clang  9.0.0svn
CGExpr.cpp
Go to the documentation of this file.
1 //===--- CGExpr.cpp - Emit LLVM Code from Expressions ---------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This contains code to emit Expr nodes as LLVM code.
10 //
11 //===----------------------------------------------------------------------===//
12 
13 #include "CGCXXABI.h"
14 #include "CGCall.h"
15 #include "CGCleanup.h"
16 #include "CGDebugInfo.h"
17 #include "CGObjCRuntime.h"
18 #include "CGOpenMPRuntime.h"
19 #include "CGRecordLayout.h"
20 #include "CodeGenFunction.h"
21 #include "CodeGenModule.h"
22 #include "ConstantEmitter.h"
23 #include "TargetInfo.h"
24 #include "clang/AST/ASTContext.h"
25 #include "clang/AST/Attr.h"
26 #include "clang/AST/DeclObjC.h"
27 #include "clang/AST/NSAPI.h"
28 #include "clang/Basic/CodeGenOptions.h"
29 #include "llvm/ADT/Hashing.h"
30 #include "llvm/ADT/StringExtras.h"
31 #include "llvm/IR/DataLayout.h"
32 #include "llvm/IR/Intrinsics.h"
33 #include "llvm/IR/LLVMContext.h"
34 #include "llvm/IR/MDBuilder.h"
35 #include "llvm/Support/ConvertUTF.h"
36 #include "llvm/Support/MathExtras.h"
37 #include "llvm/Support/Path.h"
38 #include "llvm/Transforms/Utils/SanitizerStats.h"
39 
40 #include <string>
41 
42 using namespace clang;
43 using namespace CodeGen;
44 
45 //===--------------------------------------------------------------------===//
46 // Miscellaneous Helper Methods
47 //===--------------------------------------------------------------------===//
48 
49 llvm::Value *CodeGenFunction::EmitCastToVoidPtr(llvm::Value *value) {
50  unsigned addressSpace =
51  cast<llvm::PointerType>(value->getType())->getAddressSpace();
52 
53  llvm::PointerType *destType = Int8PtrTy;
54  if (addressSpace)
55  destType = llvm::Type::getInt8PtrTy(getLLVMContext(), addressSpace);
56 
57  if (value->getType() == destType) return value;
58  return Builder.CreateBitCast(value, destType);
59 }
60 
61 /// CreateTempAlloca - This creates a alloca and inserts it into the entry
62 /// block.
63 Address CodeGenFunction::CreateTempAllocaWithoutCast(llvm::Type *Ty,
64  CharUnits Align,
65  const Twine &Name,
66  llvm::Value *ArraySize) {
67  auto Alloca = CreateTempAlloca(Ty, Name, ArraySize);
68  Alloca->setAlignment(Align.getQuantity());
69  return Address(Alloca, Align);
70 }
71 
72 /// CreateTempAlloca - This creates a alloca and inserts it into the entry
73 /// block. The alloca is casted to default address space if necessary.
74 Address CodeGenFunction::CreateTempAlloca(llvm::Type *Ty, CharUnits Align,
75  const Twine &Name,
76  llvm::Value *ArraySize,
77  Address *AllocaAddr) {
78  auto Alloca = CreateTempAllocaWithoutCast(Ty, Align, Name, ArraySize);
79  if (AllocaAddr)
80  *AllocaAddr = Alloca;
81  llvm::Value *V = Alloca.getPointer();
82  // Alloca always returns a pointer in alloca address space, which may
83  // be different from the type defined by the language. For example,
84  // in C++ the auto variables are in the default address space. Therefore
85  // cast alloca to the default address space when necessary.
86  if (getASTAllocaAddressSpace() != LangAS::Default) {
87  auto DestAddrSpace = getContext().getTargetAddressSpace(LangAS::Default);
88  llvm::IRBuilderBase::InsertPointGuard IPG(Builder);
89  // When ArraySize is nullptr, alloca is inserted at AllocaInsertPt,
90  // otherwise alloca is inserted at the current insertion point of the
91  // builder.
92  if (!ArraySize)
93  Builder.SetInsertPoint(AllocaInsertPt);
94  V = getTargetHooks().performAddrSpaceCast(
95  *this, V, getASTAllocaAddressSpace(), LangAS::Default,
96  Ty->getPointerTo(DestAddrSpace), /*non-null*/ true);
97  }
98 
99  return Address(V, Align);
100 }
101 
102 /// CreateTempAlloca - This creates an alloca and inserts it into the entry
103 /// block if \p ArraySize is nullptr, otherwise inserts it at the current
104 /// insertion point of the builder.
105 llvm::AllocaInst *CodeGenFunction::CreateTempAlloca(llvm::Type *Ty,
106  const Twine &Name,
107  llvm::Value *ArraySize) {
108  if (ArraySize)
109  return Builder.CreateAlloca(Ty, ArraySize, Name);
110  return new llvm::AllocaInst(Ty, CGM.getDataLayout().getAllocaAddrSpace(),
111  ArraySize, Name, AllocaInsertPt);
112 }
113 
114 /// CreateDefaultAlignTempAlloca - This creates an alloca with the
115 /// default alignment of the corresponding LLVM type, which is *not*
116 /// guaranteed to be related in any way to the expected alignment of
117 /// an AST type that might have been lowered to Ty.
118 Address CodeGenFunction::CreateDefaultAlignTempAlloca(llvm::Type *Ty,
119  const Twine &Name) {
120  CharUnits Align =
121  CharUnits::fromQuantity(CGM.getDataLayout().getABITypeAlignment(Ty));
122  return CreateTempAlloca(Ty, Align, Name);
123 }
124 
125 void CodeGenFunction::InitTempAlloca(Address Var, llvm::Value *Init) {
126  assert(isa<llvm::AllocaInst>(Var.getPointer()));
127  auto *Store = new llvm::StoreInst(Init, Var.getPointer());
128  Store->setAlignment(Var.getAlignment().getQuantity());
129  llvm::BasicBlock *Block = AllocaInsertPt->getParent();
130  Block->getInstList().insertAfter(AllocaInsertPt->getIterator(), Store);
131 }
132 
133 Address CodeGenFunction::CreateIRTemp(QualType Ty, const Twine &Name) {
134  CharUnits Align = getContext().getTypeAlignInChars(Ty);
135  return CreateTempAlloca(ConvertType(Ty), Align, Name);
136 }
137 
138 Address CodeGenFunction::CreateMemTemp(QualType Ty, const Twine &Name,
139  Address *Alloca) {
140  // FIXME: Should we prefer the preferred type alignment here?
141  return CreateMemTemp(Ty, getContext().getTypeAlignInChars(Ty), Name, Alloca);
142 }
143 
144 Address CodeGenFunction::CreateMemTemp(QualType Ty, CharUnits Align,
145  const Twine &Name, Address *Alloca) {
146  return CreateTempAlloca(ConvertTypeForMem(Ty), Align, Name,
147  /*ArraySize=*/nullptr, Alloca);
148 }
149 
150 Address CodeGenFunction::CreateMemTempWithoutCast(QualType Ty, CharUnits Align,
151  const Twine &Name) {
152  return CreateTempAllocaWithoutCast(ConvertTypeForMem(Ty), Align, Name);
153 }
154 
155 Address CodeGenFunction::CreateMemTempWithoutCast(QualType Ty,
156  const Twine &Name) {
157  return CreateMemTempWithoutCast(Ty, getContext().getTypeAlignInChars(Ty),
158  Name);
159 }
160 
161 /// EvaluateExprAsBool - Perform the usual unary conversions on the specified
162 /// expression and compare the result against zero, returning an Int1Ty value.
163 llvm::Value *CodeGenFunction::EvaluateExprAsBool(const Expr *E) {
164  PGO.setCurrentStmt(E);
165  if (const MemberPointerType *MPT = E->getType()->getAs<MemberPointerType>()) {
166  llvm::Value *MemPtr = EmitScalarExpr(E);
167  return CGM.getCXXABI().EmitMemberPointerIsNotNull(*this, MemPtr, MPT);
168  }
169 
170  QualType BoolTy = getContext().BoolTy;
171  SourceLocation Loc = E->getExprLoc();
172  if (!E->getType()->isAnyComplexType())
173  return EmitScalarConversion(EmitScalarExpr(E), E->getType(), BoolTy, Loc);
174 
175  return EmitComplexToScalarConversion(EmitComplexExpr(E), E->getType(), BoolTy,
176  Loc);
177 }
178 
179 /// EmitIgnoredExpr - Emit code to compute the specified expression,
180 /// ignoring the result.
181 void CodeGenFunction::EmitIgnoredExpr(const Expr *E) {
182  if (E->isRValue())
183  return (void) EmitAnyExpr(E, AggValueSlot::ignored(), true);
184 
185  // Just emit it as an l-value and drop the result.
186  EmitLValue(E);
187 }
188 
189 /// EmitAnyExpr - Emit code to compute the specified expression which
190 /// can have any type. The result is returned as an RValue struct.
191 /// If this is an aggregate expression, AggSlot indicates where the
192 /// result should be returned.
193 RValue CodeGenFunction::EmitAnyExpr(const Expr *E,
194  AggValueSlot aggSlot,
195  bool ignoreResult) {
196  switch (getEvaluationKind(E->getType())) {
197  case TEK_Scalar:
198  return RValue::get(EmitScalarExpr(E, ignoreResult));
199  case TEK_Complex:
200  return RValue::getComplex(EmitComplexExpr(E, ignoreResult, ignoreResult));
201  case TEK_Aggregate:
202  if (!ignoreResult && aggSlot.isIgnored())
203  aggSlot = CreateAggTemp(E->getType(), "agg-temp");
204  EmitAggExpr(E, aggSlot);
205  return aggSlot.asRValue();
206  }
207  llvm_unreachable("bad evaluation kind");
208 }
209 
210 /// EmitAnyExprToTemp - Similar to EmitAnyExpr(), however, the result will
211 /// always be accessible even if no aggregate location is provided.
212 RValue CodeGenFunction::EmitAnyExprToTemp(const Expr *E) {
213  AggValueSlot AggSlot = AggValueSlot::ignored();
214 
215  if (hasAggregateEvaluationKind(E->getType()))
216  AggSlot = CreateAggTemp(E->getType(), "agg.tmp");
217  return EmitAnyExpr(E, AggSlot);
218 }
219 
220 /// EmitAnyExprToMem - Evaluate an expression into a given memory
221 /// location.
222 void CodeGenFunction::EmitAnyExprToMem(const Expr *E,
223  Address Location,
224  Qualifiers Quals,
225  bool IsInit) {
226  // FIXME: This function should take an LValue as an argument.
227  switch (getEvaluationKind(E->getType())) {
228  case TEK_Complex:
229  EmitComplexExprIntoLValue(E, MakeAddrLValue(Location, E->getType()),
230  /*isInit*/ false);
231  return;
232 
233  case TEK_Aggregate: {
234  EmitAggExpr(E, AggValueSlot::forAddr(Location, Quals,
235  AggValueSlot::IsDestructed_t(IsInit),
236  AggValueSlot::DoesNotNeedGCBarriers,
237  AggValueSlot::IsAliased_t(!IsInit),
238  AggValueSlot::MayOverlap));
239  return;
240  }
241 
242  case TEK_Scalar: {
243  RValue RV = RValue::get(EmitScalarExpr(E, /*Ignore*/ false));
244  LValue LV = MakeAddrLValue(Location, E->getType());
245  EmitStoreThroughLValue(RV, LV);
246  return;
247  }
248  }
249  llvm_unreachable("bad evaluation kind");
250 }
251 
252 static void
253 pushTemporaryCleanup(CodeGenFunction &CGF, const MaterializeTemporaryExpr *M,
254  const Expr *E, Address ReferenceTemporary) {
255  // Objective-C++ ARC:
256  // If we are binding a reference to a temporary that has ownership, we
257  // need to perform retain/release operations on the temporary.
258  //
259  // FIXME: This should be looking at E, not M.
260  if (auto Lifetime = M->getType().getObjCLifetime()) {
261  switch (Lifetime) {
262  case Qualifiers::OCL_None:
263  case Qualifiers::OCL_ExplicitNone:
264  // Carry on to normal cleanup handling.
265  break;
266 
267  case Qualifiers::OCL_Autoreleasing:
268  // Nothing to do; cleaned up by an autorelease pool.
269  return;
270 
271  case Qualifiers::OCL_Strong:
272  case Qualifiers::OCL_Weak:
273  switch (StorageDuration Duration = M->getStorageDuration()) {
274  case SD_Static:
275  // Note: we intentionally do not register a cleanup to release
276  // the object on program termination.
277  return;
278 
279  case SD_Thread:
280  // FIXME: We should probably register a cleanup in this case.
281  return;
282 
283  case SD_Automatic:
284  case SD_FullExpression:
285  CodeGenFunction::Destroyer *Destroy;
286  CleanupKind CleanupKind;
287  if (Lifetime == Qualifiers::OCL_Strong) {
288  const ValueDecl *VD = M->getExtendingDecl();
289  bool Precise =
290  VD && isa<VarDecl>(VD) && VD->hasAttr<ObjCPreciseLifetimeAttr>();
291  CleanupKind = CGF.getARCCleanupKind();
292  Destroy = Precise ? &CodeGenFunction::destroyARCStrongPrecise
293  : &CodeGenFunction::destroyARCStrongImprecise;
294  } else {
295  // __weak objects always get EH cleanups; otherwise, exceptions
296  // could cause really nasty crashes instead of mere leaks.
297  CleanupKind = NormalAndEHCleanup;
298  Destroy = &CodeGenFunction::destroyARCWeak;
299  }
300  if (Duration == SD_FullExpression)
301  CGF.pushDestroy(CleanupKind, ReferenceTemporary,
302  M->getType(), *Destroy,
303  CleanupKind & EHCleanup);
304  else
305  CGF.pushLifetimeExtendedDestroy(CleanupKind, ReferenceTemporary,
306  M->getType(),
307  *Destroy, CleanupKind & EHCleanup);
308  return;
309 
310  case SD_Dynamic:
311  llvm_unreachable("temporary cannot have dynamic storage duration");
312  }
313  llvm_unreachable("unknown storage duration");
314  }
315  }
316 
317  CXXDestructorDecl *ReferenceTemporaryDtor = nullptr;
318  if (const RecordType *RT =
319  E->getType()->getBaseElementTypeUnsafe()->getAs<RecordType>()) {
320  // Get the destructor for the reference temporary.
321  auto *ClassDecl = cast<CXXRecordDecl>(RT->getDecl());
322  if (!ClassDecl->hasTrivialDestructor())
323  ReferenceTemporaryDtor = ClassDecl->getDestructor();
324  }
325 
326  if (!ReferenceTemporaryDtor)
327  return;
328 
329  // Call the destructor for the temporary.
330  switch (M->getStorageDuration()) {
331  case SD_Static:
332  case SD_Thread: {
333  llvm::FunctionCallee CleanupFn;
334  llvm::Constant *CleanupArg;
335  if (E->getType()->isArrayType()) {
336  CleanupFn = CodeGenFunction(CGF.CGM).generateDestroyHelper(
337  ReferenceTemporary, E->getType(),
338  CodeGenFunction::destroyCXXObject, CGF.getLangOpts().Exceptions,
339  dyn_cast_or_null<VarDecl>(M->getExtendingDecl()));
340  CleanupArg = llvm::Constant::getNullValue(CGF.Int8PtrTy);
341  } else {
342  CleanupFn = CGF.CGM.getAddrAndTypeOfCXXStructor(
343  GlobalDecl(ReferenceTemporaryDtor, Dtor_Complete));
344  CleanupArg = cast<llvm::Constant>(ReferenceTemporary.getPointer());
345  }
346  CGF.CGM.getCXXABI().registerGlobalDtor(
347  CGF, *cast<VarDecl>(M->getExtendingDecl()), CleanupFn, CleanupArg);
348  break;
349  }
350 
351  case SD_FullExpression:
352  CGF.pushDestroy(NormalAndEHCleanup, ReferenceTemporary, E->getType(),
353  CodeGenFunction::destroyCXXObject,
354  CGF.getLangOpts().Exceptions);
355  break;
356 
357  case SD_Automatic:
358  CGF.pushLifetimeExtendedDestroy(NormalAndEHCleanup,
359  ReferenceTemporary, E->getType(),
360  CodeGenFunction::destroyCXXObject,
361  CGF.getLangOpts().Exceptions);
362  break;
363 
364  case SD_Dynamic:
365  llvm_unreachable("temporary cannot have dynamic storage duration");
366  }
367 }
368 
369 static Address createReferenceTemporary(CodeGenFunction &CGF,
370  const MaterializeTemporaryExpr *M,
371  const Expr *Inner,
372  Address *Alloca = nullptr) {
373  auto &TCG = CGF.getTargetHooks();
374  switch (M->getStorageDuration()) {
375  case SD_FullExpression:
376  case SD_Automatic: {
377  // If we have a constant temporary array or record try to promote it into a
378  // constant global under the same rules a normal constant would've been
379  // promoted. This is easier on the optimizer and generally emits fewer
380  // instructions.
381  QualType Ty = Inner->getType();
382  if (CGF.CGM.getCodeGenOpts().MergeAllConstants &&
383  (Ty->isArrayType() || Ty->isRecordType()) &&
384  CGF.CGM.isTypeConstant(Ty, true))
385  if (auto Init = ConstantEmitter(CGF).tryEmitAbstract(Inner, Ty)) {
386  if (auto AddrSpace = CGF.getTarget().getConstantAddressSpace()) {
387  auto AS = AddrSpace.getValue();
388  auto *GV = new llvm::GlobalVariable(
389  CGF.CGM.getModule(), Init->getType(), /*isConstant=*/true,
390  llvm::GlobalValue::PrivateLinkage, Init, ".ref.tmp", nullptr,
391  llvm::GlobalValue::NotThreadLocal,
392  CGF.getContext().getTargetAddressSpace(AS));
393  CharUnits alignment = CGF.getContext().getTypeAlignInChars(Ty);
394  GV->setAlignment(alignment.getQuantity());
395  llvm::Constant *C = GV;
396  if (AS != LangAS::Default)
397  C = TCG.performAddrSpaceCast(
398  CGF.CGM, GV, AS, LangAS::Default,
399  GV->getValueType()->getPointerTo(
400  CGF.getContext().getTargetAddressSpace(LangAS::Default)));
401  // FIXME: Should we put the new global into a COMDAT?
402  return Address(C, alignment);
403  }
404  }
405  return CGF.CreateMemTemp(Ty, "ref.tmp", Alloca);
406  }
407  case SD_Thread:
408  case SD_Static:
409  return CGF.CGM.GetAddrOfGlobalTemporary(M, Inner);
410 
411  case SD_Dynamic:
412  llvm_unreachable("temporary can't have dynamic storage duration");
413  }
414  llvm_unreachable("unknown storage duration");
415 }
416 
417 LValue CodeGenFunction::
418 EmitMaterializeTemporaryExpr(const MaterializeTemporaryExpr *M) {
419  const Expr *E = M->GetTemporaryExpr();
420 
421  assert((!M->getExtendingDecl() || !isa<VarDecl>(M->getExtendingDecl()) ||
422  !cast<VarDecl>(M->getExtendingDecl())->isARCPseudoStrong()) &&
423  "Reference should never be pseudo-strong!");
424 
425  // FIXME: ideally this would use EmitAnyExprToMem, however, we cannot do so
426  // as that will cause the lifetime adjustment to be lost for ARC
427  auto ownership = M->getType().getObjCLifetime();
428  if (ownership != Qualifiers::OCL_None &&
429  ownership != Qualifiers::OCL_ExplicitNone) {
430  Address Object = createReferenceTemporary(*this, M, E);
431  if (auto *Var = dyn_cast<llvm::GlobalVariable>(Object.getPointer())) {
432  Object = Address(llvm::ConstantExpr::getBitCast(Var,
433  ConvertTypeForMem(E->getType())
434  ->getPointerTo(Object.getAddressSpace())),
435  Object.getAlignment());
436 
437  // createReferenceTemporary will promote the temporary to a global with a
438  // constant initializer if it can. It can only do this to a value of
439  // ARC-manageable type if the value is global and therefore "immune" to
440  // ref-counting operations. Therefore we have no need to emit either a
441  // dynamic initialization or a cleanup and we can just return the address
442  // of the temporary.
443  if (Var->hasInitializer())
444  return MakeAddrLValue(Object, M->getType(), AlignmentSource::Decl);
445 
446  Var->setInitializer(CGM.EmitNullConstant(E->getType()));
447  }
448  LValue RefTempDst = MakeAddrLValue(Object, M->getType(),
449  AlignmentSource::Decl);
450 
451  switch (getEvaluationKind(E->getType())) {
452  default: llvm_unreachable("expected scalar or aggregate expression");
453  case TEK_Scalar:
454  EmitScalarInit(E, M->getExtendingDecl(), RefTempDst, false);
455  break;
456  case TEK_Aggregate: {
457  EmitAggExpr(E, AggValueSlot::forAddr(Object,
458  E->getType().getQualifiers(),
459  AggValueSlot::IsDestructed,
460  AggValueSlot::DoesNotNeedGCBarriers,
461  AggValueSlot::IsNotAliased,
462  AggValueSlot::DoesNotOverlap));
463  break;
464  }
465  }
466 
467  pushTemporaryCleanup(*this, M, E, Object);
468  return RefTempDst;
469  }
470 
471  SmallVector<const Expr *, 2> CommaLHSs;
472  SmallVector<SubobjectAdjustment, 2> Adjustments;
473  E = E->skipRValueSubobjectAdjustments(CommaLHSs, Adjustments);
474 
475  for (const auto &Ignored : CommaLHSs)
476  EmitIgnoredExpr(Ignored);
477 
478  if (const auto *opaque = dyn_cast<OpaqueValueExpr>(E)) {
479  if (opaque->getType()->isRecordType()) {
480  assert(Adjustments.empty());
481  return EmitOpaqueValueLValue(opaque);
482  }
483  }
484 
485  // Create and initialize the reference temporary.
486  Address Alloca = Address::invalid();
487  Address Object = createReferenceTemporary(*this, M, E, &Alloca);
488  if (auto *Var = dyn_cast<llvm::GlobalVariable>(
489  Object.getPointer()->stripPointerCasts())) {
490  Object = Address(llvm::ConstantExpr::getBitCast(
491  cast<llvm::Constant>(Object.getPointer()),
492  ConvertTypeForMem(E->getType())->getPointerTo()),
493  Object.getAlignment());
494  // If the temporary is a global and has a constant initializer or is a
495  // constant temporary that we promoted to a global, we may have already
496  // initialized it.
497  if (!Var->hasInitializer()) {
498  Var->setInitializer(CGM.EmitNullConstant(E->getType()));
499  EmitAnyExprToMem(E, Object, Qualifiers(), /*IsInit*/true);
500  }
501  } else {
502  switch (M->getStorageDuration()) {
503  case SD_Automatic:
504  if (auto *Size = EmitLifetimeStart(
505  CGM.getDataLayout().getTypeAllocSize(Alloca.getElementType()),
506  Alloca.getPointer())) {
507  pushCleanupAfterFullExpr<CallLifetimeEnd>(NormalEHLifetimeMarker,
508  Alloca, Size);
509  }
510  break;
511 
512  case SD_FullExpression: {
513  if (!ShouldEmitLifetimeMarkers)
514  break;
515 
516  // Avoid creating a conditional cleanup just to hold an llvm.lifetime.end
517  // marker. Instead, start the lifetime of a conditional temporary earlier
518  // so that it's unconditional. Don't do this in ASan's use-after-scope
519  // mode so that it gets the more precise lifetime marks. If the type has
520  // a non-trivial destructor, we'll have a cleanup block for it anyway,
521  // so this typically doesn't help; skip it in that case.
522  ConditionalEvaluation *OldConditional = nullptr;
523  CGBuilderTy::InsertPoint OldIP;
524  if (isInConditionalBranch() && !E->getType().isDestructedType() &&
525  !CGM.getCodeGenOpts().SanitizeAddressUseAfterScope) {
526  OldConditional = OutermostConditional;
527  OutermostConditional = nullptr;
528 
529  OldIP = Builder.saveIP();
530  llvm::BasicBlock *Block = OldConditional->getStartingBlock();
531  Builder.restoreIP(CGBuilderTy::InsertPoint(
532  Block, llvm::BasicBlock::iterator(Block->back())));
533  }
534 
535  if (auto *Size = EmitLifetimeStart(
536  CGM.getDataLayout().getTypeAllocSize(Alloca.getElementType()),
537  Alloca.getPointer())) {
538  pushFullExprCleanup<CallLifetimeEnd>(NormalEHLifetimeMarker, Alloca,
539  Size);
540  }
541 
542  if (OldConditional) {
543  OutermostConditional = OldConditional;
544  Builder.restoreIP(OldIP);
545  }
546  break;
547  }
548 
549  default:
550  break;
551  }
552  EmitAnyExprToMem(E, Object, Qualifiers(), /*IsInit*/true);
553  }
554  pushTemporaryCleanup(*this, M, E, Object);
555 
556  // Perform derived-to-base casts and/or field accesses, to get from the
557  // temporary object we created (and, potentially, for which we extended
558  // the lifetime) to the subobject we're binding the reference to.
559  for (unsigned I = Adjustments.size(); I != 0; --I) {
560  SubobjectAdjustment &Adjustment = Adjustments[I-1];
561  switch (Adjustment.Kind) {
562  case SubobjectAdjustment::DerivedToBaseAdjustment:
563  Object =
564  GetAddressOfBaseClass(Object, Adjustment.DerivedToBase.DerivedClass,
565  Adjustment.DerivedToBase.BasePath->path_begin(),
566  Adjustment.DerivedToBase.BasePath->path_end(),
567  /*NullCheckValue=*/ false, E->getExprLoc());
568  break;
569 
570  case SubobjectAdjustment::FieldAdjustment: {
571  LValue LV = MakeAddrLValue(Object, E->getType(), AlignmentSource::Decl);
572  LV = EmitLValueForField(LV, Adjustment.Field);
573  assert(LV.isSimple() &&
574  "materialized temporary field is not a simple lvalue");
575  Object = LV.getAddress();
576  break;
577  }
578 
579  case SubobjectAdjustment::MemberPointerAdjustment: {
580  llvm::Value *Ptr = EmitScalarExpr(Adjustment.Ptr.RHS);
581  Object = EmitCXXMemberDataPointerAddress(E, Object, Ptr,
582  Adjustment.Ptr.MPT);
583  break;
584  }
585  }
586  }
587 
588  return MakeAddrLValue(Object, M->getType(), AlignmentSource::Decl);
589 }
590 
591 RValue
592 CodeGenFunction::EmitReferenceBindingToExpr(const Expr *E) {
593  // Emit the expression as an lvalue.
594  LValue LV = EmitLValue(E);
595  assert(LV.isSimple());
596  llvm::Value *Value = LV.getPointer();
597 
598  if (sanitizePerformTypeCheck() && !E->getType()->isFunctionType()) {
599  // C++11 [dcl.ref]p5 (as amended by core issue 453):
600  // If a glvalue to which a reference is directly bound designates neither
601  // an existing object or function of an appropriate type nor a region of
602  // storage of suitable size and alignment to contain an object of the
603  // reference's type, the behavior is undefined.
604  QualType Ty = E->getType();
605  EmitTypeCheck(TCK_ReferenceBinding, E->getExprLoc(), Value, Ty);
606  }
607 
608  return RValue::get(Value);
609 }
610 
611 
612 /// getAccessedFieldNo - Given an encoded value and a result number, return the
613 /// input field number being accessed.
614 unsigned CodeGenFunction::getAccessedFieldNo(unsigned Idx,
615  const llvm::Constant *Elts) {
616  return cast<llvm::ConstantInt>(Elts->getAggregateElement(Idx))
617  ->getZExtValue();
618 }
619 
620 /// Emit the hash_16_bytes function from include/llvm/ADT/Hashing.h.
621 static llvm::Value *emitHash16Bytes(CGBuilderTy &Builder, llvm::Value *Low,
622  llvm::Value *High) {
623  llvm::Value *KMul = Builder.getInt64(0x9ddfea08eb382d69ULL);
624  llvm::Value *K47 = Builder.getInt64(47);
625  llvm::Value *A0 = Builder.CreateMul(Builder.CreateXor(Low, High), KMul);
626  llvm::Value *A1 = Builder.CreateXor(Builder.CreateLShr(A0, K47), A0);
627  llvm::Value *B0 = Builder.CreateMul(Builder.CreateXor(High, A1), KMul);
628  llvm::Value *B1 = Builder.CreateXor(Builder.CreateLShr(B0, K47), B0);
629  return Builder.CreateMul(B1, KMul);
630 }
631 
632 bool CodeGenFunction::isNullPointerAllowed(TypeCheckKind TCK) {
633  return TCK == TCK_DowncastPointer || TCK == TCK_Upcast ||
634  TCK == TCK_UpcastToVirtualBase || TCK == TCK_DynamicOperation;
635 }
636 
637 bool CodeGenFunction::isVptrCheckRequired(TypeCheckKind TCK, QualType Ty) {
638  CXXRecordDecl *RD = Ty->getAsCXXRecordDecl();
639  return (RD && RD->hasDefinition() && RD->isDynamicClass()) &&
640  (TCK == TCK_MemberAccess || TCK == TCK_MemberCall ||
641  TCK == TCK_DowncastPointer || TCK == TCK_DowncastReference ||
642  TCK == TCK_UpcastToVirtualBase || TCK == TCK_DynamicOperation);
643 }
644 
645 bool CodeGenFunction::sanitizePerformTypeCheck() const {
646  return SanOpts.has(SanitizerKind::Null) |
647  SanOpts.has(SanitizerKind::Alignment) |
648  SanOpts.has(SanitizerKind::ObjectSize) |
649  SanOpts.has(SanitizerKind::Vptr);
650 }
651 
652 void CodeGenFunction::EmitTypeCheck(TypeCheckKind TCK, SourceLocation Loc,
653  llvm::Value *Ptr, QualType Ty,
654  CharUnits Alignment,
655  SanitizerSet SkippedChecks,
656  llvm::Value *ArraySize) {
657  if (!sanitizePerformTypeCheck())
658  return;
659 
660  // Don't check pointers outside the default address space. The null check
661  // isn't correct, the object-size check isn't supported by LLVM, and we can't
662  // communicate the addresses to the runtime handler for the vptr check.
