1 //===--- CFG.cpp - Classes for representing and building CFGs----*- C++ -*-===// 2 // 3 // The LLVM Compiler Infrastructure 4 // 5 // This file is distributed under the University of Illinois Open Source 6 // License. See LICENSE.TXT for details. 7 // 8 //===----------------------------------------------------------------------===// 9 // 10 // This file defines the CFG and CFGBuilder classes for representing and 11 // building Control-Flow Graphs (CFGs) from ASTs. 12 // 13 //===----------------------------------------------------------------------===// 14 15 #include "clang/Analysis/CFG.h" 16 #include "clang/AST/ASTContext.h" 17 #include "clang/AST/Attr.h" 18 #include "clang/AST/CharUnits.h" 19 #include "clang/AST/DeclCXX.h" 20 #include "clang/AST/PrettyPrinter.h" 21 #include "clang/AST/StmtVisitor.h" 22 #include "llvm/ADT/DenseMap.h" 23 #include "llvm/ADT/OwningPtr.h" 24 #include "llvm/ADT/SmallPtrSet.h" 25 #include "llvm/Support/Allocator.h" 26 #include "llvm/Support/Format.h" 27 #include "llvm/Support/GraphWriter.h" 28 #include "llvm/Support/SaveAndRestore.h" 29 30 using namespace clang; 31 32 namespace { 33 34 static SourceLocation GetEndLoc(Decl *D) { 35 if (VarDecl *VD = dyn_cast<VarDecl>(D)) 36 if (Expr *Ex = VD->getInit()) 37 return Ex->getSourceRange().getEnd(); 38 return D->getLocation(); 39 } 40 41 class CFGBuilder; 42 43 /// The CFG builder uses a recursive algorithm to build the CFG. When 44 /// we process an expression, sometimes we know that we must add the 45 /// subexpressions as block-level expressions. For example: 46 /// 47 /// exp1 || exp2 48 /// 49 /// When processing the '||' expression, we know that exp1 and exp2 50 /// need to be added as block-level expressions, even though they 51 /// might not normally need to be. AddStmtChoice records this 52 /// contextual information. If AddStmtChoice is 'NotAlwaysAdd', then 53 /// the builder has an option not to add a subexpression as a 54 /// block-level expression. 55 /// 56 class AddStmtChoice { 57 public: 58 enum Kind { NotAlwaysAdd = 0, AlwaysAdd = 1 }; 59 60 AddStmtChoice(Kind a_kind = NotAlwaysAdd) : kind(a_kind) {} 61 62 bool alwaysAdd(CFGBuilder &builder, 63 const Stmt *stmt) const; 64 65 /// Return a copy of this object, except with the 'always-add' bit 66 /// set as specified. 67 AddStmtChoice withAlwaysAdd(bool alwaysAdd) const { 68 return AddStmtChoice(alwaysAdd ? AlwaysAdd : NotAlwaysAdd); 69 } 70 71 private: 72 Kind kind; 73 }; 74 75 /// LocalScope - Node in tree of local scopes created for C++ implicit 76 /// destructor calls generation. It contains list of automatic variables 77 /// declared in the scope and link to position in previous scope this scope 78 /// began in. 79 /// 80 /// The process of creating local scopes is as follows: 81 /// - Init CFGBuilder::ScopePos with invalid position (equivalent for null), 82 /// - Before processing statements in scope (e.g. CompoundStmt) create 83 /// LocalScope object using CFGBuilder::ScopePos as link to previous scope 84 /// and set CFGBuilder::ScopePos to the end of new scope, 85 /// - On every occurrence of VarDecl increase CFGBuilder::ScopePos if it points 86 /// at this VarDecl, 87 /// - For every normal (without jump) end of scope add to CFGBlock destructors 88 /// for objects in the current scope, 89 /// - For every jump add to CFGBlock destructors for objects 90 /// between CFGBuilder::ScopePos and local scope position saved for jump 91 /// target. Thanks to C++ restrictions on goto jumps we can be sure that 92 /// jump target position will be on the path to root from CFGBuilder::ScopePos 93 /// (adding any variable that doesn't need constructor to be called to 94 /// LocalScope can break this assumption), 95 /// 96 class LocalScope { 97 public: 98 typedef BumpVector<VarDecl*> AutomaticVarsTy; 99 100 /// const_iterator - Iterates local scope backwards and jumps to previous 101 /// scope on reaching the beginning of currently iterated scope. 102 class const_iterator { 103 const LocalScope* Scope; 104 105 /// VarIter is guaranteed to be greater then 0 for every valid iterator. 106 /// Invalid iterator (with null Scope) has VarIter equal to 0. 107 unsigned VarIter; 108 109 public: 110 /// Create invalid iterator. Dereferencing invalid iterator is not allowed. 111 /// Incrementing invalid iterator is allowed and will result in invalid 112 /// iterator. 113 const_iterator() 114 : Scope(NULL), VarIter(0) {} 115 116 /// Create valid iterator. In case when S.Prev is an invalid iterator and 117 /// I is equal to 0, this will create invalid iterator. 118 const_iterator(const LocalScope& S, unsigned I) 119 : Scope(&S), VarIter(I) { 120 // Iterator to "end" of scope is not allowed. Handle it by going up 121 // in scopes tree possibly up to invalid iterator in the root. 122 if (VarIter == 0 && Scope) 123 *this = Scope->Prev; 124 } 125 126 VarDecl *const* operator->() const { 127 assert (Scope && "Dereferencing invalid iterator is not allowed"); 128 assert (VarIter != 0 && "Iterator has invalid value of VarIter member"); 129 return &Scope->Vars[VarIter - 1]; 130 } 131 VarDecl *operator*() const { 132 return *this->operator->(); 133 } 134 135 const_iterator &operator++() { 136 if (!Scope) 137 return *this; 138 139 assert (VarIter != 0 && "Iterator has invalid value of VarIter member"); 140 --VarIter; 141 if (VarIter == 0) 142 *this = Scope->Prev; 143 return *this; 144 } 145 const_iterator operator++(int) { 146 const_iterator P = *this; 147 ++*this; 148 return P; 149 } 150 151 bool operator==(const const_iterator &rhs) const { 152 return Scope == rhs.Scope && VarIter == rhs.VarIter; 153 } 154 bool operator!=(const const_iterator &rhs) const { 155 return !(*this == rhs); 156 } 157 158 LLVM_EXPLICIT operator bool() const { 159 return *this != const_iterator(); 160 } 161 162 int distance(const_iterator L); 163 }; 164 165 friend class const_iterator; 166 167 private: 168 BumpVectorContext ctx; 169 170 /// Automatic variables in order of declaration. 171 AutomaticVarsTy Vars; 172 /// Iterator to variable in previous scope that was declared just before 173 /// begin of this scope. 174 const_iterator Prev; 175 176 public: 177 /// Constructs empty scope linked to previous scope in specified place. 178 LocalScope(BumpVectorContext &ctx, const_iterator P) 179 : ctx(ctx), Vars(ctx, 4), Prev(P) {} 180 181 /// Begin of scope in direction of CFG building (backwards). 182 const_iterator begin() const { return const_iterator(*this, Vars.size()); } 183 184 void addVar(VarDecl *VD) { 185 Vars.push_back(VD, ctx); 186 } 187 }; 188 189 /// distance - Calculates distance from this to L. L must be reachable from this 190 /// (with use of ++ operator). Cost of calculating the distance is linear w.r.t. 191 /// number of scopes between this and L. 192 int LocalScope::const_iterator::distance(LocalScope::const_iterator L) { 193 int D = 0; 194 const_iterator F = *this; 195 while (F.Scope != L.Scope) { 196 assert (F != const_iterator() 197 && "L iterator is not reachable from F iterator."); 198 D += F.VarIter; 199 F = F.Scope->Prev; 200 } 201 D += F.VarIter - L.VarIter; 202 return D; 203 } 204 205 /// BlockScopePosPair - Structure for specifying position in CFG during its 206 /// build process. It consists of CFGBlock that specifies position in CFG graph 207 /// and LocalScope::const_iterator that specifies position in LocalScope graph. 208 struct BlockScopePosPair { 209 BlockScopePosPair() : block(0) {} 210 BlockScopePosPair(CFGBlock *b, LocalScope::const_iterator scopePos) 211 : block(b), scopePosition(scopePos) {} 212 213 CFGBlock *block; 214 LocalScope::const_iterator scopePosition; 215 }; 216 217 /// TryResult - a class representing a variant over the values 218 /// 'true', 'false', or 'unknown'. This is returned by tryEvaluateBool, 219 /// and is used by the CFGBuilder to decide if a branch condition 220 /// can be decided up front during CFG construction. 221 class TryResult { 222 int X; 223 public: 224 TryResult(bool b) : X(b ? 1 : 0) {} 225 TryResult() : X(-1) {} 226 227 bool isTrue() const { return X == 1; } 228 bool isFalse() const { return X == 0; } 229 bool isKnown() const { return X >= 0; } 230 void negate() { 231 assert(isKnown()); 232 X ^= 0x1; 233 } 234 }; 235 236 class reverse_children { 237 llvm::SmallVector<Stmt *, 12> childrenBuf; 238 ArrayRef<Stmt*> children; 239 public: 240 reverse_children(Stmt *S); 241 242 typedef ArrayRef<Stmt*>::reverse_iterator iterator; 243 iterator begin() const { return children.rbegin(); } 244 iterator end() const { return children.rend(); } 245 }; 246 247 248 reverse_children::reverse_children(Stmt *S) { 249 if (CallExpr *CE = dyn_cast<CallExpr>(S)) { 250 children = CE->getRawSubExprs(); 251 return; 252 } 253 switch (S->getStmtClass()) { 254 // Note: Fill in this switch with more cases we want to optimize. 255 case Stmt::InitListExprClass: { 256 InitListExpr *IE = cast<InitListExpr>(S); 257 children = llvm::makeArrayRef(reinterpret_cast<Stmt**>(IE->getInits()), 258 IE->getNumInits()); 259 return; 260 } 261 default: 262 break; 263 } 264 265 // Default case for all other statements. 266 for (Stmt::child_range I = S->children(); I; ++I) { 267 childrenBuf.push_back(*I); 268 } 269 270 // This needs to be done *after* childrenBuf has been populated. 271 children = childrenBuf; 272 } 273 274 /// CFGBuilder - This class implements CFG construction from an AST. 275 /// The builder is stateful: an instance of the builder should be used to only 276 /// construct a single CFG. 277 /// 278 /// Example usage: 279 /// 280 /// CFGBuilder builder; 281 /// CFG* cfg = builder.BuildAST(stmt1); 282 /// 283 /// CFG construction is done via a recursive walk of an AST. We actually parse 284 /// the AST in reverse order so that the successor of a basic block is 285 /// constructed prior to its predecessor. This allows us to nicely capture 286 /// implicit fall-throughs without extra basic blocks. 287 /// 288 class CFGBuilder { 289 typedef BlockScopePosPair JumpTarget; 290 typedef BlockScopePosPair JumpSource; 291 292 ASTContext *Context; 293 OwningPtr<CFG> cfg; 294 295 CFGBlock *Block; 296 CFGBlock *Succ; 297 JumpTarget ContinueJumpTarget; 298 JumpTarget BreakJumpTarget; 299 CFGBlock *SwitchTerminatedBlock; 300 CFGBlock *DefaultCaseBlock; 301 CFGBlock *TryTerminatedBlock; 302 303 // Current position in local scope. 304 LocalScope::const_iterator ScopePos; 305 306 // LabelMap records the mapping from Label expressions to their jump targets. 307 typedef llvm::DenseMap<LabelDecl*, JumpTarget> LabelMapTy; 308 LabelMapTy LabelMap; 309 310 // A list of blocks that end with a "goto" that must be backpatched to their 311 // resolved targets upon completion of CFG construction. 312 typedef std::vector<JumpSource> BackpatchBlocksTy; 313 BackpatchBlocksTy BackpatchBlocks; 314 315 // A list of labels whose address has been taken (for indirect gotos). 316 typedef llvm::SmallPtrSet<LabelDecl*, 5> LabelSetTy; 317 LabelSetTy AddressTakenLabels; 318 319 bool badCFG; 320 const CFG::BuildOptions &BuildOpts; 321 322 // State to track for building switch statements. 323 bool switchExclusivelyCovered; 324 Expr::EvalResult *switchCond; 325 326 CFG::BuildOptions::ForcedBlkExprs::value_type *cachedEntry; 327 const Stmt *lastLookup; 328 329 // Caches boolean evaluations of expressions to avoid multiple re-evaluations 330 // during construction of branches for chained logical operators. 331 typedef llvm::DenseMap<Expr *, TryResult> CachedBoolEvalsTy; 332 CachedBoolEvalsTy CachedBoolEvals; 333 334 public: 335 explicit CFGBuilder(ASTContext *astContext, 336 const CFG::BuildOptions &buildOpts) 337 : Context(astContext), cfg(new CFG()), // crew a new CFG 338 Block(NULL), Succ(NULL), 339 SwitchTerminatedBlock(NULL), DefaultCaseBlock(NULL), 340 TryTerminatedBlock(NULL), badCFG(false), BuildOpts(buildOpts), 341 switchExclusivelyCovered(false), switchCond(0), 342 cachedEntry(0), lastLookup(0) {} 343 344 // buildCFG - Used by external clients to construct the CFG. 345 CFG* buildCFG(const Decl *D, Stmt *Statement); 346 347 bool alwaysAdd(const Stmt *stmt); 348 349 private: 350 // Visitors to walk an AST and construct the CFG. 351 CFGBlock *VisitAddrLabelExpr(AddrLabelExpr *A, AddStmtChoice asc); 352 CFGBlock *VisitBinaryOperator(BinaryOperator *B, AddStmtChoice asc); 353 CFGBlock *VisitBreakStmt(BreakStmt *B); 354 CFGBlock *VisitCallExpr(CallExpr *C, AddStmtChoice asc); 355 CFGBlock *VisitCaseStmt(CaseStmt *C); 356 CFGBlock *VisitChooseExpr(ChooseExpr *C, AddStmtChoice asc); 357 CFGBlock *VisitCompoundStmt(CompoundStmt *C); 358 CFGBlock *VisitConditionalOperator(AbstractConditionalOperator *C, 359 AddStmtChoice asc); 360 CFGBlock *VisitContinueStmt(ContinueStmt *C); 361 CFGBlock *VisitCXXBindTemporaryExpr(CXXBindTemporaryExpr *E, 362 AddStmtChoice asc); 363 CFGBlock *VisitCXXCatchStmt(CXXCatchStmt *S); 364 CFGBlock *VisitCXXConstructExpr(CXXConstructExpr *C, AddStmtChoice asc); 365 CFGBlock *VisitCXXForRangeStmt(CXXForRangeStmt *S); 366 CFGBlock *VisitCXXFunctionalCastExpr(CXXFunctionalCastExpr *E, 367 AddStmtChoice asc); 368 CFGBlock *VisitCXXTemporaryObjectExpr(CXXTemporaryObjectExpr *C, 369 AddStmtChoice asc); 370 CFGBlock *VisitCXXThrowExpr(CXXThrowExpr *T); 371 CFGBlock *VisitCXXTryStmt(CXXTryStmt *S); 372 CFGBlock *VisitDeclStmt(DeclStmt *DS); 373 CFGBlock *VisitDeclSubExpr(DeclStmt *DS); 374 CFGBlock *VisitDefaultStmt(DefaultStmt *D); 375 CFGBlock *VisitDoStmt(DoStmt *D); 376 CFGBlock *VisitExprWithCleanups(ExprWithCleanups *E, AddStmtChoice asc); 377 CFGBlock *VisitForStmt(ForStmt *F); 378 CFGBlock *VisitGotoStmt(GotoStmt *G); 379 CFGBlock *VisitIfStmt(IfStmt *I); 380 CFGBlock *VisitImplicitCastExpr(ImplicitCastExpr *E, AddStmtChoice asc); 381 CFGBlock *VisitIndirectGotoStmt(IndirectGotoStmt *I); 382 CFGBlock *VisitLabelStmt(LabelStmt *L); 383 CFGBlock *VisitLambdaExpr(LambdaExpr *E, AddStmtChoice asc); 384 CFGBlock *VisitLogicalOperator(BinaryOperator *B); 385 std::pair<CFGBlock *, CFGBlock *> VisitLogicalOperator(BinaryOperator *B, 386 Stmt *Term, 387 CFGBlock *TrueBlock, 388 CFGBlock *FalseBlock); 389 CFGBlock *VisitMemberExpr(MemberExpr *M, AddStmtChoice asc); 390 CFGBlock *VisitObjCAtCatchStmt(ObjCAtCatchStmt *S); 391 CFGBlock *VisitObjCAtSynchronizedStmt(ObjCAtSynchronizedStmt *S); 392 CFGBlock *VisitObjCAtThrowStmt(ObjCAtThrowStmt *S); 393 CFGBlock *VisitObjCAtTryStmt(ObjCAtTryStmt *S); 394 CFGBlock *VisitObjCAutoreleasePoolStmt(ObjCAutoreleasePoolStmt *S); 395 CFGBlock *VisitObjCForCollectionStmt(ObjCForCollectionStmt *S); 396 CFGBlock *VisitPseudoObjectExpr(PseudoObjectExpr *E); 397 CFGBlock *VisitReturnStmt(ReturnStmt *R); 398 CFGBlock *VisitStmtExpr(StmtExpr *S, AddStmtChoice asc); 399 CFGBlock *VisitSwitchStmt(SwitchStmt *S); 400 CFGBlock *VisitUnaryExprOrTypeTraitExpr(UnaryExprOrTypeTraitExpr *E, 401 AddStmtChoice asc); 402 CFGBlock *VisitUnaryOperator(UnaryOperator *U, AddStmtChoice asc); 403 CFGBlock *VisitWhileStmt(WhileStmt *W); 404 405 CFGBlock *Visit(Stmt *S, AddStmtChoice asc = AddStmtChoice::NotAlwaysAdd); 406 CFGBlock *VisitStmt(Stmt *S, AddStmtChoice asc); 407 CFGBlock *VisitChildren(Stmt *S); 408 CFGBlock *VisitNoRecurse(Expr *E, AddStmtChoice asc); 409 410 // Visitors to walk an AST and generate destructors of temporaries in 411 // full expression. 412 CFGBlock *VisitForTemporaryDtors(Stmt *E, bool BindToTemporary = false); 413 CFGBlock *VisitChildrenForTemporaryDtors(Stmt *E); 414 CFGBlock *VisitBinaryOperatorForTemporaryDtors(BinaryOperator *E); 415 CFGBlock *VisitCXXBindTemporaryExprForTemporaryDtors(CXXBindTemporaryExpr *E, 416 bool BindToTemporary); 417 CFGBlock * 418 VisitConditionalOperatorForTemporaryDtors(AbstractConditionalOperator *E, 419 bool BindToTemporary); 420 421 // NYS == Not Yet Supported 422 CFGBlock *NYS() { 423 badCFG = true; 424 return Block; 425 } 426 427 void autoCreateBlock() { if (!Block) Block = createBlock(); } 428 CFGBlock *createBlock(bool add_successor = true); 429 CFGBlock *createNoReturnBlock(); 430 431 CFGBlock *addStmt(Stmt *S) { 432 return Visit(S, AddStmtChoice::AlwaysAdd); 433 } 434 CFGBlock *addInitializer(CXXCtorInitializer *I); 435 void addAutomaticObjDtors(LocalScope::const_iterator B, 436 LocalScope::const_iterator E, Stmt *S); 437 void addImplicitDtorsForDestructor(const CXXDestructorDecl *DD); 438 439 // Local scopes creation. 440 LocalScope* createOrReuseLocalScope(LocalScope* Scope); 441 442 void addLocalScopeForStmt(Stmt *S); 443 LocalScope* addLocalScopeForDeclStmt(DeclStmt *DS, LocalScope* Scope = NULL); 444 LocalScope* addLocalScopeForVarDecl(VarDecl *VD, LocalScope* Scope = NULL); 445 446 void addLocalScopeAndDtors(Stmt *S); 447 448 // Interface to CFGBlock - adding CFGElements. 