1 //===- ExtractFunction.cpp - Extract a function from Program --------------===// 2 // 3 // The LLVM Compiler Infrastructure 4 // 5 // This file is distributed under the University of Illinois Open Source 6 // License. See LICENSE.TXT for details. 7 // 8 //===----------------------------------------------------------------------===// 9 // 10 // This file implements several methods that are used to extract functions, 11 // loops, or portions of a module from the rest of the module. 12 // 13 //===----------------------------------------------------------------------===// 14 15 #include "BugDriver.h" 16 #include "llvm/IR/Constants.h" 17 #include "llvm/IR/DataLayout.h" 18 #include "llvm/IR/DerivedTypes.h" 19 #include "llvm/IR/LLVMContext.h" 20 #include "llvm/IR/Module.h" 21 #include "llvm/IR/Verifier.h" 22 #include "llvm/Pass.h" 23 #include "llvm/PassManager.h" 24 #include "llvm/Support/CommandLine.h" 25 #include "llvm/Support/Debug.h" 26 #include "llvm/Support/FileUtilities.h" 27 #include "llvm/Support/Path.h" 28 #include "llvm/Support/Signals.h" 29 #include "llvm/Support/ToolOutputFile.h" 30 #include "llvm/Transforms/IPO.h" 31 #include "llvm/Transforms/Scalar.h" 32 #include "llvm/Transforms/Utils/Cloning.h" 33 #include "llvm/Transforms/Utils/CodeExtractor.h" 34 #include <set> 35 using namespace llvm; 36 using std::error_code; 37 38 #define DEBUG_TYPE "bugpoint" 39 40 namespace llvm { 41 bool DisableSimplifyCFG = false; 42 extern cl::opt<std::string> OutputPrefix; 43 } // End llvm namespace 44 45 namespace { 46 cl::opt<bool> 47 NoDCE ("disable-dce", 48 cl::desc("Do not use the -dce pass to reduce testcases")); 49 cl::opt<bool, true> 50 NoSCFG("disable-simplifycfg", cl::location(DisableSimplifyCFG), 51 cl::desc("Do not use the -simplifycfg pass to reduce testcases")); 52 53 Function* globalInitUsesExternalBA(GlobalVariable* GV) { 54 if (!GV->hasInitializer()) 55 return nullptr; 56 57 Constant *I = GV->getInitializer(); 58 59 // walk the values used by the initializer 60 // (and recurse into things like ConstantExpr) 61 std::vector<Constant*> Todo; 62 std::set<Constant*> Done; 63 Todo.push_back(I); 64 65 while (!Todo.empty()) { 66 Constant* V = Todo.back(); 67 Todo.pop_back(); 68 Done.insert(V); 69 70 if (BlockAddress *BA = dyn_cast<BlockAddress>(V)) { 71 Function *F = BA->getFunction(); 72 if (F->isDeclaration()) 73 return F; 74 } 75 76 for (User::op_iterator i = V->op_begin(), e = V->op_end(); i != e; ++i) { 77 Constant *C = dyn_cast<Constant>(*i); 78 if (C && !isa<GlobalValue>(C) && !Done.count(C)) 79 Todo.push_back(C); 80 } 81 } 82 return nullptr; 83 } 84 } // end anonymous namespace 85 86 /// deleteInstructionFromProgram - This method clones the current Program and 87 /// deletes the specified instruction from the cloned module. It then runs a 88 /// series of cleanup passes (ADCE and SimplifyCFG) to eliminate any code which 89 /// depends on the value. The modified module is then returned. 90 /// 91 Module *BugDriver::deleteInstructionFromProgram(const Instruction *I, 92 unsigned Simplification) { 93 // FIXME, use vmap? 94 Module *Clone = CloneModule(Program); 95 96 const BasicBlock *PBB = I->getParent(); 97 const Function *PF = PBB->getParent(); 98 99 Module::iterator RFI = Clone->begin(); // Get iterator to corresponding fn 100 std::advance(RFI, std::distance(PF->getParent()->begin(), 101 Module::const_iterator(PF))); 102 103 Function::iterator RBI = RFI->begin(); // Get iterator to corresponding BB 104 std::advance(RBI, std::distance(PF->begin(), Function::const_iterator(PBB))); 105 106 BasicBlock::iterator RI = RBI->begin(); // Get iterator to corresponding inst 107 std::advance(RI, std::distance(PBB->begin(), BasicBlock::const_iterator(I))); 108 Instruction *TheInst = RI; // Got the corresponding instruction! 