1 //===- ThreadSafetyCommon.cpp ---------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // Implementation of the interfaces declared in ThreadSafetyCommon.h
10 //
11 //===----------------------------------------------------------------------===//
12
13 #include "clang/Analysis/Analyses/ThreadSafetyCommon.h"
14 #include "clang/AST/Attr.h"
15 #include "clang/AST/Decl.h"
16 #include "clang/AST/DeclCXX.h"
17 #include "clang/AST/DeclGroup.h"
18 #include "clang/AST/DeclObjC.h"
19 #include "clang/AST/Expr.h"
20 #include "clang/AST/ExprCXX.h"
21 #include "clang/AST/OperationKinds.h"
22 #include "clang/AST/Stmt.h"
23 #include "clang/AST/Type.h"
24 #include "clang/Analysis/Analyses/ThreadSafetyTIL.h"
25 #include "clang/Analysis/CFG.h"
26 #include "clang/Basic/LLVM.h"
27 #include "clang/Basic/OperatorKinds.h"
28 #include "clang/Basic/Specifiers.h"
29 #include "llvm/ADT/StringExtras.h"
30 #include "llvm/ADT/StringRef.h"
31 #include "llvm/Support/Casting.h"
32 #include <algorithm>
33 #include <cassert>
34 #include <string>
35 #include <utility>
36
37 using namespace clang;
38 using namespace threadSafety;
39
40 // From ThreadSafetyUtil.h
getSourceLiteralString(const Expr * CE)41 std::string threadSafety::getSourceLiteralString(const Expr *CE) {
42 switch (CE->getStmtClass()) {
43 case Stmt::IntegerLiteralClass:
44 return toString(cast<IntegerLiteral>(CE)->getValue(), 10, true);
45 case Stmt::StringLiteralClass: {
46 std::string ret("\"");
47 ret += cast<StringLiteral>(CE)->getString();
48 ret += "\"";
49 return ret;
50 }
51 case Stmt::CharacterLiteralClass:
52 case Stmt::CXXNullPtrLiteralExprClass:
53 case Stmt::GNUNullExprClass:
54 case Stmt::CXXBoolLiteralExprClass:
55 case Stmt::FloatingLiteralClass:
56 case Stmt::ImaginaryLiteralClass:
57 case Stmt::ObjCStringLiteralClass:
58 default:
59 return "#lit";
60 }
61 }
62
63 // Return true if E is a variable that points to an incomplete Phi node.
isIncompletePhi(const til::SExpr * E)64 static bool isIncompletePhi(const til::SExpr *E) {
65 if (const auto *Ph = dyn_cast<til::Phi>(E))
66 return Ph->status() == til::Phi::PH_Incomplete;
67 return false;
68 }
69
70 using CallingContext = SExprBuilder::CallingContext;
71
lookupStmt(const Stmt * S)72 til::SExpr *SExprBuilder::lookupStmt(const Stmt *S) {
73 auto It = SMap.find(S);
74 if (It != SMap.end())
75 return It->second;
76 return nullptr;
77 }
78
buildCFG(CFGWalker & Walker)79 til::SCFG *SExprBuilder::buildCFG(CFGWalker &Walker) {
80 Walker.walk(*this);
81 return Scfg;
82 }
83
isCalleeArrow(const Expr * E)84 static bool isCalleeArrow(const Expr *E) {
85 const auto *ME = dyn_cast<MemberExpr>(E->IgnoreParenCasts());
86 return ME ? ME->isArrow() : false;
87 }
88
89 /// Translate a clang expression in an attribute to a til::SExpr.
90 /// Constructs the context from D, DeclExp, and SelfDecl.
91 ///
92 /// \param AttrExp The expression to translate.
93 /// \param D The declaration to which the attribute is attached.
94 /// \param DeclExp An expression involving the Decl to which the attribute
95 /// is attached. E.g. the call to a function.
translateAttrExpr(const Expr * AttrExp,const NamedDecl * D,const Expr * DeclExp,VarDecl * SelfDecl)96 CapabilityExpr SExprBuilder::translateAttrExpr(const Expr *AttrExp,
97 const NamedDecl *D,
98 const Expr *DeclExp,
99 VarDecl *SelfDecl) {
100 // If we are processing a raw attribute expression, with no substitutions.
101 if (!DeclExp)
102 return translateAttrExpr(AttrExp, nullptr);
103
104 CallingContext Ctx(nullptr, D);
105
106 // Examine DeclExp to find SelfArg and FunArgs, which are used to substitute
107 // for formal parameters when we call buildMutexID later.
108 if (const auto *ME = dyn_cast<MemberExpr>(DeclExp)) {
109 Ctx.SelfArg = ME->getBase();
110 Ctx.SelfArrow = ME->isArrow();
111 } else if (const auto *CE = dyn_cast<CXXMemberCallExpr>(DeclExp)) {
112 Ctx.SelfArg = CE->getImplicitObjectArgument();
113 Ctx.SelfArrow = isCalleeArrow(CE->getCallee());
114 Ctx.NumArgs = CE->getNumArgs();
115 Ctx.FunArgs = CE->getArgs();
116 } else if (const auto *CE = dyn_cast<CallExpr>(DeclExp)) {
117 Ctx.NumArgs = CE->getNumArgs();
118 Ctx.FunArgs = CE->getArgs();
119 } else if (const auto *CE = dyn_cast<CXXConstructExpr>(DeclExp)) {
120 Ctx.SelfArg = nullptr; // Will be set below
121 Ctx.NumArgs = CE->getNumArgs();
122 Ctx.FunArgs = CE->getArgs();
123 } else if (D && isa<CXXDestructorDecl>(D)) {
124 // There's no such thing as a "destructor call" in the AST.
125 Ctx.SelfArg = DeclExp;
126 }
127
128 // Hack to handle constructors, where self cannot be recovered from
129 // the expression.
