1 //===- ObjCARCAnalysisUtils.h - ObjC ARC Analysis Utilities -----*- C++ -*-===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 /// \file
9 /// This file defines common analysis utilities used by the ObjC ARC Optimizer.
10 /// ARC stands for Automatic Reference Counting and is a system for managing
11 /// reference counts for objects in Objective C.
12 ///
13 /// WARNING: This file knows about certain library functions. It recognizes them
14 /// by name, and hardwires knowledge of their semantics.
15 ///
16 /// WARNING: This file knows about how certain Objective-C library functions are
17 /// used. Naive LLVM IR transformations which would otherwise be
18 /// behavior-preserving may break these assumptions.
19 ///
20 //===----------------------------------------------------------------------===//
21
22 #ifndef LLVM_LIB_ANALYSIS_OBJCARCANALYSISUTILS_H
23 #define LLVM_LIB_ANALYSIS_OBJCARCANALYSISUTILS_H
24
25 #include "llvm/ADT/Optional.h"
26 #include "llvm/Analysis/AliasAnalysis.h"
27 #include "llvm/Analysis/ObjCARCInstKind.h"
28 #include "llvm/Analysis/ValueTracking.h"
29 #include "llvm/IR/Constants.h"
30 #include "llvm/IR/Module.h"
31 #include "llvm/IR/ValueHandle.h"
32
33 namespace llvm {
34 namespace objcarc {
35
36 /// A handy option to enable/disable all ARC Optimizations.
37 extern bool EnableARCOpts;
38
39 /// Test if the given module looks interesting to run ARC optimization
40 /// on.
ModuleHasARC(const Module & M)41 inline bool ModuleHasARC(const Module &M) {
42 return
43 M.getNamedValue("llvm.objc.retain") ||
44 M.getNamedValue("llvm.objc.release") ||
45 M.getNamedValue("llvm.objc.autorelease") ||
46 M.getNamedValue("llvm.objc.retainAutoreleasedReturnValue") ||
47 M.getNamedValue("llvm.objc.unsafeClaimAutoreleasedReturnValue") ||
48 M.getNamedValue("llvm.objc.retainBlock") ||
49 M.getNamedValue("llvm.objc.autoreleaseReturnValue") ||
50 M.getNamedValue("llvm.objc.autoreleasePoolPush") ||
51 M.getNamedValue("llvm.objc.loadWeakRetained") ||
52 M.getNamedValue("llvm.objc.loadWeak") ||
53 M.getNamedValue("llvm.objc.destroyWeak") ||
54 M.getNamedValue("llvm.objc.storeWeak") ||
55 M.getNamedValue("llvm.objc.initWeak") ||
56 M.getNamedValue("llvm.objc.moveWeak") ||
57 M.getNamedValue("llvm.objc.copyWeak") ||
58 M.getNamedValue("llvm.objc.retainedObject") ||
59 M.getNamedValue("llvm.objc.unretainedObject") ||
60 M.getNamedValue("llvm.objc.unretainedPointer") ||
61 M.getNamedValue("llvm.objc.clang.arc.use");
62 }
63
64 /// This is a wrapper around getUnderlyingObject which also knows how to
65 /// look through objc_retain and objc_autorelease calls, which we know to return
66 /// their argument verbatim.
GetUnderlyingObjCPtr(const Value * V,const DataLayout & DL)67 inline const Value *GetUnderlyingObjCPtr(const Value *V,
68 const DataLayout &DL) {
69 for (;;) {
70 V = GetUnderlyingObject(V, DL);
71 if (!IsForwarding(GetBasicARCInstKind(V)))
72 break;
73 V = cast<CallInst>(V)->getArgOperand(0);
74 }
75
76 return V;
77 }
78
79 /// A wrapper for GetUnderlyingObjCPtr used for results memoization.
80 inline const Value *
GetUnderlyingObjCPtrCached(const Value * V,const DataLayout & DL,DenseMap<const Value *,WeakTrackingVH> & Cache)81 GetUnderlyingObjCPtrCached(const Value *V, const DataLayout &DL,
82 DenseMap<const Value *, WeakTrackingVH> &Cache) {
83 if (auto InCache = Cache.lookup(V))
84 return InCache;
85
86 const Value *Computed = GetUnderlyingObjCPtr(V, DL);
87 Cache[V] = const_cast<Value *>(Computed);
88 return Computed;
89 }
90
91 /// The RCIdentity root of a value \p V is a dominating value U for which
92 /// retaining or releasing U is equivalent to retaining or releasing V. In other
93 /// words, ARC operations on \p V are equivalent to ARC operations on \p U.
