Download Raw Diff

Details

Reviewers

nikic
mkazantsev
efriedma

Commits

rGeede4846a99b: [SCEV] Allow negative steps for LT exit count computation for unsigned…

Summary

This bit of code is incredibly suspicious. It allows fully unknown (but potentially negative) steps, but not steps known to be negative. The comment about scev flag inference is worrying, but also not correct to my knowledge.

At best, this might be covering up some related miscompile. However, there's no test in tree for it, the review history doesn't include obvious motivation, and the C++ example doesn't appear to give wrong results when hand translated to IR. I think it's time to remove this and see what falls out.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

reames created this revision.Jun 11 2021, 11:35 AM

Herald added subscribers: javed.absar, bollu, hiraditya, mcrosier. · View Herald TranscriptJun 11 2021, 11:35 AM

reames requested review of this revision.Jun 11 2021, 11:35 AM

Herald added a project: Restricted Project. · View Herald TranscriptJun 11 2021, 11:35 AM

Harbormaster completed remote builds in B108862: Diff 351513.Jun 11 2021, 12:29 PM

efriedma added inline comments.Jun 13 2021, 6:56 PM

llvm/lib/Analysis/ScalarEvolution.cpp
11710–11718	Does the logic here actually work correctly for step=0? It looks like we end up dividing by zero. If we can prove the step is non-zero, loopIsFiniteByAssumption seems too aggressive; a lack of abnormal exits should be enough. We'll hit UB after a finite number of steps. Using isKnownPositive doesn't really make sense in the unsigned case; an unsigned number can't be negative.

reames added inline comments.Jun 14 2021, 9:54 AM

llvm/lib/Analysis/ScalarEvolution.cpp
11710–11718	Step can't be zero, or the loop would be infinite. Though, actually, writing that, I see a latent bug here. The loop could be finite because we took another exit, the step of this IV could still be zero, and we could still have a divide by zero along this path. I don't think that has anything to do with this change though. p.s. Yes, we can infer non-zero other ways. I even have one patch out to do that right now. :)

efriedma added inline comments.Jun 14 2021, 10:38 AM

llvm/lib/Analysis/ScalarEvolution.cpp
11710–11718	I agree this patch makes sense, just saying it might expose other issues. because we took another exit Even if we take this exit. If the backedge-taken count is zero, the step doesn't matter.

reames added inline comments.Jun 15 2021, 8:58 AM

llvm/lib/Analysis/ScalarEvolution.cpp
11710–11718	Eli, I think you're missing the point slightly. For the induction step to be zero, and for this to be the sole exit, then the loop must be infinite. Since mustprogress infinite loops are undefined, any result from this function is allowed. If there's a divide by zero which causes a compiler crash, that would be bad, but literally any result is legal at that point.

efriedma added inline comments.Jun 15 2021, 11:55 AM

llvm/lib/Analysis/ScalarEvolution.cpp
11710–11718	If the induction step is zero, and this is the sole exit, the loop is either infinite, or has a backedge-taken count of zero. See, for example, https://godbolt.org/z/9djfj1Ycq .

reames added inline comments.Jun 15 2021, 12:15 PM

llvm/lib/Analysis/ScalarEvolution.cpp
11710–11718	Gah, yeah, you're correct. No idea why I didn't see that the first time.

nikic mentioned this in D104066: [SCEV] Use knowledge of stride to prove loops finite for LT exit count computation.Jun 22 2021, 1:07 AM

reames added a parent revision: D105216: [ScalarEvolution] Fix overflow in computeBECount..Jul 15 2021, 2:21 PM

reames mentioned this in rG5c57600b934a: [tests] Precommit test for D104140.Jul 16 2021, 10:58 AM

Rebase over tests which actually exercise code and show difference.

The zero stride issue was fixed separately. This still depends on Eli's patch for overflow correctness. Once that's fixed, I think this will be safe.

It's worth noting that given a condition which dominates the latch, an IV which has either nsw or nuw, and a negative step, the exit backedge taken must be either 0 or 1. For it to be more than that, we must perform at least two adds of negative value which must by definition wrap. As a result, we could do much better in terms of formulas specific for negative strides, but I'm not really interested in bothering. The main value of this patch is in making it easier to exercise the general path via tests.

