BasicAliasAnalysis.cpp revision f2becca90b832cc02345fba063b9b439b2be33ad
1//===- BasicAliasAnalysis.cpp - Local Alias Analysis Impl -----------------===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This file defines the default implementation of the Alias Analysis interface 11// that simply implements a few identities (two different globals cannot alias, 12// etc), but otherwise does no analysis. 13// 14//===----------------------------------------------------------------------===// 15 16#include "llvm/Analysis/AliasAnalysis.h" 17#include "llvm/Analysis/CaptureTracking.h" 18#include "llvm/Analysis/MallocFreeHelper.h" 19#include "llvm/Analysis/Passes.h" 20#include "llvm/Constants.h" 21#include "llvm/DerivedTypes.h" 22#include "llvm/Function.h" 23#include "llvm/GlobalVariable.h" 24#include "llvm/Instructions.h" 25#include "llvm/IntrinsicInst.h" 26#include "llvm/LLVMContext.h" 27#include "llvm/Operator.h" 28#include "llvm/Pass.h" 29#include "llvm/Target/TargetData.h" 30#include "llvm/ADT/SmallSet.h" 31#include "llvm/ADT/SmallVector.h" 32#include "llvm/ADT/STLExtras.h" 33#include "llvm/Support/ErrorHandling.h" 34#include "llvm/Support/GetElementPtrTypeIterator.h" 35#include <algorithm> 36using namespace llvm; 37 38//===----------------------------------------------------------------------===// 39// Useful predicates 40//===----------------------------------------------------------------------===// 41 42static const Value *GetGEPOperands(const Value *V, 43 SmallVector<Value*, 16> &GEPOps) { 44 assert(GEPOps.empty() && "Expect empty list to populate!"); 45 GEPOps.insert(GEPOps.end(), cast<User>(V)->op_begin()+1, 46 cast<User>(V)->op_end()); 47 48 // Accumulate all of the chained indexes into the operand array 49 V = cast<User>(V)->getOperand(0); 50 51 while (const GEPOperator *G = dyn_cast<GEPOperator>(V)) { 52 if (!isa<Constant>(GEPOps[0]) || isa<GlobalValue>(GEPOps[0]) || 53 !cast<Constant>(GEPOps[0])->isNullValue()) 54 break; // Don't handle folding arbitrary pointer offsets yet... 55 GEPOps.erase(GEPOps.begin()); // Drop the zero index 56 GEPOps.insert(GEPOps.begin(), G->op_begin()+1, G->op_end()); 57 V = G->getOperand(0); 58 } 59 return V; 60} 61 62/// isKnownNonNull - Return true if we know that the specified value is never 63/// null. 64static bool isKnownNonNull(const Value *V) { 65 // Alloca never returns null, malloc might. 66 if (isa<AllocaInst>(V)) return true; 67 68 // A byval argument is never null. 69 if (const Argument *A = dyn_cast<Argument>(V)) 70 return A->hasByValAttr(); 71 72 // Global values are not null unless extern weak. 73 if (const GlobalValue *GV = dyn_cast<GlobalValue>(V)) 74 return !GV->hasExternalWeakLinkage(); 75 return false; 76} 77 78/// isNonEscapingLocalObject - Return true if the pointer is to a function-local 79/// object that never escapes from the function. 80static bool isNonEscapingLocalObject(const Value *V) { 81 // If this is a local allocation, check to see if it escapes. 82 if (isa<AllocaInst>(V) || isNoAliasCall(V)) 83 return !PointerMayBeCaptured(V, false); 84 85 // If this is an argument that corresponds to a byval or noalias argument, 86 // then it has not escaped before entering the function. Check if it escapes 87 // inside the function. 88 if (const Argument *A = dyn_cast<Argument>(V)) 89 if (A->hasByValAttr() || A->hasNoAliasAttr()) { 90 // Don't bother analyzing arguments already known not to escape. 91 if (A->hasNoCaptureAttr()) 92 return true; 93 return !PointerMayBeCaptured(V, false); 94 } 95 return false; 96} 97 98 99/// isObjectSmallerThan - Return true if we can prove that the object specified 100/// by V is smaller than Size. 101static bool isObjectSmallerThan(const Value *V, unsigned Size, 102 LLVMContext &Context, const TargetData &TD) { 103 const Type *AccessTy; 104 if (const GlobalVariable *GV = dyn_cast<GlobalVariable>(V)) { 105 AccessTy = GV->getType()->getElementType(); 106 } else if (const AllocaInst *AI = dyn_cast<AllocaInst>(V)) { 107 if (!AI->isArrayAllocation()) 108 AccessTy = AI->getType()->getElementType(); 109 else 110 return false; 111 } else if (const CallInst* CI = extractMallocCall(V)) { 112 if (!isArrayMalloc(V, Context, &TD)) 113 // The size is the argument to the malloc call. 114 if (const ConstantInt* C = dyn_cast<ConstantInt>(CI->getOperand(1))) 115 return (C->getZExtValue() < Size); 116 return false; 117 } else if (const Argument *A = dyn_cast<Argument>(V)) { 118 if (A->hasByValAttr()) 119 AccessTy = cast<PointerType>(A->getType())->getElementType(); 120 else 121 return false; 122 } else { 123 return false; 124 } 125 126 if (AccessTy->isSized()) 127 return TD.getTypeAllocSize(AccessTy) < Size; 128 return false; 129} 130 131//===----------------------------------------------------------------------===// 132// NoAA Pass 133//===----------------------------------------------------------------------===// 134 135namespace { 136 /// NoAA - This class implements the -no-aa pass, which always returns "I 137 /// don't know" for alias queries. NoAA is unlike other alias analysis 138 /// implementations, in