1 //===- InstCombineLoadStoreAlloca.cpp -------------------------------------===//
3 // The LLVM Compiler Infrastructure
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
8 //===----------------------------------------------------------------------===//
10 // This file implements the visit functions for load, store and alloca.
12 //===----------------------------------------------------------------------===//
14 #include "InstCombineInternal.h"
15 #include "llvm/ADT/Statistic.h"
16 #include "llvm/Analysis/Loads.h"
17 #include "llvm/IR/DataLayout.h"
18 #include "llvm/IR/LLVMContext.h"
19 #include "llvm/IR/IntrinsicInst.h"
20 #include "llvm/IR/MDBuilder.h"
21 #include "llvm/Transforms/Utils/BasicBlockUtils.h"
22 #include "llvm/Transforms/Utils/Local.h"
25 #define DEBUG_TYPE "instcombine"
27 STATISTIC(NumDeadStore, "Number of dead stores eliminated");
28 STATISTIC(NumGlobalCopies, "Number of allocas copied from constant global");
30 /// pointsToConstantGlobal - Return true if V (possibly indirectly) points to
31 /// some part of a constant global variable. This intentionally only accepts
32 /// constant expressions because we can't rewrite arbitrary instructions.
33 static bool pointsToConstantGlobal(Value *V) {
34 if (GlobalVariable *GV = dyn_cast<GlobalVariable>(V))
35 return GV->isConstant();
37 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(V)) {
38 if (CE->getOpcode() == Instruction::BitCast ||
39 CE->getOpcode() == Instruction::AddrSpaceCast ||
40 CE->getOpcode() == Instruction::GetElementPtr)
41 return pointsToConstantGlobal(CE->getOperand(0));
46 /// isOnlyCopiedFromConstantGlobal - Recursively walk the uses of a (derived)
47 /// pointer to an alloca. Ignore any reads of the pointer, return false if we
48 /// see any stores or other unknown uses. If we see pointer arithmetic, keep
49 /// track of whether it moves the pointer (with IsOffset) but otherwise traverse
50 /// the uses. If we see a memcpy/memmove that targets an unoffseted pointer to
51 /// the alloca, and if the source pointer is a pointer to a constant global, we
52 /// can optimize this.
54 isOnlyCopiedFromConstantGlobal(Value *V, MemTransferInst *&TheCopy,
55 SmallVectorImpl<Instruction *> &ToDelete) {
56 // We track lifetime intrinsics as we encounter them. If we decide to go
57 // ahead and replace the value with the global, this lets the caller quickly
58 // eliminate the markers.
60 SmallVector<std::pair<Value *, bool>, 35> ValuesToInspect;
61 ValuesToInspect.push_back(std::make_pair(V, false));
62 while (!ValuesToInspect.empty()) {
63 auto ValuePair = ValuesToInspect.pop_back_val();
64 const bool IsOffset = ValuePair.second;
65 for (auto &U : ValuePair.first->uses()) {
66 Instruction *I = cast<Instruction>(U.getUser());
68 if (LoadInst *LI = dyn_cast<LoadInst>(I)) {
69 // Ignore non-volatile loads, they are always ok.
70 if (!LI->isSimple()) return false;
74 if (isa<BitCastInst>(I) || isa<AddrSpaceCastInst>(I)) {
75 // If uses of the bitcast are ok, we are ok.
76 ValuesToInspect.push_back(std::make_pair(I, IsOffset));
79 if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(I)) {
80 // If the GEP has all zero indices, it doesn't offset the pointer. If it
82 ValuesToInspect.push_back(
83 std::make_pair(I, IsOffset || !GEP->hasAllZeroIndices()));
87 if (auto CS = CallSite(I)) {
88 // If this is the function being called then we treat it like a load and
93 // Inalloca arguments are clobbered by the call.
94 unsigned ArgNo = CS.getArgumentNo(&U);
95 if (CS.isInAllocaArgument(ArgNo))
98 // If this is a readonly/readnone call site, then we know it is just a
99 // load (but one that potentially returns the value itself), so we can
100 // ignore it if we know that the value isn't captured.
101 if (CS.onlyReadsMemory() &&
102 (CS.getInstruction()->use_empty() || CS.doesNotCapture(ArgNo)))
105 // If this is being passed as a byval argument, the caller is making a
106 // copy, so it is only a read of the alloca.
107 if (CS.isByValArgument(ArgNo))
111 // Lifetime intrinsics can be handled by the caller.
112 if (IntrinsicInst *II = dyn_cast<IntrinsicInst>(I)) {
113 if (II->getIntrinsicID() == Intrinsic::lifetime_start ||
114 II->getIntrinsicID() == Intrinsic::lifetime_end) {
115 assert(II->use_empty() && "Lifetime markers have no result to use!");
116 ToDelete.push_back(II);
121 // If this is isn't our memcpy/memmove, reject it as something we can't
123 MemTransferInst *MI = dyn_cast<MemTransferInst>(I);
127 // If the transfer is using the alloca as a source of the transfer, then
128 // ignore it since it is a load (unless the transfer is volatile).
129 if (U.getOperandNo() == 1) {
130 if (MI->isVolatile()) return false;
134 // If we already have seen a copy, reject the second one.
135 if (TheCopy) return false;
137 // If the pointer has been offset from the start of the alloca, we can't
138 // safely handle this.
139 if (IsOffset) return false;
141 // If the memintrinsic isn't using the alloca as the dest, reject it.
142 if (U.getOperandNo() != 0) return false;
144 // If the source of the memcpy/move is not a constant global, reject it.
145 if (!pointsToConstantGlobal(MI->getSource()))
148 // Otherwise, the transform is safe. Remember the copy instruction.
155 /// isOnlyCopiedFromConstantGlobal - Return true if the specified alloca is only
156 /// modified by a copy from a constant global. If we can prove this, we can
157 /// replace any uses of the alloca with uses of the global directly.