663  if (Ptr->getType()->getPointerAddressSpace())
664  return;
665 
666  // Don't check pointers to volatile data. The behavior here is implementation-
667  // defined.
668  if (Ty.isVolatileQualified())
669  return;
670 
671  SanitizerScope SanScope(this);
672 
673  SmallVector<std::pair<llvm::Value *, SanitizerMask>, 3> Checks;
674  llvm::BasicBlock *Done = nullptr;
675 
676  // Quickly determine whether we have a pointer to an alloca. It's possible
677  // to skip null checks, and some alignment checks, for these pointers. This
678  // can reduce compile-time significantly.
679  auto PtrToAlloca =
680  dyn_cast<llvm::AllocaInst>(Ptr->stripPointerCastsNoFollowAliases());
681 
682  llvm::Value *True = llvm::ConstantInt::getTrue(getLLVMContext());
683  llvm::Value *IsNonNull = nullptr;
684  bool IsGuaranteedNonNull =
685  SkippedChecks.has(SanitizerKind::Null) || PtrToAlloca;
686  bool AllowNullPointers = isNullPointerAllowed(TCK);
687  if ((SanOpts.has(SanitizerKind::Null) || AllowNullPointers) &&
688  !IsGuaranteedNonNull) {
689  // The glvalue must not be an empty glvalue.
690  IsNonNull = Builder.CreateIsNotNull(Ptr);
691 
692  // The IR builder can constant-fold the null check if the pointer points to
693  // a constant.
694  IsGuaranteedNonNull = IsNonNull == True;
695 
696  // Skip the null check if the pointer is known to be non-null.
697  if (!IsGuaranteedNonNull) {
698  if (AllowNullPointers) {
699  // When performing pointer casts, it's OK if the value is null.
700  // Skip the remaining checks in that case.
701  Done = createBasicBlock("null");
702  llvm::BasicBlock *Rest = createBasicBlock("not.null");
703  Builder.CreateCondBr(IsNonNull, Rest, Done);
704  EmitBlock(Rest);
705  } else {
706  Checks.push_back(std::make_pair(IsNonNull, SanitizerKind::Null));
707  }
708  }
709  }
710 
711  if (SanOpts.has(SanitizerKind::ObjectSize) &&
712  !SkippedChecks.has(SanitizerKind::ObjectSize) &&
713  !Ty->isIncompleteType()) {
714  uint64_t TySize = getContext().getTypeSizeInChars(Ty).getQuantity();
715  llvm::Value *Size = llvm::ConstantInt::get(IntPtrTy, TySize);
716  if (ArraySize)
717  Size = Builder.CreateMul(Size, ArraySize);
718 
719  // Degenerate case: new X[0] does not need an objectsize check.
720  llvm::Constant *ConstantSize = dyn_cast<llvm::Constant>(Size);
721  if (!ConstantSize || !ConstantSize->isNullValue()) {
722  // The glvalue must refer to a large enough storage region.
723  // FIXME: If Address Sanitizer is enabled, insert dynamic instrumentation
724  // to check this.
725  // FIXME: Get object address space
726  llvm::Type *Tys[2] = { IntPtrTy, Int8PtrTy };
727  llvm::Function *F = CGM.getIntrinsic(llvm::Intrinsic::objectsize, Tys);
728  llvm::Value *Min = Builder.getFalse();
729  llvm::Value *NullIsUnknown = Builder.getFalse();
730  llvm::Value *Dynamic = Builder.getFalse();
731  llvm::Value *CastAddr = Builder.CreateBitCast(Ptr, Int8PtrTy);
732  llvm::Value *LargeEnough = Builder.CreateICmpUGE(
733  Builder.CreateCall(F, {CastAddr, Min, NullIsUnknown, Dynamic}), Size);
734  Checks.push_back(std::make_pair(LargeEnough, SanitizerKind::ObjectSize));
735  }
736  }
737 
738  uint64_t AlignVal = 0;
739  llvm::Value *PtrAsInt = nullptr;
740 
741  if (SanOpts.has(SanitizerKind::Alignment) &&
742  !SkippedChecks.has(SanitizerKind::Alignment)) {
743  AlignVal = Alignment.getQuantity();
744  if (!Ty->isIncompleteType() && !AlignVal)
745  AlignVal = getContext().getTypeAlignInChars(Ty).getQuantity();
746 
747  // The glvalue must be suitably aligned.
748  if (AlignVal > 1 &&
749  (!PtrToAlloca || PtrToAlloca->getAlignment() < AlignVal)) {
750  PtrAsInt = Builder.CreatePtrToInt(Ptr, IntPtrTy);
751  llvm::Value *Align = Builder.CreateAnd(
752  PtrAsInt, llvm::ConstantInt::get(IntPtrTy, AlignVal - 1));
753  llvm::Value *Aligned =
754  Builder.CreateICmpEQ(Align, llvm::ConstantInt::get(IntPtrTy, 0));
755  if (Aligned != True)
756  Checks.push_back(std::make_pair(Aligned, SanitizerKind::Alignment));
757  }
758  }
759 
760  if (Checks.size() > 0) {
761  // Make sure we're not losing information. Alignment needs to be a power of
762  // 2
763  assert(!AlignVal || (uint64_t)1 << llvm::Log2_64(AlignVal) == AlignVal);
764  llvm::Constant *StaticData[] = {
765  EmitCheckSourceLocation(Loc), EmitCheckTypeDescriptor(Ty),
766  llvm::ConstantInt::get(Int8Ty, AlignVal ? llvm::Log2_64(AlignVal) : 1),
767  llvm::ConstantInt::get(Int8Ty, TCK)};
768  EmitCheck(Checks, SanitizerHandler::TypeMismatch, StaticData,
769  PtrAsInt ? PtrAsInt : Ptr);
770  }
771 
772  // If possible, check that the vptr indicates that there is a subobject of
773  // type Ty at offset zero within this object.
774  //
775  // C++11 [basic.life]p5,6:
776  // [For storage which does not refer to an object within its lifetime]
777  // The program has undefined behavior if:
778  // -- the [pointer or glvalue] is used to access a non-static data member
779  // or call a non-static member function
780  if (SanOpts.has(SanitizerKind::Vptr) &&
781  !SkippedChecks.has(SanitizerKind::Vptr) && isVptrCheckRequired(TCK, Ty)) {
782  // Ensure that the pointer is non-null before loading it. If there is no
783  // compile-time guarantee, reuse the run-time null check or emit a new one.
784  if (!IsGuaranteedNonNull) {
785  if (!IsNonNull)
786  IsNonNull = Builder.CreateIsNotNull(Ptr);
787  if (!Done)
788  Done = createBasicBlock("vptr.null");
789  llvm::BasicBlock *VptrNotNull = createBasicBlock("vptr.not.null");
790  Builder.CreateCondBr(IsNonNull, VptrNotNull, Done);
791  EmitBlock(VptrNotNull);
792  }
793 
794  // Compute a hash of the mangled name of the type.
795  //
796  // FIXME: This is not guaranteed to be deterministic! Move to a
797  // fingerprinting mechanism once LLVM provides one. For the time
798  // being the implementation happens to be deterministic.
799  SmallString<64> MangledName;
800  llvm::raw_svector_ostream Out(MangledName);
801  CGM.getCXXABI().getMangleContext().mangleCXXRTTI(Ty.getUnqualifiedType(),
802  Out);
803 
804  // Blacklist based on the mangled type.
805  if (!CGM.getContext().getSanitizerBlacklist().isBlacklistedType(
806  SanitizerKind::Vptr, Out.str())) {
807  llvm::hash_code TypeHash = hash_value(Out.str());
808 
809  // Load the vptr, and compute hash_16_bytes(TypeHash, vptr).
810  llvm::Value *Low = llvm::ConstantInt::get(Int64Ty, TypeHash);
811  llvm::Type *VPtrTy = llvm::PointerType::get(IntPtrTy, 0);
812  Address VPtrAddr(Builder.CreateBitCast(Ptr, VPtrTy), getPointerAlign());
813  llvm::Value *VPtrVal = Builder.CreateLoad(VPtrAddr);
814  llvm::Value *High = Builder.CreateZExt(VPtrVal, Int64Ty);
815 
816  llvm::Value *Hash = emitHash16Bytes(Builder, Low, High);
817  Hash = Builder.CreateTrunc(Hash, IntPtrTy);
818 
819  // Look the hash up in our cache.
820  const int CacheSize = 128;
821  llvm::Type *HashTable = llvm::ArrayType::get(IntPtrTy, CacheSize);
822  llvm::Value *Cache = CGM.CreateRuntimeVariable(HashTable,
823  "__ubsan_vptr_type_cache");
824  llvm::Value *Slot = Builder.CreateAnd(Hash,
825  llvm::ConstantInt::get(IntPtrTy,
826  CacheSize-1));
827  llvm::Value *Indices[] = { Builder.getInt32(0), Slot };
828  llvm::Value *CacheVal =
829  Builder.CreateAlignedLoad(Builder.CreateInBoundsGEP(Cache, Indices),
830  getPointerAlign());
831 
832  // If the hash isn't in the cache, call a runtime handler to perform the
833  // hard work of checking whether the vptr is for an object of the right
834  // type. This will either fill in the cache and return, or produce a
835  // diagnostic.
836  llvm::Value *EqualHash = Builder.CreateICmpEQ(CacheVal, Hash);
837  llvm::Constant *StaticData[] = {
838  EmitCheckSourceLocation(Loc),
839  EmitCheckTypeDescriptor(Ty),
840  CGM.GetAddrOfRTTIDescriptor(Ty.getUnqualifiedType()),
841  llvm::ConstantInt::get(Int8Ty, TCK)
842  };
843  llvm::Value *DynamicData[] = { Ptr, Hash };
844  EmitCheck(std::make_pair(EqualHash, SanitizerKind::Vptr),
845  SanitizerHandler::DynamicTypeCacheMiss, StaticData,
846  DynamicData);
847  }
848  }
849 
850  if (Done) {
851  Builder.CreateBr(Done);
852  EmitBlock(Done);
853  }
854 }
855 
856 /// Determine whether this expression refers to a flexible array member in a
857 /// struct. We disable array bounds checks for such members.
858 static bool isFlexibleArrayMemberExpr(const Expr *E) {
859  // For compatibility with existing code, we treat arrays of length 0 or
860  // 1 as flexible array members.
861  const ArrayType *AT = E->getType()->castAsArrayTypeUnsafe();
862  if (const auto *CAT = dyn_cast<ConstantArrayType>(AT)) {
863  if (CAT->getSize().ugt(1))
864  return false;
865  } else if (!isa<IncompleteArrayType>(AT))
866  return false;
867 
868  E = E->IgnoreParens();
869 
870  // A flexible array member must be the last member in the class.
871  if (const auto *ME = dyn_cast<MemberExpr>(E)) {
872  // FIXME: If the base type of the member expr is not FD->getParent(),
873  // this should not be treated as a flexible array member access.
874  if (const auto *FD = dyn_cast<FieldDecl>(ME->getMemberDecl())) {
875  RecordDecl::field_iterator FI(
876  DeclContext::decl_iterator(const_cast<FieldDecl *>(FD)));
877  return ++FI == FD->getParent()->field_end();
878  }
879  } else if (const auto *IRE = dyn_cast<ObjCIvarRefExpr>(E)) {
880  return IRE->getDecl()->getNextIvar() == nullptr;
881  }
882 
883  return false;
884 }
885 
886 llvm::Value *CodeGenFunction::LoadPassedObjectSize(const Expr *E,
887  QualType EltTy) {
888  ASTContext &C = getContext();
889  uint64_t EltSize = C.getTypeSizeInChars(EltTy).getQuantity();
890  if (!EltSize)
891  return nullptr;
892 
893  auto *ArrayDeclRef = dyn_cast<DeclRefExpr>(E->IgnoreParenImpCasts());
894  if (!ArrayDeclRef)
895  return nullptr;
896 
897  auto *ParamDecl = dyn_cast<ParmVarDecl>(ArrayDeclRef->getDecl());
898  if (!ParamDecl)
899  return nullptr;
900 
901  auto *POSAttr = ParamDecl->getAttr<PassObjectSizeAttr>();
902  if (!POSAttr)
903  return nullptr;
904 
905  // Don't load the size if it's a lower bound.
906  int POSType = POSAttr->getType();
907  if (POSType != 0 && POSType != 1)
908  return nullptr;
909 
910  // Find the implicit size parameter.
911  auto PassedSizeIt = SizeArguments.find(ParamDecl);
912  if (PassedSizeIt == SizeArguments.end())
913  return nullptr;
914 
915  const ImplicitParamDecl *PassedSizeDecl = PassedSizeIt->second;
916  assert(LocalDeclMap.count(PassedSizeDecl) && "Passed size not loadable");
917  Address AddrOfSize = LocalDeclMap.find(PassedSizeDecl)->second;
918  llvm::Value *SizeInBytes = EmitLoadOfScalar(AddrOfSize, /*Volatile=*/false,
919  C.getSizeType(), E->getExprLoc());
920  llvm::Value *SizeOfElement =
921  llvm::ConstantInt::get(SizeInBytes->getType(), EltSize);
922  return Builder.CreateUDiv(SizeInBytes, SizeOfElement);
923 }
924 
925 /// If Base is known to point to the start of an array, return the length of
926 /// that array. Return 0 if the length cannot be determined.
927 static llvm::Value *getArrayIndexingBound(
928  CodeGenFunction &CGF, const Expr *Base, QualType &IndexedType) {
929  // For the vector indexing extension, the bound is the number of elements.
930  if (const VectorType *VT = Base->getType()->getAs<VectorType>()) {
931  IndexedType = Base->getType();
932  return CGF.Builder.getInt32(VT->getNumElements());
933  }
934 
935  Base = Base->IgnoreParens();
936 
937  if (const auto *CE = dyn_cast<CastExpr>(Base)) {
938  if (CE->getCastKind() == CK_ArrayToPointerDecay &&
939  !isFlexibleArrayMemberExpr(CE->getSubExpr())) {
940  IndexedType = CE->getSubExpr()->getType();
941  const ArrayType *AT = IndexedType->castAsArrayTypeUnsafe();
942  if (const auto *CAT = dyn_cast<ConstantArrayType>(AT))
943  return CGF.Builder.getInt(CAT->getSize());
944  else if (const auto *VAT = dyn_cast<VariableArrayType>(AT))
945  return CGF.getVLASize(VAT).NumElts;
946  // Ignore pass_object_size here. It's not applicable on decayed pointers.
947  }
948  }
949 
950  QualType EltTy{Base->getType()->getPointeeOrArrayElementType(), 0};
951  if (llvm::Value *POS = CGF.LoadPassedObjectSize(Base, EltTy)) {
952  IndexedType = Base->getType();
953  return POS;
954  }
955 
956  return nullptr;
957 }
958 
959 void CodeGenFunction::EmitBoundsCheck(const Expr *E, const Expr *Base,
960  llvm::Value *Index, QualType IndexType,
961  bool Accessed) {
962  assert(SanOpts.has(SanitizerKind::ArrayBounds) &&
963  "should not be called unless adding bounds checks");
964  SanitizerScope SanScope(this);
965 
966  QualType IndexedType;
967  llvm::Value *Bound = getArrayIndexingBound(*this, Base, IndexedType);
968  if (!Bound)
969  return;
970 
971  bool IndexSigned = IndexType->isSignedIntegerOrEnumerationType();
972  llvm::Value *IndexVal = Builder.CreateIntCast(Index, SizeTy, IndexSigned);
973  llvm::Value *BoundVal = Builder.CreateIntCast(Bound, SizeTy, false);
974 
975  llvm::Constant *StaticData[] = {
976  EmitCheckSourceLocation(E->getExprLoc()),
977  EmitCheckTypeDescriptor(IndexedType),
978  EmitCheckTypeDescriptor(IndexType)
979  };
980  llvm::Value *Check = Accessed ? Builder.CreateICmpULT(IndexVal, BoundVal)
981  : Builder.CreateICmpULE(IndexVal, BoundVal);
982  EmitCheck(std::make_pair(Check, SanitizerKind::ArrayBounds),
983  SanitizerHandler::OutOfBounds, StaticData, Index);
984 }
985 
986 
987 CodeGenFunction::ComplexPairTy CodeGenFunction::
988 EmitComplexPrePostIncDec(const UnaryOperator *E, LValue LV,
989  bool isInc, bool isPre) {
990  ComplexPairTy InVal = EmitLoadOfComplex(LV, E->getExprLoc());
991 
992  llvm::Value *NextVal;
993  if (isa<llvm::IntegerType>(InVal.first->getType())) {
994  uint64_t AmountVal = isInc ? 1 : -1;
995  NextVal = llvm::ConstantInt::get(InVal.first->getType(), AmountVal, true);
996 
997  // Add the inc/dec to the real part.
998  NextVal = Builder.CreateAdd(InVal.first, NextVal, isInc ? "inc" : "dec");
999  } else {
1000  QualType ElemTy = E->getType()->getAs<ComplexType>()->getElementType();
1001  llvm::APFloat FVal(getContext().getFloatTypeSemantics(ElemTy), 1);
1002  if (!isInc)
1003  FVal.changeSign();
1004  NextVal = llvm::ConstantFP::get(getLLVMContext(), FVal);
1005 
1006  // Add the inc/dec to the real part.
1007  NextVal = Builder.CreateFAdd(InVal.first, NextVal, isInc ? "inc" : "dec");
1008  }
1009 
1010  ComplexPairTy IncVal(NextVal, InVal.second);
1011 
1012  // Store the updated result through the lvalue.
1013  EmitStoreOfComplex(IncVal, LV, /*init*/ false);
1014 
1015  // If this is a postinc, return the value read from memory, otherwise use the
1016  // updated value.
1017  return isPre ? IncVal : InVal;
1018 }
1019 
1020 void CodeGenModule::EmitExplicitCastExprType(const ExplicitCastExpr *E,
1021  CodeGenFunction *CGF) {
1022  // Bind VLAs in the cast type.
1023  if (CGF && E->getType()->isVariablyModifiedType())
1024  CGF->EmitVariablyModifiedType(E->getType());
1025 
1026  if (CGDebugInfo *DI = getModuleDebugInfo())
1027  DI->EmitExplicitCastType(E->getType());
1028 }
1029 
1030 //===----------------------------------------------------------------------===//
1031 // LValue Expression Emission
1032 //===----------------------------------------------------------------------===//
1033 
1034 /// EmitPointerWithAlignment - Given an expression of pointer type, try to
1035 /// derive a more accurate bound on the alignment of the pointer.
1036 Address CodeGenFunction::EmitPointerWithAlignment(const Expr *E,
1037  LValueBaseInfo *BaseInfo,
1038  TBAAAccessInfo *TBAAInfo) {
1039  // We allow this with ObjC object pointers because of fragile ABIs.
1040  assert(E->getType()->isPointerType() ||
1041  E->getType()->isObjCObjectPointerType());
1042  E = E->IgnoreParens();
1043 
1044  // Casts:
1045  if (const CastExpr *CE = dyn_cast<CastExpr>(E)) {
1046  if (const auto *ECE = dyn_cast<ExplicitCastExpr>(CE))
1047  CGM.EmitExplicitCastExprType(ECE, this);
1048 
1049  switch (CE->getCastKind()) {
1050  // Non-converting casts (but not C's implicit conversion from void*).
1051  case CK_BitCast:
1052  case CK_NoOp:
1053  case CK_AddressSpaceConversion:
1054  if (auto PtrTy = CE->getSubExpr()->getType()->getAs<PointerType>()) {
1055  if (PtrTy->getPointeeType()->isVoidType())
1056  break;
1057 
1058  LValueBaseInfo InnerBaseInfo;
1059  TBAAAccessInfo InnerTBAAInfo;
1060  Address Addr = EmitPointerWithAlignment(CE->getSubExpr(),
1061  &InnerBaseInfo,
1062  &InnerTBAAInfo);
1063  if (BaseInfo) *BaseInfo = InnerBaseInfo;
1064  if (TBAAInfo) *TBAAInfo = InnerTBAAInfo;
1065 
1066  if (isa<ExplicitCastExpr>(CE)) {
1067  LValueBaseInfo TargetTypeBaseInfo;
1068  TBAAAccessInfo TargetTypeTBAAInfo;
1069  CharUnits Align = getNaturalPointeeTypeAlignment(E->getType(),
1070  &TargetTypeBaseInfo,
1071  &TargetTypeTBAAInfo);
1072  if (TBAAInfo)
1073  *TBAAInfo = CGM.mergeTBAAInfoForCast(*TBAAInfo,
1074  TargetTypeTBAAInfo);
1075  // If the source l-value is opaque, honor the alignment of the
1076  // casted-to type.
1077  if (InnerBaseInfo.getAlignmentSource() != AlignmentSource::Decl) {
1078  if (BaseInfo)
1079  BaseInfo->mergeForCast(TargetTypeBaseInfo);
1080  Addr = Address(Addr.getPointer(), Align);
1081  }
1082  }
1083 
1084  if (SanOpts.has(SanitizerKind::CFIUnrelatedCast) &&
1085  CE->getCastKind() == CK_BitCast) {
1086  if (auto PT = E->getType()->getAs<PointerType>())
1087  EmitVTablePtrCheckForCast(PT->getPointeeType(), Addr.getPointer(),
1088  /*MayBeNull=*/true,
1089  CodeGenFunction::CFITCK_UnrelatedCast,
1090  CE->getBeginLoc());
1091  }
1092  return CE->getCastKind() != CK_AddressSpaceConversion
1093  ? Builder.CreateBitCast(Addr, ConvertType(E->getType()))
1094  : Builder.CreateAddrSpaceCast(Addr,
1095  ConvertType(E->getType()));
1096  }
1097  break;
1098 
1099  // Array-to-pointer decay.
1100  case CK_ArrayToPointerDecay:
1101  return EmitArrayToPointerDecay(CE->getSubExpr(), BaseInfo, TBAAInfo);
1102 
1103  // Derived-to-base conversions.
1104  case CK_UncheckedDerivedToBase:
1105  case CK_DerivedToBase: {
1106  // TODO: Support accesses to members of base classes in TBAA. For now, we
1107  // conservatively pretend that the complete object is of the base class
1108  // type.
1109  if (TBAAInfo)
1110  *TBAAInfo = CGM.getTBAAAccessInfo(E->getType());
1111  Address Addr = EmitPointerWithAlignment(CE->getSubExpr(), BaseInfo);
1112  auto Derived = CE->getSubExpr()->getType()->getPointeeCXXRecordDecl();
1113  return GetAddressOfBaseClass(Addr, Derived,
1114  CE->path_begin(), CE->path_end(),
1115  ShouldNullCheckClassCastValue(CE),
1116  CE->getExprLoc());
1117  }
1118 
1119  // TODO: Is there any reason to treat base-to-derived conversions
1120  // specially?
1121  default:
1122  break;
1123  }
1124  }
1125 
1126  // Unary &.
1127  if (const UnaryOperator *UO = dyn_cast<UnaryOperator>(E)) {
1128  if (UO->getOpcode() == UO_AddrOf) {
1129  LValue LV = EmitLValue(UO->getSubExpr());
1130  if (BaseInfo) *BaseInfo = LV.getBaseInfo();
1131  if (TBAAInfo) *TBAAInfo = LV.getTBAAInfo();
1132  return LV.getAddress();
1133  }
1134  }
1135 
1136  // TODO: conditional operators, comma.
1137 
1138  // Otherwise, use the alignment of the type.
1139  CharUnits Align = getNaturalPointeeTypeAlignment(E->getType(), BaseInfo,
1140  TBAAInfo);
1141  return Address(EmitScalarExpr(E), Align);
1142 }
1143 
1144 RValue CodeGenFunction::GetUndefRValue(QualType Ty) {
1145  if (Ty->isVoidType())
1146  return RValue::get(nullptr);
1147 
1148  switch (getEvaluationKind(Ty)) {
1149  case TEK_Complex: {
1150  llvm::Type *EltTy =
1151  ConvertType(Ty->castAs<ComplexType>()->getElementType());
1152  llvm::Value *U = llvm::UndefValue::get(EltTy);
1153  return RValue::getComplex(std::make_pair(U, U));
1154  }
1155 
1156  // If this is a use of an undefined aggregate type, the aggregate must have an
1157  // identifiable address. Just because the contents of the value are undefined
1158  // doesn't mean that the address can't be taken and compared.
1159  case TEK_Aggregate: {
1160  Address DestPtr = CreateMemTemp(Ty, "undef.agg.tmp");
1161  return RValue::getAggregate(DestPtr);
1162  }
1163 
1164  case TEK_Scalar:
1165  return RValue::get(llvm::UndefValue::get(ConvertType(Ty)));
1166  }
1167  llvm_unreachable("bad evaluation kind");
1168 }
1169 
1170 RValue CodeGenFunction::EmitUnsupportedRValue(const Expr *E,
1171  const char *Name) {
1172  ErrorUnsupported(E, Name);
1173  return GetUndefRValue(E->getType());
1174 }
1175 
1176 LValue CodeGenFunction::EmitUnsupportedLValue(const Expr *E,
1177  const char *Name) {
1178  ErrorUnsupported(E, Name);
1179  llvm::Type *Ty = llvm::PointerType::getUnqual(ConvertType(E->getType()));
1180  return MakeAddrLValue(Address(llvm::UndefValue::get(Ty), CharUnits::One()),
1181  E->getType());
1182 }
1183 
1184 bool CodeGenFunction::IsWrappedCXXThis(const Expr *Obj) {
1185  const Expr *Base = Obj;
1186  while (!isa<CXXThisExpr>(Base)) {
1187  // The result of a dynamic_cast can be null.
1188  if (isa<CXXDynamicCastExpr>(Base))
1189  return false;
1190 
1191  if (const auto *CE = dyn_cast<CastExpr>(Base)) {
1192  Base = CE->getSubExpr();
1193  } else if (const auto *PE = dyn_cast<ParenExpr>(Base)) {
1194  Base = PE->getSubExpr();
1195  } else if (const auto *UO = dyn_cast<UnaryOperator>(Base)) {
1196  if (UO->getOpcode() == UO_Extension)
1197  Base = UO->getSubExpr();
1198  else
1199  return false;
1200  } else {
1201  return false;
1202  }
1203  }
1204  return true;
1205 }
1206 
1207 LValue CodeGenFunction::EmitCheckedLValue(const Expr *E, TypeCheckKind TCK) {
1208  LValue LV;
1209  if (SanOpts.has(SanitizerKind::ArrayBounds) && isa<ArraySubscriptExpr>(E))
1210  LV = EmitArraySubscriptExpr(cast<ArraySubscriptExpr>(E), /*Accessed*/true);
1211  else
1212  LV = EmitLValue(E);
1213  if (!isa<DeclRefExpr>(E) && !LV.isBitField() && LV.isSimple()) {
1214  SanitizerSet SkippedChecks;
1215  if (const auto *ME = dyn_cast<MemberExpr>(E)) {
1216  bool IsBaseCXXThis = IsWrappedCXXThis(ME->getBase());
1217  if (IsBaseCXXThis)
1218  SkippedChecks.set(SanitizerKind::Alignment, true);
1219  if (IsBaseCXXThis || isa<DeclRefExpr>(ME->getBase()))
1220  SkippedChecks.set(SanitizerKind::Null, true);
1221  }
1222  EmitTypeCheck(TCK, E->getExprLoc(), LV.getPointer(),
1223  E->getType(), LV.getAlignment(), SkippedChecks);
1224  }
1225  return LV;
1226 }
1227 
1228 /// EmitLValue - Emit code to compute a designator that specifies the location
1229 /// of the expression.
1230 ///
1231 /// This can return one of two things: a simple address or a bitfield reference.
1232 /// In either case, the LLVM Value* in the LValue structure is guaranteed to be
1233 /// an LLVM pointer type.
1234 ///
1235 /// If this returns a bitfield reference, nothing about the pointee type of the
1236 /// LLVM value is known: For example, it may not be a pointer to an integer.
1237 ///
1238 /// If this returns a normal address, and if the lvalue's C type is fixed size,
1239 /// this method guarantees that the returned pointer type will point to an LLVM
1240 /// type of the same size of the lvalue's type. If the lvalue has a variable
1241 /// length type, this is not possible.
