1 //===- MemCpyOptimizer.cpp - Optimize use of memcpy and friends -----------===// 2 // 3 // The LLVM Compiler Infrastructure 4 // 5 // This file is distributed under the University of Illinois Open Source 6 // License. See LICENSE.TXT for details. 7 // 8 //===----------------------------------------------------------------------===// 9 // 10 // This pass performs various transformations related to eliminating memcpy 11 // calls, or transforming sets of stores into memset's. 12 // 13 //===----------------------------------------------------------------------===// 14 15 #include "llvm/Transforms/Scalar/MemCpyOptimizer.h" 16 #include "llvm/ADT/DenseSet.h" 17 #include "llvm/ADT/None.h" 18 #include "llvm/ADT/STLExtras.h" 19 #include "llvm/ADT/SmallVector.h" 20 #include "llvm/ADT/Statistic.h" 21 #include "llvm/ADT/iterator_range.h" 22 #include "llvm/Analysis/AliasAnalysis.h" 23 #include "llvm/Analysis/AssumptionCache.h" 24 #include "llvm/Analysis/GlobalsModRef.h" 25 #include "llvm/Analysis/MemoryDependenceAnalysis.h" 26 #include "llvm/Analysis/MemoryLocation.h" 27 #include "llvm/Analysis/TargetLibraryInfo.h" 28 #include "llvm/Transforms/Utils/Local.h" 29 #include "llvm/Analysis/ValueTracking.h" 30 #include "llvm/IR/Argument.h" 31 #include "llvm/IR/BasicBlock.h" 32 #include "llvm/IR/CallSite.h" 33 #include "llvm/IR/Constants.h" 34 #include "llvm/IR/DataLayout.h" 35 #include "llvm/IR/DerivedTypes.h" 36 #include "llvm/IR/Dominators.h" 37 #include "llvm/IR/Function.h" 38 #include "llvm/IR/GetElementPtrTypeIterator.h" 39 #include "llvm/IR/GlobalVariable.h" 40 #include "llvm/IR/IRBuilder.h" 41 #include "llvm/IR/InstrTypes.h" 42 #include "llvm/IR/Instruction.h" 43 #include "llvm/IR/Instructions.h" 44 #include "llvm/IR/IntrinsicInst.h" 45 #include "llvm/IR/Intrinsics.h" 46 #include "llvm/IR/LLVMContext.h" 47 #include "llvm/IR/Module.h" 48 #include "llvm/IR/Operator.h" 49 #include "llvm/IR/PassManager.h" 50 #include "llvm/IR/Type.h" 51 #include "llvm/IR/User.h" 52 #include "llvm/IR/Value.h" 53 #include "llvm/Pass.h" 54 #include "llvm/Support/Casting.h" 55 #include "llvm/Support/Debug.h" 56 #include "llvm/Support/MathExtras.h" 57 #include "llvm/Support/raw_ostream.h" 58 #include "llvm/Transforms/Scalar.h" 59 #include <algorithm> 60 #include <cassert> 61 #include <cstdint> 62 #include <utility> 63 64 using namespace llvm; 65 66 #define DEBUG_TYPE "memcpyopt" 67 68 STATISTIC(NumMemCpyInstr, "Number of memcpy instructions deleted"); 69 STATISTIC(NumMemSetInfer, "Number of memsets inferred"); 70 STATISTIC(NumMoveToCpy, "Number of memmoves converted to memcpy"); 71 STATISTIC(NumCpyToSet, "Number of memcpys converted to memset"); 72 73 static int64_t GetOffsetFromIndex(const GEPOperator *GEP, unsigned Idx, 74 bool &VariableIdxFound, 75 const DataLayout &DL) { 76 // Skip over the first indices. 77 gep_type_iterator GTI = gep_type_begin(GEP); 78 for (unsigned i = 1; i != Idx; ++i, ++GTI) 79 /*skip along*/; 80 81 // Compute the offset implied by the rest of the indices. 82 int64_t Offset = 0; 83 for (unsigned i = Idx, e = GEP->getNumOperands(); i != e; ++i, ++GTI) { 84 ConstantInt *OpC = dyn_cast<ConstantInt>(GEP->getOperand(i)); 85 if (!OpC) 86 return VariableIdxFound = true; 87 if (OpC->isZero()) continue; // No offset. 88 89 // Handle struct indices, which add their field offset to the pointer. 90 if (StructType *STy = GTI.getStructTypeOrNull()) { 91 Offset += DL.getStructLayout(STy)->getElementOffset(OpC->getZExtValue()); 92 continue; 93 } 94 95 // Otherwise, we have a sequential type like an array or vector. Multiply 96 // the index by the ElementSize. 97 uint64_t Size = DL.getTypeAllocSize(GTI.getIndexedType()); 98 Offset += Size*OpC->getSExtValue(); 99 } 100 101 return Offset; 102 } 103 104 /// Return true if Ptr1 is provably equal to Ptr2 plus a constant offset, and 105 /// return that constant offset. For example, Ptr1 might be &A[42], and Ptr2 106 /// might be &A[40]. In this case offset would be -8. 107 static bool IsPointerOffset(Value *Ptr1, Value *Ptr2, int64_t &Offset, 108 const DataLayout &DL) { 109 Ptr1 = Ptr1->stripPointerCasts(); 110 Ptr2 = Ptr2->stripPointerCasts(); 111 112 // Handle the trivial case first. 113 if (Ptr1 == Ptr2) { 114 Offset = 0; 115 return true; 116 } 117 118 GEPOperator *GEP1 = dyn_cast<GEPOperator>(Ptr1); 119 GEPOperator *GEP2 = dyn_cast<GEPOperator>(Ptr2); 120 121 bool VariableIdxFound = false; 122 123 // If one pointer is a GEP and the other isn't, then see if the GEP is a 124 // constant offset from the base, as in "P" and "gep P, 1". 125 if (GEP1 && !GEP2 && GEP1->getOperand(0)->stripPointerCasts() == Ptr2) { 126 Offset = -GetOffsetFromIndex(GEP1, 1, VariableIdxFound, DL); 127 return !VariableIdxFound; 128 } 129 130 if (GEP2 && !GEP1 && GEP2->getOperand(0)->stripPointerCasts() == Ptr1) { 131 Offset = GetOffsetFromIndex(GEP2, 1, VariableIdxFound, DL); 132 return !VariableIdxFound; 133 } 134 135 // Right now we handle the case when Ptr1/Ptr2 are both GEPs with an identical 136 // base. After that base, they may have some number of common (and 137 // potentially variable) indices. After that they handle some constant 138 // offset, which determines their offset from each other. At this point, we 139 // handle no other case. 140 if (!GEP1 || !GEP2 || GEP1->getOperand(0) != GEP2->getOperand(0)) 141 return false; 142 143 // Skip any common indices and track the GEP types. 144 unsigned Idx = 1; 145 for (; Idx != GEP1->getNumOperands() && Idx != GEP2->getNumOperands(); ++Idx) 146 if (GEP1->getOperand(Idx) != GEP2->getOperand(Idx)) 147 break; 148 149 int64_t Offset1 = GetOffsetFromIndex(GEP1, Idx, VariableIdxFound, DL); 150 int64_t Offset2 = GetOffsetFromIndex(GEP2, Idx, VariableIdxFound, DL); 151 if (VariableIdxFound) return false; 152 153 Offset = Offset2-Offset1; 154 return true; 155 } 156 157 namespace { 158 159 /// Represents a range of memset'd bytes with the ByteVal value. 160 /// This allows us to analyze stores like: 161 /// store 0 -> P+1 162 /// store 0 -> P+0 163 /// store 0 -> P+3 164 /// store 0 -> P+2 165 /// which sometimes happens with stores to arrays of structs etc. When we see 166 /// the first store, we make a range [1, 2). The second store extends the range 167 /// to [0, 2). The third makes a new range [2, 3). The fourth store joins the 168 /// two ranges into [0, 3) which is memset'able. 169 struct MemsetRange { 170 // Start/End - A semi range that describes the span that this range covers. 171 // The range is closed at the start and open at the end: [Start, End). 172 int64_t Start, End; 173 174 /// StartPtr - The getelementptr instruction that points to the start of the 175 /// range. 176 Value *StartPtr; 177 178 /// Alignment - The known alignment of the first store. 179 unsigned Alignment; 180 181 /// TheStores - The actual stores that make up this range. 182 SmallVector<Instruction*, 16> TheStores; 183 184 bool isProfitableToUseMemset(const DataLayout &DL) const; 185 }; 186 187 } // end anonymous namespace 188 189 bool MemsetRange::isProfitableToUseMemset(const DataLayout &DL) const { 190 // If we found more than 4 stores to merge or 16 bytes, use memset. 