2 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21 * Optimization module for tcpdump intermediate representation.
24 static const char rcsid[] =
25 "@(#) $Header: /tcpdump/master/libpcap/optimize.c,v 1.67 2000/11/19 13:37:20 itojun Exp $ (LBL)";
32 #include <sys/types.h>
45 #ifdef HAVE_OS_PROTO_H
53 #define A_ATOM BPF_MEMWORDS
54 #define X_ATOM (BPF_MEMWORDS+1)
59 * This define is used to represent *both* the accumulator and
60 * x register in use-def computations.
61 * Currently, the use-def code assumes only one definition per instruction.
63 #define AX_ATOM N_ATOMS
66 * A flag to indicate that further optimization is needed.
67 * Iterative passes are continued until a given pass yields no
73 * A block is marked if only if its mark equals the current mark.
74 * Rather than traverse the code array, marking each item, 'cur_mark' is
75 * incremented. This automatically makes each element unmarked.
78 #define isMarked(p) ((p)->mark == cur_mark)
79 #define unMarkAll() cur_mark += 1
80 #define Mark(p) ((p)->mark = cur_mark)
82 static void opt_init(struct block *);
83 static void opt_cleanup(void);
85 static void make_marks(struct block *);
86 static void mark_code(struct block *);
88 static void intern_blocks(struct block *);
90 static int eq_slist(struct slist *, struct slist *);
92 static void find_levels_r(struct block *);
94 static void find_levels(struct block *);
95 static void find_dom(struct block *);
96 static void propedom(struct edge *);
97 static void find_edom(struct block *);
98 static void find_closure(struct block *);
99 static int atomuse(struct stmt *);
100 static int atomdef(struct stmt *);
101 static void compute_local_ud(struct block *);
102 static void find_ud(struct block *);
103 static void init_val(void);
104 static int F(int, int, int);
105 static inline void vstore(struct stmt *, int *, int, int);
106 static void opt_blk(struct block *, int);
107 static int use_conflict(struct block *, struct block *);
108 static void opt_j(struct edge *);
109 static void or_pullup(struct block *);
110 static void and_pullup(struct block *);
111 static void opt_blks(struct block *, int);
112 static inline void link_inedge(struct edge *, struct block *);
113 static void find_inedges(struct block *);
114 static void opt_root(struct block **);
115 static void opt_loop(struct block *, int);
116 static void fold_op(struct stmt *, int, int);
117 static inline struct slist *this_op(struct slist *);
118 static void opt_not(struct block *);
119 static void opt_peep(struct block *);
120 static void opt_stmt(struct stmt *, int[], int);
121 static void deadstmt(struct stmt *, struct stmt *[]);
122 static void opt_deadstores(struct block *);
123 static void opt_blk(struct block *, int);
124 static int use_conflict(struct block *, struct block *);
125 static void opt_j(struct edge *);
126 static struct block *fold_edge(struct block *, struct edge *);
127 static inline int eq_blk(struct block *, struct block *);
128 static int slength(struct slist *);
129 static int count_blocks(struct block *);
130 static void number_blks_r(struct block *);
131 static int count_stmts(struct block *);
132 static int convert_code_r(struct block *);
134 static void opt_dump(struct block *);
138 struct block **blocks;
143 * A bit vector set representation of the dominators.
144 * We round up the set size to the next power of two.
146 static int nodewords;
147 static int edgewords;
148 struct block **levels;
150 #define BITS_PER_WORD (8*sizeof(bpf_u_int32))
152 * True if a is in uset {p}
154 #define SET_MEMBER(p, a) \
155 ((p)[(unsigned)(a) / BITS_PER_WORD] & (1 << ((unsigned)(a) % BITS_PER_WORD)))
160 #define SET_INSERT(p, a) \
161 (p)[(unsigned)(a) / BITS_PER_WORD] |= (1 << ((unsigned)(a) % BITS_PER_WORD))
164 * Delete 'a' from uset p.
166 #define SET_DELETE(p, a) \
167 (p)[(unsigned)(a) / BITS_PER_WORD] &= ~(1 << ((unsigned)(a) % BITS_PER_WORD))
172 #define SET_INTERSECT(a, b, n)\
174 register bpf_u_int32 *_x = a, *_y = b;\
175 register int _n = n;\
176 while (--_n >= 0) *_x++ &= *_y++;\
182 #define SET_SUBTRACT(a, b, n)\
184 register bpf_u_int32 *_x = a, *_y = b;\
185 register int _n = n;\
186 while (--_n >= 0) *_x++ &=~ *_y++;\
192 #define SET_UNION(a, b, n)\
194 register bpf_u_int32 *_x = a, *_y = b;\
195 register int _n = n;\
196 while (--_n >= 0) *_x++ |= *_y++;\
199 static uset all_dom_sets;
200 static uset all_closure_sets;
201 static uset all_edge_sets;
204 #define MAX(a,b) ((a)>(b)?(a):(b))
220 find_levels_r(JT(b));
221 find_levels_r(JF(b));
222 level = MAX(JT(b)->level, JF(b)->level) + 1;
226 b->link = levels[level];
231 * Level graph. The levels go from 0 at the leaves to
232 * N_LEVELS at the root. The levels[] array points to the
233 * first node of the level list, whose elements are linked
234 * with the 'link' field of the struct block.
