1 //===- MemCpyOptimizer.cpp - Optimize use of memcpy and friends -----------===// 2 // 3 // The LLVM Compiler Infrastructure 4 // 5 // This file is distributed under the University of Illinois Open Source 6 // License. See LICENSE.TXT for details. 7 // 8 //===----------------------------------------------------------------------===// 9 // 10 // This pass performs various transformations related to eliminating memcpy 11 // calls, or transforming sets of stores into memset's. 12 // 13 //===----------------------------------------------------------------------===// 14 15 #include "llvm/Transforms/Scalar/MemCpyOptimizer.h" 16 #include "llvm/ADT/DenseSet.h" 17 #include "llvm/ADT/None.h" 18 #include "llvm/ADT/STLExtras.h" 19 #include "llvm/ADT/SmallVector.h" 20 #include "llvm/ADT/Statistic.h" 21 #include "llvm/ADT/iterator_range.h" 22 #include "llvm/Analysis/AliasAnalysis.h" 23 #include "llvm/Analysis/AssumptionCache.h" 24 #include "llvm/Analysis/GlobalsModRef.h" 25 #include "llvm/Analysis/MemoryDependenceAnalysis.h" 26 #include "llvm/Analysis/MemoryLocation.h" 27 #include "llvm/Analysis/TargetLibraryInfo.h" 28 #include "llvm/Transforms/Utils/Local.h" 29 #include "llvm/Analysis/ValueTracking.h" 30 #include "llvm/IR/Argument.h" 31 #include "llvm/IR/BasicBlock.h" 32 #include "llvm/IR/CallSite.h" 33 #include "llvm/IR/Constants.h" 34 #include "llvm/IR/DataLayout.h" 35 #include "llvm/IR/DerivedTypes.h" 36 #include "llvm/IR/Dominators.h" 37 #include "llvm/IR/Function.h" 38 #include "llvm/IR/GetElementPtrTypeIterator.h" 39 #include "llvm/IR/GlobalVariable.h" 40 #include "llvm/IR/IRBuilder.h" 41 #include "llvm/IR/InstrTypes.h" 42 #include "llvm/IR/Instruction.h" 43 #include "llvm/IR/Instructions.h" 44 #include "llvm/IR/IntrinsicInst.h" 45 #include "llvm/IR/Intrinsics.h" 46 #include "llvm/IR/LLVMContext.h" 47 #include "llvm/IR/Module.h" 48 #include "llvm/IR/Operator.h" 49 #include "llvm/IR/PassManager.h" 50 #include "llvm/IR/Type.h" 51 #include "llvm/IR/User.h" 52 #include "llvm/IR/Value.h" 53 #include "llvm/Pass.h" 54 #include "llvm/Support/Casting.h" 55 #include "llvm/Support/Debug.h" 56 #include "llvm/Support/MathExtras.h" 57 #include "llvm/Support/raw_ostream.h" 58 #include "llvm/Transforms/Scalar.h" 59 #include <algorithm> 60 #include <cassert> 61 #include <cstdint> 62 #include <utility> 63 64 using namespace llvm; 65 66 #define DEBUG_TYPE "memcpyopt" 67 68 STATISTIC(NumMemCpyInstr, "Number of memcpy instructions deleted"); 69 STATISTIC(NumMemSetInfer, "Number of memsets inferred"); 70 STATISTIC(NumMoveToCpy, "Number of memmoves converted to memcpy"); 71 STATISTIC(NumCpyToSet, "Number of memcpys converted to memset"); 72 73 static int64_t GetOffsetFromIndex(const GEPOperator *GEP, unsigned Idx, 74 bool &VariableIdxFound, 75 const DataLayout &DL) { 76 // Skip over the first indices. 77 gep_type_iterator GTI = gep_type_begin(GEP); 78 for (unsigned i = 1; i != Idx; ++i, ++GTI) 79 /*skip along*/; 80 81 // Compute the offset implied by the rest of the indices. 82 int64_t Offset = 0; 83 for (unsigned i = Idx, e = GEP->getNumOperands(); i != e; ++i, ++GTI) { 84 ConstantInt *OpC = dyn_cast<ConstantInt>(GEP->getOperand(i)); 85 if (!OpC) 86 return VariableIdxFound = true; 87 if (OpC->isZero()) continue; // No offset. 88 89 // Handle struct indices, which add their field offset to the pointer. 90 if (StructType *STy = GTI.getStructTypeOrNull()) { 91 Offset += DL.getStructLayout(STy)->getElementOffset(OpC->getZExtValue()); 92 continue; 93 } 94 95 // Otherwise, we have a sequential type like an array or vector. Multiply 96 // the index by the ElementSize. 97 uint64_t Size = DL.getTypeAllocSize(GTI.getIndexedType()); 98 Offset += Size*OpC->getSExtValue(); 99 } 100 101 return Offset; 102 } 103 104 /// Return true if Ptr1 is provably equal to Ptr2 plus a constant offset, and 105 /// return that constant offset. For example, Ptr1 might be &A[42], and Ptr2 106 /// might be &A[40]. In this case offset would be -8. 107 static bool IsPointerOffset(Value *Ptr1, Value *Ptr2, int64_t &Offset, 108 const DataLayout &DL) { 109 Ptr1 = Ptr1->stripPointerCasts(); 110 Ptr2 = Ptr2->stripPointerCasts(); 111 112 // Handle the trivial case first. 113 if (Ptr1 == Ptr2) { 114 Offset = 0; 115 return true; 116 } 117 118 GEPOperator *GEP1 = dyn_cast<GEPOperator>(Ptr1); 119 GEPOperator *GEP2 = dyn_cast<GEPOperator>(Ptr2); 120 121 bool VariableIdxFound = false; 122 123 // If one pointer is a GEP and the other isn't, then see if the GEP is a 124 // constant offset from the base, as in "P" and "gep P, 1". 125 if (GEP1 && !GEP2 && GEP1->getOperand(0)->stripPointerCasts() == Ptr2) { 126 Offset = -GetOffsetFromIndex(GEP1, 1, VariableIdxFound, DL); 127 return !VariableIdxFound; 128 } 129 130 if (GEP2 && !GEP1 && GEP2->getOperand(0)->stripPointerCasts() == Ptr1) { 131 Offset = GetOffsetFromIndex(GEP2, 1, VariableIdxFound, DL); 132 return !VariableIdxFound; 133 } 134 135 // Right now we handle the case when Ptr1/Ptr2 are both GEPs with an identical 136 // base. After that base, they may have some number of common (and 137 // potentially variable) indices. After that they handle some constant 138 // offset, which determines their offset from each other. At this point, we 139 // handle no other case. 140 if (!GEP1 || !GEP2 || GEP1->getOperand(0) != GEP2->getOperand(0)) 141 return false; 142 143 // Skip any common indices and track the GEP types. 144 unsigned Idx = 1; 145 for (; Idx != GEP1->getNumOperands() && Idx != GEP2->getNumOperands(); ++Idx) 146 if (GEP1->getOperand(Idx) != GEP2->getOperand(Idx)) 147 break; 148 149 int64_t Offset1 = GetOffsetFromIndex(GEP1, Idx, VariableIdxFound, DL); 150 int64_t Offset2 = GetOffsetFromIndex(GEP2, Idx, VariableIdxFound, DL); 151 if (VariableIdxFound) return false; 152 153 Offset = Offset2-Offset1; 154 return true; 155 } 156 157 namespace { 158 159 /// Represents a range of memset'd bytes with the ByteVal value. 160 /// This allows us to analyze stores like: 161 /// store 0 -> P+1 162 /// store 0 -> P+0 163 /// store 0 -> P+3 164 /// store 0 -> P+2 165 /// which sometimes happens with stores to arrays of structs etc. When we see 166 /// the first store, we make a range [1, 2). The second store extends the range 167 /// to [0, 2). The third makes a new range [2, 3). The fourth store joins the 168 /// two ranges into [0, 3) which is memset'able. 169 struct MemsetRange { 170 // Start/End - A semi range that describes the span that this range covers. 171 // The range is closed at the start and open at the end: [Start, End). 172 int64_t Start, End; 173 174 /// StartPtr - The getelementptr instruction that points to the start of the 175 /// range. 176 Value *StartPtr; 177 178 /// Alignment - The known alignment of the first store. 179 unsigned Alignment; 180 181 /// TheStores - The actual stores that make up this range. 182 SmallVector<Instruction*, 16> TheStores; 183 184 bool isProfitableToUseMemset(const DataLayout &DL) const; 185 }; 186 187 } // end anonymous namespace 188 189 bool MemsetRange::isProfitableToUseMemset(const DataLayout &DL) const { 190 // If we found more than 4 stores to merge or 16 bytes, use memset. 