LLVM API Documentation

ArgumentPromotion.cpp
Go to the documentation of this file.
00001 //===-- ArgumentPromotion.cpp - Promote by-reference arguments ------------===//
00002 //
00003 //                     The LLVM Compiler Infrastructure
00004 //
00005 // This file is distributed under the University of Illinois Open Source
00006 // License. See LICENSE.TXT for details.
00007 //
00008 //===----------------------------------------------------------------------===//
00009 //
00010 // This pass promotes "by reference" arguments to be "by value" arguments.  In
00011 // practice, this means looking for internal functions that have pointer
00012 // arguments.  If it can prove, through the use of alias analysis, that an
00013 // argument is *only* loaded, then it can pass the value into the function
00014 // instead of the address of the value.  This can cause recursive simplification
00015 // of code and lead to the elimination of allocas (especially in C++ template
00016 // code like the STL).
00017 //
00018 // This pass also handles aggregate arguments that are passed into a function,
00019 // scalarizing them if the elements of the aggregate are only loaded.  Note that
00020 // by default it refuses to scalarize aggregates which would require passing in
00021 // more than three operands to the function, because passing thousands of
00022 // operands for a large array or structure is unprofitable! This limit can be
00023 // configured or disabled, however.
00024 //
00025 // Note that this transformation could also be done for arguments that are only
00026 // stored to (returning the value instead), but does not currently.  This case
00027 // would be best handled when and if LLVM begins supporting multiple return
00028 // values from functions.
00029 //
00030 //===----------------------------------------------------------------------===//
00031 
00032 #include "llvm/Transforms/IPO.h"
00033 #include "llvm/ADT/DepthFirstIterator.h"
00034 #include "llvm/ADT/Statistic.h"
00035 #include "llvm/ADT/StringExtras.h"
00036 #include "llvm/Analysis/AliasAnalysis.h"
00037 #include "llvm/Analysis/CallGraph.h"
00038 #include "llvm/Analysis/CallGraphSCCPass.h"
00039 #include "llvm/IR/CFG.h"
00040 #include "llvm/IR/CallSite.h"
00041 #include "llvm/IR/Constants.h"
00042 #include "llvm/IR/DataLayout.h"
00043 #include "llvm/IR/DebugInfo.h"
00044 #include "llvm/IR/DerivedTypes.h"
00045 #include "llvm/IR/Instructions.h"
00046 #include "llvm/IR/LLVMContext.h"
00047 #include "llvm/IR/Module.h"
00048 #include "llvm/Support/Debug.h"
00049 #include "llvm/Support/raw_ostream.h"
00050 #include <set>
00051 using namespace llvm;
00052 
00053 #define DEBUG_TYPE "argpromotion"
00054 
00055 STATISTIC(NumArgumentsPromoted , "Number of pointer arguments promoted");
00056 STATISTIC(NumAggregatesPromoted, "Number of aggregate arguments promoted");
00057 STATISTIC(NumByValArgsPromoted , "Number of byval arguments promoted");
00058 STATISTIC(NumArgumentsDead     , "Number of dead pointer args eliminated");
00059 
00060 namespace {
00061   /// ArgPromotion - The 'by reference' to 'by value' argument promotion pass.
00062   ///
00063   struct ArgPromotion : public CallGraphSCCPass {
00064     void getAnalysisUsage(AnalysisUsage &AU) const override {
00065       AU.addRequired<AliasAnalysis>();
00066       CallGraphSCCPass::getAnalysisUsage(AU);
00067     }
00068 
00069     bool runOnSCC(CallGraphSCC &SCC) override;
00070     static char ID; // Pass identification, replacement for typeid
00071     explicit ArgPromotion(unsigned maxElements = 3)
00072         : CallGraphSCCPass(ID), DL(nullptr), maxElements(maxElements) {
00073       initializeArgPromotionPass(*PassRegistry::getPassRegistry());
00074     }
00075 
00076     /// A vector used to hold the indices of a single GEP instruction
00077     typedef std::vector<uint64_t> IndicesVector;
00078 
00079     const DataLayout *DL;
00080   private:
00081     bool isDenselyPacked(Type *type);
00082     bool canPaddingBeAccessed(Argument *Arg);
00083     CallGraphNode *PromoteArguments(CallGraphNode *CGN);
00084     bool isSafeToPromoteArgument(Argument *Arg, bool isByVal) const;
00085     CallGraphNode *DoPromotion(Function *F,
00086                               SmallPtrSetImpl<Argument*> &ArgsToPromote,
00087                               SmallPtrSetImpl<Argument*> &ByValArgsToTransform);
00088     
00089     using llvm::Pass::doInitialization;
00090     bool doInitialization(CallGraph &CG) override;
00091     /// The maximum number of elements to expand, or 0 for unlimited.
00092     unsigned maxElements;
00093     DenseMap<const Function *, DISubprogram> FunctionDIs;
00094   };
00095 }
00096 
00097 char ArgPromotion::ID = 0;
00098 INITIALIZE_PASS_BEGIN(ArgPromotion, "argpromotion",
00099                 "Promote 'by reference' arguments to scalars", false, false)
00100 INITIALIZE_AG_DEPENDENCY(AliasAnalysis)
00101 INITIALIZE_PASS_DEPENDENCY(CallGraphWrapperPass)
00102 INITIALIZE_PASS_END(ArgPromotion, "argpromotion",
00103                 "Promote 'by reference' arguments to scalars", false, false)
00104 
00105 Pass *llvm::createArgumentPromotionPass(unsigned maxElements) {
00106   return new ArgPromotion(maxElements);
00107 }
00108 
00109 bool ArgPromotion::runOnSCC(CallGraphSCC &SCC) {
00110   bool Changed = false, LocalChange;
00111 
00112   DataLayoutPass *DLP = getAnalysisIfAvailable<DataLayoutPass>();
00113   DL = DLP ? &DLP->getDataLayout() : nullptr;
00114 
00115   do {  // Iterate until we stop promoting from this SCC.
