1 //===- ThreadSafetyCommon.cpp ---------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // Implementation of the interfaces declared in ThreadSafetyCommon.h
10 //
11 //===----------------------------------------------------------------------===//
12
13 #include "clang/Analysis/Analyses/ThreadSafetyCommon.h"
14 #include "clang/AST/Attr.h"
15 #include "clang/AST/Decl.h"
16 #include "clang/AST/DeclCXX.h"
17 #include "clang/AST/DeclGroup.h"
18 #include "clang/AST/DeclObjC.h"
19 #include "clang/AST/Expr.h"
20 #include "clang/AST/ExprCXX.h"
21 #include "clang/AST/OperationKinds.h"
22 #include "clang/AST/Stmt.h"
23 #include "clang/AST/Type.h"
24 #include "clang/Analysis/Analyses/ThreadSafetyTIL.h"
25 #include "clang/Analysis/CFG.h"
26 #include "clang/Basic/LLVM.h"
27 #include "clang/Basic/OperatorKinds.h"
28 #include "clang/Basic/Specifiers.h"
29 #include "llvm/ADT/StringRef.h"
30 #include "llvm/Support/Casting.h"
31 #include <algorithm>
32 #include <cassert>
33 #include <string>
34 #include <utility>
35
36 using namespace clang;
37 using namespace threadSafety;
38
39 // From ThreadSafetyUtil.h
getSourceLiteralString(const Expr * CE)40 std::string threadSafety::getSourceLiteralString(const Expr *CE) {
41 switch (CE->getStmtClass()) {
42 case Stmt::IntegerLiteralClass:
43 return cast<IntegerLiteral>(CE)->getValue().toString(10, true);
44 case Stmt::StringLiteralClass: {
45 std::string ret("\"");
46 ret += cast<StringLiteral>(CE)->getString();
47 ret += "\"";
48 return ret;
49 }
50 case Stmt::CharacterLiteralClass:
51 case Stmt::CXXNullPtrLiteralExprClass:
52 case Stmt::GNUNullExprClass:
53 case Stmt::CXXBoolLiteralExprClass:
54 case Stmt::FloatingLiteralClass:
55 case Stmt::ImaginaryLiteralClass:
56 case Stmt::ObjCStringLiteralClass:
57 default:
58 return "#lit";
59 }
60 }
61
62 // Return true if E is a variable that points to an incomplete Phi node.
isIncompletePhi(const til::SExpr * E)63 static bool isIncompletePhi(const til::SExpr *E) {
64 if (const auto *Ph = dyn_cast<til::Phi>(E))
65 return Ph->status() == til::Phi::PH_Incomplete;
66 return false;
67 }
68
69 using CallingContext = SExprBuilder::CallingContext;
70
lookupStmt(const Stmt * S)71 til::SExpr *SExprBuilder::lookupStmt(const Stmt *S) {
72 auto It = SMap.find(S);
73 if (It != SMap.end())
74 return It->second;
75 return nullptr;
76 }
77
buildCFG(CFGWalker & Walker)78 til::SCFG *SExprBuilder::buildCFG(CFGWalker &Walker) {
79 Walker.walk(*this);
80 return Scfg;
81 }
82
isCalleeArrow(const Expr * E)83 static bool isCalleeArrow(const Expr *E) {
84 const auto *ME = dyn_cast<MemberExpr>(E->IgnoreParenCasts());
85 return ME ? ME->isArrow() : false;
86 }
87
88 /// Translate a clang expression in an attribute to a til::SExpr.
89 /// Constructs the context from D, DeclExp, and SelfDecl.
90 ///
91 /// \param AttrExp The expression to translate.
92 /// \param D The declaration to which the attribute is attached.
93 /// \param DeclExp An expression involving the Decl to which the attribute
94 /// is attached. E.g. the call to a function.
translateAttrExpr(const Expr * AttrExp,const NamedDecl * D,const Expr * DeclExp,VarDecl * SelfDecl)95 CapabilityExpr SExprBuilder::translateAttrExpr(const Expr *AttrExp,
96 const NamedDecl *D,
97 const Expr *DeclExp,
98 VarDecl *SelfDecl) {
99 // If we are processing a raw attribute expression, with no substitutions.
100 if (!DeclExp)
101 return translateAttrExpr(AttrExp, nullptr);
102
103 CallingContext Ctx(nullptr, D);
104
105 // Examine DeclExp to find SelfArg and FunArgs, which are used to substitute
106 // for formal parameters when we call buildMutexID later.
107 if (const auto *ME = dyn_cast<MemberExpr>(DeclExp)) {
108 Ctx.SelfArg = ME->getBase();
109 Ctx.SelfArrow = ME->isArrow();
110 } else if (const auto *CE = dyn_cast<CXXMemberCallExpr>(DeclExp)) {
111 Ctx.SelfArg = CE->getImplicitObjectArgument();
112 Ctx.SelfArrow = isCalleeArrow(CE->getCallee());
113 Ctx.NumArgs = CE->getNumArgs();
114 Ctx.FunArgs = CE->getArgs();
115 } else if (const auto *CE = dyn_cast<CallExpr>(DeclExp)) {
116 Ctx.NumArgs = CE->getNumArgs();
117 Ctx.FunArgs = CE->getArgs();
118 } else if (const auto *CE = dyn_cast<CXXConstructExpr>(DeclExp)) {
119 Ctx.SelfArg = nullptr; // Will be set below
120 Ctx.NumArgs = CE->getNumArgs();
121 Ctx.FunArgs = CE->getArgs();
122 } else if (D && isa<CXXDestructorDecl>(D)) {
123 // There's no such thing as a "destructor call" in the AST.
124 Ctx.SelfArg = DeclExp;
125 }
126
127 // Hack to handle constructors, where self cannot be recovered from
128 // the expression.
129 if (SelfDecl && !Ctx.SelfArg) {
130 DeclRefExpr SelfDRE(SelfDecl->getASTContext(), SelfDecl, false,
131 SelfDecl->getType(), VK_LValue,
132 SelfDecl->getLocation());
133 Ctx.SelfArg = &SelfDRE;
134
135 // If the attribute has no arguments, then assume the argument is "this".