191 if (TheStores.size() >= 4 || End-Start >= 16) return true; 192 193 // If there is nothing to merge, don't do anything. 194 if (TheStores.size() < 2) return false; 195 196 // If any of the stores are a memset, then it is always good to extend the 197 // memset. 198 for (Instruction *SI : TheStores) 199 if (!isa<StoreInst>(SI)) 200 return true; 201 202 // Assume that the code generator is capable of merging pairs of stores 203 // together if it wants to. 204 if (TheStores.size() == 2) return false; 205 206 // If we have fewer than 8 stores, it can still be worthwhile to do this. 207 // For example, merging 4 i8 stores into an i32 store is useful almost always. 208 // However, merging 2 32-bit stores isn't useful on a 32-bit architecture (the 209 // memset will be split into 2 32-bit stores anyway) and doing so can 210 // pessimize the llvm optimizer. 211 // 212 // Since we don't have perfect knowledge here, make some assumptions: assume 213 // the maximum GPR width is the same size as the largest legal integer 214 // size. If so, check to see whether we will end up actually reducing the 215 // number of stores used. 216 unsigned Bytes = unsigned(End-Start); 217 unsigned MaxIntSize = DL.getLargestLegalIntTypeSizeInBits() / 8; 218 if (MaxIntSize == 0) 219 MaxIntSize = 1; 220 unsigned NumPointerStores = Bytes / MaxIntSize; 221 222 // Assume the remaining bytes if any are done a byte at a time. 223 unsigned NumByteStores = Bytes % MaxIntSize; 224 225 // If we will reduce the # stores (according to this heuristic), do the 226 // transformation. This encourages merging 4 x i8 -> i32 and 2 x i16 -> i32 227 // etc. 228 return TheStores.size() > NumPointerStores+NumByteStores; 229 } 230 231 namespace { 232 233 class MemsetRanges { 234 using range_iterator = SmallVectorImpl<MemsetRange>::iterator; 235 236 /// A sorted list of the memset ranges. 237 SmallVector<MemsetRange, 8> Ranges; 238 239 const DataLayout &DL; 240 241 public: 242 MemsetRanges(const DataLayout &DL) : DL(DL) {} 243 244 using const_iterator = SmallVectorImpl<MemsetRange>::const_iterator; 245 246 const_iterator begin() const { return Ranges.begin(); } 247 const_iterator end() const { return Ranges.end(); } 248 bool empty() const { return Ranges.empty(); } 249 250 void addInst(int64_t OffsetFromFirst, Instruction *Inst) { 251 if (StoreInst *SI = dyn_cast<StoreInst>(Inst)) 252 addStore(OffsetFromFirst, SI); 253 else 254 addMemSet(OffsetFromFirst, cast<MemSetInst>(Inst)); 255 } 256 257 void addStore(int64_t OffsetFromFirst, StoreInst *SI) { 258 int64_t StoreSize = DL.getTypeStoreSize(SI->getOperand(0)->getType()); 259 260 addRange(OffsetFromFirst, StoreSize, 261 SI->getPointerOperand(), SI->getAlignment(), SI); 262 } 263 264 void addMemSet(int64_t OffsetFromFirst, MemSetInst *MSI) { 265 int64_t Size = cast<ConstantInt>(MSI->getLength())->getZExtValue(); 266 addRange(OffsetFromFirst, Size, MSI->getDest(), MSI->getDestAlignment(), MSI); 267 } 268 269 void addRange(int64_t Start, int64_t Size, Value *Ptr, 270 unsigned Alignment, Instruction *Inst); 271 }; 272 273 } // end anonymous namespace 274 275 /// Add a new store to the MemsetRanges data structure. This adds a 276 /// new range for the specified store at the specified offset, merging into 277 /// existing ranges as appropriate. 278 void MemsetRanges::addRange(int64_t Start, int64_t Size, Value *Ptr, 279 unsigned Alignment, Instruction *Inst) { 280 int64_t End = Start+Size; 281 282 range_iterator I = std::lower_bound(Ranges.begin(), Ranges.end(), Start, 283 [](const MemsetRange &LHS, int64_t RHS) { return LHS.End < RHS; }); 284 285 // We now know that I == E, in which case we didn't find anything to merge 286 // with, or that Start <= I->End. If End < I->Start or I == E, then we need 287 // to insert a new range. Handle this now. 288 if (I == Ranges.end() || End < I->Start) { 289 MemsetRange &R = *Ranges.insert(I, MemsetRange()); 290 R.Start = Start; 291 R.End = End; 292 R.StartPtr = Ptr; 293 R.Alignment = Alignment; 294 R.TheStores.push_back(Inst); 295 return; 296 } 297 298 // This store overlaps with I, add it. 299 I->TheStores.push_back(Inst); 300 301 // At this point, we may have an interval that completely contains our store. 302 // If so, just add it to the interval and return. 303 if (I->Start <= Start && I->End >= End) 304 return; 305 306 // Now we know that Start <= I->End and End >= I->Start so the range overlaps 307 // but is not entirely contained within the range. 308 309 // See if the range extends the start of the range. In this case, it couldn't 310 // possibly cause it to join the prior range, because otherwise we would have 311 // stopped on *it*. 312 if (Start < I->Start) { 313 I->Start = Start; 314 I->StartPtr = Ptr; 315 I->Alignment = Alignment; 316 } 317 318 // Now we know that Start <= I->End and Start >= I->Start (so the startpoint 319 // is in or right at the end of I), and that End >= I->Start. Extend I out to 320 // End. 321 if (End > I->End) { 322 I->End = End; 323 range_iterator NextI = I; 324 while (++NextI != Ranges.end() && End >= NextI->Start) { 325 // Merge the range in. 326 I->TheStores.append(NextI->TheStores.begin(), NextI->TheStores.end()); 327 if (NextI->End > I->End) 328 I->End = NextI->End; 329 Ranges.erase(NextI); 330 NextI = I; 331 } 332 } 333 } 334 335 //===----------------------------------------------------------------------===// 336 // MemCpyOptLegacyPass Pass 337 //===----------------------------------------------------------------------===// 338 339 namespace { 340 341 class MemCpyOptLegacyPass : public FunctionPass { 342 MemCpyOptPass Impl; 343 344 public: 345 static char ID; // Pass identification, replacement for typeid 346 347 MemCpyOptLegacyPass() : FunctionPass(ID) { 348 initializeMemCpyOptLegacyPassPass(*PassRegistry::getPassRegistry()); 349 } 350 351 bool runOnFunction(Function &F) override; 352 353 private: 354 // This transformation requires dominator postdominator info 355 void getAnalysisUsage(AnalysisUsage &AU) const override { 356 AU.setPreservesCFG(); 357 AU.addRequired<AssumptionCacheTracker>(); 358 AU.addRequired<DominatorTreeWrapperPass>(); 359 AU.addRequired<MemoryDependenceWrapperPass>(); 360 AU.addRequired<AAResultsWrapperPass>(); 361 AU.addRequired<TargetLibraryInfoWrapperPass>(); 362 AU.addPreserved<GlobalsAAWrapperPass>(); 363 AU.addPreserved<MemoryDependenceWrapperPass>(); 364 } 365 }; 366 367 } // end anonymous namespace 368 369 char MemCpyOptLegacyPass::ID = 0; 370 371 /// The public interface to this file... 372 FunctionPass *llvm::createMemCpyOptPass() { return new MemCpyOptLegacyPass(); } 373 374 INITIALIZE_PASS_BEGIN(MemCpyOptLegacyPass, "memcpyopt", "MemCpy Optimization", 375 false, false) 376 INITIALIZE_PASS_DEPENDENCY(AssumptionCacheTracker) 377 INITIALIZE_PASS_DEPENDENCY(DominatorTreeWrapperPass) 378 INITIALIZE_PASS_DEPENDENCY(MemoryDependenceWrapperPass) 379 INITIALIZE_PASS_DEPENDENCY(TargetLibraryInfoWrapperPass) 380 INITIALIZE_PASS_DEPENDENCY(AAResultsWrapperPass) 381 INITIALIZE_PASS_DEPENDENCY(GlobalsAAWrapperPass) 382 INITIALIZE_PASS_END(MemCpyOptLegacyPass, "memcpyopt", "MemCpy Optimization", 383 false, false) 384 385 /// When scanning forward over instructions, we look for some other patterns to 386 /// fold away. In particular, this looks for stores to neighboring locations of 387 /// memory. If it sees enough consecutive ones, it attempts to merge them 388 /// together into a memcpy/memset. 