1 //===- CallPromotionUtils.cpp - Utilities for call promotion ----*- C++ -*-===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // This file implements utilities useful for promoting indirect call sites to 10 // direct call sites. 11 // 12 //===----------------------------------------------------------------------===// 13 14 #include "llvm/Transforms/Utils/CallPromotionUtils.h" 15 #include "llvm/Analysis/Loads.h" 16 #include "llvm/Analysis/TypeMetadataUtils.h" 17 #include "llvm/IR/AttributeMask.h" 18 #include "llvm/IR/IRBuilder.h" 19 #include "llvm/IR/Instructions.h" 20 #include "llvm/Transforms/Utils/BasicBlockUtils.h" 21 22 using namespace llvm; 23 24 #define DEBUG_TYPE "call-promotion-utils" 25 26 /// Fix-up phi nodes in an invoke instruction's normal destination. 27 /// 28 /// After versioning an invoke instruction, values coming from the original 29 /// block will now be coming from the "merge" block. For example, in the code 30 /// below: 31 /// 32 /// then_bb: 33 /// %t0 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 34 /// 35 /// else_bb: 36 /// %t1 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 37 /// 38 /// merge_bb: 39 /// %t2 = phi i32 [ %t0, %then_bb ], [ %t1, %else_bb ] 40 /// br %normal_dst 41 /// 42 /// normal_dst: 43 /// %t3 = phi i32 [ %x, %orig_bb ], ... 44 /// 45 /// "orig_bb" is no longer a predecessor of "normal_dst", so the phi nodes in 46 /// "normal_dst" must be fixed to refer to "merge_bb": 47 /// 48 /// normal_dst: 49 /// %t3 = phi i32 [ %x, %merge_bb ], ... 50 /// 51 static void fixupPHINodeForNormalDest(InvokeInst *Invoke, BasicBlock *OrigBlock, 52 BasicBlock *MergeBlock) { 53 for (PHINode &Phi : Invoke->getNormalDest()->phis()) { 54 int Idx = Phi.getBasicBlockIndex(OrigBlock); 55 if (Idx == -1) 56 continue; 57 Phi.setIncomingBlock(Idx, MergeBlock); 58 } 59 } 60 61 /// Fix-up phi nodes in an invoke instruction's unwind destination. 62 /// 63 /// After versioning an invoke instruction, values coming from the original 64 /// block will now be coming from either the "then" block or the "else" block. 65 /// For example, in the code below: 66 /// 67 /// then_bb: 68 /// %t0 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 69 /// 70 /// else_bb: 71 /// %t1 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 72 /// 73 /// unwind_dst: 74 /// %t3 = phi i32 [ %x, %orig_bb ], ... 75 /// 76 /// "orig_bb" is no longer a predecessor of "unwind_dst", so the phi nodes in 77 /// "unwind_dst" must be fixed to refer to "then_bb" and "else_bb": 78 /// 79 /// unwind_dst: 80 /// %t3 = phi i32 [ %x, %then_bb ], [ %x, %else_bb ], ... 81 /// 82 static void fixupPHINodeForUnwindDest(InvokeInst *Invoke, BasicBlock *OrigBlock, 83 BasicBlock *ThenBlock, 84 BasicBlock *ElseBlock) { 85 for (PHINode &Phi : Invoke->getUnwindDest()->phis()) { 86 int Idx = Phi.getBasicBlockIndex(OrigBlock); 87 if (Idx == -1) 88 continue; 89 auto *V = Phi.getIncomingValue(Idx); 90 Phi.setIncomingBlock(Idx, ThenBlock); 91 Phi.addIncoming(V, ElseBlock); 92 } 93 } 94 95 /// Create a phi node for the returned value of a call or invoke instruction. 