Download Raw Diff

Details

Reviewers

spatel
nikic
vitalybuka

Commits

rGc911befaec49: [InstCombine] Treat passing undef to noundef params as UB

Summary

Skip on msan instrumented functions since this hurts msan's usefulness.

Add a flag to disable while ToT LLVM users fix regressions (the flag may be useful for bisecting files). This flag will be removed in the future.

Diff Detail

Repository: rG LLVM Github Monorepo

Unit TestsFailed

	Time	Test
	410 ms	x64 debian > MemProfiler-x86_64-linux-dynamic.TestCases::malloc_hook.cpp
	770 ms	x64 debian > MemProfiler-x86_64-linux.TestCases::malloc_hook.cpp
	570 ms	x64 debian > SanitizerCommon-asan-x86_64-Linux.SanitizerCommon-asan-x86_64-Linux::malloc_hook.cpp
	1,870 ms	x64 debian > SanitizerCommon-lsan-x86_64-Linux.SanitizerCommon-lsan-x86_64-Linux::malloc_hook.cpp
	2,070 ms	x64 debian > SanitizerCommon-tsan-x86_64-Linux.SanitizerCommon-tsan-x86_64-Linux::malloc_hook.cpp

Event Timeline

aeubanks created this revision.Aug 31 2022, 11:26 AM

Herald added a project: Restricted Project. · View Herald TranscriptAug 31 2022, 11:26 AM

Herald added subscribers: arphaman, hiraditya. · View Herald Transcript

aeubanks requested review of this revision.Aug 31 2022, 11:26 AM

Herald added a project: Restricted Project. · View Herald TranscriptAug 31 2022, 11:26 AM

Herald added a subscriber: llvm-commits. · View Herald Transcript

aeubanks added reviewers: spatel, nikic.Aug 31 2022, 11:27 AM

Harbormaster completed remote builds in B184407: Diff 457035.Aug 31 2022, 12:05 PM

nikic added inline comments.Sep 1 2022, 12:16 AM

llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp
3027	Call.isPassingUndefUB(I). You probably want to flip the checks, because the UndefValue check is cheaper. Also add tests with dereferenceable instead of noundef.

update

aeubanks added inline comments.Sep 1 2022, 9:16 AM

llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp
3027	`isa<UndefValue>` seems much less likely to be true though. anyway, flipped added dereferenceable tests on top of noundef since ints can't be dereferenceable

Harbormaster completed remote builds in B184605: Diff 457300.Sep 1 2022, 10:39 AM

llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp
3027	nit: unnecessary braces

This revision is now accepted and ready to land.Sep 1 2022, 11:22 AM

fix clang test

Herald added a project: Restricted Project. · View Herald TranscriptSep 1 2022, 1:49 PM

Herald added a subscriber: cfe-commits. · View Herald Transcript

Harbormaster completed remote builds in B184671: Diff 457383.Sep 1 2022, 3:12 PM

This revision was landed with ongoing or failed builds.Sep 1 2022, 3:17 PM

Closed by commit rGc911befaec49: [InstCombine] Treat passing undef to noundef params as UB (authored by aeubanks). · Explain Why

This revision was automatically updated to reflect the committed changes.

aeubanks added a commit: rGc911befaec49: [InstCombine] Treat passing undef to noundef params as UB.

FYI, this change broke Wine (at least on arm and aarch64). Not saying that it is legit breakage of code that actually was UB to begin with though - it's going to take some time to figure out what's broken though.

omjavaid added a reverting change: rG18de7c6a3b36: Revert "[InstCombine] Treat passing undef to noundef params as UB".Sep 2 2022, 4:12 AM

This change has broken LLDB Arm/AArch64 Linux buildbots. I dont really understand
the underlying reason. Reverting for now to make buildbot green.

This revision is now accepted and ready to land.Sep 2 2022, 4:12 AM

Apparently some problem occuring due to trouble with ASAN exception
https://lab.llvm.org/buildbot/#/builders/96/builds/28300

This also broke Rust when compiled at LLVM head: https://buildkite.com/llvm-project/rust-llvm-integrate-prototype/builds/13166#0182fb4a-0f2d-4f2e-830f-f62b463b8d48. (I don't know whether this was some existing UB that got only exposed by this patch or not, but wanted to make you aware. Reproduces with 2+ codegen units and a 1+ optimization level).

uabelho added a subscriber: uabelho.Sep 5 2022, 12:55 AM

bjope added a subscriber: bjope.Sep 5 2022, 2:13 AM

This change also broken emscripten in some odd ways: https://app.circleci.com/pipelines/github/emscripten-core/emscripten/23359/workflows/4080be5f-bd82-45b9-a355-3a5d4f4ef977/jobs/564543. The revert seems to have fixed it.

