, ptr %25, i64 4672
%27 = load i64, ptr %26, align 1
store i64 %27, ptr %19, align 1
%28 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%29 = shl i64 %28, 32
%30 = ashr exact i64 %29, 32
%31 = tail call signext i32 @__read_overflow2_field(i64 noundef %30, i64 noundef 8) #2
%32 = getelementptr inbounds i8, ptr %1, i64 20438
%33 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%34 = getelementptr inbounds i8, ptr %33, i64 4676
%35 = load i64, ptr %34, align 1
store i64 %35, ptr %32, align 1
%36 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%37 = shl i64 %36, 32
%38 = ashr exact i64 %37, 32
%39 = tail call signext i32 @__read_overflow2_field(i64 noundef %38, i64 noundef 8) #2
%40 = getelementptr inbounds i8, ptr %1, i64 20444
%41 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%42 = getelementptr inbounds i8, ptr %41, i64 4680
%43 = load i64, ptr %42, align 1
store i64 %43, ptr %40, align 1
%44 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%45 = shl i64 %44, 32
%46 = ashr exact i64 %45, 32
%47 = tail call signext i32 @__read_overflow2_field(i64 noundef %46, i64 noundef 8) #2
%48 = getelementptr inbounds i8, ptr %1, i64 20450
%49 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%50 = getelementptr inbounds i8, ptr %49, i64 4684
%51 = load i64, ptr %50, align 1
store i64 %51, ptr %48, align 1
%52 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%53 = shl i64 %52, 32
%54 = ashr exact i64 %53, 32
%55 = tail call signext i32 @__read_overflow2_field(i64 noundef %54, i64 noundef 8) #2
%56 = getelementptr inbounds i8, ptr %1, i64 20456
%57 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%58 = getelementptr inbounds i8, ptr %57, i64 4688
%59 = load i64, ptr %58, align 1
store i64 %59, ptr %56, align 1
%60 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%61 = shl i64 %60, 32
%62 = ashr exact i64 %61, 32
%63 = tail call signext i32 @__read_overflow2_field(i64 noundef %62, i64 noundef 8) #2
%64 = getelementptr inbounds i8, ptr %1, i64 20462
%65 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%66 = getelementptr inbounds i8, ptr %65, i64 4692
%67 = load i64, ptr %66, align 1
store i64 %67, ptr %64, align 1
%68 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%69 = shl i64 %68, 32
%70 = ashr exact i64 %69, 32
%71 = tail call signext i32 @__read_overflow2_field(i64 noundef %70, i64 noundef 8) #2
%72 = getelementptr inbounds i8, ptr %1, i64 20468
%73 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%74 = getelementptr inbounds i8, ptr %73, i64 4696
%75 = load i64, ptr %74, align 1
store i64 %75, ptr %72, align 1
%76 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%77 = shl i64 %76, 32
%78 = ashr exact i64 %77, 32
%79 = tail call signext i32 @__read_overflow2_field(i64 noundef %78, i64 noundef 8) #2
%80 = getelementptr inbounds i8, ptr %1, i64 20474
%81 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%82 = getelementptr inbounds i8, ptr %81, i64 4700
%83 = load i64, ptr %82, align 1
store i64 %83, ptr %80, align 1
br label %148
84: ; preds = %13
%85 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%86 = shl i64 %85, 32
%87 = ashr exact i64 %86, 32
%88 = tail call signext i32 @__read_overflow2_field(i64 noundef %87, i64 noundef 8) #2
%89 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%90 = getelementptr inbounds i8, ptr %89, i64 4672
%91 = load i64, ptr %90, align 1
store i64 %91, ptr %19, align 1
%92 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%93 = shl i64 %92, 32
%94 = ashr exact i64 %93, 32
%95 = tail call signext i32 @__read_overflow2_field(i64 noundef %94, i64 noundef 8) #2
%96 = getelementptr inbounds i8, ptr %1, i64 20438
%97 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%98 = getelementptr inbounds i8, ptr %97, i64 4676
%99 = load i64, ptr %98, align 1
store i64 %99, ptr %96, align 1
