CFG.cpp revision b9d0b76e42fd2d4cdfd135220302458d03ad09fe
1 //===--- CFG.cpp - Classes for representing and building CFGs----*- C++ -*-===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This file defines the CFG and CFGBuilder classes for representing and 11// building Control-Flow Graphs (CFGs) from ASTs. 12// 13//===----------------------------------------------------------------------===// 14 15#include "llvm/Support/SaveAndRestore.h" 16#include "clang/Analysis/CFG.h" 17#include "clang/AST/ASTContext.h" 18#include "clang/AST/DeclCXX.h" 19#include "clang/AST/StmtVisitor.h" 20#include "clang/AST/PrettyPrinter.h" 21#include "clang/AST/CharUnits.h" 22#include "clang/Basic/AttrKinds.h" 23#include "llvm/Support/GraphWriter.h" 24#include "llvm/Support/Allocator.h" 25#include "llvm/Support/Format.h" 26#include "llvm/ADT/DenseMap.h" 27#include "llvm/ADT/SmallPtrSet.h" 28#include "llvm/ADT/OwningPtr.h" 29 30using namespace clang; 31 32namespace { 33 34static SourceLocation GetEndLoc(Decl *D) { 35 if (VarDecl *VD = dyn_cast<VarDecl>(D)) 36 if (Expr *Ex = VD->getInit()) 37 return Ex->getSourceRange().getEnd(); 38 return D->getLocation(); 39} 40 41class CFGBuilder; 42 43/// The CFG builder uses a recursive algorithm to build the CFG. When 44/// we process an expression, sometimes we know that we must add the 45/// subexpressions as block-level expressions. For example: 46/// 47/// exp1 || exp2 48/// 49/// When processing the '||' expression, we know that exp1 and exp2 50/// need to be added as block-level expressions, even though they 51/// might not normally need to be. AddStmtChoice records this 52/// contextual information. If AddStmtChoice is 'NotAlwaysAdd', then 53/// the builder has an option not to add a subexpression as a 54/// block-level expression. 55/// 56class AddStmtChoice { 57public: 58 enum Kind { NotAlwaysAdd = 0, AlwaysAdd = 1 }; 59 60 AddStmtChoice(Kind a_kind = NotAlwaysAdd) : kind(a_kind) {} 61 62 bool alwaysAdd(CFGBuilder &builder, 63 const Stmt *stmt) const; 64 65 /// Return a copy of this object, except with the 'always-add' bit 66 /// set as specified. 67 AddStmtChoice withAlwaysAdd(bool alwaysAdd) const { 68 return AddStmtChoice(alwaysAdd ? AlwaysAdd : NotAlwaysAdd); 69 } 70 71private: 72 Kind kind; 73}; 74 75/// LocalScope - Node in tree of local scopes created for C++ implicit 76/// destructor calls generation. It contains list of automatic variables 77/// declared in the scope and link to position in previous scope this scope 78/// began in. 79/// 80/// The process of creating local scopes is as follows: 81/// - Init CFGBuilder::ScopePos with invalid position (equivalent for null), 82/// - Before processing statements in scope (e.g. CompoundStmt) create 83/// LocalScope object using CFGBuilder::ScopePos as link to previous scope 84/// and set CFGBuilder::ScopePos to the end of new scope, 85/// - On every occurrence of VarDecl increase CFGBuilder::ScopePos if it points 86/// at this VarDecl, 87/// - For every normal (without jump) end of scope add to CFGBlock destructors 88/// for objects in the current scope, 89/// - For every jump add to CFGBlock destructors for objects 90/// between CFGBuilder::ScopePos and local scope position saved for jump 91/// target. Thanks to C++ restrictions on goto jumps we can be sure that 92/// jump target position will be on the path to root from CFGBuilder::ScopePos 93/// (adding any variable that doesn't need constructor to be called to 94/// LocalScope can break this assumption), 95/// 96class LocalScope { 97public: 98 typedef BumpVector<VarDecl*> AutomaticVarsTy; 99 100 /// const_iterator - Iterates local scope backwards and jumps to previous 101 /// scope on reaching the beginning of currently iterated scope. 102 class const_iterator { 103 const LocalScope* Scope; 104 105 /// VarIter is guaranteed to be greater then 0 for every valid iterator. 106 /// Invalid iterator (with null Scope) has VarIter equal to 0. 107 unsigned VarIter; 108 109 public: 110 /// Create invalid iterator. Dereferencing invalid iterator is not allowed. 111 /// Incrementing invalid iterator is allowed and will result in invalid 112 /// iterator. 113 const_iterator() 114 : Scope(NULL), VarIter(0) {} 115 116 /// Create valid iterator. In case when S.Prev is an invalid iterator and 117 /// I is equal to 0, this will create invalid iterator. 118 const_iterator(const LocalScope& S, unsigned I) 119 : Scope(&S), VarIter(I) { 120 // Iterator to "end" of scope is not allowed. Handle it by going up 121 // in scopes tree possibly up to invalid iterator in the root. 122 if (VarIter == 0 && Scope) 123 *this = Scope->Prev; 124 } 125 126 VarDecl *const* operator->() const { 127 assert (Scope && "Dereferencing invalid iterator is not allowed"); 128 assert (VarIter != 0 && "Iterator has invalid value of VarIter member"); 129 return &Scope->Vars[VarIter - 1]; 130 } 131 VarDecl *operator*() const { 132 return *this->operator->(); 133 } 134 135 const_iterator &operator++() { 136 if (!Scope) 137 return *this; 138 139 assert (VarIter != 0 && "Iterator has invalid value of VarIter member"); 140 --VarIter; 141 if (VarIter == 0) 142 *this = Scope->Prev; 143 return *this; 144 } 145 const_iterator operator++(int) { 146 const_iterator P = *this; 147 ++*this; 148 return P; 149 } 150 151 bool operator==(const const_iterator &rhs) const { 152 return Scope == rhs.Scope && VarIter == rhs.VarIter; 153 } 154 bool operator!=(const const_iterator &rhs) const { 155 return !(*this == rhs); 156 } 157 158 operator bool() const { 159 return *this != const_iterator(); 160 } 161 162 int distance(const_iterator L); 163 }; 164 165 friend class const_iterator; 166 167private: 168 BumpVectorContext ctx; 169 170 /// Automatic variables in order of declaration. 171 AutomaticVarsTy Vars; 172 /// Iterator to variable in previous scope that was declared just before 173 /// begin of this scope. 174 const_iterator Prev; 175 176public: 177 /// Constructs empty scope linked to previous scope in specified place. 178 LocalScope(BumpVectorContext &ctx, const_iterator P) 179 : ctx(ctx), Vars(ctx, 4), Prev(P) {} 180 181 /// Begin of scope in direction of CFG building (backwards). 182 const_iterator begin() const { return const_iterator(*this, Vars.size()); } 183 184 void addVar(VarDecl *VD) { 185 Vars.push_back(VD, ctx); 186 } 187}; 188 189/// distance - Calculates distance from this to L. L must be reachable from this 190/// (with use of ++ operator). Cost of calculating the distance is linear w.r.t. 191/// number of scopes between this and L. 192int LocalScope::const_iterator::distance(LocalScope::const_iterator L) { 193 int D = 0; 194 const_iterator F = *this; 195 while (F.Scope != L.Scope) { 196 assert (F != const_iterator() 197 && "L iterator is not reachable from F iterator."); 198 D += F.VarIter; 199 F = F.Scope->Prev; 200 } 201 D += F.VarIter - L.VarIter; 202 return D; 203} 204 205/// BlockScopePosPair - Structure for specifying position in CFG during its 206/// build process. It consists of CFGBlock that specifies position in CFG graph 207/// and LocalScope::const_iterator that specifies position in LocalScope graph. 208struct BlockScopePosPair { 209 BlockScopePosPair() : block(0) {} 210 BlockScopePosPair(CFGBlock *b, LocalScope::const_iterator scopePos) 211 : block(b), scopePosition(scopePos) {} 212 213 CFGBlock *block; 214 LocalScope::const_iterator scopePosition; 215}; 216 217/// TryResult - a class representing a variant over the values 218/// 'true', 'false', or 'unknown'. This is returned by tryEvaluateBool, 219/// and is used by the CFGBuilder to decide if a branch condition 220/// can be decided up front during CFG construction. 221class TryResult { 222 int X; 223public: 224 TryResult(bool b) : X(b ? 1 : 0) {} 225 TryResult() : X(-1) {} 226 227 bool isTrue() const { return X == 1; } 228 bool isFalse() const { return X == 0; } 229 bool isKnown() const { return X >= 0; } 230 void negate() { 231 assert(isKnown()); 232 X ^= 0x1; 233 } 234}; 235 236/// CFGBuilder - This class implements CFG construction from an AST. 237/// The builder is stateful: an instance of the builder should be used to only 238/// construct a single CFG. 239/// 240/// Example usage: 241/// 242/// CFGBuilder builder; 243/// CFG* cfg = builder.BuildAST(stmt1); 244/// 245/// CFG construction is done via a recursive walk of an AST. We actually parse 246/// the AST in reverse order so that the successor of a basic block is 247/// constructed prior to its predecessor. This allows us to nicely capture 248/// implicit fall-throughs without extra basic blocks. 249/// 250class CFGBuilder { 251 typedef BlockScopePosPair JumpTarget; 252 typedef BlockScopePosPair JumpSource; 253 254 ASTContext *Context; 255 OwningPtr<CFG> cfg; 256 257 CFGBlock *Block; 258 CFGBlock *Succ; 259 JumpTarget ContinueJumpTarget; 260 JumpTarget BreakJumpTarget; 261 CFGBlock *SwitchTerminatedBlock; 262 CFGBlock *DefaultCaseBlock; 263 CFGBlock *TryTerminatedBlock; 264 265 // Current position in local scope. 266 LocalScope::const_iterator ScopePos; 267 268 // LabelMap records the mapping from Label expressions to their jump targets. 269 typedef llvm::DenseMap<LabelDecl*, JumpTarget> LabelMapTy; 270 LabelMapTy LabelMap; 271 272 // A list of blocks that end with a "goto" that must be backpatched to their 273 // resolved targets upon completion of CFG construction. 274 typedef std::vector<JumpSource> BackpatchBlocksTy; 275 BackpatchBlocksTy BackpatchBlocks; 276 277 // A list of labels whose address has been taken (for indirect gotos). 278 typedef llvm::SmallPtrSet<LabelDecl*, 5> LabelSetTy; 279 LabelSetTy AddressTakenLabels; 280 281 bool badCFG; 282 const CFG::BuildOptions &BuildOpts; 283 284 // State to track for building switch statements. 285 bool switchExclusivelyCovered; 286 Expr::EvalResult *switchCond; 287 288 CFG::BuildOptions::ForcedBlkExprs::value_type *cachedEntry; 289 const Stmt *lastLookup; 290 291 // Caches boolean evaluations of expressions to avoid multiple re-evaluations 292 // during construction of branches for chained logical operators. 293 typedef llvm::DenseMap<Expr *, TryResult> CachedBoolEvalsTy; 294 CachedBoolEvalsTy CachedBoolEvals; 295 296public: 297 explicit CFGBuilder(ASTContext *astContext, 298 const CFG::BuildOptions &buildOpts) 299 : Context(astContext), cfg(new CFG()), // crew a new CFG 300 Block(NULL), Succ(NULL), 301 SwitchTerminatedBlock(NULL), DefaultCaseBlock(NULL), 302 TryTerminatedBlock(NULL), badCFG(false), BuildOpts(buildOpts), 303 switchExclusivelyCovered(false), switchCond(0), 304 cachedEntry(0), lastLookup(0) {} 305 306 // buildCFG - Used by external clients to construct the CFG. 307 CFG* buildCFG(const Decl *D, Stmt *Statement); 308 309 bool alwaysAdd(const Stmt *stmt); 310 311private: 312 // Visitors to walk an AST and construct the CFG. 313 CFGBlock *VisitAddrLabelExpr(AddrLabelExpr *A, AddStmtChoice asc); 314 CFGBlock *VisitBinaryOperator(BinaryOperator *B, AddStmtChoice asc); 315 CFGBlock *VisitBreakStmt(BreakStmt *B); 316 CFGBlock *VisitCallExpr(CallExpr *C, AddStmtChoice asc); 317 CFGBlock *VisitCaseStmt(CaseStmt *C); 318 CFGBlock *VisitChooseExpr(ChooseExpr *C, AddStmtChoice asc); 319 CFGBlock *VisitCompoundStmt(CompoundStmt *C); 320 CFGBlock *VisitConditionalOperator(AbstractConditionalOperator *C, 321 AddStmtChoice asc); 322 CFGBlock *VisitContinueStmt(ContinueStmt *C); 323 CFGBlock *VisitCXXBindTemporaryExpr(CXXBindTemporaryExpr *E, 324 AddStmtChoice asc); 325 CFGBlock *VisitCXXCatchStmt(CXXCatchStmt *S); 326 CFGBlock *VisitCXXConstructExpr(CXXConstructExpr *C, AddStmtChoice asc); 327 CFGBlock *VisitCXXForRangeStmt(CXXForRangeStmt *S); 328 CFGBlock *VisitCXXFunctionalCastExpr(CXXFunctionalCastExpr *E, 329 AddStmtChoice asc); 330 CFGBlock *VisitCXXTemporaryObjectExpr(CXXTemporaryObjectExpr *C, 331 AddStmtChoice asc); 332 CFGBlock *VisitCXXThrowExpr(CXXThrowExpr *T); 333 CFGBlock *VisitCXXTryStmt(CXXTryStmt *S); 334 CFGBlock *VisitDeclStmt(DeclStmt *DS); 335 CFGBlock *VisitDeclSubExpr(DeclStmt *DS); 336 CFGBlock *VisitDefaultStmt(DefaultStmt *D); 337 CFGBlock *VisitDoStmt(DoStmt *D); 338 CFGBlock *VisitExprWithCleanups(ExprWithCleanups *E, AddStmtChoice asc); 339 CFGBlock *VisitForStmt(ForStmt *F); 340 CFGBlock *VisitGotoStmt(GotoStmt *G); 341 CFGBlock *VisitIfStmt(IfStmt *I); 342 CFGBlock *VisitImplicitCastExpr(ImplicitCastExpr *E, AddStmtChoice asc); 343 CFGBlock *VisitIndirectGotoStmt(IndirectGotoStmt *I); 344 CFGBlock *VisitLabelStmt(LabelStmt *L); 345 CFGBlock *VisitLambdaExpr(LambdaExpr *E, AddStmtChoice asc); 346 CFGBlock *VisitLogicalOperator(BinaryOperator *B); 347 std::pair<CFGBlock *, CFGBlock *> VisitLogicalOperator(BinaryOperator *B, 348 Stmt *Term, 349 CFGBlock *TrueBlock, 350 CFGBlock *FalseBlock); 351 CFGBlock *VisitMemberExpr(MemberExpr *M, AddStmtChoice asc); 352 CFGBlock *VisitObjCAtCatchStmt(ObjCAtCatchStmt *S); 353 CFGBlock *VisitObjCAtSynchronizedStmt(ObjCAtSynchronizedStmt *S); 354 CFGBlock *VisitObjCAtThrowStmt(ObjCAtThrowStmt *S); 355 CFGBlock *VisitObjCAtTryStmt(ObjCAtTryStmt *S); 356 CFGBlock *VisitObjCAutoreleasePoolStmt(ObjCAutoreleasePoolStmt *S); 357 CFGBlock *VisitObjCForCollectionStmt(ObjCForCollectionStmt *S); 358 CFGBlock *VisitPseudoObjectExpr(PseudoObjectExpr *E); 359 CFGBlock *VisitReturnStmt(ReturnStmt *R); 360 CFGBlock *VisitStmtExpr(StmtExpr *S, AddStmtChoice asc); 361 CFGBlock *VisitSwitchStmt(SwitchStmt *S); 362 CFGBlock *VisitUnaryExprOrTypeTraitExpr(UnaryExprOrTypeTraitExpr *E, 363 AddStmtChoice asc); 364 CFGBlock *VisitUnaryOperator(UnaryOperator *U, AddStmtChoice asc); 365 CFGBlock *VisitWhileStmt(WhileStmt *W); 366 367 CFGBlock *Visit(Stmt *S, AddStmtChoice asc = AddStmtChoice::NotAlwaysAdd); 368 CFGBlock *VisitStmt(Stmt *S, AddStmtChoice asc); 369 CFGBlock *VisitChildren(Stmt *S); 370 CFGBlock *VisitNoRecurse(Expr *E, AddStmtChoice asc); 371 372 // Visitors to walk an AST and generate destructors of temporaries in 373 // full expression. 374 CFGBlock *VisitForTemporaryDtors(Stmt *E, bool BindToTemporary = false); 375 CFGBlock *VisitChildrenForTemporaryDtors(Stmt *E); 376 CFGBlock *VisitBinaryOperatorForTemporaryDtors(BinaryOperator *E); 377 CFGBlock *VisitCXXBindTemporaryExprForTemporaryDtors(CXXBindTemporaryExpr *E, 378 bool BindToTemporary); 379 CFGBlock * 380 VisitConditionalOperatorForTemporaryDtors(AbstractConditionalOperator *E, 381 bool BindToTemporary); 382 383 // NYS == Not Yet Supported 384 CFGBlock *NYS() { 385 badCFG = true; 386 return Block; 387 } 388 389 void autoCreateBlock() { if (!Block) Block = createBlock(); } 390 CFGBlock *createBlock(bool add_successor = true); 391 CFGBlock *createNoReturnBlock(); 392 393 CFGBlock *addStmt(Stmt *S) { 394 return Visit(S, AddStmtChoice::AlwaysAdd); 395 } 396 CFGBlock *addInitializer(CXXCtorInitializer *I); 397 void addAutomaticObjDtors(LocalScope::const_iterator B, 398 LocalScope::const_iterator E, Stmt *S); 399 void addImplicitDtorsForDestructor(const CXXDestructorDecl *DD); 400 401 // Local scopes creation. 402 LocalScope* createOrReuseLocalScope(LocalScope* Scope); 403 404 void addLocalScopeForStmt(Stmt *S); 405 LocalScope* addLocalScopeForDeclStmt(DeclStmt *DS, LocalScope* Scope = NULL); 406 LocalScope* addLocalScopeForVarDecl(VarDecl *VD, LocalScope* Scope = NULL); 407 408 void addLocalScopeAndDtors(Stmt *S); 409 410 // Interface to CFGBlock - adding CFGElements. 411 void appendStmt(CFGBlock *B, const Stmt *S) { 412 if (alwaysAdd(S) && cachedEntry) 413 cachedEntry->second = B; 414 415 // All block-level expressions should have already been IgnoreParens()ed. 416 assert(!isa<Expr>(S) || cast<Expr>(S)->IgnoreParens() == S); 417 B->appendStmt(const_cast<Stmt*>(S), cfg->getBumpVectorContext()); 418 } 419 void appendInitializer(CFGBlock *B, CXXCtorInitializer *I) { 420 B->appendInitializer(I, cfg->getBumpVectorContext()); 421 } 422 void appendBaseDtor(CFGBlock *B, const CXXBaseSpecifier *BS) { 423 B->appendBaseDtor(BS, cfg->getBumpVectorContext()); 424 } 425 void appendMemberDtor(CFGBlock *B, FieldDecl *FD) { 426 B->appendMemberDtor(FD, cfg->getBumpVectorContext()); 427 } 428 void appendTemporaryDtor(CFGBlock *B, CXXBindTemporaryExpr *E) { 429 B->appendTemporaryDtor(E, cfg->getBumpVectorContext()); 430 } 431 void appendAutomaticObjDtor(CFGBlock *B, VarDecl *VD, Stmt *S) { 432 B->appendAutomaticObjDtor(VD, S, cfg->getBumpVectorContext()); 433 } 434 435 void prependAutomaticObjDtorsWithTerminator(CFGBlock *Blk, 436 LocalScope::const_iterator B, LocalScope::const_iterator E); 437 438 void addSuccessor(CFGBlock *B, CFGBlock *S) { 439 B->addSuccessor(S, cfg->getBumpVectorContext()); 440 } 441 442 /// Try and evaluate an expression to an integer constant. 443 bool tryEvaluate(Expr *S, Expr::EvalResult &outResult) { 444 if (!BuildOpts.PruneTriviallyFalseEdges) 445 return false; 446 return !S->isTypeDependent() && 447 !S->isValueDependent() && 448 S->EvaluateAsRValue(outResult, *Context); 449 } 450 451 /// tryEvaluateBool - Try and evaluate the Stmt and return 0 or 1 452 /// if we can evaluate to a known value, otherwise return -1. 