158 static MemTransferInst *
159 isOnlyCopiedFromConstantGlobal(AllocaInst *AI,
160 SmallVectorImpl<Instruction *> &ToDelete) {
161 MemTransferInst *TheCopy = nullptr;
162 if (isOnlyCopiedFromConstantGlobal(AI, TheCopy, ToDelete))
167 static Instruction *simplifyAllocaArraySize(InstCombiner &IC, AllocaInst &AI) {
168 // Check for array size of 1 (scalar allocation).
169 if (!AI.isArrayAllocation()) {
170 // i32 1 is the canonical array size for scalar allocations.
171 if (AI.getArraySize()->getType()->isIntegerTy(32))
175 Value *V = IC.Builder->getInt32(1);
180 // Convert: alloca Ty, C - where C is a constant != 1 into: alloca [C x Ty], 1
181 if (const ConstantInt *C = dyn_cast<ConstantInt>(AI.getArraySize())) {
182 Type *NewTy = ArrayType::get(AI.getAllocatedType(), C->getZExtValue());
183 AllocaInst *New = IC.Builder->CreateAlloca(NewTy, nullptr, AI.getName());
184 New->setAlignment(AI.getAlignment());
186 // Scan to the end of the allocation instructions, to skip over a block of
187 // allocas if possible...also skip interleaved debug info
189 BasicBlock::iterator It(New);
190 while (isa<AllocaInst>(*It) || isa<DbgInfoIntrinsic>(*It))
193 // Now that I is pointing to the first non-allocation-inst in the block,
194 // insert our getelementptr instruction...
196 Type *IdxTy = IC.getDataLayout().getIntPtrType(AI.getType());
197 Value *NullIdx = Constant::getNullValue(IdxTy);
198 Value *Idx[2] = {NullIdx, NullIdx};
200 GetElementPtrInst::CreateInBounds(New, Idx, New->getName() + ".sub");
201 IC.InsertNewInstBefore(GEP, *It);
203 // Now make everything use the getelementptr instead of the original
205 return IC.ReplaceInstUsesWith(AI, GEP);
208 if (isa<UndefValue>(AI.getArraySize()))
209 return IC.ReplaceInstUsesWith(AI, Constant::getNullValue(AI.getType()));
211 // Ensure that the alloca array size argument has type intptr_t, so that
212 // any casting is exposed early.
213 Type *IntPtrTy = IC.getDataLayout().getIntPtrType(AI.getType());
214 if (AI.getArraySize()->getType() != IntPtrTy) {
215 Value *V = IC.Builder->CreateIntCast(AI.getArraySize(), IntPtrTy, false);
223 Instruction *InstCombiner::visitAllocaInst(AllocaInst &AI) {
224 if (auto *I = simplifyAllocaArraySize(*this, AI))
227 if (AI.getAllocatedType()->isSized()) {
228 // If the alignment is 0 (unspecified), assign it the preferred alignment.
229 if (AI.getAlignment() == 0)
230 AI.setAlignment(DL.getPrefTypeAlignment(AI.getAllocatedType()));
232 // Move all alloca's of zero byte objects to the entry block and merge them
233 // together. Note that we only do this for alloca's, because malloc should
234 // allocate and return a unique pointer, even for a zero byte allocation.
235 if (DL.getTypeAllocSize(AI.getAllocatedType()) == 0) {
236 // For a zero sized alloca there is no point in doing an array allocation.
237 // This is helpful if the array size is a complicated expression not used
239 if (AI.isArrayAllocation()) {
240 AI.setOperand(0, ConstantInt::get(AI.getArraySize()->getType(), 1));
244 // Get the first instruction in the entry block.
245 BasicBlock &EntryBlock = AI.getParent()->getParent()->getEntryBlock();
246 Instruction *FirstInst = EntryBlock.getFirstNonPHIOrDbg();
247 if (FirstInst != &AI) {
248 // If the entry block doesn't start with a zero-size alloca then move
249 // this one to the start of the entry block. There is no problem with
250 // dominance as the array size was forced to a constant earlier already.
251 AllocaInst *EntryAI = dyn_cast<AllocaInst>(FirstInst);
252 if (!EntryAI || !EntryAI->getAllocatedType()->isSized() ||
253 DL.getTypeAllocSize(EntryAI->getAllocatedType()) != 0) {
254 AI.moveBefore(FirstInst);
258 // If the alignment of the entry block alloca is 0 (unspecified),
259 // assign it the preferred alignment.
260 if (EntryAI->getAlignment() == 0)
261 EntryAI->setAlignment(
262 DL.getPrefTypeAlignment(EntryAI->getAllocatedType()));
263 // Replace this zero-sized alloca with the one at the start of the entry
264 // block after ensuring that the address will be aligned enough for both
266 unsigned MaxAlign = std::max(EntryAI->getAlignment(),
268 EntryAI->setAlignment(MaxAlign);
269 if (AI.getType() != EntryAI->getType())
270 return new BitCastInst(EntryAI, AI.getType());
271 return ReplaceInstUsesWith(AI, EntryAI);
276 if (AI.getAlignment()) {
277 // Check to see if this allocation is only modified by a memcpy/memmove from
278 // a constant global whose alignment is equal to or exceeds that of the
279 // allocation. If this is the case, we can change all users to use
280 // the constant global instead. This is commonly produced by the CFE by
281 // constructs like "void foo() { int A[] = {1,2,3,4,5,6,7,8,9...}; }" if 'A'
282 // is only subsequently read.
