#include "llvm/CodeGen/Passes.h"
#include "llvm/ADT/DenseMap.h"
-#include "llvm/ADT/SetVector.h"
-#include "llvm/ADT/SmallPtrSet.h"
#include "llvm/ADT/SmallSet.h"
-#include "llvm/ADT/SmallVector.h"
#include "llvm/ADT/Statistic.h"
#include "llvm/Analysis/InstructionSimplify.h"
-#include "llvm/Analysis/MemoryLocation.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/Analysis/ValueTracking.h"
#include "llvm/IR/GetElementPtrTypeIterator.h"
#include "llvm/IR/IRBuilder.h"
#include "llvm/IR/InlineAsm.h"
-#include "llvm/IR/InstIterator.h"
-#include "llvm/IR/InstrTypes.h"
#include "llvm/IR/Instructions.h"
#include "llvm/IR/IntrinsicInst.h"
#include "llvm/IR/MDBuilder.h"
-#include "llvm/IR/NoFolder.h"
#include "llvm/IR/PatternMatch.h"
#include "llvm/IR/Statepoint.h"
#include "llvm/IR/ValueHandle.h"
/// DataLayout for the Function being processed.
const DataLayout *DL;
- // XXX-comment:We need DominatorTree to figure out which instruction to
- // taint.
- DominatorTree *DT;
-
public:
static char ID; // Pass identification, replacement for typeid
explicit CodeGenPrepare(const TargetMachine *TM = nullptr)
- : FunctionPass(ID), TM(TM), TLI(nullptr), TTI(nullptr), DL(nullptr),
- DT(nullptr) {
+ : FunctionPass(ID), TM(TM), TLI(nullptr), TTI(nullptr), DL(nullptr) {
initializeCodeGenPreparePass(*PassRegistry::getPassRegistry());
}
bool runOnFunction(Function &F) override;
AU.addPreserved<DominatorTreeWrapperPass>();
AU.addRequired<TargetLibraryInfoWrapperPass>();
AU.addRequired<TargetTransformInfoWrapperPass>();
- AU.addRequired<DominatorTreeWrapperPass>();
}
private:
}
char CodeGenPrepare::ID = 0;
-INITIALIZE_TM_PASS_BEGIN(CodeGenPrepare, "codegenprepare",
- "Optimize for code generation", false, false)
-INITIALIZE_PASS_DEPENDENCY(DominatorTreeWrapperPass)
-INITIALIZE_TM_PASS_END(CodeGenPrepare, "codegenprepare",
+INITIALIZE_TM_PASS(CodeGenPrepare, "codegenprepare",
"Optimize for code generation", false, false)
FunctionPass *llvm::createCodeGenPreparePass(const TargetMachine *TM) {
return new CodeGenPrepare(TM);
}
-namespace {
-
-bool StoreAddressDependOnValue(StoreInst* SI, Value* DepVal);
-Value* GetUntaintedAddress(Value* CurrentAddress);
-
-// The depth we trace down a variable to look for its dependence set.
-const unsigned kDependenceDepth = 4;
-
-// Recursively looks for variables that 'Val' depends on at the given depth
-// 'Depth', and adds them in 'DepSet'. If 'InsertOnlyLeafNodes' is true, only
-// inserts the leaf node values; otherwise, all visited nodes are included in
-// 'DepSet'. Note that constants will be ignored.
-template <typename SetType>
-void recursivelyFindDependence(SetType* DepSet, Value* Val,
- bool InsertOnlyLeafNodes = false,
- unsigned Depth = kDependenceDepth) {
- if (Val == nullptr) {
- return;
- }
- if (!InsertOnlyLeafNodes && !isa<Constant>(Val)) {
- DepSet->insert(Val);
- }
- if (Depth == 0) {
- // Cannot go deeper. Insert the leaf nodes.
- if (InsertOnlyLeafNodes && !isa<Constant>(Val)) {
- DepSet->insert(Val);
- }
- return;
- }
-
- // Go one step further to explore the dependence of the operands.
- Instruction* I = nullptr;
- if ((I = dyn_cast<Instruction>(Val))) {
- if (isa<LoadInst>(I)) {
- // A load is considerd the leaf load of the dependence tree. Done.
- DepSet->insert(Val);
- return;
- } else if (I->isBinaryOp()) {
- BinaryOperator* I = dyn_cast<BinaryOperator>(Val);
- Value *Op0 = I->getOperand(0), *Op1 = I->getOperand(1);
- recursivelyFindDependence(DepSet, Op0, InsertOnlyLeafNodes, Depth - 1);
- recursivelyFindDependence(DepSet, Op1, InsertOnlyLeafNodes, Depth - 1);
- } else if (I->isCast()) {
- Value* Op0 = I->getOperand(0);
- recursivelyFindDependence(DepSet, Op0, InsertOnlyLeafNodes, Depth - 1);
- } else if (I->getOpcode() == Instruction::Select) {
- Value* Op0 = I->getOperand(0);
- Value* Op1 = I->getOperand(1);
- Value* Op2 = I->getOperand(2);
- recursivelyFindDependence(DepSet, Op0, InsertOnlyLeafNodes, Depth - 1);
- recursivelyFindDependence(DepSet, Op1, InsertOnlyLeafNodes, Depth - 1);
- recursivelyFindDependence(DepSet, Op2, InsertOnlyLeafNodes, Depth - 1);
- } else if (I->getOpcode() == Instruction::GetElementPtr) {
- for (unsigned i = 0; i < I->getNumOperands(); i++) {
- recursivelyFindDependence(DepSet, I->getOperand(i), InsertOnlyLeafNodes,
- Depth - 1);
- }
- } else if (I->getOpcode() == Instruction::Store) {
- auto* SI = dyn_cast<StoreInst>(Val);
- recursivelyFindDependence(DepSet, SI->getPointerOperand(),
- InsertOnlyLeafNodes, Depth - 1);
- recursivelyFindDependence(DepSet, SI->getValueOperand(),
- InsertOnlyLeafNodes, Depth - 1);
- } else {
- Value* Op0 = nullptr;
- Value* Op1 = nullptr;
- switch (I->getOpcode()) {
- case Instruction::ICmp:
- case Instruction::FCmp: {
- Op0 = I->getOperand(0);
- Op1 = I->getOperand(1);
- recursivelyFindDependence(DepSet, Op0, InsertOnlyLeafNodes,
- Depth - 1);
- recursivelyFindDependence(DepSet, Op1, InsertOnlyLeafNodes,
- Depth - 1);
- break;
- }
- case Instruction::PHI: {
- for (int i = 0; i < I->getNumOperands(); i++) {
- auto* op = I->getOperand(i);
- if (DepSet->count(op) == 0) {
- recursivelyFindDependence(DepSet, I->getOperand(i),
- InsertOnlyLeafNodes, Depth - 1);
- }
- }
- break;
- }
- default: {
- // Be conservative. Add it and be done with it.