449 void appendStmt(CFGBlock *B, const Stmt *S) { 450 if (alwaysAdd(S) && cachedEntry) 451 cachedEntry->second = B; 452 453 // All block-level expressions should have already been IgnoreParens()ed. 454 assert(!isa<Expr>(S) || cast<Expr>(S)->IgnoreParens() == S); 455 B->appendStmt(const_cast<Stmt*>(S), cfg->getBumpVectorContext()); 456 } 457 void appendInitializer(CFGBlock *B, CXXCtorInitializer *I) { 458 B->appendInitializer(I, cfg->getBumpVectorContext()); 459 } 460 void appendBaseDtor(CFGBlock *B, const CXXBaseSpecifier *BS) { 461 B->appendBaseDtor(BS, cfg->getBumpVectorContext()); 462 } 463 void appendMemberDtor(CFGBlock *B, FieldDecl *FD) { 464 B->appendMemberDtor(FD, cfg->getBumpVectorContext()); 465 } 466 void appendTemporaryDtor(CFGBlock *B, CXXBindTemporaryExpr *E) { 467 B->appendTemporaryDtor(E, cfg->getBumpVectorContext()); 468 } 469 void appendAutomaticObjDtor(CFGBlock *B, VarDecl *VD, Stmt *S) { 470 B->appendAutomaticObjDtor(VD, S, cfg->getBumpVectorContext()); 471 } 472 473 void prependAutomaticObjDtorsWithTerminator(CFGBlock *Blk, 474 LocalScope::const_iterator B, LocalScope::const_iterator E); 475 476 void addSuccessor(CFGBlock *B, CFGBlock *S) { 477 B->addSuccessor(S, cfg->getBumpVectorContext()); 478 } 479 480 /// Try and evaluate an expression to an integer constant. 481 bool tryEvaluate(Expr *S, Expr::EvalResult &outResult) { 482 if (!BuildOpts.PruneTriviallyFalseEdges) 483 return false; 484 return !S->isTypeDependent() && 485 !S->isValueDependent() && 486 S->EvaluateAsRValue(outResult, *Context); 487 } 488 489 /// tryEvaluateBool - Try and evaluate the Stmt and return 0 or 1 490 /// if we can evaluate to a known value, otherwise return -1. 491 TryResult tryEvaluateBool(Expr *S) { 492 if (!BuildOpts.PruneTriviallyFalseEdges || 493 S->isTypeDependent() || S->isValueDependent()) 494 return TryResult(); 495 496 if (BinaryOperator *Bop = dyn_cast<BinaryOperator>(S)) { 497 if (Bop->isLogicalOp()) { 498 // Check the cache first. 499 CachedBoolEvalsTy::iterator I = CachedBoolEvals.find(S); 500 if (I != CachedBoolEvals.end()) 501 return I->second; // already in map; 502 503 // Retrieve result at first, or the map might be updated. 504 TryResult Result = evaluateAsBooleanConditionNoCache(S); 505 CachedBoolEvals[S] = Result; // update or insert 506 return Result; 507 } 508 else { 509 switch (Bop->getOpcode()) { 510 default: break; 511 // For 'x & 0' and 'x * 0', we can determine that 512 // the value is always false. 513 case BO_Mul: 514 case BO_And: { 515 // If either operand is zero, we know the value 516 // must be false. 517 llvm::APSInt IntVal; 518 if (Bop->getLHS()->EvaluateAsInt(IntVal, *Context)) { 519 if (IntVal.getBoolValue() == false) { 520 return TryResult(false); 521 } 522 } 523 if (Bop->getRHS()->EvaluateAsInt(IntVal, *Context)) { 524 if (IntVal.getBoolValue() == false) { 525 return TryResult(false); 526 } 527 } 528 } 529 break; 530 } 531 } 532 } 533 534 return evaluateAsBooleanConditionNoCache(S); 535 } 536 537 /// \brief Evaluate as boolean \param E without using the cache. 538 TryResult evaluateAsBooleanConditionNoCache(Expr *E) { 539 if (BinaryOperator *Bop = dyn_cast<BinaryOperator>(E)) { 540 if (Bop->isLogicalOp()) { 541 TryResult LHS = tryEvaluateBool(Bop->getLHS()); 542 if (LHS.isKnown()) { 543 // We were able to evaluate the LHS, see if we can get away with not 544 // evaluating the RHS: 0 && X -> 0, 1 || X -> 1 545 if (LHS.isTrue() == (Bop->getOpcode() == BO_LOr)) 546 return LHS.isTrue(); 547 548 TryResult RHS = tryEvaluateBool(Bop->getRHS()); 549 if (RHS.isKnown()) { 550 if (Bop->getOpcode() == BO_LOr) 551 return LHS.isTrue() || RHS.isTrue(); 552 else 553 return LHS.isTrue() && RHS.isTrue(); 554 } 555 } else { 556 TryResult RHS = tryEvaluateBool(Bop->getRHS()); 557 if (RHS.isKnown()) { 558 // We can't evaluate the LHS; however, sometimes the result 559 // is determined by the RHS: X && 0 -> 0, X || 1 -> 1. 560 if (RHS.isTrue() == (Bop->getOpcode() == BO_LOr)) 561 return RHS.isTrue(); 562 } 563 } 564 565 return TryResult(); 566 } 567 } 568 569 bool Result; 570 if (E->EvaluateAsBooleanCondition(Result, *Context)) 571 return Result; 572 573 return TryResult(); 574 } 575 576 }; 577 578 inline bool AddStmtChoice::alwaysAdd(CFGBuilder &builder, 579 const Stmt *stmt) const { 580 return builder.alwaysAdd(stmt) || kind == AlwaysAdd; 581 } 582 583 bool CFGBuilder::alwaysAdd(const Stmt *stmt) { 584 bool shouldAdd = BuildOpts.alwaysAdd(stmt); 585 586 if (!BuildOpts.forcedBlkExprs) 587 return shouldAdd; 588 589 if (lastLookup == stmt) { 590 if (cachedEntry) { 591 assert(cachedEntry->first == stmt); 592 return true; 593 } 594 return shouldAdd; 595 } 596 597 lastLookup = stmt; 598 599 // Perform the lookup! 600 CFG::BuildOptions::ForcedBlkExprs *fb = *BuildOpts.forcedBlkExprs; 601 602 if (!fb) { 603 // No need to update 'cachedEntry', since it will always be null. 604 assert(cachedEntry == 0); 605 return shouldAdd; 606 } 607 608 CFG::BuildOptions::ForcedBlkExprs::iterator itr = fb->find(stmt); 609 if (itr == fb->end()) { 610 cachedEntry = 0; 611 return shouldAdd; 612 } 613 614 cachedEntry = &*itr; 615 return true; 616 } 617 618 // FIXME: Add support for dependent-sized array types in C++? 619 // Does it even make sense to build a CFG for an uninstantiated template? 620 static const VariableArrayType *FindVA(const Type *t) { 621 while (const ArrayType *vt = dyn_cast<ArrayType>(t)) { 622 if (const VariableArrayType *vat = dyn_cast<VariableArrayType>(vt)) 623 if (vat->getSizeExpr()) 624 return vat; 625 626 t = vt->getElementType().getTypePtr(); 627 } 628 629 return 0; 630 } 631 632 /// BuildCFG - Constructs a CFG from an AST (a Stmt*). The AST can represent an 633 /// arbitrary statement. Examples include a single expression or a function 634 /// body (compound statement). The ownership of the returned CFG is 635 /// transferred to the caller. If CFG construction fails, this method returns 636 /// NULL. 637 CFG* CFGBuilder::buildCFG(const Decl *D, Stmt *Statement) { 638 assert(cfg.get()); 639 if (!Statement) 640 return NULL; 641 642 // Create an empty block that will serve as the exit block for the CFG. Since 643 // this is the first block added to the CFG, it will be implicitly registered 644 // as the exit block. 645 Succ = createBlock(); 646 assert(Succ == &cfg->getExit()); 647 Block = NULL; // the EXIT block is empty. Create all other blocks lazily. 648 649 if (BuildOpts.AddImplicitDtors) 650 if (const CXXDestructorDecl *DD = dyn_cast_or_null<CXXDestructorDecl>(D)) 651 addImplicitDtorsForDestructor(DD); 652 653 // Visit the statements and create the CFG. 654 CFGBlock *B = addStmt(Statement); 655 656 if (badCFG) 657 return NULL; 658 659 // For C++ constructor add initializers to CFG. 660 if (const CXXConstructorDecl *CD = dyn_cast_or_null<CXXConstructorDecl>(D)) { 661 for (CXXConstructorDecl::init_const_reverse_iterator I = CD->init_rbegin(), 662 E = CD->init_rend(); I != E; ++I) { 663 B = addInitializer(*I); 664 if (badCFG) 665 return NULL; 666 } 667 } 668 669 if (B) 670 Succ = B; 671 672 // Backpatch the gotos whose label -> block mappings we didn't know when we 673 // encountered them. 674 for (BackpatchBlocksTy::iterator I = BackpatchBlocks.begin(), 675 E = BackpatchBlocks.end(); I != E; ++I ) { 676 677 CFGBlock *B = I->block; 678 const GotoStmt *G = cast<GotoStmt>(B->getTerminator()); 679 LabelMapTy::iterator LI = LabelMap.find(G->getLabel()); 680 681 // If there is no target for the goto, then we are looking at an 682 // incomplete AST. Handle this by not registering a successor. 683 if (LI == LabelMap.end()) continue; 684 685 JumpTarget JT = LI->second; 686 prependAutomaticObjDtorsWithTerminator(B, I->scopePosition, 687 JT.scopePosition); 688 addSuccessor(B, JT.block); 689 } 690 691 // Add successors to the Indirect Goto Dispatch block (if we have one). 692 if (CFGBlock *B = cfg->getIndirectGotoBlock()) 693 for (LabelSetTy::iterator I = AddressTakenLabels.begin(), 694 E = AddressTakenLabels.end(); I != E; ++I ) { 695 696 // Lookup the target block. 697 LabelMapTy::iterator LI = LabelMap.find(*I); 698 699 // If there is no target block that contains label, then we are looking 700 // at an incomplete AST. Handle this by not registering a successor. 701 if (LI == LabelMap.end()) continue; 702 703 addSuccessor(B, LI->second.block); 704 } 705 706 // Create an empty entry block that has no predecessors. 707 cfg->setEntry(createBlock()); 708 709 return cfg.take(); 710 } 711 712 /// createBlock - Used to lazily create blocks that are connected 713 /// to the current (global) succcessor. 714 CFGBlock *CFGBuilder::createBlock(bool add_successor) { 715 CFGBlock *B = cfg->createBlock(); 716 if (add_successor && Succ) 717 addSuccessor(B, Succ); 718 return B; 719 } 720 721 /// createNoReturnBlock - Used to create a block is a 'noreturn' point in the 722 /// CFG. It is *not* connected to the current (global) successor, and instead 723 /// directly tied to the exit block in order to be reachable. 724 CFGBlock *CFGBuilder::createNoReturnBlock() { 725 CFGBlock *B = createBlock(false); 726 B->setHasNoReturnElement(); 727 addSuccessor(B, &cfg->getExit()); 728 return B; 729 } 730 731 /// addInitializer - Add C++ base or member initializer element to CFG. 732 CFGBlock *CFGBuilder::addInitializer(CXXCtorInitializer *I) { 733 if (!BuildOpts.AddInitializers) 734 return Block; 735 736 bool IsReference = false; 737 bool HasTemporaries = false; 738 739 // Destructors of temporaries in initialization expression should be called 740 // after initialization finishes. 741 Expr *Init = I->getInit(); 742 if (Init) { 743 if (FieldDecl *FD = I->getAnyMember()) 744 IsReference = FD->getType()->isReferenceType(); 745 HasTemporaries = isa<ExprWithCleanups>(Init); 746 747 if (BuildOpts.AddTemporaryDtors && HasTemporaries) { 748 // Generate destructors for temporaries in initialization expression. 749 VisitForTemporaryDtors(cast<ExprWithCleanups>(Init)->getSubExpr(), 750 IsReference); 751 } 752 } 753 754 autoCreateBlock(); 755 appendInitializer(Block, I); 756 757 if (Init) { 758 if (HasTemporaries) { 759 // For expression with temporaries go directly to subexpression to omit 760 // generating destructors for the second time. 761 return Visit(cast<ExprWithCleanups>(Init)->getSubExpr()); 762 } 763 return Visit(Init); 764 } 765 766 return Block; 767 } 768 769 /// \brief Retrieve the type of the temporary object whose lifetime was 770 /// extended by a local reference with the given initializer. 771 static QualType getReferenceInitTemporaryType(ASTContext &Context, 772 const Expr *Init) { 773 while (true) { 774 // Skip parentheses. 775 Init = Init->IgnoreParens(); 776 777 // Skip through cleanups. 778 if (const ExprWithCleanups *EWC = dyn_cast<ExprWithCleanups>(Init)) { 779 Init = EWC->getSubExpr(); 780 continue; 781 } 782 783 // Skip through the temporary-materialization expression. 784 if (const MaterializeTemporaryExpr *MTE 785 = dyn_cast<MaterializeTemporaryExpr>(Init)) { 786 Init = MTE->GetTemporaryExpr(); 787 continue; 788 } 789 790 // Skip derived-to-base and no-op casts. 791 if (const CastExpr *CE = dyn_cast<CastExpr>(Init)) { 792 if ((CE->getCastKind() == CK_DerivedToBase || 793 CE->getCastKind() == CK_UncheckedDerivedToBase || 794 CE->getCastKind() == CK_NoOp) && 795 Init->getType()->isRecordType()) { 796 Init = CE->getSubExpr(); 797 continue; 798 } 799 } 800 801 // Skip member accesses into rvalues. 802 if (const MemberExpr *ME = dyn_cast<MemberExpr>(Init)) { 803 if (!ME->isArrow() && ME->getBase()->isRValue()) { 804 Init = ME->getBase(); 805 continue; 806 } 807 } 808 809 break; 810 } 811 812 return Init->getType(); 813 } 814 815 /// addAutomaticObjDtors - Add to current block automatic objects destructors 816 /// for objects in range of local scope positions. Use S as trigger statement 817 /// for destructors. 818 void CFGBuilder::addAutomaticObjDtors(LocalScope::const_iterator B, 819 LocalScope::const_iterator E, Stmt *S) { 820 if (!BuildOpts.AddImplicitDtors) 821 return; 822 823 if (B == E) 824 return; 825 826 // We need to append the destructors in reverse order, but any one of them 827 // may be a no-return destructor which changes the CFG. As a result, buffer 828 // this sequence up and replay them in reverse order when appending onto the 829 // CFGBlock(s). 830 SmallVector<VarDecl*, 10> Decls; 831 Decls.reserve(B.distance(E)); 832 for (LocalScope::const_iterator I = B; I != E; ++I) 833 Decls.push_back(*I); 834 835 for (SmallVectorImpl<VarDecl*>::reverse_iterator I = Decls.rbegin(), 836 E = Decls.rend(); 837 I != E; ++I) { 838 // If this destructor is marked as a no-return destructor, we need to 839 // create a new block for the destructor which does not have as a successor 840 // anything built thus far: control won't flow out of this block. 841 QualType Ty = (*I)->getType(); 842 if (Ty->isReferenceType()) { 843 Ty = getReferenceInitTemporaryType(*Context, (*I)->getInit()); 844 } 845 Ty = Context->getBaseElementType(Ty); 846 847 const CXXDestructorDecl *Dtor = Ty->getAsCXXRecordDecl()->getDestructor(); 848 if (Dtor->isNoReturn()) 849 Block = createNoReturnBlock(); 850 else 851 autoCreateBlock(); 852 853 appendAutomaticObjDtor(Block, *I, S); 854 } 855 } 856 857 /// addImplicitDtorsForDestructor - Add implicit destructors generated for 858 /// base and member objects in destructor. 859 void CFGBuilder::addImplicitDtorsForDestructor(const CXXDestructorDecl *DD) { 860 assert (BuildOpts.AddImplicitDtors 861 && "Can be called only when dtors should be added"); 862 const CXXRecordDecl *RD = DD->getParent(); 863 864 // At the end destroy virtual base objects. 865 for (CXXRecordDecl::base_class_const_iterator VI = RD->vbases_begin(), 866 VE = RD->vbases_end(); VI != VE; ++VI) { 867 const CXXRecordDecl *CD = VI->getType()->getAsCXXRecordDecl(); 868 if (!CD->hasTrivialDestructor()) { 869 autoCreateBlock(); 870 appendBaseDtor(Block, VI); 871 } 872 } 873 874 // Before virtual bases destroy direct base objects. 875 for (CXXRecordDecl::base_class_const_iterator BI = RD->bases_begin(), 876 BE = RD->bases_end(); BI != BE; ++BI) { 877 if (!BI->isVirtual()) { 878 const CXXRecordDecl *CD = BI->getType()->getAsCXXRecordDecl(); 879 if (!CD->hasTrivialDestructor()) { 880 autoCreateBlock(); 881 appendBaseDtor(Block, BI); 882 } 883 } 884 } 885 886 // First destroy member objects. 887 for (CXXRecordDecl::field_iterator FI = RD->field_begin(), 888 FE = RD->field_end(); FI != FE; ++FI) { 889 // Check for constant size array. Set type to array element type. 890 QualType QT = FI->getType(); 891 if (const ConstantArrayType *AT = Context->getAsConstantArrayType(QT)) { 892 if (AT->getSize() == 0) 893 continue; 894 QT = AT->getElementType(); 895 } 896 897 if (const CXXRecordDecl *CD = QT->getAsCXXRecordDecl()) 898 if (!CD->hasTrivialDestructor()) { 899 autoCreateBlock(); 900 appendMemberDtor(Block, *FI); 901 } 902 } 903 } 904 905 /// createOrReuseLocalScope - If Scope is NULL create new LocalScope. Either 906 /// way return valid LocalScope object. 907 LocalScope* CFGBuilder::createOrReuseLocalScope(LocalScope* Scope) { 908 if (!Scope) { 909 llvm::BumpPtrAllocator &alloc = cfg->getAllocator(); 910 Scope = alloc.Allocate<LocalScope>(); 911 BumpVectorContext ctx(alloc); 912 new (Scope) LocalScope(ctx, ScopePos); 913 } 914 return Scope; 915 } 916 917 /// addLocalScopeForStmt - Add LocalScope to local scopes tree for statement 918 /// that should create implicit scope (e.g. if/else substatements). 919 void CFGBuilder::addLocalScopeForStmt(Stmt *S) { 920 if (!BuildOpts.AddImplicitDtors) 921 return; 922 923 LocalScope *Scope = 0; 924 925 // For compound statement we will be creating explicit scope. 926 if (CompoundStmt *CS = dyn_cast<CompoundStmt>(S)) { 927 for (CompoundStmt::body_iterator BI = CS->body_begin(), BE = CS->body_end() 928 ; BI != BE; ++BI) { 929 Stmt *SI = (*BI)->stripLabelLikeStatements(); 930 if (DeclStmt *DS = dyn_cast<DeclStmt>(SI)) 931 Scope = addLocalScopeForDeclStmt(DS, Scope); 932 } 933 return; 934 } 935 936 // For any other statement scope will be implicit and as such will be 937 // interesting only for DeclStmt. 938 if (DeclStmt *DS = dyn_cast<DeclStmt>(S->stripLabelLikeStatements())) 939 addLocalScopeForDeclStmt(DS); 940 } 941 942 /// addLocalScopeForDeclStmt - Add LocalScope for declaration statement. Will 943 /// reuse Scope if not NULL. 944 LocalScope* CFGBuilder::addLocalScopeForDeclStmt(DeclStmt *DS, 945 LocalScope* Scope) { 946 if (!BuildOpts.AddImplicitDtors) 947 return Scope; 948 949 for (DeclStmt::decl_iterator DI = DS->decl_begin(), DE = DS->decl_end() 950 ; DI != DE; ++DI) { 951 if (VarDecl *VD = dyn_cast<VarDecl>(*DI)) 952 Scope = addLocalScopeForVarDecl(VD, Scope); 953 } 954 return Scope; 955 } 956 957 /// addLocalScopeForVarDecl - Add LocalScope for variable declaration. It will 958 /// create add scope for automatic objects and temporary objects bound to 959 /// const reference. Will reuse Scope if not NULL. 960 LocalScope* CFGBuilder::addLocalScopeForVarDecl(VarDecl *VD, 961 LocalScope* Scope) { 962 if (!BuildOpts.AddImplicitDtors) 963 return Scope; 964 965 // Check if variable is local. 966 switch (VD->getStorageClass()) { 967 case SC_None: 968 case SC_Auto: 969 case SC_Register: 970 break; 971 default: return Scope; 972 } 973 974 // Check for const references bound to temporary. Set type to pointee. 