This is an archive of the discontinued LLVM Phabricator instance.

Differential D52002

Omit range checks from jump tables when lowering switches with unreachable default
ClosedPublic

Authored by ayonam on Sep 12 2018, 1:21 PM.

Details

Reviewers
bogner
hans
bkramer
Commits
rG2a0f2c5ef333: [CodeGen] Omit range checks from jump tables when lowering switches with…
rL355490: [CodeGen] Omit range checks from jump tables when lowering switches with…
rG6025fa8e3007: [CodeGen] Omit range checks from jump tables when lowering switches with…
rL355483: [CodeGen] Omit range checks from jump tables when lowering switches with…
Summary

During the lowering of a switch that would result in the generation of a jump table, a range check is performed before indexing into the jump table, for the switch value being outside the jump table range and a conditional branch is inserted to jump to the default block. In case the default block is unreachable, this conditional jump can be omitted. This patch implements omitting this conditional branch for unreachable defaults.

Diff Detail

Repository
rL LLVM

Event Timeline

ayonam created this revision.Sep 12 2018, 1:21 PM
Herald added a subscriber: llvm-commits. · View Herald TranscriptSep 12 2018, 1:21 PM
xbolva00 added a subscriber: xbolva00.Sep 12 2018, 1:31 PM
spatel edited reviewers, added: hans, bkramer; removed: spatel.Sep 12 2018, 2:59 PM

I don't know enough about switch lowering to review this, so adding some more potential reviewers.
But there are at least a couple of obvious changes needed before this can proceed:

  1. The patch must include tests that show the difference with this patch.
  2. The indentation and spacing are clearly off (use clang-format?), and variable naming doesn't conform with: http://llvm.org/docs/CodingStandards.html#name-types-functions-variables-and-enumerators-properly
spatel added a subscriber: spatel.Sep 12 2018, 3:00 PM
hans added a comment.Sep 13 2018, 1:39 AM

I don't think storing the MaxSwitchValue in the switch instructions itself is the right approach. Generally LLVM doesn't store analysis results in the instructions.

I also don't think the right way to do this is necessarily to change the jump table lowering itself, instead I'd suggest doing it at the IR level:

if we detect that the value range for the switch variable is small enough that adding a few more cases to the switch would cover the range completely, add those cases and mark the default bb unreachable. Then let the lowering code deal with exploiting the unreachable default bb. There is room for improvement there, see "FIXME: Exploit unreachable default more aggressively" in visitSwitch() but we should do that anyway.

What do you think?

ayonam added a comment.Sep 17 2018, 4:06 AM
In D52002#1232509, @spatel wrote:

I don't know enough about switch lowering to review this, so adding some more potential reviewers.
But there are at least a couple of obvious changes needed before this can proceed:

  1. The patch must include tests that show the difference with this patch.
  2. The indentation and spacing are clearly off (use clang-format?), and variable naming doesn't conform with: http://llvm.org/docs/CodingStandards.html#name-types-functions-variables-and-enumerators-properly

Thanks for the comments. I will take care of these issues when I resubmit the patch after the changes suggested by Hans.

ayonam added a comment.Sep 17 2018, 5:10 AM
In D52002#1232858, @hans wrote:

I don't think storing the MaxSwitchValue in the switch instructions itself is the right approach. Generally LLVM doesn't store analysis results in the instructions.

I also don't think the right way to do this is necessarily to change the jump table lowering itself, instead I'd suggest doing it at the IR level:

if we detect that the value range for the switch variable is small enough that adding a few more cases to the switch would cover the range completely, add those cases and mark the default bb unreachable. Then let the lowering code deal with exploiting the unreachable default bb. There is room for improvement there, see "FIXME: Exploit unreachable default more aggressively" in visitSwitch() but we should do that anyway.

What do you think?

Thanks for your comments Hans.

I will move the storing of the MaxSwitchValue to the metadata of the instruction. I think that is the right place to store these things.

However, I beg to differ on the second point. If we do the changes in the IR by adding the requisite case statements, it will definitely generate the switch table that we expect to generate. However, when we mark the default branch as unreachable, the lowering code will redirect the unreachable default to the most popular switch block. And that would mean that the conditional branch for the default case would still be generated. Unless we have a way to completely snuff out the default case, which I believe is difficult since there are other parts of the lowering code that have a dependency on the handling of the default case, I do not see how we can do away with the conditional branch for the default case. Did I miss something there?

Also, when you point to the FIXME in the visitSwitch() do you mean that we can completely do away with an unreachable default case? I feel theoretically we should be able to. If there is an unreachable default, then we should be able to jump to the end of the switch block. But even that would mean a conditional jump to the end of the switch block that would handle the default case.

I feel that the only way we can handle this is during lowering. That decision about whether to completely skip the branch for the default case is only possible at that level. Even if we do the creation of the expanded jump table by adding new case statements to the IR, this one thing probably has to be done at the time of lowering only. Would you have other suggestions to handle this aspect?

hans added a comment.Sep 17 2018, 5:31 AM
In D52002#1236722, @ayonam wrote:

I will move the storing of the MaxSwitchValue to the metadata of the instruction. I think that is the right place to store these things.

If we expand the switch at the IR Level, the pass that does the transformation could just depend on whatever Analysis pass is necessary to determine the value range, and we wouldn't have to store it anywhere.

However, I beg to differ on the second point. If we do the changes in the IR by adding the requisite case statements, it will definitely generate the switch table that we expect to generate. However, when we mark the default branch as unreachable, the lowering code will redirect the unreachable default to the most popular switch block. And that would mean that the conditional branch for the default case would still be generated.

Right, we would have to address the FIXME first as discussed below.

Also, when you point to the FIXME in the visitSwitch() do you mean that we can completely do away with an unreachable default case? I feel theoretically we should be able to. If there is an unreachable default, then we should be able to jump to the end of the switch block. But even that would mean a conditional jump to the end of the switch block that would handle the default case.

No, the idea would be that if the default is unreachable, we can just omit the range check from the jump table completely.

SwitchToLookupTable in the SimplifyCFG pass already does the equivalent transformation: for switches used to select between constant values, it generates lookup tables, and if the default is unreachable it will omit the range check for the table completely.

I feel that the only way we can handle this is during lowering. That decision about whether to completely skip the branch for the default case is only possible at that level. Even if we do the creation of the expanded jump table by adding new case statements to the IR, this one thing probably has to be done at the time of lowering only. Would you have other suggestions to handle this aspect?

My suggestion is that the decision about whether to skip the branch for the default case should be driven by what the IR looks like: if the default basic block is unreachable, the branch can be skipped. I think this would be a clean design.

ayonam added a comment.Sep 18 2018, 2:01 AM
In D52002#1236729, @hans wrote:
In D52002#1236722, @ayonam wrote:

I will move the storing of the MaxSwitchValue to the metadata of the instruction. I think that is the right place to store these things.

If we expand the switch at the IR Level, the pass that does the transformation could just depend on whatever Analysis pass is necessary to determine the value range, and we wouldn't have to store it anywhere.

However, I beg to differ on the second point. If we do the changes in the IR by adding the requisite case statements, it will definitely generate the switch table that we expect to generate. However, when we mark the default branch as unreachable, the lowering code will redirect the unreachable default to the most popular switch block. And that would mean that the conditional branch for the default case would still be generated.

Right, we would have to address the FIXME first as discussed below.