- DepSet->insert(Val);
- return;
- }
- }
- }
- } else if (isa<Constant>(Val)) {
- // Not interested in constant values. Done.
- return;
- } else {
- // Be conservative. Add it and be done with it.
- DepSet->insert(Val);
- return;
- }
-}
-
-// Helper function to create a Cast instruction.
-Value* createCast(IRBuilder<true, NoFolder>& Builder, Value* DepVal,
- Type* TargetIntegerType) {
- Instruction::CastOps CastOp = Instruction::BitCast;
- switch (DepVal->getType()->getTypeID()) {
- case Type::IntegerTyID: {
- assert(TargetIntegerType->getTypeID() == Type::IntegerTyID);
- auto* FromType = dyn_cast<IntegerType>(DepVal->getType());
- auto* ToType = dyn_cast<IntegerType>(TargetIntegerType);
- assert(FromType && ToType);
- if (FromType->getBitWidth() <= ToType->getBitWidth()) {
- CastOp = Instruction::ZExt;
- } else {
- CastOp = Instruction::Trunc;
- }
- break;
- }
- case Type::FloatTyID:
- case Type::DoubleTyID: {
- CastOp = Instruction::FPToSI;
- break;
- }
- case Type::PointerTyID: {
- CastOp = Instruction::PtrToInt;
- break;
- }
- default: { break; }
- }
-
- return Builder.CreateCast(CastOp, DepVal, TargetIntegerType);
-}
-
-// Given a value, if it's a tainted address, this function returns the
-// instruction that ORs the "dependence value" with the "original address".
-// Otherwise, returns nullptr. This instruction is the first OR instruction
-// where one of its operand is an AND instruction with an operand being 0.
-//
-// E.g., it returns '%4 = or i32 %3, %2' given 'CurrentAddress' is '%5'.
-// %0 = load i32, i32* @y, align 4, !tbaa !1
-// %cmp = icmp ne i32 %0, 42 // <== this is like the condition
-// %1 = sext i1 %cmp to i32
-// %2 = ptrtoint i32* @x to i32
-// %3 = and i32 %1, 0
-// %4 = or i32 %3, %2
-// %5 = inttoptr i32 %4 to i32*
-// store i32 1, i32* %5, align 4
-Instruction* getOrAddress(Value* CurrentAddress) {
- // Is it a cast from integer to pointer type.
- Instruction* OrAddress = nullptr;
- Instruction* AndDep = nullptr;
- Instruction* CastToInt = nullptr;
- Value* ActualAddress = nullptr;
- Constant* ZeroConst = nullptr;
-
- const Instruction* CastToPtr = dyn_cast<Instruction>(CurrentAddress);
- if (CastToPtr && CastToPtr->getOpcode() == Instruction::IntToPtr) {
- // Is it an OR instruction: %1 = or %and, %actualAddress.
- if ((OrAddress = dyn_cast<Instruction>(CastToPtr->getOperand(0))) &&
- OrAddress->getOpcode() == Instruction::Or) {
- // The first operand should be and AND instruction.
- AndDep = dyn_cast<Instruction>(OrAddress->getOperand(0));
- if (AndDep && AndDep->getOpcode() == Instruction::And) {
- // Also make sure its first operand of the "AND" is 0, or the "AND" is
- // marked explicitly by "NoInstCombine".
- if ((ZeroConst = dyn_cast<Constant>(AndDep->getOperand(1))) &&
- ZeroConst->isNullValue()) {
- return OrAddress;
- }
- }
- }
- }
- // Looks like it's not been tainted.
- return nullptr;
-}
-
-// Given a value, if it's a tainted address, this function returns the
-// instruction that taints the "dependence value". Otherwise, returns nullptr.
-// This instruction is the last AND instruction where one of its operand is 0.
-// E.g., it returns '%3' given 'CurrentAddress' is '%5'.
-// %0 = load i32, i32* @y, align 4, !tbaa !1
-// %cmp = icmp ne i32 %0, 42 // <== this is like the condition
-// %1 = sext i1 %cmp to i32
-// %2 = ptrtoint i32* @x to i32
-// %3 = and i32 %1, 0
-// %4 = or i32 %3, %2
-// %5 = inttoptr i32 %4 to i32*
-// store i32 1, i32* %5, align 4
-Instruction* getAndDependence(Value* CurrentAddress) {
- // If 'CurrentAddress' is tainted, get the OR instruction.
- auto* OrAddress = getOrAddress(CurrentAddress);
- if (OrAddress == nullptr) {
- return nullptr;
- }
-
- // No need to check the operands.
- auto* AndDepInst = dyn_cast<Instruction>(OrAddress->getOperand(0));
- assert(AndDepInst);
- return AndDepInst;
-}
-
-// Given a value, if it's a tainted address, this function returns
-// the "dependence value", which is the first operand in the AND instruction.
-// E.g., it returns '%1' given 'CurrentAddress' is '%5'.
-// %0 = load i32, i32* @y, align 4, !tbaa !1
-// %cmp = icmp ne i32 %0, 42 // <== this is like the condition
-// %1 = sext i1 %cmp to i32
-// %2 = ptrtoint i32* @x to i32
-// %3 = and i32 %1, 0
-// %4 = or i32 %3, %2
-// %5 = inttoptr i32 %4 to i32*
-// store i32 1, i32* %5, align 4
-Value* getDependence(Value* CurrentAddress) {
- auto* AndInst = getAndDependence(CurrentAddress);
- if (AndInst == nullptr) {
- return nullptr;
- }
- return AndInst->getOperand(0);
-}
-
-// Given an address that has been tainted, returns the only condition it depends
-// on, if any; otherwise, returns nullptr.