975 QualType QT = VD->getType(); 976 if (QT.getTypePtr()->isReferenceType()) { 977 // Attempt to determine whether this declaration lifetime-extends a 978 // temporary. 979 // 980 // FIXME: This is incorrect. Non-reference declarations can lifetime-extend 981 // temporaries, and a single declaration can extend multiple temporaries. 982 // We should look at the storage duration on each nested 983 // MaterializeTemporaryExpr instead. 984 const Expr *Init = VD->getInit(); 985 if (!Init) 986 return Scope; 987 if (const ExprWithCleanups *EWC = dyn_cast<ExprWithCleanups>(Init)) 988 Init = EWC->getSubExpr(); 989 if (!isa<MaterializeTemporaryExpr>(Init)) 990 return Scope; 991 992 // Lifetime-extending a temporary. 993 QT = getReferenceInitTemporaryType(*Context, Init); 994 } 995 996 // Check for constant size array. Set type to array element type. 997 while (const ConstantArrayType *AT = Context->getAsConstantArrayType(QT)) { 998 if (AT->getSize() == 0) 999 return Scope; 1000 QT = AT->getElementType(); 1001 } 1002 1003 // Check if type is a C++ class with non-trivial destructor. 1004 if (const CXXRecordDecl *CD = QT->getAsCXXRecordDecl()) 1005 if (!CD->hasTrivialDestructor()) { 1006 // Add the variable to scope 1007 Scope = createOrReuseLocalScope(Scope); 1008 Scope->addVar(VD); 1009 ScopePos = Scope->begin(); 1010 } 1011 return Scope; 1012 } 1013 1014 /// addLocalScopeAndDtors - For given statement add local scope for it and 1015 /// add destructors that will cleanup the scope. Will reuse Scope if not NULL. 1016 void CFGBuilder::addLocalScopeAndDtors(Stmt *S) { 1017 if (!BuildOpts.AddImplicitDtors) 1018 return; 1019 1020 LocalScope::const_iterator scopeBeginPos = ScopePos; 1021 addLocalScopeForStmt(S); 1022 addAutomaticObjDtors(ScopePos, scopeBeginPos, S); 1023 } 1024 1025 /// prependAutomaticObjDtorsWithTerminator - Prepend destructor CFGElements for 1026 /// variables with automatic storage duration to CFGBlock's elements vector. 1027 /// Elements will be prepended to physical beginning of the vector which 1028 /// happens to be logical end. Use blocks terminator as statement that specifies 1029 /// destructors call site. 1030 /// FIXME: This mechanism for adding automatic destructors doesn't handle 1031 /// no-return destructors properly. 1032 void CFGBuilder::prependAutomaticObjDtorsWithTerminator(CFGBlock *Blk, 1033 LocalScope::const_iterator B, LocalScope::const_iterator E) { 1034 BumpVectorContext &C = cfg->getBumpVectorContext(); 1035 CFGBlock::iterator InsertPos 1036 = Blk->beginAutomaticObjDtorsInsert(Blk->end(), B.distance(E), C); 1037 for (LocalScope::const_iterator I = B; I != E; ++I) 1038 InsertPos = Blk->insertAutomaticObjDtor(InsertPos, *I, 1039 Blk->getTerminator()); 1040 } 1041 1042 /// Visit - Walk the subtree of a statement and add extra 1043 /// blocks for ternary operators, &&, and ||. We also process "," and 1044 /// DeclStmts (which may contain nested control-flow). 1045 CFGBlock *CFGBuilder::Visit(Stmt * S, AddStmtChoice asc) { 1046 if (!S) { 1047 badCFG = true; 1048 return 0; 1049 } 1050 1051 if (Expr *E = dyn_cast<Expr>(S)) 1052 S = E->IgnoreParens(); 1053 1054 switch (S->getStmtClass()) { 1055 default: 1056 return VisitStmt(S, asc); 1057 1058 case Stmt::AddrLabelExprClass: 1059 return VisitAddrLabelExpr(cast<AddrLabelExpr>(S), asc); 1060 1061 case Stmt::BinaryConditionalOperatorClass: 1062 return VisitConditionalOperator(cast<BinaryConditionalOperator>(S), asc); 1063 1064 case Stmt::BinaryOperatorClass: 1065 return VisitBinaryOperator(cast<BinaryOperator>(S), asc); 1066 1067 case Stmt::BlockExprClass: 1068 return VisitNoRecurse(cast<Expr>(S), asc); 1069 1070 case Stmt::BreakStmtClass: 1071 return VisitBreakStmt(cast<BreakStmt>(S)); 1072 1073 case Stmt::CallExprClass: 1074 case Stmt::CXXOperatorCallExprClass: 1075 case Stmt::CXXMemberCallExprClass: 1076 case Stmt::UserDefinedLiteralClass: 1077 return VisitCallExpr(cast<CallExpr>(S), asc); 1078 1079 case Stmt::CaseStmtClass: 1080 return VisitCaseStmt(cast<CaseStmt>(S)); 1081 1082 case Stmt::ChooseExprClass: 1083 return VisitChooseExpr(cast<ChooseExpr>(S), asc); 1084 1085 case Stmt::CompoundStmtClass: 1086 return VisitCompoundStmt(cast<CompoundStmt>(S)); 1087 1088 case Stmt::ConditionalOperatorClass: 1089 return VisitConditionalOperator(cast<ConditionalOperator>(S), asc); 1090 1091 case Stmt::ContinueStmtClass: 1092 return VisitContinueStmt(cast<ContinueStmt>(S)); 1093 1094 case Stmt::CXXCatchStmtClass: 1095 return VisitCXXCatchStmt(cast<CXXCatchStmt>(S)); 1096 1097 case Stmt::ExprWithCleanupsClass: 1098 return VisitExprWithCleanups(cast<ExprWithCleanups>(S), asc); 1099 1100 case Stmt::CXXDefaultArgExprClass: 1101 case Stmt::CXXDefaultInitExprClass: 1102 // FIXME: The expression inside a CXXDefaultArgExpr is owned by the 1103 // called function's declaration, not by the caller. If we simply add 1104 // this expression to the CFG, we could end up with the same Expr 1105 // appearing multiple times. 1106 // PR13385 / <rdar://problem/12156507> 1107 // 1108 // It's likewise possible for multiple CXXDefaultInitExprs for the same 1109 // expression to be used in the same function (through aggregate 1110 // initialization). 1111 return VisitStmt(S, asc); 1112 1113 case Stmt::CXXBindTemporaryExprClass: 1114 return VisitCXXBindTemporaryExpr(cast<CXXBindTemporaryExpr>(S), asc); 1115 1116 case Stmt::CXXConstructExprClass: 1117 return VisitCXXConstructExpr(cast<CXXConstructExpr>(S), asc); 1118 1119 case Stmt::CXXFunctionalCastExprClass: 1120 return VisitCXXFunctionalCastExpr(cast<CXXFunctionalCastExpr>(S), asc); 1121 1122 case Stmt::CXXTemporaryObjectExprClass: 1123 return VisitCXXTemporaryObjectExpr(cast<CXXTemporaryObjectExpr>(S), asc); 1124 1125 case Stmt::CXXThrowExprClass: 1126 return VisitCXXThrowExpr(cast<CXXThrowExpr>(S)); 1127 1128 case Stmt::CXXTryStmtClass: 1129 return VisitCXXTryStmt(cast<CXXTryStmt>(S)); 1130 1131 case Stmt::CXXForRangeStmtClass: 1132 return VisitCXXForRangeStmt(cast<CXXForRangeStmt>(S)); 1133 1134 case Stmt::DeclStmtClass: 1135 return VisitDeclStmt(cast<DeclStmt>(S)); 1136 1137 case Stmt::DefaultStmtClass: 1138 return VisitDefaultStmt(cast<DefaultStmt>(S)); 1139 1140 case Stmt::DoStmtClass: 1141 return VisitDoStmt(cast<DoStmt>(S)); 1142 1143 case Stmt::ForStmtClass: 1144 return VisitForStmt(cast<ForStmt>(S)); 1145 1146 case Stmt::GotoStmtClass: 1147 return VisitGotoStmt(cast<GotoStmt>(S)); 1148 1149 case Stmt::IfStmtClass: 1150 return VisitIfStmt(cast<IfStmt>(S)); 1151 1152 case Stmt::ImplicitCastExprClass: 1153 return VisitImplicitCastExpr(cast<ImplicitCastExpr>(S), asc); 1154 1155 case Stmt::IndirectGotoStmtClass: 1156 return VisitIndirectGotoStmt(cast<IndirectGotoStmt>(S)); 1157 1158 case Stmt::LabelStmtClass: 1159 return VisitLabelStmt(cast<LabelStmt>(S)); 1160 1161 case Stmt::LambdaExprClass: 1162 return VisitLambdaExpr(cast<LambdaExpr>(S), asc); 1163 1164 case Stmt::MemberExprClass: 1165 return VisitMemberExpr(cast<MemberExpr>(S), asc); 1166 1167 case Stmt::NullStmtClass: 1168 return Block; 1169 1170 case Stmt::ObjCAtCatchStmtClass: 1171 return VisitObjCAtCatchStmt(cast<ObjCAtCatchStmt>(S)); 1172 1173 case Stmt::ObjCAutoreleasePoolStmtClass: 1174 return VisitObjCAutoreleasePoolStmt(cast<ObjCAutoreleasePoolStmt>(S)); 1175 1176 case Stmt::ObjCAtSynchronizedStmtClass: 1177 return VisitObjCAtSynchronizedStmt(cast<ObjCAtSynchronizedStmt>(S)); 1178 1179 case Stmt::ObjCAtThrowStmtClass: 1180 return VisitObjCAtThrowStmt(cast<ObjCAtThrowStmt>(S)); 1181 1182 case Stmt::ObjCAtTryStmtClass: 1183 return VisitObjCAtTryStmt(cast<ObjCAtTryStmt>(S)); 1184 1185 case Stmt::ObjCForCollectionStmtClass: 1186 return VisitObjCForCollectionStmt(cast<ObjCForCollectionStmt>(S)); 1187 1188 case Stmt::OpaqueValueExprClass: 1189 return Block; 1190 1191 case Stmt::PseudoObjectExprClass: 1192 return VisitPseudoObjectExpr(cast<PseudoObjectExpr>(S)); 1193 1194 case Stmt::ReturnStmtClass: 1195 return VisitReturnStmt(cast<ReturnStmt>(S)); 1196 1197 case Stmt::UnaryExprOrTypeTraitExprClass: 1198 return VisitUnaryExprOrTypeTraitExpr(cast<UnaryExprOrTypeTraitExpr>(S), 1199 asc); 1200 1201 case Stmt::StmtExprClass: 1202 return VisitStmtExpr(cast<StmtExpr>(S), asc); 1203 1204 case Stmt::SwitchStmtClass: 1205 return VisitSwitchStmt(cast<SwitchStmt>(S)); 1206 1207 case Stmt::UnaryOperatorClass: 1208 return VisitUnaryOperator(cast<UnaryOperator>(S), asc); 1209 1210 case Stmt::WhileStmtClass: 1211 return VisitWhileStmt(cast<WhileStmt>(S)); 1212 } 1213 } 1214 1215 CFGBlock *CFGBuilder::VisitStmt(Stmt *S, AddStmtChoice asc) { 1216 if (asc.alwaysAdd(*this, S)) { 1217 autoCreateBlock(); 1218 appendStmt(Block, S); 1219 } 1220 1221 return VisitChildren(S); 1222 } 1223 1224 /// VisitChildren - Visit the children of a Stmt. 1225 CFGBlock *CFGBuilder::VisitChildren(Stmt *S) { 1226 CFGBlock *B = Block; 1227 1228 // Visit the children in their reverse order so that they appear in 1229 // left-to-right (natural) order in the CFG. 1230 reverse_children RChildren(S); 1231 for (reverse_children::iterator I = RChildren.begin(), E = RChildren.end(); 1232 I != E; ++I) { 1233 if (Stmt *Child = *I) 1234 if (CFGBlock *R = Visit(Child)) 1235 B = R; 1236 } 1237 return B; 1238 } 1239 1240 CFGBlock *CFGBuilder::VisitAddrLabelExpr(AddrLabelExpr *A, 1241 AddStmtChoice asc) { 1242 AddressTakenLabels.insert(A->getLabel()); 1243 1244 if (asc.alwaysAdd(*this, A)) { 1245 autoCreateBlock(); 1246 appendStmt(Block, A); 1247 } 1248 1249 return Block; 1250 } 1251 1252 CFGBlock *CFGBuilder::VisitUnaryOperator(UnaryOperator *U, 1253 AddStmtChoice asc) { 1254 if (asc.alwaysAdd(*this, U)) { 1255 autoCreateBlock(); 1256 appendStmt(Block, U); 1257 } 1258 1259 return Visit(U->getSubExpr(), AddStmtChoice()); 1260 } 1261 1262 CFGBlock *CFGBuilder::VisitLogicalOperator(BinaryOperator *B) { 1263 CFGBlock *ConfluenceBlock = Block ? Block : createBlock(); 1264 appendStmt(ConfluenceBlock, B); 1265 1266 if (badCFG) 1267 return 0; 1268 1269 return VisitLogicalOperator(B, 0, ConfluenceBlock, ConfluenceBlock).first; 1270 } 1271 1272 std::pair<CFGBlock*, CFGBlock*> 1273 CFGBuilder::VisitLogicalOperator(BinaryOperator *B, 1274 Stmt *Term, 1275 CFGBlock *TrueBlock, 1276 CFGBlock *FalseBlock) { 1277 1278 // Introspect the RHS. If it is a nested logical operation, we recursively 1279 // build the CFG using this function. Otherwise, resort to default 1280 // CFG construction behavior. 1281 Expr *RHS = B->getRHS()->IgnoreParens(); 1282 CFGBlock *RHSBlock, *ExitBlock; 1283 1284 do { 1285 if (BinaryOperator *B_RHS = dyn_cast<BinaryOperator>(RHS)) 1286 if (B_RHS->isLogicalOp()) { 1287 llvm::tie(RHSBlock, ExitBlock) = 1288 VisitLogicalOperator(B_RHS, Term, TrueBlock, FalseBlock); 1289 break; 1290 } 1291 1292 // The RHS is not a nested logical operation. Don't push the terminator 1293 // down further, but instead visit RHS and construct the respective 1294 // pieces of the CFG, and link up the RHSBlock with the terminator 1295 // we have been provided. 1296 ExitBlock = RHSBlock = createBlock(false); 1297 1298 if (!Term) { 1299 assert(TrueBlock == FalseBlock); 1300 addSuccessor(RHSBlock, TrueBlock); 1301 } 1302 else { 1303 RHSBlock->setTerminator(Term); 1304 TryResult KnownVal = tryEvaluateBool(RHS); 1305 addSuccessor(RHSBlock, KnownVal.isFalse() ? NULL : TrueBlock); 1306 addSuccessor(RHSBlock, KnownVal.isTrue() ? NULL : FalseBlock); 1307 } 1308 1309 Block = RHSBlock; 1310 RHSBlock = addStmt(RHS); 1311 } 1312 while (false); 1313 1314 if (badCFG) 1315 return std::make_pair((CFGBlock*)0, (CFGBlock*)0); 1316 1317 // Generate the blocks for evaluating the LHS. 1318 Expr *LHS = B->getLHS()->IgnoreParens(); 1319 1320 if (BinaryOperator *B_LHS = dyn_cast<BinaryOperator>(LHS)) 1321 if (B_LHS->isLogicalOp()) { 1322 if (B->getOpcode() == BO_LOr) 1323 FalseBlock = RHSBlock; 1324 else 1325 TrueBlock = RHSBlock; 1326 1327 // For the LHS, treat 'B' as the terminator that we want to sink 1328 // into the nested branch. The RHS always gets the top-most 1329 // terminator. 1330 return VisitLogicalOperator(B_LHS, B, TrueBlock, FalseBlock); 1331 } 1332 1333 // Create the block evaluating the LHS. 1334 // This contains the '&&' or '||' as the terminator. 1335 CFGBlock *LHSBlock = createBlock(false); 1336 LHSBlock->setTerminator(B); 1337 1338 Block = LHSBlock; 1339 CFGBlock *EntryLHSBlock = addStmt(LHS); 1340 1341 if (badCFG) 1342 return std::make_pair((CFGBlock*)0, (CFGBlock*)0); 1343 1344 // See if this is a known constant. 1345 TryResult KnownVal = tryEvaluateBool(LHS); 1346 1347 // Now link the LHSBlock with RHSBlock. 1348 if (B->getOpcode() == BO_LOr) { 1349 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : TrueBlock); 1350 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : RHSBlock); 1351 } else { 1352 assert(B->getOpcode() == BO_LAnd); 1353 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : RHSBlock); 1354 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : FalseBlock); 1355 } 1356 1357 return std::make_pair(EntryLHSBlock, ExitBlock); 1358 } 1359 1360 1361 CFGBlock *CFGBuilder::VisitBinaryOperator(BinaryOperator *B, 1362 AddStmtChoice asc) { 1363 // && or || 1364 if (B->isLogicalOp()) 1365 return VisitLogicalOperator(B); 1366 1367 if (B->getOpcode() == BO_Comma) { // , 1368 autoCreateBlock(); 1369 appendStmt(Block, B); 1370 addStmt(B->getRHS()); 1371 return addStmt(B->getLHS()); 1372 } 1373 1374 if (B->isAssignmentOp()) { 1375 if (asc.alwaysAdd(*this, B)) { 1376 autoCreateBlock(); 1377 appendStmt(Block, B); 1378 } 1379 Visit(B->getLHS()); 1380 return Visit(B->getRHS()); 1381 } 1382 1383 if (asc.alwaysAdd(*this, B)) { 1384 autoCreateBlock(); 1385 appendStmt(Block, B); 1386 } 1387 1388 CFGBlock *RBlock = Visit(B->getRHS()); 1389 CFGBlock *LBlock = Visit(B->getLHS()); 1390 // If visiting RHS causes us to finish 'Block', e.g. the RHS is a StmtExpr 1391 // containing a DoStmt, and the LHS doesn't create a new block, then we should 1392 // return RBlock. Otherwise we'll incorrectly return NULL. 1393 return (LBlock ? LBlock : RBlock); 1394 } 1395 1396 CFGBlock *CFGBuilder::VisitNoRecurse(Expr *E, AddStmtChoice asc) { 1397 if (asc.alwaysAdd(*this, E)) { 1398 autoCreateBlock(); 1399 appendStmt(Block, E); 1400 } 1401 return Block; 1402 } 1403 1404 CFGBlock *CFGBuilder::VisitBreakStmt(BreakStmt *B) { 1405 // "break" is a control-flow statement. Thus we stop processing the current 1406 // block. 1407 if (badCFG) 1408 return 0; 1409 1410 // Now create a new block that ends with the break statement. 1411 Block = createBlock(false); 1412 Block->setTerminator(B); 1413 1414 // If there is no target for the break, then we are looking at an incomplete 1415 // AST. This means that the CFG cannot be constructed. 1416 if (BreakJumpTarget.block) { 1417 addAutomaticObjDtors(ScopePos, BreakJumpTarget.scopePosition, B); 1418 addSuccessor(Block, BreakJumpTarget.block); 1419 } else 1420 badCFG = true; 1421 1422 1423 return Block; 1424 } 1425 1426 static bool CanThrow(Expr *E, ASTContext &Ctx) { 1427 QualType Ty = E->getType(); 1428 if (Ty->isFunctionPointerType()) 1429 Ty = Ty->getAs<PointerType>()->getPointeeType(); 1430 else if (Ty->isBlockPointerType()) 1431 Ty = Ty->getAs<BlockPointerType>()->getPointeeType(); 1432 1433 const FunctionType *FT = Ty->getAs<FunctionType>(); 1434 if (FT) { 1435 if (const FunctionProtoType *Proto = dyn_cast<FunctionProtoType>(FT)) 1436 if (!isUnresolvedExceptionSpec(Proto->getExceptionSpecType()) && 1437 Proto->isNothrow(Ctx)) 1438 return false; 1439 } 1440 return true; 1441 } 1442 1443 CFGBlock *CFGBuilder::VisitCallExpr(CallExpr *C, AddStmtChoice asc) { 1444 // Compute the callee type. 1445 QualType calleeType = C->getCallee()->getType(); 1446 if (calleeType == Context->BoundMemberTy) { 1447 QualType boundType = Expr::findBoundMemberType(C->getCallee()); 1448 1449 // We should only get a null bound type if processing a dependent 1450 // CFG. Recover by assuming nothing. 1451 if (!boundType.isNull()) calleeType = boundType; 1452 } 1453 1454 // If this is a call to a no-return function, this stops the block here. 1455 bool NoReturn = getFunctionExtInfo(*calleeType).getNoReturn(); 1456 1457 bool AddEHEdge = false; 1458 1459 // Languages without exceptions are assumed to not throw. 1460 if (Context->getLangOpts().Exceptions) { 1461 if (BuildOpts.AddEHEdges) 1462 AddEHEdge = true; 1463 } 1464 1465 if (FunctionDecl *FD = C->getDirectCallee()) { 1466 if (FD->isNoReturn()) 1467 NoReturn = true; 1468 if (FD->hasAttr<NoThrowAttr>()) 1469 AddEHEdge = false; 1470 } 1471 1472 if (!CanThrow(C->getCallee(), *Context)) 1473 AddEHEdge = false; 1474 1475 if (!NoReturn && !AddEHEdge) 1476 return VisitStmt(C, asc.withAlwaysAdd(true)); 1477 1478 if (Block) { 1479 Succ = Block; 1480 if (badCFG) 1481 return 0; 1482 } 1483 1484 if (NoReturn) 1485 Block = createNoReturnBlock(); 1486 else 1487 Block = createBlock(); 1488 1489 appendStmt(Block, C); 1490 1491 if (AddEHEdge) { 1492 // Add exceptional edges. 