Taints the non-acquire RMW's store address with the load part

[oota-llvm.git] / lib / CodeGen / TaintRelaxedAtomicsUtils.h

//===- TaintRelaxedAtomicsUtils.h - Utils for Tainting Relaxed Atomics --------===//
//
//                     The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// This file contains util functions for taiting relaxed atomics to enforce
// strong ordering.
//
//===----------------------------------------------------------------------===//

#ifndef _TAINTRELAXEDATOMICSUTILS_H
#define _TAINTRELAXEDATOMICSUTILS_H

#include "llvm/CodeGen/Passes.h"
#include "llvm/ADT/DenseMap.h"
#include "llvm/ADT/SetVector.h"
#include "llvm/ADT/SmallPtrSet.h"
#include "llvm/ADT/SmallSet.h"
#include "llvm/ADT/SmallVector.h"
#include "llvm/ADT/Statistic.h"
#include "llvm/Analysis/InstructionSimplify.h"
#include "llvm/Analysis/MemoryLocation.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/Analysis/ValueTracking.h"
#include "llvm/IR/CallSite.h"
#include "llvm/IR/Constants.h"
#include "llvm/IR/DataLayout.h"
#include "llvm/IR/DerivedTypes.h"
#include "llvm/IR/Dominators.h"
#include "llvm/IR/Function.h"
#include "llvm/IR/GetElementPtrTypeIterator.h"
#include "llvm/IR/IRBuilder.h"
#include "llvm/IR/InlineAsm.h"
#include "llvm/IR/InstIterator.h"
#include "llvm/IR/InstrTypes.h"
#include "llvm/IR/Instructions.h"
#include "llvm/IR/IntrinsicInst.h"
#include "llvm/IR/MDBuilder.h"
#include "llvm/IR/NoFolder.h"
#include "llvm/IR/PatternMatch.h"
#include "llvm/IR/Statepoint.h"
#include "llvm/IR/ValueHandle.h"
#include "llvm/IR/ValueMap.h"
#include "llvm/Pass.h"
#include "llvm/Support/CommandLine.h"
#include "llvm/Support/Debug.h"
#include "llvm/Support/raw_ostream.h"
#include "llvm/Target/TargetLowering.h"
#include "llvm/Target/TargetSubtargetInfo.h"
#include "llvm/Transforms/Utils/BasicBlockUtils.h"
#include "llvm/Transforms/Utils/BuildLibCalls.h"
#include "llvm/Transforms/Utils/BypassSlowDivision.h"
#include "llvm/Transforms/Utils/Local.h"
#include "llvm/Transforms/Utils/SimplifyLibCalls.h"
using namespace llvm;

namespace llvm {

bool StoreAddressDependOnValue(StoreInst* SI, Value* DepVal);

bool LoadAddressDependOnValue(LoadInst* LI, Value* DepVal);

Value* GetUntaintedAddress(Value* CurrentAddress);

// Helper function to create a Cast instruction.
template <typename BuilderTy>
Value* createCast(BuilderTy& Builder, Value* DepVal, Type* TargetIntegerType);

// Given a value, if it's a tainted address, this function returns the
// instruction that ORs the "dependence value" with the "original address".
// Otherwise, returns nullptr.  This instruction is the first OR instruction
// where one of its operand is an AND instruction with an operand being 0.
//
// E.g., it returns '%4 = or i32 %3, %2' given 'CurrentAddress' is '%5'.
// %0 = load i32, i32* @y, align 4, !tbaa !1
// %cmp = icmp ne i32 %0, 42  // <== this is like the condition
// %1 = sext i1 %cmp to i32
// %2 = ptrtoint i32* @x to i32
// %3 = and i32 %1, 0
// %4 = or i32 %3, %2
// %5 = inttoptr i32 %4 to i32*
// store i32 1, i32* %5, align 4
Instruction* getOrAddress(Value* CurrentAddress);

