CFG.cpp revision 3d1125b27e8006385a830f5b3748b7b44d227b4c
1 //===--- CFG.cpp - Classes for representing and building CFGs----*- C++ -*-===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This file defines the CFG and CFGBuilder classes for representing and 11// building Control-Flow Graphs (CFGs) from ASTs. 12// 13//===----------------------------------------------------------------------===// 14 15#include "llvm/Support/SaveAndRestore.h" 16#include "clang/Analysis/CFG.h" 17#include "clang/AST/ASTContext.h" 18#include "clang/AST/DeclCXX.h" 19#include "clang/AST/StmtVisitor.h" 20#include "clang/AST/PrettyPrinter.h" 21#include "clang/AST/CharUnits.h" 22#include "clang/Basic/AttrKinds.h" 23#include "llvm/Support/GraphWriter.h" 24#include "llvm/Support/Allocator.h" 25#include "llvm/Support/Format.h" 26#include "llvm/ADT/DenseMap.h" 27#include "llvm/ADT/SmallPtrSet.h" 28#include "llvm/ADT/OwningPtr.h" 29 30using namespace clang; 31 32namespace { 33 34static SourceLocation GetEndLoc(Decl *D) { 35 if (VarDecl *VD = dyn_cast<VarDecl>(D)) 36 if (Expr *Ex = VD->getInit()) 37 return Ex->getSourceRange().getEnd(); 38 return D->getLocation(); 39} 40 41class CFGBuilder; 42 43/// The CFG builder uses a recursive algorithm to build the CFG. When 44/// we process an expression, sometimes we know that we must add the 45/// subexpressions as block-level expressions. For example: 46/// 47/// exp1 || exp2 48/// 49/// When processing the '||' expression, we know that exp1 and exp2 50/// need to be added as block-level expressions, even though they 51/// might not normally need to be. AddStmtChoice records this 52/// contextual information. If AddStmtChoice is 'NotAlwaysAdd', then 53/// the builder has an option not to add a subexpression as a 54/// block-level expression. 55/// 56class AddStmtChoice { 57public: 58 enum Kind { NotAlwaysAdd = 0, AlwaysAdd = 1 }; 59 60 AddStmtChoice(Kind a_kind = NotAlwaysAdd) : kind(a_kind) {} 61 62 bool alwaysAdd(CFGBuilder &builder, 63 const Stmt *stmt) const; 64 65 /// Return a copy of this object, except with the 'always-add' bit 66 /// set as specified. 67 AddStmtChoice withAlwaysAdd(bool alwaysAdd) const { 68 return AddStmtChoice(alwaysAdd ? AlwaysAdd : NotAlwaysAdd); 69 } 70 71private: 72 Kind kind; 73}; 74 75/// LocalScope - Node in tree of local scopes created for C++ implicit 76/// destructor calls generation. It contains list of automatic variables 77/// declared in the scope and link to position in previous scope this scope 78/// began in. 79/// 80/// The process of creating local scopes is as follows: 81/// - Init CFGBuilder::ScopePos with invalid position (equivalent for null), 82/// - Before processing statements in scope (e.g. CompoundStmt) create 83/// LocalScope object using CFGBuilder::ScopePos as link to previous scope 84/// and set CFGBuilder::ScopePos to the end of new scope, 85/// - On every occurrence of VarDecl increase CFGBuilder::ScopePos if it points 86/// at this VarDecl, 87/// - For every normal (without jump) end of scope add to CFGBlock destructors 88/// for objects in the current scope, 89/// - For every jump add to CFGBlock destructors for objects 90/// between CFGBuilder::ScopePos and local scope position saved for jump 91/// target. Thanks to C++ restrictions on goto jumps we can be sure that 92/// jump target position will be on the path to root from CFGBuilder::ScopePos 93/// (adding any variable that doesn't need constructor to be called to 94/// LocalScope can break this assumption), 95/// 96class LocalScope { 97public: 98 typedef BumpVector<VarDecl*> AutomaticVarsTy; 99 100 /// const_iterator - Iterates local scope backwards and jumps to previous 101 /// scope on reaching the beginning of currently iterated scope. 102 class const_iterator { 103 const LocalScope* Scope; 104 105 /// VarIter is guaranteed to be greater then 0 for every valid iterator. 106 /// Invalid iterator (with null Scope) has VarIter equal to 0. 107 unsigned VarIter; 108 109 public: 110 /// Create invalid iterator. Dereferencing invalid iterator is not allowed. 111 /// Incrementing invalid iterator is allowed and will result in invalid 112 /// iterator. 113 const_iterator() 114 : Scope(NULL), VarIter(0) {} 115 116 /// Create valid iterator. In case when S.Prev is an invalid iterator and 117 /// I is equal to 0, this will create invalid iterator. 118 const_iterator(const LocalScope& S, unsigned I) 119 : Scope(&S), VarIter(I) { 120 // Iterator to "end" of scope is not allowed. Handle it by going up 121 // in scopes tree possibly up to invalid iterator in the root. 122 if (VarIter == 0 && Scope) 123 *this = Scope->Prev; 124 } 125 126 VarDecl *const* operator->() const { 127 assert (Scope && "Dereferencing invalid iterator is not allowed"); 128 assert (VarIter != 0 && "Iterator has invalid value of VarIter member"); 129 return &Scope->Vars[VarIter - 1]; 130 } 131 VarDecl *operator*() const { 132 return *this->operator->(); 133 } 134 135 const_iterator &operator++() { 136 if (!Scope) 137 return *this; 138 139 assert (VarIter != 0 && "Iterator has invalid value of VarIter member"); 140 --VarIter; 141 if (VarIter == 0) 142 *this = Scope->Prev; 143 return *this; 144 } 145 const_iterator operator++(int) { 146 const_iterator P = *this; 147 ++*this; 148 return P; 149 } 150 151 bool operator==(const const_iterator &rhs) const { 152 return Scope == rhs.Scope && VarIter == rhs.VarIter; 153 } 154 bool operator!=(const const_iterator &rhs) const { 155 return !(*this == rhs); 156 } 157 158 operator bool() const { 159 return *this != const_iterator(); 160 } 161 162 int distance(const_iterator L); 163 }; 164 165 friend class const_iterator; 166 167private: 168 BumpVectorContext ctx; 169 170 /// Automatic variables in order of declaration. 171 AutomaticVarsTy Vars; 172 /// Iterator to variable in previous scope that was declared just before 173 /// begin of this scope. 174 const_iterator Prev; 175 176public: 177 /// Constructs empty scope linked to previous scope in specified place. 178 LocalScope(BumpVectorContext &ctx, const_iterator P) 179 : ctx(ctx), Vars(ctx, 4), Prev(P) {} 180 181 /// Begin of scope in direction of CFG building (backwards). 182 const_iterator begin() const { return const_iterator(*this, Vars.size()); } 183 184 void addVar(VarDecl *VD) { 185 Vars.push_back(VD, ctx); 186 } 187}; 188 189/// distance - Calculates distance from this to L. L must be reachable from this 190/// (with use of ++ operator). Cost of calculating the distance is linear w.r.t. 191/// number of scopes between this and L. 192int LocalScope::const_iterator::distance(LocalScope::const_iterator L) { 193 int D = 0; 194 const_iterator F = *this; 195 while (F.Scope != L.Scope) { 196 assert (F != const_iterator() 197 && "L iterator is not reachable from F iterator."); 198 D += F.VarIter; 199 F = F.Scope->Prev; 200 } 201 D += F.VarIter - L.VarIter; 202 return D; 203} 204 205/// BlockScopePosPair - Structure for specifying position in CFG during its 206/// build process. It consists of CFGBlock that specifies position in CFG graph 207/// and LocalScope::const_iterator that specifies position in LocalScope graph. 208struct BlockScopePosPair { 209 BlockScopePosPair() : block(0) {} 210 BlockScopePosPair(CFGBlock *b, LocalScope::const_iterator scopePos) 211 : block(b), scopePosition(scopePos) {} 212 213 CFGBlock *block; 214 LocalScope::const_iterator scopePosition; 215}; 216 217/// TryResult - a class representing a variant over the values 218/// 'true', 'false', or 'unknown'. This is returned by tryEvaluateBool, 219/// and is used by the CFGBuilder to decide if a branch condition 220/// can be decided up front during CFG construction. 221class TryResult { 222 int X; 223public: 224 TryResult(bool b) : X(b ? 1 : 0) {} 225 TryResult() : X(-1) {} 226 227 bool isTrue() const { return X == 1; } 228 bool isFalse() const { return X == 0; } 229 bool isKnown() const { return X >= 0; } 230 void negate() { 231 assert(isKnown()); 232 X ^= 0x1; 233 } 234}; 235 236/// CFGBuilder - This class implements CFG construction from an AST. 237/// The builder is stateful: an instance of the builder should be used to only 238/// construct a single CFG. 239/// 240/// Example usage: 241/// 242/// CFGBuilder builder; 243/// CFG* cfg = builder.BuildAST(stmt1); 244/// 245/// CFG construction is done via a recursive walk of an AST. We actually parse 246/// the AST in reverse order so that the successor of a basic block is 247/// constructed prior to its predecessor. This allows us to nicely capture 248/// implicit fall-throughs without extra basic blocks. 249/// 250class CFGBuilder { 251 typedef BlockScopePosPair JumpTarget; 252 typedef BlockScopePosPair JumpSource; 253 254 ASTContext *Context; 255 OwningPtr<CFG> cfg; 256 257 CFGBlock *Block; 258 CFGBlock *Succ; 259 JumpTarget ContinueJumpTarget; 260 JumpTarget BreakJumpTarget; 261 CFGBlock *SwitchTerminatedBlock; 262 CFGBlock *DefaultCaseBlock; 263 CFGBlock *TryTerminatedBlock; 264 265 // Current position in local scope. 266 LocalScope::const_iterator ScopePos; 267 268 // LabelMap records the mapping from Label expressions to their jump targets. 269 typedef llvm::DenseMap<LabelDecl*, JumpTarget> LabelMapTy; 270 LabelMapTy LabelMap; 271 272 // A list of blocks that end with a "goto" that must be backpatched to their 273 // resolved targets upon completion of CFG construction. 274 typedef std::vector<JumpSource> BackpatchBlocksTy; 275 BackpatchBlocksTy BackpatchBlocks; 276 277 // A list of labels whose address has been taken (for indirect gotos). 278 typedef llvm::SmallPtrSet<LabelDecl*, 5> LabelSetTy; 279 LabelSetTy AddressTakenLabels; 280 281 bool badCFG; 282 const CFG::BuildOptions &BuildOpts; 283 284 // State to track for building switch statements. 285 bool switchExclusivelyCovered; 286 Expr::EvalResult *switchCond; 287 288 CFG::BuildOptions::ForcedBlkExprs::value_type *cachedEntry; 289 const Stmt *lastLookup; 290 291 // Caches boolean evaluations of expressions to avoid multiple re-evaluations 292 // during construction of branches for chained logical operators. 293 typedef llvm::DenseMap<Expr *, TryResult> CachedBoolEvalsTy; 294 CachedBoolEvalsTy CachedBoolEvals; 295 296public: 297 explicit CFGBuilder(ASTContext *astContext, 298 const CFG::BuildOptions &buildOpts) 299 : Context(astContext), cfg(new CFG()), // crew a new CFG 300 Block(NULL), Succ(NULL), 301 SwitchTerminatedBlock(NULL), DefaultCaseBlock(NULL), 302 TryTerminatedBlock(NULL), badCFG(false), BuildOpts(buildOpts), 303 switchExclusivelyCovered(false), switchCond(0), 304 cachedEntry(0), lastLookup(0) {} 305 306 // buildCFG - Used by external clients to construct the CFG. 307 CFG* buildCFG(const Decl *D, Stmt *Statement); 308 309 bool alwaysAdd(const Stmt *stmt); 310 311private: 312 // Visitors to walk an AST and construct the CFG. 313 CFGBlock *VisitAddrLabelExpr(AddrLabelExpr *A, AddStmtChoice asc); 314 CFGBlock *VisitBinaryOperator(BinaryOperator *B, AddStmtChoice asc); 315 CFGBlock *VisitBreakStmt(BreakStmt *B); 316 CFGBlock *VisitCallExpr(CallExpr *C, AddStmtChoice asc); 317 CFGBlock *VisitCaseStmt(CaseStmt *C); 318 CFGBlock *VisitChooseExpr(ChooseExpr *C, AddStmtChoice asc); 319 CFGBlock *VisitCompoundStmt(CompoundStmt *C); 320 CFGBlock *VisitConditionalOperator(AbstractConditionalOperator *C, 321 AddStmtChoice asc); 322 CFGBlock *VisitContinueStmt(ContinueStmt *C); 323 CFGBlock *VisitCXXBindTemporaryExpr(CXXBindTemporaryExpr *E, 324 AddStmtChoice asc); 325 CFGBlock *VisitCXXCatchStmt(CXXCatchStmt *S); 326 CFGBlock *VisitCXXConstructExpr(CXXConstructExpr *C, AddStmtChoice asc); 327 CFGBlock *VisitCXXForRangeStmt(CXXForRangeStmt *S); 328 CFGBlock *VisitCXXFunctionalCastExpr(CXXFunctionalCastExpr *E, 329 AddStmtChoice asc); 330 CFGBlock *VisitCXXTemporaryObjectExpr(CXXTemporaryObjectExpr *C, 331 AddStmtChoice asc); 332 CFGBlock *VisitCXXThrowExpr(CXXThrowExpr *T); 333 CFGBlock *VisitCXXTryStmt(CXXTryStmt *S); 334 CFGBlock *VisitDeclStmt(DeclStmt *DS); 335 CFGBlock *VisitDeclSubExpr(DeclStmt *DS); 336 CFGBlock *VisitDefaultStmt(DefaultStmt *D); 337 CFGBlock *VisitDoStmt(DoStmt *D); 338 CFGBlock *VisitExprWithCleanups(ExprWithCleanups *E, AddStmtChoice asc); 339 CFGBlock *VisitForStmt(ForStmt *F); 340 CFGBlock *VisitGotoStmt(GotoStmt *G); 341 CFGBlock *VisitIfStmt(IfStmt *I); 342 CFGBlock *VisitImplicitCastExpr(ImplicitCastExpr *E, AddStmtChoice asc); 343 CFGBlock *VisitIndirectGotoStmt(IndirectGotoStmt *I); 344 CFGBlock *VisitLabelStmt(LabelStmt *L); 345 CFGBlock *VisitLambdaExpr(LambdaExpr *E, AddStmtChoice asc); 346 CFGBlock *VisitLogicalOperator(BinaryOperator *B); 347 std::pair<CFGBlock *, CFGBlock *> VisitLogicalOperator(BinaryOperator *B, 348 Stmt *Term, 349 CFGBlock *TrueBlock, 350 CFGBlock *FalseBlock); 351 CFGBlock *VisitMemberExpr(MemberExpr *M, AddStmtChoice asc); 352 CFGBlock *VisitObjCAtCatchStmt(ObjCAtCatchStmt *S); 353 CFGBlock *VisitObjCAtSynchronizedStmt(ObjCAtSynchronizedStmt *S); 354 CFGBlock *VisitObjCAtThrowStmt(ObjCAtThrowStmt *S); 355 CFGBlock *VisitObjCAtTryStmt(ObjCAtTryStmt *S); 356 CFGBlock *VisitObjCAutoreleasePoolStmt(ObjCAutoreleasePoolStmt *S); 357 CFGBlock *VisitObjCForCollectionStmt(ObjCForCollectionStmt *S); 358 CFGBlock *VisitPseudoObjectExpr(PseudoObjectExpr *E); 359 CFGBlock *VisitReturnStmt(ReturnStmt *R); 360 CFGBlock *VisitStmtExpr(StmtExpr *S, AddStmtChoice asc); 361 CFGBlock *VisitSwitchStmt(SwitchStmt *S); 362 CFGBlock *VisitUnaryExprOrTypeTraitExpr(UnaryExprOrTypeTraitExpr *E, 363 AddStmtChoice asc); 364 CFGBlock *VisitUnaryOperator(UnaryOperator *U, AddStmtChoice asc); 365 CFGBlock *VisitWhileStmt(WhileStmt *W); 366 367 CFGBlock *Visit(Stmt *S, AddStmtChoice asc = AddStmtChoice::NotAlwaysAdd); 368 CFGBlock *VisitStmt(Stmt *S, AddStmtChoice asc); 369 CFGBlock *VisitChildren(Stmt *S); 370 CFGBlock *VisitNoRecurse(Expr *E, AddStmtChoice asc); 371 372 // Visitors to walk an AST and generate destructors of temporaries in 373 // full expression. 374 CFGBlock *VisitForTemporaryDtors(Stmt *E, bool BindToTemporary = false); 375 CFGBlock *VisitChildrenForTemporaryDtors(Stmt *E); 376 CFGBlock *VisitBinaryOperatorForTemporaryDtors(BinaryOperator *E); 377 CFGBlock *VisitCXXBindTemporaryExprForTemporaryDtors(CXXBindTemporaryExpr *E, 378 bool BindToTemporary); 379 CFGBlock * 380 VisitConditionalOperatorForTemporaryDtors(AbstractConditionalOperator *E, 381 bool BindToTemporary); 382 383 // NYS == Not Yet Supported 384 CFGBlock *NYS() { 385 badCFG = true; 386 return Block; 387 } 388 389 void autoCreateBlock() { if (!Block) Block = createBlock(); } 390 CFGBlock *createBlock(bool add_successor = true); 391 CFGBlock *createNoReturnBlock(); 392 393 CFGBlock *addStmt(Stmt *S) { 394 return Visit(S, AddStmtChoice::AlwaysAdd); 395 } 396 CFGBlock *addInitializer(CXXCtorInitializer *I); 397 void addAutomaticObjDtors(LocalScope::const_iterator B, 398 LocalScope::const_iterator E, Stmt *S); 399 void addImplicitDtorsForDestructor(const CXXDestructorDecl *DD); 400 401 // Local scopes creation. 402 LocalScope* createOrReuseLocalScope(LocalScope* Scope); 403 404 void addLocalScopeForStmt(Stmt *S); 405 LocalScope* addLocalScopeForDeclStmt(DeclStmt *DS, LocalScope* Scope = NULL); 406 LocalScope* addLocalScopeForVarDecl(VarDecl *VD, LocalScope* Scope = NULL); 407 408 void addLocalScopeAndDtors(Stmt *S); 409 410 // Interface to CFGBlock - adding CFGElements. 411 void appendStmt(CFGBlock *B, const Stmt *S) { 412 if (alwaysAdd(S) && cachedEntry) 413 cachedEntry->second = B; 414 415 // All block-level expressions should have already been IgnoreParens()ed. 416 assert(!isa<Expr>(S) || cast<Expr>(S)->IgnoreParens() == S); 417 B->appendStmt(const_cast<Stmt*>(S), cfg->getBumpVectorContext()); 418 } 419 void appendInitializer(CFGBlock *B, CXXCtorInitializer *I) { 420 B->appendInitializer(I, cfg->getBumpVectorContext()); 421 } 422 void appendBaseDtor(CFGBlock *B, const CXXBaseSpecifier *BS) { 423 B->appendBaseDtor(BS, cfg->getBumpVectorContext()); 424 } 425 void appendMemberDtor(CFGBlock *B, FieldDecl *FD) { 426 B->appendMemberDtor(FD, cfg->getBumpVectorContext()); 427 } 428 void appendTemporaryDtor(CFGBlock *B, CXXBindTemporaryExpr *E) { 429 B->appendTemporaryDtor(E, cfg->getBumpVectorContext()); 430 } 431 void appendAutomaticObjDtor(CFGBlock *B, VarDecl *VD, Stmt *S) { 432 B->appendAutomaticObjDtor(VD, S, cfg->getBumpVectorContext()); 433 } 434 435 void prependAutomaticObjDtorsWithTerminator(CFGBlock *Blk, 436 LocalScope::const_iterator B, LocalScope::const_iterator E); 437 438 void addSuccessor(CFGBlock *B, CFGBlock *S) { 439 B->addSuccessor(S, cfg->getBumpVectorContext()); 440 } 441 442 /// Try and evaluate an expression to an integer constant. 443 bool tryEvaluate(Expr *S, Expr::EvalResult &outResult) { 444 if (!BuildOpts.PruneTriviallyFalseEdges) 445 return false; 446 return !S->isTypeDependent() && 447 !S->isValueDependent() && 448 S->EvaluateAsRValue(outResult, *Context); 449 } 450 451 /// tryEvaluateBool - Try and evaluate the Stmt and return 0 or 1 452 /// if we can evaluate to a known value, otherwise return -1. 