1 //===- MemCpyOptimizer.cpp - Optimize use of memcpy and friends -----------===// 2 // 3 // The LLVM Compiler Infrastructure 4 // 5 // This file is distributed under the University of Illinois Open Source 6 // License. See LICENSE.TXT for details. 7 // 8 //===----------------------------------------------------------------------===// 9 // 10 // This pass performs various transformations related to eliminating memcpy 11 // calls, or transforming sets of stores into memset's. 12 // 13 //===----------------------------------------------------------------------===// 14 15 #include "llvm/Transforms/Scalar/MemCpyOptimizer.h" 16 #include "llvm/ADT/DenseSet.h" 17 #include "llvm/ADT/None.h" 18 #include "llvm/ADT/STLExtras.h" 19 #include "llvm/ADT/SmallVector.h" 20 #include "llvm/ADT/Statistic.h" 21 #include "llvm/ADT/iterator_range.h" 22 #include "llvm/Analysis/AliasAnalysis.h" 23 #include "llvm/Analysis/AssumptionCache.h" 24 #include "llvm/Analysis/GlobalsModRef.h" 25 #include "llvm/Analysis/MemoryDependenceAnalysis.h" 26 #include "llvm/Analysis/MemoryLocation.h" 27 #include "llvm/Analysis/TargetLibraryInfo.h" 28 #include "llvm/Transforms/Utils/Local.h" 29 #include "llvm/Analysis/ValueTracking.h" 30 #include "llvm/IR/Argument.h" 31 #include "llvm/IR/BasicBlock.h" 32 #include "llvm/IR/CallSite.h" 33 #include "llvm/IR/Constants.h" 34 #include "llvm/IR/DataLayout.h" 35 #include "llvm/IR/DerivedTypes.h" 36 #include "llvm/IR/Dominators.h" 37 #include "llvm/IR/Function.h" 38 #include "llvm/IR/GetElementPtrTypeIterator.h" 39 #include "llvm/IR/GlobalVariable.h" 40 #include "llvm/IR/IRBuilder.h" 41 #include "llvm/IR/InstrTypes.h" 42 #include "llvm/IR/Instruction.h" 43 #include "llvm/IR/Instructions.h" 44 #include "llvm/IR/IntrinsicInst.h" 45 #include "llvm/IR/Intrinsics.h" 46 #include "llvm/IR/LLVMContext.h" 47 #include "llvm/IR/Module.h" 48 #include "llvm/IR/Operator.h" 49 #include "llvm/IR/PassManager.h" 50 #include "llvm/IR/Type.h" 51 #include "llvm/IR/User.h" 52 #include "llvm/IR/Value.h" 53 #include "llvm/Pass.h" 54 #include "llvm/Support/Casting.h" 55 #include "llvm/Support/Debug.h" 56 #include "llvm/Support/MathExtras.h" 57 #include "llvm/Support/raw_ostream.h" 58 #include "llvm/Transforms/Scalar.h" 59 #include <algorithm> 60 #include <cassert> 61 #include <cstdint> 62 #include <utility> 63 64 using namespace llvm; 65 66 #define DEBUG_TYPE "memcpyopt" 67 68 STATISTIC(NumMemCpyInstr, "Number of memcpy instructions deleted"); 69 STATISTIC(NumMemSetInfer, "Number of memsets inferred"); 70 STATISTIC(NumMoveToCpy, "Number of memmoves converted to memcpy"); 71 STATISTIC(NumCpyToSet, "Number of memcpys converted to memset"); 72 73 static int64_t GetOffsetFromIndex(const GEPOperator *GEP, unsigned Idx, 74 bool &VariableIdxFound, 75 const DataLayout &DL) { 76 // Skip over the first indices. 77 gep_type_iterator GTI = gep_type_begin(GEP); 78 for (unsigned i = 1; i != Idx; ++i, ++GTI) 79 /*skip along*/; 80 81 // Compute the offset implied by the rest of the indices. 82 int64_t Offset = 0; 83 for (unsigned i = Idx, e = GEP->getNumOperands(); i != e; ++i, ++GTI) { 84 ConstantInt *OpC = dyn_cast<ConstantInt>(GEP->getOperand(i)); 85 if (!OpC) 86 return VariableIdxFound = true; 87 if (OpC->isZero()) continue; // No offset. 88 89 // Handle struct indices, which add their field offset to the pointer. 90 if (StructType *STy = GTI.getStructTypeOrNull()) { 91 Offset += DL.getStructLayout(STy)->getElementOffset(OpC->getZExtValue()); 92 continue; 93 } 94 95 // Otherwise, we have a sequential type like an array or vector. Multiply 96 // the index by the ElementSize. 97 uint64_t Size = DL.getTypeAllocSize(GTI.getIndexedType()); 98 Offset += Size*OpC->getSExtValue(); 99 } 100 101 return Offset; 102 } 103 104 /// Return true if Ptr1 is provably equal to Ptr2 plus a constant offset, and 105 /// return that constant offset. For example, Ptr1 might be &A[42], and Ptr2 106 /// might be &A[40]. In this case offset would be -8. 107 static bool IsPointerOffset(Value *Ptr1, Value *Ptr2, int64_t &Offset, 108 const DataLayout &DL) { 109 Ptr1 = Ptr1->stripPointerCasts(); 110 Ptr2 = Ptr2->stripPointerCasts(); 111 112 // Handle the trivial case first. 113 if (Ptr1 == Ptr2) { 114 Offset = 0; 115 return true; 116 } 117 118 GEPOperator *GEP1 = dyn_cast<GEPOperator>(Ptr1); 119 GEPOperator *GEP2 = dyn_cast<GEPOperator>(Ptr2); 120 121 bool VariableIdxFound = false; 122 123 // If one pointer is a GEP and the other isn't, then see if the GEP is a 124 // constant offset from the base, as in "P" and "gep P, 1". 125 if (GEP1 && !GEP2 && GEP1->getOperand(0)->stripPointerCasts() == Ptr2) { 126 Offset = -GetOffsetFromIndex(GEP1, 1, VariableIdxFound, DL); 127 return !VariableIdxFound; 128 } 129 130 if (GEP2 && !GEP1 && GEP2->getOperand(0)->stripPointerCasts() == Ptr1) { 131 Offset = GetOffsetFromIndex(GEP2, 1, VariableIdxFound, DL); 132 return !VariableIdxFound; 133 } 134 135 // Right now we handle the case when Ptr1/Ptr2 are both GEPs with an identical 136 // base. After that base, they may have some number of common (and 137 // potentially variable) indices. After that they handle some constant 138 // offset, which determines their offset from each other. At this point, we 139 // handle no other case. 140 if (!GEP1 || !GEP2 || GEP1->getOperand(0) != GEP2->getOperand(0)) 141 return false; 142 143 // Skip any common indices and track the GEP types. 144 unsigned Idx = 1; 145 for (; Idx != GEP1->getNumOperands() && Idx != GEP2->getNumOperands(); ++Idx) 146 if (GEP1->getOperand(Idx) != GEP2->getOperand(Idx)) 147 break; 148 149 int64_t Offset1 = GetOffsetFromIndex(GEP1, Idx, VariableIdxFound, DL); 150 int64_t Offset2 = GetOffsetFromIndex(GEP2, Idx, VariableIdxFound, DL); 151 if (VariableIdxFound) return false; 152 153 Offset = Offset2-Offset1; 154 return true; 155 } 156 157 namespace { 158 159 /// Represents a range of memset'd bytes with the ByteVal value. 160 /// This allows us to analyze stores like: 161 /// store 0 -> P+1 162 /// store 0 -> P+0 163 /// store 0 -> P+3 164 /// store 0 -> P+2 165 /// which sometimes happens with stores to arrays of structs etc. When we see 166 /// the first store, we make a range [1, 2). The second store extends the range 167 /// to [0, 2). The third makes a new range [2, 3). The fourth store joins the 168 /// two ranges into [0, 3) which is memset'able. 169 struct MemsetRange { 170 // Start/End - A semi range that describes the span that this range covers. 171 // The range is closed at the start and open at the end: [Start, End). 172 int64_t Start, End; 173 174 /// StartPtr - The getelementptr instruction that points to the start of the 175 /// range. 176 Value *StartPtr; 177 178 /// Alignment - The known alignment of the first store. 179 unsigned Alignment; 180 181 /// TheStores - The actual stores that make up this range. 182 SmallVector<Instruction*, 16> TheStores; 183 184 bool isProfitableToUseMemset(const DataLayout &DL) const; 185 }; 186 187 } // end anonymous namespace 188 189 bool MemsetRange::isProfitableToUseMemset(const DataLayout &DL) const { 190 // If we found more than 4 stores to merge or 16 bytes, use memset. 