| blob | b2a3f3390e000d69fcf9e4f1d55cff08945f3bd1 |
1 //===- BasicAliasAnalysis.cpp - Stateless Alias Analysis Impl -------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This file defines the primary stateless implementation of the
10 // Alias Analysis interface that implements identities (two different
11 // globals cannot alias, etc), but does no stateful analysis.
12 //
13 //===----------------------------------------------------------------------===//
58 #include <cassert>
59 #include <cstdint>
60 #include <cstdlib>
61 #include <optional>
62 #include <utility>
68 /// Enable analysis of recursive PHI nodes.
75 /// SearchLimitReached / SearchTimes shows how often the limit of
76 /// to decompose GEPs is reached. It will affect the precision
77 /// of basic alias analysis.
82 // The max limit of the search depth in DecomposeGEPExpression() and
83 // getUnderlyingObject().
88 // We don't care if this analysis itself is preserved, it has no state. But
89 // we need to check that the analyses it depends on have been. Note that we
90 // may be created without handles to some analyses and in that case don't
91 // depend on them.
96 // Otherwise this analysis result remains valid.
98 }
100 //===----------------------------------------------------------------------===//
101 // Useful predicates
102 //===----------------------------------------------------------------------===//
104 /// Returns the size of the object specified by V or UnknownSize if unknown.
111 ObjectSizeOpts Opts;
117 }
119 /// Returns true if we can prove that the object specified by V is smaller than
120 /// Size. Bails out early unless the root object is passed as the first
121 /// parameter.
126 // Note that the meanings of the "object" are slightly different in the
127 // following contexts:
128 // c1: llvm::getObjectSize()
129 // c2: llvm.objectsize() intrinsic
130 // c3: isObjectSmallerThan()
131 // c1 and c2 share the same meaning; however, the meaning of "object" in c3
132 // refers to the "entire object".
133 //
134 // Consider this example:
135 // char *p = (char*)malloc(100)
136 // char *q = p+80;
137 //
138 // In the context of c1 and c2, the "object" pointed by q refers to the
139 // stretch of memory of q[0:19]. So, getObjectSize(q) should return 20.
140 //
141 // In the context of c3, the "object" refers to the chunk of memory being
142 // allocated. So, the "object" has 100 bytes, and q points to the middle the
143 // "object". However, unless p, the root object, is passed as the first
144 // parameter, the call to isIdentifiedObject() makes isObjectSmallerThan()
145 // bail out early.
149 // This function needs to use the aligned object size because we allow
150 // reads a bit past the end given sufficient alignment.
155 }
157 /// Return the minimal extent from \p V to the end of the underlying object,
158 /// assuming the result is used in an aliasing query. E.g., we do use the query
159 /// location size and the fact that null pointers cannot alias here.
164 // If we have dereferenceability information we know a lower bound for the
165 // extent as accesses for a lower offset would be valid. We need to exclude
166 // the "or null" part if null is a valid pointer. We can ignore frees, as an
167 // access after free would be undefined behavior.
172 // If queried with a precise location size, we assume that location size to be
173 // accessed, thus valid.
177 }
179 /// Returns true if we can prove that the object specified by V has size Size.
185 }
187 /// Return true if both V1 and V2 are VScale
191 }
193 //===----------------------------------------------------------------------===//
194 // CaptureAnalysis implementations
195 //===----------------------------------------------------------------------===//
203 }
211 }
227 }
229 // No capturing instruction.
233 // No context instruction means any use is capturing.
241 }
244 }
252 }
253 }
255 //===----------------------------------------------------------------------===//
256 // GetElementPtr Instruction Decomposition and Analysis
257 //===----------------------------------------------------------------------===//
260 /// Represents zext(sext(trunc(V))).
266 /// Whether trunc(V) is non-negative.
277 SExtBits;
278 }
283 }
285 /// Replace V with zext(NewV)
290 // zext<nneg>(trunc(zext(NewV))) == zext<nneg>(trunc(NewV))
291 // The nneg can be preserved on the outer zext here.
293 IsNonNegative);
295 // zext(sext(zext(NewV))) == zext(zext(zext(NewV)))
297 // zext<nneg>(zext(NewV)) == zext(NewV)
298 // zext(zext<nneg>(NewV)) == zext<nneg>(NewV)
299 // The nneg can be preserved from the inner zext here but must be dropped
300 // from the outer.