389 Instruction *MemCpyOptPass::tryMergingIntoMemset(Instruction *StartInst, 390 Value *StartPtr, 391 Value *ByteVal) { 392 const DataLayout &DL = StartInst->getModule()->getDataLayout(); 393 394 // Okay, so we now have a single store that can be splatable. Scan to find 395 // all subsequent stores of the same value to offset from the same pointer. 396 // Join these together into ranges, so we can decide whether contiguous blocks 397 // are stored. 398 MemsetRanges Ranges(DL); 399 400 BasicBlock::iterator BI(StartInst); 401 for (++BI; !BI->isTerminator(); ++BI) { 402 if (!isa<StoreInst>(BI) && !isa<MemSetInst>(BI)) { 403 // If the instruction is readnone, ignore it, otherwise bail out. We 404 // don't even allow readonly here because we don't want something like: 405 // A[1] = 2; strlen(A); A[2] = 2; -> memcpy(A, ...); strlen(A). 406 if (BI->mayWriteToMemory() || BI->mayReadFromMemory()) 407 break; 408 continue; 409 } 410 411 if (StoreInst *NextStore = dyn_cast<StoreInst>(BI)) { 412 // If this is a store, see if we can merge it in. 413 if (!NextStore->isSimple()) break; 414 415 // Check to see if this stored value is of the same byte-splattable value. 416 Value *StoredByte = isBytewiseValue(NextStore->getOperand(0)); 417 if (isa<UndefValue>(ByteVal) && StoredByte) 418 ByteVal = StoredByte; 419 if (ByteVal != StoredByte) 420 break; 421 422 // Check to see if this store is to a constant offset from the start ptr. 423 int64_t Offset; 424 if (!IsPointerOffset(StartPtr, NextStore->getPointerOperand(), Offset, 425 DL)) 426 break; 427 428 Ranges.addStore(Offset, NextStore); 429 } else { 430 MemSetInst *MSI = cast<MemSetInst>(BI); 431 432 if (MSI->isVolatile() || ByteVal != MSI->getValue() || 433 !isa<ConstantInt>(MSI->getLength())) 434 break; 435 436 // Check to see if this store is to a constant offset from the start ptr. 437 int64_t Offset; 438 if (!IsPointerOffset(StartPtr, MSI->getDest(), Offset, DL)) 439 break; 440 441 Ranges.addMemSet(Offset, MSI); 442 } 443 } 444 445 // If we have no ranges, then we just had a single store with nothing that 446 // could be merged in. This is a very common case of course. 447 if (Ranges.empty()) 448 return nullptr; 449 450 // If we had at least one store that could be merged in, add the starting 451 // store as well. We try to avoid this unless there is at least something 452 // interesting as a small compile-time optimization. 453 Ranges.addInst(0, StartInst); 454 455 // If we create any memsets, we put it right before the first instruction that 456 // isn't part of the memset block. This ensure that the memset is dominated 457 // by any addressing instruction needed by the start of the block. 458 IRBuilder<> Builder(&*BI); 459 460 // Now that we have full information about ranges, loop over the ranges and 461 // emit memset's for anything big enough to be worthwhile. 462 Instruction *AMemSet = nullptr; 463 for (const MemsetRange &Range : Ranges) { 464 if (Range.TheStores.size() == 1) continue; 465 466 // If it is profitable to lower this range to memset, do so now. 467 if (!Range.isProfitableToUseMemset(DL)) 468 continue; 469 470 // Otherwise, we do want to transform this! Create a new memset. 471 // Get the starting pointer of the block. 472 StartPtr = Range.StartPtr; 473 474 // Determine alignment 475 unsigned Alignment = Range.Alignment; 476 if (Alignment == 0) { 477 Type *EltType = 478 cast<PointerType>(StartPtr->getType())->getElementType(); 479 Alignment = DL.getABITypeAlignment(EltType); 480 } 481 482 AMemSet = 483 Builder.CreateMemSet(StartPtr, ByteVal, Range.End-Range.Start, Alignment); 484 485 LLVM_DEBUG(dbgs() << "Replace stores:\n"; for (Instruction *SI 486 : Range.TheStores) dbgs() 487 << *SI << '\n'; 488 dbgs() << "With: " << *AMemSet << '\n'); 489 490 if (!Range.TheStores.empty()) 491 AMemSet->setDebugLoc(Range.TheStores[0]->getDebugLoc()); 492 493 // Zap all the stores. 494 for (Instruction *SI : Range.TheStores) { 495 MD->removeInstruction(SI); 496 SI->eraseFromParent(); 497 } 498 ++NumMemSetInfer; 499 } 500 501 return AMemSet; 502 } 503 504 static unsigned findStoreAlignment(const DataLayout &DL, const StoreInst *SI) { 505 unsigned StoreAlign = SI->getAlignment(); 506 if (!StoreAlign) 507 StoreAlign = DL.getABITypeAlignment(SI->getOperand(0)->getType()); 508 return StoreAlign; 509 } 510 511 static unsigned findLoadAlignment(const DataLayout &DL, const LoadInst *LI) { 512 unsigned LoadAlign = LI->getAlignment(); 513 if (!LoadAlign) 514 LoadAlign = DL.getABITypeAlignment(LI->getType()); 515 return LoadAlign; 516 } 517 518 static unsigned findCommonAlignment(const DataLayout &DL, const StoreInst *SI, 519 const LoadInst *LI) { 520 unsigned StoreAlign = findStoreAlignment(DL, SI); 521 unsigned LoadAlign = findLoadAlignment(DL, LI); 522 return MinAlign(StoreAlign, LoadAlign); 523 } 524 525 // This method try to lift a store instruction before position P. 526 // It will lift the store and its argument + that anything that 527 // may alias with these. 528 // The method returns true if it was successful. 529 static bool moveUp(AliasAnalysis &AA, StoreInst *SI, Instruction *P, 530 const LoadInst *LI) { 531 // If the store alias this position, early bail out. 532 MemoryLocation StoreLoc = MemoryLocation::get(SI); 533 if (isModOrRefSet(AA.getModRefInfo(P, StoreLoc))) 534 return false; 535 536 // Keep track of the arguments of all instruction we plan to lift 537 // so we can make sure to lift them as well if appropriate. 538 DenseSet<Instruction*> Args; 539 if (auto *Ptr = dyn_cast<Instruction>(SI->getPointerOperand())) 540 if (Ptr->getParent() == SI->getParent()) 541 Args.insert(Ptr); 542 543 // Instruction to lift before P. 544 SmallVector<Instruction*, 8> ToLift; 545 546 // Memory locations of lifted instructions. 547 SmallVector<MemoryLocation, 8> MemLocs{StoreLoc}; 548 549 // Lifted calls. 550 SmallVector<const CallBase *, 8> Calls; 551 552 const MemoryLocation LoadLoc = MemoryLocation::get(LI); 553 554 for (auto I = --SI->getIterator(), E = P->getIterator(); I != E; --I) { 555 auto *C = &*I; 556 557 bool MayAlias = isModOrRefSet(AA.getModRefInfo(C, None)); 558 559 bool NeedLift = false; 560 if (Args.erase(C)) 561 NeedLift = true; 562 else if (MayAlias) { 563 NeedLift = llvm::any_of(MemLocs, [C, &AA](const MemoryLocation &ML) { 564 return isModOrRefSet(AA.getModRefInfo(C, ML)); 565 }); 566 567 if (!NeedLift) 568 NeedLift = llvm::any_of(Calls, [C, &AA](const CallBase *Call) { 569 return isModOrRefSet(AA.getModRefInfo(C, Call)); 570 }); 571 } 572 573 if (!NeedLift) 574 continue; 575 576 if (MayAlias) { 577 // Since LI is implicitly moved downwards past the lifted instructions, 578 // none of them may modify its source. 579 if (isModSet(AA.getModRefInfo(C, LoadLoc))) 580 return false; 581 else if (const auto *Call = dyn_cast<CallBase>(C)) { 582 // If we can't lift this before P, it's game over. 583 if (isModOrRefSet(AA.getModRefInfo(P, Call))) 584 return false; 585 586 Calls.push_back(Call); 587 } else if (isa<LoadInst>(C) || isa<StoreInst>(C) || isa<VAArgInst>(C)) { 588 // If we can't lift this before P, it's game over. 589 auto ML = MemoryLocation::get(C); 590 if (isModOrRefSet(AA.getModRefInfo(P, ML))) 591 return false; 592 593 MemLocs.push_back(ML); 594 } else 595 // We don't know how to lift this instruction. 