This is an archive of the discontinued LLVM Phabricator instance.

Differential D65326

Fix for a dangling point bug in DeadStoreElimination pass
ClosedPublic

Authored by quic_aankit on Jul 26 2019, 3:37 AM.

Details

Reviewers
fhahn
bcahoon
efriedma
Commits
rG369a91951440: Fix for a dangling point bug in DeadStoreElimination pass
rG1847fd9d8550: [DSE] Fix for a dangling point bug in DeadStoreElimination.
Summary

The patch makes sure that the LastThrowing pointer does not point to any instruction deleted by call to DeleteDeadInstruction.

While iterating through the instructions the pass maintains a pointer to the lastThrowing Instruction. A call to deleteDeadInstruction deletes a dead store and other instructions feeding the original dead instruction which also become dead. The instruction pointed by the lastThrowing pointer could also be deleted by the call to DeleteDeadInstruction and thus it becomes a dangling pointer. Because of this, we see an error in the next iteration.

In the patch, we maintain a list of throwing instructions encountered previously and use the last non deleted throwing instruction from the container.

Diff Detail

Event Timeline

quic_aankit created this revision.Jul 26 2019, 3:37 AM
Herald added a subscriber: hiraditya. · View Herald TranscriptJul 26 2019, 3:37 AM
fhahn added a comment.Jul 27 2019, 11:33 AM

I think SetVector would be more suitable and lead to slightly simpler code (http://llvm.org/doxygen/classllvm_1_1SetVector.html)

Also, could you upload the patch with more context? (git show HEAD -U999999)

quic_aankit updated this revision to Diff 212288.Jul 30 2019, 1:12 AM

Uploading patch with more context

quic_aankit updated this revision to Diff 212296.Jul 30 2019, 1:54 AM
quic_aankit added a comment.Jul 30 2019, 1:59 AM
In D65326#1603693, @fhahn wrote:

I think SetVector would be more suitable and lead to slightly simpler code (http://llvm.org/doxygen/classllvm_1_1SetVector.html)

Also, could you upload the patch with more context? (git show HEAD -U999999)

Uploaded the patch with more context.

The main motivation to use MapVector is for searching the deletedInstruction in the list of lastThrowing Instructions (Line120). With SetVector this step will be expensive.

quic_aankit added a reviewer: efriedma.Jul 31 2019, 7:54 AM
quic_aankit added a comment.Aug 5 2019, 8:21 AM

@fhahn @efriedma @bcahoon Please review

fhahn added a comment.Aug 18 2019, 10:47 PM
In D65326#1605875, @quic_aankit wrote:
In D65326#1603693, @fhahn wrote:

I think SetVector would be more suitable and lead to slightly simpler code (http://llvm.org/doxygen/classllvm_1_1SetVector.html)

Also, could you upload the patch with more context? (git show HEAD -U999999)

Uploaded the patch with more context.

The main motivation to use MapVector is for searching the deletedInstruction in the list of lastThrowing Instructions (Line120). With SetVector this step will be expensive.

Right, the interface to SetVector is a bit unfortunate in that respect :( It's probably not worth generalizing that for now, especially if we can keep the logic to clean up the map in deleteDeadInstructions.

Some comments inline. Would it be possible to add a test where multiple entries are removed from the mapping in a single deleteDeadInstructions call? Not sure if that can be the case, IIUC that would require deleting a function that may throw with an argument that may throw as well, but can be removed once it is dead.

llvm/lib/Transforms/Scalar/DeadStoreElimination.cpp
118

LLVM convention is to have upper case names for variables (same below)

1164

I think we could move the code to pop the removed instructions from the map to deleteDeadInstructions. That would keep the logic to manage the map in one place and here we can simply use the last instruction in the map as LastThrowing I think.

1165

AFAIK we are looking for the last throwing instruction we encountered, but this will set it to the first? Shouldn't check the map in reverse insertion order?

Otherwise we remove the store between the @foo calls, which we would have to preserve, as @foo may throw.

declare i8* @_Znwj(i32) local_unnamed_addr

declare void @foo() readnone
; CHECK-LABEL: @test(
; CHECK-NEXT: store
; CHECK-NEXT: ret void
define void @test(i8** %ptr, i8* %p1, i8* %p2) {
  store i8* undef, i8** %ptr
  call void @foo()
  store i8* %p1, i8** %ptr
  call void @foo()
  store i8* %p2, i8** %ptr
  %call = call i8* @_Znwj(i32 1)
  store i8* %call, i8** %ptr
  store i8* undef, i8** %ptr
  ret void
}
quic_aankit updated this revision to Diff 220335.Sep 16 2019, 7:04 AM
quic_aankit marked an inline comment as done.