-Value* getConditionDependence(Value* Address) {
- auto* Dep = getDependence(Address);
- if (Dep == nullptr) {
- // 'Address' has not been dependence-tainted.
- return nullptr;
- }
-
- Value* Operand = Dep;
- while (true) {
- auto* Inst = dyn_cast<Instruction>(Operand);
- if (Inst == nullptr) {
- // Non-instruction type does not have condition dependence.
- return nullptr;
- }
- if (Inst->getOpcode() == Instruction::ICmp) {
- return Inst;
- } else {
- if (Inst->getNumOperands() != 1) {
- return nullptr;
- } else {
- Operand = Inst->getOperand(0);
- }
- }
- }
-}
-
-// Conservatively decides whether the dependence set of 'Val1' includes the
-// dependence set of 'Val2'. If 'ExpandSecondValue' is false, we do not expand
-// 'Val2' and use that single value as its dependence set.
-// If it returns true, it means the dependence set of 'Val1' includes that of
-// 'Val2'; otherwise, it only means we cannot conclusively decide it.
-bool dependenceSetInclusion(Value* Val1, Value* Val2,
- int Val1ExpandLevel = 2 * kDependenceDepth,
- int Val2ExpandLevel = kDependenceDepth) {
- typedef SmallSet<Value*, 8> IncludingSet;
- typedef SmallSet<Value*, 4> IncludedSet;
-
- IncludingSet DepSet1;
- IncludedSet DepSet2;
- // Look for more depths for the including set.
- recursivelyFindDependence(&DepSet1, Val1, false /*Insert all visited nodes*/,
- Val1ExpandLevel);
- recursivelyFindDependence(&DepSet2, Val2, true /*Only insert leaf nodes*/,
- Val2ExpandLevel);
-
- auto set_inclusion = [](IncludingSet FullSet, IncludedSet Subset) {
- for (auto* Dep : Subset) {
- if (0 == FullSet.count(Dep)) {
- return false;
- }
- }
- return true;
- };
- bool inclusion = set_inclusion(DepSet1, DepSet2);
- DEBUG(dbgs() << "[dependenceSetInclusion]: " << inclusion << "\n");
- DEBUG(dbgs() << "Including set for: " << *Val1 << "\n");
- DEBUG(for (const auto* Dep : DepSet1) { dbgs() << "\t\t" << *Dep << "\n"; });
- DEBUG(dbgs() << "Included set for: " << *Val2 << "\n");
- DEBUG(for (const auto* Dep : DepSet2) { dbgs() << "\t\t" << *Dep << "\n"; });
-
- return inclusion;
-}
-
-// Recursively iterates through the operands spawned from 'DepVal'. If there
-// exists a single value that 'DepVal' only depends on, we call that value the
-// root dependence of 'DepVal' and return it. Otherwise, return 'DepVal'.
-Value* getRootDependence(Value* DepVal) {
- SmallSet<Value*, 8> DepSet;
- for (unsigned depth = kDependenceDepth; depth > 0; --depth) {
- recursivelyFindDependence(&DepSet, DepVal, true /*Only insert leaf nodes*/,
- depth);
- if (DepSet.size() == 1) {
- return *DepSet.begin();
- }
- DepSet.clear();
- }
- return DepVal;
-}
-
-// This function actually taints 'DepVal' to the address to 'SI'. If the
-// address
-// of 'SI' already depends on whatever 'DepVal' depends on, this function
-// doesn't do anything and returns false. Otherwise, returns true.
-//
-// This effect forces the store and any stores that comes later to depend on
-// 'DepVal'. For example, we have a condition "cond", and a store instruction
-// "s: STORE addr, val". If we want "s" (and any later store) to depend on
-// "cond", we do the following:
-// %conv = sext i1 %cond to i32
-// %addrVal = ptrtoint i32* %addr to i32
-// %andCond = and i32 conv, 0;
-// %orAddr = or i32 %andCond, %addrVal;
-// %NewAddr = inttoptr i32 %orAddr to i32*;
-//
-// This is a more concrete example:
-// ------
-// %0 = load i32, i32* @y, align 4, !tbaa !1
-// %cmp = icmp ne i32 %0, 42 // <== this is like the condition
-// %1 = sext i1 %cmp to i32
-// %2 = ptrtoint i32* @x to i32
-// %3 = and i32 %1, 0
-// %4 = or i32 %3, %2
-// %5 = inttoptr i32 %4 to i32*
-// store i32 1, i32* %5, align 4
-bool taintStoreAddress(StoreInst* SI, Value* DepVal) {
- // Set the insertion point right after the 'DepVal'.
- Instruction* Inst = nullptr;
- IRBuilder<true, NoFolder> Builder(SI);
- BasicBlock* BB = SI->getParent();
- Value* Address = SI->getPointerOperand();
- Type* TargetIntegerType =
- IntegerType::get(Address->getContext(),
- BB->getModule()->getDataLayout().getPointerSizeInBits());
-
- // Does SI's address already depends on whatever 'DepVal' depends on?
- if (StoreAddressDependOnValue(SI, DepVal)) {
- return false;
- }
-
- // Figure out if there's a root variable 'DepVal' depends on. For example, we
- // can extract "getelementptr inbounds %struct, %struct* %0, i64 0, i32 123"
- // to be "%struct* %0" since all other operands are constant.
- auto* RootVal = getRootDependence(DepVal);
- auto* RootInst = dyn_cast<Instruction>(RootVal);
- auto* DepValInst = dyn_cast<Instruction>(DepVal);
- if (RootInst && DepValInst &&
- RootInst->getParent() == DepValInst->getParent()) {
- DepVal = RootVal;
- }
-
- // Is this already a dependence-tainted store?
- Value* OldDep = getDependence(Address);
- if (OldDep) {
- // The address of 'SI' has already been tainted. Just need to absorb the
- // DepVal to the existing dependence in the address of SI.
- Instruction* AndDep = getAndDependence(Address);
- IRBuilder<true, NoFolder> Builder(AndDep);
- Value* NewDep = nullptr;
- if (DepVal->getType() == AndDep->getType()) {
- NewDep = Builder.CreateAnd(OldDep, DepVal);
- } else {
- NewDep = Builder.CreateAnd(
- OldDep, createCast(Builder, DepVal, TargetIntegerType));
- }
-
- auto* NewDepInst = dyn_cast<Instruction>(NewDep);
-
- // Use the new AND instruction as the dependence
- AndDep->setOperand(0, NewDep);
- return true;
- }
-
- // SI's address has not been tainted. Now taint it with 'DepVal'.