191 if (TheStores.size() >= 4 || End-Start >= 16) return true; 192 193 // If there is nothing to merge, don't do anything. 194 if (TheStores.size() < 2) return false; 195 196 // If any of the stores are a memset, then it is always good to extend the 197 // memset. 198 for (Instruction *SI : TheStores) 199 if (!isa<StoreInst>(SI)) 200 return true; 201 202 // Assume that the code generator is capable of merging pairs of stores 203 // together if it wants to. 204 if (TheStores.size() == 2) return false; 205 206 // If we have fewer than 8 stores, it can still be worthwhile to do this. 207 // For example, merging 4 i8 stores into an i32 store is useful almost always. 208 // However, merging 2 32-bit stores isn't useful on a 32-bit architecture (the 209 // memset will be split into 2 32-bit stores anyway) and doing so can 210 // pessimize the llvm optimizer. 211 // 212 // Since we don't have perfect knowledge here, make some assumptions: assume 213 // the maximum GPR width is the same size as the largest legal integer 214 // size. If so, check to see whether we will end up actually reducing the 215 // number of stores used. 216 unsigned Bytes = unsigned(End-Start); 217 unsigned MaxIntSize = DL.getLargestLegalIntTypeSizeInBits() / 8; 218 if (MaxIntSize == 0) 219 MaxIntSize = 1; 220 unsigned NumPointerStores = Bytes / MaxIntSize; 221 222 // Assume the remaining bytes if any are done a byte at a time. 223 unsigned NumByteStores = Bytes % MaxIntSize; 224 225 // If we will reduce the # stores (according to this heuristic), do the 226 // transformation. This encourages merging 4 x i8 -> i32 and 2 x i16 -> i32 227 // etc. 228 return TheStores.size() > NumPointerStores+NumByteStores; 229 } 230 231 namespace { 232 233 class MemsetRanges { 234 using range_iterator = SmallVectorImpl<MemsetRange>::iterator; 235 236 /// A sorted list of the memset ranges. 237 SmallVector<MemsetRange, 8> Ranges; 238 239 const DataLayout &DL; 240 241 public: 242 MemsetRanges(const DataLayout &DL) : DL(DL) {} 243 244 using const_iterator = SmallVectorImpl<MemsetRange>::const_iterator; 245 246 const_iterator begin() const { return Ranges.begin(); } 247 const_iterator end() const { return Ranges.end(); } 248 bool empty() const { return Ranges.empty(); } 249 250 void addInst(int64_t OffsetFromFirst, Instruction *Inst) { 251 if (StoreInst *SI = dyn_cast<StoreInst>(Inst)) 252 addStore(OffsetFromFirst, SI); 253 else 254 addMemSet(OffsetFromFirst, cast<MemSetInst>(Inst)); 255 } 256 257 void addStore(int64_t OffsetFromFirst, StoreInst *SI) { 258 int64_t StoreSize = DL.getTypeStoreSize(SI->getOperand(0)->getType()); 259 260 addRange(OffsetFromFirst, StoreSize, 261 SI->getPointerOperand(), SI->getAlignment(), SI); 262 } 263 264 void addMemSet(int64_t OffsetFromFirst, MemSetInst *MSI) { 265 int64_t Size = cast<ConstantInt>(MSI->getLength())->getZExtValue(); 266 addRange(OffsetFromFirst, Size, MSI->getDest(), MSI->getDestAlignment(), MSI); 267 } 268 269 void addRange(int64_t Start, int64_t Size, Value *Ptr, 270 unsigned Alignment, Instruction *Inst); 271 }; 272 273 } // end anonymous namespace 274 275 /// Add a new store to the MemsetRanges data structure. This adds a 276 /// new range for the specified store at the specified offset, merging into 277 /// existing ranges as appropriate. 278 void MemsetRanges::addRange(int64_t Start, int64_t Size, Value *Ptr, 279 unsigned Alignment, Instruction *Inst) { 280 int64_t End = Start+Size; 281 282 range_iterator I = std::lower_bound(Ranges.begin(), Ranges.end(), Start, 283 [](const MemsetRange &LHS, int64_t RHS) { return LHS.End < RHS; }); 284 285 // We now know that I == E, in which case we didn't find anything to merge 286 // with, or that Start <= I->End. If End < I->Start or I == E, then we need 287 // to insert a new range. Handle this now. 288 if (I == Ranges.end() || End < I->Start) { 289 MemsetRange &R = *Ranges.insert(I, MemsetRange()); 290 R.Start = Start; 291 R.End = End; 292 R.StartPtr = Ptr; 293 R.Alignment = Alignment; 294 R.TheStores.push_back(Inst); 295 return; 296 } 297 298 // This store overlaps with I, add it. 299 I->TheStores.push_back(Inst); 300 301 // At this point, we may have an interval that completely contains our store. 302 // If so, just add it to the interval and return. 303 if (I->Start <= Start && I->End >= End) 304 return; 305 306 // Now we know that Start <= I->End and End >= I->Start so the range overlaps 307 // but is not entirely contained within the range. 308 309 // See if the range extends the start of the range. In this case, it couldn't 310 // possibly cause it to join the prior range, because otherwise we would have 311 // stopped on *it*. 312 if (Start < I->Start) { 313 I->Start = Start; 314 I->StartPtr = Ptr; 315 I->Alignment = Alignment; 316 } 317 318 // Now we know that Start <= I->End and Start >= I->Start (so the startpoint 319 // is in or right at the end of I), and that End >= I->Start. Extend I out to 320 // End. 321 if (End > I->End) { 322 I->End = End; 323 range_iterator NextI = I; 324 while (++NextI != Ranges.end() && End >= NextI->Start) { 325 // Merge the range in. 326 I->TheStores.append(NextI->TheStores.begin(), NextI->TheStores.end()); 327 if (NextI->End > I->End) 328 I->End = NextI->End; 329 Ranges.erase(NextI); 330 NextI = I; 331 } 332 } 333 } 334 335 //===----------------------------------------------------------------------===// 336 // MemCpyOptLegacyPass Pass 337 //===----------------------------------------------------------------------===// 338 339 namespace { 340 341 class MemCpyOptLegacyPass : public FunctionPass { 342 MemCpyOptPass Impl; 343 344 public: 345 static char ID; // Pass identification, replacement for typeid 346 347 MemCpyOptLegacyPass() : FunctionPass(ID) { 348 initializeMemCpyOptLegacyPassPass(*PassRegistry::getPassRegistry()); 349 } 350 351 bool runOnFunction(Function &F) override; 352 353 private: 354 // This transformation requires dominator postdominator info 355 void getAnalysisUsage(AnalysisUsage &AU) const override { 356 AU.setPreservesCFG(); 357 AU.addRequired<AssumptionCacheTracker>(); 358 AU.addRequired<DominatorTreeWrapperPass>(); 359 AU.addRequired<MemoryDependenceWrapperPass>(); 360 AU.addRequired<AAResultsWrapperPass>(); 361 AU.addRequired<TargetLibraryInfoWrapperPass>(); 362 AU.addPreserved<GlobalsAAWrapperPass>(); 363 AU.addPreserved<MemoryDependenceWrapperPass>(); 364 } 365 }; 366 367 } // end anonymous namespace 368 369 char MemCpyOptLegacyPass::ID = 0; 370 371 /// The public interface to this file... 372 FunctionPass *llvm::createMemCpyOptPass() { return new MemCpyOptLegacyPass(); } 373 374 INITIALIZE_PASS_BEGIN(MemCpyOptLegacyPass, "memcpyopt", "MemCpy Optimization", 375 false, false) 376 INITIALIZE_PASS_DEPENDENCY(AssumptionCacheTracker) 377 INITIALIZE_PASS_DEPENDENCY(DominatorTreeWrapperPass) 378 INITIALIZE_PASS_DEPENDENCY(MemoryDependenceWrapperPass) 379 INITIALIZE_PASS_DEPENDENCY(TargetLibraryInfoWrapperPass) 380 INITIALIZE_PASS_DEPENDENCY(AAResultsWrapperPass) 381 INITIALIZE_PASS_DEPENDENCY(GlobalsAAWrapperPass) 382 INITIALIZE_PASS_END(MemCpyOptLegacyPass, "memcpyopt", "MemCpy Optimization", 383 false, false) 384 385 /// When scanning forward over instructions, we look for some other patterns to 386 /// fold away. In particular, this looks for stores to neighboring locations of 387 /// memory. If it sees enough consecutive ones, it attempts to merge them 388 /// together into a memcpy/memset. 