/Users/buildslave/jenkins/workspace/coverage/llvm-project/clang/lib/Analysis/BodyFarm.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | //== BodyFarm.cpp - Factory for conjuring up fake bodies ----------*- C++ -*-// |
2 | | // |
3 | | // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. |
4 | | // See https://llvm.org/LICENSE.txt for license information. |
5 | | // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception |
6 | | // |
7 | | //===----------------------------------------------------------------------===// |
8 | | // |
9 | | // BodyFarm is a factory for creating faux implementations for functions/methods |
10 | | // for analysis purposes. |
11 | | // |
12 | | //===----------------------------------------------------------------------===// |
13 | | |
14 | | #include "clang/Analysis/BodyFarm.h" |
15 | | #include "clang/AST/ASTContext.h" |
16 | | #include "clang/AST/CXXInheritance.h" |
17 | | #include "clang/AST/Decl.h" |
18 | | #include "clang/AST/Expr.h" |
19 | | #include "clang/AST/ExprCXX.h" |
20 | | #include "clang/AST/ExprObjC.h" |
21 | | #include "clang/AST/NestedNameSpecifier.h" |
22 | | #include "clang/Analysis/CodeInjector.h" |
23 | | #include "clang/Basic/OperatorKinds.h" |
24 | | #include "llvm/ADT/StringSwitch.h" |
25 | | #include "llvm/Support/Debug.h" |
26 | | |
27 | | #define DEBUG_TYPE "body-farm" |
28 | | |
29 | | using namespace clang; |
30 | | |
31 | | //===----------------------------------------------------------------------===// |
32 | | // Helper creation functions for constructing faux ASTs. |
33 | | //===----------------------------------------------------------------------===// |
34 | | |
35 | 14 | static bool isDispatchBlock(QualType Ty) { |
36 | | // Is it a block pointer? |
37 | 14 | const BlockPointerType *BPT = Ty->getAs<BlockPointerType>(); |
38 | 14 | if (!BPT) |
39 | 0 | return false; |
40 | | |
41 | | // Check if the block pointer type takes no arguments and |
42 | | // returns void. |
43 | 14 | const FunctionProtoType *FT = |
44 | 14 | BPT->getPointeeType()->getAs<FunctionProtoType>(); |
45 | 14 | return FT && FT->getReturnType()->isVoidType() && FT->getNumParams() == 0; |
46 | 14 | } |
47 | | |
48 | | namespace { |
49 | | class ASTMaker { |
50 | | public: |
51 | 199 | ASTMaker(ASTContext &C) : C(C) {} |
52 | | |
53 | | /// Create a new BinaryOperator representing a simple assignment. |
54 | | BinaryOperator *makeAssignment(const Expr *LHS, const Expr *RHS, QualType Ty); |
55 | | |
56 | | /// Create a new BinaryOperator representing a comparison. |
57 | | BinaryOperator *makeComparison(const Expr *LHS, const Expr *RHS, |
58 | | BinaryOperator::Opcode Op); |
59 | | |
60 | | /// Create a new compound stmt using the provided statements. |
61 | | CompoundStmt *makeCompound(ArrayRef<Stmt*>); |
62 | | |
63 | | /// Create a new DeclRefExpr for the referenced variable. |
64 | | DeclRefExpr *makeDeclRefExpr(const VarDecl *D, |
65 | | bool RefersToEnclosingVariableOrCapture = false); |
66 | | |
67 | | /// Create a new UnaryOperator representing a dereference. |
68 | | UnaryOperator *makeDereference(const Expr *Arg, QualType Ty); |
69 | | |
70 | | /// Create an implicit cast for an integer conversion. |
71 | | Expr *makeIntegralCast(const Expr *Arg, QualType Ty); |
72 | | |
73 | | /// Create an implicit cast to a builtin boolean type. |
74 | | ImplicitCastExpr *makeIntegralCastToBoolean(const Expr *Arg); |
75 | | |
76 | | /// Create an implicit cast for lvalue-to-rvaluate conversions. |
77 | | ImplicitCastExpr *makeLvalueToRvalue(const Expr *Arg, QualType Ty); |
78 | | |
79 | | /// Make RValue out of variable declaration, creating a temporary |
80 | | /// DeclRefExpr in the process. |
81 | | ImplicitCastExpr * |
82 | | makeLvalueToRvalue(const VarDecl *Decl, |
83 | | bool RefersToEnclosingVariableOrCapture = false); |
84 | | |
85 | | /// Create an implicit cast of the given type. |
86 | | ImplicitCastExpr *makeImplicitCast(const Expr *Arg, QualType Ty, |
87 | | CastKind CK = CK_LValueToRValue); |
88 | | |
89 | | /// Create an Objective-C bool literal. |
90 | | ObjCBoolLiteralExpr *makeObjCBool(bool Val); |
91 | | |
92 | | /// Create an Objective-C ivar reference. |
93 | | ObjCIvarRefExpr *makeObjCIvarRef(const Expr *Base, const ObjCIvarDecl *IVar); |
94 | | |
95 | | /// Create a Return statement. |
96 | | ReturnStmt *makeReturn(const Expr *RetVal); |
97 | | |
98 | | /// Create an integer literal expression of the given type. |
99 | | IntegerLiteral *makeIntegerLiteral(uint64_t Value, QualType Ty); |
100 | | |
101 | | /// Create a member expression. |