136 if (!AttrExp)
137 return translateAttrExpr(Ctx.SelfArg, nullptr);
138 else // For most attributes.
139 return translateAttrExpr(AttrExp, &Ctx);
140 }
141
142 // If the attribute has no arguments, then assume the argument is "this".
143 if (!AttrExp)
144 return translateAttrExpr(Ctx.SelfArg, nullptr);
145 else // For most attributes.
146 return translateAttrExpr(AttrExp, &Ctx);
147 }
148
149 /// Translate a clang expression in an attribute to a til::SExpr.
150 // This assumes a CallingContext has already been created.
translateAttrExpr(const Expr * AttrExp,CallingContext * Ctx)151 CapabilityExpr SExprBuilder::translateAttrExpr(const Expr *AttrExp,
152 CallingContext *Ctx) {
153 if (!AttrExp)
154 return CapabilityExpr(nullptr, false);
155
156 if (const auto* SLit = dyn_cast<StringLiteral>(AttrExp)) {
157 if (SLit->getString() == StringRef("*"))
158 // The "*" expr is a universal lock, which essentially turns off
159 // checks until it is removed from the lockset.
160 return CapabilityExpr(new (Arena) til::Wildcard(), false);
161 else
162 // Ignore other string literals for now.
163 return CapabilityExpr(nullptr, false);
164 }
165
166 bool Neg = false;
167 if (const auto *OE = dyn_cast<CXXOperatorCallExpr>(AttrExp)) {
168 if (OE->getOperator() == OO_Exclaim) {
169 Neg = true;
170 AttrExp = OE->getArg(0);
171 }
172 }
173 else if (const auto *UO = dyn_cast<UnaryOperator>(AttrExp)) {
174 if (UO->getOpcode() == UO_LNot) {
175 Neg = true;
176 AttrExp = UO->getSubExpr();
177 }
178 }
179
180 til::SExpr *E = translate(AttrExp, Ctx);
181
182 // Trap mutex expressions like nullptr, or 0.
183 // Any literal value is nonsense.
184 if (!E || isa<til::Literal>(E))
185 return CapabilityExpr(nullptr, false);
186
187 // Hack to deal with smart pointers -- strip off top-level pointer casts.
188 if (const auto *CE = dyn_cast<til::Cast>(E)) {
189 if (CE->castOpcode() == til::CAST_objToPtr)
190 return CapabilityExpr(CE->expr(), Neg);
191 }
192 return CapabilityExpr(E, Neg);
193 }
194
195 // Translate a clang statement or expression to a TIL expression.
196 // Also performs substitution of variables; Ctx provides the context.
197 // Dispatches on the type of S.
translate(const Stmt * S,CallingContext * Ctx)198 til::SExpr *SExprBuilder::translate(const Stmt *S, CallingContext *Ctx) {
199 if (!S)
200 return nullptr;
201
202 // Check if S has already been translated and cached.
203 // This handles the lookup of SSA names for DeclRefExprs here.
204 if (til::SExpr *E = lookupStmt(S))
205 return E;
206
207 switch (S->getStmtClass()) {
208 case Stmt::DeclRefExprClass:
209 return translateDeclRefExpr(cast<DeclRefExpr>(S), Ctx);
210 case Stmt::CXXThisExprClass:
211 return translateCXXThisExpr(cast<CXXThisExpr>(S), Ctx);
212 case Stmt::MemberExprClass:
213 return translateMemberExpr(cast<MemberExpr>(S), Ctx);
214 case Stmt::ObjCIvarRefExprClass:
215 return translateObjCIVarRefExpr(cast<ObjCIvarRefExpr>(S), Ctx);
216 case Stmt::CallExprClass:
217 return translateCallExpr(cast<CallExpr>(S), Ctx);
218 case Stmt::CXXMemberCallExprClass:
219 return translateCXXMemberCallExpr(cast<CXXMemberCallExpr>(S), Ctx);
220 case Stmt::CXXOperatorCallExprClass:
221 return translateCXXOperatorCallExpr(cast<CXXOperatorCallExpr>(S), Ctx);
222 case Stmt::UnaryOperatorClass:
223 return translateUnaryOperator(cast<UnaryOperator>(S), Ctx);
224 case Stmt::BinaryOperatorClass:
225 case Stmt::CompoundAssignOperatorClass:
226 return translateBinaryOperator(cast<BinaryOperator>(S), Ctx);
227
228 case Stmt::ArraySubscriptExprClass:
229 return translateArraySubscriptExpr(cast<ArraySubscriptExpr>(S), Ctx);
230 case Stmt::ConditionalOperatorClass:
231 return translateAbstractConditionalOperator(
232 cast<ConditionalOperator>(S), Ctx);
233 case Stmt::BinaryConditionalOperatorClass:
234 return translateAbstractConditionalOperator(
235 cast<BinaryConditionalOperator>(S), Ctx);
236
237 // We treat these as no-ops
238 case Stmt::ConstantExprClass:
239 return translate(cast<ConstantExpr>(S)->getSubExpr(), Ctx);
240 case Stmt::ParenExprClass:
241 return translate(cast<ParenExpr>(S)->getSubExpr(), Ctx);
242 case Stmt::ExprWithCleanupsClass:
243 return translate(cast<ExprWithCleanups>(S)->getSubExpr(), Ctx);
244 case Stmt::CXXBindTemporaryExprClass:
245 return translate(cast<CXXBindTemporaryExpr>(S)->getSubExpr(), Ctx);
246 case Stmt::MaterializeTemporaryExprClass:
247 return translate(cast<MaterializeTemporaryExpr>(S)->getSubExpr(), Ctx);
248
249 // Collect all literals
250 case Stmt::CharacterLiteralClass:
251 case Stmt::CXXNullPtrLiteralExprClass:
252 case Stmt::GNUNullExprClass:
253 case Stmt::CXXBoolLiteralExprClass:
254 case Stmt::FloatingLiteralClass:
255 case Stmt::ImaginaryLiteralClass:
256 case Stmt::IntegerLiteralClass:
257 case Stmt::StringLiteralClass:
258 case Stmt::ObjCStringLiteralClass:
259 return new (Arena) til::Literal(cast<Expr>(S));
260
261 case Stmt::DeclStmtClass:
262 return translateDeclStmt(cast<DeclStmt>(S), Ctx);
263 default:
264 break;
265 }
266 if (const auto *CE = dyn_cast<CastExpr>(S))
267 return translateCastExpr(CE, Ctx);
268
269 return new (Arena) til::Undefined(S);
270 }
271
translateDeclRefExpr(const DeclRefExpr * DRE,CallingContext * Ctx)272 til::SExpr *SExprBuilder::translateDeclRefExpr(const DeclRefExpr *DRE,
273 CallingContext *Ctx) {
274 const auto *VD = cast<ValueDecl>(DRE->getDecl()->getCanonicalDecl());
275
276 // Function parameters require substitution and/or renaming.
