Essential code deleted by new GVN

[llvmbot]

Bugzilla Link	33367
Resolution	FIXED
Resolved on	Jan 10, 2018 14:38
Version	trunk
OS	Linux
Blocks	#30343 #35152
Attachments	Bitcode file containing the failing function
Reporter	LLVM Bugzilla Contributor

Extended Description

Since Alex B. highlighted that most of the newgvn code had landed, we started testing it immediately in our Unisys JIT, which is accelerating emulation of one of our company's legacy architectures. Our performance is heavily dependent on good scalar optimization, so we were looking forward to using the new GVN in our product, as soon as it is ready for prime time.

Unfortunately, we discovered a problem in our first production test run.
We isolated it to a particular generated function (attached) and tentatively identified the problematic area of code:

"BB3.000316011731#1.1": ; preds = %"BB3.000316011731#1"
%shifts194 = zext i16 %shifts to i64
%val = call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem191, i64 %shifts194)
%preg195 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
store i64 %val, i64* %preg195, align 32, !tbaa !​32

The final store uploads a new value to a location in the emulated machine model, which is essential to correct behavior.

The old gvn optimizes this code sequence to:

"BB3.000316011731#1.1": ; preds = %"BB3.000316011731#1"
%shifts194 = zext i16 %shifts to i64
%val = tail call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem191, i64 %shifts194)
store i64 %val, i64* %preg98, align 32, !tbaa !​32

The %preg98 substitution is a CSE usage from an earlier point in the function. The new GVN deletes this code fragment entirely, and also some code a little farther down that also uses %val. This second deletion appears to indicate that newGVN has determined that %val is always zero (which it isn't). But this isn't consistent with eliminating the store described above. A little later, these incorrect values cause a branch destination to be computed incorrectly, which is the cause of our emulator failure that allowed us to notice the problem originally.

We default our optimization level to -O3, and we were able to reproduce the problem with the attached bitcode file using the opt command as follows:

Original GVN pass: ../llvm-tot-install/bin/opt -O3 -S if000316011717_2.bc > if000316011717_2.s

Using NewGVN: ../llvm-tot-install/bin/opt -O3 -enable-newgvn -S if000316011717_2.bc > if000316011717_2_newgvn.s

We don't see anywhere obvious that this code is employing any undefined behavior or other improper usage, and has worked with the existing GVN for a couple years. But if you discover a problem with the original source IR that is triggering this behavior, we're happy to change it.

Please let us know if you need any additional info to reproduce or diagnose this problem.

[llvmbot]

Please provide a standalone (single function, textual IR, reduced testcase), and I'll take a look.

[llvmbot]

Davide,
Thanks!

The attached bitcode file is a standalone function. Unfortunately, since it is originally generated by our JIT as a fragment of emulated code, it isn't a standalone executable. I can try to cut it down, but since we use custom entry and exit code sequences for our functions, I'm not sure bugpoint would work in this capacity.

[llvmbot]

If you can actually get a reduced testcase [as much as you can] (preferably textual IR, you can just pass the bitcode to the llvm-dis utility) that will be very helpful.
Bonus point if you actually point out in the reduced testcase what's the unsound transformation :) (although you don't have to:)

[llvmbot]

Here's the full textual IR corresponding to that bitcode file, from llvm-dis:

kharris@cm-mariner35:~/src> cat if000316011717_2.ll
; ModuleID = 'if000316011717_2.bc'
source_filename = "os2200"
target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"

%DS_struct = type { [32 x %BL_struct], [32 x i64*], [32 x %BS_struct], [128 x i64], [256 x i64], i64, i8, i8, i8, i32, %BL_struct, i64*, i64*, %SHM_struct*, i64, i64, i64, i8, i8, i8, i8, i8, i8, i8, i8*, i64, i64, i8, i8, i8, i8, i8, i8, i8, i64, [32 x i64], %SSIP_struct, %INF_struct*, i64*, i64, i32, i8, i8, [32 x i16] }
%BS_struct = type { i32, i32, %SHM_struct*, i64, i64 }
%BL_struct = type { i32, i32 }
%SHM_struct = type { i64, i64 }
%SSIP_struct = type { %SSIPR_struct, %SSIPR_struct }
%SSIPR_struct = type { [128 x i64], [128 x i64], [32 x i64], [16 x i64], [16 x i64] }
%INF_struct = type { i64, i64, i64, i64, i64, i64, i64*, %SHM_struct*, i64*, i64*, i64*, i32, i16, i8 }
%TR_struct = type { i32, i64, %SHM_struct*, [64 x i64]* }
%MNR_struct = type { %SHM_struct*, i64, i64, %DS_struct*, %SHM_struct*, [64 x i64]* }
%RVS_struct = type { i64, %DS_struct*, %SHM_struct*, [64 x i64]* }

@​GRS_Map = external constant [128 x i8]
@​GRS_MapW2 = external constant [128 x i8]
@​GRS_Span = external constant [128 x i8]
@​GRS_SpanW2 = external constant [128 x i8]
@​invalidString = external constant [4096 x i8]

; Function Attrs: nounwind readnone speculatable
declare i64 @​llvm.ctlz.i64(i64, i1) #​0

; Function Attrs: nounwind readnone speculatable
declare i64 @​llvm.ctpop.i64(i64) #​0

; Function Attrs: argmemonly nounwind
declare void @​llvm.memcpy.p0i8.p0i8.i32(i8* nocapture writeonly, i8* nocapture readonly, i32, i32, i1) #​1

; Function Attrs: nounwind
declare i64 @​llvm.readcyclecounter() #​2

; Function Attrs: nounwind readnone
declare i64 @​llvm.x86.bmi.bextr.64(i64, i64) #​3

; Function Attrs: inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare void @​dt_rt_trace_start(i32) #​4

; Function Attrs: inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare void @​dt_rt_trace_entry(%DS_struct* noalias nocapture readonly, i64, i64) #​4

; Function Attrs: inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare i64 @​dt_rt_trace_stop() #​4

; Function Attrs: inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare void @​dt_rt_trap(%DS_struct* noalias nocapture readonly) #​4

; Function Attrs: inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare void @​dt_rt_dump_trans_call(i8* noalias nocapture readonly, %DS_struct* noalias nocapture readonly, i64, %SHM_struct* noalias nocapture readonly, [64 x i64]* noalias nocapture readonly) #​4

; Function Attrs: inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare void @​dt_rt_dump_tr_struct(%DS_struct* noalias nocapture readonly, %TR_struct* noalias nocapture readonly) #​4

; Function Attrs: inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare void @​dt_rt_dump_mnr_struct(%MNR_struct* noalias nocapture readonly) #​4

; Function Attrs: inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare void @​dt_rt_dump_state(i8* noalias nocapture readonly, %RVS_struct* noalias nocapture readonly, i8) #​4

; Function Attrs: inaccessiblemem_or_argmemonly norecurse noreturn nounwind nonlazybind
declare void @​dt_rt_crash(%RVS_struct* noalias nocapture readonly) #​5

; Function Attrs: cold inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare void @​dt_rt_log(%DS_struct* noalias nocapture readonly, i8* noalias nocapture readonly, ...) #​6

; Function Attrs: cold inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare void @​dt_rt_invalidate(%DS_struct* noalias nocapture readonly, i64, i64* noalias nocapture readonly, i32) #​6

; Function Attrs: cold inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare void @​dt_rt_cjump(%DS_struct* noalias nocapture readonly, i64* noalias nocapture readonly, %SHM_struct* noalias nocapture readonly, i64) #​6

; Function Attrs: cold inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare void @​dt_rt_xjump(%DS_struct* noalias nocapture readonly, i64* noalias nocapture readonly, %SHM_struct* noalias nocapture readonly, i64, %SHM_struct* noalias nocapture readonly) #​6

; Function Attrs: cold norecurse nounwind nonlazybind
declare %TR_struct @​JIT_BmInst(%DS_struct* noalias nocapture, i64, %SHM_struct* noalias nocapture, [64 x i64]* noalias nocapture) #​7

; Function Attrs: cold norecurse nounwind nonlazybind
declare %TR_struct @​JIT_EmInst(%DS_struct* noalias nocapture, i64, %SHM_struct* noalias nocapture, [64 x i64]* noalias nocapture) #​7

; Function Attrs: argmemonly cold norecurse nounwind nonlazybind
declare void @​JIT_Jump(i64, %DS_struct* noalias nocapture, i64) #​8

; Function Attrs: argmemonly norecurse nounwind nonlazybind
declare i32 @​JIT_LbxInst(i64, %DS_struct* noalias nocapture) #​9

; Function Attrs: argmemonly cold norecurse noreturn nounwind nonlazybind
declare void @​JIT_PFault(%DS_struct* noalias nocapture, i64) #​10

; Function Attrs: inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind
declare i64 @​rdc_op(%DS_struct* noalias nocapture readonly) #​4

; Function Attrs: argmemonly norecurse nounwind nonlazybind
declare i64 @​tra_op(i64* noalias nocapture, %DS_struct* noalias nocapture readonly) #​9

; Function Attrs: argmemonly norecurse nounwind nonlazybind
declare i64 @​tva_op(i64* noalias nocapture, %DS_struct* noalias nocapture readonly) #​9

; Function Attrs: nounwind
define mariner_jitcc %MNR_struct @​f000316011717_2(i64 %trICount, %DS_struct* dereferenceable(10200) %pDynamicState, %SHM_struct* %pICode, [64 x i64]* dereferenceable(512) %pCurrentGrs) #​2 {
Entry:
%jicount = alloca i64
%ICount = alloca i64
%ppICode = alloca %SHM_struct*
%restart = alloca %MNR_struct
%scratch = alloca i64, i32 2
%rvstate = alloca %RVS_struct
store i64 %trICount, i64* %ICount
%pGRS = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 3
%pJHb = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 4
%pJHx = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 6
%pOverflow = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 17
%pCarry = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 18
%pBreg = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 7
%pLBDI = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 5
%pLimits = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 10
%pBase = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 11
%pCode = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 12
%iBase = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 13
%f0 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 14
%pdcp = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 27
%pupip = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 28
%pstop = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 31
%pintp = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 32
%pqtp = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 33
%pAKey = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 9
%pqtcount = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 34
%pssip = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 36
%pssipd = getelementptr inbounds %SSIP_struct, %SSIP_struct* %pssip, i32 0, i32 1
%pssipc = getelementptr inbounds %SSIPR_struct, %SSIPR_struct* %pssipd, i32 0, i32 0
%pssipi = getelementptr inbounds %SSIPR_struct, %SSIPR_struct* %pssipd, i32 0, i32 1
%pssipx = bitcast i64* %pLBDI to i8*
%pssipx1 = getelementptr inbounds i8, i8* %pssipx, i32 7
store i64 0, i64* %jicount
br label %Entry.1.limits

Exit: ; preds = %BB6.000316011725.1.exit, %BB4.000316011735.7.intpend, %BB4.000316011735.6, %BB4.000316011734.4.error, %BB5.000316011723.4.error, %BB2.000316011731.6, %BB2.000316011731.4.error, %BB2.000316011730.4.error, %BB2.000316011727.4.error, %BB1.000316011720.4.error, %Entry.3.error
%jicount372 = load i64, i64* %jicount
%ssipx = load i8, i8* %pssipx1, align 1, !tbaa !​150
%ssipx373 = zext i8 %ssipx to i32
%ssipx374 = add i32 %ssipx373, 32
%pssipj = getelementptr inbounds [128 x i64], [128 x i64]* %pssipi, i64 0, i32 %ssipx374
%ssipj = load i64, i64* %pssipj, align 8, !tbaa !​169
%ssipj375 = add i64 %ssipj, %jicount372
store i64 %ssipj375, i64* %pssipj, align 8, !tbaa !​169
store i64 0, i64* %jicount
%pICount = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 2
%tricount = load i64, i64* %ICount
store i64 %tricount, i64* %pICount
%ppDynamicState = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 3
store %DS_struct* %pDynamicState, %DS_struct** %ppDynamicState
%ppICode376 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 4
%pICode377 = load %SHM_struct*, %SHM_struct** %ppICode
store %SHM_struct* %pICode377, %SHM_struct** %ppICode376
%ppCurrentGrs = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 5
store [64 x i64]* %pCurrentGrs, [64 x i64]** %ppCurrentGrs
%restart378 = load %MNR_struct, %MNR_struct* %restart
ret %MNR_struct %restart378

