This is an archive of the discontinued LLVM Phabricator instance.

Differential D117356

InstructionCombining: avoid eliding mismatched alloc/free pairs
ClosedPublic

Authored by durin42 on Jan 14 2022, 1:18 PM.

Details

Reviewers
reames
jdoerfert
rsmith
nikic
ychen
jyknight
Commits
rG5e4c75db3b24: InstructionCombining: avoid eliding mismatched alloc/free pairs
Summary

Prior to this change LLVM would happily elide a call to any allocation
function and a call to any free function operating on the same unused
pointer. This can cause problems in some obscure cases, for example if
the body of operator::new can be inlined but the body of
operator::delete can't, as in this example from jyknight:

#include <stdlib.h>
#include <stdio.h>

int allocs = 0;

void *operator new(size_t n) {
    allocs++;
    void *mem = malloc(n);
    if (!mem) abort();
    return mem;
}

__attribute__((noinline)) void operator delete(void *mem) noexcept {
    allocs--;
    free(mem);
}

void deleteit(int*i) { delete i; }
int main() {
    int*i = new int;
    deleteit(i);
    if (allocs != 0)
      printf("MEMORY LEAK! allocs: %d\n", allocs);
}

This patch addresses the issue by introducing the concept of an
allocator function family and uses it to make sure that alloc/free
function pairs are only removed if they're in the same family.

Diff Detail

Event Timeline

durin42 created this revision.Jan 14 2022, 1:18 PM
Herald added a subscriber: hiraditya. · View Herald TranscriptJan 14 2022, 1:18 PM
durin42 requested review of this revision.Jan 14 2022, 1:18 PM
Herald added a reviewer: jdoerfert. · View Herald TranscriptJan 14 2022, 1:18 PM
Herald added a project: Restricted Project. · View Herald Transcript
Herald added subscribers: llvm-commits, sstefan1. · View Herald Transcript
durin42 added a parent revision: D117350: MemoryBuiltins: simplify isLibFreeFunction.Jan 14 2022, 1:18 PM
durin42 updated this revision to Diff 400130.Jan 14 2022, 1:21 PM

Fix table formatting goofs.

xbolva00 added a reviewer: rsmith.Jan 14 2022, 1:23 PM
xbolva00 added a subscriber: xbolva00.

cc @rsmith as he should be aware of these C++ new related changes.

nikic added a reviewer: nikic.Jan 14 2022, 1:39 PM
nikic added a subscriber: nikic.

Please upload patches with full context (-U99999), minimize the test (remove unnecessary attributes, don't use unnecessary allocas, etc), use update_test_checks.py and omit braces for single-line if statements.

durin42 updated this revision to Diff 400136.Jan 14 2022, 1:44 PM
durin42 added a subscriber: jyknight.

Split up C++ new families per @jyknight

durin42 updated this revision to Diff 400144.Jan 14 2022, 2:10 PM
Herald added a reviewer: ayermolo. · View Herald TranscriptJan 14 2022, 2:10 PM
ayermolo removed a reviewer: ayermolo.Jan 14 2022, 2:12 PM
durin42 added a comment.Jan 14 2022, 2:22 PM

After splitting the ::operator::new flavors into their own families, I'm getting a weird failure from new-delete-itanium.ll. test8 in that file should optimize to just ret void but instead a few calls are surviving:

define void @test8() {
  %nt = alloca i8, align 1
  %naa = call align 8 dereferenceable_or_null(32) i8* @_ZnamSt11align_val_t(i64 32, i64 8) #5
  call void @_ZdaPvSt11align_val_t(i8* %naa, i64 8) #5
  %naja = call align 8 dereferenceable_or_null(32) i8* @_ZnajSt11align_val_t(i32 32, i32 8) #5
  call void @_ZdaPvSt11align_val_t(i8* %naja, i64 8) #5
  %nwat = call align 8 dereferenceable_or_null(32) i8* @_ZnwmSt11align_val_tRKSt9nothrow_t(i64 32, i64 8, i8* nonnull %nt) #5
  call void @_ZdlPvSt11align_val_tRKSt9nothrow_t(i8* %nwat, i64 8, i8* %nt) #5
  %naat = call align 8 dereferenceable_or_null(32) i8* @_ZnamSt11align_val_tRKSt9nothrow_t(i64 32, i64 8, i8* nonnull %nt) #5
  call void @_ZdaPvSt11align_val_tRKSt9nothrow_t(i8* %naat, i64 8, i8* %nt) #5
  %nwjat = call align 8 dereferenceable_or_null(32) i8* @_ZnwjSt11align_val_tRKSt9nothrow_t(i32 32, i32 8, i8* nonnull %nt) #5
  call void @_ZdlPvSt11align_val_tRKSt9nothrow_t(i8* %nwjat, i64 8, i8* %nt) #5
  %najat = call align 8 dereferenceable_or_null(32) i8* @_ZnajSt11align_val_tRKSt9nothrow_t(i32 32, i32 8, i8* nonnull %nt) #5
  call void @_ZdaPvSt11align_val_tRKSt9nothrow_t(i8* %najat, i64 8, i8* %nt) #5
  ret void
}

I don't see anything obviously wrong in my code or the test, but I've also been staring at these mangled names so long today they're kind of blending together. If anyone sees something amiss that looks related please comment!

durin42 updated this revision to Diff 400150.Jan 14 2022, 2:34 PM

Fixed new-delete-itanium.ll failure. Several comments in the free function list were incorrect and it didn't matter until now. Fixed that while I'm here.

That could just as easily be part of the previous patch if people prefer - please let me know if that's the case.

jyknight added inline comments.Jan 14 2022, 2:42 PM
llvm/lib/Analysis/MemoryBuiltins.cpp
82

The vec_malloc/vec_calloc/vec_realloc/vec_free functions look like they should be a distinct family.

100

These aren't good family names, since they could be the name of a user-defined function (and aren't actually what the msvc functions are called).

durin42 updated this revision to Diff 400159.Jan 14 2022, 3:01 PM
durin42 marked 2 inline comments as done.

Split out vec_* functions and updated MSVC ::operator::new/delete to use the _actual_ mangled form.

durin42 added a comment.Jan 14 2022, 3:01 PM

Updated.

durin42 updated this revision to Diff 400160.Jan 14 2022, 3:02 PM
ychen added a subscriber: ychen.Jan 14 2022, 3:07 PM

Is the issue being addressed similar to PR41039?

durin42 added a comment.Jan 14 2022, 3:10 PM
In D117356#3245136, @ychen wrote:

Is the issue being addressed similar to PR41039?

I don't know what that is, can you give me a link or something?

durin42 added a comment.Jan 14 2022, 3:13 PM

Ah, @jyknight bailed me out. That's https://github.com/llvm/llvm-project/issues/40384 which looks related, yes. I suspect that would be resolved by this patch.

Harbormaster completed remote builds in B143511: Diff 400160.Jan 14 2022, 3:40 PM
ychen added a comment.Jan 14 2022, 3:53 PM
In D117356#3245161, @durin42 wrote:

Ah, @jyknight bailed me out. That's https://github.com/llvm/llvm-project/issues/40384 which looks related, yes. I suspect that would be resolved by this patch.

Agreed that this patch could fix it. However, the underlying issue is that the mismatch is generated by LLVM itself. IMHO preventing the mismatch is a better approach (which D97735 would do, I think we should land that instead. @rsmith (thought?)

Bryce-MW added a subscriber: Bryce-MW.Jan 15 2022, 1:16 PM
Bryce-MW added a comment.Jan 16 2022, 12:26 PM

I just wanted to say, personally I like this idea a lot. Even if there is a better way to solve the specific problem in https://github.com/llvm/llvm-project/issues/40384, this overall gives more information which may be useful in the future. This is also part of what someone from Rust was asking for on the llvm-dev mailing list (which was the email that got me into contributing at all). I'll leave it up to the more experienced devs whether to approve this patch since they have a better idea of what they want the memory builtins system to look like but I do think it should be approved.

hiraditya added inline comments.Jan 16 2022, 11:23 PM
llvm/lib/Analysis/MemoryBuiltins.cpp
116–152

should we use _malloc here, as other functions are using the symbol name already?

reames added a comment.Jan 17 2022, 10:17 AM

I don't know enough about C++ semantics to have an opinion, so this response sticks purely to style/code structure issues.

llvm/lib/Analysis/MemoryBuiltins.cpp
109

Please add an implementation private enum for the known families and translate to a StringRef immediately before return in the public accessor.

This will cut out a full family of "oops I mistyped that name" bugs in the table.

