1 //===- InlineFunction.cpp - Code to perform function inlining -------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // This file implements inlining of a function into a call site, resolving 10 // parameters and the return value as appropriate. 11 // 12 //===----------------------------------------------------------------------===// 13 14 #include "llvm/ADT/DenseMap.h" 15 #include "llvm/ADT/STLExtras.h" 16 #include "llvm/ADT/SetVector.h" 17 #include "llvm/ADT/SmallPtrSet.h" 18 #include "llvm/ADT/SmallVector.h" 19 #include "llvm/ADT/StringExtras.h" 20 #include "llvm/ADT/iterator_range.h" 21 #include "llvm/Analysis/AliasAnalysis.h" 22 #include "llvm/Analysis/AssumptionCache.h" 23 #include "llvm/Analysis/BlockFrequencyInfo.h" 24 #include "llvm/Analysis/CallGraph.h" 25 #include "llvm/Analysis/CaptureTracking.h" 26 #include "llvm/Analysis/IndirectCallVisitor.h" 27 #include "llvm/Analysis/InstructionSimplify.h" 28 #include "llvm/Analysis/MemoryProfileInfo.h" 29 #include "llvm/Analysis/ObjCARCAnalysisUtils.h" 30 #include "llvm/Analysis/ObjCARCUtil.h" 31 #include "llvm/Analysis/ProfileSummaryInfo.h" 32 #include "llvm/Analysis/ValueTracking.h" 33 #include "llvm/Analysis/VectorUtils.h" 34 #include "llvm/IR/Argument.h" 35 #include "llvm/IR/AttributeMask.h" 36 #include "llvm/IR/BasicBlock.h" 37 #include "llvm/IR/CFG.h" 38 #include "llvm/IR/Constant.h" 39 #include "llvm/IR/ConstantRange.h" 40 #include "llvm/IR/Constants.h" 41 #include "llvm/IR/DataLayout.h" 42 #include "llvm/IR/DebugInfo.h" 43 #include "llvm/IR/DebugInfoMetadata.h" 44 #include "llvm/IR/DebugLoc.h" 45 #include "llvm/IR/DerivedTypes.h" 46 #include "llvm/IR/Dominators.h" 47 #include "llvm/IR/EHPersonalities.h" 48 #include "llvm/IR/Function.h" 49 #include "llvm/IR/IRBuilder.h" 50 #include "llvm/IR/InlineAsm.h" 51 #include "llvm/IR/InstrTypes.h" 52 #include "llvm/IR/Instruction.h" 53 #include "llvm/IR/Instructions.h" 54 #include "llvm/IR/IntrinsicInst.h" 55 #include "llvm/IR/Intrinsics.h" 56 #include "llvm/IR/LLVMContext.h" 57 #include "llvm/IR/MDBuilder.h" 58 #include "llvm/IR/Metadata.h" 59 #include "llvm/IR/Module.h" 60 #include "llvm/IR/ProfDataUtils.h" 61 #include "llvm/IR/Type.h" 62 #include "llvm/IR/User.h" 63 #include "llvm/IR/Value.h" 64 #include "llvm/Support/Casting.h" 65 #include "llvm/Support/CommandLine.h" 66 #include "llvm/Support/ErrorHandling.h" 67 #include "llvm/Transforms/Utils/AssumeBundleBuilder.h" 68 #include "llvm/Transforms/Utils/Cloning.h" 69 #include "llvm/Transforms/Utils/Local.h" 70 #include "llvm/Transforms/Utils/ValueMapper.h" 71 #include <algorithm> 72 #include <cassert> 73 #include <cstdint> 74 #include <iterator> 75 #include <limits> 76 #include <optional> 77 #include <string> 78 #include <utility> 79 #include <vector> 80 81 #define DEBUG_TYPE "inline-function" 82 83 using namespace llvm; 84 using namespace llvm::memprof; 85 using ProfileCount = Function::ProfileCount; 86 87 static cl::opt<bool> 88 EnableNoAliasConversion("enable-noalias-to-md-conversion", cl::init(true), 89 cl::Hidden, 90 cl::desc("Convert noalias attributes to metadata during inlining.")); 91 92 static cl::opt<bool> 93 UseNoAliasIntrinsic("use-noalias-intrinsic-during-inlining", cl::Hidden, 94 cl::init(true), 95 cl::desc("Use the llvm.experimental.noalias.scope.decl " 96 "intrinsic during inlining.")); 97 98 // Disabled by default, because the added alignment assumptions may increase 99 // compile-time and block optimizations. This option is not suitable for use 100 // with frontends that emit comprehensive parameter alignment annotations. 101 static cl::opt<bool> 102 PreserveAlignmentAssumptions("preserve-alignment-assumptions-during-inlining", 103 cl::init(false), cl::Hidden, 104 cl::desc("Convert align attributes to assumptions during inlining.")); 105 106 static cl::opt<unsigned> InlinerAttributeWindow( 107 "max-inst-checked-for-throw-during-inlining", cl::Hidden, 108 cl::desc("the maximum number of instructions analyzed for may throw during " 109 "attribute inference in inlined body"), 110 cl::init(4)); 111 112 namespace { 113 114 /// A class for recording information about inlining a landing pad. 115 class LandingPadInliningInfo { 116 /// Destination of the invoke's unwind. 117 BasicBlock *OuterResumeDest; 118 119 /// Destination for the callee's resume. 120 BasicBlock *InnerResumeDest = nullptr; 121 122 /// LandingPadInst associated with the invoke. 123 LandingPadInst *CallerLPad = nullptr; 124 125 /// PHI for EH values from landingpad insts. 126 PHINode *InnerEHValuesPHI = nullptr; 127 128 SmallVector<Value*, 8> UnwindDestPHIValues; 129 130 public: 131 LandingPadInliningInfo(InvokeInst *II) 132 : OuterResumeDest(II->getUnwindDest()) { 133 // If there are PHI nodes in the unwind destination block, we need to keep 134 // track of which values came into them from the invoke before removing 135 // the edge from this block. 136 BasicBlock *InvokeBB = II->getParent(); 137 BasicBlock::iterator I = OuterResumeDest->begin(); 138 for (; isa<PHINode>(I); ++I) { 139 // Save the value to use for this edge. 140 PHINode *PHI = cast<PHINode>(I); 141 UnwindDestPHIValues.push_back(PHI->getIncomingValueForBlock(InvokeBB)); 142 } 143 144 CallerLPad = cast<LandingPadInst>(I); 145 } 146 147 /// The outer unwind destination is the target of 148 /// unwind edges introduced for calls within the inlined function. 149 BasicBlock *getOuterResumeDest() const { 150 return OuterResumeDest; 151 } 152 153 BasicBlock *getInnerResumeDest(); 154 155 LandingPadInst *getLandingPadInst() const { return CallerLPad; } 156 157 /// Forward the 'resume' instruction to the caller's landing pad block. 158 /// When the landing pad block has only one predecessor, this is 159 /// a simple branch. When there is more than one predecessor, we need to 160 /// split the landing pad block after the landingpad instruction and jump 161 /// to there. 162 void forwardResume(ResumeInst *RI, 163 SmallPtrSetImpl<LandingPadInst*> &InlinedLPads); 164 165 /// Add incoming-PHI values to the unwind destination block for the given 166 /// basic block, using the values for the original invoke's source block. 167 void addIncomingPHIValuesFor(BasicBlock *BB) const { 168 addIncomingPHIValuesForInto(BB, OuterResumeDest); 169 } 170 171 void addIncomingPHIValuesForInto(BasicBlock *src, BasicBlock *dest) const { 172 BasicBlock::iterator I = dest->begin(); 173 for (unsigned i = 0, e = UnwindDestPHIValues.size(); i != e; ++i, ++I) { 174 PHINode *phi = cast<PHINode>(I); 175 phi->addIncoming(UnwindDestPHIValues[i], src); 176 } 177 } 178 }; 179 180 } // end anonymous namespace 181 182 /// Get or create a target for the branch from ResumeInsts. 183 BasicBlock *LandingPadInliningInfo::getInnerResumeDest() { 184 if (InnerResumeDest) return InnerResumeDest; 185 186 // Split the landing pad. 187 BasicBlock::iterator SplitPoint = ++CallerLPad->getIterator(); 188 InnerResumeDest = 189 OuterResumeDest->splitBasicBlock(SplitPoint, 190 OuterResumeDest->getName() + ".body"); 191 192 // The number of incoming edges we expect to the inner landing pad. 193 const unsigned PHICapacity = 2; 194 195 // Create corresponding new PHIs for all the PHIs in the outer landing pad. 196 BasicBlock::iterator InsertPoint = InnerResumeDest->begin(); 197 BasicBlock::iterator I = OuterResumeDest->begin(); 198 for (unsigned i = 0, e = UnwindDestPHIValues.size(); i != e; ++i, ++I) { 199 PHINode *OuterPHI = cast<PHINode>(I); 200 PHINode *InnerPHI = PHINode::Create(OuterPHI->getType(), PHICapacity, 201 OuterPHI->getName() + ".lpad-body"); 202 InnerPHI->insertBefore(InsertPoint); 203 OuterPHI->replaceAllUsesWith(InnerPHI); 204 InnerPHI->addIncoming(OuterPHI, OuterResumeDest); 205 } 206 207 // Create a PHI for the exception values. 208 InnerEHValuesPHI = 209 PHINode::Create(CallerLPad->getType(), PHICapacity, "eh.lpad-body"); 210 InnerEHValuesPHI->insertBefore(InsertPoint); 211 CallerLPad->replaceAllUsesWith(InnerEHValuesPHI); 212 InnerEHValuesPHI->addIncoming(CallerLPad, OuterResumeDest); 213 214 // All done. 215 return InnerResumeDest; 216 } 217 218 /// Forward the 'resume' instruction to the caller's landing pad block. 219 /// When the landing pad block has only one predecessor, this is a simple 220 /// branch. When there is more than one predecessor, we need to split the 221 /// landing pad block after the landingpad instruction and jump to there. 222 void LandingPadInliningInfo::forwardResume( 223 ResumeInst *RI, SmallPtrSetImpl<LandingPadInst *> &InlinedLPads) { 224 BasicBlock *Dest = getInnerResumeDest(); 225 BasicBlock *Src = RI->getParent(); 226 227 BranchInst::Create(Dest, Src); 228 229 // Update the PHIs in the destination. They were inserted in an order which 230 // makes this work. 231 addIncomingPHIValuesForInto(Src, Dest); 232 233 InnerEHValuesPHI->addIncoming(RI->getOperand(0), Src); 234 RI->eraseFromParent(); 235 } 236 237 /// Helper for getUnwindDestToken/getUnwindDestTokenHelper. 238 static Value *getParentPad(Value *EHPad) { 239 if (auto *FPI = dyn_cast<FuncletPadInst>(EHPad)) 240 return FPI->getParentPad(); 241 return cast<CatchSwitchInst>(EHPad)->getParentPad(); 242 } 243 244 using UnwindDestMemoTy = DenseMap<Instruction *, Value *>; 245 246 /// Helper for getUnwindDestToken that does the descendant-ward part of 247 /// the search. 248 static Value *getUnwindDestTokenHelper(Instruction *EHPad, 249 UnwindDestMemoTy &MemoMap) { 250 SmallVector<Instruction *, 8> Worklist(1, EHPad); 251 252 while (!Worklist.empty()) { 253 Instruction *CurrentPad = Worklist.pop_back_val(); 254 // We only put pads on the worklist that aren't in the MemoMap. When 255 // we find an unwind dest for a pad we may update its ancestors, but 256 // the queue only ever contains uncles/great-uncles/etc. of CurrentPad, 257 // so they should never get updated while queued on the worklist. 258 assert(!MemoMap.count(CurrentPad)); 259 Value *UnwindDestToken = nullptr; 260 if (auto *CatchSwitch = dyn_cast<CatchSwitchInst>(CurrentPad)) { 261 if (CatchSwitch->hasUnwindDest()) { 262 UnwindDestToken = CatchSwitch->getUnwindDest()->getFirstNonPHI(); 263 } else { 264 // Catchswitch doesn't have a 'nounwind' variant, and one might be 265 // annotated as "unwinds to caller" when really it's nounwind (see 266 // e.g. SimplifyCFGOpt::SimplifyUnreachable), so we can't infer the 267 // parent's unwind dest from this. We can check its catchpads' 268 // descendants, since they might include a cleanuppad with an 269 // "unwinds to caller" cleanupret, which can be trusted. 270 for (auto HI = CatchSwitch->handler_begin(), 271 HE = CatchSwitch->handler_end(); 272 HI != HE && !UnwindDestToken; ++HI) { 273 BasicBlock *HandlerBlock = *HI; 274 auto *CatchPad = cast<CatchPadInst>(HandlerBlock->getFirstNonPHI()); 275 for (User *Child : CatchPad->users()) { 276 // Intentionally ignore invokes here -- since the catchswitch is 277 // marked "unwind to caller", it would be a verifier error if it 278 // contained an invoke which unwinds out of it, so any invoke we'd 279 // encounter must unwind to some child of the catch. 280 if (!isa<CleanupPadInst>(Child) && !isa<CatchSwitchInst>(Child)) 281 continue; 282 283 Instruction *ChildPad = cast<Instruction>(Child); 284 auto Memo = MemoMap.find(ChildPad); 285 if (Memo == MemoMap.end()) { 286 // Haven't figured out this child pad yet; queue it. 287 Worklist.push_back(ChildPad); 288 continue; 289 } 290 // We've already checked this child, but might have found that 291 // it offers no proof either way. 292 Value *ChildUnwindDestToken = Memo->second; 293 if (!ChildUnwindDestToken) 294 continue; 295 // We already know the child's unwind dest, which can either 296 // be ConstantTokenNone to indicate unwind to caller, or can 297 // be another child of the catchpad. Only the former indicates 298 // the unwind dest of the catchswitch. 299 if (isa<ConstantTokenNone>(ChildUnwindDestToken)) { 300 UnwindDestToken = ChildUnwindDestToken; 301 break; 302 } 303 assert(getParentPad(ChildUnwindDestToken) == CatchPad); 304 } 305 } 306 } 307 } else { 308 auto *CleanupPad = cast<CleanupPadInst>(CurrentPad); 309 for (User *U : CleanupPad->users()) { 310 if (auto *CleanupRet = dyn_cast<CleanupReturnInst>(U)) { 311 if (BasicBlock *RetUnwindDest = CleanupRet->getUnwindDest()) 312 UnwindDestToken = RetUnwindDest->getFirstNonPHI(); 313 else 314 UnwindDestToken = ConstantTokenNone::get(CleanupPad->getContext()); 315 break; 316 } 317 Value *ChildUnwindDestToken; 318 if (auto *Invoke = dyn_cast<InvokeInst>(U)) { 319 ChildUnwindDestToken = Invoke->getUnwindDest()->getFirstNonPHI(); 320 } else if (isa<CleanupPadInst>(U) || isa<CatchSwitchInst>(U)) { 321 Instruction *ChildPad = cast<Instruction>(U); 322 auto Memo = MemoMap.find(ChildPad); 323 if (Memo == MemoMap.end()) { 324 // Haven't resolved this child yet; queue it and keep searching. 325 Worklist.push_back(ChildPad); 326 continue; 327 } 328 // We've checked this child, but still need to ignore it if it 329 // had no proof either way. 330 ChildUnwindDestToken = Memo->second; 331 if (!ChildUnwindDestToken) 332 continue; 333 } else { 334 // Not a relevant user of the cleanuppad 335 continue; 336 } 337 // In a well-formed program, the child/invoke must either unwind to 338 // an(other) child of the cleanup, or exit the cleanup. In the 339 // first case, continue searching. 340 if (isa<Instruction>(ChildUnwindDestToken) && 341 getParentPad(ChildUnwindDestToken) == CleanupPad) 342 continue; 343 UnwindDestToken = ChildUnwindDestToken; 344 break; 345 } 346 } 347 // If we haven't found an unwind dest for CurrentPad, we may have queued its 348 // children, so move on to the next in the worklist. 349 if (!UnwindDestToken) 350 continue; 351 352 // Now we know that CurrentPad unwinds to UnwindDestToken. It also exits 353 // any ancestors of CurrentPad up to but not including UnwindDestToken's 354 // parent pad. Record this in the memo map, and check to see if the 355 // original EHPad being queried is one of the ones exited. 356 Value *UnwindParent; 357 if (auto *UnwindPad = dyn_cast<Instruction>(UnwindDestToken)) 358 UnwindParent = getParentPad(UnwindPad); 359 else 360 UnwindParent = nullptr; 361 bool ExitedOriginalPad = false; 362 for (Instruction *ExitedPad = CurrentPad; 363 ExitedPad && ExitedPad != UnwindParent; 364 ExitedPad = dyn_cast<Instruction>(getParentPad(ExitedPad))) { 365 // Skip over catchpads since they just follow their catchswitches. 366 if (isa<CatchPadInst>(ExitedPad)) 367 continue; 368 MemoMap[ExitedPad] = UnwindDestToken; 369 ExitedOriginalPad |= (ExitedPad == EHPad); 370 } 371 372 if (ExitedOriginalPad) 373 return UnwindDestToken; 374 375 // Continue the search. 376 } 377 378 // No definitive information is contained within this funclet. 379 return nullptr; 380 } 381 382 /// Given an EH pad, find where it unwinds. If it unwinds to an EH pad, 383 /// return that pad instruction. If it unwinds to caller, return 384 /// ConstantTokenNone. If it does not have a definitive unwind destination, 385 /// return nullptr. 386 /// 387 /// This routine gets invoked for calls in funclets in inlinees when inlining 388 /// an invoke. Since many funclets don't have calls inside them, it's queried 389 /// on-demand rather than building a map of pads to unwind dests up front. 390 /// Determining a funclet's unwind dest may require recursively searching its 391 /// descendants, and also ancestors and cousins if the descendants don't provide 392 /// an answer. Since most funclets will have their unwind dest immediately 393 /// available as the unwind dest of a catchswitch or cleanupret, this routine 394 /// searches top-down from the given pad and then up. To avoid worst-case 395 /// quadratic run-time given that approach, it uses a memo map to avoid 396 /// re-processing funclet trees. The callers that rewrite the IR as they go 397 /// take advantage of this, for correctness, by checking/forcing rewritten 398 /// pads' entries to match the original callee view. 399 static Value *getUnwindDestToken(Instruction *EHPad, 400 UnwindDestMemoTy &MemoMap) { 401 // Catchpads unwind to the same place as their catchswitch; 402 // redirct any queries on catchpads so the code below can 403 // deal with just catchswitches and cleanuppads. 