94 ///
95 /// We use this in the ARC optimizer to make it easier to match up ARC
96 /// operations by always mapping ARC operations to RCIdentityRoots instead of
97 /// pointers themselves.
98 ///
99 /// The two ways that we see RCIdentical values in ObjC are via:
100 ///
101 /// 1. PointerCasts
102 /// 2. Forwarding Calls that return their argument verbatim.
103 ///
104 /// Thus this function strips off pointer casts and forwarding calls. *NOTE*
105 /// This implies that two RCIdentical values must alias.
GetRCIdentityRoot(const Value * V)106 inline const Value *GetRCIdentityRoot(const Value *V) {
107 for (;;) {
108 V = V->stripPointerCasts();
109 if (!IsForwarding(GetBasicARCInstKind(V)))
110 break;
111 V = cast<CallInst>(V)->getArgOperand(0);
112 }
113 return V;
114 }
115
116 /// Helper which calls const Value *GetRCIdentityRoot(const Value *V) and just
117 /// casts away the const of the result. For documentation about what an
118 /// RCIdentityRoot (and by extension GetRCIdentityRoot is) look at that
119 /// function.
GetRCIdentityRoot(Value * V)120 inline Value *GetRCIdentityRoot(Value *V) {
121 return const_cast<Value *>(GetRCIdentityRoot((const Value *)V));
122 }
123
124 /// Assuming the given instruction is one of the special calls such as
125 /// objc_retain or objc_release, return the RCIdentity root of the argument of
126 /// the call.
GetArgRCIdentityRoot(Value * Inst)127 inline Value *GetArgRCIdentityRoot(Value *Inst) {
128 return GetRCIdentityRoot(cast<CallInst>(Inst)->getArgOperand(0));
129 }
130
IsNullOrUndef(const Value * V)131 inline bool IsNullOrUndef(const Value *V) {
132 return isa<ConstantPointerNull>(V) || isa<UndefValue>(V);
133 }
134
IsNoopInstruction(const Instruction * I)135 inline bool IsNoopInstruction(const Instruction *I) {
136 return isa<BitCastInst>(I) ||
137 (isa<GetElementPtrInst>(I) &&
138 cast<GetElementPtrInst>(I)->hasAllZeroIndices());
139 }
140
141 /// Test whether the given value is possible a retainable object pointer.
IsPotentialRetainableObjPtr(const Value * Op)142 inline bool IsPotentialRetainableObjPtr(const Value *Op) {
143 // Pointers to static or stack storage are not valid retainable object
144 // pointers.
145 if (isa<Constant>(Op) || isa<AllocaInst>(Op))
146 return false;
147 // Special arguments can not be a valid retainable object pointer.
148 if (const Argument *Arg = dyn_cast<Argument>(Op))
149 if (Arg->hasPassPointeeByValueAttr() || Arg->hasNestAttr() ||
150 Arg->hasStructRetAttr())
151 return false;
152 // Only consider values with pointer types.
153 //
154 // It seemes intuitive to exclude function pointer types as well, since
155 // functions are never retainable object pointers, however clang occasionally
156 // bitcasts retainable object pointers to function-pointer type temporarily.
157 PointerType *Ty = dyn_cast<PointerType>(Op->getType());
158 if (!Ty)
159 return false;
160 // Conservatively assume anything else is a potential retainable object
161 // pointer.
162 return true;
163 }
164
IsPotentialRetainableObjPtr(const Value * Op,AliasAnalysis & AA)165 inline bool IsPotentialRetainableObjPtr(const Value *Op,
166 AliasAnalysis &AA) {
167 // First make the rudimentary check.
168 if (!IsPotentialRetainableObjPtr(Op))
169 return false;
170
171 // Objects in constant memory are not reference-counted.
172 if (AA.pointsToConstantMemory(Op))
173 return false;
174
175 // Pointers in constant memory are not pointing to reference-counted objects.
176 if (const LoadInst *LI = dyn_cast<LoadInst>(Op))
177 if (AA.pointsToConstantMemory(LI->getPointerOperand()))
178 return false;
179
180 // Otherwise assume the worst.
181 return true;
182 }
183
184 /// Helper for GetARCInstKind. Determines what kind of construct CS
185 /// is.
