[llvm-dev] Dereferenceable load semantics & LICM

Piotr Padlewski via llvm-dev llvm-dev at lists.llvm.org
Thu Apr 6 09:28:37 PDT 2017 

2017-04-06 17:57 GMT+02:00 Sanjoy Das <sanjoy at playingwithpointers.com>:

> Hi Piotr,
>
> On April 6, 2017 at 2:36:53 AM, Piotr Padlewski
> (piotr.padlewski at gmail.com) wrote:
> > I disagree, I find it different than the patch you mentioned. We don't
> have
> > any problems with code like this:
> >
> > ptr = load i8*, i8** %ptrptr, !dereferenceable !{i64 8}
> > if (false) {
> >
> > // ptr is not actually dereferenceable, even the load above has UB
> > // (since the metadata is "wrong"), but it is never executed so all is
> > well.
> > int val = *ptr;
> > }
>
> I was not talking about code like that.  The problem is code like this:
>
> if (false) {
>   ptr = load i8*, i8** %ptrptr, !dereferenceable !{i64 8, !"GlobalProperty}
>   // ptr is not actually dereferenceable, even the load above has UB
>   // (since the metadata is "wrong"), but it is never executed so all is
> well.
>   int val = *ptr;
> }
>
> I did not mention this earlier, but I've assumed that %ptrptr itself
> is dereferenceable, which means you can hoist the load of ptr.  Since
> because of !"GlobalProperty" you don't strip the !dereferenceable,
> you'll also be able to hoist the load of val, which would segfault
> because ptr was not dereferenceable.
>
> That is, with the !"GlobalProperty" bit in the picture, it is possible
> to make "if (false) { X }" introduce UB in a program for certain
> values of X.
>
> Hi Sanjoy,
My point is that this it is exactly the same way as normal !dereferenceable
introduces UB.

 ptr = load i8*, i8** %ptrptr, !dereferenceable !{i64 8}
 if (false) {
  int val = *ptr;
  }

If frontend says that something is dereferenceable, which is not actually
dereferenceable,  then it is UB and everything can happen - like the
execution of dead instruction.
This is exactly the same with the global properties - we are giving a
guarantee that pointer it is dereferenceable even if we would hoist or sink
it, and if it is not true then it is UB.

I don't see why UB with normal dereferenceable is acceptable, but having
this property globally is not.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20170406/dad3e9a9/attachment.html>

More information about the llvm-dev mailing list