LLVM introduces the concept of "poison value", which I never feel sure to understand. For example, for the statement
%add = add nsw i32 %x, 1
If %x+1 is strictly larger than the largest i32 integer, an arbitrary value is to be assigned to %add. Is that correct to claim that the statement above, i.e. %add = add nsw i32 %x, 1, can be semantically described as:
if (%x+1) overflows then %add = undef else %add = add i32 %x,1
?
Yes, they should be semantically equivalent. It is useful to think in terms of C/C++ when looking at LLVM IR instructions that can result in undefined values.
Signed integer overflow results in undefined behavior according to the C/C++ standards, and Clang takes an approximation by mapping the undefined behavior to poison values.
Chris Lattner wrote a series of blog posts describing how undefined behavior is handled in LLVM and how it can be used for optimization.
UPDATE: There is a new proposal to remove undef and only use poison. You can find a talk on this proposal online at 2016 LLVM Developers’ Meeting: N. Lopes "Undefined Behavior: Long Live Poison!"
