1 //===- CallPromotionUtils.cpp - Utilities for call promotion ----*- C++ -*-===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This file implements utilities useful for promoting indirect call sites to
10 // direct call sites.
11 //
12 //===----------------------------------------------------------------------===//
13
14 #include "llvm/Transforms/Utils/CallPromotionUtils.h"
15 #include "llvm/Analysis/Loads.h"
16 #include "llvm/Analysis/TypeMetadataUtils.h"
17 #include "llvm/IR/IRBuilder.h"
18 #include "llvm/IR/Instructions.h"
19 #include "llvm/Transforms/Utils/BasicBlockUtils.h"
20
21 using namespace llvm;
22
23 #define DEBUG_TYPE "call-promotion-utils"
24
25 /// Fix-up phi nodes in an invoke instruction's normal destination.
26 ///
27 /// After versioning an invoke instruction, values coming from the original
28 /// block will now be coming from the "merge" block. For example, in the code
29 /// below:
30 ///
31 /// then_bb:
32 /// %t0 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst
33 ///
34 /// else_bb:
35 /// %t1 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst
36 ///
37 /// merge_bb:
38 /// %t2 = phi i32 [ %t0, %then_bb ], [ %t1, %else_bb ]
39 /// br %normal_dst
40 ///
41 /// normal_dst:
42 /// %t3 = phi i32 [ %x, %orig_bb ], ...
43 ///
44 /// "orig_bb" is no longer a predecessor of "normal_dst", so the phi nodes in
45 /// "normal_dst" must be fixed to refer to "merge_bb":
46 ///
47 /// normal_dst:
48 /// %t3 = phi i32 [ %x, %merge_bb ], ...
49 ///
fixupPHINodeForNormalDest(InvokeInst * Invoke,BasicBlock * OrigBlock,BasicBlock * MergeBlock)50 static void fixupPHINodeForNormalDest(InvokeInst *Invoke, BasicBlock *OrigBlock,
51 BasicBlock *MergeBlock) {
52 for (PHINode &Phi : Invoke->getNormalDest()->phis()) {
53 int Idx = Phi.getBasicBlockIndex(OrigBlock);
54 if (Idx == -1)
55 continue;
56 Phi.setIncomingBlock(Idx, MergeBlock);
57 }
58 }
59
60 /// Fix-up phi nodes in an invoke instruction's unwind destination.
61 ///
62 /// After versioning an invoke instruction, values coming from the original
63 /// block will now be coming from either the "then" block or the "else" block.
64 /// For example, in the code below:
65 ///
66 /// then_bb:
67 /// %t0 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst
68 ///
69 /// else_bb:
70 /// %t1 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst
71 ///
72 /// unwind_dst:
73 /// %t3 = phi i32 [ %x, %orig_bb ], ...
74 ///
75 /// "orig_bb" is no longer a predecessor of "unwind_dst", so the phi nodes in
76 /// "unwind_dst" must be fixed to refer to "then_bb" and "else_bb":
77 ///
78 /// unwind_dst:
79 /// %t3 = phi i32 [ %x, %then_bb ], [ %x, %else_bb ], ...
80 ///
fixupPHINodeForUnwindDest(InvokeInst * Invoke,BasicBlock * OrigBlock,BasicBlock * ThenBlock,BasicBlock * ElseBlock)81 static void fixupPHINodeForUnwindDest(InvokeInst *Invoke, BasicBlock *OrigBlock,
82 BasicBlock *ThenBlock,
83 BasicBlock *ElseBlock) {
84 for (PHINode &Phi : Invoke->getUnwindDest()->phis()) {
85 int Idx = Phi.getBasicBlockIndex(OrigBlock);
86 if (Idx == -1)
87 continue;
88 auto *V = Phi.getIncomingValue(Idx);
89 Phi.setIncomingBlock(Idx, ThenBlock);
90 Phi.addIncoming(V, ElseBlock);
91 }
92 }
93
94 /// Create a phi node for the returned value of a call or invoke instruction.
