llvm-project/llvm/lib/CodeGen
Vlad Tsyrklevich 2499aeead9 SafeStack: Prevent OOB reads with mem intrinsics
Summary:
Currently, the SafeStack analysis disallows out-of-bounds writes but not
out-of-bounds reads for mem intrinsics like llvm.memcpy. This could
cause leaks of pointers to the safe stack by leaking spilled registers/
frame pointers. Check for allocas used as source or destination pointers
to mem intrinsics.

Reviewers: eugenis

Reviewed By: eugenis

Subscribers: pcc, llvm-commits, kcc

Differential Revision: https://reviews.llvm.org/D51334

llvm-svn: 341116
2018-08-30 20:44:51 +00:00
..
AsmPrinter [CodeGen] emit inline asm clobber list warnings for reserved (cont) 2018-08-30 12:52:35 +00:00
GlobalISel [GISel]: Add legalization support for Widening UADDO/USUBO 2018-08-29 03:17:08 +00:00
MIRParser Consistently use MemoryLocation::UnknownSize to indicate unknown access size 2018-08-20 20:37:57 +00:00
SelectionDAG [DAGCombiner] Fix bad identation. NFC 2018-08-30 19:35:40 +00:00
AggressiveAntiDepBreaker.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
AggressiveAntiDepBreaker.h
AllocationOrder.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
AllocationOrder.h
Analysis.cpp [WebAssembly] Add isEHScopeReturn instruction property 2018-08-21 19:44:11 +00:00
AntiDepBreaker.h Remove trailing space 2018-07-30 19:41:25 +00:00
AtomicExpandPass.cpp [AtomicExpandPass] Widen partword atomicrmw or/xor/and before tryExpandAtomicRMW 2018-08-17 14:03:37 +00:00
BasicTargetTransformInfo.cpp
BranchFolding.cpp [MI] Change the array of `MachineMemOperand` pointers to be 2018-08-16 21:30:05 +00:00
BranchFolding.h [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
BranchRelaxation.cpp [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
BreakFalseDeps.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
BuiltinGCs.cpp Remove trailing space 2018-07-30 19:41:25 +00:00
CFIInstrInserter.cpp Allow inconsistent offsets for 'noreturn' basic blocks when '-verify-cfiinstrs' 2018-08-30 17:31:38 +00:00
CMakeLists.txt [WebAssembly] Add Wasm exception handling prepare pass 2018-05-31 22:02:34 +00:00
CalcSpillWeights.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
CallingConvLower.cpp
CodeGen.cpp RegUsageInfo: Cleanup; NFC 2018-07-26 00:27:51 +00:00
CodeGenPrepare.cpp Revert "[CodeGenPrepare] Scan past debug intrinsics to find select candidates (NFC)" 2018-08-28 00:55:19 +00:00
CriticalAntiDepBreaker.cpp Remove trailing space 2018-07-30 19:41:25 +00:00
CriticalAntiDepBreaker.h
DFAPacketizer.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
DeadMachineInstructionElim.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
DetectDeadLanes.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
DwarfEHPrepare.cpp Move Analysis/Utils/Local.h back to Transforms 2018-06-04 21:23:21 +00:00
EarlyIfConversion.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
EdgeBundles.cpp [CodeGen] Unify MBB reference format in both MIR and debug output 2017-12-04 17:18:51 +00:00
ExecutionDomainFix.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
ExpandISelPseudos.cpp
ExpandMemCmp.cpp [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
ExpandPostRAPseudos.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
ExpandReductions.cpp Support generic expansion of ordered vector reduction (PR36732) 2018-04-09 15:44:20 +00:00
FEntryInserter.cpp MachineFunction: Return reference from getFunction(); NFC 2017-12-15 22:22:58 +00:00
FaultMaps.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
FuncletLayout.cpp Change ambiguous uses of term 'funclet' to 'EH scopes'. NFC. 2018-06-01 00:03:21 +00:00
GCMetadata.cpp Remove trailing space 2018-07-30 19:41:25 +00:00
GCMetadataPrinter.cpp
GCRootLowering.cpp [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
GCStrategy.cpp
GlobalMerge.cpp [GlobalMerge] Fix GlobalMerge on bss external global variables. 2018-08-30 00:49:50 +00:00
IfConversion.cpp [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
ImplicitNullChecks.cpp [MI] Change the array of `MachineMemOperand` pointers to be 2018-08-16 21:30:05 +00:00