240 memset((char *)levels, 0, n_blocks * sizeof(*levels));
246 * Find dominator relationships.
247 * Assumes graph has been leveled.
258 * Initialize sets to contain all nodes.
261 i = n_blocks * nodewords;
264 /* Root starts off empty. */
265 for (i = nodewords; --i >= 0;)
268 /* root->level is the highest level no found. */
269 for (i = root->level; i >= 0; --i) {
270 for (b = levels[i]; b; b = b->link) {
271 SET_INSERT(b->dom, b->id);
274 SET_INTERSECT(JT(b)->dom, b->dom, nodewords);
275 SET_INTERSECT(JF(b)->dom, b->dom, nodewords);
284 SET_INSERT(ep->edom, ep->id);
286 SET_INTERSECT(ep->succ->et.edom, ep->edom, edgewords);
287 SET_INTERSECT(ep->succ->ef.edom, ep->edom, edgewords);
292 * Compute edge dominators.
293 * Assumes graph has been leveled and predecessors established.
304 for (i = n_edges * edgewords; --i >= 0; )
307 /* root->level is the highest level no found. */
308 memset(root->et.edom, 0, edgewords * sizeof(*(uset)0));
309 memset(root->ef.edom, 0, edgewords * sizeof(*(uset)0));
310 for (i = root->level; i >= 0; --i) {
311 for (b = levels[i]; b != 0; b = b->link) {
319 * Find the backwards transitive closure of the flow graph. These sets
320 * are backwards in the sense that we find the set of nodes that reach
321 * a given node, not the set of nodes that can be reached by a node.
323 * Assumes graph has been leveled.
333 * Initialize sets to contain no nodes.
335 memset((char *)all_closure_sets, 0,
336 n_blocks * nodewords * sizeof(*all_closure_sets));
338 /* root->level is the highest level no found. */
339 for (i = root->level; i >= 0; --i) {
340 for (b = levels[i]; b; b = b->link) {
341 SET_INSERT(b->closure, b->id);
344 SET_UNION(JT(b)->closure, b->closure, nodewords);
345 SET_UNION(JF(b)->closure, b->closure, nodewords);
351 * Return the register number that is used by s. If A and X are both
352 * used, return AX_ATOM. If no register is used, return -1.
354 * The implementation should probably change to an array access.
360 register int c = s->code;
365 switch (BPF_CLASS(c)) {
368 return (BPF_RVAL(c) == BPF_A) ? A_ATOM :
369 (BPF_RVAL(c) == BPF_X) ? X_ATOM : -1;
373 return (BPF_MODE(c) == BPF_IND) ? X_ATOM :
374 (BPF_MODE(c) == BPF_MEM) ? s->k : -1;
384 if (BPF_SRC(c) == BPF_X)
389 return BPF_MISCOP(c) == BPF_TXA ? X_ATOM : A_ATOM;
396 * Return the register number that is defined by 's'. We assume that
397 * a single stmt cannot define more than one register. If no register
398 * is defined, return -1.
400 * The implementation should probably change to an array access.
409 switch (BPF_CLASS(s->code)) {
423 return BPF_MISCOP(s->code) == BPF_TAX ? X_ATOM : A_ATOM;
433 atomset def = 0, use = 0, kill = 0;
436 for (s = b->stmts; s; s = s->next) {
437 if (s->s.code == NOP)
439 atom = atomuse(&s->s);
441 if (atom == AX_ATOM) {
442 if (!ATOMELEM(def, X_ATOM))
443 use |= ATOMMASK(X_ATOM);
444 if (!ATOMELEM(def, A_ATOM))
445 use |= ATOMMASK(A_ATOM);
447 else if (atom < N_ATOMS) {
448 if (!ATOMELEM(def, atom))
449 use |= ATOMMASK(atom);
454 atom = atomdef(&s->s);
456 if (!ATOMELEM(use, atom))
457 kill |= ATOMMASK(atom);
458 def |= ATOMMASK(atom);
461 if (!ATOMELEM(def, A_ATOM) && BPF_CLASS(b->s.code) == BPF_JMP)
462 use |= ATOMMASK(A_ATOM);
470 * Assume graph is already leveled.
480 * root->level is the highest level no found;
481 * count down from there.
483 maxlevel = root->level;
484 for (i = maxlevel; i >= 0; --i)
485 for (p = levels[i]; p; p = p->link) {
490 for (i = 1; i <= maxlevel; ++i) {
491 for (p = levels[i]; p; p = p->link) {
492 p->out_use |= JT(p)->in_use | JF(p)->in_use;
493 p->in_use |= p->out_use &~ p->kill;
499 * These data structures are used in a Cocke and Shwarz style
500 * value numbering scheme. Since the flowgraph is acyclic,
501 * exit values can be propagated from a node's predecessors
502 * provided it is uniquely defined.
