1 //===- Loads.cpp - Local load analysis ------------------------------------===// 2 // 3 // The LLVM Compiler Infrastructure 4 // 5 // This file is distributed under the University of Illinois Open Source 6 // License. See LICENSE.TXT for details. 7 // 8 //===----------------------------------------------------------------------===// 9 // 10 // This file defines simple local analyses for load instructions. 11 // 12 //===----------------------------------------------------------------------===// 13 14 #include "llvm/Analysis/Loads.h" 15 #include "llvm/Analysis/AliasAnalysis.h" 16 #include "llvm/Analysis/ValueTracking.h" 17 #include "llvm/IR/DataLayout.h" 18 #include "llvm/IR/GlobalAlias.h" 19 #include "llvm/IR/GlobalVariable.h" 20 #include "llvm/IR/IntrinsicInst.h" 21 #include "llvm/IR/LLVMContext.h" 22 #include "llvm/IR/Module.h" 23 #include "llvm/IR/Operator.h" 24 #include "llvm/IR/Statepoint.h" 25 26 using namespace llvm; 27 28 static bool isAligned(const Value *Base, const APInt &Offset, unsigned Align, 29 const DataLayout &DL) { 30 APInt BaseAlign(Offset.getBitWidth(), Base->getPointerAlignment(DL)); 31 32 if (!BaseAlign) { 33 Type *Ty = Base->getType()->getPointerElementType(); 34 if (!Ty->isSized()) 35 return false; 36 BaseAlign = DL.getABITypeAlignment(Ty); 37 } 38 39 APInt Alignment(Offset.getBitWidth(), Align); 40 41 assert(Alignment.isPowerOf2() && "must be a power of 2!"); 42 return BaseAlign.uge(Alignment) && !(Offset & (Alignment-1)); 43 } 44 45 static bool isAligned(const Value *Base, unsigned Align, const DataLayout &DL) { 46 Type *Ty = Base->getType(); 47 assert(Ty->isSized() && "must be sized"); 48 APInt Offset(DL.getTypeStoreSizeInBits(Ty), 0); 49 return isAligned(Base, Offset, Align, DL); 50 } 51 52 /// Test if V is always a pointer to allocated and suitably aligned memory for 53 /// a simple load or store. 54 static bool isDereferenceableAndAlignedPointer( 55 const Value *V, unsigned Align, const APInt &Size, const DataLayout &DL, 56 const Instruction *CtxI, const DominatorTree *DT, 57 SmallPtrSetImpl<const Value *> &Visited) { 58 // Already visited? Bail out, we've likely hit unreachable code. 59 if (!Visited.insert(V).second) 60 return false; 61 62 // Note that it is not safe to speculate into a malloc'd region because 63 // malloc may return null. 64 65 // bitcast instructions are no-ops as far as dereferenceability is concerned. 66 if (const BitCastOperator *BC = dyn_cast<BitCastOperator>(V)) 67 return isDereferenceableAndAlignedPointer(BC->getOperand(0), Align, Size, 68 DL, CtxI, DT, Visited); 69 70 bool CheckForNonNull = false; 71 APInt KnownDerefBytes(Size.getBitWidth(), 72 V->getPointerDereferenceableBytes(DL, CheckForNonNull)); 73 if (KnownDerefBytes.getBoolValue()) { 74 if (KnownDerefBytes.uge(Size)) 75 if (!CheckForNonNull || isKnownNonNullAt(V, CtxI, DT)) 76 return isAligned(V, Align, DL); 77 } 78 79 // For GEPs, determine if the indexing lands within the allocated object. 80 if (const GEPOperator *GEP = dyn_cast<GEPOperator>(V)) { 81 const Value *Base = GEP->getPointerOperand(); 82 83 APInt Offset(DL.getPointerTypeSizeInBits(GEP->getType()), 0); 84 if (!GEP->accumulateConstantOffset(DL, Offset) || Offset.isNegative() || 85 !Offset.urem(APInt(Offset.getBitWidth(), Align)).isMinValue()) 86 return false; 87 88 // If the base pointer is dereferenceable for Offset+Size bytes, then the 89 // GEP (== Base + Offset) is dereferenceable for Size bytes. If the base 90 // pointer is aligned to Align bytes, and the Offset is divisible by Align 91 // then the GEP (== Base + Offset == k_0 * Align + k_1 * Align) is also 92 // aligned to Align bytes. 93 94 // Offset and Size may have different bit widths if we have visited an 95 // addrspacecast, so we can't do arithmetic directly on the APInt values. 