1 //===------ MemoryBuiltins.cpp - Identify calls to memory builtins --------===//
3 // The LLVM Compiler Infrastructure
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
8 //===----------------------------------------------------------------------===//
10 // This family of functions identifies calls to builtin functions that allocate
13 //===----------------------------------------------------------------------===//
15 #include "llvm/Analysis/MemoryBuiltins.h"
16 #include "llvm/Constants.h"
17 #include "llvm/Instructions.h"
18 #include "llvm/Module.h"
19 #include "llvm/Analysis/ValueTracking.h"
20 #include "llvm/Target/TargetData.h"
23 //===----------------------------------------------------------------------===//
24 // malloc Call Utility Functions.
27 /// isMalloc - Returns true if the value is either a malloc call or a
28 /// bitcast of the result of a malloc call.
29 bool llvm::isMalloc(const Value *I) {
30 return extractMallocCall(I) || extractMallocCallFromBitCast(I);
33 static bool isMallocCall(const CallInst *CI) {
37 Function *Callee = CI->getCalledFunction();
38 if (Callee == 0 || !Callee->isDeclaration())
40 if (Callee->getName() != "malloc" &&
41 Callee->getName() != "_Znwj" && Callee->getName() != "_Znwm" &&
42 Callee->getName() != "_Znaj" && Callee->getName() != "_Znam")
45 // Check malloc prototype.
46 // FIXME: workaround for PR5130, this will be obsolete when a nobuiltin
47 // attribute will exist.
48 const FunctionType *FTy = Callee->getFunctionType();
49 if (FTy->getNumParams() != 1)
51 if (IntegerType *ITy = dyn_cast<IntegerType>(FTy->param_begin()->get())) {
52 if (ITy->getBitWidth() != 32 && ITy->getBitWidth() != 64)
60 /// extractMallocCall - Returns the corresponding CallInst if the instruction
61 /// is a malloc call. Since CallInst::CreateMalloc() only creates calls, we
62 /// ignore InvokeInst here.
63 const CallInst *llvm::extractMallocCall(const Value *I) {
64 const CallInst *CI = dyn_cast<CallInst>(I);
65 return (isMallocCall(CI)) ? CI : NULL;
68 CallInst *llvm::extractMallocCall(Value *I) {
69 CallInst *CI = dyn_cast<CallInst>(I);
70 return (isMallocCall(CI)) ? CI : NULL;
73 static bool isBitCastOfMallocCall(const BitCastInst *BCI) {
77 return isMallocCall(dyn_cast<CallInst>(BCI->getOperand(0)));
80 /// extractMallocCallFromBitCast - Returns the corresponding CallInst if the
81 /// instruction is a bitcast of the result of a malloc call.
82 CallInst *llvm::extractMallocCallFromBitCast(Value *I) {
83 BitCastInst *BCI = dyn_cast<BitCastInst>(I);
84 return (isBitCastOfMallocCall(BCI)) ? cast<CallInst>(BCI->getOperand(0))
88 const CallInst *llvm::extractMallocCallFromBitCast(const Value *I) {
89 const BitCastInst *BCI = dyn_cast<BitCastInst>(I);
90 return (isBitCastOfMallocCall(BCI)) ? cast<CallInst>(BCI->getOperand(0))
94 static Value *computeArraySize(const CallInst *CI, const TargetData *TD,
95 bool LookThroughSExt = false) {
99 // The size of the malloc's result type must be known to determine array size.
100 const Type *T = getMallocAllocatedType(CI);
101 if (!T || !T->isSized() || !TD)
104 unsigned ElementSize = TD->getTypeAllocSize(T);
105 if (const StructType *ST = dyn_cast<StructType>(T))
106 ElementSize = TD->getStructLayout(ST)->getSizeInBytes();
108 // If malloc call's arg can be determined to be a multiple of ElementSize,
109 // return the multiple. Otherwise, return NULL.