Herald added a subscriber: xgupta. · View Herald TranscriptJul 16 2021, 11:17 AM

Harbormaster completed remote builds in B114553: Diff 359395.Jul 16 2021, 11:17 AM

efriedma added inline comments.Jul 16 2021, 12:35 PM

llvm/lib/Analysis/ScalarEvolution.cpp
11556–11560	Is the unconditional use of "smax" here going to cause issues?
11571	Instead of computing `min(End, Limit) - Start`, should we be using `max(End, Start) - Start` like we do elsewhere?
11704	This is inductive logic, right? If the first iteration doesn't the loop, the following iterations also can't exit the loop. I think this logic requires that RHS is invariant? Not that we would compute BECount anyway in that case, but I think we might underestimate MaxBECount.

efriedma added inline comments.Jul 16 2021, 12:46 PM

llvm/lib/Analysis/ScalarEvolution.cpp
11556–11560	Oh, also, if BitWidth is one, "One" is a negative number. `isKnownNonPositive(Stride)` guards against this, since it's always true for an i1 value. :)

efriedma added inline comments.Jul 16 2021, 1:03 PM

llvm/lib/Analysis/ScalarEvolution.cpp
11556–11560	I'll write a patch for computeMaxBECountForLT.

efriedma mentioned this in D106197: [ScalarEvolution] Refine computeMaxBECountForLT to be accurate in more cases..Jul 16 2021, 4:26 PM

Posted D106197. That addresses all my review comments here except the one about the RHS being invariant.

Address Eli's review comment which isn't covered by D106197.

I'm going to land some tests for this case and probably split this patch since this appears to be a flaw in the existing logic for potentially zero strides.

Harbormaster completed remote builds in B114970: Diff 359947.Jul 19 2021, 3:49 PM

reames added a parent revision: D106197: [ScalarEvolution] Refine computeMaxBECountForLT to be accurate in more cases..Jul 19 2021, 3:50 PM

efriedma added inline comments.Jul 19 2021, 4:03 PM

llvm/lib/Analysis/ScalarEvolution.cpp
11701	I think this needs to be "if the stride is negative and rhs is invariant".

reames mentioned this in D106327: [SCEV] Fix bug involving zero step and non-invariant RHS in trip count logic.Jul 19 2021, 5:37 PM

Needs to be rebased over D106327 once landed.

reames mentioned this in rG4a3dc7dc9a03: [SCEV] Fix bug involving zero step and non-invariant RHS in trip count logic.Jul 23 2021, 3:19 PM

reames added inline comments.Jul 26 2021, 4:31 PM

llvm/lib/Analysis/ScalarEvolution.cpp
11701	I've given this a lot of thought and I don't believe this is true. Let me explain why I think the code is correct, and you can poke holes in my reasoning. :) A negative stride must be greater than half of the addressable space. Thus, we can only add a negative stride once without producing poison. We check that if IV becomes poison that the loop must execute UB. (This is the purpose of the ControlsExit check combined with the flag check.) Thus, we don't have to worry about IV being poison, but another exit being taken before the one we're analyzing. (This is important as it cuts off a lot of subtle edge case reasoning.) As a result, we can infer that IV must add the step at most once. Given we must increment IV on each iteration, this implies the backedge is not taken. Note that the value of RHS did not appear in any of that logic. Chasing through the code for computeMaxBECountForLT, we appear to produce a correct/conservative result for a negative stride. Do you have a particular counter example in mind? p.s. The means by which we prove poison triggers immediate UB could be generalized easily here. Maybe something to explore in the future if we want to expand support for multiple exit loops.

efriedma added inline comments.Jul 26 2021, 5:30 PM

llvm/lib/Analysis/ScalarEvolution.cpp
11701	I was thinking of something like this: int a(int *x) { int i = 0; do { i -= 2; } while (i < x[i]); return i; } int main() { int z[] = {-100000,0,0,0,}; __builtin_printf("%d\n", a(z+4)); } Am I missing some condition that excludes this?

reames added inline comments.Jul 27 2021, 5:45 PM

llvm/lib/Analysis/ScalarEvolution.cpp
11701	Quick answer: I'd gotten myself confused on nsw semantics of add w/negative RHS again. Long answer to follow once I've given it a bit more thought.

Narrowing focus to unsigned comparisons.