This will be less important if we ever move to a full frontend annotation model, but as a stepping stone, it's an important code quality detail.

116–152

Definitely not.

510

The introduction of the getFreeFunctionData helper is a separable NFC. Please separate that change, land it, and rebase.

llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
2744

With the semantics you're proposing, having two unannotated alloc/free be removed seems inconsistent.

Also, use compound if clause.

2749–2751

You seem to be missing the analogous check here...

durin42 updated this revision to Diff 401031.Jan 18 2022, 4:11 PM
durin42 edited the summary of this revision. (Show Details)
Harbormaster completed remote builds in B144150: Diff 401031.Jan 18 2022, 4:12 PM
durin42 edited parent revisions, added: D117624: [NFC] MemoryBuiltins: tease out a getFreeFunctionDataForFunction helper; removed: D117350: MemoryBuiltins: simplify isLibFreeFunction.Jan 18 2022, 4:13 PM
durin42 marked 4 inline comments as done.Jan 18 2022, 4:17 PM

I'll poke the enum later today or first thing tomorrow. I got stuck in a tarpit of being sad about the arc command line tool today.

llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
2744

I think we can't fuse the conditions, because if we see a free() call on a newed pointer we should give up on the instruction combining, not allow it to possibly proceed on other methods, right?

Agreed on the unannotated functions meshing being inconsistent. Today that can't happen, but I guess when we move this to supporting attributes it could. Should the logic be something more like:

if (isFreeCall(...)) {

auto FreeFamily = getAllocationFamily(...);
if (FreeFamily == None || FreeFamily != Family) 
  return false;
...

}

or is there more to it than that that I'm missing?

durin42 updated this revision to Diff 401041.Jan 18 2022, 4:51 PM
durin42 marked an inline comment as done.Jan 18 2022, 4:52 PM

PTAL

Harbormaster completed remote builds in B144160: Diff 401041.Jan 18 2022, 7:23 PM
jyknight added a comment.Jan 19 2022, 12:34 PM
In D117356#3245221, @ychen wrote:
In D117356#3245161, @durin42 wrote:

Ah, @jyknight bailed me out. That's https://github.com/llvm/llvm-project/issues/40384 which looks related, yes. I suspect that would be resolved by this patch.

Agreed that this patch could fix it. However, the underlying issue is that the mismatch is generated by LLVM itself. IMHO preventing the mismatch is a better approach (which D97735 would do, I think we should land that instead. @rsmith (thought?)

I don't believe this commit will address that bug.

However, the follow-on work Augie has planned, to move the allocator information to attributes supplied by the frontend will -- because it will enable us to stop treating C++ allocators as "builtin" -- with all the other side-effects that has, while preserving the ability to mark them as removable allocation functions (what we actually _want_).

ychen added a comment.Jan 19 2022, 12:45 PM
In D117356#3255986, @jyknight wrote:
In D117356#3245221, @ychen wrote:
In D117356#3245161, @durin42 wrote:

Ah, @jyknight bailed me out. That's https://github.com/llvm/llvm-project/issues/40384 which looks related, yes. I suspect that would be resolved by this patch.

Agreed that this patch could fix it. However, the underlying issue is that the mismatch is generated by LLVM itself. IMHO preventing the mismatch is a better approach (which D97735 would do, I think we should land that instead. @rsmith (thought?)

I don't believe this commit will address that bug.

However, the follow-on work Augie has planned, to move the allocator information to attributes supplied by the frontend will -- because it will enable us to stop treating C++ allocators as "builtin" -- with all the other side-effects that has, while preserving the ability to mark them as removable allocation functions (what we actually _want_).

That sounds very promising. Thanks! (Yep, strictly speaking, this covers the issue instead of fixing it.)

jyknight added inline comments.Jan 19 2022, 1:49 PM
llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
2744

I think you can make that an assert(FreeFamily) instead (and assert(Family) at the top).

As you say, today it can't happen. And in the future, when we move this stuff into an attribute, I think it still shouldn't be able to happen -- in that future, part of the definition of "is this a free call" should be "has an allocator family attribute".

llvm/test/Transforms/InstCombine/malloc-free-mismatched.ll
12–13

These lines are irrelevant, remove (and rename %4 to %2 below).

ychen requested changes to this revision.Jan 19 2022, 3:41 PM

Apologies if I didn't make myself clear. The inlining of the allocator function step is already incorrect. This instcombine bailout is not a desirable direction since it implicitly assumes the earlier allocator inlining is correct but it is not. Whatever attributes would be added in the future should be used for preventing the C++ new/delete from doing any kinds of IPO/IPA (marking them to be deleted is allowed though).

This revision now requires changes to proceed.Jan 19 2022, 3:41 PM
jyknight added a comment.Jan 20 2022, 6:07 AM
In D117356#3256460, @ychen wrote:

Apologies if I didn't make myself clear. The inlining of the allocator function step is already incorrect. This instcombine bailout is not a desirable direction since it implicitly assumes the earlier allocator inlining is correct but it is not. Whatever attributes would be added in the future should be used for preventing the C++ new/delete from doing any kinds of IPO/IPA (marking them to be deleted is allowed though).

Please clarify. Inlining c++ operator new seems like a desirable optimization, which (modulo bugs) should be correct -- not something that ought to be prohibited.

However, if that's going to get into a long debate, I also believe this patch is correct and desirable _regardless_ of the C++ side of things. Fixing C++ operator new handling was not the primary goal of this work -- although it seemed like a nice additional benefit.

The most important thing here is setting the stage for the future planned work to create IR attributes to allow arbitrary user-defined functions to be given the same behavior of allowing alloc+free pairs to be removed. The same problem of ensuring the alloc/free are from the same family applies just as well to such allocators if their implementation devolves to another allocator.

durin42 marked 2 inline comments as done.Jan 20 2022, 8:03 AM

You've convinced me that we can at least combine the if statement and use an assert, though I'm weirded out by the test failures if I assert Family right after assigning it.

llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
2744

To my surprise, I can't add an assert(Family) at the top: it fails many tests (over 200!) so I've included it here. I don't think we need to have an assert on FreeFamily since we already know it equals whatever Family is, though I can add that if you'd like.

durin42 requested review of this revision.Jan 20 2022, 8:04 AM
durin42 updated this revision to Diff 401645.
durin42 marked an inline comment as done.
xbolva00 added inline comments.Jan 20 2022, 8:11 AM
llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
2744

Example of crashed tests? Maybe the fix is easy

Harbormaster completed remote builds in B144588: Diff 401645.Jan 20 2022, 9:22 AM
ychen added a comment.Jan 20 2022, 11:53 AM
In D117356#3258070, @jyknight wrote:
In D117356#3256460, @ychen wrote:

Apologies if I didn't make myself clear. The inlining of the allocator function step is already incorrect. This instcombine bailout is not a desirable direction since it implicitly assumes the earlier allocator inlining is correct but it is not. Whatever attributes would be added in the future should be used for preventing the C++ new/delete from doing any kinds of IPO/IPA (marking them to be deleted is allowed though).

Please clarify. Inlining c++ operator new seems like a desirable optimization, which (modulo bugs) should be correct -- not something that ought to be prohibited.

However, if that's going to get into a long debate, I also believe this patch is correct and desirable _regardless_ of the C++ side of things. Fixing C++ operator new handling was not the primary goal of this work -- although it seemed like a nice additional benefit.

The most important thing here is setting the stage for the future planned work to create IR attributes to allow arbitrary user-defined functions to be given the same behavior of allowing alloc+free pairs to be removed. The same problem of ensuring the alloc/free are from the same family applies just as well to such allocators if their implementation devolves to another allocator.

The C++ operator new/delete could be replaced by the user in an arbitrary CU without other CUs' awareness. If any IPO/IPA is done based on the user's allocator/deallocator implementation, then CUs have an inconsistent interpretation of the semantics of the allocator/deallocator. Either all CUs assume the same default semantics of the allocator/deallocator or assume the allocator/deallocator has unknown semantics (basically not a builtin). This is a derefinement issue that affects builtins defined by the users at compile-time (AFAIK, it seems only c++ operator new/delete are in this category, malloc/free replacement happen at link-time, which is covered by existing GlobalValue::mayBeDerefined) (background in https://reviews.llvm.org/D18634).