Hi fhahn, sorry for the delay. I've addressed your comments. However, I was unable to add a test where multiple entries are removed from the mapping in a single deleteDeadInstructions call. The method you suggested does not work because deleting a function that may throw is not a legal operation. In the testcase that I have since it is a new function call "_Znwj", we are able to remove the call.

quic_aankit marked 4 inline comments as done.Sep 16 2019, 7:19 AM
quic_aankit added inline comments.
llvm/lib/Transforms/Scalar/DeadStoreElimination.cpp
1164

I've moved the code up in deleteDeadInstructions. I had this here to be able to use inexpensive pop_back instead of the expensive erase. But I think your suggestion makes more sense.

1165

I'm sorry. This had to be a reverse iterator. I've corrected it in the new patch

quic_aankit added a comment.Oct 1 2019, 1:44 AM

@fhahn Gentle reminder

quic_aankit added a comment.Oct 14 2019, 2:00 AM

@fhahn Ping

quic_aankit added a comment.Oct 25 2019, 12:39 PM

@fhahn Gentle reminder

fhahn added a comment.Nov 2 2019, 2:53 PM

Sorry for the long delay! I had to go through the comments again.

llvm/lib/Transforms/Scalar/DeadStoreElimination.cpp
103

Please run clang-format before committing. I think this should be <Instruction *, bool>.

119

I think it would be better to not use erase, as you had originally, i.e. set ThrowableInst[DeadInst] = false. What I meant with my last comment was that we could pop false values from the back of ThrowableInst at the end of this function, until we reach one element that's true. Or do it at the place you had originally, just with the right reverse iterator.

llvm/test/Transforms/DeadStoreElimination/DeleteThrowableInst.ll
1

Can you please also add the test I mentioned in the comment?

fhahn added a comment.Nov 28 2019, 8:59 AM

Reverse ping.

Are you still looking to submit this patch? If so, it would be great to not wait too long with responding, otherwise the reviewers will have to re-familiarize themselves with the patch and the comment history.

quic_aankit added a comment.Nov 28 2019, 4:17 PM
In D65326#1763222, @fhahn wrote:

Reverse ping.

Are you still looking to submit this patch? If so, it would be great to not wait too long with responding, otherwise the reviewers will have to re-familiarize themselves with the patch and the comment history.

Sorry about it. Working on your comments right away.

quic_aankit updated this revision to Diff 231476.Nov 28 2019, 9:20 PM

Hi @fhahn , I've updated the patch to address your comments

fhahn accepted this revision.Dec 2 2019, 7:28 AM

LGTM with 2 optional nits, thanks!

llvm/lib/Transforms/Scalar/DeadStoreElimination.cpp
154

Shouldn't we increment It early, as we remove the element It refers to? It does not seem to cause any issue, but FWIW, it seems that for SPEC and the test-suite, we always do at most 1 iteration of the loop.

llvm/test/Transforms/DeadStoreElimination/DeleteThrowableInst.ll
26

It might be better to store a concrete value instead undef (here and other places in the test casE) to make to test case more robust against future changes.

This revision is now accepted and ready to land.Dec 2 2019, 7:28 AM
quic_aankit updated this revision to Diff 231891.Dec 3 2019, 5:59 AM
quic_aankit marked 2 inline comments as done.
quic_aankit marked an inline comment as done.
quic_aankit added inline comments.
llvm/lib/Transforms/Scalar/DeadStoreElimination.cpp
154

I don't think that incrementing It after removing the element pointed by it should be an issue as we are not accessing the element in between. In the latest patch I've incremented It before removing the element.

fhahn added a comment.Dec 3 2019, 11:33 AM

Thanks! Do you need someone to commit the patch?

quic_aankit added a comment.Dec 5 2019, 8:55 AM

I'm trying to get access to commit the patch, but it would be great if you can get someone to commit it.

fhahn added a comment.Dec 5 2019, 9:30 AM
In D65326#1771027, @quic_aankit wrote:

I'm trying to get access to commit the patch, but it would be great if you can get someone to commit it.

Sure thing, I can commit it on your behalf!

Closed by commit rG1847fd9d8550: [DSE] Fix for a dangling point bug in DeadStoreElimination. (authored by quic_aankit, committed by fhahn). · Explain WhyDec 5 2019, 9:55 AM
This revision was automatically updated to reflect the committed changes.
quic_aankit added a comment.EditedDec 5 2019, 11:10 AM

Hi @fhahn , the commit caused a buildbot failure.
http://lab.llvm.org:8011/builders/llvm-clang-x86_64-expensive-checks-win/builds/20911
Can you please revert the patch for now while I investigate the issue?

fhahn added a comment.Dec 5 2019, 11:33 AM
In D65326#1771415, @quic_aankit wrote:

Hi @fhahn , the commit caused a buildbot failure.
http://lab.llvm.org:8011/builders/llvm-clang-x86_64-expensive-checks-win/builds/20911
Can you please revert the patch for now while I investigate the issue?