302 ZExtNonNegative);
303 }
305 /// Replace V with sext(NewV)
310 // zext<nneg>(trunc(sext(NewV))) == zext<nneg>(trunc(NewV))
311 // The nneg can be preserved on the outer zext here
313 IsNonNegative);
315 // zext(sext(sext(NewV)))
317 // zext<nneg>(sext(sext(NewV))) = zext<nneg>(sext(NewV))
318 // The nneg can be preserved on the outer zext here
320 }
329 }
342 }
345 // zext(x op<nuw> y) == zext(x) op<nuw> zext(y)
346 // sext(x op<nsw> y) == sext(x) op<nsw> sext(y)
347 // trunc(x op y) == trunc(x) op trunc(y)
349 }
358 // If either CastedValue has a nneg zext then the sext/zext bits are
359 // interchangable for that value.
364 }
365 };
367 /// Represents zext(sext(trunc(V))) * Scale + Offset.
369 CastedValue Val;
370 APInt Scale;
371 APInt Offset;
373 /// True if all operations in this expression are NUW.
375 /// True if all operations in this expression are NSW.
387 }
390 // The check for zero offset is necessary, because generally
391 // (X +nsw Y) *nsw Z does not imply (X *nsw Z) +nsw (Y *nsw Z).
395 }
396 };
397 }
399 /// Analyzes the specified value as a linear expression: "A*V + B", where A and
400 /// B are constant integers.
404 // Limit our recursion depth.
415 // The only non-OBO case we deal with is or, and only limited to the
416 // case where it is both nuw and nsw.
421 }
425 // While we can distribute over trunc, we cannot preserve nowrap flags
426 // in that case.
433 // We don't understand this instruction, so we can't decompose it any
434 // further.
437 // X|C == X+C if it is disjoint. Otherwise we can't analyze it.
449 }
457 }
464 // We're trying to linearize an expression of the kind:
465 // shl i8 -128, 36
466 // where the shift count exceeds the bitwidth of the type.
467 // We can't decompose this further (the expression would return
468 // a poison value).
479 }
481 }
482 }
495 }
498 // A linear transformation of a Value; this class represents
499 // ZExt(SExt(Trunc(V, TruncBits), SExtBits), ZExtBits) * Scale.
501 CastedValue Val;
502 APInt Scale;
504 // Context instruction to use when querying information about this index.
507 /// True if all operations in this expression are NSW.
510 /// True if the index should be subtracted rather than added. We don't simply
511 /// negate the Scale, to avoid losing the NSW flag: X - INT_MIN*1 may be
512 /// non-wrapping, while X + INT_MIN*(-1) wraps.
519 }
524 }
533 }
534 };
535 }
537 // Represents the internal structure of a GEP, decomposed into a base pointer,
538 // constant offsets, and variable scaled indices.
540 // Base pointer of the GEP
542 // Total constant offset from base.
543 APInt Offset;
544 // Scaled variable (non-constant) indices.
546 // Nowrap flags common to all GEP operations involved in expression.
552 }
562 }
564 }
565 };
568 /// If V is a symbolic pointer expression, decompose it into a base pointer
569 /// with a constant offset and a number of scaled symbolic offsets.
570 ///
571 /// The scaled symbolic offsets (represented by pairs of a Value* and a scale
572 /// in the VarIndices vector) are Value*'s that are known to be scaled by the
573 /// specified amount, but which may have other unrepresented high bits. As
574 /// such, the gep cannot necessarily be reconstructed from its decomposed form.
578 // Limit recursion depth to limit compile time in crazy cases.
580 SearchTimes++;
584 DecomposedGEP Decomposed;
587 // See if this is a bitcast or GEP.
590 // The only non-operator case we can handle are GlobalAliases.
595 }
596 }
599 }
604 // Don't look through casts between address spaces with differing index
605 // widths.
609 }
612 }
617 // Look through single-arg phi nodes created by LCSSA.
621 }
623 // CaptureTracking can know about special capturing properties of some
624 // intrinsics like launder.invariant.group, that can't be expressed with
625 // the attributes, but have properties like returning aliasing pointer.
626 // Because some analysis may assume that nocaptured pointer is not
627 // returned from some special intrinsic (because function would have to
628 // be marked with returns attribute), it is crucial to use this function
629 // because it should be in sync with CaptureTracking. Not using it may
630 // cause weird miscompilations where 2 aliasing pointers are assumed to
631 // noalias.