For the test case mentioned in the patch description, the operator new inlining basically discards the fact that the user called the operator new (not malloc), isn't it less ideal for removing unnecessary new/delete pairs? And since only one CU could possibly inline the operator new/delete, it is hard to say how much performance win is there. However, the correctness issue described above is more important IMO.

ychen added a comment.Jan 20 2022, 11:54 AM

FWIW, I think the MemoryBuiltins changes are good and useful.

durin42 updated this revision to Diff 402084.Jan 21 2022, 12:53 PM
durin42 added a child revision: D117921: Attributes: add a new allocalign attribute.
Harbormaster completed remote builds in B144913: Diff 402084.Jan 21 2022, 3:04 PM
durin42 updated this revision to Diff 402903.Jan 25 2022, 7:04 AM
durin42 removed a child revision: D117921: Attributes: add a new allocalign attribute.Jan 26 2022, 9:17 AM
durin42 added a child revision: D117922: InferFunctionAttrs: fix test case on aligned_alloc.Jan 26 2022, 9:19 AM
durin42 added inline comments.Jan 26 2022, 9:50 AM
llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
2744

It's a ton of them, and the failure mode doesn't really mean anything to me:

********************
FAIL: LLVM :: Transforms/InstCombine/call2.ll (30553 of 46859)
******************** TEST 'LLVM :: Transforms/InstCombine/call2.ll' FAILED ********************
Script:
--
: 'RUN: at line 1';   /usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt < /usr/local/google/home/augie/Programming/big/rust/src/llvm-project/llvm/test/Transforms/InstCombine/call2.ll -instcombine | /usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/llvm-dis
--
Exit Code: 1

Command Output (stderr):
--
opt: /usr/local/google/home/augie/Programming/big/rust/src/llvm-project/llvm/lib/Transforms/InstCombine/InstructionCombining.cpp:2659: bool isAllocSiteRemovable(llvm::Instruction*, llvm::SmallVectorImpl<llvm::WeakTrackingVH>&, const llvm::TargetLibraryInfo&): Assertion `Family' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace.
Stack dump:
0.	Program arguments: /usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt -instcombine
 #0 0x0000560374d45091 PrintStackTraceSignalHandler(void*) Signals.cpp:0:0
 #1 0x0000560374d4285e SignalHandler(int) Signals.cpp:0:0
 #2 0x00007fcc778d0200 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x13200)
 #3 0x00007fcc773a1891 raise ./signal/../sysdeps/unix/sysv/linux/raise.c:50:1
 #4 0x00007fcc7738b536 abort ./stdlib/abort.c:81:7
 #5 0x00007fcc7738b41f get_sysdep_segment_value ./intl/loadmsgcat.c:509:8
 #6 0x00007fcc7738b41f _nl_load_domain ./intl/loadmsgcat.c:970:34
 #7 0x00007fcc7739a212 (/lib/x86_64-linux-gnu/libc.so.6+0x35212)
 #8 0x0000560374676497 llvm::InstCombinerImpl::visitAllocSite(llvm::Instruction&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x25b9497)
 #9 0x0000560374714439 llvm::InstCombinerImpl::visitAllocaInst(llvm::AllocaInst&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x2657439)
#10 0x000056037467cb63 llvm::InstCombinerImpl::run() (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x25bfb63)
#11 0x000056037467e8af combineInstructionsOverFunction(llvm::Function&, llvm::InstructionWorklist&, llvm::AAResults*, llvm::AssumptionCache&, llvm::TargetLibraryInfo&, llvm::TargetTransformInfo&, llvm::DominatorTree&, llvm::OptimizationRemarkEmitter&, llvm::BlockFrequencyInfo*, llvm::ProfileSummaryInfo*, unsigned int, llvm::LoopInfo*) InstructionCombining.cpp:0:0
#12 0x000056037467f1f7 llvm::InstCombinePass::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x25c21f7)
#13 0x0000560375054e8e llvm::detail::PassModel<llvm::Function, llvm::InstCombinePass, llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x2f97e8e)
#14 0x00005603743bc0f0 llvm::PassManager<llvm::Function, llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x22ff0f0)
#15 0x0000560372caf4ce llvm::detail::PassModel<llvm::Function, llvm::PassManager<llvm::Function, llvm::AnalysisManager<llvm::Function> >, llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0xbf24ce)
#16 0x00005603743bab3b llvm::ModuleToFunctionPassAdaptor::run(llvm::Module&, llvm::AnalysisManager<llvm::Module>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x22fdb3b)
#17 0x0000560372735b1e llvm::detail::PassModel<llvm::Module, llvm::ModuleToFunctionPassAdaptor, llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&, llvm::AnalysisManager<llvm::Module>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x678b1e)
#18 0x00005603743b8b13 llvm::PassManager<llvm::Module, llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&, llvm::AnalysisManager<llvm::Module>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x22fbb13)
#19 0x0000560372741967 llvm::runPassPipeline(llvm::StringRef, llvm::Module&, llvm::TargetMachine*, llvm::TargetLibraryInfoImpl*, llvm::ToolOutputFile*, llvm::ToolOutputFile*, llvm::ToolOutputFile*, llvm::StringRef, llvm::ArrayRef<llvm::StringRef>, llvm::opt_tool::OutputKind, llvm::opt_tool::VerifierKind, bool, bool, bool, bool, bool) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x684967)
#20 0x000056037267bb73 main (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x5beb73)
#21 0x00007fcc7738c7ed __libc_start_main ./csu/../csu/libc-start.c:332:16
#22 0x0000560372733bda _start (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x676bda)
/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/llvm-dis: error: file too small to contain bitcode header

Like I said, it's over 200 failures, so that's just one example but they all are pretty much the same backtrace. For example, Transforms/InstCombine/store.ll fails the same way, and Transforms/SampleProfile/calls.ll as well.

durin42 added a comment.Jan 26 2022, 10:41 AM

Realized while I was eating I should add: it seems to me the assertion is obviously-wrong because it breaks a bunch of existing bitcode, but maybe I'm missing something since I'm still new to all this.

xbolva00 added inline comments.Jan 26 2022, 10:58 AM
llvm/lib/Analysis/MemoryBuiltins.cpp
115–116

Anyway I still think Clang should add attributes and metadata as more general solution wrt this hardcoded list.

durin42 marked an inline comment as done.Jan 26 2022, 11:01 AM
durin42 added inline comments.
llvm/lib/Analysis/MemoryBuiltins.cpp
115–116

Yes, that's part of where we're going. I'm not comfortable promising this table goes away entirely, but in general I think most of it should be able to disappear. I need all of this to be in attributes so that it's usable from out-of-tree consumers, like Rust (which is what motivates this work), so you can count on me getting at least as far as making it all _doable_ via attributes.

xbolva00 added inline comments.Jan 26 2022, 11:03 AM
llvm/lib/Analysis/MemoryBuiltins.cpp
115–116

Awesome!

Harbormaster completed remote builds in B145505: Diff 402903.Jan 26 2022, 3:59 PM
durin42 updated this revision to Diff 404917.Feb 1 2022, 7:00 AM
durin42 marked an inline comment as done.
Harbormaster completed remote builds in B146891: Diff 404917.Feb 1 2022, 8:12 AM
durin42 removed a parent revision: D117624: [NFC] MemoryBuiltins: tease out a getFreeFunctionDataForFunction helper.Feb 4 2022, 9:36 AM
durin42 removed a child revision: D117922: InferFunctionAttrs: fix test case on aligned_alloc.
durin42 updated this revision to Diff 406010.Feb 4 2022, 9:37 AM
Harbormaster completed remote builds in B147660: Diff 406010.Feb 4 2022, 10:55 AM
jyknight added inline comments.Feb 10 2022, 3:18 PM
llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
2744

So, this function can be called in two situations (assert is in caller, visitAllocSite):
assert(isa<AllocaInst>(MI) || isAllocRemovable(&cast<CallBase>(MI), &TLI));

Only the latter case would have a family, because getAllocationFamily for alloca returns null. Which is fine.

But we should not assert-fail for e.g. this bogus code: %x = alloca i8; call void free(i8* %x), which I think this code will do currently.

I think better to remove the assert(Family). Probably ought to add a test-case checking the above does something reasonable.

durin42 added inline comments.Feb 11 2022, 1:05 PM
llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
2744

I'm afraid I don't quite follow. Wouldn't alloca have no family, but free would have a malloc family so it wouldn't ever get to the only assert I've added?

(I'm happy to add a test, but I'm not sure how to write it - is it literally the bogus code you gave me in a function definition in some IR, or is it more than that?)

jyknight accepted this revision.Feb 11 2022, 2:06 PM
jyknight added inline comments.
llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
2744

No, you're absolutely right, thanks.

It'd only assert-fail if there's an instruction for which isReallocLikeFn or isFreeCall returns true and getAllocationFamily returns null, which cannot happen, and shouldn't happen in the future. Great -- it's correct as-is.

