lib/Analysis/CFG.cpp

*67e74705SXin Li//===--- CFG.cpp - Classes for representing and building CFGs----*- C++ -*-===//
*67e74705SXin Li//
*67e74705SXin Li//                     The LLVM Compiler Infrastructure
*67e74705SXin Li//
*67e74705SXin Li// This file is distributed under the University of Illinois Open Source
*67e74705SXin Li// License. See LICENSE.TXT for details.
*67e74705SXin Li//
*67e74705SXin Li//===----------------------------------------------------------------------===//
*67e74705SXin Li//
*67e74705SXin Li//  This file defines the CFG and CFGBuilder classes for representing and
*67e74705SXin Li//  building Control-Flow Graphs (CFGs) from ASTs.
*67e74705SXin Li//
*67e74705SXin Li//===----------------------------------------------------------------------===//
*67e74705SXin Li
*67e74705SXin Li#include "clang/Analysis/CFG.h"
*67e74705SXin Li#include "clang/AST/ASTContext.h"
*67e74705SXin Li#include "clang/AST/Attr.h"
*67e74705SXin Li#include "clang/AST/CharUnits.h"
*67e74705SXin Li#include "clang/AST/DeclCXX.h"
*67e74705SXin Li#include "clang/AST/PrettyPrinter.h"
*67e74705SXin Li#include "clang/AST/StmtVisitor.h"
*67e74705SXin Li#include "clang/Basic/Builtins.h"
*67e74705SXin Li#include "llvm/ADT/DenseMap.h"
*67e74705SXin Li#include <memory>
*67e74705SXin Li#include "llvm/ADT/SmallPtrSet.h"
*67e74705SXin Li#include "llvm/Support/Allocator.h"
*67e74705SXin Li#include "llvm/Support/Format.h"
*67e74705SXin Li#include "llvm/Support/GraphWriter.h"
*67e74705SXin Li#include "llvm/Support/SaveAndRestore.h"
*67e74705SXin Li
*67e74705SXin Liusing namespace clang;
*67e74705SXin Li
*67e74705SXin Linamespace {
*67e74705SXin Li
*67e74705SXin Listatic SourceLocation GetEndLoc(Decl *D) {
*67e74705SXin Li  if (VarDecl *VD = dyn_cast<VarDecl>(D))
*67e74705SXin Li    if (Expr *Ex = VD->getInit())
*67e74705SXin Li      return Ex->getSourceRange().getEnd();
*67e74705SXin Li  return D->getLocation();
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// Helper for tryNormalizeBinaryOperator. Attempts to extract an IntegerLiteral
*67e74705SXin Li/// or EnumConstantDecl from the given Expr. If it fails, returns nullptr.
*67e74705SXin Liconst Expr *tryTransformToIntOrEnumConstant(const Expr *E) {
*67e74705SXin Li  E = E->IgnoreParens();
*67e74705SXin Li  if (isa<IntegerLiteral>(E))
*67e74705SXin Li    return E;
*67e74705SXin Li  if (auto *DR = dyn_cast<DeclRefExpr>(E->IgnoreParenImpCasts()))
*67e74705SXin Li    return isa<EnumConstantDecl>(DR->getDecl()) ? DR : nullptr;
*67e74705SXin Li  return nullptr;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// Tries to interpret a binary operator into `Decl Op Expr` form, if Expr is
*67e74705SXin Li/// an integer literal or an enum constant.
*67e74705SXin Li///
*67e74705SXin Li/// If this fails, at least one of the returned DeclRefExpr or Expr will be
*67e74705SXin Li/// null.
*67e74705SXin Listatic std::tuple<const DeclRefExpr *, BinaryOperatorKind, const Expr *>
*67e74705SXin LitryNormalizeBinaryOperator(const BinaryOperator *B) {
*67e74705SXin Li  BinaryOperatorKind Op = B->getOpcode();
*67e74705SXin Li
*67e74705SXin Li  const Expr *MaybeDecl = B->getLHS();
*67e74705SXin Li  const Expr *Constant = tryTransformToIntOrEnumConstant(B->getRHS());
*67e74705SXin Li  // Expr looked like `0 == Foo` instead of `Foo == 0`
*67e74705SXin Li  if (Constant == nullptr) {
*67e74705SXin Li    // Flip the operator
*67e74705SXin Li    if (Op == BO_GT)
*67e74705SXin Li      Op = BO_LT;
*67e74705SXin Li    else if (Op == BO_GE)
*67e74705SXin Li      Op = BO_LE;
*67e74705SXin Li    else if (Op == BO_LT)
*67e74705SXin Li      Op = BO_GT;
*67e74705SXin Li    else if (Op == BO_LE)
*67e74705SXin Li      Op = BO_GE;
*67e74705SXin Li
*67e74705SXin Li    MaybeDecl = B->getRHS();
*67e74705SXin Li    Constant = tryTransformToIntOrEnumConstant(B->getLHS());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  auto *D = dyn_cast<DeclRefExpr>(MaybeDecl->IgnoreParenImpCasts());
*67e74705SXin Li  return std::make_tuple(D, Op, Constant);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// For an expression `x == Foo && x == Bar`, this determines whether the
*67e74705SXin Li/// `Foo` and `Bar` are either of the same enumeration type, or both integer
*67e74705SXin Li/// literals.
*67e74705SXin Li///
*67e74705SXin Li/// It's an error to pass this arguments that are not either IntegerLiterals
*67e74705SXin Li/// or DeclRefExprs (that have decls of type EnumConstantDecl)
*67e74705SXin Listatic bool areExprTypesCompatible(const Expr *E1, const Expr *E2) {
*67e74705SXin Li  // User intent isn't clear if they're mixing int literals with enum
*67e74705SXin Li  // constants.
*67e74705SXin Li  if (isa<IntegerLiteral>(E1) != isa<IntegerLiteral>(E2))
*67e74705SXin Li    return false;
*67e74705SXin Li
*67e74705SXin Li  // Integer literal comparisons, regardless of literal type, are acceptable.
*67e74705SXin Li  if (isa<IntegerLiteral>(E1))
*67e74705SXin Li    return true;
*67e74705SXin Li
*67e74705SXin Li  // IntegerLiterals are handled above and only EnumConstantDecls are expected
*67e74705SXin Li  // beyond this point
*67e74705SXin Li  assert(isa<DeclRefExpr>(E1) && isa<DeclRefExpr>(E2));
*67e74705SXin Li  auto *Decl1 = cast<DeclRefExpr>(E1)->getDecl();
*67e74705SXin Li  auto *Decl2 = cast<DeclRefExpr>(E2)->getDecl();
*67e74705SXin Li
*67e74705SXin Li  assert(isa<EnumConstantDecl>(Decl1) && isa<EnumConstantDecl>(Decl2));
*67e74705SXin Li  const DeclContext *DC1 = Decl1->getDeclContext();
*67e74705SXin Li  const DeclContext *DC2 = Decl2->getDeclContext();
*67e74705SXin Li
*67e74705SXin Li  assert(isa<EnumDecl>(DC1) && isa<EnumDecl>(DC2));
*67e74705SXin Li  return DC1 == DC2;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Liclass CFGBuilder;
*67e74705SXin Li
*67e74705SXin Li/// The CFG builder uses a recursive algorithm to build the CFG.  When
*67e74705SXin Li///  we process an expression, sometimes we know that we must add the
*67e74705SXin Li///  subexpressions as block-level expressions.  For example:
*67e74705SXin Li///
*67e74705SXin Li///    exp1 || exp2
*67e74705SXin Li///
*67e74705SXin Li///  When processing the '||' expression, we know that exp1 and exp2
*67e74705SXin Li///  need to be added as block-level expressions, even though they
*67e74705SXin Li///  might not normally need to be.  AddStmtChoice records this
*67e74705SXin Li///  contextual information.  If AddStmtChoice is 'NotAlwaysAdd', then
*67e74705SXin Li///  the builder has an option not to add a subexpression as a
*67e74705SXin Li///  block-level expression.
*67e74705SXin Li///
*67e74705SXin Liclass AddStmtChoice {
*67e74705SXin Lipublic:
*67e74705SXin Li  enum Kind { NotAlwaysAdd = 0, AlwaysAdd = 1 };
*67e74705SXin Li
*67e74705SXin Li  AddStmtChoice(Kind a_kind = NotAlwaysAdd) : kind(a_kind) {}
*67e74705SXin Li
*67e74705SXin Li  bool alwaysAdd(CFGBuilder &builder,
*67e74705SXin Li                 const Stmt *stmt) const;
*67e74705SXin Li
*67e74705SXin Li  /// Return a copy of this object, except with the 'always-add' bit
*67e74705SXin Li  ///  set as specified.
*67e74705SXin Li  AddStmtChoice withAlwaysAdd(bool alwaysAdd) const {
*67e74705SXin Li    return AddStmtChoice(alwaysAdd ? AlwaysAdd : NotAlwaysAdd);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Liprivate:
*67e74705SXin Li  Kind kind;
*67e74705SXin Li};
*67e74705SXin Li
*67e74705SXin Li/// LocalScope - Node in tree of local scopes created for C++ implicit
*67e74705SXin Li/// destructor calls generation. It contains list of automatic variables
*67e74705SXin Li/// declared in the scope and link to position in previous scope this scope
*67e74705SXin Li/// began in.
*67e74705SXin Li///
*67e74705SXin Li/// The process of creating local scopes is as follows:
*67e74705SXin Li/// - Init CFGBuilder::ScopePos with invalid position (equivalent for null),
*67e74705SXin Li/// - Before processing statements in scope (e.g. CompoundStmt) create
*67e74705SXin Li///   LocalScope object using CFGBuilder::ScopePos as link to previous scope
*67e74705SXin Li///   and set CFGBuilder::ScopePos to the end of new scope,
*67e74705SXin Li/// - On every occurrence of VarDecl increase CFGBuilder::ScopePos if it points
*67e74705SXin Li///   at this VarDecl,
*67e74705SXin Li/// - For every normal (without jump) end of scope add to CFGBlock destructors
*67e74705SXin Li///   for objects in the current scope,
*67e74705SXin Li/// - For every jump add to CFGBlock destructors for objects
*67e74705SXin Li///   between CFGBuilder::ScopePos and local scope position saved for jump
*67e74705SXin Li///   target. Thanks to C++ restrictions on goto jumps we can be sure that
*67e74705SXin Li///   jump target position will be on the path to root from CFGBuilder::ScopePos
*67e74705SXin Li///   (adding any variable that doesn't need constructor to be called to
*67e74705SXin Li///   LocalScope can break this assumption),
*67e74705SXin Li///
*67e74705SXin Liclass LocalScope {
*67e74705SXin Lipublic:
*67e74705SXin Li  typedef BumpVector<VarDecl*> AutomaticVarsTy;
*67e74705SXin Li
*67e74705SXin Li  /// const_iterator - Iterates local scope backwards and jumps to previous
*67e74705SXin Li  /// scope on reaching the beginning of currently iterated scope.
*67e74705SXin Li  class const_iterator {
*67e74705SXin Li    const LocalScope* Scope;
*67e74705SXin Li
*67e74705SXin Li    /// VarIter is guaranteed to be greater then 0 for every valid iterator.
*67e74705SXin Li    /// Invalid iterator (with null Scope) has VarIter equal to 0.
*67e74705SXin Li    unsigned VarIter;
*67e74705SXin Li
*67e74705SXin Li  public:
*67e74705SXin Li    /// Create invalid iterator. Dereferencing invalid iterator is not allowed.
*67e74705SXin Li    /// Incrementing invalid iterator is allowed and will result in invalid
*67e74705SXin Li    /// iterator.
*67e74705SXin Li    const_iterator()
*67e74705SXin Li        : Scope(nullptr), VarIter(0) {}
*67e74705SXin Li
*67e74705SXin Li    /// Create valid iterator. In case when S.Prev is an invalid iterator and
*67e74705SXin Li    /// I is equal to 0, this will create invalid iterator.
*67e74705SXin Li    const_iterator(const LocalScope& S, unsigned I)
*67e74705SXin Li        : Scope(&S), VarIter(I) {
*67e74705SXin Li      // Iterator to "end" of scope is not allowed. Handle it by going up
*67e74705SXin Li      // in scopes tree possibly up to invalid iterator in the root.
*67e74705SXin Li      if (VarIter == 0 && Scope)
*67e74705SXin Li        *this = Scope->Prev;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    VarDecl *const* operator->() const {
*67e74705SXin Li      assert (Scope && "Dereferencing invalid iterator is not allowed");
*67e74705SXin Li      assert (VarIter != 0 && "Iterator has invalid value of VarIter member");
*67e74705SXin Li      return &Scope->Vars[VarIter - 1];
*67e74705SXin Li    }
*67e74705SXin Li    VarDecl *operator*() const {
*67e74705SXin Li      return *this->operator->();
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    const_iterator &operator++() {
*67e74705SXin Li      if (!Scope)
*67e74705SXin Li        return *this;
*67e74705SXin Li
*67e74705SXin Li      assert (VarIter != 0 && "Iterator has invalid value of VarIter member");
*67e74705SXin Li      --VarIter;
*67e74705SXin Li      if (VarIter == 0)
*67e74705SXin Li        *this = Scope->Prev;
*67e74705SXin Li      return *this;
*67e74705SXin Li    }
*67e74705SXin Li    const_iterator operator++(int) {
*67e74705SXin Li      const_iterator P = *this;
*67e74705SXin Li      ++*this;
*67e74705SXin Li      return P;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    bool operator==(const const_iterator &rhs) const {
*67e74705SXin Li      return Scope == rhs.Scope && VarIter == rhs.VarIter;
*67e74705SXin Li    }
*67e74705SXin Li    bool operator!=(const const_iterator &rhs) const {
*67e74705SXin Li      return !(*this == rhs);
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    explicit operator bool() const {
*67e74705SXin Li      return *this != const_iterator();
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    int distance(const_iterator L);
*67e74705SXin Li  };
*67e74705SXin Li
*67e74705SXin Li  friend class const_iterator;
*67e74705SXin Li
*67e74705SXin Liprivate:
*67e74705SXin Li  BumpVectorContext ctx;
*67e74705SXin Li
*67e74705SXin Li  /// Automatic variables in order of declaration.
*67e74705SXin Li  AutomaticVarsTy Vars;
*67e74705SXin Li  /// Iterator to variable in previous scope that was declared just before
*67e74705SXin Li  /// begin of this scope.
*67e74705SXin Li  const_iterator Prev;
*67e74705SXin Li
*67e74705SXin Lipublic:
*67e74705SXin Li  /// Constructs empty scope linked to previous scope in specified place.
*67e74705SXin Li  LocalScope(BumpVectorContext ctx, const_iterator P)
*67e74705SXin Li      : ctx(std::move(ctx)), Vars(this->ctx, 4), Prev(P) {}
*67e74705SXin Li
*67e74705SXin Li  /// Begin of scope in direction of CFG building (backwards).
*67e74705SXin Li  const_iterator begin() const { return const_iterator(*this, Vars.size()); }
*67e74705SXin Li
*67e74705SXin Li  void addVar(VarDecl *VD) {
*67e74705SXin Li    Vars.push_back(VD, ctx);
*67e74705SXin Li  }
*67e74705SXin Li};
*67e74705SXin Li
*67e74705SXin Li/// distance - Calculates distance from this to L. L must be reachable from this
*67e74705SXin Li/// (with use of ++ operator). Cost of calculating the distance is linear w.r.t.
*67e74705SXin Li/// number of scopes between this and L.
*67e74705SXin Liint LocalScope::const_iterator::distance(LocalScope::const_iterator L) {
*67e74705SXin Li  int D = 0;
*67e74705SXin Li  const_iterator F = *this;
*67e74705SXin Li  while (F.Scope != L.Scope) {
*67e74705SXin Li    assert (F != const_iterator()
*67e74705SXin Li        && "L iterator is not reachable from F iterator.");
*67e74705SXin Li    D += F.VarIter;
*67e74705SXin Li    F = F.Scope->Prev;
*67e74705SXin Li  }
*67e74705SXin Li  D += F.VarIter - L.VarIter;
*67e74705SXin Li  return D;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// Structure for specifying position in CFG during its build process. It
*67e74705SXin Li/// consists of CFGBlock that specifies position in CFG and
*67e74705SXin Li/// LocalScope::const_iterator that specifies position in LocalScope graph.
*67e74705SXin Listruct BlockScopePosPair {
*67e74705SXin Li  BlockScopePosPair() : block(nullptr) {}
*67e74705SXin Li  BlockScopePosPair(CFGBlock *b, LocalScope::const_iterator scopePos)
*67e74705SXin Li      : block(b), scopePosition(scopePos) {}
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *block;
*67e74705SXin Li  LocalScope::const_iterator scopePosition;
*67e74705SXin Li};
*67e74705SXin Li
*67e74705SXin Li/// TryResult - a class representing a variant over the values
*67e74705SXin Li///  'true', 'false', or 'unknown'.  This is returned by tryEvaluateBool,
*67e74705SXin Li///  and is used by the CFGBuilder to decide if a branch condition
*67e74705SXin Li///  can be decided up front during CFG construction.
*67e74705SXin Liclass TryResult {
*67e74705SXin Li  int X;
*67e74705SXin Lipublic:
*67e74705SXin Li  TryResult(bool b) : X(b ? 1 : 0) {}
*67e74705SXin Li  TryResult() : X(-1) {}
*67e74705SXin Li
*67e74705SXin Li  bool isTrue() const { return X == 1; }
*67e74705SXin Li  bool isFalse() const { return X == 0; }
*67e74705SXin Li  bool isKnown() const { return X >= 0; }
*67e74705SXin Li  void negate() {
*67e74705SXin Li    assert(isKnown());
*67e74705SXin Li    X ^= 0x1;
*67e74705SXin Li  }
*67e74705SXin Li};
*67e74705SXin Li
*67e74705SXin LiTryResult bothKnownTrue(TryResult R1, TryResult R2) {
*67e74705SXin Li  if (!R1.isKnown() || !R2.isKnown())
*67e74705SXin Li    return TryResult();
*67e74705SXin Li  return TryResult(R1.isTrue() && R2.isTrue());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Liclass reverse_children {
*67e74705SXin Li  llvm::SmallVector<Stmt *, 12> childrenBuf;
*67e74705SXin Li  ArrayRef<Stmt*> children;
*67e74705SXin Lipublic:
*67e74705SXin Li  reverse_children(Stmt *S);
*67e74705SXin Li
*67e74705SXin Li  typedef ArrayRef<Stmt*>::reverse_iterator iterator;
*67e74705SXin Li  iterator begin() const { return children.rbegin(); }
*67e74705SXin Li  iterator end() const { return children.rend(); }
*67e74705SXin Li};
*67e74705SXin Li
*67e74705SXin Li
*67e74705SXin Lireverse_children::reverse_children(Stmt *S) {
*67e74705SXin Li  if (CallExpr *CE = dyn_cast<CallExpr>(S)) {
*67e74705SXin Li    children = CE->getRawSubExprs();
*67e74705SXin Li    return;
*67e74705SXin Li  }
*67e74705SXin Li  switch (S->getStmtClass()) {
*67e74705SXin Li    // Note: Fill in this switch with more cases we want to optimize.
