1.7.5.1Copyright © 2003-2013 University of Illinois at Urbana-Champaign. All Rights Reserved.
LLVM API Documentation
00001 //===------ MemoryBuiltins.cpp - Identify calls to memory builtins --------===// 00002 // 00003 // The LLVM Compiler Infrastructure 00004 // 00005 // This file is distributed under the University of Illinois Open Source 00006 // License. See LICENSE.TXT for details. 00007 // 00008 //===----------------------------------------------------------------------===// 00009 // 00010 // This family of functions identifies calls to builtin functions that allocate 00011 // or free memory. 00012 // 00013 //===----------------------------------------------------------------------===// 00014 00015 #define DEBUG_TYPE "memory-builtins" 00016 #include "llvm/Analysis/MemoryBuiltins.h" 00017 #include "llvm/ADT/STLExtras.h" 00018 #include "llvm/ADT/Statistic.h" 00019 #include "llvm/Analysis/ValueTracking.h" 00020 #include "llvm/IR/DataLayout.h" 00021 #include "llvm/IR/GlobalVariable.h" 00022 #include "llvm/IR/Instructions.h" 00023 #include "llvm/IR/Intrinsics.h" 00024 #include "llvm/IR/Metadata.h" 00025 #include "llvm/IR/Module.h" 00026 #include "llvm/Support/Debug.h" 00027 #include "llvm/Support/MathExtras.h" 00028 #include "llvm/Support/raw_ostream.h" 00029 #include "llvm/Target/TargetLibraryInfo.h" 00030 #include "llvm/Transforms/Utils/Local.h" 00031 using namespace llvm; 00032 00033 enum AllocType { 00034 MallocLike = 1<<0, // allocates 00035 CallocLike = 1<<1, // allocates + bzero 00036 ReallocLike = 1<<2, // reallocates 00037 StrDupLike = 1<<3, 00038 AllocLike = MallocLike | CallocLike | StrDupLike, 00039 AnyAlloc = MallocLike | CallocLike | ReallocLike | StrDupLike 00040 }; 00041 00042 struct AllocFnsTy { 00043 LibFunc::Func Func; 00044 AllocType AllocTy; 00045 unsigned char NumParams; 00046 // First and Second size parameters (or -1 if unused) 00047 signed char FstParam, SndParam; 00048 }; 00049 00050 // FIXME: certain users need more information. E.g., SimplifyLibCalls needs to 00051 // know which functions are nounwind, noalias, nocapture parameters, etc. 00052 static const AllocFnsTy AllocationFnData[] = { 00053 {LibFunc::malloc, MallocLike, 1, 0, -1}, 00054 {LibFunc::valloc, MallocLike, 1, 0, -1}, 00055 {LibFunc::Znwj, MallocLike, 1, 0, -1}, // new(unsigned int) 00056 {LibFunc::ZnwjRKSt9nothrow_t, MallocLike, 2, 0, -1}, // new(unsigned int, nothrow) 00057 {LibFunc::Znwm, MallocLike, 1, 0, -1}, // new(unsigned long) 00058 {LibFunc::ZnwmRKSt9nothrow_t, MallocLike, 2, 0, -1}, // new(unsigned long, nothrow) 00059 {LibFunc::Znaj, MallocLike, 1, 0, -1}, // new[](unsigned int) 00060 {LibFunc::ZnajRKSt9nothrow_t, MallocLike, 2, 0, -1}, // new[](unsigned int, nothrow) 00061 {LibFunc::Znam, MallocLike, 1, 0, -1}, // new[](unsigned long) 00062 {LibFunc::ZnamRKSt9nothrow_t, MallocLike, 2, 0, -1}, // new[](unsigned long, nothrow) 00063 {LibFunc::posix_memalign, MallocLike, 3, 2, -1}, 00064 {LibFunc::calloc, CallocLike, 2, 0, 1}, 00065 {LibFunc::realloc, ReallocLike, 2, 1, -1}, 00066 {LibFunc::reallocf, ReallocLike, 2, 1, -1}, 00067 {LibFunc::strdup, StrDupLike, 1, -1, -1}, 00068 {LibFunc::strndup, StrDupLike, 2, 1, -1} 00069 }; 00070 00071 00072 static Function *getCalledFunction(const Value *V, bool LookThroughBitCast) { 00073 if (LookThroughBitCast) 00074 V = V->stripPointerCasts(); 00075 00076 CallSite CS(const_cast<Value*>(V)); 00077 if (!CS.getInstruction()) 00078 return 0; 00079 00080 if (CS.hasFnAttr(Attribute::NoBuiltin)) 00081 return 0; 00082 00083 Function *Callee = CS.getCalledFunction(); 00084 if (!Callee || !Callee->isDeclaration()) 00085 return 0; 00086 return Callee; 00087 } 00088 00089 /// \brief Returns the allocation data for the given value if it is a call to a 00090 /// known allocation function, and NULL otherwise. 