1 //===- MemoryLocation.cpp - Memory location descriptions -------------------==// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 9 #include "llvm/Analysis/MemoryLocation.h" 10 #include "llvm/Analysis/TargetLibraryInfo.h" 11 #include "llvm/IR/BasicBlock.h" 12 #include "llvm/IR/DataLayout.h" 13 #include "llvm/IR/Instructions.h" 14 #include "llvm/IR/IntrinsicInst.h" 15 #include "llvm/IR/IntrinsicsARM.h" 16 #include "llvm/IR/LLVMContext.h" 17 #include "llvm/IR/Module.h" 18 #include "llvm/IR/Type.h" 19 using namespace llvm; 20 21 void LocationSize::print(raw_ostream &OS) const { 22 OS << "LocationSize::"; 23 if (*this == beforeOrAfterPointer()) 24 OS << "beforeOrAfterPointer"; 25 else if (*this == afterPointer()) 26 OS << "afterPointer"; 27 else if (*this == mapEmpty()) 28 OS << "mapEmpty"; 29 else if (*this == mapTombstone()) 30 OS << "mapTombstone"; 31 else if (isPrecise()) 32 OS << "precise(" << getValue() << ')'; 33 else 34 OS << "upperBound(" << getValue() << ')'; 35 } 36 37 MemoryLocation MemoryLocation::get(const LoadInst *LI) { 38 const auto &DL = LI->getModule()->getDataLayout(); 39 40 return MemoryLocation( 41 LI->getPointerOperand(), 42 LocationSize::precise(DL.getTypeStoreSize(LI->getType())), 43 LI->getAAMetadata()); 44 } 45 46 MemoryLocation MemoryLocation::get(const StoreInst *SI) { 47 const auto &DL = SI->getModule()->getDataLayout(); 48 49 return MemoryLocation(SI->getPointerOperand(), 50 LocationSize::precise(DL.getTypeStoreSize( 51 SI->getValueOperand()->getType())), 52 SI->getAAMetadata()); 53 } 54 55 MemoryLocation MemoryLocation::get(const VAArgInst *VI) { 56 return MemoryLocation(VI->getPointerOperand(), 57 LocationSize::afterPointer(), VI->getAAMetadata()); 58 } 59 60 MemoryLocation MemoryLocation::get(const AtomicCmpXchgInst *CXI) { 61 const auto &DL = CXI->getModule()->getDataLayout(); 62 63 return MemoryLocation(CXI->getPointerOperand(), 64 LocationSize::precise(DL.getTypeStoreSize( 65 CXI->getCompareOperand()->getType())), 66 CXI->getAAMetadata()); 67 } 68 69 MemoryLocation MemoryLocation::get(const AtomicRMWInst *RMWI) { 70 const auto &DL = RMWI->getModule()->getDataLayout(); 71 72 return MemoryLocation(RMWI->getPointerOperand(), 73 LocationSize::precise(DL.getTypeStoreSize( 74 RMWI->getValOperand()->getType())), 75 RMWI->getAAMetadata()); 76 } 77 78 Optional<MemoryLocation> MemoryLocation::getOrNone(const Instruction *Inst) { 79 switch (Inst->getOpcode()) { 80 case Instruction::Load: 81 return get(cast<LoadInst>(Inst)); 82 case Instruction::Store: 83 return get(cast<StoreInst>(Inst)); 84 case Instruction::VAArg: 85 return get(cast<VAArgInst>(Inst)); 86 case Instruction::AtomicCmpXchg: 87 return get(cast<AtomicCmpXchgInst>(Inst)); 88 case Instruction::AtomicRMW: 89 return get(cast<AtomicRMWInst>(Inst)); 90 default: 91 return None; 92 } 93 } 94 95 MemoryLocation MemoryLocation::getForSource(const MemTransferInst *MTI) { 96 return getForSource(cast<AnyMemTransferInst>(MTI)); 97 } 98 99 MemoryLocation MemoryLocation::getForSource(const AtomicMemTransferInst *MTI) { 100 return getForSource(cast<AnyMemTransferInst>(MTI)); 101 } 102 103 MemoryLocation MemoryLocation::getForSource(const AnyMemTransferInst *MTI) { 104 auto Size = LocationSize::afterPointer(); 105 if (ConstantInt *C = dyn_cast<ConstantInt>(MTI->getLength())) 106 Size = LocationSize::precise(C->getValue().getZExtValue()); 107 108 // memcpy/memmove can have AA tags. For memcpy, they apply 109 // to both the source and the destination. 