*67e74705SXin Li    case Stmt::InitListExprClass: {
*67e74705SXin Li      InitListExpr *IE = cast<InitListExpr>(S);
*67e74705SXin Li      children = llvm::makeArrayRef(reinterpret_cast<Stmt**>(IE->getInits()),
*67e74705SXin Li                                    IE->getNumInits());
*67e74705SXin Li      return;
*67e74705SXin Li    }
*67e74705SXin Li    default:
*67e74705SXin Li      break;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Default case for all other statements.
*67e74705SXin Li  for (Stmt *SubStmt : S->children())
*67e74705SXin Li    childrenBuf.push_back(SubStmt);
*67e74705SXin Li
*67e74705SXin Li  // This needs to be done *after* childrenBuf has been populated.
*67e74705SXin Li  children = childrenBuf;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// CFGBuilder - This class implements CFG construction from an AST.
*67e74705SXin Li///   The builder is stateful: an instance of the builder should be used to only
*67e74705SXin Li///   construct a single CFG.
*67e74705SXin Li///
*67e74705SXin Li///   Example usage:
*67e74705SXin Li///
*67e74705SXin Li///     CFGBuilder builder;
*67e74705SXin Li///     std::unique_ptr<CFG> cfg = builder.buildCFG(decl, stmt1);
*67e74705SXin Li///
*67e74705SXin Li///  CFG construction is done via a recursive walk of an AST.  We actually parse
*67e74705SXin Li///  the AST in reverse order so that the successor of a basic block is
*67e74705SXin Li///  constructed prior to its predecessor.  This allows us to nicely capture
*67e74705SXin Li///  implicit fall-throughs without extra basic blocks.
*67e74705SXin Li///
*67e74705SXin Liclass CFGBuilder {
*67e74705SXin Li  typedef BlockScopePosPair JumpTarget;
*67e74705SXin Li  typedef BlockScopePosPair JumpSource;
*67e74705SXin Li
*67e74705SXin Li  ASTContext *Context;
*67e74705SXin Li  std::unique_ptr<CFG> cfg;
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *Block;
*67e74705SXin Li  CFGBlock *Succ;
*67e74705SXin Li  JumpTarget ContinueJumpTarget;
*67e74705SXin Li  JumpTarget BreakJumpTarget;
*67e74705SXin Li  CFGBlock *SwitchTerminatedBlock;
*67e74705SXin Li  CFGBlock *DefaultCaseBlock;
*67e74705SXin Li  CFGBlock *TryTerminatedBlock;
*67e74705SXin Li
*67e74705SXin Li  // Current position in local scope.
*67e74705SXin Li  LocalScope::const_iterator ScopePos;
*67e74705SXin Li
*67e74705SXin Li  // LabelMap records the mapping from Label expressions to their jump targets.
*67e74705SXin Li  typedef llvm::DenseMap<LabelDecl*, JumpTarget> LabelMapTy;
*67e74705SXin Li  LabelMapTy LabelMap;
*67e74705SXin Li
*67e74705SXin Li  // A list of blocks that end with a "goto" that must be backpatched to their
*67e74705SXin Li  // resolved targets upon completion of CFG construction.
*67e74705SXin Li  typedef std::vector<JumpSource> BackpatchBlocksTy;
*67e74705SXin Li  BackpatchBlocksTy BackpatchBlocks;
*67e74705SXin Li
*67e74705SXin Li  // A list of labels whose address has been taken (for indirect gotos).
*67e74705SXin Li  typedef llvm::SmallPtrSet<LabelDecl*, 5> LabelSetTy;
*67e74705SXin Li  LabelSetTy AddressTakenLabels;
*67e74705SXin Li
*67e74705SXin Li  bool badCFG;
*67e74705SXin Li  const CFG::BuildOptions &BuildOpts;
*67e74705SXin Li
*67e74705SXin Li  // State to track for building switch statements.
*67e74705SXin Li  bool switchExclusivelyCovered;
*67e74705SXin Li  Expr::EvalResult *switchCond;
*67e74705SXin Li
*67e74705SXin Li  CFG::BuildOptions::ForcedBlkExprs::value_type *cachedEntry;
*67e74705SXin Li  const Stmt *lastLookup;
*67e74705SXin Li
*67e74705SXin Li  // Caches boolean evaluations of expressions to avoid multiple re-evaluations
*67e74705SXin Li  // during construction of branches for chained logical operators.
*67e74705SXin Li  typedef llvm::DenseMap<Expr *, TryResult> CachedBoolEvalsTy;
*67e74705SXin Li  CachedBoolEvalsTy CachedBoolEvals;
*67e74705SXin Li
*67e74705SXin Lipublic:
*67e74705SXin Li  explicit CFGBuilder(ASTContext *astContext,
*67e74705SXin Li                      const CFG::BuildOptions &buildOpts)
*67e74705SXin Li    : Context(astContext), cfg(new CFG()), // crew a new CFG
*67e74705SXin Li      Block(nullptr), Succ(nullptr),
*67e74705SXin Li      SwitchTerminatedBlock(nullptr), DefaultCaseBlock(nullptr),
*67e74705SXin Li      TryTerminatedBlock(nullptr), badCFG(false), BuildOpts(buildOpts),
*67e74705SXin Li      switchExclusivelyCovered(false), switchCond(nullptr),
*67e74705SXin Li      cachedEntry(nullptr), lastLookup(nullptr) {}
*67e74705SXin Li
*67e74705SXin Li  // buildCFG - Used by external clients to construct the CFG.
*67e74705SXin Li  std::unique_ptr<CFG> buildCFG(const Decl *D, Stmt *Statement);
*67e74705SXin Li
*67e74705SXin Li  bool alwaysAdd(const Stmt *stmt);
*67e74705SXin Li
*67e74705SXin Liprivate:
*67e74705SXin Li  // Visitors to walk an AST and construct the CFG.
*67e74705SXin Li  CFGBlock *VisitAddrLabelExpr(AddrLabelExpr *A, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitBinaryOperator(BinaryOperator *B, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitBreakStmt(BreakStmt *B);
*67e74705SXin Li  CFGBlock *VisitCallExpr(CallExpr *C, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitCaseStmt(CaseStmt *C);
*67e74705SXin Li  CFGBlock *VisitChooseExpr(ChooseExpr *C, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitCompoundStmt(CompoundStmt *C);
*67e74705SXin Li  CFGBlock *VisitConditionalOperator(AbstractConditionalOperator *C,
*67e74705SXin Li                                     AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitContinueStmt(ContinueStmt *C);
*67e74705SXin Li  CFGBlock *VisitCXXBindTemporaryExpr(CXXBindTemporaryExpr *E,
*67e74705SXin Li                                      AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitCXXCatchStmt(CXXCatchStmt *S);
*67e74705SXin Li  CFGBlock *VisitCXXConstructExpr(CXXConstructExpr *C, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitCXXNewExpr(CXXNewExpr *DE, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitCXXDeleteExpr(CXXDeleteExpr *DE, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitCXXForRangeStmt(CXXForRangeStmt *S);
*67e74705SXin Li  CFGBlock *VisitCXXFunctionalCastExpr(CXXFunctionalCastExpr *E,
*67e74705SXin Li                                       AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitCXXTemporaryObjectExpr(CXXTemporaryObjectExpr *C,
*67e74705SXin Li                                        AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitCXXThrowExpr(CXXThrowExpr *T);
*67e74705SXin Li  CFGBlock *VisitCXXTryStmt(CXXTryStmt *S);
*67e74705SXin Li  CFGBlock *VisitDeclStmt(DeclStmt *DS);
*67e74705SXin Li  CFGBlock *VisitDeclSubExpr(DeclStmt *DS);
*67e74705SXin Li  CFGBlock *VisitDefaultStmt(DefaultStmt *D);
*67e74705SXin Li  CFGBlock *VisitDoStmt(DoStmt *D);
*67e74705SXin Li  CFGBlock *VisitExprWithCleanups(ExprWithCleanups *E, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitForStmt(ForStmt *F);
*67e74705SXin Li  CFGBlock *VisitGotoStmt(GotoStmt *G);
*67e74705SXin Li  CFGBlock *VisitIfStmt(IfStmt *I);
*67e74705SXin Li  CFGBlock *VisitImplicitCastExpr(ImplicitCastExpr *E, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitIndirectGotoStmt(IndirectGotoStmt *I);
*67e74705SXin Li  CFGBlock *VisitLabelStmt(LabelStmt *L);
*67e74705SXin Li  CFGBlock *VisitBlockExpr(BlockExpr *E, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitLambdaExpr(LambdaExpr *E, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitLogicalOperator(BinaryOperator *B);
*67e74705SXin Li  std::pair<CFGBlock *, CFGBlock *> VisitLogicalOperator(BinaryOperator *B,
*67e74705SXin Li                                                         Stmt *Term,
*67e74705SXin Li                                                         CFGBlock *TrueBlock,
*67e74705SXin Li                                                         CFGBlock *FalseBlock);
*67e74705SXin Li  CFGBlock *VisitMemberExpr(MemberExpr *M, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitObjCAtCatchStmt(ObjCAtCatchStmt *S);
*67e74705SXin Li  CFGBlock *VisitObjCAtSynchronizedStmt(ObjCAtSynchronizedStmt *S);
*67e74705SXin Li  CFGBlock *VisitObjCAtThrowStmt(ObjCAtThrowStmt *S);
*67e74705SXin Li  CFGBlock *VisitObjCAtTryStmt(ObjCAtTryStmt *S);
*67e74705SXin Li  CFGBlock *VisitObjCAutoreleasePoolStmt(ObjCAutoreleasePoolStmt *S);
*67e74705SXin Li  CFGBlock *VisitObjCForCollectionStmt(ObjCForCollectionStmt *S);
*67e74705SXin Li  CFGBlock *VisitPseudoObjectExpr(PseudoObjectExpr *E);
*67e74705SXin Li  CFGBlock *VisitReturnStmt(ReturnStmt *R);
*67e74705SXin Li  CFGBlock *VisitStmtExpr(StmtExpr *S, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitSwitchStmt(SwitchStmt *S);
*67e74705SXin Li  CFGBlock *VisitUnaryExprOrTypeTraitExpr(UnaryExprOrTypeTraitExpr *E,
*67e74705SXin Li                                          AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitUnaryOperator(UnaryOperator *U, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitWhileStmt(WhileStmt *W);
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *Visit(Stmt *S, AddStmtChoice asc = AddStmtChoice::NotAlwaysAdd);
*67e74705SXin Li  CFGBlock *VisitStmt(Stmt *S, AddStmtChoice asc);
*67e74705SXin Li  CFGBlock *VisitChildren(Stmt *S);
*67e74705SXin Li  CFGBlock *VisitNoRecurse(Expr *E, AddStmtChoice asc);
*67e74705SXin Li
*67e74705SXin Li  /// When creating the CFG for temporary destructors, we want to mirror the
*67e74705SXin Li  /// branch structure of the corresponding constructor calls.
*67e74705SXin Li  /// Thus, while visiting a statement for temporary destructors, we keep a
*67e74705SXin Li  /// context to keep track of the following information:
*67e74705SXin Li  /// - whether a subexpression is executed unconditionally
*67e74705SXin Li  /// - if a subexpression is executed conditionally, the first
*67e74705SXin Li  ///   CXXBindTemporaryExpr we encounter in that subexpression (which
*67e74705SXin Li  ///   corresponds to the last temporary destructor we have to call for this
*67e74705SXin Li  ///   subexpression) and the CFG block at that point (which will become the
*67e74705SXin Li  ///   successor block when inserting the decision point).
*67e74705SXin Li  ///
*67e74705SXin Li  /// That way, we can build the branch structure for temporary destructors as
*67e74705SXin Li  /// follows:
*67e74705SXin Li  /// 1. If a subexpression is executed unconditionally, we add the temporary
*67e74705SXin Li  ///    destructor calls to the current block.
*67e74705SXin Li  /// 2. If a subexpression is executed conditionally, when we encounter a
*67e74705SXin Li  ///    CXXBindTemporaryExpr:
*67e74705SXin Li  ///    a) If it is the first temporary destructor call in the subexpression,
*67e74705SXin Li  ///       we remember the CXXBindTemporaryExpr and the current block in the
*67e74705SXin Li  ///       TempDtorContext; we start a new block, and insert the temporary
*67e74705SXin Li  ///       destructor call.
*67e74705SXin Li  ///    b) Otherwise, add the temporary destructor call to the current block.
*67e74705SXin Li  ///  3. When we finished visiting a conditionally executed subexpression,
*67e74705SXin Li  ///     and we found at least one temporary constructor during the visitation
*67e74705SXin Li  ///     (2.a has executed), we insert a decision block that uses the
*67e74705SXin Li  ///     CXXBindTemporaryExpr as terminator, and branches to the current block
*67e74705SXin Li  ///     if the CXXBindTemporaryExpr was marked executed, and otherwise
*67e74705SXin Li  ///     branches to the stored successor.
*67e74705SXin Li  struct TempDtorContext {
*67e74705SXin Li    TempDtorContext()
*67e74705SXin Li        : IsConditional(false), KnownExecuted(true), Succ(nullptr),
*67e74705SXin Li          TerminatorExpr(nullptr) {}
*67e74705SXin Li
*67e74705SXin Li    TempDtorContext(TryResult KnownExecuted)
*67e74705SXin Li        : IsConditional(true), KnownExecuted(KnownExecuted), Succ(nullptr),
*67e74705SXin Li          TerminatorExpr(nullptr) {}
*67e74705SXin Li
*67e74705SXin Li    /// Returns whether we need to start a new branch for a temporary destructor
*67e74705SXin Li    /// call. This is the case when the temporary destructor is
*67e74705SXin Li    /// conditionally executed, and it is the first one we encounter while
*67e74705SXin Li    /// visiting a subexpression - other temporary destructors at the same level
*67e74705SXin Li    /// will be added to the same block and are executed under the same
*67e74705SXin Li    /// condition.
*67e74705SXin Li    bool needsTempDtorBranch() const {
*67e74705SXin Li      return IsConditional && !TerminatorExpr;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    /// Remember the successor S of a temporary destructor decision branch for
*67e74705SXin Li    /// the corresponding CXXBindTemporaryExpr E.
*67e74705SXin Li    void setDecisionPoint(CFGBlock *S, CXXBindTemporaryExpr *E) {
*67e74705SXin Li      Succ = S;
*67e74705SXin Li      TerminatorExpr = E;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    const bool IsConditional;
*67e74705SXin Li    const TryResult KnownExecuted;
*67e74705SXin Li    CFGBlock *Succ;
*67e74705SXin Li    CXXBindTemporaryExpr *TerminatorExpr;
*67e74705SXin Li  };
*67e74705SXin Li
*67e74705SXin Li  // Visitors to walk an AST and generate destructors of temporaries in
*67e74705SXin Li  // full expression.
*67e74705SXin Li  CFGBlock *VisitForTemporaryDtors(Stmt *E, bool BindToTemporary,
*67e74705SXin Li                                   TempDtorContext &Context);
*67e74705SXin Li  CFGBlock *VisitChildrenForTemporaryDtors(Stmt *E, TempDtorContext &Context);
*67e74705SXin Li  CFGBlock *VisitBinaryOperatorForTemporaryDtors(BinaryOperator *E,
*67e74705SXin Li                                                 TempDtorContext &Context);
*67e74705SXin Li  CFGBlock *VisitCXXBindTemporaryExprForTemporaryDtors(
*67e74705SXin Li      CXXBindTemporaryExpr *E, bool BindToTemporary, TempDtorContext &Context);
*67e74705SXin Li  CFGBlock *VisitConditionalOperatorForTemporaryDtors(
*67e74705SXin Li      AbstractConditionalOperator *E, bool BindToTemporary,
*67e74705SXin Li      TempDtorContext &Context);
*67e74705SXin Li  void InsertTempDtorDecisionBlock(const TempDtorContext &Context,
*67e74705SXin Li                                   CFGBlock *FalseSucc = nullptr);
*67e74705SXin Li
*67e74705SXin Li  // NYS == Not Yet Supported
*67e74705SXin Li  CFGBlock *NYS() {
*67e74705SXin Li    badCFG = true;
*67e74705SXin Li    return Block;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void autoCreateBlock() { if (!Block) Block = createBlock(); }
*67e74705SXin Li  CFGBlock *createBlock(bool add_successor = true);
*67e74705SXin Li  CFGBlock *createNoReturnBlock();
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *addStmt(Stmt *S) {
*67e74705SXin Li    return Visit(S, AddStmtChoice::AlwaysAdd);
*67e74705SXin Li  }
*67e74705SXin Li  CFGBlock *addInitializer(CXXCtorInitializer *I);
*67e74705SXin Li  void addAutomaticObjDtors(LocalScope::const_iterator B,
*67e74705SXin Li                            LocalScope::const_iterator E, Stmt *S);
*67e74705SXin Li  void addImplicitDtorsForDestructor(const CXXDestructorDecl *DD);
*67e74705SXin Li
*67e74705SXin Li  // Local scopes creation.
*67e74705SXin Li  LocalScope* createOrReuseLocalScope(LocalScope* Scope);
*67e74705SXin Li
*67e74705SXin Li  void addLocalScopeForStmt(Stmt *S);
*67e74705SXin Li  LocalScope* addLocalScopeForDeclStmt(DeclStmt *DS,
*67e74705SXin Li                                       LocalScope* Scope = nullptr);
*67e74705SXin Li  LocalScope* addLocalScopeForVarDecl(VarDecl *VD, LocalScope* Scope = nullptr);
*67e74705SXin Li
*67e74705SXin Li  void addLocalScopeAndDtors(Stmt *S);
*67e74705SXin Li
*67e74705SXin Li  // Interface to CFGBlock - adding CFGElements.
*67e74705SXin Li  void appendStmt(CFGBlock *B, const Stmt *S) {
*67e74705SXin Li    if (alwaysAdd(S) && cachedEntry)
*67e74705SXin Li      cachedEntry->second = B;
*67e74705SXin Li
*67e74705SXin Li    // All block-level expressions should have already been IgnoreParens()ed.
