From 413a12bd5bd6ab31d04eceeaa133467cb3b8759f Mon Sep 17 00:00:00 2001 From: Evgeniy Stepanov Date: Fri, 10 Jun 2016 20:03:20 +0000 Subject: [PATCH] Disable MSan-hostile loop unswitching. Loop unswitching may cause MSan false positive when the unswitch condition is not guaranteed to execute. This is very similar to ASan and TSan special case in llvm::isSafeToSpeculativelyExecute (they don't like speculative loads and stores), but for branch instructions. This is a workaround for PR28054. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@272421 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Transforms/Scalar/LoopUnswitch.cpp | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/lib/Transforms/Scalar/LoopUnswitch.cpp b/lib/Transforms/Scalar/LoopUnswitch.cpp index 0e861b638d6..30aae21c90c 100644 --- a/lib/Transforms/Scalar/LoopUnswitch.cpp +++ b/lib/Transforms/Scalar/LoopUnswitch.cpp @@ -188,6 +188,9 @@ namespace { BasicBlock *loopHeader; BasicBlock *loopPreheader; + bool SanitizeMemory; + LoopSafetyInfo SafetyInfo; + // LoopBlocks contains all of the basic blocks of the loop, including the // preheader of the loop, the body of the loop, and the exit blocks of the // loop, in that order. @@ -431,6 +434,10 @@ bool LoopUnswitch::runOnLoop(Loop *L, LPPassManager &LPM_Ref) { currentLoop = L; Function *F = currentLoop->getHeader()->getParent(); + SanitizeMemory = F->hasFnAttribute(Attribute::SanitizeMemory); + if (SanitizeMemory) + computeLoopSafetyInfo(&SafetyInfo, L); + EnabledPGO = F->getEntryCount().hasValue(); if (LoopUnswitchWithBlockFrequency && EnabledPGO) { @@ -530,6 +537,17 @@ bool LoopUnswitch::processCurrentLoop() { for (Loop::block_iterator I = currentLoop->block_begin(), E = currentLoop->block_end(); I != E; ++I) { TerminatorInst *TI = (*I)->getTerminator(); + + // Unswitching on a potentially uninitialized predicate is not + // MSan-friendly. Limit this to the cases when the original predicate is + // guaranteed to execute, to avoid creating a use-of-uninitialized-value + // in the code that did not have one. + // This is a workaround for the discrepancy between LLVM IR and MSan + // semantics. See PR28054 for more details. + if (SanitizeMemory && + !isGuaranteedToExecute(*TI, DT, currentLoop, &SafetyInfo)) + continue; + if (BranchInst *BI = dyn_cast(TI)) { // If this isn't branching on an invariant condition, we can't unswitch // it. -- 2.50.1