453 TryResult tryEvaluateBool(Expr *S) { 454 if (!BuildOpts.PruneTriviallyFalseEdges || 455 S->isTypeDependent() || S->isValueDependent()) 456 return TryResult(); 457 458 if (BinaryOperator *Bop = dyn_cast<BinaryOperator>(S)) { 459 if (Bop->isLogicalOp()) { 460 // Check the cache first. 461 CachedBoolEvalsTy::iterator I = CachedBoolEvals.find(S); 462 if (I != CachedBoolEvals.end()) 463 return I->second; // already in map; 464 465 // Retrieve result at first, or the map might be updated. 466 TryResult Result = evaluateAsBooleanConditionNoCache(S); 467 CachedBoolEvals[S] = Result; // update or insert 468 return Result; 469 } 470 } 471 472 return evaluateAsBooleanConditionNoCache(S); 473 } 474 475 /// \brief Evaluate as boolean \param E without using the cache. 476 TryResult evaluateAsBooleanConditionNoCache(Expr *E) { 477 if (BinaryOperator *Bop = dyn_cast<BinaryOperator>(E)) { 478 if (Bop->isLogicalOp()) { 479 TryResult LHS = tryEvaluateBool(Bop->getLHS()); 480 if (LHS.isKnown()) { 481 // We were able to evaluate the LHS, see if we can get away with not 482 // evaluating the RHS: 0 && X -> 0, 1 || X -> 1 483 if (LHS.isTrue() == (Bop->getOpcode() == BO_LOr)) 484 return LHS.isTrue(); 485 486 TryResult RHS = tryEvaluateBool(Bop->getRHS()); 487 if (RHS.isKnown()) { 488 if (Bop->getOpcode() == BO_LOr) 489 return LHS.isTrue() || RHS.isTrue(); 490 else 491 return LHS.isTrue() && RHS.isTrue(); 492 } 493 } else { 494 TryResult RHS = tryEvaluateBool(Bop->getRHS()); 495 if (RHS.isKnown()) { 496 // We can't evaluate the LHS; however, sometimes the result 497 // is determined by the RHS: X && 0 -> 0, X || 1 -> 1. 498 if (RHS.isTrue() == (Bop->getOpcode() == BO_LOr)) 499 return RHS.isTrue(); 500 } 501 } 502 503 return TryResult(); 504 } 505 } 506 507 bool Result; 508 if (E->EvaluateAsBooleanCondition(Result, *Context)) 509 return Result; 510 511 return TryResult(); 512 } 513 514}; 515 516inline bool AddStmtChoice::alwaysAdd(CFGBuilder &builder, 517 const Stmt *stmt) const { 518 return builder.alwaysAdd(stmt) || kind == AlwaysAdd; 519} 520 521bool CFGBuilder::alwaysAdd(const Stmt *stmt) { 522 bool shouldAdd = BuildOpts.alwaysAdd(stmt); 523 524 if (!BuildOpts.forcedBlkExprs) 525 return shouldAdd; 526 527 if (lastLookup == stmt) { 528 if (cachedEntry) { 529 assert(cachedEntry->first == stmt); 530 return true; 531 } 532 return shouldAdd; 533 } 534 535 lastLookup = stmt; 536 537 // Perform the lookup! 538 CFG::BuildOptions::ForcedBlkExprs *fb = *BuildOpts.forcedBlkExprs; 539 540 if (!fb) { 541 // No need to update 'cachedEntry', since it will always be null. 542 assert(cachedEntry == 0); 543 return shouldAdd; 544 } 545 546 CFG::BuildOptions::ForcedBlkExprs::iterator itr = fb->find(stmt); 547 if (itr == fb->end()) { 548 cachedEntry = 0; 549 return shouldAdd; 550 } 551 552 cachedEntry = &*itr; 553 return true; 554} 555 556// FIXME: Add support for dependent-sized array types in C++? 557// Does it even make sense to build a CFG for an uninstantiated template? 558static const VariableArrayType *FindVA(const Type *t) { 559 while (const ArrayType *vt = dyn_cast<ArrayType>(t)) { 560 if (const VariableArrayType *vat = dyn_cast<VariableArrayType>(vt)) 561 if (vat->getSizeExpr()) 562 return vat; 563 564 t = vt->getElementType().getTypePtr(); 565 } 566 567 return 0; 568} 569 570/// BuildCFG - Constructs a CFG from an AST (a Stmt*). The AST can represent an 571/// arbitrary statement. Examples include a single expression or a function 572/// body (compound statement). The ownership of the returned CFG is 573/// transferred to the caller. If CFG construction fails, this method returns 574/// NULL. 575CFG* CFGBuilder::buildCFG(const Decl *D, Stmt *Statement) { 576 assert(cfg.get()); 577 if (!Statement) 578 return NULL; 579 580 // Create an empty block that will serve as the exit block for the CFG. Since 581 // this is the first block added to the CFG, it will be implicitly registered 582 // as the exit block. 583 Succ = createBlock(); 584 assert(Succ == &cfg->getExit()); 585 Block = NULL; // the EXIT block is empty. Create all other blocks lazily. 586 587 if (BuildOpts.AddImplicitDtors) 588 if (const CXXDestructorDecl *DD = dyn_cast_or_null<CXXDestructorDecl>(D)) 589 addImplicitDtorsForDestructor(DD); 590 591 // Visit the statements and create the CFG. 592 CFGBlock *B = addStmt(Statement); 593 594 if (badCFG) 595 return NULL; 596 597 // For C++ constructor add initializers to CFG. 598 if (const CXXConstructorDecl *CD = dyn_cast_or_null<CXXConstructorDecl>(D)) { 599 for (CXXConstructorDecl::init_const_reverse_iterator I = CD->init_rbegin(), 600 E = CD->init_rend(); I != E; ++I) { 601 B = addInitializer(*I); 602 if (badCFG) 603 return NULL; 604 } 605 } 606 607 if (B) 608 Succ = B; 609 610 // Backpatch the gotos whose label -> block mappings we didn't know when we 611 // encountered them. 612 for (BackpatchBlocksTy::iterator I = BackpatchBlocks.begin(), 613 E = BackpatchBlocks.end(); I != E; ++I ) { 614 615 CFGBlock *B = I->block; 616 GotoStmt *G = cast<GotoStmt>(B->getTerminator()); 617 LabelMapTy::iterator LI = LabelMap.find(G->getLabel()); 618 619 // If there is no target for the goto, then we are looking at an 620 // incomplete AST. Handle this by not registering a successor. 621 if (LI == LabelMap.end()) continue; 622 623 JumpTarget JT = LI->second; 624 prependAutomaticObjDtorsWithTerminator(B, I->scopePosition, 625 JT.scopePosition); 626 addSuccessor(B, JT.block); 627 } 628 629 // Add successors to the Indirect Goto Dispatch block (if we have one). 630 if (CFGBlock *B = cfg->getIndirectGotoBlock()) 631 for (LabelSetTy::iterator I = AddressTakenLabels.begin(), 632 E = AddressTakenLabels.end(); I != E; ++I ) { 633 634 // Lookup the target block. 635 LabelMapTy::iterator LI = LabelMap.find(*I); 636 637 // If there is no target block that contains label, then we are looking 638 // at an incomplete AST. Handle this by not registering a successor. 639 if (LI == LabelMap.end()) continue; 640 641 addSuccessor(B, LI->second.block); 642 } 643 644 // Create an empty entry block that has no predecessors. 645 cfg->setEntry(createBlock()); 646 647 return cfg.take(); 648} 649 650/// createBlock - Used to lazily create blocks that are connected 651/// to the current (global) succcessor. 652CFGBlock *CFGBuilder::createBlock(bool add_successor) { 653 CFGBlock *B = cfg->createBlock(); 654 if (add_successor && Succ) 655 addSuccessor(B, Succ); 656 return B; 657} 658 659/// createNoReturnBlock - Used to create a block is a 'noreturn' point in the 660/// CFG. It is *not* connected to the current (global) successor, and instead 661/// directly tied to the exit block in order to be reachable. 662CFGBlock *CFGBuilder::createNoReturnBlock() { 663 CFGBlock *B = createBlock(false); 664 B->setHasNoReturnElement(); 665 addSuccessor(B, &cfg->getExit()); 666 return B; 667} 668 669/// addInitializer - Add C++ base or member initializer element to CFG. 670CFGBlock *CFGBuilder::addInitializer(CXXCtorInitializer *I) { 671 if (!BuildOpts.AddInitializers) 672 return Block; 673 674 bool IsReference = false; 675 bool HasTemporaries = false; 676 677 // Destructors of temporaries in initialization expression should be called 678 // after initialization finishes. 679 Expr *Init = I->getInit(); 680 if (Init) { 681 if (FieldDecl *FD = I->getAnyMember()) 682 IsReference = FD->getType()->isReferenceType(); 683 HasTemporaries = isa<ExprWithCleanups>(Init); 684 685 if (BuildOpts.AddImplicitDtors && HasTemporaries) { 686 // Generate destructors for temporaries in initialization expression. 687 VisitForTemporaryDtors(cast<ExprWithCleanups>(Init)->getSubExpr(), 688 IsReference); 689 } 690 } 691 692 autoCreateBlock(); 693 appendInitializer(Block, I); 694 695 if (Init) { 696 if (HasTemporaries) { 697 // For expression with temporaries go directly to subexpression to omit 698 // generating destructors for the second time. 699 return Visit(cast<ExprWithCleanups>(Init)->getSubExpr()); 700 } 701 return Visit(Init); 702 } 703 704 return Block; 705} 706 707/// \brief Retrieve the type of the temporary object whose lifetime was 708/// extended by a local reference with the given initializer. 709static QualType getReferenceInitTemporaryType(ASTContext &Context, 710 const Expr *Init) { 711 while (true) { 712 // Skip parentheses. 713 Init = Init->IgnoreParens(); 714 715 // Skip through cleanups. 716 if (const ExprWithCleanups *EWC = dyn_cast<ExprWithCleanups>(Init)) { 717 Init = EWC->getSubExpr(); 718 continue; 719 } 720 721 // Skip through the temporary-materialization expression. 722 if (const MaterializeTemporaryExpr *MTE 723 = dyn_cast<MaterializeTemporaryExpr>(Init)) { 724 Init = MTE->GetTemporaryExpr(); 725 continue; 726 } 727 728 // Skip derived-to-base and no-op casts. 729 if (const CastExpr *CE = dyn_cast<CastExpr>(Init)) { 730 if ((CE->getCastKind() == CK_DerivedToBase || 731 CE->getCastKind() == CK_UncheckedDerivedToBase || 732 CE->getCastKind() == CK_NoOp) && 733 Init->getType()->isRecordType()) { 734 Init = CE->getSubExpr(); 735 continue; 736 } 737 } 738 739 // Skip member accesses into rvalues. 740 if (const MemberExpr *ME = dyn_cast<MemberExpr>(Init)) { 741 if (!ME->isArrow() && ME->getBase()->isRValue()) { 742 Init = ME->getBase(); 743 continue; 744 } 745 } 746 747 break; 748 } 749 750 return Init->getType(); 751} 752 753/// addAutomaticObjDtors - Add to current block automatic objects destructors 754/// for objects in range of local scope positions. Use S as trigger statement 755/// for destructors. 756void CFGBuilder::addAutomaticObjDtors(LocalScope::const_iterator B, 757 LocalScope::const_iterator E, Stmt *S) { 758 if (!BuildOpts.AddImplicitDtors) 759 return; 760 761 if (B == E) 762 return; 763 764 // We need to append the destructors in reverse order, but any one of them 765 // may be a no-return destructor which changes the CFG. As a result, buffer 766 // this sequence up and replay them in reverse order when appending onto the 767 // CFGBlock(s). 768 SmallVector<VarDecl*, 10> Decls; 769 Decls.reserve(B.distance(E)); 770 for (LocalScope::const_iterator I = B; I != E; ++I) 771 Decls.push_back(*I); 772 773 for (SmallVectorImpl<VarDecl*>::reverse_iterator I = Decls.rbegin(), 774 E = Decls.rend(); 775 I != E; ++I) { 776 // If this destructor is marked as a no-return destructor, we need to 777 // create a new block for the destructor which does not have as a successor 778 // anything built thus far: control won't flow out of this block. 779 QualType Ty = (*I)->getType(); 780 if (Ty->isReferenceType()) { 781 Ty = getReferenceInitTemporaryType(*Context, (*I)->getInit()); 782 } 783 Ty = Context->getBaseElementType(Ty); 784 785 const CXXDestructorDecl *Dtor = Ty->getAsCXXRecordDecl()->getDestructor(); 786 if (cast<FunctionType>(Dtor->getType())->getNoReturnAttr()) 787 Block = createNoReturnBlock(); 788 else 789 autoCreateBlock(); 790 791 appendAutomaticObjDtor(Block, *I, S); 792 } 793} 794 795/// addImplicitDtorsForDestructor - Add implicit destructors generated for 796/// base and member objects in destructor. 797void CFGBuilder::addImplicitDtorsForDestructor(const CXXDestructorDecl *DD) { 798 assert (BuildOpts.AddImplicitDtors 799 && "Can be called only when dtors should be added"); 800 const CXXRecordDecl *RD = DD->getParent(); 801 802 // At the end destroy virtual base objects. 803 for (CXXRecordDecl::base_class_const_iterator VI = RD->vbases_begin(), 804 VE = RD->vbases_end(); VI != VE; ++VI) { 805 const CXXRecordDecl *CD = VI->getType()->getAsCXXRecordDecl(); 806 if (!CD->hasTrivialDestructor()) { 807 autoCreateBlock(); 808 appendBaseDtor(Block, VI); 809 } 810 } 811 812 // Before virtual bases destroy direct base objects. 813 for (CXXRecordDecl::base_class_const_iterator BI = RD->bases_begin(), 814 BE = RD->bases_end(); BI != BE; ++BI) { 815 if (!BI->isVirtual()) { 816 const CXXRecordDecl *CD = BI->getType()->getAsCXXRecordDecl(); 817 if (!CD->hasTrivialDestructor()) { 818 autoCreateBlock(); 819 appendBaseDtor(Block, BI); 820 } 821 } 822 } 823 824 // First destroy member objects. 825 for (CXXRecordDecl::field_iterator FI = RD->field_begin(), 826 FE = RD->field_end(); FI != FE; ++FI) { 827 // Check for constant size array. Set type to array element type. 828 QualType QT = FI->getType(); 829 if (const ConstantArrayType *AT = Context->getAsConstantArrayType(QT)) { 830 if (AT->getSize() == 0) 831 continue; 832 QT = AT->getElementType(); 833 } 834 835 if (const CXXRecordDecl *CD = QT->getAsCXXRecordDecl()) 836 if (!CD->hasTrivialDestructor()) { 837 autoCreateBlock(); 838 appendMemberDtor(Block, *FI); 839 } 840 } 841} 842 843/// createOrReuseLocalScope - If Scope is NULL create new LocalScope. Either 844/// way return valid LocalScope object. 845LocalScope* CFGBuilder::createOrReuseLocalScope(LocalScope* Scope) { 846 if (!Scope) { 847 llvm::BumpPtrAllocator &alloc = cfg->getAllocator(); 848 Scope = alloc.Allocate<LocalScope>(); 849 BumpVectorContext ctx(alloc); 850 new (Scope) LocalScope(ctx, ScopePos); 851 } 852 return Scope; 853} 854 855/// addLocalScopeForStmt - Add LocalScope to local scopes tree for statement 856/// that should create implicit scope (e.g. if/else substatements). 857void CFGBuilder::addLocalScopeForStmt(Stmt *S) { 858 if (!BuildOpts.AddImplicitDtors) 859 return; 860 861 LocalScope *Scope = 0; 862 863 // For compound statement we will be creating explicit scope. 864 if (CompoundStmt *CS = dyn_cast<CompoundStmt>(S)) { 865 for (CompoundStmt::body_iterator BI = CS->body_begin(), BE = CS->body_end() 866 ; BI != BE; ++BI) { 867 Stmt *SI = (*BI)->stripLabelLikeStatements(); 868 if (DeclStmt *DS = dyn_cast<DeclStmt>(SI)) 869 Scope = addLocalScopeForDeclStmt(DS, Scope); 870 } 871 return; 872 } 873 874 // For any other statement scope will be implicit and as such will be 875 // interesting only for DeclStmt. 876 if (DeclStmt *DS = dyn_cast<DeclStmt>(S->stripLabelLikeStatements())) 877 addLocalScopeForDeclStmt(DS); 878} 879 880/// addLocalScopeForDeclStmt - Add LocalScope for declaration statement. Will 881/// reuse Scope if not NULL. 882LocalScope* CFGBuilder::addLocalScopeForDeclStmt(DeclStmt *DS, 883 LocalScope* Scope) { 884 if (!BuildOpts.AddImplicitDtors) 885 return Scope; 886 887 for (DeclStmt::decl_iterator DI = DS->decl_begin(), DE = DS->decl_end() 888 ; DI != DE; ++DI) { 889 if (VarDecl *VD = dyn_cast<VarDecl>(*DI)) 890 Scope = addLocalScopeForVarDecl(VD, Scope); 891 } 892 return Scope; 893} 894 895/// addLocalScopeForVarDecl - Add LocalScope for variable declaration. It will 896/// create add scope for automatic objects and temporary objects bound to 897/// const reference. Will reuse Scope if not NULL. 898LocalScope* CFGBuilder::addLocalScopeForVarDecl(VarDecl *VD, 899 LocalScope* Scope) { 900 if (!BuildOpts.AddImplicitDtors) 901 return Scope; 902 903 // Check if variable is local. 904 switch (VD->getStorageClass()) { 905 case SC_None: 906 case SC_Auto: 907 case SC_Register: 908 break; 909 default: return Scope; 910 } 911 912 // Check for const references bound to temporary. Set type to pointee. 913 QualType QT = VD->getType(); 914 if (QT.getTypePtr()->isReferenceType()) { 915 if (!VD->extendsLifetimeOfTemporary()) 916 return Scope; 917 918 QT = getReferenceInitTemporaryType(*Context, VD->getInit()); 919 } 920 921 // Check for constant size array. Set type to array element type. 922 while (const ConstantArrayType *AT = Context->getAsConstantArrayType(QT)) { 923 if (AT->getSize() == 0) 924 return Scope; 925 QT = AT->getElementType(); 926 } 927 928 // Check if type is a C++ class with non-trivial destructor. 929 if (const CXXRecordDecl *CD = QT->getAsCXXRecordDecl()) 930 if (!CD->hasTrivialDestructor()) { 931 // Add the variable to scope 932 Scope = createOrReuseLocalScope(Scope); 933 Scope->addVar(VD); 934 ScopePos = Scope->begin(); 935 } 936 return Scope; 937} 938 939/// addLocalScopeAndDtors - For given statement add local scope for it and 940/// add destructors that will cleanup the scope. Will reuse Scope if not NULL. 941void CFGBuilder::addLocalScopeAndDtors(Stmt *S) { 942 if (!BuildOpts.AddImplicitDtors) 943 return; 944 945 LocalScope::const_iterator scopeBeginPos = ScopePos; 946 addLocalScopeForStmt(S); 947 addAutomaticObjDtors(ScopePos, scopeBeginPos, S); 948} 949 950/// prependAutomaticObjDtorsWithTerminator - Prepend destructor CFGElements for 951/// variables with automatic storage duration to CFGBlock's elements vector. 952/// Elements will be prepended to physical beginning of the vector which 953/// happens to be logical end. Use blocks terminator as statement that specifies 954/// destructors call site. 955/// FIXME: This mechanism for adding automatic destructors doesn't handle 956/// no-return destructors properly. 