110 Value *MallocArg = CI->getArgOperand(0);
111 Value *Multiple = NULL;
112 if (ComputeMultiple(MallocArg, ElementSize, Multiple,
119 /// isArrayMalloc - Returns the corresponding CallInst if the instruction
120 /// is a call to malloc whose array size can be determined and the array size
121 /// is not constant 1. Otherwise, return NULL.
122 const CallInst *llvm::isArrayMalloc(const Value *I, const TargetData *TD) {
123 const CallInst *CI = extractMallocCall(I);
124 Value *ArraySize = computeArraySize(CI, TD);
127 ArraySize != ConstantInt::get(CI->getArgOperand(0)->getType(), 1))
130 // CI is a non-array malloc or we can't figure out that it is an array malloc.
134 /// getMallocType - Returns the PointerType resulting from the malloc call.
135 /// The PointerType depends on the number of bitcast uses of the malloc call:
136 /// 0: PointerType is the calls' return type.
137 /// 1: PointerType is the bitcast's result type.
138 /// >1: Unique PointerType cannot be determined, return NULL.
139 const PointerType *llvm::getMallocType(const CallInst *CI) {
140 assert(isMalloc(CI) && "getMallocType and not malloc call");
142 const PointerType *MallocType = NULL;
143 unsigned NumOfBitCastUses = 0;
145 // Determine if CallInst has a bitcast use.
146 for (Value::const_use_iterator UI = CI->use_begin(), E = CI->use_end();
148 if (const BitCastInst *BCI = dyn_cast<BitCastInst>(*UI++)) {
149 MallocType = cast<PointerType>(BCI->getDestTy());
153 // Malloc call has 1 bitcast use, so type is the bitcast's destination type.
154 if (NumOfBitCastUses == 1)
157 // Malloc call was not bitcast, so type is the malloc function's return type.
158 if (NumOfBitCastUses == 0)
159 return cast<PointerType>(CI->getType());
161 // Type could not be determined.
165 /// getMallocAllocatedType - Returns the Type allocated by malloc call.
166 /// The Type depends on the number of bitcast uses of the malloc call:
167 /// 0: PointerType is the malloc calls' return type.
168 /// 1: PointerType is the bitcast's result type.
169 /// >1: Unique PointerType cannot be determined, return NULL.
170 const Type *llvm::getMallocAllocatedType(const CallInst *CI) {
171 const PointerType *PT = getMallocType(CI);
172 return PT ? PT->getElementType() : NULL;
175 /// getMallocArraySize - Returns the array size of a malloc call. If the
176 /// argument passed to malloc is a multiple of the size of the malloced type,
177 /// then return that multiple. For non-array mallocs, the multiple is
178 /// constant 1. Otherwise, return NULL for mallocs whose array size cannot be
180 Value *llvm::getMallocArraySize(CallInst *CI, const TargetData *TD,
181 bool LookThroughSExt) {
182 assert(isMalloc(CI) && "getMallocArraySize and not malloc call");
183 return computeArraySize(CI, TD, LookThroughSExt);
186 //===----------------------------------------------------------------------===//
187 // free Call Utility Functions.
190 /// isFreeCall - Returns non-null if the value is a call to the builtin free()
191 const CallInst *llvm::isFreeCall(const Value *I) {
192 const CallInst *CI = dyn_cast<CallInst>(I);
195 Function *Callee = CI->getCalledFunction();
196 if (Callee == 0 || !Callee->isDeclaration())
199 if (Callee->getName() != "free" &&
200 Callee->getName() != "_Zdlj" && Callee->getName() != "_Zdlm" &&
201 Callee->getName() != "_Zdaj" && Callee->getName() != "_Zdam")
204 // Check free prototype.
205 // FIXME: workaround for PR5130, this will be obsolete when a nobuiltin
206 // attribute will exist.
207 const FunctionType *FTy = Callee->getFunctionType();
208 if (!FTy->getReturnType()->isVoidTy())
210 if (FTy->getNumParams() != 1)
212 if (FTy->param_begin()->get() != Type::getInt8PtrTy(Callee->getContext()))