102 | | MemberExpr *makeMemberExpression(Expr *base, ValueDecl *MemberDecl, |
103 | | bool IsArrow = false, |
104 | | ExprValueKind ValueKind = VK_LValue); |
105 | | |
106 | | /// Returns a *first* member field of a record declaration with a given name. |
107 | | /// \return an nullptr if no member with such a name exists. |
108 | | ValueDecl *findMemberField(const RecordDecl *RD, StringRef Name); |
109 | | |
110 | | private: |
111 | | ASTContext &C; |
112 | | }; |
113 | | } |
114 | | |
115 | | BinaryOperator *ASTMaker::makeAssignment(const Expr *LHS, const Expr *RHS, |
116 | 77 | QualType Ty) { |
117 | 77 | return BinaryOperator::Create( |
118 | 77 | C, const_cast<Expr *>(LHS), const_cast<Expr *>(RHS), BO_Assign, Ty, |
119 | 77 | VK_RValue, OK_Ordinary, SourceLocation(), FPOptionsOverride()); |
120 | 77 | } |
121 | | |
122 | | BinaryOperator *ASTMaker::makeComparison(const Expr *LHS, const Expr *RHS, |
123 | 30 | BinaryOperator::Opcode Op) { |
124 | 30 | assert(BinaryOperator::isLogicalOp(Op) || |
125 | 30 | BinaryOperator::isComparisonOp(Op)); |
126 | 30 | return BinaryOperator::Create( |
127 | 30 | C, const_cast<Expr *>(LHS), const_cast<Expr *>(RHS), Op, |
128 | 30 | C.getLogicalOperationType(), VK_RValue, OK_Ordinary, SourceLocation(), |
129 | 30 | FPOptionsOverride()); |
130 | 30 | } |
131 | | |
132 | 77 | CompoundStmt *ASTMaker::makeCompound(ArrayRef<Stmt *> Stmts) { |
133 | 77 | return CompoundStmt::Create(C, Stmts, SourceLocation(), SourceLocation()); |
134 | 77 | } |
135 | | |
136 | | DeclRefExpr *ASTMaker::makeDeclRefExpr( |
137 | | const VarDecl *D, |
138 | 303 | bool RefersToEnclosingVariableOrCapture) { |
139 | 303 | QualType Type = D->getType().getNonReferenceType(); |
140 | | |
141 | 303 | DeclRefExpr *DR = DeclRefExpr::Create( |
142 | 303 | C, NestedNameSpecifierLoc(), SourceLocation(), const_cast<VarDecl *>(D), |
143 | 303 | RefersToEnclosingVariableOrCapture, SourceLocation(), Type, VK_LValue); |
144 | 303 | return DR; |
145 | 303 | } |
146 | | |
147 | 60 | UnaryOperator *ASTMaker::makeDereference(const Expr *Arg, QualType Ty) { |
148 | 60 | return UnaryOperator::Create(C, const_cast<Expr *>(Arg), UO_Deref, Ty, |
149 | 60 | VK_LValue, OK_Ordinary, SourceLocation(), |
150 | 60 | /*CanOverflow*/ false, FPOptionsOverride()); |
151 | 60 | } |
152 | | |
153 | 332 | ImplicitCastExpr *ASTMaker::makeLvalueToRvalue(const Expr *Arg, QualType Ty) { |
154 | 332 | return makeImplicitCast(Arg, Ty, CK_LValueToRValue); |
155 | 332 | } |
156 | | |
157 | | ImplicitCastExpr * |
158 | | ASTMaker::makeLvalueToRvalue(const VarDecl *Arg, |
159 | 10 | bool RefersToEnclosingVariableOrCapture) { |
160 | 10 | QualType Type = Arg->getType().getNonReferenceType(); |
161 | 10 | return makeLvalueToRvalue(makeDeclRefExpr(Arg, |
162 | 10 | RefersToEnclosingVariableOrCapture), |
163 | 10 | Type); |
164 | 10 | } |
165 | | |
166 | | ImplicitCastExpr *ASTMaker::makeImplicitCast(const Expr *Arg, QualType Ty, |
167 | 465 | CastKind CK) { |
168 | 465 | return ImplicitCastExpr::Create(C, Ty, |
169 | 465 | /* CastKind=*/CK, |
170 | 465 | /* Expr=*/const_cast<Expr *>(Arg), |
171 | 465 | /* CXXCastPath=*/nullptr, |
172 | 465 | /* ExprValueKind=*/VK_RValue, |
173 | 465 | /* FPFeatures */ FPOptionsOverride()); |
174 | 465 | } |
175 | | |
176 | 71 | Expr *ASTMaker::makeIntegralCast(const Expr *Arg, QualType Ty) { |
177 | 71 | if (Arg->getType() == Ty) |
178 | 24 | return const_cast<Expr*>(Arg); |
179 | 47 | return makeImplicitCast(Arg, Ty, CK_IntegralCast); |
180 | 47 | } |
181 | | |
182 | 26 | ImplicitCastExpr *ASTMaker::makeIntegralCastToBoolean(const Expr *Arg) { |
183 | 26 | return makeImplicitCast(Arg, C.BoolTy, CK_IntegralToBoolean); |
184 | 26 | } |
185 | | |
186 | 40 | ObjCBoolLiteralExpr *ASTMaker::makeObjCBool(bool Val) { |
187 | 40 | QualType Ty = C.getBOOLDecl() ? C.getBOOLType()0 : C.ObjCBuiltinBoolTy; |
188 | 40 | return new (C) ObjCBoolLiteralExpr(Val, Ty, SourceLocation()); |
189 | 40 | } |
190 | | |
191 | | ObjCIvarRefExpr *ASTMaker::makeObjCIvarRef(const Expr *Base, |
192 | 56 | const ObjCIvarDecl *IVar) { |
193 | 56 | return new (C) ObjCIvarRefExpr(const_cast<ObjCIvarDecl*>(IVar), |
194 | 56 | IVar->getType(), SourceLocation(), |
195 | 56 | SourceLocation(), const_cast<Expr*>(Base), |
196 | 56 | /*arrow=*/true, /*free=*/false); |
197 | 56 | } |
198 | | |
199 | 100 | ReturnStmt *ASTMaker::makeReturn(const Expr *RetVal) { |
200 | 100 | return ReturnStmt::Create(C, SourceLocation(), const_cast<Expr *>(RetVal), |
201 | 100 | /* NRVOCandidate=*/nullptr); |
202 | 100 | } |
203 | | |
204 | 57 | IntegerLiteral *ASTMaker::makeIntegerLiteral(uint64_t Value, QualType Ty) { |