96 /// 97 /// After versioning a call or invoke instruction that returns a value, we have 98 /// to merge the value of the original and new instructions. We do this by 99 /// creating a phi node and replacing uses of the original instruction with this 100 /// phi node. 101 /// 102 /// For example, if \p OrigInst is defined in "else_bb" and \p NewInst is 103 /// defined in "then_bb", we create the following phi node: 104 /// 105 /// ; Uses of the original instruction are replaced by uses of the phi node. 106 /// %t0 = phi i32 [ %orig_inst, %else_bb ], [ %new_inst, %then_bb ], 107 /// 108 static void createRetPHINode(Instruction *OrigInst, Instruction *NewInst, 109 BasicBlock *MergeBlock, IRBuilder<> &Builder) { 110 111 if (OrigInst->getType()->isVoidTy() || OrigInst->use_empty()) 112 return; 113 114 Builder.SetInsertPoint(MergeBlock, MergeBlock->begin()); 115 PHINode *Phi = Builder.CreatePHI(OrigInst->getType(), 0); 116 SmallVector<User *, 16> UsersToUpdate(OrigInst->users()); 117 for (User *U : UsersToUpdate) 118 U->replaceUsesOfWith(OrigInst, Phi); 119 Phi->addIncoming(OrigInst, OrigInst->getParent()); 120 Phi->addIncoming(NewInst, NewInst->getParent()); 121 } 122 123 /// Cast a call or invoke instruction to the given type. 124 /// 125 /// When promoting a call site, the return type of the call site might not match 126 /// that of the callee. If this is the case, we have to cast the returned value 127 /// to the correct type. The location of the cast depends on if we have a call 128 /// or invoke instruction. 129 /// 130 /// For example, if the call instruction below requires a bitcast after 131 /// promotion: 132 /// 133 /// orig_bb: 134 /// %t0 = call i32 @func() 135 /// ... 136 /// 137 /// The bitcast is placed after the call instruction: 138 /// 139 /// orig_bb: 140 /// ; Uses of the original return value are replaced by uses of the bitcast. 141 /// %t0 = call i32 @func() 142 /// %t1 = bitcast i32 %t0 to ... 143 /// ... 144 /// 145 /// A similar transformation is performed for invoke instructions. However, 146 /// since invokes are terminating, a new block is created for the bitcast. For 147 /// example, if the invoke instruction below requires a bitcast after promotion: 148 /// 149 /// orig_bb: 150 /// %t0 = invoke i32 @func() to label %normal_dst unwind label %unwind_dst 151 /// 152 /// The edge between the original block and the invoke's normal destination is 153 /// split, and the bitcast is placed there: 154 /// 155 /// orig_bb: 156 /// %t0 = invoke i32 @func() to label %split_bb unwind label %unwind_dst 157 /// 158 /// split_bb: 159 /// ; Uses of the original return value are replaced by uses of the bitcast. 160 /// %t1 = bitcast i32 %t0 to ... 161 /// br label %normal_dst 162 /// 163 static void createRetBitCast(CallBase &CB, Type *RetTy, CastInst **RetBitCast) { 164 165 // Save the users of the calling instruction. These uses will be changed to 166 // use the bitcast after we create it. 167 SmallVector<User *, 16> UsersToUpdate(CB.users()); 168 169 // Determine an appropriate location to create the bitcast for the return 170 // value. The location depends on if we have a call or invoke instruction. 171 Instruction *InsertBefore = nullptr; 172 if (auto *Invoke = dyn_cast<InvokeInst>(&CB)) 173 InsertBefore = 174 &SplitEdge(Invoke->getParent(), Invoke->getNormalDest())->front(); 175 else 176 InsertBefore = &*std::next(CB.getIterator()); 177 178 // Bitcast the return value to the correct type. 179 auto *Cast = CastInst::CreateBitOrPointerCast(&CB, RetTy, "", InsertBefore); 180 if (RetBitCast) 181 *RetBitCast = Cast; 182 183 // Replace all the original uses of the calling instruction with the bitcast. 