283 SmallVector<Instruction *, 4> ToDelete;
284 if (MemTransferInst *Copy = isOnlyCopiedFromConstantGlobal(&AI, ToDelete)) {
285 unsigned SourceAlign = getOrEnforceKnownAlignment(
286 Copy->getSource(), AI.getAlignment(), DL, &AI, AC, DT);
287 if (AI.getAlignment() <= SourceAlign) {
288 DEBUG(dbgs() << "Found alloca equal to global: " << AI << '\n');
289 DEBUG(dbgs() << " memcpy = " << *Copy << '\n');
290 for (unsigned i = 0, e = ToDelete.size(); i != e; ++i)
291 EraseInstFromFunction(*ToDelete[i]);
292 Constant *TheSrc = cast<Constant>(Copy->getSource());
294 = ConstantExpr::getPointerBitCastOrAddrSpaceCast(TheSrc, AI.getType());
295 Instruction *NewI = ReplaceInstUsesWith(AI, Cast);
296 EraseInstFromFunction(*Copy);
303 // At last, use the generic allocation site handler to aggressively remove
305 return visitAllocSite(AI);
308 /// \brief Helper to combine a load to a new type.
310 /// This just does the work of combining a load to a new type. It handles
311 /// metadata, etc., and returns the new instruction. The \c NewTy should be the
312 /// loaded *value* type. This will convert it to a pointer, cast the operand to
313 /// that pointer type, load it, etc.
315 /// Note that this will create all of the instructions with whatever insert
316 /// point the \c InstCombiner currently is using.
317 static LoadInst *combineLoadToNewType(InstCombiner &IC, LoadInst &LI, Type *NewTy,
318 const Twine &Suffix = "") {
319 Value *Ptr = LI.getPointerOperand();
320 unsigned AS = LI.getPointerAddressSpace();
321 SmallVector<std::pair<unsigned, MDNode *>, 8> MD;
322 LI.getAllMetadata(MD);
324 LoadInst *NewLoad = IC.Builder->CreateAlignedLoad(
325 IC.Builder->CreateBitCast(Ptr, NewTy->getPointerTo(AS)),
326 LI.getAlignment(), LI.getName() + Suffix);
327 MDBuilder MDB(NewLoad->getContext());
328 for (const auto &MDPair : MD) {
329 unsigned ID = MDPair.first;
330 MDNode *N = MDPair.second;
331 // Note, essentially every kind of metadata should be preserved here! This
332 // routine is supposed to clone a load instruction changing *only its type*.
333 // The only metadata it makes sense to drop is metadata which is invalidated
334 // when the pointer type changes. This should essentially never be the case
335 // in LLVM, but we explicitly switch over only known metadata to be
336 // conservatively correct. If you are adding metadata to LLVM which pertains
337 // to loads, you almost certainly want to add it here.
339 case LLVMContext::MD_dbg:
340 case LLVMContext::MD_tbaa:
341 case LLVMContext::MD_prof:
342 case LLVMContext::MD_fpmath:
343 case LLVMContext::MD_tbaa_struct:
344 case LLVMContext::MD_invariant_load:
345 case LLVMContext::MD_alias_scope:
346 case LLVMContext::MD_noalias:
347 case LLVMContext::MD_nontemporal:
348 case LLVMContext::MD_mem_parallel_loop_access:
349 // All of these directly apply.
350 NewLoad->setMetadata(ID, N);
353 case LLVMContext::MD_nonnull:
354 // This only directly applies if the new type is also a pointer.
355 if (NewTy->isPointerTy()) {
356 NewLoad->setMetadata(ID, N);
359 // If it's integral now, translate it to !range metadata.
360 if (NewTy->isIntegerTy()) {
361 auto *ITy = cast<IntegerType>(NewTy);
362 auto *NullInt = ConstantExpr::getPtrToInt(
363 ConstantPointerNull::get(cast<PointerType>(Ptr->getType())), ITy);
365 ConstantExpr::getAdd(NullInt, ConstantInt::get(ITy, 1));
366 NewLoad->setMetadata(LLVMContext::MD_range,
367 MDB.createRange(NonNullInt, NullInt));
370 case LLVMContext::MD_align:
371 case LLVMContext::MD_dereferenceable:
372 case LLVMContext::MD_dereferenceable_or_null:
373 // These only directly apply if the new type is also a pointer.
374 if (NewTy->isPointerTy())
375 NewLoad->setMetadata(ID, N);
377 case LLVMContext::MD_range:
378 // FIXME: It would be nice to propagate this in some way, but the type
379 // conversions make it hard. If the new type is a pointer, we could
380 // translate it to !nonnull metadata.
387 /// \brief Combine a store to a new type.
389 /// Returns the newly created store instruction.
390 static StoreInst *combineStoreToNewValue(InstCombiner &IC, StoreInst &SI, Value *V) {
391 Value *Ptr = SI.getPointerOperand();
392 unsigned AS = SI.getPointerAddressSpace();
393 SmallVector<std::pair<unsigned, MDNode *>, 8> MD;
394 SI.getAllMetadata(MD);
396 StoreInst *NewStore = IC.Builder->CreateAlignedStore(
397 V, IC.Builder->CreateBitCast(Ptr, V->getType()->getPointerTo(AS)),
399 for (const auto &MDPair : MD) {
400 unsigned ID = MDPair.first;
401 MDNode *N = MDPair.second;
402 // Note, essentially every kind of metadata should be preserved here! This
403 // routine is supposed to clone a store instruction changing *only its
404 // type*. The only metadata it makes sense to drop is metadata which is
405 // invalidated when the pointer type changes. This should essentially
406 // never be the case in LLVM, but we explicitly switch over only known
407 // metadata to be conservatively correct. If you are adding metadata to
408 // LLVM which pertains to stores, you almost certainly want to add it
411 case LLVMContext::MD_dbg:
412 case LLVMContext::MD_tbaa:
413 case LLVMContext::MD_prof:
414 case LLVMContext::MD_fpmath:
415 case LLVMContext::MD_tbaa_struct:
416 case LLVMContext::MD_alias_scope:
417 case LLVMContext::MD_noalias:
418 case LLVMContext::MD_nontemporal:
419 case LLVMContext::MD_mem_parallel_loop_access:
420 // All of these directly apply.
421 NewStore->setMetadata(ID, N);
424 case LLVMContext::MD_invariant_load:
425 case LLVMContext::MD_nonnull:
426 case LLVMContext::MD_range:
427 case LLVMContext::MD_align:
428 case LLVMContext::MD_dereferenceable:
429 case LLVMContext::MD_dereferenceable_or_null:
430 // These don't apply for stores.
