This is an archive of the discontinued LLVM Phabricator instance.

Differential D110901

[SimplifyCFG] Prevent SimplifyCFG from sinking indirect calls.
Needs ReviewPublic

Authored by jhuber6 on Sep 30 2021, 8:31 PM.

Details

Reviewers
jdoerfert
lebedev.ri
Summary

This patch prevents the CFG simplification pass from sinking indirect
calls. Currently, the indirect calls will be combined into a single
indirect call after the arguments have been selected. This prevents the
indirect calls from being replaced with direct ones once the callee is
known through other optimizations.

An example of this is shown in https://godbolt.org/z/jTcfYnvYx where the
indirect calls cannot be replaced with direct calls once they are
inlined and the calls are known. This is generally more costly than
calling the function directly.

Diff Detail

Event Timeline

jhuber6 created this revision.Sep 30 2021, 8:31 PM
Herald added a subscriber: hiraditya. · View Herald TranscriptSep 30 2021, 8:31 PM
jhuber6 requested review of this revision.Sep 30 2021, 8:31 PM
Herald added a subscriber: llvm-commits. · View Herald TranscriptSep 30 2021, 8:31 PM
jhuber6 edited the summary of this revision. (Show Details)Sep 30 2021, 8:33 PM
xgupta added a subscriber: xgupta.Oct 1 2021, 12:19 AM
lebedev.ri added a comment.Oct 1 2021, 1:27 AM

It looks like what we need is a invoke of select between functions --> if-then-else

jhuber6 added a comment.Oct 1 2021, 6:06 AM
In D110901#3035809, @lebedev.ri wrote:

It looks like what we need is a invoke of select between functions --> if-then-else

So this should be a separate optimization run afterwards? Where do you think that optimization should live?

jdoerfert added inline comments.Oct 1 2021, 12:37 PM
llvm/lib/Transforms/Utils/SimplifyCFG.cpp
2065–2066

CB has an isindirectcall member, IIRC.

jhuber6 added a comment.Oct 11 2021, 6:30 AM
In D110901#3035809, @lebedev.ri wrote:

It looks like what we need is a invoke of select between functions --> if-then-else

Looked at this problem again. There's already a way to promote indirect calls by versioning the call site, we could just add a pass that fully versions indirect calls that have callee metadata. If we do that for the code in the summary we'll get something like this https://godbolt.org/z/EP6n75far, then the versioning should be optimized out in cases like this with InstCombine, SimplifyCFG, and DCE leaving only conditional direct calls. Even in cases where this can't be optimized out, fully versioning out an indirect call whose callees are all known seems reasonable to me, maybe there's a reason we don't do this already that I'm not aware of. The downside is that fixing the code in the summary requires running the callee analysis after inlining, and then doing the versioning early enough that the other simplification passes will clean it up. I could make a patch for that if you think it's reasonable, but I'm not sure if it's worth the extra runtime in LLVM. The alternative is this patch which prevents this specific problem from showing up. What do you think @lebedev.ri?

lebedev.ri resigned from this revision.Jan 12 2023, 5:24 PM

This review seems to be stuck/dead, consider abandoning if no longer relevant.

Herald added a project: Restricted Project. · View Herald TranscriptJan 12 2023, 5:24 PM
Herald added a subscriber: StephenFan. · View Herald Transcript

Revision Contents

PathSize
llvm/
lib/
Transforms/
Utils/
10 lines
test/
Transforms/
SimplifyCFG/
X86/
11 lines

