[BOLT] Tail Duplication: skip unreachable blocks

Summary: TailDuplication::isInCacheLine makes the assumption that the block has a valid layout index, which is not the case for unreachable blocks. Add a check for a valid layout index. (cherry picked from FBD32659755)
2021-11-24 16:13:42 -08:00 · 2021-11-24 16:13:42 -08:00 · 7261655d2c
parent 4e4ef2f3e7
commit 7261655d2c
2 changed files with 35 additions and 0 deletions
--- a/bolt/lib/Passes/TailDuplication.cpp
+++ b/bolt/lib/Passes/TailDuplication.cpp
@ -387,6 +387,10 @@ void TailDuplication::runOnFunction(BinaryFunction &Function) {
    if (BB->hasJumpTable())
      continue;

+    // Skip not-in-layout, i.e. unreachable, blocks.
+    if (BB->getLayoutIndex() >= BlockLayout.size())
+      continue;
+
    // and we are estimating that this sucessor is not already in the same cache
    // line
    BinaryBasicBlock *Succ = BB->getSuccessor();
--- a/bolt/test/X86/tail-duplication-cacheline.s
+++ b/bolt/test/X86/tail-duplication-cacheline.s
@ -0,0 +1,31 @@
+# This reproduces a bug in TailDuplication::isInCacheLine
+# with accessing BlockLayout past bounds (unreachable blocks).
+
+# REQUIRES: system-linux
+
+# RUN: llvm-mc -filetype=obj -triple x86_64-unknown-unknown \
+# RUN:   %s -o %t.o
+# RUN: link_fdata %s %t.o %t.fdata
+# RUN: llvm-strip --strip-unneeded %t.o
+# RUN: %clang %cflags %t.o -o %t.exe -Wl,-q -nostdlib
+# RUN: llvm-bolt %t.exe -o %t.out -data %t.fdata -relocs \
+# RUN:   -tail-duplication=1 -tail-duplication-aggressive=1
+  .globl _start
+_start:
+  jmp	d
+  je	_start
+  movl	%esi, %edi
+d:
+  jmpq	*JT0(,%rcx,8)
+# FDATA: 1 _start #d# 1 _start #e# 1 3
+f:
+	movl	0, %esi
+g:
+	movl	0, %esi
+e:
+  jmp	f
+
+.rodata
+JT0:
+	.quad	g
+	.quad	e