438 /// \brief Combine loads to match the type of value their uses after looking
439 /// through intervening bitcasts.
441 /// The core idea here is that if the result of a load is used in an operation,
442 /// we should load the type most conducive to that operation. For example, when
443 /// loading an integer and converting that immediately to a pointer, we should
444 /// instead directly load a pointer.
446 /// However, this routine must never change the width of a load or the number of
447 /// loads as that would introduce a semantic change. This combine is expected to
448 /// be a semantic no-op which just allows loads to more closely model the types
449 /// of their consuming operations.
451 /// Currently, we also refuse to change the precise type used for an atomic load
452 /// or a volatile load. This is debatable, and might be reasonable to change
453 /// later. However, it is risky in case some backend or other part of LLVM is
454 /// relying on the exact type loaded to select appropriate atomic operations.
455 static Instruction *combineLoadToOperationType(InstCombiner &IC, LoadInst &LI) {
456 // FIXME: We could probably with some care handle both volatile and atomic
457 // loads here but it isn't clear that this is important.
464 Type *Ty = LI.getType();
465 const DataLayout &DL = IC.getDataLayout();
467 // Try to canonicalize loads which are only ever stored to operate over
468 // integers instead of any other type. We only do this when the loaded type
469 // is sized and has a size exactly the same as its store size and the store
470 // size is a legal integer type.
471 if (!Ty->isIntegerTy() && Ty->isSized() &&
472 DL.isLegalInteger(DL.getTypeStoreSizeInBits(Ty)) &&
473 DL.getTypeStoreSizeInBits(Ty) == DL.getTypeSizeInBits(Ty)) {
474 if (std::all_of(LI.user_begin(), LI.user_end(), [&LI](User *U) {
475 auto *SI = dyn_cast<StoreInst>(U);
476 return SI && SI->getPointerOperand() != &LI;
478 LoadInst *NewLoad = combineLoadToNewType(
480 Type::getIntNTy(LI.getContext(), DL.getTypeStoreSizeInBits(Ty)));
481 // Replace all the stores with stores of the newly loaded value.
482 for (auto UI = LI.user_begin(), UE = LI.user_end(); UI != UE;) {
483 auto *SI = cast<StoreInst>(*UI++);
484 IC.Builder->SetInsertPoint(SI);
485 combineStoreToNewValue(IC, *SI, NewLoad);
486 IC.EraseInstFromFunction(*SI);
488 assert(LI.use_empty() && "Failed to remove all users of the load!");
489 // Return the old load so the combiner can delete it safely.
494 // Fold away bit casts of the loaded value by loading the desired type.
495 // We can do this for BitCastInsts as well as casts from and to pointer types,
496 // as long as those are noops (i.e., the source or dest type have the same
497 // bitwidth as the target's pointers).
499 if (auto* CI = dyn_cast<CastInst>(LI.user_back())) {
500 if (CI->isNoopCast(DL)) {
501 LoadInst *NewLoad = combineLoadToNewType(IC, LI, CI->getDestTy());
502 CI->replaceAllUsesWith(NewLoad);
503 IC.EraseInstFromFunction(*CI);
508 // FIXME: We should also canonicalize loads of vectors when their elements are
509 // cast to other types.
513 static Instruction *unpackLoadToAggregate(InstCombiner &IC, LoadInst &LI) {
514 // FIXME: We could probably with some care handle both volatile and atomic
515 // stores here but it isn't clear that this is important.
519 Type *T = LI.getType();
520 if (!T->isAggregateType())
523 assert(LI.getAlignment() && "Alignment must be set at this point");
525 if (auto *ST = dyn_cast<StructType>(T)) {
526 // If the struct only have one element, we unpack.
527 if (ST->getNumElements() == 1) {
528 LoadInst *NewLoad = combineLoadToNewType(IC, LI, ST->getTypeAtIndex(0U),
530 return IC.ReplaceInstUsesWith(LI, IC.Builder->CreateInsertValue(
531 UndefValue::get(T), NewLoad, 0, LI.getName()));
535 if (auto *AT = dyn_cast<ArrayType>(T)) {
536 // If the array only have one element, we unpack.
537 if (AT->getNumElements() == 1) {
538 LoadInst *NewLoad = combineLoadToNewType(IC, LI, AT->getElementType(),
540 return IC.ReplaceInstUsesWith(LI, IC.Builder->CreateInsertValue(
541 UndefValue::get(T), NewLoad, 0, LI.getName()));
548 // If we can determine that all possible objects pointed to by the provided
549 // pointer value are, not only dereferenceable, but also definitively less than
550 // or equal to the provided maximum size, then return true. Otherwise, return
551 // false (constant global values and allocas fall into this category).
553 // FIXME: This should probably live in ValueTracking (or similar).
554 static bool isObjectSizeLessThanOrEq(Value *V, uint64_t MaxSize,
555 const DataLayout &DL) {
556 SmallPtrSet<Value *, 4> Visited;
557 SmallVector<Value *, 4> Worklist(1, V);
560 Value *P = Worklist.pop_back_val();
561 P = P->stripPointerCasts();
563 if (!Visited.insert(P).second)
566 if (SelectInst *SI = dyn_cast<SelectInst>(P)) {
567 Worklist.push_back(SI->getTrueValue());
568 Worklist.push_back(SI->getFalseValue());
572 if (PHINode *PN = dyn_cast<PHINode>(P)) {
573 for (Value *IncValue : PN->incoming_values())
574 Worklist.push_back(IncValue);
578 if (GlobalAlias *GA = dyn_cast<GlobalAlias>(P)) {
579 if (GA->mayBeOverridden())
581 Worklist.push_back(GA->getAliasee());
585 // If we know how big this object is, and it is less than MaxSize, continue
586 // searching. Otherwise, return false.