00116     LocalChange = false;
00117     // Attempt to promote arguments from all functions in this SCC.
00118     for (CallGraphSCC::iterator I = SCC.begin(), E = SCC.end(); I != E; ++I) {
00119       if (CallGraphNode *CGN = PromoteArguments(*I)) {
00120         LocalChange = true;
00121         SCC.ReplaceNode(*I, CGN);
00122       }
00123     }
00124     Changed |= LocalChange;               // Remember that we changed something.
00125   } while (LocalChange);
00126   
00127   return Changed;
00128 }
00129 
00130 /// \brief Checks if a type could have padding bytes.
00131 bool ArgPromotion::isDenselyPacked(Type *type) {
00132 
00133   // There is no size information, so be conservative.
00134   if (!type->isSized())
00135     return false;
00136 
00137   // If the alloc size is not equal to the storage size, then there are padding
00138   // bytes. For x86_fp80 on x86-64, size: 80 alloc size: 128.
00139   if (!DL || DL->getTypeSizeInBits(type) != DL->getTypeAllocSizeInBits(type))
00140     return false;
00141 
00142   if (!isa<CompositeType>(type))
00143     return true;
00144 
00145   // For homogenous sequential types, check for padding within members.
00146   if (SequentialType *seqTy = dyn_cast<SequentialType>(type))
00147     return isa<PointerType>(seqTy) || isDenselyPacked(seqTy->getElementType());
00148 
00149   // Check for padding within and between elements of a struct.
00150   StructType *StructTy = cast<StructType>(type);
00151   const StructLayout *Layout = DL->getStructLayout(StructTy);
00152   uint64_t StartPos = 0;
00153   for (unsigned i = 0, E = StructTy->getNumElements(); i < E; ++i) {
00154     Type *ElTy = StructTy->getElementType(i);
00155     if (!isDenselyPacked(ElTy))
00156       return false;
00157     if (StartPos != Layout->getElementOffsetInBits(i))
00158       return false;
00159     StartPos += DL->getTypeAllocSizeInBits(ElTy);
00160   }
00161 
00162   return true;
00163 }
00164 
00165 /// \brief Checks if the padding bytes of an argument could be accessed.
00166 bool ArgPromotion::canPaddingBeAccessed(Argument *arg) {
00167 
00168   assert(arg->hasByValAttr());
00169 
00170   // Track all the pointers to the argument to make sure they are not captured.
00171   SmallPtrSet<Value *, 16> PtrValues;
00172   PtrValues.insert(arg);
00173 
00174   // Track all of the stores.
00175   SmallVector<StoreInst *, 16> Stores;
00176 
00177   // Scan through the uses recursively to make sure the pointer is always used
00178   // sanely.
00179   SmallVector<Value *, 16> WorkList;
00180   WorkList.insert(WorkList.end(), arg->user_begin(), arg->user_end());
00181   while (!WorkList.empty()) {
00182     Value *V = WorkList.back();
00183     WorkList.pop_back();
00184     if (isa<GetElementPtrInst>(V) || isa<PHINode>(V)) {
00185       if (PtrValues.insert(V).second)
00186         WorkList.insert(WorkList.end(), V->user_begin(), V->user_end());
00187     } else if (StoreInst *Store = dyn_cast<StoreInst>(V)) {
00188       Stores.push_back(Store);
00189     } else if (!isa<LoadInst>(V)) {
00190       return true;
00191     }
00192   }
00193 
00194 // Check to make sure the pointers aren't captured
00195   for (StoreInst *Store : Stores)
00196     if (PtrValues.count(Store->getValueOperand()))
00197       return true;
00198 
00199   return false;
00200 }
00201 
00202 /// PromoteArguments - This method checks the specified function to see if there
00203 /// are any promotable arguments and if it is safe to promote the function (for
00204 /// example, all callers are direct).  If safe to promote some arguments, it
00205 /// calls the DoPromotion method.
00206 ///
00207 CallGraphNode *ArgPromotion::PromoteArguments(CallGraphNode *CGN) {
00208   Function *F = CGN->getFunction();
00209 
00210   // Make sure that it is local to this module.
00211   if (!F || !F->hasLocalLinkage()) return nullptr;
00212 
00213   // First check: see if there are any pointer arguments!  If not, quick exit.
00214   SmallVector<Argument*, 16> PointerArgs;
00215   for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end(); I != E; ++I)
00216     if (I->getType()->isPointerTy())
00217       PointerArgs.push_back(I);
00218   if (PointerArgs.empty()) return nullptr;
00219 
00220   // Second check: make sure that all callers are direct callers.  We can't
00221   // transform functions that have indirect callers.  Also see if the function
00222   // is self-recursive.
00223   bool isSelfRecursive = false;
00224   for (Use &U : F->uses()) {
00225     CallSite CS(U.getUser());
00226     // Must be a direct call.
00227     if (CS.getInstruction() == nullptr || !CS.isCallee(&U)) return nullptr;
00228     
00229     if (CS.getInstruction()->getParent()->getParent() == F)
00230       isSelfRecursive = true;
00231   }
00232   
00233   // Don't promote arguments for variadic functions. Adding, removing, or
00234   // changing non-pack parameters can change the classification of pack
00235   // parameters. Frontends encode that classification at the call site in the
00236   // IR, while in the callee the classification is determined dynamically based
00237   // on the number of registers consumed so far.
00238   if (F->isVarArg()) return nullptr;
00239 
00240   // Check to see which arguments are promotable.  If an argument is promotable,
00241   // add it to ArgsToPromote.
00242   SmallPtrSet<Argument*, 8> ArgsToPromote;
00243   SmallPtrSet<Argument*, 8> ByValArgsToTransform;
00244   for (unsigned i = 0, e = PointerArgs.size(); i != e; ++i) {
00245     Argument *PtrArg = PointerArgs[i];
00246     Type *AgTy = cast<PointerType>(PtrArg->getType())->getElementType();
00247 
00248     // If this is a byval argument, and if the aggregate type is small, just
00249     // pass the elements, which is always safe, if the passed value is densely
00250     // packed or if we can prove the padding bytes are never accessed. This does
00251     // not apply to inalloca.