205 | 57 | llvm::APInt APValue = llvm::APInt(C.getTypeSize(Ty), Value); |
206 | 57 | return IntegerLiteral::Create(C, APValue, Ty, SourceLocation()); |
207 | 57 | } |
208 | | |
209 | | MemberExpr *ASTMaker::makeMemberExpression(Expr *base, ValueDecl *MemberDecl, |
210 | | bool IsArrow, |
211 | 47 | ExprValueKind ValueKind) { |
212 | | |
213 | 47 | DeclAccessPair FoundDecl = DeclAccessPair::make(MemberDecl, AS_public); |
214 | 47 | return MemberExpr::Create( |
215 | 47 | C, base, IsArrow, SourceLocation(), NestedNameSpecifierLoc(), |
216 | 47 | SourceLocation(), MemberDecl, FoundDecl, |
217 | 47 | DeclarationNameInfo(MemberDecl->getDeclName(), SourceLocation()), |
218 | 47 | /* TemplateArgumentListInfo=*/ nullptr, MemberDecl->getType(), ValueKind, |
219 | 47 | OK_Ordinary, NOUR_None); |
220 | 47 | } |
221 | | |
222 | 80 | ValueDecl *ASTMaker::findMemberField(const RecordDecl *RD, StringRef Name) { |
223 | | |
224 | 80 | CXXBasePaths Paths( |
225 | 80 | /* FindAmbiguities=*/false, |
226 | 80 | /* RecordPaths=*/false, |
227 | 80 | /* DetectVirtual=*/ false); |
228 | 80 | const IdentifierInfo &II = C.Idents.get(Name); |
229 | 80 | DeclarationName DeclName = C.DeclarationNames.getIdentifier(&II); |
230 | | |
231 | 80 | DeclContextLookupResult Decls = RD->lookup(DeclName); |
232 | 80 | for (NamedDecl *FoundDecl : Decls) |
233 | 53 | if (!FoundDecl->getDeclContext()->isFunctionOrMethod()) |
234 | 53 | return cast<ValueDecl>(FoundDecl); |
235 | | |
236 | 27 | return nullptr; |
237 | 80 | } |
238 | | |
239 | | //===----------------------------------------------------------------------===// |
240 | | // Creation functions for faux ASTs. |
241 | | //===----------------------------------------------------------------------===// |
242 | | |
243 | | typedef Stmt *(*FunctionFarmer)(ASTContext &C, const FunctionDecl *D); |
244 | | |
245 | | static CallExpr *create_call_once_funcptr_call(ASTContext &C, ASTMaker M, |
246 | | const ParmVarDecl *Callback, |
247 | 15 | ArrayRef<Expr *> CallArgs) { |
248 | | |
249 | 15 | QualType Ty = Callback->getType(); |
250 | 15 | DeclRefExpr *Call = M.makeDeclRefExpr(Callback); |
251 | 15 | Expr *SubExpr; |
252 | 15 | if (Ty->isRValueReferenceType()) { |
253 | 11 | SubExpr = M.makeImplicitCast( |
254 | 11 | Call, Ty.getNonReferenceType(), CK_LValueToRValue); |
255 | 4 | } else if (Ty->isLValueReferenceType() && |
256 | 4 | Call->getType()->isFunctionType()) { |
257 | 2 | Ty = C.getPointerType(Ty.getNonReferenceType()); |
258 | 2 | SubExpr = M.makeImplicitCast(Call, Ty, CK_FunctionToPointerDecay); |
259 | 2 | } else if (Ty->isLValueReferenceType() |
260 | 2 | && Call->getType()->isPointerType() |
261 | 2 | && Call->getType()->getPointeeType()->isFunctionType()){ |
262 | 2 | SubExpr = Call; |
263 | 0 | } else { |
264 | 0 | llvm_unreachable("Unexpected state"); |
265 | 0 | } |
266 | | |
267 | 15 | return CallExpr::Create(C, SubExpr, CallArgs, C.VoidTy, VK_RValue, |
268 | 15 | SourceLocation(), FPOptionsOverride()); |
269 | 15 | } |
270 | | |
271 | | static CallExpr *create_call_once_lambda_call(ASTContext &C, ASTMaker M, |
272 | | const ParmVarDecl *Callback, |
273 | | CXXRecordDecl *CallbackDecl, |
274 | 32 | ArrayRef<Expr *> CallArgs) { |
275 | 32 | assert(CallbackDecl != nullptr); |
276 | 32 | assert(CallbackDecl->isLambda()); |
277 | 32 | FunctionDecl *callOperatorDecl = CallbackDecl->getLambdaCallOperator(); |
278 | 32 | assert(callOperatorDecl != nullptr); |
279 | | |
280 | 32 | DeclRefExpr *callOperatorDeclRef = |
281 | 32 | DeclRefExpr::Create(/* Ctx =*/ C, |
282 | 32 | /* QualifierLoc =*/ NestedNameSpecifierLoc(), |
283 | 32 | /* TemplateKWLoc =*/ SourceLocation(), |
284 | 32 | const_cast<FunctionDecl *>(callOperatorDecl), |
285 | 32 | /* RefersToEnclosingVariableOrCapture=*/ false, |
286 | 32 | /* NameLoc =*/ SourceLocation(), |
287 | 32 | /* T =*/ callOperatorDecl->getType(), |
288 | 32 | /* VK =*/ VK_LValue); |
289 | | |
290 | 32 | return CXXOperatorCallExpr::Create( |
291 | 32 | /*AstContext=*/C, OO_Call, callOperatorDeclRef, |
292 | 32 | /*Args=*/CallArgs, |
293 | 32 | /*QualType=*/C.VoidTy, |
294 | 32 | /*ExprValueType=*/VK_RValue, |
295 | 32 | /*SourceLocation=*/SourceLocation(), |
296 | 32 | /*FPFeatures=*/FPOptionsOverride()); |
297 | 32 | } |
298 | | |
299 | | /// Create a fake body for std::call_once. |
300 | | /// Emulates the following function body: |
301 | | /// |
302 | | /// \code |
303 | | /// typedef struct once_flag_s { |
304 | | /// unsigned long __state = 0; |
305 | | /// } once_flag; |
306 | | /// template<class Callable> |
