1 //===- CallPromotionUtils.cpp - Utilities for call promotion ----*- C++ -*-===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // This file implements utilities useful for promoting indirect call sites to 10 // direct call sites. 11 // 12 //===----------------------------------------------------------------------===// 13 14 #include "llvm/Transforms/Utils/CallPromotionUtils.h" 15 #include "llvm/Analysis/Loads.h" 16 #include "llvm/Analysis/TypeMetadataUtils.h" 17 #include "llvm/IR/IRBuilder.h" 18 #include "llvm/IR/Instructions.h" 19 #include "llvm/Transforms/Utils/BasicBlockUtils.h" 20 21 using namespace llvm; 22 23 #define DEBUG_TYPE "call-promotion-utils" 24 25 /// Fix-up phi nodes in an invoke instruction's normal destination. 26 /// 27 /// After versioning an invoke instruction, values coming from the original 28 /// block will now be coming from the "merge" block. For example, in the code 29 /// below: 30 /// 31 /// then_bb: 32 /// %t0 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 33 /// 34 /// else_bb: 35 /// %t1 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 36 /// 37 /// merge_bb: 38 /// %t2 = phi i32 [ %t0, %then_bb ], [ %t1, %else_bb ] 39 /// br %normal_dst 40 /// 41 /// normal_dst: 42 /// %t3 = phi i32 [ %x, %orig_bb ], ... 43 /// 44 /// "orig_bb" is no longer a predecessor of "normal_dst", so the phi nodes in 45 /// "normal_dst" must be fixed to refer to "merge_bb": 46 /// 47 /// normal_dst: 48 /// %t3 = phi i32 [ %x, %merge_bb ], ... 49 /// 50 static void fixupPHINodeForNormalDest(InvokeInst *Invoke, BasicBlock *OrigBlock, 51 BasicBlock *MergeBlock) { 52 for (PHINode &Phi : Invoke->getNormalDest()->phis()) { 53 int Idx = Phi.getBasicBlockIndex(OrigBlock); 54 if (Idx == -1) 55 continue; 56 Phi.setIncomingBlock(Idx, MergeBlock); 57 } 58 } 59 60 /// Fix-up phi nodes in an invoke instruction's unwind destination. 61 /// 62 /// After versioning an invoke instruction, values coming from the original 63 /// block will now be coming from either the "then" block or the "else" block. 64 /// For example, in the code below: 65 /// 66 /// then_bb: 67 /// %t0 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 68 /// 69 /// else_bb: 70 /// %t1 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 71 /// 72 /// unwind_dst: 73 /// %t3 = phi i32 [ %x, %orig_bb ], ... 74 /// 75 /// "orig_bb" is no longer a predecessor of "unwind_dst", so the phi nodes in 76 /// "unwind_dst" must be fixed to refer to "then_bb" and "else_bb": 77 /// 78 /// unwind_dst: 79 /// %t3 = phi i32 [ %x, %then_bb ], [ %x, %else_bb ], ... 80 /// 81 static void fixupPHINodeForUnwindDest(InvokeInst *Invoke, BasicBlock *OrigBlock, 82 BasicBlock *ThenBlock, 83 BasicBlock *ElseBlock) { 84 for (PHINode &Phi : Invoke->getUnwindDest()->phis()) { 85 int Idx = Phi.getBasicBlockIndex(OrigBlock); 86 if (Idx == -1) 87 continue; 88 auto *V = Phi.getIncomingValue(Idx); 89 Phi.setIncomingBlock(Idx, ThenBlock); 90 Phi.addIncoming(V, ElseBlock); 91 } 92 } 93 94 /// Create a phi node for the returned value of a call or invoke instruction. 