277 if (const auto *PV = dyn_cast<ParmVarDecl>(VD)) {
278 unsigned I = PV->getFunctionScopeIndex();
279 const DeclContext *D = PV->getDeclContext();
280 if (Ctx && Ctx->FunArgs) {
281 const Decl *Canonical = Ctx->AttrDecl->getCanonicalDecl();
282 if (isa<FunctionDecl>(D)
283 ? (cast<FunctionDecl>(D)->getCanonicalDecl() == Canonical)
284 : (cast<ObjCMethodDecl>(D)->getCanonicalDecl() == Canonical)) {
285 // Substitute call arguments for references to function parameters
286 assert(I < Ctx->NumArgs);
287 return translate(Ctx->FunArgs[I], Ctx->Prev);
288 }
289 }
290 // Map the param back to the param of the original function declaration
291 // for consistent comparisons.
292 VD = isa<FunctionDecl>(D)
293 ? cast<FunctionDecl>(D)->getCanonicalDecl()->getParamDecl(I)
294 : cast<ObjCMethodDecl>(D)->getCanonicalDecl()->getParamDecl(I);
295 }
296
297 // For non-local variables, treat it as a reference to a named object.
298 return new (Arena) til::LiteralPtr(VD);
299 }
300
translateCXXThisExpr(const CXXThisExpr * TE,CallingContext * Ctx)301 til::SExpr *SExprBuilder::translateCXXThisExpr(const CXXThisExpr *TE,
302 CallingContext *Ctx) {
303 // Substitute for 'this'
304 if (Ctx && Ctx->SelfArg)
305 return translate(Ctx->SelfArg, Ctx->Prev);
306 assert(SelfVar && "We have no variable for 'this'!");
307 return SelfVar;
308 }
309
getValueDeclFromSExpr(const til::SExpr * E)310 static const ValueDecl *getValueDeclFromSExpr(const til::SExpr *E) {
311 if (const auto *V = dyn_cast<til::Variable>(E))
312 return V->clangDecl();
313 if (const auto *Ph = dyn_cast<til::Phi>(E))
314 return Ph->clangDecl();
315 if (const auto *P = dyn_cast<til::Project>(E))
316 return P->clangDecl();
317 if (const auto *L = dyn_cast<til::LiteralPtr>(E))
318 return L->clangDecl();
319 return nullptr;
320 }
321
hasAnyPointerType(const til::SExpr * E)322 static bool hasAnyPointerType(const til::SExpr *E) {
323 auto *VD = getValueDeclFromSExpr(E);
324 if (VD && VD->getType()->isAnyPointerType())
325 return true;
326 if (const auto *C = dyn_cast<til::Cast>(E))
327 return C->castOpcode() == til::CAST_objToPtr;
328
329 return false;
330 }
331
332 // Grab the very first declaration of virtual method D
getFirstVirtualDecl(const CXXMethodDecl * D)333 static const CXXMethodDecl *getFirstVirtualDecl(const CXXMethodDecl *D) {
334 while (true) {
335 D = D->getCanonicalDecl();
336 auto OverriddenMethods = D->overridden_methods();
337 if (OverriddenMethods.begin() == OverriddenMethods.end())
338 return D; // Method does not override anything
339 // FIXME: this does not work with multiple inheritance.
340 D = *OverriddenMethods.begin();
341 }
342 return nullptr;
343 }
344
translateMemberExpr(const MemberExpr * ME,CallingContext * Ctx)345 til::SExpr *SExprBuilder::translateMemberExpr(const MemberExpr *ME,
346 CallingContext *Ctx) {
347 til::SExpr *BE = translate(ME->getBase(), Ctx);
348 til::SExpr *E = new (Arena) til::SApply(BE);
349
350 const auto *D = cast<ValueDecl>(ME->getMemberDecl()->getCanonicalDecl());
351 if (const auto *VD = dyn_cast<CXXMethodDecl>(D))
352 D = getFirstVirtualDecl(VD);
353
354 til::Project *P = new (Arena) til::Project(E, D);
355 if (hasAnyPointerType(BE))
356 P->setArrow(true);
357 return P;
358 }
359
translateObjCIVarRefExpr(const ObjCIvarRefExpr * IVRE,CallingContext * Ctx)360 til::SExpr *SExprBuilder::translateObjCIVarRefExpr(const ObjCIvarRefExpr *IVRE,
361 CallingContext *Ctx) {
362 til::SExpr *BE = translate(IVRE->getBase(), Ctx);
363 til::SExpr *E = new (Arena) til::SApply(BE);
364
365 const auto *D = cast<ObjCIvarDecl>(IVRE->getDecl()->getCanonicalDecl());
366
367 til::Project *P = new (Arena) til::Project(E, D);
368 if (hasAnyPointerType(BE))
369 P->setArrow(true);
370 return P;
371 }
372
translateCallExpr(const CallExpr * CE,CallingContext * Ctx,const Expr * SelfE)373 til::SExpr *SExprBuilder::translateCallExpr(const CallExpr *CE,
374 CallingContext *Ctx,
375 const Expr *SelfE) {
376 if (CapabilityExprMode) {
377 // Handle LOCK_RETURNED
378 if (const FunctionDecl *FD = CE->getDirectCallee()) {
379 FD = FD->getMostRecentDecl();
380 if (LockReturnedAttr *At = FD->getAttr<LockReturnedAttr>()) {
381 CallingContext LRCallCtx(Ctx);
382 LRCallCtx.AttrDecl = CE->getDirectCallee();
383 LRCallCtx.SelfArg = SelfE;
384 LRCallCtx.NumArgs = CE->getNumArgs();
385 LRCallCtx.FunArgs = CE->getArgs();
386 return const_cast<til::SExpr *>(
387 translateAttrExpr(At->getArg(), &LRCallCtx).sexpr());
388 }
389 }
390 }
391
392 til::SExpr *E = translate(CE->getCallee(), Ctx);
393 for (const auto *Arg : CE->arguments()) {
394 til::SExpr *A = translate(Arg, Ctx);
395 E = new (Arena) til::Apply(E, A);
396 }
397 return new (Arena) til::Call(E, CE);
398 }
399
translateCXXMemberCallExpr(const CXXMemberCallExpr * ME,CallingContext * Ctx)400 til::SExpr *SExprBuilder::translateCXXMemberCallExpr(
401 const CXXMemberCallExpr *ME, CallingContext *Ctx) {
402 if (CapabilityExprMode) {
403 // Ignore calls to get() on smart pointers.