307 | | /// void call_once(once_flag& o, Callable func) { |
308 | | /// if (!o.__state) { |
309 | | /// func(); |
310 | | /// } |
311 | | /// o.__state = 1; |
312 | | /// } |
313 | | /// \endcode |
314 | 105 | static Stmt *create_call_once(ASTContext &C, const FunctionDecl *D) { |
315 | 105 | LLVM_DEBUG(llvm::dbgs() << "Generating body for call_once\n"); |
316 | | |
317 | | // We need at least two parameters. |
318 | 105 | if (D->param_size() < 2) |
319 | 0 | return nullptr; |
320 | | |
321 | 105 | ASTMaker M(C); |
322 | | |
323 | 105 | const ParmVarDecl *Flag = D->getParamDecl(0); |
324 | 105 | const ParmVarDecl *Callback = D->getParamDecl(1); |
325 | | |
326 | 105 | if (!Callback->getType()->isReferenceType()) { |
327 | 52 | llvm::dbgs() << "libcxx03 std::call_once implementation, skipping.\n"; |
328 | 52 | return nullptr; |
329 | 52 | } |
330 | 53 | if (!Flag->getType()->isReferenceType()) { |
331 | 0 | llvm::dbgs() << "unknown std::call_once implementation, skipping.\n"; |
332 | 0 | return nullptr; |
333 | 0 | } |
334 | | |
335 | 53 | QualType CallbackType = Callback->getType().getNonReferenceType(); |
336 | | |
337 | | // Nullable pointer, non-null iff function is a CXXRecordDecl. |
338 | 53 | CXXRecordDecl *CallbackRecordDecl = CallbackType->getAsCXXRecordDecl(); |
339 | 53 | QualType FlagType = Flag->getType().getNonReferenceType(); |
340 | 53 | auto *FlagRecordDecl = FlagType->getAsRecordDecl(); |
341 | | |
342 | 53 | if (!FlagRecordDecl) { |
343 | 0 | LLVM_DEBUG(llvm::dbgs() << "Flag field is not a record: " |
344 | 0 | << "unknown std::call_once implementation, " |
345 | 0 | << "ignoring the call.\n"); |
346 | 0 | return nullptr; |
347 | 0 | } |
348 | | |
349 | | // We initially assume libc++ implementation of call_once, |
350 | | // where the once_flag struct has a field `__state_`. |
351 | 53 | ValueDecl *FlagFieldDecl = M.findMemberField(FlagRecordDecl, "__state_"); |
352 | | |
353 | | // Otherwise, try libstdc++ implementation, with a field |
354 | | // `_M_once` |
355 | 53 | if (!FlagFieldDecl) { |
356 | 27 | FlagFieldDecl = M.findMemberField(FlagRecordDecl, "_M_once"); |
357 | 27 | } |
358 | | |
359 | 53 | if (!FlagFieldDecl) { |
360 | 0 | LLVM_DEBUG(llvm::dbgs() << "No field _M_once or __state_ found on " |
361 | 0 | << "std::once_flag struct: unknown std::call_once " |
362 | 0 | << "implementation, ignoring the call."); |
363 | 0 | return nullptr; |
364 | 0 | } |
365 | | |
366 | 53 | bool isLambdaCall = CallbackRecordDecl && CallbackRecordDecl->isLambda()34 ; |
367 | 53 | if (CallbackRecordDecl && !isLambdaCall34 ) { |
368 | 2 | LLVM_DEBUG(llvm::dbgs() |
369 | 2 | << "Not supported: synthesizing body for functors when " |
370 | 2 | << "body farming std::call_once, ignoring the call."); |
371 | 2 | return nullptr; |
372 | 2 | } |
373 | | |
374 | 51 | SmallVector<Expr *, 5> CallArgs; |
375 | 51 | const FunctionProtoType *CallbackFunctionType; |
376 | 51 | if (isLambdaCall) { |
377 | | |
378 | | // Lambda requires callback itself inserted as a first parameter. |
379 | 32 | CallArgs.push_back( |
380 | 32 | M.makeDeclRefExpr(Callback, |
381 | 32 | /* RefersToEnclosingVariableOrCapture=*/ true)); |
382 | 32 | CallbackFunctionType = CallbackRecordDecl->getLambdaCallOperator() |
383 | 32 | ->getType() |
384 | 32 | ->getAs<FunctionProtoType>(); |
385 | 19 | } else if (!CallbackType->getPointeeType().isNull()) { |
386 | 13 | CallbackFunctionType = |
387 | 13 | CallbackType->getPointeeType()->getAs<FunctionProtoType>(); |
388 | 6 | } else { |
389 | 6 | CallbackFunctionType = CallbackType->getAs<FunctionProtoType>(); |
390 | 6 | } |
391 | | |
392 | 51 | if (!CallbackFunctionType) |
393 | 0 | return nullptr; |
394 | | |
395 | | // First two arguments are used for the flag and for the callback. |
396 | 51 | if (D->getNumParams() != CallbackFunctionType->getNumParams() + 2) { |
397 | 0 | LLVM_DEBUG(llvm::dbgs() << "Types of params of the callback do not match " |
398 | 0 | << "params passed to std::call_once, " |
399 | 0 | << "ignoring the call\n"); |
400 | 0 | return nullptr; |
401 | 0 | } |
402 | | |
403 | | // All arguments past first two ones are passed to the callback, |
404 | | // and we turn lvalues into rvalues if the argument is not passed by |
405 | | // reference. |
406 | 90 | for (unsigned int ParamIdx = 2; 51 ParamIdx < D->getNumParams(); ParamIdx++39 ) { |
407 | 43 | const ParmVarDecl *PDecl = D->getParamDecl(ParamIdx); |
408 | 43 | assert(PDecl); |
409 | 43 | if (CallbackFunctionType->getParamType(ParamIdx - 2) |
410 | 43 | .getNonReferenceType() |
411 | 43 | .getCanonicalType() != |
