1 //===- GlobalOpt.cpp - Optimize Global Variables --------------------------===// 2 // 3 // The LLVM Compiler Infrastructure 4 // 5 // This file is distributed under the University of Illinois Open Source 6 // License. See LICENSE.TXT for details. 7 // 8 //===----------------------------------------------------------------------===// 9 // 10 // This pass transforms simple global variables that never have their address 11 // taken. If obviously true, it marks read/write globals as constant, deletes 12 // variables only stored to, etc. 13 // 14 //===----------------------------------------------------------------------===// 15 16 #include "llvm/Transforms/IPO.h" 17 #include "llvm/ADT/DenseMap.h" 18 #include "llvm/ADT/STLExtras.h" 19 #include "llvm/ADT/SmallPtrSet.h" 20 #include "llvm/ADT/SmallSet.h" 21 #include "llvm/ADT/SmallVector.h" 22 #include "llvm/ADT/Statistic.h" 23 #include "llvm/Analysis/ConstantFolding.h" 24 #include "llvm/Analysis/MemoryBuiltins.h" 25 #include "llvm/Analysis/TargetLibraryInfo.h" 26 #include "llvm/IR/CallSite.h" 27 #include "llvm/IR/CallingConv.h" 28 #include "llvm/IR/Constants.h" 29 #include "llvm/IR/DataLayout.h" 30 #include "llvm/IR/DerivedTypes.h" 31 #include "llvm/IR/Dominators.h" 32 #include "llvm/IR/GetElementPtrTypeIterator.h" 33 #include "llvm/IR/Instructions.h" 34 #include "llvm/IR/IntrinsicInst.h" 35 #include "llvm/IR/Module.h" 36 #include "llvm/IR/Operator.h" 37 #include "llvm/IR/ValueHandle.h" 38 #include "llvm/Pass.h" 39 #include "llvm/Support/Debug.h" 40 #include "llvm/Support/ErrorHandling.h" 41 #include "llvm/Support/MathExtras.h" 42 #include "llvm/Support/raw_ostream.h" 43 #include "llvm/Transforms/Utils/CtorUtils.h" 44 #include "llvm/Transforms/Utils/GlobalStatus.h" 45 #include "llvm/Transforms/Utils/ModuleUtils.h" 46 #include <algorithm> 47 #include <deque> 48 using namespace llvm; 49 50 #define DEBUG_TYPE "globalopt" 51 52 STATISTIC(NumMarked , "Number of globals marked constant"); 53 STATISTIC(NumUnnamed , "Number of globals marked unnamed_addr"); 54 STATISTIC(NumSRA , "Number of aggregate globals broken into scalars"); 55 STATISTIC(NumHeapSRA , "Number of heap objects SRA'd"); 56 STATISTIC(NumSubstitute,"Number of globals with initializers stored into them"); 57 STATISTIC(NumDeleted , "Number of globals deleted"); 58 STATISTIC(NumGlobUses , "Number of global uses devirtualized"); 59 STATISTIC(NumLocalized , "Number of globals localized"); 60 STATISTIC(NumShrunkToBool , "Number of global vars shrunk to booleans"); 61 STATISTIC(NumFastCallFns , "Number of functions converted to fastcc"); 62 STATISTIC(NumCtorsEvaluated, "Number of static ctors evaluated"); 63 STATISTIC(NumNestRemoved , "Number of nest attributes removed"); 64 STATISTIC(NumAliasesResolved, "Number of global aliases resolved"); 65 STATISTIC(NumAliasesRemoved, "Number of global aliases eliminated"); 66 STATISTIC(NumCXXDtorsRemoved, "Number of global C++ destructors removed"); 67 68 namespace { 69 struct GlobalOpt : public ModulePass { 70 void getAnalysisUsage(AnalysisUsage &AU) const override { 71 AU.addRequired<TargetLibraryInfoWrapperPass>(); 72 AU.addRequired<DominatorTreeWrapperPass>(); 73 } 74 static char ID; // Pass identification, replacement for typeid 75 GlobalOpt() : ModulePass(ID) { 76 initializeGlobalOptPass(*PassRegistry::getPassRegistry()); 77 } 78 79 bool runOnModule(Module &M) override; 80 81 private: 82 bool OptimizeFunctions(Module &M); 83 bool OptimizeGlobalVars(Module &M); 84 bool OptimizeGlobalAliases(Module &M); 85 bool deleteIfDead(GlobalValue &GV); 86 bool processGlobal(GlobalValue &GV); 87 bool processInternalGlobal(GlobalVariable *GV, const GlobalStatus &GS); 88 bool OptimizeEmptyGlobalCXXDtors(Function *CXAAtExitFn); 89 90 bool isPointerValueDeadOnEntryToFunction(const Function *F, 91 GlobalValue *GV); 92 93 TargetLibraryInfo *TLI; 94 SmallSet<const Comdat *, 8> NotDiscardableComdats; 95 }; 96 } 97 98 char GlobalOpt::ID = 0; 99 INITIALIZE_PASS_BEGIN(GlobalOpt, "globalopt", 100 "Global Variable Optimizer", false, false) 101 INITIALIZE_PASS_DEPENDENCY(TargetLibraryInfoWrapperPass) 102 INITIALIZE_PASS_DEPENDENCY(DominatorTreeWrapperPass) 103 INITIALIZE_PASS_END(GlobalOpt, "globalopt", 104 "Global Variable Optimizer", false, false) 105 106 ModulePass *llvm::createGlobalOptimizerPass() { return new GlobalOpt(); } 107 108 /// Is this global variable possibly used by a leak checker as a root? If so, 109 /// we might not really want to eliminate the stores to it. 110 static bool isLeakCheckerRoot(GlobalVariable *GV) { 111 // A global variable is a root if it is a pointer, or could plausibly contain 112 // a pointer. There are two challenges; one is that we could have a struct 113 // the has an inner member which is a pointer. We recurse through the type to 114 // detect these (up to a point). The other is that we may actually be a union 115 // of a pointer and another type, and so our LLVM type is an integer which 116 // gets converted into a pointer, or our type is an [i8 x #] with a pointer 117 // potentially contained here. 118 119 if (GV->hasPrivateLinkage()) 120 return false; 121 122 SmallVector<Type *, 4> Types; 123 Types.push_back(GV->getValueType()); 124 125 unsigned Limit = 20; 126 do { 127 Type *Ty = Types.pop_back_val(); 128 switch (Ty->getTypeID()) { 129 default: break; 130 case Type::PointerTyID: return true; 131 case Type::ArrayTyID: 132 case Type::VectorTyID: { 133 SequentialType *STy = cast<SequentialType>(Ty); 134 Types.push_back(STy->getElementType()); 135 break; 136 } 137 case Type::StructTyID: { 138 StructType *STy = cast<StructType>(Ty); 139 if (STy->isOpaque()) return true; 140 for (StructType::element_iterator I = STy->element_begin(), 141 E = STy->element_end(); I != E; ++I) { 142 Type *InnerTy = *I; 143 if (isa<PointerType>(InnerTy)) return true; 144 if (isa<CompositeType>(InnerTy)) 145 Types.push_back(InnerTy); 146 } 147 break; 148 } 149 } 150 if (--Limit == 0) return true; 151 } while (!Types.empty()); 152 return false; 153 } 154 155 /// Given a value that is stored to a global but never read, determine whether 156 /// it's safe to remove the store and the chain of computation that feeds the 157 /// store. 158 static bool IsSafeComputationToRemove(Value *V, const TargetLibraryInfo *TLI) { 159 do { 160 if (isa<Constant>(V)) 161 return true; 162 if (!V->hasOneUse()) 163 return false; 164 if (isa<LoadInst>(V) || isa<InvokeInst>(V) || isa<Argument>(V) || 165 isa<GlobalValue>(V)) 166 return false; 167 if (isAllocationFn(V, TLI)) 168 return true; 169 170 Instruction *I = cast<Instruction>(V); 171 if (I->mayHaveSideEffects()) 172 return false; 173 if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(I)) { 174 if (!GEP->hasAllConstantIndices()) 175 return false; 176 } else if (I->getNumOperands() != 1) { 177 return false; 178 } 179 180 V = I->getOperand(0); 181 } while (1); 182 } 183 184 /// This GV is a pointer root. Loop over all users of the global and clean up 185 /// any that obviously don't assign the global a value that isn't dynamically 186 /// allocated. 187 static bool CleanupPointerRootUsers(GlobalVariable *GV, 188 const TargetLibraryInfo *TLI) { 189 // A brief explanation of leak checkers. The goal is to find bugs where 190 // pointers are forgotten, causing an accumulating growth in memory 191 // usage over time. The common strategy for leak checkers is to whitelist the 192 // memory pointed to by globals at exit. This is popular because it also 193 // solves another problem where the main thread of a C++ program may shut down 194 // before other threads that are still expecting to use those globals. To 195 // handle that case, we expect the program may create a singleton and never 196 // destroy it. 197 198 bool Changed = false; 199 200 // If Dead[n].first is the only use of a malloc result, we can delete its 201 // chain of computation and the store to the global in Dead[n].second. 202 SmallVector<std::pair<Instruction *, Instruction *>, 32> Dead; 203 204 // Constants can't be pointers to dynamically allocated memory. 205 for (Value::user_iterator UI = GV->user_begin(), E = GV->user_end(); 206 UI != E;) { 207 User *U = *UI++; 208 if (StoreInst *SI = dyn_cast<StoreInst>(U)) { 209 Value *V = SI->getValueOperand(); 210 if (isa<Constant>(V)) { 211 Changed = true; 212 SI->eraseFromParent(); 213 } else if (Instruction *I = dyn_cast<Instruction>(V)) { 214 if (I->hasOneUse()) 215 Dead.push_back(std::make_pair(I, SI)); 216 } 217 } else if (MemSetInst *MSI = dyn_cast<MemSetInst>(U)) { 218 if (isa<Constant>(MSI->getValue())) { 219 Changed = true; 220 MSI->eraseFromParent(); 221 } else if (Instruction *I = dyn_cast<Instruction>(MSI->getValue())) { 222 if (I->hasOneUse()) 223 Dead.push_back(std::make_pair(I, MSI)); 224 } 225 } else if (MemTransferInst *MTI = dyn_cast<MemTransferInst>(U)) { 226 GlobalVariable *MemSrc = dyn_cast<GlobalVariable>(MTI->getSource()); 227 if (MemSrc && MemSrc->isConstant()) { 228 Changed = true; 229 MTI->eraseFromParent(); 230 } else if (Instruction *I = dyn_cast<Instruction>(MemSrc)) { 231 if (I->hasOneUse()) 232 Dead.push_back(std::make_pair(I, MTI)); 233 } 234 } else if (ConstantExpr *CE = dyn_cast<ConstantExpr>(U)) { 235 if (CE->use_empty()) { 236 CE->destroyConstant(); 237 Changed = true; 238 } 239 } else if (Constant *C = dyn_cast<Constant>(U)) { 240 if (isSafeToDestroyConstant(C)) { 241 C->destroyConstant(); 242 // This could have invalidated UI, start over from scratch. 243 Dead.clear(); 244 CleanupPointerRootUsers(GV, TLI); 245 return true; 246 } 247 } 248 } 249 250 for (int i = 0, e = Dead.size(); i != e; ++i) { 251 if (IsSafeComputationToRemove(Dead[i].first, TLI)) { 252 Dead[i].second->eraseFromParent(); 253 Instruction *I = Dead[i].first; 254 do { 255 if (isAllocationFn(I, TLI)) 256 break; 257 Instruction *J = dyn_cast<Instruction>(I->getOperand(0)); 258 if (!J) 259 break; 260 I->eraseFromParent(); 261 I = J; 262 } while (1); 263 I->eraseFromParent(); 264 } 265 } 266 267 return Changed; 268 } 269 270 /// We just marked GV constant. Loop over all users of the global, cleaning up 271 /// the obvious ones. This is largely just a quick scan over the use list to 272 /// clean up the easy and obvious cruft. This returns true if it made a change. 273 static bool CleanupConstantGlobalUsers(Value *V, Constant *Init, 274 const DataLayout &DL, 275 TargetLibraryInfo *TLI) { 276 bool Changed = false; 277 // Note that we need to use a weak value handle for the worklist items. When 278 // we delete a constant array, we may also be holding pointer to one of its 279 // elements (or an element of one of its elements if we're dealing with an 280 // array of arrays) in the worklist. 281 SmallVector<WeakVH, 8> WorkList(V->user_begin(), V->user_end()); 282 while (!WorkList.empty()) { 283 Value *UV = WorkList.pop_back_val(); 284 if (!UV) 285 continue; 286 287 User *U = cast<User>(UV); 288 289 if (LoadInst *LI = dyn_cast<LoadInst>(U)) { 290 if (Init) { 291 // Replace the load with the initializer. 292 LI->replaceAllUsesWith(Init); 293 LI->eraseFromParent(); 294 Changed = true; 295 } 296 } else if (StoreInst *SI = dyn_cast<StoreInst>(U)) { 297 // Store must be unreachable or storing Init into the global. 298 SI->eraseFromParent(); 299 Changed = true; 300 } else if (ConstantExpr *CE = dyn_cast<ConstantExpr>(U)) { 301 if (CE->getOpcode() == Instruction::GetElementPtr) { 302 Constant *SubInit = nullptr; 303 if (Init) 304 SubInit = ConstantFoldLoadThroughGEPConstantExpr(Init, CE); 305 Changed |= CleanupConstantGlobalUsers(CE, SubInit, DL, TLI); 306 } else if ((CE->getOpcode() == Instruction::BitCast && 307 CE->getType()->isPointerTy()) || 308 CE->getOpcode() == Instruction::AddrSpaceCast) { 309 // Pointer cast, delete any stores and memsets to the global. 310 Changed |= CleanupConstantGlobalUsers(CE, nullptr, DL, TLI); 311 } 312 313 if (CE->use_empty()) { 314 CE->destroyConstant(); 315 Changed = true; 316 } 317 } else if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(U)) { 318 // Do not transform "gepinst (gep constexpr (GV))" here, because forming 319 // "gepconstexpr (gep constexpr (GV))" will cause the two gep's to fold 320 // and will invalidate our notion of what Init is. 321 Constant *SubInit = nullptr; 322 if (!isa<ConstantExpr>(GEP->getOperand(0))) { 323 ConstantExpr *CE = dyn_cast_or_null<ConstantExpr>( 324 ConstantFoldInstruction(GEP, DL, TLI)); 325 if (Init && CE && CE->getOpcode() == Instruction::GetElementPtr) 326 SubInit = ConstantFoldLoadThroughGEPConstantExpr(Init, CE); 327 328 // If the initializer is an all-null value and we have an inbounds GEP, 329 // we already know what the result of any load from that GEP is. 330 // TODO: Handle splats. 331 if (Init && isa<ConstantAggregateZero>(Init) && GEP->isInBounds()) 332 SubInit = Constant::getNullValue(GEP->getResultElementType()); 333 } 334 Changed |= CleanupConstantGlobalUsers(GEP, SubInit, DL, TLI); 335 336 if (GEP->use_empty()) { 337 GEP->eraseFromParent(); 338 Changed = true; 339 } 340 } else if (MemIntrinsic *MI = dyn_cast<MemIntrinsic>(U)) { // memset/cpy/mv 341 if (MI->getRawDest() == V) { 342 MI->eraseFromParent(); 343 Changed = true; 344 } 345 346 } else if (Constant *C = dyn_cast<Constant>(U)) { 347 // If we have a chain of dead constantexprs or other things dangling from 348 // us, and if they are all dead, nuke them without remorse. 349 if (isSafeToDestroyConstant(C)) { 350 C->destroyConstant(); 351 CleanupConstantGlobalUsers(V, Init, DL, TLI); 352 return true; 353 } 354 } 355 } 356 return Changed; 357 } 358 359 /// Return true if the specified instruction is a safe user of a derived 360 /// expression from a global that we want to SROA. 361 static bool isSafeSROAElementUse(Value *V) { 362 // We might have a dead and dangling constant hanging off of here. 363 if (Constant *C = dyn_cast<Constant>(V)) 364 return isSafeToDestroyConstant(C); 365 366 Instruction *I = dyn_cast<Instruction>(V); 367 if (!I) return false; 368 369 // Loads are ok. 370 if (isa<LoadInst>(I)) return true; 371 372 // Stores *to* the pointer are ok. 373 if (StoreInst *SI = dyn_cast<StoreInst>(I)) 374 return SI->getOperand(0) != V; 375 376 // Otherwise, it must be a GEP. 377 GetElementPtrInst *GEPI = dyn_cast<GetElementPtrInst>(I); 378 if (!GEPI) return false; 379 380 if (GEPI->getNumOperands() < 3 || !isa<Constant>(GEPI->getOperand(1)) || 381 !cast<Constant>(GEPI->getOperand(1))->isNullValue()) 382 return false; 383 384 for (User *U : GEPI->users()) 385 if (!isSafeSROAElementUse(U)) 386 return false; 387 return true; 388 } 389 390 391 /// U is a direct user of the specified global value. Look at it and its uses 392 /// and decide whether it is safe to SROA this global. 393 static bool IsUserOfGlobalSafeForSRA(User *U, GlobalValue *GV) { 394 // The user of the global must be a GEP Inst or a ConstantExpr GEP. 395 if (!isa<GetElementPtrInst>(U) && 396 (!isa<ConstantExpr>(U) || 397 cast<ConstantExpr>(U)->getOpcode() != Instruction::GetElementPtr)) 398 return false; 399 400 // Check to see if this ConstantExpr GEP is SRA'able. In particular, we 401 // don't like < 3 operand CE's, and we don't like non-constant integer 402 // indices. This enforces that all uses are 'gep GV, 0, C, ...' for some 403 // value of C. 404 if (U->getNumOperands() < 3 || !isa<Constant>(U->getOperand(1)) || 405 !cast<Constant>(U->getOperand(1))->isNullValue() || 406 !isa<ConstantInt>(U->getOperand(2))) 407 return false; 408 409 gep_type_iterator GEPI = gep_type_begin(U), E = gep_type_end(U); 410 ++GEPI; // Skip over the pointer index. 