453 TryResult tryEvaluateBool(Expr *S) { 454 if (!BuildOpts.PruneTriviallyFalseEdges || 455 S->isTypeDependent() || S->isValueDependent()) 456 return TryResult(); 457 458 if (BinaryOperator *Bop = dyn_cast<BinaryOperator>(S)) { 459 if (Bop->isLogicalOp()) { 460 // Check the cache first. 461 CachedBoolEvalsTy::iterator I = CachedBoolEvals.find(S); 462 if (I != CachedBoolEvals.end()) 463 return I->second; // already in map; 464 465 // Retrieve result at first, or the map might be updated. 466 TryResult Result = evaluateAsBooleanConditionNoCache(S); 467 CachedBoolEvals[S] = Result; // update or insert 468 return Result; 469 } 470 else { 471 switch (Bop->getOpcode()) { 472 default: break; 473 // For 'x & 0' and 'x * 0', we can determine that 474 // the value is always false. 475 case BO_Mul: 476 case BO_And: { 477 // If either operand is zero, we know the value 478 // must be false. 479 llvm::APSInt IntVal; 480 if (Bop->getLHS()->EvaluateAsInt(IntVal, *Context)) { 481 if (IntVal.getBoolValue() == false) { 482 return TryResult(false); 483 } 484 } 485 if (Bop->getRHS()->EvaluateAsInt(IntVal, *Context)) { 486 if (IntVal.getBoolValue() == false) { 487 return TryResult(false); 488 } 489 } 490 } 491 break; 492 } 493 } 494 } 495 496 return evaluateAsBooleanConditionNoCache(S); 497 } 498 499 /// \brief Evaluate as boolean \param E without using the cache. 500 TryResult evaluateAsBooleanConditionNoCache(Expr *E) { 501 if (BinaryOperator *Bop = dyn_cast<BinaryOperator>(E)) { 502 if (Bop->isLogicalOp()) { 503 TryResult LHS = tryEvaluateBool(Bop->getLHS()); 504 if (LHS.isKnown()) { 505 // We were able to evaluate the LHS, see if we can get away with not 506 // evaluating the RHS: 0 && X -> 0, 1 || X -> 1 507 if (LHS.isTrue() == (Bop->getOpcode() == BO_LOr)) 508 return LHS.isTrue(); 509 510 TryResult RHS = tryEvaluateBool(Bop->getRHS()); 511 if (RHS.isKnown()) { 512 if (Bop->getOpcode() == BO_LOr) 513 return LHS.isTrue() || RHS.isTrue(); 514 else 515 return LHS.isTrue() && RHS.isTrue(); 516 } 517 } else { 518 TryResult RHS = tryEvaluateBool(Bop->getRHS()); 519 if (RHS.isKnown()) { 520 // We can't evaluate the LHS; however, sometimes the result 521 // is determined by the RHS: X && 0 -> 0, X || 1 -> 1. 522 if (RHS.isTrue() == (Bop->getOpcode() == BO_LOr)) 523 return RHS.isTrue(); 524 } 525 } 526 527 return TryResult(); 528 } 529 } 530 531 bool Result; 532 if (E->EvaluateAsBooleanCondition(Result, *Context)) 533 return Result; 534 535 return TryResult(); 536 } 537 538}; 539 540inline bool AddStmtChoice::alwaysAdd(CFGBuilder &builder, 541 const Stmt *stmt) const { 542 return builder.alwaysAdd(stmt) || kind == AlwaysAdd; 543} 544 545bool CFGBuilder::alwaysAdd(const Stmt *stmt) { 546 bool shouldAdd = BuildOpts.alwaysAdd(stmt); 547 548 if (!BuildOpts.forcedBlkExprs) 549 return shouldAdd; 550 551 if (lastLookup == stmt) { 552 if (cachedEntry) { 553 assert(cachedEntry->first == stmt); 554 return true; 555 } 556 return shouldAdd; 557 } 558 559 lastLookup = stmt; 560 561 // Perform the lookup! 562 CFG::BuildOptions::ForcedBlkExprs *fb = *BuildOpts.forcedBlkExprs; 563 564 if (!fb) { 565 // No need to update 'cachedEntry', since it will always be null. 566 assert(cachedEntry == 0); 567 return shouldAdd; 568 } 569 570 CFG::BuildOptions::ForcedBlkExprs::iterator itr = fb->find(stmt); 571 if (itr == fb->end()) { 572 cachedEntry = 0; 573 return shouldAdd; 574 } 575 576 cachedEntry = &*itr; 577 return true; 578} 579 580// FIXME: Add support for dependent-sized array types in C++? 581// Does it even make sense to build a CFG for an uninstantiated template? 582static const VariableArrayType *FindVA(const Type *t) { 583 while (const ArrayType *vt = dyn_cast<ArrayType>(t)) { 584 if (const VariableArrayType *vat = dyn_cast<VariableArrayType>(vt)) 585 if (vat->getSizeExpr()) 586 return vat; 587 588 t = vt->getElementType().getTypePtr(); 589 } 590 591 return 0; 592} 593 594/// BuildCFG - Constructs a CFG from an AST (a Stmt*). The AST can represent an 595/// arbitrary statement. Examples include a single expression or a function 596/// body (compound statement). The ownership of the returned CFG is 597/// transferred to the caller. If CFG construction fails, this method returns 598/// NULL. 599CFG* CFGBuilder::buildCFG(const Decl *D, Stmt *Statement) { 600 assert(cfg.get()); 601 if (!Statement) 602 return NULL; 603 604 // Create an empty block that will serve as the exit block for the CFG. Since 605 // this is the first block added to the CFG, it will be implicitly registered 606 // as the exit block. 607 Succ = createBlock(); 608 assert(Succ == &cfg->getExit()); 609 Block = NULL; // the EXIT block is empty. Create all other blocks lazily. 610 611 if (BuildOpts.AddImplicitDtors) 612 if (const CXXDestructorDecl *DD = dyn_cast_or_null<CXXDestructorDecl>(D)) 613 addImplicitDtorsForDestructor(DD); 614 615 // Visit the statements and create the CFG. 616 CFGBlock *B = addStmt(Statement); 617 618 if (badCFG) 619 return NULL; 620 621 // For C++ constructor add initializers to CFG. 622 if (const CXXConstructorDecl *CD = dyn_cast_or_null<CXXConstructorDecl>(D)) { 623 for (CXXConstructorDecl::init_const_reverse_iterator I = CD->init_rbegin(), 624 E = CD->init_rend(); I != E; ++I) { 625 B = addInitializer(*I); 626 if (badCFG) 627 return NULL; 628 } 629 } 630 631 if (B) 632 Succ = B; 633 634 // Backpatch the gotos whose label -> block mappings we didn't know when we 635 // encountered them. 636 for (BackpatchBlocksTy::iterator I = BackpatchBlocks.begin(), 637 E = BackpatchBlocks.end(); I != E; ++I ) { 638 639 CFGBlock *B = I->block; 640 GotoStmt *G = cast<GotoStmt>(B->getTerminator()); 641 LabelMapTy::iterator LI = LabelMap.find(G->getLabel()); 642 643 // If there is no target for the goto, then we are looking at an 644 // incomplete AST. Handle this by not registering a successor. 645 if (LI == LabelMap.end()) continue; 646 647 JumpTarget JT = LI->second; 648 prependAutomaticObjDtorsWithTerminator(B, I->scopePosition, 649 JT.scopePosition); 650 addSuccessor(B, JT.block); 651 } 652 653 // Add successors to the Indirect Goto Dispatch block (if we have one). 654 if (CFGBlock *B = cfg->getIndirectGotoBlock()) 655 for (LabelSetTy::iterator I = AddressTakenLabels.begin(), 656 E = AddressTakenLabels.end(); I != E; ++I ) { 657 658 // Lookup the target block. 659 LabelMapTy::iterator LI = LabelMap.find(*I); 660 661 // If there is no target block that contains label, then we are looking 662 // at an incomplete AST. Handle this by not registering a successor. 663 if (LI == LabelMap.end()) continue; 664 665 addSuccessor(B, LI->second.block); 666 } 667 668 // Create an empty entry block that has no predecessors. 669 cfg->setEntry(createBlock()); 670 671 return cfg.take(); 672} 673 674/// createBlock - Used to lazily create blocks that are connected 675/// to the current (global) succcessor. 676CFGBlock *CFGBuilder::createBlock(bool add_successor) { 677 CFGBlock *B = cfg->createBlock(); 678 if (add_successor && Succ) 679 addSuccessor(B, Succ); 680 return B; 681} 682 683/// createNoReturnBlock - Used to create a block is a 'noreturn' point in the 684/// CFG. It is *not* connected to the current (global) successor, and instead 685/// directly tied to the exit block in order to be reachable. 686CFGBlock *CFGBuilder::createNoReturnBlock() { 687 CFGBlock *B = createBlock(false); 688 B->setHasNoReturnElement(); 689 addSuccessor(B, &cfg->getExit()); 690 return B; 691} 692 693/// addInitializer - Add C++ base or member initializer element to CFG. 694CFGBlock *CFGBuilder::addInitializer(CXXCtorInitializer *I) { 695 if (!BuildOpts.AddInitializers) 696 return Block; 697 698 bool IsReference = false; 699 bool HasTemporaries = false; 700 701 // Destructors of temporaries in initialization expression should be called 702 // after initialization finishes. 703 Expr *Init = I->getInit(); 704 if (Init) { 705 if (FieldDecl *FD = I->getAnyMember()) 706 IsReference = FD->getType()->isReferenceType(); 707 HasTemporaries = isa<ExprWithCleanups>(Init); 708 709 if (BuildOpts.AddImplicitDtors && HasTemporaries) { 710 // Generate destructors for temporaries in initialization expression. 711 VisitForTemporaryDtors(cast<ExprWithCleanups>(Init)->getSubExpr(), 712 IsReference); 713 } 714 } 715 716 autoCreateBlock(); 717 appendInitializer(Block, I); 718 719 if (Init) { 720 if (HasTemporaries) { 721 // For expression with temporaries go directly to subexpression to omit 722 // generating destructors for the second time. 723 return Visit(cast<ExprWithCleanups>(Init)->getSubExpr()); 724 } 725 return Visit(Init); 726 } 727 728 return Block; 729} 730 731/// \brief Retrieve the type of the temporary object whose lifetime was 732/// extended by a local reference with the given initializer. 733static QualType getReferenceInitTemporaryType(ASTContext &Context, 734 const Expr *Init) { 735 while (true) { 736 // Skip parentheses. 737 Init = Init->IgnoreParens(); 738 739 // Skip through cleanups. 740 if (const ExprWithCleanups *EWC = dyn_cast<ExprWithCleanups>(Init)) { 741 Init = EWC->getSubExpr(); 742 continue; 743 } 744 745 // Skip through the temporary-materialization expression. 746 if (const MaterializeTemporaryExpr *MTE 747 = dyn_cast<MaterializeTemporaryExpr>(Init)) { 748 Init = MTE->GetTemporaryExpr(); 749 continue; 750 } 751 752 // Skip derived-to-base and no-op casts. 753 if (const CastExpr *CE = dyn_cast<CastExpr>(Init)) { 754 if ((CE->getCastKind() == CK_DerivedToBase || 755 CE->getCastKind() == CK_UncheckedDerivedToBase || 756 CE->getCastKind() == CK_NoOp) && 757 Init->getType()->isRecordType()) { 758 Init = CE->getSubExpr(); 759 continue; 760 } 761 } 762 763 // Skip member accesses into rvalues. 764 if (const MemberExpr *ME = dyn_cast<MemberExpr>(Init)) { 765 if (!ME->isArrow() && ME->getBase()->isRValue()) { 766 Init = ME->getBase(); 767 continue; 768 } 769 } 770 771 break; 772 } 773 774 return Init->getType(); 775} 776 777/// addAutomaticObjDtors - Add to current block automatic objects destructors 778/// for objects in range of local scope positions. Use S as trigger statement 779/// for destructors. 780void CFGBuilder::addAutomaticObjDtors(LocalScope::const_iterator B, 781 LocalScope::const_iterator E, Stmt *S) { 782 if (!BuildOpts.AddImplicitDtors) 783 return; 784 785 if (B == E) 786 return; 787 788 // We need to append the destructors in reverse order, but any one of them 789 // may be a no-return destructor which changes the CFG. As a result, buffer 790 // this sequence up and replay them in reverse order when appending onto the 791 // CFGBlock(s). 792 SmallVector<VarDecl*, 10> Decls; 793 Decls.reserve(B.distance(E)); 794 for (LocalScope::const_iterator I = B; I != E; ++I) 795 Decls.push_back(*I); 796 797 for (SmallVectorImpl<VarDecl*>::reverse_iterator I = Decls.rbegin(), 798 E = Decls.rend(); 799 I != E; ++I) { 800 // If this destructor is marked as a no-return destructor, we need to 801 // create a new block for the destructor which does not have as a successor 802 // anything built thus far: control won't flow out of this block. 803 QualType Ty = (*I)->getType(); 804 if (Ty->isReferenceType()) { 805 Ty = getReferenceInitTemporaryType(*Context, (*I)->getInit()); 806 } 807 Ty = Context->getBaseElementType(Ty); 808 809 const CXXDestructorDecl *Dtor = Ty->getAsCXXRecordDecl()->getDestructor(); 810 if (cast<FunctionType>(Dtor->getType())->getNoReturnAttr()) 811 Block = createNoReturnBlock(); 812 else 813 autoCreateBlock(); 814 815 appendAutomaticObjDtor(Block, *I, S); 816 } 817} 818 819/// addImplicitDtorsForDestructor - Add implicit destructors generated for 820/// base and member objects in destructor. 821void CFGBuilder::addImplicitDtorsForDestructor(const CXXDestructorDecl *DD) { 822 assert (BuildOpts.AddImplicitDtors 823 && "Can be called only when dtors should be added"); 824 const CXXRecordDecl *RD = DD->getParent(); 825 826 // At the end destroy virtual base objects. 827 for (CXXRecordDecl::base_class_const_iterator VI = RD->vbases_begin(), 828 VE = RD->vbases_end(); VI != VE; ++VI) { 829 const CXXRecordDecl *CD = VI->getType()->getAsCXXRecordDecl(); 830 if (!CD->hasTrivialDestructor()) { 831 autoCreateBlock(); 832 appendBaseDtor(Block, VI); 833 } 834 } 835 836 // Before virtual bases destroy direct base objects. 837 for (CXXRecordDecl::base_class_const_iterator BI = RD->bases_begin(), 838 BE = RD->bases_end(); BI != BE; ++BI) { 839 if (!BI->isVirtual()) { 840 const CXXRecordDecl *CD = BI->getType()->getAsCXXRecordDecl(); 841 if (!CD->hasTrivialDestructor()) { 842 autoCreateBlock(); 843 appendBaseDtor(Block, BI); 844 } 845 } 846 } 847 848 // First destroy member objects. 849 for (CXXRecordDecl::field_iterator FI = RD->field_begin(), 850 FE = RD->field_end(); FI != FE; ++FI) { 851 // Check for constant size array. Set type to array element type. 852 QualType QT = FI->getType(); 853 if (const ConstantArrayType *AT = Context->getAsConstantArrayType(QT)) { 854 if (AT->getSize() == 0) 855 continue; 856 QT = AT->getElementType(); 857 } 858 859 if (const CXXRecordDecl *CD = QT->getAsCXXRecordDecl()) 860 if (!CD->hasTrivialDestructor()) { 861 autoCreateBlock(); 862 appendMemberDtor(Block, *FI); 863 } 864 } 865} 866 867/// createOrReuseLocalScope - If Scope is NULL create new LocalScope. Either 868/// way return valid LocalScope object. 869LocalScope* CFGBuilder::createOrReuseLocalScope(LocalScope* Scope) { 870 if (!Scope) { 871 llvm::BumpPtrAllocator &alloc = cfg->getAllocator(); 872 Scope = alloc.Allocate<LocalScope>(); 873 BumpVectorContext ctx(alloc); 874 new (Scope) LocalScope(ctx, ScopePos); 875 } 876 return Scope; 877} 878 879/// addLocalScopeForStmt - Add LocalScope to local scopes tree for statement 880/// that should create implicit scope (e.g. if/else substatements). 881void CFGBuilder::addLocalScopeForStmt(Stmt *S) { 882 if (!BuildOpts.AddImplicitDtors) 883 return; 884 885 LocalScope *Scope = 0; 886 887 // For compound statement we will be creating explicit scope. 888 if (CompoundStmt *CS = dyn_cast<CompoundStmt>(S)) { 889 for (CompoundStmt::body_iterator BI = CS->body_begin(), BE = CS->body_end() 890 ; BI != BE; ++BI) { 891 Stmt *SI = (*BI)->stripLabelLikeStatements(); 892 if (DeclStmt *DS = dyn_cast<DeclStmt>(SI)) 893 Scope = addLocalScopeForDeclStmt(DS, Scope); 894 } 895 return; 896 } 897 898 // For any other statement scope will be implicit and as such will be 899 // interesting only for DeclStmt. 900 if (DeclStmt *DS = dyn_cast<DeclStmt>(S->stripLabelLikeStatements())) 901 addLocalScopeForDeclStmt(DS); 902} 903 904/// addLocalScopeForDeclStmt - Add LocalScope for declaration statement. Will 905/// reuse Scope if not NULL. 906LocalScope* CFGBuilder::addLocalScopeForDeclStmt(DeclStmt *DS, 907 LocalScope* Scope) { 908 if (!BuildOpts.AddImplicitDtors) 909 return Scope; 910 911 for (DeclStmt::decl_iterator DI = DS->decl_begin(), DE = DS->decl_end() 912 ; DI != DE; ++DI) { 913 if (VarDecl *VD = dyn_cast<VarDecl>(*DI)) 914 Scope = addLocalScopeForVarDecl(VD, Scope); 915 } 916 return Scope; 917} 918 919/// addLocalScopeForVarDecl - Add LocalScope for variable declaration. It will 920/// create add scope for automatic objects and temporary objects bound to 921/// const reference. Will reuse Scope if not NULL. 922LocalScope* CFGBuilder::addLocalScopeForVarDecl(VarDecl *VD, 923 LocalScope* Scope) { 924 if (!BuildOpts.AddImplicitDtors) 925 return Scope; 926 927 // Check if variable is local. 928 switch (VD->getStorageClass()) { 929 case SC_None: 930 case SC_Auto: 931 case SC_Register: 932 break; 933 default: return Scope; 934 } 935 936 // Check for const references bound to temporary. Set type to pointee. 937 QualType QT = VD->getType(); 938 if (QT.getTypePtr()->isReferenceType()) { 939 if (!VD->extendsLifetimeOfTemporary()) 940 return Scope; 941 942 QT = getReferenceInitTemporaryType(*Context, VD->getInit()); 943 } 944 945 // Check for constant size array. Set type to array element type. 946 while (const ConstantArrayType *AT = Context->getAsConstantArrayType(QT)) { 947 if (AT->getSize() == 0) 948 return Scope; 949 QT = AT->getElementType(); 950 } 951 952 // Check if type is a C++ class with non-trivial destructor. 953 if (const CXXRecordDecl *CD = QT->getAsCXXRecordDecl()) 954 if (!CD->hasTrivialDestructor()) { 955 // Add the variable to scope 956 Scope = createOrReuseLocalScope(Scope); 957 Scope->addVar(VD); 958 ScopePos = Scope->begin(); 959 } 960 return Scope; 961} 962 963/// addLocalScopeAndDtors - For given statement add local scope for it and 964/// add destructors that will cleanup the scope. Will reuse Scope if not NULL. 965void CFGBuilder::addLocalScopeAndDtors(Stmt *S) { 966 if (!BuildOpts.AddImplicitDtors) 967 return; 968 969 LocalScope::const_iterator scopeBeginPos = ScopePos; 970 addLocalScopeForStmt(S); 971 addAutomaticObjDtors(ScopePos, scopeBeginPos, S); 972} 973 974/// prependAutomaticObjDtorsWithTerminator - Prepend destructor CFGElements for 975/// variables with automatic storage duration to CFGBlock's elements vector. 