508 struct valnode *next;
512 static struct valnode *hashtbl[MODULUS];
516 /* Integer constants mapped with the load immediate opcode. */
517 #define K(i) F(BPF_LD|BPF_IMM|BPF_W, i, 0L)
524 struct vmapinfo *vmap;
525 struct valnode *vnode_base;
526 struct valnode *next_vnode;
532 next_vnode = vnode_base;
533 memset((char *)vmap, 0, maxval * sizeof(*vmap));
534 memset((char *)hashtbl, 0, sizeof hashtbl);
537 /* Because we really don't have an IR, this stuff is a little messy. */
547 hash = (u_int)code ^ (v0 << 4) ^ (v1 << 8);
550 for (p = hashtbl[hash]; p; p = p->next)
551 if (p->code == code && p->v0 == v0 && p->v1 == v1)
555 if (BPF_MODE(code) == BPF_IMM &&
556 (BPF_CLASS(code) == BPF_LD || BPF_CLASS(code) == BPF_LDX)) {
557 vmap[val].const_val = v0;
558 vmap[val].is_const = 1;
565 p->next = hashtbl[hash];
572 vstore(s, valp, newval, alter)
578 if (alter && *valp == newval)
591 a = vmap[v0].const_val;
592 b = vmap[v1].const_val;
594 switch (BPF_OP(s->code)) {
609 bpf_error("division by zero");
637 s->code = BPF_LD|BPF_IMM;
641 static inline struct slist *
645 while (s != 0 && s->s.code == NOP)
654 struct block *tmp = JT(b);
665 struct slist *next, *last;
677 next = this_op(s->next);
683 * st M[k] --> st M[k]
686 if (s->s.code == BPF_ST &&
687 next->s.code == (BPF_LDX|BPF_MEM) &&
688 s->s.k == next->s.k) {
690 next->s.code = BPF_MISC|BPF_TAX;
696 if (s->s.code == (BPF_LD|BPF_IMM) &&
697 next->s.code == (BPF_MISC|BPF_TAX)) {
698 s->s.code = BPF_LDX|BPF_IMM;
699 next->s.code = BPF_MISC|BPF_TXA;
703 * This is an ugly special case, but it happens
704 * when you say tcp[k] or udp[k] where k is a constant.
706 if (s->s.code == (BPF_LD|BPF_IMM)) {
707 struct slist *add, *tax, *ild;
710 * Check that X isn't used on exit from this
711 * block (which the optimizer might cause).
712 * We know the code generator won't generate
713 * any local dependencies.
715 if (ATOMELEM(b->out_use, X_ATOM))
718 if (next->s.code != (BPF_LDX|BPF_MSH|BPF_B))
721 add = this_op(next->next);
722 if (add == 0 || add->s.code != (BPF_ALU|BPF_ADD|BPF_X))
725 tax = this_op(add->next);
726 if (tax == 0 || tax->s.code != (BPF_MISC|BPF_TAX))
729 ild = this_op(tax->next);
730 if (ild == 0 || BPF_CLASS(ild->s.code) != BPF_LD ||
731 BPF_MODE(ild->s.code) != BPF_IND)
734 * XXX We need to check that X is not
735 * subsequently used. We know we can eliminate the
736 * accumulator modifications since it is defined
737 * by the last stmt of this sequence.
739 * We want to turn this sequence:
742 * (005) ldxms [14] {next} -- optional
745 * (008) ild [x+0] {ild}
747 * into this sequence:
765 * If we have a subtract to do a comparison, and the X register
766 * is a known constant, we can merge this value into the
769 if (last->s.code == (BPF_ALU|BPF_SUB|BPF_X) &&
770 !ATOMELEM(b->out_use, A_ATOM)) {
771 val = b->val[X_ATOM];
772 if (vmap[val].is_const) {
775 b->s.k += vmap[val].const_val;
776 op = BPF_OP(b->s.code);
777 if (op == BPF_JGT || op == BPF_JGE) {
778 struct block *t = JT(b);
781 b->s.k += 0x80000000;
785 } else if (b->s.k == 0) {
791 b->s.code = BPF_CLASS(b->s.code) | BPF_OP(b->s.code) |
797 * Likewise, a constant subtract can be simplified.
799 else if (last->s.code == (BPF_ALU|BPF_SUB|BPF_K) &&
800 !ATOMELEM(b->out_use, A_ATOM)) {
805 op = BPF_OP(b->s.code);
806 if (op == BPF_JGT || op == BPF_JGE) {
807 struct block *t = JT(b);
810 b->s.k += 0x80000000;
818 if (last->s.code == (BPF_ALU|BPF_AND|BPF_K) &&
819 !ATOMELEM(b->out_use, A_ATOM) && b->s.k == 0) {
821 b->s.code = BPF_JMP|BPF_K|BPF_JSET;
827 * If the accumulator is a known constant, we can compute the
830 val = b->val[A_ATOM];
831 if (vmap[val].is_const && BPF_SRC(b->s.code) == BPF_K) {
832 bpf_int32 v = vmap[val].const_val;
833 switch (BPF_OP(b->s.code)) {
840 v = (unsigned)v > b->s.k;
844 v = (unsigned)v >= b->s.k;
864 * Compute the symbolic value of expression of 's', and update
865 * anything it defines in the value table 'val'. If 'alter' is true,
866 * do various optimizations. This code would be cleaner if symbolic
867 * evaluation and code transformations weren't folded together.