BB1.000316011717: ; preds = %Entry.2.limits
%preg4 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 14
%reg5 = load i64, i64* %preg4, align 16, !tbaa !​36
%xmod6 = and i64 %reg5, 262143
%add1c7 = sub i64 %xmod6, 262143
%cchk8 = icmp sge i64 %add1c7, 0
%sum9 = select i1 %cchk8, i64 %add1c7, i64 %xmod6
%pBRBase = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase, i64 0, i64 29
%base = load i64*, i64** %pbase, !tbaa !​142
%absaddr = getelementptr inbounds i64, i64* %base, i64 %sum9
%rmem = load atomic i64, i64* %absaddr monotonic, align 8, !tbaa !​4
%s5j = call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem, i64 1542)
%preg10 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 15
store i64 %s5j, i64* %preg10, align 8, !tbaa !​38
br label %BB1.000316011720.2.limits

Entry.1.limits: ; preds = %Entry
%preg = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 14
%reg = load i64, i64* %preg, align 16, !tbaa !​36
%xmod = and i64 %reg, 262143
%add1c = sub i64 %xmod, 262143
%cchk = icmp sge i64 %add1c, 0
%sum = select i1 %cchk, i64 %add1c, i64 %xmod
%Uadr = trunc i64 %sum to i32
%pBRLim = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim, i64 0, i64 29
%pFullLower = getelementptr inbounds %BL_struct, %BL_struct* %pbl, i32 0, i32 0
%ll = load i32, i32* %pFullLower, align 4, !tbaa !​142
%rll = and i32 %ll, -16777217
%llge = icmp uge i32 %Uadr, %rll
br i1 %llge, label %Entry.2.limits, label %Entry.3.error, !prof !​177

Entry.2.limits: ; preds = %Entry.1.limits
%pBRLim2 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl3 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim2, i64 0, i64 29
%pFullUpper = getelementptr inbounds %BL_struct, %BL_struct* %pbl3, i32 0, i32 1
%ul = load i32, i32* %pFullUpper, align 4, !tbaa !​142
%ulle = icmp ule i32 %Uadr, %ul
br i1 %ulle, label %BB1.000316011717, label %Entry.3.error, !prof !​177

Entry.3.error: ; preds = %Entry.2.limits, %Entry.1.limits
%icbase = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase, i64 5071
store %SHM_struct* %picode, %SHM_struct** %ppICode, !tbaa !​150
%ppshadow = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 0
store %SHM_struct* %picode, %SHM_struct** %ppshadow
%plabel = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 1
store i64 8064850, i64* %plabel
br label %Exit

BB1.000316011720.1.pass: ; preds = %BB1.000316011720.3.limits
%preg36 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 15
%reg37 = load i64, i64* %preg36, align 8, !tbaa !​38
%xmod38 = and i64 %reg37, 262143
%add2c39 = add i64 737, %xmod38
%add1c40 = sub i64 %add2c39, 262143
%cchk41 = icmp sge i64 %add1c40, 0
%sum42 = select i1 %cchk41, i64 %add1c40, i64 %add2c39
%pBRBase43 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase44 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase43, i64 0, i64 26
%base45 = load i64*, i64** %pbase44, !tbaa !​142
%absaddr46 = getelementptr inbounds i64, i64* %base45, i64 %sum42
%rmem47 = load atomic i64, i64* %absaddr46 monotonic, align 8, !tbaa !​4
%word = and i64 %rmem47, 68719476735
%isneg = icmp uge i64 %word, 34359738368
%jicount48 = load i64, i64* %jicount
%jicount49 = add i64 %jicount48, 2
store i64 %jicount49, i64* %jicount
br i1 %isneg, label %BB1.000316011720.5.jh, label %BB5.000316011722, !prof !​178

BB1.000316011720.2.limits: ; preds = %BB1.000316011717
%preg11 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 15
%reg12 = load i64, i64* %preg11, align 8, !tbaa !​38
%xmod13 = and i64 %reg12, 262143
%add2c = add i64 737, %xmod13
%add1c14 = sub i64 %add2c, 262143
%cchk15 = icmp sge i64 %add1c14, 0
%sum16 = select i1 %cchk15, i64 %add1c14, i64 %add2c
%Uadr17 = trunc i64 %sum16 to i32
%pBRLim18 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl19 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim18, i64 0, i64 26
%pFullLower20 = getelementptr inbounds %BL_struct, %BL_struct* %pbl19, i32 0, i32 0
%ll21 = load i32, i32* %pFullLower20, align 4, !tbaa !​142
%rll22 = and i32 %ll21, -16777217
%llge23 = icmp uge i32 %Uadr17, %rll22
br i1 %llge23, label %BB1.000316011720.3.limits, label %BB1.000316011720.4.error, !prof !​177

BB1.000316011720.3.limits: ; preds = %BB1.000316011720.2.limits
%pBRLim31 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl32 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim31, i64 0, i64 26
%pFullUpper33 = getelementptr inbounds %BL_struct, %BL_struct* %pbl32, i32 0, i32 1
%ul34 = load i32, i32* %pFullUpper33, align 4, !tbaa !​142
%ulle35 = icmp ule i32 %Uadr17, %ul34
br i1 %ulle35, label %BB1.000316011720.1.pass, label %BB1.000316011720.4.error, !prof !​177

BB1.000316011720.4.error: ; preds = %BB1.000316011720.3.limits, %BB1.000316011720.2.limits
%icbase24 = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode25 = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase24, i64 5072
store %SHM_struct* %picode25, %SHM_struct** %ppICode, !tbaa !​150
%jicount26 = load i64, i64* %jicount
%jicount27 = add i64 %jicount26, 1
store i64 %jicount27, i64* %jicount
%ppshadow28 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 0
store %SHM_struct* %picode25, %SHM_struct** %ppshadow28
%plabel29 = getelementptr inbounds %SHM_struct, %SHM_struct* %picode25, i32 0, i32 0
%label = load i64, i64* %plabel29, align 8, !tbaa !​138
%plabel30 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 1
store i64 %label, i64* %plabel30
br label %Exit

BB2.000316011727: ; preds = %BB5.000316011723.5.jh, %BB1.000316011720.5.jh
br label %BB2.000316011727.5.limits

BB1.000316011720.5.jh: ; preds = %BB1.000316011720.1.pass
%jicount50 = load i64, i64* %jicount
%jicount51 = add i64 %jicount50, 1
store i64 %jicount51, i64* %jicount
%parjh = load i64, i64* %pLBDI, align 8, !tbaa !​150
%jheflags = or i64 %parjh, 6917529027641081856
%jhe = add i64 %jheflags, 5073
%jhi = load i8, i8* %pJHx, align 1, !tbaa !​144
%jhix = zext i8 %jhi to i32
%pjhe = getelementptr inbounds [256 x i64], [256 x i64]* %pJHb, i64 0, i32 %jhix
store i64 %jhe, i64* %pjhe, align 8, !tbaa !​146
%jhii = add i32 %jhix, 1
%jhx = trunc i32 %jhii to i8
store i8 %jhx, i8* %pJHx, align 1, !tbaa !​144
br label %BB2.000316011727

BB5.000316011722: ; preds = %BB1.000316011720.1.pass
%preg198 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
%reg199 = load i64, i64* %preg198, align 32, !tbaa !​32
%add2c200 = add i64 %reg199, 16
%add1c201 = sub i64 %add2c200, 68719476735
%cchk202 = icmp sge i64 %add1c201, 0
%sum203 = select i1 %cchk202, i64 %add1c201, i64 %add2c200
%cfl = zext i1 %cchk202 to i8
store i8 %cfl, i8* %pCarry, align 1, !tbaa !​156
%xor = xor i64 16, %sum203
%xor204 = xor i64 %reg199, %sum203
%and = and i64 %xor, %xor204
%rsh = lshr i64 %and, 35
%o = trunc i64 %rsh to i8
store i8 %o, i8* %pOverflow, align 1, !tbaa !​154
%preg205 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
store i64 %sum203, i64* %preg205, align 32, !tbaa !​32
br label %BB5.000316011723.2.limits

BB2.000316011727.1.pass: ; preds = %BB2.000316011727.3.limits
%preg87 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 14
%reg88 = load i64, i64* %preg87, align 16, !tbaa !​36
%xmod89 = and i64 %reg88, 262143
%add1c90 = sub i64 %xmod89, 262143
%cchk91 = icmp sge i64 %add1c90, 0
%sum92 = select i1 %cchk91, i64 %add1c90, i64 %xmod89
%pBRBase93 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase94 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase93, i64 0, i64 29
%base95 = load i64*, i64** %pbase94, !tbaa !​142
%absaddr96 = getelementptr inbounds i64, i64* %base95, i64 %sum92
%rmem97 = load atomic i64, i64* %absaddr96 monotonic, align 8, !tbaa !​4
%s6j = and i64 %rmem97, 63
%preg98 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
store i64 %s6j, i64* %preg98, align 32, !tbaa !​32
br label %BB2.000316011730.2.limits

BB2.000316011727.2.limits: ; preds = %BB2.000316011727.7.limits
%pBRLim52 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl53 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim52, i64 0, i64 26
%pFullLower54 = getelementptr inbounds %BL_struct, %BL_struct* %pbl53, i32 0, i32 0
%ll55 = load i32, i32* %pFullLower54, align 4, !tbaa !​142
%rll56 = and i32 %ll55, -16777217
%llge57 = icmp uge i32 716, %rll56
br i1 %llge57, label %BB2.000316011727.3.limits, label %BB2.000316011727.4.error, !prof !​177

BB2.000316011727.3.limits: ; preds = %BB2.000316011727.2.limits
%pBRLim64 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl65 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim64, i64 0, i64 26
%pFullUpper66 = getelementptr inbounds %BL_struct, %BL_struct* %pbl65, i32 0, i32 1
%ul67 = load i32, i32* %pFullUpper66, align 4, !tbaa !​142
%ulle68 = icmp ule i32 716, %ul67
br i1 %ulle68, label %BB2.000316011727.1.pass, label %BB2.000316011727.4.error, !prof !​177

BB2.000316011727.4.error: ; preds = %BB2.000316011727.7.limits, %BB2.000316011727.6.limits, %BB2.000316011727.5.limits, %BB2.000316011727.3.limits, %BB2.000316011727.2.limits
%icbase58 = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode59 = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase58, i64 5079
store %SHM_struct* %picode59, %SHM_struct** %ppICode, !tbaa !​150
%ppshadow60 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 0
store %SHM_struct* %picode59, %SHM_struct** %ppshadow60
%plabel61 = getelementptr inbounds %SHM_struct, %SHM_struct* %picode59, i32 0, i32 0
%label62 = load i64, i64* %plabel61, align 8, !tbaa !​138
%plabel63 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 1
store i64 %label62, i64* %plabel63
br label %Exit

BB2.000316011727.5.limits: ; preds = %BB2.000316011727
%preg69 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 14
%reg70 = load i64, i64* %preg69, align 16, !tbaa !​36
%xmod71 = and i64 %reg70, 262143
%add1c72 = sub i64 %xmod71, 262143
%cchk73 = icmp sge i64 %add1c72, 0
%sum74 = select i1 %cchk73, i64 %add1c72, i64 %xmod71
%Umax = add i64 %sum74, 2
%ovfl = icmp uge i64 %Umax, 262143
br i1 %ovfl, label %BB2.000316011727.4.error, label %BB2.000316011727.6.limits, !prof !​179