404 if (ME->getMethodDecl()->getNameAsString() == "get" &&
405 ME->getNumArgs() == 0) {
406 auto *E = translate(ME->getImplicitObjectArgument(), Ctx);
407 return new (Arena) til::Cast(til::CAST_objToPtr, E);
408 // return E;
409 }
410 }
411 return translateCallExpr(cast<CallExpr>(ME), Ctx,
412 ME->getImplicitObjectArgument());
413 }
414
translateCXXOperatorCallExpr(const CXXOperatorCallExpr * OCE,CallingContext * Ctx)415 til::SExpr *SExprBuilder::translateCXXOperatorCallExpr(
416 const CXXOperatorCallExpr *OCE, CallingContext *Ctx) {
417 if (CapabilityExprMode) {
418 // Ignore operator * and operator -> on smart pointers.
419 OverloadedOperatorKind k = OCE->getOperator();
420 if (k == OO_Star || k == OO_Arrow) {
421 auto *E = translate(OCE->getArg(0), Ctx);
422 return new (Arena) til::Cast(til::CAST_objToPtr, E);
423 // return E;
424 }
425 }
426 return translateCallExpr(cast<CallExpr>(OCE), Ctx);
427 }
428
translateUnaryOperator(const UnaryOperator * UO,CallingContext * Ctx)429 til::SExpr *SExprBuilder::translateUnaryOperator(const UnaryOperator *UO,
430 CallingContext *Ctx) {
431 switch (UO->getOpcode()) {
432 case UO_PostInc:
433 case UO_PostDec:
434 case UO_PreInc:
435 case UO_PreDec:
436 return new (Arena) til::Undefined(UO);
437
438 case UO_AddrOf:
439 if (CapabilityExprMode) {
440 // interpret &Graph::mu_ as an existential.
441 if (const auto *DRE = dyn_cast<DeclRefExpr>(UO->getSubExpr())) {
442 if (DRE->getDecl()->isCXXInstanceMember()) {
443 // This is a pointer-to-member expression, e.g. &MyClass::mu_.
444 // We interpret this syntax specially, as a wildcard.
445 auto *W = new (Arena) til::Wildcard();
446 return new (Arena) til::Project(W, DRE->getDecl());
447 }
448 }
449 }
450 // otherwise, & is a no-op
451 return translate(UO->getSubExpr(), Ctx);
452
453 // We treat these as no-ops
454 case UO_Deref:
455 case UO_Plus:
456 return translate(UO->getSubExpr(), Ctx);
457
458 case UO_Minus:
459 return new (Arena)
460 til::UnaryOp(til::UOP_Minus, translate(UO->getSubExpr(), Ctx));
461 case UO_Not:
462 return new (Arena)
463 til::UnaryOp(til::UOP_BitNot, translate(UO->getSubExpr(), Ctx));
464 case UO_LNot:
465 return new (Arena)
466 til::UnaryOp(til::UOP_LogicNot, translate(UO->getSubExpr(), Ctx));
467
468 // Currently unsupported
469 case UO_Real:
470 case UO_Imag:
471 case UO_Extension:
472 case UO_Coawait:
473 return new (Arena) til::Undefined(UO);
474 }
475 return new (Arena) til::Undefined(UO);
476 }
477
translateBinOp(til::TIL_BinaryOpcode Op,const BinaryOperator * BO,CallingContext * Ctx,bool Reverse)478 til::SExpr *SExprBuilder::translateBinOp(til::TIL_BinaryOpcode Op,
479 const BinaryOperator *BO,
480 CallingContext *Ctx, bool Reverse) {
481 til::SExpr *E0 = translate(BO->getLHS(), Ctx);
482 til::SExpr *E1 = translate(BO->getRHS(), Ctx);
483 if (Reverse)
484 return new (Arena) til::BinaryOp(Op, E1, E0);
485 else
486 return new (Arena) til::BinaryOp(Op, E0, E1);
487 }
488
translateBinAssign(til::TIL_BinaryOpcode Op,const BinaryOperator * BO,CallingContext * Ctx,bool Assign)489 til::SExpr *SExprBuilder::translateBinAssign(til::TIL_BinaryOpcode Op,
490 const BinaryOperator *BO,
491 CallingContext *Ctx,
492 bool Assign) {
493 const Expr *LHS = BO->getLHS();
494 const Expr *RHS = BO->getRHS();
495 til::SExpr *E0 = translate(LHS, Ctx);
496 til::SExpr *E1 = translate(RHS, Ctx);
497
498 const ValueDecl *VD = nullptr;
499 til::SExpr *CV = nullptr;
500 if (const auto *DRE = dyn_cast<DeclRefExpr>(LHS)) {
501 VD = DRE->getDecl();
502 CV = lookupVarDecl(VD);
503 }
504
505 if (!Assign) {
506 til::SExpr *Arg = CV ? CV : new (Arena) til::Load(E0);