Done in rG19071173fc2e

quic_aankit updated this revision to Diff 234662.Dec 18 2019, 10:40 PM

Hi @fhahn, I've updated the patch to handle the failure with MSVC. Using iterator with pop_back was causing problems on windows.

fhahn added a comment.Jan 3 2020, 6:43 AM

Committed as rG369a919514403196dcff7b6bdfa0668dcc733fee

Revision Contents

PathSize
llvm/
lib/
Transforms/
Scalar/
52 lines
test/
Transforms/
DeadStoreElimination/
14 lines

Diff 220335

llvm/lib/Transforms/Scalar/DeadStoreElimination.cpp

Show All 11 Lines
// FIXME: This should eventually be extended to be a post-dominator tree // FIXME: This should eventually be extended to be a post-dominator tree
// traversal. Doing so would be pretty trivial. // traversal. Doing so would be pretty trivial.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "llvm/Transforms/Scalar/DeadStoreElimination.h" #include "llvm/Transforms/Scalar/DeadStoreElimination.h"
#include "llvm/ADT/APInt.h" #include "llvm/ADT/APInt.h"
#include "llvm/ADT/DenseMap.h" #include "llvm/ADT/DenseMap.h"
#include "llvm/ADT/MapVector.h"
#include "llvm/ADT/SetVector.h" #include "llvm/ADT/SetVector.h"
#include "llvm/ADT/SmallPtrSet.h" #include "llvm/ADT/SmallPtrSet.h"
#include "llvm/ADT/SmallVector.h" #include "llvm/ADT/SmallVector.h"
#include "llvm/ADT/Statistic.h" #include "llvm/ADT/Statistic.h"
#include "llvm/ADT/StringRef.h" #include "llvm/ADT/StringRef.h"
#include "llvm/Analysis/AliasAnalysis.h" #include "llvm/Analysis/AliasAnalysis.h"
#include "llvm/Analysis/CaptureTracking.h" #include "llvm/Analysis/CaptureTracking.h"
#include "llvm/Analysis/GlobalsModRef.h" #include "llvm/Analysis/GlobalsModRef.h"
▲ Show 20 LinesShow All 66 Lines▼ Show 20 Lines
/// Delete this instruction. Before we do, go through and zero out all the /// Delete this instruction. Before we do, go through and zero out all the
/// operands of this instruction. If any of them become dead, delete them and /// operands of this instruction. If any of them become dead, delete them and
/// the computation tree that feeds them. /// the computation tree that feeds them.
/// If ValueSet is non-null, remove any deleted instructions from it as well. /// If ValueSet is non-null, remove any deleted instructions from it as well.
static void static void
deleteDeadInstruction(Instruction *I, BasicBlock::iterator *BBI, deleteDeadInstruction(Instruction *I, BasicBlock::iterator *BBI,
MemoryDependenceResults &MD, const TargetLibraryInfo &TLI, MemoryDependenceResults &MD, const TargetLibraryInfo &TLI,
InstOverlapIntervalsTy &IOL, OrderedBasicBlock &OBB, InstOverlapIntervalsTy &IOL, OrderedBasicBlock &OBB,
MapVector<Instruction*, bool> &ThrowableInst,
fhahnUnsubmitted
Not Done
ReplyInline Actions

Please run clang-format before committing. I think this should be <Instruction *, bool>.

fhahn: Please run clang-format before committing. I think this should be `<Instruction *, bool>`.
SmallSetVector<const Value *, 16> *ValueSet = nullptr) { SmallSetVector<const Value *, 16> *ValueSet = nullptr) {
SmallVector<Instruction*, 32> NowDeadInsts; SmallVector<Instruction*, 32> NowDeadInsts;
NowDeadInsts.push_back(I); NowDeadInsts.push_back(I);
--NumFastOther; --NumFastOther;
// Keeping the iterator straight is a pain, so we let this routine tell the // Keeping the iterator straight is a pain, so we let this routine tell the
// caller what the next instruction is after we're done mucking about. // caller what the next instruction is after we're done mucking about.
BasicBlock::iterator NewIter = *BBI; BasicBlock::iterator NewIter = *BBI;
// Before we touch this instruction, remove it from memdep! // Before we touch this instruction, remove it from memdep!
do { do {
Instruction *DeadInst = NowDeadInsts.pop_back_val(); Instruction *DeadInst = NowDeadInsts.pop_back_val();
// Mark the DeadInst as dead in the list of throwable instructions.
auto It = ThrowableInst.find(DeadInst);
fhahnUnsubmitted
Done
ReplyInline Actions

LLVM convention is to have upper case names for variables (same below)

fhahn: LLVM convention is to have upper case names for variables (same below)
if (It != ThrowableInst.end())
fhahnUnsubmitted
Not Done
ReplyInline Actions

I think it would be better to not use erase, as you had originally, i.e. set ThrowableInst[DeadInst] = false. What I meant with my last comment was that we could pop false values from the back of ThrowableInst at the end of this function, until we reach one element that's true. Or do it at the place you had originally, just with the right reverse iterator.