%100 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%101 = shl i64 %100, 32
%102 = ashr exact i64 %101, 32
%103 = tail call signext i32 @__read_overflow2_field(i64 noundef %102, i64 noundef 8) #2
%104 = getelementptr inbounds i8, ptr %1, i64 20444
%105 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%106 = getelementptr inbounds i8, ptr %105, i64 4680
%107 = load i64, ptr %106, align 1
store i64 %107, ptr %104, align 1
%108 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%109 = shl i64 %108, 32
%110 = ashr exact i64 %109, 32
%111 = tail call signext i32 @__read_overflow2_field(i64 noundef %110, i64 noundef 8) #2
%112 = getelementptr inbounds i8, ptr %1, i64 20450
%113 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%114 = getelementptr inbounds i8, ptr %113, i64 4684
%115 = load i64, ptr %114, align 1
store i64 %115, ptr %112, align 1
%116 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%117 = shl i64 %116, 32
%118 = ashr exact i64 %117, 32
%119 = tail call signext i32 @__read_overflow2_field(i64 noundef %118, i64 noundef 8) #2
%120 = getelementptr inbounds i8, ptr %1, i64 20456
%121 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%122 = getelementptr inbounds i8, ptr %121, i64 4688
%123 = load i64, ptr %122, align 1
store i64 %123, ptr %120, align 1
%124 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%125 = shl i64 %124, 32
%126 = ashr exact i64 %125, 32
%127 = tail call signext i32 @__read_overflow2_field(i64 noundef %126, i64 noundef 8) #2
%128 = getelementptr inbounds i8, ptr %1, i64 20462
%129 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%130 = getelementptr inbounds i8, ptr %129, i64 4692
%131 = load i64, ptr %130, align 1
store i64 %131, ptr %128, align 1
%132 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%133 = shl i64 %132, 32
%134 = ashr exact i64 %133, 32
%135 = tail call signext i32 @__read_overflow2_field(i64 noundef %134, i64 noundef 8) #2
%136 = getelementptr inbounds i8, ptr %1, i64 20468
%137 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%138 = getelementptr inbounds i8, ptr %137, i64 4696
%139 = load i64, ptr %138, align 1
store i64 %139, ptr %136, align 1
%140 = load i64, ptr @vdec_vp9_slice_framectx_map_helper___p_size_field, align 8, !tbaa !13
%141 = shl i64 %140, 32
%142 = ashr exact i64 %141, 32
%143 = tail call signext i32 @__read_overflow2_field(i64 noundef %142, i64 noundef 8) #2
%144 = getelementptr inbounds i8, ptr %1, i64 20474
%145 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%146 = getelementptr inbounds i8, ptr %145, i64 4700
%147 = load i64, ptr %146, align 1
store i64 %147, ptr %144, align 1
br label %148
148: ; preds = %20, %84
%149 = getelementptr inbounds i8, ptr %1, i64 20474
%150 = load ptr, ptr @vdec_vp9_slice_framectx_map_helper_frame_ctx, align 8, !tbaa !4
%151 = getelementptr inbounds i8, ptr %150, i64 4608
%152 = load i64, ptr %151, align 1
store i64 %152, ptr %149, align 1
%153 = getelementptr inbounds i8, ptr %1, i64 20477
%154 = getelementptr inbounds i8, ptr %150, i64 4612
%155 = load i64, ptr %154, align 1
store i64 %155, ptr %153, align 1
%156 = getelementptr inbounds i8, ptr %1, i64 20480
%157 = getelementptr inbounds i8, ptr %150, i64 4616
%158 = load i64, ptr %157, align 1
store i64 %158, ptr %156, align 1
%159 = getelementptr inbounds i8, ptr %1, i64 20483
%160 = getelementptr inbounds i8, ptr %150, i64 4620
%161 = load i64, ptr %160, align 1
store i64 %161, ptr %159, align 1
%162 = getelementptr inbounds i8, ptr %1, i64 20486
%163 = getelementptr inbounds i8, ptr %150, i64 4624
%164 = load i64, ptr %163, align 1
store i64 %164, ptr %162, align 1
%165 = getelementptr inbounds i8, ptr %1, i64 20489
%166 = getelementptr inbounds i8, ptr %150, i64 4628
%167 = load i64, ptr %166, align 1
store i64 %167, ptr %165, align 1
%168 = getelementptr inbounds i8, ptr %1, i64 20492
