This is an archive of the discontinued LLVM Phabricator instance.

Differential D69217

[ConstantRange] makeGuaranteedNoWrapRegion(): `shl` support
ClosedPublic

Authored by lebedev.ri on Oct 19 2019, 1:19 PM.

Details

Reviewers
nikic
sanjoy
Commits
rG4b6223263a3c: [ConstantRange] makeGuaranteedNoWrapRegion(): `shl` support
rL375370: [ConstantRange] makeGuaranteedNoWrapRegion(): `shl` support
Summary

If all the shifts amount are already poison-producing,
then we can add more poison-producing flags ontop:
https://rise4fun.com/Alive/Ocwi

Otherwise, we should only consider the possible range of shift amts that don't result in poison.

For unsigned range not not overflow, we must not shift out any set bits,
and the actual limit for x can be computed by backtransforming
the maximal value we could ever get out of the shl - -1 through
lshr. If the x is any larger than that then it will overflow.

Likewise for signed range, but just in signed domain..

This is based on the general idea outlined by @nikic in https://reviews.llvm.org/D68672#1714990

Diff Detail

Event Timeline

lebedev.ri created this revision.Oct 19 2019, 1:19 PM
Herald added a subscriber: hiraditya. · View Herald TranscriptOct 19 2019, 1:19 PM
nikic added inline comments.Oct 19 2019, 1:54 PM
llvm/lib/IR/ConstantRange.cpp
276

While an empty set here is conservatively correct, I believe that the more precise return value would be the range containing only zero [0, 1). The shift amount is < the bitwidth by assumption (otherwise the result is poison), and [0, 1) is the result for the worst-case assumption of shift amount = bitwidth - 1.

Even more precise would be to intersect the incoming range with [0, BitWidth), which may differ non-trivially from this approach for wrapped ranges. E.g. if you have a signed range [INT_MIN, 5), the UMax will be UINT_MAX, but the intersection [INT_MIN, 5) /\ [0, 32) is [0, 5) and the UMax will be 4, resulting in a much larger guaranteed nowrap region.

lebedev.ri marked an inline comment as done.Oct 19 2019, 2:37 PM
lebedev.ri added inline comments.
llvm/lib/IR/ConstantRange.cpp
276

The shift amount is < the bitwidth by assumption (otherwise the result is poison)

Ah, good point.

But by that logic, then for signed the range should be [-1, 1), correct?
0 << 7 == 0 - doesn't overflow in both signed and unsigned domains,
while -1 << 7 == -128 does not overflow in signed domain - still the same sign.

lebedev.ri marked an inline comment as done.Oct 19 2019, 3:15 PM
lebedev.ri added inline comments.
llvm/lib/IR/ConstantRange.cpp
276

Actually no, wait, if we are assuming that we will at worst get bitwidth-1 shift amount,
then we should produce [0, 2) for unsigned or [-1, 1) for signed.
Or i'm missing the point.

nikic added inline comments.Oct 19 2019, 3:26 PM
llvm/lib/IR/ConstantRange.cpp
276

I guess it should be [0, 2) unsigned and [-1, 1) signed then, as 1 << 7 does not overflow unsigned either.

Rather than special-casing this, we could just take ShAmtUMax = Other.getUnsignedMax().umin(BitWidth-1) and reuse the general code.

Or do

ConstantRange ShAmt = Other.intersect(ConstantRange(
    APInt(BitWidth, 0), APInt(BitWidth, BitWidth)));`
if (ShAmt.isEmptySet())
  return getEmpty(); // or getFull()?
APInt ShAmtUMax = ShAmt.getUnsignedMax();

for the fully precise variant.

lebedev.ri updated this revision to Diff 225774.Oct 19 2019, 3:54 PM
lebedev.ri marked 2 inline comments as done.

Clamp max shift amount to bitwidth-1

llvm/lib/IR/ConstantRange.cpp
276

I guess it should be [0, 2) unsigned and [-1, 1) signed then, as 1 << 7 does not overflow unsigned either.
Rather than special-casing this, we could just take ShAmtUMax = Other.getUnsignedMax().umin(BitWidth-1) and reuse the general code.

Indeed, which is why i was having trouble grasping why it would be [0, 1) for shamt=bitwidth all of a sudden.

Didn't think about intersection yet.

lebedev.ri updated this revision to Diff 225780.Oct 20 2019, 4:09 AM
lebedev.ri marked an inline comment as done.
lebedev.ri edited the summary of this revision. (Show Details)

Improve tests and go full on intersectWith().

nikic added inline comments.Oct 20 2019, 9:28 AM
llvm/unittests/IR/ConstantRangeTest.cpp
1601–1602

So, I wrote this test, but I can't say I understand why it does what it does... Enumerating over all ranges CR1 seems to be entirely unnecessary, it would be sufficient to just iterate over all N1 in the full range to get the same coverage, and save us a whole lot of unnecessary iterations.