587 if (AllocaInst *AI = dyn_cast<AllocaInst>(P)) {
588 if (!AI->getAllocatedType()->isSized())
591 ConstantInt *CS = dyn_cast<ConstantInt>(AI->getArraySize());
595 uint64_t TypeSize = DL.getTypeAllocSize(AI->getAllocatedType());
596 // Make sure that, even if the multiplication below would wrap as an
597 // uint64_t, we still do the right thing.
598 if ((CS->getValue().zextOrSelf(128)*APInt(128, TypeSize)).ugt(MaxSize))
603 if (GlobalVariable *GV = dyn_cast<GlobalVariable>(P)) {
604 if (!GV->hasDefinitiveInitializer() || !GV->isConstant())
607 uint64_t InitSize = DL.getTypeAllocSize(GV->getType()->getElementType());
608 if (InitSize > MaxSize)
614 } while (!Worklist.empty());
619 // If we're indexing into an object of a known size, and the outer index is
620 // not a constant, but having any value but zero would lead to undefined
621 // behavior, replace it with zero.
623 // For example, if we have:
624 // @f.a = private unnamed_addr constant [1 x i32] [i32 12], align 4
626 // %arrayidx = getelementptr inbounds [1 x i32]* @f.a, i64 0, i64 %x
627 // ... = load i32* %arrayidx, align 4
628 // Then we know that we can replace %x in the GEP with i64 0.
630 // FIXME: We could fold any GEP index to zero that would cause UB if it were
631 // not zero. Currently, we only handle the first such index. Also, we could
632 // also search through non-zero constant indices if we kept track of the
633 // offsets those indices implied.
634 static bool canReplaceGEPIdxWithZero(InstCombiner &IC, GetElementPtrInst *GEPI,
635 Instruction *MemI, unsigned &Idx) {
636 if (GEPI->getNumOperands() < 2)
639 // Find the first non-zero index of a GEP. If all indices are zero, return
640 // one past the last index.
641 auto FirstNZIdx = [](const GetElementPtrInst *GEPI) {
643 for (unsigned IE = GEPI->getNumOperands(); I != IE; ++I) {
644 Value *V = GEPI->getOperand(I);
645 if (const ConstantInt *CI = dyn_cast<ConstantInt>(V))
655 // Skip through initial 'zero' indices, and find the corresponding pointer
656 // type. See if the next index is not a constant.
657 Idx = FirstNZIdx(GEPI);
658 if (Idx == GEPI->getNumOperands())
660 if (isa<Constant>(GEPI->getOperand(Idx)))
663 SmallVector<Value *, 4> Ops(GEPI->idx_begin(), GEPI->idx_begin() + Idx);
664 Type *AllocTy = GetElementPtrInst::getIndexedType(
665 cast<PointerType>(GEPI->getOperand(0)->getType()->getScalarType())
668 if (!AllocTy || !AllocTy->isSized())
670 const DataLayout &DL = IC.getDataLayout();
671 uint64_t TyAllocSize = DL.getTypeAllocSize(AllocTy);
673 // If there are more indices after the one we might replace with a zero, make
674 // sure they're all non-negative. If any of them are negative, the overall
675 // address being computed might be before the base address determined by the
676 // first non-zero index.
677 auto IsAllNonNegative = [&]() {
678 for (unsigned i = Idx+1, e = GEPI->getNumOperands(); i != e; ++i) {
679 bool KnownNonNegative, KnownNegative;
680 IC.ComputeSignBit(GEPI->getOperand(i), KnownNonNegative,
681 KnownNegative, 0, MemI);
682 if (KnownNonNegative)
690 // FIXME: If the GEP is not inbounds, and there are extra indices after the
691 // one we'll replace, those could cause the address computation to wrap
692 // (rendering the IsAllNonNegative() check below insufficient). We can do
693 // better, ignoring zero indices (and other indices we can prove small
694 // enough not to wrap).
695 if (Idx+1 != GEPI->getNumOperands() && !GEPI->isInBounds())
698 // Note that isObjectSizeLessThanOrEq will return true only if the pointer is
699 // also known to be dereferenceable.
700 return isObjectSizeLessThanOrEq(GEPI->getOperand(0), TyAllocSize, DL) &&
704 // If we're indexing into an object with a variable index for the memory
705 // access, but the object has only one element, we can assume that the index
706 // will always be zero. If we replace the GEP, return it.
707 template <typename T>
708 static Instruction *replaceGEPIdxWithZero(InstCombiner &IC, Value *Ptr,
710 if (GetElementPtrInst *GEPI = dyn_cast<GetElementPtrInst>(Ptr)) {
712 if (canReplaceGEPIdxWithZero(IC, GEPI, &MemI, Idx)) {
713 Instruction *NewGEPI = GEPI->clone();
714 NewGEPI->setOperand(Idx,
715 ConstantInt::get(GEPI->getOperand(Idx)->getType(), 0));
716 NewGEPI->insertBefore(GEPI);
717 MemI.setOperand(MemI.getPointerOperandIndex(), NewGEPI);
725 Instruction *InstCombiner::visitLoadInst(LoadInst &LI) {
726 Value *Op = LI.getOperand(0);
728 // Try to canonicalize the loaded type.
729 if (Instruction *Res = combineLoadToOperationType(*this, LI))
732 // Attempt to improve the alignment.
733 unsigned KnownAlign = getOrEnforceKnownAlignment(
734 Op, DL.getPrefTypeAlignment(LI.getType()), DL, &LI, AC, DT);
735 unsigned LoadAlign = LI.getAlignment();
736 unsigned EffectiveLoadAlign =
737 LoadAlign != 0 ? LoadAlign : DL.getABITypeAlignment(LI.getType());
739 if (KnownAlign > EffectiveLoadAlign)
740 LI.setAlignment(KnownAlign);
741 else if (LoadAlign == 0)
742 LI.setAlignment(EffectiveLoadAlign);
744 // Replace GEP indices if possible.
745 if (Instruction *NewGEPI = replaceGEPIdxWithZero(*this, Op, LI)) {
746 Worklist.Add(NewGEPI);
750 // None of the following transforms are legal for volatile/atomic loads.
