clang  8.0.0svn
CGExpr.cpp
Go to the documentation of this file.
1 //===--- CGExpr.cpp - Emit LLVM Code from Expressions ---------------------===//
2 //
3 // The LLVM Compiler Infrastructure
4 //
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
7 //
8 //===----------------------------------------------------------------------===//
9 //
10 // This contains code to emit Expr nodes as LLVM code.
11 //
12 //===----------------------------------------------------------------------===//
13 
14 #include "CGCXXABI.h"
15 #include "CGCall.h"
16 #include "CGCleanup.h"
17 #include "CGDebugInfo.h"
18 #include "CGObjCRuntime.h"
19 #include "CGOpenMPRuntime.h"
20 #include "CGRecordLayout.h"
21 #include "CodeGenFunction.h"
22 #include "CodeGenModule.h"
23 #include "ConstantEmitter.h"
24 #include "TargetInfo.h"
25 #include "clang/AST/ASTContext.h"
26 #include "clang/AST/Attr.h"
27 #include "clang/AST/DeclObjC.h"
28 #include "clang/AST/NSAPI.h"
29 #include "clang/Frontend/CodeGenOptions.h"
30 #include "llvm/ADT/Hashing.h"
31 #include "llvm/ADT/StringExtras.h"
32 #include "llvm/IR/DataLayout.h"
33 #include "llvm/IR/Intrinsics.h"
34 #include "llvm/IR/LLVMContext.h"
35 #include "llvm/IR/MDBuilder.h"
36 #include "llvm/Support/ConvertUTF.h"
37 #include "llvm/Support/MathExtras.h"
38 #include "llvm/Support/Path.h"
39 #include "llvm/Transforms/Utils/SanitizerStats.h"
40 
41 #include <string>
42 
43 using namespace clang;
44 using namespace CodeGen;
45 
46 //===--------------------------------------------------------------------===//
47 // Miscellaneous Helper Methods
48 //===--------------------------------------------------------------------===//
49 
50 llvm::Value *CodeGenFunction::EmitCastToVoidPtr(llvm::Value *value) {
51  unsigned addressSpace =
52  cast<llvm::PointerType>(value->getType())->getAddressSpace();
53 
54  llvm::PointerType *destType = Int8PtrTy;
55  if (addressSpace)
56  destType = llvm::Type::getInt8PtrTy(getLLVMContext(), addressSpace);
57 
58  if (value->getType() == destType) return value;
59  return Builder.CreateBitCast(value, destType);
60 }
61 
62 /// CreateTempAlloca - This creates a alloca and inserts it into the entry
63 /// block.
64 Address CodeGenFunction::CreateTempAllocaWithoutCast(llvm::Type *Ty,
65  CharUnits Align,
66  const Twine &Name,
67  llvm::Value *ArraySize) {
68  auto Alloca = CreateTempAlloca(Ty, Name, ArraySize);
69  Alloca->setAlignment(Align.getQuantity());
70  return Address(Alloca, Align);
71 }
72 
73 /// CreateTempAlloca - This creates a alloca and inserts it into the entry
74 /// block. The alloca is casted to default address space if necessary.
75 Address CodeGenFunction::CreateTempAlloca(llvm::Type *Ty, CharUnits Align,
76  const Twine &Name,
77  llvm::Value *ArraySize,
78  Address *AllocaAddr) {
79  auto Alloca = CreateTempAllocaWithoutCast(Ty, Align, Name, ArraySize);
80  if (AllocaAddr)
81  *AllocaAddr = Alloca;
82  llvm::Value *V = Alloca.getPointer();
83  // Alloca always returns a pointer in alloca address space, which may
84  // be different from the type defined by the language. For example,
85  // in C++ the auto variables are in the default address space. Therefore
86  // cast alloca to the default address space when necessary.
87  if (getASTAllocaAddressSpace() != LangAS::Default) {
88  auto DestAddrSpace = getContext().getTargetAddressSpace(LangAS::Default);
89  llvm::IRBuilderBase::InsertPointGuard IPG(Builder);
90  // When ArraySize is nullptr, alloca is inserted at AllocaInsertPt,
91  // otherwise alloca is inserted at the current insertion point of the
92  // builder.
93  if (!ArraySize)
94  Builder.SetInsertPoint(AllocaInsertPt);
95  V = getTargetHooks().performAddrSpaceCast(
96  *this, V, getASTAllocaAddressSpace(), LangAS::Default,
97  Ty->getPointerTo(DestAddrSpace), /*non-null*/ true);
98  }
99 
100  return Address(V, Align);
101 }
102 
103 /// CreateTempAlloca - This creates an alloca and inserts it into the entry
104 /// block if \p ArraySize is nullptr, otherwise inserts it at the current
105 /// insertion point of the builder.
106 llvm::AllocaInst *CodeGenFunction::CreateTempAlloca(llvm::Type *Ty,
107  const Twine &Name,
108  llvm::Value *ArraySize) {
109  if (ArraySize)
110  return Builder.CreateAlloca(Ty, ArraySize, Name);
111  return new llvm::AllocaInst(Ty, CGM.getDataLayout().getAllocaAddrSpace(),
112  ArraySize, Name, AllocaInsertPt);
113 }
114 
115 /// CreateDefaultAlignTempAlloca - This creates an alloca with the
116 /// default alignment of the corresponding LLVM type, which is *not*
117 /// guaranteed to be related in any way to the expected alignment of
118 /// an AST type that might have been lowered to Ty.
119 Address CodeGenFunction::CreateDefaultAlignTempAlloca(llvm::Type *Ty,
120  const Twine &Name) {
121  CharUnits Align =
122  CharUnits::fromQuantity(CGM.getDataLayout().getABITypeAlignment(Ty));
123  return CreateTempAlloca(Ty, Align, Name);
124 }
125 
126 void CodeGenFunction::InitTempAlloca(Address Var, llvm::Value *Init) {
127  assert(isa<llvm::AllocaInst>(Var.getPointer()));
128  auto *Store = new llvm::StoreInst(Init, Var.getPointer());
129  Store->setAlignment(Var.getAlignment().getQuantity());
130  llvm::BasicBlock *Block = AllocaInsertPt->getParent();
131  Block->getInstList().insertAfter(AllocaInsertPt->getIterator(), Store);
132 }
133 
134 Address CodeGenFunction::CreateIRTemp(QualType Ty, const Twine &Name) {
135  CharUnits Align = getContext().getTypeAlignInChars(Ty);
136  return CreateTempAlloca(ConvertType(Ty), Align, Name);
137 }
138 
139 Address CodeGenFunction::CreateMemTemp(QualType Ty, const Twine &Name,
140  Address *Alloca) {
141  // FIXME: Should we prefer the preferred type alignment here?
142  return CreateMemTemp(Ty, getContext().getTypeAlignInChars(Ty), Name, Alloca);
143 }
144 
145 Address CodeGenFunction::CreateMemTemp(QualType Ty, CharUnits Align,
146  const Twine &Name, Address *Alloca) {
147  return CreateTempAlloca(ConvertTypeForMem(Ty), Align, Name,
148  /*ArraySize=*/nullptr, Alloca);
149 }
150 
151 Address CodeGenFunction::CreateMemTempWithoutCast(QualType Ty, CharUnits Align,
152  const Twine &Name) {
153  return CreateTempAllocaWithoutCast(ConvertTypeForMem(Ty), Align, Name);
154 }
155 
156 Address CodeGenFunction::CreateMemTempWithoutCast(QualType Ty,
157  const Twine &Name) {
158  return CreateMemTempWithoutCast(Ty, getContext().getTypeAlignInChars(Ty),
159  Name);
160 }
161 
162 /// EvaluateExprAsBool - Perform the usual unary conversions on the specified
163 /// expression and compare the result against zero, returning an Int1Ty value.
164 llvm::Value *CodeGenFunction::EvaluateExprAsBool(const Expr *E) {
165  PGO.setCurrentStmt(E);
166  if (const MemberPointerType *MPT = E->getType()->getAs<MemberPointerType>()) {
167  llvm::Value *MemPtr = EmitScalarExpr(E);
168  return CGM.getCXXABI().EmitMemberPointerIsNotNull(*this, MemPtr, MPT);
169  }
170 
171  QualType BoolTy = getContext().BoolTy;
172  SourceLocation Loc = E->getExprLoc();
173  if (!E->getType()->isAnyComplexType())
174  return EmitScalarConversion(EmitScalarExpr(E), E->getType(), BoolTy, Loc);
175 
176  return EmitComplexToScalarConversion(EmitComplexExpr(E), E->getType(), BoolTy,
177  Loc);
178 }
179 
180 /// EmitIgnoredExpr - Emit code to compute the specified expression,
181 /// ignoring the result.
182 void CodeGenFunction::EmitIgnoredExpr(const Expr *E) {
183  if (E->isRValue())
184  return (void) EmitAnyExpr(E, AggValueSlot::ignored(), true);
185 
186  // Just emit it as an l-value and drop the result.
187  EmitLValue(E);
188 }
189 
190 /// EmitAnyExpr - Emit code to compute the specified expression which
191 /// can have any type. The result is returned as an RValue struct.
192 /// If this is an aggregate expression, AggSlot indicates where the
193 /// result should be returned.
194 RValue CodeGenFunction::EmitAnyExpr(const Expr *E,
195  AggValueSlot aggSlot,
196  bool ignoreResult) {
197  switch (getEvaluationKind(E->getType())) {
198  case TEK_Scalar:
199  return RValue::get(EmitScalarExpr(E, ignoreResult));
200  case TEK_Complex:
201  return RValue::getComplex(EmitComplexExpr(E, ignoreResult, ignoreResult));
202  case TEK_Aggregate:
203  if (!ignoreResult && aggSlot.isIgnored())
204  aggSlot = CreateAggTemp(E->getType(), "agg-temp");
205  EmitAggExpr(E, aggSlot);
206  return aggSlot.asRValue();
207  }
208  llvm_unreachable("bad evaluation kind");
209 }
210 
211 /// EmitAnyExprToTemp - Similar to EmitAnyExpr(), however, the result will
212 /// always be accessible even if no aggregate location is provided.
213 RValue CodeGenFunction::EmitAnyExprToTemp(const Expr *E) {
214  AggValueSlot AggSlot = AggValueSlot::ignored();
215 
216  if (hasAggregateEvaluationKind(E->getType()))
217  AggSlot = CreateAggTemp(E->getType(), "agg.tmp");
218  return EmitAnyExpr(E, AggSlot);
219 }
220 
221 /// EmitAnyExprToMem - Evaluate an expression into a given memory
222 /// location.
223 void CodeGenFunction::EmitAnyExprToMem(const Expr *E,
224  Address Location,
225  Qualifiers Quals,
226  bool IsInit) {
227  // FIXME: This function should take an LValue as an argument.
228  switch (getEvaluationKind(E->getType())) {
229  case TEK_Complex:
230  EmitComplexExprIntoLValue(E, MakeAddrLValue(Location, E->getType()),
231  /*isInit*/ false);
232  return;
233 
234  case TEK_Aggregate: {
235  EmitAggExpr(E, AggValueSlot::forAddr(Location, Quals,
236  AggValueSlot::IsDestructed_t(IsInit),
237  AggValueSlot::DoesNotNeedGCBarriers,
238  AggValueSlot::IsAliased_t(!IsInit),
239  AggValueSlot::MayOverlap));
240  return;
241  }
242 
243  case TEK_Scalar: {
244  RValue RV = RValue::get(EmitScalarExpr(E, /*Ignore*/ false));
245  LValue LV = MakeAddrLValue(Location, E->getType());
246  EmitStoreThroughLValue(RV, LV);
247  return;
248  }
249  }
250  llvm_unreachable("bad evaluation kind");
251 }
252 
253 static void
254 pushTemporaryCleanup(CodeGenFunction &CGF, const MaterializeTemporaryExpr *M,
255  const Expr *E, Address ReferenceTemporary) {
256  // Objective-C++ ARC:
257  // If we are binding a reference to a temporary that has ownership, we
258  // need to perform retain/release operations on the temporary.
259  //
260  // FIXME: This should be looking at E, not M.
261  if (auto Lifetime = M->getType().getObjCLifetime()) {
262  switch (Lifetime) {
263  case Qualifiers::OCL_None:
264  case Qualifiers::OCL_ExplicitNone:
265  // Carry on to normal cleanup handling.
266  break;
267 
268  case Qualifiers::OCL_Autoreleasing:
269  // Nothing to do; cleaned up by an autorelease pool.
270  return;
271 
272  case Qualifiers::OCL_Strong:
273  case Qualifiers::OCL_Weak:
274  switch (StorageDuration Duration = M->getStorageDuration()) {
275  case SD_Static:
276  // Note: we intentionally do not register a cleanup to release
277  // the object on program termination.
278  return;
279 
280  case SD_Thread:
281  // FIXME: We should probably register a cleanup in this case.
282  return;
283 
284  case SD_Automatic:
285  case SD_FullExpression:
286  CodeGenFunction::Destroyer *Destroy;
287  CleanupKind CleanupKind;
288  if (Lifetime == Qualifiers::OCL_Strong) {
289  const ValueDecl *VD = M->getExtendingDecl();
290  bool Precise =
291  VD && isa<VarDecl>(VD) && VD->hasAttr<ObjCPreciseLifetimeAttr>();
292  CleanupKind = CGF.getARCCleanupKind();
293  Destroy = Precise ? &CodeGenFunction::destroyARCStrongPrecise
294  : &CodeGenFunction::destroyARCStrongImprecise;
295  } else {
296  // __weak objects always get EH cleanups; otherwise, exceptions
297  // could cause really nasty crashes instead of mere leaks.
298  CleanupKind = NormalAndEHCleanup;
299  Destroy = &CodeGenFunction::destroyARCWeak;
300  }
301  if (Duration == SD_FullExpression)
302  CGF.pushDestroy(CleanupKind, ReferenceTemporary,
303  M->getType(), *Destroy,
304  CleanupKind & EHCleanup);
305  else
306  CGF.pushLifetimeExtendedDestroy(CleanupKind, ReferenceTemporary,
307  M->getType(),
308  *Destroy, CleanupKind & EHCleanup);
309  return;
310 
311  case SD_Dynamic:
312  llvm_unreachable("temporary cannot have dynamic storage duration");
313  }
314  llvm_unreachable("unknown storage duration");
315  }
316  }
317 
318  CXXDestructorDecl *ReferenceTemporaryDtor = nullptr;
319  if (const RecordType *RT =
320  E->getType()->getBaseElementTypeUnsafe()->getAs<RecordType>()) {
321  // Get the destructor for the reference temporary.
322  auto *ClassDecl = cast<CXXRecordDecl>(RT->getDecl());
323  if (!ClassDecl->hasTrivialDestructor())
324  ReferenceTemporaryDtor = ClassDecl->getDestructor();
325  }
326 
327  if (!ReferenceTemporaryDtor)
328  return;
329 
330  // Call the destructor for the temporary.
331  switch (M->getStorageDuration()) {
332  case SD_Static:
333  case SD_Thread: {
334  llvm::Constant *CleanupFn;
335  llvm::Constant *CleanupArg;
336  if (E->getType()->isArrayType()) {
337  CleanupFn = CodeGenFunction(CGF.CGM).generateDestroyHelper(
338  ReferenceTemporary, E->getType(),
339  CodeGenFunction::destroyCXXObject, CGF.getLangOpts().Exceptions,
340  dyn_cast_or_null<VarDecl>(M->getExtendingDecl()));
341  CleanupArg = llvm::Constant::getNullValue(CGF.Int8PtrTy);
342  } else {
343  CleanupFn = CGF.CGM.getAddrOfCXXStructor(ReferenceTemporaryDtor,
344  StructorType::Complete);
345  CleanupArg = cast<llvm::Constant>(ReferenceTemporary.getPointer());
346  }
347  CGF.CGM.getCXXABI().registerGlobalDtor(
348  CGF, *cast<VarDecl>(M->getExtendingDecl()), CleanupFn, CleanupArg);
349  break;
350  }
351 
352  case SD_FullExpression:
353  CGF.pushDestroy(NormalAndEHCleanup, ReferenceTemporary, E->getType(),
354  CodeGenFunction::destroyCXXObject,
355  CGF.getLangOpts().Exceptions);
356  break;
357 
358  case SD_Automatic:
359  CGF.pushLifetimeExtendedDestroy(NormalAndEHCleanup,
360  ReferenceTemporary, E->getType(),
361  CodeGenFunction::destroyCXXObject,
362  CGF.getLangOpts().Exceptions);
363  break;
364 
365  case SD_Dynamic:
366  llvm_unreachable("temporary cannot have dynamic storage duration");
367  }
368 }
369 
370 static Address createReferenceTemporary(CodeGenFunction &CGF,
371  const MaterializeTemporaryExpr *M,
372  const Expr *Inner,
373  Address *Alloca = nullptr) {
374  auto &TCG = CGF.getTargetHooks();
375  switch (M->getStorageDuration()) {
376  case SD_FullExpression:
377  case SD_Automatic: {
378  // If we have a constant temporary array or record try to promote it into a
379  // constant global under the same rules a normal constant would've been
380  // promoted. This is easier on the optimizer and generally emits fewer
381  // instructions.
382  QualType Ty = Inner->getType();
383  if (CGF.CGM.getCodeGenOpts().MergeAllConstants &&
384  (Ty->isArrayType() || Ty->isRecordType()) &&
385  CGF.CGM.isTypeConstant(Ty, true))
386  if (auto Init = ConstantEmitter(CGF).tryEmitAbstract(Inner, Ty)) {
387  if (auto AddrSpace = CGF.getTarget().getConstantAddressSpace()) {
388  auto AS = AddrSpace.getValue();
389  auto *GV = new llvm::GlobalVariable(
390  CGF.CGM.getModule(), Init->getType(), /*isConstant=*/true,
391  llvm::GlobalValue::PrivateLinkage, Init, ".ref.tmp", nullptr,
392  llvm::GlobalValue::NotThreadLocal,
393  CGF.getContext().getTargetAddressSpace(AS));
394  CharUnits alignment = CGF.getContext().getTypeAlignInChars(Ty);
395  GV->setAlignment(alignment.getQuantity());
396  llvm::Constant *C = GV;
397  if (AS != LangAS::Default)
398  C = TCG.performAddrSpaceCast(
399  CGF.CGM, GV, AS, LangAS::Default,
400  GV->getValueType()->getPointerTo(
401  CGF.getContext().getTargetAddressSpace(LangAS::Default)));
402  // FIXME: Should we put the new global into a COMDAT?
403  return Address(C, alignment);
404  }
405  }
406  return CGF.CreateMemTemp(Ty, "ref.tmp", Alloca);
407  }
408  case SD_Thread:
409  case SD_Static:
410  return CGF.CGM.GetAddrOfGlobalTemporary(M, Inner);
411 
412  case SD_Dynamic:
413  llvm_unreachable("temporary can't have dynamic storage duration");
414  }
415  llvm_unreachable("unknown storage duration");
416 }
417 
418 LValue CodeGenFunction::
419 EmitMaterializeTemporaryExpr(const MaterializeTemporaryExpr *M) {
420  const Expr *E = M->GetTemporaryExpr();
421 
422  // FIXME: ideally this would use EmitAnyExprToMem, however, we cannot do so
423  // as that will cause the lifetime adjustment to be lost for ARC
424  auto ownership = M->getType().getObjCLifetime();
425  if (ownership != Qualifiers::OCL_None &&
426  ownership != Qualifiers::OCL_ExplicitNone) {
427  Address Object = createReferenceTemporary(*this, M, E);
428  if (auto *Var = dyn_cast<llvm::GlobalVariable>(Object.getPointer())) {
429  Object = Address(llvm::ConstantExpr::getBitCast(Var,
430  ConvertTypeForMem(E->getType())
431  ->getPointerTo(Object.getAddressSpace())),
432  Object.getAlignment());
433 
434  // createReferenceTemporary will promote the temporary to a global with a
435  // constant initializer if it can. It can only do this to a value of
436  // ARC-manageable type if the value is global and therefore "immune" to
437  // ref-counting operations. Therefore we have no need to emit either a
438  // dynamic initialization or a cleanup and we can just return the address
439  // of the temporary.
440  if (Var->hasInitializer())
441  return MakeAddrLValue(Object, M->getType(), AlignmentSource::Decl);
442 
443  Var->setInitializer(CGM.EmitNullConstant(E->getType()));
444  }
445  LValue RefTempDst = MakeAddrLValue(Object, M->getType(),
446  AlignmentSource::Decl);
447 
448  switch (getEvaluationKind(E->getType())) {
449  default: llvm_unreachable("expected scalar or aggregate expression");
450  case TEK_Scalar:
451  EmitScalarInit(E, M->getExtendingDecl(), RefTempDst, false);
452  break;
453  case TEK_Aggregate: {
454  EmitAggExpr(E, AggValueSlot::forAddr(Object,
455  E->getType().getQualifiers(),
456  AggValueSlot::IsDestructed,
457  AggValueSlot::DoesNotNeedGCBarriers,
458  AggValueSlot::IsNotAliased,
459  AggValueSlot::DoesNotOverlap));
460  break;
461  }
462  }
463 
464  pushTemporaryCleanup(*this, M, E, Object);
465  return RefTempDst;
466  }
467 
468  SmallVector<const Expr *, 2> CommaLHSs;
469  SmallVector<SubobjectAdjustment, 2> Adjustments;
470  E = E->skipRValueSubobjectAdjustments(CommaLHSs, Adjustments);
471 
472  for (const auto &Ignored : CommaLHSs)
473  EmitIgnoredExpr(Ignored);
474 
475  if (const auto *opaque = dyn_cast<OpaqueValueExpr>(E)) {
476  if (opaque->getType()->isRecordType()) {
477  assert(Adjustments.empty());
478  return EmitOpaqueValueLValue(opaque);
479  }
480  }
481 
482  // Create and initialize the reference temporary.
483  Address Alloca = Address::invalid();
484  Address Object = createReferenceTemporary(*this, M, E, &Alloca);
485  if (auto *Var = dyn_cast<llvm::GlobalVariable>(
486  Object.getPointer()->stripPointerCasts())) {
487  Object = Address(llvm::ConstantExpr::getBitCast(
488  cast<llvm::Constant>(Object.getPointer()),
489  ConvertTypeForMem(E->getType())->getPointerTo()),
490  Object.getAlignment());
491  // If the temporary is a global and has a constant initializer or is a
492  // constant temporary that we promoted to a global, we may have already
493  // initialized it.
494  if (!Var->hasInitializer()) {
495  Var->setInitializer(CGM.EmitNullConstant(E->getType()));
496  EmitAnyExprToMem(E, Object, Qualifiers(), /*IsInit*/true);
497  }
498  } else {
499  switch (M->getStorageDuration()) {
500  case SD_Automatic:
501  if (auto *Size = EmitLifetimeStart(
502  CGM.getDataLayout().getTypeAllocSize(Alloca.getElementType()),
503  Alloca.getPointer())) {
504  pushCleanupAfterFullExpr<CallLifetimeEnd>(NormalEHLifetimeMarker,
505  Alloca, Size);
506  }
507  break;
508 
509  case SD_FullExpression: {
510  if (!ShouldEmitLifetimeMarkers)
511  break;
512 
513  // Avoid creating a conditional cleanup just to hold an llvm.lifetime.end
514  // marker. Instead, start the lifetime of a conditional temporary earlier
515  // so that it's unconditional. Don't do this in ASan's use-after-scope
516  // mode so that it gets the more precise lifetime marks. If the type has
517  // a non-trivial destructor, we'll have a cleanup block for it anyway,
518  // so this typically doesn't help; skip it in that case.
519  ConditionalEvaluation *OldConditional = nullptr;
520  CGBuilderTy::InsertPoint OldIP;
521  if (isInConditionalBranch() && !E->getType().isDestructedType() &&
522  !CGM.getCodeGenOpts().SanitizeAddressUseAfterScope) {
523  OldConditional = OutermostConditional;
524  OutermostConditional = nullptr;
525 
526  OldIP = Builder.saveIP();
527  llvm::BasicBlock *Block = OldConditional->getStartingBlock();
528  Builder.restoreIP(CGBuilderTy::InsertPoint(
529  Block, llvm::BasicBlock::iterator(Block->back())));
530  }
531 
532  if (auto *Size = EmitLifetimeStart(
533  CGM.getDataLayout().getTypeAllocSize(Alloca.getElementType()),
534  Alloca.getPointer())) {
535  pushFullExprCleanup<CallLifetimeEnd>(NormalEHLifetimeMarker, Alloca,
536  Size);
537  }
538 
539  if (OldConditional) {
540  OutermostConditional = OldConditional;
541  Builder.restoreIP(OldIP);
542  }
543  break;
544  }
545 
546  default:
547  break;
548  }
549  EmitAnyExprToMem(E, Object, Qualifiers(), /*IsInit*/true);
550  }
551  pushTemporaryCleanup(*this, M, E, Object);
552 
553  // Perform derived-to-base casts and/or field accesses, to get from the
554  // temporary object we created (and, potentially, for which we extended
555  // the lifetime) to the subobject we're binding the reference to.
556  for (unsigned I = Adjustments.size(); I != 0; --I) {
557  SubobjectAdjustment &Adjustment = Adjustments[I-1];
558  switch (Adjustment.Kind) {
559  case SubobjectAdjustment::DerivedToBaseAdjustment:
560  Object =
561  GetAddressOfBaseClass(Object, Adjustment.DerivedToBase.DerivedClass,
562  Adjustment.DerivedToBase.BasePath->path_begin(),
563  Adjustment.DerivedToBase.BasePath->path_end(),
564  /*NullCheckValue=*/ false, E->getExprLoc());
565  break;
566 
567  case SubobjectAdjustment::FieldAdjustment: {
568  LValue LV = MakeAddrLValue(Object, E->getType(), AlignmentSource::Decl);
569  LV = EmitLValueForField(LV, Adjustment.Field);
570  assert(LV.isSimple() &&
571  "materialized temporary field is not a simple lvalue");
572  Object = LV.getAddress();
573  break;
574  }
575 
576  case SubobjectAdjustment::MemberPointerAdjustment: {
577  llvm::Value *Ptr = EmitScalarExpr(Adjustment.Ptr.RHS);
578  Object = EmitCXXMemberDataPointerAddress(E, Object, Ptr,
579  Adjustment.Ptr.MPT);
580  break;
581  }
582  }
583  }
584 
585  return MakeAddrLValue(Object, M->getType(), AlignmentSource::Decl);
586 }
587 
588 RValue
589 CodeGenFunction::EmitReferenceBindingToExpr(const Expr *E) {
590  // Emit the expression as an lvalue.
591  LValue LV = EmitLValue(E);
592  assert(LV.isSimple());
593  llvm::Value *Value = LV.getPointer();
594 
595  if (sanitizePerformTypeCheck() && !E->getType()->isFunctionType()) {
596  // C++11 [dcl.ref]p5 (as amended by core issue 453):
597  // If a glvalue to which a reference is directly bound designates neither
598  // an existing object or function of an appropriate type nor a region of
599  // storage of suitable size and alignment to contain an object of the
600  // reference's type, the behavior is undefined.
601  QualType Ty = E->getType();
602  EmitTypeCheck(TCK_ReferenceBinding, E->getExprLoc(), Value, Ty);
603  }
604 
605  return RValue::get(Value);
606 }
607 
608 
609 /// getAccessedFieldNo - Given an encoded value and a result number, return the
610 /// input field number being accessed.
611 unsigned CodeGenFunction::getAccessedFieldNo(unsigned Idx,
612  const llvm::Constant *Elts) {
613  return cast<llvm::ConstantInt>(Elts->getAggregateElement(Idx))
614  ->getZExtValue();
615 }
616 
617 /// Emit the hash_16_bytes function from include/llvm/ADT/Hashing.h.
618 static llvm::Value *emitHash16Bytes(CGBuilderTy &Builder, llvm::Value *Low,
619  llvm::Value *High) {
620  llvm::Value *KMul = Builder.getInt64(0x9ddfea08eb382d69ULL);
621  llvm::Value *K47 = Builder.getInt64(47);
622  llvm::Value *A0 = Builder.CreateMul(Builder.CreateXor(Low, High), KMul);
623  llvm::Value *A1 = Builder.CreateXor(Builder.CreateLShr(A0, K47), A0);
624  llvm::Value *B0 = Builder.CreateMul(Builder.CreateXor(High, A1), KMul);
625  llvm::Value *B1 = Builder.CreateXor(Builder.CreateLShr(B0, K47), B0);
626  return Builder.CreateMul(B1, KMul);
627 }
628 
629 bool CodeGenFunction::isNullPointerAllowed(TypeCheckKind TCK) {
630  return TCK == TCK_DowncastPointer || TCK == TCK_Upcast ||
631  TCK == TCK_UpcastToVirtualBase || TCK == TCK_DynamicOperation;
632 }
633 
634 bool CodeGenFunction::isVptrCheckRequired(TypeCheckKind TCK, QualType Ty) {
635  CXXRecordDecl *RD = Ty->getAsCXXRecordDecl();
636  return (RD && RD->hasDefinition() && RD->isDynamicClass()) &&
637  (TCK == TCK_MemberAccess || TCK == TCK_MemberCall ||
638  TCK == TCK_DowncastPointer || TCK == TCK_DowncastReference ||
639  TCK == TCK_UpcastToVirtualBase || TCK == TCK_DynamicOperation);
640 }
641 
642 bool CodeGenFunction::sanitizePerformTypeCheck() const {
643  return SanOpts.has(SanitizerKind::Null) |
644  SanOpts.has(SanitizerKind::Alignment) |
645  SanOpts.has(SanitizerKind::ObjectSize) |
646  SanOpts.has(SanitizerKind::Vptr);
647 }
648 
649 void CodeGenFunction::EmitTypeCheck(TypeCheckKind TCK, SourceLocation Loc,
650  llvm::Value *Ptr, QualType Ty,
651  CharUnits Alignment,
652  SanitizerSet SkippedChecks) {
653  if (!sanitizePerformTypeCheck())
654  return;
655 
656  // Don't check pointers outside the default address space. The null check
657  // isn't correct, the object-size check isn't supported by LLVM, and we can't
658  // communicate the addresses to the runtime handler for the vptr check.