191 if (TheStores.size() >= 4 || End-Start >= 16) return true; 192 193 // If there is nothing to merge, don't do anything. 194 if (TheStores.size() < 2) return false; 195 196 // If any of the stores are a memset, then it is always good to extend the 197 // memset. 198 for (Instruction *SI : TheStores) 199 if (!isa<StoreInst>(SI)) 200 return true; 201 202 // Assume that the code generator is capable of merging pairs of stores 203 // together if it wants to. 204 if (TheStores.size() == 2) return false; 205 206 // If we have fewer than 8 stores, it can still be worthwhile to do this. 207 // For example, merging 4 i8 stores into an i32 store is useful almost always. 208 // However, merging 2 32-bit stores isn't useful on a 32-bit architecture (the 209 // memset will be split into 2 32-bit stores anyway) and doing so can 210 // pessimize the llvm optimizer. 211 // 212 // Since we don't have perfect knowledge here, make some assumptions: assume 213 // the maximum GPR width is the same size as the largest legal integer 214 // size. If so, check to see whether we will end up actually reducing the 215 // number of stores used. 216 unsigned Bytes = unsigned(End-Start); 217 unsigned MaxIntSize = DL.getLargestLegalIntTypeSizeInBits() / 8; 218 if (MaxIntSize == 0) 219 MaxIntSize = 1; 220 unsigned NumPointerStores = Bytes / MaxIntSize; 221 222 // Assume the remaining bytes if any are done a byte at a time. 223 unsigned NumByteStores = Bytes % MaxIntSize; 224 225 // If we will reduce the # stores (according to this heuristic), do the 226 // transformation. This encourages merging 4 x i8 -> i32 and 2 x i16 -> i32 227 // etc. 228 return TheStores.size() > NumPointerStores+NumByteStores; 229 } 230 231 namespace { 232 233 class MemsetRanges { 234 using range_iterator = SmallVectorImpl<MemsetRange>::iterator; 235 236 /// A sorted list of the memset ranges. 237 SmallVector<MemsetRange, 8> Ranges; 238 239 const DataLayout &DL; 240 241 public: 242 MemsetRanges(const DataLayout &DL) : DL(DL) {} 243 244 using const_iterator = SmallVectorImpl<MemsetRange>::const_iterator; 245 246 const_iterator begin() const { return Ranges.begin(); } 247 const_iterator end() const { return Ranges.end(); } 248 bool empty() const { return Ranges.empty(); } 249 250 void addInst(int64_t OffsetFromFirst, Instruction *Inst) { 251 if (StoreInst *SI = dyn_cast<StoreInst>(Inst)) 252 addStore(OffsetFromFirst, SI); 253 else 254 addMemSet(OffsetFromFirst, cast<MemSetInst>(Inst)); 255 } 256 257 void addStore(int64_t OffsetFromFirst, StoreInst *SI) { 258 int64_t StoreSize = DL.getTypeStoreSize(SI->getOperand(0)->getType()); 259 260 addRange(OffsetFromFirst, StoreSize, 261 SI->getPointerOperand(), SI->getAlignment(), SI); 262 } 263 264 void addMemSet(int64_t OffsetFromFirst, MemSetInst *MSI) { 265 int64_t Size = cast<ConstantInt>(MSI->getLength())->getZExtValue(); 266 addRange(OffsetFromFirst, Size, MSI->getDest(), MSI->getDestAlignment(), MSI); 267 } 268 269 void addRange(int64_t Start, int64_t Size, Value *Ptr, 270 unsigned Alignment, Instruction *Inst); 271 }; 272 273 } // end anonymous namespace 274 275 /// Add a new store to the MemsetRanges data structure. This adds a 276 /// new range for the specified store at the specified offset, merging into 277 /// existing ranges as appropriate. 278 void MemsetRanges::addRange(int64_t Start, int64_t Size, Value *Ptr, 279 unsigned Alignment, Instruction *Inst) { 280 int64_t End = Start+Size; 281 282 range_iterator I = std::lower_bound(Ranges.begin(), Ranges.end(), Start, 283 [](const MemsetRange &LHS, int64_t RHS) { return LHS.End < RHS; }); 284 285 // We now know that I == E, in which case we didn't find anything to merge 286 // with, or that Start <= I->End. If End < I->Start or I == E, then we need 287 // to insert a new range. Handle this now. 288 if (I == Ranges.end() || End < I->Start) { 289 MemsetRange &R = *Ranges.insert(I, MemsetRange()); 290 R.Start = Start; 291 R.End = End; 292 R.StartPtr = Ptr; 293 R.Alignment = Alignment; 294 R.TheStores.push_back(Inst); 295 return; 296 } 297 298 // This store overlaps with I, add it. 299 I->TheStores.push_back(Inst); 300 301 // At this point, we may have an interval that completely contains our store. 302 // If so, just add it to the interval and return. 303 if (I->Start <= Start && I->End >= End) 304 return; 305 306 // Now we know that Start <= I->End and End >= I->Start so the range overlaps 307 // but is not entirely contained within the range. 308 309 // See if the range extends the start of the range. In this case, it couldn't 310 // possibly cause it to join the prior range, because otherwise we would have 311 // stopped on *it*. 312 if (Start < I->Start) { 313 I->Start = Start; 314 I->StartPtr = Ptr; 315 I->Alignment = Alignment; 316 } 317 318 // Now we know that Start <= I->End and Start >= I->Start (so the startpoint 319 // is in or right at the end of I), and that End >= I->Start. Extend I out to 320 // End. 321 if (End > I->End) { 322 I->End = End; 323 range_iterator NextI = I; 324 while (++NextI != Ranges.end() && End >= NextI->Start) { 325 // Merge the range in. 326 I->TheStores.append(NextI->TheStores.begin(), NextI->TheStores.end()); 327 if (NextI->End > I->End) 328 I->End = NextI->End; 329 Ranges.erase(NextI); 330 NextI = I; 331 } 332 } 333 } 334 335 //===----------------------------------------------------------------------===// 336 // MemCpyOptLegacyPass Pass 337 //===----------------------------------------------------------------------===// 338 339 namespace { 340 341 class MemCpyOptLegacyPass : public FunctionPass { 342 MemCpyOptPass Impl; 343 344 public: 345 static char ID; // Pass identification, replacement for typeid 346 347 MemCpyOptLegacyPass() : FunctionPass(ID) { 348 initializeMemCpyOptLegacyPassPass(*PassRegistry::getPassRegistry()); 349 } 350 351 bool runOnFunction(Function &F) override; 352 353 private: 354 // This transformation requires dominator postdominator info 355 void getAnalysisUsage(AnalysisUsage &AU) const override { 356 AU.setPreservesCFG(); 357 AU.addRequired<AssumptionCacheTracker>(); 358 AU.addRequired<DominatorTreeWrapperPass>(); 359 AU.addRequired<MemoryDependenceWrapperPass>(); 360 AU.addRequired<AAResultsWrapperPass>(); 361 AU.addRequired<TargetLibraryInfoWrapperPass>(); 362 AU.addPreserved<GlobalsAAWrapperPass>(); 363 AU.addPreserved<MemoryDependenceWrapperPass>(); 364 } 365 }; 366 367 } // end anonymous namespace 368 369 char MemCpyOptLegacyPass::ID = 0; 370 371 /// The public interface to this file... 372 FunctionPass *llvm::createMemCpyOptPass() { return new MemCpyOptLegacyPass(); } 373 374 INITIALIZE_PASS_BEGIN(MemCpyOptLegacyPass, "memcpyopt", "MemCpy Optimization", 375 false, false) 376 INITIALIZE_PASS_DEPENDENCY(AssumptionCacheTracker) 377 INITIALIZE_PASS_DEPENDENCY(DominatorTreeWrapperPass) 378 INITIALIZE_PASS_DEPENDENCY(MemoryDependenceWrapperPass) 379 INITIALIZE_PASS_DEPENDENCY(TargetLibraryInfoWrapperPass) 380 INITIALIZE_PASS_DEPENDENCY(AAResultsWrapperPass) 381 INITIALIZE_PASS_DEPENDENCY(GlobalsAAWrapperPass) 382 INITIALIZE_PASS_END(MemCpyOptLegacyPass, "memcpyopt", "MemCpy Optimization", 383 false, false) 384 385 /// When scanning forward over instructions, we look for some other patterns to 386 /// fold away. In particular, this looks for stores to neighboring locations of 387 /// memory. If it sees enough consecutive ones, it attempts to merge them 388 /// together into a memcpy/memset. 