00091 static const AllocFnsTy *getAllocationData(const Value *V, AllocType AllocTy, 00092 const TargetLibraryInfo *TLI, 00093 bool LookThroughBitCast = false) { 00094 // Skip intrinsics 00095 if (isa<IntrinsicInst>(V)) 00096 return 0; 00097 00098 Function *Callee = getCalledFunction(V, LookThroughBitCast); 00099 if (!Callee) 00100 return 0; 00101 00102 // Make sure that the function is available. 00103 StringRef FnName = Callee->getName(); 00104 LibFunc::Func TLIFn; 00105 if (!TLI || !TLI->getLibFunc(FnName, TLIFn) || !TLI->has(TLIFn)) 00106 return 0; 00107 00108 unsigned i = 0; 00109 bool found = false; 00110 for ( ; i < array_lengthof(AllocationFnData); ++i) { 00111 if (AllocationFnData[i].Func == TLIFn) { 00112 found = true; 00113 break; 00114 } 00115 } 00116 if (!found) 00117 return 0; 00118 00119 const AllocFnsTy *FnData = &AllocationFnData[i]; 00120 if ((FnData->AllocTy & AllocTy) == 0) 00121 return 0; 00122 00123 // Check function prototype. 00124 int FstParam = FnData->FstParam; 00125 int SndParam = FnData->SndParam; 00126 FunctionType *FTy = Callee->getFunctionType(); 00127 00128 if (FTy->getReturnType() == Type::getInt8PtrTy(FTy->getContext()) && 00129 FTy->getNumParams() == FnData->NumParams && 00130 (FstParam < 0 || 00131 (FTy->getParamType(FstParam)->isIntegerTy(32) || 00132 FTy->getParamType(FstParam)->isIntegerTy(64))) && 00133 (SndParam < 0 || 00134 FTy->getParamType(SndParam)->isIntegerTy(32) || 00135 FTy->getParamType(SndParam)->isIntegerTy(64))) 00136 return FnData; 00137 return 0; 00138 } 00139 00140 static bool hasNoAliasAttr(const Value *V, bool LookThroughBitCast) { 00141 ImmutableCallSite CS(LookThroughBitCast ? V->stripPointerCasts() : V); 00142 return CS && CS.hasFnAttr(Attribute::NoAlias); 00143 } 00144 00145 00146 /// \brief Tests if a value is a call or invoke to a library function that 00147 /// allocates or reallocates memory (either malloc, calloc, realloc, or strdup 00148 /// like). 00149 bool llvm::isAllocationFn(const Value *V, const TargetLibraryInfo *TLI, 00150 bool LookThroughBitCast) { 00151 return getAllocationData(V, AnyAlloc, TLI, LookThroughBitCast); 00152 } 00153 00154 /// \brief Tests if a value is a call or invoke to a function that returns a 00155 /// NoAlias pointer (including malloc/calloc/realloc/strdup-like functions). 00156 bool llvm::isNoAliasFn(const Value *V, const TargetLibraryInfo *TLI, 00157 bool LookThroughBitCast) { 00158 // it's safe to consider realloc as noalias since accessing the original 00159 // pointer is undefined behavior 00160 return isAllocationFn(V, TLI, LookThroughBitCast) || 00161 hasNoAliasAttr(V, LookThroughBitCast); 00162 } 00163 00164 /// \brief Tests if a value is a call or invoke to a library function that 00165 /// allocates uninitialized memory (such as malloc). 00166 bool llvm::isMallocLikeFn(const Value *V, const TargetLibraryInfo *TLI, 00167 bool LookThroughBitCast) { 00168 return getAllocationData(V, MallocLike, TLI, LookThroughBitCast); 00169 } 00170 00171 /// \brief Tests if a value is a call or invoke to a library function that 00172 /// allocates zero-filled memory (such as calloc). 00173 bool llvm::isCallocLikeFn(const Value *V, const TargetLibraryInfo *TLI, 00174 bool LookThroughBitCast) { 00175 return getAllocationData(V, CallocLike, TLI, LookThroughBitCast); 00176 } 00177 00178 /// \brief Tests if a value is a call or invoke to a library function that 00179 /// allocates memory (either malloc, calloc, or strdup like). 00180 bool llvm::isAllocLikeFn(const Value *V, const TargetLibraryInfo *TLI, 00181 bool LookThroughBitCast) { 00182 return getAllocationData(V, AllocLike, TLI, LookThroughBitCast); 00183 } 00184 00185 /// \brief Tests if a value is a call or invoke to a library function that 00186 /// reallocates memory (such as realloc). 