fhahn: I think it would be better to not use erase, as you had originally, i.e. set ThrowableInst…
ThrowableInst.erase(It);
++NumFastOther; ++NumFastOther;
// Try to preserve debug information attached to the dead instruction. // Try to preserve debug information attached to the dead instruction.
salvageDebugInfo(*DeadInst); salvageDebugInfo(*DeadInst);
// This instruction is dead, zap it, in stages. Start by removing it from // This instruction is dead, zap it, in stages. Start by removing it from
// MemDep, which needs to know the operands and needs it to be in the // MemDep, which needs to know the operands and needs it to be in the
// function. // function.
Show All 17 Lines do {
if (NewIter == DeadInst->getIterator()) if (NewIter == DeadInst->getIterator())
NewIter = DeadInst->eraseFromParent(); NewIter = DeadInst->eraseFromParent();
else else
DeadInst->eraseFromParent(); DeadInst->eraseFromParent();
} while (!NowDeadInsts.empty()); } while (!NowDeadInsts.empty());
*BBI = NewIter; *BBI = NewIter;
} }
fhahnUnsubmitted
Not Done
ReplyInline Actions

Shouldn't we increment It early, as we remove the element It refers to? It does not seem to cause any issue, but FWIW, it seems that for SPEC and the test-suite, we always do at most 1 iteration of the loop.

fhahn: Shouldn't we increment `It` early, as we remove the element `It` refers to? It does not seem to…
quic_aankitAuthorUnsubmitted
Done
ReplyInline Actions

I don't think that incrementing It after removing the element pointed by it should be an issue as we are not accessing the element in between. In the latest patch I've incremented It before removing the element.