659  if (Ptr->getType()->getPointerAddressSpace())
660  return;
661 
662  // Don't check pointers to volatile data. The behavior here is implementation-
663  // defined.
664  if (Ty.isVolatileQualified())
665  return;
666 
667  SanitizerScope SanScope(this);
668 
669  SmallVector<std::pair<llvm::Value *, SanitizerMask>, 3> Checks;
670  llvm::BasicBlock *Done = nullptr;
671 
672  // Quickly determine whether we have a pointer to an alloca. It's possible
673  // to skip null checks, and some alignment checks, for these pointers. This
674  // can reduce compile-time significantly.
675  auto PtrToAlloca =
676  dyn_cast<llvm::AllocaInst>(Ptr->stripPointerCastsNoFollowAliases());
677 
678  llvm::Value *True = llvm::ConstantInt::getTrue(getLLVMContext());
679  llvm::Value *IsNonNull = nullptr;
680  bool IsGuaranteedNonNull =
681  SkippedChecks.has(SanitizerKind::Null) || PtrToAlloca;
682  bool AllowNullPointers = isNullPointerAllowed(TCK);
683  if ((SanOpts.has(SanitizerKind::Null) || AllowNullPointers) &&
684  !IsGuaranteedNonNull) {
685  // The glvalue must not be an empty glvalue.
686  IsNonNull = Builder.CreateIsNotNull(Ptr);
687 
688  // The IR builder can constant-fold the null check if the pointer points to
689  // a constant.
690  IsGuaranteedNonNull = IsNonNull == True;
691 
692  // Skip the null check if the pointer is known to be non-null.
693  if (!IsGuaranteedNonNull) {
694  if (AllowNullPointers) {
695  // When performing pointer casts, it's OK if the value is null.
696  // Skip the remaining checks in that case.
697  Done = createBasicBlock("null");
698  llvm::BasicBlock *Rest = createBasicBlock("not.null");
699  Builder.CreateCondBr(IsNonNull, Rest, Done);
700  EmitBlock(Rest);
701  } else {
702  Checks.push_back(std::make_pair(IsNonNull, SanitizerKind::Null));
703  }
704  }
705  }
706 
707  if (SanOpts.has(SanitizerKind::ObjectSize) &&
708  !SkippedChecks.has(SanitizerKind::ObjectSize) &&
709  !Ty->isIncompleteType()) {
710  uint64_t Size = getContext().getTypeSizeInChars(Ty).getQuantity();
711 
712  // The glvalue must refer to a large enough storage region.
713  // FIXME: If Address Sanitizer is enabled, insert dynamic instrumentation
714  // to check this.
715  // FIXME: Get object address space
716  llvm::Type *Tys[2] = { IntPtrTy, Int8PtrTy };
717  llvm::Value *F = CGM.getIntrinsic(llvm::Intrinsic::objectsize, Tys);
718  llvm::Value *Min = Builder.getFalse();
719  llvm::Value *NullIsUnknown = Builder.getFalse();
720  llvm::Value *CastAddr = Builder.CreateBitCast(Ptr, Int8PtrTy);
721  llvm::Value *LargeEnough = Builder.CreateICmpUGE(
722  Builder.CreateCall(F, {CastAddr, Min, NullIsUnknown}),
723  llvm::ConstantInt::get(IntPtrTy, Size));
724  Checks.push_back(std::make_pair(LargeEnough, SanitizerKind::ObjectSize));
725  }
726 
727  uint64_t AlignVal = 0;
728  llvm::Value *PtrAsInt = nullptr;
729 
730  if (SanOpts.has(SanitizerKind::Alignment) &&
731  !SkippedChecks.has(SanitizerKind::Alignment)) {
732  AlignVal = Alignment.getQuantity();
733  if (!Ty->isIncompleteType() && !AlignVal)
734  AlignVal = getContext().getTypeAlignInChars(Ty).getQuantity();
735 
736  // The glvalue must be suitably aligned.
737  if (AlignVal > 1 &&
738  (!PtrToAlloca || PtrToAlloca->getAlignment() < AlignVal)) {
739  PtrAsInt = Builder.CreatePtrToInt(Ptr, IntPtrTy);
740  llvm::Value *Align = Builder.CreateAnd(
741  PtrAsInt, llvm::ConstantInt::get(IntPtrTy, AlignVal - 1));
742  llvm::Value *Aligned =
743  Builder.CreateICmpEQ(Align, llvm::ConstantInt::get(IntPtrTy, 0));
744  if (Aligned != True)
745  Checks.push_back(std::make_pair(Aligned, SanitizerKind::Alignment));
746  }
747  }
748 
749  if (Checks.size() > 0) {
750  // Make sure we're not losing information. Alignment needs to be a power of
751  // 2
752  assert(!AlignVal || (uint64_t)1 << llvm::Log2_64(AlignVal) == AlignVal);
753  llvm::Constant *StaticData[] = {
754  EmitCheckSourceLocation(Loc), EmitCheckTypeDescriptor(Ty),
755  llvm::ConstantInt::get(Int8Ty, AlignVal ? llvm::Log2_64(AlignVal) : 1),
756  llvm::ConstantInt::get(Int8Ty, TCK)};
757  EmitCheck(Checks, SanitizerHandler::TypeMismatch, StaticData,
758  PtrAsInt ? PtrAsInt : Ptr);
759  }
760 
761  // If possible, check that the vptr indicates that there is a subobject of
762  // type Ty at offset zero within this object.
763  //
764  // C++11 [basic.life]p5,6:
765  // [For storage which does not refer to an object within its lifetime]
766  // The program has undefined behavior if:
767  // -- the [pointer or glvalue] is used to access a non-static data member
768  // or call a non-static member function
769  if (SanOpts.has(SanitizerKind::Vptr) &&
770  !SkippedChecks.has(SanitizerKind::Vptr) && isVptrCheckRequired(TCK, Ty)) {
771  // Ensure that the pointer is non-null before loading it. If there is no
772  // compile-time guarantee, reuse the run-time null check or emit a new one.
773  if (!IsGuaranteedNonNull) {
774  if (!IsNonNull)
775  IsNonNull = Builder.CreateIsNotNull(Ptr);
776  if (!Done)
777  Done = createBasicBlock("vptr.null");
778  llvm::BasicBlock *VptrNotNull = createBasicBlock("vptr.not.null");
779  Builder.CreateCondBr(IsNonNull, VptrNotNull, Done);
780  EmitBlock(VptrNotNull);
781  }
782 
783  // Compute a hash of the mangled name of the type.
784  //
785  // FIXME: This is not guaranteed to be deterministic! Move to a
786  // fingerprinting mechanism once LLVM provides one. For the time
787  // being the implementation happens to be deterministic.
788  SmallString<64> MangledName;
789  llvm::raw_svector_ostream Out(MangledName);
790  CGM.getCXXABI().getMangleContext().mangleCXXRTTI(Ty.getUnqualifiedType(),
791  Out);
792 
793  // Blacklist based on the mangled type.
794  if (!CGM.getContext().getSanitizerBlacklist().isBlacklistedType(
795  SanitizerKind::Vptr, Out.str())) {
796  llvm::hash_code TypeHash = hash_value(Out.str());
797 
798  // Load the vptr, and compute hash_16_bytes(TypeHash, vptr).
799  llvm::Value *Low = llvm::ConstantInt::get(Int64Ty, TypeHash);
800  llvm::Type *VPtrTy = llvm::PointerType::get(IntPtrTy, 0);
801  Address VPtrAddr(Builder.CreateBitCast(Ptr, VPtrTy), getPointerAlign());
802  llvm::Value *VPtrVal = Builder.CreateLoad(VPtrAddr);
803  llvm::Value *High = Builder.CreateZExt(VPtrVal, Int64Ty);
804 
805  llvm::Value *Hash = emitHash16Bytes(Builder, Low, High);
806  Hash = Builder.CreateTrunc(Hash, IntPtrTy);
807 
808  // Look the hash up in our cache.
809  const int CacheSize = 128;
810  llvm::Type *HashTable = llvm::ArrayType::get(IntPtrTy, CacheSize);
811  llvm::Value *Cache = CGM.CreateRuntimeVariable(HashTable,
812  "__ubsan_vptr_type_cache");
813  llvm::Value *Slot = Builder.CreateAnd(Hash,
814  llvm::ConstantInt::get(IntPtrTy,
815  CacheSize-1));
816  llvm::Value *Indices[] = { Builder.getInt32(0), Slot };
817  llvm::Value *CacheVal =
818  Builder.CreateAlignedLoad(Builder.CreateInBoundsGEP(Cache, Indices),
819  getPointerAlign());
820 
821  // If the hash isn't in the cache, call a runtime handler to perform the
822  // hard work of checking whether the vptr is for an object of the right
823  // type. This will either fill in the cache and return, or produce a
824  // diagnostic.
825  llvm::Value *EqualHash = Builder.CreateICmpEQ(CacheVal, Hash);
826  llvm::Constant *StaticData[] = {
827  EmitCheckSourceLocation(Loc),
828  EmitCheckTypeDescriptor(Ty),
829  CGM.GetAddrOfRTTIDescriptor(Ty.getUnqualifiedType()),
830  llvm::ConstantInt::get(Int8Ty, TCK)
831  };
832  llvm::Value *DynamicData[] = { Ptr, Hash };
833  EmitCheck(std::make_pair(EqualHash, SanitizerKind::Vptr),
834  SanitizerHandler::DynamicTypeCacheMiss, StaticData,
835  DynamicData);
836  }
837  }
838 
839  if (Done) {
840  Builder.CreateBr(Done);
841  EmitBlock(Done);
842  }
843 }
844 
845 /// Determine whether this expression refers to a flexible array member in a
846 /// struct. We disable array bounds checks for such members.
847 static bool isFlexibleArrayMemberExpr(const Expr *E) {
848  // For compatibility with existing code, we treat arrays of length 0 or
849  // 1 as flexible array members.
850  const ArrayType *AT = E->getType()->castAsArrayTypeUnsafe();
851  if (const auto *CAT = dyn_cast<ConstantArrayType>(AT)) {
852  if (CAT->getSize().ugt(1))
853  return false;
854  } else if (!isa<IncompleteArrayType>(AT))
855  return false;
856 
857  E = E->IgnoreParens();
858 
859  // A flexible array member must be the last member in the class.
860  if (const auto *ME = dyn_cast<MemberExpr>(E)) {
861  // FIXME: If the base type of the member expr is not FD->getParent(),
862  // this should not be treated as a flexible array member access.
863  if (const auto *FD = dyn_cast<FieldDecl>(ME->getMemberDecl())) {
864  RecordDecl::field_iterator FI(
865  DeclContext::decl_iterator(const_cast<FieldDecl *>(FD)));
866  return ++FI == FD->getParent()->field_end();
867  }
868  } else if (const auto *IRE = dyn_cast<ObjCIvarRefExpr>(E)) {
869  return IRE->getDecl()->getNextIvar() == nullptr;
870  }
871 
872  return false;
873 }
874 
875 llvm::Value *CodeGenFunction::LoadPassedObjectSize(const Expr *E,
876  QualType EltTy) {
877  ASTContext &C = getContext();
878  uint64_t EltSize = C.getTypeSizeInChars(EltTy).getQuantity();
879  if (!EltSize)
880  return nullptr;
881 
882  auto *ArrayDeclRef = dyn_cast<DeclRefExpr>(E->IgnoreParenImpCasts());
883  if (!ArrayDeclRef)
884  return nullptr;
885 
886  auto *ParamDecl = dyn_cast<ParmVarDecl>(ArrayDeclRef->getDecl());
887  if (!ParamDecl)
888  return nullptr;
889 
890  auto *POSAttr = ParamDecl->getAttr<PassObjectSizeAttr>();
891  if (!POSAttr)
892  return nullptr;
893 
894  // Don't load the size if it's a lower bound.
895  int POSType = POSAttr->getType();
896  if (POSType != 0 && POSType != 1)
897  return nullptr;
898 
899  // Find the implicit size parameter.
900  auto PassedSizeIt = SizeArguments.find(ParamDecl);
901  if (PassedSizeIt == SizeArguments.end())
902  return nullptr;
903 
904  const ImplicitParamDecl *PassedSizeDecl = PassedSizeIt->second;
905  assert(LocalDeclMap.count(PassedSizeDecl) && "Passed size not loadable");
906  Address AddrOfSize = LocalDeclMap.find(PassedSizeDecl)->second;
907  llvm::Value *SizeInBytes = EmitLoadOfScalar(AddrOfSize, /*Volatile=*/false,
908  C.getSizeType(), E->getExprLoc());
909  llvm::Value *SizeOfElement =
910  llvm::ConstantInt::get(SizeInBytes->getType(), EltSize);
911  return Builder.CreateUDiv(SizeInBytes, SizeOfElement);
912 }
913 
914 /// If Base is known to point to the start of an array, return the length of
915 /// that array. Return 0 if the length cannot be determined.
916 static llvm::Value *getArrayIndexingBound(
917  CodeGenFunction &CGF, const Expr *Base, QualType &IndexedType) {
918  // For the vector indexing extension, the bound is the number of elements.
919  if (const VectorType *VT = Base->getType()->getAs<VectorType>()) {
920  IndexedType = Base->getType();
921  return CGF.Builder.getInt32(VT->getNumElements());
922  }
923 
924  Base = Base->IgnoreParens();
925 
926  if (const auto *CE = dyn_cast<CastExpr>(Base)) {
927  if (CE->getCastKind() == CK_ArrayToPointerDecay &&
928  !isFlexibleArrayMemberExpr(CE->getSubExpr())) {
929  IndexedType = CE->getSubExpr()->getType();
930  const ArrayType *AT = IndexedType->castAsArrayTypeUnsafe();
931  if (const auto *CAT = dyn_cast<ConstantArrayType>(AT))
932  return CGF.Builder.getInt(CAT->getSize());
933  else if (const auto *VAT = dyn_cast<VariableArrayType>(AT))
934  return CGF.getVLASize(VAT).NumElts;
935  // Ignore pass_object_size here. It's not applicable on decayed pointers.
936  }
937  }
938 
939  QualType EltTy{Base->getType()->getPointeeOrArrayElementType(), 0};
940  if (llvm::Value *POS = CGF.LoadPassedObjectSize(Base, EltTy)) {
941  IndexedType = Base->getType();
942  return POS;
943  }
944 
945  return nullptr;
946 }
947 
948 void CodeGenFunction::EmitBoundsCheck(const Expr *E, const Expr *Base,
949  llvm::Value *Index, QualType IndexType,
950  bool Accessed) {
951  assert(SanOpts.has(SanitizerKind::ArrayBounds) &&
952  "should not be called unless adding bounds checks");
953  SanitizerScope SanScope(this);
954 
955  QualType IndexedType;
956  llvm::Value *Bound = getArrayIndexingBound(*this, Base, IndexedType);
957  if (!Bound)
958  return;
959 
960  bool IndexSigned = IndexType->isSignedIntegerOrEnumerationType();
961  llvm::Value *IndexVal = Builder.CreateIntCast(Index, SizeTy, IndexSigned);
962  llvm::Value *BoundVal = Builder.CreateIntCast(Bound, SizeTy, false);
963 
964  llvm::Constant *StaticData[] = {
965  EmitCheckSourceLocation(E->getExprLoc()),
966  EmitCheckTypeDescriptor(IndexedType),
967  EmitCheckTypeDescriptor(IndexType)
968  };
969  llvm::Value *Check = Accessed ? Builder.CreateICmpULT(IndexVal, BoundVal)
970  : Builder.CreateICmpULE(IndexVal, BoundVal);
971  EmitCheck(std::make_pair(Check, SanitizerKind::ArrayBounds),
972  SanitizerHandler::OutOfBounds, StaticData, Index);
973 }
974 
975 
976 CodeGenFunction::ComplexPairTy CodeGenFunction::
977 EmitComplexPrePostIncDec(const UnaryOperator *E, LValue LV,
978  bool isInc, bool isPre) {
979  ComplexPairTy InVal = EmitLoadOfComplex(LV, E->getExprLoc());
980 
981  llvm::Value *NextVal;
982  if (isa<llvm::IntegerType>(InVal.first->getType())) {
983  uint64_t AmountVal = isInc ? 1 : -1;
984  NextVal = llvm::ConstantInt::get(InVal.first->getType(), AmountVal, true);
985 
986  // Add the inc/dec to the real part.
987  NextVal = Builder.CreateAdd(InVal.first, NextVal, isInc ? "inc" : "dec");
988  } else {
989  QualType ElemTy = E->getType()->getAs<ComplexType>()->getElementType();
990  llvm::APFloat FVal(getContext().getFloatTypeSemantics(ElemTy), 1);
991  if (!isInc)
992  FVal.changeSign();
993  NextVal = llvm::ConstantFP::get(getLLVMContext(), FVal);
994 
995  // Add the inc/dec to the real part.
996  NextVal = Builder.CreateFAdd(InVal.first, NextVal, isInc ? "inc" : "dec");
997  }
998 
999  ComplexPairTy IncVal(NextVal, InVal.second);
1000 
1001  // Store the updated result through the lvalue.
1002  EmitStoreOfComplex(IncVal, LV, /*init*/ false);
1003 
1004  // If this is a postinc, return the value read from memory, otherwise use the
1005  // updated value.
1006  return isPre ? IncVal : InVal;
1007 }
1008 
1009 void CodeGenModule::EmitExplicitCastExprType(const ExplicitCastExpr *E,
1010  CodeGenFunction *CGF) {
1011  // Bind VLAs in the cast type.
1012  if (CGF && E->getType()->isVariablyModifiedType())
1013  CGF->EmitVariablyModifiedType(E->getType());
1014 
1015  if (CGDebugInfo *DI = getModuleDebugInfo())
1016  DI->EmitExplicitCastType(E->getType());
1017 }
1018 
1019 //===----------------------------------------------------------------------===//
1020 // LValue Expression Emission
1021 //===----------------------------------------------------------------------===//
1022 
1023 /// EmitPointerWithAlignment - Given an expression of pointer type, try to
1024 /// derive a more accurate bound on the alignment of the pointer.
1025 Address CodeGenFunction::EmitPointerWithAlignment(const Expr *E,
1026  LValueBaseInfo *BaseInfo,
1027  TBAAAccessInfo *TBAAInfo) {
1028  // We allow this with ObjC object pointers because of fragile ABIs.
1029  assert(E->getType()->isPointerType() ||
1030  E->getType()->isObjCObjectPointerType());
1031  E = E->IgnoreParens();
1032 
1033  // Casts:
1034  if (const CastExpr *CE = dyn_cast<CastExpr>(E)) {
1035  if (const auto *ECE = dyn_cast<ExplicitCastExpr>(CE))
1036  CGM.EmitExplicitCastExprType(ECE, this);
1037 
1038  switch (CE->getCastKind()) {
1039  // Non-converting casts (but not C's implicit conversion from void*).
1040  case CK_BitCast:
1041  case CK_NoOp:
1042  case CK_AddressSpaceConversion:
1043  if (auto PtrTy = CE->getSubExpr()->getType()->getAs<PointerType>()) {
1044  if (PtrTy->getPointeeType()->isVoidType())
1045  break;
1046 
1047  LValueBaseInfo InnerBaseInfo;
1048  TBAAAccessInfo InnerTBAAInfo;
1049  Address Addr = EmitPointerWithAlignment(CE->getSubExpr(),
1050  &InnerBaseInfo,
1051  &InnerTBAAInfo);
1052  if (BaseInfo) *BaseInfo = InnerBaseInfo;
1053  if (TBAAInfo) *TBAAInfo = InnerTBAAInfo;
1054 
1055  if (isa<ExplicitCastExpr>(CE)) {
1056  LValueBaseInfo TargetTypeBaseInfo;
1057  TBAAAccessInfo TargetTypeTBAAInfo;
1058  CharUnits Align = getNaturalPointeeTypeAlignment(E->getType(),
1059  &TargetTypeBaseInfo,
1060  &TargetTypeTBAAInfo);
1061  if (TBAAInfo)
1062  *TBAAInfo = CGM.mergeTBAAInfoForCast(*TBAAInfo,
1063  TargetTypeTBAAInfo);
1064  // If the source l-value is opaque, honor the alignment of the
1065  // casted-to type.
1066  if (InnerBaseInfo.getAlignmentSource() != AlignmentSource::Decl) {
1067  if (BaseInfo)
1068  BaseInfo->mergeForCast(TargetTypeBaseInfo);
1069  Addr = Address(Addr.getPointer(), Align);
1070  }
1071  }
1072 
1073  if (SanOpts.has(SanitizerKind::CFIUnrelatedCast) &&
1074  CE->getCastKind() == CK_BitCast) {
1075  if (auto PT = E->getType()->getAs<PointerType>())
1076  EmitVTablePtrCheckForCast(PT->getPointeeType(), Addr.getPointer(),
1077  /*MayBeNull=*/true,
1078  CodeGenFunction::CFITCK_UnrelatedCast,
1079  CE->getBeginLoc());
1080  }
1081  return CE->getCastKind() != CK_AddressSpaceConversion
1082  ? Builder.CreateBitCast(Addr, ConvertType(E->getType()))
1083  : Builder.CreateAddrSpaceCast(Addr,
1084  ConvertType(E->getType()));
1085  }
1086  break;
1087 
1088  // Array-to-pointer decay.
1089  case CK_ArrayToPointerDecay:
1090  return EmitArrayToPointerDecay(CE->getSubExpr(), BaseInfo, TBAAInfo);
1091 
1092  // Derived-to-base conversions.
1093  case CK_UncheckedDerivedToBase:
1094  case CK_DerivedToBase: {
1095  // TODO: Support accesses to members of base classes in TBAA. For now, we
1096  // conservatively pretend that the complete object is of the base class
1097  // type.
1098  if (TBAAInfo)
1099  *TBAAInfo = CGM.getTBAAAccessInfo(E->getType());
1100  Address Addr = EmitPointerWithAlignment(CE->getSubExpr(), BaseInfo);
1101  auto Derived = CE->getSubExpr()->getType()->getPointeeCXXRecordDecl();
1102  return GetAddressOfBaseClass(Addr, Derived,
1103  CE->path_begin(), CE->path_end(),
1104  ShouldNullCheckClassCastValue(CE),
1105  CE->getExprLoc());
1106  }
1107 
1108  // TODO: Is there any reason to treat base-to-derived conversions
1109  // specially?
1110  default:
1111  break;
1112  }
1113  }
1114 
1115  // Unary &.
1116  if (const UnaryOperator *UO = dyn_cast<UnaryOperator>(E)) {
1117  if (UO->getOpcode() == UO_AddrOf) {
1118  LValue LV = EmitLValue(UO->getSubExpr());
1119  if (BaseInfo) *BaseInfo = LV.getBaseInfo();
1120  if (TBAAInfo) *TBAAInfo = LV.getTBAAInfo();
1121  return LV.getAddress();
1122  }
1123  }
1124 
1125  // TODO: conditional operators, comma.
1126 
1127  // Otherwise, use the alignment of the type.
1128  CharUnits Align = getNaturalPointeeTypeAlignment(E->getType(), BaseInfo,
1129  TBAAInfo);
1130  return Address(EmitScalarExpr(E), Align);
1131 }
1132 
1133 RValue CodeGenFunction::GetUndefRValue(QualType Ty) {
1134  if (Ty->isVoidType())
1135  return RValue::get(nullptr);
1136 
1137  switch (getEvaluationKind(Ty)) {
1138  case TEK_Complex: {
1139  llvm::Type *EltTy =
1140  ConvertType(Ty->castAs<ComplexType>()->getElementType());
1141  llvm::Value *U = llvm::UndefValue::get(EltTy);
1142  return RValue::getComplex(std::make_pair(U, U));
1143  }
1144 
1145  // If this is a use of an undefined aggregate type, the aggregate must have an
1146  // identifiable address. Just because the contents of the value are undefined
1147  // doesn't mean that the address can't be taken and compared.
1148  case TEK_Aggregate: {
1149  Address DestPtr = CreateMemTemp(Ty, "undef.agg.tmp");
1150  return RValue::getAggregate(DestPtr);
1151  }
1152 
1153  case TEK_Scalar:
1154  return RValue::get(llvm::UndefValue::get(ConvertType(Ty)));
1155  }
1156  llvm_unreachable("bad evaluation kind");
1157 }
1158 
1159 RValue CodeGenFunction::EmitUnsupportedRValue(const Expr *E,
1160  const char *Name) {
1161  ErrorUnsupported(E, Name);
1162  return GetUndefRValue(E->getType());
1163 }
1164 
1165 LValue CodeGenFunction::EmitUnsupportedLValue(const Expr *E,
1166  const char *Name) {
1167  ErrorUnsupported(E, Name);
1168  llvm::Type *Ty = llvm::PointerType::getUnqual(ConvertType(E->getType()));
1169  return MakeAddrLValue(Address(llvm::UndefValue::get(Ty), CharUnits::One()),
1170  E->getType());
1171 }
1172 
1173 bool CodeGenFunction::IsWrappedCXXThis(const Expr *Obj) {
1174  const Expr *Base = Obj;
1175  while (!isa<CXXThisExpr>(Base)) {
1176  // The result of a dynamic_cast can be null.
1177  if (isa<CXXDynamicCastExpr>(Base))
1178  return false;
1179 
1180  if (const auto *CE = dyn_cast<CastExpr>(Base)) {
1181  Base = CE->getSubExpr();
1182  } else if (const auto *PE = dyn_cast<ParenExpr>(Base)) {
1183  Base = PE->getSubExpr();
1184  } else if (const auto *UO = dyn_cast<UnaryOperator>(Base)) {
1185  if (UO->getOpcode() == UO_Extension)
1186  Base = UO->getSubExpr();
1187  else
1188  return false;
1189  } else {
1190  return false;
1191  }
1192  }
1193  return true;
1194 }
1195 
1196 LValue CodeGenFunction::EmitCheckedLValue(const Expr *E, TypeCheckKind TCK) {
1197  LValue LV;
1198  if (SanOpts.has(SanitizerKind::ArrayBounds) && isa<ArraySubscriptExpr>(E))
1199  LV = EmitArraySubscriptExpr(cast<ArraySubscriptExpr>(E), /*Accessed*/true);
1200  else
1201  LV = EmitLValue(E);
1202  if (!isa<DeclRefExpr>(E) && !LV.isBitField() && LV.isSimple()) {
1203  SanitizerSet SkippedChecks;
1204  if (const auto *ME = dyn_cast<MemberExpr>(E)) {
1205  bool IsBaseCXXThis = IsWrappedCXXThis(ME->getBase());
1206  if (IsBaseCXXThis)
1207  SkippedChecks.set(SanitizerKind::Alignment, true);
1208  if (IsBaseCXXThis || isa<DeclRefExpr>(ME->getBase()))
1209  SkippedChecks.set(SanitizerKind::Null, true);
1210  }
1211  EmitTypeCheck(TCK, E->getExprLoc(), LV.getPointer(),
1212  E->getType(), LV.getAlignment(), SkippedChecks);
1213  }
1214  return LV;
1215 }
1216 
1217 /// EmitLValue - Emit code to compute a designator that specifies the location
1218 /// of the expression.
1219 ///
1220 /// This can return one of two things: a simple address or a bitfield reference.
1221 /// In either case, the LLVM Value* in the LValue structure is guaranteed to be
1222 /// an LLVM pointer type.
1223 ///
1224 /// If this returns a bitfield reference, nothing about the pointee type of the
1225 /// LLVM value is known: For example, it may not be a pointer to an integer.
1226 ///
1227 /// If this returns a normal address, and if the lvalue's C type is fixed size,
1228 /// this method guarantees that the returned pointer type will point to an LLVM
1229 /// type of the same size of the lvalue's type. If the lvalue has a variable
1230 /// length type, this is not possible.
1231 ///
1232 LValue CodeGenFunction::EmitLValue(const Expr *E) {
1233  ApplyDebugLocation DL(*this, E);
1234  switch (E->getStmtClass()) {
1235  default: return EmitUnsupportedLValue(E, "l-value expression");
1236 
1237  case Expr::ObjCPropertyRefExprClass:
1238  llvm_unreachable("cannot emit a property reference directly");
1239 
1240  case Expr::ObjCSelectorExprClass:
1241  return EmitObjCSelectorLValue(cast<ObjCSelectorExpr>(E));
1242  case Expr::ObjCIsaExprClass:
1243  return EmitObjCIsaExpr(cast<ObjCIsaExpr>(E));
1244  case Expr::BinaryOperatorClass:
1245  return EmitBinaryOperatorLValue(cast<BinaryOperator>(E));
1246  case Expr::CompoundAssignOperatorClass: {
1247  QualType Ty = E->getType();
1248  if (const AtomicType *AT = Ty->getAs<AtomicType>())
1249  Ty = AT->getValueType();
1250  if (!Ty->isAnyComplexType())
1251  return EmitCompoundAssignmentLValue(cast<CompoundAssignOperator>(E));
1252  return EmitComplexCompoundAssignmentLValue(cast<CompoundAssignOperator>(E));
1253  }
1254  case Expr::CallExprClass:
1255  case Expr::CXXMemberCallExprClass:
1256  case Expr::CXXOperatorCallExprClass:
1257  case Expr::UserDefinedLiteralClass:
1258  return EmitCallExprLValue(cast<CallExpr>(E));
1259  case Expr::VAArgExprClass:
1260  return EmitVAArgExprLValue(cast<VAArgExpr>(E));
1261  case Expr::DeclRefExprClass:
1262  return EmitDeclRefLValue(cast<DeclRefExpr>(E));
1263  case Expr::ParenExprClass:
1264  return EmitLValue(cast<ParenExpr>(E)->getSubExpr());
1265  case Expr::GenericSelectionExprClass:
1266  return EmitLValue(cast<GenericSelectionExpr>(E)->getResultExpr());
1267  case Expr::PredefinedExprClass:
1268  return EmitPredefinedLValue(cast<PredefinedExpr>(E));
1269  case Expr::StringLiteralClass:
1270  return EmitStringLiteralLValue(cast<StringLiteral>(E));
1271  case Expr::ObjCEncodeExprClass:
1272  return EmitObjCEncodeExprLValue(cast<ObjCEncodeExpr>(E));
1273  case Expr::PseudoObjectExprClass:
1274  return EmitPseudoObjectLValue(cast<PseudoObjectExpr>(E));
1275  case Expr::InitListExprClass:
1276  return EmitInitListLValue(cast<InitListExpr>(E));
1277  case Expr::CXXTemporaryObjectExprClass:
1278  case Expr::CXXConstructExprClass:
1279  return EmitCXXConstructLValue(cast<CXXConstructExpr>(E));
1280  case Expr::CXXBindTemporaryExprClass:
1281  return EmitCXXBindTemporaryLValue(cast<CXXBindTemporaryExpr>(E));
1282  case Expr::CXXUuidofExprClass:
1283  return EmitCXXUuidofLValue(cast<CXXUuidofExpr>(E));
1284  case Expr::LambdaExprClass:
1285  return EmitLambdaLValue(cast<LambdaExpr>(E));
1286 
1287  case Expr::ExprWithCleanupsClass: {
1288  const auto *cleanups = cast<ExprWithCleanups>(E);
1289  enterFullExpression(cleanups);
1290  RunCleanupsScope Scope(*this);
1291  LValue LV = EmitLValue(cleanups->getSubExpr());
1292  if (LV.isSimple()) {
1293  // Defend against branches out of gnu statement expressions surrounded by
1294  // cleanups.