411 412 // If this is a use of an array allocation, do a bit more checking for sanity. 413 if (ArrayType *AT = dyn_cast<ArrayType>(*GEPI)) { 414 uint64_t NumElements = AT->getNumElements(); 415 ConstantInt *Idx = cast<ConstantInt>(U->getOperand(2)); 416 417 // Check to make sure that index falls within the array. If not, 418 // something funny is going on, so we won't do the optimization. 419 // 420 if (Idx->getZExtValue() >= NumElements) 421 return false; 422 423 // We cannot scalar repl this level of the array unless any array 424 // sub-indices are in-range constants. In particular, consider: 425 // A[0][i]. We cannot know that the user isn't doing invalid things like 426 // allowing i to index an out-of-range subscript that accesses A[1]. 427 // 428 // Scalar replacing *just* the outer index of the array is probably not 429 // going to be a win anyway, so just give up. 430 for (++GEPI; // Skip array index. 431 GEPI != E; 432 ++GEPI) { 433 uint64_t NumElements; 434 if (ArrayType *SubArrayTy = dyn_cast<ArrayType>(*GEPI)) 435 NumElements = SubArrayTy->getNumElements(); 436 else if (VectorType *SubVectorTy = dyn_cast<VectorType>(*GEPI)) 437 NumElements = SubVectorTy->getNumElements(); 438 else { 439 assert((*GEPI)->isStructTy() && 440 "Indexed GEP type is not array, vector, or struct!"); 441 continue; 442 } 443 444 ConstantInt *IdxVal = dyn_cast<ConstantInt>(GEPI.getOperand()); 445 if (!IdxVal || IdxVal->getZExtValue() >= NumElements) 446 return false; 447 } 448 } 449 450 for (User *UU : U->users()) 451 if (!isSafeSROAElementUse(UU)) 452 return false; 453 454 return true; 455 } 456 457 /// Look at all uses of the global and decide whether it is safe for us to 458 /// perform this transformation. 459 static bool GlobalUsersSafeToSRA(GlobalValue *GV) { 460 for (User *U : GV->users()) 461 if (!IsUserOfGlobalSafeForSRA(U, GV)) 462 return false; 463 464 return true; 465 } 466 467 468 /// Perform scalar replacement of aggregates on the specified global variable. 469 /// This opens the door for other optimizations by exposing the behavior of the 470 /// program in a more fine-grained way. We have determined that this 471 /// transformation is safe already. We return the first global variable we 472 /// insert so that the caller can reprocess it. 473 static GlobalVariable *SRAGlobal(GlobalVariable *GV, const DataLayout &DL) { 474 // Make sure this global only has simple uses that we can SRA. 475 if (!GlobalUsersSafeToSRA(GV)) 476 return nullptr; 477 478 assert(GV->hasLocalLinkage() && !GV->isConstant()); 479 Constant *Init = GV->getInitializer(); 480 Type *Ty = Init->getType(); 481 482 std::vector<GlobalVariable*> NewGlobals; 483 Module::GlobalListType &Globals = GV->getParent()->getGlobalList(); 484 485 // Get the alignment of the global, either explicit or target-specific. 486 unsigned StartAlignment = GV->getAlignment(); 487 if (StartAlignment == 0) 488 StartAlignment = DL.getABITypeAlignment(GV->getType()); 489 490 if (StructType *STy = dyn_cast<StructType>(Ty)) { 491 NewGlobals.reserve(STy->getNumElements()); 492 const StructLayout &Layout = *DL.getStructLayout(STy); 493 for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) { 494 Constant *In = Init->getAggregateElement(i); 495 assert(In && "Couldn't get element of initializer?"); 496 GlobalVariable *NGV = new GlobalVariable(STy->getElementType(i), false, 497 GlobalVariable::InternalLinkage, 498 In, GV->getName()+"."+Twine(i), 499 GV->getThreadLocalMode(), 500 GV->getType()->getAddressSpace()); 501 NGV->setExternallyInitialized(GV->isExternallyInitialized()); 502 Globals.push_back(NGV); 503 NewGlobals.push_back(NGV); 504 505 // Calculate the known alignment of the field. If the original aggregate 506 // had 256 byte alignment for example, something might depend on that: 507 // propagate info to each field. 508 uint64_t FieldOffset = Layout.getElementOffset(i); 509 unsigned NewAlign = (unsigned)MinAlign(StartAlignment, FieldOffset); 510 if (NewAlign > DL.getABITypeAlignment(STy->getElementType(i))) 511 NGV->setAlignment(NewAlign); 512 } 513 } else if (SequentialType *STy = dyn_cast<SequentialType>(Ty)) { 514 unsigned NumElements = 0; 515 if (ArrayType *ATy = dyn_cast<ArrayType>(STy)) 516 NumElements = ATy->getNumElements(); 517 else 518 NumElements = cast<VectorType>(STy)->getNumElements(); 519 520 if (NumElements > 16 && GV->hasNUsesOrMore(16)) 521 return nullptr; // It's not worth it. 522 NewGlobals.reserve(NumElements); 523 524 uint64_t EltSize = DL.getTypeAllocSize(STy->getElementType()); 525 unsigned EltAlign = DL.getABITypeAlignment(STy->getElementType()); 526 for (unsigned i = 0, e = NumElements; i != e; ++i) { 527 Constant *In = Init->getAggregateElement(i); 528 assert(In && "Couldn't get element of initializer?"); 529 530 GlobalVariable *NGV = new GlobalVariable(STy->getElementType(), false, 531 GlobalVariable::InternalLinkage, 532 In, GV->getName()+"."+Twine(i), 533 GV->getThreadLocalMode(), 534 GV->getType()->getAddressSpace()); 535 NGV->setExternallyInitialized(GV->isExternallyInitialized()); 536 Globals.push_back(NGV); 537 NewGlobals.push_back(NGV); 538 539 // Calculate the known alignment of the field. If the original aggregate 540 // had 256 byte alignment for example, something might depend on that: 541 // propagate info to each field. 542 unsigned NewAlign = (unsigned)MinAlign(StartAlignment, EltSize*i); 543 if (NewAlign > EltAlign) 544 NGV->setAlignment(NewAlign); 545 } 546 } 547 548 if (NewGlobals.empty()) 549 return nullptr; 550 551 DEBUG(dbgs() << "PERFORMING GLOBAL SRA ON: " << *GV << "\n"); 552 553 Constant *NullInt =Constant::getNullValue(Type::getInt32Ty(GV->getContext())); 554 555 // Loop over all of the uses of the global, replacing the constantexpr geps, 556 // with smaller constantexpr geps or direct references. 557 while (!GV->use_empty()) { 558 User *GEP = GV->user_back(); 559 assert(((isa<ConstantExpr>(GEP) && 560 cast<ConstantExpr>(GEP)->getOpcode()==Instruction::GetElementPtr)|| 561 isa<GetElementPtrInst>(GEP)) && "NonGEP CE's are not SRAable!"); 562 563 // Ignore the 1th operand, which has to be zero or else the program is quite 564 // broken (undefined). Get the 2nd operand, which is the structure or array 565 // index. 566 unsigned Val = cast<ConstantInt>(GEP->getOperand(2))->getZExtValue(); 567 if (Val >= NewGlobals.size()) Val = 0; // Out of bound array access. 568 569 Value *NewPtr = NewGlobals[Val]; 570 Type *NewTy = NewGlobals[Val]->getValueType(); 571 572 // Form a shorter GEP if needed. 573 if (GEP->getNumOperands() > 3) { 574 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(GEP)) { 575 SmallVector<Constant*, 8> Idxs; 576 Idxs.push_back(NullInt); 577 for (unsigned i = 3, e = CE->getNumOperands(); i != e; ++i) 578 Idxs.push_back(CE->getOperand(i)); 579 NewPtr = 580 ConstantExpr::getGetElementPtr(NewTy, cast<Constant>(NewPtr), Idxs); 581 } else { 582 GetElementPtrInst *GEPI = cast<GetElementPtrInst>(GEP); 583 SmallVector<Value*, 8> Idxs; 584 Idxs.push_back(NullInt); 585 for (unsigned i = 3, e = GEPI->getNumOperands(); i != e; ++i) 586 Idxs.push_back(GEPI->getOperand(i)); 587 NewPtr = GetElementPtrInst::Create( 588 NewTy, NewPtr, Idxs, GEPI->getName() + "." + Twine(Val), GEPI); 589 } 590 } 591 GEP->replaceAllUsesWith(NewPtr); 592 593 if (GetElementPtrInst *GEPI = dyn_cast<GetElementPtrInst>(GEP)) 594 GEPI->eraseFromParent(); 595 else 596 cast<ConstantExpr>(GEP)->destroyConstant(); 597 } 598 599 // Delete the old global, now that it is dead. 600 Globals.erase(GV); 601 ++NumSRA; 602 603 // Loop over the new globals array deleting any globals that are obviously 604 // dead. This can arise due to scalarization of a structure or an array that 605 // has elements that are dead. 606 unsigned FirstGlobal = 0; 607 for (unsigned i = 0, e = NewGlobals.size(); i != e; ++i) 608 if (NewGlobals[i]->use_empty()) { 609 Globals.erase(NewGlobals[i]); 610 if (FirstGlobal == i) ++FirstGlobal; 611 } 612 613 return FirstGlobal != NewGlobals.size() ? NewGlobals[FirstGlobal] : nullptr; 614 } 615 616 /// Return true if all users of the specified value will trap if the value is 617 /// dynamically null. PHIs keeps track of any phi nodes we've seen to avoid 618 /// reprocessing them. 619 static bool AllUsesOfValueWillTrapIfNull(const Value *V, 620 SmallPtrSetImpl<const PHINode*> &PHIs) { 621 for (const User *U : V->users()) 622 if (isa<LoadInst>(U)) { 623 // Will trap. 624 } else if (const StoreInst *SI = dyn_cast<StoreInst>(U)) { 625 if (SI->getOperand(0) == V) { 626 //cerr << "NONTRAPPING USE: " << *U; 627 return false; // Storing the value. 628 } 629 } else if (const CallInst *CI = dyn_cast<CallInst>(U)) { 630 if (CI->getCalledValue() != V) { 631 //cerr << "NONTRAPPING USE: " << *U; 632 return false; // Not calling the ptr 633 } 634 } else if (const InvokeInst *II = dyn_cast<InvokeInst>(U)) { 635 if (II->getCalledValue() != V) { 636 //cerr << "NONTRAPPING USE: " << *U; 637 return false; // Not calling the ptr 638 } 639 } else if (const BitCastInst *CI = dyn_cast<BitCastInst>(U)) { 640 if (!AllUsesOfValueWillTrapIfNull(CI, PHIs)) return false; 641 } else if (const GetElementPtrInst *GEPI = dyn_cast<GetElementPtrInst>(U)) { 642 if (!AllUsesOfValueWillTrapIfNull(GEPI, PHIs)) return false; 643 } else if (const PHINode *PN = dyn_cast<PHINode>(U)) { 644 // If we've already seen this phi node, ignore it, it has already been 645 // checked. 646 if (PHIs.insert(PN).second && !AllUsesOfValueWillTrapIfNull(PN, PHIs)) 647 return false; 648 } else if (isa<ICmpInst>(U) && 649 isa<ConstantPointerNull>(U->getOperand(1))) { 650 // Ignore icmp X, null 651 } else { 652 //cerr << "NONTRAPPING USE: " << *U; 653 return false; 654 } 655 656 return true; 657 } 658 659 /// Return true if all uses of any loads from GV will trap if the loaded value 660 /// is null. Note that this also permits comparisons of the loaded value 661 /// against null, as a special case. 662 static bool AllUsesOfLoadedValueWillTrapIfNull(const GlobalVariable *GV) { 663 for (const User *U : GV->users()) 664 if (const LoadInst *LI = dyn_cast<LoadInst>(U)) { 665 SmallPtrSet<const PHINode*, 8> PHIs; 666 if (!AllUsesOfValueWillTrapIfNull(LI, PHIs)) 667 return false; 668 } else if (isa<StoreInst>(U)) { 669 // Ignore stores to the global. 670 } else { 671 // We don't know or understand this user, bail out. 672 //cerr << "UNKNOWN USER OF GLOBAL!: " << *U; 673 return false; 674 } 675 return true; 676 } 677 678 static bool OptimizeAwayTrappingUsesOfValue(Value *V, Constant *NewV) { 679 bool Changed = false; 680 for (auto UI = V->user_begin(), E = V->user_end(); UI != E; ) { 681 Instruction *I = cast<Instruction>(*UI++); 682 if (LoadInst *LI = dyn_cast<LoadInst>(I)) { 683 LI->setOperand(0, NewV); 684 Changed = true; 685 } else if (StoreInst *SI = dyn_cast<StoreInst>(I)) { 686 if (SI->getOperand(1) == V) { 687 SI->setOperand(1, NewV); 688 Changed = true; 689 } 690 } else if (isa<CallInst>(I) || isa<InvokeInst>(I)) { 691 CallSite CS(I); 692 if (CS.getCalledValue() == V) { 693 // Calling through the pointer! Turn into a direct call, but be careful 694 // that the pointer is not also being passed as an argument. 695 CS.setCalledFunction(NewV); 696 Changed = true; 697 bool PassedAsArg = false; 698 for (unsigned i = 0, e = CS.arg_size(); i != e; ++i) 699 if (CS.getArgument(i) == V) { 700 PassedAsArg = true; 701 CS.setArgument(i, NewV); 702 } 703 704 if (PassedAsArg) { 705 // Being passed as an argument also. Be careful to not invalidate UI! 706 UI = V->user_begin(); 707 } 708 } 709 } else if (CastInst *CI = dyn_cast<CastInst>(I)) { 710 Changed |= OptimizeAwayTrappingUsesOfValue(CI, 711 ConstantExpr::getCast(CI->getOpcode(), 712 NewV, CI->getType())); 713 if (CI->use_empty()) { 714 Changed = true; 715 CI->eraseFromParent(); 716 } 717 } else if (GetElementPtrInst *GEPI = dyn_cast<GetElementPtrInst>(I)) { 718 // Should handle GEP here. 719 SmallVector<Constant*, 8> Idxs; 720 Idxs.reserve(GEPI->getNumOperands()-1); 721 for (User::op_iterator i = GEPI->op_begin() + 1, e = GEPI->op_end(); 722 i != e; ++i) 723 if (Constant *C = dyn_cast<Constant>(*i)) 724 Idxs.push_back(C); 725 else 726 break; 727 if (Idxs.size() == GEPI->getNumOperands()-1) 728 Changed |= OptimizeAwayTrappingUsesOfValue( 729 GEPI, ConstantExpr::getGetElementPtr(nullptr, NewV, Idxs)); 730 if (GEPI->use_empty()) { 731 Changed = true; 732 GEPI->eraseFromParent(); 733 } 734 } 735 } 736 737 return Changed; 738 } 739 740 741 /// The specified global has only one non-null value stored into it. If there 742 /// are uses of the loaded value that would trap if the loaded value is 743 /// dynamically null, then we know that they cannot be reachable with a null 744 /// optimize away the load. 745 static bool OptimizeAwayTrappingUsesOfLoads(GlobalVariable *GV, Constant *LV, 746 const DataLayout &DL, 747 TargetLibraryInfo *TLI) { 748 bool Changed = false; 749 750 // Keep track of whether we are able to remove all the uses of the global 751 // other than the store that defines it. 752 bool AllNonStoreUsesGone = true; 753 754 // Replace all uses of loads with uses of uses of the stored value. 755 for (Value::user_iterator GUI = GV->user_begin(), E = GV->user_end(); GUI != E;){ 756 User *GlobalUser = *GUI++; 757 if (LoadInst *LI = dyn_cast<LoadInst>(GlobalUser)) { 758 Changed |= OptimizeAwayTrappingUsesOfValue(LI, LV); 759 // If we were able to delete all uses of the loads 760 if (LI->use_empty()) { 761 LI->eraseFromParent(); 762 Changed = true; 763 } else { 764 AllNonStoreUsesGone = false; 765 } 766 } else if (isa<StoreInst>(GlobalUser)) { 767 // Ignore the store that stores "LV" to the global. 768 assert(GlobalUser->getOperand(1) == GV && 769 "Must be storing *to* the global"); 770 } else { 771 AllNonStoreUsesGone = false; 772 773 // If we get here we could have other crazy uses that are transitively 774 // loaded. 775 assert((isa<PHINode>(GlobalUser) || isa<SelectInst>(GlobalUser) || 776 isa<ConstantExpr>(GlobalUser) || isa<CmpInst>(GlobalUser) || 777 isa<BitCastInst>(GlobalUser) || 778 isa<GetElementPtrInst>(GlobalUser)) && 779 "Only expect load and stores!"); 780 } 781 } 782 783 if (Changed) { 784 DEBUG(dbgs() << "OPTIMIZED LOADS FROM STORED ONCE POINTER: " << *GV << "\n"); 785 ++NumGlobUses; 786 } 787 788 // If we nuked all of the loads, then none of the stores are needed either, 789 // nor is the global. 790 if (AllNonStoreUsesGone) { 791 if (isLeakCheckerRoot(GV)) { 792 Changed |= CleanupPointerRootUsers(GV, TLI); 793 } else { 794 Changed = true; 795 CleanupConstantGlobalUsers(GV, nullptr, DL, TLI); 796 } 797 if (GV->use_empty()) { 798 DEBUG(dbgs() << " *** GLOBAL NOW DEAD!\n"); 799 Changed = true; 800 GV->eraseFromParent(); 801 ++NumDeleted; 802 } 803 } 804 return Changed; 805 } 806 807 /// Walk the use list of V, constant folding all of the instructions that are 808 /// foldable. 809 static void ConstantPropUsersOf(Value *V, const DataLayout &DL, 810 TargetLibraryInfo *TLI) { 811 for (Value::user_iterator UI = V->user_begin(), E = V->user_end(); UI != E; ) 812 if (Instruction *I = dyn_cast<Instruction>(*UI++)) 813 if (Constant *NewC = ConstantFoldInstruction(I, DL, TLI)) { 814 I->replaceAllUsesWith(NewC); 815 816 // Advance UI to the next non-I use to avoid invalidating it! 817 // Instructions could multiply use V. 818 while (UI != E && *UI == I) 819 ++UI; 820 I->eraseFromParent(); 821 } 822 } 823 824 /// This function takes the specified global variable, and transforms the 825 /// program as if it always contained the result of the specified malloc. 