[llvm-bugs] [Bug 35923] New: [Dead Store Elimination, Alias Analysis] Incorrect optimization

via llvm-bugs llvm-bugs at lists.llvm.org
Fri Jan 12 00:43:30 PST 2018 

https://bugs.llvm.org/show_bug.cgi?id=35923

            Bug ID: 35923
           Summary: [Dead Store Elimination, Alias Analysis]  Incorrect
                    optimization
           Product: libraries
           Version: trunk
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Scalar Optimizations
          Assignee: unassignedbugs at nondot.org
          Reporter: paulsson at linux.vnet.ibm.com
                CC: llvm-bugs at lists.llvm.org

Created attachment 19664
  --> https://bugs.llvm.org/attachment.cgi?id=19664&action=edit
reduced testcase

This function:

struct S0 {
  char f0;
  char f1
} d, f[9][8];
struct S0 *e = &d;
fn1() {
  struct S0 *g = &d;
  struct S0 h = {0, 0};
  *g = h;
  char *i = &d.f1;
  *e = f[8][7];
  *i = 1;
}

seems to get optimized incorrectly by DSE. The 'd' struct first gets value
{0,0} (via *g) and then again gets {0,0} via *e. After this, the f1 field gets
value 1:

define signext i32 @fn1() #0 {
entry:
  store i16 0, i16* bitcast (%struct.S0* @d to i16*), align 2
  %0 = load i16*, i16** bitcast (%struct.S0** @e to i16**), align 8
  %1 = load i16, i16* bitcast (i8* getelementptr inbounds
            ([9 x [8 x %struct.S0]], [9 x [8 x %struct.S0]]* @f, i64 0,
            i64 8, i64 7, i32 0) to i16*), align 2
  store i16 %1, i16* %0, align 1
  store i8 1, i8* getelementptr inbounds (%struct.S0, %struct.S0* @d, i64 0,
                                          i32 1), align 1
  ret i32 undef
}

DSE: Partial overwrite: Earlier [0, 2) Later [1, 2)
DSE: Partial overwrite an earlier load [0, 2) by a later store [1, 2)
DSE: Merge Stores:
  Earlier:   store i16 0, i16* bitcast (%struct.S0* @d to i16*), align 2
  Later:   store i8 1, i8* getelementptr inbounds (%struct.S0, %struct.S0* @d,
i64 0, i32 1), align 1, !tbaa !6
  Merged Value: 1

*** IR Dump After Dead Store Elimination ***
define signext i32 @fn1() #0 {
entry:
  store i16 1, i16* bitcast (%struct.S0* @d to i16*), align 2
  %0 = load i16*, i16** bitcast (%struct.S0** @e to i16**), align 8
  %1 = load i16, i16* bitcast (i8* getelementptr inbounds
                ([9 x [8 x %struct.S0]], [9 x [8 x %struct.S0]]* @f, i64 0,
                i64 8, i64 7, i32 0) to i16*), align 2
  store i16 %1, i16* %0, align 1
  ret i32 undef
}


It seems that DSE has combined the original store of i8 1 into the first store,
now storing an i16 1, which looks right since SystemZ is big endian. However,
the store to %0 was overwriting the same address, and therefore this is
incorrect.

Note that with -disable-basicaa this does not happen.

bin/opt tc_deadstore.ll -instcombine -dse -S -mtriple=s390x-linux-gnu -mcpu=z13

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20180112/36a429b9/attachment-0001.html>

More information about the llvm-bugs mailing list