109 110 // If this instruction produces a value, replace any users with null values 111 if (!TheInst->getType()->isVoidTy()) 112 TheInst->replaceAllUsesWith(Constant::getNullValue(TheInst->getType())); 113 114 // Remove the instruction from the program. 115 TheInst->getParent()->getInstList().erase(TheInst); 116 117 // Spiff up the output a little bit. 118 std::vector<std::string> Passes; 119 120 /// Can we get rid of the -disable-* options? 121 if (Simplification > 1 && !NoDCE) 122 Passes.push_back("dce"); 123 if (Simplification && !DisableSimplifyCFG) 124 Passes.push_back("simplifycfg"); // Delete dead control flow 125 126 Passes.push_back("verify"); 127 Module *New = runPassesOn(Clone, Passes); 128 delete Clone; 129 if (!New) { 130 errs() << "Instruction removal failed. Sorry. :( Please report a bug!\n"; 131 exit(1); 132 } 133 return New; 134 } 135 136 /// performFinalCleanups - This method clones the current Program and performs 137 /// a series of cleanups intended to get rid of extra cruft on the module 138 /// before handing it to the user. 139 /// 140 Module *BugDriver::performFinalCleanups(Module *M, bool MayModifySemantics) { 141 // Make all functions external, so GlobalDCE doesn't delete them... 142 for (Module::iterator I = M->begin(), E = M->end(); I != E; ++I) 143 I->setLinkage(GlobalValue::ExternalLinkage); 144 145 std::vector<std::string> CleanupPasses; 146 CleanupPasses.push_back("globaldce"); 147 148 if (MayModifySemantics) 149 CleanupPasses.push_back("deadarghaX0r"); 150 else 151 CleanupPasses.push_back("deadargelim"); 152 153 Module *New = runPassesOn(M, CleanupPasses); 154 if (!New) { 155 errs() << "Final cleanups failed. Sorry. :( Please report a bug!\n"; 156 return M; 157 } 158 delete M; 159 return New; 160 } 161 162 163 /// ExtractLoop - Given a module, extract up to one loop from it into a new 164 /// function. This returns null if there are no extractable loops in the 165 /// program or if the loop extractor crashes. 166 Module *BugDriver::ExtractLoop(Module *M) { 167 std::vector<std::string> LoopExtractPasses; 168 LoopExtractPasses.push_back("loop-extract-single"); 169 170 Module *NewM = runPassesOn(M, LoopExtractPasses); 171 if (!NewM) { 172 outs() << "*** Loop extraction failed: "; 173 EmitProgressBitcode(M, "loopextraction", true); 174 outs() << "*** Sorry. :( Please report a bug!\n"; 175 return nullptr; 176 } 177 178 // Check to see if we created any new functions. If not, no loops were 179 // extracted and we should return null. Limit the number of loops we extract 180 // to avoid taking forever. 181 static unsigned NumExtracted = 32; 182 if (M->size() == NewM->size() || --NumExtracted == 0) { 183 delete NewM; 184 return nullptr; 185 } else { 186 assert(M->size() < NewM->size() && "Loop extract removed functions?"); 187 Module::iterator MI = NewM->begin(); 188 for (unsigned i = 0, e = M->size(); i != e; ++i) 189 ++MI; 190 } 191 192 return NewM; 193 } 194 195 196 // DeleteFunctionBody - "Remove" the function by deleting all of its basic 197 // blocks, making it external. 198 // 199 void llvm::DeleteFunctionBody(Function *F) { 200 // delete the body of the function... 201 F->deleteBody(); 202 assert(F->isDeclaration() && "This didn't make the function external!"); 203 } 204 205 /// GetTorInit - Given a list of entries for static ctors/dtors, return them 206 /// as a constant array. 