BB2.000316011727.6.limits: ; preds = %BB2.000316011727.5.limits
%Umin = trunc i64 %sum74 to i32
%Umax75 = trunc i64 %Umax to i32
%pBRLim76 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl77 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim76, i64 0, i64 29
%pFullLower78 = getelementptr inbounds %BL_struct, %BL_struct* %pbl77, i32 0, i32 0
%ll79 = load i32, i32* %pFullLower78, align 4, !tbaa !​142
%rll80 = and i32 %ll79, -16777217
%llge81 = icmp uge i32 %Umin, %rll80
br i1 %llge81, label %BB2.000316011727.7.limits, label %BB2.000316011727.4.error, !prof !​177

BB2.000316011727.7.limits: ; preds = %BB2.000316011727.6.limits
%pBRLim82 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl83 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim82, i64 0, i64 29
%pFullUpper84 = getelementptr inbounds %BL_struct, %BL_struct* %pbl83, i32 0, i32 1
%ul85 = load i32, i32* %pFullUpper84, align 4, !tbaa !​142
%ulle86 = icmp ule i32 %Umax75, %ul85
br i1 %ulle86, label %BB2.000316011727.2.limits, label %BB2.000316011727.4.error, !prof !​177

BB2.000316011730.1.pass: ; preds = %BB2.000316011730.3.limits
%pBRBase126 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase127 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase126, i64 0, i64 26
%base128 = load i64*, i64** %pbase127, !tbaa !​142
%absaddr129 = getelementptr inbounds i64, i64* %base128, i64 716
%rmem130 = load atomic i64, i64* %absaddr129 monotonic, align 8, !tbaa !​4
%word131 = and i64 %rmem130, 68719476735
%preg132 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 15
store i64 %word131, i64* %preg132, align 8, !tbaa !​38
br label %BB2.000316011731.2.limits

BB2.000316011730.2.limits: ; preds = %BB2.000316011727.1.pass
%preg99 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
%reg100 = load i64, i64* %preg99, align 32, !tbaa !​32
%xmod101 = and i64 %reg100, 262143
%add2c102 = add i64 609, %xmod101
%add1c103 = sub i64 %add2c102, 262143
%cchk104 = icmp sge i64 %add1c103, 0
%sum105 = select i1 %cchk104, i64 %add1c103, i64 %add2c102
%Uadr106 = trunc i64 %sum105 to i32
%pBRLim107 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl108 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim107, i64 0, i64 0
%pFullLower109 = getelementptr inbounds %BL_struct, %BL_struct* %pbl108, i32 0, i32 0
%ll110 = load i32, i32* %pFullLower109, align 4, !tbaa !​142
%rll111 = and i32 %ll110, -16777217
%llge112 = icmp uge i32 %Uadr106, %rll111
br i1 %llge112, label %BB2.000316011730.3.limits, label %BB2.000316011730.4.error, !prof !​177

BB2.000316011730.3.limits: ; preds = %BB2.000316011730.2.limits
%pBRLim121 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl122 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim121, i64 0, i64 0
%pFullUpper123 = getelementptr inbounds %BL_struct, %BL_struct* %pbl122, i32 0, i32 1
%ul124 = load i32, i32* %pFullUpper123, align 4, !tbaa !​142
%ulle125 = icmp ule i32 %Uadr106, %ul124
br i1 %ulle125, label %BB2.000316011730.1.pass, label %BB2.000316011730.4.error, !prof !​177

BB2.000316011730.4.error: ; preds = %BB2.000316011730.3.limits, %BB2.000316011730.2.limits
%icbase113 = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode114 = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase113, i64 5080
store %SHM_struct* %picode114, %SHM_struct** %ppICode, !tbaa !​150
%jicount115 = load i64, i64* %jicount
%jicount116 = add i64 %jicount115, 1
store i64 %jicount116, i64* %jicount
%ppshadow117 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 0
store %SHM_struct* %picode114, %SHM_struct** %ppshadow117
%plabel118 = getelementptr inbounds %SHM_struct, %SHM_struct* %picode114, i32 0, i32 0
%label119 = load i64, i64* %plabel118, align 8, !tbaa !​138
%plabel120 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 1
store i64 %label119, i64* %plabel120
br label %Exit

BB2.000316011731.1.pass: ; preds = %BB2.000316011731.3.limits
%preg160 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
%reg161 = load i64, i64* %preg160, align 32, !tbaa !​32
%xmod162 = and i64 %reg161, 262143
%add2c163 = add i64 609, %xmod162
%add1c164 = sub i64 %add2c163, 262143
%cchk165 = icmp sge i64 %add1c164, 0
%sum166 = select i1 %cchk165, i64 %add1c164, i64 %add2c163
%pBRBase167 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase168 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase167, i64 0, i64 0
%base169 = load i64*, i64** %pbase168, !tbaa !​142
%absaddr170 = getelementptr inbounds i64, i64* %base169, i64 %sum166
%jicount171 = load i64, i64* %jicount
%jicount172 = add i64 %jicount171, 3
store i64 %jicount172, i64* %jicount
%extarget = load atomic i64, i64* %absaddr170 monotonic, align 8, !tbaa !​4
%extarget173 = and i64 %extarget, 67712843775
%template = icmp eq i64 %extarget173, 8593987412
br i1 %template, label %"BB3.000316011731#1", label %BB2.000316011731.5, !prof !​177

BB2.000316011731.2.limits: ; preds = %BB2.000316011730.1.pass
%preg133 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 15
%reg134 = load i64, i64* %preg133, align 8, !tbaa !​38
%xmod135 = and i64 %reg134, 262143
%add2c136 = add i64 1876, %xmod135
%add1c137 = sub i64 %add2c136, 262143
%cchk138 = icmp sge i64 %add1c137, 0
%sum139 = select i1 %cchk138, i64 %add1c137, i64 %add2c136
%Uadr140 = trunc i64 %sum139 to i32
%pBRLim141 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl142 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim141, i64 0, i64 29
%pFullLower143 = getelementptr inbounds %BL_struct, %BL_struct* %pbl142, i32 0, i32 0
%ll144 = load i32, i32* %pFullLower143, align 4, !tbaa !​142
%rll145 = and i32 %ll144, -16777217
%llge146 = icmp uge i32 %Uadr140, %rll145
br i1 %llge146, label %BB2.000316011731.3.limits, label %BB2.000316011731.4.error, !prof !​177

BB2.000316011731.3.limits: ; preds = %BB2.000316011731.2.limits
%pBRLim155 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl156 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim155, i64 0, i64 29
%pFullUpper157 = getelementptr inbounds %BL_struct, %BL_struct* %pbl156, i32 0, i32 1
%ul158 = load i32, i32* %pFullUpper157, align 4, !tbaa !​142
%ulle159 = icmp ule i32 %Uadr140, %ul158
br i1 %ulle159, label %BB2.000316011731.1.pass, label %BB2.000316011731.4.error, !prof !​177

BB2.000316011731.4.error: ; preds = %BB2.000316011731.3.limits, %BB2.000316011731.2.limits
%icbase147 = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode148 = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase147, i64 5081
store %SHM_struct* %picode148, %SHM_struct** %ppICode, !tbaa !​150
%jicount149 = load i64, i64* %jicount
%jicount150 = add i64 %jicount149, 2
store i64 %jicount150, i64* %jicount
%ppshadow151 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 0
store %SHM_struct* %picode148, %SHM_struct** %ppshadow151
%plabel152 = getelementptr inbounds %SHM_struct, %SHM_struct* %picode148, i32 0, i32 0
%label153 = load i64, i64* %plabel152, align 8, !tbaa !​138
%plabel154 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 1
store i64 %label153, i64* %plabel154
br label %Exit

BB2.000316011731.5: ; preds = %"BB3.000316011731#1", %BB2.000316011731.1.pass
%extarget174 = and i64 %extarget, 137438953471
switch i64 %extarget174, label %BB2.000316011731.6 [
], !prof !​180

"BB3.000316011731#1": ; preds = %BB2.000316011731.1.pass
%preg180 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 15
%reg181 = load i64, i64* %preg180, align 8, !tbaa !​38
%xmod182 = and i64 %reg181, 262143
%add2c183 = add i64 1876, %xmod182
%add1c184 = sub i64 %add2c183, 262143
%cchk185 = icmp sge i64 %add1c184, 0
%sum186 = select i1 %cchk185, i64 %add1c184, i64 %add2c183
%pBRBase187 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase188 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase187, i64 0, i64 29
%base189 = load i64*, i64** %pbase188, !tbaa !​142
%absaddr190 = getelementptr inbounds i64, i64* %base189, i64 %sum186
%rmem191 = load atomic i64, i64* %absaddr190 monotonic, align 8, !tbaa !​4
%jbits = lshr i64 %extarget, 26
%jbits192 = and i64 %jbits, 15
%pqtrs = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 19
%qwflg = load i8, i8* %pqtrs, align 1, !tbaa !​158
%qwflg193 = icmp ne i8 %qwflg, 0
%jidxq = add i64 %jbits192, 16
%jidx = select i1 %qwflg193, i64 %jidxq, i64 %jbits192
%pwt = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 43
%pwte = getelementptr inbounds [32 x i16], [32 x i16]* %pwt, i64 0, i64 %jidx
%shifts = load i16, i16* %pwte, align 2, !tbaa !​175, !invariant.load !​181
%slowj = icmp eq i16 %shifts, 0
br i1 %slowj, label %BB2.000316011731.5, label %"BB3.000316011731#1.1", !prof !​179

BB2.000316011731.6: ; preds = %BB2.000316011731.5
%pcbase = load i64*, i64** %pBase, !tbaa !​150
%pcode = getelementptr inbounds i64, i64* %pcbase, i64 5081
store i64* %pcode, i64** %pCode, !tbaa !​150
%icbase175 = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode176 = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase175, i64 5081
store %SHM_struct* %picode176, %SHM_struct** %ppICode, !tbaa !​150
store i64 %extarget, i64* %f0, align 8, !tbaa !​150
%pBRState = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 2
%pbs = getelementptr inbounds [32 x %BS_struct], [32 x %BS_struct]* %pBRState, i64 0, i64 0
%pICodeBase = getelementptr inbounds %BS_struct, %BS_struct* %pbs, i32 0, i32 2
%icodebase = load %SHM_struct*, %SHM_struct** %pICodeBase, !tbaa !​142
%isnull = icmp eq %SHM_struct* %icodebase, null
%pshadow = getelementptr inbounds %SHM_struct, %SHM_struct* %icodebase, i64 %sum166
%pshadow177 = select i1 %isnull, %SHM_struct* null, %SHM_struct* %pshadow
call void @​dt_rt_xjump(%DS_struct* %pDynamicState, i64* inttoptr (i64 140340947123296 to i64*), %SHM_struct* %pICode, i64 54006745, %SHM_struct* %pshadow177)
%ppshadow178 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 0
store %SHM_struct* %pshadow177, %SHM_struct** %ppshadow178
store i64* %absaddr170, i64** %pCode, !tbaa !​150
%plabel179 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 1
store i64 8034915, i64* %plabel179
br label %Exit

"BB3.000316011731#1.1": ; preds = %"BB3.000316011731#1"
%shifts194 = zext i16 %shifts to i64
%val = call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem191, i64 %shifts194)
%preg195 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
store i64 %val, i64* %preg195, align 32, !tbaa !​32
%jicount196 = load i64, i64* %jicount
%jicount197 = add i64 %jicount196, 1
store i64 %jicount197, i64* %jicount
br label %BB4.000316011732