751 // FIXME: Some of it is okay for atomic loads; needs refactoring.
752 if (!LI.isSimple()) return nullptr;
754 if (Instruction *Res = unpackLoadToAggregate(*this, LI))
757 // Do really simple store-to-load forwarding and load CSE, to catch cases
758 // where there are several consecutive memory accesses to the same location,
759 // separated by a few arithmetic operations.
760 BasicBlock::iterator BBI(LI);
762 if (Value *AvailableVal =
763 FindAvailableLoadedValue(Op, LI.getParent(), BBI,
764 DefMaxInstsToScan, AA, &AATags)) {
765 if (LoadInst *NLI = dyn_cast<LoadInst>(AvailableVal)) {
766 unsigned KnownIDs[] = {
767 LLVMContext::MD_tbaa, LLVMContext::MD_alias_scope,
768 LLVMContext::MD_noalias, LLVMContext::MD_range,
769 LLVMContext::MD_invariant_load, LLVMContext::MD_nonnull,
770 LLVMContext::MD_invariant_group, LLVMContext::MD_align,
771 LLVMContext::MD_dereferenceable,
772 LLVMContext::MD_dereferenceable_or_null};
773 combineMetadata(NLI, &LI, KnownIDs);
776 return ReplaceInstUsesWith(
777 LI, Builder->CreateBitOrPointerCast(AvailableVal, LI.getType(),
778 LI.getName() + ".cast"));
781 // load(gep null, ...) -> unreachable
782 if (GetElementPtrInst *GEPI = dyn_cast<GetElementPtrInst>(Op)) {
783 const Value *GEPI0 = GEPI->getOperand(0);
784 // TODO: Consider a target hook for valid address spaces for this xform.
785 if (isa<ConstantPointerNull>(GEPI0) && GEPI->getPointerAddressSpace() == 0){
786 // Insert a new store to null instruction before the load to indicate
787 // that this code is not reachable. We do this instead of inserting
788 // an unreachable instruction directly because we cannot modify the
790 new StoreInst(UndefValue::get(LI.getType()),
791 Constant::getNullValue(Op->getType()), &LI);
792 return ReplaceInstUsesWith(LI, UndefValue::get(LI.getType()));
796 // load null/undef -> unreachable
797 // TODO: Consider a target hook for valid address spaces for this xform.
798 if (isa<UndefValue>(Op) ||
799 (isa<ConstantPointerNull>(Op) && LI.getPointerAddressSpace() == 0)) {
800 // Insert a new store to null instruction before the load to indicate that
801 // this code is not reachable. We do this instead of inserting an
802 // unreachable instruction directly because we cannot modify the CFG.
803 new StoreInst(UndefValue::get(LI.getType()),
804 Constant::getNullValue(Op->getType()), &LI);
805 return ReplaceInstUsesWith(LI, UndefValue::get(LI.getType()));
808 if (Op->hasOneUse()) {
809 // Change select and PHI nodes to select values instead of addresses: this
810 // helps alias analysis out a lot, allows many others simplifications, and
811 // exposes redundancy in the code.
813 // Note that we cannot do the transformation unless we know that the
814 // introduced loads cannot trap! Something like this is valid as long as
815 // the condition is always false: load (select bool %C, int* null, int* %G),
816 // but it would not be valid if we transformed it to load from null
819 if (SelectInst *SI = dyn_cast<SelectInst>(Op)) {
820 // load (select (Cond, &V1, &V2)) --> select(Cond, load &V1, load &V2).
821 unsigned Align = LI.getAlignment();
822 if (isSafeToLoadUnconditionally(SI->getOperand(1), SI, Align) &&
823 isSafeToLoadUnconditionally(SI->getOperand(2), SI, Align)) {
824 LoadInst *V1 = Builder->CreateLoad(SI->getOperand(1),
825 SI->getOperand(1)->getName()+".val");
826 LoadInst *V2 = Builder->CreateLoad(SI->getOperand(2),
827 SI->getOperand(2)->getName()+".val");
828 V1->setAlignment(Align);
829 V2->setAlignment(Align);
830 return SelectInst::Create(SI->getCondition(), V1, V2);
833 // load (select (cond, null, P)) -> load P
834 if (isa<ConstantPointerNull>(SI->getOperand(1)) &&
835 LI.getPointerAddressSpace() == 0) {
836 LI.setOperand(0, SI->getOperand(2));
840 // load (select (cond, P, null)) -> load P
841 if (isa<ConstantPointerNull>(SI->getOperand(2)) &&
842 LI.getPointerAddressSpace() == 0) {
843 LI.setOperand(0, SI->getOperand(1));
851 /// \brief Combine stores to match the type of value being stored.
853 /// The core idea here is that the memory does not have any intrinsic type and
854 /// where we can we should match the type of a store to the type of value being
857 /// However, this routine must never change the width of a store or the number of
858 /// stores as that would introduce a semantic change. This combine is expected to
859 /// be a semantic no-op which just allows stores to more closely model the types
860 /// of their incoming values.
862 /// Currently, we also refuse to change the precise type used for an atomic or
863 /// volatile store. This is debatable, and might be reasonable to change later.
864 /// However, it is risky in case some backend or other part of LLVM is relying
865 /// on the exact type stored to select appropriate atomic operations.
867 /// \returns true if the store was successfully combined away. This indicates
868 /// the caller must erase the store instruction. We have to let the caller erase
869 /// the store instruction as otherwise there is no way to signal whether it was
870 /// combined or not: IC.EraseInstFromFunction returns a null pointer.
871 static bool combineStoreToValueType(InstCombiner &IC, StoreInst &SI) {
872 // FIXME: We could probably with some care handle both volatile and atomic
873 // stores here but it isn't clear that this is important.
877 Value *V = SI.getValueOperand();
879 // Fold away bit casts of the stored value by storing the original type.