- Value* CastDepToInt = createCast(Builder, DepVal, TargetIntegerType);
- Value* PtrToIntCast = Builder.CreatePtrToInt(Address, TargetIntegerType);
- Value* AndDepVal =
- Builder.CreateAnd(CastDepToInt, ConstantInt::get(TargetIntegerType, 0));
- auto AndInst = dyn_cast<Instruction>(AndDepVal);
- // XXX-comment: The original IR InstCombiner would change our and instruction
- // to a select and then the back end optimize the condition out. We attach a
- // flag to instructions and set it here to inform the InstCombiner to not to
- // touch this and instruction at all.
- Value* OrAddr = Builder.CreateOr(AndDepVal, PtrToIntCast);
- Value* NewAddr = Builder.CreateIntToPtr(OrAddr, Address->getType());
-
- DEBUG(dbgs() << "[taintStoreAddress]\n"
- << "Original store: " << *SI << '\n');
- SI->setOperand(1, NewAddr);
-
- // Debug output.
- DEBUG(dbgs() << "\tTargetIntegerType: " << *TargetIntegerType << '\n'
- << "\tCast dependence value to integer: " << *CastDepToInt
- << '\n'
- << "\tCast address to integer: " << *PtrToIntCast << '\n'
- << "\tAnd dependence value: " << *AndDepVal << '\n'
- << "\tOr address: " << *OrAddr << '\n'
- << "\tCast or instruction to address: " << *NewAddr << "\n\n");
-
- return true;
-}
-
-// Looks for the previous store in the if block --- 'BrBB', which makes the
-// speculative store 'StoreToHoist' safe.
-Value* getSpeculativeStoreInPrevBB(StoreInst* StoreToHoist, BasicBlock* BrBB) {
- assert(StoreToHoist && "StoreToHoist must be a real store");
-
- Value* StorePtr = StoreToHoist->getPointerOperand();
-
- // Look for a store to the same pointer in BrBB.
- for (BasicBlock::reverse_iterator RI = BrBB->rbegin(), RE = BrBB->rend();
- RI != RE; ++RI) {
- Instruction* CurI = &*RI;
-
- StoreInst* SI = dyn_cast<StoreInst>(CurI);
- // Found the previous store make sure it stores to the same location.
- // XXX-update: If the previous store's original untainted address are the
- // same as 'StorePtr', we are also good to hoist the store.
- if (SI && (SI->getPointerOperand() == StorePtr ||
- GetUntaintedAddress(SI->getPointerOperand()) == StorePtr)) {
- // Found the previous store, return its value operand.
- return SI;
- }
- }
-
- assert(false &&
- "We should not reach here since this store is safe to speculate");
-}
-
-// XXX-comment: Returns true if it changes the code, false otherwise (the branch
-// condition already depends on 'DepVal'.
-bool taintConditionalBranch(BranchInst* BI, Value* DepVal) {
- assert(BI->isConditional());
- auto* Cond = BI->getOperand(0);
- if (dependenceSetInclusion(Cond, DepVal)) {
- // The dependence/ordering is self-evident.
- return false;
- }
-
- IRBuilder<true, NoFolder> Builder(BI);
- auto* AndDep =
- Builder.CreateAnd(DepVal, ConstantInt::get(DepVal->getType(), 0));
- auto* TruncAndDep =
- Builder.CreateTrunc(AndDep, IntegerType::get(DepVal->getContext(), 1));
- auto* OrCond = Builder.CreateOr(TruncAndDep, Cond);
- BI->setOperand(0, OrCond);
-
- // Debug output.
- DEBUG(dbgs() << "\tTainted branch condition:\n" << *BI->getParent());
-
- return true;
-}
-
-bool ConditionalBranchDependsOnValue(BranchInst* BI, Value* DepVal) {
- assert(BI->isConditional());
- auto* Cond = BI->getOperand(0);
- return dependenceSetInclusion(Cond, DepVal);
-}
-
-// XXX-update: For a relaxed load 'LI', find the first immediate atomic store or
-// the first conditional branch. Returns nullptr if there's no such immediately
-// following store/branch instructions, which we can only enforce the load with
-// 'acquire'. 'ChainedBB' contains all the blocks chained together with
-// unconditional branches from 'BB' to the block with the first store/cond
-// branch.
-template <typename Vector>
-Instruction* findFirstStoreCondBranchInst(LoadInst* LI, Vector* ChainedBB) {
- // In some situations, relaxed loads can be left as is:
- // 1. The relaxed load is used to calculate the address of the immediate
- // following store;
- // 2. The relaxed load is used as a condition in the immediate following
- // condition, and there are no stores in between. This is actually quite
- // common. E.g.,
- // int r1 = x.load(relaxed);
- // if (r1 != 0) {
- // y.store(1, relaxed);
- // }
- // However, in this function, we don't deal with them directly. Instead, we
- // just find the immediate following store/condition branch and return it.
-
- assert(ChainedBB != nullptr && "Chained BB should not be nullptr");
- auto* BB = LI->getParent();
- ChainedBB->push_back(BB);
- auto BE = BB->end();
- auto BBI = BasicBlock::iterator(LI);
- BBI++;
- while (true) {
- for (; BBI != BE; BBI++) {
- Instruction* Inst = &*BBI;
- IntrinsicInst* II = dyn_cast<IntrinsicInst>(&*BBI);
- if (II && II->getIntrinsicID() == Intrinsic::aarch64_stlxr) {
- return II;
- } else if (Inst->getOpcode() == Instruction::Store) {
- return Inst;
- } else if (Inst->getOpcode() == Instruction::Br) {
- auto* BrInst = dyn_cast<BranchInst>(Inst);
- if (BrInst->isConditional()) {
- return Inst;
- } else {
- // Reinitialize iterators with the destination of the unconditional
- // branch.
- BB = BrInst->getSuccessor(0);
- ChainedBB->push_back(BB);
- BBI = BB->begin();
- BE = BB->end();
- break;
- }
- }
- }
- if (BBI == BE) {
- return nullptr;
- }
- }
-}
-
-// XXX-update: Find the next node of the last relaxed load from 'FromInst' to
-// 'ToInst'. If none, return 'ToInst'.