389 Instruction *MemCpyOptPass::tryMergingIntoMemset(Instruction *StartInst, 390 Value *StartPtr, 391 Value *ByteVal) { 392 const DataLayout &DL = StartInst->getModule()->getDataLayout(); 393 394 // Okay, so we now have a single store that can be splatable. Scan to find 395 // all subsequent stores of the same value to offset from the same pointer. 396 // Join these together into ranges, so we can decide whether contiguous blocks 397 // are stored. 398 MemsetRanges Ranges(DL); 399 400 BasicBlock::iterator BI(StartInst); 401 for (++BI; !BI->isTerminator(); ++BI) { 402 if (!isa<StoreInst>(BI) && !isa<MemSetInst>(BI)) { 403 // If the instruction is readnone, ignore it, otherwise bail out. We 404 // don't even allow readonly here because we don't want something like: 405 // A[1] = 2; strlen(A); A[2] = 2; -> memcpy(A, ...); strlen(A). 406 if (BI->mayWriteToMemory() || BI->mayReadFromMemory()) 407 break; 408 continue; 409 } 410 411 if (StoreInst *NextStore = dyn_cast<StoreInst>(BI)) { 412 // If this is a store, see if we can merge it in. 413 if (!NextStore->isSimple()) break; 414 415 // Check to see if this stored value is of the same byte-splattable value. 416 Value *StoredByte = isBytewiseValue(NextStore->getOperand(0)); 417 if (isa<UndefValue>(ByteVal) && StoredByte) 418 ByteVal = StoredByte; 419 if (ByteVal != StoredByte) 420 break; 421 422 // Check to see if this store is to a constant offset from the start ptr. 423 int64_t Offset; 424 if (!IsPointerOffset(StartPtr, NextStore->getPointerOperand(), Offset, 425 DL)) 426 break; 427 428 Ranges.addStore(Offset, NextStore); 429 } else { 430 MemSetInst *MSI = cast<MemSetInst>(BI); 431 432 if (MSI->isVolatile() || ByteVal != MSI->getValue() || 433 !isa<ConstantInt>(MSI->getLength())) 434 break; 435 436 // Check to see if this store is to a constant offset from the start ptr. 437 int64_t Offset; 438 if (!IsPointerOffset(StartPtr, MSI->getDest(), Offset, DL)) 439 break; 440 441 Ranges.addMemSet(Offset, MSI); 442 } 443 } 444 445 // If we have no ranges, then we just had a single store with nothing that 446 // could be merged in. This is a very common case of course. 447 if (Ranges.empty()) 448 return nullptr; 449 450 // If we had at least one store that could be merged in, add the starting 451 // store as well. We try to avoid this unless there is at least something 452 // interesting as a small compile-time optimization. 453 Ranges.addInst(0, StartInst); 454 455 // If we create any memsets, we put it right before the first instruction that 456 // isn't part of the memset block. This ensure that the memset is dominated 457 // by any addressing instruction needed by the start of the block. 458 IRBuilder<> Builder(&*BI); 459 460 // Now that we have full information about ranges, loop over the ranges and 461 // emit memset's for anything big enough to be worthwhile. 462 Instruction *AMemSet = nullptr; 463 for (const MemsetRange &Range : Ranges) { 464 if (Range.TheStores.size() == 1) continue; 465 466 // If it is profitable to lower this range to memset, do so now. 467 if (!Range.isProfitableToUseMemset(DL)) 468 continue; 469 470 // Otherwise, we do want to transform this! Create a new memset. 471 // Get the starting pointer of the block. 472 StartPtr = Range.StartPtr; 473 474 // Determine alignment 475 unsigned Alignment = Range.Alignment; 476 if (Alignment == 0) { 477 Type *EltType = 478 cast<PointerType>(StartPtr->getType())->getElementType(); 479 Alignment = DL.getABITypeAlignment(EltType); 480 } 481 482 AMemSet = 483 Builder.CreateMemSet(StartPtr, ByteVal, Range.End-Range.Start, Alignment); 484 485 LLVM_DEBUG(dbgs() << "Replace stores:\n"; for (Instruction *SI 486 : Range.TheStores) dbgs() 487 << *SI << '\n'; 488 dbgs() << "With: " << *AMemSet << '\n'); 489 490 if (!Range.TheStores.empty()) 491 AMemSet->setDebugLoc(Range.TheStores[0]->getDebugLoc()); 492 493 // Zap all the stores. 494 for (Instruction *SI : Range.TheStores) { 495 MD->removeInstruction(SI); 496 SI->eraseFromParent(); 497 } 498 ++NumMemSetInfer; 499 } 500 501 return AMemSet; 502 } 503 504 static unsigned findStoreAlignment(const DataLayout &DL, const StoreInst *SI) { 505 unsigned StoreAlign = SI->getAlignment(); 506 if (!StoreAlign) 507 StoreAlign = DL.getABITypeAlignment(SI->getOperand(0)->getType()); 508 return StoreAlign; 509 } 510 511 static unsigned findLoadAlignment(const DataLayout &DL, const LoadInst *LI) { 512 unsigned LoadAlign = LI->getAlignment(); 513 if (!LoadAlign) 514 LoadAlign = DL.getABITypeAlignment(LI->getType()); 515 return LoadAlign; 516 } 517 518 static unsigned findCommonAlignment(const DataLayout &DL, const StoreInst *SI, 519 const LoadInst *LI) { 520 unsigned StoreAlign = findStoreAlignment(DL, SI); 521 unsigned LoadAlign = findLoadAlignment(DL, LI); 522 return MinAlign(StoreAlign, LoadAlign); 523 } 524 525 // This method try to lift a store instruction before position P. 526 // It will lift the store and its argument + that anything that 527 // may alias with these. 528 // The method returns true if it was successful. 529 static bool moveUp(AliasAnalysis &AA, StoreInst *SI, Instruction *P, 530 const LoadInst *LI) { 531 // If the store alias this position, early bail out. 532 MemoryLocation StoreLoc = MemoryLocation::get(SI); 533 if (isModOrRefSet(AA.getModRefInfo(P, StoreLoc))) 534 return false; 535 536 // Keep track of the arguments of all instruction we plan to lift 537 // so we can make sure to lift them as well if appropriate. 538 DenseSet<Instruction*> Args; 539 if (auto *Ptr = dyn_cast<Instruction>(SI->getPointerOperand())) 540 if (Ptr->getParent() == SI->getParent()) 541 Args.insert(Ptr); 542 543 // Instruction to lift before P. 544 SmallVector<Instruction*, 8> ToLift; 545 546 // Memory locations of lifted instructions. 547 SmallVector<MemoryLocation, 8> MemLocs{StoreLoc}; 548 549 // Lifted callsites. 550 SmallVector<ImmutableCallSite, 8> CallSites; 551 552 const MemoryLocation LoadLoc = MemoryLocation::get(LI); 553 554 for (auto I = --SI->getIterator(), E = P->getIterator(); I != E; --I) { 555 auto *C = &*I; 556 557 bool MayAlias = isModOrRefSet(AA.getModRefInfo(C, None)); 558 559 bool NeedLift = false; 560 if (Args.erase(C)) 561 NeedLift = true; 562 else if (MayAlias) { 563 NeedLift = llvm::any_of(MemLocs, [C, &AA](const MemoryLocation &ML) { 564 return isModOrRefSet(AA.getModRefInfo(C, ML)); 565 }); 566 567 if (!NeedLift) 568 NeedLift = 569 llvm::any_of(CallSites, [C, &AA](const ImmutableCallSite &CS) { 570 return isModOrRefSet(AA.getModRefInfo(C, CS)); 571 }); 572 } 573 574 if (!NeedLift) 575 continue; 576 577 if (MayAlias) { 578 // Since LI is implicitly moved downwards past the lifted instructions, 579 // none of them may modify its source. 