GetCallSiteClass(const CallBase & CB)186 inline ARCInstKind GetCallSiteClass(const CallBase &CB) {
187 for (auto I = CB.arg_begin(), E = CB.arg_end(); I != E; ++I)
188 if (IsPotentialRetainableObjPtr(*I))
189 return CB.onlyReadsMemory() ? ARCInstKind::User : ARCInstKind::CallOrUser;
190
191 return CB.onlyReadsMemory() ? ARCInstKind::None : ARCInstKind::Call;
192 }
193
194 /// Return true if this value refers to a distinct and identifiable
195 /// object.
196 ///
197 /// This is similar to AliasAnalysis's isIdentifiedObject, except that it uses
198 /// special knowledge of ObjC conventions.
IsObjCIdentifiedObject(const Value * V)199 inline bool IsObjCIdentifiedObject(const Value *V) {
200 // Assume that call results and arguments have their own "provenance".
201 // Constants (including GlobalVariables) and Allocas are never
202 // reference-counted.
203 if (isa<CallInst>(V) || isa<InvokeInst>(V) ||
204 isa<Argument>(V) || isa<Constant>(V) ||
205 isa<AllocaInst>(V))
206 return true;
207
208 if (const LoadInst *LI = dyn_cast<LoadInst>(V)) {
209 const Value *Pointer =
210 GetRCIdentityRoot(LI->getPointerOperand());
211 if (const GlobalVariable *GV = dyn_cast<GlobalVariable>(Pointer)) {
212 // A constant pointer can't be pointing to an object on the heap. It may
213 // be reference-counted, but it won't be deleted.
214 if (GV->isConstant())
215 return true;
216 StringRef Name = GV->getName();
217 // These special variables are known to hold values which are not
218 // reference-counted pointers.
219 if (Name.startswith("\01l_objc_msgSend_fixup_"))
220 return true;
221
222 StringRef Section = GV->getSection();
223 if (Section.find("__message_refs") != StringRef::npos ||
224 Section.find("__objc_classrefs") != StringRef::npos ||
225 Section.find("__objc_superrefs") != StringRef::npos ||
226 Section.find("__objc_methname") != StringRef::npos ||
227 Section.find("__cstring") != StringRef::npos)
228 return true;
229 }
230 }
231
232 return false;
233 }
234
235 enum class ARCMDKindID {
236 ImpreciseRelease,
237 CopyOnEscape,
238 NoObjCARCExceptions,
239 };
240
241 /// A cache of MDKinds used by various ARC optimizations.
242 class ARCMDKindCache {
243 Module *M;
244
245 /// The Metadata Kind for clang.imprecise_release metadata.
246 llvm::Optional<unsigned> ImpreciseReleaseMDKind;
247
248 /// The Metadata Kind for clang.arc.copy_on_escape metadata.
249 llvm::Optional<unsigned> CopyOnEscapeMDKind;
250
251 /// The Metadata Kind for clang.arc.no_objc_arc_exceptions metadata.
252 llvm::Optional<unsigned> NoObjCARCExceptionsMDKind;
253
254 public:
init(Module * Mod)255 void init(Module *Mod) {
256 M = Mod;
257 ImpreciseReleaseMDKind = NoneType::None;
258 CopyOnEscapeMDKind = NoneType::None;
259 NoObjCARCExceptionsMDKind = NoneType::None;
260 }
261
get(ARCMDKindID ID)262 unsigned get(ARCMDKindID ID) {
263 switch (ID) {
264 case ARCMDKindID::ImpreciseRelease:
265 if (!ImpreciseReleaseMDKind)
266 ImpreciseReleaseMDKind =
267 M->getContext().getMDKindID("clang.imprecise_release");
268 return *ImpreciseReleaseMDKind;
269 case ARCMDKindID::CopyOnEscape:
270 if (!CopyOnEscapeMDKind)
271 CopyOnEscapeMDKind =
272 M->getContext().getMDKindID("clang.arc.copy_on_escape");
273 return *CopyOnEscapeMDKind;
274 case ARCMDKindID::NoObjCARCExceptions:
275 if (!NoObjCARCExceptionsMDKind)
276 NoObjCARCExceptionsMDKind =
277 M->getContext().getMDKindID("clang.arc.no_objc_arc_exceptions");
278 return *NoObjCARCExceptionsMDKind;
279 }
280 llvm_unreachable("Covered switch isn't covered?!");
281 }
282 };
283
284 } // end namespace objcarc
285 } // end namespace llvm
286
287 #endif
288