1//===--- CFG.h - Classes for representing and building CFGs------*- C++ -*-===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This file defines the CFG and CFGBuilder classes for representing and 11// building Control-Flow Graphs (CFGs) from ASTs. 12// 13//===----------------------------------------------------------------------===// 14 15#ifndef LLVM_CLANG_ANALYSIS_CFG_H 16#define LLVM_CLANG_ANALYSIS_CFG_H 17 18#include "clang/AST/Stmt.h" 19#include "clang/Analysis/Support/BumpVector.h" 20#include "clang/Basic/SourceLocation.h" 21#include "llvm/ADT/DenseMap.h" 22#include "llvm/ADT/GraphTraits.h" 23#include "llvm/ADT/Optional.h" 24#include "llvm/ADT/PointerIntPair.h" 25#include "llvm/ADT/iterator_range.h" 26#include "llvm/Support/Allocator.h" 27#include "llvm/Support/Casting.h" 28#include "llvm/Support/raw_ostream.h" 29#include <bitset> 30#include <cassert> 31#include <iterator> 32#include <memory> 33 34namespace clang { 35 class CXXDestructorDecl; 36 class Decl; 37 class Stmt; 38 class Expr; 39 class FieldDecl; 40 class VarDecl; 41 class CXXCtorInitializer; 42 class CXXBaseSpecifier; 43 class CXXBindTemporaryExpr; 44 class CFG; 45 class PrinterHelper; 46 class LangOptions; 47 class ASTContext; 48 class CXXRecordDecl; 49 class CXXDeleteExpr; 50 class CXXNewExpr; 51 class BinaryOperator; 52 53/// CFGElement - Represents a top-level expression in a basic block. 54class CFGElement { 55public: 56 enum Kind { 57 // main kind 58 Statement, 59 Initializer, 60 NewAllocator, 61 LifetimeEnds, 62 LoopExit, 63 // dtor kind 64 AutomaticObjectDtor, 65 DeleteDtor, 66 BaseDtor, 67 MemberDtor, 68 TemporaryDtor, 69 DTOR_BEGIN = AutomaticObjectDtor, 70 DTOR_END = TemporaryDtor 71 }; 72 73protected: 74 // The int bits are used to mark the kind. 75 llvm::PointerIntPair<void *, 2> Data1; 76 llvm::PointerIntPair<void *, 2> Data2; 77 78 CFGElement(Kind kind, const void *Ptr1, const void *Ptr2 = nullptr) 79 : Data1(const_cast<void*>(Ptr1), ((unsigned) kind) & 0x3), 80 Data2(const_cast<void*>(Ptr2), (((unsigned) kind) >> 2) & 0x3) { 81 assert(getKind() == kind); 82 } 83 84 CFGElement() {} 85public: 86 87 /// \brief Convert to the specified CFGElement type, asserting that this 88 /// CFGElement is of the desired type. 89 template<typename T> 90 T castAs() const { 91 assert(T::isKind(*this)); 92 T t; 93 CFGElement& e = t; 94 e = *this; 95 return t; 96 } 97 98 /// \brief Convert to the specified CFGElement type, returning None if this 99 /// CFGElement is not of the desired type. 100 template<typename T> 101 Optional<T> getAs() const { 102 if (!T::isKind(*this)) 103 return None; 104 T t; 105 CFGElement& e = t; 106 e = *this; 107 return t; 108 } 109 110 Kind getKind() const { 111 unsigned x = Data2.getInt(); 112 x <<= 2; 113 x |= Data1.getInt(); 114 return (Kind) x; 115 } 116}; 117 118class CFGStmt : public CFGElement { 119public: 120 CFGStmt(Stmt *S) : CFGElement(Statement, S) {} 121 122 const Stmt *getStmt() const { 123 return static_cast<const Stmt *>(Data1.getPointer()); 124 } 125 126private: 127 friend class CFGElement; 128 CFGStmt() {} 129 static bool isKind(const CFGElement &E) { 130 return E.getKind() == Statement; 131 } 132}; 133 134/// CFGInitializer - Represents C++ base or member initializer from 135/// constructor's initialization list. 136class CFGInitializer : public CFGElement { 137public: 138 CFGInitializer(CXXCtorInitializer *initializer) 139 : CFGElement(Initializer, initializer) {} 140 141 CXXCtorInitializer* getInitializer() const { 142 return static_cast<CXXCtorInitializer*>(Data1.getPointer()); 143 } 144 145private: 146 friend class CFGElement; 147 CFGInitializer() {} 148 static bool isKind(const CFGElement &E) { 149 return E.getKind() == Initializer; 150 } 151}; 152 153/// CFGNewAllocator - Represents C++ allocator call. 154class CFGNewAllocator : public CFGElement { 155public: 156 explicit CFGNewAllocator(const CXXNewExpr *S) 157 : CFGElement(NewAllocator, S) {} 158 159 // Get the new expression. 160 const CXXNewExpr *getAllocatorExpr() const { 161 return static_cast<CXXNewExpr *>(Data1.getPointer()); 162 } 163 164private: 165 friend class CFGElement; 166 CFGNewAllocator() {} 167 static bool isKind(const CFGElement &elem) { 168 return elem.getKind() == NewAllocator; 169 } 170}; 171 172/// Represents the point where a loop ends. 173/// This element is is only produced when building the CFG for the static 174/// analyzer and hidden behind the 'cfg-loopexit' analyzer config flag. 175/// 176/// Note: a loop exit element can be reached even when the loop body was never 177/// entered. 