580 if (isModSet(AA.getModRefInfo(C, LoadLoc))) 581 return false; 582 else if (auto CS = ImmutableCallSite(C)) { 583 // If we can't lift this before P, it's game over. 584 if (isModOrRefSet(AA.getModRefInfo(P, CS))) 585 return false; 586 587 CallSites.push_back(CS); 588 } else if (isa<LoadInst>(C) || isa<StoreInst>(C) || isa<VAArgInst>(C)) { 589 // If we can't lift this before P, it's game over. 590 auto ML = MemoryLocation::get(C); 591 if (isModOrRefSet(AA.getModRefInfo(P, ML))) 592 return false; 593 594 MemLocs.push_back(ML); 595 } else 596 // We don't know how to lift this instruction. 597 return false; 598 } 599 600 ToLift.push_back(C); 601 for (unsigned k = 0, e = C->getNumOperands(); k != e; ++k) 602 if (auto *A = dyn_cast<Instruction>(C->getOperand(k))) 603 if (A->getParent() == SI->getParent()) 604 Args.insert(A); 605 } 606 607 // We made it, we need to lift 608 for (auto *I : llvm::reverse(ToLift)) { 609 LLVM_DEBUG(dbgs() << "Lifting " << *I << " before " << *P << "\n"); 610 I->moveBefore(P); 611 } 612 613 return true; 614 } 615 616 bool MemCpyOptPass::processStore(StoreInst *SI, BasicBlock::iterator &BBI) { 617 if (!SI->isSimple()) return false; 618 619 // Avoid merging nontemporal stores since the resulting 620 // memcpy/memset would not be able to preserve the nontemporal hint. 621 // In theory we could teach how to propagate the !nontemporal metadata to 622 // memset calls. However, that change would force the backend to 623 // conservatively expand !nontemporal memset calls back to sequences of 624 // store instructions (effectively undoing the merging). 625 if (SI->getMetadata(LLVMContext::MD_nontemporal)) 626 return false; 627 628 const DataLayout &DL = SI->getModule()->getDataLayout(); 629 630 // Load to store forwarding can be interpreted as memcpy. 631 if (LoadInst *LI = dyn_cast<LoadInst>(SI->getOperand(0))) { 632 if (LI->isSimple() && LI->hasOneUse() && 633 LI->getParent() == SI->getParent()) { 634 635 auto *T = LI->getType(); 636 if (T->isAggregateType()) { 637 AliasAnalysis &AA = LookupAliasAnalysis(); 638 MemoryLocation LoadLoc = MemoryLocation::get(LI); 639 640 // We use alias analysis to check if an instruction may store to 641 // the memory we load from in between the load and the store. If 642 // such an instruction is found, we try to promote there instead 643 // of at the store position. 644 Instruction *P = SI; 645 for (auto &I : make_range(++LI->getIterator(), SI->getIterator())) { 646 if (isModSet(AA.getModRefInfo(&I, LoadLoc))) { 647 P = &I; 648 break; 649 } 650 } 651 652 // We found an instruction that may write to the loaded memory. 653 // We can try to promote at this position instead of the store 654 // position if nothing alias the store memory after this and the store 655 // destination is not in the range. 656 if (P && P != SI) { 657 if (!moveUp(AA, SI, P, LI)) 658 P = nullptr; 659 } 660 661 // If a valid insertion position is found, then we can promote 662 // the load/store pair to a memcpy. 663 if (P) { 664 // If we load from memory that may alias the memory we store to, 665 // memmove must be used to preserve semantic. If not, memcpy can 666 // be used. 667 bool UseMemMove = false; 668 if (!AA.isNoAlias(MemoryLocation::get(SI), LoadLoc)) 669 UseMemMove = true; 670 671 uint64_t Size = DL.getTypeStoreSize(T); 672 673 IRBuilder<> Builder(P); 674 Instruction *M; 675 if (UseMemMove) 676 M = Builder.CreateMemMove( 677 SI->getPointerOperand(), findStoreAlignment(DL, SI), 678 LI->getPointerOperand(), findLoadAlignment(DL, LI), Size, 679 SI->isVolatile()); 680 else 681 M = Builder.CreateMemCpy( 682 SI->getPointerOperand(), findStoreAlignment(DL, SI), 683 LI->getPointerOperand(), findLoadAlignment(DL, LI), Size, 684 SI->isVolatile()); 685 686 LLVM_DEBUG(dbgs() << "Promoting " << *LI << " to " << *SI << " => " 687 << *M << "\n"); 688 689 MD->removeInstruction(SI); 690 SI->eraseFromParent(); 691 MD->removeInstruction(LI); 692 LI->eraseFromParent(); 693 ++NumMemCpyInstr; 694 695 // Make sure we do not invalidate the iterator. 696 BBI = M->getIterator(); 697 return true; 698 } 699 } 700 701 // Detect cases where we're performing call slot forwarding, but 702 // happen to be using a load-store pair to implement it, rather than 703 // a memcpy. 704 MemDepResult ldep = MD->getDependency(LI); 705 CallInst *C = nullptr; 706 if (ldep.isClobber() && !isa<MemCpyInst>(ldep.getInst())) 707 C = dyn_cast<CallInst>(ldep.getInst()); 708 709 if (C) { 710 // Check that nothing touches the dest of the "copy" between 711 // the call and the store. 712 Value *CpyDest = SI->getPointerOperand()->stripPointerCasts(); 713 bool CpyDestIsLocal = isa<AllocaInst>(CpyDest); 714 AliasAnalysis &AA = LookupAliasAnalysis(); 715 MemoryLocation StoreLoc = MemoryLocation::get(SI); 716 for (BasicBlock::iterator I = --SI->getIterator(), E = C->getIterator(); 717 I != E; --I) { 718 if (isModOrRefSet(AA.getModRefInfo(&*I, StoreLoc))) { 719 C = nullptr; 720 break; 721 } 722 // The store to dest may never happen if an exception can be thrown 723 // between the load and the store. 724 if (I->mayThrow() && !CpyDestIsLocal) { 725 C = nullptr; 726 break; 727 } 728 } 729 } 730 731 if (C) { 732 bool changed = performCallSlotOptzn( 733 LI, SI->getPointerOperand()->stripPointerCasts(), 734 LI->getPointerOperand()->stripPointerCasts(), 735 DL.getTypeStoreSize(SI->getOperand(0)->getType()), 736 findCommonAlignment(DL, SI, LI), C); 737 if (changed) { 738 MD->removeInstruction(SI); 739 SI->eraseFromParent(); 740 MD->removeInstruction(LI); 741 LI->eraseFromParent(); 742 ++NumMemCpyInstr; 743 return true; 744 } 745 } 746 } 747 } 748 749 // There are two cases that are interesting for this code to handle: memcpy 750 // and memset. Right now we only handle memset. 751 752 // Ensure that the value being stored is something that can be memset'able a 753 // byte at a time like "0" or "-1" or any width, as well as things like 754 // 0xA0A0A0A0 and 0.0. 755 auto *V = SI->getOperand(0); 756 if (Value *ByteVal = isBytewiseValue(V)) { 757 if (Instruction *I = tryMergingIntoMemset(SI, SI->getPointerOperand(), 758 ByteVal)) { 759 BBI = I->getIterator(); // Don't invalidate iterator. 760 return true; 761 } 762 763 // If we have an aggregate, we try to promote it to memset regardless 764 // of opportunity for merging as it can expose optimization opportunities 765 // in subsequent passes. 766 auto *T = V->getType(); 767 if (T->isAggregateType()) { 768 uint64_t Size = DL.getTypeStoreSize(T); 769 unsigned Align = SI->getAlignment(); 770 if (!Align) 771 Align = DL.getABITypeAlignment(T); 772 IRBuilder<> Builder(SI); 773 auto *M = Builder.CreateMemSet(SI->getPointerOperand(), ByteVal, 774 Size, Align, SI->isVolatile()); 775 776 LLVM_DEBUG(dbgs() << "Promoting " << *SI << " to " << *M << "\n"); 777 778 MD->removeInstruction(SI); 779 SI->eraseFromParent(); 780 NumMemSetInfer++; 781 782 // Make sure we do not invalidate the iterator. 783 BBI = M->getIterator(); 784 return true; 785 } 786 } 787 788 return false; 789 } 790 791 bool MemCpyOptPass::processMemSet(MemSetInst *MSI, BasicBlock::iterator &BBI) { 792 // See if there is another memset or store neighboring this memset which 793 // allows us to widen out the memset to do a single larger store. 794 if (isa<ConstantInt>(MSI->getLength()) && !MSI->isVolatile()) 795 if (Instruction *I = tryMergingIntoMemset(MSI, MSI->getDest(), 796 MSI->getValue())) { 797 BBI = I->getIterator(); // Don't invalidate iterator. 