976/// Elements will be prepended to physical beginning of the vector which 977/// happens to be logical end. Use blocks terminator as statement that specifies 978/// destructors call site. 979/// FIXME: This mechanism for adding automatic destructors doesn't handle 980/// no-return destructors properly. 981void CFGBuilder::prependAutomaticObjDtorsWithTerminator(CFGBlock *Blk, 982 LocalScope::const_iterator B, LocalScope::const_iterator E) { 983 BumpVectorContext &C = cfg->getBumpVectorContext(); 984 CFGBlock::iterator InsertPos 985 = Blk->beginAutomaticObjDtorsInsert(Blk->end(), B.distance(E), C); 986 for (LocalScope::const_iterator I = B; I != E; ++I) 987 InsertPos = Blk->insertAutomaticObjDtor(InsertPos, *I, 988 Blk->getTerminator()); 989} 990 991/// Visit - Walk the subtree of a statement and add extra 992/// blocks for ternary operators, &&, and ||. We also process "," and 993/// DeclStmts (which may contain nested control-flow). 994CFGBlock *CFGBuilder::Visit(Stmt * S, AddStmtChoice asc) { 995 if (!S) { 996 badCFG = true; 997 return 0; 998 } 999 1000 if (Expr *E = dyn_cast<Expr>(S)) 1001 S = E->IgnoreParens(); 1002 1003 switch (S->getStmtClass()) { 1004 default: 1005 return VisitStmt(S, asc); 1006 1007 case Stmt::AddrLabelExprClass: 1008 return VisitAddrLabelExpr(cast<AddrLabelExpr>(S), asc); 1009 1010 case Stmt::BinaryConditionalOperatorClass: 1011 return VisitConditionalOperator(cast<BinaryConditionalOperator>(S), asc); 1012 1013 case Stmt::BinaryOperatorClass: 1014 return VisitBinaryOperator(cast<BinaryOperator>(S), asc); 1015 1016 case Stmt::BlockExprClass: 1017 return VisitNoRecurse(cast<Expr>(S), asc); 1018 1019 case Stmt::BreakStmtClass: 1020 return VisitBreakStmt(cast<BreakStmt>(S)); 1021 1022 case Stmt::CallExprClass: 1023 case Stmt::CXXOperatorCallExprClass: 1024 case Stmt::CXXMemberCallExprClass: 1025 case Stmt::UserDefinedLiteralClass: 1026 return VisitCallExpr(cast<CallExpr>(S), asc); 1027 1028 case Stmt::CaseStmtClass: 1029 return VisitCaseStmt(cast<CaseStmt>(S)); 1030 1031 case Stmt::ChooseExprClass: 1032 return VisitChooseExpr(cast<ChooseExpr>(S), asc); 1033 1034 case Stmt::CompoundStmtClass: 1035 return VisitCompoundStmt(cast<CompoundStmt>(S)); 1036 1037 case Stmt::ConditionalOperatorClass: 1038 return VisitConditionalOperator(cast<ConditionalOperator>(S), asc); 1039 1040 case Stmt::ContinueStmtClass: 1041 return VisitContinueStmt(cast<ContinueStmt>(S)); 1042 1043 case Stmt::CXXCatchStmtClass: 1044 return VisitCXXCatchStmt(cast<CXXCatchStmt>(S)); 1045 1046 case Stmt::ExprWithCleanupsClass: 1047 return VisitExprWithCleanups(cast<ExprWithCleanups>(S), asc); 1048 1049 case Stmt::CXXDefaultArgExprClass: 1050 // FIXME: The expression inside a CXXDefaultArgExpr is owned by the 1051 // called function's declaration, not by the caller. If we simply add 1052 // this expression to the CFG, we could end up with the same Expr 1053 // appearing multiple times. 1054 // PR13385 / <rdar://problem/12156507> 1055 return VisitStmt(S, asc); 1056 1057 case Stmt::CXXBindTemporaryExprClass: 1058 return VisitCXXBindTemporaryExpr(cast<CXXBindTemporaryExpr>(S), asc); 1059 1060 case Stmt::CXXConstructExprClass: 1061 return VisitCXXConstructExpr(cast<CXXConstructExpr>(S), asc); 1062 1063 case Stmt::CXXFunctionalCastExprClass: 1064 return VisitCXXFunctionalCastExpr(cast<CXXFunctionalCastExpr>(S), asc); 1065 1066 case Stmt::CXXTemporaryObjectExprClass: 1067 return VisitCXXTemporaryObjectExpr(cast<CXXTemporaryObjectExpr>(S), asc); 1068 1069 case Stmt::CXXThrowExprClass: 1070 return VisitCXXThrowExpr(cast<CXXThrowExpr>(S)); 1071 1072 case Stmt::CXXTryStmtClass: 1073 return VisitCXXTryStmt(cast<CXXTryStmt>(S)); 1074 1075 case Stmt::CXXForRangeStmtClass: 1076 return VisitCXXForRangeStmt(cast<CXXForRangeStmt>(S)); 1077 1078 case Stmt::DeclStmtClass: 1079 return VisitDeclStmt(cast<DeclStmt>(S)); 1080 1081 case Stmt::DefaultStmtClass: 1082 return VisitDefaultStmt(cast<DefaultStmt>(S)); 1083 1084 case Stmt::DoStmtClass: 1085 return VisitDoStmt(cast<DoStmt>(S)); 1086 1087 case Stmt::ForStmtClass: 1088 return VisitForStmt(cast<ForStmt>(S)); 1089 1090 case Stmt::GotoStmtClass: 1091 return VisitGotoStmt(cast<GotoStmt>(S)); 1092 1093 case Stmt::IfStmtClass: 1094 return VisitIfStmt(cast<IfStmt>(S)); 1095 1096 case Stmt::ImplicitCastExprClass: 1097 return VisitImplicitCastExpr(cast<ImplicitCastExpr>(S), asc); 1098 1099 case Stmt::IndirectGotoStmtClass: 1100 return VisitIndirectGotoStmt(cast<IndirectGotoStmt>(S)); 1101 1102 case Stmt::LabelStmtClass: 1103 return VisitLabelStmt(cast<LabelStmt>(S)); 1104 1105 case Stmt::LambdaExprClass: 1106 return VisitLambdaExpr(cast<LambdaExpr>(S), asc); 1107 1108 case Stmt::MemberExprClass: 1109 return VisitMemberExpr(cast<MemberExpr>(S), asc); 1110 1111 case Stmt::NullStmtClass: 1112 return Block; 1113 1114 case Stmt::ObjCAtCatchStmtClass: 1115 return VisitObjCAtCatchStmt(cast<ObjCAtCatchStmt>(S)); 1116 1117 case Stmt::ObjCAutoreleasePoolStmtClass: 1118 return VisitObjCAutoreleasePoolStmt(cast<ObjCAutoreleasePoolStmt>(S)); 1119 1120 case Stmt::ObjCAtSynchronizedStmtClass: 1121 return VisitObjCAtSynchronizedStmt(cast<ObjCAtSynchronizedStmt>(S)); 1122 1123 case Stmt::ObjCAtThrowStmtClass: 1124 return VisitObjCAtThrowStmt(cast<ObjCAtThrowStmt>(S)); 1125 1126 case Stmt::ObjCAtTryStmtClass: 1127 return VisitObjCAtTryStmt(cast<ObjCAtTryStmt>(S)); 1128 1129 case Stmt::ObjCForCollectionStmtClass: 1130 return VisitObjCForCollectionStmt(cast<ObjCForCollectionStmt>(S)); 1131 1132 case Stmt::OpaqueValueExprClass: 1133 return Block; 1134 1135 case Stmt::PseudoObjectExprClass: 1136 return VisitPseudoObjectExpr(cast<PseudoObjectExpr>(S)); 1137 1138 case Stmt::ReturnStmtClass: 1139 return VisitReturnStmt(cast<ReturnStmt>(S)); 1140 1141 case Stmt::UnaryExprOrTypeTraitExprClass: 1142 return VisitUnaryExprOrTypeTraitExpr(cast<UnaryExprOrTypeTraitExpr>(S), 1143 asc); 1144 1145 case Stmt::StmtExprClass: 1146 return VisitStmtExpr(cast<StmtExpr>(S), asc); 1147 1148 case Stmt::SwitchStmtClass: 1149 return VisitSwitchStmt(cast<SwitchStmt>(S)); 1150 1151 case Stmt::UnaryOperatorClass: 1152 return VisitUnaryOperator(cast<UnaryOperator>(S), asc); 1153 1154 case Stmt::WhileStmtClass: 1155 return VisitWhileStmt(cast<WhileStmt>(S)); 1156 } 1157} 1158 1159CFGBlock *CFGBuilder::VisitStmt(Stmt *S, AddStmtChoice asc) { 1160 if (asc.alwaysAdd(*this, S)) { 1161 autoCreateBlock(); 1162 appendStmt(Block, S); 1163 } 1164 1165 return VisitChildren(S); 1166} 1167 1168/// VisitChildren - Visit the children of a Stmt. 1169CFGBlock *CFGBuilder::VisitChildren(Stmt *Terminator) { 1170 CFGBlock *lastBlock = Block; 1171 for (Stmt::child_range I = Terminator->children(); I; ++I) 1172 if (Stmt *child = *I) 1173 if (CFGBlock *b = Visit(child)) 1174 lastBlock = b; 1175 1176 return lastBlock; 1177} 1178 1179CFGBlock *CFGBuilder::VisitAddrLabelExpr(AddrLabelExpr *A, 1180 AddStmtChoice asc) { 1181 AddressTakenLabels.insert(A->getLabel()); 1182 1183 if (asc.alwaysAdd(*this, A)) { 1184 autoCreateBlock(); 1185 appendStmt(Block, A); 1186 } 1187 1188 return Block; 1189} 1190 1191CFGBlock *CFGBuilder::VisitUnaryOperator(UnaryOperator *U, 1192 AddStmtChoice asc) { 1193 if (asc.alwaysAdd(*this, U)) { 1194 autoCreateBlock(); 1195 appendStmt(Block, U); 1196 } 1197 1198 return Visit(U->getSubExpr(), AddStmtChoice()); 1199} 1200 1201CFGBlock *CFGBuilder::VisitLogicalOperator(BinaryOperator *B) { 1202 CFGBlock *ConfluenceBlock = Block ? Block : createBlock(); 1203 appendStmt(ConfluenceBlock, B); 1204 1205 if (badCFG) 1206 return 0; 1207 1208 return VisitLogicalOperator(B, 0, ConfluenceBlock, ConfluenceBlock).first; 1209} 1210 1211std::pair<CFGBlock*, CFGBlock*> 1212CFGBuilder::VisitLogicalOperator(BinaryOperator *B, 1213 Stmt *Term, 1214 CFGBlock *TrueBlock, 1215 CFGBlock *FalseBlock) { 1216 1217 // Introspect the RHS. If it is a nested logical operation, we recursively 1218 // build the CFG using this function. Otherwise, resort to default 1219 // CFG construction behavior. 1220 Expr *RHS = B->getRHS()->IgnoreParens(); 1221 CFGBlock *RHSBlock, *ExitBlock; 1222 1223 do { 1224 if (BinaryOperator *B_RHS = dyn_cast<BinaryOperator>(RHS)) 1225 if (B_RHS->isLogicalOp()) { 1226 llvm::tie(RHSBlock, ExitBlock) = 1227 VisitLogicalOperator(B_RHS, Term, TrueBlock, FalseBlock); 1228 break; 1229 } 1230 1231 // The RHS is not a nested logical operation. Don't push the terminator 1232 // down further, but instead visit RHS and construct the respective 1233 // pieces of the CFG, and link up the RHSBlock with the terminator 1234 // we have been provided. 1235 ExitBlock = RHSBlock = createBlock(false); 1236 1237 if (!Term) { 1238 assert(TrueBlock == FalseBlock); 1239 addSuccessor(RHSBlock, TrueBlock); 1240 } 1241 else { 1242 RHSBlock->setTerminator(Term); 1243 TryResult KnownVal = tryEvaluateBool(RHS); 1244 addSuccessor(RHSBlock, KnownVal.isFalse() ? NULL : TrueBlock); 1245 addSuccessor(RHSBlock, KnownVal.isTrue() ? NULL : FalseBlock); 1246 } 1247 1248 Block = RHSBlock; 1249 RHSBlock = addStmt(RHS); 1250 } 1251 while (false); 1252 1253 if (badCFG) 1254 return std::make_pair((CFGBlock*)0, (CFGBlock*)0); 1255 1256 // Generate the blocks for evaluating the LHS. 1257 Expr *LHS = B->getLHS()->IgnoreParens(); 1258 1259 if (BinaryOperator *B_LHS = dyn_cast<BinaryOperator>(LHS)) 1260 if (B_LHS->isLogicalOp()) { 1261 if (B->getOpcode() == BO_LOr) 1262 FalseBlock = RHSBlock; 1263 else 1264 TrueBlock = RHSBlock; 1265 1266 // For the LHS, treat 'B' as the terminator that we want to sink 1267 // into the nested branch. The RHS always gets the top-most 1268 // terminator. 1269 return VisitLogicalOperator(B_LHS, B, TrueBlock, FalseBlock); 1270 } 1271 1272 // Create the block evaluating the LHS. 1273 // This contains the '&&' or '||' as the terminator. 1274 CFGBlock *LHSBlock = createBlock(false); 1275 LHSBlock->setTerminator(B); 1276 1277 Block = LHSBlock; 1278 CFGBlock *EntryLHSBlock = addStmt(LHS); 1279 1280 if (badCFG) 1281 return std::make_pair((CFGBlock*)0, (CFGBlock*)0); 1282 1283 // See if this is a known constant. 1284 TryResult KnownVal = tryEvaluateBool(LHS); 1285 1286 // Now link the LHSBlock with RHSBlock. 1287 if (B->getOpcode() == BO_LOr) { 1288 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : TrueBlock); 1289 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : RHSBlock); 1290 } else { 1291 assert(B->getOpcode() == BO_LAnd); 1292 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : RHSBlock); 1293 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : FalseBlock); 1294 } 1295 1296 return std::make_pair(EntryLHSBlock, ExitBlock); 1297} 1298 1299 1300CFGBlock *CFGBuilder::VisitBinaryOperator(BinaryOperator *B, 1301 AddStmtChoice asc) { 1302 // && or || 1303 if (B->isLogicalOp()) 1304 return VisitLogicalOperator(B); 1305 1306 if (B->getOpcode() == BO_Comma) { // , 1307 autoCreateBlock(); 1308 appendStmt(Block, B); 1309 addStmt(B->getRHS()); 1310 return addStmt(B->getLHS()); 1311 } 1312 1313 if (B->isAssignmentOp()) { 1314 if (asc.alwaysAdd(*this, B)) { 1315 autoCreateBlock(); 1316 appendStmt(Block, B); 1317 } 1318 Visit(B->getLHS()); 1319 return Visit(B->getRHS()); 1320 } 1321 1322 if (asc.alwaysAdd(*this, B)) { 1323 autoCreateBlock(); 1324 appendStmt(Block, B); 1325 } 1326 1327 CFGBlock *RBlock = Visit(B->getRHS()); 1328 CFGBlock *LBlock = Visit(B->getLHS()); 1329 // If visiting RHS causes us to finish 'Block', e.g. the RHS is a StmtExpr 1330 // containing a DoStmt, and the LHS doesn't create a new block, then we should 1331 // return RBlock. Otherwise we'll incorrectly return NULL. 1332 return (LBlock ? LBlock : RBlock); 1333} 1334 1335CFGBlock *CFGBuilder::VisitNoRecurse(Expr *E, AddStmtChoice asc) { 1336 if (asc.alwaysAdd(*this, E)) { 1337 autoCreateBlock(); 1338 appendStmt(Block, E); 1339 } 1340 return Block; 1341} 1342 1343CFGBlock *CFGBuilder::VisitBreakStmt(BreakStmt *B) { 1344 // "break" is a control-flow statement. Thus we stop processing the current 1345 // block. 1346 if (badCFG) 1347 return 0; 1348 1349 // Now create a new block that ends with the break statement. 1350 Block = createBlock(false); 1351 Block->setTerminator(B); 1352 1353 // If there is no target for the break, then we are looking at an incomplete 1354 // AST. This means that the CFG cannot be constructed. 1355 if (BreakJumpTarget.block) { 1356 addAutomaticObjDtors(ScopePos, BreakJumpTarget.scopePosition, B); 1357 addSuccessor(Block, BreakJumpTarget.block); 1358 } else 1359 badCFG = true; 1360 1361 1362 return Block; 1363} 1364 1365static bool CanThrow(Expr *E, ASTContext &Ctx) { 1366 QualType Ty = E->getType(); 1367 if (Ty->isFunctionPointerType()) 1368 Ty = Ty->getAs<PointerType>()->getPointeeType(); 1369 else if (Ty->isBlockPointerType()) 1370 Ty = Ty->getAs<BlockPointerType>()->getPointeeType(); 1371 1372 const FunctionType *FT = Ty->getAs<FunctionType>(); 1373 if (FT) { 1374 if (const FunctionProtoType *Proto = dyn_cast<FunctionProtoType>(FT)) 1375 if (!isUnresolvedExceptionSpec(Proto->getExceptionSpecType()) && 1376 Proto->isNothrow(Ctx)) 1377 return false; 1378 } 1379 return true; 1380} 1381 1382CFGBlock *CFGBuilder::VisitCallExpr(CallExpr *C, AddStmtChoice asc) { 1383 // Compute the callee type. 1384 QualType calleeType = C->getCallee()->getType(); 1385 if (calleeType == Context->BoundMemberTy) { 1386 QualType boundType = Expr::findBoundMemberType(C->getCallee()); 1387 1388 // We should only get a null bound type if processing a dependent 1389 // CFG. Recover by assuming nothing. 1390 if (!boundType.isNull()) calleeType = boundType; 1391 } 1392 1393 // If this is a call to a no-return function, this stops the block here. 1394 bool NoReturn = getFunctionExtInfo(*calleeType).getNoReturn(); 1395 1396 bool AddEHEdge = false; 1397 1398 // Languages without exceptions are assumed to not throw. 1399 if (Context->getLangOpts().Exceptions) { 1400 if (BuildOpts.AddEHEdges) 1401 AddEHEdge = true; 1402 } 1403 1404 if (FunctionDecl *FD = C->getDirectCallee()) { 1405 if (FD->hasAttr<NoReturnAttr>()) 1406 NoReturn = true; 1407 if (FD->hasAttr<NoThrowAttr>()) 1408 AddEHEdge = false; 1409 } 1410 1411 if (!CanThrow(C->getCallee(), *Context)) 1412 AddEHEdge = false; 1413 1414 if (!NoReturn && !AddEHEdge) 1415 return VisitStmt(C, asc.withAlwaysAdd(true)); 1416 1417 if (Block) { 1418 Succ = Block; 1419 if (badCFG) 1420 return 0; 1421 } 1422 1423 if (NoReturn) 1424 Block = createNoReturnBlock(); 1425 else 1426 Block = createBlock(); 1427 1428 appendStmt(Block, C); 1429 1430 if (AddEHEdge) { 1431 // Add exceptional edges. 1432 if (TryTerminatedBlock) 1433 addSuccessor(Block, TryTerminatedBlock); 1434 else 1435 addSuccessor(Block, &cfg->getExit()); 1436 } 1437 1438 return VisitChildren(C); 1439} 1440 1441CFGBlock *CFGBuilder::VisitChooseExpr(ChooseExpr *C, 1442 AddStmtChoice asc) { 1443 CFGBlock *ConfluenceBlock = Block ? Block : createBlock(); 1444 appendStmt(ConfluenceBlock, C); 1445 if (badCFG) 1446 return 0; 1447 1448 AddStmtChoice alwaysAdd = asc.withAlwaysAdd(true); 1449 Succ = ConfluenceBlock; 1450 Block = NULL; 1451 CFGBlock *LHSBlock = Visit(C->getLHS(), alwaysAdd); 1452 if (badCFG) 1453 return 0; 1454 1455 Succ = ConfluenceBlock; 1456 Block = NULL; 1457 CFGBlock *RHSBlock = Visit(C->getRHS(), alwaysAdd); 1458 if (badCFG) 1459 return 0; 1460 1461 Block = createBlock(false); 1462 // See if this is a known constant. 1463 const TryResult& KnownVal = tryEvaluateBool(C->getCond()); 1464 addSuccessor(Block, KnownVal.isFalse() ? NULL : LHSBlock); 1465 addSuccessor(Block, KnownVal.isTrue() ? NULL : RHSBlock); 1466 Block->setTerminator(C); 1467 return addStmt(C->getCond()); 1468} 1469 1470 1471CFGBlock *CFGBuilder::VisitCompoundStmt(CompoundStmt *C) { 1472 addLocalScopeAndDtors(C); 1473 CFGBlock *LastBlock = Block; 1474 1475 for (CompoundStmt::reverse_body_iterator I=C->body_rbegin(), E=C->body_rend(); 1476 I != E; ++I ) { 1477 // If we hit a segment of code just containing ';' (NullStmts), we can 1478 // get a null block back. In such cases, just use the LastBlock 1479 if (CFGBlock *newBlock = addStmt(*I)) 1480 LastBlock = newBlock; 1481 1482 if (badCFG) 1483 return NULL; 1484 } 1485 1486 return LastBlock; 1487} 1488 1489CFGBlock *CFGBuilder::VisitConditionalOperator(AbstractConditionalOperator *C, 1490 AddStmtChoice asc) { 1491 const BinaryConditionalOperator *BCO = dyn_cast<BinaryConditionalOperator>(C); 1492 const OpaqueValueExpr *opaqueValue = (BCO ? BCO->getOpaqueValue() : NULL); 1493 1494 // Create the confluence block that will "merge" the results of the ternary 1495 // expression. 1496 CFGBlock *ConfluenceBlock = Block ? Block : createBlock(); 1497 appendStmt(ConfluenceBlock, C); 1498 if (badCFG) 1499 return 0; 1500 1501 AddStmtChoice alwaysAdd = asc.withAlwaysAdd(true); 1502 1503 // Create a block for the LHS expression if there is an LHS expression. A 1504 // GCC extension allows LHS to be NULL, causing the condition to be the 1505 // value that is returned instead. 1506 // e.g: x ?: y is shorthand for: x ? x : y; 1507 Succ = ConfluenceBlock; 1508 Block = NULL; 1509 CFGBlock *LHSBlock = 0; 1510 const Expr *trueExpr = C->getTrueExpr(); 1511 if (trueExpr != opaqueValue) { 1512 LHSBlock = Visit(C->getTrueExpr(), alwaysAdd); 1513 if (badCFG) 1514 return 0; 1515 Block = NULL; 1516 } 1517 else 1518 LHSBlock = ConfluenceBlock; 1519 1520 // Create the block for the RHS expression. 