that it does not chain to a previous analysis. As 139 /// such it doesn't follow many of the rules that other alias analyses must. 140 /// 141 struct NoAA : public ImmutablePass, public AliasAnalysis { 142 static char ID; // Class identification, replacement for typeinfo 143 NoAA() : ImmutablePass(&ID) {} 144 explicit NoAA(void *PID) : ImmutablePass(PID) { } 145 146 virtual void getAnalysisUsage(AnalysisUsage &AU) const { 147 } 148 149 virtual void initializePass() { 150 TD = getAnalysisIfAvailable<TargetData>(); 151 } 152 153 virtual AliasResult alias(const Value *V1, unsigned V1Size, 154 const Value *V2, unsigned V2Size) { 155 return MayAlias; 156 } 157 158 virtual void getArgumentAccesses(Function *F, CallSite CS, 159 std::vector<PointerAccessInfo> &Info) { 160 llvm_unreachable("This method may not be called on this function!"); 161 } 162 163 virtual void getMustAliases(Value *P, std::vector<Value*> &RetVals) { } 164 virtual bool pointsToConstantMemory(const Value *P) { return false; } 165 virtual ModRefResult getModRefInfo(CallSite CS, Value *P, unsigned Size) { 166 return ModRef; 167 } 168 virtual ModRefResult getModRefInfo(CallSite CS1, CallSite CS2) { 169 return ModRef; 170 } 171 virtual bool hasNoModRefInfoForCalls() const { return true; } 172 173 virtual void deleteValue(Value *V) {} 174 virtual void copyValue(Value *From, Value *To) {} 175 }; 176} // End of anonymous namespace 177 178// Register this pass... 179char NoAA::ID = 0; 180static RegisterPass<NoAA> 181U("no-aa", "No Alias Analysis (always returns 'may' alias)", true, true); 182 183// Declare that we implement the AliasAnalysis interface 184static RegisterAnalysisGroup<AliasAnalysis> V(U); 185 186ImmutablePass *llvm::createNoAAPass() { return new NoAA(); } 187 188//===----------------------------------------------------------------------===// 189// BasicAA Pass 190//===----------------------------------------------------------------------===// 191 192namespace { 193 /// BasicAliasAnalysis - This is the default alias analysis implementation. 194 /// Because it doesn't chain to a previous alias analysis (like -no-aa), it 195 /// derives from the NoAA class. 196 struct BasicAliasAnalysis : public NoAA { 197 static char ID; // Class identification, replacement for typeinfo 198 BasicAliasAnalysis() : NoAA(&ID) {} 199 AliasResult alias(const Value *V1, unsigned V1Size, 200 const Value *V2, unsigned V2Size) { 201 assert(VisitedPHIs.empty() && "VisitedPHIs must be cleared after use!"); 202 AliasResult Alias = aliasCheck(V1, V1Size, V2, V2Size); 203 VisitedPHIs.clear(); 204 return Alias; 205 } 206 207 ModRefResult getModRefInfo(CallSite CS, Value *P, unsigned Size); 208 ModRefResult getModRefInfo(CallSite CS1, CallSite CS2); 209 210 /// hasNoModRefInfoForCalls - We can provide mod/ref information against 211 /// non-escaping allocations. 212 virtual bool hasNoModRefInfoForCalls() const { return false; } 213 214 /// pointsToConstantMemory - Chase pointers until we find a (constant 215 /// global) or not. 216 bool pointsToConstantMemory(const Value *P); 217 218 private: 219 // VisitedPHIs - Track PHI nodes visited by a aliasCheck() call. 220 SmallPtrSet<const Value*, 16> VisitedPHIs; 221 222 // aliasGEP - Provide a bunch of ad-hoc rules to disambiguate a GEP instruction 223 // against another. 224 AliasResult aliasGEP(const Value *V1, unsigned V1Size, 225 const Value *V2, unsigned V2Size); 226 227 // aliasPHI - Provide a bunch of ad-hoc rules to disambiguate a PHI instruction 228 // against another. 229 AliasResult aliasPHI(const PHINode *PN, unsigned PNSize, 230 const Value *V2, unsigned V2Size); 231 232 /// aliasSelect - Disambiguate a Select instruction against another value. 233 AliasResult aliasSelect(const SelectInst *SI, unsigned SISize, 234 const Value *V2, unsigned V2Size); 235 236 AliasResult aliasCheck(const Value *V1, unsigned V1Size, 237 const Value *V2, unsigned V2Size); 238 239 // CheckGEPInstructions - Check two GEP instructions with known 240 // must-aliasing base pointers. This checks to see if the index expressions 241 // preclude the pointers from aliasing... 242 AliasResult 243 CheckGEPInstructions(const Type* BasePtr1Ty, 244 Value **GEP1Ops, unsigned NumGEP1Ops, unsigned G1Size, 245 const Type *BasePtr2Ty, 246 Value **GEP2Ops, unsigned NumGEP2Ops, unsigned G2Size); 247 }; 248} // End of anonymous namespace 249 250// Register this pass... 251char BasicAliasAnalysis::ID = 0; 252static RegisterPass<BasicAliasAnalysis> 253X("basicaa", "Basic Alias Analysis (default AA impl)", false, true); 254 255// Declare that we implement the AliasAnalysis interface 256static RegisterAnalysisGroup<AliasAnalysis, true> Y(X); 257 258ImmutablePass *llvm::createBasicAliasAnalysisPass() { 259 return new BasicAliasAnalysis(); 260} 261 262 263/// pointsToConstantMemory - Chase pointers until we find a (constant 264/// global) or not. 265bool BasicAliasAnalysis::pointsToConstantMemory(const Value *P) { 266 if (const GlobalVariable *GV = 267 dyn_cast<GlobalVariable>(P->getUnderlyingObject())) 268 return GV->isConstant(); 269 return false; 270} 271 272 273// getModRefInfo - Check to see if the specified callsite can clobber the 274// specified memory object. Since we only look at local properties of this 275// function, we really can't say much about this query. We do, however, use 276// simple "address taken" analysis on local objects. 