798 return true; 799 } 800 return false; 801 } 802 803 /// Takes a memcpy and a call that it depends on, 804 /// and checks for the possibility of a call slot optimization by having 805 /// the call write its result directly into the destination of the memcpy. 806 bool MemCpyOptPass::performCallSlotOptzn(Instruction *cpy, Value *cpyDest, 807 Value *cpySrc, uint64_t cpyLen, 808 unsigned cpyAlign, CallInst *C) { 809 // The general transformation to keep in mind is 810 // 811 // call @func(..., src, ...) 812 // memcpy(dest, src, ...) 813 // 814 // -> 815 // 816 // memcpy(dest, src, ...) 817 // call @func(..., dest, ...) 818 // 819 // Since moving the memcpy is technically awkward, we additionally check that 820 // src only holds uninitialized values at the moment of the call, meaning that 821 // the memcpy can be discarded rather than moved. 822 823 // Lifetime marks shouldn't be operated on. 824 if (Function *F = C->getCalledFunction()) 825 if (F->isIntrinsic() && F->getIntrinsicID() == Intrinsic::lifetime_start) 826 return false; 827 828 // Deliberately get the source and destination with bitcasts stripped away, 829 // because we'll need to do type comparisons based on the underlying type. 830 CallSite CS(C); 831 832 // Require that src be an alloca. This simplifies the reasoning considerably. 833 AllocaInst *srcAlloca = dyn_cast<AllocaInst>(cpySrc); 834 if (!srcAlloca) 835 return false; 836 837 ConstantInt *srcArraySize = dyn_cast<ConstantInt>(srcAlloca->getArraySize()); 838 if (!srcArraySize) 839 return false; 840 841 const DataLayout &DL = cpy->getModule()->getDataLayout(); 842 uint64_t srcSize = DL.getTypeAllocSize(srcAlloca->getAllocatedType()) * 843 srcArraySize->getZExtValue(); 844 845 if (cpyLen < srcSize) 846 return false; 847 848 // Check that accessing the first srcSize bytes of dest will not cause a 849 // trap. Otherwise the transform is invalid since it might cause a trap 850 // to occur earlier than it otherwise would. 851 if (AllocaInst *A = dyn_cast<AllocaInst>(cpyDest)) { 852 // The destination is an alloca. Check it is larger than srcSize. 853 ConstantInt *destArraySize = dyn_cast<ConstantInt>(A->getArraySize()); 854 if (!destArraySize) 855 return false; 856 857 uint64_t destSize = DL.getTypeAllocSize(A->getAllocatedType()) * 858 destArraySize->getZExtValue(); 859 860 if (destSize < srcSize) 861 return false; 862 } else if (Argument *A = dyn_cast<Argument>(cpyDest)) { 863 // The store to dest may never happen if the call can throw. 864 if (C->mayThrow()) 865 return false; 866 867 if (A->getDereferenceableBytes() < srcSize) { 868 // If the destination is an sret parameter then only accesses that are 869 // outside of the returned struct type can trap. 870 if (!A->hasStructRetAttr()) 871 return false; 872 873 Type *StructTy = cast<PointerType>(A->getType())->getElementType(); 874 if (!StructTy->isSized()) { 875 // The call may never return and hence the copy-instruction may never 876 // be executed, and therefore it's not safe to say "the destination 877 // has at least <cpyLen> bytes, as implied by the copy-instruction", 878 return false; 879 } 880 881 uint64_t destSize = DL.getTypeAllocSize(StructTy); 882 if (destSize < srcSize) 883 return false; 884 } 885 } else { 886 return false; 887 } 888 889 // Check that dest points to memory that is at least as aligned as src. 890 unsigned srcAlign = srcAlloca->getAlignment(); 891 if (!srcAlign) 892 srcAlign = DL.getABITypeAlignment(srcAlloca->getAllocatedType()); 893 bool isDestSufficientlyAligned = srcAlign <= cpyAlign; 894 // If dest is not aligned enough and we can't increase its alignment then 895 // bail out. 896 if (!isDestSufficientlyAligned && !isa<AllocaInst>(cpyDest)) 897 return false; 898 899 // Check that src is not accessed except via the call and the memcpy. This 900 // guarantees that it holds only undefined values when passed in (so the final 901 // memcpy can be dropped), that it is not read or written between the call and 902 // the memcpy, and that writing beyond the end of it is undefined. 903 SmallVector<User*, 8> srcUseList(srcAlloca->user_begin(), 904 srcAlloca->user_end()); 905 while (!srcUseList.empty()) { 906 User *U = srcUseList.pop_back_val(); 907 908 if (isa<BitCastInst>(U) || isa<AddrSpaceCastInst>(U)) { 909 for (User *UU : U->users()) 910 srcUseList.push_back(UU); 911 continue; 912 } 913 if (GetElementPtrInst *G = dyn_cast<GetElementPtrInst>(U)) { 914 if (!G->hasAllZeroIndices()) 915 return false; 916 917 for (User *UU : U->users()) 918 srcUseList.push_back(UU); 919 continue; 920 } 921 if (const IntrinsicInst *IT = dyn_cast<IntrinsicInst>(U)) 922 if (IT->getIntrinsicID() == Intrinsic::lifetime_start || 923 IT->getIntrinsicID() == Intrinsic::lifetime_end) 924 continue; 925 926 if (U != C && U != cpy) 927 return false; 928 } 929 930 // Check that src isn't captured by the called function since the 931 // transformation can cause aliasing issues in that case. 932 for (unsigned i = 0, e = CS.arg_size(); i != e; ++i) 933 if (CS.getArgument(i) == cpySrc && !CS.doesNotCapture(i)) 934 return false; 935 936 // Since we're changing the parameter to the callsite, we need to make sure 937 // that what would be the new parameter dominates the callsite. 938 DominatorTree &DT = LookupDomTree(); 939 if (Instruction *cpyDestInst = dyn_cast<Instruction>(cpyDest)) 940 if (!DT.dominates(cpyDestInst, C)) 941 return false; 942 943 // In addition to knowing that the call does not access src in some 944 // unexpected manner, for example via a global, which we deduce from 945 // the use analysis, we also need to know that it does not sneakily 946 // access dest. We rely on AA to figure this out for us. 947 AliasAnalysis &AA = LookupAliasAnalysis(); 948 ModRefInfo MR = AA.getModRefInfo(C, cpyDest, srcSize); 949 // If necessary, perform additional analysis. 950 if (isModOrRefSet(MR)) 951 MR = AA.callCapturesBefore(C, cpyDest, srcSize, &DT); 952 if (isModOrRefSet(MR)) 953 return false; 954 955 // We can't create address space casts here because we don't know if they're 956 // safe for the target. 957 if (cpySrc->getType()->getPointerAddressSpace() != 958 cpyDest->getType()->getPointerAddressSpace()) 959 return false; 960 for (unsigned i = 0; i < CS.arg_size(); ++i) 961 if (CS.getArgument(i)->stripPointerCasts() == cpySrc && 962 cpySrc->getType()->getPointerAddressSpace() != 963 CS.getArgument(i)->getType()->getPointerAddressSpace()) 964 return false; 965 966 // All the checks have passed, so do the transformation. 967 bool changedArgument = false; 968 for (unsigned i = 0; i < CS.arg_size(); ++i) 969 if (CS.getArgument(i)->stripPointerCasts() == cpySrc) { 970 Value *Dest = cpySrc->getType() == cpyDest->getType() ? cpyDest 971 : CastInst::CreatePointerCast(cpyDest, cpySrc->getType(), 972 cpyDest->getName(), C); 973 changedArgument = true; 974 if (CS.getArgument(i)->getType() == Dest->getType()) 975 CS.setArgument(i, Dest); 976 else 977 CS.setArgument(i, CastInst::CreatePointerCast(Dest, 978 CS.getArgument(i)->getType(), Dest->getName(), C)); 979 } 980 981 if (!changedArgument) 982 return false; 983 984 // If the destination wasn't sufficiently aligned then increase its alignment. 