IndirectBrExpandPass.cpp Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715, "Branch Target Injection", and is one of the two halves to Spectre.. 2018-01-22 22:05:25 +00:00
InlineSpiller.cpp Revert change 335077 "[InlineSpiller] Fix a crash due to lack of forward progress from remat specifically for STATEPOINT" 2018-06-25 12:58:13 +00:00
InterferenceCache.cpp Report fatal error in the case of out of memory 2018-02-20 05:41:26 +00:00
InterferenceCache.h
InterleavedAccessPass.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
IntrinsicLowering.cpp Remove trailing space 2018-07-30 19:41:25 +00:00
LLVMBuild.txt
LLVMTargetMachine.cpp CodeGen: Add a dwo output file argument to addPassesToEmitFile and hook it up to dwo output. 2018-05-21 20:16:41 +00:00
LatencyPriorityQueue.cpp IWYU for llvm-config.h in llvm, additions. 2018-04-30 14:59:11 +00:00
LazyMachineBlockFrequencyInfo.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
LexicalScopes.cpp IWYU for llvm-config.h in llvm, additions. 2018-04-30 14:59:11 +00:00
LiveDebugValues.cpp Remove trailing space 2018-07-30 19:41:25 +00:00
LiveDebugVariables.cpp [LiveDebugVariables] Avoid faulty addDefsFromCopies in computeIntervals 2018-08-25 10:02:03 +00:00
LiveDebugVariables.h
LiveInterval.cpp Update DBG_VALUE register operand during LiveInterval operations 2018-08-21 17:48:28 +00:00
LiveIntervalUnion.cpp Report fatal error in the case of out of memory 2018-02-20 05:41:26 +00:00
LiveIntervals.cpp Silence "unused variable" warning in LiveIntervals.cpp after r335607 2018-06-26 14:55:04 +00:00
LivePhysRegs.cpp Remove \brief commands from doxygen comments. 2018-05-01 15:54:18 +00:00
LiveRangeCalc.cpp Account for undef values from predecessors in extendSegmentsToUses 2018-06-26 14:37:16 +00:00
LiveRangeCalc.h [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
LiveRangeEdit.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
LiveRangeShrink.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
LiveRangeUtils.h
LiveRegMatrix.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
LiveRegUnits.cpp [CodeGen] Avoid handling DBG_VALUE in LiveRegUnits::stepBackward 2018-06-21 13:38:43 +00:00
LiveStacks.cpp LiveStacks: Rename LiveStack.{h|cpp} to LiveStacks.{h|cpp}; NFC 2017-12-18 23:19:44 +00:00
LiveVariables.cpp [DebugInfo] Examine all uses of isDebugValue() for debug instructions. 2018-05-09 02:42:00 +00:00
LocalStackSlotAllocation.cpp CodeGen: Remove pipeline dependencies on StackProtector; NFC 2018-07-13 00:08:38 +00:00
LoopTraversal.cpp Fixing warnings caused by commit 323095 2018-01-22 13:24:10 +00:00
LowLevelType.cpp
LowerEmuTLS.cpp [TLS] use emulated TLS if the target supports only this mode 2018-02-28 17:48:55 +00:00
MIRCanonicalizerPass.cpp [llvm] Change 2 instances of std::sort to llvm::sort 2018-07-16 17:26:37 +00:00
MIRPrinter.cpp [x86/MIR] Implement support for pre- and post-instruction symbols, as 2018-08-16 23:11:05 +00:00
MIRPrintingPass.cpp Remove redundant includes from lib/CodeGen. 2017-12-13 21:30:47 +00:00
MachineBasicBlock.cpp Don't count debug instructions towards neighborhood count 2018-08-30 07:18:19 +00:00
MachineBlockFrequencyInfo.cpp MachineFunction: Return reference from getFunction(); NFC 2017-12-15 22:22:58 +00:00
MachineBlockPlacement.cpp [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
MachineBranchProbabilityInfo.cpp [CodeGen] Unify MBB reference format in both MIR and debug output 2017-12-04 17:18:51 +00:00
MachineCSE.cpp [DWARF] Missing location debug information with -O2. 2018-08-30 07:17:41 +00:00
MachineCombiner.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
MachineCopyPropagation.cpp [CodeGen] Ignore debug uses in MachineCopyPropagation 2018-07-11 13:30:27 +00:00
MachineDominanceFrontier.cpp
MachineDominators.cpp [Dominators] Remove verifyDomTree and add some verifying for Post Dom Trees 2018-02-28 11:00:08 +00:00
MachineFrameInfo.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
MachineFunction.cpp [MI] Change the array of `MachineMemOperand` pointers to be 2018-08-16 21:30:05 +00:00