quic_aankit: I don't think that incrementing `It` after removing the element pointed by it should be an…
/// Does this instruction write some memory? This only returns true for things /// Does this instruction write some memory? This only returns true for things
/// that we can analyze with other helpers below. /// that we can analyze with other helpers below.
static bool hasAnalyzableMemoryWrite(Instruction *I, static bool hasAnalyzableMemoryWrite(Instruction *I,
const TargetLibraryInfo &TLI) { const TargetLibraryInfo &TLI) {
if (isa<StoreInst>(I)) if (isa<StoreInst>(I))
return true; return true;
if (IntrinsicInst *II = dyn_cast<IntrinsicInst>(I)) { if (IntrinsicInst *II = dyn_cast<IntrinsicInst>(I)) {
switch (II->getIntrinsicID()) { switch (II->getIntrinsicID()) {
▲ Show 20 LinesShow All 494 Lines▼ Show 20 Linesstatic void findUnconditionalPreds(SmallVectorImpl<BasicBlock *> &Blocks,
} }
} }
/// Handle frees of entire structures whose dependency is a store /// Handle frees of entire structures whose dependency is a store
/// to a field of that structure. /// to a field of that structure.
static bool handleFree(CallInst *F, AliasAnalysis *AA, static bool handleFree(CallInst *F, AliasAnalysis *AA,
MemoryDependenceResults *MD, DominatorTree *DT, MemoryDependenceResults *MD, DominatorTree *DT,
const TargetLibraryInfo *TLI, const TargetLibraryInfo *TLI,
InstOverlapIntervalsTy &IOL, OrderedBasicBlock &OBB) { InstOverlapIntervalsTy &IOL, OrderedBasicBlock &OBB,
MapVector<Instruction*, bool> &ThrowableInst) {
bool MadeChange = false; bool MadeChange = false;
MemoryLocation Loc = MemoryLocation(F->getOperand(0)); MemoryLocation Loc = MemoryLocation(F->getOperand(0));
SmallVector<BasicBlock *, 16> Blocks; SmallVector<BasicBlock *, 16> Blocks;
Blocks.push_back(F->getParent()); Blocks.push_back(F->getParent());
const DataLayout &DL = F->getModule()->getDataLayout(); const DataLayout &DL = F->getModule()->getDataLayout();
while (!Blocks.empty()) { while (!Blocks.empty()) {
Show All 17 Lines while (Dep.isDef() || Dep.isClobber()) {
break; break;
LLVM_DEBUG( LLVM_DEBUG(
dbgs() << "DSE: Dead Store to soon to be freed memory:\n DEAD: " dbgs() << "DSE: Dead Store to soon to be freed memory:\n DEAD: "
<< *Dependency << '\n'); << *Dependency << '\n');
// DCE instructions only used to calculate that store. // DCE instructions only used to calculate that store.
BasicBlock::iterator BBI(Dependency); BasicBlock::iterator BBI(Dependency);
deleteDeadInstruction(Dependency, &BBI, *MD, *TLI, IOL, OBB); deleteDeadInstruction(Dependency, &BBI, *MD, *TLI, IOL, OBB,
ThrowableInst);
++NumFastStores; ++NumFastStores;
MadeChange = true; MadeChange = true;
// Inst's old Dependency is now deleted. Compute the next dependency, // Inst's old Dependency is now deleted. Compute the next dependency,
// which may also be dead, as in // which may also be dead, as in
// s[0] = 0; // s[0] = 0;
// s[1] = 0; // This has just been deleted. // s[1] = 0; // This has just been deleted.
// free(s); // free(s);
▲ Show 20 LinesShow All 41 Lines▼ Show 20 Lines
/// %A = alloca i32 /// %A = alloca i32
/// ... /// ...
/// store i32 1, i32* %A /// store i32 1, i32* %A
/// ret void /// ret void
static bool handleEndBlock(BasicBlock &BB, AliasAnalysis *AA, static bool handleEndBlock(BasicBlock &BB, AliasAnalysis *AA,
MemoryDependenceResults *MD, MemoryDependenceResults *MD,
const TargetLibraryInfo *TLI, const TargetLibraryInfo *TLI,
InstOverlapIntervalsTy &IOL, InstOverlapIntervalsTy &IOL,
OrderedBasicBlock &OBB) { OrderedBasicBlock &OBB,
MapVector<Instruction*, bool> &ThrowableInst) {
bool MadeChange = false; bool MadeChange = false;
// Keep track of all of the stack objects that are dead at the end of the // Keep track of all of the stack objects that are dead at the end of the
// function. // function.
SmallSetVector<const Value*, 16> DeadStackObjects; SmallSetVector<const Value*, 16> DeadStackObjects;
// Find all of the alloca'd pointers in the entry block. // Find all of the alloca'd pointers in the entry block.
BasicBlock &Entry = BB.getParent()->front(); BasicBlock &Entry = BB.getParent()->front();
▲ Show 20 LinesShow All 44 Lines▼ Show 20 Lines if (hasAnalyzableMemoryWrite(&*BBI, *TLI) && isRemovable(&*BBI)) {
I != E; ++I) { I != E; ++I) {
dbgs() << **I; dbgs() << **I;
if (std::next(I) != E) if (std::next(I) != E)
dbgs() << ", "; dbgs() << ", ";
} dbgs() } dbgs()
<< '\n'); << '\n');
// DCE instructions only used to calculate that store. // DCE instructions only used to calculate that store.
deleteDeadInstruction(Dead, &BBI, *MD, *TLI, IOL, OBB, deleteDeadInstruction(Dead, &BBI, *MD, *TLI, IOL, OBB, ThrowableInst,
&DeadStackObjects); &DeadStackObjects);
++NumFastStores; ++NumFastStores;
MadeChange = true; MadeChange = true;
continue; continue;
} }
} }
// Remove any dead non-memory-mutating instructions. // Remove any dead non-memory-mutating instructions.
if (isInstructionTriviallyDead(&*BBI, TLI)) { if (isInstructionTriviallyDead(&*BBI, TLI)) {
LLVM_DEBUG(dbgs() << "DSE: Removing trivially dead instruction:\n DEAD: " LLVM_DEBUG(dbgs() << "DSE: Removing trivially dead instruction:\n DEAD: "
<< *&*BBI << '\n'); << *&*BBI << '\n');
deleteDeadInstruction(&*BBI, &BBI, *MD, *TLI, IOL, OBB, deleteDeadInstruction(&*BBI, &BBI, *MD, *TLI, IOL, OBB, ThrowableInst,
&DeadStackObjects); &DeadStackObjects);
++NumFastOther; ++NumFastOther;
MadeChange = true; MadeChange = true;
continue; continue;
} }
if (isa<AllocaInst>(BBI)) { if (isa<AllocaInst>(BBI)) {
// Remove allocas from the list of dead stack objects; there can't be // Remove allocas from the list of dead stack objects; there can't be
▲ Show 20 LinesShow All 190 Lines▼ Show 20 Linesstatic bool removePartiallyOverlappedStores(AliasAnalysis *AA,
return Changed; return Changed;
} }
static bool eliminateNoopStore(Instruction *Inst, BasicBlock::iterator &BBI, static bool eliminateNoopStore(Instruction *Inst, BasicBlock::iterator &BBI,
AliasAnalysis *AA, MemoryDependenceResults *MD, AliasAnalysis *AA, MemoryDependenceResults *MD,
const DataLayout &DL, const DataLayout &DL,
const TargetLibraryInfo *TLI, const TargetLibraryInfo *TLI,
InstOverlapIntervalsTy &IOL, InstOverlapIntervalsTy &IOL,