Also, when you point to the FIXME in the visitSwitch() do you mean that we can completely do away with an unreachable default case? I feel theoretically we should be able to. If there is an unreachable default, then we should be able to jump to the end of the switch block. But even that would mean a conditional jump to the end of the switch block that would handle the default case.

No, the idea would be that if the default is unreachable, we can just omit the range check from the jump table completely.

SwitchToLookupTable in the SimplifyCFG pass already does the equivalent transformation: for switches used to select between constant values, it generates lookup tables, and if the default is unreachable it will omit the range check for the table completely.

I feel that the only way we can handle this is during lowering. That decision about whether to completely skip the branch for the default case is only possible at that level. Even if we do the creation of the expanded jump table by adding new case statements to the IR, this one thing probably has to be done at the time of lowering only. Would you have other suggestions to handle this aspect?

My suggestion is that the decision about whether to skip the branch for the default case should be driven by what the IR looks like: if the default basic block is unreachable, the branch can be skipped. I think this would be a clean design.

Thanks Hans for the detailed explanation. I was about to go ahead and implement your suggestion but I noticed one problem here.

If the default basic block is unreachable and we completely omit the conditional branch in all such cases, then if the switch value at runtime turns out to be not one of the cases given in the switch block, the execution would reach the vectored branch to the jump table which would fail to reach anywhere. So we need to omit the conditional branch only in such cases of the unreachable default block where the switch value is known to have a specific range of values. That means that we still need to carry that information till the lowering phase as my current implementation is doing right now. How we do that is the question.

hans added a comment.Sep 18 2018, 2:20 AM
In D52002#1237955, @ayonam wrote:

If the default basic block is unreachable and we completely omit the conditional branch in all such cases, then if the switch value at runtime turns out to be not one of the cases given in the switch block, the execution would reach the vectored branch to the jump table which would fail to reach anywhere.

If the default basic block is unreachable, that implies that one of the other cases must always be taken. Otherwise, the default wouldn't be unreachable after all.

For example:

int func(int x) {
    switch (x) {
    case 0: return f();
    case 1: return g();
    case 2: return h();
    case 3: return f();
    case 4: return h();
    }
}

The default is unreachable here because it would "fall off" the end of the function without returning, which is undefined behaviour. So the switch lowering should be able to remove the range check for the jump table.

ayonam added a comment.EditedSep 18 2018, 2:40 AM
In D52002#1237991, @hans wrote:

If the default basic block is unreachable, that implies that one of the other cases must always be taken. Otherwise, the default wouldn't be unreachable after all.

For example:

int func(int x) {
    switch (x) {
    case 0: return f();
    case 1: return g();
    case 2: return h();
    case 3: return f();
    case 4: return h();
    }
}

The default is unreachable here because it would "fall off" the end of the function without returning, which is undefined behaviour. So the switch lowering should be able to remove the range check for the jump table.

In the case above, if there were to be more statements beyond the switch block, isn't the control supposed to reach the end of the switch block and continue with the rest of the statements if the value of x doesn't match any of the cases?

Actually, I think, the behaviour in such cases is undefined, isn't it? And that's what is being exploited when the lowering is redirecting the unreachable default to the most popular destination. Another approach could have been to direct it to the end of the switch block.

ayonam added a comment.Sep 18 2018, 2:52 AM
In D52002#1237991, @hans wrote:

The default is unreachable here because it would "fall off" the end of the function without returning, which is undefined behaviour. So the switch lowering should be able to remove the range check for the jump table.

On second thoughts, I realize that the default may not be unreachable in the case that I mentioned since the block beyond the switch block would then be treated as the default. Am I right?

hans added a comment.Sep 18 2018, 3:00 AM
In D52002#1238026, @ayonam wrote:
In D52002#1237991, @hans wrote:

The default is unreachable here because it would "fall off" the end of the function without returning, which is undefined behaviour. So the switch lowering should be able to remove the range check for the jump table.

On second thoughts, I realize that the default may not be unreachable in the case that I mentioned since the block beyond the switch block would then be treated as the default. Am I right?

Yes, if there are statements after the block, that would be treated as the default and it would not be unreachable.

ayonam added a comment.Sep 18 2018, 3:12 AM
In D52002#1238032, @hans wrote:
In D52002#1238026, @ayonam wrote:
In D52002#1237991, @hans wrote:

The default is unreachable here because it would "fall off" the end of the function without returning, which is undefined behaviour. So the switch lowering should be able to remove the range check for the jump table.

On second thoughts, I realize that the default may not be unreachable in the case that I mentioned since the block beyond the switch block would then be treated as the default. Am I right?

Yes, if there are statements after the block, that would be treated as the default and it would not be unreachable.

Thanks Hans for the clarification. I will go ahead and implement your suggestion. Once done, I will re-post the patch for review.

hans added a comment.Sep 18 2018, 4:14 AM

Thanks Hans for the clarification. I will go ahead and implement your suggestion. Once done, I will re-post the patch for review.

Sounds great.

It probably makes sense to do separate patches for removing bounds check for unreachable default, and for adding the extra cases when the set of possible switch values is small.

ayonam updated this revision to Diff 167495.Sep 28 2018, 9:21 AM

In this update I have broken down the original patch into two parts and this is the first part, which handles the unreachable default. This part omits the generation of the conditional branch for checking the switch expression against the maximum value of the switch cases and jumping to the default block, if the default is unreachable.

It also removes the implementation that was redirecting the unreachable default to the most popular destination.

The next patch will handle the remaining part of the original patch which is to add a case statement for each known default value and direct it to the default block.

ayonam mentioned this in D52707: Switch optimization in IR for known maximum switch values.Sep 30 2018, 11:26 PM
ayonam added a comment.Oct 10 2018, 4:33 AM

A gentle reminder to the reviewers for comments on this revised patch.

ayonam added a comment.Oct 10 2018, 4:36 AM

@hans

I have broken down the patch into two parts and this updated one is the first one. The second patch is under review ID D52707.

lebedev.ri added a subscriber: lebedev.ri.Oct 10 2018, 4:39 AM

No tests?

hans added a comment.Oct 10 2018, 7:08 AM

Sorry for the slow response.

This is looking promising. I have a few comments, and also this needs a good test.

lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp
2157 ↗(On Diff #167495)

Nit: I would call it OmitRangeCheck instead. And maybe this flag could be part of the JumpTableHeader instead, so we don't need to pass it around here?

9958 ↗(On Diff #167495)

Instead of checking for unreachable default here, I think we should check for it earlier, already when the WorkItems are created probably.

ayonam added a comment.Oct 10 2018, 8:38 AM
In D52002#1260409, @hans wrote:

Sorry for the slow response.

This is looking promising. I have a few comments, and also this needs a good test.

Never mind. I appreciate the effort on your part.

Should I be adding a test to the "test" directory or the "unittests" directory? Or is there somewhere else that I should add the test to?

lebedev.ri added a comment.Oct 10 2018, 8:41 AM
In D52002#1260549, @ayonam wrote:
In D52002#1260409, @hans wrote:

Sorry for the slow response.

This is looking promising. I have a few comments, and also this needs a good test.

Should I be adding a test to the "test" directory or the "unittests" directory? Or is there somewhere else that I should add the test to?

test/CodeGen/X86/ e.g.; or some other arch.
*Ideally* please do use llvm/utils/update_llc_test_checks.py, and put the original tests
(i.e. without this patch) in a separate review, so this review shows how the tests *change*.
Obviously $ ninja check-llvm-codegen should pass.

ayonam updated this revision to Diff 169059.Oct 10 2018, 11:15 AM

@hans

I have made the changes that you mentioned.