The reasoning about signed cases makes my head hurt, and even after staring at it for a while, I'm neither sure the code is correct or incorrect for signed comparisons. Give my actual interest is unsigned IVs, I propose we just defer the signed cases until someone else has time, interest, and the ability to reason through it.

@efriedma Sorry for the silence on this for so long.

p.s. I'm going to mark this as dependent on D109029 as the diff is built on top of that patch and might be confusing otherwise, but there's no semantic connection between the two.

reames added a parent revision: D109029: [SCEV] Clarify requirements for zero-stride to be UB.Aug 31 2021, 3:59 PM

Harbormaster completed remote builds in B122009: Diff 369813.Aug 31 2021, 3:59 PM

@efriedma ping?

LGTM

This revision is now accepted and ready to land.Sep 9 2021, 12:37 PM

This revision was landed with ongoing or failed builds.Sep 9 2021, 2:30 PM

Closed by commit rGeede4846a99b: [SCEV] Allow negative steps for LT exit count computation for unsigned… (authored by reames). · Explain Why

This revision was automatically updated to reflect the committed changes.

reames added a commit: rGeede4846a99b: [SCEV] Allow negative steps for LT exit count computation for unsigned….

Diff 371722

llvm/lib/Analysis/ScalarEvolution.cpp

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 11,533 Lines • ▼ Show 20 Lines	const SCEV ScalarEvolution::computeMaxBECountForLT(const SCEV Start,
const SCEV *End,		const SCEV *End,
unsigned BitWidth,		unsigned BitWidth,
bool IsSigned) {		bool IsSigned) {
// The logic in this function assumes we can represent a positive stride.		// The logic in this function assumes we can represent a positive stride.
// If we can't, the backedge-taken count must be zero.		// If we can't, the backedge-taken count must be zero.
if (IsSigned && BitWidth == 1)		if (IsSigned && BitWidth == 1)
return getZero(Stride->getType());		return getZero(Stride->getType());

		// This code has only been closely audited for negative strides in the
		// unsigned comparison case, it may be correct for signed comparison, but
		// that needs to be established.
		assert((!IsSigned \|\| !isKnownNonPositive(Stride)) &&
		"Stride is expected strictly positive for signed case!");

// Calculate the maximum backedge count based on the range of values		// Calculate the maximum backedge count based on the range of values
// permitted by Start, End, and Stride.		// permitted by Start, End, and Stride.
APInt MinStart =		APInt MinStart =
IsSigned ? getSignedRangeMin(Start) : getUnsignedRangeMin(Start);		IsSigned ? getSignedRangeMin(Start) : getUnsignedRangeMin(Start);

APInt MinStride =		APInt MinStride =
IsSigned ? getSignedRangeMin(Stride) : getUnsignedRangeMin(Stride);		IsSigned ? getSignedRangeMin(Stride) : getUnsignedRangeMin(Stride);

// We assume either the stride is positive, or the backedge-taken count		// We assume either the stride is positive, or the backedge-taken count
// is zero. So force StrideForMaxBECount to be at least one.		// is zero. So force StrideForMaxBECount to be at least one.
APInt One(BitWidth, 1);		APInt One(BitWidth, 1);
APInt StrideForMaxBECount = IsSigned ? APIntOps::smax(One, MinStride)		APInt StrideForMaxBECount = IsSigned ? APIntOps::smax(One, MinStride)
: APIntOps::umax(One, MinStride);		: APIntOps::umax(One, MinStride);
		efriedmaUnsubmitted Not Done Reply Inline Actions Is the unconditional use of "smax" here going to cause issues? efriedma: Is the unconditional use of "smax" here going to cause issues?
		efriedmaUnsubmitted Not Done Reply Inline Actions Oh, also, if BitWidth is one, "One" is a negative number. `isKnownNonPositive(Stride)` guards against this, since it's always true for an i1 value. :) efriedma: Oh, also, if BitWidth is one, "One" is a negative number. `isKnownNonPositive(Stride)` guards…
		efriedmaUnsubmitted Not Done Reply Inline Actions I'll write a patch for computeMaxBECountForLT. efriedma: I'll write a patch for computeMaxBECountForLT.