412 | 4 | PDecl->getType().getNonReferenceType().getCanonicalType()) { |
413 | 4 | LLVM_DEBUG(llvm::dbgs() << "Types of params of the callback do not match " |
414 | 4 | << "params passed to std::call_once, " |
415 | 4 | << "ignoring the call\n"); |
416 | 4 | return nullptr; |
417 | 4 | } |
418 | 39 | Expr *ParamExpr = M.makeDeclRefExpr(PDecl); |
419 | 39 | if (!CallbackFunctionType->getParamType(ParamIdx - 2)->isReferenceType()) { |
420 | 31 | QualType PTy = PDecl->getType().getNonReferenceType(); |
421 | 31 | ParamExpr = M.makeLvalueToRvalue(ParamExpr, PTy); |
422 | 31 | } |
423 | 39 | CallArgs.push_back(ParamExpr); |
424 | 39 | } |
425 | | |
426 | 47 | CallExpr *CallbackCall; |
427 | 47 | if (isLambdaCall) { |
428 | | |
429 | 32 | CallbackCall = create_call_once_lambda_call(C, M, Callback, |
430 | 32 | CallbackRecordDecl, CallArgs); |
431 | 15 | } else { |
432 | | |
433 | | // Function pointer case. |
434 | 15 | CallbackCall = create_call_once_funcptr_call(C, M, Callback, CallArgs); |
435 | 15 | } |
436 | | |
437 | 47 | DeclRefExpr *FlagDecl = |
438 | 47 | M.makeDeclRefExpr(Flag, |
439 | 47 | /* RefersToEnclosingVariableOrCapture=*/true); |
440 | | |
441 | | |
442 | 47 | MemberExpr *Deref = M.makeMemberExpression(FlagDecl, FlagFieldDecl); |
443 | 47 | assert(Deref->isLValue()); |
444 | 47 | QualType DerefType = Deref->getType(); |
445 | | |
446 | | // Negation predicate. |
447 | 47 | UnaryOperator *FlagCheck = UnaryOperator::Create( |
448 | 47 | C, |
449 | | /* input=*/ |
450 | 47 | M.makeImplicitCast(M.makeLvalueToRvalue(Deref, DerefType), DerefType, |
451 | 47 | CK_IntegralToBoolean), |
452 | 47 | /* opc=*/UO_LNot, |
453 | 47 | /* QualType=*/C.IntTy, |
454 | 47 | /* ExprValueKind=*/VK_RValue, |
455 | 47 | /* ExprObjectKind=*/OK_Ordinary, SourceLocation(), |
456 | 47 | /* CanOverflow*/ false, FPOptionsOverride()); |
457 | | |
458 | | // Create assignment. |
459 | 47 | BinaryOperator *FlagAssignment = M.makeAssignment( |
460 | 47 | Deref, M.makeIntegralCast(M.makeIntegerLiteral(1, C.IntTy), DerefType), |
461 | 47 | DerefType); |
462 | | |
463 | 47 | auto *Out = |
464 | 47 | IfStmt::Create(C, SourceLocation(), |
465 | 47 | /* IsConstexpr=*/false, |
466 | 47 | /* Init=*/nullptr, |
467 | 47 | /* Var=*/nullptr, |
468 | 47 | /* Cond=*/FlagCheck, |
469 | 47 | /* LPL=*/SourceLocation(), |
470 | 47 | /* RPL=*/SourceLocation(), |
471 | 47 | /* Then=*/M.makeCompound({CallbackCall, FlagAssignment})); |
472 | | |
473 | 47 | return Out; |
474 | 51 | } |
475 | | |
476 | | /// Create a fake body for dispatch_once. |
477 | 10 | static Stmt *create_dispatch_once(ASTContext &C, const FunctionDecl *D) { |
478 | | // Check if we have at least two parameters. |
479 | 10 | if (D->param_size() != 2) |
480 | 0 | return nullptr; |
481 | | |
482 | | // Check if the first parameter is a pointer to integer type. |
483 | 10 | const ParmVarDecl *Predicate = D->getParamDecl(0); |
484 | 10 | QualType PredicateQPtrTy = Predicate->getType(); |
485 | 10 | const PointerType *PredicatePtrTy = PredicateQPtrTy->getAs<PointerType>(); |
486 | 10 | if (!PredicatePtrTy) |
487 | 0 | return nullptr; |
488 | 10 | QualType PredicateTy = PredicatePtrTy->getPointeeType(); |
489 | 10 | if (!PredicateTy->isIntegerType()) |
490 | 0 | return nullptr; |
491 | | |
492 | | // Check if the second parameter is the proper block type. |
493 | 10 | const ParmVarDecl *Block = D->getParamDecl(1); |
494 | 10 | QualType Ty = Block->getType(); |
495 | 10 | if (!isDispatchBlock(Ty)) |
496 | 0 | return nullptr; |
497 | | |
498 | | // Everything checks out. Create a fakse body that checks the predicate, |
499 | | // sets it, and calls the block. Basically, an AST dump of: |
500 | | // |
501 | | // void dispatch_once(dispatch_once_t *predicate, dispatch_block_t block) { |
502 | | // if (*predicate != ~0l) { |
503 | | // *predicate = ~0l; |
504 | | // block(); |
505 | | // } |
506 | | // } |
507 | | |
508 | 10 | ASTMaker M(C); |
509 | | |
510 | | // (1) Create the call. |
511 | 10 | CallExpr *CE = CallExpr::Create( |
512 | 10 | /*ASTContext=*/C, |
513 | 10 | /*StmtClass=*/M.makeLvalueToRvalue(/*Expr=*/Block), |
514 | 10 | /*Args=*/None, |
515 | 10 | /*QualType=*/C.VoidTy, |
516 | 10 | /*ExprValueType=*/VK_RValue, |
517 | 10 | /*SourceLocation=*/SourceLocation(), FPOptionsOverride()); |
518 | | |
519 | | // (2) Create the assignment to the predicate. |
520 | 10 | Expr *DoneValue = |
521 | 10 | UnaryOperator::Create(C, M.makeIntegerLiteral(0, C.LongTy), UO_Not, |
522 | 10 | C.LongTy, VK_RValue, OK_Ordinary, SourceLocation(), |
523 | 10 | /*CanOverflow*/ false, FPOptionsOverride()); |
524 | | |
