LLVM API Documentation

ArgumentPromotion.cpp
Go to the documentation of this file.
00001 //===-- ArgumentPromotion.cpp - Promote by-reference arguments ------------===//
00002 //
00003 //                     The LLVM Compiler Infrastructure
00004 //
00005 // This file is distributed under the University of Illinois Open Source
00006 // License. See LICENSE.TXT for details.
00007 //
00008 //===----------------------------------------------------------------------===//
00009 //
00010 // This pass promotes "by reference" arguments to be "by value" arguments.  In
00011 // practice, this means looking for internal functions that have pointer
00012 // arguments.  If it can prove, through the use of alias analysis, that an
00013 // argument is *only* loaded, then it can pass the value into the function
00014 // instead of the address of the value.  This can cause recursive simplification
00015 // of code and lead to the elimination of allocas (especially in C++ template
00016 // code like the STL).
00017 //
00018 // This pass also handles aggregate arguments that are passed into a function,
00019 // scalarizing them if the elements of the aggregate are only loaded.  Note that
00020 // by default it refuses to scalarize aggregates which would require passing in
00021 // more than three operands to the function, because passing thousands of
00022 // operands for a large array or structure is unprofitable! This limit can be
00023 // configured or disabled, however.
00024 //
00025 // Note that this transformation could also be done for arguments that are only
00026 // stored to (returning the value instead), but does not currently.  This case
00027 // would be best handled when and if LLVM begins supporting multiple return
00028 // values from functions.
00029 //
00030 //===----------------------------------------------------------------------===//
00031 
00032 #include "llvm/Transforms/IPO.h"
00033 #include "llvm/ADT/DepthFirstIterator.h"
00034 #include "llvm/ADT/Statistic.h"
00035 #include "llvm/ADT/StringExtras.h"
00036 #include "llvm/Analysis/AliasAnalysis.h"
00037 #include "llvm/Analysis/CallGraph.h"
00038 #include "llvm/Analysis/CallGraphSCCPass.h"
00039 #include "llvm/IR/CFG.h"
00040 #include "llvm/IR/CallSite.h"
00041 #include "llvm/IR/Constants.h"
00042 #include "llvm/IR/DataLayout.h"
00043 #include "llvm/IR/DebugInfo.h"
00044 #include "llvm/IR/DerivedTypes.h"
00045 #include "llvm/IR/Instructions.h"
00046 #include "llvm/IR/LLVMContext.h"
00047 #include "llvm/IR/Module.h"
00048 #include "llvm/Support/Debug.h"
00049 #include "llvm/Support/raw_ostream.h"
00050 #include <set>
00051 using namespace llvm;
00052 
00053 #define DEBUG_TYPE "argpromotion"
00054 
00055 STATISTIC(NumArgumentsPromoted , "Number of pointer arguments promoted");
00056 STATISTIC(NumAggregatesPromoted, "Number of aggregate arguments promoted");
00057 STATISTIC(NumByValArgsPromoted , "Number of byval arguments promoted");
00058 STATISTIC(NumArgumentsDead     , "Number of dead pointer args eliminated");
00059 
00060 namespace {
00061   /// ArgPromotion - The 'by reference' to 'by value' argument promotion pass.
00062   ///
00063   struct ArgPromotion : public CallGraphSCCPass {
00064     void getAnalysisUsage(AnalysisUsage &AU) const override {
00065       AU.addRequired<AliasAnalysis>();
00066       CallGraphSCCPass::getAnalysisUsage(AU);
00067     }
00068 
00069     bool runOnSCC(CallGraphSCC &SCC) override;
00070     static char ID; // Pass identification, replacement for typeid
00071     explicit ArgPromotion(unsigned maxElements = 3)
00072         : CallGraphSCCPass(ID), DL(nullptr), maxElements(maxElements) {
00073       initializeArgPromotionPass(*PassRegistry::getPassRegistry());
00074     }
00075 
00076     /// A vector used to hold the indices of a single GEP instruction
00077     typedef std::vector<uint64_t> IndicesVector;
00078 
00079     const DataLayout *DL;
00080   private:
00081     bool isDenselyPacked(Type *type);
00082     bool canPaddingBeAccessed(Argument *Arg);
00083     CallGraphNode *PromoteArguments(CallGraphNode *CGN);
00084     bool isSafeToPromoteArgument(Argument *Arg, bool isByVal) const;
00085     CallGraphNode *DoPromotion(Function *F,
00086                               SmallPtrSetImpl<Argument*> &ArgsToPromote,
00087                               SmallPtrSetImpl<Argument*> &ByValArgsToTransform);
00088     
00089     using llvm::Pass::doInitialization;
00090     bool doInitialization(CallGraph &CG) override;
00091     /// The maximum number of elements to expand, or 0 for unlimited.
00092     unsigned maxElements;
00093     DenseMap<const Function *, DISubprogram> FunctionDIs;
00094   };
00095 }
00096 
00097 char ArgPromotion::ID = 0;
00098 INITIALIZE_PASS_BEGIN(ArgPromotion, "argpromotion",
00099                 "Promote 'by reference' arguments to scalars", false, false)
00100 INITIALIZE_AG_DEPENDENCY(AliasAnalysis)
00101 INITIALIZE_PASS_DEPENDENCY(CallGraphWrapperPass)
00102 INITIALIZE_PASS_END(ArgPromotion, "argpromotion",
00103                 "Promote 'by reference' arguments to scalars", false, false)
00104 
00105 Pass *llvm::createArgumentPromotionPass(unsigned maxElements) {
00106   return new ArgPromotion(maxElements);
00107 }
00108 
00109 bool ArgPromotion::runOnSCC(CallGraphSCC &SCC) {
00110   bool Changed = false, LocalChange;
00111 
00112   DataLayoutPass *DLP = getAnalysisIfAvailable<DataLayoutPass>();
00113   DL = DLP ? &DLP->getDataLayout() : nullptr;
00114 
00115   do {  // Iterate until we stop promoting from this SCC.