1242 ///
1243 LValue CodeGenFunction::EmitLValue(const Expr *E) {
1244  ApplyDebugLocation DL(*this, E);
1245  switch (E->getStmtClass()) {
1246  default: return EmitUnsupportedLValue(E, "l-value expression");
1247 
1248  case Expr::ObjCPropertyRefExprClass:
1249  llvm_unreachable("cannot emit a property reference directly");
1250 
1251  case Expr::ObjCSelectorExprClass:
1252  return EmitObjCSelectorLValue(cast<ObjCSelectorExpr>(E));
1253  case Expr::ObjCIsaExprClass:
1254  return EmitObjCIsaExpr(cast<ObjCIsaExpr>(E));
1255  case Expr::BinaryOperatorClass:
1256  return EmitBinaryOperatorLValue(cast<BinaryOperator>(E));
1257  case Expr::CompoundAssignOperatorClass: {
1258  QualType Ty = E->getType();
1259  if (const AtomicType *AT = Ty->getAs<AtomicType>())
1260  Ty = AT->getValueType();
1261  if (!Ty->isAnyComplexType())
1262  return EmitCompoundAssignmentLValue(cast<CompoundAssignOperator>(E));
1263  return EmitComplexCompoundAssignmentLValue(cast<CompoundAssignOperator>(E));
1264  }
1265  case Expr::CallExprClass:
1266  case Expr::CXXMemberCallExprClass:
1267  case Expr::CXXOperatorCallExprClass:
1268  case Expr::UserDefinedLiteralClass:
1269  return EmitCallExprLValue(cast<CallExpr>(E));
1270  case Expr::VAArgExprClass:
1271  return EmitVAArgExprLValue(cast<VAArgExpr>(E));
1272  case Expr::DeclRefExprClass:
1273  return EmitDeclRefLValue(cast<DeclRefExpr>(E));
1274  case Expr::ConstantExprClass:
1275  return EmitLValue(cast<ConstantExpr>(E)->getSubExpr());
1276  case Expr::ParenExprClass:
1277  return EmitLValue(cast<ParenExpr>(E)->getSubExpr());
1278  case Expr::GenericSelectionExprClass:
1279  return EmitLValue(cast<GenericSelectionExpr>(E)->getResultExpr());
1280  case Expr::PredefinedExprClass:
1281  return EmitPredefinedLValue(cast<PredefinedExpr>(E));
1282  case Expr::StringLiteralClass:
1283  return EmitStringLiteralLValue(cast<StringLiteral>(E));
1284  case Expr::ObjCEncodeExprClass:
1285  return EmitObjCEncodeExprLValue(cast<ObjCEncodeExpr>(E));
1286  case Expr::PseudoObjectExprClass:
1287  return EmitPseudoObjectLValue(cast<PseudoObjectExpr>(E));
1288  case Expr::InitListExprClass:
1289  return EmitInitListLValue(cast<InitListExpr>(E));
1290  case Expr::CXXTemporaryObjectExprClass:
1291  case Expr::CXXConstructExprClass:
1292  return EmitCXXConstructLValue(cast<CXXConstructExpr>(E));
1293  case Expr::CXXBindTemporaryExprClass:
1294  return EmitCXXBindTemporaryLValue(cast<CXXBindTemporaryExpr>(E));
1295  case Expr::CXXUuidofExprClass:
1296  return EmitCXXUuidofLValue(cast<CXXUuidofExpr>(E));
1297  case Expr::LambdaExprClass:
1298  return EmitAggExprToLValue(E);
1299 
1300  case Expr::ExprWithCleanupsClass: {
1301  const auto *cleanups = cast<ExprWithCleanups>(E);
1302  enterFullExpression(cleanups);
1303  RunCleanupsScope Scope(*this);
1304  LValue LV = EmitLValue(cleanups->getSubExpr());
1305  if (LV.isSimple()) {
1306  // Defend against branches out of gnu statement expressions surrounded by
1307  // cleanups.
1308  llvm::Value *V = LV.getPointer();
1309  Scope.ForceCleanup({&V});
1310  return LValue::MakeAddr(Address(V, LV.getAlignment()), LV.getType(),
1311  getContext(), LV.getBaseInfo(), LV.getTBAAInfo());
1312  }
1313  // FIXME: Is it possible to create an ExprWithCleanups that produces a
1314  // bitfield lvalue or some other non-simple lvalue?
1315  return LV;
1316  }
1317 
1318  case Expr::CXXDefaultArgExprClass: {
1319  auto *DAE = cast<CXXDefaultArgExpr>(E);
1320  CXXDefaultArgExprScope Scope(*this, DAE);
1321  return EmitLValue(DAE->getExpr());
1322  }
1323  case Expr::CXXDefaultInitExprClass: {
1324  auto *DIE = cast<CXXDefaultInitExpr>(E);
1325  CXXDefaultInitExprScope Scope(*this, DIE);
1326  return EmitLValue(DIE->getExpr());
1327  }
1328  case Expr::CXXTypeidExprClass:
1329  return EmitCXXTypeidLValue(cast<CXXTypeidExpr>(E));
1330 
1331  case Expr::ObjCMessageExprClass:
1332  return EmitObjCMessageExprLValue(cast<ObjCMessageExpr>(E));
1333  case Expr::ObjCIvarRefExprClass:
1334  return EmitObjCIvarRefLValue(cast<ObjCIvarRefExpr>(E));
1335  case Expr::StmtExprClass:
1336  return EmitStmtExprLValue(cast<StmtExpr>(E));
1337  case Expr::UnaryOperatorClass:
1338  return EmitUnaryOpLValue(cast<UnaryOperator>(E));
1339  case Expr::ArraySubscriptExprClass:
1340  return EmitArraySubscriptExpr(cast<ArraySubscriptExpr>(E));
1341  case Expr::OMPArraySectionExprClass:
1342  return EmitOMPArraySectionExpr(cast<OMPArraySectionExpr>(E));
1343  case Expr::ExtVectorElementExprClass:
1344  return EmitExtVectorElementExpr(cast<ExtVectorElementExpr>(E));
1345  case Expr::MemberExprClass:
1346  return EmitMemberExpr(cast<MemberExpr>(E));
1347  case Expr::CompoundLiteralExprClass:
1348  return EmitCompoundLiteralLValue(cast<CompoundLiteralExpr>(E));
1349  case Expr::ConditionalOperatorClass:
1350  return EmitConditionalOperatorLValue(cast<ConditionalOperator>(E));
1351  case Expr::BinaryConditionalOperatorClass:
1352  return EmitConditionalOperatorLValue(cast<BinaryConditionalOperator>(E));
1353  case Expr::ChooseExprClass:
1354  return EmitLValue(cast<ChooseExpr>(E)->getChosenSubExpr());
1355  case Expr::OpaqueValueExprClass:
1356  return EmitOpaqueValueLValue(cast<OpaqueValueExpr>(E));
1357  case Expr::SubstNonTypeTemplateParmExprClass:
1358  return EmitLValue(cast<SubstNonTypeTemplateParmExpr>(E)->getReplacement());
1359  case Expr::ImplicitCastExprClass:
1360  case Expr::CStyleCastExprClass:
1361  case Expr::CXXFunctionalCastExprClass:
1362  case Expr::CXXStaticCastExprClass:
1363  case Expr::CXXDynamicCastExprClass:
1364  case Expr::CXXReinterpretCastExprClass:
1365  case Expr::CXXConstCastExprClass:
1366  case Expr::ObjCBridgedCastExprClass:
1367  return EmitCastLValue(cast<CastExpr>(E));
1368 
1369  case Expr::MaterializeTemporaryExprClass:
1370  return EmitMaterializeTemporaryExpr(cast<MaterializeTemporaryExpr>(E));
1371 
1372  case Expr::CoawaitExprClass:
1373  return EmitCoawaitLValue(cast<CoawaitExpr>(E));
1374  case Expr::CoyieldExprClass:
1375  return EmitCoyieldLValue(cast<CoyieldExpr>(E));
1376  }
1377 }
1378 
1379 /// Given an object of the given canonical type, can we safely copy a
1380 /// value out of it based on its initializer?
1381 static bool isConstantEmittableObjectType(QualType type) {
1382  assert(type.isCanonical());
1383  assert(!type->isReferenceType());
1384 
1385  // Must be const-qualified but non-volatile.
1386  Qualifiers qs = type.getLocalQualifiers();
1387  if (!qs.hasConst() || qs.hasVolatile()) return false;
1388 
1389  // Otherwise, all object types satisfy this except C++ classes with
1390  // mutable subobjects or non-trivial copy/destroy behavior.
1391  if (const auto *RT = dyn_cast<RecordType>(type))
1392  if (const auto *RD = dyn_cast<CXXRecordDecl>(RT->getDecl()))
1393  if (RD->hasMutableFields() || !RD->isTrivial())
1394  return false;
1395 
1396  return true;
1397 }
1398 
1399 /// Can we constant-emit a load of a reference to a variable of the
1400 /// given type? This is different from predicates like
1401 /// Decl::isUsableInConstantExpressions because we do want it to apply
1402 /// in situations that don't necessarily satisfy the language's rules
1403 /// for this (e.g. C++'s ODR-use rules). For example, we want to able
1404 /// to do this with const float variables even if those variables
1405 /// aren't marked 'constexpr'.
1406 enum ConstantEmissionKind {
1407  CEK_None,
1408  CEK_AsReferenceOnly,
1409  CEK_AsValueOrReference,
1410  CEK_AsValueOnly
1411 };
1412 static ConstantEmissionKind checkVarTypeForConstantEmission(QualType type) {
1413  type = type.getCanonicalType();
1414  if (const auto *ref = dyn_cast<ReferenceType>(type)) {
1415  if (isConstantEmittableObjectType(ref->getPointeeType()))
1416  return CEK_AsValueOrReference;
1417  return CEK_AsReferenceOnly;
1418  }
1419  if (isConstantEmittableObjectType(type))
1420  return CEK_AsValueOnly;
1421  return CEK_None;
1422 }
1423 
1424 /// Try to emit a reference to the given value without producing it as
1425 /// an l-value. This is actually more than an optimization: we can't
1426 /// produce an l-value for variables that we never actually captured
1427 /// in a block or lambda, which means const int variables or constexpr
1428 /// literals or similar.
1429 CodeGenFunction::ConstantEmission
1430 CodeGenFunction::tryEmitAsConstant(DeclRefExpr *refExpr) {
1431  ValueDecl *value = refExpr->getDecl();
1432 
1433  // The value needs to be an enum constant or a constant variable.
1434  ConstantEmissionKind CEK;
1435  if (isa<ParmVarDecl>(value)) {
1436  CEK = CEK_None;
1437  } else if (auto *var = dyn_cast<VarDecl>(value)) {
1438  CEK = checkVarTypeForConstantEmission(var->getType());
1439  } else if (isa<EnumConstantDecl>(value)) {
1440  CEK = CEK_AsValueOnly;
1441  } else {
1442  CEK = CEK_None;
1443  }
1444  if (CEK == CEK_None) return ConstantEmission();
1445 
1446  Expr::EvalResult result;
1447  bool resultIsReference;
1448  QualType resultType;
1449 
1450  // It's best to evaluate all the way as an r-value if that's permitted.
1451  if (CEK != CEK_AsReferenceOnly &&
1452  refExpr->EvaluateAsRValue(result, getContext())) {
1453  resultIsReference = false;
1454  resultType = refExpr->getType();
1455 
1456  // Otherwise, try to evaluate as an l-value.
1457  } else if (CEK != CEK_AsValueOnly &&
1458  refExpr->EvaluateAsLValue(result, getContext())) {
1459  resultIsReference = true;
1460  resultType = value->getType();
1461 
1462  // Failure.
1463  } else {
1464  return ConstantEmission();
1465  }
1466 
1467  // In any case, if the initializer has side-effects, abandon ship.
1468  if (result.HasSideEffects)
1469  return ConstantEmission();
1470 
1471  // Emit as a constant.
1472  auto C = ConstantEmitter(*this).emitAbstract(refExpr->getLocation(),
1473  result.Val, resultType);
1474 
1475  // Make sure we emit a debug reference to the global variable.
1476  // This should probably fire even for
1477  if (isa<VarDecl>(value)) {
1478  if (!getContext().DeclMustBeEmitted(cast<VarDecl>(value)))
1479  EmitDeclRefExprDbgValue(refExpr, result.Val);
1480  } else {
1481  assert(isa<EnumConstantDecl>(value));
1482  EmitDeclRefExprDbgValue(refExpr, result.Val);
1483  }
1484 
1485  // If we emitted a reference constant, we need to dereference that.
1486  if (resultIsReference)
1487  return ConstantEmission::forReference(C);
1488 
1489  return ConstantEmission::forValue(C);
1490 }
1491 
1492 static DeclRefExpr *tryToConvertMemberExprToDeclRefExpr(CodeGenFunction &CGF,
1493  const MemberExpr *ME) {
1494  if (auto *VD = dyn_cast<VarDecl>(ME->getMemberDecl())) {
1495  // Try to emit static variable member expressions as DREs.
1496  return DeclRefExpr::Create(
1497  CGF.getContext(), NestedNameSpecifierLoc(), SourceLocation(), VD,
1498  /*RefersToEnclosingVariableOrCapture=*/false, ME->getExprLoc(),
1499  ME->getType(), ME->getValueKind());
1500  }
1501  return nullptr;
1502 }
1503 
1504 CodeGenFunction::ConstantEmission
1505 CodeGenFunction::tryEmitAsConstant(const MemberExpr *ME) {
1506  if (DeclRefExpr *DRE = tryToConvertMemberExprToDeclRefExpr(*this, ME))
1507  return tryEmitAsConstant(DRE);
1508  return ConstantEmission();
1509 }
1510 
1511 llvm::Value *CodeGenFunction::emitScalarConstant(
1512  const CodeGenFunction::ConstantEmission &Constant, Expr *E) {
1513  assert(Constant && "not a constant");
1514  if (Constant.isReference())
1515  return EmitLoadOfLValue(Constant.getReferenceLValue(*this, E),
1516  E->getExprLoc())
1517  .getScalarVal();
1518  return Constant.getValue();
1519 }
1520 
1521 llvm::Value *CodeGenFunction::EmitLoadOfScalar(LValue lvalue,
1522  SourceLocation Loc) {
1523  return EmitLoadOfScalar(lvalue.getAddress(), lvalue.isVolatile(),
1524  lvalue.getType(), Loc, lvalue.getBaseInfo(),
1525  lvalue.getTBAAInfo(), lvalue.isNontemporal());
1526 }
1527 
1528 static bool hasBooleanRepresentation(QualType Ty) {
1529  if (Ty->isBooleanType())
1530  return true;
1531 
1532  if (const EnumType *ET = Ty->getAs<EnumType>())
1533  return ET->getDecl()->getIntegerType()->isBooleanType();
1534 
1535  if (const AtomicType *AT = Ty->getAs<AtomicType>())
1536  return hasBooleanRepresentation(AT->getValueType());
1537 
1538  return false;
1539 }
1540 
1541 static bool getRangeForType(CodeGenFunction &CGF, QualType Ty,
1542  llvm::APInt &Min, llvm::APInt &End,
1543  bool StrictEnums, bool IsBool) {
1544  const EnumType *ET = Ty->getAs<EnumType>();
1545  bool IsRegularCPlusPlusEnum = CGF.getLangOpts().CPlusPlus && StrictEnums &&
1546  ET && !ET->getDecl()->isFixed();
1547  if (!IsBool && !IsRegularCPlusPlusEnum)
1548  return false;
1549 
1550  if (IsBool) {
1551  Min = llvm::APInt(CGF.getContext().getTypeSize(Ty), 0);
1552  End = llvm::APInt(CGF.getContext().getTypeSize(Ty), 2);
1553  } else {
1554  const EnumDecl *ED = ET->getDecl();
1555  llvm::Type *LTy = CGF.ConvertTypeForMem(ED->getIntegerType());
1556  unsigned Bitwidth = LTy->getScalarSizeInBits();
1557  unsigned NumNegativeBits = ED->getNumNegativeBits();
1558  unsigned NumPositiveBits = ED->getNumPositiveBits();
1559 
1560  if (NumNegativeBits) {
1561  unsigned NumBits = std::max(NumNegativeBits, NumPositiveBits + 1);
1562  assert(NumBits <= Bitwidth);
1563  End = llvm::APInt(Bitwidth, 1) << (NumBits - 1);
1564  Min = -End;
1565  } else {
1566  assert(NumPositiveBits <= Bitwidth);
1567  End = llvm::APInt(Bitwidth, 1) << NumPositiveBits;
1568  Min = llvm::APInt(Bitwidth, 0);
1569  }
1570  }
1571  return true;
1572 }
1573 
1574 llvm::MDNode *CodeGenFunction::getRangeForLoadFromType(QualType Ty) {
1575  llvm::APInt Min, End;
1576  if (!getRangeForType(*this, Ty, Min, End, CGM.getCodeGenOpts().StrictEnums,
1577  hasBooleanRepresentation(Ty)))
1578  return nullptr;
1579 
1580  llvm::MDBuilder MDHelper(getLLVMContext());
1581  return MDHelper.createRange(Min, End);
1582 }
1583 
1584 bool CodeGenFunction::EmitScalarRangeCheck(llvm::Value *Value, QualType Ty,
1585  SourceLocation Loc) {
1586  bool HasBoolCheck = SanOpts.has(SanitizerKind::Bool);
1587  bool HasEnumCheck = SanOpts.has(SanitizerKind::Enum);
1588  if (!HasBoolCheck && !HasEnumCheck)
1589  return false;
1590 
1591  bool IsBool = hasBooleanRepresentation(Ty) ||
1592  NSAPI(CGM.getContext()).isObjCBOOLType(Ty);
1593  bool NeedsBoolCheck = HasBoolCheck && IsBool;
1594  bool NeedsEnumCheck = HasEnumCheck && Ty->getAs<EnumType>();
1595  if (!NeedsBoolCheck && !NeedsEnumCheck)
1596  return false;
1597 
1598  // Single-bit booleans don't need to be checked. Special-case this to avoid
1599  // a bit width mismatch when handling bitfield values. This is handled by
1600  // EmitFromMemory for the non-bitfield case.
1601  if (IsBool &&
1602  cast<llvm::IntegerType>(Value->getType())->getBitWidth() == 1)
1603  return false;
1604 
1605  llvm::APInt Min, End;
1606  if (!getRangeForType(*this, Ty, Min, End, /*StrictEnums=*/true, IsBool))
1607  return true;
1608 
1609  auto &Ctx = getLLVMContext();
1610  SanitizerScope SanScope(this);
1611  llvm::Value *Check;
1612  --End;
1613  if (!Min) {
1614  Check = Builder.CreateICmpULE(Value, llvm::ConstantInt::get(Ctx, End));
1615  } else {
1616  llvm::Value *Upper =
1617  Builder.CreateICmpSLE(Value, llvm::ConstantInt::get(Ctx, End));
1618  llvm::Value *Lower =
1619  Builder.CreateICmpSGE(Value, llvm::ConstantInt::get(Ctx, Min));
1620  Check = Builder.CreateAnd(Upper, Lower);
1621  }
1622  llvm::Constant *StaticArgs[] = {EmitCheckSourceLocation(Loc),
1623  EmitCheckTypeDescriptor(Ty)};
1624  SanitizerMask Kind =
1625  NeedsEnumCheck ? SanitizerKind::Enum : SanitizerKind::Bool;
1626  EmitCheck(std::make_pair(Check, Kind), SanitizerHandler::LoadInvalidValue,
1627  StaticArgs, EmitCheckValue(Value));
1628  return true;
1629 }
1630 
1631 llvm::Value *CodeGenFunction::EmitLoadOfScalar(Address Addr, bool Volatile,
1632  QualType Ty,
1633  SourceLocation Loc,
1634  LValueBaseInfo BaseInfo,
1635  TBAAAccessInfo TBAAInfo,
1636  bool isNontemporal) {
1637  if (!CGM.getCodeGenOpts().PreserveVec3Type) {
1638  // For better performance, handle vector loads differently.
1639  if (Ty->isVectorType()) {
1640  const llvm::Type *EltTy = Addr.getElementType();
1641 
1642  const auto *VTy = cast<llvm::VectorType>(EltTy);
1643 
1644  // Handle vectors of size 3 like size 4 for better performance.
1645  if (VTy->getNumElements() == 3) {
1646 
1647  // Bitcast to vec4 type.
1648  llvm::VectorType *vec4Ty =
1649  llvm::VectorType::get(VTy->getElementType(), 4);
1650  Address Cast = Builder.CreateElementBitCast(Addr, vec4Ty, "castToVec4");
1651  // Now load value.
1652  llvm::Value *V = Builder.CreateLoad(Cast, Volatile, "loadVec4");
1653 
1654  // Shuffle vector to get vec3.
1655  V = Builder.CreateShuffleVector(V, llvm::UndefValue::get(vec4Ty),
1656  {0, 1, 2}, "extractVec");
1657  return EmitFromMemory(V, Ty);
1658  }
1659  }
1660  }
1661 
1662  // Atomic operations have to be done on integral types.
1663  LValue AtomicLValue =
1664  LValue::MakeAddr(Addr, Ty, getContext(), BaseInfo, TBAAInfo);
1665  if (Ty->isAtomicType() || LValueIsSuitableForInlineAtomic(AtomicLValue)) {
1666  return EmitAtomicLoad(AtomicLValue, Loc).getScalarVal();
1667  }
1668 
1669  llvm::LoadInst *Load = Builder.CreateLoad(Addr, Volatile);
1670  if (isNontemporal) {
1671  llvm::MDNode *Node = llvm::MDNode::get(
1672  Load->getContext(), llvm::ConstantAsMetadata::get(Builder.getInt32(1)));
1673  Load->setMetadata(CGM.getModule().getMDKindID("nontemporal"), Node);
1674  }
1675 
1676  CGM.DecorateInstructionWithTBAA(Load, TBAAInfo);
1677 
1678  if (EmitScalarRangeCheck(Load, Ty, Loc)) {
1679  // In order to prevent the optimizer from throwing away the check, don't
1680  // attach range metadata to the load.
1681  } else if (CGM.getCodeGenOpts().OptimizationLevel > 0)
1682  if (llvm::MDNode *RangeInfo = getRangeForLoadFromType(Ty))
1683  Load->setMetadata(llvm::LLVMContext::MD_range, RangeInfo);
1684 
1685  return EmitFromMemory(Load, Ty);
1686 }
1687 
1688 llvm::Value *CodeGenFunction::EmitToMemory(llvm::Value *Value, QualType Ty) {
1689  // Bool has a different representation in memory than in registers.
1690  if (hasBooleanRepresentation(Ty)) {
1691  // This should really always be an i1, but sometimes it's already
1692  // an i8, and it's awkward to track those cases down.
1693  if (Value->getType()->isIntegerTy(1))
1694  return Builder.CreateZExt(Value, ConvertTypeForMem(Ty), "frombool");
1695  assert(Value->getType()->isIntegerTy(getContext().getTypeSize(Ty)) &&
1696  "wrong value rep of bool");
1697  }
1698 
1699  return Value;
1700 }
1701 
1702 llvm::Value *CodeGenFunction::EmitFromMemory(llvm::Value *Value, QualType Ty) {
1703  // Bool has a different representation in memory than in registers.
1704  if (hasBooleanRepresentation(Ty)) {
1705  assert(Value->getType()->isIntegerTy(getContext().getTypeSize(Ty)) &&
1706  "wrong value rep of bool");
1707  return Builder.CreateTrunc(Value, Builder.getInt1Ty(), "tobool");
1708  }
1709 
1710  return Value;
1711 }
1712 
1713 void CodeGenFunction::EmitStoreOfScalar(llvm::Value *Value, Address Addr,
1714  bool Volatile, QualType Ty,
1715  LValueBaseInfo BaseInfo,
1716  TBAAAccessInfo TBAAInfo,
1717  bool isInit, bool isNontemporal) {
1718  if (!CGM.getCodeGenOpts().PreserveVec3Type) {
1719  // Handle vectors differently to get better performance.
1720  if (Ty->isVectorType()) {
1721  llvm::Type *SrcTy = Value->getType();
1722  auto *VecTy = dyn_cast<llvm::VectorType>(SrcTy);
1723  // Handle vec3 special.
1724  if (VecTy && VecTy->getNumElements() == 3) {
1725  // Our source is a vec3, do a shuffle vector to make it a vec4.
1726  llvm::Constant *Mask[] = {Builder.getInt32(0), Builder.getInt32(1),
1727  Builder.getInt32(2),
1728  llvm::UndefValue::get(Builder.getInt32Ty())};
1729  llvm::Value *MaskV = llvm::ConstantVector::get(Mask);
1730  Value = Builder.CreateShuffleVector(Value, llvm::UndefValue::get(VecTy),
1731  MaskV, "extractVec");
1732  SrcTy = llvm::VectorType::get(VecTy->getElementType(), 4);
1733  }
1734  if (Addr.getElementType() != SrcTy) {
1735  Addr = Builder.CreateElementBitCast(Addr, SrcTy, "storetmp");
1736  }
1737  }
1738  }
1739 
1740  Value = EmitToMemory(Value, Ty);
1741 
1742  LValue AtomicLValue =
1743  LValue::MakeAddr(Addr, Ty, getContext(), BaseInfo, TBAAInfo);
1744  if (Ty->isAtomicType() ||
1745  (!isInit && LValueIsSuitableForInlineAtomic(AtomicLValue))) {
1746  EmitAtomicStore(RValue::get(Value), AtomicLValue, isInit);
1747  return;
1748  }
1749 
1750  llvm::StoreInst *Store = Builder.CreateStore(Value, Addr, Volatile);
1751  if (isNontemporal) {
1752  llvm::MDNode *Node =
1753  llvm::MDNode::get(Store->getContext(),
1754  llvm::ConstantAsMetadata::get(Builder.getInt32(1)));
1755  Store->setMetadata(CGM.getModule().getMDKindID("nontemporal"), Node);
1756  }
1757 
1758  CGM.DecorateInstructionWithTBAA(Store, TBAAInfo);
1759 }
1760 
1761 void CodeGenFunction::EmitStoreOfScalar(llvm::Value *value, LValue lvalue,
1762  bool isInit) {
1763  EmitStoreOfScalar(value, lvalue.getAddress(), lvalue.isVolatile(),
1764  lvalue.getType(), lvalue.getBaseInfo(),
1765  lvalue.getTBAAInfo(), isInit, lvalue.isNontemporal());
1766 }
1767 
1768 /// EmitLoadOfLValue - Given an expression that represents a value lvalue, this
1769 /// method emits the address of the lvalue, then loads the result as an rvalue,
1770 /// returning the rvalue.
1771 RValue CodeGenFunction::EmitLoadOfLValue(LValue LV, SourceLocation Loc) {
1772  if (LV.isObjCWeak()) {
1773  // load of a __weak object.
1774  Address AddrWeakObj = LV.getAddress();
1775  return RValue::get(CGM.getObjCRuntime().EmitObjCWeakRead(*this,
1776  AddrWeakObj));
1777  }
1778  if (LV.getQuals().getObjCLifetime() == Qualifiers::OCL_Weak) {
1779  // In MRC mode, we do a load+autorelease.
1780  if (!getLangOpts().ObjCAutoRefCount) {
1781  return RValue::get(EmitARCLoadWeak(LV.getAddress()));
1782  }
1783 
1784  // In ARC mode, we load retained and then consume the value.
1785  llvm::Value *Object = EmitARCLoadWeakRetained(LV.getAddress());
1786  Object = EmitObjCConsumeObject(LV.getType(), Object);
1787  return RValue::get(Object);
1788  }
1789 
1790  if (LV.isSimple()) {
1791  assert(!LV.getType()->isFunctionType());
1792 
1793  // Everything needs a load.
1794  return RValue::get(EmitLoadOfScalar(LV, Loc));
1795  }
1796 
1797  if (LV.isVectorElt()) {
1798  llvm::LoadInst *Load = Builder.CreateLoad(LV.getVectorAddress(),
1799  LV.isVolatileQualified());
1800  return RValue::get(Builder.CreateExtractElement(Load, LV.getVectorIdx(),
1801  "vecext"));
1802  }
1803 
1804  // If this is a reference to a subset of the elements of a vector, either
1805  // shuffle the input or extract/insert them as appropriate.
1806  if (LV.isExtVectorElt())
1807  return EmitLoadOfExtVectorElementLValue(LV);
1808 
1809  // Global Register variables always invoke intrinsics
1810  if (LV.isGlobalReg())
1811  return EmitLoadOfGlobalRegLValue(LV);
1812 
1813  assert(LV.isBitField() && "Unknown LValue type!");
1814  return EmitLoadOfBitfieldLValue(LV, Loc);
1815 }
1816 
1817 RValue CodeGenFunction::EmitLoadOfBitfieldLValue(LValue LV,
1818  SourceLocation Loc) {
1819  const CGBitFieldInfo &Info = LV.getBitFieldInfo();
1820 
1821  // Get the output type.
1822  llvm::Type *ResLTy = ConvertType(LV.getType());
1823 
1824  Address Ptr = LV.getBitFieldAddress();
1825  llvm::Value *Val = Builder.CreateLoad(Ptr, LV.isVolatileQualified(), "bf.load");
1826 
1827  if (Info.IsSigned) {
1828  assert(static_cast<unsigned>(Info.Offset + Info.Size) <= Info.StorageSize);
1829  unsigned HighBits = Info.StorageSize - Info.Offset - Info.Size;
1830  if (HighBits)
1831  Val = Builder.CreateShl(Val, HighBits, "bf.shl");
1832  if (Info.Offset + HighBits)
1833  Val = Builder.CreateAShr(Val, Info.Offset + HighBits, "bf.ashr");
1834  } else {
1835  if (Info.Offset)
1836  Val = Builder.CreateLShr(Val, Info.Offset, "bf.lshr");
1837  if (static_cast<unsigned>(Info.Offset) + Info.Size < Info.StorageSize)
1838  Val = Builder.CreateAnd(Val, llvm::APInt::getLowBitsSet(Info.StorageSize,
1839  Info.Size),
1840  "bf.clear");
1841  }
1842  Val = Builder.CreateIntCast(Val, ResLTy, Info.IsSigned, "bf.cast");
1843  EmitScalarRangeCheck(Val, LV.getType(), Loc);
1844  return RValue::get(Val);
1845 }
1846 
1847 // If this is a reference to a subset of the elements of a vector, create an
1848 // appropriate shufflevector.
1849 RValue CodeGenFunction::EmitLoadOfExtVectorElementLValue(LValue LV) {
1850  llvm::Value *Vec = Builder.CreateLoad(LV.getExtVectorAddress(),
1851  LV.isVolatileQualified());
1852 
1853  const llvm::Constant *Elts = LV.getExtVectorElts();
1854 
1855  // If the result of the expression is a non-vector type, we must be extracting
1856  // a single element. Just codegen as an extractelement.