*67e74705SXin Li    assert(!isa<Expr>(S) || cast<Expr>(S)->IgnoreParens() == S);
*67e74705SXin Li    B->appendStmt(const_cast<Stmt*>(S), cfg->getBumpVectorContext());
*67e74705SXin Li  }
*67e74705SXin Li  void appendInitializer(CFGBlock *B, CXXCtorInitializer *I) {
*67e74705SXin Li    B->appendInitializer(I, cfg->getBumpVectorContext());
*67e74705SXin Li  }
*67e74705SXin Li  void appendNewAllocator(CFGBlock *B, CXXNewExpr *NE) {
*67e74705SXin Li    B->appendNewAllocator(NE, cfg->getBumpVectorContext());
*67e74705SXin Li  }
*67e74705SXin Li  void appendBaseDtor(CFGBlock *B, const CXXBaseSpecifier *BS) {
*67e74705SXin Li    B->appendBaseDtor(BS, cfg->getBumpVectorContext());
*67e74705SXin Li  }
*67e74705SXin Li  void appendMemberDtor(CFGBlock *B, FieldDecl *FD) {
*67e74705SXin Li    B->appendMemberDtor(FD, cfg->getBumpVectorContext());
*67e74705SXin Li  }
*67e74705SXin Li  void appendTemporaryDtor(CFGBlock *B, CXXBindTemporaryExpr *E) {
*67e74705SXin Li    B->appendTemporaryDtor(E, cfg->getBumpVectorContext());
*67e74705SXin Li  }
*67e74705SXin Li  void appendAutomaticObjDtor(CFGBlock *B, VarDecl *VD, Stmt *S) {
*67e74705SXin Li    B->appendAutomaticObjDtor(VD, S, cfg->getBumpVectorContext());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void appendDeleteDtor(CFGBlock *B, CXXRecordDecl *RD, CXXDeleteExpr *DE) {
*67e74705SXin Li    B->appendDeleteDtor(RD, DE, cfg->getBumpVectorContext());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void prependAutomaticObjDtorsWithTerminator(CFGBlock *Blk,
*67e74705SXin Li      LocalScope::const_iterator B, LocalScope::const_iterator E);
*67e74705SXin Li
*67e74705SXin Li  void addSuccessor(CFGBlock *B, CFGBlock *S, bool IsReachable = true) {
*67e74705SXin Li    B->addSuccessor(CFGBlock::AdjacentBlock(S, IsReachable),
*67e74705SXin Li                    cfg->getBumpVectorContext());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  /// Add a reachable successor to a block, with the alternate variant that is
*67e74705SXin Li  /// unreachable.
*67e74705SXin Li  void addSuccessor(CFGBlock *B, CFGBlock *ReachableBlock, CFGBlock *AltBlock) {
*67e74705SXin Li    B->addSuccessor(CFGBlock::AdjacentBlock(ReachableBlock, AltBlock),
*67e74705SXin Li                    cfg->getBumpVectorContext());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  /// \brief Find a relational comparison with an expression evaluating to a
*67e74705SXin Li  /// boolean and a constant other than 0 and 1.
*67e74705SXin Li  /// e.g. if ((x < y) == 10)
*67e74705SXin Li  TryResult checkIncorrectRelationalOperator(const BinaryOperator *B) {
*67e74705SXin Li    const Expr *LHSExpr = B->getLHS()->IgnoreParens();
*67e74705SXin Li    const Expr *RHSExpr = B->getRHS()->IgnoreParens();
*67e74705SXin Li
*67e74705SXin Li    const IntegerLiteral *IntLiteral = dyn_cast<IntegerLiteral>(LHSExpr);
*67e74705SXin Li    const Expr *BoolExpr = RHSExpr;
*67e74705SXin Li    bool IntFirst = true;
*67e74705SXin Li    if (!IntLiteral) {
*67e74705SXin Li      IntLiteral = dyn_cast<IntegerLiteral>(RHSExpr);
*67e74705SXin Li      BoolExpr = LHSExpr;
*67e74705SXin Li      IntFirst = false;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    if (!IntLiteral || !BoolExpr->isKnownToHaveBooleanValue())
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    llvm::APInt IntValue = IntLiteral->getValue();
*67e74705SXin Li    if ((IntValue == 1) || (IntValue == 0))
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    bool IntLarger = IntLiteral->getType()->isUnsignedIntegerType() ||
*67e74705SXin Li                     !IntValue.isNegative();
*67e74705SXin Li
*67e74705SXin Li    BinaryOperatorKind Bok = B->getOpcode();
*67e74705SXin Li    if (Bok == BO_GT || Bok == BO_GE) {
*67e74705SXin Li      // Always true for 10 > bool and bool > -1
*67e74705SXin Li      // Always false for -1 > bool and bool > 10
*67e74705SXin Li      return TryResult(IntFirst == IntLarger);
*67e74705SXin Li    } else {
*67e74705SXin Li      // Always true for -1 < bool and bool < 10
*67e74705SXin Li      // Always false for 10 < bool and bool < -1
*67e74705SXin Li      return TryResult(IntFirst != IntLarger);
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  /// Find an incorrect equality comparison. Either with an expression
*67e74705SXin Li  /// evaluating to a boolean and a constant other than 0 and 1.
*67e74705SXin Li  /// e.g. if (!x == 10) or a bitwise and/or operation that always evaluates to
*67e74705SXin Li  /// true/false e.q. (x & 8) == 4.
*67e74705SXin Li  TryResult checkIncorrectEqualityOperator(const BinaryOperator *B) {
*67e74705SXin Li    const Expr *LHSExpr = B->getLHS()->IgnoreParens();
*67e74705SXin Li    const Expr *RHSExpr = B->getRHS()->IgnoreParens();
*67e74705SXin Li
*67e74705SXin Li    const IntegerLiteral *IntLiteral = dyn_cast<IntegerLiteral>(LHSExpr);
*67e74705SXin Li    const Expr *BoolExpr = RHSExpr;
*67e74705SXin Li
*67e74705SXin Li    if (!IntLiteral) {
*67e74705SXin Li      IntLiteral = dyn_cast<IntegerLiteral>(RHSExpr);
*67e74705SXin Li      BoolExpr = LHSExpr;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    if (!IntLiteral)
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    const BinaryOperator *BitOp = dyn_cast<BinaryOperator>(BoolExpr);
*67e74705SXin Li    if (BitOp && (BitOp->getOpcode() == BO_And ||
*67e74705SXin Li                  BitOp->getOpcode() == BO_Or)) {
*67e74705SXin Li      const Expr *LHSExpr2 = BitOp->getLHS()->IgnoreParens();
*67e74705SXin Li      const Expr *RHSExpr2 = BitOp->getRHS()->IgnoreParens();
*67e74705SXin Li
*67e74705SXin Li      const IntegerLiteral *IntLiteral2 = dyn_cast<IntegerLiteral>(LHSExpr2);
*67e74705SXin Li
*67e74705SXin Li      if (!IntLiteral2)
*67e74705SXin Li        IntLiteral2 = dyn_cast<IntegerLiteral>(RHSExpr2);
*67e74705SXin Li
*67e74705SXin Li      if (!IntLiteral2)
*67e74705SXin Li        return TryResult();
*67e74705SXin Li
*67e74705SXin Li      llvm::APInt L1 = IntLiteral->getValue();
*67e74705SXin Li      llvm::APInt L2 = IntLiteral2->getValue();
*67e74705SXin Li      if ((BitOp->getOpcode() == BO_And && (L2 & L1) != L1) ||
*67e74705SXin Li          (BitOp->getOpcode() == BO_Or  && (L2 | L1) != L1)) {
*67e74705SXin Li        if (BuildOpts.Observer)
*67e74705SXin Li          BuildOpts.Observer->compareBitwiseEquality(B,
*67e74705SXin Li                                                     B->getOpcode() != BO_EQ);
*67e74705SXin Li        TryResult(B->getOpcode() != BO_EQ);
*67e74705SXin Li      }
*67e74705SXin Li    } else if (BoolExpr->isKnownToHaveBooleanValue()) {
*67e74705SXin Li      llvm::APInt IntValue = IntLiteral->getValue();
*67e74705SXin Li      if ((IntValue == 1) || (IntValue == 0)) {
*67e74705SXin Li        return TryResult();
*67e74705SXin Li      }
*67e74705SXin Li      return TryResult(B->getOpcode() != BO_EQ);
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    return TryResult();
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  TryResult analyzeLogicOperatorCondition(BinaryOperatorKind Relation,
*67e74705SXin Li                                          const llvm::APSInt &Value1,
*67e74705SXin Li                                          const llvm::APSInt &Value2) {
*67e74705SXin Li    assert(Value1.isSigned() == Value2.isSigned());
*67e74705SXin Li    switch (Relation) {
*67e74705SXin Li      default:
*67e74705SXin Li        return TryResult();
*67e74705SXin Li      case BO_EQ:
*67e74705SXin Li        return TryResult(Value1 == Value2);
*67e74705SXin Li      case BO_NE:
*67e74705SXin Li        return TryResult(Value1 != Value2);
*67e74705SXin Li      case BO_LT:
*67e74705SXin Li        return TryResult(Value1 <  Value2);
*67e74705SXin Li      case BO_LE:
*67e74705SXin Li        return TryResult(Value1 <= Value2);
*67e74705SXin Li      case BO_GT:
*67e74705SXin Li        return TryResult(Value1 >  Value2);
*67e74705SXin Li      case BO_GE:
*67e74705SXin Li        return TryResult(Value1 >= Value2);
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  /// \brief Find a pair of comparison expressions with or without parentheses
*67e74705SXin Li  /// with a shared variable and constants and a logical operator between them
*67e74705SXin Li  /// that always evaluates to either true or false.
*67e74705SXin Li  /// e.g. if (x != 3 || x != 4)
*67e74705SXin Li  TryResult checkIncorrectLogicOperator(const BinaryOperator *B) {
*67e74705SXin Li    assert(B->isLogicalOp());
*67e74705SXin Li    const BinaryOperator *LHS =
*67e74705SXin Li        dyn_cast<BinaryOperator>(B->getLHS()->IgnoreParens());
*67e74705SXin Li    const BinaryOperator *RHS =
*67e74705SXin Li        dyn_cast<BinaryOperator>(B->getRHS()->IgnoreParens());
*67e74705SXin Li    if (!LHS || !RHS)
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    if (!LHS->isComparisonOp() || !RHS->isComparisonOp())
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    const DeclRefExpr *Decl1;
*67e74705SXin Li    const Expr *Expr1;
*67e74705SXin Li    BinaryOperatorKind BO1;
*67e74705SXin Li    std::tie(Decl1, BO1, Expr1) = tryNormalizeBinaryOperator(LHS);
*67e74705SXin Li
*67e74705SXin Li    if (!Decl1 || !Expr1)
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    const DeclRefExpr *Decl2;
*67e74705SXin Li    const Expr *Expr2;
*67e74705SXin Li    BinaryOperatorKind BO2;
*67e74705SXin Li    std::tie(Decl2, BO2, Expr2) = tryNormalizeBinaryOperator(RHS);
*67e74705SXin Li
*67e74705SXin Li    if (!Decl2 || !Expr2)
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    // Check that it is the same variable on both sides.
*67e74705SXin Li    if (Decl1->getDecl() != Decl2->getDecl())
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    // Make sure the user's intent is clear (e.g. they're comparing against two
*67e74705SXin Li    // int literals, or two things from the same enum)
*67e74705SXin Li    if (!areExprTypesCompatible(Expr1, Expr2))
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    llvm::APSInt L1, L2;
*67e74705SXin Li
*67e74705SXin Li    if (!Expr1->EvaluateAsInt(L1, *Context) ||
*67e74705SXin Li        !Expr2->EvaluateAsInt(L2, *Context))
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    // Can't compare signed with unsigned or with different bit width.
*67e74705SXin Li    if (L1.isSigned() != L2.isSigned() || L1.getBitWidth() != L2.getBitWidth())
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    // Values that will be used to determine if result of logical
*67e74705SXin Li    // operator is always true/false
*67e74705SXin Li    const llvm::APSInt Values[] = {
*67e74705SXin Li      // Value less than both Value1 and Value2
*67e74705SXin Li      llvm::APSInt::getMinValue(L1.getBitWidth(), L1.isUnsigned()),
*67e74705SXin Li      // L1
*67e74705SXin Li      L1,
*67e74705SXin Li      // Value between Value1 and Value2
*67e74705SXin Li      ((L1 < L2) ? L1 : L2) + llvm::APSInt(llvm::APInt(L1.getBitWidth(), 1),
*67e74705SXin Li                              L1.isUnsigned()),
*67e74705SXin Li      // L2
*67e74705SXin Li      L2,
*67e74705SXin Li      // Value greater than both Value1 and Value2
*67e74705SXin Li      llvm::APSInt::getMaxValue(L1.getBitWidth(), L1.isUnsigned()),
*67e74705SXin Li    };
*67e74705SXin Li
*67e74705SXin Li    // Check whether expression is always true/false by evaluating the following
*67e74705SXin Li    // * variable x is less than the smallest literal.
*67e74705SXin Li    // * variable x is equal to the smallest literal.
*67e74705SXin Li    // * Variable x is between smallest and largest literal.
*67e74705SXin Li    // * Variable x is equal to the largest literal.
*67e74705SXin Li    // * Variable x is greater than largest literal.
*67e74705SXin Li    bool AlwaysTrue = true, AlwaysFalse = true;
*67e74705SXin Li    for (const llvm::APSInt &Value : Values) {
*67e74705SXin Li      TryResult Res1, Res2;
*67e74705SXin Li      Res1 = analyzeLogicOperatorCondition(BO1, Value, L1);
*67e74705SXin Li      Res2 = analyzeLogicOperatorCondition(BO2, Value, L2);
*67e74705SXin Li
*67e74705SXin Li      if (!Res1.isKnown() || !Res2.isKnown())
*67e74705SXin Li        return TryResult();
*67e74705SXin Li
*67e74705SXin Li      if (B->getOpcode() == BO_LAnd) {
*67e74705SXin Li        AlwaysTrue &= (Res1.isTrue() && Res2.isTrue());
*67e74705SXin Li        AlwaysFalse &= !(Res1.isTrue() && Res2.isTrue());
*67e74705SXin Li      } else {
*67e74705SXin Li        AlwaysTrue &= (Res1.isTrue() || Res2.isTrue());
*67e74705SXin Li        AlwaysFalse &= !(Res1.isTrue() || Res2.isTrue());
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    if (AlwaysTrue || AlwaysFalse) {
*67e74705SXin Li      if (BuildOpts.Observer)
*67e74705SXin Li        BuildOpts.Observer->compareAlwaysTrue(B, AlwaysTrue);
*67e74705SXin Li      return TryResult(AlwaysTrue);
*67e74705SXin Li    }
*67e74705SXin Li    return TryResult();
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  /// Try and evaluate an expression to an integer constant.
*67e74705SXin Li  bool tryEvaluate(Expr *S, Expr::EvalResult &outResult) {
*67e74705SXin Li    if (!BuildOpts.PruneTriviallyFalseEdges)
*67e74705SXin Li      return false;
*67e74705SXin Li    return !S->isTypeDependent() &&
*67e74705SXin Li           !S->isValueDependent() &&
*67e74705SXin Li           S->EvaluateAsRValue(outResult, *Context);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  /// tryEvaluateBool - Try and evaluate the Stmt and return 0 or 1
*67e74705SXin Li  /// if we can evaluate to a known value, otherwise return -1.
*67e74705SXin Li  TryResult tryEvaluateBool(Expr *S) {
*67e74705SXin Li    if (!BuildOpts.PruneTriviallyFalseEdges ||
*67e74705SXin Li        S->isTypeDependent() || S->isValueDependent())
*67e74705SXin Li      return TryResult();
*67e74705SXin Li
*67e74705SXin Li    if (BinaryOperator *Bop = dyn_cast<BinaryOperator>(S)) {
*67e74705SXin Li      if (Bop->isLogicalOp()) {
*67e74705SXin Li        // Check the cache first.
*67e74705SXin Li        CachedBoolEvalsTy::iterator I = CachedBoolEvals.find(S);
*67e74705SXin Li        if (I != CachedBoolEvals.end())
*67e74705SXin Li          return I->second; // already in map;
*67e74705SXin Li
*67e74705SXin Li        // Retrieve result at first, or the map might be updated.
*67e74705SXin Li        TryResult Result = evaluateAsBooleanConditionNoCache(S);
*67e74705SXin Li        CachedBoolEvals[S] = Result; // update or insert
*67e74705SXin Li        return Result;
*67e74705SXin Li      }
*67e74705SXin Li      else {
*67e74705SXin Li        switch (Bop->getOpcode()) {
*67e74705SXin Li          default: break;
*67e74705SXin Li          // For 'x & 0' and 'x * 0', we can determine that
*67e74705SXin Li          // the value is always false.
*67e74705SXin Li          case BO_Mul:
*67e74705SXin Li          case BO_And: {
*67e74705SXin Li            // If either operand is zero, we know the value
*67e74705SXin Li            // must be false.
*67e74705SXin Li            llvm::APSInt IntVal;
*67e74705SXin Li            if (Bop->getLHS()->EvaluateAsInt(IntVal, *Context)) {
*67e74705SXin Li              if (!IntVal.getBoolValue()) {
*67e74705SXin Li                return TryResult(false);
*67e74705SXin Li              }
*67e74705SXin Li            }
*67e74705SXin Li            if (Bop->getRHS()->EvaluateAsInt(IntVal, *Context)) {
*67e74705SXin Li              if (!IntVal.getBoolValue()) {
*67e74705SXin Li                return TryResult(false);
*67e74705SXin Li              }
*67e74705SXin Li            }
*67e74705SXin Li          }
*67e74705SXin Li          break;
*67e74705SXin Li        }
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    return evaluateAsBooleanConditionNoCache(S);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  /// \brief Evaluate as boolean \param E without using the cache.