1521 Succ = ConfluenceBlock; 1522 CFGBlock *RHSBlock = Visit(C->getFalseExpr(), alwaysAdd); 1523 if (badCFG) 1524 return 0; 1525 1526 // If the condition is a logical '&&' or '||', build a more accurate CFG. 1527 if (BinaryOperator *Cond = 1528 dyn_cast<BinaryOperator>(C->getCond()->IgnoreParens())) 1529 if (Cond->isLogicalOp()) 1530 return VisitLogicalOperator(Cond, C, LHSBlock, RHSBlock).first; 1531 1532 // Create the block that will contain the condition. 1533 Block = createBlock(false); 1534 1535 // See if this is a known constant. 1536 const TryResult& KnownVal = tryEvaluateBool(C->getCond()); 1537 addSuccessor(Block, KnownVal.isFalse() ? NULL : LHSBlock); 1538 addSuccessor(Block, KnownVal.isTrue() ? NULL : RHSBlock); 1539 Block->setTerminator(C); 1540 Expr *condExpr = C->getCond(); 1541 1542 if (opaqueValue) { 1543 // Run the condition expression if it's not trivially expressed in 1544 // terms of the opaque value (or if there is no opaque value). 1545 if (condExpr != opaqueValue) 1546 addStmt(condExpr); 1547 1548 // Before that, run the common subexpression if there was one. 1549 // At least one of this or the above will be run. 1550 return addStmt(BCO->getCommon()); 1551 } 1552 1553 return addStmt(condExpr); 1554} 1555 1556CFGBlock *CFGBuilder::VisitDeclStmt(DeclStmt *DS) { 1557 // Check if the Decl is for an __label__. If so, elide it from the 1558 // CFG entirely. 1559 if (isa<LabelDecl>(*DS->decl_begin())) 1560 return Block; 1561 1562 // This case also handles static_asserts. 1563 if (DS->isSingleDecl()) 1564 return VisitDeclSubExpr(DS); 1565 1566 CFGBlock *B = 0; 1567 1568 // Build an individual DeclStmt for each decl. 1569 for (DeclStmt::reverse_decl_iterator I = DS->decl_rbegin(), 1570 E = DS->decl_rend(); 1571 I != E; ++I) { 1572 // Get the alignment of the new DeclStmt, padding out to >=8 bytes. 1573 unsigned A = llvm::AlignOf<DeclStmt>::Alignment < 8 1574 ? 8 : llvm::AlignOf<DeclStmt>::Alignment; 1575 1576 // Allocate the DeclStmt using the BumpPtrAllocator. It will get 1577 // automatically freed with the CFG. 1578 DeclGroupRef DG(*I); 1579 Decl *D = *I; 1580 void *Mem = cfg->getAllocator().Allocate(sizeof(DeclStmt), A); 1581 DeclStmt *DSNew = new (Mem) DeclStmt(DG, D->getLocation(), GetEndLoc(D)); 1582 1583 // Append the fake DeclStmt to block. 1584 B = VisitDeclSubExpr(DSNew); 1585 } 1586 1587 return B; 1588} 1589 1590/// VisitDeclSubExpr - Utility method to add block-level expressions for 1591/// DeclStmts and initializers in them. 1592CFGBlock *CFGBuilder::VisitDeclSubExpr(DeclStmt *DS) { 1593 assert(DS->isSingleDecl() && "Can handle single declarations only."); 1594 Decl *D = DS->getSingleDecl(); 1595 1596 if (isa<StaticAssertDecl>(D)) { 1597 // static_asserts aren't added to the CFG because they do not impact 1598 // runtime semantics. 1599 return Block; 1600 } 1601 1602 VarDecl *VD = dyn_cast<VarDecl>(DS->getSingleDecl()); 1603 1604 if (!VD) { 1605 autoCreateBlock(); 1606 appendStmt(Block, DS); 1607 return Block; 1608 } 1609 1610 bool IsReference = false; 1611 bool HasTemporaries = false; 1612 1613 // Destructors of temporaries in initialization expression should be called 1614 // after initialization finishes. 1615 Expr *Init = VD->getInit(); 1616 if (Init) { 1617 IsReference = VD->getType()->isReferenceType(); 1618 HasTemporaries = isa<ExprWithCleanups>(Init); 1619 1620 if (BuildOpts.AddImplicitDtors && HasTemporaries) { 1621 // Generate destructors for temporaries in initialization expression. 1622 VisitForTemporaryDtors(cast<ExprWithCleanups>(Init)->getSubExpr(), 1623 IsReference); 1624 } 1625 } 1626 1627 autoCreateBlock(); 1628 appendStmt(Block, DS); 1629 1630 // Keep track of the last non-null block, as 'Block' can be nulled out 1631 // if the initializer expression is something like a 'while' in a 1632 // statement-expression. 1633 CFGBlock *LastBlock = Block; 1634 1635 if (Init) { 1636 if (HasTemporaries) { 1637 // For expression with temporaries go directly to subexpression to omit 1638 // generating destructors for the second time. 1639 ExprWithCleanups *EC = cast<ExprWithCleanups>(Init); 1640 if (CFGBlock *newBlock = Visit(EC->getSubExpr())) 1641 LastBlock = newBlock; 1642 } 1643 else { 1644 if (CFGBlock *newBlock = Visit(Init)) 1645 LastBlock = newBlock; 1646 } 1647 } 1648 1649 // If the type of VD is a VLA, then we must process its size expressions. 1650 for (const VariableArrayType* VA = FindVA(VD->getType().getTypePtr()); 1651 VA != 0; VA = FindVA(VA->getElementType().getTypePtr())) 1652 Block = addStmt(VA->getSizeExpr()); 1653 1654 // Remove variable from local scope. 1655 if (ScopePos && VD == *ScopePos) 1656 ++ScopePos; 1657 1658 return Block ? Block : LastBlock; 1659} 1660 1661CFGBlock *CFGBuilder::VisitIfStmt(IfStmt *I) { 1662 // We may see an if statement in the middle of a basic block, or it may be the 1663 // first statement we are processing. In either case, we create a new basic 1664 // block. First, we create the blocks for the then...else statements, and 1665 // then we create the block containing the if statement. If we were in the 1666 // middle of a block, we stop processing that block. That block is then the 1667 // implicit successor for the "then" and "else" clauses. 1668 1669 // Save local scope position because in case of condition variable ScopePos 1670 // won't be restored when traversing AST. 1671 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 1672 1673 // Create local scope for possible condition variable. 1674 // Store scope position. Add implicit destructor. 1675 if (VarDecl *VD = I->getConditionVariable()) { 1676 LocalScope::const_iterator BeginScopePos = ScopePos; 1677 addLocalScopeForVarDecl(VD); 1678 addAutomaticObjDtors(ScopePos, BeginScopePos, I); 1679 } 1680 1681 // The block we were processing is now finished. Make it the successor 1682 // block. 1683 if (Block) { 1684 Succ = Block; 1685 if (badCFG) 1686 return 0; 1687 } 1688 1689 // Process the false branch. 1690 CFGBlock *ElseBlock = Succ; 1691 1692 if (Stmt *Else = I->getElse()) { 1693 SaveAndRestore<CFGBlock*> sv(Succ); 1694 1695 // NULL out Block so that the recursive call to Visit will 1696 // create a new basic block. 1697 Block = NULL; 1698 1699 // If branch is not a compound statement create implicit scope 1700 // and add destructors. 1701 if (!isa<CompoundStmt>(Else)) 1702 addLocalScopeAndDtors(Else); 1703 1704 ElseBlock = addStmt(Else); 1705 1706 if (!ElseBlock) // Can occur when the Else body has all NullStmts. 1707 ElseBlock = sv.get(); 1708 else if (Block) { 1709 if (badCFG) 1710 return 0; 1711 } 1712 } 1713 1714 // Process the true branch. 1715 CFGBlock *ThenBlock; 1716 { 1717 Stmt *Then = I->getThen(); 1718 assert(Then); 1719 SaveAndRestore<CFGBlock*> sv(Succ); 1720 Block = NULL; 1721 1722 // If branch is not a compound statement create implicit scope 1723 // and add destructors. 1724 if (!isa<CompoundStmt>(Then)) 1725 addLocalScopeAndDtors(Then); 1726 1727 ThenBlock = addStmt(Then); 1728 1729 if (!ThenBlock) { 1730 // We can reach here if the "then" body has all NullStmts. 1731 // Create an empty block so we can distinguish between true and false 1732 // branches in path-sensitive analyses. 1733 ThenBlock = createBlock(false); 1734 addSuccessor(ThenBlock, sv.get()); 1735 } else if (Block) { 1736 if (badCFG) 1737 return 0; 1738 } 1739 } 1740 1741 // Specially handle "if (expr1 || ...)" and "if (expr1 && ...)" by 1742 // having these handle the actual control-flow jump. Note that 1743 // if we introduce a condition variable, e.g. "if (int x = exp1 || exp2)" 1744 // we resort to the old control-flow behavior. This special handling 1745 // removes infeasible paths from the control-flow graph by having the 1746 // control-flow transfer of '&&' or '||' go directly into the then/else 1747 // blocks directly. 1748 if (!I->getConditionVariable()) 1749 if (BinaryOperator *Cond = 1750 dyn_cast<BinaryOperator>(I->getCond()->IgnoreParens())) 1751 if (Cond->isLogicalOp()) 1752 return VisitLogicalOperator(Cond, I, ThenBlock, ElseBlock).first; 1753 1754 // Now create a new block containing the if statement. 1755 Block = createBlock(false); 1756 1757 // Set the terminator of the new block to the If statement. 1758 Block->setTerminator(I); 1759 1760 // See if this is a known constant. 1761 const TryResult &KnownVal = tryEvaluateBool(I->getCond()); 1762 1763 // Now add the successors. 1764 addSuccessor(Block, KnownVal.isFalse() ? NULL : ThenBlock); 1765 addSuccessor(Block, KnownVal.isTrue()? NULL : ElseBlock); 1766 1767 // Add the condition as the last statement in the new block. This may create 1768 // new blocks as the condition may contain control-flow. Any newly created 1769 // blocks will be pointed to be "Block". 1770 Block = addStmt(I->getCond()); 1771 1772 // Finally, if the IfStmt contains a condition variable, add both the IfStmt 1773 // and the condition variable initialization to the CFG. 1774 if (VarDecl *VD = I->getConditionVariable()) { 1775 if (Expr *Init = VD->getInit()) { 1776 autoCreateBlock(); 1777 appendStmt(Block, I->getConditionVariableDeclStmt()); 1778 addStmt(Init); 1779 } 1780 } 1781 1782 return Block; 1783} 1784 1785 1786CFGBlock *CFGBuilder::VisitReturnStmt(ReturnStmt *R) { 1787 // If we were in the middle of a block we stop processing that block. 1788 // 1789 // NOTE: If a "return" appears in the middle of a block, this means that the 1790 // code afterwards is DEAD (unreachable). We still keep a basic block 1791 // for that code; a simple "mark-and-sweep" from the entry block will be 1792 // able to report such dead blocks. 1793 1794 // Create the new block. 1795 Block = createBlock(false); 1796 1797 // The Exit block is the only successor. 1798 addAutomaticObjDtors(ScopePos, LocalScope::const_iterator(), R); 1799 addSuccessor(Block, &cfg->getExit()); 1800 1801 // Add the return statement to the block. This may create new blocks if R 1802 // contains control-flow (short-circuit operations). 1803 return VisitStmt(R, AddStmtChoice::AlwaysAdd); 1804} 1805 1806CFGBlock *CFGBuilder::VisitLabelStmt(LabelStmt *L) { 1807 // Get the block of the labeled statement. Add it to our map. 1808 addStmt(L->getSubStmt()); 1809 CFGBlock *LabelBlock = Block; 1810 1811 if (!LabelBlock) // This can happen when the body is empty, i.e. 1812 LabelBlock = createBlock(); // scopes that only contains NullStmts. 1813 1814 assert(LabelMap.find(L->getDecl()) == LabelMap.end() && 1815 "label already in map"); 1816 LabelMap[L->getDecl()] = JumpTarget(LabelBlock, ScopePos); 1817 1818 // Labels partition blocks, so this is the end of the basic block we were 1819 // processing (L is the block's label). Because this is label (and we have 1820 // already processed the substatement) there is no extra control-flow to worry 1821 // about. 1822 LabelBlock->setLabel(L); 1823 if (badCFG) 1824 return 0; 1825 1826 // We set Block to NULL to allow lazy creation of a new block (if necessary); 1827 Block = NULL; 1828 1829 // This block is now the implicit successor of other blocks. 1830 Succ = LabelBlock; 1831 1832 return LabelBlock; 1833} 1834 1835CFGBlock *CFGBuilder::VisitLambdaExpr(LambdaExpr *E, AddStmtChoice asc) { 1836 CFGBlock *LastBlock = VisitNoRecurse(E, asc); 1837 for (LambdaExpr::capture_init_iterator it = E->capture_init_begin(), 1838 et = E->capture_init_end(); it != et; ++it) { 1839 if (Expr *Init = *it) { 1840 CFGBlock *Tmp = Visit(Init); 1841 if (Tmp != 0) 1842 LastBlock = Tmp; 1843 } 1844 } 1845 return LastBlock; 1846} 1847 1848CFGBlock *CFGBuilder::VisitGotoStmt(GotoStmt *G) { 1849 // Goto is a control-flow statement. Thus we stop processing the current 1850 // block and create a new one. 1851 1852 Block = createBlock(false); 1853 Block->setTerminator(G); 1854 1855 // If we already know the mapping to the label block add the successor now. 1856 LabelMapTy::iterator I = LabelMap.find(G->getLabel()); 1857 1858 if (I == LabelMap.end()) 1859 // We will need to backpatch this block later. 1860 BackpatchBlocks.push_back(JumpSource(Block, ScopePos)); 1861 else { 1862 JumpTarget JT = I->second; 1863 addAutomaticObjDtors(ScopePos, JT.scopePosition, G); 1864 addSuccessor(Block, JT.block); 1865 } 1866 1867 return Block; 1868} 1869 1870CFGBlock *CFGBuilder::VisitForStmt(ForStmt *F) { 1871 CFGBlock *LoopSuccessor = NULL; 1872 1873 // Save local scope position because in case of condition variable ScopePos 1874 // won't be restored when traversing AST. 1875 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 1876 1877 // Create local scope for init statement and possible condition variable. 1878 // Add destructor for init statement and condition variable. 1879 // Store scope position for continue statement. 1880 if (Stmt *Init = F->getInit()) 1881 addLocalScopeForStmt(Init); 1882 LocalScope::const_iterator LoopBeginScopePos = ScopePos; 1883 1884 if (VarDecl *VD = F->getConditionVariable()) 1885 addLocalScopeForVarDecl(VD); 1886 LocalScope::const_iterator ContinueScopePos = ScopePos; 1887 1888 addAutomaticObjDtors(ScopePos, save_scope_pos.get(), F); 1889 1890 // "for" is a control-flow statement. Thus we stop processing the current 1891 // block. 1892 if (Block) { 1893 if (badCFG) 1894 return 0; 1895 LoopSuccessor = Block; 1896 } else 1897 LoopSuccessor = Succ; 1898 1899 // Save the current value for the break targets. 1900 // All breaks should go to the code following the loop. 1901 SaveAndRestore<JumpTarget> save_break(BreakJumpTarget); 1902 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 1903 1904 CFGBlock *BodyBlock = 0, *TransitionBlock = 0; 1905 1906 // Now create the loop body. 1907 { 1908 assert(F->getBody()); 1909 1910 // Save the current values for Block, Succ, continue and break targets. 1911 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 1912 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget); 1913 1914 // Create an empty block to represent the transition block for looping back 1915 // to the head of the loop. If we have increment code, it will 1916 // go in this block as well. 1917 Block = Succ = TransitionBlock = createBlock(false); 1918 TransitionBlock->setLoopTarget(F); 1919 1920 if (Stmt *I = F->getInc()) { 1921 // Generate increment code in its own basic block. This is the target of 1922 // continue statements. 1923 Succ = addStmt(I); 1924 } 1925 1926 // Finish up the increment (or empty) block if it hasn't been already. 1927 if (Block) { 1928 assert(Block == Succ); 1929 if (badCFG) 1930 return 0; 1931 Block = 0; 1932 } 1933 1934 // The starting block for the loop increment is the block that should 1935 // represent the 'loop target' for looping back to the start of the loop. 1936 ContinueJumpTarget = JumpTarget(Succ, ContinueScopePos); 1937 ContinueJumpTarget.block->setLoopTarget(F); 1938 1939 // Loop body should end with destructor of Condition variable (if any). 1940 addAutomaticObjDtors(ScopePos, LoopBeginScopePos, F); 1941 1942 // If body is not a compound statement create implicit scope 1943 // and add destructors. 1944 if (!isa<CompoundStmt>(F->getBody())) 1945 addLocalScopeAndDtors(F->getBody()); 1946 1947 // Now populate the body block, and in the process create new blocks as we 1948 // walk the body of the loop. 1949 BodyBlock = addStmt(F->getBody()); 1950 1951 if (!BodyBlock) { 1952 // In the case of "for (...;...;...);" we can have a null BodyBlock. 1953 // Use the continue jump target as the proxy for the body. 1954 BodyBlock = ContinueJumpTarget.block; 1955 } 1956 else if (badCFG) 1957 return 0; 1958 } 1959 1960 // Because of short-circuit evaluation, the condition of the loop can span 1961 // multiple basic blocks. Thus we need the "Entry" and "Exit" blocks that 1962 // evaluate the condition. 1963 CFGBlock *EntryConditionBlock = 0, *ExitConditionBlock = 0; 1964 1965 do { 1966 Expr *C = F->getCond(); 1967 1968 // Specially handle logical operators, which have a slightly 1969 // more optimal CFG representation. 1970 if (BinaryOperator *Cond = 1971 dyn_cast_or_null<BinaryOperator>(C ? C->IgnoreParens() : 0)) 1972 if (Cond->isLogicalOp()) { 1973 llvm::tie(EntryConditionBlock, ExitConditionBlock) = 1974 VisitLogicalOperator(Cond, F, BodyBlock, LoopSuccessor); 1975 break; 1976 } 1977 1978 // The default case when not handling logical operators. 1979 EntryConditionBlock = ExitConditionBlock = createBlock(false); 1980 ExitConditionBlock->setTerminator(F); 1981 1982 // See if this is a known constant. 1983 TryResult KnownVal(true); 1984 1985 if (C) { 1986 // Now add the actual condition to the condition block. 1987 // Because the condition itself may contain control-flow, new blocks may 1988 // be created. Thus we update "Succ" after adding the condition. 