"fix" lldb test (hopefully)
skip when msan
add flag to disable (to be removed in the future)

Herald added a project: Restricted Project. · View Herald TranscriptSep 22 2022, 11:17 AM

Herald added a subscriber: lldb-commits. · View Herald Transcript

Harbormaster completed remote builds in B188227: Diff 462245.Sep 22 2022, 11:17 AM

Herald added a subscriber: JDevlieghere. · View Herald TranscriptSep 22 2022, 11:17 AM

add flag to disable (to be removed in the future)
"fix" lldb test
skip on msan instrumented functions

Harbormaster completed remote builds in B188229: Diff 462247.Sep 22 2022, 11:18 AM

aeubanks edited the summary of this revision. (Show Details)Sep 22 2022, 11:19 AM

aeubanks added a reviewer: vitalybuka.

extra parens

Harbormaster completed remote builds in B188231: Diff 462249.Sep 22 2022, 11:21 AM

I'd like to block this on -fsanitize-memory-param-retval (aka msan eager checks) being enabled by default. It seems pretty clear that there is a *lot* of UB due to uninitialized parameters floating around, so we should at least make sure that it is detected in default sanitizer configurations before we start exploiting it this aggressively.

This revision now requires changes to proceed.Sep 22 2022, 11:34 AM

@vitalybuka can we turn on -fsanitize-memory-param-retval by default upstream?

In D133036#3816002, @aeubanks wrote:

@vitalybuka can we turn on -fsanitize-memory-param-retval by default upstream?

attempt in https://reviews.llvm.org/D134669

The default switch has happened, so unblocking this.

clang/test/CodeGenOpenCL/overload.cl
23 ↗	(On Diff #462249)	Maybe initialize the relevant variables instead? I'd assume just NULL would work here.

This revision is now accepted and ready to land.Oct 15 2022, 1:32 PM

I'm still trying to properly minimize this, but this definitely interacts badly with other optimizations (which triggers the Rust CI failure I mentioned above):

We start with two functions, outer and inner. outer calls inner. outer has a noundef argument that it forwards to inner (where the argument is also noundef).
PostOrderFunctionAttrsPass decides, for both functions, that the argument is readnone. The readnone attribute is only added to the function definitions. The readnone attribute is not added at the call to inner from outer.
The DeadArgumentEliminationPass decides that when outer calls inner the argument should be poison.
This patch sees the poison being passed to a noundef argument and kills the call.

I don't know which component should be considered "at fault" here (or if the readnone bit is even relevant).

@TimNN Do you have an IR sample for this? DAE is supposed to strip UB-implying attributes when converting arguments to poison here: https://github.com/llvm/llvm-project/blob/cbe5b2dd914b7ee47bb4d0f67af154a40be4d208/llvm/lib/Transforms/IPO/DeadArgumentElimination.cpp#LL291C17-L291C37

I've included excerpts from the IR below. It will take me a bit to provide something compilable. Though you are right, the noundef did indeed get removed from the call.