-Instruction* findLastLoadNext(Instruction* FromInst, Instruction* ToInst) {
- if (FromInst == ToInst) {
- return ToInst;
- }
- Instruction* LastLoad = ToInst;
- auto* BB = FromInst->getParent();
- auto BE = BB->end();
- auto BBI = BasicBlock::iterator(FromInst);
- BBI++;
- for (; BBI != BE && &*BBI != ToInst; BBI++) {
- auto* LI = dyn_cast<LoadInst>(&*BBI);
- if (LI == nullptr || !LI->isAtomic() || LI->getOrdering() != Monotonic) {
- continue;
- }
- LastLoad = LI;
- LastLoad = LastLoad->getNextNode();
- }
- return LastLoad;
-}
-
-// Inserts a fake conditional branch right after the instruction 'SplitInst',
-// and the branch condition is 'Condition'. 'SplitInst' will be placed in the
-// newly created block.
-void AddFakeConditionalBranch(Instruction* SplitInst, Value* Condition) {
- auto* BB = SplitInst->getParent();
- TerminatorInst* ThenTerm = nullptr;
- TerminatorInst* ElseTerm = nullptr;
- SplitBlockAndInsertIfThenElse(Condition, SplitInst, &ThenTerm, &ElseTerm);
- assert(ThenTerm && ElseTerm &&
- "Then/Else terminators cannot be empty after basic block spliting");
- auto* ThenBB = ThenTerm->getParent();
- auto* ElseBB = ElseTerm->getParent();
- auto* TailBB = ThenBB->getSingleSuccessor();
- assert(TailBB && "Tail block cannot be empty after basic block spliting");
-
- ThenBB->disableCanEliminateBlock();
- ThenBB->disableCanEliminateBlock();
- TailBB->disableCanEliminateBlock();
- ThenBB->setName(BB->getName() + "Then.Fake");
- ElseBB->setName(BB->getName() + "Else.Fake");
- DEBUG(dbgs() << "Add fake conditional branch:\n"
- << "Then Block:\n"
- << *ThenBB << "Else Block:\n"
- << *ElseBB << "\n");
-}
-
-// Returns true if the code is changed, and false otherwise.
-void TaintRelaxedLoads(Instruction* UsageInst, Instruction* InsertPoint) {
- // For better performance, we can add a "AND X 0" instruction before the
- // condition.
- auto* BB = UsageInst->getParent();
- if (InsertPoint == nullptr) {
- InsertPoint = UsageInst->getNextNode();
- }
- // Insert instructions after PHI nodes.
- while (dyn_cast<PHINode>(InsertPoint)) {
- InsertPoint = InsertPoint->getNextNode();
- }
- // First thing is to cast 'UsageInst' to an integer type if necessary.
- Value* AndTarget = nullptr;
- Type* TargetIntegerType =
- IntegerType::get(UsageInst->getContext(),
- BB->getModule()->getDataLayout().getPointerSizeInBits());
-
- // Check whether InsertPoint is a added fake conditional branch.
- BranchInst* BI = nullptr;
- if ((BI = dyn_cast<BranchInst>(InsertPoint)) && BI->isConditional()) {
- auto* Cond = dyn_cast<Instruction>(BI->getOperand(0));
- if (Cond && Cond->getOpcode() == Instruction::ICmp) {
- auto* CmpInst = dyn_cast<ICmpInst>(Cond);
- auto* Op0 = dyn_cast<Instruction>(Cond->getOperand(0));
- auto* Op1 = dyn_cast<ConstantInt>(Cond->getOperand(1));
- // %tmp = And X, 0
- // %cmp = ICMP_NE %tmp, 0
- // Br %cmp
- // =>
- // %tmp1 = And X, NewTaintedVal
- // %tmp2 = And %tmp1, 0
- // %cmp = ICMP_NE %tmp2, 0
- // Br %cmp
- if (CmpInst && CmpInst->getPredicate() == CmpInst::ICMP_NE && Op0 &&
- Op0->getOpcode() == Instruction::And && Op1 && Op1->isZero()) {
- auto* Op01 = dyn_cast<ConstantInt>(Op0->getOperand(1));
- if (Op01 && Op01->isZero()) {
- // Now we have a previously added fake cond branch.
- auto* Op00 = Op0->getOperand(0);
- IRBuilder<true, NoFolder> Builder(CmpInst);
- if (Op00->getType() == UsageInst->getType()) {
- AndTarget = UsageInst;
- } else {
- AndTarget = createCast(Builder, UsageInst, Op00->getType());
- }
- AndTarget = Builder.CreateAnd(Op00, AndTarget);
- auto* AndZero = dyn_cast<Instruction>(Builder.CreateAnd(
- AndTarget, Constant::getNullValue(AndTarget->getType())));
- CmpInst->setOperand(0, AndZero);
- return;
- }
- }
- }
- }
-
- IRBuilder<true, NoFolder> Builder(InsertPoint);
- if (IntegerType::classof(UsageInst->getType())) {
- AndTarget = UsageInst;
- } else {
- AndTarget = createCast(Builder, UsageInst, TargetIntegerType);
- }
- auto* AndZero = dyn_cast<Instruction>(
- Builder.CreateAnd(AndTarget, Constant::getNullValue(AndTarget->getType())));
- auto* FakeCondition = dyn_cast<Instruction>(Builder.CreateICmp(
- CmpInst::ICMP_NE, AndZero, Constant::getNullValue(AndTarget->getType())));
- AddFakeConditionalBranch(FakeCondition->getNextNode(), FakeCondition);
-}
-
-// XXX-comment: Finds the appropriate Value derived from an atomic load.
-// 'ChainedBB' contains all the blocks chained together with unconditional
-// branches from LI's parent BB to the block with the first store/cond branch.
-// If we don't find any, it means 'LI' is not used at all (which should not
-// happen in practice). We can simply set 'LI' to be acquire just to be safe.
-template <typename Vector>
-Instruction* findMostRecentDependenceUsage(LoadInst* LI, Instruction* LaterInst,
- Vector* ChainedBB,
- DominatorTree* DT) {
- typedef SmallSet<Instruction*, 8> UsageSet;
- typedef DenseMap<BasicBlock*, std::unique_ptr<UsageSet>> UsageMap;
- assert(ChainedBB->size() >= 1 && "ChainedBB must have >=1 size");
- // Mapping from basic block in 'ChainedBB' to the set of dependence usage of
- // 'LI' in each block.