1989 Block = ExitConditionBlock; 1990 EntryConditionBlock = addStmt(C); 1991 1992 // If this block contains a condition variable, add both the condition 1993 // variable and initializer to the CFG. 1994 if (VarDecl *VD = F->getConditionVariable()) { 1995 if (Expr *Init = VD->getInit()) { 1996 autoCreateBlock(); 1997 appendStmt(Block, F->getConditionVariableDeclStmt()); 1998 EntryConditionBlock = addStmt(Init); 1999 assert(Block == EntryConditionBlock); 2000 } 2001 } 2002 2003 if (Block && badCFG) 2004 return 0; 2005 2006 KnownVal = tryEvaluateBool(C); 2007 } 2008 2009 // Add the loop body entry as a successor to the condition. 2010 addSuccessor(ExitConditionBlock, KnownVal.isFalse() ? NULL : BodyBlock); 2011 // Link up the condition block with the code that follows the loop. (the 2012 // false branch). 2013 addSuccessor(ExitConditionBlock, KnownVal.isTrue() ? NULL : LoopSuccessor); 2014 2015 } while (false); 2016 2017 // Link up the loop-back block to the entry condition block. 2018 addSuccessor(TransitionBlock, EntryConditionBlock); 2019 2020 // The condition block is the implicit successor for any code above the loop. 2021 Succ = EntryConditionBlock; 2022 2023 // If the loop contains initialization, create a new block for those 2024 // statements. This block can also contain statements that precede the loop. 2025 if (Stmt *I = F->getInit()) { 2026 Block = createBlock(); 2027 return addStmt(I); 2028 } 2029 2030 // There is no loop initialization. We are thus basically a while loop. 2031 // NULL out Block to force lazy block construction. 2032 Block = NULL; 2033 Succ = EntryConditionBlock; 2034 return EntryConditionBlock; 2035} 2036 2037CFGBlock *CFGBuilder::VisitMemberExpr(MemberExpr *M, AddStmtChoice asc) { 2038 if (asc.alwaysAdd(*this, M)) { 2039 autoCreateBlock(); 2040 appendStmt(Block, M); 2041 } 2042 return Visit(M->getBase()); 2043} 2044 2045CFGBlock *CFGBuilder::VisitObjCForCollectionStmt(ObjCForCollectionStmt *S) { 2046 // Objective-C fast enumeration 'for' statements: 2047 // http://developer.apple.com/documentation/Cocoa/Conceptual/ObjectiveC 2048 // 2049 // for ( Type newVariable in collection_expression ) { statements } 2050 // 2051 // becomes: 2052 // 2053 // prologue: 2054 // 1. collection_expression 2055 // T. jump to loop_entry 2056 // loop_entry: 2057 // 1. side-effects of element expression 2058 // 1. ObjCForCollectionStmt [performs binding to newVariable] 2059 // T. ObjCForCollectionStmt TB, FB [jumps to TB if newVariable != nil] 2060 // TB: 2061 // statements 2062 // T. jump to loop_entry 2063 // FB: 2064 // what comes after 2065 // 2066 // and 2067 // 2068 // Type existingItem; 2069 // for ( existingItem in expression ) { statements } 2070 // 2071 // becomes: 2072 // 2073 // the same with newVariable replaced with existingItem; the binding works 2074 // the same except that for one ObjCForCollectionStmt::getElement() returns 2075 // a DeclStmt and the other returns a DeclRefExpr. 2076 // 2077 2078 CFGBlock *LoopSuccessor = 0; 2079 2080 if (Block) { 2081 if (badCFG) 2082 return 0; 2083 LoopSuccessor = Block; 2084 Block = 0; 2085 } else 2086 LoopSuccessor = Succ; 2087 2088 // Build the condition blocks. 2089 CFGBlock *ExitConditionBlock = createBlock(false); 2090 2091 // Set the terminator for the "exit" condition block. 2092 ExitConditionBlock->setTerminator(S); 2093 2094 // The last statement in the block should be the ObjCForCollectionStmt, which 2095 // performs the actual binding to 'element' and determines if there are any 2096 // more items in the collection. 2097 appendStmt(ExitConditionBlock, S); 2098 Block = ExitConditionBlock; 2099 2100 // Walk the 'element' expression to see if there are any side-effects. We 2101 // generate new blocks as necessary. We DON'T add the statement by default to 2102 // the CFG unless it contains control-flow. 2103 CFGBlock *EntryConditionBlock = Visit(S->getElement(), 2104 AddStmtChoice::NotAlwaysAdd); 2105 if (Block) { 2106 if (badCFG) 2107 return 0; 2108 Block = 0; 2109 } 2110 2111 // The condition block is the implicit successor for the loop body as well as 2112 // any code above the loop. 2113 Succ = EntryConditionBlock; 2114 2115 // Now create the true branch. 2116 { 2117 // Save the current values for Succ, continue and break targets. 2118 SaveAndRestore<CFGBlock*> save_Succ(Succ); 2119 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget), 2120 save_break(BreakJumpTarget); 2121 2122 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2123 ContinueJumpTarget = JumpTarget(EntryConditionBlock, ScopePos); 2124 2125 CFGBlock *BodyBlock = addStmt(S->getBody()); 2126 2127 if (!BodyBlock) 2128 BodyBlock = EntryConditionBlock; // can happen for "for (X in Y) ;" 2129 else if (Block) { 2130 if (badCFG) 2131 return 0; 2132 } 2133 2134 // This new body block is a successor to our "exit" condition block. 2135 addSuccessor(ExitConditionBlock, BodyBlock); 2136 } 2137 2138 // Link up the condition block with the code that follows the loop. 2139 // (the false branch). 2140 addSuccessor(ExitConditionBlock, LoopSuccessor); 2141 2142 // Now create a prologue block to contain the collection expression. 2143 Block = createBlock(); 2144 return addStmt(S->getCollection()); 2145} 2146 2147CFGBlock *CFGBuilder::VisitObjCAutoreleasePoolStmt(ObjCAutoreleasePoolStmt *S) { 2148 // Inline the body. 2149 return addStmt(S->getSubStmt()); 2150 // TODO: consider adding cleanups for the end of @autoreleasepool scope. 2151} 2152 2153CFGBlock *CFGBuilder::VisitObjCAtSynchronizedStmt(ObjCAtSynchronizedStmt *S) { 2154 // FIXME: Add locking 'primitives' to CFG for @synchronized. 2155 2156 // Inline the body. 2157 CFGBlock *SyncBlock = addStmt(S->getSynchBody()); 2158 2159 // The sync body starts its own basic block. This makes it a little easier 2160 // for diagnostic clients. 2161 if (SyncBlock) { 2162 if (badCFG) 2163 return 0; 2164 2165 Block = 0; 2166 Succ = SyncBlock; 2167 } 2168 2169 // Add the @synchronized to the CFG. 2170 autoCreateBlock(); 2171 appendStmt(Block, S); 2172 2173 // Inline the sync expression. 2174 return addStmt(S->getSynchExpr()); 2175} 2176 2177CFGBlock *CFGBuilder::VisitObjCAtTryStmt(ObjCAtTryStmt *S) { 2178 // FIXME 2179 return NYS(); 2180} 2181 2182CFGBlock *CFGBuilder::VisitPseudoObjectExpr(PseudoObjectExpr *E) { 2183 autoCreateBlock(); 2184 2185 // Add the PseudoObject as the last thing. 2186 appendStmt(Block, E); 2187 2188 CFGBlock *lastBlock = Block; 2189 2190 // Before that, evaluate all of the semantics in order. In 2191 // CFG-land, that means appending them in reverse order. 2192 for (unsigned i = E->getNumSemanticExprs(); i != 0; ) { 2193 Expr *Semantic = E->getSemanticExpr(--i); 2194 2195 // If the semantic is an opaque value, we're being asked to bind 2196 // it to its source expression. 2197 if (OpaqueValueExpr *OVE = dyn_cast<OpaqueValueExpr>(Semantic)) 2198 Semantic = OVE->getSourceExpr(); 2199 2200 if (CFGBlock *B = Visit(Semantic)) 2201 lastBlock = B; 2202 } 2203 2204 return lastBlock; 2205} 2206 2207CFGBlock *CFGBuilder::VisitWhileStmt(WhileStmt *W) { 2208 CFGBlock *LoopSuccessor = NULL; 2209 2210 // Save local scope position because in case of condition variable ScopePos 2211 // won't be restored when traversing AST. 2212 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2213 2214 // Create local scope for possible condition variable. 2215 // Store scope position for continue statement. 2216 LocalScope::const_iterator LoopBeginScopePos = ScopePos; 2217 if (VarDecl *VD = W->getConditionVariable()) { 2218 addLocalScopeForVarDecl(VD); 2219 addAutomaticObjDtors(ScopePos, LoopBeginScopePos, W); 2220 } 2221 2222 // "while" is a control-flow statement. Thus we stop processing the current 2223 // block. 2224 if (Block) { 2225 if (badCFG) 2226 return 0; 2227 LoopSuccessor = Block; 2228 Block = 0; 2229 } else { 2230 LoopSuccessor = Succ; 2231 } 2232 2233 CFGBlock *BodyBlock = 0, *TransitionBlock = 0; 2234 2235 // Process the loop body. 2236 { 2237 assert(W->getBody()); 2238 2239 // Save the current values for Block, Succ, continue and break targets. 2240 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 2241 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget), 2242 save_break(BreakJumpTarget); 2243 2244 // Create an empty block to represent the transition block for looping back 2245 // to the head of the loop. 2246 Succ = TransitionBlock = createBlock(false); 2247 TransitionBlock->setLoopTarget(W); 2248 ContinueJumpTarget = JumpTarget(Succ, LoopBeginScopePos); 2249 2250 // All breaks should go to the code following the loop. 2251 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2252 2253 // Loop body should end with destructor of Condition variable (if any). 2254 addAutomaticObjDtors(ScopePos, LoopBeginScopePos, W); 2255 2256 // If body is not a compound statement create implicit scope 2257 // and add destructors. 2258 if (!isa<CompoundStmt>(W->getBody())) 2259 addLocalScopeAndDtors(W->getBody()); 2260 2261 // Create the body. The returned block is the entry to the loop body. 2262 BodyBlock = addStmt(W->getBody()); 2263 2264 if (!BodyBlock) 2265 BodyBlock = ContinueJumpTarget.block; // can happen for "while(...) ;" 2266 else if (Block && badCFG) 2267 return 0; 2268 } 2269 2270 // Because of short-circuit evaluation, the condition of the loop can span 2271 // multiple basic blocks. Thus we need the "Entry" and "Exit" blocks that 2272 // evaluate the condition. 2273 CFGBlock *EntryConditionBlock = 0, *ExitConditionBlock = 0; 2274 2275 do { 2276 Expr *C = W->getCond(); 2277 2278 // Specially handle logical operators, which have a slightly 2279 // more optimal CFG representation. 2280 if (BinaryOperator *Cond = dyn_cast<BinaryOperator>(C->IgnoreParens())) 2281 if (Cond->isLogicalOp()) { 2282 llvm::tie(EntryConditionBlock, ExitConditionBlock) = 2283 VisitLogicalOperator(Cond, W, BodyBlock, 2284 LoopSuccessor); 2285 break; 2286 } 2287 2288 // The default case when not handling logical operators. 2289 EntryConditionBlock = ExitConditionBlock = createBlock(false); 2290 ExitConditionBlock->setTerminator(W); 2291 2292 // Now add the actual condition to the condition block. 2293 // Because the condition itself may contain control-flow, new blocks may 2294 // be created. Thus we update "Succ" after adding the condition. 2295 Block = ExitConditionBlock; 2296 Block = EntryConditionBlock = addStmt(C); 2297 2298 // If this block contains a condition variable, add both the condition 2299 // variable and initializer to the CFG. 2300 if (VarDecl *VD = W->getConditionVariable()) { 2301 if (Expr *Init = VD->getInit()) { 2302 autoCreateBlock(); 2303 appendStmt(Block, W->getConditionVariableDeclStmt()); 2304 EntryConditionBlock = addStmt(Init); 2305 assert(Block == EntryConditionBlock); 2306 } 2307 } 2308 2309 if (Block && badCFG) 2310 return 0; 2311 2312 // See if this is a known constant. 2313 const TryResult& KnownVal = tryEvaluateBool(C); 2314 2315 // Add the loop body entry as a successor to the condition. 2316 addSuccessor(ExitConditionBlock, KnownVal.isFalse() ? NULL : BodyBlock); 2317 // Link up the condition block with the code that follows the loop. (the 2318 // false branch). 2319 addSuccessor(ExitConditionBlock, KnownVal.isTrue() ? NULL : LoopSuccessor); 2320 2321 } while(false); 2322 2323 // Link up the loop-back block to the entry condition block. 2324 addSuccessor(TransitionBlock, EntryConditionBlock); 2325 2326 // There can be no more statements in the condition block since we loop back 2327 // to this block. NULL out Block to force lazy creation of another block. 2328 Block = NULL; 2329 2330 // Return the condition block, which is the dominating block for the loop. 2331 Succ = EntryConditionBlock; 2332 return EntryConditionBlock; 2333} 2334 2335 2336CFGBlock *CFGBuilder::VisitObjCAtCatchStmt(ObjCAtCatchStmt *S) { 2337 // FIXME: For now we pretend that @catch and the code it contains does not 2338 // exit. 2339 return Block; 2340} 2341 2342CFGBlock *CFGBuilder::VisitObjCAtThrowStmt(ObjCAtThrowStmt *S) { 2343 // FIXME: This isn't complete. We basically treat @throw like a return 2344 // statement. 2345 2346 // If we were in the middle of a block we stop processing that block. 2347 if (badCFG) 2348 return 0; 2349 2350 // Create the new block. 2351 Block = createBlock(false); 2352 2353 // The Exit block is the only successor. 2354 addSuccessor(Block, &cfg->getExit()); 2355 2356 // Add the statement to the block. This may create new blocks if S contains 2357 // control-flow (short-circuit operations). 2358 return VisitStmt(S, AddStmtChoice::AlwaysAdd); 2359} 2360 2361CFGBlock *CFGBuilder::VisitCXXThrowExpr(CXXThrowExpr *T) { 2362 // If we were in the middle of a block we stop processing that block. 2363 if (badCFG) 2364 return 0; 2365 2366 // Create the new block. 2367 Block = createBlock(false); 2368 2369 if (TryTerminatedBlock) 2370 // The current try statement is the only successor. 2371 addSuccessor(Block, TryTerminatedBlock); 2372 else 2373 // otherwise the Exit block is the only successor. 2374 addSuccessor(Block, &cfg->getExit()); 2375 2376 // Add the statement to the block. This may create new blocks if S contains 2377 // control-flow (short-circuit operations). 2378 return VisitStmt(T, AddStmtChoice::AlwaysAdd); 2379} 2380 2381CFGBlock *CFGBuilder::VisitDoStmt(DoStmt *D) { 2382 CFGBlock *LoopSuccessor = NULL; 2383 2384 // "do...while" is a control-flow statement. Thus we stop processing the 2385 // current block. 2386 if (Block) { 2387 if (badCFG) 2388 return 0; 2389 LoopSuccessor = Block; 2390 } else 2391 LoopSuccessor = Succ; 2392 2393 // Because of short-circuit evaluation, the condition of the loop can span 2394 // multiple basic blocks. Thus we need the "Entry" and "Exit" blocks that 2395 // evaluate the condition. 2396 CFGBlock *ExitConditionBlock = createBlock(false); 2397 CFGBlock *EntryConditionBlock = ExitConditionBlock; 2398 2399 // Set the terminator for the "exit" condition block. 2400 ExitConditionBlock->setTerminator(D); 2401 2402 // Now add the actual condition to the condition block. Because the condition 2403 // itself may contain control-flow, new blocks may be created. 2404 if (Stmt *C = D->getCond()) { 2405 Block = ExitConditionBlock; 2406 EntryConditionBlock = addStmt(C); 2407 if (Block) { 2408 if (badCFG) 2409 return 0; 2410 } 2411 } 2412 2413 // The condition block is the implicit successor for the loop body. 2414 Succ = EntryConditionBlock; 2415 2416 // See if this is a known constant. 2417 const TryResult &KnownVal = tryEvaluateBool(D->getCond()); 2418 2419 // Process the loop body. 2420 CFGBlock *BodyBlock = NULL; 2421 { 2422 assert(D->getBody()); 2423 2424 // Save the current values for Block, Succ, and continue and break targets 2425 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 2426 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget), 2427 save_break(BreakJumpTarget); 2428 2429 // All continues within this loop should go to the condition block 2430 ContinueJumpTarget = JumpTarget(EntryConditionBlock, ScopePos); 2431 2432 // All breaks should go to the code following the loop. 2433 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2434 2435 // NULL out Block to force lazy instantiation of blocks for the body. 2436 Block = NULL; 2437 2438 // If body is not a compound statement create implicit scope 2439 // and add destructors. 2440 if (!isa<CompoundStmt>(D->getBody())) 2441 addLocalScopeAndDtors(D->getBody()); 2442 2443 // Create the body. The returned block is the entry to the loop body. 2444 BodyBlock = addStmt(D->getBody()); 2445 2446 if (!BodyBlock) 2447 BodyBlock = EntryConditionBlock; // can happen for "do ; while(...)" 2448 else if (Block) { 2449 if (badCFG) 2450 return 0; 2451 } 2452 2453 if (!KnownVal.isFalse()) { 2454 // Add an intermediate block between the BodyBlock and the 2455 // ExitConditionBlock to represent the "loop back" transition. Create an 2456 // empty block to represent the transition block for looping back to the 2457 // head of the loop. 2458 // FIXME: Can we do this more efficiently without adding another block? 2459 Block = NULL; 2460 Succ = BodyBlock; 2461 CFGBlock *LoopBackBlock = createBlock(); 2462 LoopBackBlock->setLoopTarget(D); 2463 2464 // Add the loop body entry as a successor to the condition. 2465 addSuccessor(ExitConditionBlock, LoopBackBlock); 2466 } 2467 else 2468 addSuccessor(ExitConditionBlock, NULL); 2469 } 2470 2471 // Link up the condition block with the code that follows the loop. 2472 // (the false branch). 2473 addSuccessor(ExitConditionBlock, KnownVal.isTrue() ? NULL : LoopSuccessor); 2474 2475 // There can be no more statements in the body block(s) since we loop back to 2476 // the body. NULL out Block to force lazy creation of another block. 2477 Block = NULL; 2478 2479 // Return the loop body, which is the dominating block for the loop. 2480 Succ = BodyBlock; 2481 return BodyBlock; 2482} 2483 2484CFGBlock *CFGBuilder::VisitContinueStmt(ContinueStmt *C) { 2485 // "continue" is a control-flow statement. Thus we stop processing the 2486 // current block. 2487 if (badCFG) 2488 return 0; 2489 2490 // Now create a new block that ends with the continue statement. 2491 Block = createBlock(false); 2492 Block->setTerminator(C); 2493 2494 // If there is no target for the continue, then we are looking at an 2495 // incomplete AST. This means the CFG cannot be constructed. 