957void CFGBuilder::prependAutomaticObjDtorsWithTerminator(CFGBlock *Blk, 958 LocalScope::const_iterator B, LocalScope::const_iterator E) { 959 BumpVectorContext &C = cfg->getBumpVectorContext(); 960 CFGBlock::iterator InsertPos 961 = Blk->beginAutomaticObjDtorsInsert(Blk->end(), B.distance(E), C); 962 for (LocalScope::const_iterator I = B; I != E; ++I) 963 InsertPos = Blk->insertAutomaticObjDtor(InsertPos, *I, 964 Blk->getTerminator()); 965} 966 967/// Visit - Walk the subtree of a statement and add extra 968/// blocks for ternary operators, &&, and ||. We also process "," and 969/// DeclStmts (which may contain nested control-flow). 970CFGBlock *CFGBuilder::Visit(Stmt * S, AddStmtChoice asc) { 971 if (!S) { 972 badCFG = true; 973 return 0; 974 } 975 976 if (Expr *E = dyn_cast<Expr>(S)) 977 S = E->IgnoreParens(); 978 979 switch (S->getStmtClass()) { 980 default: 981 return VisitStmt(S, asc); 982 983 case Stmt::AddrLabelExprClass: 984 return VisitAddrLabelExpr(cast<AddrLabelExpr>(S), asc); 985 986 case Stmt::BinaryConditionalOperatorClass: 987 return VisitConditionalOperator(cast<BinaryConditionalOperator>(S), asc); 988 989 case Stmt::BinaryOperatorClass: 990 return VisitBinaryOperator(cast<BinaryOperator>(S), asc); 991 992 case Stmt::BlockExprClass: 993 return VisitNoRecurse(cast<Expr>(S), asc); 994 995 case Stmt::BreakStmtClass: 996 return VisitBreakStmt(cast<BreakStmt>(S)); 997 998 case Stmt::CallExprClass: 999 case Stmt::CXXOperatorCallExprClass: 1000 case Stmt::CXXMemberCallExprClass: 1001 case Stmt::UserDefinedLiteralClass: 1002 return VisitCallExpr(cast<CallExpr>(S), asc); 1003 1004 case Stmt::CaseStmtClass: 1005 return VisitCaseStmt(cast<CaseStmt>(S)); 1006 1007 case Stmt::ChooseExprClass: 1008 return VisitChooseExpr(cast<ChooseExpr>(S), asc); 1009 1010 case Stmt::CompoundStmtClass: 1011 return VisitCompoundStmt(cast<CompoundStmt>(S)); 1012 1013 case Stmt::ConditionalOperatorClass: 1014 return VisitConditionalOperator(cast<ConditionalOperator>(S), asc); 1015 1016 case Stmt::ContinueStmtClass: 1017 return VisitContinueStmt(cast<ContinueStmt>(S)); 1018 1019 case Stmt::CXXCatchStmtClass: 1020 return VisitCXXCatchStmt(cast<CXXCatchStmt>(S)); 1021 1022 case Stmt::ExprWithCleanupsClass: 1023 return VisitExprWithCleanups(cast<ExprWithCleanups>(S), asc); 1024 1025 case Stmt::CXXBindTemporaryExprClass: 1026 return VisitCXXBindTemporaryExpr(cast<CXXBindTemporaryExpr>(S), asc); 1027 1028 case Stmt::CXXConstructExprClass: 1029 return VisitCXXConstructExpr(cast<CXXConstructExpr>(S), asc); 1030 1031 case Stmt::CXXFunctionalCastExprClass: 1032 return VisitCXXFunctionalCastExpr(cast<CXXFunctionalCastExpr>(S), asc); 1033 1034 case Stmt::CXXTemporaryObjectExprClass: 1035 return VisitCXXTemporaryObjectExpr(cast<CXXTemporaryObjectExpr>(S), asc); 1036 1037 case Stmt::CXXThrowExprClass: 1038 return VisitCXXThrowExpr(cast<CXXThrowExpr>(S)); 1039 1040 case Stmt::CXXTryStmtClass: 1041 return VisitCXXTryStmt(cast<CXXTryStmt>(S)); 1042 1043 case Stmt::CXXForRangeStmtClass: 1044 return VisitCXXForRangeStmt(cast<CXXForRangeStmt>(S)); 1045 1046 case Stmt::DeclStmtClass: 1047 return VisitDeclStmt(cast<DeclStmt>(S)); 1048 1049 case Stmt::DefaultStmtClass: 1050 return VisitDefaultStmt(cast<DefaultStmt>(S)); 1051 1052 case Stmt::DoStmtClass: 1053 return VisitDoStmt(cast<DoStmt>(S)); 1054 1055 case Stmt::ForStmtClass: 1056 return VisitForStmt(cast<ForStmt>(S)); 1057 1058 case Stmt::GotoStmtClass: 1059 return VisitGotoStmt(cast<GotoStmt>(S)); 1060 1061 case Stmt::IfStmtClass: 1062 return VisitIfStmt(cast<IfStmt>(S)); 1063 1064 case Stmt::ImplicitCastExprClass: 1065 return VisitImplicitCastExpr(cast<ImplicitCastExpr>(S), asc); 1066 1067 case Stmt::IndirectGotoStmtClass: 1068 return VisitIndirectGotoStmt(cast<IndirectGotoStmt>(S)); 1069 1070 case Stmt::LabelStmtClass: 1071 return VisitLabelStmt(cast<LabelStmt>(S)); 1072 1073 case Stmt::LambdaExprClass: 1074 return VisitLambdaExpr(cast<LambdaExpr>(S), asc); 1075 1076 case Stmt::MemberExprClass: 1077 return VisitMemberExpr(cast<MemberExpr>(S), asc); 1078 1079 case Stmt::NullStmtClass: 1080 return Block; 1081 1082 case Stmt::ObjCAtCatchStmtClass: 1083 return VisitObjCAtCatchStmt(cast<ObjCAtCatchStmt>(S)); 1084 1085 case Stmt::ObjCAutoreleasePoolStmtClass: 1086 return VisitObjCAutoreleasePoolStmt(cast<ObjCAutoreleasePoolStmt>(S)); 1087 1088 case Stmt::ObjCAtSynchronizedStmtClass: 1089 return VisitObjCAtSynchronizedStmt(cast<ObjCAtSynchronizedStmt>(S)); 1090 1091 case Stmt::ObjCAtThrowStmtClass: 1092 return VisitObjCAtThrowStmt(cast<ObjCAtThrowStmt>(S)); 1093 1094 case Stmt::ObjCAtTryStmtClass: 1095 return VisitObjCAtTryStmt(cast<ObjCAtTryStmt>(S)); 1096 1097 case Stmt::ObjCForCollectionStmtClass: 1098 return VisitObjCForCollectionStmt(cast<ObjCForCollectionStmt>(S)); 1099 1100 case Stmt::OpaqueValueExprClass: 1101 return Block; 1102 1103 case Stmt::PseudoObjectExprClass: 1104 return VisitPseudoObjectExpr(cast<PseudoObjectExpr>(S)); 1105 1106 case Stmt::ReturnStmtClass: 1107 return VisitReturnStmt(cast<ReturnStmt>(S)); 1108 1109 case Stmt::UnaryExprOrTypeTraitExprClass: 1110 return VisitUnaryExprOrTypeTraitExpr(cast<UnaryExprOrTypeTraitExpr>(S), 1111 asc); 1112 1113 case Stmt::StmtExprClass: 1114 return VisitStmtExpr(cast<StmtExpr>(S), asc); 1115 1116 case Stmt::SwitchStmtClass: 1117 return VisitSwitchStmt(cast<SwitchStmt>(S)); 1118 1119 case Stmt::UnaryOperatorClass: 1120 return VisitUnaryOperator(cast<UnaryOperator>(S), asc); 1121 1122 case Stmt::WhileStmtClass: 1123 return VisitWhileStmt(cast<WhileStmt>(S)); 1124 } 1125} 1126 1127CFGBlock *CFGBuilder::VisitStmt(Stmt *S, AddStmtChoice asc) { 1128 if (asc.alwaysAdd(*this, S)) { 1129 autoCreateBlock(); 1130 appendStmt(Block, S); 1131 } 1132 1133 return VisitChildren(S); 1134} 1135 1136/// VisitChildren - Visit the children of a Stmt. 1137CFGBlock *CFGBuilder::VisitChildren(Stmt *Terminator) { 1138 CFGBlock *lastBlock = Block; 1139 for (Stmt::child_range I = Terminator->children(); I; ++I) 1140 if (Stmt *child = *I) 1141 if (CFGBlock *b = Visit(child)) 1142 lastBlock = b; 1143 1144 return lastBlock; 1145} 1146 1147CFGBlock *CFGBuilder::VisitAddrLabelExpr(AddrLabelExpr *A, 1148 AddStmtChoice asc) { 1149 AddressTakenLabels.insert(A->getLabel()); 1150 1151 if (asc.alwaysAdd(*this, A)) { 1152 autoCreateBlock(); 1153 appendStmt(Block, A); 1154 } 1155 1156 return Block; 1157} 1158 1159CFGBlock *CFGBuilder::VisitUnaryOperator(UnaryOperator *U, 1160 AddStmtChoice asc) { 1161 if (asc.alwaysAdd(*this, U)) { 1162 autoCreateBlock(); 1163 appendStmt(Block, U); 1164 } 1165 1166 return Visit(U->getSubExpr(), AddStmtChoice()); 1167} 1168 1169CFGBlock *CFGBuilder::VisitLogicalOperator(BinaryOperator *B) { 1170 CFGBlock *ConfluenceBlock = Block ? Block : createBlock(); 1171 appendStmt(ConfluenceBlock, B); 1172 1173 if (badCFG) 1174 return 0; 1175 1176 return VisitLogicalOperator(B, 0, ConfluenceBlock, ConfluenceBlock).first; 1177} 1178 1179std::pair<CFGBlock*, CFGBlock*> 1180CFGBuilder::VisitLogicalOperator(BinaryOperator *B, 1181 Stmt *Term, 1182 CFGBlock *TrueBlock, 1183 CFGBlock *FalseBlock) { 1184 1185 // Introspect the RHS. If it is a nested logical operation, we recursively 1186 // build the CFG using this function. Otherwise, resort to default 1187 // CFG construction behavior. 1188 Expr *RHS = B->getRHS()->IgnoreParens(); 1189 CFGBlock *RHSBlock, *ExitBlock; 1190 1191 do { 1192 if (BinaryOperator *B_RHS = dyn_cast<BinaryOperator>(RHS)) 1193 if (B_RHS->isLogicalOp()) { 1194 llvm::tie(RHSBlock, ExitBlock) = 1195 VisitLogicalOperator(B_RHS, Term, TrueBlock, FalseBlock); 1196 break; 1197 } 1198 1199 // The RHS is not a nested logical operation. Don't push the terminator 1200 // down further, but instead visit RHS and construct the respective 1201 // pieces of the CFG, and link up the RHSBlock with the terminator 1202 // we have been provided. 1203 ExitBlock = RHSBlock = createBlock(false); 1204 1205 if (!Term) { 1206 assert(TrueBlock == FalseBlock); 1207 addSuccessor(RHSBlock, TrueBlock); 1208 } 1209 else { 1210 RHSBlock->setTerminator(Term); 1211 TryResult KnownVal = tryEvaluateBool(RHS); 1212 addSuccessor(RHSBlock, KnownVal.isFalse() ? NULL : TrueBlock); 1213 addSuccessor(RHSBlock, KnownVal.isTrue() ? NULL : FalseBlock); 1214 } 1215 1216 Block = RHSBlock; 1217 RHSBlock = addStmt(RHS); 1218 } 1219 while (false); 1220 1221 if (badCFG) 1222 return std::make_pair((CFGBlock*)0, (CFGBlock*)0); 1223 1224 // Generate the blocks for evaluating the LHS. 1225 Expr *LHS = B->getLHS()->IgnoreParens(); 1226 1227 if (BinaryOperator *B_LHS = dyn_cast<BinaryOperator>(LHS)) 1228 if (B_LHS->isLogicalOp()) { 1229 if (B->getOpcode() == BO_LOr) 1230 FalseBlock = RHSBlock; 1231 else 1232 TrueBlock = RHSBlock; 1233 1234 // For the LHS, treat 'B' as the terminator that we want to sink 1235 // into the nested branch. The RHS always gets the top-most 1236 // terminator. 1237 return VisitLogicalOperator(B_LHS, B, TrueBlock, FalseBlock); 1238 } 1239 1240 // Create the block evaluating the LHS. 1241 // This contains the '&&' or '||' as the terminator. 1242 CFGBlock *LHSBlock = createBlock(false); 1243 LHSBlock->setTerminator(B); 1244 1245 Block = LHSBlock; 1246 CFGBlock *EntryLHSBlock = addStmt(LHS); 1247 1248 if (badCFG) 1249 return std::make_pair((CFGBlock*)0, (CFGBlock*)0); 1250 1251 // See if this is a known constant. 1252 TryResult KnownVal = tryEvaluateBool(LHS); 1253 1254 // Now link the LHSBlock with RHSBlock. 1255 if (B->getOpcode() == BO_LOr) { 1256 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : TrueBlock); 1257 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : RHSBlock); 1258 } else { 1259 assert(B->getOpcode() == BO_LAnd); 1260 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : RHSBlock); 1261 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : FalseBlock); 1262 } 1263 1264 return std::make_pair(EntryLHSBlock, ExitBlock); 1265} 1266 1267 1268CFGBlock *CFGBuilder::VisitBinaryOperator(BinaryOperator *B, 1269 AddStmtChoice asc) { 1270 // && or || 1271 if (B->isLogicalOp()) 1272 return VisitLogicalOperator(B); 1273 1274 if (B->getOpcode() == BO_Comma) { // , 1275 autoCreateBlock(); 1276 appendStmt(Block, B); 1277 addStmt(B->getRHS()); 1278 return addStmt(B->getLHS()); 1279 } 1280 1281 if (B->isAssignmentOp()) { 1282 if (asc.alwaysAdd(*this, B)) { 1283 autoCreateBlock(); 1284 appendStmt(Block, B); 1285 } 1286 Visit(B->getLHS()); 1287 return Visit(B->getRHS()); 1288 } 1289 1290 if (asc.alwaysAdd(*this, B)) { 1291 autoCreateBlock(); 1292 appendStmt(Block, B); 1293 } 1294 1295 CFGBlock *RBlock = Visit(B->getRHS()); 1296 CFGBlock *LBlock = Visit(B->getLHS()); 1297 // If visiting RHS causes us to finish 'Block', e.g. the RHS is a StmtExpr 1298 // containing a DoStmt, and the LHS doesn't create a new block, then we should 1299 // return RBlock. Otherwise we'll incorrectly return NULL. 1300 return (LBlock ? LBlock : RBlock); 1301} 1302 1303CFGBlock *CFGBuilder::VisitNoRecurse(Expr *E, AddStmtChoice asc) { 1304 if (asc.alwaysAdd(*this, E)) { 1305 autoCreateBlock(); 1306 appendStmt(Block, E); 1307 } 1308 return Block; 1309} 1310 1311CFGBlock *CFGBuilder::VisitBreakStmt(BreakStmt *B) { 1312 // "break" is a control-flow statement. Thus we stop processing the current 1313 // block. 1314 if (badCFG) 1315 return 0; 1316 1317 // Now create a new block that ends with the break statement. 1318 Block = createBlock(false); 1319 Block->setTerminator(B); 1320 1321 // If there is no target for the break, then we are looking at an incomplete 1322 // AST. This means that the CFG cannot be constructed. 1323 if (BreakJumpTarget.block) { 1324 addAutomaticObjDtors(ScopePos, BreakJumpTarget.scopePosition, B); 1325 addSuccessor(Block, BreakJumpTarget.block); 1326 } else 1327 badCFG = true; 1328 1329 1330 return Block; 1331} 1332 1333static bool CanThrow(Expr *E, ASTContext &Ctx) { 1334 QualType Ty = E->getType(); 1335 if (Ty->isFunctionPointerType()) 1336 Ty = Ty->getAs<PointerType>()->getPointeeType(); 1337 else if (Ty->isBlockPointerType()) 1338 Ty = Ty->getAs<BlockPointerType>()->getPointeeType(); 1339 1340 const FunctionType *FT = Ty->getAs<FunctionType>(); 1341 if (FT) { 1342 if (const FunctionProtoType *Proto = dyn_cast<FunctionProtoType>(FT)) 1343 if (!isUnresolvedExceptionSpec(Proto->getExceptionSpecType()) && 1344 Proto->isNothrow(Ctx)) 1345 return false; 1346 } 1347 return true; 1348} 1349 1350CFGBlock *CFGBuilder::VisitCallExpr(CallExpr *C, AddStmtChoice asc) { 1351 // Compute the callee type. 1352 QualType calleeType = C->getCallee()->getType(); 1353 if (calleeType == Context->BoundMemberTy) { 1354 QualType boundType = Expr::findBoundMemberType(C->getCallee()); 1355 1356 // We should only get a null bound type if processing a dependent 1357 // CFG. Recover by assuming nothing. 1358 if (!boundType.isNull()) calleeType = boundType; 1359 } 1360 1361 // If this is a call to a no-return function, this stops the block here. 1362 bool NoReturn = getFunctionExtInfo(*calleeType).getNoReturn(); 1363 1364 bool AddEHEdge = false; 1365 1366 // Languages without exceptions are assumed to not throw. 1367 if (Context->getLangOpts().Exceptions) { 1368 if (BuildOpts.AddEHEdges) 1369 AddEHEdge = true; 1370 } 1371 1372 if (FunctionDecl *FD = C->getDirectCallee()) { 1373 if (FD->hasAttr<NoReturnAttr>()) 1374 NoReturn = true; 1375 if (FD->hasAttr<NoThrowAttr>()) 1376 AddEHEdge = false; 1377 } 1378 1379 if (!CanThrow(C->getCallee(), *Context)) 1380 AddEHEdge = false; 1381 1382 if (!NoReturn && !AddEHEdge) 1383 return VisitStmt(C, asc.withAlwaysAdd(true)); 1384 1385 if (Block) { 1386 Succ = Block; 1387 if (badCFG) 1388 return 0; 1389 } 1390 1391 if (NoReturn) 1392 Block = createNoReturnBlock(); 1393 else 1394 Block = createBlock(); 1395 1396 appendStmt(Block, C); 1397 1398 if (AddEHEdge) { 1399 // Add exceptional edges. 1400 if (TryTerminatedBlock) 1401 addSuccessor(Block, TryTerminatedBlock); 1402 else 1403 addSuccessor(Block, &cfg->getExit()); 1404 } 1405 1406 return VisitChildren(C); 1407} 1408 1409CFGBlock *CFGBuilder::VisitChooseExpr(ChooseExpr *C, 1410 AddStmtChoice asc) { 1411 CFGBlock *ConfluenceBlock = Block ? Block : createBlock(); 1412 appendStmt(ConfluenceBlock, C); 1413 if (badCFG) 1414 return 0; 1415 1416 AddStmtChoice alwaysAdd = asc.withAlwaysAdd(true); 1417 Succ = ConfluenceBlock; 1418 Block = NULL; 1419 CFGBlock *LHSBlock = Visit(C->getLHS(), alwaysAdd); 1420 if (badCFG) 1421 return 0; 1422 1423 Succ = ConfluenceBlock; 1424 Block = NULL; 1425 CFGBlock *RHSBlock = Visit(C->getRHS(), alwaysAdd); 1426 if (badCFG) 1427 return 0; 1428 1429 Block = createBlock(false); 1430 // See if this is a known constant. 1431 const TryResult& KnownVal = tryEvaluateBool(C->getCond()); 1432 addSuccessor(Block, KnownVal.isFalse() ? NULL : LHSBlock); 1433 addSuccessor(Block, KnownVal.isTrue() ? NULL : RHSBlock); 1434 Block->setTerminator(C); 1435 return addStmt(C->getCond()); 1436} 1437 1438 1439CFGBlock *CFGBuilder::VisitCompoundStmt(CompoundStmt *C) { 1440 addLocalScopeAndDtors(C); 1441 CFGBlock *LastBlock = Block; 1442 1443 for (CompoundStmt::reverse_body_iterator I=C->body_rbegin(), E=C->body_rend(); 1444 I != E; ++I ) { 1445 // If we hit a segment of code just containing ';' (NullStmts), we can 1446 // get a null block back. In such cases, just use the LastBlock 1447 if (CFGBlock *newBlock = addStmt(*I)) 1448 LastBlock = newBlock; 1449 1450 if (badCFG) 1451 return NULL; 1452 } 1453 1454 return LastBlock; 1455} 1456 1457CFGBlock *CFGBuilder::VisitConditionalOperator(AbstractConditionalOperator *C, 1458 AddStmtChoice asc) { 1459 const BinaryConditionalOperator *BCO = dyn_cast<BinaryConditionalOperator>(C); 1460 const OpaqueValueExpr *opaqueValue = (BCO ? BCO->getOpaqueValue() : NULL); 1461 1462 // Create the confluence block that will "merge" the results of the ternary 1463 // expression. 1464 CFGBlock *ConfluenceBlock = Block ? Block : createBlock(); 1465 appendStmt(ConfluenceBlock, C); 1466 if (badCFG) 1467 return 0; 1468 1469 AddStmtChoice alwaysAdd = asc.withAlwaysAdd(true); 1470 1471 // Create a block for the LHS expression if there is an LHS expression. A 1472 // GCC extension allows LHS to be NULL, causing the condition to be the 1473 // value that is returned instead. 1474 // e.g: x ?: y is shorthand for: x ? x : y; 1475 Succ = ConfluenceBlock; 1476 Block = NULL; 1477 CFGBlock *LHSBlock = 0; 1478 const Expr *trueExpr = C->getTrueExpr(); 1479 if (trueExpr != opaqueValue) { 1480 LHSBlock = Visit(C->getTrueExpr(), alwaysAdd); 1481 if (badCFG) 1482 return 0; 1483 Block = NULL; 1484 } 1485 else 1486 LHSBlock = ConfluenceBlock; 1487 1488 // Create the block for the RHS expression. 1489 Succ = ConfluenceBlock; 1490 CFGBlock *RHSBlock = Visit(C->getFalseExpr(), alwaysAdd); 1491 if (badCFG) 1492 return 0; 1493 1494 // If the condition is a logical '&&' or '||', build a more accurate CFG. 1495 if (BinaryOperator *Cond = 1496 dyn_cast<BinaryOperator>(C->getCond()->IgnoreParens())) 1497 if (Cond->isLogicalOp()) 1498 return VisitLogicalOperator(Cond, C, LHSBlock, RHSBlock).first; 1499 1500 // Create the block that will contain the condition. 