This is an archive of the discontinued LLVM Phabricator instance.

Differential D109289

[InstCombine] snprintf(NULL, 0, "%s", str) to strlen(str)
Needs ReviewPublic

Authored by xbolva00 on Sep 5 2021, 7:49 AM.

Details

Reviewers
efriedma
bjope
jdoerfert

Diff Detail

Event Timeline

xbolva00 created this revision.Sep 5 2021, 7:49 AM
Herald added a subscriber: hiraditya. · View Herald TranscriptSep 5 2021, 7:49 AM
xbolva00 requested review of this revision.Sep 5 2021, 7:49 AM
Herald added a project: Restricted Project. · View Herald TranscriptSep 5 2021, 7:49 AM
Herald added a subscriber: llvm-commits. · View Herald Transcript
xbolva00 added inline comments.Sep 5 2021, 7:50 AM
llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
2597

snprintf returns int, strlen returns size_t so... trunc should be fine?

Harbormaster completed remote builds in B122682: Diff 370803.Sep 5 2021, 8:37 AM
hafixo added a commit: rCRT373035: hwasan: Compatibility fixes for short granules..Sep 6 2021, 12:44 AM
hafixo added a commit: rGc336557f0238: hwasan: Compatibility fixes for short granules..Sep 6 2021, 12:47 AM
thopre removed a commit: rGc336557f0238: hwasan: Compatibility fixes for short granules..Sep 7 2021, 2:47 AM
thopre removed a commit: rCRT373035: hwasan: Compatibility fixes for short granules..Sep 7 2021, 2:51 AM
xbolva00 added a comment.Sep 12 2021, 4:02 PM

Ping

xbolva00 added reviewers: bjope, jdoerfert.Sep 14 2021, 7:47 AM
bjope added inline comments.Sep 15 2021, 10:29 AM
llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
2594

Is there a specific use-case for doing this (I guess a user could use strlen instead if that is what they want). Is it to save cycles due to strlen probably being faster, or because it is more likely that there are subsequent transformations involving strlen?

2597

Isn't the transform only valid if the number of bits in CI is greater than the number of bits in V?
I.e. the unsigned value returned by strlen must fit into the non-negative part of the signed destination type. And given that constraint we always need the trunc.

bjope added inline comments.Sep 15 2021, 10:33 AM
llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
2597

Well, given that constraint we always need a zext, not trunc.

xbolva00 added inline comments.Sep 15 2021, 10:45 AM
llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
2597

zext? We need change from i64 (from newly added strlen) to i32 (return type of snprintf)

bjope added inline comments.Sep 15 2021, 10:46 AM
llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
2597

If we consider the case when the value returned by strlen as size_t would be out-of-range for the non-negative range of int, then I guess snprintf should return a negative value? Or is the result undefined (I haven't seen any documentation saying anything about such cases for snprintf, while for strlen it says that the result in undefined if no null-termination is found)?

Either way it would be ok to do the transformation when sizeof(size_t)==sizeof(int), because that would give a negative value if the strlen result is out-of-range for the int.

But if sizeof(size_t)>sizeof(int), then maybe we need to saturate the value instead of doing a trunc, just to be safe?

bjope added inline comments.Sep 1 2023, 8:44 AM
llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
2597

I was looking through old phabricator reviews still open, and tried to understand this conversation :-)

(And I think that I might have mixed up which function that returned int and size_t in some comments.)

What I've found out since last time is that, as described here https://www.austingroupbugs.net/view.php?id=761, the C standard (C11?) seems to have clarified that behavior is undefined if "The number of characters or wide characters transmitted by a formatted output function (or written to an array, or that would have been written to an array) is greater than INT_MAX (7.21.6.1, 7.29.2.1).".

And IIUC the snprintf would never return a negative value indicating conversion error for %s.

So it seems like we can assume that the snprintf return a value in the range [0, INT_MAX] or else it would be undefined.

Then I think we either need to check that sizeof(size_t) >= sizeof(int) (e.g. by comparing the type size for CI and V), to ensure that trunc is correct choice when the sizes aren't equal. If sizeof(size_t) < sizeof(int) (which probably is more unlikely) we could just skip doing the optimization (or we could make sure there will be a zext, e.g. by using CreateIntCast(V, CI->getType(), false)).