00116     LocalChange = false;
00117     // Attempt to promote arguments from all functions in this SCC.
00118     for (CallGraphSCC::iterator I = SCC.begin(), E = SCC.end(); I != E; ++I) {
00119       if (CallGraphNode *CGN = PromoteArguments(*I)) {
00120         LocalChange = true;
00121         SCC.ReplaceNode(*I, CGN);
00122       }
00123     }
00124     Changed |= LocalChange;               // Remember that we changed something.
00125   } while (LocalChange);
00126   
00127   return Changed;
00128 }
00129 
00130 /// \brief Checks if a type could have padding bytes.
00131 bool ArgPromotion::isDenselyPacked(Type *type) {
00132 
00133   // There is no size information, so be conservative.
00134   if (!type->isSized())
00135     return false;
00136 
00137   // If the alloc size is not equal to the storage size, then there are padding
00138   // bytes. For x86_fp80 on x86-64, size: 80 alloc size: 128.
00139   if (!DL || DL->getTypeSizeInBits(type) != DL->getTypeAllocSizeInBits(type))
00140     return false;
00141 
00142   if (!isa<CompositeType>(type))
00143     return true;
00144 
00145   // For homogenous sequential types, check for padding within members.
00146   if (SequentialType *seqTy = dyn_cast<SequentialType>(type))
00147     return isa<PointerType>(seqTy) || isDenselyPacked(seqTy->getElementType());
00148 
00149   // Check for padding within and between elements of a struct.
00150   StructType *StructTy = cast<StructType>(type);
00151   const StructLayout *Layout = DL->getStructLayout(StructTy);
00152   uint64_t StartPos = 0;
00153   for (unsigned i = 0, E = StructTy->getNumElements(); i < E; ++i) {
00154     Type *ElTy = StructTy->getElementType(i);
00155     if (!isDenselyPacked(ElTy))
00156       return false;
00157     if (StartPos != Layout->getElementOffsetInBits(i))
00158       return false;
00159     StartPos += DL->getTypeAllocSizeInBits(ElTy);
00160   }
00161 
00162   return true;
00163 }
00164 
00165 /// \brief Checks if the padding bytes of an argument could be accessed.
00166 bool ArgPromotion::canPaddingBeAccessed(Argument *arg) {
00167 
00168   assert(arg->hasByValAttr());
00169 
00170   // Track all the pointers to the argument to make sure they are not captured.
00171   SmallPtrSet<Value *, 16> PtrValues;
00172   PtrValues.insert(arg);
00173 
00174   // Track all of the stores.
00175   SmallVector<StoreInst *, 16> Stores;
00176 
00177   // Scan through the uses recursively to make sure the pointer is always used
00178   // sanely.
00179   SmallVector<Value *, 16> WorkList;
00180   WorkList.insert(WorkList.end(), arg->user_begin(), arg->user_end());
00181   while (!WorkList.empty()) {
00182     Value *V = WorkList.back();
00183     WorkList.pop_back();
00184     if (isa<GetElementPtrInst>(V) || isa<PHINode>(V)) {
00185       if (PtrValues.insert(V).second)
00186         WorkList.insert(WorkList.end(), V->user_begin(), V->user_end());
00187     } else if (StoreInst *Store = dyn_cast<StoreInst>(V)) {
00188       Stores.push_back(Store);
00189     } else if (!isa<LoadInst>(V)) {
00190       return true;
00191     }
00192   }
00193 
00194 // Check to make sure the pointers aren't captured
00195   for (StoreInst *Store : Stores)
00196     if (PtrValues.count(Store->getValueOperand()))
00197       return true;
00198 
00199   return false;
00200 }
00201 
00202 /// PromoteArguments - This method checks the specified function to see if there
00203 /// are any promotable arguments and if it is safe to promote the function (for
00204 /// example, all callers are direct).  If safe to promote some arguments, it
00205 /// calls the DoPromotion method.
00206 ///
00207 CallGraphNode *ArgPromotion::PromoteArguments(CallGraphNode *CGN) {
00208   Function *F = CGN->getFunction();
00209 
00210   // Make sure that it is local to this module.
00211   if (!F || !F->hasLocalLinkage()) return nullptr;
00212 
00213   // First check: see if there are any pointer arguments!  If not, quick exit.
00214   SmallVector<Argument*, 16> PointerArgs;
00215   for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end(); I != E; ++I)
00216     if (I->getType()->isPointerTy())
00217       PointerArgs.push_back(I);
00218   if (PointerArgs.empty()) return nullptr;
00219 
00220   // Second check: make sure that all callers are direct callers.  We can't
00221   // transform functions that have indirect callers.  Also see if the function
00222   // is self-recursive.
00223   bool isSelfRecursive = false;
00224   for (Use &U : F->uses()) {
00225     CallSite CS(U.getUser());
00226     // Must be a direct call.
00227     if (CS.getInstruction() == nullptr || !CS.isCallee(&U)) return nullptr;
00228     
00229     if (CS.getInstruction()->getParent()->getParent() == F)
00230       isSelfRecursive = true;
00231   }
00232   
00233   // Don't promote arguments for variadic functions. Adding, removing, or
00234   // changing non-pack parameters can change the classification of pack
00235   // parameters. Frontends encode that classification at the call site in the
00236   // IR, while in the callee the classification is determined dynamically based
00237   // on the number of registers consumed so far.
00238   if (F->isVarArg()) return nullptr;
00239 
00240   // Check to see which arguments are promotable.  If an argument is promotable,
00241   // add it to ArgsToPromote.
00242   SmallPtrSet<Argument*, 8> ArgsToPromote;
00243   SmallPtrSet<Argument*, 8> ByValArgsToTransform;
00244   for (unsigned i = 0, e = PointerArgs.size(); i != e; ++i) {
00245     Argument *PtrArg = PointerArgs[i];
00246     Type *AgTy = cast<PointerType>(PtrArg->getType())->getElementType();
00247 
00248     // If this is a byval argument, and if the aggregate type is small, just
00249     // pass the elements, which is always safe, if the passed value is densely
00250     // packed or if we can prove the padding bytes are never accessed. This does
00251     // not apply to inalloca.