- UsageMap usage_map;
- auto* LoadBB = LI->getParent();
- usage_map[LoadBB] = make_unique<UsageSet>();
- usage_map[LoadBB]->insert(LI);
-
- for (auto* BB : *ChainedBB) {
- if (usage_map[BB] == nullptr) {
- usage_map[BB] = make_unique<UsageSet>();
- }
- auto& usage_set = usage_map[BB];
- if (usage_set->size() == 0) {
- // The value has not been used.
- return nullptr;
- }
- // Calculate the usage in the current BB first.
- std::list<Value*> bb_usage_list;
- std::copy(usage_set->begin(), usage_set->end(),
- std::back_inserter(bb_usage_list));
- for (auto list_iter = bb_usage_list.begin();
- list_iter != bb_usage_list.end(); list_iter++) {
- auto* val = *list_iter;
- for (auto* U : val->users()) {
- Instruction* Inst = nullptr;
- if (!(Inst = dyn_cast<Instruction>(U))) {
- continue;
- }
- assert(Inst && "Usage value must be an instruction");
- auto iter =
- std::find(ChainedBB->begin(), ChainedBB->end(), Inst->getParent());
- if (iter == ChainedBB->end()) {
- // Only care about usage within ChainedBB.
- continue;
- }
- auto* UsageBB = *iter;
- if (UsageBB == BB) {
- // Current BB.
- if (!usage_set->count(Inst)) {
- bb_usage_list.push_back(Inst);
- usage_set->insert(Inst);
- }
- } else {
- // A following BB.
- if (usage_map[UsageBB] == nullptr) {
- usage_map[UsageBB] = make_unique<UsageSet>();
- }
- usage_map[UsageBB]->insert(Inst);
- }
- }
- }
- }
-
- // Pick one usage that is in LaterInst's block and that dominates 'LaterInst'.
- auto* LaterBB = LaterInst->getParent();
- auto& usage_set = usage_map[LaterBB];
- Instruction* usage_inst = nullptr;
- for (auto* inst : *usage_set) {
- if (DT->dominates(inst, LaterInst)) {
- usage_inst = inst;
- break;
- }
- }
-
- assert(usage_inst && "The usage instruction in the same block but after the "
- "later instruction");
- return usage_inst;
-}
-
-// XXX-comment: Returns whether the code has been changed.
-bool AddFakeConditionalBranchAfterMonotonicLoads(
- SmallSet<LoadInst*, 1>& MonotonicLoadInsts, DominatorTree* DT) {
- bool Changed = false;
- while (!MonotonicLoadInsts.empty()) {
- auto* LI = *MonotonicLoadInsts.begin();
- MonotonicLoadInsts.erase(LI);
- SmallVector<BasicBlock*, 2> ChainedBB;
- auto* FirstInst = findFirstStoreCondBranchInst(LI, &ChainedBB);
- if (FirstInst != nullptr) {
- if (FirstInst->getOpcode() == Instruction::Store) {
- if (StoreAddressDependOnValue(dyn_cast<StoreInst>(FirstInst), LI)) {
- continue;
- }
- } else if (FirstInst->getOpcode() == Instruction::Br) {
- if (ConditionalBranchDependsOnValue(dyn_cast<BranchInst>(FirstInst),
- LI)) {
- continue;
- }
- } else {
- IntrinsicInst* II = dyn_cast<IntrinsicInst>(FirstInst);
- if (!II || II->getIntrinsicID() != Intrinsic::aarch64_stlxr) {
- dbgs() << "FirstInst=" << *FirstInst << "\n";
- assert(false && "findFirstStoreCondBranchInst() should return a "
- "store/condition branch instruction");
- }
- }
- }
-
- // We really need to process the relaxed load now.
- StoreInst* SI = nullptr;
- IntrinsicInst* II = nullptr;
- if (FirstInst) {
- SI = dyn_cast<StoreInst>(FirstInst);
- II = dyn_cast<IntrinsicInst>(FirstInst);
- }
- if (FirstInst &&
- (SI || (II && II->getIntrinsicID() == Intrinsic::aarch64_stlxr))) {
- // For immediately coming stores, taint the address of the store.
- if (FirstInst->getParent() == LI->getParent() ||
- DT->dominates(LI, FirstInst)) {
- TaintRelaxedLoads(LI, FirstInst);
- Changed = true;
- } else {
- auto* Inst =
- findMostRecentDependenceUsage(LI, FirstInst, &ChainedBB, DT);
- if (!Inst) {
- LI->setOrdering(Acquire);
- Changed = true;
- } else {
- TaintRelaxedLoads(Inst, FirstInst);
- Changed = true;
- }
- }
- } else {
- // No upcoming branch
- if (!FirstInst) {
- TaintRelaxedLoads(LI, nullptr);
- Changed = true;
- } else {
- // For immediately coming branch, directly add a fake branch.
- if (FirstInst->getParent() == LI->getParent() ||
- DT->dominates(LI, FirstInst)) {
- TaintRelaxedLoads(LI, FirstInst);
- Changed = true;
- } else {
- auto* Inst =
- findMostRecentDependenceUsage(LI, FirstInst, &ChainedBB, DT);
- if (Inst) {
- TaintRelaxedLoads(Inst, FirstInst);
- } else {
- LI->setOrdering(Acquire);
- }
- Changed = true;
- }
- }
- }
- }
- return Changed;
-}
-
-// XXX-comment: Returns whether the code has been changed.