525 | 10 | BinaryOperator *B = |
526 | 10 | M.makeAssignment( |
527 | 10 | M.makeDereference( |
528 | 10 | M.makeLvalueToRvalue( |
529 | 10 | M.makeDeclRefExpr(Predicate), PredicateQPtrTy), |
530 | 10 | PredicateTy), |
531 | 10 | M.makeIntegralCast(DoneValue, PredicateTy), |
532 | 10 | PredicateTy); |
533 | | |
534 | | // (3) Create the compound statement. |
535 | 10 | Stmt *Stmts[] = { B, CE }; |
536 | 10 | CompoundStmt *CS = M.makeCompound(Stmts); |
537 | | |
538 | | // (4) Create the 'if' condition. |
539 | 10 | ImplicitCastExpr *LValToRval = |
540 | 10 | M.makeLvalueToRvalue( |
541 | 10 | M.makeDereference( |
542 | 10 | M.makeLvalueToRvalue( |
543 | 10 | M.makeDeclRefExpr(Predicate), |
544 | 10 | PredicateQPtrTy), |
545 | 10 | PredicateTy), |
546 | 10 | PredicateTy); |
547 | | |
548 | 10 | Expr *GuardCondition = M.makeComparison(LValToRval, DoneValue, BO_NE); |
549 | | // (5) Create the 'if' statement. |
550 | 10 | auto *If = IfStmt::Create(C, SourceLocation(), |
551 | 10 | /* IsConstexpr=*/false, |
552 | 10 | /* Init=*/nullptr, |
553 | 10 | /* Var=*/nullptr, |
554 | 10 | /* Cond=*/GuardCondition, |
555 | 10 | /* LPL=*/SourceLocation(), |
556 | 10 | /* RPL=*/SourceLocation(), |
557 | 10 | /* Then=*/CS); |
558 | 10 | return If; |
559 | 10 | } |
560 | | |
561 | | /// Create a fake body for dispatch_sync. |
562 | 4 | static Stmt *create_dispatch_sync(ASTContext &C, const FunctionDecl *D) { |
563 | | // Check if we have at least two parameters. |
564 | 4 | if (D->param_size() != 2) |
565 | 0 | return nullptr; |
566 | | |
567 | | // Check if the second parameter is a block. |
568 | 4 | const ParmVarDecl *PV = D->getParamDecl(1); |
569 | 4 | QualType Ty = PV->getType(); |
570 | 4 | if (!isDispatchBlock(Ty)) |
571 | 0 | return nullptr; |
572 | | |
573 | | // Everything checks out. Create a fake body that just calls the block. |
574 | | // This is basically just an AST dump of: |
575 | | // |
576 | | // void dispatch_sync(dispatch_queue_t queue, void (^block)(void)) { |
577 | | // block(); |
578 | | // } |
579 | | // |
580 | 4 | ASTMaker M(C); |
581 | 4 | DeclRefExpr *DR = M.makeDeclRefExpr(PV); |
582 | 4 | ImplicitCastExpr *ICE = M.makeLvalueToRvalue(DR, Ty); |
583 | 4 | CallExpr *CE = CallExpr::Create(C, ICE, None, C.VoidTy, VK_RValue, |
584 | 4 | SourceLocation(), FPOptionsOverride()); |
585 | 4 | return CE; |
586 | 4 | } |
587 | | |
588 | | static Stmt *create_OSAtomicCompareAndSwap(ASTContext &C, const FunctionDecl *D) |
589 | 22 | { |
590 | | // There are exactly 3 arguments. |
591 | 22 | if (D->param_size() != 3) |
592 | 2 | return nullptr; |
593 | | |
594 | | // Signature: |
595 | | // _Bool OSAtomicCompareAndSwapPtr(void *__oldValue, |
596 | | // void *__newValue, |
597 | | // void * volatile *__theValue) |
598 | | // Generate body: |
599 | | // if (oldValue == *theValue) { |
600 | | // *theValue = newValue; |
601 | | // return YES; |
602 | | // } |
603 | | // else return NO; |
604 | | |
605 | 20 | QualType ResultTy = D->getReturnType(); |
606 | 20 | bool isBoolean = ResultTy->isBooleanType(); |
607 | 20 | if (!isBoolean && !ResultTy->isIntegralType(C)7 ) |
608 | 0 | return nullptr; |
609 | | |
610 | 20 | const ParmVarDecl *OldValue = D->getParamDecl(0); |
611 | 20 | QualType OldValueTy = OldValue->getType(); |
612 | | |
613 | 20 | const ParmVarDecl *NewValue = D->getParamDecl(1); |
614 | 20 | QualType NewValueTy = NewValue->getType(); |
615 | | |
616 | 20 | assert(OldValueTy == NewValueTy); |
617 | | |
618 | 20 | const ParmVarDecl *TheValue = D->getParamDecl(2); |
619 | 20 | QualType TheValueTy = TheValue->getType(); |
620 | 20 | const PointerType *PT = TheValueTy->getAs<PointerType>(); |
621 | 20 | if (!PT) |
622 | 0 | return nullptr; |
623 | 20 | QualType PointeeTy = PT->getPointeeType(); |
624 | | |
625 | 20 | ASTMaker M(C); |
626 | | // Construct the comparison. |
627 | 20 | Expr *Comparison = |
628 | 20 | M.makeComparison( |
629 | 20 | M.makeLvalueToRvalue(M.makeDeclRefExpr(OldValue), OldValueTy), |
630 | 20 | M.makeLvalueToRvalue( |
631 | 20 | M.makeDereference( |
632 | 20 | M.makeLvalueToRvalue(M.makeDeclRefExpr(TheValue), TheValueTy), |
633 | 20 | PointeeTy), |
634 | 20 | PointeeTy), |
635 | 20 | BO_EQ); |
636 | | |
637 | | // Construct the body of the IfStmt. |
638 | 20 | Stmt *Stmts[2]; |
639 | 20 | Stmts[0] = |
640 | 20 | M.makeAssignment( |
641 | 20 | M.makeDereference( |
642 | 20 | M.makeLvalueToRvalue(M.makeDeclRefExpr(TheValue), TheValueTy), |
643 | 20 | PointeeTy), |
644 | 20 | M.makeLvalueToRvalue(M.makeDeclRefExpr(NewValue), NewValueTy), |
645 | 20 | NewValueTy); |
646 | | |