635 }
636 }
640 }
642 // Track the common nowrap flags for all GEPs we see.
647 // Walk the indices of the GEP, accumulating them into BaseOff/VarIndices.
652 // Compute the (potentially symbolic) offset in bytes for this index.
654 // For a struct, add the member offset.
661 }
663 // For an array/pointer, add the element offset, explicitly scaled.
668 // Don't attempt to analyze GEPs if the scalable index is not zero.
673 }
678 }
684 }
686 // If the integer type is smaller than the index size, it is implicitly
687 // sign extended or truncated to index size.
697 // Scale by the type size.
705 // If we already had an occurrence of this index variable, merge this
706 // scale into it. For example, we want to handle:
707 // A[x][x] -> x*16 + x*4 -> x*20
708 // This also ensures that 'x' only appears in the index list once.
714 // We cannot guarantee no-wrap for the merge.
718 }
719 }
725 }
726 }
728 // Analyze the base pointer next.
732 // If the chain of expressions is too deep, just return early.
734 SearchLimitReached++;
736 }
754 // Ignore allocas if we were instructed to do so.
758 // If the location points to memory that is known to be invariant for
759 // the life of the underlying SSA value, then we can exclude Mod from
760 // the set of valid memory effects.
761 //
762 // An argument that is marked readonly and noalias is known to be
763 // invariant while that function is executing.
768 }
769 }
771 // A global constant can't be mutated.
773 // Note: this doesn't require GV to be "ODR" because it isn't legal for a
774 // global to be marked constant in some modules and non-constant in
775 // others. GV may even be a declaration, not a definition.
779 }
781 // If both select values point to local memory, then so does the select.
786 }
788 // If all values incoming to a phi node point to local memory, then so does
789 // the phi.
791 // Don't bother inspecting phi nodes with many operands.
796 }
798 // Otherwise be conservative.
802 // If we hit the maximum number of instructions to examine, be conservative.
807 }
812 }
814 /// Returns the behavior when calling the given call site.
821 // Operand bundles on the call may also read or write memory, in addition
822 // to the behavior of the called function.
828 }
831 }
833 /// Returns the behavior when calling the given function. For use when the call
834 /// site is not known.
839 // These intrinsics can read arbitrary memory, and additionally modref
840 // inaccessible memory to model control dependence.
843 }
846 }
860 }
862 #ifndef NDEBUG
868 }
874 }
882 }
883 #endif
891 }
893 /// Checks to see if the specified callsite can clobber the specified memory
894 /// object.
895 ///
896 /// Since we only look at local properties of this function, we really can't
897 /// say much about this query. We do, however, use simple "address taken"
898 /// analysis on local objects.
907 // Calls marked 'tail' cannot read or write allocas from the current frame
908 // because the current frame might be destroyed by the time they run. However,
909 // a tail call may use an alloca with byval. Calling with byval copies the
910 // contents of the alloca into argument registers or stack slots, so there is
911 // no lifetime issue.
918 // Stack restore is able to modify unescaped dynamic allocas. Assume it may
919 // modify them even though the alloca is not escaped.
924 // A call can access a locally allocated object either because it is passed as
925 // an argument to the call, or because it has escaped prior to the call.
926 //
927 // Make sure the object has not escaped here, and then check that none of the
928 // call arguments alias the object below.
929 //
930 // We model calls that can return twice (setjmp) as clobbering non-escaping
931 // objects, to model any accesses that may occur prior to the second return.
932 // As an exception, ignore allocas, as setjmp is not required to preserve
933 // non-volatile stores for them.
938 // Optimistically assume that call doesn't touch Object and check this
939 // assumption in the following loop.
948 // Call doesn't access memory through this operand, so we don't care
949 // if it aliases with Object.
953 // If this is a no-capture pointer argument, see if we can tell that it
954 // is impossible to alias the pointer we're checking.
955 AliasResult AR =
958 // Operand doesn't alias 'Object', continue looking for other aliases
961 // Operand aliases 'Object', but call doesn't modify it. Strengthen
962 // initial assumption and keep looking in case if there are more aliases.
966 }
967 // Operand aliases 'Object' but call only writes into it.
971 }
972 // This operand aliases 'Object' and call reads and writes into it.
973 // Setting ModRef will not yield an early return below, MustAlias is not
974 // used further.