I still need to add the test. I will do so once I have got the code right. In the meantime, could you please check if this looks fine for a checkin?

hans added a comment.Oct 11 2018, 7:06 AM

This is looking pretty good, so I'd suggest start writing tests. For testing, take a look at test/CodeGen/X86/switch.ll

I think we could also exploit unreachable default for the other lowering strategies (bit-tests, straight comparisons and binary search tree), but that can be done in later patches.

lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp
9452 ↗(On Diff #169059)

There seems to be an extra space between "Default" and "&&". Also, why do we need the SI->getNumCases() check?

efriedma added a subscriber: efriedma.Oct 11 2018, 2:08 PM

Anyone have any thoughts about potential security implications for this? Normally, I wouldn't really care about assuming code never has undefined behavior, but an indirect jump to an arbitrary address is much easier to exploit than other sorts of undefined behavior.

hans added a comment.Oct 23 2018, 5:11 AM
In D52002#1262645, @efriedma wrote:

Anyone have any thoughts about potential security implications for this? Normally, I wouldn't really care about assuming code never has undefined behavior, but an indirect jump to an arbitrary address is much easier to exploit than other sorts of undefined behavior.

It's an interesting question. An indirect jump like this does seem like a pretty powerful gadget.

On the other hand, if we really know that the default is unreachable, it should be safe, such as when the switch cases cover all possible inputs.

The scary case is really when default is unreachable because of UB, the typical case being a function ending without returning a value. But Clang is pretty good about warning about that, so I'm not too concerned.

ayonam updated this revision to Diff 178398.Dec 16 2018, 8:19 AM

@hans

The earlier code had a problem in that if we converted every switch that had an unreachable default, to omit the check for the default values beyond the maximum switch case value given in the code, then there were some corner cases where the code generated was semantically incorrect and resulted in runtime failures. These failures are happening while compiling LLVM code itself.

So I have added a boolean in the SwitchInst class to mark switches that have been widened, so that we omit the branch only for those switches. I need to explore the reasons for the behaviour that was observed when we were blindly removing the branch for all switches that had an unreachable default and will post a fix in a later patch.

Please review this and the other two patches 52707 and another one with the test case for this patch.

ayonam mentioned this in D55742: Test case for patches D52002 and D52707.Dec 16 2018, 8:26 AM
hans added a comment.Dec 18 2018, 2:53 AM
In D52002#1332378, @ayonam wrote:

@hans

The earlier code had a problem in that if we converted every switch that had an unreachable default, to omit the check for the default values beyond the maximum switch case value given in the code, then there were some corner cases where the code generated was semantically incorrect and resulted in runtime failures. These failures are happening while compiling LLVM code itself.

We need to figure out what those failures were. If the unreachable default was indeed reachable, that's a big problem.

So I have added a boolean in the SwitchInst class to mark switches that have been widened, so that we omit the branch only for those switches.

LLVM doesn't put this kind of optimization metadata in the IR. The right thing to do is to figure out why removing the branch for unreachable default didn't work, and fix it.

If you can provide more details about what didn't work, maybe I can help investigate. (Though I'm about to go on holiday soon, so probably not until January.)

ayonam added a comment.EditedDec 18 2018, 6:11 AM
In D52002#1334222, @hans wrote:

If you can provide more details about what didn't work, maybe I can help investigate. (Though I'm about to go on holiday soon, so probably not until January.)

There are three files that when compiled with this patch, generate wrong code, viz., AArch64LoadStoreOptimizer.cpp, AArch64InstrInfo.cpp and AArch64ConditionalCompares.cpp. Out of these we tried to isolate the problem with the last one. I figured out that if the functions SSACCmpConv::findConvertibleCompare() and SSACCmpConv::convert() are compiled without this patch, the code works fine. So the problem surfaces with these two routines only. There are a few switch cases in those two routines but I couldn't see anything exceptional with those except for a call to builtin_unreachable() in the default case for two of the switches and a [[clang::fallthrough]] in another. In all these three cases, I was unable to figure out how they could possibly break our assumptions. Does the builtin_unreachable() have any special semantic that we are not handling?

hans added a comment.Dec 18 2018, 7:20 AM
In D52002#1334371, @ayonam wrote:
In D52002#1334222, @hans wrote:

If you can provide more details about what didn't work, maybe I can help investigate. (Though I'm about to go on holiday soon, so probably not until January.)

There are three files that when compiled with this patch, generate wrong code, viz., AArch64LoadStoreOptimizer.cpp, AArch64InstrInfo.cpp and AArch64ConditionalCompares.cpp. Out of these we tried to isolate the problem with the last one. I figured out that if the functions SSACCmpConv::findConvertibleCompare() and SSACCmpConv::convert() are compiled without this patch, the code works fine. So the problem surfaces with these two routines only. There are a few switch cases in those two routines but I couldn't see anything exceptional with those except for a call to builtin_unreachable() in the default case for two of the switches and a [[clang::fallthrough]] in another. In all these three cases, I was unable to figure out how they could possibly break our assumptions. Does the builtin_unreachable() have any special semantic that we are not handling?

Does the error show with the regular lit tests, or do you have some internal test that fails?

My first guess would be that one of the "unreachable" defaults aren't actually unreachable for some input. But then they should trap in an asserts-enabled build..

ayonam added a comment.Dec 18 2018, 7:20 AM

@hans
Is there a way to attach a pre-processed file to this review without affecting the files that are being reviewed?

efriedma added a comment.Dec 18 2018, 11:48 AM

Phabricator has an "upload file" function... or you can just send an email with an attachment to llvm-commits.

ayonam added a comment.Dec 18 2018, 7:34 PM
In D52002#1335045, @efriedma wrote:

Phabricator has an "upload file" function... or you can just send an email with an attachment to llvm-commits.

Thanks for the info.

ayonam added a comment.Dec 18 2018, 7:49 PM
In D52002#1334543, @hans wrote:
In D52002#1334371, @ayonam wrote:
In D52002#1334222, @hans wrote:

If you can provide more details about what didn't work, maybe I can help investigate. (Though I'm about to go on holiday soon, so probably not until January.)

There are three files that when compiled with this patch, generate wrong code, viz., AArch64LoadStoreOptimizer.cpp, AArch64InstrInfo.cpp and AArch64ConditionalCompares.cpp. Out of these we tried to isolate the problem with the last one. I figured out that if the functions SSACCmpConv::findConvertibleCompare() and SSACCmpConv::convert() are compiled without this patch, the code works fine. So the problem surfaces with these two routines only. There are a few switch cases in those two routines but I couldn't see anything exceptional with those except for a call to builtin_unreachable() in the default case for two of the switches and a [[clang::fallthrough]] in another. In all these three cases, I was unable to figure out how they could possibly break our assumptions. Does the builtin_unreachable() have any special semantic that we are not handling?

Does the error show with the regular lit tests, or do you have some internal test that fails?

My first guess would be that one of the "unreachable" defaults aren't actually unreachable for some input. But then they should trap in an asserts-enabled build..

No, this shows up in an internal test. I figured out that the code actually has calls to llvm_unreachable() with an error message, which in a non-debug build, calls builtin_unreachable(). In a debug build, it would have printed a message. I'm not sure how to deal with this. Do you think it is safe to assume that such a behaviour is expected and the test must fail because the inputs are not properly handled or do you think we should handle the unreachable defaults with caution (read conservatively)? I read up some of the articles on the net on the builtin_unreachable() behaviour. They mention that the program should exit, albeit with an error. However, with our way of handling the unreachable defaults, the program crashes with a segmentation fault.

