LLVM API Documentation

ArgumentPromotion.cpp
Go to the documentation of this file.
00001 //===-- ArgumentPromotion.cpp - Promote by-reference arguments ------------===//
00002 //
00003 //                     The LLVM Compiler Infrastructure
00004 //
00005 // This file is distributed under the University of Illinois Open Source
00006 // License. See LICENSE.TXT for details.
00007 //
00008 //===----------------------------------------------------------------------===//
00009 //
00010 // This pass promotes "by reference" arguments to be "by value" arguments.  In
00011 // practice, this means looking for internal functions that have pointer
00012 // arguments.  If it can prove, through the use of alias analysis, that an
00013 // argument is *only* loaded, then it can pass the value into the function
00014 // instead of the address of the value.  This can cause recursive simplification
00015 // of code and lead to the elimination of allocas (especially in C++ template
00016 // code like the STL).
00017 //
00018 // This pass also handles aggregate arguments that are passed into a function,
00019 // scalarizing them if the elements of the aggregate are only loaded.  Note that
00020 // by default it refuses to scalarize aggregates which would require passing in
00021 // more than three operands to the function, because passing thousands of
00022 // operands for a large array or structure is unprofitable! This limit can be
00023 // configured or disabled, however.
00024 //
00025 // Note that this transformation could also be done for arguments that are only
00026 // stored to (returning the value instead), but does not currently.  This case
00027 // would be best handled when and if LLVM begins supporting multiple return
00028 // values from functions.
00029 //
00030 //===----------------------------------------------------------------------===//
00031 
00032 #include "llvm/Transforms/IPO.h"
00033 #include "llvm/ADT/DepthFirstIterator.h"
00034 #include "llvm/ADT/Statistic.h"
00035 #include "llvm/ADT/StringExtras.h"
00036 #include "llvm/Analysis/AliasAnalysis.h"
00037 #include "llvm/Analysis/CallGraph.h"
00038 #include "llvm/Analysis/CallGraphSCCPass.h"
00039 #include "llvm/IR/CFG.h"
00040 #include "llvm/IR/CallSite.h"
00041 #include "llvm/IR/Constants.h"
00042 #include "llvm/IR/DataLayout.h"
00043 #include "llvm/IR/DebugInfo.h"
00044 #include "llvm/IR/DerivedTypes.h"
00045 #include "llvm/IR/Instructions.h"
00046 #include "llvm/IR/LLVMContext.h"
00047 #include "llvm/IR/Module.h"
00048 #include "llvm/Support/Debug.h"
00049 #include "llvm/Support/raw_ostream.h"
00050 #include <set>
00051 using namespace llvm;
00052 
00053 #define DEBUG_TYPE "argpromotion"
00054 
00055 STATISTIC(NumArgumentsPromoted , "Number of pointer arguments promoted");
00056 STATISTIC(NumAggregatesPromoted, "Number of aggregate arguments promoted");
00057 STATISTIC(NumByValArgsPromoted , "Number of byval arguments promoted");
00058 STATISTIC(NumArgumentsDead     , "Number of dead pointer args eliminated");
00059 
00060 namespace {
00061   /// ArgPromotion - The 'by reference' to 'by value' argument promotion pass.
00062   ///
00063   struct ArgPromotion : public CallGraphSCCPass {
00064     void getAnalysisUsage(AnalysisUsage &AU) const override {
00065       AU.addRequired<AliasAnalysis>();
00066       CallGraphSCCPass::getAnalysisUsage(AU);
00067     }
00068 
00069     bool runOnSCC(CallGraphSCC &SCC) override;
00070     static char ID; // Pass identification, replacement for typeid
00071     explicit ArgPromotion(unsigned maxElements = 3)
00072         : CallGraphSCCPass(ID), DL(nullptr), maxElements(maxElements) {
00073       initializeArgPromotionPass(*PassRegistry::getPassRegistry());
00074     }
00075 
00076     /// A vector used to hold the indices of a single GEP instruction
00077     typedef std::vector<uint64_t> IndicesVector;
00078 
00079     const DataLayout *DL;
00080   private:
00081     bool isDenselyPacked(Type *type);
00082     bool canPaddingBeAccessed(Argument *Arg);
00083     CallGraphNode *PromoteArguments(CallGraphNode *CGN);
00084     bool isSafeToPromoteArgument(Argument *Arg, bool isByVal) const;
00085     CallGraphNode *DoPromotion(Function *F,
00086                               SmallPtrSetImpl<Argument*> &ArgsToPromote,
00087                               SmallPtrSetImpl<Argument*> &ByValArgsToTransform);
00088     
00089     using llvm::Pass::doInitialization;
00090     bool doInitialization(CallGraph &CG) override;
00091     /// The maximum number of elements to expand, or 0 for unlimited.
00092     unsigned maxElements;
00093     DenseMap<const Function *, DISubprogram> FunctionDIs;
00094   };
00095 }
00096 
00097 char ArgPromotion::ID = 0;
00098 INITIALIZE_PASS_BEGIN(ArgPromotion, "argpromotion",
00099                 "Promote 'by reference' arguments to scalars", false, false)
00100 INITIALIZE_AG_DEPENDENCY(AliasAnalysis)
00101 INITIALIZE_PASS_DEPENDENCY(CallGraphWrapperPass)
00102 INITIALIZE_PASS_END(ArgPromotion, "argpromotion",
00103                 "Promote 'by reference' arguments to scalars", false, false)
00104 
00105 Pass *llvm::createArgumentPromotionPass(unsigned maxElements) {
00106   return new ArgPromotion(maxElements);
00107 }
00108 
00109 bool ArgPromotion::runOnSCC(CallGraphSCC &SCC) {
00110   bool Changed = false, LocalChange;
00111 
00112   DataLayoutPass *DLP = getAnalysisIfAvailable<DataLayoutPass>();
00113   DL = DLP ? &DLP->getDataLayout() : nullptr;
00114 
00115   do {  // Iterate until we stop promoting from this SCC.