95 ///
96 /// After versioning a call or invoke instruction that returns a value, we have
97 /// to merge the value of the original and new instructions. We do this by
98 /// creating a phi node and replacing uses of the original instruction with this
99 /// phi node.
100 ///
101 /// For example, if \p OrigInst is defined in "else_bb" and \p NewInst is
102 /// defined in "then_bb", we create the following phi node:
103 ///
104 /// ; Uses of the original instruction are replaced by uses of the phi node.
105 /// %t0 = phi i32 [ %orig_inst, %else_bb ], [ %new_inst, %then_bb ],
106 ///
createRetPHINode(Instruction * OrigInst,Instruction * NewInst,BasicBlock * MergeBlock,IRBuilder<> & Builder)107 static void createRetPHINode(Instruction *OrigInst, Instruction *NewInst,
108 BasicBlock *MergeBlock, IRBuilder<> &Builder) {
109
110 if (OrigInst->getType()->isVoidTy() || OrigInst->use_empty())
111 return;
112
113 Builder.SetInsertPoint(&MergeBlock->front());
114 PHINode *Phi = Builder.CreatePHI(OrigInst->getType(), 0);
115 SmallVector<User *, 16> UsersToUpdate;
116 for (User *U : OrigInst->users())
117 UsersToUpdate.push_back(U);
118 for (User *U : UsersToUpdate)
119 U->replaceUsesOfWith(OrigInst, Phi);
120 Phi->addIncoming(OrigInst, OrigInst->getParent());
121 Phi->addIncoming(NewInst, NewInst->getParent());
122 }
123
124 /// Cast a call or invoke instruction to the given type.
125 ///
126 /// When promoting a call site, the return type of the call site might not match
127 /// that of the callee. If this is the case, we have to cast the returned value
128 /// to the correct type. The location of the cast depends on if we have a call
129 /// or invoke instruction.
130 ///
131 /// For example, if the call instruction below requires a bitcast after
132 /// promotion:
133 ///
134 /// orig_bb:
135 /// %t0 = call i32 @func()
136 /// ...
137 ///
138 /// The bitcast is placed after the call instruction:
139 ///
140 /// orig_bb:
141 /// ; Uses of the original return value are replaced by uses of the bitcast.
142 /// %t0 = call i32 @func()
143 /// %t1 = bitcast i32 %t0 to ...
144 /// ...
145 ///
146 /// A similar transformation is performed for invoke instructions. However,
147 /// since invokes are terminating, a new block is created for the bitcast. For
148 /// example, if the invoke instruction below requires a bitcast after promotion:
149 ///
150 /// orig_bb:
151 /// %t0 = invoke i32 @func() to label %normal_dst unwind label %unwind_dst
152 ///
153 /// The edge between the original block and the invoke's normal destination is
154 /// split, and the bitcast is placed there:
155 ///
156 /// orig_bb:
157 /// %t0 = invoke i32 @func() to label %split_bb unwind label %unwind_dst
158 ///
159 /// split_bb:
160 /// ; Uses of the original return value are replaced by uses of the bitcast.
161 /// %t1 = bitcast i32 %t0 to ...
162 /// br label %normal_dst
163 ///
createRetBitCast(CallBase & CB,Type * RetTy,CastInst ** RetBitCast)164 static void createRetBitCast(CallBase &CB, Type *RetTy, CastInst **RetBitCast) {
165
166 // Save the users of the calling instruction. These uses will be changed to
167 // use the bitcast after we create it.
168 SmallVector<User *, 16> UsersToUpdate;
169 for (User *U : CB.users())
170 UsersToUpdate.push_back(U);
171
172 // Determine an appropriate location to create the bitcast for the return
173 // value. The location depends on if we have a call or invoke instruction.