507 E1 = new (Arena) til::BinaryOp(Op, Arg, E1);
508 E1 = addStatement(E1, nullptr, VD);
509 }
510 if (VD && CV)
511 return updateVarDecl(VD, E1);
512 return new (Arena) til::Store(E0, E1);
513 }
514
translateBinaryOperator(const BinaryOperator * BO,CallingContext * Ctx)515 til::SExpr *SExprBuilder::translateBinaryOperator(const BinaryOperator *BO,
516 CallingContext *Ctx) {
517 switch (BO->getOpcode()) {
518 case BO_PtrMemD:
519 case BO_PtrMemI:
520 return new (Arena) til::Undefined(BO);
521
522 case BO_Mul: return translateBinOp(til::BOP_Mul, BO, Ctx);
523 case BO_Div: return translateBinOp(til::BOP_Div, BO, Ctx);
524 case BO_Rem: return translateBinOp(til::BOP_Rem, BO, Ctx);
525 case BO_Add: return translateBinOp(til::BOP_Add, BO, Ctx);
526 case BO_Sub: return translateBinOp(til::BOP_Sub, BO, Ctx);
527 case BO_Shl: return translateBinOp(til::BOP_Shl, BO, Ctx);
528 case BO_Shr: return translateBinOp(til::BOP_Shr, BO, Ctx);
529 case BO_LT: return translateBinOp(til::BOP_Lt, BO, Ctx);
530 case BO_GT: return translateBinOp(til::BOP_Lt, BO, Ctx, true);
531 case BO_LE: return translateBinOp(til::BOP_Leq, BO, Ctx);
532 case BO_GE: return translateBinOp(til::BOP_Leq, BO, Ctx, true);
533 case BO_EQ: return translateBinOp(til::BOP_Eq, BO, Ctx);
534 case BO_NE: return translateBinOp(til::BOP_Neq, BO, Ctx);
535 case BO_Cmp: return translateBinOp(til::BOP_Cmp, BO, Ctx);
536 case BO_And: return translateBinOp(til::BOP_BitAnd, BO, Ctx);
537 case BO_Xor: return translateBinOp(til::BOP_BitXor, BO, Ctx);
538 case BO_Or: return translateBinOp(til::BOP_BitOr, BO, Ctx);
539 case BO_LAnd: return translateBinOp(til::BOP_LogicAnd, BO, Ctx);
540 case BO_LOr: return translateBinOp(til::BOP_LogicOr, BO, Ctx);
541
542 case BO_Assign: return translateBinAssign(til::BOP_Eq, BO, Ctx, true);
543 case BO_MulAssign: return translateBinAssign(til::BOP_Mul, BO, Ctx);
544 case BO_DivAssign: return translateBinAssign(til::BOP_Div, BO, Ctx);
545 case BO_RemAssign: return translateBinAssign(til::BOP_Rem, BO, Ctx);
546 case BO_AddAssign: return translateBinAssign(til::BOP_Add, BO, Ctx);
547 case BO_SubAssign: return translateBinAssign(til::BOP_Sub, BO, Ctx);
548 case BO_ShlAssign: return translateBinAssign(til::BOP_Shl, BO, Ctx);
549 case BO_ShrAssign: return translateBinAssign(til::BOP_Shr, BO, Ctx);
550 case BO_AndAssign: return translateBinAssign(til::BOP_BitAnd, BO, Ctx);
551 case BO_XorAssign: return translateBinAssign(til::BOP_BitXor, BO, Ctx);
552 case BO_OrAssign: return translateBinAssign(til::BOP_BitOr, BO, Ctx);
553
554 case BO_Comma:
555 // The clang CFG should have already processed both sides.
556 return translate(BO->getRHS(), Ctx);
557 }
558 return new (Arena) til::Undefined(BO);
559 }
560
translateCastExpr(const CastExpr * CE,CallingContext * Ctx)561 til::SExpr *SExprBuilder::translateCastExpr(const CastExpr *CE,
562 CallingContext *Ctx) {
563 CastKind K = CE->getCastKind();
564 switch (K) {
565 case CK_LValueToRValue: {
566 if (const auto *DRE = dyn_cast<DeclRefExpr>(CE->getSubExpr())) {
567 til::SExpr *E0 = lookupVarDecl(DRE->getDecl());
568 if (E0)
569 return E0;
570 }
571 til::SExpr *E0 = translate(CE->getSubExpr(), Ctx);
572 return E0;
573 // FIXME!! -- get Load working properly
574 // return new (Arena) til::Load(E0);
575 }
576 case CK_NoOp:
577 case CK_DerivedToBase:
578 case CK_UncheckedDerivedToBase:
579 case CK_ArrayToPointerDecay:
580 case CK_FunctionToPointerDecay: {
581 til::SExpr *E0 = translate(CE->getSubExpr(), Ctx);
582 return E0;
583 }
584 default: {
585 // FIXME: handle different kinds of casts.
