[llvm] 6361a8a - [CaptureTracking] Check for equality predicate for null comparisons

Nikita Popov via llvm-commits llvm-commits at lists.llvm.org
Thu Feb 20 04:08:55 PST 2025 

Author: Nikita Popov
Date: 2025-02-20T13:08:45+01:00
New Revision: 6361a8a1b763d6915636eb8cfaf64f2d8fe60a03

URL: https://github.com/llvm/llvm-project/commit/6361a8a1b763d6915636eb8cfaf64f2d8fe60a03
DIFF: https://github.com/llvm/llvm-project/commit/6361a8a1b763d6915636eb8cfaf64f2d8fe60a03.diff

LOG: [CaptureTracking] Check for equality predicate for null comparisons

The logic here is not valid for non-equality comparisons. E.g.
using slt will leak the sign bit, regardless of whether the
pointer is dereferenceable.

This fix is split out from https://github.com/llvm/llvm-project/pull/125880.

Added: 
    

Modified: 
    llvm/lib/Analysis/CaptureTracking.cpp
    llvm/test/Transforms/FunctionAttrs/nocapture.ll

Removed: 
    


################################################################################
diff  --git a/llvm/lib/Analysis/CaptureTracking.cpp b/llvm/lib/Analysis/CaptureTracking.cpp
index 49baf2eb84bb3..d82647c7c70cf 100644
--- a/llvm/lib/Analysis/CaptureTracking.cpp
+++ b/llvm/lib/Analysis/CaptureTracking.cpp
@@ -376,11 +376,12 @@ UseCaptureKind llvm::DetermineUseCaptureKind(
   case Instruction::ICmp: {
     unsigned Idx = U.getOperandNo();
     unsigned OtherIdx = 1 - Idx;
-    if (auto *CPN = dyn_cast<ConstantPointerNull>(I->getOperand(OtherIdx))) {
+    if (isa<ConstantPointerNull>(I->getOperand(OtherIdx)) &&
+        cast<ICmpInst>(I)->isEquality()) {
       // Don't count comparisons of a no-alias return value against null as
       // captures. This allows us to ignore comparisons of malloc results
       // with null, for example.
-      if (CPN->getType()->getAddressSpace() == 0)
+      if (U->getType()->getPointerAddressSpace() == 0)
         if (isNoAliasCall(U.get()->stripPointerCasts()))
           return UseCaptureKind::NO_CAPTURE;
       if (!I->getFunction()->nullPointerIsDefined()) {

diff  --git a/llvm/test/Transforms/FunctionAttrs/nocapture.ll b/llvm/test/Transforms/FunctionAttrs/nocapture.ll
index 51a79702a5655..3b0d11d15331e 100644
--- a/llvm/test/Transforms/FunctionAttrs/nocapture.ll
+++ b/llvm/test/Transforms/FunctionAttrs/nocapture.ll
@@ -791,7 +791,7 @@ define i1 @captureICmpWrongPred(ptr %x) {
 define i1 @captureICmpWrongPredDereferenceableOrNull(ptr dereferenceable_or_null(1) %x) {
 ; FNATTRS: Function Attrs: mustprogress nofree norecurse nosync nounwind willreturn memory(none)
 ; FNATTRS-LABEL: define noundef i1 @captureICmpWrongPredDereferenceableOrNull
-; FNATTRS-SAME: (ptr readnone captures(none) dereferenceable_or_null(1) [[X:%.*]]) #[[ATTR0]] {
+; FNATTRS-SAME: (ptr readnone dereferenceable_or_null(1) [[X:%.*]]) #[[ATTR0]] {
 ; FNATTRS-NEXT:    [[TMP1:%.*]] = icmp slt ptr [[X]], null
 ; FNATTRS-NEXT:    ret i1 [[TMP1]]
 ;

More information about the llvm-commits mailing list