OrderedBasicBlock &OBB) { OrderedBasicBlock &OBB,
MapVector<Instruction*, bool> &ThrowableInst) {
// Must be a store instruction. // Must be a store instruction.
StoreInst *SI = dyn_cast<StoreInst>(Inst); StoreInst *SI = dyn_cast<StoreInst>(Inst);
if (!SI) if (!SI)
return false; return false;
// If we're storing the same value back to a pointer that we just loaded from, // If we're storing the same value back to a pointer that we just loaded from,
// then the store can be removed. // then the store can be removed.
if (LoadInst *DepLoad = dyn_cast<LoadInst>(SI->getValueOperand())) { if (LoadInst *DepLoad = dyn_cast<LoadInst>(SI->getValueOperand())) {
if (SI->getPointerOperand() == DepLoad->getPointerOperand() && if (SI->getPointerOperand() == DepLoad->getPointerOperand() &&
isRemovable(SI) && memoryIsNotModifiedBetween(DepLoad, SI, AA)) { isRemovable(SI) && memoryIsNotModifiedBetween(DepLoad, SI, AA)) {
LLVM_DEBUG( LLVM_DEBUG(
dbgs() << "DSE: Remove Store Of Load from same pointer:\n LOAD: " dbgs() << "DSE: Remove Store Of Load from same pointer:\n LOAD: "
<< *DepLoad << "\n STORE: " << *SI << '\n'); << *DepLoad << "\n STORE: " << *SI << '\n');
deleteDeadInstruction(SI, &BBI, *MD, *TLI, IOL, OBB); deleteDeadInstruction(SI, &BBI, *MD, *TLI, IOL, OBB, ThrowableInst);
++NumRedundantStores; ++NumRedundantStores;
return true; return true;
} }
} }
// Remove null stores into the calloc'ed objects // Remove null stores into the calloc'ed objects
Constant *StoredConstant = dyn_cast<Constant>(SI->getValueOperand()); Constant *StoredConstant = dyn_cast<Constant>(SI->getValueOperand());
if (StoredConstant && StoredConstant->isNullValue() && isRemovable(SI)) { if (StoredConstant && StoredConstant->isNullValue() && isRemovable(SI)) {
Instruction *UnderlyingPointer = Instruction *UnderlyingPointer =
dyn_cast<Instruction>(GetUnderlyingObject(SI->getPointerOperand(), DL)); dyn_cast<Instruction>(GetUnderlyingObject(SI->getPointerOperand(), DL));
if (UnderlyingPointer && isCallocLikeFn(UnderlyingPointer, TLI) && if (UnderlyingPointer && isCallocLikeFn(UnderlyingPointer, TLI) &&
memoryIsNotModifiedBetween(UnderlyingPointer, SI, AA)) { memoryIsNotModifiedBetween(UnderlyingPointer, SI, AA)) {
LLVM_DEBUG( LLVM_DEBUG(
dbgs() << "DSE: Remove null store to the calloc'ed object:\n DEAD: " dbgs() << "DSE: Remove null store to the calloc'ed object:\n DEAD: "
<< *Inst << "\n OBJECT: " << *UnderlyingPointer << '\n'); << *Inst << "\n OBJECT: " << *UnderlyingPointer << '\n');
deleteDeadInstruction(SI, &BBI, *MD, *TLI, IOL, OBB); deleteDeadInstruction(SI, &BBI, *MD, *TLI, IOL, OBB, ThrowableInst);
++NumRedundantStores; ++NumRedundantStores;
return true; return true;
} }
} }
return false; return false;
} }
static bool eliminateDeadStores(BasicBlock &BB, AliasAnalysis *AA, static bool eliminateDeadStores(BasicBlock &BB, AliasAnalysis *AA,
MemoryDependenceResults *MD, DominatorTree *DT, MemoryDependenceResults *MD, DominatorTree *DT,
const TargetLibraryInfo *TLI) { const TargetLibraryInfo *TLI) {
const DataLayout &DL = BB.getModule()->getDataLayout(); const DataLayout &DL = BB.getModule()->getDataLayout();
bool MadeChange = false; bool MadeChange = false;
OrderedBasicBlock OBB(&BB); OrderedBasicBlock OBB(&BB);
Instruction *LastThrowing = nullptr; MapVector<Instruction *, bool> ThrowableInst;
// A map of interval maps representing partially-overwritten value parts. // A map of interval maps representing partially-overwritten value parts.
InstOverlapIntervalsTy IOL; InstOverlapIntervalsTy IOL;
// Do a top-down walk on the BB. // Do a top-down walk on the BB.
for (BasicBlock::iterator BBI = BB.begin(), BBE = BB.end(); BBI != BBE; ) { for (BasicBlock::iterator BBI = BB.begin(), BBE = BB.end(); BBI != BBE; ) {
// Handle 'free' calls specially. // Handle 'free' calls specially.
if (CallInst *F = isFreeCall(&*BBI, TLI)) { if (CallInst *F = isFreeCall(&*BBI, TLI)) {
MadeChange |= handleFree(F, AA, MD, DT, TLI, IOL, OBB); MadeChange |= handleFree(F, AA, MD, DT, TLI, IOL, OBB, ThrowableInst);
// Increment BBI after handleFree has potentially deleted instructions. // Increment BBI after handleFree has potentially deleted instructions.
// This ensures we maintain a valid iterator. // This ensures we maintain a valid iterator.
++BBI; ++BBI;
continue; continue;
} }
Instruction *Inst = &*BBI++; Instruction *Inst = &*BBI++;
if (Inst->mayThrow()) { if (Inst->mayThrow()) {
LastThrowing = Inst; ThrowableInst[Inst] = true;
continue; continue;
} }
// Check to see if Inst writes to memory. If not, continue. // Check to see if Inst writes to memory. If not, continue.
if (!hasAnalyzableMemoryWrite(Inst, *TLI)) if (!hasAnalyzableMemoryWrite(Inst, *TLI))
continue; continue;
// eliminateNoopStore will update in iterator, if necessary. // eliminateNoopStore will update in iterator, if necessary.
if (eliminateNoopStore(Inst, BBI, AA, MD, DL, TLI, IOL, OBB)) { if (eliminateNoopStore(Inst, BBI, AA, MD, DL, TLI, IOL, OBB,
ThrowableInst)) {
MadeChange = true; MadeChange = true;
continue; continue;
} }
// If we find something that writes memory, get its memory dependence. // If we find something that writes memory, get its memory dependence.
MemDepResult InstDep = MD->getDependency(Inst, &OBB); MemDepResult InstDep = MD->getDependency(Inst, &OBB);
// Ignore any store where we can't find a local dependence. // Ignore any store where we can't find a local dependence.
Show All 26 Lines while (InstDep.isDef() || InstDep.isClobber()) {
Instruction *DepWrite = InstDep.getInst(); Instruction *DepWrite = InstDep.getInst();
if (!hasAnalyzableMemoryWrite(DepWrite, *TLI)) if (!hasAnalyzableMemoryWrite(DepWrite, *TLI))
break; break;
MemoryLocation DepLoc = getLocForWrite(DepWrite); MemoryLocation DepLoc = getLocForWrite(DepWrite);
// If we didn't get a useful location, or if it isn't a size, bail out. // If we didn't get a useful location, or if it isn't a size, bail out.
if (!DepLoc.Ptr) if (!DepLoc.Ptr)
break; break;
// Iterate over the throwable instruction list to find the last throwable
// instruction not removed by call to deleteDeadInstruction.
Instruction *LastThrowing = nullptr;
fhahnUnsubmitted
Not Done
ReplyInline Actions