977 }
979 // Early return if we improved mod ref information
982 }
984 // If the call is malloc/calloc like, we can assume that it doesn't
985 // modify any IR visible value. This is only valid because we assume these
986 // routines do not read values visible in the IR. TODO: Consider special
987 // casing realloc and strdup routines which access only their arguments as
988 // well. Or alternatively, replace all of this with inaccessiblememonly once
989 // that's implemented fully.
991 // Be conservative if the accessed pointer may alias the allocation -
992 // fallback to the generic handling below.
996 }
998 // Like assumes, invariant.start intrinsics were also marked as arbitrarily
999 // writing so that proper control dependencies are maintained but they never
1000 // mod any particular memory location visible to the IR.
1001 // *Unlike* assumes (which are now modeled as NoModRef), invariant.start
1002 // intrinsic is now modeled as reading memory. This prevents hoisting the
1003 // invariant.start intrinsic over stores. Consider:
1004 // *ptr = 40;
1005 // *ptr = 50;
1006 // invariant_start(ptr)
1007 // int val = *ptr;
1008 // print(val);
1009 //
1010 // This cannot be transformed to:
1011 //
1012 // *ptr = 40;
1013 // invariant_start(ptr)
1014 // *ptr = 50;
1015 // int val = *ptr;
1016 // print(val);
1017 //
1018 // The transformation will cause the second store to be ignored (based on
1019 // rules of invariant.start) and print 40, while the first program always
1020 // prints 50.
1024 // Be conservative.
1026 }
1031 // Guard intrinsics are marked as arbitrarily writing so that proper control
1032 // dependencies are maintained but they never mods any particular memory
1033 // location.
1034 //
1035 // *Unlike* assumes, guard intrinsics are modeled as reading memory since the
1036 // heap state at the point the guard is issued needs to be consistent in case
1037 // the guard invokes the "deopt" continuation.
1039 // NB! This function is *not* commutative, so we special case two
1040 // possibilities for guard intrinsics.
1052 // Be conservative.
1054 }
1056 /// Provides a bunch of ad-hoc rules to disambiguate a GEP instruction against
1057 /// another pointer.
1058 ///
1059 /// We know that V1 is a GEP, but we don't know anything about V2.
1060 /// UnderlyingV1 is getUnderlyingObject(GEP1), UnderlyingV2 is the same for
1061 /// V2.
1067 AliasResult BaseAlias =
1072 };
1075 // TODO: This limitation exists for compile-time reasons. Relax it if we
1076 // can avoid exponential pathological cases.
1080 // If both accesses have unknown size, we can only check whether the base
1081 // objects don't alias.
1083 }
1089 // Bail if we were not able to decompose anything.
1093 // Fall back to base objects if pointers have different index widths.
1097 // Swap GEP1 and GEP2 if GEP2 has more variable indices.
1102 }
1104 // Subtract the GEP2 pointer from the GEP1 pointer to find out their
1105 // symbolic difference.
1108 // If an inbounds GEP would have to start from an out of bounds address
1109 // for the two to alias, then we can assume noalias.
1110 // TODO: Remove !isScalable() once BasicAA fully support scalable location
1111 // size
1119 // Symmetric case to above.
1126 // For GEPs with identical offsets, we can preserve the size and AAInfo
1127 // when performing the alias check on the underlying objects.
1132 // Do the base pointers alias?
1133 AliasResult BaseAlias =
1137 // If we get a No or May, then return it immediately, no amount of analysis
1138 // will improve this situation.
1143 }
1145 // If there is a constant difference between the pointers, but the difference
1146 // is less than the size of the associated memory object, then we know
1147 // that the objects are partially overlapping. If the difference is
1148 // greater, we know they do not overlap.
1152 // Initialize for Off >= 0 (V2 <= GEP1) case.
1158 // Swap if we have the situation where:
1159 // + +
1160 // | BaseOffset |
1161 // ---------------->|
1162 // |-->V1Size |-------> V2Size
1163 // GEP1 V2
1166 }
1174 // Conservatively drop processing if a phi was visited and/or offset is
1175 // too big.
1179 // Memory referenced by right pointer is nested. Save the offset in
1180 // cache. Note that originally offset estimated as GEP1-V2, but
1181 // AliasResult contains the shift that represents GEP1+Offset=V2.
1184 }
1186 }
1189 // We can use the getVScaleRange to prove that Off >= (CR.upper * LSize).
