1 //===- GlobalSplit.cpp - global variable splitter -------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This pass uses inrange annotations on GEP indices to split globals where
10 // beneficial. Clang currently attaches these annotations to references to
11 // virtual table globals under the Itanium ABI for the benefit of the
12 // whole-program virtual call optimization and control flow integrity passes.
13 //
14 //===----------------------------------------------------------------------===//
15 
16 #include "llvm/Transforms/IPO/GlobalSplit.h"
17 #include "llvm/ADT/SmallVector.h"
18 #include "llvm/ADT/StringExtras.h"
19 #include "llvm/IR/Constant.h"
20 #include "llvm/IR/Constants.h"
21 #include "llvm/IR/DataLayout.h"
22 #include "llvm/IR/Function.h"
23 #include "llvm/IR/GlobalValue.h"
24 #include "llvm/IR/GlobalVariable.h"
25 #include "llvm/IR/Intrinsics.h"
26 #include "llvm/IR/LLVMContext.h"
27 #include "llvm/IR/Metadata.h"
28 #include "llvm/IR/Module.h"
29 #include "llvm/IR/Operator.h"
30 #include "llvm/IR/Type.h"
31 #include "llvm/IR/User.h"
32 #include "llvm/Support/Casting.h"
33 #include "llvm/Transforms/IPO.h"
34 #include <cstdint>
35 #include <vector>
36 
37 using namespace llvm;
38 
39 static bool splitGlobal(GlobalVariable &GV) {
40   // If the address of the global is taken outside of the module, we cannot
41   // apply this transformation.
42   if (!GV.hasLocalLinkage())
43     return false;
44 
45   // We currently only know how to split ConstantStructs.
46   auto *Init = dyn_cast_or_null<ConstantStruct>(GV.getInitializer());
47   if (!Init)
48     return false;
49 
50   // Verify that each user of the global is an inrange getelementptr constant.
51   // From this it follows that any loads from or stores to that global must use
52   // a pointer derived from an inrange getelementptr constant, which is
53   // sufficient to allow us to apply the splitting transform.
54   for (User *U : GV.users()) {
55     if (!isa<Constant>(U))
56       return false;
57 
58     auto *GEP = dyn_cast<GEPOperator>(U);
59     if (!GEP || !GEP->getInRangeIndex() || *GEP->getInRangeIndex() != 1 ||
60         !isa<ConstantInt>(GEP->getOperand(1)) ||
61         !cast<ConstantInt>(GEP->getOperand(1))->isZero() ||
62         !isa<ConstantInt>(GEP->getOperand(2)))
63       return false;
64   }
65 
66   SmallVector<MDNode *, 2> Types;
67   GV.getMetadata(LLVMContext::MD_type, Types);
68 
69   const DataLayout &DL = GV.getParent()->getDataLayout();
70   const StructLayout *SL = DL.getStructLayout(Init->getType());
71 
72   IntegerType *Int32Ty = Type::getInt32Ty(GV.getContext());
73 
74   std::vector<GlobalVariable *> SplitGlobals(Init->getNumOperands());
75   for (unsigned I = 0; I != Init->getNumOperands(); ++I) {
76     // Build a global representing this split piece.
77     auto *SplitGV =
78         new GlobalVariable(*GV.getParent(), Init->getOperand(I)->getType(),
79                            GV.isConstant(), GlobalValue::PrivateLinkage,
80                            Init->getOperand(I), GV.getName() + "." + utostr(I));
81     SplitGlobals[I] = SplitGV;
82 
83     unsigned SplitBegin = SL->getElementOffset(I);
84     unsigned SplitEnd = (I == Init->getNumOperands() - 1)
85                             ? SL->getSizeInBytes()
86                             : SL->getElementOffset(I + 1);
87 
88     // Rebuild type metadata, adjusting by the split offset.
89     // FIXME: See if we can use DW_OP_piece to preserve debug metadata here.