389 Instruction *MemCpyOptPass::tryMergingIntoMemset(Instruction *StartInst, 390 Value *StartPtr, 391 Value *ByteVal) { 392 const DataLayout &DL = StartInst->getModule()->getDataLayout(); 393 394 // Okay, so we now have a single store that can be splatable. Scan to find 395 // all subsequent stores of the same value to offset from the same pointer. 396 // Join these together into ranges, so we can decide whether contiguous blocks 397 // are stored. 398 MemsetRanges Ranges(DL); 399 400 BasicBlock::iterator BI(StartInst); 401 for (++BI; !BI->isTerminator(); ++BI) { 402 if (!isa<StoreInst>(BI) && !isa<MemSetInst>(BI)) { 403 // If the instruction is readnone, ignore it, otherwise bail out. We 404 // don't even allow readonly here because we don't want something like: 405 // A[1] = 2; strlen(A); A[2] = 2; -> memcpy(A, ...); strlen(A). 406 if (BI->mayWriteToMemory() || BI->mayReadFromMemory()) 407 break; 408 continue; 409 } 410 411 if (StoreInst *NextStore = dyn_cast<StoreInst>(BI)) { 412 // If this is a store, see if we can merge it in. 413 if (!NextStore->isSimple()) break; 414 415 // Check to see if this stored value is of the same byte-splattable value. 416 Value *StoredByte = isBytewiseValue(NextStore->getOperand(0)); 417 if (isa<UndefValue>(ByteVal) && StoredByte) 418 ByteVal = StoredByte; 419 if (ByteVal != StoredByte) 420 break; 421 422 // Check to see if this store is to a constant offset from the start ptr. 423 int64_t Offset; 424 if (!IsPointerOffset(StartPtr, NextStore->getPointerOperand(), Offset, 425 DL)) 426 break; 427 428 Ranges.addStore(Offset, NextStore); 429 } else { 430 MemSetInst *MSI = cast<MemSetInst>(BI); 431 432 if (MSI->isVolatile() || ByteVal != MSI->getValue() || 433 !isa<ConstantInt>(MSI->getLength())) 434 break; 435 436 // Check to see if this store is to a constant offset from the start ptr. 437 int64_t Offset; 438 if (!IsPointerOffset(StartPtr, MSI->getDest(), Offset, DL)) 439 break; 440 441 Ranges.addMemSet(Offset, MSI); 442 } 443 } 444 445 // If we have no ranges, then we just had a single store with nothing that 446 // could be merged in. This is a very common case of course. 447 if (Ranges.empty()) 448 return nullptr; 449 450 // If we had at least one store that could be merged in, add the starting 451 // store as well. We try to avoid this unless there is at least something 452 // interesting as a small compile-time optimization. 453 Ranges.addInst(0, StartInst); 454 455 // If we create any memsets, we put it right before the first instruction that 456 // isn't part of the memset block. This ensure that the memset is dominated 457 // by any addressing instruction needed by the start of the block. 458 IRBuilder<> Builder(&*BI); 459 460 // Now that we have full information about ranges, loop over the ranges and 461 // emit memset's for anything big enough to be worthwhile. 462 Instruction *AMemSet = nullptr; 463 for (const MemsetRange &Range : Ranges) { 464 if (Range.TheStores.size() == 1) continue; 465 466 // If it is profitable to lower this range to memset, do so now. 467 if (!Range.isProfitableToUseMemset(DL)) 468 continue; 469 470 // Otherwise, we do want to transform this! Create a new memset. 471 // Get the starting pointer of the block. 472 StartPtr = Range.StartPtr; 473 474 // Determine alignment 475 unsigned Alignment = Range.Alignment; 476 if (Alignment == 0) { 477 Type *EltType = 478 cast<PointerType>(StartPtr->getType())->getElementType(); 479 Alignment = DL.getABITypeAlignment(EltType); 480 } 481 482 AMemSet = 483 Builder.CreateMemSet(StartPtr, ByteVal, Range.End-Range.Start, Alignment); 484 485 LLVM_DEBUG(dbgs() << "Replace stores:\n"; for (Instruction *SI 486 : Range.TheStores) dbgs() 487 << *SI << '\n'; 488 dbgs() << "With: " << *AMemSet << '\n'); 489 490 if (!Range.TheStores.empty()) 491 AMemSet->setDebugLoc(Range.TheStores[0]->getDebugLoc()); 492 493 // Zap all the stores. 494 for (Instruction *SI : Range.TheStores) { 495 MD->removeInstruction(SI); 496 SI->eraseFromParent(); 497 } 498 ++NumMemSetInfer; 499 } 500 501 return AMemSet; 502 } 503 504 static unsigned findStoreAlignment(const DataLayout &DL, const StoreInst *SI) { 505 unsigned StoreAlign = SI->getAlignment(); 506 if (!StoreAlign) 507 StoreAlign = DL.getABITypeAlignment(SI->getOperand(0)->getType()); 508 return StoreAlign; 509 } 510 511 static unsigned findLoadAlignment(const DataLayout &DL, const LoadInst *LI) { 512 unsigned LoadAlign = LI->getAlignment(); 513 if (!LoadAlign) 514 LoadAlign = DL.getABITypeAlignment(LI->getType()); 515 return LoadAlign; 516 } 517 518 static unsigned findCommonAlignment(const DataLayout &DL, const StoreInst *SI, 519 const LoadInst *LI) { 520 unsigned StoreAlign = findStoreAlignment(DL, SI); 521 unsigned LoadAlign = findLoadAlignment(DL, LI); 522 return MinAlign(StoreAlign, LoadAlign); 523 } 524 525 // This method try to lift a store instruction before position P. 526 // It will lift the store and its argument + that anything that 527 // may alias with these. 528 // The method returns true if it was successful. 529 static bool moveUp(AliasAnalysis &AA, StoreInst *SI, Instruction *P, 530 const LoadInst *LI) { 531 // If the store alias this position, early bail out. 532 MemoryLocation StoreLoc = MemoryLocation::get(SI); 533 if (isModOrRefSet(AA.getModRefInfo(P, StoreLoc))) 534 return false; 535 536 // Keep track of the arguments of all instruction we plan to lift 537 // so we can make sure to lift them as well if appropriate. 538 DenseSet<Instruction*> Args; 539 if (auto *Ptr = dyn_cast<Instruction>(SI->getPointerOperand())) 540 if (Ptr->getParent() == SI->getParent()) 541 Args.insert(Ptr); 542 543 // Instruction to lift before P. 544 SmallVector<Instruction*, 8> ToLift; 545 546 // Memory locations of lifted instructions. 547 SmallVector<MemoryLocation, 8> MemLocs{StoreLoc}; 548 549 // Lifted callsites. 550 SmallVector<ImmutableCallSite, 8> CallSites; 551 552 const MemoryLocation LoadLoc = MemoryLocation::get(LI); 553 554 for (auto I = --SI->getIterator(), E = P->getIterator(); I != E; --I) { 555 auto *C = &*I; 556 557 bool MayAlias = isModOrRefSet(AA.getModRefInfo(C, None)); 558 559 bool NeedLift = false; 560 if (Args.erase(C)) 561 NeedLift = true; 562 else if (MayAlias) { 563 NeedLift = llvm::any_of(MemLocs, [C, &AA](const MemoryLocation &ML) { 564 return isModOrRefSet(AA.getModRefInfo(C, ML)); 565 }); 566 567 if (!NeedLift) 568 NeedLift = 569 llvm::any_of(CallSites, [C, &AA](const ImmutableCallSite &CS) { 570 return isModOrRefSet(AA.getModRefInfo(C, CS)); 571 }); 572 } 573 574 if (!NeedLift) 575 continue; 576 577 if (MayAlias) { 578 // Since LI is implicitly moved downwards past the lifted instructions, 579 // none of them may modify its source. 