00116     LocalChange = false;
00117     // Attempt to promote arguments from all functions in this SCC.
00118     for (CallGraphSCC::iterator I = SCC.begin(), E = SCC.end(); I != E; ++I) {
00119       if (CallGraphNode *CGN = PromoteArguments(*I)) {
00120         LocalChange = true;
00121         SCC.ReplaceNode(*I, CGN);
00122       }
00123     }
00124     Changed |= LocalChange;               // Remember that we changed something.
00125   } while (LocalChange);
00126   
00127   return Changed;
00128 }
00129 
00130 /// \brief Checks if a type could have padding bytes.
00131 bool ArgPromotion::isDenselyPacked(Type *type) {
00132 
00133   // There is no size information, so be conservative.
00134   if (!type->isSized())
00135     return false;
00136 
00137   // If the alloc size is not equal to the storage size, then there are padding
00138   // bytes. For x86_fp80 on x86-64, size: 80 alloc size: 128.
00139   if (!DL || DL->getTypeSizeInBits(type) != DL->getTypeAllocSizeInBits(type))
00140     return false;
00141 
00142   if (!isa<CompositeType>(type))
00143     return true;
00144 
00145   // For homogenous sequential types, check for padding within members.
00146   if (SequentialType *seqTy = dyn_cast<SequentialType>(type))
00147     return isa<PointerType>(seqTy) || isDenselyPacked(seqTy->getElementType());
00148 
00149   // Check for padding within and between elements of a struct.
00150   StructType *StructTy = cast<StructType>(type);
00151   const StructLayout *Layout = DL->getStructLayout(StructTy);
00152   uint64_t StartPos = 0;
00153   for (unsigned i = 0, E = StructTy->getNumElements(); i < E; ++i) {
00154     Type *ElTy = StructTy->getElementType(i);
00155     if (!isDenselyPacked(ElTy))
00156       return false;
00157     if (StartPos != Layout->getElementOffsetInBits(i))
00158       return false;
00159     StartPos += DL->getTypeAllocSizeInBits(ElTy);
00160   }
00161 
00162   return true;
00163 }
00164 
00165 /// \brief Checks if the padding bytes of an argument could be accessed.
00166 bool ArgPromotion::canPaddingBeAccessed(Argument *arg) {
00167 
00168   assert(arg->hasByValAttr());
00169 
00170   // Track all the pointers to the argument to make sure they are not captured.
00171   SmallPtrSet<Value *, 16> PtrValues;
00172   PtrValues.insert(arg);
00173 
00174   // Track all of the stores.
00175   SmallVector<StoreInst *, 16> Stores;
00176 
00177   // Scan through the uses recursively to make sure the pointer is always used
00178   // sanely.
00179   SmallVector<Value *, 16> WorkList;
00180   WorkList.insert(WorkList.end(), arg->user_begin(), arg->user_end());
00181   while (!WorkList.empty()) {
00182     Value *V = WorkList.back();
00183     WorkList.pop_back();
00184     if (isa<GetElementPtrInst>(V) || isa<PHINode>(V)) {
00185       if (PtrValues.insert(V).second)
00186         WorkList.insert(WorkList.end(), V->user_begin(), V->user_end());
00187     } else if (StoreInst *Store = dyn_cast<StoreInst>(V)) {
00188       Stores.push_back(Store);
00189     } else if (!isa<LoadInst>(V)) {
00190       return true;
00191     }
00192   }
00193 
00194 // Check to make sure the pointers aren't captured
00195   for (StoreInst *Store : Stores)
00196     if (PtrValues.count(Store->getValueOperand()))
00197       return true;
00198 
00199   return false;
00200 }
00201 
00202 /// PromoteArguments - This method checks the specified function to see if there
00203 /// are any promotable arguments and if it is safe to promote the function (for
00204 /// example, all callers are direct).  If safe to promote some arguments, it
00205 /// calls the DoPromotion method.
00206 ///
00207 CallGraphNode *ArgPromotion::PromoteArguments(CallGraphNode *CGN) {
00208   Function *F = CGN->getFunction();
00209 
00210   // Make sure that it is local to this module.
00211   if (!F || !F->hasLocalLinkage()) return nullptr;
00212 
00213   // First check: see if there are any pointer arguments!  If not, quick exit.
00214   SmallVector<Argument*, 16> PointerArgs;
00215   for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end(); I != E; ++I)
00216     if (I->getType()->isPointerTy())
00217       PointerArgs.push_back(I);
00218   if (PointerArgs.empty()) return nullptr;
00219 
00220   // Second check: make sure that all callers are direct callers.  We can't
00221   // transform functions that have indirect callers.  Also see if the function
00222   // is self-recursive.
00223   bool isSelfRecursive = false;
00224   for (Use &U : F->uses()) {
00225     CallSite CS(U.getUser());
00226     // Must be a direct call.
00227     if (CS.getInstruction() == nullptr || !CS.isCallee(&U)) return nullptr;
00228     
00229     if (CS.getInstruction()->getParent()->getParent() == F)
00230       isSelfRecursive = true;
00231   }
00232   
00233   // Don't promote arguments for variadic functions. Adding, removing, or
00234   // changing non-pack parameters can change the classification of pack
00235   // parameters. Frontends encode that classification at the call site in the
00236   // IR, while in the callee the classification is determined dynamically based
00237   // on the number of registers consumed so far.
00238   if (F->isVarArg()) return nullptr;
00239 
00240   // Check to see which arguments are promotable.  If an argument is promotable,
00241   // add it to ArgsToPromote.
00242   SmallPtrSet<Argument*, 8> ArgsToPromote;
00243   SmallPtrSet<Argument*, 8> ByValArgsToTransform;
00244   for (unsigned i = 0, e = PointerArgs.size(); i != e; ++i) {
00245     Argument *PtrArg = PointerArgs[i];
00246     Type *AgTy = cast<PointerType>(PtrArg->getType())->getElementType();
00247 
00248     // If this is a byval argument, and if the aggregate type is small, just
00249     // pass the elements, which is always safe, if the passed value is densely
00250     // packed or if we can prove the padding bytes are never accessed. This does
00251     // not apply to inalloca.