985 if (!isDestSufficientlyAligned) { 986 assert(isa<AllocaInst>(cpyDest) && "Can only increase alloca alignment!"); 987 cast<AllocaInst>(cpyDest)->setAlignment(srcAlign); 988 } 989 990 // Drop any cached information about the call, because we may have changed 991 // its dependence information by changing its parameter. 992 MD->removeInstruction(C); 993 994 // Update AA metadata 995 // FIXME: MD_tbaa_struct and MD_mem_parallel_loop_access should also be 996 // handled here, but combineMetadata doesn't support them yet 997 unsigned KnownIDs[] = {LLVMContext::MD_tbaa, LLVMContext::MD_alias_scope, 998 LLVMContext::MD_noalias, 999 LLVMContext::MD_invariant_group, 1000 LLVMContext::MD_access_group}; 1001 combineMetadata(C, cpy, KnownIDs, true); 1002 1003 // Remove the memcpy. 1004 MD->removeInstruction(cpy); 1005 ++NumMemCpyInstr; 1006 1007 return true; 1008 } 1009 1010 /// We've found that the (upward scanning) memory dependence of memcpy 'M' is 1011 /// the memcpy 'MDep'. Try to simplify M to copy from MDep's input if we can. 1012 bool MemCpyOptPass::processMemCpyMemCpyDependence(MemCpyInst *M, 1013 MemCpyInst *MDep) { 1014 // We can only transforms memcpy's where the dest of one is the source of the 1015 // other. 1016 if (M->getSource() != MDep->getDest() || MDep->isVolatile()) 1017 return false; 1018 1019 // If dep instruction is reading from our current input, then it is a noop 1020 // transfer and substituting the input won't change this instruction. Just 1021 // ignore the input and let someone else zap MDep. This handles cases like: 1022 // memcpy(a <- a) 1023 // memcpy(b <- a) 1024 if (M->getSource() == MDep->getSource()) 1025 return false; 1026 1027 // Second, the length of the memcpy's must be the same, or the preceding one 1028 // must be larger than the following one. 1029 ConstantInt *MDepLen = dyn_cast<ConstantInt>(MDep->getLength()); 1030 ConstantInt *MLen = dyn_cast<ConstantInt>(M->getLength()); 1031 if (!MDepLen || !MLen || MDepLen->getZExtValue() < MLen->getZExtValue()) 1032 return false; 1033 1034 AliasAnalysis &AA = LookupAliasAnalysis(); 1035 1036 // Verify that the copied-from memory doesn't change in between the two 1037 // transfers. For example, in: 1038 // memcpy(a <- b) 1039 // *b = 42; 1040 // memcpy(c <- a) 1041 // It would be invalid to transform the second memcpy into memcpy(c <- b). 1042 // 1043 // TODO: If the code between M and MDep is transparent to the destination "c", 1044 // then we could still perform the xform by moving M up to the first memcpy. 1045 // 1046 // NOTE: This is conservative, it will stop on any read from the source loc, 1047 // not just the defining memcpy. 1048 MemDepResult SourceDep = 1049 MD->getPointerDependencyFrom(MemoryLocation::getForSource(MDep), false, 1050 M->getIterator(), M->getParent()); 1051 if (!SourceDep.isClobber() || SourceDep.getInst() != MDep) 1052 return false; 1053 1054 // If the dest of the second might alias the source of the first, then the 1055 // source and dest might overlap. We still want to eliminate the intermediate 1056 // value, but we have to generate a memmove instead of memcpy. 1057 bool UseMemMove = false; 1058 if (!AA.isNoAlias(MemoryLocation::getForDest(M), 1059 MemoryLocation::getForSource(MDep))) 1060 UseMemMove = true; 1061 1062 // If all checks passed, then we can transform M. 1063 1064 // TODO: Is this worth it if we're creating a less aligned memcpy? For 1065 // example we could be moving from movaps -> movq on x86. 1066 IRBuilder<> Builder(M); 1067 if (UseMemMove) 1068 Builder.CreateMemMove(M->getRawDest(), M->getDestAlignment(), 1069 MDep->getRawSource(), MDep->getSourceAlignment(), 1070 M->getLength(), M->isVolatile()); 1071 else 1072 Builder.CreateMemCpy(M->getRawDest(), M->getDestAlignment(), 1073 MDep->getRawSource(), MDep->getSourceAlignment(), 1074 M->getLength(), M->isVolatile()); 1075 1076 // Remove the instruction we're replacing. 1077 MD->removeInstruction(M); 1078 M->eraseFromParent(); 1079 ++NumMemCpyInstr; 1080 return true; 1081 } 1082 1083 /// We've found that the (upward scanning) memory dependence of \p MemCpy is 1084 /// \p MemSet. Try to simplify \p MemSet to only set the trailing bytes that 1085 /// weren't copied over by \p MemCpy. 1086 /// 1087 /// In other words, transform: 1088 /// \code 1089 /// memset(dst, c, dst_size); 1090 /// memcpy(dst, src, src_size); 1091 /// \endcode 1092 /// into: 1093 /// \code 1094 /// memcpy(dst, src, src_size); 1095 /// memset(dst + src_size, c, dst_size <= src_size ? 0 : dst_size - src_size); 1096 /// \endcode 1097 bool MemCpyOptPass::processMemSetMemCpyDependence(MemCpyInst *MemCpy, 1098 MemSetInst *MemSet) { 1099 // We can only transform memset/memcpy with the same destination. 1100 if (MemSet->getDest() != MemCpy->getDest()) 1101 return false; 1102 1103 // Check that there are no other dependencies on the memset destination. 1104 MemDepResult DstDepInfo = 1105 MD->getPointerDependencyFrom(MemoryLocation::getForDest(MemSet), false, 1106 MemCpy->getIterator(), MemCpy->getParent()); 1107 if (DstDepInfo.getInst() != MemSet) 1108 return false; 1109 1110 // Use the same i8* dest as the memcpy, killing the memset dest if different. 1111 Value *Dest = MemCpy->getRawDest(); 1112 Value *DestSize = MemSet->getLength(); 1113 Value *SrcSize = MemCpy->getLength(); 1114 1115 // By default, create an unaligned memset. 1116 unsigned Align = 1; 1117 // If Dest is aligned, and SrcSize is constant, use the minimum alignment 1118 // of the sum. 1119 const unsigned DestAlign = 1120 std::max(MemSet->getDestAlignment(), MemCpy->getDestAlignment()); 1121 if (DestAlign > 1) 1122 if (ConstantInt *SrcSizeC = dyn_cast<ConstantInt>(SrcSize)) 1123 Align = MinAlign(SrcSizeC->getZExtValue(), DestAlign); 1124 1125 IRBuilder<> Builder(MemCpy); 1126 1127 // If the sizes have different types, zext the smaller one. 1128 if (DestSize->getType() != SrcSize->getType()) { 1129 if (DestSize->getType()->getIntegerBitWidth() > 1130 SrcSize->getType()->getIntegerBitWidth()) 1131 SrcSize = Builder.CreateZExt(SrcSize, DestSize->getType()); 1132 else 1133 DestSize = Builder.CreateZExt(DestSize, SrcSize->getType()); 1134 } 1135 1136 Value *Ule = Builder.CreateICmpULE(DestSize, SrcSize); 1137 Value *SizeDiff = Builder.CreateSub(DestSize, SrcSize); 1138 Value *MemsetLen = Builder.CreateSelect( 1139 Ule, ConstantInt::getNullValue(DestSize->getType()), SizeDiff); 1140 Builder.CreateMemSet(Builder.CreateGEP(Dest, SrcSize), MemSet->getOperand(1), 1141 MemsetLen, Align); 1142 1143 MD->removeInstruction(MemSet); 1144 MemSet->eraseFromParent(); 1145 return true; 1146 } 1147 1148 /// Determine whether the instruction has undefined content for the given Size, 1149 /// either because it was freshly alloca'd or started its lifetime. 1150 static bool hasUndefContents(Instruction *I, ConstantInt *Size) { 1151 if (isa<AllocaInst>(I)) 1152 return true; 1153 1154 if (IntrinsicInst *II = dyn_cast<IntrinsicInst>(I)) 1155 if (II->getIntrinsicID() == Intrinsic::lifetime_start) 1156 if (ConstantInt *LTSize = dyn_cast<ConstantInt>(II->getArgOperand(0))) 1157 if (LTSize->getZExtValue() >= Size->getZExtValue()) 1158 return true; 1159 1160 return false; 1161 } 1162 1163 /// Transform memcpy to memset when its source was just memset. 