00187 bool llvm::isReallocLikeFn(const Value *V, const TargetLibraryInfo *TLI, 00188 bool LookThroughBitCast) { 00189 return getAllocationData(V, ReallocLike, TLI, LookThroughBitCast); 00190 } 00191 00192 /// extractMallocCall - Returns the corresponding CallInst if the instruction 00193 /// is a malloc call. Since CallInst::CreateMalloc() only creates calls, we 00194 /// ignore InvokeInst here. 00195 const CallInst *llvm::extractMallocCall(const Value *I, 00196 const TargetLibraryInfo *TLI) { 00197 return isMallocLikeFn(I, TLI) ? dyn_cast<CallInst>(I) : 0; 00198 } 00199 00200 static Value *computeArraySize(const CallInst *CI, const DataLayout *TD, 00201 const TargetLibraryInfo *TLI, 00202 bool LookThroughSExt = false) { 00203 if (!CI) 00204 return 0; 00205 00206 // The size of the malloc's result type must be known to determine array size. 00207 Type *T = getMallocAllocatedType(CI, TLI); 00208 if (!T || !T->isSized() || !TD) 00209 return 0; 00210 00211 unsigned ElementSize = TD->getTypeAllocSize(T); 00212 if (StructType *ST = dyn_cast<StructType>(T)) 00213 ElementSize = TD->getStructLayout(ST)->getSizeInBytes(); 00214 00215 // If malloc call's arg can be determined to be a multiple of ElementSize, 00216 // return the multiple. Otherwise, return NULL. 00217 Value *MallocArg = CI->getArgOperand(0); 00218 Value *Multiple = 0; 00219 if (ComputeMultiple(MallocArg, ElementSize, Multiple, 00220 LookThroughSExt)) 00221 return Multiple; 00222 00223 return 0; 00224 } 00225 00226 /// isArrayMalloc - Returns the corresponding CallInst if the instruction 00227 /// is a call to malloc whose array size can be determined and the array size 00228 /// is not constant 1. Otherwise, return NULL. 00229 const CallInst *llvm::isArrayMalloc(const Value *I, 00230 const DataLayout *TD, 00231 const TargetLibraryInfo *TLI) { 00232 const CallInst *CI = extractMallocCall(I, TLI); 00233 Value *ArraySize = computeArraySize(CI, TD, TLI); 00234 00235 if (ConstantInt *ConstSize = dyn_cast_or_null<ConstantInt>(ArraySize)) 00236 if (ConstSize->isOne()) 00237 return CI; 00238 00239 // CI is a non-array malloc or we can't figure out that it is an array malloc. 00240 return 0; 00241 } 00242 00243 /// getMallocType - Returns the PointerType resulting from the malloc call. 00244 /// The PointerType depends on the number of bitcast uses of the malloc call: 00245 /// 0: PointerType is the calls' return type. 00246 /// 1: PointerType is the bitcast's result type. 00247 /// >1: Unique PointerType cannot be determined, return NULL. 00248 PointerType *llvm::getMallocType(const CallInst *CI, 00249 const TargetLibraryInfo *TLI) { 00250 assert(isMallocLikeFn(CI, TLI) && "getMallocType and not malloc call"); 00251 00252 PointerType *MallocType = 0; 00253 unsigned NumOfBitCastUses = 0; 00254 00255 // Determine if CallInst has a bitcast use. 00256 for (Value::const_use_iterator UI = CI->use_begin(), E = CI->use_end(); 00257 UI != E; ) 00258 if (const BitCastInst *BCI = dyn_cast<BitCastInst>(*UI++)) { 00259 MallocType = cast<PointerType>(BCI->getDestTy()); 00260 NumOfBitCastUses++; 00261 } 00262 00263 // Malloc call has 1 bitcast use, so type is the bitcast's destination type. 00264 if (NumOfBitCastUses == 1) 00265 return MallocType; 00266 00267 // Malloc call was not bitcast, so type is the malloc function's return type. 00268 if (NumOfBitCastUses == 0) 00269 return cast<PointerType>(CI->getType()); 00270 00271 // Type could not be determined. 