00252     bool isSafeToPromote =
00253       PtrArg->hasByValAttr() &&
00254       (isDenselyPacked(AgTy) || !canPaddingBeAccessed(PtrArg));
00255     if (isSafeToPromote) {
00256       if (StructType *STy = dyn_cast<StructType>(AgTy)) {
00257         if (maxElements > 0 && STy->getNumElements() > maxElements) {
00258           DEBUG(dbgs() << "argpromotion disable promoting argument '"
00259                 << PtrArg->getName() << "' because it would require adding more"
00260                 << " than " << maxElements << " arguments to the function.\n");
00261           continue;
00262         }
00263         
00264         // If all the elements are single-value types, we can promote it.
00265         bool AllSimple = true;
00266         for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00267           if (!STy->getElementType(i)->isSingleValueType()) {
00268             AllSimple = false;
00269             break;
00270           }
00271         }
00272 
00273         // Safe to transform, don't even bother trying to "promote" it.
00274         // Passing the elements as a scalar will allow scalarrepl to hack on
00275         // the new alloca we introduce.
00276         if (AllSimple) {
00277           ByValArgsToTransform.insert(PtrArg);
00278           continue;
00279         }
00280       }
00281     }
00282 
00283     // If the argument is a recursive type and we're in a recursive
00284     // function, we could end up infinitely peeling the function argument.
00285     if (isSelfRecursive) {
00286       if (StructType *STy = dyn_cast<StructType>(AgTy)) {
00287         bool RecursiveType = false;
00288         for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00289           if (STy->getElementType(i) == PtrArg->getType()) {
00290             RecursiveType = true;
00291             break;
00292           }
00293         }
00294         if (RecursiveType)
00295           continue;
00296       }
00297     }
00298     
00299     // Otherwise, see if we can promote the pointer to its value.
00300     if (isSafeToPromoteArgument(PtrArg, PtrArg->hasByValOrInAllocaAttr()))
00301       ArgsToPromote.insert(PtrArg);
00302   }
00303 
00304   // No promotable pointer arguments.
00305   if (ArgsToPromote.empty() && ByValArgsToTransform.empty()) 
00306     return nullptr;
00307 
00308   return DoPromotion(F, ArgsToPromote, ByValArgsToTransform);
00309 }
00310 
00311 /// AllCallersPassInValidPointerForArgument - Return true if we can prove that
00312 /// all callees pass in a valid pointer for the specified function argument.
00313 static bool AllCallersPassInValidPointerForArgument(Argument *Arg,
00314                                                     const DataLayout *DL) {
00315   Function *Callee = Arg->getParent();
00316 
00317   unsigned ArgNo = Arg->getArgNo();
00318 
00319   // Look at all call sites of the function.  At this pointer we know we only
00320   // have direct callees.
00321   for (User *U : Callee->users()) {
00322     CallSite CS(U);
00323     assert(CS && "Should only have direct calls!");
00324 
00325     if (!CS.getArgument(ArgNo)->isDereferenceablePointer(DL))
00326       return false;
00327   }
00328   return true;
00329 }
00330 
00331 /// Returns true if Prefix is a prefix of longer. That means, Longer has a size
00332 /// that is greater than or equal to the size of prefix, and each of the
00333 /// elements in Prefix is the same as the corresponding elements in Longer.
00334 ///
00335 /// This means it also returns true when Prefix and Longer are equal!
00336 static bool IsPrefix(const ArgPromotion::IndicesVector &Prefix,
00337                      const ArgPromotion::IndicesVector &Longer) {
00338   if (Prefix.size() > Longer.size())
00339     return false;
00340   return std::equal(Prefix.begin(), Prefix.end(), Longer.begin());
00341 }
00342 
00343 
00344 /// Checks if Indices, or a prefix of Indices, is in Set.
00345 static bool PrefixIn(const ArgPromotion::IndicesVector &Indices,
00346                      std::set<ArgPromotion::IndicesVector> &Set) {
00347     std::set<ArgPromotion::IndicesVector>::iterator Low;
00348     Low = Set.upper_bound(Indices);
00349     if (Low != Set.begin())
00350       Low--;
00351     // Low is now the last element smaller than or equal to Indices. This means
00352     // it points to a prefix of Indices (possibly Indices itself), if such
00353     // prefix exists.
00354     //
00355     // This load is safe if any prefix of its operands is safe to load.
00356     return Low != Set.end() && IsPrefix(*Low, Indices);
00357 }
00358 
00359 /// Mark the given indices (ToMark) as safe in the given set of indices
00360 /// (Safe). Marking safe usually means adding ToMark to Safe. However, if there
00361 /// is already a prefix of Indices in Safe, Indices are implicitely marked safe
00362 /// already. Furthermore, any indices that Indices is itself a prefix of, are
00363 /// removed from Safe (since they are implicitely safe because of Indices now).
00364 static void MarkIndicesSafe(const ArgPromotion::IndicesVector &ToMark,
00365                             std::set<ArgPromotion::IndicesVector> &Safe) {
00366   std::set<ArgPromotion::IndicesVector>::iterator Low;
00367   Low = Safe.upper_bound(ToMark);
00368   // Guard against the case where Safe is empty
00369   if (Low != Safe.begin())
00370     Low--;
00371   // Low is now the last element smaller than or equal to Indices. This
00372   // means it points to a prefix of Indices (possibly Indices itself), if
00373   // such prefix exists.