404 if (auto *CPI = dyn_cast<CatchPadInst>(EHPad)) 405 EHPad = CPI->getCatchSwitch(); 406 407 // Check if we've already determined the unwind dest for this pad. 408 auto Memo = MemoMap.find(EHPad); 409 if (Memo != MemoMap.end()) 410 return Memo->second; 411 412 // Search EHPad and, if necessary, its descendants. 413 Value *UnwindDestToken = getUnwindDestTokenHelper(EHPad, MemoMap); 414 assert((UnwindDestToken == nullptr) != (MemoMap.count(EHPad) != 0)); 415 if (UnwindDestToken) 416 return UnwindDestToken; 417 418 // No information is available for this EHPad from itself or any of its 419 // descendants. An unwind all the way out to a pad in the caller would 420 // need also to agree with the unwind dest of the parent funclet, so 421 // search up the chain to try to find a funclet with information. Put 422 // null entries in the memo map to avoid re-processing as we go up. 423 MemoMap[EHPad] = nullptr; 424 #ifndef NDEBUG 425 SmallPtrSet<Instruction *, 4> TempMemos; 426 TempMemos.insert(EHPad); 427 #endif 428 Instruction *LastUselessPad = EHPad; 429 Value *AncestorToken; 430 for (AncestorToken = getParentPad(EHPad); 431 auto *AncestorPad = dyn_cast<Instruction>(AncestorToken); 432 AncestorToken = getParentPad(AncestorToken)) { 433 // Skip over catchpads since they just follow their catchswitches. 434 if (isa<CatchPadInst>(AncestorPad)) 435 continue; 436 // If the MemoMap had an entry mapping AncestorPad to nullptr, since we 437 // haven't yet called getUnwindDestTokenHelper for AncestorPad in this 438 // call to getUnwindDestToken, that would mean that AncestorPad had no 439 // information in itself, its descendants, or its ancestors. If that 440 // were the case, then we should also have recorded the lack of information 441 // for the descendant that we're coming from. So assert that we don't 442 // find a null entry in the MemoMap for AncestorPad. 443 assert(!MemoMap.count(AncestorPad) || MemoMap[AncestorPad]); 444 auto AncestorMemo = MemoMap.find(AncestorPad); 445 if (AncestorMemo == MemoMap.end()) { 446 UnwindDestToken = getUnwindDestTokenHelper(AncestorPad, MemoMap); 447 } else { 448 UnwindDestToken = AncestorMemo->second; 449 } 450 if (UnwindDestToken) 451 break; 452 LastUselessPad = AncestorPad; 453 MemoMap[LastUselessPad] = nullptr; 454 #ifndef NDEBUG 455 TempMemos.insert(LastUselessPad); 456 #endif 457 } 458 459 // We know that getUnwindDestTokenHelper was called on LastUselessPad and 460 // returned nullptr (and likewise for EHPad and any of its ancestors up to 461 // LastUselessPad), so LastUselessPad has no information from below. Since 462 // getUnwindDestTokenHelper must investigate all downward paths through 463 // no-information nodes to prove that a node has no information like this, 464 // and since any time it finds information it records it in the MemoMap for 465 // not just the immediately-containing funclet but also any ancestors also 466 // exited, it must be the case that, walking downward from LastUselessPad, 467 // visiting just those nodes which have not been mapped to an unwind dest 468 // by getUnwindDestTokenHelper (the nullptr TempMemos notwithstanding, since 469 // they are just used to keep getUnwindDestTokenHelper from repeating work), 470 // any node visited must have been exhaustively searched with no information 471 // for it found. 472 SmallVector<Instruction *, 8> Worklist(1, LastUselessPad); 473 while (!Worklist.empty()) { 474 Instruction *UselessPad = Worklist.pop_back_val(); 475 auto Memo = MemoMap.find(UselessPad); 476 if (Memo != MemoMap.end() && Memo->second) { 477 // Here the name 'UselessPad' is a bit of a misnomer, because we've found 478 // that it is a funclet that does have information about unwinding to 479 // a particular destination; its parent was a useless pad. 480 // Since its parent has no information, the unwind edge must not escape 481 // the parent, and must target a sibling of this pad. This local unwind 482 // gives us no information about EHPad. Leave it and the subtree rooted 483 // at it alone. 484 assert(getParentPad(Memo->second) == getParentPad(UselessPad)); 485 continue; 486 } 487 // We know we don't have information for UselesPad. If it has an entry in 488 // the MemoMap (mapping it to nullptr), it must be one of the TempMemos 489 // added on this invocation of getUnwindDestToken; if a previous invocation 490 // recorded nullptr, it would have had to prove that the ancestors of 491 // UselessPad, which include LastUselessPad, had no information, and that 492 // in turn would have required proving that the descendants of 493 // LastUselesPad, which include EHPad, have no information about 494 // LastUselessPad, which would imply that EHPad was mapped to nullptr in 495 // the MemoMap on that invocation, which isn't the case if we got here. 496 assert(!MemoMap.count(UselessPad) || TempMemos.count(UselessPad)); 497 // Assert as we enumerate users that 'UselessPad' doesn't have any unwind 498 // information that we'd be contradicting by making a map entry for it 499 // (which is something that getUnwindDestTokenHelper must have proved for 500 // us to get here). Just assert on is direct users here; the checks in 501 // this downward walk at its descendants will verify that they don't have 502 // any unwind edges that exit 'UselessPad' either (i.e. they either have no 503 // unwind edges or unwind to a sibling). 504 MemoMap[UselessPad] = UnwindDestToken; 505 if (auto *CatchSwitch = dyn_cast<CatchSwitchInst>(UselessPad)) { 506 assert(CatchSwitch->getUnwindDest() == nullptr && "Expected useless pad"); 507 for (BasicBlock *HandlerBlock : CatchSwitch->handlers()) { 508 auto *CatchPad = HandlerBlock->getFirstNonPHI(); 509 for (User *U : CatchPad->users()) { 510 assert( 511 (!isa<InvokeInst>(U) || 512 (getParentPad( 513 cast<InvokeInst>(U)->getUnwindDest()->getFirstNonPHI()) == 514 CatchPad)) && 515 "Expected useless pad"); 516 if (isa<CatchSwitchInst>(U) || isa<CleanupPadInst>(U)) 517 Worklist.push_back(cast<Instruction>(U)); 518 } 519 } 520 } else { 521 assert(isa<CleanupPadInst>(UselessPad)); 522 for (User *U : UselessPad->users()) { 523 assert(!isa<CleanupReturnInst>(U) && "Expected useless pad"); 524 assert((!isa<InvokeInst>(U) || 525 (getParentPad( 526 cast<InvokeInst>(U)->getUnwindDest()->getFirstNonPHI()) == 527 UselessPad)) && 528 "Expected useless pad"); 529 if (isa<CatchSwitchInst>(U) || isa<CleanupPadInst>(U)) 530 Worklist.push_back(cast<Instruction>(U)); 531 } 532 } 533 } 534 535 return UnwindDestToken; 536 } 537 538 /// When we inline a basic block into an invoke, 539 /// we have to turn all of the calls that can throw into invokes. 540 /// This function analyze BB to see if there are any calls, and if so, 541 /// it rewrites them to be invokes that jump to InvokeDest and fills in the PHI 542 /// nodes in that block with the values specified in InvokeDestPHIValues. 543 static BasicBlock *HandleCallsInBlockInlinedThroughInvoke( 544 BasicBlock *BB, BasicBlock *UnwindEdge, 545 UnwindDestMemoTy *FuncletUnwindMap = nullptr) { 546 for (Instruction &I : llvm::make_early_inc_range(*BB)) { 547 // We only need to check for function calls: inlined invoke 548 // instructions require no special handling. 549 CallInst *CI = dyn_cast<CallInst>(&I); 550 551 if (!CI || CI->doesNotThrow()) 552 continue; 553 554 // We do not need to (and in fact, cannot) convert possibly throwing calls 555 // to @llvm.experimental_deoptimize (resp. @llvm.experimental.guard) into 556 // invokes. The caller's "segment" of the deoptimization continuation 557 // attached to the newly inlined @llvm.experimental_deoptimize 558 // (resp. @llvm.experimental.guard) call should contain the exception 559 // handling logic, if any. 560 if (auto *F = CI->getCalledFunction()) 561 if (F->getIntrinsicID() == Intrinsic::experimental_deoptimize || 562 F->getIntrinsicID() == Intrinsic::experimental_guard) 563 continue; 564 565 if (auto FuncletBundle = CI->getOperandBundle(LLVMContext::OB_funclet)) { 566 // This call is nested inside a funclet. If that funclet has an unwind 567 // destination within the inlinee, then unwinding out of this call would 568 // be UB. Rewriting this call to an invoke which targets the inlined 569 // invoke's unwind dest would give the call's parent funclet multiple 570 // unwind destinations, which is something that subsequent EH table 571 // generation can't handle and that the veirifer rejects. So when we 572 // see such a call, leave it as a call. 573 auto *FuncletPad = cast<Instruction>(FuncletBundle->Inputs[0]); 574 Value *UnwindDestToken = 575 getUnwindDestToken(FuncletPad, *FuncletUnwindMap); 576 if (UnwindDestToken && !isa<ConstantTokenNone>(UnwindDestToken)) 577 continue; 578 #ifndef NDEBUG 579 Instruction *MemoKey; 580 if (auto *CatchPad = dyn_cast<CatchPadInst>(FuncletPad)) 581 MemoKey = CatchPad->getCatchSwitch(); 582 else 583 MemoKey = FuncletPad; 584 assert(FuncletUnwindMap->count(MemoKey) && 585 (*FuncletUnwindMap)[MemoKey] == UnwindDestToken && 586 "must get memoized to avoid confusing later searches"); 587 #endif // NDEBUG 588 } 589 590 changeToInvokeAndSplitBasicBlock(CI, UnwindEdge); 591 return BB; 592 } 593 return nullptr; 594 } 595 596 /// If we inlined an invoke site, we need to convert calls 597 /// in the body of the inlined function into invokes. 598 /// 599 /// II is the invoke instruction being inlined. FirstNewBlock is the first 600 /// block of the inlined code (the last block is the end of the function), 601 /// and InlineCodeInfo is information about the code that got inlined. 602 static void HandleInlinedLandingPad(InvokeInst *II, BasicBlock *FirstNewBlock, 603 ClonedCodeInfo &InlinedCodeInfo) { 604 BasicBlock *InvokeDest = II->getUnwindDest(); 605 606 Function *Caller = FirstNewBlock->getParent(); 607 608 // The inlined code is currently at the end of the function, scan from the 609 // start of the inlined code to its end, checking for stuff we need to 610 // rewrite. 611 LandingPadInliningInfo Invoke(II); 612 613 // Get all of the inlined landing pad instructions. 614 SmallPtrSet<LandingPadInst*, 16> InlinedLPads; 615 for (Function::iterator I = FirstNewBlock->getIterator(), E = Caller->end(); 616 I != E; ++I) 617 if (InvokeInst *II = dyn_cast<InvokeInst>(I->getTerminator())) 618 InlinedLPads.insert(II->getLandingPadInst()); 619 620 // Append the clauses from the outer landing pad instruction into the inlined 621 // landing pad instructions. 622 LandingPadInst *OuterLPad = Invoke.getLandingPadInst(); 623 for (LandingPadInst *InlinedLPad : InlinedLPads) { 624 unsigned OuterNum = OuterLPad->getNumClauses(); 625 InlinedLPad->reserveClauses(OuterNum); 626 for (unsigned OuterIdx = 0; OuterIdx != OuterNum; ++OuterIdx) 627 InlinedLPad->addClause(OuterLPad->getClause(OuterIdx)); 628 if (OuterLPad->isCleanup()) 629 InlinedLPad->setCleanup(true); 630 } 631 632 for (Function::iterator BB = FirstNewBlock->getIterator(), E = Caller->end(); 633 BB != E; ++BB) { 634 if (InlinedCodeInfo.ContainsCalls) 635 if (BasicBlock *NewBB = HandleCallsInBlockInlinedThroughInvoke( 636 &*BB, Invoke.getOuterResumeDest())) 637 // Update any PHI nodes in the exceptional block to indicate that there 638 // is now a new entry in them. 639 Invoke.addIncomingPHIValuesFor(NewBB); 640 641 // Forward any resumes that are remaining here. 642 if (ResumeInst *RI = dyn_cast<ResumeInst>(BB->getTerminator())) 643 Invoke.forwardResume(RI, InlinedLPads); 644 } 645 646 // Now that everything is happy, we have one final detail. The PHI nodes in 647 // the exception destination block still have entries due to the original 648 // invoke instruction. Eliminate these entries (which might even delete the 649 // PHI node) now. 650 InvokeDest->removePredecessor(II->getParent()); 651 } 652 653 /// If we inlined an invoke site, we need to convert calls 654 /// in the body of the inlined function into invokes. 655 /// 656 /// II is the invoke instruction being inlined. FirstNewBlock is the first 657 /// block of the inlined code (the last block is the end of the function), 658 /// and InlineCodeInfo is information about the code that got inlined. 659 static void HandleInlinedEHPad(InvokeInst *II, BasicBlock *FirstNewBlock, 660 ClonedCodeInfo &InlinedCodeInfo) { 661 BasicBlock *UnwindDest = II->getUnwindDest(); 662 Function *Caller = FirstNewBlock->getParent(); 663 664 assert(UnwindDest->getFirstNonPHI()->isEHPad() && "unexpected BasicBlock!"); 665 666 // If there are PHI nodes in the unwind destination block, we need to keep 667 // track of which values came into them from the invoke before removing the 668 // edge from this block. 669 SmallVector<Value *, 8> UnwindDestPHIValues; 670 BasicBlock *InvokeBB = II->getParent(); 671 for (PHINode &PHI : UnwindDest->phis()) { 672 // Save the value to use for this edge. 673 UnwindDestPHIValues.push_back(PHI.getIncomingValueForBlock(InvokeBB)); 674 } 675 676 // Add incoming-PHI values to the unwind destination block for the given basic 677 // block, using the values for the original invoke's source block. 678 auto UpdatePHINodes = [&](BasicBlock *Src) { 679 BasicBlock::iterator I = UnwindDest->begin(); 680 for (Value *V : UnwindDestPHIValues) { 681 PHINode *PHI = cast<PHINode>(I); 682 PHI->addIncoming(V, Src); 683 ++I; 684 } 685 }; 686 687 // This connects all the instructions which 'unwind to caller' to the invoke 688 // destination. 689 UnwindDestMemoTy FuncletUnwindMap; 690 for (Function::iterator BB = FirstNewBlock->getIterator(), E = Caller->end(); 691 BB != E; ++BB) { 692 if (auto *CRI = dyn_cast<CleanupReturnInst>(BB->getTerminator())) { 693 if (CRI->unwindsToCaller()) { 694 auto *CleanupPad = CRI->getCleanupPad(); 695 CleanupReturnInst::Create(CleanupPad, UnwindDest, CRI->getIterator()); 696 CRI->eraseFromParent(); 697 UpdatePHINodes(&*BB); 698 // Finding a cleanupret with an unwind destination would confuse 699 // subsequent calls to getUnwindDestToken, so map the cleanuppad 700 // to short-circuit any such calls and recognize this as an "unwind 701 // to caller" cleanup. 702 assert(!FuncletUnwindMap.count(CleanupPad) || 703 isa<ConstantTokenNone>(FuncletUnwindMap[CleanupPad])); 704 FuncletUnwindMap[CleanupPad] = 705 ConstantTokenNone::get(Caller->getContext()); 706 } 707 } 708 709 Instruction *I = BB->getFirstNonPHI(); 710 if (!I->isEHPad()) 711 continue; 712 713 Instruction *Replacement = nullptr; 714 if (auto *CatchSwitch = dyn_cast<CatchSwitchInst>(I)) { 715 if (CatchSwitch->unwindsToCaller()) { 716 Value *UnwindDestToken; 717 if (auto *ParentPad = 718 dyn_cast<Instruction>(CatchSwitch->getParentPad())) { 719 // This catchswitch is nested inside another funclet. If that 720 // funclet has an unwind destination within the inlinee, then 721 // unwinding out of this catchswitch would be UB. Rewriting this 722 // catchswitch to unwind to the inlined invoke's unwind dest would 723 // give the parent funclet multiple unwind destinations, which is 724 // something that subsequent EH table generation can't handle and 725 // that the veirifer rejects. So when we see such a call, leave it 726 // as "unwind to caller". 727 UnwindDestToken = getUnwindDestToken(ParentPad, FuncletUnwindMap); 728 if (UnwindDestToken && !isa<ConstantTokenNone>(UnwindDestToken)) 729 continue; 730 } else { 731 // This catchswitch has no parent to inherit constraints from, and 732 // none of its descendants can have an unwind edge that exits it and 733 // targets another funclet in the inlinee. It may or may not have a 734 // descendant that definitively has an unwind to caller. In either 735 // case, we'll have to assume that any unwinds out of it may need to 736 // be routed to the caller, so treat it as though it has a definitive 737 // unwind to caller. 