[LLVMbugs] [Bug 16761] New: Introduce a flag to indicate that src==dst is OK for @llvm.memcpy instruction

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Wed Jul 31 08:10:21 PDT 2013


            Bug ID: 16761
           Summary: Introduce a flag to indicate that src==dst is OK for
                    @llvm.memcpy instruction
           Product: clang
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: -New Bugs
          Assignee: unassignedclangbugs at nondot.org
          Reporter: pbos at google.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

As tracked/WONTFIXed in bug 11763: a = b; can generate memcpy() calls for
memcpy(x, x, sizeof(*x)); which is incorrect according to both the POSIX and C
memcpy interfaces (blocks may not overlap). When these calls are executed
Valgrind correctly triggers a warning:

==1340== Thread 8:
==1340== Source and destination overlap in memcpy(0x1231c188, 0x1231c188, 192)
==1340==    at 0x4C2CFA0: memcpy@@GLIBC_2.14 (in
==1340==    by 0x61D02D: webrtc::VP8DecoderImpl::InitDecode(webrtc::VideoCodec
const*, int) (vp8_impl.cc:566)
==1340==    by 0x61CE78: webrtc::VP8DecoderImpl::Reset() (vp8_impl.cc:516)
==1340==    by 0x4B1983: webrtc::VCMGenericDecoder::Reset()

Writing memmove() into the IR was rejected because of performance issues. The
case is probably similar for not writing if (src != dst) { memcpy(dst, src,
sizeof(*src)); } into it.

However, if a @llvm.memcpy call is generated with an i1 <src_may_be_dst> flag
then insertion of this branch can be deferred to the backend-code generation,
which is left with two options:

small @llvm.memcpy, inlined copy:
- generate inline instructions, no branching required (unless the used
instructions actually require src != dst). This is where branching could add
significant cost.

large @llvm.memcpy, generating actual memcpy() call:
- Generate if (src != dst) { memcpy(src, dst, sizeof(*src)); }. This operates
under my personal assumption that "if a memcpy() call must be inserted, the
branching overhead is not very significant". This branch is not inserted unless

Benefits for doing this should include:

1. Obeying the contract of the memcpy() interface. Personally I believe this is
very significant and not a small thing at all, even though it works with known

2. Generating code that can be checked for correctness by Valgrind, without
having Valgrind change. This would include ASan as well, though I'm not sure
what the current state of suppressing that warning is. It would also permit
ASan to add that warning back.

3. Allow ASan/Valgrind to check explicit memcpy() calls for src == dst.

4. Performance when src is actually equal to dst, because it eliminates a
memcpy() call.

Previous relevant bugs/discussions:

LLVM bug: http://llvm.org/bugs/show_bug.cgi?id=11763
GCC bug: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=39480#c6
Valgrind discussion thread:

You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20130731/e0a71f5a/attachment.html>

More information about the llvm-bugs mailing list