My take is that we should have a way to mark such unreachable defaults that are caused by a call to builtin_unreachable() and not omit the branch in those cases and allow the system dependent implementation of unreachable_default() to handle the manner in which, the program must exit.

hans added a comment.Dec 19 2018, 4:12 AM

There are three files that when compiled with this patch, generate wrong code, viz., AArch64LoadStoreOptimizer.cpp, AArch64InstrInfo.cpp and AArch64ConditionalCompares.cpp. Out of these we tried to isolate the problem with the last one. I figured out that if the functions SSACCmpConv::findConvertibleCompare() and SSACCmpConv::convert() are compiled without this patch, the code works fine. So the problem surfaces with these two routines only. There are a few switch cases in those two routines but I couldn't see anything exceptional with those except for a call to builtin_unreachable() in the default case for two of the switches and a [[clang::fallthrough]] in another. In all these three cases, I was unable to figure out how they could possibly break our assumptions. Does the builtin_unreachable() have any special semantic that we are not handling?

Does the error show with the regular lit tests, or do you have some internal test that fails?

My first guess would be that one of the "unreachable" defaults aren't actually unreachable for some input. But then they should trap in an asserts-enabled build..

No, this shows up in an internal test. I figured out that the code actually has calls to llvm_unreachable() with an error message, which in a non-debug build, calls __builtin_unreachable(). In a debug build, it would have printed a message.

Sounds like that's the bug that needs to be fixed, then.

I'm not sure how to deal with this. Do you think it is safe to assume that such a behaviour is expected and the test must fail because the inputs are not properly handled or do you think we should handle the unreachable defaults with caution (read conservatively)? I read up some of the articles on the net on the __builtin_unreachable() behaviour. They mention that the program should exit, albeit with an error. However, with our way of handling the unreachable defaults, the program crashes with a segmentation fault.

I'm not sure what articles you read, but the documented behaviour for __builtin_unreachable() is that if it's reached, the program has undefined behaviour, the point being that the compiler may assume it's really unreachable.

My take is that we should have a way to mark such unreachable defaults that are caused by a call to builtin_unreachable() and not omit the branch in those cases and allow the system dependent implementation of unreachable_default() to handle the manner in which, the program must exit.

No, unreachable means unreachable and the compiler should treat it as such. There's nothing that says the program needs to exit, either with a segfault or anything else, when hitting __builtin_unreachable().

ayonam added a comment.Dec 19 2018, 4:19 AM
In D52002#1336134, @hans wrote:

No, unreachable means unreachable and the compiler should treat it as such. There's nothing that says the program needs to exit, either with a segfault or anything else, when hitting __builtin_unreachable().

That settles the matter. Thanks. I will go ahead and modify the patch without the "Widened" field in the IR and post it in a few hours again. If everything else is fine, I would like to upstream it this week before you go on vacation.

hans added a comment.Dec 19 2018, 4:29 AM
In D52002#1336135, @ayonam wrote:
In D52002#1336134, @hans wrote:

No, unreachable means unreachable and the compiler should treat it as such. There's nothing that says the program needs to exit, either with a segfault or anything else, when hitting __builtin_unreachable().

That settles the matter. Thanks. I will go ahead and modify the patch without the "Widened" field in the IR and post it in a few hours again. If everything else is fine, I would like to upstream it this week before you go on vacation.

Sounds good.

And please include a test.

The one in D55742 doesn't really show the change we're discussing here, i.e. how unreachable defaults affect switch lowering.

ayonam added a comment.Dec 19 2018, 4:37 AM
In D52002#1336137, @hans wrote:

Sounds good.

And please include a test.

The one in D55742 doesn't really show the change we're discussing here, i.e. how unreachable defaults affect switch lowering.

The one in D55742 actually targets the patch D52707. I will write one more for this one. Let me see what would make a good test for this. Thanks again for your time.

ayonam updated this revision to Diff 178953.Dec 19 2018, 1:35 PM

Reversed the recording of the switch widening in the IR. Now we solely rely on the default being made unreachable.

ayonam mentioned this in D55901: Test case for patch D52002.Dec 19 2018, 1:39 PM
hans added a comment.Dec 20 2018, 2:18 AM

The code itself looks good.

Please update the change description to something like "Omit range checks from jump tables when lowering switches with unreachable default", and please move the test into this patch.

ayonam retitled this revision from Switch optimization for known maximum switch values to Omit range checks from jump tables when lowering switches with unreachable default.Dec 20 2018, 3:46 AM
xbolva00 added inline comments.Dec 20 2018, 5:23 AM
lib/CodeGen/SelectionDAG/SelectionDAGBuilder.h
286 ↗(On Diff #178953)

Maybe ORC instead of O?

O is very similar to 0.

ayonam updated this revision to Diff 179143.Dec 20 2018, 1:32 PM

Updated the patch with test case. Incorporated comments by other reviewers. Simplified the test case.

Herald added a subscriber: javed.absar. · View Herald TranscriptDec 20 2018, 1:32 PM
ayonam marked 2 inline comments as done.Dec 20 2018, 1:34 PM
ayonam added inline comments.
lib/CodeGen/SelectionDAG/SelectionDAGBuilder.h
286 ↗(On Diff #178953)

Done.

hans added a comment.Dec 21 2018, 2:27 AM

Thanks! Almost there.

lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp
9475 ↗(On Diff #179143)

nit: The indent is deeper than what LLVM code normally uses. I think it should be

bool UnreachableDefault = 
    isa<UnreachableInst>(SI->getDefaultDest()->getFirstNonPHIOrDbg());
9452 ↗(On Diff #169059)

This comment was never addressed.

test/CodeGen/AArch64/switch-unreachable-default.ll
53 ↗(On Diff #179143)

nit: you could drop the "; preds" comment too.

ayonam updated this revision to Diff 179258.Dec 21 2018, 3:34 AM
ayonam marked an inline comment as done.

Resubmitting the patch with the corrections suggested earlier.

@hans

Sorry I missed that comment. I don't think we need that check (SI->getNumCases() > 0). There was some particular case that probably prompted me to add that check. But on second thoughts, that check is not required.

I have also corrected the other minor issues suggested by you. Resubmitting the patch.

hans accepted this revision.Dec 21 2018, 5:48 AM

Looks good to me. Do you have commit rights, or do you need someone to commit it for you?

(The change description is still a little out of date, but that can be fixed when committing, if not before.)

This revision is now accepted and ready to land.Dec 21 2018, 5:48 AM
ayonam edited the summary of this revision. (Show Details)Dec 21 2018, 6:27 AM
ayonam added a comment.Dec 21 2018, 6:41 AM
In D52002#1339026, @hans wrote:

Looks good to me. Do you have commit rights, or do you need someone to commit it for you?

(The change description is still a little out of date, but that can be fixed when committing, if not before.)

Thanks Hans for all your efforts. I have updated the description. Feel free to edit it if you think it can be made more concise.

I have never committed before. So I do not have commit rights. It would be great if you could kindly commit the patch for me.

