This is an archive of the discontinued LLVM Phabricator instance.

Revert "[CaptureTracking] Ignore ephemeral values when determining pointer escapeness"
AbandonedPublic

Authored by fhahn on Jun 21 2023, 1:17 PM.

Download Raw Diff

Details

Reviewers

asbirlea
nikic
reames
aeubanks

Summary

This reverts commit 17fdaccccfad9b143e4aadbcdda7f645de127153.

Unfortunately the commit (D123162) introduced a mis-compile (see
llvm/test/Transforms/PhaseOrdering/dse-ephemeral-value-captures.ll). The
issue is roughly:

There's a call to a readonly function that takes a pointer argument and its result is only used by an assume, so the call is considered ephemeral and not capturing.
Because the call doesn't capture the pointer, it's considered to not read the pointer, causing DSE to remove the store before the call.
Now the called function gets inlined and there's now a load from the pointer, but the initializing store has been removed
This leads to SROA replacing the load with undef, which will cause the function to get folded to unreachable by subsequent optimizations.

This is a mis-compile potentially impacting Clang builds with ThinLTO +
PGO.

I think as long as the call considered as ephemeral is not removed, we
need to be conservative. To address the correctness issue quickly, I
think we should revert the patch (as this patch does, it doens't revert
cleanly) and potentially consider what subset of ephemeral values we can
allow here or if we should clean up ephemeral calls sooner/avoid
inlining them.

Diff Detail

Repository: rG LLVM Github Monorepo

Unit TestsFailed

	Time	Test
	40 ms	x64 debian > LLVM.Transforms/PhaseOrdering::dse-ephemeral-value-captures.ll

Event Timeline

fhahn created this revision.Jun 21 2023, 1:17 PM

Herald added a project: Restricted Project. · View Herald TranscriptJun 21 2023, 1:17 PM

Herald added subscribers: wlei, jeroen.dobbelaere, StephenFan and 2 others. · View Herald Transcript

fhahn requested review of this revision.Jun 21 2023, 1:17 PM

Herald added a project: Restricted Project. · View Herald TranscriptJun 21 2023, 1:17 PM

fhahn mentioned this in D123162: [CaptureTracking] Ignore ephemeral values when determining pointer escapeness.Jun 21 2023, 1:18 PM

aeubanks accepted this revision.Jun 21 2023, 1:46 PM

This revision is now accepted and ready to land.Jun 21 2023, 1:46 PM

Harbormaster completed remote builds in B240335: Diff 533374.Jun 21 2023, 1:47 PM

aeubanks added inline comments.Jun 21 2023, 2:27 PM

llvm/test/Transforms/PhaseOrdering/dse-ephemeral-value-captures.ll
24–25	remove comment

Because the call doesn't capture the pointer, it's considered to not read the pointer

this part doesn't make sense, DSE must be conflating the two somehow (but only for ephemeral values?)

Remove FIXME, update assmue.ll checks.

In D153464#4439187, @aeubanks wrote:

Because the call doesn't capture the pointer, it's considered to not read the pointer

this part doesn't make sense, DSE must be conflating the two somehow (but only for ephemeral values?)

I think AA uses capture tracking to rule out aliasing for function calls if a local object hasn't been captured.

fhahn marked an inline comment as done.Jun 21 2023, 2:55 PM

fhahn added inline comments.

llvm/test/Transforms/PhaseOrdering/dse-ephemeral-value-captures.ll
24–25	Removed, thanks!

Harbormaster completed remote builds in B240361: Diff 533412.Jun 21 2023, 3:51 PM

The problematic interaction is probably with this code: https://github.com/llvm/llvm-project/blob/88f07a311947f88de82ad2de9b2d6a26eba21343/llvm/lib/Analysis/BasicAliasAnalysis.cpp#L880-L886 It assumes that non-nocapture/byval arguments have already been covered by the capture check.

In D153464#4440034, @nikic wrote:

The problematic interaction is probably with this code: https://github.com/llvm/llvm-project/blob/88f07a311947f88de82ad2de9b2d6a26eba21343/llvm/lib/Analysis/BasicAliasAnalysis.cpp#L880-L886 It assumes that non-nocapture/byval arguments have already been covered by the capture check.

I tried dropping the check, and that doesn't seem to have significant compile-time impact: http://llvm-compile-time-tracker.com/compare.php?from=565c7525b9d642867837d5715c10afed2fa73970&to=1adcff6949aecc85f098f0a324389b7f48be0b7c&stat=instructions:u There are some changes to code size though.

I think this short-circuiting of non-noncapture arguments could also become a problem with certain extensions to CaptureTracking -- e.g. if for readnone/noreturn calls we did not require a void return but instead followed the return value. We'd also get wrong results in that case.

I've put up https://reviews.llvm.org/D153511 as a possible alternative.

fhahn mentioned this in D153577: [CaptureTracking] Consider ephemeral calls accessing memory as capturing..Jun 22 2023, 10:44 AM

nikic mentioned this in rGc0de28b92e98: [BasicAA] Don't short-circuit non-capturing arguments.Jun 26 2023, 3:27 AM

Could you please rebase over https://github.com/llvm/llvm-project/commit/deb5bd1289404e8ca751127672d9380a6203b880? In https://github.com/llvm/llvm-project/issues/70547 a variant of this issue was found that was not fixed by D153511 (and that D153577 would not have fixed either).

As such, I think we probably do need to land this patch.

I think the way to recover the original motivating case would be to make CaptureTracking return whether the capture is a ProvenanceEscape or an AddressCapture, consider icmp an AddressCapture only, and only consider ProvenanceEscape for DSE/AA. I think the icmp semantics we want are that just a pointer icmp cannot leak provenance of the pointer, regardless of whether it will end up getting used in an assume or not.