Herald added a project: Restricted Project. · View Herald TranscriptSep 1 2023, 8:44 AM

Revision Contents

PathSize
llvm/
lib/
Transforms/
Utils/
8 lines
test/
Transforms/
InstCombine/
20 lines

Diff 370803

llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp

Show First 20 LinesShow All 2,585 Lines▼ Show 20 Lines if (FormatStr[1] == 'c') {
B.CreateStore(V, Ptr); B.CreateStore(V, Ptr);
Ptr = B.CreateGEP(B.getInt8Ty(), Ptr, B.getInt32(1), "nul"); Ptr = B.CreateGEP(B.getInt8Ty(), Ptr, B.getInt32(1), "nul");
B.CreateStore(B.getInt8(0), Ptr); B.CreateStore(B.getInt8(0), Ptr);
return ConstantInt::get(CI->getType(), 1); return ConstantInt::get(CI->getType(), 1);
} }
if (FormatStr[1] == 's') { if (FormatStr[1] == 's') {
// snprintf(NULL, 0, "%s", str) to strlen(str)
bjopeUnsubmitted
Not Done
ReplyInline Actions

Is there a specific use-case for doing this (I guess a user could use strlen instead if that is what they want). Is it to save cycles due to strlen probably being faster, or because it is more likely that there are subsequent transformations involving strlen?

bjope: Is there a specific use-case for doing this (I guess a user could use strlen instead if that is…
if (isa<ConstantPointerNull>(CI->getArgOperand(0)) && N == 0)
if (auto *V = emitStrLen(CI->getArgOperand(3), B, DL, TLI)) {
if (CI->getType() != V->getType())
xbolva00AuthorUnsubmitted
Done
ReplyInline Actions

snprintf returns int, strlen returns size_t so... trunc should be fine?

xbolva00: snprintf returns int, strlen returns size_t so... trunc should be fine?
bjopeUnsubmitted
Not Done
ReplyInline Actions

Isn't the transform only valid if the number of bits in CI is greater than the number of bits in V?
I.e. the unsigned value returned by strlen must fit into the non-negative part of the signed destination type. And given that constraint we always need the trunc.

bjope: Isn't the transform only valid if the number of bits in CI is greater than the number of bits…
bjopeUnsubmitted
Not Done
ReplyInline Actions

Well, given that constraint we always need a zext, not trunc.

bjope: Well, given that constraint we always need a zext, not trunc.
bjopeUnsubmitted
Not Done
ReplyInline Actions

If we consider the case when the value returned by strlen as size_t would be out-of-range for the non-negative range of int, then I guess snprintf should return a negative value? Or is the result undefined (I haven't seen any documentation saying anything about such cases for snprintf, while for strlen it says that the result in undefined if no null-termination is found)?

Either way it would be ok to do the transformation when sizeof(size_t)==sizeof(int), because that would give a negative value if the strlen result is out-of-range for the int.

But if sizeof(size_t)>sizeof(int), then maybe we need to saturate the value instead of doing a trunc, just to be safe?

bjope: If we consider the case when the value returned by strlen as size_t would be out-of-range for…
xbolva00AuthorUnsubmitted
Done
ReplyInline Actions

zext? We need change from i64 (from newly added strlen) to i32 (return type of snprintf)

xbolva00: zext? We need change from i64 (from newly added strlen) to i32 (return type of snprintf)
bjopeUnsubmitted
Not Done
ReplyInline Actions

I was looking through old phabricator reviews still open, and tried to understand this conversation :-)

(And I think that I might have mixed up which function that returned int and size_t in some comments.)

What I've found out since last time is that, as described here https://www.austingroupbugs.net/view.php?id=761, the C standard (C11?) seems to have clarified that behavior is undefined if "The number of characters or wide characters transmitted by a formatted output function (or written to an array, or that would have been written to an array) is greater than INT_MAX (7.21.6.1, 7.29.2.1).".

And IIUC the snprintf would never return a negative value indicating conversion error for %s.