*** IR Dump Before DeadArgumentEliminationPass on [module] ***
; Function Attrs: nonlazybind uwtable
define void @_RNvXs2_NtNtCs840rfDNPFol_10proc_macro6bridge3rpcbINtB5_6EncodeuE6encodeB9_(i1 noundef zeroext %0, ptr noalias noundef align 8 dereferenceable(40) %1, ptr noalias nocapture noundef nonnull readnone align 1 %2) unnamed_addr #0 !dbg !18135 {
  %4 = zext i1 %0 to i8, !dbg !18137
  call void @_RNvXs0_NtNtCs840rfDNPFol_10proc_macro6bridge3rpchINtB5_6EncodeuE6encodeB9_(i8 %4, ptr noalias noundef nonnull align 8 dereferenceable(40) %1, ptr noalias noundef nonnull align 1 %2), !dbg !18137
  ret void, !dbg !18138
}
*** IR Dump After DeadArgumentEliminationPass on [module] ***
; Function Attrs: nonlazybind uwtable
define void @_RNvXs2_NtNtCs840rfDNPFol_10proc_macro6bridge3rpcbINtB5_6EncodeuE6encodeB9_(i1 noundef zeroext %0, ptr noalias noundef align 8 dereferenceable(40) %1, ptr noalias nocapture noundef nonnull readnone align 1 %2) unnamed_addr #0 !dbg !18136 {
  %4 = zext i1 %0 to i8, !dbg !18138
  call void @_RNvXs0_NtNtCs840rfDNPFol_10proc_macro6bridge3rpchINtB5_6EncodeuE6encodeB9_(i8 %4, ptr noalias noundef nonnull align 8 dereferenceable(40) %1, ptr noalias nonnull align 1 poison), !dbg !18138
  ret void, !dbg !18139
}
*** IR Dump Before InstCombinePass on _RNvXs2_NtNtCs840rfDNPFol_10proc_macro6bridge3rpcbINtB5_6EncodeuE6encodeB9_ ***
; Function Attrs: nonlazybind uwtable
define available_externally void @_RNvXs2_NtNtCs840rfDNPFol_10proc_macro6bridge3rpcbINtB5_6EncodeuE6encodeB9_(i1 noundef zeroext %0, ptr noalias noundef align 8 dereferenceable(40) %1, ptr noalias nocapture noundef nonnull readnone align 1 %2) unnamed_addr #2 !dbg !20759 {
  %4 = zext i1 %0 to i8, !dbg !20762
  call void @_RNvXs0_NtNtCs840rfDNPFol_10proc_macro6bridge3rpchINtB5_6EncodeuE6encodeB9_(i8 %4, ptr noalias noundef nonnull align 8 dereferenceable(40) %1, ptr noalias nonnull align 1 poison), !dbg !20762
  ret void, !dbg !20763
}
*** IR Dump After InstCombinePass on _RNvXs2_NtNtCs840rfDNPFol_10proc_macro6bridge3rpcbINtB5_6EncodeuE6encodeB9_ ***
; Function Attrs: nonlazybind uwtable
define available_externally void @_RNvXs2_NtNtCs840rfDNPFol_10proc_macro6bridge3rpcbINtB5_6EncodeuE6encodeB9_(i1 noundef zeroext %0, ptr noalias noundef align 8 dereferenceable(40) %1, ptr noalias nocapture noundef nonnull readnone align 1 %2) unnamed_addr #2 !dbg !20759 {
  store i1 true, ptr poison, align 1
  ret void, !dbg !20762
}

I didn't manage to repro with opt, so still no compilable IR. I did some more debugging, though:

Inside removeDeadArgumentsFromCallers, CB->getCalledFunction()->dump() is define void @_RNvXs0_NtNtCs840rfDNPFol_10proc_macro6bridge3rpchINtB5_6EncodeuE6encodeB9_(i8 %0, ptr noalias noundef align 8 dereferenceable(40) %1, ptr noalias nocapture nonnull readnone align 1 %2) unnamed_addr #0 personality ptr @rust_eh_personality !dbg !18034 { ... }. Definition, no noundef.
Inside callPassesUndefToPassingUndefUBParam, Call.getCalledFunction()->dump() is declare void @_RNvXs0_NtNtCs840rfDNPFol_10proc_macro6bridge3rpchINtB5_6EncodeuE6encodeB9_(i8 %0, ptr noalias noundef align 8 dereferenceable(40) %1, ptr noalias noundef nonnull align 1 %2) unnamed_addr #2. Declaration, noundef is back.

zero9178 added a subscriber: zero9178.Nov 12 2022, 5:03 PM

I'm sorry for the noise. Further investigation has shown that this happens when Rust is doing (thin) LTO, and I don't think this patch can be considered in any way "at fault" here, so this is the last you'll hear from me on the topic here.

I don't know whether the fault is with how Rust implements (thin) LTO or something on the LLVM side. Basically, after running the FunctionImporter on a module, we end up with a define available_externally void outer and a declare void inner, presumably coming from different modules. outer contains the call to inner with poison, but the parameter is noundef on the declaration on inner.

edit: Issue in the Rust repo: https://github.com/rust-lang/rust/issues/104377

edit2: LLVM issue: https://github.com/llvm/llvm-project/issues/58976

I somehow missed the previous comments

rebased on top of fixing UB in tests changes

Harbormaster completed remote builds in B197434: Diff 475017.Nov 13 2022, 3:39 PM

I'll hold off on submitting this until that bug is figured out

vitalybuka accepted this revision.Nov 14 2022, 12:48 PM

TimNN mentioned this in D139209: [IRMover] Remove UB implying parameter attributes when necessary.Dec 2 2022, 10:05 AM

bkramer mentioned this in rG451799bb8261: [IRMover] Remove UB implying parameter attributes when necessary.Feb 21 2023, 9:43 AM

The ThinLTO related breakage I mentioned above should be fixed as of https://github.com/llvm/llvm-project/commit/451799bb8261bde52bbfef226d019caf1d82aa42.