1493 if (TryTerminatedBlock) 1494 addSuccessor(Block, TryTerminatedBlock); 1495 else 1496 addSuccessor(Block, &cfg->getExit()); 1497 } 1498 1499 return VisitChildren(C); 1500 } 1501 1502 CFGBlock *CFGBuilder::VisitChooseExpr(ChooseExpr *C, 1503 AddStmtChoice asc) { 1504 CFGBlock *ConfluenceBlock = Block ? Block : createBlock(); 1505 appendStmt(ConfluenceBlock, C); 1506 if (badCFG) 1507 return 0; 1508 1509 AddStmtChoice alwaysAdd = asc.withAlwaysAdd(true); 1510 Succ = ConfluenceBlock; 1511 Block = NULL; 1512 CFGBlock *LHSBlock = Visit(C->getLHS(), alwaysAdd); 1513 if (badCFG) 1514 return 0; 1515 1516 Succ = ConfluenceBlock; 1517 Block = NULL; 1518 CFGBlock *RHSBlock = Visit(C->getRHS(), alwaysAdd); 1519 if (badCFG) 1520 return 0; 1521 1522 Block = createBlock(false); 1523 // See if this is a known constant. 1524 const TryResult& KnownVal = tryEvaluateBool(C->getCond()); 1525 addSuccessor(Block, KnownVal.isFalse() ? NULL : LHSBlock); 1526 addSuccessor(Block, KnownVal.isTrue() ? NULL : RHSBlock); 1527 Block->setTerminator(C); 1528 return addStmt(C->getCond()); 1529 } 1530 1531 1532 CFGBlock *CFGBuilder::VisitCompoundStmt(CompoundStmt *C) { 1533 addLocalScopeAndDtors(C); 1534 CFGBlock *LastBlock = Block; 1535 1536 for (CompoundStmt::reverse_body_iterator I=C->body_rbegin(), E=C->body_rend(); 1537 I != E; ++I ) { 1538 // If we hit a segment of code just containing ';' (NullStmts), we can 1539 // get a null block back. In such cases, just use the LastBlock 1540 if (CFGBlock *newBlock = addStmt(*I)) 1541 LastBlock = newBlock; 1542 1543 if (badCFG) 1544 return NULL; 1545 } 1546 1547 return LastBlock; 1548 } 1549 1550 CFGBlock *CFGBuilder::VisitConditionalOperator(AbstractConditionalOperator *C, 1551 AddStmtChoice asc) { 1552 const BinaryConditionalOperator *BCO = dyn_cast<BinaryConditionalOperator>(C); 1553 const OpaqueValueExpr *opaqueValue = (BCO ? BCO->getOpaqueValue() : NULL); 1554 1555 // Create the confluence block that will "merge" the results of the ternary 1556 // expression. 1557 CFGBlock *ConfluenceBlock = Block ? Block : createBlock(); 1558 appendStmt(ConfluenceBlock, C); 1559 if (badCFG) 1560 return 0; 1561 1562 AddStmtChoice alwaysAdd = asc.withAlwaysAdd(true); 1563 1564 // Create a block for the LHS expression if there is an LHS expression. A 1565 // GCC extension allows LHS to be NULL, causing the condition to be the 1566 // value that is returned instead. 1567 // e.g: x ?: y is shorthand for: x ? x : y; 1568 Succ = ConfluenceBlock; 1569 Block = NULL; 1570 CFGBlock *LHSBlock = 0; 1571 const Expr *trueExpr = C->getTrueExpr(); 1572 if (trueExpr != opaqueValue) { 1573 LHSBlock = Visit(C->getTrueExpr(), alwaysAdd); 1574 if (badCFG) 1575 return 0; 1576 Block = NULL; 1577 } 1578 else 1579 LHSBlock = ConfluenceBlock; 1580 1581 // Create the block for the RHS expression. 1582 Succ = ConfluenceBlock; 1583 CFGBlock *RHSBlock = Visit(C->getFalseExpr(), alwaysAdd); 1584 if (badCFG) 1585 return 0; 1586 1587 // If the condition is a logical '&&' or '||', build a more accurate CFG. 1588 if (BinaryOperator *Cond = 1589 dyn_cast<BinaryOperator>(C->getCond()->IgnoreParens())) 1590 if (Cond->isLogicalOp()) 1591 return VisitLogicalOperator(Cond, C, LHSBlock, RHSBlock).first; 1592 1593 // Create the block that will contain the condition. 1594 Block = createBlock(false); 1595 1596 // See if this is a known constant. 1597 const TryResult& KnownVal = tryEvaluateBool(C->getCond()); 1598 addSuccessor(Block, KnownVal.isFalse() ? NULL : LHSBlock); 1599 addSuccessor(Block, KnownVal.isTrue() ? NULL : RHSBlock); 1600 Block->setTerminator(C); 1601 Expr *condExpr = C->getCond(); 1602 1603 if (opaqueValue) { 1604 // Run the condition expression if it's not trivially expressed in 1605 // terms of the opaque value (or if there is no opaque value). 1606 if (condExpr != opaqueValue) 1607 addStmt(condExpr); 1608 1609 // Before that, run the common subexpression if there was one. 1610 // At least one of this or the above will be run. 1611 return addStmt(BCO->getCommon()); 1612 } 1613 1614 return addStmt(condExpr); 1615 } 1616 1617 CFGBlock *CFGBuilder::VisitDeclStmt(DeclStmt *DS) { 1618 // Check if the Decl is for an __label__. If so, elide it from the 1619 // CFG entirely. 1620 if (isa<LabelDecl>(*DS->decl_begin())) 1621 return Block; 1622 1623 // This case also handles static_asserts. 1624 if (DS->isSingleDecl()) 1625 return VisitDeclSubExpr(DS); 1626 1627 CFGBlock *B = 0; 1628 1629 // Build an individual DeclStmt for each decl. 1630 for (DeclStmt::reverse_decl_iterator I = DS->decl_rbegin(), 1631 E = DS->decl_rend(); 1632 I != E; ++I) { 1633 // Get the alignment of the new DeclStmt, padding out to >=8 bytes. 1634 unsigned A = llvm::AlignOf<DeclStmt>::Alignment < 8 1635 ? 8 : llvm::AlignOf<DeclStmt>::Alignment; 1636 1637 // Allocate the DeclStmt using the BumpPtrAllocator. It will get 1638 // automatically freed with the CFG. 1639 DeclGroupRef DG(*I); 1640 Decl *D = *I; 1641 void *Mem = cfg->getAllocator().Allocate(sizeof(DeclStmt), A); 1642 DeclStmt *DSNew = new (Mem) DeclStmt(DG, D->getLocation(), GetEndLoc(D)); 1643 cfg->addSyntheticDeclStmt(DSNew, DS); 1644 1645 // Append the fake DeclStmt to block. 1646 B = VisitDeclSubExpr(DSNew); 1647 } 1648 1649 return B; 1650 } 1651 1652 /// VisitDeclSubExpr - Utility method to add block-level expressions for 1653 /// DeclStmts and initializers in them. 1654 CFGBlock *CFGBuilder::VisitDeclSubExpr(DeclStmt *DS) { 1655 assert(DS->isSingleDecl() && "Can handle single declarations only."); 1656 VarDecl *VD = dyn_cast<VarDecl>(DS->getSingleDecl()); 1657 1658 if (!VD) { 1659 // Of everything that can be declared in a DeclStmt, only VarDecls impact 1660 // runtime semantics. 1661 return Block; 1662 } 1663 1664 bool IsReference = false; 1665 bool HasTemporaries = false; 1666 1667 // Guard static initializers under a branch. 1668 CFGBlock *blockAfterStaticInit = 0; 1669 1670 if (BuildOpts.AddStaticInitBranches && VD->isStaticLocal()) { 1671 // For static variables, we need to create a branch to track 1672 // whether or not they are initialized. 1673 if (Block) { 1674 Succ = Block; 1675 Block = 0; 1676 if (badCFG) 1677 return 0; 1678 } 1679 blockAfterStaticInit = Succ; 1680 } 1681 1682 // Destructors of temporaries in initialization expression should be called 1683 // after initialization finishes. 1684 Expr *Init = VD->getInit(); 1685 if (Init) { 1686 IsReference = VD->getType()->isReferenceType(); 1687 HasTemporaries = isa<ExprWithCleanups>(Init); 1688 1689 if (BuildOpts.AddTemporaryDtors && HasTemporaries) { 1690 // Generate destructors for temporaries in initialization expression. 1691 VisitForTemporaryDtors(cast<ExprWithCleanups>(Init)->getSubExpr(), 1692 IsReference); 1693 } 1694 } 1695 1696 autoCreateBlock(); 1697 appendStmt(Block, DS); 1698 1699 // Keep track of the last non-null block, as 'Block' can be nulled out 1700 // if the initializer expression is something like a 'while' in a 1701 // statement-expression. 1702 CFGBlock *LastBlock = Block; 1703 1704 if (Init) { 1705 if (HasTemporaries) { 1706 // For expression with temporaries go directly to subexpression to omit 1707 // generating destructors for the second time. 1708 ExprWithCleanups *EC = cast<ExprWithCleanups>(Init); 1709 if (CFGBlock *newBlock = Visit(EC->getSubExpr())) 1710 LastBlock = newBlock; 1711 } 1712 else { 1713 if (CFGBlock *newBlock = Visit(Init)) 1714 LastBlock = newBlock; 1715 } 1716 } 1717 1718 // If the type of VD is a VLA, then we must process its size expressions. 1719 for (const VariableArrayType* VA = FindVA(VD->getType().getTypePtr()); 1720 VA != 0; VA = FindVA(VA->getElementType().getTypePtr())) { 1721 if (CFGBlock *newBlock = addStmt(VA->getSizeExpr())) 1722 LastBlock = newBlock; 1723 } 1724 1725 // Remove variable from local scope. 1726 if (ScopePos && VD == *ScopePos) 1727 ++ScopePos; 1728 1729 CFGBlock *B = LastBlock; 1730 if (blockAfterStaticInit) { 1731 Succ = B; 1732 Block = createBlock(false); 1733 Block->setTerminator(DS); 1734 addSuccessor(Block, blockAfterStaticInit); 1735 addSuccessor(Block, B); 1736 B = Block; 1737 } 1738 1739 return B; 1740 } 1741 1742 CFGBlock *CFGBuilder::VisitIfStmt(IfStmt *I) { 1743 // We may see an if statement in the middle of a basic block, or it may be the 1744 // first statement we are processing. In either case, we create a new basic 1745 // block. First, we create the blocks for the then...else statements, and 1746 // then we create the block containing the if statement. If we were in the 1747 // middle of a block, we stop processing that block. That block is then the 1748 // implicit successor for the "then" and "else" clauses. 1749 1750 // Save local scope position because in case of condition variable ScopePos 1751 // won't be restored when traversing AST. 1752 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 1753 1754 // Create local scope for possible condition variable. 1755 // Store scope position. Add implicit destructor. 1756 if (VarDecl *VD = I->getConditionVariable()) { 1757 LocalScope::const_iterator BeginScopePos = ScopePos; 1758 addLocalScopeForVarDecl(VD); 1759 addAutomaticObjDtors(ScopePos, BeginScopePos, I); 1760 } 1761 1762 // The block we were processing is now finished. Make it the successor 1763 // block. 1764 if (Block) { 1765 Succ = Block; 1766 if (badCFG) 1767 return 0; 1768 } 1769 1770 // Process the false branch. 1771 CFGBlock *ElseBlock = Succ; 1772 1773 if (Stmt *Else = I->getElse()) { 1774 SaveAndRestore<CFGBlock*> sv(Succ); 1775 1776 // NULL out Block so that the recursive call to Visit will 1777 // create a new basic block. 1778 Block = NULL; 1779 1780 // If branch is not a compound statement create implicit scope 1781 // and add destructors. 1782 if (!isa<CompoundStmt>(Else)) 1783 addLocalScopeAndDtors(Else); 1784 1785 ElseBlock = addStmt(Else); 1786 1787 if (!ElseBlock) // Can occur when the Else body has all NullStmts. 1788 ElseBlock = sv.get(); 1789 else if (Block) { 1790 if (badCFG) 1791 return 0; 1792 } 1793 } 1794 1795 // Process the true branch. 1796 CFGBlock *ThenBlock; 1797 { 1798 Stmt *Then = I->getThen(); 1799 assert(Then); 1800 SaveAndRestore<CFGBlock*> sv(Succ); 1801 Block = NULL; 1802 1803 // If branch is not a compound statement create implicit scope 1804 // and add destructors. 1805 if (!isa<CompoundStmt>(Then)) 1806 addLocalScopeAndDtors(Then); 1807 1808 ThenBlock = addStmt(Then); 1809 1810 if (!ThenBlock) { 1811 // We can reach here if the "then" body has all NullStmts. 1812 // Create an empty block so we can distinguish between true and false 1813 // branches in path-sensitive analyses. 1814 ThenBlock = createBlock(false); 1815 addSuccessor(ThenBlock, sv.get()); 1816 } else if (Block) { 1817 if (badCFG) 1818 return 0; 1819 } 1820 } 1821 1822 // Specially handle "if (expr1 || ...)" and "if (expr1 && ...)" by 1823 // having these handle the actual control-flow jump. Note that 1824 // if we introduce a condition variable, e.g. "if (int x = exp1 || exp2)" 1825 // we resort to the old control-flow behavior. This special handling 1826 // removes infeasible paths from the control-flow graph by having the 1827 // control-flow transfer of '&&' or '||' go directly into the then/else 1828 // blocks directly. 1829 if (!I->getConditionVariable()) 1830 if (BinaryOperator *Cond = 1831 dyn_cast<BinaryOperator>(I->getCond()->IgnoreParens())) 1832 if (Cond->isLogicalOp()) 1833 return VisitLogicalOperator(Cond, I, ThenBlock, ElseBlock).first; 1834 1835 // Now create a new block containing the if statement. 1836 Block = createBlock(false); 1837 1838 // Set the terminator of the new block to the If statement. 1839 Block->setTerminator(I); 1840 1841 // See if this is a known constant. 1842 const TryResult &KnownVal = tryEvaluateBool(I->getCond()); 1843 1844 // Now add the successors. 1845 addSuccessor(Block, KnownVal.isFalse() ? NULL : ThenBlock); 1846 addSuccessor(Block, KnownVal.isTrue()? NULL : ElseBlock); 1847 1848 // Add the condition as the last statement in the new block. This may create 1849 // new blocks as the condition may contain control-flow. Any newly created 1850 // blocks will be pointed to be "Block". 1851 CFGBlock *LastBlock = addStmt(I->getCond()); 1852 1853 // Finally, if the IfStmt contains a condition variable, add both the IfStmt 1854 // and the condition variable initialization to the CFG. 1855 if (VarDecl *VD = I->getConditionVariable()) { 1856 if (Expr *Init = VD->getInit()) { 1857 autoCreateBlock(); 1858 appendStmt(Block, I->getConditionVariableDeclStmt()); 1859 LastBlock = addStmt(Init); 1860 } 1861 } 1862 1863 return LastBlock; 1864 } 1865 1866 1867 CFGBlock *CFGBuilder::VisitReturnStmt(ReturnStmt *R) { 1868 // If we were in the middle of a block we stop processing that block. 1869 // 1870 // NOTE: If a "return" appears in the middle of a block, this means that the 1871 // code afterwards is DEAD (unreachable). We still keep a basic block 1872 // for that code; a simple "mark-and-sweep" from the entry block will be 1873 // able to report such dead blocks. 1874 1875 // Create the new block. 1876 Block = createBlock(false); 1877 1878 // The Exit block is the only successor. 1879 addAutomaticObjDtors(ScopePos, LocalScope::const_iterator(), R); 1880 addSuccessor(Block, &cfg->getExit()); 1881 1882 // Add the return statement to the block. This may create new blocks if R 1883 // contains control-flow (short-circuit operations). 1884 return VisitStmt(R, AddStmtChoice::AlwaysAdd); 1885 } 1886 1887 CFGBlock *CFGBuilder::VisitLabelStmt(LabelStmt *L) { 1888 // Get the block of the labeled statement. Add it to our map. 1889 addStmt(L->getSubStmt()); 1890 CFGBlock *LabelBlock = Block; 1891 1892 if (!LabelBlock) // This can happen when the body is empty, i.e. 1893 LabelBlock = createBlock(); // scopes that only contains NullStmts. 1894 1895 assert(LabelMap.find(L->getDecl()) == LabelMap.end() && 1896 "label already in map"); 1897 LabelMap[L->getDecl()] = JumpTarget(LabelBlock, ScopePos); 1898 1899 // Labels partition blocks, so this is the end of the basic block we were 1900 // processing (L is the block's label). Because this is label (and we have 1901 // already processed the substatement) there is no extra control-flow to worry 1902 // about. 1903 LabelBlock->setLabel(L); 1904 if (badCFG) 1905 return 0; 1906 1907 // We set Block to NULL to allow lazy creation of a new block (if necessary); 1908 Block = NULL; 1909 1910 // This block is now the implicit successor of other blocks. 1911 Succ = LabelBlock; 1912 1913 return LabelBlock; 1914 } 1915 1916 CFGBlock *CFGBuilder::VisitLambdaExpr(LambdaExpr *E, AddStmtChoice asc) { 1917 CFGBlock *LastBlock = VisitNoRecurse(E, asc); 1918 for (LambdaExpr::capture_init_iterator it = E->capture_init_begin(), 1919 et = E->capture_init_end(); it != et; ++it) { 1920 if (Expr *Init = *it) { 1921 CFGBlock *Tmp = Visit(Init); 1922 if (Tmp != 0) 1923 LastBlock = Tmp; 1924 } 1925 } 1926 return LastBlock; 1927 } 1928 1929 CFGBlock *CFGBuilder::VisitGotoStmt(GotoStmt *G) { 1930 // Goto is a control-flow statement. Thus we stop processing the current 1931 // block and create a new one. 1932 1933 Block = createBlock(false); 1934 Block->setTerminator(G); 1935 1936 // If we already know the mapping to the label block add the successor now. 1937 LabelMapTy::iterator I = LabelMap.find(G->getLabel()); 1938 1939 if (I == LabelMap.end()) 1940 // We will need to backpatch this block later. 1941 BackpatchBlocks.push_back(JumpSource(Block, ScopePos)); 1942 else { 1943 JumpTarget JT = I->second; 1944 addAutomaticObjDtors(ScopePos, JT.scopePosition, G); 1945 addSuccessor(Block, JT.block); 1946 } 1947 1948 return Block; 1949 } 1950 1951 CFGBlock *CFGBuilder::VisitForStmt(ForStmt *F) { 1952 CFGBlock *LoopSuccessor = NULL; 1953 1954 // Save local scope position because in case of condition variable ScopePos 1955 // won't be restored when traversing AST. 1956 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 1957 1958 // Create local scope for init statement and possible condition variable. 1959 // Add destructor for init statement and condition variable. 1960 // Store scope position for continue statement. 1961 if (Stmt *Init = F->getInit()) 1962 addLocalScopeForStmt(Init); 1963 LocalScope::const_iterator LoopBeginScopePos = ScopePos; 1964 1965 if (VarDecl *VD = F->getConditionVariable()) 1966 addLocalScopeForVarDecl(VD); 1967 LocalScope::const_iterator ContinueScopePos = ScopePos; 1968 1969 addAutomaticObjDtors(ScopePos, save_scope_pos.get(), F); 1970 1971 // "for" is a control-flow statement. Thus we stop processing the current 1972 // block. 1973 if (Block) { 1974 if (badCFG) 1975 return 0; 1976 LoopSuccessor = Block; 1977 } else 1978 LoopSuccessor = Succ; 1979 1980 // Save the current value for the break targets. 1981 // All breaks should go to the code following the loop. 1982 SaveAndRestore<JumpTarget> save_break(BreakJumpTarget); 1983 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 1984 1985 CFGBlock *BodyBlock = 0, *TransitionBlock = 0; 1986 1987 // Now create the loop body. 1988 { 1989 assert(F->getBody()); 1990 1991 // Save the current values for Block, Succ, continue and break targets. 