BB4.000316011732: ; preds = %"BB3.000316011731#1.1"
%preg257 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 14
%reg258 = load i64, i64* %preg257, align 16, !tbaa !​36
%xmod259 = and i64 %reg258, 262143
%add2c260 = add i64 2, %xmod259
%add1c261 = sub i64 %add2c260, 262143
%cchk262 = icmp sge i64 %add1c261, 0
%sum263 = select i1 %cchk262, i64 %add1c261, i64 %add2c260
%pBRBase264 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase265 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase264, i64 0, i64 29
%base266 = load i64*, i64** %pbase265, !tbaa !​142
%absaddr267 = getelementptr inbounds i64, i64* %base266, i64 %sum263
%rmem268 = load atomic i64, i64* %absaddr267 monotonic, align 8, !tbaa !​4
%h1j269 = call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem268, i64 4626)
%preg270 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
store i64 %h1j269, i64* %preg270, align 8, !tbaa !​26
%preg271 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
%reg272 = load i64, i64* %preg271, align 8, !tbaa !​26
%preg273 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
%reg274 = load i64, i64* %preg273, align 32, !tbaa !​32
%xmod275 = and i64 %reg274, 262143
%add1c276 = sub i64 %xmod275, 262143
%cchk277 = icmp sge i64 %add1c276, 0
%sum278 = select i1 %cchk277, i64 %add1c276, i64 %xmod275
%add2c279 = add i64 %reg272, %sum278
%add1c280 = sub i64 %add2c279, 68719476735
%cchk281 = icmp sge i64 %add1c280, 0
%sum282 = select i1 %cchk281, i64 %add1c280, i64 %add2c279
%cfl283 = zext i1 %cchk281 to i8
store i8 %cfl283, i8* %pCarry, align 1, !tbaa !​156
%xor284 = xor i64 %sum278, %sum282
%xor285 = xor i64 %reg272, %sum282
%and286 = and i64 %xor284, %xor285
%rsh287 = lshr i64 %and286, 35
%o288 = trunc i64 %rsh287 to i8
store i8 %o288, i8* %pOverflow, align 1, !tbaa !​154
%preg289 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
store i64 %sum282, i64* %preg289, align 8, !tbaa !​26
br label %BB4.000316011734.2.limits

BB5.000316011723.1.pass: ; preds = %BB5.000316011723.3.limits
%preg233 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
%reg234 = load i64, i64* %preg233, align 32, !tbaa !​32
%xmod235 = and i64 %reg234, 262143
%add2c236 = add i64 24, %xmod235
%add1c237 = sub i64 %add2c236, 262143
%cchk238 = icmp sge i64 %add1c237, 0
%sum239 = select i1 %cchk238, i64 %add1c237, i64 %add2c236
%pBRBase240 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase241 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase240, i64 0, i64 9
%base242 = load i64*, i64** %pbase241, !tbaa !​142
%absaddr243 = getelementptr inbounds i64, i64* %base242, i64 %sum239
%rmem244 = load atomic i64, i64* %absaddr243 monotonic, align 8, !tbaa !​4
%h1j = call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem244, i64 4626)
%isposzero = icmp eq i64 %h1j, 0
%jicount245 = load i64, i64* %jicount
%jicount246 = add i64 %jicount245, 2
store i64 %jicount246, i64* %jicount
br i1 %isposzero, label %BB5.000316011723.5.jh, label %BB6.000316011725, !prof !​178

BB5.000316011723.2.limits: ; preds = %BB5.000316011722
%preg206 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
%reg207 = load i64, i64* %preg206, align 32, !tbaa !​32
%xmod208 = and i64 %reg207, 262143
%add2c209 = add i64 24, %xmod208
%add1c210 = sub i64 %add2c209, 262143
%cchk211 = icmp sge i64 %add1c210, 0
%sum212 = select i1 %cchk211, i64 %add1c210, i64 %add2c209
%Uadr213 = trunc i64 %sum212 to i32
%pBRLim214 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl215 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim214, i64 0, i64 9
%pFullLower216 = getelementptr inbounds %BL_struct, %BL_struct* %pbl215, i32 0, i32 0
%ll217 = load i32, i32* %pFullLower216, align 4, !tbaa !​142
%rll218 = and i32 %ll217, -16777217
%llge219 = icmp uge i32 %Uadr213, %rll218
br i1 %llge219, label %BB5.000316011723.3.limits, label %BB5.000316011723.4.error, !prof !​177

BB5.000316011723.3.limits: ; preds = %BB5.000316011723.2.limits
%pBRLim228 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl229 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim228, i64 0, i64 9
%pFullUpper230 = getelementptr inbounds %BL_struct, %BL_struct* %pbl229, i32 0, i32 1
%ul231 = load i32, i32* %pFullUpper230, align 4, !tbaa !​142
%ulle232 = icmp ule i32 %Uadr213, %ul231
br i1 %ulle232, label %BB5.000316011723.1.pass, label %BB5.000316011723.4.error, !prof !​177

BB5.000316011723.4.error: ; preds = %BB5.000316011723.3.limits, %BB5.000316011723.2.limits
%icbase220 = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode221 = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase220, i64 5075
store %SHM_struct* %picode221, %SHM_struct** %ppICode, !tbaa !​150
%jicount222 = load i64, i64* %jicount
%jicount223 = add i64 %jicount222, 1
store i64 %jicount223, i64* %jicount
%ppshadow224 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 0
store %SHM_struct* %picode221, %SHM_struct** %ppshadow224
%plabel225 = getelementptr inbounds %SHM_struct, %SHM_struct* %picode221, i32 0, i32 0
%label226 = load i64, i64* %plabel225, align 8, !tbaa !​138
%plabel227 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 1
store i64 %label226, i64* %plabel227
br label %Exit

BB5.000316011723.5.jh: ; preds = %BB5.000316011723.1.pass
%jicount247 = load i64, i64* %jicount
%jicount248 = add i64 %jicount247, 1
store i64 %jicount248, i64* %jicount
%parjh249 = load i64, i64* %pLBDI, align 8, !tbaa !​150
%jheflags250 = or i64 %parjh249, 6917529027641081856
%jhe251 = add i64 %jheflags250, 5076
%jhi252 = load i8, i8* %pJHx, align 1, !tbaa !​144
%jhix253 = zext i8 %jhi252 to i32
%pjhe254 = getelementptr inbounds [256 x i64], [256 x i64]* %pJHb, i64 0, i32 %jhix253
store i64 %jhe251, i64* %pjhe254, align 8, !tbaa !​146
%jhii255 = add i32 %jhix253, 1
%jhx256 = trunc i32 %jhii255 to i8
store i8 %jhx256, i8* %pJHx, align 1, !tbaa !​144
br label %BB2.000316011727

BB6.000316011725: ; preds = %BB5.000316011723.1.pass
%icbase363 = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode364 = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase363, i32 5071
%plabel365 = getelementptr inbounds %SHM_struct, %SHM_struct* %picode364, i32 0, i32 0
store i64 8029807, i64* %plabel365, align 8, !tbaa !​138
br label %BB6.000316011725.1.exit

BB4.000316011734.1.pass: ; preds = %BB4.000316011734.3.limits
%preg316 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
%reg317 = load i64, i64* %preg316, align 8, !tbaa !​26
%xmod318 = and i64 %reg317, 262143
%add1c319 = sub i64 %xmod318, 262143
%cchk320 = icmp sge i64 %add1c319, 0
%sum321 = select i1 %cchk320, i64 %add1c319, i64 %xmod318
%pBRBase322 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase323 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase322, i64 0, i64 0
%base324 = load i64*, i64** %pbase323, !tbaa !​142
%absaddr325 = getelementptr inbounds i64, i64* %base324, i64 %sum321
%rmem326 = load atomic i64, i64* %absaddr325 monotonic, align 8, !tbaa !​4
%word327 = and i64 %rmem326, 68719476735
%preg328 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
store i64 %word327, i64* %preg328, align 8, !tbaa !​26
%preg329 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
%reg330 = load i64, i64* %preg329, align 8, !tbaa !​26
%preg331 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
%reg332 = load i64, i64* %preg331, align 8, !tbaa !​26
%xmod333 = and i64 %reg332, 262143
%add1c334 = sub i64 %xmod333, 262143
%cchk335 = icmp sge i64 %add1c334, 0
%sum336 = select i1 %cchk335, i64 %add1c334, i64 %xmod333
%oldv = and i64 %reg330, 68719214592
%mrg = or i64 5086, %oldv
%preg352 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
store i64 %mrg, i64* %preg352, align 8, !tbaa !​26
%jicount353 = load i64, i64* %jicount
%jicount354 = add i64 %jicount353, 4
store i64 %jicount354, i64* %jicount
br label %BB4.000316011735.8.jh

BB4.000316011734.2.limits: ; preds = %BB4.000316011732
%preg290 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
%reg291 = load i64, i64* %preg290, align 8, !tbaa !​26
%xmod292 = and i64 %reg291, 262143
%add1c293 = sub i64 %xmod292, 262143
%cchk294 = icmp sge i64 %add1c293, 0
%sum295 = select i1 %cchk294, i64 %add1c293, i64 %xmod292
%Uadr296 = trunc i64 %sum295 to i32
%pBRLim297 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl298 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim297, i64 0, i64 0
%pFullLower299 = getelementptr inbounds %BL_struct, %BL_struct* %pbl298, i32 0, i32 0
%ll300 = load i32, i32* %pFullLower299, align 4, !tbaa !​142
%rll301 = and i32 %ll300, -16777217
%llge302 = icmp uge i32 %Uadr296, %rll301
br i1 %llge302, label %BB4.000316011734.3.limits, label %BB4.000316011734.4.error, !prof !​177

BB4.000316011734.3.limits: ; preds = %BB4.000316011734.2.limits
%pBRLim311 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 0
%pbl312 = getelementptr inbounds [32 x %BL_struct], [32 x %BL_struct]* %pBRLim311, i64 0, i64 0
%pFullUpper313 = getelementptr inbounds %BL_struct, %BL_struct* %pbl312, i32 0, i32 1
%ul314 = load i32, i32* %pFullUpper313, align 4, !tbaa !​142
%ulle315 = icmp ule i32 %Uadr296, %ul314
br i1 %ulle315, label %BB4.000316011734.1.pass, label %BB4.000316011734.4.error, !prof !​177

BB4.000316011734.4.error: ; preds = %BB4.000316011734.3.limits, %BB4.000316011734.2.limits
%icbase303 = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode304 = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase303, i64 5084
store %SHM_struct* %picode304, %SHM_struct** %ppICode, !tbaa !​150
%jicount305 = load i64, i64* %jicount
%jicount306 = add i64 %jicount305, 2
store i64 %jicount306, i64* %jicount
%ppshadow307 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 0
store %SHM_struct* %picode304, %SHM_struct** %ppshadow307
%plabel308 = getelementptr inbounds %SHM_struct, %SHM_struct* %picode304, i32 0, i32 0
%label309 = load i64, i64* %plabel308, align 8, !tbaa !​138
%plabel310 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 1
store i64 %label309, i64* %plabel310
br label %Exit

BB4.000316011735.2.cj7: ; preds = %BB4.000316011735.8.jh
%offset = trunc i64 %sum336 to i32
%pparll = getelementptr inbounds %BL_struct, %BL_struct* %pLimits, i32 0, i32 0
%parll = load i32, i32* %pparll, align 4, !tbaa !​150
%pparul = getelementptr inbounds %BL_struct, %BL_struct* %pLimits, i32 0, i32 1
%parul = load i32, i32* %pparul, align 4, !tbaa !​150
%llok = icmp ule i32 %parll, %offset
%ulok = icmp ule i32 %offset, %parul
%limok = and i1 %llok, %ulok
br i1 %limok, label %BB4.000316011735.4, label %BB4.000316011735.3, !prof !​177