Herald added a subscriber: StephenFan. · View Herald TranscriptFeb 21 2023, 10:48 PM

Diff 475017

llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp

Show First 20 Lines • Show All 82 Lines • ▼ Show 20 Lines
STATISTIC(NumSimplified, "Number of library calls simplified");		STATISTIC(NumSimplified, "Number of library calls simplified");

static cl::opt<unsigned> GuardWideningWindow(		static cl::opt<unsigned> GuardWideningWindow(
"instcombine-guard-widening-window",		"instcombine-guard-widening-window",
cl::init(3),		cl::init(3),
cl::desc("How wide an instruction window to bypass looking for "		cl::desc("How wide an instruction window to bypass looking for "
"another guard"));		"another guard"));

		// TODO: remove this flag after LLVM ToT users have resolved issues around this.
		static cl::opt<bool> DisableOptimizePassingUndefUB(
		"instcombine-disable-optimize-passing-undef-ub", cl::init(false),
		cl::desc("Disable optimizing away undefined behavior around passing undef "
		"to noundef params"));

namespace llvm {		namespace llvm {
/// enable preservation of attributes in assume like:		/// enable preservation of attributes in assume like:
/// call void @llvm.assume(i1 true) [ "nonnull"(i32* %PTR) ]		/// call void @llvm.assume(i1 true) [ "nonnull"(i32* %PTR) ]
extern cl::opt<bool> EnableKnowledgeRetention;		extern cl::opt<bool> EnableKnowledgeRetention;
} // namespace llvm		} // namespace llvm

/// Return the specified type promoted as it would be to pass though a va_arg		/// Return the specified type promoted as it would be to pass though a va_arg
/// area.		/// area.
▲ Show 20 Lines • Show All 2,912 Lines • ▼ Show 20 Lines	static IntrinsicInst findInitTrampoline(Value Callee) {

if (IntrinsicInst *IT = findInitTrampolineFromAlloca(TrampMem))		if (IntrinsicInst *IT = findInitTrampolineFromAlloca(TrampMem))
return IT;		return IT;
if (IntrinsicInst *IT = findInitTrampolineFromBB(AdjustTramp, TrampMem))		if (IntrinsicInst *IT = findInitTrampolineFromBB(AdjustTramp, TrampMem))
return IT;		return IT;
return nullptr;		return nullptr;
}		}

		static bool callPassesUndefToPassingUndefUBParam(CallBase &Call) {
		if (DisableOptimizePassingUndefUB)
		return false;
		nikicUnsubmitted Not Done Reply Inline Actions Call.isPassingUndefUB(I). You probably want to flip the checks, because the UndefValue check is cheaper. Also add tests with dereferenceable instead of noundef. nikic: Call.isPassingUndefUB(I). You probably want to flip the checks, because the UndefValue check is…
		aeubanksAuthorUnsubmitted Done Reply Inline Actions `isa<UndefValue>` seems much less likely to be true though. anyway, flipped added dereferenceable tests on top of noundef since ints can't be dereferenceable aeubanks: `isa<UndefValue>` seems much less likely to be true though. anyway, flipped added…
		nikicUnsubmitted Not Done Reply Inline Actions nit: unnecessary braces nikic: nit: unnecessary braces
		// Optimizing this hurts msan's usefulness.
		if (Call.getParent()->getParent()->hasFnAttribute(Attribute::SanitizeMemory))
		return false;
		for (unsigned I = 0; I < Call.arg_size(); ++I) {
		if (isa<UndefValue>(Call.getArgOperand(I)) && Call.isPassingUndefUB(I))
		return true;
		}
		return false;
		}

bool InstCombinerImpl::annotateAnyAllocSite(CallBase &Call,		bool InstCombinerImpl::annotateAnyAllocSite(CallBase &Call,
const TargetLibraryInfo *TLI) {		const TargetLibraryInfo *TLI) {
// Note: We only handle cases which can't be driven from generic attributes		// Note: We only handle cases which can't be driven from generic attributes
// here. So, for example, nonnull and noalias (which are common properties		// here. So, for example, nonnull and noalias (which are common properties
// of some allocation functions) are expected to be handled via annotation		// of some allocation functions) are expected to be handled via annotation
// of the respective allocator declaration with generic attributes.		// of the respective allocator declaration with generic attributes.
bool Changed = false;		bool Changed = false;