184 for (User *U : UsersToUpdate) 185 U->replaceUsesOfWith(&CB, Cast); 186 } 187 188 /// Predicate and clone the given call site. 189 /// 190 /// This function creates an if-then-else structure at the location of the call 191 /// site. The "if" condition compares the call site's called value to the given 192 /// callee. The original call site is moved into the "else" block, and a clone 193 /// of the call site is placed in the "then" block. The cloned instruction is 194 /// returned. 195 /// 196 /// For example, the call instruction below: 197 /// 198 /// orig_bb: 199 /// %t0 = call i32 %ptr() 200 /// ... 201 /// 202 /// Is replace by the following: 203 /// 204 /// orig_bb: 205 /// %cond = icmp eq i32 ()* %ptr, @func 206 /// br i1 %cond, %then_bb, %else_bb 207 /// 208 /// then_bb: 209 /// ; The clone of the original call instruction is placed in the "then" 210 /// ; block. It is not yet promoted. 211 /// %t1 = call i32 %ptr() 212 /// br merge_bb 213 /// 214 /// else_bb: 215 /// ; The original call instruction is moved to the "else" block. 216 /// %t0 = call i32 %ptr() 217 /// br merge_bb 218 /// 219 /// merge_bb: 220 /// ; Uses of the original call instruction are replaced by uses of the phi 221 /// ; node. 222 /// %t2 = phi i32 [ %t0, %else_bb ], [ %t1, %then_bb ] 223 /// ... 224 /// 225 /// A similar transformation is performed for invoke instructions. However, 226 /// since invokes are terminating, more work is required. For example, the 227 /// invoke instruction below: 228 /// 229 /// orig_bb: 230 /// %t0 = invoke %ptr() to label %normal_dst unwind label %unwind_dst 231 /// 232 /// Is replace by the following: 233 /// 234 /// orig_bb: 235 /// %cond = icmp eq i32 ()* %ptr, @func 236 /// br i1 %cond, %then_bb, %else_bb 237 /// 238 /// then_bb: 239 /// ; The clone of the original invoke instruction is placed in the "then" 240 /// ; block, and its normal destination is set to the "merge" block. It is 241 /// ; not yet promoted. 242 /// %t1 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 243 /// 244 /// else_bb: 245 /// ; The original invoke instruction is moved into the "else" block, and 246 /// ; its normal destination is set to the "merge" block. 247 /// %t0 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst 248 /// 249 /// merge_bb: 250 /// ; Uses of the original invoke instruction are replaced by uses of the 251 /// ; phi node, and the merge block branches to the normal destination. 252 /// %t2 = phi i32 [ %t0, %else_bb ], [ %t1, %then_bb ] 253 /// br %normal_dst 254 /// 255 /// An indirect musttail call is processed slightly differently in that: 256 /// 1. No merge block needed for the orginal and the cloned callsite, since 257 /// either one ends the flow. No phi node is needed either. 258 /// 2. The return statement following the original call site is duplicated too 259 /// and placed immediately after the cloned call site per the IR convention. 260 /// 261 /// For example, the musttail call instruction below: 262 /// 263 /// orig_bb: 264 /// %t0 = musttail call i32 %ptr() 265 /// ... 266 /// 267 /// Is replaced by the following: 268 /// 269 /// cond_bb: 270 /// %cond = icmp eq i32 ()* %ptr, @func 271 /// br i1 %cond, %then_bb, %orig_bb 272 /// 273 /// then_bb: 274 /// ; The clone of the original call instruction is placed in the "then" 275 /// ; block. It is not yet promoted. 