MachineFunctionPass.cpp CodeGen: Remove pipeline dependencies on StackProtector; NFC 2018-07-13 00:08:38 +00:00
MachineFunctionPrinterPass.cpp
MachineInstr.cpp [DWARF] Missing location debug information with -O2. 2018-08-30 07:17:41 +00:00
MachineInstrBundle.cpp [CodeGen] Set FrameSetup/FrameDestroy on BUNDLE instructions 2018-08-25 11:26:17 +00:00
MachineLICM.cpp [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
MachineLoopInfo.cpp IWYU for llvm-config.h in llvm, additions. 2018-04-30 14:59:11 +00:00
MachineModuleInfo.cpp Remove trailing space 2018-07-30 19:41:25 +00:00
MachineModuleInfoImpls.cpp [MinGW] [X86] Add stubs for references to data variables that might end up imported from a dll 2018-08-29 17:28:34 +00:00
MachineOperand.cpp Consistently use MemoryLocation::UnknownSize to indicate unknown access size 2018-08-20 20:37:57 +00:00
MachineOptimizationRemarkEmitter.cpp [CodeGen][NFC] Rename IsVerbose to IsStandalone in Machine*::print 2018-01-18 18:05:15 +00:00
MachineOutliner.cpp [MI] Change the array of `MachineMemOperand` pointers to be 2018-08-16 21:30:05 +00:00
MachinePassRegistry.cpp
MachinePipeliner.cpp [Pipeliner] Fix incorrect phi values in the epilog and kernel 2018-08-27 22:04:50 +00:00
MachinePostDominators.cpp
MachineRegionInfo.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
MachineRegisterInfo.cpp Remove trailing space 2018-07-30 19:41:25 +00:00
MachineSSAUpdater.cpp Remove trailing space 2018-07-30 19:41:25 +00:00
MachineScheduler.cpp MachineScheduler: Refactor setPolicy() to limit computing remaining latency 2018-08-21 21:48:43 +00:00
MachineSink.cpp [DWARF] Missing location debug information with -O2. 2018-08-30 07:17:41 +00:00
MachineTraceMetrics.cpp Remove trailing space 2018-07-30 19:41:25 +00:00
MachineVerifier.cpp MachineVerifier: Fix assert on implicit virtreg use 2018-08-27 17:40:09 +00:00
MacroFusion.cpp MacroFusion: Fix macro fusion with ExitSU failing in top-down scheduling 2018-07-26 17:43:56 +00:00
OptimizePHIs.cpp [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
PHIElimination.cpp [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
PHIEliminationUtils.cpp
PHIEliminationUtils.h
ParallelCG.cpp CodeGen: Add a dwo output file argument to addPassesToEmitFile and hook it up to dwo output. 2018-05-21 20:16:41 +00:00
PatchableFunction.cpp [DebugInfo] Convert intrinsic llvm.dbg.label to MachineInstr. 2018-05-09 02:41:08 +00:00
PeepholeOptimizer.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
PostRAHazardRecognizer.cpp
PostRASchedulerList.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
PreISelIntrinsicLowering.cpp
ProcessImplicitDefs.cpp [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
PrologEpilogInserter.cpp CodeGen: Remove pipeline dependencies on StackProtector; NFC 2018-07-13 00:08:38 +00:00
PseudoSourceValue.cpp [PSV] Update API to be able to use TargetCustom without UB. 2018-08-20 19:23:45 +00:00
README.txt LiveStacks: Rename LiveStack.{h|cpp} to LiveStacks.{h|cpp}; NFC 2017-12-18 23:19:44 +00:00
ReachingDefAnalysis.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
RegAllocBase.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
RegAllocBase.h
RegAllocBasic.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
RegAllocFast.cpp [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
RegAllocGreedy.cpp [RegAlloc][NFC] Fix the help string of the option "huge-size-for-split". 2018-07-18 16:56:33 +00:00
RegAllocPBQP.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
RegUsageInfoCollector.cpp Reverse subregister saved loops in register usage info collector; NFC 2018-08-29 23:12:42 +00:00
RegUsageInfoPropagate.cpp RegUsageInfo: Cleanup; NFC 2018-07-26 00:27:51 +00:00
RegisterClassInfo.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
RegisterCoalescer.cpp [RegisterCoalescer] Fix for assert in removePartialRedundancy 2018-08-23 17:28:33 +00:00
RegisterCoalescer.h
RegisterPressure.cpp [DebugInfo] Examine all uses of isDebugValue() for debug instructions. 2018-05-09 02:42:00 +00:00
RegisterScavenging.cpp [RegisterScavenger] Fix debug print 2018-07-30 08:17:00 +00:00