I think we could move the code to pop the removed instructions from the map to deleteDeadInstructions. That would keep the logic to manage the map in one place and here we can simply use the last instruction in the map as LastThrowing I think.

fhahn: I think we could move the code to pop the removed instructions from the map to…
quic_aankitAuthorUnsubmitted
Done
ReplyInline Actions

I've moved the code up in deleteDeadInstructions. I had this here to be able to use inexpensive pop_back instead of the expensive erase. But I think your suggestion makes more sense.

quic_aankit: I've moved the code up in deleteDeadInstructions. I had this here to be able to use inexpensive…
if (!ThrowableInst.empty())
fhahnUnsubmitted
Done
ReplyInline Actions

AFAIK we are looking for the last throwing instruction we encountered, but this will set it to the first? Shouldn't check the map in reverse insertion order?

Otherwise we remove the store between the @foo calls, which we would have to preserve, as @foo may throw.

declare i8* @_Znwj(i32) local_unnamed_addr

declare void @foo() readnone
; CHECK-LABEL: @test(
; CHECK-NEXT: store
; CHECK-NEXT: ret void
define void @test(i8** %ptr, i8* %p1, i8* %p2) {
  store i8* undef, i8** %ptr
  call void @foo()
  store i8* %p1, i8** %ptr
  call void @foo()
  store i8* %p2, i8** %ptr
  %call = call i8* @_Znwj(i32 1)
  store i8* %call, i8** %ptr
  store i8* undef, i8** %ptr
  ret void
}
fhahn: AFAIK we are looking for the last throwing instruction we encountered, but this will set it to…
quic_aankitAuthorUnsubmitted
Done
ReplyInline Actions