1295  llvm::Value *V = LV.getPointer();
1296  Scope.ForceCleanup({&V});
1297  return LValue::MakeAddr(Address(V, LV.getAlignment()), LV.getType(),
1298  getContext(), LV.getBaseInfo(), LV.getTBAAInfo());
1299  }
1300  // FIXME: Is it possible to create an ExprWithCleanups that produces a
1301  // bitfield lvalue or some other non-simple lvalue?
1302  return LV;
1303  }
1304 
1305  case Expr::CXXDefaultArgExprClass:
1306  return EmitLValue(cast<CXXDefaultArgExpr>(E)->getExpr());
1307  case Expr::CXXDefaultInitExprClass: {
1308  CXXDefaultInitExprScope Scope(*this);
1309  return EmitLValue(cast<CXXDefaultInitExpr>(E)->getExpr());
1310  }
1311  case Expr::CXXTypeidExprClass:
1312  return EmitCXXTypeidLValue(cast<CXXTypeidExpr>(E));
1313 
1314  case Expr::ObjCMessageExprClass:
1315  return EmitObjCMessageExprLValue(cast<ObjCMessageExpr>(E));
1316  case Expr::ObjCIvarRefExprClass:
1317  return EmitObjCIvarRefLValue(cast<ObjCIvarRefExpr>(E));
1318  case Expr::StmtExprClass:
1319  return EmitStmtExprLValue(cast<StmtExpr>(E));
1320  case Expr::UnaryOperatorClass:
1321  return EmitUnaryOpLValue(cast<UnaryOperator>(E));
1322  case Expr::ArraySubscriptExprClass:
1323  return EmitArraySubscriptExpr(cast<ArraySubscriptExpr>(E));
1324  case Expr::OMPArraySectionExprClass:
1325  return EmitOMPArraySectionExpr(cast<OMPArraySectionExpr>(E));
1326  case Expr::ExtVectorElementExprClass:
1327  return EmitExtVectorElementExpr(cast<ExtVectorElementExpr>(E));
1328  case Expr::MemberExprClass:
1329  return EmitMemberExpr(cast<MemberExpr>(E));
1330  case Expr::CompoundLiteralExprClass:
1331  return EmitCompoundLiteralLValue(cast<CompoundLiteralExpr>(E));
1332  case Expr::ConditionalOperatorClass:
1333  return EmitConditionalOperatorLValue(cast<ConditionalOperator>(E));
1334  case Expr::BinaryConditionalOperatorClass:
1335  return EmitConditionalOperatorLValue(cast<BinaryConditionalOperator>(E));
1336  case Expr::ChooseExprClass:
1337  return EmitLValue(cast<ChooseExpr>(E)->getChosenSubExpr());
1338  case Expr::OpaqueValueExprClass:
1339  return EmitOpaqueValueLValue(cast<OpaqueValueExpr>(E));
1340  case Expr::SubstNonTypeTemplateParmExprClass:
1341  return EmitLValue(cast<SubstNonTypeTemplateParmExpr>(E)->getReplacement());
1342  case Expr::ImplicitCastExprClass:
1343  case Expr::CStyleCastExprClass:
1344  case Expr::CXXFunctionalCastExprClass:
1345  case Expr::CXXStaticCastExprClass:
1346  case Expr::CXXDynamicCastExprClass:
1347  case Expr::CXXReinterpretCastExprClass:
1348  case Expr::CXXConstCastExprClass:
1349  case Expr::ObjCBridgedCastExprClass:
1350  return EmitCastLValue(cast<CastExpr>(E));
1351 
1352  case Expr::MaterializeTemporaryExprClass:
1353  return EmitMaterializeTemporaryExpr(cast<MaterializeTemporaryExpr>(E));
1354 
1355  case Expr::CoawaitExprClass:
1356  return EmitCoawaitLValue(cast<CoawaitExpr>(E));
1357  case Expr::CoyieldExprClass:
1358  return EmitCoyieldLValue(cast<CoyieldExpr>(E));
1359  }
1360 }
1361 
1362 /// Given an object of the given canonical type, can we safely copy a
1363 /// value out of it based on its initializer?
1364 static bool isConstantEmittableObjectType(QualType type) {
1365  assert(type.isCanonical());
1366  assert(!type->isReferenceType());
1367 
1368  // Must be const-qualified but non-volatile.
1369  Qualifiers qs = type.getLocalQualifiers();
1370  if (!qs.hasConst() || qs.hasVolatile()) return false;
1371 
1372  // Otherwise, all object types satisfy this except C++ classes with
1373  // mutable subobjects or non-trivial copy/destroy behavior.
1374  if (const auto *RT = dyn_cast<RecordType>(type))
1375  if (const auto *RD = dyn_cast<CXXRecordDecl>(RT->getDecl()))
1376  if (RD->hasMutableFields() || !RD->isTrivial())
1377  return false;
1378 
1379  return true;
1380 }
1381 
1382 /// Can we constant-emit a load of a reference to a variable of the
1383 /// given type? This is different from predicates like
1384 /// Decl::isUsableInConstantExpressions because we do want it to apply
1385 /// in situations that don't necessarily satisfy the language's rules
1386 /// for this (e.g. C++'s ODR-use rules). For example, we want to able
1387 /// to do this with const float variables even if those variables
1388 /// aren't marked 'constexpr'.
1389 enum ConstantEmissionKind {
1390  CEK_None,
1391  CEK_AsReferenceOnly,
1392  CEK_AsValueOrReference,
1393  CEK_AsValueOnly
1394 };
1395 static ConstantEmissionKind checkVarTypeForConstantEmission(QualType type) {
1396  type = type.getCanonicalType();
1397  if (const auto *ref = dyn_cast<ReferenceType>(type)) {
1398  if (isConstantEmittableObjectType(ref->getPointeeType()))
1399  return CEK_AsValueOrReference;
1400  return CEK_AsReferenceOnly;
1401  }
1402  if (isConstantEmittableObjectType(type))
1403  return CEK_AsValueOnly;
1404  return CEK_None;
1405 }
1406 
1407 /// Try to emit a reference to the given value without producing it as
1408 /// an l-value. This is actually more than an optimization: we can't
1409 /// produce an l-value for variables that we never actually captured
1410 /// in a block or lambda, which means const int variables or constexpr
1411 /// literals or similar.
1412 CodeGenFunction::ConstantEmission
1413 CodeGenFunction::tryEmitAsConstant(DeclRefExpr *refExpr) {
1414  ValueDecl *value = refExpr->getDecl();
1415 
1416  // The value needs to be an enum constant or a constant variable.
1417  ConstantEmissionKind CEK;
1418  if (isa<ParmVarDecl>(value)) {
1419  CEK = CEK_None;
1420  } else if (auto *var = dyn_cast<VarDecl>(value)) {
1421  CEK = checkVarTypeForConstantEmission(var->getType());
1422  } else if (isa<EnumConstantDecl>(value)) {
1423  CEK = CEK_AsValueOnly;
1424  } else {
1425  CEK = CEK_None;
1426  }
1427  if (CEK == CEK_None) return ConstantEmission();
1428 
1429  Expr::EvalResult result;
1430  bool resultIsReference;
1431  QualType resultType;
1432 
1433  // It's best to evaluate all the way as an r-value if that's permitted.
1434  if (CEK != CEK_AsReferenceOnly &&
1435  refExpr->EvaluateAsRValue(result, getContext())) {
1436  resultIsReference = false;
1437  resultType = refExpr->getType();
1438 
1439  // Otherwise, try to evaluate as an l-value.
1440  } else if (CEK != CEK_AsValueOnly &&
1441  refExpr->EvaluateAsLValue(result, getContext())) {
1442  resultIsReference = true;
1443  resultType = value->getType();
1444 
1445  // Failure.
1446  } else {
1447  return ConstantEmission();
1448  }
1449 
1450  // In any case, if the initializer has side-effects, abandon ship.
1451  if (result.HasSideEffects)
1452  return ConstantEmission();
1453 
1454  // Emit as a constant.
1455  auto C = ConstantEmitter(*this).emitAbstract(refExpr->getLocation(),
1456  result.Val, resultType);
1457 
1458  // Make sure we emit a debug reference to the global variable.
1459  // This should probably fire even for
1460  if (isa<VarDecl>(value)) {
1461  if (!getContext().DeclMustBeEmitted(cast<VarDecl>(value)))
1462  EmitDeclRefExprDbgValue(refExpr, result.Val);
1463  } else {
1464  assert(isa<EnumConstantDecl>(value));
1465  EmitDeclRefExprDbgValue(refExpr, result.Val);
1466  }
1467 
1468  // If we emitted a reference constant, we need to dereference that.
1469  if (resultIsReference)
1470  return ConstantEmission::forReference(C);
1471 
1472  return ConstantEmission::forValue(C);
1473 }
1474 
1475 static DeclRefExpr *tryToConvertMemberExprToDeclRefExpr(CodeGenFunction &CGF,
1476  const MemberExpr *ME) {
1477  if (auto *VD = dyn_cast<VarDecl>(ME->getMemberDecl())) {
1478  // Try to emit static variable member expressions as DREs.
1479  return DeclRefExpr::Create(
1480  CGF.getContext(), NestedNameSpecifierLoc(), SourceLocation(), VD,
1481  /*RefersToEnclosingVariableOrCapture=*/false, ME->getExprLoc(),
1482  ME->getType(), ME->getValueKind());
1483  }
1484  return nullptr;
1485 }
1486 
1487 CodeGenFunction::ConstantEmission
1488 CodeGenFunction::tryEmitAsConstant(const MemberExpr *ME) {
1489  if (DeclRefExpr *DRE = tryToConvertMemberExprToDeclRefExpr(*this, ME))
1490  return tryEmitAsConstant(DRE);
1491  return ConstantEmission();
1492 }
1493 
1494 llvm::Value *CodeGenFunction::EmitLoadOfScalar(LValue lvalue,
1495  SourceLocation Loc) {
1496  return EmitLoadOfScalar(lvalue.getAddress(), lvalue.isVolatile(),
1497  lvalue.getType(), Loc, lvalue.getBaseInfo(),
1498  lvalue.getTBAAInfo(), lvalue.isNontemporal());
1499 }
1500 
1501 static bool hasBooleanRepresentation(QualType Ty) {
1502  if (Ty->isBooleanType())
1503  return true;
1504 
1505  if (const EnumType *ET = Ty->getAs<EnumType>())
1506  return ET->getDecl()->getIntegerType()->isBooleanType();
1507 
1508  if (const AtomicType *AT = Ty->getAs<AtomicType>())
1509  return hasBooleanRepresentation(AT->getValueType());
1510 
1511  return false;
1512 }
1513 
1514 static bool getRangeForType(CodeGenFunction &CGF, QualType Ty,
1515  llvm::APInt &Min, llvm::APInt &End,
1516  bool StrictEnums, bool IsBool) {
1517  const EnumType *ET = Ty->getAs<EnumType>();
1518  bool IsRegularCPlusPlusEnum = CGF.getLangOpts().CPlusPlus && StrictEnums &&
1519  ET && !ET->getDecl()->isFixed();
1520  if (!IsBool && !IsRegularCPlusPlusEnum)
1521  return false;
1522 
1523  if (IsBool) {
1524  Min = llvm::APInt(CGF.getContext().getTypeSize(Ty), 0);
1525  End = llvm::APInt(CGF.getContext().getTypeSize(Ty), 2);
1526  } else {
1527  const EnumDecl *ED = ET->getDecl();
1528  llvm::Type *LTy = CGF.ConvertTypeForMem(ED->getIntegerType());
1529  unsigned Bitwidth = LTy->getScalarSizeInBits();
1530  unsigned NumNegativeBits = ED->getNumNegativeBits();
1531  unsigned NumPositiveBits = ED->getNumPositiveBits();
1532 
1533  if (NumNegativeBits) {
1534  unsigned NumBits = std::max(NumNegativeBits, NumPositiveBits + 1);
1535  assert(NumBits <= Bitwidth);
1536  End = llvm::APInt(Bitwidth, 1) << (NumBits - 1);
1537  Min = -End;
1538  } else {
1539  assert(NumPositiveBits <= Bitwidth);
1540  End = llvm::APInt(Bitwidth, 1) << NumPositiveBits;
1541  Min = llvm::APInt(Bitwidth, 0);
1542  }
1543  }
1544  return true;
1545 }
1546 
1547 llvm::MDNode *CodeGenFunction::getRangeForLoadFromType(QualType Ty) {
1548  llvm::APInt Min, End;
1549  if (!getRangeForType(*this, Ty, Min, End, CGM.getCodeGenOpts().StrictEnums,
1550  hasBooleanRepresentation(Ty)))
1551  return nullptr;
1552 
1553  llvm::MDBuilder MDHelper(getLLVMContext());
1554  return MDHelper.createRange(Min, End);
1555 }
1556 
1557 bool CodeGenFunction::EmitScalarRangeCheck(llvm::Value *Value, QualType Ty,
1558  SourceLocation Loc) {
1559  bool HasBoolCheck = SanOpts.has(SanitizerKind::Bool);
1560  bool HasEnumCheck = SanOpts.has(SanitizerKind::Enum);
1561  if (!HasBoolCheck && !HasEnumCheck)
1562  return false;
1563 
1564  bool IsBool = hasBooleanRepresentation(Ty) ||
1565  NSAPI(CGM.getContext()).isObjCBOOLType(Ty);
1566  bool NeedsBoolCheck = HasBoolCheck && IsBool;
1567  bool NeedsEnumCheck = HasEnumCheck && Ty->getAs<EnumType>();
1568  if (!NeedsBoolCheck && !NeedsEnumCheck)
1569  return false;
1570 
1571  // Single-bit booleans don't need to be checked. Special-case this to avoid
1572  // a bit width mismatch when handling bitfield values. This is handled by
1573  // EmitFromMemory for the non-bitfield case.
1574  if (IsBool &&
1575  cast<llvm::IntegerType>(Value->getType())->getBitWidth() == 1)
1576  return false;
1577 
1578  llvm::APInt Min, End;
1579  if (!getRangeForType(*this, Ty, Min, End, /*StrictEnums=*/true, IsBool))
1580  return true;
1581 
1582  auto &Ctx = getLLVMContext();
1583  SanitizerScope SanScope(this);
1584  llvm::Value *Check;
1585  --End;
1586  if (!Min) {
1587  Check = Builder.CreateICmpULE(Value, llvm::ConstantInt::get(Ctx, End));
1588  } else {
1589  llvm::Value *Upper =
1590  Builder.CreateICmpSLE(Value, llvm::ConstantInt::get(Ctx, End));
1591  llvm::Value *Lower =
1592  Builder.CreateICmpSGE(Value, llvm::ConstantInt::get(Ctx, Min));
1593  Check = Builder.CreateAnd(Upper, Lower);
1594  }
1595  llvm::Constant *StaticArgs[] = {EmitCheckSourceLocation(Loc),
1596  EmitCheckTypeDescriptor(Ty)};
1597  SanitizerMask Kind =
1598  NeedsEnumCheck ? SanitizerKind::Enum : SanitizerKind::Bool;
1599  EmitCheck(std::make_pair(Check, Kind), SanitizerHandler::LoadInvalidValue,
1600  StaticArgs, EmitCheckValue(Value));
1601  return true;
1602 }
1603 
1604 llvm::Value *CodeGenFunction::EmitLoadOfScalar(Address Addr, bool Volatile,
1605  QualType Ty,
1606  SourceLocation Loc,
1607  LValueBaseInfo BaseInfo,
1608  TBAAAccessInfo TBAAInfo,
1609  bool isNontemporal) {
1610  if (!CGM.getCodeGenOpts().PreserveVec3Type) {
1611  // For better performance, handle vector loads differently.
1612  if (Ty->isVectorType()) {
1613  const llvm::Type *EltTy = Addr.getElementType();
1614 
1615  const auto *VTy = cast<llvm::VectorType>(EltTy);
1616 
1617  // Handle vectors of size 3 like size 4 for better performance.
1618  if (VTy->getNumElements() == 3) {
1619 
1620  // Bitcast to vec4 type.
1621  llvm::VectorType *vec4Ty =
1622  llvm::VectorType::get(VTy->getElementType(), 4);
1623  Address Cast = Builder.CreateElementBitCast(Addr, vec4Ty, "castToVec4");
1624  // Now load value.
1625  llvm::Value *V = Builder.CreateLoad(Cast, Volatile, "loadVec4");
1626 
1627  // Shuffle vector to get vec3.
1628  V = Builder.CreateShuffleVector(V, llvm::UndefValue::get(vec4Ty),
1629  {0, 1, 2}, "extractVec");
1630  return EmitFromMemory(V, Ty);
1631  }
1632  }
1633  }
1634 
1635  // Atomic operations have to be done on integral types.
1636  LValue AtomicLValue =
1637  LValue::MakeAddr(Addr, Ty, getContext(), BaseInfo, TBAAInfo);
1638  if (Ty->isAtomicType() || LValueIsSuitableForInlineAtomic(AtomicLValue)) {
1639  return EmitAtomicLoad(AtomicLValue, Loc).getScalarVal();
1640  }
1641 
1642  llvm::LoadInst *Load = Builder.CreateLoad(Addr, Volatile);
1643  if (isNontemporal) {
1644  llvm::MDNode *Node = llvm::MDNode::get(
1645  Load->getContext(), llvm::ConstantAsMetadata::get(Builder.getInt32(1)));
1646  Load->setMetadata(CGM.getModule().getMDKindID("nontemporal"), Node);
1647  }
1648 
1649  CGM.DecorateInstructionWithTBAA(Load, TBAAInfo);
1650 
1651  if (EmitScalarRangeCheck(Load, Ty, Loc)) {
1652  // In order to prevent the optimizer from throwing away the check, don't
1653  // attach range metadata to the load.
1654  } else if (CGM.getCodeGenOpts().OptimizationLevel > 0)
1655  if (llvm::MDNode *RangeInfo = getRangeForLoadFromType(Ty))
1656  Load->setMetadata(llvm::LLVMContext::MD_range, RangeInfo);
1657 
1658  return EmitFromMemory(Load, Ty);
1659 }
1660 
1661 llvm::Value *CodeGenFunction::EmitToMemory(llvm::Value *Value, QualType Ty) {
1662  // Bool has a different representation in memory than in registers.
1663  if (hasBooleanRepresentation(Ty)) {
1664  // This should really always be an i1, but sometimes it's already
1665  // an i8, and it's awkward to track those cases down.
1666  if (Value->getType()->isIntegerTy(1))
1667  return Builder.CreateZExt(Value, ConvertTypeForMem(Ty), "frombool");
1668  assert(Value->getType()->isIntegerTy(getContext().getTypeSize(Ty)) &&
1669  "wrong value rep of bool");
1670  }
1671 
1672  return Value;
1673 }
1674 
1675 llvm::Value *CodeGenFunction::EmitFromMemory(llvm::Value *Value, QualType Ty) {
1676  // Bool has a different representation in memory than in registers.
1677  if (hasBooleanRepresentation(Ty)) {
1678  assert(Value->getType()->isIntegerTy(getContext().getTypeSize(Ty)) &&
1679  "wrong value rep of bool");
1680  return Builder.CreateTrunc(Value, Builder.getInt1Ty(), "tobool");
1681  }
1682 
1683  return Value;
1684 }
1685 
1686 void CodeGenFunction::EmitStoreOfScalar(llvm::Value *Value, Address Addr,
1687  bool Volatile, QualType Ty,
1688  LValueBaseInfo BaseInfo,
1689  TBAAAccessInfo TBAAInfo,
1690  bool isInit, bool isNontemporal) {
1691  if (!CGM.getCodeGenOpts().PreserveVec3Type) {
1692  // Handle vectors differently to get better performance.
1693  if (Ty->isVectorType()) {
1694  llvm::Type *SrcTy = Value->getType();
1695  auto *VecTy = dyn_cast<llvm::VectorType>(SrcTy);
1696  // Handle vec3 special.
1697  if (VecTy && VecTy->getNumElements() == 3) {
1698  // Our source is a vec3, do a shuffle vector to make it a vec4.
1699  llvm::Constant *Mask[] = {Builder.getInt32(0), Builder.getInt32(1),
1700  Builder.getInt32(2),
1701  llvm::UndefValue::get(Builder.getInt32Ty())};
1702  llvm::Value *MaskV = llvm::ConstantVector::get(Mask);
1703  Value = Builder.CreateShuffleVector(Value, llvm::UndefValue::get(VecTy),
1704  MaskV, "extractVec");
1705  SrcTy = llvm::VectorType::get(VecTy->getElementType(), 4);
1706  }
1707  if (Addr.getElementType() != SrcTy) {
1708  Addr = Builder.CreateElementBitCast(Addr, SrcTy, "storetmp");
1709  }
1710  }
1711  }
1712 
1713  Value = EmitToMemory(Value, Ty);
1714 
1715  LValue AtomicLValue =
1716  LValue::MakeAddr(Addr, Ty, getContext(), BaseInfo, TBAAInfo);
1717  if (Ty->isAtomicType() ||
1718  (!isInit && LValueIsSuitableForInlineAtomic(AtomicLValue))) {
1719  EmitAtomicStore(RValue::get(Value), AtomicLValue, isInit);
1720  return;
1721  }
1722 
1723  llvm::StoreInst *Store = Builder.CreateStore(Value, Addr, Volatile);
1724  if (isNontemporal) {
1725  llvm::MDNode *Node =
1726  llvm::MDNode::get(Store->getContext(),
1727  llvm::ConstantAsMetadata::get(Builder.getInt32(1)));
1728  Store->setMetadata(CGM.getModule().getMDKindID("nontemporal"), Node);
1729  }
1730 
1731  CGM.DecorateInstructionWithTBAA(Store, TBAAInfo);
1732 }
1733 
1734 void CodeGenFunction::EmitStoreOfScalar(llvm::Value *value, LValue lvalue,
1735  bool isInit) {
1736  EmitStoreOfScalar(value, lvalue.getAddress(), lvalue.isVolatile(),
1737  lvalue.getType(), lvalue.getBaseInfo(),
1738  lvalue.getTBAAInfo(), isInit, lvalue.isNontemporal());
1739 }
1740 
1741 /// EmitLoadOfLValue - Given an expression that represents a value lvalue, this
1742 /// method emits the address of the lvalue, then loads the result as an rvalue,
1743 /// returning the rvalue.
1744 RValue CodeGenFunction::EmitLoadOfLValue(LValue LV, SourceLocation Loc) {
1745  if (LV.isObjCWeak()) {
1746  // load of a __weak object.
1747  Address AddrWeakObj = LV.getAddress();
1748  return RValue::get(CGM.getObjCRuntime().EmitObjCWeakRead(*this,
1749  AddrWeakObj));
1750  }
1751  if (LV.getQuals().getObjCLifetime() == Qualifiers::OCL_Weak) {
1752  // In MRC mode, we do a load+autorelease.
1753  if (!getLangOpts().ObjCAutoRefCount) {
1754  return RValue::get(EmitARCLoadWeak(LV.getAddress()));
1755  }
1756 
1757  // In ARC mode, we load retained and then consume the value.
1758  llvm::Value *Object = EmitARCLoadWeakRetained(LV.getAddress());
1759  Object = EmitObjCConsumeObject(LV.getType(), Object);
1760  return RValue::get(Object);
1761  }
1762 
1763  if (LV.isSimple()) {
1764  assert(!LV.getType()->isFunctionType());
1765 
1766  // Everything needs a load.
1767  return RValue::get(EmitLoadOfScalar(LV, Loc));
1768  }
1769 
1770  if (LV.isVectorElt()) {
1771  llvm::LoadInst *Load = Builder.CreateLoad(LV.getVectorAddress(),
1772  LV.isVolatileQualified());
1773  return RValue::get(Builder.CreateExtractElement(Load, LV.getVectorIdx(),
1774  "vecext"));
1775  }
1776 
1777  // If this is a reference to a subset of the elements of a vector, either
1778  // shuffle the input or extract/insert them as appropriate.
1779  if (LV.isExtVectorElt())
1780  return EmitLoadOfExtVectorElementLValue(LV);
1781 
1782  // Global Register variables always invoke intrinsics
1783  if (LV.isGlobalReg())
1784  return EmitLoadOfGlobalRegLValue(LV);
1785 
1786  assert(LV.isBitField() && "Unknown LValue type!");
1787  return EmitLoadOfBitfieldLValue(LV, Loc);
1788 }
1789 
1790 RValue CodeGenFunction::EmitLoadOfBitfieldLValue(LValue LV,
1791  SourceLocation Loc) {
1792  const CGBitFieldInfo &Info = LV.getBitFieldInfo();
1793 
1794  // Get the output type.
1795  llvm::Type *ResLTy = ConvertType(LV.getType());
1796 
1797  Address Ptr = LV.getBitFieldAddress();
1798  llvm::Value *Val = Builder.CreateLoad(Ptr, LV.isVolatileQualified(), "bf.load");
1799 
1800  if (Info.IsSigned) {
1801  assert(static_cast<unsigned>(Info.Offset + Info.Size) <= Info.StorageSize);
1802  unsigned HighBits = Info.StorageSize - Info.Offset - Info.Size;
1803  if (HighBits)
1804  Val = Builder.CreateShl(Val, HighBits, "bf.shl");
1805  if (Info.Offset + HighBits)
1806  Val = Builder.CreateAShr(Val, Info.Offset + HighBits, "bf.ashr");
1807  } else {
1808  if (Info.Offset)
1809  Val = Builder.CreateLShr(Val, Info.Offset, "bf.lshr");
1810  if (static_cast<unsigned>(Info.Offset) + Info.Size < Info.StorageSize)
1811  Val = Builder.CreateAnd(Val, llvm::APInt::getLowBitsSet(Info.StorageSize,
1812  Info.Size),
1813  "bf.clear");
1814  }
1815  Val = Builder.CreateIntCast(Val, ResLTy, Info.IsSigned, "bf.cast");
1816  EmitScalarRangeCheck(Val, LV.getType(), Loc);
1817  return RValue::get(Val);
1818 }
1819 
1820 // If this is a reference to a subset of the elements of a vector, create an
1821 // appropriate shufflevector.
1822 RValue CodeGenFunction::EmitLoadOfExtVectorElementLValue(LValue LV) {
1823  llvm::Value *Vec = Builder.CreateLoad(LV.getExtVectorAddress(),
1824  LV.isVolatileQualified());
1825 
1826  const llvm::Constant *Elts = LV.getExtVectorElts();
1827 
1828  // If the result of the expression is a non-vector type, we must be extracting
1829  // a single element. Just codegen as an extractelement.
1830  const VectorType *ExprVT = LV.getType()->getAs<VectorType>();
1831  if (!ExprVT) {
1832  unsigned InIdx = getAccessedFieldNo(0, Elts);
1833  llvm::Value *Elt = llvm::ConstantInt::get(SizeTy, InIdx);
1834  return RValue::get(Builder.CreateExtractElement(Vec, Elt));
1835  }
1836 
1837  // Always use shuffle vector to try to retain the original program structure
1838  unsigned NumResultElts = ExprVT->getNumElements();
1839 
1840  SmallVector<llvm::Constant*, 4> Mask;
1841  for (unsigned i = 0; i != NumResultElts; ++i)
1842  Mask.push_back(Builder.getInt32(getAccessedFieldNo(i, Elts)));
1843 
1844  llvm::Value *MaskV = llvm::ConstantVector::get(Mask);
1845  Vec = Builder.CreateShuffleVector(Vec, llvm::UndefValue::get(Vec->getType()),
1846  MaskV);
1847  return RValue::get(Vec);
1848 }
1849 
1850 /// Generates lvalue for partial ext_vector access.
