This is an archive of the discontinued LLVM Phabricator instance.

Differential D120033

[SCEV] Fully invalidate SCEVUnknown on RAUW
ClosedPublic

Authored by nikic on Feb 17 2022, 3:10 AM.

Details

Reviewers
reames
lebedev.ri
mkazantsev
Commits
rG8133778d3c8d: [SCEV] Fully invalidate SCEVUnknown on RAUW
Summary

When a SCEVUnknown gets RAUWd, we currently drop it from the folding set, but don't forget memoized values. I believe we should be treating RAUW the same way as deletion here and invalidate all caches and dependent expressions.

I don't have any specific cases where this causes issues right now. This patch is inspired by the FIXME in https://reviews.llvm.org/D119488.

Diff Detail

Event Timeline

nikic created this revision.Feb 17 2022, 3:10 AM
Herald added subscribers: javed.absar, hiraditya. · View Herald TranscriptFeb 17 2022, 3:10 AM
nikic requested review of this revision.Feb 17 2022, 3:10 AM
Herald added a project: Restricted Project. · View Herald TranscriptFeb 17 2022, 3:10 AM
Herald added a subscriber: llvm-commits. · View Herald Transcript
nikic edited the summary of this revision. (Show Details)Feb 17 2022, 3:12 AM
Harbormaster completed remote builds in B150183: Diff 409568.Feb 17 2022, 3:24 AM
reames added a comment.Feb 17 2022, 8:30 AM

I don't think is quite right. We can have SCEV forget all of it's memoized results, but we can't disallow a client hanging onto an expression containing a SCEVUnknown over a RAUW. Given that, I think we need to explicitly forget, but keep the bit about changing the value pointer to the new value.

nikic added a comment.Feb 17 2022, 10:39 AM
In D120033#3329890, @reames wrote:

I don't think is quite right. We can have SCEV forget all of it's memoized results, but we can't disallow a client hanging onto an expression containing a SCEVUnknown over a RAUW. Given that, I think we need to explicitly forget, but keep the bit about changing the value pointer to the new value.

This is making the behavior the same as for erasing the value, so clients already need to deal with SCEVUnknown holding onto a nullptr (if they both cache it and inspect it that deeply).

Though I don't mind keeping the setValPtr(New), that seems harmless.

nikic updated this revision to Diff 410473.Feb 22 2022, 1:15 AM

Don't replace value pointer with nullptr.

Harbormaster completed remote builds in B150827: Diff 410473.Feb 22 2022, 1:43 AM
mkazantsev added a comment.EditedFeb 24 2022, 8:51 PM

When something is already erased from uniqueSCEVs, but is still in use, I'm pretty sure verify() should break somewhere on this situation. Is this something that is happening in reality?

I think we've been too permissive to holding various kinds of dangling pointers, and this caused us *very* nasty bugs. If we can avoid this situation, I think we must.

nikic added a comment.Feb 25 2022, 3:58 AM
In D120033#3344649, @mkazantsev wrote:

When something is already erased from uniqueSCEVs, but is still in use, I'm pretty sure verify() should break somewhere on this situation. Is this something that is happening in reality?

I just checked that this patch does fix eliminate-max.ll with D119488, so clearly this does happen, and we do need to invalidate here. I think the reason why this is not more problematic in practice is that SCEVCallbackVH will perform a use-def walk on RAUW and remove values from the value map, so we end up mostly doing the invalidation through that mechanism. But of course, this is not quite the same, as the SCEV may be part of structures other than the value map etc.

mkazantsev resigned from this revision.Mar 4 2022, 12:13 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 4 2022, 12:13 AM
reames accepted this revision.Mar 5 2022, 12:48 PM

LGTM

This revision is now accepted and ready to land.Mar 5 2022, 12:48 PM
This revision was landed with ongoing or failed builds.Mar 7 2022, 12:40 AM
Closed by commit rG8133778d3c8d: [SCEV] Fully invalidate SCEVUnknown on RAUW (authored by nikic). · Explain Why
This revision was automatically updated to reflect the committed changes.
nikic added a commit: rG8133778d3c8d: [SCEV] Fully invalidate SCEVUnknown on RAUW.

Revision Contents

PathSize
llvm/
lib/
Analysis/
7 lines

Diff 413362

llvm/lib/Analysis/ScalarEvolution.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 520 Lines▼ Show 20 Linesvoid SCEVUnknown::deleted() {
// Remove this SCEVUnknown from the uniquing map. // Remove this SCEVUnknown from the uniquing map.
SE->UniqueSCEVs.RemoveNode(this); SE->UniqueSCEVs.RemoveNode(this);
// Release the value. // Release the value.
setValPtr(nullptr); setValPtr(nullptr);
} }
void SCEVUnknown::allUsesReplacedWith(Value *New) { void SCEVUnknown::allUsesReplacedWith(Value *New) {
// Clear this SCEVUnknown from various maps.
SE->forgetMemoizedResults(this);
// Remove this SCEVUnknown from the uniquing map. // Remove this SCEVUnknown from the uniquing map.
SE->UniqueSCEVs.RemoveNode(this); SE->UniqueSCEVs.RemoveNode(this);
// Update this SCEVUnknown to point to the new value. This is needed // Replace the value pointer in case someone is still using this SCEVUnknown.
// because there may still be outstanding SCEVs which still point to
// this SCEVUnknown.
setValPtr(New); setValPtr(New);
} }
bool SCEVUnknown::isSizeOf(Type *&AllocTy) const { bool SCEVUnknown::isSizeOf(Type *&AllocTy) const {
if (ConstantExpr *VCE = dyn_cast<ConstantExpr>(getValue())) if (ConstantExpr *VCE = dyn_cast<ConstantExpr>(getValue()))
if (VCE->getOpcode() == Instruction::PtrToInt) if (VCE->getOpcode() == Instruction::PtrToInt)
if (ConstantExpr *CE = dyn_cast<ConstantExpr>(VCE->getOperand(0))) if (ConstantExpr *CE = dyn_cast<ConstantExpr>(VCE->getOperand(0)))
if (CE->getOpcode() == Instruction::GetElementPtr && if (CE->getOpcode() == Instruction::GetElementPtr &&
▲ Show 20 LinesShow All 13,858 LinesShow Last 20 Lines