That should allow us to run this test with a larger bit width, in which case you could just drop the MakeGuaranteedNoWrapRegionShl(Un)signedSingleValue tests entirely, as they are special cases of what is checked here (just with a larger bit width).

1858

Why is this test structurally different from the previous one?

lebedev.ri updated this revision to Diff 225792.Oct 20 2019, 10:51 AM
lebedev.ri marked 2 inline comments as done.

Tune some tests

llvm/unittests/IR/ConstantRangeTest.cpp
1858

This was carbon copy from 4 tests above; TEST(ConstantRange, MakeGuaranteedNoWrapRegionMulSignedRange)
in this case; let's streamline..

nikic added inline comments.Oct 20 2019, 12:03 PM
llvm/unittests/IR/ConstantRangeTest.cpp
1601–1602

As it's unrelated to this revision, I've made this change in rL375369. Now testing 5 bits, which is good enough I think.

lebedev.ri updated this revision to Diff 225795.Oct 20 2019, 12:06 PM
lebedev.ri marked 2 inline comments as done.

Rebased

nikic accepted this revision.Oct 20 2019, 12:12 PM

LGTM

This revision is now accepted and ready to land.Oct 20 2019, 12:12 PM
lebedev.ri added a comment.Oct 20 2019, 12:21 PM
In D69217#1715974, @nikic wrote:

LGTM

Thank you for the review.
Will post CVP patch later, needs tests, but the effect is similar to the mul patch (D69203).

Closed by commit rG4b6223263a3c: [ConstantRange] makeGuaranteedNoWrapRegion(): `shl` support (authored by lebedev.ri). · Explain WhyOct 20 2019, 12:39 PM
This revision was automatically updated to reflect the committed changes.
lebedev.ri mentioned this in D69277: [CVP] No-wrap deduction for `shl`.Oct 21 2019, 12:41 PM
Diffusion mentioned this in rL375455: [CVP] No-wrap deduction for `shl`.Oct 21 2019, 2:32 PM
lebedev.ri mentioned this in rG7cd7f4a83b7a: [CVP] No-wrap deduction for `shl`.Oct 21 2019, 2:32 PM

Revision Contents

PathSize
llvm/
lib/
IR/
21 lines
unittests/
IR/
78 lines

Diff 225796

llvm/lib/IR/ConstantRange.cpp

Show First 20 LinesShow All 263 Lines▼ Show 20 LinesConstantRange::makeGuaranteedNoWrapRegion(Instruction::BinaryOps BinOp,
} }
case Instruction::Mul: case Instruction::Mul:
if (Unsigned) if (Unsigned)
return makeExactMulNUWRegion(Other.getUnsignedMax()); return makeExactMulNUWRegion(Other.getUnsignedMax());
return makeExactMulNSWRegion(Other.getSignedMin()) return makeExactMulNSWRegion(Other.getSignedMin())
.intersectWith(makeExactMulNSWRegion(Other.getSignedMax())); .intersectWith(makeExactMulNSWRegion(Other.getSignedMax()));
case Instruction::Shl: {
// For given range of shift amounts, if we ignore all illegal shift amounts
// (that always produce poison), what shift amount range is left?
ConstantRange ShAmt = Other.intersectWith(
nikicUnsubmitted
Done
ReplyInline Actions

While an empty set here is conservatively correct, I believe that the more precise return value would be the range containing only zero [0, 1). The shift amount is < the bitwidth by assumption (otherwise the result is poison), and [0, 1) is the result for the worst-case assumption of shift amount = bitwidth - 1.

Even more precise would be to intersect the incoming range with [0, BitWidth), which may differ non-trivially from this approach for wrapped ranges. E.g. if you have a signed range [INT_MIN, 5), the UMax will be UINT_MAX, but the intersection [INT_MIN, 5) /\ [0, 32) is [0, 5) and the UMax will be 4, resulting in a much larger guaranteed nowrap region.

nikic: While an empty set here is conservatively correct, I believe that the more precise return value…
lebedev.riAuthorUnsubmitted
Done
ReplyInline Actions

The shift amount is < the bitwidth by assumption (otherwise the result is poison)

Ah, good point.