I don't mind reverting this, it was mitigating an issue with libc++-sprinkled assumes which has since been reverted.

Yep, we also found a case internally recently that was only fixed by this patch. Will update in a the next few days when I am back in the office

Put up PR https://github.com/llvm/llvm-project/pull/71066

Revision Contents

Path

Size

llvm/

include/

llvm/

Analysis/

AliasAnalysis.h

7 lines

CaptureTracking.h

8 lines

lib/

Analysis/

BasicAliasAnalysis.cpp

2 lines

CaptureTracking.cpp

42 lines

Transforms/

Scalar/

DeadStoreElimination.cpp

22 lines

test/

Transforms/

DeadStoreElimination/

assume.ll

2 lines

PhaseOrdering/

dse-ephemeral-value-captures.ll

5 lines

Diff 533412

llvm/include/llvm/Analysis/AliasAnalysis.h

Show First 20 Lines • Show All 179 Lines • ▼ Show 20 Lines	class EarliestEscapeInfo final : public CaptureInfo {
/// may be a conservative approximation, e.g. the first instruction in the		/// may be a conservative approximation, e.g. the first instruction in the
/// function is always a legal choice.		/// function is always a legal choice.
DenseMap<const Value , Instruction > EarliestEscapes;		DenseMap<const Value , Instruction > EarliestEscapes;

/// Reverse map from instruction to the objects it is the earliest escape for.		/// Reverse map from instruction to the objects it is the earliest escape for.
/// This is used for cache invalidation purposes.		/// This is used for cache invalidation purposes.
DenseMap<Instruction , TinyPtrVector<const Value >> Inst2Obj;		DenseMap<Instruction , TinyPtrVector<const Value >> Inst2Obj;

const SmallPtrSetImpl<const Value *> &EphValues;

public:		public:
EarliestEscapeInfo(DominatorTree &DT, const LoopInfo &LI,		EarliestEscapeInfo(DominatorTree &DT, const LoopInfo &LI)
const SmallPtrSetImpl<const Value *> &EphValues)		: DT(DT), LI(LI) {}
: DT(DT), LI(LI), EphValues(EphValues) {}

bool isNotCapturedBeforeOrAt(const Value *Object,		bool isNotCapturedBeforeOrAt(const Value *Object,
const Instruction *I) override;		const Instruction *I) override;

void removeInstruction(Instruction *I);		void removeInstruction(Instruction *I);
};		};

/// Cache key for BasicAA results. It only includes the pointer and size from		/// Cache key for BasicAA results. It only includes the pointer and size from
▲ Show 20 Lines • Show All 787 Lines • Show Last 20 Lines

llvm/include/llvm/Analysis/CaptureTracking.h

Show All 19 Lines	namespace llvm {

class Value;		class Value;
class Use;		class Use;
class DataLayout;		class DataLayout;
class Instruction;		class Instruction;
class DominatorTree;		class DominatorTree;
class LoopInfo;		class LoopInfo;
class Function;		class Function;
template <typename T> class SmallPtrSetImpl;

/// getDefaultMaxUsesToExploreForCaptureTracking - Return default value of		/// getDefaultMaxUsesToExploreForCaptureTracking - Return default value of
/// the maximal number of uses to explore before giving up. It is used by		/// the maximal number of uses to explore before giving up. It is used by
/// PointerMayBeCaptured family analysis.		/// PointerMayBeCaptured family analysis.
unsigned getDefaultMaxUsesToExploreForCaptureTracking();		unsigned getDefaultMaxUsesToExploreForCaptureTracking();

/// PointerMayBeCaptured - Return true if this pointer value may be captured		/// PointerMayBeCaptured - Return true if this pointer value may be captured
/// by the enclosing function (which is required to exist). This routine can		/// by the enclosing function (which is required to exist). This routine can
/// be expensive, so consider caching the results. The boolean ReturnCaptures		/// be expensive, so consider caching the results. The boolean ReturnCaptures
/// specifies whether returning the value (or part of it) from the function		/// specifies whether returning the value (or part of it) from the function
/// counts as capturing it or not. The boolean StoreCaptures specified		/// counts as capturing it or not. The boolean StoreCaptures specified
/// whether storing the value (or part of it) into memory anywhere		/// whether storing the value (or part of it) into memory anywhere
/// automatically counts as capturing it or not.		/// automatically counts as capturing it or not.
/// MaxUsesToExplore specifies how many uses the analysis should explore for		/// MaxUsesToExplore specifies how many uses the analysis should explore for
/// one value before giving up due too "too many uses". If MaxUsesToExplore		/// one value before giving up due too "too many uses". If MaxUsesToExplore
/// is zero, a default value is assumed.		/// is zero, a default value is assumed.
bool PointerMayBeCaptured(const Value *V, bool ReturnCaptures,		bool PointerMayBeCaptured(const Value *V, bool ReturnCaptures,
bool StoreCaptures, unsigned MaxUsesToExplore = 0);

/// Variant of the above function which accepts a set of Values that are
/// ephemeral and cannot cause pointers to escape.
bool PointerMayBeCaptured(const Value *V, bool ReturnCaptures,
bool StoreCaptures,		bool StoreCaptures,
const SmallPtrSetImpl<const Value *> &EphValues,
unsigned MaxUsesToExplore = 0);		unsigned MaxUsesToExplore = 0);