// Given a value, if it's a tainted address, this function returns the
// instruction that taints the "dependence value". Otherwise, returns nullptr.
// This instruction is the last AND instruction where one of its operand is 0.
// E.g., it returns '%3' given 'CurrentAddress' is '%5'.
// %0 = load i32, i32* @y, align 4, !tbaa !1
// %cmp = icmp ne i32 %0, 42  // <== this is like the condition
// %1 = sext i1 %cmp to i32
// %2 = ptrtoint i32* @x to i32
// %3 = and i32 %1, 0
// %4 = or i32 %3, %2
// %5 = inttoptr i32 %4 to i32*
// store i32 1, i32* %5, align 4
Instruction* getAndDependence(Value* CurrentAddress);

// Given a value, if it's a tainted address, this function returns
// the "dependence value", which is the first operand in the AND instruction.
// E.g., it returns '%1' given 'CurrentAddress' is '%5'.
// %0 = load i32, i32* @y, align 4, !tbaa !1
// %cmp = icmp ne i32 %0, 42  // <== this is like the condition
// %1 = sext i1 %cmp to i32
// %2 = ptrtoint i32* @x to i32
// %3 = and i32 %1, 0
// %4 = or i32 %3, %2
// %5 = inttoptr i32 %4 to i32*
// store i32 1, i32* %5, align 4
Value* getDependence(Value* CurrentAddress);

// Given an address that has been tainted, returns the only condition it depends
// on, if any; otherwise, returns nullptr.
Value* getConditionDependence(Value* Address);

// Conservatively decides whether the dependence set of 'Val1' includes the
// dependence set of 'Val2'. If 'ExpandSecondValue' is false, we do not expand
// 'Val2' and use that single value as its dependence set.
// If it returns true, it means the dependence set of 'Val1' includes that of
// 'Val2'; otherwise, it only means we cannot conclusively decide it.
bool dependenceSetInclusion(Value* Val1, Value* Val2,
                            int Val1ExpandLevel,
                            int Val2ExpandLevel);

// Recursively iterates through the operands spawned from 'DepVal'. If there
// exists a single value that 'DepVal' only depends on, we call that value the
// root dependence of 'DepVal' and return it. Otherwise, return 'DepVal'.
Value* getRootDependence(Value* DepVal);

// This function actually taints 'DepVal' to the address to 'SI'. If the
// address
// of 'SI' already depends on whatever 'DepVal' depends on, this function
// doesn't do anything and returns false. Otherwise, returns true.
//
// This effect forces the store and any stores that comes later to depend on
// 'DepVal'. For example, we have a condition "cond", and a store instruction
// "s: STORE addr, val". If we want "s" (and any later store) to depend on
// "cond", we do the following:
// %conv = sext i1 %cond to i32
// %addrVal = ptrtoint i32* %addr to i32
// %andCond = and i32 conv, 0;
// %orAddr = or i32 %andCond, %addrVal;
// %NewAddr = inttoptr i32 %orAddr to i32*;
//
// This is a more concrete example:
// ------
// %0 = load i32, i32* @y, align 4, !tbaa !1
// %cmp = icmp ne i32 %0, 42  // <== this is like the condition
// %1 = sext i1 %cmp to i32
// %2 = ptrtoint i32* @x to i32
// %3 = and i32 %1, 0
// %4 = or i32 %3, %2
// %5 = inttoptr i32 %4 to i32*
// store i32 1, i32* %5, align 4
bool taintStoreAddress(StoreInst* SI, Value* DepVal);

// Given the load part result of a RMW 'LoadPart', taints the address of the
// store exclusive 'Addr' and returns it.
Value* taintRMWStoreAddressWithLoadPart(IRBuilder<>& Builder, Value* Address,
                                        Instruction* LoadPart);

// XXX-comment: Returns true if it changes the code, false otherwise (the
// branch
// condition already depends on 'DepVal'.
bool taintConditionalBranch(BranchInst* BI, Value* DepVal);

bool ConditionalBranchDependsOnValue(BranchInst* BI, Value* DepVal);

// XXX-update: For an instruction (e.g., a relaxed load) 'Inst', find the first
// immediate atomic store or the first conditional branch. Returns nullptr if
// there's no such immediately following store/branch instructions, which we can
// only enforce the load with 'acquire'. 'ChainedBB' contains all the blocks
// chained together with unconditional branches from 'BB' to the block with the
// first store/cond branch.
template <typename Vector>
Instruction* findFirstStoreCondBranchInst(Instruction* Inst, Vector* ChainedBB);

