A few days ago I stumbled upon a problem where SpeculativeExecution
changed the order of a load and a store to the same address.
about it but no response there so far.
In the input we have
store i8 0, i8* @i
%.pre = load i8, i8* @i
and then in the output the load is moved so it's before the store which clearly makes it load the wrong value.
isSafeToSpeculativelyExecute happily says "true" for the load, and there is a comment on isSafeToSpeculativelyExecute saying
/// This method can return true for instructions that read memory;
/// for such instructions, moving them may change the resulting value.
And that is indeed the case in PR32964.
How is this supposed to work?
I started seeing this after the commit
SpeculativeExecution: Stop using whitelist for costs
Before that, e.g. a load got the cost UINT_MAX which I suppose disabled hoisting, but since the commit TTI.getUserCost(I) is used for all instructions.