*67e74705SXin Li  TryResult evaluateAsBooleanConditionNoCache(Expr *E) {
*67e74705SXin Li    if (BinaryOperator *Bop = dyn_cast<BinaryOperator>(E)) {
*67e74705SXin Li      if (Bop->isLogicalOp()) {
*67e74705SXin Li        TryResult LHS = tryEvaluateBool(Bop->getLHS());
*67e74705SXin Li        if (LHS.isKnown()) {
*67e74705SXin Li          // We were able to evaluate the LHS, see if we can get away with not
*67e74705SXin Li          // evaluating the RHS: 0 && X -> 0, 1 || X -> 1
*67e74705SXin Li          if (LHS.isTrue() == (Bop->getOpcode() == BO_LOr))
*67e74705SXin Li            return LHS.isTrue();
*67e74705SXin Li
*67e74705SXin Li          TryResult RHS = tryEvaluateBool(Bop->getRHS());
*67e74705SXin Li          if (RHS.isKnown()) {
*67e74705SXin Li            if (Bop->getOpcode() == BO_LOr)
*67e74705SXin Li              return LHS.isTrue() || RHS.isTrue();
*67e74705SXin Li            else
*67e74705SXin Li              return LHS.isTrue() && RHS.isTrue();
*67e74705SXin Li          }
*67e74705SXin Li        } else {
*67e74705SXin Li          TryResult RHS = tryEvaluateBool(Bop->getRHS());
*67e74705SXin Li          if (RHS.isKnown()) {
*67e74705SXin Li            // We can't evaluate the LHS; however, sometimes the result
*67e74705SXin Li            // is determined by the RHS: X && 0 -> 0, X || 1 -> 1.
*67e74705SXin Li            if (RHS.isTrue() == (Bop->getOpcode() == BO_LOr))
*67e74705SXin Li              return RHS.isTrue();
*67e74705SXin Li          } else {
*67e74705SXin Li            TryResult BopRes = checkIncorrectLogicOperator(Bop);
*67e74705SXin Li            if (BopRes.isKnown())
*67e74705SXin Li              return BopRes.isTrue();
*67e74705SXin Li          }
*67e74705SXin Li        }
*67e74705SXin Li
*67e74705SXin Li        return TryResult();
*67e74705SXin Li      } else if (Bop->isEqualityOp()) {
*67e74705SXin Li          TryResult BopRes = checkIncorrectEqualityOperator(Bop);
*67e74705SXin Li          if (BopRes.isKnown())
*67e74705SXin Li            return BopRes.isTrue();
*67e74705SXin Li      } else if (Bop->isRelationalOp()) {
*67e74705SXin Li        TryResult BopRes = checkIncorrectRelationalOperator(Bop);
*67e74705SXin Li        if (BopRes.isKnown())
*67e74705SXin Li          return BopRes.isTrue();
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    bool Result;
*67e74705SXin Li    if (E->EvaluateAsBooleanCondition(Result, *Context))
*67e74705SXin Li      return Result;
*67e74705SXin Li
*67e74705SXin Li    return TryResult();
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li};
*67e74705SXin Li
*67e74705SXin Liinline bool AddStmtChoice::alwaysAdd(CFGBuilder &builder,
*67e74705SXin Li                                     const Stmt *stmt) const {
*67e74705SXin Li  return builder.alwaysAdd(stmt) || kind == AlwaysAdd;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Libool CFGBuilder::alwaysAdd(const Stmt *stmt) {
*67e74705SXin Li  bool shouldAdd = BuildOpts.alwaysAdd(stmt);
*67e74705SXin Li
*67e74705SXin Li  if (!BuildOpts.forcedBlkExprs)
*67e74705SXin Li    return shouldAdd;
*67e74705SXin Li
*67e74705SXin Li  if (lastLookup == stmt) {
*67e74705SXin Li    if (cachedEntry) {
*67e74705SXin Li      assert(cachedEntry->first == stmt);
*67e74705SXin Li      return true;
*67e74705SXin Li    }
*67e74705SXin Li    return shouldAdd;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  lastLookup = stmt;
*67e74705SXin Li
*67e74705SXin Li  // Perform the lookup!
*67e74705SXin Li  CFG::BuildOptions::ForcedBlkExprs *fb = *BuildOpts.forcedBlkExprs;
*67e74705SXin Li
*67e74705SXin Li  if (!fb) {
*67e74705SXin Li    // No need to update 'cachedEntry', since it will always be null.
*67e74705SXin Li    assert(!cachedEntry);
*67e74705SXin Li    return shouldAdd;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  CFG::BuildOptions::ForcedBlkExprs::iterator itr = fb->find(stmt);
*67e74705SXin Li  if (itr == fb->end()) {
*67e74705SXin Li    cachedEntry = nullptr;
*67e74705SXin Li    return shouldAdd;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  cachedEntry = &*itr;
*67e74705SXin Li  return true;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li// FIXME: Add support for dependent-sized array types in C++?
*67e74705SXin Li// Does it even make sense to build a CFG for an uninstantiated template?
*67e74705SXin Listatic const VariableArrayType *FindVA(const Type *t) {
*67e74705SXin Li  while (const ArrayType *vt = dyn_cast<ArrayType>(t)) {
*67e74705SXin Li    if (const VariableArrayType *vat = dyn_cast<VariableArrayType>(vt))
*67e74705SXin Li      if (vat->getSizeExpr())
*67e74705SXin Li        return vat;
*67e74705SXin Li
*67e74705SXin Li    t = vt->getElementType().getTypePtr();
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return nullptr;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// BuildCFG - Constructs a CFG from an AST (a Stmt*).  The AST can represent an
*67e74705SXin Li///  arbitrary statement.  Examples include a single expression or a function
*67e74705SXin Li///  body (compound statement).  The ownership of the returned CFG is
*67e74705SXin Li///  transferred to the caller.  If CFG construction fails, this method returns
*67e74705SXin Li///  NULL.
*67e74705SXin Listd::unique_ptr<CFG> CFGBuilder::buildCFG(const Decl *D, Stmt *Statement) {
*67e74705SXin Li  assert(cfg.get());
*67e74705SXin Li  if (!Statement)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Create an empty block that will serve as the exit block for the CFG.  Since
*67e74705SXin Li  // this is the first block added to the CFG, it will be implicitly registered
*67e74705SXin Li  // as the exit block.
*67e74705SXin Li  Succ = createBlock();
*67e74705SXin Li  assert(Succ == &cfg->getExit());
*67e74705SXin Li  Block = nullptr;  // the EXIT block is empty.  Create all other blocks lazily.
*67e74705SXin Li
*67e74705SXin Li  if (BuildOpts.AddImplicitDtors)
*67e74705SXin Li    if (const CXXDestructorDecl *DD = dyn_cast_or_null<CXXDestructorDecl>(D))
*67e74705SXin Li      addImplicitDtorsForDestructor(DD);
*67e74705SXin Li
*67e74705SXin Li  // Visit the statements and create the CFG.
*67e74705SXin Li  CFGBlock *B = addStmt(Statement);
*67e74705SXin Li
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  // For C++ constructor add initializers to CFG.
*67e74705SXin Li  if (const CXXConstructorDecl *CD = dyn_cast_or_null<CXXConstructorDecl>(D)) {
*67e74705SXin Li    for (auto *I : llvm::reverse(CD->inits())) {
*67e74705SXin Li      B = addInitializer(I);
*67e74705SXin Li      if (badCFG)
*67e74705SXin Li        return nullptr;
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (B)
*67e74705SXin Li    Succ = B;
*67e74705SXin Li
*67e74705SXin Li  // Backpatch the gotos whose label -> block mappings we didn't know when we
*67e74705SXin Li  // encountered them.
*67e74705SXin Li  for (BackpatchBlocksTy::iterator I = BackpatchBlocks.begin(),
*67e74705SXin Li                                   E = BackpatchBlocks.end(); I != E; ++I ) {
*67e74705SXin Li
*67e74705SXin Li    CFGBlock *B = I->block;
*67e74705SXin Li    const GotoStmt *G = cast<GotoStmt>(B->getTerminator());
*67e74705SXin Li    LabelMapTy::iterator LI = LabelMap.find(G->getLabel());
*67e74705SXin Li
*67e74705SXin Li    // If there is no target for the goto, then we are looking at an
*67e74705SXin Li    // incomplete AST.  Handle this by not registering a successor.
*67e74705SXin Li    if (LI == LabelMap.end()) continue;
*67e74705SXin Li
*67e74705SXin Li    JumpTarget JT = LI->second;
*67e74705SXin Li    prependAutomaticObjDtorsWithTerminator(B, I->scopePosition,
*67e74705SXin Li                                           JT.scopePosition);
*67e74705SXin Li    addSuccessor(B, JT.block);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Add successors to the Indirect Goto Dispatch block (if we have one).
*67e74705SXin Li  if (CFGBlock *B = cfg->getIndirectGotoBlock())
*67e74705SXin Li    for (LabelSetTy::iterator I = AddressTakenLabels.begin(),
*67e74705SXin Li                              E = AddressTakenLabels.end(); I != E; ++I ) {
*67e74705SXin Li
*67e74705SXin Li      // Lookup the target block.
*67e74705SXin Li      LabelMapTy::iterator LI = LabelMap.find(*I);
*67e74705SXin Li
*67e74705SXin Li      // If there is no target block that contains label, then we are looking
*67e74705SXin Li      // at an incomplete AST.  Handle this by not registering a successor.
*67e74705SXin Li      if (LI == LabelMap.end()) continue;
*67e74705SXin Li
*67e74705SXin Li      addSuccessor(B, LI->second.block);
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li  // Create an empty entry block that has no predecessors.
*67e74705SXin Li  cfg->setEntry(createBlock());
*67e74705SXin Li
*67e74705SXin Li  return std::move(cfg);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// createBlock - Used to lazily create blocks that are connected
*67e74705SXin Li///  to the current (global) succcessor.
*67e74705SXin LiCFGBlock *CFGBuilder::createBlock(bool add_successor) {
*67e74705SXin Li  CFGBlock *B = cfg->createBlock();
*67e74705SXin Li  if (add_successor && Succ)
*67e74705SXin Li    addSuccessor(B, Succ);
*67e74705SXin Li  return B;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// createNoReturnBlock - Used to create a block is a 'noreturn' point in the
*67e74705SXin Li/// CFG. It is *not* connected to the current (global) successor, and instead
*67e74705SXin Li/// directly tied to the exit block in order to be reachable.
*67e74705SXin LiCFGBlock *CFGBuilder::createNoReturnBlock() {
*67e74705SXin Li  CFGBlock *B = createBlock(false);
*67e74705SXin Li  B->setHasNoReturnElement();
*67e74705SXin Li  addSuccessor(B, &cfg->getExit(), Succ);
*67e74705SXin Li  return B;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// addInitializer - Add C++ base or member initializer element to CFG.
*67e74705SXin LiCFGBlock *CFGBuilder::addInitializer(CXXCtorInitializer *I) {
*67e74705SXin Li  if (!BuildOpts.AddInitializers)
*67e74705SXin Li    return Block;
*67e74705SXin Li
*67e74705SXin Li  bool HasTemporaries = false;
*67e74705SXin Li
*67e74705SXin Li  // Destructors of temporaries in initialization expression should be called
*67e74705SXin Li  // after initialization finishes.
*67e74705SXin Li  Expr *Init = I->getInit();
*67e74705SXin Li  if (Init) {
*67e74705SXin Li    HasTemporaries = isa<ExprWithCleanups>(Init);
*67e74705SXin Li
*67e74705SXin Li    if (BuildOpts.AddTemporaryDtors && HasTemporaries) {
*67e74705SXin Li      // Generate destructors for temporaries in initialization expression.
*67e74705SXin Li      TempDtorContext Context;
*67e74705SXin Li      VisitForTemporaryDtors(cast<ExprWithCleanups>(Init)->getSubExpr(),
*67e74705SXin Li                             /*BindToTemporary=*/false, Context);
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  autoCreateBlock();
*67e74705SXin Li  appendInitializer(Block, I);
*67e74705SXin Li
*67e74705SXin Li  if (Init) {
*67e74705SXin Li    if (HasTemporaries) {
*67e74705SXin Li      // For expression with temporaries go directly to subexpression to omit
*67e74705SXin Li      // generating destructors for the second time.
*67e74705SXin Li      return Visit(cast<ExprWithCleanups>(Init)->getSubExpr());
*67e74705SXin Li    }
*67e74705SXin Li    if (BuildOpts.AddCXXDefaultInitExprInCtors) {
*67e74705SXin Li      if (CXXDefaultInitExpr *Default = dyn_cast<CXXDefaultInitExpr>(Init)) {
*67e74705SXin Li        // In general, appending the expression wrapped by a CXXDefaultInitExpr
*67e74705SXin Li        // may cause the same Expr to appear more than once in the CFG. Doing it
*67e74705SXin Li        // here is safe because there's only one initializer per field.
*67e74705SXin Li        autoCreateBlock();
*67e74705SXin Li        appendStmt(Block, Default);
*67e74705SXin Li        if (Stmt *Child = Default->getExpr())
*67e74705SXin Li          if (CFGBlock *R = Visit(Child))
*67e74705SXin Li            Block = R;
*67e74705SXin Li        return Block;
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li    return Visit(Init);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return Block;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// \brief Retrieve the type of the temporary object whose lifetime was
*67e74705SXin Li/// extended by a local reference with the given initializer.
*67e74705SXin Listatic QualType getReferenceInitTemporaryType(ASTContext &Context,
*67e74705SXin Li                                              const Expr *Init) {
*67e74705SXin Li  while (true) {
*67e74705SXin Li    // Skip parentheses.
*67e74705SXin Li    Init = Init->IgnoreParens();
*67e74705SXin Li
*67e74705SXin Li    // Skip through cleanups.
*67e74705SXin Li    if (const ExprWithCleanups *EWC = dyn_cast<ExprWithCleanups>(Init)) {
*67e74705SXin Li      Init = EWC->getSubExpr();
*67e74705SXin Li      continue;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    // Skip through the temporary-materialization expression.
*67e74705SXin Li    if (const MaterializeTemporaryExpr *MTE
*67e74705SXin Li          = dyn_cast<MaterializeTemporaryExpr>(Init)) {
*67e74705SXin Li      Init = MTE->GetTemporaryExpr();
*67e74705SXin Li      continue;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    // Skip derived-to-base and no-op casts.
*67e74705SXin Li    if (const CastExpr *CE = dyn_cast<CastExpr>(Init)) {
*67e74705SXin Li      if ((CE->getCastKind() == CK_DerivedToBase ||
*67e74705SXin Li           CE->getCastKind() == CK_UncheckedDerivedToBase ||
*67e74705SXin Li           CE->getCastKind() == CK_NoOp) &&
*67e74705SXin Li          Init->getType()->isRecordType()) {
*67e74705SXin Li        Init = CE->getSubExpr();
*67e74705SXin Li        continue;
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    // Skip member accesses into rvalues.
*67e74705SXin Li    if (const MemberExpr *ME = dyn_cast<MemberExpr>(Init)) {
*67e74705SXin Li      if (!ME->isArrow() && ME->getBase()->isRValue()) {
*67e74705SXin Li        Init = ME->getBase();
*67e74705SXin Li        continue;
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    break;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return Init->getType();
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// addAutomaticObjDtors - Add to current block automatic objects destructors
*67e74705SXin Li/// for objects in range of local scope positions. Use S as trigger statement
*67e74705SXin Li/// for destructors.
*67e74705SXin Livoid CFGBuilder::addAutomaticObjDtors(LocalScope::const_iterator B,
*67e74705SXin Li                                      LocalScope::const_iterator E, Stmt *S) {
*67e74705SXin Li  if (!BuildOpts.AddImplicitDtors)
*67e74705SXin Li    return;
*67e74705SXin Li
*67e74705SXin Li  if (B == E)
*67e74705SXin Li    return;
*67e74705SXin Li
*67e74705SXin Li  // We need to append the destructors in reverse order, but any one of them
*67e74705SXin Li  // may be a no-return destructor which changes the CFG. As a result, buffer
*67e74705SXin Li  // this sequence up and replay them in reverse order when appending onto the
*67e74705SXin Li  // CFGBlock(s).
*67e74705SXin Li  SmallVector<VarDecl*, 10> Decls;
*67e74705SXin Li  Decls.reserve(B.distance(E));
*67e74705SXin Li  for (LocalScope::const_iterator I = B; I != E; ++I)
*67e74705SXin Li    Decls.push_back(*I);
*67e74705SXin Li
*67e74705SXin Li  for (SmallVectorImpl<VarDecl*>::reverse_iterator I = Decls.rbegin(),
*67e74705SXin Li                                                   E = Decls.rend();
*67e74705SXin Li       I != E; ++I) {
*67e74705SXin Li    // If this destructor is marked as a no-return destructor, we need to
*67e74705SXin Li    // create a new block for the destructor which does not have as a successor
*67e74705SXin Li    // anything built thus far: control won't flow out of this block.
*67e74705SXin Li    QualType Ty = (*I)->getType();
*67e74705SXin Li    if (Ty->isReferenceType()) {
*67e74705SXin Li      Ty = getReferenceInitTemporaryType(*Context, (*I)->getInit());
*67e74705SXin Li    }
*67e74705SXin Li    Ty = Context->getBaseElementType(Ty);
*67e74705SXin Li
*67e74705SXin Li    if (Ty->getAsCXXRecordDecl()->isAnyDestructorNoReturn())
*67e74705SXin Li      Block = createNoReturnBlock();
*67e74705SXin Li    else
*67e74705SXin Li      autoCreateBlock();
*67e74705SXin Li
*67e74705SXin Li    appendAutomaticObjDtor(Block, *I, S);
*67e74705SXin Li  }
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// addImplicitDtorsForDestructor - Add implicit destructors generated for
*67e74705SXin Li/// base and member objects in destructor.
*67e74705SXin Livoid CFGBuilder::addImplicitDtorsForDestructor(const CXXDestructorDecl *DD) {
*67e74705SXin Li  assert (BuildOpts.AddImplicitDtors
*67e74705SXin Li      && "Can be called only when dtors should be added");
*67e74705SXin Li  const CXXRecordDecl *RD = DD->getParent();
*67e74705SXin Li
*67e74705SXin Li  // At the end destroy virtual base objects.
*67e74705SXin Li  for (const auto &VI : RD->vbases()) {
*67e74705SXin Li    const CXXRecordDecl *CD = VI.getType()->getAsCXXRecordDecl();
*67e74705SXin Li    if (!CD->hasTrivialDestructor()) {
*67e74705SXin Li      autoCreateBlock();
*67e74705SXin Li      appendBaseDtor(Block, &VI);
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Before virtual bases destroy direct base objects.
*67e74705SXin Li  for (const auto &BI : RD->bases()) {
*67e74705SXin Li    if (!BI.isVirtual()) {
*67e74705SXin Li      const CXXRecordDecl *CD = BI.getType()->getAsCXXRecordDecl();
*67e74705SXin Li      if (!CD->hasTrivialDestructor()) {
*67e74705SXin Li        autoCreateBlock();
*67e74705SXin Li        appendBaseDtor(Block, &BI);
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // First destroy member objects.
*67e74705SXin Li  for (auto *FI : RD->fields()) {
*67e74705SXin Li    // Check for constant size array. Set type to array element type.