%169 = getelementptr inbounds i8, ptr %150, i64 4632
%170 = load i64, ptr %169, align 1
store i64 %170, ptr %168, align 1
%171 = getelementptr inbounds i8, ptr %1, i64 20495
%172 = getelementptr inbounds i8, ptr %150, i64 4636
%173 = load i64, ptr %172, align 1
store i64 %173, ptr %171, align 1
%174 = getelementptr inbounds i8, ptr %1, i64 20498
%175 = getelementptr inbounds i8, ptr %150, i64 4640
%176 = load i64, ptr %175, align 1
store i64 %176, ptr %174, align 1
%177 = getelementptr inbounds i8, ptr %1, i64 20501
%178 = getelementptr inbounds i8, ptr %150, i64 4644
%179 = load i64, ptr %178, align 1
store i64 %179, ptr %177, align 1
%180 = getelementptr inbounds i8, ptr %1, i64 20504
%181 = getelementptr inbounds i8, ptr %150, i64 4648
%182 = load i64, ptr %181, align 1
store i64 %182, ptr %180, align 1
%183 = getelementptr inbounds i8, ptr %1, i64 20507
%184 = getelementptr inbounds i8, ptr %150, i64 4652
%185 = load i64, ptr %184, align 1
store i64 %185, ptr %183, align 1
%186 = getelementptr inbounds i8, ptr %1, i64 20510
%187 = getelementptr inbounds i8, ptr %150, i64 4656
%188 = load i64, ptr %187, align 1
store i64 %188, ptr %186, align 1
%189 = getelementptr inbounds i8, ptr %1, i64 20513
%190 = getelementptr inbounds i8, ptr %150, i64 4660
%191 = load i64, ptr %190, align 1
store i64 %191, ptr %189, align 1
%192 = getelementptr inbounds i8, ptr %1, i64 20516
%193 = getelementptr inbounds i8, ptr %150, i64 4664
%194 = load i64, ptr %193, align 1
store i64 %194, ptr %192, align 1
%195 = getelementptr inbounds i8, ptr %1, i64 20519
%196 = getelementptr inbounds i8, ptr %150, i64 4668
%197 = load i64, ptr %196, align 1
store i64 %197, ptr %195, align 1
br i1 %14, label %198, label %384
198: ; preds = %148, %381
%199 = phi i64 [ %382, %381 ], [ 0, %148 ]
br label %313
200: ; preds = %381
%201 = getelementptr inbounds i8, ptr %5, i64 4672
%202 = getelementptr inbounds i8, ptr %1, i64 20432
%203 = tail call signext i32 @__read_overflow2_field(i64 noundef 0, i64 noundef 8) #2
%204 = sext i32 %203 to i64
%205 = tail call signext i32 @__read_overflow2_field(i64 noundef %204, i64 noundef 8) #2
%206 = load i64, ptr %202, align 1
store i64 %206, ptr %201, align 1
%207 = tail call signext i32 @__read_overflow2_field(i64 noundef 0, i64 noundef 8) #2
%208 = sext i32 %207 to i64
%209 = tail call signext i32 @__read_overflow2_field(i64 noundef %208, i64 noundef 8) #2
%210 = getelementptr inbounds i8, ptr %5, i64 4676
%211 = getelementptr inbounds i8, ptr %1, i64 20438
%212 = load i64, ptr %211, align 1
store i64 %212, ptr %210, align 1
%213 = tail call signext i32 @__read_overflow2_field(i64 noundef 0, i64 noundef 8) #2
%214 = sext i32 %213 to i64
%215 = tail call signext i32 @__read_overflow2_field(i64 noundef %214, i64 noundef 8) #2
%216 = getelementptr inbounds i8, ptr %5, i64 4680
%217 = getelementptr inbounds i8, ptr %1, i64 20444
%218 = load i64, ptr %217, align 1
store i64 %218, ptr %216, align 1
%219 = tail call signext i32 @__read_overflow2_field(i64 noundef 0, i64 noundef 8) #2
%220 = sext i32 %219 to i64
%221 = tail call signext i32 @__read_overflow2_field(i64 noundef %220, i64 noundef 8) #2
%222 = getelementptr inbounds i8, ptr %5, i64 4684
%223 = getelementptr inbounds i8, ptr %1, i64 20450
%224 = load i64, ptr %223, align 1
store i64 %224, ptr %222, align 1
%225 = tail call signext i32 @__read_overflow2_field(i64 noundef 0, i64 noundef 8) #2
%226 = sext i32 %225 to i64
%227 = tail call signext i32 @__read_overflow2_field(i64 noundef %226, i64 noundef 8) #2
%228 = getelementptr inbounds i8, ptr %5, i64 4688
%229 = getelementptr inbounds i8, ptr %1, i64 20456
%230 = load i64, ptr %229, align 1
store i64 %230, ptr %228, align 1
%231 = tail call signext i32 @__read_overflow2_field(i64 noundef 0, i64 noundef 8) #2
%232 = sext i32 %231 to i64