00252     bool isSafeToPromote =
00253       PtrArg->hasByValAttr() &&
00254       (isDenselyPacked(AgTy) || !canPaddingBeAccessed(PtrArg));
00255     if (isSafeToPromote) {
00256       if (StructType *STy = dyn_cast<StructType>(AgTy)) {
00257         if (maxElements > 0 && STy->getNumElements() > maxElements) {
00258           DEBUG(dbgs() << "argpromotion disable promoting argument '"
00259                 << PtrArg->getName() << "' because it would require adding more"
00260                 << " than " << maxElements << " arguments to the function.\n");
00261           continue;
00262         }
00263         
00264         // If all the elements are single-value types, we can promote it.
00265         bool AllSimple = true;
00266         for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00267           if (!STy->getElementType(i)->isSingleValueType()) {
00268             AllSimple = false;
00269             break;
00270           }
00271         }
00272 
00273         // Safe to transform, don't even bother trying to "promote" it.
00274         // Passing the elements as a scalar will allow scalarrepl to hack on
00275         // the new alloca we introduce.
00276         if (AllSimple) {
00277           ByValArgsToTransform.insert(PtrArg);
00278           continue;
00279         }
00280       }
00281     }
00282 
00283     // If the argument is a recursive type and we're in a recursive
00284     // function, we could end up infinitely peeling the function argument.
00285     if (isSelfRecursive) {
00286       if (StructType *STy = dyn_cast<StructType>(AgTy)) {
00287         bool RecursiveType = false;
00288         for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00289           if (STy->getElementType(i) == PtrArg->getType()) {
00290             RecursiveType = true;
00291             break;
00292           }
00293         }
00294         if (RecursiveType)
00295           continue;
00296       }
00297     }
00298     
00299     // Otherwise, see if we can promote the pointer to its value.
00300     if (isSafeToPromoteArgument(PtrArg, PtrArg->hasByValOrInAllocaAttr()))
00301       ArgsToPromote.insert(PtrArg);
00302   }
00303 
00304   // No promotable pointer arguments.
00305   if (ArgsToPromote.empty() && ByValArgsToTransform.empty()) 
00306     return nullptr;
00307 
00308   return DoPromotion(F, ArgsToPromote, ByValArgsToTransform);
00309 }
00310 
00311 /// AllCallersPassInValidPointerForArgument - Return true if we can prove that
00312 /// all callees pass in a valid pointer for the specified function argument.
00313 static bool AllCallersPassInValidPointerForArgument(Argument *Arg,
00314                                                     const DataLayout *DL) {
00315   Function *Callee = Arg->getParent();
00316 
00317   unsigned ArgNo = Arg->getArgNo();
00318 
00319   // Look at all call sites of the function.  At this pointer we know we only
00320   // have direct callees.
00321   for (User *U : Callee->users()) {
00322     CallSite CS(U);
00323     assert(CS && "Should only have direct calls!");
00324 
00325     if (!CS.getArgument(ArgNo)->isDereferenceablePointer(DL))
00326       return false;
00327   }
00328   return true;
00329 }
00330 
00331 /// Returns true if Prefix is a prefix of longer. That means, Longer has a size
00332 /// that is greater than or equal to the size of prefix, and each of the
00333 /// elements in Prefix is the same as the corresponding elements in Longer.
00334 ///
00335 /// This means it also returns true when Prefix and Longer are equal!
00336 static bool IsPrefix(const ArgPromotion::IndicesVector &Prefix,
00337                      const ArgPromotion::IndicesVector &Longer) {
00338   if (Prefix.size() > Longer.size())
00339     return false;
00340   return std::equal(Prefix.begin(), Prefix.end(), Longer.begin());
00341 }
00342 
00343 
00344 /// Checks if Indices, or a prefix of Indices, is in Set.
00345 static bool PrefixIn(const ArgPromotion::IndicesVector &Indices,
00346                      std::set<ArgPromotion::IndicesVector> &Set) {
00347     std::set<ArgPromotion::IndicesVector>::iterator Low;
00348     Low = Set.upper_bound(Indices);
00349     if (Low != Set.begin())
00350       Low--;
00351     // Low is now the last element smaller than or equal to Indices. This means
00352     // it points to a prefix of Indices (possibly Indices itself), if such
00353     // prefix exists.
00354     //
00355     // This load is safe if any prefix of its operands is safe to load.
00356     return Low != Set.end() && IsPrefix(*Low, Indices);
00357 }
00358 
00359 /// Mark the given indices (ToMark) as safe in the given set of indices
00360 /// (Safe). Marking safe usually means adding ToMark to Safe. However, if there
00361 /// is already a prefix of Indices in Safe, Indices are implicitely marked safe
00362 /// already. Furthermore, any indices that Indices is itself a prefix of, are
00363 /// removed from Safe (since they are implicitely safe because of Indices now).
00364 static void MarkIndicesSafe(const ArgPromotion::IndicesVector &ToMark,
00365                             std::set<ArgPromotion::IndicesVector> &Safe) {
00366   std::set<ArgPromotion::IndicesVector>::iterator Low;
00367   Low = Safe.upper_bound(ToMark);
00368   // Guard against the case where Safe is empty
00369   if (Low != Safe.begin())
00370     Low--;
00371   // Low is now the last element smaller than or equal to Indices. This
00372   // means it points to a prefix of Indices (possibly Indices itself), if
00373   // such prefix exists.