RegisterUsageInfo.cpp RegUsageInfo: Cleanup; NFC 2018-07-26 00:27:51 +00:00
RenameIndependentSubregs.cpp RenameIndependentSubregs: Fix handling of undef tied operands 2018-07-09 20:07:03 +00:00
ResetMachineFunctionPass.cpp CodeGen: Remove pipeline dependencies on StackProtector; NFC 2018-07-13 00:08:38 +00:00
SafeStack.cpp SafeStack: Prevent OOB reads with mem intrinsics 2018-08-30 20:44:51 +00:00
SafeStackColoring.cpp [SafeStack] Handle unreachable code with safe stack coloring. 2018-08-22 21:38:57 +00:00
SafeStackColoring.h
SafeStackLayout.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
SafeStackLayout.h [SafeStack] Use updated CreateMemCpy API to set more accurate source and destination alignments. 2018-02-12 22:39:47 +00:00
ScalarizeMaskedMemIntrin.cpp [CodeGen] Do not allow opt-bisect-limit to skip ScalarizeMaskedMemIntrin. 2018-04-24 09:24:29 +00:00
ScheduleDAG.cpp IWYU for llvm-config.h in llvm, additions. 2018-04-30 14:59:11 +00:00
ScheduleDAGInstrs.cpp [ScheduleDAGInstrs / buildSchedGraph] Clear subregister entries also. 2018-05-24 08:38:06 +00:00
ScheduleDAGPrinter.cpp [CodeGen] Fix inconsistent declaration parameter name 2018-07-16 18:51:40 +00:00
ScoreboardHazardRecognizer.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
ShadowStackGCLowering.cpp Remove trailing space 2018-07-30 19:41:25 +00:00
ShrinkWrap.cpp [ShrinkWrap] Add optimization remarks to the shrink-wrapping pass 2018-06-05 00:27:24 +00:00
SjLjEHPrepare.cpp Move Analysis/Utils/Local.h back to Transforms 2018-06-04 21:23:21 +00:00
SlotIndexes.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
SpillPlacement.cpp Remove \brief commands from doxygen comments. 2018-05-01 15:54:18 +00:00
SpillPlacement.h
Spiller.h
SplitKit.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
SplitKit.h Remove trailing space 2018-07-30 19:41:25 +00:00
StackColoring.cpp [MI] Change the array of `MachineMemOperand` pointers to be 2018-08-16 21:30:05 +00:00
StackMapLivenessAnalysis.cpp CodeGen: Cleanup regmask construction; NFC 2018-07-26 00:27:47 +00:00
StackMaps.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
StackProtector.cpp CodeGen: Remove pipeline dependencies on StackProtector; NFC 2018-07-13 00:08:38 +00:00
StackSlotColoring.cpp StackSlotColoring: Decide colors per stack ID 2018-06-25 16:05:55 +00:00
TailDuplication.cpp Split TailDuplicatePass into pre- and post-RA variant; NFC 2018-01-19 06:08:17 +00:00
TailDuplicator.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
TargetFrameLoweringImpl.cpp Correct dwarf unwind information in function epilogue 2018-04-24 10:32:08 +00:00
TargetInstrInfo.cpp [MI] Change the array of `MachineMemOperand` pointers to be 2018-08-16 21:30:05 +00:00
TargetLoweringBase.cpp [MI] Change the array of `MachineMemOperand` pointers to be 2018-08-16 21:30:05 +00:00
TargetLoweringObjectFileImpl.cpp Revert r340904 "[llvm-mc] - Allow to set custom flags for debug sections." 2018-08-29 09:04:52 +00:00
TargetOptionsImpl.cpp MachineFunction: Return reference from getFunction(); NFC 2017-12-15 22:22:58 +00:00
TargetPassConfig.cpp Remove trailing space 2018-07-30 19:41:25 +00:00
TargetRegisterInfo.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
TargetSchedule.cpp [CodeGen] assume max/default throughput for unspecified instructions 2018-06-05 23:34:45 +00:00
TargetSubtargetInfo.cpp [CodeGen] assume max/default throughput for unspecified instructions 2018-06-05 23:34:45 +00:00
TwoAddressInstructionPass.cpp Rename DEBUG macro to LLVM_DEBUG. 2018-05-14 12:53:11 +00:00
UnreachableBlockElim.cpp
ValueTypes.cpp [IR][CodeGen] Remove dependency on EVT from IR/Function.cpp. Move EVT to CodeGen layer. 2018-03-29 17:21:10 +00:00
VirtRegMap.cpp [RegAlloc] Check that subreg liveness tracking applies to given virtual reg 2018-08-15 16:07:47 +00:00
WasmEHPrepare.cpp [WebAssembly] Add WasmEHFuncInfo for unwind destination information 2018-06-19 00:26:39 +00:00
WinEHPrepare.cpp [IR] Replace `isa<TerminatorInst>` with `isTerminator()`. 2018-08-26 09:51:22 +00:00
XRayInstrumentation.cpp [XRay] Lazily compute MachineLoopInfo instead of requiring it. 2018-03-20 17:02:29 +00:00