174 Instruction *InsertBefore = nullptr;
175 if (auto *Invoke = dyn_cast<InvokeInst>(&CB))
176 InsertBefore =
177 &SplitEdge(Invoke->getParent(), Invoke->getNormalDest())->front();
178 else
179 InsertBefore = &*std::next(CB.getIterator());
180
181 // Bitcast the return value to the correct type.
182 auto *Cast = CastInst::CreateBitOrPointerCast(&CB, RetTy, "", InsertBefore);
183 if (RetBitCast)
184 *RetBitCast = Cast;
185
186 // Replace all the original uses of the calling instruction with the bitcast.
187 for (User *U : UsersToUpdate)
188 U->replaceUsesOfWith(&CB, Cast);
189 }
190
191 /// Predicate and clone the given call site.
192 ///
193 /// This function creates an if-then-else structure at the location of the call
194 /// site. The "if" condition compares the call site's called value to the given
195 /// callee. The original call site is moved into the "else" block, and a clone
196 /// of the call site is placed in the "then" block. The cloned instruction is
197 /// returned.
198 ///
199 /// For example, the call instruction below:
200 ///
201 /// orig_bb:
202 /// %t0 = call i32 %ptr()
203 /// ...
204 ///
205 /// Is replace by the following:
206 ///
207 /// orig_bb:
208 /// %cond = icmp eq i32 ()* %ptr, @func
209 /// br i1 %cond, %then_bb, %else_bb
210 ///
211 /// then_bb:
212 /// ; The clone of the original call instruction is placed in the "then"
213 /// ; block. It is not yet promoted.
214 /// %t1 = call i32 %ptr()
215 /// br merge_bb
216 ///
217 /// else_bb:
218 /// ; The original call instruction is moved to the "else" block.
219 /// %t0 = call i32 %ptr()
220 /// br merge_bb
221 ///
222 /// merge_bb:
223 /// ; Uses of the original call instruction are replaced by uses of the phi
224 /// ; node.
225 /// %t2 = phi i32 [ %t0, %else_bb ], [ %t1, %then_bb ]
226 /// ...
227 ///
228 /// A similar transformation is performed for invoke instructions. However,
229 /// since invokes are terminating, more work is required. For example, the
230 /// invoke instruction below:
231 ///
232 /// orig_bb:
233 /// %t0 = invoke %ptr() to label %normal_dst unwind label %unwind_dst
234 ///
235 /// Is replace by the following:
236 ///
237 /// orig_bb:
238 /// %cond = icmp eq i32 ()* %ptr, @func
239 /// br i1 %cond, %then_bb, %else_bb
240 ///
241 /// then_bb:
242 /// ; The clone of the original invoke instruction is placed in the "then"
243 /// ; block, and its normal destination is set to the "merge" block. It is
244 /// ; not yet promoted.
245 /// %t1 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst
246 ///
247 /// else_bb:
248 /// ; The original invoke instruction is moved into the "else" block, and
249 /// ; its normal destination is set to the "merge" block.
250 /// %t0 = invoke i32 %ptr() to label %merge_bb unwind label %unwind_dst
251 ///
252 /// merge_bb:
253 /// ; Uses of the original invoke instruction are replaced by uses of the
254 /// ; phi node, and the merge block branches to the normal destination.
255 /// %t2 = phi i32 [ %t0, %else_bb ], [ %t1, %then_bb ]
256 /// br %normal_dst
257 ///
258 /// An indirect musttail call is processed slightly differently in that:
259 /// 1. No merge block needed for the orginal and the cloned callsite, since
260 /// either one ends the flow. No phi node is needed either.
261 /// 2. The return statement following the original call site is duplicated too
262 /// and placed immediately after the cloned call site per the IR convention.
263 ///
264 /// For example, the musttail call instruction below:
265 ///
266 /// orig_bb:
267 /// %t0 = musttail call i32 %ptr()
268 /// ...