1501 Block = createBlock(false); 1502 1503 // See if this is a known constant. 1504 const TryResult& KnownVal = tryEvaluateBool(C->getCond()); 1505 addSuccessor(Block, KnownVal.isFalse() ? NULL : LHSBlock); 1506 addSuccessor(Block, KnownVal.isTrue() ? NULL : RHSBlock); 1507 Block->setTerminator(C); 1508 Expr *condExpr = C->getCond(); 1509 1510 if (opaqueValue) { 1511 // Run the condition expression if it's not trivially expressed in 1512 // terms of the opaque value (or if there is no opaque value). 1513 if (condExpr != opaqueValue) 1514 addStmt(condExpr); 1515 1516 // Before that, run the common subexpression if there was one. 1517 // At least one of this or the above will be run. 1518 return addStmt(BCO->getCommon()); 1519 } 1520 1521 return addStmt(condExpr); 1522} 1523 1524CFGBlock *CFGBuilder::VisitDeclStmt(DeclStmt *DS) { 1525 // Check if the Decl is for an __label__. If so, elide it from the 1526 // CFG entirely. 1527 if (isa<LabelDecl>(*DS->decl_begin())) 1528 return Block; 1529 1530 // This case also handles static_asserts. 1531 if (DS->isSingleDecl()) 1532 return VisitDeclSubExpr(DS); 1533 1534 CFGBlock *B = 0; 1535 1536 // Build an individual DeclStmt for each decl. 1537 for (DeclStmt::reverse_decl_iterator I = DS->decl_rbegin(), 1538 E = DS->decl_rend(); 1539 I != E; ++I) { 1540 // Get the alignment of the new DeclStmt, padding out to >=8 bytes. 1541 unsigned A = llvm::AlignOf<DeclStmt>::Alignment < 8 1542 ? 8 : llvm::AlignOf<DeclStmt>::Alignment; 1543 1544 // Allocate the DeclStmt using the BumpPtrAllocator. It will get 1545 // automatically freed with the CFG. 1546 DeclGroupRef DG(*I); 1547 Decl *D = *I; 1548 void *Mem = cfg->getAllocator().Allocate(sizeof(DeclStmt), A); 1549 DeclStmt *DSNew = new (Mem) DeclStmt(DG, D->getLocation(), GetEndLoc(D)); 1550 1551 // Append the fake DeclStmt to block. 1552 B = VisitDeclSubExpr(DSNew); 1553 } 1554 1555 return B; 1556} 1557 1558/// VisitDeclSubExpr - Utility method to add block-level expressions for 1559/// DeclStmts and initializers in them. 1560CFGBlock *CFGBuilder::VisitDeclSubExpr(DeclStmt *DS) { 1561 assert(DS->isSingleDecl() && "Can handle single declarations only."); 1562 Decl *D = DS->getSingleDecl(); 1563 1564 if (isa<StaticAssertDecl>(D)) { 1565 // static_asserts aren't added to the CFG because they do not impact 1566 // runtime semantics. 1567 return Block; 1568 } 1569 1570 VarDecl *VD = dyn_cast<VarDecl>(DS->getSingleDecl()); 1571 1572 if (!VD) { 1573 autoCreateBlock(); 1574 appendStmt(Block, DS); 1575 return Block; 1576 } 1577 1578 bool IsReference = false; 1579 bool HasTemporaries = false; 1580 1581 // Destructors of temporaries in initialization expression should be called 1582 // after initialization finishes. 1583 Expr *Init = VD->getInit(); 1584 if (Init) { 1585 IsReference = VD->getType()->isReferenceType(); 1586 HasTemporaries = isa<ExprWithCleanups>(Init); 1587 1588 if (BuildOpts.AddImplicitDtors && HasTemporaries) { 1589 // Generate destructors for temporaries in initialization expression. 1590 VisitForTemporaryDtors(cast<ExprWithCleanups>(Init)->getSubExpr(), 1591 IsReference); 1592 } 1593 } 1594 1595 autoCreateBlock(); 1596 appendStmt(Block, DS); 1597 1598 // Keep track of the last non-null block, as 'Block' can be nulled out 1599 // if the initializer expression is something like a 'while' in a 1600 // statement-expression. 1601 CFGBlock *LastBlock = Block; 1602 1603 if (Init) { 1604 if (HasTemporaries) { 1605 // For expression with temporaries go directly to subexpression to omit 1606 // generating destructors for the second time. 1607 ExprWithCleanups *EC = cast<ExprWithCleanups>(Init); 1608 if (CFGBlock *newBlock = Visit(EC->getSubExpr())) 1609 LastBlock = newBlock; 1610 } 1611 else { 1612 if (CFGBlock *newBlock = Visit(Init)) 1613 LastBlock = newBlock; 1614 } 1615 } 1616 1617 // If the type of VD is a VLA, then we must process its size expressions. 1618 for (const VariableArrayType* VA = FindVA(VD->getType().getTypePtr()); 1619 VA != 0; VA = FindVA(VA->getElementType().getTypePtr())) 1620 Block = addStmt(VA->getSizeExpr()); 1621 1622 // Remove variable from local scope. 1623 if (ScopePos && VD == *ScopePos) 1624 ++ScopePos; 1625 1626 return Block ? Block : LastBlock; 1627} 1628 1629CFGBlock *CFGBuilder::VisitIfStmt(IfStmt *I) { 1630 // We may see an if statement in the middle of a basic block, or it may be the 1631 // first statement we are processing. In either case, we create a new basic 1632 // block. First, we create the blocks for the then...else statements, and 1633 // then we create the block containing the if statement. If we were in the 1634 // middle of a block, we stop processing that block. That block is then the 1635 // implicit successor for the "then" and "else" clauses. 1636 1637 // Save local scope position because in case of condition variable ScopePos 1638 // won't be restored when traversing AST. 1639 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 1640 1641 // Create local scope for possible condition variable. 1642 // Store scope position. Add implicit destructor. 1643 if (VarDecl *VD = I->getConditionVariable()) { 1644 LocalScope::const_iterator BeginScopePos = ScopePos; 1645 addLocalScopeForVarDecl(VD); 1646 addAutomaticObjDtors(ScopePos, BeginScopePos, I); 1647 } 1648 1649 // The block we were processing is now finished. Make it the successor 1650 // block. 1651 if (Block) { 1652 Succ = Block; 1653 if (badCFG) 1654 return 0; 1655 } 1656 1657 // Process the false branch. 1658 CFGBlock *ElseBlock = Succ; 1659 1660 if (Stmt *Else = I->getElse()) { 1661 SaveAndRestore<CFGBlock*> sv(Succ); 1662 1663 // NULL out Block so that the recursive call to Visit will 1664 // create a new basic block. 1665 Block = NULL; 1666 1667 // If branch is not a compound statement create implicit scope 1668 // and add destructors. 1669 if (!isa<CompoundStmt>(Else)) 1670 addLocalScopeAndDtors(Else); 1671 1672 ElseBlock = addStmt(Else); 1673 1674 if (!ElseBlock) // Can occur when the Else body has all NullStmts. 1675 ElseBlock = sv.get(); 1676 else if (Block) { 1677 if (badCFG) 1678 return 0; 1679 } 1680 } 1681 1682 // Process the true branch. 1683 CFGBlock *ThenBlock; 1684 { 1685 Stmt *Then = I->getThen(); 1686 assert(Then); 1687 SaveAndRestore<CFGBlock*> sv(Succ); 1688 Block = NULL; 1689 1690 // If branch is not a compound statement create implicit scope 1691 // and add destructors. 1692 if (!isa<CompoundStmt>(Then)) 1693 addLocalScopeAndDtors(Then); 1694 1695 ThenBlock = addStmt(Then); 1696 1697 if (!ThenBlock) { 1698 // We can reach here if the "then" body has all NullStmts. 1699 // Create an empty block so we can distinguish between true and false 1700 // branches in path-sensitive analyses. 1701 ThenBlock = createBlock(false); 1702 addSuccessor(ThenBlock, sv.get()); 1703 } else if (Block) { 1704 if (badCFG) 1705 return 0; 1706 } 1707 } 1708 1709 // Specially handle "if (expr1 || ...)" and "if (expr1 && ...)" by 1710 // having these handle the actual control-flow jump. Note that 1711 // if we introduce a condition variable, e.g. "if (int x = exp1 || exp2)" 1712 // we resort to the old control-flow behavior. This special handling 1713 // removes infeasible paths from the control-flow graph by having the 1714 // control-flow transfer of '&&' or '||' go directly into the then/else 1715 // blocks directly. 1716 if (!I->getConditionVariable()) 1717 if (BinaryOperator *Cond = 1718 dyn_cast<BinaryOperator>(I->getCond()->IgnoreParens())) 1719 if (Cond->isLogicalOp()) 1720 return VisitLogicalOperator(Cond, I, ThenBlock, ElseBlock).first; 1721 1722 // Now create a new block containing the if statement. 1723 Block = createBlock(false); 1724 1725 // Set the terminator of the new block to the If statement. 1726 Block->setTerminator(I); 1727 1728 // See if this is a known constant. 1729 const TryResult &KnownVal = tryEvaluateBool(I->getCond()); 1730 1731 // Now add the successors. 1732 addSuccessor(Block, KnownVal.isFalse() ? NULL : ThenBlock); 1733 addSuccessor(Block, KnownVal.isTrue()? NULL : ElseBlock); 1734 1735 // Add the condition as the last statement in the new block. This may create 1736 // new blocks as the condition may contain control-flow. Any newly created 1737 // blocks will be pointed to be "Block". 1738 Block = addStmt(I->getCond()); 1739 1740 // Finally, if the IfStmt contains a condition variable, add both the IfStmt 1741 // and the condition variable initialization to the CFG. 1742 if (VarDecl *VD = I->getConditionVariable()) { 1743 if (Expr *Init = VD->getInit()) { 1744 autoCreateBlock(); 1745 appendStmt(Block, I->getConditionVariableDeclStmt()); 1746 addStmt(Init); 1747 } 1748 } 1749 1750 return Block; 1751} 1752 1753 1754CFGBlock *CFGBuilder::VisitReturnStmt(ReturnStmt *R) { 1755 // If we were in the middle of a block we stop processing that block. 1756 // 1757 // NOTE: If a "return" appears in the middle of a block, this means that the 1758 // code afterwards is DEAD (unreachable). We still keep a basic block 1759 // for that code; a simple "mark-and-sweep" from the entry block will be 1760 // able to report such dead blocks. 1761 1762 // Create the new block. 1763 Block = createBlock(false); 1764 1765 // The Exit block is the only successor. 1766 addAutomaticObjDtors(ScopePos, LocalScope::const_iterator(), R); 1767 addSuccessor(Block, &cfg->getExit()); 1768 1769 // Add the return statement to the block. This may create new blocks if R 1770 // contains control-flow (short-circuit operations). 1771 return VisitStmt(R, AddStmtChoice::AlwaysAdd); 1772} 1773 1774CFGBlock *CFGBuilder::VisitLabelStmt(LabelStmt *L) { 1775 // Get the block of the labeled statement. Add it to our map. 1776 addStmt(L->getSubStmt()); 1777 CFGBlock *LabelBlock = Block; 1778 1779 if (!LabelBlock) // This can happen when the body is empty, i.e. 1780 LabelBlock = createBlock(); // scopes that only contains NullStmts. 1781 1782 assert(LabelMap.find(L->getDecl()) == LabelMap.end() && 1783 "label already in map"); 1784 LabelMap[L->getDecl()] = JumpTarget(LabelBlock, ScopePos); 1785 1786 // Labels partition blocks, so this is the end of the basic block we were 1787 // processing (L is the block's label). Because this is label (and we have 1788 // already processed the substatement) there is no extra control-flow to worry 1789 // about. 1790 LabelBlock->setLabel(L); 1791 if (badCFG) 1792 return 0; 1793 1794 // We set Block to NULL to allow lazy creation of a new block (if necessary); 1795 Block = NULL; 1796 1797 // This block is now the implicit successor of other blocks. 1798 Succ = LabelBlock; 1799 1800 return LabelBlock; 1801} 1802 1803CFGBlock *CFGBuilder::VisitLambdaExpr(LambdaExpr *E, AddStmtChoice asc) { 1804 CFGBlock *LastBlock = VisitNoRecurse(E, asc); 1805 for (LambdaExpr::capture_init_iterator it = E->capture_init_begin(), 1806 et = E->capture_init_end(); it != et; ++it) { 1807 if (Expr *Init = *it) { 1808 CFGBlock *Tmp = Visit(Init); 1809 if (Tmp != 0) 1810 LastBlock = Tmp; 1811 } 1812 } 1813 return LastBlock; 1814} 1815 1816CFGBlock *CFGBuilder::VisitGotoStmt(GotoStmt *G) { 1817 // Goto is a control-flow statement. Thus we stop processing the current 1818 // block and create a new one. 1819 1820 Block = createBlock(false); 1821 Block->setTerminator(G); 1822 1823 // If we already know the mapping to the label block add the successor now. 1824 LabelMapTy::iterator I = LabelMap.find(G->getLabel()); 1825 1826 if (I == LabelMap.end()) 1827 // We will need to backpatch this block later. 1828 BackpatchBlocks.push_back(JumpSource(Block, ScopePos)); 1829 else { 1830 JumpTarget JT = I->second; 1831 addAutomaticObjDtors(ScopePos, JT.scopePosition, G); 1832 addSuccessor(Block, JT.block); 1833 } 1834 1835 return Block; 1836} 1837 1838CFGBlock *CFGBuilder::VisitForStmt(ForStmt *F) { 1839 CFGBlock *LoopSuccessor = NULL; 1840 1841 // Save local scope position because in case of condition variable ScopePos 1842 // won't be restored when traversing AST. 1843 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 1844 1845 // Create local scope for init statement and possible condition variable. 1846 // Add destructor for init statement and condition variable. 1847 // Store scope position for continue statement. 1848 if (Stmt *Init = F->getInit()) 1849 addLocalScopeForStmt(Init); 1850 LocalScope::const_iterator LoopBeginScopePos = ScopePos; 1851 1852 if (VarDecl *VD = F->getConditionVariable()) 1853 addLocalScopeForVarDecl(VD); 1854 LocalScope::const_iterator ContinueScopePos = ScopePos; 1855 1856 addAutomaticObjDtors(ScopePos, save_scope_pos.get(), F); 1857 1858 // "for" is a control-flow statement. Thus we stop processing the current 1859 // block. 1860 if (Block) { 1861 if (badCFG) 1862 return 0; 1863 LoopSuccessor = Block; 1864 } else 1865 LoopSuccessor = Succ; 1866 1867 // Save the current value for the break targets. 1868 // All breaks should go to the code following the loop. 1869 SaveAndRestore<JumpTarget> save_break(BreakJumpTarget); 1870 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 1871 1872 CFGBlock *BodyBlock = 0, *TransitionBlock = 0; 1873 1874 // Now create the loop body. 1875 { 1876 assert(F->getBody()); 1877 1878 // Save the current values for Block, Succ, continue and break targets. 1879 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 1880 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget); 1881 1882 // Create an empty block to represent the transition block for looping back 1883 // to the head of the loop. If we have increment code, it will 1884 // go in this block as well. 1885 Block = Succ = TransitionBlock = createBlock(false); 1886 TransitionBlock->setLoopTarget(F); 1887 1888 if (Stmt *I = F->getInc()) { 1889 // Generate increment code in its own basic block. This is the target of 1890 // continue statements. 1891 Succ = addStmt(I); 1892 } 1893 1894 // Finish up the increment (or empty) block if it hasn't been already. 1895 if (Block) { 1896 assert(Block == Succ); 1897 if (badCFG) 1898 return 0; 1899 Block = 0; 1900 } 1901 1902 // The starting block for the loop increment is the block that should 1903 // represent the 'loop target' for looping back to the start of the loop. 1904 ContinueJumpTarget = JumpTarget(Succ, ContinueScopePos); 1905 ContinueJumpTarget.block->setLoopTarget(F); 1906 1907 // Loop body should end with destructor of Condition variable (if any). 1908 addAutomaticObjDtors(ScopePos, LoopBeginScopePos, F); 1909 1910 // If body is not a compound statement create implicit scope 1911 // and add destructors. 1912 if (!isa<CompoundStmt>(F->getBody())) 1913 addLocalScopeAndDtors(F->getBody()); 1914 1915 // Now populate the body block, and in the process create new blocks as we 1916 // walk the body of the loop. 1917 BodyBlock = addStmt(F->getBody()); 1918 1919 if (!BodyBlock) { 1920 // In the case of "for (...;...;...);" we can have a null BodyBlock. 1921 // Use the continue jump target as the proxy for the body. 1922 BodyBlock = ContinueJumpTarget.block; 1923 } 1924 else if (badCFG) 1925 return 0; 1926 } 1927 1928 // Because of short-circuit evaluation, the condition of the loop can span 1929 // multiple basic blocks. Thus we need the "Entry" and "Exit" blocks that 1930 // evaluate the condition. 1931 CFGBlock *EntryConditionBlock = 0, *ExitConditionBlock = 0; 1932 1933 do { 1934 Expr *C = F->getCond(); 1935 1936 // Specially handle logical operators, which have a slightly 1937 // more optimal CFG representation. 1938 if (BinaryOperator *Cond = 1939 dyn_cast_or_null<BinaryOperator>(C ? C->IgnoreParens() : 0)) 1940 if (Cond->isLogicalOp()) { 1941 llvm::tie(EntryConditionBlock, ExitConditionBlock) = 1942 VisitLogicalOperator(Cond, F, BodyBlock, LoopSuccessor); 1943 break; 1944 } 1945 1946 // The default case when not handling logical operators. 1947 EntryConditionBlock = ExitConditionBlock = createBlock(false); 1948 ExitConditionBlock->setTerminator(F); 1949 1950 // See if this is a known constant. 1951 TryResult KnownVal(true); 1952 1953 if (C) { 1954 // Now add the actual condition to the condition block. 1955 // Because the condition itself may contain control-flow, new blocks may 1956 // be created. Thus we update "Succ" after adding the condition. 1957 Block = ExitConditionBlock; 1958 EntryConditionBlock = addStmt(C); 1959 1960 // If this block contains a condition variable, add both the condition 1961 // variable and initializer to the CFG. 1962 if (VarDecl *VD = F->getConditionVariable()) { 1963 if (Expr *Init = VD->getInit()) { 1964 autoCreateBlock(); 1965 appendStmt(Block, F->getConditionVariableDeclStmt()); 1966 EntryConditionBlock = addStmt(Init); 1967 assert(Block == EntryConditionBlock); 1968 } 1969 } 1970 1971 if (Block && badCFG) 1972 return 0; 1973 1974 KnownVal = tryEvaluateBool(C); 1975 } 1976 1977 // Add the loop body entry as a successor to the condition. 1978 addSuccessor(ExitConditionBlock, KnownVal.isFalse() ? NULL : BodyBlock); 1979 // Link up the condition block with the code that follows the loop. (the 1980 // false branch). 