178class CFGLoopExit : public CFGElement { 179public: 180 explicit CFGLoopExit(const Stmt *stmt) 181 : CFGElement(LoopExit, stmt) {} 182 183 const Stmt *getLoopStmt() const { 184 return static_cast<Stmt *>(Data1.getPointer()); 185 } 186 187private: 188 friend class CFGElement; 189 CFGLoopExit() {} 190 static bool isKind(const CFGElement &elem) { 191 return elem.getKind() == LoopExit; 192 } 193}; 194 195/// Represents the point where the lifetime of an automatic object ends 196class CFGLifetimeEnds : public CFGElement { 197public: 198 explicit CFGLifetimeEnds(const VarDecl *var, const Stmt *stmt) 199 : CFGElement(LifetimeEnds, var, stmt) {} 200 201 const VarDecl *getVarDecl() const { 202 return static_cast<VarDecl *>(Data1.getPointer()); 203 } 204 205 const Stmt *getTriggerStmt() const { 206 return static_cast<Stmt *>(Data2.getPointer()); 207 } 208 209private: 210 friend class CFGElement; 211 CFGLifetimeEnds() {} 212 static bool isKind(const CFGElement &elem) { 213 return elem.getKind() == LifetimeEnds; 214 } 215}; 216 217/// CFGImplicitDtor - Represents C++ object destructor implicitly generated 218/// by compiler on various occasions. 219class CFGImplicitDtor : public CFGElement { 220protected: 221 CFGImplicitDtor() {} 222 CFGImplicitDtor(Kind kind, const void *data1, const void *data2 = nullptr) 223 : CFGElement(kind, data1, data2) { 224 assert(kind >= DTOR_BEGIN && kind <= DTOR_END); 225 } 226 227public: 228 const CXXDestructorDecl *getDestructorDecl(ASTContext &astContext) const; 229 bool isNoReturn(ASTContext &astContext) const; 230 231private: 232 friend class CFGElement; 233 static bool isKind(const CFGElement &E) { 234 Kind kind = E.getKind(); 235 return kind >= DTOR_BEGIN && kind <= DTOR_END; 236 } 237}; 238 239/// CFGAutomaticObjDtor - Represents C++ object destructor implicitly generated 240/// for automatic object or temporary bound to const reference at the point 241/// of leaving its local scope. 242class CFGAutomaticObjDtor: public CFGImplicitDtor { 243public: 244 CFGAutomaticObjDtor(const VarDecl *var, const Stmt *stmt) 245 : CFGImplicitDtor(AutomaticObjectDtor, var, stmt) {} 246 247 const VarDecl *getVarDecl() const { 248 return static_cast<VarDecl*>(Data1.getPointer()); 249 } 250 251 // Get statement end of which triggered the destructor call. 252 const Stmt *getTriggerStmt() const { 253 return static_cast<Stmt*>(Data2.getPointer()); 254 } 255 256private: 257 friend class CFGElement; 258 CFGAutomaticObjDtor() {} 259 static bool isKind(const CFGElement &elem) { 260 return elem.getKind() == AutomaticObjectDtor; 261 } 262}; 263 264/// CFGDeleteDtor - Represents C++ object destructor generated 265/// from a call to delete. 266class CFGDeleteDtor : public CFGImplicitDtor { 267public: 268 CFGDeleteDtor(const CXXRecordDecl *RD, const CXXDeleteExpr *DE) 269 : CFGImplicitDtor(DeleteDtor, RD, DE) {} 270 271 const CXXRecordDecl *getCXXRecordDecl() const { 272 return static_cast<CXXRecordDecl*>(Data1.getPointer()); 273 } 274 275 // Get Delete expression which triggered the destructor call. 276 const CXXDeleteExpr *getDeleteExpr() const { 277 return static_cast<CXXDeleteExpr *>(Data2.getPointer()); 278 } 279 280private: 281 friend class CFGElement; 282 CFGDeleteDtor() {} 283 static bool isKind(const CFGElement &elem) { 284 return elem.getKind() == DeleteDtor; 285 } 286}; 287 288/// CFGBaseDtor - Represents C++ object destructor implicitly generated for 289/// base object in destructor. 290class CFGBaseDtor : public CFGImplicitDtor { 291public: 292 CFGBaseDtor(const CXXBaseSpecifier *base) 293 : CFGImplicitDtor(BaseDtor, base) {} 294 295 const CXXBaseSpecifier *getBaseSpecifier() const { 296 return static_cast<const CXXBaseSpecifier*>(Data1.getPointer()); 297 } 298 299private: 300 friend class CFGElement; 301 CFGBaseDtor() {} 302 static bool isKind(const CFGElement &E) { 303 return E.getKind() == BaseDtor; 304 } 305}; 306 307/// CFGMemberDtor - Represents C++ object destructor implicitly generated for 308/// member object in destructor. 309class CFGMemberDtor : public CFGImplicitDtor { 310public: 311 CFGMemberDtor(const FieldDecl *field) 312 : CFGImplicitDtor(MemberDtor, field, nullptr) {} 313 314 const FieldDecl *getFieldDecl() const { 315 return static_cast<const FieldDecl*>(Data1.getPointer()); 316 } 317 318private: 319 friend class CFGElement; 320 CFGMemberDtor() {} 321 static bool isKind(const CFGElement &E) { 322 return E.getKind() == MemberDtor; 323 } 324}; 325 326/// CFGTemporaryDtor - Represents C++ object destructor implicitly generated 327/// at the end of full expression for temporary object. 328class CFGTemporaryDtor : public CFGImplicitDtor { 329public: 330 CFGTemporaryDtor(CXXBindTemporaryExpr *expr) 331 : CFGImplicitDtor(TemporaryDtor, expr, nullptr) {} 332 333 const CXXBindTemporaryExpr *getBindTemporaryExpr() const { 334 return static_cast<const CXXBindTemporaryExpr *>(Data1.getPointer()); 335 } 336 337private: 338 friend class CFGElement; 339 CFGTemporaryDtor() {} 340 static bool isKind(const CFGElement &E) { 341 return E.getKind() == TemporaryDtor; 342 } 343}; 344 345/// CFGTerminator - Represents CFGBlock terminator statement. 346/// 347/// TemporaryDtorsBranch bit is set to true if the terminator marks a branch 348/// in control flow of destructors of temporaries. In this case terminator 349/// statement is the same statement that branches control flow in evaluation 350/// of matching full expression. 