00272 return 0; 00273 } 00274 00275 /// getMallocAllocatedType - Returns the Type allocated by malloc call. 00276 /// The Type depends on the number of bitcast uses of the malloc call: 00277 /// 0: PointerType is the malloc calls' return type. 00278 /// 1: PointerType is the bitcast's result type. 00279 /// >1: Unique PointerType cannot be determined, return NULL. 00280 Type *llvm::getMallocAllocatedType(const CallInst *CI, 00281 const TargetLibraryInfo *TLI) { 00282 PointerType *PT = getMallocType(CI, TLI); 00283 return PT ? PT->getElementType() : 0; 00284 } 00285 00286 /// getMallocArraySize - Returns the array size of a malloc call. If the 00287 /// argument passed to malloc is a multiple of the size of the malloced type, 00288 /// then return that multiple. For non-array mallocs, the multiple is 00289 /// constant 1. Otherwise, return NULL for mallocs whose array size cannot be 00290 /// determined. 00291 Value *llvm::getMallocArraySize(CallInst *CI, const DataLayout *TD, 00292 const TargetLibraryInfo *TLI, 00293 bool LookThroughSExt) { 00294 assert(isMallocLikeFn(CI, TLI) && "getMallocArraySize and not malloc call"); 00295 return computeArraySize(CI, TD, TLI, LookThroughSExt); 00296 } 00297 00298 00299 /// extractCallocCall - Returns the corresponding CallInst if the instruction 00300 /// is a calloc call. 00301 const CallInst *llvm::extractCallocCall(const Value *I, 00302 const TargetLibraryInfo *TLI) { 00303 return isCallocLikeFn(I, TLI) ? cast<CallInst>(I) : 0; 00304 } 00305 00306 00307 /// isFreeCall - Returns non-null if the value is a call to the builtin free() 00308 const CallInst *llvm::isFreeCall(const Value *I, const TargetLibraryInfo *TLI) { 00309 const CallInst *CI = dyn_cast<CallInst>(I); 00310 if (!CI || isa<IntrinsicInst>(CI)) 00311 return 0; 00312 Function *Callee = CI->getCalledFunction(); 00313 if (Callee == 0 || !Callee->isDeclaration()) 00314 return 0; 00315 00316 StringRef FnName = Callee->getName(); 00317 LibFunc::Func TLIFn; 00318 if (!TLI || !TLI->getLibFunc(FnName, TLIFn) || !TLI->has(TLIFn)) 00319 return 0; 00320 00321 if (TLIFn != LibFunc::free && 00322 TLIFn != LibFunc::ZdlPv && // operator delete(void*) 00323 TLIFn != LibFunc::ZdaPv) // operator delete[](void*) 00324 return 0; 00325 00326 // Check free prototype. 00327 // FIXME: workaround for PR5130, this will be obsolete when a nobuiltin 00328 // attribute will exist. 00329 FunctionType *FTy = Callee->getFunctionType(); 00330 if (!FTy->getReturnType()->isVoidTy()) 00331 return 0; 00332 if (FTy->getNumParams() != 1) 00333 return 0; 00334 if (FTy->getParamType(0) != Type::getInt8PtrTy(Callee->getContext())) 00335 return 0; 00336 00337 return CI; 00338 } 00339 00340 00341 00342 //===----------------------------------------------------------------------===// 00343 // Utility functions to compute size of objects. 00344 // 00345 00346 00347 /// \brief Compute the size of the object pointed by Ptr. Returns true and the 00348 /// object size in Size if successful, and false otherwise. 00349 /// If RoundToAlign is true, then Size is rounded up to the aligment of allocas, 00350 /// byval arguments, and global variables. 00351 bool llvm::getObjectSize(const Value *Ptr, uint64_t &Size, const DataLayout *TD, 00352 const TargetLibraryInfo *TLI, bool RoundToAlign) { 00353 if (!TD) 00354 return false; 00355 00356 ObjectSizeOffsetVisitor Visitor(TD, TLI, Ptr->getContext(), RoundToAlign); 00357 SizeOffsetType Data = Visitor.compute(const_cast<Value*>(Ptr)); 00358 if (!Visitor.bothKnown(Data)) 00359 return false; 00360 00361 APInt ObjSize = Data.first, Offset = Data.second; 00362 // check for overflow 00363 if (Offset.slt(0) || ObjSize.ult(Offset)) 00364 Size = 0; 00365 else 00366 Size = (ObjSize - Offset).getZExtValue(); 00367 return true; 00368 } 00369 00370 00371 STATISTIC(ObjectVisitorArgument, 00372 "Number of arguments with unsolved size and offset"); 00373 STATISTIC(ObjectVisitorLoad, 00374 "Number of load instructions with unsolved size and