1981 addSuccessor(ExitConditionBlock, KnownVal.isTrue() ? NULL : LoopSuccessor); 1982 1983 } while (false); 1984 1985 // Link up the loop-back block to the entry condition block. 1986 addSuccessor(TransitionBlock, EntryConditionBlock); 1987 1988 // The condition block is the implicit successor for any code above the loop. 1989 Succ = EntryConditionBlock; 1990 1991 // If the loop contains initialization, create a new block for those 1992 // statements. This block can also contain statements that precede the loop. 1993 if (Stmt *I = F->getInit()) { 1994 Block = createBlock(); 1995 return addStmt(I); 1996 } 1997 1998 // There is no loop initialization. We are thus basically a while loop. 1999 // NULL out Block to force lazy block construction. 2000 Block = NULL; 2001 Succ = EntryConditionBlock; 2002 return EntryConditionBlock; 2003} 2004 2005CFGBlock *CFGBuilder::VisitMemberExpr(MemberExpr *M, AddStmtChoice asc) { 2006 if (asc.alwaysAdd(*this, M)) { 2007 autoCreateBlock(); 2008 appendStmt(Block, M); 2009 } 2010 return Visit(M->getBase()); 2011} 2012 2013CFGBlock *CFGBuilder::VisitObjCForCollectionStmt(ObjCForCollectionStmt *S) { 2014 // Objective-C fast enumeration 'for' statements: 2015 // http://developer.apple.com/documentation/Cocoa/Conceptual/ObjectiveC 2016 // 2017 // for ( Type newVariable in collection_expression ) { statements } 2018 // 2019 // becomes: 2020 // 2021 // prologue: 2022 // 1. collection_expression 2023 // T. jump to loop_entry 2024 // loop_entry: 2025 // 1. side-effects of element expression 2026 // 1. ObjCForCollectionStmt [performs binding to newVariable] 2027 // T. ObjCForCollectionStmt TB, FB [jumps to TB if newVariable != nil] 2028 // TB: 2029 // statements 2030 // T. jump to loop_entry 2031 // FB: 2032 // what comes after 2033 // 2034 // and 2035 // 2036 // Type existingItem; 2037 // for ( existingItem in expression ) { statements } 2038 // 2039 // becomes: 2040 // 2041 // the same with newVariable replaced with existingItem; the binding works 2042 // the same except that for one ObjCForCollectionStmt::getElement() returns 2043 // a DeclStmt and the other returns a DeclRefExpr. 2044 // 2045 2046 CFGBlock *LoopSuccessor = 0; 2047 2048 if (Block) { 2049 if (badCFG) 2050 return 0; 2051 LoopSuccessor = Block; 2052 Block = 0; 2053 } else 2054 LoopSuccessor = Succ; 2055 2056 // Build the condition blocks. 2057 CFGBlock *ExitConditionBlock = createBlock(false); 2058 2059 // Set the terminator for the "exit" condition block. 2060 ExitConditionBlock->setTerminator(S); 2061 2062 // The last statement in the block should be the ObjCForCollectionStmt, which 2063 // performs the actual binding to 'element' and determines if there are any 2064 // more items in the collection. 2065 appendStmt(ExitConditionBlock, S); 2066 Block = ExitConditionBlock; 2067 2068 // Walk the 'element' expression to see if there are any side-effects. We 2069 // generate new blocks as necessary. We DON'T add the statement by default to 2070 // the CFG unless it contains control-flow. 2071 CFGBlock *EntryConditionBlock = Visit(S->getElement(), 2072 AddStmtChoice::NotAlwaysAdd); 2073 if (Block) { 2074 if (badCFG) 2075 return 0; 2076 Block = 0; 2077 } 2078 2079 // The condition block is the implicit successor for the loop body as well as 2080 // any code above the loop. 2081 Succ = EntryConditionBlock; 2082 2083 // Now create the true branch. 2084 { 2085 // Save the current values for Succ, continue and break targets. 2086 SaveAndRestore<CFGBlock*> save_Succ(Succ); 2087 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget), 2088 save_break(BreakJumpTarget); 2089 2090 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2091 ContinueJumpTarget = JumpTarget(EntryConditionBlock, ScopePos); 2092 2093 CFGBlock *BodyBlock = addStmt(S->getBody()); 2094 2095 if (!BodyBlock) 2096 BodyBlock = EntryConditionBlock; // can happen for "for (X in Y) ;" 2097 else if (Block) { 2098 if (badCFG) 2099 return 0; 2100 } 2101 2102 // This new body block is a successor to our "exit" condition block. 2103 addSuccessor(ExitConditionBlock, BodyBlock); 2104 } 2105 2106 // Link up the condition block with the code that follows the loop. 2107 // (the false branch). 2108 addSuccessor(ExitConditionBlock, LoopSuccessor); 2109 2110 // Now create a prologue block to contain the collection expression. 2111 Block = createBlock(); 2112 return addStmt(S->getCollection()); 2113} 2114 2115CFGBlock *CFGBuilder::VisitObjCAutoreleasePoolStmt(ObjCAutoreleasePoolStmt *S) { 2116 // Inline the body. 2117 return addStmt(S->getSubStmt()); 2118 // TODO: consider adding cleanups for the end of @autoreleasepool scope. 2119} 2120 2121CFGBlock *CFGBuilder::VisitObjCAtSynchronizedStmt(ObjCAtSynchronizedStmt *S) { 2122 // FIXME: Add locking 'primitives' to CFG for @synchronized. 2123 2124 // Inline the body. 2125 CFGBlock *SyncBlock = addStmt(S->getSynchBody()); 2126 2127 // The sync body starts its own basic block. This makes it a little easier 2128 // for diagnostic clients. 2129 if (SyncBlock) { 2130 if (badCFG) 2131 return 0; 2132 2133 Block = 0; 2134 Succ = SyncBlock; 2135 } 2136 2137 // Add the @synchronized to the CFG. 2138 autoCreateBlock(); 2139 appendStmt(Block, S); 2140 2141 // Inline the sync expression. 2142 return addStmt(S->getSynchExpr()); 2143} 2144 2145CFGBlock *CFGBuilder::VisitObjCAtTryStmt(ObjCAtTryStmt *S) { 2146 // FIXME 2147 return NYS(); 2148} 2149 2150CFGBlock *CFGBuilder::VisitPseudoObjectExpr(PseudoObjectExpr *E) { 2151 autoCreateBlock(); 2152 2153 // Add the PseudoObject as the last thing. 2154 appendStmt(Block, E); 2155 2156 CFGBlock *lastBlock = Block; 2157 2158 // Before that, evaluate all of the semantics in order. In 2159 // CFG-land, that means appending them in reverse order. 2160 for (unsigned i = E->getNumSemanticExprs(); i != 0; ) { 2161 Expr *Semantic = E->getSemanticExpr(--i); 2162 2163 // If the semantic is an opaque value, we're being asked to bind 2164 // it to its source expression. 2165 if (OpaqueValueExpr *OVE = dyn_cast<OpaqueValueExpr>(Semantic)) 2166 Semantic = OVE->getSourceExpr(); 2167 2168 if (CFGBlock *B = Visit(Semantic)) 2169 lastBlock = B; 2170 } 2171 2172 return lastBlock; 2173} 2174 2175CFGBlock *CFGBuilder::VisitWhileStmt(WhileStmt *W) { 2176 CFGBlock *LoopSuccessor = NULL; 2177 2178 // Save local scope position because in case of condition variable ScopePos 2179 // won't be restored when traversing AST. 2180 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2181 2182 // Create local scope for possible condition variable. 2183 // Store scope position for continue statement. 2184 LocalScope::const_iterator LoopBeginScopePos = ScopePos; 2185 if (VarDecl *VD = W->getConditionVariable()) { 2186 addLocalScopeForVarDecl(VD); 2187 addAutomaticObjDtors(ScopePos, LoopBeginScopePos, W); 2188 } 2189 2190 // "while" is a control-flow statement. Thus we stop processing the current 2191 // block. 2192 if (Block) { 2193 if (badCFG) 2194 return 0; 2195 LoopSuccessor = Block; 2196 Block = 0; 2197 } else { 2198 LoopSuccessor = Succ; 2199 } 2200 2201 CFGBlock *BodyBlock = 0, *TransitionBlock = 0; 2202 2203 // Process the loop body. 2204 { 2205 assert(W->getBody()); 2206 2207 // Save the current values for Block, Succ, continue and break targets. 2208 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 2209 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget), 2210 save_break(BreakJumpTarget); 2211 2212 // Create an empty block to represent the transition block for looping back 2213 // to the head of the loop. 2214 Succ = TransitionBlock = createBlock(false); 2215 TransitionBlock->setLoopTarget(W); 2216 ContinueJumpTarget = JumpTarget(Succ, LoopBeginScopePos); 2217 2218 // All breaks should go to the code following the loop. 2219 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2220 2221 // Loop body should end with destructor of Condition variable (if any). 2222 addAutomaticObjDtors(ScopePos, LoopBeginScopePos, W); 2223 2224 // If body is not a compound statement create implicit scope 2225 // and add destructors. 2226 if (!isa<CompoundStmt>(W->getBody())) 2227 addLocalScopeAndDtors(W->getBody()); 2228 2229 // Create the body. The returned block is the entry to the loop body. 2230 BodyBlock = addStmt(W->getBody()); 2231 2232 if (!BodyBlock) 2233 BodyBlock = ContinueJumpTarget.block; // can happen for "while(...) ;" 2234 else if (Block && badCFG) 2235 return 0; 2236 } 2237 2238 // Because of short-circuit evaluation, the condition of the loop can span 2239 // multiple basic blocks. Thus we need the "Entry" and "Exit" blocks that 2240 // evaluate the condition. 2241 CFGBlock *EntryConditionBlock = 0, *ExitConditionBlock = 0; 2242 2243 do { 2244 Expr *C = W->getCond(); 2245 2246 // Specially handle logical operators, which have a slightly 2247 // more optimal CFG representation. 2248 if (BinaryOperator *Cond = dyn_cast<BinaryOperator>(C->IgnoreParens())) 2249 if (Cond->isLogicalOp()) { 2250 llvm::tie(EntryConditionBlock, ExitConditionBlock) = 2251 VisitLogicalOperator(Cond, W, BodyBlock, 2252 LoopSuccessor); 2253 break; 2254 } 2255 2256 // The default case when not handling logical operators. 2257 EntryConditionBlock = ExitConditionBlock = createBlock(false); 2258 ExitConditionBlock->setTerminator(W); 2259 2260 // Now add the actual condition to the condition block. 2261 // Because the condition itself may contain control-flow, new blocks may 2262 // be created. Thus we update "Succ" after adding the condition. 2263 Block = ExitConditionBlock; 2264 Block = EntryConditionBlock = addStmt(C); 2265 2266 // If this block contains a condition variable, add both the condition 2267 // variable and initializer to the CFG. 2268 if (VarDecl *VD = W->getConditionVariable()) { 2269 if (Expr *Init = VD->getInit()) { 2270 autoCreateBlock(); 2271 appendStmt(Block, W->getConditionVariableDeclStmt()); 2272 EntryConditionBlock = addStmt(Init); 2273 assert(Block == EntryConditionBlock); 2274 } 2275 } 2276 2277 if (Block && badCFG) 2278 return 0; 2279 2280 // See if this is a known constant. 2281 const TryResult& KnownVal = tryEvaluateBool(C); 2282 2283 // Add the loop body entry as a successor to the condition. 2284 addSuccessor(ExitConditionBlock, KnownVal.isFalse() ? NULL : BodyBlock); 2285 // Link up the condition block with the code that follows the loop. (the 2286 // false branch). 2287 addSuccessor(ExitConditionBlock, KnownVal.isTrue() ? NULL : LoopSuccessor); 2288 2289 } while(false); 2290 2291 // Link up the loop-back block to the entry condition block. 2292 addSuccessor(TransitionBlock, EntryConditionBlock); 2293 2294 // There can be no more statements in the condition block since we loop back 2295 // to this block. NULL out Block to force lazy creation of another block. 2296 Block = NULL; 2297 2298 // Return the condition block, which is the dominating block for the loop. 2299 Succ = EntryConditionBlock; 2300 return EntryConditionBlock; 2301} 2302 2303 2304CFGBlock *CFGBuilder::VisitObjCAtCatchStmt(ObjCAtCatchStmt *S) { 2305 // FIXME: For now we pretend that @catch and the code it contains does not 2306 // exit. 2307 return Block; 2308} 2309 2310CFGBlock *CFGBuilder::VisitObjCAtThrowStmt(ObjCAtThrowStmt *S) { 2311 // FIXME: This isn't complete. We basically treat @throw like a return 2312 // statement. 2313 2314 // If we were in the middle of a block we stop processing that block. 2315 if (badCFG) 2316 return 0; 2317 2318 // Create the new block. 2319 Block = createBlock(false); 2320 2321 // The Exit block is the only successor. 2322 addSuccessor(Block, &cfg->getExit()); 2323 2324 // Add the statement to the block. This may create new blocks if S contains 2325 // control-flow (short-circuit operations). 2326 return VisitStmt(S, AddStmtChoice::AlwaysAdd); 2327} 2328 2329CFGBlock *CFGBuilder::VisitCXXThrowExpr(CXXThrowExpr *T) { 2330 // If we were in the middle of a block we stop processing that block. 2331 if (badCFG) 2332 return 0; 2333 2334 // Create the new block. 2335 Block = createBlock(false); 2336 2337 if (TryTerminatedBlock) 2338 // The current try statement is the only successor. 2339 addSuccessor(Block, TryTerminatedBlock); 2340 else 2341 // otherwise the Exit block is the only successor. 2342 addSuccessor(Block, &cfg->getExit()); 2343 2344 // Add the statement to the block. This may create new blocks if S contains 2345 // control-flow (short-circuit operations). 2346 return VisitStmt(T, AddStmtChoice::AlwaysAdd); 2347} 2348 2349CFGBlock *CFGBuilder::VisitDoStmt(DoStmt *D) { 2350 CFGBlock *LoopSuccessor = NULL; 2351 2352 // "do...while" is a control-flow statement. Thus we stop processing the 2353 // current block. 2354 if (Block) { 2355 if (badCFG) 2356 return 0; 2357 LoopSuccessor = Block; 2358 } else 2359 LoopSuccessor = Succ; 2360 2361 // Because of short-circuit evaluation, the condition of the loop can span 2362 // multiple basic blocks. Thus we need the "Entry" and "Exit" blocks that 2363 // evaluate the condition. 2364 CFGBlock *ExitConditionBlock = createBlock(false); 2365 CFGBlock *EntryConditionBlock = ExitConditionBlock; 2366 2367 // Set the terminator for the "exit" condition block. 2368 ExitConditionBlock->setTerminator(D); 2369 2370 // Now add the actual condition to the condition block. Because the condition 2371 // itself may contain control-flow, new blocks may be created. 2372 if (Stmt *C = D->getCond()) { 2373 Block = ExitConditionBlock; 2374 EntryConditionBlock = addStmt(C); 2375 if (Block) { 2376 if (badCFG) 2377 return 0; 2378 } 2379 } 2380 2381 // The condition block is the implicit successor for the loop body. 2382 Succ = EntryConditionBlock; 2383 2384 // See if this is a known constant. 2385 const TryResult &KnownVal = tryEvaluateBool(D->getCond()); 2386 2387 // Process the loop body. 2388 CFGBlock *BodyBlock = NULL; 2389 { 2390 assert(D->getBody()); 2391 2392 // Save the current values for Block, Succ, and continue and break targets 2393 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 2394 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget), 2395 save_break(BreakJumpTarget); 2396 2397 // All continues within this loop should go to the condition block 2398 ContinueJumpTarget = JumpTarget(EntryConditionBlock, ScopePos); 2399 2400 // All breaks should go to the code following the loop. 2401 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2402 2403 // NULL out Block to force lazy instantiation of blocks for the body. 2404 Block = NULL; 2405 2406 // If body is not a compound statement create implicit scope 2407 // and add destructors. 2408 if (!isa<CompoundStmt>(D->getBody())) 2409 addLocalScopeAndDtors(D->getBody()); 2410 2411 // Create the body. The returned block is the entry to the loop body. 2412 BodyBlock = addStmt(D->getBody()); 2413 2414 if (!BodyBlock) 2415 BodyBlock = EntryConditionBlock; // can happen for "do ; while(...)" 2416 else if (Block) { 2417 if (badCFG) 2418 return 0; 2419 } 2420 2421 if (!KnownVal.isFalse()) { 2422 // Add an intermediate block between the BodyBlock and the 2423 // ExitConditionBlock to represent the "loop back" transition. Create an 2424 // empty block to represent the transition block for looping back to the 2425 // head of the loop. 2426 // FIXME: Can we do this more efficiently without adding another block? 2427 Block = NULL; 2428 Succ = BodyBlock; 2429 CFGBlock *LoopBackBlock = createBlock(); 2430 LoopBackBlock->setLoopTarget(D); 2431 2432 // Add the loop body entry as a successor to the condition. 2433 addSuccessor(ExitConditionBlock, LoopBackBlock); 2434 } 2435 else 2436 addSuccessor(ExitConditionBlock, NULL); 2437 } 2438 2439 // Link up the condition block with the code that follows the loop. 2440 // (the false branch). 2441 addSuccessor(ExitConditionBlock, KnownVal.isTrue() ? NULL : LoopSuccessor); 2442 2443 // There can be no more statements in the body block(s) since we loop back to 2444 // the body. NULL out Block to force lazy creation of another block. 2445 Block = NULL; 2446 2447 // Return the loop body, which is the dominating block for the loop. 2448 Succ = BodyBlock; 2449 return BodyBlock; 2450} 2451 2452CFGBlock *CFGBuilder::VisitContinueStmt(ContinueStmt *C) { 2453 // "continue" is a control-flow statement. Thus we stop processing the 2454 // current block. 2455 if (badCFG) 2456 return 0; 2457 2458 // Now create a new block that ends with the continue statement. 2459 Block = createBlock(false); 2460 Block->setTerminator(C); 2461 2462 // If there is no target for the continue, then we are looking at an 2463 // incomplete AST. This means the CFG cannot be constructed. 2464 if (ContinueJumpTarget.block) { 2465 addAutomaticObjDtors(ScopePos, ContinueJumpTarget.scopePosition, C); 2466 addSuccessor(Block, ContinueJumpTarget.block); 2467 } else 2468 badCFG = true; 2469 2470 return Block; 2471} 2472 2473CFGBlock *CFGBuilder::VisitUnaryExprOrTypeTraitExpr(UnaryExprOrTypeTraitExpr *E, 2474 AddStmtChoice asc) { 2475 2476 if (asc.alwaysAdd(*this, E)) { 2477 autoCreateBlock(); 2478 appendStmt(Block, E); 2479 } 2480 2481 // VLA types have expressions that must be evaluated. 