But by that logic, then for signed the range should be [-1, 1), correct?
0 << 7 == 0 - doesn't overflow in both signed and unsigned domains,
while -1 << 7 == -128 does not overflow in signed domain - still the same sign.

lebedev.ri: > The shift amount is < the bitwidth by assumption (otherwise the result is poison) Ah, good…
lebedev.riAuthorUnsubmitted
Done
ReplyInline Actions

Actually no, wait, if we are assuming that we will at worst get bitwidth-1 shift amount,
then we should produce [0, 2) for unsigned or [-1, 1) for signed.
Or i'm missing the point.

lebedev.ri: Actually no, wait, if we are assuming that we will at worst get bitwidth-1 shift amount, then…
nikicUnsubmitted
Done
ReplyInline Actions

I guess it should be [0, 2) unsigned and [-1, 1) signed then, as 1 << 7 does not overflow unsigned either.

Rather than special-casing this, we could just take ShAmtUMax = Other.getUnsignedMax().umin(BitWidth-1) and reuse the general code.

Or do

ConstantRange ShAmt = Other.intersect(ConstantRange(
    APInt(BitWidth, 0), APInt(BitWidth, BitWidth)));`
if (ShAmt.isEmptySet())
  return getEmpty(); // or getFull()?
APInt ShAmtUMax = ShAmt.getUnsignedMax();

for the fully precise variant.

nikic: I guess it should be `[0, 2)` unsigned and `[-1, 1)` signed then, as `1 << 7` does not overflow…
lebedev.riAuthorUnsubmitted
Done
ReplyInline Actions

I guess it should be [0, 2) unsigned and [-1, 1) signed then, as 1 << 7 does not overflow unsigned either.
Rather than special-casing this, we could just take ShAmtUMax = Other.getUnsignedMax().umin(BitWidth-1) and reuse the general code.

Indeed, which is why i was having trouble grasping why it would be [0, 1) for shamt=bitwidth all of a sudden.

Didn't think about intersection yet.

lebedev.ri: > I guess it should be [0, 2) unsigned and [-1, 1) signed then, as 1 << 7 does not overflow…
ConstantRange(APInt(BitWidth, 0), APInt(BitWidth, (BitWidth - 1) + 1)));
if (ShAmt.isEmptySet()) {
// If the entire range of shift amounts is already poison-producing,
// then we can freely add more poison-producing flags ontop of that.
return getFull(BitWidth);
}
// There are some legal shift amounts, we can compute conservatively-correct
// range of no-wrap inputs. Note that by now we have clamped the ShAmtUMax
// to be at most bitwidth-1, which results in most conservative range.
APInt ShAmtUMax = ShAmt.getUnsignedMax();
if (Unsigned)
return getNonEmpty(APInt::getNullValue(BitWidth),
APInt::getMaxValue(BitWidth).lshr(ShAmtUMax) + 1);
return getNonEmpty(APInt::getSignedMinValue(BitWidth).ashr(ShAmtUMax),
APInt::getSignedMaxValue(BitWidth).ashr(ShAmtUMax) + 1);
}
} }
} }
ConstantRange ConstantRange::makeExactNoWrapRegion(Instruction::BinaryOps BinOp, ConstantRange ConstantRange::makeExactNoWrapRegion(Instruction::BinaryOps BinOp,
const APInt &Other, const APInt &Other,
unsigned NoWrapKind) { unsigned NoWrapKind) {
// makeGuaranteedNoWrapRegion() is exact for single-element ranges, as // makeGuaranteedNoWrapRegion() is exact for single-element ranges, as
// "for all" and "for any" coincide in this case. // "for all" and "for any" coincide in this case.
▲ Show 20 LinesShow All 1,199 LinesShow Last 20 Lines