offset"); 00375 00376 00377 APInt ObjectSizeOffsetVisitor::align(APInt Size, uint64_t Align) { 00378 if (RoundToAlign && Align) 00379 return APInt(IntTyBits, RoundUpToAlignment(Size.getZExtValue(), Align)); 00380 return Size; 00381 } 00382 00383 ObjectSizeOffsetVisitor::ObjectSizeOffsetVisitor(const DataLayout *TD, 00384 const TargetLibraryInfo *TLI, 00385 LLVMContext &Context, 00386 bool RoundToAlign) 00387 : TD(TD), TLI(TLI), RoundToAlign(RoundToAlign) { 00388 IntegerType *IntTy = TD->getIntPtrType(Context); 00389 IntTyBits = IntTy->getBitWidth(); 00390 Zero = APInt::getNullValue(IntTyBits); 00391 } 00392 00393 SizeOffsetType ObjectSizeOffsetVisitor::compute(Value *V) { 00394 V = V->stripPointerCasts(); 00395 if (Instruction *I = dyn_cast<Instruction>(V)) { 00396 // If we have already seen this instruction, bail out. Cycles can happen in 00397 // unreachable code after constant propagation. 00398 if (!SeenInsts.insert(I)) 00399 return unknown(); 00400 00401 if (GEPOperator *GEP = dyn_cast<GEPOperator>(V)) 00402 return visitGEPOperator(*GEP); 00403 return visit(*I); 00404 } 00405 if (Argument *A = dyn_cast<Argument>(V)) 00406 return visitArgument(*A); 00407 if (ConstantPointerNull *P = dyn_cast<ConstantPointerNull>(V)) 00408 return visitConstantPointerNull(*P); 00409 if (GlobalAlias *GA = dyn_cast<GlobalAlias>(V)) 00410 return visitGlobalAlias(*GA); 00411 if (GlobalVariable *GV = dyn_cast<GlobalVariable>(V)) 00412 return visitGlobalVariable(*GV); 00413 if (UndefValue *UV = dyn_cast<UndefValue>(V)) 00414 return visitUndefValue(*UV); 00415 if (ConstantExpr *CE = dyn_cast<ConstantExpr>(V)) { 00416 if (CE->getOpcode() == Instruction::IntToPtr) 00417 return unknown(); // clueless 00418 if (CE->getOpcode() == Instruction::GetElementPtr) 00419 return visitGEPOperator(cast<GEPOperator>(*CE)); 00420 } 00421 00422 DEBUG(dbgs() << "ObjectSizeOffsetVisitor::compute() unhandled value: " << *V 00423 << '\n'); 00424 return unknown(); 00425 } 00426 00427 SizeOffsetType ObjectSizeOffsetVisitor::visitAllocaInst(AllocaInst &I) { 00428 if (!I.getAllocatedType()->isSized()) 00429 return unknown(); 00430 00431 APInt Size(IntTyBits, TD->getTypeAllocSize(I.getAllocatedType())); 00432 if (!I.isArrayAllocation()) 00433 return std::make_pair(align(Size, I.getAlignment()), Zero); 00434 00435 Value *ArraySize = I.getArraySize(); 00436 if (const ConstantInt *C = dyn_cast<ConstantInt>(ArraySize)) { 00437 Size *= C->getValue().zextOrSelf(IntTyBits); 00438 return std::make_pair(align(Size, I.getAlignment()), Zero); 00439 } 00440 return unknown(); 00441 } 00442 00443 SizeOffsetType ObjectSizeOffsetVisitor::visitArgument(Argument &A) { 00444 // no interprocedural analysis is done at the moment 00445 if (!A.hasByValAttr()) { 00446 ++ObjectVisitorArgument; 00447 return unknown(); 00448 } 00449 PointerType *PT = cast<PointerType>(A.getType()); 00450 APInt Size(IntTyBits, TD->getTypeAllocSize(PT->getElementType())); 00451 return std::make_pair(align(Size, A.getParamAlignment()), Zero); 00452 } 00453 00454 SizeOffsetType ObjectSizeOffsetVisitor::visitCallSite(CallSite CS) { 00455 const AllocFnsTy *FnData = getAllocationData(CS.getInstruction(), AnyAlloc, 00456 TLI); 00457 if (!FnData) 00458 return unknown(); 00459 00460 // handle strdup-like functions separately 00461 if (FnData->AllocTy == StrDupLike) { 00462 APInt Size(IntTyBits, GetStringLength(CS.getArgument(0))); 00463 if (!Size) 00464 return unknown(); 00465 00466 // strndup limits strlen 00467 if (FnData->FstParam > 0) { 00468 ConstantInt *Arg= dyn_cast<ConstantInt>(CS.getArgument(FnData->FstParam)); 00469 if (!Arg) 00470 return unknown(); 00471 00472 APInt MaxSize = Arg->getValue().zextOrSelf(IntTyBits); 00473 if (Size.ugt(MaxSize)) 00474 Size = MaxSize + 1; 00475 } 00476 