Also, could you please review the patch D52707 for a commit? I have made the changes you mentioned before.

ayonam mentioned this in rL350186: Omit range checks from jump tables when lowering switches with unreachable.Dec 31 2018, 10:42 PM
ayonam updated this revision to Diff 180900.Jan 9 2019, 12:22 PM

There were two tests that were failing when I tried to commit. This version fixes one of the tests and for the other test a fix in the original patch is provided.

Kindly review the same and approve.

ayonam added a comment.Jan 9 2019, 12:24 PM

The fix in the code is at line 2204 of lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp

And the fix in the test case is in the file test/CodeGen/X86/switch-jump-table.ll

ayonam updated this revision to Diff 181000.Jan 9 2019, 11:25 PM

The patch failed another test because the branch to the unreachable default was omitted. The test cases have been modified. The affected tests are test/CodeGen/X86/pr38743.ll and test/CodeGen/X86/switch-jump-table.ll

ayonam requested review of this revision.Jan 11 2019, 8:33 PM

ping

@hans

This needs another review and acceptance since a small change was made to the original implementation and two tests had to be changed.

hans added a comment.Jan 14 2019, 7:40 AM

Sorry for the long delay. I'm back from vacation now, and I'll commit this tomorrow morning unless anyone else objects.

test/CodeGen/X86/switch-jump-table.ll
5 ↗(On Diff #181000)

This comment describes the old behavior. After your patch, we don't do the "replace with most popular case label" thing anymore, but just omit the range check, so please update the comment.

ayonam updated this revision to Diff 181722.Jan 14 2019, 9:56 PM

Updated the comment in the test case to reflect the changes made.

ayonam marked an inline comment as done.Jan 14 2019, 9:58 PM
ayonam added a comment.Jan 14 2019, 10:00 PM
In D52002#1356168, @hans wrote:

Sorry for the long delay. I'm back from vacation now, and I'll commit this tomorrow morning unless anyone else objects.

Never mind. I was not aware that you are on vacation till the 15th. Hence was pinging so frequently. Sorry.

I have updated the comment in the test case. If everything is fine, then I can go ahead and commit this change.

I now have commit access. Just waiting for your go ahead.

ayonam marked 6 inline comments as done.Jan 14 2019, 10:03 PM
lattner resigned from this revision.Jan 14 2019, 10:13 PM
hans accepted this revision.Jan 15 2019, 1:21 AM
In D52002#1357413, @ayonam wrote:

I now have commit access. Just waiting for your go ahead.

Great. Please go ahead and commit.

This revision is now accepted and ready to land.Jan 15 2019, 1:21 AM
ayonam updated this revision to Diff 182036.Jan 16 2019, 6:51 AM
ayonam removed a reviewer: lattner.

ayonam updated this revision to Diff 181000.Thu, Jan 10, 12:55
Comment Actions

The patch failed another test because the branch to the unreachable default was omitted. The test cases have been modified. The >>affected tests are test/CodeGen/X86/pr38743.ll and test/CodeGen/X86/switch-jump-table.ll

I have no clue how the file test/CodeGen/X86/pr38743.ll got left out when I updated the revision on Jan 10. I am updating this revision with that file added.

@hans
My sincere apologies for this rework. The only changes are in test/CodeGen/X86/pr38743.ll. Could you please quickly check if things are fine with that file and accept this patch?

Thanks and regards
Ayonam

hans accepted this revision.Jan 16 2019, 11:41 PM
In D52002#1359790, @ayonam wrote:

ayonam updated this revision to Diff 181000.Thu, Jan 10, 12:55
Comment Actions

The patch failed another test because the branch to the unreachable default was omitted. The test cases have been modified. The >>affected tests are test/CodeGen/X86/pr38743.ll and test/CodeGen/X86/switch-jump-table.ll

I have no clue how the file test/CodeGen/X86/pr38743.ll got left out when I updated the revision on Jan 10. I am updating this revision with that file added.

@hans
My sincere apologies for this rework. The only changes are in test/CodeGen/X86/pr38743.ll. Could you please quickly check if things are fine with that file and accept this patch?

No problem, I think I saw that change before. This still looks good.

ayonam mentioned this in rL352484: [CodeGen] Omit range checks from jump tables when lowering switches with….Jan 29 2019, 4:02 AM
riccibruno added a subscriber: riccibruno.Jan 29 2019, 6:31 AM

Various tests are failing on the bots (http://lab.llvm.org:8011/one_line_per_build). For example: http://lab.llvm.org:8011/builders/clang-atom-d525-fedora-rel/builds/20256

ayonam added a comment.Jan 29 2019, 6:55 AM
In D52002#1375368, @riccibruno wrote:

Various tests are failing on the bots (http://lab.llvm.org:8011/one_line_per_build). For example: http://lab.llvm.org:8011/builders/clang-atom-d525-fedora-rel/builds/20256

I will revert the checkin, fix the tests and recheckin.

hans added a comment.Jan 29 2019, 7:02 AM
In D52002#1375393, @ayonam wrote:
In D52002#1375368, @riccibruno wrote:

Various tests are failing on the bots (http://lab.llvm.org:8011/one_line_per_build). For example: http://lab.llvm.org:8011/builders/clang-atom-d525-fedora-rel/builds/20256

I will revert the checkin, fix the tests and recheckin.

Also please reference the review in the commit message when committing next time, by including this line: "Differential revision: https://reviews.llvm.org/D52002". That way the code review gets an update about the commit.

ayonam added a comment.Jan 29 2019, 7:06 AM
In D52002#1375411, @hans wrote:
In D52002#1375393, @ayonam wrote:
In D52002#1375368, @riccibruno wrote:

Various tests are failing on the bots (http://lab.llvm.org:8011/one_line_per_build). For example: http://lab.llvm.org:8011/builders/clang-atom-d525-fedora-rel/builds/20256

I will revert the checkin, fix the tests and recheckin.

Also please reference the review in the commit message when committing next time, by including this line: "Differential revision: https://reviews.llvm.org/D52002". That way the code review gets an update about the commit.

Thanks. I added the line "Review ID: D52002". Missed the "Differential revision" part. Will take care from the next time.

riccibruno added a comment.Jan 29 2019, 7:09 AM

Thanks! In general I suggest watching the bots carefully, and aggressively revert to green if something goes wrong.

ayonam added a comment.Jan 29 2019, 7:12 AM
In D52002#1375416, @riccibruno wrote:

Thanks! In general I suggest watching the bots carefully, and aggressively revert to green if something goes wrong.

Thanks. Actually this is my first checkin to any community software. Learning the ropes. Hope not to repeat in future.

riccibruno added a comment.Jan 29 2019, 7:18 AM
In D52002#1375417, @ayonam wrote:
In D52002#1375416, @riccibruno wrote:

Thanks! In general I suggest watching the bots carefully, and aggressively revert to green if something goes wrong.

Thanks. Actually this is my first checkin to any community software. Learning the ropes. Hope not to repeat in future.

Don't worry to much about it. Its just that once a bot is red it will not send additional notifications for new failures, which increase the chance that failures start adding up. I personally also do an asan+assert and a msan+assert build before pushing something, but its up to you if you want to do this (there are sanitizer bots which will catch it otherwise).