00252     bool isSafeToPromote =
00253       PtrArg->hasByValAttr() &&
00254       (isDenselyPacked(AgTy) || !canPaddingBeAccessed(PtrArg));
00255     if (isSafeToPromote) {
00256       if (StructType *STy = dyn_cast<StructType>(AgTy)) {
00257         if (maxElements > 0 && STy->getNumElements() > maxElements) {
00258           DEBUG(dbgs() << "argpromotion disable promoting argument '"
00259                 << PtrArg->getName() << "' because it would require adding more"
00260                 << " than " << maxElements << " arguments to the function.\n");
00261           continue;
00262         }
00263         
00264         // If all the elements are single-value types, we can promote it.
00265         bool AllSimple = true;
00266         for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00267           if (!STy->getElementType(i)->isSingleValueType()) {
00268             AllSimple = false;
00269             break;
00270           }
00271         }
00272 
00273         // Safe to transform, don't even bother trying to "promote" it.
00274         // Passing the elements as a scalar will allow scalarrepl to hack on
00275         // the new alloca we introduce.
00276         if (AllSimple) {
00277           ByValArgsToTransform.insert(PtrArg);
00278           continue;
00279         }
00280       }
00281     }
00282 
00283     // If the argument is a recursive type and we're in a recursive
00284     // function, we could end up infinitely peeling the function argument.
00285     if (isSelfRecursive) {
00286       if (StructType *STy = dyn_cast<StructType>(AgTy)) {
00287         bool RecursiveType = false;
00288         for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00289           if (STy->getElementType(i) == PtrArg->getType()) {
00290             RecursiveType = true;
00291             break;
00292           }
00293         }
00294         if (RecursiveType)
00295           continue;
00296       }
00297     }
00298     
00299     // Otherwise, see if we can promote the pointer to its value.
00300     if (isSafeToPromoteArgument(PtrArg, PtrArg->hasByValOrInAllocaAttr()))
00301       ArgsToPromote.insert(PtrArg);
00302   }
00303 
00304   // No promotable pointer arguments.
00305   if (ArgsToPromote.empty() && ByValArgsToTransform.empty()) 
00306     return nullptr;
00307 
00308   return DoPromotion(F, ArgsToPromote, ByValArgsToTransform);
00309 }
00310 
00311 /// AllCallersPassInValidPointerForArgument - Return true if we can prove that
00312 /// all callees pass in a valid pointer for the specified function argument.
00313 static bool AllCallersPassInValidPointerForArgument(Argument *Arg,
00314                                                     const DataLayout *DL) {
00315   Function *Callee = Arg->getParent();
00316 
00317   unsigned ArgNo = Arg->getArgNo();
00318 
00319   // Look at all call sites of the function.  At this pointer we know we only
00320   // have direct callees.
00321   for (User *U : Callee->users()) {
00322     CallSite CS(U);
00323     assert(CS && "Should only have direct calls!");
00324 
00325     if (!CS.getArgument(ArgNo)->isDereferenceablePointer(DL))
00326       return false;
00327   }
00328   return true;
00329 }
00330 
00331 /// Returns true if Prefix is a prefix of longer. That means, Longer has a size
00332 /// that is greater than or equal to the size of prefix, and each of the
00333 /// elements in Prefix is the same as the corresponding elements in Longer.
00334 ///
00335 /// This means it also returns true when Prefix and Longer are equal!
00336 static bool IsPrefix(const ArgPromotion::IndicesVector &Prefix,
00337                      const ArgPromotion::IndicesVector &Longer) {
00338   if (Prefix.size() > Longer.size())
00339     return false;
00340   return std::equal(Prefix.begin(), Prefix.end(), Longer.begin());
00341 }
00342 
00343 
00344 /// Checks if Indices, or a prefix of Indices, is in Set.
00345 static bool PrefixIn(const ArgPromotion::IndicesVector &Indices,
00346                      std::set<ArgPromotion::IndicesVector> &Set) {
00347     std::set<ArgPromotion::IndicesVector>::iterator Low;
00348     Low = Set.upper_bound(Indices);
00349     if (Low != Set.begin())
00350       Low--;
00351     // Low is now the last element smaller than or equal to Indices. This means
00352     // it points to a prefix of Indices (possibly Indices itself), if such
00353     // prefix exists.
00354     //
00355     // This load is safe if any prefix of its operands is safe to load.
00356     return Low != Set.end() && IsPrefix(*Low, Indices);
00357 }
00358 
00359 /// Mark the given indices (ToMark) as safe in the given set of indices
00360 /// (Safe). Marking safe usually means adding ToMark to Safe. However, if there
00361 /// is already a prefix of Indices in Safe, Indices are implicitely marked safe
00362 /// already. Furthermore, any indices that Indices is itself a prefix of, are
00363 /// removed from Safe (since they are implicitely safe because of Indices now).
00364 static void MarkIndicesSafe(const ArgPromotion::IndicesVector &ToMark,
00365                             std::set<ArgPromotion::IndicesVector> &Safe) {
00366   std::set<ArgPromotion::IndicesVector>::iterator Low;
00367   Low = Safe.upper_bound(ToMark);
00368   // Guard against the case where Safe is empty
00369   if (Low != Safe.begin())
00370     Low--;
00371   // Low is now the last element smaller than or equal to Indices. This
00372   // means it points to a prefix of Indices (possibly Indices itself), if
00373   // such prefix exists.