00374   if (Low != Safe.end()) {
00375     if (IsPrefix(*Low, ToMark))
00376       // If there is already a prefix of these indices (or exactly these
00377       // indices) marked a safe, don't bother adding these indices
00378       return;
00379 
00380     // Increment Low, so we can use it as a "insert before" hint
00381     ++Low;
00382   }
00383   // Insert
00384   Low = Safe.insert(Low, ToMark);
00385   ++Low;
00386   // If there we're a prefix of longer index list(s), remove those
00387   std::set<ArgPromotion::IndicesVector>::iterator End = Safe.end();
00388   while (Low != End && IsPrefix(ToMark, *Low)) {
00389     std::set<ArgPromotion::IndicesVector>::iterator Remove = Low;
00390     ++Low;
00391     Safe.erase(Remove);
00392   }
00393 }
00394 
00395 /// isSafeToPromoteArgument - As you might guess from the name of this method,
00396 /// it checks to see if it is both safe and useful to promote the argument.
00397 /// This method limits promotion of aggregates to only promote up to three
00398 /// elements of the aggregate in order to avoid exploding the number of
00399 /// arguments passed in.
00400 bool ArgPromotion::isSafeToPromoteArgument(Argument *Arg,
00401                                            bool isByValOrInAlloca) const {
00402   typedef std::set<IndicesVector> GEPIndicesSet;
00403 
00404   // Quick exit for unused arguments
00405   if (Arg->use_empty())
00406     return true;
00407 
00408   // We can only promote this argument if all of the uses are loads, or are GEP
00409   // instructions (with constant indices) that are subsequently loaded.
00410   //
00411   // Promoting the argument causes it to be loaded in the caller
00412   // unconditionally. This is only safe if we can prove that either the load
00413   // would have happened in the callee anyway (ie, there is a load in the entry
00414   // block) or the pointer passed in at every call site is guaranteed to be
00415   // valid.
00416   // In the former case, invalid loads can happen, but would have happened
00417   // anyway, in the latter case, invalid loads won't happen. This prevents us
00418   // from introducing an invalid load that wouldn't have happened in the
00419   // original code.
00420   //
00421   // This set will contain all sets of indices that are loaded in the entry
00422   // block, and thus are safe to unconditionally load in the caller.
00423   //
00424   // This optimization is also safe for InAlloca parameters, because it verifies
00425   // that the address isn't captured.
00426   GEPIndicesSet SafeToUnconditionallyLoad;
00427 
00428   // This set contains all the sets of indices that we are planning to promote.
00429   // This makes it possible to limit the number of arguments added.
00430   GEPIndicesSet ToPromote;
00431 
00432   // If the pointer is always valid, any load with first index 0 is valid.
00433   if (isByValOrInAlloca || AllCallersPassInValidPointerForArgument(Arg, DL))
00434     SafeToUnconditionallyLoad.insert(IndicesVector(1, 0));
00435 
00436   // First, iterate the entry block and mark loads of (geps of) arguments as
00437   // safe.
00438   BasicBlock *EntryBlock = Arg->getParent()->begin();
00439   // Declare this here so we can reuse it
00440   IndicesVector Indices;
00441   for (BasicBlock::iterator I = EntryBlock->begin(), E = EntryBlock->end();
00442        I != E; ++I)
00443     if (LoadInst *LI = dyn_cast<LoadInst>(I)) {
00444       Value *V = LI->getPointerOperand();
00445       if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(V)) {
00446         V = GEP->getPointerOperand();
00447         if (V == Arg) {
00448           // This load actually loads (part of) Arg? Check the indices then.
00449           Indices.reserve(GEP->getNumIndices());
00450           for (User::op_iterator II = GEP->idx_begin(), IE = GEP->idx_end();
00451                II != IE; ++II)
00452             if (ConstantInt *CI = dyn_cast<ConstantInt>(*II))
00453               Indices.push_back(CI->getSExtValue());
00454             else
00455               // We found a non-constant GEP index for this argument? Bail out
00456               // right away, can't promote this argument at all.
00457               return false;
00458 
00459           // Indices checked out, mark them as safe
00460           MarkIndicesSafe(Indices, SafeToUnconditionallyLoad);
00461           Indices.clear();
00462         }
00463       } else if (V == Arg) {
00464         // Direct loads are equivalent to a GEP with a single 0 index.
00465         MarkIndicesSafe(IndicesVector(1, 0), SafeToUnconditionallyLoad);
00466       }
00467     }
00468 
00469   // Now, iterate all uses of the argument to see if there are any uses that are
00470   // not (GEP+)loads, or any (GEP+)loads that are not safe to promote.
00471   SmallVector<LoadInst*, 16> Loads;
00472   IndicesVector Operands;
00473   for (Use &U : Arg->uses()) {
00474     User *UR = U.getUser();
00475     Operands.clear();
00476     if (LoadInst *LI = dyn_cast<LoadInst>(UR)) {
00477       // Don't hack volatile/atomic loads
00478       if (!LI->isSimple()) return false;
00479       Loads.push_back(LI);
00480       // Direct loads are equivalent to a GEP with a zero index and then a load.
00481       Operands.push_back(0);
00482     } else if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(UR)) {
00483       if (GEP->use_empty()) {
00484         // Dead GEP's cause trouble later.  Just remove them if we run into
00485         // them.
00486         getAnalysis<AliasAnalysis>().deleteValue(GEP);
00487         GEP->eraseFromParent();
00488         // TODO: This runs the above loop over and over again for dead GEPs
00489         // Couldn't we just do increment the UI iterator earlier and erase the
00490         // use?
00491         return isSafeToPromoteArgument(Arg, isByValOrInAlloca);
00492       }
00493 
00494       // Ensure that all of the indices are constants.
00495       for (User::op_iterator i = GEP->idx_begin(), e = GEP->idx_end();
00496         i != e; ++i)
00497         if (ConstantInt *C = dyn_cast<ConstantInt>(*i))
00498           Operands.push_back(C->getSExtValue());
00499         else
00500           return false;  // Not a constant operand GEP!
00501 
00502       // Ensure that the only users of the GEP are load instructions.
00503       for (User *GEPU : GEP->users())
00504         if (LoadInst *LI = dyn_cast<LoadInst>(GEPU)) {
00505           // Don't hack volatile/atomic loads
00506           if (!LI->isSimple()) return false;
00507           Loads.push_back(LI);
00508         } else {
00509           // Other uses than load?
