opt crash with use-after-free in MemDep

[edwintorok]

Bugzilla Link	3375
Resolution	FIXED
Resolved on	Jan 22, 2009 18:27
Version	unspecified
OS	Linux
Attachments	bugpoint reduced testcase

Extended Description

With TOT opt crashes when optimizing clamscan:
bugpoint --enable-valgrind in MultiSource/Applications/Clamav:

If you just use 'make bugpoint-opt' it'll show a crash in simplifycfg, or lcssa, etc. valgrind shows the problem in memdep.

$ /home/edwin/llvm-svn/llvm/Release/bin/bugpoint x.bc -gvn -memdep -memcpyopt -sccp -append-exit-code -Xlinker=-lz -input=/dev/null -output=Output/clamscan.out-nat -timeout=500 -mlimit=0 --enable-valgrind

Checking for crash with only these blocks: bb68 bb58 bb3.outer bb11 bb6 bb2 bb84 bb26 bb114 bb242... <191 total>: ^C==11910== Invalid read of size 8
==11910== at 0x6B69E9: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6EFA: llvm::MemoryDependenceAnalysis::getNonLocalPointerDependency(llvm::Value*, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x54A85B: (anonymous namespace)::GVN::processNonLocalLoad(llvm::LoadInst*, llvm::SmallVectorImplllvm::Instruction*&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x54C020: (anonymous namespace)::GVN::iterateOnFunction(llvm::Function&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x54E352: (anonymous namespace)::GVN::runOnFunction(llvm::Function&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x76E26A: llvm::FPPassManager::runOnFunction(llvm::Function&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x76E4A5: llvm::FPPassManager::runOnModule(llvm::Module&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x76DE46: llvm::MPPassManager::runOnModule(llvm::Module&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x76E045: llvm::PassManagerImpl::run(llvm::Module&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x4AF0CA: llvm::BugDriver::runPassesAsChild(std::vector<llvm::PassInfo const*, std::allocator<llvm::PassInfo const*> > const&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x494F98: llvm::BugDriver::run() (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x4B8865: main (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== Address 0x650f788 is 1,464 bytes inside a block of size 2,560 free'd
==11910== at 0x4C2111D: operator delete(void*) (vg_replace_malloc.c:342)
==11910== by 0x6BA847: llvm::DenseMap<llvm::PointerIntPair<llvm::Value*, 1u, bool>, std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > >, llvm::DenseMapInfo<llvm::PointerIntPair<llvm::Value*, 1u, bool> >, llvm::DenseMapInfo<std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > > > >::grow(unsigned int) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6BA96A: llvm::DenseMap<llvm::PointerIntPair<llvm::Value*, 1u, bool>, std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > >, llvm::DenseMapInfo<llvm::PointerIntPair<llvm::Value*, 1u, bool> >, llvm::DenseMapInfo<std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > > > >::operator[](llvm::PointerIntPair<llvm::Value*, 1u, bool> const&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6300: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910==
==11910== Invalid read of size 8
==11910== at 0x6B69ED: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6EFA: llvm::MemoryDependenceAnalysis::getNonLocalPointerDependency(llvm::Value*, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x54A85B: (anonymous namespace)::GVN::processNonLocalLoad(llvm::LoadInst*, llvm::SmallVectorImplllvm::Instruction*&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x54C020: (anonymous namespace)::GVN::iterateOnFunction(llvm::Function&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x54E352: (anonymous namespace)::GVN::runOnFunction(llvm::Function&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x76E26A: llvm::FPPassManager::runOnFunction(llvm::Function&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x76E4A5: llvm::FPPassManager::runOnModule(llvm::Module&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x76DE46: llvm::MPPassManager::runOnModule(llvm::Module&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x76E045: llvm::PassManagerImpl::run(llvm::Module&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x4AF0CA: llvm::BugDriver::runPassesAsChild(std::vector<llvm::PassInfo const*, std::allocator<llvm::PassInfo const*> > const&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x494F98: llvm::BugDriver::run() (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x4B8865: main (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== Address 0x650f780 is 1,456 bytes inside a block of size 2,560 free'd
==11910== at 0x4C2111D: operator delete(void*) (vg_replace_malloc.c:342)
==11910== by 0x6BA847: llvm::DenseMap<llvm::PointerIntPair<llvm::Value*, 1u, bool>, std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > >, llvm::DenseMapInfo<llvm::PointerIntPair<llvm::Value*, 1u, bool> >, llvm::DenseMapInfo<std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > > > >::grow(unsigned int) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6BA96A: llvm::DenseMap<llvm::PointerIntPair<llvm::Value*, 1u, bool>, std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > >, llvm::DenseMapInfo<llvm::PointerIntPair<llvm::Value*, 1u, bool> >, llvm::DenseMapInfo<std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > > > >::operator[](llvm::PointerIntPair<llvm::Value*, 1u, bool> const&) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6300: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
==11910== by 0x6B6A49: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::BasicBlock*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfollvm::Value* >&, bool) (in /home/edwin/llvm-svn/llvm/Release/bin/bugpoint)
Exited with error code '1'

