[llvm-bugs] [Bug 34344] New: Wrong code bug: load removed by GVN

via llvm-bugs llvm-bugs at lists.llvm.org
Mon Aug 28 06:31:09 PDT 2017 

https://bugs.llvm.org/show_bug.cgi?id=34344

            Bug ID: 34344
           Summary: Wrong code bug: load removed by GVN
           Product: new-bugs
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: new bugs
          Assignee: unassignedbugs at nondot.org
          Reporter: mikael.holmen at ericsson.com
                CC: llvm-bugs at lists.llvm.org

Created attachment 19051
  --> https://bugs.llvm.org/attachment.cgi?id=19051&action=edit
Reproducer

Reproduce with:
opt -S -gvn -o - gvn_input.ll

And you get:

target datalayout = "p:8:8"

define void @foo() {
entry:
  %array = alloca [130 x i8], align 1
  br label %for.body

for.body:                                         ; preds = %for.body, %entry
  %i = phi i8 [ 0, %entry ], [ %inc, %for.body ]
  %idx = zext i8 %i to i16
  %addr = getelementptr inbounds [130 x i8], [130 x i8]* %array, i16 0, i16
%idx
  store i8 %i, i8* %addr, align 1
  %inc = add nuw i8 %i, 1
  %exitcond = icmp ne i8 %inc, -126
  br i1 %exitcond, label %for.body, label %for.cond.cleanup

for.cond.cleanup:                                 ; preds = %for.body
  %addr2 = getelementptr inbounds [130 x i8], [130 x i8]* %array, i16 0, i16
129
  tail call void @bar(i8 undef)
  ret void
}

declare void @bar(i8)

Note that now we pass undef to bar instead of the value loaded from index 129
in the local array. The array is initialized in the loop, from index 0 to (but
not including) index 130.

For some reason GVN fails to realize that the loop indeed writes at index 129,
the only dependency it sees when examining the load, is the alloca, and thus
it thinks we read from uninitialized memory, and the load is removed and
replaced
with undef.

As far as I can tell, this bug is not new. It was at least present in November
2016.

(Originally found on my out-of-tree target where we have 16b pointers. Loading
from
index 32768 then gives the same problems as index 129 in the example above.)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20170828/964d3e90/attachment.html>

More information about the llvm-bugs mailing list