870 opt_stmt(s, val, alter)
880 case BPF_LD|BPF_ABS|BPF_W:
881 case BPF_LD|BPF_ABS|BPF_H:
882 case BPF_LD|BPF_ABS|BPF_B:
883 v = F(s->code, s->k, 0L);
884 vstore(s, &val[A_ATOM], v, alter);
887 case BPF_LD|BPF_IND|BPF_W:
888 case BPF_LD|BPF_IND|BPF_H:
889 case BPF_LD|BPF_IND|BPF_B:
891 if (alter && vmap[v].is_const) {
892 s->code = BPF_LD|BPF_ABS|BPF_SIZE(s->code);
893 s->k += vmap[v].const_val;
894 v = F(s->code, s->k, 0L);
898 v = F(s->code, s->k, v);
899 vstore(s, &val[A_ATOM], v, alter);
903 v = F(s->code, 0L, 0L);
904 vstore(s, &val[A_ATOM], v, alter);
909 vstore(s, &val[A_ATOM], v, alter);
912 case BPF_LDX|BPF_IMM:
914 vstore(s, &val[X_ATOM], v, alter);
917 case BPF_LDX|BPF_MSH|BPF_B:
918 v = F(s->code, s->k, 0L);
919 vstore(s, &val[X_ATOM], v, alter);
922 case BPF_ALU|BPF_NEG:
923 if (alter && vmap[val[A_ATOM]].is_const) {
924 s->code = BPF_LD|BPF_IMM;
925 s->k = -vmap[val[A_ATOM]].const_val;
926 val[A_ATOM] = K(s->k);
929 val[A_ATOM] = F(s->code, val[A_ATOM], 0L);
932 case BPF_ALU|BPF_ADD|BPF_K:
933 case BPF_ALU|BPF_SUB|BPF_K:
934 case BPF_ALU|BPF_MUL|BPF_K:
935 case BPF_ALU|BPF_DIV|BPF_K:
936 case BPF_ALU|BPF_AND|BPF_K:
937 case BPF_ALU|BPF_OR|BPF_K:
938 case BPF_ALU|BPF_LSH|BPF_K:
939 case BPF_ALU|BPF_RSH|BPF_K:
940 op = BPF_OP(s->code);
943 if (op == BPF_ADD || op == BPF_SUB ||
944 op == BPF_LSH || op == BPF_RSH ||
949 if (op == BPF_MUL || op == BPF_AND) {
950 s->code = BPF_LD|BPF_IMM;
951 val[A_ATOM] = K(s->k);
955 if (vmap[val[A_ATOM]].is_const) {
956 fold_op(s, val[A_ATOM], K(s->k));
957 val[A_ATOM] = K(s->k);
961 val[A_ATOM] = F(s->code, val[A_ATOM], K(s->k));
964 case BPF_ALU|BPF_ADD|BPF_X:
965 case BPF_ALU|BPF_SUB|BPF_X:
966 case BPF_ALU|BPF_MUL|BPF_X:
967 case BPF_ALU|BPF_DIV|BPF_X:
968 case BPF_ALU|BPF_AND|BPF_X:
969 case BPF_ALU|BPF_OR|BPF_X:
970 case BPF_ALU|BPF_LSH|BPF_X:
971 case BPF_ALU|BPF_RSH|BPF_X:
972 op = BPF_OP(s->code);
973 if (alter && vmap[val[X_ATOM]].is_const) {
974 if (vmap[val[A_ATOM]].is_const) {
975 fold_op(s, val[A_ATOM], val[X_ATOM]);
976 val[A_ATOM] = K(s->k);
979 s->code = BPF_ALU|BPF_K|op;
980 s->k = vmap[val[X_ATOM]].const_val;
983 F(s->code, val[A_ATOM], K(s->k));
988 * Check if we're doing something to an accumulator
989 * that is 0, and simplify. This may not seem like
990 * much of a simplification but it could open up further
992 * XXX We could also check for mul by 1, and -1, etc.