/// PointerMayBeCapturedBefore - Return true if this pointer value may be		/// PointerMayBeCapturedBefore - Return true if this pointer value may be
/// captured by the enclosing function (which is required to exist). If a		/// captured by the enclosing function (which is required to exist). If a
/// DominatorTree is provided, only captures which happen before the given		/// DominatorTree is provided, only captures which happen before the given
/// instruction are considered. This routine can be expensive, so consider		/// instruction are considered. This routine can be expensive, so consider
/// caching the results. The boolean ReturnCaptures specifies whether		/// caching the results. The boolean ReturnCaptures specifies whether
/// returning the value (or part of it) from the function counts as capturing		/// returning the value (or part of it) from the function counts as capturing
Show All 17 Lines	namespace llvm {
// chosen. If not all uses can be analyzed, the earliest escape is set to		// chosen. If not all uses can be analyzed, the earliest escape is set to
// the first instruction in the function entry block. If \p V does not escape,		// the first instruction in the function entry block. If \p V does not escape,
// nullptr is returned. Note that the caller of the function has to ensure		// nullptr is returned. Note that the caller of the function has to ensure
// that the instruction the result value is compared against is not in a		// that the instruction the result value is compared against is not in a
// cycle.		// cycle.
Instruction *		Instruction *
FindEarliestCapture(const Value *V, Function &F, bool ReturnCaptures,		FindEarliestCapture(const Value *V, Function &F, bool ReturnCaptures,
bool StoreCaptures, const DominatorTree &DT,		bool StoreCaptures, const DominatorTree &DT,
const SmallPtrSetImpl<const Value *> &EphValues,
unsigned MaxUsesToExplore = 0);		unsigned MaxUsesToExplore = 0);

/// This callback is used in conjunction with PointerMayBeCaptured. In		/// This callback is used in conjunction with PointerMayBeCaptured. In
/// addition to the interface here, you'll need to provide your own getters		/// addition to the interface here, you'll need to provide your own getters
/// to see whether anything was captured.		/// to see whether anything was captured.
struct CaptureTracker {		struct CaptureTracker {
virtual ~CaptureTracker();		virtual ~CaptureTracker();

▲ Show 20 Lines • Show All 57 Lines • Show Last 20 Lines

llvm/lib/Analysis/BasicAliasAnalysis.cpp

Show First 20 Lines • Show All 200 Lines • ▼ Show 20 Lines	bool EarliestEscapeInfo::isNotCapturedBeforeOrAt(const Value *Object,
const Instruction *I) {		const Instruction *I) {
if (!isIdentifiedFunctionLocal(Object))		if (!isIdentifiedFunctionLocal(Object))
return false;		return false;

auto Iter = EarliestEscapes.insert({Object, nullptr});		auto Iter = EarliestEscapes.insert({Object, nullptr});
if (Iter.second) {		if (Iter.second) {
Instruction *EarliestCapture = FindEarliestCapture(		Instruction *EarliestCapture = FindEarliestCapture(
Object, const_cast<Function >(I->getFunction()),		Object, const_cast<Function >(I->getFunction()),
/ReturnCaptures=/false, /StoreCaptures=/true, DT, EphValues);		/ReturnCaptures=/false, /StoreCaptures=/true, DT);
if (EarliestCapture) {		if (EarliestCapture) {
auto Ins = Inst2Obj.insert({EarliestCapture, {}});		auto Ins = Inst2Obj.insert({EarliestCapture, {}});
Ins.first->second.push_back(Object);		Ins.first->second.push_back(Object);
}		}
Iter.first->second = EarliestCapture;		Iter.first->second = EarliestCapture;
}		}

// No capturing instruction.		// No capturing instruction.
▲ Show 20 Lines • Show All 1,612 Lines • Show Last 20 Lines

llvm/lib/Analysis/CaptureTracking.cpp

Show All 10 Lines
// pointer that outlives the call. Not being captured means, more or less, that		// pointer that outlives the call. Not being captured means, more or less, that
// the pointer is only dereferenced and not stored in a global. Returning part		// the pointer is only dereferenced and not stored in a global. Returning part
// of the pointer as the function return value may or may not count as capturing		// of the pointer as the function return value may or may not count as capturing
// the pointer, depending on the context.		// the pointer, depending on the context.
//		//
//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//

#include "llvm/Analysis/CaptureTracking.h"		#include "llvm/Analysis/CaptureTracking.h"
#include "llvm/ADT/SmallPtrSet.h"
#include "llvm/ADT/SmallSet.h"		#include "llvm/ADT/SmallSet.h"
#include "llvm/ADT/SmallVector.h"		#include "llvm/ADT/SmallVector.h"
#include "llvm/ADT/Statistic.h"		#include "llvm/ADT/Statistic.h"
#include "llvm/Analysis/AliasAnalysis.h"		#include "llvm/Analysis/AliasAnalysis.h"
#include "llvm/Analysis/CFG.h"		#include "llvm/Analysis/CFG.h"
#include "llvm/Analysis/ValueTracking.h"		#include "llvm/Analysis/ValueTracking.h"
#include "llvm/IR/Constants.h"		#include "llvm/IR/Constants.h"
#include "llvm/IR/Dominators.h"		#include "llvm/IR/Dominators.h"
▲ Show 20 Lines • Show All 42 Lines • ▼ Show 20 Lines	if (auto *GEP = dyn_cast<GetElementPtrInst>(O))
if (GEP->isInBounds())		if (GEP->isInBounds())
return true;		return true;
bool CanBeNull, CanBeFreed;		bool CanBeNull, CanBeFreed;
return O->getPointerDereferenceableBytes(DL, CanBeNull, CanBeFreed);		return O->getPointerDereferenceableBytes(DL, CanBeNull, CanBeFreed);
}		}

namespace {		namespace {
struct SimpleCaptureTracker : public CaptureTracker {		struct SimpleCaptureTracker : public CaptureTracker {
explicit SimpleCaptureTracker(		explicit SimpleCaptureTracker(bool ReturnCaptures)
		: ReturnCaptures(ReturnCaptures) {}
const SmallPtrSetImpl<const Value *> &EphValues, bool ReturnCaptures)
: EphValues(EphValues), ReturnCaptures(ReturnCaptures) {}

void tooManyUses() override {		void tooManyUses() override {
LLVM_DEBUG(dbgs() << "Captured due to too many uses\n");		LLVM_DEBUG(dbgs() << "Captured due to too many uses\n");
Captured = true;		Captured = true;
}		}

bool captured(const Use *U) override {		bool captured(const Use *U) override {
if (isa<ReturnInst>(U->getUser()) && !ReturnCaptures)		if (isa<ReturnInst>(U->getUser()) && !ReturnCaptures)
return false;		return false;

if (EphValues.contains(U->getUser()))
return false;