277// 278AliasAnalysis::ModRefResult 279BasicAliasAnalysis::getModRefInfo(CallSite CS, Value *P, unsigned Size) { 280 if (!isa<Constant>(P)) { 281 const Value *Object = P->getUnderlyingObject(); 282 283 // If this is a tail call and P points to a stack location, we know that 284 // the tail call cannot access or modify the local stack. 285 // We cannot exclude byval arguments here; these belong to the caller of 286 // the current function not to the current function, and a tail callee 287 // may reference them. 288 if (isa<AllocaInst>(Object)) 289 if (CallInst *CI = dyn_cast<CallInst>(CS.getInstruction())) 290 if (CI->isTailCall()) 291 return NoModRef; 292 293 // If the pointer is to a locally allocated object that does not escape, 294 // then the call can not mod/ref the pointer unless the call takes the 295 // argument without capturing it. 296 if (isNonEscapingLocalObject(Object) && CS.getInstruction() != Object) { 297 bool passedAsArg = false; 298 // TODO: Eventually only check 'nocapture' arguments. 299 for (CallSite::arg_iterator CI = CS.arg_begin(), CE = CS.arg_end(); 300 CI != CE; ++CI) 301 if (isa<PointerType>((*CI)->getType()) && 302 alias(cast<Value>(CI), ~0U, P, ~0U) != NoAlias) 303 passedAsArg = true; 304 305 if (!passedAsArg) 306 return NoModRef; 307 } 308 309 if (IntrinsicInst *II = dyn_cast<IntrinsicInst>(CS.getInstruction())) { 310 switch (II->getIntrinsicID()) { 311 default: break; 312 case Intrinsic::memcpy: 313 case Intrinsic::memmove: { 314 unsigned Len = ~0U; 315 if (ConstantInt *LenCI = dyn_cast<ConstantInt>(II->getOperand(3))) 316 Len = LenCI->getZExtValue(); 317 Value *Dest = II->getOperand(1); 318 Value *Src = II->getOperand(2); 319 if (alias(Dest, Len, P, Size) == NoAlias) { 320 if (alias(Src, Len, P, Size) == NoAlias) 321 return NoModRef; 322 return Ref; 323 } 324 } 325 break; 326 case Intrinsic::memset: 327 if (ConstantInt *LenCI = dyn_cast<ConstantInt>(II->getOperand(3))) { 328 unsigned Len = LenCI->getZExtValue(); 329 Value *Dest = II->getOperand(1); 330 if (alias(Dest, Len, P, Size) == NoAlias) 331 return NoModRef; 332 } 333 break; 334 case Intrinsic::atomic_cmp_swap: 335 case Intrinsic::atomic_swap: 336 case Intrinsic::atomic_load_add: 337 case Intrinsic::atomic_load_sub: 338 case Intrinsic::atomic_load_and: 339 case Intrinsic::atomic_load_nand: 340 case Intrinsic::atomic_load_or: 341 case Intrinsic::atomic_load_xor: 342 case Intrinsic::atomic_load_max: 343 case Intrinsic::atomic_load_min: 344 case Intrinsic::atomic_load_umax: 345 case Intrinsic::atomic_load_umin: 346 if (TD) { 347 Value *Op1 = II->getOperand(1); 348 unsigned Op1Size = TD->getTypeStoreSize(Op1->getType()); 349 if (alias(Op1, Op1Size, P, Size) == NoAlias) 350 return NoModRef; 351 } 352 break; 353 case Intrinsic::lifetime_start: 354 case Intrinsic::lifetime_end: 355 case Intrinsic::invariant_start: { 356 unsigned PtrSize = cast<ConstantInt>(II->getOperand(1))->getZExtValue(); 357 if (alias(II->getOperand(2), PtrSize, P, Size) == NoAlias) 358 return NoModRef; 359 } 360 break; 361 case Intrinsic::invariant_end: { 362 unsigned PtrSize = cast<ConstantInt>(II->getOperand(2))->getZExtValue(); 363 if (alias(II->getOperand(3), PtrSize, P, Size) == NoAlias) 364 return NoModRef; 365 } 366 break; 367 } 368 } 369 } 370 371 // The AliasAnalysis base class has some smarts, lets use them. 372 return AliasAnalysis::getModRefInfo(CS, P, Size); 373} 374 375 376AliasAnalysis::ModRefResult 377BasicAliasAnalysis::getModRefInfo(CallSite CS1, CallSite CS2) { 378 // If CS1 or CS2 are readnone, they don't interact. 379 ModRefBehavior CS1B = AliasAnalysis::getModRefBehavior(CS1); 380 if (CS1B == DoesNotAccessMemory) return NoModRef; 381 382 ModRefBehavior CS2B = AliasAnalysis::getModRefBehavior(CS2); 383 if (CS2B == DoesNotAccessMemory) return NoModRef; 384 385 // If they both only read from memory, just return ref. 386 if (CS1B == OnlyReadsMemory && CS2B == OnlyReadsMemory) 387 return Ref; 388 389 // Otherwise, fall back to NoAA (mod+ref). 390 return NoAA::getModRefInfo(CS1, CS2); 391} 392 393// aliasGEP - Provide a bunch of ad-hoc rules to disambiguate a GEP instruction 394// against another. 395// 396AliasAnalysis::AliasResult 397BasicAliasAnalysis::aliasGEP(const Value *V1, unsigned V1Size, 398 const Value *V2, unsigned V2Size) { 399 // If we have two gep instructions with must-alias'ing base pointers, figure 400 // out if the indexes to the GEP tell us anything about the derived pointer. 401 // Note that we also handle chains of getelementptr instructions as well as 402 // constant expression getelementptrs here. 403 // 404 if (isa<GEPOperator>(V1) && isa<GEPOperator>(V2)) { 405 const User *GEP1 = cast<User>(V1); 406 const User *GEP2 = cast<User>(V2); 407 408 // If V1 and V2 are identical GEPs, just recurse down on both of them. 409 // This allows us to analyze things like: 410 // P = gep A, 0, i, 1 411 // Q = gep B, 0, i, 1 412 // by just analyzing A and B. This is even safe for variable indices. 