This is an archive of the discontinued LLVM Phabricator instance.

Differential D126296

[ValueTracking] Loads with !dereferenceable metadata cannot be undef/poison
ClosedPublic

Authored by nikic on May 24 2022, 6:25 AM.

Details

Reviewers
fhahn
nlopes
aqjune
mkazantsev
Commits
rG8a6698b52382: [ValueTracking] Loads with !dereferenceable metadata cannot be undef/poison
Summary

A load with !dereferenceable or !dereferenceable_or_null metadata must return a well-defined (non-undef/poison) value. Effectively they imply !noundef. This is the same as we do for the dereferenceable(N) attribute.

This should fix https://github.com/llvm/llvm-project/issues/55672, or at least the specific case discussed there.

Diff Detail

Event Timeline

nikic created this revision.May 24 2022, 6:25 AM
Herald added a project: Restricted Project. · View Herald TranscriptMay 24 2022, 6:25 AM
Herald added a subscriber: hiraditya. · View Herald Transcript
nikic requested review of this revision.May 24 2022, 6:25 AM
Herald added a project: Restricted Project. · View Herald TranscriptMay 24 2022, 6:25 AM
Herald added a subscriber: llvm-commits. · View Herald Transcript
Harbormaster completed remote builds in B166043: Diff 431659.May 24 2022, 6:59 AM
aqjune accepted this revision.May 24 2022, 8:13 AM

Per LangRef statements of the definition of dereferenceable(<n>) attribute:

The pointer should be well defined, otherwise it is undefined behavior. This means dereferenceable(<n>) implies noundef.

And the dereferenceable metadata says:

This is analogous to the ‘’dereferenceable’’ attribute on parameters and return values.

would like to interpret this wording as the metadata being equivalent to the attribute.

This revision is now accepted and ready to land.May 24 2022, 8:13 AM
This revision was landed with ongoing or failed builds.May 25 2022, 12:54 AM
Closed by commit rG8a6698b52382: [ValueTracking] Loads with !dereferenceable metadata cannot be undef/poison (authored by nikic). · Explain Why
This revision was automatically updated to reflect the committed changes.
nikic added a commit: rG8a6698b52382: [ValueTracking] Loads with !dereferenceable metadata cannot be undef/poison.
nlopes added a comment.Thu, Dec 14, 12:16 AM

I just implemented !dereferenceable in Alive2 and got this commit flagged.

I don't see why !dereferenceable should imply !noundef. They are separate concepts: one is about the object's properties (size) and the other is about the object's contents. If you want both, you should create loads with both.
We should strive to have metadata/attributes as disjoint as possible, otherwise some use cases get lost. For example, we have an internal use case, where we badly need to tag loads with !dereferenceable, but not with !noundef.

Can we revert this?

Herald added a subscriber: StephenFan. · View Herald TranscriptThu, Dec 14, 12:16 AM
nlopes added a comment.Thu, Dec 14, 12:21 AM
In D126296#4658046, @nlopes wrote:

I just implemented !dereferenceable in Alive2 and got this commit flagged.

I don't see why !dereferenceable should imply !noundef. They are separate concepts: one is about the object's properties (size) and the other is about the object's contents. If you want both, you should create loads with both.
We should strive to have metadata/attributes as disjoint as possible, otherwise some use cases get lost. For example, we have an internal use case, where we badly need to tag loads with !dereferenceable, but not with !noundef.

Can we revert this?

Aaah, nervermind. !dereferenceable applies to the loaded value, not to the input ptr. My bad, sorry.

Revision Contents

PathSize
llvm/
lib/
Analysis/
4 lines
test/
Transforms/
InstCombine/
6 lines

Diff 431659

llvm/lib/Analysis/ValueTracking.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 5,185 Lines▼ Show 20 Lines if (const auto *PN = dyn_cast<PHINode>(V)) {
} }
if (IsWellDefined) if (IsWellDefined)
return true; return true;
} else if (!canCreateUndefOrPoison(Opr) && all_of(Opr->operands(), OpCheck)) } else if (!canCreateUndefOrPoison(Opr) && all_of(Opr->operands(), OpCheck))
return true; return true;
} }
if (auto *I = dyn_cast<LoadInst>(V)) if (auto *I = dyn_cast<LoadInst>(V))
if (I->getMetadata(LLVMContext::MD_noundef)) if (I->hasMetadata(LLVMContext::MD_noundef) ||
I->hasMetadata(LLVMContext::MD_dereferenceable) ||
I->hasMetadata(LLVMContext::MD_dereferenceable_or_null))
return true; return true;
if (programUndefinedIfUndefOrPoison(V, PoisonOnly)) if (programUndefinedIfUndefOrPoison(V, PoisonOnly))
return true; return true;
// CxtI may be null or a cloned instruction. // CxtI may be null or a cloned instruction.
if (!CtxI || !CtxI->getParent() || !DT) if (!CtxI || !CtxI->getParent() || !DT)
return false; return false;
▲ Show 20 LinesShow All 2,010 LinesShow Last 20 Lines

llvm/test/Transforms/InstCombine/freeze.ll

Show First 20 LinesShow All 828 Lines▼ Show 20 Lines;
%p = load i8*, i8** %ptr, !noundef !0 %p = load i8*, i8** %ptr, !noundef !0
%p.fr = freeze i8* %p %p.fr = freeze i8* %p
ret i8* %p.fr ret i8* %p.fr
} }
define i8* @freeze_load_dereferenceable(i8** %ptr) { define i8* @freeze_load_dereferenceable(i8** %ptr) {
; CHECK-LABEL: @freeze_load_dereferenceable( ; CHECK-LABEL: @freeze_load_dereferenceable(
; CHECK-NEXT: [[P:%.*]] = load i8*, i8** [[PTR:%.*]], align 8, !dereferenceable !1 ; CHECK-NEXT: [[P:%.*]] = load i8*, i8** [[PTR:%.*]], align 8, !dereferenceable !1
; CHECK-NEXT: [[P_FR:%.*]] = freeze i8* [[P]] ; CHECK-NEXT: ret i8* [[P]]
; CHECK-NEXT: ret i8* [[P_FR]]
; ;
%p = load i8*, i8** %ptr, !dereferenceable !1 %p = load i8*, i8** %ptr, !dereferenceable !1
%p.fr = freeze i8* %p %p.fr = freeze i8* %p
ret i8* %p.fr ret i8* %p.fr
} }
define i8* @freeze_load_dereferenceable_or_null(i8** %ptr) { define i8* @freeze_load_dereferenceable_or_null(i8** %ptr) {
; CHECK-LABEL: @freeze_load_dereferenceable_or_null( ; CHECK-LABEL: @freeze_load_dereferenceable_or_null(
; CHECK-NEXT: [[P:%.*]] = load i8*, i8** [[PTR:%.*]], align 8, !dereferenceable_or_null !1 ; CHECK-NEXT: [[P:%.*]] = load i8*, i8** [[PTR:%.*]], align 8, !dereferenceable_or_null !1
; CHECK-NEXT: [[P_FR:%.*]] = freeze i8* [[P]] ; CHECK-NEXT: ret i8* [[P]]
; CHECK-NEXT: ret i8* [[P_FR]]
; ;
%p = load i8*, i8** %ptr, !dereferenceable_or_null !1 %p = load i8*, i8** %ptr, !dereferenceable_or_null !1
%p.fr = freeze i8* %p %p.fr = freeze i8* %p
ret i8* %p.fr ret i8* %p.fr
} }
!0 = !{} !0 = !{}
!1 = !{i64 4} !1 = !{i64 4}