BB4.000316011735.3: ; preds = %BB4.000316011735.2.cj7
%icount = load i64, i64* %ICount
call mariner_jjcc void @​JIT_Jump(i64 %sum336, %DS_struct* %pDynamicState, i64 %icount)
br label %BB4.000316011735.5

BB4.000316011735.4: ; preds = %BB4.000316011735.2.cj7
%pcbase337 = load i64*, i64** %pBase, !tbaa !​150
%pcode338 = getelementptr inbounds i64, i64* %pcbase337, i64 %sum336
store i64* %pcode338, i64** %pCode, !tbaa !​150
br label %BB4.000316011735.5

BB4.000316011735.5: ; preds = %BB4.000316011735.4, %BB4.000316011735.3
%intpend = load volatile i8, i8* %pintp, align 1, !tbaa !​152
%intpend345 = icmp ne i8 %intpend, 0
br i1 %intpend345, label %BB4.000316011735.7.intpend, label %BB4.000316011735.6, !prof !​179

BB4.000316011735.6: ; preds = %BB4.000316011735.5
%icbase346 = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode347 = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase346, i64 %sum336
store %SHM_struct* %picode347, %SHM_struct** %ppICode, !tbaa !​150
%ppshadow348 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 0
store %SHM_struct* %picode347, %SHM_struct** %ppshadow348
%plabel349 = getelementptr inbounds %SHM_struct, %SHM_struct* %picode347, i32 0, i32 0
%label350 = load i64, i64* %plabel349, align 8, !tbaa !​138
%plabel351 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 1
store i64 %label350, i64* %plabel351
br label %Exit

BB4.000316011735.7.intpend: ; preds = %BB4.000316011735.5
%pcbase339 = load i64*, i64** %pBase, !tbaa !​150
%pcode340 = getelementptr inbounds i64, i64* %pcbase339, i64 %sum336
store i64* %pcode340, i64** %pCode, !tbaa !​150
%icbase341 = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode342 = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase341, i64 %sum336
store %SHM_struct* %picode342, %SHM_struct** %ppICode, !tbaa !​150
%ppshadow343 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 0
store %SHM_struct* %picode342, %SHM_struct** %ppshadow343
%plabel344 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 1
store i64 8035092, i64* %plabel344
br label %Exit

BB4.000316011735.8.jh: ; preds = %BB4.000316011734.1.pass
%parjh355 = load i64, i64* %pLBDI, align 8, !tbaa !​150
%jheflags356 = or i64 %parjh355, 6917529027641081856
%jhe357 = add i64 %jheflags356, 5085
%jhi358 = load i8, i8* %pJHx, align 1, !tbaa !​144
%jhix359 = zext i8 %jhi358 to i32
%pjhe360 = getelementptr inbounds [256 x i64], [256 x i64]* %pJHb, i64 0, i32 %jhix359
store i64 %jhe357, i64* %pjhe360, align 8, !tbaa !​146
%jhii361 = add i32 %jhix359, 1
%jhx362 = trunc i32 %jhii361 to i8
store i8 %jhx362, i8* %pJHx, align 1, !tbaa !​144
br label %BB4.000316011735.2.cj7

BB6.000316011725.1.exit: ; preds = %BB6.000316011725
%icbase366 = load %SHM_struct*, %SHM_struct** %iBase, !tbaa !​150
%picode367 = getelementptr inbounds %SHM_struct, %SHM_struct* %icbase366, i64 5077
store %SHM_struct* %picode367, %SHM_struct** %ppICode, !tbaa !​150
%ppshadow368 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 0
store %SHM_struct* %picode367, %SHM_struct** %ppshadow368
%plabel369 = getelementptr inbounds %SHM_struct, %SHM_struct* %picode367, i32 0, i32 0
%label370 = load i64, i64* %plabel369, align 8, !tbaa !​138
%plabel371 = getelementptr inbounds %MNR_struct, %MNR_struct* %restart, i32 0, i32 1
store i64 %label370, i64* %plabel371
br label %Exit
}

attributes #​0 = { nounwind readnone speculatable }
attributes #​1 = { argmemonly nounwind }
attributes #​2 = { nounwind }
attributes #​3 = { nounwind readnone }
attributes #​4 = { inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind }
attributes #​5 = { inaccessiblemem_or_argmemonly norecurse noreturn nounwind nonlazybind }
attributes #​6 = { cold inaccessiblemem_or_argmemonly norecurse nounwind nonlazybind }
attributes #​7 = { cold norecurse nounwind nonlazybind }
attributes #​8 = { argmemonly cold norecurse nounwind nonlazybind }
attributes #​9 = { argmemonly norecurse nounwind nonlazybind }
attributes #​10 = { argmemonly cold norecurse noreturn nounwind nonlazybind }

!tbaa = !{#0, !​1, !​3, !​4, !​6, !​8, !​10, !​12, !​14, !​16, !​18, !​20, !​22, !​24, !​26, !​28, !​30, !​32, !​34, !​36, !​38, !​40, !​42, !​44, !​46, !​48, !​50, !​52, !​54, !​56, !​58, !​60, !​62, !​64, !​66, !​68, !​70, !​72, !​74, !​76, !​78, !​80, !​82, !​84, !​86, !​88, !​90, !​92, !​94, !​96, !​98, !​100, !​102, !​104, !​106, !​108, !​110, !​112, !​114, !​116, !​118, !​120, !​122, !​124, !​126, !​128, !​130, !​132, !​134, !​136, !​138, !​140, !​142, !​144, !​146, !​148, !​150, !​152, !​154, !​156, !​158, !​160, !​162, !​164, !​165, !​167, !​169, !​171, !​173, !​175}

!​0 = !{!"tbaa2200"}
!​1 = !{#2, !​2, i64 0}
!​2 = !{!"data", !​0}
!​3 = !{!"ctrl", !​0}
!​4 = !{#5, !​5, i64 0}
!​5 = !{!"mem", !​2}
!​6 = !{#7, !​7, i64 0}
!​7 = !{!"grs", !​2}
!​8 = !{#9, !​9, i64 0}
!​9 = !{!"X0", !​7}
!​10 = !{#11, !​11, i64 0}
!​11 = !{!"X1", !​7}
!​12 = !{#13, !​13, i64 0}
!​13 = !{!"X2", !​7}
!​14 = !{#15, !​15, i64 0}
!​15 = !{!"X3", !​7}
!​16 = !{#17, !​17, i64 0}
!​17 = !{!"X4", !​7}
!​18 = !{#19, !​19, i64 0}
!​19 = !{!"X5", !​7}
!​20 = !{#21, !​21, i64 0}
!​21 = !{!"X6", !​7}
!​22 = !{#23, !​23, i64 0}
!​23 = !{!"X7", !​7}
!​24 = !{#25, !​25, i64 0}
!​25 = !{!"X8", !​7}
!​26 = !{#27, !​27, i64 0}
!​27 = !{!"X9", !​7}
!​28 = !{#29, !​29, i64 0}
!​29 = !{!"X10", !​7}
!​30 = !{#31, !​31, i64 0}
!​31 = !{!"X11", !​7}
!​32 = !{#33, !​33, i64 0}
!​33 = !{!"A0", !​7}
!​34 = !{#35, !​35, i64 0}
!​35 = !{!"A1", !​7}
!​36 = !{#37, !​37, i64 0}
!​37 = !{!"A2", !​7}
!​38 = !{#39, !​39, i64 0}
!​39 = !{!"A3", !​7}
!​40 = !{#41, !​41, i64 0}
!​41 = !{!"A4", !​7}
!​42 = !{#43, !​43, i64 0}
!​43 = !{!"A5", !​7}
!​44 = !{#45, !​45, i64 0}
!​45 = !{!"A6", !​7}
!​46 = !{#47, !​47, i64 0}
!​47 = !{!"A7", !​7}
!​48 = !{#49, !​49, i64 0}
!​49 = !{!"A8", !​7}
!​50 = !{#51, !​51, i64 0}
!​51 = !{!"A9", !​7}
!​52 = !{#53, !​53, i64 0}
!​53 = !{!"A10", !​7}
!​54 = !{#55, !​55, i64 0}
!​55 = !{!"A11", !​7}
!​56 = !{#57, !​57, i64 0}
!​57 = !{!"A12", !​7}
!​58 = !{#59, !​59, i64 0}
!​59 = !{!"A13", !​7}
!​60 = !{#61, !​61, i64 0}
!​61 = !{!"A14", !​7}
!​62 = !{#63, !​63, i64 0}
!​63 = !{!"A15", !​7}
!​64 = !{#65, !​65, i64 0}
!​65 = !{!"A16", !​7}
!​66 = !{#67, !​67, i64 0}
!​67 = !{!"A17", !​7}
!​68 = !{#69, !​69, i64 0}
!​69 = !{!"A18", !​7}
!​70 = !{#71, !​71, i64 0}
!​71 = !{!"A19", !​7}
!​72 = !{#73, !​73, i64 0}
!​73 = !{!"R0", !​7}
!​74 = !{#75, !​75, i64 0}
!​75 = !{!"R1", !​7}
!​76 = !{#77, !​77, i64 0}
!​77 = !{!"R2", !​7}
!​78 = !{#79, !​79, i64 0}
!​79 = !{!"R3", !​7}
!​80 = !{#81, !​81, i64 0}
!​81 = !{!"R4", !​7}
!​82 = !{#83, !​83, i64 0}
!​83 = !{!"R5", !​7}
!​84 = !{#85, !​85, i64 0}
!​85 = !{!"R6", !​7}
!​86 = !{#87, !​87, i64 0}
!​87 = !{!"R7", !​7}
!​88 = !{#89, !​89, i64 0}
!​89 = !{!"R8", !​7}
!​90 = !{#91, !​91, i64 0}
!​91 = !{!"R9", !​7}
!​92 = !{#93, !​93, i64 0}
!​93 = !{!"R10", !​7}
!​94 = !{#95, !​95, i64 0}
!​95 = !{!"R11", !​7}
!​96 = !{#97, !​97, i64 0}
!​97 = !{!"R12", !​7}
!​98 = !{#99, !​99, i64 0}
!​99 = !{!"R13", !​7}
!​100 = !{#101, !​101, i64 0}
!​101 = !{!"R14", !​7}
!​102 = !{#103, !​103, i64 0}
!​103 = !{!"R15", !​7}
!​104 = !{#105, !​105, i64 0}
!​105 = !{!"T0", !​7}
!​106 = !{#107, !​107, i64 0}
!​107 = !{!"T1", !​7}
!​108 = !{#109, !​109, i64 0}
!​109 = !{!"T2", !​7}
!​110 = !{#111, !​111, i64 0}
!​111 = !{!"T3", !​7}
!​112 = !{#113, !​113, i64 0}
!​113 = !{!"T4", !​7}
!​114 = !{#115, !​115, i64 0}
!​115 = !{!"T5", !​7}
!​116 = !{#117, !​117, i64 0}
!​117 = !{!"T6", !​7}
!​118 = !{#119, !​119, i64 0}
!​119 = !{!"T7", !​7}
!​120 = !{#121, !​121, i64 0}
!​121 = !{!"C0", !​7}
!​122 = !{#123, !​123, i64 0}
!​123 = !{!"C1", !​7}
!​124 = !{#125, !​125, i64 0}
!​125 = !{!"C2", !​7}
!​126 = !{#127, !​127, i64 0}
!​127 = !{!"C3", !​7}
!​128 = !{#129, !​129, i64 0}
!​129 = !{!"C4", !​7}
!​130 = !{#131, !​131, i64 0}
!​131 = !{!"C5", !​7}
!​132 = !{#133, !​133, i64 0}
!​133 = !{!"C6", !​7}
!​134 = !{#135, !​135, i64 0}
!​135 = !{!"C7", !​7}
!​136 = !{#137, !​137, i64 0}
!​137 = !{!"rcs", !​2}
!​138 = !{#139, !​139, i64 0}
!​139 = !{!"shdw", !​3}
!​140 = !{#141, !​141, i64 0}
!​141 = !{!"static", !​3}
!​142 = !{#143, !​143, i64 0}
!​143 = !{!"breg", !​3}
!​144 = !{#145, !​145, i64 0}
!​145 = !{!"jhx", !​3}
!​146 = !{#147, !​147, i64 0}
!​147 = !{!"jhb", !​3}
!​148 = !{#149, !​149, i64 0}
!​149 = !{!"icount", !​3}
!​150 = !{#151, !​151, i64 0}
!​151 = !{!"par", !​3}
!​152 = !{#153, !​153, i64 0}
!​153 = !{!"dbits", !​3}
!​154 = !{#155, !​155, i64 0}
!​155 = !{!"ovflw", !​3}
!​156 = !{#157, !​157, i64 0}
!​157 = !{!"carry", !​3}
!​158 = !{#159, !​159, i64 0}
!​159 = !{!"qwmode", !​3}
!​160 = !{#161, !​161, i64 0, i32 1}
!​161 = !{!"pjitdata", !​3}
!​162 = !{#163, !​163, i64 0}
!​163 = !{!"jitdata", !​3}
!​164 = !{!"ssip", !​3}
!​165 = !{#166, !​166, i64 0}
!​166 = !{!"ssipc", !​164}
!​167 = !{#168, !​168, i64 0}
!​168 = !{!"ssipi", !​164}
!​169 = !{#170, !​170, i64 0}
!​170 = !{!"ssipji", !​164}
!​171 = !{#172, !​172, i64 0}
!​172 = !{!"dtstats", !​3}
!​173 = !{#174, !​174, i64 0}
!​174 = !{!"ccbstats", !​3}
!​175 = !{#176, !​176, i64 0, i32 1}
!​176 = !{!"const", !​3}
!​177 = !{!"branch_weights", i32 999, i32 1}
!​178 = !{!"branch_weights", i32 380, i32 619}
!​179 = !{!"branch_weights", i32 1, i32 999}
!​180 = !{!"branch_weights", i32 4}
!​181 = !{}