1196 }
1197 }
1199 // VScale Alias Analysis - Given one scalable offset between accesses and a
1200 // scalable typesize, we can divide each side by vscale, treating both values
1201 // as a constant. We prove that Offset/vscale >= TypeSize/vscale.
1208 APInt Scale =
1212 // Check if the offset is known to not overflow, if it does then attempt to
1213 // prove it with the known values of vscale_range.
1218 }
1221 // Note that we do not check that the typesize is scalable, as vscale >= 1
1222 // so noalias still holds so long as the dependency distance is at least
1223 // as big as the typesize.
1227 }
1228 }
1230 // If the difference between pointers is Offset +<nuw> Indices then we know
1231 // that the addition does not wrap the pointer index type (add nuw) and the
1232 // constant Offset is a lower bound on the distance between the pointers. We
1233 // can then prove NoAlias via Offset u>= VLeftSize.
1234 // + + +
1235 // | BaseOffset | +<nuw> Indices |
1236 // ---------------->|-------------------->|
1237 // |-->V2Size | |-------> V1Size
1238 // LHS RHS
1244 // Bail on analysing scalable LocationSize
1248 // We need to know both acess sizes for all the following heuristics.
1252 APInt GCD;
1259 ScaleForGCD =
1264 else
1269 KnownBits Known =
1280 else
1285 else
1287 }
1289 // We now have accesses at two offsets from the same base:
1290 // 1. (...)*GCD + DecompGEP1.Offset with size V1Size
1291 // 2. 0 with size V2Size
1292 // Using arithmetic modulo GCD, the accesses are at
1293 // [ModOffset..ModOffset+V1Size) and [0..V2Size). If the first access fits
1294 // into the range [V2Size..GCD), then we know they cannot overlap.
1302 // Compute ranges of potentially accessed bytes for both accesses. If the
1303 // interseciton is empty, there can be no overlap.
1307 ConstantRange Range2 =
1312 // Try to determine the range of values for VarIndex such that
1313 // VarIndex <= -MinAbsVarIndex || MinAbsVarIndex <= VarIndex.
1316 // VarIndex = Scale*V.
1320 // Check if abs(V*Scale) >= abs(Scale) holds in the presence of
1321 // potentially wrapping math.
1327 // If Scale is small enough so that abs(V*Scale) >= abs(Scale) holds.
1328 // The max value of abs(V) is 2^ValOrigBW - 1. Multiplying with a
1329 // constant smaller than 2^(bitwidth(Val) - ValOrigBW) won't wrap.
1335 };
1336 // Refine MinAbsVarIndex, if abs(Scale*V) >= abs(Scale) holds in the
1337 // presence of potentially wrapping math.
1339 // If V != 0 then abs(VarIndex) >= abs(Scale).
1341 }
1342 }
1344 // VarIndex = Scale*V0 + (-Scale)*V1.
1345 // If V0 != V1 then abs(VarIndex) >= abs(Scale).
1346 // Check that MayBeCrossIteration is false, to avoid reasoning about
1347 // inequality of values across loop iterations.
1353 DT))
1355 }
1358 // The constant offset will have added at least +/-MinAbsVarIndex to it.
1361 // We know that Offset <= OffsetLo || Offset >= OffsetHi
1365 }
1370 // Statically, we can see that the base objects are the same, but the
1371 // pointers have dynamic offsets which we can't resolve. And none of our
1372 // little tricks above worked.
1374 }
1377 // If the results agree, take it.
1380 // A mix of PartialAlias and MustAlias is PartialAlias.
1384 // Otherwise, we don't know anything.
1386 }
1388 /// Provides a bunch of ad-hoc rules to disambiguate a Select instruction
1389 /// against another.
1390 AliasResult
1394 // If the values are Selects with the same condition, we can do a more precise
1395 // check: just check for aliases between the values on corresponding arms.
1398 AAQI)) {
1399 AliasResult Alias =
1404 AliasResult ThisAlias =
1408 }
1410 // If both arms of the Select node NoAlias or MustAlias V2, then returns
1411 // NoAlias / MustAlias. Otherwise, returns MayAlias.
1417 AliasResult ThisAlias =
1421 }
1423 /// Provide a bunch of ad-hoc rules to disambiguate a PHI instruction against
1424 /// another.
1430 // If the values are PHIs in the same block, we can do a more precise
1431 // as well as efficient check: just check for aliases between the values
1432 // on corresponding edges. Don't do this if we are analyzing across
1433 // iterations, as we may pick a different phi entry in different iterations.