1857  const VectorType *ExprVT = LV.getType()->getAs<VectorType>();
1858  if (!ExprVT) {
1859  unsigned InIdx = getAccessedFieldNo(0, Elts);
1860  llvm::Value *Elt = llvm::ConstantInt::get(SizeTy, InIdx);
1861  return RValue::get(Builder.CreateExtractElement(Vec, Elt));
1862  }
1863 
1864  // Always use shuffle vector to try to retain the original program structure
1865  unsigned NumResultElts = ExprVT->getNumElements();
1866 
1867  SmallVector<llvm::Constant*, 4> Mask;
1868  for (unsigned i = 0; i != NumResultElts; ++i)
1869  Mask.push_back(Builder.getInt32(getAccessedFieldNo(i, Elts)));
1870 
1871  llvm::Value *MaskV = llvm::ConstantVector::get(Mask);
1872  Vec = Builder.CreateShuffleVector(Vec, llvm::UndefValue::get(Vec->getType()),
1873  MaskV);
1874  return RValue::get(Vec);
1875 }
1876 
1877 /// Generates lvalue for partial ext_vector access.
1878 Address CodeGenFunction::EmitExtVectorElementLValue(LValue LV) {
1879  Address VectorAddress = LV.getExtVectorAddress();
1880  const VectorType *ExprVT = LV.getType()->getAs<VectorType>();
1881  QualType EQT = ExprVT->getElementType();
1882  llvm::Type *VectorElementTy = CGM.getTypes().ConvertType(EQT);
1883 
1884  Address CastToPointerElement =
1885  Builder.CreateElementBitCast(VectorAddress, VectorElementTy,
1886  "conv.ptr.element");
1887 
1888  const llvm::Constant *Elts = LV.getExtVectorElts();
1889  unsigned ix = getAccessedFieldNo(0, Elts);
1890 
1891  Address VectorBasePtrPlusIx =
1892  Builder.CreateConstInBoundsGEP(CastToPointerElement, ix,
1893  "vector.elt");
1894 
1895  return VectorBasePtrPlusIx;
1896 }
1897 
1898 /// Load of global gamed gegisters are always calls to intrinsics.
1899 RValue CodeGenFunction::EmitLoadOfGlobalRegLValue(LValue LV) {
1900  assert((LV.getType()->isIntegerType() || LV.getType()->isPointerType()) &&
1901  "Bad type for register variable");
1902  llvm::MDNode *RegName = cast<llvm::MDNode>(
1903  cast<llvm::MetadataAsValue>(LV.getGlobalReg())->getMetadata());
1904 
1905  // We accept integer and pointer types only
1906  llvm::Type *OrigTy = CGM.getTypes().ConvertType(LV.getType());
1907  llvm::Type *Ty = OrigTy;
1908  if (OrigTy->isPointerTy())
1909  Ty = CGM.getTypes().getDataLayout().getIntPtrType(OrigTy);
1910  llvm::Type *Types[] = { Ty };
1911 
1912  llvm::Function *F = CGM.getIntrinsic(llvm::Intrinsic::read_register, Types);
1913  llvm::Value *Call = Builder.CreateCall(
1914  F, llvm::MetadataAsValue::get(Ty->getContext(), RegName));
1915  if (OrigTy->isPointerTy())
1916  Call = Builder.CreateIntToPtr(Call, OrigTy);
1917  return RValue::get(Call);
1918 }
1919 
1920 
1921 /// EmitStoreThroughLValue - Store the specified rvalue into the specified
1922 /// lvalue, where both are guaranteed to the have the same type, and that type
1923 /// is 'Ty'.
1924 void CodeGenFunction::EmitStoreThroughLValue(RValue Src, LValue Dst,
1925  bool isInit) {
1926  if (!Dst.isSimple()) {
1927  if (Dst.isVectorElt()) {
1928  // Read/modify/write the vector, inserting the new element.
1929  llvm::Value *Vec = Builder.CreateLoad(Dst.getVectorAddress(),
1930  Dst.isVolatileQualified());
1931  Vec = Builder.CreateInsertElement(Vec, Src.getScalarVal(),
1932  Dst.getVectorIdx(), "vecins");
1933  Builder.CreateStore(Vec, Dst.getVectorAddress(),
1934  Dst.isVolatileQualified());
1935  return;
1936  }
1937 
1938  // If this is an update of extended vector elements, insert them as
1939  // appropriate.
1940  if (Dst.isExtVectorElt())
1941  return EmitStoreThroughExtVectorComponentLValue(Src, Dst);
1942 
1943  if (Dst.isGlobalReg())
1944  return EmitStoreThroughGlobalRegLValue(Src, Dst);
1945 
1946  assert(Dst.isBitField() && "Unknown LValue type");
1947  return EmitStoreThroughBitfieldLValue(Src, Dst);
1948  }
1949 
1950  // There's special magic for assigning into an ARC-qualified l-value.
1951  if (Qualifiers::ObjCLifetime Lifetime = Dst.getQuals().getObjCLifetime()) {
1952  switch (Lifetime) {
1953  case Qualifiers::OCL_None:
1954  llvm_unreachable("present but none");
1955 
1956  case Qualifiers::OCL_ExplicitNone:
1957  // nothing special
1958  break;
1959 
1960  case Qualifiers::OCL_Strong:
1961  if (isInit) {
1962  Src = RValue::get(EmitARCRetain(Dst.getType(), Src.getScalarVal()));
1963  break;
1964  }
1965  EmitARCStoreStrong(Dst, Src.getScalarVal(), /*ignore*/ true);
1966  return;
1967 
1968  case Qualifiers::OCL_Weak:
1969  if (isInit)
1970  // Initialize and then skip the primitive store.
1971  EmitARCInitWeak(Dst.getAddress(), Src.getScalarVal());
1972  else
1973  EmitARCStoreWeak(Dst.getAddress(), Src.getScalarVal(), /*ignore*/ true);
1974  return;
1975 
1976  case Qualifiers::OCL_Autoreleasing:
1977  Src = RValue::get(EmitObjCExtendObjectLifetime(Dst.getType(),
1978  Src.getScalarVal()));
1979  // fall into the normal path
1980  break;
1981  }
1982  }
1983 
1984  if (Dst.isObjCWeak() && !Dst.isNonGC()) {
1985  // load of a __weak object.
1986  Address LvalueDst = Dst.getAddress();
1987  llvm::Value *src = Src.getScalarVal();
1988  CGM.getObjCRuntime().EmitObjCWeakAssign(*this, src, LvalueDst);
1989  return;
1990  }
1991 
1992  if (Dst.isObjCStrong() && !Dst.isNonGC()) {
1993  // load of a __strong object.
1994  Address LvalueDst = Dst.getAddress();
1995  llvm::Value *src = Src.getScalarVal();
1996  if (Dst.isObjCIvar()) {
1997  assert(Dst.getBaseIvarExp() && "BaseIvarExp is NULL");
1998  llvm::Type *ResultType = IntPtrTy;
1999  Address dst = EmitPointerWithAlignment(Dst.getBaseIvarExp());
2000  llvm::Value *RHS = dst.getPointer();
2001  RHS = Builder.CreatePtrToInt(RHS, ResultType, "sub.ptr.rhs.cast");
2002  llvm::Value *LHS =
2003  Builder.CreatePtrToInt(LvalueDst.getPointer(), ResultType,
2004  "sub.ptr.lhs.cast");
2005  llvm::Value *BytesBetween = Builder.CreateSub(LHS, RHS, "ivar.offset");
2006  CGM.getObjCRuntime().EmitObjCIvarAssign(*this, src, dst,
2007  BytesBetween);
2008  } else if (Dst.isGlobalObjCRef()) {
2009  CGM.getObjCRuntime().EmitObjCGlobalAssign(*this, src, LvalueDst,
2010  Dst.isThreadLocalRef());
2011  }
2012  else
2013  CGM.getObjCRuntime().EmitObjCStrongCastAssign(*this, src, LvalueDst);
2014  return;
2015  }
2016 
2017  assert(Src.isScalar() && "Can't emit an agg store with this method");
2018  EmitStoreOfScalar(Src.getScalarVal(), Dst, isInit);
2019 }
2020 
2021 void CodeGenFunction::EmitStoreThroughBitfieldLValue(RValue Src, LValue Dst,
2022  llvm::Value **Result) {
2023  const CGBitFieldInfo &Info = Dst.getBitFieldInfo();
2024  llvm::Type *ResLTy = ConvertTypeForMem(Dst.getType());
2025  Address Ptr = Dst.getBitFieldAddress();
2026 
2027  // Get the source value, truncated to the width of the bit-field.
2028  llvm::Value *SrcVal = Src.getScalarVal();
2029 
2030  // Cast the source to the storage type and shift it into place.
2031  SrcVal = Builder.CreateIntCast(SrcVal, Ptr.getElementType(),
2032  /*IsSigned=*/false);
2033  llvm::Value *MaskedVal = SrcVal;
2034 
2035  // See if there are other bits in the bitfield's storage we'll need to load
2036  // and mask together with source before storing.
2037  if (Info.StorageSize != Info.Size) {
2038  assert(Info.StorageSize > Info.Size && "Invalid bitfield size.");
2039  llvm::Value *Val =
2040  Builder.CreateLoad(Ptr, Dst.isVolatileQualified(), "bf.load");
2041 
2042  // Mask the source value as needed.
2043  if (!hasBooleanRepresentation(Dst.getType()))
2044  SrcVal = Builder.CreateAnd(SrcVal,
2045  llvm::APInt::getLowBitsSet(Info.StorageSize,
2046  Info.Size),
2047  "bf.value");
2048  MaskedVal = SrcVal;
2049  if (Info.Offset)
2050  SrcVal = Builder.CreateShl(SrcVal, Info.Offset, "bf.shl");
2051 
2052  // Mask out the original value.
2053  Val = Builder.CreateAnd(Val,
2054  ~llvm::APInt::getBitsSet(Info.StorageSize,
2055  Info.Offset,
2056  Info.Offset + Info.Size),
2057  "bf.clear");
2058 
2059  // Or together the unchanged values and the source value.
2060  SrcVal = Builder.CreateOr(Val, SrcVal, "bf.set");
2061  } else {
2062  assert(Info.Offset == 0);
2063  }
2064 
2065  // Write the new value back out.
2066  Builder.CreateStore(SrcVal, Ptr, Dst.isVolatileQualified());
2067 
2068  // Return the new value of the bit-field, if requested.
2069  if (Result) {
2070  llvm::Value *ResultVal = MaskedVal;
2071 
2072  // Sign extend the value if needed.
2073  if (Info.IsSigned) {
2074  assert(Info.Size <= Info.StorageSize);
2075  unsigned HighBits = Info.StorageSize - Info.Size;
2076  if (HighBits) {
2077  ResultVal = Builder.CreateShl(ResultVal, HighBits, "bf.result.shl");
2078  ResultVal = Builder.CreateAShr(ResultVal, HighBits, "bf.result.ashr");
2079  }
2080  }
2081 
2082  ResultVal = Builder.CreateIntCast(ResultVal, ResLTy, Info.IsSigned,
2083  "bf.result.cast");
2084  *Result = EmitFromMemory(ResultVal, Dst.getType());
2085  }
2086 }
2087 
2088 void CodeGenFunction::EmitStoreThroughExtVectorComponentLValue(RValue Src,
2089  LValue Dst) {
2090  // This access turns into a read/modify/write of the vector. Load the input
2091  // value now.
2092  llvm::Value *Vec = Builder.CreateLoad(Dst.getExtVectorAddress(),
2093  Dst.isVolatileQualified());
2094  const llvm::Constant *Elts = Dst.getExtVectorElts();
2095 
2096  llvm::Value *SrcVal = Src.getScalarVal();
2097 
2098  if (const VectorType *VTy = Dst.getType()->getAs<VectorType>()) {
2099  unsigned NumSrcElts = VTy->getNumElements();
2100  unsigned NumDstElts = Vec->getType()->getVectorNumElements();
2101  if (NumDstElts == NumSrcElts) {
2102  // Use shuffle vector is the src and destination are the same number of
2103  // elements and restore the vector mask since it is on the side it will be
2104  // stored.
2105  SmallVector<llvm::Constant*, 4> Mask(NumDstElts);
2106  for (unsigned i = 0; i != NumSrcElts; ++i)
2107  Mask[getAccessedFieldNo(i, Elts)] = Builder.getInt32(i);
2108 
2109  llvm::Value *MaskV = llvm::ConstantVector::get(Mask);
2110  Vec = Builder.CreateShuffleVector(SrcVal,
2111  llvm::UndefValue::get(Vec->getType()),
2112  MaskV);
2113  } else if (NumDstElts > NumSrcElts) {
2114  // Extended the source vector to the same length and then shuffle it
2115  // into the destination.
2116  // FIXME: since we're shuffling with undef, can we just use the indices
2117  // into that? This could be simpler.
2118  SmallVector<llvm::Constant*, 4> ExtMask;
2119  for (unsigned i = 0; i != NumSrcElts; ++i)
2120  ExtMask.push_back(Builder.getInt32(i));
2121  ExtMask.resize(NumDstElts, llvm::UndefValue::get(Int32Ty));
2122  llvm::Value *ExtMaskV = llvm::ConstantVector::get(ExtMask);
2123  llvm::Value *ExtSrcVal =
2124  Builder.CreateShuffleVector(SrcVal,
2125  llvm::UndefValue::get(SrcVal->getType()),
2126  ExtMaskV);
2127  // build identity
2128  SmallVector<llvm::Constant*, 4> Mask;
2129  for (unsigned i = 0; i != NumDstElts; ++i)
2130  Mask.push_back(Builder.getInt32(i));
2131 
2132  // When the vector size is odd and .odd or .hi is used, the last element
2133  // of the Elts constant array will be one past the size of the vector.
2134  // Ignore the last element here, if it is greater than the mask size.
2135  if (getAccessedFieldNo(NumSrcElts - 1, Elts) == Mask.size())
2136  NumSrcElts--;
2137 
2138  // modify when what gets shuffled in
2139  for (unsigned i = 0; i != NumSrcElts; ++i)
2140  Mask[getAccessedFieldNo(i, Elts)] = Builder.getInt32(i+NumDstElts);
2141  llvm::Value *MaskV = llvm::ConstantVector::get(Mask);
2142  Vec = Builder.CreateShuffleVector(Vec, ExtSrcVal, MaskV);
2143  } else {
2144  // We should never shorten the vector
2145  llvm_unreachable("unexpected shorten vector length");
2146  }
2147  } else {
2148  // If the Src is a scalar (not a vector) it must be updating one element.
2149  unsigned InIdx = getAccessedFieldNo(0, Elts);
2150  llvm::Value *Elt = llvm::ConstantInt::get(SizeTy, InIdx);
2151  Vec = Builder.CreateInsertElement(Vec, SrcVal, Elt);
2152  }
2153 
2154  Builder.CreateStore(Vec, Dst.getExtVectorAddress(),
2155  Dst.isVolatileQualified());
2156 }
2157 
2158 /// Store of global named registers are always calls to intrinsics.
2159 void CodeGenFunction::EmitStoreThroughGlobalRegLValue(RValue Src, LValue Dst) {
2160  assert((Dst.getType()->isIntegerType() || Dst.getType()->isPointerType()) &&
2161  "Bad type for register variable");
2162  llvm::MDNode *RegName = cast<llvm::MDNode>(
2163  cast<llvm::MetadataAsValue>(Dst.getGlobalReg())->getMetadata());
2164  assert(RegName && "Register LValue is not metadata");
2165 
2166  // We accept integer and pointer types only
2167  llvm::Type *OrigTy = CGM.getTypes().ConvertType(Dst.getType());
2168  llvm::Type *Ty = OrigTy;
2169  if (OrigTy->isPointerTy())
2170  Ty = CGM.getTypes().getDataLayout().getIntPtrType(OrigTy);
2171  llvm::Type *Types[] = { Ty };
2172 
2173  llvm::Function *F = CGM.getIntrinsic(llvm::Intrinsic::write_register, Types);
2174  llvm::Value *Value = Src.getScalarVal();
2175  if (OrigTy->isPointerTy())
2176  Value = Builder.CreatePtrToInt(Value, Ty);
2177  Builder.CreateCall(
2178  F, {llvm::MetadataAsValue::get(Ty->getContext(), RegName), Value});
2179 }
2180 
2181 // setObjCGCLValueClass - sets class of the lvalue for the purpose of
2182 // generating write-barries API. It is currently a global, ivar,
2183 // or neither.
2184 static void setObjCGCLValueClass(const ASTContext &Ctx, const Expr *E,
2185  LValue &LV,
2186  bool IsMemberAccess=false) {
2187  if (Ctx.getLangOpts().getGC() == LangOptions::NonGC)
2188  return;
2189 
2190  if (isa<ObjCIvarRefExpr>(E)) {
2191  QualType ExpTy = E->getType();
2192  if (IsMemberAccess && ExpTy->isPointerType()) {
2193  // If ivar is a structure pointer, assigning to field of
2194  // this struct follows gcc's behavior and makes it a non-ivar
2195  // writer-barrier conservatively.
2196  ExpTy = ExpTy->getAs<PointerType>()->getPointeeType();
2197  if (ExpTy->isRecordType()) {
2198  LV.setObjCIvar(false);
2199  return;
2200  }
2201  }
2202  LV.setObjCIvar(true);
2203  auto *Exp = cast<ObjCIvarRefExpr>(const_cast<Expr *>(E));
2204  LV.setBaseIvarExp(Exp->getBase());
2205  LV.setObjCArray(E->getType()->isArrayType());
2206  return;
2207  }
2208 
2209  if (const auto *Exp = dyn_cast<DeclRefExpr>(E)) {
2210  if (const auto *VD = dyn_cast<VarDecl>(Exp->getDecl())) {
2211  if (VD->hasGlobalStorage()) {
2212  LV.setGlobalObjCRef(true);
2213  LV.setThreadLocalRef(VD->getTLSKind() != VarDecl::TLS_None);
2214  }
2215  }
2216  LV.setObjCArray(E->getType()->isArrayType());
2217  return;
2218  }
2219 
2220  if (const auto *Exp = dyn_cast<UnaryOperator>(E)) {
2221  setObjCGCLValueClass(Ctx, Exp->getSubExpr(), LV, IsMemberAccess);
2222  return;
2223  }
2224 
2225  if (const auto *Exp = dyn_cast<ParenExpr>(E)) {
2226  setObjCGCLValueClass(Ctx, Exp->getSubExpr(), LV, IsMemberAccess);
2227  if (LV.isObjCIvar()) {
2228  // If cast is to a structure pointer, follow gcc's behavior and make it
2229  // a non-ivar write-barrier.
2230  QualType ExpTy = E->getType();
2231  if (ExpTy->isPointerType())
2232  ExpTy = ExpTy->getAs<PointerType>()->getPointeeType();
2233  if (ExpTy->isRecordType())
2234  LV.setObjCIvar(false);
2235  }
2236  return;
2237  }
2238 
2239  if (const auto *Exp = dyn_cast<GenericSelectionExpr>(E)) {
2240  setObjCGCLValueClass(Ctx, Exp->getResultExpr(), LV);
2241  return;
2242  }
2243 
2244  if (const auto *Exp = dyn_cast<ImplicitCastExpr>(E)) {
2245  setObjCGCLValueClass(Ctx, Exp->getSubExpr(), LV, IsMemberAccess);
2246  return;
2247  }
2248 
2249  if (const auto *Exp = dyn_cast<CStyleCastExpr>(E)) {
2250  setObjCGCLValueClass(Ctx, Exp->getSubExpr(), LV, IsMemberAccess);
2251  return;
2252  }
2253 
2254  if (const auto *Exp = dyn_cast<ObjCBridgedCastExpr>(E)) {
2255  setObjCGCLValueClass(Ctx, Exp->getSubExpr(), LV, IsMemberAccess);
2256  return;
2257  }
2258 
2259  if (const auto *Exp = dyn_cast<ArraySubscriptExpr>(E)) {
2260  setObjCGCLValueClass(Ctx, Exp->getBase(), LV);
2261  if (LV.isObjCIvar() && !LV.isObjCArray())
2262  // Using array syntax to assigning to what an ivar points to is not
2263  // same as assigning to the ivar itself. {id *Names;} Names[i] = 0;
2264  LV.setObjCIvar(false);
2265  else if (LV.isGlobalObjCRef() && !LV.isObjCArray())
2266  // Using array syntax to assigning to what global points to is not
2267  // same as assigning to the global itself. {id *G;} G[i] = 0;
2268  LV.setGlobalObjCRef(false);
2269  return;
2270  }
2271 
2272  if (const auto *Exp = dyn_cast<MemberExpr>(E)) {
2273  setObjCGCLValueClass(Ctx, Exp->getBase(), LV, true);
2274  // We don't know if member is an 'ivar', but this flag is looked at
2275  // only in the context of LV.isObjCIvar().
2276  LV.setObjCArray(E->getType()->isArrayType());
2277  return;
2278  }
2279 }
2280 
2281 static llvm::Value *
2282 EmitBitCastOfLValueToProperType(CodeGenFunction &CGF,
2283  llvm::Value *V, llvm::Type *IRType,
2284  StringRef Name = StringRef()) {
2285  unsigned AS = cast<llvm::PointerType>(V->getType())->getAddressSpace();
2286  return CGF.Builder.CreateBitCast(V, IRType->getPointerTo(AS), Name);
2287 }
2288 
2289 static LValue EmitThreadPrivateVarDeclLValue(
2290  CodeGenFunction &CGF, const VarDecl *VD, QualType T, Address Addr,
2291  llvm::Type *RealVarTy, SourceLocation Loc) {
2292  Addr = CGF.CGM.getOpenMPRuntime().getAddrOfThreadPrivate(CGF, VD, Addr, Loc);
2293  Addr = CGF.Builder.CreateElementBitCast(Addr, RealVarTy);
2294  return CGF.MakeAddrLValue(Addr, T, AlignmentSource::Decl);
2295 }
2296 
2297 static Address emitDeclTargetLinkVarDeclLValue(CodeGenFunction &CGF,
2298  const VarDecl *VD, QualType T) {
2299  llvm::Optional<OMPDeclareTargetDeclAttr::MapTypeTy> Res =
2300  OMPDeclareTargetDeclAttr::isDeclareTargetDeclaration(VD);
2301  if (!Res || *Res == OMPDeclareTargetDeclAttr::MT_To)
2302  return Address::invalid();
2303  assert(*Res == OMPDeclareTargetDeclAttr::MT_Link && "Expected link clause");
2304  QualType PtrTy = CGF.getContext().getPointerType(VD->getType());
2305  Address Addr = CGF.CGM.getOpenMPRuntime().getAddrOfDeclareTargetLink(VD);
2306  return CGF.EmitLoadOfPointer(Addr, PtrTy->castAs<PointerType>());
2307 }
2308 
2309 Address
2310 CodeGenFunction::EmitLoadOfReference(LValue RefLVal,
2311  LValueBaseInfo *PointeeBaseInfo,
2312  TBAAAccessInfo *PointeeTBAAInfo) {
2313  llvm::LoadInst *Load = Builder.CreateLoad(RefLVal.getAddress(),
2314  RefLVal.isVolatile());
2315  CGM.DecorateInstructionWithTBAA(Load, RefLVal.getTBAAInfo());
2316 
2317  CharUnits Align = getNaturalTypeAlignment(RefLVal.getType()->getPointeeType(),
2318  PointeeBaseInfo, PointeeTBAAInfo,
2319  /* forPointeeType= */ true);
2320  return Address(Load, Align);
2321 }
2322 
2323 LValue CodeGenFunction::EmitLoadOfReferenceLValue(LValue RefLVal) {
2324  LValueBaseInfo PointeeBaseInfo;
2325  TBAAAccessInfo PointeeTBAAInfo;
2326  Address PointeeAddr = EmitLoadOfReference(RefLVal, &PointeeBaseInfo,
2327  &PointeeTBAAInfo);
2328  return MakeAddrLValue(PointeeAddr, RefLVal.getType()->getPointeeType(),
2329  PointeeBaseInfo, PointeeTBAAInfo);
2330 }
2331 
2332 Address CodeGenFunction::EmitLoadOfPointer(Address Ptr,
2333  const PointerType *PtrTy,
2334  LValueBaseInfo *BaseInfo,
2335  TBAAAccessInfo *TBAAInfo) {
2336  llvm::Value *Addr = Builder.CreateLoad(Ptr);
2337  return Address(Addr, getNaturalTypeAlignment(PtrTy->getPointeeType(),
2338  BaseInfo, TBAAInfo,
2339  /*forPointeeType=*/true));
2340 }
2341 
2342 LValue CodeGenFunction::EmitLoadOfPointerLValue(Address PtrAddr,
2343  const PointerType *PtrTy) {
2344  LValueBaseInfo BaseInfo;
2345  TBAAAccessInfo TBAAInfo;
2346  Address Addr = EmitLoadOfPointer(PtrAddr, PtrTy, &BaseInfo, &TBAAInfo);
2347  return MakeAddrLValue(Addr, PtrTy->getPointeeType(), BaseInfo, TBAAInfo);
2348 }
2349 
2350 static LValue EmitGlobalVarDeclLValue(CodeGenFunction &CGF,
2351  const Expr *E, const VarDecl *VD) {
2352  QualType T = E->getType();
2353 
2354  // If it's thread_local, emit a call to its wrapper function instead.
2355  if (VD->getTLSKind() == VarDecl::TLS_Dynamic &&
2356  CGF.CGM.getCXXABI().usesThreadWrapperFunction())
2357  return CGF.CGM.getCXXABI().EmitThreadLocalVarDeclLValue(CGF, VD, T);
2358  // Check if the variable is marked as declare target with link clause in
2359  // device codegen.
2360  if (CGF.getLangOpts().OpenMPIsDevice) {
2361  Address Addr = emitDeclTargetLinkVarDeclLValue(CGF, VD, T);
2362  if (Addr.isValid())
2363  return CGF.MakeAddrLValue(Addr, T, AlignmentSource::Decl);
2364  }
2365 
2366  llvm::Value *V = CGF.CGM.GetAddrOfGlobalVar(VD);
2367  llvm::Type *RealVarTy = CGF.getTypes().ConvertTypeForMem(VD->getType());
2368  V = EmitBitCastOfLValueToProperType(CGF, V, RealVarTy);
2369  CharUnits Alignment = CGF.getContext().getDeclAlign(VD);
2370  Address Addr(V, Alignment);
2371  // Emit reference to the private copy of the variable if it is an OpenMP
2372  // threadprivate variable.
2373  if (CGF.getLangOpts().OpenMP && !CGF.getLangOpts().OpenMPSimd &&
2374  VD->hasAttr<OMPThreadPrivateDeclAttr>()) {
2375  return EmitThreadPrivateVarDeclLValue(CGF, VD, T, Addr, RealVarTy,
2376  E->getExprLoc());
2377  }
2378  LValue LV = VD->getType()->isReferenceType() ?
2379  CGF.EmitLoadOfReferenceLValue(Addr, VD->getType(),
2380  AlignmentSource::Decl) :
2381  CGF.MakeAddrLValue(Addr, T, AlignmentSource::Decl);
2382  setObjCGCLValueClass(CGF.getContext(), E, LV);
2383  return LV;
2384 }
2385 
2386 static llvm::Constant *EmitFunctionDeclPointer(CodeGenModule &CGM,
2387  const FunctionDecl *FD) {
2388  if (FD->hasAttr<WeakRefAttr>()) {
2389  ConstantAddress aliasee = CGM.GetWeakRefReference(FD);
2390  return aliasee.getPointer();
2391  }
2392 
2393  llvm::Constant *V = CGM.GetAddrOfFunction(FD);
2394  if (!FD->hasPrototype()) {
2395  if (const FunctionProtoType *Proto =
2396  FD->getType()->getAs<FunctionProtoType>()) {
2397  // Ugly case: for a K&R-style definition, the type of the definition
2398  // isn't the same as the type of a use. Correct for this with a
2399  // bitcast.
2400  QualType NoProtoType =
2401  CGM.getContext().getFunctionNoProtoType(Proto->getReturnType());
2402  NoProtoType = CGM.getContext().getPointerType(NoProtoType);
2403  V = llvm::ConstantExpr::getBitCast(V,
2404  CGM.getTypes().ConvertType(NoProtoType));
2405  }
2406  }
2407  return V;
2408 }
2409 
2410 static LValue EmitFunctionDeclLValue(CodeGenFunction &CGF,
2411  const Expr *E, const FunctionDecl *FD) {
2412  llvm::Value *V = EmitFunctionDeclPointer(CGF.CGM, FD);
2413  CharUnits Alignment = CGF.getContext().getDeclAlign(FD);
2414  return CGF.MakeAddrLValue(V, E->getType(), Alignment,
2415  AlignmentSource::Decl);
2416 }
2417 
2418 static LValue EmitCapturedFieldLValue(CodeGenFunction &CGF, const FieldDecl *FD,
2419  llvm::Value *ThisValue) {
2420  QualType TagType = CGF.getContext().getTagDeclType(FD->getParent());
2421  LValue LV = CGF.MakeNaturalAlignAddrLValue(ThisValue, TagType);
2422  return CGF.EmitLValueForField(LV, FD);
2423 }
2424 
2425 /// Named Registers are named metadata pointing to the register name
2426 /// which will be read from/written to as an argument to the intrinsic
2427 /// @llvm.read/write_register.
2428 /// So far, only the name is being passed down, but other options such as
2429 /// register type, allocation type or even optimization options could be
2430 /// passed down via the metadata node.