1851 Address CodeGenFunction::EmitExtVectorElementLValue(LValue LV) {
1852  Address VectorAddress = LV.getExtVectorAddress();
1853  const VectorType *ExprVT = LV.getType()->getAs<VectorType>();
1854  QualType EQT = ExprVT->getElementType();
1855  llvm::Type *VectorElementTy = CGM.getTypes().ConvertType(EQT);
1856 
1857  Address CastToPointerElement =
1858  Builder.CreateElementBitCast(VectorAddress, VectorElementTy,
1859  "conv.ptr.element");
1860 
1861  const llvm::Constant *Elts = LV.getExtVectorElts();
1862  unsigned ix = getAccessedFieldNo(0, Elts);
1863 
1864  Address VectorBasePtrPlusIx =
1865  Builder.CreateConstInBoundsGEP(CastToPointerElement, ix,
1866  getContext().getTypeSizeInChars(EQT),
1867  "vector.elt");
1868 
1869  return VectorBasePtrPlusIx;
1870 }
1871 
1872 /// Load of global gamed gegisters are always calls to intrinsics.
1873 RValue CodeGenFunction::EmitLoadOfGlobalRegLValue(LValue LV) {
1874  assert((LV.getType()->isIntegerType() || LV.getType()->isPointerType()) &&
1875  "Bad type for register variable");
1876  llvm::MDNode *RegName = cast<llvm::MDNode>(
1877  cast<llvm::MetadataAsValue>(LV.getGlobalReg())->getMetadata());
1878 
1879  // We accept integer and pointer types only
1880  llvm::Type *OrigTy = CGM.getTypes().ConvertType(LV.getType());
1881  llvm::Type *Ty = OrigTy;
1882  if (OrigTy->isPointerTy())
1883  Ty = CGM.getTypes().getDataLayout().getIntPtrType(OrigTy);
1884  llvm::Type *Types[] = { Ty };
1885 
1886  llvm::Value *F = CGM.getIntrinsic(llvm::Intrinsic::read_register, Types);
1887  llvm::Value *Call = Builder.CreateCall(
1888  F, llvm::MetadataAsValue::get(Ty->getContext(), RegName));
1889  if (OrigTy->isPointerTy())
1890  Call = Builder.CreateIntToPtr(Call, OrigTy);
1891  return RValue::get(Call);
1892 }
1893 
1894 
1895 /// EmitStoreThroughLValue - Store the specified rvalue into the specified
1896 /// lvalue, where both are guaranteed to the have the same type, and that type
1897 /// is 'Ty'.
1898 void CodeGenFunction::EmitStoreThroughLValue(RValue Src, LValue Dst,
1899  bool isInit) {
1900  if (!Dst.isSimple()) {
1901  if (Dst.isVectorElt()) {
1902  // Read/modify/write the vector, inserting the new element.
1903  llvm::Value *Vec = Builder.CreateLoad(Dst.getVectorAddress(),
1904  Dst.isVolatileQualified());
1905  Vec = Builder.CreateInsertElement(Vec, Src.getScalarVal(),
1906  Dst.getVectorIdx(), "vecins");
1907  Builder.CreateStore(Vec, Dst.getVectorAddress(),
1908  Dst.isVolatileQualified());
1909  return;
1910  }
1911 
1912  // If this is an update of extended vector elements, insert them as
1913  // appropriate.
1914  if (Dst.isExtVectorElt())
1915  return EmitStoreThroughExtVectorComponentLValue(Src, Dst);
1916 
1917  if (Dst.isGlobalReg())
1918  return EmitStoreThroughGlobalRegLValue(Src, Dst);
1919 
1920  assert(Dst.isBitField() && "Unknown LValue type");
1921  return EmitStoreThroughBitfieldLValue(Src, Dst);
1922  }
1923 
1924  // There's special magic for assigning into an ARC-qualified l-value.
1925  if (Qualifiers::ObjCLifetime Lifetime = Dst.getQuals().getObjCLifetime()) {
1926  switch (Lifetime) {
1927  case Qualifiers::OCL_None:
1928  llvm_unreachable("present but none");
1929 
1930  case Qualifiers::OCL_ExplicitNone:
1931  // nothing special
1932  break;
1933 
1934  case Qualifiers::OCL_Strong:
1935  if (isInit) {
1936  Src = RValue::get(EmitARCRetain(Dst.getType(), Src.getScalarVal()));
1937  break;
1938  }
1939  EmitARCStoreStrong(Dst, Src.getScalarVal(), /*ignore*/ true);
1940  return;
1941 
1942  case Qualifiers::OCL_Weak:
1943  if (isInit)
1944  // Initialize and then skip the primitive store.
1945  EmitARCInitWeak(Dst.getAddress(), Src.getScalarVal());
1946  else
1947  EmitARCStoreWeak(Dst.getAddress(), Src.getScalarVal(), /*ignore*/ true);
1948  return;
1949 
1950  case Qualifiers::OCL_Autoreleasing:
1951  Src = RValue::get(EmitObjCExtendObjectLifetime(Dst.getType(),
1952  Src.getScalarVal()));
1953  // fall into the normal path
1954  break;
1955  }
1956  }
1957 
1958  if (Dst.isObjCWeak() && !Dst.isNonGC()) {
1959  // load of a __weak object.
1960  Address LvalueDst = Dst.getAddress();
1961  llvm::Value *src = Src.getScalarVal();
1962  CGM.getObjCRuntime().EmitObjCWeakAssign(*this, src, LvalueDst);
1963  return;
1964  }
1965 
1966  if (Dst.isObjCStrong() && !Dst.isNonGC()) {
1967  // load of a __strong object.
1968  Address LvalueDst = Dst.getAddress();
1969  llvm::Value *src = Src.getScalarVal();
1970  if (Dst.isObjCIvar()) {
1971  assert(Dst.getBaseIvarExp() && "BaseIvarExp is NULL");
1972  llvm::Type *ResultType = IntPtrTy;
1973  Address dst = EmitPointerWithAlignment(Dst.getBaseIvarExp());
1974  llvm::Value *RHS = dst.getPointer();
1975  RHS = Builder.CreatePtrToInt(RHS, ResultType, "sub.ptr.rhs.cast");
1976  llvm::Value *LHS =
1977  Builder.CreatePtrToInt(LvalueDst.getPointer(), ResultType,
1978  "sub.ptr.lhs.cast");
1979  llvm::Value *BytesBetween = Builder.CreateSub(LHS, RHS, "ivar.offset");
1980  CGM.getObjCRuntime().EmitObjCIvarAssign(*this, src, dst,
1981  BytesBetween);
1982  } else if (Dst.isGlobalObjCRef()) {
1983  CGM.getObjCRuntime().EmitObjCGlobalAssign(*this, src, LvalueDst,
1984  Dst.isThreadLocalRef());
1985  }
1986  else
1987  CGM.getObjCRuntime().EmitObjCStrongCastAssign(*this, src, LvalueDst);
1988  return;
1989  }
1990 
1991  assert(Src.isScalar() && "Can't emit an agg store with this method");
1992  EmitStoreOfScalar(Src.getScalarVal(), Dst, isInit);
1993 }
1994 
1995 void CodeGenFunction::EmitStoreThroughBitfieldLValue(RValue Src, LValue Dst,
1996  llvm::Value **Result) {
1997  const CGBitFieldInfo &Info = Dst.getBitFieldInfo();
1998  llvm::Type *ResLTy = ConvertTypeForMem(Dst.getType());
1999  Address Ptr = Dst.getBitFieldAddress();
2000 
2001  // Get the source value, truncated to the width of the bit-field.
2002  llvm::Value *SrcVal = Src.getScalarVal();
2003 
2004  // Cast the source to the storage type and shift it into place.
2005  SrcVal = Builder.CreateIntCast(SrcVal, Ptr.getElementType(),
2006  /*IsSigned=*/false);
2007  llvm::Value *MaskedVal = SrcVal;
2008 
2009  // See if there are other bits in the bitfield's storage we'll need to load
2010  // and mask together with source before storing.
2011  if (Info.StorageSize != Info.Size) {
2012  assert(Info.StorageSize > Info.Size && "Invalid bitfield size.");
2013  llvm::Value *Val =
2014  Builder.CreateLoad(Ptr, Dst.isVolatileQualified(), "bf.load");
2015 
2016  // Mask the source value as needed.
2017  if (!hasBooleanRepresentation(Dst.getType()))
2018  SrcVal = Builder.CreateAnd(SrcVal,
2019  llvm::APInt::getLowBitsSet(Info.StorageSize,
2020  Info.Size),
2021  "bf.value");
2022  MaskedVal = SrcVal;
2023  if (Info.Offset)
2024  SrcVal = Builder.CreateShl(SrcVal, Info.Offset, "bf.shl");
2025 
2026  // Mask out the original value.
2027  Val = Builder.CreateAnd(Val,
2028  ~llvm::APInt::getBitsSet(Info.StorageSize,
2029  Info.Offset,
2030  Info.Offset + Info.Size),
2031  "bf.clear");
2032 
2033  // Or together the unchanged values and the source value.
2034  SrcVal = Builder.CreateOr(Val, SrcVal, "bf.set");
2035  } else {
2036  assert(Info.Offset == 0);
2037  }
2038 
2039  // Write the new value back out.
2040  Builder.CreateStore(SrcVal, Ptr, Dst.isVolatileQualified());
2041 
2042  // Return the new value of the bit-field, if requested.
2043  if (Result) {
2044  llvm::Value *ResultVal = MaskedVal;
2045 
2046  // Sign extend the value if needed.
2047  if (Info.IsSigned) {
2048  assert(Info.Size <= Info.StorageSize);
2049  unsigned HighBits = Info.StorageSize - Info.Size;
2050  if (HighBits) {
2051  ResultVal = Builder.CreateShl(ResultVal, HighBits, "bf.result.shl");
2052  ResultVal = Builder.CreateAShr(ResultVal, HighBits, "bf.result.ashr");
2053  }
2054  }
2055 
2056  ResultVal = Builder.CreateIntCast(ResultVal, ResLTy, Info.IsSigned,
2057  "bf.result.cast");
2058  *Result = EmitFromMemory(ResultVal, Dst.getType());
2059  }
2060 }
2061 
2062 void CodeGenFunction::EmitStoreThroughExtVectorComponentLValue(RValue Src,
2063  LValue Dst) {
2064  // This access turns into a read/modify/write of the vector. Load the input
2065  // value now.
2066  llvm::Value *Vec = Builder.CreateLoad(Dst.getExtVectorAddress(),
2067  Dst.isVolatileQualified());
2068  const llvm::Constant *Elts = Dst.getExtVectorElts();
2069 
2070  llvm::Value *SrcVal = Src.getScalarVal();
2071 
2072  if (const VectorType *VTy = Dst.getType()->getAs<VectorType>()) {
2073  unsigned NumSrcElts = VTy->getNumElements();
2074  unsigned NumDstElts = Vec->getType()->getVectorNumElements();
2075  if (NumDstElts == NumSrcElts) {
2076  // Use shuffle vector is the src and destination are the same number of
2077  // elements and restore the vector mask since it is on the side it will be
2078  // stored.
2079  SmallVector<llvm::Constant*, 4> Mask(NumDstElts);
2080  for (unsigned i = 0; i != NumSrcElts; ++i)
2081  Mask[getAccessedFieldNo(i, Elts)] = Builder.getInt32(i);
2082 
2083  llvm::Value *MaskV = llvm::ConstantVector::get(Mask);
2084  Vec = Builder.CreateShuffleVector(SrcVal,
2085  llvm::UndefValue::get(Vec->getType()),
2086  MaskV);
2087  } else if (NumDstElts > NumSrcElts) {
2088  // Extended the source vector to the same length and then shuffle it
2089  // into the destination.
2090  // FIXME: since we're shuffling with undef, can we just use the indices
2091  // into that? This could be simpler.
2092  SmallVector<llvm::Constant*, 4> ExtMask;
2093  for (unsigned i = 0; i != NumSrcElts; ++i)
2094  ExtMask.push_back(Builder.getInt32(i));
2095  ExtMask.resize(NumDstElts, llvm::UndefValue::get(Int32Ty));
2096  llvm::Value *ExtMaskV = llvm::ConstantVector::get(ExtMask);
2097  llvm::Value *ExtSrcVal =
2098  Builder.CreateShuffleVector(SrcVal,
2099  llvm::UndefValue::get(SrcVal->getType()),
2100  ExtMaskV);
2101  // build identity
2102  SmallVector<llvm::Constant*, 4> Mask;
2103  for (unsigned i = 0; i != NumDstElts; ++i)
2104  Mask.push_back(Builder.getInt32(i));
2105 
2106  // When the vector size is odd and .odd or .hi is used, the last element
2107  // of the Elts constant array will be one past the size of the vector.
2108  // Ignore the last element here, if it is greater than the mask size.
2109  if (getAccessedFieldNo(NumSrcElts - 1, Elts) == Mask.size())
2110  NumSrcElts--;
2111 
2112  // modify when what gets shuffled in
2113  for (unsigned i = 0; i != NumSrcElts; ++i)
2114  Mask[getAccessedFieldNo(i, Elts)] = Builder.getInt32(i+NumDstElts);
2115  llvm::Value *MaskV = llvm::ConstantVector::get(Mask);
2116  Vec = Builder.CreateShuffleVector(Vec, ExtSrcVal, MaskV);
2117  } else {
2118  // We should never shorten the vector
2119  llvm_unreachable("unexpected shorten vector length");
2120  }
2121  } else {
2122  // If the Src is a scalar (not a vector) it must be updating one element.
2123  unsigned InIdx = getAccessedFieldNo(0, Elts);
2124  llvm::Value *Elt = llvm::ConstantInt::get(SizeTy, InIdx);
2125  Vec = Builder.CreateInsertElement(Vec, SrcVal, Elt);
2126  }
2127 
2128  Builder.CreateStore(Vec, Dst.getExtVectorAddress(),
2129  Dst.isVolatileQualified());
2130 }
2131 
2132 /// Store of global named registers are always calls to intrinsics.
2133 void CodeGenFunction::EmitStoreThroughGlobalRegLValue(RValue Src, LValue Dst) {
2134  assert((Dst.getType()->isIntegerType() || Dst.getType()->isPointerType()) &&
2135  "Bad type for register variable");
2136  llvm::MDNode *RegName = cast<llvm::MDNode>(
2137  cast<llvm::MetadataAsValue>(Dst.getGlobalReg())->getMetadata());
2138  assert(RegName && "Register LValue is not metadata");
2139 
2140  // We accept integer and pointer types only
2141  llvm::Type *OrigTy = CGM.getTypes().ConvertType(Dst.getType());
2142  llvm::Type *Ty = OrigTy;
2143  if (OrigTy->isPointerTy())
2144  Ty = CGM.getTypes().getDataLayout().getIntPtrType(OrigTy);
2145  llvm::Type *Types[] = { Ty };
2146 
2147  llvm::Value *F = CGM.getIntrinsic(llvm::Intrinsic::write_register, Types);
2148  llvm::Value *Value = Src.getScalarVal();
2149  if (OrigTy->isPointerTy())
2150  Value = Builder.CreatePtrToInt(Value, Ty);
2151  Builder.CreateCall(
2152  F, {llvm::MetadataAsValue::get(Ty->getContext(), RegName), Value});
2153 }
2154 
2155 // setObjCGCLValueClass - sets class of the lvalue for the purpose of
2156 // generating write-barries API. It is currently a global, ivar,
2157 // or neither.
2158 static void setObjCGCLValueClass(const ASTContext &Ctx, const Expr *E,
2159  LValue &LV,
2160  bool IsMemberAccess=false) {
2161  if (Ctx.getLangOpts().getGC() == LangOptions::NonGC)
2162  return;
2163 
2164  if (isa<ObjCIvarRefExpr>(E)) {
2165  QualType ExpTy = E->getType();
2166  if (IsMemberAccess && ExpTy->isPointerType()) {
2167  // If ivar is a structure pointer, assigning to field of
2168  // this struct follows gcc's behavior and makes it a non-ivar
2169  // writer-barrier conservatively.
2170  ExpTy = ExpTy->getAs<PointerType>()->getPointeeType();
2171  if (ExpTy->isRecordType()) {
2172  LV.setObjCIvar(false);
2173  return;
2174  }
2175  }
2176  LV.setObjCIvar(true);
2177  auto *Exp = cast<ObjCIvarRefExpr>(const_cast<Expr *>(E));
2178  LV.setBaseIvarExp(Exp->getBase());
2179  LV.setObjCArray(E->getType()->isArrayType());
2180  return;
2181  }
2182 
2183  if (const auto *Exp = dyn_cast<DeclRefExpr>(E)) {
2184  if (const auto *VD = dyn_cast<VarDecl>(Exp->getDecl())) {
2185  if (VD->hasGlobalStorage()) {
2186  LV.setGlobalObjCRef(true);
2187  LV.setThreadLocalRef(VD->getTLSKind() != VarDecl::TLS_None);
2188  }
2189  }
2190  LV.setObjCArray(E->getType()->isArrayType());
2191  return;
2192  }
2193 
2194  if (const auto *Exp = dyn_cast<UnaryOperator>(E)) {
2195  setObjCGCLValueClass(Ctx, Exp->getSubExpr(), LV, IsMemberAccess);
2196  return;
2197  }
2198 
2199  if (const auto *Exp = dyn_cast<ParenExpr>(E)) {
2200  setObjCGCLValueClass(Ctx, Exp->getSubExpr(), LV, IsMemberAccess);
2201  if (LV.isObjCIvar()) {
2202  // If cast is to a structure pointer, follow gcc's behavior and make it
2203  // a non-ivar write-barrier.
2204  QualType ExpTy = E->getType();
2205  if (ExpTy->isPointerType())
2206  ExpTy = ExpTy->getAs<PointerType>()->getPointeeType();
2207  if (ExpTy->isRecordType())
2208  LV.setObjCIvar(false);
2209  }
2210  return;
2211  }
2212 
2213  if (const auto *Exp = dyn_cast<GenericSelectionExpr>(E)) {
2214  setObjCGCLValueClass(Ctx, Exp->getResultExpr(), LV);
2215  return;
2216  }
2217 
2218  if (const auto *Exp = dyn_cast<ImplicitCastExpr>(E)) {
2219  setObjCGCLValueClass(Ctx, Exp->getSubExpr(), LV, IsMemberAccess);
2220  return;
2221  }
2222 
2223  if (const auto *Exp = dyn_cast<CStyleCastExpr>(E)) {
2224  setObjCGCLValueClass(Ctx, Exp->getSubExpr(), LV, IsMemberAccess);
2225  return;
2226  }
2227 
2228  if (const auto *Exp = dyn_cast<ObjCBridgedCastExpr>(E)) {
2229  setObjCGCLValueClass(Ctx, Exp->getSubExpr(), LV, IsMemberAccess);
2230  return;
2231  }
2232 
2233  if (const auto *Exp = dyn_cast<ArraySubscriptExpr>(E)) {
2234  setObjCGCLValueClass(Ctx, Exp->getBase(), LV);
2235  if (LV.isObjCIvar() && !LV.isObjCArray())
2236  // Using array syntax to assigning to what an ivar points to is not
2237  // same as assigning to the ivar itself. {id *Names;} Names[i] = 0;
2238  LV.setObjCIvar(false);
2239  else if (LV.isGlobalObjCRef() && !LV.isObjCArray())
2240  // Using array syntax to assigning to what global points to is not
2241  // same as assigning to the global itself. {id *G;} G[i] = 0;
2242  LV.setGlobalObjCRef(false);
2243  return;
2244  }
2245 
2246  if (const auto *Exp = dyn_cast<MemberExpr>(E)) {
2247  setObjCGCLValueClass(Ctx, Exp->getBase(), LV, true);
2248  // We don't know if member is an 'ivar', but this flag is looked at
2249  // only in the context of LV.isObjCIvar().
2250  LV.setObjCArray(E->getType()->isArrayType());
2251  return;
2252  }
2253 }
2254 
2255 static llvm::Value *
2256 EmitBitCastOfLValueToProperType(CodeGenFunction &CGF,
2257  llvm::Value *V, llvm::Type *IRType,
2258  StringRef Name = StringRef()) {
2259  unsigned AS = cast<llvm::PointerType>(V->getType())->getAddressSpace();
2260  return CGF.Builder.CreateBitCast(V, IRType->getPointerTo(AS), Name);
2261 }
2262 
2263 static LValue EmitThreadPrivateVarDeclLValue(
2264  CodeGenFunction &CGF, const VarDecl *VD, QualType T, Address Addr,
2265  llvm::Type *RealVarTy, SourceLocation Loc) {
2266  Addr = CGF.CGM.getOpenMPRuntime().getAddrOfThreadPrivate(CGF, VD, Addr, Loc);
2267  Addr = CGF.Builder.CreateElementBitCast(Addr, RealVarTy);
2268  return CGF.MakeAddrLValue(Addr, T, AlignmentSource::Decl);
2269 }
2270 
2271 static Address emitDeclTargetLinkVarDeclLValue(CodeGenFunction &CGF,
2272  const VarDecl *VD, QualType T) {
2273  llvm::Optional<OMPDeclareTargetDeclAttr::MapTypeTy> Res =
2274  OMPDeclareTargetDeclAttr::isDeclareTargetDeclaration(VD);
2275  if (!Res || *Res == OMPDeclareTargetDeclAttr::MT_To)
2276  return Address::invalid();
2277  assert(*Res == OMPDeclareTargetDeclAttr::MT_Link && "Expected link clause");
2278  QualType PtrTy = CGF.getContext().getPointerType(VD->getType());
2279  Address Addr = CGF.CGM.getOpenMPRuntime().getAddrOfDeclareTargetLink(VD);
2280  return CGF.EmitLoadOfPointer(Addr, PtrTy->castAs<PointerType>());
2281 }
2282 
2283 Address
2284 CodeGenFunction::EmitLoadOfReference(LValue RefLVal,
2285  LValueBaseInfo *PointeeBaseInfo,
2286  TBAAAccessInfo *PointeeTBAAInfo) {
2287  llvm::LoadInst *Load = Builder.CreateLoad(RefLVal.getAddress(),
2288  RefLVal.isVolatile());
2289  CGM.DecorateInstructionWithTBAA(Load, RefLVal.getTBAAInfo());
2290 
2291  CharUnits Align = getNaturalTypeAlignment(RefLVal.getType()->getPointeeType(),
2292  PointeeBaseInfo, PointeeTBAAInfo,
2293  /* forPointeeType= */ true);
2294  return Address(Load, Align);
2295 }
2296 
2297 LValue CodeGenFunction::EmitLoadOfReferenceLValue(LValue RefLVal) {
2298  LValueBaseInfo PointeeBaseInfo;
2299  TBAAAccessInfo PointeeTBAAInfo;
2300  Address PointeeAddr = EmitLoadOfReference(RefLVal, &PointeeBaseInfo,
2301  &PointeeTBAAInfo);
2302  return MakeAddrLValue(PointeeAddr, RefLVal.getType()->getPointeeType(),
2303  PointeeBaseInfo, PointeeTBAAInfo);
2304 }
2305 
2306 Address CodeGenFunction::EmitLoadOfPointer(Address Ptr,
2307  const PointerType *PtrTy,
2308  LValueBaseInfo *BaseInfo,
2309  TBAAAccessInfo *TBAAInfo) {
2310  llvm::Value *Addr = Builder.CreateLoad(Ptr);
2311  return Address(Addr, getNaturalTypeAlignment(PtrTy->getPointeeType(),
2312  BaseInfo, TBAAInfo,
2313  /*forPointeeType=*/true));
2314 }
2315 
2316 LValue CodeGenFunction::EmitLoadOfPointerLValue(Address PtrAddr,
2317  const PointerType *PtrTy) {
2318  LValueBaseInfo BaseInfo;
2319  TBAAAccessInfo TBAAInfo;
2320  Address Addr = EmitLoadOfPointer(PtrAddr, PtrTy, &BaseInfo, &TBAAInfo);
2321  return MakeAddrLValue(Addr, PtrTy->getPointeeType(), BaseInfo, TBAAInfo);
2322 }
2323 
2324 static LValue EmitGlobalVarDeclLValue(CodeGenFunction &CGF,
2325  const Expr *E, const VarDecl *VD) {
2326  QualType T = E->getType();
2327 
2328  // If it's thread_local, emit a call to its wrapper function instead.
2329  if (VD->getTLSKind() == VarDecl::TLS_Dynamic &&
2330  CGF.CGM.getCXXABI().usesThreadWrapperFunction())
2331  return CGF.CGM.getCXXABI().EmitThreadLocalVarDeclLValue(CGF, VD, T);
2332  // Check if the variable is marked as declare target with link clause in
2333  // device codegen.
2334  if (CGF.getLangOpts().OpenMPIsDevice) {
2335  Address Addr = emitDeclTargetLinkVarDeclLValue(CGF, VD, T);
2336  if (Addr.isValid())
2337  return CGF.MakeAddrLValue(Addr, T, AlignmentSource::Decl);
2338  }
2339 
2340  llvm::Value *V = CGF.CGM.GetAddrOfGlobalVar(VD);
2341  llvm::Type *RealVarTy = CGF.getTypes().ConvertTypeForMem(VD->getType());
2342  V = EmitBitCastOfLValueToProperType(CGF, V, RealVarTy);
2343  CharUnits Alignment = CGF.getContext().getDeclAlign(VD);
2344  Address Addr(V, Alignment);
2345  // Emit reference to the private copy of the variable if it is an OpenMP
2346  // threadprivate variable.
2347  if (CGF.getLangOpts().OpenMP && !CGF.getLangOpts().OpenMPSimd &&
2348  VD->hasAttr<OMPThreadPrivateDeclAttr>()) {
2349  return EmitThreadPrivateVarDeclLValue(CGF, VD, T, Addr, RealVarTy,
2350  E->getExprLoc());
2351  }
2352  LValue LV = VD->getType()->isReferenceType() ?
2353  CGF.EmitLoadOfReferenceLValue(Addr, VD->getType(),
2354  AlignmentSource::Decl) :
2355  CGF.MakeAddrLValue(Addr, T, AlignmentSource::Decl);
2356  setObjCGCLValueClass(CGF.getContext(), E, LV);
2357  return LV;
2358 }
2359 
2360 static llvm::Constant *EmitFunctionDeclPointer(CodeGenModule &CGM,
2361  const FunctionDecl *FD) {
2362  if (FD->hasAttr<WeakRefAttr>()) {
2363  ConstantAddress aliasee = CGM.GetWeakRefReference(FD);
2364  return aliasee.getPointer();
2365  }
2366 
2367  llvm::Constant *V = CGM.GetAddrOfFunction(FD);
2368  if (!FD->hasPrototype()) {
2369  if (const FunctionProtoType *Proto =
2370  FD->getType()->getAs<FunctionProtoType>()) {
2371  // Ugly case: for a K&R-style definition, the type of the definition
2372  // isn't the same as the type of a use. Correct for this with a
2373  // bitcast.
2374  QualType NoProtoType =
2375  CGM.getContext().getFunctionNoProtoType(Proto->getReturnType());
2376  NoProtoType = CGM.getContext().getPointerType(NoProtoType);
2377  V = llvm::ConstantExpr::getBitCast(V,
2378  CGM.getTypes().ConvertType(NoProtoType));
2379  }
2380  }
2381  return V;
2382 }
2383 
2384 static LValue EmitFunctionDeclLValue(CodeGenFunction &CGF,
2385  const Expr *E, const FunctionDecl *FD) {
2386  llvm::Value *V = EmitFunctionDeclPointer(CGF.CGM, FD);
2387  CharUnits Alignment = CGF.getContext().getDeclAlign(FD);
2388  return CGF.MakeAddrLValue(V, E->getType(), Alignment,
2389  AlignmentSource::Decl);
2390 }
2391 
2392 static LValue EmitCapturedFieldLValue(CodeGenFunction &CGF, const FieldDecl *FD,
2393  llvm::Value *ThisValue) {
2394  QualType TagType = CGF.getContext().getTagDeclType(FD->getParent());
2395  LValue LV = CGF.MakeNaturalAlignAddrLValue(ThisValue, TagType);
2396  return CGF.EmitLValueForField(LV, FD);
2397 }
2398 
2399 /// Named Registers are named metadata pointing to the register name
2400 /// which will be read from/written to as an argument to the intrinsic
2401 /// @llvm.read/write_register.
2402 /// So far, only the name is being passed down, but other options such as
2403 /// register type, allocation type or even optimization options could be
2404 /// passed down via the metadata node.
2405 static LValue EmitGlobalNamedRegister(const VarDecl *VD, CodeGenModule &CGM) {
2406  SmallString<64> Name("llvm.named.register.");
2407  AsmLabelAttr *Asm = VD->getAttr<AsmLabelAttr>();
2408  assert(Asm->getLabel().size() < 64-Name.size() &&
2409  "Register name too big");
2410  Name.append(Asm->getLabel());
2411  llvm::NamedMDNode *M =
2412  CGM.getModule().getOrInsertNamedMetadata(Name);
2413  if (M->getNumOperands() == 0) {
2414  llvm::MDString *Str = llvm::MDString::get(CGM.getLLVMContext(),
2415  Asm->getLabel());
2416  llvm::Metadata *Ops[] = {Str};
2417  M->addOperand(llvm::MDNode::get(CGM.getLLVMContext(), Ops));
2418  }
2419 
2420  CharUnits Alignment = CGM.getContext().getDeclAlign(VD);
2421 
2422  llvm::Value *Ptr =
2423  llvm::MetadataAsValue::get(CGM.getLLVMContext(), M->getOperand(0));
2424  return LValue::MakeGlobalReg(Address(Ptr, Alignment), VD->getType());
2425 }
2426 
2427 LValue CodeGenFunction::EmitDeclRefLValue(const DeclRefExpr *E) {
2428  const NamedDecl *ND = E->getDecl();
2429  QualType T = E->getType();
2430 
2431  if (const auto *VD = dyn_cast<VarDecl>(ND)) {
2432  // Global Named registers access via intrinsics only
2433  if (VD->getStorageClass() == SC_Register &&
2434  VD->hasAttr<AsmLabelAttr>() && !VD->isLocalVarDecl())
2435  return EmitGlobalNamedRegister(VD, CGM);
2436 
2437  // A DeclRefExpr for a reference initialized by a constant expression can
2438  // appear without being odr-used. Directly emit the constant initializer.