130 if (SelfDecl && !Ctx.SelfArg) {
131 DeclRefExpr SelfDRE(SelfDecl->getASTContext(), SelfDecl, false,
132 SelfDecl->getType(), VK_LValue,
133 SelfDecl->getLocation());
134 Ctx.SelfArg = &SelfDRE;
135
136 // If the attribute has no arguments, then assume the argument is "this".
137 if (!AttrExp)
138 return translateAttrExpr(Ctx.SelfArg, nullptr);
139 else // For most attributes.
140 return translateAttrExpr(AttrExp, &Ctx);
141 }
142
143 // If the attribute has no arguments, then assume the argument is "this".
144 if (!AttrExp)
145 return translateAttrExpr(Ctx.SelfArg, nullptr);
146 else // For most attributes.
147 return translateAttrExpr(AttrExp, &Ctx);
148 }
149
150 /// Translate a clang expression in an attribute to a til::SExpr.
151 // This assumes a CallingContext has already been created.
translateAttrExpr(const Expr * AttrExp,CallingContext * Ctx)152 CapabilityExpr SExprBuilder::translateAttrExpr(const Expr *AttrExp,
153 CallingContext *Ctx) {
154 if (!AttrExp)
155 return CapabilityExpr(nullptr, false);
156
157 if (const auto* SLit = dyn_cast<StringLiteral>(AttrExp)) {
158 if (SLit->getString() == StringRef("*"))
159 // The "*" expr is a universal lock, which essentially turns off
160 // checks until it is removed from the lockset.
161 return CapabilityExpr(new (Arena) til::Wildcard(), false);
162 else
163 // Ignore other string literals for now.
164 return CapabilityExpr(nullptr, false);
165 }
166
167 bool Neg = false;
168 if (const auto *OE = dyn_cast<CXXOperatorCallExpr>(AttrExp)) {
169 if (OE->getOperator() == OO_Exclaim) {
170 Neg = true;
171 AttrExp = OE->getArg(0);
172 }
173 }
174 else if (const auto *UO = dyn_cast<UnaryOperator>(AttrExp)) {
175 if (UO->getOpcode() == UO_LNot) {
176 Neg = true;
177 AttrExp = UO->getSubExpr();
178 }
179 }
180
181 til::SExpr *E = translate(AttrExp, Ctx);
182
183 // Trap mutex expressions like nullptr, or 0.
184 // Any literal value is nonsense.
185 if (!E || isa<til::Literal>(E))
186 return CapabilityExpr(nullptr, false);
187
188 // Hack to deal with smart pointers -- strip off top-level pointer casts.
189 if (const auto *CE = dyn_cast<til::Cast>(E)) {
190 if (CE->castOpcode() == til::CAST_objToPtr)
191 return CapabilityExpr(CE->expr(), Neg);
192 }
193 return CapabilityExpr(E, Neg);
194 }
195
196 // Translate a clang statement or expression to a TIL expression.
197 // Also performs substitution of variables; Ctx provides the context.
198 // Dispatches on the type of S.
translate(const Stmt * S,CallingContext * Ctx)199 til::SExpr *SExprBuilder::translate(const Stmt *S, CallingContext *Ctx) {
200 if (!S)
201 return nullptr;
202
203 // Check if S has already been translated and cached.
204 // This handles the lookup of SSA names for DeclRefExprs here.
205 if (til::SExpr *E = lookupStmt(S))
206 return E;
207
208 switch (S->getStmtClass()) {
209 case Stmt::DeclRefExprClass:
210 return translateDeclRefExpr(cast<DeclRefExpr>(S), Ctx);
211 case Stmt::CXXThisExprClass:
212 return translateCXXThisExpr(cast<CXXThisExpr>(S), Ctx);
213 case Stmt::MemberExprClass:
214 return translateMemberExpr(cast<MemberExpr>(S), Ctx);
215 case Stmt::ObjCIvarRefExprClass:
216 return translateObjCIVarRefExpr(cast<ObjCIvarRefExpr>(S), Ctx);
217 case Stmt::CallExprClass:
218 return translateCallExpr(cast<CallExpr>(S), Ctx);
219 case Stmt::CXXMemberCallExprClass:
220 return translateCXXMemberCallExpr(cast<CXXMemberCallExpr>(S), Ctx);
221 case Stmt::CXXOperatorCallExprClass:
222 return translateCXXOperatorCallExpr(cast<CXXOperatorCallExpr>(S), Ctx);
223 case Stmt::UnaryOperatorClass:
224 return translateUnaryOperator(cast<UnaryOperator>(S), Ctx);
225 case Stmt::BinaryOperatorClass:
226 case Stmt::CompoundAssignOperatorClass:
227 return translateBinaryOperator(cast<BinaryOperator>(S), Ctx);
228
229 case Stmt::ArraySubscriptExprClass:
230 return translateArraySubscriptExpr(cast<ArraySubscriptExpr>(S), Ctx);
231 case Stmt::ConditionalOperatorClass:
232 return translateAbstractConditionalOperator(
233 cast<ConditionalOperator>(S), Ctx);
234 case Stmt::BinaryConditionalOperatorClass:
235 return translateAbstractConditionalOperator(
236 cast<BinaryConditionalOperator>(S), Ctx);
237
238 // We treat these as no-ops
239 case Stmt::ConstantExprClass:
240 return translate(cast<ConstantExpr>(S)->getSubExpr(), Ctx);
241 case Stmt::ParenExprClass:
242 return translate(cast<ParenExpr>(S)->getSubExpr(), Ctx);
243 case Stmt::ExprWithCleanupsClass:
244 return translate(cast<ExprWithCleanups>(S)->getSubExpr(), Ctx);
245 case Stmt::CXXBindTemporaryExprClass:
246 return translate(cast<CXXBindTemporaryExpr>(S)->getSubExpr(), Ctx);
247 case Stmt::MaterializeTemporaryExprClass:
248 return translate(cast<MaterializeTemporaryExpr>(S)->getSubExpr(), Ctx);
249
250 // Collect all literals
251 case Stmt::CharacterLiteralClass:
252 case Stmt::CXXNullPtrLiteralExprClass:
253 case Stmt::GNUNullExprClass:
254 case Stmt::CXXBoolLiteralExprClass:
255 case Stmt::FloatingLiteralClass:
256 case Stmt::ImaginaryLiteralClass:
257 case Stmt::IntegerLiteralClass:
258 case Stmt::StringLiteralClass:
259 case Stmt::ObjCStringLiteralClass:
260 return new (Arena) til::Literal(cast<Expr>(S));
261
262 case Stmt::DeclStmtClass:
263 return translateDeclStmt(cast<DeclStmt>(S), Ctx);
264 default:
265 break;
266 }
267 if (const auto *CE = dyn_cast<CastExpr>(S))
268 return translateCastExpr(CE, Ctx);
269
270 return new (Arena) til::Undefined(S);
271 }
272
translateDeclRefExpr(const DeclRefExpr * DRE,CallingContext * Ctx)273 til::SExpr *SExprBuilder::translateDeclRefExpr(const DeclRefExpr *DRE,
274 CallingContext *Ctx) {
275 const auto *VD = cast<ValueDecl>(DRE->getDecl()->getCanonicalDecl());
276
277 // Function parameters require substitution and/or renaming.