[llvmbot]

This function is really big and would take me a while. you can help trying to reduce with (opt -instnamer + delta) or bugpoint (if you pass -compile-custom you can specify a script http://blog.llvm.org/2015/11/reduce-your-testcases-with-bugpoint-and.html). That will make my life much easier.
I can see there's a lot of unneeded info in the test (including, e.g. all branch weights the metadata)

Thanks for your help!

[llvmbot]

If you look at any test in the llvm testsuite (llvm/trunk/tests) those try to be very synthetic (i.e. not exceed 20-30 lines of source code). I think you should aim for something like that. Please note that delta or bugpoint are not silver bullets (so from time to time they need a kick, i.e. you need to hand reduce the test a bit and then run the tools again).

[llvmbot]

Ok, I'll start working on cutting it down, but I'm completely unfamiliar with using the tools, so it will take awhile.

[llvmbot]

Davide,

My first attempt at running bugpoint produced somewhat surprising and not obviously successful results. I created a subdirectory named bugpoint and put the test case and a simple compile/checking script in it, according to the blog post you mentioned and the bugpoint documentation and help info. The compile/checking script is just:

kharris@cm-mariner35:~/bugpoint> cat opt-check.sh
#!/bin/bash
../llvm-tot-install/bin/opt -O3 -enable-newgvn -S "$@" | grep "%val"

This is based on the fact that the offending behavior is that the variable %val is erroneously deleted by the new gvn pass. It appears to work as the blog post describes:

kharris@cm-mariner35:~/bugpoint> ./opt-check.sh if000316011717_2.bc && echo "NON-INTERESTING" || echo "INTERESTING"
INTERESTING

But when I use it with bugpoint, it gives the following trace:

kharris@cm-mariner35:~/bugpoint> /llvm-tot-install/bin/bugpoint -compile-custom -compile-command=./opt-check.sh -opt-command=/llvm-tot-install/bin/opt -verbose-errors if000316011717_2.bc
Read input file : 'if000316011717_2.bc'
*** All input ok
Initializing execution environment: Found command in: ./opt-check.sh
Running the code generator to test for a crash:
Error running tool:
./opt-check.sh bugpoint-test-program-ccff5f5.bc
*** Debugging code generator crash!
Checking for crash with changing conditionals to always jump to true: Entry Exit BB1.000316011717 Entry.1.limits Entry.2.limits Entry.3.error BB1.000316011720.1.pass BB1.000316011720.2.limits BB1.000316011720.3.limits BB1.000316011720.4.error... <51 total>: verify failed!

and the subdirectory contains no files that weren't already there.

It looks like the first attempt to modify the source bitcode file results in verify errors, which is not surprising. But why should this cause bugpoint to stop?

Clue?

[llvmbot]

After a fair amount of hand work cutting down the example, I hit on the idea that bugpoint's problem might be that the opt-check script should check both positive and negative conditions. So I modified it according to the example in the blog post:

#!/bin/bash
../llvm-tot-install/bin/opt -O3 -S "$@" | grep -q "%val"
res_original=$?
../llvm-tot-install/bin/opt -O3 -enable-newgvn -S "$@" | grep -q "%val"
res_gvn=$?
[[ $res_original == 0 && $res_gvn == 1 ]] && exit 1
exit 0

This behaves as described in the blog post:

kharris@cm-mariner35:~/bisect> ./opt-check.sh badfunc3.ll && echo "NON-INTERESTING" || echo "INTERESTING"
INTERESTING

but the bugpoint behavior is the same. Sigh.

[llvmbot]

Davide,
Reducing it by hand, I got it down to the following. Based on experimentation, it looks like the only thing left that can be simplified is the specific arithmetic. I can probably get rid of the calls to bextr and simplify the rest of the arithmetic, but removing any of the major computations that lead to store operations causes newGVN to stop failing. Let me know if this is small enough for you to work with. Thanks.

; ModuleID = 'if000316011717_2.bc'
source_filename = "os2200"
target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"

%DS_struct = type { [32 x %BL_struct], [32 x i64*], [32 x %BS_struct], [128 x i64], [256 x i64], i64, i8, i8, i8, i32, %BL_struct, i64*, i64*, %SHM_struct*, i64, i64, i64, i8, i8, i8, i8, i8, i8, i8, i8*, i64, i64, i8, i8, i8, i8, i8, i8, i8, i64, [32 x i64], %SSIP_struct, %INF_struct*, i64*, i64, i32, i8, i8, [32 x i16] }
%BS_struct = type { i32, i32, %SHM_struct*, i64, i64 }
%BL_struct = type { i32, i32 }
%SHM_struct = type { i64, i64 }
%SSIP_struct = type { %SSIPR_struct, %SSIPR_struct }
%SSIPR_struct = type { [128 x i64], [128 x i64], [32 x i64], [16 x i64], [16 x i64] }
%INF_struct = type { i64, i64, i64, i64, i64, i64, i64*, %SHM_struct*, i64*, i64*, i64*, i32, i16, i8 }
%MNR_struct = type { %SHM_struct*, i64, i64, %DS_struct*, %SHM_struct*, [64 x i64]* }

; Function Attrs: nounwind readnone
declare i64 @​llvm.x86.bmi.bextr.64(i64, i64) #​3

; Function Attrs: nounwind
define mariner_jitcc %MNR_struct @​f000316011717_2(i64 %trICount, %DS_struct* dereferenceable(10200) %pDynamicState, %SHM_struct* %pICode, [64 x i64]* dereferenceable(512) %pCurrentGrs) #​2 {
Entry:
%restart = alloca %MNR_struct
%pCarry = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 18
%preg160 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
%reg161 = load i64, i64* %preg160, align 32, !tbaa !​32
%xmod162 = and i64 %reg161, 262143
%add2c163 = add i64 609, %xmod162
%add1c164 = sub i64 %add2c163, 262143
%cchk165 = icmp sge i64 %add1c164, 0
%sum166 = select i1 %cchk165, i64 %add1c164, i64 %add2c163
%pBRBase167 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase168 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase167, i64 0, i64 0
%base169 = load i64*, i64** %pbase168, !tbaa !​142
%absaddr170 = getelementptr inbounds i64, i64* %base169, i64 %sum166
%extarget = load atomic i64, i64* %absaddr170 monotonic, align 8, !tbaa !​4
%extarget173 = and i64 %extarget, 67712843775
%template = icmp eq i64 %extarget173, 8593987412
br i1 %template, label %"BB3.000316011731#1", label %BB2.000316011731.5

BB2.000316011731.5: ; preds = %"BB3.000316011731#1", %BB2.000316011731.1.pass
%extarget174 = and i64 %extarget, 137438953471
switch i64 %extarget174, label %Exit [
]

"BB3.000316011731#1": ; preds = %BB2.000316011731.1.pass
%preg180 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 15
%reg181 = load i64, i64* %preg180, align 8, !tbaa !​38
%xmod182 = and i64 %reg181, 262143
%add2c183 = add i64 1876, %xmod182
%add1c184 = sub i64 %add2c183, 262143
%cchk185 = icmp sge i64 %add1c184, 0
%sum186 = select i1 %cchk185, i64 %add1c184, i64 %add2c183
%pBRBase187 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase188 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase187, i64 0, i64 29
%base189 = load i64*, i64** %pbase188, !tbaa !​142
%absaddr190 = getelementptr inbounds i64, i64* %base189, i64 %sum186
%rmem191 = load atomic i64, i64* %absaddr190 monotonic, align 8, !tbaa !​4
%jbits = lshr i64 %extarget, 26
%jbits192 = and i64 %jbits, 15
%pqtrs = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 19
%qwflg = load i8, i8* %pqtrs, align 1, !tbaa !​158
%qwflg193 = icmp ne i8 %qwflg, 0
%jidxq = add i64 %jbits192, 16
%jidx = select i1 %qwflg193, i64 %jidxq, i64 %jbits192
%pwt = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 43
%pwte = getelementptr inbounds [32 x i16], [32 x i16]* %pwt, i64 0, i64 %jidx
%shifts = load i16, i16* %pwte, align 2, !tbaa !​175, !invariant.load !​181
%slowj = icmp eq i16 %shifts, 0
br i1 %slowj, label %BB2.000316011731.5, label %"BB3.000316011731#1.1"

"BB3.000316011731#1.1": ; preds = %"BB3.000316011731#1"
%shifts194 = zext i16 %shifts to i64
%val = call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem191, i64 %shifts194)
%preg195 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
store i64 %val, i64* %preg195, align 32, !tbaa !​32
%preg257 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 14
%reg258 = load i64, i64* %preg257, align 16, !tbaa !​36
%xmod259 = and i64 %reg258, 262143
%add2c260 = add i64 2, %xmod259
%add1c261 = sub i64 %add2c260, 262143
%cchk262 = icmp sge i64 %add1c261, 0
%sum263 = select i1 %cchk262, i64 %add1c261, i64 %add2c260
%pBRBase264 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase265 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase264, i64 0, i64 29
%base266 = load i64*, i64** %pbase265, !tbaa !​142
%absaddr267 = getelementptr inbounds i64, i64* %base266, i64 %sum263
%rmem268 = load atomic i64, i64* %absaddr267 monotonic, align 8, !tbaa !​4
%h1j269 = call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem268, i64 4626)
%preg270 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
store i64 %h1j269, i64* %preg270, align 8, !tbaa !​26
%preg271 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
%reg272 = load i64, i64* %preg271, align 8, !tbaa !​26
%preg273 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
%reg274 = load i64, i64* %preg273, align 32, !tbaa !​32
%xmod275 = and i64 %reg274, 262143
%add1c276 = sub i64 %xmod275, 262143
%cchk277 = icmp sge i64 %add1c276, 0
%sum278 = select i1 %cchk277, i64 %add1c276, i64 %xmod275
%add2c279 = add i64 %reg272, %sum278
%add1c280 = sub i64 %add2c279, 68719476735
%cchk281 = icmp sge i64 %add1c280, 0
%cfl283 = zext i1 %cchk281 to i8
store i8 %cfl283, i8* %pCarry, align 1, !tbaa !​156
br label %Exit