▲ Show 20 Lines • Show All 110 Lines • ▼ Show 20 Lines	if ((CalleeF->getCallingConv() != Call.getCallingConv() &&
CalleeF->getFunctionType(),		CalleeF->getFunctionType(),
Constant::getNullValue(CalleeF->getType()));		Constant::getNullValue(CalleeF->getType()));
return nullptr;		return nullptr;
}		}
}		}

// Calling a null function pointer is undefined if a null address isn't		// Calling a null function pointer is undefined if a null address isn't
// dereferenceable.		// dereferenceable.
		// Passing undef/poison to any parameter where doing so is UB is undefined (of
		// course).
if ((isa<ConstantPointerNull>(Callee) &&		if ((isa<ConstantPointerNull>(Callee) &&
!NullPointerIsDefined(Call.getFunction())) \|\|		!NullPointerIsDefined(Call.getFunction())) \|\|
isa<UndefValue>(Callee)) {		isa<UndefValue>(Callee) \|\| callPassesUndefToPassingUndefUBParam(Call)) {
// If Call does not return void then replaceInstUsesWith poison.		// If Call does not return void then replaceInstUsesWith poison.
// This allows ValueHandlers and custom metadata to adjust itself.		// This allows ValueHandlers and custom metadata to adjust itself.
if (!Call.getType()->isVoidTy())		if (!Call.getType()->isVoidTy())
replaceInstUsesWith(Call, PoisonValue::get(Call.getType()));		replaceInstUsesWith(Call, PoisonValue::get(Call.getType()));

if (Call.isTerminator()) {		if (Call.isTerminator()) {
// Can't remove an invoke or callbr because we cannot change the CFG.		// Can't remove an invoke or callbr because we cannot change the CFG.
return nullptr;		return nullptr;
▲ Show 20 Lines • Show All 635 Lines • Show Last 20 Lines

llvm/test/Transforms/InstCombine/call-undef.ll

	; NOTE: Assertions have been autogenerated by utils/update_test_checks.py			; NOTE: Assertions have been autogenerated by utils/update_test_checks.py
	; RUN: opt < %s -passes=instcombine -S \| FileCheck %s			; RUN: opt < %s -passes=instcombine -S \| FileCheck %s
				; RUN: opt < %s -passes=instcombine -S -instcombine-disable-optimize-passing-undef-ub \| FileCheck %s --check-prefix=DISABLE

	declare void @c(i32 noundef)			declare void @c(i32 noundef)
	declare void @d(ptr dereferenceable(1))			declare void @d(ptr dereferenceable(1))
	declare void @e(i32)			declare void @e(i32)
	declare void @f(ptr)			declare void @f(ptr)

	define void @test1() {			define void @test1() {
	; CHECK-LABEL: @test1(			; CHECK-LABEL: @test1(
	; CHECK-NEXT: call void @c(i32 undef)			; CHECK-NEXT: store i1 true, ptr poison, align 1
	; CHECK-NEXT: ret void			; CHECK-NEXT: ret void
	;			;
				; DISABLE-LABEL: @test1(
				; DISABLE-NEXT: call void @c(i32 undef)
				; DISABLE-NEXT: ret void
				;
	call void @c(i32 undef)			call void @c(i32 undef)
	ret void			ret void
	}			}

	define void @test2() {			define void @test2() {
	; CHECK-LABEL: @test2(			; CHECK-LABEL: @test2(
	; CHECK-NEXT: call void @c(i32 poison)			; CHECK-NEXT: store i1 true, ptr poison, align 1
	; CHECK-NEXT: ret void			; CHECK-NEXT: ret void
	;			;
				; DISABLE-LABEL: @test2(
				; DISABLE-NEXT: call void @c(i32 poison)
				; DISABLE-NEXT: ret void
				;
	call void @c(i32 poison)			call void @c(i32 poison)
	ret void			ret void
	}			}

