[PATCH] [Scalarizer] Fix potential for stale data in Scattered across invocations
Matt Wala
wala at google.com
Mon Jun 15 13:48:12 PDT 2015
Scalarizer has two data structures that hold information about changes
to the function, Gathered and Scattered. These are cleared in finish()
at the end of runOnFunction() if finish() detects any changes to the
function.
However, finish() was checking for changes by only checking if
Gathered was non-empty. The function visitStore() only modifies
Scattered without touching Gathered. As a result, Scattered could have
ended up having stale data if Scalarizer only scalarized store
instructions. Since the data in Scattered is used during the execution
of the pass, this introduced dangling pointer errors.
The fix is to check whether both Scattered and Gathered are empty
before deciding what to do in finish(). This also fixes a problem
where the Function can be modified although the pass returns false.
http://reviews.llvm.org/D10459
Files:
lib/Transforms/Scalar/Scalarizer.cpp
test/Transforms/Scalarizer/store-bug.ll
Index: lib/Transforms/Scalar/Scalarizer.cpp
===================================================================
--- lib/Transforms/Scalar/Scalarizer.cpp
+++ lib/Transforms/Scalar/Scalarizer.cpp
@@ -247,6 +247,7 @@
}
bool Scalarizer::runOnFunction(Function &F) {
+ assert(Gathered.empty() && Scattered.empty());
for (Function::iterator BBI = F.begin(), BBE = F.end(); BBI != BBE; ++BBI) {
BasicBlock *BB = BBI;
for (BasicBlock::iterator II = BB->begin(), IE = BB->end(); II != IE;) {
@@ -636,7 +637,9 @@
// Delete the instructions that we scalarized. If a full vector result
// is still needed, recreate it using InsertElements.
bool Scalarizer::finish() {
- if (Gathered.empty())
+ // The presence of data in Gathered or Scattered indicates changes
+ // made to the Function.
+ if (Gathered.empty() && Scattered.empty())
return false;
for (GatherList::iterator GMI = Gathered.begin(), GME = Gathered.end();
GMI != GME; ++GMI) {
Index: test/Transforms/Scalarizer/store-bug.ll
===================================================================
--- /dev/null
+++ test/Transforms/Scalarizer/store-bug.ll
@@ -0,0 +1,17 @@
+; RUN: opt -scalarizer -scalarize-load-store < %s
+target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128"
+
+; This input caused the scalarizer not to clear cached results
+; properly.
+;
+; Any regressions should trigger an assert in the scalarizer.
+
+define void @func(<4 x float> %val, <4 x float> *%ptr) {
+ store <4 x float> %val, <4 x float> *%ptr
+ ret void
+}
+
+define void @func.copy(<4 x float> %val, <4 x float> *%ptr) {
+ store <4 x float> %val, <4 x float> *%ptr
+ ret void
+}
EMAIL PREFERENCES
http://reviews.llvm.org/settings/panel/emailpreferences/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D10459.27715.patch
Type: text/x-patch
Size: 1770 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150615/15426255/attachment.bin>
More information about the llvm-commits
mailing list