00374   if (Low != Safe.end()) {
00375     if (IsPrefix(*Low, ToMark))
00376       // If there is already a prefix of these indices (or exactly these
00377       // indices) marked a safe, don't bother adding these indices
00378       return;
00379 
00380     // Increment Low, so we can use it as a "insert before" hint
00381     ++Low;
00382   }
00383   // Insert
00384   Low = Safe.insert(Low, ToMark);
00385   ++Low;
00386   // If there we're a prefix of longer index list(s), remove those
00387   std::set<ArgPromotion::IndicesVector>::iterator End = Safe.end();
00388   while (Low != End && IsPrefix(ToMark, *Low)) {
00389     std::set<ArgPromotion::IndicesVector>::iterator Remove = Low;
00390     ++Low;
00391     Safe.erase(Remove);
00392   }
00393 }
00394 
00395 /// isSafeToPromoteArgument - As you might guess from the name of this method,
00396 /// it checks to see if it is both safe and useful to promote the argument.
00397 /// This method limits promotion of aggregates to only promote up to three
00398 /// elements of the aggregate in order to avoid exploding the number of
00399 /// arguments passed in.
00400 bool ArgPromotion::isSafeToPromoteArgument(Argument *Arg,
00401                                            bool isByValOrInAlloca) const {
00402   typedef std::set<IndicesVector> GEPIndicesSet;
00403 
00404   // Quick exit for unused arguments
00405   if (Arg->use_empty())
00406     return true;
00407 
00408   // We can only promote this argument if all of the uses are loads, or are GEP
00409   // instructions (with constant indices) that are subsequently loaded.
00410   //
00411   // Promoting the argument causes it to be loaded in the caller
00412   // unconditionally. This is only safe if we can prove that either the load
00413   // would have happened in the callee anyway (ie, there is a load in the entry
00414   // block) or the pointer passed in at every call site is guaranteed to be
00415   // valid.
00416   // In the former case, invalid loads can happen, but would have happened
00417   // anyway, in the latter case, invalid loads won't happen. This prevents us
00418   // from introducing an invalid load that wouldn't have happened in the
00419   // original code.
00420   //
00421   // This set will contain all sets of indices that are loaded in the entry
00422   // block, and thus are safe to unconditionally load in the caller.
00423   //
00424   // This optimization is also safe for InAlloca parameters, because it verifies
00425   // that the address isn't captured.
00426   GEPIndicesSet SafeToUnconditionallyLoad;
00427 
00428   // This set contains all the sets of indices that we are planning to promote.
00429   // This makes it possible to limit the number of arguments added.
00430   GEPIndicesSet ToPromote;
00431 
00432   // If the pointer is always valid, any load with first index 0 is valid.
00433   if (isByValOrInAlloca || AllCallersPassInValidPointerForArgument(Arg, DL))
00434     SafeToUnconditionallyLoad.insert(IndicesVector(1, 0));
00435 
00436   // First, iterate the entry block and mark loads of (geps of) arguments as
00437   // safe.
00438   BasicBlock *EntryBlock = Arg->getParent()->begin();
00439   // Declare this here so we can reuse it
00440   IndicesVector Indices;
00441   for (BasicBlock::iterator I = EntryBlock->begin(), E = EntryBlock->end();
00442        I != E; ++I)
00443     if (LoadInst *LI = dyn_cast<LoadInst>(I)) {
00444       Value *V = LI->getPointerOperand();
00445       if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(V)) {
00446         V = GEP->getPointerOperand();
00447         if (V == Arg) {
00448           // This load actually loads (part of) Arg? Check the indices then.
00449           Indices.reserve(GEP->getNumIndices());
00450           for (User::op_iterator II = GEP->idx_begin(), IE = GEP->idx_end();
00451                II != IE; ++II)
00452             if (ConstantInt *CI = dyn_cast<ConstantInt>(*II))
00453               Indices.push_back(CI->getSExtValue());
00454             else
00455               // We found a non-constant GEP index for this argument? Bail out
00456               // right away, can't promote this argument at all.
00457               return false;
00458 
00459           // Indices checked out, mark them as safe
00460           MarkIndicesSafe(Indices, SafeToUnconditionallyLoad);
00461           Indices.clear();
00462         }
00463       } else if (V == Arg) {
00464         // Direct loads are equivalent to a GEP with a single 0 index.
00465         MarkIndicesSafe(IndicesVector(1, 0), SafeToUnconditionallyLoad);
00466       }
00467     }
00468 
00469   // Now, iterate all uses of the argument to see if there are any uses that are
00470   // not (GEP+)loads, or any (GEP+)loads that are not safe to promote.
00471   SmallVector<LoadInst*, 16> Loads;
00472   IndicesVector Operands;
00473   for (Use &U : Arg->uses()) {
00474     User *UR = U.getUser();
00475     Operands.clear();
00476     if (LoadInst *LI = dyn_cast<LoadInst>(UR)) {
00477       // Don't hack volatile/atomic loads
00478       if (!LI->isSimple()) return false;
00479       Loads.push_back(LI);
00480       // Direct loads are equivalent to a GEP with a zero index and then a load.
00481       Operands.push_back(0);
00482     } else if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(UR)) {
00483       if (GEP->use_empty()) {
00484         // Dead GEP's cause trouble later.  Just remove them if we run into
00485         // them.
00486         getAnalysis<AliasAnalysis>().deleteValue(GEP);
00487         GEP->eraseFromParent();
00488         // TODO: This runs the above loop over and over again for dead GEPs
00489         // Couldn't we just do increment the UI iterator earlier and erase the
00490         // use?
00491         return isSafeToPromoteArgument(Arg, isByValOrInAlloca);
00492       }
00493 
00494       // Ensure that all of the indices are constants.
00495       for (User::op_iterator i = GEP->idx_begin(), e = GEP->idx_end();
00496         i != e; ++i)
00497         if (ConstantInt *C = dyn_cast<ConstantInt>(*i))
00498           Operands.push_back(C->getSExtValue());
00499         else
00500           return false;  // Not a constant operand GEP!
00501 
00502       // Ensure that the only users of the GEP are load instructions.
00503       for (User *GEPU : GEP->users())
00504         if (LoadInst *LI = dyn_cast<LoadInst>(GEPU)) {
00505           // Don't hack volatile/atomic loads
00506           if (!LI->isSimple()) return false;
00507           Loads.push_back(LI);
00508         } else {
00509           // Other uses than load?
