This is an archive of the discontinued LLVM Phabricator instance.

Differential D59218

[LSR] Fix signed overflow in GenerateCrossUseConstantOffsets.
ClosedPublic

Authored by fhahn on Mar 11 2019, 9:37 AM.

Details

Reviewers
qcolombet
gilr
efriedma
Commits
rG45682fd6332c: [LSR] Fix signed overflow in GenerateCrossUseConstantOffsets.
rL357217: [LSR] Fix signed overflow in GenerateCrossUseConstantOffsets.
Summary

For the attached test case, unchecked addition of immediate starts and
ends overflows, as they can be arbitrary i64 constants.

Diff Detail

Event Timeline

fhahn created this revision.Mar 11 2019, 9:37 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 11 2019, 9:37 AM
Herald added subscribers: jdoerfert, hiraditya. · View Herald Transcript
Harbormaster completed remote builds in B28994: Diff 190110.Mar 11 2019, 9:42 AM
fhahn updated this revision to Diff 190143.Mar 11 2019, 1:02 PM

Use wrapping arithmetic

Harbormaster completed remote builds in B28999: Diff 190143.Mar 11 2019, 1:05 PM
fhahn added a reviewer: efriedma.Mar 12 2019, 3:28 PM

Another case similar to D59211

fhahn added a comment.Mar 21 2019, 10:52 AM

Ping. This applies the same solution as D59211 to a different case.

efriedma added inline comments.Mar 22 2019, 4:10 PM
llvm/lib/Transforms/Scalar/LoopStrengthReduce.cpp
4140

This code is trying to compute (x+y)/2. Mathematically, this can't overflow, so this shouldn't require a bitwidth to produce a meaningful result.

fhahn marked an inline comment as done.Mar 25 2019, 5:04 AM
fhahn added inline comments.
llvm/lib/Transforms/Scalar/LoopStrengthReduce.cpp
4140

Unless I am missing something, the cast addresses a potential overflow for the x + y part of the expression. Running the attached test with opt+ubsan crashes here.

efriedma added inline comments.Mar 25 2019, 12:13 PM
llvm/lib/Transforms/Scalar/LoopStrengthReduce.cpp
4140

Sorry, I guess I wasn't clear.

By "mathematically, this can't overflow", I meant that if x and y are in the range [INT_MIN, INT_MAX], (x+y)/2 is also in the range [INT_MIN, INT_MAX]. If you try to compute the result by just writing "(x+y)/2" in C, sure, it'll overflow, but you can rewrite the formula some other way. (Not sure what the most efficient way to write that in C is, off the top of my head.)

fhahn updated this revision to Diff 192202.Mar 25 2019, 2:22 PM

Thanks Eli, I did not realize that there are quite efficient ways to compute the
expressions other than splitting it up and dealing with the even/uneven cases
with modulo.

I did some digging online and updated the patch with an approach that should be
quite efficient.

Harbormaster completed remote builds in B29602: Diff 192202.Mar 25 2019, 2:22 PM
efriedma added inline comments.Mar 25 2019, 2:44 PM
llvm/lib/Transforms/Scalar/LoopStrengthReduce.cpp
4142

Are you sure this formula is right? Alive says it doesn't work correctly for signed values: https://rise4fun.com/Alive/E3V.

fhahn planned changes to this revision.Mar 26 2019, 6:26 AM

Modeling round-to-zero behavior correctly for all inputs is a bit tricky. I'll revisit it when I have more time

fhahn updated this revision to Diff 192696.Mar 28 2019, 12:07 PM

Fix calculation: use signed right shift to divide by 2 with round to -inf and
add 1 for negative results where one value is odd and the other even to get
round to 0 behavior. Proof: https://rise4fun.com/Alive/Plqc

Harbormaster completed remote builds in B29769: Diff 192696.Mar 28 2019, 12:08 PM
efriedma accepted this revision.Mar 28 2019, 12:16 PM

LGTM

This revision is now accepted and ready to land.Mar 28 2019, 12:16 PM
Closed by commit rL357217: [LSR] Fix signed overflow in GenerateCrossUseConstantOffsets. (authored by fhahn). · Explain WhyMar 28 2019, 3:16 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
llvm/
lib/
Transforms/
Scalar/
10 lines
test/
Transforms/
LoopStrengthReduce/
39 lines

Diff 192202

llvm/lib/Transforms/Scalar/LoopStrengthReduce.cpp

Show First 20 LinesShow All 4,127 Lines▼ Show 20 Lines for (ImmMapTy::const_iterator J = Imms.begin(), JE = Imms.end();
UsedByIndicesMap[Reg].count() == 1) { UsedByIndicesMap[Reg].count() == 1) {
LLVM_DEBUG(dbgs() << "Skipping cross-use reuse for " << *OrigReg LLVM_DEBUG(dbgs() << "Skipping cross-use reuse for " << *OrigReg
<< '\n'); << '\n');
continue; continue;
} }
// Conservatively examine offsets between this orig reg a few selected // Conservatively examine offsets between this orig reg a few selected
// other orig regs. // other orig regs.
int64_t First = Imms.begin()->first;
int64_t Last = std::prev(Imms.end())->first;
ImmMapTy::const_iterator OtherImms[] = { ImmMapTy::const_iterator OtherImms[] = {
Imms.begin(), std::prev(Imms.end()), Imms.begin(), std::prev(Imms.end()),
Imms.lower_bound((Imms.begin()->first + std::prev(Imms.end())->first) / // Compute (First + Last) / 2 without overflow using the fact that
efriedmaUnsubmitted
Not Done
ReplyInline Actions