%233 = tail call signext i32 @__read_overflow2_field(i64 noundef %232, i64 noundef 8) #2
%234 = getelementptr inbounds i8, ptr %5, i64 4692
%235 = getelementptr inbounds i8, ptr %1, i64 20462
%236 = load i64, ptr %235, align 1
store i64 %236, ptr %234, align 1
%237 = tail call signext i32 @__read_overflow2_field(i64 noundef 0, i64 noundef 8) #2
%238 = sext i32 %237 to i64
%239 = tail call signext i32 @__read_overflow2_field(i64 noundef %238, i64 noundef 8) #2
%240 = getelementptr inbounds i8, ptr %5, i64 4696
%241 = getelementptr inbounds i8, ptr %1, i64 20468
%242 = load i64, ptr %241, align 1
store i64 %242, ptr %240, align 1
%243 = tail call signext i32 @__read_overflow2_field(i64 noundef 0, i64 noundef 8) #2
%244 = sext i32 %243 to i64
%245 = tail call signext i32 @__read_overflow2_field(i64 noundef %244, i64 noundef 8) #2
%246 = getelementptr inbounds i8, ptr %5, i64 4700
%247 = getelementptr inbounds i8, ptr %1, i64 20474
%248 = load i64, ptr %247, align 1
store i64 %248, ptr %246, align 1
%249 = getelementptr inbounds i8, ptr %1, i64 20474
%250 = getelementptr inbounds i8, ptr %5, i64 4608
%251 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%252 = load i64, ptr %249, align 1
store i64 %252, ptr %250, align 1
%253 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%254 = getelementptr inbounds i8, ptr %5, i64 4612
%255 = getelementptr inbounds i8, ptr %1, i64 20477
%256 = load i64, ptr %255, align 1
store i64 %256, ptr %254, align 1
%257 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%258 = getelementptr inbounds i8, ptr %5, i64 4616
%259 = getelementptr inbounds i8, ptr %1, i64 20480
%260 = load i64, ptr %259, align 1
store i64 %260, ptr %258, align 1
%261 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%262 = getelementptr inbounds i8, ptr %5, i64 4620
%263 = getelementptr inbounds i8, ptr %1, i64 20483
%264 = load i64, ptr %263, align 1
store i64 %264, ptr %262, align 1
%265 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%266 = getelementptr inbounds i8, ptr %5, i64 4624
%267 = getelementptr inbounds i8, ptr %1, i64 20486
%268 = load i64, ptr %267, align 1
store i64 %268, ptr %266, align 1
%269 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%270 = getelementptr inbounds i8, ptr %5, i64 4628
%271 = getelementptr inbounds i8, ptr %1, i64 20489
%272 = load i64, ptr %271, align 1
store i64 %272, ptr %270, align 1
%273 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%274 = getelementptr inbounds i8, ptr %5, i64 4632
%275 = getelementptr inbounds i8, ptr %1, i64 20492
%276 = load i64, ptr %275, align 1
store i64 %276, ptr %274, align 1
%277 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%278 = getelementptr inbounds i8, ptr %5, i64 4636
%279 = getelementptr inbounds i8, ptr %1, i64 20495
%280 = load i64, ptr %279, align 1
store i64 %280, ptr %278, align 1
%281 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%282 = getelementptr inbounds i8, ptr %5, i64 4640
%283 = getelementptr inbounds i8, ptr %1, i64 20498
%284 = load i64, ptr %283, align 1
store i64 %284, ptr %282, align 1
%285 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%286 = getelementptr inbounds i8, ptr %5, i64 4644
%287 = getelementptr inbounds i8, ptr %1, i64 20501
%288 = load i64, ptr %287, align 1
store i64 %288, ptr %286, align 1
%289 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%290 = getelementptr inbounds i8, ptr %5, i64 4648
%291 = getelementptr inbounds i8, ptr %1, i64 20504
%292 = load i64, ptr %291, align 1
store i64 %292, ptr %290, align 1
%293 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%294 = getelementptr inbounds i8, ptr %5, i64 4652
%295 = getelementptr inbounds i8, ptr %1, i64 20507
%296 = load i64, ptr %295, align 1
store i64 %296, ptr %294, align 1
%297 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%298 = getelementptr inbounds i8, ptr %5, i64 4656