413 if (GEP1->getType() == GEP2->getType() && 414 GEP1->getNumOperands() == GEP2->getNumOperands() && 415 GEP1->getOperand(0)->getType() == GEP2->getOperand(0)->getType() && 416 // All operands are the same, ignoring the base. 417 std::equal(GEP1->op_begin()+1, GEP1->op_end(), GEP2->op_begin()+1)) 418 return aliasCheck(GEP1->getOperand(0), V1Size, 419 GEP2->getOperand(0), V2Size); 420 421 // Drill down into the first non-gep value, to test for must-aliasing of 422 // the base pointers. 423 while (isa<GEPOperator>(GEP1->getOperand(0)) && 424 GEP1->getOperand(1) == 425 Constant::getNullValue(GEP1->getOperand(1)->getType())) 426 GEP1 = cast<User>(GEP1->getOperand(0)); 427 const Value *BasePtr1 = GEP1->getOperand(0); 428 429 while (isa<GEPOperator>(GEP2->getOperand(0)) && 430 GEP2->getOperand(1) == 431 Constant::getNullValue(GEP2->getOperand(1)->getType())) 432 GEP2 = cast<User>(GEP2->getOperand(0)); 433 const Value *BasePtr2 = GEP2->getOperand(0); 434 435 // Do the base pointers alias? 436 AliasResult BaseAlias = aliasCheck(BasePtr1, ~0U, BasePtr2, ~0U); 437 if (BaseAlias == NoAlias) return NoAlias; 438 if (BaseAlias == MustAlias) { 439 // If the base pointers alias each other exactly, check to see if we can 440 // figure out anything about the resultant pointers, to try to prove 441 // non-aliasing. 442 443 // Collect all of the chained GEP operands together into one simple place 444 SmallVector<Value*, 16> GEP1Ops, GEP2Ops; 445 BasePtr1 = GetGEPOperands(V1, GEP1Ops); 446 BasePtr2 = GetGEPOperands(V2, GEP2Ops); 447 448 // If GetGEPOperands were able to fold to the same must-aliased pointer, 449 // do the comparison. 450 if (BasePtr1 == BasePtr2) { 451 AliasResult GAlias = 452 CheckGEPInstructions(BasePtr1->getType(), 453 &GEP1Ops[0], GEP1Ops.size(), V1Size, 454 BasePtr2->getType(), 455 &GEP2Ops[0], GEP2Ops.size(), V2Size); 456 if (GAlias != MayAlias) 457 return GAlias; 458 } 459 } 460 } 461 462 // Check to see if these two pointers are related by a getelementptr 463 // instruction. If one pointer is a GEP with a non-zero index of the other 464 // pointer, we know they cannot alias. 465 // 466 if (V1Size == ~0U || V2Size == ~0U) 467 return MayAlias; 468 469 SmallVector<Value*, 16> GEPOperands; 470 const Value *BasePtr = GetGEPOperands(V1, GEPOperands); 471 472 AliasResult R = aliasCheck(BasePtr, ~0U, V2, V2Size); 473 if (R != MustAlias) 474 // If V2 may alias GEP base pointer, conservatively returns MayAlias. 475 // If V2 is known not to alias GEP base pointer, then the two values 476 // cannot alias per GEP semantics: "A pointer value formed from a 477 // getelementptr instruction is associated with the addresses associated 478 // with the first operand of the getelementptr". 479 return R; 480 481 // If there is at least one non-zero constant index, we know they cannot 482 // alias. 483 bool ConstantFound = false; 484 bool AllZerosFound = true; 485 for (unsigned i = 0, e = GEPOperands.size(); i != e; ++i) 486 if (const Constant *C = dyn_cast<Constant>(GEPOperands[i])) { 487 if (!C->isNullValue()) { 488 ConstantFound = true; 489 AllZerosFound = false; 490 break; 491 } 492 } else { 493 AllZerosFound = false; 494 } 495 496 // If we have getelementptr <ptr>, 0, 0, 0, 0, ... and V2 must aliases 497 // the ptr, the end result is a must alias also. 498 if (AllZerosFound) 499 return MustAlias; 500 501 if (ConstantFound) { 502 if (V2Size <= 1 && V1Size <= 1) // Just pointer check? 503 return NoAlias; 504 505 // Otherwise we have to check to see that the distance is more than 506 // the size of the argument... build an index vector that is equal to 507 // the arguments provided, except substitute 0's for any variable 508 // indexes we find... 509 if (TD && 510 cast<PointerType>(BasePtr->getType())->getElementType()->isSized()) { 511 for (unsigned i = 0; i != GEPOperands.size(); ++i) 512 if (!isa<ConstantInt>(GEPOperands[i])) 513 GEPOperands[i] = Constant::getNullValue(GEPOperands[i]->getType()); 514 int64_t Offset = TD->getIndexedOffset(BasePtr->getType(), 515 &GEPOperands[0], 516 GEPOperands.size()); 517 518 if (Offset >= (int64_t)V2Size || Offset <= -(int64_t)V1Size) 519 return NoAlias; 520 } 521 } 522 523 return MayAlias; 524} 525 526// aliasSelect - Provide a bunch of ad-hoc rules to disambiguate a Select instruction 527// against another. 528AliasAnalysis::AliasResult 529BasicAliasAnalysis::aliasSelect(const SelectInst *SI, unsigned SISize, 530 const Value *V2, unsigned V2Size) { 531 // If the values are Selects with the same condition, we can do a more precise 532 // check: just check for aliases between the values on corresponding arms. 533 if (const SelectInst *SI2 = dyn_cast<SelectInst>(V2)) 534 if (SI->getCondition() == SI2->getCondition()) { 535 AliasResult Alias = 536 aliasCheck(SI->getTrueValue(), SISize, 537 SI2->getTrueValue(), V2Size); 538 if (Alias == MayAlias) 539 return MayAlias; 540 AliasResult ThisAlias = 541 aliasCheck(SI->getFalseValue(), SISize, 542 SI2->getFalseValue(), V2Size); 543 if (ThisAlias != Alias) 544 return MayAlias; 545 return Alias; 546 } 547 548 // If both arms of the Select node NoAlias or MustAlias V2, then returns 549 // NoAlias / MustAlias. Otherwise, returns MayAlias. 