826 /// Because it is always the result of the specified malloc, there is no reason 827 /// to actually DO the malloc. Instead, turn the malloc into a global, and any 828 /// loads of GV as uses of the new global. 829 static GlobalVariable * 830 OptimizeGlobalAddressOfMalloc(GlobalVariable *GV, CallInst *CI, Type *AllocTy, 831 ConstantInt *NElements, const DataLayout &DL, 832 TargetLibraryInfo *TLI) { 833 DEBUG(errs() << "PROMOTING GLOBAL: " << *GV << " CALL = " << *CI << '\n'); 834 835 Type *GlobalType; 836 if (NElements->getZExtValue() == 1) 837 GlobalType = AllocTy; 838 else 839 // If we have an array allocation, the global variable is of an array. 840 GlobalType = ArrayType::get(AllocTy, NElements->getZExtValue()); 841 842 // Create the new global variable. The contents of the malloc'd memory is 843 // undefined, so initialize with an undef value. 844 GlobalVariable *NewGV = new GlobalVariable( 845 *GV->getParent(), GlobalType, false, GlobalValue::InternalLinkage, 846 UndefValue::get(GlobalType), GV->getName() + ".body", nullptr, 847 GV->getThreadLocalMode()); 848 849 // If there are bitcast users of the malloc (which is typical, usually we have 850 // a malloc + bitcast) then replace them with uses of the new global. Update 851 // other users to use the global as well. 852 BitCastInst *TheBC = nullptr; 853 while (!CI->use_empty()) { 854 Instruction *User = cast<Instruction>(CI->user_back()); 855 if (BitCastInst *BCI = dyn_cast<BitCastInst>(User)) { 856 if (BCI->getType() == NewGV->getType()) { 857 BCI->replaceAllUsesWith(NewGV); 858 BCI->eraseFromParent(); 859 } else { 860 BCI->setOperand(0, NewGV); 861 } 862 } else { 863 if (!TheBC) 864 TheBC = new BitCastInst(NewGV, CI->getType(), "newgv", CI); 865 User->replaceUsesOfWith(CI, TheBC); 866 } 867 } 868 869 Constant *RepValue = NewGV; 870 if (NewGV->getType() != GV->getValueType()) 871 RepValue = ConstantExpr::getBitCast(RepValue, GV->getValueType()); 872 873 // If there is a comparison against null, we will insert a global bool to 874 // keep track of whether the global was initialized yet or not. 875 GlobalVariable *InitBool = 876 new GlobalVariable(Type::getInt1Ty(GV->getContext()), false, 877 GlobalValue::InternalLinkage, 878 ConstantInt::getFalse(GV->getContext()), 879 GV->getName()+".init", GV->getThreadLocalMode()); 880 bool InitBoolUsed = false; 881 882 // Loop over all uses of GV, processing them in turn. 883 while (!GV->use_empty()) { 884 if (StoreInst *SI = dyn_cast<StoreInst>(GV->user_back())) { 885 // The global is initialized when the store to it occurs. 886 new StoreInst(ConstantInt::getTrue(GV->getContext()), InitBool, false, 0, 887 SI->getOrdering(), SI->getSynchScope(), SI); 888 SI->eraseFromParent(); 889 continue; 890 } 891 892 LoadInst *LI = cast<LoadInst>(GV->user_back()); 893 while (!LI->use_empty()) { 894 Use &LoadUse = *LI->use_begin(); 895 ICmpInst *ICI = dyn_cast<ICmpInst>(LoadUse.getUser()); 896 if (!ICI) { 897 LoadUse = RepValue; 898 continue; 899 } 900 901 // Replace the cmp X, 0 with a use of the bool value. 902 // Sink the load to where the compare was, if atomic rules allow us to. 903 Value *LV = new LoadInst(InitBool, InitBool->getName()+".val", false, 0, 904 LI->getOrdering(), LI->getSynchScope(), 905 LI->isUnordered() ? (Instruction*)ICI : LI); 906 InitBoolUsed = true; 907 switch (ICI->getPredicate()) { 908 default: llvm_unreachable("Unknown ICmp Predicate!"); 909 case ICmpInst::ICMP_ULT: 910 case ICmpInst::ICMP_SLT: // X < null -> always false 911 LV = ConstantInt::getFalse(GV->getContext()); 912 break; 913 case ICmpInst::ICMP_ULE: 914 case ICmpInst::ICMP_SLE: 915 case ICmpInst::ICMP_EQ: 916 LV = BinaryOperator::CreateNot(LV, "notinit", ICI); 917 break; 918 case ICmpInst::ICMP_NE: 919 case ICmpInst::ICMP_UGE: 920 case ICmpInst::ICMP_SGE: 921 case ICmpInst::ICMP_UGT: 922 case ICmpInst::ICMP_SGT: 923 break; // no change. 924 } 925 ICI->replaceAllUsesWith(LV); 926 ICI->eraseFromParent(); 927 } 928 LI->eraseFromParent(); 929 } 930 931 // If the initialization boolean was used, insert it, otherwise delete it. 932 if (!InitBoolUsed) { 933 while (!InitBool->use_empty()) // Delete initializations 934 cast<StoreInst>(InitBool->user_back())->eraseFromParent(); 935 delete InitBool; 936 } else 937 GV->getParent()->getGlobalList().insert(GV->getIterator(), InitBool); 938 939 // Now the GV is dead, nuke it and the malloc.. 940 GV->eraseFromParent(); 941 CI->eraseFromParent(); 942 943 // To further other optimizations, loop over all users of NewGV and try to 944 // constant prop them. This will promote GEP instructions with constant 945 // indices into GEP constant-exprs, which will allow global-opt to hack on it. 946 ConstantPropUsersOf(NewGV, DL, TLI); 947 if (RepValue != NewGV) 948 ConstantPropUsersOf(RepValue, DL, TLI); 949 950 return NewGV; 951 } 952 953 /// Scan the use-list of V checking to make sure that there are no complex uses 954 /// of V. We permit simple things like dereferencing the pointer, but not 955 /// storing through the address, unless it is to the specified global. 956 static bool ValueIsOnlyUsedLocallyOrStoredToOneGlobal(const Instruction *V, 957 const GlobalVariable *GV, 958 SmallPtrSetImpl<const PHINode*> &PHIs) { 959 for (const User *U : V->users()) { 960 const Instruction *Inst = cast<Instruction>(U); 961 962 if (isa<LoadInst>(Inst) || isa<CmpInst>(Inst)) { 963 continue; // Fine, ignore. 964 } 965 966 if (const StoreInst *SI = dyn_cast<StoreInst>(Inst)) { 967 if (SI->getOperand(0) == V && SI->getOperand(1) != GV) 968 return false; // Storing the pointer itself... bad. 969 continue; // Otherwise, storing through it, or storing into GV... fine. 970 } 971 972 // Must index into the array and into the struct. 973 if (isa<GetElementPtrInst>(Inst) && Inst->getNumOperands() >= 3) { 974 if (!ValueIsOnlyUsedLocallyOrStoredToOneGlobal(Inst, GV, PHIs)) 975 return false; 976 continue; 977 } 978 979 if (const PHINode *PN = dyn_cast<PHINode>(Inst)) { 980 // PHIs are ok if all uses are ok. Don't infinitely recurse through PHI 981 // cycles. 982 if (PHIs.insert(PN).second) 983 if (!ValueIsOnlyUsedLocallyOrStoredToOneGlobal(PN, GV, PHIs)) 984 return false; 985 continue; 986 } 987 988 if (const BitCastInst *BCI = dyn_cast<BitCastInst>(Inst)) { 989 if (!ValueIsOnlyUsedLocallyOrStoredToOneGlobal(BCI, GV, PHIs)) 990 return false; 991 continue; 992 } 993 994 return false; 995 } 996 return true; 997 } 998 999 /// The Alloc pointer is stored into GV somewhere. Transform all uses of the 1000 /// allocation into loads from the global and uses of the resultant pointer. 1001 /// Further, delete the store into GV. This assumes that these value pass the 1002 /// 'ValueIsOnlyUsedLocallyOrStoredToOneGlobal' predicate. 1003 static void ReplaceUsesOfMallocWithGlobal(Instruction *Alloc, 1004 GlobalVariable *GV) { 1005 while (!Alloc->use_empty()) { 1006 Instruction *U = cast<Instruction>(*Alloc->user_begin()); 1007 Instruction *InsertPt = U; 1008 if (StoreInst *SI = dyn_cast<StoreInst>(U)) { 1009 // If this is the store of the allocation into the global, remove it. 1010 if (SI->getOperand(1) == GV) { 1011 SI->eraseFromParent(); 1012 continue; 1013 } 1014 } else if (PHINode *PN = dyn_cast<PHINode>(U)) { 1015 // Insert the load in the corresponding predecessor, not right before the 1016 // PHI. 1017 InsertPt = PN->getIncomingBlock(*Alloc->use_begin())->getTerminator(); 1018 } else if (isa<BitCastInst>(U)) { 1019 // Must be bitcast between the malloc and store to initialize the global. 1020 ReplaceUsesOfMallocWithGlobal(U, GV); 1021 U->eraseFromParent(); 1022 continue; 1023 } else if (GetElementPtrInst *GEPI = dyn_cast<GetElementPtrInst>(U)) { 1024 // If this is a "GEP bitcast" and the user is a store to the global, then 1025 // just process it as a bitcast. 1026 if (GEPI->hasAllZeroIndices() && GEPI->hasOneUse()) 1027 if (StoreInst *SI = dyn_cast<StoreInst>(GEPI->user_back())) 1028 if (SI->getOperand(1) == GV) { 1029 // Must be bitcast GEP between the malloc and store to initialize 1030 // the global. 1031 ReplaceUsesOfMallocWithGlobal(GEPI, GV); 1032 GEPI->eraseFromParent(); 1033 continue; 1034 } 1035 } 1036 1037 // Insert a load from the global, and use it instead of the malloc. 1038 Value *NL = new LoadInst(GV, GV->getName()+".val", InsertPt); 1039 U->replaceUsesOfWith(Alloc, NL); 1040 } 1041 } 1042 1043 /// Verify that all uses of V (a load, or a phi of a load) are simple enough to 1044 /// perform heap SRA on. This permits GEP's that index through the array and 1045 /// struct field, icmps of null, and PHIs. 1046 static bool LoadUsesSimpleEnoughForHeapSRA(const Value *V, 1047 SmallPtrSetImpl<const PHINode*> &LoadUsingPHIs, 1048 SmallPtrSetImpl<const PHINode*> &LoadUsingPHIsPerLoad) { 1049 // We permit two users of the load: setcc comparing against the null 1050 // pointer, and a getelementptr of a specific form. 1051 for (const User *U : V->users()) { 1052 const Instruction *UI = cast<Instruction>(U); 1053 1054 // Comparison against null is ok. 1055 if (const ICmpInst *ICI = dyn_cast<ICmpInst>(UI)) { 1056 if (!isa<ConstantPointerNull>(ICI->getOperand(1))) 1057 return false; 1058 continue; 1059 } 1060 1061 // getelementptr is also ok, but only a simple form. 1062 if (const GetElementPtrInst *GEPI = dyn_cast<GetElementPtrInst>(UI)) { 1063 // Must index into the array and into the struct. 1064 if (GEPI->getNumOperands() < 3) 1065 return false; 1066 1067 // Otherwise the GEP is ok. 1068 continue; 1069 } 1070 1071 if (const PHINode *PN = dyn_cast<PHINode>(UI)) { 1072 if (!LoadUsingPHIsPerLoad.insert(PN).second) 1073 // This means some phi nodes are dependent on each other. 1074 // Avoid infinite looping! 1075 return false; 1076 if (!LoadUsingPHIs.insert(PN).second) 1077 // If we have already analyzed this PHI, then it is safe. 1078 continue; 1079 1080 // Make sure all uses of the PHI are simple enough to transform. 1081 if (!LoadUsesSimpleEnoughForHeapSRA(PN, 1082 LoadUsingPHIs, LoadUsingPHIsPerLoad)) 1083 return false; 1084 1085 continue; 1086 } 1087 1088 // Otherwise we don't know what this is, not ok. 1089 return false; 1090 } 1091 1092 return true; 1093 } 1094 1095 1096 /// If all users of values loaded from GV are simple enough to perform HeapSRA, 1097 /// return true. 1098 static bool AllGlobalLoadUsesSimpleEnoughForHeapSRA(const GlobalVariable *GV, 1099 Instruction *StoredVal) { 1100 SmallPtrSet<const PHINode*, 32> LoadUsingPHIs; 1101 SmallPtrSet<const PHINode*, 32> LoadUsingPHIsPerLoad; 1102 for (const User *U : GV->users()) 1103 if (const LoadInst *LI = dyn_cast<LoadInst>(U)) { 1104 if (!LoadUsesSimpleEnoughForHeapSRA(LI, LoadUsingPHIs, 1105 LoadUsingPHIsPerLoad)) 1106 return false; 1107 LoadUsingPHIsPerLoad.clear(); 1108 } 1109 1110 // If we reach here, we know that all uses of the loads and transitive uses 1111 // (through PHI nodes) are simple enough to transform. However, we don't know 1112 // that all inputs the to the PHI nodes are in the same equivalence sets. 1113 // Check to verify that all operands of the PHIs are either PHIS that can be 1114 // transformed, loads from GV, or MI itself. 1115 for (const PHINode *PN : LoadUsingPHIs) { 1116 for (unsigned op = 0, e = PN->getNumIncomingValues(); op != e; ++op) { 1117 Value *InVal = PN->getIncomingValue(op); 1118 1119 // PHI of the stored value itself is ok. 1120 if (InVal == StoredVal) continue; 1121 1122 if (const PHINode *InPN = dyn_cast<PHINode>(InVal)) { 1123 // One of the PHIs in our set is (optimistically) ok. 1124 if (LoadUsingPHIs.count(InPN)) 1125 continue; 1126 return false; 1127 } 1128 1129 // Load from GV is ok. 1130 if (const LoadInst *LI = dyn_cast<LoadInst>(InVal)) 1131 if (LI->getOperand(0) == GV) 1132 continue; 1133 1134 // UNDEF? NULL? 1135 1136 // Anything else is rejected. 1137 return false; 1138 } 1139 } 1140 1141 return true; 1142 } 1143 1144 static Value *GetHeapSROAValue(Value *V, unsigned FieldNo, 1145 DenseMap<Value*, std::vector<Value*> > &InsertedScalarizedValues, 1146 std::vector<std::pair<PHINode*, unsigned> > &PHIsToRewrite) { 1147 std::vector<Value*> &FieldVals = InsertedScalarizedValues[V]; 1148 1149 if (FieldNo >= FieldVals.size()) 1150 FieldVals.resize(FieldNo+1); 1151 1152 // If we already have this value, just reuse the previously scalarized 1153 // version. 1154 if (Value *FieldVal = FieldVals[FieldNo]) 1155 return FieldVal; 1156 1157 // Depending on what instruction this is, we have several cases. 1158 Value *Result; 1159 if (LoadInst *LI = dyn_cast<LoadInst>(V)) { 1160 // This is a scalarized version of the load from the global. Just create 1161 // a new Load of the scalarized global. 1162 Result = new LoadInst(GetHeapSROAValue(LI->getOperand(0), FieldNo, 1163 InsertedScalarizedValues, 1164 PHIsToRewrite), 1165 LI->getName()+".f"+Twine(FieldNo), LI); 1166 } else { 1167 PHINode *PN = cast<PHINode>(V); 1168 // PN's type is pointer to struct. Make a new PHI of pointer to struct 1169 // field. 1170 1171 PointerType *PTy = cast<PointerType>(PN->getType()); 1172 StructType *ST = cast<StructType>(PTy->getElementType()); 1173 1174 unsigned AS = PTy->getAddressSpace(); 1175 PHINode *NewPN = 1176 PHINode::Create(PointerType::get(ST->getElementType(FieldNo), AS), 1177 PN->getNumIncomingValues(), 1178 PN->getName()+".f"+Twine(FieldNo), PN); 1179 Result = NewPN; 1180 PHIsToRewrite.push_back(std::make_pair(PN, FieldNo)); 1181 } 1182 1183 return FieldVals[FieldNo] = Result; 1184 } 1185 1186 /// Given a load instruction and a value derived from the load, rewrite the 1187 /// derived value to use the HeapSRoA'd load. 1188 static void RewriteHeapSROALoadUser(Instruction *LoadUser, 1189 DenseMap<Value*, std::vector<Value*> > &InsertedScalarizedValues, 1190 std::vector<std::pair<PHINode*, unsigned> > &PHIsToRewrite) { 1191 // If this is a comparison against null, handle it. 1192 if (ICmpInst *SCI = dyn_cast<ICmpInst>(LoadUser)) { 1193 assert(isa<ConstantPointerNull>(SCI->getOperand(1))); 1194 // If we have a setcc of the loaded pointer, we can use a setcc of any 1195 // field. 1196 Value *NPtr = GetHeapSROAValue(SCI->getOperand(0), 0, 1197 InsertedScalarizedValues, PHIsToRewrite); 1198 1199 Value *New = new ICmpInst(SCI, SCI->getPredicate(), NPtr, 1200 Constant::getNullValue(NPtr->getType()), 1201 SCI->getName()); 1202 SCI->replaceAllUsesWith(New); 1203 SCI->eraseFromParent(); 1204 return; 1205 } 1206 1207 // Handle 'getelementptr Ptr, Idx, i32 FieldNo ...' 1208 if (GetElementPtrInst *GEPI = dyn_cast<GetElementPtrInst>(LoadUser)) { 1209 assert(GEPI->getNumOperands() >= 3 && isa<ConstantInt>(GEPI->getOperand(2)) 1210 && "Unexpected GEPI!"); 1211 1212 // Load the pointer for this field. 1213 unsigned FieldNo = cast<ConstantInt>(GEPI->getOperand(2))->getZExtValue(); 1214 Value *NewPtr = GetHeapSROAValue(GEPI->getOperand(0), FieldNo, 1215 InsertedScalarizedValues, PHIsToRewrite); 1216 1217 // Create the new GEP idx vector. 1218 SmallVector<Value*, 8> GEPIdx; 1219 GEPIdx.push_back(GEPI->getOperand(1)); 1220 GEPIdx.append(GEPI->op_begin()+3, GEPI->op_end()); 1221 1222 Value *NGEPI = GetElementPtrInst::Create(GEPI->getResultElementType(), NewPtr, GEPIdx, 1223 GEPI->getName(), GEPI); 1224 GEPI->replaceAllUsesWith(NGEPI); 1225 GEPI->eraseFromParent(); 1226 return; 1227 } 1228 1229 // Recursively transform the users of PHI nodes. This will lazily create the 1230 // PHIs that are needed for individual elements. Keep track of what PHIs we 1231 // see in InsertedScalarizedValues so that we don't get infinite loops (very 1232 // antisocial). If the PHI is already in InsertedScalarizedValues, it has 1233 // already been seen first by another load, so its uses have already been 1234 // processed. 