269 ///
270 /// Is replaced by the following:
271 ///
272 /// cond_bb:
273 /// %cond = icmp eq i32 ()* %ptr, @func
274 /// br i1 %cond, %then_bb, %orig_bb
275 ///
276 /// then_bb:
277 /// ; The clone of the original call instruction is placed in the "then"
278 /// ; block. It is not yet promoted.
279 /// %t1 = musttail call i32 %ptr()
280 /// ret %t1
281 ///
282 /// orig_bb:
283 /// ; The original call instruction stays in its original block.
284 /// %t0 = musttail call i32 %ptr()
285 /// ret %t0
versionCallSite(CallBase & CB,Value * Callee,MDNode * BranchWeights)286 static CallBase &versionCallSite(CallBase &CB, Value *Callee,
287 MDNode *BranchWeights) {
288
289 IRBuilder<> Builder(&CB);
290 CallBase *OrigInst = &CB;
291 BasicBlock *OrigBlock = OrigInst->getParent();
292
293 // Create the compare. The called value and callee must have the same type to
294 // be compared.
295 if (CB.getCalledOperand()->getType() != Callee->getType())
296 Callee = Builder.CreateBitCast(Callee, CB.getCalledOperand()->getType());
297 auto *Cond = Builder.CreateICmpEQ(CB.getCalledOperand(), Callee);
298
299 if (OrigInst->isMustTailCall()) {
300 // Create an if-then structure. The original instruction stays in its block,
301 // and a clone of the original instruction is placed in the "then" block.
302 Instruction *ThenTerm =
303 SplitBlockAndInsertIfThen(Cond, &CB, false, BranchWeights);
304 BasicBlock *ThenBlock = ThenTerm->getParent();
305 ThenBlock->setName("if.true.direct_targ");
306 CallBase *NewInst = cast<CallBase>(OrigInst->clone());
307 NewInst->insertBefore(ThenTerm);
308
309 // Place a clone of the optional bitcast after the new call site.
310 Value *NewRetVal = NewInst;
311 auto Next = OrigInst->getNextNode();
312 if (auto *BitCast = dyn_cast_or_null<BitCastInst>(Next)) {
313 assert(BitCast->getOperand(0) == OrigInst &&
314 "bitcast following musttail call must use the call");
315 auto NewBitCast = BitCast->clone();
316 NewBitCast->replaceUsesOfWith(OrigInst, NewInst);
317 NewBitCast->insertBefore(ThenTerm);
318 NewRetVal = NewBitCast;
319 Next = BitCast->getNextNode();
320 }
321
322 // Place a clone of the return instruction after the new call site.
323 ReturnInst *Ret = dyn_cast_or_null<ReturnInst>(Next);
324 assert(Ret && "musttail call must precede a ret with an optional bitcast");
325 auto NewRet = Ret->clone();
326 if (Ret->getReturnValue())
327 NewRet->replaceUsesOfWith(Ret->getReturnValue(), NewRetVal);
328 NewRet->insertBefore(ThenTerm);
329
330 // A return instructions is terminating, so we don't need the terminator
331 // instruction just created.
332 ThenTerm->eraseFromParent();
333
334 return *NewInst;
335 }
336
337 // Create an if-then-else structure. The original instruction is moved into
338 // the "else" block, and a clone of the original instruction is placed in the
339 // "then" block.
340 Instruction *ThenTerm = nullptr;
341 Instruction *ElseTerm = nullptr;
342 SplitBlockAndInsertIfThenElse(Cond, &CB, &ThenTerm, &ElseTerm, BranchWeights);
343 BasicBlock *ThenBlock = ThenTerm->getParent();
344 BasicBlock *ElseBlock = ElseTerm->getParent();
345 BasicBlock *MergeBlock = OrigInst->getParent();
346
347 ThenBlock->setName("if.true.direct_targ");
348 ElseBlock->setName("if.false.orig_indirect");
349 MergeBlock->setName("if.end.icp");
350
351 CallBase *NewInst = cast<CallBase>(OrigInst->clone());
352 OrigInst->moveBefore(ElseTerm);
353 NewInst->insertBefore(ThenTerm);
354
355 // If the original call site is an invoke instruction, we have extra work to
356 // do since invoke instructions are terminating. We have to fix-up phi nodes
357 // in the invoke's normal and unwind destinations.