	define void @test3() {			define void @test3() {
	; CHECK-LABEL: @test3(			; CHECK-LABEL: @test3(
	; CHECK-NEXT: call void @e(i32 noundef undef)			; CHECK-NEXT: store i1 true, ptr poison, align 1
	; CHECK-NEXT: ret void			; CHECK-NEXT: ret void
	;			;
				; DISABLE-LABEL: @test3(
				; DISABLE-NEXT: call void @e(i32 noundef undef)
				; DISABLE-NEXT: ret void
				;
	call void @e(i32 noundef undef)			call void @e(i32 noundef undef)
	ret void			ret void
	}			}

	define void @test4() {			define void @test4() {
	; CHECK-LABEL: @test4(			; CHECK-LABEL: @test4(
	; CHECK-NEXT: call void @e(i32 noundef poison)			; CHECK-NEXT: store i1 true, ptr poison, align 1
	; CHECK-NEXT: ret void			; CHECK-NEXT: ret void
	;			;
				; DISABLE-LABEL: @test4(
				; DISABLE-NEXT: call void @e(i32 noundef poison)
				; DISABLE-NEXT: ret void
				;
	call void @e(i32 noundef poison)			call void @e(i32 noundef poison)
	ret void			ret void
	}			}

	define void @test5() {			define void @test5() {
	; CHECK-LABEL: @test5(			; CHECK-LABEL: @test5(
	; CHECK-NEXT: call void @d(ptr undef)			; CHECK-NEXT: store i1 true, ptr poison, align 1
	; CHECK-NEXT: ret void			; CHECK-NEXT: ret void
	;			;
				; DISABLE-LABEL: @test5(
				; DISABLE-NEXT: call void @d(ptr undef)
				; DISABLE-NEXT: ret void
				;
	call void @d(ptr undef)			call void @d(ptr undef)
	ret void			ret void
	}			}

	define void @test6() {			define void @test6() {
	; CHECK-LABEL: @test6(			; CHECK-LABEL: @test6(
	; CHECK-NEXT: call void @d(ptr poison)			; CHECK-NEXT: store i1 true, ptr poison, align 1
	; CHECK-NEXT: ret void			; CHECK-NEXT: ret void
	;			;
				; DISABLE-LABEL: @test6(
				; DISABLE-NEXT: call void @d(ptr poison)
				; DISABLE-NEXT: ret void
				;
	call void @d(ptr poison)			call void @d(ptr poison)
	ret void			ret void
	}			}

	define void @test7() {			define void @test7() {
	; CHECK-LABEL: @test7(			; CHECK-LABEL: @test7(
	; CHECK-NEXT: call void @f(ptr dereferenceable(1) undef)			; CHECK-NEXT: store i1 true, ptr poison, align 1
	; CHECK-NEXT: ret void			; CHECK-NEXT: ret void
	;			;
				; DISABLE-LABEL: @test7(
				; DISABLE-NEXT: call void @f(ptr dereferenceable(1) undef)
				; DISABLE-NEXT: ret void
				;
	call void @f(ptr dereferenceable(1) undef)			call void @f(ptr dereferenceable(1) undef)
	ret void			ret void
	}			}

	define void @test8() {			define void @test8() {
	; CHECK-LABEL: @test8(			; CHECK-LABEL: @test8(
	; CHECK-NEXT: call void @f(ptr dereferenceable(1) poison)			; CHECK-NEXT: store i1 true, ptr poison, align 1
	; CHECK-NEXT: ret void			; CHECK-NEXT: ret void
	;			;
				; DISABLE-LABEL: @test8(
				; DISABLE-NEXT: call void @f(ptr dereferenceable(1) poison)
				; DISABLE-NEXT: ret void
				;
	call void @f(ptr dereferenceable(1) poison)			call void @f(ptr dereferenceable(1) poison)
	ret void			ret void
	}			}

				define void @test9() sanitize_memory {
				; CHECK-LABEL: @test9(
				; CHECK-NEXT: call void @c(i32 undef)
				; CHECK-NEXT: ret void
				;
				; DISABLE-LABEL: @test9(
				; DISABLE-NEXT: call void @c(i32 undef)
				; DISABLE-NEXT: ret void
				;
				call void @c(i32 undef)
				ret void
				}