95 /// 96 /// After versioning a call or invoke instruction that returns a value, we have 97 /// to merge the value of the original and new instructions. We do this by 98 /// creating a phi node and replacing uses of the original instruction with this 99 /// phi node. 100 /// 101 /// For example, if \p OrigInst is defined in "else_bb" and \p NewInst is 102 /// defined in "then_bb", we create the following phi node: 103 /// 104 /// ; Uses of the original instruction are replaced by uses of the phi node. 105 /// %t0 = phi i32 [ %orig_inst, %else_bb ], [ %new_inst, %then_bb ], 106 /// 107 static void createRetPHINode(Instruction *OrigInst, Instruction *NewInst, 108 BasicBlock *MergeBlock, IRBuilder<> &Builder) { 109 110 if (OrigInst->getType()->isVoidTy() || OrigInst->use_empty()) 111 return; 112 113 Builder.SetInsertPoint(&MergeBlock->front()); 114 PHINode *Phi = Builder.CreatePHI(OrigInst->getType(), 0); 115 SmallVector<User *, 16> UsersToUpdate(OrigInst->users()); 116 for (User *U : UsersToUpdate) 117 U->replaceUsesOfWith(OrigInst, Phi); 118 Phi->addIncoming(OrigInst, OrigInst->getParent()); 119 Phi->addIncoming(NewInst, NewInst->getParent()); 120 } 121 122 /// Cast a call or invoke instruction to the given type. 123 /// 124 /// When promoting a call site, the return type of the call site might not match 125 /// that of the callee. If this is the case, we have to cast the returned value 126 /// to the correct type. The location of the cast depends on if we have a call 127 /// or invoke instruction. 128 /// 129 /// For example, if the call instruction below requires a bitcast after 130 /// promotion: 131 /// 132 /// orig_bb: 133 /// %t0 = call i32 @func() 134 /// ... 135 /// 136 /// The bitcast is placed after the call instruction: 137 /// 138 /// orig_bb: 139 /// ; Uses of the original return value are replaced by uses of the bitcast. 140 /// %t0 = call i32 @func() 141 /// %t1 = bitcast i32 %t0 to ... 142 /// ... 143 /// 144 /// A similar transformation is performed for invoke instructions. However, 145 /// since invokes are terminating, a new block is created for the bitcast. For 146 /// example, if the invoke instruction below requires a bitcast after promotion: 147 /// 148 /// orig_bb: 149 /// %t0 = invoke i32 @func() to label %normal_dst unwind label %unwind_dst 150 /// 151 /// The edge between the original block and the invoke's normal destination is 152 /// split, and the bitcast is placed there: 153 /// 154 /// orig_bb: 155 /// %t0 = invoke i32 @func() to label %split_bb unwind label %unwind_dst 156 /// 157 /// split_bb: 158 /// ; Uses of the original return value are replaced by uses of the bitcast. 159 /// %t1 = bitcast i32 %t0 to ... 160 /// br label %normal_dst 161 /// 162 static void createRetBitCast(CallBase &CB, Type *RetTy, CastInst **RetBitCast) { 163 164 // Save the users of the calling instruction. These uses will be changed to 165 // use the bitcast after we create it. 166 SmallVector<User *, 16> UsersToUpdate(CB.users()); 167 168 // Determine an appropriate location to create the bitcast for the return 169 // value. The location depends on if we have a call or invoke instruction. 170 Instruction *InsertBefore = nullptr; 171 if (auto *Invoke = dyn_cast<InvokeInst>(&CB)) 172 InsertBefore = 173 &SplitEdge(Invoke->getParent(), Invoke->getNormalDest())->front(); 174 else 175 InsertBefore = &*std::next(CB.getIterator()); 176 177 // Bitcast the return value to the correct type. 178 auto *Cast = CastInst::CreateBitOrPointerCast(&CB, RetTy, "", InsertBefore); 179 if (RetBitCast) 180 *RetBitCast = Cast; 181 182 // Replace all the original uses of the calling instruction with the bitcast. 