596 return false; 597 } 598 599 ToLift.push_back(C); 600 for (unsigned k = 0, e = C->getNumOperands(); k != e; ++k) 601 if (auto *A = dyn_cast<Instruction>(C->getOperand(k))) 602 if (A->getParent() == SI->getParent()) 603 Args.insert(A); 604 } 605 606 // We made it, we need to lift 607 for (auto *I : llvm::reverse(ToLift)) { 608 LLVM_DEBUG(dbgs() << "Lifting " << *I << " before " << *P << "\n"); 609 I->moveBefore(P); 610 } 611 612 return true; 613 } 614 615 bool MemCpyOptPass::processStore(StoreInst *SI, BasicBlock::iterator &BBI) { 616 if (!SI->isSimple()) return false; 617 618 // Avoid merging nontemporal stores since the resulting 619 // memcpy/memset would not be able to preserve the nontemporal hint. 620 // In theory we could teach how to propagate the !nontemporal metadata to 621 // memset calls. However, that change would force the backend to 622 // conservatively expand !nontemporal memset calls back to sequences of 623 // store instructions (effectively undoing the merging). 624 if (SI->getMetadata(LLVMContext::MD_nontemporal)) 625 return false; 626 627 const DataLayout &DL = SI->getModule()->getDataLayout(); 628 629 // Load to store forwarding can be interpreted as memcpy. 630 if (LoadInst *LI = dyn_cast<LoadInst>(SI->getOperand(0))) { 631 if (LI->isSimple() && LI->hasOneUse() && 632 LI->getParent() == SI->getParent()) { 633 634 auto *T = LI->getType(); 635 if (T->isAggregateType()) { 636 AliasAnalysis &AA = LookupAliasAnalysis(); 637 MemoryLocation LoadLoc = MemoryLocation::get(LI); 638 639 // We use alias analysis to check if an instruction may store to 640 // the memory we load from in between the load and the store. If 641 // such an instruction is found, we try to promote there instead 642 // of at the store position. 643 Instruction *P = SI; 644 for (auto &I : make_range(++LI->getIterator(), SI->getIterator())) { 645 if (isModSet(AA.getModRefInfo(&I, LoadLoc))) { 646 P = &I; 647 break; 648 } 649 } 650 651 // We found an instruction that may write to the loaded memory. 652 // We can try to promote at this position instead of the store 653 // position if nothing alias the store memory after this and the store 654 // destination is not in the range. 655 if (P && P != SI) { 656 if (!moveUp(AA, SI, P, LI)) 657 P = nullptr; 658 } 659 660 // If a valid insertion position is found, then we can promote 661 // the load/store pair to a memcpy. 662 if (P) { 663 // If we load from memory that may alias the memory we store to, 664 // memmove must be used to preserve semantic. If not, memcpy can 665 // be used. 666 bool UseMemMove = false; 667 if (!AA.isNoAlias(MemoryLocation::get(SI), LoadLoc)) 668 UseMemMove = true; 669 670 uint64_t Size = DL.getTypeStoreSize(T); 671 672 IRBuilder<> Builder(P); 673 Instruction *M; 674 if (UseMemMove) 675 M = Builder.CreateMemMove( 676 SI->getPointerOperand(), findStoreAlignment(DL, SI), 677 LI->getPointerOperand(), findLoadAlignment(DL, LI), Size); 678 else 679 M = Builder.CreateMemCpy( 680 SI->getPointerOperand(), findStoreAlignment(DL, SI), 681 LI->getPointerOperand(), findLoadAlignment(DL, LI), Size); 682 683 LLVM_DEBUG(dbgs() << "Promoting " << *LI << " to " << *SI << " => " 684 << *M << "\n"); 685 686 MD->removeInstruction(SI); 687 SI->eraseFromParent(); 688 MD->removeInstruction(LI); 689 LI->eraseFromParent(); 690 ++NumMemCpyInstr; 691 692 // Make sure we do not invalidate the iterator. 693 BBI = M->getIterator(); 694 return true; 695 } 696 } 697 698 // Detect cases where we're performing call slot forwarding, but 699 // happen to be using a load-store pair to implement it, rather than 700 // a memcpy. 701 MemDepResult ldep = MD->getDependency(LI); 702 CallInst *C = nullptr; 703 if (ldep.isClobber() && !isa<MemCpyInst>(ldep.getInst())) 704 C = dyn_cast<CallInst>(ldep.getInst()); 705 706 if (C) { 707 // Check that nothing touches the dest of the "copy" between 708 // the call and the store. 709 Value *CpyDest = SI->getPointerOperand()->stripPointerCasts(); 710 bool CpyDestIsLocal = isa<AllocaInst>(CpyDest); 711 AliasAnalysis &AA = LookupAliasAnalysis(); 712 MemoryLocation StoreLoc = MemoryLocation::get(SI); 713 for (BasicBlock::iterator I = --SI->getIterator(), E = C->getIterator(); 714 I != E; --I) { 715 if (isModOrRefSet(AA.getModRefInfo(&*I, StoreLoc))) { 716 C = nullptr; 717 break; 718 } 719 // The store to dest may never happen if an exception can be thrown 720 // between the load and the store. 721 if (I->mayThrow() && !CpyDestIsLocal) { 722 C = nullptr; 723 break; 724 } 725 } 726 } 727 728 if (C) { 729 bool changed = performCallSlotOptzn( 730 LI, SI->getPointerOperand()->stripPointerCasts(), 731 LI->getPointerOperand()->stripPointerCasts(), 732 DL.getTypeStoreSize(SI->getOperand(0)->getType()), 733 findCommonAlignment(DL, SI, LI), C); 734 if (changed) { 735 MD->removeInstruction(SI); 736 SI->eraseFromParent(); 737 MD->removeInstruction(LI); 738 LI->eraseFromParent(); 739 ++NumMemCpyInstr; 740 return true; 741 } 742 } 743 } 744 } 745 746 // There are two cases that are interesting for this code to handle: memcpy 747 // and memset. Right now we only handle memset. 748 749 // Ensure that the value being stored is something that can be memset'able a 750 // byte at a time like "0" or "-1" or any width, as well as things like 751 // 0xA0A0A0A0 and 0.0. 752 auto *V = SI->getOperand(0); 753 if (Value *ByteVal = isBytewiseValue(V)) { 754 if (Instruction *I = tryMergingIntoMemset(SI, SI->getPointerOperand(), 755 ByteVal)) { 756 BBI = I->getIterator(); // Don't invalidate iterator. 757 return true; 758 } 759 760 // If we have an aggregate, we try to promote it to memset regardless 761 // of opportunity for merging as it can expose optimization opportunities 762 // in subsequent passes. 763 auto *T = V->getType(); 764 if (T->isAggregateType()) { 765 uint64_t Size = DL.getTypeStoreSize(T); 766 unsigned Align = SI->getAlignment(); 767 if (!Align) 768 Align = DL.getABITypeAlignment(T); 769 IRBuilder<> Builder(SI); 770 auto *M = 771 Builder.CreateMemSet(SI->getPointerOperand(), ByteVal, Size, Align); 772 773 LLVM_DEBUG(dbgs() << "Promoting " << *SI << " to " << *M << "\n"); 774 775 MD->removeInstruction(SI); 776 SI->eraseFromParent(); 777 NumMemSetInfer++; 778 779 // Make sure we do not invalidate the iterator. 780 BBI = M->getIterator(); 781 return true; 782 } 783 } 784 785 return false; 786 } 787 788 bool MemCpyOptPass::processMemSet(MemSetInst *MSI, BasicBlock::iterator &BBI) { 789 // See if there is another memset or store neighboring this memset which 790 // allows us to widen out the memset to do a single larger store. 791 if (isa<ConstantInt>(MSI->getLength()) && !MSI->isVolatile()) 792 if (Instruction *I = tryMergingIntoMemset(MSI, MSI->getDest(), 793 MSI->getValue())) { 794 BBI = I->getIterator(); // Don't invalidate iterator. 