1235 PHINode *PN = cast<PHINode>(LoadUser); 1236 if (!InsertedScalarizedValues.insert(std::make_pair(PN, 1237 std::vector<Value*>())).second) 1238 return; 1239 1240 // If this is the first time we've seen this PHI, recursively process all 1241 // users. 1242 for (auto UI = PN->user_begin(), E = PN->user_end(); UI != E;) { 1243 Instruction *User = cast<Instruction>(*UI++); 1244 RewriteHeapSROALoadUser(User, InsertedScalarizedValues, PHIsToRewrite); 1245 } 1246 } 1247 1248 /// We are performing Heap SRoA on a global. Ptr is a value loaded from the 1249 /// global. Eliminate all uses of Ptr, making them use FieldGlobals instead. 1250 /// All uses of loaded values satisfy AllGlobalLoadUsesSimpleEnoughForHeapSRA. 1251 static void RewriteUsesOfLoadForHeapSRoA(LoadInst *Load, 1252 DenseMap<Value*, std::vector<Value*> > &InsertedScalarizedValues, 1253 std::vector<std::pair<PHINode*, unsigned> > &PHIsToRewrite) { 1254 for (auto UI = Load->user_begin(), E = Load->user_end(); UI != E;) { 1255 Instruction *User = cast<Instruction>(*UI++); 1256 RewriteHeapSROALoadUser(User, InsertedScalarizedValues, PHIsToRewrite); 1257 } 1258 1259 if (Load->use_empty()) { 1260 Load->eraseFromParent(); 1261 InsertedScalarizedValues.erase(Load); 1262 } 1263 } 1264 1265 /// CI is an allocation of an array of structures. Break it up into multiple 1266 /// allocations of arrays of the fields. 1267 static GlobalVariable *PerformHeapAllocSRoA(GlobalVariable *GV, CallInst *CI, 1268 Value *NElems, const DataLayout &DL, 1269 const TargetLibraryInfo *TLI) { 1270 DEBUG(dbgs() << "SROA HEAP ALLOC: " << *GV << " MALLOC = " << *CI << '\n'); 1271 Type *MAT = getMallocAllocatedType(CI, TLI); 1272 StructType *STy = cast<StructType>(MAT); 1273 1274 // There is guaranteed to be at least one use of the malloc (storing 1275 // it into GV). If there are other uses, change them to be uses of 1276 // the global to simplify later code. This also deletes the store 1277 // into GV. 1278 ReplaceUsesOfMallocWithGlobal(CI, GV); 1279 1280 // Okay, at this point, there are no users of the malloc. Insert N 1281 // new mallocs at the same place as CI, and N globals. 1282 std::vector<Value*> FieldGlobals; 1283 std::vector<Value*> FieldMallocs; 1284 1285 unsigned AS = GV->getType()->getPointerAddressSpace(); 1286 for (unsigned FieldNo = 0, e = STy->getNumElements(); FieldNo != e;++FieldNo){ 1287 Type *FieldTy = STy->getElementType(FieldNo); 1288 PointerType *PFieldTy = PointerType::get(FieldTy, AS); 1289 1290 GlobalVariable *NGV = new GlobalVariable( 1291 *GV->getParent(), PFieldTy, false, GlobalValue::InternalLinkage, 1292 Constant::getNullValue(PFieldTy), GV->getName() + ".f" + Twine(FieldNo), 1293 nullptr, GV->getThreadLocalMode()); 1294 FieldGlobals.push_back(NGV); 1295 1296 unsigned TypeSize = DL.getTypeAllocSize(FieldTy); 1297 if (StructType *ST = dyn_cast<StructType>(FieldTy)) 1298 TypeSize = DL.getStructLayout(ST)->getSizeInBytes(); 1299 Type *IntPtrTy = DL.getIntPtrType(CI->getType()); 1300 Value *NMI = CallInst::CreateMalloc(CI, IntPtrTy, FieldTy, 1301 ConstantInt::get(IntPtrTy, TypeSize), 1302 NElems, nullptr, 1303 CI->getName() + ".f" + Twine(FieldNo)); 1304 FieldMallocs.push_back(NMI); 1305 new StoreInst(NMI, NGV, CI); 1306 } 1307 1308 // The tricky aspect of this transformation is handling the case when malloc 1309 // fails. In the original code, malloc failing would set the result pointer 1310 // of malloc to null. In this case, some mallocs could succeed and others 1311 // could fail. As such, we emit code that looks like this: 1312 // F0 = malloc(field0) 1313 // F1 = malloc(field1) 1314 // F2 = malloc(field2) 1315 // if (F0 == 0 || F1 == 0 || F2 == 0) { 1316 // if (F0) { free(F0); F0 = 0; } 1317 // if (F1) { free(F1); F1 = 0; } 1318 // if (F2) { free(F2); F2 = 0; } 1319 // } 1320 // The malloc can also fail if its argument is too large. 1321 Constant *ConstantZero = ConstantInt::get(CI->getArgOperand(0)->getType(), 0); 1322 Value *RunningOr = new ICmpInst(CI, ICmpInst::ICMP_SLT, CI->getArgOperand(0), 1323 ConstantZero, "isneg"); 1324 for (unsigned i = 0, e = FieldMallocs.size(); i != e; ++i) { 1325 Value *Cond = new ICmpInst(CI, ICmpInst::ICMP_EQ, FieldMallocs[i], 1326 Constant::getNullValue(FieldMallocs[i]->getType()), 1327 "isnull"); 1328 RunningOr = BinaryOperator::CreateOr(RunningOr, Cond, "tmp", CI); 1329 } 1330 1331 // Split the basic block at the old malloc. 1332 BasicBlock *OrigBB = CI->getParent(); 1333 BasicBlock *ContBB = 1334 OrigBB->splitBasicBlock(CI->getIterator(), "malloc_cont"); 1335 1336 // Create the block to check the first condition. Put all these blocks at the 1337 // end of the function as they are unlikely to be executed. 1338 BasicBlock *NullPtrBlock = BasicBlock::Create(OrigBB->getContext(), 1339 "malloc_ret_null", 1340 OrigBB->getParent()); 1341 1342 // Remove the uncond branch from OrigBB to ContBB, turning it into a cond 1343 // branch on RunningOr. 1344 OrigBB->getTerminator()->eraseFromParent(); 1345 BranchInst::Create(NullPtrBlock, ContBB, RunningOr, OrigBB); 1346 1347 // Within the NullPtrBlock, we need to emit a comparison and branch for each 1348 // pointer, because some may be null while others are not. 1349 for (unsigned i = 0, e = FieldGlobals.size(); i != e; ++i) { 1350 Value *GVVal = new LoadInst(FieldGlobals[i], "tmp", NullPtrBlock); 1351 Value *Cmp = new ICmpInst(*NullPtrBlock, ICmpInst::ICMP_NE, GVVal, 1352 Constant::getNullValue(GVVal->getType())); 1353 BasicBlock *FreeBlock = BasicBlock::Create(Cmp->getContext(), "free_it", 1354 OrigBB->getParent()); 1355 BasicBlock *NextBlock = BasicBlock::Create(Cmp->getContext(), "next", 1356 OrigBB->getParent()); 1357 Instruction *BI = BranchInst::Create(FreeBlock, NextBlock, 1358 Cmp, NullPtrBlock); 1359 1360 // Fill in FreeBlock. 1361 CallInst::CreateFree(GVVal, BI); 1362 new StoreInst(Constant::getNullValue(GVVal->getType()), FieldGlobals[i], 1363 FreeBlock); 1364 BranchInst::Create(NextBlock, FreeBlock); 1365 1366 NullPtrBlock = NextBlock; 1367 } 1368 1369 BranchInst::Create(ContBB, NullPtrBlock); 1370 1371 // CI is no longer needed, remove it. 1372 CI->eraseFromParent(); 1373 1374 /// As we process loads, if we can't immediately update all uses of the load, 1375 /// keep track of what scalarized loads are inserted for a given load. 1376 DenseMap<Value*, std::vector<Value*> > InsertedScalarizedValues; 1377 InsertedScalarizedValues[GV] = FieldGlobals; 1378 1379 std::vector<std::pair<PHINode*, unsigned> > PHIsToRewrite; 1380 1381 // Okay, the malloc site is completely handled. All of the uses of GV are now 1382 // loads, and all uses of those loads are simple. Rewrite them to use loads 1383 // of the per-field globals instead. 1384 for (auto UI = GV->user_begin(), E = GV->user_end(); UI != E;) { 1385 Instruction *User = cast<Instruction>(*UI++); 1386 1387 if (LoadInst *LI = dyn_cast<LoadInst>(User)) { 1388 RewriteUsesOfLoadForHeapSRoA(LI, InsertedScalarizedValues, PHIsToRewrite); 1389 continue; 1390 } 1391 1392 // Must be a store of null. 1393 StoreInst *SI = cast<StoreInst>(User); 1394 assert(isa<ConstantPointerNull>(SI->getOperand(0)) && 1395 "Unexpected heap-sra user!"); 1396 1397 // Insert a store of null into each global. 1398 for (unsigned i = 0, e = FieldGlobals.size(); i != e; ++i) { 1399 Type *ValTy = cast<GlobalValue>(FieldGlobals[i])->getValueType(); 1400 Constant *Null = Constant::getNullValue(ValTy); 1401 new StoreInst(Null, FieldGlobals[i], SI); 1402 } 1403 // Erase the original store. 1404 SI->eraseFromParent(); 1405 } 1406 1407 // While we have PHIs that are interesting to rewrite, do it. 1408 while (!PHIsToRewrite.empty()) { 1409 PHINode *PN = PHIsToRewrite.back().first; 1410 unsigned FieldNo = PHIsToRewrite.back().second; 1411 PHIsToRewrite.pop_back(); 1412 PHINode *FieldPN = cast<PHINode>(InsertedScalarizedValues[PN][FieldNo]); 1413 assert(FieldPN->getNumIncomingValues() == 0 &&"Already processed this phi"); 1414 1415 // Add all the incoming values. This can materialize more phis. 1416 for (unsigned i = 0, e = PN->getNumIncomingValues(); i != e; ++i) { 1417 Value *InVal = PN->getIncomingValue(i); 1418 InVal = GetHeapSROAValue(InVal, FieldNo, InsertedScalarizedValues, 1419 PHIsToRewrite); 1420 FieldPN->addIncoming(InVal, PN->getIncomingBlock(i)); 1421 } 1422 } 1423 1424 // Drop all inter-phi links and any loads that made it this far. 1425 for (DenseMap<Value*, std::vector<Value*> >::iterator 1426 I = InsertedScalarizedValues.begin(), E = InsertedScalarizedValues.end(); 1427 I != E; ++I) { 1428 if (PHINode *PN = dyn_cast<PHINode>(I->first)) 1429 PN->dropAllReferences(); 1430 else if (LoadInst *LI = dyn_cast<LoadInst>(I->first)) 1431 LI->dropAllReferences(); 1432 } 1433 1434 // Delete all the phis and loads now that inter-references are dead. 1435 for (DenseMap<Value*, std::vector<Value*> >::iterator 1436 I = InsertedScalarizedValues.begin(), E = InsertedScalarizedValues.end(); 1437 I != E; ++I) { 1438 if (PHINode *PN = dyn_cast<PHINode>(I->first)) 1439 PN->eraseFromParent(); 1440 else if (LoadInst *LI = dyn_cast<LoadInst>(I->first)) 1441 LI->eraseFromParent(); 1442 } 1443 1444 // The old global is now dead, remove it. 1445 GV->eraseFromParent(); 1446 1447 ++NumHeapSRA; 1448 return cast<GlobalVariable>(FieldGlobals[0]); 1449 } 1450 1451 /// This function is called when we see a pointer global variable with a single 1452 /// value stored it that is a malloc or cast of malloc. 1453 static bool tryToOptimizeStoreOfMallocToGlobal(GlobalVariable *GV, CallInst *CI, 1454 Type *AllocTy, 1455 AtomicOrdering Ordering, 1456 const DataLayout &DL, 1457 TargetLibraryInfo *TLI) { 1458 // If this is a malloc of an abstract type, don't touch it. 1459 if (!AllocTy->isSized()) 1460 return false; 1461 1462 // We can't optimize this global unless all uses of it are *known* to be 1463 // of the malloc value, not of the null initializer value (consider a use 1464 // that compares the global's value against zero to see if the malloc has 1465 // been reached). To do this, we check to see if all uses of the global 1466 // would trap if the global were null: this proves that they must all 1467 // happen after the malloc. 1468 if (!AllUsesOfLoadedValueWillTrapIfNull(GV)) 1469 return false; 1470 1471 // We can't optimize this if the malloc itself is used in a complex way, 1472 // for example, being stored into multiple globals. This allows the 1473 // malloc to be stored into the specified global, loaded icmp'd, and 1474 // GEP'd. These are all things we could transform to using the global 1475 // for. 1476 SmallPtrSet<const PHINode*, 8> PHIs; 1477 if (!ValueIsOnlyUsedLocallyOrStoredToOneGlobal(CI, GV, PHIs)) 1478 return false; 1479 1480 // If we have a global that is only initialized with a fixed size malloc, 1481 // transform the program to use global memory instead of malloc'd memory. 1482 // This eliminates dynamic allocation, avoids an indirection accessing the 1483 // data, and exposes the resultant global to further GlobalOpt. 1484 // We cannot optimize the malloc if we cannot determine malloc array size. 1485 Value *NElems = getMallocArraySize(CI, DL, TLI, true); 1486 if (!NElems) 1487 return false; 1488 1489 if (ConstantInt *NElements = dyn_cast<ConstantInt>(NElems)) 1490 // Restrict this transformation to only working on small allocations 1491 // (2048 bytes currently), as we don't want to introduce a 16M global or 1492 // something. 1493 if (NElements->getZExtValue() * DL.getTypeAllocSize(AllocTy) < 2048) { 1494 OptimizeGlobalAddressOfMalloc(GV, CI, AllocTy, NElements, DL, TLI); 1495 return true; 1496 } 1497 1498 // If the allocation is an array of structures, consider transforming this 1499 // into multiple malloc'd arrays, one for each field. This is basically 1500 // SRoA for malloc'd memory. 1501 1502 if (Ordering != NotAtomic) 1503 return false; 1504 1505 // If this is an allocation of a fixed size array of structs, analyze as a 1506 // variable size array. malloc [100 x struct],1 -> malloc struct, 100 1507 if (NElems == ConstantInt::get(CI->getArgOperand(0)->getType(), 1)) 1508 if (ArrayType *AT = dyn_cast<ArrayType>(AllocTy)) 1509 AllocTy = AT->getElementType(); 1510 1511 StructType *AllocSTy = dyn_cast<StructType>(AllocTy); 1512 if (!AllocSTy) 1513 return false; 1514 1515 // This the structure has an unreasonable number of fields, leave it 1516 // alone. 1517 if (AllocSTy->getNumElements() <= 16 && AllocSTy->getNumElements() != 0 && 1518 AllGlobalLoadUsesSimpleEnoughForHeapSRA(GV, CI)) { 1519 1520 // If this is a fixed size array, transform the Malloc to be an alloc of 1521 // structs. malloc [100 x struct],1 -> malloc struct, 100 1522 if (ArrayType *AT = dyn_cast<ArrayType>(getMallocAllocatedType(CI, TLI))) { 1523 Type *IntPtrTy = DL.getIntPtrType(CI->getType()); 1524 unsigned TypeSize = DL.getStructLayout(AllocSTy)->getSizeInBytes(); 1525 Value *AllocSize = ConstantInt::get(IntPtrTy, TypeSize); 1526 Value *NumElements = ConstantInt::get(IntPtrTy, AT->getNumElements()); 1527 Instruction *Malloc = CallInst::CreateMalloc(CI, IntPtrTy, AllocSTy, 1528 AllocSize, NumElements, 1529 nullptr, CI->getName()); 1530 Instruction *Cast = new BitCastInst(Malloc, CI->getType(), "tmp", CI); 1531 CI->replaceAllUsesWith(Cast); 1532 CI->eraseFromParent(); 1533 if (BitCastInst *BCI = dyn_cast<BitCastInst>(Malloc)) 1534 CI = cast<CallInst>(BCI->getOperand(0)); 1535 else 1536 CI = cast<CallInst>(Malloc); 1537 } 1538 1539 PerformHeapAllocSRoA(GV, CI, getMallocArraySize(CI, DL, TLI, true), DL, 1540 TLI); 1541 return true; 1542 } 1543 1544 return false; 1545 } 1546 1547 // Try to optimize globals based on the knowledge that only one value (besides 1548 // its initializer) is ever stored to the global. 1549 static bool optimizeOnceStoredGlobal(GlobalVariable *GV, Value *StoredOnceVal, 1550 AtomicOrdering Ordering, 1551 const DataLayout &DL, 1552 TargetLibraryInfo *TLI) { 1553 // Ignore no-op GEPs and bitcasts. 1554 StoredOnceVal = StoredOnceVal->stripPointerCasts(); 1555 1556 // If we are dealing with a pointer global that is initialized to null and 1557 // only has one (non-null) value stored into it, then we can optimize any 1558 // users of the loaded value (often calls and loads) that would trap if the 1559 // value was null. 1560 if (GV->getInitializer()->getType()->isPointerTy() && 1561 GV->getInitializer()->isNullValue()) { 1562 if (Constant *SOVC = dyn_cast<Constant>(StoredOnceVal)) { 1563 if (GV->getInitializer()->getType() != SOVC->getType()) 1564 SOVC = ConstantExpr::getBitCast(SOVC, GV->getInitializer()->getType()); 1565 1566 // Optimize away any trapping uses of the loaded value. 1567 if (OptimizeAwayTrappingUsesOfLoads(GV, SOVC, DL, TLI)) 1568 return true; 1569 } else if (CallInst *CI = extractMallocCall(StoredOnceVal, TLI)) { 1570 Type *MallocType = getMallocAllocatedType(CI, TLI); 1571 if (MallocType && tryToOptimizeStoreOfMallocToGlobal(GV, CI, MallocType, 1572 Ordering, DL, TLI)) 1573 return true; 1574 } 1575 } 1576 1577 return false; 1578 } 1579 1580 /// At this point, we have learned that the only two values ever stored into GV 1581 /// are its initializer and OtherVal. See if we can shrink the global into a 1582 /// boolean and select between the two values whenever it is used. This exposes 1583 /// the values to other scalar optimizations. 