647 | 20 | Expr *BoolVal = M.makeObjCBool(true); |
648 | 13 | Expr *RetVal = isBoolean ? M.makeIntegralCastToBoolean(BoolVal) |
649 | 7 | : M.makeIntegralCast(BoolVal, ResultTy); |
650 | 20 | Stmts[1] = M.makeReturn(RetVal); |
651 | 20 | CompoundStmt *Body = M.makeCompound(Stmts); |
652 | | |
653 | | // Construct the else clause. |
654 | 20 | BoolVal = M.makeObjCBool(false); |
655 | 13 | RetVal = isBoolean ? M.makeIntegralCastToBoolean(BoolVal) |
656 | 7 | : M.makeIntegralCast(BoolVal, ResultTy); |
657 | 20 | Stmt *Else = M.makeReturn(RetVal); |
658 | | |
659 | | /// Construct the If. |
660 | 20 | auto *If = |
661 | 20 | IfStmt::Create(C, SourceLocation(), |
662 | 20 | /* IsConstexpr=*/false, |
663 | 20 | /* Init=*/nullptr, |
664 | 20 | /* Var=*/nullptr, Comparison, |
665 | 20 | /* LPL=*/SourceLocation(), |
666 | 20 | /* RPL=*/SourceLocation(), Body, SourceLocation(), Else); |
667 | | |
668 | 20 | return If; |
669 | 20 | } |
670 | | |
671 | 3.67M | Stmt *BodyFarm::getBody(const FunctionDecl *D) { |
672 | 3.67M | Optional<Stmt *> &Val = Bodies[D]; |
673 | 3.67M | if (Val.hasValue()) |
674 | 3.65M | return Val.getValue(); |
675 | | |
676 | 22.6k | Val = nullptr; |
677 | | |
678 | 22.6k | if (D->getIdentifier() == nullptr) |
679 | 5.28k | return nullptr; |
680 | | |
681 | 17.3k | StringRef Name = D->getName(); |
682 | 17.3k | if (Name.empty()) |
683 | 0 | return nullptr; |
684 | | |
685 | 17.3k | FunctionFarmer FF; |
686 | | |
687 | 17.3k | if (Name.startswith("OSAtomicCompareAndSwap") || |
688 | 17.3k | Name.startswith("objc_atomicCompareAndSwap")) { |
689 | 22 | FF = create_OSAtomicCompareAndSwap; |
690 | 17.3k | } else if (Name == "call_once" && D->getDeclContext()->isStdNamespace()109 ) { |
691 | 105 | FF = create_call_once; |
692 | 17.2k | } else { |
693 | 17.2k | FF = llvm::StringSwitch<FunctionFarmer>(Name) |
694 | 17.2k | .Case("dispatch_sync", create_dispatch_sync) |
695 | 17.2k | .Case("dispatch_once", create_dispatch_once) |
696 | 17.2k | .Default(nullptr); |
697 | 17.2k | } |
698 | | |
699 | 17.3k | if (FF) { Val = FF(C, D); }141 |
700 | 17.2k | else if (Injector) { Val = Injector->getBody(D); } |
701 | 17.3k | return Val.getValue(); |
702 | 17.3k | } |
703 | | |
704 | 74 | static const ObjCIvarDecl *findBackingIvar(const ObjCPropertyDecl *Prop) { |
705 | 74 | const ObjCIvarDecl *IVar = Prop->getPropertyIvarDecl(); |
706 | | |
707 | 74 | if (IVar) |
708 | 51 | return IVar; |
709 | | |
710 | | // When a readonly property is shadowed in a class extensions with a |
711 | | // a readwrite property, the instance variable belongs to the shadowing |
712 | | // property rather than the shadowed property. If there is no instance |
713 | | // variable on a readonly property, check to see whether the property is |
714 | | // shadowed and if so try to get the instance variable from shadowing |
715 | | // property. |
716 | 23 | if (!Prop->isReadOnly()) |
717 | 11 | return nullptr; |
718 | | |
719 | 12 | auto *Container = cast<ObjCContainerDecl>(Prop->getDeclContext()); |
720 | 12 | const ObjCInterfaceDecl *PrimaryInterface = nullptr; |
721 | 12 | if (auto *InterfaceDecl = dyn_cast<ObjCInterfaceDecl>(Container)) { |
722 | 12 | PrimaryInterface = InterfaceDecl; |
723 | 0 | } else if (auto *CategoryDecl = dyn_cast<ObjCCategoryDecl>(Container)) { |
724 | 0 | PrimaryInterface = CategoryDecl->getClassInterface(); |
725 | 0 | } else if (auto *ImplDecl = dyn_cast<ObjCImplDecl>(Container)) { |
726 | 0 | PrimaryInterface = ImplDecl->getClassInterface(); |
727 | 0 | } else { |
728 | 0 | return nullptr; |
729 | 0 | } |
730 | | |
731 | | // FindPropertyVisibleInPrimaryClass() looks first in class extensions, so it |
732 | | // is guaranteed to find the shadowing property, if it exists, rather than |
733 | | // the shadowed property. |
734 | 12 | auto *ShadowingProp = PrimaryInterface->FindPropertyVisibleInPrimaryClass( |
735 | 12 | Prop->getIdentifier(), Prop->getQueryKind()); |
736 | 12 | if (ShadowingProp && ShadowingProp != Prop) { |
737 | 3 | IVar = ShadowingProp->getPropertyIvarDecl(); |
738 | 3 | } |
739 | | |
740 | 12 | return IVar; |
741 | 12 | } |
742 | | |
743 | | static Stmt *createObjCPropertyGetter(ASTContext &Ctx, |
744 | 80 | const ObjCMethodDecl *MD) { |
745 | | // First, find the backing ivar. |
746 | 80 | const ObjCIvarDecl *IVar = nullptr; |
747 | | |
748 | | // Property accessor stubs sometimes do not correspond to any property decl |
749 | | // in the current interface (but in a superclass). They still have a |
750 | | // corresponding property impl decl in this case. |
751 | 80 | if (MD->isSynthesizedAccessorStub()) { |