795 return true; 796 } 797 return false; 798 } 799 800 /// Takes a memcpy and a call that it depends on, 801 /// and checks for the possibility of a call slot optimization by having 802 /// the call write its result directly into the destination of the memcpy. 803 bool MemCpyOptPass::performCallSlotOptzn(Instruction *cpy, Value *cpyDest, 804 Value *cpySrc, uint64_t cpyLen, 805 unsigned cpyAlign, CallInst *C) { 806 // The general transformation to keep in mind is 807 // 808 // call @func(..., src, ...) 809 // memcpy(dest, src, ...) 810 // 811 // -> 812 // 813 // memcpy(dest, src, ...) 814 // call @func(..., dest, ...) 815 // 816 // Since moving the memcpy is technically awkward, we additionally check that 817 // src only holds uninitialized values at the moment of the call, meaning that 818 // the memcpy can be discarded rather than moved. 819 820 // Lifetime marks shouldn't be operated on. 821 if (Function *F = C->getCalledFunction()) 822 if (F->isIntrinsic() && F->getIntrinsicID() == Intrinsic::lifetime_start) 823 return false; 824 825 // Deliberately get the source and destination with bitcasts stripped away, 826 // because we'll need to do type comparisons based on the underlying type. 827 CallSite CS(C); 828 829 // Require that src be an alloca. This simplifies the reasoning considerably. 830 AllocaInst *srcAlloca = dyn_cast<AllocaInst>(cpySrc); 831 if (!srcAlloca) 832 return false; 833 834 ConstantInt *srcArraySize = dyn_cast<ConstantInt>(srcAlloca->getArraySize()); 835 if (!srcArraySize) 836 return false; 837 838 const DataLayout &DL = cpy->getModule()->getDataLayout(); 839 uint64_t srcSize = DL.getTypeAllocSize(srcAlloca->getAllocatedType()) * 840 srcArraySize->getZExtValue(); 841 842 if (cpyLen < srcSize) 843 return false; 844 845 // Check that accessing the first srcSize bytes of dest will not cause a 846 // trap. Otherwise the transform is invalid since it might cause a trap 847 // to occur earlier than it otherwise would. 848 if (AllocaInst *A = dyn_cast<AllocaInst>(cpyDest)) { 849 // The destination is an alloca. Check it is larger than srcSize. 850 ConstantInt *destArraySize = dyn_cast<ConstantInt>(A->getArraySize()); 851 if (!destArraySize) 852 return false; 853 854 uint64_t destSize = DL.getTypeAllocSize(A->getAllocatedType()) * 855 destArraySize->getZExtValue(); 856 857 if (destSize < srcSize) 858 return false; 859 } else if (Argument *A = dyn_cast<Argument>(cpyDest)) { 860 // The store to dest may never happen if the call can throw. 861 if (C->mayThrow()) 862 return false; 863 864 if (A->getDereferenceableBytes() < srcSize) { 865 // If the destination is an sret parameter then only accesses that are 866 // outside of the returned struct type can trap. 867 if (!A->hasStructRetAttr()) 868 return false; 869 870 Type *StructTy = cast<PointerType>(A->getType())->getElementType(); 871 if (!StructTy->isSized()) { 872 // The call may never return and hence the copy-instruction may never 873 // be executed, and therefore it's not safe to say "the destination 874 // has at least <cpyLen> bytes, as implied by the copy-instruction", 875 return false; 876 } 877 878 uint64_t destSize = DL.getTypeAllocSize(StructTy); 879 if (destSize < srcSize) 880 return false; 881 } 882 } else { 883 return false; 884 } 885 886 // Check that dest points to memory that is at least as aligned as src. 887 unsigned srcAlign = srcAlloca->getAlignment(); 888 if (!srcAlign) 889 srcAlign = DL.getABITypeAlignment(srcAlloca->getAllocatedType()); 890 bool isDestSufficientlyAligned = srcAlign <= cpyAlign; 891 // If dest is not aligned enough and we can't increase its alignment then 892 // bail out. 893 if (!isDestSufficientlyAligned && !isa<AllocaInst>(cpyDest)) 894 return false; 895 896 // Check that src is not accessed except via the call and the memcpy. This 897 // guarantees that it holds only undefined values when passed in (so the final 898 // memcpy can be dropped), that it is not read or written between the call and 899 // the memcpy, and that writing beyond the end of it is undefined. 900 SmallVector<User*, 8> srcUseList(srcAlloca->user_begin(), 901 srcAlloca->user_end()); 902 while (!srcUseList.empty()) { 903 User *U = srcUseList.pop_back_val(); 904 905 if (isa<BitCastInst>(U) || isa<AddrSpaceCastInst>(U)) { 906 for (User *UU : U->users()) 907 srcUseList.push_back(UU); 908 continue; 909 } 910 if (GetElementPtrInst *G = dyn_cast<GetElementPtrInst>(U)) { 911 if (!G->hasAllZeroIndices()) 912 return false; 913 914 for (User *UU : U->users()) 915 srcUseList.push_back(UU); 916 continue; 917 } 918 if (const IntrinsicInst *IT = dyn_cast<IntrinsicInst>(U)) 919 if (IT->isLifetimeStartOrEnd()) 920 continue; 921 922 if (U != C && U != cpy) 923 return false; 924 } 925 926 // Check that src isn't captured by the called function since the 927 // transformation can cause aliasing issues in that case. 928 for (unsigned i = 0, e = CS.arg_size(); i != e; ++i) 929 if (CS.getArgument(i) == cpySrc && !CS.doesNotCapture(i)) 930 return false; 931 932 // Since we're changing the parameter to the callsite, we need to make sure 933 // that what would be the new parameter dominates the callsite. 934 DominatorTree &DT = LookupDomTree(); 935 if (Instruction *cpyDestInst = dyn_cast<Instruction>(cpyDest)) 936 if (!DT.dominates(cpyDestInst, C)) 937 return false; 938 939 // In addition to knowing that the call does not access src in some 940 // unexpected manner, for example via a global, which we deduce from 941 // the use analysis, we also need to know that it does not sneakily 942 // access dest. We rely on AA to figure this out for us. 943 AliasAnalysis &AA = LookupAliasAnalysis(); 944 ModRefInfo MR = AA.getModRefInfo(C, cpyDest, LocationSize::precise(srcSize)); 945 // If necessary, perform additional analysis. 946 if (isModOrRefSet(MR)) 947 MR = AA.callCapturesBefore(C, cpyDest, LocationSize::precise(srcSize), &DT); 948 if (isModOrRefSet(MR)) 949 return false; 950 951 // We can't create address space casts here because we don't know if they're 952 // safe for the target. 953 if (cpySrc->getType()->getPointerAddressSpace() != 954 cpyDest->getType()->getPointerAddressSpace()) 955 return false; 956 for (unsigned i = 0; i < CS.arg_size(); ++i) 957 if (CS.getArgument(i)->stripPointerCasts() == cpySrc && 958 cpySrc->getType()->getPointerAddressSpace() != 959 CS.getArgument(i)->getType()->getPointerAddressSpace()) 960 return false; 961 962 // All the checks have passed, so do the transformation. 963 bool changedArgument = false; 964 for (unsigned i = 0; i < CS.arg_size(); ++i) 965 if (CS.getArgument(i)->stripPointerCasts() == cpySrc) { 966 Value *Dest = cpySrc->getType() == cpyDest->getType() ? cpyDest 967 : CastInst::CreatePointerCast(cpyDest, cpySrc->getType(), 968 cpyDest->getName(), C); 969 changedArgument = true; 970 if (CS.getArgument(i)->getType() == Dest->getType()) 971 CS.setArgument(i, Dest); 972 else 973 CS.setArgument(i, CastInst::CreatePointerCast(Dest, 974 CS.getArgument(i)->getType(), Dest->getName(), C)); 975 } 976 977 if (!changedArgument) 978 return false; 979 980 // If the destination wasn't sufficiently aligned then increase its alignment. 