%299 = getelementptr inbounds i8, ptr %1, i64 20510
%300 = load i64, ptr %299, align 1
store i64 %300, ptr %298, align 1
%301 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%302 = getelementptr inbounds i8, ptr %5, i64 4660
%303 = getelementptr inbounds i8, ptr %1, i64 20513
%304 = load i64, ptr %303, align 1
store i64 %304, ptr %302, align 1
%305 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%306 = getelementptr inbounds i8, ptr %5, i64 4664
%307 = getelementptr inbounds i8, ptr %1, i64 20516
%308 = load i64, ptr %307, align 1
store i64 %308, ptr %306, align 1
%309 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%310 = getelementptr inbounds i8, ptr %5, i64 4668
%311 = getelementptr inbounds i8, ptr %1, i64 20519
%312 = load i64, ptr %311, align 1
store i64 %312, ptr %310, align 1
br label %384
313: ; preds = %198, %378
%314 = phi i64 [ 0, %198 ], [ %379, %378 ]
br label %315
315: ; preds = %315, %313
%316 = phi i1 [ true, %313 ], [ false, %315 ]
%317 = phi i64 [ 0, %313 ], [ 1, %315 ]
%318 = getelementptr inbounds [4 x [2 x [2 x [16 x %struct.anon.0]]]], ptr %5, i64 0, i64 %199, i64 %314, i64 %317, i64 1
%319 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%320 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 1, i64 0
%321 = load i64, ptr %320, align 1
store i64 %321, ptr %318, align 1
%322 = getelementptr inbounds [4 x [2 x [2 x [16 x %struct.anon.0]]]], ptr %5, i64 0, i64 %199, i64 %314, i64 %317, i64 2
%323 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%324 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 2, i64 0
%325 = load i64, ptr %324, align 1
store i64 %325, ptr %322, align 1
%326 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%327 = getelementptr inbounds i8, ptr %322, i64 3
%328 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 2, i64 1
%329 = load i64, ptr %328, align 1
store i64 %329, ptr %327, align 1
%330 = getelementptr inbounds [4 x [2 x [2 x [16 x %struct.anon.0]]]], ptr %5, i64 0, i64 %199, i64 %314, i64 %317, i64 3
%331 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%332 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 3, i64 0
%333 = load i64, ptr %332, align 1
store i64 %333, ptr %330, align 1
%334 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%335 = getelementptr inbounds i8, ptr %330, i64 3
%336 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 3, i64 1
%337 = load i64, ptr %336, align 1
store i64 %337, ptr %335, align 1
%338 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%339 = getelementptr inbounds i8, ptr %330, i64 6
%340 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 3, i64 2
%341 = load i64, ptr %340, align 1
store i64 %341, ptr %339, align 1
%342 = getelementptr inbounds [4 x [2 x [2 x [16 x %struct.anon.0]]]], ptr %5, i64 0, i64 %199, i64 %314, i64 %317, i64 4
%343 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%344 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 4, i64 0
%345 = load i64, ptr %344, align 1
store i64 %345, ptr %342, align 1
%346 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%347 = getelementptr inbounds i8, ptr %342, i64 3
%348 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 4, i64 1
%349 = load i64, ptr %348, align 1
store i64 %349, ptr %347, align 1
%350 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%351 = getelementptr inbounds i8, ptr %342, i64 6
%352 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 4, i64 2
%353 = load i64, ptr %352, align 1
store i64 %353, ptr %351, align 1
%354 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%355 = getelementptr inbounds i8, ptr %342, i64 9
%356 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 4, i64 3
%357 = load i64, ptr %356, align 1
store i64 %357, ptr %355, align 1
%358 = getelementptr inbounds [4 x [2 x [2 x [16 x %struct.anon.0]]]], ptr %5, i64 0, i64 %199, i64 %314, i64 %317, i64 5