752 | 6 | const ObjCInterfaceDecl *IntD = MD->getClassInterface(); |
753 | 6 | const ObjCImplementationDecl *ImpD = IntD->getImplementation(); |
754 | 10 | for (const auto *PI: ImpD->property_impls()) { |
755 | 10 | if (const ObjCPropertyDecl *P = PI->getPropertyDecl()) { |
756 | 10 | if (P->getGetterName() == MD->getSelector()) |
757 | 6 | IVar = P->getPropertyIvarDecl(); |
758 | 10 | } |
759 | 10 | } |
760 | 6 | } |
761 | | |
762 | 80 | if (!IVar) { |
763 | 74 | const ObjCPropertyDecl *Prop = MD->findPropertyDecl(); |
764 | 74 | IVar = findBackingIvar(Prop); |
765 | 74 | if (!IVar) |
766 | 20 | return nullptr; |
767 | | |
768 | | // Ignore weak variables, which have special behavior. |
769 | 54 | if (Prop->getPropertyAttributes() & ObjCPropertyAttribute::kind_weak) |
770 | 0 | return nullptr; |
771 | | |
772 | | // Look to see if Sema has synthesized a body for us. This happens in |
773 | | // Objective-C++ because the return value may be a C++ class type with a |
774 | | // non-trivial copy constructor. We can only do this if we can find the |
775 | | // @synthesize for this property, though (or if we know it's been auto- |
776 | | // synthesized). |
777 | 54 | const ObjCImplementationDecl *ImplDecl = |
778 | 54 | IVar->getContainingInterface()->getImplementation(); |
779 | 54 | if (ImplDecl) { |
780 | 208 | for (const auto *I : ImplDecl->property_impls()) { |
781 | 208 | if (I->getPropertyDecl() != Prop) |
782 | 157 | continue; |
783 | | |
784 | 51 | if (I->getGetterCXXConstructor()) { |
785 | 4 | ASTMaker M(Ctx); |
786 | 4 | return M.makeReturn(I->getGetterCXXConstructor()); |
787 | 4 | } |
788 | 51 | } |
789 | 54 | } |
790 | | |
791 | | // Sanity check that the property is the same type as the ivar, or a |
792 | | // reference to it, and that it is either an object pointer or trivially |
793 | | // copyable. |
794 | 50 | if (!Ctx.hasSameUnqualifiedType(IVar->getType(), |
795 | 50 | Prop->getType().getNonReferenceType())) |
796 | 0 | return nullptr; |
797 | 50 | if (!IVar->getType()->isObjCLifetimeType() && |
798 | 27 | !IVar->getType().isTriviallyCopyableType(Ctx)) |
799 | 0 | return nullptr; |
800 | 56 | } |
801 | | |
802 | | // Generate our body: |
803 | | // return self->_ivar; |
804 | 56 | ASTMaker M(Ctx); |
805 | | |
806 | 56 | const VarDecl *selfVar = MD->getSelfDecl(); |
807 | 56 | if (!selfVar) |
808 | 0 | return nullptr; |
809 | | |
810 | 56 | Expr *loadedIVar = |
811 | 56 | M.makeObjCIvarRef( |
812 | 56 | M.makeLvalueToRvalue( |
813 | 56 | M.makeDeclRefExpr(selfVar), |
814 | 56 | selfVar->getType()), |
815 | 56 | IVar); |
816 | | |
817 | 56 | if (!MD->getReturnType()->isReferenceType()) |
818 | 54 | loadedIVar = M.makeLvalueToRvalue(loadedIVar, IVar->getType()); |
819 | | |
820 | 56 | return M.makeReturn(loadedIVar); |
821 | 56 | } |
822 | | |
823 | 95.9k | Stmt *BodyFarm::getBody(const ObjCMethodDecl *D) { |
824 | | // We currently only know how to synthesize property accessors. |
825 | 95.9k | if (!D->isPropertyAccessor()) |
826 | 75.9k | return nullptr; |
827 | | |
828 | 20.0k | D = D->getCanonicalDecl(); |
829 | | |
830 | | // We should not try to synthesize explicitly redefined accessors. |
831 | | // We do not know for sure how they behave. |
832 | 20.0k | if (!D->isImplicit()) |
833 | 12 | return nullptr; |
834 | | |
835 | 20.0k | Optional<Stmt *> &Val = Bodies[D]; |
836 | 20.0k | if (Val.hasValue()) |
837 | 19.9k | return Val.getValue(); |
838 | 129 | Val = nullptr; |
839 | | |
840 | | // For now, we only synthesize getters. |
841 | | // Synthesizing setters would cause false negatives in the |
842 | | // RetainCountChecker because the method body would bind the parameter |
843 | | // to an instance variable, causing it to escape. This would prevent |
844 | | // warning in the following common scenario: |
845 | | // |
846 | | // id foo = [[NSObject alloc] init]; |
847 | | // self.foo = foo; // We should warn that foo leaks here. |
848 | | // |
849 | 129 | if (D->param_size() != 0) |
850 | 49 | return nullptr; |
851 | | |
852 | | // If the property was defined in an extension, search the extensions for |
853 | | // overrides. |
854 | 80 | const ObjCInterfaceDecl *OID = D->getClassInterface(); |
855 | 80 | if (dyn_cast<ObjCInterfaceDecl>(D->getParent()) != OID) |
856 | 18 | for (auto *Ext : OID->known_extensions())16 { |
857 | 18 | auto *OMD = Ext->getInstanceMethod(D->getSelector()); |
858 | 18 | if (OMD && !OMD->isImplicit()10 ) |
859 | 0 | return nullptr; |
860 | 18 | } |
861 | | |
862 | 80 | Val = createObjCPropertyGetter(C, D); |
863 | | |
864 | 80 | return Val.getValue(); |
865 | 80 | } |