183 for (User *U : UsersToUpdate) 184 U->replaceUsesOfWith(&CB, Cast); 185 } 186 187 /// Predicate and clone the given call site. 188 /// 189 /// This function creates an if-then-else structure at the location of the call 190 /// site. The "if" condition compares the call site's called value to the given 191 /// callee. The original call site is moved into the "else" block, and a clone 192 /// of the call site is placed in the "then" block. The cloned instruction is 193 /// returned. 194 /// 195 /// For example, the call instruction below: 196 /// 197 /// orig_bb: 198 /// %t0 = call i32 %ptr() 199 /// ... 200 /// 201 /// Is replace by the following: 202 /// 203 /// orig_bb: 204 /// %cond = icmp eq i32 ()* %ptr, @func 205 /// br i1 %cond, %then_bb, %else_bb 206 /// 207 /// then_bb: 208 /// ; The clone of the original call instruction is placed in the "then" 209 /// ; block. It is not yet promoted. 210 /// %t1 = call i32 %ptr() 211 /// br merge_bb 212 /// 213 /// else_bb: 214 /// ; The original call instruction is moved to the "else" block. 215 /// %t0 = call i32 %ptr() 216 /// br merge_bb 217 /// 218 /// merge_bb: 219 /// ; Uses of the original call instruction are replaced by uses of the phi 220 /// ; node. 221 /// %t2 = phi i32 [ %t0, %else_bb ], [ %t1, %then_bb ] 222 /// ... 223 /// 224 /// A similar transformation is performed for invoke instructions. However, 225 /// since invokes are terminating, more work is required. For example, the 226 /// invoke instruction below: 227 /// 228 /// orig_bb: 229 /// %t0 = invoke %ptr() to label %normal_dst unwind label %unwind_dst 230 /// 231 /// Is replace by the following: 232 /// 233 /// orig_bb: 234 /// %cond = icmp eq i32 ()* %ptr, @func 235 /// br i1 %cond, %then_bb, %else_bb 236 /// 237 /// then_bb: 238 /// ; The clone of the original invoke instruction is placed in the "then" 239 /// ; block, and its normal destination is set to the "merge" block. It is 240 /// ; not yet promoted. 241 /// %t1 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 242 /// 243 /// else_bb: 244 /// ; The original invoke instruction is moved into the "else" block, and 245 /// ; its normal destination is set to the "merge" block. 246 /// %t0 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 247 /// 248 /// merge_bb: 249 /// ; Uses of the original invoke instruction are replaced by uses of the 250 /// ; phi node, and the merge block branches to the normal destination. 251 /// %t2 = phi i32 [ %t0, %else_bb ], [ %t1, %then_bb ] 252 /// br %normal_dst 253 /// 254 /// An indirect musttail call is processed slightly differently in that: 255 /// 1. No merge block needed for the orginal and the cloned callsite, since 256 /// either one ends the flow. No phi node is needed either. 257 /// 2. The return statement following the original call site is duplicated too 258 /// and placed immediately after the cloned call site per the IR convention. 259 /// 260 /// For example, the musttail call instruction below: 261 /// 262 /// orig_bb: 263 /// %t0 = musttail call i32 %ptr() 264 /// ... 265 /// 266 /// Is replaced by the following: 267 /// 268 /// cond_bb: 269 /// %cond = icmp eq i32 ()* %ptr, @func 270 /// br i1 %cond, %then_bb, %orig_bb 271 /// 272 /// then_bb: 273 /// ; The clone of the original call instruction is placed in the "then" 274 /// ; block. It is not yet promoted. 275 /// %t1 = musttail call i32 %ptr() 276 /// ret %t1 277 /// 278 /// orig_bb: 279 /// ; The original call instruction stays in its original block. 