[LLVMdev] Possible SelectionDAG Bug

[Dan Gohman]

On Mar 1, 2010, at 7:26 AM, David Greene wrote:
> 
>> Perhaps this can be fixed by making the code skip the ReplaceUses
>> call in the case where there are no uses to replace.  That's not trivial
>> to detect though.
> 
> Why not just check the same thing the added asserts check?

You mean ->getOpcode() == ISD::DELETED_NODE? That's not fundamentally
any better, because if your purpose is to make this code work even
if nodes are actually deleted, that would still be a use of free'd
memory.

> 
> What I'm seeing is a problem in ReplaceAllUsesOf itself.  It recurses
> down and eventually replaces the node under the iterator in this use
> loop:
> 
>  SDNode::use_iterator UI = From.getNode()->use_begin(),
>                       UE = From.getNode()->use_end();
>  while (UI != UE) {
>    SDNode *User = *UI;
>    bool UserRemovedFromCSEMaps = false;
> 
> 
> UI goes bad and we blow up after returning from a deeply recursed call.
> 
> It's simply not safe to iterate over a set that may change.  Unfortunately,
> any of the nodes under the iterators may change so I don't see an easy
> way to fix this.


The thing it's iterating over is a linked list. And the use_end() iterator
is essentially a null pointer.

Dan