LLVM_DEBUG(dbgs() << "Captured by: " << *U->getUser() << "\n");		LLVM_DEBUG(dbgs() << "Captured by: " << *U->getUser() << "\n");

Captured = true;		Captured = true;
return true;		return true;
}		}

const SmallPtrSetImpl<const Value *> &EphValues;

bool ReturnCaptures;		bool ReturnCaptures;

bool Captured = false;		bool Captured = false;
};		};

/// Only find pointer captures which happen before the given instruction. Uses		/// Only find pointer captures which happen before the given instruction. Uses
/// the dominator tree to determine whether one instruction is before another.		/// the dominator tree to determine whether one instruction is before another.
/// Only support the case where the Value is defined in the same basic block		/// Only support the case where the Value is defined in the same basic block
▲ Show 20 Lines • Show All 51 Lines • ▼ Show 20 Lines	namespace {
/// B, if A dominates B. If 2 escapes do not dominate each other, the		/// B, if A dominates B. If 2 escapes do not dominate each other, the
/// terminator of the common dominator is chosen. If not all uses cannot be		/// terminator of the common dominator is chosen. If not all uses cannot be
/// analyzed, the earliest escape is set to the first instruction in the		/// analyzed, the earliest escape is set to the first instruction in the
/// function entry block.		/// function entry block.
// NOTE: Users have to make sure instructions compared against the earliest		// NOTE: Users have to make sure instructions compared against the earliest
// escape are not in a cycle.		// escape are not in a cycle.
struct EarliestCaptures : public CaptureTracker {		struct EarliestCaptures : public CaptureTracker {

EarliestCaptures(bool ReturnCaptures, Function &F, const DominatorTree &DT,		EarliestCaptures(bool ReturnCaptures, Function &F, const DominatorTree &DT)
const SmallPtrSetImpl<const Value *> &EphValues)		: DT(DT), ReturnCaptures(ReturnCaptures), F(F) {}
: EphValues(EphValues), DT(DT), ReturnCaptures(ReturnCaptures), F(F) {}

void tooManyUses() override {		void tooManyUses() override {
Captured = true;		Captured = true;
EarliestCapture = &*F.getEntryBlock().begin();		EarliestCapture = &*F.getEntryBlock().begin();
}		}

bool captured(const Use *U) override {		bool captured(const Use *U) override {
Instruction *I = cast<Instruction>(U->getUser());		Instruction *I = cast<Instruction>(U->getUser());
if (isa<ReturnInst>(I) && !ReturnCaptures)		if (isa<ReturnInst>(I) && !ReturnCaptures)
return false;		return false;

if (EphValues.contains(I))
return false;

if (!EarliestCapture)		if (!EarliestCapture)
EarliestCapture = I;		EarliestCapture = I;
else		else
EarliestCapture = DT.findNearestCommonDominator(EarliestCapture, I);		EarliestCapture = DT.findNearestCommonDominator(EarliestCapture, I);
Captured = true;		Captured = true;

// Return false to continue analysis; we need to see all potential		// Return false to continue analysis; we need to see all potential
// captures.		// captures.
return false;		return false;
}		}

const SmallPtrSetImpl<const Value *> &EphValues;

Instruction *EarliestCapture = nullptr;		Instruction *EarliestCapture = nullptr;

const DominatorTree &DT;		const DominatorTree &DT;

bool ReturnCaptures;		bool ReturnCaptures;

bool Captured = false;		bool Captured = false;

Function &F;		Function &F;
};		};
}		}

/// PointerMayBeCaptured - Return true if this pointer value may be captured		/// PointerMayBeCaptured - Return true if this pointer value may be captured
/// by the enclosing function (which is required to exist). This routine can		/// by the enclosing function (which is required to exist). This routine can
/// be expensive, so consider caching the results. The boolean ReturnCaptures		/// be expensive, so consider caching the results. The boolean ReturnCaptures
/// specifies whether returning the value (or part of it) from the function		/// specifies whether returning the value (or part of it) from the function
/// counts as capturing it or not. The boolean StoreCaptures specified whether		/// counts as capturing it or not. The boolean StoreCaptures specified whether
/// storing the value (or part of it) into memory anywhere automatically		/// storing the value (or part of it) into memory anywhere automatically
/// counts as capturing it or not.		/// counts as capturing it or not.
bool llvm::PointerMayBeCaptured(const Value *V, bool ReturnCaptures,		bool llvm::PointerMayBeCaptured(const Value *V,
bool StoreCaptures, unsigned MaxUsesToExplore) {		bool ReturnCaptures, bool StoreCaptures,
SmallPtrSet<const Value *, 1> Empty;
return PointerMayBeCaptured(V, ReturnCaptures, StoreCaptures, Empty,
MaxUsesToExplore);
}

/// Variant of the above function which accepts a set of Values that are
/// ephemeral and cannot cause pointers to escape.
bool llvm::PointerMayBeCaptured(const Value *V, bool ReturnCaptures,
bool StoreCaptures,
const SmallPtrSetImpl<const Value *> &EphValues,
unsigned MaxUsesToExplore) {		unsigned MaxUsesToExplore) {
assert(!isa<GlobalValue>(V) &&		assert(!isa<GlobalValue>(V) &&
"It doesn't make sense to ask whether a global is captured.");		"It doesn't make sense to ask whether a global is captured.");