276 /// %t1 = musttail call i32 %ptr() 277 /// ret %t1 278 /// 279 /// orig_bb: 280 /// ; The original call instruction stays in its original block. 281 /// %t0 = musttail call i32 %ptr() 282 /// ret %t0 283 CallBase &llvm::versionCallSite(CallBase &CB, Value *Callee, 284 MDNode *BranchWeights) { 285 286 IRBuilder<> Builder(&CB); 287 CallBase *OrigInst = &CB; 288 BasicBlock *OrigBlock = OrigInst->getParent(); 289 290 // Create the compare. The called value and callee must have the same type to 291 // be compared. 292 if (CB.getCalledOperand()->getType() != Callee->getType()) 293 Callee = Builder.CreateBitCast(Callee, CB.getCalledOperand()->getType()); 294 auto *Cond = Builder.CreateICmpEQ(CB.getCalledOperand(), Callee); 295 296 if (OrigInst->isMustTailCall()) { 297 // Create an if-then structure. The original instruction stays in its block, 298 // and a clone of the original instruction is placed in the "then" block. 299 Instruction *ThenTerm = 300 SplitBlockAndInsertIfThen(Cond, &CB, false, BranchWeights); 301 BasicBlock *ThenBlock = ThenTerm->getParent(); 302 ThenBlock->setName("if.true.direct_targ"); 303 CallBase *NewInst = cast<CallBase>(OrigInst->clone()); 304 NewInst->insertBefore(ThenTerm); 305 306 // Place a clone of the optional bitcast after the new call site. 307 Value *NewRetVal = NewInst; 308 auto Next = OrigInst->getNextNode(); 309 if (auto *BitCast = dyn_cast_or_null<BitCastInst>(Next)) { 310 assert(BitCast->getOperand(0) == OrigInst && 311 "bitcast following musttail call must use the call"); 312 auto NewBitCast = BitCast->clone(); 313 NewBitCast->replaceUsesOfWith(OrigInst, NewInst); 314 NewBitCast->insertBefore(ThenTerm); 315 NewRetVal = NewBitCast; 316 Next = BitCast->getNextNode(); 317 } 318 319 // Place a clone of the return instruction after the new call site. 320 ReturnInst *Ret = dyn_cast_or_null<ReturnInst>(Next); 321 assert(Ret && "musttail call must precede a ret with an optional bitcast"); 322 auto NewRet = Ret->clone(); 323 if (Ret->getReturnValue()) 324 NewRet->replaceUsesOfWith(Ret->getReturnValue(), NewRetVal); 325 NewRet->insertBefore(ThenTerm); 326 327 // A return instructions is terminating, so we don't need the terminator 328 // instruction just created. 329 ThenTerm->eraseFromParent(); 330 331 return *NewInst; 332 } 333 334 // Create an if-then-else structure. The original instruction is moved into 335 // the "else" block, and a clone of the original instruction is placed in the 336 // "then" block. 337 Instruction *ThenTerm = nullptr; 338 Instruction *ElseTerm = nullptr; 339 SplitBlockAndInsertIfThenElse(Cond, &CB, &ThenTerm, &ElseTerm, BranchWeights); 340 BasicBlock *ThenBlock = ThenTerm->getParent(); 341 BasicBlock *ElseBlock = ElseTerm->getParent(); 342 BasicBlock *MergeBlock = OrigInst->getParent(); 343 344 ThenBlock->setName("if.true.direct_targ"); 345 ElseBlock->setName("if.false.orig_indirect"); 346 MergeBlock->setName("if.end.icp"); 347 348 CallBase *NewInst = cast<CallBase>(OrigInst->clone()); 349 OrigInst->moveBefore(ElseTerm); 350 NewInst->insertBefore(ThenTerm); 351 352 // If the original call site is an invoke instruction, we have extra work to 353 // do since invoke instructions are terminating. We have to fix-up phi nodes 354 // in the invoke's normal and unwind destinations. 355 if (auto *OrigInvoke = dyn_cast<InvokeInst>(OrigInst)) { 356 auto *NewInvoke = cast<InvokeInst>(NewInst); 357 358 // Invoke instructions are terminating, so we don't need the terminator 359 // instructions that were just created. 