*67e74705SXin Li    QualType QT = FI->getType();
*67e74705SXin Li    if (const ConstantArrayType *AT = Context->getAsConstantArrayType(QT)) {
*67e74705SXin Li      if (AT->getSize() == 0)
*67e74705SXin Li        continue;
*67e74705SXin Li      QT = AT->getElementType();
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    if (const CXXRecordDecl *CD = QT->getAsCXXRecordDecl())
*67e74705SXin Li      if (!CD->hasTrivialDestructor()) {
*67e74705SXin Li        autoCreateBlock();
*67e74705SXin Li        appendMemberDtor(Block, FI);
*67e74705SXin Li      }
*67e74705SXin Li  }
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// createOrReuseLocalScope - If Scope is NULL create new LocalScope. Either
*67e74705SXin Li/// way return valid LocalScope object.
*67e74705SXin LiLocalScope* CFGBuilder::createOrReuseLocalScope(LocalScope* Scope) {
*67e74705SXin Li  if (Scope)
*67e74705SXin Li    return Scope;
*67e74705SXin Li  llvm::BumpPtrAllocator &alloc = cfg->getAllocator();
*67e74705SXin Li  return new (alloc.Allocate<LocalScope>())
*67e74705SXin Li      LocalScope(BumpVectorContext(alloc), ScopePos);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// addLocalScopeForStmt - Add LocalScope to local scopes tree for statement
*67e74705SXin Li/// that should create implicit scope (e.g. if/else substatements).
*67e74705SXin Livoid CFGBuilder::addLocalScopeForStmt(Stmt *S) {
*67e74705SXin Li  if (!BuildOpts.AddImplicitDtors)
*67e74705SXin Li    return;
*67e74705SXin Li
*67e74705SXin Li  LocalScope *Scope = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // For compound statement we will be creating explicit scope.
*67e74705SXin Li  if (CompoundStmt *CS = dyn_cast<CompoundStmt>(S)) {
*67e74705SXin Li    for (auto *BI : CS->body()) {
*67e74705SXin Li      Stmt *SI = BI->stripLabelLikeStatements();
*67e74705SXin Li      if (DeclStmt *DS = dyn_cast<DeclStmt>(SI))
*67e74705SXin Li        Scope = addLocalScopeForDeclStmt(DS, Scope);
*67e74705SXin Li    }
*67e74705SXin Li    return;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // For any other statement scope will be implicit and as such will be
*67e74705SXin Li  // interesting only for DeclStmt.
*67e74705SXin Li  if (DeclStmt *DS = dyn_cast<DeclStmt>(S->stripLabelLikeStatements()))
*67e74705SXin Li    addLocalScopeForDeclStmt(DS);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// addLocalScopeForDeclStmt - Add LocalScope for declaration statement. Will
*67e74705SXin Li/// reuse Scope if not NULL.
*67e74705SXin LiLocalScope* CFGBuilder::addLocalScopeForDeclStmt(DeclStmt *DS,
*67e74705SXin Li                                                 LocalScope* Scope) {
*67e74705SXin Li  if (!BuildOpts.AddImplicitDtors)
*67e74705SXin Li    return Scope;
*67e74705SXin Li
*67e74705SXin Li  for (auto *DI : DS->decls())
*67e74705SXin Li    if (VarDecl *VD = dyn_cast<VarDecl>(DI))
*67e74705SXin Li      Scope = addLocalScopeForVarDecl(VD, Scope);
*67e74705SXin Li  return Scope;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// addLocalScopeForVarDecl - Add LocalScope for variable declaration. It will
*67e74705SXin Li/// create add scope for automatic objects and temporary objects bound to
*67e74705SXin Li/// const reference. Will reuse Scope if not NULL.
*67e74705SXin LiLocalScope* CFGBuilder::addLocalScopeForVarDecl(VarDecl *VD,
*67e74705SXin Li                                                LocalScope* Scope) {
*67e74705SXin Li  if (!BuildOpts.AddImplicitDtors)
*67e74705SXin Li    return Scope;
*67e74705SXin Li
*67e74705SXin Li  // Check if variable is local.
*67e74705SXin Li  switch (VD->getStorageClass()) {
*67e74705SXin Li  case SC_None:
*67e74705SXin Li  case SC_Auto:
*67e74705SXin Li  case SC_Register:
*67e74705SXin Li    break;
*67e74705SXin Li  default: return Scope;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Check for const references bound to temporary. Set type to pointee.
*67e74705SXin Li  QualType QT = VD->getType();
*67e74705SXin Li  if (QT.getTypePtr()->isReferenceType()) {
*67e74705SXin Li    // Attempt to determine whether this declaration lifetime-extends a
*67e74705SXin Li    // temporary.
*67e74705SXin Li    //
*67e74705SXin Li    // FIXME: This is incorrect. Non-reference declarations can lifetime-extend
*67e74705SXin Li    // temporaries, and a single declaration can extend multiple temporaries.
*67e74705SXin Li    // We should look at the storage duration on each nested
*67e74705SXin Li    // MaterializeTemporaryExpr instead.
*67e74705SXin Li    const Expr *Init = VD->getInit();
*67e74705SXin Li    if (!Init)
*67e74705SXin Li      return Scope;
*67e74705SXin Li    if (const ExprWithCleanups *EWC = dyn_cast<ExprWithCleanups>(Init))
*67e74705SXin Li      Init = EWC->getSubExpr();
*67e74705SXin Li    if (!isa<MaterializeTemporaryExpr>(Init))
*67e74705SXin Li      return Scope;
*67e74705SXin Li
*67e74705SXin Li    // Lifetime-extending a temporary.
*67e74705SXin Li    QT = getReferenceInitTemporaryType(*Context, Init);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Check for constant size array. Set type to array element type.
*67e74705SXin Li  while (const ConstantArrayType *AT = Context->getAsConstantArrayType(QT)) {
*67e74705SXin Li    if (AT->getSize() == 0)
*67e74705SXin Li      return Scope;
*67e74705SXin Li    QT = AT->getElementType();
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Check if type is a C++ class with non-trivial destructor.
*67e74705SXin Li  if (const CXXRecordDecl *CD = QT->getAsCXXRecordDecl())
*67e74705SXin Li    if (!CD->hasTrivialDestructor()) {
*67e74705SXin Li      // Add the variable to scope
*67e74705SXin Li      Scope = createOrReuseLocalScope(Scope);
*67e74705SXin Li      Scope->addVar(VD);
*67e74705SXin Li      ScopePos = Scope->begin();
*67e74705SXin Li    }
*67e74705SXin Li  return Scope;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// addLocalScopeAndDtors - For given statement add local scope for it and
*67e74705SXin Li/// add destructors that will cleanup the scope. Will reuse Scope if not NULL.
*67e74705SXin Livoid CFGBuilder::addLocalScopeAndDtors(Stmt *S) {
*67e74705SXin Li  if (!BuildOpts.AddImplicitDtors)
*67e74705SXin Li    return;
*67e74705SXin Li
*67e74705SXin Li  LocalScope::const_iterator scopeBeginPos = ScopePos;
*67e74705SXin Li  addLocalScopeForStmt(S);
*67e74705SXin Li  addAutomaticObjDtors(ScopePos, scopeBeginPos, S);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// prependAutomaticObjDtorsWithTerminator - Prepend destructor CFGElements for
*67e74705SXin Li/// variables with automatic storage duration to CFGBlock's elements vector.
*67e74705SXin Li/// Elements will be prepended to physical beginning of the vector which
*67e74705SXin Li/// happens to be logical end. Use blocks terminator as statement that specifies
*67e74705SXin Li/// destructors call site.
*67e74705SXin Li/// FIXME: This mechanism for adding automatic destructors doesn't handle
*67e74705SXin Li/// no-return destructors properly.
*67e74705SXin Livoid CFGBuilder::prependAutomaticObjDtorsWithTerminator(CFGBlock *Blk,
*67e74705SXin Li    LocalScope::const_iterator B, LocalScope::const_iterator E) {
*67e74705SXin Li  BumpVectorContext &C = cfg->getBumpVectorContext();
*67e74705SXin Li  CFGBlock::iterator InsertPos
*67e74705SXin Li    = Blk->beginAutomaticObjDtorsInsert(Blk->end(), B.distance(E), C);
*67e74705SXin Li  for (LocalScope::const_iterator I = B; I != E; ++I)
*67e74705SXin Li    InsertPos = Blk->insertAutomaticObjDtor(InsertPos, *I,
*67e74705SXin Li                                            Blk->getTerminator());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// Visit - Walk the subtree of a statement and add extra
*67e74705SXin Li///   blocks for ternary operators, &&, and ||.  We also process "," and
*67e74705SXin Li///   DeclStmts (which may contain nested control-flow).
*67e74705SXin LiCFGBlock *CFGBuilder::Visit(Stmt * S, AddStmtChoice asc) {
*67e74705SXin Li  if (!S) {
*67e74705SXin Li    badCFG = true;
*67e74705SXin Li    return nullptr;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (Expr *E = dyn_cast<Expr>(S))
*67e74705SXin Li    S = E->IgnoreParens();
*67e74705SXin Li
*67e74705SXin Li  switch (S->getStmtClass()) {
*67e74705SXin Li    default:
*67e74705SXin Li      return VisitStmt(S, asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::AddrLabelExprClass:
*67e74705SXin Li      return VisitAddrLabelExpr(cast<AddrLabelExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::BinaryConditionalOperatorClass:
*67e74705SXin Li      return VisitConditionalOperator(cast<BinaryConditionalOperator>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::BinaryOperatorClass:
*67e74705SXin Li      return VisitBinaryOperator(cast<BinaryOperator>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::BlockExprClass:
*67e74705SXin Li      return VisitBlockExpr(cast<BlockExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::BreakStmtClass:
*67e74705SXin Li      return VisitBreakStmt(cast<BreakStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CallExprClass:
*67e74705SXin Li    case Stmt::CXXOperatorCallExprClass:
*67e74705SXin Li    case Stmt::CXXMemberCallExprClass:
*67e74705SXin Li    case Stmt::UserDefinedLiteralClass:
*67e74705SXin Li      return VisitCallExpr(cast<CallExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CaseStmtClass:
*67e74705SXin Li      return VisitCaseStmt(cast<CaseStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ChooseExprClass:
*67e74705SXin Li      return VisitChooseExpr(cast<ChooseExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CompoundStmtClass:
*67e74705SXin Li      return VisitCompoundStmt(cast<CompoundStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ConditionalOperatorClass:
*67e74705SXin Li      return VisitConditionalOperator(cast<ConditionalOperator>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ContinueStmtClass:
*67e74705SXin Li      return VisitContinueStmt(cast<ContinueStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXCatchStmtClass:
*67e74705SXin Li      return VisitCXXCatchStmt(cast<CXXCatchStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ExprWithCleanupsClass:
*67e74705SXin Li      return VisitExprWithCleanups(cast<ExprWithCleanups>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXDefaultArgExprClass:
*67e74705SXin Li    case Stmt::CXXDefaultInitExprClass:
*67e74705SXin Li      // FIXME: The expression inside a CXXDefaultArgExpr is owned by the
*67e74705SXin Li      // called function's declaration, not by the caller. If we simply add
*67e74705SXin Li      // this expression to the CFG, we could end up with the same Expr
*67e74705SXin Li      // appearing multiple times.
*67e74705SXin Li      // PR13385 / <rdar://problem/12156507>
*67e74705SXin Li      //
*67e74705SXin Li      // It's likewise possible for multiple CXXDefaultInitExprs for the same
*67e74705SXin Li      // expression to be used in the same function (through aggregate
*67e74705SXin Li      // initialization).
*67e74705SXin Li      return VisitStmt(S, asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXBindTemporaryExprClass:
*67e74705SXin Li      return VisitCXXBindTemporaryExpr(cast<CXXBindTemporaryExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXConstructExprClass:
*67e74705SXin Li      return VisitCXXConstructExpr(cast<CXXConstructExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXNewExprClass:
*67e74705SXin Li      return VisitCXXNewExpr(cast<CXXNewExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXDeleteExprClass:
*67e74705SXin Li      return VisitCXXDeleteExpr(cast<CXXDeleteExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXFunctionalCastExprClass:
*67e74705SXin Li      return VisitCXXFunctionalCastExpr(cast<CXXFunctionalCastExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXTemporaryObjectExprClass:
*67e74705SXin Li      return VisitCXXTemporaryObjectExpr(cast<CXXTemporaryObjectExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXThrowExprClass:
*67e74705SXin Li      return VisitCXXThrowExpr(cast<CXXThrowExpr>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXTryStmtClass:
*67e74705SXin Li      return VisitCXXTryStmt(cast<CXXTryStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXForRangeStmtClass:
*67e74705SXin Li      return VisitCXXForRangeStmt(cast<CXXForRangeStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::DeclStmtClass:
*67e74705SXin Li      return VisitDeclStmt(cast<DeclStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::DefaultStmtClass:
*67e74705SXin Li      return VisitDefaultStmt(cast<DefaultStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::DoStmtClass:
*67e74705SXin Li      return VisitDoStmt(cast<DoStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ForStmtClass:
*67e74705SXin Li      return VisitForStmt(cast<ForStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::GotoStmtClass:
*67e74705SXin Li      return VisitGotoStmt(cast<GotoStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::IfStmtClass:
*67e74705SXin Li      return VisitIfStmt(cast<IfStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ImplicitCastExprClass:
*67e74705SXin Li      return VisitImplicitCastExpr(cast<ImplicitCastExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::IndirectGotoStmtClass:
*67e74705SXin Li      return VisitIndirectGotoStmt(cast<IndirectGotoStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::LabelStmtClass:
*67e74705SXin Li      return VisitLabelStmt(cast<LabelStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::LambdaExprClass:
*67e74705SXin Li      return VisitLambdaExpr(cast<LambdaExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::MemberExprClass:
*67e74705SXin Li      return VisitMemberExpr(cast<MemberExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::NullStmtClass:
*67e74705SXin Li      return Block;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ObjCAtCatchStmtClass:
*67e74705SXin Li      return VisitObjCAtCatchStmt(cast<ObjCAtCatchStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ObjCAutoreleasePoolStmtClass:
*67e74705SXin Li    return VisitObjCAutoreleasePoolStmt(cast<ObjCAutoreleasePoolStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ObjCAtSynchronizedStmtClass:
*67e74705SXin Li      return VisitObjCAtSynchronizedStmt(cast<ObjCAtSynchronizedStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ObjCAtThrowStmtClass:
*67e74705SXin Li      return VisitObjCAtThrowStmt(cast<ObjCAtThrowStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ObjCAtTryStmtClass:
*67e74705SXin Li      return VisitObjCAtTryStmt(cast<ObjCAtTryStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ObjCForCollectionStmtClass:
*67e74705SXin Li      return VisitObjCForCollectionStmt(cast<ObjCForCollectionStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::OpaqueValueExprClass:
*67e74705SXin Li      return Block;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::PseudoObjectExprClass:
*67e74705SXin Li      return VisitPseudoObjectExpr(cast<PseudoObjectExpr>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ReturnStmtClass:
*67e74705SXin Li      return VisitReturnStmt(cast<ReturnStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::UnaryExprOrTypeTraitExprClass:
*67e74705SXin Li      return VisitUnaryExprOrTypeTraitExpr(cast<UnaryExprOrTypeTraitExpr>(S),
*67e74705SXin Li                                           asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::StmtExprClass:
*67e74705SXin Li      return VisitStmtExpr(cast<StmtExpr>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::SwitchStmtClass:
*67e74705SXin Li      return VisitSwitchStmt(cast<SwitchStmt>(S));
*67e74705SXin Li
*67e74705SXin Li    case Stmt::UnaryOperatorClass:
*67e74705SXin Li      return VisitUnaryOperator(cast<UnaryOperator>(S), asc);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::WhileStmtClass:
*67e74705SXin Li      return VisitWhileStmt(cast<WhileStmt>(S));
*67e74705SXin Li  }
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitStmt(Stmt *S, AddStmtChoice asc) {
*67e74705SXin Li  if (asc.alwaysAdd(*this, S)) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, S);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return VisitChildren(S);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// VisitChildren - Visit the children of a Stmt.
*67e74705SXin LiCFGBlock *CFGBuilder::VisitChildren(Stmt *S) {
*67e74705SXin Li  CFGBlock *B = Block;
*67e74705SXin Li
*67e74705SXin Li  // Visit the children in their reverse order so that they appear in
*67e74705SXin Li  // left-to-right (natural) order in the CFG.
*67e74705SXin Li  reverse_children RChildren(S);
*67e74705SXin Li  for (reverse_children::iterator I = RChildren.begin(), E = RChildren.end();
*67e74705SXin Li       I != E; ++I) {
*67e74705SXin Li    if (Stmt *Child = *I)
*67e74705SXin Li      if (CFGBlock *R = Visit(Child))
*67e74705SXin Li        B = R;
*67e74705SXin Li  }
*67e74705SXin Li  return B;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitAddrLabelExpr(AddrLabelExpr *A,
*67e74705SXin Li                                         AddStmtChoice asc) {
*67e74705SXin Li  AddressTakenLabels.insert(A->getLabel());
*67e74705SXin Li
*67e74705SXin Li  if (asc.alwaysAdd(*this, A)) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, A);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return Block;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitUnaryOperator(UnaryOperator *U,
*67e74705SXin Li           AddStmtChoice asc) {
*67e74705SXin Li  if (asc.alwaysAdd(*this, U)) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, U);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return Visit(U->getSubExpr(), AddStmtChoice());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitLogicalOperator(BinaryOperator *B) {
*67e74705SXin Li  CFGBlock *ConfluenceBlock = Block ? Block : createBlock();
*67e74705SXin Li  appendStmt(ConfluenceBlock, B);
*67e74705SXin Li
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  return VisitLogicalOperator(B, nullptr, ConfluenceBlock,
*67e74705SXin Li                              ConfluenceBlock).first;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Listd::pair<CFGBlock*, CFGBlock*>
*67e74705SXin LiCFGBuilder::VisitLogicalOperator(BinaryOperator *B,
*67e74705SXin Li                                 Stmt *Term,
*67e74705SXin Li                                 CFGBlock *TrueBlock,
*67e74705SXin Li                                 CFGBlock *FalseBlock) {
*67e74705SXin Li
*67e74705SXin Li  // Introspect the RHS.  If it is a nested logical operation, we recursively
*67e74705SXin Li  // build the CFG using this function.  Otherwise, resort to default
*67e74705SXin Li  // CFG construction behavior.