278 if (const auto *PV = dyn_cast<ParmVarDecl>(VD)) {
279 unsigned I = PV->getFunctionScopeIndex();
280 const DeclContext *D = PV->getDeclContext();
281 if (Ctx && Ctx->FunArgs) {
282 const Decl *Canonical = Ctx->AttrDecl->getCanonicalDecl();
283 if (isa<FunctionDecl>(D)
284 ? (cast<FunctionDecl>(D)->getCanonicalDecl() == Canonical)
285 : (cast<ObjCMethodDecl>(D)->getCanonicalDecl() == Canonical)) {
286 // Substitute call arguments for references to function parameters
287 assert(I < Ctx->NumArgs);
288 return translate(Ctx->FunArgs[I], Ctx->Prev);
289 }
290 }
291 // Map the param back to the param of the original function declaration
292 // for consistent comparisons.
293 VD = isa<FunctionDecl>(D)
294 ? cast<FunctionDecl>(D)->getCanonicalDecl()->getParamDecl(I)
295 : cast<ObjCMethodDecl>(D)->getCanonicalDecl()->getParamDecl(I);
296 }
297
298 // For non-local variables, treat it as a reference to a named object.
299 return new (Arena) til::LiteralPtr(VD);
300 }
301
translateCXXThisExpr(const CXXThisExpr * TE,CallingContext * Ctx)302 til::SExpr *SExprBuilder::translateCXXThisExpr(const CXXThisExpr *TE,
303 CallingContext *Ctx) {
304 // Substitute for 'this'
305 if (Ctx && Ctx->SelfArg)
306 return translate(Ctx->SelfArg, Ctx->Prev);
307 assert(SelfVar && "We have no variable for 'this'!");
308 return SelfVar;
309 }
310
getValueDeclFromSExpr(const til::SExpr * E)311 static const ValueDecl *getValueDeclFromSExpr(const til::SExpr *E) {
312 if (const auto *V = dyn_cast<til::Variable>(E))
313 return V->clangDecl();
314 if (const auto *Ph = dyn_cast<til::Phi>(E))
315 return Ph->clangDecl();
316 if (const auto *P = dyn_cast<til::Project>(E))
317 return P->clangDecl();
318 if (const auto *L = dyn_cast<til::LiteralPtr>(E))
319 return L->clangDecl();
320 return nullptr;
321 }
322
hasAnyPointerType(const til::SExpr * E)323 static bool hasAnyPointerType(const til::SExpr *E) {
324 auto *VD = getValueDeclFromSExpr(E);
325 if (VD && VD->getType()->isAnyPointerType())
326 return true;
327 if (const auto *C = dyn_cast<til::Cast>(E))
328 return C->castOpcode() == til::CAST_objToPtr;
329
330 return false;
331 }
332
333 // Grab the very first declaration of virtual method D
getFirstVirtualDecl(const CXXMethodDecl * D)334 static const CXXMethodDecl *getFirstVirtualDecl(const CXXMethodDecl *D) {
335 while (true) {
336 D = D->getCanonicalDecl();
337 auto OverriddenMethods = D->overridden_methods();
338 if (OverriddenMethods.begin() == OverriddenMethods.end())
339 return D; // Method does not override anything
340 // FIXME: this does not work with multiple inheritance.
341 D = *OverriddenMethods.begin();
342 }
343 return nullptr;
344 }
345
translateMemberExpr(const MemberExpr * ME,CallingContext * Ctx)346 til::SExpr *SExprBuilder::translateMemberExpr(const MemberExpr *ME,
347 CallingContext *Ctx) {
348 til::SExpr *BE = translate(ME->getBase(), Ctx);
349 til::SExpr *E = new (Arena) til::SApply(BE);
350
351 const auto *D = cast<ValueDecl>(ME->getMemberDecl()->getCanonicalDecl());
352 if (const auto *VD = dyn_cast<CXXMethodDecl>(D))
353 D = getFirstVirtualDecl(VD);
354
355 til::Project *P = new (Arena) til::Project(E, D);
356 if (hasAnyPointerType(BE))
357 P->setArrow(true);
358 return P;
359 }
360
translateObjCIVarRefExpr(const ObjCIvarRefExpr * IVRE,CallingContext * Ctx)361 til::SExpr *SExprBuilder::translateObjCIVarRefExpr(const ObjCIvarRefExpr *IVRE,
362 CallingContext *Ctx) {
363 til::SExpr *BE = translate(IVRE->getBase(), Ctx);
364 til::SExpr *E = new (Arena) til::SApply(BE);
365
366 const auto *D = cast<ObjCIvarDecl>(IVRE->getDecl()->getCanonicalDecl());
367
368 til::Project *P = new (Arena) til::Project(E, D);
369 if (hasAnyPointerType(BE))
370 P->setArrow(true);
371 return P;
372 }
373
translateCallExpr(const CallExpr * CE,CallingContext * Ctx,const Expr * SelfE)374 til::SExpr *SExprBuilder::translateCallExpr(const CallExpr *CE,
375 CallingContext *Ctx,
376 const Expr *SelfE) {
377 if (CapabilityExprMode) {
378 // Handle LOCK_RETURNED
379 if (const FunctionDecl *FD = CE->getDirectCallee()) {
380 FD = FD->getMostRecentDecl();
381 if (LockReturnedAttr *At = FD->getAttr<LockReturnedAttr>()) {
382 CallingContext LRCallCtx(Ctx);
383 LRCallCtx.AttrDecl = CE->getDirectCallee();
384 LRCallCtx.SelfArg = SelfE;
385 LRCallCtx.NumArgs = CE->getNumArgs();
386 LRCallCtx.FunArgs = CE->getArgs();
387 return const_cast<til::SExpr *>(
388 translateAttrExpr(At->getArg(), &LRCallCtx).sexpr());
389 }
390 }
391 }
392
393 til::SExpr *E = translate(CE->getCallee(), Ctx);
394 for (const auto *Arg : CE->arguments()) {
395 til::SExpr *A = translate(Arg, Ctx);
396 E = new (Arena) til::Apply(E, A);
397 }
398 return new (Arena) til::Call(E, CE);
399 }
400
translateCXXMemberCallExpr(const CXXMemberCallExpr * ME,CallingContext * Ctx)401 til::SExpr *SExprBuilder::translateCXXMemberCallExpr(
402 const CXXMemberCallExpr *ME, CallingContext *Ctx) {
403 if (CapabilityExprMode) {
404 // Ignore calls to get() on smart pointers.