738 UnwindDestToken = ConstantTokenNone::get(Caller->getContext()); 739 } 740 auto *NewCatchSwitch = CatchSwitchInst::Create( 741 CatchSwitch->getParentPad(), UnwindDest, 742 CatchSwitch->getNumHandlers(), CatchSwitch->getName(), 743 CatchSwitch->getIterator()); 744 for (BasicBlock *PadBB : CatchSwitch->handlers()) 745 NewCatchSwitch->addHandler(PadBB); 746 // Propagate info for the old catchswitch over to the new one in 747 // the unwind map. This also serves to short-circuit any subsequent 748 // checks for the unwind dest of this catchswitch, which would get 749 // confused if they found the outer handler in the callee. 750 FuncletUnwindMap[NewCatchSwitch] = UnwindDestToken; 751 Replacement = NewCatchSwitch; 752 } 753 } else if (!isa<FuncletPadInst>(I)) { 754 llvm_unreachable("unexpected EHPad!"); 755 } 756 757 if (Replacement) { 758 Replacement->takeName(I); 759 I->replaceAllUsesWith(Replacement); 760 I->eraseFromParent(); 761 UpdatePHINodes(&*BB); 762 } 763 } 764 765 if (InlinedCodeInfo.ContainsCalls) 766 for (Function::iterator BB = FirstNewBlock->getIterator(), 767 E = Caller->end(); 768 BB != E; ++BB) 769 if (BasicBlock *NewBB = HandleCallsInBlockInlinedThroughInvoke( 770 &*BB, UnwindDest, &FuncletUnwindMap)) 771 // Update any PHI nodes in the exceptional block to indicate that there 772 // is now a new entry in them. 773 UpdatePHINodes(NewBB); 774 775 // Now that everything is happy, we have one final detail. The PHI nodes in 776 // the exception destination block still have entries due to the original 777 // invoke instruction. Eliminate these entries (which might even delete the 778 // PHI node) now. 779 UnwindDest->removePredecessor(InvokeBB); 780 } 781 782 static bool haveCommonPrefix(MDNode *MIBStackContext, 783 MDNode *CallsiteStackContext) { 784 assert(MIBStackContext->getNumOperands() > 0 && 785 CallsiteStackContext->getNumOperands() > 0); 786 // Because of the context trimming performed during matching, the callsite 787 // context could have more stack ids than the MIB. We match up to the end of 788 // the shortest stack context. 789 for (auto MIBStackIter = MIBStackContext->op_begin(), 790 CallsiteStackIter = CallsiteStackContext->op_begin(); 791 MIBStackIter != MIBStackContext->op_end() && 792 CallsiteStackIter != CallsiteStackContext->op_end(); 793 MIBStackIter++, CallsiteStackIter++) { 794 auto *Val1 = mdconst::dyn_extract<ConstantInt>(*MIBStackIter); 795 auto *Val2 = mdconst::dyn_extract<ConstantInt>(*CallsiteStackIter); 796 assert(Val1 && Val2); 797 if (Val1->getZExtValue() != Val2->getZExtValue()) 798 return false; 799 } 800 return true; 801 } 802 803 static void removeMemProfMetadata(CallBase *Call) { 804 Call->setMetadata(LLVMContext::MD_memprof, nullptr); 805 } 806 807 static void removeCallsiteMetadata(CallBase *Call) { 808 Call->setMetadata(LLVMContext::MD_callsite, nullptr); 809 } 810 811 static void updateMemprofMetadata(CallBase *CI, 812 const std::vector<Metadata *> &MIBList) { 813 assert(!MIBList.empty()); 814 // Remove existing memprof, which will either be replaced or may not be needed 815 // if we are able to use a single allocation type function attribute. 816 removeMemProfMetadata(CI); 817 CallStackTrie CallStack; 818 for (Metadata *MIB : MIBList) 819 CallStack.addCallStack(cast<MDNode>(MIB)); 820 bool MemprofMDAttached = CallStack.buildAndAttachMIBMetadata(CI); 821 assert(MemprofMDAttached == CI->hasMetadata(LLVMContext::MD_memprof)); 822 if (!MemprofMDAttached) 823 // If we used a function attribute remove the callsite metadata as well. 824 removeCallsiteMetadata(CI); 825 } 826 827 // Update the metadata on the inlined copy ClonedCall of a call OrigCall in the 828 // inlined callee body, based on the callsite metadata InlinedCallsiteMD from 829 // the call that was inlined. 830 static void propagateMemProfHelper(const CallBase *OrigCall, 831 CallBase *ClonedCall, 832 MDNode *InlinedCallsiteMD) { 833 MDNode *OrigCallsiteMD = ClonedCall->getMetadata(LLVMContext::MD_callsite); 834 MDNode *ClonedCallsiteMD = nullptr; 835 // Check if the call originally had callsite metadata, and update it for the 836 // new call in the inlined body. 837 if (OrigCallsiteMD) { 838 // The cloned call's context is now the concatenation of the original call's 839 // callsite metadata and the callsite metadata on the call where it was 840 // inlined. 841 ClonedCallsiteMD = MDNode::concatenate(OrigCallsiteMD, InlinedCallsiteMD); 842 ClonedCall->setMetadata(LLVMContext::MD_callsite, ClonedCallsiteMD); 843 } 844 845 // Update any memprof metadata on the cloned call. 846 MDNode *OrigMemProfMD = ClonedCall->getMetadata(LLVMContext::MD_memprof); 847 if (!OrigMemProfMD) 848 return; 849 // We currently expect that allocations with memprof metadata also have 850 // callsite metadata for the allocation's part of the context. 851 assert(OrigCallsiteMD); 852 853 // New call's MIB list. 854 std::vector<Metadata *> NewMIBList; 855 856 // For each MIB metadata, check if its call stack context starts with the 857 // new clone's callsite metadata. If so, that MIB goes onto the cloned call in 858 // the inlined body. If not, it stays on the out-of-line original call. 859 for (auto &MIBOp : OrigMemProfMD->operands()) { 860 MDNode *MIB = dyn_cast<MDNode>(MIBOp); 861 // Stack is first operand of MIB. 862 MDNode *StackMD = getMIBStackNode(MIB); 863 assert(StackMD); 864 // See if the new cloned callsite context matches this profiled context. 865 if (haveCommonPrefix(StackMD, ClonedCallsiteMD)) 866 // Add it to the cloned call's MIB list. 867 NewMIBList.push_back(MIB); 868 } 869 if (NewMIBList.empty()) { 870 removeMemProfMetadata(ClonedCall); 871 removeCallsiteMetadata(ClonedCall); 872 return; 873 } 874 if (NewMIBList.size() < OrigMemProfMD->getNumOperands()) 875 updateMemprofMetadata(ClonedCall, NewMIBList); 876 } 877 878 // Update memprof related metadata (!memprof and !callsite) based on the 879 // inlining of Callee into the callsite at CB. The updates include merging the 880 // inlined callee's callsite metadata with that of the inlined call, 881 // and moving the subset of any memprof contexts to the inlined callee 882 // allocations if they match the new inlined call stack. 883 static void 884 propagateMemProfMetadata(Function *Callee, CallBase &CB, 885 bool ContainsMemProfMetadata, 886 const ValueMap<const Value *, WeakTrackingVH> &VMap) { 887 MDNode *CallsiteMD = CB.getMetadata(LLVMContext::MD_callsite); 888 // Only need to update if the inlined callsite had callsite metadata, or if 889 // there was any memprof metadata inlined. 890 if (!CallsiteMD && !ContainsMemProfMetadata) 891 return; 892 893 // Propagate metadata onto the cloned calls in the inlined callee. 894 for (const auto &Entry : VMap) { 895 // See if this is a call that has been inlined and remapped, and not 896 // simplified away in the process. 897 auto *OrigCall = dyn_cast_or_null<CallBase>(Entry.first); 898 auto *ClonedCall = dyn_cast_or_null<CallBase>(Entry.second); 899 if (!OrigCall || !ClonedCall) 900 continue; 901 // If the inlined callsite did not have any callsite metadata, then it isn't 902 // involved in any profiled call contexts, and we can remove any memprof 903 // metadata on the cloned call. 904 if (!CallsiteMD) { 905 removeMemProfMetadata(ClonedCall); 906 removeCallsiteMetadata(ClonedCall); 907 continue; 908 } 909 propagateMemProfHelper(OrigCall, ClonedCall, CallsiteMD); 910 } 911 } 912 913 /// When inlining a call site that has !llvm.mem.parallel_loop_access, 914 /// !llvm.access.group, !alias.scope or !noalias metadata, that metadata should 915 /// be propagated to all memory-accessing cloned instructions. 916 static void PropagateCallSiteMetadata(CallBase &CB, Function::iterator FStart, 917 Function::iterator FEnd) { 918 MDNode *MemParallelLoopAccess = 919 CB.getMetadata(LLVMContext::MD_mem_parallel_loop_access); 920 MDNode *AccessGroup = CB.getMetadata(LLVMContext::MD_access_group); 921 MDNode *AliasScope = CB.getMetadata(LLVMContext::MD_alias_scope); 922 MDNode *NoAlias = CB.getMetadata(LLVMContext::MD_noalias); 923 if (!MemParallelLoopAccess && !AccessGroup && !AliasScope && !NoAlias) 924 return; 925 926 for (BasicBlock &BB : make_range(FStart, FEnd)) { 927 for (Instruction &I : BB) { 928 // This metadata is only relevant for instructions that access memory. 929 if (!I.mayReadOrWriteMemory()) 930 continue; 931 932 if (MemParallelLoopAccess) { 933 // TODO: This probably should not overwrite MemParalleLoopAccess. 934 MemParallelLoopAccess = MDNode::concatenate( 935 I.getMetadata(LLVMContext::MD_mem_parallel_loop_access), 936 MemParallelLoopAccess); 937 I.setMetadata(LLVMContext::MD_mem_parallel_loop_access, 938 MemParallelLoopAccess); 939 } 940 941 if (AccessGroup) 942 I.setMetadata(LLVMContext::MD_access_group, uniteAccessGroups( 943 I.getMetadata(LLVMContext::MD_access_group), AccessGroup)); 944 945 if (AliasScope) 946 I.setMetadata(LLVMContext::MD_alias_scope, MDNode::concatenate( 947 I.getMetadata(LLVMContext::MD_alias_scope), AliasScope)); 948 949 if (NoAlias) 950 I.setMetadata(LLVMContext::MD_noalias, MDNode::concatenate( 951 I.getMetadata(LLVMContext::MD_noalias), NoAlias)); 952 } 953 } 954 } 955 956 /// Bundle operands of the inlined function must be added to inlined call sites. 957 static void PropagateOperandBundles(Function::iterator InlinedBB, 958 Instruction *CallSiteEHPad) { 959 for (Instruction &II : llvm::make_early_inc_range(*InlinedBB)) { 960 CallBase *I = dyn_cast<CallBase>(&II); 961 if (!I) 962 continue; 963 // Skip call sites which already have a "funclet" bundle. 964 if (I->getOperandBundle(LLVMContext::OB_funclet)) 965 continue; 966 // Skip call sites which are nounwind intrinsics (as long as they don't 967 // lower into regular function calls in the course of IR transformations). 968 auto *CalledFn = 969 dyn_cast<Function>(I->getCalledOperand()->stripPointerCasts()); 970 if (CalledFn && CalledFn->isIntrinsic() && I->doesNotThrow() && 971 !IntrinsicInst::mayLowerToFunctionCall(CalledFn->getIntrinsicID())) 972 continue; 973 974 SmallVector<OperandBundleDef, 1> OpBundles; 975 I->getOperandBundlesAsDefs(OpBundles); 976 OpBundles.emplace_back("funclet", CallSiteEHPad); 977 978 Instruction *NewInst = CallBase::Create(I, OpBundles, I->getIterator()); 979 NewInst->takeName(I); 980 I->replaceAllUsesWith(NewInst); 981 I->eraseFromParent(); 982 } 983 } 984 985 namespace { 986 /// Utility for cloning !noalias and !alias.scope metadata. When a code region 987 /// using scoped alias metadata is inlined, the aliasing relationships may not 988 /// hold between the two version. It is necessary to create a deep clone of the 989 /// metadata, putting the two versions in separate scope domains. 990 class ScopedAliasMetadataDeepCloner { 991 using MetadataMap = DenseMap<const MDNode *, TrackingMDNodeRef>; 992 SetVector<const MDNode *> MD; 993 MetadataMap MDMap; 994 void addRecursiveMetadataUses(); 995 996 public: 997 ScopedAliasMetadataDeepCloner(const Function *F); 998 999 /// Create a new clone of the scoped alias metadata, which will be used by 1000 /// subsequent remap() calls. 1001 void clone(); 1002 1003 /// Remap instructions in the given range from the original to the cloned 1004 /// metadata. 1005 void remap(Function::iterator FStart, Function::iterator FEnd); 1006 }; 1007 } // namespace 1008 1009 ScopedAliasMetadataDeepCloner::ScopedAliasMetadataDeepCloner( 1010 const Function *F) { 1011 for (const BasicBlock &BB : *F) { 1012 for (const Instruction &I : BB) { 1013 if (const MDNode *M = I.getMetadata(LLVMContext::MD_alias_scope)) 1014 MD.insert(M); 1015 if (const MDNode *M = I.getMetadata(LLVMContext::MD_noalias)) 1016 MD.insert(M); 1017 1018 // We also need to clone the metadata in noalias intrinsics. 1019 if (const auto *Decl = dyn_cast<NoAliasScopeDeclInst>(&I)) 1020 MD.insert(Decl->getScopeList()); 1021 } 1022 } 1023 addRecursiveMetadataUses(); 1024 } 1025 1026 void ScopedAliasMetadataDeepCloner::addRecursiveMetadataUses() { 1027 SmallVector<const Metadata *, 16> Queue(MD.begin(), MD.end()); 1028 while (!Queue.empty()) { 1029 const MDNode *M = cast<MDNode>(Queue.pop_back_val()); 1030 for (const Metadata *Op : M->operands()) 1031 if (const MDNode *OpMD = dyn_cast<MDNode>(Op)) 1032 if (MD.insert(OpMD)) 1033 Queue.push_back(OpMD); 1034 } 1035 } 1036 1037 void ScopedAliasMetadataDeepCloner::clone() { 1038 assert(MDMap.empty() && "clone() already called ?"); 1039 1040 SmallVector<TempMDTuple, 16> DummyNodes; 1041 for (const MDNode *I : MD) { 1042 DummyNodes.push_back(MDTuple::getTemporary(I->getContext(), std::nullopt)); 1043 MDMap[I].reset(DummyNodes.back().get()); 1044 } 1045 1046 // Create new metadata nodes to replace the dummy nodes, replacing old 1047 // metadata references with either a dummy node or an already-created new 1048 // node. 1049 SmallVector<Metadata *, 4> NewOps; 1050 for (const MDNode *I : MD) { 1051 for (const Metadata *Op : I->operands()) { 1052 if (const MDNode *M = dyn_cast<MDNode>(Op)) 1053 NewOps.push_back(MDMap[M]); 1054 else 1055 NewOps.push_back(const_cast<Metadata *>(Op)); 1056 } 1057 1058 MDNode *NewM = MDNode::get(I->getContext(), NewOps); 1059 MDTuple *TempM = cast<MDTuple>(MDMap[I]); 1060 assert(TempM->isTemporary() && "Expected temporary node"); 1061 1062 TempM->replaceAllUsesWith(NewM); 1063 NewOps.clear(); 1064 } 1065 } 1066 1067 void ScopedAliasMetadataDeepCloner::remap(Function::iterator FStart, 1068 Function::iterator FEnd) { 1069 if (MDMap.empty()) 1070 return; // Nothing to do. 1071 1072 for (BasicBlock &BB : make_range(FStart, FEnd)) { 1073 for (Instruction &I : BB) { 1074 // TODO: The null checks for the MDMap.lookup() results should no longer 1075 // be necessary. 1076 if (MDNode *M = I.getMetadata(LLVMContext::MD_alias_scope)) 1077 if (MDNode *MNew = MDMap.lookup(M)) 1078 I.setMetadata(LLVMContext::MD_alias_scope, MNew); 1079 1080 if (MDNode *M = I.getMetadata(LLVMContext::MD_noalias)) 1081 if (MDNode *MNew = MDMap.lookup(M)) 1082 I.setMetadata(LLVMContext::MD_noalias, MNew); 1083 1084 if (auto *Decl = dyn_cast<NoAliasScopeDeclInst>(&I)) 1085 if (MDNode *MNew = MDMap.lookup(Decl->getScopeList())) 1086 Decl->setScopeList(MNew); 1087 } 1088 } 1089 } 1090 1091 /// If the inlined function has noalias arguments, 1092 /// then add new alias scopes for each noalias argument, tag the mapped noalias 1093 /// parameters with noalias metadata specifying the new scope, and tag all 1094 /// non-derived loads, stores and memory intrinsics with the new alias scopes. 1095 static void AddAliasScopeMetadata(CallBase &CB, ValueToValueMapTy &VMap, 1096 const DataLayout &DL, AAResults *CalleeAAR, 1097 ClonedCodeInfo &InlinedFunctionInfo) { 1098 if (!EnableNoAliasConversion) 1099 return; 1100 1101 const Function *CalledFunc = CB.getCalledFunction(); 1102 SmallVector<const Argument *, 4> NoAliasArgs; 1103 1104 for (const Argument &Arg : CalledFunc->args()) 1105 if (CB.paramHasAttr(Arg.getArgNo(), Attribute::NoAlias) && !Arg.use_empty()) 1106 NoAliasArgs.push_back(&Arg); 1107 1108 if (NoAliasArgs.empty()) 1109 return; 1110 1111 // To do a good job, if a noalias variable is captured, we need to know if 1112 // the capture point dominates the particular use we're considering. 1113 DominatorTree DT; 1114 DT.recalculate(const_cast<Function&>(*CalledFunc)); 1115 1116 // noalias indicates that pointer values based on the argument do not alias 1117 // pointer values which are not based on it. So we add a new "scope" for each 1118 // noalias function argument. Accesses using pointers based on that argument 1119 // become part of that alias scope, accesses using pointers not based on that 1120 // argument are tagged as noalias with that scope. 1121 1122 DenseMap<const Argument *, MDNode *> NewScopes; 1123 MDBuilder MDB(CalledFunc->getContext()); 1124 1125 // Create a new scope domain for this function. 