981 if (!isDestSufficientlyAligned) { 982 assert(isa<AllocaInst>(cpyDest) && "Can only increase alloca alignment!"); 983 cast<AllocaInst>(cpyDest)->setAlignment(srcAlign); 984 } 985 986 // Drop any cached information about the call, because we may have changed 987 // its dependence information by changing its parameter. 988 MD->removeInstruction(C); 989 990 // Update AA metadata 991 // FIXME: MD_tbaa_struct and MD_mem_parallel_loop_access should also be 992 // handled here, but combineMetadata doesn't support them yet 993 unsigned KnownIDs[] = {LLVMContext::MD_tbaa, LLVMContext::MD_alias_scope, 994 LLVMContext::MD_noalias, 995 LLVMContext::MD_invariant_group, 996 LLVMContext::MD_access_group}; 997 combineMetadata(C, cpy, KnownIDs, true); 998 999 // Remove the memcpy. 1000 MD->removeInstruction(cpy); 1001 ++NumMemCpyInstr; 1002 1003 return true; 1004 } 1005 1006 /// We've found that the (upward scanning) memory dependence of memcpy 'M' is 1007 /// the memcpy 'MDep'. Try to simplify M to copy from MDep's input if we can. 1008 bool MemCpyOptPass::processMemCpyMemCpyDependence(MemCpyInst *M, 1009 MemCpyInst *MDep) { 1010 // We can only transforms memcpy's where the dest of one is the source of the 1011 // other. 1012 if (M->getSource() != MDep->getDest() || MDep->isVolatile()) 1013 return false; 1014 1015 // If dep instruction is reading from our current input, then it is a noop 1016 // transfer and substituting the input won't change this instruction. Just 1017 // ignore the input and let someone else zap MDep. This handles cases like: 1018 // memcpy(a <- a) 1019 // memcpy(b <- a) 1020 if (M->getSource() == MDep->getSource()) 1021 return false; 1022 1023 // Second, the length of the memcpy's must be the same, or the preceding one 1024 // must be larger than the following one. 1025 ConstantInt *MDepLen = dyn_cast<ConstantInt>(MDep->getLength()); 1026 ConstantInt *MLen = dyn_cast<ConstantInt>(M->getLength()); 1027 if (!MDepLen || !MLen || MDepLen->getZExtValue() < MLen->getZExtValue()) 1028 return false; 1029 1030 AliasAnalysis &AA = LookupAliasAnalysis(); 1031 1032 // Verify that the copied-from memory doesn't change in between the two 1033 // transfers. For example, in: 1034 // memcpy(a <- b) 1035 // *b = 42; 1036 // memcpy(c <- a) 1037 // It would be invalid to transform the second memcpy into memcpy(c <- b). 1038 // 1039 // TODO: If the code between M and MDep is transparent to the destination "c", 1040 // then we could still perform the xform by moving M up to the first memcpy. 1041 // 1042 // NOTE: This is conservative, it will stop on any read from the source loc, 1043 // not just the defining memcpy. 1044 MemDepResult SourceDep = 1045 MD->getPointerDependencyFrom(MemoryLocation::getForSource(MDep), false, 1046 M->getIterator(), M->getParent()); 1047 if (!SourceDep.isClobber() || SourceDep.getInst() != MDep) 1048 return false; 1049 1050 // If the dest of the second might alias the source of the first, then the 1051 // source and dest might overlap. We still want to eliminate the intermediate 1052 // value, but we have to generate a memmove instead of memcpy. 1053 bool UseMemMove = false; 1054 if (!AA.isNoAlias(MemoryLocation::getForDest(M), 1055 MemoryLocation::getForSource(MDep))) 1056 UseMemMove = true; 1057 1058 // If all checks passed, then we can transform M. 1059 LLVM_DEBUG(dbgs() << "MemCpyOptPass: Forwarding memcpy->memcpy src:\n" 1060 << *MDep << '\n' << *M << '\n'); 1061 1062 // TODO: Is this worth it if we're creating a less aligned memcpy? For 1063 // example we could be moving from movaps -> movq on x86. 1064 IRBuilder<> Builder(M); 1065 if (UseMemMove) 1066 Builder.CreateMemMove(M->getRawDest(), M->getDestAlignment(), 1067 MDep->getRawSource(), MDep->getSourceAlignment(), 1068 M->getLength(), M->isVolatile()); 1069 else 1070 Builder.CreateMemCpy(M->getRawDest(), M->getDestAlignment(), 1071 MDep->getRawSource(), MDep->getSourceAlignment(), 1072 M->getLength(), M->isVolatile()); 1073 1074 // Remove the instruction we're replacing. 1075 MD->removeInstruction(M); 1076 M->eraseFromParent(); 1077 ++NumMemCpyInstr; 1078 return true; 1079 } 1080 1081 /// We've found that the (upward scanning) memory dependence of \p MemCpy is 1082 /// \p MemSet. Try to simplify \p MemSet to only set the trailing bytes that 1083 /// weren't copied over by \p MemCpy. 1084 /// 1085 /// In other words, transform: 1086 /// \code 1087 /// memset(dst, c, dst_size); 1088 /// memcpy(dst, src, src_size); 1089 /// \endcode 1090 /// into: 1091 /// \code 1092 /// memcpy(dst, src, src_size); 1093 /// memset(dst + src_size, c, dst_size <= src_size ? 0 : dst_size - src_size); 1094 /// \endcode 1095 bool MemCpyOptPass::processMemSetMemCpyDependence(MemCpyInst *MemCpy, 1096 MemSetInst *MemSet) { 1097 // We can only transform memset/memcpy with the same destination. 1098 if (MemSet->getDest() != MemCpy->getDest()) 1099 return false; 1100 1101 // Check that there are no other dependencies on the memset destination. 1102 MemDepResult DstDepInfo = 1103 MD->getPointerDependencyFrom(MemoryLocation::getForDest(MemSet), false, 1104 MemCpy->getIterator(), MemCpy->getParent()); 1105 if (DstDepInfo.getInst() != MemSet) 1106 return false; 1107 1108 // Use the same i8* dest as the memcpy, killing the memset dest if different. 1109 Value *Dest = MemCpy->getRawDest(); 1110 Value *DestSize = MemSet->getLength(); 1111 Value *SrcSize = MemCpy->getLength(); 1112 1113 // By default, create an unaligned memset. 1114 unsigned Align = 1; 1115 // If Dest is aligned, and SrcSize is constant, use the minimum alignment 1116 // of the sum. 1117 const unsigned DestAlign = 1118 std::max(MemSet->getDestAlignment(), MemCpy->getDestAlignment()); 1119 if (DestAlign > 1) 1120 if (ConstantInt *SrcSizeC = dyn_cast<ConstantInt>(SrcSize)) 1121 Align = MinAlign(SrcSizeC->getZExtValue(), DestAlign); 1122 1123 IRBuilder<> Builder(MemCpy); 1124 1125 // If the sizes have different types, zext the smaller one. 1126 if (DestSize->getType() != SrcSize->getType()) { 1127 if (DestSize->getType()->getIntegerBitWidth() > 1128 SrcSize->getType()->getIntegerBitWidth()) 1129 SrcSize = Builder.CreateZExt(SrcSize, DestSize->getType()); 1130 else 1131 DestSize = Builder.CreateZExt(DestSize, SrcSize->getType()); 1132 } 1133 1134 Value *Ule = Builder.CreateICmpULE(DestSize, SrcSize); 1135 Value *SizeDiff = Builder.CreateSub(DestSize, SrcSize); 1136 Value *MemsetLen = Builder.CreateSelect( 1137 Ule, ConstantInt::getNullValue(DestSize->getType()), SizeDiff); 1138 Builder.CreateMemSet(Builder.CreateGEP(Dest, SrcSize), MemSet->getOperand(1), 1139 MemsetLen, Align); 1140 1141 MD->removeInstruction(MemSet); 1142 MemSet->eraseFromParent(); 1143 return true; 1144 } 1145 1146 /// Determine whether the instruction has undefined content for the given Size, 1147 /// either because it was freshly alloca'd or started its lifetime. 1148 static bool hasUndefContents(Instruction *I, ConstantInt *Size) { 1149 if (isa<AllocaInst>(I)) 1150 return true; 1151 1152 if (IntrinsicInst *II = dyn_cast<IntrinsicInst>(I)) 1153 if (II->getIntrinsicID() == Intrinsic::lifetime_start) 1154 if (ConstantInt *LTSize = dyn_cast<ConstantInt>(II->getArgOperand(0))) 1155 if (LTSize->getZExtValue() >= Size->getZExtValue()) 1156 return true; 1157 1158 return false; 1159 } 1160 1161 /// Transform memcpy to memset when its source was just memset. 