[GlobalOpt] Check if global gets compared to pointer of different obj.

fhahn · fhahn · commit fe37d4419698 · 2025-08-18T17:32:44.000+01:00
Add an extra check to the compare handling to make sure the other compared pointer cannot be based on a different object. For example, consider the IR below, which may write @b via a pointer constructed from @A using PtrToInt and a compare against @b. ``` %cmp = icmp eq ptr inttoptr (i64 add (i64 ptrtoint (ptr @A to i64), i64 8) to ptr) , @b br i1 %cmp, label %then, label %else then: store i64 10, ptr inttoptr (i64 add (i64 ptrtoint (ptr @A to i64), i64 8) to ptr) br label %exit else: br label %exit exit: %l = load i64, ptr @b ret i64 %l } ```
diff --git a/llvm/lib/Transforms/Utils/GlobalStatus.cpp b/llvm/lib/Transforms/Utils/GlobalStatus.cpp
@@ -61,6 +61,45 @@ bool llvm::isSafeToDestroyConstant(const Constant *C) {
   return true;
 }
 
+static bool
+maybePointerToDifferentObjectRecursive(Value *V,
+                                       SmallPtrSetImpl<Value *> &Visited) {
+  if (!Visited.insert(V).second)
+    return false;
+
+  if (Visited.size() > 32)
+    return true;
+
+  // PtrToInt may be used to construct a pointer to a different object. Loads
+  // and calls may return a pointer for a different object.
+  if (isa<PtrToIntInst, LoadInst, CallInst>(V))
+    return true;
+
+  if (auto *CE = dyn_cast<ConstantExpr>(V)) {
+    if (CE->getOpcode() == Instruction::PtrToInt)
+      return true;
+
+    for (auto &Op : CE->operands()) {
+      if (maybePointerToDifferentObjectRecursive(Op.get(), Visited))
+        return true;
+    }
+    return false;
+  }
+
+  if (auto *U = dyn_cast<User>(V)) {
+    for (auto &Op : U->operands()) {
+      if (maybePointerToDifferentObjectRecursive(Op.get(), Visited))
+        return true;
+    }
+  }
+  return false;
+}
+
+bool maybePointerToDifferentObject(Value *V) {
+  SmallPtrSet<Value *, 32> Visited;
+  return maybePointerToDifferentObjectRecursive(V, Visited);
+}
+
 static bool analyzeGlobalAux(const Value *V, GlobalStatus &GS,
                              SmallPtrSetImpl<const Value *> &VisitedUsers) {
   if (const GlobalVariable *GV = dyn_cast<GlobalVariable>(V))
@@ -158,6 +197,12 @@ static bool analyzeGlobalAux(const Value *V, GlobalStatus &GS,
             return true;
       } else if (isa<CmpInst>(I)) {
         GS.IsCompared = true;
+
+        if (VisitedUsers.insert(I).second) {
+          for (Value *Op : I->operands())
+            if (Op != V && maybePointerToDifferentObject(Op))
+              return true;
+        }
       } else if (const MemTransferInst *MTI = dyn_cast<MemTransferInst>(I)) {
         if (MTI->isVolatile())
           return true;
diff --git a/llvm/test/Transforms/GlobalOpt/globals-compares-with-ptrtoint.ll b/llvm/test/Transforms/GlobalOpt/globals-compares-with-ptrtoint.ll
@@ -17,12 +17,10 @@
 
 ;.
 ; CHECK: @A = internal global i64 0
-; CHECK: @B = internal constant i64 0
+; CHECK: @B = internal global i64 0
 ; CHECK: @C = internal global i64 0
-; CHECK: @D = internal constant i64 0
+; CHECK: @D = internal global i64 0
 ; CHECK: @G = internal global i64 0
-; CHECK: @H = internal constant i64 0
-; CHECK: @J = internal constant [2 x ptr] zeroinitializer
 ;.
 define i64 @A_and_B_cmp_ptrtoint_constant_expr() {
 ; CHECK-LABEL: define i64 @A_and_B_cmp_ptrtoint_constant_expr() local_unnamed_addr {
@@ -34,7 +32,8 @@ define i64 @A_and_B_cmp_ptrtoint_constant_expr() {
 ; CHECK:       [[ELSE]]:
 ; CHECK-NEXT:    br label %[[EXIT]]
 ; CHECK:       [[EXIT]]:
-; CHECK-NEXT:    ret i64 0
+; CHECK-NEXT:    [[L:%.*]] = load i64, ptr @B, align 4
+; CHECK-NEXT:    ret i64 [[L]]
 ;
   %cmp = icmp eq ptr inttoptr (i64 add (i64 ptrtoint (ptr @A to i64), i64 8) to ptr) , @B
   br i1 %cmp, label %then, label %else
@@ -61,7 +60,8 @@ define i64 @G_and_H_cmp_ptrtoint_constant_expr_cmp_ops_swapped() {
 ; CHECK:       [[ELSE]]:
 ; CHECK-NEXT:    br label %[[EXIT]]
 ; CHECK:       [[EXIT]]:
-; CHECK-NEXT:    ret i64 0
+; CHECK-NEXT:    [[L:%.*]] = load i64, ptr @H, align 4
+; CHECK-NEXT:    ret i64 [[L]]
 ;
   %cmp = icmp eq ptr inttoptr (i64 add (i64 ptrtoint (ptr @G to i64), i64 8) to ptr) , @H
   br i1 %cmp, label %then, label %else
@@ -91,7 +91,8 @@ define i64 @C_and_D_cmp_ptr_load() {
 ; CHECK:       [[ELSE]]:
 ; CHECK-NEXT:    br label %[[EXIT]]
 ; CHECK:       [[EXIT]]:
-; CHECK-NEXT:    ret i64 0
+; CHECK-NEXT:    [[L:%.*]] = load i64, ptr @D, align 4
+; CHECK-NEXT:    ret i64 [[L]]
 ;
   %p = alloca ptr
   store ptr inttoptr (i64 add (i64 ptrtoint (ptr @C to i64), i64 8) to ptr), ptr %p
@@ -124,7 +125,8 @@ define i64 @D_and_E_cmp_ptrtoint_constant_expr() {
 ; CHECK:       [[ELSE]]:
 ; CHECK-NEXT:    br label %[[EXIT]]
 ; CHECK:       [[EXIT]]:
-; CHECK-NEXT:    ret i64 0
+; CHECK-NEXT:    [[L:%.*]] = load i64, ptr @B, align 4
+; CHECK-NEXT:    ret i64 [[L]]
 ;
   %ptr2int = ptrtoint ptr @A to i64
   %add = add i64 %ptr2int, 8