1126 MDNode *NewDomain = 1127 MDB.createAnonymousAliasScopeDomain(CalledFunc->getName()); 1128 for (unsigned i = 0, e = NoAliasArgs.size(); i != e; ++i) { 1129 const Argument *A = NoAliasArgs[i]; 1130 1131 std::string Name = std::string(CalledFunc->getName()); 1132 if (A->hasName()) { 1133 Name += ": %"; 1134 Name += A->getName(); 1135 } else { 1136 Name += ": argument "; 1137 Name += utostr(i); 1138 } 1139 1140 // Note: We always create a new anonymous root here. This is true regardless 1141 // of the linkage of the callee because the aliasing "scope" is not just a 1142 // property of the callee, but also all control dependencies in the caller. 1143 MDNode *NewScope = MDB.createAnonymousAliasScope(NewDomain, Name); 1144 NewScopes.insert(std::make_pair(A, NewScope)); 1145 1146 if (UseNoAliasIntrinsic) { 1147 // Introduce a llvm.experimental.noalias.scope.decl for the noalias 1148 // argument. 1149 MDNode *AScopeList = MDNode::get(CalledFunc->getContext(), NewScope); 1150 auto *NoAliasDecl = 1151 IRBuilder<>(&CB).CreateNoAliasScopeDeclaration(AScopeList); 1152 // Ignore the result for now. The result will be used when the 1153 // llvm.noalias intrinsic is introduced. 1154 (void)NoAliasDecl; 1155 } 1156 } 1157 1158 // Iterate over all new instructions in the map; for all memory-access 1159 // instructions, add the alias scope metadata. 1160 for (ValueToValueMapTy::iterator VMI = VMap.begin(), VMIE = VMap.end(); 1161 VMI != VMIE; ++VMI) { 1162 if (const Instruction *I = dyn_cast<Instruction>(VMI->first)) { 1163 if (!VMI->second) 1164 continue; 1165 1166 Instruction *NI = dyn_cast<Instruction>(VMI->second); 1167 if (!NI || InlinedFunctionInfo.isSimplified(I, NI)) 1168 continue; 1169 1170 bool IsArgMemOnlyCall = false, IsFuncCall = false; 1171 SmallVector<const Value *, 2> PtrArgs; 1172 1173 if (const LoadInst *LI = dyn_cast<LoadInst>(I)) 1174 PtrArgs.push_back(LI->getPointerOperand()); 1175 else if (const StoreInst *SI = dyn_cast<StoreInst>(I)) 1176 PtrArgs.push_back(SI->getPointerOperand()); 1177 else if (const VAArgInst *VAAI = dyn_cast<VAArgInst>(I)) 1178 PtrArgs.push_back(VAAI->getPointerOperand()); 1179 else if (const AtomicCmpXchgInst *CXI = dyn_cast<AtomicCmpXchgInst>(I)) 1180 PtrArgs.push_back(CXI->getPointerOperand()); 1181 else if (const AtomicRMWInst *RMWI = dyn_cast<AtomicRMWInst>(I)) 1182 PtrArgs.push_back(RMWI->getPointerOperand()); 1183 else if (const auto *Call = dyn_cast<CallBase>(I)) { 1184 // If we know that the call does not access memory, then we'll still 1185 // know that about the inlined clone of this call site, and we don't 1186 // need to add metadata. 1187 if (Call->doesNotAccessMemory()) 1188 continue; 1189 1190 IsFuncCall = true; 1191 if (CalleeAAR) { 1192 MemoryEffects ME = CalleeAAR->getMemoryEffects(Call); 1193 1194 // We'll retain this knowledge without additional metadata. 1195 if (ME.onlyAccessesInaccessibleMem()) 1196 continue; 1197 1198 if (ME.onlyAccessesArgPointees()) 1199 IsArgMemOnlyCall = true; 1200 } 1201 1202 for (Value *Arg : Call->args()) { 1203 // Only care about pointer arguments. If a noalias argument is 1204 // accessed through a non-pointer argument, it must be captured 1205 // first (e.g. via ptrtoint), and we protect against captures below. 1206 if (!Arg->getType()->isPointerTy()) 1207 continue; 1208 1209 PtrArgs.push_back(Arg); 1210 } 1211 } 1212 1213 // If we found no pointers, then this instruction is not suitable for 1214 // pairing with an instruction to receive aliasing metadata. 1215 // However, if this is a call, this we might just alias with none of the 1216 // noalias arguments. 1217 if (PtrArgs.empty() && !IsFuncCall) 1218 continue; 1219 1220 // It is possible that there is only one underlying object, but you 1221 // need to go through several PHIs to see it, and thus could be 1222 // repeated in the Objects list. 1223 SmallPtrSet<const Value *, 4> ObjSet; 1224 SmallVector<Metadata *, 4> Scopes, NoAliases; 1225 1226 for (const Value *V : PtrArgs) { 1227 SmallVector<const Value *, 4> Objects; 1228 getUnderlyingObjects(V, Objects, /* LI = */ nullptr); 1229 1230 for (const Value *O : Objects) 1231 ObjSet.insert(O); 1232 } 1233 1234 // Figure out if we're derived from anything that is not a noalias 1235 // argument. 1236 bool RequiresNoCaptureBefore = false, UsesAliasingPtr = false, 1237 UsesUnknownObject = false; 1238 for (const Value *V : ObjSet) { 1239 // Is this value a constant that cannot be derived from any pointer 1240 // value (we need to exclude constant expressions, for example, that 1241 // are formed from arithmetic on global symbols). 1242 bool IsNonPtrConst = isa<ConstantInt>(V) || isa<ConstantFP>(V) || 1243 isa<ConstantPointerNull>(V) || 1244 isa<ConstantDataVector>(V) || isa<UndefValue>(V); 1245 if (IsNonPtrConst) 1246 continue; 1247 1248 // If this is anything other than a noalias argument, then we cannot 1249 // completely describe the aliasing properties using alias.scope 1250 // metadata (and, thus, won't add any). 1251 if (const Argument *A = dyn_cast<Argument>(V)) { 1252 if (!CB.paramHasAttr(A->getArgNo(), Attribute::NoAlias)) 1253 UsesAliasingPtr = true; 1254 } else { 1255 UsesAliasingPtr = true; 1256 } 1257 1258 if (isEscapeSource(V)) { 1259 // An escape source can only alias with a noalias argument if it has 1260 // been captured beforehand. 1261 RequiresNoCaptureBefore = true; 1262 } else if (!isa<Argument>(V) && !isIdentifiedObject(V)) { 1263 // If this is neither an escape source, nor some identified object 1264 // (which cannot directly alias a noalias argument), nor some other 1265 // argument (which, by definition, also cannot alias a noalias 1266 // argument), conservatively do not make any assumptions. 1267 UsesUnknownObject = true; 1268 } 1269 } 1270 1271 // Nothing we can do if the used underlying object cannot be reliably 1272 // determined. 1273 if (UsesUnknownObject) 1274 continue; 1275 1276 // A function call can always get captured noalias pointers (via other 1277 // parameters, globals, etc.). 1278 if (IsFuncCall && !IsArgMemOnlyCall) 1279 RequiresNoCaptureBefore = true; 1280 1281 // First, we want to figure out all of the sets with which we definitely 1282 // don't alias. Iterate over all noalias set, and add those for which: 1283 // 1. The noalias argument is not in the set of objects from which we 1284 // definitely derive. 1285 // 2. The noalias argument has not yet been captured. 1286 // An arbitrary function that might load pointers could see captured 1287 // noalias arguments via other noalias arguments or globals, and so we 1288 // must always check for prior capture. 1289 for (const Argument *A : NoAliasArgs) { 1290 if (ObjSet.contains(A)) 1291 continue; // May be based on a noalias argument. 1292 1293 // It might be tempting to skip the PointerMayBeCapturedBefore check if 1294 // A->hasNoCaptureAttr() is true, but this is incorrect because 1295 // nocapture only guarantees that no copies outlive the function, not 1296 // that the value cannot be locally captured. 1297 if (!RequiresNoCaptureBefore || 1298 !PointerMayBeCapturedBefore(A, /* ReturnCaptures */ false, 1299 /* StoreCaptures */ false, I, &DT)) 1300 NoAliases.push_back(NewScopes[A]); 1301 } 1302 1303 if (!NoAliases.empty()) 1304 NI->setMetadata(LLVMContext::MD_noalias, 1305 MDNode::concatenate( 1306 NI->getMetadata(LLVMContext::MD_noalias), 1307 MDNode::get(CalledFunc->getContext(), NoAliases))); 1308 1309 // Next, we want to figure out all of the sets to which we might belong. 1310 // We might belong to a set if the noalias argument is in the set of 1311 // underlying objects. If there is some non-noalias argument in our list 1312 // of underlying objects, then we cannot add a scope because the fact 1313 // that some access does not alias with any set of our noalias arguments 1314 // cannot itself guarantee that it does not alias with this access 1315 // (because there is some pointer of unknown origin involved and the 1316 // other access might also depend on this pointer). We also cannot add 1317 // scopes to arbitrary functions unless we know they don't access any 1318 // non-parameter pointer-values. 1319 bool CanAddScopes = !UsesAliasingPtr; 1320 if (CanAddScopes && IsFuncCall) 1321 CanAddScopes = IsArgMemOnlyCall; 1322 1323 if (CanAddScopes) 1324 for (const Argument *A : NoAliasArgs) { 1325 if (ObjSet.count(A)) 1326 Scopes.push_back(NewScopes[A]); 1327 } 1328 1329 if (!Scopes.empty()) 1330 NI->setMetadata( 1331 LLVMContext::MD_alias_scope, 1332 MDNode::concatenate(NI->getMetadata(LLVMContext::MD_alias_scope), 1333 MDNode::get(CalledFunc->getContext(), Scopes))); 1334 } 1335 } 1336 } 1337 1338 static bool MayContainThrowingOrExitingCallAfterCB(CallBase *Begin, 1339 ReturnInst *End) { 1340 1341 assert(Begin->getParent() == End->getParent() && 1342 "Expected to be in same basic block!"); 1343 auto BeginIt = Begin->getIterator(); 1344 assert(BeginIt != End->getIterator() && "Non-empty BB has empty iterator"); 1345 return !llvm::isGuaranteedToTransferExecutionToSuccessor( 1346 ++BeginIt, End->getIterator(), InlinerAttributeWindow + 1); 1347 } 1348 1349 // Add attributes from CB params and Fn attributes that can always be propagated 1350 // to the corresponding argument / inner callbases. 1351 static void AddParamAndFnBasicAttributes(const CallBase &CB, 1352 ValueToValueMapTy &VMap, 1353 ClonedCodeInfo &InlinedFunctionInfo) { 1354 auto *CalledFunction = CB.getCalledFunction(); 1355 auto &Context = CalledFunction->getContext(); 1356 1357 // Collect valid attributes for all params. 1358 SmallVector<AttrBuilder> ValidParamAttrs; 1359 bool HasAttrToPropagate = false; 1360 1361 for (unsigned I = 0, E = CB.arg_size(); I < E; ++I) { 1362 ValidParamAttrs.emplace_back(AttrBuilder{CB.getContext()}); 1363 // Access attributes can be propagated to any param with the same underlying 1364 // object as the argument. 1365 if (CB.paramHasAttr(I, Attribute::ReadNone)) 1366 ValidParamAttrs.back().addAttribute(Attribute::ReadNone); 1367 if (CB.paramHasAttr(I, Attribute::ReadOnly)) 1368 ValidParamAttrs.back().addAttribute(Attribute::ReadOnly); 1369 HasAttrToPropagate |= ValidParamAttrs.back().hasAttributes(); 1370 } 1371 1372 // Won't be able to propagate anything. 1373 if (!HasAttrToPropagate) 1374 return; 1375 1376 for (BasicBlock &BB : *CalledFunction) { 1377 for (Instruction &Ins : BB) { 1378 const auto *InnerCB = dyn_cast<CallBase>(&Ins); 1379 if (!InnerCB) 1380 continue; 1381 auto *NewInnerCB = dyn_cast_or_null<CallBase>(VMap.lookup(InnerCB)); 1382 if (!NewInnerCB) 1383 continue; 1384 // The InnerCB might have be simplified during the inlining 1385 // process which can make propagation incorrect. 1386 if (InlinedFunctionInfo.isSimplified(InnerCB, NewInnerCB)) 1387 continue; 1388 1389 AttributeList AL = NewInnerCB->getAttributes(); 1390 for (unsigned I = 0, E = InnerCB->arg_size(); I < E; ++I) { 1391 // Check if the underlying value for the parameter is an argument. 1392 const Value *UnderlyingV = 1393 getUnderlyingObject(InnerCB->getArgOperand(I)); 1394 const Argument *Arg = dyn_cast<Argument>(UnderlyingV); 1395 if (!Arg) 1396 continue; 1397 1398 if (AL.hasParamAttr(I, Attribute::ByVal)) 1399 // It's unsound to propagate memory attributes to byval arguments. 1400 // Even if CalledFunction doesn't e.g. write to the argument, 1401 // the call to NewInnerCB may write to its by-value copy. 1402 continue; 1403 1404 unsigned ArgNo = Arg->getArgNo(); 1405 // If so, propagate its access attributes. 1406 AL = AL.addParamAttributes(Context, I, ValidParamAttrs[ArgNo]); 1407 // We can have conflicting attributes from the inner callsite and 1408 // to-be-inlined callsite. In that case, choose the most 1409 // restrictive. 1410 1411 // readonly + writeonly means we can never deref so make readnone. 1412 if (AL.hasParamAttr(I, Attribute::ReadOnly) && 1413 AL.hasParamAttr(I, Attribute::WriteOnly)) 1414 AL = AL.addParamAttribute(Context, I, Attribute::ReadNone); 1415 1416 // If have readnone, need to clear readonly/writeonly 1417 if (AL.hasParamAttr(I, Attribute::ReadNone)) { 1418 AL = AL.removeParamAttribute(Context, I, Attribute::ReadOnly); 1419 AL = AL.removeParamAttribute(Context, I, Attribute::WriteOnly); 1420 } 1421 1422 // Writable cannot exist in conjunction w/ readonly/readnone 1423 if (AL.hasParamAttr(I, Attribute::ReadOnly) || 1424 AL.hasParamAttr(I, Attribute::ReadNone)) 1425 AL = AL.removeParamAttribute(Context, I, Attribute::Writable); 1426 } 1427 NewInnerCB->setAttributes(AL); 1428 } 1429 } 1430 } 1431 1432 // Only allow these white listed attributes to be propagated back to the 1433 // callee. This is because other attributes may only be valid on the call 1434 // itself, i.e. attributes such as signext and zeroext. 1435 1436 // Attributes that are always okay to propagate as if they are violated its 1437 // immediate UB. 1438 static AttrBuilder IdentifyValidUBGeneratingAttributes(CallBase &CB) { 1439 AttrBuilder Valid(CB.getContext()); 1440 if (auto DerefBytes = CB.getRetDereferenceableBytes()) 1441 Valid.addDereferenceableAttr(DerefBytes); 1442 if (auto DerefOrNullBytes = CB.getRetDereferenceableOrNullBytes()) 1443 Valid.addDereferenceableOrNullAttr(DerefOrNullBytes); 1444 if (CB.hasRetAttr(Attribute::NoAlias)) 1445 Valid.addAttribute(Attribute::NoAlias); 1446 if (CB.hasRetAttr(Attribute::NoUndef)) 1447 Valid.addAttribute(Attribute::NoUndef); 1448 return Valid; 1449 } 1450 1451 // Attributes that need additional checks as propagating them may change 1452 // behavior or cause new UB. 1453 static AttrBuilder IdentifyValidPoisonGeneratingAttributes(CallBase &CB) { 1454 AttrBuilder Valid(CB.getContext()); 1455 if (CB.hasRetAttr(Attribute::NonNull)) 1456 Valid.addAttribute(Attribute::NonNull); 1457 if (CB.hasRetAttr(Attribute::Alignment)) 1458 Valid.addAlignmentAttr(CB.getRetAlign()); 1459 if (std::optional<ConstantRange> Range = CB.getRange()) 1460 Valid.addRangeAttr(*Range); 1461 return Valid; 1462 } 1463 1464 static void AddReturnAttributes(CallBase &CB, ValueToValueMapTy &VMap, 1465 ClonedCodeInfo &InlinedFunctionInfo) { 1466 AttrBuilder ValidUB = IdentifyValidUBGeneratingAttributes(CB); 1467 AttrBuilder ValidPG = IdentifyValidPoisonGeneratingAttributes(CB); 1468 if (!ValidUB.hasAttributes() && !ValidPG.hasAttributes()) 1469 return; 1470 auto *CalledFunction = CB.getCalledFunction(); 1471 auto &Context = CalledFunction->getContext(); 1472 1473 for (auto &BB : *CalledFunction) { 1474 auto *RI = dyn_cast<ReturnInst>(BB.getTerminator()); 1475 if (!RI || !isa<CallBase>(RI->getOperand(0))) 1476 continue; 1477 auto *RetVal = cast<CallBase>(RI->getOperand(0)); 1478 // Check that the cloned RetVal exists and is a call, otherwise we cannot 1479 // add the attributes on the cloned RetVal. Simplification during inlining 1480 // could have transformed the cloned instruction. 1481 auto *NewRetVal = dyn_cast_or_null<CallBase>(VMap.lookup(RetVal)); 1482 if (!NewRetVal) 1483 continue; 1484 1485 // The RetVal might have be simplified during the inlining 1486 // process which can make propagation incorrect. 1487 if (InlinedFunctionInfo.isSimplified(RetVal, NewRetVal)) 1488 continue; 1489 // Backward propagation of attributes to the returned value may be incorrect 1490 // if it is control flow dependent. 1491 // Consider: 1492 // @callee { 1493 // %rv = call @foo() 1494 // %rv2 = call @bar() 1495 // if (%rv2 != null) 1496 // return %rv2 1497 // if (%rv == null) 1498 // exit() 1499 // return %rv 1500 // } 1501 // caller() { 1502 // %val = call nonnull @callee() 1503 // } 1504 // Here we cannot add the nonnull attribute on either foo or bar. So, we 1505 // limit the check to both RetVal and RI are in the same basic block and 1506 // there are no throwing/exiting instructions between these instructions. 1507 if (RI->getParent() != RetVal->getParent() || 1508 MayContainThrowingOrExitingCallAfterCB(RetVal, RI)) 1509 continue; 1510 // Add to the existing attributes of NewRetVal, i.e. the cloned call 1511 // instruction. 1512 // NB! When we have the same attribute already existing on NewRetVal, but 1513 // with a differing value, the AttributeList's merge API honours the already 1514 // existing attribute value (i.e. attributes such as dereferenceable, 1515 // dereferenceable_or_null etc). See AttrBuilder::merge for more details. 