2431 static LValue EmitGlobalNamedRegister(const VarDecl *VD, CodeGenModule &CGM) {
2432  SmallString<64> Name("llvm.named.register.");
2433  AsmLabelAttr *Asm = VD->getAttr<AsmLabelAttr>();
2434  assert(Asm->getLabel().size() < 64-Name.size() &&
2435  "Register name too big");
2436  Name.append(Asm->getLabel());
2437  llvm::NamedMDNode *M =
2438  CGM.getModule().getOrInsertNamedMetadata(Name);
2439  if (M->getNumOperands() == 0) {
2440  llvm::MDString *Str = llvm::MDString::get(CGM.getLLVMContext(),
2441  Asm->getLabel());
2442  llvm::Metadata *Ops[] = {Str};
2443  M->addOperand(llvm::MDNode::get(CGM.getLLVMContext(), Ops));
2444  }
2445 
2446  CharUnits Alignment = CGM.getContext().getDeclAlign(VD);
2447 
2448  llvm::Value *Ptr =
2449  llvm::MetadataAsValue::get(CGM.getLLVMContext(), M->getOperand(0));
2450  return LValue::MakeGlobalReg(Address(Ptr, Alignment), VD->getType());
2451 }
2452 
2453 LValue CodeGenFunction::EmitDeclRefLValue(const DeclRefExpr *E) {
2454  const NamedDecl *ND = E->getDecl();
2455  QualType T = E->getType();
2456 
2457  if (const auto *VD = dyn_cast<VarDecl>(ND)) {
2458  // Global Named registers access via intrinsics only
2459  if (VD->getStorageClass() == SC_Register &&
2460  VD->hasAttr<AsmLabelAttr>() && !VD->isLocalVarDecl())
2461  return EmitGlobalNamedRegister(VD, CGM);
2462 
2463  // A DeclRefExpr for a reference initialized by a constant expression can
2464  // appear without being odr-used. Directly emit the constant initializer.
2465  const Expr *Init = VD->getAnyInitializer(VD);
2466  const auto *BD = dyn_cast_or_null<BlockDecl>(CurCodeDecl);
2467  if (Init && !isa<ParmVarDecl>(VD) && VD->getType()->isReferenceType() &&
2468  VD->isUsableInConstantExpressions(getContext()) &&
2469  VD->checkInitIsICE() &&
2470  // Do not emit if it is private OpenMP variable.
2471  !(E->refersToEnclosingVariableOrCapture() &&
2472  ((CapturedStmtInfo &&
2473  (LocalDeclMap.count(VD->getCanonicalDecl()) ||
2474  CapturedStmtInfo->lookup(VD->getCanonicalDecl()))) ||
2475  LambdaCaptureFields.lookup(VD->getCanonicalDecl()) ||
2476  (BD && BD->capturesVariable(VD))))) {
2477  llvm::Constant *Val =
2478  ConstantEmitter(*this).emitAbstract(E->getLocation(),
2479  *VD->evaluateValue(),
2480  VD->getType());
2481  assert(Val && "failed to emit reference constant expression");
2482  // FIXME: Eventually we will want to emit vector element references.
2483 
2484  // Should we be using the alignment of the constant pointer we emitted?
2485  CharUnits Alignment = getNaturalTypeAlignment(E->getType(),
2486  /* BaseInfo= */ nullptr,
2487  /* TBAAInfo= */ nullptr,
2488  /* forPointeeType= */ true);
2489  return MakeAddrLValue(Address(Val, Alignment), T, AlignmentSource::Decl);
2490  }
2491 
2492  // Check for captured variables.
2493  if (E->refersToEnclosingVariableOrCapture()) {
2494  VD = VD->getCanonicalDecl();
2495  if (auto *FD = LambdaCaptureFields.lookup(VD))
2496  return EmitCapturedFieldLValue(*this, FD, CXXABIThisValue);
2497  else if (CapturedStmtInfo) {
2498  auto I = LocalDeclMap.find(VD);
2499  if (I != LocalDeclMap.end()) {
2500  if (VD->getType()->isReferenceType())
2501  return EmitLoadOfReferenceLValue(I->second, VD->getType(),
2502  AlignmentSource::Decl);
2503  return MakeAddrLValue(I->second, T);
2504  }
2505  LValue CapLVal =
2506  EmitCapturedFieldLValue(*this, CapturedStmtInfo->lookup(VD),
2507  CapturedStmtInfo->getContextValue());
2508  return MakeAddrLValue(
2509  Address(CapLVal.getPointer(), getContext().getDeclAlign(VD)),
2510  CapLVal.getType(), LValueBaseInfo(AlignmentSource::Decl),
2511  CapLVal.getTBAAInfo());
2512  }
2513 
2514  assert(isa<BlockDecl>(CurCodeDecl));
2515  Address addr = GetAddrOfBlockDecl(VD);
2516  return MakeAddrLValue(addr, T, AlignmentSource::Decl);
2517  }
2518  }
2519 
2520  // FIXME: We should be able to assert this for FunctionDecls as well!
2521  // FIXME: We should be able to assert this for all DeclRefExprs, not just
2522  // those with a valid source location.
2523  assert((ND->isUsed(false) || !isa<VarDecl>(ND) ||
2524  !E->getLocation().isValid()) &&
2525  "Should not use decl without marking it used!");
2526 
2527  if (ND->hasAttr<WeakRefAttr>()) {
2528  const auto *VD = cast<ValueDecl>(ND);
2529  ConstantAddress Aliasee = CGM.GetWeakRefReference(VD);
2530  return MakeAddrLValue(Aliasee, T, AlignmentSource::Decl);
2531  }
2532 
2533  if (const auto *VD = dyn_cast<VarDecl>(ND)) {
2534  // Check if this is a global variable.
2535  if (VD->hasLinkage() || VD->isStaticDataMember())
2536  return EmitGlobalVarDeclLValue(*this, E, VD);
2537 
2538  Address addr = Address::invalid();
2539 
2540  // The variable should generally be present in the local decl map.
2541  auto iter = LocalDeclMap.find(VD);
2542  if (iter != LocalDeclMap.end()) {
2543  addr = iter->second;
2544 
2545  // Otherwise, it might be static local we haven't emitted yet for
2546  // some reason; most likely, because it's in an outer function.
2547  } else if (VD->isStaticLocal()) {
2548  addr = Address(CGM.getOrCreateStaticVarDecl(
2549  *VD, CGM.getLLVMLinkageVarDefinition(VD, /*isConstant=*/false)),
2550  getContext().getDeclAlign(VD));
2551 
2552  // No other cases for now.
2553  } else {
2554  llvm_unreachable("DeclRefExpr for Decl not entered in LocalDeclMap?");
2555  }
2556 
2557 
2558  // Check for OpenMP threadprivate variables.
2559  if (getLangOpts().OpenMP && !getLangOpts().OpenMPSimd &&
2560  VD->hasAttr<OMPThreadPrivateDeclAttr>()) {
2561  return EmitThreadPrivateVarDeclLValue(
2562  *this, VD, T, addr, getTypes().ConvertTypeForMem(VD->getType()),
2563  E->getExprLoc());
2564  }
2565 
2566  // Drill into block byref variables.
2567  bool isBlockByref = VD->isEscapingByref();
2568  if (isBlockByref) {
2569  addr = emitBlockByrefAddress(addr, VD);
2570  }
2571 
2572  // Drill into reference types.
2573  LValue LV = VD->getType()->isReferenceType() ?
2574  EmitLoadOfReferenceLValue(addr, VD->getType(), AlignmentSource::Decl) :
2575  MakeAddrLValue(addr, T, AlignmentSource::Decl);
2576 
2577  bool isLocalStorage = VD->hasLocalStorage();
2578 
2579  bool NonGCable = isLocalStorage &&
2580  !VD->getType()->isReferenceType() &&
2581  !isBlockByref;
2582  if (NonGCable) {
2583  LV.getQuals().removeObjCGCAttr();
2584  LV.setNonGC(true);
2585  }
2586 
2587  bool isImpreciseLifetime =
2588  (isLocalStorage && !VD->hasAttr<ObjCPreciseLifetimeAttr>());
2589  if (isImpreciseLifetime)
2590  LV.setARCPreciseLifetime(ARCImpreciseLifetime);
2591  setObjCGCLValueClass(getContext(), E, LV);
2592  return LV;
2593  }
2594 
2595  if (const auto *FD = dyn_cast<FunctionDecl>(ND))
2596  return EmitFunctionDeclLValue(*this, E, FD);
2597 
2598  // FIXME: While we're emitting a binding from an enclosing scope, all other
2599  // DeclRefExprs we see should be implicitly treated as if they also refer to
2600  // an enclosing scope.
2601  if (const auto *BD = dyn_cast<BindingDecl>(ND))
2602  return EmitLValue(BD->getBinding());
2603 
2604  llvm_unreachable("Unhandled DeclRefExpr");
2605 }
2606 
2607 LValue CodeGenFunction::EmitUnaryOpLValue(const UnaryOperator *E) {
2608  // __extension__ doesn't affect lvalue-ness.
2609  if (E->getOpcode() == UO_Extension)
2610  return EmitLValue(E->getSubExpr());
2611 
2612  QualType ExprTy = getContext().getCanonicalType(E->getSubExpr()->getType());
2613  switch (E->getOpcode()) {
2614  default: llvm_unreachable("Unknown unary operator lvalue!");
2615  case UO_Deref: {
2616  QualType T = E->getSubExpr()->getType()->getPointeeType();
2617  assert(!T.isNull() && "CodeGenFunction::EmitUnaryOpLValue: Illegal type");
2618 
2619  LValueBaseInfo BaseInfo;
2620  TBAAAccessInfo TBAAInfo;
2621  Address Addr = EmitPointerWithAlignment(E->getSubExpr(), &BaseInfo,
2622  &TBAAInfo);
2623  LValue LV = MakeAddrLValue(Addr, T, BaseInfo, TBAAInfo);
2624  LV.getQuals().setAddressSpace(ExprTy.getAddressSpace());
2625 
2626  // We should not generate __weak write barrier on indirect reference
2627  // of a pointer to object; as in void foo (__weak id *param); *param = 0;
2628  // But, we continue to generate __strong write barrier on indirect write
2629  // into a pointer to object.
2630  if (getLangOpts().ObjC &&
2631  getLangOpts().getGC() != LangOptions::NonGC &&
2632  LV.isObjCWeak())
2633  LV.setNonGC(!E->isOBJCGCCandidate(getContext()));
2634  return LV;
2635  }
2636  case UO_Real:
2637  case UO_Imag: {
2638  LValue LV = EmitLValue(E->getSubExpr());
2639  assert(LV.isSimple() && "real/imag on non-ordinary l-value");
2640 
2641  // __real is valid on scalars. This is a faster way of testing that.
2642  // __imag can only produce an rvalue on scalars.
2643  if (E->getOpcode() == UO_Real &&
2644  !LV.getAddress().getElementType()->isStructTy()) {
2645  assert(E->getSubExpr()->getType()->isArithmeticType());
2646  return LV;
2647  }
2648 
2649  QualType T = ExprTy->castAs<ComplexType>()->getElementType();
2650 
2651  Address Component =
2652  (E->getOpcode() == UO_Real
2653  ? emitAddrOfRealComponent(LV.getAddress(), LV.getType())
2654  : emitAddrOfImagComponent(LV.getAddress(), LV.getType()));
2655  LValue ElemLV = MakeAddrLValue(Component, T, LV.getBaseInfo(),
2656  CGM.getTBAAInfoForSubobject(LV, T));
2657  ElemLV.getQuals().addQualifiers(LV.getQuals());
2658  return ElemLV;
2659  }
2660  case UO_PreInc:
2661  case UO_PreDec: {
2662  LValue LV = EmitLValue(E->getSubExpr());
2663  bool isInc = E->getOpcode() == UO_PreInc;
2664 
2665  if (E->getType()->isAnyComplexType())
2666  EmitComplexPrePostIncDec(E, LV, isInc, true/*isPre*/);
2667  else
2668  EmitScalarPrePostIncDec(E, LV, isInc, true/*isPre*/);
2669  return LV;
2670  }
2671  }
2672 }
2673 
2674 LValue CodeGenFunction::EmitStringLiteralLValue(const StringLiteral *E) {
2675  return MakeAddrLValue(CGM.GetAddrOfConstantStringFromLiteral(E),
2676  E->getType(), AlignmentSource::Decl);
2677 }
2678 
2679 LValue CodeGenFunction::EmitObjCEncodeExprLValue(const ObjCEncodeExpr *E) {
2680  return MakeAddrLValue(CGM.GetAddrOfConstantStringFromObjCEncode(E),
2681  E->getType(), AlignmentSource::Decl);
2682 }
2683 
2684 LValue CodeGenFunction::EmitPredefinedLValue(const PredefinedExpr *E) {
2685  auto SL = E->getFunctionName();
2686  assert(SL != nullptr && "No StringLiteral name in PredefinedExpr");
2687  StringRef FnName = CurFn->getName();
2688  if (FnName.startswith("\01"))
2689  FnName = FnName.substr(1);
2690  StringRef NameItems[] = {
2691  PredefinedExpr::getIdentKindName(E->getIdentKind()), FnName};
2692  std::string GVName = llvm::join(NameItems, NameItems + 2, ".");
2693  if (auto *BD = dyn_cast_or_null<BlockDecl>(CurCodeDecl)) {
2694  std::string Name = SL->getString();
2695  if (!Name.empty()) {
2696  unsigned Discriminator =
2697  CGM.getCXXABI().getMangleContext().getBlockId(BD, true);
2698  if (Discriminator)
2699  Name += "_" + Twine(Discriminator + 1).str();
2700  auto C = CGM.GetAddrOfConstantCString(Name, GVName.c_str());
2701  return MakeAddrLValue(C, E->getType(), AlignmentSource::Decl);
2702  } else {
2703  auto C = CGM.GetAddrOfConstantCString(FnName, GVName.c_str());
2704  return MakeAddrLValue(C, E->getType(), AlignmentSource::Decl);
2705  }
2706  }
2707  auto C = CGM.GetAddrOfConstantStringFromLiteral(SL, GVName);
2708  return MakeAddrLValue(C, E->getType(), AlignmentSource::Decl);
2709 }
2710 
2711 /// Emit a type description suitable for use by a runtime sanitizer library. The
2712 /// format of a type descriptor is
2713 ///
2714 /// \code
2715 /// { i16 TypeKind, i16 TypeInfo }
2716 /// \endcode
2717 ///
2718 /// followed by an array of i8 containing the type name. TypeKind is 0 for an
2719 /// integer, 1 for a floating point value, and -1 for anything else.
2720 llvm::Constant *CodeGenFunction::EmitCheckTypeDescriptor(QualType T) {
2721  // Only emit each type's descriptor once.
2722  if (llvm::Constant *C = CGM.getTypeDescriptorFromMap(T))
2723  return C;
2724 
2725  uint16_t TypeKind = -1;
2726  uint16_t TypeInfo = 0;
2727 
2728  if (T->isIntegerType()) {
2729  TypeKind = 0;
2730  TypeInfo = (llvm::Log2_32(getContext().getTypeSize(T)) << 1) |
2731  (T->isSignedIntegerType() ? 1 : 0);
2732  } else if (T->isFloatingType()) {
2733  TypeKind = 1;
2734  TypeInfo = getContext().getTypeSize(T);
2735  }
2736 
2737  // Format the type name as if for a diagnostic, including quotes and
2738  // optionally an 'aka'.
2739  SmallString<32> Buffer;
2740  CGM.getDiags().ConvertArgToString(DiagnosticsEngine::ak_qualtype,
2741  (intptr_t)T.getAsOpaquePtr(),
2742  StringRef(), StringRef(), None, Buffer,
2743  None);
2744 
2745  llvm::Constant *Components[] = {
2746  Builder.getInt16(TypeKind), Builder.getInt16(TypeInfo),
2747  llvm::ConstantDataArray::getString(getLLVMContext(), Buffer)
2748  };
2749  llvm::Constant *Descriptor = llvm::ConstantStruct::getAnon(Components);
2750 
2751  auto *GV = new llvm::GlobalVariable(
2752  CGM.getModule(), Descriptor->getType(),
2753  /*isConstant=*/true, llvm::GlobalVariable::PrivateLinkage, Descriptor);
2754  GV->setUnnamedAddr(llvm::GlobalValue::UnnamedAddr::Global);
2755  CGM.getSanitizerMetadata()->disableSanitizerForGlobal(GV);
2756 
2757  // Remember the descriptor for this type.
2758  CGM.setTypeDescriptorInMap(T, GV);
2759 
2760  return GV;
2761 }
2762 
2763 llvm::Value *CodeGenFunction::EmitCheckValue(llvm::Value *V) {
2764  llvm::Type *TargetTy = IntPtrTy;
2765 
2766  if (V->getType() == TargetTy)
2767  return V;
2768 
2769  // Floating-point types which fit into intptr_t are bitcast to integers
2770  // and then passed directly (after zero-extension, if necessary).
2771  if (V->getType()->isFloatingPointTy()) {
2772  unsigned Bits = V->getType()->getPrimitiveSizeInBits();
2773  if (Bits <= TargetTy->getIntegerBitWidth())
2774  V = Builder.CreateBitCast(V, llvm::Type::getIntNTy(getLLVMContext(),
2775  Bits));
2776  }
2777 
2778  // Integers which fit in intptr_t are zero-extended and passed directly.
2779  if (V->getType()->isIntegerTy() &&
2780  V->getType()->getIntegerBitWidth() <= TargetTy->getIntegerBitWidth())
2781  return Builder.CreateZExt(V, TargetTy);
2782 
2783  // Pointers are passed directly, everything else is passed by address.
2784  if (!V->getType()->isPointerTy()) {
2785  Address Ptr = CreateDefaultAlignTempAlloca(V->getType());
2786  Builder.CreateStore(V, Ptr);
2787  V = Ptr.getPointer();
2788  }
2789  return Builder.CreatePtrToInt(V, TargetTy);
2790 }
2791 
2792 /// Emit a representation of a SourceLocation for passing to a handler
2793 /// in a sanitizer runtime library. The format for this data is:
2794 /// \code
2795 /// struct SourceLocation {
2796 /// const char *Filename;
2797 /// int32_t Line, Column;
2798 /// };
2799 /// \endcode
2800 /// For an invalid SourceLocation, the Filename pointer is null.
2801 llvm::Constant *CodeGenFunction::EmitCheckSourceLocation(SourceLocation Loc) {
2802  llvm::Constant *Filename;
2803  int Line, Column;
2804 
2805  PresumedLoc PLoc = getContext().getSourceManager().getPresumedLoc(Loc);
2806  if (PLoc.isValid()) {
2807  StringRef FilenameString = PLoc.getFilename();
2808 
2809  int PathComponentsToStrip =
2810  CGM.getCodeGenOpts().EmitCheckPathComponentsToStrip;
2811  if (PathComponentsToStrip < 0) {
2812  assert(PathComponentsToStrip != INT_MIN);
2813  int PathComponentsToKeep = -PathComponentsToStrip;
2814  auto I = llvm::sys::path::rbegin(FilenameString);
2815  auto E = llvm::sys::path::rend(FilenameString);
2816  while (I != E && --PathComponentsToKeep)
2817  ++I;
2818 
2819  FilenameString = FilenameString.substr(I - E);
2820  } else if (PathComponentsToStrip > 0) {
2821  auto I = llvm::sys::path::begin(FilenameString);
2822  auto E = llvm::sys::path::end(FilenameString);
2823  while (I != E && PathComponentsToStrip--)
2824  ++I;
2825 
2826  if (I != E)
2827  FilenameString =
2828  FilenameString.substr(I - llvm::sys::path::begin(FilenameString));
2829  else
2830  FilenameString = llvm::sys::path::filename(FilenameString);
2831  }
2832 
2833  auto FilenameGV = CGM.GetAddrOfConstantCString(FilenameString, ".src");
2834  CGM.getSanitizerMetadata()->disableSanitizerForGlobal(
2835  cast<llvm::GlobalVariable>(FilenameGV.getPointer()));
2836  Filename = FilenameGV.getPointer();
2837  Line = PLoc.getLine();
2838  Column = PLoc.getColumn();
2839  } else {
2840  Filename = llvm::Constant::getNullValue(Int8PtrTy);
2841  Line = Column = 0;
2842  }
2843 
2844  llvm::Constant *Data[] = {Filename, Builder.getInt32(Line),
2845  Builder.getInt32(Column)};
2846 
2847  return llvm::ConstantStruct::getAnon(Data);
2848 }
2849 
2850 namespace {
2851 /// Specify under what conditions this check can be recovered
2852 enum class CheckRecoverableKind {
2853  /// Always terminate program execution if this check fails.
2854  Unrecoverable,
2855  /// Check supports recovering, runtime has both fatal (noreturn) and
2856  /// non-fatal handlers for this check.
2857  Recoverable,
2858  /// Runtime conditionally aborts, always need to support recovery.
2859  AlwaysRecoverable
2860 };
2861 }
2862 
2863 static CheckRecoverableKind getRecoverableKind(SanitizerMask Kind) {
2864  assert(Kind.countPopulation() == 1);
2865  if (Kind == SanitizerKind::Vptr)
2866  return CheckRecoverableKind::AlwaysRecoverable;
2867  else if (Kind == SanitizerKind::Return || Kind == SanitizerKind::Unreachable)
2868  return CheckRecoverableKind::Unrecoverable;
2869  else
2870  return CheckRecoverableKind::Recoverable;
2871 }
2872 
2873 namespace {
2874 struct SanitizerHandlerInfo {
2875  char const *const Name;
2876  unsigned Version;
2877 };
2878 }
2879 
2880 const SanitizerHandlerInfo SanitizerHandlers[] = {
2881 #define SANITIZER_CHECK(Enum, Name, Version) {#Name, Version},
2882  LIST_SANITIZER_CHECKS
2883 #undef SANITIZER_CHECK
2884 };
2885 
2886 static void emitCheckHandlerCall(CodeGenFunction &CGF,
2887  llvm::FunctionType *FnType,
2888  ArrayRef<llvm::Value *> FnArgs,
2889  SanitizerHandler CheckHandler,
2890  CheckRecoverableKind RecoverKind, bool IsFatal,
2891  llvm::BasicBlock *ContBB) {
2892  assert(IsFatal || RecoverKind != CheckRecoverableKind::Unrecoverable);
2893  Optional<ApplyDebugLocation> DL;
2894  if (!CGF.Builder.getCurrentDebugLocation()) {
2895  // Ensure that the call has at least an artificial debug location.
2896  DL.emplace(CGF, SourceLocation());
2897  }
2898  bool NeedsAbortSuffix =
2899  IsFatal && RecoverKind != CheckRecoverableKind::Unrecoverable;
2900  bool MinimalRuntime = CGF.CGM.getCodeGenOpts().SanitizeMinimalRuntime;
2901  const SanitizerHandlerInfo &CheckInfo = SanitizerHandlers[CheckHandler];
2902  const StringRef CheckName = CheckInfo.Name;
2903  std::string FnName = "__ubsan_handle_" + CheckName.str();
2904  if (CheckInfo.Version && !MinimalRuntime)
2905  FnName += "_v" + llvm::utostr(CheckInfo.Version);
2906  if (MinimalRuntime)
2907  FnName += "_minimal";
2908  if (NeedsAbortSuffix)
2909  FnName += "_abort";
2910  bool MayReturn =
2911  !IsFatal || RecoverKind == CheckRecoverableKind::AlwaysRecoverable;
2912 
2913  llvm::AttrBuilder B;
2914  if (!MayReturn) {
2915  B.addAttribute(llvm::Attribute::NoReturn)
2916  .addAttribute(llvm::Attribute::NoUnwind);
2917  }
2918  B.addAttribute(llvm::Attribute::UWTable);
2919 
2920  llvm::FunctionCallee Fn = CGF.CGM.CreateRuntimeFunction(
2921  FnType, FnName,
2922  llvm::AttributeList::get(CGF.getLLVMContext(),
2923  llvm::AttributeList::FunctionIndex, B),
2924  /*Local=*/true);
2925  llvm::CallInst *HandlerCall = CGF.EmitNounwindRuntimeCall(Fn, FnArgs);
2926  if (!MayReturn) {
2927  HandlerCall->setDoesNotReturn();
2928  CGF.Builder.CreateUnreachable();
2929  } else {
2930  CGF.Builder.CreateBr(ContBB);
2931  }
2932 }
2933 
2934 void CodeGenFunction::EmitCheck(
2935  ArrayRef<std::pair<llvm::Value *, SanitizerMask>> Checked,
2936  SanitizerHandler CheckHandler, ArrayRef<llvm::Constant *> StaticArgs,
2937  ArrayRef<llvm::Value *> DynamicArgs) {
2938  assert(IsSanitizerScope);
2939  assert(Checked.size() > 0);
2940  assert(CheckHandler >= 0 &&
2941  size_t(CheckHandler) < llvm::array_lengthof(SanitizerHandlers));
2942  const StringRef CheckName = SanitizerHandlers[CheckHandler].Name;
2943 
2944  llvm::Value *FatalCond = nullptr;
2945  llvm::Value *RecoverableCond = nullptr;
2946  llvm::Value *TrapCond = nullptr;
2947  for (int i = 0, n = Checked.size(); i < n; ++i) {
2948  llvm::Value *Check = Checked[i].first;
2949  // -fsanitize-trap= overrides -fsanitize-recover=.
2950  llvm::Value *&Cond =
2951  CGM.getCodeGenOpts().SanitizeTrap.has(Checked[i].second)
2952  ? TrapCond
2953  : CGM.getCodeGenOpts().SanitizeRecover.has(Checked[i].second)
2954  ? RecoverableCond
2955  : FatalCond;
2956  Cond = Cond ? Builder.CreateAnd(Cond, Check) : Check;
2957  }
2958 
2959  if (TrapCond)
2960  EmitTrapCheck(TrapCond);
2961  if (!FatalCond && !RecoverableCond)
2962  return;
2963 
2964  llvm::Value *JointCond;
2965  if (FatalCond && RecoverableCond)
2966  JointCond = Builder.CreateAnd(FatalCond, RecoverableCond);
2967  else
2968  JointCond = FatalCond ? FatalCond : RecoverableCond;
2969  assert(JointCond);
2970 
2971  CheckRecoverableKind RecoverKind = getRecoverableKind(Checked[0].second);
2972  assert(SanOpts.has(Checked[0].second));
2973 #ifndef NDEBUG
2974  for (int i = 1, n = Checked.size(); i < n; ++i) {
2975  assert(RecoverKind == getRecoverableKind(Checked[i].second) &&
2976  "All recoverable kinds in a single check must be same!");
2977  assert(SanOpts.has(Checked[i].second));
2978  }
2979 #endif
2980 
2981  llvm::BasicBlock *Cont = createBasicBlock("cont");
2982  llvm::BasicBlock *Handlers = createBasicBlock("handler." + CheckName);
2983  llvm::Instruction *Branch = Builder.CreateCondBr(JointCond, Cont, Handlers);
2984  // Give hint that we very much don't expect to execute the handler
2985  // Value chosen to match UR_NONTAKEN_WEIGHT, see BranchProbabilityInfo.cpp
2986  llvm::MDBuilder MDHelper(getLLVMContext());
2987  llvm::MDNode *Node = MDHelper.createBranchWeights((1U << 20) - 1, 1);
2988  Branch->setMetadata(llvm::LLVMContext::MD_prof, Node);
2989  EmitBlock(Handlers);
2990 
2991  // Handler functions take an i8* pointing to the (handler-specific) static
2992  // information block, followed by a sequence of intptr_t arguments
2993  // representing operand values.
2994  SmallVector<llvm::Value *, 4> Args;
2995  SmallVector<llvm::Type *, 4> ArgTypes;
2996  if (!CGM.getCodeGenOpts().SanitizeMinimalRuntime) {
2997  Args.reserve(DynamicArgs.size() + 1);
2998  ArgTypes.reserve(DynamicArgs.size() + 1);
2999 
3000  // Emit handler arguments and create handler function type.
3001  if (!StaticArgs.empty()) {
3002  llvm::Constant *Info = llvm::ConstantStruct::getAnon(StaticArgs);
3003  auto *InfoPtr =
3004  new llvm::GlobalVariable(CGM.getModule(), Info->getType(), false,
3005  llvm::GlobalVariable::PrivateLinkage, Info);
3006  InfoPtr->setUnnamedAddr(llvm::GlobalValue::UnnamedAddr::Global);
3007  CGM.getSanitizerMetadata()->disableSanitizerForGlobal(InfoPtr);
3008  Args.push_back(Builder.CreateBitCast(InfoPtr, Int8PtrTy));
3009  ArgTypes.push_back(Int8PtrTy);
3010  }
3011 
3012  for (size_t i = 0, n = DynamicArgs.size(); i != n; ++i) {
3013  Args.push_back(EmitCheckValue(DynamicArgs[i]));
3014  ArgTypes.push_back(IntPtrTy);
3015  }
3016  }
3017 
3018  llvm::FunctionType *FnType =
3019  llvm::FunctionType::get(CGM.VoidTy, ArgTypes, false);
3020 
3021  if (!FatalCond || !RecoverableCond) {
3022  // Simple case: we need to generate a single handler call, either
3023  // fatal, or non-fatal.
3024  emitCheckHandlerCall(*this, FnType, Args, CheckHandler, RecoverKind,
3025  (FatalCond != nullptr), Cont);
3026  } else {
3027  // Emit two handler calls: first one for set of unrecoverable checks,
3028  // another one for recoverable.