90     for (MDNode *Type : Types) {
91       uint64_t ByteOffset = cast<ConstantInt>(
92               cast<ConstantAsMetadata>(Type->getOperand(0))->getValue())
93               ->getZExtValue();
94       // Type metadata may be attached one byte after the end of the vtable, for
95       // classes without virtual methods in Itanium ABI. AFAIK, it is never
96       // attached to the first byte of a vtable. Subtract one to get the right
97       // slice.
98       // This is making an assumption that vtable groups are the only kinds of
99       // global variables that !type metadata can be attached to, and that they
100       // are either Itanium ABI vtable groups or contain a single vtable (i.e.
101       // Microsoft ABI vtables).
102       uint64_t AttachedTo = (ByteOffset == 0) ? ByteOffset : ByteOffset - 1;
103       if (AttachedTo < SplitBegin || AttachedTo >= SplitEnd)
104         continue;
105       SplitGV->addMetadata(
106           LLVMContext::MD_type,
107           *MDNode::get(GV.getContext(),
108                        {ConstantAsMetadata::get(
109                             ConstantInt::get(Int32Ty, ByteOffset - SplitBegin)),
110                         Type->getOperand(1)}));
111     }
112 
113     if (GV.hasMetadata(LLVMContext::MD_vcall_visibility))
114       SplitGV->setVCallVisibilityMetadata(GV.getVCallVisibility());
115   }
116 
117   for (User *U : GV.users()) {
118     auto *GEP = cast<GEPOperator>(U);
119     unsigned I = cast<ConstantInt>(GEP->getOperand(2))->getZExtValue();
120     if (I >= SplitGlobals.size())
121       continue;
122 
123     SmallVector<Value *, 4> Ops;
124     Ops.push_back(ConstantInt::get(Int32Ty, 0));
125     for (unsigned I = 3; I != GEP->getNumOperands(); ++I)
126       Ops.push_back(GEP->getOperand(I));
127 
128     auto *NewGEP = ConstantExpr::getGetElementPtr(
129         SplitGlobals[I]->getInitializer()->getType(), SplitGlobals[I], Ops,
130         GEP->isInBounds());
131     GEP->replaceAllUsesWith(NewGEP);
132   }
133 
134   // Finally, remove the original global. Any remaining uses refer to invalid
135   // elements of the global, so replace with poison.
136   if (!GV.use_empty())
137     GV.replaceAllUsesWith(PoisonValue::get(GV.getType()));
138   GV.eraseFromParent();
139   return true;
140 }
141 
142 static bool splitGlobals(Module &M) {
143   // First, see if the module uses either of the llvm.type.test or
144   // llvm.type.checked.load intrinsics, which indicates that splitting globals
145   // may be beneficial.
146   Function *TypeTestFunc =
147       M.getFunction(Intrinsic::getName(Intrinsic::type_test));
148   Function *TypeCheckedLoadFunc =
149       M.getFunction(Intrinsic::getName(Intrinsic::type_checked_load));
150   Function *TypeCheckedLoadRelativeFunc =
151       M.getFunction(Intrinsic::getName(Intrinsic::type_checked_load_relative));
152   if ((!TypeTestFunc || TypeTestFunc->use_empty()) &&
153       (!TypeCheckedLoadFunc || TypeCheckedLoadFunc->use_empty()) &&
154       (!TypeCheckedLoadRelativeFunc ||
155        TypeCheckedLoadRelativeFunc->use_empty()))
156     return false;
157 
158   bool Changed = false;
159   for (GlobalVariable &GV : llvm::make_early_inc_range(M.globals()))
160     Changed |= splitGlobal(GV);
161   return Changed;
162 }
163 
164 PreservedAnalyses GlobalSplitPass::run(Module &M, ModuleAnalysisManager &AM) {
165   if (!splitGlobals(M))
166     return PreservedAnalyses::all();
167   return PreservedAnalyses::none();
168 }
169