-bool ConvertMonotonicLoadsToAcquire(SmallSet<LoadInst*, 1>& MonotonicLoadInsts)
-{
- bool Changed = false;
- while (!MonotonicLoadInsts.empty()) {
- auto* LI = *MonotonicLoadInsts.begin();
- MonotonicLoadInsts.erase(LI);
- SmallVector<BasicBlock*, 2> ChainedBB;
- auto* FirstInst = findFirstStoreCondBranchInst(LI, &ChainedBB);
- if (FirstInst != nullptr) {
- if (FirstInst->getOpcode() == Instruction::Store) {
- if (StoreAddressDependOnValue(dyn_cast<StoreInst>(FirstInst), LI)) {
- continue;
- }
- } else if (FirstInst->getOpcode() == Instruction::Br) {
- if (ConditionalBranchDependsOnValue(dyn_cast<BranchInst>(FirstInst),
- LI)) {
- continue;
- }
- } else {
- IntrinsicInst* II = dyn_cast<IntrinsicInst>(FirstInst);
- if (!II || II->getIntrinsicID() != Intrinsic::aarch64_stlxr) {
- dbgs() << "FirstInst=" << *FirstInst << "\n";
- assert(false && "findFirstStoreCondBranchInst() should return a "
- "store/condition branch instruction");
- }
- }
- }
-
- // We really need convert the load to acquire.
- LI->setOrdering(Acquire);
- }
- return Changed;
-}
-
-/**** Implementations of public methods for dependence tainting ****/
-Value* GetUntaintedAddress(Value* CurrentAddress) {
- auto* OrAddress = getOrAddress(CurrentAddress);
- if (OrAddress == nullptr) {
- // Is it tainted by a select instruction?
- auto* Inst = dyn_cast<Instruction>(CurrentAddress);
- if (nullptr != Inst && Inst->getOpcode() == Instruction::Select) {
- // A selection instruction.
- if (Inst->getOperand(1) == Inst->getOperand(2)) {
- return Inst->getOperand(1);
- }
- }
-
- return CurrentAddress;
- }
- Value* ActualAddress = nullptr;
-
- auto* CastToInt = dyn_cast<Instruction>(OrAddress->getOperand(1));
- if (CastToInt && CastToInt->getOpcode() == Instruction::PtrToInt) {
- return CastToInt->getOperand(0);
- } else {
- // This should be a IntToPtr constant expression.
- ConstantExpr* PtrToIntExpr =
- dyn_cast<ConstantExpr>(OrAddress->getOperand(1));
- if (PtrToIntExpr && PtrToIntExpr->getOpcode() == Instruction::PtrToInt) {
- return PtrToIntExpr->getOperand(0);
- }
- }
-
- // Looks like it's not been dependence-tainted. Returns itself.
- return CurrentAddress;
-}
-
-MemoryLocation GetUntaintedMemoryLocation(StoreInst* SI) {
- AAMDNodes AATags;
- SI->getAAMetadata(AATags);
- const auto& DL = SI->getModule()->getDataLayout();
- const auto* OriginalAddr = GetUntaintedAddress(SI->getPointerOperand());
- DEBUG(if (OriginalAddr != SI->getPointerOperand()) {
- dbgs() << "[GetUntaintedMemoryLocation]\n"
- << "Storing address: " << *SI->getPointerOperand()
- << "\nUntainted address: " << *OriginalAddr << "\n";
- });
- return MemoryLocation(OriginalAddr,
- DL.getTypeStoreSize(SI->getValueOperand()->getType()),
- AATags);
-}
-
-bool TaintDependenceToStore(StoreInst* SI, Value* DepVal) {
- if (dependenceSetInclusion(SI, DepVal)) {
- return false;
- }
-
- bool tainted = taintStoreAddress(SI, DepVal);
- assert(tainted);
- return tainted;
-}
-
-bool TaintDependenceToStoreAddress(StoreInst* SI, Value* DepVal) {
- if (dependenceSetInclusion(SI->getPointerOperand(), DepVal)) {
- return false;
- }
-
- bool tainted = taintStoreAddress(SI, DepVal);
- assert(tainted);
- return tainted;
-}
-
-bool CompressTaintedStore(BasicBlock* BB) {
- // This function looks for windows of adajcent stores in 'BB' that satisfy the
- // following condition (and then do optimization):
- // *Addr(d1) = v1, d1 is a condition and is the only dependence the store's
- // address depends on && Dep(v1) includes Dep(d1);
- // *Addr(d2) = v2, d2 is a condition and is the only dependnece the store's
- // address depends on && Dep(v2) includes Dep(d2) &&
- // Dep(d2) includes Dep(d1);
- // ...
- // *Addr(dN) = vN, dN is a condition and is the only dependence the store's
- // address depends on && Dep(dN) includes Dep(d"N-1").
- //
- // As a result, Dep(dN) includes [Dep(d1) V ... V Dep(d"N-1")], so we can
- // safely transform the above to the following. In between these stores, we
- // can omit untainted stores to the same address 'Addr' since they internally
- // have dependence on the previous stores on the same address.
- // =>
- // *Addr = v1
- // *Addr = v2
- // *Addr(d3) = v3
- for (auto BI = BB->begin(), BE = BB->end(); BI != BE; BI++) {
- // Look for the first store in such a window of adajacent stores.
- auto* FirstSI = dyn_cast<StoreInst>(&*BI);
- if (!FirstSI) {
- continue;
- }
-
- // The first store in the window must be tainted.
- auto* UntaintedAddress = GetUntaintedAddress(FirstSI->getPointerOperand());
- if (UntaintedAddress == FirstSI->getPointerOperand()) {
- continue;
- }
-
- // The first store's address must directly depend on and only depend on a
- // condition.
- auto* FirstSIDepCond = getConditionDependence(FirstSI->getPointerOperand());
- if (nullptr == FirstSIDepCond) {
- continue;
- }
-
- // Dep(first store's storing value) includes Dep(tainted dependence).
- if (!dependenceSetInclusion(FirstSI->getValueOperand(), FirstSIDepCond)) {
- continue;
- }
-
- // Look for subsequent stores to the same address that satisfy the condition
- // of "compressing the dependence".
- SmallVector<StoreInst*, 8> AdajacentStores;
- AdajacentStores.push_back(FirstSI);
- auto BII = BasicBlock::iterator(FirstSI);
- for (BII++; BII != BE; BII++) {
- auto* CurrSI = dyn_cast<StoreInst>(&*BII);
- if (!CurrSI) {
- if (BII->mayHaveSideEffects()) {
- // Be conservative. Instructions with side effects are similar to
- // stores.
- break;
- }
- continue;
- }
-
- auto* OrigAddress = GetUntaintedAddress(CurrSI->getPointerOperand());
- auto* CurrSIDepCond = getConditionDependence(CurrSI->getPointerOperand());
- // All other stores must satisfy either:
- // A. 'CurrSI' is an untainted store to the same address, or
- // B. the combination of the following 5 subconditions:
- // 1. Tainted;
- // 2. Untainted address is the same as the group's address;
- // 3. The address is tainted with a sole value which is a condition;
- // 4. The storing value depends on the condition in 3.