207 static Constant *GetTorInit(std::vector<std::pair<Function*, int> > &TorList) { 208 assert(!TorList.empty() && "Don't create empty tor list!"); 209 std::vector<Constant*> ArrayElts; 210 Type *Int32Ty = Type::getInt32Ty(TorList[0].first->getContext()); 211 212 StructType *STy = 213 StructType::get(Int32Ty, TorList[0].first->getType(), NULL); 214 for (unsigned i = 0, e = TorList.size(); i != e; ++i) { 215 Constant *Elts[] = { 216 ConstantInt::get(Int32Ty, TorList[i].second), 217 TorList[i].first 218 }; 219 ArrayElts.push_back(ConstantStruct::get(STy, Elts)); 220 } 221 return ConstantArray::get(ArrayType::get(ArrayElts[0]->getType(), 222 ArrayElts.size()), 223 ArrayElts); 224 } 225 226 /// SplitStaticCtorDtor - A module was recently split into two parts, M1/M2, and 227 /// M1 has all of the global variables. If M2 contains any functions that are 228 /// static ctors/dtors, we need to add an llvm.global_[cd]tors global to M2, and 229 /// prune appropriate entries out of M1s list. 230 static void SplitStaticCtorDtor(const char *GlobalName, Module *M1, Module *M2, 231 ValueToValueMapTy &VMap) { 232 GlobalVariable *GV = M1->getNamedGlobal(GlobalName); 233 if (!GV || GV->isDeclaration() || GV->hasLocalLinkage() || 234 !GV->use_empty()) return; 235 236 std::vector<std::pair<Function*, int> > M1Tors, M2Tors; 237 ConstantArray *InitList = dyn_cast<ConstantArray>(GV->getInitializer()); 238 if (!InitList) return; 239 240 for (unsigned i = 0, e = InitList->getNumOperands(); i != e; ++i) { 241 if (ConstantStruct *CS = dyn_cast<ConstantStruct>(InitList->getOperand(i))){ 242 if (CS->getNumOperands() != 2) return; // Not array of 2-element structs. 243 244 if (CS->getOperand(1)->isNullValue()) 245 break; // Found a null terminator, stop here. 246 247 ConstantInt *CI = dyn_cast<ConstantInt>(CS->getOperand(0)); 248 int Priority = CI ? CI->getSExtValue() : 0; 249 250 Constant *FP = CS->getOperand(1); 251 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(FP)) 252 if (CE->isCast()) 253 FP = CE->getOperand(0); 254 if (Function *F = dyn_cast<Function>(FP)) { 255 if (!F->isDeclaration()) 256 M1Tors.push_back(std::make_pair(F, Priority)); 257 else { 258 // Map to M2's version of the function. 259 F = cast<Function>(VMap[F]); 260 M2Tors.push_back(std::make_pair(F, Priority)); 261 } 262 } 263 } 264 } 265 266 GV->eraseFromParent(); 267 if (!M1Tors.empty()) { 268 Constant *M1Init = GetTorInit(M1Tors); 269 new GlobalVariable(*M1, M1Init->getType(), false, 270 GlobalValue::AppendingLinkage, 271 M1Init, GlobalName); 272 } 273 274 GV = M2->getNamedGlobal(GlobalName); 275 assert(GV && "Not a clone of M1?"); 276 assert(GV->use_empty() && "llvm.ctors shouldn't have uses!"); 277 278 GV->eraseFromParent(); 279 if (!M2Tors.empty()) { 280 Constant *M2Init = GetTorInit(M2Tors); 281 new GlobalVariable(*M2, M2Init->getType(), false, 282 GlobalValue::AppendingLinkage, 283 M2Init, GlobalName); 284 } 285 } 286 287 288 /// SplitFunctionsOutOfModule - Given a module and a list of functions in the 289 /// module, split the functions OUT of the specified module, and place them in 290 /// the new module. 291 Module * 292 llvm::SplitFunctionsOutOfModule(Module *M, 293 const std::vector<Function*> &F, 294 ValueToValueMapTy &VMap) { 295 // Make sure functions & globals are all external so that linkage 296 // between the two modules will work. 297 for (Module::iterator I = M->begin(), E = M->end(); I != E; ++I) 298 I->setLinkage(GlobalValue::ExternalLinkage); 299 for (Module::global_iterator I = M->global_begin(), E = M->global_end(); 300 I != E; ++I) { 301 if (I->hasName() && I->getName()[0] == '\01') 302 I->setName(I->getName().substr(1)); 303 I->setLinkage(GlobalValue::ExternalLinkage); 304 } 305 306 ValueToValueMapTy NewVMap; 307 Module *New = CloneModule(M, NewVMap); 308 309 // Remove the Test functions from the Safe module 310 std::set<Function *> TestFunctions; 311 for (unsigned i = 0, e = F.size(); i != e; ++i) { 312 Function *TNOF = cast<Function>(VMap[F[i]]); 313 DEBUG(errs() << "Removing function "); 314 DEBUG(TNOF->printAsOperand(errs(), false)); 315 DEBUG(errs() << "\n"); 316 TestFunctions.insert(cast<Function>(NewVMap[TNOF])); 317 DeleteFunctionBody(TNOF); // Function is now external in this module! 