994 if (alter && vmap[val[A_ATOM]].is_const
995 && vmap[val[A_ATOM]].const_val == 0) {
996 if (op == BPF_ADD || op == BPF_OR ||
997 op == BPF_LSH || op == BPF_RSH || op == BPF_SUB) {
998 s->code = BPF_MISC|BPF_TXA;
999 vstore(s, &val[A_ATOM], val[X_ATOM], alter);
1002 else if (op == BPF_MUL || op == BPF_DIV ||
1004 s->code = BPF_LD|BPF_IMM;
1006 vstore(s, &val[A_ATOM], K(s->k), alter);
1009 else if (op == BPF_NEG) {
1014 val[A_ATOM] = F(s->code, val[A_ATOM], val[X_ATOM]);
1017 case BPF_MISC|BPF_TXA:
1018 vstore(s, &val[A_ATOM], val[X_ATOM], alter);
1021 case BPF_LD|BPF_MEM:
1023 if (alter && vmap[v].is_const) {
1024 s->code = BPF_LD|BPF_IMM;
1025 s->k = vmap[v].const_val;
1028 vstore(s, &val[A_ATOM], v, alter);
1031 case BPF_MISC|BPF_TAX:
1032 vstore(s, &val[X_ATOM], val[A_ATOM], alter);
1035 case BPF_LDX|BPF_MEM:
1037 if (alter && vmap[v].is_const) {
1038 s->code = BPF_LDX|BPF_IMM;
1039 s->k = vmap[v].const_val;
1042 vstore(s, &val[X_ATOM], v, alter);
1046 vstore(s, &val[s->k], val[A_ATOM], alter);
1050 vstore(s, &val[s->k], val[X_ATOM], alter);
1057 register struct stmt *s;
1058 register struct stmt *last[];
1064 if (atom == AX_ATOM) {
1075 last[atom]->code = NOP;
1083 register struct block *b;
1085 register struct slist *s;
1087 struct stmt *last[N_ATOMS];
1089 memset((char *)last, 0, sizeof last);
1091 for (s = b->stmts; s != 0; s = s->next)
1092 deadstmt(&s->s, last);
1093 deadstmt(&b->s, last);
1095 for (atom = 0; atom < N_ATOMS; ++atom)
1096 if (last[atom] && !ATOMELEM(b->out_use, atom)) {
1097 last[atom]->code = NOP;
1103 opt_blk(b, do_stmts)
1113 for (s = b->stmts; s && s->next; s = s->next)
1114 if (BPF_CLASS(s->s.code) == BPF_JMP) {
1121 * Initialize the atom values.
1122 * If we have no predecessors, everything is undefined.
1123 * Otherwise, we inherent our values from our predecessors.
1124 * If any register has an ambiguous value (i.e. control paths are
1125 * merging) give it the undefined value of 0.
1129 memset((char *)b->val, 0, sizeof(b->val));
1131 memcpy((char *)b->val, (char *)p->pred->val, sizeof(b->val));
1132 while ((p = p->next) != NULL) {
1133 for (i = 0; i < N_ATOMS; ++i)
1134 if (b->val[i] != p->pred->val[i])
1138 aval = b->val[A_ATOM];
1139 for (s = b->stmts; s; s = s->next)
1140 opt_stmt(&s->s, b->val, do_stmts);
1143 * This is a special case: if we don't use anything from this
1144 * block, and we load the accumulator with value that is
1145 * already there, or if this block is a return,
1146 * eliminate all the statements.
1149 ((b->out_use == 0 && aval != 0 &&b->val[A_ATOM] == aval) ||
1150 BPF_CLASS(b->s.code) == BPF_RET)) {
1151 if (b->stmts != 0) {
1160 * Set up values for branch optimizer.
1162 if (BPF_SRC(b->s.code) == BPF_K)
1163 b->oval = K(b->s.k);
1165 b->oval = b->val[X_ATOM];
1166 b->et.code = b->s.code;
1167 b->ef.code = -b->s.code;
1171 * Return true if any register that is used on exit from 'succ', has
1172 * an exit value that is different from the corresponding exit value
1176 use_conflict(b, succ)
1177 struct block *b, *succ;
1180 atomset use = succ->out_use;
1185 for (atom = 0; atom < N_ATOMS; ++atom)
1186 if (ATOMELEM(use, atom))
1187 if (b->val[atom] != succ->val[atom])
1192 static struct block *
1193 fold_edge(child, ep)
1194 struct block *child;
1198 int aval0, aval1, oval0, oval1;
1199 int code = ep->code;
1207 if (child->s.code != code)
1210 aval0 = child->val[A_ATOM];
1211 oval0 = child->oval;
1212 aval1 = ep->pred->val[A_ATOM];
1213 oval1 = ep->pred->oval;
1220 * The operands are identical, so the
1221 * result is true if a true branch was
1222 * taken to get here, otherwise false.
1224 return sense ? JT(child) : JF(child);
1226 if (sense && code == (BPF_JMP|BPF_JEQ|BPF_K))
1228 * At this point, we only know the comparison if we
1229 * came down the true branch, and it was an equality
1230 * comparison with a constant. We rely on the fact that
1231 * distinct constants have distinct value numbers.
1243 register struct block *target;
1245 if (JT(ep->succ) == 0)
1248 if (JT(ep->succ) == JF(ep->succ)) {
1250 * Common branch targets can be eliminated, provided
1251 * there is no data dependency.
1253 if (!use_conflict(ep->pred, ep->succ->et.succ)) {
1255 ep->succ = JT(ep->succ);
1259 * For each edge dominator that matches the successor of this
1260 * edge, promote the edge successor to the its grandchild.
1262 * XXX We violate the set abstraction here in favor a reasonably
1266 for (i = 0; i < edgewords; ++i) {
1267 register bpf_u_int32 x = ep->edom[i];
1272 k += i * BITS_PER_WORD;
1274 target = fold_edge(ep->succ, edges[k]);
1276 * Check that there is no data dependency between
1277 * nodes that will be violated if we move the edge.
