SuccessChanges

Changes from Git (git http://labmaster3.local/git/llvm-project.git)

Summary

  1. [IndVarSimplify][LoopUtils] Avoid TOCTOU/ordering issues (PR45835) (details)
  2. MachineMemOperand.h - reduce GlobalValue.h include to just DerivedTypes.h. NFC. (details)
  3. [analyzer][CallAndMessage][NFC] Split up checkPreCall (details)
  4. [FlattenCFG] Fix `MergeIfRegion` in case then-path is empty (details)
Commit b2df96123198deadad74634c978e84912314da26 by lebedev.ri
[IndVarSimplify][LoopUtils] Avoid TOCTOU/ordering issues (PR45835)

Summary:
Currently, `rewriteLoopExitValues()`'s logic is roughly as following:
> Loop over each incoming value in each PHI node.
> Query whether the SCEV for that incoming value is high-cost.
> Expand the SCEV.
> Perform sanity check (`isValidRewrite()`, D51582)
> Record the info
> Afterwards, see if we can drop the loop given replacements.
> Maybe perform replacements.

The problem is that we interleave SCEV cost checking and expansion.
This is A Problem, because `isHighCostExpansion()` takes special care
to not bill for the expansions that were already expanded, and we can reuse.

While it makes sense in general - if we know that we will expand some SCEV,
all the other SCEV's costs should account for that, which might cause
some of them to become non-high-cost too, and cause chain reaction.

But that isn't what we are doing here. We expand *all* SCEV's, unconditionally.
So every next SCEV's cost will be affected by the already-performed expansions
for previous SCEV's. Even if we are not planning on keeping
some of the expansions we performed.

Worse yet, this current "bonus" depends on the exact PHI node
incoming value processing order. This is completely wrong.

As an example of an issue, see @dmajor's `pr45835.ll` - if we happen to have
a PHI node with two(!) identical high-cost incoming values for the same basic blocks,
we would decide first time around that it is high-cost, expand it,
and immediately decide that it is not high-cost because we have an expansion
that we could reuse (because we expanded it right before, temporarily),
and replace the second incoming value but not the first one;
thus resulting in a broken PHI.

What we instead should do for now, is not perform any expansions
until after we've queried all the costs.

Later, in particular after `isValidRewrite()` is an assertion (D51582)
we could improve upon that, but in a more coherent fashion.

See [[ https://bugs.llvm.org/show_bug.cgi?id=45835 | PR45835 ]]

Reviewers: dmajor, reames, mkazantsev, fhahn, efriedma

Reviewed By: dmajor, mkazantsev

Subscribers: smeenai, nikic, hiraditya, javed.absar, llvm-commits, dmajor

Tags: #llvm

Differential Revision: https://reviews.llvm.org/D79787
The file was modifiedllvm/lib/Transforms/Utils/LoopUtils.cpp
The file was addedllvm/test/Transforms/IndVarSimplify/pr45835.ll
Commit fee5a9a6ea1369aafa9adc12cbaaee63e7d78431 by llvm-dev
MachineMemOperand.h - reduce GlobalValue.h include to just DerivedTypes.h. NFC.

We don't need anything specifically from GlobalValue.h
The file was modifiedllvm/include/llvm/CodeGen/MachineMemOperand.h
Commit eeff1a970a6bb09d3c046313e229e2871929cd63 by dkszelethus
[analyzer][CallAndMessage][NFC] Split up checkPreCall

The patch aims to use CallEvents interface in a more principled manner, and also
to highlight what this checker really does. It in fact checks for 5 different
kinds of errors (from checkPreCall, that is):

* Invalid function pointer related errors
* Call of methods from an invalid C++ this object
* Function calls with incorrect amount of parameters
* Invalid arguments for operator delete
* Pass of uninitialized values to pass-by-value parameters

In a previous patch I complained that this checker is responsible for emitting
a lot of different diagnostics all under core.CallAndMessage's name, and this
patch shows where we could start to assign different diagnostics to different
entities.

Differential Revision: https://reviews.llvm.org/D77846
The file was modifiedclang/lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp
Commit 111ddc57d3804d31c6d101821abd9688b3e0decc by ehudkatz
[FlattenCFG] Fix `MergeIfRegion` in case then-path is empty

In case the then-path of an if-region is empty, then merging with the
else-path should be handled with the inverse of the condition (leading
to that path).

Fix PR37662

Differential Revision: https://reviews.llvm.org/D78881
The file was modifiedllvm/lib/Transforms/Utils/FlattenCFG.cpp
The file was modifiedllvm/test/Transforms/Util/flattencfg.ll