1584 static bool TryToShrinkGlobalToBoolean(GlobalVariable *GV, Constant *OtherVal) { 1585 Type *GVElType = GV->getValueType(); 1586 1587 // If GVElType is already i1, it is already shrunk. If the type of the GV is 1588 // an FP value, pointer or vector, don't do this optimization because a select 1589 // between them is very expensive and unlikely to lead to later 1590 // simplification. In these cases, we typically end up with "cond ? v1 : v2" 1591 // where v1 and v2 both require constant pool loads, a big loss. 1592 if (GVElType == Type::getInt1Ty(GV->getContext()) || 1593 GVElType->isFloatingPointTy() || 1594 GVElType->isPointerTy() || GVElType->isVectorTy()) 1595 return false; 1596 1597 // Walk the use list of the global seeing if all the uses are load or store. 1598 // If there is anything else, bail out. 1599 for (User *U : GV->users()) 1600 if (!isa<LoadInst>(U) && !isa<StoreInst>(U)) 1601 return false; 1602 1603 DEBUG(dbgs() << " *** SHRINKING TO BOOL: " << *GV << "\n"); 1604 1605 // Create the new global, initializing it to false. 1606 GlobalVariable *NewGV = new GlobalVariable(Type::getInt1Ty(GV->getContext()), 1607 false, 1608 GlobalValue::InternalLinkage, 1609 ConstantInt::getFalse(GV->getContext()), 1610 GV->getName()+".b", 1611 GV->getThreadLocalMode(), 1612 GV->getType()->getAddressSpace()); 1613 GV->getParent()->getGlobalList().insert(GV->getIterator(), NewGV); 1614 1615 Constant *InitVal = GV->getInitializer(); 1616 assert(InitVal->getType() != Type::getInt1Ty(GV->getContext()) && 1617 "No reason to shrink to bool!"); 1618 1619 // If initialized to zero and storing one into the global, we can use a cast 1620 // instead of a select to synthesize the desired value. 1621 bool IsOneZero = false; 1622 if (ConstantInt *CI = dyn_cast<ConstantInt>(OtherVal)) 1623 IsOneZero = InitVal->isNullValue() && CI->isOne(); 1624 1625 while (!GV->use_empty()) { 1626 Instruction *UI = cast<Instruction>(GV->user_back()); 1627 if (StoreInst *SI = dyn_cast<StoreInst>(UI)) { 1628 // Change the store into a boolean store. 1629 bool StoringOther = SI->getOperand(0) == OtherVal; 1630 // Only do this if we weren't storing a loaded value. 1631 Value *StoreVal; 1632 if (StoringOther || SI->getOperand(0) == InitVal) { 1633 StoreVal = ConstantInt::get(Type::getInt1Ty(GV->getContext()), 1634 StoringOther); 1635 } else { 1636 // Otherwise, we are storing a previously loaded copy. To do this, 1637 // change the copy from copying the original value to just copying the 1638 // bool. 1639 Instruction *StoredVal = cast<Instruction>(SI->getOperand(0)); 1640 1641 // If we've already replaced the input, StoredVal will be a cast or 1642 // select instruction. If not, it will be a load of the original 1643 // global. 1644 if (LoadInst *LI = dyn_cast<LoadInst>(StoredVal)) { 1645 assert(LI->getOperand(0) == GV && "Not a copy!"); 1646 // Insert a new load, to preserve the saved value. 1647 StoreVal = new LoadInst(NewGV, LI->getName()+".b", false, 0, 1648 LI->getOrdering(), LI->getSynchScope(), LI); 1649 } else { 1650 assert((isa<CastInst>(StoredVal) || isa<SelectInst>(StoredVal)) && 1651 "This is not a form that we understand!"); 1652 StoreVal = StoredVal->getOperand(0); 1653 assert(isa<LoadInst>(StoreVal) && "Not a load of NewGV!"); 1654 } 1655 } 1656 new StoreInst(StoreVal, NewGV, false, 0, 1657 SI->getOrdering(), SI->getSynchScope(), SI); 1658 } else { 1659 // Change the load into a load of bool then a select. 1660 LoadInst *LI = cast<LoadInst>(UI); 1661 LoadInst *NLI = new LoadInst(NewGV, LI->getName()+".b", false, 0, 1662 LI->getOrdering(), LI->getSynchScope(), LI); 1663 Value *NSI; 1664 if (IsOneZero) 1665 NSI = new ZExtInst(NLI, LI->getType(), "", LI); 1666 else 1667 NSI = SelectInst::Create(NLI, OtherVal, InitVal, "", LI); 1668 NSI->takeName(LI); 1669 LI->replaceAllUsesWith(NSI); 1670 } 1671 UI->eraseFromParent(); 1672 } 1673 1674 // Retain the name of the old global variable. People who are debugging their 1675 // programs may expect these variables to be named the same. 1676 NewGV->takeName(GV); 1677 GV->eraseFromParent(); 1678 return true; 1679 } 1680 1681 bool GlobalOpt::deleteIfDead(GlobalValue &GV) { 1682 GV.removeDeadConstantUsers(); 1683 1684 if (!GV.isDiscardableIfUnused()) 1685 return false; 1686 1687 if (const Comdat *C = GV.getComdat()) 1688 if (!GV.hasLocalLinkage() && NotDiscardableComdats.count(C)) 1689 return false; 1690 1691 bool Dead; 1692 if (auto *F = dyn_cast<Function>(&GV)) 1693 Dead = F->isDefTriviallyDead(); 1694 else 1695 Dead = GV.use_empty(); 1696 if (!Dead) 1697 return false; 1698 1699 DEBUG(dbgs() << "GLOBAL DEAD: " << GV << "\n"); 1700 GV.eraseFromParent(); 1701 ++NumDeleted; 1702 return true; 1703 } 1704 1705 /// Analyze the specified global variable and optimize it if possible. If we 1706 /// make a change, return true. 1707 bool GlobalOpt::processGlobal(GlobalValue &GV) { 1708 // Do more involved optimizations if the global is internal. 1709 if (!GV.hasLocalLinkage()) 1710 return false; 1711 1712 GlobalStatus GS; 1713 1714 if (GlobalStatus::analyzeGlobal(&GV, GS)) 1715 return false; 1716 1717 bool Changed = false; 1718 if (!GS.IsCompared && !GV.hasUnnamedAddr()) { 1719 GV.setUnnamedAddr(true); 1720 NumUnnamed++; 1721 Changed = true; 1722 } 1723 1724 auto *GVar = dyn_cast<GlobalVariable>(&GV); 1725 if (!GVar) 1726 return Changed; 1727 1728 if (GVar->isConstant() || !GVar->hasInitializer()) 1729 return Changed; 1730 1731 return processInternalGlobal(GVar, GS) || Changed; 1732 } 1733 1734 bool GlobalOpt::isPointerValueDeadOnEntryToFunction(const Function *F, GlobalValue *GV) { 1735 // Find all uses of GV. We expect them all to be in F, and if we can't 1736 // identify any of the uses we bail out. 1737 // 1738 // On each of these uses, identify if the memory that GV points to is 1739 // used/required/live at the start of the function. If it is not, for example 1740 // if the first thing the function does is store to the GV, the GV can 1741 // possibly be demoted. 1742 // 1743 // We don't do an exhaustive search for memory operations - simply look 1744 // through bitcasts as they're quite common and benign. 1745 const DataLayout &DL = GV->getParent()->getDataLayout(); 1746 SmallVector<LoadInst *, 4> Loads; 1747 SmallVector<StoreInst *, 4> Stores; 1748 for (auto *U : GV->users()) { 1749 if (Operator::getOpcode(U) == Instruction::BitCast) { 1750 for (auto *UU : U->users()) { 1751 if (auto *LI = dyn_cast<LoadInst>(UU)) 1752 Loads.push_back(LI); 1753 else if (auto *SI = dyn_cast<StoreInst>(UU)) 1754 Stores.push_back(SI); 1755 else 1756 return false; 1757 } 1758 continue; 1759 } 1760 1761 Instruction *I = dyn_cast<Instruction>(U); 1762 if (!I) 1763 return false; 1764 assert(I->getParent()->getParent() == F); 1765 1766 if (auto *LI = dyn_cast<LoadInst>(I)) 1767 Loads.push_back(LI); 1768 else if (auto *SI = dyn_cast<StoreInst>(I)) 1769 Stores.push_back(SI); 1770 else 1771 return false; 1772 } 1773 1774 // We have identified all uses of GV into loads and stores. Now check if all 1775 // of them are known not to depend on the value of the global at the function 1776 // entry point. We do this by ensuring that every load is dominated by at 1777 // least one store. 1778 auto &DT = getAnalysis<DominatorTreeWrapperPass>(*const_cast<Function *>(F)) 1779 .getDomTree(); 1780 1781 // The below check is quadratic. Check we're not going to do too many tests. 1782 // FIXME: Even though this will always have worst-case quadratic time, we 1783 // could put effort into minimizing the average time by putting stores that 1784 // have been shown to dominate at least one load at the beginning of the 1785 // Stores array, making subsequent dominance checks more likely to succeed 1786 // early. 1787 // 1788 // The threshold here is fairly large because global->local demotion is a 1789 // very powerful optimization should it fire. 1790 const unsigned Threshold = 100; 1791 if (Loads.size() * Stores.size() > Threshold) 1792 return false; 1793 1794 for (auto *L : Loads) { 1795 auto *LTy = L->getType(); 1796 if (!std::any_of(Stores.begin(), Stores.end(), [&](StoreInst *S) { 1797 auto *STy = S->getValueOperand()->getType(); 1798 // The load is only dominated by the store if DomTree says so 1799 // and the number of bits loaded in L is less than or equal to 1800 // the number of bits stored in S. 1801 return DT.dominates(S, L) && 1802 DL.getTypeStoreSize(LTy) <= DL.getTypeStoreSize(STy); 1803 })) 1804 return false; 1805 } 1806 // All loads have known dependences inside F, so the global can be localized. 1807 return true; 1808 } 1809 1810 /// C may have non-instruction users. Can all of those users be turned into 1811 /// instructions? 1812 static bool allNonInstructionUsersCanBeMadeInstructions(Constant *C) { 1813 // We don't do this exhaustively. The most common pattern that we really need 1814 // to care about is a constant GEP or constant bitcast - so just looking 1815 // through one single ConstantExpr. 1816 // 1817 // The set of constants that this function returns true for must be able to be 1818 // handled by makeAllConstantUsesInstructions. 1819 for (auto *U : C->users()) { 1820 if (isa<Instruction>(U)) 1821 continue; 1822 if (!isa<ConstantExpr>(U)) 1823 // Non instruction, non-constantexpr user; cannot convert this. 1824 return false; 1825 for (auto *UU : U->users()) 1826 if (!isa<Instruction>(UU)) 1827 // A constantexpr used by another constant. We don't try and recurse any 1828 // further but just bail out at this point. 1829 return false; 1830 } 1831 1832 return true; 1833 } 1834 1835 /// C may have non-instruction users, and 1836 /// allNonInstructionUsersCanBeMadeInstructions has returned true. Convert the 1837 /// non-instruction users to instructions. 1838 static void makeAllConstantUsesInstructions(Constant *C) { 1839 SmallVector<ConstantExpr*,4> Users; 1840 for (auto *U : C->users()) { 1841 if (isa<ConstantExpr>(U)) 1842 Users.push_back(cast<ConstantExpr>(U)); 1843 else 1844 // We should never get here; allNonInstructionUsersCanBeMadeInstructions 1845 // should not have returned true for C. 1846 assert( 1847 isa<Instruction>(U) && 1848 "Can't transform non-constantexpr non-instruction to instruction!"); 1849 } 1850 1851 SmallVector<Value*,4> UUsers; 1852 for (auto *U : Users) { 1853 UUsers.clear(); 1854 for (auto *UU : U->users()) 1855 UUsers.push_back(UU); 1856 for (auto *UU : UUsers) { 1857 Instruction *UI = cast<Instruction>(UU); 1858 Instruction *NewU = U->getAsInstruction(); 1859 NewU->insertBefore(UI); 1860 UI->replaceUsesOfWith(U, NewU); 1861 } 1862 U->dropAllReferences(); 1863 } 1864 } 1865 1866 /// Analyze the specified global variable and optimize 1867 /// it if possible. If we make a change, return true. 1868 bool GlobalOpt::processInternalGlobal(GlobalVariable *GV, 1869 const GlobalStatus &GS) { 1870 auto &DL = GV->getParent()->getDataLayout(); 1871 // If this is a first class global and has only one accessing function and 1872 // this function is non-recursive, we replace the global with a local alloca 1873 // in this function. 1874 // 1875 // NOTE: It doesn't make sense to promote non-single-value types since we 1876 // are just replacing static memory to stack memory. 1877 // 1878 // If the global is in different address space, don't bring it to stack. 1879 if (!GS.HasMultipleAccessingFunctions && 1880 GS.AccessingFunction && 1881 GV->getValueType()->isSingleValueType() && 1882 GV->getType()->getAddressSpace() == 0 && 1883 !GV->isExternallyInitialized() && 1884 allNonInstructionUsersCanBeMadeInstructions(GV) && 1885 GS.AccessingFunction->doesNotRecurse() && 1886 isPointerValueDeadOnEntryToFunction(GS.AccessingFunction, GV) ) { 1887 DEBUG(dbgs() << "LOCALIZING GLOBAL: " << *GV << "\n"); 1888 Instruction &FirstI = const_cast<Instruction&>(*GS.AccessingFunction 1889 ->getEntryBlock().begin()); 1890 Type *ElemTy = GV->getValueType(); 1891 // FIXME: Pass Global's alignment when globals have alignment 1892 AllocaInst *Alloca = new AllocaInst(ElemTy, nullptr, 1893 GV->getName(), &FirstI); 1894 if (!isa<UndefValue>(GV->getInitializer())) 1895 new StoreInst(GV->getInitializer(), Alloca, &FirstI); 1896 1897 makeAllConstantUsesInstructions(GV); 1898 1899 GV->replaceAllUsesWith(Alloca); 1900 GV->eraseFromParent(); 1901 ++NumLocalized; 1902 return true; 1903 } 1904 1905 // If the global is never loaded (but may be stored to), it is dead. 1906 // Delete it now. 1907 if (!GS.IsLoaded) { 1908 DEBUG(dbgs() << "GLOBAL NEVER LOADED: " << *GV << "\n"); 1909 1910 bool Changed; 1911 if (isLeakCheckerRoot(GV)) { 1912 // Delete any constant stores to the global. 1913 Changed = CleanupPointerRootUsers(GV, TLI); 1914 } else { 1915 // Delete any stores we can find to the global. We may not be able to 1916 // make it completely dead though. 1917 Changed = CleanupConstantGlobalUsers(GV, GV->getInitializer(), DL, TLI); 1918 } 1919 1920 // If the global is dead now, delete it. 1921 if (GV->use_empty()) { 1922 GV->eraseFromParent(); 1923 ++NumDeleted; 1924 Changed = true; 1925 } 1926 return Changed; 1927 1928 } else if (GS.StoredType <= GlobalStatus::InitializerStored) { 1929 DEBUG(dbgs() << "MARKING CONSTANT: " << *GV << "\n"); 1930 GV->setConstant(true); 1931 1932 // Clean up any obviously simplifiable users now. 1933 CleanupConstantGlobalUsers(GV, GV->getInitializer(), DL, TLI); 1934 1935 // If the global is dead now, just nuke it. 1936 if (GV->use_empty()) { 1937 DEBUG(dbgs() << " *** Marking constant allowed us to simplify " 1938 << "all users and delete global!\n"); 1939 GV->eraseFromParent(); 1940 ++NumDeleted; 1941 } 1942 1943 ++NumMarked; 1944 return true; 1945 } else if (!GV->getInitializer()->getType()->isSingleValueType()) { 1946 const DataLayout &DL = GV->getParent()->getDataLayout(); 1947 if (SRAGlobal(GV, DL)) 1948 return true; 1949 } else if (GS.StoredType == GlobalStatus::StoredOnce && GS.StoredOnceValue) { 1950 // If the initial value for the global was an undef value, and if only 1951 // one other value was stored into it, we can just change the 1952 // initializer to be the stored value, then delete all stores to the 1953 // global. This allows us to mark it constant. 1954 if (Constant *SOVConstant = dyn_cast<Constant>(GS.StoredOnceValue)) 1955 if (isa<UndefValue>(GV->getInitializer())) { 1956 // Change the initial value here. 1957 GV->setInitializer(SOVConstant); 1958 1959 // Clean up any obviously simplifiable users now. 1960 CleanupConstantGlobalUsers(GV, GV->getInitializer(), DL, TLI); 1961 1962 if (GV->use_empty()) { 1963 DEBUG(dbgs() << " *** Substituting initializer allowed us to " 1964 << "simplify all users and delete global!\n"); 1965 GV->eraseFromParent(); 1966 ++NumDeleted; 1967 } 1968 ++NumSubstitute; 1969 return true; 1970 } 1971 1972 // Try to optimize globals based on the knowledge that only one value 1973 // (besides its initializer) is ever stored to the global. 1974 if (optimizeOnceStoredGlobal(GV, GS.StoredOnceValue, GS.Ordering, DL, TLI)) 1975 return true; 1976 1977 // Otherwise, if the global was not a boolean, we can shrink it to be a 1978 // boolean. 