// TODO: If StoreCaptures is not true, we could do Fancy analysis		// TODO: If StoreCaptures is not true, we could do Fancy analysis
// to determine whether this store is not actually an escape point.		// to determine whether this store is not actually an escape point.
// In that case, BasicAliasAnalysis should be updated as well to		// In that case, BasicAliasAnalysis should be updated as well to
// take advantage of this.		// take advantage of this.
(void)StoreCaptures;		(void)StoreCaptures;

LLVM_DEBUG(dbgs() << "Captured?: " << *V << " = ");		LLVM_DEBUG(dbgs() << "Captured?: " << *V << " = ");

SimpleCaptureTracker SCT(EphValues, ReturnCaptures);		SimpleCaptureTracker SCT(ReturnCaptures);
PointerMayBeCaptured(V, &SCT, MaxUsesToExplore);		PointerMayBeCaptured(V, &SCT, MaxUsesToExplore);
if (SCT.Captured)		if (SCT.Captured)
++NumCaptured;		++NumCaptured;
else {		else {
++NumNotCaptured;		++NumNotCaptured;
LLVM_DEBUG(dbgs() << "not captured\n");		LLVM_DEBUG(dbgs() << "not captured\n");
}		}
return SCT.Captured;		return SCT.Captured;
Show All 30 Lines	bool llvm::PointerMayBeCapturedBefore(const Value *V, bool ReturnCaptures,
else		else
++NumNotCapturedBefore;		++NumNotCapturedBefore;
return CB.Captured;		return CB.Captured;
}		}

Instruction *		Instruction *
llvm::FindEarliestCapture(const Value *V, Function &F, bool ReturnCaptures,		llvm::FindEarliestCapture(const Value *V, Function &F, bool ReturnCaptures,
bool StoreCaptures, const DominatorTree &DT,		bool StoreCaptures, const DominatorTree &DT,

const SmallPtrSetImpl<const Value *> &EphValues,
unsigned MaxUsesToExplore) {		unsigned MaxUsesToExplore) {
assert(!isa<GlobalValue>(V) &&		assert(!isa<GlobalValue>(V) &&
"It doesn't make sense to ask whether a global is captured.");		"It doesn't make sense to ask whether a global is captured.");

EarliestCaptures CB(ReturnCaptures, F, DT, EphValues);		EarliestCaptures CB(ReturnCaptures, F, DT);
PointerMayBeCaptured(V, &CB, MaxUsesToExplore);		PointerMayBeCaptured(V, &CB, MaxUsesToExplore);
if (CB.Captured)		if (CB.Captured)
++NumCapturedBefore;		++NumCapturedBefore;
else		else
++NumNotCapturedBefore;		++NumNotCapturedBefore;
return CB.EarliestCapture;		return CB.EarliestCapture;
}		}

▲ Show 20 Lines • Show All 198 Lines • Show Last 20 Lines

llvm/lib/Transforms/Scalar/DeadStoreElimination.cpp

Show All 32 Lines
#include "llvm/ADT/MapVector.h"		#include "llvm/ADT/MapVector.h"
#include "llvm/ADT/PostOrderIterator.h"		#include "llvm/ADT/PostOrderIterator.h"
#include "llvm/ADT/SetVector.h"		#include "llvm/ADT/SetVector.h"
#include "llvm/ADT/SmallPtrSet.h"		#include "llvm/ADT/SmallPtrSet.h"
#include "llvm/ADT/SmallVector.h"		#include "llvm/ADT/SmallVector.h"
#include "llvm/ADT/Statistic.h"		#include "llvm/ADT/Statistic.h"
#include "llvm/ADT/StringRef.h"		#include "llvm/ADT/StringRef.h"
#include "llvm/Analysis/AliasAnalysis.h"		#include "llvm/Analysis/AliasAnalysis.h"
#include "llvm/Analysis/AssumptionCache.h"
#include "llvm/Analysis/CaptureTracking.h"		#include "llvm/Analysis/CaptureTracking.h"
#include "llvm/Analysis/CodeMetrics.h"
#include "llvm/Analysis/GlobalsModRef.h"		#include "llvm/Analysis/GlobalsModRef.h"
#include "llvm/Analysis/LoopInfo.h"		#include "llvm/Analysis/LoopInfo.h"
#include "llvm/Analysis/MemoryBuiltins.h"		#include "llvm/Analysis/MemoryBuiltins.h"
#include "llvm/Analysis/MemoryLocation.h"		#include "llvm/Analysis/MemoryLocation.h"
#include "llvm/Analysis/MemorySSA.h"		#include "llvm/Analysis/MemorySSA.h"
#include "llvm/Analysis/MemorySSAUpdater.h"		#include "llvm/Analysis/MemorySSAUpdater.h"
#include "llvm/Analysis/MustExecute.h"		#include "llvm/Analysis/MustExecute.h"
#include "llvm/Analysis/PostDominators.h"		#include "llvm/Analysis/PostDominators.h"
▲ Show 20 Lines • Show All 793 Lines • ▼ Show 20 Lines	struct DSEState {
// Keep track of all of the objects that are invisible to the caller after		// Keep track of all of the objects that are invisible to the caller after
// the function returns.		// the function returns.
DenseMap<const Value *, bool> InvisibleToCallerAfterRet;		DenseMap<const Value *, bool> InvisibleToCallerAfterRet;
// Keep track of blocks with throwing instructions not modeled in MemorySSA.		// Keep track of blocks with throwing instructions not modeled in MemorySSA.
SmallPtrSet<BasicBlock *, 16> ThrowingBlocks;		SmallPtrSet<BasicBlock *, 16> ThrowingBlocks;
// Post-order numbers for each basic block. Used to figure out if memory		// Post-order numbers for each basic block. Used to figure out if memory
// accesses are executed before another access.		// accesses are executed before another access.
DenseMap<BasicBlock *, unsigned> PostOrderNumbers;		DenseMap<BasicBlock *, unsigned> PostOrderNumbers;
// Values that are only used with assumes. Used to refine pointer escape
// analysis.
SmallPtrSet<const Value *, 32> EphValues;