1516 AttributeList AL = NewRetVal->getAttributes(); 1517 if (ValidUB.getDereferenceableBytes() < AL.getRetDereferenceableBytes()) 1518 ValidUB.removeAttribute(Attribute::Dereferenceable); 1519 if (ValidUB.getDereferenceableOrNullBytes() < 1520 AL.getRetDereferenceableOrNullBytes()) 1521 ValidUB.removeAttribute(Attribute::DereferenceableOrNull); 1522 AttributeList NewAL = AL.addRetAttributes(Context, ValidUB); 1523 // Attributes that may generate poison returns are a bit tricky. If we 1524 // propagate them, other uses of the callsite might have their behavior 1525 // change or cause UB (if they have noundef) b.c of the new potential 1526 // poison. 1527 // Take the following three cases: 1528 // 1529 // 1) 1530 // define nonnull ptr @foo() { 1531 // %p = call ptr @bar() 1532 // call void @use(ptr %p) willreturn nounwind 1533 // ret ptr %p 1534 // } 1535 // 1536 // 2) 1537 // define noundef nonnull ptr @foo() { 1538 // %p = call ptr @bar() 1539 // call void @use(ptr %p) willreturn nounwind 1540 // ret ptr %p 1541 // } 1542 // 1543 // 3) 1544 // define nonnull ptr @foo() { 1545 // %p = call noundef ptr @bar() 1546 // ret ptr %p 1547 // } 1548 // 1549 // In case 1, we can't propagate nonnull because poison value in @use may 1550 // change behavior or trigger UB. 1551 // In case 2, we don't need to be concerned about propagating nonnull, as 1552 // any new poison at @use will trigger UB anyways. 1553 // In case 3, we can never propagate nonnull because it may create UB due to 1554 // the noundef on @bar. 1555 if (ValidPG.getAlignment().valueOrOne() < AL.getRetAlignment().valueOrOne()) 1556 ValidPG.removeAttribute(Attribute::Alignment); 1557 if (ValidPG.hasAttributes()) { 1558 Attribute CBRange = ValidPG.getAttribute(Attribute::Range); 1559 if (CBRange.isValid()) { 1560 Attribute NewRange = AL.getRetAttr(Attribute::Range); 1561 if (NewRange.isValid()) { 1562 ValidPG.addRangeAttr( 1563 CBRange.getRange().intersectWith(NewRange.getRange())); 1564 } 1565 } 1566 // Three checks. 1567 // If the callsite has `noundef`, then a poison due to violating the 1568 // return attribute will create UB anyways so we can always propagate. 1569 // Otherwise, if the return value (callee to be inlined) has `noundef`, we 1570 // can't propagate as a new poison return will cause UB. 1571 // Finally, check if the return value has no uses whose behavior may 1572 // change/may cause UB if we potentially return poison. At the moment this 1573 // is implemented overly conservatively with a single-use check. 1574 // TODO: Update the single-use check to iterate through uses and only bail 1575 // if we have a potentially dangerous use. 1576 1577 if (CB.hasRetAttr(Attribute::NoUndef) || 1578 (RetVal->hasOneUse() && !RetVal->hasRetAttr(Attribute::NoUndef))) 1579 NewAL = NewAL.addRetAttributes(Context, ValidPG); 1580 } 1581 NewRetVal->setAttributes(NewAL); 1582 } 1583 } 1584 1585 /// If the inlined function has non-byval align arguments, then 1586 /// add @llvm.assume-based alignment assumptions to preserve this information. 1587 static void AddAlignmentAssumptions(CallBase &CB, InlineFunctionInfo &IFI) { 1588 if (!PreserveAlignmentAssumptions || !IFI.GetAssumptionCache) 1589 return; 1590 1591 AssumptionCache *AC = &IFI.GetAssumptionCache(*CB.getCaller()); 1592 auto &DL = CB.getDataLayout(); 1593 1594 // To avoid inserting redundant assumptions, we should check for assumptions 1595 // already in the caller. To do this, we might need a DT of the caller. 1596 DominatorTree DT; 1597 bool DTCalculated = false; 1598 1599 Function *CalledFunc = CB.getCalledFunction(); 1600 for (Argument &Arg : CalledFunc->args()) { 1601 if (!Arg.getType()->isPointerTy() || Arg.hasPassPointeeByValueCopyAttr() || 1602 Arg.hasNUses(0)) 1603 continue; 1604 MaybeAlign Alignment = Arg.getParamAlign(); 1605 if (!Alignment) 1606 continue; 1607 1608 if (!DTCalculated) { 1609 DT.recalculate(*CB.getCaller()); 1610 DTCalculated = true; 1611 } 1612 // If we can already prove the asserted alignment in the context of the 1613 // caller, then don't bother inserting the assumption. 1614 Value *ArgVal = CB.getArgOperand(Arg.getArgNo()); 1615 if (getKnownAlignment(ArgVal, DL, &CB, AC, &DT) >= *Alignment) 1616 continue; 1617 1618 CallInst *NewAsmp = IRBuilder<>(&CB).CreateAlignmentAssumption( 1619 DL, ArgVal, Alignment->value()); 1620 AC->registerAssumption(cast<AssumeInst>(NewAsmp)); 1621 } 1622 } 1623 1624 static void HandleByValArgumentInit(Type *ByValType, Value *Dst, Value *Src, 1625 Module *M, BasicBlock *InsertBlock, 1626 InlineFunctionInfo &IFI, 1627 Function *CalledFunc) { 1628 IRBuilder<> Builder(InsertBlock, InsertBlock->begin()); 1629 1630 Value *Size = 1631 Builder.getInt64(M->getDataLayout().getTypeStoreSize(ByValType)); 1632 1633 // Always generate a memcpy of alignment 1 here because we don't know 1634 // the alignment of the src pointer. Other optimizations can infer 1635 // better alignment. 1636 CallInst *CI = Builder.CreateMemCpy(Dst, /*DstAlign*/ Align(1), Src, 1637 /*SrcAlign*/ Align(1), Size); 1638 1639 // The verifier requires that all calls of debug-info-bearing functions 1640 // from debug-info-bearing functions have a debug location (for inlining 1641 // purposes). Assign a dummy location to satisfy the constraint. 1642 if (!CI->getDebugLoc() && InsertBlock->getParent()->getSubprogram()) 1643 if (DISubprogram *SP = CalledFunc->getSubprogram()) 1644 CI->setDebugLoc(DILocation::get(SP->getContext(), 0, 0, SP)); 1645 } 1646 1647 /// When inlining a call site that has a byval argument, 1648 /// we have to make the implicit memcpy explicit by adding it. 1649 static Value *HandleByValArgument(Type *ByValType, Value *Arg, 1650 Instruction *TheCall, 1651 const Function *CalledFunc, 1652 InlineFunctionInfo &IFI, 1653 MaybeAlign ByValAlignment) { 1654 Function *Caller = TheCall->getFunction(); 1655 const DataLayout &DL = Caller->getDataLayout(); 1656 1657 // If the called function is readonly, then it could not mutate the caller's 1658 // copy of the byval'd memory. In this case, it is safe to elide the copy and 1659 // temporary. 1660 if (CalledFunc->onlyReadsMemory()) { 1661 // If the byval argument has a specified alignment that is greater than the 1662 // passed in pointer, then we either have to round up the input pointer or 1663 // give up on this transformation. 1664 if (ByValAlignment.valueOrOne() == 1) 1665 return Arg; 1666 1667 AssumptionCache *AC = 1668 IFI.GetAssumptionCache ? &IFI.GetAssumptionCache(*Caller) : nullptr; 1669 1670 // If the pointer is already known to be sufficiently aligned, or if we can 1671 // round it up to a larger alignment, then we don't need a temporary. 1672 if (getOrEnforceKnownAlignment(Arg, *ByValAlignment, DL, TheCall, AC) >= 1673 *ByValAlignment) 1674 return Arg; 1675 1676 // Otherwise, we have to make a memcpy to get a safe alignment. This is bad 1677 // for code quality, but rarely happens and is required for correctness. 1678 } 1679 1680 // Create the alloca. If we have DataLayout, use nice alignment. 1681 Align Alignment = DL.getPrefTypeAlign(ByValType); 1682 1683 // If the byval had an alignment specified, we *must* use at least that 1684 // alignment, as it is required by the byval argument (and uses of the 1685 // pointer inside the callee). 1686 if (ByValAlignment) 1687 Alignment = std::max(Alignment, *ByValAlignment); 1688 1689 AllocaInst *NewAlloca = 1690 new AllocaInst(ByValType, Arg->getType()->getPointerAddressSpace(), 1691 nullptr, Alignment, Arg->getName()); 1692 NewAlloca->insertBefore(Caller->begin()->begin()); 1693 IFI.StaticAllocas.push_back(NewAlloca); 1694 1695 // Uses of the argument in the function should use our new alloca 1696 // instead. 1697 return NewAlloca; 1698 } 1699 1700 // Check whether this Value is used by a lifetime intrinsic. 1701 static bool isUsedByLifetimeMarker(Value *V) { 1702 for (User *U : V->users()) 1703 if (IntrinsicInst *II = dyn_cast<IntrinsicInst>(U)) 1704 if (II->isLifetimeStartOrEnd()) 1705 return true; 1706 return false; 1707 } 1708 1709 // Check whether the given alloca already has 1710 // lifetime.start or lifetime.end intrinsics. 1711 static bool hasLifetimeMarkers(AllocaInst *AI) { 1712 Type *Ty = AI->getType(); 1713 Type *Int8PtrTy = 1714 PointerType::get(Ty->getContext(), Ty->getPointerAddressSpace()); 1715 if (Ty == Int8PtrTy) 1716 return isUsedByLifetimeMarker(AI); 1717 1718 // Do a scan to find all the casts to i8*. 1719 for (User *U : AI->users()) { 1720 if (U->getType() != Int8PtrTy) continue; 1721 if (U->stripPointerCasts() != AI) continue; 1722 if (isUsedByLifetimeMarker(U)) 1723 return true; 1724 } 1725 return false; 1726 } 1727 1728 /// Return the result of AI->isStaticAlloca() if AI were moved to the entry 1729 /// block. Allocas used in inalloca calls and allocas of dynamic array size 1730 /// cannot be static. 1731 static bool allocaWouldBeStaticInEntry(const AllocaInst *AI ) { 1732 return isa<Constant>(AI->getArraySize()) && !AI->isUsedWithInAlloca(); 1733 } 1734 1735 /// Returns a DebugLoc for a new DILocation which is a clone of \p OrigDL 1736 /// inlined at \p InlinedAt. \p IANodes is an inlined-at cache. 1737 static DebugLoc inlineDebugLoc(DebugLoc OrigDL, DILocation *InlinedAt, 1738 LLVMContext &Ctx, 1739 DenseMap<const MDNode *, MDNode *> &IANodes) { 1740 auto IA = DebugLoc::appendInlinedAt(OrigDL, InlinedAt, Ctx, IANodes); 1741 return DILocation::get(Ctx, OrigDL.getLine(), OrigDL.getCol(), 1742 OrigDL.getScope(), IA); 1743 } 1744 1745 /// Update inlined instructions' line numbers to 1746 /// to encode location where these instructions are inlined. 1747 static void fixupLineNumbers(Function *Fn, Function::iterator FI, 1748 Instruction *TheCall, bool CalleeHasDebugInfo) { 1749 const DebugLoc &TheCallDL = TheCall->getDebugLoc(); 1750 if (!TheCallDL) 1751 return; 1752 1753 auto &Ctx = Fn->getContext(); 1754 DILocation *InlinedAtNode = TheCallDL; 1755 1756 // Create a unique call site, not to be confused with any other call from the 1757 // same location. 1758 InlinedAtNode = DILocation::getDistinct( 1759 Ctx, InlinedAtNode->getLine(), InlinedAtNode->getColumn(), 1760 InlinedAtNode->getScope(), InlinedAtNode->getInlinedAt()); 1761 1762 // Cache the inlined-at nodes as they're built so they are reused, without 1763 // this every instruction's inlined-at chain would become distinct from each 1764 // other. 1765 DenseMap<const MDNode *, MDNode *> IANodes; 1766 1767 // Check if we are not generating inline line tables and want to use 1768 // the call site location instead. 1769 bool NoInlineLineTables = Fn->hasFnAttribute("no-inline-line-tables"); 1770 1771 // Helper-util for updating the metadata attached to an instruction. 1772 auto UpdateInst = [&](Instruction &I) { 1773 // Loop metadata needs to be updated so that the start and end locs 1774 // reference inlined-at locations. 1775 auto updateLoopInfoLoc = [&Ctx, &InlinedAtNode, 1776 &IANodes](Metadata *MD) -> Metadata * { 1777 if (auto *Loc = dyn_cast_or_null<DILocation>(MD)) 1778 return inlineDebugLoc(Loc, InlinedAtNode, Ctx, IANodes).get(); 1779 return MD; 1780 }; 1781 updateLoopMetadataDebugLocations(I, updateLoopInfoLoc); 1782 1783 if (!NoInlineLineTables) 1784 if (DebugLoc DL = I.getDebugLoc()) { 1785 DebugLoc IDL = 1786 inlineDebugLoc(DL, InlinedAtNode, I.getContext(), IANodes); 1787 I.setDebugLoc(IDL); 1788 return; 1789 } 1790 1791 if (CalleeHasDebugInfo && !NoInlineLineTables) 1792 return; 1793 1794 // If the inlined instruction has no line number, or if inline info 1795 // is not being generated, make it look as if it originates from the call 1796 // location. This is important for ((__always_inline, __nodebug__)) 1797 // functions which must use caller location for all instructions in their 1798 // function body. 1799 1800 // Don't update static allocas, as they may get moved later. 1801 if (auto *AI = dyn_cast<AllocaInst>(&I)) 1802 if (allocaWouldBeStaticInEntry(AI)) 1803 return; 1804 1805 // Do not force a debug loc for pseudo probes, since they do not need to 1806 // be debuggable, and also they are expected to have a zero/null dwarf 1807 // discriminator at this point which could be violated otherwise. 1808 if (isa<PseudoProbeInst>(I)) 1809 return; 1810 1811 I.setDebugLoc(TheCallDL); 1812 }; 1813 1814 // Helper-util for updating debug-info records attached to instructions. 1815 auto UpdateDVR = [&](DbgRecord *DVR) { 1816 assert(DVR->getDebugLoc() && "Debug Value must have debug loc"); 1817 if (NoInlineLineTables) { 1818 DVR->setDebugLoc(TheCallDL); 1819 return; 1820 } 1821 DebugLoc DL = DVR->getDebugLoc(); 1822 DebugLoc IDL = 1823 inlineDebugLoc(DL, InlinedAtNode, 1824 DVR->getMarker()->getParent()->getContext(), IANodes); 1825 DVR->setDebugLoc(IDL); 1826 }; 1827 1828 // Iterate over all instructions, updating metadata and debug-info records. 1829 for (; FI != Fn->end(); ++FI) { 1830 for (Instruction &I : *FI) { 1831 UpdateInst(I); 1832 for (DbgRecord &DVR : I.getDbgRecordRange()) { 1833 UpdateDVR(&DVR); 1834 } 1835 } 1836 1837 // Remove debug info intrinsics if we're not keeping inline info. 1838 if (NoInlineLineTables) { 1839 BasicBlock::iterator BI = FI->begin(); 1840 while (BI != FI->end()) { 1841 if (isa<DbgInfoIntrinsic>(BI)) { 1842 BI = BI->eraseFromParent(); 1843 continue; 1844 } else { 1845 BI->dropDbgRecords(); 1846 } 1847 ++BI; 1848 } 1849 } 1850 } 1851 } 1852 1853 #undef DEBUG_TYPE 1854 #define DEBUG_TYPE "assignment-tracking" 1855 /// Find Alloca and linked DbgAssignIntrinsic for locals escaped by \p CB. 1856 static at::StorageToVarsMap collectEscapedLocals(const DataLayout &DL, 1857 const CallBase &CB) { 1858 at::StorageToVarsMap EscapedLocals; 1859 SmallPtrSet<const Value *, 4> SeenBases; 1860 1861 LLVM_DEBUG( 1862 errs() << "# Finding caller local variables escaped by callee\n"); 1863 for (const Value *Arg : CB.args()) { 1864 LLVM_DEBUG(errs() << "INSPECT: " << *Arg << "\n"); 1865 if (!Arg->getType()->isPointerTy()) { 1866 LLVM_DEBUG(errs() << " | SKIP: Not a pointer\n"); 1867 continue; 1868 } 1869 1870 const Instruction *I = dyn_cast<Instruction>(Arg); 1871 if (!I) { 1872 LLVM_DEBUG(errs() << " | SKIP: Not result of instruction\n"); 1873 continue; 1874 } 1875 1876 // Walk back to the base storage. 1877 assert(Arg->getType()->isPtrOrPtrVectorTy()); 1878 APInt TmpOffset(DL.getIndexTypeSizeInBits(Arg->getType()), 0, false); 1879 const AllocaInst *Base = dyn_cast<AllocaInst>( 1880 Arg->stripAndAccumulateConstantOffsets(DL, TmpOffset, true)); 1881 if (!Base) { 1882 LLVM_DEBUG(errs() << " | SKIP: Couldn't walk back to base storage\n"); 1883 continue; 1884 } 1885 1886 assert(Base); 1887 LLVM_DEBUG(errs() << " | BASE: " << *Base << "\n"); 1888 // We only need to process each base address once - skip any duplicates. 1889 if (!SeenBases.insert(Base).second) 1890 continue; 1891 1892 // Find all local variables associated with the backing storage. 1893 auto CollectAssignsForStorage = [&](auto *DbgAssign) { 1894 // Skip variables from inlined functions - they are not local variables. 1895 if (DbgAssign->getDebugLoc().getInlinedAt()) 1896 return; 1897 LLVM_DEBUG(errs() << " > DEF : " << *DbgAssign << "\n"); 1898 EscapedLocals[Base].insert(at::VarRecord(DbgAssign)); 1899 }; 1900 for_each(at::getAssignmentMarkers(Base), CollectAssignsForStorage); 1901 for_each(at::getDVRAssignmentMarkers(Base), CollectAssignsForStorage); 1902 } 1903 return EscapedLocals; 1904 } 1905 1906 static void trackInlinedStores(Function::iterator Start, Function::iterator End, 1907 const CallBase &CB) { 1908 LLVM_DEBUG(errs() << "trackInlinedStores into " 1909 << Start->getParent()->getName() << " from " 1910 << CB.getCalledFunction()->getName() << "\n"); 1911 std::unique_ptr<DataLayout> DL = std::make_unique<DataLayout>(CB.getModule()); 1912 at::trackAssignments(Start, End, collectEscapedLocals(*DL, CB), *DL); 1913 } 1914 1915 /// Update inlined instructions' DIAssignID metadata. We need to do this 1916 /// otherwise a function inlined more than once into the same function 1917 /// will cause DIAssignID to be shared by many instructions. 