1979 if (Constant *SOVConstant = dyn_cast<Constant>(GS.StoredOnceValue)) { 1980 if (GS.Ordering == NotAtomic) { 1981 if (TryToShrinkGlobalToBoolean(GV, SOVConstant)) { 1982 ++NumShrunkToBool; 1983 return true; 1984 } 1985 } 1986 } 1987 } 1988 1989 return false; 1990 } 1991 1992 /// Walk all of the direct calls of the specified function, changing them to 1993 /// FastCC. 1994 static void ChangeCalleesToFastCall(Function *F) { 1995 for (User *U : F->users()) { 1996 if (isa<BlockAddress>(U)) 1997 continue; 1998 CallSite CS(cast<Instruction>(U)); 1999 CS.setCallingConv(CallingConv::Fast); 2000 } 2001 } 2002 2003 static AttributeSet StripNest(LLVMContext &C, const AttributeSet &Attrs) { 2004 for (unsigned i = 0, e = Attrs.getNumSlots(); i != e; ++i) { 2005 unsigned Index = Attrs.getSlotIndex(i); 2006 if (!Attrs.getSlotAttributes(i).hasAttribute(Index, Attribute::Nest)) 2007 continue; 2008 2009 // There can be only one. 2010 return Attrs.removeAttribute(C, Index, Attribute::Nest); 2011 } 2012 2013 return Attrs; 2014 } 2015 2016 static void RemoveNestAttribute(Function *F) { 2017 F->setAttributes(StripNest(F->getContext(), F->getAttributes())); 2018 for (User *U : F->users()) { 2019 if (isa<BlockAddress>(U)) 2020 continue; 2021 CallSite CS(cast<Instruction>(U)); 2022 CS.setAttributes(StripNest(F->getContext(), CS.getAttributes())); 2023 } 2024 } 2025 2026 /// Return true if this is a calling convention that we'd like to change. The 2027 /// idea here is that we don't want to mess with the convention if the user 2028 /// explicitly requested something with performance implications like coldcc, 2029 /// GHC, or anyregcc. 2030 static bool isProfitableToMakeFastCC(Function *F) { 2031 CallingConv::ID CC = F->getCallingConv(); 2032 // FIXME: Is it worth transforming x86_stdcallcc and x86_fastcallcc? 2033 return CC == CallingConv::C || CC == CallingConv::X86_ThisCall; 2034 } 2035 2036 bool GlobalOpt::OptimizeFunctions(Module &M) { 2037 bool Changed = false; 2038 // Optimize functions. 2039 for (Module::iterator FI = M.begin(), E = M.end(); FI != E; ) { 2040 Function *F = &*FI++; 2041 // Functions without names cannot be referenced outside this module. 2042 if (!F->hasName() && !F->isDeclaration() && !F->hasLocalLinkage()) 2043 F->setLinkage(GlobalValue::InternalLinkage); 2044 2045 if (deleteIfDead(*F)) { 2046 Changed = true; 2047 continue; 2048 } 2049 2050 Changed |= processGlobal(*F); 2051 2052 if (!F->hasLocalLinkage()) 2053 continue; 2054 if (isProfitableToMakeFastCC(F) && !F->isVarArg() && 2055 !F->hasAddressTaken()) { 2056 // If this function has a calling convention worth changing, is not a 2057 // varargs function, and is only called directly, promote it to use the 2058 // Fast calling convention. 2059 F->setCallingConv(CallingConv::Fast); 2060 ChangeCalleesToFastCall(F); 2061 ++NumFastCallFns; 2062 Changed = true; 2063 } 2064 2065 if (F->getAttributes().hasAttrSomewhere(Attribute::Nest) && 2066 !F->hasAddressTaken()) { 2067 // The function is not used by a trampoline intrinsic, so it is safe 2068 // to remove the 'nest' attribute. 2069 RemoveNestAttribute(F); 2070 ++NumNestRemoved; 2071 Changed = true; 2072 } 2073 } 2074 return Changed; 2075 } 2076 2077 bool GlobalOpt::OptimizeGlobalVars(Module &M) { 2078 bool Changed = false; 2079 2080 for (Module::global_iterator GVI = M.global_begin(), E = M.global_end(); 2081 GVI != E; ) { 2082 GlobalVariable *GV = &*GVI++; 2083 // Global variables without names cannot be referenced outside this module. 2084 if (!GV->hasName() && !GV->isDeclaration() && !GV->hasLocalLinkage()) 2085 GV->setLinkage(GlobalValue::InternalLinkage); 2086 // Simplify the initializer. 2087 if (GV->hasInitializer()) 2088 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(GV->getInitializer())) { 2089 auto &DL = M.getDataLayout(); 2090 Constant *New = ConstantFoldConstantExpression(CE, DL, TLI); 2091 if (New && New != CE) 2092 GV->setInitializer(New); 2093 } 2094 2095 if (deleteIfDead(*GV)) { 2096 Changed = true; 2097 continue; 2098 } 2099 2100 Changed |= processGlobal(*GV); 2101 } 2102 return Changed; 2103 } 2104 2105 static inline bool 2106 isSimpleEnoughValueToCommit(Constant *C, 2107 SmallPtrSetImpl<Constant *> &SimpleConstants, 2108 const DataLayout &DL); 2109 2110 /// Return true if the specified constant can be handled by the code generator. 2111 /// We don't want to generate something like: 2112 /// void *X = &X/42; 2113 /// because the code generator doesn't have a relocation that can handle that. 2114 /// 2115 /// This function should be called if C was not found (but just got inserted) 2116 /// in SimpleConstants to avoid having to rescan the same constants all the 2117 /// time. 2118 static bool 2119 isSimpleEnoughValueToCommitHelper(Constant *C, 2120 SmallPtrSetImpl<Constant *> &SimpleConstants, 2121 const DataLayout &DL) { 2122 // Simple global addresses are supported, do not allow dllimport or 2123 // thread-local globals. 2124 if (auto *GV = dyn_cast<GlobalValue>(C)) 2125 return !GV->hasDLLImportStorageClass() && !GV->isThreadLocal(); 2126 2127 // Simple integer, undef, constant aggregate zero, etc are all supported. 2128 if (C->getNumOperands() == 0 || isa<BlockAddress>(C)) 2129 return true; 2130 2131 // Aggregate values are safe if all their elements are. 2132 if (isa<ConstantArray>(C) || isa<ConstantStruct>(C) || 2133 isa<ConstantVector>(C)) { 2134 for (Value *Op : C->operands()) 2135 if (!isSimpleEnoughValueToCommit(cast<Constant>(Op), SimpleConstants, DL)) 2136 return false; 2137 return true; 2138 } 2139 2140 // We don't know exactly what relocations are allowed in constant expressions, 2141 // so we allow &global+constantoffset, which is safe and uniformly supported 2142 // across targets. 2143 ConstantExpr *CE = cast<ConstantExpr>(C); 2144 switch (CE->getOpcode()) { 2145 case Instruction::BitCast: 2146 // Bitcast is fine if the casted value is fine. 2147 return isSimpleEnoughValueToCommit(CE->getOperand(0), SimpleConstants, DL); 2148 2149 case Instruction::IntToPtr: 2150 case Instruction::PtrToInt: 2151 // int <=> ptr is fine if the int type is the same size as the 2152 // pointer type. 2153 if (DL.getTypeSizeInBits(CE->getType()) != 2154 DL.getTypeSizeInBits(CE->getOperand(0)->getType())) 2155 return false; 2156 return isSimpleEnoughValueToCommit(CE->getOperand(0), SimpleConstants, DL); 2157 2158 // GEP is fine if it is simple + constant offset. 2159 case Instruction::GetElementPtr: 2160 for (unsigned i = 1, e = CE->getNumOperands(); i != e; ++i) 2161 if (!isa<ConstantInt>(CE->getOperand(i))) 2162 return false; 2163 return isSimpleEnoughValueToCommit(CE->getOperand(0), SimpleConstants, DL); 2164 2165 case Instruction::Add: 2166 // We allow simple+cst. 2167 if (!isa<ConstantInt>(CE->getOperand(1))) 2168 return false; 2169 return isSimpleEnoughValueToCommit(CE->getOperand(0), SimpleConstants, DL); 2170 } 2171 return false; 2172 } 2173 2174 static inline bool 2175 isSimpleEnoughValueToCommit(Constant *C, 2176 SmallPtrSetImpl<Constant *> &SimpleConstants, 2177 const DataLayout &DL) { 2178 // If we already checked this constant, we win. 2179 if (!SimpleConstants.insert(C).second) 2180 return true; 2181 // Check the constant. 2182 return isSimpleEnoughValueToCommitHelper(C, SimpleConstants, DL); 2183 } 2184 2185 2186 /// Return true if this constant is simple enough for us to understand. In 2187 /// particular, if it is a cast to anything other than from one pointer type to 2188 /// another pointer type, we punt. We basically just support direct accesses to 2189 /// globals and GEP's of globals. This should be kept up to date with 2190 /// CommitValueTo. 2191 static bool isSimpleEnoughPointerToCommit(Constant *C) { 2192 // Conservatively, avoid aggregate types. This is because we don't 2193 // want to worry about them partially overlapping other stores. 2194 if (!cast<PointerType>(C->getType())->getElementType()->isSingleValueType()) 2195 return false; 2196 2197 if (GlobalVariable *GV = dyn_cast<GlobalVariable>(C)) 2198 // Do not allow weak/*_odr/linkonce linkage or external globals. 2199 return GV->hasUniqueInitializer(); 2200 2201 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(C)) { 2202 // Handle a constantexpr gep. 2203 if (CE->getOpcode() == Instruction::GetElementPtr && 2204 isa<GlobalVariable>(CE->getOperand(0)) && 2205 cast<GEPOperator>(CE)->isInBounds()) { 2206 GlobalVariable *GV = cast<GlobalVariable>(CE->getOperand(0)); 2207 // Do not allow weak/*_odr/linkonce/dllimport/dllexport linkage or 2208 // external globals. 2209 if (!GV->hasUniqueInitializer()) 2210 return false; 2211 2212 // The first index must be zero. 2213 ConstantInt *CI = dyn_cast<ConstantInt>(*std::next(CE->op_begin())); 2214 if (!CI || !CI->isZero()) return false; 2215 2216 // The remaining indices must be compile-time known integers within the 2217 // notional bounds of the corresponding static array types. 2218 if (!CE->isGEPWithNoNotionalOverIndexing()) 2219 return false; 2220 2221 return ConstantFoldLoadThroughGEPConstantExpr(GV->getInitializer(), CE); 2222 2223 // A constantexpr bitcast from a pointer to another pointer is a no-op, 2224 // and we know how to evaluate it by moving the bitcast from the pointer 2225 // operand to the value operand. 2226 } else if (CE->getOpcode() == Instruction::BitCast && 2227 isa<GlobalVariable>(CE->getOperand(0))) { 2228 // Do not allow weak/*_odr/linkonce/dllimport/dllexport linkage or 2229 // external globals. 2230 return cast<GlobalVariable>(CE->getOperand(0))->hasUniqueInitializer(); 2231 } 2232 } 2233 2234 return false; 2235 } 2236 2237 /// Evaluate a piece of a constantexpr store into a global initializer. This 2238 /// returns 'Init' modified to reflect 'Val' stored into it. At this point, the 2239 /// GEP operands of Addr [0, OpNo) have been stepped into. 2240 static Constant *EvaluateStoreInto(Constant *Init, Constant *Val, 2241 ConstantExpr *Addr, unsigned OpNo) { 2242 // Base case of the recursion. 2243 if (OpNo == Addr->getNumOperands()) { 2244 assert(Val->getType() == Init->getType() && "Type mismatch!"); 2245 return Val; 2246 } 2247 2248 SmallVector<Constant*, 32> Elts; 2249 if (StructType *STy = dyn_cast<StructType>(Init->getType())) { 2250 // Break up the constant into its elements. 2251 for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) 2252 Elts.push_back(Init->getAggregateElement(i)); 2253 2254 // Replace the element that we are supposed to. 2255 ConstantInt *CU = cast<ConstantInt>(Addr->getOperand(OpNo)); 2256 unsigned Idx = CU->getZExtValue(); 2257 assert(Idx < STy->getNumElements() && "Struct index out of range!"); 2258 Elts[Idx] = EvaluateStoreInto(Elts[Idx], Val, Addr, OpNo+1); 2259 2260 // Return the modified struct. 2261 return ConstantStruct::get(STy, Elts); 2262 } 2263 2264 ConstantInt *CI = cast<ConstantInt>(Addr->getOperand(OpNo)); 2265 SequentialType *InitTy = cast<SequentialType>(Init->getType()); 2266 2267 uint64_t NumElts; 2268 if (ArrayType *ATy = dyn_cast<ArrayType>(InitTy)) 2269 NumElts = ATy->getNumElements(); 2270 else 2271 NumElts = InitTy->getVectorNumElements(); 2272 2273 // Break up the array into elements. 2274 for (uint64_t i = 0, e = NumElts; i != e; ++i) 2275 Elts.push_back(Init->getAggregateElement(i)); 2276 2277 assert(CI->getZExtValue() < NumElts); 2278 Elts[CI->getZExtValue()] = 2279 EvaluateStoreInto(Elts[CI->getZExtValue()], Val, Addr, OpNo+1); 2280 2281 if (Init->getType()->isArrayTy()) 2282 return ConstantArray::get(cast<ArrayType>(InitTy), Elts); 2283 return ConstantVector::get(Elts); 2284 } 2285 2286 /// We have decided that Addr (which satisfies the predicate 2287 /// isSimpleEnoughPointerToCommit) should get Val as its value. Make it happen. 2288 static void CommitValueTo(Constant *Val, Constant *Addr) { 2289 if (GlobalVariable *GV = dyn_cast<GlobalVariable>(Addr)) { 2290 assert(GV->hasInitializer()); 2291 GV->setInitializer(Val); 2292 return; 2293 } 2294 2295 ConstantExpr *CE = cast<ConstantExpr>(Addr); 2296 GlobalVariable *GV = cast<GlobalVariable>(CE->getOperand(0)); 2297 GV->setInitializer(EvaluateStoreInto(GV->getInitializer(), Val, CE, 2)); 2298 } 2299 2300 namespace { 2301 2302 /// This class evaluates LLVM IR, producing the Constant representing each SSA 2303 /// instruction. Changes to global variables are stored in a mapping that can 2304 /// be iterated over after the evaluation is complete. Once an evaluation call 2305 /// fails, the evaluation object should not be reused. 2306 class Evaluator { 2307 public: 2308 Evaluator(const DataLayout &DL, const TargetLibraryInfo *TLI) 2309 : DL(DL), TLI(TLI) { 2310 ValueStack.emplace_back(); 2311 } 2312 2313 ~Evaluator() { 2314 for (auto &Tmp : AllocaTmps) 2315 // If there are still users of the alloca, the program is doing something 2316 // silly, e.g. storing the address of the alloca somewhere and using it 2317 // later. Since this is undefined, we'll just make it be null. 2318 if (!Tmp->use_empty()) 2319 Tmp->replaceAllUsesWith(Constant::getNullValue(Tmp->getType())); 2320 } 2321 2322 /// Evaluate a call to function F, returning true if successful, false if we 2323 /// can't evaluate it. ActualArgs contains the formal arguments for the 2324 /// function. 2325 bool EvaluateFunction(Function *F, Constant *&RetVal, 2326 const SmallVectorImpl<Constant*> &ActualArgs); 2327 2328 /// Evaluate all instructions in block BB, returning true if successful, false 2329 /// if we can't evaluate it. NewBB returns the next BB that control flows 2330 /// into, or null upon return. 2331 bool EvaluateBlock(BasicBlock::iterator CurInst, BasicBlock *&NextBB); 2332 2333 Constant *getVal(Value *V) { 2334 if (Constant *CV = dyn_cast<Constant>(V)) return CV; 2335 Constant *R = ValueStack.back().lookup(V); 2336 assert(R && "Reference to an uncomputed value!"); 2337 return R; 2338 } 2339 2340 void setVal(Value *V, Constant *C) { 2341 ValueStack.back()[V] = C; 2342 } 2343 2344 const DenseMap<Constant*, Constant*> &getMutatedMemory() const { 2345 return MutatedMemory; 2346 } 2347 2348 const SmallPtrSetImpl<GlobalVariable*> &getInvariants() const { 2349 return Invariants; 2350 } 2351 2352 private: 2353 Constant *ComputeLoadResult(Constant *P); 2354 2355 /// As we compute SSA register values, we store their contents here. The back 2356 /// of the deque contains the current function and the stack contains the 2357 /// values in the calling frames. 2358 std::deque<DenseMap<Value*, Constant*>> ValueStack; 2359 2360 /// This is used to detect recursion. In pathological situations we could hit 2361 /// exponential behavior, but at least there is nothing unbounded. 2362 SmallVector<Function*, 4> CallStack; 2363 2364 /// For each store we execute, we update this map. Loads check this to get 2365 /// the most up-to-date value. If evaluation is successful, this state is 2366 /// committed to the process. 2367 DenseMap<Constant*, Constant*> MutatedMemory; 2368 2369 /// To 'execute' an alloca, we create a temporary global variable to represent 2370 /// its body. This vector is needed so we can delete the temporary globals 2371 /// when we are done. 2372 SmallVector<std::unique_ptr<GlobalVariable>, 32> AllocaTmps; 2373 2374 /// These global variables have been marked invariant by the static 2375 /// constructor. 2376 SmallPtrSet<GlobalVariable*, 8> Invariants; 2377 2378 /// These are constants we have checked and know to be simple enough to live 2379 /// in a static initializer of a global. 