I was imagining a test just like:

define void @test_alloca() {
  %1 = alloca i8
  call void @free(i8* %1)
  ret void
}
durin42 added inline comments.Feb 11 2022, 2:25 PM
llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
2744

Would you like me to add that test someplace? I'm not sure where to leave it so that it's sensible for a future reader.

durin42 updated this revision to Diff 410892.Feb 23 2022, 11:57 AM
Harbormaster completed remote builds in B151108: Diff 410892.Feb 23 2022, 12:37 PM
durin42 updated this revision to Diff 412804.Mar 3 2022, 12:08 PM
Herald added a project: Restricted Project. · View Herald TranscriptMar 3 2022, 12:08 PM
Harbormaster completed remote builds in B152439: Diff 412804.Mar 3 2022, 12:52 PM
This revision was not accepted when it landed; it landed in state Needs Review.Mar 4 2022, 7:41 AM
This revision was landed with ongoing or failed builds.
Closed by commit rG5e4c75db3b24: InstructionCombining: avoid eliding mismatched alloc/free pairs (authored by durin42). · Explain Why
This revision was automatically updated to reflect the committed changes.
durin42 added a commit: rG5e4c75db3b24: InstructionCombining: avoid eliding mismatched alloc/free pairs.
Allen added a subscriber: Allen.Mar 15 2022, 5:41 AM

Revision Contents

PathSize
llvm/
include/
llvm/
Analysis/
6 lines
lib/
Analysis/
194 lines
Transforms/
InstCombine/
8 lines
test/
Transforms/
InstCombine/
30 lines

Diff 413005

llvm/include/llvm/Analysis/MemoryBuiltins.h

Show First 20 LinesShow All 111 Lines▼ Show 20 LinesOptional<APInt> getAllocSize(const CallBase *CB,
std::function<const Value*(const Value*)> Mapper); std::function<const Value*(const Value*)> Mapper);
/// If this allocation function initializes memory to a fixed value, return /// If this allocation function initializes memory to a fixed value, return
/// said value in the requested type. Otherwise, return nullptr. /// said value in the requested type. Otherwise, return nullptr.
Constant *getInitialValueOfAllocation(const CallBase *Alloc, Constant *getInitialValueOfAllocation(const CallBase *Alloc,
const TargetLibraryInfo *TLI, const TargetLibraryInfo *TLI,
Type *Ty); Type *Ty);
/// If a function is part of an allocation family (e.g.
/// malloc/realloc/calloc/free), return the identifier for its family
/// of functions.
Optional<StringRef> getAllocationFamily(const Value *I,
const TargetLibraryInfo *TLI);
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// Utility functions to compute size of objects. // Utility functions to compute size of objects.
// //
/// Various options to control the behavior of getObjectSize. /// Various options to control the behavior of getObjectSize.
struct ObjectSizeOpts { struct ObjectSizeOpts {
/// Controls how we handle conditional statements with unknown conditions. /// Controls how we handle conditional statements with unknown conditions.
enum class Mode : uint8_t { enum class Mode : uint8_t {
▲ Show 20 LinesShow All 165 LinesShow Last 20 Lines

llvm/lib/Analysis/MemoryBuiltins.cpp

Show First 20 LinesShow All 56 Lines▼ Show 20 Linesenum AllocType : uint8_t {
ReallocLike = 1<<4, // reallocates ReallocLike = 1<<4, // reallocates
StrDupLike = 1<<5, StrDupLike = 1<<5,
MallocOrOpNewLike = MallocLike | OpNewLike, MallocOrOpNewLike = MallocLike | OpNewLike,
MallocOrCallocLike = MallocLike | OpNewLike | CallocLike | AlignedAllocLike, MallocOrCallocLike = MallocLike | OpNewLike | CallocLike | AlignedAllocLike,
AllocLike = MallocOrCallocLike | StrDupLike, AllocLike = MallocOrCallocLike | StrDupLike,
AnyAlloc = AllocLike | ReallocLike AnyAlloc = AllocLike | ReallocLike
}; };
enum class MallocFamily {
Malloc,
CPPNew, // new(unsigned int)
CPPNewAligned, // new(unsigned int, align_val_t)
CPPNewArray, // new[](unsigned int)
CPPNewArrayAligned, // new[](unsigned long, align_val_t)
MSVCNew, // new(unsigned int)
MSVCArrayNew, // new[](unsigned int)
VecMalloc,
KmpcAllocShared,
};
StringRef mangledNameForMallocFamily(const MallocFamily &Family) {
switch (Family) {
case MallocFamily::Malloc:
return "malloc";
case MallocFamily::CPPNew:
return "_Znwm";
jyknightUnsubmitted
Done
ReplyInline Actions

The vec_malloc/vec_calloc/vec_realloc/vec_free functions look like they should be a distinct family.

jyknight: The vec_malloc/vec_calloc/vec_realloc/vec_free functions look like they should be a distinct…
case MallocFamily::CPPNewAligned:
return "_ZnwmSt11align_val_t";
case MallocFamily::CPPNewArray:
return "_Znam";
case MallocFamily::CPPNewArrayAligned:
return "_ZnamSt11align_val_t";
case MallocFamily::MSVCNew:
return "??2@YAPAXI@Z";
case MallocFamily::MSVCArrayNew:
return "??_U@YAPAXI@Z";
case MallocFamily::VecMalloc:
return "vec_malloc";
case MallocFamily::KmpcAllocShared:
return "__kmpc_alloc_shared";
}
llvm_unreachable("missing an alloc family");
}
jyknightUnsubmitted
Done
ReplyInline Actions

These aren't good family names, since they could be the name of a user-defined function (and aren't actually what the msvc functions are called).

jyknight: These aren't good family names, since they could be the name of a user-defined function (and…
struct AllocFnsTy { struct AllocFnsTy {
AllocType AllocTy; AllocType AllocTy;
unsigned NumParams; unsigned NumParams;
// First and Second size parameters (or -1 if unused) // First and Second size parameters (or -1 if unused)
int FstParam, SndParam; int FstParam, SndParam;
// Alignment parameter for aligned_alloc and aligned new // Alignment parameter for aligned_alloc and aligned new
int AlignParam; int AlignParam;
// Name of default allocator function to group malloc/free calls by family
MallocFamily Family;
reamesUnsubmitted
Done
ReplyInline Actions

Please add an implementation private enum for the known families and translate to a StringRef immediately before return in the public accessor.

This will cut out a full family of "oops I mistyped that name" bugs in the table.

This will be less important if we ever move to a full frontend annotation model, but as a stepping stone, it's an important code quality detail.

reames: Please add an implementation private enum for the known families and translate to a StringRef…
}; };
// clang-format off
// FIXME: certain users need more information. E.g., SimplifyLibCalls needs to // FIXME: certain users need more information. E.g., SimplifyLibCalls needs to
// know which functions are nounwind, noalias, nocapture parameters, etc. // know which functions are nounwind, noalias, nocapture parameters, etc.
static const std::pair<LibFunc, AllocFnsTy> AllocationFnData[] = { static const std::pair<LibFunc, AllocFnsTy> AllocationFnData[] = {
{LibFunc_malloc, {MallocLike, 1, 0, -1, -1}}, {LibFunc_malloc, {MallocLike, 1, 0, -1, -1, MallocFamily::Malloc}},
xbolva00Unsubmitted
Done
ReplyInline Actions

Anyway I still think Clang should add attributes and metadata as more general solution wrt this hardcoded list.

xbolva00: Anyway I still think Clang should add attributes and metadata as more general solution wrt this…
durin42AuthorUnsubmitted
Done
ReplyInline Actions

Yes, that's part of where we're going. I'm not comfortable promising this table goes away entirely, but in general I think most of it should be able to disappear. I need all of this to be in attributes so that it's usable from out-of-tree consumers, like Rust (which is what motivates this work), so you can count on me getting at least as far as making it all _doable_ via attributes.

durin42: Yes, that's part of where we're going. I'm not comfortable promising this table goes away…
xbolva00Unsubmitted
Not Done
ReplyInline Actions

Awesome!