00510           return false;
00511         }
00512     } else {
00513       return false;  // Not a load or a GEP.
00514     }
00515 
00516     // Now, see if it is safe to promote this load / loads of this GEP. Loading
00517     // is safe if Operands, or a prefix of Operands, is marked as safe.
00518     if (!PrefixIn(Operands, SafeToUnconditionallyLoad))
00519       return false;
00520 
00521     // See if we are already promoting a load with these indices. If not, check
00522     // to make sure that we aren't promoting too many elements.  If so, nothing
00523     // to do.
00524     if (ToPromote.find(Operands) == ToPromote.end()) {
00525       if (maxElements > 0 && ToPromote.size() == maxElements) {
00526         DEBUG(dbgs() << "argpromotion not promoting argument '"
00527               << Arg->getName() << "' because it would require adding more "
00528               << "than " << maxElements << " arguments to the function.\n");
00529         // We limit aggregate promotion to only promoting up to a fixed number
00530         // of elements of the aggregate.
00531         return false;
00532       }
00533       ToPromote.insert(std::move(Operands));
00534     }
00535   }
00536 
00537   if (Loads.empty()) return true;  // No users, this is a dead argument.
00538 
00539   // Okay, now we know that the argument is only used by load instructions and
00540   // it is safe to unconditionally perform all of them. Use alias analysis to
00541   // check to see if the pointer is guaranteed to not be modified from entry of
00542   // the function to each of the load instructions.
00543 
00544   // Because there could be several/many load instructions, remember which
00545   // blocks we know to be transparent to the load.
00546   SmallPtrSet<BasicBlock*, 16> TranspBlocks;
00547 
00548   AliasAnalysis &AA = getAnalysis<AliasAnalysis>();
00549 
00550   for (unsigned i = 0, e = Loads.size(); i != e; ++i) {
00551     // Check to see if the load is invalidated from the start of the block to
00552     // the load itself.
00553     LoadInst *Load = Loads[i];
00554     BasicBlock *BB = Load->getParent();
00555 
00556     AliasAnalysis::Location Loc = AA.getLocation(Load);
00557     if (AA.canInstructionRangeModify(BB->front(), *Load, Loc))
00558       return false;  // Pointer is invalidated!
00559 
00560     // Now check every path from the entry block to the load for transparency.
00561     // To do this, we perform a depth first search on the inverse CFG from the
00562     // loading block.
00563     for (pred_iterator PI = pred_begin(BB), E = pred_end(BB); PI != E; ++PI) {
00564       BasicBlock *P = *PI;
00565       for (BasicBlock *TranspBB : inverse_depth_first_ext(P, TranspBlocks))
00566         if (AA.canBasicBlockModify(*TranspBB, Loc))
00567           return false;
00568     }
00569   }
00570 
00571   // If the path from the entry of the function to each load is free of
00572   // instructions that potentially invalidate the load, we can make the
00573   // transformation!
00574   return true;
00575 }
00576 
00577 /// DoPromotion - This method actually performs the promotion of the specified
00578 /// arguments, and returns the new function.  At this point, we know that it's
00579 /// safe to do so.
00580 CallGraphNode *ArgPromotion::DoPromotion(Function *F,
00581                              SmallPtrSetImpl<Argument*> &ArgsToPromote,
00582                              SmallPtrSetImpl<Argument*> &ByValArgsToTransform) {
00583 
00584   // Start by computing a new prototype for the function, which is the same as
00585   // the old function, but has modified arguments.
00586   FunctionType *FTy = F->getFunctionType();
00587   std::vector<Type*> Params;
00588 
00589   typedef std::set<IndicesVector> ScalarizeTable;
00590 
00591   // ScalarizedElements - If we are promoting a pointer that has elements
00592   // accessed out of it, keep track of which elements are accessed so that we
00593   // can add one argument for each.
00594   //
00595   // Arguments that are directly loaded will have a zero element value here, to
00596   // handle cases where there are both a direct load and GEP accesses.
00597   //
00598   std::map<Argument*, ScalarizeTable> ScalarizedElements;
00599 
00600   // OriginalLoads - Keep track of a representative load instruction from the
00601   // original function so that we can tell the alias analysis implementation
00602   // what the new GEP/Load instructions we are inserting look like.
00603   // We need to keep the original loads for each argument and the elements
00604   // of the argument that are accessed.
00605   std::map<std::pair<Argument*, IndicesVector>, LoadInst*> OriginalLoads;
00606 
00607   // Attribute - Keep track of the parameter attributes for the arguments
00608   // that we are *not* promoting. For the ones that we do promote, the parameter
00609   // attributes are lost
00610   SmallVector<AttributeSet, 8> AttributesVec;
00611   const AttributeSet &PAL = F->getAttributes();
00612 
00613   // Add any return attributes.
00614   if (PAL.hasAttributes(AttributeSet::ReturnIndex))
00615     AttributesVec.push_back(AttributeSet::get(F->getContext(),
00616                                               PAL.getRetAttributes()));
00617 
00618   // First, determine the new argument list
00619   unsigned ArgIndex = 1;
00620   for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end(); I != E;
00621        ++I, ++ArgIndex) {
00622     if (ByValArgsToTransform.count(I)) {
00623       // Simple byval argument? Just add all the struct element types.
00624       Type *AgTy = cast<PointerType>(I->getType())->getElementType();
00625       StructType *STy = cast<StructType>(AgTy);
00626       for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i)
00627         Params.push_back(STy->getElementType(i));
00628       ++NumByValArgsPromoted;
00629     } else if (!ArgsToPromote.count(I)) {
00630       // Unchanged argument
00631       Params.push_back(I->getType());
00632       AttributeSet attrs = PAL.getParamAttributes(ArgIndex);
00633       if (attrs.hasAttributes(ArgIndex)) {
00634         AttrBuilder B(attrs, ArgIndex);
00635         AttributesVec.
00636           push_back(AttributeSet::get(F->getContext(), Params.size(), B));
00637       }
00638     } else if (I->use_empty()) {
00639       // Dead argument (which are always marked as promotable)
00640       ++NumArgumentsDead;
00641     } else {
00642       // Okay, this is being promoted. This means that the only uses are loads
00643       // or GEPs which are only used by loads
00644 
00645       // In this table, we will track which indices are loaded from the argument
00646       // (where direct loads are tracked as no indices).