2496 if (ContinueJumpTarget.block) { 2497 addAutomaticObjDtors(ScopePos, ContinueJumpTarget.scopePosition, C); 2498 addSuccessor(Block, ContinueJumpTarget.block); 2499 } else 2500 badCFG = true; 2501 2502 return Block; 2503} 2504 2505CFGBlock *CFGBuilder::VisitUnaryExprOrTypeTraitExpr(UnaryExprOrTypeTraitExpr *E, 2506 AddStmtChoice asc) { 2507 2508 if (asc.alwaysAdd(*this, E)) { 2509 autoCreateBlock(); 2510 appendStmt(Block, E); 2511 } 2512 2513 // VLA types have expressions that must be evaluated. 2514 CFGBlock *lastBlock = Block; 2515 2516 if (E->isArgumentType()) { 2517 for (const VariableArrayType *VA =FindVA(E->getArgumentType().getTypePtr()); 2518 VA != 0; VA = FindVA(VA->getElementType().getTypePtr())) 2519 lastBlock = addStmt(VA->getSizeExpr()); 2520 } 2521 return lastBlock; 2522} 2523 2524/// VisitStmtExpr - Utility method to handle (nested) statement 2525/// expressions (a GCC extension). 2526CFGBlock *CFGBuilder::VisitStmtExpr(StmtExpr *SE, AddStmtChoice asc) { 2527 if (asc.alwaysAdd(*this, SE)) { 2528 autoCreateBlock(); 2529 appendStmt(Block, SE); 2530 } 2531 return VisitCompoundStmt(SE->getSubStmt()); 2532} 2533 2534CFGBlock *CFGBuilder::VisitSwitchStmt(SwitchStmt *Terminator) { 2535 // "switch" is a control-flow statement. Thus we stop processing the current 2536 // block. 2537 CFGBlock *SwitchSuccessor = NULL; 2538 2539 // Save local scope position because in case of condition variable ScopePos 2540 // won't be restored when traversing AST. 2541 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2542 2543 // Create local scope for possible condition variable. 2544 // Store scope position. Add implicit destructor. 2545 if (VarDecl *VD = Terminator->getConditionVariable()) { 2546 LocalScope::const_iterator SwitchBeginScopePos = ScopePos; 2547 addLocalScopeForVarDecl(VD); 2548 addAutomaticObjDtors(ScopePos, SwitchBeginScopePos, Terminator); 2549 } 2550 2551 if (Block) { 2552 if (badCFG) 2553 return 0; 2554 SwitchSuccessor = Block; 2555 } else SwitchSuccessor = Succ; 2556 2557 // Save the current "switch" context. 2558 SaveAndRestore<CFGBlock*> save_switch(SwitchTerminatedBlock), 2559 save_default(DefaultCaseBlock); 2560 SaveAndRestore<JumpTarget> save_break(BreakJumpTarget); 2561 2562 // Set the "default" case to be the block after the switch statement. If the 2563 // switch statement contains a "default:", this value will be overwritten with 2564 // the block for that code. 2565 DefaultCaseBlock = SwitchSuccessor; 2566 2567 // Create a new block that will contain the switch statement. 2568 SwitchTerminatedBlock = createBlock(false); 2569 2570 // Now process the switch body. The code after the switch is the implicit 2571 // successor. 2572 Succ = SwitchSuccessor; 2573 BreakJumpTarget = JumpTarget(SwitchSuccessor, ScopePos); 2574 2575 // When visiting the body, the case statements should automatically get linked 2576 // up to the switch. We also don't keep a pointer to the body, since all 2577 // control-flow from the switch goes to case/default statements. 2578 assert(Terminator->getBody() && "switch must contain a non-NULL body"); 2579 Block = NULL; 2580 2581 // For pruning unreachable case statements, save the current state 2582 // for tracking the condition value. 2583 SaveAndRestore<bool> save_switchExclusivelyCovered(switchExclusivelyCovered, 2584 false); 2585 2586 // Determine if the switch condition can be explicitly evaluated. 2587 assert(Terminator->getCond() && "switch condition must be non-NULL"); 2588 Expr::EvalResult result; 2589 bool b = tryEvaluate(Terminator->getCond(), result); 2590 SaveAndRestore<Expr::EvalResult*> save_switchCond(switchCond, 2591 b ? &result : 0); 2592 2593 // If body is not a compound statement create implicit scope 2594 // and add destructors. 2595 if (!isa<CompoundStmt>(Terminator->getBody())) 2596 addLocalScopeAndDtors(Terminator->getBody()); 2597 2598 addStmt(Terminator->getBody()); 2599 if (Block) { 2600 if (badCFG) 2601 return 0; 2602 } 2603 2604 // If we have no "default:" case, the default transition is to the code 2605 // following the switch body. Moreover, take into account if all the 2606 // cases of a switch are covered (e.g., switching on an enum value). 2607 addSuccessor(SwitchTerminatedBlock, 2608 switchExclusivelyCovered || Terminator->isAllEnumCasesCovered() 2609 ? 0 : DefaultCaseBlock); 2610 2611 // Add the terminator and condition in the switch block. 2612 SwitchTerminatedBlock->setTerminator(Terminator); 2613 Block = SwitchTerminatedBlock; 2614 Block = addStmt(Terminator->getCond()); 2615 2616 // Finally, if the SwitchStmt contains a condition variable, add both the 2617 // SwitchStmt and the condition variable initialization to the CFG. 2618 if (VarDecl *VD = Terminator->getConditionVariable()) { 2619 if (Expr *Init = VD->getInit()) { 2620 autoCreateBlock(); 2621 appendStmt(Block, Terminator->getConditionVariableDeclStmt()); 2622 addStmt(Init); 2623 } 2624 } 2625 2626 return Block; 2627} 2628 2629static bool shouldAddCase(bool &switchExclusivelyCovered, 2630 const Expr::EvalResult *switchCond, 2631 const CaseStmt *CS, 2632 ASTContext &Ctx) { 2633 if (!switchCond) 2634 return true; 2635 2636 bool addCase = false; 2637 2638 if (!switchExclusivelyCovered) { 2639 if (switchCond->Val.isInt()) { 2640 // Evaluate the LHS of the case value. 2641 const llvm::APSInt &lhsInt = CS->getLHS()->EvaluateKnownConstInt(Ctx); 2642 const llvm::APSInt &condInt = switchCond->Val.getInt(); 2643 2644 if (condInt == lhsInt) { 2645 addCase = true; 2646 switchExclusivelyCovered = true; 2647 } 2648 else if (condInt < lhsInt) { 2649 if (const Expr *RHS = CS->getRHS()) { 2650 // Evaluate the RHS of the case value. 2651 const llvm::APSInt &V2 = RHS->EvaluateKnownConstInt(Ctx); 2652 if (V2 <= condInt) { 2653 addCase = true; 2654 switchExclusivelyCovered = true; 2655 } 2656 } 2657 } 2658 } 2659 else 2660 addCase = true; 2661 } 2662 return addCase; 2663} 2664 2665CFGBlock *CFGBuilder::VisitCaseStmt(CaseStmt *CS) { 2666 // CaseStmts are essentially labels, so they are the first statement in a 2667 // block. 2668 CFGBlock *TopBlock = 0, *LastBlock = 0; 2669 2670 if (Stmt *Sub = CS->getSubStmt()) { 2671 // For deeply nested chains of CaseStmts, instead of doing a recursion 2672 // (which can blow out the stack), manually unroll and create blocks 2673 // along the way. 2674 while (isa<CaseStmt>(Sub)) { 2675 CFGBlock *currentBlock = createBlock(false); 2676 currentBlock->setLabel(CS); 2677 2678 if (TopBlock) 2679 addSuccessor(LastBlock, currentBlock); 2680 else 2681 TopBlock = currentBlock; 2682 2683 addSuccessor(SwitchTerminatedBlock, 2684 shouldAddCase(switchExclusivelyCovered, switchCond, 2685 CS, *Context) 2686 ? currentBlock : 0); 2687 2688 LastBlock = currentBlock; 2689 CS = cast<CaseStmt>(Sub); 2690 Sub = CS->getSubStmt(); 2691 } 2692 2693 addStmt(Sub); 2694 } 2695 2696 CFGBlock *CaseBlock = Block; 2697 if (!CaseBlock) 2698 CaseBlock = createBlock(); 2699 2700 // Cases statements partition blocks, so this is the top of the basic block we 2701 // were processing (the "case XXX:" is the label). 2702 CaseBlock->setLabel(CS); 2703 2704 if (badCFG) 2705 return 0; 2706 2707 // Add this block to the list of successors for the block with the switch 2708 // statement. 2709 assert(SwitchTerminatedBlock); 2710 addSuccessor(SwitchTerminatedBlock, 2711 shouldAddCase(switchExclusivelyCovered, switchCond, 2712 CS, *Context) 2713 ? CaseBlock : 0); 2714 2715 // We set Block to NULL to allow lazy creation of a new block (if necessary) 2716 Block = NULL; 2717 2718 if (TopBlock) { 2719 addSuccessor(LastBlock, CaseBlock); 2720 Succ = TopBlock; 2721 } else { 2722 // This block is now the implicit successor of other blocks. 2723 Succ = CaseBlock; 2724 } 2725 2726 return Succ; 2727} 2728 2729CFGBlock *CFGBuilder::VisitDefaultStmt(DefaultStmt *Terminator) { 2730 if (Terminator->getSubStmt()) 2731 addStmt(Terminator->getSubStmt()); 2732 2733 DefaultCaseBlock = Block; 2734 2735 if (!DefaultCaseBlock) 2736 DefaultCaseBlock = createBlock(); 2737 2738 // Default statements partition blocks, so this is the top of the basic block 2739 // we were processing (the "default:" is the label). 2740 DefaultCaseBlock->setLabel(Terminator); 2741 2742 if (badCFG) 2743 return 0; 2744 2745 // Unlike case statements, we don't add the default block to the successors 2746 // for the switch statement immediately. This is done when we finish 2747 // processing the switch statement. This allows for the default case 2748 // (including a fall-through to the code after the switch statement) to always 2749 // be the last successor of a switch-terminated block. 2750 2751 // We set Block to NULL to allow lazy creation of a new block (if necessary) 2752 Block = NULL; 2753 2754 // This block is now the implicit successor of other blocks. 2755 Succ = DefaultCaseBlock; 2756 2757 return DefaultCaseBlock; 2758} 2759 2760CFGBlock *CFGBuilder::VisitCXXTryStmt(CXXTryStmt *Terminator) { 2761 // "try"/"catch" is a control-flow statement. Thus we stop processing the 2762 // current block. 2763 CFGBlock *TrySuccessor = NULL; 2764 2765 if (Block) { 2766 if (badCFG) 2767 return 0; 2768 TrySuccessor = Block; 2769 } else TrySuccessor = Succ; 2770 2771 CFGBlock *PrevTryTerminatedBlock = TryTerminatedBlock; 2772 2773 // Create a new block that will contain the try statement. 2774 CFGBlock *NewTryTerminatedBlock = createBlock(false); 2775 // Add the terminator in the try block. 2776 NewTryTerminatedBlock->setTerminator(Terminator); 2777 2778 bool HasCatchAll = false; 2779 for (unsigned h = 0; h <Terminator->getNumHandlers(); ++h) { 2780 // The code after the try is the implicit successor. 2781 Succ = TrySuccessor; 2782 CXXCatchStmt *CS = Terminator->getHandler(h); 2783 if (CS->getExceptionDecl() == 0) { 2784 HasCatchAll = true; 2785 } 2786 Block = NULL; 2787 CFGBlock *CatchBlock = VisitCXXCatchStmt(CS); 2788 if (CatchBlock == 0) 2789 return 0; 2790 // Add this block to the list of successors for the block with the try 2791 // statement. 2792 addSuccessor(NewTryTerminatedBlock, CatchBlock); 2793 } 2794 if (!HasCatchAll) { 2795 if (PrevTryTerminatedBlock) 2796 addSuccessor(NewTryTerminatedBlock, PrevTryTerminatedBlock); 2797 else 2798 addSuccessor(NewTryTerminatedBlock, &cfg->getExit()); 2799 } 2800 2801 // The code after the try is the implicit successor. 2802 Succ = TrySuccessor; 2803 2804 // Save the current "try" context. 2805 SaveAndRestore<CFGBlock*> save_try(TryTerminatedBlock, NewTryTerminatedBlock); 2806 cfg->addTryDispatchBlock(TryTerminatedBlock); 2807 2808 assert(Terminator->getTryBlock() && "try must contain a non-NULL body"); 2809 Block = NULL; 2810 Block = addStmt(Terminator->getTryBlock()); 2811 return Block; 2812} 2813 2814CFGBlock *CFGBuilder::VisitCXXCatchStmt(CXXCatchStmt *CS) { 2815 // CXXCatchStmt are treated like labels, so they are the first statement in a 2816 // block. 2817 2818 // Save local scope position because in case of exception variable ScopePos 2819 // won't be restored when traversing AST. 2820 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2821 2822 // Create local scope for possible exception variable. 2823 // Store scope position. Add implicit destructor. 2824 if (VarDecl *VD = CS->getExceptionDecl()) { 2825 LocalScope::const_iterator BeginScopePos = ScopePos; 2826 addLocalScopeForVarDecl(VD); 2827 addAutomaticObjDtors(ScopePos, BeginScopePos, CS); 2828 } 2829 2830 if (CS->getHandlerBlock()) 2831 addStmt(CS->getHandlerBlock()); 2832 2833 CFGBlock *CatchBlock = Block; 2834 if (!CatchBlock) 2835 CatchBlock = createBlock(); 2836 2837 // CXXCatchStmt is more than just a label. They have semantic meaning 2838 // as well, as they implicitly "initialize" the catch variable. Add 2839 // it to the CFG as a CFGElement so that the control-flow of these 2840 // semantics gets captured. 2841 appendStmt(CatchBlock, CS); 2842 2843 // Also add the CXXCatchStmt as a label, to mirror handling of regular 2844 // labels. 2845 CatchBlock->setLabel(CS); 2846 2847 // Bail out if the CFG is bad. 2848 if (badCFG) 2849 return 0; 2850 2851 // We set Block to NULL to allow lazy creation of a new block (if necessary) 2852 Block = NULL; 2853 2854 return CatchBlock; 2855} 2856 2857CFGBlock *CFGBuilder::VisitCXXForRangeStmt(CXXForRangeStmt *S) { 2858 // C++0x for-range statements are specified as [stmt.ranged]: 2859 // 2860 // { 2861 // auto && __range = range-init; 2862 // for ( auto __begin = begin-expr, 2863 // __end = end-expr; 2864 // __begin != __end; 2865 // ++__begin ) { 2866 // for-range-declaration = *__begin; 2867 // statement 2868 // } 2869 // } 2870 2871 // Save local scope position before the addition of the implicit variables. 2872 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2873 2874 // Create local scopes and destructors for range, begin and end variables. 2875 if (Stmt *Range = S->getRangeStmt()) 2876 addLocalScopeForStmt(Range); 2877 if (Stmt *BeginEnd = S->getBeginEndStmt()) 2878 addLocalScopeForStmt(BeginEnd); 2879 addAutomaticObjDtors(ScopePos, save_scope_pos.get(), S); 2880 2881 LocalScope::const_iterator ContinueScopePos = ScopePos; 2882 2883 // "for" is a control-flow statement. Thus we stop processing the current 2884 // block. 2885 CFGBlock *LoopSuccessor = NULL; 2886 if (Block) { 2887 if (badCFG) 2888 return 0; 2889 LoopSuccessor = Block; 2890 } else 2891 LoopSuccessor = Succ; 2892 2893 // Save the current value for the break targets. 2894 // All breaks should go to the code following the loop. 2895 SaveAndRestore<JumpTarget> save_break(BreakJumpTarget); 2896 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2897 2898 // The block for the __begin != __end expression. 2899 CFGBlock *ConditionBlock = createBlock(false); 2900 ConditionBlock->setTerminator(S); 2901 2902 // Now add the actual condition to the condition block. 2903 if (Expr *C = S->getCond()) { 2904 Block = ConditionBlock; 2905 CFGBlock *BeginConditionBlock = addStmt(C); 2906 if (badCFG) 2907 return 0; 2908 assert(BeginConditionBlock == ConditionBlock && 2909 "condition block in for-range was unexpectedly complex"); 2910 (void)BeginConditionBlock; 2911 } 2912 2913 // The condition block is the implicit successor for the loop body as well as 2914 // any code above the loop. 2915 Succ = ConditionBlock; 2916 2917 // See if this is a known constant. 2918 TryResult KnownVal(true); 2919 2920 if (S->getCond()) 2921 KnownVal = tryEvaluateBool(S->getCond()); 2922 2923 // Now create the loop body. 2924 { 2925 assert(S->getBody()); 2926 2927 // Save the current values for Block, Succ, and continue targets. 2928 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 2929 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget); 2930 2931 // Generate increment code in its own basic block. This is the target of 2932 // continue statements. 2933 Block = 0; 2934 Succ = addStmt(S->getInc()); 2935 ContinueJumpTarget = JumpTarget(Succ, ContinueScopePos); 2936 2937 // The starting block for the loop increment is the block that should 2938 // represent the 'loop target' for looping back to the start of the loop. 2939 ContinueJumpTarget.block->setLoopTarget(S); 2940 2941 // Finish up the increment block and prepare to start the loop body. 2942 assert(Block); 2943 if (badCFG) 2944 return 0; 2945 Block = 0; 2946 2947 2948 // Add implicit scope and dtors for loop variable. 2949 addLocalScopeAndDtors(S->getLoopVarStmt()); 2950 2951 // Populate a new block to contain the loop body and loop variable. 2952 Block = addStmt(S->getBody()); 2953 if (badCFG) 2954 return 0; 2955 Block = addStmt(S->getLoopVarStmt()); 2956 if (badCFG) 2957 return 0; 2958 2959 // This new body block is a successor to our condition block. 2960 addSuccessor(ConditionBlock, KnownVal.isFalse() ? 0 : Block); 2961 } 2962 2963 // Link up the condition block with the code that follows the loop (the 2964 // false branch). 2965 addSuccessor(ConditionBlock, KnownVal.isTrue() ? 0 : LoopSuccessor); 2966 2967 // Add the initialization statements. 2968 Block = createBlock(); 2969 addStmt(S->getBeginEndStmt()); 2970 return addStmt(S->getRangeStmt()); 2971} 2972 2973CFGBlock *CFGBuilder::VisitExprWithCleanups(ExprWithCleanups *E, 2974 AddStmtChoice asc) { 2975 if (BuildOpts.AddImplicitDtors) { 2976 // If adding implicit destructors visit the full expression for adding 2977 // destructors of temporaries. 2978 VisitForTemporaryDtors(E->getSubExpr()); 2979 2980 // Full expression has to be added as CFGStmt so it will be sequenced 2981 // before destructors of it's temporaries. 2982 asc = asc.withAlwaysAdd(true); 2983 } 2984 return Visit(E->getSubExpr(), asc); 2985} 2986 2987CFGBlock *CFGBuilder::VisitCXXBindTemporaryExpr(CXXBindTemporaryExpr *E, 2988 AddStmtChoice asc) { 2989 if (asc.alwaysAdd(*this, E)) { 2990 autoCreateBlock(); 2991 appendStmt(Block, E); 2992 2993 // We do not want to propagate the AlwaysAdd property. 