1162 /// In other words, turn: 1163 /// \code 1164 /// memset(dst1, c, dst1_size); 1165 /// memcpy(dst2, dst1, dst2_size); 1166 /// \endcode 1167 /// into: 1168 /// \code 1169 /// memset(dst1, c, dst1_size); 1170 /// memset(dst2, c, dst2_size); 1171 /// \endcode 1172 /// When dst2_size <= dst1_size. 1173 /// 1174 /// The \p MemCpy must have a Constant length. 1175 bool MemCpyOptPass::performMemCpyToMemSetOptzn(MemCpyInst *MemCpy, 1176 MemSetInst *MemSet) { 1177 AliasAnalysis &AA = LookupAliasAnalysis(); 1178 1179 // Make sure that memcpy(..., memset(...), ...), that is we are memsetting and 1180 // memcpying from the same address. Otherwise it is hard to reason about. 1181 if (!AA.isMustAlias(MemSet->getRawDest(), MemCpy->getRawSource())) 1182 return false; 1183 1184 // A known memset size is required. 1185 ConstantInt *MemSetSize = dyn_cast<ConstantInt>(MemSet->getLength()); 1186 if (!MemSetSize) 1187 return false; 1188 1189 // Make sure the memcpy doesn't read any more than what the memset wrote. 1190 // Don't worry about sizes larger than i64. 1191 ConstantInt *CopySize = cast<ConstantInt>(MemCpy->getLength()); 1192 if (CopySize->getZExtValue() > MemSetSize->getZExtValue()) { 1193 // If the memcpy is larger than the memset, but the memory was undef prior 1194 // to the memset, we can just ignore the tail. Technically we're only 1195 // interested in the bytes from MemSetSize..CopySize here, but as we can't 1196 // easily represent this location, we use the full 0..CopySize range. 1197 MemoryLocation MemCpyLoc = MemoryLocation::getForSource(MemCpy); 1198 MemDepResult DepInfo = MD->getPointerDependencyFrom( 1199 MemCpyLoc, true, MemSet->getIterator(), MemSet->getParent()); 1200 if (DepInfo.isDef() && hasUndefContents(DepInfo.getInst(), CopySize)) 1201 CopySize = MemSetSize; 1202 else 1203 return false; 1204 } 1205 1206 IRBuilder<> Builder(MemCpy); 1207 Builder.CreateMemSet(MemCpy->getRawDest(), MemSet->getOperand(1), 1208 CopySize, MemCpy->getDestAlignment()); 1209 return true; 1210 } 1211 1212 /// Perform simplification of memcpy's. If we have memcpy A 1213 /// which copies X to Y, and memcpy B which copies Y to Z, then we can rewrite 1214 /// B to be a memcpy from X to Z (or potentially a memmove, depending on 1215 /// circumstances). This allows later passes to remove the first memcpy 1216 /// altogether. 1217 bool MemCpyOptPass::processMemCpy(MemCpyInst *M) { 1218 // We can only optimize non-volatile memcpy's. 1219 if (M->isVolatile()) return false; 1220 1221 // If the source and destination of the memcpy are the same, then zap it. 1222 if (M->getSource() == M->getDest()) { 1223 MD->removeInstruction(M); 1224 M->eraseFromParent(); 1225 return false; 1226 } 1227 1228 // If copying from a constant, try to turn the memcpy into a memset. 1229 if (GlobalVariable *GV = dyn_cast<GlobalVariable>(M->getSource())) 1230 if (GV->isConstant() && GV->hasDefinitiveInitializer()) 1231 if (Value *ByteVal = isBytewiseValue(GV->getInitializer())) { 1232 IRBuilder<> Builder(M); 1233 Builder.CreateMemSet(M->getRawDest(), ByteVal, M->getLength(), 1234 M->getDestAlignment(), false); 1235 MD->removeInstruction(M); 1236 M->eraseFromParent(); 1237 ++NumCpyToSet; 1238 return true; 1239 } 1240 1241 MemDepResult DepInfo = MD->getDependency(M); 1242 1243 // Try to turn a partially redundant memset + memcpy into 1244 // memcpy + smaller memset. We don't need the memcpy size for this. 1245 if (DepInfo.isClobber()) 1246 if (MemSetInst *MDep = dyn_cast<MemSetInst>(DepInfo.getInst())) 1247 if (processMemSetMemCpyDependence(M, MDep)) 1248 return true; 1249 1250 // The optimizations after this point require the memcpy size. 1251 ConstantInt *CopySize = dyn_cast<ConstantInt>(M->getLength()); 1252 if (!CopySize) return false; 1253 1254 // There are four possible optimizations we can do for memcpy: 1255 // a) memcpy-memcpy xform which exposes redundance for DSE. 1256 // b) call-memcpy xform for return slot optimization. 1257 // c) memcpy from freshly alloca'd space or space that has just started its 1258 // lifetime copies undefined data, and we can therefore eliminate the 1259 // memcpy in favor of the data that was already at the destination. 1260 // d) memcpy from a just-memset'd source can be turned into memset. 1261 if (DepInfo.isClobber()) { 1262 if (CallInst *C = dyn_cast<CallInst>(DepInfo.getInst())) { 1263 // FIXME: Can we pass in either of dest/src alignment here instead 1264 // of conservatively taking the minimum? 1265 unsigned Align = MinAlign(M->getDestAlignment(), M->getSourceAlignment()); 1266 if (performCallSlotOptzn(M, M->getDest(), M->getSource(), 1267 CopySize->getZExtValue(), Align, 1268 C)) { 1269 MD->removeInstruction(M); 1270 M->eraseFromParent(); 1271 return true; 1272 } 1273 } 1274 } 1275 1276 MemoryLocation SrcLoc = MemoryLocation::getForSource(M); 1277 MemDepResult SrcDepInfo = MD->getPointerDependencyFrom( 1278 SrcLoc, true, M->getIterator(), M->getParent()); 1279 1280 if (SrcDepInfo.isClobber()) { 1281 if (MemCpyInst *MDep = dyn_cast<MemCpyInst>(SrcDepInfo.getInst())) 1282 return processMemCpyMemCpyDependence(M, MDep); 1283 } else if (SrcDepInfo.isDef()) { 1284 if (hasUndefContents(SrcDepInfo.getInst(), CopySize)) { 1285 MD->removeInstruction(M); 1286 M->eraseFromParent(); 1287 ++NumMemCpyInstr; 1288 return true; 1289 } 1290 } 1291 1292 if (SrcDepInfo.isClobber()) 1293 if (MemSetInst *MDep = dyn_cast<MemSetInst>(SrcDepInfo.getInst())) 1294 if (performMemCpyToMemSetOptzn(M, MDep)) { 1295 MD->removeInstruction(M); 1296 M->eraseFromParent(); 1297 ++NumCpyToSet; 1298 return true; 1299 } 1300 1301 return false; 1302 } 1303 1304 /// Transforms memmove calls to memcpy calls when the src/dst are guaranteed 1305 /// not to alias. 1306 bool MemCpyOptPass::processMemMove(MemMoveInst *M) { 1307 AliasAnalysis &AA = LookupAliasAnalysis(); 1308 1309 if (!TLI->has(LibFunc_memmove)) 1310 return false; 1311 1312 // See if the pointers alias. 1313 if (!AA.isNoAlias(MemoryLocation::getForDest(M), 1314 MemoryLocation::getForSource(M))) 1315 return false; 1316 1317 LLVM_DEBUG(dbgs() << "MemCpyOptPass: Optimizing memmove -> memcpy: " << *M 1318 << "\n"); 1319 1320 // If not, then we know we can transform this. 1321 Type *ArgTys[3] = { M->getRawDest()->getType(), 1322 M->getRawSource()->getType(), 1323 M->getLength()->getType() }; 1324 M->setCalledFunction(Intrinsic::getDeclaration(M->getModule(), 1325 Intrinsic::memcpy, ArgTys)); 1326 1327 // MemDep may have over conservative information about this instruction, just 1328 // conservatively flush it from the cache. 1329 MD->removeInstruction(M); 1330 1331 ++NumMoveToCpy; 1332 return true; 1333 } 1334 1335 /// This is called on every byval argument in call sites. 1336 bool MemCpyOptPass::processByValArgument(CallSite CS, unsigned ArgNo) { 1337 const DataLayout &DL = CS.getCaller()->getParent()->getDataLayout(); 1338 // Find out what feeds this byval argument. 