351class CFGTerminator { 352 llvm::PointerIntPair<Stmt *, 1> Data; 353public: 354 CFGTerminator() {} 355 CFGTerminator(Stmt *S, bool TemporaryDtorsBranch = false) 356 : Data(S, TemporaryDtorsBranch) {} 357 358 Stmt *getStmt() { return Data.getPointer(); } 359 const Stmt *getStmt() const { return Data.getPointer(); } 360 361 bool isTemporaryDtorsBranch() const { return Data.getInt(); } 362 363 operator Stmt *() { return getStmt(); } 364 operator const Stmt *() const { return getStmt(); } 365 366 Stmt *operator->() { return getStmt(); } 367 const Stmt *operator->() const { return getStmt(); } 368 369 Stmt &operator*() { return *getStmt(); } 370 const Stmt &operator*() const { return *getStmt(); } 371 372 explicit operator bool() const { return getStmt(); } 373}; 374 375/// CFGBlock - Represents a single basic block in a source-level CFG. 376/// It consists of: 377/// 378/// (1) A set of statements/expressions (which may contain subexpressions). 379/// (2) A "terminator" statement (not in the set of statements). 380/// (3) A list of successors and predecessors. 381/// 382/// Terminator: The terminator represents the type of control-flow that occurs 383/// at the end of the basic block. The terminator is a Stmt* referring to an 384/// AST node that has control-flow: if-statements, breaks, loops, etc. 385/// If the control-flow is conditional, the condition expression will appear 386/// within the set of statements in the block (usually the last statement). 387/// 388/// Predecessors: the order in the set of predecessors is arbitrary. 389/// 390/// Successors: the order in the set of successors is NOT arbitrary. We 391/// currently have the following orderings based on the terminator: 392/// 393/// Terminator Successor Ordering 394/// ----------------------------------------------------- 395/// if Then Block; Else Block 396/// ? operator LHS expression; RHS expression 397/// &&, || expression that uses result of && or ||, RHS 398/// 399/// But note that any of that may be NULL in case of optimized-out edges. 400/// 401class CFGBlock { 402 class ElementList { 403 typedef BumpVector<CFGElement> ImplTy; 404 ImplTy Impl; 405 public: 406 ElementList(BumpVectorContext &C) : Impl(C, 4) {} 407 408 typedef std::reverse_iterator<ImplTy::iterator> iterator; 409 typedef std::reverse_iterator<ImplTy::const_iterator> const_iterator; 410 typedef ImplTy::iterator reverse_iterator; 411 typedef ImplTy::const_iterator const_reverse_iterator; 412 typedef ImplTy::const_reference const_reference; 413 414 void push_back(CFGElement e, BumpVectorContext &C) { Impl.push_back(e, C); } 415 reverse_iterator insert(reverse_iterator I, size_t Cnt, CFGElement E, 416 BumpVectorContext &C) { 417 return Impl.insert(I, Cnt, E, C); 418 } 419 420 const_reference front() const { return Impl.back(); } 421 const_reference back() const { return Impl.front(); } 422 423 iterator begin() { return Impl.rbegin(); } 424 iterator end() { return Impl.rend(); } 425 const_iterator begin() const { return Impl.rbegin(); } 426 const_iterator end() const { return Impl.rend(); } 427 reverse_iterator rbegin() { return Impl.begin(); } 428 reverse_iterator rend() { return Impl.end(); } 429 const_reverse_iterator rbegin() const { return Impl.begin(); } 430 const_reverse_iterator rend() const { return Impl.end(); } 431 432 CFGElement operator[](size_t i) const { 433 assert(i < Impl.size()); 434 return Impl[Impl.size() - 1 - i]; 435 } 436 437 size_t size() const { return Impl.size(); } 438 bool empty() const { return Impl.empty(); } 439 }; 440 441 /// Stmts - The set of statements in the basic block. 442 ElementList Elements; 443 444 /// Label - An (optional) label that prefixes the executable 445 /// statements in the block. When this variable is non-NULL, it is 446 /// either an instance of LabelStmt, SwitchCase or CXXCatchStmt. 447 Stmt *Label; 448 449 /// Terminator - The terminator for a basic block that 450 /// indicates the type of control-flow that occurs between a block 451 /// and its successors. 452 CFGTerminator Terminator; 453 454 /// LoopTarget - Some blocks are used to represent the "loop edge" to 455 /// the start of a loop from within the loop body. This Stmt* will be 456 /// refer to the loop statement for such blocks (and be null otherwise). 457 const Stmt *LoopTarget; 458 459 /// BlockID - A numerical ID assigned to a CFGBlock during construction 460 /// of the CFG. 461 unsigned BlockID; 462 463public: 464 /// This class represents a potential adjacent block in the CFG. It encodes 465 /// whether or not the block is actually reachable, or can be proved to be 466 /// trivially unreachable. For some cases it allows one to encode scenarios 467 /// where a block was substituted because the original (now alternate) block 468 /// is unreachable. 469 class AdjacentBlock { 470 enum Kind { 471 AB_Normal, 472 AB_Unreachable, 473 AB_Alternate 474 }; 475 476 CFGBlock *ReachableBlock; 477 llvm::PointerIntPair<CFGBlock*, 2> UnreachableBlock; 478 479 public: 480 /// Construct an AdjacentBlock with a possibly unreachable block. 