xbolva00: Awesome!
{LibFunc_vec_malloc, {MallocLike, 1, 0, -1, -1}}, {LibFunc_vec_malloc, {MallocLike, 1, 0, -1, -1, MallocFamily::VecMalloc}},
{LibFunc_valloc, {MallocLike, 1, 0, -1, -1}}, {LibFunc_valloc, {MallocLike, 1, 0, -1, -1, MallocFamily::Malloc}},
{LibFunc_Znwj, {OpNewLike, 1, 0, -1, -1}}, // new(unsigned int) {LibFunc_Znwj, {OpNewLike, 1, 0, -1, -1, MallocFamily::CPPNew}}, // new(unsigned int)
{LibFunc_ZnwjRKSt9nothrow_t, {MallocLike, 2, 0, -1, -1}}, // new(unsigned int, nothrow) {LibFunc_ZnwjRKSt9nothrow_t, {MallocLike, 2, 0, -1, -1, MallocFamily::CPPNew}}, // new(unsigned int, nothrow)
{LibFunc_ZnwjSt11align_val_t, {OpNewLike, 2, 0, -1, 1}}, // new(unsigned int, align_val_t) {LibFunc_ZnwjSt11align_val_t, {OpNewLike, 2, 0, -1, 1, MallocFamily::CPPNewAligned}}, // new(unsigned int, align_val_t)
{LibFunc_ZnwjSt11align_val_tRKSt9nothrow_t, {MallocLike, 3, 0, -1, 1}}, // new(unsigned int, align_val_t, nothrow) {LibFunc_ZnwjSt11align_val_tRKSt9nothrow_t, {MallocLike, 3, 0, -1, 1, MallocFamily::CPPNewAligned}}, // new(unsigned int, align_val_t, nothrow)
{LibFunc_Znwm, {OpNewLike, 1, 0, -1, -1}}, // new(unsigned long) {LibFunc_Znwm, {OpNewLike, 1, 0, -1, -1, MallocFamily::CPPNew}}, // new(unsigned long)
{LibFunc_ZnwmRKSt9nothrow_t, {MallocLike, 2, 0, -1, -1}}, // new(unsigned long, nothrow) {LibFunc_ZnwmRKSt9nothrow_t, {MallocLike, 2, 0, -1, -1, MallocFamily::CPPNew}}, // new(unsigned long, nothrow)
{LibFunc_ZnwmSt11align_val_t, {OpNewLike, 2, 0, -1, 1}}, // new(unsigned long, align_val_t) {LibFunc_ZnwmSt11align_val_t, {OpNewLike, 2, 0, -1, 1, MallocFamily::CPPNewAligned}}, // new(unsigned long, align_val_t)
{LibFunc_ZnwmSt11align_val_tRKSt9nothrow_t, {MallocLike, 3, 0, -1, 1}}, // new(unsigned long, align_val_t, nothrow) {LibFunc_ZnwmSt11align_val_tRKSt9nothrow_t, {MallocLike, 3, 0, -1, 1, MallocFamily::CPPNewAligned}}, // new(unsigned long, align_val_t, nothrow)
{LibFunc_Znaj, {OpNewLike, 1, 0, -1, -1}}, // new[](unsigned int) {LibFunc_Znaj, {OpNewLike, 1, 0, -1, -1, MallocFamily::CPPNewArray}}, // new[](unsigned int)
{LibFunc_ZnajRKSt9nothrow_t, {MallocLike, 2, 0, -1, -1}}, // new[](unsigned int, nothrow) {LibFunc_ZnajRKSt9nothrow_t, {MallocLike, 2, 0, -1, -1, MallocFamily::CPPNewArray}}, // new[](unsigned int, nothrow)
{LibFunc_ZnajSt11align_val_t, {OpNewLike, 2, 0, -1, 1}}, // new[](unsigned int, align_val_t) {LibFunc_ZnajSt11align_val_t, {OpNewLike, 2, 0, -1, 1, MallocFamily::CPPNewArrayAligned}}, // new[](unsigned int, align_val_t)
{LibFunc_ZnajSt11align_val_tRKSt9nothrow_t, {MallocLike, 3, 0, -1, 1}}, // new[](unsigned int, align_val_t, nothrow) {LibFunc_ZnajSt11align_val_tRKSt9nothrow_t, {MallocLike, 3, 0, -1, 1, MallocFamily::CPPNewArrayAligned}}, // new[](unsigned int, align_val_t, nothrow)
{LibFunc_Znam, {OpNewLike, 1, 0, -1, -1}}, // new[](unsigned long) {LibFunc_Znam, {OpNewLike, 1, 0, -1, -1, MallocFamily::CPPNewArray}}, // new[](unsigned long)
{LibFunc_ZnamRKSt9nothrow_t, {MallocLike, 2, 0, -1, -1}}, // new[](unsigned long, nothrow) {LibFunc_ZnamRKSt9nothrow_t, {MallocLike, 2, 0, -1, -1, MallocFamily::CPPNewArray}}, // new[](unsigned long, nothrow)
{LibFunc_ZnamSt11align_val_t, {OpNewLike, 2, 0, -1, 1}}, // new[](unsigned long, align_val_t) {LibFunc_ZnamSt11align_val_t, {OpNewLike, 2, 0, -1, 1, MallocFamily::CPPNewArrayAligned}}, // new[](unsigned long, align_val_t)
{LibFunc_ZnamSt11align_val_tRKSt9nothrow_t, {MallocLike, 3, 0, -1, 1}}, // new[](unsigned long, align_val_t, nothrow) {LibFunc_ZnamSt11align_val_tRKSt9nothrow_t, {MallocLike, 3, 0, -1, 1, MallocFamily::CPPNewArrayAligned}}, // new[](unsigned long, align_val_t, nothrow)
{LibFunc_msvc_new_int, {OpNewLike, 1, 0, -1, -1}}, // new(unsigned int) {LibFunc_msvc_new_int, {OpNewLike, 1, 0, -1, -1, MallocFamily::MSVCNew}}, // new(unsigned int)
{LibFunc_msvc_new_int_nothrow, {MallocLike, 2, 0, -1, -1}}, // new(unsigned int, nothrow) {LibFunc_msvc_new_int_nothrow, {MallocLike, 2, 0, -1, -1, MallocFamily::MSVCNew}}, // new(unsigned int, nothrow)
{LibFunc_msvc_new_longlong, {OpNewLike, 1, 0, -1, -1}}, // new(unsigned long long) {LibFunc_msvc_new_longlong, {OpNewLike, 1, 0, -1, -1, MallocFamily::MSVCNew}}, // new(unsigned long long)
{LibFunc_msvc_new_longlong_nothrow, {MallocLike, 2, 0, -1, -1}}, // new(unsigned long long, nothrow) {LibFunc_msvc_new_longlong_nothrow, {MallocLike, 2, 0, -1, -1, MallocFamily::MSVCNew}}, // new(unsigned long long, nothrow)
{LibFunc_msvc_new_array_int, {OpNewLike, 1, 0, -1, -1}}, // new[](unsigned int) {LibFunc_msvc_new_array_int, {OpNewLike, 1, 0, -1, -1, MallocFamily::MSVCArrayNew}}, // new[](unsigned int)
{LibFunc_msvc_new_array_int_nothrow, {MallocLike, 2, 0, -1, -1}}, // new[](unsigned int, nothrow) {LibFunc_msvc_new_array_int_nothrow, {MallocLike, 2, 0, -1, -1, MallocFamily::MSVCArrayNew}}, // new[](unsigned int, nothrow)
{LibFunc_msvc_new_array_longlong, {OpNewLike, 1, 0, -1, -1}}, // new[](unsigned long long) {LibFunc_msvc_new_array_longlong, {OpNewLike, 1, 0, -1, -1, MallocFamily::MSVCArrayNew}}, // new[](unsigned long long)
{LibFunc_msvc_new_array_longlong_nothrow, {MallocLike, 2, 0, -1, -1}}, // new[](unsigned long long, nothrow) {LibFunc_msvc_new_array_longlong_nothrow, {MallocLike, 2, 0, -1, -1, MallocFamily::MSVCArrayNew}}, // new[](unsigned long long, nothrow)
{LibFunc_aligned_alloc, {AlignedAllocLike, 2, 1, -1, 0}}, {LibFunc_aligned_alloc, {AlignedAllocLike, 2, 1, -1, 0, MallocFamily::Malloc}},
{LibFunc_memalign, {AlignedAllocLike, 2, 1, -1, 0}}, {LibFunc_memalign, {AlignedAllocLike, 2, 1, -1, 0, MallocFamily::Malloc}},
{LibFunc_calloc, {CallocLike, 2, 0, 1, -1}}, {LibFunc_calloc, {CallocLike, 2, 0, 1, -1, MallocFamily::Malloc}},
{LibFunc_vec_calloc, {CallocLike, 2, 0, 1, -1}}, {LibFunc_vec_calloc, {CallocLike, 2, 0, 1, -1, MallocFamily::VecMalloc}},
{LibFunc_realloc, {ReallocLike, 2, 1, -1, -1}}, {LibFunc_realloc, {ReallocLike, 2, 1, -1, -1, MallocFamily::Malloc}},
{LibFunc_vec_realloc, {ReallocLike, 2, 1, -1, -1}}, {LibFunc_vec_realloc, {ReallocLike, 2, 1, -1, -1, MallocFamily::VecMalloc}},
{LibFunc_reallocf, {ReallocLike, 2, 1, -1, -1}}, {LibFunc_reallocf, {ReallocLike, 2, 1, -1, -1, MallocFamily::Malloc}},
{LibFunc_strdup, {StrDupLike, 1, -1, -1, -1}}, {LibFunc_strdup, {StrDupLike, 1, -1, -1, -1, MallocFamily::Malloc}},
{LibFunc_strndup, {StrDupLike, 2, 1, -1, -1}}, {LibFunc_strndup, {StrDupLike, 2, 1, -1, -1, MallocFamily::Malloc}},
{LibFunc___kmpc_alloc_shared, {MallocLike, 1, 0, -1, -1}}, {LibFunc___kmpc_alloc_shared, {MallocLike, 1, 0, -1, -1, MallocFamily::KmpcAllocShared}},
hiradityaUnsubmitted
Done
ReplyInline Actions