llvm/unittests/IR/ConstantRangeTest.cpp

Show First 20 LinesShow All 1,526 Lines▼ Show 20 Lines EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion(
ConstantRange(APInt::getMinValue(32), APInt::getMaxValue(32))); ConstantRange(APInt::getMinValue(32), APInt::getMaxValue(32)));
EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion( EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Sub, One, OBO::NoSignedWrap), Instruction::Sub, One, OBO::NoSignedWrap),
ConstantRange(APInt::getSignedMinValue(32) + 1, ConstantRange(APInt::getSignedMinValue(32) + 1,
APInt::getSignedMinValue(32))); APInt::getSignedMinValue(32)));
EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion( EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Sub, One, OBO::NoUnsignedWrap), Instruction::Sub, One, OBO::NoUnsignedWrap),
ConstantRange(APInt::getMinValue(32) + 1, APInt::getMinValue(32))); ConstantRange(APInt::getMinValue(32) + 1, APInt::getMinValue(32)));
ConstantRange OneLessThanBitWidth(APInt(32, 0), APInt(32, 31) + 1);
ConstantRange UpToBitWidth(APInt(32, 0), APInt(32, 32) + 1);
EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, UpToBitWidth, OBO::NoUnsignedWrap),
ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, OneLessThanBitWidth, OBO::NoUnsignedWrap));
EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, UpToBitWidth, OBO::NoSignedWrap),
ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, OneLessThanBitWidth, OBO::NoSignedWrap));
EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, UpToBitWidth, OBO::NoUnsignedWrap),
ConstantRange(APInt(32, 0), APInt(32, 1) + 1));
EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, UpToBitWidth, OBO::NoSignedWrap),
ConstantRange(APInt(32, -1), APInt(32, 0) + 1));
EXPECT_EQ(
ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, ConstantRange::getFull(32), OBO::NoUnsignedWrap),
ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, OneLessThanBitWidth, OBO::NoUnsignedWrap));
EXPECT_EQ(
ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, ConstantRange::getFull(32), OBO::NoSignedWrap),
ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, OneLessThanBitWidth, OBO::NoSignedWrap));
ConstantRange IllegalShAmt(APInt(32, 32), APInt(32, 0) + 1);
EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, IllegalShAmt, OBO::NoUnsignedWrap),
ConstantRange::getFull(32));
EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, IllegalShAmt, OBO::NoSignedWrap),
ConstantRange::getFull(32));
EXPECT_EQ(
ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, ConstantRange(APInt(32, -32), APInt(32, 16) + 1),
OBO::NoUnsignedWrap),
ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, ConstantRange(APInt(32, 0), APInt(32, 16) + 1),
OBO::NoUnsignedWrap));
EXPECT_EQ(
ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, ConstantRange(APInt(32, -32), APInt(32, 16) + 1),
OBO::NoSignedWrap),
ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl, ConstantRange(APInt(32, 0), APInt(32, 16) + 1),
OBO::NoSignedWrap));
EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl,
ConstantRange(APInt(32, -32), APInt(32, 16) + 1),
OBO::NoUnsignedWrap),
ConstantRange(APInt(32, 0), APInt(32, 65535) + 1));
EXPECT_EQ(ConstantRange::makeGuaranteedNoWrapRegion(
Instruction::Shl,
ConstantRange(APInt(32, -32), APInt(32, 16) + 1),
OBO::NoSignedWrap),
ConstantRange(APInt(32, -32768), APInt(32, 32767) + 1));
} }
template<typename Fn> template<typename Fn>
void TestNoWrapRegionExhaustive(Instruction::BinaryOps BinOp, void TestNoWrapRegionExhaustive(Instruction::BinaryOps BinOp,
unsigned NoWrapKind, Fn OverflowFn) { unsigned NoWrapKind, Fn OverflowFn) {
unsigned Bits = 5; unsigned Bits = 5;
nikicUnsubmitted
Done
ReplyInline Actions

So, I wrote this test, but I can't say I understand why it does what it does... Enumerating over all ranges CR1 seems to be entirely unnecessary, it would be sufficient to just iterate over all N1 in the full range to get the same coverage, and save us a whole lot of unnecessary iterations.

That should allow us to run this test with a larger bit width, in which case you could just drop the MakeGuaranteedNoWrapRegionShl(Un)signedSingleValue tests entirely, as they are special cases of what is checked here (just with a larger bit width).

nikic: So, I wrote this test, but I can't say I understand why it does what it does... Enumerating…
nikicUnsubmitted
Done
ReplyInline Actions

As it's unrelated to this revision, I've made this change in rL375369. Now testing 5 bits, which is good enough I think.