110 return MemoryLocation(MTI->getRawSource(), Size, MTI->getAAMetadata()); 111 } 112 113 MemoryLocation MemoryLocation::getForDest(const MemIntrinsic *MI) { 114 return getForDest(cast<AnyMemIntrinsic>(MI)); 115 } 116 117 MemoryLocation MemoryLocation::getForDest(const AtomicMemIntrinsic *MI) { 118 return getForDest(cast<AnyMemIntrinsic>(MI)); 119 } 120 121 MemoryLocation MemoryLocation::getForDest(const AnyMemIntrinsic *MI) { 122 auto Size = LocationSize::afterPointer(); 123 if (ConstantInt *C = dyn_cast<ConstantInt>(MI->getLength())) 124 Size = LocationSize::precise(C->getValue().getZExtValue()); 125 126 // memcpy/memmove can have AA tags. For memcpy, they apply 127 // to both the source and the destination. 128 return MemoryLocation(MI->getRawDest(), Size, MI->getAAMetadata()); 129 } 130 131 Optional<MemoryLocation> 132 MemoryLocation::getForDest(const CallBase *CB, const TargetLibraryInfo &TLI) { 133 if (const IntrinsicInst *II = dyn_cast<IntrinsicInst>(CB)) { 134 if (auto *MemInst = dyn_cast<AnyMemIntrinsic>(CB)) 135 return getForDest(MemInst); 136 137 switch (II->getIntrinsicID()) { 138 default: 139 return None; 140 case Intrinsic::init_trampoline: 141 return MemoryLocation::getForArgument(CB, 0, TLI); 142 case Intrinsic::masked_store: 143 return MemoryLocation::getForArgument(CB, 1, TLI); 144 } 145 } 146 147 LibFunc LF; 148 if (TLI.getLibFunc(*CB, LF) && TLI.has(LF)) { 149 switch (LF) { 150 case LibFunc_strncpy: 151 case LibFunc_strcpy: 152 case LibFunc_strcat: 153 case LibFunc_strncat: 154 return getForArgument(CB, 0, &TLI); 155 default: 156 break; 157 } 158 } 159 160 return None; 161 } 162 163 MemoryLocation MemoryLocation::getForArgument(const CallBase *Call, 164 unsigned ArgIdx, 165 const TargetLibraryInfo *TLI) { 166 AAMDNodes AATags = Call->getAAMetadata(); 167 const Value *Arg = Call->getArgOperand(ArgIdx); 168 169 // We may be able to produce an exact size for known intrinsics. 170 if (const IntrinsicInst *II = dyn_cast<IntrinsicInst>(Call)) { 171 const DataLayout &DL = II->getModule()->getDataLayout(); 172 173 switch (II->getIntrinsicID()) { 174 default: 175 break; 176 case Intrinsic::memset: 177 case Intrinsic::memcpy: 178 case Intrinsic::memcpy_inline: 179 case Intrinsic::memmove: 180 case Intrinsic::memcpy_element_unordered_atomic: 181 case Intrinsic::memmove_element_unordered_atomic: 182 case Intrinsic::memset_element_unordered_atomic: 183 assert((ArgIdx == 0 || ArgIdx == 1) && 184 "Invalid argument index for memory intrinsic"); 185 if (ConstantInt *LenCI = dyn_cast<ConstantInt>(II->getArgOperand(2))) 186 return MemoryLocation(Arg, LocationSize::precise(LenCI->getZExtValue()), 187 AATags); 188 return MemoryLocation::getAfter(Arg, AATags); 189 190 case Intrinsic::lifetime_start: 191 case Intrinsic::lifetime_end: 192 case Intrinsic::invariant_start: 193 assert(ArgIdx == 1 && "Invalid argument index"); 194 return MemoryLocation( 195 Arg, 196 LocationSize::precise( 197 cast<ConstantInt>(II->getArgOperand(0))->getZExtValue()), 198 AATags); 199 200 case Intrinsic::masked_load: 201 assert(ArgIdx == 0 && "Invalid argument index"); 202 return MemoryLocation( 203 Arg, 204 LocationSize::upperBound(DL.getTypeStoreSize(II->getType())), 205 AATags); 206 207 case Intrinsic::masked_store: 208 assert(ArgIdx == 1 && "Invalid argument index"); 209 return MemoryLocation( 210 Arg, 211 LocationSize::upperBound( 212 DL.getTypeStoreSize(II->getArgOperand(0)->getType())), 213 AATags); 214 215 case Intrinsic::invariant_end: 216 // The first argument to an invariant.end is a "descriptor" type (e.g. a 217 // pointer to a empty struct) which is never actually dereferenced. 218 if (ArgIdx == 0) 219 return MemoryLocation(Arg, LocationSize::precise(0), AATags); 220 assert(ArgIdx == 2 && "Invalid argument index"); 221 return MemoryLocation( 222 Arg, 223 LocationSize::precise( 224 cast<ConstantInt>(II->getArgOperand(1))->getZExtValue()), 225 AATags); 226 227 case Intrinsic::arm_neon_vld1: 228 assert(ArgIdx == 0 && "Invalid argument index"); 229 // LLVM's vld1 and vst1 intrinsics currently only support a single 230 // vector register. 