358 if (auto *OrigInvoke = dyn_cast<InvokeInst>(OrigInst)) {
359 auto *NewInvoke = cast<InvokeInst>(NewInst);
360
361 // Invoke instructions are terminating, so we don't need the terminator
362 // instructions that were just created.
363 ThenTerm->eraseFromParent();
364 ElseTerm->eraseFromParent();
365
366 // Branch from the "merge" block to the original normal destination.
367 Builder.SetInsertPoint(MergeBlock);
368 Builder.CreateBr(OrigInvoke->getNormalDest());
369
370 // Fix-up phi nodes in the original invoke's normal and unwind destinations.
371 fixupPHINodeForNormalDest(OrigInvoke, OrigBlock, MergeBlock);
372 fixupPHINodeForUnwindDest(OrigInvoke, MergeBlock, ThenBlock, ElseBlock);
373
374 // Now set the normal destinations of the invoke instructions to be the
375 // "merge" block.
376 OrigInvoke->setNormalDest(MergeBlock);
377 NewInvoke->setNormalDest(MergeBlock);
378 }
379
380 // Create a phi node for the returned value of the call site.
381 createRetPHINode(OrigInst, NewInst, MergeBlock, Builder);
382
383 return *NewInst;
384 }
385
isLegalToPromote(const CallBase & CB,Function * Callee,const char ** FailureReason)386 bool llvm::isLegalToPromote(const CallBase &CB, Function *Callee,
387 const char **FailureReason) {
388 assert(!CB.getCalledFunction() && "Only indirect call sites can be promoted");
389
390 auto &DL = Callee->getParent()->getDataLayout();
391
392 // Check the return type. The callee's return value type must be bitcast
393 // compatible with the call site's type.
394 Type *CallRetTy = CB.getType();
395 Type *FuncRetTy = Callee->getReturnType();
396 if (CallRetTy != FuncRetTy)
397 if (!CastInst::isBitOrNoopPointerCastable(FuncRetTy, CallRetTy, DL)) {
398 if (FailureReason)
399 *FailureReason = "Return type mismatch";
400 return false;
401 }
402
403 // The number of formal arguments of the callee.
404 unsigned NumParams = Callee->getFunctionType()->getNumParams();
405
406 // The number of actual arguments in the call.
407 unsigned NumArgs = CB.arg_size();
408
409 // Check the number of arguments. The callee and call site must agree on the
410 // number of arguments.
411 if (NumArgs != NumParams && !Callee->isVarArg()) {
412 if (FailureReason)
413 *FailureReason = "The number of arguments mismatch";
414 return false;
415 }
416
417 // Check the argument types. The callee's formal argument types must be
418 // bitcast compatible with the corresponding actual argument types of the call
419 // site.
420 unsigned I = 0;
421 for (; I < NumParams; ++I) {
422 Type *FormalTy = Callee->getFunctionType()->getFunctionParamType(I);
423 Type *ActualTy = CB.getArgOperand(I)->getType();
424 if (FormalTy == ActualTy)
425 continue;
426 if (!CastInst::isBitOrNoopPointerCastable(ActualTy, FormalTy, DL)) {
427 if (FailureReason)
428 *FailureReason = "Argument type mismatch";
429 return false;
430 }
431 }
432 for (; I < NumArgs; I++) {
433 // Vararg functions can have more arguments than parameters.
434 assert(Callee->isVarArg());
435 if (CB.paramHasAttr(I, Attribute::StructRet)) {
436 if (FailureReason)
437 *FailureReason = "SRet arg to vararg function";
438 return false;
439 }
440 }
441
442 return true;
443 }
444
promoteCall(CallBase & CB,Function * Callee,CastInst ** RetBitCast)445 CallBase &llvm::promoteCall(CallBase &CB, Function *Callee,
446 CastInst **RetBitCast) {
447 assert(!CB.getCalledFunction() && "Only indirect call sites can be promoted");
448
449 // Set the called function of the call site to be the given callee (but don't
450 // change the type).