1992 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 1993 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget); 1994 1995 // Create an empty block to represent the transition block for looping back 1996 // to the head of the loop. If we have increment code, it will 1997 // go in this block as well. 1998 Block = Succ = TransitionBlock = createBlock(false); 1999 TransitionBlock->setLoopTarget(F); 2000 2001 if (Stmt *I = F->getInc()) { 2002 // Generate increment code in its own basic block. This is the target of 2003 // continue statements. 2004 Succ = addStmt(I); 2005 } 2006 2007 // Finish up the increment (or empty) block if it hasn't been already. 2008 if (Block) { 2009 assert(Block == Succ); 2010 if (badCFG) 2011 return 0; 2012 Block = 0; 2013 } 2014 2015 // The starting block for the loop increment is the block that should 2016 // represent the 'loop target' for looping back to the start of the loop. 2017 ContinueJumpTarget = JumpTarget(Succ, ContinueScopePos); 2018 ContinueJumpTarget.block->setLoopTarget(F); 2019 2020 // Loop body should end with destructor of Condition variable (if any). 2021 addAutomaticObjDtors(ScopePos, LoopBeginScopePos, F); 2022 2023 // If body is not a compound statement create implicit scope 2024 // and add destructors. 2025 if (!isa<CompoundStmt>(F->getBody())) 2026 addLocalScopeAndDtors(F->getBody()); 2027 2028 // Now populate the body block, and in the process create new blocks as we 2029 // walk the body of the loop. 2030 BodyBlock = addStmt(F->getBody()); 2031 2032 if (!BodyBlock) { 2033 // In the case of "for (...;...;...);" we can have a null BodyBlock. 2034 // Use the continue jump target as the proxy for the body. 2035 BodyBlock = ContinueJumpTarget.block; 2036 } 2037 else if (badCFG) 2038 return 0; 2039 } 2040 2041 // Because of short-circuit evaluation, the condition of the loop can span 2042 // multiple basic blocks. Thus we need the "Entry" and "Exit" blocks that 2043 // evaluate the condition. 2044 CFGBlock *EntryConditionBlock = 0, *ExitConditionBlock = 0; 2045 2046 do { 2047 Expr *C = F->getCond(); 2048 2049 // Specially handle logical operators, which have a slightly 2050 // more optimal CFG representation. 2051 if (BinaryOperator *Cond = 2052 dyn_cast_or_null<BinaryOperator>(C ? C->IgnoreParens() : 0)) 2053 if (Cond->isLogicalOp()) { 2054 llvm::tie(EntryConditionBlock, ExitConditionBlock) = 2055 VisitLogicalOperator(Cond, F, BodyBlock, LoopSuccessor); 2056 break; 2057 } 2058 2059 // The default case when not handling logical operators. 2060 EntryConditionBlock = ExitConditionBlock = createBlock(false); 2061 ExitConditionBlock->setTerminator(F); 2062 2063 // See if this is a known constant. 2064 TryResult KnownVal(true); 2065 2066 if (C) { 2067 // Now add the actual condition to the condition block. 2068 // Because the condition itself may contain control-flow, new blocks may 2069 // be created. Thus we update "Succ" after adding the condition. 2070 Block = ExitConditionBlock; 2071 EntryConditionBlock = addStmt(C); 2072 2073 // If this block contains a condition variable, add both the condition 2074 // variable and initializer to the CFG. 2075 if (VarDecl *VD = F->getConditionVariable()) { 2076 if (Expr *Init = VD->getInit()) { 2077 autoCreateBlock(); 2078 appendStmt(Block, F->getConditionVariableDeclStmt()); 2079 EntryConditionBlock = addStmt(Init); 2080 assert(Block == EntryConditionBlock); 2081 } 2082 } 2083 2084 if (Block && badCFG) 2085 return 0; 2086 2087 KnownVal = tryEvaluateBool(C); 2088 } 2089 2090 // Add the loop body entry as a successor to the condition. 2091 addSuccessor(ExitConditionBlock, KnownVal.isFalse() ? NULL : BodyBlock); 2092 // Link up the condition block with the code that follows the loop. (the 2093 // false branch). 2094 addSuccessor(ExitConditionBlock, KnownVal.isTrue() ? NULL : LoopSuccessor); 2095 2096 } while (false); 2097 2098 // Link up the loop-back block to the entry condition block. 2099 addSuccessor(TransitionBlock, EntryConditionBlock); 2100 2101 // The condition block is the implicit successor for any code above the loop. 2102 Succ = EntryConditionBlock; 2103 2104 // If the loop contains initialization, create a new block for those 2105 // statements. This block can also contain statements that precede the loop. 2106 if (Stmt *I = F->getInit()) { 2107 Block = createBlock(); 2108 return addStmt(I); 2109 } 2110 2111 // There is no loop initialization. We are thus basically a while loop. 2112 // NULL out Block to force lazy block construction. 2113 Block = NULL; 2114 Succ = EntryConditionBlock; 2115 return EntryConditionBlock; 2116 } 2117 2118 CFGBlock *CFGBuilder::VisitMemberExpr(MemberExpr *M, AddStmtChoice asc) { 2119 if (asc.alwaysAdd(*this, M)) { 2120 autoCreateBlock(); 2121 appendStmt(Block, M); 2122 } 2123 return Visit(M->getBase()); 2124 } 2125 2126 CFGBlock *CFGBuilder::VisitObjCForCollectionStmt(ObjCForCollectionStmt *S) { 2127 // Objective-C fast enumeration 'for' statements: 2128 // http://developer.apple.com/documentation/Cocoa/Conceptual/ObjectiveC 2129 // 2130 // for ( Type newVariable in collection_expression ) { statements } 2131 // 2132 // becomes: 2133 // 2134 // prologue: 2135 // 1. collection_expression 2136 // T. jump to loop_entry 2137 // loop_entry: 2138 // 1. side-effects of element expression 2139 // 1. ObjCForCollectionStmt [performs binding to newVariable] 2140 // T. ObjCForCollectionStmt TB, FB [jumps to TB if newVariable != nil] 2141 // TB: 2142 // statements 2143 // T. jump to loop_entry 2144 // FB: 2145 // what comes after 2146 // 2147 // and 2148 // 2149 // Type existingItem; 2150 // for ( existingItem in expression ) { statements } 2151 // 2152 // becomes: 2153 // 2154 // the same with newVariable replaced with existingItem; the binding works 2155 // the same except that for one ObjCForCollectionStmt::getElement() returns 2156 // a DeclStmt and the other returns a DeclRefExpr. 2157 // 2158 2159 CFGBlock *LoopSuccessor = 0; 2160 2161 if (Block) { 2162 if (badCFG) 2163 return 0; 2164 LoopSuccessor = Block; 2165 Block = 0; 2166 } else 2167 LoopSuccessor = Succ; 2168 2169 // Build the condition blocks. 2170 CFGBlock *ExitConditionBlock = createBlock(false); 2171 2172 // Set the terminator for the "exit" condition block. 2173 ExitConditionBlock->setTerminator(S); 2174 2175 // The last statement in the block should be the ObjCForCollectionStmt, which 2176 // performs the actual binding to 'element' and determines if there are any 2177 // more items in the collection. 2178 appendStmt(ExitConditionBlock, S); 2179 Block = ExitConditionBlock; 2180 2181 // Walk the 'element' expression to see if there are any side-effects. We 2182 // generate new blocks as necessary. We DON'T add the statement by default to 2183 // the CFG unless it contains control-flow. 2184 CFGBlock *EntryConditionBlock = Visit(S->getElement(), 2185 AddStmtChoice::NotAlwaysAdd); 2186 if (Block) { 2187 if (badCFG) 2188 return 0; 2189 Block = 0; 2190 } 2191 2192 // The condition block is the implicit successor for the loop body as well as 2193 // any code above the loop. 2194 Succ = EntryConditionBlock; 2195 2196 // Now create the true branch. 2197 { 2198 // Save the current values for Succ, continue and break targets. 2199 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 2200 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget), 2201 save_break(BreakJumpTarget); 2202 2203 // Add an intermediate block between the BodyBlock and the 2204 // EntryConditionBlock to represent the "loop back" transition, for looping 2205 // back to the head of the loop. 2206 CFGBlock *LoopBackBlock = 0; 2207 Succ = LoopBackBlock = createBlock(); 2208 LoopBackBlock->setLoopTarget(S); 2209 2210 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2211 ContinueJumpTarget = JumpTarget(Succ, ScopePos); 2212 2213 CFGBlock *BodyBlock = addStmt(S->getBody()); 2214 2215 if (!BodyBlock) 2216 BodyBlock = ContinueJumpTarget.block; // can happen for "for (X in Y) ;" 2217 else if (Block) { 2218 if (badCFG) 2219 return 0; 2220 } 2221 2222 // This new body block is a successor to our "exit" condition block. 2223 addSuccessor(ExitConditionBlock, BodyBlock); 2224 } 2225 2226 // Link up the condition block with the code that follows the loop. 2227 // (the false branch). 2228 addSuccessor(ExitConditionBlock, LoopSuccessor); 2229 2230 // Now create a prologue block to contain the collection expression. 2231 Block = createBlock(); 2232 return addStmt(S->getCollection()); 2233 } 2234 2235 CFGBlock *CFGBuilder::VisitObjCAutoreleasePoolStmt(ObjCAutoreleasePoolStmt *S) { 2236 // Inline the body. 2237 return addStmt(S->getSubStmt()); 2238 // TODO: consider adding cleanups for the end of @autoreleasepool scope. 2239 } 2240 2241 CFGBlock *CFGBuilder::VisitObjCAtSynchronizedStmt(ObjCAtSynchronizedStmt *S) { 2242 // FIXME: Add locking 'primitives' to CFG for @synchronized. 2243 2244 // Inline the body. 2245 CFGBlock *SyncBlock = addStmt(S->getSynchBody()); 2246 2247 // The sync body starts its own basic block. This makes it a little easier 2248 // for diagnostic clients. 2249 if (SyncBlock) { 2250 if (badCFG) 2251 return 0; 2252 2253 Block = 0; 2254 Succ = SyncBlock; 2255 } 2256 2257 // Add the @synchronized to the CFG. 2258 autoCreateBlock(); 2259 appendStmt(Block, S); 2260 2261 // Inline the sync expression. 2262 return addStmt(S->getSynchExpr()); 2263 } 2264 2265 CFGBlock *CFGBuilder::VisitObjCAtTryStmt(ObjCAtTryStmt *S) { 2266 // FIXME 2267 return NYS(); 2268 } 2269 2270 CFGBlock *CFGBuilder::VisitPseudoObjectExpr(PseudoObjectExpr *E) { 2271 autoCreateBlock(); 2272 2273 // Add the PseudoObject as the last thing. 2274 appendStmt(Block, E); 2275 2276 CFGBlock *lastBlock = Block; 2277 2278 // Before that, evaluate all of the semantics in order. In 2279 // CFG-land, that means appending them in reverse order. 2280 for (unsigned i = E->getNumSemanticExprs(); i != 0; ) { 2281 Expr *Semantic = E->getSemanticExpr(--i); 2282 2283 // If the semantic is an opaque value, we're being asked to bind 2284 // it to its source expression. 2285 if (OpaqueValueExpr *OVE = dyn_cast<OpaqueValueExpr>(Semantic)) 2286 Semantic = OVE->getSourceExpr(); 2287 2288 if (CFGBlock *B = Visit(Semantic)) 2289 lastBlock = B; 2290 } 2291 2292 return lastBlock; 2293 } 2294 2295 CFGBlock *CFGBuilder::VisitWhileStmt(WhileStmt *W) { 2296 CFGBlock *LoopSuccessor = NULL; 2297 2298 // Save local scope position because in case of condition variable ScopePos 2299 // won't be restored when traversing AST. 2300 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2301 2302 // Create local scope for possible condition variable. 2303 // Store scope position for continue statement. 2304 LocalScope::const_iterator LoopBeginScopePos = ScopePos; 2305 if (VarDecl *VD = W->getConditionVariable()) { 2306 addLocalScopeForVarDecl(VD); 2307 addAutomaticObjDtors(ScopePos, LoopBeginScopePos, W); 2308 } 2309 2310 // "while" is a control-flow statement. Thus we stop processing the current 2311 // block. 2312 if (Block) { 2313 if (badCFG) 2314 return 0; 2315 LoopSuccessor = Block; 2316 Block = 0; 2317 } else { 2318 LoopSuccessor = Succ; 2319 } 2320 2321 CFGBlock *BodyBlock = 0, *TransitionBlock = 0; 2322 2323 // Process the loop body. 2324 { 2325 assert(W->getBody()); 2326 2327 // Save the current values for Block, Succ, continue and break targets. 2328 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 2329 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget), 2330 save_break(BreakJumpTarget); 2331 2332 // Create an empty block to represent the transition block for looping back 2333 // to the head of the loop. 2334 Succ = TransitionBlock = createBlock(false); 2335 TransitionBlock->setLoopTarget(W); 2336 ContinueJumpTarget = JumpTarget(Succ, LoopBeginScopePos); 2337 2338 // All breaks should go to the code following the loop. 2339 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2340 2341 // Loop body should end with destructor of Condition variable (if any). 2342 addAutomaticObjDtors(ScopePos, LoopBeginScopePos, W); 2343 2344 // If body is not a compound statement create implicit scope 2345 // and add destructors. 2346 if (!isa<CompoundStmt>(W->getBody())) 2347 addLocalScopeAndDtors(W->getBody()); 2348 2349 // Create the body. The returned block is the entry to the loop body. 2350 BodyBlock = addStmt(W->getBody()); 2351 2352 if (!BodyBlock) 2353 BodyBlock = ContinueJumpTarget.block; // can happen for "while(...) ;" 2354 else if (Block && badCFG) 2355 return 0; 2356 } 2357 2358 // Because of short-circuit evaluation, the condition of the loop can span 2359 // multiple basic blocks. Thus we need the "Entry" and "Exit" blocks that 2360 // evaluate the condition. 2361 CFGBlock *EntryConditionBlock = 0, *ExitConditionBlock = 0; 2362 2363 do { 2364 Expr *C = W->getCond(); 2365 2366 // Specially handle logical operators, which have a slightly 2367 // more optimal CFG representation. 2368 if (BinaryOperator *Cond = dyn_cast<BinaryOperator>(C->IgnoreParens())) 2369 if (Cond->isLogicalOp()) { 2370 llvm::tie(EntryConditionBlock, ExitConditionBlock) = 2371 VisitLogicalOperator(Cond, W, BodyBlock, 2372 LoopSuccessor); 2373 break; 2374 } 2375 2376 // The default case when not handling logical operators. 2377 ExitConditionBlock = createBlock(false); 2378 ExitConditionBlock->setTerminator(W); 2379 2380 // Now add the actual condition to the condition block. 2381 // Because the condition itself may contain control-flow, new blocks may 2382 // be created. Thus we update "Succ" after adding the condition. 2383 Block = ExitConditionBlock; 2384 Block = EntryConditionBlock = addStmt(C); 2385 2386 // If this block contains a condition variable, add both the condition 2387 // variable and initializer to the CFG. 2388 if (VarDecl *VD = W->getConditionVariable()) { 2389 if (Expr *Init = VD->getInit()) { 2390 autoCreateBlock(); 2391 appendStmt(Block, W->getConditionVariableDeclStmt()); 2392 EntryConditionBlock = addStmt(Init); 2393 assert(Block == EntryConditionBlock); 2394 } 2395 } 2396 2397 if (Block && badCFG) 2398 return 0; 2399 2400 // See if this is a known constant. 2401 const TryResult& KnownVal = tryEvaluateBool(C); 2402 2403 // Add the loop body entry as a successor to the condition. 2404 addSuccessor(ExitConditionBlock, KnownVal.isFalse() ? NULL : BodyBlock); 2405 // Link up the condition block with the code that follows the loop. (the 2406 // false branch). 2407 addSuccessor(ExitConditionBlock, KnownVal.isTrue() ? NULL : LoopSuccessor); 2408 2409 } while(false); 2410 2411 // Link up the loop-back block to the entry condition block. 2412 addSuccessor(TransitionBlock, EntryConditionBlock); 2413 2414 // There can be no more statements in the condition block since we loop back 2415 // to this block. NULL out Block to force lazy creation of another block. 2416 Block = NULL; 2417 2418 // Return the condition block, which is the dominating block for the loop. 2419 Succ = EntryConditionBlock; 2420 return EntryConditionBlock; 2421 } 2422 2423 2424 CFGBlock *CFGBuilder::VisitObjCAtCatchStmt(ObjCAtCatchStmt *S) { 2425 // FIXME: For now we pretend that @catch and the code it contains does not 2426 // exit. 2427 return Block; 2428 } 2429 2430 CFGBlock *CFGBuilder::VisitObjCAtThrowStmt(ObjCAtThrowStmt *S) { 2431 // FIXME: This isn't complete. We basically treat @throw like a return 2432 // statement. 2433 2434 // If we were in the middle of a block we stop processing that block. 2435 if (badCFG) 2436 return 0; 2437 2438 // Create the new block. 2439 Block = createBlock(false); 2440 2441 // The Exit block is the only successor. 2442 addSuccessor(Block, &cfg->getExit()); 2443 2444 // Add the statement to the block. This may create new blocks if S contains 2445 // control-flow (short-circuit operations). 2446 return VisitStmt(S, AddStmtChoice::AlwaysAdd); 2447 } 2448 2449 CFGBlock *CFGBuilder::VisitCXXThrowExpr(CXXThrowExpr *T) { 2450 // If we were in the middle of a block we stop processing that block. 2451 if (badCFG) 2452 return 0; 2453 2454 // Create the new block. 2455 Block = createBlock(false); 2456 2457 if (TryTerminatedBlock) 2458 // The current try statement is the only successor. 2459 addSuccessor(Block, TryTerminatedBlock); 2460 else 2461 // otherwise the Exit block is the only successor. 2462 addSuccessor(Block, &cfg->getExit()); 2463 2464 // Add the statement to the block. This may create new blocks if S contains 2465 // control-flow (short-circuit operations). 2466 return VisitStmt(T, AddStmtChoice::AlwaysAdd); 2467 } 2468 2469 CFGBlock *CFGBuilder::VisitDoStmt(DoStmt *D) { 2470 CFGBlock *LoopSuccessor = NULL; 2471 2472 // "do...while" is a control-flow statement. Thus we stop processing the 2473 // current block. 2474 if (Block) { 2475 if (badCFG) 2476 return 0; 2477 LoopSuccessor = Block; 2478 } else 2479 LoopSuccessor = Succ; 2480 2481 // Because of short-circuit evaluation, the condition of the loop can span 2482 // multiple basic blocks. Thus we need the "Entry" and "Exit" blocks that 2483 // evaluate the condition. 