APInt MaxValue = IsSigned ? APInt::getSignedMaxValue(BitWidth)		APInt MaxValue = IsSigned ? APInt::getSignedMaxValue(BitWidth)
: APInt::getMaxValue(BitWidth);		: APInt::getMaxValue(BitWidth);
APInt Limit = MaxValue - (StrideForMaxBECount - 1);		APInt Limit = MaxValue - (StrideForMaxBECount - 1);

// Although End can be a MAX expression we estimate MaxEnd considering only		// Although End can be a MAX expression we estimate MaxEnd considering only
// the case End = RHS of the loop termination condition. This is safe because		// the case End = RHS of the loop termination condition. This is safe because
// in the other case (End - Start) is zero, leading to a zero maximum backedge		// in the other case (End - Start) is zero, leading to a zero maximum backedge
// taken count.		// taken count.
APInt MaxEnd = IsSigned ? APIntOps::smin(getSignedRangeMax(End), Limit)		APInt MaxEnd = IsSigned ? APIntOps::smin(getSignedRangeMax(End), Limit)
: APIntOps::umin(getUnsignedRangeMax(End), Limit);		: APIntOps::umin(getUnsignedRangeMax(End), Limit);
		efriedmaUnsubmitted Not Done Reply Inline Actions Instead of computing `min(End, Limit) - Start`, should we be using `max(End, Start) - Start` like we do elsewhere? efriedma: Instead of computing `min(End, Limit) - Start`, should we be using `max(End, Start) - Start`…

// MaxBECount = ceil((max(MaxEnd, MinStart) - MinStart) / Stride)		// MaxBECount = ceil((max(MaxEnd, MinStart) - MinStart) / Stride)
MaxEnd = IsSigned ? APIntOps::smax(MaxEnd, MinStart)		MaxEnd = IsSigned ? APIntOps::smax(MaxEnd, MinStart)
: APIntOps::umax(MaxEnd, MinStart);		: APIntOps::umax(MaxEnd, MinStart);