360 ThenTerm->eraseFromParent(); 361 ElseTerm->eraseFromParent(); 362 363 // Branch from the "merge" block to the original normal destination. 364 Builder.SetInsertPoint(MergeBlock); 365 Builder.CreateBr(OrigInvoke->getNormalDest()); 366 367 // Fix-up phi nodes in the original invoke's normal and unwind destinations. 368 fixupPHINodeForNormalDest(OrigInvoke, OrigBlock, MergeBlock); 369 fixupPHINodeForUnwindDest(OrigInvoke, MergeBlock, ThenBlock, ElseBlock); 370 371 // Now set the normal destinations of the invoke instructions to be the 372 // "merge" block. 373 OrigInvoke->setNormalDest(MergeBlock); 374 NewInvoke->setNormalDest(MergeBlock); 375 } 376 377 // Create a phi node for the returned value of the call site. 378 createRetPHINode(OrigInst, NewInst, MergeBlock, Builder); 379 380 return *NewInst; 381 } 382 383 bool llvm::isLegalToPromote(const CallBase &CB, Function *Callee, 384 const char **FailureReason) { 385 assert(!CB.getCalledFunction() && "Only indirect call sites can be promoted"); 386 387 auto &DL = Callee->getParent()->getDataLayout(); 388 389 // Check the return type. The callee's return value type must be bitcast 390 // compatible with the call site's type. 391 Type *CallRetTy = CB.getType(); 392 Type *FuncRetTy = Callee->getReturnType(); 393 if (CallRetTy != FuncRetTy) 394 if (!CastInst::isBitOrNoopPointerCastable(FuncRetTy, CallRetTy, DL)) { 395 if (FailureReason) 396 *FailureReason = "Return type mismatch"; 397 return false; 398 } 399 400 // The number of formal arguments of the callee. 401 unsigned NumParams = Callee->getFunctionType()->getNumParams(); 402 403 // The number of actual arguments in the call. 404 unsigned NumArgs = CB.arg_size(); 405 406 // Check the number of arguments. The callee and call site must agree on the 407 // number of arguments. 408 if (NumArgs != NumParams && !Callee->isVarArg()) { 409 if (FailureReason) 410 *FailureReason = "The number of arguments mismatch"; 411 return false; 412 } 413 414 // Check the argument types. The callee's formal argument types must be 415 // bitcast compatible with the corresponding actual argument types of the call 416 // site. 417 unsigned I = 0; 418 for (; I < NumParams; ++I) { 419 // Make sure that the callee and call agree on byval/inalloca. The types do 420 // not have to match. 421 if (Callee->hasParamAttribute(I, Attribute::ByVal) != 422 CB.getAttributes().hasParamAttr(I, Attribute::ByVal)) { 423 if (FailureReason) 424 *FailureReason = "byval mismatch"; 425 return false; 426 } 427 if (Callee->hasParamAttribute(I, Attribute::InAlloca) != 428 CB.getAttributes().hasParamAttr(I, Attribute::InAlloca)) { 429 if (FailureReason) 430 *FailureReason = "inalloca mismatch"; 431 return false; 432 } 433 434 Type *FormalTy = Callee->getFunctionType()->getFunctionParamType(I); 435 Type *ActualTy = CB.getArgOperand(I)->getType(); 436 if (FormalTy == ActualTy) 437 continue; 438 if (!CastInst::isBitOrNoopPointerCastable(ActualTy, FormalTy, DL)) { 439 if (FailureReason) 440 *FailureReason = "Argument type mismatch"; 441 return false; 442 } 443 444 // MustTail call needs stricter type match. See 445 // Verifier::verifyMustTailCall(). 