Diff 376416

llvm/lib/Transforms/Utils/SimplifyCFG.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show All 28 Lines
#include "llvm/Analysis/ConstantFolding.h" #include "llvm/Analysis/ConstantFolding.h"
#include "llvm/Analysis/EHPersonalities.h" #include "llvm/Analysis/EHPersonalities.h"
#include "llvm/Analysis/GuardUtils.h" #include "llvm/Analysis/GuardUtils.h"
#include "llvm/Analysis/InstructionSimplify.h" #include "llvm/Analysis/InstructionSimplify.h"
#include "llvm/Analysis/MemorySSA.h" #include "llvm/Analysis/MemorySSA.h"
#include "llvm/Analysis/MemorySSAUpdater.h" #include "llvm/Analysis/MemorySSAUpdater.h"
#include "llvm/Analysis/TargetTransformInfo.h" #include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/Analysis/ValueTracking.h" #include "llvm/Analysis/ValueTracking.h"
#include "llvm/IR/AbstractCallSite.h"
#include "llvm/IR/Attributes.h" #include "llvm/IR/Attributes.h"
#include "llvm/IR/BasicBlock.h" #include "llvm/IR/BasicBlock.h"
#include "llvm/IR/CFG.h" #include "llvm/IR/CFG.h"
#include "llvm/IR/Constant.h" #include "llvm/IR/Constant.h"
#include "llvm/IR/ConstantRange.h" #include "llvm/IR/ConstantRange.h"
#include "llvm/IR/Constants.h" #include "llvm/IR/Constants.h"
#include "llvm/IR/DataLayout.h" #include "llvm/IR/DataLayout.h"
#include "llvm/IR/DerivedTypes.h" #include "llvm/IR/DerivedTypes.h"
▲ Show 20 LinesShow All 2,007 Lines▼ Show 20 Linesstatic bool SinkCommonCodeFromPredecessors(BasicBlock *BB,
// If no instructions can be sunk, early-return. // If no instructions can be sunk, early-return.
if (ScanIdx == 0) if (ScanIdx == 0)
return false; return false;
// Okay, we *could* sink last ScanIdx instructions. But how many can we // Okay, we *could* sink last ScanIdx instructions. But how many can we
// actually sink before encountering instruction that is unprofitable to sink? // actually sink before encountering instruction that is unprofitable to sink?
auto ProfitableToSinkInstruction = [&](LockstepReverseIterator &LRI) { auto ProfitableToSinkInstruction = [&](LockstepReverseIterator &LRI) {
unsigned NumPHIdValues = 0; unsigned NumPHIdValues = 0;
for (auto *I : *LRI) for (auto *I : *LRI) {
// Sinking indirect calls prevents us from replacing the indirect call
// with a direct call once the callee is known.
if (auto *CB = dyn_cast<CallBase>(I))
if (AbstractCallSite ACS = &CB->getCalledOperandUse())
if (ACS.isIndirectCall())
jdoerfertUnsubmitted
Not Done
ReplyInline Actions

CB has an isindirectcall member, IIRC.

jdoerfert: CB has an isindirectcall member, IIRC.
return false;
for (auto *V : PHIOperands[I]) { for (auto *V : PHIOperands[I]) {
if (InstructionsToSink.count(V) == 0) if (InstructionsToSink.count(V) == 0)
++NumPHIdValues; ++NumPHIdValues;
// FIXME: this check is overly optimistic. We may end up not sinking // FIXME: this check is overly optimistic. We may end up not sinking
// said instruction, due to the very same profitability check. // said instruction, due to the very same profitability check.
// See @creating_too_many_phis in sink-common-code.ll. // See @creating_too_many_phis in sink-common-code.ll.
} }
}
LLVM_DEBUG(dbgs() << "SINK: #phid values: " << NumPHIdValues << "\n"); LLVM_DEBUG(dbgs() << "SINK: #phid values: " << NumPHIdValues << "\n");
unsigned NumPHIInsts = NumPHIdValues / UnconditionalPreds.size(); unsigned NumPHIInsts = NumPHIdValues / UnconditionalPreds.size();
if ((NumPHIdValues % UnconditionalPreds.size()) != 0) if ((NumPHIdValues % UnconditionalPreds.size()) != 0)
NumPHIInsts++; NumPHIInsts++;
return NumPHIInsts <= 1; return NumPHIInsts <= 1;
}; };
▲ Show 20 LinesShow All 4,716 LinesShow Last 20 Lines

llvm/test/Transforms/SimplifyCFG/X86/sink-common-code.ll

Show First 20 LinesShow All 1,400 Lines▼ Show 20 Linescall_bar:
br label %end br label %end
end: end:
ret void ret void
} }
define void @indirect_caller(i1 %c, i32 %v, void (i32)* %foo, void (i32)* %bar) { define void @indirect_caller(i1 %c, i32 %v, void (i32)* %foo, void (i32)* %bar) {
; CHECK-LABEL: @indirect_caller( ; CHECK-LABEL: @indirect_caller(
; CHECK-NEXT: end: ; CHECK-NEXT: br i1 [[C:%.*]], label [[CALL_FOO:%.*]], label [[CALL_BAR:%.*]]
; CHECK-NEXT: [[FOO_BAR:%.*]] = select i1 [[C:%.*]], void (i32)* [[FOO:%.*]], void (i32)* [[BAR:%.*]] ; CHECK: call_foo:
; CHECK-NEXT: tail call void [[FOO_BAR]](i32 [[V:%.*]]) ; CHECK-NEXT: tail call void [[FOO:%.*]](i32 [[V:%.*]])
; CHECK-NEXT: br label [[END:%.*]]
; CHECK: call_bar:
; CHECK-NEXT: tail call void [[BAR:%.*]](i32 [[V]])
; CHECK-NEXT: br label [[END]]
; CHECK: end:
; CHECK-NEXT: ret void ; CHECK-NEXT: ret void
; ;
br i1 %c, label %call_foo, label %call_bar br i1 %c, label %call_foo, label %call_bar
call_foo: call_foo:
tail call void %foo(i32 %v) tail call void %foo(i32 %v)
br label %end br label %end
▲ Show 20 LinesShow All 150 LinesShow Last 20 Lines