should we use _malloc here, as other functions are using the symbol name already?

hiraditya: should we use `_malloc` here, as other functions are using the symbol name already?
reamesUnsubmitted
Done
ReplyInline Actions

Definitely not.

reames: Definitely not.
// TODO: Handle "int posix_memalign(void **, size_t, size_t)" // TODO: Handle "int posix_memalign(void **, size_t, size_t)"
}; };
// clang-format on
static const Function *getCalledFunction(const Value *V, static const Function *getCalledFunction(const Value *V,
bool &IsNoBuiltin) { bool &IsNoBuiltin) {
// Don't care about intrinsics in this case. // Don't care about intrinsics in this case.
if (isa<IntrinsicInst>(V)) if (isa<IntrinsicInst>(V))
return nullptr; return nullptr;
const auto *CB = dyn_cast<CallBase>(V); const auto *CB = dyn_cast<CallBase>(V);
▲ Show 20 LinesShow All 268 Lines▼ Show 20 LinesConstant *llvm::getInitialValueOfAllocation(const CallBase *Alloc,
if (isCallocLikeFn(Alloc, TLI)) if (isCallocLikeFn(Alloc, TLI))
return Constant::getNullValue(Ty); return Constant::getNullValue(Ty);
return nullptr; return nullptr;
} }
struct FreeFnsTy { struct FreeFnsTy {
unsigned NumParams; unsigned NumParams;
// Name of default allocator function to group malloc/free calls by family
MallocFamily Family;
}; };
// clang-format off // clang-format off
static const std::pair<LibFunc, FreeFnsTy> FreeFnData[] = { static const std::pair<LibFunc, FreeFnsTy> FreeFnData[] = {
{LibFunc_free, {1}}, {LibFunc_free, {1, MallocFamily::Malloc}},
{LibFunc_ZdlPv, {1}}, // operator delete(void*) {LibFunc_ZdlPv, {1, MallocFamily::CPPNew}}, // operator delete(void*)
{LibFunc_ZdaPv, {1}}, // operator delete[](void*) {LibFunc_ZdaPv, {1, MallocFamily::CPPNewArray}}, // operator delete[](void*)
{LibFunc_msvc_delete_ptr32, {1}}, // operator delete(void*) {LibFunc_msvc_delete_ptr32, {1, MallocFamily::MSVCNew}}, // operator delete(void*)
{LibFunc_msvc_delete_ptr64, {1}}, // operator delete(void*) {LibFunc_msvc_delete_ptr64, {1, MallocFamily::MSVCNew}}, // operator delete(void*)
{LibFunc_msvc_delete_array_ptr32, {1}}, // operator delete[](void*) {LibFunc_msvc_delete_array_ptr32, {1, MallocFamily::MSVCArrayNew}}, // operator delete[](void*)
{LibFunc_msvc_delete_array_ptr64, {1}}, // operator delete[](void*) {LibFunc_msvc_delete_array_ptr64, {1, MallocFamily::MSVCArrayNew}}, // operator delete[](void*)
{LibFunc_ZdlPvj, {2}}, // delete(void*, uint) {LibFunc_ZdlPvj, {2, MallocFamily::CPPNew}}, // delete(void*, uint)
{LibFunc_ZdlPvm, {2}}, // delete(void*, ulong) {LibFunc_ZdlPvm, {2, MallocFamily::CPPNew}}, // delete(void*, ulong)
{LibFunc_ZdlPvRKSt9nothrow_t, {2}}, // delete(void*, nothrow) {LibFunc_ZdlPvRKSt9nothrow_t, {2, MallocFamily::CPPNew}}, // delete(void*, nothrow)
{LibFunc_ZdlPvSt11align_val_t, {2}}, // delete(void*, align_val_t) {LibFunc_ZdlPvSt11align_val_t, {2, MallocFamily::CPPNewAligned}}, // delete(void*, align_val_t)
{LibFunc_ZdaPvj, {2}}, // delete[](void*, uint) {LibFunc_ZdaPvj, {2, MallocFamily::CPPNewArray}}, // delete[](void*, uint)
{LibFunc_ZdaPvm, {2}}, // delete[](void*, ulong) {LibFunc_ZdaPvm, {2, MallocFamily::CPPNewArray}}, // delete[](void*, ulong)
{LibFunc_ZdaPvRKSt9nothrow_t, {2}}, // delete[](void*, nothrow) {LibFunc_ZdaPvRKSt9nothrow_t, {2, MallocFamily::CPPNewArray}}, // delete[](void*, nothrow)
{LibFunc_ZdaPvSt11align_val_t, {2}}, // delete[](void*, align_val_t) {LibFunc_ZdaPvSt11align_val_t, {2, MallocFamily::CPPNewArrayAligned}}, // delete[](void*, align_val_t)
{LibFunc_msvc_delete_ptr32_int, {2}}, // delete(void*, uint) {LibFunc_msvc_delete_ptr32_int, {2, MallocFamily::MSVCNew}}, // delete(void*, uint)
{LibFunc_msvc_delete_ptr64_longlong, {2}}, // delete(void*, ulonglong) {LibFunc_msvc_delete_ptr64_longlong, {2, MallocFamily::MSVCNew}}, // delete(void*, ulonglong)
{LibFunc_msvc_delete_ptr32_nothrow, {2}}, // delete(void*, nothrow) {LibFunc_msvc_delete_ptr32_nothrow, {2, MallocFamily::MSVCNew}}, // delete(void*, nothrow)
{LibFunc_msvc_delete_ptr64_nothrow, {2}}, // delete(void*, nothrow) {LibFunc_msvc_delete_ptr64_nothrow, {2, MallocFamily::MSVCNew}}, // delete(void*, nothrow)
{LibFunc_msvc_delete_array_ptr32_int, {2}}, // delete[](void*, uint) {LibFunc_msvc_delete_array_ptr32_int, {2, MallocFamily::MSVCArrayNew}}, // delete[](void*, uint)
{LibFunc_msvc_delete_array_ptr64_longlong, {2}}, // delete[](void*, ulonglong) {LibFunc_msvc_delete_array_ptr64_longlong, {2, MallocFamily::MSVCArrayNew}}, // delete[](void*, ulonglong)
{LibFunc_msvc_delete_array_ptr32_nothrow, {2}}, // delete[](void*, nothrow) {LibFunc_msvc_delete_array_ptr32_nothrow, {2, MallocFamily::MSVCArrayNew}}, // delete[](void*, nothrow)
{LibFunc_msvc_delete_array_ptr64_nothrow, {2}}, // delete[](void*, nothrow) {LibFunc_msvc_delete_array_ptr64_nothrow, {2, MallocFamily::MSVCArrayNew}}, // delete[](void*, nothrow)
{LibFunc___kmpc_free_shared, {2}}, // OpenMP Offloading RTL free {LibFunc___kmpc_free_shared, {2, MallocFamily::KmpcAllocShared}}, // OpenMP Offloading RTL free
{LibFunc_ZdlPvSt11align_val_tRKSt9nothrow_t, {3}}, // delete(void*, align_val_t, nothrow) {LibFunc_ZdlPvSt11align_val_tRKSt9nothrow_t, {3, MallocFamily::CPPNewAligned}}, // delete(void*, align_val_t, nothrow)
{LibFunc_ZdaPvSt11align_val_tRKSt9nothrow_t, {3}}, // delete[](void*, align_val_t, nothrow) {LibFunc_ZdaPvSt11align_val_tRKSt9nothrow_t, {3, MallocFamily::CPPNewArrayAligned}}, // delete[](void*, align_val_t, nothrow)
{LibFunc_ZdlPvjSt11align_val_t, {3}}, // delete(void*, unsigned int, align_val_t) {LibFunc_ZdlPvjSt11align_val_t, {3, MallocFamily::CPPNewAligned}}, // delete(void*, unsigned int, align_val_t)
{LibFunc_ZdlPvmSt11align_val_t, {3}}, // delete(void*, unsigned long, align_val_t) {LibFunc_ZdlPvmSt11align_val_t, {3, MallocFamily::CPPNewAligned}}, // delete(void*, unsigned long, align_val_t)
{LibFunc_ZdaPvjSt11align_val_t, {3}}, // delete[](void*, unsigned int, align_val_t) {LibFunc_ZdaPvjSt11align_val_t, {3, MallocFamily::CPPNewArrayAligned}}, // delete[](void*, unsigned int, align_val_t)
{LibFunc_ZdaPvmSt11align_val_t, {3}}, // delete[](void*, unsigned long, align_val_t) {LibFunc_ZdaPvmSt11align_val_t, {3, MallocFamily::CPPNewArrayAligned}}, // delete[](void*, unsigned long, align_val_t)
}; };
// clang-format on // clang-format on
Optional<FreeFnsTy> getFreeFunctionDataForFunction(const Function *Callee, Optional<FreeFnsTy> getFreeFunctionDataForFunction(const Function *Callee,
const LibFunc TLIFn) { const LibFunc TLIFn) {
const auto *Iter = const auto *Iter =
find_if(FreeFnData, [TLIFn](const std::pair<LibFunc, FreeFnsTy> &P) { find_if(FreeFnData, [TLIFn](const std::pair<LibFunc, FreeFnsTy> &P) {
return P.first == TLIFn; return P.first == TLIFn;
}); });
if (Iter == std::end(FreeFnData)) if (Iter == std::end(FreeFnData))
return None; return None;
return Iter->second; return Iter->second;
} }
Optional<StringRef> llvm::getAllocationFamily(const Value *I,
const TargetLibraryInfo *TLI) {
bool IsNoBuiltin;
const Function *Callee = getCalledFunction(I, IsNoBuiltin);
if (Callee == nullptr)
return None;
LibFunc TLIFn;
if (!TLI || !TLI->getLibFunc(*Callee, TLIFn) || !TLI->has(TLIFn))
return None;
const auto AllocData = getAllocationDataForFunction(Callee, AnyAlloc, TLI);
if (AllocData.hasValue())
return mangledNameForMallocFamily(AllocData.getValue().Family);
const auto FreeData = getFreeFunctionDataForFunction(Callee, TLIFn);
if (FreeData.hasValue())
return mangledNameForMallocFamily(FreeData.getValue().Family);
return None;
}
/// isLibFreeFunction - Returns true if the function is a builtin free() /// isLibFreeFunction - Returns true if the function is a builtin free()
bool llvm::isLibFreeFunction(const Function *F, const LibFunc TLIFn) { bool llvm::isLibFreeFunction(const Function *F, const LibFunc TLIFn) {
Optional<FreeFnsTy> FnData = getFreeFunctionDataForFunction(F, TLIFn); Optional<FreeFnsTy> FnData = getFreeFunctionDataForFunction(F, TLIFn);
reamesUnsubmitted
Done
ReplyInline Actions