1279 if (target != 0 && !use_conflict(ep->pred, target)) {
1282 if (JT(target) != 0)
1284 * Start over unless we hit a leaf.
1300 struct block **diffp, **samep;
1308 * Make sure each predecessor loads the same value.
1311 val = ep->pred->val[A_ATOM];
1312 for (ep = ep->next; ep != 0; ep = ep->next)
1313 if (val != ep->pred->val[A_ATOM])
1316 if (JT(b->in_edges->pred) == b)
1317 diffp = &JT(b->in_edges->pred);
1319 diffp = &JF(b->in_edges->pred);
1326 if (JT(*diffp) != JT(b))
1329 if (!SET_MEMBER((*diffp)->dom, b->id))
1332 if ((*diffp)->val[A_ATOM] != val)
1335 diffp = &JF(*diffp);
1338 samep = &JF(*diffp);
1343 if (JT(*samep) != JT(b))
1346 if (!SET_MEMBER((*samep)->dom, b->id))
1349 if ((*samep)->val[A_ATOM] == val)
1352 /* XXX Need to check that there are no data dependencies
1353 between dp0 and dp1. Currently, the code generator
1354 will not produce such dependencies. */
1355 samep = &JF(*samep);
1358 /* XXX This doesn't cover everything. */
1359 for (i = 0; i < N_ATOMS; ++i)
1360 if ((*samep)->val[i] != pred->val[i])
1363 /* Pull up the node. */
1369 * At the top of the chain, each predecessor needs to point at the
1370 * pulled up node. Inside the chain, there is only one predecessor
1374 for (ep = b->in_edges; ep != 0; ep = ep->next) {
1375 if (JT(ep->pred) == b)
1376 JT(ep->pred) = pull;
1378 JF(ep->pred) = pull;
1393 struct block **diffp, **samep;
1401 * Make sure each predecessor loads the same value.
1403 val = ep->pred->val[A_ATOM];
1404 for (ep = ep->next; ep != 0; ep = ep->next)
1405 if (val != ep->pred->val[A_ATOM])
1408 if (JT(b->in_edges->pred) == b)
1409 diffp = &JT(b->in_edges->pred);
1411 diffp = &JF(b->in_edges->pred);
1418 if (JF(*diffp) != JF(b))
1421 if (!SET_MEMBER((*diffp)->dom, b->id))
1424 if ((*diffp)->val[A_ATOM] != val)
1427 diffp = &JT(*diffp);
1430 samep = &JT(*diffp);
1435 if (JF(*samep) != JF(b))
1438 if (!SET_MEMBER((*samep)->dom, b->id))
1441 if ((*samep)->val[A_ATOM] == val)
1444 /* XXX Need to check that there are no data dependencies
1445 between diffp and samep. Currently, the code generator
1446 will not produce such dependencies. */
1447 samep = &JT(*samep);
1450 /* XXX This doesn't cover everything. */
1451 for (i = 0; i < N_ATOMS; ++i)
1452 if ((*samep)->val[i] != pred->val[i])
1455 /* Pull up the node. */
1461 * At the top of the chain, each predecessor needs to point at the
1462 * pulled up node. Inside the chain, there is only one predecessor
1466 for (ep = b->in_edges; ep != 0; ep = ep->next) {
1467 if (JT(ep->pred) == b)
1468 JT(ep->pred) = pull;
1470 JF(ep->pred) = pull;
1480 opt_blks(root, do_stmts)
1488 maxlevel = root->level;
1491 for (i = maxlevel; i >= 0; --i)
1492 for (p = levels[i]; p; p = p->link)
1493 opt_blk(p, do_stmts);
1497 * No point trying to move branches; it can't possibly
1498 * make a difference at this point.
1502 for (i = 1; i <= maxlevel; ++i) {
1503 for (p = levels[i]; p; p = p->link) {
1510 for (i = 1; i <= maxlevel; ++i) {
1511 for (p = levels[i]; p; p = p->link) {
1519 link_inedge(parent, child)
1520 struct edge *parent;
1521 struct block *child;
1523 parent->next = child->in_edges;
1524 child->in_edges = parent;
1534 for (i = 0; i < n_blocks; ++i)
1535 blocks[i]->in_edges = 0;
1538 * Traverse the graph, adding each edge to the predecessor
1539 * list of its successors. Skip the leaves (i.e. level 0).
1541 for (i = root->level; i > 0; --i) {
1542 for (b = levels[i]; b != 0; b = b->link) {
1543 link_inedge(&b->et, JT(b));
1544 link_inedge(&b->ef, JF(b));
1553 struct slist *tmp, *s;
1557 while (BPF_CLASS((*b)->s.code) == BPF_JMP && JT(*b) == JF(*b))
1566 * If the root node is a return, then there is no
1567 * point executing any statements (since the bpf machine
1568 * has no side effects).