280 /// %t0 = musttail call i32 %ptr() 281 /// ret %t0 282 CallBase &llvm::versionCallSite(CallBase &CB, Value *Callee, 283 MDNode *BranchWeights) { 284 285 IRBuilder<> Builder(&CB); 286 CallBase *OrigInst = &CB; 287 BasicBlock *OrigBlock = OrigInst->getParent(); 288 289 // Create the compare. The called value and callee must have the same type to 290 // be compared. 291 if (CB.getCalledOperand()->getType() != Callee->getType()) 292 Callee = Builder.CreateBitCast(Callee, CB.getCalledOperand()->getType()); 293 auto *Cond = Builder.CreateICmpEQ(CB.getCalledOperand(), Callee); 294 295 if (OrigInst->isMustTailCall()) { 296 // Create an if-then structure. The original instruction stays in its block, 297 // and a clone of the original instruction is placed in the "then" block. 298 Instruction *ThenTerm = 299 SplitBlockAndInsertIfThen(Cond, &CB, false, BranchWeights); 300 BasicBlock *ThenBlock = ThenTerm->getParent(); 301 ThenBlock->setName("if.true.direct_targ"); 302 CallBase *NewInst = cast<CallBase>(OrigInst->clone()); 303 NewInst->insertBefore(ThenTerm); 304 305 // Place a clone of the optional bitcast after the new call site. 306 Value *NewRetVal = NewInst; 307 auto Next = OrigInst->getNextNode(); 308 if (auto *BitCast = dyn_cast_or_null<BitCastInst>(Next)) { 309 assert(BitCast->getOperand(0) == OrigInst && 310 "bitcast following musttail call must use the call"); 311 auto NewBitCast = BitCast->clone(); 312 NewBitCast->replaceUsesOfWith(OrigInst, NewInst); 313 NewBitCast->insertBefore(ThenTerm); 314 NewRetVal = NewBitCast; 315 Next = BitCast->getNextNode(); 316 } 317 318 // Place a clone of the return instruction after the new call site. 319 ReturnInst *Ret = dyn_cast_or_null<ReturnInst>(Next); 320 assert(Ret && "musttail call must precede a ret with an optional bitcast"); 321 auto NewRet = Ret->clone(); 322 if (Ret->getReturnValue()) 323 NewRet->replaceUsesOfWith(Ret->getReturnValue(), NewRetVal); 324 NewRet->insertBefore(ThenTerm); 325 326 // A return instructions is terminating, so we don't need the terminator 327 // instruction just created. 328 ThenTerm->eraseFromParent(); 329 330 return *NewInst; 331 } 332 333 // Create an if-then-else structure. The original instruction is moved into 334 // the "else" block, and a clone of the original instruction is placed in the 335 // "then" block. 336 Instruction *ThenTerm = nullptr; 337 Instruction *ElseTerm = nullptr; 338 SplitBlockAndInsertIfThenElse(Cond, &CB, &ThenTerm, &ElseTerm, BranchWeights); 339 BasicBlock *ThenBlock = ThenTerm->getParent(); 340 BasicBlock *ElseBlock = ElseTerm->getParent(); 341 BasicBlock *MergeBlock = OrigInst->getParent(); 342 343 ThenBlock->setName("if.true.direct_targ"); 344 ElseBlock->setName("if.false.orig_indirect"); 345 MergeBlock->setName("if.end.icp"); 346 347 CallBase *NewInst = cast<CallBase>(OrigInst->clone()); 348 OrigInst->moveBefore(ElseTerm); 349 NewInst->insertBefore(ThenTerm); 350 351 // If the original call site is an invoke instruction, we have extra work to 352 // do since invoke instructions are terminating. We have to fix-up phi nodes 353 // in the invoke's normal and unwind destinations. 354 if (auto *OrigInvoke = dyn_cast<InvokeInst>(OrigInst)) { 355 auto *NewInvoke = cast<InvokeInst>(NewInst); 356 357 // Invoke instructions are terminating, so we don't need the terminator 358 // instructions that were just created. 