The introduction of the getFreeFunctionData helper is a separable NFC. Please separate that change, land it, and rebase.

reames: The introduction of the getFreeFunctionData helper is a separable NFC. Please separate that…
if (!FnData.hasValue()) if (!FnData.hasValue())
return false; return false;
// Check free prototype. // Check free prototype.
// FIXME: workaround for PR5130, this will be obsolete when a nobuiltin // FIXME: workaround for PR5130, this will be obsolete when a nobuiltin
// attribute will exist. // attribute will exist.
FunctionType *FTy = F->getFunctionType(); FunctionType *FTy = F->getFunctionType();
if (!FTy->getReturnType()->isVoidTy()) if (!FTy->getReturnType()->isVoidTy())
▲ Show 20 LinesShow All 562 LinesShow Last 20 Lines

llvm/lib/Transforms/InstCombine/InstructionCombining.cpp

Show First 20 LinesShow All 2,665 Lines▼ Show 20 Linesstatic bool isRemovableWrite(CallBase &CB, Value *UsedV,
Optional<MemoryLocation> Dest = MemoryLocation::getForDest(&CB, TLI); Optional<MemoryLocation> Dest = MemoryLocation::getForDest(&CB, TLI);
return Dest && Dest->Ptr == UsedV; return Dest && Dest->Ptr == UsedV;
} }
static bool isAllocSiteRemovable(Instruction *AI, static bool isAllocSiteRemovable(Instruction *AI,
SmallVectorImpl<WeakTrackingVH> &Users, SmallVectorImpl<WeakTrackingVH> &Users,
const TargetLibraryInfo &TLI) { const TargetLibraryInfo &TLI) {
SmallVector<Instruction*, 4> Worklist; SmallVector<Instruction*, 4> Worklist;
const Optional<StringRef> Family = getAllocationFamily(AI, &TLI);
Worklist.push_back(AI); Worklist.push_back(AI);
do { do {
Instruction *PI = Worklist.pop_back_val(); Instruction *PI = Worklist.pop_back_val();
for (User *U : PI->users()) { for (User *U : PI->users()) {
Instruction *I = cast<Instruction>(U); Instruction *I = cast<Instruction>(U);
switch (I->getOpcode()) { switch (I->getOpcode()) {
default: default:
▲ Show 20 LinesShow All 52 Lines▼ Show 20 Lines for (User *U : PI->users()) {
} }
} }
if (isRemovableWrite(*cast<CallBase>(I), PI, TLI)) { if (isRemovableWrite(*cast<CallBase>(I), PI, TLI)) {
Users.emplace_back(I); Users.emplace_back(I);
continue; continue;
} }
if (isFreeCall(I, &TLI)) { if (isFreeCall(I, &TLI) && getAllocationFamily(I, &TLI) == Family) {
assert(Family);
reamesUnsubmitted
Not Done
ReplyInline Actions

With the semantics you're proposing, having two unannotated alloc/free be removed seems inconsistent.

Also, use compound if clause.

reames: With the semantics you're proposing, having two unannotated alloc/free be removed seems…
durin42AuthorUnsubmitted
Done
ReplyInline Actions

I think we can't fuse the conditions, because if we see a free() call on a newed pointer we should give up on the instruction combining, not allow it to possibly proceed on other methods, right?

Agreed on the unannotated functions meshing being inconsistent. Today that can't happen, but I guess when we move this to supporting attributes it could. Should the logic be something more like:

if (isFreeCall(...)) {

auto FreeFamily = getAllocationFamily(...);
if (FreeFamily == None || FreeFamily != Family) 
  return false;
...

}

or is there more to it than that that I'm missing?

durin42: I think we can't fuse the conditions, because if we see a `free()` call on a `new`ed pointer we…
jyknightUnsubmitted
Done
ReplyInline Actions

I think you can make that an assert(FreeFamily) instead (and assert(Family) at the top).