405 if (ME->getMethodDecl()->getNameAsString() == "get" &&
406 ME->getNumArgs() == 0) {
407 auto *E = translate(ME->getImplicitObjectArgument(), Ctx);
408 return new (Arena) til::Cast(til::CAST_objToPtr, E);
409 // return E;
410 }
411 }
412 return translateCallExpr(cast<CallExpr>(ME), Ctx,
413 ME->getImplicitObjectArgument());
414 }
415
translateCXXOperatorCallExpr(const CXXOperatorCallExpr * OCE,CallingContext * Ctx)416 til::SExpr *SExprBuilder::translateCXXOperatorCallExpr(
417 const CXXOperatorCallExpr *OCE, CallingContext *Ctx) {
418 if (CapabilityExprMode) {
419 // Ignore operator * and operator -> on smart pointers.
420 OverloadedOperatorKind k = OCE->getOperator();
421 if (k == OO_Star || k == OO_Arrow) {
422 auto *E = translate(OCE->getArg(0), Ctx);
423 return new (Arena) til::Cast(til::CAST_objToPtr, E);
424 // return E;
425 }
426 }
427 return translateCallExpr(cast<CallExpr>(OCE), Ctx);
428 }
429
translateUnaryOperator(const UnaryOperator * UO,CallingContext * Ctx)430 til::SExpr *SExprBuilder::translateUnaryOperator(const UnaryOperator *UO,
431 CallingContext *Ctx) {
432 switch (UO->getOpcode()) {
433 case UO_PostInc:
434 case UO_PostDec:
435 case UO_PreInc:
436 case UO_PreDec:
437 return new (Arena) til::Undefined(UO);
438
439 case UO_AddrOf:
440 if (CapabilityExprMode) {
441 // interpret &Graph::mu_ as an existential.
442 if (const auto *DRE = dyn_cast<DeclRefExpr>(UO->getSubExpr())) {
443 if (DRE->getDecl()->isCXXInstanceMember()) {
444 // This is a pointer-to-member expression, e.g. &MyClass::mu_.
445 // We interpret this syntax specially, as a wildcard.
446 auto *W = new (Arena) til::Wildcard();
447 return new (Arena) til::Project(W, DRE->getDecl());
448 }
449 }
450 }
451 // otherwise, & is a no-op
452 return translate(UO->getSubExpr(), Ctx);
453
454 // We treat these as no-ops
455 case UO_Deref:
456 case UO_Plus:
457 return translate(UO->getSubExpr(), Ctx);
458
459 case UO_Minus:
460 return new (Arena)
461 til::UnaryOp(til::UOP_Minus, translate(UO->getSubExpr(), Ctx));
462 case UO_Not:
463 return new (Arena)
464 til::UnaryOp(til::UOP_BitNot, translate(UO->getSubExpr(), Ctx));
465 case UO_LNot:
466 return new (Arena)
467 til::UnaryOp(til::UOP_LogicNot, translate(UO->getSubExpr(), Ctx));
468
469 // Currently unsupported
470 case UO_Real:
471 case UO_Imag:
472 case UO_Extension:
473 case UO_Coawait:
474 return new (Arena) til::Undefined(UO);
475 }
476 return new (Arena) til::Undefined(UO);
477 }
478
translateBinOp(til::TIL_BinaryOpcode Op,const BinaryOperator * BO,CallingContext * Ctx,bool Reverse)479 til::SExpr *SExprBuilder::translateBinOp(til::TIL_BinaryOpcode Op,
480 const BinaryOperator *BO,
481 CallingContext *Ctx, bool Reverse) {
482 til::SExpr *E0 = translate(BO->getLHS(), Ctx);
483 til::SExpr *E1 = translate(BO->getRHS(), Ctx);
484 if (Reverse)
485 return new (Arena) til::BinaryOp(Op, E1, E0);
486 else
487 return new (Arena) til::BinaryOp(Op, E0, E1);
488 }
489
translateBinAssign(til::TIL_BinaryOpcode Op,const BinaryOperator * BO,CallingContext * Ctx,bool Assign)490 til::SExpr *SExprBuilder::translateBinAssign(til::TIL_BinaryOpcode Op,
491 const BinaryOperator *BO,
492 CallingContext *Ctx,
493 bool Assign) {
494 const Expr *LHS = BO->getLHS();
495 const Expr *RHS = BO->getRHS();
496 til::SExpr *E0 = translate(LHS, Ctx);
497 til::SExpr *E1 = translate(RHS, Ctx);
498
499 const ValueDecl *VD = nullptr;
500 til::SExpr *CV = nullptr;
501 if (const auto *DRE = dyn_cast<DeclRefExpr>(LHS)) {
502 VD = DRE->getDecl();
503 CV = lookupVarDecl(VD);
504 }
505
506 if (!Assign) {
507 til::SExpr *Arg = CV ? CV : new (Arena) til::Load(E0);