2439  const Expr *Init = VD->getAnyInitializer(VD);
2440  const auto *BD = dyn_cast_or_null<BlockDecl>(CurCodeDecl);
2441  if (Init && !isa<ParmVarDecl>(VD) && VD->getType()->isReferenceType() &&
2442  VD->isUsableInConstantExpressions(getContext()) &&
2443  VD->checkInitIsICE() &&
2444  // Do not emit if it is private OpenMP variable.
2445  !(E->refersToEnclosingVariableOrCapture() &&
2446  ((CapturedStmtInfo &&
2447  (LocalDeclMap.count(VD->getCanonicalDecl()) ||
2448  CapturedStmtInfo->lookup(VD->getCanonicalDecl()))) ||
2449  LambdaCaptureFields.lookup(VD->getCanonicalDecl()) ||
2450  (BD && BD->capturesVariable(VD))))) {
2451  llvm::Constant *Val =
2452  ConstantEmitter(*this).emitAbstract(E->getLocation(),
2453  *VD->evaluateValue(),
2454  VD->getType());
2455  assert(Val && "failed to emit reference constant expression");
2456  // FIXME: Eventually we will want to emit vector element references.
2457 
2458  // Should we be using the alignment of the constant pointer we emitted?
2459  CharUnits Alignment = getNaturalTypeAlignment(E->getType(),
2460  /* BaseInfo= */ nullptr,
2461  /* TBAAInfo= */ nullptr,
2462  /* forPointeeType= */ true);
2463  return MakeAddrLValue(Address(Val, Alignment), T, AlignmentSource::Decl);
2464  }
2465 
2466  // Check for captured variables.
2467  if (E->refersToEnclosingVariableOrCapture()) {
2468  VD = VD->getCanonicalDecl();
2469  if (auto *FD = LambdaCaptureFields.lookup(VD))
2470  return EmitCapturedFieldLValue(*this, FD, CXXABIThisValue);
2471  else if (CapturedStmtInfo) {
2472  auto I = LocalDeclMap.find(VD);
2473  if (I != LocalDeclMap.end()) {
2474  if (VD->getType()->isReferenceType())
2475  return EmitLoadOfReferenceLValue(I->second, VD->getType(),
2476  AlignmentSource::Decl);
2477  return MakeAddrLValue(I->second, T);
2478  }
2479  LValue CapLVal =
2480  EmitCapturedFieldLValue(*this, CapturedStmtInfo->lookup(VD),
2481  CapturedStmtInfo->getContextValue());
2482  return MakeAddrLValue(
2483  Address(CapLVal.getPointer(), getContext().getDeclAlign(VD)),
2484  CapLVal.getType(), LValueBaseInfo(AlignmentSource::Decl),
2485  CapLVal.getTBAAInfo());
2486  }
2487 
2488  assert(isa<BlockDecl>(CurCodeDecl));
2489  Address addr = GetAddrOfBlockDecl(VD, VD->hasAttr<BlocksAttr>());
2490  return MakeAddrLValue(addr, T, AlignmentSource::Decl);
2491  }
2492  }
2493 
2494  // FIXME: We should be able to assert this for FunctionDecls as well!
2495  // FIXME: We should be able to assert this for all DeclRefExprs, not just
2496  // those with a valid source location.
2497  assert((ND->isUsed(false) || !isa<VarDecl>(ND) ||
2498  !E->getLocation().isValid()) &&
2499  "Should not use decl without marking it used!");
2500 
2501  if (ND->hasAttr<WeakRefAttr>()) {
2502  const auto *VD = cast<ValueDecl>(ND);
2503  ConstantAddress Aliasee = CGM.GetWeakRefReference(VD);
2504  return MakeAddrLValue(Aliasee, T, AlignmentSource::Decl);
2505  }
2506 
2507  if (const auto *VD = dyn_cast<VarDecl>(ND)) {
2508  // Check if this is a global variable.
2509  if (VD->hasLinkage() || VD->isStaticDataMember())
2510  return EmitGlobalVarDeclLValue(*this, E, VD);
2511 
2512  Address addr = Address::invalid();
2513 
2514  // The variable should generally be present in the local decl map.
2515  auto iter = LocalDeclMap.find(VD);
2516  if (iter != LocalDeclMap.end()) {
2517  addr = iter->second;
2518 
2519  // Otherwise, it might be static local we haven't emitted yet for
2520  // some reason; most likely, because it's in an outer function.
2521  } else if (VD->isStaticLocal()) {
2522  addr = Address(CGM.getOrCreateStaticVarDecl(
2523  *VD, CGM.getLLVMLinkageVarDefinition(VD, /*isConstant=*/false)),
2524  getContext().getDeclAlign(VD));
2525 
2526  // No other cases for now.
2527  } else {
2528  llvm_unreachable("DeclRefExpr for Decl not entered in LocalDeclMap?");
2529  }
2530 
2531 
2532  // Check for OpenMP threadprivate variables.
2533  if (getLangOpts().OpenMP && !getLangOpts().OpenMPSimd &&
2534  VD->hasAttr<OMPThreadPrivateDeclAttr>()) {
2535  return EmitThreadPrivateVarDeclLValue(
2536  *this, VD, T, addr, getTypes().ConvertTypeForMem(VD->getType()),
2537  E->getExprLoc());
2538  }
2539 
2540  // Drill into block byref variables.
2541  bool isBlockByref = VD->hasAttr<BlocksAttr>();
2542  if (isBlockByref) {
2543  addr = emitBlockByrefAddress(addr, VD);
2544  }
2545 
2546  // Drill into reference types.
2547  LValue LV = VD->getType()->isReferenceType() ?
2548  EmitLoadOfReferenceLValue(addr, VD->getType(), AlignmentSource::Decl) :
2549  MakeAddrLValue(addr, T, AlignmentSource::Decl);
2550 
2551  bool isLocalStorage = VD->hasLocalStorage();
2552 
2553  bool NonGCable = isLocalStorage &&
2554  !VD->getType()->isReferenceType() &&
2555  !isBlockByref;
2556  if (NonGCable) {
2557  LV.getQuals().removeObjCGCAttr();
2558  LV.setNonGC(true);
2559  }
2560 
2561  bool isImpreciseLifetime =
2562  (isLocalStorage && !VD->hasAttr<ObjCPreciseLifetimeAttr>());
2563  if (isImpreciseLifetime)
2564  LV.setARCPreciseLifetime(ARCImpreciseLifetime);
2565  setObjCGCLValueClass(getContext(), E, LV);
2566  return LV;
2567  }
2568 
2569  if (const auto *FD = dyn_cast<FunctionDecl>(ND))
2570  return EmitFunctionDeclLValue(*this, E, FD);
2571 
2572  // FIXME: While we're emitting a binding from an enclosing scope, all other
2573  // DeclRefExprs we see should be implicitly treated as if they also refer to
2574  // an enclosing scope.
2575  if (const auto *BD = dyn_cast<BindingDecl>(ND))
2576  return EmitLValue(BD->getBinding());
2577 
2578  llvm_unreachable("Unhandled DeclRefExpr");
2579 }
2580 
2581 LValue CodeGenFunction::EmitUnaryOpLValue(const UnaryOperator *E) {
2582  // __extension__ doesn't affect lvalue-ness.
2583  if (E->getOpcode() == UO_Extension)
2584  return EmitLValue(E->getSubExpr());
2585 
2586  QualType ExprTy = getContext().getCanonicalType(E->getSubExpr()->getType());
2587  switch (E->getOpcode()) {
2588  default: llvm_unreachable("Unknown unary operator lvalue!");
2589  case UO_Deref: {
2590  QualType T = E->getSubExpr()->getType()->getPointeeType();
2591  assert(!T.isNull() && "CodeGenFunction::EmitUnaryOpLValue: Illegal type");
2592 
2593  LValueBaseInfo BaseInfo;
2594  TBAAAccessInfo TBAAInfo;
2595  Address Addr = EmitPointerWithAlignment(E->getSubExpr(), &BaseInfo,
2596  &TBAAInfo);
2597  LValue LV = MakeAddrLValue(Addr, T, BaseInfo, TBAAInfo);
2598  LV.getQuals().setAddressSpace(ExprTy.getAddressSpace());
2599 
2600  // We should not generate __weak write barrier on indirect reference
2601  // of a pointer to object; as in void foo (__weak id *param); *param = 0;
2602  // But, we continue to generate __strong write barrier on indirect write
2603  // into a pointer to object.
2604  if (getLangOpts().ObjC1 &&
2605  getLangOpts().getGC() != LangOptions::NonGC &&
2606  LV.isObjCWeak())
2607  LV.setNonGC(!E->isOBJCGCCandidate(getContext()));
2608  return LV;
2609  }
2610  case UO_Real:
2611  case UO_Imag: {
2612  LValue LV = EmitLValue(E->getSubExpr());
2613  assert(LV.isSimple() && "real/imag on non-ordinary l-value");
2614 
2615  // __real is valid on scalars. This is a faster way of testing that.
2616  // __imag can only produce an rvalue on scalars.
2617  if (E->getOpcode() == UO_Real &&
2618  !LV.getAddress().getElementType()->isStructTy()) {
2619  assert(E->getSubExpr()->getType()->isArithmeticType());
2620  return LV;
2621  }
2622 
2623  QualType T = ExprTy->castAs<ComplexType>()->getElementType();
2624 
2625  Address Component =
2626  (E->getOpcode() == UO_Real
2627  ? emitAddrOfRealComponent(LV.getAddress(), LV.getType())
2628  : emitAddrOfImagComponent(LV.getAddress(), LV.getType()));
2629  LValue ElemLV = MakeAddrLValue(Component, T, LV.getBaseInfo(),
2630  CGM.getTBAAInfoForSubobject(LV, T));
2631  ElemLV.getQuals().addQualifiers(LV.getQuals());
2632  return ElemLV;
2633  }
2634  case UO_PreInc:
2635  case UO_PreDec: {
2636  LValue LV = EmitLValue(E->getSubExpr());
2637  bool isInc = E->getOpcode() == UO_PreInc;
2638 
2639  if (E->getType()->isAnyComplexType())
2640  EmitComplexPrePostIncDec(E, LV, isInc, true/*isPre*/);
2641  else
2642  EmitScalarPrePostIncDec(E, LV, isInc, true/*isPre*/);
2643  return LV;
2644  }
2645  }
2646 }
2647 
2648 LValue CodeGenFunction::EmitStringLiteralLValue(const StringLiteral *E) {
2649  return MakeAddrLValue(CGM.GetAddrOfConstantStringFromLiteral(E),
2650  E->getType(), AlignmentSource::Decl);
2651 }
2652 
2653 LValue CodeGenFunction::EmitObjCEncodeExprLValue(const ObjCEncodeExpr *E) {
2654  return MakeAddrLValue(CGM.GetAddrOfConstantStringFromObjCEncode(E),
2655  E->getType(), AlignmentSource::Decl);
2656 }
2657 
2658 LValue CodeGenFunction::EmitPredefinedLValue(const PredefinedExpr *E) {
2659  auto SL = E->getFunctionName();
2660  assert(SL != nullptr && "No StringLiteral name in PredefinedExpr");
2661  StringRef FnName = CurFn->getName();
2662  if (FnName.startswith("\01"))
2663  FnName = FnName.substr(1);
2664  StringRef NameItems[] = {
2665  PredefinedExpr::getIdentTypeName(E->getIdentType()), FnName};
2666  std::string GVName = llvm::join(NameItems, NameItems + 2, ".");
2667  if (auto *BD = dyn_cast_or_null<BlockDecl>(CurCodeDecl)) {
2668  std::string Name = SL->getString();
2669  if (!Name.empty()) {
2670  unsigned Discriminator =
2671  CGM.getCXXABI().getMangleContext().getBlockId(BD, true);
2672  if (Discriminator)
2673  Name += "_" + Twine(Discriminator + 1).str();
2674  auto C = CGM.GetAddrOfConstantCString(Name, GVName.c_str());
2675  return MakeAddrLValue(C, E->getType(), AlignmentSource::Decl);
2676  } else {
2677  auto C = CGM.GetAddrOfConstantCString(FnName, GVName.c_str());
2678  return MakeAddrLValue(C, E->getType(), AlignmentSource::Decl);
2679  }
2680  }
2681  auto C = CGM.GetAddrOfConstantStringFromLiteral(SL, GVName);
2682  return MakeAddrLValue(C, E->getType(), AlignmentSource::Decl);
2683 }
2684 
2685 /// Emit a type description suitable for use by a runtime sanitizer library. The
2686 /// format of a type descriptor is
2687 ///
2688 /// \code
2689 /// { i16 TypeKind, i16 TypeInfo }
2690 /// \endcode
2691 ///
2692 /// followed by an array of i8 containing the type name. TypeKind is 0 for an
2693 /// integer, 1 for a floating point value, and -1 for anything else.
2694 llvm::Constant *CodeGenFunction::EmitCheckTypeDescriptor(QualType T) {
2695  // Only emit each type's descriptor once.
2696  if (llvm::Constant *C = CGM.getTypeDescriptorFromMap(T))
2697  return C;
2698 
2699  uint16_t TypeKind = -1;
2700  uint16_t TypeInfo = 0;
2701 
2702  if (T->isIntegerType()) {
2703  TypeKind = 0;
2704  TypeInfo = (llvm::Log2_32(getContext().getTypeSize(T)) << 1) |
2705  (T->isSignedIntegerType() ? 1 : 0);
2706  } else if (T->isFloatingType()) {
2707  TypeKind = 1;
2708  TypeInfo = getContext().getTypeSize(T);
2709  }
2710 
2711  // Format the type name as if for a diagnostic, including quotes and
2712  // optionally an 'aka'.
2713  SmallString<32> Buffer;
2714  CGM.getDiags().ConvertArgToString(DiagnosticsEngine::ak_qualtype,
2715  (intptr_t)T.getAsOpaquePtr(),
2716  StringRef(), StringRef(), None, Buffer,
2717  None);
2718 
2719  llvm::Constant *Components[] = {
2720  Builder.getInt16(TypeKind), Builder.getInt16(TypeInfo),
2721  llvm::ConstantDataArray::getString(getLLVMContext(), Buffer)
2722  };
2723  llvm::Constant *Descriptor = llvm::ConstantStruct::getAnon(Components);
2724 
2725  auto *GV = new llvm::GlobalVariable(
2726  CGM.getModule(), Descriptor->getType(),
2727  /*isConstant=*/true, llvm::GlobalVariable::PrivateLinkage, Descriptor);
2728  GV->setUnnamedAddr(llvm::GlobalValue::UnnamedAddr::Global);
2729  CGM.getSanitizerMetadata()->disableSanitizerForGlobal(GV);
2730 
2731  // Remember the descriptor for this type.
2732  CGM.setTypeDescriptorInMap(T, GV);
2733 
2734  return GV;
2735 }
2736 
2737 llvm::Value *CodeGenFunction::EmitCheckValue(llvm::Value *V) {
2738  llvm::Type *TargetTy = IntPtrTy;
2739 
2740  if (V->getType() == TargetTy)
2741  return V;
2742 
2743  // Floating-point types which fit into intptr_t are bitcast to integers
2744  // and then passed directly (after zero-extension, if necessary).
2745  if (V->getType()->isFloatingPointTy()) {
2746  unsigned Bits = V->getType()->getPrimitiveSizeInBits();
2747  if (Bits <= TargetTy->getIntegerBitWidth())
2748  V = Builder.CreateBitCast(V, llvm::Type::getIntNTy(getLLVMContext(),
2749  Bits));
2750  }
2751 
2752  // Integers which fit in intptr_t are zero-extended and passed directly.
2753  if (V->getType()->isIntegerTy() &&
2754  V->getType()->getIntegerBitWidth() <= TargetTy->getIntegerBitWidth())
2755  return Builder.CreateZExt(V, TargetTy);
2756 
2757  // Pointers are passed directly, everything else is passed by address.
2758  if (!V->getType()->isPointerTy()) {
2759  Address Ptr = CreateDefaultAlignTempAlloca(V->getType());
2760  Builder.CreateStore(V, Ptr);
2761  V = Ptr.getPointer();
2762  }
2763  return Builder.CreatePtrToInt(V, TargetTy);
2764 }
2765 
2766 /// Emit a representation of a SourceLocation for passing to a handler
2767 /// in a sanitizer runtime library. The format for this data is:
2768 /// \code
2769 /// struct SourceLocation {
2770 /// const char *Filename;
2771 /// int32_t Line, Column;
2772 /// };
2773 /// \endcode
2774 /// For an invalid SourceLocation, the Filename pointer is null.
2775 llvm::Constant *CodeGenFunction::EmitCheckSourceLocation(SourceLocation Loc) {
2776  llvm::Constant *Filename;
2777  int Line, Column;
2778 
2779  PresumedLoc PLoc = getContext().getSourceManager().getPresumedLoc(Loc);
2780  if (PLoc.isValid()) {
2781  StringRef FilenameString = PLoc.getFilename();
2782 
2783  int PathComponentsToStrip =
2784  CGM.getCodeGenOpts().EmitCheckPathComponentsToStrip;
2785  if (PathComponentsToStrip < 0) {
2786  assert(PathComponentsToStrip != INT_MIN);
2787  int PathComponentsToKeep = -PathComponentsToStrip;
2788  auto I = llvm::sys::path::rbegin(FilenameString);
2789  auto E = llvm::sys::path::rend(FilenameString);
2790  while (I != E && --PathComponentsToKeep)
2791  ++I;
2792 
2793  FilenameString = FilenameString.substr(I - E);
2794  } else if (PathComponentsToStrip > 0) {
2795  auto I = llvm::sys::path::begin(FilenameString);
2796  auto E = llvm::sys::path::end(FilenameString);
2797  while (I != E && PathComponentsToStrip--)
2798  ++I;
2799 
2800  if (I != E)
2801  FilenameString =
2802  FilenameString.substr(I - llvm::sys::path::begin(FilenameString));
2803  else
2804  FilenameString = llvm::sys::path::filename(FilenameString);
2805  }
2806 
2807  auto FilenameGV = CGM.GetAddrOfConstantCString(FilenameString, ".src");
2808  CGM.getSanitizerMetadata()->disableSanitizerForGlobal(
2809  cast<llvm::GlobalVariable>(FilenameGV.getPointer()));
2810  Filename = FilenameGV.getPointer();
2811  Line = PLoc.getLine();
2812  Column = PLoc.getColumn();
2813  } else {
2814  Filename = llvm::Constant::getNullValue(Int8PtrTy);
2815  Line = Column = 0;
2816  }
2817 
2818  llvm::Constant *Data[] = {Filename, Builder.getInt32(Line),
2819  Builder.getInt32(Column)};
2820 
2821  return llvm::ConstantStruct::getAnon(Data);
2822 }
2823 
2824 namespace {
2825 /// Specify under what conditions this check can be recovered
2826 enum class CheckRecoverableKind {
2827  /// Always terminate program execution if this check fails.
2828  Unrecoverable,
2829  /// Check supports recovering, runtime has both fatal (noreturn) and
2830  /// non-fatal handlers for this check.
2831  Recoverable,
2832  /// Runtime conditionally aborts, always need to support recovery.
2833  AlwaysRecoverable
2834 };
2835 }
2836 
2837 static CheckRecoverableKind getRecoverableKind(SanitizerMask Kind) {
2838  assert(llvm::countPopulation(Kind) == 1);
2839  switch (Kind) {
2840  case SanitizerKind::Vptr:
2841  return CheckRecoverableKind::AlwaysRecoverable;
2842  case SanitizerKind::Return:
2843  case SanitizerKind::Unreachable:
2844  return CheckRecoverableKind::Unrecoverable;
2845  default:
2846  return CheckRecoverableKind::Recoverable;
2847  }
2848 }
2849 
2850 namespace {
2851 struct SanitizerHandlerInfo {
2852  char const *const Name;
2853  unsigned Version;
2854 };
2855 }
2856 
2857 const SanitizerHandlerInfo SanitizerHandlers[] = {
2858 #define SANITIZER_CHECK(Enum, Name, Version) {#Name, Version},
2859  LIST_SANITIZER_CHECKS
2860 #undef SANITIZER_CHECK
2861 };
2862 
2863 static void emitCheckHandlerCall(CodeGenFunction &CGF,
2864  llvm::FunctionType *FnType,
2865  ArrayRef<llvm::Value *> FnArgs,
2866  SanitizerHandler CheckHandler,
2867  CheckRecoverableKind RecoverKind, bool IsFatal,
2868  llvm::BasicBlock *ContBB) {
2869  assert(IsFatal || RecoverKind != CheckRecoverableKind::Unrecoverable);
2870  bool NeedsAbortSuffix =
2871  IsFatal && RecoverKind != CheckRecoverableKind::Unrecoverable;
2872  bool MinimalRuntime = CGF.CGM.getCodeGenOpts().SanitizeMinimalRuntime;
2873  const SanitizerHandlerInfo &CheckInfo = SanitizerHandlers[CheckHandler];
2874  const StringRef CheckName = CheckInfo.Name;
2875  std::string FnName = "__ubsan_handle_" + CheckName.str();
2876  if (CheckInfo.Version && !MinimalRuntime)
2877  FnName += "_v" + llvm::utostr(CheckInfo.Version);
2878  if (MinimalRuntime)
2879  FnName += "_minimal";
2880  if (NeedsAbortSuffix)
2881  FnName += "_abort";
2882  bool MayReturn =
2883  !IsFatal || RecoverKind == CheckRecoverableKind::AlwaysRecoverable;
2884 
2885  llvm::AttrBuilder B;
2886  if (!MayReturn) {
2887  B.addAttribute(llvm::Attribute::NoReturn)
2888  .addAttribute(llvm::Attribute::NoUnwind);
2889  }
2890  B.addAttribute(llvm::Attribute::UWTable);
2891 
2892  llvm::Value *Fn = CGF.CGM.CreateRuntimeFunction(
2893  FnType, FnName,
2894  llvm::AttributeList::get(CGF.getLLVMContext(),
2895  llvm::AttributeList::FunctionIndex, B),
2896  /*Local=*/true);
2897  llvm::CallInst *HandlerCall = CGF.EmitNounwindRuntimeCall(Fn, FnArgs);
2898  if (!MayReturn) {
2899  HandlerCall->setDoesNotReturn();
2900  CGF.Builder.CreateUnreachable();
2901  } else {
2902  CGF.Builder.CreateBr(ContBB);
2903  }
2904 }
2905 
2906 void CodeGenFunction::EmitCheck(
2907  ArrayRef<std::pair<llvm::Value *, SanitizerMask>> Checked,
2908  SanitizerHandler CheckHandler, ArrayRef<llvm::Constant *> StaticArgs,
2909  ArrayRef<llvm::Value *> DynamicArgs) {
2910  assert(IsSanitizerScope);
2911  assert(Checked.size() > 0);
2912  assert(CheckHandler >= 0 &&
2913  size_t(CheckHandler) < llvm::array_lengthof(SanitizerHandlers));
2914  const StringRef CheckName = SanitizerHandlers[CheckHandler].Name;
2915 
2916  llvm::Value *FatalCond = nullptr;
2917  llvm::Value *RecoverableCond = nullptr;
2918  llvm::Value *TrapCond = nullptr;
2919  for (int i = 0, n = Checked.size(); i < n; ++i) {
2920  llvm::Value *Check = Checked[i].first;
2921  // -fsanitize-trap= overrides -fsanitize-recover=.
2922  llvm::Value *&Cond =
2923  CGM.getCodeGenOpts().SanitizeTrap.has(Checked[i].second)
2924  ? TrapCond
2925  : CGM.getCodeGenOpts().SanitizeRecover.has(Checked[i].second)
2926  ? RecoverableCond
2927  : FatalCond;
2928  Cond = Cond ? Builder.CreateAnd(Cond, Check) : Check;
2929  }
2930 
2931  if (TrapCond)
2932  EmitTrapCheck(TrapCond);
2933  if (!FatalCond && !RecoverableCond)
2934  return;
2935 
2936  llvm::Value *JointCond;
2937  if (FatalCond && RecoverableCond)
2938  JointCond = Builder.CreateAnd(FatalCond, RecoverableCond);
2939  else
2940  JointCond = FatalCond ? FatalCond : RecoverableCond;
2941  assert(JointCond);
2942 
2943  CheckRecoverableKind RecoverKind = getRecoverableKind(Checked[0].second);
2944  assert(SanOpts.has(Checked[0].second));
2945 #ifndef NDEBUG
2946  for (int i = 1, n = Checked.size(); i < n; ++i) {
2947  assert(RecoverKind == getRecoverableKind(Checked[i].second) &&
2948  "All recoverable kinds in a single check must be same!");
2949  assert(SanOpts.has(Checked[i].second));
2950  }
2951 #endif
2952 
2953  llvm::BasicBlock *Cont = createBasicBlock("cont");
2954  llvm::BasicBlock *Handlers = createBasicBlock("handler." + CheckName);
2955  llvm::Instruction *Branch = Builder.CreateCondBr(JointCond, Cont, Handlers);
2956  // Give hint that we very much don't expect to execute the handler
2957  // Value chosen to match UR_NONTAKEN_WEIGHT, see BranchProbabilityInfo.cpp
2958  llvm::MDBuilder MDHelper(getLLVMContext());
2959  llvm::MDNode *Node = MDHelper.createBranchWeights((1U << 20) - 1, 1);
2960  Branch->setMetadata(llvm::LLVMContext::MD_prof, Node);
2961  EmitBlock(Handlers);
2962 
2963  // Handler functions take an i8* pointing to the (handler-specific) static
2964  // information block, followed by a sequence of intptr_t arguments
2965  // representing operand values.
2966  SmallVector<llvm::Value *, 4> Args;
2967  SmallVector<llvm::Type *, 4> ArgTypes;
2968  if (!CGM.getCodeGenOpts().SanitizeMinimalRuntime) {
2969  Args.reserve(DynamicArgs.size() + 1);
2970  ArgTypes.reserve(DynamicArgs.size() + 1);
2971 
2972  // Emit handler arguments and create handler function type.
2973  if (!StaticArgs.empty()) {
2974  llvm::Constant *Info = llvm::ConstantStruct::getAnon(StaticArgs);
2975  auto *InfoPtr =
2976  new llvm::GlobalVariable(CGM.getModule(), Info->getType(), false,
2977  llvm::GlobalVariable::PrivateLinkage, Info);
2978  InfoPtr->setUnnamedAddr(llvm::GlobalValue::UnnamedAddr::Global);
2979  CGM.getSanitizerMetadata()->disableSanitizerForGlobal(InfoPtr);
2980  Args.push_back(Builder.CreateBitCast(InfoPtr, Int8PtrTy));
2981  ArgTypes.push_back(Int8PtrTy);
2982  }
2983 
2984  for (size_t i = 0, n = DynamicArgs.size(); i != n; ++i) {
2985  Args.push_back(EmitCheckValue(DynamicArgs[i]));
2986  ArgTypes.push_back(IntPtrTy);
2987  }
2988  }
2989 
2990  llvm::FunctionType *FnType =
2991  llvm::FunctionType::get(CGM.VoidTy, ArgTypes, false);
2992 
2993  if (!FatalCond || !RecoverableCond) {
2994  // Simple case: we need to generate a single handler call, either
2995  // fatal, or non-fatal.
2996  emitCheckHandlerCall(*this, FnType, Args, CheckHandler, RecoverKind,
2997  (FatalCond != nullptr), Cont);
2998  } else {
2999  // Emit two handler calls: first one for set of unrecoverable checks,
3000  // another one for recoverable.
3001  llvm::BasicBlock *NonFatalHandlerBB =
3002  createBasicBlock("non_fatal." + CheckName);
3003  llvm::BasicBlock *FatalHandlerBB = createBasicBlock("fatal." + CheckName);
3004  Builder.CreateCondBr(FatalCond, NonFatalHandlerBB, FatalHandlerBB);
3005  EmitBlock(FatalHandlerBB);
3006  emitCheckHandlerCall(*this, FnType, Args, CheckHandler, RecoverKind, true,
3007  NonFatalHandlerBB);
3008  EmitBlock(NonFatalHandlerBB);
3009  emitCheckHandlerCall(*this, FnType, Args, CheckHandler, RecoverKind, false,
3010  Cont);
3011  }
3012 
3013  EmitBlock(Cont);
3014 }
3015 
3016 void CodeGenFunction::EmitCfiSlowPathCheck(
3017  SanitizerMask Kind, llvm::Value *Cond, llvm::ConstantInt *TypeId,
3018  llvm::Value *Ptr, ArrayRef<llvm::Constant *> StaticArgs) {
3019  llvm::BasicBlock *Cont = createBasicBlock("cfi.cont");
3020 
3021  llvm::BasicBlock *CheckBB = createBasicBlock("cfi.slowpath");
3022  llvm::BranchInst *BI = Builder.CreateCondBr(Cond, Cont, CheckBB);
3023 
3024  llvm::MDBuilder MDHelper(getLLVMContext());
3025  llvm::MDNode *Node = MDHelper.createBranchWeights((1U << 20) - 1, 1);
3026  BI->setMetadata(llvm::LLVMContext::MD_prof, Node);
3027 
3028  EmitBlock(CheckBB);
3029 
3030  bool WithDiag = !CGM.getCodeGenOpts().SanitizeTrap.has(Kind);
3031 
3032  llvm::CallInst *CheckCall;
3033  llvm::Constant *SlowPathFn;
3034  if (WithDiag) {
3035  llvm::Constant *Info = llvm::ConstantStruct::getAnon(StaticArgs);
3036  auto *InfoPtr =
3037  new llvm::GlobalVariable(CGM.getModule(), Info->getType(), false,
3038  llvm::GlobalVariable::PrivateLinkage, Info);
3039  InfoPtr->setUnnamedAddr(llvm::GlobalValue::UnnamedAddr::Global);
3040  CGM.getSanitizerMetadata()->disableSanitizerForGlobal(InfoPtr);
3041 
3042  SlowPathFn = CGM.getModule().getOrInsertFunction(
3043  "__cfi_slowpath_diag",
3044  llvm::FunctionType::get(VoidTy, {Int64Ty, Int8PtrTy, Int8PtrTy},
3045  false));
3046  CheckCall = Builder.CreateCall(
3047  SlowPathFn, {TypeId, Ptr, Builder.CreateBitCast(InfoPtr, Int8PtrTy)});
3048  } else {
3049  SlowPathFn = CGM.getModule().getOrInsertFunction(
3050  "__cfi_slowpath",
3051  llvm::FunctionType::get(VoidTy, {Int64Ty, Int8PtrTy}, false));
3052  CheckCall = Builder.CreateCall(SlowPathFn, {TypeId, Ptr});
3053  }
3054 
3055  CGM.setDSOLocal(cast<llvm::GlobalValue>(SlowPathFn->stripPointerCasts()));
3056  CheckCall->setDoesNotThrow();
3057 
3058  EmitBlock(Cont);
3059 }
3060 
3061 // Emit a stub for __cfi_check function so that the linker knows about this
3062 // symbol in LTO mode.
