[Attributor] Prevent infinite loop in AAGlobalValueInfoFloating (#94941)

EthanLuisMcDonough · web-flow · commit b629d4b91291 · 2024-06-18T09:36:42.000-07:00
Global variables that reference themselves alongside a function that is
called indirectly can cause an infinite loop in
`AAGlobalValueInfoFloating`. The recursive reference is continually
pushed back into the workload, causing the attributor to hang
indefinitely.
diff --git a/llvm/lib/Transforms/IPO/Attributor.cpp b/llvm/lib/Transforms/IPO/Attributor.cpp
@@ -1749,6 +1749,10 @@ bool Attributor::checkForAllCallees(
   return Pred(Callees.getArrayRef());
 }
 
+bool canMarkAsVisited(const User *Usr) {
+  return isa<PHINode>(Usr) || !isa<Instruction>(Usr);
+}
+
 bool Attributor::checkForAllUses(
     function_ref<bool(const Use &, bool &)> Pred,
     const AbstractAttribute &QueryingAA, const Value &V,
@@ -1796,7 +1800,7 @@ bool Attributor::checkForAllUses(
 
   while (!Worklist.empty()) {
     const Use *U = Worklist.pop_back_val();
-    if (isa<PHINode>(U->getUser()) && !Visited.insert(U).second)
+    if (canMarkAsVisited(U->getUser()) && !Visited.insert(U).second)
       continue;
     DEBUG_WITH_TYPE(VERBOSE_DEBUG_TYPE, {
       if (auto *Fn = dyn_cast<Function>(U->getUser()))
diff --git a/llvm/test/Transforms/Attributor/recursive_globals.ll b/llvm/test/Transforms/Attributor/recursive_globals.ll
@@ -0,0 +1,47 @@
+; NOTE: Assertions have been autogenerated by utils/update_test_checks.py UTC_ARGS: --version 5
+; RUN: opt -passes=attributor -S < %s | FileCheck %s
+
+; Global variables that reference themselves alongside a function that is called indirectly
+; used to cause an infinite loop in the attributor. The recursive reference was continually
+; pushed back into the workload, causing the attributor to hang indefinitely.
+
+@glob1 = global { ptr, ptr } { ptr @glob1, ptr @fnc1 }
+@glob2 = global { ptr, ptr } { ptr @glob3, ptr @fnc2 }
+@glob3 = global { ptr, ptr } { ptr @glob2, ptr @fnc2 }
+
+define internal void @fnc1() {
+; CHECK-LABEL: define internal void @fnc1(
+; CHECK-SAME: ) #[[ATTR0:[0-9]+]] {
+; CHECK-NEXT:    ret void
+;
+  ret void
+}
+
+define internal void @fnc2() {
+; CHECK-LABEL: define internal void @fnc2(
+; CHECK-SAME: ) #[[ATTR0]] {
+; CHECK-NEXT:    ret void
+;
+  ret void
+}
+
+define dso_local void @indr_caller(ptr %0) {
+; CHECK-LABEL: define dso_local void @indr_caller(
+; CHECK-SAME: ptr nocapture nofree noundef nonnull [[TMP0:%.*]]) {
+; CHECK-NEXT:    call void [[TMP0]]()
+; CHECK-NEXT:    ret void
+;
+  call void %0()
+  ret void
+}
+
+define void @main() {
+; CHECK-LABEL: define void @main() {
+; CHECK-NEXT:    call void @indr_caller(ptr nocapture nofree noundef nonnull @fnc1)
+; CHECK-NEXT:    call void @indr_caller(ptr nocapture nofree noundef nonnull @fnc2)
+; CHECK-NEXT:    ret void
+;
+  call void @indr_caller(ptr @fnc1)
+  call void @indr_caller(ptr @fnc2)
+  ret void
+}