*67e74705SXin Li  Expr *RHS = B->getRHS()->IgnoreParens();
*67e74705SXin Li  CFGBlock *RHSBlock, *ExitBlock;
*67e74705SXin Li
*67e74705SXin Li  do {
*67e74705SXin Li    if (BinaryOperator *B_RHS = dyn_cast<BinaryOperator>(RHS))
*67e74705SXin Li      if (B_RHS->isLogicalOp()) {
*67e74705SXin Li        std::tie(RHSBlock, ExitBlock) =
*67e74705SXin Li          VisitLogicalOperator(B_RHS, Term, TrueBlock, FalseBlock);
*67e74705SXin Li        break;
*67e74705SXin Li      }
*67e74705SXin Li
*67e74705SXin Li    // The RHS is not a nested logical operation.  Don't push the terminator
*67e74705SXin Li    // down further, but instead visit RHS and construct the respective
*67e74705SXin Li    // pieces of the CFG, and link up the RHSBlock with the terminator
*67e74705SXin Li    // we have been provided.
*67e74705SXin Li    ExitBlock = RHSBlock = createBlock(false);
*67e74705SXin Li
*67e74705SXin Li    if (!Term) {
*67e74705SXin Li      assert(TrueBlock == FalseBlock);
*67e74705SXin Li      addSuccessor(RHSBlock, TrueBlock);
*67e74705SXin Li    }
*67e74705SXin Li    else {
*67e74705SXin Li      RHSBlock->setTerminator(Term);
*67e74705SXin Li      TryResult KnownVal = tryEvaluateBool(RHS);
*67e74705SXin Li      if (!KnownVal.isKnown())
*67e74705SXin Li        KnownVal = tryEvaluateBool(B);
*67e74705SXin Li      addSuccessor(RHSBlock, TrueBlock, !KnownVal.isFalse());
*67e74705SXin Li      addSuccessor(RHSBlock, FalseBlock, !KnownVal.isTrue());
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    Block = RHSBlock;
*67e74705SXin Li    RHSBlock = addStmt(RHS);
*67e74705SXin Li  }
*67e74705SXin Li  while (false);
*67e74705SXin Li
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return std::make_pair(nullptr, nullptr);
*67e74705SXin Li
*67e74705SXin Li  // Generate the blocks for evaluating the LHS.
*67e74705SXin Li  Expr *LHS = B->getLHS()->IgnoreParens();
*67e74705SXin Li
*67e74705SXin Li  if (BinaryOperator *B_LHS = dyn_cast<BinaryOperator>(LHS))
*67e74705SXin Li    if (B_LHS->isLogicalOp()) {
*67e74705SXin Li      if (B->getOpcode() == BO_LOr)
*67e74705SXin Li        FalseBlock = RHSBlock;
*67e74705SXin Li      else
*67e74705SXin Li        TrueBlock = RHSBlock;
*67e74705SXin Li
*67e74705SXin Li      // For the LHS, treat 'B' as the terminator that we want to sink
*67e74705SXin Li      // into the nested branch.  The RHS always gets the top-most
*67e74705SXin Li      // terminator.
*67e74705SXin Li      return VisitLogicalOperator(B_LHS, B, TrueBlock, FalseBlock);
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li  // Create the block evaluating the LHS.
*67e74705SXin Li  // This contains the '&&' or '||' as the terminator.
*67e74705SXin Li  CFGBlock *LHSBlock = createBlock(false);
*67e74705SXin Li  LHSBlock->setTerminator(B);
*67e74705SXin Li
*67e74705SXin Li  Block = LHSBlock;
*67e74705SXin Li  CFGBlock *EntryLHSBlock = addStmt(LHS);
*67e74705SXin Li
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return std::make_pair(nullptr, nullptr);
*67e74705SXin Li
*67e74705SXin Li  // See if this is a known constant.
*67e74705SXin Li  TryResult KnownVal = tryEvaluateBool(LHS);
*67e74705SXin Li
*67e74705SXin Li  // Now link the LHSBlock with RHSBlock.
*67e74705SXin Li  if (B->getOpcode() == BO_LOr) {
*67e74705SXin Li    addSuccessor(LHSBlock, TrueBlock, !KnownVal.isFalse());
*67e74705SXin Li    addSuccessor(LHSBlock, RHSBlock, !KnownVal.isTrue());
*67e74705SXin Li  } else {
*67e74705SXin Li    assert(B->getOpcode() == BO_LAnd);
*67e74705SXin Li    addSuccessor(LHSBlock, RHSBlock, !KnownVal.isFalse());
*67e74705SXin Li    addSuccessor(LHSBlock, FalseBlock, !KnownVal.isTrue());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return std::make_pair(EntryLHSBlock, ExitBlock);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitBinaryOperator(BinaryOperator *B,
*67e74705SXin Li                                          AddStmtChoice asc) {
*67e74705SXin Li   // && or ||
*67e74705SXin Li  if (B->isLogicalOp())
*67e74705SXin Li    return VisitLogicalOperator(B);
*67e74705SXin Li
*67e74705SXin Li  if (B->getOpcode() == BO_Comma) { // ,
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, B);
*67e74705SXin Li    addStmt(B->getRHS());
*67e74705SXin Li    return addStmt(B->getLHS());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (B->isAssignmentOp()) {
*67e74705SXin Li    if (asc.alwaysAdd(*this, B)) {
*67e74705SXin Li      autoCreateBlock();
*67e74705SXin Li      appendStmt(Block, B);
*67e74705SXin Li    }
*67e74705SXin Li    Visit(B->getLHS());
*67e74705SXin Li    return Visit(B->getRHS());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (asc.alwaysAdd(*this, B)) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, B);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *RBlock = Visit(B->getRHS());
*67e74705SXin Li  CFGBlock *LBlock = Visit(B->getLHS());
*67e74705SXin Li  // If visiting RHS causes us to finish 'Block', e.g. the RHS is a StmtExpr
*67e74705SXin Li  // containing a DoStmt, and the LHS doesn't create a new block, then we should
*67e74705SXin Li  // return RBlock.  Otherwise we'll incorrectly return NULL.
*67e74705SXin Li  return (LBlock ? LBlock : RBlock);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitNoRecurse(Expr *E, AddStmtChoice asc) {
*67e74705SXin Li  if (asc.alwaysAdd(*this, E)) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, E);
*67e74705SXin Li  }
*67e74705SXin Li  return Block;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitBreakStmt(BreakStmt *B) {
*67e74705SXin Li  // "break" is a control-flow statement.  Thus we stop processing the current
*67e74705SXin Li  // block.
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Now create a new block that ends with the break statement.
*67e74705SXin Li  Block = createBlock(false);
*67e74705SXin Li  Block->setTerminator(B);
*67e74705SXin Li
*67e74705SXin Li  // If there is no target for the break, then we are looking at an incomplete
*67e74705SXin Li  // AST.  This means that the CFG cannot be constructed.
*67e74705SXin Li  if (BreakJumpTarget.block) {
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, BreakJumpTarget.scopePosition, B);
*67e74705SXin Li    addSuccessor(Block, BreakJumpTarget.block);
*67e74705SXin Li  } else
*67e74705SXin Li    badCFG = true;
*67e74705SXin Li
*67e74705SXin Li
*67e74705SXin Li  return Block;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Listatic bool CanThrow(Expr *E, ASTContext &Ctx) {
*67e74705SXin Li  QualType Ty = E->getType();
*67e74705SXin Li  if (Ty->isFunctionPointerType())
*67e74705SXin Li    Ty = Ty->getAs<PointerType>()->getPointeeType();
*67e74705SXin Li  else if (Ty->isBlockPointerType())
*67e74705SXin Li    Ty = Ty->getAs<BlockPointerType>()->getPointeeType();
*67e74705SXin Li
*67e74705SXin Li  const FunctionType *FT = Ty->getAs<FunctionType>();
*67e74705SXin Li  if (FT) {
*67e74705SXin Li    if (const FunctionProtoType *Proto = dyn_cast<FunctionProtoType>(FT))
*67e74705SXin Li      if (!isUnresolvedExceptionSpec(Proto->getExceptionSpecType()) &&
*67e74705SXin Li          Proto->isNothrow(Ctx))
*67e74705SXin Li        return false;
*67e74705SXin Li  }
*67e74705SXin Li  return true;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCallExpr(CallExpr *C, AddStmtChoice asc) {
*67e74705SXin Li  // Compute the callee type.
*67e74705SXin Li  QualType calleeType = C->getCallee()->getType();
*67e74705SXin Li  if (calleeType == Context->BoundMemberTy) {
*67e74705SXin Li    QualType boundType = Expr::findBoundMemberType(C->getCallee());
*67e74705SXin Li
*67e74705SXin Li    // We should only get a null bound type if processing a dependent
*67e74705SXin Li    // CFG.  Recover by assuming nothing.
*67e74705SXin Li    if (!boundType.isNull()) calleeType = boundType;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // If this is a call to a no-return function, this stops the block here.
*67e74705SXin Li  bool NoReturn = getFunctionExtInfo(*calleeType).getNoReturn();
*67e74705SXin Li
*67e74705SXin Li  bool AddEHEdge = false;
*67e74705SXin Li
*67e74705SXin Li  // Languages without exceptions are assumed to not throw.
*67e74705SXin Li  if (Context->getLangOpts().Exceptions) {
*67e74705SXin Li    if (BuildOpts.AddEHEdges)
*67e74705SXin Li      AddEHEdge = true;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // If this is a call to a builtin function, it might not actually evaluate
*67e74705SXin Li  // its arguments. Don't add them to the CFG if this is the case.
*67e74705SXin Li  bool OmitArguments = false;
*67e74705SXin Li
*67e74705SXin Li  if (FunctionDecl *FD = C->getDirectCallee()) {
*67e74705SXin Li    if (FD->isNoReturn())
*67e74705SXin Li      NoReturn = true;
*67e74705SXin Li    if (FD->hasAttr<NoThrowAttr>())
*67e74705SXin Li      AddEHEdge = false;
*67e74705SXin Li    if (FD->getBuiltinID() == Builtin::BI__builtin_object_size)
*67e74705SXin Li      OmitArguments = true;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (!CanThrow(C->getCallee(), *Context))
*67e74705SXin Li    AddEHEdge = false;
*67e74705SXin Li
*67e74705SXin Li  if (OmitArguments) {
*67e74705SXin Li    assert(!NoReturn && "noreturn calls with unevaluated args not implemented");
*67e74705SXin Li    assert(!AddEHEdge && "EH calls with unevaluated args not implemented");
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, C);
*67e74705SXin Li    return Visit(C->getCallee());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (!NoReturn && !AddEHEdge) {
*67e74705SXin Li    return VisitStmt(C, asc.withAlwaysAdd(true));
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (Block) {
*67e74705SXin Li    Succ = Block;
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (NoReturn)
*67e74705SXin Li    Block = createNoReturnBlock();
*67e74705SXin Li  else
*67e74705SXin Li    Block = createBlock();
*67e74705SXin Li
*67e74705SXin Li  appendStmt(Block, C);
*67e74705SXin Li
*67e74705SXin Li  if (AddEHEdge) {
*67e74705SXin Li    // Add exceptional edges.
*67e74705SXin Li    if (TryTerminatedBlock)
*67e74705SXin Li      addSuccessor(Block, TryTerminatedBlock);
*67e74705SXin Li    else
*67e74705SXin Li      addSuccessor(Block, &cfg->getExit());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return VisitChildren(C);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitChooseExpr(ChooseExpr *C,
*67e74705SXin Li                                      AddStmtChoice asc) {
*67e74705SXin Li  CFGBlock *ConfluenceBlock = Block ? Block : createBlock();
*67e74705SXin Li  appendStmt(ConfluenceBlock, C);
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  AddStmtChoice alwaysAdd = asc.withAlwaysAdd(true);
*67e74705SXin Li  Succ = ConfluenceBlock;
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li  CFGBlock *LHSBlock = Visit(C->getLHS(), alwaysAdd);
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  Succ = ConfluenceBlock;
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li  CFGBlock *RHSBlock = Visit(C->getRHS(), alwaysAdd);
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  Block = createBlock(false);
*67e74705SXin Li  // See if this is a known constant.
*67e74705SXin Li  const TryResult& KnownVal = tryEvaluateBool(C->getCond());
*67e74705SXin Li  addSuccessor(Block, KnownVal.isFalse() ? nullptr : LHSBlock);
*67e74705SXin Li  addSuccessor(Block, KnownVal.isTrue() ? nullptr : RHSBlock);
*67e74705SXin Li  Block->setTerminator(C);
*67e74705SXin Li  return addStmt(C->getCond());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCompoundStmt(CompoundStmt *C) {
*67e74705SXin Li  LocalScope::const_iterator scopeBeginPos = ScopePos;
*67e74705SXin Li  if (BuildOpts.AddImplicitDtors) {
*67e74705SXin Li    addLocalScopeForStmt(C);
*67e74705SXin Li  }
*67e74705SXin Li  if (!C->body_empty() && !isa<ReturnStmt>(*C->body_rbegin())) {
*67e74705SXin Li    // If the body ends with a ReturnStmt, the dtors will be added in
*67e74705SXin Li    // VisitReturnStmt.
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, scopeBeginPos, C);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *LastBlock = Block;
*67e74705SXin Li
*67e74705SXin Li  for (CompoundStmt::reverse_body_iterator I=C->body_rbegin(), E=C->body_rend();
*67e74705SXin Li       I != E; ++I ) {
*67e74705SXin Li    // If we hit a segment of code just containing ';' (NullStmts), we can
*67e74705SXin Li    // get a null block back.  In such cases, just use the LastBlock
*67e74705SXin Li    if (CFGBlock *newBlock = addStmt(*I))
*67e74705SXin Li      LastBlock = newBlock;
*67e74705SXin Li
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return LastBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitConditionalOperator(AbstractConditionalOperator *C,
*67e74705SXin Li                                               AddStmtChoice asc) {
*67e74705SXin Li  const BinaryConditionalOperator *BCO = dyn_cast<BinaryConditionalOperator>(C);
*67e74705SXin Li  const OpaqueValueExpr *opaqueValue = (BCO ? BCO->getOpaqueValue() : nullptr);
*67e74705SXin Li
*67e74705SXin Li  // Create the confluence block that will "merge" the results of the ternary
*67e74705SXin Li  // expression.
*67e74705SXin Li  CFGBlock *ConfluenceBlock = Block ? Block : createBlock();
*67e74705SXin Li  appendStmt(ConfluenceBlock, C);
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  AddStmtChoice alwaysAdd = asc.withAlwaysAdd(true);
*67e74705SXin Li
*67e74705SXin Li  // Create a block for the LHS expression if there is an LHS expression.  A
*67e74705SXin Li  // GCC extension allows LHS to be NULL, causing the condition to be the
*67e74705SXin Li  // value that is returned instead.
*67e74705SXin Li  //  e.g: x ?: y is shorthand for: x ? x : y;
*67e74705SXin Li  Succ = ConfluenceBlock;
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li  CFGBlock *LHSBlock = nullptr;
*67e74705SXin Li  const Expr *trueExpr = C->getTrueExpr();
*67e74705SXin Li  if (trueExpr != opaqueValue) {
*67e74705SXin Li    LHSBlock = Visit(C->getTrueExpr(), alwaysAdd);
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    Block = nullptr;
*67e74705SXin Li  }
*67e74705SXin Li  else
*67e74705SXin Li    LHSBlock = ConfluenceBlock;
*67e74705SXin Li
*67e74705SXin Li  // Create the block for the RHS expression.
*67e74705SXin Li  Succ = ConfluenceBlock;
*67e74705SXin Li  CFGBlock *RHSBlock = Visit(C->getFalseExpr(), alwaysAdd);
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  // If the condition is a logical '&&' or '||', build a more accurate CFG.
*67e74705SXin Li  if (BinaryOperator *Cond =
*67e74705SXin Li        dyn_cast<BinaryOperator>(C->getCond()->IgnoreParens()))
*67e74705SXin Li    if (Cond->isLogicalOp())
*67e74705SXin Li      return VisitLogicalOperator(Cond, C, LHSBlock, RHSBlock).first;
*67e74705SXin Li
*67e74705SXin Li  // Create the block that will contain the condition.
*67e74705SXin Li  Block = createBlock(false);
*67e74705SXin Li
*67e74705SXin Li  // See if this is a known constant.
*67e74705SXin Li  const TryResult& KnownVal = tryEvaluateBool(C->getCond());
*67e74705SXin Li  addSuccessor(Block, LHSBlock, !KnownVal.isFalse());
*67e74705SXin Li  addSuccessor(Block, RHSBlock, !KnownVal.isTrue());
*67e74705SXin Li  Block->setTerminator(C);
*67e74705SXin Li  Expr *condExpr = C->getCond();
*67e74705SXin Li
*67e74705SXin Li  if (opaqueValue) {
*67e74705SXin Li    // Run the condition expression if it's not trivially expressed in
*67e74705SXin Li    // terms of the opaque value (or if there is no opaque value).
*67e74705SXin Li    if (condExpr != opaqueValue)
*67e74705SXin Li      addStmt(condExpr);
*67e74705SXin Li
*67e74705SXin Li    // Before that, run the common subexpression if there was one.
*67e74705SXin Li    // At least one of this or the above will be run.
*67e74705SXin Li    return addStmt(BCO->getCommon());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return addStmt(condExpr);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitDeclStmt(DeclStmt *DS) {
*67e74705SXin Li  // Check if the Decl is for an __label__.  If so, elide it from the
*67e74705SXin Li  // CFG entirely.
*67e74705SXin Li  if (isa<LabelDecl>(*DS->decl_begin()))
*67e74705SXin Li    return Block;
*67e74705SXin Li
*67e74705SXin Li  // This case also handles static_asserts.
*67e74705SXin Li  if (DS->isSingleDecl())
*67e74705SXin Li    return VisitDeclSubExpr(DS);
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *B = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Build an individual DeclStmt for each decl.
*67e74705SXin Li  for (DeclStmt::reverse_decl_iterator I = DS->decl_rbegin(),
*67e74705SXin Li                                       E = DS->decl_rend();
*67e74705SXin Li       I != E; ++I) {
*67e74705SXin Li    // Get the alignment of the new DeclStmt, padding out to >=8 bytes.
*67e74705SXin Li    unsigned A = llvm::AlignOf<DeclStmt>::Alignment < 8
*67e74705SXin Li               ? 8 : llvm::AlignOf<DeclStmt>::Alignment;
*67e74705SXin Li
*67e74705SXin Li    // Allocate the DeclStmt using the BumpPtrAllocator.  It will get
*67e74705SXin Li    // automatically freed with the CFG.