3063 void CodeGenFunction::EmitCfiCheckStub() {
3064  llvm::Module *M = &CGM.getModule();
3065  auto &Ctx = M->getContext();
3066  llvm::Function *F = llvm::Function::Create(
3067  llvm::FunctionType::get(VoidTy, {Int64Ty, Int8PtrTy, Int8PtrTy}, false),
3068  llvm::GlobalValue::WeakAnyLinkage, "__cfi_check", M);
3069  CGM.setDSOLocal(F);
3070  llvm::BasicBlock *BB = llvm::BasicBlock::Create(Ctx, "entry", F);
3071  // FIXME: consider emitting an intrinsic call like
3072  // call void @llvm.cfi_check(i64 %0, i8* %1, i8* %2)
3073  // which can be lowered in CrossDSOCFI pass to the actual contents of
3074  // __cfi_check. This would allow inlining of __cfi_check calls.
3075  llvm::CallInst::Create(
3076  llvm::Intrinsic::getDeclaration(M, llvm::Intrinsic::trap), "", BB);
3077  llvm::ReturnInst::Create(Ctx, nullptr, BB);
3078 }
3079 
3080 // This function is basically a switch over the CFI failure kind, which is
3081 // extracted from CFICheckFailData (1st function argument). Each case is either
3082 // llvm.trap or a call to one of the two runtime handlers, based on
3083 // -fsanitize-trap and -fsanitize-recover settings. Default case (invalid
3084 // failure kind) traps, but this should really never happen. CFICheckFailData
3085 // can be nullptr if the calling module has -fsanitize-trap behavior for this
3086 // check kind; in this case __cfi_check_fail traps as well.
3087 void CodeGenFunction::EmitCfiCheckFail() {
3088  SanitizerScope SanScope(this);
3089  FunctionArgList Args;
3090  ImplicitParamDecl ArgData(getContext(), getContext().VoidPtrTy,
3091  ImplicitParamDecl::Other);
3092  ImplicitParamDecl ArgAddr(getContext(), getContext().VoidPtrTy,
3093  ImplicitParamDecl::Other);
3094  Args.push_back(&ArgData);
3095  Args.push_back(&ArgAddr);
3096 
3097  const CGFunctionInfo &FI =
3098  CGM.getTypes().arrangeBuiltinFunctionDeclaration(getContext().VoidTy, Args);
3099 
3100  llvm::Function *F = llvm::Function::Create(
3101  llvm::FunctionType::get(VoidTy, {VoidPtrTy, VoidPtrTy}, false),
3102  llvm::GlobalValue::WeakODRLinkage, "__cfi_check_fail", &CGM.getModule());
3103  F->setVisibility(llvm::GlobalValue::HiddenVisibility);
3104 
3105  StartFunction(GlobalDecl(), CGM.getContext().VoidTy, F, FI, Args,
3106  SourceLocation());
3107 
3108  // This function should not be affected by blacklist. This function does
3109  // not have a source location, but "src:*" would still apply. Revert any
3110  // changes to SanOpts made in StartFunction.
3111  SanOpts = CGM.getLangOpts().Sanitize;
3112 
3113  llvm::Value *Data =
3114  EmitLoadOfScalar(GetAddrOfLocalVar(&ArgData), /*Volatile=*/false,
3115  CGM.getContext().VoidPtrTy, ArgData.getLocation());
3116  llvm::Value *Addr =
3117  EmitLoadOfScalar(GetAddrOfLocalVar(&ArgAddr), /*Volatile=*/false,
3118  CGM.getContext().VoidPtrTy, ArgAddr.getLocation());
3119 
3120  // Data == nullptr means the calling module has trap behaviour for this check.
3121  llvm::Value *DataIsNotNullPtr =
3122  Builder.CreateICmpNE(Data, llvm::ConstantPointerNull::get(Int8PtrTy));
3123  EmitTrapCheck(DataIsNotNullPtr);
3124 
3125  llvm::StructType *SourceLocationTy =
3126  llvm::StructType::get(VoidPtrTy, Int32Ty, Int32Ty);
3127  llvm::StructType *CfiCheckFailDataTy =
3128  llvm::StructType::get(Int8Ty, SourceLocationTy, VoidPtrTy);
3129 
3130  llvm::Value *V = Builder.CreateConstGEP2_32(
3131  CfiCheckFailDataTy,
3132  Builder.CreatePointerCast(Data, CfiCheckFailDataTy->getPointerTo(0)), 0,
3133  0);
3134  Address CheckKindAddr(V, getIntAlign());
3135  llvm::Value *CheckKind = Builder.CreateLoad(CheckKindAddr);
3136 
3137  llvm::Value *AllVtables = llvm::MetadataAsValue::get(
3138  CGM.getLLVMContext(),
3139  llvm::MDString::get(CGM.getLLVMContext(), "all-vtables"));
3140  llvm::Value *ValidVtable = Builder.CreateZExt(
3141  Builder.CreateCall(CGM.getIntrinsic(llvm::Intrinsic::type_test),
3142  {Addr, AllVtables}),
3143  IntPtrTy);
3144 
3145  const std::pair<int, SanitizerMask> CheckKinds[] = {
3146  {CFITCK_VCall, SanitizerKind::CFIVCall},
3147  {CFITCK_NVCall, SanitizerKind::CFINVCall},
3148  {CFITCK_DerivedCast, SanitizerKind::CFIDerivedCast},
3149  {CFITCK_UnrelatedCast, SanitizerKind::CFIUnrelatedCast},
3150  {CFITCK_ICall, SanitizerKind::CFIICall}};
3151 
3152  SmallVector<std::pair<llvm::Value *, SanitizerMask>, 5> Checks;
3153  for (auto CheckKindMaskPair : CheckKinds) {
3154  int Kind = CheckKindMaskPair.first;
3155  SanitizerMask Mask = CheckKindMaskPair.second;
3156  llvm::Value *Cond =
3157  Builder.CreateICmpNE(CheckKind, llvm::ConstantInt::get(Int8Ty, Kind));
3158  if (CGM.getLangOpts().Sanitize.has(Mask))
3159  EmitCheck(std::make_pair(Cond, Mask), SanitizerHandler::CFICheckFail, {},
3160  {Data, Addr, ValidVtable});
3161  else
3162  EmitTrapCheck(Cond);
3163  }
3164 
3165  FinishFunction();
3166  // The only reference to this function will be created during LTO link.
3167  // Make sure it survives until then.
3168  CGM.addUsedGlobal(F);
3169 }
3170 
3171 void CodeGenFunction::EmitUnreachable(SourceLocation Loc) {
3172  if (SanOpts.has(SanitizerKind::Unreachable)) {
3173  SanitizerScope SanScope(this);
3174  EmitCheck(std::make_pair(static_cast<llvm::Value *>(Builder.getFalse()),
3175  SanitizerKind::Unreachable),
3176  SanitizerHandler::BuiltinUnreachable,
3177  EmitCheckSourceLocation(Loc), None);
3178  }
3179  Builder.CreateUnreachable();
3180 }
3181 
3182 void CodeGenFunction::EmitTrapCheck(llvm::Value *Checked) {
3183  llvm::BasicBlock *Cont = createBasicBlock("cont");
3184 
3185  // If we're optimizing, collapse all calls to trap down to just one per
3186  // function to save on code size.
3187  if (!CGM.getCodeGenOpts().OptimizationLevel || !TrapBB) {
3188  TrapBB = createBasicBlock("trap");
3189  Builder.CreateCondBr(Checked, Cont, TrapBB);
3190  EmitBlock(TrapBB);
3191  llvm::CallInst *TrapCall = EmitTrapCall(llvm::Intrinsic::trap);
3192  TrapCall->setDoesNotReturn();
3193  TrapCall->setDoesNotThrow();
3194  Builder.CreateUnreachable();
3195  } else {
3196  Builder.CreateCondBr(Checked, Cont, TrapBB);
3197  }
3198 
3199  EmitBlock(Cont);
3200 }
3201 
3202 llvm::CallInst *CodeGenFunction::EmitTrapCall(llvm::Intrinsic::ID IntrID) {
3203  llvm::CallInst *TrapCall = Builder.CreateCall(CGM.getIntrinsic(IntrID));
3204 
3205  if (!CGM.getCodeGenOpts().TrapFuncName.empty()) {
3206  auto A = llvm::Attribute::get(getLLVMContext(), "trap-func-name",
3207  CGM.getCodeGenOpts().TrapFuncName);
3208  TrapCall->addAttribute(llvm::AttributeList::FunctionIndex, A);
3209  }
3210 
3211  return TrapCall;
3212 }
3213 
3214 Address CodeGenFunction::EmitArrayToPointerDecay(const Expr *E,
3215  LValueBaseInfo *BaseInfo,
3216  TBAAAccessInfo *TBAAInfo) {
3217  assert(E->getType()->isArrayType() &&
3218  "Array to pointer decay must have array source type!");
3219 
3220  // Expressions of array type can't be bitfields or vector elements.
3221  LValue LV = EmitLValue(E);
3222  Address Addr = LV.getAddress();
3223 
3224  // If the array type was an incomplete type, we need to make sure
3225  // the decay ends up being the right type.
3226  llvm::Type *NewTy = ConvertType(E->getType());
3227  Addr = Builder.CreateElementBitCast(Addr, NewTy);
3228 
3229  // Note that VLA pointers are always decayed, so we don't need to do
3230  // anything here.
3231  if (!E->getType()->isVariableArrayType()) {
3232  assert(isa<llvm::ArrayType>(Addr.getElementType()) &&
3233  "Expected pointer to array");
3234  Addr = Builder.CreateStructGEP(Addr, 0, CharUnits::Zero(), "arraydecay");
3235  }
3236 
3237  // The result of this decay conversion points to an array element within the
3238  // base lvalue. However, since TBAA currently does not support representing
3239  // accesses to elements of member arrays, we conservatively represent accesses
3240  // to the pointee object as if it had no any base lvalue specified.
3241  // TODO: Support TBAA for member arrays.
3242  QualType EltType = E->getType()->castAsArrayTypeUnsafe()->getElementType();
3243  if (BaseInfo) *BaseInfo = LV.getBaseInfo();
3244  if (TBAAInfo) *TBAAInfo = CGM.getTBAAAccessInfo(EltType);
3245 
3246  return Builder.CreateElementBitCast(Addr, ConvertTypeForMem(EltType));
3247 }
3248 
3249 /// isSimpleArrayDecayOperand - If the specified expr is a simple decay from an
3250 /// array to pointer, return the array subexpression.
3251 static const Expr *isSimpleArrayDecayOperand(const Expr *E) {
3252  // If this isn't just an array->pointer decay, bail out.
3253  const auto *CE = dyn_cast<CastExpr>(E);
3254  if (!CE || CE->getCastKind() != CK_ArrayToPointerDecay)
3255  return nullptr;
3256 
3257  // If this is a decay from variable width array, bail out.
3258  const Expr *SubExpr = CE->getSubExpr();
3259  if (SubExpr->getType()->isVariableArrayType())
3260  return nullptr;
3261 
3262  return SubExpr;
3263 }
3264 
3265 static llvm::Value *emitArraySubscriptGEP(CodeGenFunction &CGF,
3266  llvm::Value *ptr,
3267  ArrayRef<llvm::Value*> indices,
3268  bool inbounds,
3269  bool signedIndices,
3270  SourceLocation loc,
3271  const llvm::Twine &name = "arrayidx") {
3272  if (inbounds) {
3273  return CGF.EmitCheckedInBoundsGEP(ptr, indices, signedIndices,
3274  CodeGenFunction::NotSubtraction, loc,
3275  name);
3276  } else {
3277  return CGF.Builder.CreateGEP(ptr, indices, name);
3278  }
3279 }
3280 
3281 static CharUnits getArrayElementAlign(CharUnits arrayAlign,
3282  llvm::Value *idx,
3283  CharUnits eltSize) {
3284  // If we have a constant index, we can use the exact offset of the
3285  // element we're accessing.
3286  if (auto constantIdx = dyn_cast<llvm::ConstantInt>(idx)) {
3287  CharUnits offset = constantIdx->getZExtValue() * eltSize;
3288  return arrayAlign.alignmentAtOffset(offset);
3289 
3290  // Otherwise, use the worst-case alignment for any element.
3291  } else {
3292  return arrayAlign.alignmentOfArrayElement(eltSize);
3293  }
3294 }
3295 
3296 static QualType getFixedSizeElementType(const ASTContext &ctx,
3297  const VariableArrayType *vla) {
3298  QualType eltType;
3299  do {
3300  eltType = vla->getElementType();
3301  } while ((vla = ctx.getAsVariableArrayType(eltType)));
3302  return eltType;
3303 }
3304 
3305 static Address emitArraySubscriptGEP(CodeGenFunction &CGF, Address addr,
3306  ArrayRef<llvm::Value *> indices,
3307  QualType eltType, bool inbounds,
3308  bool signedIndices, SourceLocation loc,
3309  const llvm::Twine &name = "arrayidx") {
3310  // All the indices except that last must be zero.
3311 #ifndef NDEBUG
3312  for (auto idx : indices.drop_back())
3313  assert(isa<llvm::ConstantInt>(idx) &&
3314  cast<llvm::ConstantInt>(idx)->isZero());
3315 #endif
3316 
3317  // Determine the element size of the statically-sized base. This is
3318  // the thing that the indices are expressed in terms of.
3319  if (auto vla = CGF.getContext().getAsVariableArrayType(eltType)) {
3320  eltType = getFixedSizeElementType(CGF.getContext(), vla);
3321  }
3322 
3323  // We can use that to compute the best alignment of the element.
3324  CharUnits eltSize = CGF.getContext().getTypeSizeInChars(eltType);
3325  CharUnits eltAlign =
3326  getArrayElementAlign(addr.getAlignment(), indices.back(), eltSize);
3327 
3328  llvm::Value *eltPtr = emitArraySubscriptGEP(
3329  CGF, addr.getPointer(), indices, inbounds, signedIndices, loc, name);
3330  return Address(eltPtr, eltAlign);
3331 }
3332 
3333 LValue CodeGenFunction::EmitArraySubscriptExpr(const ArraySubscriptExpr *E,
3334  bool Accessed) {
3335  // The index must always be an integer, which is not an aggregate. Emit it
3336  // in lexical order (this complexity is, sadly, required by C++17).
3337  llvm::Value *IdxPre =
3338  (E->getLHS() == E->getIdx()) ? EmitScalarExpr(E->getIdx()) : nullptr;
3339  bool SignedIndices = false;
3340  auto EmitIdxAfterBase = [&, IdxPre](bool Promote) -> llvm::Value * {
3341  auto *Idx = IdxPre;
3342  if (E->getLHS() != E->getIdx()) {
3343  assert(E->getRHS() == E->getIdx() && "index was neither LHS nor RHS");
3344  Idx = EmitScalarExpr(E->getIdx());
3345  }
3346 
3347  QualType IdxTy = E->getIdx()->getType();
3348  bool IdxSigned = IdxTy->isSignedIntegerOrEnumerationType();
3349  SignedIndices |= IdxSigned;
3350 
3351  if (SanOpts.has(SanitizerKind::ArrayBounds))
3352  EmitBoundsCheck(E, E->getBase(), Idx, IdxTy, Accessed);
3353 
3354  // Extend or truncate the index type to 32 or 64-bits.
3355  if (Promote && Idx->getType() != IntPtrTy)
3356  Idx = Builder.CreateIntCast(Idx, IntPtrTy, IdxSigned, "idxprom");
3357 
3358  return Idx;
3359  };
3360  IdxPre = nullptr;
3361 
3362  // If the base is a vector type, then we are forming a vector element lvalue
3363  // with this subscript.
3364  if (E->getBase()->getType()->isVectorType() &&
3365  !isa<ExtVectorElementExpr>(E->getBase())) {
3366  // Emit the vector as an lvalue to get its address.
3367  LValue LHS = EmitLValue(E->getBase());
3368  auto *Idx = EmitIdxAfterBase(/*Promote*/false);
3369  assert(LHS.isSimple() && "Can only subscript lvalue vectors here!");
3370  return LValue::MakeVectorElt(LHS.getAddress(), Idx, E->getBase()->getType(),
3371  LHS.getBaseInfo(), TBAAAccessInfo());
3372  }
3373 
3374  // All the other cases basically behave like simple offsetting.
3375 
3376  // Handle the extvector case we ignored above.
3377  if (isa<ExtVectorElementExpr>(E->getBase())) {
3378  LValue LV = EmitLValue(E->getBase());
3379  auto *Idx = EmitIdxAfterBase(/*Promote*/true);
3380  Address Addr = EmitExtVectorElementLValue(LV);
3381 
3382  QualType EltType = LV.getType()->castAs<VectorType>()->getElementType();
3383  Addr = emitArraySubscriptGEP(*this, Addr, Idx, EltType, /*inbounds*/ true,
3384  SignedIndices, E->getExprLoc());
3385  return MakeAddrLValue(Addr, EltType, LV.getBaseInfo(),
3386  CGM.getTBAAInfoForSubobject(LV, EltType));
3387  }
3388 
3389  LValueBaseInfo EltBaseInfo;
3390  TBAAAccessInfo EltTBAAInfo;
3391  Address Addr = Address::invalid();
3392  if (const VariableArrayType *vla =
3393  getContext().getAsVariableArrayType(E->getType())) {
3394  // The base must be a pointer, which is not an aggregate. Emit
3395  // it. It needs to be emitted first in case it's what captures
3396  // the VLA bounds.
3397  Addr = EmitPointerWithAlignment(E->getBase(), &EltBaseInfo, &EltTBAAInfo);
3398  auto *Idx = EmitIdxAfterBase(/*Promote*/true);
3399 
3400  // The element count here is the total number of non-VLA elements.
3401  llvm::Value *numElements = getVLASize(vla).NumElts;
3402 
3403  // Effectively, the multiply by the VLA size is part of the GEP.
3404  // GEP indexes are signed, and scaling an index isn't permitted to
3405  // signed-overflow, so we use the same semantics for our explicit
3406  // multiply. We suppress this if overflow is not undefined behavior.
3407  if (getLangOpts().isSignedOverflowDefined()) {
3408  Idx = Builder.CreateMul(Idx, numElements);
3409  } else {
3410  Idx = Builder.CreateNSWMul(Idx, numElements);
3411  }
3412 
3413  Addr = emitArraySubscriptGEP(*this, Addr, Idx, vla->getElementType(),
3414  !getLangOpts().isSignedOverflowDefined(),
3415  SignedIndices, E->getExprLoc());
3416 
3417  } else if (const ObjCObjectType *OIT = E->getType()->getAs<ObjCObjectType>()){
3418  // Indexing over an interface, as in "NSString *P; P[4];"
3419 
3420  // Emit the base pointer.
3421  Addr = EmitPointerWithAlignment(E->getBase(), &EltBaseInfo, &EltTBAAInfo);
3422  auto *Idx = EmitIdxAfterBase(/*Promote*/true);
3423 
3424  CharUnits InterfaceSize = getContext().getTypeSizeInChars(OIT);
3425  llvm::Value *InterfaceSizeVal =
3426  llvm::ConstantInt::get(Idx->getType(), InterfaceSize.getQuantity());
3427 
3428  llvm::Value *ScaledIdx = Builder.CreateMul(Idx, InterfaceSizeVal);
3429 
3430  // We don't necessarily build correct LLVM struct types for ObjC
3431  // interfaces, so we can't rely on GEP to do this scaling
3432  // correctly, so we need to cast to i8*. FIXME: is this actually
3433  // true? A lot of other things in the fragile ABI would break...
3434  llvm::Type *OrigBaseTy = Addr.getType();
3435  Addr = Builder.CreateElementBitCast(Addr, Int8Ty);
3436 
3437  // Do the GEP.
3438  CharUnits EltAlign =
3439  getArrayElementAlign(Addr.getAlignment(), Idx, InterfaceSize);
3440  llvm::Value *EltPtr =
3441  emitArraySubscriptGEP(*this, Addr.getPointer(), ScaledIdx, false,
3442  SignedIndices, E->getExprLoc());
3443  Addr = Address(EltPtr, EltAlign);
3444 
3445  // Cast back.
3446  Addr = Builder.CreateBitCast(Addr, OrigBaseTy);
3447  } else if (const Expr *Array = isSimpleArrayDecayOperand(E->getBase())) {
3448  // If this is A[i] where A is an array, the frontend will have decayed the
3449  // base to be a ArrayToPointerDecay implicit cast. While correct, it is
3450  // inefficient at -O0 to emit a "gep A, 0, 0" when codegen'ing it, then a
3451  // "gep x, i" here. Emit one "gep A, 0, i".
3452  assert(Array->getType()->isArrayType() &&
3453  "Array to pointer decay must have array source type!");
3454  LValue ArrayLV;
3455  // For simple multidimensional array indexing, set the 'accessed' flag for
3456  // better bounds-checking of the base expression.
3457  if (const auto *ASE = dyn_cast<ArraySubscriptExpr>(Array))
3458  ArrayLV = EmitArraySubscriptExpr(ASE, /*Accessed*/ true);
3459  else
3460  ArrayLV = EmitLValue(Array);
3461  auto *Idx = EmitIdxAfterBase(/*Promote*/true);
3462 
3463  // Propagate the alignment from the array itself to the result.
3464  Addr = emitArraySubscriptGEP(
3465  *this, ArrayLV.getAddress(), {CGM.getSize(CharUnits::Zero()), Idx},
3466  E->getType(), !getLangOpts().isSignedOverflowDefined(), SignedIndices,
3467  E->getExprLoc());
3468  EltBaseInfo = ArrayLV.getBaseInfo();
3469  EltTBAAInfo = CGM.getTBAAInfoForSubobject(ArrayLV, E->getType());
3470  } else {
3471  // The base must be a pointer; emit it with an estimate of its alignment.
3472  Addr = EmitPointerWithAlignment(E->getBase(), &EltBaseInfo, &EltTBAAInfo);
3473  auto *Idx = EmitIdxAfterBase(/*Promote*/true);
3474  Addr = emitArraySubscriptGEP(*this, Addr, Idx, E->getType(),
3475  !getLangOpts().isSignedOverflowDefined(),
3476  SignedIndices, E->getExprLoc());
3477  }
3478 
3479  LValue LV = MakeAddrLValue(Addr, E->getType(), EltBaseInfo, EltTBAAInfo);
3480 
3481  if (getLangOpts().ObjC1 &&
3482  getLangOpts().getGC() != LangOptions::NonGC) {
3483  LV.setNonGC(!E->isOBJCGCCandidate(getContext()));
3484  setObjCGCLValueClass(getContext(), E, LV);
3485  }
3486  return LV;
3487 }
3488 
3489 static Address emitOMPArraySectionBase(CodeGenFunction &CGF, const Expr *Base,
3490  LValueBaseInfo &BaseInfo,
3491  TBAAAccessInfo &TBAAInfo,
3492  QualType BaseTy, QualType ElTy,
3493  bool IsLowerBound) {
3494  LValue BaseLVal;
3495  if (auto *ASE = dyn_cast<OMPArraySectionExpr>(Base->IgnoreParenImpCasts())) {
3496  BaseLVal = CGF.EmitOMPArraySectionExpr(ASE, IsLowerBound);
3497  if (BaseTy->isArrayType()) {
3498  Address Addr = BaseLVal.getAddress();
3499  BaseInfo = BaseLVal.getBaseInfo();
3500 
3501  // If the array type was an incomplete type, we need to make sure
3502  // the decay ends up being the right type.
3503  llvm::Type *NewTy = CGF.ConvertType(BaseTy);
3504  Addr = CGF.Builder.CreateElementBitCast(Addr, NewTy);
3505 
3506  // Note that VLA pointers are always decayed, so we don't need to do
3507  // anything here.
3508  if (!BaseTy->isVariableArrayType()) {
3509  assert(isa<llvm::ArrayType>(Addr.getElementType()) &&
3510  "Expected pointer to array");
3511  Addr = CGF.Builder.CreateStructGEP(Addr, 0, CharUnits::Zero(),
3512  "arraydecay");
3513  }
3514 
3515  return CGF.Builder.CreateElementBitCast(Addr,
3516  CGF.ConvertTypeForMem(ElTy));
3517  }
3518  LValueBaseInfo TypeBaseInfo;
3519  TBAAAccessInfo TypeTBAAInfo;
3520  CharUnits Align = CGF.getNaturalTypeAlignment(ElTy, &TypeBaseInfo,
3521  &TypeTBAAInfo);
3522  BaseInfo.mergeForCast(TypeBaseInfo);
3523  TBAAInfo = CGF.CGM.mergeTBAAInfoForCast(TBAAInfo, TypeTBAAInfo);
3524  return Address(CGF.Builder.CreateLoad(BaseLVal.getAddress()), Align);
3525  }
3526  return CGF.EmitPointerWithAlignment(Base, &BaseInfo, &TBAAInfo);
3527 }
3528 
3529 LValue CodeGenFunction::EmitOMPArraySectionExpr(const OMPArraySectionExpr *E,
3530  bool IsLowerBound) {
3531  QualType BaseTy = OMPArraySectionExpr::getBaseOriginalType(E->getBase());
3532  QualType ResultExprTy;
3533  if (auto *AT = getContext().getAsArrayType(BaseTy))
3534  ResultExprTy = AT->getElementType();
3535  else
3536  ResultExprTy = BaseTy->getPointeeType();
3537  llvm::Value *Idx = nullptr;
3538  if (IsLowerBound || E->getColonLoc().isInvalid()) {
3539  // Requesting lower bound or upper bound, but without provided length and
3540  // without ':' symbol for the default length -> length = 1.
3541  // Idx = LowerBound ?: 0;
3542  if (auto *LowerBound = E->getLowerBound()) {
3543  Idx = Builder.CreateIntCast(
3544  EmitScalarExpr(LowerBound), IntPtrTy,
3545  LowerBound->getType()->hasSignedIntegerRepresentation());
3546  } else
3547  Idx = llvm::ConstantInt::getNullValue(IntPtrTy);
3548  } else {
3549  // Try to emit length or lower bound as constant. If this is possible, 1
3550  // is subtracted from constant length or lower bound. Otherwise, emit LLVM
3551  // IR (LB + Len) - 1.
3552  auto &C = CGM.getContext();
3553  auto *Length = E->getLength();
3554  llvm::APSInt ConstLength;
3555  if (Length) {
3556  // Idx = LowerBound + Length - 1;
3557  if (Length->isIntegerConstantExpr(ConstLength, C)) {
3558  ConstLength = ConstLength.zextOrTrunc(PointerWidthInBits);
3559  Length = nullptr;
3560  }
3561  auto *LowerBound = E->getLowerBound();
3562  llvm::APSInt ConstLowerBound(PointerWidthInBits, /*isUnsigned=*/false);
3563  if (LowerBound && LowerBound->isIntegerConstantExpr(ConstLowerBound, C)) {
3564  ConstLowerBound = ConstLowerBound.zextOrTrunc(PointerWidthInBits);
3565  LowerBound = nullptr;
3566  }
3567  if (!Length)
3568  --ConstLength;
3569  else if (!LowerBound)
3570  --ConstLowerBound;
3571 
3572  if (Length || LowerBound) {
3573  auto *LowerBoundVal =
3574  LowerBound
3575  ? Builder.CreateIntCast(
3576  EmitScalarExpr(LowerBound), IntPtrTy,
3577  LowerBound->getType()->hasSignedIntegerRepresentation())
3578  : llvm::ConstantInt::get(IntPtrTy, ConstLowerBound);
3579  auto *LengthVal =
3580  Length
3581  ? Builder.CreateIntCast(
3582  EmitScalarExpr(Length), IntPtrTy,
3583  Length->getType()->hasSignedIntegerRepresentation())
3584  : llvm::ConstantInt::get(IntPtrTy, ConstLength);
3585  Idx = Builder.CreateAdd(LowerBoundVal, LengthVal, "lb_add_len",
3586  /*HasNUW=*/false,
3587  !getLangOpts().isSignedOverflowDefined());
3588  if (Length && LowerBound) {
3589  Idx = Builder.CreateSub(
3590  Idx, llvm::ConstantInt::get(IntPtrTy, /*V=*/1), "idx_sub_1",
3591  /*HasNUW=*/false, !getLangOpts().isSignedOverflowDefined());
3592  }
3593  } else
3594  Idx = llvm::ConstantInt::get(IntPtrTy, ConstLength + ConstLowerBound);
3595  } else {
3596  // Idx = ArraySize - 1;
3597  QualType ArrayTy = BaseTy->isPointerType()
3598  ? E->getBase()->IgnoreParenImpCasts()->getType()
3599  : BaseTy;
3600  if (auto *VAT = C.getAsVariableArrayType(ArrayTy)) {
3601  Length = VAT->getSizeExpr();
3602  if (Length->isIntegerConstantExpr(ConstLength, C))
3603  Length = nullptr;
3604  } else {
3605  auto *CAT = C.getAsConstantArrayType(ArrayTy);
3606  ConstLength = CAT->getSize();
3607  }
3608  if (Length) {
3609  auto *LengthVal = Builder.CreateIntCast(
3610  EmitScalarExpr(Length), IntPtrTy,
3611  Length->getType()->hasSignedIntegerRepresentation());
3612  Idx = Builder.CreateSub(
3613  LengthVal, llvm::ConstantInt::get(IntPtrTy, /*V=*/1), "len_sub_1",
3614  /*HasNUW=*/false, !getLangOpts().isSignedOverflowDefined());
3615  } else {
3616  ConstLength = ConstLength.zextOrTrunc(PointerWidthInBits);
3617  --ConstLength;
3618  Idx = llvm::ConstantInt::get(IntPtrTy, ConstLength);
3619  }
3620  }
3621  }
3622  assert(Idx);
3623 
3624  Address EltPtr = Address::invalid();
3625  LValueBaseInfo BaseInfo;
3626  TBAAAccessInfo TBAAInfo;
3627  if (auto *VLA = getContext().getAsVariableArrayType(ResultExprTy)) {
3628  // The base must be a pointer, which is not an aggregate. Emit
3629  // it. It needs to be emitted first in case it's what captures
3630  // the VLA bounds.