00510           return false;
00511         }
00512     } else {
00513       return false;  // Not a load or a GEP.
00514     }
00515 
00516     // Now, see if it is safe to promote this load / loads of this GEP. Loading
00517     // is safe if Operands, or a prefix of Operands, is marked as safe.
00518     if (!PrefixIn(Operands, SafeToUnconditionallyLoad))
00519       return false;
00520 
00521     // See if we are already promoting a load with these indices. If not, check
00522     // to make sure that we aren't promoting too many elements.  If so, nothing
00523     // to do.
00524     if (ToPromote.find(Operands) == ToPromote.end()) {
00525       if (maxElements > 0 && ToPromote.size() == maxElements) {
00526         DEBUG(dbgs() << "argpromotion not promoting argument '"
00527               << Arg->getName() << "' because it would require adding more "
00528               << "than " << maxElements << " arguments to the function.\n");
00529         // We limit aggregate promotion to only promoting up to a fixed number
00530         // of elements of the aggregate.
00531         return false;
00532       }
00533       ToPromote.insert(std::move(Operands));
00534     }
00535   }
00536 
00537   if (Loads.empty()) return true;  // No users, this is a dead argument.
00538 
00539   // Okay, now we know that the argument is only used by load instructions and
00540   // it is safe to unconditionally perform all of them. Use alias analysis to
00541   // check to see if the pointer is guaranteed to not be modified from entry of
00542   // the function to each of the load instructions.
00543 
00544   // Because there could be several/many load instructions, remember which
00545   // blocks we know to be transparent to the load.
00546   SmallPtrSet<BasicBlock*, 16> TranspBlocks;
00547 
00548   AliasAnalysis &AA = getAnalysis<AliasAnalysis>();
00549 
00550   for (unsigned i = 0, e = Loads.size(); i != e; ++i) {
00551     // Check to see if the load is invalidated from the start of the block to
00552     // the load itself.
00553     LoadInst *Load = Loads[i];
00554     BasicBlock *BB = Load->getParent();
00555 
00556     AliasAnalysis::Location Loc = AA.getLocation(Load);
00557     if (AA.canInstructionRangeModRef(BB->front(), *Load, Loc,
00558         AliasAnalysis::Mod))
00559       return false;  // Pointer is invalidated!
00560 
00561     // Now check every path from the entry block to the load for transparency.
00562     // To do this, we perform a depth first search on the inverse CFG from the
00563     // loading block.
00564     for (BasicBlock *P : predecessors(BB)) {
00565       for (BasicBlock *TranspBB : inverse_depth_first_ext(P, TranspBlocks))
00566         if (AA.canBasicBlockModify(*TranspBB, Loc))
00567           return false;
00568     }
00569   }
00570 
00571   // If the path from the entry of the function to each load is free of
00572   // instructions that potentially invalidate the load, we can make the
00573   // transformation!
00574   return true;
00575 }
00576 
00577 /// DoPromotion - This method actually performs the promotion of the specified
00578 /// arguments, and returns the new function.  At this point, we know that it's
00579 /// safe to do so.
00580 CallGraphNode *ArgPromotion::DoPromotion(Function *F,
00581                              SmallPtrSetImpl<Argument*> &ArgsToPromote,
00582                              SmallPtrSetImpl<Argument*> &ByValArgsToTransform) {
00583 
00584   // Start by computing a new prototype for the function, which is the same as
00585   // the old function, but has modified arguments.
00586   FunctionType *FTy = F->getFunctionType();
00587   std::vector<Type*> Params;
00588 
00589   typedef std::set<IndicesVector> ScalarizeTable;
00590 
00591   // ScalarizedElements - If we are promoting a pointer that has elements
00592   // accessed out of it, keep track of which elements are accessed so that we
00593   // can add one argument for each.
00594   //
00595   // Arguments that are directly loaded will have a zero element value here, to
00596   // handle cases where there are both a direct load and GEP accesses.
00597   //
00598   std::map<Argument*, ScalarizeTable> ScalarizedElements;
00599 
00600   // OriginalLoads - Keep track of a representative load instruction from the
00601   // original function so that we can tell the alias analysis implementation
00602   // what the new GEP/Load instructions we are inserting look like.
00603   // We need to keep the original loads for each argument and the elements
00604   // of the argument that are accessed.
00605   std::map<std::pair<Argument*, IndicesVector>, LoadInst*> OriginalLoads;
00606 
00607   // Attribute - Keep track of the parameter attributes for the arguments
00608   // that we are *not* promoting. For the ones that we do promote, the parameter
00609   // attributes are lost
00610   SmallVector<AttributeSet, 8> AttributesVec;
00611   const AttributeSet &PAL = F->getAttributes();
00612 
00613   // Add any return attributes.
00614   if (PAL.hasAttributes(AttributeSet::ReturnIndex))
00615     AttributesVec.push_back(AttributeSet::get(F->getContext(),
00616                                               PAL.getRetAttributes()));
00617 
00618   // First, determine the new argument list
00619   unsigned ArgIndex = 1;
00620   for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end(); I != E;
00621        ++I, ++ArgIndex) {
00622     if (ByValArgsToTransform.count(I)) {
00623       // Simple byval argument? Just add all the struct element types.
00624       Type *AgTy = cast<PointerType>(I->getType())->getElementType();
00625       StructType *STy = cast<StructType>(AgTy);
00626       Params.insert(Params.end(), STy->element_begin(), STy->element_end());
00627       ++NumByValArgsPromoted;
00628     } else if (!ArgsToPromote.count(I)) {
00629       // Unchanged argument
00630       Params.push_back(I->getType());
00631       AttributeSet attrs = PAL.getParamAttributes(ArgIndex);
00632       if (attrs.hasAttributes(ArgIndex)) {
00633         AttrBuilder B(attrs, ArgIndex);
00634         AttributesVec.
00635           push_back(AttributeSet::get(F->getContext(), Params.size(), B));
00636       }
00637     } else if (I->use_empty()) {
00638       // Dead argument (which are always marked as promotable)
00639       ++NumArgumentsDead;
00640     } else {
00641       // Okay, this is being promoted. This means that the only uses are loads
00642       // or GEPs which are only used by loads
00643 
00644       // In this table, we will track which indices are loaded from the argument
00645       // (where direct loads are tracked as no indices).