2484 CFGBlock *ExitConditionBlock = createBlock(false); 2485 CFGBlock *EntryConditionBlock = ExitConditionBlock; 2486 2487 // Set the terminator for the "exit" condition block. 2488 ExitConditionBlock->setTerminator(D); 2489 2490 // Now add the actual condition to the condition block. Because the condition 2491 // itself may contain control-flow, new blocks may be created. 2492 if (Stmt *C = D->getCond()) { 2493 Block = ExitConditionBlock; 2494 EntryConditionBlock = addStmt(C); 2495 if (Block) { 2496 if (badCFG) 2497 return 0; 2498 } 2499 } 2500 2501 // The condition block is the implicit successor for the loop body. 2502 Succ = EntryConditionBlock; 2503 2504 // See if this is a known constant. 2505 const TryResult &KnownVal = tryEvaluateBool(D->getCond()); 2506 2507 // Process the loop body. 2508 CFGBlock *BodyBlock = NULL; 2509 { 2510 assert(D->getBody()); 2511 2512 // Save the current values for Block, Succ, and continue and break targets 2513 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 2514 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget), 2515 save_break(BreakJumpTarget); 2516 2517 // All continues within this loop should go to the condition block 2518 ContinueJumpTarget = JumpTarget(EntryConditionBlock, ScopePos); 2519 2520 // All breaks should go to the code following the loop. 2521 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2522 2523 // NULL out Block to force lazy instantiation of blocks for the body. 2524 Block = NULL; 2525 2526 // If body is not a compound statement create implicit scope 2527 // and add destructors. 2528 if (!isa<CompoundStmt>(D->getBody())) 2529 addLocalScopeAndDtors(D->getBody()); 2530 2531 // Create the body. The returned block is the entry to the loop body. 2532 BodyBlock = addStmt(D->getBody()); 2533 2534 if (!BodyBlock) 2535 BodyBlock = EntryConditionBlock; // can happen for "do ; while(...)" 2536 else if (Block) { 2537 if (badCFG) 2538 return 0; 2539 } 2540 2541 if (!KnownVal.isFalse()) { 2542 // Add an intermediate block between the BodyBlock and the 2543 // ExitConditionBlock to represent the "loop back" transition. Create an 2544 // empty block to represent the transition block for looping back to the 2545 // head of the loop. 2546 // FIXME: Can we do this more efficiently without adding another block? 2547 Block = NULL; 2548 Succ = BodyBlock; 2549 CFGBlock *LoopBackBlock = createBlock(); 2550 LoopBackBlock->setLoopTarget(D); 2551 2552 // Add the loop body entry as a successor to the condition. 2553 addSuccessor(ExitConditionBlock, LoopBackBlock); 2554 } 2555 else 2556 addSuccessor(ExitConditionBlock, NULL); 2557 } 2558 2559 // Link up the condition block with the code that follows the loop. 2560 // (the false branch). 2561 addSuccessor(ExitConditionBlock, KnownVal.isTrue() ? NULL : LoopSuccessor); 2562 2563 // There can be no more statements in the body block(s) since we loop back to 2564 // the body. NULL out Block to force lazy creation of another block. 2565 Block = NULL; 2566 2567 // Return the loop body, which is the dominating block for the loop. 2568 Succ = BodyBlock; 2569 return BodyBlock; 2570 } 2571 2572 CFGBlock *CFGBuilder::VisitContinueStmt(ContinueStmt *C) { 2573 // "continue" is a control-flow statement. Thus we stop processing the 2574 // current block. 2575 if (badCFG) 2576 return 0; 2577 2578 // Now create a new block that ends with the continue statement. 2579 Block = createBlock(false); 2580 Block->setTerminator(C); 2581 2582 // If there is no target for the continue, then we are looking at an 2583 // incomplete AST. This means the CFG cannot be constructed. 2584 if (ContinueJumpTarget.block) { 2585 addAutomaticObjDtors(ScopePos, ContinueJumpTarget.scopePosition, C); 2586 addSuccessor(Block, ContinueJumpTarget.block); 2587 } else 2588 badCFG = true; 2589 2590 return Block; 2591 } 2592 2593 CFGBlock *CFGBuilder::VisitUnaryExprOrTypeTraitExpr(UnaryExprOrTypeTraitExpr *E, 2594 AddStmtChoice asc) { 2595 2596 if (asc.alwaysAdd(*this, E)) { 2597 autoCreateBlock(); 2598 appendStmt(Block, E); 2599 } 2600 2601 // VLA types have expressions that must be evaluated. 2602 CFGBlock *lastBlock = Block; 2603 2604 if (E->isArgumentType()) { 2605 for (const VariableArrayType *VA =FindVA(E->getArgumentType().getTypePtr()); 2606 VA != 0; VA = FindVA(VA->getElementType().getTypePtr())) 2607 lastBlock = addStmt(VA->getSizeExpr()); 2608 } 2609 return lastBlock; 2610 } 2611 2612 /// VisitStmtExpr - Utility method to handle (nested) statement 2613 /// expressions (a GCC extension). 2614 CFGBlock *CFGBuilder::VisitStmtExpr(StmtExpr *SE, AddStmtChoice asc) { 2615 if (asc.alwaysAdd(*this, SE)) { 2616 autoCreateBlock(); 2617 appendStmt(Block, SE); 2618 } 2619 return VisitCompoundStmt(SE->getSubStmt()); 2620 } 2621 2622 CFGBlock *CFGBuilder::VisitSwitchStmt(SwitchStmt *Terminator) { 2623 // "switch" is a control-flow statement. Thus we stop processing the current 2624 // block. 2625 CFGBlock *SwitchSuccessor = NULL; 2626 2627 // Save local scope position because in case of condition variable ScopePos 2628 // won't be restored when traversing AST. 2629 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2630 2631 // Create local scope for possible condition variable. 2632 // Store scope position. Add implicit destructor. 2633 if (VarDecl *VD = Terminator->getConditionVariable()) { 2634 LocalScope::const_iterator SwitchBeginScopePos = ScopePos; 2635 addLocalScopeForVarDecl(VD); 2636 addAutomaticObjDtors(ScopePos, SwitchBeginScopePos, Terminator); 2637 } 2638 2639 if (Block) { 2640 if (badCFG) 2641 return 0; 2642 SwitchSuccessor = Block; 2643 } else SwitchSuccessor = Succ; 2644 2645 // Save the current "switch" context. 2646 SaveAndRestore<CFGBlock*> save_switch(SwitchTerminatedBlock), 2647 save_default(DefaultCaseBlock); 2648 SaveAndRestore<JumpTarget> save_break(BreakJumpTarget); 2649 2650 // Set the "default" case to be the block after the switch statement. If the 2651 // switch statement contains a "default:", this value will be overwritten with 2652 // the block for that code. 2653 DefaultCaseBlock = SwitchSuccessor; 2654 2655 // Create a new block that will contain the switch statement. 2656 SwitchTerminatedBlock = createBlock(false); 2657 2658 // Now process the switch body. The code after the switch is the implicit 2659 // successor. 2660 Succ = SwitchSuccessor; 2661 BreakJumpTarget = JumpTarget(SwitchSuccessor, ScopePos); 2662 2663 // When visiting the body, the case statements should automatically get linked 2664 // up to the switch. We also don't keep a pointer to the body, since all 2665 // control-flow from the switch goes to case/default statements. 2666 assert(Terminator->getBody() && "switch must contain a non-NULL body"); 2667 Block = NULL; 2668 2669 // For pruning unreachable case statements, save the current state 2670 // for tracking the condition value. 2671 SaveAndRestore<bool> save_switchExclusivelyCovered(switchExclusivelyCovered, 2672 false); 2673 2674 // Determine if the switch condition can be explicitly evaluated. 2675 assert(Terminator->getCond() && "switch condition must be non-NULL"); 2676 Expr::EvalResult result; 2677 bool b = tryEvaluate(Terminator->getCond(), result); 2678 SaveAndRestore<Expr::EvalResult*> save_switchCond(switchCond, 2679 b ? &result : 0); 2680 2681 // If body is not a compound statement create implicit scope 2682 // and add destructors. 2683 if (!isa<CompoundStmt>(Terminator->getBody())) 2684 addLocalScopeAndDtors(Terminator->getBody()); 2685 2686 addStmt(Terminator->getBody()); 2687 if (Block) { 2688 if (badCFG) 2689 return 0; 2690 } 2691 2692 // If we have no "default:" case, the default transition is to the code 2693 // following the switch body. Moreover, take into account if all the 2694 // cases of a switch are covered (e.g., switching on an enum value). 2695 // 2696 // Note: We add a successor to a switch that is considered covered yet has no 2697 // case statements if the enumeration has no enumerators. 2698 bool SwitchAlwaysHasSuccessor = false; 2699 SwitchAlwaysHasSuccessor |= switchExclusivelyCovered; 2700 SwitchAlwaysHasSuccessor |= Terminator->isAllEnumCasesCovered() && 2701 Terminator->getSwitchCaseList(); 2702 addSuccessor(SwitchTerminatedBlock, 2703 SwitchAlwaysHasSuccessor ? 0 : DefaultCaseBlock); 2704 2705 // Add the terminator and condition in the switch block. 2706 SwitchTerminatedBlock->setTerminator(Terminator); 2707 Block = SwitchTerminatedBlock; 2708 CFGBlock *LastBlock = addStmt(Terminator->getCond()); 2709 2710 // Finally, if the SwitchStmt contains a condition variable, add both the 2711 // SwitchStmt and the condition variable initialization to the CFG. 2712 if (VarDecl *VD = Terminator->getConditionVariable()) { 2713 if (Expr *Init = VD->getInit()) { 2714 autoCreateBlock(); 2715 appendStmt(Block, Terminator->getConditionVariableDeclStmt()); 2716 LastBlock = addStmt(Init); 2717 } 2718 } 2719 2720 return LastBlock; 2721 } 2722 2723 static bool shouldAddCase(bool &switchExclusivelyCovered, 2724 const Expr::EvalResult *switchCond, 2725 const CaseStmt *CS, 2726 ASTContext &Ctx) { 2727 if (!switchCond) 2728 return true; 2729 2730 bool addCase = false; 2731 2732 if (!switchExclusivelyCovered) { 2733 if (switchCond->Val.isInt()) { 2734 // Evaluate the LHS of the case value. 2735 const llvm::APSInt &lhsInt = CS->getLHS()->EvaluateKnownConstInt(Ctx); 2736 const llvm::APSInt &condInt = switchCond->Val.getInt(); 2737 2738 if (condInt == lhsInt) { 2739 addCase = true; 2740 switchExclusivelyCovered = true; 2741 } 2742 else if (condInt < lhsInt) { 2743 if (const Expr *RHS = CS->getRHS()) { 2744 // Evaluate the RHS of the case value. 2745 const llvm::APSInt &V2 = RHS->EvaluateKnownConstInt(Ctx); 2746 if (V2 <= condInt) { 2747 addCase = true; 2748 switchExclusivelyCovered = true; 2749 } 2750 } 2751 } 2752 } 2753 else 2754 addCase = true; 2755 } 2756 return addCase; 2757 } 2758 2759 CFGBlock *CFGBuilder::VisitCaseStmt(CaseStmt *CS) { 2760 // CaseStmts are essentially labels, so they are the first statement in a 2761 // block. 2762 CFGBlock *TopBlock = 0, *LastBlock = 0; 2763 2764 if (Stmt *Sub = CS->getSubStmt()) { 2765 // For deeply nested chains of CaseStmts, instead of doing a recursion 2766 // (which can blow out the stack), manually unroll and create blocks 2767 // along the way. 2768 while (isa<CaseStmt>(Sub)) { 2769 CFGBlock *currentBlock = createBlock(false); 2770 currentBlock->setLabel(CS); 2771 2772 if (TopBlock) 2773 addSuccessor(LastBlock, currentBlock); 2774 else 2775 TopBlock = currentBlock; 2776 2777 addSuccessor(SwitchTerminatedBlock, 2778 shouldAddCase(switchExclusivelyCovered, switchCond, 2779 CS, *Context) 2780 ? currentBlock : 0); 2781 2782 LastBlock = currentBlock; 2783 CS = cast<CaseStmt>(Sub); 2784 Sub = CS->getSubStmt(); 2785 } 2786 2787 addStmt(Sub); 2788 } 2789 2790 CFGBlock *CaseBlock = Block; 2791 if (!CaseBlock) 2792 CaseBlock = createBlock(); 2793 2794 // Cases statements partition blocks, so this is the top of the basic block we 2795 // were processing (the "case XXX:" is the label). 2796 CaseBlock->setLabel(CS); 2797 2798 if (badCFG) 2799 return 0; 2800 2801 // Add this block to the list of successors for the block with the switch 2802 // statement. 2803 assert(SwitchTerminatedBlock); 2804 addSuccessor(SwitchTerminatedBlock, 2805 shouldAddCase(switchExclusivelyCovered, switchCond, 2806 CS, *Context) 2807 ? CaseBlock : 0); 2808 2809 // We set Block to NULL to allow lazy creation of a new block (if necessary) 2810 Block = NULL; 2811 2812 if (TopBlock) { 2813 addSuccessor(LastBlock, CaseBlock); 2814 Succ = TopBlock; 2815 } else { 2816 // This block is now the implicit successor of other blocks. 2817 Succ = CaseBlock; 2818 } 2819 2820 return Succ; 2821 } 2822 2823 CFGBlock *CFGBuilder::VisitDefaultStmt(DefaultStmt *Terminator) { 2824 if (Terminator->getSubStmt()) 2825 addStmt(Terminator->getSubStmt()); 2826 2827 DefaultCaseBlock = Block; 2828 2829 if (!DefaultCaseBlock) 2830 DefaultCaseBlock = createBlock(); 2831 2832 // Default statements partition blocks, so this is the top of the basic block 2833 // we were processing (the "default:" is the label). 2834 DefaultCaseBlock->setLabel(Terminator); 2835 2836 if (badCFG) 2837 return 0; 2838 2839 // Unlike case statements, we don't add the default block to the successors 2840 // for the switch statement immediately. This is done when we finish 2841 // processing the switch statement. This allows for the default case 2842 // (including a fall-through to the code after the switch statement) to always 2843 // be the last successor of a switch-terminated block. 2844 2845 // We set Block to NULL to allow lazy creation of a new block (if necessary) 2846 Block = NULL; 2847 2848 // This block is now the implicit successor of other blocks. 2849 Succ = DefaultCaseBlock; 2850 2851 return DefaultCaseBlock; 2852 } 2853 2854 CFGBlock *CFGBuilder::VisitCXXTryStmt(CXXTryStmt *Terminator) { 2855 // "try"/"catch" is a control-flow statement. Thus we stop processing the 2856 // current block. 2857 CFGBlock *TrySuccessor = NULL; 2858 2859 if (Block) { 2860 if (badCFG) 2861 return 0; 2862 TrySuccessor = Block; 2863 } else TrySuccessor = Succ; 2864 2865 CFGBlock *PrevTryTerminatedBlock = TryTerminatedBlock; 2866 2867 // Create a new block that will contain the try statement. 2868 CFGBlock *NewTryTerminatedBlock = createBlock(false); 2869 // Add the terminator in the try block. 2870 NewTryTerminatedBlock->setTerminator(Terminator); 2871 2872 bool HasCatchAll = false; 2873 for (unsigned h = 0; h <Terminator->getNumHandlers(); ++h) { 2874 // The code after the try is the implicit successor. 2875 Succ = TrySuccessor; 2876 CXXCatchStmt *CS = Terminator->getHandler(h); 2877 if (CS->getExceptionDecl() == 0) { 2878 HasCatchAll = true; 2879 } 2880 Block = NULL; 2881 CFGBlock *CatchBlock = VisitCXXCatchStmt(CS); 2882 if (CatchBlock == 0) 2883 return 0; 2884 // Add this block to the list of successors for the block with the try 2885 // statement. 2886 addSuccessor(NewTryTerminatedBlock, CatchBlock); 2887 } 2888 if (!HasCatchAll) { 2889 if (PrevTryTerminatedBlock) 2890 addSuccessor(NewTryTerminatedBlock, PrevTryTerminatedBlock); 2891 else 2892 addSuccessor(NewTryTerminatedBlock, &cfg->getExit()); 2893 } 2894 2895 // The code after the try is the implicit successor. 2896 Succ = TrySuccessor; 2897 2898 // Save the current "try" context. 2899 SaveAndRestore<CFGBlock*> save_try(TryTerminatedBlock, NewTryTerminatedBlock); 2900 cfg->addTryDispatchBlock(TryTerminatedBlock); 2901 2902 assert(Terminator->getTryBlock() && "try must contain a non-NULL body"); 2903 Block = NULL; 2904 return addStmt(Terminator->getTryBlock()); 2905 } 2906 2907 CFGBlock *CFGBuilder::VisitCXXCatchStmt(CXXCatchStmt *CS) { 2908 // CXXCatchStmt are treated like labels, so they are the first statement in a 2909 // block. 2910 2911 // Save local scope position because in case of exception variable ScopePos 2912 // won't be restored when traversing AST. 2913 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2914 2915 // Create local scope for possible exception variable. 2916 // Store scope position. Add implicit destructor. 2917 if (VarDecl *VD = CS->getExceptionDecl()) { 2918 LocalScope::const_iterator BeginScopePos = ScopePos; 2919 addLocalScopeForVarDecl(VD); 2920 addAutomaticObjDtors(ScopePos, BeginScopePos, CS); 2921 } 2922 2923 if (CS->getHandlerBlock()) 2924 addStmt(CS->getHandlerBlock()); 2925 2926 CFGBlock *CatchBlock = Block; 2927 if (!CatchBlock) 2928 CatchBlock = createBlock(); 2929 2930 // CXXCatchStmt is more than just a label. They have semantic meaning 2931 // as well, as they implicitly "initialize" the catch variable. Add 2932 // it to the CFG as a CFGElement so that the control-flow of these 2933 // semantics gets captured. 2934 appendStmt(CatchBlock, CS); 2935 2936 // Also add the CXXCatchStmt as a label, to mirror handling of regular 2937 // labels. 2938 CatchBlock->setLabel(CS); 2939 2940 // Bail out if the CFG is bad. 2941 if (badCFG) 2942 return 0; 2943 2944 // We set Block to NULL to allow lazy creation of a new block (if necessary) 2945 Block = NULL; 2946 2947 return CatchBlock; 2948 } 2949 2950 CFGBlock *CFGBuilder::VisitCXXForRangeStmt(CXXForRangeStmt *S) { 2951 // C++0x for-range statements are specified as [stmt.ranged]: 2952 // 2953 // { 2954 // auto && __range = range-init; 2955 // for ( auto __begin = begin-expr, 2956 // __end = end-expr; 2957 // __begin != __end; 2958 // ++__begin ) { 2959 // for-range-declaration = *__begin; 2960 // statement 2961 // } 2962 // } 2963 2964 // Save local scope position before the addition of the implicit variables. 2965 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2966 2967 // Create local scopes and destructors for range, begin and end variables. 2968 if (Stmt *Range = S->getRangeStmt()) 2969 addLocalScopeForStmt(Range); 2970 if (Stmt *BeginEnd = S->getBeginEndStmt()) 2971 addLocalScopeForStmt(BeginEnd); 2972 addAutomaticObjDtors(ScopePos, save_scope_pos.get(), S); 2973 2974 LocalScope::const_iterator ContinueScopePos = ScopePos; 2975 2976 // "for" is a control-flow statement. Thus we stop processing the current 2977 // block. 