Exit: ; preds = %"BB3.000316011731#1.1", %BB2.000316011731.5
%restart378 = load %MNR_struct, %MNR_struct* %restart
ret %MNR_struct %restart378
}

attributes #​2 = { nounwind }
attributes #​3 = { nounwind readnone }

!tbaa = !{#0, !​1, !​3, !​4, !​6, !​26, !​32, !​36, !​38, !​142, !​156, !​158, !​175}

!​0 = !{!"tbaa2200"}
!​1 = !{#2, !​2, i64 0}
!​2 = !{!"data", !​0}
!​3 = !{!"ctrl", !​0}
!​4 = !{#5, !​5, i64 0}
!​5 = !{!"mem", !​2}
!​6 = !{#7, !​7, i64 0}
!​7 = !{!"grs", !​2}
!​26 = !{#27, !​27, i64 0}
!​27 = !{!"X9", !​7}
!​32 = !{#33, !​33, i64 0}
!​33 = !{!"A0", !​7}
!​36 = !{#37, !​37, i64 0}
!​37 = !{!"A2", !​7}
!​38 = !{#39, !​39, i64 0}
!​39 = !{!"A3", !​7}
!​142 = !{#143, !​143, i64 0}
!​143 = !{!"breg", !​3}
!​156 = !{#157, !​157, i64 0}
!​157 = !{!"carry", !​3}
!​158 = !{#159, !​159, i64 0}
!​159 = !{!"qwmode", !​3}
!​175 = !{#176, !​176, i64 0, i32 1}
!​176 = !{!"const", !​3}
!​181 = !{}

[llvmbot]

Davide,
Much more simplification: I've simplified much of the arithmetic: gotten rid of the selects, unary operations and binary operations on constants. I'll show the current state below, and the difference of the outputs between the old and new gvn.
-Kevin

kharris@cm-mariner35:~/bisect> cat badf13.ll
; ModuleID = 'if000316011717_2.bc'
source_filename = "os2200"
target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"

%DS_struct = type { [32 x %BL_struct], [32 x i64*], [32 x %BS_struct], [128 x i64], [256 x i64], i64, i8, i8, i8, i32, %BL_struct, i64*, i64*, %SHM_struct*, i64, i64, i64, i8, i8, i8, i8, i8, i8, i8, i8*, i64, i64, i8, i8, i8, i8, i8, i8, i8, i64, [32 x i64], %SSIP_struct, %INF_struct*, i64*, i64, i32, i8, i8, [32 x i16] }
%BS_struct = type { i32, i32, %SHM_struct*, i64, i64 }
%BL_struct = type { i32, i32 }
%SHM_struct = type { i64, i64 }
%SSIP_struct = type { %SSIPR_struct, %SSIPR_struct }
%SSIPR_struct = type { [128 x i64], [128 x i64], [32 x i64], [16 x i64], [16 x i64] }
%INF_struct = type { i64, i64, i64, i64, i64, i64, i64*, %SHM_struct*, i64*, i64*, i64*, i32, i16, i8 }
%MNR_struct = type { %SHM_struct*, i64, i64, %DS_struct*, %SHM_struct*, [64 x i64]* }

; Function Attrs: nounwind readnone
declare i64 @​llvm.x86.bmi.bextr.64(i64, i64) #​3

; Function Attrs: nounwind
define mariner_jitcc %MNR_struct @​f000316011717_2(%DS_struct* dereferenceable(10200) %pDynamicState, [64 x i64]* dereferenceable(512) %pCurrentGrs) #​2 {
Entry:
%restart = alloca %MNR_struct
%pCarry = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 18
%preg160 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
%reg161 = load i64, i64* %preg160, align 32, !tbaa !​32
%pBRBase167 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase168 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase167, i64 0, i64 0
%base169 = load i64*, i64** %pbase168, !tbaa !​142
%absaddr170 = getelementptr inbounds i64, i64* %base169, i64 %reg161
%extarget = load i64, i64* %absaddr170, align 8, !tbaa !​4
%template = icmp eq i64 %extarget, 8593987412
br i1 %template, label %"BB3.000316011731#1", label %BB2.000316011731.5

"BB3.000316011731#1": ; preds = %BB2.000316011731.1.pass
%preg180 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 15
%reg181 = load i64, i64* %preg180, align 8, !tbaa !​38
%pBRBase187 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase188 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase187, i64 0, i64 29
%base189 = load i64*, i64** %pbase188, !tbaa !​142
%absaddr190 = getelementptr inbounds i64, i64* %base189, i64 %reg181
%rmem191 = load i64, i64* %absaddr190, align 8, !tbaa !​4
%pwt = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 43
%pwte = getelementptr inbounds [32 x i16], [32 x i16]* %pwt, i64 0, i64 %extarget
%shifts = load i16, i16* %pwte, align 2, !tbaa !​175, !invariant.load !​181
%slowj = icmp eq i16 %shifts, 0
br i1 %slowj, label %BB2.000316011731.5, label %"BB3.000316011731#1.1"

BB2.000316011731.5: ; preds = %"BB3.000316011731#1", %BB2.000316011731.1.pass
%extarget174 = and i64 %extarget, 137438953471
switch i64 %extarget174, label %Exit [
]

"BB3.000316011731#1.1": ; preds = %"BB3.000316011731#1"
%shifts194 = zext i16 %shifts to i64
%val = call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem191, i64 %shifts194)
%preg195 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
store i64 %val, i64* %preg195, align 32, !tbaa !​32
%preg257 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 14
%reg258 = load i64, i64* %preg257, align 16, !tbaa !​36
%pBRBase264 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i32 0, i32 1
%pbase265 = getelementptr inbounds [32 x i64*], [32 x i64*]* %pBRBase264, i64 0, i64 29
%base266 = load i64*, i64** %pbase265, !tbaa !​142
%absaddr267 = getelementptr inbounds i64, i64* %base266, i64 %reg258
%rmem268 = load i64, i64* %absaddr267, align 8, !tbaa !​4
%preg270 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
store i64 %rmem268, i64* %preg270, align 8, !tbaa !​26
%preg271 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
%reg272 = load i64, i64* %preg271, align 8, !tbaa !​26
%preg273 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
%reg274 = load i64, i64* %preg273, align 32, !tbaa !​32
%add2c279 = add i64 %reg272, %reg274
%cchk281 = icmp sge i64 %add2c279, 0
%cfl283 = zext i1 %cchk281 to i8
store i8 %cfl283, i8* %pCarry, align 1, !tbaa !​156
br label %Exit

Exit: ; preds = %"BB3.000316011731#1.1", %BB2.000316011731.5
%restart378 = load %MNR_struct, %MNR_struct* %restart
ret %MNR_struct %restart378
}

attributes #​2 = { nounwind }
attributes #​3 = { nounwind readnone }

!tbaa = !{#0, !​1, !​3, !​4, !​6, !​26, !​32, !​36, !​38, !​142, !​156, !​158, !​175}

!​0 = !{!"tbaa2200"}
!​1 = !{#2, !​2, i64 0}
!​2 = !{!"data", !​0}
!​3 = !{!"ctrl", !​0}
!​4 = !{#5, !​5, i64 0}
!​5 = !{!"mem", !​2}
!​6 = !{#7, !​7, i64 0}
!​7 = !{!"grs", !​2}
!​26 = !{#27, !​27, i64 0}
!​27 = !{!"X9", !​7}
!​32 = !{#33, !​33, i64 0}
!​33 = !{!"A0", !​7}
!​36 = !{#37, !​37, i64 0}
!​37 = !{!"A2", !​7}
!​38 = !{#39, !​39, i64 0}
!​39 = !{!"A3", !​7}
!​142 = !{#143, !​143, i64 0}
!​143 = !{!"breg", !​3}
!​156 = !{#157, !​157, i64 0}
!​157 = !{!"carry", !​3}
!​158 = !{#159, !​159, i64 0}
!​159 = !{!"qwmode", !​3}
!​175 = !{#176, !​176, i64 0, i32 1}
!​176 = !{!"const", !​3}
!​181 = !{}

kharris@cm-mariner35:/bisect> ../llvm-tot-install/bin/opt -O3 -S badf13.ll > badf13_oldgvn.ll
kharris@cm-mariner35:/bisect> ../llvm-tot-install/bin/opt -O3 -enable-newgvn -S badf13.ll > badf13_newgvn.ll
kharris@cm-mariner35:~/bisect> diff -u badf13_oldgvn.ll badf13_newgvn.ll
--- badf13_oldgvn.ll 2017-06-14 09:18:11.437396625 -0500
+++ badf13_newgvn.ll 2017-06-14 09:18:27.685878898 -0500
@@ -11,11 +11,8 @@
%SSIPR_struct = type { [128 x i64], [128 x i64], [32 x i64], [16 x i64], [16 x i64] }
%INF_struct = type { i64, i64, i64, i64, i64, i64, i64*, %SHM_struct*, i64*, i64*, i64*, i32, i16, i8 }

-; Function Attrs: nounwind readnone
-declare i64 @​llvm.x86.bmi.bextr.64(i64, i64) #​0

; Function Attrs: nounwind
-define mariner_jitcc %MNR_struct @​f000316011717_2(%DS_struct* nocapture dereferenceable(10200) %pDynamicState, [64 x i64]* nocapture dereferenceable(512) %pCurrentGrs) local_unnamed_addr #​1 {
+define mariner_jitcc %MNR_struct @​f000316011717_2(%DS_struct* nocapture dereferenceable(10200) %pDynamicState, [64 x i64]* nocapture dereferenceable(512) %pCurrentGrs) local_unnamed_addr #​0 {
Entry:
%pCarry = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i64 0, i32 18
%preg160 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 12
@@ -36,32 +33,20 @@
"BB3.000316011731#1.1": ; preds = %"BB3.000316011731#1"
%pbase188 = getelementptr inbounds %DS_struct, %DS_struct* %pDynamicState, i64 0, i32 1, i64 29
%base189 = load i64*, i64** %pbase188, align 8, !tbaa !​16

• %preg180 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 15
• %reg181 = load i64, i64* %preg180, align 8, !tbaa !​14
• %absaddr190 = getelementptr inbounds i64, i64* %base189, i64 %reg181
• %rmem191 = load i64, i64* %absaddr190, align 8, !tbaa !​4
• %shifts194 = zext i16 %shifts to i64
• %val = tail call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem191, i64 %shifts194)
• store i64 %val, i64* %preg160, align 32, !tbaa !​10
  %preg257 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 14
  %reg258 = load i64, i64* %preg257, align 16, !tbaa !​12
  %absaddr267 = getelementptr inbounds i64, i64* %base189, i64 %reg258
  %rmem268 = load i64, i64* %absaddr267, align 8, !tbaa !​4
  %preg270 = getelementptr inbounds [64 x i64], [64 x i64]* %pCurrentGrs, i64 0, i64 9
  store i64 %rmem268, i64* %preg270, align 8, !tbaa !​8
• %add2c279 = add i64 %val, %rmem268
• %add2c279.lobit = lshr i64 %add2c279, 63
• %0 = trunc i64 %add2c279.lobit to i8
• %.not = xor i8 %0, 1
• store i8 %.not, i8* %pCarry, align 1, !tbaa !​18

• store i8 1, i8* %pCarry, align 1, !tbaa !​18
  br label %Exit

Exit: ; preds = %Entry, %"BB3.000316011731#1", %"BB3.000316011731#1.1"
ret %MNR_struct undef
}

-attributes #​0 = { nounwind readnone }
-attributes #​1 = { nounwind }
+attributes #​0 = { nounwind }