446 if (CB.isMustTailCall()) { 447 PointerType *PF = dyn_cast<PointerType>(FormalTy); 448 PointerType *PA = dyn_cast<PointerType>(ActualTy); 449 if (!PF || !PA || PF->getAddressSpace() != PA->getAddressSpace()) { 450 if (FailureReason) 451 *FailureReason = "Musttail call Argument type mismatch"; 452 return false; 453 } 454 } 455 } 456 for (; I < NumArgs; I++) { 457 // Vararg functions can have more arguments than parameters. 458 assert(Callee->isVarArg()); 459 if (CB.paramHasAttr(I, Attribute::StructRet)) { 460 if (FailureReason) 461 *FailureReason = "SRet arg to vararg function"; 462 return false; 463 } 464 } 465 466 return true; 467 } 468 469 CallBase &llvm::promoteCall(CallBase &CB, Function *Callee, 470 CastInst **RetBitCast) { 471 assert(!CB.getCalledFunction() && "Only indirect call sites can be promoted"); 472 473 // Set the called function of the call site to be the given callee (but don't 474 // change the type). 475 CB.setCalledOperand(Callee); 476 477 // Since the call site will no longer be direct, we must clear metadata that 478 // is only appropriate for indirect calls. This includes !prof and !callees 479 // metadata. 480 CB.setMetadata(LLVMContext::MD_prof, nullptr); 481 CB.setMetadata(LLVMContext::MD_callees, nullptr); 482 483 // If the function type of the call site matches that of the callee, no 484 // additional work is required. 485 if (CB.getFunctionType() == Callee->getFunctionType()) 486 return CB; 487 488 // Save the return types of the call site and callee. 489 Type *CallSiteRetTy = CB.getType(); 490 Type *CalleeRetTy = Callee->getReturnType(); 491 492 // Change the function type of the call site the match that of the callee. 493 CB.mutateFunctionType(Callee->getFunctionType()); 494 495 // Inspect the arguments of the call site. If an argument's type doesn't 496 // match the corresponding formal argument's type in the callee, bitcast it 497 // to the correct type. 498 auto CalleeType = Callee->getFunctionType(); 499 auto CalleeParamNum = CalleeType->getNumParams(); 500 501 LLVMContext &Ctx = Callee->getContext(); 502 const AttributeList &CallerPAL = CB.getAttributes(); 503 // The new list of argument attributes. 504 SmallVector<AttributeSet, 4> NewArgAttrs; 505 bool AttributeChanged = false; 506 507 for (unsigned ArgNo = 0; ArgNo < CalleeParamNum; ++ArgNo) { 508 auto *Arg = CB.getArgOperand(ArgNo); 509 Type *FormalTy = CalleeType->getParamType(ArgNo); 510 Type *ActualTy = Arg->getType(); 511 if (FormalTy != ActualTy) { 512 auto *Cast = CastInst::CreateBitOrPointerCast(Arg, FormalTy, "", &CB); 513 CB.setArgOperand(ArgNo, Cast); 514 515 // Remove any incompatible attributes for the argument. 516 AttrBuilder ArgAttrs(Ctx, CallerPAL.getParamAttrs(ArgNo)); 517 ArgAttrs.remove(AttributeFuncs::typeIncompatible(FormalTy)); 518 519 // We may have a different byval/inalloca type. 520 if (ArgAttrs.getByValType()) 521 ArgAttrs.addByValAttr(Callee->getParamByValType(ArgNo)); 522 if (ArgAttrs.getInAllocaType()) 523 ArgAttrs.addInAllocaAttr(Callee->getParamInAllocaType(ArgNo)); 524 525 NewArgAttrs.push_back(AttributeSet::get(Ctx, ArgAttrs)); 526 AttributeChanged = true; 527 } else 528 NewArgAttrs.push_back(CallerPAL.getParamAttrs(ArgNo)); 529 } 530 531 // If the return type of the call site doesn't match that of the callee, cast 532 // the returned value to the appropriate type. 533 // Remove any incompatible return value attribute. 