2380 SmallPtrSet<Constant*, 8> SimpleConstants; 2381 2382 const DataLayout &DL; 2383 const TargetLibraryInfo *TLI; 2384 }; 2385 2386 } // anonymous namespace 2387 2388 /// Return the value that would be computed by a load from P after the stores 2389 /// reflected by 'memory' have been performed. If we can't decide, return null. 2390 Constant *Evaluator::ComputeLoadResult(Constant *P) { 2391 // If this memory location has been recently stored, use the stored value: it 2392 // is the most up-to-date. 2393 DenseMap<Constant*, Constant*>::const_iterator I = MutatedMemory.find(P); 2394 if (I != MutatedMemory.end()) return I->second; 2395 2396 // Access it. 2397 if (GlobalVariable *GV = dyn_cast<GlobalVariable>(P)) { 2398 if (GV->hasDefinitiveInitializer()) 2399 return GV->getInitializer(); 2400 return nullptr; 2401 } 2402 2403 // Handle a constantexpr getelementptr. 2404 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(P)) 2405 if (CE->getOpcode() == Instruction::GetElementPtr && 2406 isa<GlobalVariable>(CE->getOperand(0))) { 2407 GlobalVariable *GV = cast<GlobalVariable>(CE->getOperand(0)); 2408 if (GV->hasDefinitiveInitializer()) 2409 return ConstantFoldLoadThroughGEPConstantExpr(GV->getInitializer(), CE); 2410 } 2411 2412 return nullptr; // don't know how to evaluate. 2413 } 2414 2415 /// Evaluate all instructions in block BB, returning true if successful, false 2416 /// if we can't evaluate it. NewBB returns the next BB that control flows into, 2417 /// or null upon return. 2418 bool Evaluator::EvaluateBlock(BasicBlock::iterator CurInst, 2419 BasicBlock *&NextBB) { 2420 // This is the main evaluation loop. 2421 while (1) { 2422 Constant *InstResult = nullptr; 2423 2424 DEBUG(dbgs() << "Evaluating Instruction: " << *CurInst << "\n"); 2425 2426 if (StoreInst *SI = dyn_cast<StoreInst>(CurInst)) { 2427 if (!SI->isSimple()) { 2428 DEBUG(dbgs() << "Store is not simple! Can not evaluate.\n"); 2429 return false; // no volatile/atomic accesses. 2430 } 2431 Constant *Ptr = getVal(SI->getOperand(1)); 2432 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(Ptr)) { 2433 DEBUG(dbgs() << "Folding constant ptr expression: " << *Ptr); 2434 Ptr = ConstantFoldConstantExpression(CE, DL, TLI); 2435 DEBUG(dbgs() << "; To: " << *Ptr << "\n"); 2436 } 2437 if (!isSimpleEnoughPointerToCommit(Ptr)) { 2438 // If this is too complex for us to commit, reject it. 2439 DEBUG(dbgs() << "Pointer is too complex for us to evaluate store."); 2440 return false; 2441 } 2442 2443 Constant *Val = getVal(SI->getOperand(0)); 2444 2445 // If this might be too difficult for the backend to handle (e.g. the addr 2446 // of one global variable divided by another) then we can't commit it. 2447 if (!isSimpleEnoughValueToCommit(Val, SimpleConstants, DL)) { 2448 DEBUG(dbgs() << "Store value is too complex to evaluate store. " << *Val 2449 << "\n"); 2450 return false; 2451 } 2452 2453 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(Ptr)) { 2454 if (CE->getOpcode() == Instruction::BitCast) { 2455 DEBUG(dbgs() << "Attempting to resolve bitcast on constant ptr.\n"); 2456 // If we're evaluating a store through a bitcast, then we need 2457 // to pull the bitcast off the pointer type and push it onto the 2458 // stored value. 2459 Ptr = CE->getOperand(0); 2460 2461 Type *NewTy = cast<PointerType>(Ptr->getType())->getElementType(); 2462 2463 // In order to push the bitcast onto the stored value, a bitcast 2464 // from NewTy to Val's type must be legal. If it's not, we can try 2465 // introspecting NewTy to find a legal conversion. 2466 while (!Val->getType()->canLosslesslyBitCastTo(NewTy)) { 2467 // If NewTy is a struct, we can convert the pointer to the struct 2468 // into a pointer to its first member. 2469 // FIXME: This could be extended to support arrays as well. 2470 if (StructType *STy = dyn_cast<StructType>(NewTy)) { 2471 NewTy = STy->getTypeAtIndex(0U); 2472 2473 IntegerType *IdxTy = IntegerType::get(NewTy->getContext(), 32); 2474 Constant *IdxZero = ConstantInt::get(IdxTy, 0, false); 2475 Constant * const IdxList[] = {IdxZero, IdxZero}; 2476 2477 Ptr = ConstantExpr::getGetElementPtr(nullptr, Ptr, IdxList); 2478 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(Ptr)) 2479 Ptr = ConstantFoldConstantExpression(CE, DL, TLI); 2480 2481 // If we can't improve the situation by introspecting NewTy, 2482 // we have to give up. 2483 } else { 2484 DEBUG(dbgs() << "Failed to bitcast constant ptr, can not " 2485 "evaluate.\n"); 2486 return false; 2487 } 2488 } 2489 2490 // If we found compatible types, go ahead and push the bitcast 2491 // onto the stored value. 2492 Val = ConstantExpr::getBitCast(Val, NewTy); 2493 2494 DEBUG(dbgs() << "Evaluated bitcast: " << *Val << "\n"); 2495 } 2496 } 2497 2498 MutatedMemory[Ptr] = Val; 2499 } else if (BinaryOperator *BO = dyn_cast<BinaryOperator>(CurInst)) { 2500 InstResult = ConstantExpr::get(BO->getOpcode(), 2501 getVal(BO->getOperand(0)), 2502 getVal(BO->getOperand(1))); 2503 DEBUG(dbgs() << "Found a BinaryOperator! Simplifying: " << *InstResult 2504 << "\n"); 2505 } else if (CmpInst *CI = dyn_cast<CmpInst>(CurInst)) { 2506 InstResult = ConstantExpr::getCompare(CI->getPredicate(), 2507 getVal(CI->getOperand(0)), 2508 getVal(CI->getOperand(1))); 2509 DEBUG(dbgs() << "Found a CmpInst! Simplifying: " << *InstResult 2510 << "\n"); 2511 } else if (CastInst *CI = dyn_cast<CastInst>(CurInst)) { 2512 InstResult = ConstantExpr::getCast(CI->getOpcode(), 2513 getVal(CI->getOperand(0)), 2514 CI->getType()); 2515 DEBUG(dbgs() << "Found a Cast! Simplifying: " << *InstResult 2516 << "\n"); 2517 } else if (SelectInst *SI = dyn_cast<SelectInst>(CurInst)) { 2518 InstResult = ConstantExpr::getSelect(getVal(SI->getOperand(0)), 2519 getVal(SI->getOperand(1)), 2520 getVal(SI->getOperand(2))); 2521 DEBUG(dbgs() << "Found a Select! Simplifying: " << *InstResult 2522 << "\n"); 2523 } else if (auto *EVI = dyn_cast<ExtractValueInst>(CurInst)) { 2524 InstResult = ConstantExpr::getExtractValue( 2525 getVal(EVI->getAggregateOperand()), EVI->getIndices()); 2526 DEBUG(dbgs() << "Found an ExtractValueInst! Simplifying: " << *InstResult 2527 << "\n"); 2528 } else if (auto *IVI = dyn_cast<InsertValueInst>(CurInst)) { 2529 InstResult = ConstantExpr::getInsertValue( 2530 getVal(IVI->getAggregateOperand()), 2531 getVal(IVI->getInsertedValueOperand()), IVI->getIndices()); 2532 DEBUG(dbgs() << "Found an InsertValueInst! Simplifying: " << *InstResult 2533 << "\n"); 2534 } else if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(CurInst)) { 2535 Constant *P = getVal(GEP->getOperand(0)); 2536 SmallVector<Constant*, 8> GEPOps; 2537 for (User::op_iterator i = GEP->op_begin() + 1, e = GEP->op_end(); 2538 i != e; ++i) 2539 GEPOps.push_back(getVal(*i)); 2540 InstResult = 2541 ConstantExpr::getGetElementPtr(GEP->getSourceElementType(), P, GEPOps, 2542 cast<GEPOperator>(GEP)->isInBounds()); 2543 DEBUG(dbgs() << "Found a GEP! Simplifying: " << *InstResult 2544 << "\n"); 2545 } else if (LoadInst *LI = dyn_cast<LoadInst>(CurInst)) { 2546 2547 if (!LI->isSimple()) { 2548 DEBUG(dbgs() << "Found a Load! Not a simple load, can not evaluate.\n"); 2549 return false; // no volatile/atomic accesses. 2550 } 2551 2552 Constant *Ptr = getVal(LI->getOperand(0)); 2553 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(Ptr)) { 2554 Ptr = ConstantFoldConstantExpression(CE, DL, TLI); 2555 DEBUG(dbgs() << "Found a constant pointer expression, constant " 2556 "folding: " << *Ptr << "\n"); 2557 } 2558 InstResult = ComputeLoadResult(Ptr); 2559 if (!InstResult) { 2560 DEBUG(dbgs() << "Failed to compute load result. Can not evaluate load." 2561 "\n"); 2562 return false; // Could not evaluate load. 2563 } 2564 2565 DEBUG(dbgs() << "Evaluated load: " << *InstResult << "\n"); 2566 } else if (AllocaInst *AI = dyn_cast<AllocaInst>(CurInst)) { 2567 if (AI->isArrayAllocation()) { 2568 DEBUG(dbgs() << "Found an array alloca. Can not evaluate.\n"); 2569 return false; // Cannot handle array allocs. 2570 } 2571 Type *Ty = AI->getAllocatedType(); 2572 AllocaTmps.push_back( 2573 make_unique<GlobalVariable>(Ty, false, GlobalValue::InternalLinkage, 2574 UndefValue::get(Ty), AI->getName())); 2575 InstResult = AllocaTmps.back().get(); 2576 DEBUG(dbgs() << "Found an alloca. Result: " << *InstResult << "\n"); 2577 } else if (isa<CallInst>(CurInst) || isa<InvokeInst>(CurInst)) { 2578 CallSite CS(&*CurInst); 2579 2580 // Debug info can safely be ignored here. 2581 if (isa<DbgInfoIntrinsic>(CS.getInstruction())) { 2582 DEBUG(dbgs() << "Ignoring debug info.\n"); 2583 ++CurInst; 2584 continue; 2585 } 2586 2587 // Cannot handle inline asm. 2588 if (isa<InlineAsm>(CS.getCalledValue())) { 2589 DEBUG(dbgs() << "Found inline asm, can not evaluate.\n"); 2590 return false; 2591 } 2592 2593 if (IntrinsicInst *II = dyn_cast<IntrinsicInst>(CS.getInstruction())) { 2594 if (MemSetInst *MSI = dyn_cast<MemSetInst>(II)) { 2595 if (MSI->isVolatile()) { 2596 DEBUG(dbgs() << "Can not optimize a volatile memset " << 2597 "intrinsic.\n"); 2598 return false; 2599 } 2600 Constant *Ptr = getVal(MSI->getDest()); 2601 Constant *Val = getVal(MSI->getValue()); 2602 Constant *DestVal = ComputeLoadResult(getVal(Ptr)); 2603 if (Val->isNullValue() && DestVal && DestVal->isNullValue()) { 2604 // This memset is a no-op. 2605 DEBUG(dbgs() << "Ignoring no-op memset.\n"); 2606 ++CurInst; 2607 continue; 2608 } 2609 } 2610 2611 if (II->getIntrinsicID() == Intrinsic::lifetime_start || 2612 II->getIntrinsicID() == Intrinsic::lifetime_end) { 2613 DEBUG(dbgs() << "Ignoring lifetime intrinsic.\n"); 2614 ++CurInst; 2615 continue; 2616 } 2617 2618 if (II->getIntrinsicID() == Intrinsic::invariant_start) { 2619 // We don't insert an entry into Values, as it doesn't have a 2620 // meaningful return value. 2621 if (!II->use_empty()) { 2622 DEBUG(dbgs() << "Found unused invariant_start. Can't evaluate.\n"); 2623 return false; 2624 } 2625 ConstantInt *Size = cast<ConstantInt>(II->getArgOperand(0)); 2626 Value *PtrArg = getVal(II->getArgOperand(1)); 2627 Value *Ptr = PtrArg->stripPointerCasts(); 2628 if (GlobalVariable *GV = dyn_cast<GlobalVariable>(Ptr)) { 2629 Type *ElemTy = GV->getValueType(); 2630 if (!Size->isAllOnesValue() && 2631 Size->getValue().getLimitedValue() >= 2632 DL.getTypeStoreSize(ElemTy)) { 2633 Invariants.insert(GV); 2634 DEBUG(dbgs() << "Found a global var that is an invariant: " << *GV 2635 << "\n"); 2636 } else { 2637 DEBUG(dbgs() << "Found a global var, but can not treat it as an " 2638 "invariant.\n"); 2639 } 2640 } 2641 // Continue even if we do nothing. 2642 ++CurInst; 2643 continue; 2644 } else if (II->getIntrinsicID() == Intrinsic::assume) { 2645 DEBUG(dbgs() << "Skipping assume intrinsic.\n"); 2646 ++CurInst; 2647 continue; 2648 } 2649 2650 DEBUG(dbgs() << "Unknown intrinsic. Can not evaluate.\n"); 2651 return false; 2652 } 2653 2654 // Resolve function pointers. 2655 Function *Callee = dyn_cast<Function>(getVal(CS.getCalledValue())); 2656 if (!Callee || Callee->mayBeOverridden()) { 2657 DEBUG(dbgs() << "Can not resolve function pointer.\n"); 2658 return false; // Cannot resolve. 2659 } 2660 2661 SmallVector<Constant*, 8> Formals; 2662 for (User::op_iterator i = CS.arg_begin(), e = CS.arg_end(); i != e; ++i) 2663 Formals.push_back(getVal(*i)); 2664 2665 if (Callee->isDeclaration()) { 2666 // If this is a function we can constant fold, do it. 2667 if (Constant *C = ConstantFoldCall(Callee, Formals, TLI)) { 2668 InstResult = C; 2669 DEBUG(dbgs() << "Constant folded function call. Result: " << 2670 *InstResult << "\n"); 2671 } else { 2672 DEBUG(dbgs() << "Can not constant fold function call.\n"); 2673 return false; 2674 } 2675 } else { 2676 if (Callee->getFunctionType()->isVarArg()) { 2677 DEBUG(dbgs() << "Can not constant fold vararg function call.\n"); 2678 return false; 2679 } 2680 2681 Constant *RetVal = nullptr; 2682 // Execute the call, if successful, use the return value. 2683 ValueStack.emplace_back(); 2684 if (!EvaluateFunction(Callee, RetVal, Formals)) { 2685 DEBUG(dbgs() << "Failed to evaluate function.\n"); 2686 return false; 2687 } 2688 ValueStack.pop_back(); 2689 InstResult = RetVal; 2690 2691 if (InstResult) { 2692 DEBUG(dbgs() << "Successfully evaluated function. Result: " << 2693 InstResult << "\n\n"); 2694 } else { 2695 DEBUG(dbgs() << "Successfully evaluated function. Result: 0\n\n"); 2696 } 2697 } 2698 } else if (isa<TerminatorInst>(CurInst)) { 2699 DEBUG(dbgs() << "Found a terminator instruction.\n"); 2700 2701 if (BranchInst *BI = dyn_cast<BranchInst>(CurInst)) { 2702 if (BI->isUnconditional()) { 2703 NextBB = BI->getSuccessor(0); 2704 } else { 2705 ConstantInt *Cond = 2706 dyn_cast<ConstantInt>(getVal(BI->getCondition())); 2707 if (!Cond) return false; // Cannot determine. 2708 2709 NextBB = BI->getSuccessor(!Cond->getZExtValue()); 2710 } 2711 } else if (SwitchInst *SI = dyn_cast<SwitchInst>(CurInst)) { 2712 ConstantInt *Val = 2713 dyn_cast<ConstantInt>(getVal(SI->getCondition())); 2714 if (!Val) return false; // Cannot determine. 2715 NextBB = SI->findCaseValue(Val).getCaseSuccessor(); 2716 } else if (IndirectBrInst *IBI = dyn_cast<IndirectBrInst>(CurInst)) { 2717 Value *Val = getVal(IBI->getAddress())->stripPointerCasts(); 2718 if (BlockAddress *BA = dyn_cast<BlockAddress>(Val)) 2719 NextBB = BA->getBasicBlock(); 2720 else 2721 return false; // Cannot determine. 2722 } else if (isa<ReturnInst>(CurInst)) { 2723 NextBB = nullptr; 2724 } else { 2725 // invoke, unwind, resume, unreachable. 2726 DEBUG(dbgs() << "Can not handle terminator."); 2727 return false; // Cannot handle this terminator. 2728 } 2729 2730 // We succeeded at evaluating this block! 2731 DEBUG(dbgs() << "Successfully evaluated block.\n"); 2732 return true; 2733 } else { 2734 // Did not know how to evaluate this! 2735 DEBUG(dbgs() << "Failed to evaluate block due to unhandled instruction." 2736 "\n"); 2737 return false; 2738 } 2739 2740 if (!CurInst->use_empty()) { 2741 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(InstResult)) 2742 InstResult = ConstantFoldConstantExpression(CE, DL, TLI); 2743 2744 setVal(&*CurInst, InstResult); 2745 } 2746 2747 // If we just processed an invoke, we finished evaluating the block. 2748 if (InvokeInst *II = dyn_cast<InvokeInst>(CurInst)) { 2749 NextBB = II->getNormalDest(); 2750 DEBUG(dbgs() << "Found an invoke instruction. Finished Block.\n\n"); 2751 return true; 2752 } 2753 2754 // Advance program counter. 2755 ++CurInst; 2756 } 2757 } 2758 2759 /// Evaluate a call to function F, returning true if successful, false if we 2760 /// can't evaluate it. ActualArgs contains the formal arguments for the 2761 /// function. 2762 bool Evaluator::EvaluateFunction(Function *F, Constant *&RetVal, 2763 const SmallVectorImpl<Constant*> &ActualArgs) { 2764 // Check to see if this function is already executing (recursion). If so, 2765 // bail out. TODO: we might want to accept limited recursion. 2766 if (std::find(CallStack.begin(), CallStack.end(), F) != CallStack.end()) 2767 return false; 2768 2769 CallStack.push_back(F); 2770 2771 // Initialize arguments to the incoming values specified. 2772 unsigned ArgNo = 0; 2773 for (Function::arg_iterator AI = F->arg_begin(), E = F->arg_end(); AI != E; 2774 ++AI, ++ArgNo) 2775 setVal(&*AI, ActualArgs[ArgNo]); 2776 2777 // ExecutedBlocks - We only handle non-looping, non-recursive code. As such, 2778 // we can only evaluate any one basic block at most once. This set keeps 2779 // track of what we have executed so we can detect recursive cases etc. 2780 SmallPtrSet<BasicBlock*, 32> ExecutedBlocks; 2781 2782 // CurBB - The current basic block we're evaluating. 