00374   if (Low != Safe.end()) {
00375     if (IsPrefix(*Low, ToMark))
00376       // If there is already a prefix of these indices (or exactly these
00377       // indices) marked a safe, don't bother adding these indices
00378       return;
00379 
00380     // Increment Low, so we can use it as a "insert before" hint
00381     ++Low;
00382   }
00383   // Insert
00384   Low = Safe.insert(Low, ToMark);
00385   ++Low;
00386   // If there we're a prefix of longer index list(s), remove those
00387   std::set<ArgPromotion::IndicesVector>::iterator End = Safe.end();
00388   while (Low != End && IsPrefix(ToMark, *Low)) {
00389     std::set<ArgPromotion::IndicesVector>::iterator Remove = Low;
00390     ++Low;
00391     Safe.erase(Remove);
00392   }
00393 }
00394 
00395 /// isSafeToPromoteArgument - As you might guess from the name of this method,
00396 /// it checks to see if it is both safe and useful to promote the argument.
00397 /// This method limits promotion of aggregates to only promote up to three
00398 /// elements of the aggregate in order to avoid exploding the number of
00399 /// arguments passed in.
00400 bool ArgPromotion::isSafeToPromoteArgument(Argument *Arg,
00401                                            bool isByValOrInAlloca) const {
00402   typedef std::set<IndicesVector> GEPIndicesSet;
00403 
00404   // Quick exit for unused arguments
00405   if (Arg->use_empty())
00406     return true;
00407 
00408   // We can only promote this argument if all of the uses are loads, or are GEP
00409   // instructions (with constant indices) that are subsequently loaded.
00410   //
00411   // Promoting the argument causes it to be loaded in the caller
00412   // unconditionally. This is only safe if we can prove that either the load
00413   // would have happened in the callee anyway (ie, there is a load in the entry
00414   // block) or the pointer passed in at every call site is guaranteed to be
00415   // valid.
00416   // In the former case, invalid loads can happen, but would have happened
00417   // anyway, in the latter case, invalid loads won't happen. This prevents us
00418   // from introducing an invalid load that wouldn't have happened in the
00419   // original code.
00420   //
00421   // This set will contain all sets of indices that are loaded in the entry
00422   // block, and thus are safe to unconditionally load in the caller.
00423   //
00424   // This optimization is also safe for InAlloca parameters, because it verifies
00425   // that the address isn't captured.
00426   GEPIndicesSet SafeToUnconditionallyLoad;
00427 
00428   // This set contains all the sets of indices that we are planning to promote.
00429   // This makes it possible to limit the number of arguments added.
00430   GEPIndicesSet ToPromote;
00431 
00432   // If the pointer is always valid, any load with first index 0 is valid.
00433   if (isByValOrInAlloca || AllCallersPassInValidPointerForArgument(Arg, DL))
00434     SafeToUnconditionallyLoad.insert(IndicesVector(1, 0));
00435 
00436   // First, iterate the entry block and mark loads of (geps of) arguments as
00437   // safe.
00438   BasicBlock *EntryBlock = Arg->getParent()->begin();
00439   // Declare this here so we can reuse it
00440   IndicesVector Indices;
00441   for (BasicBlock::iterator I = EntryBlock->begin(), E = EntryBlock->end();
00442        I != E; ++I)
00443     if (LoadInst *LI = dyn_cast<LoadInst>(I)) {
00444       Value *V = LI->getPointerOperand();
00445       if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(V)) {
00446         V = GEP->getPointerOperand();
00447         if (V == Arg) {
00448           // This load actually loads (part of) Arg? Check the indices then.
00449           Indices.reserve(GEP->getNumIndices());
00450           for (User::op_iterator II = GEP->idx_begin(), IE = GEP->idx_end();
00451                II != IE; ++II)
00452             if (ConstantInt *CI = dyn_cast<ConstantInt>(*II))
00453               Indices.push_back(CI->getSExtValue());
00454             else
00455               // We found a non-constant GEP index for this argument? Bail out
00456               // right away, can't promote this argument at all.
00457               return false;
00458 
00459           // Indices checked out, mark them as safe
00460           MarkIndicesSafe(Indices, SafeToUnconditionallyLoad);
00461           Indices.clear();
00462         }
00463       } else if (V == Arg) {
00464         // Direct loads are equivalent to a GEP with a single 0 index.
00465         MarkIndicesSafe(IndicesVector(1, 0), SafeToUnconditionallyLoad);
00466       }
00467     }
00468 
00469   // Now, iterate all uses of the argument to see if there are any uses that are
00470   // not (GEP+)loads, or any (GEP+)loads that are not safe to promote.
00471   SmallVector<LoadInst*, 16> Loads;
00472   IndicesVector Operands;
00473   for (Use &U : Arg->uses()) {
00474     User *UR = U.getUser();
00475     Operands.clear();
00476     if (LoadInst *LI = dyn_cast<LoadInst>(UR)) {
00477       // Don't hack volatile/atomic loads
00478       if (!LI->isSimple()) return false;
00479       Loads.push_back(LI);
00480       // Direct loads are equivalent to a GEP with a zero index and then a load.
00481       Operands.push_back(0);
00482     } else if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(UR)) {
00483       if (GEP->use_empty()) {
00484         // Dead GEP's cause trouble later.  Just remove them if we run into
00485         // them.
00486         getAnalysis<AliasAnalysis>().deleteValue(GEP);
00487         GEP->eraseFromParent();
00488         // TODO: This runs the above loop over and over again for dead GEPs
00489         // Couldn't we just do increment the UI iterator earlier and erase the
00490         // use?
00491         return isSafeToPromoteArgument(Arg, isByValOrInAlloca);
00492       }
00493 
00494       // Ensure that all of the indices are constants.
00495       for (User::op_iterator i = GEP->idx_begin(), e = GEP->idx_end();
00496         i != e; ++i)
00497         if (ConstantInt *C = dyn_cast<ConstantInt>(*i))
00498           Operands.push_back(C->getSExtValue());
00499         else
00500           return false;  // Not a constant operand GEP!
00501 
00502       // Ensure that the only users of the GEP are load instructions.
00503       for (User *GEPU : GEP->users())
00504         if (LoadInst *LI = dyn_cast<LoadInst>(GEPU)) {
00505           // Don't hack volatile/atomic loads
00506           if (!LI->isSimple()) return false;
00507           Loads.push_back(LI);
00508         } else {
00509           // Other uses than load?
