In commit cdd006eec9409923f9a56b9026ce2cb72e7b71dc, the options SimplifyCondBranch and FoldTwoEntryPHINode were added and set to false when attribute OptForFuzzing is present. We also need to do the same for SimplifyCFGPass which is NPM version of CFGSimplifyPass. It will be duplicated. We can just check for the attribute at simplifyCondBranch and FoldTwoEntryPHINode
See discussion: https://reviews.llvm.org/D89590
This reverts commit cdd006eec9409923f9a56b9026ce2cb72e7b71dc.
Details
- Reviewers
arsenm lebedev.ri morehouse
Diff Detail
- Repository
- rG LLVM Github Monorepo
Unit Tests
Event Timeline
I disagree with this change. SimplifyCFG should continue to pass in options for transform options as is done for the others. I don't think avoiding duplication between the new PM and code that will be deleted is worth it
https://reviews.llvm.org/D44232 makes it sound like we always want to disable certain optimizations when optforfuzzing is specified, so the checks should be done in the transform, not the pass setup. We can have the options you introduced to disable those optimizations no matter what (as I suggested in https://reviews.llvm.org/D89590), but I think we should at least always check for optforfuzzing in SimplifyCFG.cpp. Does that make sense?
Thank you for the patch!
I disagree here. Why is that beneficial, if we want to force-disable those transforms regardless of their previous configured status?
Because SimplifyCFG is a standalone utility, not just a pass. It's a pass's responsibility to ensure attributes are respected, not individual transformations. If I'm writing another control flow pass (e.g. a structurizer) and calling these utilities, the transformation options should not be limited based on this extremely poorly specified attribute.
Let's back-track here.
Are you saying that those folds should not disable themselves in presence of OptForFuzzing attribute,
or that they should be guarded by their options?
Because i agree with later, but disagree with former.
I'm saying these folds should be guarded by the SimplifyCFGOptions flags. The pass itself should initialize the option field based on the attribute. Other uses of SimplifyCFG the utilities can consider the attribute at their discretion
I'm not familiar with users of standalone SimplifyCFG.
My primary concern is to keep these optimizations disabled under -fsanitize=fuzzer since they reduce the coverage signal we get from SanCov. AFAIU, either approach works for this.