return std::make_pair(Size, Zero); 00477 } 00478 00479 ConstantInt *Arg = dyn_cast<ConstantInt>(CS.getArgument(FnData->FstParam)); 00480 if (!Arg) 00481 return unknown(); 00482 00483 APInt Size = Arg->getValue().zextOrSelf(IntTyBits); 00484 // size determined by just 1 parameter 00485 if (FnData->SndParam < 0) 00486 return std::make_pair(Size, Zero); 00487 00488 Arg = dyn_cast<ConstantInt>(CS.getArgument(FnData->SndParam)); 00489 if (!Arg) 00490 return unknown(); 00491 00492 Size *= Arg->getValue().zextOrSelf(IntTyBits); 00493 return std::make_pair(Size, Zero); 00494 00495 // TODO: handle more standard functions (+ wchar cousins): 00496 // - strdup / strndup 00497 // - strcpy / strncpy 00498 // - strcat / strncat 00499 // - memcpy / memmove 00500 // - strcat / strncat 00501 // - memset 00502 } 00503 00504 SizeOffsetType 00505 ObjectSizeOffsetVisitor::visitConstantPointerNull(ConstantPointerNull&) { 00506 return std::make_pair(Zero, Zero); 00507 } 00508 00509 SizeOffsetType 00510 ObjectSizeOffsetVisitor::visitExtractElementInst(ExtractElementInst&) { 00511 return unknown(); 00512 } 00513 00514 SizeOffsetType 00515 ObjectSizeOffsetVisitor::visitExtractValueInst(ExtractValueInst&) { 00516 // Easy cases were already folded by previous passes. 00517 return unknown(); 00518 } 00519 00520 SizeOffsetType ObjectSizeOffsetVisitor::visitGEPOperator(GEPOperator &GEP) { 00521 SizeOffsetType PtrData = compute(GEP.getPointerOperand()); 00522 APInt Offset(IntTyBits, 0); 00523 if (!bothKnown(PtrData) || !GEP.accumulateConstantOffset(*TD, Offset)) 00524 return unknown(); 00525 00526 return std::make_pair(PtrData.first, PtrData.second + Offset); 00527 } 00528 00529 SizeOffsetType ObjectSizeOffsetVisitor::visitGlobalAlias(GlobalAlias &GA) { 00530 if (GA.mayBeOverridden()) 00531 return unknown(); 00532 return compute(GA.getAliasee()); 00533 } 00534 00535 SizeOffsetType ObjectSizeOffsetVisitor::visitGlobalVariable(GlobalVariable &GV){ 00536 if (!GV.hasDefinitiveInitializer()) 00537 return unknown(); 00538 00539 APInt Size(IntTyBits, TD->getTypeAllocSize(GV.getType()->getElementType())); 00540 return std::make_pair(align(Size, GV.getAlignment()), Zero); 00541 } 00542 00543 SizeOffsetType ObjectSizeOffsetVisitor::visitIntToPtrInst(IntToPtrInst&) { 00544 // clueless 00545 return unknown(); 00546 } 00547 00548 SizeOffsetType ObjectSizeOffsetVisitor::visitLoadInst(LoadInst&) { 00549 ++ObjectVisitorLoad; 00550 return unknown(); 00551 } 00552 00553 SizeOffsetType ObjectSizeOffsetVisitor::visitPHINode(PHINode&) { 00554 // too complex to analyze statically. 00555 return unknown(); 00556 } 00557 00558 SizeOffsetType ObjectSizeOffsetVisitor::visitSelectInst(SelectInst &I) { 00559 SizeOffsetType TrueSide = compute(I.getTrueValue()); 00560 SizeOffsetType FalseSide = compute(I.getFalseValue()); 00561 if (bothKnown(TrueSide) && bothKnown(FalseSide) && TrueSide == FalseSide) 00562 return TrueSide; 00563 return unknown(); 00564 } 00565 00566 SizeOffsetType ObjectSizeOffsetVisitor::visitUndefValue(UndefValue&) { 00567 return std::make_pair(Zero, Zero); 00568 } 00569 00570 SizeOffsetType ObjectSizeOffsetVisitor::visitInstruction(Instruction &I) { 00571 DEBUG(dbgs() << "ObjectSizeOffsetVisitor unknown instruction:" << I << '\n'); 00572 return unknown(); 00573 } 00574 00575 00576 ObjectSizeOffsetEvaluator::ObjectSizeOffsetEvaluator(const DataLayout *TD, 00577 const TargetLibraryInfo *TLI, 00578 LLVMContext &Context) 00579 : TD(TD), TLI(TLI), Context(Context), Builder(Context, TargetFolder(TD)) { 00580 IntTy = TD->getIntPtrType(Context); 00581 Zero = ConstantInt::get(IntTy, 0); 00582 } 00583 00584 SizeOffsetEvalType ObjectSizeOffsetEvaluator::compute(Value *V) { 00585 SizeOffsetEvalType Result = compute_(V); 00586 00587 if (!bothKnown(Result)) { 00588 // erase everything that was computed in this iteration from the cache, so 00589 // that no dangling references are left behind. We could be a bit smarter if 00590 // we kept a dependency graph. It's probably not worth the complexity. 