481 AdjacentBlock(CFGBlock *B, bool IsReachable); 482 483 /// Construct an AdjacentBlock with a reachable block and an alternate 484 /// unreachable block. 485 AdjacentBlock(CFGBlock *B, CFGBlock *AlternateBlock); 486 487 /// Get the reachable block, if one exists. 488 CFGBlock *getReachableBlock() const { 489 return ReachableBlock; 490 } 491 492 /// Get the potentially unreachable block. 493 CFGBlock *getPossiblyUnreachableBlock() const { 494 return UnreachableBlock.getPointer(); 495 } 496 497 /// Provide an implicit conversion to CFGBlock* so that 498 /// AdjacentBlock can be substituted for CFGBlock*. 499 operator CFGBlock*() const { 500 return getReachableBlock(); 501 } 502 503 CFGBlock& operator *() const { 504 return *getReachableBlock(); 505 } 506 507 CFGBlock* operator ->() const { 508 return getReachableBlock(); 509 } 510 511 bool isReachable() const { 512 Kind K = (Kind) UnreachableBlock.getInt(); 513 return K == AB_Normal || K == AB_Alternate; 514 } 515 }; 516 517private: 518 /// Predecessors/Successors - Keep track of the predecessor / successor 519 /// CFG blocks. 520 typedef BumpVector<AdjacentBlock> AdjacentBlocks; 521 AdjacentBlocks Preds; 522 AdjacentBlocks Succs; 523 524 /// NoReturn - This bit is set when the basic block contains a function call 525 /// or implicit destructor that is attributed as 'noreturn'. In that case, 526 /// control cannot technically ever proceed past this block. All such blocks 527 /// will have a single immediate successor: the exit block. This allows them 528 /// to be easily reached from the exit block and using this bit quickly 529 /// recognized without scanning the contents of the block. 530 /// 531 /// Optimization Note: This bit could be profitably folded with Terminator's 532 /// storage if the memory usage of CFGBlock becomes an issue. 533 unsigned HasNoReturnElement : 1; 534 535 /// Parent - The parent CFG that owns this CFGBlock. 536 CFG *Parent; 537 538public: 539 explicit CFGBlock(unsigned blockid, BumpVectorContext &C, CFG *parent) 540 : Elements(C), Label(nullptr), Terminator(nullptr), LoopTarget(nullptr), 541 BlockID(blockid), Preds(C, 1), Succs(C, 1), HasNoReturnElement(false), 542 Parent(parent) {} 543 544 // Statement iterators 545 typedef ElementList::iterator iterator; 546 typedef ElementList::const_iterator const_iterator; 547 typedef ElementList::reverse_iterator reverse_iterator; 548 typedef ElementList::const_reverse_iterator const_reverse_iterator; 549 550 CFGElement front() const { return Elements.front(); } 551 CFGElement back() const { return Elements.back(); } 552 553 iterator begin() { return Elements.begin(); } 554 iterator end() { return Elements.end(); } 555 const_iterator begin() const { return Elements.begin(); } 556 const_iterator end() const { return Elements.end(); } 557 558 reverse_iterator rbegin() { return Elements.rbegin(); } 559 reverse_iterator rend() { return Elements.rend(); } 560 const_reverse_iterator rbegin() const { return Elements.rbegin(); } 561 const_reverse_iterator rend() const { return Elements.rend(); } 562 563 unsigned size() const { return Elements.size(); } 564 bool empty() const { return Elements.empty(); } 565 566 CFGElement operator[](size_t i) const { return Elements[i]; } 567 568 // CFG iterators 569 typedef AdjacentBlocks::iterator pred_iterator; 570 typedef AdjacentBlocks::const_iterator const_pred_iterator; 571 typedef AdjacentBlocks::reverse_iterator pred_reverse_iterator; 572 typedef AdjacentBlocks::const_reverse_iterator const_pred_reverse_iterator; 573 typedef llvm::iterator_range<pred_iterator> pred_range; 574 typedef llvm::iterator_range<const_pred_iterator> pred_const_range; 575 576 typedef AdjacentBlocks::iterator succ_iterator; 577 typedef AdjacentBlocks::const_iterator const_succ_iterator; 578 typedef AdjacentBlocks::reverse_iterator succ_reverse_iterator; 579 typedef AdjacentBlocks::const_reverse_iterator const_succ_reverse_iterator; 580 typedef llvm::iterator_range<succ_iterator> succ_range; 581 typedef llvm::iterator_range<const_succ_iterator> succ_const_range; 582 583 pred_iterator pred_begin() { return Preds.begin(); } 584 pred_iterator pred_end() { return Preds.end(); } 585 const_pred_iterator pred_begin() const { return Preds.begin(); } 586 const_pred_iterator pred_end() const { return Preds.end(); } 587 588 pred_reverse_iterator pred_rbegin() { return Preds.rbegin(); } 589 pred_reverse_iterator pred_rend() { return Preds.rend(); } 590 const_pred_reverse_iterator pred_rbegin() const { return Preds.rbegin(); } 591 const_pred_reverse_iterator pred_rend() const { return Preds.rend(); } 592 593 pred_range preds() { 594 return pred_range(pred_begin(), pred_end()); 595 } 596 pred_const_range preds() const { 597 return pred_const_range(pred_begin(), pred_end()); 598 } 599 600 succ_iterator succ_begin() { return Succs.begin(); } 601 succ_iterator succ_end() { return Succs.end(); } 602 const_succ_iterator succ_begin() const { return Succs.begin(); } 603 const_succ_iterator succ_end() const { return Succs.end(); } 604 605 succ_reverse_iterator succ_rbegin() { return Succs.rbegin(); } 606 succ_reverse_iterator succ_rend() { return Succs.rend(); } 607 const_succ_reverse_iterator succ_rbegin() const { return Succs.rbegin(); } 608 const_succ_reverse_iterator succ_rend() const { return Succs.rend(); } 609 610 succ_range succs() { 611 return succ_range(succ_begin(), succ_end()); 612 } 613 succ_const_range succs() const { 614 return succ_const_range(succ_begin(), succ_end()); 615 } 616 617 unsigned succ_size() const { return Succs.size(); } 618 bool succ_empty() const { return Succs.empty(); } 619 620 unsigned pred_size() const { return Preds.size(); } 621 bool pred_empty() const { return Preds.empty(); } 622 623 624 class FilterOptions { 625 public: 626 FilterOptions() { 627 IgnoreNullPredecessors = 1; 628 IgnoreDefaultsWithCoveredEnums = 0; 629 } 630 631 unsigned IgnoreNullPredecessors : 1; 632 unsigned IgnoreDefaultsWithCoveredEnums : 1; 633 }; 634 635 static bool FilterEdge(const FilterOptions &F, const CFGBlock *Src, 636 const CFGBlock *Dst); 637 638 template <typename IMPL, bool IsPred> 639 class FilteredCFGBlockIterator { 640 private: 641 IMPL I, E; 642 const FilterOptions F; 643 const CFGBlock *From; 644 public: 645 explicit FilteredCFGBlockIterator(const IMPL &i, const IMPL &e, 646 const CFGBlock *from, 647 const FilterOptions &f) 648 : I(i), E(e), F(f), From(from) { 649 while (hasMore() && Filter(*I)) 650 ++I; 651 } 652 653 bool hasMore() const { return I != E; } 654 655 FilteredCFGBlockIterator &operator++() { 656 do { ++I; } while (hasMore() && Filter(*I)); 657 return *this; 658 } 659 660 const CFGBlock *operator*() const { return *I; } 661 private: 662 bool Filter(const CFGBlock *To) { 663 return IsPred ? FilterEdge(F, To, From) : FilterEdge(F, From, To); 664 } 665 }; 666 667 typedef FilteredCFGBlockIterator<const_pred_iterator, true> 668 filtered_pred_iterator; 669 670 typedef FilteredCFGBlockIterator<const_succ_iterator, false> 671 filtered_succ_iterator; 672 673 filtered_pred_iterator filtered_pred_start_end(const FilterOptions &f) const { 674 return filtered_pred_iterator(pred_begin(), pred_end(), this, f); 675 } 676 677 filtered_succ_iterator filtered_succ_start_end(const FilterOptions &f) const { 678 return filtered_succ_iterator(succ_begin(), succ_end(), this, f); 679 } 680 681 // Manipulation of block contents 682 683 void setTerminator(CFGTerminator Term) { Terminator = Term; } 684 void setLabel(Stmt *Statement) { Label = Statement; } 685 void setLoopTarget(const Stmt *loopTarget) { LoopTarget = loopTarget; } 686 void setHasNoReturnElement() { HasNoReturnElement = true; } 687 688 CFGTerminator getTerminator() { return Terminator; } 689 const CFGTerminator getTerminator() const { return Terminator; } 690 691 Stmt *getTerminatorCondition(bool StripParens = true); 692 693 const Stmt *getTerminatorCondition(bool StripParens = true) const { 694 return const_cast<CFGBlock*>(this)->getTerminatorCondition(StripParens); 695 } 696 697 const Stmt *getLoopTarget() const { return LoopTarget; } 698 699 Stmt *getLabel() { return Label; } 700 const Stmt *getLabel() const { return Label; } 701 702 bool hasNoReturnElement() const { return HasNoReturnElement; } 703 704 unsigned getBlockID() const { return BlockID; } 705 706 CFG *getParent() const { return Parent; } 707 708 void dump() const; 709 710 void dump(const CFG *cfg, const LangOptions &LO, bool ShowColors = false) const; 711 void print(raw_ostream &OS, const CFG* cfg, const LangOptions &LO, 712 bool ShowColors) const; 713 void printTerminator(raw_ostream &OS, const LangOptions &LO) const; 714 void printAsOperand(raw_ostream &OS, bool /*PrintType*/) { 715 OS << "BB#" << getBlockID(); 716 } 717 718 /// Adds a (potentially unreachable) successor block to the current block. 719 void addSuccessor(AdjacentBlock Succ, BumpVectorContext &C); 720 721 void appendStmt(Stmt *statement, BumpVectorContext &C) { 722 Elements.push_back(CFGStmt(statement), C); 723 } 724 725 void appendInitializer(CXXCtorInitializer *initializer, 726 BumpVectorContext &C) { 727 Elements.push_back(CFGInitializer(initializer), C); 728 } 729 730 void appendNewAllocator(CXXNewExpr *NE, 731 BumpVectorContext &C) { 732 Elements.push_back(CFGNewAllocator(NE), C); 733 } 734 735 void appendBaseDtor(const CXXBaseSpecifier *BS, BumpVectorContext &C) { 736 Elements.push_back(CFGBaseDtor(BS), C); 737 } 738 739 void appendMemberDtor(FieldDecl *FD, BumpVectorContext &C) { 740 Elements.push_back(CFGMemberDtor(FD), C); 741 } 742 743 void appendTemporaryDtor(CXXBindTemporaryExpr *E, BumpVectorContext &C) { 744 Elements.push_back(CFGTemporaryDtor(E), C); 745 } 746 747 void appendAutomaticObjDtor(VarDecl *VD, Stmt *S, BumpVectorContext &C) { 748 Elements.push_back(CFGAutomaticObjDtor(VD, S), C); 749 } 750 751 void appendLifetimeEnds(VarDecl *VD, Stmt *S, BumpVectorContext &C) { 752 Elements.push_back(CFGLifetimeEnds(VD, S), C); 753 } 754 755 void appendLoopExit(const Stmt *LoopStmt, BumpVectorContext &C) { 756 Elements.push_back(CFGLoopExit(LoopStmt), C); 757 } 758 759 void appendDeleteDtor(CXXRecordDecl *RD, CXXDeleteExpr *DE, BumpVectorContext &C) { 760 Elements.push_back(CFGDeleteDtor(RD, DE), C); 761 } 762 763 // Destructors must be inserted in reversed order. So insertion is in two 764 // steps. First we prepare space for some number of elements, then we insert 765 // the elements beginning at the last position in prepared space. 766 iterator beginAutomaticObjDtorsInsert(iterator I, size_t Cnt, 767 BumpVectorContext &C) { 768 return iterator(Elements.insert(I.base(), Cnt, 769 CFGAutomaticObjDtor(nullptr, nullptr), C)); 770 } 771 iterator insertAutomaticObjDtor(iterator I, VarDecl *VD, Stmt *S) { 772 *I = CFGAutomaticObjDtor(VD, S); 773 return ++I; 774 } 775 776 // Scope leaving must be performed in reversed order. So insertion is in two 777 // steps. First we prepare space for some number of elements, then we insert 778 // the elements beginning at the last position in prepared space. 779 iterator beginLifetimeEndsInsert(iterator I, size_t Cnt, 780 BumpVectorContext &C) { 781 return iterator( 782 Elements.insert(I.base(), Cnt, CFGLifetimeEnds(nullptr, nullptr), C)); 783 } 784 iterator insertLifetimeEnds(iterator I, VarDecl *VD, Stmt *S) { 785 *I = CFGLifetimeEnds(VD, S); 786 return ++I; 787 } 788}; 789 790/// \brief CFGCallback defines methods that should be called when a logical 791/// operator error is found when building the CFG. 792class CFGCallback { 793public: 794 CFGCallback() {} 795 virtual void compareAlwaysTrue(const BinaryOperator *B, bool isAlwaysTrue) {} 796 virtual void compareBitwiseEquality(const BinaryOperator *B, 797 bool isAlwaysTrue) {} 798 virtual ~CFGCallback() {} 799}; 800 801/// CFG - Represents a source-level, intra-procedural CFG that represents the 802/// control-flow of a Stmt. The Stmt can represent an entire function body, 803/// or a single expression. A CFG will always contain one empty block that 804/// represents the Exit point of the CFG. A CFG will also contain a designated 805/// Entry block. The CFG solely represents control-flow; it consists of 806/// CFGBlocks which are simply containers of Stmt*'s in the AST the CFG 807/// was constructed from. 808class CFG { 809public: 810 //===--------------------------------------------------------------------===// 811 // CFG Construction & Manipulation. 812 //===--------------------------------------------------------------------===// 813 814 class BuildOptions { 815 std::bitset<Stmt::lastStmtConstant> alwaysAddMask; 816 public: 817 typedef llvm::DenseMap<const Stmt *, const CFGBlock*> ForcedBlkExprs; 818 ForcedBlkExprs **forcedBlkExprs; 819 CFGCallback *Observer; 820 bool PruneTriviallyFalseEdges; 821 bool AddEHEdges; 822 bool AddInitializers; 823 bool AddImplicitDtors; 824 bool AddLifetime; 825 bool AddLoopExit; 826 bool AddTemporaryDtors; 827 bool AddStaticInitBranches; 828 bool AddCXXNewAllocator; 829 bool AddCXXDefaultInitExprInCtors; 830 831 bool alwaysAdd(const Stmt *stmt) const { 832 return alwaysAddMask[stmt->getStmtClass()]; 833 } 834 835 BuildOptions &setAlwaysAdd(Stmt::StmtClass stmtClass, bool val = true) { 836 alwaysAddMask[stmtClass] = val; 837 return *this; 838 } 839 840 BuildOptions &setAllAlwaysAdd() { 841 alwaysAddMask.set(); 842 return *this; 843 } 844 845 BuildOptions() 846 : forcedBlkExprs(nullptr), Observer(nullptr), 847 PruneTriviallyFalseEdges(true), 848 AddEHEdges(false), 849 AddInitializers(false), AddImplicitDtors(false), 850 AddLifetime(false), AddLoopExit(false), 851 AddTemporaryDtors(false), AddStaticInitBranches(false), 852 AddCXXNewAllocator(false), AddCXXDefaultInitExprInCtors(false) {} 853 }; 854 855 /// buildCFG - Builds a CFG from an AST. 856 static std::unique_ptr<CFG> buildCFG(const Decl *D, Stmt *AST, ASTContext *C, 857 const BuildOptions &BO); 858 859 /// createBlock - Create a new block in the CFG. The CFG owns the block; 860 /// the caller should not directly free it. 861 CFGBlock *createBlock(); 862 863 /// setEntry - Set the entry block of the CFG. This is typically used 864 /// only during CFG construction. Most CFG clients expect that the 865 /// entry block has no predecessors and contains no statements. 866 void setEntry(CFGBlock *B) { Entry = B; } 867 868 /// setIndirectGotoBlock - Set the block used for indirect goto jumps. 869 /// This is typically used only during CFG construction. 870 void setIndirectGotoBlock(CFGBlock *B) { IndirectGotoBlock = B; } 871 872 //===--------------------------------------------------------------------===// 873 // Block Iterators 874 //===--------------------------------------------------------------------===// 875 876 typedef BumpVector<CFGBlock*> CFGBlockListTy; 877 typedef CFGBlockListTy::iterator iterator; 878 typedef CFGBlockListTy::const_iterator const_iterator; 879 typedef std::reverse_iterator<iterator> reverse_iterator; 880 typedef std::reverse_iterator<const_iterator> const_reverse_iterator; 881 882 CFGBlock & front() { return *Blocks.front(); } 883 CFGBlock & back() { return *Blocks.back(); } 884 885 iterator begin() { return Blocks.begin(); } 886 iterator end() { return Blocks.end(); } 887 const_iterator begin() const { return Blocks.begin(); } 888 const_iterator end() const { return Blocks.end(); } 889 890 iterator nodes_begin() { return iterator(Blocks.begin()); } 891 iterator nodes_end() { return iterator(Blocks.end()); } 892 const_iterator nodes_begin() const { return const_iterator(Blocks.begin()); } 893 const_iterator nodes_end() const { return const_iterator(Blocks.end()); } 894 895 reverse_iterator rbegin() { return Blocks.rbegin(); } 896 reverse_iterator rend() { return Blocks.rend(); } 897 const_reverse_iterator rbegin() const { return Blocks.rbegin(); } 898 const_reverse_iterator rend() const { return Blocks.rend(); } 899 900 CFGBlock & getEntry() { return *Entry; } 901 const CFGBlock & getEntry() const { return *Entry; } 902 CFGBlock & getExit() { return *Exit; } 903 const CFGBlock & getExit() const { return *Exit; } 904 905 CFGBlock * getIndirectGotoBlock() { return IndirectGotoBlock; } 906 const CFGBlock * getIndirectGotoBlock() const { return IndirectGotoBlock; } 907 908 typedef std::vector<const CFGBlock*>::const_iterator try_block_iterator; 909 try_block_iterator try_blocks_begin() const { 910 return TryDispatchBlocks.begin(); 911 } 912 try_block_iterator try_blocks_end() const { 913 return TryDispatchBlocks.end(); 914 } 915 916 void addTryDispatchBlock(const CFGBlock *block) { 917 TryDispatchBlocks.push_back(block); 918 } 919 920 /// Records a synthetic DeclStmt and the DeclStmt it was constructed from. 921 /// 922 /// The CFG uses synthetic DeclStmts when a single AST DeclStmt contains 923 /// multiple decls. 924 void addSyntheticDeclStmt(const DeclStmt *Synthetic, 925 const DeclStmt *Source) { 926 assert(Synthetic->isSingleDecl() && "Can handle single declarations only"); 927 assert(Synthetic != Source && "Don't include original DeclStmts in map"); 928 assert(!SyntheticDeclStmts.count(Synthetic) && "Already in map"); 929 SyntheticDeclStmts[Synthetic] = Source; 930 } 931 932 typedef llvm::DenseMap<const DeclStmt *, const DeclStmt *>::const_iterator 933 synthetic_stmt_iterator; 934 typedef llvm::iterator_range<synthetic_stmt_iterator> synthetic_stmt_range; 935 936 /// Iterates over synthetic DeclStmts in the CFG. 937 /// 938 /// Each element is a (synthetic statement, source statement) pair. 939 /// 940 /// \sa addSyntheticDeclStmt 941 synthetic_stmt_iterator synthetic_stmt_begin() const { 942 return SyntheticDeclStmts.begin(); 943 } 944 945 /// \sa synthetic_stmt_begin 946 synthetic_stmt_iterator synthetic_stmt_end() const { 947 return SyntheticDeclStmts.end(); 948 } 949 950 /// \sa synthetic_stmt_begin 951 synthetic_stmt_range synthetic_stmts() const { 952 return synthetic_stmt_range(synthetic_stmt_begin(), synthetic_stmt_end()); 953 } 954 955 //===--------------------------------------------------------------------===// 956 // Member templates useful for various batch operations over CFGs. 957 //===--------------------------------------------------------------------===// 958 959 template <typename CALLBACK> 960 void VisitBlockStmts(CALLBACK& O) const { 961 for (const_iterator I=begin(), E=end(); I != E; ++I) 962 for (CFGBlock::const_iterator BI=(*I)->begin(), BE=(*I)->end(); 963 BI != BE; ++BI) { 964 if (Optional<CFGStmt> stmt = BI->getAs<CFGStmt>()) 965 O(const_cast<Stmt*>(stmt->getStmt())); 966 } 967 } 968 969 //===--------------------------------------------------------------------===// 970 // CFG Introspection. 971 //===--------------------------------------------------------------------===// 972 973 /// getNumBlockIDs - Returns the total number of BlockIDs allocated (which 974 /// start at 0). 975 unsigned getNumBlockIDs() const { return NumBlockIDs; } 976 977 /// size - Return the total number of CFGBlocks within the CFG 978 /// This is simply a renaming of the getNumBlockIDs(). This is necessary 979 /// because the dominator implementation needs such an interface. 980 unsigned size() const { return NumBlockIDs; } 981 982 //===--------------------------------------------------------------------===// 983 // CFG Debugging: Pretty-Printing and Visualization. 984 //===--------------------------------------------------------------------===// 985 986 void viewCFG(const LangOptions &LO) const; 987 void print(raw_ostream &OS, const LangOptions &LO, bool ShowColors) const; 988 void dump(const LangOptions &LO, bool ShowColors) const; 989 990 //===--------------------------------------------------------------------===// 991 // Internal: constructors and data. 992 //===--------------------------------------------------------------------===// 993 994 CFG() 995 : Entry(nullptr), Exit(nullptr), IndirectGotoBlock(nullptr), NumBlockIDs(0), 996 Blocks(BlkBVC, 10) {} 997 998 llvm::BumpPtrAllocator& getAllocator() { 999 return BlkBVC.getAllocator(); 1000 } 1001 1002 BumpVectorContext &getBumpVectorContext() { 1003 return BlkBVC; 1004 } 1005 1006private: 1007 CFGBlock *Entry; 1008 CFGBlock *Exit; 1009 CFGBlock* IndirectGotoBlock; // Special block to contain collective dispatch 1010 // for indirect gotos 1011 unsigned NumBlockIDs; 1012 1013 BumpVectorContext BlkBVC; 1014 1015 CFGBlockListTy Blocks; 1016 1017 /// C++ 'try' statements are modeled with an indirect dispatch block. 1018 /// This is the collection of such blocks present in the CFG. 1019 std::vector<const CFGBlock *> TryDispatchBlocks; 1020 1021 /// Collects DeclStmts synthesized for this CFG and maps each one back to its 1022 /// source DeclStmt. 1023 llvm::DenseMap<const DeclStmt *, const DeclStmt *> SyntheticDeclStmts; 1024}; 1025} // end namespace clang 1026 1027//===----------------------------------------------------------------------===// 1028// GraphTraits specializations for CFG basic block graphs (source-level CFGs) 1029//===----------------------------------------------------------------------===// 1030 1031namespace llvm { 1032 1033/// Implement simplify_type for CFGTerminator, so that we can dyn_cast from 1034/// CFGTerminator to a specific Stmt class. 1035template <> struct simplify_type< ::clang::CFGTerminator> { 1036 typedef ::clang::Stmt *SimpleType; 1037 static SimpleType getSimplifiedValue(::clang::CFGTerminator Val) { 1038 return Val.getStmt(); 1039 } 1040}; 1041 1042// Traits for: CFGBlock 1043 1044template <> struct GraphTraits< ::clang::CFGBlock *> { 1045 typedef ::clang::CFGBlock *NodeRef; 1046 typedef ::clang::CFGBlock::succ_iterator ChildIteratorType; 1047 1048 static NodeRef getEntryNode(::clang::CFGBlock *BB) { return BB; } 1049 1050 static ChildIteratorType child_begin(NodeRef N) { return N->succ_begin(); } 1051 1052 static ChildIteratorType child_end(NodeRef N) { return N->succ_end(); } 1053}; 1054 1055template <> struct GraphTraits< const ::clang::CFGBlock *> { 1056 typedef const ::clang::CFGBlock *NodeRef; 1057 typedef ::clang::CFGBlock::const_succ_iterator ChildIteratorType; 1058 1059 static NodeRef getEntryNode(const clang::CFGBlock *BB) { return BB; } 1060 1061 static ChildIteratorType child_begin(NodeRef N) { return N->succ_begin(); } 1062 1063 static ChildIteratorType child_end(NodeRef N) { return N->succ_end(); } 1064}; 1065 1066template <> struct GraphTraits<Inverse< ::clang::CFGBlock*> > { 1067 typedef ::clang::CFGBlock *NodeRef; 1068 typedef ::clang::CFGBlock::const_pred_iterator ChildIteratorType; 1069 1070 static NodeRef getEntryNode(Inverse<::clang::CFGBlock *> G) { 1071 return G.Graph; 1072 } 1073 1074 static ChildIteratorType child_begin(NodeRef N) { return N->pred_begin(); } 1075 1076 static ChildIteratorType child_end(NodeRef N) { return N->pred_end(); } 1077}; 1078 1079template <> struct GraphTraits<Inverse<const ::clang::CFGBlock*> > { 1080 typedef const ::clang::CFGBlock *NodeRef; 1081 typedef ::clang::CFGBlock::const_pred_iterator ChildIteratorType; 1082 1083 static NodeRef getEntryNode(Inverse<const ::clang::CFGBlock *> G) { 1084 return G.Graph; 1085 } 1086 1087 static ChildIteratorType child_begin(NodeRef N) { return N->pred_begin(); } 1088 1089 static ChildIteratorType child_end(NodeRef N) { return N->pred_end(); } 1090}; 1091 1092// Traits for: CFG 1093 1094template <> struct GraphTraits< ::clang::CFG* > 1095 : public GraphTraits< ::clang::CFGBlock *> { 1096 1097 typedef ::clang::CFG::iterator nodes_iterator; 1098 1099 static NodeRef getEntryNode(::clang::CFG *F) { return &F->getEntry(); } 1100 static nodes_iterator nodes_begin(::clang::CFG* F) { return F->nodes_begin();} 1101 static nodes_iterator nodes_end(::clang::CFG* F) { return F->nodes_end(); } 1102 static unsigned size(::clang::CFG* F) { return F->size(); } 1103}; 1104 1105template <> struct GraphTraits<const ::clang::CFG* > 1106 : public GraphTraits<const ::clang::CFGBlock *> { 1107 1108 typedef ::clang::CFG::const_iterator nodes_iterator; 1109 1110 static NodeRef getEntryNode(const ::clang::CFG *F) { return &F->getEntry(); } 1111 static nodes_iterator nodes_begin( const ::clang::CFG* F) { 1112 return F->nodes_begin(); 1113 } 1114 static nodes_iterator nodes_end( const ::clang::CFG* F) { 1115 return F->nodes_end(); 1116 } 1117 static unsigned size(const ::clang::CFG* F) { 1118 return F->size(); 1119 } 1120}; 1121 1122template <> struct GraphTraits<Inverse< ::clang::CFG*> > 1123 : public GraphTraits<Inverse< ::clang::CFGBlock*> > { 1124 1125 typedef ::clang::CFG::iterator nodes_iterator; 1126 1127 static NodeRef getEntryNode(::clang::CFG *F) { return &F->getExit(); } 1128 static nodes_iterator nodes_begin( ::clang::CFG* F) {return F->nodes_begin();} 1129 static nodes_iterator nodes_end( ::clang::CFG* F) { return F->nodes_end(); } 1130}; 1131 1132template <> struct GraphTraits<Inverse<const ::clang::CFG*> > 1133 : public GraphTraits<Inverse<const ::clang::CFGBlock*> > { 1134 1135 typedef ::clang::CFG::const_iterator nodes_iterator; 1136 1137 static NodeRef getEntryNode(const ::clang::CFG *F) { return &F->getExit(); } 1138 static nodes_iterator nodes_begin(const ::clang::CFG* F) { 1139 return F->nodes_begin(); 1140 } 1141 static nodes_iterator nodes_end(const ::clang::CFG* F) { 1142 return F->nodes_end(); 1143 } 1144}; 1145} // end llvm namespace 1146 1147#endif // LLVM_CLANG_ANALYSIS_CFG_H 1148