1164 /// In other words, turn: 1165 /// \code 1166 /// memset(dst1, c, dst1_size); 1167 /// memcpy(dst2, dst1, dst2_size); 1168 /// \endcode 1169 /// into: 1170 /// \code 1171 /// memset(dst1, c, dst1_size); 1172 /// memset(dst2, c, dst2_size); 1173 /// \endcode 1174 /// When dst2_size <= dst1_size. 1175 /// 1176 /// The \p MemCpy must have a Constant length. 1177 bool MemCpyOptPass::performMemCpyToMemSetOptzn(MemCpyInst *MemCpy, 1178 MemSetInst *MemSet) { 1179 AliasAnalysis &AA = LookupAliasAnalysis(); 1180 1181 // Make sure that memcpy(..., memset(...), ...), that is we are memsetting and 1182 // memcpying from the same address. Otherwise it is hard to reason about. 1183 if (!AA.isMustAlias(MemSet->getRawDest(), MemCpy->getRawSource())) 1184 return false; 1185 1186 // A known memset size is required. 1187 ConstantInt *MemSetSize = dyn_cast<ConstantInt>(MemSet->getLength()); 1188 if (!MemSetSize) 1189 return false; 1190 1191 // Make sure the memcpy doesn't read any more than what the memset wrote. 1192 // Don't worry about sizes larger than i64. 1193 ConstantInt *CopySize = cast<ConstantInt>(MemCpy->getLength()); 1194 if (CopySize->getZExtValue() > MemSetSize->getZExtValue()) { 1195 // If the memcpy is larger than the memset, but the memory was undef prior 1196 // to the memset, we can just ignore the tail. Technically we're only 1197 // interested in the bytes from MemSetSize..CopySize here, but as we can't 1198 // easily represent this location, we use the full 0..CopySize range. 1199 MemoryLocation MemCpyLoc = MemoryLocation::getForSource(MemCpy); 1200 MemDepResult DepInfo = MD->getPointerDependencyFrom( 1201 MemCpyLoc, true, MemSet->getIterator(), MemSet->getParent()); 1202 if (DepInfo.isDef() && hasUndefContents(DepInfo.getInst(), CopySize)) 1203 CopySize = MemSetSize; 1204 else 1205 return false; 1206 } 1207 1208 IRBuilder<> Builder(MemCpy); 1209 Builder.CreateMemSet(MemCpy->getRawDest(), MemSet->getOperand(1), 1210 CopySize, MemCpy->getDestAlignment()); 1211 return true; 1212 } 1213 1214 /// Perform simplification of memcpy's. If we have memcpy A 1215 /// which copies X to Y, and memcpy B which copies Y to Z, then we can rewrite 1216 /// B to be a memcpy from X to Z (or potentially a memmove, depending on 1217 /// circumstances). This allows later passes to remove the first memcpy 1218 /// altogether. 1219 bool MemCpyOptPass::processMemCpy(MemCpyInst *M) { 1220 // We can only optimize non-volatile memcpy's. 1221 if (M->isVolatile()) return false; 1222 1223 // If the source and destination of the memcpy are the same, then zap it. 1224 if (M->getSource() == M->getDest()) { 1225 MD->removeInstruction(M); 1226 M->eraseFromParent(); 1227 return false; 1228 } 1229 1230 // If copying from a constant, try to turn the memcpy into a memset. 1231 if (GlobalVariable *GV = dyn_cast<GlobalVariable>(M->getSource())) 1232 if (GV->isConstant() && GV->hasDefinitiveInitializer()) 1233 if (Value *ByteVal = isBytewiseValue(GV->getInitializer())) { 1234 IRBuilder<> Builder(M); 1235 Builder.CreateMemSet(M->getRawDest(), ByteVal, M->getLength(), 1236 M->getDestAlignment(), false); 1237 MD->removeInstruction(M); 1238 M->eraseFromParent(); 1239 ++NumCpyToSet; 1240 return true; 1241 } 1242 1243 MemDepResult DepInfo = MD->getDependency(M); 1244 1245 // Try to turn a partially redundant memset + memcpy into 1246 // memcpy + smaller memset. We don't need the memcpy size for this. 1247 if (DepInfo.isClobber()) 1248 if (MemSetInst *MDep = dyn_cast<MemSetInst>(DepInfo.getInst())) 1249 if (processMemSetMemCpyDependence(M, MDep)) 1250 return true; 1251 1252 // The optimizations after this point require the memcpy size. 1253 ConstantInt *CopySize = dyn_cast<ConstantInt>(M->getLength()); 1254 if (!CopySize) return false; 1255 1256 // There are four possible optimizations we can do for memcpy: 1257 // a) memcpy-memcpy xform which exposes redundance for DSE. 1258 // b) call-memcpy xform for return slot optimization. 1259 // c) memcpy from freshly alloca'd space or space that has just started its 1260 // lifetime copies undefined data, and we can therefore eliminate the 1261 // memcpy in favor of the data that was already at the destination. 1262 // d) memcpy from a just-memset'd source can be turned into memset. 1263 if (DepInfo.isClobber()) { 1264 if (CallInst *C = dyn_cast<CallInst>(DepInfo.getInst())) { 1265 // FIXME: Can we pass in either of dest/src alignment here instead 1266 // of conservatively taking the minimum? 1267 unsigned Align = MinAlign(M->getDestAlignment(), M->getSourceAlignment()); 1268 if (performCallSlotOptzn(M, M->getDest(), M->getSource(), 1269 CopySize->getZExtValue(), Align, 1270 C)) { 1271 MD->removeInstruction(M); 1272 M->eraseFromParent(); 1273 return true; 1274 } 1275 } 1276 } 1277 1278 MemoryLocation SrcLoc = MemoryLocation::getForSource(M); 1279 MemDepResult SrcDepInfo = MD->getPointerDependencyFrom( 1280 SrcLoc, true, M->getIterator(), M->getParent()); 1281 1282 if (SrcDepInfo.isClobber()) { 1283 if (MemCpyInst *MDep = dyn_cast<MemCpyInst>(SrcDepInfo.getInst())) 1284 return processMemCpyMemCpyDependence(M, MDep); 1285 } else if (SrcDepInfo.isDef()) { 1286 if (hasUndefContents(SrcDepInfo.getInst(), CopySize)) { 1287 MD->removeInstruction(M); 1288 M->eraseFromParent(); 1289 ++NumMemCpyInstr; 1290 return true; 1291 } 1292 } 1293 1294 if (SrcDepInfo.isClobber()) 1295 if (MemSetInst *MDep = dyn_cast<MemSetInst>(SrcDepInfo.getInst())) 1296 if (performMemCpyToMemSetOptzn(M, MDep)) { 1297 MD->removeInstruction(M); 1298 M->eraseFromParent(); 1299 ++NumCpyToSet; 1300 return true; 1301 } 1302 1303 return false; 1304 } 1305 1306 /// Transforms memmove calls to memcpy calls when the src/dst are guaranteed 1307 /// not to alias. 1308 bool MemCpyOptPass::processMemMove(MemMoveInst *M) { 1309 AliasAnalysis &AA = LookupAliasAnalysis(); 1310 1311 if (!TLI->has(LibFunc_memmove)) 1312 return false; 1313 1314 // See if the pointers alias. 1315 if (!AA.isNoAlias(MemoryLocation::getForDest(M), 1316 MemoryLocation::getForSource(M))) 1317 return false; 1318 1319 LLVM_DEBUG(dbgs() << "MemCpyOptPass: Optimizing memmove -> memcpy: " << *M 1320 << "\n"); 1321 1322 // If not, then we know we can transform this. 1323 Type *ArgTys[3] = { M->getRawDest()->getType(), 1324 M->getRawSource()->getType(), 1325 M->getLength()->getType() }; 1326 M->setCalledFunction(Intrinsic::getDeclaration(M->getModule(), 1327 Intrinsic::memcpy, ArgTys)); 1328 1329 // MemDep may have over conservative information about this instruction, just 1330 // conservatively flush it from the cache. 1331 MD->removeInstruction(M); 1332 1333 ++NumMoveToCpy; 1334 return true; 1335 } 1336 1337 /// This is called on every byval argument in call sites. 1338 bool MemCpyOptPass::processByValArgument(CallSite CS, unsigned ArgNo) { 1339 const DataLayout &DL = CS.getCaller()->getParent()->getDataLayout(); 1340 // Find out what feeds this byval argument. 