2482 CFGBlock *lastBlock = Block; 2483 2484 if (E->isArgumentType()) { 2485 for (const VariableArrayType *VA =FindVA(E->getArgumentType().getTypePtr()); 2486 VA != 0; VA = FindVA(VA->getElementType().getTypePtr())) 2487 lastBlock = addStmt(VA->getSizeExpr()); 2488 } 2489 return lastBlock; 2490} 2491 2492/// VisitStmtExpr - Utility method to handle (nested) statement 2493/// expressions (a GCC extension). 2494CFGBlock *CFGBuilder::VisitStmtExpr(StmtExpr *SE, AddStmtChoice asc) { 2495 if (asc.alwaysAdd(*this, SE)) { 2496 autoCreateBlock(); 2497 appendStmt(Block, SE); 2498 } 2499 return VisitCompoundStmt(SE->getSubStmt()); 2500} 2501 2502CFGBlock *CFGBuilder::VisitSwitchStmt(SwitchStmt *Terminator) { 2503 // "switch" is a control-flow statement. Thus we stop processing the current 2504 // block. 2505 CFGBlock *SwitchSuccessor = NULL; 2506 2507 // Save local scope position because in case of condition variable ScopePos 2508 // won't be restored when traversing AST. 2509 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2510 2511 // Create local scope for possible condition variable. 2512 // Store scope position. Add implicit destructor. 2513 if (VarDecl *VD = Terminator->getConditionVariable()) { 2514 LocalScope::const_iterator SwitchBeginScopePos = ScopePos; 2515 addLocalScopeForVarDecl(VD); 2516 addAutomaticObjDtors(ScopePos, SwitchBeginScopePos, Terminator); 2517 } 2518 2519 if (Block) { 2520 if (badCFG) 2521 return 0; 2522 SwitchSuccessor = Block; 2523 } else SwitchSuccessor = Succ; 2524 2525 // Save the current "switch" context. 2526 SaveAndRestore<CFGBlock*> save_switch(SwitchTerminatedBlock), 2527 save_default(DefaultCaseBlock); 2528 SaveAndRestore<JumpTarget> save_break(BreakJumpTarget); 2529 2530 // Set the "default" case to be the block after the switch statement. If the 2531 // switch statement contains a "default:", this value will be overwritten with 2532 // the block for that code. 2533 DefaultCaseBlock = SwitchSuccessor; 2534 2535 // Create a new block that will contain the switch statement. 2536 SwitchTerminatedBlock = createBlock(false); 2537 2538 // Now process the switch body. The code after the switch is the implicit 2539 // successor. 2540 Succ = SwitchSuccessor; 2541 BreakJumpTarget = JumpTarget(SwitchSuccessor, ScopePos); 2542 2543 // When visiting the body, the case statements should automatically get linked 2544 // up to the switch. We also don't keep a pointer to the body, since all 2545 // control-flow from the switch goes to case/default statements. 2546 assert(Terminator->getBody() && "switch must contain a non-NULL body"); 2547 Block = NULL; 2548 2549 // For pruning unreachable case statements, save the current state 2550 // for tracking the condition value. 2551 SaveAndRestore<bool> save_switchExclusivelyCovered(switchExclusivelyCovered, 2552 false); 2553 2554 // Determine if the switch condition can be explicitly evaluated. 2555 assert(Terminator->getCond() && "switch condition must be non-NULL"); 2556 Expr::EvalResult result; 2557 bool b = tryEvaluate(Terminator->getCond(), result); 2558 SaveAndRestore<Expr::EvalResult*> save_switchCond(switchCond, 2559 b ? &result : 0); 2560 2561 // If body is not a compound statement create implicit scope 2562 // and add destructors. 2563 if (!isa<CompoundStmt>(Terminator->getBody())) 2564 addLocalScopeAndDtors(Terminator->getBody()); 2565 2566 addStmt(Terminator->getBody()); 2567 if (Block) { 2568 if (badCFG) 2569 return 0; 2570 } 2571 2572 // If we have no "default:" case, the default transition is to the code 2573 // following the switch body. Moreover, take into account if all the 2574 // cases of a switch are covered (e.g., switching on an enum value). 2575 addSuccessor(SwitchTerminatedBlock, 2576 switchExclusivelyCovered || Terminator->isAllEnumCasesCovered() 2577 ? 0 : DefaultCaseBlock); 2578 2579 // Add the terminator and condition in the switch block. 2580 SwitchTerminatedBlock->setTerminator(Terminator); 2581 Block = SwitchTerminatedBlock; 2582 Block = addStmt(Terminator->getCond()); 2583 2584 // Finally, if the SwitchStmt contains a condition variable, add both the 2585 // SwitchStmt and the condition variable initialization to the CFG. 2586 if (VarDecl *VD = Terminator->getConditionVariable()) { 2587 if (Expr *Init = VD->getInit()) { 2588 autoCreateBlock(); 2589 appendStmt(Block, Terminator->getConditionVariableDeclStmt()); 2590 addStmt(Init); 2591 } 2592 } 2593 2594 return Block; 2595} 2596 2597static bool shouldAddCase(bool &switchExclusivelyCovered, 2598 const Expr::EvalResult *switchCond, 2599 const CaseStmt *CS, 2600 ASTContext &Ctx) { 2601 if (!switchCond) 2602 return true; 2603 2604 bool addCase = false; 2605 2606 if (!switchExclusivelyCovered) { 2607 if (switchCond->Val.isInt()) { 2608 // Evaluate the LHS of the case value. 2609 const llvm::APSInt &lhsInt = CS->getLHS()->EvaluateKnownConstInt(Ctx); 2610 const llvm::APSInt &condInt = switchCond->Val.getInt(); 2611 2612 if (condInt == lhsInt) { 2613 addCase = true; 2614 switchExclusivelyCovered = true; 2615 } 2616 else if (condInt < lhsInt) { 2617 if (const Expr *RHS = CS->getRHS()) { 2618 // Evaluate the RHS of the case value. 2619 const llvm::APSInt &V2 = RHS->EvaluateKnownConstInt(Ctx); 2620 if (V2 <= condInt) { 2621 addCase = true; 2622 switchExclusivelyCovered = true; 2623 } 2624 } 2625 } 2626 } 2627 else 2628 addCase = true; 2629 } 2630 return addCase; 2631} 2632 2633CFGBlock *CFGBuilder::VisitCaseStmt(CaseStmt *CS) { 2634 // CaseStmts are essentially labels, so they are the first statement in a 2635 // block. 2636 CFGBlock *TopBlock = 0, *LastBlock = 0; 2637 2638 if (Stmt *Sub = CS->getSubStmt()) { 2639 // For deeply nested chains of CaseStmts, instead of doing a recursion 2640 // (which can blow out the stack), manually unroll and create blocks 2641 // along the way. 2642 while (isa<CaseStmt>(Sub)) { 2643 CFGBlock *currentBlock = createBlock(false); 2644 currentBlock->setLabel(CS); 2645 2646 if (TopBlock) 2647 addSuccessor(LastBlock, currentBlock); 2648 else 2649 TopBlock = currentBlock; 2650 2651 addSuccessor(SwitchTerminatedBlock, 2652 shouldAddCase(switchExclusivelyCovered, switchCond, 2653 CS, *Context) 2654 ? currentBlock : 0); 2655 2656 LastBlock = currentBlock; 2657 CS = cast<CaseStmt>(Sub); 2658 Sub = CS->getSubStmt(); 2659 } 2660 2661 addStmt(Sub); 2662 } 2663 2664 CFGBlock *CaseBlock = Block; 2665 if (!CaseBlock) 2666 CaseBlock = createBlock(); 2667 2668 // Cases statements partition blocks, so this is the top of the basic block we 2669 // were processing (the "case XXX:" is the label). 2670 CaseBlock->setLabel(CS); 2671 2672 if (badCFG) 2673 return 0; 2674 2675 // Add this block to the list of successors for the block with the switch 2676 // statement. 2677 assert(SwitchTerminatedBlock); 2678 addSuccessor(SwitchTerminatedBlock, 2679 shouldAddCase(switchExclusivelyCovered, switchCond, 2680 CS, *Context) 2681 ? CaseBlock : 0); 2682 2683 // We set Block to NULL to allow lazy creation of a new block (if necessary) 2684 Block = NULL; 2685 2686 if (TopBlock) { 2687 addSuccessor(LastBlock, CaseBlock); 2688 Succ = TopBlock; 2689 } else { 2690 // This block is now the implicit successor of other blocks. 2691 Succ = CaseBlock; 2692 } 2693 2694 return Succ; 2695} 2696 2697CFGBlock *CFGBuilder::VisitDefaultStmt(DefaultStmt *Terminator) { 2698 if (Terminator->getSubStmt()) 2699 addStmt(Terminator->getSubStmt()); 2700 2701 DefaultCaseBlock = Block; 2702 2703 if (!DefaultCaseBlock) 2704 DefaultCaseBlock = createBlock(); 2705 2706 // Default statements partition blocks, so this is the top of the basic block 2707 // we were processing (the "default:" is the label). 2708 DefaultCaseBlock->setLabel(Terminator); 2709 2710 if (badCFG) 2711 return 0; 2712 2713 // Unlike case statements, we don't add the default block to the successors 2714 // for the switch statement immediately. This is done when we finish 2715 // processing the switch statement. This allows for the default case 2716 // (including a fall-through to the code after the switch statement) to always 2717 // be the last successor of a switch-terminated block. 2718 2719 // We set Block to NULL to allow lazy creation of a new block (if necessary) 2720 Block = NULL; 2721 2722 // This block is now the implicit successor of other blocks. 2723 Succ = DefaultCaseBlock; 2724 2725 return DefaultCaseBlock; 2726} 2727 2728CFGBlock *CFGBuilder::VisitCXXTryStmt(CXXTryStmt *Terminator) { 2729 // "try"/"catch" is a control-flow statement. Thus we stop processing the 2730 // current block. 2731 CFGBlock *TrySuccessor = NULL; 2732 2733 if (Block) { 2734 if (badCFG) 2735 return 0; 2736 TrySuccessor = Block; 2737 } else TrySuccessor = Succ; 2738 2739 CFGBlock *PrevTryTerminatedBlock = TryTerminatedBlock; 2740 2741 // Create a new block that will contain the try statement. 2742 CFGBlock *NewTryTerminatedBlock = createBlock(false); 2743 // Add the terminator in the try block. 2744 NewTryTerminatedBlock->setTerminator(Terminator); 2745 2746 bool HasCatchAll = false; 2747 for (unsigned h = 0; h <Terminator->getNumHandlers(); ++h) { 2748 // The code after the try is the implicit successor. 2749 Succ = TrySuccessor; 2750 CXXCatchStmt *CS = Terminator->getHandler(h); 2751 if (CS->getExceptionDecl() == 0) { 2752 HasCatchAll = true; 2753 } 2754 Block = NULL; 2755 CFGBlock *CatchBlock = VisitCXXCatchStmt(CS); 2756 if (CatchBlock == 0) 2757 return 0; 2758 // Add this block to the list of successors for the block with the try 2759 // statement. 2760 addSuccessor(NewTryTerminatedBlock, CatchBlock); 2761 } 2762 if (!HasCatchAll) { 2763 if (PrevTryTerminatedBlock) 2764 addSuccessor(NewTryTerminatedBlock, PrevTryTerminatedBlock); 2765 else 2766 addSuccessor(NewTryTerminatedBlock, &cfg->getExit()); 2767 } 2768 2769 // The code after the try is the implicit successor. 2770 Succ = TrySuccessor; 2771 2772 // Save the current "try" context. 2773 SaveAndRestore<CFGBlock*> save_try(TryTerminatedBlock, NewTryTerminatedBlock); 2774 cfg->addTryDispatchBlock(TryTerminatedBlock); 2775 2776 assert(Terminator->getTryBlock() && "try must contain a non-NULL body"); 2777 Block = NULL; 2778 Block = addStmt(Terminator->getTryBlock()); 2779 return Block; 2780} 2781 2782CFGBlock *CFGBuilder::VisitCXXCatchStmt(CXXCatchStmt *CS) { 2783 // CXXCatchStmt are treated like labels, so they are the first statement in a 2784 // block. 2785 2786 // Save local scope position because in case of exception variable ScopePos 2787 // won't be restored when traversing AST. 2788 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2789 2790 // Create local scope for possible exception variable. 2791 // Store scope position. Add implicit destructor. 2792 if (VarDecl *VD = CS->getExceptionDecl()) { 2793 LocalScope::const_iterator BeginScopePos = ScopePos; 2794 addLocalScopeForVarDecl(VD); 2795 addAutomaticObjDtors(ScopePos, BeginScopePos, CS); 2796 } 2797 2798 if (CS->getHandlerBlock()) 2799 addStmt(CS->getHandlerBlock()); 2800 2801 CFGBlock *CatchBlock = Block; 2802 if (!CatchBlock) 2803 CatchBlock = createBlock(); 2804 2805 // CXXCatchStmt is more than just a label. They have semantic meaning 2806 // as well, as they implicitly "initialize" the catch variable. Add 2807 // it to the CFG as a CFGElement so that the control-flow of these 2808 // semantics gets captured. 2809 appendStmt(CatchBlock, CS); 2810 2811 // Also add the CXXCatchStmt as a label, to mirror handling of regular 2812 // labels. 2813 CatchBlock->setLabel(CS); 2814 2815 // Bail out if the CFG is bad. 2816 if (badCFG) 2817 return 0; 2818 2819 // We set Block to NULL to allow lazy creation of a new block (if necessary) 2820 Block = NULL; 2821 2822 return CatchBlock; 2823} 2824 2825CFGBlock *CFGBuilder::VisitCXXForRangeStmt(CXXForRangeStmt *S) { 2826 // C++0x for-range statements are specified as [stmt.ranged]: 2827 // 2828 // { 2829 // auto && __range = range-init; 2830 // for ( auto __begin = begin-expr, 2831 // __end = end-expr; 2832 // __begin != __end; 2833 // ++__begin ) { 2834 // for-range-declaration = *__begin; 2835 // statement 2836 // } 2837 // } 2838 2839 // Save local scope position before the addition of the implicit variables. 2840 SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos); 2841 2842 // Create local scopes and destructors for range, begin and end variables. 2843 if (Stmt *Range = S->getRangeStmt()) 2844 addLocalScopeForStmt(Range); 2845 if (Stmt *BeginEnd = S->getBeginEndStmt()) 2846 addLocalScopeForStmt(BeginEnd); 2847 addAutomaticObjDtors(ScopePos, save_scope_pos.get(), S); 2848 2849 LocalScope::const_iterator ContinueScopePos = ScopePos; 2850 2851 // "for" is a control-flow statement. Thus we stop processing the current 2852 // block. 2853 CFGBlock *LoopSuccessor = NULL; 2854 if (Block) { 2855 if (badCFG) 2856 return 0; 2857 LoopSuccessor = Block; 2858 } else 2859 LoopSuccessor = Succ; 2860 2861 // Save the current value for the break targets. 2862 // All breaks should go to the code following the loop. 2863 SaveAndRestore<JumpTarget> save_break(BreakJumpTarget); 2864 BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos); 2865 2866 // The block for the __begin != __end expression. 2867 CFGBlock *ConditionBlock = createBlock(false); 2868 ConditionBlock->setTerminator(S); 2869 2870 // Now add the actual condition to the condition block. 2871 if (Expr *C = S->getCond()) { 2872 Block = ConditionBlock; 2873 CFGBlock *BeginConditionBlock = addStmt(C); 2874 if (badCFG) 2875 return 0; 2876 assert(BeginConditionBlock == ConditionBlock && 2877 "condition block in for-range was unexpectedly complex"); 2878 (void)BeginConditionBlock; 2879 } 2880 2881 // The condition block is the implicit successor for the loop body as well as 2882 // any code above the loop. 2883 Succ = ConditionBlock; 2884 2885 // See if this is a known constant. 2886 TryResult KnownVal(true); 2887 2888 if (S->getCond()) 2889 KnownVal = tryEvaluateBool(S->getCond()); 2890 2891 // Now create the loop body. 2892 { 2893 assert(S->getBody()); 2894 2895 // Save the current values for Block, Succ, and continue targets. 2896 SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ); 2897 SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget); 2898 2899 // Generate increment code in its own basic block. This is the target of 2900 // continue statements. 2901 Block = 0; 2902 Succ = addStmt(S->getInc()); 2903 ContinueJumpTarget = JumpTarget(Succ, ContinueScopePos); 2904 2905 // The starting block for the loop increment is the block that should 2906 // represent the 'loop target' for looping back to the start of the loop. 2907 ContinueJumpTarget.block->setLoopTarget(S); 2908 2909 // Finish up the increment block and prepare to start the loop body. 2910 assert(Block); 2911 if (badCFG) 2912 return 0; 2913 Block = 0; 2914 2915 2916 // Add implicit scope and dtors for loop variable. 2917 addLocalScopeAndDtors(S->getLoopVarStmt()); 2918 2919 // Populate a new block to contain the loop body and loop variable. 2920 Block = addStmt(S->getBody()); 2921 if (badCFG) 2922 return 0; 2923 Block = addStmt(S->getLoopVarStmt()); 2924 if (badCFG) 2925 return 0; 2926 2927 // This new body block is a successor to our condition block. 2928 addSuccessor(ConditionBlock, KnownVal.isFalse() ? 0 : Block); 2929 } 2930 2931 // Link up the condition block with the code that follows the loop (the 2932 // false branch). 2933 addSuccessor(ConditionBlock, KnownVal.isTrue() ? 0 : LoopSuccessor); 2934 2935 // Add the initialization statements. 2936 Block = createBlock(); 2937 addStmt(S->getBeginEndStmt()); 2938 return addStmt(S->getRangeStmt()); 2939} 2940 2941CFGBlock *CFGBuilder::VisitExprWithCleanups(ExprWithCleanups *E, 2942 AddStmtChoice asc) { 2943 if (BuildOpts.AddImplicitDtors) { 2944 // If adding implicit destructors visit the full expression for adding 2945 // destructors of temporaries. 2946 VisitForTemporaryDtors(E->getSubExpr()); 2947 2948 // Full expression has to be added as CFGStmt so it will be sequenced 2949 // before destructors of it's temporaries. 2950 asc = asc.withAlwaysAdd(true); 2951 } 2952 return Visit(E->getSubExpr(), asc); 2953} 2954 2955CFGBlock *CFGBuilder::VisitCXXBindTemporaryExpr(CXXBindTemporaryExpr *E, 2956 AddStmtChoice asc) { 2957 if (asc.alwaysAdd(*this, E)) { 2958 autoCreateBlock(); 2959 appendStmt(Block, E); 2960 2961 // We do not want to propagate the AlwaysAdd property. 2962 asc = asc.withAlwaysAdd(false); 2963 } 2964 return Visit(E->getSubExpr(), asc); 2965} 2966 2967CFGBlock *CFGBuilder::VisitCXXConstructExpr(CXXConstructExpr *C, 2968 AddStmtChoice asc) { 2969 autoCreateBlock(); 2970 appendStmt(Block, C); 2971 2972 return VisitChildren(C); 2973} 2974 2975CFGBlock *CFGBuilder::VisitCXXFunctionalCastExpr(CXXFunctionalCastExpr *E, 2976 AddStmtChoice asc) { 2977 if (asc.alwaysAdd(*this, E)) { 2978 autoCreateBlock(); 2979 appendStmt(Block, E); 2980 // We do not want to propagate the AlwaysAdd property. 