3029  llvm::BasicBlock *NonFatalHandlerBB =
3030  createBasicBlock("non_fatal." + CheckName);
3031  llvm::BasicBlock *FatalHandlerBB = createBasicBlock("fatal." + CheckName);
3032  Builder.CreateCondBr(FatalCond, NonFatalHandlerBB, FatalHandlerBB);
3033  EmitBlock(FatalHandlerBB);
3034  emitCheckHandlerCall(*this, FnType, Args, CheckHandler, RecoverKind, true,
3035  NonFatalHandlerBB);
3036  EmitBlock(NonFatalHandlerBB);
3037  emitCheckHandlerCall(*this, FnType, Args, CheckHandler, RecoverKind, false,
3038  Cont);
3039  }
3040 
3041  EmitBlock(Cont);
3042 }
3043 
3044 void CodeGenFunction::EmitCfiSlowPathCheck(
3045  SanitizerMask Kind, llvm::Value *Cond, llvm::ConstantInt *TypeId,
3046  llvm::Value *Ptr, ArrayRef<llvm::Constant *> StaticArgs) {
3047  llvm::BasicBlock *Cont = createBasicBlock("cfi.cont");
3048 
3049  llvm::BasicBlock *CheckBB = createBasicBlock("cfi.slowpath");
3050  llvm::BranchInst *BI = Builder.CreateCondBr(Cond, Cont, CheckBB);
3051 
3052  llvm::MDBuilder MDHelper(getLLVMContext());
3053  llvm::MDNode *Node = MDHelper.createBranchWeights((1U << 20) - 1, 1);
3054  BI->setMetadata(llvm::LLVMContext::MD_prof, Node);
3055 
3056  EmitBlock(CheckBB);
3057 
3058  bool WithDiag = !CGM.getCodeGenOpts().SanitizeTrap.has(Kind);
3059 
3060  llvm::CallInst *CheckCall;
3061  llvm::FunctionCallee SlowPathFn;
3062  if (WithDiag) {
3063  llvm::Constant *Info = llvm::ConstantStruct::getAnon(StaticArgs);
3064  auto *InfoPtr =
3065  new llvm::GlobalVariable(CGM.getModule(), Info->getType(), false,
3066  llvm::GlobalVariable::PrivateLinkage, Info);
3067  InfoPtr->setUnnamedAddr(llvm::GlobalValue::UnnamedAddr::Global);
3068  CGM.getSanitizerMetadata()->disableSanitizerForGlobal(InfoPtr);
3069 
3070  SlowPathFn = CGM.getModule().getOrInsertFunction(
3071  "__cfi_slowpath_diag",
3072  llvm::FunctionType::get(VoidTy, {Int64Ty, Int8PtrTy, Int8PtrTy},
3073  false));
3074  CheckCall = Builder.CreateCall(
3075  SlowPathFn, {TypeId, Ptr, Builder.CreateBitCast(InfoPtr, Int8PtrTy)});
3076  } else {
3077  SlowPathFn = CGM.getModule().getOrInsertFunction(
3078  "__cfi_slowpath",
3079  llvm::FunctionType::get(VoidTy, {Int64Ty, Int8PtrTy}, false));
3080  CheckCall = Builder.CreateCall(SlowPathFn, {TypeId, Ptr});
3081  }
3082 
3083  CGM.setDSOLocal(
3084  cast<llvm::GlobalValue>(SlowPathFn.getCallee()->stripPointerCasts()));
3085  CheckCall->setDoesNotThrow();
3086 
3087  EmitBlock(Cont);
3088 }
3089 
3090 // Emit a stub for __cfi_check function so that the linker knows about this
3091 // symbol in LTO mode.
3092 void CodeGenFunction::EmitCfiCheckStub() {
3093  llvm::Module *M = &CGM.getModule();
3094  auto &Ctx = M->getContext();
3095  llvm::Function *F = llvm::Function::Create(
3096  llvm::FunctionType::get(VoidTy, {Int64Ty, Int8PtrTy, Int8PtrTy}, false),
3097  llvm::GlobalValue::WeakAnyLinkage, "__cfi_check", M);
3098  CGM.setDSOLocal(F);
3099  llvm::BasicBlock *BB = llvm::BasicBlock::Create(Ctx, "entry", F);
3100  // FIXME: consider emitting an intrinsic call like
3101  // call void @llvm.cfi_check(i64 %0, i8* %1, i8* %2)
3102  // which can be lowered in CrossDSOCFI pass to the actual contents of
3103  // __cfi_check. This would allow inlining of __cfi_check calls.
3104  llvm::CallInst::Create(
3105  llvm::Intrinsic::getDeclaration(M, llvm::Intrinsic::trap), "", BB);
3106  llvm::ReturnInst::Create(Ctx, nullptr, BB);
3107 }
3108 
3109 // This function is basically a switch over the CFI failure kind, which is
3110 // extracted from CFICheckFailData (1st function argument). Each case is either
3111 // llvm.trap or a call to one of the two runtime handlers, based on
3112 // -fsanitize-trap and -fsanitize-recover settings. Default case (invalid
3113 // failure kind) traps, but this should really never happen. CFICheckFailData
3114 // can be nullptr if the calling module has -fsanitize-trap behavior for this
3115 // check kind; in this case __cfi_check_fail traps as well.
3116 void CodeGenFunction::EmitCfiCheckFail() {
3117  SanitizerScope SanScope(this);
3118  FunctionArgList Args;
3119  ImplicitParamDecl ArgData(getContext(), getContext().VoidPtrTy,
3120  ImplicitParamDecl::Other);
3121  ImplicitParamDecl ArgAddr(getContext(), getContext().VoidPtrTy,
3122  ImplicitParamDecl::Other);
3123  Args.push_back(&ArgData);
3124  Args.push_back(&ArgAddr);
3125 
3126  const CGFunctionInfo &FI =
3127  CGM.getTypes().arrangeBuiltinFunctionDeclaration(getContext().VoidTy, Args);
3128 
3129  llvm::Function *F = llvm::Function::Create(
3130  llvm::FunctionType::get(VoidTy, {VoidPtrTy, VoidPtrTy}, false),
3131  llvm::GlobalValue::WeakODRLinkage, "__cfi_check_fail", &CGM.getModule());
3132  F->setVisibility(llvm::GlobalValue::HiddenVisibility);
3133 
3134  StartFunction(GlobalDecl(), CGM.getContext().VoidTy, F, FI, Args,
3135  SourceLocation());
3136 
3137  // This function should not be affected by blacklist. This function does
3138  // not have a source location, but "src:*" would still apply. Revert any
3139  // changes to SanOpts made in StartFunction.
3140  SanOpts = CGM.getLangOpts().Sanitize;
3141 
3142  llvm::Value *Data =
3143  EmitLoadOfScalar(GetAddrOfLocalVar(&ArgData), /*Volatile=*/false,
3144  CGM.getContext().VoidPtrTy, ArgData.getLocation());
3145  llvm::Value *Addr =
3146  EmitLoadOfScalar(GetAddrOfLocalVar(&ArgAddr), /*Volatile=*/false,
3147  CGM.getContext().VoidPtrTy, ArgAddr.getLocation());
3148 
3149  // Data == nullptr means the calling module has trap behaviour for this check.
3150  llvm::Value *DataIsNotNullPtr =
3151  Builder.CreateICmpNE(Data, llvm::ConstantPointerNull::get(Int8PtrTy));
3152  EmitTrapCheck(DataIsNotNullPtr);
3153 
3154  llvm::StructType *SourceLocationTy =
3155  llvm::StructType::get(VoidPtrTy, Int32Ty, Int32Ty);
3156  llvm::StructType *CfiCheckFailDataTy =
3157  llvm::StructType::get(Int8Ty, SourceLocationTy, VoidPtrTy);
3158 
3159  llvm::Value *V = Builder.CreateConstGEP2_32(
3160  CfiCheckFailDataTy,
3161  Builder.CreatePointerCast(Data, CfiCheckFailDataTy->getPointerTo(0)), 0,
3162  0);
3163  Address CheckKindAddr(V, getIntAlign());
3164  llvm::Value *CheckKind = Builder.CreateLoad(CheckKindAddr);
3165 
3166  llvm::Value *AllVtables = llvm::MetadataAsValue::get(
3167  CGM.getLLVMContext(),
3168  llvm::MDString::get(CGM.getLLVMContext(), "all-vtables"));
3169  llvm::Value *ValidVtable = Builder.CreateZExt(
3170  Builder.CreateCall(CGM.getIntrinsic(llvm::Intrinsic::type_test),
3171  {Addr, AllVtables}),
3172  IntPtrTy);
3173 
3174  const std::pair<int, SanitizerMask> CheckKinds[] = {
3175  {CFITCK_VCall, SanitizerKind::CFIVCall},
3176  {CFITCK_NVCall, SanitizerKind::CFINVCall},
3177  {CFITCK_DerivedCast, SanitizerKind::CFIDerivedCast},
3178  {CFITCK_UnrelatedCast, SanitizerKind::CFIUnrelatedCast},
3179  {CFITCK_ICall, SanitizerKind::CFIICall}};
3180 
3181  SmallVector<std::pair<llvm::Value *, SanitizerMask>, 5> Checks;
3182  for (auto CheckKindMaskPair : CheckKinds) {
3183  int Kind = CheckKindMaskPair.first;
3184  SanitizerMask Mask = CheckKindMaskPair.second;
3185  llvm::Value *Cond =
3186  Builder.CreateICmpNE(CheckKind, llvm::ConstantInt::get(Int8Ty, Kind));
3187  if (CGM.getLangOpts().Sanitize.has(Mask))
3188  EmitCheck(std::make_pair(Cond, Mask), SanitizerHandler::CFICheckFail, {},
3189  {Data, Addr, ValidVtable});
3190  else
3191  EmitTrapCheck(Cond);
3192  }
3193 
3194  FinishFunction();
3195  // The only reference to this function will be created during LTO link.
3196  // Make sure it survives until then.
3197  CGM.addUsedGlobal(F);
3198 }
3199 
3200 void CodeGenFunction::EmitUnreachable(SourceLocation Loc) {
3201  if (SanOpts.has(SanitizerKind::Unreachable)) {
3202  SanitizerScope SanScope(this);
3203  EmitCheck(std::make_pair(static_cast<llvm::Value *>(Builder.getFalse()),
3204  SanitizerKind::Unreachable),
3205  SanitizerHandler::BuiltinUnreachable,
3206  EmitCheckSourceLocation(Loc), None);
3207  }
3208  Builder.CreateUnreachable();
3209 }
3210 
3211 void CodeGenFunction::EmitTrapCheck(llvm::Value *Checked) {
3212  llvm::BasicBlock *Cont = createBasicBlock("cont");
3213 
3214  // If we're optimizing, collapse all calls to trap down to just one per
3215  // function to save on code size.
3216  if (!CGM.getCodeGenOpts().OptimizationLevel || !TrapBB) {
3217  TrapBB = createBasicBlock("trap");
3218  Builder.CreateCondBr(Checked, Cont, TrapBB);
3219  EmitBlock(TrapBB);
3220  llvm::CallInst *TrapCall = EmitTrapCall(llvm::Intrinsic::trap);
3221  TrapCall->setDoesNotReturn();
3222  TrapCall->setDoesNotThrow();
3223  Builder.CreateUnreachable();
3224  } else {
3225  Builder.CreateCondBr(Checked, Cont, TrapBB);
3226  }
3227 
3228  EmitBlock(Cont);
3229 }
3230 
3231 llvm::CallInst *CodeGenFunction::EmitTrapCall(llvm::Intrinsic::ID IntrID) {
3232  llvm::CallInst *TrapCall = Builder.CreateCall(CGM.getIntrinsic(IntrID));
3233 
3234  if (!CGM.getCodeGenOpts().TrapFuncName.empty()) {
3235  auto A = llvm::Attribute::get(getLLVMContext(), "trap-func-name",
3236  CGM.getCodeGenOpts().TrapFuncName);
3237  TrapCall->addAttribute(llvm::AttributeList::FunctionIndex, A);
3238  }
3239 
3240  return TrapCall;
3241 }
3242 
3243 Address CodeGenFunction::EmitArrayToPointerDecay(const Expr *E,
3244  LValueBaseInfo *BaseInfo,
3245  TBAAAccessInfo *TBAAInfo) {
3246  assert(E->getType()->isArrayType() &&
3247  "Array to pointer decay must have array source type!");
3248 
3249  // Expressions of array type can't be bitfields or vector elements.
3250  LValue LV = EmitLValue(E);
3251  Address Addr = LV.getAddress();
3252 
3253  // If the array type was an incomplete type, we need to make sure
3254  // the decay ends up being the right type.
3255  llvm::Type *NewTy = ConvertType(E->getType());
3256  Addr = Builder.CreateElementBitCast(Addr, NewTy);
3257 
3258  // Note that VLA pointers are always decayed, so we don't need to do
3259  // anything here.
3260  if (!E->getType()->isVariableArrayType()) {
3261  assert(isa<llvm::ArrayType>(Addr.getElementType()) &&
3262  "Expected pointer to array");
3263  Addr = Builder.CreateConstArrayGEP(Addr, 0, "arraydecay");
3264  }
3265 
3266  // The result of this decay conversion points to an array element within the
3267  // base lvalue. However, since TBAA currently does not support representing
3268  // accesses to elements of member arrays, we conservatively represent accesses
3269  // to the pointee object as if it had no any base lvalue specified.
3270  // TODO: Support TBAA for member arrays.
3271  QualType EltType = E->getType()->castAsArrayTypeUnsafe()->getElementType();
3272  if (BaseInfo) *BaseInfo = LV.getBaseInfo();
3273  if (TBAAInfo) *TBAAInfo = CGM.getTBAAAccessInfo(EltType);
3274 
3275  return Builder.CreateElementBitCast(Addr, ConvertTypeForMem(EltType));
3276 }
3277 
3278 /// isSimpleArrayDecayOperand - If the specified expr is a simple decay from an
3279 /// array to pointer, return the array subexpression.
3280 static const Expr *isSimpleArrayDecayOperand(const Expr *E) {
3281  // If this isn't just an array->pointer decay, bail out.
3282  const auto *CE = dyn_cast<CastExpr>(E);
3283  if (!CE || CE->getCastKind() != CK_ArrayToPointerDecay)
3284  return nullptr;
3285 
3286  // If this is a decay from variable width array, bail out.
3287  const Expr *SubExpr = CE->getSubExpr();
3288  if (SubExpr->getType()->isVariableArrayType())
3289  return nullptr;
3290 
3291  return SubExpr;
3292 }
3293 
3294 static llvm::Value *emitArraySubscriptGEP(CodeGenFunction &CGF,
3295  llvm::Value *ptr,
3296  ArrayRef<llvm::Value*> indices,
3297  bool inbounds,
3298  bool signedIndices,
3299  SourceLocation loc,
3300  const llvm::Twine &name = "arrayidx") {
3301  if (inbounds) {
3302  return CGF.EmitCheckedInBoundsGEP(ptr, indices, signedIndices,
3303  CodeGenFunction::NotSubtraction, loc,
3304  name);
3305  } else {
3306  return CGF.Builder.CreateGEP(ptr, indices, name);
3307  }
3308 }
3309 
3310 static CharUnits getArrayElementAlign(CharUnits arrayAlign,
3311  llvm::Value *idx,
3312  CharUnits eltSize) {
3313  // If we have a constant index, we can use the exact offset of the
3314  // element we're accessing.
3315  if (auto constantIdx = dyn_cast<llvm::ConstantInt>(idx)) {
3316  CharUnits offset = constantIdx->getZExtValue() * eltSize;
3317  return arrayAlign.alignmentAtOffset(offset);
3318 
3319  // Otherwise, use the worst-case alignment for any element.
3320  } else {
3321  return arrayAlign.alignmentOfArrayElement(eltSize);
3322  }
3323 }
3324 
3325 static QualType getFixedSizeElementType(const ASTContext &ctx,
3326  const VariableArrayType *vla) {
3327  QualType eltType;
3328  do {
3329  eltType = vla->getElementType();
3330  } while ((vla = ctx.getAsVariableArrayType(eltType)));
3331  return eltType;
3332 }
3333 
3334 static Address emitArraySubscriptGEP(CodeGenFunction &CGF, Address addr,
3335  ArrayRef<llvm::Value *> indices,
3336  QualType eltType, bool inbounds,
3337  bool signedIndices, SourceLocation loc,
3338  const llvm::Twine &name = "arrayidx") {
3339  // All the indices except that last must be zero.
3340 #ifndef NDEBUG
3341  for (auto idx : indices.drop_back())
3342  assert(isa<llvm::ConstantInt>(idx) &&
3343  cast<llvm::ConstantInt>(idx)->isZero());
3344 #endif
3345 
3346  // Determine the element size of the statically-sized base. This is
3347  // the thing that the indices are expressed in terms of.
3348  if (auto vla = CGF.getContext().getAsVariableArrayType(eltType)) {
3349  eltType = getFixedSizeElementType(CGF.getContext(), vla);
3350  }
3351 
3352  // We can use that to compute the best alignment of the element.
3353  CharUnits eltSize = CGF.getContext().getTypeSizeInChars(eltType);
3354  CharUnits eltAlign =
3355  getArrayElementAlign(addr.getAlignment(), indices.back(), eltSize);
3356 
3357  llvm::Value *eltPtr = emitArraySubscriptGEP(
3358  CGF, addr.getPointer(), indices, inbounds, signedIndices, loc, name);
3359  return Address(eltPtr, eltAlign);
3360 }
3361 
3362 LValue CodeGenFunction::EmitArraySubscriptExpr(const ArraySubscriptExpr *E,
3363  bool Accessed) {
3364  // The index must always be an integer, which is not an aggregate. Emit it
3365  // in lexical order (this complexity is, sadly, required by C++17).
3366  llvm::Value *IdxPre =
3367  (E->getLHS() == E->getIdx()) ? EmitScalarExpr(E->getIdx()) : nullptr;
3368  bool SignedIndices = false;
3369  auto EmitIdxAfterBase = [&, IdxPre](bool Promote) -> llvm::Value * {
3370  auto *Idx = IdxPre;
3371  if (E->getLHS() != E->getIdx()) {
3372  assert(E->getRHS() == E->getIdx() && "index was neither LHS nor RHS");
3373  Idx = EmitScalarExpr(E->getIdx());
3374  }
3375 
3376  QualType IdxTy = E->getIdx()->getType();
3377  bool IdxSigned = IdxTy->isSignedIntegerOrEnumerationType();
3378  SignedIndices |= IdxSigned;
3379 
3380  if (SanOpts.has(SanitizerKind::ArrayBounds))
3381  EmitBoundsCheck(E, E->getBase(), Idx, IdxTy, Accessed);
3382 
3383  // Extend or truncate the index type to 32 or 64-bits.
3384  if (Promote && Idx->getType() != IntPtrTy)
3385  Idx = Builder.CreateIntCast(Idx, IntPtrTy, IdxSigned, "idxprom");
3386 
3387  return Idx;
3388  };
3389  IdxPre = nullptr;
3390 
3391  // If the base is a vector type, then we are forming a vector element lvalue
3392  // with this subscript.
3393  if (E->getBase()->getType()->isVectorType() &&
3394  !isa<ExtVectorElementExpr>(E->getBase())) {
3395  // Emit the vector as an lvalue to get its address.
3396  LValue LHS = EmitLValue(E->getBase());
3397  auto *Idx = EmitIdxAfterBase(/*Promote*/false);
3398  assert(LHS.isSimple() && "Can only subscript lvalue vectors here!");
3399  return LValue::MakeVectorElt(LHS.getAddress(), Idx, E->getBase()->getType(),
3400  LHS.getBaseInfo(), TBAAAccessInfo());
3401  }
3402 
3403  // All the other cases basically behave like simple offsetting.
3404 
3405  // Handle the extvector case we ignored above.
3406  if (isa<ExtVectorElementExpr>(E->getBase())) {
3407  LValue LV = EmitLValue(E->getBase());
3408  auto *Idx = EmitIdxAfterBase(/*Promote*/true);
3409  Address Addr = EmitExtVectorElementLValue(LV);
3410 
3411  QualType EltType = LV.getType()->castAs<VectorType>()->getElementType();
3412  Addr = emitArraySubscriptGEP(*this, Addr, Idx, EltType, /*inbounds*/ true,
3413  SignedIndices, E->getExprLoc());
3414  return MakeAddrLValue(Addr, EltType, LV.getBaseInfo(),
3415  CGM.getTBAAInfoForSubobject(LV, EltType));
3416  }
3417 
3418  LValueBaseInfo EltBaseInfo;
3419  TBAAAccessInfo EltTBAAInfo;
3420  Address Addr = Address::invalid();
3421  if (const VariableArrayType *vla =
3422  getContext().getAsVariableArrayType(E->getType())) {
3423  // The base must be a pointer, which is not an aggregate. Emit
3424  // it. It needs to be emitted first in case it's what captures
3425  // the VLA bounds.
3426  Addr = EmitPointerWithAlignment(E->getBase(), &EltBaseInfo, &EltTBAAInfo);
3427  auto *Idx = EmitIdxAfterBase(/*Promote*/true);
3428 
3429  // The element count here is the total number of non-VLA elements.
3430  llvm::Value *numElements = getVLASize(vla).NumElts;
3431 
3432  // Effectively, the multiply by the VLA size is part of the GEP.
3433  // GEP indexes are signed, and scaling an index isn't permitted to
3434  // signed-overflow, so we use the same semantics for our explicit
3435  // multiply. We suppress this if overflow is not undefined behavior.
3436  if (getLangOpts().isSignedOverflowDefined()) {
3437  Idx = Builder.CreateMul(Idx, numElements);
3438  } else {
3439  Idx = Builder.CreateNSWMul(Idx, numElements);
3440  }
3441 
3442  Addr = emitArraySubscriptGEP(*this, Addr, Idx, vla->getElementType(),
3443  !getLangOpts().isSignedOverflowDefined(),
3444  SignedIndices, E->getExprLoc());
3445 
3446  } else if (const ObjCObjectType *OIT = E->getType()->getAs<ObjCObjectType>()){
3447  // Indexing over an interface, as in "NSString *P; P[4];"
3448 
3449  // Emit the base pointer.
3450  Addr = EmitPointerWithAlignment(E->getBase(), &EltBaseInfo, &EltTBAAInfo);
3451  auto *Idx = EmitIdxAfterBase(/*Promote*/true);
3452 
3453  CharUnits InterfaceSize = getContext().getTypeSizeInChars(OIT);
3454  llvm::Value *InterfaceSizeVal =
3455  llvm::ConstantInt::get(Idx->getType(), InterfaceSize.getQuantity());
3456 
3457  llvm::Value *ScaledIdx = Builder.CreateMul(Idx, InterfaceSizeVal);
3458 
3459  // We don't necessarily build correct LLVM struct types for ObjC
3460  // interfaces, so we can't rely on GEP to do this scaling
3461  // correctly, so we need to cast to i8*. FIXME: is this actually
3462  // true? A lot of other things in the fragile ABI would break...
3463  llvm::Type *OrigBaseTy = Addr.getType();
3464  Addr = Builder.CreateElementBitCast(Addr, Int8Ty);
3465 
3466  // Do the GEP.
3467  CharUnits EltAlign =
3468  getArrayElementAlign(Addr.getAlignment(), Idx, InterfaceSize);
3469  llvm::Value *EltPtr =
3470  emitArraySubscriptGEP(*this, Addr.getPointer(), ScaledIdx, false,
3471  SignedIndices, E->getExprLoc());
3472  Addr = Address(EltPtr, EltAlign);
3473 
3474  // Cast back.
3475  Addr = Builder.CreateBitCast(Addr, OrigBaseTy);
3476  } else if (const Expr *Array = isSimpleArrayDecayOperand(E->getBase())) {
3477  // If this is A[i] where A is an array, the frontend will have decayed the
3478  // base to be a ArrayToPointerDecay implicit cast. While correct, it is
3479  // inefficient at -O0 to emit a "gep A, 0, 0" when codegen'ing it, then a
3480  // "gep x, i" here. Emit one "gep A, 0, i".
3481  assert(Array->getType()->isArrayType() &&
3482  "Array to pointer decay must have array source type!");
3483  LValue ArrayLV;
3484  // For simple multidimensional array indexing, set the 'accessed' flag for
3485  // better bounds-checking of the base expression.
3486  if (const auto *ASE = dyn_cast<ArraySubscriptExpr>(Array))
3487  ArrayLV = EmitArraySubscriptExpr(ASE, /*Accessed*/ true);
3488  else
3489  ArrayLV = EmitLValue(Array);
3490  auto *Idx = EmitIdxAfterBase(/*Promote*/true);
3491 
3492  // Propagate the alignment from the array itself to the result.
3493  Addr = emitArraySubscriptGEP(
3494  *this, ArrayLV.getAddress(), {CGM.getSize(CharUnits::Zero()), Idx},
3495  E->getType(), !getLangOpts().isSignedOverflowDefined(), SignedIndices,
3496  E->getExprLoc());
3497  EltBaseInfo = ArrayLV.getBaseInfo();
3498  EltTBAAInfo = CGM.getTBAAInfoForSubobject(ArrayLV, E->getType());
3499  } else {
3500  // The base must be a pointer; emit it with an estimate of its alignment.
3501  Addr = EmitPointerWithAlignment(E->getBase(), &EltBaseInfo, &EltTBAAInfo);
3502  auto *Idx = EmitIdxAfterBase(/*Promote*/true);
3503  Addr = emitArraySubscriptGEP(*this, Addr, Idx, E->getType(),
3504  !getLangOpts().isSignedOverflowDefined(),
3505  SignedIndices, E->getExprLoc());
3506  }
3507 
3508  LValue LV = MakeAddrLValue(Addr, E->getType(), EltBaseInfo, EltTBAAInfo);
3509 
3510  if (getLangOpts().ObjC &&
3511  getLangOpts().getGC() != LangOptions::NonGC) {
3512  LV.setNonGC(!E->isOBJCGCCandidate(getContext()));
3513  setObjCGCLValueClass(getContext(), E, LV);
3514  }
3515  return LV;
3516 }
3517 
3518 static Address emitOMPArraySectionBase(CodeGenFunction &CGF, const Expr *Base,
3519  LValueBaseInfo &BaseInfo,
3520  TBAAAccessInfo &TBAAInfo,
3521  QualType BaseTy, QualType ElTy,
3522  bool IsLowerBound) {
3523  LValue BaseLVal;
3524  if (auto *ASE = dyn_cast<OMPArraySectionExpr>(Base->IgnoreParenImpCasts())) {
3525  BaseLVal = CGF.EmitOMPArraySectionExpr(ASE, IsLowerBound);
3526  if (BaseTy->isArrayType()) {
3527  Address Addr = BaseLVal.getAddress();
3528  BaseInfo = BaseLVal.getBaseInfo();
3529 
3530  // If the array type was an incomplete type, we need to make sure
3531  // the decay ends up being the right type.
3532  llvm::Type *NewTy = CGF.ConvertType(BaseTy);
3533  Addr = CGF.Builder.CreateElementBitCast(Addr, NewTy);
3534 
3535  // Note that VLA pointers are always decayed, so we don't need to do
3536  // anything here.
3537  if (!BaseTy->isVariableArrayType()) {
3538  assert(isa<llvm::ArrayType>(Addr.getElementType()) &&
3539  "Expected pointer to array");
3540  Addr = CGF.Builder.CreateConstArrayGEP(Addr, 0, "arraydecay");
3541  }
3542 
3543  return CGF.Builder.CreateElementBitCast(Addr,
3544  CGF.ConvertTypeForMem(ElTy));
3545  }
3546  LValueBaseInfo TypeBaseInfo;
3547  TBAAAccessInfo TypeTBAAInfo;
3548  CharUnits Align = CGF.getNaturalTypeAlignment(ElTy, &TypeBaseInfo,
3549  &TypeTBAAInfo);
3550  BaseInfo.mergeForCast(TypeBaseInfo);
3551  TBAAInfo = CGF.CGM.mergeTBAAInfoForCast(TBAAInfo, TypeTBAAInfo);
3552  return Address(CGF.Builder.CreateLoad(BaseLVal.getAddress()), Align);
3553  }
3554  return CGF.EmitPointerWithAlignment(Base, &BaseInfo, &TBAAInfo);
3555 }
3556 
3557 LValue CodeGenFunction::EmitOMPArraySectionExpr(const OMPArraySectionExpr *E,
3558  bool IsLowerBound) {
3559  QualType BaseTy = OMPArraySectionExpr::getBaseOriginalType(E->getBase());
3560  QualType ResultExprTy;
3561  if (auto *AT = getContext().getAsArrayType(BaseTy))
3562  ResultExprTy = AT->getElementType();
3563  else
3564  ResultExprTy = BaseTy->getPointeeType();
3565  llvm::Value *Idx = nullptr;
3566  if (IsLowerBound || E->getColonLoc().isInvalid()) {
3567  // Requesting lower bound or upper bound, but without provided length and
3568  // without ':' symbol for the default length -> length = 1.
3569  // Idx = LowerBound ?: 0;
3570  if (auto *LowerBound = E->getLowerBound()) {
3571  Idx = Builder.CreateIntCast(
3572  EmitScalarExpr(LowerBound), IntPtrTy,
3573  LowerBound->getType()->hasSignedIntegerRepresentation());
3574  } else
3575  Idx = llvm::ConstantInt::getNullValue(IntPtrTy);
3576  } else {
3577  // Try to emit length or lower bound as constant. If this is possible, 1
3578  // is subtracted from constant length or lower bound. Otherwise, emit LLVM
3579  // IR (LB + Len) - 1.