- // 5. The condition in 3 depends on the previous stores dependence
- // condition.
-
- // Condition A. Should ignore this store directly.
- if (OrigAddress == CurrSI->getPointerOperand() &&
- OrigAddress == UntaintedAddress) {
- continue;
- }
- // Check condition B.
- Value* Cond = nullptr;
- if (OrigAddress == CurrSI->getPointerOperand() ||
- OrigAddress != UntaintedAddress || CurrSIDepCond == nullptr ||
- !dependenceSetInclusion(CurrSI->getValueOperand(), CurrSIDepCond)) {
- // Check condition 1, 2, 3 & 4.
- break;
- }
-
- // Check condition 5.
- StoreInst* PrevSI = AdajacentStores[AdajacentStores.size() - 1];
- auto* PrevSIDepCond = getConditionDependence(PrevSI->getPointerOperand());
- assert(PrevSIDepCond &&
- "Store in the group must already depend on a condtion");
- if (!dependenceSetInclusion(CurrSIDepCond, PrevSIDepCond)) {
- break;
- }
-
- AdajacentStores.push_back(CurrSI);
- }
-
- if (AdajacentStores.size() == 1) {
- // The outer loop should keep looking from the next store.
- continue;
- }
-
- // Now we have such a group of tainted stores to the same address.
- DEBUG(dbgs() << "[CompressTaintedStore]\n");
- DEBUG(dbgs() << "Original BB\n");
- DEBUG(dbgs() << *BB << '\n');
- auto* LastSI = AdajacentStores[AdajacentStores.size() - 1];
- for (unsigned i = 0; i < AdajacentStores.size() - 1; ++i) {
- auto* SI = AdajacentStores[i];
-
- // Use the original address for stores before the last one.
- SI->setOperand(1, UntaintedAddress);
-
- DEBUG(dbgs() << "Store address has been reversed: " << *SI << '\n';);
- }
- // XXX-comment: Try to make the last store use fewer registers.
- // If LastSI's storing value is a select based on the condition with which
- // its address is tainted, transform the tainted address to a select
- // instruction, as follows:
- // r1 = Select Cond ? A : B
- // r2 = Cond & 0
- // r3 = Addr | r2
- // *r3 = r1
- // ==>
- // r1 = Select Cond ? A : B
- // r2 = Select Cond ? Addr : Addr
- // *r2 = r1
- // The idea is that both Select instructions depend on the same condition,
- // so hopefully the backend can generate two cmov instructions for them (and
- // this saves the number of registers needed).
- auto* LastSIDep = getConditionDependence(LastSI->getPointerOperand());
- auto* LastSIValue = dyn_cast<Instruction>(LastSI->getValueOperand());
- if (LastSIValue && LastSIValue->getOpcode() == Instruction::Select &&
- LastSIValue->getOperand(0) == LastSIDep) {
- // XXX-comment: Maybe it's better for us to just leave it as an and/or
- // dependence pattern.
- // /*
- IRBuilder<true, NoFolder> Builder(LastSI);
- auto* Address =
- Builder.CreateSelect(LastSIDep, UntaintedAddress, UntaintedAddress);
- LastSI->setOperand(1, Address);
- DEBUG(dbgs() << "The last store becomes :" << *LastSI << "\n\n";);
- // */
- }
- }
-
- return true;
-}
-
-bool PassDependenceToStore(Value* OldAddress, StoreInst* NewStore) {
- Value* OldDep = getDependence(OldAddress);
- // Return false when there's no dependence to pass from the OldAddress.
- if (!OldDep) {
- return false;
- }
-
- // No need to pass the dependence to NewStore's address if it already depends
- // on whatever 'OldAddress' depends on.
- if (StoreAddressDependOnValue(NewStore, OldDep)) {
- return false;
- }
- return taintStoreAddress(NewStore, OldAddress);
-}
-
-SmallSet<Value*, 8> FindDependence(Value* Val) {
- SmallSet<Value*, 8> DepSet;
- recursivelyFindDependence(&DepSet, Val, true /*Only insert leaf nodes*/);
- return DepSet;
-}
-
-bool StoreAddressDependOnValue(StoreInst* SI, Value* DepVal) {
- return dependenceSetInclusion(SI->getPointerOperand(), DepVal);
-}
-
-bool StoreDependOnValue(StoreInst* SI, Value* Dep) {
- return dependenceSetInclusion(SI, Dep);
-}
-
-} // namespace
-
-
-
bool CodeGenPrepare::runOnFunction(Function &F) {
- bool EverMadeChange = false;
-
if (skipOptnoneFunction(F))
return false;
DL = &F.getParent()->getDataLayout();
+ bool EverMadeChange = false;
// Clear per function information.
InsertedInsts.clear();
PromotedInsts.clear();
TLI = TM->getSubtargetImpl(F)->getTargetLowering();
TLInfo = &getAnalysis<TargetLibraryInfoWrapperPass>().getTLI();
TTI = &getAnalysis<TargetTransformInfoWrapperPass>().getTTI(F);
- DT = &getAnalysis<DominatorTreeWrapperPass>().getDomTree();
OptSize = F.optForSize();
/// This optimization identifies DIV instructions that can be
for (auto &I : Statepoints)
EverMadeChange |= simplifyOffsetableRelocate(*I);
}
+
return EverMadeChange;
}
// Note that this intentionally skips the entry block.
for (Function::iterator I = std::next(F.begin()), E = F.end(); I != E;) {
BasicBlock *BB = &*I++;
+
// If this block doesn't end with an uncond branch, ignore it.
BranchInst *BI = dyn_cast<BranchInst>(BB->getTerminator());
if (!BI || !BI->isUnconditional())
const Instruction *UI = cast<Instruction>(U);
if (UI->getParent() != DestBB || !isa<PHINode>(UI))
return false;
- // IfUser is inside DestBB block and it is a PHINode then check
+ // If User is inside DestBB block and it is a PHINode then check
// incoming value. If incoming value is not from BB then this is
// a complex condition (e.g. preheaders) we want to avoid here.
if (UI->getParent() == DestBB) {
projects / oota-llvm.git / commitdiff