This code is trying to compute (x+y)/2. Mathematically, this can't overflow, so this shouldn't require a bitwidth to produce a meaningful result.

efriedma: This code is trying to compute (x+y)/2. Mathematically, this can't overflow, so this shouldn't…
fhahnAuthorUnsubmitted
Done
ReplyInline Actions

Unless I am missing something, the cast addresses a potential overflow for the x + y part of the expression. Running the attached test with opt+ubsan crashes here.

fhahn: Unless I am missing something, the cast addresses a potential overflow for the x + y part of…
efriedmaUnsubmitted
Not Done
ReplyInline Actions

Sorry, I guess I wasn't clear.

By "mathematically, this can't overflow", I meant that if x and y are in the range [INT_MIN, INT_MAX], (x+y)/2 is also in the range [INT_MIN, INT_MAX]. If you try to compute the result by just writing "(x+y)/2" in C, sure, it'll overflow, but you can rewrite the formula some other way. (Not sure what the most efficient way to write that in C is, off the top of my head.)

efriedma: Sorry, I guess I wasn't clear. By "mathematically, this can't overflow", I meant that if x and…
2) // First + Last = 2 * (First + Last) + (First ^ Last).
}; Imms.lower_bound((First & Last) + (First ^ Last) / 2)};
efriedmaUnsubmitted
Not Done
ReplyInline Actions

Are you sure this formula is right? Alive says it doesn't work correctly for signed values: https://rise4fun.com/Alive/E3V.

efriedma: Are you sure this formula is right? Alive says it doesn't work correctly for signed values…
for (size_t i = 0, e = array_lengthof(OtherImms); i != e; ++i) { for (size_t i = 0, e = array_lengthof(OtherImms); i != e; ++i) {
ImmMapTy::const_iterator M = OtherImms[i]; ImmMapTy::const_iterator M = OtherImms[i];
if (M == J || M == JE) continue; if (M == J || M == JE) continue;
// Compute the difference between the two. // Compute the difference between the two.
int64_t Imm = (uint64_t)JImm - M->first; int64_t Imm = (uint64_t)JImm - M->first;
for (unsigned LUIdx : UsedByIndices.set_bits()) for (unsigned LUIdx : UsedByIndices.set_bits())
// Make a memo of this use, offset, and register tuple. // Make a memo of this use, offset, and register tuple.
▲ Show 20 LinesShow All 1,553 LinesShow Last 20 Lines

llvm/test/Transforms/LoopStrengthReduce/lsr-overflow.ll

  • This file was added.
; NOTE: Assertions have been autogenerated by utils/update_test_checks.py
; RUN: opt -lsr-complexity-limit=50 -loop-reduce -S %s | FileCheck %s
target datalayout = "e-m:o-i64:64-f80:128-n8:16:32:64-S128"
define void @overflow1(i64 %a) {
; CHECK-LABEL: @overflow1(
; CHECK-NEXT: bb:
; CHECK-NEXT: [[TMP0:%.*]] = add i64 [[A:%.*]], -1
; CHECK-NEXT: [[TMP1:%.*]] = add i64 [[A]], -9223372036854775808
; CHECK-NEXT: br label [[BB1:%.*]]
; CHECK: bb1:
; CHECK-NEXT: [[LSR_IV1:%.*]] = phi i64 [ [[LSR_IV_NEXT2:%.*]], [[BB1]] ], [ [[TMP1]], [[BB:%.*]] ]
; CHECK-NEXT: [[LSR_IV:%.*]] = phi i64 [ [[LSR_IV_NEXT:%.*]], [[BB1]] ], [ [[TMP0]], [[BB]] ]
; CHECK-NEXT: [[TMP4:%.*]] = icmp ne i64 [[LSR_IV1]], 0
; CHECK-NEXT: [[TMP5:%.*]] = and i1 [[TMP4]], true
; CHECK-NEXT: [[LSR_IV_NEXT]] = add i64 [[LSR_IV]], 1
; CHECK-NEXT: [[LSR_IV_NEXT2]] = add i64 [[LSR_IV1]], 1
; CHECK-NEXT: br i1 [[TMP5]], label [[BB1]], label [[BB7:%.*]]
; CHECK: bb7:
; CHECK-NEXT: [[TMP9:%.*]] = and i64 [[LSR_IV_NEXT]], 1
; CHECK-NEXT: [[TMP10:%.*]] = icmp eq i64 [[TMP9]], 0
; CHECK-NEXT: unreachable
;
bb:
br label %bb1
bb1: ; preds = %bb1, %bb
%tmp = phi i64 [ %a, %bb ], [ %tmp6, %bb1 ]
%tmp4 = icmp ne i64 %tmp, -9223372036854775808
%tmp5 = and i1 %tmp4, 1
%tmp6 = add i64 %tmp, 1
br i1 %tmp5, label %bb1, label %bb7
bb7: ; preds = %bb1
%tmp9 = and i64 %tmp, 1
%tmp10 = icmp eq i64 %tmp9, 0
unreachable
}