Closed by commit rL355483: [CodeGen] Omit range checks from jump tables when lowering switches with… (authored by ayonam). · Explain WhyMar 5 2019, 11:27 PM
This revision was automatically updated to reflect the committed changes.
Herald added a project: Restricted Project. · View Herald TranscriptMar 5 2019, 11:27 PM
Herald added a subscriber: jdoerfert. · View Herald Transcript

Revision Contents

PathSize
llvm/
trunk/
lib/
CodeGen/
SelectionDAG/
5 lines
80 lines
test/
CodeGen/
AArch64/
62 lines
X86/
72 lines
8 lines

Diff 189448

llvm/trunk/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.h

Show First 20 LinesShow All 271 Lines▼ Show 20 Lines JumpTable(unsigned R, unsigned J, MachineBasicBlock *M,
MachineBasicBlock *D): Reg(R), JTI(J), MBB(M), Default(D) {} MachineBasicBlock *D): Reg(R), JTI(J), MBB(M), Default(D) {}
}; };
struct JumpTableHeader { struct JumpTableHeader {
APInt First; APInt First;
APInt Last; APInt Last;
const Value *SValue; const Value *SValue;
MachineBasicBlock *HeaderBB; MachineBasicBlock *HeaderBB;
bool Emitted; bool Emitted;
bool OmitRangeCheck;
JumpTableHeader(APInt F, APInt L, const Value *SV, MachineBasicBlock *H, JumpTableHeader(APInt F, APInt L, const Value *SV, MachineBasicBlock *H,
bool E = false) bool E = false, bool ORC = false)
: First(std::move(F)), Last(std::move(L)), SValue(SV), HeaderBB(H), : First(std::move(F)), Last(std::move(L)), SValue(SV), HeaderBB(H),
Emitted(E) {} Emitted(E), OmitRangeCheck(ORC) {}
}; };
using JumpTableBlock = std::pair<JumpTableHeader, JumpTable>; using JumpTableBlock = std::pair<JumpTableHeader, JumpTable>;
struct BitTestCase { struct BitTestCase {
uint64_t Mask; uint64_t Mask;
MachineBasicBlock *ThisBB; MachineBasicBlock *ThisBB;
MachineBasicBlock *TargetBB; MachineBasicBlock *TargetBB;
BranchProbability ExtraProb; BranchProbability ExtraProb;
▲ Show 20 LinesShow All 796 LinesShow Last 20 Lines

llvm/trunk/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 2,382 Lines▼ Show 20 Linesvoid SelectionDAGBuilder::visitJumpTableHeader(JumpTable &JT,
SwitchOp = DAG.getZExtOrTrunc(Sub, dl, TLI.getPointerTy(DAG.getDataLayout())); SwitchOp = DAG.getZExtOrTrunc(Sub, dl, TLI.getPointerTy(DAG.getDataLayout()));
unsigned JumpTableReg = unsigned JumpTableReg =
FuncInfo.CreateReg(TLI.getPointerTy(DAG.getDataLayout())); FuncInfo.CreateReg(TLI.getPointerTy(DAG.getDataLayout()));
SDValue CopyTo = DAG.getCopyToReg(getControlRoot(), dl, SDValue CopyTo = DAG.getCopyToReg(getControlRoot(), dl,
JumpTableReg, SwitchOp); JumpTableReg, SwitchOp);
JT.Reg = JumpTableReg; JT.Reg = JumpTableReg;
if (!JTH.OmitRangeCheck) {
// Emit the range check for the jump table, and branch to the default block // Emit the range check for the jump table, and branch to the default block
// for the switch statement if the value being switched on exceeds the largest // for the switch statement if the value being switched on exceeds the
// case in the switch. // largest case in the switch.
SDValue CMP = DAG.getSetCC( SDValue CMP = DAG.getSetCC(
dl, TLI.getSetCCResultType(DAG.getDataLayout(), *DAG.getContext(), dl, TLI.getSetCCResultType(DAG.getDataLayout(), *DAG.getContext(),
Sub.getValueType()), Sub.getValueType()),
Sub, DAG.getConstant(JTH.Last - JTH.First, dl, VT), ISD::SETUGT); Sub, DAG.getConstant(JTH.Last - JTH.First, dl, VT), ISD::SETUGT);
SDValue BrCond = DAG.getNode(ISD::BRCOND, dl, SDValue BrCond = DAG.getNode(ISD::BRCOND, dl,
MVT::Other, CopyTo, CMP, MVT::Other, CopyTo, CMP,
DAG.getBasicBlock(JT.Default)); DAG.getBasicBlock(JT.Default));
// Avoid emitting unnecessary branches to the next block. // Avoid emitting unnecessary branches to the next block.
if (JT.MBB != NextBlock(SwitchBB)) if (JT.MBB != NextBlock(SwitchBB))
BrCond = DAG.getNode(ISD::BR, dl, MVT::Other, BrCond, BrCond = DAG.getNode(ISD::BR, dl, MVT::Other, BrCond,
DAG.getBasicBlock(JT.MBB)); DAG.getBasicBlock(JT.MBB));
DAG.setRoot(BrCond); DAG.setRoot(BrCond);
} else {
SDValue BrCond = DAG.getNode(ISD::BR, dl, MVT::Other, CopyTo,
DAG.getBasicBlock(JT.MBB));
DAG.setRoot(BrCond);
SwitchBB->removeSuccessor(JT.Default, true);
}
} }
/// Create a LOAD_STACK_GUARD node, and let it carry the target specific global /// Create a LOAD_STACK_GUARD node, and let it carry the target specific global
/// variable if there exists one. /// variable if there exists one.
static SDValue getLoadStackGuard(SelectionDAG &DAG, const SDLoc &DL, static SDValue getLoadStackGuard(SelectionDAG &DAG, const SDLoc &DL,
SDValue &Chain) { SDValue &Chain) {
const TargetLowering &TLI = DAG.getTargetLoweringInfo(); const TargetLowering &TLI = DAG.getTargetLoweringInfo();
EVT PtrTy = TLI.getPointerTy(DAG.getDataLayout()); EVT PtrTy = TLI.getPointerTy(DAG.getDataLayout());
▲ Show 20 LinesShow All 7,368 Lines▼ Show 20 Lines for (MachineBasicBlock *Succ : Table) {
Done.insert(Succ); Done.insert(Succ);
} }
JumpTableMBB->normalizeSuccProbs(); JumpTableMBB->normalizeSuccProbs();
unsigned JTI = CurMF->getOrCreateJumpTableInfo(TLI.getJumpTableEncoding()) unsigned JTI = CurMF->getOrCreateJumpTableInfo(TLI.getJumpTableEncoding())
->createJumpTableIndex(Table); ->createJumpTableIndex(Table);
// Set up the jump table info. // Set up the jump table info.
bool UnreachableDefault =
isa<UnreachableInst>(SI->getDefaultDest()->getFirstNonPHIOrDbg());
bool OmitRangeCheck = UnreachableDefault;
JumpTable JT(-1U, JTI, JumpTableMBB, nullptr); JumpTable JT(-1U, JTI, JumpTableMBB, nullptr);
JumpTableHeader JTH(Clusters[First].Low->getValue(), JumpTableHeader JTH(Clusters[First].Low->getValue(),
Clusters[Last].High->getValue(), SI->getCondition(), Clusters[Last].High->getValue(), SI->getCondition(),
nullptr, false); nullptr, false, OmitRangeCheck);
JTCases.emplace_back(std::move(JTH), std::move(JT)); JTCases.emplace_back(std::move(JTH), std::move(JT));
JTCluster = CaseCluster::jumpTable(Clusters[First].Low, Clusters[Last].High, JTCluster = CaseCluster::jumpTable(Clusters[First].Low, Clusters[Last].High,
JTCases.size() - 1, Prob); JTCases.size() - 1, Prob);
return true; return true;
} }
void SelectionDAGBuilder::findJumpTables(CaseClusterVector &Clusters, void SelectionDAGBuilder::findJumpTables(CaseClusterVector &Clusters,
▲ Show 20 LinesShow All 789 Lines▼ Show 20 Linesvoid SelectionDAGBuilder::visitSwitch(const SwitchInst &SI) {
MachineBasicBlock *DefaultMBB = FuncInfo.MBBMap[SI.getDefaultDest()]; MachineBasicBlock *DefaultMBB = FuncInfo.MBBMap[SI.getDefaultDest()];
// Cluster adjacent cases with the same destination. We do this at all // Cluster adjacent cases with the same destination. We do this at all
// optimization levels because it's cheap to do and will make codegen faster // optimization levels because it's cheap to do and will make codegen faster
// if there are many clusters. // if there are many clusters.
sortAndRangeify(Clusters); sortAndRangeify(Clusters);
if (TM.getOptLevel() != CodeGenOpt::None) {
// Replace an unreachable default with the most popular destination.
// FIXME: Exploit unreachable default more aggressively.
bool UnreachableDefault =
isa<UnreachableInst>(SI.getDefaultDest()->getFirstNonPHIOrDbg());
if (UnreachableDefault && !Clusters.empty()) {
DenseMap<const BasicBlock *, unsigned> Popularity;
unsigned MaxPop = 0;
const BasicBlock *MaxBB = nullptr;
for (auto I : SI.cases()) {
const BasicBlock *BB = I.getCaseSuccessor();
if (++Popularity[BB] > MaxPop) {
MaxPop = Popularity[BB];
MaxBB = BB;
}
}
// Set new default.
assert(MaxPop > 0 && MaxBB);
DefaultMBB = FuncInfo.MBBMap[MaxBB];
// Remove cases that were pointing to the destination that is now the
// default.
CaseClusterVector New;
New.reserve(Clusters.size());
for (CaseCluster &CC : Clusters) {
if (CC.MBB != DefaultMBB)
New.push_back(CC);
}
Clusters = std::move(New);
}
}
// The branch probablity of the peeled case. // The branch probablity of the peeled case.
BranchProbability PeeledCaseProb = BranchProbability::getZero(); BranchProbability PeeledCaseProb = BranchProbability::getZero();
MachineBasicBlock *PeeledSwitchMBB = MachineBasicBlock *PeeledSwitchMBB =
peelDominantCaseCluster(SI, Clusters, PeeledCaseProb); peelDominantCaseCluster(SI, Clusters, PeeledCaseProb);
// If there is only the default destination, jump there directly. // If there is only the default destination, jump there directly.
MachineBasicBlock *SwitchMBB = FuncInfo.MBB; MachineBasicBlock *SwitchMBB = FuncInfo.MBB;
if (Clusters.empty()) { if (Clusters.empty()) {
▲ Show 20 LinesShow All 58 LinesShow Last 20 Lines