2994 asc = asc.withAlwaysAdd(false); 2995 } 2996 return Visit(E->getSubExpr(), asc); 2997} 2998 2999CFGBlock *CFGBuilder::VisitCXXConstructExpr(CXXConstructExpr *C, 3000 AddStmtChoice asc) { 3001 autoCreateBlock(); 3002 appendStmt(Block, C); 3003 3004 return VisitChildren(C); 3005} 3006 3007CFGBlock *CFGBuilder::VisitCXXFunctionalCastExpr(CXXFunctionalCastExpr *E, 3008 AddStmtChoice asc) { 3009 if (asc.alwaysAdd(*this, E)) { 3010 autoCreateBlock(); 3011 appendStmt(Block, E); 3012 // We do not want to propagate the AlwaysAdd property. 3013 asc = asc.withAlwaysAdd(false); 3014 } 3015 return Visit(E->getSubExpr(), asc); 3016} 3017 3018CFGBlock *CFGBuilder::VisitCXXTemporaryObjectExpr(CXXTemporaryObjectExpr *C, 3019 AddStmtChoice asc) { 3020 autoCreateBlock(); 3021 appendStmt(Block, C); 3022 return VisitChildren(C); 3023} 3024 3025CFGBlock *CFGBuilder::VisitImplicitCastExpr(ImplicitCastExpr *E, 3026 AddStmtChoice asc) { 3027 if (asc.alwaysAdd(*this, E)) { 3028 autoCreateBlock(); 3029 appendStmt(Block, E); 3030 } 3031 return Visit(E->getSubExpr(), AddStmtChoice()); 3032} 3033 3034CFGBlock *CFGBuilder::VisitIndirectGotoStmt(IndirectGotoStmt *I) { 3035 // Lazily create the indirect-goto dispatch block if there isn't one already. 3036 CFGBlock *IBlock = cfg->getIndirectGotoBlock(); 3037 3038 if (!IBlock) { 3039 IBlock = createBlock(false); 3040 cfg->setIndirectGotoBlock(IBlock); 3041 } 3042 3043 // IndirectGoto is a control-flow statement. Thus we stop processing the 3044 // current block and create a new one. 3045 if (badCFG) 3046 return 0; 3047 3048 Block = createBlock(false); 3049 Block->setTerminator(I); 3050 addSuccessor(Block, IBlock); 3051 return addStmt(I->getTarget()); 3052} 3053 3054CFGBlock *CFGBuilder::VisitForTemporaryDtors(Stmt *E, bool BindToTemporary) { 3055tryAgain: 3056 if (!E) { 3057 badCFG = true; 3058 return NULL; 3059 } 3060 switch (E->getStmtClass()) { 3061 default: 3062 return VisitChildrenForTemporaryDtors(E); 3063 3064 case Stmt::BinaryOperatorClass: 3065 return VisitBinaryOperatorForTemporaryDtors(cast<BinaryOperator>(E)); 3066 3067 case Stmt::CXXBindTemporaryExprClass: 3068 return VisitCXXBindTemporaryExprForTemporaryDtors( 3069 cast<CXXBindTemporaryExpr>(E), BindToTemporary); 3070 3071 case Stmt::BinaryConditionalOperatorClass: 3072 case Stmt::ConditionalOperatorClass: 3073 return VisitConditionalOperatorForTemporaryDtors( 3074 cast<AbstractConditionalOperator>(E), BindToTemporary); 3075 3076 case Stmt::ImplicitCastExprClass: 3077 // For implicit cast we want BindToTemporary to be passed further. 3078 E = cast<CastExpr>(E)->getSubExpr(); 3079 goto tryAgain; 3080 3081 case Stmt::ParenExprClass: 3082 E = cast<ParenExpr>(E)->getSubExpr(); 3083 goto tryAgain; 3084 3085 case Stmt::MaterializeTemporaryExprClass: 3086 E = cast<MaterializeTemporaryExpr>(E)->GetTemporaryExpr(); 3087 goto tryAgain; 3088 } 3089} 3090 3091CFGBlock *CFGBuilder::VisitChildrenForTemporaryDtors(Stmt *E) { 3092 // When visiting children for destructors we want to visit them in reverse 3093 // order. Because there's no reverse iterator for children must to reverse 3094 // them in helper vector. 3095 typedef SmallVector<Stmt *, 4> ChildrenVect; 3096 ChildrenVect ChildrenRev; 3097 for (Stmt::child_range I = E->children(); I; ++I) { 3098 if (*I) ChildrenRev.push_back(*I); 3099 } 3100 3101 CFGBlock *B = Block; 3102 for (ChildrenVect::reverse_iterator I = ChildrenRev.rbegin(), 3103 L = ChildrenRev.rend(); I != L; ++I) { 3104 if (CFGBlock *R = VisitForTemporaryDtors(*I)) 3105 B = R; 3106 } 3107 return B; 3108} 3109 3110CFGBlock *CFGBuilder::VisitBinaryOperatorForTemporaryDtors(BinaryOperator *E) { 3111 if (E->isLogicalOp()) { 3112 // Destructors for temporaries in LHS expression should be called after 3113 // those for RHS expression. Even if this will unnecessarily create a block, 3114 // this block will be used at least by the full expression. 3115 autoCreateBlock(); 3116 CFGBlock *ConfluenceBlock = VisitForTemporaryDtors(E->getLHS()); 3117 if (badCFG) 3118 return NULL; 3119 3120 Succ = ConfluenceBlock; 3121 Block = NULL; 3122 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getRHS()); 3123 3124 if (RHSBlock) { 3125 if (badCFG) 3126 return NULL; 3127 3128 // If RHS expression did produce destructors we need to connect created 3129 // blocks to CFG in same manner as for binary operator itself. 3130 CFGBlock *LHSBlock = createBlock(false); 3131 LHSBlock->setTerminator(CFGTerminator(E, true)); 3132 3133 // For binary operator LHS block is before RHS in list of predecessors 3134 // of ConfluenceBlock. 3135 std::reverse(ConfluenceBlock->pred_begin(), 3136 ConfluenceBlock->pred_end()); 3137 3138 // See if this is a known constant. 3139 TryResult KnownVal = tryEvaluateBool(E->getLHS()); 3140 if (KnownVal.isKnown() && (E->getOpcode() == BO_LOr)) 3141 KnownVal.negate(); 3142 3143 // Link LHSBlock with RHSBlock exactly the same way as for binary operator 3144 // itself. 3145 if (E->getOpcode() == BO_LOr) { 3146 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : ConfluenceBlock); 3147 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : RHSBlock); 3148 } else { 3149 assert (E->getOpcode() == BO_LAnd); 3150 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : RHSBlock); 3151 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : ConfluenceBlock); 3152 } 3153 3154 Block = LHSBlock; 3155 return LHSBlock; 3156 } 3157 3158 Block = ConfluenceBlock; 3159 return ConfluenceBlock; 3160 } 3161 3162 if (E->isAssignmentOp()) { 3163 // For assignment operator (=) LHS expression is visited 3164 // before RHS expression. For destructors visit them in reverse order. 3165 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getRHS()); 3166 CFGBlock *LHSBlock = VisitForTemporaryDtors(E->getLHS()); 3167 return LHSBlock ? LHSBlock : RHSBlock; 3168 } 3169 3170 // For any other binary operator RHS expression is visited before 3171 // LHS expression (order of children). For destructors visit them in reverse 3172 // order. 3173 CFGBlock *LHSBlock = VisitForTemporaryDtors(E->getLHS()); 3174 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getRHS()); 3175 return RHSBlock ? RHSBlock : LHSBlock; 3176} 3177 3178CFGBlock *CFGBuilder::VisitCXXBindTemporaryExprForTemporaryDtors( 3179 CXXBindTemporaryExpr *E, bool BindToTemporary) { 3180 // First add destructors for temporaries in subexpression. 3181 CFGBlock *B = VisitForTemporaryDtors(E->getSubExpr()); 3182 if (!BindToTemporary) { 3183 // If lifetime of temporary is not prolonged (by assigning to constant 3184 // reference) add destructor for it. 3185 3186 // If the destructor is marked as a no-return destructor, we need to create 3187 // a new block for the destructor which does not have as a successor 3188 // anything built thus far. Control won't flow out of this block. 3189 const CXXDestructorDecl *Dtor = E->getTemporary()->getDestructor(); 3190 if (cast<FunctionType>(Dtor->getType())->getNoReturnAttr()) 3191 Block = createNoReturnBlock(); 3192 else 3193 autoCreateBlock(); 3194 3195 appendTemporaryDtor(Block, E); 3196 B = Block; 3197 } 3198 return B; 3199} 3200 3201CFGBlock *CFGBuilder::VisitConditionalOperatorForTemporaryDtors( 3202 AbstractConditionalOperator *E, bool BindToTemporary) { 3203 // First add destructors for condition expression. Even if this will 3204 // unnecessarily create a block, this block will be used at least by the full 3205 // expression. 3206 autoCreateBlock(); 3207 CFGBlock *ConfluenceBlock = VisitForTemporaryDtors(E->getCond()); 3208 if (badCFG) 3209 return NULL; 3210 if (BinaryConditionalOperator *BCO 3211 = dyn_cast<BinaryConditionalOperator>(E)) { 3212 ConfluenceBlock = VisitForTemporaryDtors(BCO->getCommon()); 3213 if (badCFG) 3214 return NULL; 3215 } 3216 3217 // Try to add block with destructors for LHS expression. 3218 CFGBlock *LHSBlock = NULL; 3219 Succ = ConfluenceBlock; 3220 Block = NULL; 3221 LHSBlock = VisitForTemporaryDtors(E->getTrueExpr(), BindToTemporary); 3222 if (badCFG) 3223 return NULL; 3224 3225 // Try to add block with destructors for RHS expression; 3226 Succ = ConfluenceBlock; 3227 Block = NULL; 3228 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getFalseExpr(), 3229 BindToTemporary); 3230 if (badCFG) 3231 return NULL; 3232 3233 if (!RHSBlock && !LHSBlock) { 3234 // If neither LHS nor RHS expression had temporaries to destroy don't create 3235 // more blocks. 3236 Block = ConfluenceBlock; 3237 return Block; 3238 } 3239 3240 Block = createBlock(false); 3241 Block->setTerminator(CFGTerminator(E, true)); 3242 3243 // See if this is a known constant. 3244 const TryResult &KnownVal = tryEvaluateBool(E->getCond()); 3245 3246 if (LHSBlock) { 3247 addSuccessor(Block, KnownVal.isFalse() ? NULL : LHSBlock); 3248 } else if (KnownVal.isFalse()) { 3249 addSuccessor(Block, NULL); 3250 } else { 3251 addSuccessor(Block, ConfluenceBlock); 3252 std::reverse(ConfluenceBlock->pred_begin(), ConfluenceBlock->pred_end()); 3253 } 3254 3255 if (!RHSBlock) 3256 RHSBlock = ConfluenceBlock; 3257 addSuccessor(Block, KnownVal.isTrue() ? NULL : RHSBlock); 3258 3259 return Block; 3260} 3261 3262} // end anonymous namespace 3263 3264/// createBlock - Constructs and adds a new CFGBlock to the CFG. The block has 3265/// no successors or predecessors. If this is the first block created in the 3266/// CFG, it is automatically set to be the Entry and Exit of the CFG. 3267CFGBlock *CFG::createBlock() { 3268 bool first_block = begin() == end(); 3269 3270 // Create the block. 3271 CFGBlock *Mem = getAllocator().Allocate<CFGBlock>(); 3272 new (Mem) CFGBlock(NumBlockIDs++, BlkBVC, this); 3273 Blocks.push_back(Mem, BlkBVC); 3274 3275 // If this is the first block, set it as the Entry and Exit. 3276 if (first_block) 3277 Entry = Exit = &back(); 3278 3279 // Return the block. 3280 return &back(); 3281} 3282 3283/// buildCFG - Constructs a CFG from an AST. Ownership of the returned 3284/// CFG is returned to the caller. 3285CFG* CFG::buildCFG(const Decl *D, Stmt *Statement, ASTContext *C, 3286 const BuildOptions &BO) { 3287 CFGBuilder Builder(C, BO); 3288 return Builder.buildCFG(D, Statement); 3289} 3290 3291const CXXDestructorDecl * 3292CFGImplicitDtor::getDestructorDecl(ASTContext &astContext) const { 3293 switch (getKind()) { 3294 case CFGElement::Invalid: 3295 case CFGElement::Statement: 3296 case CFGElement::Initializer: 3297 llvm_unreachable("getDestructorDecl should only be used with " 3298 "ImplicitDtors"); 3299 case CFGElement::AutomaticObjectDtor: { 3300 const VarDecl *var = cast<CFGAutomaticObjDtor>(this)->getVarDecl(); 3301 QualType ty = var->getType(); 3302 ty = ty.getNonReferenceType(); 3303 while (const ArrayType *arrayType = astContext.getAsArrayType(ty)) { 3304 ty = arrayType->getElementType(); 3305 } 3306 const RecordType *recordType = ty->getAs<RecordType>(); 3307 const CXXRecordDecl *classDecl = 3308 cast<CXXRecordDecl>(recordType->getDecl()); 3309 return classDecl->getDestructor(); 3310 } 3311 case CFGElement::TemporaryDtor: { 3312 const CXXBindTemporaryExpr *bindExpr = 3313 cast<CFGTemporaryDtor>(this)->getBindTemporaryExpr(); 3314 const CXXTemporary *temp = bindExpr->getTemporary(); 3315 return temp->getDestructor(); 3316 } 3317 case CFGElement::BaseDtor: 3318 case CFGElement::MemberDtor: 3319 3320 // Not yet supported. 3321 return 0; 3322 } 3323 llvm_unreachable("getKind() returned bogus value"); 3324} 3325 3326bool CFGImplicitDtor::isNoReturn(ASTContext &astContext) const { 3327 if (const CXXDestructorDecl *decl = getDestructorDecl(astContext)) { 3328 QualType ty = decl->getType(); 3329 return cast<FunctionType>(ty)->getNoReturnAttr(); 3330 } 3331 return false; 3332} 3333 3334//===----------------------------------------------------------------------===// 3335// CFG: Queries for BlkExprs. 3336//===----------------------------------------------------------------------===// 3337 3338namespace { 3339 typedef llvm::DenseMap<const Stmt*,unsigned> BlkExprMapTy; 3340} 3341 3342static void FindSubExprAssignments(const Stmt *S, 3343 llvm::SmallPtrSet<const Expr*,50>& Set) { 3344 if (!S) 3345 return; 3346 3347 for (Stmt::const_child_range I = S->children(); I; ++I) { 3348 const Stmt *child = *I; 3349 if (!child) 3350 continue; 3351 3352 if (const BinaryOperator* B = dyn_cast<BinaryOperator>(child)) 3353 if (B->isAssignmentOp()) Set.insert(B); 3354 3355 FindSubExprAssignments(child, Set); 3356 } 3357} 3358 3359static BlkExprMapTy* PopulateBlkExprMap(CFG& cfg) { 3360 BlkExprMapTy* M = new BlkExprMapTy(); 3361 3362 // Look for assignments that are used as subexpressions. These are the only 3363 // assignments that we want to *possibly* register as a block-level 3364 // expression. Basically, if an assignment occurs both in a subexpression and 3365 // at the block-level, it is a block-level expression. 3366 llvm::SmallPtrSet<const Expr*,50> SubExprAssignments; 3367 3368 for (CFG::iterator I=cfg.begin(), E=cfg.end(); I != E; ++I) 3369 for (CFGBlock::iterator BI=(*I)->begin(), EI=(*I)->end(); BI != EI; ++BI) 3370 if (const CFGStmt *S = BI->getAs<CFGStmt>()) 3371 FindSubExprAssignments(S->getStmt(), SubExprAssignments); 3372 3373 for (CFG::iterator I=cfg.begin(), E=cfg.end(); I != E; ++I) { 3374 3375 // Iterate over the statements again on identify the Expr* and Stmt* at the 3376 // block-level that are block-level expressions. 3377 3378 for (CFGBlock::iterator BI=(*I)->begin(), EI=(*I)->end(); BI != EI; ++BI) { 3379 const CFGStmt *CS = BI->getAs<CFGStmt>(); 3380 if (!CS) 3381 continue; 3382 if (const Expr *Exp = dyn_cast<Expr>(CS->getStmt())) { 3383 assert((Exp->IgnoreParens() == Exp) && "No parens on block-level exps"); 3384 3385 if (const BinaryOperator* B = dyn_cast<BinaryOperator>(Exp)) { 3386 // Assignment expressions that are not nested within another 3387 // expression are really "statements" whose value is never used by 3388 // another expression. 3389 if (B->isAssignmentOp() && !SubExprAssignments.count(Exp)) 3390 continue; 3391 } else if (const StmtExpr *SE = dyn_cast<StmtExpr>(Exp)) { 3392 // Special handling for statement expressions. The last statement in 3393 // the statement expression is also a block-level expr. 3394 const CompoundStmt *C = SE->getSubStmt(); 3395 if (!C->body_empty()) { 3396 const Stmt *Last = C->body_back(); 3397 if (const Expr *LastEx = dyn_cast<Expr>(Last)) 3398 Last = LastEx->IgnoreParens(); 3399 unsigned x = M->size(); 3400 (*M)[Last] = x; 3401 } 3402 } 3403 3404 unsigned x = M->size(); 3405 (*M)[Exp] = x; 3406 } 3407 } 3408 3409 // Look at terminators. The condition is a block-level expression. 3410 3411 Stmt *S = (*I)->getTerminatorCondition(); 3412 3413 if (S && M->find(S) == M->end()) { 3414 unsigned x = M->size(); 3415 (*M)[S] = x; 3416 } 3417 } 3418 3419 return M; 3420} 3421 3422CFG::BlkExprNumTy CFG::getBlkExprNum(const Stmt *S) { 3423 assert(S != NULL); 3424 if (!BlkExprMap) { BlkExprMap = (void*) PopulateBlkExprMap(*this); } 3425 3426 BlkExprMapTy* M = reinterpret_cast<BlkExprMapTy*>(BlkExprMap); 3427 BlkExprMapTy::iterator I = M->find(S); 3428 return (I == M->end()) ? CFG::BlkExprNumTy() : CFG::BlkExprNumTy(I->second); 3429} 3430 3431unsigned CFG::getNumBlkExprs() { 3432 if (const BlkExprMapTy* M = reinterpret_cast<const BlkExprMapTy*>(BlkExprMap)) 3433 return M->size(); 3434 3435 // We assume callers interested in the number of BlkExprs will want 3436 // the map constructed if it doesn't already exist. 3437 BlkExprMap = (void*) PopulateBlkExprMap(*this); 3438 return reinterpret_cast<BlkExprMapTy*>(BlkExprMap)->size(); 3439} 3440 3441//===----------------------------------------------------------------------===// 3442// Filtered walking of the CFG. 3443//===----------------------------------------------------------------------===// 3444 3445bool CFGBlock::FilterEdge(const CFGBlock::FilterOptions &F, 3446 const CFGBlock *From, const CFGBlock *To) { 3447 3448 if (To && F.IgnoreDefaultsWithCoveredEnums) { 3449 // If the 'To' has no label or is labeled but the label isn't a 3450 // CaseStmt then filter this edge. 3451 if (const SwitchStmt *S = 3452 dyn_cast_or_null<SwitchStmt>(From->getTerminator().getStmt())) { 3453 if (S->isAllEnumCasesCovered()) { 3454 const Stmt *L = To->getLabel(); 3455 if (!L || !isa<CaseStmt>(L)) 3456 return true; 3457 } 3458 } 3459 } 3460 3461 return false; 3462} 3463 3464//===----------------------------------------------------------------------===// 3465// Cleanup: CFG dstor. 