00510           return false;
00511         }
00512     } else {
00513       return false;  // Not a load or a GEP.
00514     }
00515 
00516     // Now, see if it is safe to promote this load / loads of this GEP. Loading
00517     // is safe if Operands, or a prefix of Operands, is marked as safe.
00518     if (!PrefixIn(Operands, SafeToUnconditionallyLoad))
00519       return false;
00520 
00521     // See if we are already promoting a load with these indices. If not, check
00522     // to make sure that we aren't promoting too many elements.  If so, nothing
00523     // to do.
00524     if (ToPromote.find(Operands) == ToPromote.end()) {
00525       if (maxElements > 0 && ToPromote.size() == maxElements) {
00526         DEBUG(dbgs() << "argpromotion not promoting argument '"
00527               << Arg->getName() << "' because it would require adding more "
00528               << "than " << maxElements << " arguments to the function.\n");
00529         // We limit aggregate promotion to only promoting up to a fixed number
00530         // of elements of the aggregate.
00531         return false;
00532       }
00533       ToPromote.insert(std::move(Operands));
00534     }
00535   }
00536 
00537   if (Loads.empty()) return true;  // No users, this is a dead argument.
00538 
00539   // Okay, now we know that the argument is only used by load instructions and
00540   // it is safe to unconditionally perform all of them. Use alias analysis to
00541   // check to see if the pointer is guaranteed to not be modified from entry of
00542   // the function to each of the load instructions.
00543 
00544   // Because there could be several/many load instructions, remember which
00545   // blocks we know to be transparent to the load.
00546   SmallPtrSet<BasicBlock*, 16> TranspBlocks;
00547 
00548   AliasAnalysis &AA = getAnalysis<AliasAnalysis>();
00549 
00550   for (unsigned i = 0, e = Loads.size(); i != e; ++i) {
00551     // Check to see if the load is invalidated from the start of the block to
00552     // the load itself.
00553     LoadInst *Load = Loads[i];
00554     BasicBlock *BB = Load->getParent();
00555 
00556     AliasAnalysis::Location Loc = AA.getLocation(Load);
00557     if (AA.canInstructionRangeModRef(BB->front(), *Load, Loc,
00558         AliasAnalysis::Mod))
00559       return false;  // Pointer is invalidated!
00560 
00561     // Now check every path from the entry block to the load for transparency.
00562     // To do this, we perform a depth first search on the inverse CFG from the
00563     // loading block.
00564     for (pred_iterator PI = pred_begin(BB), E = pred_end(BB); PI != E; ++PI) {
00565       BasicBlock *P = *PI;
00566       for (BasicBlock *TranspBB : inverse_depth_first_ext(P, TranspBlocks))
00567         if (AA.canBasicBlockModify(*TranspBB, Loc))
00568           return false;
00569     }
00570   }
00571 
00572   // If the path from the entry of the function to each load is free of
00573   // instructions that potentially invalidate the load, we can make the
00574   // transformation!
00575   return true;
00576 }
00577 
00578 /// DoPromotion - This method actually performs the promotion of the specified
00579 /// arguments, and returns the new function.  At this point, we know that it's
00580 /// safe to do so.
00581 CallGraphNode *ArgPromotion::DoPromotion(Function *F,
00582                              SmallPtrSetImpl<Argument*> &ArgsToPromote,
00583                              SmallPtrSetImpl<Argument*> &ByValArgsToTransform) {
00584 
00585   // Start by computing a new prototype for the function, which is the same as
00586   // the old function, but has modified arguments.
00587   FunctionType *FTy = F->getFunctionType();
00588   std::vector<Type*> Params;
00589 
00590   typedef std::set<IndicesVector> ScalarizeTable;
00591 
00592   // ScalarizedElements - If we are promoting a pointer that has elements
00593   // accessed out of it, keep track of which elements are accessed so that we
00594   // can add one argument for each.
00595   //
00596   // Arguments that are directly loaded will have a zero element value here, to
00597   // handle cases where there are both a direct load and GEP accesses.
00598   //
00599   std::map<Argument*, ScalarizeTable> ScalarizedElements;
00600 
00601   // OriginalLoads - Keep track of a representative load instruction from the
00602   // original function so that we can tell the alias analysis implementation
00603   // what the new GEP/Load instructions we are inserting look like.
00604   // We need to keep the original loads for each argument and the elements
00605   // of the argument that are accessed.
00606   std::map<std::pair<Argument*, IndicesVector>, LoadInst*> OriginalLoads;
00607 
00608   // Attribute - Keep track of the parameter attributes for the arguments
00609   // that we are *not* promoting. For the ones that we do promote, the parameter
00610   // attributes are lost
00611   SmallVector<AttributeSet, 8> AttributesVec;
00612   const AttributeSet &PAL = F->getAttributes();
00613 
00614   // Add any return attributes.
00615   if (PAL.hasAttributes(AttributeSet::ReturnIndex))
00616     AttributesVec.push_back(AttributeSet::get(F->getContext(),
00617                                               PAL.getRetAttributes()));
00618 
00619   // First, determine the new argument list
00620   unsigned ArgIndex = 1;
00621   for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end(); I != E;
00622        ++I, ++ArgIndex) {
00623     if (ByValArgsToTransform.count(I)) {
00624       // Simple byval argument? Just add all the struct element types.