359 ThenTerm->eraseFromParent(); 360 ElseTerm->eraseFromParent(); 361 362 // Branch from the "merge" block to the original normal destination. 363 Builder.SetInsertPoint(MergeBlock); 364 Builder.CreateBr(OrigInvoke->getNormalDest()); 365 366 // Fix-up phi nodes in the original invoke's normal and unwind destinations. 367 fixupPHINodeForNormalDest(OrigInvoke, OrigBlock, MergeBlock); 368 fixupPHINodeForUnwindDest(OrigInvoke, MergeBlock, ThenBlock, ElseBlock); 369 370 // Now set the normal destinations of the invoke instructions to be the 371 // "merge" block. 372 OrigInvoke->setNormalDest(MergeBlock); 373 NewInvoke->setNormalDest(MergeBlock); 374 } 375 376 // Create a phi node for the returned value of the call site. 377 createRetPHINode(OrigInst, NewInst, MergeBlock, Builder); 378 379 return *NewInst; 380 } 381 382 bool llvm::isLegalToPromote(const CallBase &CB, Function *Callee, 383 const char **FailureReason) { 384 assert(!CB.getCalledFunction() && "Only indirect call sites can be promoted"); 385 386 auto &DL = Callee->getParent()->getDataLayout(); 387 388 // Check the return type. The callee's return value type must be bitcast 389 // compatible with the call site's type. 390 Type *CallRetTy = CB.getType(); 391 Type *FuncRetTy = Callee->getReturnType(); 392 if (CallRetTy != FuncRetTy) 393 if (!CastInst::isBitOrNoopPointerCastable(FuncRetTy, CallRetTy, DL)) { 394 if (FailureReason) 395 *FailureReason = "Return type mismatch"; 396 return false; 397 } 398 399 // The number of formal arguments of the callee. 400 unsigned NumParams = Callee->getFunctionType()->getNumParams(); 401 402 // The number of actual arguments in the call. 403 unsigned NumArgs = CB.arg_size(); 404 405 // Check the number of arguments. The callee and call site must agree on the 406 // number of arguments. 407 if (NumArgs != NumParams && !Callee->isVarArg()) { 408 if (FailureReason) 409 *FailureReason = "The number of arguments mismatch"; 410 return false; 411 } 412 413 // Check the argument types. The callee's formal argument types must be 414 // bitcast compatible with the corresponding actual argument types of the call 415 // site. 416 unsigned I = 0; 417 for (; I < NumParams; ++I) { 418 // Make sure that the callee and call agree on byval/inalloca. The types do 419 // not have to match. 420 if (Callee->hasParamAttribute(I, Attribute::ByVal) != 421 CB.getAttributes().hasParamAttr(I, Attribute::ByVal)) { 422 if (FailureReason) 423 *FailureReason = "byval mismatch"; 424 return false; 425 } 426 if (Callee->hasParamAttribute(I, Attribute::InAlloca) != 427 CB.getAttributes().hasParamAttr(I, Attribute::InAlloca)) { 428 if (FailureReason) 429 *FailureReason = "inalloca mismatch"; 430 return false; 431 } 432 433 Type *FormalTy = Callee->getFunctionType()->getFunctionParamType(I); 434 Type *ActualTy = CB.getArgOperand(I)->getType(); 435 if (FormalTy == ActualTy) 436 continue; 437 if (!CastInst::isBitOrNoopPointerCastable(ActualTy, FormalTy, DL)) { 438 if (FailureReason) 439 *FailureReason = "Argument type mismatch"; 440 return false; 441 } 442 443 // MustTail call needs stricter type match. See 444 // Verifier::verifyMustTailCall(). 