580 if (isModSet(AA.getModRefInfo(C, LoadLoc))) 581 return false; 582 else if (auto CS = ImmutableCallSite(C)) { 583 // If we can't lift this before P, it's game over. 584 if (isModOrRefSet(AA.getModRefInfo(P, CS))) 585 return false; 586 587 CallSites.push_back(CS); 588 } else if (isa<LoadInst>(C) || isa<StoreInst>(C) || isa<VAArgInst>(C)) { 589 // If we can't lift this before P, it's game over. 590 auto ML = MemoryLocation::get(C); 591 if (isModOrRefSet(AA.getModRefInfo(P, ML))) 592 return false; 593 594 MemLocs.push_back(ML); 595 } else 596 // We don't know how to lift this instruction. 597 return false; 598 } 599 600 ToLift.push_back(C); 601 for (unsigned k = 0, e = C->getNumOperands(); k != e; ++k) 602 if (auto *A = dyn_cast<Instruction>(C->getOperand(k))) 603 if (A->getParent() == SI->getParent()) 604 Args.insert(A); 605 } 606 607 // We made it, we need to lift 608 for (auto *I : llvm::reverse(ToLift)) { 609 LLVM_DEBUG(dbgs() << "Lifting " << *I << " before " << *P << "\n"); 610 I->moveBefore(P); 611 } 612 613 return true; 614 } 615 616 bool MemCpyOptPass::processStore(StoreInst *SI, BasicBlock::iterator &BBI) { 617 if (!SI->isSimple()) return false; 618 619 // Avoid merging nontemporal stores since the resulting 620 // memcpy/memset would not be able to preserve the nontemporal hint. 621 // In theory we could teach how to propagate the !nontemporal metadata to 622 // memset calls. However, that change would force the backend to 623 // conservatively expand !nontemporal memset calls back to sequences of 624 // store instructions (effectively undoing the merging). 625 if (SI->getMetadata(LLVMContext::MD_nontemporal)) 626 return false; 627 628 const DataLayout &DL = SI->getModule()->getDataLayout(); 629 630 // Load to store forwarding can be interpreted as memcpy. 631 if (LoadInst *LI = dyn_cast<LoadInst>(SI->getOperand(0))) { 632 if (LI->isSimple() && LI->hasOneUse() && 633 LI->getParent() == SI->getParent()) { 634 635 auto *T = LI->getType(); 636 if (T->isAggregateType()) { 637 AliasAnalysis &AA = LookupAliasAnalysis(); 638 MemoryLocation LoadLoc = MemoryLocation::get(LI); 639 640 // We use alias analysis to check if an instruction may store to 641 // the memory we load from in between the load and the store. If 642 // such an instruction is found, we try to promote there instead 643 // of at the store position. 644 Instruction *P = SI; 645 for (auto &I : make_range(++LI->getIterator(), SI->getIterator())) { 646 if (isModSet(AA.getModRefInfo(&I, LoadLoc))) { 647 P = &I; 648 break; 649 } 650 } 651 652 // We found an instruction that may write to the loaded memory. 653 // We can try to promote at this position instead of the store 654 // position if nothing alias the store memory after this and the store 655 // destination is not in the range. 656 if (P && P != SI) { 657 if (!moveUp(AA, SI, P, LI)) 658 P = nullptr; 659 } 660 661 // If a valid insertion position is found, then we can promote 662 // the load/store pair to a memcpy. 663 if (P) { 664 // If we load from memory that may alias the memory we store to, 665 // memmove must be used to preserve semantic. If not, memcpy can 666 // be used. 667 bool UseMemMove = false; 668 if (!AA.isNoAlias(MemoryLocation::get(SI), LoadLoc)) 669 UseMemMove = true; 670 671 uint64_t Size = DL.getTypeStoreSize(T); 672 673 IRBuilder<> Builder(P); 674 Instruction *M; 675 if (UseMemMove) 676 M = Builder.CreateMemMove( 677 SI->getPointerOperand(), findStoreAlignment(DL, SI), 678 LI->getPointerOperand(), findLoadAlignment(DL, LI), Size, 679 SI->isVolatile()); 680 else 681 M = Builder.CreateMemCpy( 682 SI->getPointerOperand(), findStoreAlignment(DL, SI), 683 LI->getPointerOperand(), findLoadAlignment(DL, LI), Size, 684 SI->isVolatile()); 685 686 LLVM_DEBUG(dbgs() << "Promoting " << *LI << " to " << *SI << " => " 687 << *M << "\n"); 688 689 MD->removeInstruction(SI); 690 SI->eraseFromParent(); 691 MD->removeInstruction(LI); 692 LI->eraseFromParent(); 693 ++NumMemCpyInstr; 694 695 // Make sure we do not invalidate the iterator. 696 BBI = M->getIterator(); 697 return true; 698 } 699 } 700 701 // Detect cases where we're performing call slot forwarding, but 702 // happen to be using a load-store pair to implement it, rather than 703 // a memcpy. 704 MemDepResult ldep = MD->getDependency(LI); 705 CallInst *C = nullptr; 706 if (ldep.isClobber() && !isa<MemCpyInst>(ldep.getInst())) 707 C = dyn_cast<CallInst>(ldep.getInst()); 708 709 if (C) { 710 // Check that nothing touches the dest of the "copy" between 711 // the call and the store. 712 Value *CpyDest = SI->getPointerOperand()->stripPointerCasts(); 713 bool CpyDestIsLocal = isa<AllocaInst>(CpyDest); 714 AliasAnalysis &AA = LookupAliasAnalysis(); 715 MemoryLocation StoreLoc = MemoryLocation::get(SI); 716 for (BasicBlock::iterator I = --SI->getIterator(), E = C->getIterator(); 717 I != E; --I) { 718 if (isModOrRefSet(AA.getModRefInfo(&*I, StoreLoc))) { 719 C = nullptr; 720 break; 721 } 722 // The store to dest may never happen if an exception can be thrown 723 // between the load and the store. 724 if (I->mayThrow() && !CpyDestIsLocal) { 725 C = nullptr; 726 break; 727 } 728 } 729 } 730 731 if (C) { 732 bool changed = performCallSlotOptzn( 733 LI, SI->getPointerOperand()->stripPointerCasts(), 734 LI->getPointerOperand()->stripPointerCasts(), 735 DL.getTypeStoreSize(SI->getOperand(0)->getType()), 736 findCommonAlignment(DL, SI, LI), C); 737 if (changed) { 738 MD->removeInstruction(SI); 739 SI->eraseFromParent(); 740 MD->removeInstruction(LI); 741 LI->eraseFromParent(); 742 ++NumMemCpyInstr; 743 return true; 744 } 745 } 746 } 747 } 748 749 // There are two cases that are interesting for this code to handle: memcpy 750 // and memset. Right now we only handle memset. 751 752 // Ensure that the value being stored is something that can be memset'able a 753 // byte at a time like "0" or "-1" or any width, as well as things like 754 // 0xA0A0A0A0 and 0.0. 755 auto *V = SI->getOperand(0); 756 if (Value *ByteVal = isBytewiseValue(V)) { 757 if (Instruction *I = tryMergingIntoMemset(SI, SI->getPointerOperand(), 758 ByteVal)) { 759 BBI = I->getIterator(); // Don't invalidate iterator. 760 return true; 761 } 762 763 // If we have an aggregate, we try to promote it to memset regardless 764 // of opportunity for merging as it can expose optimization opportunities 765 // in subsequent passes. 766 auto *T = V->getType(); 767 if (T->isAggregateType()) { 768 uint64_t Size = DL.getTypeStoreSize(T); 769 unsigned Align = SI->getAlignment(); 770 if (!Align) 771 Align = DL.getABITypeAlignment(T); 772 IRBuilder<> Builder(SI); 773 auto *M = Builder.CreateMemSet(SI->getPointerOperand(), ByteVal, 774 Size, Align, SI->isVolatile()); 775 776 LLVM_DEBUG(dbgs() << "Promoting " << *SI << " to " << *M << "\n"); 777 778 MD->removeInstruction(SI); 779 SI->eraseFromParent(); 780 NumMemSetInfer++; 781 782 // Make sure we do not invalidate the iterator. 