96 return isDereferenceableAndAlignedPointer( 97 Base, Align, Offset + Size.sextOrTrunc(Offset.getBitWidth()), 98 DL, CtxI, DT, Visited); 99 } 100 101 // For gc.relocate, look through relocations 102 if (const GCRelocateInst *RelocateInst = dyn_cast<GCRelocateInst>(V)) 103 return isDereferenceableAndAlignedPointer( 104 RelocateInst->getDerivedPtr(), Align, Size, DL, CtxI, DT, Visited); 105 106 if (const AddrSpaceCastInst *ASC = dyn_cast<AddrSpaceCastInst>(V)) 107 return isDereferenceableAndAlignedPointer(ASC->getOperand(0), Align, Size, 108 DL, CtxI, DT, Visited); 109 110 if (auto CS = ImmutableCallSite(V)) 111 if (const Value *RV = CS.getReturnedArgOperand()) 112 return isDereferenceableAndAlignedPointer(RV, Align, Size, DL, CtxI, DT, 113 Visited); 114 115 // If we don't know, assume the worst. 116 return false; 117 } 118 119 bool llvm::isDereferenceableAndAlignedPointer(const Value *V, unsigned Align, 120 const DataLayout &DL, 121 const Instruction *CtxI, 122 const DominatorTree *DT) { 123 // When dereferenceability information is provided by a dereferenceable 124 // attribute, we know exactly how many bytes are dereferenceable. If we can 125 // determine the exact offset to the attributed variable, we can use that 126 // information here. 127 Type *VTy = V->getType(); 128 Type *Ty = VTy->getPointerElementType(); 129 130 // Require ABI alignment for loads without alignment specification 131 if (Align == 0) 132 Align = DL.getABITypeAlignment(Ty); 133 134 if (!Ty->isSized()) 135 return false; 136 137 SmallPtrSet<const Value *, 32> Visited; 138 return ::isDereferenceableAndAlignedPointer( 139 V, Align, APInt(DL.getTypeSizeInBits(VTy), DL.getTypeStoreSize(Ty)), DL, 140 CtxI, DT, Visited); 141 } 142 143 bool llvm::isDereferenceablePointer(const Value *V, const DataLayout &DL, 144 const Instruction *CtxI, 145 const DominatorTree *DT) { 146 return isDereferenceableAndAlignedPointer(V, 1, DL, CtxI, DT); 147 } 148 149 /// \brief Test if A and B will obviously have the same value. 150 /// 151 /// This includes recognizing that %t0 and %t1 will have the same 152 /// value in code like this: 153 /// \code 154 /// %t0 = getelementptr \@a, 0, 3 155 /// store i32 0, i32* %t0 156 /// %t1 = getelementptr \@a, 0, 3 157 /// %t2 = load i32* %t1 158 /// \endcode 159 /// 160 static bool AreEquivalentAddressValues(const Value *A, const Value *B) { 161 // Test if the values are trivially equivalent. 162 if (A == B) 163 return true; 164 165 // Test if the values come from identical arithmetic instructions. 166 // Use isIdenticalToWhenDefined instead of isIdenticalTo because 167 // this function is only used when one address use dominates the 168 // other, which means that they'll always either have the same 169 // value or one of them will have an undefined value. 170 if (isa<BinaryOperator>(A) || isa<CastInst>(A) || isa<PHINode>(A) || 171 isa<GetElementPtrInst>(A)) 172 if (const Instruction *BI = dyn_cast<Instruction>(B)) 173 if (cast<Instruction>(A)->isIdenticalToWhenDefined(BI)) 174 return true; 175 176 // Otherwise they may not be equivalent. 177 return false; 178 } 179 180 /// \brief Check if executing a load of this pointer value cannot trap. 181 /// 182 /// If DT and ScanFrom are specified this method performs context-sensitive 183 /// analysis and returns true if it is safe to load immediately before ScanFrom. 184 /// 185 /// If it is not obviously safe to load from the specified pointer, we do 186 /// a quick local scan of the basic block containing \c ScanFrom, to determine 187 /// if the address is already accessed. 188 /// 189 /// This uses the pointee type to determine how many bytes need to be safe to 190 /// load from the pointer. 191 bool llvm::isSafeToLoadUnconditionally(Value *V, unsigned Align, 192 const DataLayout &DL, 193 Instruction *ScanFrom, 194 const DominatorTree *DT) { 195 // Zero alignment means that the load has the ABI alignment for the target 196 if (Align == 0) 197 Align = DL.getABITypeAlignment(V->getType()->getPointerElementType()); 198 assert(isPowerOf2_32(Align)); 199 200 // If DT is not specified we can't make context-sensitive query 201 const Instruction* CtxI = DT ? ScanFrom : nullptr; 202 if (isDereferenceableAndAlignedPointer(V, Align, DL, CtxI, DT)) 203 return true; 204 205 int64_t ByteOffset = 0; 206 Value *Base = V; 207 Base = GetPointerBaseWithConstantOffset(V, ByteOffset, DL); 208 209 if (ByteOffset < 0) // out of bounds 210 return false; 211 212 Type *BaseType = nullptr; 213 unsigned BaseAlign = 0; 214 if (const AllocaInst *AI = dyn_cast<AllocaInst>(Base)) { 215 // An alloca is safe to load from as load as it is suitably aligned. 