508 E1 = new (Arena) til::BinaryOp(Op, Arg, E1);
509 E1 = addStatement(E1, nullptr, VD);
510 }
511 if (VD && CV)
512 return updateVarDecl(VD, E1);
513 return new (Arena) til::Store(E0, E1);
514 }
515
translateBinaryOperator(const BinaryOperator * BO,CallingContext * Ctx)516 til::SExpr *SExprBuilder::translateBinaryOperator(const BinaryOperator *BO,
517 CallingContext *Ctx) {
518 switch (BO->getOpcode()) {
519 case BO_PtrMemD:
520 case BO_PtrMemI:
521 return new (Arena) til::Undefined(BO);
522
523 case BO_Mul: return translateBinOp(til::BOP_Mul, BO, Ctx);
524 case BO_Div: return translateBinOp(til::BOP_Div, BO, Ctx);
525 case BO_Rem: return translateBinOp(til::BOP_Rem, BO, Ctx);
526 case BO_Add: return translateBinOp(til::BOP_Add, BO, Ctx);
527 case BO_Sub: return translateBinOp(til::BOP_Sub, BO, Ctx);
528 case BO_Shl: return translateBinOp(til::BOP_Shl, BO, Ctx);
529 case BO_Shr: return translateBinOp(til::BOP_Shr, BO, Ctx);
530 case BO_LT: return translateBinOp(til::BOP_Lt, BO, Ctx);
531 case BO_GT: return translateBinOp(til::BOP_Lt, BO, Ctx, true);
532 case BO_LE: return translateBinOp(til::BOP_Leq, BO, Ctx);
533 case BO_GE: return translateBinOp(til::BOP_Leq, BO, Ctx, true);
534 case BO_EQ: return translateBinOp(til::BOP_Eq, BO, Ctx);
535 case BO_NE: return translateBinOp(til::BOP_Neq, BO, Ctx);
536 case BO_Cmp: return translateBinOp(til::BOP_Cmp, BO, Ctx);
537 case BO_And: return translateBinOp(til::BOP_BitAnd, BO, Ctx);
538 case BO_Xor: return translateBinOp(til::BOP_BitXor, BO, Ctx);
539 case BO_Or: return translateBinOp(til::BOP_BitOr, BO, Ctx);
540 case BO_LAnd: return translateBinOp(til::BOP_LogicAnd, BO, Ctx);
541 case BO_LOr: return translateBinOp(til::BOP_LogicOr, BO, Ctx);
542
543 case BO_Assign: return translateBinAssign(til::BOP_Eq, BO, Ctx, true);
544 case BO_MulAssign: return translateBinAssign(til::BOP_Mul, BO, Ctx);
545 case BO_DivAssign: return translateBinAssign(til::BOP_Div, BO, Ctx);
546 case BO_RemAssign: return translateBinAssign(til::BOP_Rem, BO, Ctx);
547 case BO_AddAssign: return translateBinAssign(til::BOP_Add, BO, Ctx);
548 case BO_SubAssign: return translateBinAssign(til::BOP_Sub, BO, Ctx);
549 case BO_ShlAssign: return translateBinAssign(til::BOP_Shl, BO, Ctx);
550 case BO_ShrAssign: return translateBinAssign(til::BOP_Shr, BO, Ctx);
551 case BO_AndAssign: return translateBinAssign(til::BOP_BitAnd, BO, Ctx);
552 case BO_XorAssign: return translateBinAssign(til::BOP_BitXor, BO, Ctx);
553 case BO_OrAssign: return translateBinAssign(til::BOP_BitOr, BO, Ctx);
554
555 case BO_Comma:
556 // The clang CFG should have already processed both sides.
557 return translate(BO->getRHS(), Ctx);
558 }
559 return new (Arena) til::Undefined(BO);
560 }
561
translateCastExpr(const CastExpr * CE,CallingContext * Ctx)562 til::SExpr *SExprBuilder::translateCastExpr(const CastExpr *CE,
563 CallingContext *Ctx) {
564 CastKind K = CE->getCastKind();
565 switch (K) {
566 case CK_LValueToRValue: {
567 if (const auto *DRE = dyn_cast<DeclRefExpr>(CE->getSubExpr())) {
568 til::SExpr *E0 = lookupVarDecl(DRE->getDecl());
569 if (E0)
570 return E0;
571 }
572 til::SExpr *E0 = translate(CE->getSubExpr(), Ctx);
573 return E0;
574 // FIXME!! -- get Load working properly
575 // return new (Arena) til::Load(E0);
576 }
577 case CK_NoOp:
578 case CK_DerivedToBase:
579 case CK_UncheckedDerivedToBase:
580 case CK_ArrayToPointerDecay:
581 case CK_FunctionToPointerDecay: {
582 til::SExpr *E0 = translate(CE->getSubExpr(), Ctx);
583 return E0;
584 }
585 default: {
586 // FIXME: handle different kinds of casts.