1918 static void fixupAssignments(Function::iterator Start, Function::iterator End) { 1919 DenseMap<DIAssignID *, DIAssignID *> Map; 1920 // Loop over all the inlined instructions. If we find a DIAssignID 1921 // attachment or use, replace it with a new version. 1922 for (auto BBI = Start; BBI != End; ++BBI) { 1923 for (Instruction &I : *BBI) 1924 at::remapAssignID(Map, I); 1925 } 1926 } 1927 #undef DEBUG_TYPE 1928 #define DEBUG_TYPE "inline-function" 1929 1930 /// Update the block frequencies of the caller after a callee has been inlined. 1931 /// 1932 /// Each block cloned into the caller has its block frequency scaled by the 1933 /// ratio of CallSiteFreq/CalleeEntryFreq. This ensures that the cloned copy of 1934 /// callee's entry block gets the same frequency as the callsite block and the 1935 /// relative frequencies of all cloned blocks remain the same after cloning. 1936 static void updateCallerBFI(BasicBlock *CallSiteBlock, 1937 const ValueToValueMapTy &VMap, 1938 BlockFrequencyInfo *CallerBFI, 1939 BlockFrequencyInfo *CalleeBFI, 1940 const BasicBlock &CalleeEntryBlock) { 1941 SmallPtrSet<BasicBlock *, 16> ClonedBBs; 1942 for (auto Entry : VMap) { 1943 if (!isa<BasicBlock>(Entry.first) || !Entry.second) 1944 continue; 1945 auto *OrigBB = cast<BasicBlock>(Entry.first); 1946 auto *ClonedBB = cast<BasicBlock>(Entry.second); 1947 BlockFrequency Freq = CalleeBFI->getBlockFreq(OrigBB); 1948 if (!ClonedBBs.insert(ClonedBB).second) { 1949 // Multiple blocks in the callee might get mapped to one cloned block in 1950 // the caller since we prune the callee as we clone it. When that happens, 1951 // we want to use the maximum among the original blocks' frequencies. 1952 BlockFrequency NewFreq = CallerBFI->getBlockFreq(ClonedBB); 1953 if (NewFreq > Freq) 1954 Freq = NewFreq; 1955 } 1956 CallerBFI->setBlockFreq(ClonedBB, Freq); 1957 } 1958 BasicBlock *EntryClone = cast<BasicBlock>(VMap.lookup(&CalleeEntryBlock)); 1959 CallerBFI->setBlockFreqAndScale( 1960 EntryClone, CallerBFI->getBlockFreq(CallSiteBlock), ClonedBBs); 1961 } 1962 1963 /// Update the branch metadata for cloned call instructions. 1964 static void updateCallProfile(Function *Callee, const ValueToValueMapTy &VMap, 1965 const ProfileCount &CalleeEntryCount, 1966 const CallBase &TheCall, ProfileSummaryInfo *PSI, 1967 BlockFrequencyInfo *CallerBFI) { 1968 if (CalleeEntryCount.isSynthetic() || CalleeEntryCount.getCount() < 1) 1969 return; 1970 auto CallSiteCount = 1971 PSI ? PSI->getProfileCount(TheCall, CallerBFI) : std::nullopt; 1972 int64_t CallCount = 1973 std::min(CallSiteCount.value_or(0), CalleeEntryCount.getCount()); 1974 updateProfileCallee(Callee, -CallCount, &VMap); 1975 } 1976 1977 void llvm::updateProfileCallee( 1978 Function *Callee, int64_t EntryDelta, 1979 const ValueMap<const Value *, WeakTrackingVH> *VMap) { 1980 auto CalleeCount = Callee->getEntryCount(); 1981 if (!CalleeCount) 1982 return; 1983 1984 const uint64_t PriorEntryCount = CalleeCount->getCount(); 1985 1986 // Since CallSiteCount is an estimate, it could exceed the original callee 1987 // count and has to be set to 0 so guard against underflow. 1988 const uint64_t NewEntryCount = 1989 (EntryDelta < 0 && static_cast<uint64_t>(-EntryDelta) > PriorEntryCount) 1990 ? 0 1991 : PriorEntryCount + EntryDelta; 1992 1993 auto updateVTableProfWeight = [](CallBase *CB, const uint64_t NewEntryCount, 1994 const uint64_t PriorEntryCount) { 1995 Instruction *VPtr = PGOIndirectCallVisitor::tryGetVTableInstruction(CB); 1996 if (VPtr) 1997 scaleProfData(*VPtr, NewEntryCount, PriorEntryCount); 1998 }; 1999 2000 // During inlining ? 2001 if (VMap) { 2002 uint64_t CloneEntryCount = PriorEntryCount - NewEntryCount; 2003 for (auto Entry : *VMap) { 2004 if (isa<CallInst>(Entry.first)) 2005 if (auto *CI = dyn_cast_or_null<CallInst>(Entry.second)) { 2006 CI->updateProfWeight(CloneEntryCount, PriorEntryCount); 2007 updateVTableProfWeight(CI, CloneEntryCount, PriorEntryCount); 2008 } 2009 2010 if (isa<InvokeInst>(Entry.first)) 2011 if (auto *II = dyn_cast_or_null<InvokeInst>(Entry.second)) { 2012 II->updateProfWeight(CloneEntryCount, PriorEntryCount); 2013 updateVTableProfWeight(II, CloneEntryCount, PriorEntryCount); 2014 } 2015 } 2016 } 2017 2018 if (EntryDelta) { 2019 Callee->setEntryCount(NewEntryCount); 2020 2021 for (BasicBlock &BB : *Callee) 2022 // No need to update the callsite if it is pruned during inlining. 2023 if (!VMap || VMap->count(&BB)) 2024 for (Instruction &I : BB) { 2025 if (CallInst *CI = dyn_cast<CallInst>(&I)) { 2026 CI->updateProfWeight(NewEntryCount, PriorEntryCount); 2027 updateVTableProfWeight(CI, NewEntryCount, PriorEntryCount); 2028 } 2029 if (InvokeInst *II = dyn_cast<InvokeInst>(&I)) { 2030 II->updateProfWeight(NewEntryCount, PriorEntryCount); 2031 updateVTableProfWeight(II, NewEntryCount, PriorEntryCount); 2032 } 2033 } 2034 } 2035 } 2036 2037 /// An operand bundle "clang.arc.attachedcall" on a call indicates the call 2038 /// result is implicitly consumed by a call to retainRV or claimRV immediately 2039 /// after the call. This function inlines the retainRV/claimRV calls. 2040 /// 2041 /// There are three cases to consider: 2042 /// 2043 /// 1. If there is a call to autoreleaseRV that takes a pointer to the returned 2044 /// object in the callee return block, the autoreleaseRV call and the 2045 /// retainRV/claimRV call in the caller cancel out. If the call in the caller 2046 /// is a claimRV call, a call to objc_release is emitted. 2047 /// 2048 /// 2. If there is a call in the callee return block that doesn't have operand 2049 /// bundle "clang.arc.attachedcall", the operand bundle on the original call 2050 /// is transferred to the call in the callee. 2051 /// 2052 /// 3. Otherwise, a call to objc_retain is inserted if the call in the caller is 2053 /// a retainRV call. 2054 static void 2055 inlineRetainOrClaimRVCalls(CallBase &CB, objcarc::ARCInstKind RVCallKind, 2056 const SmallVectorImpl<ReturnInst *> &Returns) { 2057 Module *Mod = CB.getModule(); 2058 assert(objcarc::isRetainOrClaimRV(RVCallKind) && "unexpected ARC function"); 2059 bool IsRetainRV = RVCallKind == objcarc::ARCInstKind::RetainRV, 2060 IsUnsafeClaimRV = !IsRetainRV; 2061 2062 for (auto *RI : Returns) { 2063 Value *RetOpnd = objcarc::GetRCIdentityRoot(RI->getOperand(0)); 2064 bool InsertRetainCall = IsRetainRV; 2065 IRBuilder<> Builder(RI->getContext()); 2066 2067 // Walk backwards through the basic block looking for either a matching 2068 // autoreleaseRV call or an unannotated call. 2069 auto InstRange = llvm::make_range(++(RI->getIterator().getReverse()), 2070 RI->getParent()->rend()); 2071 for (Instruction &I : llvm::make_early_inc_range(InstRange)) { 2072 // Ignore casts. 2073 if (isa<CastInst>(I)) 2074 continue; 2075 2076 if (auto *II = dyn_cast<IntrinsicInst>(&I)) { 2077 if (II->getIntrinsicID() != Intrinsic::objc_autoreleaseReturnValue || 2078 !II->hasNUses(0) || 2079 objcarc::GetRCIdentityRoot(II->getOperand(0)) != RetOpnd) 2080 break; 2081 2082 // If we've found a matching authoreleaseRV call: 2083 // - If claimRV is attached to the call, insert a call to objc_release 2084 // and erase the autoreleaseRV call. 2085 // - If retainRV is attached to the call, just erase the autoreleaseRV 2086 // call. 2087 if (IsUnsafeClaimRV) { 2088 Builder.SetInsertPoint(II); 2089 Function *IFn = 2090 Intrinsic::getDeclaration(Mod, Intrinsic::objc_release); 2091 Builder.CreateCall(IFn, RetOpnd, ""); 2092 } 2093 II->eraseFromParent(); 2094 InsertRetainCall = false; 2095 break; 2096 } 2097 2098 auto *CI = dyn_cast<CallInst>(&I); 2099 2100 if (!CI) 2101 break; 2102 2103 if (objcarc::GetRCIdentityRoot(CI) != RetOpnd || 2104 objcarc::hasAttachedCallOpBundle(CI)) 2105 break; 2106 2107 // If we've found an unannotated call that defines RetOpnd, add a 2108 // "clang.arc.attachedcall" operand bundle. 2109 Value *BundleArgs[] = {*objcarc::getAttachedARCFunction(&CB)}; 2110 OperandBundleDef OB("clang.arc.attachedcall", BundleArgs); 2111 auto *NewCall = CallBase::addOperandBundle( 2112 CI, LLVMContext::OB_clang_arc_attachedcall, OB, CI->getIterator()); 2113 NewCall->copyMetadata(*CI); 2114 CI->replaceAllUsesWith(NewCall); 2115 CI->eraseFromParent(); 2116 InsertRetainCall = false; 2117 break; 2118 } 2119 2120 if (InsertRetainCall) { 2121 // The retainRV is attached to the call and we've failed to find a 2122 // matching autoreleaseRV or an annotated call in the callee. Emit a call 2123 // to objc_retain. 2124 Builder.SetInsertPoint(RI); 2125 Function *IFn = Intrinsic::getDeclaration(Mod, Intrinsic::objc_retain); 2126 Builder.CreateCall(IFn, RetOpnd, ""); 2127 } 2128 } 2129 } 2130 2131 /// This function inlines the called function into the basic block of the 2132 /// caller. This returns false if it is not possible to inline this call. 2133 /// The program is still in a well defined state if this occurs though. 2134 /// 2135 /// Note that this only does one level of inlining. For example, if the 2136 /// instruction 'call B' is inlined, and 'B' calls 'C', then the call to 'C' now 2137 /// exists in the instruction stream. Similarly this will inline a recursive 2138 /// function by one level. 2139 llvm::InlineResult llvm::InlineFunction(CallBase &CB, InlineFunctionInfo &IFI, 2140 bool MergeAttributes, 2141 AAResults *CalleeAAR, 2142 bool InsertLifetime, 2143 Function *ForwardVarArgsTo) { 2144 assert(CB.getParent() && CB.getFunction() && "Instruction not in function!"); 2145 2146 // FIXME: we don't inline callbr yet. 2147 if (isa<CallBrInst>(CB)) 2148 return InlineResult::failure("We don't inline callbr yet."); 2149 2150 // If IFI has any state in it, zap it before we fill it in. 2151 IFI.reset(); 2152 2153 Function *CalledFunc = CB.getCalledFunction(); 2154 if (!CalledFunc || // Can't inline external function or indirect 2155 CalledFunc->isDeclaration()) // call! 2156 return InlineResult::failure("external or indirect"); 2157 2158 // The inliner does not know how to inline through calls with operand bundles 2159 // in general ... 2160 Value *ConvergenceControlToken = nullptr; 2161 if (CB.hasOperandBundles()) { 2162 for (int i = 0, e = CB.getNumOperandBundles(); i != e; ++i) { 2163 auto OBUse = CB.getOperandBundleAt(i); 2164 uint32_t Tag = OBUse.getTagID(); 2165 // ... but it knows how to inline through "deopt" operand bundles ... 2166 if (Tag == LLVMContext::OB_deopt) 2167 continue; 2168 // ... and "funclet" operand bundles. 2169 if (Tag == LLVMContext::OB_funclet) 2170 continue; 2171 if (Tag == LLVMContext::OB_clang_arc_attachedcall) 2172 continue; 2173 if (Tag == LLVMContext::OB_kcfi) 2174 continue; 2175 if (Tag == LLVMContext::OB_convergencectrl) { 2176 ConvergenceControlToken = OBUse.Inputs[0].get(); 2177 continue; 2178 } 2179 2180 return InlineResult::failure("unsupported operand bundle"); 2181 } 2182 } 2183 2184 // FIXME: The check below is redundant and incomplete. According to spec, if a 2185 // convergent call is missing a token, then the caller is using uncontrolled 2186 // convergence. If the callee has an entry intrinsic, then the callee is using 2187 // controlled convergence, and the call cannot be inlined. A proper 2188 // implemenation of this check requires a whole new analysis that identifies 2189 // convergence in every function. For now, we skip that and just do this one 2190 // cursory check. The underlying assumption is that in a compiler flow that 2191 // fully implements convergence control tokens, there is no mixing of 2192 // controlled and uncontrolled convergent operations in the whole program. 2193 if (CB.isConvergent()) { 2194 auto *I = CalledFunc->getEntryBlock().getFirstNonPHI(); 2195 if (auto *IntrinsicCall = dyn_cast<IntrinsicInst>(I)) { 2196 if (IntrinsicCall->getIntrinsicID() == 2197 Intrinsic::experimental_convergence_entry) { 2198 if (!ConvergenceControlToken) { 2199 return InlineResult::failure( 2200 "convergent call needs convergencectrl operand"); 2201 } 2202 } 2203 } 2204 } 2205 2206 // If the call to the callee cannot throw, set the 'nounwind' flag on any 2207 // calls that we inline. 2208 bool MarkNoUnwind = CB.doesNotThrow(); 2209 2210 BasicBlock *OrigBB = CB.getParent(); 2211 Function *Caller = OrigBB->getParent(); 2212 2213 // GC poses two hazards to inlining, which only occur when the callee has GC: 2214 // 1. If the caller has no GC, then the callee's GC must be propagated to the 2215 // caller. 2216 // 2. If the caller has a differing GC, it is invalid to inline. 2217 if (CalledFunc->hasGC()) { 2218 if (!Caller->hasGC()) 2219 Caller->setGC(CalledFunc->getGC()); 2220 else if (CalledFunc->getGC() != Caller->getGC()) 2221 return InlineResult::failure("incompatible GC"); 2222 } 2223 2224 // Get the personality function from the callee if it contains a landing pad. 2225 Constant *CalledPersonality = 2226 CalledFunc->hasPersonalityFn() 2227 ? CalledFunc->getPersonalityFn()->stripPointerCasts() 2228 : nullptr; 2229 2230 // Find the personality function used by the landing pads of the caller. If it 2231 // exists, then check to see that it matches the personality function used in 2232 // the callee. 2233 Constant *CallerPersonality = 2234 Caller->hasPersonalityFn() 2235 ? Caller->getPersonalityFn()->stripPointerCasts() 2236 : nullptr; 2237 if (CalledPersonality) { 2238 if (!CallerPersonality) 2239 Caller->setPersonalityFn(CalledPersonality); 2240 // If the personality functions match, then we can perform the 2241 // inlining. Otherwise, we can't inline. 2242 // TODO: This isn't 100% true. Some personality functions are proper 2243 // supersets of others and can be used in place of the other. 2244 else if (CalledPersonality != CallerPersonality) 2245 return InlineResult::failure("incompatible personality"); 2246 } 2247 2248 // We need to figure out which funclet the callsite was in so that we may 2249 // properly nest the callee. 2250 Instruction *CallSiteEHPad = nullptr; 2251 if (CallerPersonality) { 2252 EHPersonality Personality = classifyEHPersonality(CallerPersonality); 2253 if (isScopedEHPersonality(Personality)) { 2254 std::optional<OperandBundleUse> ParentFunclet = 2255 CB.getOperandBundle(LLVMContext::OB_funclet); 2256 if (ParentFunclet) 2257 CallSiteEHPad = cast<FuncletPadInst>(ParentFunclet->Inputs.front()); 2258 2259 // OK, the inlining site is legal. What about the target function? 2260 2261 if (CallSiteEHPad) { 2262 if (Personality == EHPersonality::MSVC_CXX) { 2263 // The MSVC personality cannot tolerate catches getting inlined into 2264 // cleanup funclets. 2265 if (isa<CleanupPadInst>(CallSiteEHPad)) { 2266 // Ok, the call site is within a cleanuppad. Let's check the callee 2267 // for catchpads. 2268 for (const BasicBlock &CalledBB : *CalledFunc) { 2269 if (isa<CatchSwitchInst>(CalledBB.getFirstNonPHI())) 2270 return InlineResult::failure("catch in cleanup funclet"); 2271 } 2272 } 2273 } else if (isAsynchronousEHPersonality(Personality)) { 2274 // SEH is even less tolerant, there may not be any sort of exceptional 2275 // funclet in the callee. 2276 for (const BasicBlock &CalledBB : *CalledFunc) { 2277 if (CalledBB.isEHPad()) 2278 return InlineResult::failure("SEH in cleanup funclet"); 2279 } 2280 } 2281 } 2282 } 2283 } 2284 2285 // Determine if we are dealing with a call in an EHPad which does not unwind 2286 // to caller. 2287 bool EHPadForCallUnwindsLocally = false; 2288 if (CallSiteEHPad && isa<CallInst>(CB)) { 2289 UnwindDestMemoTy FuncletUnwindMap; 2290 Value *CallSiteUnwindDestToken = 2291 getUnwindDestToken(CallSiteEHPad, FuncletUnwindMap); 2292 2293 EHPadForCallUnwindsLocally = 2294 CallSiteUnwindDestToken && 2295 !isa<ConstantTokenNone>(CallSiteUnwindDestToken); 2296 } 2297 2298 // Get an iterator to the last basic block in the function, which will have 2299 // the new function inlined after it. 2300 Function::iterator LastBlock = --Caller->end(); 2301 2302 // Make sure to capture all of the return instructions from the cloned 2303 // function. 