216 BaseType = AI->getAllocatedType(); 217 BaseAlign = AI->getAlignment(); 218 } else if (const GlobalVariable *GV = dyn_cast<GlobalVariable>(Base)) { 219 // Global variables are not necessarily safe to load from if they are 220 // interposed arbitrarily. Their size may change or they may be weak and 221 // require a test to determine if they were in fact provided. 222 if (!GV->isInterposable()) { 223 BaseType = GV->getType()->getElementType(); 224 BaseAlign = GV->getAlignment(); 225 } 226 } 227 228 PointerType *AddrTy = cast<PointerType>(V->getType()); 229 uint64_t LoadSize = DL.getTypeStoreSize(AddrTy->getElementType()); 230 231 // If we found a base allocated type from either an alloca or global variable, 232 // try to see if we are definitively within the allocated region. We need to 233 // know the size of the base type and the loaded type to do anything in this 234 // case. 235 if (BaseType && BaseType->isSized()) { 236 if (BaseAlign == 0) 237 BaseAlign = DL.getPrefTypeAlignment(BaseType); 238 239 if (Align <= BaseAlign) { 240 // Check if the load is within the bounds of the underlying object. 241 if (ByteOffset + LoadSize <= DL.getTypeAllocSize(BaseType) && 242 ((ByteOffset % Align) == 0)) 243 return true; 244 } 245 } 246 247 if (!ScanFrom) 248 return false; 249 250 // Otherwise, be a little bit aggressive by scanning the local block where we 251 // want to check to see if the pointer is already being loaded or stored 252 // from/to. If so, the previous load or store would have already trapped, 253 // so there is no harm doing an extra load (also, CSE will later eliminate 254 // the load entirely). 255 BasicBlock::iterator BBI = ScanFrom->getIterator(), 256 E = ScanFrom->getParent()->begin(); 257 258 // We can at least always strip pointer casts even though we can't use the 259 // base here. 260 V = V->stripPointerCasts(); 261 262 while (BBI != E) { 263 --BBI; 264 265 // If we see a free or a call which may write to memory (i.e. which might do 266 // a free) the pointer could be marked invalid. 267 if (isa<CallInst>(BBI) && BBI->mayWriteToMemory() && 268 !isa<DbgInfoIntrinsic>(BBI)) 269 return false; 270 271 Value *AccessedPtr; 272 unsigned AccessedAlign; 273 if (LoadInst *LI = dyn_cast<LoadInst>(BBI)) { 274 AccessedPtr = LI->getPointerOperand(); 275 AccessedAlign = LI->getAlignment(); 276 } else if (StoreInst *SI = dyn_cast<StoreInst>(BBI)) { 277 AccessedPtr = SI->getPointerOperand(); 278 AccessedAlign = SI->getAlignment(); 279 } else 280 continue; 281 282 Type *AccessedTy = AccessedPtr->getType()->getPointerElementType(); 283 if (AccessedAlign == 0) 284 AccessedAlign = DL.getABITypeAlignment(AccessedTy); 285 if (AccessedAlign < Align) 286 continue; 287 288 // Handle trivial cases. 289 if (AccessedPtr == V) 290 return true; 291 292 if (AreEquivalentAddressValues(AccessedPtr->stripPointerCasts(), V) && 293 LoadSize <= DL.getTypeStoreSize(AccessedTy)) 294 return true; 295 } 296 return false; 297 } 298 299 /// DefMaxInstsToScan - the default number of maximum instructions 300 /// to scan in the block, used by FindAvailableLoadedValue(). 301 /// FindAvailableLoadedValue() was introduced in r60148, to improve jump 302 /// threading in part by eliminating partially redundant loads. 303 /// At that point, the value of MaxInstsToScan was already set to '6' 304 /// without documented explanation. 305 cl::opt<unsigned> 306 llvm::DefMaxInstsToScan("available-load-scan-limit", cl::init(6), cl::Hidden, 307 cl::desc("Use this to specify the default maximum number of instructions " 308 "to scan backward from a given instruction, when searching for " 309 "available loaded value")); 310 311 Value *llvm::FindAvailableLoadedValue(LoadInst *Load, 312 BasicBlock *ScanBB, 313 BasicBlock::iterator &ScanFrom, 314 unsigned MaxInstsToScan, 315 AliasAnalysis *AA, bool *IsLoad, 316 unsigned *NumScanedInst) { 317 // Don't CSE load that is volatile or anything stronger than unordered. 