550 AliasResult Alias = 551 aliasCheck(SI->getTrueValue(), SISize, V2, V2Size); 552 if (Alias == MayAlias) 553 return MayAlias; 554 AliasResult ThisAlias = 555 aliasCheck(SI->getFalseValue(), SISize, V2, V2Size); 556 if (ThisAlias != Alias) 557 return MayAlias; 558 return Alias; 559} 560 561// aliasPHI - Provide a bunch of ad-hoc rules to disambiguate a PHI instruction 562// against another. 563AliasAnalysis::AliasResult 564BasicAliasAnalysis::aliasPHI(const PHINode *PN, unsigned PNSize, 565 const Value *V2, unsigned V2Size) { 566 // The PHI node has already been visited, avoid recursion any further. 567 if (!VisitedPHIs.insert(PN)) 568 return MayAlias; 569 570 // If the values are PHIs in the same block, we can do a more precise 571 // as well as efficient check: just check for aliases between the values 572 // on corresponding edges. 573 if (const PHINode *PN2 = dyn_cast<PHINode>(V2)) 574 if (PN2->getParent() == PN->getParent()) { 575 AliasResult Alias = 576 aliasCheck(PN->getIncomingValue(0), PNSize, 577 PN2->getIncomingValueForBlock(PN->getIncomingBlock(0)), 578 V2Size); 579 if (Alias == MayAlias) 580 return MayAlias; 581 for (unsigned i = 1, e = PN->getNumIncomingValues(); i != e; ++i) { 582 AliasResult ThisAlias = 583 aliasCheck(PN->getIncomingValue(i), PNSize, 584 PN2->getIncomingValueForBlock(PN->getIncomingBlock(i)), 585 V2Size); 586 if (ThisAlias != Alias) 587 return MayAlias; 588 } 589 return Alias; 590 } 591 592 SmallPtrSet<Value*, 4> UniqueSrc; 593 SmallVector<Value*, 4> V1Srcs; 594 for (unsigned i = 0, e = PN->getNumIncomingValues(); i != e; ++i) { 595 Value *PV1 = PN->getIncomingValue(i); 596 if (isa<PHINode>(PV1)) 597 // If any of the source itself is a PHI, return MayAlias conservatively 598 // to avoid compile time explosion. The worst possible case is if both 599 // sides are PHI nodes. In which case, this is O(m x n) time where 'm' 600 // and 'n' are the number of PHI sources. 601 return MayAlias; 602 if (UniqueSrc.insert(PV1)) 603 V1Srcs.push_back(PV1); 604 } 605 606 AliasResult Alias = aliasCheck(V2, V2Size, V1Srcs[0], PNSize); 607 // Early exit if the check of the first PHI source against V2 is MayAlias. 608 // Other results are not possible. 609 if (Alias == MayAlias) 610 return MayAlias; 611 612 // If all sources of the PHI node NoAlias or MustAlias V2, then returns 613 // NoAlias / MustAlias. Otherwise, returns MayAlias. 614 for (unsigned i = 1, e = V1Srcs.size(); i != e; ++i) { 615 Value *V = V1Srcs[i]; 616 617 // If V2 is a PHI, the recursive case will have been caught in the 618 // above aliasCheck call, so these subsequent calls to aliasCheck 619 // don't need to assume that V2 is being visited recursively. 620 VisitedPHIs.erase(V2); 621 622 AliasResult ThisAlias = aliasCheck(V2, V2Size, V, PNSize); 623 if (ThisAlias != Alias || ThisAlias == MayAlias) 624 return MayAlias; 625 } 626 627 return Alias; 628} 629 630// aliasCheck - Provide a bunch of ad-hoc rules to disambiguate in common cases, 631// such as array references. 632// 633AliasAnalysis::AliasResult 634BasicAliasAnalysis::aliasCheck(const Value *V1, unsigned V1Size, 635 const Value *V2, unsigned V2Size) { 636 // Strip off any casts if they exist. 637 V1 = V1->stripPointerCasts(); 638 V2 = V2->stripPointerCasts(); 639 640 // Are we checking for alias of the same value? 641 if (V1 == V2) return MustAlias; 642 643 if (!isa<PointerType>(V1->getType()) || !isa<PointerType>(V2->getType())) 644 return NoAlias; // Scalars cannot alias each other 645 646 // Figure out what objects these things are pointing to if we can. 647 const Value *O1 = V1->getUnderlyingObject(); 648 const Value *O2 = V2->getUnderlyingObject(); 649 650 if (O1 != O2) { 651 // If V1/V2 point to two different objects we know that we have no alias. 652 if (isIdentifiedObject(O1) && isIdentifiedObject(O2)) 653 return NoAlias; 654 655 // Arguments can't alias with local allocations or noalias calls. 656 if ((isa<Argument>(O1) && (isa<AllocaInst>(O2) || isNoAliasCall(O2))) || 657 (isa<Argument>(O2) && (isa<AllocaInst>(O1) || isNoAliasCall(O1)))) 658 return NoAlias; 659 660 // Most objects can't alias null. 661 if ((isa<ConstantPointerNull>(V2) && isKnownNonNull(O1)) || 662 (isa<ConstantPointerNull>(V1) && isKnownNonNull(O2))) 663 return NoAlias; 664 } 665 666 // If the size of one access is larger than the entire object on the other 667 // side, then we know such behavior is undefined and can assume no alias. 