3580  auto &C = CGM.getContext();
3581  auto *Length = E->getLength();
3582  llvm::APSInt ConstLength;
3583  if (Length) {
3584  // Idx = LowerBound + Length - 1;
3585  if (Length->isIntegerConstantExpr(ConstLength, C)) {
3586  ConstLength = ConstLength.zextOrTrunc(PointerWidthInBits);
3587  Length = nullptr;
3588  }
3589  auto *LowerBound = E->getLowerBound();
3590  llvm::APSInt ConstLowerBound(PointerWidthInBits, /*isUnsigned=*/false);
3591  if (LowerBound && LowerBound->isIntegerConstantExpr(ConstLowerBound, C)) {
3592  ConstLowerBound = ConstLowerBound.zextOrTrunc(PointerWidthInBits);
3593  LowerBound = nullptr;
3594  }
3595  if (!Length)
3596  --ConstLength;
3597  else if (!LowerBound)
3598  --ConstLowerBound;
3599 
3600  if (Length || LowerBound) {
3601  auto *LowerBoundVal =
3602  LowerBound
3603  ? Builder.CreateIntCast(
3604  EmitScalarExpr(LowerBound), IntPtrTy,
3605  LowerBound->getType()->hasSignedIntegerRepresentation())
3606  : llvm::ConstantInt::get(IntPtrTy, ConstLowerBound);
3607  auto *LengthVal =
3608  Length
3609  ? Builder.CreateIntCast(
3610  EmitScalarExpr(Length), IntPtrTy,
3611  Length->getType()->hasSignedIntegerRepresentation())
3612  : llvm::ConstantInt::get(IntPtrTy, ConstLength);
3613  Idx = Builder.CreateAdd(LowerBoundVal, LengthVal, "lb_add_len",
3614  /*HasNUW=*/false,
3615  !getLangOpts().isSignedOverflowDefined());
3616  if (Length && LowerBound) {
3617  Idx = Builder.CreateSub(
3618  Idx, llvm::ConstantInt::get(IntPtrTy, /*V=*/1), "idx_sub_1",
3619  /*HasNUW=*/false, !getLangOpts().isSignedOverflowDefined());
3620  }
3621  } else
3622  Idx = llvm::ConstantInt::get(IntPtrTy, ConstLength + ConstLowerBound);
3623  } else {
3624  // Idx = ArraySize - 1;
3625  QualType ArrayTy = BaseTy->isPointerType()
3626  ? E->getBase()->IgnoreParenImpCasts()->getType()
3627  : BaseTy;
3628  if (auto *VAT = C.getAsVariableArrayType(ArrayTy)) {
3629  Length = VAT->getSizeExpr();
3630  if (Length->isIntegerConstantExpr(ConstLength, C))
3631  Length = nullptr;
3632  } else {
3633  auto *CAT = C.getAsConstantArrayType(ArrayTy);
3634  ConstLength = CAT->getSize();
3635  }
3636  if (Length) {
3637  auto *LengthVal = Builder.CreateIntCast(
3638  EmitScalarExpr(Length), IntPtrTy,
3639  Length->getType()->hasSignedIntegerRepresentation());
3640  Idx = Builder.CreateSub(
3641  LengthVal, llvm::ConstantInt::get(IntPtrTy, /*V=*/1), "len_sub_1",
3642  /*HasNUW=*/false, !getLangOpts().isSignedOverflowDefined());
3643  } else {
3644  ConstLength = ConstLength.zextOrTrunc(PointerWidthInBits);
3645  --ConstLength;
3646  Idx = llvm::ConstantInt::get(IntPtrTy, ConstLength);
3647  }
3648  }
3649  }
3650  assert(Idx);
3651 
3652  Address EltPtr = Address::invalid();
3653  LValueBaseInfo BaseInfo;
3654  TBAAAccessInfo TBAAInfo;
3655  if (auto *VLA = getContext().getAsVariableArrayType(ResultExprTy)) {
3656  // The base must be a pointer, which is not an aggregate. Emit
3657  // it. It needs to be emitted first in case it's what captures
3658  // the VLA bounds.
3659  Address Base =
3660  emitOMPArraySectionBase(*this, E->getBase(), BaseInfo, TBAAInfo,
3661  BaseTy, VLA->getElementType(), IsLowerBound);
3662  // The element count here is the total number of non-VLA elements.
3663  llvm::Value *NumElements = getVLASize(VLA).NumElts;
3664 
3665  // Effectively, the multiply by the VLA size is part of the GEP.
3666  // GEP indexes are signed, and scaling an index isn't permitted to
3667  // signed-overflow, so we use the same semantics for our explicit
3668  // multiply. We suppress this if overflow is not undefined behavior.
3669  if (getLangOpts().isSignedOverflowDefined())
3670  Idx = Builder.CreateMul(Idx, NumElements);
3671  else
3672  Idx = Builder.CreateNSWMul(Idx, NumElements);
3673  EltPtr = emitArraySubscriptGEP(*this, Base, Idx, VLA->getElementType(),
3674  !getLangOpts().isSignedOverflowDefined(),
3675  /*SignedIndices=*/false, E->getExprLoc());
3676  } else if (const Expr *Array = isSimpleArrayDecayOperand(E->getBase())) {
3677  // If this is A[i] where A is an array, the frontend will have decayed the
3678  // base to be a ArrayToPointerDecay implicit cast. While correct, it is
3679  // inefficient at -O0 to emit a "gep A, 0, 0" when codegen'ing it, then a
3680  // "gep x, i" here. Emit one "gep A, 0, i".
3681  assert(Array->getType()->isArrayType() &&
3682  "Array to pointer decay must have array source type!");
3683  LValue ArrayLV;
3684  // For simple multidimensional array indexing, set the 'accessed' flag for
3685  // better bounds-checking of the base expression.
3686  if (const auto *ASE = dyn_cast<ArraySubscriptExpr>(Array))
3687  ArrayLV = EmitArraySubscriptExpr(ASE, /*Accessed*/ true);
3688  else
3689  ArrayLV = EmitLValue(Array);
3690 
3691  // Propagate the alignment from the array itself to the result.
3692  EltPtr = emitArraySubscriptGEP(
3693  *this, ArrayLV.getAddress(), {CGM.getSize(CharUnits::Zero()), Idx},
3694  ResultExprTy, !getLangOpts().isSignedOverflowDefined(),
3695  /*SignedIndices=*/false, E->getExprLoc());
3696  BaseInfo = ArrayLV.getBaseInfo();
3697  TBAAInfo = CGM.getTBAAInfoForSubobject(ArrayLV, ResultExprTy);
3698  } else {
3699  Address Base = emitOMPArraySectionBase(*this, E->getBase(), BaseInfo,
3700  TBAAInfo, BaseTy, ResultExprTy,
3701  IsLowerBound);
3702  EltPtr = emitArraySubscriptGEP(*this, Base, Idx, ResultExprTy,
3703  !getLangOpts().isSignedOverflowDefined(),
3704  /*SignedIndices=*/false, E->getExprLoc());
3705  }
3706 
3707  return MakeAddrLValue(EltPtr, ResultExprTy, BaseInfo, TBAAInfo);
3708 }
3709 
3710 LValue CodeGenFunction::
3711 EmitExtVectorElementExpr(const ExtVectorElementExpr *E) {
3712  // Emit the base vector as an l-value.
3713  LValue Base;
3714 
3715  // ExtVectorElementExpr's base can either be a vector or pointer to vector.
3716  if (E->isArrow()) {
3717  // If it is a pointer to a vector, emit the address and form an lvalue with
3718  // it.
3719  LValueBaseInfo BaseInfo;
3720  TBAAAccessInfo TBAAInfo;
3721  Address Ptr = EmitPointerWithAlignment(E->getBase(), &BaseInfo, &TBAAInfo);
3722  const PointerType *PT = E->getBase()->getType()->getAs<PointerType>();
3723  Base = MakeAddrLValue(Ptr, PT->getPointeeType(), BaseInfo, TBAAInfo);
3724  Base.getQuals().removeObjCGCAttr();
3725  } else if (E->getBase()->isGLValue()) {
3726  // Otherwise, if the base is an lvalue ( as in the case of foo.x.x),
3727  // emit the base as an lvalue.
3728  assert(E->getBase()->getType()->isVectorType());
3729  Base = EmitLValue(E->getBase());
3730  } else {
3731  // Otherwise, the base is a normal rvalue (as in (V+V).x), emit it as such.
3732  assert(E->getBase()->getType()->isVectorType() &&
3733  "Result must be a vector");
3734  llvm::Value *Vec = EmitScalarExpr(E->getBase());
3735 
3736  // Store the vector to memory (because LValue wants an address).
3737  Address VecMem = CreateMemTemp(E->getBase()->getType());
3738  Builder.CreateStore(Vec, VecMem);
3739  Base = MakeAddrLValue(VecMem, E->getBase()->getType(),
3740  AlignmentSource::Decl);
3741  }
3742 
3743  QualType type =
3744  E->getType().withCVRQualifiers(Base.getQuals().getCVRQualifiers());
3745 
3746  // Encode the element access list into a vector of unsigned indices.
3747  SmallVector<uint32_t, 4> Indices;
3748  E->getEncodedElementAccess(Indices);
3749 
3750  if (Base.isSimple()) {
3751  llvm::Constant *CV =
3752  llvm::ConstantDataVector::get(getLLVMContext(), Indices);
3753  return LValue::MakeExtVectorElt(Base.getAddress(), CV, type,
3754  Base.getBaseInfo(), TBAAAccessInfo());
3755  }
3756  assert(Base.isExtVectorElt() && "Can only subscript lvalue vec elts here!");
3757 
3758  llvm::Constant *BaseElts = Base.getExtVectorElts();
3759  SmallVector<llvm::Constant *, 4> CElts;
3760 
3761  for (unsigned i = 0, e = Indices.size(); i != e; ++i)
3762  CElts.push_back(BaseElts->getAggregateElement(Indices[i]));
3763  llvm::Constant *CV = llvm::ConstantVector::get(CElts);
3764  return LValue::MakeExtVectorElt(Base.getExtVectorAddress(), CV, type,
3765  Base.getBaseInfo(), TBAAAccessInfo());
3766 }
3767 
3768 LValue CodeGenFunction::EmitMemberExpr(const MemberExpr *E) {
3769  if (DeclRefExpr *DRE = tryToConvertMemberExprToDeclRefExpr(*this, E)) {
3770  EmitIgnoredExpr(E->getBase());
3771  return EmitDeclRefLValue(DRE);
3772  }
3773 
3774  Expr *BaseExpr = E->getBase();
3775  // If this is s.x, emit s as an lvalue. If it is s->x, emit s as a scalar.
3776  LValue BaseLV;
3777  if (E->isArrow()) {
3778  LValueBaseInfo BaseInfo;
3779  TBAAAccessInfo TBAAInfo;
3780  Address Addr = EmitPointerWithAlignment(BaseExpr, &BaseInfo, &TBAAInfo);
3781  QualType PtrTy = BaseExpr->getType()->getPointeeType();
3782  SanitizerSet SkippedChecks;
3783  bool IsBaseCXXThis = IsWrappedCXXThis(BaseExpr);
3784  if (IsBaseCXXThis)
3785  SkippedChecks.set(SanitizerKind::Alignment, true);
3786  if (IsBaseCXXThis || isa<DeclRefExpr>(BaseExpr))
3787  SkippedChecks.set(SanitizerKind::Null, true);
3788  EmitTypeCheck(TCK_MemberAccess, E->getExprLoc(), Addr.getPointer(), PtrTy,
3789  /*Alignment=*/CharUnits::Zero(), SkippedChecks);
3790  BaseLV = MakeAddrLValue(Addr, PtrTy, BaseInfo, TBAAInfo);
3791  } else
3792  BaseLV = EmitCheckedLValue(BaseExpr, TCK_MemberAccess);
3793 
3794  NamedDecl *ND = E->getMemberDecl();
3795  if (auto *Field = dyn_cast<FieldDecl>(ND)) {
3796  LValue LV = EmitLValueForField(BaseLV, Field);
3797  setObjCGCLValueClass(getContext(), E, LV);
3798  return LV;
3799  }
3800 
3801  if (const auto *FD = dyn_cast<FunctionDecl>(ND))
3802  return EmitFunctionDeclLValue(*this, E, FD);
3803 
3804  llvm_unreachable("Unhandled member declaration!");
3805 }
3806 
3807 /// Given that we are currently emitting a lambda, emit an l-value for
3808 /// one of its members.
3809 LValue CodeGenFunction::EmitLValueForLambdaField(const FieldDecl *Field) {
3810  assert(cast<CXXMethodDecl>(CurCodeDecl)->getParent()->isLambda());
3811  assert(cast<CXXMethodDecl>(CurCodeDecl)->getParent() == Field->getParent());
3812  QualType LambdaTagType =
3813  getContext().getTagDeclType(Field->getParent());
3814  LValue LambdaLV = MakeNaturalAlignAddrLValue(CXXABIThisValue, LambdaTagType);
3815  return EmitLValueForField(LambdaLV, Field);
3816 }
3817 
3818 /// Drill down to the storage of a field without walking into
3819 /// reference types.
3820 ///
3821 /// The resulting address doesn't necessarily have the right type.
3822 static Address emitAddrOfFieldStorage(CodeGenFunction &CGF, Address base,
3823  const FieldDecl *field) {
3824  const RecordDecl *rec = field->getParent();
3825 
3826  unsigned idx =
3827  CGF.CGM.getTypes().getCGRecordLayout(rec).getLLVMFieldNo(field);
3828 
3829  return CGF.Builder.CreateStructGEP(base, idx, field->getName());
3830 }
3831 
3832 static bool hasAnyVptr(const QualType Type, const ASTContext &Context) {
3833  const auto *RD = Type.getTypePtr()->getAsCXXRecordDecl();
3834  if (!RD)
3835  return false;
3836 
3837  if (RD->isDynamicClass())
3838  return true;
3839 
3840  for (const auto &Base : RD->bases())
3841  if (hasAnyVptr(Base.getType(), Context))
3842  return true;
3843 
3844  for (const FieldDecl *Field : RD->fields())
3845  if (hasAnyVptr(Field->getType(), Context))
3846  return true;
3847 
3848  return false;
3849 }
3850 
3851 LValue CodeGenFunction::EmitLValueForField(LValue base,
3852  const FieldDecl *field) {
3853  LValueBaseInfo BaseInfo = base.getBaseInfo();
3854 
3855  if (field->isBitField()) {
3856  const CGRecordLayout &RL =
3857  CGM.getTypes().getCGRecordLayout(field->getParent());
3858  const CGBitFieldInfo &Info = RL.getBitFieldInfo(field);
3859  Address Addr = base.getAddress();
3860  unsigned Idx = RL.getLLVMFieldNo(field);
3861  if (Idx != 0)
3862  // For structs, we GEP to the field that the record layout suggests.
3863  Addr = Builder.CreateStructGEP(Addr, Idx, field->getName());
3864  // Get the access type.
3865  llvm::Type *FieldIntTy =
3866  llvm::Type::getIntNTy(getLLVMContext(), Info.StorageSize);
3867  if (Addr.getElementType() != FieldIntTy)
3868  Addr = Builder.CreateElementBitCast(Addr, FieldIntTy);
3869 
3870  QualType fieldType =
3871  field->getType().withCVRQualifiers(base.getVRQualifiers());
3872  // TODO: Support TBAA for bit fields.
3873  LValueBaseInfo FieldBaseInfo(BaseInfo.getAlignmentSource());
3874  return LValue::MakeBitfield(Addr, Info, fieldType, FieldBaseInfo,
3875  TBAAAccessInfo());
3876  }
3877 
3878  // Fields of may-alias structures are may-alias themselves.
3879  // FIXME: this should get propagated down through anonymous structs
3880  // and unions.
3881  QualType FieldType = field->getType();
3882  const RecordDecl *rec = field->getParent();
3883  AlignmentSource BaseAlignSource = BaseInfo.getAlignmentSource();
3884  LValueBaseInfo FieldBaseInfo(getFieldAlignmentSource(BaseAlignSource));
3885  TBAAAccessInfo FieldTBAAInfo;
3886  if (base.getTBAAInfo().isMayAlias() ||
3887  rec->hasAttr<MayAliasAttr>() || FieldType->isVectorType()) {
3888  FieldTBAAInfo = TBAAAccessInfo::getMayAliasInfo();
3889  } else if (rec->isUnion()) {
3890  // TODO: Support TBAA for unions.
3891  FieldTBAAInfo = TBAAAccessInfo::getMayAliasInfo();
3892  } else {
3893  // If no base type been assigned for the base access, then try to generate
3894  // one for this base lvalue.
3895  FieldTBAAInfo = base.getTBAAInfo();
3896  if (!FieldTBAAInfo.BaseType) {
3897  FieldTBAAInfo.BaseType = CGM.getTBAABaseTypeInfo(base.getType());
3898  assert(!FieldTBAAInfo.Offset &&
3899  "Nonzero offset for an access with no base type!");
3900  }
3901 
3902  // Adjust offset to be relative to the base type.
3903  const ASTRecordLayout &Layout =
3904  getContext().getASTRecordLayout(field->getParent());
3905  unsigned CharWidth = getContext().getCharWidth();
3906  if (FieldTBAAInfo.BaseType)
3907  FieldTBAAInfo.Offset +=
3908  Layout.getFieldOffset(field->getFieldIndex()) / CharWidth;
3909 
3910  // Update the final access type and size.
3911  FieldTBAAInfo.AccessType = CGM.getTBAATypeInfo(FieldType);
3912  FieldTBAAInfo.Size =
3913  getContext().getTypeSizeInChars(FieldType).getQuantity();
3914  }
3915 
3916  Address addr = base.getAddress();
3917  if (auto *ClassDef = dyn_cast<CXXRecordDecl>(rec)) {
3918  if (CGM.getCodeGenOpts().StrictVTablePointers &&
3919  ClassDef->isDynamicClass()) {
3920  // Getting to any field of dynamic object requires stripping dynamic
3921  // information provided by invariant.group. This is because accessing
3922  // fields may leak the real address of dynamic object, which could result
3923  // in miscompilation when leaked pointer would be compared.
3924  auto *stripped = Builder.CreateStripInvariantGroup(addr.getPointer());
3925  addr = Address(stripped, addr.getAlignment());
3926  }
3927  }
3928 
3929  unsigned RecordCVR = base.getVRQualifiers();
3930  if (rec->isUnion()) {
3931  // For unions, there is no pointer adjustment.
3932  assert(!FieldType->isReferenceType() && "union has reference member");
3933  if (CGM.getCodeGenOpts().StrictVTablePointers &&
3934  hasAnyVptr(FieldType, getContext()))
3935  // Because unions can easily skip invariant.barriers, we need to add
3936  // a barrier every time CXXRecord field with vptr is referenced.
3937  addr = Address(Builder.CreateLaunderInvariantGroup(addr.getPointer()),
3938  addr.getAlignment());
3939  } else {
3940  // For structs, we GEP to the field that the record layout suggests.
3941  addr = emitAddrOfFieldStorage(*this, addr, field);
3942 
3943  // If this is a reference field, load the reference right now.
3944  if (FieldType->isReferenceType()) {
3945  LValue RefLVal = MakeAddrLValue(addr, FieldType, FieldBaseInfo,
3946  FieldTBAAInfo);
3947  if (RecordCVR & Qualifiers::Volatile)
3948  RefLVal.getQuals().addVolatile();
3949  addr = EmitLoadOfReference(RefLVal, &FieldBaseInfo, &FieldTBAAInfo);
3950 
3951  // Qualifiers on the struct don't apply to the referencee.
3952  RecordCVR = 0;
3953  FieldType = FieldType->getPointeeType();
3954  }
3955  }
3956 
3957  // Make sure that the address is pointing to the right type. This is critical
3958  // for both unions and structs. A union needs a bitcast, a struct element
3959  // will need a bitcast if the LLVM type laid out doesn't match the desired
3960  // type.
3961  addr = Builder.CreateElementBitCast(
3962  addr, CGM.getTypes().ConvertTypeForMem(FieldType), field->getName());
3963 
3964  if (field->hasAttr<AnnotateAttr>())
3965  addr = EmitFieldAnnotations(field, addr);
3966 
3967  LValue LV = MakeAddrLValue(addr, FieldType, FieldBaseInfo, FieldTBAAInfo);
3968  LV.getQuals().addCVRQualifiers(RecordCVR);
3969 
3970  // __weak attribute on a field is ignored.
3971  if (LV.getQuals().getObjCGCAttr() == Qualifiers::Weak)
3972  LV.getQuals().removeObjCGCAttr();
3973 
3974  return LV;
3975 }
3976 
3977 LValue
3978 CodeGenFunction::EmitLValueForFieldInitialization(LValue Base,
3979  const FieldDecl *Field) {
3980  QualType FieldType = Field->getType();
3981 
3982  if (!FieldType->isReferenceType())
3983  return EmitLValueForField(Base, Field);
3984 
3985  Address V = emitAddrOfFieldStorage(*this, Base.getAddress(), Field);
3986 
3987  // Make sure that the address is pointing to the right type.
3988  llvm::Type *llvmType = ConvertTypeForMem(FieldType);
3989  V = Builder.CreateElementBitCast(V, llvmType, Field->getName());
3990 
3991  // TODO: Generate TBAA information that describes this access as a structure
3992  // member access and not just an access to an object of the field's type. This
3993  // should be similar to what we do in EmitLValueForField().
3994  LValueBaseInfo BaseInfo = Base.getBaseInfo();
3995  AlignmentSource FieldAlignSource = BaseInfo.getAlignmentSource();
3996  LValueBaseInfo FieldBaseInfo(getFieldAlignmentSource(FieldAlignSource));
3997  return MakeAddrLValue(V, FieldType, FieldBaseInfo,
3998  CGM.getTBAAInfoForSubobject(Base, FieldType));
3999 }
4000 
4001 LValue CodeGenFunction::EmitCompoundLiteralLValue(const CompoundLiteralExpr *E){
4002  if (E->isFileScope()) {
4003  ConstantAddress GlobalPtr = CGM.GetAddrOfConstantCompoundLiteral(E);
4004  return MakeAddrLValue(GlobalPtr, E->getType(), AlignmentSource::Decl);
4005  }
4006  if (E->getType()->isVariablyModifiedType())
4007  // make sure to emit the VLA size.
4008  EmitVariablyModifiedType(E->getType());
4009 
4010  Address DeclPtr = CreateMemTemp(E->getType(), ".compoundliteral");
4011  const Expr *InitExpr = E->getInitializer();
4012  LValue Result = MakeAddrLValue(DeclPtr, E->getType(), AlignmentSource::Decl);
4013 
4014  EmitAnyExprToMem(InitExpr, DeclPtr, E->getType().getQualifiers(),
4015  /*Init*/ true);
4016 
4017  return Result;
4018 }
4019 
4020 LValue CodeGenFunction::EmitInitListLValue(const InitListExpr *E) {
4021  if (!E->isGLValue())
4022  // Initializing an aggregate temporary in C++11: T{...}.
4023  return EmitAggExprToLValue(E);
4024 
4025  // An lvalue initializer list must be initializing a reference.
4026  assert(E->isTransparent() && "non-transparent glvalue init list");
4027  return EmitLValue(E->getInit(0));
4028 }
4029 
4030 /// Emit the operand of a glvalue conditional operator. This is either a glvalue
4031 /// or a (possibly-parenthesized) throw-expression. If this is a throw, no
4032 /// LValue is returned and the current block has been terminated.
4033 static Optional<LValue> EmitLValueOrThrowExpression(CodeGenFunction &CGF,
4034  const Expr *Operand) {
4035  if (auto *ThrowExpr = dyn_cast<CXXThrowExpr>(Operand->IgnoreParens())) {
4036  CGF.EmitCXXThrowExpr(ThrowExpr, /*KeepInsertionPoint*/false);
4037  return None;
4038  }
4039 
4040  return CGF.EmitLValue(Operand);
4041 }
4042 
4043 LValue CodeGenFunction::
4044 EmitConditionalOperatorLValue(const AbstractConditionalOperator *expr) {
4045  if (!expr->isGLValue()) {
4046  // ?: here should be an aggregate.
4047  assert(hasAggregateEvaluationKind(expr->getType()) &&
4048  "Unexpected conditional operator!");
4049  return EmitAggExprToLValue(expr);
4050  }
4051 
4052  OpaqueValueMapping binding(*this, expr);
4053 
4054  const Expr *condExpr = expr->getCond();
4055  bool CondExprBool;
4056  if (ConstantFoldsToSimpleInteger(condExpr, CondExprBool)) {
4057  const Expr *live = expr->getTrueExpr(), *dead = expr->getFalseExpr();
4058  if (!CondExprBool) std::swap(live, dead);
4059 
4060  if (!ContainsLabel(dead)) {
4061  // If the true case is live, we need to track its region.
4062  if (CondExprBool)
4063  incrementProfileCounter(expr);
4064  return EmitLValue(live);
4065  }
4066  }
4067 
4068  llvm::BasicBlock *lhsBlock = createBasicBlock("cond.true");
4069  llvm::BasicBlock *rhsBlock = createBasicBlock("cond.false");
4070  llvm::BasicBlock *contBlock = createBasicBlock("cond.end");
4071 
4072  ConditionalEvaluation eval(*this);
4073  EmitBranchOnBoolExpr(condExpr, lhsBlock, rhsBlock, getProfileCount(expr));
4074 
4075  // Any temporaries created here are conditional.
4076  EmitBlock(lhsBlock);
4077  incrementProfileCounter(expr);
4078  eval.begin(*this);
4079  Optional<LValue> lhs =
4080  EmitLValueOrThrowExpression(*this, expr->getTrueExpr());
4081  eval.end(*this);
4082 
4083  if (lhs && !lhs->isSimple())
4084  return EmitUnsupportedLValue(expr, "conditional operator");
4085 
4086  lhsBlock = Builder.GetInsertBlock();
4087  if (lhs)
4088  Builder.CreateBr(contBlock);
4089 
4090  // Any temporaries created here are conditional.
4091  EmitBlock(rhsBlock);
4092  eval.begin(*this);
4093  Optional<LValue> rhs =
4094  EmitLValueOrThrowExpression(*this, expr->getFalseExpr());
4095  eval.end(*this);
4096  if (rhs && !rhs->isSimple())
4097  return EmitUnsupportedLValue(expr, "conditional operator");
4098  rhsBlock = Builder.GetInsertBlock();
4099 
4100  EmitBlock(contBlock);
4101 
4102  if (lhs && rhs) {
4103  llvm::PHINode *phi = Builder.CreatePHI(lhs->getPointer()->getType(),
4104  2, "cond-lvalue");
4105  phi->addIncoming(lhs->getPointer(), lhsBlock);
4106  phi->addIncoming(rhs->getPointer(), rhsBlock);
4107  Address result(phi, std::min(lhs->getAlignment(), rhs->getAlignment()));
4108  AlignmentSource alignSource =
4109  std::max(lhs->getBaseInfo().getAlignmentSource(),
4110  rhs->getBaseInfo().getAlignmentSource());
4111  TBAAAccessInfo TBAAInfo = CGM.mergeTBAAInfoForConditionalOperator(
4112  lhs->getTBAAInfo(), rhs->getTBAAInfo());
4113  return MakeAddrLValue(result, expr->getType(), LValueBaseInfo(alignSource),
4114  TBAAInfo);
4115  } else {
4116  assert((lhs || rhs) &&
4117  "both operands of glvalue conditional are throw-expressions?");
4118  return lhs ? *lhs : *rhs;
4119  }
4120 }
4121 
4122 /// EmitCastLValue - Casts are never lvalues unless that cast is to a reference
4123 /// type. If the cast is to a reference, we can have the usual lvalue result,
4124 /// otherwise if a cast is needed by the code generator in an lvalue context,
4125 /// then it must mean that we need the address of an aggregate in order to
4126 /// access one of its members. This can happen for all the reasons that casts
4127 /// are permitted with aggregate result, including noop aggregate casts, and
4128 /// cast from scalar to union.
4129 LValue CodeGenFunction::EmitCastLValue(const CastExpr *E) {
4130  switch (E->getCastKind()) {
4131  case CK_ToVoid:
4132  case CK_BitCast:
4133  case CK_ArrayToPointerDecay:
4134  case CK_FunctionToPointerDecay:
4135  case CK_NullToMemberPointer:
4136  case CK_NullToPointer:
4137  case CK_IntegralToPointer:
4138  case CK_PointerToIntegral:
4139  case CK_PointerToBoolean:
4140  case CK_VectorSplat:
4141  case CK_IntegralCast:
4142  case CK_BooleanToSignedIntegral:
4143  case CK_IntegralToBoolean:
4144  case CK_IntegralToFloating:
4145  case CK_FloatingToIntegral:
4146  case CK_FloatingToBoolean:
4147  case CK_FloatingCast:
4148  case CK_FloatingRealToComplex:
4149  case CK_FloatingComplexToReal:
4150  case CK_FloatingComplexToBoolean:
4151  case CK_FloatingComplexCast:
4152  case CK_FloatingComplexToIntegralComplex:
4153  case CK_IntegralRealToComplex:
4154  case CK_IntegralComplexToReal:
4155  case CK_IntegralComplexToBoolean:
4156  case CK_IntegralComplexCast:
4157  case CK_IntegralComplexToFloatingComplex:
4158  case CK_DerivedToBaseMemberPointer:
4159  case CK_BaseToDerivedMemberPointer:
4160  case CK_MemberPointerToBoolean:
4161  case CK_ReinterpretMemberPointer:
4162  case CK_AnyPointerToBlockPointerCast:
4163  case CK_ARCProduceObject:
4164  case CK_ARCConsumeObject:
4165  case CK_ARCReclaimReturnedObject:
4166  case CK_ARCExtendBlockObject:
4167  case CK_CopyAndAutoreleaseBlockObject:
4168  case CK_IntToOCLSampler:
4169  case CK_FixedPointCast:
4170  case CK_FixedPointToBoolean:
4171  case CK_FixedPointToIntegral:
4172  case CK_IntegralToFixedPoint:
4173  return EmitUnsupportedLValue(E, "unexpected cast lvalue");
4174 
4175  case CK_Dependent:
4176  llvm_unreachable("dependent cast kind in IR gen!");
4177 
4178  case CK_BuiltinFnToFnPtr:
4179  llvm_unreachable("builtin functions are handled elsewhere");
4180 
4181  // These are never l-values; just use the aggregate emission code.
