//
//===----------------------------------------------------------------------===//
-#include "llvm/Analysis/DataStructure.h"
-#include "llvm/Analysis/DSGraph.h"
+#include "llvm/Analysis/DataStructure/DataStructure.h"
+#include "llvm/Analysis/DataStructure/DSGraph.h"
#include "llvm/Constants.h"
#include "llvm/DerivedTypes.h"
#include "llvm/Instructions.h"
X("datastructure", "Local Data Structure Analysis");
static cl::opt<bool>
-TrackIntegersAsPointers("dsa-track-integers",
+TrackIntegersAsPointers("dsa-track-integers", cl::Hidden,
cl::desc("If this is set, track integers as potential pointers"));
namespace llvm {
void visitInstruction(Instruction &I);
void visitCallSite(CallSite CS);
+ void visitVANextInst(VANextInst &I);
+ void visitVAArgInst(VAArgInst &I);
void MergeConstantInitIntoNode(DSNodeHandle &NH, Constant *C);
private:
DSNode *createNode(const Type *Ty = 0) {
DSNode *N = new DSNode(Ty, &G); // Create the node
if (DisableFieldSensitivity) {
+ // Create node handle referring to the old node so that it is
+ // immediately removed from the graph when the node handle is destroyed.
+ DSNodeHandle OldNNH = N;
N->foldNodeCompletely();
if (DSNode *FN = N->getForwardNode())
N = FN;
else
++I;
+ // If there are any constant globals referenced in this function, merge their
+ // initializers into the local graph from the globals graph.
+ if (ScalarMap.global_begin() != ScalarMap.global_end()) {
+ ReachabilityCloner RC(*this, *GG, 0);
+
+ for (DSScalarMap::global_iterator I = ScalarMap.global_begin();
+ I != ScalarMap.global_end(); ++I)
+ if (GlobalVariable *GV = dyn_cast<GlobalVariable>(*I))
+ if (!GV->isExternal() && GV->isConstant())
+ RC.merge(ScalarMap[GV], GG->ScalarMap[GV]);
+ }
+
markIncompleteNodes(DSGraph::MarkFormalArgs);
// Remove any nodes made dead due to merging...
// Otherwise we need to create a new node to point to.
// Check first for constant expressions that must be traversed to
// extract the actual value.
- if (Constant *C = dyn_cast<Constant>(V))
- if (ConstantPointerRef *CPR = dyn_cast<ConstantPointerRef>(C)) {
- return NH = getValueDest(*CPR->getValue());
- } else if (ConstantExpr *CE = dyn_cast<ConstantExpr>(C)) {
+ DSNode* N;
+ if (GlobalValue* GV = dyn_cast<GlobalValue>(V)) {
+ // Create a new global node for this global variable...
+ N = createNode(GV->getType()->getElementType());
+ N->addGlobal(GV);
+ } else if (Constant *C = dyn_cast<Constant>(V)) {
+ if (ConstantExpr *CE = dyn_cast<ConstantExpr>(C)) {
if (CE->getOpcode() == Instruction::Cast)
NH = getValueDest(*CE->getOperand(0));
else if (CE->getOpcode() == Instruction::GetElementPtr) {
} else {
assert(0 && "Unknown constant type!");
}
-
- // Otherwise we need to create a new node to point to...
- DSNode *N;
- if (GlobalValue *GV = dyn_cast<GlobalValue>(V)) {
- // Create a new global node for this global variable...
- N = createNode(GV->getType()->getElementType());
- N->addGlobal(GV);
+ N = createNode(); // just create a shadow node
} else {
// Otherwise just create a shadow node
N = createNode();
}
- NH.setNode(N); // Remember that we are pointing to it...
- NH.setOffset(0);
+ NH.setTo(N, 0); // Remember that we are pointing to it...
return NH;
}
/// merge the two destinations together.
///
void GraphBuilder::setDestTo(Value &V, const DSNodeHandle &NH) {
- DSNodeHandle &AINH = ScalarMap[&V];
- if (AINH.getNode() == 0) // Not pointing to anything yet?