668 LLVMContext &Context = V1->getContext(); 669 if (TD) 670 if ((V1Size != ~0U && isObjectSmallerThan(O2, V1Size, Context, *TD)) || 671 (V2Size != ~0U && isObjectSmallerThan(O1, V2Size, Context, *TD))) 672 return NoAlias; 673 674 // If one pointer is the result of a call/invoke and the other is a 675 // non-escaping local object, then we know the object couldn't escape to a 676 // point where the call could return it. 677 if ((isa<CallInst>(O1) || isa<InvokeInst>(O1)) && 678 isNonEscapingLocalObject(O2) && O1 != O2) 679 return NoAlias; 680 if ((isa<CallInst>(O2) || isa<InvokeInst>(O2)) && 681 isNonEscapingLocalObject(O1) && O1 != O2) 682 return NoAlias; 683 684 if (!isa<GEPOperator>(V1) && isa<GEPOperator>(V2)) { 685 std::swap(V1, V2); 686 std::swap(V1Size, V2Size); 687 } 688 if (isa<GEPOperator>(V1)) 689 return aliasGEP(V1, V1Size, V2, V2Size); 690 691 if (isa<PHINode>(V2) && !isa<PHINode>(V1)) { 692 std::swap(V1, V2); 693 std::swap(V1Size, V2Size); 694 } 695 if (const PHINode *PN = dyn_cast<PHINode>(V1)) 696 return aliasPHI(PN, V1Size, V2, V2Size); 697 698 if (isa<SelectInst>(V2) && !isa<SelectInst>(V1)) { 699 std::swap(V1, V2); 700 std::swap(V1Size, V2Size); 701 } 702 if (const SelectInst *S1 = dyn_cast<SelectInst>(V1)) 703 return aliasSelect(S1, V1Size, V2, V2Size); 704 705 return MayAlias; 706} 707 708// This function is used to determine if the indices of two GEP instructions are 709// equal. V1 and V2 are the indices. 710static bool IndexOperandsEqual(Value *V1, Value *V2, LLVMContext &Context) { 711 if (V1->getType() == V2->getType()) 712 return V1 == V2; 713 if (Constant *C1 = dyn_cast<Constant>(V1)) 714 if (Constant *C2 = dyn_cast<Constant>(V2)) { 715 // Sign extend the constants to long types, if necessary 716 if (C1->getType() != Type::getInt64Ty(Context)) 717 C1 = ConstantExpr::getSExt(C1, Type::getInt64Ty(Context)); 718 if (C2->getType() != Type::getInt64Ty(Context)) 719 C2 = ConstantExpr::getSExt(C2, Type::getInt64Ty(Context)); 720 return C1 == C2; 721 } 722 return false; 723} 724 725/// CheckGEPInstructions - Check two GEP instructions with known must-aliasing 726/// base pointers. This checks to see if the index expressions preclude the 727/// pointers from aliasing... 728AliasAnalysis::AliasResult 729BasicAliasAnalysis::CheckGEPInstructions( 730 const Type* BasePtr1Ty, Value **GEP1Ops, unsigned NumGEP1Ops, unsigned G1S, 731 const Type *BasePtr2Ty, Value **GEP2Ops, unsigned NumGEP2Ops, unsigned G2S) { 732 // We currently can't handle the case when the base pointers have different 733 // primitive types. Since this is uncommon anyway, we are happy being 734 // extremely conservative. 735 if (BasePtr1Ty != BasePtr2Ty) 736 return MayAlias; 737 738 const PointerType *GEPPointerTy = cast<PointerType>(BasePtr1Ty); 739 740 LLVMContext &Context = GEPPointerTy->getContext(); 741 742 // Find the (possibly empty) initial sequence of equal values... which are not 743 // necessarily constants. 744 unsigned NumGEP1Operands = NumGEP1Ops, NumGEP2Operands = NumGEP2Ops; 745 unsigned MinOperands = std::min(NumGEP1Operands, NumGEP2Operands); 746 unsigned MaxOperands = std::max(NumGEP1Operands, NumGEP2Operands); 747 unsigned UnequalOper = 0; 748 while (UnequalOper != MinOperands && 749 IndexOperandsEqual(GEP1Ops[UnequalOper], GEP2Ops[UnequalOper], 750 Context)) { 751 // Advance through the type as we go... 752 ++UnequalOper; 753 if (const CompositeType *CT = dyn_cast<CompositeType>(BasePtr1Ty)) 754 BasePtr1Ty = CT->getTypeAtIndex(GEP1Ops[UnequalOper-1]); 755 else { 756 // If all operands equal each other, then the derived pointers must 757 // alias each other... 758 BasePtr1Ty = 0; 759 assert(UnequalOper == NumGEP1Operands && UnequalOper == NumGEP2Operands && 760 "Ran out of type nesting, but not out of operands?"); 761 return MustAlias; 762 } 763 } 764 765 // If we have seen all constant operands, and run out of indexes on one of the 766 // getelementptrs, check to see if the tail of the leftover one is all zeros. 767 // If so, return mustalias. 768 if (UnequalOper == MinOperands) { 769 if (NumGEP1Ops < NumGEP2Ops) { 770 std::swap(GEP1Ops, GEP2Ops); 771 std::swap(NumGEP1Ops, NumGEP2Ops); 772 } 773 774 bool AllAreZeros = true; 775 for (unsigned i = UnequalOper; i != MaxOperands; ++i) 776 if (!isa<Constant>(GEP1Ops[i]) || 777 !cast<Constant>(GEP1Ops[i])->isNullValue()) { 778 AllAreZeros = false; 779 break; 780 } 781 if (AllAreZeros) return MustAlias; 782 } 783 784 785 // So now we know that the indexes derived from the base pointers, 786 // which are known to alias, are different. We can still determine a 787 // no-alias result if there are differing constant pairs in the index 788 // chain. For example: 789 // A[i][0] != A[j][1] iff (&A[0][1]-&A[0][0] >= std::max(G1S, G2S)) 790 // 791 // We have to be careful here about array accesses. In particular, consider: 792 // A[1][0] vs A[0][i] 793 // In this case, we don't *know* that the array will be accessed in bounds: 794 // the index could even be negative. Because of this, we have to 795 // conservatively *give up* and return may alias. We disregard differing 796 // array subscripts that are followed by a variable index without going 797 // through a struct. 798 // 799 unsigned SizeMax = std::max(G1S, G2S); 800 if (SizeMax == ~0U) return MayAlias; // Avoid frivolous work. 801 802 // Scan for the first operand that is constant and unequal in the 803 // two getelementptrs... 