llvm/trunk/test/CodeGen/AArch64/switch-unreachable-default.ll

; RUN: llc -O3 -o - %s | FileCheck %s
; Test that the output in the presence of an unreachable default does not have
; a compare and branch at the top of the switch to handle the default case.
target triple = "aarch64-unknown-linux-gnu"
; Function Attrs: nounwind
define void @fn(i4) {
switch i4 %0, label %default [
i4 0, label %case_0
i4 1, label %case_1
i4 2, label %case_2
i4 3, label %case_3
i4 4, label %case_4
i4 5, label %case_5
]
; CHECK-LABEL: fn:
; CHECK-NOT: sub
; CHECK-NOT: cmp
; CHECK-NOT: b.hi
; CHECK: ldr {{x[0-9]+}}, [{{x[0-9]+}}, {{x[0-9]+}}, lsl #3]
; CHECK: br {{x[0-9]+}}
default:
unreachable
case_0:
tail call void @handle_case_00(i4 %0) #2
br label %return_label
case_1:
tail call void @handle_case_01(i4 %0) #2
br label %return_label
case_2:
tail call void @handle_case_02(i4 %0) #2
br label %return_label
case_3:
tail call void @handle_case_03(i4 %0) #2
br label %return_label
case_4:
tail call void @handle_case_04(i4 %0) #2
br label %return_label
case_5:
tail call void @handle_case_05(i4 %0) #2
br label %return_label
return_label:
ret void
}
declare void @handle_case_00(i4)
declare void @handle_case_01(i4)
declare void @handle_case_02(i4)
declare void @handle_case_03(i4)
declare void @handle_case_04(i4)
declare void @handle_case_05(i4)