return getUDivCeilSCEV(getConstant(MaxEnd - MinStart) /* Delta */,		return getUDivCeilSCEV(getConstant(MaxEnd - MinStart) /* Delta */,
getConstant(StrideForMaxBECount) /* Step */);		getConstant(StrideForMaxBECount) /* Step */);
}		}
▲ Show 20 Lines • Show All 113 Lines • ▼ Show 20 Lines	if (!PositiveStride) {
//		//
// a) IV is either nuw or nsw depending upon signedness (indicated by the		// a) IV is either nuw or nsw depending upon signedness (indicated by the
// NoWrap flag).		// NoWrap flag).
// b) the loop is guaranteed to be finite (e.g. is mustprogress and has		// b) the loop is guaranteed to be finite (e.g. is mustprogress and has
// no side effects within the loop)		// no side effects within the loop)
// c) loop has a single static exit (with no abnormal exits)		// c) loop has a single static exit (with no abnormal exits)
//		//
// Precondition a) implies that if the stride is negative, this is a single		// Precondition a) implies that if the stride is negative, this is a single
// trip loop. The backedge taken count formula reduces to zero in this case.		// trip loop. The backedge taken count formula reduces to zero in this case.
		efriedmaUnsubmitted Not Done Reply Inline Actions I think this needs to be "if the stride is negative and rhs is invariant". efriedma: I think this needs to be "if the stride is negative and rhs is invariant".
		reamesAuthorUnsubmitted Done Reply Inline Actions I've given this a lot of thought and I don't believe this is true. Let me explain why I think the code is correct, and you can poke holes in my reasoning. :) A negative stride must be greater than half of the addressable space. Thus, we can only add a negative stride once without producing poison. We check that if IV becomes poison that the loop must execute UB. (This is the purpose of the ControlsExit check combined with the flag check.) Thus, we don't have to worry about IV being poison, but another exit being taken before the one we're analyzing. (This is important as it cuts off a lot of subtle edge case reasoning.) As a result, we can infer that IV must add the step at most once. Given we must increment IV on each iteration, this implies the backedge is not taken. Note that the value of RHS did not appear in any of that logic. Chasing through the code for computeMaxBECountForLT, we appear to produce a correct/conservative result for a negative stride. Do you have a particular counter example in mind? p.s. The means by which we prove poison triggers immediate UB could be generalized easily here. Maybe something to explore in the future if we want to expand support for multiple exit loops. reames: I've given this a lot of thought and I don't believe this is true. Let me explain why I think…
		efriedmaUnsubmitted Not Done Reply Inline Actions I was thinking of something like this: int a(int x) { int i = 0; do { i -= 2; } while (i < x[i]); return i; } int main() { int z[] = {-100000,0,0,0,}; __builtin_printf("%d\n", a(z+4)); } Am I missing some condition that excludes this? efriedma:* I was thinking of something like this: ``` int a(int *x) { int i = 0; do { i -= 2; }…
		reamesAuthorUnsubmitted Done Reply Inline Actions Quick answer: I'd gotten myself confused on nsw semantics of add w/negative RHS again. Long answer to follow once I've given it a bit more thought. reames: Quick answer: I'd gotten myself confused on nsw semantics of add w/negative RHS again. Long…
//		//
// Precondition b) and c) combine to imply that if rhs is invariant in L,		// Precondition b) and c) combine to imply that if rhs is invariant in L,
// then a zero stride means the backedge can't be taken without executing		// then a zero stride means the backedge can't be taken without executing
		efriedmaUnsubmitted Not Done Reply Inline Actions This is inductive logic, right? If the first iteration doesn't the loop, the following iterations also can't exit the loop. I think this logic requires that RHS is invariant? Not that we would compute BECount anyway in that case, but I think we might underestimate MaxBECount. efriedma: This is inductive logic, right? If the first iteration doesn't the loop, the following…
// undefined behavior.		// undefined behavior.
//		//
// The positive stride case is the same as isKnownPositive(Stride) returning		// The positive stride case is the same as isKnownPositive(Stride) returning
// true (original behavior of the function).		// true (original behavior of the function).
//		//
// We want to make sure that the stride is truly unknown as there are edge		if (PredicatedIV \|\| !NoWrap \|\| !loopIsFiniteByAssumption(L) \|\|
// cases where ScalarEvolution propagates no wrap flags to the		!loopHasNoAbnormalExits(L))
// post-increment/decrement IV even though the increment/decrement operation		return getCouldNotCompute();
// itself is wrapping. The computed backedge taken count may be wrong in
// such cases. This is prevented by checking that the stride is not known to		// This bailout is protecting the logic in computeMaxBECountForLT which
// be either positive or non-positive. For example, no wrap flags are		// has not yet been sufficiently auditted or tested with negative strides.
// propagated to the post-increment IV of this loop with a trip count of 2 -		// We used to filter out all known-non-positive cases here, we're in the
//		// process of being less restrictive bit by bit.
// unsigned char i;		if (IsSigned && isKnownNonPositive(Stride))
		efriedmaUnsubmitted Not Done Reply Inline Actions Does the logic here actually work correctly for step=0? It looks like we end up dividing by zero. If we can prove the step is non-zero, loopIsFiniteByAssumption seems too aggressive; a lack of abnormal exits should be enough. We'll hit UB after a finite number of steps. Using isKnownPositive doesn't really make sense in the unsigned case; an unsigned number can't be negative. efriedma: Does the logic here actually work correctly for step=0? It looks like we end up dividing by…
		reamesAuthorUnsubmitted Done Reply Inline Actions Step can't be zero, or the loop would be infinite. Though, actually, writing that, I see a latent bug here. The loop could be finite because we took another exit, the step of this IV could still be zero, and we could still have a divide by zero along this path. I don't think that has anything to do with this change though. p.s. Yes, we can infer non-zero other ways. I even have one patch out to do that right now. :) reames: Step can't be zero, or the loop would be infinite. Though, actually, writing that, I see a…
		efriedmaUnsubmitted Not Done Reply Inline Actions I agree this patch makes sense, just saying it might expose other issues. because we took another exit Even if we take this exit. If the backedge-taken count is zero, the step doesn't matter. efriedma: I agree this patch makes sense, just saying it might expose other issues. > *because we took…
		reamesAuthorUnsubmitted Done Reply Inline Actions Eli, I think you're missing the point slightly. For the induction step to be zero, and for this to be the sole exit, then the loop must be infinite. Since mustprogress infinite loops are undefined, any result from this function is allowed. If there's a divide by zero which causes a compiler crash, that would be bad, but literally any result is legal at that point. reames: Eli, I think you're missing the point slightly. For the induction step to be zero, and for…
		efriedmaUnsubmitted Not Done Reply Inline Actions If the induction step is zero, and this is the sole exit, the loop is either infinite, or has a backedge-taken count of zero. See, for example, https://godbolt.org/z/9djfj1Ycq . efriedma: If the induction step is zero, and this is the sole exit, the loop is either infinite, or has a…
		reamesAuthorUnsubmitted Done Reply Inline Actions Gah, yeah, you're correct. No idea why I didn't see that the first time. reames: Gah, yeah, you're correct. No idea why I didn't see that the first time.
// for(i=127; i<128; i+=129)
// A[i] = i;
//
if (PredicatedIV \|\| !NoWrap \|\| isKnownNonPositive(Stride) \|\|
!loopIsFiniteByAssumption(L) \|\| !loopHasNoAbnormalExits(L))
return getCouldNotCompute();		return getCouldNotCompute();