1570 if (BPF_CLASS((*b)->s.code) == BPF_RET)
1575 opt_loop(root, do_stmts)
1591 opt_blks(root, do_stmts);
1600 * Optimize the filter code in its dag representation.
1604 struct block **rootp;
1613 intern_blocks(root);
1624 if (BPF_CLASS(p->s.code) != BPF_RET) {
1632 * Mark code array such that isMarked(i) is true
1633 * only for nodes that are alive.
1644 * True iff the two stmt lists load the same value from the packet into
1649 struct slist *x, *y;
1652 while (x && x->s.code == NOP)
1654 while (y && y->s.code == NOP)
1660 if (x->s.code != y->s.code || x->s.k != y->s.k)
1669 struct block *b0, *b1;
1671 if (b0->s.code == b1->s.code &&
1672 b0->s.k == b1->s.k &&
1673 b0->et.succ == b1->et.succ &&
1674 b0->ef.succ == b1->ef.succ)
1675 return eq_slist(b0->stmts, b1->stmts);
1688 for (i = 0; i < n_blocks; ++i)
1689 blocks[i]->link = 0;
1693 for (i = n_blocks - 1; --i >= 0; ) {
1694 if (!isMarked(blocks[i]))
1696 for (j = i + 1; j < n_blocks; ++j) {
1697 if (!isMarked(blocks[j]))
1699 if (eq_blk(blocks[i], blocks[j])) {
1700 blocks[i]->link = blocks[j]->link ?
1701 blocks[j]->link : blocks[j];
1706 for (i = 0; i < n_blocks; ++i) {
1712 JT(p) = JT(p)->link;
1716 JF(p) = JF(p)->link;
1726 free((void *)vnode_base);
1728 free((void *)edges);
1729 free((void *)space);
1730 free((void *)levels);
1731 free((void *)blocks);
1735 * Return the number of stmts in 's'.
1743 for (; s; s = s->next)
1744 if (s->s.code != NOP)
1750 * Return the number of nodes reachable by 'p'.
1751 * All nodes should be initially unmarked.
1757 if (p == 0 || isMarked(p))
1760 return count_blocks(JT(p)) + count_blocks(JF(p)) + 1;
1764 * Do a depth first search on the flow graph, numbering the
1765 * the basic blocks, and entering them into the 'blocks' array.`
1773 if (p == 0 || isMarked(p))
1781 number_blks_r(JT(p));
1782 number_blks_r(JF(p));
1786 * Return the number of stmts in the flowgraph reachable by 'p'.
1787 * The nodes should be unmarked before calling.
1789 * Note that "stmts" means "instructions", and that this includes
1791 * side-effect statements in 'p' (slength(p->stmts));
1793 * statements in the true branch from 'p' (count_stmts(JT(p)));
1795 * statements in the false branch from 'p' (count_stmts(JF(p)));
1797 * the conditional jump itself (1);
1799 * an extra long jump if the true branch requires it (p->longjt);
1801 * an extra long jump if the false branch requires it (p->longjf).
1809 if (p == 0 || isMarked(p))
1812 n = count_stmts(JT(p)) + count_stmts(JF(p));
1813 return slength(p->stmts) + n + 1 + p->longjt + p->longjf;
1817 * Allocate memory. All allocation is done before optimization
1818 * is begun. A linear bound on the size of all data structures is computed
1819 * from the total number of blocks and/or statements.
1826 int i, n, max_stmts;
1829 * First, count the blocks, so we can malloc an array to map
1830 * block number to block. Then, put the blocks into the array.
1833 n = count_blocks(root);
1834 blocks = (struct block **)malloc(n * sizeof(*blocks));
1837 number_blks_r(root);
1839 n_edges = 2 * n_blocks;
1840 edges = (struct edge **)malloc(n_edges * sizeof(*edges));
1843 * The number of levels is bounded by the number of nodes.
1845 levels = (struct block **)malloc(n_blocks * sizeof(*levels));
1847 edgewords = n_edges / (8 * sizeof(bpf_u_int32)) + 1;
1848 nodewords = n_blocks / (8 * sizeof(bpf_u_int32)) + 1;
1851 space = (bpf_u_int32 *)malloc(2 * n_blocks * nodewords * sizeof(*space)
1852 + n_edges * edgewords * sizeof(*space));
1855 for (i = 0; i < n; ++i) {
1859 all_closure_sets = p;
1860 for (i = 0; i < n; ++i) {
1861 blocks[i]->closure = p;
1865 for (i = 0; i < n; ++i) {
1866 register struct block *b = blocks[i];
1874 b->ef.id = n_blocks + i;
1875 edges[n_blocks + i] = &b->ef;
1880 for (i = 0; i < n; ++i)
1881 max_stmts += slength(blocks[i]->stmts) + 1;
1883 * We allocate at most 3 value numbers per statement,
1884 * so this is an upper bound on the number of valnodes
1887 maxval = 3 * max_stmts;
1888 vmap = (struct vmapinfo *)malloc(maxval * sizeof(*vmap));
1889 vnode_base = (struct valnode *)malloc(maxval * sizeof(*vnode_base));
1893 * Some pointers used to convert the basic block form of the code,
1894 * into the array form that BPF requires. 'fstart' will point to
1895 * the malloc'd array while 'ftail' is used during the recursive traversal.