00646       ScalarizeTable &ArgIndices = ScalarizedElements[I];
00647       for (User *U : I->users()) {
00648         Instruction *UI = cast<Instruction>(U);
00649         assert(isa<LoadInst>(UI) || isa<GetElementPtrInst>(UI));
00650         IndicesVector Indices;
00651         Indices.reserve(UI->getNumOperands() - 1);
00652         // Since loads will only have a single operand, and GEPs only a single
00653         // non-index operand, this will record direct loads without any indices,
00654         // and gep+loads with the GEP indices.
00655         for (User::op_iterator II = UI->op_begin() + 1, IE = UI->op_end();
00656              II != IE; ++II)
00657           Indices.push_back(cast<ConstantInt>(*II)->getSExtValue());
00658         // GEPs with a single 0 index can be merged with direct loads
00659         if (Indices.size() == 1 && Indices.front() == 0)
00660           Indices.clear();
00661         ArgIndices.insert(Indices);
00662         LoadInst *OrigLoad;
00663         if (LoadInst *L = dyn_cast<LoadInst>(UI))
00664           OrigLoad = L;
00665         else
00666           // Take any load, we will use it only to update Alias Analysis
00667           OrigLoad = cast<LoadInst>(UI->user_back());
00668         OriginalLoads[std::make_pair(I, Indices)] = OrigLoad;
00669       }
00670 
00671       // Add a parameter to the function for each element passed in.
00672       for (ScalarizeTable::iterator SI = ArgIndices.begin(),
00673              E = ArgIndices.end(); SI != E; ++SI) {
00674         // not allowed to dereference ->begin() if size() is 0
00675         Params.push_back(GetElementPtrInst::getIndexedType(I->getType(), *SI));
00676         assert(Params.back());
00677       }
00678 
00679       if (ArgIndices.size() == 1 && ArgIndices.begin()->empty())
00680         ++NumArgumentsPromoted;
00681       else
00682         ++NumAggregatesPromoted;
00683     }
00684   }
00685 
00686   // Add any function attributes.
00687   if (PAL.hasAttributes(AttributeSet::FunctionIndex))
00688     AttributesVec.push_back(AttributeSet::get(FTy->getContext(),
00689                                               PAL.getFnAttributes()));
00690 
00691   Type *RetTy = FTy->getReturnType();
00692 
00693   // Construct the new function type using the new arguments.
00694   FunctionType *NFTy = FunctionType::get(RetTy, Params, FTy->isVarArg());
00695 
00696   // Create the new function body and insert it into the module.
00697   Function *NF = Function::Create(NFTy, F->getLinkage(), F->getName());
00698   NF->copyAttributesFrom(F);
00699 
00700   // Patch the pointer to LLVM function in debug info descriptor.
00701   auto DI = FunctionDIs.find(F);
00702   if (DI != FunctionDIs.end()) {
00703     DISubprogram SP = DI->second;
00704     SP.replaceFunction(NF);
00705     // Ensure the map is updated so it can be reused on subsequent argument
00706     // promotions of the same function.
00707     FunctionDIs.erase(DI);
00708     FunctionDIs[NF] = SP;
00709   }
00710 
00711   DEBUG(dbgs() << "ARG PROMOTION:  Promoting to:" << *NF << "\n"
00712         << "From: " << *F);
00713   
00714   // Recompute the parameter attributes list based on the new arguments for
00715   // the function.
00716   NF->setAttributes(AttributeSet::get(F->getContext(), AttributesVec));
00717   AttributesVec.clear();
00718 
00719   F->getParent()->getFunctionList().insert(F, NF);
00720   NF->takeName(F);
00721 
00722   // Get the alias analysis information that we need to update to reflect our
00723   // changes.
00724   AliasAnalysis &AA = getAnalysis<AliasAnalysis>();
00725 
00726   // Get the callgraph information that we need to update to reflect our
00727   // changes.
00728   CallGraph &CG = getAnalysis<CallGraphWrapperPass>().getCallGraph();
00729 
00730   // Get a new callgraph node for NF.
00731   CallGraphNode *NF_CGN = CG.getOrInsertFunction(NF);
00732 
00733   // Loop over all of the callers of the function, transforming the call sites
00734   // to pass in the loaded pointers.
00735   //
00736   SmallVector<Value*, 16> Args;
00737   while (!F->use_empty()) {
00738     CallSite CS(F->user_back());
00739     assert(CS.getCalledFunction() == F);
00740     Instruction *Call = CS.getInstruction();
00741     const AttributeSet &CallPAL = CS.getAttributes();
00742 
00743     // Add any return attributes.
00744     if (CallPAL.hasAttributes(AttributeSet::ReturnIndex))
00745       AttributesVec.push_back(AttributeSet::get(F->getContext(),
00746                                                 CallPAL.getRetAttributes()));
00747 
00748     // Loop over the operands, inserting GEP and loads in the caller as
00749     // appropriate.
00750     CallSite::arg_iterator AI = CS.arg_begin();
00751     ArgIndex = 1;
00752     for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end();
00753          I != E; ++I, ++AI, ++ArgIndex)
00754       if (!ArgsToPromote.count(I) && !ByValArgsToTransform.count(I)) {
00755         Args.push_back(*AI);          // Unmodified argument
00756 
00757         if (CallPAL.hasAttributes(ArgIndex)) {
00758           AttrBuilder B(CallPAL, ArgIndex);
00759           AttributesVec.
00760             push_back(AttributeSet::get(F->getContext(), Args.size(), B));
00761         }
00762       } else if (ByValArgsToTransform.count(I)) {
00763         // Emit a GEP and load for each element of the struct.