- AINH = NH; // Just point directly to NH
- else
- AINH.mergeWith(NH);
+ ScalarMap[&V].mergeWith(NH);
}
#if 0
// Handle the pointer index specially...
if (GEP.getNumOperands() > 1 &&
- GEP.getOperand(1) != ConstantSInt::getNullValue(Type::LongTy)) {
+ (!isa<Constant>(GEP.getOperand(1)) ||
+ !cast<Constant>(GEP.getOperand(1))->isNullValue())) {
// If we already know this is an array being accessed, don't do anything...
if (!TopTypeRec.isArray) {
if (const StructType *STy = dyn_cast<StructType>(*I)) {
unsigned FieldNo = cast<ConstantUInt>(I.getOperand())->getValue();
Offset += TD.getStructLayout(STy)->MemberOffsets[FieldNo];
+ } else if (const PointerType *PTy = dyn_cast<PointerType>(*I)) {
+ if (!isa<Constant>(I.getOperand()) ||
+ !cast<Constant>(I.getOperand())->isNullValue())
+ Value.getNode()->setArrayMarker();
}
void GraphBuilder::visitStoreInst(StoreInst &SI) {
const Type *StoredTy = SI.getOperand(0)->getType();
DSNodeHandle Dest = getValueDest(*SI.getOperand(1));
- if (Dest.getNode() == 0) return;
+ if (Dest.isNull()) return;
// Mark that the node is written to...
Dest.getNode()->setModifiedMarker();
RetNode->mergeWith(getValueDest(*RI.getOperand(0)));
}
+void GraphBuilder::visitVANextInst(VANextInst &I) {
+ getValueDest(*I.getOperand(0)).mergeWith(getValueDest(I));
+}
+
+void GraphBuilder::visitVAArgInst(VAArgInst &I) {
+ DSNodeHandle Ptr = getValueDest(*I.getOperand(0));
+ if (Ptr.isNull()) return;
+
+ // Make that the node is read from.
+ Ptr.getNode()->setReadMarker();
+
+ // Ensure a typerecord exists...
+ Ptr.getNode()->mergeTypeInfo(I.getType(), Ptr.getOffset(), false);
+
+ if (isPointerType(I.getType()))
+ setDestTo(I, getLink(Ptr));
+}
+
+
void GraphBuilder::visitCallInst(CallInst &CI) {
visitCallSite(&CI);
}
}
void GraphBuilder::visitCallSite(CallSite CS) {
+ Value *Callee = CS.getCalledValue();
+
// Special case handling of certain libc allocation functions here.
- if (Function *F = CS.getCalledFunction())
+ if (Function *F = dyn_cast<Function>(Callee))
if (F->isExternal())
switch (F->getIntrinsicID()) {
+ case Intrinsic::vastart:
+ getValueDest(*CS.getInstruction()).getNode()->setAllocaNodeMarker();
+ return;
+ case Intrinsic::vacopy:
+ getValueDest(*CS.getInstruction()).
+ mergeWith(getValueDest(**(CS.arg_begin())));
+ return;
+ case Intrinsic::vaend:
+ return; // noop
case Intrinsic::memmove:
case Intrinsic::memcpy: {
// Merge the first & second arguments, and mark the memory read and
N->setModifiedMarker();
return;
default:
- if (F->getName() == "calloc") {
+ if (F->getName() == "calloc" || F->getName() == "posix_memalign" ||
+ F->getName() == "memalign" || F->getName() == "valloc") {
setDestTo(*CS.getInstruction(),
createNode()->setHeapNodeMarker()->setModifiedMarker());
return;
if (DSNode *N = RetNH.getNode())
N->setHeapNodeMarker()->setModifiedMarker()->setReadMarker();
return;
+ } else if (F->getName() == "memmove") {
+ // Merge the first & second arguments, and mark the memory read and
+ // modified.
+ DSNodeHandle RetNH = getValueDest(**CS.arg_begin());
+ RetNH.mergeWith(getValueDest(**(CS.arg_begin()+1)));
+ if (DSNode *N = RetNH.getNode())
+ N->setModifiedMarker()->setReadMarker();
+ return;
+
} else if (F->getName() == "atoi" || F->getName() == "atof" ||
F->getName() == "atol" || F->getName() == "atoll" ||
F->getName() == "remove" || F->getName() == "unlink" ||
F->getName() == "strcmp" || F->getName() == "strncmp" ||
F->getName() == "execl" || F->getName() == "execlp" ||
F->getName() == "execle" || F->getName() == "execv" ||
- F->getName() == "execvp" || F->getName() == "chmod") {
+ F->getName() == "execvp" || F->getName() == "chmod" ||
+ F->getName() == "puts" || F->getName() == "write" ||
+ F->getName() == "open" || F->getName() == "create" ||
+ F->getName() == "truncate" || F->getName() == "chdir" ||
+ F->getName() == "mkdir" || F->getName() == "rmdir") {
// These functions read all of their pointer operands.