3631  Address Base =
3632  emitOMPArraySectionBase(*this, E->getBase(), BaseInfo, TBAAInfo,
3633  BaseTy, VLA->getElementType(), IsLowerBound);
3634  // The element count here is the total number of non-VLA elements.
3635  llvm::Value *NumElements = getVLASize(VLA).NumElts;
3636 
3637  // Effectively, the multiply by the VLA size is part of the GEP.
3638  // GEP indexes are signed, and scaling an index isn't permitted to
3639  // signed-overflow, so we use the same semantics for our explicit
3640  // multiply. We suppress this if overflow is not undefined behavior.
3641  if (getLangOpts().isSignedOverflowDefined())
3642  Idx = Builder.CreateMul(Idx, NumElements);
3643  else
3644  Idx = Builder.CreateNSWMul(Idx, NumElements);
3645  EltPtr = emitArraySubscriptGEP(*this, Base, Idx, VLA->getElementType(),
3646  !getLangOpts().isSignedOverflowDefined(),
3647  /*SignedIndices=*/false, E->getExprLoc());
3648  } else if (const Expr *Array = isSimpleArrayDecayOperand(E->getBase())) {
3649  // If this is A[i] where A is an array, the frontend will have decayed the
3650  // base to be a ArrayToPointerDecay implicit cast. While correct, it is
3651  // inefficient at -O0 to emit a "gep A, 0, 0" when codegen'ing it, then a
3652  // "gep x, i" here. Emit one "gep A, 0, i".
3653  assert(Array->getType()->isArrayType() &&
3654  "Array to pointer decay must have array source type!");
3655  LValue ArrayLV;
3656  // For simple multidimensional array indexing, set the 'accessed' flag for
3657  // better bounds-checking of the base expression.
3658  if (const auto *ASE = dyn_cast<ArraySubscriptExpr>(Array))
3659  ArrayLV = EmitArraySubscriptExpr(ASE, /*Accessed*/ true);
3660  else
3661  ArrayLV = EmitLValue(Array);
3662 
3663  // Propagate the alignment from the array itself to the result.
3664  EltPtr = emitArraySubscriptGEP(
3665  *this, ArrayLV.getAddress(), {CGM.getSize(CharUnits::Zero()), Idx},
3666  ResultExprTy, !getLangOpts().isSignedOverflowDefined(),
3667  /*SignedIndices=*/false, E->getExprLoc());
3668  BaseInfo = ArrayLV.getBaseInfo();
3669  TBAAInfo = CGM.getTBAAInfoForSubobject(ArrayLV, ResultExprTy);
3670  } else {
3671  Address Base = emitOMPArraySectionBase(*this, E->getBase(), BaseInfo,
3672  TBAAInfo, BaseTy, ResultExprTy,
3673  IsLowerBound);
3674  EltPtr = emitArraySubscriptGEP(*this, Base, Idx, ResultExprTy,
3675  !getLangOpts().isSignedOverflowDefined(),
3676  /*SignedIndices=*/false, E->getExprLoc());
3677  }
3678 
3679  return MakeAddrLValue(EltPtr, ResultExprTy, BaseInfo, TBAAInfo);
3680 }
3681 
3682 LValue CodeGenFunction::
3683 EmitExtVectorElementExpr(const ExtVectorElementExpr *E) {
3684  // Emit the base vector as an l-value.
3685  LValue Base;
3686 
3687  // ExtVectorElementExpr's base can either be a vector or pointer to vector.
3688  if (E->isArrow()) {
3689  // If it is a pointer to a vector, emit the address and form an lvalue with
3690  // it.
3691  LValueBaseInfo BaseInfo;
3692  TBAAAccessInfo TBAAInfo;
3693  Address Ptr = EmitPointerWithAlignment(E->getBase(), &BaseInfo, &TBAAInfo);
3694  const PointerType *PT = E->getBase()->getType()->getAs<PointerType>();
3695  Base = MakeAddrLValue(Ptr, PT->getPointeeType(), BaseInfo, TBAAInfo);
3696  Base.getQuals().removeObjCGCAttr();
3697  } else if (E->getBase()->isGLValue()) {
3698  // Otherwise, if the base is an lvalue ( as in the case of foo.x.x),
3699  // emit the base as an lvalue.
3700  assert(E->getBase()->getType()->isVectorType());
3701  Base = EmitLValue(E->getBase());
3702  } else {
3703  // Otherwise, the base is a normal rvalue (as in (V+V).x), emit it as such.
3704  assert(E->getBase()->getType()->isVectorType() &&
3705  "Result must be a vector");
3706  llvm::Value *Vec = EmitScalarExpr(E->getBase());
3707 
3708  // Store the vector to memory (because LValue wants an address).
3709  Address VecMem = CreateMemTemp(E->getBase()->getType());
3710  Builder.CreateStore(Vec, VecMem);
3711  Base = MakeAddrLValue(VecMem, E->getBase()->getType(),
3712  AlignmentSource::Decl);
3713  }
3714 
3715  QualType type =
3716  E->getType().withCVRQualifiers(Base.getQuals().getCVRQualifiers());
3717 
3718  // Encode the element access list into a vector of unsigned indices.
3719  SmallVector<uint32_t, 4> Indices;
3720  E->getEncodedElementAccess(Indices);
3721 
3722  if (Base.isSimple()) {
3723  llvm::Constant *CV =
3724  llvm::ConstantDataVector::get(getLLVMContext(), Indices);
3725  return LValue::MakeExtVectorElt(Base.getAddress(), CV, type,
3726  Base.getBaseInfo(), TBAAAccessInfo());
3727  }
3728  assert(Base.isExtVectorElt() && "Can only subscript lvalue vec elts here!");
3729 
3730  llvm::Constant *BaseElts = Base.getExtVectorElts();
3731  SmallVector<llvm::Constant *, 4> CElts;
3732 
3733  for (unsigned i = 0, e = Indices.size(); i != e; ++i)
3734  CElts.push_back(BaseElts->getAggregateElement(Indices[i]));
3735  llvm::Constant *CV = llvm::ConstantVector::get(CElts);
3736  return LValue::MakeExtVectorElt(Base.getExtVectorAddress(), CV, type,
3737  Base.getBaseInfo(), TBAAAccessInfo());
3738 }
3739 
3740 LValue CodeGenFunction::EmitMemberExpr(const MemberExpr *E) {
3741  if (DeclRefExpr *DRE = tryToConvertMemberExprToDeclRefExpr(*this, E)) {
3742  EmitIgnoredExpr(E->getBase());
3743  return EmitDeclRefLValue(DRE);
3744  }
3745 
3746  Expr *BaseExpr = E->getBase();
3747  // If this is s.x, emit s as an lvalue. If it is s->x, emit s as a scalar.
3748  LValue BaseLV;
3749  if (E->isArrow()) {
3750  LValueBaseInfo BaseInfo;
3751  TBAAAccessInfo TBAAInfo;
3752  Address Addr = EmitPointerWithAlignment(BaseExpr, &BaseInfo, &TBAAInfo);
3753  QualType PtrTy = BaseExpr->getType()->getPointeeType();
3754  SanitizerSet SkippedChecks;
3755  bool IsBaseCXXThis = IsWrappedCXXThis(BaseExpr);
3756  if (IsBaseCXXThis)
3757  SkippedChecks.set(SanitizerKind::Alignment, true);
3758  if (IsBaseCXXThis || isa<DeclRefExpr>(BaseExpr))
3759  SkippedChecks.set(SanitizerKind::Null, true);
3760  EmitTypeCheck(TCK_MemberAccess, E->getExprLoc(), Addr.getPointer(), PtrTy,
3761  /*Alignment=*/CharUnits::Zero(), SkippedChecks);
3762  BaseLV = MakeAddrLValue(Addr, PtrTy, BaseInfo, TBAAInfo);
3763  } else
3764  BaseLV = EmitCheckedLValue(BaseExpr, TCK_MemberAccess);
3765 
3766  NamedDecl *ND = E->getMemberDecl();
3767  if (auto *Field = dyn_cast<FieldDecl>(ND)) {
3768  LValue LV = EmitLValueForField(BaseLV, Field);
3769  setObjCGCLValueClass(getContext(), E, LV);
3770  return LV;
3771  }
3772 
3773  if (const auto *FD = dyn_cast<FunctionDecl>(ND))
3774  return EmitFunctionDeclLValue(*this, E, FD);
3775 
3776  llvm_unreachable("Unhandled member declaration!");
3777 }
3778 
3779 /// Given that we are currently emitting a lambda, emit an l-value for
3780 /// one of its members.
3781 LValue CodeGenFunction::EmitLValueForLambdaField(const FieldDecl *Field) {
3782  assert(cast<CXXMethodDecl>(CurCodeDecl)->getParent()->isLambda());
3783  assert(cast<CXXMethodDecl>(CurCodeDecl)->getParent() == Field->getParent());
3784  QualType LambdaTagType =
3785  getContext().getTagDeclType(Field->getParent());
3786  LValue LambdaLV = MakeNaturalAlignAddrLValue(CXXABIThisValue, LambdaTagType);
3787  return EmitLValueForField(LambdaLV, Field);
3788 }
3789 
3790 /// Drill down to the storage of a field without walking into
3791 /// reference types.
3792 ///
3793 /// The resulting address doesn't necessarily have the right type.
3794 static Address emitAddrOfFieldStorage(CodeGenFunction &CGF, Address base,
3795  const FieldDecl *field) {
3796  const RecordDecl *rec = field->getParent();
3797 
3798  unsigned idx =
3799  CGF.CGM.getTypes().getCGRecordLayout(rec).getLLVMFieldNo(field);
3800 
3801  CharUnits offset;
3802  // Adjust the alignment down to the given offset.
3803  // As a special case, if the LLVM field index is 0, we know that this
3804  // is zero.
3805  assert((idx != 0 || CGF.getContext().getASTRecordLayout(rec)
3806  .getFieldOffset(field->getFieldIndex()) == 0) &&
3807  "LLVM field at index zero had non-zero offset?");
3808  if (idx != 0) {
3809  auto &recLayout = CGF.getContext().getASTRecordLayout(rec);
3810  auto offsetInBits = recLayout.getFieldOffset(field->getFieldIndex());
3811  offset = CGF.getContext().toCharUnitsFromBits(offsetInBits);
3812  }
3813 
3814  return CGF.Builder.CreateStructGEP(base, idx, offset, field->getName());
3815 }
3816 
3817 static bool hasAnyVptr(const QualType Type, const ASTContext &Context) {
3818  const auto *RD = Type.getTypePtr()->getAsCXXRecordDecl();
3819  if (!RD)
3820  return false;
3821 
3822  if (RD->isDynamicClass())
3823  return true;
3824 
3825  for (const auto &Base : RD->bases())
3826  if (hasAnyVptr(Base.getType(), Context))
3827  return true;
3828 
3829  for (const FieldDecl *Field : RD->fields())
3830  if (hasAnyVptr(Field->getType(), Context))
3831  return true;
3832 
3833  return false;
3834 }
3835 
3836 LValue CodeGenFunction::EmitLValueForField(LValue base,
3837  const FieldDecl *field) {
3838  LValueBaseInfo BaseInfo = base.getBaseInfo();
3839 
3840  if (field->isBitField()) {
3841  const CGRecordLayout &RL =
3842  CGM.getTypes().getCGRecordLayout(field->getParent());
3843  const CGBitFieldInfo &Info = RL.getBitFieldInfo(field);
3844  Address Addr = base.getAddress();
3845  unsigned Idx = RL.getLLVMFieldNo(field);
3846  if (Idx != 0)
3847  // For structs, we GEP to the field that the record layout suggests.
3848  Addr = Builder.CreateStructGEP(Addr, Idx, Info.StorageOffset,
3849  field->getName());
3850  // Get the access type.
3851  llvm::Type *FieldIntTy =
3852  llvm::Type::getIntNTy(getLLVMContext(), Info.StorageSize);
3853  if (Addr.getElementType() != FieldIntTy)
3854  Addr = Builder.CreateElementBitCast(Addr, FieldIntTy);
3855 
3856  QualType fieldType =
3857  field->getType().withCVRQualifiers(base.getVRQualifiers());
3858  // TODO: Support TBAA for bit fields.
3859  LValueBaseInfo FieldBaseInfo(BaseInfo.getAlignmentSource());
3860  return LValue::MakeBitfield(Addr, Info, fieldType, FieldBaseInfo,
3861  TBAAAccessInfo());
3862  }
3863 
3864  // Fields of may-alias structures are may-alias themselves.
3865  // FIXME: this should get propagated down through anonymous structs
3866  // and unions.
3867  QualType FieldType = field->getType();
3868  const RecordDecl *rec = field->getParent();
3869  AlignmentSource BaseAlignSource = BaseInfo.getAlignmentSource();
3870  LValueBaseInfo FieldBaseInfo(getFieldAlignmentSource(BaseAlignSource));
3871  TBAAAccessInfo FieldTBAAInfo;
3872  if (base.getTBAAInfo().isMayAlias() ||
3873  rec->hasAttr<MayAliasAttr>() || FieldType->isVectorType()) {
3874  FieldTBAAInfo = TBAAAccessInfo::getMayAliasInfo();
3875  } else if (rec->isUnion()) {
3876  // TODO: Support TBAA for unions.
3877  FieldTBAAInfo = TBAAAccessInfo::getMayAliasInfo();
3878  } else {
3879  // If no base type been assigned for the base access, then try to generate
3880  // one for this base lvalue.
3881  FieldTBAAInfo = base.getTBAAInfo();
3882  if (!FieldTBAAInfo.BaseType) {
3883  FieldTBAAInfo.BaseType = CGM.getTBAABaseTypeInfo(base.getType());
3884  assert(!FieldTBAAInfo.Offset &&
3885  "Nonzero offset for an access with no base type!");
3886  }
3887 
3888  // Adjust offset to be relative to the base type.
3889  const ASTRecordLayout &Layout =
3890  getContext().getASTRecordLayout(field->getParent());
3891  unsigned CharWidth = getContext().getCharWidth();
3892  if (FieldTBAAInfo.BaseType)
3893  FieldTBAAInfo.Offset +=
3894  Layout.getFieldOffset(field->getFieldIndex()) / CharWidth;
3895 
3896  // Update the final access type and size.
3897  FieldTBAAInfo.AccessType = CGM.getTBAATypeInfo(FieldType);
3898  FieldTBAAInfo.Size =
3899  getContext().getTypeSizeInChars(FieldType).getQuantity();
3900  }
3901 
3902  Address addr = base.getAddress();
3903  if (auto *ClassDef = dyn_cast<CXXRecordDecl>(rec)) {
3904  if (CGM.getCodeGenOpts().StrictVTablePointers &&
3905  ClassDef->isDynamicClass()) {
3906  // Getting to any field of dynamic object requires stripping dynamic
3907  // information provided by invariant.group. This is because accessing
3908  // fields may leak the real address of dynamic object, which could result
3909  // in miscompilation when leaked pointer would be compared.
3910  auto *stripped = Builder.CreateStripInvariantGroup(addr.getPointer());
3911  addr = Address(stripped, addr.getAlignment());
3912  }
3913  }
3914 
3915  unsigned RecordCVR = base.getVRQualifiers();
3916  if (rec->isUnion()) {
3917  // For unions, there is no pointer adjustment.
3918  assert(!FieldType->isReferenceType() && "union has reference member");
3919  if (CGM.getCodeGenOpts().StrictVTablePointers &&
3920  hasAnyVptr(FieldType, getContext()))
3921  // Because unions can easily skip invariant.barriers, we need to add
3922  // a barrier every time CXXRecord field with vptr is referenced.
3923  addr = Address(Builder.CreateLaunderInvariantGroup(addr.getPointer()),
3924  addr.getAlignment());
3925  } else {
3926  // For structs, we GEP to the field that the record layout suggests.
3927  addr = emitAddrOfFieldStorage(*this, addr, field);
3928 
3929  // If this is a reference field, load the reference right now.
3930  if (FieldType->isReferenceType()) {
3931  LValue RefLVal = MakeAddrLValue(addr, FieldType, FieldBaseInfo,
3932  FieldTBAAInfo);
3933  if (RecordCVR & Qualifiers::Volatile)
3934  RefLVal.getQuals().setVolatile(true);
3935  addr = EmitLoadOfReference(RefLVal, &FieldBaseInfo, &FieldTBAAInfo);
3936 
3937  // Qualifiers on the struct don't apply to the referencee.
3938  RecordCVR = 0;
3939  FieldType = FieldType->getPointeeType();
3940  }
3941  }
3942 
3943  // Make sure that the address is pointing to the right type. This is critical
3944  // for both unions and structs. A union needs a bitcast, a struct element
3945  // will need a bitcast if the LLVM type laid out doesn't match the desired
3946  // type.
3947  addr = Builder.CreateElementBitCast(
3948  addr, CGM.getTypes().ConvertTypeForMem(FieldType), field->getName());
3949 
3950  if (field->hasAttr<AnnotateAttr>())
3951  addr = EmitFieldAnnotations(field, addr);
3952 
3953  LValue LV = MakeAddrLValue(addr, FieldType, FieldBaseInfo, FieldTBAAInfo);
3954  LV.getQuals().addCVRQualifiers(RecordCVR);
3955 
3956  // __weak attribute on a field is ignored.
3957  if (LV.getQuals().getObjCGCAttr() == Qualifiers::Weak)
3958  LV.getQuals().removeObjCGCAttr();
3959 
3960  return LV;
3961 }
3962 
3963 LValue
3964 CodeGenFunction::EmitLValueForFieldInitialization(LValue Base,
3965  const FieldDecl *Field) {
3966  QualType FieldType = Field->getType();
3967 
3968  if (!FieldType->isReferenceType())
3969  return EmitLValueForField(Base, Field);
3970 
3971  Address V = emitAddrOfFieldStorage(*this, Base.getAddress(), Field);
3972 
3973  // Make sure that the address is pointing to the right type.
3974  llvm::Type *llvmType = ConvertTypeForMem(FieldType);
3975  V = Builder.CreateElementBitCast(V, llvmType, Field->getName());
3976 
3977  // TODO: Generate TBAA information that describes this access as a structure
3978  // member access and not just an access to an object of the field's type. This
3979  // should be similar to what we do in EmitLValueForField().
3980  LValueBaseInfo BaseInfo = Base.getBaseInfo();
3981  AlignmentSource FieldAlignSource = BaseInfo.getAlignmentSource();
3982  LValueBaseInfo FieldBaseInfo(getFieldAlignmentSource(FieldAlignSource));
3983  return MakeAddrLValue(V, FieldType, FieldBaseInfo,
3984  CGM.getTBAAInfoForSubobject(Base, FieldType));
3985 }
3986 
3987 LValue CodeGenFunction::EmitCompoundLiteralLValue(const CompoundLiteralExpr *E){
3988  if (E->isFileScope()) {
3989  ConstantAddress GlobalPtr = CGM.GetAddrOfConstantCompoundLiteral(E);
3990  return MakeAddrLValue(GlobalPtr, E->getType(), AlignmentSource::Decl);
3991  }
3992  if (E->getType()->isVariablyModifiedType())
3993  // make sure to emit the VLA size.
3994  EmitVariablyModifiedType(E->getType());
3995 
3996  Address DeclPtr = CreateMemTemp(E->getType(), ".compoundliteral");
3997  const Expr *InitExpr = E->getInitializer();
3998  LValue Result = MakeAddrLValue(DeclPtr, E->getType(), AlignmentSource::Decl);
3999 
4000  EmitAnyExprToMem(InitExpr, DeclPtr, E->getType().getQualifiers(),
4001  /*Init*/ true);
4002 
4003  return Result;
4004 }
4005 
4006 LValue CodeGenFunction::EmitInitListLValue(const InitListExpr *E) {
4007  if (!E->isGLValue())
4008  // Initializing an aggregate temporary in C++11: T{...}.
4009  return EmitAggExprToLValue(E);
4010 
4011  // An lvalue initializer list must be initializing a reference.
4012  assert(E->isTransparent() && "non-transparent glvalue init list");
4013  return EmitLValue(E->getInit(0));
4014 }
4015 
4016 /// Emit the operand of a glvalue conditional operator. This is either a glvalue
4017 /// or a (possibly-parenthesized) throw-expression. If this is a throw, no
4018 /// LValue is returned and the current block has been terminated.
4019 static Optional<LValue> EmitLValueOrThrowExpression(CodeGenFunction &CGF,
4020  const Expr *Operand) {
4021  if (auto *ThrowExpr = dyn_cast<CXXThrowExpr>(Operand->IgnoreParens())) {
4022  CGF.EmitCXXThrowExpr(ThrowExpr, /*KeepInsertionPoint*/false);
4023  return None;
4024  }
4025 
4026  return CGF.EmitLValue(Operand);
4027 }
4028 
4029 LValue CodeGenFunction::
4030 EmitConditionalOperatorLValue(const AbstractConditionalOperator *expr) {
4031  if (!expr->isGLValue()) {
4032  // ?: here should be an aggregate.
4033  assert(hasAggregateEvaluationKind(expr->getType()) &&
4034  "Unexpected conditional operator!");
4035  return EmitAggExprToLValue(expr);
4036  }
4037 
4038  OpaqueValueMapping binding(*this, expr);
4039 
4040  const Expr *condExpr = expr->getCond();
4041  bool CondExprBool;
4042  if (ConstantFoldsToSimpleInteger(condExpr, CondExprBool)) {
4043  const Expr *live = expr->getTrueExpr(), *dead = expr->getFalseExpr();
4044  if (!CondExprBool) std::swap(live, dead);
4045 
4046  if (!ContainsLabel(dead)) {
4047  // If the true case is live, we need to track its region.
4048  if (CondExprBool)
4049  incrementProfileCounter(expr);
4050  return EmitLValue(live);
4051  }
4052  }
4053 
4054  llvm::BasicBlock *lhsBlock = createBasicBlock("cond.true");
4055  llvm::BasicBlock *rhsBlock = createBasicBlock("cond.false");
4056  llvm::BasicBlock *contBlock = createBasicBlock("cond.end");
4057 
4058  ConditionalEvaluation eval(*this);
4059  EmitBranchOnBoolExpr(condExpr, lhsBlock, rhsBlock, getProfileCount(expr));
4060 
4061  // Any temporaries created here are conditional.
4062  EmitBlock(lhsBlock);
4063  incrementProfileCounter(expr);
4064  eval.begin(*this);
4065  Optional<LValue> lhs =
4066  EmitLValueOrThrowExpression(*this, expr->getTrueExpr());
4067  eval.end(*this);
4068 
4069  if (lhs && !lhs->isSimple())
4070  return EmitUnsupportedLValue(expr, "conditional operator");
4071 
4072  lhsBlock = Builder.GetInsertBlock();
4073  if (lhs)
4074  Builder.CreateBr(contBlock);
4075 
4076  // Any temporaries created here are conditional.
4077  EmitBlock(rhsBlock);
4078  eval.begin(*this);
4079  Optional<LValue> rhs =
4080  EmitLValueOrThrowExpression(*this, expr->getFalseExpr());
4081  eval.end(*this);
4082  if (rhs && !rhs->isSimple())
4083  return EmitUnsupportedLValue(expr, "conditional operator");
4084  rhsBlock = Builder.GetInsertBlock();
4085 
4086  EmitBlock(contBlock);
4087 
4088  if (lhs && rhs) {
4089  llvm::PHINode *phi = Builder.CreatePHI(lhs->getPointer()->getType(),
4090  2, "cond-lvalue");
4091  phi->addIncoming(lhs->getPointer(), lhsBlock);
4092  phi->addIncoming(rhs->getPointer(), rhsBlock);
4093  Address result(phi, std::min(lhs->getAlignment(), rhs->getAlignment()));
4094  AlignmentSource alignSource =
4095  std::max(lhs->getBaseInfo().getAlignmentSource(),
4096  rhs->getBaseInfo().getAlignmentSource());
4097  TBAAAccessInfo TBAAInfo = CGM.mergeTBAAInfoForConditionalOperator(
4098  lhs->getTBAAInfo(), rhs->getTBAAInfo());
4099  return MakeAddrLValue(result, expr->getType(), LValueBaseInfo(alignSource),
4100  TBAAInfo);
4101  } else {
4102  assert((lhs || rhs) &&
4103  "both operands of glvalue conditional are throw-expressions?");
4104  return lhs ? *lhs : *rhs;
4105  }
4106 }
4107 
4108 /// EmitCastLValue - Casts are never lvalues unless that cast is to a reference
4109 /// type. If the cast is to a reference, we can have the usual lvalue result,
4110 /// otherwise if a cast is needed by the code generator in an lvalue context,
4111 /// then it must mean that we need the address of an aggregate in order to
4112 /// access one of its members. This can happen for all the reasons that casts
4113 /// are permitted with aggregate result, including noop aggregate casts, and
4114 /// cast from scalar to union.
4115 LValue CodeGenFunction::EmitCastLValue(const CastExpr *E) {
4116  switch (E->getCastKind()) {
4117  case CK_ToVoid:
4118  case CK_BitCast:
4119  case CK_ArrayToPointerDecay:
4120  case CK_FunctionToPointerDecay:
4121  case CK_NullToMemberPointer:
4122  case CK_NullToPointer:
4123  case CK_IntegralToPointer:
4124  case CK_PointerToIntegral:
4125  case CK_PointerToBoolean:
4126  case CK_VectorSplat:
4127  case CK_IntegralCast:
4128  case CK_BooleanToSignedIntegral:
4129  case CK_IntegralToBoolean:
4130  case CK_IntegralToFloating:
4131  case CK_FloatingToIntegral:
4132  case CK_FloatingToBoolean:
4133  case CK_FloatingCast:
4134  case CK_FloatingRealToComplex:
4135  case CK_FloatingComplexToReal:
4136  case CK_FloatingComplexToBoolean:
4137  case CK_FloatingComplexCast:
4138  case CK_FloatingComplexToIntegralComplex:
4139  case CK_IntegralRealToComplex:
4140  case CK_IntegralComplexToReal:
4141  case CK_IntegralComplexToBoolean:
4142  case CK_IntegralComplexCast:
4143  case CK_IntegralComplexToFloatingComplex:
4144  case CK_DerivedToBaseMemberPointer:
4145  case CK_BaseToDerivedMemberPointer:
4146  case CK_MemberPointerToBoolean:
4147  case CK_ReinterpretMemberPointer:
4148  case CK_AnyPointerToBlockPointerCast:
4149  case CK_ARCProduceObject:
4150  case CK_ARCConsumeObject:
4151  case CK_ARCReclaimReturnedObject:
4152  case CK_ARCExtendBlockObject:
4153  case CK_CopyAndAutoreleaseBlockObject:
4154  case CK_AddressSpaceConversion:
4155  case CK_IntToOCLSampler:
4156  return EmitUnsupportedLValue(E, "unexpected cast lvalue");
4157 
4158  case CK_Dependent:
4159  llvm_unreachable("dependent cast kind in IR gen!");
4160 
4161  case CK_BuiltinFnToFnPtr:
4162  llvm_unreachable("builtin functions are handled elsewhere");
4163 
4164  // These are never l-values; just use the aggregate emission code.
4165  case CK_NonAtomicToAtomic:
4166  case CK_AtomicToNonAtomic:
4167  return EmitAggExprToLValue(E);
4168 
4169  case CK_Dynamic: {
4170  LValue LV = EmitLValue(E->getSubExpr());
4171  Address V = LV.getAddress();
4172  const auto *DCE = cast<CXXDynamicCastExpr>(E);
4173  return MakeNaturalAlignAddrLValue(EmitDynamicCast(V, DCE), E->getType());
4174  }
4175 
4176  case CK_ConstructorConversion:
4177  case CK_UserDefinedConversion:
4178  case CK_CPointerToObjCPointerCast:
4179  case CK_BlockPointerToObjCPointerCast:
4180  case CK_NoOp:
4181  case CK_LValueToRValue:
4182  return EmitLValue(E->getSubExpr());
4183 
4184  case CK_UncheckedDerivedToBase:
4185  case CK_DerivedToBase: {
4186  const RecordType *DerivedClassTy =
4187  E->getSubExpr()->getType()->getAs<RecordType>();
4188  auto *DerivedClassDecl = cast<CXXRecordDecl>(DerivedClassTy->getDecl());
4189 
4190  LValue LV = EmitLValue(E->getSubExpr());
4191  Address This = LV.getAddress();
4192 
4193  // Perform the derived-to-base conversion
4194  Address Base = GetAddressOfBaseClass(
4195  This, DerivedClassDecl, E->path_begin(), E->path_end(),
4196  /*NullCheckValue=*/false, E->getExprLoc());
4197 
4198  // TODO: Support accesses to members of base classes in TBAA. For now, we
4199  // conservatively pretend that the complete object is of the base class
4200  // type.