llvm/trunk/test/CodeGen/X86/pr38743.ll

Show All 12 Lines
@.str.16 = external dso_local unnamed_addr constant [16 x i8], align 1 @.str.16 = external dso_local unnamed_addr constant [16 x i8], align 1
@.str.17 = external dso_local unnamed_addr constant [12 x i8], align 1 @.str.17 = external dso_local unnamed_addr constant [12 x i8], align 1
@.str.18 = external dso_local unnamed_addr constant [15 x i8], align 1 @.str.18 = external dso_local unnamed_addr constant [15 x i8], align 1
declare void @llvm.memcpy.p0i8.p0i8.i64(i8* nocapture writeonly, i8* nocapture readonly, i64, i1) #0 declare void @llvm.memcpy.p0i8.p0i8.i64(i8* nocapture writeonly, i8* nocapture readonly, i64, i1) #0
define void @pr38743() #1 align 2 { define void @pr38743() #1 align 2 {
; CHECK-LABEL: pr38743: ; CHECK-LABEL: pr38743:
; CHECK: # %bb.0: # %bb ; CHECK: # %bb.0: # %bb
; CHECK-NEXT: cmpl $3, %eax ; CHECK-NEXT: xorl %eax, %eax
; CHECK-NEXT: je .LBB0_4 ; CHECK-NEXT: jmpq *.LJTI0_0(,%rax,8)
; CHECK-NEXT: # %bb.1: # %bb ; CHECK-NEXT: .[[LABEL1:[A-Z_0-9]+]]: # %bb5
; CHECK-NEXT: cmpl $1, %eax
; CHECK-NEXT: je .LBB0_2
; CHECK-NEXT: # %bb.3: # %bb5
; CHECK-NEXT: movzwl .str.17+{{.*}}(%rip), %eax ; CHECK-NEXT: movzwl .str.17+{{.*}}(%rip), %eax
; CHECK-NEXT: movw %ax, -{{[0-9]+}}(%rsp) ; CHECK-NEXT: movw %ax, -{{[0-9]+}}(%rsp)
; CHECK-NEXT: movq {{.*}}(%rip), %rax ; CHECK-NEXT: movq .str.17(%rip), %rax
; CHECK-NEXT: jmp .LBB0_5 ; CHECK-NEXT: jmp .[[LABEL4:[A-Z_0-9]+]]
; CHECK-NEXT: .LBB0_4: # %bb8 ; CHECK-NEXT: .[[LABEL2:[A-Z_0-9]+]]: # %bb2
; CHECK-NEXT: movq .str.18+{{.*}}(%rip), %rax
; CHECK-NEXT: movq %rax, -{{[0-9]+}}(%rsp)
; CHECK-NEXT: movq {{.*}}(%rip), %rax
; CHECK-NEXT: jmp .LBB0_5
; CHECK-NEXT: .LBB0_2: # %bb2
; CHECK-NEXT: movq .str.16+{{.*}}(%rip), %rax ; CHECK-NEXT: movq .str.16+{{.*}}(%rip), %rax
; CHECK-NEXT: movq %rax, -{{[0-9]+}}(%rsp) ; CHECK-NEXT: movq %rax, -{{[0-9]+}}(%rsp)
; CHECK-NEXT: movq {{.*}}(%rip), %rax ; CHECK-NEXT: movq .str.16(%rip), %rax
; CHECK-NEXT: .LBB0_5: # %bb12 ; CHECK-NEXT: jmp .[[LABEL4]]
; CHECK-NEXT: .[[LABEL3:[A-Z_0-9]+]]: # %bb8
; CHECK-NEXT: movq .str.18+{{.*}}(%rip), %rax
; CHECK-NEXT: movq %rax, -{{[0-9]+}}(%rsp)
; CHECK-NEXT: movq .str.18(%rip), %rax
; CHECK-NEXT: .[[LABEL4]]: # %bb12
; CHECK-NEXT: movq %rax, -{{[0-9]+}}(%rsp) ; CHECK-NEXT: movq %rax, -{{[0-9]+}}(%rsp)
; CHECK-NEXT: movq -{{[0-9]+}}(%rsp), %rax ; CHECK-NEXT: movq -{{[0-9]+}}(%rsp), %rax
; CHECK-NEXT: movq %rax, (%rax) ; CHECK-NEXT: movq %rax, (%rax)
; CHECK-NEXT: movb -{{[0-9]+}}(%rsp), %al ; CHECK-NEXT: movb -{{[0-9]+}}(%rsp), %al
; CHECK-NEXT: movq -{{[0-9]+}}(%rsp), %rcx ; CHECK-NEXT: movq -{{[0-9]+}}(%rsp), %rcx
; CHECK-NEXT: movzwl -{{[0-9]+}}(%rsp), %edx ; CHECK-NEXT: movzwl -{{[0-9]+}}(%rsp), %edx
; CHECK-NEXT: movl -{{[0-9]+}}(%rsp), %esi ; CHECK-NEXT: movl -{{[0-9]+}}(%rsp), %esi
; CHECK-NEXT: movb -{{[0-9]+}}(%rsp), %dil ; CHECK-NEXT: movb -{{[0-9]+}}(%rsp), %dil
; CHECK-NEXT: movb %al, (%rax) ; CHECK-NEXT: movb %al, (%rax)
; CHECK-NEXT: movq %rcx, 1(%rax) ; CHECK-NEXT: movq %rcx, {{[0-9]+}}(%rax)
; CHECK-NEXT: movw %dx, 9(%rax) ; CHECK-NEXT: movw %dx, {{[0-9]+}}(%rax)
; CHECK-NEXT: movl %esi, 11(%rax) ; CHECK-NEXT: movl %esi, {{[0-9]+}}(%rax)
; CHECK-NEXT: movb %dil, 15(%rax) ; CHECK-NEXT: movb %dil, {{[0-9]+}}(%rax)
; CHECK-NEXT: retq ; CHECK-NEXT: retq
; CHECK-LABEL: .LJTI0_0:
; CHECK: .quad .[[LABEL2]]
; CHECK-NEXT: .quad .[[LABEL1]]
; CHECK-NEXT: .quad .[[LABEL3]]
; CHECK-NEXT: .quad .[[LABEL1]]
bb: bb:
%tmp = alloca %0, align 16 %tmp = alloca %0, align 16
%tmp1 = bitcast %0* %tmp to i8* %tmp1 = bitcast %0* %tmp to i8*
switch i32 undef, label %bb11 [ switch i32 undef, label %bb11 [
i32 1, label %bb2 i32 1, label %bb2
i32 4, label %bb5 i32 4, label %bb5
i32 2, label %bb5 i32 2, label %bb5
i32 3, label %bb8 i32 3, label %bb8
Show All 31 Lines

llvm/trunk/test/CodeGen/X86/switch-jump-table.ll

; RUN: llc -mtriple=i686-pc-gnu-linux < %s | FileCheck %s ; RUN: llc -mtriple=i686-pc-gnu-linux < %s | FileCheck %s
; RUN: llc -mtriple=i686-pc-gnu-linux -print-machineinstrs=expand-isel-pseudos %s -o /dev/null 2>&1 | FileCheck %s -check-prefix=CHECK-JT-PROB ; RUN: llc -mtriple=i686-pc-gnu-linux -print-machineinstrs=expand-isel-pseudos %s -o /dev/null 2>&1 | FileCheck %s -check-prefix=CHECK-JT-PROB
; An unreachable default destination is replaced with the most popular case label. ; An unreachable default destination is ignored and no compare and branch
; is generated for the default values.
define void @foo(i32 %x, i32* %to) { define void @foo(i32 %x, i32* %to) {
; CHECK-LABEL: foo: ; CHECK-LABEL: foo:
; CHECK: movl 4(%esp), [[REG:%e[a-z]{2}]] ; CHECK: movl 4(%esp), [[REG:%e[a-z]{2}]]
; CHECK: cmpl $3, [[REG]]
; CHECK: ja .LBB0_6
; CHECK-NEXT: # %bb.1:
; CHECK-NEXT: jmpl *.LJTI0_0(,[[REG]],4) ; CHECK-NEXT: jmpl *.LJTI0_0(,[[REG]],4)
; CHECK: movl $4 ; CHECK: movl $4
; CHECK: retl ; CHECK: retl
entry: entry:
switch i32 %x, label %default [ switch i32 %x, label %default [
i32 0, label %bb0 i32 0, label %bb0
i32 1, label %bb1 i32 1, label %bb1
Show All 19 Linesbb4:
br label %exit br label %exit
exit: exit:
ret void ret void
default: default:
unreachable unreachable
; The jump table has four entries. ; The jump table has four entries.
; CHECK-LABEL: .LJTI0_0: ; CHECK-LABEL: .LJTI0_0:
; CHECK-NEXT: .long .LBB0_1
; CHECK-NEXT: .long .LBB0_2 ; CHECK-NEXT: .long .LBB0_2
; CHECK-NEXT: .long .LBB0_3 ; CHECK-NEXT: .long .LBB0_3
; CHECK-NEXT: .long .LBB0_4 ; CHECK-NEXT: .long .LBB0_4
; CHECK-NEXT: .long .LBB0_5 ; CHECK-NEXT: .long .LBB0_5
; CHECK-NEXT: .long .LBB0_5
} }
; Check if branch probabilities are correctly assigned to the jump table. ; Check if branch probabilities are correctly assigned to the jump table.
define void @bar(i32 %x, i32* %to) { define void @bar(i32 %x, i32* %to) {
; CHECK-JT-PROB-LABEL: bar: ; CHECK-JT-PROB-LABEL: bar:
; CHECK-JT-PROB: successors: %bb.6(0x12492492), %bb.8(0x6db6db6e) ; CHECK-JT-PROB: successors: %bb.6(0x12492492), %bb.8(0x6db6db6e)
; CHECK-JT-PROB: successors: %bb.1(0x15555555), %bb.2(0x15555555), %bb.3(0x15555555), %bb.4(0x15555555), %bb.5(0x2aaaaaab) ; CHECK-JT-PROB: successors: %bb.1(0x15555555), %bb.2(0x15555555), %bb.3(0x15555555), %bb.4(0x15555555), %bb.5(0x2aaaaaab)
Show All 33 Lines