Google Git
Sign in
llvm / llvm-project / 0ace96cca79c03c668b260dd01996e3d693e3f4f^! / .
commit0ace96cca79c03c668b260dd01996e3d693e3f4f[log] [tgz]
authorXChy <xxs_chy@outlook.com>Thu Aug 28 19:13:27 2025 +0800
committerGitHub <noreply@github.com>Thu Aug 28 11:13:27 2025 +0000
tree73802c6f6fc83e66ff35fe99ed9b9295b2929c75
parent78b45b489559cd44437af4eac6c10188eb0cec3c [diff]
[SCCP][FuncSpec] Poison unreachable constant global variable user (#155753)

Fixes #155738.
The original assumption "we already replaced its users with a constant"
for the global variable becomes incorrect after #154668. The users in
the dead function are not simplified, in fact.
This patch poisons all the unsimplified constant global variable users.
diff --git a/llvm/lib/Transforms/IPO/SCCP.cpp b/llvm/lib/Transforms/IPO/SCCP.cpp
index e98a70f..f4961fa 100644
--- a/llvm/lib/Transforms/IPO/SCCP.cpp
+++ b/llvm/lib/Transforms/IPO/SCCP.cpp

@@ -330,12 +330,15 @@
     LLVM_DEBUG(dbgs() << "Found that GV '" << GV->getName()
                       << "' is constant!\n");
     for (User *U : make_early_inc_range(GV->users())) {
-      // We can remove LoadInst here, because we already replaced its users
-      // with a constant.
+      // We can remove LoadInst here. The LoadInsts in dead functions marked by
+      // FuncSpec are not simplified to constants, thus poison them.
       assert((isa<StoreInst>(U) || isa<LoadInst>(U)) &&
              "Only Store|Load Instruction can be user of GlobalVariable at "
              "reaching here.");
-      cast<Instruction>(U)->eraseFromParent();
+      Instruction *I = cast<Instruction>(U);
+      if (isa<LoadInst>(I))
+        I->replaceAllUsesWith(PoisonValue::get(I->getType()));
+      I->eraseFromParent();
     }
 
     // Try to create a debug constant expression for the global variable

diff --git a/llvm/test/Transforms/FunctionSpecialization/dead-gv-load.ll b/llvm/test/Transforms/FunctionSpecialization/dead-gv-load.ll
new file mode 100644
index 0000000..134a79d
--- /dev/null
+++ b/llvm/test/Transforms/FunctionSpecialization/dead-gv-load.ll

@@ -0,0 +1,31 @@
+; NOTE: Assertions have been autogenerated by utils/update_test_checks.py UTC_ARGS: --version 5
+; RUN: opt -passes=ipsccp  --funcspec-min-function-size=1 -S < %s | FileCheck %s
+
+@gv = internal global ptr null
+
+define i8 @caller() {
+; CHECK-LABEL: define i8 @caller() {
+; CHECK-NEXT:  [[ENTRY:.*:]]
+; CHECK-NEXT:    [[CALL1:%.*]] = call i8 @callee.specialized.1(i32 1)
+; CHECK-NEXT:    [[CALL2:%.*]] = call i8 @callee.specialized.2(i32 0)
+; CHECK-NEXT:    ret i8 undef
+;
+entry:
+  %call1 = call i8 @callee(i32 1)
+  %call2 = call i8 @callee(i32 0)
+  ret i8 %call2
+}
+
+define internal i8 @callee(i32 %arg) {
+entry:
+  %useless = icmp ne i32 %arg, 0
+  br label %loop
+
+loop:                                       ; preds = %loop, %entry
+  br label %loop
+
+dead_bb:                                       ; No predecessors!
+  %l1 = load ptr, ptr @gv, align 8
+  %l2 = load ptr, ptr %l1, align 8
+  ret i8 0
+}