880 if (auto *BC = dyn_cast<BitCastInst>(V)) {
881 V = BC->getOperand(0);
882 combineStoreToNewValue(IC, SI, V);
886 // FIXME: We should also canonicalize loads of vectors when their elements are
887 // cast to other types.
891 static bool unpackStoreToAggregate(InstCombiner &IC, StoreInst &SI) {
892 // FIXME: We could probably with some care handle both volatile and atomic
893 // stores here but it isn't clear that this is important.
897 Value *V = SI.getValueOperand();
898 Type *T = V->getType();
900 if (!T->isAggregateType())
903 if (auto *ST = dyn_cast<StructType>(T)) {
904 // If the struct only have one element, we unpack.
905 if (ST->getNumElements() == 1) {
906 V = IC.Builder->CreateExtractValue(V, 0);
907 combineStoreToNewValue(IC, SI, V);
912 if (auto *AT = dyn_cast<ArrayType>(T)) {
913 // If the array only have one element, we unpack.
914 if (AT->getNumElements() == 1) {
915 V = IC.Builder->CreateExtractValue(V, 0);
916 combineStoreToNewValue(IC, SI, V);
924 /// equivalentAddressValues - Test if A and B will obviously have the same
925 /// value. This includes recognizing that %t0 and %t1 will have the same
926 /// value in code like this:
927 /// %t0 = getelementptr \@a, 0, 3
928 /// store i32 0, i32* %t0
929 /// %t1 = getelementptr \@a, 0, 3
930 /// %t2 = load i32* %t1
932 static bool equivalentAddressValues(Value *A, Value *B) {
933 // Test if the values are trivially equivalent.
934 if (A == B) return true;
936 // Test if the values come form identical arithmetic instructions.
937 // This uses isIdenticalToWhenDefined instead of isIdenticalTo because
938 // its only used to compare two uses within the same basic block, which
939 // means that they'll always either have the same value or one of them
940 // will have an undefined value.
941 if (isa<BinaryOperator>(A) ||
944 isa<GetElementPtrInst>(A))
945 if (Instruction *BI = dyn_cast<Instruction>(B))
946 if (cast<Instruction>(A)->isIdenticalToWhenDefined(BI))
949 // Otherwise they may not be equivalent.
953 Instruction *InstCombiner::visitStoreInst(StoreInst &SI) {
954 Value *Val = SI.getOperand(0);
955 Value *Ptr = SI.getOperand(1);
957 // Try to canonicalize the stored type.
958 if (combineStoreToValueType(*this, SI))
959 return EraseInstFromFunction(SI);
961 // Attempt to improve the alignment.
962 unsigned KnownAlign = getOrEnforceKnownAlignment(
963 Ptr, DL.getPrefTypeAlignment(Val->getType()), DL, &SI, AC, DT);
964 unsigned StoreAlign = SI.getAlignment();
965 unsigned EffectiveStoreAlign =
966 StoreAlign != 0 ? StoreAlign : DL.getABITypeAlignment(Val->getType());
968 if (KnownAlign > EffectiveStoreAlign)
969 SI.setAlignment(KnownAlign);
970 else if (StoreAlign == 0)
971 SI.setAlignment(EffectiveStoreAlign);
973 // Try to canonicalize the stored type.
974 if (unpackStoreToAggregate(*this, SI))
975 return EraseInstFromFunction(SI);
977 // Replace GEP indices if possible.
978 if (Instruction *NewGEPI = replaceGEPIdxWithZero(*this, Ptr, SI)) {
979 Worklist.Add(NewGEPI);
983 // Don't hack volatile/atomic stores.
984 // FIXME: Some bits are legal for atomic stores; needs refactoring.
985 if (!SI.isSimple()) return nullptr;
987 // If the RHS is an alloca with a single use, zapify the store, making the
989 if (Ptr->hasOneUse()) {
990 if (isa<AllocaInst>(Ptr))
991 return EraseInstFromFunction(SI);
992 if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(Ptr)) {
993 if (isa<AllocaInst>(GEP->getOperand(0))) {
994 if (GEP->getOperand(0)->hasOneUse())
995 return EraseInstFromFunction(SI);
1000 // Do really simple DSE, to catch cases where there are several consecutive
1001 // stores to the same location, separated by a few arithmetic operations. This
1002 // situation often occurs with bitfield accesses.
1003 BasicBlock::iterator BBI(SI);
1004 for (unsigned ScanInsts = 6; BBI != SI.getParent()->begin() && ScanInsts;
1007 // Don't count debug info directives, lest they affect codegen,
1008 // and we skip pointer-to-pointer bitcasts, which are NOPs.
1009 if (isa<DbgInfoIntrinsic>(BBI) ||
1010 (isa<BitCastInst>(BBI) && BBI->getType()->isPointerTy())) {
1015 if (StoreInst *PrevSI = dyn_cast<StoreInst>(BBI)) {
1016 // Prev store isn't volatile, and stores to the same location?
1017 if (PrevSI->isSimple() && equivalentAddressValues(PrevSI->getOperand(1),
1018 SI.getOperand(1))) {
1021 EraseInstFromFunction(*PrevSI);
1027 // If this is a load, we have to stop. However, if the loaded value is from
1028 // the pointer we're loading and is producing the pointer we're storing,
1029 // then *this* store is dead (X = load P; store X -> P).
1030 if (LoadInst *LI = dyn_cast<LoadInst>(BBI)) {
1031 if (LI == Val && equivalentAddressValues(LI->getOperand(0), Ptr) &&
1033 return EraseInstFromFunction(SI);
1035 // Otherwise, this is a load from some other location. Stores before it
1040 // Don't skip over loads or things that can modify memory.
1041 if (BBI->mayWriteToMemory() || BBI->mayReadFromMemory())
1045 // store X, null -> turns into 'unreachable' in SimplifyCFG
1046 if (isa<ConstantPointerNull>(Ptr) && SI.getPointerAddressSpace() == 0) {
1047 if (!isa<UndefValue>(Val)) {
1048 SI.setOperand(0, UndefValue::get(Val->getType()));
1049 if (Instruction *U = dyn_cast<Instruction>(Val))
1050 Worklist.Add(U); // Dropped a use.
1052 return nullptr; // Do not modify these!