for (CallSite::arg_iterator AI = CS.arg_begin(), E = CS.arg_end();
AI != E; ++AI) {
N->setReadMarker();
}
return;
+ } else if (F->getName() == "read" || F->getName() == "pipe" ||
+ F->getName() == "wait" || F->getName() == "time") {
+ // These functions write all of their pointer operands.
+ for (CallSite::arg_iterator AI = CS.arg_begin(), E = CS.arg_end();
+ AI != E; ++AI) {
+ if (isPointerType((*AI)->getType()))
+ if (DSNode *N = getValueDest(**AI).getNode())
+ N->setModifiedMarker();
+ }
+ return;
} else if (F->getName() == "stat" || F->getName() == "fstat" ||
F->getName() == "lstat") {
// These functions read their first operand if its a pointer.
if (const PointerType *PTy = dyn_cast<PointerType>(StatTy))
N->mergeTypeInfo(PTy->getElementType(), StatBuf.getOffset());
}
-
-
return;
- } else if (F->getName() == "fopen" || F->getName() == "fdopen") {
- // fopen reads the mode argument strings.
- CallSite::arg_iterator AI = CS.arg_begin();
- if (isPointerType((*AI)->getType())) {
- DSNodeHandle Path = getValueDest(**AI);
- if (DSNode *N = Path.getNode()) N->setReadMarker();
+ } else if (F->getName() == "strtod" || F->getName() == "strtof" ||
+ F->getName() == "strtold") {
+ // These functions read the first pointer
+ if (DSNode *Str = getValueDest(**CS.arg_begin()).getNode()) {
+ Str->setReadMarker();
+ // If the second parameter is passed, it will point to the first
+ // argument node.
+ const DSNodeHandle &EndPtrNH = getValueDest(**(CS.arg_begin()+1));
+ if (DSNode *End = EndPtrNH.getNode()) {
+ End->mergeTypeInfo(PointerType::get(Type::SByteTy),
+ EndPtrNH.getOffset(), false);
+ End->setModifiedMarker();
+ DSNodeHandle &Link = getLink(EndPtrNH);
+ Link.mergeWith(getValueDest(**CS.arg_begin()));
+ }
}
- DSNodeHandle Mode = getValueDest(**++AI);
- if (DSNode *N = Mode.getNode()) N->setReadMarker();
+ return;
+ } else if (F->getName() == "fopen" || F->getName() == "fdopen" ||
+ F->getName() == "freopen") {
+ // These functions read all of their pointer operands.
+ for (CallSite::arg_iterator AI = CS.arg_begin(), E = CS.arg_end();
+ AI != E; ++AI)
+ if (isPointerType((*AI)->getType()))
+ if (DSNode *N = getValueDest(**AI).getNode())
+ N->setReadMarker();
// fopen allocates in an unknown way and writes to the file
// descriptor. Also, merge the allocated type into the node.
if (const PointerType *PTy = dyn_cast<PointerType>(RetTy))
N->mergeTypeInfo(PTy->getElementType(), Result.getOffset());
}
+
+ // If this is freopen, merge the file descriptor passed in with the
+ // result.
+ if (F->getName() == "freopen")
+ Result.mergeWith(getValueDest(**--CS.arg_end()));
+
return;
} else if (F->getName() == "fclose" && CS.arg_end()-CS.arg_begin() ==1){
// fclose reads and deallocates the memory in an unknown way for the
} else if (CS.arg_end()-CS.arg_begin() == 1 &&
(F->getName() == "fflush" || F->getName() == "feof" ||
F->getName() == "fileno" || F->getName() == "clearerr" ||
- F->getName() == "rewind" || F->getName() == "ftell")) {
+ F->getName() == "rewind" || F->getName() == "ftell" ||
+ F->getName() == "ferror" || F->getName() == "fgetc" ||
+ F->getName() == "fgetc" || F->getName() == "_IO_getc")) {
// fflush reads and writes the memory for the file descriptor. It
// merges the FILE type into the descriptor.