nikic: As it's unrelated to this revision, I've made this change in rL375369. Now testing 5 bits…
EnumerateConstantRanges(Bits, [&](const ConstantRange &CR) { EnumerateConstantRanges(Bits, [&](const ConstantRange &CR) {
if (CR.isEmptySet()) if (CR.isEmptySet())
return; return;
if (Instruction::isShift(BinOp) && CR.getUnsignedMax().uge(Bits))
return;
ConstantRange NoWrap = ConstantRange NoWrap =
ConstantRange::makeGuaranteedNoWrapRegion(BinOp, CR, NoWrapKind); ConstantRange::makeGuaranteedNoWrapRegion(BinOp, CR, NoWrapKind);
ConstantRange Full = ConstantRange::getFull(Bits); ConstantRange Full = ConstantRange::getFull(Bits);
ForeachNumInConstantRange(Full, [&](const APInt &N1) { ForeachNumInConstantRange(Full, [&](const APInt &N1) {
bool NoOverflow = true; bool NoOverflow = true;
bool Overflow = true; bool Overflow = true;
ForeachNumInConstantRange(CR, [&](const APInt &N2) { ForeachNumInConstantRange(CR, [&](const APInt &N2) {
▲ Show 20 LinesShow All 52 Lines▼ Show 20 Lines TestNoWrapRegionExhaustive(
}); });
TestNoWrapRegionExhaustive( TestNoWrapRegionExhaustive(
Instruction::Mul, OverflowingBinaryOperator::NoSignedWrap, Instruction::Mul, OverflowingBinaryOperator::NoSignedWrap,
[](const APInt &N1, const APInt &N2) { [](const APInt &N1, const APInt &N2) {
bool Overflow; bool Overflow;
(void) N1.smul_ov(N2, Overflow); (void) N1.smul_ov(N2, Overflow);
return Overflow; return Overflow;
}); });
TestNoWrapRegionExhaustive(Instruction::Shl,
OverflowingBinaryOperator::NoUnsignedWrap,
[](const APInt &N1, const APInt &N2) {
bool Overflow;
(void)N1.ushl_ov(N2, Overflow);
return Overflow;
});
TestNoWrapRegionExhaustive(Instruction::Shl,
OverflowingBinaryOperator::NoSignedWrap,
[](const APInt &N1, const APInt &N2) {
bool Overflow;
(void)N1.sshl_ov(N2, Overflow);
return Overflow;
});
} }
TEST(ConstantRange, GetEquivalentICmp) { TEST(ConstantRange, GetEquivalentICmp) {
APInt RHS; APInt RHS;
CmpInst::Predicate Pred; CmpInst::Predicate Pred;
EXPECT_TRUE(ConstantRange(APInt::getMinValue(32), APInt(32, 100)) EXPECT_TRUE(ConstantRange(APInt::getMinValue(32), APInt(32, 100))
.getEquivalentICmp(Pred, RHS)); .getEquivalentICmp(Pred, RHS));
▲ Show 20 LinesShow All 152 Lines▼ Show 20 Lines
} }
TEST_F(ConstantRangeTest, SignedAddOverflow) { TEST_F(ConstantRangeTest, SignedAddOverflow) {
// Ill-defined - may overflow is a conservative result. // Ill-defined - may overflow is a conservative result.
EXPECT_MAY_OVERFLOW(Some.signedAddMayOverflow(Empty)); EXPECT_MAY_OVERFLOW(Some.signedAddMayOverflow(Empty));
EXPECT_MAY_OVERFLOW(Empty.signedAddMayOverflow(Some)); EXPECT_MAY_OVERFLOW(Empty.signedAddMayOverflow(Some));
// Never overflow despite one full/wrap set. // Never overflow despite one full/wrap set.
ConstantRange Zero(APInt::getNullValue(16)); ConstantRange Zero(APInt::getNullValue(16));
nikicUnsubmitted
Done
ReplyInline Actions

Why is this test structurally different from the previous one?

nikic: Why is this test structurally different from the previous one?
lebedev.riAuthorUnsubmitted
Done
ReplyInline Actions

This was carbon copy from 4 tests above; TEST(ConstantRange, MakeGuaranteedNoWrapRegionMulSignedRange)
in this case; let's streamline..

lebedev.ri: This was carbon copy from 4 tests above; `TEST(ConstantRange…
EXPECT_NEVER_OVERFLOWS(Full.signedAddMayOverflow(Zero)); EXPECT_NEVER_OVERFLOWS(Full.signedAddMayOverflow(Zero));
EXPECT_NEVER_OVERFLOWS(Wrap.signedAddMayOverflow(Zero)); EXPECT_NEVER_OVERFLOWS(Wrap.signedAddMayOverflow(Zero));
EXPECT_NEVER_OVERFLOWS(Zero.signedAddMayOverflow(Full)); EXPECT_NEVER_OVERFLOWS(Zero.signedAddMayOverflow(Full));
EXPECT_NEVER_OVERFLOWS(Zero.signedAddMayOverflow(Wrap)); EXPECT_NEVER_OVERFLOWS(Zero.signedAddMayOverflow(Wrap));
// But usually full/wrap always may overflow. // But usually full/wrap always may overflow.
EXPECT_MAY_OVERFLOW(Full.signedAddMayOverflow(One)); EXPECT_MAY_OVERFLOW(Full.signedAddMayOverflow(One));
EXPECT_MAY_OVERFLOW(Wrap.signedAddMayOverflow(One)); EXPECT_MAY_OVERFLOW(Wrap.signedAddMayOverflow(One));
▲ Show 20 LinesShow All 359 LinesShow Last 20 Lines