[llvm] [StackProtector] Introduce stack-protect-refinement pass to remove unnecessary protections. (PR #150390)
Nikita Popov via llvm-commits
llvm-commits at lists.llvm.org
Fri Dec 5 01:15:42 PST 2025
https://github.com/nikic commented:
A high level concern I have here is that StackSafetyAnalysis is based on SCEV, which can reason based on undefined behavior. However, my understanding is that stack protectors are also supposed to be emitted in the presence of UB (in a way, that's the whole point).
I expect that there's lots of subtle examples one can construct for this, but a really obvious one is that SCEV could restrict backedge taken counts based on the known size of memory objects being accessed -- it *currently* happens to not do this, but this is definitely something we want SCEV to do (there's a patch for that floating around somewhere). In that case, what would happen is that SCEV constrains a value range based on the knowledge that certain memory accesses are UB, and then StackSafetyAnalysis would come along and use that information to "prove" that the access is always in bounds, which would defeat the whole point.
All the SCEV results are only valid under the assumption of no UB, so using them for a mechanism that exists specifically to operate in the presence of UB is problematic.
https://github.com/llvm/llvm-project/pull/150390
More information about the llvm-commits
mailing list