2981 asc = asc.withAlwaysAdd(false); 2982 } 2983 return Visit(E->getSubExpr(), asc); 2984} 2985 2986CFGBlock *CFGBuilder::VisitCXXTemporaryObjectExpr(CXXTemporaryObjectExpr *C, 2987 AddStmtChoice asc) { 2988 autoCreateBlock(); 2989 appendStmt(Block, C); 2990 return VisitChildren(C); 2991} 2992 2993CFGBlock *CFGBuilder::VisitImplicitCastExpr(ImplicitCastExpr *E, 2994 AddStmtChoice asc) { 2995 if (asc.alwaysAdd(*this, E)) { 2996 autoCreateBlock(); 2997 appendStmt(Block, E); 2998 } 2999 return Visit(E->getSubExpr(), AddStmtChoice()); 3000} 3001 3002CFGBlock *CFGBuilder::VisitIndirectGotoStmt(IndirectGotoStmt *I) { 3003 // Lazily create the indirect-goto dispatch block if there isn't one already. 3004 CFGBlock *IBlock = cfg->getIndirectGotoBlock(); 3005 3006 if (!IBlock) { 3007 IBlock = createBlock(false); 3008 cfg->setIndirectGotoBlock(IBlock); 3009 } 3010 3011 // IndirectGoto is a control-flow statement. Thus we stop processing the 3012 // current block and create a new one. 3013 if (badCFG) 3014 return 0; 3015 3016 Block = createBlock(false); 3017 Block->setTerminator(I); 3018 addSuccessor(Block, IBlock); 3019 return addStmt(I->getTarget()); 3020} 3021 3022CFGBlock *CFGBuilder::VisitForTemporaryDtors(Stmt *E, bool BindToTemporary) { 3023tryAgain: 3024 if (!E) { 3025 badCFG = true; 3026 return NULL; 3027 } 3028 switch (E->getStmtClass()) { 3029 default: 3030 return VisitChildrenForTemporaryDtors(E); 3031 3032 case Stmt::BinaryOperatorClass: 3033 return VisitBinaryOperatorForTemporaryDtors(cast<BinaryOperator>(E)); 3034 3035 case Stmt::CXXBindTemporaryExprClass: 3036 return VisitCXXBindTemporaryExprForTemporaryDtors( 3037 cast<CXXBindTemporaryExpr>(E), BindToTemporary); 3038 3039 case Stmt::BinaryConditionalOperatorClass: 3040 case Stmt::ConditionalOperatorClass: 3041 return VisitConditionalOperatorForTemporaryDtors( 3042 cast<AbstractConditionalOperator>(E), BindToTemporary); 3043 3044 case Stmt::ImplicitCastExprClass: 3045 // For implicit cast we want BindToTemporary to be passed further. 3046 E = cast<CastExpr>(E)->getSubExpr(); 3047 goto tryAgain; 3048 3049 case Stmt::ParenExprClass: 3050 E = cast<ParenExpr>(E)->getSubExpr(); 3051 goto tryAgain; 3052 3053 case Stmt::MaterializeTemporaryExprClass: 3054 E = cast<MaterializeTemporaryExpr>(E)->GetTemporaryExpr(); 3055 goto tryAgain; 3056 } 3057} 3058 3059CFGBlock *CFGBuilder::VisitChildrenForTemporaryDtors(Stmt *E) { 3060 // When visiting children for destructors we want to visit them in reverse 3061 // order. Because there's no reverse iterator for children must to reverse 3062 // them in helper vector. 3063 typedef SmallVector<Stmt *, 4> ChildrenVect; 3064 ChildrenVect ChildrenRev; 3065 for (Stmt::child_range I = E->children(); I; ++I) { 3066 if (*I) ChildrenRev.push_back(*I); 3067 } 3068 3069 CFGBlock *B = Block; 3070 for (ChildrenVect::reverse_iterator I = ChildrenRev.rbegin(), 3071 L = ChildrenRev.rend(); I != L; ++I) { 3072 if (CFGBlock *R = VisitForTemporaryDtors(*I)) 3073 B = R; 3074 } 3075 return B; 3076} 3077 3078CFGBlock *CFGBuilder::VisitBinaryOperatorForTemporaryDtors(BinaryOperator *E) { 3079 if (E->isLogicalOp()) { 3080 // Destructors for temporaries in LHS expression should be called after 3081 // those for RHS expression. Even if this will unnecessarily create a block, 3082 // this block will be used at least by the full expression. 3083 autoCreateBlock(); 3084 CFGBlock *ConfluenceBlock = VisitForTemporaryDtors(E->getLHS()); 3085 if (badCFG) 3086 return NULL; 3087 3088 Succ = ConfluenceBlock; 3089 Block = NULL; 3090 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getRHS()); 3091 3092 if (RHSBlock) { 3093 if (badCFG) 3094 return NULL; 3095 3096 // If RHS expression did produce destructors we need to connect created 3097 // blocks to CFG in same manner as for binary operator itself. 3098 CFGBlock *LHSBlock = createBlock(false); 3099 LHSBlock->setTerminator(CFGTerminator(E, true)); 3100 3101 // For binary operator LHS block is before RHS in list of predecessors 3102 // of ConfluenceBlock. 3103 std::reverse(ConfluenceBlock->pred_begin(), 3104 ConfluenceBlock->pred_end()); 3105 3106 // See if this is a known constant. 3107 TryResult KnownVal = tryEvaluateBool(E->getLHS()); 3108 if (KnownVal.isKnown() && (E->getOpcode() == BO_LOr)) 3109 KnownVal.negate(); 3110 3111 // Link LHSBlock with RHSBlock exactly the same way as for binary operator 3112 // itself. 3113 if (E->getOpcode() == BO_LOr) { 3114 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : ConfluenceBlock); 3115 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : RHSBlock); 3116 } else { 3117 assert (E->getOpcode() == BO_LAnd); 3118 addSuccessor(LHSBlock, KnownVal.isFalse() ? NULL : RHSBlock); 3119 addSuccessor(LHSBlock, KnownVal.isTrue() ? NULL : ConfluenceBlock); 3120 } 3121 3122 Block = LHSBlock; 3123 return LHSBlock; 3124 } 3125 3126 Block = ConfluenceBlock; 3127 return ConfluenceBlock; 3128 } 3129 3130 if (E->isAssignmentOp()) { 3131 // For assignment operator (=) LHS expression is visited 3132 // before RHS expression. For destructors visit them in reverse order. 3133 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getRHS()); 3134 CFGBlock *LHSBlock = VisitForTemporaryDtors(E->getLHS()); 3135 return LHSBlock ? LHSBlock : RHSBlock; 3136 } 3137 3138 // For any other binary operator RHS expression is visited before 3139 // LHS expression (order of children). For destructors visit them in reverse 3140 // order. 3141 CFGBlock *LHSBlock = VisitForTemporaryDtors(E->getLHS()); 3142 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getRHS()); 3143 return RHSBlock ? RHSBlock : LHSBlock; 3144} 3145 3146CFGBlock *CFGBuilder::VisitCXXBindTemporaryExprForTemporaryDtors( 3147 CXXBindTemporaryExpr *E, bool BindToTemporary) { 3148 // First add destructors for temporaries in subexpression. 3149 CFGBlock *B = VisitForTemporaryDtors(E->getSubExpr()); 3150 if (!BindToTemporary) { 3151 // If lifetime of temporary is not prolonged (by assigning to constant 3152 // reference) add destructor for it. 3153 3154 // If the destructor is marked as a no-return destructor, we need to create 3155 // a new block for the destructor which does not have as a successor 3156 // anything built thus far. Control won't flow out of this block. 3157 const CXXDestructorDecl *Dtor = E->getTemporary()->getDestructor(); 3158 if (cast<FunctionType>(Dtor->getType())->getNoReturnAttr()) 3159 Block = createNoReturnBlock(); 3160 else 3161 autoCreateBlock(); 3162 3163 appendTemporaryDtor(Block, E); 3164 B = Block; 3165 } 3166 return B; 3167} 3168 3169CFGBlock *CFGBuilder::VisitConditionalOperatorForTemporaryDtors( 3170 AbstractConditionalOperator *E, bool BindToTemporary) { 3171 // First add destructors for condition expression. Even if this will 3172 // unnecessarily create a block, this block will be used at least by the full 3173 // expression. 3174 autoCreateBlock(); 3175 CFGBlock *ConfluenceBlock = VisitForTemporaryDtors(E->getCond()); 3176 if (badCFG) 3177 return NULL; 3178 if (BinaryConditionalOperator *BCO 3179 = dyn_cast<BinaryConditionalOperator>(E)) { 3180 ConfluenceBlock = VisitForTemporaryDtors(BCO->getCommon()); 3181 if (badCFG) 3182 return NULL; 3183 } 3184 3185 // Try to add block with destructors for LHS expression. 3186 CFGBlock *LHSBlock = NULL; 3187 Succ = ConfluenceBlock; 3188 Block = NULL; 3189 LHSBlock = VisitForTemporaryDtors(E->getTrueExpr(), BindToTemporary); 3190 if (badCFG) 3191 return NULL; 3192 3193 // Try to add block with destructors for RHS expression; 3194 Succ = ConfluenceBlock; 3195 Block = NULL; 3196 CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getFalseExpr(), 3197 BindToTemporary); 3198 if (badCFG) 3199 return NULL; 3200 3201 if (!RHSBlock && !LHSBlock) { 3202 // If neither LHS nor RHS expression had temporaries to destroy don't create 3203 // more blocks. 3204 Block = ConfluenceBlock; 3205 return Block; 3206 } 3207 3208 Block = createBlock(false); 3209 Block->setTerminator(CFGTerminator(E, true)); 3210 3211 // See if this is a known constant. 3212 const TryResult &KnownVal = tryEvaluateBool(E->getCond()); 3213 3214 if (LHSBlock) { 3215 addSuccessor(Block, KnownVal.isFalse() ? NULL : LHSBlock); 3216 } else if (KnownVal.isFalse()) { 3217 addSuccessor(Block, NULL); 3218 } else { 3219 addSuccessor(Block, ConfluenceBlock); 3220 std::reverse(ConfluenceBlock->pred_begin(), ConfluenceBlock->pred_end()); 3221 } 3222 3223 if (!RHSBlock) 3224 RHSBlock = ConfluenceBlock; 3225 addSuccessor(Block, KnownVal.isTrue() ? NULL : RHSBlock); 3226 3227 return Block; 3228} 3229 3230} // end anonymous namespace 3231 3232/// createBlock - Constructs and adds a new CFGBlock to the CFG. The block has 3233/// no successors or predecessors. If this is the first block created in the 3234/// CFG, it is automatically set to be the Entry and Exit of the CFG. 3235CFGBlock *CFG::createBlock() { 3236 bool first_block = begin() == end(); 3237 3238 // Create the block. 3239 CFGBlock *Mem = getAllocator().Allocate<CFGBlock>(); 3240 new (Mem) CFGBlock(NumBlockIDs++, BlkBVC, this); 3241 Blocks.push_back(Mem, BlkBVC); 3242 3243 // If this is the first block, set it as the Entry and Exit. 3244 if (first_block) 3245 Entry = Exit = &back(); 3246 3247 // Return the block. 3248 return &back(); 3249} 3250 3251/// buildCFG - Constructs a CFG from an AST. Ownership of the returned 3252/// CFG is returned to the caller. 3253CFG* CFG::buildCFG(const Decl *D, Stmt *Statement, ASTContext *C, 3254 const BuildOptions &BO) { 3255 CFGBuilder Builder(C, BO); 3256 return Builder.buildCFG(D, Statement); 3257} 3258 3259const CXXDestructorDecl * 3260CFGImplicitDtor::getDestructorDecl(ASTContext &astContext) const { 3261 switch (getKind()) { 3262 case CFGElement::Invalid: 3263 case CFGElement::Statement: 3264 case CFGElement::Initializer: 3265 llvm_unreachable("getDestructorDecl should only be used with " 3266 "ImplicitDtors"); 3267 case CFGElement::AutomaticObjectDtor: { 3268 const VarDecl *var = cast<CFGAutomaticObjDtor>(this)->getVarDecl(); 3269 QualType ty = var->getType(); 3270 ty = ty.getNonReferenceType(); 3271 while (const ArrayType *arrayType = astContext.getAsArrayType(ty)) { 3272 ty = arrayType->getElementType(); 3273 } 3274 const RecordType *recordType = ty->getAs<RecordType>(); 3275 const CXXRecordDecl *classDecl = 3276 cast<CXXRecordDecl>(recordType->getDecl()); 3277 return classDecl->getDestructor(); 3278 } 3279 case CFGElement::TemporaryDtor: { 3280 const CXXBindTemporaryExpr *bindExpr = 3281 cast<CFGTemporaryDtor>(this)->getBindTemporaryExpr(); 3282 const CXXTemporary *temp = bindExpr->getTemporary(); 3283 return temp->getDestructor(); 3284 } 3285 case CFGElement::BaseDtor: 3286 case CFGElement::MemberDtor: 3287 3288 // Not yet supported. 3289 return 0; 3290 } 3291 llvm_unreachable("getKind() returned bogus value"); 3292} 3293 3294bool CFGImplicitDtor::isNoReturn(ASTContext &astContext) const { 3295 if (const CXXDestructorDecl *decl = getDestructorDecl(astContext)) { 3296 QualType ty = decl->getType(); 3297 return cast<FunctionType>(ty)->getNoReturnAttr(); 3298 } 3299 return false; 3300} 3301 3302//===----------------------------------------------------------------------===// 3303// CFG: Queries for BlkExprs. 3304//===----------------------------------------------------------------------===// 3305 3306namespace { 3307 typedef llvm::DenseMap<const Stmt*,unsigned> BlkExprMapTy; 3308} 3309 3310static void FindSubExprAssignments(const Stmt *S, 3311 llvm::SmallPtrSet<const Expr*,50>& Set) { 3312 if (!S) 3313 return; 3314 3315 for (Stmt::const_child_range I = S->children(); I; ++I) { 3316 const Stmt *child = *I; 3317 if (!child) 3318 continue; 3319 3320 if (const BinaryOperator* B = dyn_cast<BinaryOperator>(child)) 3321 if (B->isAssignmentOp()) Set.insert(B); 3322 3323 FindSubExprAssignments(child, Set); 3324 } 3325} 3326 3327static BlkExprMapTy* PopulateBlkExprMap(CFG& cfg) { 3328 BlkExprMapTy* M = new BlkExprMapTy(); 3329 3330 // Look for assignments that are used as subexpressions. These are the only 3331 // assignments that we want to *possibly* register as a block-level 3332 // expression. Basically, if an assignment occurs both in a subexpression and 3333 // at the block-level, it is a block-level expression. 3334 llvm::SmallPtrSet<const Expr*,50> SubExprAssignments; 3335 3336 for (CFG::iterator I=cfg.begin(), E=cfg.end(); I != E; ++I) 3337 for (CFGBlock::iterator BI=(*I)->begin(), EI=(*I)->end(); BI != EI; ++BI) 3338 if (const CFGStmt *S = BI->getAs<CFGStmt>()) 3339 FindSubExprAssignments(S->getStmt(), SubExprAssignments); 3340 3341 for (CFG::iterator I=cfg.begin(), E=cfg.end(); I != E; ++I) { 3342 3343 // Iterate over the statements again on identify the Expr* and Stmt* at the 3344 // block-level that are block-level expressions. 3345 3346 for (CFGBlock::iterator BI=(*I)->begin(), EI=(*I)->end(); BI != EI; ++BI) { 3347 const CFGStmt *CS = BI->getAs<CFGStmt>(); 3348 if (!CS) 3349 continue; 3350 if (const Expr *Exp = dyn_cast<Expr>(CS->getStmt())) { 3351 assert((Exp->IgnoreParens() == Exp) && "No parens on block-level exps"); 3352 3353 if (const BinaryOperator* B = dyn_cast<BinaryOperator>(Exp)) { 3354 // Assignment expressions that are not nested within another 3355 // expression are really "statements" whose value is never used by 3356 // another expression. 3357 if (B->isAssignmentOp() && !SubExprAssignments.count(Exp)) 3358 continue; 3359 } else if (const StmtExpr *SE = dyn_cast<StmtExpr>(Exp)) { 3360 // Special handling for statement expressions. The last statement in 3361 // the statement expression is also a block-level expr. 3362 const CompoundStmt *C = SE->getSubStmt(); 3363 if (!C->body_empty()) { 3364 const Stmt *Last = C->body_back(); 3365 if (const Expr *LastEx = dyn_cast<Expr>(Last)) 3366 Last = LastEx->IgnoreParens(); 3367 unsigned x = M->size(); 3368 (*M)[Last] = x; 3369 } 3370 } 3371 3372 unsigned x = M->size(); 3373 (*M)[Exp] = x; 3374 } 3375 } 3376 3377 // Look at terminators. The condition is a block-level expression. 3378 3379 Stmt *S = (*I)->getTerminatorCondition(); 3380 3381 if (S && M->find(S) == M->end()) { 3382 unsigned x = M->size(); 3383 (*M)[S] = x; 3384 } 3385 } 3386 3387 return M; 3388} 3389 3390CFG::BlkExprNumTy CFG::getBlkExprNum(const Stmt *S) { 3391 assert(S != NULL); 3392 if (!BlkExprMap) { BlkExprMap = (void*) PopulateBlkExprMap(*this); } 3393 3394 BlkExprMapTy* M = reinterpret_cast<BlkExprMapTy*>(BlkExprMap); 3395 BlkExprMapTy::iterator I = M->find(S); 3396 return (I == M->end()) ? CFG::BlkExprNumTy() : CFG::BlkExprNumTy(I->second); 3397} 3398 3399unsigned CFG::getNumBlkExprs() { 3400 if (const BlkExprMapTy* M = reinterpret_cast<const BlkExprMapTy*>(BlkExprMap)) 3401 return M->size(); 3402 3403 // We assume callers interested in the number of BlkExprs will want 3404 // the map constructed if it doesn't already exist. 3405 BlkExprMap = (void*) PopulateBlkExprMap(*this); 3406 return reinterpret_cast<BlkExprMapTy*>(BlkExprMap)->size(); 3407} 3408 3409//===----------------------------------------------------------------------===// 3410// Filtered walking of the CFG. 3411//===----------------------------------------------------------------------===// 3412 3413bool CFGBlock::FilterEdge(const CFGBlock::FilterOptions &F, 3414 const CFGBlock *From, const CFGBlock *To) { 3415 3416 if (To && F.IgnoreDefaultsWithCoveredEnums) { 3417 // If the 'To' has no label or is labeled but the label isn't a 3418 // CaseStmt then filter this edge. 3419 if (const SwitchStmt *S = 3420 dyn_cast_or_null<SwitchStmt>(From->getTerminator().getStmt())) { 3421 if (S->isAllEnumCasesCovered()) { 3422 const Stmt *L = To->getLabel(); 3423 if (!L || !isa<CaseStmt>(L)) 3424 return true; 3425 } 3426 } 3427 } 3428 3429 return false; 3430} 3431 3432//===----------------------------------------------------------------------===// 3433// Cleanup: CFG dstor. 