2978 CFGBlock *LoopSuccessor = NULL; 2979 if (Block) { 2980 if (badCFG) 2981 return 0; 2982 LoopSuccessor = Block; 2983 } else 2984 LoopSuccessor = Succ; 2985 2986 // Save the current value for the break targets. 2987 // All breaks should go to the code following the loop. 2988 SaveAndRestore<JumpTarget> save_break(BreakJumpTarget); 2989 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2990 2991 // The block for the __begin != __end expression. 2992 CFGBlock *ConditionBlock = createBlock(false); 2993 ConditionBlock->setTerminator(S); 2994 2995 // Now add the actual condition to the condition block. 2996 if (Expr *C = S->getCond()) { 2997 Block = ConditionBlock; 2998 CFGBlock *BeginConditionBlock = addStmt(C); 2999 if (badCFG) 3000 return 0; 3001 assert(BeginConditionBlock == ConditionBlock && 3002 "condition block in for-range was unexpectedly complex"); 3003 (void)BeginConditionBlock; 3004 } 3005 3006 // The condition block is the implicit successor for the loop body as well as 3007 // any code above the loop. 3008 Succ = ConditionBlock; 3009 3010 // See if this is a known constant. 3011 TryResult KnownVal(true); 3012 3013 if (S->getCond()) 3014 KnownVal = tryEvaluateBool(S->getCond()); 3015 3016 // Now create the loop body. 3017 { 3018 assert(S->getBody()); 3019 3020 // Save the current values for Block, Succ, and continue targets. 3021 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 3022 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget); 3023 3024 // Generate increment code in its own basic block. This is the target of 3025 // continue statements. 3026 Block = 0; 3027 Succ = addStmt(S->getInc()); 3028 ContinueJumpTarget = JumpTarget(Succ, ContinueScopePos); 3029 3030 // The starting block for the loop increment is the block that should 3031 // represent the 'loop target' for looping back to the start of the loop. 3032 ContinueJumpTarget.block->setLoopTarget(S); 3033 3034 // Finish up the increment block and prepare to start the loop body. 3035 assert(Block); 3036 if (badCFG) 3037 return 0; 3038 Block = 0; 3039 3040 3041 // Add implicit scope and dtors for loop variable. 3042 addLocalScopeAndDtors(S->getLoopVarStmt()); 3043 3044 // Populate a new block to contain the loop body and loop variable. 3045 addStmt(S->getBody()); 3046 if (badCFG) 3047 return 0; 3048 CFGBlock *LoopVarStmtBlock = addStmt(S->getLoopVarStmt()); 3049 if (badCFG) 3050 return 0; 3051 3052 // This new body block is a successor to our condition block. 3053 addSuccessor(ConditionBlock, KnownVal.isFalse() ? 0 : LoopVarStmtBlock); 3054 } 3055 3056 // Link up the condition block with the code that follows the loop (the 3057 // false branch). 3058 addSuccessor(ConditionBlock, KnownVal.isTrue() ? 0 : LoopSuccessor); 3059 3060 // Add the initialization statements. 3061 Block = createBlock(); 3062 addStmt(S->getBeginEndStmt()); 3063 return addStmt(S->getRangeStmt()); 3064 } 3065 3066 CFGBlock *CFGBuilder::VisitExprWithCleanups(ExprWithCleanups *E, 3067 AddStmtChoice asc) { 3068 if (BuildOpts.AddTemporaryDtors) { 3069 // If adding implicit destructors visit the full expression for adding 3070 // destructors of temporaries. 3071 VisitForTemporaryDtors(E->getSubExpr()); 3072 3073 // Full expression has to be added as CFGStmt so it will be sequenced 3074 // before destructors of it's temporaries. 3075 asc = asc.withAlwaysAdd(true); 3076 } 3077 return Visit(E->getSubExpr(), asc); 3078 } 3079 3080 CFGBlock *CFGBuilder::VisitCXXBindTemporaryExpr(CXXBindTemporaryExpr *E, 3081 AddStmtChoice asc) { 3082 if (asc.alwaysAdd(*this, E)) { 3083 autoCreateBlock(); 3084 appendStmt(Block, E); 3085 3086 // We do not want to propagate the AlwaysAdd property. 3087 asc = asc.withAlwaysAdd(false); 3088 } 3089 return Visit(E->getSubExpr(), asc); 3090 } 3091 3092 CFGBlock *CFGBuilder::VisitCXXConstructExpr(CXXConstructExpr *C, 3093 AddStmtChoice asc) { 3094 autoCreateBlock(); 3095 appendStmt(Block, C); 3096 3097 return VisitChildren(C); 3098 } 3099 3100 CFGBlock *CFGBuilder::VisitCXXFunctionalCastExpr(CXXFunctionalCastExpr *E, 3101 AddStmtChoice asc) { 3102 if (asc.alwaysAdd(*this, E)) { 3103 autoCreateBlock(); 3104 appendStmt(Block, E); 3105 // We do not want to propagate the AlwaysAdd property. 3106 asc = asc.withAlwaysAdd(false); 3107 } 3108 return Visit(E->getSubExpr(), asc); 3109 } 3110 3111 CFGBlock *CFGBuilder::VisitCXXTemporaryObjectExpr(CXXTemporaryObjectExpr *C, 3112 AddStmtChoice asc) { 3113 autoCreateBlock(); 3114 appendStmt(Block, C); 3115 return VisitChildren(C); 3116 } 3117 3118 CFGBlock *CFGBuilder::VisitImplicitCastExpr(ImplicitCastExpr *E, 3119 AddStmtChoice asc) { 3120 if (asc.alwaysAdd(*this, E)) { 3121 autoCreateBlock(); 3122 appendStmt(Block, E); 3123 } 3124 return Visit(E->getSubExpr(), AddStmtChoice()); 3125 } 3126 3127 CFGBlock *CFGBuilder::VisitIndirectGotoStmt(IndirectGotoStmt *I) { 3128 // Lazily create the indirect-goto dispatch block if there isn't one already. 3129 CFGBlock *IBlock = cfg->getIndirectGotoBlock(); 3130 3131 if (!IBlock) { 3132 IBlock = createBlock(false); 3133 cfg->setIndirectGotoBlock(IBlock); 3134 } 3135 3136 // IndirectGoto is a control-flow statement. Thus we stop processing the 3137 // current block and create a new one. 3138 if (badCFG) 3139 return 0; 3140 3141 Block = createBlock(false); 3142 Block->setTerminator(I); 3143 addSuccessor(Block, IBlock); 3144 return addStmt(I->getTarget()); 3145 } 3146 3147 CFGBlock *CFGBuilder::VisitForTemporaryDtors(Stmt *E, bool BindToTemporary) { 3148 assert(BuildOpts.AddImplicitDtors && BuildOpts.AddTemporaryDtors); 3149 3150 tryAgain: 3151 if (!E) { 3152 badCFG = true; 3153 return NULL; 3154 } 3155 switch (E->getStmtClass()) { 3156 default: 3157 return VisitChildrenForTemporaryDtors(E); 3158 3159 case Stmt::BinaryOperatorClass: 3160 return VisitBinaryOperatorForTemporaryDtors(cast<BinaryOperator>(E)); 3161 3162 case Stmt::CXXBindTemporaryExprClass: 3163 return VisitCXXBindTemporaryExprForTemporaryDtors( 3164 cast<CXXBindTemporaryExpr>(E), BindToTemporary); 3165 3166 case Stmt::BinaryConditionalOperatorClass: 3167 case Stmt::ConditionalOperatorClass: 3168 return VisitConditionalOperatorForTemporaryDtors( 3169 cast<AbstractConditionalOperator>(E), BindToTemporary); 3170 3171 case Stmt::ImplicitCastExprClass: 3172 // For implicit cast we want BindToTemporary to be passed further. 3173 E = cast<CastExpr>(E)->getSubExpr(); 3174 goto tryAgain; 3175 3176 case Stmt::ParenExprClass: 3177 E = cast<ParenExpr>(E)->getSubExpr(); 3178 goto tryAgain; 3179 3180 case Stmt::MaterializeTemporaryExprClass: 3181 E = cast<MaterializeTemporaryExpr>(E)->GetTemporaryExpr(); 3182 goto tryAgain; 3183 } 3184 } 3185 3186 CFGBlock *CFGBuilder::VisitChildrenForTemporaryDtors(Stmt *E) { 3187 // When visiting children for destructors we want to visit them in reverse 3188 // order that they will appear in the CFG. Because the CFG is built 3189 // bottom-up, this means we visit them in their natural order, which 3190 // reverses them in the CFG. 3191 CFGBlock *B = Block; 3192 for (Stmt::child_range I = E->children(); I; ++I) { 3193 if (Stmt *Child = *I) 3194 if (CFGBlock *R = VisitForTemporaryDtors(Child)) 3195 B = R; 3196 } 3197 return B; 3198 } 3199 3200 CFGBlock *CFGBuilder::VisitBinaryOperatorForTemporaryDtors(BinaryOperator *E) { 3201 if (E->isLogicalOp()) { 3202 // Destructors for temporaries in LHS expression should be called after 3203 // those for RHS expression. Even if this will unnecessarily create a block, 3204 // this block will be used at least by the full expression. 3205 autoCreateBlock(); 3206 CFGBlock *ConfluenceBlock = VisitForTemporaryDtors(E->getLHS()); 3207 if (badCFG) 3208 return NULL; 3209 3210 Succ = ConfluenceBlock; 3211 Block = NULL; 3212 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getRHS()); 3213 3214 if (RHSBlock) { 3215 if (badCFG) 3216 return NULL; 3217 3218 // If RHS expression did produce destructors we need to connect created 3219 // blocks to CFG in same manner as for binary operator itself. 3220 CFGBlock *LHSBlock = createBlock(false); 3221 LHSBlock->setTerminator(CFGTerminator(E, true)); 3222 3223 // For binary operator LHS block is before RHS in list of predecessors 3224 // of ConfluenceBlock. 3225 std::reverse(ConfluenceBlock->pred_begin(), 3226 ConfluenceBlock->pred_end()); 3227 3228 // See if this is a known constant. 3229 TryResult KnownVal = tryEvaluateBool(E->getLHS()); 3230 if (KnownVal.isKnown() && (E->getOpcode() == BO_LOr)) 3231 KnownVal.negate(); 3232 3233 // Link LHSBlock with RHSBlock exactly the same way as for binary operator 3234 // itself. 3235 if (E->getOpcode() == BO_LOr) { 3236 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : ConfluenceBlock); 3237 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : RHSBlock); 3238 } else { 3239 assert (E->getOpcode() == BO_LAnd); 3240 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : RHSBlock); 3241 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : ConfluenceBlock); 3242 } 3243 3244 Block = LHSBlock; 3245 return LHSBlock; 3246 } 3247 3248 Block = ConfluenceBlock; 3249 return ConfluenceBlock; 3250 } 3251 3252 if (E->isAssignmentOp()) { 3253 // For assignment operator (=) LHS expression is visited 3254 // before RHS expression. For destructors visit them in reverse order. 3255 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getRHS()); 3256 CFGBlock *LHSBlock = VisitForTemporaryDtors(E->getLHS()); 3257 return LHSBlock ? LHSBlock : RHSBlock; 3258 } 3259 3260 // For any other binary operator RHS expression is visited before 3261 // LHS expression (order of children). For destructors visit them in reverse 3262 // order. 3263 CFGBlock *LHSBlock = VisitForTemporaryDtors(E->getLHS()); 3264 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getRHS()); 3265 return RHSBlock ? RHSBlock : LHSBlock; 3266 } 3267 3268 CFGBlock *CFGBuilder::VisitCXXBindTemporaryExprForTemporaryDtors( 3269 CXXBindTemporaryExpr *E, bool BindToTemporary) { 3270 // First add destructors for temporaries in subexpression. 3271 CFGBlock *B = VisitForTemporaryDtors(E->getSubExpr()); 3272 if (!BindToTemporary) { 3273 // If lifetime of temporary is not prolonged (by assigning to constant 3274 // reference) add destructor for it. 3275 3276 // If the destructor is marked as a no-return destructor, we need to create 3277 // a new block for the destructor which does not have as a successor 3278 // anything built thus far. Control won't flow out of this block. 3279 const CXXDestructorDecl *Dtor = E->getTemporary()->getDestructor(); 3280 if (Dtor->isNoReturn()) 3281 Block = createNoReturnBlock(); 3282 else 3283 autoCreateBlock(); 3284 3285 appendTemporaryDtor(Block, E); 3286 B = Block; 3287 } 3288 return B; 3289 } 3290 3291 CFGBlock *CFGBuilder::VisitConditionalOperatorForTemporaryDtors( 3292 AbstractConditionalOperator *E, bool BindToTemporary) { 3293 // First add destructors for condition expression. Even if this will 3294 // unnecessarily create a block, this block will be used at least by the full 3295 // expression. 3296 autoCreateBlock(); 3297 CFGBlock *ConfluenceBlock = VisitForTemporaryDtors(E->getCond()); 3298 if (badCFG) 3299 return NULL; 3300 if (BinaryConditionalOperator *BCO 3301 = dyn_cast<BinaryConditionalOperator>(E)) { 3302 ConfluenceBlock = VisitForTemporaryDtors(BCO->getCommon()); 3303 if (badCFG) 3304 return NULL; 3305 } 3306 3307 // Try to add block with destructors for LHS expression. 3308 CFGBlock *LHSBlock = NULL; 3309 Succ = ConfluenceBlock; 3310 Block = NULL; 3311 LHSBlock = VisitForTemporaryDtors(E->getTrueExpr(), BindToTemporary); 3312 if (badCFG) 3313 return NULL; 3314 3315 // Try to add block with destructors for RHS expression; 3316 Succ = ConfluenceBlock; 3317 Block = NULL; 3318 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getFalseExpr(), 3319 BindToTemporary); 3320 if (badCFG) 3321 return NULL; 3322 3323 if (!RHSBlock && !LHSBlock) { 3324 // If neither LHS nor RHS expression had temporaries to destroy don't create 3325 // more blocks. 3326 Block = ConfluenceBlock; 3327 return Block; 3328 } 3329 3330 Block = createBlock(false); 3331 Block->setTerminator(CFGTerminator(E, true)); 3332 3333 // See if this is a known constant. 3334 const TryResult &KnownVal = tryEvaluateBool(E->getCond()); 3335 3336 if (LHSBlock) { 3337 addSuccessor(Block, KnownVal.isFalse() ? NULL : LHSBlock); 3338 } else if (KnownVal.isFalse()) { 3339 addSuccessor(Block, NULL); 3340 } else { 3341 addSuccessor(Block, ConfluenceBlock); 3342 std::reverse(ConfluenceBlock->pred_begin(), ConfluenceBlock->pred_end()); 3343 } 3344 3345 if (!RHSBlock) 3346 RHSBlock = ConfluenceBlock; 3347 addSuccessor(Block, KnownVal.isTrue() ? NULL : RHSBlock); 3348 3349 return Block; 3350 } 3351 3352 } // end anonymous namespace 3353 3354 /// createBlock - Constructs and adds a new CFGBlock to the CFG. The block has 3355 /// no successors or predecessors. If this is the first block created in the 3356 /// CFG, it is automatically set to be the Entry and Exit of the CFG. 3357 CFGBlock *CFG::createBlock() { 3358 bool first_block = begin() == end(); 3359 3360 // Create the block. 3361 CFGBlock *Mem = getAllocator().Allocate<CFGBlock>(); 3362 new (Mem) CFGBlock(NumBlockIDs++, BlkBVC, this); 3363 Blocks.push_back(Mem, BlkBVC); 3364 3365 // If this is the first block, set it as the Entry and Exit. 3366 if (first_block) 3367 Entry = Exit = &back(); 3368 3369 // Return the block. 3370 return &back(); 3371 } 3372 3373 /// buildCFG - Constructs a CFG from an AST. Ownership of the returned 3374 /// CFG is returned to the caller. 3375 CFG* CFG::buildCFG(const Decl *D, Stmt *Statement, ASTContext *C, 3376 const BuildOptions &BO) { 3377 CFGBuilder Builder(C, BO); 3378 return Builder.buildCFG(D, Statement); 3379 } 3380 3381 const CXXDestructorDecl * 3382 CFGImplicitDtor::getDestructorDecl(ASTContext &astContext) const { 3383 switch (getKind()) { 3384 case CFGElement::Statement: 3385 case CFGElement::Initializer: 3386 llvm_unreachable("getDestructorDecl should only be used with " 3387 "ImplicitDtors"); 3388 case CFGElement::AutomaticObjectDtor: { 3389 const VarDecl *var = castAs<CFGAutomaticObjDtor>().getVarDecl(); 3390 QualType ty = var->getType(); 3391 ty = ty.getNonReferenceType(); 3392 while (const ArrayType *arrayType = astContext.getAsArrayType(ty)) { 3393 ty = arrayType->getElementType(); 3394 } 3395 const RecordType *recordType = ty->getAs<RecordType>(); 3396 const CXXRecordDecl *classDecl = 3397 cast<CXXRecordDecl>(recordType->getDecl()); 3398 return classDecl->getDestructor(); 3399 } 3400 case CFGElement::TemporaryDtor: { 3401 const CXXBindTemporaryExpr *bindExpr = 3402 castAs<CFGTemporaryDtor>().getBindTemporaryExpr(); 3403 const CXXTemporary *temp = bindExpr->getTemporary(); 3404 return temp->getDestructor(); 3405 } 3406 case CFGElement::BaseDtor: 3407 case CFGElement::MemberDtor: 3408 3409 // Not yet supported. 