00591 for (PtrSetTy::iterator I=SeenVals.begin(), E=SeenVals.end(); I != E; ++I) { 00592 CacheMapTy::iterator CacheIt = CacheMap.find(*I); 00593 // non-computable results can be safely cached 00594 if (CacheIt != CacheMap.end() && anyKnown(CacheIt->second)) 00595 CacheMap.erase(CacheIt); 00596 } 00597 } 00598 00599 SeenVals.clear(); 00600 return Result; 00601 } 00602 00603 SizeOffsetEvalType ObjectSizeOffsetEvaluator::compute_(Value *V) { 00604 ObjectSizeOffsetVisitor Visitor(TD, TLI, Context); 00605 SizeOffsetType Const = Visitor.compute(V); 00606 if (Visitor.bothKnown(Const)) 00607 return std::make_pair(ConstantInt::get(Context, Const.first), 00608 ConstantInt::get(Context, Const.second)); 00609 00610 V = V->stripPointerCasts(); 00611 00612 // check cache 00613 CacheMapTy::iterator CacheIt = CacheMap.find(V); 00614 if (CacheIt != CacheMap.end()) 00615 return CacheIt->second; 00616 00617 // always generate code immediately before the instruction being 00618 // processed, so that the generated code dominates the same BBs 00619 Instruction *PrevInsertPoint = Builder.GetInsertPoint(); 00620 if (Instruction *I = dyn_cast<Instruction>(V)) 00621 Builder.SetInsertPoint(I); 00622 00623 // record the pointers that were handled in this run, so that they can be 00624 // cleaned later if something fails 00625 SeenVals.insert(V); 00626 00627 // now compute the size and offset 00628 SizeOffsetEvalType Result; 00629 if (GEPOperator *GEP = dyn_cast<GEPOperator>(V)) { 00630 Result = visitGEPOperator(*GEP); 00631 } else if (Instruction *I = dyn_cast<Instruction>(V)) { 00632 Result = visit(*I); 00633 } else if (isa<Argument>(V) || 00634 (isa<ConstantExpr>(V) && 00635 cast<ConstantExpr>(V)->getOpcode() == Instruction::IntToPtr) || 00636 isa<GlobalAlias>(V) || 00637 isa<GlobalVariable>(V)) { 00638 // ignore values where we cannot do more than what ObjectSizeVisitor can 00639 Result = unknown(); 00640 } else { 00641 DEBUG(dbgs() << "ObjectSizeOffsetEvaluator::compute() unhandled value: " 00642 << *V << '\n'); 00643 Result = unknown(); 00644 } 00645 00646 if (PrevInsertPoint) 00647 Builder.SetInsertPoint(PrevInsertPoint); 00648 00649 // Don't reuse CacheIt since it may be invalid at this point. 00650 CacheMap[V] = Result; 00651 return Result; 00652 } 00653 00654 SizeOffsetEvalType ObjectSizeOffsetEvaluator::visitAllocaInst(AllocaInst &I) { 00655 if (!I.getAllocatedType()->isSized()) 00656 return unknown(); 00657 00658 // must be a VLA 00659 assert(I.isArrayAllocation()); 00660 Value *ArraySize = I.getArraySize(); 00661 Value *Size = ConstantInt::get(ArraySize->getType(), 00662 TD->getTypeAllocSize(I.getAllocatedType())); 00663 Size = Builder.CreateMul(Size, ArraySize); 00664 return std::make_pair(Size, Zero); 00665 } 00666 00667 SizeOffsetEvalType ObjectSizeOffsetEvaluator::visitCallSite(CallSite CS) { 00668 const AllocFnsTy *FnData = getAllocationData(CS.getInstruction(), AnyAlloc, 00669 TLI); 00670 if (!FnData) 00671 return unknown(); 00672 00673 // handle strdup-like functions separately 00674 if (FnData->AllocTy == StrDupLike) { 00675 // TODO 00676 return unknown(); 00677 } 00678 00679 Value *FirstArg = CS.getArgument(FnData->FstParam); 00680 FirstArg = Builder.CreateZExt(FirstArg, IntTy); 00681 if (FnData->SndParam < 0) 00682 return std::make_pair(FirstArg, Zero); 00683 00684 Value *SecondArg = CS.getArgument(FnData->SndParam); 00685 SecondArg = Builder.CreateZExt(SecondArg, IntTy); 00686 Value *Size = Builder.CreateMul(FirstArg, SecondArg); 00687 return