I'm sorry. This had to be a reverse iterator. I've corrected it in the new patch

quic_aankit: I'm sorry. This had to be a reverse iterator. I've corrected it in the new patch
LastThrowing = ThrowableInst.back().first;
// Make sure we don't look past a call which might throw. This is an // Make sure we don't look past a call which might throw. This is an
// issue because MemoryDependenceAnalysis works in the wrong direction: // issue because MemoryDependenceAnalysis works in the wrong direction:
// it finds instructions which dominate the current instruction, rather than // it finds instructions which dominate the current instruction, rather than
// instructions which are post-dominated by the current instruction. // instructions which are post-dominated by the current instruction.
// //
// If the underlying object is a non-escaping memory allocation, any store // If the underlying object is a non-escaping memory allocation, any store
// to it is dead along the unwind edge. Otherwise, we need to preserve // to it is dead along the unwind edge. Otherwise, we need to preserve
// the store. // the store.
Show All 23 Lines while (InstDep.isDef() || InstDep.isClobber()) {
OverwriteResult OR = isOverwrite(Loc, DepLoc, DL, *TLI, DepWriteOffset, OverwriteResult OR = isOverwrite(Loc, DepLoc, DL, *TLI, DepWriteOffset,
InstWriteOffset, DepWrite, IOL, *AA, InstWriteOffset, DepWrite, IOL, *AA,
BB.getParent()); BB.getParent());
if (OR == OW_Complete) { if (OR == OW_Complete) {
LLVM_DEBUG(dbgs() << "DSE: Remove Dead Store:\n DEAD: " << *DepWrite LLVM_DEBUG(dbgs() << "DSE: Remove Dead Store:\n DEAD: " << *DepWrite
<< "\n KILLER: " << *Inst << '\n'); << "\n KILLER: " << *Inst << '\n');
// Delete the store and now-dead instructions that feed it. // Delete the store and now-dead instructions that feed it.
deleteDeadInstruction(DepWrite, &BBI, *MD, *TLI, IOL, OBB); deleteDeadInstruction(DepWrite, &BBI, *MD, *TLI, IOL, OBB,
ThrowableInst);
++NumFastStores; ++NumFastStores;
MadeChange = true; MadeChange = true;
// We erased DepWrite; start over. // We erased DepWrite; start over.
InstDep = MD->getDependency(Inst, &OBB); InstDep = MD->getDependency(Inst, &OBB);
continue; continue;
} else if ((OR == OW_End && isShortenableAtTheEnd(DepWrite)) || } else if ((OR == OW_End && isShortenableAtTheEnd(DepWrite)) ||
((OR == OW_Begin && ((OR == OW_Begin &&
▲ Show 20 LinesShow All 64 Lines▼ Show 20 Lines while (InstDep.isDef() || InstDep.isClobber()) {
LLVMContext::MD_nontemporal}; LLVMContext::MD_nontemporal};
SI->copyMetadata(*DepWrite, MDToKeep); SI->copyMetadata(*DepWrite, MDToKeep);
++NumModifiedStores; ++NumModifiedStores;
// Remove earlier, wider, store // Remove earlier, wider, store
OBB.replaceInstruction(DepWrite, SI); OBB.replaceInstruction(DepWrite, SI);
// Delete the old stores and now-dead instructions that feed them. // Delete the old stores and now-dead instructions that feed them.
deleteDeadInstruction(Inst, &BBI, *MD, *TLI, IOL, OBB); deleteDeadInstruction(Inst, &BBI, *MD, *TLI, IOL, OBB,
deleteDeadInstruction(DepWrite, &BBI, *MD, *TLI, IOL, OBB); ThrowableInst);
deleteDeadInstruction(DepWrite, &BBI, *MD, *TLI, IOL, OBB,
ThrowableInst);
MadeChange = true; MadeChange = true;
// We erased DepWrite and Inst (Loc); start over. // We erased DepWrite and Inst (Loc); start over.
break; break;
} }
} }
} }
Show All 18 Linesstatic bool eliminateDeadStores(BasicBlock &BB, AliasAnalysis *AA,
} }
if (EnablePartialOverwriteTracking) if (EnablePartialOverwriteTracking)
MadeChange |= removePartiallyOverlappedStores(AA, DL, IOL); MadeChange |= removePartiallyOverlappedStores(AA, DL, IOL);
// If this block ends in a return, unwind, or unreachable, all allocas are // If this block ends in a return, unwind, or unreachable, all allocas are
// dead at its end, which means stores to them are also dead. // dead at its end, which means stores to them are also dead.
if (BB.getTerminator()->getNumSuccessors() == 0) if (BB.getTerminator()->getNumSuccessors() == 0)
MadeChange |= handleEndBlock(BB, AA, MD, TLI, IOL, OBB); MadeChange |= handleEndBlock(BB, AA, MD, TLI, IOL, OBB, ThrowableInst);
return MadeChange; return MadeChange;
} }
static bool eliminateDeadStores(Function &F, AliasAnalysis *AA, static bool eliminateDeadStores(Function &F, AliasAnalysis *AA,
MemoryDependenceResults *MD, DominatorTree *DT, MemoryDependenceResults *MD, DominatorTree *DT,
const TargetLibraryInfo *TLI) { const TargetLibraryInfo *TLI) {
bool MadeChange = false; bool MadeChange = false;
▲ Show 20 LinesShow All 82 LinesShow Last 20 Lines

llvm/test/Transforms/DeadStoreElimination/DeleteThrowableInst.ll

  • This file was added.
; RUN: opt < %s -basicaa -dse -S | FileCheck %s
fhahnUnsubmitted
Not Done
ReplyInline Actions

Can you please also add the test I mentioned in the comment?

fhahn: Can you please also add the test I mentioned in the comment?
declare i8* @_Znwj(i32) local_unnamed_addr
; CHECK-LABEL: @test(
; CHECK-NEXT: store
; CHECK-NEXT: ret void
define void @test(i8** %ptr) {
store i8* undef, i8** %ptr
%call = call i8* @_Znwj(i32 1)
store i8* %call, i8** %ptr
store i8* undef, i8** %ptr
ret void
}
fhahnUnsubmitted
Done
ReplyInline Actions

It might be better to store a concrete value instead undef (here and other places in the test casE) to make to test case more robust against future changes.

fhahn: It might be better to store a concrete value instead undef (here and other places in the test…