00647       ScalarizeTable &ArgIndices = ScalarizedElements[I];
00648       for (User *U : I->users()) {
00649         Instruction *UI = cast<Instruction>(U);
00650         assert(isa<LoadInst>(UI) || isa<GetElementPtrInst>(UI));
00651         IndicesVector Indices;
00652         Indices.reserve(UI->getNumOperands() - 1);
00653         // Since loads will only have a single operand, and GEPs only a single
00654         // non-index operand, this will record direct loads without any indices,
00655         // and gep+loads with the GEP indices.
00656         for (User::op_iterator II = UI->op_begin() + 1, IE = UI->op_end();
00657              II != IE; ++II)
00658           Indices.push_back(cast<ConstantInt>(*II)->getSExtValue());
00659         // GEPs with a single 0 index can be merged with direct loads
00660         if (Indices.size() == 1 && Indices.front() == 0)
00661           Indices.clear();
00662         ArgIndices.insert(Indices);
00663         LoadInst *OrigLoad;
00664         if (LoadInst *L = dyn_cast<LoadInst>(UI))
00665           OrigLoad = L;
00666         else
00667           // Take any load, we will use it only to update Alias Analysis
00668           OrigLoad = cast<LoadInst>(UI->user_back());
00669         OriginalLoads[std::make_pair(I, Indices)] = OrigLoad;
00670       }
00671 
00672       // Add a parameter to the function for each element passed in.
00673       for (ScalarizeTable::iterator SI = ArgIndices.begin(),
00674              E = ArgIndices.end(); SI != E; ++SI) {
00675         // not allowed to dereference ->begin() if size() is 0
00676         Params.push_back(GetElementPtrInst::getIndexedType(I->getType(), *SI));
00677         assert(Params.back());
00678       }
00679 
00680       if (ArgIndices.size() == 1 && ArgIndices.begin()->empty())
00681         ++NumArgumentsPromoted;
00682       else
00683         ++NumAggregatesPromoted;
00684     }
00685   }
00686 
00687   // Add any function attributes.
00688   if (PAL.hasAttributes(AttributeSet::FunctionIndex))
00689     AttributesVec.push_back(AttributeSet::get(FTy->getContext(),
00690                                               PAL.getFnAttributes()));
00691 
00692   Type *RetTy = FTy->getReturnType();
00693 
00694   // Construct the new function type using the new arguments.
00695   FunctionType *NFTy = FunctionType::get(RetTy, Params, FTy->isVarArg());
00696 
00697   // Create the new function body and insert it into the module.
00698   Function *NF = Function::Create(NFTy, F->getLinkage(), F->getName());
00699   NF->copyAttributesFrom(F);
00700 
00701   // Patch the pointer to LLVM function in debug info descriptor.
00702   auto DI = FunctionDIs.find(F);
00703   if (DI != FunctionDIs.end()) {
00704     DISubprogram SP = DI->second;
00705     SP.replaceFunction(NF);
00706     // Ensure the map is updated so it can be reused on subsequent argument
00707     // promotions of the same function.
00708     FunctionDIs.erase(DI);
00709     FunctionDIs[NF] = SP;
00710   }
00711 
00712   DEBUG(dbgs() << "ARG PROMOTION:  Promoting to:" << *NF << "\n"
00713         << "From: " << *F);
00714   
00715   // Recompute the parameter attributes list based on the new arguments for
00716   // the function.
00717   NF->setAttributes(AttributeSet::get(F->getContext(), AttributesVec));
00718   AttributesVec.clear();
00719 
00720   F->getParent()->getFunctionList().insert(F, NF);
00721   NF->takeName(F);
00722 
00723   // Get the alias analysis information that we need to update to reflect our
00724   // changes.
00725   AliasAnalysis &AA = getAnalysis<AliasAnalysis>();
00726 
00727   // Get the callgraph information that we need to update to reflect our
00728   // changes.
00729   CallGraph &CG = getAnalysis<CallGraphWrapperPass>().getCallGraph();
00730 
00731   // Get a new callgraph node for NF.
00732   CallGraphNode *NF_CGN = CG.getOrInsertFunction(NF);
00733 
00734   // Loop over all of the callers of the function, transforming the call sites
00735   // to pass in the loaded pointers.
00736   //
00737   SmallVector<Value*, 16> Args;
00738   while (!F->use_empty()) {
00739     CallSite CS(F->user_back());
00740     assert(CS.getCalledFunction() == F);
00741     Instruction *Call = CS.getInstruction();
00742     const AttributeSet &CallPAL = CS.getAttributes();
00743 
00744     // Add any return attributes.
00745     if (CallPAL.hasAttributes(AttributeSet::ReturnIndex))
00746       AttributesVec.push_back(AttributeSet::get(F->getContext(),
00747                                                 CallPAL.getRetAttributes()));
00748 
00749     // Loop over the operands, inserting GEP and loads in the caller as
00750     // appropriate.
00751     CallSite::arg_iterator AI = CS.arg_begin();
00752     ArgIndex = 1;
00753     for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end();
00754          I != E; ++I, ++AI, ++ArgIndex)
00755       if (!ArgsToPromote.count(I) && !ByValArgsToTransform.count(I)) {
00756         Args.push_back(*AI);          // Unmodified argument
00757 
00758         if (CallPAL.hasAttributes(ArgIndex)) {
00759           AttrBuilder B(CallPAL, ArgIndex);
00760           AttributesVec.
00761             push_back(AttributeSet::get(F->getContext(), Args.size(), B));
00762         }
00763       } else if (ByValArgsToTransform.count(I)) {
00764         // Emit a GEP and load for each element of the struct.