std::make_pair(Size, Zero); 00688 00689 // TODO: handle more standard functions (+ wchar cousins): 00690 // - strdup / strndup 00691 // - strcpy / strncpy 00692 // - strcat / strncat 00693 // - memcpy / memmove 00694 // - strcat / strncat 00695 // - memset 00696 } 00697 00698 SizeOffsetEvalType 00699 ObjectSizeOffsetEvaluator::visitExtractElementInst(ExtractElementInst&) { 00700 return unknown(); 00701 } 00702 00703 SizeOffsetEvalType 00704 ObjectSizeOffsetEvaluator::visitExtractValueInst(ExtractValueInst&) { 00705 return unknown(); 00706 } 00707 00708 SizeOffsetEvalType 00709 ObjectSizeOffsetEvaluator::visitGEPOperator(GEPOperator &GEP) { 00710 SizeOffsetEvalType PtrData = compute_(GEP.getPointerOperand()); 00711 if (!bothKnown(PtrData)) 00712 return unknown(); 00713 00714 Value *Offset = EmitGEPOffset(&Builder, *TD, &GEP, /*NoAssumptions=*/true); 00715 Offset = Builder.CreateAdd(PtrData.second, Offset); 00716 return std::make_pair(PtrData.first, Offset); 00717 } 00718 00719 SizeOffsetEvalType ObjectSizeOffsetEvaluator::visitIntToPtrInst(IntToPtrInst&) { 00720 // clueless 00721 return unknown(); 00722 } 00723 00724 SizeOffsetEvalType ObjectSizeOffsetEvaluator::visitLoadInst(LoadInst&) { 00725 return unknown(); 00726 } 00727 00728 SizeOffsetEvalType ObjectSizeOffsetEvaluator::visitPHINode(PHINode &PHI) { 00729 // create 2 PHIs: one for size and another for offset 00730 PHINode *SizePHI = Builder.CreatePHI(IntTy, PHI.getNumIncomingValues()); 00731 PHINode *OffsetPHI = Builder.CreatePHI(IntTy, PHI.getNumIncomingValues()); 00732 00733 // insert right away in the cache to handle recursive PHIs 00734 CacheMap[&PHI] = std::make_pair(SizePHI, OffsetPHI); 00735 00736 // compute offset/size for each PHI incoming pointer 00737 for (unsigned i = 0, e = PHI.getNumIncomingValues(); i != e; ++i) { 00738 Builder.SetInsertPoint(PHI.getIncomingBlock(i)->getFirstInsertionPt()); 00739 SizeOffsetEvalType EdgeData = compute_(PHI.getIncomingValue(i)); 00740 00741 if (!bothKnown(EdgeData)) { 00742 OffsetPHI->replaceAllUsesWith(UndefValue::get(IntTy)); 00743 OffsetPHI->eraseFromParent(); 00744 SizePHI->replaceAllUsesWith(UndefValue::get(IntTy)); 00745 SizePHI->eraseFromParent(); 00746 return unknown(); 00747 } 00748 SizePHI->addIncoming(EdgeData.first, PHI.getIncomingBlock(i)); 00749 OffsetPHI->addIncoming(EdgeData.second, PHI.getIncomingBlock(i)); 00750 } 00751 00752 Value *Size = SizePHI, *Offset = OffsetPHI, *Tmp; 00753 if ((Tmp = SizePHI->hasConstantValue())) { 00754 Size = Tmp; 00755 SizePHI->replaceAllUsesWith(Size); 00756 SizePHI->eraseFromParent(); 00757 } 00758 if ((Tmp = OffsetPHI->hasConstantValue())) { 00759 Offset = Tmp; 00760 OffsetPHI->replaceAllUsesWith(Offset); 00761 OffsetPHI->eraseFromParent(); 00762 } 00763 return std::make_pair(Size, Offset); 00764 } 00765 00766 SizeOffsetEvalType ObjectSizeOffsetEvaluator::visitSelectInst(SelectInst &I) { 00767 SizeOffsetEvalType TrueSide = compute_(I.getTrueValue()); 00768 SizeOffsetEvalType FalseSide = compute_(I.getFalseValue()); 00769 00770 if (!bothKnown(TrueSide) || !bothKnown(FalseSide)) 00771 return unknown(); 00772 if (TrueSide == FalseSide) 00773 return TrueSide; 00774 00775 Value *Size = Builder.CreateSelect(I.getCondition(), TrueSide.first, 00776 FalseSide.first); 00777 Value *Offset = Builder.CreateSelect(I.getCondition(), TrueSide.second, 00778 FalseSide.second); 00779 return std::make_pair(Size, Offset); 00780 } 00781 00782 SizeOffsetEvalType ObjectSizeOffsetEvaluator::visitInstruction(Instruction &I) { 00783 DEBUG(dbgs() << "ObjectSizeOffsetEvaluator unknown instruction:" << I <<'\n'); 00784 return unknown(); 00785 }
Generated on Thu May 23 2013 02:41:38 for LLVM by
1.7.5.1
Copyright © 2003-2013 University of Illinois at Urbana-Champaign.
All Rights Reserved.