*67e74705SXin Li    DeclGroupRef DG(*I);
*67e74705SXin Li    Decl *D = *I;
*67e74705SXin Li    void *Mem = cfg->getAllocator().Allocate(sizeof(DeclStmt), A);
*67e74705SXin Li    DeclStmt *DSNew = new (Mem) DeclStmt(DG, D->getLocation(), GetEndLoc(D));
*67e74705SXin Li    cfg->addSyntheticDeclStmt(DSNew, DS);
*67e74705SXin Li
*67e74705SXin Li    // Append the fake DeclStmt to block.
*67e74705SXin Li    B = VisitDeclSubExpr(DSNew);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return B;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// VisitDeclSubExpr - Utility method to add block-level expressions for
*67e74705SXin Li/// DeclStmts and initializers in them.
*67e74705SXin LiCFGBlock *CFGBuilder::VisitDeclSubExpr(DeclStmt *DS) {
*67e74705SXin Li  assert(DS->isSingleDecl() && "Can handle single declarations only.");
*67e74705SXin Li  VarDecl *VD = dyn_cast<VarDecl>(DS->getSingleDecl());
*67e74705SXin Li
*67e74705SXin Li  if (!VD) {
*67e74705SXin Li    // Of everything that can be declared in a DeclStmt, only VarDecls impact
*67e74705SXin Li    // runtime semantics.
*67e74705SXin Li    return Block;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  bool HasTemporaries = false;
*67e74705SXin Li
*67e74705SXin Li  // Guard static initializers under a branch.
*67e74705SXin Li  CFGBlock *blockAfterStaticInit = nullptr;
*67e74705SXin Li
*67e74705SXin Li  if (BuildOpts.AddStaticInitBranches && VD->isStaticLocal()) {
*67e74705SXin Li    // For static variables, we need to create a branch to track
*67e74705SXin Li    // whether or not they are initialized.
*67e74705SXin Li    if (Block) {
*67e74705SXin Li      Succ = Block;
*67e74705SXin Li      Block = nullptr;
*67e74705SXin Li      if (badCFG)
*67e74705SXin Li        return nullptr;
*67e74705SXin Li    }
*67e74705SXin Li    blockAfterStaticInit = Succ;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Destructors of temporaries in initialization expression should be called
*67e74705SXin Li  // after initialization finishes.
*67e74705SXin Li  Expr *Init = VD->getInit();
*67e74705SXin Li  if (Init) {
*67e74705SXin Li    HasTemporaries = isa<ExprWithCleanups>(Init);
*67e74705SXin Li
*67e74705SXin Li    if (BuildOpts.AddTemporaryDtors && HasTemporaries) {
*67e74705SXin Li      // Generate destructors for temporaries in initialization expression.
*67e74705SXin Li      TempDtorContext Context;
*67e74705SXin Li      VisitForTemporaryDtors(cast<ExprWithCleanups>(Init)->getSubExpr(),
*67e74705SXin Li                             /*BindToTemporary=*/false, Context);
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  autoCreateBlock();
*67e74705SXin Li  appendStmt(Block, DS);
*67e74705SXin Li
*67e74705SXin Li  // Keep track of the last non-null block, as 'Block' can be nulled out
*67e74705SXin Li  // if the initializer expression is something like a 'while' in a
*67e74705SXin Li  // statement-expression.
*67e74705SXin Li  CFGBlock *LastBlock = Block;
*67e74705SXin Li
*67e74705SXin Li  if (Init) {
*67e74705SXin Li    if (HasTemporaries) {
*67e74705SXin Li      // For expression with temporaries go directly to subexpression to omit
*67e74705SXin Li      // generating destructors for the second time.
*67e74705SXin Li      ExprWithCleanups *EC = cast<ExprWithCleanups>(Init);
*67e74705SXin Li      if (CFGBlock *newBlock = Visit(EC->getSubExpr()))
*67e74705SXin Li        LastBlock = newBlock;
*67e74705SXin Li    }
*67e74705SXin Li    else {
*67e74705SXin Li      if (CFGBlock *newBlock = Visit(Init))
*67e74705SXin Li        LastBlock = newBlock;
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // If the type of VD is a VLA, then we must process its size expressions.
*67e74705SXin Li  for (const VariableArrayType* VA = FindVA(VD->getType().getTypePtr());
*67e74705SXin Li       VA != nullptr; VA = FindVA(VA->getElementType().getTypePtr())) {
*67e74705SXin Li    if (CFGBlock *newBlock = addStmt(VA->getSizeExpr()))
*67e74705SXin Li      LastBlock = newBlock;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Remove variable from local scope.
*67e74705SXin Li  if (ScopePos && VD == *ScopePos)
*67e74705SXin Li    ++ScopePos;
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *B = LastBlock;
*67e74705SXin Li  if (blockAfterStaticInit) {
*67e74705SXin Li    Succ = B;
*67e74705SXin Li    Block = createBlock(false);
*67e74705SXin Li    Block->setTerminator(DS);
*67e74705SXin Li    addSuccessor(Block, blockAfterStaticInit);
*67e74705SXin Li    addSuccessor(Block, B);
*67e74705SXin Li    B = Block;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return B;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitIfStmt(IfStmt *I) {
*67e74705SXin Li  // We may see an if statement in the middle of a basic block, or it may be the
*67e74705SXin Li  // first statement we are processing.  In either case, we create a new basic
*67e74705SXin Li  // block.  First, we create the blocks for the then...else statements, and
*67e74705SXin Li  // then we create the block containing the if statement.  If we were in the
*67e74705SXin Li  // middle of a block, we stop processing that block.  That block is then the
*67e74705SXin Li  // implicit successor for the "then" and "else" clauses.
*67e74705SXin Li
*67e74705SXin Li  // Save local scope position because in case of condition variable ScopePos
*67e74705SXin Li  // won't be restored when traversing AST.
*67e74705SXin Li  SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos);
*67e74705SXin Li
*67e74705SXin Li  // Create local scope for C++17 if init-stmt if one exists.
*67e74705SXin Li  if (Stmt *Init = I->getInit()) {
*67e74705SXin Li    LocalScope::const_iterator BeginScopePos = ScopePos;
*67e74705SXin Li    addLocalScopeForStmt(Init);
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, BeginScopePos, I);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Create local scope for possible condition variable.
*67e74705SXin Li  // Store scope position. Add implicit destructor.
*67e74705SXin Li  if (VarDecl *VD = I->getConditionVariable()) {
*67e74705SXin Li    LocalScope::const_iterator BeginScopePos = ScopePos;
*67e74705SXin Li    addLocalScopeForVarDecl(VD);
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, BeginScopePos, I);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // The block we were processing is now finished.  Make it the successor
*67e74705SXin Li  // block.
*67e74705SXin Li  if (Block) {
*67e74705SXin Li    Succ = Block;
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Process the false branch.
*67e74705SXin Li  CFGBlock *ElseBlock = Succ;
*67e74705SXin Li
*67e74705SXin Li  if (Stmt *Else = I->getElse()) {
*67e74705SXin Li    SaveAndRestore<CFGBlock*> sv(Succ);
*67e74705SXin Li
*67e74705SXin Li    // NULL out Block so that the recursive call to Visit will
*67e74705SXin Li    // create a new basic block.
*67e74705SXin Li    Block = nullptr;
*67e74705SXin Li
*67e74705SXin Li    // If branch is not a compound statement create implicit scope
*67e74705SXin Li    // and add destructors.
*67e74705SXin Li    if (!isa<CompoundStmt>(Else))
*67e74705SXin Li      addLocalScopeAndDtors(Else);
*67e74705SXin Li
*67e74705SXin Li    ElseBlock = addStmt(Else);
*67e74705SXin Li
*67e74705SXin Li    if (!ElseBlock) // Can occur when the Else body has all NullStmts.
*67e74705SXin Li      ElseBlock = sv.get();
*67e74705SXin Li    else if (Block) {
*67e74705SXin Li      if (badCFG)
*67e74705SXin Li        return nullptr;
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Process the true branch.
*67e74705SXin Li  CFGBlock *ThenBlock;
*67e74705SXin Li  {
*67e74705SXin Li    Stmt *Then = I->getThen();
*67e74705SXin Li    assert(Then);
*67e74705SXin Li    SaveAndRestore<CFGBlock*> sv(Succ);
*67e74705SXin Li    Block = nullptr;
*67e74705SXin Li
*67e74705SXin Li    // If branch is not a compound statement create implicit scope
*67e74705SXin Li    // and add destructors.
*67e74705SXin Li    if (!isa<CompoundStmt>(Then))
*67e74705SXin Li      addLocalScopeAndDtors(Then);
*67e74705SXin Li
*67e74705SXin Li    ThenBlock = addStmt(Then);
*67e74705SXin Li
*67e74705SXin Li    if (!ThenBlock) {
*67e74705SXin Li      // We can reach here if the "then" body has all NullStmts.
*67e74705SXin Li      // Create an empty block so we can distinguish between true and false
*67e74705SXin Li      // branches in path-sensitive analyses.
*67e74705SXin Li      ThenBlock = createBlock(false);
*67e74705SXin Li      addSuccessor(ThenBlock, sv.get());
*67e74705SXin Li    } else if (Block) {
*67e74705SXin Li      if (badCFG)
*67e74705SXin Li        return nullptr;
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Specially handle "if (expr1 || ...)" and "if (expr1 && ...)" by
*67e74705SXin Li  // having these handle the actual control-flow jump.  Note that
*67e74705SXin Li  // if we introduce a condition variable, e.g. "if (int x = exp1 || exp2)"
*67e74705SXin Li  // we resort to the old control-flow behavior.  This special handling
*67e74705SXin Li  // removes infeasible paths from the control-flow graph by having the
*67e74705SXin Li  // control-flow transfer of '&&' or '||' go directly into the then/else
*67e74705SXin Li  // blocks directly.
*67e74705SXin Li  if (!I->getConditionVariable())
*67e74705SXin Li    if (BinaryOperator *Cond =
*67e74705SXin Li            dyn_cast<BinaryOperator>(I->getCond()->IgnoreParens()))
*67e74705SXin Li      if (Cond->isLogicalOp())
*67e74705SXin Li        return VisitLogicalOperator(Cond, I, ThenBlock, ElseBlock).first;
*67e74705SXin Li
*67e74705SXin Li  // Now create a new block containing the if statement.
*67e74705SXin Li  Block = createBlock(false);
*67e74705SXin Li
*67e74705SXin Li  // Set the terminator of the new block to the If statement.
*67e74705SXin Li  Block->setTerminator(I);
*67e74705SXin Li
*67e74705SXin Li  // See if this is a known constant.
*67e74705SXin Li  const TryResult &KnownVal = tryEvaluateBool(I->getCond());
*67e74705SXin Li
*67e74705SXin Li  // Add the successors.  If we know that specific branches are
*67e74705SXin Li  // unreachable, inform addSuccessor() of that knowledge.
*67e74705SXin Li  addSuccessor(Block, ThenBlock, /* isReachable = */ !KnownVal.isFalse());
*67e74705SXin Li  addSuccessor(Block, ElseBlock, /* isReachable = */ !KnownVal.isTrue());
*67e74705SXin Li
*67e74705SXin Li  // Add the condition as the last statement in the new block.  This may create
*67e74705SXin Li  // new blocks as the condition may contain control-flow.  Any newly created
*67e74705SXin Li  // blocks will be pointed to be "Block".
*67e74705SXin Li  CFGBlock *LastBlock = addStmt(I->getCond());
*67e74705SXin Li
*67e74705SXin Li  // If the IfStmt contains a condition variable, add it and its
*67e74705SXin Li  // initializer to the CFG.
*67e74705SXin Li  if (const DeclStmt* DS = I->getConditionVariableDeclStmt()) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    LastBlock = addStmt(const_cast<DeclStmt *>(DS));
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Finally, if the IfStmt contains a C++17 init-stmt, add it to the CFG.
*67e74705SXin Li  if (Stmt *Init = I->getInit()) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    LastBlock = addStmt(Init);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return LastBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitReturnStmt(ReturnStmt *R) {
*67e74705SXin Li  // If we were in the middle of a block we stop processing that block.
*67e74705SXin Li  //
*67e74705SXin Li  // NOTE: If a "return" appears in the middle of a block, this means that the
*67e74705SXin Li  //       code afterwards is DEAD (unreachable).  We still keep a basic block
*67e74705SXin Li  //       for that code; a simple "mark-and-sweep" from the entry block will be
*67e74705SXin Li  //       able to report such dead blocks.
*67e74705SXin Li
*67e74705SXin Li  // Create the new block.
*67e74705SXin Li  Block = createBlock(false);
*67e74705SXin Li
*67e74705SXin Li  addAutomaticObjDtors(ScopePos, LocalScope::const_iterator(), R);
*67e74705SXin Li
*67e74705SXin Li  // If the one of the destructors does not return, we already have the Exit
*67e74705SXin Li  // block as a successor.
*67e74705SXin Li  if (!Block->hasNoReturnElement())
*67e74705SXin Li    addSuccessor(Block, &cfg->getExit());
*67e74705SXin Li
*67e74705SXin Li  // Add the return statement to the block.  This may create new blocks if R
*67e74705SXin Li  // contains control-flow (short-circuit operations).
*67e74705SXin Li  return VisitStmt(R, AddStmtChoice::AlwaysAdd);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitLabelStmt(LabelStmt *L) {
*67e74705SXin Li  // Get the block of the labeled statement.  Add it to our map.
*67e74705SXin Li  addStmt(L->getSubStmt());
*67e74705SXin Li  CFGBlock *LabelBlock = Block;
*67e74705SXin Li
*67e74705SXin Li  if (!LabelBlock)              // This can happen when the body is empty, i.e.
*67e74705SXin Li    LabelBlock = createBlock(); // scopes that only contains NullStmts.
*67e74705SXin Li
*67e74705SXin Li  assert(LabelMap.find(L->getDecl()) == LabelMap.end() &&
*67e74705SXin Li         "label already in map");
*67e74705SXin Li  LabelMap[L->getDecl()] = JumpTarget(LabelBlock, ScopePos);
*67e74705SXin Li
*67e74705SXin Li  // Labels partition blocks, so this is the end of the basic block we were
*67e74705SXin Li  // processing (L is the block's label).  Because this is label (and we have
*67e74705SXin Li  // already processed the substatement) there is no extra control-flow to worry
*67e74705SXin Li  // about.
*67e74705SXin Li  LabelBlock->setLabel(L);
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  // We set Block to NULL to allow lazy creation of a new block (if necessary);
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // This block is now the implicit successor of other blocks.
*67e74705SXin Li  Succ = LabelBlock;
*67e74705SXin Li
*67e74705SXin Li  return LabelBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitBlockExpr(BlockExpr *E, AddStmtChoice asc) {
*67e74705SXin Li  CFGBlock *LastBlock = VisitNoRecurse(E, asc);
*67e74705SXin Li  for (const BlockDecl::Capture &CI : E->getBlockDecl()->captures()) {
*67e74705SXin Li    if (Expr *CopyExpr = CI.getCopyExpr()) {
*67e74705SXin Li      CFGBlock *Tmp = Visit(CopyExpr);
*67e74705SXin Li      if (Tmp)
*67e74705SXin Li        LastBlock = Tmp;
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li  return LastBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitLambdaExpr(LambdaExpr *E, AddStmtChoice asc) {
*67e74705SXin Li  CFGBlock *LastBlock = VisitNoRecurse(E, asc);
*67e74705SXin Li  for (LambdaExpr::capture_init_iterator it = E->capture_init_begin(),
*67e74705SXin Li       et = E->capture_init_end(); it != et; ++it) {
*67e74705SXin Li    if (Expr *Init = *it) {
*67e74705SXin Li      CFGBlock *Tmp = Visit(Init);
*67e74705SXin Li      if (Tmp)
*67e74705SXin Li        LastBlock = Tmp;
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li  return LastBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitGotoStmt(GotoStmt *G) {
*67e74705SXin Li  // Goto is a control-flow statement.  Thus we stop processing the current
*67e74705SXin Li  // block and create a new one.
*67e74705SXin Li
*67e74705SXin Li  Block = createBlock(false);
*67e74705SXin Li  Block->setTerminator(G);
*67e74705SXin Li
*67e74705SXin Li  // If we already know the mapping to the label block add the successor now.
*67e74705SXin Li  LabelMapTy::iterator I = LabelMap.find(G->getLabel());
*67e74705SXin Li
*67e74705SXin Li  if (I == LabelMap.end())
*67e74705SXin Li    // We will need to backpatch this block later.
*67e74705SXin Li    BackpatchBlocks.push_back(JumpSource(Block, ScopePos));
*67e74705SXin Li  else {
*67e74705SXin Li    JumpTarget JT = I->second;
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, JT.scopePosition, G);
*67e74705SXin Li    addSuccessor(Block, JT.block);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return Block;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitForStmt(ForStmt *F) {
*67e74705SXin Li  CFGBlock *LoopSuccessor = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Save local scope position because in case of condition variable ScopePos
*67e74705SXin Li  // won't be restored when traversing AST.
*67e74705SXin Li  SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos);
*67e74705SXin Li
*67e74705SXin Li  // Create local scope for init statement and possible condition variable.
*67e74705SXin Li  // Add destructor for init statement and condition variable.
*67e74705SXin Li  // Store scope position for continue statement.
*67e74705SXin Li  if (Stmt *Init = F->getInit())
*67e74705SXin Li    addLocalScopeForStmt(Init);
*67e74705SXin Li  LocalScope::const_iterator LoopBeginScopePos = ScopePos;
*67e74705SXin Li
*67e74705SXin Li  if (VarDecl *VD = F->getConditionVariable())
*67e74705SXin Li    addLocalScopeForVarDecl(VD);
*67e74705SXin Li  LocalScope::const_iterator ContinueScopePos = ScopePos;
*67e74705SXin Li
*67e74705SXin Li  addAutomaticObjDtors(ScopePos, save_scope_pos.get(), F);
*67e74705SXin Li
*67e74705SXin Li  // "for" is a control-flow statement.  Thus we stop processing the current
*67e74705SXin Li  // block.
*67e74705SXin Li  if (Block) {
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    LoopSuccessor = Block;
*67e74705SXin Li  } else
*67e74705SXin Li    LoopSuccessor = Succ;
*67e74705SXin Li
*67e74705SXin Li  // Save the current value for the break targets.
*67e74705SXin Li  // All breaks should go to the code following the loop.
*67e74705SXin Li  SaveAndRestore<JumpTarget> save_break(BreakJumpTarget);
*67e74705SXin Li  BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos);
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *BodyBlock = nullptr, *TransitionBlock = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Now create the loop body.
*67e74705SXin Li  {
*67e74705SXin Li    assert(F->getBody());
*67e74705SXin Li
*67e74705SXin Li    // Save the current values for Block, Succ, continue and break targets.