783 BBI = M->getIterator(); 784 return true; 785 } 786 } 787 788 return false; 789 } 790 791 bool MemCpyOptPass::processMemSet(MemSetInst *MSI, BasicBlock::iterator &BBI) { 792 // See if there is another memset or store neighboring this memset which 793 // allows us to widen out the memset to do a single larger store. 794 if (isa<ConstantInt>(MSI->getLength()) && !MSI->isVolatile()) 795 if (Instruction *I = tryMergingIntoMemset(MSI, MSI->getDest(), 796 MSI->getValue())) { 797 BBI = I->getIterator(); // Don't invalidate iterator. 798 return true; 799 } 800 return false; 801 } 802 803 /// Takes a memcpy and a call that it depends on, 804 /// and checks for the possibility of a call slot optimization by having 805 /// the call write its result directly into the destination of the memcpy. 806 bool MemCpyOptPass::performCallSlotOptzn(Instruction *cpy, Value *cpyDest, 807 Value *cpySrc, uint64_t cpyLen, 808 unsigned cpyAlign, CallInst *C) { 809 // The general transformation to keep in mind is 810 // 811 // call @func(..., src, ...) 812 // memcpy(dest, src, ...) 813 // 814 // -> 815 // 816 // memcpy(dest, src, ...) 817 // call @func(..., dest, ...) 818 // 819 // Since moving the memcpy is technically awkward, we additionally check that 820 // src only holds uninitialized values at the moment of the call, meaning that 821 // the memcpy can be discarded rather than moved. 822 823 // Lifetime marks shouldn't be operated on. 824 if (Function *F = C->getCalledFunction()) 825 if (F->isIntrinsic() && F->getIntrinsicID() == Intrinsic::lifetime_start) 826 return false; 827 828 // Deliberately get the source and destination with bitcasts stripped away, 829 // because we'll need to do type comparisons based on the underlying type. 830 CallSite CS(C); 831 832 // Require that src be an alloca. This simplifies the reasoning considerably. 833 AllocaInst *srcAlloca = dyn_cast<AllocaInst>(cpySrc); 834 if (!srcAlloca) 835 return false; 836 837 ConstantInt *srcArraySize = dyn_cast<ConstantInt>(srcAlloca->getArraySize()); 838 if (!srcArraySize) 839 return false; 840 841 const DataLayout &DL = cpy->getModule()->getDataLayout(); 842 uint64_t srcSize = DL.getTypeAllocSize(srcAlloca->getAllocatedType()) * 843 srcArraySize->getZExtValue(); 844 845 if (cpyLen < srcSize) 846 return false; 847 848 // Check that accessing the first srcSize bytes of dest will not cause a 849 // trap. Otherwise the transform is invalid since it might cause a trap 850 // to occur earlier than it otherwise would. 851 if (AllocaInst *A = dyn_cast<AllocaInst>(cpyDest)) { 852 // The destination is an alloca. Check it is larger than srcSize. 853 ConstantInt *destArraySize = dyn_cast<ConstantInt>(A->getArraySize()); 854 if (!destArraySize) 855 return false; 856 857 uint64_t destSize = DL.getTypeAllocSize(A->getAllocatedType()) * 858 destArraySize->getZExtValue(); 859 860 if (destSize < srcSize) 861 return false; 862 } else if (Argument *A = dyn_cast<Argument>(cpyDest)) { 863 // The store to dest may never happen if the call can throw. 864 if (C->mayThrow()) 865 return false; 866 867 if (A->getDereferenceableBytes() < srcSize) { 868 // If the destination is an sret parameter then only accesses that are 869 // outside of the returned struct type can trap. 870 if (!A->hasStructRetAttr()) 871 return false; 872 873 Type *StructTy = cast<PointerType>(A->getType())->getElementType(); 874 if (!StructTy->isSized()) { 875 // The call may never return and hence the copy-instruction may never 876 // be executed, and therefore it's not safe to say "the destination 877 // has at least <cpyLen> bytes, as implied by the copy-instruction", 878 return false; 879 } 880 881 uint64_t destSize = DL.getTypeAllocSize(StructTy); 882 if (destSize < srcSize) 883 return false; 884 } 885 } else { 886 return false; 887 } 888 889 // Check that dest points to memory that is at least as aligned as src. 890 unsigned srcAlign = srcAlloca->getAlignment(); 891 if (!srcAlign) 892 srcAlign = DL.getABITypeAlignment(srcAlloca->getAllocatedType()); 893 bool isDestSufficientlyAligned = srcAlign <= cpyAlign; 894 // If dest is not aligned enough and we can't increase its alignment then 895 // bail out. 896 if (!isDestSufficientlyAligned && !isa<AllocaInst>(cpyDest)) 897 return false; 898 899 // Check that src is not accessed except via the call and the memcpy. This 900 // guarantees that it holds only undefined values when passed in (so the final 901 // memcpy can be dropped), that it is not read or written between the call and 902 // the memcpy, and that writing beyond the end of it is undefined. 903 SmallVector<User*, 8> srcUseList(srcAlloca->user_begin(), 904 srcAlloca->user_end()); 905 while (!srcUseList.empty()) { 906 User *U = srcUseList.pop_back_val(); 907 908 if (isa<BitCastInst>(U) || isa<AddrSpaceCastInst>(U)) { 909 for (User *UU : U->users()) 910 srcUseList.push_back(UU); 911 continue; 912 } 913 if (GetElementPtrInst *G = dyn_cast<GetElementPtrInst>(U)) { 914 if (!G->hasAllZeroIndices()) 915 return false; 916 917 for (User *UU : U->users()) 918 srcUseList.push_back(UU); 919 continue; 920 } 921 if (const IntrinsicInst *IT = dyn_cast<IntrinsicInst>(U)) 922 if (IT->getIntrinsicID() == Intrinsic::lifetime_start || 923 IT->getIntrinsicID() == Intrinsic::lifetime_end) 924 continue; 925 926 if (U != C && U != cpy) 927 return false; 928 } 929 930 // Check that src isn't captured by the called function since the 931 // transformation can cause aliasing issues in that case. 932 for (unsigned i = 0, e = CS.arg_size(); i != e; ++i) 933 if (CS.getArgument(i) == cpySrc && !CS.doesNotCapture(i)) 934 return false; 935 936 // Since we're changing the parameter to the callsite, we need to make sure 937 // that what would be the new parameter dominates the callsite. 938 DominatorTree &DT = LookupDomTree(); 939 if (Instruction *cpyDestInst = dyn_cast<Instruction>(cpyDest)) 940 if (!DT.dominates(cpyDestInst, C)) 941 return false; 942 943 // In addition to knowing that the call does not access src in some 944 // unexpected manner, for example via a global, which we deduce from 945 // the use analysis, we also need to know that it does not sneakily 946 // access dest. We rely on AA to figure this out for us. 947 AliasAnalysis &AA = LookupAliasAnalysis(); 948 ModRefInfo MR = AA.getModRefInfo(C, cpyDest, srcSize); 949 // If necessary, perform additional analysis. 950 if (isModOrRefSet(MR)) 951 MR = AA.callCapturesBefore(C, cpyDest, srcSize, &DT); 952 if (isModOrRefSet(MR)) 953 return false; 954 955 // We can't create address space casts here because we don't know if they're 956 // safe for the target. 957 if (cpySrc->getType()->getPointerAddressSpace() != 958 cpyDest->getType()->getPointerAddressSpace()) 959 return false; 960 for (unsigned i = 0; i < CS.arg_size(); ++i) 961 if (CS.getArgument(i)->stripPointerCasts() == cpySrc && 962 cpySrc->getType()->getPointerAddressSpace() != 963 CS.getArgument(i)->getType()->getPointerAddressSpace()) 964 return false; 965 966 // All the checks have passed, so do the transformation. 