587 til::SExpr *E0 = translate(CE->getSubExpr(), Ctx);
588 if (CapabilityExprMode)
589 return E0;
590 return new (Arena) til::Cast(til::CAST_none, E0);
591 }
592 }
593 }
594
595 til::SExpr *
translateArraySubscriptExpr(const ArraySubscriptExpr * E,CallingContext * Ctx)596 SExprBuilder::translateArraySubscriptExpr(const ArraySubscriptExpr *E,
597 CallingContext *Ctx) {
598 til::SExpr *E0 = translate(E->getBase(), Ctx);
599 til::SExpr *E1 = translate(E->getIdx(), Ctx);
600 return new (Arena) til::ArrayIndex(E0, E1);
601 }
602
603 til::SExpr *
translateAbstractConditionalOperator(const AbstractConditionalOperator * CO,CallingContext * Ctx)604 SExprBuilder::translateAbstractConditionalOperator(
605 const AbstractConditionalOperator *CO, CallingContext *Ctx) {
606 auto *C = translate(CO->getCond(), Ctx);
607 auto *T = translate(CO->getTrueExpr(), Ctx);
608 auto *E = translate(CO->getFalseExpr(), Ctx);
609 return new (Arena) til::IfThenElse(C, T, E);
610 }
611
612 til::SExpr *
translateDeclStmt(const DeclStmt * S,CallingContext * Ctx)613 SExprBuilder::translateDeclStmt(const DeclStmt *S, CallingContext *Ctx) {
614 DeclGroupRef DGrp = S->getDeclGroup();
615 for (auto I : DGrp) {
616 if (auto *VD = dyn_cast_or_null<VarDecl>(I)) {
617 Expr *E = VD->getInit();
618 til::SExpr* SE = translate(E, Ctx);
619
620 // Add local variables with trivial type to the variable map
621 QualType T = VD->getType();
622 if (T.isTrivialType(VD->getASTContext()))
623 return addVarDecl(VD, SE);
624 else {
625 // TODO: add alloca
626 }
627 }
628 }
629 return nullptr;
630 }
631
632 // If (E) is non-trivial, then add it to the current basic block, and
633 // update the statement map so that S refers to E. Returns a new variable
634 // that refers to E.
635 // If E is trivial returns E.
addStatement(til::SExpr * E,const Stmt * S,const ValueDecl * VD)636 til::SExpr *SExprBuilder::addStatement(til::SExpr* E, const Stmt *S,
637 const ValueDecl *VD) {
638 if (!E || !CurrentBB || E->block() || til::ThreadSafetyTIL::isTrivial(E))
639 return E;
640 if (VD)
641 E = new (Arena) til::Variable(E, VD);
642 CurrentInstructions.push_back(E);
643 if (S)
644 insertStmt(S, E);
645 return E;
646 }
647
648 // Returns the current value of VD, if known, and nullptr otherwise.
lookupVarDecl(const ValueDecl * VD)649 til::SExpr *SExprBuilder::lookupVarDecl(const ValueDecl *VD) {
650 auto It = LVarIdxMap.find(VD);
651 if (It != LVarIdxMap.end()) {
652 assert(CurrentLVarMap[It->second].first == VD);
653 return CurrentLVarMap[It->second].second;
654 }
655 return nullptr;
656 }
657
658 // if E is a til::Variable, update its clangDecl.
maybeUpdateVD(til::SExpr * E,const ValueDecl * VD)659 static void maybeUpdateVD(til::SExpr *E, const ValueDecl *VD) {
660 if (!E)
661 return;
662 if (auto *V = dyn_cast<til::Variable>(E)) {
663 if (!V->clangDecl())
664 V->setClangDecl(VD);
665 }
666 }
667
668 // Adds a new variable declaration.
addVarDecl(const ValueDecl * VD,til::SExpr * E)669 til::SExpr *SExprBuilder::addVarDecl(const ValueDecl *VD, til::SExpr *E) {
670 maybeUpdateVD(E, VD);
671 LVarIdxMap.insert(std::make_pair(VD, CurrentLVarMap.size()));
672 CurrentLVarMap.makeWritable();
673 CurrentLVarMap.push_back(std::make_pair(VD, E));
674 return E;
675 }
676
677 // Updates a current variable declaration. (E.g. by assignment)
updateVarDecl(const ValueDecl * VD,til::SExpr * E)678 til::SExpr *SExprBuilder::updateVarDecl(const ValueDecl *VD, til::SExpr *E) {
679 maybeUpdateVD(E, VD);
680 auto It = LVarIdxMap.find(VD);
681 if (It == LVarIdxMap.end()) {
682 til::SExpr *Ptr = new (Arena) til::LiteralPtr(VD);
683 til::SExpr *St = new (Arena) til::Store(Ptr, E);
684 return St;
685 }
686 CurrentLVarMap.makeWritable();
687 CurrentLVarMap.elem(It->second).second = E;
688 return E;
689 }
690
691 // Make a Phi node in the current block for the i^th variable in CurrentVarMap.
692 // If E != null, sets Phi[CurrentBlockInfo->ArgIndex] = E.
693 // If E == null, this is a backedge and will be set later.
makePhiNodeVar(unsigned i,unsigned NPreds,til::SExpr * E)694 void SExprBuilder::makePhiNodeVar(unsigned i, unsigned NPreds, til::SExpr *E) {
695 unsigned ArgIndex = CurrentBlockInfo->ProcessedPredecessors;
696 assert(ArgIndex > 0 && ArgIndex < NPreds);
697
698 til::SExpr *CurrE = CurrentLVarMap[i].second;
699 if (CurrE->block() == CurrentBB) {
700 // We already have a Phi node in the current block,
701 // so just add the new variable to the Phi node.
702 auto *Ph = dyn_cast<til::Phi>(CurrE);
703 assert(Ph && "Expecting Phi node.");
704 if (E)
705 Ph->values()[ArgIndex] = E;
706 return;
707 }
708
709 // Make a new phi node: phi(..., E)
710 // All phi args up to the current index are set to the current value.
711 til::Phi *Ph = new (Arena) til::Phi(Arena, NPreds);
712 Ph->values().setValues(NPreds, nullptr);
713 for (unsigned PIdx = 0; PIdx < ArgIndex; ++PIdx)
714 Ph->values()[PIdx] = CurrE;
715 if (E)
716 Ph->values()[ArgIndex] = E;
717 Ph->setClangDecl(CurrentLVarMap[i].first);
718 // If E is from a back-edge, or either E or CurrE are incomplete, then
719 // mark this node as incomplete; we may need to remove it later.