00625       Type *AgTy = cast<PointerType>(I->getType())->getElementType();
00626       StructType *STy = cast<StructType>(AgTy);
00627       for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i)
00628         Params.push_back(STy->getElementType(i));
00629       ++NumByValArgsPromoted;
00630     } else if (!ArgsToPromote.count(I)) {
00631       // Unchanged argument
00632       Params.push_back(I->getType());
00633       AttributeSet attrs = PAL.getParamAttributes(ArgIndex);
00634       if (attrs.hasAttributes(ArgIndex)) {
00635         AttrBuilder B(attrs, ArgIndex);
00636         AttributesVec.
00637           push_back(AttributeSet::get(F->getContext(), Params.size(), B));
00638       }
00639     } else if (I->use_empty()) {
00640       // Dead argument (which are always marked as promotable)
00641       ++NumArgumentsDead;
00642     } else {
00643       // Okay, this is being promoted. This means that the only uses are loads
00644       // or GEPs which are only used by loads
00645 
00646       // In this table, we will track which indices are loaded from the argument
00647       // (where direct loads are tracked as no indices).
00648       ScalarizeTable &ArgIndices = ScalarizedElements[I];
00649       for (User *U : I->users()) {
00650         Instruction *UI = cast<Instruction>(U);
00651         assert(isa<LoadInst>(UI) || isa<GetElementPtrInst>(UI));
00652         IndicesVector Indices;
00653         Indices.reserve(UI->getNumOperands() - 1);
00654         // Since loads will only have a single operand, and GEPs only a single
00655         // non-index operand, this will record direct loads without any indices,
00656         // and gep+loads with the GEP indices.
00657         for (User::op_iterator II = UI->op_begin() + 1, IE = UI->op_end();
00658              II != IE; ++II)
00659           Indices.push_back(cast<ConstantInt>(*II)->getSExtValue());
00660         // GEPs with a single 0 index can be merged with direct loads
00661         if (Indices.size() == 1 && Indices.front() == 0)
00662           Indices.clear();
00663         ArgIndices.insert(Indices);
00664         LoadInst *OrigLoad;
00665         if (LoadInst *L = dyn_cast<LoadInst>(UI))
00666           OrigLoad = L;
00667         else
00668           // Take any load, we will use it only to update Alias Analysis
00669           OrigLoad = cast<LoadInst>(UI->user_back());
00670         OriginalLoads[std::make_pair(I, Indices)] = OrigLoad;
00671       }
00672 
00673       // Add a parameter to the function for each element passed in.
00674       for (ScalarizeTable::iterator SI = ArgIndices.begin(),
00675              E = ArgIndices.end(); SI != E; ++SI) {
00676         // not allowed to dereference ->begin() if size() is 0
00677         Params.push_back(GetElementPtrInst::getIndexedType(I->getType(), *SI));
00678         assert(Params.back());
00679       }
00680 
00681       if (ArgIndices.size() == 1 && ArgIndices.begin()->empty())
00682         ++NumArgumentsPromoted;
00683       else
00684         ++NumAggregatesPromoted;
00685     }
00686   }
00687 
00688   // Add any function attributes.
00689   if (PAL.hasAttributes(AttributeSet::FunctionIndex))
00690     AttributesVec.push_back(AttributeSet::get(FTy->getContext(),
00691                                               PAL.getFnAttributes()));
00692 
00693   Type *RetTy = FTy->getReturnType();
00694 
00695   // Construct the new function type using the new arguments.
00696   FunctionType *NFTy = FunctionType::get(RetTy, Params, FTy->isVarArg());
00697 
00698   // Create the new function body and insert it into the module.
00699   Function *NF = Function::Create(NFTy, F->getLinkage(), F->getName());
00700   NF->copyAttributesFrom(F);
00701 
00702   // Patch the pointer to LLVM function in debug info descriptor.
00703   auto DI = FunctionDIs.find(F);
00704   if (DI != FunctionDIs.end()) {
00705     DISubprogram SP = DI->second;
00706     SP.replaceFunction(NF);
00707     // Ensure the map is updated so it can be reused on subsequent argument
00708     // promotions of the same function.
00709     FunctionDIs.erase(DI);
00710     FunctionDIs[NF] = SP;
00711   }
00712 
00713   DEBUG(dbgs() << "ARG PROMOTION:  Promoting to:" << *NF << "\n"
00714         << "From: " << *F);
00715   
00716   // Recompute the parameter attributes list based on the new arguments for
00717   // the function.
00718   NF->setAttributes(AttributeSet::get(F->getContext(), AttributesVec));
00719   AttributesVec.clear();
00720 
00721   F->getParent()->getFunctionList().insert(F, NF);
00722   NF->takeName(F);
00723 
00724   // Get the alias analysis information that we need to update to reflect our
00725   // changes.
00726   AliasAnalysis &AA = getAnalysis<AliasAnalysis>();
00727 
00728   // Get the callgraph information that we need to update to reflect our
00729   // changes.
00730   CallGraph &CG = getAnalysis<CallGraphWrapperPass>().getCallGraph();
00731 
00732   // Get a new callgraph node for NF.
00733   CallGraphNode *NF_CGN = CG.getOrInsertFunction(NF);
00734 
00735   // Loop over all of the callers of the function, transforming the call sites
00736   // to pass in the loaded pointers.
00737   //
00738   SmallVector<Value*, 16> Args;
00739   while (!F->use_empty()) {
00740     CallSite CS(F->user_back());
00741     assert(CS.getCalledFunction() == F);
00742     Instruction *Call = CS.getInstruction();
00743     const AttributeSet &CallPAL = CS.getAttributes();
00744 
00745     // Add any return attributes.
00746     if (CallPAL.hasAttributes(AttributeSet::ReturnIndex))
00747       AttributesVec.push_back(AttributeSet::get(F->getContext(),
00748                                                 CallPAL.getRetAttributes()));
00749 
00750     // Loop over the operands, inserting GEP and loads in the caller as
00751     // appropriate.
00752     CallSite::arg_iterator AI = CS.arg_begin();
00753     ArgIndex = 1;
00754     for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end();
00755          I != E; ++I, ++AI, ++ArgIndex)
00756       if (!ArgsToPromote.count(I) && !ByValArgsToTransform.count(I)) {
00757         Args.push_back(*AI);          // Unmodified argument
00758 
00759         if (CallPAL.hasAttributes(ArgIndex)) {
00760           AttrBuilder B(CallPAL, ArgIndex);
00761           AttributesVec.
00762             push_back(AttributeSet::get(F->getContext(), Args.size(), B));
00763         }
00764       } else if (ByValArgsToTransform.count(I)) {
00765         // Emit a GEP and load for each element of the struct.