967 bool changedArgument = false; 968 for (unsigned i = 0; i < CS.arg_size(); ++i) 969 if (CS.getArgument(i)->stripPointerCasts() == cpySrc) { 970 Value *Dest = cpySrc->getType() == cpyDest->getType() ? cpyDest 971 : CastInst::CreatePointerCast(cpyDest, cpySrc->getType(), 972 cpyDest->getName(), C); 973 changedArgument = true; 974 if (CS.getArgument(i)->getType() == Dest->getType()) 975 CS.setArgument(i, Dest); 976 else 977 CS.setArgument(i, CastInst::CreatePointerCast(Dest, 978 CS.getArgument(i)->getType(), Dest->getName(), C)); 979 } 980 981 if (!changedArgument) 982 return false; 983 984 // If the destination wasn't sufficiently aligned then increase its alignment. 985 if (!isDestSufficientlyAligned) { 986 assert(isa<AllocaInst>(cpyDest) && "Can only increase alloca alignment!"); 987 cast<AllocaInst>(cpyDest)->setAlignment(srcAlign); 988 } 989 990 // Drop any cached information about the call, because we may have changed 991 // its dependence information by changing its parameter. 992 MD->removeInstruction(C); 993 994 // Update AA metadata 995 // FIXME: MD_tbaa_struct and MD_mem_parallel_loop_access should also be 996 // handled here, but combineMetadata doesn't support them yet 997 unsigned KnownIDs[] = {LLVMContext::MD_tbaa, LLVMContext::MD_alias_scope, 998 LLVMContext::MD_noalias, 999 LLVMContext::MD_invariant_group}; 1000 combineMetadata(C, cpy, KnownIDs, true); 1001 1002 // Remove the memcpy. 1003 MD->removeInstruction(cpy); 1004 ++NumMemCpyInstr; 1005 1006 return true; 1007 } 1008 1009 /// We've found that the (upward scanning) memory dependence of memcpy 'M' is 1010 /// the memcpy 'MDep'. Try to simplify M to copy from MDep's input if we can. 1011 bool MemCpyOptPass::processMemCpyMemCpyDependence(MemCpyInst *M, 1012 MemCpyInst *MDep) { 1013 // We can only transforms memcpy's where the dest of one is the source of the 1014 // other. 1015 if (M->getSource() != MDep->getDest() || MDep->isVolatile()) 1016 return false; 1017 1018 // If dep instruction is reading from our current input, then it is a noop 1019 // transfer and substituting the input won't change this instruction. Just 1020 // ignore the input and let someone else zap MDep. This handles cases like: 1021 // memcpy(a <- a) 1022 // memcpy(b <- a) 1023 if (M->getSource() == MDep->getSource()) 1024 return false; 1025 1026 // Second, the length of the memcpy's must be the same, or the preceding one 1027 // must be larger than the following one. 1028 ConstantInt *MDepLen = dyn_cast<ConstantInt>(MDep->getLength()); 1029 ConstantInt *MLen = dyn_cast<ConstantInt>(M->getLength()); 1030 if (!MDepLen || !MLen || MDepLen->getZExtValue() < MLen->getZExtValue()) 1031 return false; 1032 1033 AliasAnalysis &AA = LookupAliasAnalysis(); 1034 1035 // Verify that the copied-from memory doesn't change in between the two 1036 // transfers. For example, in: 1037 // memcpy(a <- b) 1038 // *b = 42; 1039 // memcpy(c <- a) 1040 // It would be invalid to transform the second memcpy into memcpy(c <- b). 1041 // 1042 // TODO: If the code between M and MDep is transparent to the destination "c", 1043 // then we could still perform the xform by moving M up to the first memcpy. 1044 // 1045 // NOTE: This is conservative, it will stop on any read from the source loc, 1046 // not just the defining memcpy. 1047 MemDepResult SourceDep = 1048 MD->getPointerDependencyFrom(MemoryLocation::getForSource(MDep), false, 1049 M->getIterator(), M->getParent()); 1050 if (!SourceDep.isClobber() || SourceDep.getInst() != MDep) 1051 return false; 1052 1053 // If the dest of the second might alias the source of the first, then the 1054 // source and dest might overlap. We still want to eliminate the intermediate 1055 // value, but we have to generate a memmove instead of memcpy. 1056 bool UseMemMove = false; 1057 if (!AA.isNoAlias(MemoryLocation::getForDest(M), 1058 MemoryLocation::getForSource(MDep))) 1059 UseMemMove = true; 1060 1061 // If all checks passed, then we can transform M. 1062 1063 // TODO: Is this worth it if we're creating a less aligned memcpy? For 1064 // example we could be moving from movaps -> movq on x86. 1065 IRBuilder<> Builder(M); 1066 if (UseMemMove) 1067 Builder.CreateMemMove(M->getRawDest(), M->getDestAlignment(), 1068 MDep->getRawSource(), MDep->getSourceAlignment(), 1069 M->getLength(), M->isVolatile()); 1070 else 1071 Builder.CreateMemCpy(M->getRawDest(), M->getDestAlignment(), 1072 MDep->getRawSource(), MDep->getSourceAlignment(), 1073 M->getLength(), M->isVolatile()); 1074 1075 // Remove the instruction we're replacing. 1076 MD->removeInstruction(M); 1077 M->eraseFromParent(); 1078 ++NumMemCpyInstr; 1079 return true; 1080 } 1081 1082 /// We've found that the (upward scanning) memory dependence of \p MemCpy is 1083 /// \p MemSet. Try to simplify \p MemSet to only set the trailing bytes that 1084 /// weren't copied over by \p MemCpy. 1085 /// 1086 /// In other words, transform: 1087 /// \code 1088 /// memset(dst, c, dst_size); 1089 /// memcpy(dst, src, src_size); 1090 /// \endcode 1091 /// into: 1092 /// \code 1093 /// memcpy(dst, src, src_size); 1094 /// memset(dst + src_size, c, dst_size <= src_size ? 0 : dst_size - src_size); 1095 /// \endcode 1096 bool MemCpyOptPass::processMemSetMemCpyDependence(MemCpyInst *MemCpy, 1097 MemSetInst *MemSet) { 1098 // We can only transform memset/memcpy with the same destination. 1099 if (MemSet->getDest() != MemCpy->getDest()) 1100 return false; 1101 1102 // Check that there are no other dependencies on the memset destination. 1103 MemDepResult DstDepInfo = 1104 MD->getPointerDependencyFrom(MemoryLocation::getForDest(MemSet), false, 1105 MemCpy->getIterator(), MemCpy->getParent()); 1106 if (DstDepInfo.getInst() != MemSet) 1107 return false; 1108 1109 // Use the same i8* dest as the memcpy, killing the memset dest if different. 1110 Value *Dest = MemCpy->getRawDest(); 1111 Value *DestSize = MemSet->getLength(); 1112 Value *SrcSize = MemCpy->getLength(); 1113 1114 // By default, create an unaligned memset. 1115 unsigned Align = 1; 1116 // If Dest is aligned, and SrcSize is constant, use the minimum alignment 1117 // of the sum. 1118 const unsigned DestAlign = 1119 std::max(MemSet->getDestAlignment(), MemCpy->getDestAlignment()); 1120 if (DestAlign > 1) 1121 if (ConstantInt *SrcSizeC = dyn_cast<ConstantInt>(SrcSize)) 1122 Align = MinAlign(SrcSizeC->getZExtValue(), DestAlign); 1123 1124 IRBuilder<> Builder(MemCpy); 1125 1126 // If the sizes have different types, zext the smaller one. 1127 if (DestSize->getType() != SrcSize->getType()) { 1128 if (DestSize->getType()->getIntegerBitWidth() > 1129 SrcSize->getType()->getIntegerBitWidth()) 1130 SrcSize = Builder.CreateZExt(SrcSize, DestSize->getType()); 1131 else 1132 DestSize = Builder.CreateZExt(DestSize, SrcSize->getType()); 1133 } 1134 1135 Value *Ule = Builder.CreateICmpULE(DestSize, SrcSize); 1136 Value *SizeDiff = Builder.CreateSub(DestSize, SrcSize); 1137 Value *MemsetLen = Builder.CreateSelect( 1138 Ule, ConstantInt::getNullValue(DestSize->getType()), SizeDiff); 1139 Builder.CreateMemSet(Builder.CreateGEP(Dest, SrcSize), MemSet->getOperand(1), 1140 MemsetLen, Align); 1141 1142 MD->removeInstruction(MemSet); 1143 MemSet->eraseFromParent(); 1144 return true; 1145 } 1146 1147 /// Transform memcpy to memset when its source was just memset. 