586 til::SExpr *E0 = translate(CE->getSubExpr(), Ctx);
587 if (CapabilityExprMode)
588 return E0;
589 return new (Arena) til::Cast(til::CAST_none, E0);
590 }
591 }
592 }
593
594 til::SExpr *
translateArraySubscriptExpr(const ArraySubscriptExpr * E,CallingContext * Ctx)595 SExprBuilder::translateArraySubscriptExpr(const ArraySubscriptExpr *E,
596 CallingContext *Ctx) {
597 til::SExpr *E0 = translate(E->getBase(), Ctx);
598 til::SExpr *E1 = translate(E->getIdx(), Ctx);
599 return new (Arena) til::ArrayIndex(E0, E1);
600 }
601
602 til::SExpr *
translateAbstractConditionalOperator(const AbstractConditionalOperator * CO,CallingContext * Ctx)603 SExprBuilder::translateAbstractConditionalOperator(
604 const AbstractConditionalOperator *CO, CallingContext *Ctx) {
605 auto *C = translate(CO->getCond(), Ctx);
606 auto *T = translate(CO->getTrueExpr(), Ctx);
607 auto *E = translate(CO->getFalseExpr(), Ctx);
608 return new (Arena) til::IfThenElse(C, T, E);
609 }
610
611 til::SExpr *
translateDeclStmt(const DeclStmt * S,CallingContext * Ctx)612 SExprBuilder::translateDeclStmt(const DeclStmt *S, CallingContext *Ctx) {
613 DeclGroupRef DGrp = S->getDeclGroup();
614 for (auto I : DGrp) {
615 if (auto *VD = dyn_cast_or_null<VarDecl>(I)) {
616 Expr *E = VD->getInit();
617 til::SExpr* SE = translate(E, Ctx);
618
619 // Add local variables with trivial type to the variable map
620 QualType T = VD->getType();
621 if (T.isTrivialType(VD->getASTContext()))
622 return addVarDecl(VD, SE);
623 else {
624 // TODO: add alloca
625 }
626 }
627 }
628 return nullptr;
629 }
630
631 // If (E) is non-trivial, then add it to the current basic block, and
632 // update the statement map so that S refers to E. Returns a new variable
633 // that refers to E.
634 // If E is trivial returns E.
addStatement(til::SExpr * E,const Stmt * S,const ValueDecl * VD)635 til::SExpr *SExprBuilder::addStatement(til::SExpr* E, const Stmt *S,
636 const ValueDecl *VD) {
637 if (!E || !CurrentBB || E->block() || til::ThreadSafetyTIL::isTrivial(E))
638 return E;
639 if (VD)
640 E = new (Arena) til::Variable(E, VD);
641 CurrentInstructions.push_back(E);
642 if (S)
643 insertStmt(S, E);
644 return E;
645 }
646
647 // Returns the current value of VD, if known, and nullptr otherwise.
lookupVarDecl(const ValueDecl * VD)648 til::SExpr *SExprBuilder::lookupVarDecl(const ValueDecl *VD) {
649 auto It = LVarIdxMap.find(VD);
650 if (It != LVarIdxMap.end()) {
651 assert(CurrentLVarMap[It->second].first == VD);
652 return CurrentLVarMap[It->second].second;
653 }
654 return nullptr;
655 }
656
657 // if E is a til::Variable, update its clangDecl.
maybeUpdateVD(til::SExpr * E,const ValueDecl * VD)658 static void maybeUpdateVD(til::SExpr *E, const ValueDecl *VD) {
659 if (!E)
660 return;
661 if (auto *V = dyn_cast<til::Variable>(E)) {
662 if (!V->clangDecl())
663 V->setClangDecl(VD);
664 }
665 }
666
667 // Adds a new variable declaration.
addVarDecl(const ValueDecl * VD,til::SExpr * E)668 til::SExpr *SExprBuilder::addVarDecl(const ValueDecl *VD, til::SExpr *E) {
669 maybeUpdateVD(E, VD);
670 LVarIdxMap.insert(std::make_pair(VD, CurrentLVarMap.size()));
671 CurrentLVarMap.makeWritable();
672 CurrentLVarMap.push_back(std::make_pair(VD, E));
673 return E;
674 }
675
676 // Updates a current variable declaration. (E.g. by assignment)
updateVarDecl(const ValueDecl * VD,til::SExpr * E)677 til::SExpr *SExprBuilder::updateVarDecl(const ValueDecl *VD, til::SExpr *E) {
678 maybeUpdateVD(E, VD);
679 auto It = LVarIdxMap.find(VD);
680 if (It == LVarIdxMap.end()) {
681 til::SExpr *Ptr = new (Arena) til::LiteralPtr(VD);
682 til::SExpr *St = new (Arena) til::Store(Ptr, E);
683 return St;
684 }
685 CurrentLVarMap.makeWritable();
686 CurrentLVarMap.elem(It->second).second = E;
687 return E;
688 }
689
690 // Make a Phi node in the current block for the i^th variable in CurrentVarMap.
691 // If E != null, sets Phi[CurrentBlockInfo->ArgIndex] = E.
692 // If E == null, this is a backedge and will be set later.
makePhiNodeVar(unsigned i,unsigned NPreds,til::SExpr * E)693 void SExprBuilder::makePhiNodeVar(unsigned i, unsigned NPreds, til::SExpr *E) {
694 unsigned ArgIndex = CurrentBlockInfo->ProcessedPredecessors;
695 assert(ArgIndex > 0 && ArgIndex < NPreds);
696
697 til::SExpr *CurrE = CurrentLVarMap[i].second;
698 if (CurrE->block() == CurrentBB) {
699 // We already have a Phi node in the current block,
700 // so just add the new variable to the Phi node.
701 auto *Ph = dyn_cast<til::Phi>(CurrE);
702 assert(Ph && "Expecting Phi node.");
703 if (E)
704 Ph->values()[ArgIndex] = E;
705 return;
706 }
707
708 // Make a new phi node: phi(..., E)
709 // All phi args up to the current index are set to the current value.
710 til::Phi *Ph = new (Arena) til::Phi(Arena, NPreds);
711 Ph->values().setValues(NPreds, nullptr);
712 for (unsigned PIdx = 0; PIdx < ArgIndex; ++PIdx)
713 Ph->values()[PIdx] = CurrE;
714 if (E)
715 Ph->values()[ArgIndex] = E;
716 Ph->setClangDecl(CurrentLVarMap[i].first);
717 // If E is from a back-edge, or either E or CurrE are incomplete, then
718 // mark this node as incomplete; we may need to remove it later.