445 if (CB.isMustTailCall()) { 446 PointerType *PF = dyn_cast<PointerType>(FormalTy); 447 PointerType *PA = dyn_cast<PointerType>(ActualTy); 448 if (!PF || !PA || PF->getAddressSpace() != PA->getAddressSpace()) { 449 if (FailureReason) 450 *FailureReason = "Musttail call Argument type mismatch"; 451 return false; 452 } 453 } 454 } 455 for (; I < NumArgs; I++) { 456 // Vararg functions can have more arguments than parameters. 457 assert(Callee->isVarArg()); 458 if (CB.paramHasAttr(I, Attribute::StructRet)) { 459 if (FailureReason) 460 *FailureReason = "SRet arg to vararg function"; 461 return false; 462 } 463 } 464 465 return true; 466 } 467 468 CallBase &llvm::promoteCall(CallBase &CB, Function *Callee, 469 CastInst **RetBitCast) { 470 assert(!CB.getCalledFunction() && "Only indirect call sites can be promoted"); 471 472 // Set the called function of the call site to be the given callee (but don't 473 // change the type). 474 CB.setCalledOperand(Callee); 475 476 // Since the call site will no longer be direct, we must clear metadata that 477 // is only appropriate for indirect calls. This includes !prof and !callees 478 // metadata. 479 CB.setMetadata(LLVMContext::MD_prof, nullptr); 480 CB.setMetadata(LLVMContext::MD_callees, nullptr); 481 482 // If the function type of the call site matches that of the callee, no 483 // additional work is required. 484 if (CB.getFunctionType() == Callee->getFunctionType()) 485 return CB; 486 487 // Save the return types of the call site and callee. 488 Type *CallSiteRetTy = CB.getType(); 489 Type *CalleeRetTy = Callee->getReturnType(); 490 491 // Change the function type of the call site the match that of the callee. 492 CB.mutateFunctionType(Callee->getFunctionType()); 493 494 // Inspect the arguments of the call site. If an argument's type doesn't 495 // match the corresponding formal argument's type in the callee, bitcast it 496 // to the correct type. 497 auto CalleeType = Callee->getFunctionType(); 498 auto CalleeParamNum = CalleeType->getNumParams(); 499 500 LLVMContext &Ctx = Callee->getContext(); 501 const AttributeList &CallerPAL = CB.getAttributes(); 502 // The new list of argument attributes. 503 SmallVector<AttributeSet, 4> NewArgAttrs; 504 bool AttributeChanged = false; 505 506 for (unsigned ArgNo = 0; ArgNo < CalleeParamNum; ++ArgNo) { 507 auto *Arg = CB.getArgOperand(ArgNo); 508 Type *FormalTy = CalleeType->getParamType(ArgNo); 509 Type *ActualTy = Arg->getType(); 510 if (FormalTy != ActualTy) { 511 auto *Cast = CastInst::CreateBitOrPointerCast(Arg, FormalTy, "", &CB); 512 CB.setArgOperand(ArgNo, Cast); 513 514 // Remove any incompatible attributes for the argument. 515 AttrBuilder ArgAttrs(Ctx, CallerPAL.getParamAttrs(ArgNo)); 516 ArgAttrs.remove(AttributeFuncs::typeIncompatible(FormalTy)); 517 518 // We may have a different byval/inalloca type. 519 if (ArgAttrs.getByValType()) 520 ArgAttrs.addByValAttr(Callee->getParamByValType(ArgNo)); 521 if (ArgAttrs.getInAllocaType()) 522 ArgAttrs.addInAllocaAttr(Callee->getParamInAllocaType(ArgNo)); 523 524 NewArgAttrs.push_back(AttributeSet::get(Ctx, ArgAttrs)); 525 AttributeChanged = true; 526 } else 527 NewArgAttrs.push_back(CallerPAL.getParamAttrs(ArgNo)); 528 } 529 530 // If the return type of the call site doesn't match that of the callee, cast 531 // the returned value to the appropriate type. 532 // Remove any incompatible return value attribute. 533 AttrBuilder RAttrs(Ctx, CallerPAL.getRetAttrs()); 534 if (!CallSiteRetTy->isVoidTy() && CallSiteRetTy != CalleeRetTy) { 535 createRetBitCast(CB, CallSiteRetTy, RetBitCast); 536 RAttrs.remove(AttributeFuncs::typeIncompatible(CalleeRetTy)); 537 AttributeChanged = true; 538 } 539 540 // Set the new callsite attribute. 