README.txt

//===---------------------------------------------------------------------===//

Common register allocation / spilling problem:

        mul lr, r4, lr
        str lr, [sp, #+52]
        ldr lr, [r1, #+32]
        sxth r3, r3
        ldr r4, [sp, #+52]
        mla r4, r3, lr, r4

can be:

        mul lr, r4, lr
        mov r4, lr
        str lr, [sp, #+52]
        ldr lr, [r1, #+32]
        sxth r3, r3
        mla r4, r3, lr, r4

and then "merge" mul and mov:

        mul r4, r4, lr
        str r4, [sp, #+52]
        ldr lr, [r1, #+32]
        sxth r3, r3
        mla r4, r3, lr, r4

It also increase the likelihood the store may become dead.

//===---------------------------------------------------------------------===//

bb27 ...
        ...
        %reg1037 = ADDri %reg1039, 1
        %reg1038 = ADDrs %reg1032, %reg1039, %noreg, 10
    Successors according to CFG: 0x8b03bf0 (#5)

bb76 (0x8b03bf0, LLVM BB @0x8b032d0, ID#5):
    Predecessors according to CFG: 0x8b0c5f0 (#3) 0x8b0a7c0 (#4)
        %reg1039 = PHI %reg1070, mbb<bb76.outer,0x8b0c5f0>, %reg1037, mbb<bb27,0x8b0a7c0>

Note ADDri is not a two-address instruction. However, its result %reg1037 is an
operand of the PHI node in bb76 and its operand %reg1039 is the result of the
PHI node. We should treat it as a two-address code and make sure the ADDri is
scheduled after any node that reads %reg1039.