!tbaa = !{#0, !​1, !​3, !​4, !​6, !​8, !​10, !​12, !​14, !​16, !​18, !​20, !​22}

[llvmbot]

Ok, this should now be a manageable size for debugging newGVN with this example. Taking anything significant out causes the newGVN not to fail. Here's my final cut-down version and the different output between the old and new GVN passes:

kharris@cm-mariner35:~/bisect> cat badf14.ll
%DS_struct = type { [32 x i64*], i8, [32 x i16] }
%MNR_struct = type { i64, i64, %DS_struct* }

declare i64 @​llvm.x86.bmi.bextr.64(i64, i64) #​3

define %MNR_struct @​f000316011717_2(%DS_struct* %pDS, [64 x i64]* %pCG) #​2 {
Entry:
%restart = alloca %MNR_struct
%pCarry = getelementptr %DS_struct, %DS_struct* %pDS, i32 0, i32 1
%pBRBase = getelementptr %DS_struct, %DS_struct* %pDS, i32 0, i32 0
%pbase = getelementptr [32 x i64*], [32 x i64*]* %pBRBase, i64 0, i64 0
%base = load i64*, i64** %pbase, !tbaa !​142
%absaddr = getelementptr i64, i64* %base, i64 9
%extarget = load i64, i64* %absaddr, align 8, !tbaa !​4
%template = icmp eq i64 %extarget, 8593987412
br i1 %template, label %"BB3.000316011731#1", label %BB2.000316011731.5

"BB3.000316011731#1":
%pBRBase7 = getelementptr %DS_struct, %DS_struct* %pDS, i32 0, i32 0
%pbase8 = getelementptr [32 x i64*], [32 x i64*]* %pBRBase7, i64 0, i64 29
%base9 = load i64*, i64** %pbase8, !tbaa !​142
%absaddr1 = getelementptr i64, i64* %base9, i64 7
%rmem = load i64, i64* %absaddr1, align 8, !tbaa !​4
%pwt = getelementptr %DS_struct, %DS_struct* %pDS, i32 0, i32 2
%pwte = getelementptr [32 x i16], [32 x i16]* %pwt, i64 0, i64 %extarget
%shifts = load i16, i16* %pwte, align 2, !tbaa !​175, !invariant.load !​181
%slowj = icmp eq i16 %shifts, 0
br i1 %slowj, label %BB2.000316011731.5, label %"BB3.000316011731#1.1"

BB2.000316011731.5:
%extarget1 = and i64 %extarget, 137438953471
switch i64 %extarget1, label %Exit [
]

"BB3.000316011731#1.1":
%shifts1 = zext i16 %shifts to i64
%val = call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem, i64 %shifts1)
%preg = getelementptr [64 x i64], [64 x i64]* %pCG, i64 0, i64 12
store i64 %val, i64* %preg, align 32, !tbaa !​32
%preg2 = getelementptr [64 x i64], [64 x i64]* %pCG, i64 0, i64 14
%reg = load i64, i64* %preg2, align 16, !tbaa !​36
%pBRBase2 = getelementptr %DS_struct, %DS_struct* %pDS, i32 0, i32 0
%pbase2 = getelementptr [32 x i64*], [32 x i64*]* %pBRBase2, i64 0, i64 29
%base2 = load i64*, i64** %pbase2, !tbaa !​142
%absaddr2 = getelementptr i64, i64* %base2, i64 %reg
%rmem2 = load i64, i64* %absaddr2, align 8, !tbaa !​4
%preg7 = getelementptr [64 x i64], [64 x i64]* %pCG, i64 0, i64 9
store i64 %rmem2, i64* %preg7, align 8, !tbaa !​26
%reg7 = load i64, i64* %preg7, align 8, !tbaa !​26
%preg3 = getelementptr [64 x i64], [64 x i64]* %pCG, i64 0, i64 12
%reg4 = load i64, i64* %preg3, align 32, !tbaa !​32
%add2c279 = add i64 %reg7, %reg4
%cchk = icmp sge i64 %add2c279, 0
%cfl = zext i1 %cchk to i8
store i8 %cfl, i8* %pCarry, align 1, !tbaa !​156
br label %Exit

Exit:
%restart378 = load %MNR_struct, %MNR_struct* %restart
ret %MNR_struct %restart378
}

attributes #​2 = { nounwind }
attributes #​3 = { nounwind readnone }

!tbaa = !{#0, !​1, !​3, !​4, !​6, !​26, !​32, !​36, !​142, !​156, !​175}

!​0 = !{!"tbaa2200"}
!​1 = !{#2, !​2, i64 0}
!​2 = !{!"data", !​0}
!​3 = !{!"ctrl", !​0}
!​4 = !{#5, !​5, i64 0}
!​5 = !{!"mem", !​2}
!​6 = !{#7, !​7, i64 0}
!​7 = !{!"grs", !​2}
!​26 = !{#27, !​27, i64 0}
!​27 = !{!"X9", !​7}
!​32 = !{#33, !​33, i64 0}
!​33 = !{!"A0", !​7}
!​36 = !{#37, !​37, i64 0}
!​37 = !{!"A2", !​7}
!​142 = !{#143, !​143, i64 0}
!​143 = !{!"breg", !​3}
!​156 = !{#157, !​157, i64 0}
!​157 = !{!"carry", !​3}
!​175 = !{#176, !​176, i64 0, i32 1}
!​176 = !{!"const", !​3}
!​181 = !{}

kharris@cm-mariner35:~/bisect> diff -u badf14_oldgvn.ll badf14_newgvn.ll
--- badf14_oldgvn.ll 2017-06-14 16:17:34.464035637 -0500
+++ badf14_newgvn.ll 2017-06-14 16:17:53.728617037 -0500
@@ -4,11 +4,8 @@
%MNR_struct = type { i64, i64, %DS_struct* }
%DS_struct = type { [32 x i64*], i8, [32 x i16] }

-; Function Attrs: nounwind readnone
-declare i64 @​llvm.x86.bmi.bextr.64(i64, i64) #​0

; Function Attrs: nounwind
-define %MNR_struct @​f000316011717_2(%DS_struct* nocapture %pDS, [64 x i64]* nocapture %pCG) local_unnamed_addr #​1 {
+define %MNR_struct @​f000316011717_2(%DS_struct* nocapture %pDS, [64 x i64]* nocapture %pCG) local_unnamed_addr #​0 {
Entry:
%pCarry = getelementptr %DS_struct, %DS_struct* %pDS, i64 0, i32 1
%pbase = getelementptr %DS_struct, %DS_struct* %pDS, i64 0, i32 0, i64 0
@@ -27,31 +24,20 @@
"BB3.000316011731#1.1": ; preds = %"BB3.000316011731#1"
%pbase8 = getelementptr %DS_struct, %DS_struct* %pDS, i64 0, i32 0, i64 29
%base9 = load i64*, i64** %pbase8, align 8, !tbaa !​14

• %absaddr1 = getelementptr i64, i64* %base9, i64 7
• %rmem = load i64, i64* %absaddr1, align 8, !tbaa !​4
• %shifts1 = zext i16 %shifts to i64
• %val = tail call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem, i64 %shifts1)
• %preg = getelementptr [64 x i64], [64 x i64]* %pCG, i64 0, i64 12
• store i64 %val, i64* %preg, align 32, !tbaa !​10
  %preg2 = getelementptr [64 x i64], [64 x i64]* %pCG, i64 0, i64 14
  %reg = load i64, i64* %preg2, align 16, !tbaa !​12
  %absaddr2 = getelementptr i64, i64* %base9, i64 %reg
  %rmem2 = load i64, i64* %absaddr2, align 8, !tbaa !​4
  %preg7 = getelementptr [64 x i64], [64 x i64]* %pCG, i64 0, i64 9
  store i64 %rmem2, i64* %preg7, align 8, !tbaa !​8
• %add2c279 = add i64 %val, %rmem2
• %add2c279.lobit = lshr i64 %add2c279, 63
• %0 = trunc i64 %add2c279.lobit to i8
• %.not = xor i8 %0, 1
• store i8 %.not, i8* %pCarry, align 1, !tbaa !​16

• store i8 1, i8* %pCarry, align 1, !tbaa !​16
  br label %Exit

Exit: ; preds = %Entry, %"BB3.000316011731#1", %"BB3.000316011731#1.1"
ret %MNR_struct undef
}

-attributes #​0 = { nounwind readnone }
-attributes #​1 = { nounwind }
+attributes #​0 = { nounwind }

!tbaa = !{#0, !​1, !​3, !​4, !​6, !​8, !​10, !​12, !​14, !​16, !​18}

Please let me know if you need any additional help with figuring out the problem. I suspect that I may be able to discover additional new GVN bugs after this one is fixed. Looking at the other improvements in generated code, it looks like the new GVN would really help the performance of our application. So we would really like to see the new GVN become the default ASAP.

[llvmbot]

I'll try to take a look at this after i fix the current set of known bugs.
Note that it's unreachable/unused code elimination is pretty stable, as is load/store equivalence.

[llvmbot]

So, at this point, i do not get the same differenecs you do on the minimized testcase but i understand what is wrong.
I get:
╰─ diff -up b.ll a.ll  ✔  10733  11:56:37
--- gvn.ll 2018-01-09 11:56:36.000000000 -0800
+++ newgvn.ll 2018-01-09 11:56:32.000000000 -0800
@@ -38,9 +38,8 @@ BB2.000316011731.5:

"BB3.000316011731#1.1": ; preds = %"BB3.000316011731#1"
%shifts1 = zext i16 %shifts to i64

• %val = call i64 @​llvm.x86.bmi.bextr.64(i64 %rmem, i64 %shifts1)
  %preg = getelementptr [64 x i64], [64 x i64]* %pCG, i64 0, i64 12
• store i64 %val, i64* %preg, align 32, !tbaa !​10

• store i64 undef, i64* %preg, align 32, !tbaa !​10
  %preg2 = getelementptr [64 x i64], [64 x i64]* %pCG, i64 0, i64 14
  %reg = load i64, i64* %preg2, align 16, !tbaa !​12
  %base2 = load i64*, i64** %pbase8, !tbaa !​14
  @@ -48,16 +47,23 @@ BB2.000316011731.5:
  %rmem2 = load i64, i64* %absaddr2, align 8, !tbaa !​1
  %preg7 = getelementptr [64 x i64], [64 x i64]* %pCG, i64 0, i64 9
  store i64 %rmem2, i64* %preg7, align 8, !tbaa !​8

• %add2c279 = add i64 %rmem2, %val

• %add2c279 = add i64 %rmem2, undef
  %cchk = icmp sge i64 %add2c279, 0
  %cfl = zext i1 %cchk to i8
  store i8 %cfl, i8* %pCarry, align 1, !tbaa !​16
  br label %Exit

Exit: ; preds = %"BB3.000316011731#1.1", %BB2.000316011731.5

• ret %MNR_struct undef

• %restart378 = load %MNR_struct, %MNR_struct* %restart
• ret %MNR_struct %restart378
  }

+; Function Attrs: nounwind readnone
+declare i64 @​llvm.ssa.copy.i64(i64 returned) #​0
+
+; Function Attrs: nounwind readnone
+declare i16 @​llvm.ssa.copy.i16(i16 returned) #​0
+
attributes #​0 = { nounwind readnone }
attributes #​1 = { nounwind }

This is a simple bug caused by this line:
if (LeaderUseCount == 0 && II)
It will only affect intrinsics, and accidentally eliminate them.

Above, we do this:

      auto *II = dyn_cast<IntrinsicInst>(DominatingLeader);
      if (II && II->getIntrinsicID() == Intrinsic::ssa_copy)
        DominatingLeader = II->getOperand(0);

Note the check on the intrinsic ID above.
This is causing us to delete intrinsics when they become used as a replacement in some cases.

Patch coming

[llvmbot]

Also note that the return undef is correct for the minimized example, because it's loading an alloca that has never been stored into.