1442 AAQI);
1445 else
1449 }
1451 }
1454 // If a phi operand recurses back to the phi, we can still determine NoAlias
1455 // if we don't alias the underlying objects of the other phi operands, as we
1456 // know that the recursive phi needs to be based on them in some way.
1464 }
1466 };
1471 // Skip the phi itself being the incoming value.
1477 // To control potential compile time explosion, we choose to be
1478 // conserviate when we have more than one Phi input. It is important
1479 // that we handle the single phi case as that lets us handle LCSSA
1480 // phi nodes and (combined with the recursive phi handling) simple
1481 // pointer induction variable patterns.
1483 }
1485 }
1492 }
1495 // Out of an abundance of caution, allow only the trivial lcssa and
1496 // recursive phi cases.
1499 // If V1Srcs is empty then that means that the phi has no underlying non-phi
1500 // value. This should only be possible in blocks unreachable from the entry
1501 // block, but return MayAlias just in case.
1505 // If this PHI node is recursive, indicate that the pointer may be moved
1506 // across iterations. We can only prove NoAlias if different underlying
1507 // objects are involved.
1511 // In the recursive alias queries below, we may compare values from two
1512 // different loop iterations.
1518 // Early exit if the check of the first PHI source against V2 is MayAlias.
1519 // Other results are not possible.
1522 // With recursive phis we cannot guarantee that MustAlias/PartialAlias will
1523 // remain valid to all elements and needs to conservatively return MayAlias.
1527 // If all sources of the PHI node NoAlias or MustAlias V2, then returns
1528 // NoAlias / MustAlias. Otherwise, returns MayAlias.
1537 }
1540 }
1542 /// Provides a bunch of ad-hoc rules to disambiguate in common cases, such as
1543 /// array references.
1548 // If either of the memory references is empty, it doesn't matter what the
1549 // pointer values are.
1553 // Strip off any casts if they exist.
1557 // If V1 or V2 is undef, the result is NoAlias because we can always pick a
1558 // value for undef that aliases nothing in the program.
1562 // Are we checking for alias of the same value?
1563 // Because we look 'through' phi nodes, we could look at "Value" pointers from
1564 // different iterations. We must therefore make sure that this is not the
1565 // case. The function isValueEqualInPotentialCycles ensures that this cannot
1566 // happen by looking at the visited phi nodes and making sure they cannot
1567 // reach the value.
1574 // Figure out what objects these things are pointing to if we can.
1578 // Null values in the default address space don't point to any object, so they
1579 // don't alias any other pointer.
1588 // If V1/V2 point to two different objects, we know that we have no alias.
1592 // Function arguments can't alias with things that are known to be
1593 // unambigously identified at the function level.
1598 // If one pointer is the result of a call/invoke or load and the other is a
1599 // non-escaping local object within the same function, then we know the
1600 // object couldn't escape to a point where the call could return it.
1601 //
1602 // Note that if the pointers are in different functions, there are a
1603 // variety of complications. A call with a nocapture argument may still
1604 // temporary store the nocapture argument's value in a temporary memory
1605 // location if that memory location doesn't escape. Or it may pass a
1606 // nocapture value to other functions as long as they don't capture it.
1613 }
1615 // If the size of one access is larger than the entire object on the other
1616 // side, then we know such behavior is undefined and can assume no alias.
1637 // This is often a no-op; instcombine rewrites this for us. No-op
1638 // getUnderlyingObject calls are fast, though.
1647 }
1653 }
1655 };
1658 // Note that we go back to V1 and V2 for the
1659 // ValidAssumeForPtrContext checks; they're dominated by O1 and O2,
1660 // so strictly more assumptions are valid for them.
1665 }
1666 }
1667 }
1668 }
1669 }
1671 // If one the accesses may be before the accessed pointer, canonicalize this
1672 // by using unknown after-pointer sizes for both accesses. This is
1673 // equivalent, because regardless of which pointer is lower, one of them
1674 // will always came after the other, as long as the underlying objects aren't
1675 // disjoint. We do this so that the rest of BasicAA does not have to deal
1676 // with accesses before the base pointer, and to improve cache utilization by
1677 // merging equivalent states.