%359 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%360 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 5, i64 0
%361 = load i64, ptr %360, align 1
store i64 %361, ptr %358, align 1
%362 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%363 = getelementptr inbounds i8, ptr %358, i64 3
%364 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 5, i64 1
%365 = load i64, ptr %364, align 1
store i64 %365, ptr %363, align 1
%366 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%367 = getelementptr inbounds i8, ptr %358, i64 6
%368 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 5, i64 2
%369 = load i64, ptr %368, align 1
store i64 %369, ptr %367, align 1
%370 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%371 = getelementptr inbounds i8, ptr %358, i64 9
%372 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 5, i64 3
%373 = load i64, ptr %372, align 1
store i64 %373, ptr %371, align 1
%374 = tail call signext i32 @__read_overflow2_field(i64 noundef 4294967295, i64 noundef 0) #2
%375 = getelementptr inbounds [4 x [2 x [2 x [16 x %struct.anon.0]]]], ptr %5, i64 0, i64 %199, i64 %314, i64 %317, i64 5, i32 0, i64 4
%376 = getelementptr inbounds [4 x [2 x [2 x [6 x [6 x [3 x i8]]]]]], ptr %6, i64 0, i64 %199, i64 %314, i64 %317, i64 5, i64 4
%377 = load i64, ptr %376, align 1
store i64 %377, ptr %375, align 1
br i1 %316, label %315, label %378, !llvm.loop !15
378: ; preds = %315
%379 = add nuw nsw i64 %314, 1
%380 = icmp eq i64 %379, 8
br i1 %380, label %381, label %313, !llvm.loop !17
381: ; preds = %378
%382 = add nuw nsw i64 %199, 1
%383 = icmp eq i64 %382, 4
br i1 %383, label %200, label %198, !llvm.loop !18
384: ; preds = %200, %148
ret i32 0
}
declare signext i32 @__read_overflow2_field(i64 noundef, i64 noundef) local_unnamed_addr #1
attributes #0 = { nounwind "no-trapping-math"="true" "stack-protector-buffer-size"="8" "warn-stack-size"="64" }
attributes #1 = { "no-trapping-math"="true" "stack-protector-buffer-size"="8" }
attributes #2 = { nounwind }
!llvm.module.flags = !{!0, !1, !2}
!llvm.ident = !{!3}
!0 = !{i32 1, !"wchar_size", i32 4}
!1 = !{i32 8, !"PIC Level", i32 2}
!2 = !{i32 7, !"PIE Level", i32 2}
!3 = !{!"clang version 19.0.0git (https://github.com/llvm/llvm-project 71eda17a0674317b05975be79ed4a2c8ee99c43c)"}
!4 = !{!5, !5, i64 0}
!5 = !{!"any pointer", !6, i64 0}
!6 = !{!"omnipotent char", !7, i64 0}
!7 = !{!"Simple C/C++ TBAA"}
!8 = !{!9, !9, i64 0}
!9 = !{!"int", !6, i64 0}
!10 = !{!6, !6, i64 0}
!11 = !{!12, !6, i64 0}
!12 = !{!"", !6, i64 0}
!13 = !{!14, !14, i64 0}
!14 = !{!"long", !6, i64 0}
!15 = distinct !{!15, !16}
!16 = !{!"llvm.loop.mustprogress"}
!17 = distinct !{!17, !16}
!18 = distinct !{!18, !16}// clang --target=loongarch64-linux-gnu -O2 -Wall -Wframe-larger-than=64 -o t.ll t.c -emit-llvm
enum { false, true } __read_overflow2_field(long, long);
struct v4l2_vp9_frame_context {
char coef[4][2][2][6][6][3];
char inter_mode[7][3][2];
char partition[16][3];
};
struct mtk_vcodec_mem {
void *va;
};
struct vdec_vp9_slice_frame_ctx {
struct {
char probs[6][3];
} coef_probs[4][2][2][16];
char partition_prob[16][4];
char inter_mode_probs[][4];
} *vdec_vp9_slice_framectx_map_helper_frame_ctx;
struct {
char intra_only;
} *vdec_vp9_slice_update_prob_vsi;
struct {
struct mtk_vcodec_mem prob;
struct mtk_vcodec_mem counts;
struct vdec_vp9_slice_frame_ctx frame_ctx[4];
struct v4l2_vp9_frame_context frame_ctx_helper;
char dirty[4];
int counts_helper;
} *vdec_vp9_slice_update_prob_instance;
long vdec_vp9_slice_framectx_map_helper___p_size_field;
_Bool vdec_vp9_slice_framectx_map_helper___trans_tmp_2,
vdec_vp9_slice_helper_map_framectx___trans_tmp_9;
char vdec_vp9_slice_update_prob_uh_0;
int vdec_vp9_slice_update_prob_uh_4;
extern inline __attribute__((__gnu_inline__)) _Bool