/// Keep track of instructions (partly) overlapping with killing MemoryDefs per		/// Keep track of instructions (partly) overlapping with killing MemoryDefs per
/// basic block.		/// basic block.
MapVector<BasicBlock *, InstOverlapIntervalsTy> IOLs;		MapVector<BasicBlock *, InstOverlapIntervalsTy> IOLs;
// Check if there are root nodes that are terminated by UnreachableInst.		// Check if there are root nodes that are terminated by UnreachableInst.
// Those roots pessimize post-dominance queries. If there are such roots,		// Those roots pessimize post-dominance queries. If there are such roots,
// fall back to CFG scan starting from all non-unreachable roots.		// fall back to CFG scan starting from all non-unreachable roots.
bool AnyUnreachableExit;		bool AnyUnreachableExit;

// Whether or not we should iterate on removing dead stores at the end of the		// Whether or not we should iterate on removing dead stores at the end of the
// function due to removing a store causing a previously captured pointer to		// function due to removing a store causing a previously captured pointer to
// no longer be captured.		// no longer be captured.
bool ShouldIterateEndOfFunctionDSE;		bool ShouldIterateEndOfFunctionDSE;

// Class contains self-reference, make sure it's not copied/moved.		// Class contains self-reference, make sure it's not copied/moved.
DSEState(const DSEState &) = delete;		DSEState(const DSEState &) = delete;
DSEState &operator=(const DSEState &) = delete;		DSEState &operator=(const DSEState &) = delete;

DSEState(Function &F, AliasAnalysis &AA, MemorySSA &MSSA, DominatorTree &DT,		DSEState(Function &F, AliasAnalysis &AA, MemorySSA &MSSA, DominatorTree &DT,
PostDominatorTree &PDT, AssumptionCache &AC,		PostDominatorTree &PDT,
const TargetLibraryInfo &TLI, const LoopInfo &LI)		const TargetLibraryInfo &TLI, const LoopInfo &LI)
: F(F), AA(AA), EI(DT, LI, EphValues), BatchAA(AA, &EI), MSSA(MSSA),		: F(F), AA(AA), EI(DT, LI), BatchAA(AA, &EI), MSSA(MSSA),
DT(DT), PDT(PDT), TLI(TLI), DL(F.getParent()->getDataLayout()), LI(LI) {		DT(DT), PDT(PDT), TLI(TLI), DL(F.getParent()->getDataLayout()), LI(LI) {
// Collect blocks with throwing instructions not modeled in MemorySSA and		// Collect blocks with throwing instructions not modeled in MemorySSA and
// alloc-like objects.		// alloc-like objects.
unsigned PO = 0;		unsigned PO = 0;
for (BasicBlock *BB : post_order(&F)) {		for (BasicBlock *BB : post_order(&F)) {
PostOrderNumbers[BB] = PO++;		PostOrderNumbers[BB] = PO++;
for (Instruction &I : *BB) {		for (Instruction &I : *BB) {
MemoryAccess *MA = MSSA.getMemoryAccess(&I);		MemoryAccess *MA = MSSA.getMemoryAccess(&I);
Show All 14 Lines	for (Argument &AI : F.args())
InvisibleToCallerAfterRet.insert({&AI, true});		InvisibleToCallerAfterRet.insert({&AI, true});

// Collect whether there is any irreducible control flow in the function.		// Collect whether there is any irreducible control flow in the function.
ContainsIrreducibleLoops = mayContainIrreducibleControl(F, &LI);		ContainsIrreducibleLoops = mayContainIrreducibleControl(F, &LI);

AnyUnreachableExit = any_of(PDT.roots(), [](const BasicBlock *E) {		AnyUnreachableExit = any_of(PDT.roots(), [](const BasicBlock *E) {
return isa<UnreachableInst>(E->getTerminator());		return isa<UnreachableInst>(E->getTerminator());
});		});

CodeMetrics::collectEphemeralValues(&F, &AC, EphValues);
}		}

LocationSize strengthenLocationSize(const Instruction *I,		LocationSize strengthenLocationSize(const Instruction *I,
LocationSize Size) const {		LocationSize Size) const {
if (auto *CB = dyn_cast<CallBase>(I)) {		if (auto *CB = dyn_cast<CallBase>(I)) {
LibFunc F;		LibFunc F;
if (TLI.getLibFunc(*CB, F) && TLI.has(F) &&		if (TLI.getLibFunc(*CB, F) && TLI.has(F) &&
(F == LibFunc_memset_chk \|\| F == LibFunc_memcpy_chk)) {		(F == LibFunc_memset_chk \|\| F == LibFunc_memcpy_chk)) {
▲ Show 20 Lines • Show All 153 Lines • ▼ Show 20 Lines	struct DSEState {
bool isInvisibleToCallerAfterRet(const Value *V) {		bool isInvisibleToCallerAfterRet(const Value *V) {
if (isa<AllocaInst>(V))		if (isa<AllocaInst>(V))
return true;		return true;
auto I = InvisibleToCallerAfterRet.insert({V, false});		auto I = InvisibleToCallerAfterRet.insert({V, false});
if (I.second) {		if (I.second) {
if (!isInvisibleToCallerOnUnwind(V)) {		if (!isInvisibleToCallerOnUnwind(V)) {
I.first->second = false;		I.first->second = false;
} else if (isNoAliasCall(V)) {		} else if (isNoAliasCall(V)) {
I.first->second = !PointerMayBeCaptured(V, true, false, EphValues);		I.first->second = !PointerMayBeCaptured(V, true, false);
}		}
}		}
return I.first->second;		return I.first->second;
}		}