// XXX-update: Find the next node of the last relaxed load from 'FromInst' to
// 'ToInst'. If none, return 'ToInst'.
Instruction* findLastLoadNext(Instruction* FromInst, Instruction* ToInst);

// Inserts a fake conditional branch right after the instruction 'SplitInst',
// and the branch condition is 'Condition'. 'SplitInst' will be placed in the
// newly created block.
void AddFakeConditionalBranch(Instruction* SplitInst, Value* Condition);

// Returns true if the code is changed, and false otherwise.
void TaintRelaxedLoads(Instruction* UsageInst, Instruction* InsertPoint);

// Taints the 'Inst' (i.e., adds a fake conditional block that uses the 'Inst')
// at the beginning of basic block 'BB'. Note that we need to add an appropriate
// PHI node and taint the PHI node. Returns true if the code is changed, and
// false otherwise.
void TaintAtBlockBeginning(Instruction* Inst, BasicBlock* BB);

// XXX-comment: Finds the appropriate Value derived from an atomic load.
// 'ChainedBB' contains all the blocks chained together with unconditional
// branches from LI's parent BB to the block with the first store/cond branch.
// If we don't find any, it means 'LI' is not used at all (which should not
// happen in practice). We can simply set 'LI' to be acquire just to be safe.
template <typename Vector>
Instruction* findMostRecentDependenceUsage(LoadInst* LI, Instruction* LaterInst,
                                           Vector* ChainedBB,
                                           DominatorTree* DT);

// XXX-comment: For an instruction (e.g., a load) 'Inst', and the first upcoming
// store/conditional branch instruction 'FirstInst', returns whether there are
// any intermediate instructions I (including 'FirstInst') that satisfy:
// 1. I is a load/store, and its address depends on 'Inst'.
// 2. I is a conditional branch whose condition depends on 'Inst'.
// Note that 'Inst' and 'FirstInst' can be in different basic blocks, but Inst's
// basic block can unconditionally jumps (by steps) to FirstInst's block.
bool NeedExtraConstraints(Instruction* Inst, Instruction* FirstInst);

// XXX-comment: For an instruction (e.g., a load) 'Inst', returns whether there
// are any intermediate instructions I (including 'FirstInst') that satisfy:
// 1. There are no reachable store/conditional branch before 'I'.
// 2. I is a load/store, and its address depends on 'Inst'.
// 3. I is a conditional branch whose condition depends on 'Inst'.
// Note that 'Inst' and 'FirstInst' can be in different basic blocks, but Inst's
// basic block can unconditionally jumps (by steps) to FirstInst's block.
bool NeedExtraConstraints(Instruction* Inst);

// XXX-comment: Returns whether the code has been changed.
bool AddFakeConditionalBranchAfterMonotonicLoads(
    SmallSet<LoadInst*, 1>& MonotonicLoadInsts, DominatorTree* DT);

/**** Public methods for dependence tainting ****/
Value* GetUntaintedAddress(Value* CurrentAddress);

MemoryLocation GetUntaintedMemoryLocation(StoreInst* SI);

bool TaintDependenceToStore(StoreInst* SI, Value* DepVal);

bool TaintDependenceToStoreAddress(StoreInst* SI, Value* DepVal);

bool CompressTaintedStore(BasicBlock* BB);

bool PassDependenceToStore(Value* OldAddress, StoreInst* NewStore);

SmallSet<Value*, 8> FindDependence(Value* Val);

bool StoreDependOnValue(StoreInst* SI, Value* Dep);

bool ValueDependOnValue(Value * Inst, Value* Dep);

// XXX-update: Checks whether the relaxed load 'LI' has subsequent instructions
// that naturally prevents it from being reordered across later stores.
bool HasSubsequentOrderingProtection(LoadInst* LI);


// XXX-update: Checks whether the tainting to instruction 'I' can be delayed
// with respects to the relaxed load 'LI'. This usually means 'I' itself already
// depends on the 'LI' or 'I' is a store/store-like atomic operation that has
// release semantics.
bool CanDelayTainting(LoadInst* LI, Instruction* I);

} // namespace llvm

#endif