2304 SmallVector<ReturnInst*, 8> Returns; 2305 ClonedCodeInfo InlinedFunctionInfo; 2306 Function::iterator FirstNewBlock; 2307 2308 { // Scope to destroy VMap after cloning. 2309 ValueToValueMapTy VMap; 2310 struct ByValInit { 2311 Value *Dst; 2312 Value *Src; 2313 Type *Ty; 2314 }; 2315 // Keep a list of pair (dst, src) to emit byval initializations. 2316 SmallVector<ByValInit, 4> ByValInits; 2317 2318 // When inlining a function that contains noalias scope metadata, 2319 // this metadata needs to be cloned so that the inlined blocks 2320 // have different "unique scopes" at every call site. 2321 // Track the metadata that must be cloned. Do this before other changes to 2322 // the function, so that we do not get in trouble when inlining caller == 2323 // callee. 2324 ScopedAliasMetadataDeepCloner SAMetadataCloner(CB.getCalledFunction()); 2325 2326 auto &DL = Caller->getDataLayout(); 2327 2328 // Calculate the vector of arguments to pass into the function cloner, which 2329 // matches up the formal to the actual argument values. 2330 auto AI = CB.arg_begin(); 2331 unsigned ArgNo = 0; 2332 for (Function::arg_iterator I = CalledFunc->arg_begin(), 2333 E = CalledFunc->arg_end(); I != E; ++I, ++AI, ++ArgNo) { 2334 Value *ActualArg = *AI; 2335 2336 // When byval arguments actually inlined, we need to make the copy implied 2337 // by them explicit. However, we don't do this if the callee is readonly 2338 // or readnone, because the copy would be unneeded: the callee doesn't 2339 // modify the struct. 2340 if (CB.isByValArgument(ArgNo)) { 2341 ActualArg = HandleByValArgument(CB.getParamByValType(ArgNo), ActualArg, 2342 &CB, CalledFunc, IFI, 2343 CalledFunc->getParamAlign(ArgNo)); 2344 if (ActualArg != *AI) 2345 ByValInits.push_back( 2346 {ActualArg, (Value *)*AI, CB.getParamByValType(ArgNo)}); 2347 } 2348 2349 VMap[&*I] = ActualArg; 2350 } 2351 2352 // TODO: Remove this when users have been updated to the assume bundles. 2353 // Add alignment assumptions if necessary. We do this before the inlined 2354 // instructions are actually cloned into the caller so that we can easily 2355 // check what will be known at the start of the inlined code. 2356 AddAlignmentAssumptions(CB, IFI); 2357 2358 AssumptionCache *AC = 2359 IFI.GetAssumptionCache ? &IFI.GetAssumptionCache(*Caller) : nullptr; 2360 2361 /// Preserve all attributes on of the call and its parameters. 2362 salvageKnowledge(&CB, AC); 2363 2364 // We want the inliner to prune the code as it copies. We would LOVE to 2365 // have no dead or constant instructions leftover after inlining occurs 2366 // (which can happen, e.g., because an argument was constant), but we'll be 2367 // happy with whatever the cloner can do. 2368 CloneAndPruneFunctionInto(Caller, CalledFunc, VMap, 2369 /*ModuleLevelChanges=*/false, Returns, ".i", 2370 &InlinedFunctionInfo); 2371 // Remember the first block that is newly cloned over. 2372 FirstNewBlock = LastBlock; ++FirstNewBlock; 2373 2374 // Insert retainRV/clainRV runtime calls. 2375 objcarc::ARCInstKind RVCallKind = objcarc::getAttachedARCFunctionKind(&CB); 2376 if (RVCallKind != objcarc::ARCInstKind::None) 2377 inlineRetainOrClaimRVCalls(CB, RVCallKind, Returns); 2378 2379 // Updated caller/callee profiles only when requested. For sample loader 2380 // inlining, the context-sensitive inlinee profile doesn't need to be 2381 // subtracted from callee profile, and the inlined clone also doesn't need 2382 // to be scaled based on call site count. 2383 if (IFI.UpdateProfile) { 2384 if (IFI.CallerBFI != nullptr && IFI.CalleeBFI != nullptr) 2385 // Update the BFI of blocks cloned into the caller. 2386 updateCallerBFI(OrigBB, VMap, IFI.CallerBFI, IFI.CalleeBFI, 2387 CalledFunc->front()); 2388 2389 if (auto Profile = CalledFunc->getEntryCount()) 2390 updateCallProfile(CalledFunc, VMap, *Profile, CB, IFI.PSI, 2391 IFI.CallerBFI); 2392 } 2393 2394 // Inject byval arguments initialization. 2395 for (ByValInit &Init : ByValInits) 2396 HandleByValArgumentInit(Init.Ty, Init.Dst, Init.Src, Caller->getParent(), 2397 &*FirstNewBlock, IFI, CalledFunc); 2398 2399 std::optional<OperandBundleUse> ParentDeopt = 2400 CB.getOperandBundle(LLVMContext::OB_deopt); 2401 if (ParentDeopt) { 2402 SmallVector<OperandBundleDef, 2> OpDefs; 2403 2404 for (auto &VH : InlinedFunctionInfo.OperandBundleCallSites) { 2405 CallBase *ICS = dyn_cast_or_null<CallBase>(VH); 2406 if (!ICS) 2407 continue; // instruction was DCE'd or RAUW'ed to undef 2408 2409 OpDefs.clear(); 2410 2411 OpDefs.reserve(ICS->getNumOperandBundles()); 2412 2413 for (unsigned COBi = 0, COBe = ICS->getNumOperandBundles(); COBi < COBe; 2414 ++COBi) { 2415 auto ChildOB = ICS->getOperandBundleAt(COBi); 2416 if (ChildOB.getTagID() != LLVMContext::OB_deopt) { 2417 // If the inlined call has other operand bundles, let them be 2418 OpDefs.emplace_back(ChildOB); 2419 continue; 2420 } 2421 2422 // It may be useful to separate this logic (of handling operand 2423 // bundles) out to a separate "policy" component if this gets crowded. 2424 // Prepend the parent's deoptimization continuation to the newly 2425 // inlined call's deoptimization continuation. 2426 std::vector<Value *> MergedDeoptArgs; 2427 MergedDeoptArgs.reserve(ParentDeopt->Inputs.size() + 2428 ChildOB.Inputs.size()); 2429 2430 llvm::append_range(MergedDeoptArgs, ParentDeopt->Inputs); 2431 llvm::append_range(MergedDeoptArgs, ChildOB.Inputs); 2432 2433 OpDefs.emplace_back("deopt", std::move(MergedDeoptArgs)); 2434 } 2435 2436 Instruction *NewI = CallBase::Create(ICS, OpDefs, ICS->getIterator()); 2437 2438 // Note: the RAUW does the appropriate fixup in VMap, so we need to do 2439 // this even if the call returns void. 2440 ICS->replaceAllUsesWith(NewI); 2441 2442 VH = nullptr; 2443 ICS->eraseFromParent(); 2444 } 2445 } 2446 2447 // For 'nodebug' functions, the associated DISubprogram is always null. 2448 // Conservatively avoid propagating the callsite debug location to 2449 // instructions inlined from a function whose DISubprogram is not null. 2450 fixupLineNumbers(Caller, FirstNewBlock, &CB, 2451 CalledFunc->getSubprogram() != nullptr); 2452 2453 if (isAssignmentTrackingEnabled(*Caller->getParent())) { 2454 // Interpret inlined stores to caller-local variables as assignments. 2455 trackInlinedStores(FirstNewBlock, Caller->end(), CB); 2456 2457 // Update DIAssignID metadata attachments and uses so that they are 2458 // unique to this inlined instance. 2459 fixupAssignments(FirstNewBlock, Caller->end()); 2460 } 2461 2462 // Now clone the inlined noalias scope metadata. 2463 SAMetadataCloner.clone(); 2464 SAMetadataCloner.remap(FirstNewBlock, Caller->end()); 2465 2466 // Add noalias metadata if necessary. 2467 AddAliasScopeMetadata(CB, VMap, DL, CalleeAAR, InlinedFunctionInfo); 2468 2469 // Clone return attributes on the callsite into the calls within the inlined 2470 // function which feed into its return value. 2471 AddReturnAttributes(CB, VMap, InlinedFunctionInfo); 2472 2473 // Clone attributes on the params of the callsite to calls within the 2474 // inlined function which use the same param. 2475 AddParamAndFnBasicAttributes(CB, VMap, InlinedFunctionInfo); 2476 2477 propagateMemProfMetadata(CalledFunc, CB, 2478 InlinedFunctionInfo.ContainsMemProfMetadata, VMap); 2479 2480 // Propagate metadata on the callsite if necessary. 2481 PropagateCallSiteMetadata(CB, FirstNewBlock, Caller->end()); 2482 2483 // Register any cloned assumptions. 2484 if (IFI.GetAssumptionCache) 2485 for (BasicBlock &NewBlock : 2486 make_range(FirstNewBlock->getIterator(), Caller->end())) 2487 for (Instruction &I : NewBlock) 2488 if (auto *II = dyn_cast<AssumeInst>(&I)) 2489 IFI.GetAssumptionCache(*Caller).registerAssumption(II); 2490 } 2491 2492 if (ConvergenceControlToken) { 2493 auto *I = FirstNewBlock->getFirstNonPHI(); 2494 if (auto *IntrinsicCall = dyn_cast<IntrinsicInst>(I)) { 2495 if (IntrinsicCall->getIntrinsicID() == 2496 Intrinsic::experimental_convergence_entry) { 2497 IntrinsicCall->replaceAllUsesWith(ConvergenceControlToken); 2498 IntrinsicCall->eraseFromParent(); 2499 } 2500 } 2501 } 2502 2503 // If there are any alloca instructions in the block that used to be the entry 2504 // block for the callee, move them to the entry block of the caller. First 2505 // calculate which instruction they should be inserted before. We insert the 2506 // instructions at the end of the current alloca list. 2507 { 2508 BasicBlock::iterator InsertPoint = Caller->begin()->begin(); 2509 for (BasicBlock::iterator I = FirstNewBlock->begin(), 2510 E = FirstNewBlock->end(); I != E; ) { 2511 AllocaInst *AI = dyn_cast<AllocaInst>(I++); 2512 if (!AI) continue; 2513 2514 // If the alloca is now dead, remove it. This often occurs due to code 2515 // specialization. 2516 if (AI->use_empty()) { 2517 AI->eraseFromParent(); 2518 continue; 2519 } 2520 2521 if (!allocaWouldBeStaticInEntry(AI)) 2522 continue; 2523 2524 // Keep track of the static allocas that we inline into the caller. 2525 IFI.StaticAllocas.push_back(AI); 2526 2527 // Scan for the block of allocas that we can move over, and move them 2528 // all at once. 2529 while (isa<AllocaInst>(I) && 2530 !cast<AllocaInst>(I)->use_empty() && 2531 allocaWouldBeStaticInEntry(cast<AllocaInst>(I))) { 2532 IFI.StaticAllocas.push_back(cast<AllocaInst>(I)); 2533 ++I; 2534 } 2535 2536 // Transfer all of the allocas over in a block. Using splice means 2537 // that the instructions aren't removed from the symbol table, then 2538 // reinserted. 2539 I.setTailBit(true); 2540 Caller->getEntryBlock().splice(InsertPoint, &*FirstNewBlock, 2541 AI->getIterator(), I); 2542 } 2543 } 2544 2545 SmallVector<Value*,4> VarArgsToForward; 2546 SmallVector<AttributeSet, 4> VarArgsAttrs; 2547 for (unsigned i = CalledFunc->getFunctionType()->getNumParams(); 2548 i < CB.arg_size(); i++) { 2549 VarArgsToForward.push_back(CB.getArgOperand(i)); 2550 VarArgsAttrs.push_back(CB.getAttributes().getParamAttrs(i)); 2551 } 2552 2553 bool InlinedMustTailCalls = false, InlinedDeoptimizeCalls = false; 2554 if (InlinedFunctionInfo.ContainsCalls) { 2555 CallInst::TailCallKind CallSiteTailKind = CallInst::TCK_None; 2556 if (CallInst *CI = dyn_cast<CallInst>(&CB)) 2557 CallSiteTailKind = CI->getTailCallKind(); 2558 2559 // For inlining purposes, the "notail" marker is the same as no marker. 2560 if (CallSiteTailKind == CallInst::TCK_NoTail) 2561 CallSiteTailKind = CallInst::TCK_None; 2562 2563 for (Function::iterator BB = FirstNewBlock, E = Caller->end(); BB != E; 2564 ++BB) { 2565 for (Instruction &I : llvm::make_early_inc_range(*BB)) { 2566 CallInst *CI = dyn_cast<CallInst>(&I); 2567 if (!CI) 2568 continue; 2569 2570 // Forward varargs from inlined call site to calls to the 2571 // ForwardVarArgsTo function, if requested, and to musttail calls. 2572 if (!VarArgsToForward.empty() && 2573 ((ForwardVarArgsTo && 2574 CI->getCalledFunction() == ForwardVarArgsTo) || 2575 CI->isMustTailCall())) { 2576 // Collect attributes for non-vararg parameters. 2577 AttributeList Attrs = CI->getAttributes(); 2578 SmallVector<AttributeSet, 8> ArgAttrs; 2579 if (!Attrs.isEmpty() || !VarArgsAttrs.empty()) { 2580 for (unsigned ArgNo = 0; 2581 ArgNo < CI->getFunctionType()->getNumParams(); ++ArgNo) 2582 ArgAttrs.push_back(Attrs.getParamAttrs(ArgNo)); 2583 } 2584 2585 // Add VarArg attributes. 2586 ArgAttrs.append(VarArgsAttrs.begin(), VarArgsAttrs.end()); 2587 Attrs = AttributeList::get(CI->getContext(), Attrs.getFnAttrs(), 2588 Attrs.getRetAttrs(), ArgAttrs); 2589 // Add VarArgs to existing parameters. 2590 SmallVector<Value *, 6> Params(CI->args()); 2591 Params.append(VarArgsToForward.begin(), VarArgsToForward.end()); 2592 CallInst *NewCI = CallInst::Create( 2593 CI->getFunctionType(), CI->getCalledOperand(), Params, "", CI->getIterator()); 2594 NewCI->setDebugLoc(CI->getDebugLoc()); 2595 NewCI->setAttributes(Attrs); 2596 NewCI->setCallingConv(CI->getCallingConv()); 2597 CI->replaceAllUsesWith(NewCI); 2598 CI->eraseFromParent(); 2599 CI = NewCI; 2600 } 2601 2602 if (Function *F = CI->getCalledFunction()) 2603 InlinedDeoptimizeCalls |= 2604 F->getIntrinsicID() == Intrinsic::experimental_deoptimize; 2605 2606 // We need to reduce the strength of any inlined tail calls. For 2607 // musttail, we have to avoid introducing potential unbounded stack 2608 // growth. For example, if functions 'f' and 'g' are mutually recursive 2609 // with musttail, we can inline 'g' into 'f' so long as we preserve 2610 // musttail on the cloned call to 'f'. If either the inlined call site 2611 // or the cloned call site is *not* musttail, the program already has 2612 // one frame of stack growth, so it's safe to remove musttail. Here is 2613 // a table of example transformations: 2614 // 2615 // f -> musttail g -> musttail f ==> f -> musttail f 2616 // f -> musttail g -> tail f ==> f -> tail f 2617 // f -> g -> musttail f ==> f -> f 2618 // f -> g -> tail f ==> f -> f 2619 // 2620 // Inlined notail calls should remain notail calls. 2621 CallInst::TailCallKind ChildTCK = CI->getTailCallKind(); 2622 if (ChildTCK != CallInst::TCK_NoTail) 2623 ChildTCK = std::min(CallSiteTailKind, ChildTCK); 2624 CI->setTailCallKind(ChildTCK); 2625 InlinedMustTailCalls |= CI->isMustTailCall(); 2626 2627 // Call sites inlined through a 'nounwind' call site should be 2628 // 'nounwind' as well. However, avoid marking call sites explicitly 2629 // where possible. This helps expose more opportunities for CSE after 2630 // inlining, commonly when the callee is an intrinsic. 2631 if (MarkNoUnwind && !CI->doesNotThrow()) 2632 CI->setDoesNotThrow(); 2633 } 2634 } 2635 } 2636 2637 // Leave lifetime markers for the static alloca's, scoping them to the 2638 // function we just inlined. 2639 // We need to insert lifetime intrinsics even at O0 to avoid invalid 2640 // access caused by multithreaded coroutines. The check 2641 // `Caller->isPresplitCoroutine()` would affect AlwaysInliner at O0 only. 2642 if ((InsertLifetime || Caller->isPresplitCoroutine()) && 2643 !IFI.StaticAllocas.empty()) { 2644 IRBuilder<> builder(&*FirstNewBlock, FirstNewBlock->begin()); 2645 for (AllocaInst *AI : IFI.StaticAllocas) { 2646 // Don't mark swifterror allocas. They can't have bitcast uses. 2647 if (AI->isSwiftError()) 2648 continue; 2649 2650 // If the alloca is already scoped to something smaller than the whole 2651 // function then there's no need to add redundant, less accurate markers. 2652 if (hasLifetimeMarkers(AI)) 2653 continue; 2654 2655 // Try to determine the size of the allocation. 2656 ConstantInt *AllocaSize = nullptr; 2657 if (ConstantInt *AIArraySize = 2658 dyn_cast<ConstantInt>(AI->getArraySize())) { 2659 auto &DL = Caller->getDataLayout(); 2660 Type *AllocaType = AI->getAllocatedType(); 2661 TypeSize AllocaTypeSize = DL.getTypeAllocSize(AllocaType); 2662 uint64_t AllocaArraySize = AIArraySize->getLimitedValue(); 2663 2664 // Don't add markers for zero-sized allocas. 2665 if (AllocaArraySize == 0) 2666 continue; 2667 2668 // Check that array size doesn't saturate uint64_t and doesn't 2669 // overflow when it's multiplied by type size. 2670 if (!AllocaTypeSize.isScalable() && 2671 AllocaArraySize != std::numeric_limits<uint64_t>::max() && 2672 std::numeric_limits<uint64_t>::max() / AllocaArraySize >= 2673 AllocaTypeSize.getFixedValue()) { 2674 AllocaSize = ConstantInt::get(Type::getInt64Ty(AI->getContext()), 2675 AllocaArraySize * AllocaTypeSize); 2676 } 2677 } 2678 2679 builder.CreateLifetimeStart(AI, AllocaSize); 2680 for (ReturnInst *RI : Returns) { 2681 // Don't insert llvm.lifetime.end calls between a musttail or deoptimize 2682 // call and a return. The return kills all local allocas. 2683 if (InlinedMustTailCalls && 2684 RI->getParent()->getTerminatingMustTailCall()) 2685 continue; 2686 if (InlinedDeoptimizeCalls && 2687 RI->getParent()->getTerminatingDeoptimizeCall()) 2688 continue; 2689 IRBuilder<>(RI).CreateLifetimeEnd(AI, AllocaSize); 2690 } 2691 } 2692 } 2693 2694 // If the inlined code contained dynamic alloca instructions, wrap the inlined 2695 // code with llvm.stacksave/llvm.stackrestore intrinsics. 