804 unsigned FirstConstantOper = UnequalOper; 805 for (; FirstConstantOper != MinOperands; ++FirstConstantOper) { 806 const Value *G1Oper = GEP1Ops[FirstConstantOper]; 807 const Value *G2Oper = GEP2Ops[FirstConstantOper]; 808 809 if (G1Oper != G2Oper) // Found non-equal constant indexes... 810 if (Constant *G1OC = dyn_cast<ConstantInt>(const_cast<Value*>(G1Oper))) 811 if (Constant *G2OC = dyn_cast<ConstantInt>(const_cast<Value*>(G2Oper))){ 812 if (G1OC->getType() != G2OC->getType()) { 813 // Sign extend both operands to long. 814 if (G1OC->getType() != Type::getInt64Ty(Context)) 815 G1OC = ConstantExpr::getSExt(G1OC, Type::getInt64Ty(Context)); 816 if (G2OC->getType() != Type::getInt64Ty(Context)) 817 G2OC = ConstantExpr::getSExt(G2OC, Type::getInt64Ty(Context)); 818 GEP1Ops[FirstConstantOper] = G1OC; 819 GEP2Ops[FirstConstantOper] = G2OC; 820 } 821 822 if (G1OC != G2OC) { 823 // Handle the "be careful" case above: if this is an array/vector 824 // subscript, scan for a subsequent variable array index. 825 if (const SequentialType *STy = 826 dyn_cast<SequentialType>(BasePtr1Ty)) { 827 const Type *NextTy = STy; 828 bool isBadCase = false; 829 830 for (unsigned Idx = FirstConstantOper; 831 Idx != MinOperands && isa<SequentialType>(NextTy); ++Idx) { 832 const Value *V1 = GEP1Ops[Idx], *V2 = GEP2Ops[Idx]; 833 if (!isa<Constant>(V1) || !isa<Constant>(V2)) { 834 isBadCase = true; 835 break; 836 } 837 // If the array is indexed beyond the bounds of the static type 838 // at this level, it will also fall into the "be careful" case. 839 // It would theoretically be possible to analyze these cases, 840 // but for now just be conservatively correct. 841 if (const ArrayType *ATy = dyn_cast<ArrayType>(STy)) 842 if (cast<ConstantInt>(G1OC)->getZExtValue() >= 843 ATy->getNumElements() || 844 cast<ConstantInt>(G2OC)->getZExtValue() >= 845 ATy->getNumElements()) { 846 isBadCase = true; 847 break; 848 } 849 if (const VectorType *VTy = dyn_cast<VectorType>(STy)) 850 if (cast<ConstantInt>(G1OC)->getZExtValue() >= 851 VTy->getNumElements() || 852 cast<ConstantInt>(G2OC)->getZExtValue() >= 853 VTy->getNumElements()) { 854 isBadCase = true; 855 break; 856 } 857 STy = cast<SequentialType>(NextTy); 858 NextTy = cast<SequentialType>(NextTy)->getElementType(); 859 } 860 861 if (isBadCase) G1OC = 0; 862 } 863 864 // Make sure they are comparable (ie, not constant expressions), and 865 // make sure the GEP with the smaller leading constant is GEP1. 866 if (G1OC) { 867 Constant *Compare = ConstantExpr::getICmp(ICmpInst::ICMP_SGT, 868 G1OC, G2OC); 869 if (ConstantInt *CV = dyn_cast<ConstantInt>(Compare)) { 870 if (CV->getZExtValue()) { // If they are comparable and G2 > G1 871 std::swap(GEP1Ops, GEP2Ops); // Make GEP1 < GEP2 872 std::swap(NumGEP1Ops, NumGEP2Ops); 873 } 874 break; 875 } 876 } 877 } 878 } 879 BasePtr1Ty = cast<CompositeType>(BasePtr1Ty)->getTypeAtIndex(G1Oper); 880 } 881 882 // No shared constant operands, and we ran out of common operands. At this 883 // point, the GEP instructions have run through all of their operands, and we 884 // haven't found evidence that there are any deltas between the GEP's. 885 // However, one GEP may have more operands than the other. If this is the 886 // case, there may still be hope. Check this now. 887 if (FirstConstantOper == MinOperands) { 888 // Without TargetData, we won't know what the offsets are. 889 if (!TD) 890 return MayAlias; 891 892 // Make GEP1Ops be the longer one if there is a longer one. 893 if (NumGEP1Ops < NumGEP2Ops) { 894 std::swap(GEP1Ops, GEP2Ops); 895 std::swap(NumGEP1Ops, NumGEP2Ops); 896 } 897 898 // Is there anything to check? 899 if (NumGEP1Ops > MinOperands) { 900 for (unsigned i = FirstConstantOper; i != MaxOperands; ++i) 901 if (isa<ConstantInt>(GEP1Ops[i]) && 902 !cast<ConstantInt>(GEP1Ops[i])->isZero()) { 903 // Yup, there's a constant in the tail. Set all variables to 904 // constants in the GEP instruction to make it suitable for 905 // TargetData::getIndexedOffset. 906 for (i = 0; i != MaxOperands; ++i) 907 if (!isa<ConstantInt>(GEP1Ops[i])) 908 GEP1Ops[i] = Constant::getNullValue(GEP1Ops[i]->getType()); 909 // Okay, now get the offset. This is the relative offset for the full 910 // instruction. 911 int64_t Offset1 = TD->getIndexedOffset(GEPPointerTy, GEP1Ops, 912 NumGEP1Ops); 913 914 // Now check without any constants at the end. 915 int64_t Offset2 = TD->getIndexedOffset(GEPPointerTy, GEP1Ops, 916 MinOperands); 917 918 // Make sure we compare the absolute difference. 919 if (Offset1 > Offset2) 920 std::swap(Offset1, Offset2); 921 922 // If the tail provided a bit enough offset, return noalias! 923 if ((uint64_t)(Offset2-Offset1) >= SizeMax) 924 return NoAlias; 925 // Otherwise break - we don't look for another constant in the tail. 926 break; 927 } 928 } 929 930 // Couldn't find anything useful. 