451 CB.setCalledOperand(Callee);
452
453 // Since the call site will no longer be direct, we must clear metadata that
454 // is only appropriate for indirect calls. This includes !prof and !callees
455 // metadata.
456 CB.setMetadata(LLVMContext::MD_prof, nullptr);
457 CB.setMetadata(LLVMContext::MD_callees, nullptr);
458
459 // If the function type of the call site matches that of the callee, no
460 // additional work is required.
461 if (CB.getFunctionType() == Callee->getFunctionType())
462 return CB;
463
464 // Save the return types of the call site and callee.
465 Type *CallSiteRetTy = CB.getType();
466 Type *CalleeRetTy = Callee->getReturnType();
467
468 // Change the function type of the call site the match that of the callee.
469 CB.mutateFunctionType(Callee->getFunctionType());
470
471 // Inspect the arguments of the call site. If an argument's type doesn't
472 // match the corresponding formal argument's type in the callee, bitcast it
473 // to the correct type.
474 auto CalleeType = Callee->getFunctionType();
475 auto CalleeParamNum = CalleeType->getNumParams();
476
477 LLVMContext &Ctx = Callee->getContext();
478 const AttributeList &CallerPAL = CB.getAttributes();
479 // The new list of argument attributes.
480 SmallVector<AttributeSet, 4> NewArgAttrs;
481 bool AttributeChanged = false;
482
483 for (unsigned ArgNo = 0; ArgNo < CalleeParamNum; ++ArgNo) {
484 auto *Arg = CB.getArgOperand(ArgNo);
485 Type *FormalTy = CalleeType->getParamType(ArgNo);
486 Type *ActualTy = Arg->getType();
487 if (FormalTy != ActualTy) {
488 auto *Cast = CastInst::CreateBitOrPointerCast(Arg, FormalTy, "", &CB);
489 CB.setArgOperand(ArgNo, Cast);
490
491 // Remove any incompatible attributes for the argument.
492 AttrBuilder ArgAttrs(CallerPAL.getParamAttributes(ArgNo));
493 ArgAttrs.remove(AttributeFuncs::typeIncompatible(FormalTy));
494
495 // If byval is used, this must be a pointer type, and the byval type must
496 // match the element type. Update it if present.
497 if (ArgAttrs.getByValType()) {
498 Type *NewTy = Callee->getParamByValType(ArgNo);
499 ArgAttrs.addByValAttr(
500 NewTy ? NewTy : cast<PointerType>(FormalTy)->getElementType());
501 }
502
503 NewArgAttrs.push_back(AttributeSet::get(Ctx, ArgAttrs));
504 AttributeChanged = true;
505 } else
506 NewArgAttrs.push_back(CallerPAL.getParamAttributes(ArgNo));
507 }
508
509 // If the return type of the call site doesn't match that of the callee, cast
510 // the returned value to the appropriate type.
511 // Remove any incompatible return value attribute.
512 AttrBuilder RAttrs(CallerPAL, AttributeList::ReturnIndex);
513 if (!CallSiteRetTy->isVoidTy() && CallSiteRetTy != CalleeRetTy) {
514 createRetBitCast(CB, CallSiteRetTy, RetBitCast);
515 RAttrs.remove(AttributeFuncs::typeIncompatible(CalleeRetTy));
516 AttributeChanged = true;
517 }
518
519 // Set the new callsite attribute.