DSNodeHandle H = getValueDest(**CS.arg_begin());
N->mergeTypeInfo(PTy->getElementType(), H.getOffset());
}
return;
- } else if (F->getName() == "ungetc" &&CS.arg_end()-CS.arg_begin() == 2){
- // ungetc reads and writes the memory for the file descriptor.
+ } else if (F->getName() == "ungetc" || F->getName() == "fputc" ||
+ F->getName() == "fputs" || F->getName() == "putc" ||
+ F->getName() == "ftell" || F->getName() == "rewind" ||
+ F->getName() == "_IO_putc") {
+ // These functions read and write the memory for the file descriptor,
+ // which is passes as the last argument.
DSNodeHandle H = getValueDest(**--CS.arg_end());
if (DSNode *N = H.getNode()) {
N->setReadMarker()->setModifiedMarker();
- const Type *ArgTy = F->getFunctionType()->getParamType(1);
+ const Type *ArgTy = *--F->getFunctionType()->param_end();
+ if (const PointerType *PTy = dyn_cast<PointerType>(ArgTy))
+ N->mergeTypeInfo(PTy->getElementType(), H.getOffset());
+ }
+
+ // Any pointer arguments are read.
+ for (CallSite::arg_iterator AI = CS.arg_begin(), E = CS.arg_end();
+ AI != E; ++AI)
+ if (isPointerType((*AI)->getType()))
+ if (DSNode *N = getValueDest(**AI).getNode())
+ N->setReadMarker();
+ return;
+ } else if (F->getName() == "fseek" || F->getName() == "fgetpos" ||
+ F->getName() == "fsetpos") {
+ // These functions read and write the memory for the file descriptor,
+ // and read/write all other arguments.
+ DSNodeHandle H = getValueDest(**CS.arg_begin());
+ if (DSNode *N = H.getNode()) {
+ const Type *ArgTy = *--F->getFunctionType()->param_end();
if (const PointerType *PTy = dyn_cast<PointerType>(ArgTy))
N->mergeTypeInfo(PTy->getElementType(), H.getOffset());
}
+
+ // Any pointer arguments are read.
+ for (CallSite::arg_iterator AI = CS.arg_begin(), E = CS.arg_end();
+ AI != E; ++AI)
+ if (isPointerType((*AI)->getType()))
+ if (DSNode *N = getValueDest(**AI).getNode())
+ N->setReadMarker()->setModifiedMarker();
return;
} else if (F->getName() == "printf" || F->getName() == "fprintf" ||
F->getName() == "sprintf") {
if (DSNode *N = getValueDest(**AI).getNode())
N->setReadMarker();
}
+ return;
+ } else if (F->getName() == "vprintf" || F->getName() == "vfprintf" ||
+ F->getName() == "vsprintf") {
+ CallSite::arg_iterator AI = CS.arg_begin(), E = CS.arg_end();
+
+ if (F->getName() == "vfprintf") {
+ // ffprintf reads and writes the FILE argument, and applies the type
+ // to it.
+ DSNodeHandle H = getValueDest(**AI);
+ if (DSNode *N = H.getNode()) {
+ N->setModifiedMarker()->setReadMarker();
+ const Type *ArgTy = (*AI)->getType();
+ if (const PointerType *PTy = dyn_cast<PointerType>(ArgTy))
+ N->mergeTypeInfo(PTy->getElementType(), H.getOffset());
+ }
+ ++AI;
+ } else if (F->getName() == "vsprintf") {
+ // vsprintf writes the first string argument.
+ DSNodeHandle H = getValueDest(**AI++);
+ if (DSNode *N = H.getNode()) {
+ N->setModifiedMarker();
+ const Type *ArgTy = (*AI)->getType();
+ if (const PointerType *PTy = dyn_cast<PointerType>(ArgTy))
+ N->mergeTypeInfo(PTy->getElementType(), H.getOffset());
+ }
+ }
+
+ // Read the format
+ if (AI != E) {
+ if (isPointerType((*AI)->getType()))
+ if (DSNode *N = getValueDest(**AI).getNode())
+ N->setReadMarker();
+ ++AI;
+ }
+
+ // Read the valist, and the pointed-to objects.