1897 static struct bpf_insn *fstart;
1898 static struct bpf_insn *ftail;
1905 * Returns true if successful. Returns false if a branch has
1906 * an offset that is too large. If so, we have marked that
1907 * branch so that on a subsequent iteration, it will be treated
1914 struct bpf_insn *dst;
1918 int extrajmps; /* number of extra jumps inserted */
1919 struct slist **offset = NULL;
1921 if (p == 0 || isMarked(p))
1925 if (convert_code_r(JF(p)) == 0)
1927 if (convert_code_r(JT(p)) == 0)
1930 slen = slength(p->stmts);
1931 dst = ftail -= (slen + 1 + p->longjt + p->longjf);
1932 /* inflate length by any extra jumps */
1934 p->offset = dst - fstart;
1936 /* generate offset[] for convenience */
1938 offset = (struct slist **)calloc(sizeof(struct slist *), slen);
1940 bpf_error("not enough core");
1945 for (off = 0; off < slen && src; off++) {
1947 printf("off=%d src=%x\n", off, src);
1954 for (src = p->stmts; src; src = src->next) {
1955 if (src->s.code == NOP)
1957 dst->code = (u_short)src->s.code;
1960 /* fill block-local relative jump */
1961 if (BPF_CLASS(src->s.code) != BPF_JMP || src->s.code == (BPF_JMP|BPF_JA)) {
1963 if (src->s.jt || src->s.jf) {
1964 bpf_error("illegal jmp destination");
1970 if (off == slen - 2) /*???*/
1976 char *ljerr = "%s for block-local relative jump: off=%d";
1979 printf("code=%x off=%d %x %x\n", src->s.code,
1980 off, src->s.jt, src->s.jf);
1983 if (!src->s.jt || !src->s.jf) {
1984 bpf_error(ljerr, "no jmp destination", off);
1989 for (i = 0; i < slen; i++) {
1990 if (offset[i] == src->s.jt) {
1992 bpf_error(ljerr, "multiple matches", off);
1996 dst->jt = i - off - 1;
1999 if (offset[i] == src->s.jf) {
2001 bpf_error(ljerr, "multiple matches", off);
2004 dst->jf = i - off - 1;
2009 bpf_error(ljerr, "no destination found", off);
2021 bids[dst - fstart] = p->id + 1;
2023 dst->code = (u_short)p->s.code;
2027 off = JT(p)->offset - (p->offset + slen) - 1;
2029 /* offset too large for branch, must add a jump */
2030 if (p->longjt == 0) {
2031 /* mark this instruction and retry */
2035 /* branch if T to following jump */
2036 dst->jt = extrajmps;
2038 dst[extrajmps].code = BPF_JMP|BPF_JA;
2039 dst[extrajmps].k = off - extrajmps;
2043 off = JF(p)->offset - (p->offset + slen) - 1;
2045 /* offset too large for branch, must add a jump */
2046 if (p->longjf == 0) {
2047 /* mark this instruction and retry */
2051 /* branch if F to following jump */
2052 /* if two jumps are inserted, F goes to second one */
2053 dst->jf = extrajmps;
2055 dst[extrajmps].code = BPF_JMP|BPF_JA;
2056 dst[extrajmps].k = off - extrajmps;
2066 * Convert flowgraph intermediate representation to the
2067 * BPF array representation. Set *lenp to the number of instructions.
2070 icode_to_fcode(root, lenp)
2075 struct bpf_insn *fp;
2078 * Loop doing convert_codr_r() until no branches remain
2079 * with too-large offsets.
2083 n = *lenp = count_stmts(root);
2085 fp = (struct bpf_insn *)malloc(sizeof(*fp) * n);
2086 memset((char *)fp, 0, sizeof(*fp) * n);
2091 if (convert_code_r(root))
2100 * Make a copy of a BPF program and put it in the "fcode" member of
2103 * If we fail to allocate memory for the copy, fill in the "errbuf"
2104 * member of the "pcap_t" with an error message, and return -1;
2105 * otherwise, return 0.
2108 install_bpf_program(pcap_t *p, struct bpf_program *fp)
2113 * Free up any already installed program.
2115 pcap_freecode(&p->fcode);
2117 prog_size = sizeof(*fp->bf_insns) * fp->bf_len;
2118 p->fcode.bf_len = fp->bf_len;
2119 p->fcode.bf_insns = (struct bpf_insn *)malloc(prog_size);
2120 if (p->fcode.bf_insns == NULL) {
2121 snprintf(p->errbuf, sizeof(p->errbuf),
2122 "malloc: %s", pcap_strerror(errno));
2125 memcpy(p->fcode.bf_insns, fp->bf_insns, prog_size);
2134 struct bpf_program f;
2136 memset(bids, 0, sizeof bids);
2137 f.bf_insns = icode_to_fcode(root, &f.bf_len);
2140 free((char *)f.bf_insns);
projects / FreeBSD / FreeBSD.git / blob