719 if (!E || isIncompletePhi(E) || isIncompletePhi(CurrE))
720 Ph->setStatus(til::Phi::PH_Incomplete);
721
722 // Add Phi node to current block, and update CurrentLVarMap[i]
723 CurrentArguments.push_back(Ph);
724 if (Ph->status() == til::Phi::PH_Incomplete)
725 IncompleteArgs.push_back(Ph);
726
727 CurrentLVarMap.makeWritable();
728 CurrentLVarMap.elem(i).second = Ph;
729 }
730
731 // Merge values from Map into the current variable map.
732 // This will construct Phi nodes in the current basic block as necessary.
mergeEntryMap(LVarDefinitionMap Map)733 void SExprBuilder::mergeEntryMap(LVarDefinitionMap Map) {
734 assert(CurrentBlockInfo && "Not processing a block!");
735
736 if (!CurrentLVarMap.valid()) {
737 // Steal Map, using copy-on-write.
738 CurrentLVarMap = std::move(Map);
739 return;
740 }
741 if (CurrentLVarMap.sameAs(Map))
742 return; // Easy merge: maps from different predecessors are unchanged.
743
744 unsigned NPreds = CurrentBB->numPredecessors();
745 unsigned ESz = CurrentLVarMap.size();
746 unsigned MSz = Map.size();
747 unsigned Sz = std::min(ESz, MSz);
748
749 for (unsigned i = 0; i < Sz; ++i) {
750 if (CurrentLVarMap[i].first != Map[i].first) {
751 // We've reached the end of variables in common.
752 CurrentLVarMap.makeWritable();
753 CurrentLVarMap.downsize(i);
754 break;
755 }
756 if (CurrentLVarMap[i].second != Map[i].second)
757 makePhiNodeVar(i, NPreds, Map[i].second);
758 }
759 if (ESz > MSz) {
760 CurrentLVarMap.makeWritable();
761 CurrentLVarMap.downsize(Map.size());
762 }
763 }
764
765 // Merge a back edge into the current variable map.
766 // This will create phi nodes for all variables in the variable map.
mergeEntryMapBackEdge()767 void SExprBuilder::mergeEntryMapBackEdge() {
768 // We don't have definitions for variables on the backedge, because we
769 // haven't gotten that far in the CFG. Thus, when encountering a back edge,
770 // we conservatively create Phi nodes for all variables. Unnecessary Phi
771 // nodes will be marked as incomplete, and stripped out at the end.
772 //
773 // An Phi node is unnecessary if it only refers to itself and one other
774 // variable, e.g. x = Phi(y, y, x) can be reduced to x = y.
775
776 assert(CurrentBlockInfo && "Not processing a block!");
777
778 if (CurrentBlockInfo->HasBackEdges)
779 return;
780 CurrentBlockInfo->HasBackEdges = true;
781
782 CurrentLVarMap.makeWritable();
783 unsigned Sz = CurrentLVarMap.size();
784 unsigned NPreds = CurrentBB->numPredecessors();
785
786 for (unsigned i = 0; i < Sz; ++i)
787 makePhiNodeVar(i, NPreds, nullptr);
788 }
789
790 // Update the phi nodes that were initially created for a back edge
791 // once the variable definitions have been computed.
792 // I.e., merge the current variable map into the phi nodes for Blk.
mergePhiNodesBackEdge(const CFGBlock * Blk)793 void SExprBuilder::mergePhiNodesBackEdge(const CFGBlock *Blk) {
794 til::BasicBlock *BB = lookupBlock(Blk);
795 unsigned ArgIndex = BBInfo[Blk->getBlockID()].ProcessedPredecessors;
796 assert(ArgIndex > 0 && ArgIndex < BB->numPredecessors());
797
798 for (til::SExpr *PE : BB->arguments()) {
799 auto *Ph = dyn_cast_or_null<til::Phi>(PE);
800 assert(Ph && "Expecting Phi Node.");
801 assert(Ph->values()[ArgIndex] == nullptr && "Wrong index for back edge.");
802
803 til::SExpr *E = lookupVarDecl(Ph->clangDecl());
804 assert(E && "Couldn't find local variable for Phi node.");
805 Ph->values()[ArgIndex] = E;
806 }
807 }
808
enterCFG(CFG * Cfg,const NamedDecl * D,const CFGBlock * First)809 void SExprBuilder::enterCFG(CFG *Cfg, const NamedDecl *D,
810 const CFGBlock *First) {
811 // Perform initial setup operations.
812 unsigned NBlocks = Cfg->getNumBlockIDs();
813 Scfg = new (Arena) til::SCFG(Arena, NBlocks);
814
815 // allocate all basic blocks immediately, to handle forward references.
816 BBInfo.resize(NBlocks);
817 BlockMap.resize(NBlocks, nullptr);
818 // create map from clang blockID to til::BasicBlocks
819 for (auto *B : *Cfg) {
820 auto *BB = new (Arena) til::BasicBlock(Arena);
821 BB->reserveInstructions(B->size());
822 BlockMap[B->getBlockID()] = BB;
823 }
824
825 CurrentBB = lookupBlock(&Cfg->getEntry());
826 auto Parms = isa<ObjCMethodDecl>(D) ? cast<ObjCMethodDecl>(D)->parameters()
827 : cast<FunctionDecl>(D)->parameters();
828 for (auto *Pm : Parms) {
829 QualType T = Pm->getType();
830 if (!T.isTrivialType(Pm->getASTContext()))
831 continue;
832
833 // Add parameters to local variable map.
834 // FIXME: right now we emulate params with loads; that should be fixed.
835 til::SExpr *Lp = new (Arena) til::LiteralPtr(Pm);
836 til::SExpr *Ld = new (Arena) til::Load(Lp);
837 til::SExpr *V = addStatement(Ld, nullptr, Pm);
838 addVarDecl(Pm, V);
839 }
840 }
841
enterCFGBlock(const CFGBlock * B)842 void SExprBuilder::enterCFGBlock(const CFGBlock *B) {
843 // Initialize TIL basic block and add it to the CFG.