bool isInvisibleToCallerOnUnwind(const Value *V) {		bool isInvisibleToCallerOnUnwind(const Value *V) {
bool RequiresNoCaptureBeforeUnwind;		bool RequiresNoCaptureBeforeUnwind;
if (!isNotVisibleOnUnwind(V, RequiresNoCaptureBeforeUnwind))		if (!isNotVisibleOnUnwind(V, RequiresNoCaptureBeforeUnwind))
return false;		return false;
if (!RequiresNoCaptureBeforeUnwind)		if (!RequiresNoCaptureBeforeUnwind)
return true;		return true;

auto I = CapturedBeforeReturn.insert({V, true});		auto I = CapturedBeforeReturn.insert({V, true});
if (I.second)		if (I.second)
// NOTE: This could be made more precise by PointerMayBeCapturedBefore		// NOTE: This could be made more precise by PointerMayBeCapturedBefore
// with the killing MemoryDef. But we refrain from doing so for now to		// with the killing MemoryDef. But we refrain from doing so for now to
// limit compile-time and this does not cause any changes to the number		// limit compile-time and this does not cause any changes to the number
// of stores removed on a large test set in practice.		// of stores removed on a large test set in practice.
I.first->second = PointerMayBeCaptured(V, false, true, EphValues);		I.first->second = PointerMayBeCaptured(V, false, true);
return !I.first->second;		return !I.first->second;
}		}

std::optional<MemoryLocation> getLocForWrite(Instruction *I) const {		std::optional<MemoryLocation> getLocForWrite(Instruction *I) const {
if (!I->mayWriteToMemory())		if (!I->mayWriteToMemory())
return std::nullopt;		return std::nullopt;

if (auto *CB = dyn_cast<CallBase>(I))		if (auto *CB = dyn_cast<CallBase>(I))
▲ Show 20 Lines • Show All 952 Lines • ▼ Show 20 Lines	for (auto *Def : MemDefs) {
MadeChange = true;		MadeChange = true;
}		}
return MadeChange;		return MadeChange;
}		}
};		};

static bool eliminateDeadStores(Function &F, AliasAnalysis &AA, MemorySSA &MSSA,		static bool eliminateDeadStores(Function &F, AliasAnalysis &AA, MemorySSA &MSSA,
DominatorTree &DT, PostDominatorTree &PDT,		DominatorTree &DT, PostDominatorTree &PDT,
AssumptionCache &AC,
const TargetLibraryInfo &TLI,		const TargetLibraryInfo &TLI,
const LoopInfo &LI) {		const LoopInfo &LI) {
bool MadeChange = false;		bool MadeChange = false;

MSSA.ensureOptimizedUses();		MSSA.ensureOptimizedUses();
DSEState State(F, AA, MSSA, DT, PDT, AC, TLI, LI);		DSEState State(F, AA, MSSA, DT, PDT, TLI, LI);
// For each store:		// For each store:
for (unsigned I = 0; I < State.MemDefs.size(); I++) {		for (unsigned I = 0; I < State.MemDefs.size(); I++) {
MemoryDef *KillingDef = State.MemDefs[I];		MemoryDef *KillingDef = State.MemDefs[I];
if (State.SkipStores.count(KillingDef))		if (State.SkipStores.count(KillingDef))
continue;		continue;
Instruction *KillingI = KillingDef->getMemoryInst();		Instruction *KillingI = KillingDef->getMemoryInst();

std::optional<MemoryLocation> MaybeKillingLoc;		std::optional<MemoryLocation> MaybeKillingLoc;
▲ Show 20 Lines • Show All 164 Lines • ▼ Show 20 Lines
// DSE Pass		// DSE Pass
//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//
PreservedAnalyses DSEPass::run(Function &F, FunctionAnalysisManager &AM) {		PreservedAnalyses DSEPass::run(Function &F, FunctionAnalysisManager &AM) {
AliasAnalysis &AA = AM.getResult<AAManager>(F);		AliasAnalysis &AA = AM.getResult<AAManager>(F);
const TargetLibraryInfo &TLI = AM.getResult<TargetLibraryAnalysis>(F);		const TargetLibraryInfo &TLI = AM.getResult<TargetLibraryAnalysis>(F);
DominatorTree &DT = AM.getResult<DominatorTreeAnalysis>(F);		DominatorTree &DT = AM.getResult<DominatorTreeAnalysis>(F);
MemorySSA &MSSA = AM.getResult<MemorySSAAnalysis>(F).getMSSA();		MemorySSA &MSSA = AM.getResult<MemorySSAAnalysis>(F).getMSSA();
PostDominatorTree &PDT = AM.getResult<PostDominatorTreeAnalysis>(F);		PostDominatorTree &PDT = AM.getResult<PostDominatorTreeAnalysis>(F);
AssumptionCache &AC = AM.getResult<AssumptionAnalysis>(F);
LoopInfo &LI = AM.getResult<LoopAnalysis>(F);		LoopInfo &LI = AM.getResult<LoopAnalysis>(F);

bool Changed = eliminateDeadStores(F, AA, MSSA, DT, PDT, AC, TLI, LI);		bool Changed = eliminateDeadStores(F, AA, MSSA, DT, PDT, TLI, LI);

#ifdef LLVM_ENABLE_STATS		#ifdef LLVM_ENABLE_STATS
if (AreStatisticsEnabled())		if (AreStatisticsEnabled())
for (auto &I : instructions(F))		for (auto &I : instructions(F))
NumRemainingStores += isa<StoreInst>(&I);		NumRemainingStores += isa<StoreInst>(&I);
#endif		#endif

if (!Changed)		if (!Changed)
return PreservedAnalyses::all();		return PreservedAnalyses::all();