fortify_memcpy_chk(unsigned q_size_field) {
long size = 0;
if (q_size_field)
__read_overflow2_field(q_size_field, size);
return 0;
}
static __attribute__((always_inline)) void vdec_vp9_slice_framectx_map_helper(
struct v4l2_vp9_frame_context *frame_ctx_helper) {
_Bool __trans_tmp_1,
__ret_do_once = vdec_vp9_slice_framectx_map_helper___trans_tmp_2;
int i;
for (i = 0; i < sizeof(frame_ctx_helper); i++) {
long __fortify_size = sizeof(frame_ctx_helper), size = __fortify_size;
int p_size_field = vdec_vp9_slice_framectx_map_helper___p_size_field,
q_size_field = __read_overflow2_field(p_size_field, size);
if (__builtin_constant_p(p_size_field))
__read_overflow2_field(q_size_field, size);
__trans_tmp_1 = 0;
_Bool __ret_do_once = __trans_tmp_1, __ret_cond = __ret_do_once;
static _Bool __already_done;
if (__builtin_expect(__ret_cond && __already_done, 0))
;
__builtin_memcpy(
frame_ctx_helper->inter_mode[i],
vdec_vp9_slice_framectx_map_helper_frame_ctx->inter_mode_probs[i],
__fortify_size);
}
long __fortify_size = sizeof(frame_ctx_helper);
for (i = 0; i; i++) {
static _Bool __already_done;
_Bool __ret_cond = __ret_do_once;
if (__builtin_expect(__ret_cond && __already_done, 0)) {
}
}
for (; i < sizeof(frame_ctx_helper->partition) /
sizeof(frame_ctx_helper->partition)[0];
i++)
__builtin_memcpy(
frame_ctx_helper->partition[i],
vdec_vp9_slice_framectx_map_helper_frame_ctx->partition_prob[i],
__fortify_size);
}
static __attribute__((always_inline)) void vdec_vp9_slice_helper_map_framectx(
struct v4l2_vp9_frame_context *frame_ctx_helper,
struct vdec_vp9_slice_frame_ctx *frame_ctx) {
int i, j, k;
for (i = 0;
i < sizeof(frame_ctx_helper->coef) / sizeof(frame_ctx_helper->coef)[0];
i++)
for (j = 0; j < sizeof(frame_ctx_helper); j++)
for (k = 0; k < sizeof(frame_ctx_helper->coef[0][0]) /
sizeof(frame_ctx_helper->coef[0][0])[0];
k++) {
int __trans_tmp_3 = i, __trans_tmp_4 = j, __trans_tmp_5 = k, l, m;
struct vdec_vp9_slice_frame_ctx *__trans_tmp_6 = frame_ctx;
struct v4l2_vp9_frame_context *__trans_tmp_7 = frame_ctx_helper;
frame_ctx = __trans_tmp_6;
frame_ctx_helper = __trans_tmp_7;
for (l = 0; l < sizeof(frame_ctx_helper->coef[0][0][0]) /
sizeof(frame_ctx_helper->coef[0][0][0])[0];
l++)
for (m = 0; m < l; m++) {
long __fortify_size = sizeof(frame_ctx_helper),
__q_size_field =
__builtin_dynamic_object_size(frame_ctx_helper, 1);
_Bool __ret_do_once = fortify_memcpy_chk(__q_size_field),
__ret_cond = __ret_do_once;
static _Bool __already_done;
if (__builtin_expect(__ret_cond && __already_done, 0))
;
__builtin_memcpy(
frame_ctx
->coef_probs[__trans_tmp_3][__trans_tmp_4][__trans_tmp_5][l]
.probs[m],
frame_ctx_helper
->coef[__trans_tmp_3][__trans_tmp_4][__trans_tmp_5][l][m],
__fortify_size);
}
}
for (i = 0; i < sizeof(frame_ctx_helper); i++) {
long __fortify_size = sizeof(frame_ctx_helper), size = __fortify_size;
int p_size_field = 0,
q_size_field = __read_overflow2_field(p_size_field, size);
__read_overflow2_field(q_size_field, size);
__builtin_memcpy(frame_ctx->inter_mode_probs[i],
frame_ctx_helper->inter_mode[i], __fortify_size);
}
long __fortify_size = sizeof(frame_ctx_helper);
_Bool __ret_do_once = vdec_vp9_slice_helper_map_framectx___trans_tmp_9;
for (i = 0; i < sizeof(frame_ctx_helper->partition) /
sizeof(frame_ctx_helper->partition)[0];
i++) {
long __q_size_field = __builtin_dynamic_object_size(frame_ctx_helper, 1);
fortify_memcpy_chk(__q_size_field);
static _Bool __already_done;
_Bool __ret_cond = __ret_do_once;
if (__builtin_expect(__ret_cond && __already_done, 0))
;
__builtin_memcpy(frame_ctx->partition_prob[i],
frame_ctx_helper->partition[i], __fortify_size);
}
}
int vdec_vp9_slice_update_prob() {
struct vdec_vp9_slice_frame_ctx *pre_frame_ctx;
struct v4l2_vp9_frame_context *pre_frame_ctx_helper;
_Bool frame_is_intra;
pre_frame_ctx = &vdec_vp9_slice_update_prob_instance