720 if (!E || isIncompletePhi(E) || isIncompletePhi(CurrE))
721 Ph->setStatus(til::Phi::PH_Incomplete);
722
723 // Add Phi node to current block, and update CurrentLVarMap[i]
724 CurrentArguments.push_back(Ph);
725 if (Ph->status() == til::Phi::PH_Incomplete)
726 IncompleteArgs.push_back(Ph);
727
728 CurrentLVarMap.makeWritable();
729 CurrentLVarMap.elem(i).second = Ph;
730 }
731
732 // Merge values from Map into the current variable map.
733 // This will construct Phi nodes in the current basic block as necessary.
mergeEntryMap(LVarDefinitionMap Map)734 void SExprBuilder::mergeEntryMap(LVarDefinitionMap Map) {
735 assert(CurrentBlockInfo && "Not processing a block!");
736
737 if (!CurrentLVarMap.valid()) {
738 // Steal Map, using copy-on-write.
739 CurrentLVarMap = std::move(Map);
740 return;
741 }
742 if (CurrentLVarMap.sameAs(Map))
743 return; // Easy merge: maps from different predecessors are unchanged.
744
745 unsigned NPreds = CurrentBB->numPredecessors();
746 unsigned ESz = CurrentLVarMap.size();
747 unsigned MSz = Map.size();
748 unsigned Sz = std::min(ESz, MSz);
749
750 for (unsigned i = 0; i < Sz; ++i) {
751 if (CurrentLVarMap[i].first != Map[i].first) {
752 // We've reached the end of variables in common.
753 CurrentLVarMap.makeWritable();
754 CurrentLVarMap.downsize(i);
755 break;
756 }
757 if (CurrentLVarMap[i].second != Map[i].second)
758 makePhiNodeVar(i, NPreds, Map[i].second);
759 }
760 if (ESz > MSz) {
761 CurrentLVarMap.makeWritable();
762 CurrentLVarMap.downsize(Map.size());
763 }
764 }
765
766 // Merge a back edge into the current variable map.
767 // This will create phi nodes for all variables in the variable map.
mergeEntryMapBackEdge()768 void SExprBuilder::mergeEntryMapBackEdge() {
769 // We don't have definitions for variables on the backedge, because we
770 // haven't gotten that far in the CFG. Thus, when encountering a back edge,
771 // we conservatively create Phi nodes for all variables. Unnecessary Phi
772 // nodes will be marked as incomplete, and stripped out at the end.
773 //
774 // An Phi node is unnecessary if it only refers to itself and one other
775 // variable, e.g. x = Phi(y, y, x) can be reduced to x = y.
776
777 assert(CurrentBlockInfo && "Not processing a block!");
778
779 if (CurrentBlockInfo->HasBackEdges)
780 return;
781 CurrentBlockInfo->HasBackEdges = true;
782
783 CurrentLVarMap.makeWritable();
784 unsigned Sz = CurrentLVarMap.size();
785 unsigned NPreds = CurrentBB->numPredecessors();
786
787 for (unsigned i = 0; i < Sz; ++i)
788 makePhiNodeVar(i, NPreds, nullptr);
789 }
790
791 // Update the phi nodes that were initially created for a back edge
792 // once the variable definitions have been computed.
793 // I.e., merge the current variable map into the phi nodes for Blk.
mergePhiNodesBackEdge(const CFGBlock * Blk)794 void SExprBuilder::mergePhiNodesBackEdge(const CFGBlock *Blk) {
795 til::BasicBlock *BB = lookupBlock(Blk);
796 unsigned ArgIndex = BBInfo[Blk->getBlockID()].ProcessedPredecessors;
797 assert(ArgIndex > 0 && ArgIndex < BB->numPredecessors());
798
799 for (til::SExpr *PE : BB->arguments()) {
800 auto *Ph = dyn_cast_or_null<til::Phi>(PE);
801 assert(Ph && "Expecting Phi Node.");
802 assert(Ph->values()[ArgIndex] == nullptr && "Wrong index for back edge.");
803
804 til::SExpr *E = lookupVarDecl(Ph->clangDecl());
805 assert(E && "Couldn't find local variable for Phi node.");
806 Ph->values()[ArgIndex] = E;
807 }
808 }
809
enterCFG(CFG * Cfg,const NamedDecl * D,const CFGBlock * First)810 void SExprBuilder::enterCFG(CFG *Cfg, const NamedDecl *D,
811 const CFGBlock *First) {
812 // Perform initial setup operations.
813 unsigned NBlocks = Cfg->getNumBlockIDs();
814 Scfg = new (Arena) til::SCFG(Arena, NBlocks);
815
816 // allocate all basic blocks immediately, to handle forward references.
817 BBInfo.resize(NBlocks);
818 BlockMap.resize(NBlocks, nullptr);
819 // create map from clang blockID to til::BasicBlocks
820 for (auto *B : *Cfg) {
821 auto *BB = new (Arena) til::BasicBlock(Arena);
822 BB->reserveInstructions(B->size());
823 BlockMap[B->getBlockID()] = BB;
824 }
825
826 CurrentBB = lookupBlock(&Cfg->getEntry());
827 auto Parms = isa<ObjCMethodDecl>(D) ? cast<ObjCMethodDecl>(D)->parameters()
828 : cast<FunctionDecl>(D)->parameters();
829 for (auto *Pm : Parms) {
830 QualType T = Pm->getType();
831 if (!T.isTrivialType(Pm->getASTContext()))
832 continue;
833
834 // Add parameters to local variable map.
835 // FIXME: right now we emulate params with loads; that should be fixed.
836 til::SExpr *Lp = new (Arena) til::LiteralPtr(Pm);
837 til::SExpr *Ld = new (Arena) til::Load(Lp);
838 til::SExpr *V = addStatement(Ld, nullptr, Pm);
839 addVarDecl(Pm, V);
840 }
841 }
842
enterCFGBlock(const CFGBlock * B)843 void SExprBuilder::enterCFGBlock(const CFGBlock *B) {
844 // Initialize TIL basic block and add it to the CFG.