1148 /// In other words, turn: 1149 /// \code 1150 /// memset(dst1, c, dst1_size); 1151 /// memcpy(dst2, dst1, dst2_size); 1152 /// \endcode 1153 /// into: 1154 /// \code 1155 /// memset(dst1, c, dst1_size); 1156 /// memset(dst2, c, dst2_size); 1157 /// \endcode 1158 /// When dst2_size <= dst1_size. 1159 /// 1160 /// The \p MemCpy must have a Constant length. 1161 bool MemCpyOptPass::performMemCpyToMemSetOptzn(MemCpyInst *MemCpy, 1162 MemSetInst *MemSet) { 1163 AliasAnalysis &AA = LookupAliasAnalysis(); 1164 1165 // Make sure that memcpy(..., memset(...), ...), that is we are memsetting and 1166 // memcpying from the same address. Otherwise it is hard to reason about. 1167 if (!AA.isMustAlias(MemSet->getRawDest(), MemCpy->getRawSource())) 1168 return false; 1169 1170 ConstantInt *CopySize = cast<ConstantInt>(MemCpy->getLength()); 1171 ConstantInt *MemSetSize = dyn_cast<ConstantInt>(MemSet->getLength()); 1172 // Make sure the memcpy doesn't read any more than what the memset wrote. 1173 // Don't worry about sizes larger than i64. 1174 if (!MemSetSize || CopySize->getZExtValue() > MemSetSize->getZExtValue()) 1175 return false; 1176 1177 IRBuilder<> Builder(MemCpy); 1178 Builder.CreateMemSet(MemCpy->getRawDest(), MemSet->getOperand(1), 1179 CopySize, MemCpy->getDestAlignment()); 1180 return true; 1181 } 1182 1183 /// Perform simplification of memcpy's. If we have memcpy A 1184 /// which copies X to Y, and memcpy B which copies Y to Z, then we can rewrite 1185 /// B to be a memcpy from X to Z (or potentially a memmove, depending on 1186 /// circumstances). This allows later passes to remove the first memcpy 1187 /// altogether. 1188 bool MemCpyOptPass::processMemCpy(MemCpyInst *M) { 1189 // We can only optimize non-volatile memcpy's. 1190 if (M->isVolatile()) return false; 1191 1192 // If the source and destination of the memcpy are the same, then zap it. 1193 if (M->getSource() == M->getDest()) { 1194 MD->removeInstruction(M); 1195 M->eraseFromParent(); 1196 return false; 1197 } 1198 1199 // If copying from a constant, try to turn the memcpy into a memset. 1200 if (GlobalVariable *GV = dyn_cast<GlobalVariable>(M->getSource())) 1201 if (GV->isConstant() && GV->hasDefinitiveInitializer()) 1202 if (Value *ByteVal = isBytewiseValue(GV->getInitializer())) { 1203 IRBuilder<> Builder(M); 1204 Builder.CreateMemSet(M->getRawDest(), ByteVal, M->getLength(), 1205 M->getDestAlignment(), false); 1206 MD->removeInstruction(M); 1207 M->eraseFromParent(); 1208 ++NumCpyToSet; 1209 return true; 1210 } 1211 1212 MemDepResult DepInfo = MD->getDependency(M); 1213 1214 // Try to turn a partially redundant memset + memcpy into 1215 // memcpy + smaller memset. We don't need the memcpy size for this. 1216 if (DepInfo.isClobber()) 1217 if (MemSetInst *MDep = dyn_cast<MemSetInst>(DepInfo.getInst())) 1218 if (processMemSetMemCpyDependence(M, MDep)) 1219 return true; 1220 1221 // The optimizations after this point require the memcpy size. 1222 ConstantInt *CopySize = dyn_cast<ConstantInt>(M->getLength()); 1223 if (!CopySize) return false; 1224 1225 // There are four possible optimizations we can do for memcpy: 1226 // a) memcpy-memcpy xform which exposes redundance for DSE. 1227 // b) call-memcpy xform for return slot optimization. 1228 // c) memcpy from freshly alloca'd space or space that has just started its 1229 // lifetime copies undefined data, and we can therefore eliminate the 1230 // memcpy in favor of the data that was already at the destination. 1231 // d) memcpy from a just-memset'd source can be turned into memset. 1232 if (DepInfo.isClobber()) { 1233 if (CallInst *C = dyn_cast<CallInst>(DepInfo.getInst())) { 1234 // FIXME: Can we pass in either of dest/src alignment here instead 1235 // of conservatively taking the minimum? 1236 unsigned Align = MinAlign(M->getDestAlignment(), M->getSourceAlignment()); 1237 if (performCallSlotOptzn(M, M->getDest(), M->getSource(), 1238 CopySize->getZExtValue(), Align, 1239 C)) { 1240 MD->removeInstruction(M); 1241 M->eraseFromParent(); 1242 return true; 1243 } 1244 } 1245 } 1246 1247 MemoryLocation SrcLoc = MemoryLocation::getForSource(M); 1248 MemDepResult SrcDepInfo = MD->getPointerDependencyFrom( 1249 SrcLoc, true, M->getIterator(), M->getParent()); 1250 1251 if (SrcDepInfo.isClobber()) { 1252 if (MemCpyInst *MDep = dyn_cast<MemCpyInst>(SrcDepInfo.getInst())) 1253 return processMemCpyMemCpyDependence(M, MDep); 1254 } else if (SrcDepInfo.isDef()) { 1255 Instruction *I = SrcDepInfo.getInst(); 1256 bool hasUndefContents = false; 1257 1258 if (isa<AllocaInst>(I)) { 1259 hasUndefContents = true; 1260 } else if (IntrinsicInst *II = dyn_cast<IntrinsicInst>(I)) { 1261 if (II->getIntrinsicID() == Intrinsic::lifetime_start) 1262 if (ConstantInt *LTSize = dyn_cast<ConstantInt>(II->getArgOperand(0))) 1263 if (LTSize->getZExtValue() >= CopySize->getZExtValue()) 1264 hasUndefContents = true; 1265 } 1266 1267 if (hasUndefContents) { 1268 MD->removeInstruction(M); 1269 M->eraseFromParent(); 1270 ++NumMemCpyInstr; 1271 return true; 1272 } 1273 } 1274 1275 if (SrcDepInfo.isClobber()) 1276 if (MemSetInst *MDep = dyn_cast<MemSetInst>(SrcDepInfo.getInst())) 1277 if (performMemCpyToMemSetOptzn(M, MDep)) { 1278 MD->removeInstruction(M); 1279 M->eraseFromParent(); 1280 ++NumCpyToSet; 1281 return true; 1282 } 1283 1284 return false; 1285 } 1286 1287 /// Transforms memmove calls to memcpy calls when the src/dst are guaranteed 1288 /// not to alias. 1289 bool MemCpyOptPass::processMemMove(MemMoveInst *M) { 1290 AliasAnalysis &AA = LookupAliasAnalysis(); 1291 1292 if (!TLI->has(LibFunc_memmove)) 1293 return false; 1294 1295 // See if the pointers alias. 1296 if (!AA.isNoAlias(MemoryLocation::getForDest(M), 1297 MemoryLocation::getForSource(M))) 1298 return false; 1299 1300 LLVM_DEBUG(dbgs() << "MemCpyOptPass: Optimizing memmove -> memcpy: " << *M 1301 << "\n"); 1302 1303 // If not, then we know we can transform this. 1304 Type *ArgTys[3] = { M->getRawDest()->getType(), 1305 M->getRawSource()->getType(), 1306 M->getLength()->getType() }; 1307 M->setCalledFunction(Intrinsic::getDeclaration(M->getModule(), 1308 Intrinsic::memcpy, ArgTys)); 1309 1310 // MemDep may have over conservative information about this instruction, just 1311 // conservatively flush it from the cache. 1312 MD->removeInstruction(M); 1313 1314 ++NumMoveToCpy; 1315 return true; 1316 } 1317 1318 /// This is called on every byval argument in call sites. 1319 bool MemCpyOptPass::processByValArgument(CallSite CS, unsigned ArgNo) { 1320 const DataLayout &DL = CS.getCaller()->getParent()->getDataLayout(); 1321 // Find out what feeds this byval argument. 1322 Value *ByValArg = CS.getArgument(ArgNo); 1323 Type *ByValTy = cast<PointerType>(ByValArg->getType())->getElementType(); 1324 uint64_t ByValSize = DL.getTypeAllocSize(ByValTy); 1325 MemDepResult DepInfo = MD->getPointerDependencyFrom( 1326 MemoryLocation(ByValArg, ByValSize), true, 1327 CS.getInstruction()->getIterator(), CS.getInstruction()->getParent()); 1328 if (!DepInfo.isClobber()) 1329 return false; 1330 1331 // If the byval argument isn't fed by a memcpy, ignore it. If it is fed by 1332 // a memcpy, see if we can byval from the source of the memcpy instead of the 1333 // result. 