[libcxx-commits] [libcxx] [libc++] Optimize vector growing of trivially relocatable types (PR #76657)
Kirill Stoimenov via libcxx-commits
libcxx-commits at lists.llvm.org
Fri Feb 2 15:48:27 PST 2024
kstoimenov wrote:
This is the log: https://lab.llvm.org/buildbot/#/builders/5/builds/40641/steps/9/logs/stdio
I believe your change might have introduced used-after-free.
```
==132952==ERROR: AddressSanitizer: heap-use-after-free on address 0x50400002a650 at pc 0x55595f908ebf bp 0x7ffdc69d5cd0 sp 0x7ffdc69d5cc8
READ of size 8 at 0x50400002a650 thread T0
#0 0x55595f908ebe in asInt /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/include/llvm/ADT/PointerIntPair.h:41:5
#1 0x55595f908ebe in operator long /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/include/llvm/ADT/PointerIntPair.h:45:48
#2 0x55595f908ebe in getPointer /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/include/llvm/ADT/PointerIntPair.h:94:58
#3 0x55595f908ebe in getPrevPtr /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/include/llvm/IR/ValueHandle.h:123:58
#4 0x55595f908ebe in llvm::ValueHandleBase::RemoveFromUseList() /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/lib/IR/Value.cpp:1185:5
#5 0x55595d60c3b1 in ~ValueHandleBase /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/include/llvm/IR/ValueHandle.h:66:7
#6 0x55595d60c3b1 in ~__optional_destruct_base /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/optional:299:15
#7 0x55595d60c3b1 in ~pair /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__utility/pair.h:80:29
#8 0x55595d60c3b1 in destroy /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__memory/allocator.h:176:87
#9 0x55595d60c3b1 in destroy<std::__1::pair<std::__1::optional<llvm::WeakTrackingVH>, llvm::CallGraphNode *>, void> /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__memory/allocator_traits.h:335:9
#10 0x55595d60c3b1 in std::__1::vector<std::__1::pair<std::__1::optional<llvm::WeakTrackingVH>, llvm::CallGraphNode*>, std::__1::allocator<std::__1::pair<std::__1::optional<llvm::WeakTrackingVH>, llvm::CallGraphNode*>>>::__base_destruct_at_end[abi:nn190000](std::__1::pair<std::__1::optional<llvm::WeakTrackingVH>, llvm::CallGraphNode*>*) /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/vector:926:7
#11 0x55595d60c7cd in __clear /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/vector:920:5
#12 0x55595d60c7cd in std::__1::vector<std::__1::pair<std::__1::optional<llvm::WeakTrackingVH>, llvm::CallGraphNode*>, std::__1::allocator<std::__1::pair<std::__1::optional<llvm::WeakTrackingVH>, llvm::CallGraphNode*>>>::__destroy_vector::operator()[abi:nn190000]() /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/vector:490:16
#13 0x55595d6021e5 in ~vector /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/vector:501:67
#14 0x55595d6021e5 in ~CallGraphNode /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/include/llvm/Analysis/CallGraph.h:191:3
#15 0x55595d6021e5 in operator() /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__memory/unique_ptr.h:68:5
#16 0x55595d6021e5 in reset /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__memory/unique_ptr.h:279:7
#17 0x55595d6021e5 in std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>::~unique_ptr[abi:nn190000]() /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__memory/unique_ptr.h:249:71
#18 0x55595d60ca13 in ~pair /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__utility/pair.h:80:29
#19 0x55595d60ca13 in __destroy_at<std::__1::pair<const llvm::Function *const, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode> > >, 0> /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__memory/construct_at.h:67:11
#20 0x55595d60ca13 in destroy<std::__1::pair<const llvm::Function *const, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode> > >, void, void> /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__memory/allocator_traits.h:340:5
#21 0x55595d60ca13 in std::__1::__tree<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, std::__1::__map_value_compare<llvm::Function const*, std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, std::__1::less<llvm::Function const*>, true>, std::__1::allocator<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>>>::destroy(std::__1::__tree_node<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, void*>*) /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__tree:1548:5
#22 0x55595d60ca00 in std::__1::__tree<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, std::__1::__map_value_compare<llvm::Function const*, std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, std::__1::less<llvm::Function const*>, true>, std::__1::allocator<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>>>::destroy(std::__1::__tree_node<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, void*>*) /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__tree:1546:5
#23 0x55595d60ca00 in std::__1::__tree<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, std::__1::__map_value_compare<llvm::Function const*, std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, std::__1::less<llvm::Function const*>, true>, std::__1::allocator<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>>>::destroy(std::__1::__tree_node<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, void*>*) /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__tree:1546:5
#24 0x55595d60ca00 in std::__1::__tree<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, std::__1::__map_value_compare<llvm::Function const*, std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, std::__1::less<llvm::Function const*>, true>, std::__1::allocator<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>>>::destroy(std::__1::__tree_node<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, void*>*) /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__tree:1546:5
#25 0x55595d60ca00 in std::__1::__tree<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, std::__1::__map_value_compare<llvm::Function const*, std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, std::__1::less<llvm::Function const*>, true>, std::__1::allocator<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>>>::destroy(std::__1::__tree_node<std::__1::__value_type<llvm::Function const*, std::__1::unique_ptr<llvm::CallGraphNode, std::__1::default_delete<llvm::CallGraphNode>>>, void*>*) /b/sanitizer-x86_64-linux-fast/build/libcxx_build_asan_ubsan/include/c++/v1/__tree:1546:5
#26 0x555959d7cbce in (anonymous namespace)::AMDGPULowerModuleLDS::runOnModule(llvm::Module&) /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/lib/Target/AMDGPU/AMDGPULowerModuleLDSPass.cpp:1322:3
#27 0x555959d82658 in (anonymous namespace)::AMDGPULowerModuleLDSLegacy::runOnModule(llvm::Module&) /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/lib/Target/AMDGPU/AMDGPULowerModuleLDSPass.cpp:1605:38
#28 0x55595f7a622d in runOnModule /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/lib/IR/LegacyPassManager.cpp:1560:27
#29 0x55595f7a622d in llvm::legacy::PassManagerImpl::run(llvm::Module&) /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/lib/IR/LegacyPassManager.cpp:542:44
#30 0x555958a40906 in compileModule(char**, llvm::LLVMContext&) /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/tools/llc/llc.cpp:743:8
#31 0x555958a39bff in main /b/sanitizer-x86_64-linux-fast/build/llvm-project/llvm/tools/llc/llc.cpp:412:22
#32 0x7fe0a4623a8f (/lib/x86_64-linux-gnu/libc.so.6+0x23a8f) (BuildId: d320ce4e63925d698610ed423fc4b1f0e8ed51f1)
#33 0x7fe0a4623b48 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x23b48) (BuildId: d320ce4e63925d698610ed423fc4b1f0e8ed51f1)
#34 0x555958953c64 in _start (/b/sanitizer-x86_64-linux-fast/build/llvm_build_asan_ubsan/bin/llc+0xabc7c64)
```
https://github.com/llvm/llvm-project/pull/76657
More information about the libcxx-commits
mailing list