*** Reduction Interrupted, cleaning up...

Emitted bitcode to 'bugpoint-reduced-simplified.bc'

*** You can reproduce the problem with: opt bugpoint-reduced-simplified.bc -gvn

[llvmbot]

==5094== Invalid read of size 8
==5094== at 0x77ABE0: std::vector<std::pair<llvm::BasicBlock*, llvm::MemDepRe
sult>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > >::size
() const /usr/include/c++/4.2/bits/stl_vector.h:397
==5094== by 0x8FEE22: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFr
omBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl
<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::Basic
Block*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfo<
llvm::Value*> >&, bool) /usr/local/google/home/nlewycky/llvm/lib/Analysis/Memory
DependenceAnalysis.cpp:754
==5094== by 0x8FF45A: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepen
dency(llvm::Value*, bool, llvm::BasicBlock*, llvm::SmallVectorImpl<std::pair<llv
m::BasicBlock*, llvm::MemDepResult> >&) /usr/local/google/home/nlewycky/llvm/lib
/Analysis/MemoryDependenceAnalysis.cpp:509
==5094== by 0x776216: (anonymous namespace)::GVN::processNonLocalLoad(llvm::L
oadInst*, llvm::SmallVectorImplllvm::Instruction*&) /usr/local/google/home/nle
wycky/llvm/lib/Transforms/Scalar/GVN.cpp:940
==5094== by 0x77715E: (anonymous namespace)::GVN::processLoad(llvm::LoadInst*
, llvm::SmallVectorImplllvm::Instruction*&) /usr/local/google/home/nlewycky/ll
vm/lib/Transforms/Scalar/GVN.cpp:1161
==5094== by 0x779382: (anonymous namespace)::GVN::processInstruction(llvm::In
struction*, llvm::SmallVectorImplllvm::Instruction*&) /usr/local/google/home/n
lewycky/llvm/lib/Transforms/Scalar/GVN.cpp:1284
==5094== by 0x779A9F: (anonymous namespace)::GVN::processBlock(llvm::BasicBlo
ck*) /usr/local/google/home/nlewycky/llvm/lib/Transforms/Scalar/GVN.cpp:1422
==5094== by 0x779D8A: (anonymous namespace)::GVN::iterateOnFunction(llvm::Fun
ction&) /usr/local/google/home/nlewycky/llvm/lib/Transforms/Scalar/GVN.cpp:1620
==5094== by 0x779F5D: (anonymous namespace)::GVN::runOnFunction(llvm::Functio
n&) /usr/local/google/home/nlewycky/llvm/lib/Transforms/Scalar/GVN.cpp:1384
==5094== by 0x9CDCB6: llvm::FPPassManager::runOnFunction(llvm::Function&) /us
r/local/google/home/nlewycky/llvm/lib/VMCore/PassManager.cpp:1323
==5094== by 0x9CDE15: llvm::FPPassManager::runOnModule(llvm::Module&) /usr/lo
cal/google/home/nlewycky/llvm/lib/VMCore/PassManager.cpp:1346
==5094== by 0x9CC791: llvm::MPPassManager::runOnModule(llvm::Module&) /usr/lo
cal/google/home/nlewycky/llvm/lib/VMCore/PassManager.cpp:1393
==5094== Address 0x6301af0 is 2,224 bytes inside a block of size 2,560 free'd
==5094== at 0x4C2425D: operator delete(void*) /home/kcc/depot2-kcc-ts_valgrin
d-client/google_vendor_src_branch/valgrind/trunk/coregrind/m_replacemalloc/vg_re
place_malloc.c:362
==5094== by 0x9068A4: llvm::DenseMap<llvm::PointerIntPair<llvm::Value*, 1u, b
ool>, std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<s
td::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::
BasicBlock*, llvm::MemDepResult> > > >, llvm::DenseMapInfo<llvm::PointerIntPair<
llvm::Value*, 1u, bool> >, llvm::DenseMapInfo<std::pair<llvm::PointerIntPair<llv
m::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDep
Result>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > > >

::grow(unsigned int) /usr/local/google/home/nlewycky/llvm/include/llvm/ADT/Den
seMap.h:437
==5094== by 0x906917: llvm::DenseMap<llvm::PointerIntPair<llvm::Value*, 1u, b
ool>, std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<s
td::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::
BasicBlock*, llvm::MemDepResult> > > >, llvm::DenseMapInfo<llvm::PointerIntPair<
llvm::Value*, 1u, bool> >, llvm::DenseMapInfo<std::pair<llvm::PointerIntPair<llv
m::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDep
Result>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > > >
::InsertIntoBucket(llvm::PointerIntPair<llvm::Value*, 1u, bool> const&, std::p
air<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<std::pair<llv
m::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::BasicBlock*,
llvm::MemDepResult> > > > const&, std::pair<llvm::PointerIntPair<llvm::Value*,
1u, bool>, std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vec
tor<std::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<l
lvm::BasicBlock*, llvm::MemDepResult> > > > >) /usr/local/google/home/nlewycky/
llvm/include/llvm/ADT/DenseMap.h:319
==5094== by 0x9069FA: llvm::DenseMap<llvm::PointerIntPair<llvm::Value, 1u, b
ool>, std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<s
td::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::
BasicBlock*, llvm::MemDepResult> > > >, llvm::DenseMapInfo<llvm::PointerIntPair<
llvm::Value*, 1u, bool> >, llvm::DenseMapInfo<std::pair<llvm::PointerIntPair<llv
m::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDep
Result>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > > >
::FindAndConstruct(llvm::PointerIntPair<llvm::Value*, 1u, bool> const&) /usr/l
ocal/google/home/nlewycky/llvm/include/llvm/ADT/DenseMap.h:262
==5094== by 0x906A30: llvm::DenseMap<llvm::PointerIntPair<llvm::Value*, 1u, b
ool>, std::pair<llvm::PointerIntPair<llvm::BasicBlock*, 1u, bool>, std::vector<s
td::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::
BasicBlock*, llvm::MemDepResult> > > >, llvm::DenseMapInfo<llvm::PointerIntPair<
llvm::Value*, 1u, bool> >, llvm::DenseMapInfo<std::pair<llvm::PointerIntPair<llv
m::BasicBlock*, 1u, bool>, std::vector<std::pair<llvm::BasicBlock*, llvm::MemDep
Result>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > > > >
::operator[](llvm::PointerIntPair<llvm::Value*, 1u, bool> const&) /usr/local/g
oogle/home/nlewycky/llvm/include/llvm/ADT/DenseMap.h:266
==5094== by 0x8FE6E8: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFr
omBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl
<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::Basic
Block*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfo<
llvm::Value*> >&, bool) /usr/local/google/home/nlewycky/llvm/lib/Analysis/Memory
DependenceAnalysis.cpp:613
==5094== by 0x8FEEB9: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFr
omBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl
<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::Basic
Block*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfo<
llvm::Value*> >&, bool) /usr/local/google/home/nlewycky/llvm/lib/Analysis/Memory
DependenceAnalysis.cpp:766
==5094== by 0x8FEEB9: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFr
omBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl
<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::Basic
Block*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfo<
llvm::Value*> >&, bool) /usr/local/google/home/nlewycky/llvm/lib/Analysis/Memory
DependenceAnalysis.cpp:766
==5094== by 0x8FEEB9: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFr
omBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl
<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::Basic
Block*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfo<
llvm::Value*> >&, bool) /usr/local/google/home/nlewycky/llvm/lib/Analysis/Memory
DependenceAnalysis.cpp:766
==5094== by 0x8FEEB9: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFr
omBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl
<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::Basic
Block*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfo<
llvm::Value*> >&, bool) /usr/local/google/home/nlewycky/llvm/lib/Analysis/Memory
DependenceAnalysis.cpp:766
==5094== by 0x8FEEB9: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFr
omBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl
<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::Basic
Block*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfo<
llvm::Value*> >&, bool) /usr/local/google/home/nlewycky/llvm/lib/Analysis/Memory
DependenceAnalysis.cpp:766
==5094== by 0x8FEEB9: llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFr
omBB(llvm::Value*, unsigned long, bool, llvm::BasicBlock*, llvm::SmallVectorImpl
<std::pair<llvm::BasicBlock*, llvm::MemDepResult> >&, llvm::DenseMap<llvm::Basic
Block*, llvm::Value*, llvm::DenseMapInfollvm::BasicBlock*, llvm::DenseMapInfo<
llvm::Value*> >&, bool) /usr/local/google/home/nlewycky/llvm/lib/Analysis/Memory
DependenceAnalysis.cpp:766
==5094==
==5094== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- y
==5094== starting debugger with cmd: /usr/bin/gdb -nw /proc/5095/fd/8182 5095
==5094==
==5094== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- y
==5094== starting debugger with cmd: /usr/bin/gdb -nw /proc/5095/fd/8182 5095
GNU gdb 6.8-gg11
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux"...
Attaching to program: /proc/5095/fd/8182, process 5095
Reading symbols from /auto/buildstatic/projects/tools/valgrind-dev/vg64/lib/valg
rind/amd64-linux/vgpreload_core.so...done.
Loaded symbols for /home/build/static/projects/tools/valgrind-dev/vg64/lib/valgr
ind/amd64-linux/vgpreload_core.so
Reading symbols from /auto/buildstatic/projects/tools/valgrind-dev/vg64/lib/valg
rind/amd64-linux/vgpreload_memcheck.so...done.
Loaded symbols for /home/build/static/projects/tools/valgrind-dev/vg64/lib/valgr
ind/amd64-linux/vgpreload_memcheck.so
Reading symbols from /lib/libpthread.so.0...Reading symbols from /usr/lib/debug/
lib/libpthread-2.7.so...done.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
[New Thread 0x403e8d0 (LWP 5094)]
done.
Loaded symbols for /lib/libpthread.so.0
Reading symbols from /lib/libdl.so.2...Reading symbols from /usr/lib/debug/lib/l
ibdl-2.7.so...done.
done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /usr/lib/libstdc++.so.6...done.
Loaded symbols for /usr/lib/libstdc++.so.6
Reading symbols from /lib/libm.so.6...Reading symbols from /usr/lib/debug/lib/li
bm-2.7.so...done.
done.
Loaded symbols for /lib/libm.so.6
Reading symbols from /lib/libgcc_s.so.1...done.
Loaded symbols for /lib/libgcc_s.so.1
Reading symbols from /lib/libc.so.6...Reading symbols from /usr/lib/debug/lib/li
bc-2.7.so...done.
done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib/ld-linux-x86-64.so.2...Reading symbols from /usr/lib/d
ebug/lib/ld-2.7.so...done.
done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
0x000000000077abe0 in std::vector<std::pair<llvm::BasicBlock*, llvm::MemDepResul
t>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > >::size (
this=0x6301ae8) at /usr/include/c++/4.2/bits/stl_vector.h:397
397 { return size_type(this->_M_impl._M_finish - this->_M_impl._M_star
t); }
(gdb) bt
#​0 0x000000000077abe0 in std::vector<std::pair<llvm::BasicBlock*, llvm::MemDepResult>, std::allocator<std::pair<llvm::BasicBlock*, llvm::MemDepResult> > >::size (this=0x6301ae8) at /usr/include/c++/4.2/bits/stl_vector.h:397
#​1 0x00000000008fee23 in llvm::MemoryDependenceAnalysis::getNonLocalPointerDepFromBB (this=0x6300d08, Pointer=0x62dce90, PointeeSize=1, isLoad=true,
StartBB=0x6254948, Result=@0x7fefff290, Visited=@0x7fefff010,
SkipFirstBlock=false) at MemoryDependenceAnalysis.cpp:754
#​2 0x00000000008ff45b in llvm::MemoryDependenceAnalysis::getNonLocalPointerDependency (this=0x6300d08, Pointer=0x62dce90, isLoad=true, FromBB=0x6254948,
Result=@0x7fefff290) at MemoryDependenceAnalysis.cpp:509
#​3 0x0000000000776217 in processNonLocalLoad (this=0x62fabd8, LI=0x62cb8d0,
toErase=@0x7fefffbe0) at GVN.cpp:940
#​4 0x000000000077715f in processLoad (this=0x62fabd8, L=0x62cb8d0,
toErase=@0x7fefffbe0) at GVN.cpp:1161
#​5 0x0000000000779383 in processInstruction (this=0x62fabd8, I=0x62cb8d0,
toErase=@0x7fefffbe0) at GVN.cpp:1284
#​6 0x0000000000779aa0 in processBlock (this=0x62fabd8, BB=0x6254948)
at GVN.cpp:1422
#​7 0x0000000000779d8b in iterateOnFunction (this=0x62fabd8, F=@0x6168e30)
at GVN.cpp:1620
#​8 0x0000000000779f5e in runOnFunction (this=0x62fabd8, F=@0x6168e30)
at GVN.cpp:1384
#​9 0x00000000009cdcb7 in llvm::FPPassManager::runOnFunction (this=0x6300688,
F=@0x6168e30) at PassManager.cpp:1323
#​10 0x00000000009cde16 in llvm::FPPassManager::runOnModule (this=0x6300688,
M=@0x5d64618) at PassManager.cpp:1346
#​11 0x00000000009cc792 in llvm::MPPassManager::runOnModule (this=0x62f9218,
M=@0x5d64618) at PassManager.cpp:1393
#​12 0x00000000009ce11e in llvm::PassManagerImpl::run (this=0x62f6938,
M=@0x5d64618) at PassManager.cpp:1467
#​13 0x00000000009ce181 in llvm::PassManager::run (this=0x7ff000050,
M=@0x5d64618) at PassManager.cpp:1499
#​14 0x00000000006e6cbe in main (argc=3, argv=0x7ff000418) at opt.cpp:588

[lattner]

looking into it, thanks!

[lattner]

Fixed:
http://lists.cs.uiuc.edu/pipermail/llvm-commits/Week-of-Mon-20090119/072569.html