3434//===----------------------------------------------------------------------===// 3435 3436CFG::~CFG() { 3437 delete reinterpret_cast<const BlkExprMapTy*>(BlkExprMap); 3438} 3439 3440//===----------------------------------------------------------------------===// 3441// CFG pretty printing 3442//===----------------------------------------------------------------------===// 3443 3444namespace { 3445 3446class StmtPrinterHelper : public PrinterHelper { 3447 typedef llvm::DenseMap<const Stmt*,std::pair<unsigned,unsigned> > StmtMapTy; 3448 typedef llvm::DenseMap<const Decl*,std::pair<unsigned,unsigned> > DeclMapTy; 3449 StmtMapTy StmtMap; 3450 DeclMapTy DeclMap; 3451 signed currentBlock; 3452 unsigned currentStmt; 3453 const LangOptions &LangOpts; 3454public: 3455 3456 StmtPrinterHelper(const CFG* cfg, const LangOptions &LO) 3457 : currentBlock(0), currentStmt(0), LangOpts(LO) 3458 { 3459 for (CFG::const_iterator I = cfg->begin(), E = cfg->end(); I != E; ++I ) { 3460 unsigned j = 1; 3461 for (CFGBlock::const_iterator BI = (*I)->begin(), BEnd = (*I)->end() ; 3462 BI != BEnd; ++BI, ++j ) { 3463 if (const CFGStmt *SE = BI->getAs<CFGStmt>()) { 3464 const Stmt *stmt= SE->getStmt(); 3465 std::pair<unsigned, unsigned> P((*I)->getBlockID(), j); 3466 StmtMap[stmt] = P; 3467 3468 switch (stmt->getStmtClass()) { 3469 case Stmt::DeclStmtClass: 3470 DeclMap[cast<DeclStmt>(stmt)->getSingleDecl()] = P; 3471 break; 3472 case Stmt::IfStmtClass: { 3473 const VarDecl *var = cast<IfStmt>(stmt)->getConditionVariable(); 3474 if (var) 3475 DeclMap[var] = P; 3476 break; 3477 } 3478 case Stmt::ForStmtClass: { 3479 const VarDecl *var = cast<ForStmt>(stmt)->getConditionVariable(); 3480 if (var) 3481 DeclMap[var] = P; 3482 break; 3483 } 3484 case Stmt::WhileStmtClass: { 3485 const VarDecl *var = 3486 cast<WhileStmt>(stmt)->getConditionVariable(); 3487 if (var) 3488 DeclMap[var] = P; 3489 break; 3490 } 3491 case Stmt::SwitchStmtClass: { 3492 const VarDecl *var = 3493 cast<SwitchStmt>(stmt)->getConditionVariable(); 3494 if (var) 3495 DeclMap[var] = P; 3496 break; 3497 } 3498 case Stmt::CXXCatchStmtClass: { 3499 const VarDecl *var = 3500 cast<CXXCatchStmt>(stmt)->getExceptionDecl(); 3501 if (var) 3502 DeclMap[var] = P; 3503 break; 3504 } 3505 default: 3506 break; 3507 } 3508 } 3509 } 3510 } 3511 } 3512 3513 3514 virtual ~StmtPrinterHelper() {} 3515 3516 const LangOptions &getLangOpts() const { return LangOpts; } 3517 void setBlockID(signed i) { currentBlock = i; } 3518 void setStmtID(unsigned i) { currentStmt = i; } 3519 3520 virtual bool handledStmt(Stmt *S, raw_ostream &OS) { 3521 StmtMapTy::iterator I = StmtMap.find(S); 3522 3523 if (I == StmtMap.end()) 3524 return false; 3525 3526 if (currentBlock >= 0 && I->second.first == (unsigned) currentBlock 3527 && I->second.second == currentStmt) { 3528 return false; 3529 } 3530 3531 OS << "[B" << I->second.first << "." << I->second.second << "]"; 3532 return true; 3533 } 3534 3535 bool handleDecl(const Decl *D, raw_ostream &OS) { 3536 DeclMapTy::iterator I = DeclMap.find(D); 3537 3538 if (I == DeclMap.end()) 3539 return false; 3540 3541 if (currentBlock >= 0 && I->second.first == (unsigned) currentBlock 3542 && I->second.second == currentStmt) { 3543 return false; 3544 } 3545 3546 OS << "[B" << I->second.first << "." << I->second.second << "]"; 3547 return true; 3548 } 3549}; 3550} // end anonymous namespace 3551 3552 3553namespace { 3554class CFGBlockTerminatorPrint 3555 : public StmtVisitor<CFGBlockTerminatorPrint,void> { 3556 3557 raw_ostream &OS; 3558 StmtPrinterHelper* Helper; 3559 PrintingPolicy Policy; 3560public: 3561 CFGBlockTerminatorPrint(raw_ostream &os, StmtPrinterHelper* helper, 3562 const PrintingPolicy &Policy) 3563 : OS(os), Helper(helper), Policy(Policy) {} 3564 3565 void VisitIfStmt(IfStmt *I) { 3566 OS << "if "; 3567 I->getCond()->printPretty(OS,Helper,Policy); 3568 } 3569 3570 // Default case. 3571 void VisitStmt(Stmt *Terminator) { 3572 Terminator->printPretty(OS, Helper, Policy); 3573 } 3574 3575 void VisitForStmt(ForStmt *F) { 3576 OS << "for (" ; 3577 if (F->getInit()) 3578 OS << "..."; 3579 OS << "; "; 3580 if (Stmt *C = F->getCond()) 3581 C->printPretty(OS, Helper, Policy); 3582 OS << "; "; 3583 if (F->getInc()) 3584 OS << "..."; 3585 OS << ")"; 3586 } 3587 3588 void VisitWhileStmt(WhileStmt *W) { 3589 OS << "while " ; 3590 if (Stmt *C = W->getCond()) 3591 C->printPretty(OS, Helper, Policy); 3592 } 3593 3594 void VisitDoStmt(DoStmt *D) { 3595 OS << "do ... while "; 3596 if (Stmt *C = D->getCond()) 3597 C->printPretty(OS, Helper, Policy); 3598 } 3599 3600 void VisitSwitchStmt(SwitchStmt *Terminator) { 3601 OS << "switch "; 3602 Terminator->getCond()->printPretty(OS, Helper, Policy); 3603 } 3604 3605 void VisitCXXTryStmt(CXXTryStmt *CS) { 3606 OS << "try ..."; 3607 } 3608 3609 void VisitAbstractConditionalOperator(AbstractConditionalOperator* C) { 3610 C->getCond()->printPretty(OS, Helper, Policy); 3611 OS << " ? ... : ..."; 3612 } 3613 3614 void VisitChooseExpr(ChooseExpr *C) { 3615 OS << "__builtin_choose_expr( "; 3616 C->getCond()->printPretty(OS, Helper, Policy); 3617 OS << " )"; 3618 } 3619 3620 void VisitIndirectGotoStmt(IndirectGotoStmt *I) { 3621 OS << "goto *"; 3622 I->getTarget()->printPretty(OS, Helper, Policy); 3623 } 3624 3625 void VisitBinaryOperator(BinaryOperator* B) { 3626 if (!B->isLogicalOp()) { 3627 VisitExpr(B); 3628 return; 3629 } 3630 3631 B->getLHS()->printPretty(OS, Helper, Policy); 3632 3633 switch (B->getOpcode()) { 3634 case BO_LOr: 3635 OS << " || ..."; 3636 return; 3637 case BO_LAnd: 3638 OS << " && ..."; 3639 return; 3640 default: 3641 llvm_unreachable("Invalid logical operator."); 3642 } 3643 } 3644 3645 void VisitExpr(Expr *E) { 3646 E->printPretty(OS, Helper, Policy); 3647 } 3648}; 3649} // end anonymous namespace 3650 3651static void print_elem(raw_ostream &OS, StmtPrinterHelper* Helper, 3652 const CFGElement &E) { 3653 if (const CFGStmt *CS = E.getAs<CFGStmt>()) { 3654 const Stmt *S = CS->getStmt(); 3655 3656 if (Helper) { 3657 3658 // special printing for statement-expressions. 3659 if (const StmtExpr *SE = dyn_cast<StmtExpr>(S)) { 3660 const CompoundStmt *Sub = SE->getSubStmt(); 3661 3662 if (Sub->children()) { 3663 OS << "({ ... ; "; 3664 Helper->handledStmt(*SE->getSubStmt()->body_rbegin(),OS); 3665 OS << " })\n"; 3666 return; 3667 } 3668 } 3669 // special printing for comma expressions. 3670 if (const BinaryOperator* B = dyn_cast<BinaryOperator>(S)) { 3671 if (B->getOpcode() == BO_Comma) { 3672 OS << "... , "; 3673 Helper->handledStmt(B->getRHS(),OS); 3674 OS << '\n'; 3675 return; 3676 } 3677 } 3678 } 3679 S->printPretty(OS, Helper, PrintingPolicy(Helper->getLangOpts())); 3680 3681 if (isa<CXXOperatorCallExpr>(S)) { 3682 OS << " (OperatorCall)"; 3683 } 3684 else if (isa<CXXBindTemporaryExpr>(S)) { 3685 OS << " (BindTemporary)"; 3686 } 3687 else if (const CXXConstructExpr *CCE = dyn_cast<CXXConstructExpr>(S)) { 3688 OS << " (CXXConstructExpr, " << CCE->getType().getAsString() << ")"; 3689 } 3690 else if (const CastExpr *CE = dyn_cast<CastExpr>(S)) { 3691 OS << " (" << CE->getStmtClassName() << ", " 3692 << CE->getCastKindName() 3693 << ", " << CE->getType().getAsString() 3694 << ")"; 3695 } 3696 3697 // Expressions need a newline. 3698 if (isa<Expr>(S)) 3699 OS << '\n'; 3700 3701 } else if (const CFGInitializer *IE = E.getAs<CFGInitializer>()) { 3702 const CXXCtorInitializer *I = IE->getInitializer(); 3703 if (I->isBaseInitializer()) 3704 OS << I->getBaseClass()->getAsCXXRecordDecl()->getName(); 3705 else OS << I->getAnyMember()->getName(); 3706 3707 OS << "("; 3708 if (Expr *IE = I->getInit()) 3709 IE->printPretty(OS, Helper, PrintingPolicy(Helper->getLangOpts())); 3710 OS << ")"; 3711 3712 if (I->isBaseInitializer()) 3713 OS << " (Base initializer)\n"; 3714 else OS << " (Member initializer)\n"; 3715 3716 } else if (const CFGAutomaticObjDtor *DE = E.getAs<CFGAutomaticObjDtor>()){ 3717 const VarDecl *VD = DE->getVarDecl(); 3718 Helper->handleDecl(VD, OS); 3719 3720 const Type* T = VD->getType().getTypePtr(); 3721 if (const ReferenceType* RT = T->getAs<ReferenceType>()) 3722 T = RT->getPointeeType().getTypePtr(); 3723 T = T->getBaseElementTypeUnsafe(); 3724 3725 OS << ".~" << T->getAsCXXRecordDecl()->getName().str() << "()"; 3726 OS << " (Implicit destructor)\n"; 3727 3728 } else if (const CFGBaseDtor *BE = E.getAs<CFGBaseDtor>()) { 3729 const CXXBaseSpecifier *BS = BE->getBaseSpecifier(); 3730 OS << "~" << BS->getType()->getAsCXXRecordDecl()->getName() << "()"; 3731 OS << " (Base object destructor)\n"; 3732 3733 } else if (const CFGMemberDtor *ME = E.getAs<CFGMemberDtor>()) { 3734 const FieldDecl *FD = ME->getFieldDecl(); 3735 const Type *T = FD->getType()->getBaseElementTypeUnsafe(); 3736 OS << "this->" << FD->getName(); 3737 OS << ".~" << T->getAsCXXRecordDecl()->getName() << "()"; 3738 OS << " (Member object destructor)\n"; 3739 3740 } else if (const CFGTemporaryDtor *TE = E.getAs<CFGTemporaryDtor>()) { 3741 const CXXBindTemporaryExpr *BT = TE->getBindTemporaryExpr(); 3742 OS << "~" << BT->getType()->getAsCXXRecordDecl()->getName() << "()"; 3743 OS << " (Temporary object destructor)\n"; 3744 } 3745} 3746 3747static void print_block(raw_ostream &OS, const CFG* cfg, 3748 const CFGBlock &B, 3749 StmtPrinterHelper* Helper, bool print_edges, 3750 bool ShowColors) { 3751 3752 if (Helper) 3753 Helper->setBlockID(B.getBlockID()); 3754 3755 // Print the header. 3756 if (ShowColors) 3757 OS.changeColor(raw_ostream::YELLOW, true); 3758 3759 OS << "\n [B" << B.getBlockID(); 3760 3761 if (&B == &cfg->getEntry()) 3762 OS << " (ENTRY)]\n"; 3763 else if (&B == &cfg->getExit()) 3764 OS << " (EXIT)]\n"; 3765 else if (&B == cfg->getIndirectGotoBlock()) 3766 OS << " (INDIRECT GOTO DISPATCH)]\n"; 3767 else 3768 OS << "]\n"; 3769 3770 if (ShowColors) 3771 OS.resetColor(); 3772 3773 // Print the label of this block. 3774 if (Stmt *Label = const_cast<Stmt*>(B.getLabel())) { 3775 3776 if (print_edges) 3777 OS << " "; 3778 3779 if (LabelStmt *L = dyn_cast<LabelStmt>(Label)) 3780 OS << L->getName(); 3781 else if (CaseStmt *C = dyn_cast<CaseStmt>(Label)) { 3782 OS << "case "; 3783 C->getLHS()->printPretty(OS, Helper, 3784 PrintingPolicy(Helper->getLangOpts())); 3785 if (C->getRHS()) { 3786 OS << " ... "; 3787 C->getRHS()->printPretty(OS, Helper, 3788 PrintingPolicy(Helper->getLangOpts())); 3789 } 3790 } else if (isa<DefaultStmt>(Label)) 3791 OS << "default"; 3792 else if (CXXCatchStmt *CS = dyn_cast<CXXCatchStmt>(Label)) { 3793 OS << "catch ("; 3794 if (CS->getExceptionDecl()) 3795 CS->getExceptionDecl()->print(OS, PrintingPolicy(Helper->getLangOpts()), 3796 0); 3797 else 3798 OS << "..."; 3799 OS << ")"; 3800 3801 } else 3802 llvm_unreachable("Invalid label statement in CFGBlock."); 3803 3804 OS << ":\n"; 3805 } 3806 3807 // Iterate through the statements in the block and print them. 3808 unsigned j = 1; 3809 3810 for (CFGBlock::const_iterator I = B.begin(), E = B.end() ; 3811 I != E ; ++I, ++j ) { 3812 3813 // Print the statement # in the basic block and the statement itself. 3814 if (print_edges) 3815 OS << " "; 3816 3817 OS << llvm::format("%3d", j) << ": "; 3818 3819 if (Helper) 3820 Helper->setStmtID(j); 3821 3822 print_elem(OS, Helper, *I); 3823 } 3824 3825 // Print the terminator of this block. 3826 if (B.getTerminator()) { 3827 if (ShowColors) 3828 OS.changeColor(raw_ostream::GREEN); 3829 3830 OS << " T: "; 3831 3832 if (Helper) Helper->setBlockID(-1); 3833 3834 CFGBlockTerminatorPrint TPrinter(OS, Helper, 3835 PrintingPolicy(Helper->getLangOpts())); 3836 TPrinter.Visit(const_cast<Stmt*>(B.getTerminator().getStmt())); 3837 OS << '\n'; 3838 3839 if (ShowColors) 3840 OS.resetColor(); 3841 } 3842 3843 if (print_edges) { 3844 // Print the predecessors of this block. 3845 if (!B.pred_empty()) { 3846 const raw_ostream::Colors Color = raw_ostream::BLUE; 3847 if (ShowColors) 3848 OS.changeColor(Color); 3849 OS << " Preds " ; 3850 if (ShowColors) 3851 OS.resetColor(); 3852 OS << '(' << B.pred_size() << "):"; 3853 unsigned i = 0; 3854 3855 if (ShowColors) 3856 OS.changeColor(Color); 3857 3858 for (CFGBlock::const_pred_iterator I = B.pred_begin(), E = B.pred_end(); 3859 I != E; ++I, ++i) { 3860 3861 if (i == 8 || (i-8) == 0) 3862 OS << "\n "; 3863 3864 OS << " B" << (*I)->getBlockID(); 3865 } 3866 3867 if (ShowColors) 3868 OS.resetColor(); 3869 3870 OS << '\n'; 3871 } 3872 3873 // Print the successors of this block. 3874 if (!B.succ_empty()) { 3875 const raw_ostream::Colors Color = raw_ostream::MAGENTA; 3876 if (ShowColors) 3877 OS.changeColor(Color); 3878 OS << " Succs "; 3879 if (ShowColors) 3880 OS.resetColor(); 3881 OS << '(' << B.succ_size() << "):"; 3882 unsigned i = 0; 3883 3884 if (ShowColors) 3885 OS.changeColor(Color); 3886 3887 for (CFGBlock::const_succ_iterator I = B.succ_begin(), E = B.succ_end(); 3888 I != E; ++I, ++i) { 3889 3890 if (i == 8 || (i-8) % 10 == 0) 3891 OS << "\n "; 3892 3893 if (*I) 3894 OS << " B" << (*I)->getBlockID(); 3895 else 3896 OS << " NULL"; 3897 } 3898 3899 if (ShowColors) 3900 OS.resetColor(); 3901 OS << '\n'; 3902 } 3903 } 3904} 3905 3906 3907/// dump - A simple pretty printer of a CFG that outputs to stderr. 3908void CFG::dump(const LangOptions &LO, bool ShowColors) const { 3909 print(llvm::errs(), LO, ShowColors); 3910} 3911 3912/// print - A simple pretty printer of a CFG that outputs to an ostream. 3913void CFG::print(raw_ostream &OS, const LangOptions &LO, bool ShowColors) const { 3914 StmtPrinterHelper Helper(this, LO); 3915 3916 // Print the entry block. 3917 print_block(OS, this, getEntry(), &Helper, true, ShowColors); 3918 3919 // Iterate through the CFGBlocks and print them one by one. 3920 for (const_iterator I = Blocks.begin(), E = Blocks.end() ; I != E ; ++I) { 3921 // Skip the entry block, because we already printed it. 3922 if (&(**I) == &getEntry() || &(**I) == &getExit()) 3923 continue; 3924 3925 print_block(OS, this, **I, &Helper, true, ShowColors); 3926 } 3927 3928 // Print the exit block. 3929 print_block(OS, this, getExit(), &Helper, true, ShowColors); 3930 OS << '\n'; 3931 OS.flush(); 3932} 3933 3934/// dump - A simply pretty printer of a CFGBlock that outputs to stderr. 3935void CFGBlock::dump(const CFG* cfg, const LangOptions &LO, 3936 bool ShowColors) const { 3937 print(llvm::errs(), cfg, LO, ShowColors); 3938} 3939 3940/// print - A simple pretty printer of a CFGBlock that outputs to an ostream. 3941/// Generally this will only be called from CFG::print. 3942void CFGBlock::print(raw_ostream &OS, const CFG* cfg, 3943 const LangOptions &LO, bool ShowColors) const { 3944 StmtPrinterHelper Helper(cfg, LO); 3945 print_block(OS, cfg, *this, &Helper, true, ShowColors); 3946 OS << '\n'; 3947} 3948 3949/// printTerminator - A simple pretty printer of the terminator of a CFGBlock. 3950void CFGBlock::printTerminator(raw_ostream &OS, 3951 const LangOptions &LO) const { 3952 CFGBlockTerminatorPrint TPrinter(OS, NULL, PrintingPolicy(LO)); 3953 TPrinter.Visit(const_cast<Stmt*>(getTerminator().getStmt())); 3954} 3955 3956Stmt *CFGBlock::getTerminatorCondition() { 3957 Stmt *Terminator = this->Terminator; 3958 if (!Terminator) 3959 return NULL; 3960 3961 Expr *E = NULL; 3962 3963 switch (Terminator->getStmtClass()) { 3964 default: 3965 break; 3966 3967 case Stmt::ForStmtClass: 3968 E = cast<ForStmt>(Terminator)->getCond(); 3969 break; 3970 3971 case Stmt::WhileStmtClass: 3972 E = cast<WhileStmt>(Terminator)->getCond(); 3973 break; 3974 3975 case Stmt::DoStmtClass: 3976 E = cast<DoStmt>(Terminator)->getCond(); 3977 break; 3978 3979 case Stmt::IfStmtClass: 3980 E = cast<IfStmt>(Terminator)->getCond(); 3981 break; 3982 3983 case Stmt::ChooseExprClass: 3984 E = cast<ChooseExpr>(Terminator)->getCond(); 3985 break; 3986 3987 case Stmt::IndirectGotoStmtClass: 3988 E = cast<IndirectGotoStmt>(Terminator)->getTarget(); 3989 break; 3990 3991 case Stmt::SwitchStmtClass: 3992 E = cast<SwitchStmt>(Terminator)->getCond(); 3993 break; 3994 3995 case Stmt::BinaryConditionalOperatorClass: 3996 E = cast<BinaryConditionalOperator>(Terminator)->getCond(); 3997 break; 3998 3999 case Stmt::ConditionalOperatorClass: 4000 E = cast<ConditionalOperator>(Terminator)->getCond(); 4001 break; 4002 4003 case Stmt::BinaryOperatorClass: // '&&' and '||' 4004 E = cast<BinaryOperator>(Terminator)->getLHS(); 4005 break; 4006 4007 case Stmt::ObjCForCollectionStmtClass: 4008 return Terminator; 4009 } 4010 4011 return E ? E->IgnoreParens() : NULL; 4012} 4013 4014//===----------------------------------------------------------------------===// 4015// CFG Graphviz Visualization 4016//===----------------------------------------------------------------------===// 4017 4018 4019#ifndef NDEBUG 4020static StmtPrinterHelper* GraphHelper; 4021#endif 4022 4023void CFG::viewCFG(const LangOptions &LO) const { 4024#ifndef NDEBUG 4025 StmtPrinterHelper H(this, LO); 4026 GraphHelper = &H; 4027 llvm::ViewGraph(this,"CFG"); 4028 GraphHelper = NULL; 4029#endif 4030} 4031 4032namespace llvm { 4033template<> 4034struct DOTGraphTraits<const CFG*> : public DefaultDOTGraphTraits { 4035 4036 DOTGraphTraits (bool isSimple=false) : DefaultDOTGraphTraits(isSimple) {} 4037 4038 static std::string getNodeLabel(const CFGBlock *Node, const CFG* Graph) { 4039 4040#ifndef NDEBUG 4041 std::string OutSStr; 4042 llvm::raw_string_ostream Out(OutSStr); 4043 print_block(Out,Graph, *Node, GraphHelper, false, false); 4044 std::string& OutStr = Out.str(); 4045 4046 if (OutStr[0] == '\n') OutStr.erase(OutStr.begin()); 4047 4048 // Process string output to make it nicer... 4049 for (unsigned i = 0; i != OutStr.length(); ++i) 4050 if (OutStr[i] == '\n') { // Left justify 4051 OutStr[i] = '\\'; 4052 OutStr.insert(OutStr.begin()+i+1, 'l'); 4053 } 4054 4055 return OutStr; 4056#else 4057 return ""; 4058#endif 4059 } 4060}; 4061} // end namespace llvm 4062