1339 Value *ByValArg = CS.getArgument(ArgNo); 1340 Type *ByValTy = cast<PointerType>(ByValArg->getType())->getElementType(); 1341 uint64_t ByValSize = DL.getTypeAllocSize(ByValTy); 1342 MemDepResult DepInfo = MD->getPointerDependencyFrom( 1343 MemoryLocation(ByValArg, LocationSize::precise(ByValSize)), true, 1344 CS.getInstruction()->getIterator(), CS.getInstruction()->getParent()); 1345 if (!DepInfo.isClobber()) 1346 return false; 1347 1348 // If the byval argument isn't fed by a memcpy, ignore it. If it is fed by 1349 // a memcpy, see if we can byval from the source of the memcpy instead of the 1350 // result. 1351 MemCpyInst *MDep = dyn_cast<MemCpyInst>(DepInfo.getInst()); 1352 if (!MDep || MDep->isVolatile() || 1353 ByValArg->stripPointerCasts() != MDep->getDest()) 1354 return false; 1355 1356 // The length of the memcpy must be larger or equal to the size of the byval. 1357 ConstantInt *C1 = dyn_cast<ConstantInt>(MDep->getLength()); 1358 if (!C1 || C1->getValue().getZExtValue() < ByValSize) 1359 return false; 1360 1361 // Get the alignment of the byval. If the call doesn't specify the alignment, 1362 // then it is some target specific value that we can't know. 1363 unsigned ByValAlign = CS.getParamAlignment(ArgNo); 1364 if (ByValAlign == 0) return false; 1365 1366 // If it is greater than the memcpy, then we check to see if we can force the 1367 // source of the memcpy to the alignment we need. If we fail, we bail out. 1368 AssumptionCache &AC = LookupAssumptionCache(); 1369 DominatorTree &DT = LookupDomTree(); 1370 if (MDep->getSourceAlignment() < ByValAlign && 1371 getOrEnforceKnownAlignment(MDep->getSource(), ByValAlign, DL, 1372 CS.getInstruction(), &AC, &DT) < ByValAlign) 1373 return false; 1374 1375 // The address space of the memcpy source must match the byval argument 1376 if (MDep->getSource()->getType()->getPointerAddressSpace() != 1377 ByValArg->getType()->getPointerAddressSpace()) 1378 return false; 1379 1380 // Verify that the copied-from memory doesn't change in between the memcpy and 1381 // the byval call. 1382 // memcpy(a <- b) 1383 // *b = 42; 1384 // foo(*a) 1385 // It would be invalid to transform the second memcpy into foo(*b). 1386 // 1387 // NOTE: This is conservative, it will stop on any read from the source loc, 1388 // not just the defining memcpy. 1389 MemDepResult SourceDep = MD->getPointerDependencyFrom( 1390 MemoryLocation::getForSource(MDep), false, 1391 CS.getInstruction()->getIterator(), MDep->getParent()); 1392 if (!SourceDep.isClobber() || SourceDep.getInst() != MDep) 1393 return false; 1394 1395 Value *TmpCast = MDep->getSource(); 1396 if (MDep->getSource()->getType() != ByValArg->getType()) 1397 TmpCast = new BitCastInst(MDep->getSource(), ByValArg->getType(), 1398 "tmpcast", CS.getInstruction()); 1399 1400 LLVM_DEBUG(dbgs() << "MemCpyOptPass: Forwarding memcpy to byval:\n" 1401 << " " << *MDep << "\n" 1402 << " " << *CS.getInstruction() << "\n"); 1403 1404 // Otherwise we're good! Update the byval argument. 1405 CS.setArgument(ArgNo, TmpCast); 1406 ++NumMemCpyInstr; 1407 return true; 1408 } 1409 1410 /// Executes one iteration of MemCpyOptPass. 1411 bool MemCpyOptPass::iterateOnFunction(Function &F) { 1412 bool MadeChange = false; 1413 1414 DominatorTree &DT = LookupDomTree(); 1415 1416 // Walk all instruction in the function. 1417 for (BasicBlock &BB : F) { 1418 // Skip unreachable blocks. For example processStore assumes that an 1419 // instruction in a BB can't be dominated by a later instruction in the 1420 // same BB (which is a scenario that can happen for an unreachable BB that 1421 // has itself as a predecessor). 1422 if (!DT.isReachableFromEntry(&BB)) 1423 continue; 1424 1425 for (BasicBlock::iterator BI = BB.begin(), BE = BB.end(); BI != BE;) { 1426 // Avoid invalidating the iterator. 1427 Instruction *I = &*BI++; 1428 1429 bool RepeatInstruction = false; 1430 1431 if (StoreInst *SI = dyn_cast<StoreInst>(I)) 1432 MadeChange |= processStore(SI, BI); 1433 else if (MemSetInst *M = dyn_cast<MemSetInst>(I)) 1434 RepeatInstruction = processMemSet(M, BI); 1435 else if (MemCpyInst *M = dyn_cast<MemCpyInst>(I)) 1436 RepeatInstruction = processMemCpy(M); 1437 else if (MemMoveInst *M = dyn_cast<MemMoveInst>(I)) 1438 RepeatInstruction = processMemMove(M); 1439 else if (auto CS = CallSite(I)) { 1440 for (unsigned i = 0, e = CS.arg_size(); i != e; ++i) 1441 if (CS.isByValArgument(i)) 1442 MadeChange |= processByValArgument(CS, i); 1443 } 1444 1445 // Reprocess the instruction if desired. 1446 if (RepeatInstruction) { 1447 if (BI != BB.begin()) 1448 --BI; 1449 MadeChange = true; 1450 } 1451 } 1452 } 1453 1454 return MadeChange; 1455 } 1456 1457 PreservedAnalyses MemCpyOptPass::run(Function &F, FunctionAnalysisManager &AM) { 1458 auto &MD = AM.getResult<MemoryDependenceAnalysis>(F); 1459 auto &TLI = AM.getResult<TargetLibraryAnalysis>(F); 1460 1461 auto LookupAliasAnalysis = [&]() -> AliasAnalysis & { 1462 return AM.getResult<AAManager>(F); 1463 }; 1464 auto LookupAssumptionCache = [&]() -> AssumptionCache & { 1465 return AM.getResult<AssumptionAnalysis>(F); 1466 }; 1467 auto LookupDomTree = [&]() -> DominatorTree & { 1468 return AM.getResult<DominatorTreeAnalysis>(F); 1469 }; 1470 1471 bool MadeChange = runImpl(F, &MD, &TLI, LookupAliasAnalysis, 1472 LookupAssumptionCache, LookupDomTree); 1473 if (!MadeChange) 1474 return PreservedAnalyses::all(); 1475 1476 PreservedAnalyses PA; 1477 PA.preserveSet<CFGAnalyses>(); 1478 PA.preserve<GlobalsAA>(); 1479 PA.preserve<MemoryDependenceAnalysis>(); 1480 return PA; 1481 } 1482 1483 bool MemCpyOptPass::runImpl( 1484 Function &F, MemoryDependenceResults *MD_, TargetLibraryInfo *TLI_, 1485 std::function<AliasAnalysis &()> LookupAliasAnalysis_, 1486 std::function<AssumptionCache &()> LookupAssumptionCache_, 1487 std::function<DominatorTree &()> LookupDomTree_) { 1488 bool MadeChange = false; 1489 MD = MD_; 1490 TLI = TLI_; 1491 LookupAliasAnalysis = std::move(LookupAliasAnalysis_); 1492 LookupAssumptionCache = std::move(LookupAssumptionCache_); 1493 LookupDomTree = std::move(LookupDomTree_); 1494 1495 // If we don't have at least memset and memcpy, there is little point of doing 1496 // anything here. These are required by a freestanding implementation, so if 1497 // even they are disabled, there is no point in trying hard. 1498 if (!TLI->has(LibFunc_memset) || !TLI->has(LibFunc_memcpy)) 1499 return false; 1500 1501 while (true) { 1502 if (!iterateOnFunction(F)) 1503 break; 1504 MadeChange = true; 1505 } 1506 1507 MD = nullptr; 1508 return MadeChange; 1509 } 1510 1511 /// This is the main transformation entry point for a function. 1512 bool MemCpyOptLegacyPass::runOnFunction(Function &F) { 1513 if (skipFunction(F)) 1514 return false; 1515 1516 auto *MD = &getAnalysis<MemoryDependenceWrapperPass>().getMemDep(); 1517 auto *TLI = &getAnalysis<TargetLibraryInfoWrapperPass>().getTLI(); 1518 1519 auto LookupAliasAnalysis = [this]() -> AliasAnalysis & { 1520 return getAnalysis<AAResultsWrapperPass>().getAAResults(); 1521 }; 1522 auto LookupAssumptionCache = [this, &F]() -> AssumptionCache & { 1523 return getAnalysis<AssumptionCacheTracker>().getAssumptionCache(F); 1524 }; 1525 auto LookupDomTree = [this]() -> DominatorTree & { 1526 return getAnalysis<DominatorTreeWrapperPass>().getDomTree(); 1527 }; 1528 1529 return Impl.runImpl(F, MD, TLI, LookupAliasAnalysis, LookupAssumptionCache, 1530 LookupDomTree); 1531 } 1532