00765         Type *AgTy = cast<PointerType>(I->getType())->getElementType();
00766         StructType *STy = cast<StructType>(AgTy);
00767         Value *Idxs[2] = {
00768               ConstantInt::get(Type::getInt32Ty(F->getContext()), 0), nullptr };
00769         for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00770           Idxs[1] = ConstantInt::get(Type::getInt32Ty(F->getContext()), i);
00771           Value *Idx = GetElementPtrInst::Create(*AI, Idxs,
00772                                                  (*AI)->getName()+"."+utostr(i),
00773                                                  Call);
00774           // TODO: Tell AA about the new values?
00775           Args.push_back(new LoadInst(Idx, Idx->getName()+".val", Call));
00776         }
00777       } else if (!I->use_empty()) {
00778         // Non-dead argument: insert GEPs and loads as appropriate.
00779         ScalarizeTable &ArgIndices = ScalarizedElements[I];
00780         // Store the Value* version of the indices in here, but declare it now
00781         // for reuse.
00782         std::vector<Value*> Ops;
00783         for (ScalarizeTable::iterator SI = ArgIndices.begin(),
00784                E = ArgIndices.end(); SI != E; ++SI) {
00785           Value *V = *AI;
00786           LoadInst *OrigLoad = OriginalLoads[std::make_pair(I, *SI)];
00787           if (!SI->empty()) {
00788             Ops.reserve(SI->size());
00789             Type *ElTy = V->getType();
00790             for (IndicesVector::const_iterator II = SI->begin(),
00791                  IE = SI->end(); II != IE; ++II) {
00792               // Use i32 to index structs, and i64 for others (pointers/arrays).
00793               // This satisfies GEP constraints.
00794               Type *IdxTy = (ElTy->isStructTy() ?
00795                     Type::getInt32Ty(F->getContext()) : 
00796                     Type::getInt64Ty(F->getContext()));
00797               Ops.push_back(ConstantInt::get(IdxTy, *II));
00798               // Keep track of the type we're currently indexing.
00799               ElTy = cast<CompositeType>(ElTy)->getTypeAtIndex(*II);
00800             }
00801             // And create a GEP to extract those indices.
00802             V = GetElementPtrInst::Create(V, Ops, V->getName()+".idx", Call);
00803             Ops.clear();
00804             AA.copyValue(OrigLoad->getOperand(0), V);
00805           }
00806           // Since we're replacing a load make sure we take the alignment
00807           // of the previous load.
00808           LoadInst *newLoad = new LoadInst(V, V->getName()+".val", Call);
00809           newLoad->setAlignment(OrigLoad->getAlignment());
00810           // Transfer the AA info too.
00811           AAMDNodes AAInfo;
00812           OrigLoad->getAAMetadata(AAInfo);
00813           newLoad->setAAMetadata(AAInfo);
00814 
00815           Args.push_back(newLoad);
00816           AA.copyValue(OrigLoad, Args.back());
00817         }
00818       }
00819 
00820     // Push any varargs arguments on the list.
00821     for (; AI != CS.arg_end(); ++AI, ++ArgIndex) {
00822       Args.push_back(*AI);
00823       if (CallPAL.hasAttributes(ArgIndex)) {
00824         AttrBuilder B(CallPAL, ArgIndex);
00825         AttributesVec.
00826           push_back(AttributeSet::get(F->getContext(), Args.size(), B));
00827       }
00828     }
00829 
00830     // Add any function attributes.
00831     if (CallPAL.hasAttributes(AttributeSet::FunctionIndex))
00832       AttributesVec.push_back(AttributeSet::get(Call->getContext(),
00833                                                 CallPAL.getFnAttributes()));
00834 
00835     Instruction *New;
00836     if (InvokeInst *II = dyn_cast<InvokeInst>(Call)) {
00837       New = InvokeInst::Create(NF, II->getNormalDest(), II->getUnwindDest(),
00838                                Args, "", Call);
00839       cast<InvokeInst>(New)->setCallingConv(CS.getCallingConv());
00840       cast<InvokeInst>(New)->setAttributes(AttributeSet::get(II->getContext(),
00841                                                             AttributesVec));
00842     } else {
00843       New = CallInst::Create(NF, Args, "", Call);
00844       cast<CallInst>(New)->setCallingConv(CS.getCallingConv());
00845       cast<CallInst>(New)->setAttributes(AttributeSet::get(New->getContext(),
00846                                                           AttributesVec));
00847       if (cast<CallInst>(Call)->isTailCall())
00848         cast<CallInst>(New)->setTailCall();
00849     }
00850     New->setDebugLoc(Call->getDebugLoc());
00851     Args.clear();
00852     AttributesVec.clear();
00853 
00854     // Update the alias analysis implementation to know that we are replacing
00855     // the old call with a new one.
00856     AA.replaceWithNewValue(Call, New);
00857 
00858     // Update the callgraph to know that the callsite has been transformed.
00859     CallGraphNode *CalleeNode = CG[Call->getParent()->getParent()];
00860     CalleeNode->replaceCallEdge(Call, New, NF_CGN);
00861 
00862     if (!Call->use_empty()) {
00863       Call->replaceAllUsesWith(New);
00864       New->takeName(Call);
00865     }
00866 
00867     // Finally, remove the old call from the program, reducing the use-count of
00868     // F.
00869     Call->eraseFromParent();
00870   }
00871 
00872   // Since we have now created the new function, splice the body of the old
00873   // function right into the new function, leaving the old rotting hulk of the
00874   // function empty.
00875   NF->getBasicBlockList().splice(NF->begin(), F->getBasicBlockList());
00876 
00877   // Loop over the argument list, transferring uses of the old arguments over to
00878   // the new arguments, also transferring over the names as well.