00766         Type *AgTy = cast<PointerType>(I->getType())->getElementType();
00767         StructType *STy = cast<StructType>(AgTy);
00768         Value *Idxs[2] = {
00769               ConstantInt::get(Type::getInt32Ty(F->getContext()), 0), nullptr };
00770         for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00771           Idxs[1] = ConstantInt::get(Type::getInt32Ty(F->getContext()), i);
00772           Value *Idx = GetElementPtrInst::Create(*AI, Idxs,
00773                                                  (*AI)->getName()+"."+utostr(i),
00774                                                  Call);
00775           // TODO: Tell AA about the new values?
00776           Args.push_back(new LoadInst(Idx, Idx->getName()+".val", Call));
00777         }
00778       } else if (!I->use_empty()) {
00779         // Non-dead argument: insert GEPs and loads as appropriate.
00780         ScalarizeTable &ArgIndices = ScalarizedElements[I];
00781         // Store the Value* version of the indices in here, but declare it now
00782         // for reuse.
00783         std::vector<Value*> Ops;
00784         for (ScalarizeTable::iterator SI = ArgIndices.begin(),
00785                E = ArgIndices.end(); SI != E; ++SI) {
00786           Value *V = *AI;
00787           LoadInst *OrigLoad = OriginalLoads[std::make_pair(I, *SI)];
00788           if (!SI->empty()) {
00789             Ops.reserve(SI->size());
00790             Type *ElTy = V->getType();
00791             for (IndicesVector::const_iterator II = SI->begin(),
00792                  IE = SI->end(); II != IE; ++II) {
00793               // Use i32 to index structs, and i64 for others (pointers/arrays).
00794               // This satisfies GEP constraints.
00795               Type *IdxTy = (ElTy->isStructTy() ?
00796                     Type::getInt32Ty(F->getContext()) : 
00797                     Type::getInt64Ty(F->getContext()));
00798               Ops.push_back(ConstantInt::get(IdxTy, *II));
00799               // Keep track of the type we're currently indexing.
00800               ElTy = cast<CompositeType>(ElTy)->getTypeAtIndex(*II);
00801             }
00802             // And create a GEP to extract those indices.
00803             V = GetElementPtrInst::Create(V, Ops, V->getName()+".idx", Call);
00804             Ops.clear();
00805             AA.copyValue(OrigLoad->getOperand(0), V);
00806           }
00807           // Since we're replacing a load make sure we take the alignment
00808           // of the previous load.
00809           LoadInst *newLoad = new LoadInst(V, V->getName()+".val", Call);
00810           newLoad->setAlignment(OrigLoad->getAlignment());
00811           // Transfer the AA info too.
00812           AAMDNodes AAInfo;
00813           OrigLoad->getAAMetadata(AAInfo);
00814           newLoad->setAAMetadata(AAInfo);
00815 
00816           Args.push_back(newLoad);
00817           AA.copyValue(OrigLoad, Args.back());
00818         }
00819       }
00820 
00821     // Push any varargs arguments on the list.
00822     for (; AI != CS.arg_end(); ++AI, ++ArgIndex) {
00823       Args.push_back(*AI);
00824       if (CallPAL.hasAttributes(ArgIndex)) {
00825         AttrBuilder B(CallPAL, ArgIndex);
00826         AttributesVec.
00827           push_back(AttributeSet::get(F->getContext(), Args.size(), B));
00828       }
00829     }
00830 
00831     // Add any function attributes.
00832     if (CallPAL.hasAttributes(AttributeSet::FunctionIndex))
00833       AttributesVec.push_back(AttributeSet::get(Call->getContext(),
00834                                                 CallPAL.getFnAttributes()));
00835 
00836     Instruction *New;
00837     if (InvokeInst *II = dyn_cast<InvokeInst>(Call)) {
00838       New = InvokeInst::Create(NF, II->getNormalDest(), II->getUnwindDest(),
00839                                Args, "", Call);
00840       cast<InvokeInst>(New)->setCallingConv(CS.getCallingConv());
00841       cast<InvokeInst>(New)->setAttributes(AttributeSet::get(II->getContext(),
00842                                                             AttributesVec));
00843     } else {
00844       New = CallInst::Create(NF, Args, "", Call);
00845       cast<CallInst>(New)->setCallingConv(CS.getCallingConv());
00846       cast<CallInst>(New)->setAttributes(AttributeSet::get(New->getContext(),
00847                                                           AttributesVec));
00848       if (cast<CallInst>(Call)->isTailCall())
00849         cast<CallInst>(New)->setTailCall();
00850     }
00851     New->setDebugLoc(Call->getDebugLoc());
00852     Args.clear();
00853     AttributesVec.clear();
00854 
00855     // Update the alias analysis implementation to know that we are replacing
00856     // the old call with a new one.
00857     AA.replaceWithNewValue(Call, New);
00858 
00859     // Update the callgraph to know that the callsite has been transformed.
00860     CallGraphNode *CalleeNode = CG[Call->getParent()->getParent()];
00861     CalleeNode->replaceCallEdge(Call, New, NF_CGN);
00862 
00863     if (!Call->use_empty()) {
00864       Call->replaceAllUsesWith(New);
00865       New->takeName(Call);
00866     }
00867 
00868     // Finally, remove the old call from the program, reducing the use-count of
00869     // F.
00870     Call->eraseFromParent();
00871   }
00872 
00873   // Since we have now created the new function, splice the body of the old
00874   // function right into the new function, leaving the old rotting hulk of the
00875   // function empty.
00876   NF->getBasicBlockList().splice(NF->begin(), F->getBasicBlockList());
00877 
00878   // Loop over the argument list, transferring uses of the old arguments over to
00879   // the new arguments, also transferring over the names as well.