1055 // store undef, Ptr -> noop
1056 if (isa<UndefValue>(Val))
1057 return EraseInstFromFunction(SI);
1059 // If this store is the last instruction in the basic block (possibly
1060 // excepting debug info instructions), and if the block ends with an
1061 // unconditional branch, try to move it to the successor block.
1062 BBI = SI.getIterator();
1065 } while (isa<DbgInfoIntrinsic>(BBI) ||
1066 (isa<BitCastInst>(BBI) && BBI->getType()->isPointerTy()));
1067 if (BranchInst *BI = dyn_cast<BranchInst>(BBI))
1068 if (BI->isUnconditional())
1069 if (SimplifyStoreAtEndOfBlock(SI))
1070 return nullptr; // xform done!
1075 /// SimplifyStoreAtEndOfBlock - Turn things like:
1076 /// if () { *P = v1; } else { *P = v2 }
1077 /// into a phi node with a store in the successor.
1079 /// Simplify things like:
1080 /// *P = v1; if () { *P = v2; }
1081 /// into a phi node with a store in the successor.
1083 bool InstCombiner::SimplifyStoreAtEndOfBlock(StoreInst &SI) {
1084 BasicBlock *StoreBB = SI.getParent();
1086 // Check to see if the successor block has exactly two incoming edges. If
1087 // so, see if the other predecessor contains a store to the same location.
1088 // if so, insert a PHI node (if needed) and move the stores down.
1089 BasicBlock *DestBB = StoreBB->getTerminator()->getSuccessor(0);
1091 // Determine whether Dest has exactly two predecessors and, if so, compute
1092 // the other predecessor.
1093 pred_iterator PI = pred_begin(DestBB);
1094 BasicBlock *P = *PI;
1095 BasicBlock *OtherBB = nullptr;
1100 if (++PI == pred_end(DestBB))
1109 if (++PI != pred_end(DestBB))
1112 // Bail out if all the relevant blocks aren't distinct (this can happen,
1113 // for example, if SI is in an infinite loop)
1114 if (StoreBB == DestBB || OtherBB == DestBB)
1117 // Verify that the other block ends in a branch and is not otherwise empty.
1118 BasicBlock::iterator BBI(OtherBB->getTerminator());
1119 BranchInst *OtherBr = dyn_cast<BranchInst>(BBI);
1120 if (!OtherBr || BBI == OtherBB->begin())
1123 // If the other block ends in an unconditional branch, check for the 'if then
1124 // else' case. there is an instruction before the branch.
1125 StoreInst *OtherStore = nullptr;
1126 if (OtherBr->isUnconditional()) {
1128 // Skip over debugging info.
1129 while (isa<DbgInfoIntrinsic>(BBI) ||
1130 (isa<BitCastInst>(BBI) && BBI->getType()->isPointerTy())) {
1131 if (BBI==OtherBB->begin())
1135 // If this isn't a store, isn't a store to the same location, or is not the
1136 // right kind of store, bail out.
1137 OtherStore = dyn_cast<StoreInst>(BBI);
1138 if (!OtherStore || OtherStore->getOperand(1) != SI.getOperand(1) ||
1139 !SI.isSameOperationAs(OtherStore))
1142 // Otherwise, the other block ended with a conditional branch. If one of the
1143 // destinations is StoreBB, then we have the if/then case.
1144 if (OtherBr->getSuccessor(0) != StoreBB &&
1145 OtherBr->getSuccessor(1) != StoreBB)
1148 // Okay, we know that OtherBr now goes to Dest and StoreBB, so this is an
1149 // if/then triangle. See if there is a store to the same ptr as SI that
1150 // lives in OtherBB.
1152 // Check to see if we find the matching store.
1153 if ((OtherStore = dyn_cast<StoreInst>(BBI))) {
1154 if (OtherStore->getOperand(1) != SI.getOperand(1) ||
1155 !SI.isSameOperationAs(OtherStore))
1159 // If we find something that may be using or overwriting the stored
1160 // value, or if we run out of instructions, we can't do the xform.
1161 if (BBI->mayReadFromMemory() || BBI->mayWriteToMemory() ||
1162 BBI == OtherBB->begin())
1166 // In order to eliminate the store in OtherBr, we have to
1167 // make sure nothing reads or overwrites the stored value in
1169 for (BasicBlock::iterator I = StoreBB->begin(); &*I != &SI; ++I) {
1170 // FIXME: This should really be AA driven.
1171 if (I->mayReadFromMemory() || I->mayWriteToMemory())
1176 // Insert a PHI node now if we need it.
1177 Value *MergedVal = OtherStore->getOperand(0);
1178 if (MergedVal != SI.getOperand(0)) {
1179 PHINode *PN = PHINode::Create(MergedVal->getType(), 2, "storemerge");
1180 PN->addIncoming(SI.getOperand(0), SI.getParent());
1181 PN->addIncoming(OtherStore->getOperand(0), OtherBB);
1182 MergedVal = InsertNewInstBefore(PN, DestBB->front());
1185 // Advance to a place where it is safe to insert the new store and
1187 BBI = DestBB->getFirstInsertionPt();
1188 StoreInst *NewSI = new StoreInst(MergedVal, SI.getOperand(1),
1192 SI.getSynchScope());
1193 InsertNewInstBefore(NewSI, *BBI);
1194 NewSI->setDebugLoc(OtherStore->getDebugLoc());
1196 // If the two stores had AA tags, merge them.
1198 SI.getAAMetadata(AATags);
1200 OtherStore->getAAMetadata(AATags, /* Merge = */ true);
1201 NewSI->setAAMetadata(AATags);
1204 // Nuke the old stores.
1205 EraseInstFromFunction(SI);
1206 EraseInstFromFunction(*OtherStore);