+ if (AI != E && isPointerType((*AI)->getType())) {
+ const DSNodeHandle &VAList = getValueDest(**AI);
+ if (DSNode *N = VAList.getNode()) {
+ N->setReadMarker();
+ N->mergeTypeInfo(PointerType::get(Type::SByteTy),
+ VAList.getOffset(), false);
+
+ DSNodeHandle &VAListObjs = getLink(VAList);
+ VAListObjs.getNode()->setReadMarker();
+ }
+ }
+
return;
} else if (F->getName() == "scanf" || F->getName() == "fscanf" ||
F->getName() == "sscanf") {
N->mergeTypeInfo(PTy->getElementType(), H.getOffset());
}
return;
- } else if (F->getName() == "strchr" || F->getName() == "strrchr") {
- // These read their first argument, and return it.
+ } else if (F->getName() == "strchr" || F->getName() == "strrchr" ||
+ F->getName() == "strstr") {
+ // These read their arguments, and return the first one
DSNodeHandle H = getValueDest(**CS.arg_begin());
+ H.mergeWith(getValueDest(*CS.getInstruction())); // Returns buffer
+
+ for (CallSite::arg_iterator AI = CS.arg_begin(), E = CS.arg_end();
+ AI != E; ++AI)
+ if (isPointerType((*AI)->getType()))
+ if (DSNode *N = getValueDest(**AI).getNode())
+ N->setReadMarker();
+
if (DSNode *N = H.getNode())
N->setReadMarker();
- H.mergeWith(getValueDest(*CS.getInstruction())); // Returns buffer
return;
-
+ } else if (F->getName() == "modf" && CS.arg_end()-CS.arg_begin() == 2) {
+ // This writes its second argument, and forces it to double.
+ DSNodeHandle H = getValueDest(**--CS.arg_end());
+ if (DSNode *N = H.getNode()) {
+ N->setModifiedMarker();
+ N->mergeTypeInfo(Type::DoubleTy, H.getOffset());
+ }
+ return;
} else {
// Unknown function, warn if it returns a pointer type or takes a
// pointer argument.
if (isPointerType(I->getType()))
RetVal = getValueDest(*I);
- DSNode *Callee = 0;
- if (DisableDirectCallOpt || !isa<Function>(CS.getCalledValue())) {
- Callee = getValueDest(*CS.getCalledValue()).getNode();
- if (Callee == 0) {
- std::cerr << "WARNING: Program is calling through a null pointer?\n"
- << *I;
+ DSNode *CalleeNode = 0;
+ if (DisableDirectCallOpt || !isa<Function>(Callee)) {
+ CalleeNode = getValueDest(*Callee).getNode();
+ if (CalleeNode == 0) {
+ std::cerr << "WARNING: Program is calling through a null pointer?\n"<< *I;
return; // Calling a null pointer?
}
}
Args.push_back(getValueDest(**I));
// Add a new function call entry...
- if (Callee)
- FunctionCalls->push_back(DSCallSite(CS, RetVal, Callee, Args));
+ if (CalleeNode)
+ FunctionCalls->push_back(DSCallSite(CS, RetVal, CalleeNode, Args));
else
- FunctionCalls->push_back(DSCallSite(CS, RetVal, CS.getCalledFunction(),
+ FunctionCalls->push_back(DSCallSite(CS, RetVal, cast<Function>(Callee),
Args));
}
const TargetData &TD = getAnalysis<TargetData>();
+ {
+ GraphBuilder GGB(*GlobalsGraph);
+
+ // Add initializers for all of the globals to the globals graph...
+ for (Module::giterator I = M.gbegin(), E = M.gend(); I != E; ++I)
+ if (!I->isExternal())
+ GGB.mergeInGlobalInitializer(I);
+ }
+
// Calculate all of the graphs...
for (Module::iterator I = M.begin(), E = M.end(); I != E; ++I)
if (!I->isExternal())
DSInfo.insert(std::make_pair(I, new DSGraph(TD, *I, GlobalsGraph)));
- GraphBuilder GGB(*GlobalsGraph);
-
- // Add initializers for all of the globals to the globals graph...
- for (Module::giterator I = M.gbegin(), E = M.gend(); I != E; ++I)
- if (!I->isExternal())
- GGB.mergeInGlobalInitializer(I);
-
GlobalsGraph->removeTriviallyDeadNodes();
GlobalsGraph->markIncompleteNodes(DSGraph::MarkFormalArgs);
return false;
projects / oota-llvm.git / blobdiff