2696 if (InlinedFunctionInfo.ContainsDynamicAllocas) { 2697 // Insert the llvm.stacksave. 2698 CallInst *SavedPtr = IRBuilder<>(&*FirstNewBlock, FirstNewBlock->begin()) 2699 .CreateStackSave("savedstack"); 2700 2701 // Insert a call to llvm.stackrestore before any return instructions in the 2702 // inlined function. 2703 for (ReturnInst *RI : Returns) { 2704 // Don't insert llvm.stackrestore calls between a musttail or deoptimize 2705 // call and a return. The return will restore the stack pointer. 2706 if (InlinedMustTailCalls && RI->getParent()->getTerminatingMustTailCall()) 2707 continue; 2708 if (InlinedDeoptimizeCalls && RI->getParent()->getTerminatingDeoptimizeCall()) 2709 continue; 2710 IRBuilder<>(RI).CreateStackRestore(SavedPtr); 2711 } 2712 } 2713 2714 // If we are inlining for an invoke instruction, we must make sure to rewrite 2715 // any call instructions into invoke instructions. This is sensitive to which 2716 // funclet pads were top-level in the inlinee, so must be done before 2717 // rewriting the "parent pad" links. 2718 if (auto *II = dyn_cast<InvokeInst>(&CB)) { 2719 BasicBlock *UnwindDest = II->getUnwindDest(); 2720 Instruction *FirstNonPHI = UnwindDest->getFirstNonPHI(); 2721 if (isa<LandingPadInst>(FirstNonPHI)) { 2722 HandleInlinedLandingPad(II, &*FirstNewBlock, InlinedFunctionInfo); 2723 } else { 2724 HandleInlinedEHPad(II, &*FirstNewBlock, InlinedFunctionInfo); 2725 } 2726 } 2727 2728 // Update the lexical scopes of the new funclets and callsites. 2729 // Anything that had 'none' as its parent is now nested inside the callsite's 2730 // EHPad. 2731 if (CallSiteEHPad) { 2732 for (Function::iterator BB = FirstNewBlock->getIterator(), 2733 E = Caller->end(); 2734 BB != E; ++BB) { 2735 // Add bundle operands to inlined call sites. 2736 PropagateOperandBundles(BB, CallSiteEHPad); 2737 2738 // It is problematic if the inlinee has a cleanupret which unwinds to 2739 // caller and we inline it into a call site which doesn't unwind but into 2740 // an EH pad that does. Such an edge must be dynamically unreachable. 2741 // As such, we replace the cleanupret with unreachable. 2742 if (auto *CleanupRet = dyn_cast<CleanupReturnInst>(BB->getTerminator())) 2743 if (CleanupRet->unwindsToCaller() && EHPadForCallUnwindsLocally) 2744 changeToUnreachable(CleanupRet); 2745 2746 Instruction *I = BB->getFirstNonPHI(); 2747 if (!I->isEHPad()) 2748 continue; 2749 2750 if (auto *CatchSwitch = dyn_cast<CatchSwitchInst>(I)) { 2751 if (isa<ConstantTokenNone>(CatchSwitch->getParentPad())) 2752 CatchSwitch->setParentPad(CallSiteEHPad); 2753 } else { 2754 auto *FPI = cast<FuncletPadInst>(I); 2755 if (isa<ConstantTokenNone>(FPI->getParentPad())) 2756 FPI->setParentPad(CallSiteEHPad); 2757 } 2758 } 2759 } 2760 2761 if (InlinedDeoptimizeCalls) { 2762 // We need to at least remove the deoptimizing returns from the Return set, 2763 // so that the control flow from those returns does not get merged into the 2764 // caller (but terminate it instead). If the caller's return type does not 2765 // match the callee's return type, we also need to change the return type of 2766 // the intrinsic. 2767 if (Caller->getReturnType() == CB.getType()) { 2768 llvm::erase_if(Returns, [](ReturnInst *RI) { 2769 return RI->getParent()->getTerminatingDeoptimizeCall() != nullptr; 2770 }); 2771 } else { 2772 SmallVector<ReturnInst *, 8> NormalReturns; 2773 Function *NewDeoptIntrinsic = Intrinsic::getDeclaration( 2774 Caller->getParent(), Intrinsic::experimental_deoptimize, 2775 {Caller->getReturnType()}); 2776 2777 for (ReturnInst *RI : Returns) { 2778 CallInst *DeoptCall = RI->getParent()->getTerminatingDeoptimizeCall(); 2779 if (!DeoptCall) { 2780 NormalReturns.push_back(RI); 2781 continue; 2782 } 2783 2784 // The calling convention on the deoptimize call itself may be bogus, 2785 // since the code we're inlining may have undefined behavior (and may 2786 // never actually execute at runtime); but all 2787 // @llvm.experimental.deoptimize declarations have to have the same 2788 // calling convention in a well-formed module. 2789 auto CallingConv = DeoptCall->getCalledFunction()->getCallingConv(); 2790 NewDeoptIntrinsic->setCallingConv(CallingConv); 2791 auto *CurBB = RI->getParent(); 2792 RI->eraseFromParent(); 2793 2794 SmallVector<Value *, 4> CallArgs(DeoptCall->args()); 2795 2796 SmallVector<OperandBundleDef, 1> OpBundles; 2797 DeoptCall->getOperandBundlesAsDefs(OpBundles); 2798 auto DeoptAttributes = DeoptCall->getAttributes(); 2799 DeoptCall->eraseFromParent(); 2800 assert(!OpBundles.empty() && 2801 "Expected at least the deopt operand bundle"); 2802 2803 IRBuilder<> Builder(CurBB); 2804 CallInst *NewDeoptCall = 2805 Builder.CreateCall(NewDeoptIntrinsic, CallArgs, OpBundles); 2806 NewDeoptCall->setCallingConv(CallingConv); 2807 NewDeoptCall->setAttributes(DeoptAttributes); 2808 if (NewDeoptCall->getType()->isVoidTy()) 2809 Builder.CreateRetVoid(); 2810 else 2811 Builder.CreateRet(NewDeoptCall); 2812 // Since the ret type is changed, remove the incompatible attributes. 2813 NewDeoptCall->removeRetAttrs( 2814 AttributeFuncs::typeIncompatible(NewDeoptCall->getType())); 2815 } 2816 2817 // Leave behind the normal returns so we can merge control flow. 2818 std::swap(Returns, NormalReturns); 2819 } 2820 } 2821 2822 // Handle any inlined musttail call sites. In order for a new call site to be 2823 // musttail, the source of the clone and the inlined call site must have been 2824 // musttail. Therefore it's safe to return without merging control into the 2825 // phi below. 2826 if (InlinedMustTailCalls) { 2827 // Check if we need to bitcast the result of any musttail calls. 2828 Type *NewRetTy = Caller->getReturnType(); 2829 bool NeedBitCast = !CB.use_empty() && CB.getType() != NewRetTy; 2830 2831 // Handle the returns preceded by musttail calls separately. 2832 SmallVector<ReturnInst *, 8> NormalReturns; 2833 for (ReturnInst *RI : Returns) { 2834 CallInst *ReturnedMustTail = 2835 RI->getParent()->getTerminatingMustTailCall(); 2836 if (!ReturnedMustTail) { 2837 NormalReturns.push_back(RI); 2838 continue; 2839 } 2840 if (!NeedBitCast) 2841 continue; 2842 2843 // Delete the old return and any preceding bitcast. 2844 BasicBlock *CurBB = RI->getParent(); 2845 auto *OldCast = dyn_cast_or_null<BitCastInst>(RI->getReturnValue()); 2846 RI->eraseFromParent(); 2847 if (OldCast) 2848 OldCast->eraseFromParent(); 2849 2850 // Insert a new bitcast and return with the right type. 2851 IRBuilder<> Builder(CurBB); 2852 Builder.CreateRet(Builder.CreateBitCast(ReturnedMustTail, NewRetTy)); 2853 } 2854 2855 // Leave behind the normal returns so we can merge control flow. 2856 std::swap(Returns, NormalReturns); 2857 } 2858 2859 // Now that all of the transforms on the inlined code have taken place but 2860 // before we splice the inlined code into the CFG and lose track of which 2861 // blocks were actually inlined, collect the call sites. We only do this if 2862 // call graph updates weren't requested, as those provide value handle based 2863 // tracking of inlined call sites instead. Calls to intrinsics are not 2864 // collected because they are not inlineable. 2865 if (InlinedFunctionInfo.ContainsCalls) { 2866 // Otherwise just collect the raw call sites that were inlined. 2867 for (BasicBlock &NewBB : 2868 make_range(FirstNewBlock->getIterator(), Caller->end())) 2869 for (Instruction &I : NewBB) 2870 if (auto *CB = dyn_cast<CallBase>(&I)) 2871 if (!(CB->getCalledFunction() && 2872 CB->getCalledFunction()->isIntrinsic())) 2873 IFI.InlinedCallSites.push_back(CB); 2874 } 2875 2876 // If we cloned in _exactly one_ basic block, and if that block ends in a 2877 // return instruction, we splice the body of the inlined callee directly into 2878 // the calling basic block. 2879 if (Returns.size() == 1 && std::distance(FirstNewBlock, Caller->end()) == 1) { 2880 // Move all of the instructions right before the call. 2881 OrigBB->splice(CB.getIterator(), &*FirstNewBlock, FirstNewBlock->begin(), 2882 FirstNewBlock->end()); 2883 // Remove the cloned basic block. 2884 Caller->back().eraseFromParent(); 2885 2886 // If the call site was an invoke instruction, add a branch to the normal 2887 // destination. 2888 if (InvokeInst *II = dyn_cast<InvokeInst>(&CB)) { 2889 BranchInst *NewBr = BranchInst::Create(II->getNormalDest(), CB.getIterator()); 2890 NewBr->setDebugLoc(Returns[0]->getDebugLoc()); 2891 } 2892 2893 // If the return instruction returned a value, replace uses of the call with 2894 // uses of the returned value. 2895 if (!CB.use_empty()) { 2896 ReturnInst *R = Returns[0]; 2897 if (&CB == R->getReturnValue()) 2898 CB.replaceAllUsesWith(PoisonValue::get(CB.getType())); 2899 else 2900 CB.replaceAllUsesWith(R->getReturnValue()); 2901 } 2902 // Since we are now done with the Call/Invoke, we can delete it. 2903 CB.eraseFromParent(); 2904 2905 // Since we are now done with the return instruction, delete it also. 2906 Returns[0]->eraseFromParent(); 2907 2908 if (MergeAttributes) 2909 AttributeFuncs::mergeAttributesForInlining(*Caller, *CalledFunc); 2910 2911 // We are now done with the inlining. 2912 return InlineResult::success(); 2913 } 2914 2915 // Otherwise, we have the normal case, of more than one block to inline or 2916 // multiple return sites. 2917 2918 // We want to clone the entire callee function into the hole between the 2919 // "starter" and "ender" blocks. How we accomplish this depends on whether 2920 // this is an invoke instruction or a call instruction. 2921 BasicBlock *AfterCallBB; 2922 BranchInst *CreatedBranchToNormalDest = nullptr; 2923 if (InvokeInst *II = dyn_cast<InvokeInst>(&CB)) { 2924 2925 // Add an unconditional branch to make this look like the CallInst case... 2926 CreatedBranchToNormalDest = BranchInst::Create(II->getNormalDest(), CB.getIterator()); 2927 2928 // Split the basic block. This guarantees that no PHI nodes will have to be 2929 // updated due to new incoming edges, and make the invoke case more 2930 // symmetric to the call case. 2931 AfterCallBB = 2932 OrigBB->splitBasicBlock(CreatedBranchToNormalDest->getIterator(), 2933 CalledFunc->getName() + ".exit"); 2934 2935 } else { // It's a call 2936 // If this is a call instruction, we need to split the basic block that 2937 // the call lives in. 2938 // 2939 AfterCallBB = OrigBB->splitBasicBlock(CB.getIterator(), 2940 CalledFunc->getName() + ".exit"); 2941 } 2942 2943 if (IFI.CallerBFI) { 2944 // Copy original BB's block frequency to AfterCallBB 2945 IFI.CallerBFI->setBlockFreq(AfterCallBB, 2946 IFI.CallerBFI->getBlockFreq(OrigBB)); 2947 } 2948 2949 // Change the branch that used to go to AfterCallBB to branch to the first 2950 // basic block of the inlined function. 2951 // 2952 Instruction *Br = OrigBB->getTerminator(); 2953 assert(Br && Br->getOpcode() == Instruction::Br && 2954 "splitBasicBlock broken!"); 2955 Br->setOperand(0, &*FirstNewBlock); 2956 2957 // Now that the function is correct, make it a little bit nicer. In 2958 // particular, move the basic blocks inserted from the end of the function 2959 // into the space made by splitting the source basic block. 2960 Caller->splice(AfterCallBB->getIterator(), Caller, FirstNewBlock, 2961 Caller->end()); 2962 2963 // Handle all of the return instructions that we just cloned in, and eliminate 2964 // any users of the original call/invoke instruction. 2965 Type *RTy = CalledFunc->getReturnType(); 2966 2967 PHINode *PHI = nullptr; 2968 if (Returns.size() > 1) { 2969 // The PHI node should go at the front of the new basic block to merge all 2970 // possible incoming values. 2971 if (!CB.use_empty()) { 2972 PHI = PHINode::Create(RTy, Returns.size(), CB.getName()); 2973 PHI->insertBefore(AfterCallBB->begin()); 2974 // Anything that used the result of the function call should now use the 2975 // PHI node as their operand. 2976 CB.replaceAllUsesWith(PHI); 2977 } 2978 2979 // Loop over all of the return instructions adding entries to the PHI node 2980 // as appropriate. 2981 if (PHI) { 2982 for (ReturnInst *RI : Returns) { 2983 assert(RI->getReturnValue()->getType() == PHI->getType() && 2984 "Ret value not consistent in function!"); 2985 PHI->addIncoming(RI->getReturnValue(), RI->getParent()); 2986 } 2987 } 2988 2989 // Add a branch to the merge points and remove return instructions. 2990 DebugLoc Loc; 2991 for (ReturnInst *RI : Returns) { 2992 BranchInst *BI = BranchInst::Create(AfterCallBB, RI->getIterator()); 2993 Loc = RI->getDebugLoc(); 2994 BI->setDebugLoc(Loc); 2995 RI->eraseFromParent(); 2996 } 2997 // We need to set the debug location to *somewhere* inside the 2998 // inlined function. The line number may be nonsensical, but the 2999 // instruction will at least be associated with the right 3000 // function. 3001 if (CreatedBranchToNormalDest) 3002 CreatedBranchToNormalDest->setDebugLoc(Loc); 3003 } else if (!Returns.empty()) { 3004 // Otherwise, if there is exactly one return value, just replace anything 3005 // using the return value of the call with the computed value. 3006 if (!CB.use_empty()) { 3007 if (&CB == Returns[0]->getReturnValue()) 3008 CB.replaceAllUsesWith(PoisonValue::get(CB.getType())); 3009 else 3010 CB.replaceAllUsesWith(Returns[0]->getReturnValue()); 3011 } 3012 3013 // Update PHI nodes that use the ReturnBB to use the AfterCallBB. 3014 BasicBlock *ReturnBB = Returns[0]->getParent(); 3015 ReturnBB->replaceAllUsesWith(AfterCallBB); 3016 3017 // Splice the code from the return block into the block that it will return 3018 // to, which contains the code that was after the call. 3019 AfterCallBB->splice(AfterCallBB->begin(), ReturnBB); 3020 3021 if (CreatedBranchToNormalDest) 3022 CreatedBranchToNormalDest->setDebugLoc(Returns[0]->getDebugLoc()); 3023 3024 // Delete the return instruction now and empty ReturnBB now. 3025 Returns[0]->eraseFromParent(); 3026 ReturnBB->eraseFromParent(); 3027 } else if (!CB.use_empty()) { 3028 // No returns, but something is using the return value of the call. Just 3029 // nuke the result. 3030 CB.replaceAllUsesWith(PoisonValue::get(CB.getType())); 3031 } 3032 3033 // Since we are now done with the Call/Invoke, we can delete it. 3034 CB.eraseFromParent(); 3035 3036 // If we inlined any musttail calls and the original return is now 3037 // unreachable, delete it. It can only contain a bitcast and ret. 3038 if (InlinedMustTailCalls && pred_empty(AfterCallBB)) 3039 AfterCallBB->eraseFromParent(); 3040 3041 // We should always be able to fold the entry block of the function into the 3042 // single predecessor of the block... 3043 assert(cast<BranchInst>(Br)->isUnconditional() && "splitBasicBlock broken!"); 3044 BasicBlock *CalleeEntry = cast<BranchInst>(Br)->getSuccessor(0); 3045 3046 // Splice the code entry block into calling block, right before the 3047 // unconditional branch. 3048 CalleeEntry->replaceAllUsesWith(OrigBB); // Update PHI nodes 3049 OrigBB->splice(Br->getIterator(), CalleeEntry); 3050 3051 // Remove the unconditional branch. 3052 Br->eraseFromParent(); 3053 3054 // Now we can remove the CalleeEntry block, which is now empty. 3055 CalleeEntry->eraseFromParent(); 3056 3057 // If we inserted a phi node, check to see if it has a single value (e.g. all 3058 // the entries are the same or undef). If so, remove the PHI so it doesn't 3059 // block other optimizations. 3060 if (PHI) { 3061 AssumptionCache *AC = 3062 IFI.GetAssumptionCache ? &IFI.GetAssumptionCache(*Caller) : nullptr; 3063 auto &DL = Caller->getDataLayout(); 3064 if (Value *V = simplifyInstruction(PHI, {DL, nullptr, nullptr, AC})) { 3065 PHI->replaceAllUsesWith(V); 3066 PHI->eraseFromParent(); 3067 } 3068 } 3069 3070 if (MergeAttributes) 3071 AttributeFuncs::mergeAttributesForInlining(*Caller, *CalledFunc); 3072 3073 return InlineResult::success(); 3074 } 3075