As you say, today it can't happen. And in the future, when we move this stuff into an attribute, I think it still shouldn't be able to happen -- in that future, part of the definition of "is this a free call" should be "has an allocator family attribute".

jyknight: I think you can make that an `assert(FreeFamily)` instead (and `assert(Family)` at the top).
durin42AuthorUnsubmitted
Done
ReplyInline Actions

To my surprise, I can't add an assert(Family) at the top: it fails many tests (over 200!) so I've included it here. I don't think we need to have an assert on FreeFamily since we already know it equals whatever Family is, though I can add that if you'd like.

durin42: To my surprise, I can't add an `assert(Family)` at the top: it fails many tests (over 200!) so…
xbolva00Unsubmitted
Not Done
ReplyInline Actions

Example of crashed tests? Maybe the fix is easy

xbolva00: Example of crashed tests? Maybe the fix is easy
durin42AuthorUnsubmitted
Done
ReplyInline Actions

It's a ton of them, and the failure mode doesn't really mean anything to me:

********************
FAIL: LLVM :: Transforms/InstCombine/call2.ll (30553 of 46859)
******************** TEST 'LLVM :: Transforms/InstCombine/call2.ll' FAILED ********************
Script:
--
: 'RUN: at line 1';   /usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt < /usr/local/google/home/augie/Programming/big/rust/src/llvm-project/llvm/test/Transforms/InstCombine/call2.ll -instcombine | /usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/llvm-dis
--
Exit Code: 1

Command Output (stderr):
--
opt: /usr/local/google/home/augie/Programming/big/rust/src/llvm-project/llvm/lib/Transforms/InstCombine/InstructionCombining.cpp:2659: bool isAllocSiteRemovable(llvm::Instruction*, llvm::SmallVectorImpl<llvm::WeakTrackingVH>&, const llvm::TargetLibraryInfo&): Assertion `Family' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace.
Stack dump:
0.	Program arguments: /usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt -instcombine
 #0 0x0000560374d45091 PrintStackTraceSignalHandler(void*) Signals.cpp:0:0
 #1 0x0000560374d4285e SignalHandler(int) Signals.cpp:0:0
 #2 0x00007fcc778d0200 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x13200)
 #3 0x00007fcc773a1891 raise ./signal/../sysdeps/unix/sysv/linux/raise.c:50:1
 #4 0x00007fcc7738b536 abort ./stdlib/abort.c:81:7
 #5 0x00007fcc7738b41f get_sysdep_segment_value ./intl/loadmsgcat.c:509:8
 #6 0x00007fcc7738b41f _nl_load_domain ./intl/loadmsgcat.c:970:34
 #7 0x00007fcc7739a212 (/lib/x86_64-linux-gnu/libc.so.6+0x35212)
 #8 0x0000560374676497 llvm::InstCombinerImpl::visitAllocSite(llvm::Instruction&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x25b9497)
 #9 0x0000560374714439 llvm::InstCombinerImpl::visitAllocaInst(llvm::AllocaInst&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x2657439)
#10 0x000056037467cb63 llvm::InstCombinerImpl::run() (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x25bfb63)
#11 0x000056037467e8af combineInstructionsOverFunction(llvm::Function&, llvm::InstructionWorklist&, llvm::AAResults*, llvm::AssumptionCache&, llvm::TargetLibraryInfo&, llvm::TargetTransformInfo&, llvm::DominatorTree&, llvm::OptimizationRemarkEmitter&, llvm::BlockFrequencyInfo*, llvm::ProfileSummaryInfo*, unsigned int, llvm::LoopInfo*) InstructionCombining.cpp:0:0
#12 0x000056037467f1f7 llvm::InstCombinePass::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x25c21f7)
#13 0x0000560375054e8e llvm::detail::PassModel<llvm::Function, llvm::InstCombinePass, llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x2f97e8e)
#14 0x00005603743bc0f0 llvm::PassManager<llvm::Function, llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x22ff0f0)
#15 0x0000560372caf4ce llvm::detail::PassModel<llvm::Function, llvm::PassManager<llvm::Function, llvm::AnalysisManager<llvm::Function> >, llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0xbf24ce)
#16 0x00005603743bab3b llvm::ModuleToFunctionPassAdaptor::run(llvm::Module&, llvm::AnalysisManager<llvm::Module>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x22fdb3b)
#17 0x0000560372735b1e llvm::detail::PassModel<llvm::Module, llvm::ModuleToFunctionPassAdaptor, llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&, llvm::AnalysisManager<llvm::Module>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x678b1e)
#18 0x00005603743b8b13 llvm::PassManager<llvm::Module, llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&, llvm::AnalysisManager<llvm::Module>&) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x22fbb13)
#19 0x0000560372741967 llvm::runPassPipeline(llvm::StringRef, llvm::Module&, llvm::TargetMachine*, llvm::TargetLibraryInfoImpl*, llvm::ToolOutputFile*, llvm::ToolOutputFile*, llvm::ToolOutputFile*, llvm::StringRef, llvm::ArrayRef<llvm::StringRef>, llvm::opt_tool::OutputKind, llvm::opt_tool::VerifierKind, bool, bool, bool, bool, bool) (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x684967)
#20 0x000056037267bb73 main (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x5beb73)
#21 0x00007fcc7738c7ed __libc_start_main ./csu/../csu/libc-start.c:332:16
#22 0x0000560372733bda _start (/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/opt+0x676bda)
/usr/local/google/home/augie/Programming/big/rust/build/x86_64-unknown-linux-gnu/llvm/build/bin/llvm-dis: error: file too small to contain bitcode header

Like I said, it's over 200 failures, so that's just one example but they all are pretty much the same backtrace. For example, Transforms/InstCombine/store.ll fails the same way, and Transforms/SampleProfile/calls.ll as well.

durin42: It's a ton of them, and the failure mode doesn't really mean anything to me: ```…
jyknightUnsubmitted
Not Done
ReplyInline Actions

So, this function can be called in two situations (assert is in caller, visitAllocSite):
assert(isa<AllocaInst>(MI) || isAllocRemovable(&cast<CallBase>(MI), &TLI));

Only the latter case would have a family, because getAllocationFamily for alloca returns null. Which is fine.

But we should not assert-fail for e.g. this bogus code: %x = alloca i8; call void free(i8* %x), which I think this code will do currently.

I think better to remove the assert(Family). Probably ought to add a test-case checking the above does something reasonable.

jyknight: So, this function can be called in two situations (assert is in caller, visitAllocSite): assert…
durin42AuthorUnsubmitted
Done
ReplyInline Actions

I'm afraid I don't quite follow. Wouldn't alloca have no family, but free would have a malloc family so it wouldn't ever get to the only assert I've added?

(I'm happy to add a test, but I'm not sure how to write it - is it literally the bogus code you gave me in a function definition in some IR, or is it more than that?)

durin42: I'm afraid I don't quite follow. Wouldn't alloca have no family, but free would have a malloc…
jyknightUnsubmitted
Not Done
ReplyInline Actions

No, you're absolutely right, thanks.

It'd only assert-fail if there's an instruction for which isReallocLikeFn or isFreeCall returns true and getAllocationFamily returns null, which cannot happen, and shouldn't happen in the future. Great -- it's correct as-is.

I was imagining a test just like:

define void @test_alloca() {
  %1 = alloca i8
  call void @free(i8* %1)
  ret void
}
jyknight: No, you're absolutely right, thanks. It'd only assert-fail if there's an instruction for which…
durin42AuthorUnsubmitted
Done
ReplyInline Actions

Would you like me to add that test someplace? I'm not sure where to leave it so that it's sensible for a future reader.

durin42: Would you like me to add that test someplace? I'm not sure where to leave it so that it's…
Users.emplace_back(I); Users.emplace_back(I);
continue; continue;
} }
if (isReallocLikeFn(I, &TLI)) { if (isReallocLikeFn(I, &TLI) &&
getAllocationFamily(I, &TLI) == Family) {
assert(Family);
reamesUnsubmitted
Done
ReplyInline Actions

You seem to be missing the analogous check here...

reames: You seem to be missing the analogous check here...
Users.emplace_back(I); Users.emplace_back(I);
Worklist.push_back(I); Worklist.push_back(I);
continue; continue;
} }
return false; return false;
case Instruction::Store: { case Instruction::Store: {
▲ Show 20 LinesShow All 1,758 LinesShow Last 20 Lines

llvm/test/Transforms/InstCombine/malloc-free-mismatched.ll

  • This file was added.
; NOTE: Assertions have been autogenerated by utils/update_test_checks.py
; RUN: opt < %s -instcombine -S | FileCheck %s
define dso_local i32 @_Z6answeri(i32 %0) {
; CHECK-LABEL: @_Z6answeri(
; CHECK-NEXT: [[TMP2:%.*]] = call noalias nonnull dereferenceable(80) i8* @_Znam(i64 80) #[[ATTR1:[0-9]+]]
; CHECK-NEXT: call void @free(i8* [[TMP2]])
; CHECK-NEXT: ret i32 42
;
%2 = call noalias nonnull i8* @_Znam(i64 80) #0
call void @free(i8* %2)
ret i32 42
}
jyknightUnsubmitted
Done
ReplyInline Actions

These lines are irrelevant, remove (and rename %4 to %2 below).

jyknight: These lines are irrelevant, remove (and rename %4 to %2 below).
; All we care about with this function is that LLVM doesn't crash
; when optimizing it.
define void @test_alloca() {
%1 = alloca i8
call void @free(i8* %1)
ret void
}
; Function Attrs: nobuiltin allocsize(0)
declare dso_local nonnull i8* @_Znam(i64) #1
; Function Attrs: nounwind
declare dso_local void @free(i8*)
attributes #0 = { builtin allocsize(0) }
attributes #1 = { nobuiltin allocsize(0) }