if (!isKnownNonZero(Stride)) {		if (!isKnownNonZero(Stride)) {
// If we have a step of zero, and RHS isn't invariant in L, we don't know		// If we have a step of zero, and RHS isn't invariant in L, we don't know
// if it might eventually be greater than start and if so, on which		// if it might eventually be greater than start and if so, on which
// iteration. We can't even produce a useful upper bound.		// iteration. We can't even produce a useful upper bound.
if (!isLoopInvariant(RHS, L))		if (!isLoopInvariant(RHS, L))
return getCouldNotCompute();		return getCouldNotCompute();
▲ Show 20 Lines • Show All 1,933 Lines • Show Last 20 Lines

llvm/test/Analysis/ScalarEvolution/trip-count-negative-stride.ll

Show First 20 Lines • Show All 78 Lines • ▼ Show 20 Lines	for.body: ; preds = %entry, %for.body
%cmp = icmp ult i8 %add, 128		%cmp = icmp ult i8 %add, 128
br i1 %cmp, label %for.body, label %for.end		br i1 %cmp, label %for.body, label %for.end

for.end: ; preds = %for.body, %entry		for.end: ; preds = %for.body, %entry
ret void		ret void
}		}

; CHECK-LABEL: Determining loop execution counts for: @ult_129_unknown_start		; CHECK-LABEL: Determining loop execution counts for: @ult_129_unknown_start
; CHECK: Loop %for.body: Unpredictable backedge-taken count		; CHECK: Loop %for.body: backedge-taken count is (((127 + (-1 * (1 umin (127 + (-1 * %start) + (-128 umax (-127 + %start)))))<nuw><nsw> + (-1 * %start) + (-128 umax (-127 + %start))) /u -127) + (1 umin (127 + (-1 * %start) + (-128 umax (-127 + %start)))))
; CHECK: Loop %for.body: Unpredictable max backedge-taken count		; CHECK: Loop %for.body: max backedge-taken count is 1

define void @ult_129_unknown_start(i8 %start) mustprogress {		define void @ult_129_unknown_start(i8 %start) mustprogress {
entry:		entry:
br label %for.body		br label %for.body

for.body: ; preds = %entry, %for.body		for.body: ; preds = %entry, %for.body
%i.05 = phi i8 [ %add, %for.body ], [ %start, %entry ]		%i.05 = phi i8 [ %add, %for.body ], [ %start, %entry ]
%add = add nuw i8 %i.05, 129		%add = add nuw i8 %i.05, 129
▲ Show 20 Lines • Show All 395 Lines • Show Last 20 Lines

This is an archive of the discontinued LLVM Phabricator instance.

[SCEV] Allow negative steps for LT exit count computation for unsigned comparisons
ClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 371722

llvm/lib/Analysis/ScalarEvolution.cpp

llvm/test/Analysis/ScalarEvolution/trip-count-negative-stride.ll

This is an archive of the discontinued LLVM Phabricator instance.

[SCEV] Allow negative steps for LT exit count computation for unsigned comparisonsClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 371722

llvm/lib/Analysis/ScalarEvolution.cpp

llvm/test/Analysis/ScalarEvolution/trip-count-negative-stride.ll

[SCEV] Allow negative steps for LT exit count computation for unsigned comparisons
ClosedPublic