	define void @test_mismatched_call() {			define void @test_mismatched_call() {
	; CHECK-LABEL: @test_mismatched_call(			; CHECK-LABEL: @test_mismatched_call(
	; CHECK-NEXT: call void @e(i8 poison)			; CHECK-NEXT: call void @e(i8 poison)
	; CHECK-NEXT: ret void			; CHECK-NEXT: ret void
	;			;
				; DISABLE-LABEL: @test_mismatched_call(
				; DISABLE-NEXT: call void @e(i8 poison)
				; DISABLE-NEXT: ret void
				;
	call void @e(i8 poison)			call void @e(i8 poison)
	ret void			ret void
	}			}

llvm/test/Transforms/InstCombine/out-of-bounds-indexes.ll

	; NOTE: Assertions have been autogenerated by utils/update_test_checks.py			; NOTE: Assertions have been autogenerated by utils/update_test_checks.py
	; RUN: opt -S -passes=instcombine < %s \| FileCheck %s			; RUN: opt -S -passes=instcombine < %s \| FileCheck %s
	; Check that we don't crash on unreasonable constant indexes			; Check that we don't crash on unreasonable constant indexes

	define i32 @test_out_of_bounds(i32 %a, i1 %x, i1 %y) {			define i32 @test_out_of_bounds(i32 %a, i1 %x, i1 %y) {
	; CHECK-LABEL: @test_out_of_bounds(			; CHECK-LABEL: @test_out_of_bounds(
	; CHECK-NEXT: entry:			; CHECK-NEXT: entry:
	; CHECK-NEXT: [[AND1:%.]] = and i32 [[A:%.]], 3			; CHECK-NEXT: [[AND1:%.]] = and i32 [[A:%.]], 3
	; CHECK-NEXT: tail call void @llvm.assume(i1 poison)			; CHECK-NEXT: store i1 true, ptr poison, align 1
	; CHECK-NEXT: ret i32 [[AND1]]			; CHECK-NEXT: ret i32 [[AND1]]
	;			;
	entry:			entry:
	%and1 = and i32 %a, 3			%and1 = and i32 %a, 3
	%B = lshr i32 %and1, -2147483648			%B = lshr i32 %and1, -2147483648
	%cmp = icmp eq i32 %B, 1			%cmp = icmp eq i32 %B, 1
	tail call void @llvm.assume(i1 %cmp)			tail call void @llvm.assume(i1 %cmp)
	ret i32 %and1			ret i32 %and1
	}			}

	define i128 @test_non64bit(i128 %a) {			define i128 @test_non64bit(i128 %a) {
	; CHECK-LABEL: @test_non64bit(			; CHECK-LABEL: @test_non64bit(
	; CHECK-NEXT: [[AND1:%.]] = and i128 [[A:%.]], 3			; CHECK-NEXT: [[AND1:%.]] = and i128 [[A:%.]], 3
	; CHECK-NEXT: tail call void @llvm.assume(i1 poison)			; CHECK-NEXT: store i1 true, ptr poison, align 1
	; CHECK-NEXT: ret i128 [[AND1]]			; CHECK-NEXT: ret i128 [[AND1]]
	;			;
	%and1 = and i128 %a, 3			%and1 = and i128 %a, 3
	%B = lshr i128 %and1, -1			%B = lshr i128 %and1, -1
	%cmp = icmp eq i128 %B, 1			%cmp = icmp eq i128 %B, 1
	tail call void @llvm.assume(i1 %cmp)			tail call void @llvm.assume(i1 %cmp)
	ret i128 %and1			ret i128 %and1
	}			}
	Show All 10 Lines

This is an archive of the discontinued LLVM Phabricator instance.

[InstCombine] Treat passing undef to noundef params as UB
AcceptedPublic

Details

Diff Detail

Unit TestsFailed

Event Timeline

Revision Contents

Diff 475017

llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp

llvm/test/Transforms/InstCombine/call-undef.ll

llvm/test/Transforms/InstCombine/out-of-bounds-indexes.ll

This is an archive of the discontinued LLVM Phabricator instance.

[InstCombine] Treat passing undef to noundef params as UBAcceptedPublic

Details

Diff Detail

Unit TestsFailed

Event Timeline

Revision Contents

Diff 475017

llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp

llvm/test/Transforms/InstCombine/call-undef.ll

llvm/test/Transforms/InstCombine/out-of-bounds-indexes.ll

[InstCombine] Treat passing undef to noundef params as UB
AcceptedPublic