845 CurrentBB = lookupBlock(B);
846 CurrentBB->reservePredecessors(B->pred_size());
847 Scfg->add(CurrentBB);
848
849 CurrentBlockInfo = &BBInfo[B->getBlockID()];
850
851 // CurrentLVarMap is moved to ExitMap on block exit.
852 // FIXME: the entry block will hold function parameters.
853 // assert(!CurrentLVarMap.valid() && "CurrentLVarMap already initialized.");
854 }
855
handlePredecessor(const CFGBlock * Pred)856 void SExprBuilder::handlePredecessor(const CFGBlock *Pred) {
857 // Compute CurrentLVarMap on entry from ExitMaps of predecessors
858
859 CurrentBB->addPredecessor(BlockMap[Pred->getBlockID()]);
860 BlockInfo *PredInfo = &BBInfo[Pred->getBlockID()];
861 assert(PredInfo->UnprocessedSuccessors > 0);
862
863 if (--PredInfo->UnprocessedSuccessors == 0)
864 mergeEntryMap(std::move(PredInfo->ExitMap));
865 else
866 mergeEntryMap(PredInfo->ExitMap.clone());
867
868 ++CurrentBlockInfo->ProcessedPredecessors;
869 }
870
handlePredecessorBackEdge(const CFGBlock * Pred)871 void SExprBuilder::handlePredecessorBackEdge(const CFGBlock *Pred) {
872 mergeEntryMapBackEdge();
873 }
874
enterCFGBlockBody(const CFGBlock * B)875 void SExprBuilder::enterCFGBlockBody(const CFGBlock *B) {
876 // The merge*() methods have created arguments.
877 // Push those arguments onto the basic block.
878 CurrentBB->arguments().reserve(
879 static_cast<unsigned>(CurrentArguments.size()), Arena);
880 for (auto *A : CurrentArguments)
881 CurrentBB->addArgument(A);
882 }
883
handleStatement(const Stmt * S)884 void SExprBuilder::handleStatement(const Stmt *S) {
885 til::SExpr *E = translate(S, nullptr);
886 addStatement(E, S);
887 }
888
handleDestructorCall(const VarDecl * VD,const CXXDestructorDecl * DD)889 void SExprBuilder::handleDestructorCall(const VarDecl *VD,
890 const CXXDestructorDecl *DD) {
891 til::SExpr *Sf = new (Arena) til::LiteralPtr(VD);
892 til::SExpr *Dr = new (Arena) til::LiteralPtr(DD);
893 til::SExpr *Ap = new (Arena) til::Apply(Dr, Sf);
894 til::SExpr *E = new (Arena) til::Call(Ap);
895 addStatement(E, nullptr);
896 }
897
exitCFGBlockBody(const CFGBlock * B)898 void SExprBuilder::exitCFGBlockBody(const CFGBlock *B) {
899 CurrentBB->instructions().reserve(
900 static_cast<unsigned>(CurrentInstructions.size()), Arena);
901 for (auto *V : CurrentInstructions)
902 CurrentBB->addInstruction(V);
903
904 // Create an appropriate terminator
905 unsigned N = B->succ_size();
906 auto It = B->succ_begin();
907 if (N == 1) {
908 til::BasicBlock *BB = *It ? lookupBlock(*It) : nullptr;
909 // TODO: set index
910 unsigned Idx = BB ? BB->findPredecessorIndex(CurrentBB) : 0;
911 auto *Tm = new (Arena) til::Goto(BB, Idx);
912 CurrentBB->setTerminator(Tm);
913 }
914 else if (N == 2) {
915 til::SExpr *C = translate(B->getTerminatorCondition(true), nullptr);
916 til::BasicBlock *BB1 = *It ? lookupBlock(*It) : nullptr;
917 ++It;
918 til::BasicBlock *BB2 = *It ? lookupBlock(*It) : nullptr;
919 // FIXME: make sure these aren't critical edges.
920 auto *Tm = new (Arena) til::Branch(C, BB1, BB2);
921 CurrentBB->setTerminator(Tm);
922 }
923 }
924
handleSuccessor(const CFGBlock * Succ)925 void SExprBuilder::handleSuccessor(const CFGBlock *Succ) {
926 ++CurrentBlockInfo->UnprocessedSuccessors;
927 }
928
handleSuccessorBackEdge(const CFGBlock * Succ)929 void SExprBuilder::handleSuccessorBackEdge(const CFGBlock *Succ) {
930 mergePhiNodesBackEdge(Succ);
931 ++BBInfo[Succ->getBlockID()].ProcessedPredecessors;
932 }
933
exitCFGBlock(const CFGBlock * B)934 void SExprBuilder::exitCFGBlock(const CFGBlock *B) {
935 CurrentArguments.clear();
936 CurrentInstructions.clear();
937 CurrentBlockInfo->ExitMap = std::move(CurrentLVarMap);
938 CurrentBB = nullptr;
939 CurrentBlockInfo = nullptr;
940 }
941
exitCFG(const CFGBlock * Last)942 void SExprBuilder::exitCFG(const CFGBlock *Last) {
943 for (auto *Ph : IncompleteArgs) {
944 if (Ph->status() == til::Phi::PH_Incomplete)
945 simplifyIncompleteArg(Ph);
946 }
947
948 CurrentArguments.clear();
949 CurrentInstructions.clear();
950 IncompleteArgs.clear();
951 }
952
953 /*
954 namespace {
955
956 class TILPrinter :
957 public til::PrettyPrinter<TILPrinter, llvm::raw_ostream> {};
958
959 } // namespace
960
961 namespace clang {
962 namespace threadSafety {
963
964 void printSCFG(CFGWalker &Walker) {
965 llvm::BumpPtrAllocator Bpa;
966 til::MemRegionRef Arena(&Bpa);
967 SExprBuilder SxBuilder(Arena);
968 til::SCFG *Scfg = SxBuilder.buildCFG(Walker);
969 TILPrinter::print(Scfg, llvm::errs());
970 }
971
972 } // namespace threadSafety
973 } // namespace clang
974 */
975