PreservedAnalyses PA;		PreservedAnalyses PA;
PA.preserveSet<CFGAnalyses>();		PA.preserveSet<CFGAnalyses>();
PA.preserve<MemorySSAAnalysis>();		PA.preserve<MemorySSAAnalysis>();
PA.preserve<LoopAnalysis>();		PA.preserve<LoopAnalysis>();
return PA;		return PA;
}		}

llvm/test/Transforms/DeadStoreElimination/assume.ll

	; NOTE: Assertions have been autogenerated by utils/update_test_checks.py			; NOTE: Assertions have been autogenerated by utils/update_test_checks.py
	; RUN: opt -passes=dse -S < %s \| FileCheck %s			; RUN: opt -passes=dse -S < %s \| FileCheck %s

	@global = external constant i8			@global = external constant i8

	define void @f() {			define void @f() {
	; CHECK-LABEL: @f(			; CHECK-LABEL: @f(
	; CHECK-NEXT: [[TMP1:%.*]] = call noalias ptr @_Znwm(i64 32)			; CHECK-NEXT: [[TMP1:%.*]] = call noalias ptr @_Znwm(i64 32)
	; CHECK-NEXT: [[TMP2:%.*]] = icmp ugt ptr [[TMP1]], @global			; CHECK-NEXT: [[TMP2:%.*]] = icmp ugt ptr [[TMP1]], @global
	; CHECK-NEXT: call void @llvm.assume(i1 [[TMP2]])			; CHECK-NEXT: call void @llvm.assume(i1 [[TMP2]])
				; CHECK-NEXT: store i8 0, ptr [[TMP1]], align 1
	; CHECK-NEXT: ret void			; CHECK-NEXT: ret void
	;			;
	%tmp1 = call noalias ptr @_Znwm(i64 32)			%tmp1 = call noalias ptr @_Znwm(i64 32)
	%tmp2 = icmp ugt ptr %tmp1, @global			%tmp2 = icmp ugt ptr %tmp1, @global
	call void @llvm.assume(i1 %tmp2)			call void @llvm.assume(i1 %tmp2)
	store i8 0, ptr %tmp1, align 1			store i8 0, ptr %tmp1, align 1
	ret void			ret void
	}			}

	define void @f2() {			define void @f2() {
	; CHECK-LABEL: @f2(			; CHECK-LABEL: @f2(
	; CHECK-NEXT: [[TMP1:%.*]] = call noalias ptr @_Znwm(i64 32)			; CHECK-NEXT: [[TMP1:%.*]] = call noalias ptr @_Znwm(i64 32)
	; CHECK-NEXT: [[TMP2:%.*]] = icmp ugt ptr [[TMP1]], @global			; CHECK-NEXT: [[TMP2:%.*]] = icmp ugt ptr [[TMP1]], @global
	; CHECK-NEXT: call void @llvm.assume(i1 [[TMP2]])			; CHECK-NEXT: call void @llvm.assume(i1 [[TMP2]])
				; CHECK-NEXT: store i8 0, ptr [[TMP1]], align 1
	; CHECK-NEXT: call void @quux(ptr @global)			; CHECK-NEXT: call void @quux(ptr @global)
	; CHECK-NEXT: ret void			; CHECK-NEXT: ret void
	;			;
	%tmp1 = call noalias ptr @_Znwm(i64 32)			%tmp1 = call noalias ptr @_Znwm(i64 32)
	%tmp2 = icmp ugt ptr %tmp1, @global			%tmp2 = icmp ugt ptr %tmp1, @global
	call void @llvm.assume(i1 %tmp2)			call void @llvm.assume(i1 %tmp2)
	store i8 0, ptr %tmp1, align 1			store i8 0, ptr %tmp1, align 1
	call void @quux(ptr @global)			call void @quux(ptr @global)
	ret void			ret void
	}			}

	declare ptr @_Znwm(i64)			declare ptr @_Znwm(i64)

	declare void @llvm.assume(i1)			declare void @llvm.assume(i1)

	declare void @quux(ptr)			declare void @quux(ptr)

llvm/test/Transforms/PhaseOrdering/dse-ephemeral-value-captures.ll

	Show All 15 Lines

	then:			then:
	%res = call i1 @cond()			%res = call i1 @cond()
	ret i1 %res			ret i1 %res

	else:			else:
	ret i1 0			ret i1 0
	}			}

	; FIXME: At the moment, the function is incorrectly simplified to unreachable.
	define i32 @test() {			define i32 @test() {
				aeubanksUnsubmitted Done Reply Inline Actions remove comment aeubanks: remove comment
				fhahnAuthorUnsubmitted Done Reply Inline Actions Removed, thanks! fhahn: Removed, thanks!
	; CHECK-LABEL: define i32 @test() {
	; CHECK-NEXT: entry:
	; CHECK-NEXT: unreachable
	;
	entry:			entry:
	%a = alloca i32, align 4			%a = alloca i32, align 4
	call void @llvm.lifetime.start.p0(i64 4, ptr nonnull %a)			call void @llvm.lifetime.start.p0(i64 4, ptr nonnull %a)
	store i32 1, ptr %a, align 4			store i32 1, ptr %a, align 4
	%res = call i1 @check_cond(ptr %a)			%res = call i1 @check_cond(ptr %a)
	call void @llvm.lifetime.end.p0(i64 4, ptr nonnull %a)			call void @llvm.lifetime.end.p0(i64 4, ptr nonnull %a)
	call void @llvm.assume(i1 %res)			call void @llvm.assume(i1 %res)
	ret i32 0			ret i32 0
	}			}

	attributes #0 = { nounwind readonly willreturn }			attributes #0 = { nounwind readonly willreturn }