844 CurrentBB = lookupBlock(B);
845 CurrentBB->reservePredecessors(B->pred_size());
846 Scfg->add(CurrentBB);
847
848 CurrentBlockInfo = &BBInfo[B->getBlockID()];
849
850 // CurrentLVarMap is moved to ExitMap on block exit.
851 // FIXME: the entry block will hold function parameters.
852 // assert(!CurrentLVarMap.valid() && "CurrentLVarMap already initialized.");
853 }
854
handlePredecessor(const CFGBlock * Pred)855 void SExprBuilder::handlePredecessor(const CFGBlock *Pred) {
856 // Compute CurrentLVarMap on entry from ExitMaps of predecessors
857
858 CurrentBB->addPredecessor(BlockMap[Pred->getBlockID()]);
859 BlockInfo *PredInfo = &BBInfo[Pred->getBlockID()];
860 assert(PredInfo->UnprocessedSuccessors > 0);
861
862 if (--PredInfo->UnprocessedSuccessors == 0)
863 mergeEntryMap(std::move(PredInfo->ExitMap));
864 else
865 mergeEntryMap(PredInfo->ExitMap.clone());
866
867 ++CurrentBlockInfo->ProcessedPredecessors;
868 }
869
handlePredecessorBackEdge(const CFGBlock * Pred)870 void SExprBuilder::handlePredecessorBackEdge(const CFGBlock *Pred) {
871 mergeEntryMapBackEdge();
872 }
873
enterCFGBlockBody(const CFGBlock * B)874 void SExprBuilder::enterCFGBlockBody(const CFGBlock *B) {
875 // The merge*() methods have created arguments.
876 // Push those arguments onto the basic block.
877 CurrentBB->arguments().reserve(
878 static_cast<unsigned>(CurrentArguments.size()), Arena);
879 for (auto *A : CurrentArguments)
880 CurrentBB->addArgument(A);
881 }
882
handleStatement(const Stmt * S)883 void SExprBuilder::handleStatement(const Stmt *S) {
884 til::SExpr *E = translate(S, nullptr);
885 addStatement(E, S);
886 }
887
handleDestructorCall(const VarDecl * VD,const CXXDestructorDecl * DD)888 void SExprBuilder::handleDestructorCall(const VarDecl *VD,
889 const CXXDestructorDecl *DD) {
890 til::SExpr *Sf = new (Arena) til::LiteralPtr(VD);
891 til::SExpr *Dr = new (Arena) til::LiteralPtr(DD);
892 til::SExpr *Ap = new (Arena) til::Apply(Dr, Sf);
893 til::SExpr *E = new (Arena) til::Call(Ap);
894 addStatement(E, nullptr);
895 }
896
exitCFGBlockBody(const CFGBlock * B)897 void SExprBuilder::exitCFGBlockBody(const CFGBlock *B) {
898 CurrentBB->instructions().reserve(
899 static_cast<unsigned>(CurrentInstructions.size()), Arena);
900 for (auto *V : CurrentInstructions)
901 CurrentBB->addInstruction(V);
902
903 // Create an appropriate terminator
904 unsigned N = B->succ_size();
905 auto It = B->succ_begin();
906 if (N == 1) {
907 til::BasicBlock *BB = *It ? lookupBlock(*It) : nullptr;
908 // TODO: set index
909 unsigned Idx = BB ? BB->findPredecessorIndex(CurrentBB) : 0;
910 auto *Tm = new (Arena) til::Goto(BB, Idx);
911 CurrentBB->setTerminator(Tm);
912 }
913 else if (N == 2) {
914 til::SExpr *C = translate(B->getTerminatorCondition(true), nullptr);
915 til::BasicBlock *BB1 = *It ? lookupBlock(*It) : nullptr;
916 ++It;
917 til::BasicBlock *BB2 = *It ? lookupBlock(*It) : nullptr;
918 // FIXME: make sure these aren't critical edges.
919 auto *Tm = new (Arena) til::Branch(C, BB1, BB2);
920 CurrentBB->setTerminator(Tm);
921 }
922 }
923
handleSuccessor(const CFGBlock * Succ)924 void SExprBuilder::handleSuccessor(const CFGBlock *Succ) {
925 ++CurrentBlockInfo->UnprocessedSuccessors;
926 }
927
handleSuccessorBackEdge(const CFGBlock * Succ)928 void SExprBuilder::handleSuccessorBackEdge(const CFGBlock *Succ) {
929 mergePhiNodesBackEdge(Succ);
930 ++BBInfo[Succ->getBlockID()].ProcessedPredecessors;
931 }
932
exitCFGBlock(const CFGBlock * B)933 void SExprBuilder::exitCFGBlock(const CFGBlock *B) {
934 CurrentArguments.clear();
935 CurrentInstructions.clear();
936 CurrentBlockInfo->ExitMap = std::move(CurrentLVarMap);
937 CurrentBB = nullptr;
938 CurrentBlockInfo = nullptr;
939 }
940
exitCFG(const CFGBlock * Last)941 void SExprBuilder::exitCFG(const CFGBlock *Last) {
942 for (auto *Ph : IncompleteArgs) {
943 if (Ph->status() == til::Phi::PH_Incomplete)
944 simplifyIncompleteArg(Ph);
945 }
946
947 CurrentArguments.clear();
948 CurrentInstructions.clear();
949 IncompleteArgs.clear();
950 }
951
952 /*
953 namespace {
954
955 class TILPrinter :
956 public til::PrettyPrinter<TILPrinter, llvm::raw_ostream> {};
957
958 } // namespace
959
960 namespace clang {
961 namespace threadSafety {
962
963 void printSCFG(CFGWalker &Walker) {
964 llvm::BumpPtrAllocator Bpa;
965 til::MemRegionRef Arena(&Bpa);
966 SExprBuilder SxBuilder(Arena);
967 til::SCFG *Scfg = SxBuilder.buildCFG(Walker);
968 TILPrinter::print(Scfg, llvm::errs());
969 }
970
971 } // namespace threadSafety
972 } // namespace clang
973 */
974