3410 return 0; 3411 } 3412 llvm_unreachable("getKind() returned bogus value"); 3413 } 3414 3415 bool CFGImplicitDtor::isNoReturn(ASTContext &astContext) const { 3416 if (const CXXDestructorDecl *DD = getDestructorDecl(astContext)) 3417 return DD->isNoReturn(); 3418 return false; 3419 } 3420 3421 //===----------------------------------------------------------------------===// 3422 // Filtered walking of the CFG. 3423 //===----------------------------------------------------------------------===// 3424 3425 bool CFGBlock::FilterEdge(const CFGBlock::FilterOptions &F, 3426 const CFGBlock *From, const CFGBlock *To) { 3427 3428 if (To && F.IgnoreDefaultsWithCoveredEnums) { 3429 // If the 'To' has no label or is labeled but the label isn't a 3430 // CaseStmt then filter this edge. 3431 if (const SwitchStmt *S = 3432 dyn_cast_or_null<SwitchStmt>(From->getTerminator().getStmt())) { 3433 if (S->isAllEnumCasesCovered()) { 3434 const Stmt *L = To->getLabel(); 3435 if (!L || !isa<CaseStmt>(L)) 3436 return true; 3437 } 3438 } 3439 } 3440 3441 return false; 3442 } 3443 3444 //===----------------------------------------------------------------------===// 3445 // CFG pretty printing 3446 //===----------------------------------------------------------------------===// 3447 3448 namespace { 3449 3450 class StmtPrinterHelper : public PrinterHelper { 3451 typedef llvm::DenseMap<const Stmt*,std::pair<unsigned,unsigned> > StmtMapTy; 3452 typedef llvm::DenseMap<const Decl*,std::pair<unsigned,unsigned> > DeclMapTy; 3453 StmtMapTy StmtMap; 3454 DeclMapTy DeclMap; 3455 signed currentBlock; 3456 unsigned currStmt; 3457 const LangOptions &LangOpts; 3458 public: 3459 3460 StmtPrinterHelper(const CFG* cfg, const LangOptions &LO) 3461 : currentBlock(0), currStmt(0), LangOpts(LO) 3462 { 3463 for (CFG::const_iterator I = cfg->begin(), E = cfg->end(); I != E; ++I ) { 3464 unsigned j = 1; 3465 for (CFGBlock::const_iterator BI = (*I)->begin(), BEnd = (*I)->end() ; 3466 BI != BEnd; ++BI, ++j ) { 3467 if (Optional<CFGStmt> SE = BI->getAs<CFGStmt>()) { 3468 const Stmt *stmt= SE->getStmt(); 3469 std::pair<unsigned, unsigned> P((*I)->getBlockID(), j); 3470 StmtMap[stmt] = P; 3471 3472 switch (stmt->getStmtClass()) { 3473 case Stmt::DeclStmtClass: 3474 DeclMap[cast<DeclStmt>(stmt)->getSingleDecl()] = P; 3475 break; 3476 case Stmt::IfStmtClass: { 3477 const VarDecl *var = cast<IfStmt>(stmt)->getConditionVariable(); 3478 if (var) 3479 DeclMap[var] = P; 3480 break; 3481 } 3482 case Stmt::ForStmtClass: { 3483 const VarDecl *var = cast<ForStmt>(stmt)->getConditionVariable(); 3484 if (var) 3485 DeclMap[var] = P; 3486 break; 3487 } 3488 case Stmt::WhileStmtClass: { 3489 const VarDecl *var = 3490 cast<WhileStmt>(stmt)->getConditionVariable(); 3491 if (var) 3492 DeclMap[var] = P; 3493 break; 3494 } 3495 case Stmt::SwitchStmtClass: { 3496 const VarDecl *var = 3497 cast<SwitchStmt>(stmt)->getConditionVariable(); 3498 if (var) 3499 DeclMap[var] = P; 3500 break; 3501 } 3502 case Stmt::CXXCatchStmtClass: { 3503 const VarDecl *var = 3504 cast<CXXCatchStmt>(stmt)->getExceptionDecl(); 3505 if (var) 3506 DeclMap[var] = P; 3507 break; 3508 } 3509 default: 3510 break; 3511 } 3512 } 3513 } 3514 } 3515 } 3516 3517 3518 virtual ~StmtPrinterHelper() {} 3519 3520 const LangOptions &getLangOpts() const { return LangOpts; } 3521 void setBlockID(signed i) { currentBlock = i; } 3522 void setStmtID(unsigned i) { currStmt = i; } 3523 3524 virtual bool handledStmt(Stmt *S, raw_ostream &OS) { 3525 StmtMapTy::iterator I = StmtMap.find(S); 3526 3527 if (I == StmtMap.end()) 3528 return false; 3529 3530 if (currentBlock >= 0 && I->second.first == (unsigned) currentBlock 3531 && I->second.second == currStmt) { 3532 return false; 3533 } 3534 3535 OS << "[B" << I->second.first << "." << I->second.second << "]"; 3536 return true; 3537 } 3538 3539 bool handleDecl(const Decl *D, raw_ostream &OS) { 3540 DeclMapTy::iterator I = DeclMap.find(D); 3541 3542 if (I == DeclMap.end()) 3543 return false; 3544 3545 if (currentBlock >= 0 && I->second.first == (unsigned) currentBlock 3546 && I->second.second == currStmt) { 3547 return false; 3548 } 3549 3550 OS << "[B" << I->second.first << "." << I->second.second << "]"; 3551 return true; 3552 } 3553 }; 3554 } // end anonymous namespace 3555 3556 3557 namespace { 3558 class CFGBlockTerminatorPrint 3559 : public StmtVisitor<CFGBlockTerminatorPrint,void> { 3560 3561 raw_ostream &OS; 3562 StmtPrinterHelper* Helper; 3563 PrintingPolicy Policy; 3564 public: 3565 CFGBlockTerminatorPrint(raw_ostream &os, StmtPrinterHelper* helper, 3566 const PrintingPolicy &Policy) 3567 : OS(os), Helper(helper), Policy(Policy) {} 3568 3569 void VisitIfStmt(IfStmt *I) { 3570 OS << "if "; 3571 I->getCond()->printPretty(OS,Helper,Policy); 3572 } 3573 3574 // Default case. 3575 void VisitStmt(Stmt *Terminator) { 3576 Terminator->printPretty(OS, Helper, Policy); 3577 } 3578 3579 void VisitDeclStmt(DeclStmt *DS) { 3580 VarDecl *VD = cast<VarDecl>(DS->getSingleDecl()); 3581 OS << "static init " << VD->getName(); 3582 } 3583 3584 void VisitForStmt(ForStmt *F) { 3585 OS << "for (" ; 3586 if (F->getInit()) 3587 OS << "..."; 3588 OS << "; "; 3589 if (Stmt *C = F->getCond()) 3590 C->printPretty(OS, Helper, Policy); 3591 OS << "; "; 3592 if (F->getInc()) 3593 OS << "..."; 3594 OS << ")"; 3595 } 3596 3597 void VisitWhileStmt(WhileStmt *W) { 3598 OS << "while " ; 3599 if (Stmt *C = W->getCond()) 3600 C->printPretty(OS, Helper, Policy); 3601 } 3602 3603 void VisitDoStmt(DoStmt *D) { 3604 OS << "do ... while "; 3605 if (Stmt *C = D->getCond()) 3606 C->printPretty(OS, Helper, Policy); 3607 } 3608 3609 void VisitSwitchStmt(SwitchStmt *Terminator) { 3610 OS << "switch "; 3611 Terminator->getCond()->printPretty(OS, Helper, Policy); 3612 } 3613 3614 void VisitCXXTryStmt(CXXTryStmt *CS) { 3615 OS << "try ..."; 3616 } 3617 3618 void VisitAbstractConditionalOperator(AbstractConditionalOperator* C) { 3619 C->getCond()->printPretty(OS, Helper, Policy); 3620 OS << " ? ... : ..."; 3621 } 3622 3623 void VisitChooseExpr(ChooseExpr *C) { 3624 OS << "__builtin_choose_expr( "; 3625 C->getCond()->printPretty(OS, Helper, Policy); 3626 OS << " )"; 3627 } 3628 3629 void VisitIndirectGotoStmt(IndirectGotoStmt *I) { 3630 OS << "goto *"; 3631 I->getTarget()->printPretty(OS, Helper, Policy); 3632 } 3633 3634 void VisitBinaryOperator(BinaryOperator* B) { 3635 if (!B->isLogicalOp()) { 3636 VisitExpr(B); 3637 return; 3638 } 3639 3640 B->getLHS()->printPretty(OS, Helper, Policy); 3641 3642 switch (B->getOpcode()) { 3643 case BO_LOr: 3644 OS << " || ..."; 3645 return; 3646 case BO_LAnd: 3647 OS << " && ..."; 3648 return; 3649 default: 3650 llvm_unreachable("Invalid logical operator."); 3651 } 3652 } 3653 3654 void VisitExpr(Expr *E) { 3655 E->printPretty(OS, Helper, Policy); 3656 } 3657 }; 3658 } // end anonymous namespace 3659 3660 static void print_elem(raw_ostream &OS, StmtPrinterHelper* Helper, 3661 const CFGElement &E) { 3662 if (Optional<CFGStmt> CS = E.getAs<CFGStmt>()) { 3663 const Stmt *S = CS->getStmt(); 3664 3665 if (Helper) { 3666 3667 // special printing for statement-expressions. 3668 if (const StmtExpr *SE = dyn_cast<StmtExpr>(S)) { 3669 const CompoundStmt *Sub = SE->getSubStmt(); 3670 3671 if (Sub->children()) { 3672 OS << "({ ... ; "; 3673 Helper->handledStmt(*SE->getSubStmt()->body_rbegin(),OS); 3674 OS << " })\n"; 3675 return; 3676 } 3677 } 3678 // special printing for comma expressions. 3679 if (const BinaryOperator* B = dyn_cast<BinaryOperator>(S)) { 3680 if (B->getOpcode() == BO_Comma) { 3681 OS << "... , "; 3682 Helper->handledStmt(B->getRHS(),OS); 3683 OS << '\n'; 3684 return; 3685 } 3686 } 3687 } 3688 S->printPretty(OS, Helper, PrintingPolicy(Helper->getLangOpts())); 3689 3690 if (isa<CXXOperatorCallExpr>(S)) { 3691 OS << " (OperatorCall)"; 3692 } 3693 else if (isa<CXXBindTemporaryExpr>(S)) { 3694 OS << " (BindTemporary)"; 3695 } 3696 else if (const CXXConstructExpr *CCE = dyn_cast<CXXConstructExpr>(S)) { 3697 OS << " (CXXConstructExpr, " << CCE->getType().getAsString() << ")"; 3698 } 3699 else if (const CastExpr *CE = dyn_cast<CastExpr>(S)) { 3700 OS << " (" << CE->getStmtClassName() << ", " 3701 << CE->getCastKindName() 3702 << ", " << CE->getType().getAsString() 3703 << ")"; 3704 } 3705 3706 // Expressions need a newline. 3707 if (isa<Expr>(S)) 3708 OS << '\n'; 3709 3710 } else if (Optional<CFGInitializer> IE = E.getAs<CFGInitializer>()) { 3711 const CXXCtorInitializer *I = IE->getInitializer(); 3712 if (I->isBaseInitializer()) 3713 OS << I->getBaseClass()->getAsCXXRecordDecl()->getName(); 3714 else OS << I->getAnyMember()->getName(); 3715 3716 OS << "("; 3717 if (Expr *IE = I->getInit()) 3718 IE->printPretty(OS, Helper, PrintingPolicy(Helper->getLangOpts())); 3719 OS << ")"; 3720 3721 if (I->isBaseInitializer()) 3722 OS << " (Base initializer)\n"; 3723 else OS << " (Member initializer)\n"; 3724 3725 } else if (Optional<CFGAutomaticObjDtor> DE = 3726 E.getAs<CFGAutomaticObjDtor>()) { 3727 const VarDecl *VD = DE->getVarDecl(); 3728 Helper->handleDecl(VD, OS); 3729 3730 const Type* T = VD->getType().getTypePtr(); 3731 if (const ReferenceType* RT = T->getAs<ReferenceType>()) 3732 T = RT->getPointeeType().getTypePtr(); 3733 T = T->getBaseElementTypeUnsafe(); 3734 3735 OS << ".~" << T->getAsCXXRecordDecl()->getName().str() << "()"; 3736 OS << " (Implicit destructor)\n"; 3737 3738 } else if (Optional<CFGBaseDtor> BE = E.getAs<CFGBaseDtor>()) { 3739 const CXXBaseSpecifier *BS = BE->getBaseSpecifier(); 3740 OS << "~" << BS->getType()->getAsCXXRecordDecl()->getName() << "()"; 3741 OS << " (Base object destructor)\n"; 3742 3743 } else if (Optional<CFGMemberDtor> ME = E.getAs<CFGMemberDtor>()) { 3744 const FieldDecl *FD = ME->getFieldDecl(); 3745 const Type *T = FD->getType()->getBaseElementTypeUnsafe(); 3746 OS << "this->" << FD->getName(); 3747 OS << ".~" << T->getAsCXXRecordDecl()->getName() << "()"; 3748 OS << " (Member object destructor)\n"; 3749 3750 } else if (Optional<CFGTemporaryDtor> TE = E.getAs<CFGTemporaryDtor>()) { 3751 const CXXBindTemporaryExpr *BT = TE->getBindTemporaryExpr(); 3752 OS << "~" << BT->getType()->getAsCXXRecordDecl()->getName() << "()"; 3753 OS << " (Temporary object destructor)\n"; 3754 } 3755 } 3756 3757 static void print_block(raw_ostream &OS, const CFG* cfg, 3758 const CFGBlock &B, 3759 StmtPrinterHelper* Helper, bool print_edges, 3760 bool ShowColors) { 3761 3762 if (Helper) 3763 Helper->setBlockID(B.getBlockID()); 3764 3765 // Print the header. 3766 if (ShowColors) 3767 OS.changeColor(raw_ostream::YELLOW, true); 3768 3769 OS << "\n [B" << B.getBlockID(); 3770 3771 if (&B == &cfg->getEntry()) 3772 OS << " (ENTRY)]\n"; 3773 else if (&B == &cfg->getExit()) 3774 OS << " (EXIT)]\n"; 3775 else if (&B == cfg->getIndirectGotoBlock()) 3776 OS << " (INDIRECT GOTO DISPATCH)]\n"; 3777 else 3778 OS << "]\n"; 3779 3780 if (ShowColors) 3781 OS.resetColor(); 3782 3783 // Print the label of this block. 3784 if (Stmt *Label = const_cast<Stmt*>(B.getLabel())) { 3785 3786 if (print_edges) 3787 OS << " "; 3788 3789 if (LabelStmt *L = dyn_cast<LabelStmt>(Label)) 3790 OS << L->getName(); 3791 else if (CaseStmt *C = dyn_cast<CaseStmt>(Label)) { 3792 OS << "case "; 3793 C->getLHS()->printPretty(OS, Helper, 3794 PrintingPolicy(Helper->getLangOpts())); 3795 if (C->getRHS()) { 3796 OS << " ... "; 3797 C->getRHS()->printPretty(OS, Helper, 3798 PrintingPolicy(Helper->getLangOpts())); 3799 } 3800 } else if (isa<DefaultStmt>(Label)) 3801 OS << "default"; 3802 else if (CXXCatchStmt *CS = dyn_cast<CXXCatchStmt>(Label)) { 3803 OS << "catch ("; 3804 if (CS->getExceptionDecl()) 3805 CS->getExceptionDecl()->print(OS, PrintingPolicy(Helper->getLangOpts()), 3806 0); 3807 else 3808 OS << "..."; 3809 OS << ")"; 3810 3811 } else 3812 llvm_unreachable("Invalid label statement in CFGBlock."); 3813 3814 OS << ":\n"; 3815 } 3816 3817 // Iterate through the statements in the block and print them. 3818 unsigned j = 1; 3819 3820 for (CFGBlock::const_iterator I = B.begin(), E = B.end() ; 3821 I != E ; ++I, ++j ) { 3822 3823 // Print the statement # in the basic block and the statement itself. 3824 if (print_edges) 3825 OS << " "; 3826 3827 OS << llvm::format("%3d", j) << ": "; 3828 3829 if (Helper) 3830 Helper->setStmtID(j); 3831 3832 print_elem(OS, Helper, *I); 3833 } 3834 3835 // Print the terminator of this block. 3836 if (B.getTerminator()) { 3837 if (ShowColors) 3838 OS.changeColor(raw_ostream::GREEN); 3839 3840 OS << " T: "; 3841 3842 if (Helper) Helper->setBlockID(-1); 3843 3844 PrintingPolicy PP(Helper ? Helper->getLangOpts() : LangOptions()); 3845 CFGBlockTerminatorPrint TPrinter(OS, Helper, PP); 3846 TPrinter.Visit(const_cast<Stmt*>(B.getTerminator().getStmt())); 3847 OS << '\n'; 3848 3849 if (ShowColors) 3850 OS.resetColor(); 3851 } 3852 3853 if (print_edges) { 3854 // Print the predecessors of this block. 3855 if (!B.pred_empty()) { 3856 const raw_ostream::Colors Color = raw_ostream::BLUE; 3857 if (ShowColors) 3858 OS.changeColor(Color); 3859 OS << " Preds " ; 3860 if (ShowColors) 3861 OS.resetColor(); 3862 OS << '(' << B.pred_size() << "):"; 3863 unsigned i = 0; 3864 3865 if (ShowColors) 3866 OS.changeColor(Color); 3867 3868 for (CFGBlock::const_pred_iterator I = B.pred_begin(), E = B.pred_end(); 3869 I != E; ++I, ++i) { 3870 3871 if (i % 10 == 8) 3872 OS << "\n "; 3873 3874 OS << " B" << (*I)->getBlockID(); 3875 } 3876 3877 if (ShowColors) 3878 OS.resetColor(); 3879 3880 OS << '\n'; 3881 } 3882 3883 // Print the successors of this block. 3884 if (!B.succ_empty()) { 3885 const raw_ostream::Colors Color = raw_ostream::MAGENTA; 3886 if (ShowColors) 3887 OS.changeColor(Color); 3888 OS << " Succs "; 3889 if (ShowColors) 3890 OS.resetColor(); 3891 OS << '(' << B.succ_size() << "):"; 3892 unsigned i = 0; 3893 3894 if (ShowColors) 3895 OS.changeColor(Color); 3896 3897 for (CFGBlock::const_succ_iterator I = B.succ_begin(), E = B.succ_end(); 3898 I != E; ++I, ++i) { 3899 3900 if (i % 10 == 8) 3901 OS << "\n "; 3902 3903 if (*I) 3904 OS << " B" << (*I)->getBlockID(); 3905 else 3906 OS << " NULL"; 3907 } 3908 3909 if (ShowColors) 3910 OS.resetColor(); 3911 OS << '\n'; 3912 } 3913 } 3914 } 3915 3916 3917 /// dump - A simple pretty printer of a CFG that outputs to stderr. 3918 void CFG::dump(const LangOptions &LO, bool ShowColors) const { 3919 print(llvm::errs(), LO, ShowColors); 3920 } 3921 3922 /// print - A simple pretty printer of a CFG that outputs to an ostream. 3923 void CFG::print(raw_ostream &OS, const LangOptions &LO, bool ShowColors) const { 3924 StmtPrinterHelper Helper(this, LO); 3925 3926 // Print the entry block. 3927 print_block(OS, this, getEntry(), &Helper, true, ShowColors); 3928 3929 // Iterate through the CFGBlocks and print them one by one. 3930 for (const_iterator I = Blocks.begin(), E = Blocks.end() ; I != E ; ++I) { 3931 // Skip the entry block, because we already printed it. 3932 if (&(**I) == &getEntry() || &(**I) == &getExit()) 3933 continue; 3934 3935 print_block(OS, this, **I, &Helper, true, ShowColors); 3936 } 3937 3938 // Print the exit block. 3939 print_block(OS, this, getExit(), &Helper, true, ShowColors); 3940 OS << '\n'; 3941 OS.flush(); 3942 } 3943 3944 /// dump - A simply pretty printer of a CFGBlock that outputs to stderr. 3945 void CFGBlock::dump(const CFG* cfg, const LangOptions &LO, 3946 bool ShowColors) const { 3947 print(llvm::errs(), cfg, LO, ShowColors); 3948 } 3949 3950 /// print - A simple pretty printer of a CFGBlock that outputs to an ostream. 3951 /// Generally this will only be called from CFG::print. 3952 void CFGBlock::print(raw_ostream &OS, const CFG* cfg, 3953 const LangOptions &LO, bool ShowColors) const { 3954 StmtPrinterHelper Helper(cfg, LO); 3955 print_block(OS, cfg, *this, &Helper, true, ShowColors); 3956 OS << '\n'; 3957 } 3958 3959 /// printTerminator - A simple pretty printer of the terminator of a CFGBlock. 3960 void CFGBlock::printTerminator(raw_ostream &OS, 3961 const LangOptions &LO) const { 3962 CFGBlockTerminatorPrint TPrinter(OS, NULL, PrintingPolicy(LO)); 3963 TPrinter.Visit(const_cast<Stmt*>(getTerminator().getStmt())); 3964 } 3965 3966 Stmt *CFGBlock::getTerminatorCondition() { 3967 Stmt *Terminator = this->Terminator; 3968 if (!Terminator) 3969 return NULL; 3970 3971 Expr *E = NULL; 3972 3973 switch (Terminator->getStmtClass()) { 3974 default: 3975 break; 3976 3977 case Stmt::CXXForRangeStmtClass: 3978 E = cast<CXXForRangeStmt>(Terminator)->getCond(); 3979 break; 3980 3981 case Stmt::ForStmtClass: 3982 E = cast<ForStmt>(Terminator)->getCond(); 3983 break; 3984 3985 case Stmt::WhileStmtClass: 3986 E = cast<WhileStmt>(Terminator)->getCond(); 3987 break; 3988 3989 case Stmt::DoStmtClass: 3990 E = cast<DoStmt>(Terminator)->getCond(); 3991 break; 3992 3993 case Stmt::IfStmtClass: 3994 E = cast<IfStmt>(Terminator)->getCond(); 3995 break; 3996 3997 case Stmt::ChooseExprClass: 3998 E = cast<ChooseExpr>(Terminator)->getCond(); 3999 break; 4000 4001 case Stmt::IndirectGotoStmtClass: 4002 E = cast<IndirectGotoStmt>(Terminator)->getTarget(); 4003 break; 4004 4005 case Stmt::SwitchStmtClass: 4006 E = cast<SwitchStmt>(Terminator)->getCond(); 4007 break; 4008 4009 case Stmt::BinaryConditionalOperatorClass: 4010 E = cast<BinaryConditionalOperator>(Terminator)->getCond(); 4011 break; 4012 4013 case Stmt::ConditionalOperatorClass: 4014 E = cast<ConditionalOperator>(Terminator)->getCond(); 4015 break; 4016 4017 case Stmt::BinaryOperatorClass: // '&&' and '||' 4018 E = cast<BinaryOperator>(Terminator)->getLHS(); 4019 break; 4020 4021 case Stmt::ObjCForCollectionStmtClass: 4022 return Terminator; 4023 } 4024 4025 return E ? E->IgnoreParens() : NULL; 4026 } 4027 4028 //===----------------------------------------------------------------------===// 4029 // CFG Graphviz Visualization 4030 //===----------------------------------------------------------------------===// 4031 4032 4033 #ifndef NDEBUG 4034 static StmtPrinterHelper* GraphHelper; 4035 #endif 4036 4037 void CFG::viewCFG(const LangOptions &LO) const { 4038 #ifndef NDEBUG 4039 StmtPrinterHelper H(this, LO); 4040 GraphHelper = &H; 4041 llvm::ViewGraph(this,"CFG"); 4042 GraphHelper = NULL; 4043 #endif 4044 } 4045 4046 namespace llvm { 4047 template<> 4048 struct DOTGraphTraits<const CFG*> : public DefaultDOTGraphTraits { 4049 4050 DOTGraphTraits (bool isSimple=false) : DefaultDOTGraphTraits(isSimple) {} 4051 4052 static std::string getNodeLabel(const CFGBlock *Node, const CFG* Graph) { 4053 4054 #ifndef NDEBUG 4055 std::string OutSStr; 4056 llvm::raw_string_ostream Out(OutSStr); 4057 print_block(Out,Graph, *Node, GraphHelper, false, false); 4058 std::string& OutStr = Out.str(); 4059 4060 if (OutStr[0] == '\n') OutStr.erase(OutStr.begin()); 4061 4062 // Process string output to make it nicer... 4063 for (unsigned i = 0; i != OutStr.length(); ++i) 4064 if (OutStr[i] == '\n') { // Left justify 4065 OutStr[i] = '\\'; 4066 OutStr.insert(OutStr.begin()+i+1, 'l'); 4067 } 4068 4069 return OutStr; 4070 #else 4071 return ""; 4072 #endif 4073 } 4074 }; 4075 } // end namespace llvm 4076