534 AttrBuilder RAttrs(Ctx, CallerPAL.getRetAttrs()); 535 if (!CallSiteRetTy->isVoidTy() && CallSiteRetTy != CalleeRetTy) { 536 createRetBitCast(CB, CallSiteRetTy, RetBitCast); 537 RAttrs.remove(AttributeFuncs::typeIncompatible(CalleeRetTy)); 538 AttributeChanged = true; 539 } 540 541 // Set the new callsite attribute. 542 if (AttributeChanged) 543 CB.setAttributes(AttributeList::get(Ctx, CallerPAL.getFnAttrs(), 544 AttributeSet::get(Ctx, RAttrs), 545 NewArgAttrs)); 546 547 return CB; 548 } 549 550 CallBase &llvm::promoteCallWithIfThenElse(CallBase &CB, Function *Callee, 551 MDNode *BranchWeights) { 552 553 // Version the indirect call site. If the called value is equal to the given 554 // callee, 'NewInst' will be executed, otherwise the original call site will 555 // be executed. 556 CallBase &NewInst = versionCallSite(CB, Callee, BranchWeights); 557 558 // Promote 'NewInst' so that it directly calls the desired function. 559 return promoteCall(NewInst, Callee); 560 } 561 562 bool llvm::tryPromoteCall(CallBase &CB) { 563 assert(!CB.getCalledFunction()); 564 Module *M = CB.getCaller()->getParent(); 565 const DataLayout &DL = M->getDataLayout(); 566 Value *Callee = CB.getCalledOperand(); 567 568 LoadInst *VTableEntryLoad = dyn_cast<LoadInst>(Callee); 569 if (!VTableEntryLoad) 570 return false; // Not a vtable entry load. 571 Value *VTableEntryPtr = VTableEntryLoad->getPointerOperand(); 572 APInt VTableOffset(DL.getTypeSizeInBits(VTableEntryPtr->getType()), 0); 573 Value *VTableBasePtr = VTableEntryPtr->stripAndAccumulateConstantOffsets( 574 DL, VTableOffset, /* AllowNonInbounds */ true); 575 LoadInst *VTablePtrLoad = dyn_cast<LoadInst>(VTableBasePtr); 576 if (!VTablePtrLoad) 577 return false; // Not a vtable load. 578 Value *Object = VTablePtrLoad->getPointerOperand(); 579 APInt ObjectOffset(DL.getTypeSizeInBits(Object->getType()), 0); 580 Value *ObjectBase = Object->stripAndAccumulateConstantOffsets( 581 DL, ObjectOffset, /* AllowNonInbounds */ true); 582 if (!(isa<AllocaInst>(ObjectBase) && ObjectOffset == 0)) 583 // Not an Alloca or the offset isn't zero. 584 return false; 585 586 // Look for the vtable pointer store into the object by the ctor. 587 BasicBlock::iterator BBI(VTablePtrLoad); 588 Value *VTablePtr = FindAvailableLoadedValue( 589 VTablePtrLoad, VTablePtrLoad->getParent(), BBI, 0, nullptr, nullptr); 590 if (!VTablePtr) 591 return false; // No vtable found. 592 APInt VTableOffsetGVBase(DL.getTypeSizeInBits(VTablePtr->getType()), 0); 593 Value *VTableGVBase = VTablePtr->stripAndAccumulateConstantOffsets( 594 DL, VTableOffsetGVBase, /* AllowNonInbounds */ true); 595 GlobalVariable *GV = dyn_cast<GlobalVariable>(VTableGVBase); 596 if (!(GV && GV->isConstant() && GV->hasDefinitiveInitializer())) 597 // Not in the form of a global constant variable with an initializer. 598 return false; 599 600 Constant *VTableGVInitializer = GV->getInitializer(); 601 APInt VTableGVOffset = VTableOffsetGVBase + VTableOffset; 602 if (!(VTableGVOffset.getActiveBits() <= 64)) 603 return false; // Out of range. 604 Constant *Ptr = getPointerAtOffset(VTableGVInitializer, 605 VTableGVOffset.getZExtValue(), 606 *M); 607 if (!Ptr) 608 return false; // No constant (function) pointer found. 609 Function *DirectCallee = dyn_cast<Function>(Ptr->stripPointerCasts()); 610 if (!DirectCallee) 611 return false; // No function pointer found. 612 613 if (!isLegalToPromote(CB, DirectCallee)) 614 return false; 615 616 // Success. 617 promoteCall(CB, DirectCallee); 618 return true; 619 } 620 621 #undef DEBUG_TYPE 622