541 if (AttributeChanged) 542 CB.setAttributes(AttributeList::get(Ctx, CallerPAL.getFnAttrs(), 543 AttributeSet::get(Ctx, RAttrs), 544 NewArgAttrs)); 545 546 return CB; 547 } 548 549 CallBase &llvm::promoteCallWithIfThenElse(CallBase &CB, Function *Callee, 550 MDNode *BranchWeights) { 551 552 // Version the indirect call site. If the called value is equal to the given 553 // callee, 'NewInst' will be executed, otherwise the original call site will 554 // be executed. 555 CallBase &NewInst = versionCallSite(CB, Callee, BranchWeights); 556 557 // Promote 'NewInst' so that it directly calls the desired function. 558 return promoteCall(NewInst, Callee); 559 } 560 561 bool llvm::tryPromoteCall(CallBase &CB) { 562 assert(!CB.getCalledFunction()); 563 Module *M = CB.getCaller()->getParent(); 564 const DataLayout &DL = M->getDataLayout(); 565 Value *Callee = CB.getCalledOperand(); 566 567 LoadInst *VTableEntryLoad = dyn_cast<LoadInst>(Callee); 568 if (!VTableEntryLoad) 569 return false; // Not a vtable entry load. 570 Value *VTableEntryPtr = VTableEntryLoad->getPointerOperand(); 571 APInt VTableOffset(DL.getTypeSizeInBits(VTableEntryPtr->getType()), 0); 572 Value *VTableBasePtr = VTableEntryPtr->stripAndAccumulateConstantOffsets( 573 DL, VTableOffset, /* AllowNonInbounds */ true); 574 LoadInst *VTablePtrLoad = dyn_cast<LoadInst>(VTableBasePtr); 575 if (!VTablePtrLoad) 576 return false; // Not a vtable load. 577 Value *Object = VTablePtrLoad->getPointerOperand(); 578 APInt ObjectOffset(DL.getTypeSizeInBits(Object->getType()), 0); 579 Value *ObjectBase = Object->stripAndAccumulateConstantOffsets( 580 DL, ObjectOffset, /* AllowNonInbounds */ true); 581 if (!(isa<AllocaInst>(ObjectBase) && ObjectOffset == 0)) 582 // Not an Alloca or the offset isn't zero. 583 return false; 584 585 // Look for the vtable pointer store into the object by the ctor. 586 BasicBlock::iterator BBI(VTablePtrLoad); 587 Value *VTablePtr = FindAvailableLoadedValue( 588 VTablePtrLoad, VTablePtrLoad->getParent(), BBI, 0, nullptr, nullptr); 589 if (!VTablePtr) 590 return false; // No vtable found. 591 APInt VTableOffsetGVBase(DL.getTypeSizeInBits(VTablePtr->getType()), 0); 592 Value *VTableGVBase = VTablePtr->stripAndAccumulateConstantOffsets( 593 DL, VTableOffsetGVBase, /* AllowNonInbounds */ true); 594 GlobalVariable *GV = dyn_cast<GlobalVariable>(VTableGVBase); 595 if (!(GV && GV->isConstant() && GV->hasDefinitiveInitializer())) 596 // Not in the form of a global constant variable with an initializer. 597 return false; 598 599 Constant *VTableGVInitializer = GV->getInitializer(); 600 APInt VTableGVOffset = VTableOffsetGVBase + VTableOffset; 601 if (!(VTableGVOffset.getActiveBits() <= 64)) 602 return false; // Out of range. 603 Constant *Ptr = getPointerAtOffset(VTableGVInitializer, 604 VTableGVOffset.getZExtValue(), 605 *M); 606 if (!Ptr) 607 return false; // No constant (function) pointer found. 608 Function *DirectCallee = dyn_cast<Function>(Ptr->stripPointerCasts()); 609 if (!DirectCallee) 610 return false; // No function pointer found. 611 612 if (!isLegalToPromote(CB, DirectCallee)) 613 return false; 614 615 // Success. 616 promoteCall(CB, DirectCallee); 617 return true; 618 } 619 620 #undef DEBUG_TYPE 621