520 if (AttributeChanged)
521 CB.setAttributes(AttributeList::get(Ctx, CallerPAL.getFnAttributes(),
522 AttributeSet::get(Ctx, RAttrs),
523 NewArgAttrs));
524
525 return CB;
526 }
527
promoteCallWithIfThenElse(CallBase & CB,Function * Callee,MDNode * BranchWeights)528 CallBase &llvm::promoteCallWithIfThenElse(CallBase &CB, Function *Callee,
529 MDNode *BranchWeights) {
530
531 // Version the indirect call site. If the called value is equal to the given
532 // callee, 'NewInst' will be executed, otherwise the original call site will
533 // be executed.
534 CallBase &NewInst = versionCallSite(CB, Callee, BranchWeights);
535
536 // Promote 'NewInst' so that it directly calls the desired function.
537 return promoteCall(NewInst, Callee);
538 }
539
tryPromoteCall(CallBase & CB)540 bool llvm::tryPromoteCall(CallBase &CB) {
541 assert(!CB.getCalledFunction());
542 Module *M = CB.getCaller()->getParent();
543 const DataLayout &DL = M->getDataLayout();
544 Value *Callee = CB.getCalledOperand();
545
546 LoadInst *VTableEntryLoad = dyn_cast<LoadInst>(Callee);
547 if (!VTableEntryLoad)
548 return false; // Not a vtable entry load.
549 Value *VTableEntryPtr = VTableEntryLoad->getPointerOperand();
550 APInt VTableOffset(DL.getTypeSizeInBits(VTableEntryPtr->getType()), 0);
551 Value *VTableBasePtr = VTableEntryPtr->stripAndAccumulateConstantOffsets(
552 DL, VTableOffset, /* AllowNonInbounds */ true);
553 LoadInst *VTablePtrLoad = dyn_cast<LoadInst>(VTableBasePtr);
554 if (!VTablePtrLoad)
555 return false; // Not a vtable load.
556 Value *Object = VTablePtrLoad->getPointerOperand();
557 APInt ObjectOffset(DL.getTypeSizeInBits(Object->getType()), 0);
558 Value *ObjectBase = Object->stripAndAccumulateConstantOffsets(
559 DL, ObjectOffset, /* AllowNonInbounds */ true);
560 if (!(isa<AllocaInst>(ObjectBase) && ObjectOffset == 0))
561 // Not an Alloca or the offset isn't zero.
562 return false;
563
564 // Look for the vtable pointer store into the object by the ctor.
565 BasicBlock::iterator BBI(VTablePtrLoad);
566 Value *VTablePtr = FindAvailableLoadedValue(
567 VTablePtrLoad, VTablePtrLoad->getParent(), BBI, 0, nullptr, nullptr);
568 if (!VTablePtr)
569 return false; // No vtable found.
570 APInt VTableOffsetGVBase(DL.getTypeSizeInBits(VTablePtr->getType()), 0);
571 Value *VTableGVBase = VTablePtr->stripAndAccumulateConstantOffsets(
572 DL, VTableOffsetGVBase, /* AllowNonInbounds */ true);
573 GlobalVariable *GV = dyn_cast<GlobalVariable>(VTableGVBase);
574 if (!(GV && GV->isConstant() && GV->hasDefinitiveInitializer()))
575 // Not in the form of a global constant variable with an initializer.
576 return false;
577
578 Constant *VTableGVInitializer = GV->getInitializer();
579 APInt VTableGVOffset = VTableOffsetGVBase + VTableOffset;
580 if (!(VTableGVOffset.getActiveBits() <= 64))
581 return false; // Out of range.
582 Constant *Ptr = getPointerAtOffset(VTableGVInitializer,
583 VTableGVOffset.getZExtValue(),
584 *M);
585 if (!Ptr)
586 return false; // No constant (function) pointer found.
587 Function *DirectCallee = dyn_cast<Function>(Ptr->stripPointerCasts());
588 if (!DirectCallee)
589 return false; // No function pointer found.
590
591 if (!isLegalToPromote(CB, DirectCallee))
592 return false;
593
594 // Success.
595 promoteCall(CB, DirectCallee);
596 return true;
597 }
598
599 #undef DEBUG_TYPE
600