00764         Type *AgTy = cast<PointerType>(I->getType())->getElementType();
00765         StructType *STy = cast<StructType>(AgTy);
00766         Value *Idxs[2] = {
00767               ConstantInt::get(Type::getInt32Ty(F->getContext()), 0), nullptr };
00768         for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00769           Idxs[1] = ConstantInt::get(Type::getInt32Ty(F->getContext()), i);
00770           Value *Idx = GetElementPtrInst::Create(*AI, Idxs,
00771                                                  (*AI)->getName()+"."+utostr(i),
00772                                                  Call);
00773           // TODO: Tell AA about the new values?
00774           Args.push_back(new LoadInst(Idx, Idx->getName()+".val", Call));
00775         }
00776       } else if (!I->use_empty()) {
00777         // Non-dead argument: insert GEPs and loads as appropriate.
00778         ScalarizeTable &ArgIndices = ScalarizedElements[I];
00779         // Store the Value* version of the indices in here, but declare it now
00780         // for reuse.
00781         std::vector<Value*> Ops;
00782         for (ScalarizeTable::iterator SI = ArgIndices.begin(),
00783                E = ArgIndices.end(); SI != E; ++SI) {
00784           Value *V = *AI;
00785           LoadInst *OrigLoad = OriginalLoads[std::make_pair(I, *SI)];
00786           if (!SI->empty()) {
00787             Ops.reserve(SI->size());
00788             Type *ElTy = V->getType();
00789             for (IndicesVector::const_iterator II = SI->begin(),
00790                  IE = SI->end(); II != IE; ++II) {
00791               // Use i32 to index structs, and i64 for others (pointers/arrays).
00792               // This satisfies GEP constraints.
00793               Type *IdxTy = (ElTy->isStructTy() ?
00794                     Type::getInt32Ty(F->getContext()) : 
00795                     Type::getInt64Ty(F->getContext()));
00796               Ops.push_back(ConstantInt::get(IdxTy, *II));
00797               // Keep track of the type we're currently indexing.
00798               ElTy = cast<CompositeType>(ElTy)->getTypeAtIndex(*II);
00799             }
00800             // And create a GEP to extract those indices.
00801             V = GetElementPtrInst::Create(V, Ops, V->getName()+".idx", Call);
00802             Ops.clear();
00803             AA.copyValue(OrigLoad->getOperand(0), V);
00804           }
00805           // Since we're replacing a load make sure we take the alignment
00806           // of the previous load.
00807           LoadInst *newLoad = new LoadInst(V, V->getName()+".val", Call);
00808           newLoad->setAlignment(OrigLoad->getAlignment());
00809           // Transfer the AA info too.
00810           AAMDNodes AAInfo;
00811           OrigLoad->getAAMetadata(AAInfo);
00812           newLoad->setAAMetadata(AAInfo);
00813 
00814           Args.push_back(newLoad);
00815           AA.copyValue(OrigLoad, Args.back());
00816         }
00817       }
00818 
00819     // Push any varargs arguments on the list.
00820     for (; AI != CS.arg_end(); ++AI, ++ArgIndex) {
00821       Args.push_back(*AI);
00822       if (CallPAL.hasAttributes(ArgIndex)) {
00823         AttrBuilder B(CallPAL, ArgIndex);
00824         AttributesVec.
00825           push_back(AttributeSet::get(F->getContext(), Args.size(), B));
00826       }
00827     }
00828 
00829     // Add any function attributes.
00830     if (CallPAL.hasAttributes(AttributeSet::FunctionIndex))
00831       AttributesVec.push_back(AttributeSet::get(Call->getContext(),
00832                                                 CallPAL.getFnAttributes()));
00833 
00834     Instruction *New;
00835     if (InvokeInst *II = dyn_cast<InvokeInst>(Call)) {
00836       New = InvokeInst::Create(NF, II->getNormalDest(), II->getUnwindDest(),
00837                                Args, "", Call);
00838       cast<InvokeInst>(New)->setCallingConv(CS.getCallingConv());
00839       cast<InvokeInst>(New)->setAttributes(AttributeSet::get(II->getContext(),
00840                                                             AttributesVec));
00841     } else {
00842       New = CallInst::Create(NF, Args, "", Call);
00843       cast<CallInst>(New)->setCallingConv(CS.getCallingConv());
00844       cast<CallInst>(New)->setAttributes(AttributeSet::get(New->getContext(),
00845                                                           AttributesVec));
00846       if (cast<CallInst>(Call)->isTailCall())
00847         cast<CallInst>(New)->setTailCall();
00848     }
00849     New->setDebugLoc(Call->getDebugLoc());
00850     Args.clear();
00851     AttributesVec.clear();
00852 
00853     // Update the alias analysis implementation to know that we are replacing
00854     // the old call with a new one.
00855     AA.replaceWithNewValue(Call, New);
00856 
00857     // Update the callgraph to know that the callsite has been transformed.
00858     CallGraphNode *CalleeNode = CG[Call->getParent()->getParent()];
00859     CalleeNode->replaceCallEdge(Call, New, NF_CGN);
00860 
00861     if (!Call->use_empty()) {
00862       Call->replaceAllUsesWith(New);
00863       New->takeName(Call);
00864     }
00865 
00866     // Finally, remove the old call from the program, reducing the use-count of
00867     // F.
00868     Call->eraseFromParent();
00869   }
00870 
00871   // Since we have now created the new function, splice the body of the old
00872   // function right into the new function, leaving the old rotting hulk of the
00873   // function empty.
00874   NF->getBasicBlockList().splice(NF->begin(), F->getBasicBlockList());
00875 
00876   // Loop over the argument list, transferring uses of the old arguments over to
00877   // the new arguments, also transferring over the names as well.