318 if (!Load->isUnordered()) 319 return nullptr; 320 321 return FindAvailablePtrLoadStore( 322 Load->getPointerOperand(), Load->getType(), Load->isAtomic(), ScanBB, 323 ScanFrom, MaxInstsToScan, AA, IsLoad, NumScanedInst); 324 } 325 326 Value *llvm::FindAvailablePtrLoadStore(Value *Ptr, Type *AccessTy, 327 bool AtLeastAtomic, BasicBlock *ScanBB, 328 BasicBlock::iterator &ScanFrom, 329 unsigned MaxInstsToScan, 330 AliasAnalysis *AA, bool *IsLoadCSE, 331 unsigned *NumScanedInst) { 332 if (MaxInstsToScan == 0) 333 MaxInstsToScan = ~0U; 334 335 const DataLayout &DL = ScanBB->getModule()->getDataLayout(); 336 337 // Try to get the store size for the type. 338 uint64_t AccessSize = DL.getTypeStoreSize(AccessTy); 339 340 Value *StrippedPtr = Ptr->stripPointerCasts(); 341 342 while (ScanFrom != ScanBB->begin()) { 343 // We must ignore debug info directives when counting (otherwise they 344 // would affect codegen). 345 Instruction *Inst = &*--ScanFrom; 346 if (isa<DbgInfoIntrinsic>(Inst)) 347 continue; 348 349 // Restore ScanFrom to expected value in case next test succeeds 350 ScanFrom++; 351 352 if (NumScanedInst) 353 ++(*NumScanedInst); 354 355 // Don't scan huge blocks. 356 if (MaxInstsToScan-- == 0) 357 return nullptr; 358 359 --ScanFrom; 360 // If this is a load of Ptr, the loaded value is available. 361 // (This is true even if the load is volatile or atomic, although 362 // those cases are unlikely.) 363 if (LoadInst *LI = dyn_cast<LoadInst>(Inst)) 364 if (AreEquivalentAddressValues( 365 LI->getPointerOperand()->stripPointerCasts(), StrippedPtr) && 366 CastInst::isBitOrNoopPointerCastable(LI->getType(), AccessTy, DL)) { 367 368 // We can value forward from an atomic to a non-atomic, but not the 369 // other way around. 370 if (LI->isAtomic() < AtLeastAtomic) 371 return nullptr; 372 373 if (IsLoadCSE) 374 *IsLoadCSE = true; 375 return LI; 376 } 377 378 if (StoreInst *SI = dyn_cast<StoreInst>(Inst)) { 379 Value *StorePtr = SI->getPointerOperand()->stripPointerCasts(); 380 // If this is a store through Ptr, the value is available! 381 // (This is true even if the store is volatile or atomic, although 382 // those cases are unlikely.) 383 if (AreEquivalentAddressValues(StorePtr, StrippedPtr) && 384 CastInst::isBitOrNoopPointerCastable(SI->getValueOperand()->getType(), 385 AccessTy, DL)) { 386 387 // We can value forward from an atomic to a non-atomic, but not the 388 // other way around. 389 if (SI->isAtomic() < AtLeastAtomic) 390 return nullptr; 391 392 if (IsLoadCSE) 393 *IsLoadCSE = false; 394 return SI->getOperand(0); 395 } 396 397 // If both StrippedPtr and StorePtr reach all the way to an alloca or 398 // global and they are different, ignore the store. This is a trivial form 399 // of alias analysis that is important for reg2mem'd code. 400 if ((isa<AllocaInst>(StrippedPtr) || isa<GlobalVariable>(StrippedPtr)) && 401 (isa<AllocaInst>(StorePtr) || isa<GlobalVariable>(StorePtr)) && 402 StrippedPtr != StorePtr) 403 continue; 404 405 // If we have alias analysis and it says the store won't modify the loaded 406 // value, ignore the store. 407 if (AA && (AA->getModRefInfo(SI, StrippedPtr, AccessSize) & MRI_Mod) == 0) 408 continue; 409 410 // Otherwise the store that may or may not alias the pointer, bail out. 411 ++ScanFrom; 412 return nullptr; 413 } 414 415 // If this is some other instruction that may clobber Ptr, bail out. 416 if (Inst->mayWriteToMemory()) { 417 // If alias analysis claims that it really won't modify the load, 418 // ignore it. 419 if (AA && 420 (AA->getModRefInfo(Inst, StrippedPtr, AccessSize) & MRI_Mod) == 0) 421 continue; 422 423 // May modify the pointer, bail out. 424 ++ScanFrom; 425 return nullptr; 426 } 427 } 428 429 // Got to the start of the block, we didn't find it, but are done for this 430 // block. 431 return nullptr; 432 } 433