1334 MemCpyInst *MDep = dyn_cast<MemCpyInst>(DepInfo.getInst()); 1335 if (!MDep || MDep->isVolatile() || 1336 ByValArg->stripPointerCasts() != MDep->getDest()) 1337 return false; 1338 1339 // The length of the memcpy must be larger or equal to the size of the byval. 1340 ConstantInt *C1 = dyn_cast<ConstantInt>(MDep->getLength()); 1341 if (!C1 || C1->getValue().getZExtValue() < ByValSize) 1342 return false; 1343 1344 // Get the alignment of the byval. If the call doesn't specify the alignment, 1345 // then it is some target specific value that we can't know. 1346 unsigned ByValAlign = CS.getParamAlignment(ArgNo); 1347 if (ByValAlign == 0) return false; 1348 1349 // If it is greater than the memcpy, then we check to see if we can force the 1350 // source of the memcpy to the alignment we need. If we fail, we bail out. 1351 AssumptionCache &AC = LookupAssumptionCache(); 1352 DominatorTree &DT = LookupDomTree(); 1353 if (MDep->getSourceAlignment() < ByValAlign && 1354 getOrEnforceKnownAlignment(MDep->getSource(), ByValAlign, DL, 1355 CS.getInstruction(), &AC, &DT) < ByValAlign) 1356 return false; 1357 1358 // The address space of the memcpy source must match the byval argument 1359 if (MDep->getSource()->getType()->getPointerAddressSpace() != 1360 ByValArg->getType()->getPointerAddressSpace()) 1361 return false; 1362 1363 // Verify that the copied-from memory doesn't change in between the memcpy and 1364 // the byval call. 1365 // memcpy(a <- b) 1366 // *b = 42; 1367 // foo(*a) 1368 // It would be invalid to transform the second memcpy into foo(*b). 1369 // 1370 // NOTE: This is conservative, it will stop on any read from the source loc, 1371 // not just the defining memcpy. 1372 MemDepResult SourceDep = MD->getPointerDependencyFrom( 1373 MemoryLocation::getForSource(MDep), false, 1374 CS.getInstruction()->getIterator(), MDep->getParent()); 1375 if (!SourceDep.isClobber() || SourceDep.getInst() != MDep) 1376 return false; 1377 1378 Value *TmpCast = MDep->getSource(); 1379 if (MDep->getSource()->getType() != ByValArg->getType()) 1380 TmpCast = new BitCastInst(MDep->getSource(), ByValArg->getType(), 1381 "tmpcast", CS.getInstruction()); 1382 1383 LLVM_DEBUG(dbgs() << "MemCpyOptPass: Forwarding memcpy to byval:\n" 1384 << " " << *MDep << "\n" 1385 << " " << *CS.getInstruction() << "\n"); 1386 1387 // Otherwise we're good! Update the byval argument. 1388 CS.setArgument(ArgNo, TmpCast); 1389 ++NumMemCpyInstr; 1390 return true; 1391 } 1392 1393 /// Executes one iteration of MemCpyOptPass. 1394 bool MemCpyOptPass::iterateOnFunction(Function &F) { 1395 bool MadeChange = false; 1396 1397 DominatorTree &DT = LookupDomTree(); 1398 1399 // Walk all instruction in the function. 1400 for (BasicBlock &BB : F) { 1401 // Skip unreachable blocks. For example processStore assumes that an 1402 // instruction in a BB can't be dominated by a later instruction in the 1403 // same BB (which is a scenario that can happen for an unreachable BB that 1404 // has itself as a predecessor). 1405 if (!DT.isReachableFromEntry(&BB)) 1406 continue; 1407 1408 for (BasicBlock::iterator BI = BB.begin(), BE = BB.end(); BI != BE;) { 1409 // Avoid invalidating the iterator. 1410 Instruction *I = &*BI++; 1411 1412 bool RepeatInstruction = false; 1413 1414 if (StoreInst *SI = dyn_cast<StoreInst>(I)) 1415 MadeChange |= processStore(SI, BI); 1416 else if (MemSetInst *M = dyn_cast<MemSetInst>(I)) 1417 RepeatInstruction = processMemSet(M, BI); 1418 else if (MemCpyInst *M = dyn_cast<MemCpyInst>(I)) 1419 RepeatInstruction = processMemCpy(M); 1420 else if (MemMoveInst *M = dyn_cast<MemMoveInst>(I)) 1421 RepeatInstruction = processMemMove(M); 1422 else if (auto CS = CallSite(I)) { 1423 for (unsigned i = 0, e = CS.arg_size(); i != e; ++i) 1424 if (CS.isByValArgument(i)) 1425 MadeChange |= processByValArgument(CS, i); 1426 } 1427 1428 // Reprocess the instruction if desired. 1429 if (RepeatInstruction) { 1430 if (BI != BB.begin()) 1431 --BI; 1432 MadeChange = true; 1433 } 1434 } 1435 } 1436 1437 return MadeChange; 1438 } 1439 1440 PreservedAnalyses MemCpyOptPass::run(Function &F, FunctionAnalysisManager &AM) { 1441 auto &MD = AM.getResult<MemoryDependenceAnalysis>(F); 1442 auto &TLI = AM.getResult<TargetLibraryAnalysis>(F); 1443 1444 auto LookupAliasAnalysis = [&]() -> AliasAnalysis & { 1445 return AM.getResult<AAManager>(F); 1446 }; 1447 auto LookupAssumptionCache = [&]() -> AssumptionCache & { 1448 return AM.getResult<AssumptionAnalysis>(F); 1449 }; 1450 auto LookupDomTree = [&]() -> DominatorTree & { 1451 return AM.getResult<DominatorTreeAnalysis>(F); 1452 }; 1453 1454 bool MadeChange = runImpl(F, &MD, &TLI, LookupAliasAnalysis, 1455 LookupAssumptionCache, LookupDomTree); 1456 if (!MadeChange) 1457 return PreservedAnalyses::all(); 1458 1459 PreservedAnalyses PA; 1460 PA.preserveSet<CFGAnalyses>(); 1461 PA.preserve<GlobalsAA>(); 1462 PA.preserve<MemoryDependenceAnalysis>(); 1463 return PA; 1464 } 1465 1466 bool MemCpyOptPass::runImpl( 1467 Function &F, MemoryDependenceResults *MD_, TargetLibraryInfo *TLI_, 1468 std::function<AliasAnalysis &()> LookupAliasAnalysis_, 1469 std::function<AssumptionCache &()> LookupAssumptionCache_, 1470 std::function<DominatorTree &()> LookupDomTree_) { 1471 bool MadeChange = false; 1472 MD = MD_; 1473 TLI = TLI_; 1474 LookupAliasAnalysis = std::move(LookupAliasAnalysis_); 1475 LookupAssumptionCache = std::move(LookupAssumptionCache_); 1476 LookupDomTree = std::move(LookupDomTree_); 1477 1478 // If we don't have at least memset and memcpy, there is little point of doing 1479 // anything here. These are required by a freestanding implementation, so if 1480 // even they are disabled, there is no point in trying hard. 1481 if (!TLI->has(LibFunc_memset) || !TLI->has(LibFunc_memcpy)) 1482 return false; 1483 1484 while (true) { 1485 if (!iterateOnFunction(F)) 1486 break; 1487 MadeChange = true; 1488 } 1489 1490 MD = nullptr; 1491 return MadeChange; 1492 } 1493 1494 /// This is the main transformation entry point for a function. 1495 bool MemCpyOptLegacyPass::runOnFunction(Function &F) { 1496 if (skipFunction(F)) 1497 return false; 1498 1499 auto *MD = &getAnalysis<MemoryDependenceWrapperPass>().getMemDep(); 1500 auto *TLI = &getAnalysis<TargetLibraryInfoWrapperPass>().getTLI(); 1501 1502 auto LookupAliasAnalysis = [this]() -> AliasAnalysis & { 1503 return getAnalysis<AAResultsWrapperPass>().getAAResults(); 1504 }; 1505 auto LookupAssumptionCache = [this, &F]() -> AssumptionCache & { 1506 return getAnalysis<AssumptionCacheTracker>().getAssumptionCache(F); 1507 }; 1508 auto LookupDomTree = [this]() -> DominatorTree & { 1509 return getAnalysis<DominatorTreeWrapperPass>().getDomTree(); 1510 }; 1511 1512 return Impl.runImpl(F, MD, TLI, LookupAliasAnalysis, LookupAssumptionCache, 1513 LookupDomTree); 1514 } 1515