00879   //
00880   for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end(),
00881        I2 = NF->arg_begin(); I != E; ++I) {
00882     if (!ArgsToPromote.count(I) && !ByValArgsToTransform.count(I)) {
00883       // If this is an unmodified argument, move the name and users over to the
00884       // new version.
00885       I->replaceAllUsesWith(I2);
00886       I2->takeName(I);
00887       AA.replaceWithNewValue(I, I2);
00888       ++I2;
00889       continue;
00890     }
00891 
00892     if (ByValArgsToTransform.count(I)) {
00893       // In the callee, we create an alloca, and store each of the new incoming
00894       // arguments into the alloca.
00895       Instruction *InsertPt = NF->begin()->begin();
00896 
00897       // Just add all the struct element types.
00898       Type *AgTy = cast<PointerType>(I->getType())->getElementType();
00899       Value *TheAlloca = new AllocaInst(AgTy, nullptr, "", InsertPt);
00900       StructType *STy = cast<StructType>(AgTy);
00901       Value *Idxs[2] = {
00902             ConstantInt::get(Type::getInt32Ty(F->getContext()), 0), nullptr };
00903 
00904       for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00905         Idxs[1] = ConstantInt::get(Type::getInt32Ty(F->getContext()), i);
00906         Value *Idx = 
00907           GetElementPtrInst::Create(TheAlloca, Idxs,
00908                                     TheAlloca->getName()+"."+Twine(i), 
00909                                     InsertPt);
00910         I2->setName(I->getName()+"."+Twine(i));
00911         new StoreInst(I2++, Idx, InsertPt);
00912       }
00913 
00914       // Anything that used the arg should now use the alloca.
00915       I->replaceAllUsesWith(TheAlloca);
00916       TheAlloca->takeName(I);
00917       AA.replaceWithNewValue(I, TheAlloca);
00918 
00919       // If the alloca is used in a call, we must clear the tail flag since
00920       // the callee now uses an alloca from the caller.
00921       for (User *U : TheAlloca->users()) {
00922         CallInst *Call = dyn_cast<CallInst>(U);
00923         if (!Call)
00924           continue;
00925         Call->setTailCall(false);
00926       }
00927       continue;
00928     }
00929 
00930     if (I->use_empty()) {
00931       AA.deleteValue(I);
00932       continue;
00933     }
00934 
00935     // Otherwise, if we promoted this argument, then all users are load
00936     // instructions (or GEPs with only load users), and all loads should be
00937     // using the new argument that we added.
00938     ScalarizeTable &ArgIndices = ScalarizedElements[I];
00939 
00940     while (!I->use_empty()) {
00941       if (LoadInst *LI = dyn_cast<LoadInst>(I->user_back())) {
00942         assert(ArgIndices.begin()->empty() &&
00943                "Load element should sort to front!");
00944         I2->setName(I->getName()+".val");
00945         LI->replaceAllUsesWith(I2);
00946         AA.replaceWithNewValue(LI, I2);
00947         LI->eraseFromParent();
00948         DEBUG(dbgs() << "*** Promoted load of argument '" << I->getName()
00949               << "' in function '" << F->getName() << "'\n");
00950       } else {
00951         GetElementPtrInst *GEP = cast<GetElementPtrInst>(I->user_back());
00952         IndicesVector Operands;
00953         Operands.reserve(GEP->getNumIndices());
00954         for (User::op_iterator II = GEP->idx_begin(), IE = GEP->idx_end();
00955              II != IE; ++II)
00956           Operands.push_back(cast<ConstantInt>(*II)->getSExtValue());
00957 
00958         // GEPs with a single 0 index can be merged with direct loads
00959         if (Operands.size() == 1 && Operands.front() == 0)
00960           Operands.clear();
00961 
00962         Function::arg_iterator TheArg = I2;
00963         for (ScalarizeTable::iterator It = ArgIndices.begin();
00964              *It != Operands; ++It, ++TheArg) {
00965           assert(It != ArgIndices.end() && "GEP not handled??");
00966         }
00967 
00968         std::string NewName = I->getName();
00969         for (unsigned i = 0, e = Operands.size(); i != e; ++i) {
00970             NewName += "." + utostr(Operands[i]);
00971         }
00972         NewName += ".val";
00973         TheArg->setName(NewName);
00974 
00975         DEBUG(dbgs() << "*** Promoted agg argument '" << TheArg->getName()
00976               << "' of function '" << NF->getName() << "'\n");
00977 
00978         // All of the uses must be load instructions.  Replace them all with
00979         // the argument specified by ArgNo.
00980         while (!GEP->use_empty()) {
00981           LoadInst *L = cast<LoadInst>(GEP->user_back());
00982           L->replaceAllUsesWith(TheArg);
00983           AA.replaceWithNewValue(L, TheArg);
00984           L->eraseFromParent();
00985         }
00986         AA.deleteValue(GEP);
00987         GEP->eraseFromParent();
00988       }
00989     }
00990 
00991     // Increment I2 past all of the arguments added for this promoted pointer.
00992     std::advance(I2, ArgIndices.size());
00993   }
00994 
00995   // Tell the alias analysis that the old function is about to disappear.
00996   AA.replaceWithNewValue(F, NF);
00997 
00998   
00999   NF_CGN->stealCalledFunctionsFrom(CG[F]);
01000   
01001   // Now that the old function is dead, delete it.  If there is a dangling
01002   // reference to the CallgraphNode, just leave the dead function around for
01003   // someone else to nuke.
01004   CallGraphNode *CGN = CG[F];
01005   if (CGN->getNumReferences() == 0)
01006     delete CG.removeFunctionFromModule(CGN);
01007   else
01008     F->setLinkage(Function::ExternalLinkage);
01009   
01010   return NF_CGN;
01011 }
01012 
01013 bool ArgPromotion::doInitialization(CallGraph &CG) {
01014   FunctionDIs = makeSubprogramMap(CG.getModule());
01015   return CallGraphSCCPass::doInitialization(CG);
01016 }