3466//===----------------------------------------------------------------------===// 3467 3468CFG::~CFG() { 3469 delete reinterpret_cast<const BlkExprMapTy*>(BlkExprMap); 3470} 3471 3472//===----------------------------------------------------------------------===// 3473// CFG pretty printing 3474//===----------------------------------------------------------------------===// 3475 3476namespace { 3477 3478class StmtPrinterHelper : public PrinterHelper { 3479 typedef llvm::DenseMap<const Stmt*,std::pair<unsigned,unsigned> > StmtMapTy; 3480 typedef llvm::DenseMap<const Decl*,std::pair<unsigned,unsigned> > DeclMapTy; 3481 StmtMapTy StmtMap; 3482 DeclMapTy DeclMap; 3483 signed currentBlock; 3484 unsigned currStmt; 3485 const LangOptions &LangOpts; 3486public: 3487 3488 StmtPrinterHelper(const CFG* cfg, const LangOptions &LO) 3489 : currentBlock(0), currStmt(0), LangOpts(LO) 3490 { 3491 for (CFG::const_iterator I = cfg->begin(), E = cfg->end(); I != E; ++I ) { 3492 unsigned j = 1; 3493 for (CFGBlock::const_iterator BI = (*I)->begin(), BEnd = (*I)->end() ; 3494 BI != BEnd; ++BI, ++j ) { 3495 if (const CFGStmt *SE = BI->getAs<CFGStmt>()) { 3496 const Stmt *stmt= SE->getStmt(); 3497 std::pair<unsigned, unsigned> P((*I)->getBlockID(), j); 3498 StmtMap[stmt] = P; 3499 3500 switch (stmt->getStmtClass()) { 3501 case Stmt::DeclStmtClass: 3502 DeclMap[cast<DeclStmt>(stmt)->getSingleDecl()] = P; 3503 break; 3504 case Stmt::IfStmtClass: { 3505 const VarDecl *var = cast<IfStmt>(stmt)->getConditionVariable(); 3506 if (var) 3507 DeclMap[var] = P; 3508 break; 3509 } 3510 case Stmt::ForStmtClass: { 3511 const VarDecl *var = cast<ForStmt>(stmt)->getConditionVariable(); 3512 if (var) 3513 DeclMap[var] = P; 3514 break; 3515 } 3516 case Stmt::WhileStmtClass: { 3517 const VarDecl *var = 3518 cast<WhileStmt>(stmt)->getConditionVariable(); 3519 if (var) 3520 DeclMap[var] = P; 3521 break; 3522 } 3523 case Stmt::SwitchStmtClass: { 3524 const VarDecl *var = 3525 cast<SwitchStmt>(stmt)->getConditionVariable(); 3526 if (var) 3527 DeclMap[var] = P; 3528 break; 3529 } 3530 case Stmt::CXXCatchStmtClass: { 3531 const VarDecl *var = 3532 cast<CXXCatchStmt>(stmt)->getExceptionDecl(); 3533 if (var) 3534 DeclMap[var] = P; 3535 break; 3536 } 3537 default: 3538 break; 3539 } 3540 } 3541 } 3542 } 3543 } 3544 3545 3546 virtual ~StmtPrinterHelper() {} 3547 3548 const LangOptions &getLangOpts() const { return LangOpts; } 3549 void setBlockID(signed i) { currentBlock = i; } 3550 void setStmtID(unsigned i) { currStmt = i; } 3551 3552 virtual bool handledStmt(Stmt *S, raw_ostream &OS) { 3553 StmtMapTy::iterator I = StmtMap.find(S); 3554 3555 if (I == StmtMap.end()) 3556 return false; 3557 3558 if (currentBlock >= 0 && I->second.first == (unsigned) currentBlock 3559 && I->second.second == currStmt) { 3560 return false; 3561 } 3562 3563 OS << "[B" << I->second.first << "." << I->second.second << "]"; 3564 return true; 3565 } 3566 3567 bool handleDecl(const Decl *D, raw_ostream &OS) { 3568 DeclMapTy::iterator I = DeclMap.find(D); 3569 3570 if (I == DeclMap.end()) 3571 return false; 3572 3573 if (currentBlock >= 0 && I->second.first == (unsigned) currentBlock 3574 && I->second.second == currStmt) { 3575 return false; 3576 } 3577 3578 OS << "[B" << I->second.first << "." << I->second.second << "]"; 3579 return true; 3580 } 3581}; 3582} // end anonymous namespace 3583 3584 3585namespace { 3586class CFGBlockTerminatorPrint 3587 : public StmtVisitor<CFGBlockTerminatorPrint,void> { 3588 3589 raw_ostream &OS; 3590 StmtPrinterHelper* Helper; 3591 PrintingPolicy Policy; 3592public: 3593 CFGBlockTerminatorPrint(raw_ostream &os, StmtPrinterHelper* helper, 3594 const PrintingPolicy &Policy) 3595 : OS(os), Helper(helper), Policy(Policy) {} 3596 3597 void VisitIfStmt(IfStmt *I) { 3598 OS << "if "; 3599 I->getCond()->printPretty(OS,Helper,Policy); 3600 } 3601 3602 // Default case. 3603 void VisitStmt(Stmt *Terminator) { 3604 Terminator->printPretty(OS, Helper, Policy); 3605 } 3606 3607 void VisitForStmt(ForStmt *F) { 3608 OS << "for (" ; 3609 if (F->getInit()) 3610 OS << "..."; 3611 OS << "; "; 3612 if (Stmt *C = F->getCond()) 3613 C->printPretty(OS, Helper, Policy); 3614 OS << "; "; 3615 if (F->getInc()) 3616 OS << "..."; 3617 OS << ")"; 3618 } 3619 3620 void VisitWhileStmt(WhileStmt *W) { 3621 OS << "while " ; 3622 if (Stmt *C = W->getCond()) 3623 C->printPretty(OS, Helper, Policy); 3624 } 3625 3626 void VisitDoStmt(DoStmt *D) { 3627 OS << "do ... while "; 3628 if (Stmt *C = D->getCond()) 3629 C->printPretty(OS, Helper, Policy); 3630 } 3631 3632 void VisitSwitchStmt(SwitchStmt *Terminator) { 3633 OS << "switch "; 3634 Terminator->getCond()->printPretty(OS, Helper, Policy); 3635 } 3636 3637 void VisitCXXTryStmt(CXXTryStmt *CS) { 3638 OS << "try ..."; 3639 } 3640 3641 void VisitAbstractConditionalOperator(AbstractConditionalOperator* C) { 3642 C->getCond()->printPretty(OS, Helper, Policy); 3643 OS << " ? ... : ..."; 3644 } 3645 3646 void VisitChooseExpr(ChooseExpr *C) { 3647 OS << "__builtin_choose_expr( "; 3648 C->getCond()->printPretty(OS, Helper, Policy); 3649 OS << " )"; 3650 } 3651 3652 void VisitIndirectGotoStmt(IndirectGotoStmt *I) { 3653 OS << "goto *"; 3654 I->getTarget()->printPretty(OS, Helper, Policy); 3655 } 3656 3657 void VisitBinaryOperator(BinaryOperator* B) { 3658 if (!B->isLogicalOp()) { 3659 VisitExpr(B); 3660 return; 3661 } 3662 3663 B->getLHS()->printPretty(OS, Helper, Policy); 3664 3665 switch (B->getOpcode()) { 3666 case BO_LOr: 3667 OS << " || ..."; 3668 return; 3669 case BO_LAnd: 3670 OS << " && ..."; 3671 return; 3672 default: 3673 llvm_unreachable("Invalid logical operator."); 3674 } 3675 } 3676 3677 void VisitExpr(Expr *E) { 3678 E->printPretty(OS, Helper, Policy); 3679 } 3680}; 3681} // end anonymous namespace 3682 3683static void print_elem(raw_ostream &OS, StmtPrinterHelper* Helper, 3684 const CFGElement &E) { 3685 if (const CFGStmt *CS = E.getAs<CFGStmt>()) { 3686 const Stmt *S = CS->getStmt(); 3687 3688 if (Helper) { 3689 3690 // special printing for statement-expressions. 3691 if (const StmtExpr *SE = dyn_cast<StmtExpr>(S)) { 3692 const CompoundStmt *Sub = SE->getSubStmt(); 3693 3694 if (Sub->children()) { 3695 OS << "({ ... ; "; 3696 Helper->handledStmt(*SE->getSubStmt()->body_rbegin(),OS); 3697 OS << " })\n"; 3698 return; 3699 } 3700 } 3701 // special printing for comma expressions. 3702 if (const BinaryOperator* B = dyn_cast<BinaryOperator>(S)) { 3703 if (B->getOpcode() == BO_Comma) { 3704 OS << "... , "; 3705 Helper->handledStmt(B->getRHS(),OS); 3706 OS << '\n'; 3707 return; 3708 } 3709 } 3710 } 3711 S->printPretty(OS, Helper, PrintingPolicy(Helper->getLangOpts())); 3712 3713 if (isa<CXXOperatorCallExpr>(S)) { 3714 OS << " (OperatorCall)"; 3715 } 3716 else if (isa<CXXBindTemporaryExpr>(S)) { 3717 OS << " (BindTemporary)"; 3718 } 3719 else if (const CXXConstructExpr *CCE = dyn_cast<CXXConstructExpr>(S)) { 3720 OS << " (CXXConstructExpr, " << CCE->getType().getAsString() << ")"; 3721 } 3722 else if (const CastExpr *CE = dyn_cast<CastExpr>(S)) { 3723 OS << " (" << CE->getStmtClassName() << ", " 3724 << CE->getCastKindName() 3725 << ", " << CE->getType().getAsString() 3726 << ")"; 3727 } 3728 3729 // Expressions need a newline. 3730 if (isa<Expr>(S)) 3731 OS << '\n'; 3732 3733 } else if (const CFGInitializer *IE = E.getAs<CFGInitializer>()) { 3734 const CXXCtorInitializer *I = IE->getInitializer(); 3735 if (I->isBaseInitializer()) 3736 OS << I->getBaseClass()->getAsCXXRecordDecl()->getName(); 3737 else OS << I->getAnyMember()->getName(); 3738 3739 OS << "("; 3740 if (Expr *IE = I->getInit()) 3741 IE->printPretty(OS, Helper, PrintingPolicy(Helper->getLangOpts())); 3742 OS << ")"; 3743 3744 if (I->isBaseInitializer()) 3745 OS << " (Base initializer)\n"; 3746 else OS << " (Member initializer)\n"; 3747 3748 } else if (const CFGAutomaticObjDtor *DE = E.getAs<CFGAutomaticObjDtor>()){ 3749 const VarDecl *VD = DE->getVarDecl(); 3750 Helper->handleDecl(VD, OS); 3751 3752 const Type* T = VD->getType().getTypePtr(); 3753 if (const ReferenceType* RT = T->getAs<ReferenceType>()) 3754 T = RT->getPointeeType().getTypePtr(); 3755 T = T->getBaseElementTypeUnsafe(); 3756 3757 OS << ".~" << T->getAsCXXRecordDecl()->getName().str() << "()"; 3758 OS << " (Implicit destructor)\n"; 3759 3760 } else if (const CFGBaseDtor *BE = E.getAs<CFGBaseDtor>()) { 3761 const CXXBaseSpecifier *BS = BE->getBaseSpecifier(); 3762 OS << "~" << BS->getType()->getAsCXXRecordDecl()->getName() << "()"; 3763 OS << " (Base object destructor)\n"; 3764 3765 } else if (const CFGMemberDtor *ME = E.getAs<CFGMemberDtor>()) { 3766 const FieldDecl *FD = ME->getFieldDecl(); 3767 const Type *T = FD->getType()->getBaseElementTypeUnsafe(); 3768 OS << "this->" << FD->getName(); 3769 OS << ".~" << T->getAsCXXRecordDecl()->getName() << "()"; 3770 OS << " (Member object destructor)\n"; 3771 3772 } else if (const CFGTemporaryDtor *TE = E.getAs<CFGTemporaryDtor>()) { 3773 const CXXBindTemporaryExpr *BT = TE->getBindTemporaryExpr(); 3774 OS << "~" << BT->getType()->getAsCXXRecordDecl()->getName() << "()"; 3775 OS << " (Temporary object destructor)\n"; 3776 } 3777} 3778 3779static void print_block(raw_ostream &OS, const CFG* cfg, 3780 const CFGBlock &B, 3781 StmtPrinterHelper* Helper, bool print_edges, 3782 bool ShowColors) { 3783 3784 if (Helper) 3785 Helper->setBlockID(B.getBlockID()); 3786 3787 // Print the header. 3788 if (ShowColors) 3789 OS.changeColor(raw_ostream::YELLOW, true); 3790 3791 OS << "\n [B" << B.getBlockID(); 3792 3793 if (&B == &cfg->getEntry()) 3794 OS << " (ENTRY)]\n"; 3795 else if (&B == &cfg->getExit()) 3796 OS << " (EXIT)]\n"; 3797 else if (&B == cfg->getIndirectGotoBlock()) 3798 OS << " (INDIRECT GOTO DISPATCH)]\n"; 3799 else 3800 OS << "]\n"; 3801 3802 if (ShowColors) 3803 OS.resetColor(); 3804 3805 // Print the label of this block. 3806 if (Stmt *Label = const_cast<Stmt*>(B.getLabel())) { 3807 3808 if (print_edges) 3809 OS << " "; 3810 3811 if (LabelStmt *L = dyn_cast<LabelStmt>(Label)) 3812 OS << L->getName(); 3813 else if (CaseStmt *C = dyn_cast<CaseStmt>(Label)) { 3814 OS << "case "; 3815 C->getLHS()->printPretty(OS, Helper, 3816 PrintingPolicy(Helper->getLangOpts())); 3817 if (C->getRHS()) { 3818 OS << " ... "; 3819 C->getRHS()->printPretty(OS, Helper, 3820 PrintingPolicy(Helper->getLangOpts())); 3821 } 3822 } else if (isa<DefaultStmt>(Label)) 3823 OS << "default"; 3824 else if (CXXCatchStmt *CS = dyn_cast<CXXCatchStmt>(Label)) { 3825 OS << "catch ("; 3826 if (CS->getExceptionDecl()) 3827 CS->getExceptionDecl()->print(OS, PrintingPolicy(Helper->getLangOpts()), 3828 0); 3829 else 3830 OS << "..."; 3831 OS << ")"; 3832 3833 } else 3834 llvm_unreachable("Invalid label statement in CFGBlock."); 3835 3836 OS << ":\n"; 3837 } 3838 3839 // Iterate through the statements in the block and print them. 3840 unsigned j = 1; 3841 3842 for (CFGBlock::const_iterator I = B.begin(), E = B.end() ; 3843 I != E ; ++I, ++j ) { 3844 3845 // Print the statement # in the basic block and the statement itself. 3846 if (print_edges) 3847 OS << " "; 3848 3849 OS << llvm::format("%3d", j) << ": "; 3850 3851 if (Helper) 3852 Helper->setStmtID(j); 3853 3854 print_elem(OS, Helper, *I); 3855 } 3856 3857 // Print the terminator of this block. 3858 if (B.getTerminator()) { 3859 if (ShowColors) 3860 OS.changeColor(raw_ostream::GREEN); 3861 3862 OS << " T: "; 3863 3864 if (Helper) Helper->setBlockID(-1); 3865 3866 CFGBlockTerminatorPrint TPrinter(OS, Helper, 3867 PrintingPolicy(Helper->getLangOpts())); 3868 TPrinter.Visit(const_cast<Stmt*>(B.getTerminator().getStmt())); 3869 OS << '\n'; 3870 3871 if (ShowColors) 3872 OS.resetColor(); 3873 } 3874 3875 if (print_edges) { 3876 // Print the predecessors of this block. 3877 if (!B.pred_empty()) { 3878 const raw_ostream::Colors Color = raw_ostream::BLUE; 3879 if (ShowColors) 3880 OS.changeColor(Color); 3881 OS << " Preds " ; 3882 if (ShowColors) 3883 OS.resetColor(); 3884 OS << '(' << B.pred_size() << "):"; 3885 unsigned i = 0; 3886 3887 if (ShowColors) 3888 OS.changeColor(Color); 3889 3890 for (CFGBlock::const_pred_iterator I = B.pred_begin(), E = B.pred_end(); 3891 I != E; ++I, ++i) { 3892 3893 if (i == 8 || (i-8) == 0) 3894 OS << "\n "; 3895 3896 OS << " B" << (*I)->getBlockID(); 3897 } 3898 3899 if (ShowColors) 3900 OS.resetColor(); 3901 3902 OS << '\n'; 3903 } 3904 3905 // Print the successors of this block. 3906 if (!B.succ_empty()) { 3907 const raw_ostream::Colors Color = raw_ostream::MAGENTA; 3908 if (ShowColors) 3909 OS.changeColor(Color); 3910 OS << " Succs "; 3911 if (ShowColors) 3912 OS.resetColor(); 3913 OS << '(' << B.succ_size() << "):"; 3914 unsigned i = 0; 3915 3916 if (ShowColors) 3917 OS.changeColor(Color); 3918 3919 for (CFGBlock::const_succ_iterator I = B.succ_begin(), E = B.succ_end(); 3920 I != E; ++I, ++i) { 3921 3922 if (i == 8 || (i-8) % 10 == 0) 3923 OS << "\n "; 3924 3925 if (*I) 3926 OS << " B" << (*I)->getBlockID(); 3927 else 3928 OS << " NULL"; 3929 } 3930 3931 if (ShowColors) 3932 OS.resetColor(); 3933 OS << '\n'; 3934 } 3935 } 3936} 3937 3938 3939/// dump - A simple pretty printer of a CFG that outputs to stderr. 3940void CFG::dump(const LangOptions &LO, bool ShowColors) const { 3941 print(llvm::errs(), LO, ShowColors); 3942} 3943 3944/// print - A simple pretty printer of a CFG that outputs to an ostream. 3945void CFG::print(raw_ostream &OS, const LangOptions &LO, bool ShowColors) const { 3946 StmtPrinterHelper Helper(this, LO); 3947 3948 // Print the entry block. 3949 print_block(OS, this, getEntry(), &Helper, true, ShowColors); 3950 3951 // Iterate through the CFGBlocks and print them one by one. 3952 for (const_iterator I = Blocks.begin(), E = Blocks.end() ; I != E ; ++I) { 3953 // Skip the entry block, because we already printed it. 3954 if (&(**I) == &getEntry() || &(**I) == &getExit()) 3955 continue; 3956 3957 print_block(OS, this, **I, &Helper, true, ShowColors); 3958 } 3959 3960 // Print the exit block. 3961 print_block(OS, this, getExit(), &Helper, true, ShowColors); 3962 OS << '\n'; 3963 OS.flush(); 3964} 3965 3966/// dump - A simply pretty printer of a CFGBlock that outputs to stderr. 3967void CFGBlock::dump(const CFG* cfg, const LangOptions &LO, 3968 bool ShowColors) const { 3969 print(llvm::errs(), cfg, LO, ShowColors); 3970} 3971 3972/// print - A simple pretty printer of a CFGBlock that outputs to an ostream. 3973/// Generally this will only be called from CFG::print. 3974void CFGBlock::print(raw_ostream &OS, const CFG* cfg, 3975 const LangOptions &LO, bool ShowColors) const { 3976 StmtPrinterHelper Helper(cfg, LO); 3977 print_block(OS, cfg, *this, &Helper, true, ShowColors); 3978 OS << '\n'; 3979} 3980 3981/// printTerminator - A simple pretty printer of the terminator of a CFGBlock. 3982void CFGBlock::printTerminator(raw_ostream &OS, 3983 const LangOptions &LO) const { 3984 CFGBlockTerminatorPrint TPrinter(OS, NULL, PrintingPolicy(LO)); 3985 TPrinter.Visit(const_cast<Stmt*>(getTerminator().getStmt())); 3986} 3987 3988Stmt *CFGBlock::getTerminatorCondition() { 3989 Stmt *Terminator = this->Terminator; 3990 if (!Terminator) 3991 return NULL; 3992 3993 Expr *E = NULL; 3994 3995 switch (Terminator->getStmtClass()) { 3996 default: 3997 break; 3998 3999 case Stmt::ForStmtClass: 4000 E = cast<ForStmt>(Terminator)->getCond(); 4001 break; 4002 4003 case Stmt::WhileStmtClass: 4004 E = cast<WhileStmt>(Terminator)->getCond(); 4005 break; 4006 4007 case Stmt::DoStmtClass: 4008 E = cast<DoStmt>(Terminator)->getCond(); 4009 break; 4010 4011 case Stmt::IfStmtClass: 4012 E = cast<IfStmt>(Terminator)->getCond(); 4013 break; 4014 4015 case Stmt::ChooseExprClass: 4016 E = cast<ChooseExpr>(Terminator)->getCond(); 4017 break; 4018 4019 case Stmt::IndirectGotoStmtClass: 4020 E = cast<IndirectGotoStmt>(Terminator)->getTarget(); 4021 break; 4022 4023 case Stmt::SwitchStmtClass: 4024 E = cast<SwitchStmt>(Terminator)->getCond(); 4025 break; 4026 4027 case Stmt::BinaryConditionalOperatorClass: 4028 E = cast<BinaryConditionalOperator>(Terminator)->getCond(); 4029 break; 4030 4031 case Stmt::ConditionalOperatorClass: 4032 E = cast<ConditionalOperator>(Terminator)->getCond(); 4033 break; 4034 4035 case Stmt::BinaryOperatorClass: // '&&' and '||' 4036 E = cast<BinaryOperator>(Terminator)->getLHS(); 4037 break; 4038 4039 case Stmt::ObjCForCollectionStmtClass: 4040 return Terminator; 4041 } 4042 4043 return E ? E->IgnoreParens() : NULL; 4044} 4045 4046//===----------------------------------------------------------------------===// 4047// CFG Graphviz Visualization 4048//===----------------------------------------------------------------------===// 4049 4050 4051#ifndef NDEBUG 4052static StmtPrinterHelper* GraphHelper; 4053#endif 4054 4055void CFG::viewCFG(const LangOptions &LO) const { 4056#ifndef NDEBUG 4057 StmtPrinterHelper H(this, LO); 4058 GraphHelper = &H; 4059 llvm::ViewGraph(this,"CFG"); 4060 GraphHelper = NULL; 4061#endif 4062} 4063 4064namespace llvm { 4065template<> 4066struct DOTGraphTraits<const CFG*> : public DefaultDOTGraphTraits { 4067 4068 DOTGraphTraits (bool isSimple=false) : DefaultDOTGraphTraits(isSimple) {} 4069 4070 static std::string getNodeLabel(const CFGBlock *Node, const CFG* Graph) { 4071 4072#ifndef NDEBUG 4073 std::string OutSStr; 4074 llvm::raw_string_ostream Out(OutSStr); 4075 print_block(Out,Graph, *Node, GraphHelper, false, false); 4076 std::string& OutStr = Out.str(); 4077 4078 if (OutStr[0] == '\n') OutStr.erase(OutStr.begin()); 4079 4080 // Process string output to make it nicer... 4081 for (unsigned i = 0; i != OutStr.length(); ++i) 4082 if (OutStr[i] == '\n') { // Left justify 4083 OutStr[i] = '\\'; 4084 OutStr.insert(OutStr.begin()+i+1, 'l'); 4085 } 4086 4087 return OutStr; 4088#else 4089 return ""; 4090#endif 4091 } 4092}; 4093} // end namespace llvm 4094