//===---------------------------------------------------------------------===//

Use local info (i.e. register scavenger) to assign it a free register to allow
reuse:
        ldr r3, [sp, #+4]
        add r3, r3, #3
        ldr r2, [sp, #+8]
        add r2, r2, #2
        ldr r1, [sp, #+4]  <==
        add r1, r1, #1
        ldr r0, [sp, #+4]
        add r0, r0, #2

//===---------------------------------------------------------------------===//

LLVM aggressively lift CSE out of loop. Sometimes this can be negative side-
effects:

R1 = X + 4
R2 = X + 7
R3 = X + 15

loop:
load [i + R1]
...
load [i + R2]
...
load [i + R3]

Suppose there is high register pressure, R1, R2, R3, can be spilled. We need
to implement proper re-materialization to handle this:

R1 = X + 4
R2 = X + 7
R3 = X + 15

loop:
R1 = X + 4  @ re-materialized
load [i + R1]
...
R2 = X + 7 @ re-materialized
load [i + R2]
...
R3 = X + 15 @ re-materialized
load [i + R3]

Furthermore, with re-association, we can enable sharing:

R1 = X + 4
R2 = X + 7
R3 = X + 15

loop:
T = i + X
load [T + 4]
...
load [T + 7]
...
load [T + 15]
//===---------------------------------------------------------------------===//

It's not always a good idea to choose rematerialization over spilling. If all
the load / store instructions would be folded then spilling is cheaper because
it won't require new live intervals / registers. See 2003-05-31-LongShifts for
an example.

//===---------------------------------------------------------------------===//

With a copying garbage collector, derived pointers must not be retained across
collector safe points; the collector could move the objects and invalidate the
derived pointer. This is bad enough in the first place, but safe points can
crop up unpredictably. Consider:

        %array = load { i32, [0 x %obj] }** %array_addr
        %nth_el = getelementptr { i32, [0 x %obj] }* %array, i32 0, i32 %n
        %old = load %obj** %nth_el
        %z = div i64 %x, %y
        store %obj* %new, %obj** %nth_el

If the i64 division is lowered to a libcall, then a safe point will (must)
appear for the call site. If a collection occurs, %array and %nth_el no longer
point into the correct object.

The fix for this is to copy address calculations so that dependent pointers
are never live across safe point boundaries. But the loads cannot be copied
like this if there was an intervening store, so may be hard to get right.

Only a concurrent mutator can trigger a collection at the libcall safe point.
So single-threaded programs do not have this requirement, even with a copying
collector. Still, LLVM optimizations would probably undo a front-end's careful
work.

//===---------------------------------------------------------------------===//

The ocaml frametable structure supports liveness information. It would be good
to support it.

//===---------------------------------------------------------------------===//

The FIXME in ComputeCommonTailLength in BranchFolding.cpp needs to be
revisited. The check is there to work around a misuse of directives in inline
assembly.

//===---------------------------------------------------------------------===//

It would be good to detect collector/target compatibility instead of silently
doing the wrong thing.

//===---------------------------------------------------------------------===//

It would be really nice to be able to write patterns in .td files for copies,
which would eliminate a bunch of explicit predicates on them (e.g. no side 
effects).  Once this is in place, it would be even better to have tblgen 
synthesize the various copy insertion/inspection methods in TargetInstrInfo.

//===---------------------------------------------------------------------===//

Stack coloring improvements:

1. Do proper LiveStacks analysis on all stack objects including those which are
   not spill slots.
2. Reorder objects to fill in gaps between objects.
   e.g. 4, 1, <gap>, 4, 1, 1, 1, <gap>, 4 => 4, 1, 1, 1, 1, 4, 4

//===---------------------------------------------------------------------===//

The scheduler should be able to sort nearby instructions by their address. For
example, in an expanded memset sequence it's not uncommon to see code like this:

  movl $0, 4(%rdi)
  movl $0, 8(%rdi)
  movl $0, 12(%rdi)
  movl $0, 0(%rdi)

Each of the stores is independent, and the scheduler is currently making an
arbitrary decision about the order.

//===---------------------------------------------------------------------===//

Another opportunitiy in this code is that the $0 could be moved to a register:

  movl $0, 4(%rdi)
  movl $0, 8(%rdi)
  movl $0, 12(%rdi)
  movl $0, 0(%rdi)

This would save substantial code size, especially for longer sequences like
this. It would be easy to have a rule telling isel to avoid matching MOV32mi
if the immediate has more than some fixed number of uses. It's more involved
to teach the register allocator how to do late folding to recover from
excessive register pressure.