->frame_ctx[vdec_vp9_slice_update_prob_uh_4];
pre_frame_ctx_helper = &vdec_vp9_slice_update_prob_instance->frame_ctx_helper;
frame_is_intra = vdec_vp9_slice_update_prob_uh_0 ||
vdec_vp9_slice_update_prob_vsi->intra_only;
if (vdec_vp9_slice_update_prob_instance
->dirty[vdec_vp9_slice_update_prob_uh_4])
vdec_vp9_slice_framectx_map_helper(pre_frame_ctx_helper);
else
vdec_vp9_slice_framectx_map_helper(pre_frame_ctx_helper);
if (frame_is_intra)
vdec_vp9_slice_helper_map_framectx(pre_frame_ctx_helper, pre_frame_ctx);
{
_Bool __ret_do_once = fortify_memcpy_chk(0);
if (({
static _Bool __already_done;
_Bool __ret_cond = __ret_do_once;
_Bool __ret_once = false;
if (__builtin_expect(__ret_cond && !__already_done, 0))
__ret_once = true;
__builtin_expect(__ret_once, 0);
}))
asm("");
}
return 0;
} |
nathanchance
added a commit
to nathanchance/continuous-integration2
that referenced
this issue
Apr 10, 2024
This warning should likely be fixed with a change on the LLVM side. While that is worked on, hide this instances with a localized UBSAN_SANITIZE := n for the affected file. Signed-off-by: Nathan Chancellor <[email protected]>
wangleiat
added a commit
to wangleiat/llvm-project
that referenced
this issue
Apr 15, 2024
This will adress issue: ClangBuiltLinux/linux#2014
wangleiat
added a commit
to llvm/llvm-project
that referenced
this issue
Apr 15, 2024
This will adress issue: ClangBuiltLinux/linux#2014
bazuzi
pushed a commit
to bazuzi/llvm-project
that referenced
this issue
Apr 15, 2024
This will adress issue: ClangBuiltLinux/linux#2014
aniplcc
pushed a commit
to aniplcc/llvm-project
that referenced
this issue
Apr 15, 2024
This will adress issue: ClangBuiltLinux/linux#2014
|
To address this issue, there are two LLVM commits related to it: |
|
Can confirm, I do not see this issue anymore with LLVM @ llvm/llvm-project@568368a |
nathanchance
added
[FIXED][LLVM] main
nathanchance
added a commit
to nathanchance/continuous-integration2
that referenced
this issue
Apr 25, 2024
This has been resolved in LLVM main and the version that TuxSuite uses includes it. Signed-off-by: Nathan Chancellor <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Our continuous integration started seeing the following warning starting with Linux 6.9-rc1 and LLVM tip of tree (19.0.0):
The Linux commit that "causes" this is 918327e9b7ff ("ubsan: Remove CONFIG_UBSAN_SANITIZE_ALL"), which explains one of the factors for triggering this (it is specifically
-fsanitize=array-bounds).cvisehelped deduce that this is also exacerbated by-mstrict-align. I decided to bisect LLVM for why this is not visible with LLVM 18 and landed on llvm/llvm-project@90ba330 (that commit just keeps on giving :/), which somewhat makes sense I suppose.For a "trivial" reproducer,
cvisespits out:which I think confirms this is also related to the fortified string routines that are enabled with
CONFIG_FORTIFY_SOURCE, since they show up in the reproducer.With GCC 13.2.0, there is a very small different with or without
-mstrict-align:GCC does not have
-fsanitize=array-boundsbut there is no difference with-fsanitize=bounds, which is a close approximation.With LLVM @ llvm/llvm-project@98509c7 (the direct parent of the blamed LLVM commit), there is a slight increase in frame size when adding
-mstrict-alignbut there is an even larger difference once
-fsanitize=array-boundsis added to the mix.llvm/llvm-project@90ba330 does not really change much without
-fsanitize=array-bounds(it actually improves the-mno-strict-aligncase)but the difference of
-fsanitize=array-boundsis made even worse, pushing it above the2048limit for 64-bit platforms in Linux.This behavior does not reproduce with AArch64 or ARM on the bad revision, so I suspect this is something up with the LoongArch backend in LLVM.
cc @heiher @xen0n
The text was updated successfully, but these errors were encountered: