1 //===- ThreadSafetyCommon.cpp ---------------------------------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // Implementation of the interfaces declared in ThreadSafetyCommon.h 10 // 11 //===----------------------------------------------------------------------===// 12 13 #include "clang/Analysis/Analyses/ThreadSafetyCommon.h" 14 #include "clang/AST/Attr.h" 15 #include "clang/AST/Decl.h" 16 #include "clang/AST/DeclCXX.h" 17 #include "clang/AST/DeclGroup.h" 18 #include "clang/AST/DeclObjC.h" 19 #include "clang/AST/Expr.h" 20 #include "clang/AST/ExprCXX.h" 21 #include "clang/AST/OperationKinds.h" 22 #include "clang/AST/Stmt.h" 23 #include "clang/AST/Type.h" 24 #include "clang/Analysis/Analyses/ThreadSafetyTIL.h" 25 #include "clang/Analysis/CFG.h" 26 #include "clang/Basic/LLVM.h" 27 #include "clang/Basic/OperatorKinds.h" 28 #include "clang/Basic/Specifiers.h" 29 #include "llvm/ADT/StringExtras.h" 30 #include "llvm/ADT/StringRef.h" 31 #include "llvm/Support/Casting.h" 32 #include <algorithm> 33 #include <cassert> 34 #include <string> 35 #include <utility> 36 37 using namespace clang; 38 using namespace threadSafety; 39 40 // From ThreadSafetyUtil.h 41 std::string threadSafety::getSourceLiteralString(const Expr *CE) { 42 switch (CE->getStmtClass()) { 43 case Stmt::IntegerLiteralClass: 44 return toString(cast<IntegerLiteral>(CE)->getValue(), 10, true); 45 case Stmt::StringLiteralClass: { 46 std::string ret("\""); 47 ret += cast<StringLiteral>(CE)->getString(); 48 ret += "\""; 49 return ret; 50 } 51 case Stmt::CharacterLiteralClass: 52 case Stmt::CXXNullPtrLiteralExprClass: 53 case Stmt::GNUNullExprClass: 54 case Stmt::CXXBoolLiteralExprClass: 55 case Stmt::FloatingLiteralClass: 56 case Stmt::ImaginaryLiteralClass: 57 case Stmt::ObjCStringLiteralClass: 58 default: 59 return "#lit"; 60 } 61 } 62 63 // Return true if E is a variable that points to an incomplete Phi node. 64 static bool isIncompletePhi(const til::SExpr *E) { 65 if (const auto *Ph = dyn_cast<til::Phi>(E)) 66 return Ph->status() == til::Phi::PH_Incomplete; 67 return false; 68 } 69 70 using CallingContext = SExprBuilder::CallingContext; 71 72 til::SExpr *SExprBuilder::lookupStmt(const Stmt *S) { 73 auto It = SMap.find(S); 74 if (It != SMap.end()) 75 return It->second; 76 return nullptr; 77 } 78 79 til::SCFG *SExprBuilder::buildCFG(CFGWalker &Walker) { 80 Walker.walk(*this); 81 return Scfg; 82 } 83 84 static bool isCalleeArrow(const Expr *E) { 85 const auto *ME = dyn_cast<MemberExpr>(E->IgnoreParenCasts()); 86 return ME ? ME->isArrow() : false; 87 } 88 89 static StringRef ClassifyDiagnostic(const CapabilityAttr *A) { 90 return A->getName(); 91 } 92 93 static StringRef ClassifyDiagnostic(QualType VDT) { 94 // We need to look at the declaration of the type of the value to determine 95 // which it is. The type should either be a record or a typedef, or a pointer 96 // or reference thereof. 97 if (const auto *RT = VDT->getAs<RecordType>()) { 98 if (const auto *RD = RT->getDecl()) 99 if (const auto *CA = RD->getAttr<CapabilityAttr>()) 100 return ClassifyDiagnostic(CA); 101 } else if (const auto *TT = VDT->getAs<TypedefType>()) { 102 if (const auto *TD = TT->getDecl()) 103 if (const auto *CA = TD->getAttr<CapabilityAttr>()) 104 return ClassifyDiagnostic(CA); 105 } else if (VDT->isPointerType() || VDT->isReferenceType()) 106 return ClassifyDiagnostic(VDT->getPointeeType()); 107 108 return "mutex"; 109 } 110 111 /// Translate a clang expression in an attribute to a til::SExpr. 112 /// Constructs the context from D, DeclExp, and SelfDecl. 113 /// 114 /// \param AttrExp The expression to translate. 115 /// \param D The declaration to which the attribute is attached. 116 /// \param DeclExp An expression involving the Decl to which the attribute 117 /// is attached. E.g. the call to a function. 118 /// \param Self S-expression to substitute for a \ref CXXThisExpr. 119 CapabilityExpr SExprBuilder::translateAttrExpr(const Expr *AttrExp, 120 const NamedDecl *D, 121 const Expr *DeclExp, 122 til::SExpr *Self) { 123 // If we are processing a raw attribute expression, with no substitutions. 124 if (!DeclExp && !Self) 125 return translateAttrExpr(AttrExp, nullptr); 126 127 CallingContext Ctx(nullptr, D); 128 129 // Examine DeclExp to find SelfArg and FunArgs, which are used to substitute 130 // for formal parameters when we call buildMutexID later. 131 if (!DeclExp) 132 /* We'll use Self. */; 133 else if (const auto *ME = dyn_cast<MemberExpr>(DeclExp)) { 134 Ctx.SelfArg = ME->getBase(); 135 Ctx.SelfArrow = ME->isArrow(); 136 } else if (const auto *CE = dyn_cast<CXXMemberCallExpr>(DeclExp)) { 137 Ctx.SelfArg = CE->getImplicitObjectArgument(); 138 Ctx.SelfArrow = isCalleeArrow(CE->getCallee()); 139 Ctx.NumArgs = CE->getNumArgs(); 140 Ctx.FunArgs = CE->getArgs(); 141 } else if (const auto *CE = dyn_cast<CallExpr>(DeclExp)) { 142 Ctx.NumArgs = CE->getNumArgs(); 143 Ctx.FunArgs = CE->getArgs(); 144 } else if (const auto *CE = dyn_cast<CXXConstructExpr>(DeclExp)) { 145 Ctx.SelfArg = nullptr; // Will be set below 146 Ctx.NumArgs = CE->getNumArgs(); 147 Ctx.FunArgs = CE->getArgs(); 148 } 149 150 if (Self) { 151 assert(!Ctx.SelfArg && "Ambiguous self argument"); 152 Ctx.SelfArg = Self; 153 154 // If the attribute has no arguments, then assume the argument is "this". 155 if (!AttrExp) 156 return CapabilityExpr( 157 Self, ClassifyDiagnostic(cast<CXXMethodDecl>(D)->getThisObjectType()), 158 false); 159 else // For most attributes. 160 return translateAttrExpr(AttrExp, &Ctx); 161 } 162 163 // If the attribute has no arguments, then assume the argument is "this". 164 if (!AttrExp) 165 return translateAttrExpr(cast<const Expr *>(Ctx.SelfArg), nullptr); 166 else // For most attributes. 167 return translateAttrExpr(AttrExp, &Ctx); 168 } 169 170 /// Translate a clang expression in an attribute to a til::SExpr. 171 // This assumes a CallingContext has already been created. 172 CapabilityExpr SExprBuilder::translateAttrExpr(const Expr *AttrExp, 173 CallingContext *Ctx) { 174 if (!AttrExp) 175 return CapabilityExpr(); 176 177 if (const auto* SLit = dyn_cast<StringLiteral>(AttrExp)) { 178 if (SLit->getString() == StringRef("*")) 179 // The "*" expr is a universal lock, which essentially turns off 180 // checks until it is removed from the lockset. 181 return CapabilityExpr(new (Arena) til::Wildcard(), StringRef("wildcard"), 182 false); 183 else 184 // Ignore other string literals for now. 185 return CapabilityExpr(); 186 } 187 188 bool Neg = false; 189 if (const auto *OE = dyn_cast<CXXOperatorCallExpr>(AttrExp)) { 190 if (OE->getOperator() == OO_Exclaim) { 191 Neg = true; 192 AttrExp = OE->getArg(0); 193 } 194 } 195 else if (const auto *UO = dyn_cast<UnaryOperator>(AttrExp)) { 196 if (UO->getOpcode() == UO_LNot) { 197 Neg = true; 198 AttrExp = UO->getSubExpr(); 199 } 200 } 201 202 til::SExpr *E = translate(AttrExp, Ctx); 203 204 // Trap mutex expressions like nullptr, or 0. 205 // Any literal value is nonsense. 206 if (!E || isa<til::Literal>(E)) 207 return CapabilityExpr(); 208 209 StringRef Kind = ClassifyDiagnostic(AttrExp->getType()); 210 211 // Hack to deal with smart pointers -- strip off top-level pointer casts. 212 if (const auto *CE = dyn_cast<til::Cast>(E)) { 213 if (CE->castOpcode() == til::CAST_objToPtr) 214 return CapabilityExpr(CE->expr(), Kind, Neg); 215 } 216 return CapabilityExpr(E, Kind, Neg); 217 } 218 219 til::LiteralPtr *SExprBuilder::createVariable(const VarDecl *VD) { 220 return new (Arena) til::LiteralPtr(VD); 221 } 222 223 std::pair<til::LiteralPtr *, StringRef> 224 SExprBuilder::createThisPlaceholder(const Expr *Exp) { 225 return {new (Arena) til::LiteralPtr(nullptr), 226 ClassifyDiagnostic(Exp->getType())}; 227 } 228 229 // Translate a clang statement or expression to a TIL expression. 230 // Also performs substitution of variables; Ctx provides the context. 231 // Dispatches on the type of S. 232 til::SExpr *SExprBuilder::translate(const Stmt *S, CallingContext *Ctx) { 233 if (!S) 234 return nullptr; 235 236 // Check if S has already been translated and cached. 237 // This handles the lookup of SSA names for DeclRefExprs here. 238 if (til::SExpr *E = lookupStmt(S)) 239 return E; 240 241 switch (S->getStmtClass()) { 242 case Stmt::DeclRefExprClass: 243 return translateDeclRefExpr(cast<DeclRefExpr>(S), Ctx); 244 case Stmt::CXXThisExprClass: 245 return translateCXXThisExpr(cast<CXXThisExpr>(S), Ctx); 246 case Stmt::MemberExprClass: 247 return translateMemberExpr(cast<MemberExpr>(S), Ctx); 248 case Stmt::ObjCIvarRefExprClass: 249 return translateObjCIVarRefExpr(cast<ObjCIvarRefExpr>(S), Ctx); 250 case Stmt::CallExprClass: 251 return translateCallExpr(cast<CallExpr>(S), Ctx); 252 case Stmt::CXXMemberCallExprClass: 253 return translateCXXMemberCallExpr(cast<CXXMemberCallExpr>(S), Ctx); 254 case Stmt::CXXOperatorCallExprClass: 255 return translateCXXOperatorCallExpr(cast<CXXOperatorCallExpr>(S), Ctx); 256 case Stmt::UnaryOperatorClass: 257 return translateUnaryOperator(cast<UnaryOperator>(S), Ctx); 258 case Stmt::BinaryOperatorClass: 259 case Stmt::CompoundAssignOperatorClass: 260 return translateBinaryOperator(cast<BinaryOperator>(S), Ctx); 261 262 case Stmt::ArraySubscriptExprClass: 263 return translateArraySubscriptExpr(cast<ArraySubscriptExpr>(S), Ctx); 264 case Stmt::ConditionalOperatorClass: 265 return translateAbstractConditionalOperator( 266 cast<ConditionalOperator>(S), Ctx); 267 case Stmt::BinaryConditionalOperatorClass: 268 return translateAbstractConditionalOperator( 269 cast<BinaryConditionalOperator>(S), Ctx); 270 271 // We treat these as no-ops 272 case Stmt::ConstantExprClass: 273 return translate(cast<ConstantExpr>(S)->getSubExpr(), Ctx); 274 case Stmt::ParenExprClass: 275 return translate(cast<ParenExpr>(S)->getSubExpr(), Ctx); 276 case Stmt::ExprWithCleanupsClass: 277 return translate(cast<ExprWithCleanups>(S)->getSubExpr(), Ctx); 278 case Stmt::CXXBindTemporaryExprClass: 279 return translate(cast<CXXBindTemporaryExpr>(S)->getSubExpr(), Ctx); 280 case Stmt::MaterializeTemporaryExprClass: 281 return translate(cast<MaterializeTemporaryExpr>(S)->getSubExpr(), Ctx); 282 283 // Collect all literals 284 case Stmt::CharacterLiteralClass: 285 case Stmt::CXXNullPtrLiteralExprClass: 286 case Stmt::GNUNullExprClass: 287 case Stmt::CXXBoolLiteralExprClass: 288 case Stmt::FloatingLiteralClass: 289 case Stmt::ImaginaryLiteralClass: 290 case Stmt::IntegerLiteralClass: 291 case Stmt::StringLiteralClass: 292 case Stmt::ObjCStringLiteralClass: 293 return new (Arena) til::Literal(cast<Expr>(S)); 294 295 case Stmt::DeclStmtClass: 296 return translateDeclStmt(cast<DeclStmt>(S), Ctx); 297 default: 298 break; 299 } 300 if (const auto *CE = dyn_cast<CastExpr>(S)) 301 return translateCastExpr(CE, Ctx); 302 303 return new (Arena) til::Undefined(S); 304 } 305 306 til::SExpr *SExprBuilder::translateDeclRefExpr(const DeclRefExpr *DRE, 307 CallingContext *Ctx) { 308 const auto *VD = cast<ValueDecl>(DRE->getDecl()->getCanonicalDecl()); 309 310 // Function parameters require substitution and/or renaming. 311 if (const auto *PV = dyn_cast<ParmVarDecl>(VD)) { 312 unsigned I = PV->getFunctionScopeIndex(); 313 const DeclContext *D = PV->getDeclContext(); 314 if (Ctx && Ctx->FunArgs) { 315 const Decl *Canonical = Ctx->AttrDecl->getCanonicalDecl(); 316 if (isa<FunctionDecl>(D) 317 ? (cast<FunctionDecl>(D)->getCanonicalDecl() == Canonical) 318 : (cast<ObjCMethodDecl>(D)->getCanonicalDecl() == Canonical)) { 319 // Substitute call arguments for references to function parameters 320 assert(I < Ctx->NumArgs); 321 return translate(Ctx->FunArgs[I], Ctx->Prev); 322 } 323 } 324 // Map the param back to the param of the original function declaration 325 // for consistent comparisons. 326 VD = isa<FunctionDecl>(D) 327 ? cast<FunctionDecl>(D)->getCanonicalDecl()->getParamDecl(I) 328 : cast<ObjCMethodDecl>(D)->getCanonicalDecl()->getParamDecl(I); 329 } 330 331 // For non-local variables, treat it as a reference to a named object. 332 return new (Arena) til::LiteralPtr(VD); 333 } 334 335 til::SExpr *SExprBuilder::translateCXXThisExpr(const CXXThisExpr *TE, 336 CallingContext *Ctx) { 337 // Substitute for 'this' 338 if (Ctx && Ctx->SelfArg) { 339 if (const auto *SelfArg = dyn_cast<const Expr *>(Ctx->SelfArg)) 340 return translate(SelfArg, Ctx->Prev); 341 else 342 return cast<til::SExpr *>(Ctx->SelfArg); 343 } 344 assert(SelfVar && "We have no variable for 'this'!"); 345 return SelfVar; 346 } 347 348 static const ValueDecl *getValueDeclFromSExpr(const til::SExpr *E) { 349 if (const auto *V = dyn_cast<til::Variable>(E)) 350 return V->clangDecl(); 351 if (const auto *Ph = dyn_cast<til::Phi>(E)) 352 return Ph->clangDecl(); 353 if (const auto *P = dyn_cast<til::Project>(E)) 354 return P->clangDecl(); 355 if (const auto *L = dyn_cast<til::LiteralPtr>(E)) 356 return L->clangDecl(); 357 return nullptr; 358 } 359 360 static bool hasAnyPointerType(const til::SExpr *E) { 361 auto *VD = getValueDeclFromSExpr(E); 362 if (VD && VD->getType()->isAnyPointerType()) 363 return true; 364 if (const auto *C = dyn_cast<til::Cast>(E)) 365 return C->castOpcode() == til::CAST_objToPtr; 366 367 return false; 368 } 369 370 // Grab the very first declaration of virtual method D 371 static const CXXMethodDecl *getFirstVirtualDecl(const CXXMethodDecl *D) { 372 while (true) { 373 D = D->getCanonicalDecl(); 374 auto OverriddenMethods = D->overridden_methods(); 375 if (OverriddenMethods.begin() == OverriddenMethods.end()) 376 return D; // Method does not override anything 377 // FIXME: this does not work with multiple inheritance. 378 D = *OverriddenMethods.begin(); 379 } 380 return nullptr; 381 } 382 383 til::SExpr *SExprBuilder::translateMemberExpr(const MemberExpr *ME, 384 CallingContext *Ctx) { 385 til::SExpr *BE = translate(ME->getBase(), Ctx); 386 til::SExpr *E = new (Arena) til::SApply(BE); 387 388 const auto *D = cast<ValueDecl>(ME->getMemberDecl()->getCanonicalDecl()); 389 if (const auto *VD = dyn_cast<CXXMethodDecl>(D)) 390 D = getFirstVirtualDecl(VD); 391 392 til::Project *P = new (Arena) til::Project(E, D); 393 if (hasAnyPointerType(BE)) 394 P->setArrow(true); 395 return P; 396 } 397 398 til::SExpr *SExprBuilder::translateObjCIVarRefExpr(const ObjCIvarRefExpr *IVRE, 399 CallingContext *Ctx) { 400 til::SExpr *BE = translate(IVRE->getBase(), Ctx); 401 til::SExpr *E = new (Arena) til::SApply(BE); 402 403 const auto *D = cast<ObjCIvarDecl>(IVRE->getDecl()->getCanonicalDecl()); 404 405 til::Project *P = new (Arena) til::Project(E, D); 406 if (hasAnyPointerType(BE)) 407 P->setArrow(true); 408 return P; 409 } 410 411 til::SExpr *SExprBuilder::translateCallExpr(const CallExpr *CE, 412 CallingContext *Ctx, 413 const Expr *SelfE) { 414 if (CapabilityExprMode) { 415 // Handle LOCK_RETURNED 416 if (const FunctionDecl *FD = CE->getDirectCallee()) { 417 FD = FD->getMostRecentDecl(); 418 if (LockReturnedAttr *At = FD->getAttr<LockReturnedAttr>()) { 419 CallingContext LRCallCtx(Ctx); 420 LRCallCtx.AttrDecl = CE->getDirectCallee(); 421 LRCallCtx.SelfArg = SelfE; 422 LRCallCtx.NumArgs = CE->getNumArgs(); 423 LRCallCtx.FunArgs = CE->getArgs(); 424 return const_cast<til::SExpr *>( 425 translateAttrExpr(At->getArg(), &LRCallCtx).sexpr()); 426 } 427 } 428 } 429 430 til::SExpr *E = translate(CE->getCallee(), Ctx); 431 for (const auto *Arg : CE->arguments()) { 432 til::SExpr *A = translate(Arg, Ctx); 433 E = new (Arena) til::Apply(E, A); 434 } 435 return new (Arena) til::Call(E, CE); 436 } 437 438 til::SExpr *SExprBuilder::translateCXXMemberCallExpr( 439 const CXXMemberCallExpr *ME, CallingContext *Ctx) { 440 if (CapabilityExprMode) { 441 // Ignore calls to get() on smart pointers. 442 if (ME->getMethodDecl()->getNameAsString() == "get" && 443 ME->getNumArgs() == 0) { 444 auto *E = translate(ME->getImplicitObjectArgument(), Ctx); 445 return new (Arena) til::Cast(til::CAST_objToPtr, E); 446 // return E; 447 } 448 } 449 return translateCallExpr(cast<CallExpr>(ME), Ctx, 450 ME->getImplicitObjectArgument()); 451 } 452 453 til::SExpr *SExprBuilder::translateCXXOperatorCallExpr( 454 const CXXOperatorCallExpr *OCE, CallingContext *Ctx) { 455 if (CapabilityExprMode) { 456 // Ignore operator * and operator -> on smart pointers. 457 OverloadedOperatorKind k = OCE->getOperator(); 458 if (k == OO_Star || k == OO_Arrow) { 459 auto *E = translate(OCE->getArg(0), Ctx); 460 return new (Arena) til::Cast(til::CAST_objToPtr, E); 461 // return E; 462 } 463 } 464 return translateCallExpr(cast<CallExpr>(OCE), Ctx); 465 } 466 467 til::SExpr *SExprBuilder::translateUnaryOperator(const UnaryOperator *UO, 468 CallingContext *Ctx) { 469 switch (UO->getOpcode()) { 470 case UO_PostInc: 471 case UO_PostDec: 472 case UO_PreInc: 473 case UO_PreDec: 474 return new (Arena) til::Undefined(UO); 475 476 case UO_AddrOf: 477 if (CapabilityExprMode) { 478 // interpret &Graph::mu_ as an existential. 479 if (const auto *DRE = dyn_cast<DeclRefExpr>(UO->getSubExpr())) { 480 if (DRE->getDecl()->isCXXInstanceMember()) { 481 // This is a pointer-to-member expression, e.g. &MyClass::mu_. 482 // We interpret this syntax specially, as a wildcard. 483 auto *W = new (Arena) til::Wildcard(); 484 return new (Arena) til::Project(W, DRE->getDecl()); 485 } 486 } 487 } 488 // otherwise, & is a no-op 489 return translate(UO->getSubExpr(), Ctx); 490 491 // We treat these as no-ops 492 case UO_Deref: 493 case UO_Plus: 494 return translate(UO->getSubExpr(), Ctx); 495 496 case UO_Minus: 497 return new (Arena) 498 til::UnaryOp(til::UOP_Minus, translate(UO->getSubExpr(), Ctx)); 499 case UO_Not: 500 return new (Arena) 501 til::UnaryOp(til::UOP_BitNot, translate(UO->getSubExpr(), Ctx)); 502 case UO_LNot: 503 return new (Arena) 504 til::UnaryOp(til::UOP_LogicNot, translate(UO->getSubExpr(), Ctx)); 505 506 // Currently unsupported 507 case UO_Real: 508 case UO_Imag: 509 case UO_Extension: 510 case UO_Coawait: 511 return new (Arena) til::Undefined(UO); 512 } 513 return new (Arena) til::Undefined(UO); 514 } 515 516 til::SExpr *SExprBuilder::translateBinOp(til::TIL_BinaryOpcode Op, 517 const BinaryOperator *BO, 518 CallingContext *Ctx, bool Reverse) { 519 til::SExpr *E0 = translate(BO->getLHS(), Ctx); 520 til::SExpr *E1 = translate(BO->getRHS(), Ctx); 521 if (Reverse) 522 return new (Arena) til::BinaryOp(Op, E1, E0); 523 else 524 return new (Arena) til::BinaryOp(Op, E0, E1); 525 } 526 527 til::SExpr *SExprBuilder::translateBinAssign(til::TIL_BinaryOpcode Op, 528 const BinaryOperator *BO, 529 CallingContext *Ctx, 530 bool Assign) { 531 const Expr *LHS = BO->getLHS(); 532 const Expr *RHS = BO->getRHS(); 533 til::SExpr *E0 = translate(LHS, Ctx); 534 til::SExpr *E1 = translate(RHS, Ctx); 535 536 const ValueDecl *VD = nullptr; 537 til::SExpr *CV = nullptr; 538 if (const auto *DRE = dyn_cast<DeclRefExpr>(LHS)) { 539 VD = DRE->getDecl(); 540 CV = lookupVarDecl(VD); 541 } 542 543 if (!Assign) { 544 til::SExpr *Arg = CV ? CV : new (Arena) til::Load(E0); 545 E1 = new (Arena) til::BinaryOp(Op, Arg, E1); 546 E1 = addStatement(E1, nullptr, VD); 547 } 548 if (VD && CV) 549 return updateVarDecl(VD, E1); 550 return new (Arena) til::Store(E0, E1); 551 } 552 553 til::SExpr *SExprBuilder::translateBinaryOperator(const BinaryOperator *BO, 554 CallingContext *Ctx) { 555 switch (BO->getOpcode()) { 556 case BO_PtrMemD: 557 case BO_PtrMemI: 558 return new (Arena) til::Undefined(BO); 559 560 case BO_Mul: return translateBinOp(til::BOP_Mul, BO, Ctx); 561 case BO_Div: return translateBinOp(til::BOP_Div, BO, Ctx); 562 case BO_Rem: return translateBinOp(til::BOP_Rem, BO, Ctx); 563 case BO_Add: return translateBinOp(til::BOP_Add, BO, Ctx); 564 case BO_Sub: return translateBinOp(til::BOP_Sub, BO, Ctx); 565 case BO_Shl: return translateBinOp(til::BOP_Shl, BO, Ctx); 566 case BO_Shr: return translateBinOp(til::BOP_Shr, BO, Ctx); 567 case BO_LT: return translateBinOp(til::BOP_Lt, BO, Ctx); 568 case BO_GT: return translateBinOp(til::BOP_Lt, BO, Ctx, true); 569 case BO_LE: return translateBinOp(til::BOP_Leq, BO, Ctx); 570 case BO_GE: return translateBinOp(til::BOP_Leq, BO, Ctx, true); 571 case BO_EQ: return translateBinOp(til::BOP_Eq, BO, Ctx); 572 case BO_NE: return translateBinOp(til::BOP_Neq, BO, Ctx); 573 case BO_Cmp: return translateBinOp(til::BOP_Cmp, BO, Ctx); 574 case BO_And: return translateBinOp(til::BOP_BitAnd, BO, Ctx); 575 case BO_Xor: return translateBinOp(til::BOP_BitXor, BO, Ctx); 576 case BO_Or: return translateBinOp(til::BOP_BitOr, BO, Ctx); 577 case BO_LAnd: return translateBinOp(til::BOP_LogicAnd, BO, Ctx); 578 case BO_LOr: return translateBinOp(til::BOP_LogicOr, BO, Ctx); 579 580 case BO_Assign: return translateBinAssign(til::BOP_Eq, BO, Ctx, true); 581 case BO_MulAssign: return translateBinAssign(til::BOP_Mul, BO, Ctx); 582 case BO_DivAssign: return translateBinAssign(til::BOP_Div, BO, Ctx); 583 case BO_RemAssign: return translateBinAssign(til::BOP_Rem, BO, Ctx); 584 case BO_AddAssign: return translateBinAssign(til::BOP_Add, BO, Ctx); 585 case BO_SubAssign: return translateBinAssign(til::BOP_Sub, BO, Ctx); 586 case BO_ShlAssign: return translateBinAssign(til::BOP_Shl, BO, Ctx); 587 case BO_ShrAssign: return translateBinAssign(til::BOP_Shr, BO, Ctx); 588 case BO_AndAssign: return translateBinAssign(til::BOP_BitAnd, BO, Ctx); 589 case BO_XorAssign: return translateBinAssign(til::BOP_BitXor, BO, Ctx); 590 case BO_OrAssign: return translateBinAssign(til::BOP_BitOr, BO, Ctx); 591 592 case BO_Comma: 593 // The clang CFG should have already processed both sides. 594 return translate(BO->getRHS(), Ctx); 595 } 596 return new (Arena) til::Undefined(BO); 597 } 598 599 til::SExpr *SExprBuilder::translateCastExpr(const CastExpr *CE, 600 CallingContext *Ctx) { 601 CastKind K = CE->getCastKind(); 602 switch (K) { 603 case CK_LValueToRValue: { 604 if (const auto *DRE = dyn_cast<DeclRefExpr>(CE->getSubExpr())) { 605 til::SExpr *E0 = lookupVarDecl(DRE->getDecl()); 606 if (E0) 607 return E0; 608 } 609 til::SExpr *E0 = translate(CE->getSubExpr(), Ctx); 610 return E0; 611 // FIXME!! -- get Load working properly 612 // return new (Arena) til::Load(E0); 613 } 614 case CK_NoOp: 615 case CK_DerivedToBase: 616 case CK_UncheckedDerivedToBase: 617 case CK_ArrayToPointerDecay: 618 case CK_FunctionToPointerDecay: { 619 til::SExpr *E0 = translate(CE->getSubExpr(), Ctx); 620 return E0; 621 } 622 default: { 623 // FIXME: handle different kinds of casts. 624 til::SExpr *E0 = translate(CE->getSubExpr(), Ctx); 625 if (CapabilityExprMode) 626 return E0; 627 return new (Arena) til::Cast(til::CAST_none, E0); 628 } 629 } 630 } 631 632 til::SExpr * 633 SExprBuilder::translateArraySubscriptExpr(const ArraySubscriptExpr *E, 634 CallingContext *Ctx) { 635 til::SExpr *E0 = translate(E->getBase(), Ctx); 636 til::SExpr *E1 = translate(E->getIdx(), Ctx); 637 return new (Arena) til::ArrayIndex(E0, E1); 638 } 639 640 til::SExpr * 641 SExprBuilder::translateAbstractConditionalOperator( 642 const AbstractConditionalOperator *CO, CallingContext *Ctx) { 643 auto *C = translate(CO->getCond(), Ctx); 644 auto *T = translate(CO->getTrueExpr(), Ctx); 645 auto *E = translate(CO->getFalseExpr(), Ctx); 646 return new (Arena) til::IfThenElse(C, T, E); 647 } 648 649 til::SExpr * 650 SExprBuilder::translateDeclStmt(const DeclStmt *S, CallingContext *Ctx) { 651 DeclGroupRef DGrp = S->getDeclGroup(); 652 for (auto *I : DGrp) { 653 if (auto *VD = dyn_cast_or_null<VarDecl>(I)) { 654 Expr *E = VD->getInit(); 655 til::SExpr* SE = translate(E, Ctx); 656 657 // Add local variables with trivial type to the variable map 658 QualType T = VD->getType(); 659 if (T.isTrivialType(VD->getASTContext())) 660 return addVarDecl(VD, SE); 661 else { 662 // TODO: add alloca 663 } 664 } 665 } 666 return nullptr; 667 } 668 669 // If (E) is non-trivial, then add it to the current basic block, and 670 // update the statement map so that S refers to E. Returns a new variable 671 // that refers to E. 672 // If E is trivial returns E. 673 til::SExpr *SExprBuilder::addStatement(til::SExpr* E, const Stmt *S, 674 const ValueDecl *VD) { 675 if (!E || !CurrentBB || E->block() || til::ThreadSafetyTIL::isTrivial(E)) 676 return E; 677 if (VD) 678 E = new (Arena) til::Variable(E, VD); 679 CurrentInstructions.push_back(E); 680 if (S) 681 insertStmt(S, E); 682 return E; 683 } 684 685 // Returns the current value of VD, if known, and nullptr otherwise. 686 til::SExpr *SExprBuilder::lookupVarDecl(const ValueDecl *VD) { 687 auto It = LVarIdxMap.find(VD); 688 if (It != LVarIdxMap.end()) { 689 assert(CurrentLVarMap[It->second].first == VD); 690 return CurrentLVarMap[It->second].second; 691 } 692 return nullptr; 693 } 694 695 // if E is a til::Variable, update its clangDecl. 696 static void maybeUpdateVD(til::SExpr *E, const ValueDecl *VD) { 697 if (!E) 698 return; 699 if (auto *V = dyn_cast<til::Variable>(E)) { 700 if (!V->clangDecl()) 701 V->setClangDecl(VD); 702 } 703 } 704 705 // Adds a new variable declaration. 706 til::SExpr *SExprBuilder::addVarDecl(const ValueDecl *VD, til::SExpr *E) { 707 maybeUpdateVD(E, VD); 708 LVarIdxMap.insert(std::make_pair(VD, CurrentLVarMap.size())); 709 CurrentLVarMap.makeWritable(); 710 CurrentLVarMap.push_back(std::make_pair(VD, E)); 711 return E; 712 } 713 714 // Updates a current variable declaration. (E.g. by assignment) 715 til::SExpr *SExprBuilder::updateVarDecl(const ValueDecl *VD, til::SExpr *E) { 716 maybeUpdateVD(E, VD); 717 auto It = LVarIdxMap.find(VD); 718 if (It == LVarIdxMap.end()) { 719 til::SExpr *Ptr = new (Arena) til::LiteralPtr(VD); 720 til::SExpr *St = new (Arena) til::Store(Ptr, E); 721 return St; 722 } 723 CurrentLVarMap.makeWritable(); 724 CurrentLVarMap.elem(It->second).second = E; 725 return E; 726 } 727 728 // Make a Phi node in the current block for the i^th variable in CurrentVarMap. 729 // If E != null, sets Phi[CurrentBlockInfo->ArgIndex] = E. 730 // If E == null, this is a backedge and will be set later. 731 void SExprBuilder::makePhiNodeVar(unsigned i, unsigned NPreds, til::SExpr *E) { 732 unsigned ArgIndex = CurrentBlockInfo->ProcessedPredecessors; 733 assert(ArgIndex > 0 && ArgIndex < NPreds); 734 735 til::SExpr *CurrE = CurrentLVarMap[i].second; 736 if (CurrE->block() == CurrentBB) { 737 // We already have a Phi node in the current block, 738 // so just add the new variable to the Phi node. 739 auto *Ph = dyn_cast<til::Phi>(CurrE); 740 assert(Ph && "Expecting Phi node."); 741 if (E) 742 Ph->values()[ArgIndex] = E; 743 return; 744 } 745 746 // Make a new phi node: phi(..., E) 747 // All phi args up to the current index are set to the current value. 748 til::Phi *Ph = new (Arena) til::Phi(Arena, NPreds); 749 Ph->values().setValues(NPreds, nullptr); 750 for (unsigned PIdx = 0; PIdx < ArgIndex; ++PIdx) 751 Ph->values()[PIdx] = CurrE; 752 if (E) 753 Ph->values()[ArgIndex] = E; 754 Ph->setClangDecl(CurrentLVarMap[i].first); 755 // If E is from a back-edge, or either E or CurrE are incomplete, then 756 // mark this node as incomplete; we may need to remove it later. 757 if (!E || isIncompletePhi(E) || isIncompletePhi(CurrE)) 758 Ph->setStatus(til::Phi::PH_Incomplete); 759 760 // Add Phi node to current block, and update CurrentLVarMap[i] 761 CurrentArguments.push_back(Ph); 762 if (Ph->status() == til::Phi::PH_Incomplete) 763 IncompleteArgs.push_back(Ph); 764 765 CurrentLVarMap.makeWritable(); 766 CurrentLVarMap.elem(i).second = Ph; 767 } 768 769 // Merge values from Map into the current variable map. 770 // This will construct Phi nodes in the current basic block as necessary. 771 void SExprBuilder::mergeEntryMap(LVarDefinitionMap Map) { 772 assert(CurrentBlockInfo && "Not processing a block!"); 773 774 if (!CurrentLVarMap.valid()) { 775 // Steal Map, using copy-on-write. 776 CurrentLVarMap = std::move(Map); 777 return; 778 } 779 if (CurrentLVarMap.sameAs(Map)) 780 return; // Easy merge: maps from different predecessors are unchanged. 781 782 unsigned NPreds = CurrentBB->numPredecessors(); 783 unsigned ESz = CurrentLVarMap.size(); 784 unsigned MSz = Map.size(); 785 unsigned Sz = std::min(ESz, MSz); 786 787 for (unsigned i = 0; i < Sz; ++i) { 788 if (CurrentLVarMap[i].first != Map[i].first) { 789 // We've reached the end of variables in common. 790 CurrentLVarMap.makeWritable(); 791 CurrentLVarMap.downsize(i); 792 break; 793 } 794 if (CurrentLVarMap[i].second != Map[i].second) 795 makePhiNodeVar(i, NPreds, Map[i].second); 796 } 797 if (ESz > MSz) { 798 CurrentLVarMap.makeWritable(); 799 CurrentLVarMap.downsize(Map.size()); 800 } 801 } 802 803 // Merge a back edge into the current variable map. 804 // This will create phi nodes for all variables in the variable map. 805 void SExprBuilder::mergeEntryMapBackEdge() { 806 // We don't have definitions for variables on the backedge, because we 807 // haven't gotten that far in the CFG. Thus, when encountering a back edge, 808 // we conservatively create Phi nodes for all variables. Unnecessary Phi 809 // nodes will be marked as incomplete, and stripped out at the end. 810 // 811 // An Phi node is unnecessary if it only refers to itself and one other 812 // variable, e.g. x = Phi(y, y, x) can be reduced to x = y. 813 814 assert(CurrentBlockInfo && "Not processing a block!"); 815 816 if (CurrentBlockInfo->HasBackEdges) 817 return; 818 CurrentBlockInfo->HasBackEdges = true; 819 820 CurrentLVarMap.makeWritable(); 821 unsigned Sz = CurrentLVarMap.size(); 822 unsigned NPreds = CurrentBB->numPredecessors(); 823 824 for (unsigned i = 0; i < Sz; ++i) 825 makePhiNodeVar(i, NPreds, nullptr); 826 } 827 828 // Update the phi nodes that were initially created for a back edge 829 // once the variable definitions have been computed. 830 // I.e., merge the current variable map into the phi nodes for Blk. 831 void SExprBuilder::mergePhiNodesBackEdge(const CFGBlock *Blk) { 832 til::BasicBlock *BB = lookupBlock(Blk); 833 unsigned ArgIndex = BBInfo[Blk->getBlockID()].ProcessedPredecessors; 834 assert(ArgIndex > 0 && ArgIndex < BB->numPredecessors()); 835 836 for (til::SExpr *PE : BB->arguments()) { 837 auto *Ph = dyn_cast_or_null<til::Phi>(PE); 838 assert(Ph && "Expecting Phi Node."); 839 assert(Ph->values()[ArgIndex] == nullptr && "Wrong index for back edge."); 840 841 til::SExpr *E = lookupVarDecl(Ph->clangDecl()); 842 assert(E && "Couldn't find local variable for Phi node."); 843 Ph->values()[ArgIndex] = E; 844 } 845 } 846 847 void SExprBuilder::enterCFG(CFG *Cfg, const NamedDecl *D, 848 const CFGBlock *First) { 849 // Perform initial setup operations. 850 unsigned NBlocks = Cfg->getNumBlockIDs(); 851 Scfg = new (Arena) til::SCFG(Arena, NBlocks); 852 853 // allocate all basic blocks immediately, to handle forward references. 854 BBInfo.resize(NBlocks); 855 BlockMap.resize(NBlocks, nullptr); 856 // create map from clang blockID to til::BasicBlocks 857 for (auto *B : *Cfg) { 858 auto *BB = new (Arena) til::BasicBlock(Arena); 859 BB->reserveInstructions(B->size()); 860 BlockMap[B->getBlockID()] = BB; 861 } 862 863 CurrentBB = lookupBlock(&Cfg->getEntry()); 864 auto Parms = isa<ObjCMethodDecl>(D) ? cast<ObjCMethodDecl>(D)->parameters() 865 : cast<FunctionDecl>(D)->parameters(); 866 for (auto *Pm : Parms) { 867 QualType T = Pm->getType(); 868 if (!T.isTrivialType(Pm->getASTContext())) 869 continue; 870 871 // Add parameters to local variable map. 872 // FIXME: right now we emulate params with loads; that should be fixed. 873 til::SExpr *Lp = new (Arena) til::LiteralPtr(Pm); 874 til::SExpr *Ld = new (Arena) til::Load(Lp); 875 til::SExpr *V = addStatement(Ld, nullptr, Pm); 876 addVarDecl(Pm, V); 877 } 878 } 879 880 void SExprBuilder::enterCFGBlock(const CFGBlock *B) { 881 // Initialize TIL basic block and add it to the CFG. 882 CurrentBB = lookupBlock(B); 883 CurrentBB->reservePredecessors(B->pred_size()); 884 Scfg->add(CurrentBB); 885 886 CurrentBlockInfo = &BBInfo[B->getBlockID()]; 887 888 // CurrentLVarMap is moved to ExitMap on block exit. 889 // FIXME: the entry block will hold function parameters. 890 // assert(!CurrentLVarMap.valid() && "CurrentLVarMap already initialized."); 891 } 892 893 void SExprBuilder::handlePredecessor(const CFGBlock *Pred) { 894 // Compute CurrentLVarMap on entry from ExitMaps of predecessors 895 896 CurrentBB->addPredecessor(BlockMap[Pred->getBlockID()]); 897 BlockInfo *PredInfo = &BBInfo[Pred->getBlockID()]; 898 assert(PredInfo->UnprocessedSuccessors > 0); 899 900 if (--PredInfo->UnprocessedSuccessors == 0) 901 mergeEntryMap(std::move(PredInfo->ExitMap)); 902 else 903 mergeEntryMap(PredInfo->ExitMap.clone()); 904 905 ++CurrentBlockInfo->ProcessedPredecessors; 906 } 907 908 void SExprBuilder::handlePredecessorBackEdge(const CFGBlock *Pred) { 909 mergeEntryMapBackEdge(); 910 } 911 912 void SExprBuilder::enterCFGBlockBody(const CFGBlock *B) { 913 // The merge*() methods have created arguments. 914 // Push those arguments onto the basic block. 915 CurrentBB->arguments().reserve( 916 static_cast<unsigned>(CurrentArguments.size()), Arena); 917 for (auto *A : CurrentArguments) 918 CurrentBB->addArgument(A); 919 } 920 921 void SExprBuilder::handleStatement(const Stmt *S) { 922 til::SExpr *E = translate(S, nullptr); 923 addStatement(E, S); 924 } 925 926 void SExprBuilder::handleDestructorCall(const VarDecl *VD, 927 const CXXDestructorDecl *DD) { 928 til::SExpr *Sf = new (Arena) til::LiteralPtr(VD); 929 til::SExpr *Dr = new (Arena) til::LiteralPtr(DD); 930 til::SExpr *Ap = new (Arena) til::Apply(Dr, Sf); 931 til::SExpr *E = new (Arena) til::Call(Ap); 932 addStatement(E, nullptr); 933 } 934 935 void SExprBuilder::exitCFGBlockBody(const CFGBlock *B) { 936 CurrentBB->instructions().reserve( 937 static_cast<unsigned>(CurrentInstructions.size()), Arena); 938 for (auto *V : CurrentInstructions) 939 CurrentBB->addInstruction(V); 940 941 // Create an appropriate terminator 942 unsigned N = B->succ_size(); 943 auto It = B->succ_begin(); 944 if (N == 1) { 945 til::BasicBlock *BB = *It ? lookupBlock(*It) : nullptr; 946 // TODO: set index 947 unsigned Idx = BB ? BB->findPredecessorIndex(CurrentBB) : 0; 948 auto *Tm = new (Arena) til::Goto(BB, Idx); 949 CurrentBB->setTerminator(Tm); 950 } 951 else if (N == 2) { 952 til::SExpr *C = translate(B->getTerminatorCondition(true), nullptr); 953 til::BasicBlock *BB1 = *It ? lookupBlock(*It) : nullptr; 954 ++It; 955 til::BasicBlock *BB2 = *It ? lookupBlock(*It) : nullptr; 956 // FIXME: make sure these aren't critical edges. 957 auto *Tm = new (Arena) til::Branch(C, BB1, BB2); 958 CurrentBB->setTerminator(Tm); 959 } 960 } 961 962 void SExprBuilder::handleSuccessor(const CFGBlock *Succ) { 963 ++CurrentBlockInfo->UnprocessedSuccessors; 964 } 965 966 void SExprBuilder::handleSuccessorBackEdge(const CFGBlock *Succ) { 967 mergePhiNodesBackEdge(Succ); 968 ++BBInfo[Succ->getBlockID()].ProcessedPredecessors; 969 } 970 971 void SExprBuilder::exitCFGBlock(const CFGBlock *B) { 972 CurrentArguments.clear(); 973 CurrentInstructions.clear(); 974 CurrentBlockInfo->ExitMap = std::move(CurrentLVarMap); 975 CurrentBB = nullptr; 976 CurrentBlockInfo = nullptr; 977 } 978 979 void SExprBuilder::exitCFG(const CFGBlock *Last) { 980 for (auto *Ph : IncompleteArgs) { 981 if (Ph->status() == til::Phi::PH_Incomplete) 982 simplifyIncompleteArg(Ph); 983 } 984 985 CurrentArguments.clear(); 986 CurrentInstructions.clear(); 987 IncompleteArgs.clear(); 988 } 989 990 /* 991 namespace { 992 993 class TILPrinter : 994 public til::PrettyPrinter<TILPrinter, llvm::raw_ostream> {}; 995 996 } // namespace 997 998 namespace clang { 999 namespace threadSafety { 1000 1001 void printSCFG(CFGWalker &Walker) { 1002 llvm::BumpPtrAllocator Bpa; 1003 til::MemRegionRef Arena(&Bpa); 1004 SExprBuilder SxBuilder(Arena); 1005 til::SCFG *Scfg = SxBuilder.buildCFG(Walker); 1006 TILPrinter::print(Scfg, llvm::errs()); 1007 } 1008 1009 } // namespace threadSafety 1010 } // namespace clang 1011 */ 1012