231 return MemoryLocation( 232 Arg, LocationSize::precise(DL.getTypeStoreSize(II->getType())), 233 AATags); 234 235 case Intrinsic::arm_neon_vst1: 236 assert(ArgIdx == 0 && "Invalid argument index"); 237 return MemoryLocation(Arg, 238 LocationSize::precise(DL.getTypeStoreSize( 239 II->getArgOperand(1)->getType())), 240 AATags); 241 } 242 243 assert( 244 !isa<AnyMemTransferInst>(II) && 245 "all memory transfer intrinsics should be handled by the switch above"); 246 } 247 248 // We can bound the aliasing properties of memset_pattern16 just as we can 249 // for memcpy/memset. This is particularly important because the 250 // LoopIdiomRecognizer likes to turn loops into calls to memset_pattern16 251 // whenever possible. 252 LibFunc F; 253 if (TLI && TLI->getLibFunc(*Call, F) && TLI->has(F)) { 254 switch (F) { 255 case LibFunc_strcpy: 256 case LibFunc_strcat: 257 case LibFunc_strncat: 258 assert((ArgIdx == 0 || ArgIdx == 1) && "Invalid argument index for str function"); 259 return MemoryLocation::getAfter(Arg, AATags); 260 261 case LibFunc_memset_chk: { 262 assert(ArgIdx == 0 && "Invalid argument index for memset_chk"); 263 LocationSize Size = LocationSize::afterPointer(); 264 if (const auto *Len = dyn_cast<ConstantInt>(Call->getArgOperand(2))) { 265 // memset_chk writes at most Len bytes. It may write less, if Len 266 // exceeds the specified max size and aborts. 267 Size = LocationSize::upperBound(Len->getZExtValue()); 268 } 269 return MemoryLocation(Arg, Size, AATags); 270 } 271 case LibFunc_strncpy: { 272 assert((ArgIdx == 0 || ArgIdx == 1) && 273 "Invalid argument index for strncpy"); 274 LocationSize Size = LocationSize::afterPointer(); 275 if (const auto *Len = dyn_cast<ConstantInt>(Call->getArgOperand(2))) { 276 // strncpy is guaranteed to write Len bytes, but only reads up to Len 277 // bytes. 278 Size = ArgIdx == 0 ? LocationSize::precise(Len->getZExtValue()) 279 : LocationSize::upperBound(Len->getZExtValue()); 280 } 281 return MemoryLocation(Arg, Size, AATags); 282 } 283 case LibFunc_memset_pattern16: 284 assert((ArgIdx == 0 || ArgIdx == 1) && 285 "Invalid argument index for memset_pattern16"); 286 if (ArgIdx == 1) 287 return MemoryLocation(Arg, LocationSize::precise(16), AATags); 288 if (const ConstantInt *LenCI = 289 dyn_cast<ConstantInt>(Call->getArgOperand(2))) 290 return MemoryLocation(Arg, LocationSize::precise(LenCI->getZExtValue()), 291 AATags); 292 return MemoryLocation::getAfter(Arg, AATags); 293 case LibFunc_bcmp: 294 case LibFunc_memcmp: 295 assert((ArgIdx == 0 || ArgIdx == 1) && 296 "Invalid argument index for memcmp/bcmp"); 297 if (const ConstantInt *LenCI = 298 dyn_cast<ConstantInt>(Call->getArgOperand(2))) 299 return MemoryLocation(Arg, LocationSize::precise(LenCI->getZExtValue()), 300 AATags); 301 return MemoryLocation::getAfter(Arg, AATags); 302 case LibFunc_memchr: 303 assert((ArgIdx == 0) && "Invalid argument index for memchr"); 304 if (const ConstantInt *LenCI = 305 dyn_cast<ConstantInt>(Call->getArgOperand(2))) 306 return MemoryLocation(Arg, LocationSize::precise(LenCI->getZExtValue()), 307 AATags); 308 return MemoryLocation::getAfter(Arg, AATags); 309 case LibFunc_memccpy: 310 assert((ArgIdx == 0 || ArgIdx == 1) && 311 "Invalid argument index for memccpy"); 312 // We only know an upper bound on the number of bytes read/written. 313 if (const ConstantInt *LenCI = 314 dyn_cast<ConstantInt>(Call->getArgOperand(3))) 315 return MemoryLocation( 316 Arg, LocationSize::upperBound(LenCI->getZExtValue()), AATags); 317 return MemoryLocation::getAfter(Arg, AATags); 318 default: 319 break; 320 }; 321 } 322 // FIXME: Handle memset_pattern4 and memset_pattern8 also. 323 324 return MemoryLocation::getBeforeOrAfter(Call->getArgOperand(ArgIdx), AATags); 325 } 326