4182  case CK_NonAtomicToAtomic:
4183  case CK_AtomicToNonAtomic:
4184  return EmitAggExprToLValue(E);
4185 
4186  case CK_Dynamic: {
4187  LValue LV = EmitLValue(E->getSubExpr());
4188  Address V = LV.getAddress();
4189  const auto *DCE = cast<CXXDynamicCastExpr>(E);
4190  return MakeNaturalAlignAddrLValue(EmitDynamicCast(V, DCE), E->getType());
4191  }
4192 
4193  case CK_ConstructorConversion:
4194  case CK_UserDefinedConversion:
4195  case CK_CPointerToObjCPointerCast:
4196  case CK_BlockPointerToObjCPointerCast:
4197  case CK_NoOp:
4198  case CK_LValueToRValue:
4199  return EmitLValue(E->getSubExpr());
4200 
4201  case CK_UncheckedDerivedToBase:
4202  case CK_DerivedToBase: {
4203  const RecordType *DerivedClassTy =
4204  E->getSubExpr()->getType()->getAs<RecordType>();
4205  auto *DerivedClassDecl = cast<CXXRecordDecl>(DerivedClassTy->getDecl());
4206 
4207  LValue LV = EmitLValue(E->getSubExpr());
4208  Address This = LV.getAddress();
4209 
4210  // Perform the derived-to-base conversion
4211  Address Base = GetAddressOfBaseClass(
4212  This, DerivedClassDecl, E->path_begin(), E->path_end(),
4213  /*NullCheckValue=*/false, E->getExprLoc());
4214 
4215  // TODO: Support accesses to members of base classes in TBAA. For now, we
4216  // conservatively pretend that the complete object is of the base class
4217  // type.
4218  return MakeAddrLValue(Base, E->getType(), LV.getBaseInfo(),
4219  CGM.getTBAAInfoForSubobject(LV, E->getType()));
4220  }
4221  case CK_ToUnion:
4222  return EmitAggExprToLValue(E);
4223  case CK_BaseToDerived: {
4224  const RecordType *DerivedClassTy = E->getType()->getAs<RecordType>();
4225  auto *DerivedClassDecl = cast<CXXRecordDecl>(DerivedClassTy->getDecl());
4226 
4227  LValue LV = EmitLValue(E->getSubExpr());
4228 
4229  // Perform the base-to-derived conversion
4230  Address Derived =
4231  GetAddressOfDerivedClass(LV.getAddress(), DerivedClassDecl,
4232  E->path_begin(), E->path_end(),
4233  /*NullCheckValue=*/false);
4234 
4235  // C++11 [expr.static.cast]p2: Behavior is undefined if a downcast is
4236  // performed and the object is not of the derived type.
4237  if (sanitizePerformTypeCheck())
4238  EmitTypeCheck(TCK_DowncastReference, E->getExprLoc(),
4239  Derived.getPointer(), E->getType());
4240 
4241  if (SanOpts.has(SanitizerKind::CFIDerivedCast))
4242  EmitVTablePtrCheckForCast(E->getType(), Derived.getPointer(),
4243  /*MayBeNull=*/false, CFITCK_DerivedCast,
4244  E->getBeginLoc());
4245 
4246  return MakeAddrLValue(Derived, E->getType(), LV.getBaseInfo(),
4247  CGM.getTBAAInfoForSubobject(LV, E->getType()));
4248  }
4249  case CK_LValueBitCast: {
4250  // This must be a reinterpret_cast (or c-style equivalent).
4251  const auto *CE = cast<ExplicitCastExpr>(E);
4252 
4253  CGM.EmitExplicitCastExprType(CE, this);
4254  LValue LV = EmitLValue(E->getSubExpr());
4255  Address V = Builder.CreateBitCast(LV.getAddress(),
4256  ConvertType(CE->getTypeAsWritten()));
4257 
4258  if (SanOpts.has(SanitizerKind::CFIUnrelatedCast))
4259  EmitVTablePtrCheckForCast(E->getType(), V.getPointer(),
4260  /*MayBeNull=*/false, CFITCK_UnrelatedCast,
4261  E->getBeginLoc());
4262 
4263  return MakeAddrLValue(V, E->getType(), LV.getBaseInfo(),
4264  CGM.getTBAAInfoForSubobject(LV, E->getType()));
4265  }
4266  case CK_AddressSpaceConversion: {
4267  LValue LV = EmitLValue(E->getSubExpr());
4268  QualType DestTy = getContext().getPointerType(E->getType());
4269  llvm::Value *V = getTargetHooks().performAddrSpaceCast(
4270  *this, LV.getPointer(), E->getSubExpr()->getType().getAddressSpace(),
4271  E->getType().getAddressSpace(), ConvertType(DestTy));
4272  return MakeAddrLValue(Address(V, LV.getAddress().getAlignment()),
4273  E->getType(), LV.getBaseInfo(), LV.getTBAAInfo());
4274  }
4275  case CK_ObjCObjectLValueCast: {
4276  LValue LV = EmitLValue(E->getSubExpr());
4277  Address V = Builder.CreateElementBitCast(LV.getAddress(),
4278  ConvertType(E->getType()));
4279  return MakeAddrLValue(V, E->getType(), LV.getBaseInfo(),
4280  CGM.getTBAAInfoForSubobject(LV, E->getType()));
4281  }
4282  case CK_ZeroToOCLOpaqueType:
4283  llvm_unreachable("NULL to OpenCL opaque type lvalue cast is not valid");
4284  }
4285 
4286  llvm_unreachable("Unhandled lvalue cast kind?");
4287 }
4288 
4289 LValue CodeGenFunction::EmitOpaqueValueLValue(const OpaqueValueExpr *e) {
4290  assert(OpaqueValueMappingData::shouldBindAsLValue(e));
4291  return getOrCreateOpaqueLValueMapping(e);
4292 }
4293 
4294 LValue
4295 CodeGenFunction::getOrCreateOpaqueLValueMapping(const OpaqueValueExpr *e) {
4296  assert(OpaqueValueMapping::shouldBindAsLValue(e));
4297 
4298  llvm::DenseMap<const OpaqueValueExpr*,LValue>::iterator
4299  it = OpaqueLValues.find(e);
4300 
4301  if (it != OpaqueLValues.end())
4302  return it->second;
4303 
4304  assert(e->isUnique() && "LValue for a nonunique OVE hasn't been emitted");
4305  return EmitLValue(e->getSourceExpr());
4306 }
4307 
4308 RValue
4309 CodeGenFunction::getOrCreateOpaqueRValueMapping(const OpaqueValueExpr *e) {
4310  assert(!OpaqueValueMapping::shouldBindAsLValue(e));
4311 
4312  llvm::DenseMap<const OpaqueValueExpr*,RValue>::iterator
4313  it = OpaqueRValues.find(e);
4314 
4315  if (it != OpaqueRValues.end())
4316  return it->second;
4317 
4318  assert(e->isUnique() && "RValue for a nonunique OVE hasn't been emitted");
4319  return EmitAnyExpr(e->getSourceExpr());
4320 }
4321 
4322 RValue CodeGenFunction::EmitRValueForField(LValue LV,
4323  const FieldDecl *FD,
4324  SourceLocation Loc) {
4325  QualType FT = FD->getType();
4326  LValue FieldLV = EmitLValueForField(LV, FD);
4327  switch (getEvaluationKind(FT)) {
4328  case TEK_Complex:
4329  return RValue::getComplex(EmitLoadOfComplex(FieldLV, Loc));
4330  case TEK_Aggregate:
4331  return FieldLV.asAggregateRValue();
4332  case TEK_Scalar:
4333  // This routine is used to load fields one-by-one to perform a copy, so
4334  // don't load reference fields.
4335  if (FD->getType()->isReferenceType())
4336  return RValue::get(FieldLV.getPointer());
4337  return EmitLoadOfLValue(FieldLV, Loc);
4338  }
4339  llvm_unreachable("bad evaluation kind");
4340 }
4341 
4342 //===--------------------------------------------------------------------===//
4343 // Expression Emission
4344 //===--------------------------------------------------------------------===//
4345 
4346 RValue CodeGenFunction::EmitCallExpr(const CallExpr *E,
4347  ReturnValueSlot ReturnValue) {
4348  // Builtins never have block type.
4349  if (E->getCallee()->getType()->isBlockPointerType())
4350  return EmitBlockCallExpr(E, ReturnValue);
4351 
4352  if (const auto *CE = dyn_cast<CXXMemberCallExpr>(E))
4353  return EmitCXXMemberCallExpr(CE, ReturnValue);
4354 
4355  if (const auto *CE = dyn_cast<CUDAKernelCallExpr>(E))
4356  return EmitCUDAKernelCallExpr(CE, ReturnValue);
4357 
4358  if (const auto *CE = dyn_cast<CXXOperatorCallExpr>(E))
4359  if (const CXXMethodDecl *MD =
4360  dyn_cast_or_null<CXXMethodDecl>(CE->getCalleeDecl()))
4361  return EmitCXXOperatorMemberCallExpr(CE, MD, ReturnValue);
4362 
4363  CGCallee callee = EmitCallee(E->getCallee());
4364 
4365  if (callee.isBuiltin()) {
4366  return EmitBuiltinExpr(callee.getBuiltinDecl(), callee.getBuiltinID(),
4367  E, ReturnValue);
4368  }
4369 
4370  if (callee.isPseudoDestructor()) {
4371  return EmitCXXPseudoDestructorExpr(callee.getPseudoDestructorExpr());
4372  }
4373 
4374  return EmitCall(E->getCallee()->getType(), callee, E, ReturnValue);
4375 }
4376 
4377 /// Emit a CallExpr without considering whether it might be a subclass.
4378 RValue CodeGenFunction::EmitSimpleCallExpr(const CallExpr *E,
4379  ReturnValueSlot ReturnValue) {
4380  CGCallee Callee = EmitCallee(E->getCallee());
4381  return EmitCall(E->getCallee()->getType(), Callee, E, ReturnValue);
4382 }
4383 
4384 static CGCallee EmitDirectCallee(CodeGenFunction &CGF, const FunctionDecl *FD) {
4385  if (auto builtinID = FD->getBuiltinID()) {
4386  return CGCallee::forBuiltin(builtinID, FD);
4387  }
4388 
4389  llvm::Constant *calleePtr = EmitFunctionDeclPointer(CGF.CGM, FD);
4390  return CGCallee::forDirect(calleePtr, GlobalDecl(FD));
4391 }
4392 
4393 CGCallee CodeGenFunction::EmitCallee(const Expr *E) {
4394  E = E->IgnoreParens();
4395 
4396  // Look through function-to-pointer decay.
4397  if (auto ICE = dyn_cast<ImplicitCastExpr>(E)) {
4398  if (ICE->getCastKind() == CK_FunctionToPointerDecay ||
4399  ICE->getCastKind() == CK_BuiltinFnToFnPtr) {
4400  return EmitCallee(ICE->getSubExpr());
4401  }
4402 
4403  // Resolve direct calls.
4404  } else if (auto DRE = dyn_cast<DeclRefExpr>(E)) {
4405  if (auto FD = dyn_cast<FunctionDecl>(DRE->getDecl())) {
4406  return EmitDirectCallee(*this, FD);
4407  }
4408  } else if (auto ME = dyn_cast<MemberExpr>(E)) {
4409  if (auto FD = dyn_cast<FunctionDecl>(ME->getMemberDecl())) {
4410  EmitIgnoredExpr(ME->getBase());
4411  return EmitDirectCallee(*this, FD);
4412  }
4413 
4414  // Look through template substitutions.
4415  } else if (auto NTTP = dyn_cast<SubstNonTypeTemplateParmExpr>(E)) {
4416  return EmitCallee(NTTP->getReplacement());
4417 
4418  // Treat pseudo-destructor calls differently.
4419  } else if (auto PDE = dyn_cast<CXXPseudoDestructorExpr>(E)) {
4420  return CGCallee::forPseudoDestructor(PDE);
4421  }
4422 
4423  // Otherwise, we have an indirect reference.
4424  llvm::Value *calleePtr;
4425  QualType functionType;
4426  if (auto ptrType = E->getType()->getAs<PointerType>()) {
4427  calleePtr = EmitScalarExpr(E);
4428  functionType = ptrType->getPointeeType();
4429  } else {
4430  functionType = E->getType();
4431  calleePtr = EmitLValue(E).getPointer();
4432  }
4433  assert(functionType->isFunctionType());
4434 
4435  GlobalDecl GD;
4436  if (const auto *VD =
4437  dyn_cast_or_null<VarDecl>(E->getReferencedDeclOfCallee()))
4438  GD = GlobalDecl(VD);
4439 
4440  CGCalleeInfo calleeInfo(functionType->getAs<FunctionProtoType>(), GD);
4441  CGCallee callee(calleeInfo, calleePtr);
4442  return callee;
4443 }
4444 
4445 LValue CodeGenFunction::EmitBinaryOperatorLValue(const BinaryOperator *E) {
4446  // Comma expressions just emit their LHS then their RHS as an l-value.
4447  if (E->getOpcode() == BO_Comma) {
4448  EmitIgnoredExpr(E->getLHS());
4449  EnsureInsertPoint();
4450  return EmitLValue(E->getRHS());
4451  }
4452 
4453  if (E->getOpcode() == BO_PtrMemD ||
4454  E->getOpcode() == BO_PtrMemI)
4455  return EmitPointerToDataMemberBinaryExpr(E);
4456 
4457  assert(E->getOpcode() == BO_Assign && "unexpected binary l-value");
4458 
4459  // Note that in all of these cases, __block variables need the RHS
4460  // evaluated first just in case the variable gets moved by the RHS.
4461 
4462  switch (getEvaluationKind(E->getType())) {
4463  case TEK_Scalar: {
4464  switch (E->getLHS()->getType().getObjCLifetime()) {
4465  case Qualifiers::OCL_Strong:
4466  return EmitARCStoreStrong(E, /*ignored*/ false).first;
4467 
4468  case Qualifiers::OCL_Autoreleasing:
4469  return EmitARCStoreAutoreleasing(E).first;
4470 
4471  // No reason to do any of these differently.
4472  case Qualifiers::OCL_None:
4473  case Qualifiers::OCL_ExplicitNone:
4474  case Qualifiers::OCL_Weak:
4475  break;
4476  }
4477 
4478  RValue RV = EmitAnyExpr(E->getRHS());
4479  LValue LV = EmitCheckedLValue(E->getLHS(), TCK_Store);
4480  if (RV.isScalar())
4481  EmitNullabilityCheck(LV, RV.getScalarVal(), E->getExprLoc());
4482  EmitStoreThroughLValue(RV, LV);
4483  return LV;
4484  }
4485 
4486  case TEK_Complex:
4487  return EmitComplexAssignmentLValue(E);
4488 
4489  case TEK_Aggregate:
4490  return EmitAggExprToLValue(E);
4491  }
4492  llvm_unreachable("bad evaluation kind");
4493 }
4494 
4495 LValue CodeGenFunction::EmitCallExprLValue(const CallExpr *E) {
4496  RValue RV = EmitCallExpr(E);
4497 
4498  if (!RV.isScalar())
4499  return MakeAddrLValue(RV.getAggregateAddress(), E->getType(),
4500  AlignmentSource::Decl);
4501 
4502  assert(E->getCallReturnType(getContext())->isReferenceType() &&
4503  "Can't have a scalar return unless the return type is a "
4504  "reference type!");
4505 
4506  return MakeNaturalAlignPointeeAddrLValue(RV.getScalarVal(), E->getType());
4507 }
4508 
4509 LValue CodeGenFunction::EmitVAArgExprLValue(const VAArgExpr *E) {
4510  // FIXME: This shouldn't require another copy.
4511  return EmitAggExprToLValue(E);
4512 }
4513 
4514 LValue CodeGenFunction::EmitCXXConstructLValue(const CXXConstructExpr *E) {
4515  assert(E->getType()->getAsCXXRecordDecl()->hasTrivialDestructor()
4516  && "binding l-value to type which needs a temporary");
4517  AggValueSlot Slot = CreateAggTemp(E->getType());
4518  EmitCXXConstructExpr(E, Slot);
4519  return MakeAddrLValue(Slot.getAddress(), E->getType(), AlignmentSource::Decl);
4520 }
4521 
4522 LValue
4523 CodeGenFunction::EmitCXXTypeidLValue(const CXXTypeidExpr *E) {
4524  return MakeNaturalAlignAddrLValue(EmitCXXTypeidExpr(E), E->getType());
4525 }
4526 
4527 Address CodeGenFunction::EmitCXXUuidofExpr(const CXXUuidofExpr *E) {
4528  return Builder.CreateElementBitCast(CGM.GetAddrOfUuidDescriptor(E),
4529  ConvertType(E->getType()));
4530 }
4531 
4532 LValue CodeGenFunction::EmitCXXUuidofLValue(const CXXUuidofExpr *E) {
4533  return MakeAddrLValue(EmitCXXUuidofExpr(E), E->getType(),
4534  AlignmentSource::Decl);
4535 }
4536 
4537 LValue
4538 CodeGenFunction::EmitCXXBindTemporaryLValue(const CXXBindTemporaryExpr *E) {
4539  AggValueSlot Slot = CreateAggTemp(E->getType(), "temp.lvalue");
4540  Slot.setExternallyDestructed();
4541  EmitAggExpr(E->getSubExpr(), Slot);
4542  EmitCXXTemporary(E->getTemporary(), E->getType(), Slot.getAddress());
4543  return MakeAddrLValue(Slot.getAddress(), E->getType(), AlignmentSource::Decl);
4544 }
4545 
4546 LValue CodeGenFunction::EmitObjCMessageExprLValue(const ObjCMessageExpr *E) {
4547  RValue RV = EmitObjCMessageExpr(E);
4548 
4549  if (!RV.isScalar())
4550  return MakeAddrLValue(RV.getAggregateAddress(), E->getType(),
4551  AlignmentSource::Decl);
4552 
4553  assert(E->getMethodDecl()->getReturnType()->isReferenceType() &&
4554  "Can't have a scalar return unless the return type is a "
4555  "reference type!");
4556 
4557  return MakeNaturalAlignPointeeAddrLValue(RV.getScalarVal(), E->getType());
4558 }
4559 
4560 LValue CodeGenFunction::EmitObjCSelectorLValue(const ObjCSelectorExpr *E) {
4561  Address V =
4562  CGM.getObjCRuntime().GetAddrOfSelector(*this, E->getSelector());
4563  return MakeAddrLValue(V, E->getType(), AlignmentSource::Decl);
4564 }
4565 
4566 llvm::Value *CodeGenFunction::EmitIvarOffset(const ObjCInterfaceDecl *Interface,
4567  const ObjCIvarDecl *Ivar) {
4568  return CGM.getObjCRuntime().EmitIvarOffset(*this, Interface, Ivar);
4569 }
4570 
4571 LValue CodeGenFunction::EmitLValueForIvar(QualType ObjectTy,
4572  llvm::Value *BaseValue,
4573  const ObjCIvarDecl *Ivar,
4574  unsigned CVRQualifiers) {
4575  return CGM.getObjCRuntime().EmitObjCValueForIvar(*this, ObjectTy, BaseValue,
4576  Ivar, CVRQualifiers);
4577 }
4578 
4579 LValue CodeGenFunction::EmitObjCIvarRefLValue(const ObjCIvarRefExpr *E) {
4580  // FIXME: A lot of the code below could be shared with EmitMemberExpr.
4581  llvm::Value *BaseValue = nullptr;
4582  const Expr *BaseExpr = E->getBase();
4583  Qualifiers BaseQuals;
4584  QualType ObjectTy;
4585  if (E->isArrow()) {
4586  BaseValue = EmitScalarExpr(BaseExpr);
4587  ObjectTy = BaseExpr->getType()->getPointeeType();
4588  BaseQuals = ObjectTy.getQualifiers();
4589  } else {
4590  LValue BaseLV = EmitLValue(BaseExpr);
4591  BaseValue = BaseLV.getPointer();
4592  ObjectTy = BaseExpr->getType();
4593  BaseQuals = ObjectTy.getQualifiers();
4594  }
4595 
4596  LValue LV =
4597  EmitLValueForIvar(ObjectTy, BaseValue, E->getDecl(),
4598  BaseQuals.getCVRQualifiers());
4599  setObjCGCLValueClass(getContext(), E, LV);
4600  return LV;
4601 }
4602 
4603 LValue CodeGenFunction::EmitStmtExprLValue(const StmtExpr *E) {
4604  // Can only get l-value for message expression returning aggregate type
4605  RValue RV = EmitAnyExprToTemp(E);
4606  return MakeAddrLValue(RV.getAggregateAddress(), E->getType(),
4607  AlignmentSource::Decl);
4608 }
4609 
4610 RValue CodeGenFunction::EmitCall(QualType CalleeType, const CGCallee &OrigCallee,
4611  const CallExpr *E, ReturnValueSlot ReturnValue,
4612  llvm::Value *Chain) {
4613  // Get the actual function type. The callee type will always be a pointer to
4614  // function type or a block pointer type.
4615  assert(CalleeType->isFunctionPointerType() &&
4616  "Call must have function pointer type!");
4617 
4618  const Decl *TargetDecl =
4619  OrigCallee.getAbstractInfo().getCalleeDecl().getDecl();
4620 
4621  if (const FunctionDecl *FD = dyn_cast_or_null<FunctionDecl>(TargetDecl))
4622  // We can only guarantee that a function is called from the correct
4623  // context/function based on the appropriate target attributes,
4624  // so only check in the case where we have both always_inline and target
4625  // since otherwise we could be making a conditional call after a check for
4626  // the proper cpu features (and it won't cause code generation issues due to
4627  // function based code generation).
4628  if (TargetDecl->hasAttr<AlwaysInlineAttr>() &&
4629  TargetDecl->hasAttr<TargetAttr>())
4630  checkTargetFeatures(E, FD);
4631 
4632  CalleeType = getContext().getCanonicalType(CalleeType);
4633 
4634  auto PointeeType = cast<PointerType>(CalleeType)->getPointeeType();
4635 
4636  CGCallee Callee = OrigCallee;
4637 
4638  if (getLangOpts().CPlusPlus && SanOpts.has(SanitizerKind::Function) &&
4639  (!TargetDecl || !isa<FunctionDecl>(TargetDecl))) {
4640  if (llvm::Constant *PrefixSig =
4641  CGM.getTargetCodeGenInfo().getUBSanFunctionSignature(CGM)) {
4642  SanitizerScope SanScope(this);
4643  // Remove any (C++17) exception specifications, to allow calling e.g. a
4644  // noexcept function through a non-noexcept pointer.
4645  auto ProtoTy =
4646  getContext().getFunctionTypeWithExceptionSpec(PointeeType, EST_None);
4647  llvm::Constant *FTRTTIConst =
4648  CGM.GetAddrOfRTTIDescriptor(ProtoTy, /*ForEH=*/true);
4649  llvm::Type *PrefixStructTyElems[] = {PrefixSig->getType(), Int32Ty};
4650  llvm::StructType *PrefixStructTy = llvm::StructType::get(
4651  CGM.getLLVMContext(), PrefixStructTyElems, /*isPacked=*/true);
4652 
4653  llvm::Value *CalleePtr = Callee.getFunctionPointer();
4654 
4655  llvm::Value *CalleePrefixStruct = Builder.CreateBitCast(
4656  CalleePtr, llvm::PointerType::getUnqual(PrefixStructTy));
4657  llvm::Value *CalleeSigPtr =
4658  Builder.CreateConstGEP2_32(PrefixStructTy, CalleePrefixStruct, 0, 0);
4659  llvm::Value *CalleeSig =
4660  Builder.CreateAlignedLoad(CalleeSigPtr, getIntAlign());
4661  llvm::Value *CalleeSigMatch = Builder.CreateICmpEQ(CalleeSig, PrefixSig);
4662 
4663  llvm::BasicBlock *Cont = createBasicBlock("cont");
4664  llvm::BasicBlock *TypeCheck = createBasicBlock("typecheck");
4665  Builder.CreateCondBr(CalleeSigMatch, TypeCheck, Cont);
4666 
4667  EmitBlock(TypeCheck);
4668  llvm::Value *CalleeRTTIPtr =
4669  Builder.CreateConstGEP2_32(PrefixStructTy, CalleePrefixStruct, 0, 1);
4670  llvm::Value *CalleeRTTIEncoded =
4671  Builder.CreateAlignedLoad(CalleeRTTIPtr, getPointerAlign());
4672  llvm::Value *CalleeRTTI =
4673  DecodeAddrUsedInPrologue(CalleePtr, CalleeRTTIEncoded);
4674  llvm::Value *CalleeRTTIMatch =
4675  Builder.CreateICmpEQ(CalleeRTTI, FTRTTIConst);
4676  llvm::Constant *StaticData[] = {EmitCheckSourceLocation(E->getBeginLoc()),
4677  EmitCheckTypeDescriptor(CalleeType)};
4678  EmitCheck(std::make_pair(CalleeRTTIMatch, SanitizerKind::Function),
4679  SanitizerHandler::FunctionTypeMismatch, StaticData,
4680  {CalleePtr, CalleeRTTI, FTRTTIConst});
4681 
4682  Builder.CreateBr(Cont);
4683  EmitBlock(Cont);
4684  }
4685  }
4686 
4687  const auto *FnType = cast<FunctionType>(PointeeType);
4688 
4689  // If we are checking indirect calls and this call is indirect, check that the
4690  // function pointer is a member of the bit set for the function type.
4691  if (SanOpts.has(SanitizerKind::CFIICall) &&
4692  (!TargetDecl || !isa<FunctionDecl>(TargetDecl))) {
4693  SanitizerScope SanScope(this);
4694  EmitSanitizerStatReport(llvm::SanStat_CFI_ICall);
4695 
4696  llvm::Metadata *MD;
4697  if (CGM.getCodeGenOpts().SanitizeCfiICallGeneralizePointers)
4698  MD = CGM.CreateMetadataIdentifierGeneralized(QualType(FnType, 0));
4699  else
4700  MD = CGM.CreateMetadataIdentifierForType(QualType(FnType, 0));
4701 
4702  llvm::Value *TypeId = llvm::MetadataAsValue::get(getLLVMContext(), MD);
4703 
4704  llvm::Value *CalleePtr = Callee.getFunctionPointer();
4705  llvm::Value *CastedCallee = Builder.CreateBitCast(CalleePtr, Int8PtrTy);
4706  llvm::Value *TypeTest = Builder.CreateCall(
4707  CGM.getIntrinsic(llvm::Intrinsic::type_test), {CastedCallee, TypeId});
4708 
4709  auto CrossDsoTypeId = CGM.CreateCrossDsoCfiTypeId(MD);
4710  llvm::Constant *StaticData[] = {
4711  llvm::ConstantInt::get(Int8Ty, CFITCK_ICall),
4712  EmitCheckSourceLocation(E->getBeginLoc()),
4713  EmitCheckTypeDescriptor(QualType(FnType, 0)),
4714  };
4715  if (CGM.getCodeGenOpts().SanitizeCfiCrossDso && CrossDsoTypeId) {
4716  EmitCfiSlowPathCheck(SanitizerKind::CFIICall, TypeTest, CrossDsoTypeId,
4717  CastedCallee, StaticData);
4718  } else {
4719  EmitCheck(std::make_pair(TypeTest, SanitizerKind::CFIICall),
4720  SanitizerHandler::CFICheckFail, StaticData,
4721  {CastedCallee, llvm::UndefValue::get(IntPtrTy)});
4722  }
4723  }
4724 
4725  CallArgList Args;
4726  if (Chain)
4727  Args.add(RValue::get(Builder.CreateBitCast(Chain, CGM.VoidPtrTy)),
4728  CGM.getContext().VoidPtrTy);
4729 
4730  // C++17 requires that we evaluate arguments to a call using assignment syntax
4731  // right-to-left, and that we evaluate arguments to certain other operators
4732  // left-to-right. Note that we allow this to override the order dictated by
4733  // the calling convention on the MS ABI, which means that parameter
4734  // destruction order is not necessarily reverse construction order.
4735  // FIXME: Revisit this based on C++ committee response to unimplementability.
4736  EvaluationOrder Order = EvaluationOrder::Default;
4737  if (auto *OCE = dyn_cast<CXXOperatorCallExpr>(E)) {
4738  if (OCE->isAssignmentOp())
4739  Order = EvaluationOrder::ForceRightToLeft;
4740  else {
4741  switch (OCE->getOperator()) {
4742  case OO_LessLess:
4743  case OO_GreaterGreater:
4744  case OO_AmpAmp:
4745  case OO_PipePipe:
4746  case OO_Comma:
4747  case OO_ArrowStar:
4748  Order = EvaluationOrder::ForceLeftToRight;
4749  break;
4750  default:
4751  break;
4752  }
4753  }
4754  }
4755 
4756  EmitCallArgs(Args, dyn_cast<FunctionProtoType>(FnType), E->arguments(),
4757  E->getDirectCallee(), /*ParamsToSkip*/ 0, Order);
4758 
4759  const CGFunctionInfo &FnInfo = CGM.getTypes().arrangeFreeFunctionCall(
4760  Args, FnType, /*isChainCall=*/Chain);
4761 
4762  // C99 6.5.2.2p6:
4763  // If the expression that denotes the called function has a type
4764  // that does not include a prototype, [the default argument
4765  // promotions are performed]. If the number of arguments does not
4766  // equal the number of parameters, the behavior is undefined. If
4767  // the function is defined with a type that includes a prototype,
4768  // and either the prototype ends with an ellipsis (, ...) or the
4769  // types of the arguments after promotion are not compatible with
4770  // the types of the parameters, the behavior is undefined. If the
4771  // function is defined with a type that does not include a
4772  // prototype, and the types of the arguments after promotion are
4773  // not compatible with those of the parameters after promotion,
4774  // the behavior is undefined [except in some trivial cases].
4775  // That is, in the general case, we should assume that a call
4776  // through an unprototyped function type works like a *non-variadic*
4777  // call. The way we make this work is to cast to the exact type
4778  // of the promoted arguments.
4779  //
4780  // Chain calls use this same code path to add the invisible chain parameter
4781  // to the function type.
4782  if (isa<FunctionNoProtoType>(FnType) || Chain) {
4783  llvm::Type *CalleeTy = getTypes().GetFunctionType(FnInfo);
4784  CalleeTy = CalleeTy->getPointerTo();
4785 
4786  llvm::Value *CalleePtr = Callee.getFunctionPointer();
4787  CalleePtr = Builder.CreateBitCast(CalleePtr, CalleeTy, "callee.knr.cast");
4788  Callee.