00878   //
00879   for (Function::arg_iterator I = F->arg_begin(), E = F->arg_end(),
00880        I2 = NF->arg_begin(); I != E; ++I) {
00881     if (!ArgsToPromote.count(I) && !ByValArgsToTransform.count(I)) {
00882       // If this is an unmodified argument, move the name and users over to the
00883       // new version.
00884       I->replaceAllUsesWith(I2);
00885       I2->takeName(I);
00886       AA.replaceWithNewValue(I, I2);
00887       ++I2;
00888       continue;
00889     }
00890 
00891     if (ByValArgsToTransform.count(I)) {
00892       // In the callee, we create an alloca, and store each of the new incoming
00893       // arguments into the alloca.
00894       Instruction *InsertPt = NF->begin()->begin();
00895 
00896       // Just add all the struct element types.
00897       Type *AgTy = cast<PointerType>(I->getType())->getElementType();
00898       Value *TheAlloca = new AllocaInst(AgTy, nullptr, "", InsertPt);
00899       StructType *STy = cast<StructType>(AgTy);
00900       Value *Idxs[2] = {
00901             ConstantInt::get(Type::getInt32Ty(F->getContext()), 0), nullptr };
00902 
00903       for (unsigned i = 0, e = STy->getNumElements(); i != e; ++i) {
00904         Idxs[1] = ConstantInt::get(Type::getInt32Ty(F->getContext()), i);
00905         Value *Idx = 
00906           GetElementPtrInst::Create(TheAlloca, Idxs,
00907                                     TheAlloca->getName()+"."+Twine(i), 
00908                                     InsertPt);
00909         I2->setName(I->getName()+"."+Twine(i));
00910         new StoreInst(I2++, Idx, InsertPt);
00911       }
00912 
00913       // Anything that used the arg should now use the alloca.
00914       I->replaceAllUsesWith(TheAlloca);
00915       TheAlloca->takeName(I);
00916       AA.replaceWithNewValue(I, TheAlloca);
00917 
00918       // If the alloca is used in a call, we must clear the tail flag since
00919       // the callee now uses an alloca from the caller.
00920       for (User *U : TheAlloca->users()) {
00921         CallInst *Call = dyn_cast<CallInst>(U);
00922         if (!Call)
00923           continue;
00924         Call->setTailCall(false);
00925       }
00926       continue;
00927     }
00928 
00929     if (I->use_empty()) {
00930       AA.deleteValue(I);
00931       continue;
00932     }
00933 
00934     // Otherwise, if we promoted this argument, then all users are load
00935     // instructions (or GEPs with only load users), and all loads should be
00936     // using the new argument that we added.
00937     ScalarizeTable &ArgIndices = ScalarizedElements[I];
00938 
00939     while (!I->use_empty()) {
00940       if (LoadInst *LI = dyn_cast<LoadInst>(I->user_back())) {
00941         assert(ArgIndices.begin()->empty() &&
00942                "Load element should sort to front!");
00943         I2->setName(I->getName()+".val");
00944         LI->replaceAllUsesWith(I2);
00945         AA.replaceWithNewValue(LI, I2);
00946         LI->eraseFromParent();
00947         DEBUG(dbgs() << "*** Promoted load of argument '" << I->getName()
00948               << "' in function '" << F->getName() << "'\n");
00949       } else {
00950         GetElementPtrInst *GEP = cast<GetElementPtrInst>(I->user_back());
00951         IndicesVector Operands;
00952         Operands.reserve(GEP->getNumIndices());
00953         for (User::op_iterator II = GEP->idx_begin(), IE = GEP->idx_end();
00954              II != IE; ++II)
00955           Operands.push_back(cast<ConstantInt>(*II)->getSExtValue());
00956 
00957         // GEPs with a single 0 index can be merged with direct loads
00958         if (Operands.size() == 1 && Operands.front() == 0)
00959           Operands.clear();
00960 
00961         Function::arg_iterator TheArg = I2;
00962         for (ScalarizeTable::iterator It = ArgIndices.begin();
00963              *It != Operands; ++It, ++TheArg) {
00964           assert(It != ArgIndices.end() && "GEP not handled??");
00965         }
00966 
00967         std::string NewName = I->getName();
00968         for (unsigned i = 0, e = Operands.size(); i != e; ++i) {
00969             NewName += "." + utostr(Operands[i]);
00970         }
00971         NewName += ".val";
00972         TheArg->setName(NewName);
00973 
00974         DEBUG(dbgs() << "*** Promoted agg argument '" << TheArg->getName()
00975               << "' of function '" << NF->getName() << "'\n");
00976 
00977         // All of the uses must be load instructions.  Replace them all with
00978         // the argument specified by ArgNo.
00979         while (!GEP->use_empty()) {
00980           LoadInst *L = cast<LoadInst>(GEP->user_back());
00981           L->replaceAllUsesWith(TheArg);
00982           AA.replaceWithNewValue(L, TheArg);
00983           L->eraseFromParent();
00984         }
00985         AA.deleteValue(GEP);
00986         GEP->eraseFromParent();
00987       }
00988     }
00989 
00990     // Increment I2 past all of the arguments added for this promoted pointer.
00991     std::advance(I2, ArgIndices.size());
00992   }
00993 
00994   // Tell the alias analysis that the old function is about to disappear.
00995   AA.replaceWithNewValue(F, NF);
00996 
00997   
00998   NF_CGN->stealCalledFunctionsFrom(CG[F]);
00999   
01000   // Now that the old function is dead, delete it.  If there is a dangling
01001   // reference to the CallgraphNode, just leave the dead function around for
01002   // someone else to nuke.
01003   CallGraphNode *CGN = CG[F];
01004   if (CGN->getNumReferences() == 0)
01005     delete CG.removeFunctionFromModule(CGN);
01006   else
01007     F->setLinkage(Function::ExternalLinkage);
01008   
01009   return NF_CGN;
01010 }
01011 
01012 bool ArgPromotion::doInitialization(CallGraph &CG) {
01013   FunctionDIs = makeSubprogramMap(CG.getModule());
01014   return CallGraphSCCPass::doInitialization(CG);
01015 }