This is an archive of the discontinued LLVM Phabricator instance.

Differential D62110

[LV] prevent potential divide by zero. NFC
Needs ReviewPublic

Authored by nickdesaulniers on May 19 2019, 4:58 PM.

Details

Reviewers
rengolin
Summary

scan-build flags a long chain where if LoopCost is 0, then a division by
zero might occur. Add a quick check after its final assignment before
use.

Diff Detail

Event Timeline

nickdesaulniers created this revision.May 19 2019, 4:58 PM
Herald added a project: Restricted Project. · View Herald TranscriptMay 19 2019, 4:58 PM
Herald added subscribers: llvm-commits, rkruppe, hiraditya. · View Herald Transcript
Harbormaster completed remote builds in B32124: Diff 200187.May 19 2019, 4:59 PM
rengolin added a comment.May 20 2019, 12:42 AM

Can expectedCost ever return zero?

nickdesaulniers added a comment.May 21 2019, 4:30 PM
In D62110#1508064, @rengolin wrote:

Can expectedCost ever return zero?

LoopVectorizationCostModel::expectedCost default initializes its return value, an instance of LoopVectorizationCostModel::VectorizationCostTy declared as:

using VectorizationCostTy = std::pair<unsigned, bool>;

so looks like it's possible.

Regardless, the runtime is going to be dominated by the division, not the check against zero, so why not just always pay the cost? Especially if it reduces a warning from scan-build?

(I have the same opinion about pointers; "should I check this pointer isn't nullptr before dereferencing it? yeah, probably (short of it already have been checked and not updated since)." Skipping such a check doesn't add much value unless you have really hot code and strong guarantees (at which point, I'd prefer stronger guarantees from the type system).

rengolin added a comment.May 22 2019, 2:53 AM
In D62110#1511129, @nickdesaulniers wrote:

LoopVectorizationCostModel::expectedCost default initializes its return value, an instance of LoopVectorizationCostModel::VectorizationCostTy declared as:

using VectorizationCostTy = std::pair<unsigned, bool>;

so looks like it's possible.

That doesn't say much, just that it's initialised as zero. But if the expectedCost cannot return zero, then LoopCost cannot be zero (in this context).

Looking at expectedCost, it seems that there are only two situations where the cost can be zero:

  1. The trivial case where the loop is empty (no BBs, no insts).
  2. When VF == 1 && blockNeedsPredication(BB) and getReciprocalPredBlockProb() > BlockCost.first at the end (because first is unsigned) for every block (so Cost.first += BlockCost.first remains zero.

The first is not possible, as an empty loop wouldn't get this far. The second looks like a bug to me, so would warrant an assert at the end of expectedCost to make sure the cost is not zero.

Regardless, the runtime is going to be dominated by the division, not the check against zero, so why not just always pay the cost? Especially if it reduces a warning from scan-build?

This is not about performance, nor it should be about scan-build. Littering code to avoid static analysis false positives is a never ending and fruitless battle.

We've had this conversation in the LLVM list many times for a long time and general consensus was that safety is paramount, the illusion of safety, not so much. Promoting the habit of always checking for null pointers and zero denominators creates the problem of what to do with it if it is. Some cases are obvious, others, less so. That's why we assert so much so widely.

Revision Contents

PathSize
llvm/
lib/
Transforms/
Vectorize/
2 lines

Diff 200187

llvm/lib/Transforms/Vectorize/LoopVectorize.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 4,994 Lines▼ Show 20 Lines if (VF == 1) {
if (ForceTargetMaxVectorInterleaveFactor.getNumOccurrences() > 0) if (ForceTargetMaxVectorInterleaveFactor.getNumOccurrences() > 0)
MaxInterleaveCount = ForceTargetMaxVectorInterleaveFactor; MaxInterleaveCount = ForceTargetMaxVectorInterleaveFactor;
} }
// If we did not calculate the cost for VF (because the user selected the VF) // If we did not calculate the cost for VF (because the user selected the VF)
// then we calculate the cost of VF here. // then we calculate the cost of VF here.
if (LoopCost == 0) if (LoopCost == 0)
LoopCost = expectedCost(VF).first; LoopCost = expectedCost(VF).first;
if (LoopCost == 0)
return 1;
// Clamp the calculated IC to be between the 1 and the max interleave count // Clamp the calculated IC to be between the 1 and the max interleave count
// that the target allows. // that the target allows.
if (IC > MaxInterleaveCount) if (IC > MaxInterleaveCount)
IC = MaxInterleaveCount; IC = MaxInterleaveCount;
else if (IC < 1) else if (IC < 1)
IC = 1; IC = 1;
▲ Show 20 LinesShow All 2,642 LinesShow Last 20 Lines