[PATCH] Disable branch folding with MemorySanitizer
Evgeniy Stepanov
eugenis at google.com
Tue Nov 19 01:59:27 PST 2013
Daniel, good point. By code inspection, there is at least one optimization applicable to conditional branches that is bad for sanitizers: HoistThenElseCodeToIf. This new version of the patch disables the entire conditional branch simplification code.
I don't have a good idea of what -O1 is supposed to be. If we define it is a set of optimizations that are "universally good", then one could argue that "stacktrace sanity" is an important feature of a program which is worth preseving at -O1.
http://llvm-reviews.chandlerc.com/D2214
CHANGE SINCE LAST DIFF
http://llvm-reviews.chandlerc.com/D2214?vs=5634&id=5652#toc
Files:
lib/Transforms/Utils/SimplifyCFG.cpp
test/Transforms/SimplifyCFG/branch-fold-msan.ll
Index: lib/Transforms/Utils/SimplifyCFG.cpp
===================================================================
--- lib/Transforms/Utils/SimplifyCFG.cpp
+++ lib/Transforms/Utils/SimplifyCFG.cpp
@@ -4126,7 +4126,16 @@
if (BI->isUnconditional()) {
if (SimplifyUncondBranch(BI, Builder)) return true;
} else {
- if (SimplifyCondBranch(BI, Builder)) return true;
+ // Various conditional branch optimizations lead to confusing sanitizer
+ // reports. Branch folding results in MemorySanitizer reporting use of
+ // uninitialized value at the unrelated branch instruction. Common code
+ // hoisting messes up stack traces when common code contains call
+ // instructions.
+ Function *Fn = BI->getParent()->getParent();
+ if (!Fn->hasFnAttribute(Attribute::SanitizeAddress) &&
+ !Fn->hasFnAttribute(Attribute::SanitizeMemory) &&
+ !Fn->hasFnAttribute(Attribute::SanitizeThread))
+ if (SimplifyCondBranch(BI, Builder)) return true;
}
} else if (ReturnInst *RI = dyn_cast<ReturnInst>(BB->getTerminator())) {
if (SimplifyReturn(RI, Builder)) return true;
Index: test/Transforms/SimplifyCFG/branch-fold-msan.ll
===================================================================
--- test/Transforms/SimplifyCFG/branch-fold-msan.ll
+++ test/Transforms/SimplifyCFG/branch-fold-msan.ll
@@ -0,0 +1,29 @@
+; RUN: opt < %s -simplifycfg -S | FileCheck %s
+
+declare void @callee()
+
+; Test that conditional branches are not folded with sanitize_memory.
+define void @caller(i32 %x, i32 %y) sanitize_memory {
+; CHECK: define void @caller(i32 [[X:%.*]], i32 [[Y:%.*]])
+; CHECK: icmp slt i32 {{.*}}[[X]]
+; CHECK: icmp slt i32 {{.*}}[[Y]]
+; CHECK: ret void
+
+entry:
+ %cmp = icmp slt i32 %x, 0
+ br i1 %cmp, label %if.then, label %if.end3
+
+if.then: ; preds = %entry
+ %cmp1 = icmp slt i32 %y, 0
+ br i1 %cmp1, label %if.then2, label %if.end
+
+if.then2: ; preds = %if.then
+ call void @callee()
+ br label %if.end
+
+if.end: ; preds = %if.then2, %if.then
+ br label %if.end3
+
+if.end3: ; preds = %if.end, %entry
+ ret void
+}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D2214.2.patch
Type: text/x-patch
Size: 2281 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20131119/f3b3f6ab/attachment.bin>
More information about the llvm-commits
mailing list