1681 }
1683 // FIXME: If this depth limit is hit, then we may cache sub-optimal results
1684 // for recursive queries. For this reason, this limit is chosen to be large
1685 // enough to be very rarely hit, while still being small enough to avoid
1686 // stack overflows.
1690 // Check the cache before climbing up use-def chains. This also terminates
1691 // otherwise infinitely recursive queries. Include MayBeCrossIteration in the
1692 // cache key, because some cases where MayBeCrossIteration==false returns
1693 // MustAlias or NoAlias may become MayAlias under MayBeCrossIteration==true.
1704 // Remember that we used an assumption. This may either be a direct use
1705 // of an assumption, or a use of an entry that may itself be based on an
1706 // assumption.
1710 }
1711 // Cache contains sorted {V1,V2} pairs but we should return original order.
1715 }
1719 AliasResult Result =
1726 // Check whether a NoAlias assumption has been used, but disproven.
1732 // This is a definitive result now, when considered as a root query.
1735 // Cache contains sorted {V1,V2} pairs.
1738 // If the assumption has been disproven, remove any results that may have
1739 // been based on this assumption. Do this after the Entry updates above to
1740 // avoid iterator invalidation.
1745 // The result may still be based on assumptions higher up in the chain.
1746 // Remember it, so it can be purged from the cache later.
1753 }
1755 // Depth is incremented before this function is called, so Depth==1 indicates
1756 // a root query.
1758 // Any remaining assumption based results must be based on proven
1759 // assumptions, so convert them to definitive results.
1764 }
1767 }
1769 }
1784 }
1795 }
1806 }
1808 // If both pointers are pointing into the same object and one of them
1809 // accesses the entire object, then the accesses must overlap in some way.
1816 }
1819 }
1821 /// Check whether two Values can be considered equivalent.
1822 ///
1823 /// If the values may come from different cycle iterations, this will also
1824 /// check that the values are not part of cycle. We have to do this because we
1825 /// are looking through phi nodes, that is we say
1826 /// noalias(V, phi(VA, VB)) if noalias(V, VA) and noalias(V, VB).
1836 // Non-instructions and instructions in the entry block cannot be part of
1837 // a loop.
1843 }
1845 /// Computes the symbolic difference between two de-composed GEPs.
1849 // Drop nuw flag from GEP if subtraction of constant offsets overflows in an
1850 // unsigned sense.
1856 // Find V in Dest. This is N^2, but pointer indices almost never have more
1857 // than a few variable indexes.
1866 // Normalize IsNegated if we're going to lose the NSW flag anyway.
1871 }
1873 // If we found it, subtract off Scale V's from the entry in Dest. If it
1874 // goes to zero, remove the entry.
1876 // Drop nuw flag from GEP if subtraction of V's Scale overflows in an
1877 // unsigned sense.
1885 }
1888 }
1890 // If we didn't consume this entry, add it to the end of the Dest list.
1896 // Drop nuw flag when we have unconsumed variable indices from SrcGEP.
1898 }
1899 }
1900 }
1903 LocationSize MaybeV1Size,
1904 LocationSize MaybeV2Size,
1922 // We'll strip off the Extensions of Var0 and Var1 and do another round
1923 // of GetLinearExpression decomposition. In the example above, if Var0
1924 // is zext(%x + 1) we should get V1 == %x and V1Offset == 1.
1926 LinearExpression E0 =
1928 LinearExpression E1 =
1934 // We have a hit - Var0 and Var1 only differ by a constant offset!
1936 // If we've been sext'ed then zext'd the maximum difference between Var0 and
1937 // Var1 is possible to calculate, but we're just interested in the absolute
1938 // minimum difference between the two. The minimum distance may occur due to
1939 // wrapping; consider "add i3 %i, 5": if %i == 7 then 7 + 5 mod 8 == 4, and so
1940 // the minimum distance between %i and %i + 5 is 3.
1943 APInt MinDiffBytes =
1946 // We can't definitely say whether GEP1 is before or after V2 due to wrapping
1947 // arithmetic (i.e. for some values of GEP1 and V2 GEP1 < V2, and for other
1948 // values GEP1 > V2). We'll therefore only declare NoAlias if both V1Size and
1949 // V2Size can fit in the MinDiffBytes gap.
1952 }
1954 //===----------------------------------------------------------------------===//
1955 // BasicAliasAnalysis Pass
1956 //===----------------------------------------------------------------------===//
1965 }
1969 }
1985 }
1997 }
2004 }