2783 BasicBlock *CurBB = &F->front(); 2784 2785 BasicBlock::iterator CurInst = CurBB->begin(); 2786 2787 while (1) { 2788 BasicBlock *NextBB = nullptr; // Initialized to avoid compiler warnings. 2789 DEBUG(dbgs() << "Trying to evaluate BB: " << *CurBB << "\n"); 2790 2791 if (!EvaluateBlock(CurInst, NextBB)) 2792 return false; 2793 2794 if (!NextBB) { 2795 // Successfully running until there's no next block means that we found 2796 // the return. Fill it the return value and pop the call stack. 2797 ReturnInst *RI = cast<ReturnInst>(CurBB->getTerminator()); 2798 if (RI->getNumOperands()) 2799 RetVal = getVal(RI->getOperand(0)); 2800 CallStack.pop_back(); 2801 return true; 2802 } 2803 2804 // Okay, we succeeded in evaluating this control flow. See if we have 2805 // executed the new block before. If so, we have a looping function, 2806 // which we cannot evaluate in reasonable time. 2807 if (!ExecutedBlocks.insert(NextBB).second) 2808 return false; // looped! 2809 2810 // Okay, we have never been in this block before. Check to see if there 2811 // are any PHI nodes. If so, evaluate them with information about where 2812 // we came from. 2813 PHINode *PN = nullptr; 2814 for (CurInst = NextBB->begin(); 2815 (PN = dyn_cast<PHINode>(CurInst)); ++CurInst) 2816 setVal(PN, getVal(PN->getIncomingValueForBlock(CurBB))); 2817 2818 // Advance to the next block. 2819 CurBB = NextBB; 2820 } 2821 } 2822 2823 /// Evaluate static constructors in the function, if we can. Return true if we 2824 /// can, false otherwise. 2825 static bool EvaluateStaticConstructor(Function *F, const DataLayout &DL, 2826 const TargetLibraryInfo *TLI) { 2827 // Call the function. 2828 Evaluator Eval(DL, TLI); 2829 Constant *RetValDummy; 2830 bool EvalSuccess = Eval.EvaluateFunction(F, RetValDummy, 2831 SmallVector<Constant*, 0>()); 2832 2833 if (EvalSuccess) { 2834 ++NumCtorsEvaluated; 2835 2836 // We succeeded at evaluation: commit the result. 2837 DEBUG(dbgs() << "FULLY EVALUATED GLOBAL CTOR FUNCTION '" 2838 << F->getName() << "' to " << Eval.getMutatedMemory().size() 2839 << " stores.\n"); 2840 for (DenseMap<Constant*, Constant*>::const_iterator I = 2841 Eval.getMutatedMemory().begin(), E = Eval.getMutatedMemory().end(); 2842 I != E; ++I) 2843 CommitValueTo(I->second, I->first); 2844 for (GlobalVariable *GV : Eval.getInvariants()) 2845 GV->setConstant(true); 2846 } 2847 2848 return EvalSuccess; 2849 } 2850 2851 static int compareNames(Constant *const *A, Constant *const *B) { 2852 return (*A)->stripPointerCasts()->getName().compare( 2853 (*B)->stripPointerCasts()->getName()); 2854 } 2855 2856 static void setUsedInitializer(GlobalVariable &V, 2857 const SmallPtrSet<GlobalValue *, 8> &Init) { 2858 if (Init.empty()) { 2859 V.eraseFromParent(); 2860 return; 2861 } 2862 2863 // Type of pointer to the array of pointers. 2864 PointerType *Int8PtrTy = Type::getInt8PtrTy(V.getContext(), 0); 2865 2866 SmallVector<llvm::Constant *, 8> UsedArray; 2867 for (GlobalValue *GV : Init) { 2868 Constant *Cast 2869 = ConstantExpr::getPointerBitCastOrAddrSpaceCast(GV, Int8PtrTy); 2870 UsedArray.push_back(Cast); 2871 } 2872 // Sort to get deterministic order. 2873 array_pod_sort(UsedArray.begin(), UsedArray.end(), compareNames); 2874 ArrayType *ATy = ArrayType::get(Int8PtrTy, UsedArray.size()); 2875 2876 Module *M = V.getParent(); 2877 V.removeFromParent(); 2878 GlobalVariable *NV = 2879 new GlobalVariable(*M, ATy, false, llvm::GlobalValue::AppendingLinkage, 2880 llvm::ConstantArray::get(ATy, UsedArray), ""); 2881 NV->takeName(&V); 2882 NV->setSection("llvm.metadata"); 2883 delete &V; 2884 } 2885 2886 namespace { 2887 /// An easy to access representation of llvm.used and llvm.compiler.used. 2888 class LLVMUsed { 2889 SmallPtrSet<GlobalValue *, 8> Used; 2890 SmallPtrSet<GlobalValue *, 8> CompilerUsed; 2891 GlobalVariable *UsedV; 2892 GlobalVariable *CompilerUsedV; 2893 2894 public: 2895 LLVMUsed(Module &M) { 2896 UsedV = collectUsedGlobalVariables(M, Used, false); 2897 CompilerUsedV = collectUsedGlobalVariables(M, CompilerUsed, true); 2898 } 2899 typedef SmallPtrSet<GlobalValue *, 8>::iterator iterator; 2900 typedef iterator_range<iterator> used_iterator_range; 2901 iterator usedBegin() { return Used.begin(); } 2902 iterator usedEnd() { return Used.end(); } 2903 used_iterator_range used() { 2904 return used_iterator_range(usedBegin(), usedEnd()); 2905 } 2906 iterator compilerUsedBegin() { return CompilerUsed.begin(); } 2907 iterator compilerUsedEnd() { return CompilerUsed.end(); } 2908 used_iterator_range compilerUsed() { 2909 return used_iterator_range(compilerUsedBegin(), compilerUsedEnd()); 2910 } 2911 bool usedCount(GlobalValue *GV) const { return Used.count(GV); } 2912 bool compilerUsedCount(GlobalValue *GV) const { 2913 return CompilerUsed.count(GV); 2914 } 2915 bool usedErase(GlobalValue *GV) { return Used.erase(GV); } 2916 bool compilerUsedErase(GlobalValue *GV) { return CompilerUsed.erase(GV); } 2917 bool usedInsert(GlobalValue *GV) { return Used.insert(GV).second; } 2918 bool compilerUsedInsert(GlobalValue *GV) { 2919 return CompilerUsed.insert(GV).second; 2920 } 2921 2922 void syncVariablesAndSets() { 2923 if (UsedV) 2924 setUsedInitializer(*UsedV, Used); 2925 if (CompilerUsedV) 2926 setUsedInitializer(*CompilerUsedV, CompilerUsed); 2927 } 2928 }; 2929 } 2930 2931 static bool hasUseOtherThanLLVMUsed(GlobalAlias &GA, const LLVMUsed &U) { 2932 if (GA.use_empty()) // No use at all. 2933 return false; 2934 2935 assert((!U.usedCount(&GA) || !U.compilerUsedCount(&GA)) && 2936 "We should have removed the duplicated " 2937 "element from llvm.compiler.used"); 2938 if (!GA.hasOneUse()) 2939 // Strictly more than one use. So at least one is not in llvm.used and 2940 // llvm.compiler.used. 2941 return true; 2942 2943 // Exactly one use. Check if it is in llvm.used or llvm.compiler.used. 2944 return !U.usedCount(&GA) && !U.compilerUsedCount(&GA); 2945 } 2946 2947 static bool hasMoreThanOneUseOtherThanLLVMUsed(GlobalValue &V, 2948 const LLVMUsed &U) { 2949 unsigned N = 2; 2950 assert((!U.usedCount(&V) || !U.compilerUsedCount(&V)) && 2951 "We should have removed the duplicated " 2952 "element from llvm.compiler.used"); 2953 if (U.usedCount(&V) || U.compilerUsedCount(&V)) 2954 ++N; 2955 return V.hasNUsesOrMore(N); 2956 } 2957 2958 static bool mayHaveOtherReferences(GlobalAlias &GA, const LLVMUsed &U) { 2959 if (!GA.hasLocalLinkage()) 2960 return true; 2961 2962 return U.usedCount(&GA) || U.compilerUsedCount(&GA); 2963 } 2964 2965 static bool hasUsesToReplace(GlobalAlias &GA, const LLVMUsed &U, 2966 bool &RenameTarget) { 2967 RenameTarget = false; 2968 bool Ret = false; 2969 if (hasUseOtherThanLLVMUsed(GA, U)) 2970 Ret = true; 2971 2972 // If the alias is externally visible, we may still be able to simplify it. 2973 if (!mayHaveOtherReferences(GA, U)) 2974 return Ret; 2975 2976 // If the aliasee has internal linkage, give it the name and linkage 2977 // of the alias, and delete the alias. This turns: 2978 // define internal ... @f(...) 2979 // @a = alias ... @f 2980 // into: 2981 // define ... @a(...) 2982 Constant *Aliasee = GA.getAliasee(); 2983 GlobalValue *Target = cast<GlobalValue>(Aliasee->stripPointerCasts()); 2984 if (!Target->hasLocalLinkage()) 2985 return Ret; 2986 2987 // Do not perform the transform if multiple aliases potentially target the 2988 // aliasee. This check also ensures that it is safe to replace the section 2989 // and other attributes of the aliasee with those of the alias. 2990 if (hasMoreThanOneUseOtherThanLLVMUsed(*Target, U)) 2991 return Ret; 2992 2993 RenameTarget = true; 2994 return true; 2995 } 2996 2997 bool GlobalOpt::OptimizeGlobalAliases(Module &M) { 2998 bool Changed = false; 2999 LLVMUsed Used(M); 3000 3001 for (GlobalValue *GV : Used.used()) 3002 Used.compilerUsedErase(GV); 3003 3004 for (Module::alias_iterator I = M.alias_begin(), E = M.alias_end(); 3005 I != E;) { 3006 GlobalAlias *J = &*I++; 3007 3008 // Aliases without names cannot be referenced outside this module. 3009 if (!J->hasName() && !J->isDeclaration() && !J->hasLocalLinkage()) 3010 J->setLinkage(GlobalValue::InternalLinkage); 3011 3012 if (deleteIfDead(*J)) { 3013 Changed = true; 3014 continue; 3015 } 3016 3017 // If the aliasee may change at link time, nothing can be done - bail out. 3018 if (J->mayBeOverridden()) 3019 continue; 3020 3021 Constant *Aliasee = J->getAliasee(); 3022 GlobalValue *Target = dyn_cast<GlobalValue>(Aliasee->stripPointerCasts()); 3023 // We can't trivially replace the alias with the aliasee if the aliasee is 3024 // non-trivial in some way. 3025 // TODO: Try to handle non-zero GEPs of local aliasees. 3026 if (!Target) 3027 continue; 3028 Target->removeDeadConstantUsers(); 3029 3030 // Make all users of the alias use the aliasee instead. 3031 bool RenameTarget; 3032 if (!hasUsesToReplace(*J, Used, RenameTarget)) 3033 continue; 3034 3035 J->replaceAllUsesWith(ConstantExpr::getBitCast(Aliasee, J->getType())); 3036 ++NumAliasesResolved; 3037 Changed = true; 3038 3039 if (RenameTarget) { 3040 // Give the aliasee the name, linkage and other attributes of the alias. 3041 Target->takeName(&*J); 3042 Target->setLinkage(J->getLinkage()); 3043 Target->setVisibility(J->getVisibility()); 3044 Target->setDLLStorageClass(J->getDLLStorageClass()); 3045 3046 if (Used.usedErase(&*J)) 3047 Used.usedInsert(Target); 3048 3049 if (Used.compilerUsedErase(&*J)) 3050 Used.compilerUsedInsert(Target); 3051 } else if (mayHaveOtherReferences(*J, Used)) 3052 continue; 3053 3054 // Delete the alias. 3055 M.getAliasList().erase(J); 3056 ++NumAliasesRemoved; 3057 Changed = true; 3058 } 3059 3060 Used.syncVariablesAndSets(); 3061 3062 return Changed; 3063 } 3064 3065 static Function *FindCXAAtExit(Module &M, TargetLibraryInfo *TLI) { 3066 if (!TLI->has(LibFunc::cxa_atexit)) 3067 return nullptr; 3068 3069 Function *Fn = M.getFunction(TLI->getName(LibFunc::cxa_atexit)); 3070 3071 if (!Fn) 3072 return nullptr; 3073 3074 FunctionType *FTy = Fn->getFunctionType(); 3075 3076 // Checking that the function has the right return type, the right number of 3077 // parameters and that they all have pointer types should be enough. 3078 if (!FTy->getReturnType()->isIntegerTy() || 3079 FTy->getNumParams() != 3 || 3080 !FTy->getParamType(0)->isPointerTy() || 3081 !FTy->getParamType(1)->isPointerTy() || 3082 !FTy->getParamType(2)->isPointerTy()) 3083 return nullptr; 3084 3085 return Fn; 3086 } 3087 3088 /// Returns whether the given function is an empty C++ destructor and can 3089 /// therefore be eliminated. 3090 /// Note that we assume that other optimization passes have already simplified 3091 /// the code so we only look for a function with a single basic block, where 3092 /// the only allowed instructions are 'ret', 'call' to an empty C++ dtor and 3093 /// other side-effect free instructions. 3094 static bool cxxDtorIsEmpty(const Function &Fn, 3095 SmallPtrSet<const Function *, 8> &CalledFunctions) { 3096 // FIXME: We could eliminate C++ destructors if they're readonly/readnone and 3097 // nounwind, but that doesn't seem worth doing. 3098 if (Fn.isDeclaration()) 3099 return false; 3100 3101 if (++Fn.begin() != Fn.end()) 3102 return false; 3103 3104 const BasicBlock &EntryBlock = Fn.getEntryBlock(); 3105 for (BasicBlock::const_iterator I = EntryBlock.begin(), E = EntryBlock.end(); 3106 I != E; ++I) { 3107 if (const CallInst *CI = dyn_cast<CallInst>(I)) { 3108 // Ignore debug intrinsics. 3109 if (isa<DbgInfoIntrinsic>(CI)) 3110 continue; 3111 3112 const Function *CalledFn = CI->getCalledFunction(); 3113 3114 if (!CalledFn) 3115 return false; 3116 3117 SmallPtrSet<const Function *, 8> NewCalledFunctions(CalledFunctions); 3118 3119 // Don't treat recursive functions as empty. 3120 if (!NewCalledFunctions.insert(CalledFn).second) 3121 return false; 3122 3123 if (!cxxDtorIsEmpty(*CalledFn, NewCalledFunctions)) 3124 return false; 3125 } else if (isa<ReturnInst>(*I)) 3126 return true; // We're done. 3127 else if (I->mayHaveSideEffects()) 3128 return false; // Destructor with side effects, bail. 3129 } 3130 3131 return false; 3132 } 3133 3134 bool GlobalOpt::OptimizeEmptyGlobalCXXDtors(Function *CXAAtExitFn) { 3135 /// Itanium C++ ABI p3.3.5: 3136 /// 3137 /// After constructing a global (or local static) object, that will require 3138 /// destruction on exit, a termination function is registered as follows: 3139 /// 3140 /// extern "C" int __cxa_atexit ( void (*f)(void *), void *p, void *d ); 3141 /// 3142 /// This registration, e.g. __cxa_atexit(f,p,d), is intended to cause the 3143 /// call f(p) when DSO d is unloaded, before all such termination calls 3144 /// registered before this one. It returns zero if registration is 3145 /// successful, nonzero on failure. 3146 3147 // This pass will look for calls to __cxa_atexit where the function is trivial 3148 // and remove them. 3149 bool Changed = false; 3150 3151 for (auto I = CXAAtExitFn->user_begin(), E = CXAAtExitFn->user_end(); 3152 I != E;) { 3153 // We're only interested in calls. Theoretically, we could handle invoke 3154 // instructions as well, but neither llvm-gcc nor clang generate invokes 3155 // to __cxa_atexit. 3156 CallInst *CI = dyn_cast<CallInst>(*I++); 3157 if (!CI) 3158 continue; 3159 3160 Function *DtorFn = 3161 dyn_cast<Function>(CI->getArgOperand(0)->stripPointerCasts()); 3162 if (!DtorFn) 3163 continue; 3164 3165 SmallPtrSet<const Function *, 8> CalledFunctions; 3166 if (!cxxDtorIsEmpty(*DtorFn, CalledFunctions)) 3167 continue; 3168 3169 // Just remove the call. 3170 CI->replaceAllUsesWith(Constant::getNullValue(CI->getType())); 3171 CI->eraseFromParent(); 3172 3173 ++NumCXXDtorsRemoved; 3174 3175 Changed |= true; 3176 } 3177 3178 return Changed; 3179 } 3180 3181 bool GlobalOpt::runOnModule(Module &M) { 3182 bool Changed = false; 3183 3184 auto &DL = M.getDataLayout(); 3185 TLI = &getAnalysis<TargetLibraryInfoWrapperPass>().getTLI(); 3186 3187 bool LocalChange = true; 3188 while (LocalChange) { 3189 LocalChange = false; 3190 3191 NotDiscardableComdats.clear(); 3192 for (const GlobalVariable &GV : M.globals()) 3193 if (const Comdat *C = GV.getComdat()) 3194 if (!GV.isDiscardableIfUnused() || !GV.use_empty()) 3195 NotDiscardableComdats.insert(C); 3196 for (Function &F : M) 3197 if (const Comdat *C = F.getComdat()) 3198 if (!F.isDefTriviallyDead()) 3199 NotDiscardableComdats.insert(C); 3200 for (GlobalAlias &GA : M.aliases()) 3201 if (const Comdat *C = GA.getComdat()) 3202 if (!GA.isDiscardableIfUnused() || !GA.use_empty()) 3203 NotDiscardableComdats.insert(C); 3204 3205 // Delete functions that are trivially dead, ccc -> fastcc 3206 LocalChange |= OptimizeFunctions(M); 3207 3208 // Optimize global_ctors list. 3209 LocalChange |= optimizeGlobalCtorsList(M, [&](Function *F) { 3210 return EvaluateStaticConstructor(F, DL, TLI); 3211 }); 3212 3213 // Optimize non-address-taken globals. 3214 LocalChange |= OptimizeGlobalVars(M); 3215 3216 // Resolve aliases, when possible. 3217 LocalChange |= OptimizeGlobalAliases(M); 3218 3219 // Try to remove trivial global destructors if they are not removed 3220 // already. 3221 Function *CXAAtExitFn = FindCXAAtExit(M, TLI); 3222 if (CXAAtExitFn) 3223 LocalChange |= OptimizeEmptyGlobalCXXDtors(CXAAtExitFn); 3224 3225 Changed |= LocalChange; 3226 } 3227 3228 // TODO: Move all global ctors functions to the end of the module for code 3229 // layout. 3230 3231 return Changed; 3232 } 3233 3234