So it seems like we can assume that the snprintf return a value in the range [0, INT_MAX] or else it would be undefined.

Then I think we either need to check that sizeof(size_t) >= sizeof(int) (e.g. by comparing the type size for CI and V), to ensure that trunc is correct choice when the sizes aren't equal. If sizeof(size_t) < sizeof(int) (which probably is more unlikely) we could just skip doing the optimization (or we could make sure there will be a zext, e.g. by using CreateIntCast(V, CI->getType(), false)).

bjope: I was looking through old phabricator reviews still open, and tried to understand this…
V = B.CreateTrunc(V, CI->getType());
return V;
}
// snprintf(dest, size, "%s", str) to llvm.memcpy(dest, str, len+1, 1) // snprintf(dest, size, "%s", str) to llvm.memcpy(dest, str, len+1, 1)
StringRef Str; StringRef Str;
if (!getConstantStringInfo(CI->getArgOperand(3), Str)) if (!getConstantStringInfo(CI->getArgOperand(3), Str))
return nullptr; return nullptr;
if (N == 0) if (N == 0)
return ConstantInt::get(CI->getType(), Str.size()); return ConstantInt::get(CI->getType(), Str.size());
else if (N < Str.size() + 1) else if (N < Str.size() + 1)
▲ Show 20 LinesShow All 891 LinesShow Last 20 Lines

llvm/test/Transforms/InstCombine/snprintf.ll

Show First 20 LinesShow All 130 Lines▼ Show 20 Lines
; CHECK-LABEL: @test_str_ok_size( ; CHECK-LABEL: @test_str_ok_size(
; CHECK-NEXT: [[TMP1:%.*]] = bitcast i8* [[BUF:%.*]] to i32* ; CHECK-NEXT: [[TMP1:%.*]] = bitcast i8* [[BUF:%.*]] to i32*
; CHECK-NEXT: store i32 7500915, i32* [[TMP1]], align 1 ; CHECK-NEXT: store i32 7500915, i32* [[TMP1]], align 1
; CHECK-NEXT: ret i32 3 ; CHECK-NEXT: ret i32 3
; ;
%call = call i32 (i8*, i64, i8*, ...) @snprintf(i8* %buf, i64 32, i8* getelementptr inbounds ([3 x i8], [3 x i8]* @.str.3, i64 0, i64 0), i8* getelementptr inbounds ([4 x i8], [4 x i8]* @.str, i64 0, i64 0)) #2 %call = call i32 (i8*, i64, i8*, ...) @snprintf(i8* %buf, i64 32, i8* getelementptr inbounds ([3 x i8], [3 x i8]* @.str.3, i64 0, i64 0), i8* getelementptr inbounds ([4 x i8], [4 x i8]* @.str, i64 0, i64 0)) #2
ret i32 %call ret i32 %call
} }
define i32 @snprint_unknown_str_len(i8* %fmt, i8* %s) {
; CHECK-LABEL: @snprint_unknown_str_len(
; CHECK-NEXT: [[LEN:%.*]] = call i32 (i8*, i64, i8*, ...) @snprintf(i8* null, i64 0, i8* [[FMT:%.*]], i8* [[S:%.*]])
; CHECK-NEXT: ret i32 [[LEN]]
;
%len = call i32 (i8*, i64, i8*, ...) @snprintf(i8* null, i64 0, i8* %fmt, i8* %s)
ret i32 %len
}
define i32 @snprint_to_strlen(i8* %s) {
; CHECK-LABEL: @snprint_to_strlen(
; CHECK-NEXT: [[STRLEN:%.*]] = call i64 @strlen(i8* noundef nonnull dereferenceable(1) [[S:%.*]])
; CHECK-NEXT: [[TMP1:%.*]] = trunc i64 [[STRLEN]] to i32
; CHECK-NEXT: ret i32 [[TMP1]]
;
%len = call i32 (i8*, i64, i8*, ...) @snprintf(i8* null, i64 0, i8* getelementptr inbounds ([3 x i8], [3 x i8]* @.str.3, i64 0, i64 0), i8* %s)
ret i32 %len
}