4201  return MakeAddrLValue(Base, E->getType(), LV.getBaseInfo(),
4202  CGM.getTBAAInfoForSubobject(LV, E->getType()));
4203  }
4204  case CK_ToUnion:
4205  return EmitAggExprToLValue(E);
4206  case CK_BaseToDerived: {
4207  const RecordType *DerivedClassTy = E->getType()->getAs<RecordType>();
4208  auto *DerivedClassDecl = cast<CXXRecordDecl>(DerivedClassTy->getDecl());
4209 
4210  LValue LV = EmitLValue(E->getSubExpr());
4211 
4212  // Perform the base-to-derived conversion
4213  Address Derived =
4214  GetAddressOfDerivedClass(LV.getAddress(), DerivedClassDecl,
4215  E->path_begin(), E->path_end(),
4216  /*NullCheckValue=*/false);
4217 
4218  // C++11 [expr.static.cast]p2: Behavior is undefined if a downcast is
4219  // performed and the object is not of the derived type.
4220  if (sanitizePerformTypeCheck())
4221  EmitTypeCheck(TCK_DowncastReference, E->getExprLoc(),
4222  Derived.getPointer(), E->getType());
4223 
4224  if (SanOpts.has(SanitizerKind::CFIDerivedCast))
4225  EmitVTablePtrCheckForCast(E->getType(), Derived.getPointer(),
4226  /*MayBeNull=*/false, CFITCK_DerivedCast,
4227  E->getBeginLoc());
4228 
4229  return MakeAddrLValue(Derived, E->getType(), LV.getBaseInfo(),
4230  CGM.getTBAAInfoForSubobject(LV, E->getType()));
4231  }
4232  case CK_LValueBitCast: {
4233  // This must be a reinterpret_cast (or c-style equivalent).
4234  const auto *CE = cast<ExplicitCastExpr>(E);
4235 
4236  CGM.EmitExplicitCastExprType(CE, this);
4237  LValue LV = EmitLValue(E->getSubExpr());
4238  Address V = Builder.CreateBitCast(LV.getAddress(),
4239  ConvertType(CE->getTypeAsWritten()));
4240 
4241  if (SanOpts.has(SanitizerKind::CFIUnrelatedCast))
4242  EmitVTablePtrCheckForCast(E->getType(), V.getPointer(),
4243  /*MayBeNull=*/false, CFITCK_UnrelatedCast,
4244  E->getBeginLoc());
4245 
4246  return MakeAddrLValue(V, E->getType(), LV.getBaseInfo(),
4247  CGM.getTBAAInfoForSubobject(LV, E->getType()));
4248  }
4249  case CK_ObjCObjectLValueCast: {
4250  LValue LV = EmitLValue(E->getSubExpr());
4251  Address V = Builder.CreateElementBitCast(LV.getAddress(),
4252  ConvertType(E->getType()));
4253  return MakeAddrLValue(V, E->getType(), LV.getBaseInfo(),
4254  CGM.getTBAAInfoForSubobject(LV, E->getType()));
4255  }
4256  case CK_ZeroToOCLQueue:
4257  llvm_unreachable("NULL to OpenCL queue lvalue cast is not valid");
4258  case CK_ZeroToOCLEvent:
4259  llvm_unreachable("NULL to OpenCL event lvalue cast is not valid");
4260  }
4261 
4262  llvm_unreachable("Unhandled lvalue cast kind?");
4263 }
4264 
4265 LValue CodeGenFunction::EmitOpaqueValueLValue(const OpaqueValueExpr *e) {
4266  assert(OpaqueValueMappingData::shouldBindAsLValue(e));
4267  return getOrCreateOpaqueLValueMapping(e);
4268 }
4269 
4270 LValue
4271 CodeGenFunction::getOrCreateOpaqueLValueMapping(const OpaqueValueExpr *e) {
4272  assert(OpaqueValueMapping::shouldBindAsLValue(e));
4273 
4274  llvm::DenseMap<const OpaqueValueExpr*,LValue>::iterator
4275  it = OpaqueLValues.find(e);
4276 
4277  if (it != OpaqueLValues.end())
4278  return it->second;
4279 
4280  assert(e->isUnique() && "LValue for a nonunique OVE hasn't been emitted");
4281  return EmitLValue(e->getSourceExpr());
4282 }
4283 
4284 RValue
4285 CodeGenFunction::getOrCreateOpaqueRValueMapping(const OpaqueValueExpr *e) {
4286  assert(!OpaqueValueMapping::shouldBindAsLValue(e));
4287 
4288  llvm::DenseMap<const OpaqueValueExpr*,RValue>::iterator
4289  it = OpaqueRValues.find(e);
4290 
4291  if (it != OpaqueRValues.end())
4292  return it->second;
4293 
4294  assert(e->isUnique() && "RValue for a nonunique OVE hasn't been emitted");
4295  return EmitAnyExpr(e->getSourceExpr());
4296 }
4297 
4298 RValue CodeGenFunction::EmitRValueForField(LValue LV,
4299  const FieldDecl *FD,
4300  SourceLocation Loc) {
4301  QualType FT = FD->getType();
4302  LValue FieldLV = EmitLValueForField(LV, FD);
4303  switch (getEvaluationKind(FT)) {
4304  case TEK_Complex:
4305  return RValue::getComplex(EmitLoadOfComplex(FieldLV, Loc));
4306  case TEK_Aggregate:
4307  return FieldLV.asAggregateRValue();
4308  case TEK_Scalar:
4309  // This routine is used to load fields one-by-one to perform a copy, so
4310  // don't load reference fields.
4311  if (FD->getType()->isReferenceType())
4312  return RValue::get(FieldLV.getPointer());
4313  return EmitLoadOfLValue(FieldLV, Loc);
4314  }
4315  llvm_unreachable("bad evaluation kind");
4316 }
4317 
4318 //===--------------------------------------------------------------------===//
4319 // Expression Emission
4320 //===--------------------------------------------------------------------===//
4321 
4322 RValue CodeGenFunction::EmitCallExpr(const CallExpr *E,
4323  ReturnValueSlot ReturnValue) {
4324  // Builtins never have block type.
4325  if (E->getCallee()->getType()->isBlockPointerType())
4326  return EmitBlockCallExpr(E, ReturnValue);
4327 
4328  if (const auto *CE = dyn_cast<CXXMemberCallExpr>(E))
4329  return EmitCXXMemberCallExpr(CE, ReturnValue);
4330 
4331  if (const auto *CE = dyn_cast<CUDAKernelCallExpr>(E))
4332  return EmitCUDAKernelCallExpr(CE, ReturnValue);
4333 
4334  if (const auto *CE = dyn_cast<CXXOperatorCallExpr>(E))
4335  if (const CXXMethodDecl *MD =
4336  dyn_cast_or_null<CXXMethodDecl>(CE->getCalleeDecl()))
4337  return EmitCXXOperatorMemberCallExpr(CE, MD, ReturnValue);
4338 
4339  CGCallee callee = EmitCallee(E->getCallee());
4340 
4341  if (callee.isBuiltin()) {
4342  return EmitBuiltinExpr(callee.getBuiltinDecl(), callee.getBuiltinID(),
4343  E, ReturnValue);
4344  }
4345 
4346  if (callee.isPseudoDestructor()) {
4347  return EmitCXXPseudoDestructorExpr(callee.getPseudoDestructorExpr());
4348  }
4349 
4350  return EmitCall(E->getCallee()->getType(), callee, E, ReturnValue);
4351 }
4352 
4353 /// Emit a CallExpr without considering whether it might be a subclass.
4354 RValue CodeGenFunction::EmitSimpleCallExpr(const CallExpr *E,
4355  ReturnValueSlot ReturnValue) {
4356  CGCallee Callee = EmitCallee(E->getCallee());
4357  return EmitCall(E->getCallee()->getType(), Callee, E, ReturnValue);
4358 }
4359 
4360 static CGCallee EmitDirectCallee(CodeGenFunction &CGF, const FunctionDecl *FD) {
4361  if (auto builtinID = FD->getBuiltinID()) {
4362  return CGCallee::forBuiltin(builtinID, FD);
4363  }
4364 
4365  llvm::Constant *calleePtr = EmitFunctionDeclPointer(CGF.CGM, FD);
4366  return CGCallee::forDirect(calleePtr, FD);
4367 }
4368 
4369 CGCallee CodeGenFunction::EmitCallee(const Expr *E) {
4370  E = E->IgnoreParens();
4371 
4372  // Look through function-to-pointer decay.
4373  if (auto ICE = dyn_cast<ImplicitCastExpr>(E)) {
4374  if (ICE->getCastKind() == CK_FunctionToPointerDecay ||
4375  ICE->getCastKind() == CK_BuiltinFnToFnPtr) {
4376  return EmitCallee(ICE->getSubExpr());
4377  }
4378 
4379  // Resolve direct calls.
4380  } else if (auto DRE = dyn_cast<DeclRefExpr>(E)) {
4381  if (auto FD = dyn_cast<FunctionDecl>(DRE->getDecl())) {
4382  return EmitDirectCallee(*this, FD);
4383  }
4384  } else if (auto ME = dyn_cast<MemberExpr>(E)) {
4385  if (auto FD = dyn_cast<FunctionDecl>(ME->getMemberDecl())) {
4386  EmitIgnoredExpr(ME->getBase());
4387  return EmitDirectCallee(*this, FD);
4388  }
4389 
4390  // Look through template substitutions.
4391  } else if (auto NTTP = dyn_cast<SubstNonTypeTemplateParmExpr>(E)) {
4392  return EmitCallee(NTTP->getReplacement());
4393 
4394  // Treat pseudo-destructor calls differently.
4395  } else if (auto PDE = dyn_cast<CXXPseudoDestructorExpr>(E)) {
4396  return CGCallee::forPseudoDestructor(PDE);
4397  }
4398 
4399  // Otherwise, we have an indirect reference.
4400  llvm::Value *calleePtr;
4401  QualType functionType;
4402  if (auto ptrType = E->getType()->getAs<PointerType>()) {
4403  calleePtr = EmitScalarExpr(E);
4404  functionType = ptrType->getPointeeType();
4405  } else {
4406  functionType = E->getType();
4407  calleePtr = EmitLValue(E).getPointer();
4408  }
4409  assert(functionType->isFunctionType());
4410  CGCalleeInfo calleeInfo(functionType->getAs<FunctionProtoType>(),
4411  E->getReferencedDeclOfCallee());
4412  CGCallee callee(calleeInfo, calleePtr);
4413  return callee;
4414 }
4415 
4416 LValue CodeGenFunction::EmitBinaryOperatorLValue(const BinaryOperator *E) {
4417  // Comma expressions just emit their LHS then their RHS as an l-value.
4418  if (E->getOpcode() == BO_Comma) {
4419  EmitIgnoredExpr(E->getLHS());
4420  EnsureInsertPoint();
4421  return EmitLValue(E->getRHS());
4422  }
4423 
4424  if (E->getOpcode() == BO_PtrMemD ||
4425  E->getOpcode() == BO_PtrMemI)
4426  return EmitPointerToDataMemberBinaryExpr(E);
4427 
4428  assert(E->getOpcode() == BO_Assign && "unexpected binary l-value");
4429 
4430  // Note that in all of these cases, __block variables need the RHS
4431  // evaluated first just in case the variable gets moved by the RHS.
4432 
4433  switch (getEvaluationKind(E->getType())) {
4434  case TEK_Scalar: {
4435  switch (E->getLHS()->getType().getObjCLifetime()) {
4436  case Qualifiers::OCL_Strong:
4437  return EmitARCStoreStrong(E, /*ignored*/ false).first;
4438 
4439  case Qualifiers::OCL_Autoreleasing:
4440  return EmitARCStoreAutoreleasing(E).first;
4441 
4442  // No reason to do any of these differently.
4443  case Qualifiers::OCL_None:
4444  case Qualifiers::OCL_ExplicitNone:
4445  case Qualifiers::OCL_Weak:
4446  break;
4447  }
4448 
4449  RValue RV = EmitAnyExpr(E->getRHS());
4450  LValue LV = EmitCheckedLValue(E->getLHS(), TCK_Store);
4451  if (RV.isScalar())
4452  EmitNullabilityCheck(LV, RV.getScalarVal(), E->getExprLoc());
4453  EmitStoreThroughLValue(RV, LV);
4454  return LV;
4455  }
4456 
4457  case TEK_Complex:
4458  return EmitComplexAssignmentLValue(E);
4459 
4460  case TEK_Aggregate:
4461  return EmitAggExprToLValue(E);
4462  }
4463  llvm_unreachable("bad evaluation kind");
4464 }
4465 
4466 LValue CodeGenFunction::EmitCallExprLValue(const CallExpr *E) {
4467  RValue RV = EmitCallExpr(E);
4468 
4469  if (!RV.isScalar())
4470  return MakeAddrLValue(RV.getAggregateAddress(), E->getType(),
4471  AlignmentSource::Decl);
4472 
4473  assert(E->getCallReturnType(getContext())->isReferenceType() &&
4474  "Can't have a scalar return unless the return type is a "
4475  "reference type!");
4476 
4477  return MakeNaturalAlignPointeeAddrLValue(RV.getScalarVal(), E->getType());
4478 }
4479 
4480 LValue CodeGenFunction::EmitVAArgExprLValue(const VAArgExpr *E) {
4481  // FIXME: This shouldn't require another copy.
4482  return EmitAggExprToLValue(E);
4483 }
4484 
4485 LValue CodeGenFunction::EmitCXXConstructLValue(const CXXConstructExpr *E) {
4486  assert(E->getType()->getAsCXXRecordDecl()->hasTrivialDestructor()
4487  && "binding l-value to type which needs a temporary");
4488  AggValueSlot Slot = CreateAggTemp(E->getType());
4489  EmitCXXConstructExpr(E, Slot);
4490  return MakeAddrLValue(Slot.getAddress(), E->getType(), AlignmentSource::Decl);
4491 }
4492 
4493 LValue
4494 CodeGenFunction::EmitCXXTypeidLValue(const CXXTypeidExpr *E) {
4495  return MakeNaturalAlignAddrLValue(EmitCXXTypeidExpr(E), E->getType());
4496 }
4497 
4498 Address CodeGenFunction::EmitCXXUuidofExpr(const CXXUuidofExpr *E) {
4499  return Builder.CreateElementBitCast(CGM.GetAddrOfUuidDescriptor(E),
4500  ConvertType(E->getType()));
4501 }
4502 
4503 LValue CodeGenFunction::EmitCXXUuidofLValue(const CXXUuidofExpr *E) {
4504  return MakeAddrLValue(EmitCXXUuidofExpr(E), E->getType(),
4505  AlignmentSource::Decl);
4506 }
4507 
4508 LValue
4509 CodeGenFunction::EmitCXXBindTemporaryLValue(const CXXBindTemporaryExpr *E) {
4510  AggValueSlot Slot = CreateAggTemp(E->getType(), "temp.lvalue");
4511  Slot.setExternallyDestructed();
4512  EmitAggExpr(E->getSubExpr(), Slot);
4513  EmitCXXTemporary(E->getTemporary(), E->getType(), Slot.getAddress());
4514  return MakeAddrLValue(Slot.getAddress(), E->getType(), AlignmentSource::Decl);
4515 }
4516 
4517 LValue
4518 CodeGenFunction::EmitLambdaLValue(const LambdaExpr *E) {
4519  AggValueSlot Slot = CreateAggTemp(E->getType(), "temp.lvalue");
4520  EmitLambdaExpr(E, Slot);
4521  return MakeAddrLValue(Slot.getAddress(), E->getType(), AlignmentSource::Decl);
4522 }
4523 
4524 LValue CodeGenFunction::EmitObjCMessageExprLValue(const ObjCMessageExpr *E) {
4525  RValue RV = EmitObjCMessageExpr(E);
4526 
4527  if (!RV.isScalar())
4528  return MakeAddrLValue(RV.getAggregateAddress(), E->getType(),
4529  AlignmentSource::Decl);
4530 
4531  assert(E->getMethodDecl()->getReturnType()->isReferenceType() &&
4532  "Can't have a scalar return unless the return type is a "
4533  "reference type!");
4534 
4535  return MakeNaturalAlignPointeeAddrLValue(RV.getScalarVal(), E->getType());
4536 }
4537 
4538 LValue CodeGenFunction::EmitObjCSelectorLValue(const ObjCSelectorExpr *E) {
4539  Address V =
4540  CGM.getObjCRuntime().GetAddrOfSelector(*this, E->getSelector());
4541  return MakeAddrLValue(V, E->getType(), AlignmentSource::Decl);
4542 }
4543 
4544 llvm::Value *CodeGenFunction::EmitIvarOffset(const ObjCInterfaceDecl *Interface,
4545  const ObjCIvarDecl *Ivar) {
4546  return CGM.getObjCRuntime().EmitIvarOffset(*this, Interface, Ivar);
4547 }
4548 
4549 LValue CodeGenFunction::EmitLValueForIvar(QualType ObjectTy,
4550  llvm::Value *BaseValue,
4551  const ObjCIvarDecl *Ivar,
4552  unsigned CVRQualifiers) {
4553  return CGM.getObjCRuntime().EmitObjCValueForIvar(*this, ObjectTy, BaseValue,
4554  Ivar, CVRQualifiers);
4555 }
4556 
4557 LValue CodeGenFunction::EmitObjCIvarRefLValue(const ObjCIvarRefExpr *E) {
4558  // FIXME: A lot of the code below could be shared with EmitMemberExpr.
4559  llvm::Value *BaseValue = nullptr;
4560  const Expr *BaseExpr = E->getBase();
4561  Qualifiers BaseQuals;
4562  QualType ObjectTy;
4563  if (E->isArrow()) {
4564  BaseValue = EmitScalarExpr(BaseExpr);
4565  ObjectTy = BaseExpr->getType()->getPointeeType();
4566  BaseQuals = ObjectTy.getQualifiers();
4567  } else {
4568  LValue BaseLV = EmitLValue(BaseExpr);
4569  BaseValue = BaseLV.getPointer();
4570  ObjectTy = BaseExpr->getType();
4571  BaseQuals = ObjectTy.getQualifiers();
4572  }
4573 
4574  LValue LV =
4575  EmitLValueForIvar(ObjectTy, BaseValue, E->getDecl(),
4576  BaseQuals.getCVRQualifiers());
4577  setObjCGCLValueClass(getContext(), E, LV);
4578  return LV;
4579 }
4580 
4581 LValue CodeGenFunction::EmitStmtExprLValue(const StmtExpr *E) {
4582  // Can only get l-value for message expression returning aggregate type
4583  RValue RV = EmitAnyExprToTemp(E);
4584  return MakeAddrLValue(RV.getAggregateAddress(), E->getType(),
4585  AlignmentSource::Decl);
4586 }
4587 
4588 RValue CodeGenFunction::EmitCall(QualType CalleeType, const CGCallee &OrigCallee,
4589  const CallExpr *E, ReturnValueSlot ReturnValue,
4590  llvm::Value *Chain) {
4591  // Get the actual function type. The callee type will always be a pointer to
4592  // function type or a block pointer type.
4593  assert(CalleeType->isFunctionPointerType() &&
4594  "Call must have function pointer type!");
4595 
4596  const Decl *TargetDecl = OrigCallee.getAbstractInfo().getCalleeDecl();
4597 
4598  if (const FunctionDecl *FD = dyn_cast_or_null<FunctionDecl>(TargetDecl))
4599  // We can only guarantee that a function is called from the correct
4600  // context/function based on the appropriate target attributes,
4601  // so only check in the case where we have both always_inline and target
4602  // since otherwise we could be making a conditional call after a check for
4603  // the proper cpu features (and it won't cause code generation issues due to
4604  // function based code generation).
4605  if (TargetDecl->hasAttr<AlwaysInlineAttr>() &&
4606  TargetDecl->hasAttr<TargetAttr>())
4607  checkTargetFeatures(E, FD);
4608 
4609  CalleeType = getContext().getCanonicalType(CalleeType);
4610 
4611  auto PointeeType = cast<PointerType>(CalleeType)->getPointeeType();
4612 
4613  CGCallee Callee = OrigCallee;
4614 
4615  if (getLangOpts().CPlusPlus && SanOpts.has(SanitizerKind::Function) &&
4616  (!TargetDecl || !isa<FunctionDecl>(TargetDecl))) {
4617  if (llvm::Constant *PrefixSig =
4618  CGM.getTargetCodeGenInfo().getUBSanFunctionSignature(CGM)) {
4619  SanitizerScope SanScope(this);
4620  // Remove any (C++17) exception specifications, to allow calling e.g. a
4621  // noexcept function through a non-noexcept pointer.
4622  auto ProtoTy =
4623  getContext().getFunctionTypeWithExceptionSpec(PointeeType, EST_None);
4624  llvm::Constant *FTRTTIConst =
4625  CGM.GetAddrOfRTTIDescriptor(ProtoTy, /*ForEH=*/true);
4626  llvm::Type *PrefixStructTyElems[] = {PrefixSig->getType(), Int32Ty};
4627  llvm::StructType *PrefixStructTy = llvm::StructType::get(
4628  CGM.getLLVMContext(), PrefixStructTyElems, /*isPacked=*/true);
4629 
4630  llvm::Value *CalleePtr = Callee.getFunctionPointer();
4631 
4632  llvm::Value *CalleePrefixStruct = Builder.CreateBitCast(
4633  CalleePtr, llvm::PointerType::getUnqual(PrefixStructTy));
4634  llvm::Value *CalleeSigPtr =
4635  Builder.CreateConstGEP2_32(PrefixStructTy, CalleePrefixStruct, 0, 0);
4636  llvm::Value *CalleeSig =
4637  Builder.CreateAlignedLoad(CalleeSigPtr, getIntAlign());
4638  llvm::Value *CalleeSigMatch = Builder.CreateICmpEQ(CalleeSig, PrefixSig);
4639 
4640  llvm::BasicBlock *Cont = createBasicBlock("cont");
4641  llvm::BasicBlock *TypeCheck = createBasicBlock("typecheck");
4642  Builder.CreateCondBr(CalleeSigMatch, TypeCheck, Cont);
4643 
4644  EmitBlock(TypeCheck);
4645  llvm::Value *CalleeRTTIPtr =
4646  Builder.CreateConstGEP2_32(PrefixStructTy, CalleePrefixStruct, 0, 1);
4647  llvm::Value *CalleeRTTIEncoded =
4648  Builder.CreateAlignedLoad(CalleeRTTIPtr, getPointerAlign());
4649  llvm::Value *CalleeRTTI =
4650  DecodeAddrUsedInPrologue(CalleePtr, CalleeRTTIEncoded);
4651  llvm::Value *CalleeRTTIMatch =
4652  Builder.CreateICmpEQ(CalleeRTTI, FTRTTIConst);
4653  llvm::Constant *StaticData[] = {EmitCheckSourceLocation(E->getBeginLoc()),
4654  EmitCheckTypeDescriptor(CalleeType)};
4655  EmitCheck(std::make_pair(CalleeRTTIMatch, SanitizerKind::Function),
4656  SanitizerHandler::FunctionTypeMismatch, StaticData, CalleePtr);
4657 
4658  Builder.CreateBr(Cont);
4659  EmitBlock(Cont);
4660  }
4661  }
4662 
4663  const auto *FnType = cast<FunctionType>(PointeeType);
4664 
4665  // If we are checking indirect calls and this call is indirect, check that the
4666  // function pointer is a member of the bit set for the function type.
4667  if (SanOpts.has(SanitizerKind::CFIICall) &&
4668  (!TargetDecl || !isa<FunctionDecl>(TargetDecl))) {
4669  SanitizerScope SanScope(this);
4670  EmitSanitizerStatReport(llvm::SanStat_CFI_ICall);
4671 
4672  llvm::Metadata *MD;
4673  if (CGM.getCodeGenOpts().SanitizeCfiICallGeneralizePointers)
4674  MD = CGM.CreateMetadataIdentifierGeneralized(QualType(FnType, 0));
4675  else
4676  MD = CGM.CreateMetadataIdentifierForType(QualType(FnType, 0));
4677 
4678  llvm::Value *TypeId = llvm::MetadataAsValue::get(getLLVMContext(), MD);
4679 
4680  llvm::Value *CalleePtr = Callee.getFunctionPointer();
4681  llvm::Value *CastedCallee = Builder.CreateBitCast(CalleePtr, Int8PtrTy);
4682  llvm::Value *TypeTest = Builder.CreateCall(
4683  CGM.getIntrinsic(llvm::Intrinsic::type_test), {CastedCallee, TypeId});
4684 
4685  auto CrossDsoTypeId = CGM.CreateCrossDsoCfiTypeId(MD);
4686  llvm::Constant *StaticData[] = {
4687  llvm::ConstantInt::get(Int8Ty, CFITCK_ICall),
4688  EmitCheckSourceLocation(E->getBeginLoc()),
4689  EmitCheckTypeDescriptor(QualType(FnType, 0)),
4690  };
4691  if (CGM.getCodeGenOpts().SanitizeCfiCrossDso && CrossDsoTypeId) {
4692  EmitCfiSlowPathCheck(SanitizerKind::CFIICall, TypeTest, CrossDsoTypeId,
4693  CastedCallee, StaticData);
4694  } else {
4695  EmitCheck(std::make_pair(TypeTest, SanitizerKind::CFIICall),
4696  SanitizerHandler::CFICheckFail, StaticData,
4697  {CastedCallee, llvm::UndefValue::get(IntPtrTy)});
4698  }
4699  }
4700 
4701  CallArgList Args;
4702  if (Chain)
4703  Args.add(RValue::get(Builder.CreateBitCast(Chain, CGM.VoidPtrTy)),
4704  CGM.getContext().VoidPtrTy);
4705 
4706  // C++17 requires that we evaluate arguments to a call using assignment syntax
4707  // right-to-left, and that we evaluate arguments to certain other operators
4708  // left-to-right. Note that we allow this to override the order dictated by
4709  // the calling convention on the MS ABI, which means that parameter
4710  // destruction order is not necessarily reverse construction order.
4711  // FIXME: Revisit this based on C++ committee response to unimplementability.
4712  EvaluationOrder Order = EvaluationOrder::Default;
4713  if (auto *OCE = dyn_cast<CXXOperatorCallExpr>(E)) {
4714  if (OCE->isAssignmentOp())
4715  Order = EvaluationOrder::ForceRightToLeft;
4716  else {
4717  switch (OCE->getOperator()) {
4718  case OO_LessLess:
4719  case OO_GreaterGreater:
4720  case OO_AmpAmp:
4721  case OO_PipePipe:
4722  case OO_Comma:
4723  case OO_ArrowStar:
4724  Order = EvaluationOrder::ForceLeftToRight;
4725  break;
4726  default:
4727  break;
4728  }
4729  }
4730  }
4731 
4732  EmitCallArgs(Args, dyn_cast<FunctionProtoType>(FnType), E->arguments(),
4733  E->getDirectCallee(), /*ParamsToSkip*/ 0, Order);
4734 
4735  const CGFunctionInfo &FnInfo = CGM.getTypes().arrangeFreeFunctionCall(
4736  Args, FnType, /*isChainCall=*/Chain);
4737 
4738  // C99 6.5.2.2p6:
4739  // If the expression that denotes the called function has a type
4740  // that does not include a prototype, [the default argument
4741  // promotions are performed]. If the number of arguments does not
4742  // equal the number of parameters, the behavior is undefined. If
4743  // the function is defined with a type that includes a prototype,
4744  // and either the prototype ends with an ellipsis (, ...) or the
4745  // types of the arguments after promotion are not compatible with
4746  // the types of the parameters, the behavior is undefined. If the
4747  // function is defined with a type that does not include a
4748  // prototype, and the types of the arguments after promotion are
4749  // not compatible with those of the parameters after promotion,
4750  // the behavior is undefined [except in some trivial cases].
4751  // That is, in the general case, we should assume that a call
4752  // through an unprototyped function type works like a *non-variadic*
4753  // call. The way we make this work is to cast to the exact type
4754  // of the promoted arguments.
4755  //
4756  // Chain calls use this same code path to add the invisible chain parameter
4757  // to the function type.
4758  if (isa<FunctionNoProtoType>(FnType) || Chain) {
4759  llvm::Type *CalleeTy = getTypes().GetFunctionType(FnInfo);
4760  CalleeTy = CalleeTy->getPointerTo();
4761 
4762  llvm::Value *CalleePtr = Callee.getFunctionPointer();
4763  CalleePtr = Builder.CreateBitCast(CalleePtr, CalleeTy, "callee.knr.cast");
4764  Callee.setFunctionPointer(CalleePtr);
4765  }
4766 
4767  return EmitCall(FnInfo, Callee, ReturnValue, Args, nullptr, E->getExprLoc());
4768 }
4769 
4770 LValue CodeGenFunction::
4771 EmitPointerToDataMemberBinaryExpr(const BinaryOperator *E) {
4772  Address BaseAddr = Address::invalid();
4773  if (E->getOpcode() == BO_PtrMemI) {
4774  BaseAddr = EmitPointerWithAlignment(E->getLHS());
4775  } else {
4776  BaseAddr = EmitLValue(E->getLHS()).getAddress();
4777  }
4778 
4779  llvm::Value *OffsetV = EmitScalarExpr(E->getRHS());
4780 
4781  const MemberPointerType *MPT
4782  = E->getRHS()->getType()->getAs<MemberPointerType>();
4783 
4784  LValueBaseInfo BaseInfo;
4785  TBAAAccessInfo TBAAInfo;
4786  Address MemberAddr =
4787  EmitCXXMemberDataPointerAddress(E, BaseAddr, OffsetV, MPT, &BaseInfo,
4788  &TBAAInfo);
4789 
4790  return MakeAddrLValue(MemberAddr, MPT->getPointeeType(), BaseInfo, TBAAInfo);
4791 }
4792 
4793 /// Given the address of a temporary variabl