931 return MayAlias; 932 } 933 934 // If there are non-equal constants arguments, then we can figure 935 // out a minimum known delta between the two index expressions... at 936 // this point we know that the first constant index of GEP1 is less 937 // than the first constant index of GEP2. 938 939 // Advance BasePtr[12]Ty over this first differing constant operand. 940 BasePtr2Ty = cast<CompositeType>(BasePtr1Ty)-> 941 getTypeAtIndex(GEP2Ops[FirstConstantOper]); 942 BasePtr1Ty = cast<CompositeType>(BasePtr1Ty)-> 943 getTypeAtIndex(GEP1Ops[FirstConstantOper]); 944 945 // We are going to be using TargetData::getIndexedOffset to determine the 946 // offset that each of the GEP's is reaching. To do this, we have to convert 947 // all variable references to constant references. To do this, we convert the 948 // initial sequence of array subscripts into constant zeros to start with. 949 const Type *ZeroIdxTy = GEPPointerTy; 950 for (unsigned i = 0; i != FirstConstantOper; ++i) { 951 if (!isa<StructType>(ZeroIdxTy)) 952 GEP1Ops[i] = GEP2Ops[i] = 953 Constant::getNullValue(Type::getInt32Ty(Context)); 954 955 if (const CompositeType *CT = dyn_cast<CompositeType>(ZeroIdxTy)) 956 ZeroIdxTy = CT->getTypeAtIndex(GEP1Ops[i]); 957 } 958 959 // We know that GEP1Ops[FirstConstantOper] & GEP2Ops[FirstConstantOper] are ok 960 961 // Loop over the rest of the operands... 962 for (unsigned i = FirstConstantOper+1; i != MaxOperands; ++i) { 963 const Value *Op1 = i < NumGEP1Ops ? GEP1Ops[i] : 0; 964 const Value *Op2 = i < NumGEP2Ops ? GEP2Ops[i] : 0; 965 // If they are equal, use a zero index... 966 if (Op1 == Op2 && BasePtr1Ty == BasePtr2Ty) { 967 if (!isa<ConstantInt>(Op1)) 968 GEP1Ops[i] = GEP2Ops[i] = Constant::getNullValue(Op1->getType()); 969 // Otherwise, just keep the constants we have. 970 } else { 971 if (Op1) { 972 if (const ConstantInt *Op1C = dyn_cast<ConstantInt>(Op1)) { 973 // If this is an array index, make sure the array element is in range. 974 if (const ArrayType *AT = dyn_cast<ArrayType>(BasePtr1Ty)) { 975 if (Op1C->getZExtValue() >= AT->getNumElements()) 976 return MayAlias; // Be conservative with out-of-range accesses 977 } else if (const VectorType *VT = dyn_cast<VectorType>(BasePtr1Ty)) { 978 if (Op1C->getZExtValue() >= VT->getNumElements()) 979 return MayAlias; // Be conservative with out-of-range accesses 980 } 981 982 } else { 983 // GEP1 is known to produce a value less than GEP2. To be 984 // conservatively correct, we must assume the largest possible 985 // constant is used in this position. This cannot be the initial 986 // index to the GEP instructions (because we know we have at least one 987 // element before this one with the different constant arguments), so 988 // we know that the current index must be into either a struct or 989 // array. Because we know it's not constant, this cannot be a 990 // structure index. Because of this, we can calculate the maximum 991 // value possible. 992 // 993 if (const ArrayType *AT = dyn_cast<ArrayType>(BasePtr1Ty)) 994 GEP1Ops[i] = 995 ConstantInt::get(Type::getInt64Ty(Context), 996 AT->getNumElements()-1); 997 else if (const VectorType *VT = dyn_cast<VectorType>(BasePtr1Ty)) 998 GEP1Ops[i] = 999 ConstantInt::get(Type::getInt64Ty(Context), 1000 VT->getNumElements()-1); 1001 } 1002 } 1003 1004 if (Op2) { 1005 if (const ConstantInt *Op2C = dyn_cast<ConstantInt>(Op2)) { 1006 // If this is an array index, make sure the array element is in range. 1007 if (const ArrayType *AT = dyn_cast<ArrayType>(BasePtr2Ty)) { 1008 if (Op2C->getZExtValue() >= AT->getNumElements()) 1009 return MayAlias; // Be conservative with out-of-range accesses 1010 } else if (const VectorType *VT = dyn_cast<VectorType>(BasePtr2Ty)) { 1011 if (Op2C->getZExtValue() >= VT->getNumElements()) 1012 return MayAlias; // Be conservative with out-of-range accesses 1013 } 1014 } else { // Conservatively assume the minimum value for this index 1015 GEP2Ops[i] = Constant::getNullValue(Op2->getType()); 1016 } 1017 } 1018 } 1019 1020 if (BasePtr1Ty && Op1) { 1021 if (const CompositeType *CT = dyn_cast<CompositeType>(BasePtr1Ty)) 1022 BasePtr1Ty = CT->getTypeAtIndex(GEP1Ops[i]); 1023 else 1024 BasePtr1Ty = 0; 1025 } 1026 1027 if (BasePtr2Ty && Op2) { 1028 if (const CompositeType *CT = dyn_cast<CompositeType>(BasePtr2Ty)) 1029 BasePtr2Ty = CT->getTypeAtIndex(GEP2Ops[i]); 1030 else 1031 BasePtr2Ty = 0; 1032 } 1033 } 1034 1035 if (TD && GEPPointerTy->getElementType()->isSized()) { 1036 int64_t Offset1 = 1037 TD->getIndexedOffset(GEPPointerTy, GEP1Ops, NumGEP1Ops); 1038 int64_t Offset2 = 1039 TD->getIndexedOffset(GEPPointerTy, GEP2Ops, NumGEP2Ops); 1040 assert(Offset1 != Offset2 && 1041 "There is at least one different constant here!"); 1042 1043 // Make sure we compare the absolute difference. 1044 if (Offset1 > Offset2) 1045 std::swap(Offset1, Offset2); 1046 1047 if ((uint64_t)(Offset2-Offset1) >= SizeMax) { 1048 //cerr << "Determined that these two GEP's don't alias [" 1049 // << SizeMax << " bytes]: \n" << *GEP1 << *GEP2; 1050 return NoAlias; 1051 } 1052 } 1053 return MayAlias; 1054} 1055 1056// Make sure that anything that uses AliasAnalysis pulls in this file... 1057DEFINING_FILE_FOR(BasicAliasAnalysis) 1058