00880   //
00881   for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end(),
00882        I2 = NF->arg_begin(); I != E; ++I) {
00883     if (!ArgsToPromote.count(I) && !ByValArgsToTransform.count(I)) {
00884       // If this is an unmodified argument, move the name and users over to the
00885       // new version.
00886       I->replaceAllUsesWith(I2);
00887       I2->takeName(I);
00888       AA.replaceWithNewValue(I, I2);
00889       ++I2;
00890       continue;
00891     }
00892 
00893     if (ByValArgsToTransform.count(I)) {
00894       // In the callee, we create an alloca, and store each of the new incoming
00895       // arguments into the alloca.
00896       Instruction *InsertPt = NF->begin()->begin();
00897 
00898       // Just add all the struct element types.
00899       Type *AgTy = cast<PointerType>(I->getType())->getElementType();
00900       Value *TheAlloca = new AllocaInst(AgTy, nullptr, "", InsertPt);
00901       StructType *STy = cast<StructType>(AgTy);
00902       Value *Idxs[2] = {
00903             ConstantInt::get(Type::getInt32Ty(F->getContext()), 0), nullptr };
00904 
00905       for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00906         Idxs[1] = ConstantInt::get(Type::getInt32Ty(F->getContext()), i);
00907         Value *Idx = 
00908           GetElementPtrInst::Create(TheAlloca, Idxs,
00909                                     TheAlloca->getName()+"."+Twine(i), 
00910                                     InsertPt);
00911         I2->setName(I->getName()+"."+Twine(i));
00912         new StoreInst(I2++, Idx, InsertPt);
00913       }
00914 
00915       // Anything that used the arg should now use the alloca.
00916       I->replaceAllUsesWith(TheAlloca);
00917       TheAlloca->takeName(I);
00918       AA.replaceWithNewValue(I, TheAlloca);
00919 
00920       // If the alloca is used in a call, we must clear the tail flag since
00921       // the callee now uses an alloca from the caller.
00922       for (User *U : TheAlloca->users()) {
00923         CallInst *Call = dyn_cast<CallInst>(U);
00924         if (!Call)
00925           continue;
00926         Call->setTailCall(false);
00927       }
00928       continue;
00929     }
00930 
00931     if (I->use_empty()) {
00932       AA.deleteValue(I);
00933       continue;
00934     }
00935 
00936     // Otherwise, if we promoted this argument, then all users are load
00937     // instructions (or GEPs with only load users), and all loads should be
00938     // using the new argument that we added.
00939     ScalarizeTable &ArgIndices = ScalarizedElements[I];
00940 
00941     while (!I->use_empty()) {
00942       if (LoadInst *LI = dyn_cast<LoadInst>(I->user_back())) {
00943         assert(ArgIndices.begin()->empty() &&
00944                "Load element should sort to front!");
00945         I2->setName(I->getName()+".val");
00946         LI->replaceAllUsesWith(I2);
00947         AA.replaceWithNewValue(LI, I2);
00948         LI->eraseFromParent();
00949         DEBUG(dbgs() << "*** Promoted load of argument '" << I->getName()
00950               << "' in function '" << F->getName() << "'\n");
00951       } else {
00952         GetElementPtrInst *GEP = cast<GetElementPtrInst>(I->user_back());
00953         IndicesVector Operands;
00954         Operands.reserve(GEP->getNumIndices());
00955         for (User::op_iterator II = GEP->idx_begin(), IE = GEP->idx_end();
00956              II != IE; ++II)
00957           Operands.push_back(cast<ConstantInt>(*II)->getSExtValue());
00958 
00959         // GEPs with a single 0 index can be merged with direct loads
00960         if (Operands.size() == 1 && Operands.front() == 0)
00961           Operands.clear();
00962 
00963         Function::arg_iterator TheArg = I2;
00964         for (ScalarizeTable::iterator It = ArgIndices.begin();
00965              *It != Operands; ++It, ++TheArg) {
00966           assert(It != ArgIndices.end() && "GEP not handled??");
00967         }
00968 
00969         std::string NewName = I->getName();
00970         for (unsigned i = 0, e = Operands.size(); i != e; ++i) {
00971             NewName += "." + utostr(Operands[i]);
00972         }
00973         NewName += ".val";
00974         TheArg->setName(NewName);
00975 
00976         DEBUG(dbgs() << "*** Promoted agg argument '" << TheArg->getName()
00977               << "' of function '" << NF->getName() << "'\n");
00978 
00979         // All of the uses must be load instructions.  Replace them all with
00980         // the argument specified by ArgNo.
00981         while (!GEP->use_empty()) {
00982           LoadInst *L = cast<LoadInst>(GEP->user_back());
00983           L->replaceAllUsesWith(TheArg);
00984           AA.replaceWithNewValue(L, TheArg);
00985           L->eraseFromParent();
00986         }
00987         AA.deleteValue(GEP);
00988         GEP->eraseFromParent();
00989       }
00990     }
00991 
00992     // Increment I2 past all of the arguments added for this promoted pointer.
00993     std::advance(I2, ArgIndices.size());
00994   }
00995 
00996   // Tell the alias analysis that the old function is about to disappear.
00997   AA.replaceWithNewValue(F, NF);
00998 
00999   
01000   NF_CGN->stealCalledFunctionsFrom(CG[F]);
01001   
01002   // Now that the old function is dead, delete it.  If there is a dangling
01003   // reference to the CallgraphNode, just leave the dead function around for
01004   // someone else to nuke.
01005   CallGraphNode *CGN = CG[F];
01006   if (CGN->getNumReferences() == 0)
01007     delete CG.removeFunctionFromModule(CGN);
01008   else
01009     F->setLinkage(Function::ExternalLinkage);
01010   
01011   return NF_CGN;
01012 }
01013 
01014 bool ArgPromotion::doInitialization(CallGraph &CG) {
01015   FunctionDIs = makeSubprogramMap(CG.getModule());
01016   return CallGraphSCCPass::doInitialization(CG);
01017 }