1341 Value *ByValArg = CS.getArgument(ArgNo); 1342 Type *ByValTy = cast<PointerType>(ByValArg->getType())->getElementType(); 1343 uint64_t ByValSize = DL.getTypeAllocSize(ByValTy); 1344 MemDepResult DepInfo = MD->getPointerDependencyFrom( 1345 MemoryLocation(ByValArg, ByValSize), true, 1346 CS.getInstruction()->getIterator(), CS.getInstruction()->getParent()); 1347 if (!DepInfo.isClobber()) 1348 return false; 1349 1350 // If the byval argument isn't fed by a memcpy, ignore it. If it is fed by 1351 // a memcpy, see if we can byval from the source of the memcpy instead of the 1352 // result. 1353 MemCpyInst *MDep = dyn_cast<MemCpyInst>(DepInfo.getInst()); 1354 if (!MDep || MDep->isVolatile() || 1355 ByValArg->stripPointerCasts() != MDep->getDest()) 1356 return false; 1357 1358 // The length of the memcpy must be larger or equal to the size of the byval. 1359 ConstantInt *C1 = dyn_cast<ConstantInt>(MDep->getLength()); 1360 if (!C1 || C1->getValue().getZExtValue() < ByValSize) 1361 return false; 1362 1363 // Get the alignment of the byval. If the call doesn't specify the alignment, 1364 // then it is some target specific value that we can't know. 1365 unsigned ByValAlign = CS.getParamAlignment(ArgNo); 1366 if (ByValAlign == 0) return false; 1367 1368 // If it is greater than the memcpy, then we check to see if we can force the 1369 // source of the memcpy to the alignment we need. If we fail, we bail out. 1370 AssumptionCache &AC = LookupAssumptionCache(); 1371 DominatorTree &DT = LookupDomTree(); 1372 if (MDep->getSourceAlignment() < ByValAlign && 1373 getOrEnforceKnownAlignment(MDep->getSource(), ByValAlign, DL, 1374 CS.getInstruction(), &AC, &DT) < ByValAlign) 1375 return false; 1376 1377 // The address space of the memcpy source must match the byval argument 1378 if (MDep->getSource()->getType()->getPointerAddressSpace() != 1379 ByValArg->getType()->getPointerAddressSpace()) 1380 return false; 1381 1382 // Verify that the copied-from memory doesn't change in between the memcpy and 1383 // the byval call. 1384 // memcpy(a <- b) 1385 // *b = 42; 1386 // foo(*a) 1387 // It would be invalid to transform the second memcpy into foo(*b). 1388 // 1389 // NOTE: This is conservative, it will stop on any read from the source loc, 1390 // not just the defining memcpy. 1391 MemDepResult SourceDep = MD->getPointerDependencyFrom( 1392 MemoryLocation::getForSource(MDep), false, 1393 CS.getInstruction()->getIterator(), MDep->getParent()); 1394 if (!SourceDep.isClobber() || SourceDep.getInst() != MDep) 1395 return false; 1396 1397 Value *TmpCast = MDep->getSource(); 1398 if (MDep->getSource()->getType() != ByValArg->getType()) 1399 TmpCast = new BitCastInst(MDep->getSource(), ByValArg->getType(), 1400 "tmpcast", CS.getInstruction()); 1401 1402 LLVM_DEBUG(dbgs() << "MemCpyOptPass: Forwarding memcpy to byval:\n" 1403 << " " << *MDep << "\n" 1404 << " " << *CS.getInstruction() << "\n"); 1405 1406 // Otherwise we're good! Update the byval argument. 1407 CS.setArgument(ArgNo, TmpCast); 1408 ++NumMemCpyInstr; 1409 return true; 1410 } 1411 1412 /// Executes one iteration of MemCpyOptPass. 1413 bool MemCpyOptPass::iterateOnFunction(Function &F) { 1414 bool MadeChange = false; 1415 1416 DominatorTree &DT = LookupDomTree(); 1417 1418 // Walk all instruction in the function. 1419 for (BasicBlock &BB : F) { 1420 // Skip unreachable blocks. For example processStore assumes that an 1421 // instruction in a BB can't be dominated by a later instruction in the 1422 // same BB (which is a scenario that can happen for an unreachable BB that 1423 // has itself as a predecessor). 1424 if (!DT.isReachableFromEntry(&BB)) 1425 continue; 1426 1427 for (BasicBlock::iterator BI = BB.begin(), BE = BB.end(); BI != BE;) { 1428 // Avoid invalidating the iterator. 1429 Instruction *I = &*BI++; 1430 1431 bool RepeatInstruction = false; 1432 1433 if (StoreInst *SI = dyn_cast<StoreInst>(I)) 1434 MadeChange |= processStore(SI, BI); 1435 else if (MemSetInst *M = dyn_cast<MemSetInst>(I)) 1436 RepeatInstruction = processMemSet(M, BI); 1437 else if (MemCpyInst *M = dyn_cast<MemCpyInst>(I)) 1438 RepeatInstruction = processMemCpy(M); 1439 else if (MemMoveInst *M = dyn_cast<MemMoveInst>(I)) 1440 RepeatInstruction = processMemMove(M); 1441 else if (auto CS = CallSite(I)) { 1442 for (unsigned i = 0, e = CS.arg_size(); i != e; ++i) 1443 if (CS.isByValArgument(i)) 1444 MadeChange |= processByValArgument(CS, i); 1445 } 1446 1447 // Reprocess the instruction if desired. 1448 if (RepeatInstruction) { 1449 if (BI != BB.begin()) 1450 --BI; 1451 MadeChange = true; 1452 } 1453 } 1454 } 1455 1456 return MadeChange; 1457 } 1458 1459 PreservedAnalyses MemCpyOptPass::run(Function &F, FunctionAnalysisManager &AM) { 1460 auto &MD = AM.getResult<MemoryDependenceAnalysis>(F); 1461 auto &TLI = AM.getResult<TargetLibraryAnalysis>(F); 1462 1463 auto LookupAliasAnalysis = [&]() -> AliasAnalysis & { 1464 return AM.getResult<AAManager>(F); 1465 }; 1466 auto LookupAssumptionCache = [&]() -> AssumptionCache & { 1467 return AM.getResult<AssumptionAnalysis>(F); 1468 }; 1469 auto LookupDomTree = [&]() -> DominatorTree & { 1470 return AM.getResult<DominatorTreeAnalysis>(F); 1471 }; 1472 1473 bool MadeChange = runImpl(F, &MD, &TLI, LookupAliasAnalysis, 1474 LookupAssumptionCache, LookupDomTree); 1475 if (!MadeChange) 1476 return PreservedAnalyses::all(); 1477 1478 PreservedAnalyses PA; 1479 PA.preserveSet<CFGAnalyses>(); 1480 PA.preserve<GlobalsAA>(); 1481 PA.preserve<MemoryDependenceAnalysis>(); 1482 return PA; 1483 } 1484 1485 bool MemCpyOptPass::runImpl( 1486 Function &F, MemoryDependenceResults *MD_, TargetLibraryInfo *TLI_, 1487 std::function<AliasAnalysis &()> LookupAliasAnalysis_, 1488 std::function<AssumptionCache &()> LookupAssumptionCache_, 1489 std::function<DominatorTree &()> LookupDomTree_) { 1490 bool MadeChange = false; 1491 MD = MD_; 1492 TLI = TLI_; 1493 LookupAliasAnalysis = std::move(LookupAliasAnalysis_); 1494 LookupAssumptionCache = std::move(LookupAssumptionCache_); 1495 LookupDomTree = std::move(LookupDomTree_); 1496 1497 // If we don't have at least memset and memcpy, there is little point of doing 1498 // anything here. These are required by a freestanding implementation, so if 1499 // even they are disabled, there is no point in trying hard. 1500 if (!TLI->has(LibFunc_memset) || !TLI->has(LibFunc_memcpy)) 1501 return false; 1502 1503 while (true) { 1504 if (!iterateOnFunction(F)) 1505 break; 1506 MadeChange = true; 1507 } 1508 1509 MD = nullptr; 1510 return MadeChange; 1511 } 1512 1513 /// This is the main transformation entry point for a function. 1514 bool MemCpyOptLegacyPass::runOnFunction(Function &F) { 1515 if (skipFunction(F)) 1516 return false; 1517 1518 auto *MD = &getAnalysis<MemoryDependenceWrapperPass>().getMemDep(); 1519 auto *TLI = &getAnalysis<TargetLibraryInfoWrapperPass>().getTLI(); 1520 1521 auto LookupAliasAnalysis = [this]() -> AliasAnalysis & { 1522 return getAnalysis<AAResultsWrapperPass>().getAAResults(); 1523 }; 1524 auto LookupAssumptionCache = [this, &F]() -> AssumptionCache & { 1525 return getAnalysis<AssumptionCacheTracker>().getAssumptionCache(F); 1526 }; 1527 auto LookupDomTree = [this]() -> DominatorTree & { 1528 return getAnalysis<DominatorTreeWrapperPass>().getDomTree(); 1529 }; 1530 1531 return Impl.runImpl(F, MD, TLI, LookupAliasAnalysis, LookupAssumptionCache, 1532 LookupDomTree); 1533 } 1534