318 } 319 320 321 // Remove the Safe functions from the Test module 322 for (Module::iterator I = New->begin(), E = New->end(); I != E; ++I) 323 if (!TestFunctions.count(I)) 324 DeleteFunctionBody(I); 325 326 327 // Try to split the global initializers evenly 328 for (Module::global_iterator I = M->global_begin(), E = M->global_end(); 329 I != E; ++I) { 330 GlobalVariable *GV = cast<GlobalVariable>(NewVMap[I]); 331 if (Function *TestFn = globalInitUsesExternalBA(I)) { 332 if (Function *SafeFn = globalInitUsesExternalBA(GV)) { 333 errs() << "*** Error: when reducing functions, encountered " 334 "the global '"; 335 GV->printAsOperand(errs(), false); 336 errs() << "' with an initializer that references blockaddresses " 337 "from safe function '" << SafeFn->getName() 338 << "' and from test function '" << TestFn->getName() << "'.\n"; 339 exit(1); 340 } 341 I->setInitializer(nullptr); // Delete the initializer to make it external 342 } else { 343 // If we keep it in the safe module, then delete it in the test module 344 GV->setInitializer(nullptr); 345 } 346 } 347 348 // Make sure that there is a global ctor/dtor array in both halves of the 349 // module if they both have static ctor/dtor functions. 350 SplitStaticCtorDtor("llvm.global_ctors", M, New, NewVMap); 351 SplitStaticCtorDtor("llvm.global_dtors", M, New, NewVMap); 352 353 return New; 354 } 355 356 //===----------------------------------------------------------------------===// 357 // Basic Block Extraction Code 358 //===----------------------------------------------------------------------===// 359 360 /// ExtractMappedBlocksFromModule - Extract all but the specified basic blocks 361 /// into their own functions. The only detail is that M is actually a module 362 /// cloned from the one the BBs are in, so some mapping needs to be performed. 363 /// If this operation fails for some reason (ie the implementation is buggy), 364 /// this function should return null, otherwise it returns a new Module. 365 Module *BugDriver::ExtractMappedBlocksFromModule(const 366 std::vector<BasicBlock*> &BBs, 367 Module *M) { 368 SmallString<128> Filename; 369 int FD; 370 error_code EC = sys::fs::createUniqueFile( 371 OutputPrefix + "-extractblocks%%%%%%%", FD, Filename); 372 if (EC) { 373 outs() << "*** Basic Block extraction failed!\n"; 374 errs() << "Error creating temporary file: " << EC.message() << "\n"; 375 EmitProgressBitcode(M, "basicblockextractfail", true); 376 return nullptr; 377 } 378 sys::RemoveFileOnSignal(Filename); 379 380 tool_output_file BlocksToNotExtractFile(Filename.c_str(), FD); 381 for (std::vector<BasicBlock*>::const_iterator I = BBs.begin(), E = BBs.end(); 382 I != E; ++I) { 383 BasicBlock *BB = *I; 384 // If the BB doesn't have a name, give it one so we have something to key 385 // off of. 386 if (!BB->hasName()) BB->setName("tmpbb"); 387 BlocksToNotExtractFile.os() << BB->getParent()->getName() << " " 388 << BB->getName() << "\n"; 389 } 390 BlocksToNotExtractFile.os().close(); 391 if (BlocksToNotExtractFile.os().has_error()) { 392 errs() << "Error writing list of blocks to not extract\n"; 393 EmitProgressBitcode(M, "basicblockextractfail", true); 394 BlocksToNotExtractFile.os().clear_error(); 395 return nullptr; 396 } 397 BlocksToNotExtractFile.keep(); 398 399 std::string uniqueFN = "--extract-blocks-file="; 400 uniqueFN += Filename.str(); 401 const char *ExtraArg = uniqueFN.c_str(); 402 403 std::vector<std::string> PI; 404 PI.push_back("extract-blocks"); 405 Module *Ret = runPassesOn(M, PI, false, 1, &ExtraArg); 406 407 sys::fs::remove(Filename.c_str()); 408 409 if (!Ret) { 410 outs() << "*** Basic Block extraction failed, please report a bug!\n"; 411 EmitProgressBitcode(M, "basicblockextractfail", true); 412 } 413 return Ret; 414 } 415