*67e74705SXin Li    SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ);
*67e74705SXin Li    SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget);
*67e74705SXin Li
*67e74705SXin Li    // Create an empty block to represent the transition block for looping back
*67e74705SXin Li    // to the head of the loop.  If we have increment code, it will
*67e74705SXin Li    // go in this block as well.
*67e74705SXin Li    Block = Succ = TransitionBlock = createBlock(false);
*67e74705SXin Li    TransitionBlock->setLoopTarget(F);
*67e74705SXin Li
*67e74705SXin Li    if (Stmt *I = F->getInc()) {
*67e74705SXin Li      // Generate increment code in its own basic block.  This is the target of
*67e74705SXin Li      // continue statements.
*67e74705SXin Li      Succ = addStmt(I);
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    // Finish up the increment (or empty) block if it hasn't been already.
*67e74705SXin Li    if (Block) {
*67e74705SXin Li      assert(Block == Succ);
*67e74705SXin Li      if (badCFG)
*67e74705SXin Li        return nullptr;
*67e74705SXin Li      Block = nullptr;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li   // The starting block for the loop increment is the block that should
*67e74705SXin Li   // represent the 'loop target' for looping back to the start of the loop.
*67e74705SXin Li   ContinueJumpTarget = JumpTarget(Succ, ContinueScopePos);
*67e74705SXin Li   ContinueJumpTarget.block->setLoopTarget(F);
*67e74705SXin Li
*67e74705SXin Li    // Loop body should end with destructor of Condition variable (if any).
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, LoopBeginScopePos, F);
*67e74705SXin Li
*67e74705SXin Li    // If body is not a compound statement create implicit scope
*67e74705SXin Li    // and add destructors.
*67e74705SXin Li    if (!isa<CompoundStmt>(F->getBody()))
*67e74705SXin Li      addLocalScopeAndDtors(F->getBody());
*67e74705SXin Li
*67e74705SXin Li    // Now populate the body block, and in the process create new blocks as we
*67e74705SXin Li    // walk the body of the loop.
*67e74705SXin Li    BodyBlock = addStmt(F->getBody());
*67e74705SXin Li
*67e74705SXin Li    if (!BodyBlock) {
*67e74705SXin Li      // In the case of "for (...;...;...);" we can have a null BodyBlock.
*67e74705SXin Li      // Use the continue jump target as the proxy for the body.
*67e74705SXin Li      BodyBlock = ContinueJumpTarget.block;
*67e74705SXin Li    }
*67e74705SXin Li    else if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Because of short-circuit evaluation, the condition of the loop can span
*67e74705SXin Li  // multiple basic blocks.  Thus we need the "Entry" and "Exit" blocks that
*67e74705SXin Li  // evaluate the condition.
*67e74705SXin Li  CFGBlock *EntryConditionBlock = nullptr, *ExitConditionBlock = nullptr;
*67e74705SXin Li
*67e74705SXin Li  do {
*67e74705SXin Li    Expr *C = F->getCond();
*67e74705SXin Li
*67e74705SXin Li    // Specially handle logical operators, which have a slightly
*67e74705SXin Li    // more optimal CFG representation.
*67e74705SXin Li    if (BinaryOperator *Cond =
*67e74705SXin Li            dyn_cast_or_null<BinaryOperator>(C ? C->IgnoreParens() : nullptr))
*67e74705SXin Li      if (Cond->isLogicalOp()) {
*67e74705SXin Li        std::tie(EntryConditionBlock, ExitConditionBlock) =
*67e74705SXin Li          VisitLogicalOperator(Cond, F, BodyBlock, LoopSuccessor);
*67e74705SXin Li        break;
*67e74705SXin Li      }
*67e74705SXin Li
*67e74705SXin Li    // The default case when not handling logical operators.
*67e74705SXin Li    EntryConditionBlock = ExitConditionBlock = createBlock(false);
*67e74705SXin Li    ExitConditionBlock->setTerminator(F);
*67e74705SXin Li
*67e74705SXin Li    // See if this is a known constant.
*67e74705SXin Li    TryResult KnownVal(true);
*67e74705SXin Li
*67e74705SXin Li    if (C) {
*67e74705SXin Li      // Now add the actual condition to the condition block.
*67e74705SXin Li      // Because the condition itself may contain control-flow, new blocks may
*67e74705SXin Li      // be created.  Thus we update "Succ" after adding the condition.
*67e74705SXin Li      Block = ExitConditionBlock;
*67e74705SXin Li      EntryConditionBlock = addStmt(C);
*67e74705SXin Li
*67e74705SXin Li      // If this block contains a condition variable, add both the condition
*67e74705SXin Li      // variable and initializer to the CFG.
*67e74705SXin Li      if (VarDecl *VD = F->getConditionVariable()) {
*67e74705SXin Li        if (Expr *Init = VD->getInit()) {
*67e74705SXin Li          autoCreateBlock();
*67e74705SXin Li          appendStmt(Block, F->getConditionVariableDeclStmt());
*67e74705SXin Li          EntryConditionBlock = addStmt(Init);
*67e74705SXin Li          assert(Block == EntryConditionBlock);
*67e74705SXin Li        }
*67e74705SXin Li      }
*67e74705SXin Li
*67e74705SXin Li      if (Block && badCFG)
*67e74705SXin Li        return nullptr;
*67e74705SXin Li
*67e74705SXin Li      KnownVal = tryEvaluateBool(C);
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    // Add the loop body entry as a successor to the condition.
*67e74705SXin Li    addSuccessor(ExitConditionBlock, KnownVal.isFalse() ? nullptr : BodyBlock);
*67e74705SXin Li    // Link up the condition block with the code that follows the loop.  (the
*67e74705SXin Li    // false branch).
*67e74705SXin Li    addSuccessor(ExitConditionBlock,
*67e74705SXin Li                 KnownVal.isTrue() ? nullptr : LoopSuccessor);
*67e74705SXin Li
*67e74705SXin Li  } while (false);
*67e74705SXin Li
*67e74705SXin Li  // Link up the loop-back block to the entry condition block.
*67e74705SXin Li  addSuccessor(TransitionBlock, EntryConditionBlock);
*67e74705SXin Li
*67e74705SXin Li  // The condition block is the implicit successor for any code above the loop.
*67e74705SXin Li  Succ = EntryConditionBlock;
*67e74705SXin Li
*67e74705SXin Li  // If the loop contains initialization, create a new block for those
*67e74705SXin Li  // statements.  This block can also contain statements that precede the loop.
*67e74705SXin Li  if (Stmt *I = F->getInit()) {
*67e74705SXin Li    Block = createBlock();
*67e74705SXin Li    return addStmt(I);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // There is no loop initialization.  We are thus basically a while loop.
*67e74705SXin Li  // NULL out Block to force lazy block construction.
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li  Succ = EntryConditionBlock;
*67e74705SXin Li  return EntryConditionBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitMemberExpr(MemberExpr *M, AddStmtChoice asc) {
*67e74705SXin Li  if (asc.alwaysAdd(*this, M)) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, M);
*67e74705SXin Li  }
*67e74705SXin Li  return Visit(M->getBase());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitObjCForCollectionStmt(ObjCForCollectionStmt *S) {
*67e74705SXin Li  // Objective-C fast enumeration 'for' statements:
*67e74705SXin Li  //  http://developer.apple.com/documentation/Cocoa/Conceptual/ObjectiveC
*67e74705SXin Li  //
*67e74705SXin Li  //  for ( Type newVariable in collection_expression ) { statements }
*67e74705SXin Li  //
*67e74705SXin Li  //  becomes:
*67e74705SXin Li  //
*67e74705SXin Li  //   prologue:
*67e74705SXin Li  //     1. collection_expression
*67e74705SXin Li  //     T. jump to loop_entry
*67e74705SXin Li  //   loop_entry:
*67e74705SXin Li  //     1. side-effects of element expression
*67e74705SXin Li  //     1. ObjCForCollectionStmt [performs binding to newVariable]
*67e74705SXin Li  //     T. ObjCForCollectionStmt  TB, FB  [jumps to TB if newVariable != nil]
*67e74705SXin Li  //   TB:
*67e74705SXin Li  //     statements
*67e74705SXin Li  //     T. jump to loop_entry
*67e74705SXin Li  //   FB:
*67e74705SXin Li  //     what comes after
*67e74705SXin Li  //
*67e74705SXin Li  //  and
*67e74705SXin Li  //
*67e74705SXin Li  //  Type existingItem;
*67e74705SXin Li  //  for ( existingItem in expression ) { statements }
*67e74705SXin Li  //
*67e74705SXin Li  //  becomes:
*67e74705SXin Li  //
*67e74705SXin Li  //   the same with newVariable replaced with existingItem; the binding works
*67e74705SXin Li  //   the same except that for one ObjCForCollectionStmt::getElement() returns
*67e74705SXin Li  //   a DeclStmt and the other returns a DeclRefExpr.
*67e74705SXin Li  //
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *LoopSuccessor = nullptr;
*67e74705SXin Li
*67e74705SXin Li  if (Block) {
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    LoopSuccessor = Block;
*67e74705SXin Li    Block = nullptr;
*67e74705SXin Li  } else
*67e74705SXin Li    LoopSuccessor = Succ;
*67e74705SXin Li
*67e74705SXin Li  // Build the condition blocks.
*67e74705SXin Li  CFGBlock *ExitConditionBlock = createBlock(false);
*67e74705SXin Li
*67e74705SXin Li  // Set the terminator for the "exit" condition block.
*67e74705SXin Li  ExitConditionBlock->setTerminator(S);
*67e74705SXin Li
*67e74705SXin Li  // The last statement in the block should be the ObjCForCollectionStmt, which
*67e74705SXin Li  // performs the actual binding to 'element' and determines if there are any
*67e74705SXin Li  // more items in the collection.
*67e74705SXin Li  appendStmt(ExitConditionBlock, S);
*67e74705SXin Li  Block = ExitConditionBlock;
*67e74705SXin Li
*67e74705SXin Li  // Walk the 'element' expression to see if there are any side-effects.  We
*67e74705SXin Li  // generate new blocks as necessary.  We DON'T add the statement by default to
*67e74705SXin Li  // the CFG unless it contains control-flow.
*67e74705SXin Li  CFGBlock *EntryConditionBlock = Visit(S->getElement(),
*67e74705SXin Li                                        AddStmtChoice::NotAlwaysAdd);
*67e74705SXin Li  if (Block) {
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    Block = nullptr;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // The condition block is the implicit successor for the loop body as well as
*67e74705SXin Li  // any code above the loop.
*67e74705SXin Li  Succ = EntryConditionBlock;
*67e74705SXin Li
*67e74705SXin Li  // Now create the true branch.
*67e74705SXin Li  {
*67e74705SXin Li    // Save the current values for Succ, continue and break targets.
*67e74705SXin Li    SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ);
*67e74705SXin Li    SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget),
*67e74705SXin Li                               save_break(BreakJumpTarget);
*67e74705SXin Li
*67e74705SXin Li    // Add an intermediate block between the BodyBlock and the
*67e74705SXin Li    // EntryConditionBlock to represent the "loop back" transition, for looping
*67e74705SXin Li    // back to the head of the loop.
*67e74705SXin Li    CFGBlock *LoopBackBlock = nullptr;
*67e74705SXin Li    Succ = LoopBackBlock = createBlock();
*67e74705SXin Li    LoopBackBlock->setLoopTarget(S);
*67e74705SXin Li
*67e74705SXin Li    BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos);
*67e74705SXin Li    ContinueJumpTarget = JumpTarget(Succ, ScopePos);
*67e74705SXin Li
*67e74705SXin Li    CFGBlock *BodyBlock = addStmt(S->getBody());
*67e74705SXin Li
*67e74705SXin Li    if (!BodyBlock)
*67e74705SXin Li      BodyBlock = ContinueJumpTarget.block; // can happen for "for (X in Y) ;"
*67e74705SXin Li    else if (Block) {
*67e74705SXin Li      if (badCFG)
*67e74705SXin Li        return nullptr;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    // This new body block is a successor to our "exit" condition block.
*67e74705SXin Li    addSuccessor(ExitConditionBlock, BodyBlock);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Link up the condition block with the code that follows the loop.
*67e74705SXin Li  // (the false branch).
*67e74705SXin Li  addSuccessor(ExitConditionBlock, LoopSuccessor);
*67e74705SXin Li
*67e74705SXin Li  // Now create a prologue block to contain the collection expression.
*67e74705SXin Li  Block = createBlock();
*67e74705SXin Li  return addStmt(S->getCollection());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitObjCAutoreleasePoolStmt(ObjCAutoreleasePoolStmt *S) {
*67e74705SXin Li  // Inline the body.
*67e74705SXin Li  return addStmt(S->getSubStmt());
*67e74705SXin Li  // TODO: consider adding cleanups for the end of @autoreleasepool scope.
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitObjCAtSynchronizedStmt(ObjCAtSynchronizedStmt *S) {
*67e74705SXin Li  // FIXME: Add locking 'primitives' to CFG for @synchronized.
*67e74705SXin Li
*67e74705SXin Li  // Inline the body.
*67e74705SXin Li  CFGBlock *SyncBlock = addStmt(S->getSynchBody());
*67e74705SXin Li
*67e74705SXin Li  // The sync body starts its own basic block.  This makes it a little easier
*67e74705SXin Li  // for diagnostic clients.
*67e74705SXin Li  if (SyncBlock) {
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li
*67e74705SXin Li    Block = nullptr;
*67e74705SXin Li    Succ = SyncBlock;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Add the @synchronized to the CFG.
*67e74705SXin Li  autoCreateBlock();
*67e74705SXin Li  appendStmt(Block, S);
*67e74705SXin Li
*67e74705SXin Li  // Inline the sync expression.
*67e74705SXin Li  return addStmt(S->getSynchExpr());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitObjCAtTryStmt(ObjCAtTryStmt *S) {
*67e74705SXin Li  // FIXME
*67e74705SXin Li  return NYS();
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitPseudoObjectExpr(PseudoObjectExpr *E) {
*67e74705SXin Li  autoCreateBlock();
*67e74705SXin Li
*67e74705SXin Li  // Add the PseudoObject as the last thing.
*67e74705SXin Li  appendStmt(Block, E);
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *lastBlock = Block;
*67e74705SXin Li
*67e74705SXin Li  // Before that, evaluate all of the semantics in order.  In
*67e74705SXin Li  // CFG-land, that means appending them in reverse order.
*67e74705SXin Li  for (unsigned i = E->getNumSemanticExprs(); i != 0; ) {
*67e74705SXin Li    Expr *Semantic = E->getSemanticExpr(--i);
*67e74705SXin Li
*67e74705SXin Li    // If the semantic is an opaque value, we're being asked to bind
*67e74705SXin Li    // it to its source expression.
*67e74705SXin Li    if (OpaqueValueExpr *OVE = dyn_cast<OpaqueValueExpr>(Semantic))
*67e74705SXin Li      Semantic = OVE->getSourceExpr();
*67e74705SXin Li
*67e74705SXin Li    if (CFGBlock *B = Visit(Semantic))
*67e74705SXin Li      lastBlock = B;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return lastBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitWhileStmt(WhileStmt *W) {
*67e74705SXin Li  CFGBlock *LoopSuccessor = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Save local scope position because in case of condition variable ScopePos
*67e74705SXin Li  // won't be restored when traversing AST.
*67e74705SXin Li  SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos);
*67e74705SXin Li
*67e74705SXin Li  // Create local scope for possible condition variable.
*67e74705SXin Li  // Store scope position for continue statement.
*67e74705SXin Li  LocalScope::const_iterator LoopBeginScopePos = ScopePos;
*67e74705SXin Li  if (VarDecl *VD = W->getConditionVariable()) {
*67e74705SXin Li    addLocalScopeForVarDecl(VD);
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, LoopBeginScopePos, W);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // "while" is a control-flow statement.  Thus we stop processing the current
*67e74705SXin Li  // block.
*67e74705SXin Li  if (Block) {
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    LoopSuccessor = Block;
*67e74705SXin Li    Block = nullptr;
*67e74705SXin Li  } else {
*67e74705SXin Li    LoopSuccessor = Succ;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *BodyBlock = nullptr, *TransitionBlock = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Process the loop body.
*67e74705SXin Li  {
*67e74705SXin Li    assert(W->getBody());
*67e74705SXin Li
*67e74705SXin Li    // Save the current values for Block, Succ, continue and break targets.
*67e74705SXin Li    SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ);
*67e74705SXin Li    SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget),
*67e74705SXin Li                               save_break(BreakJumpTarget);
*67e74705SXin Li
*67e74705SXin Li    // Create an empty block to represent the transition block for looping back
*67e74705SXin Li    // to the head of the loop.
*67e74705SXin Li    Succ = TransitionBlock = createBlock(false);
*67e74705SXin Li    TransitionBlock->setLoopTarget(W);
*67e74705SXin Li    ContinueJumpTarget = JumpTarget(Succ, LoopBeginScopePos);
*67e74705SXin Li
*67e74705SXin Li    // All breaks should go to the code following the loop.
*67e74705SXin Li    BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos);
*67e74705SXin Li
*67e74705SXin Li    // Loop body should end with destructor of Condition variable (if any).
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, LoopBeginScopePos, W);
*67e74705SXin Li
*67e74705SXin Li    // If body is not a compound statement create implicit scope
*67e74705SXin Li    // and add destructors.
*67e74705SXin Li    if (!isa<CompoundStmt>(W->getBody()))
*67e74705SXin Li      addLocalScopeAndDtors(W->getBody());
*67e74705SXin Li
*67e74705SXin Li    // Create the body.  The returned block is the entry to the loop body.
*67e74705SXin Li    BodyBlock = addStmt(W->getBody());
*67e74705SXin Li
*67e74705SXin Li    if (!BodyBlock)
*67e74705SXin Li      BodyBlock = ContinueJumpTarget.block; // can happen for "while(...) ;"
*67e74705SXin Li    else if (Block && badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Because of short-circuit evaluation, the condition of the loop can span
*67e74705SXin Li  // multiple basic blocks.  Thus we need the "Entry" and "Exit" blocks that
*67e74705SXin Li  // evaluate the condition.
*67e74705SXin Li  CFGBlock *EntryConditionBlock = nullptr, *ExitConditionBlock = nullptr;
*67e74705SXin Li
*67e74705SXin Li  do {
*67e74705SXin Li    Expr *C = W->getCond();
*67e74705SXin Li
*67e74705SXin Li    // Specially handle logical operators, which have a slightly
*67e74705SXin Li    // more optimal CFG representation.
*67e74705SXin Li    if (BinaryOperator *Cond = dyn_cast<BinaryOperator>(C->IgnoreParens()))
*67e74705SXin Li      if (Cond->isLogicalOp()) {
*67e74705SXin Li        std::tie(EntryConditionBlock, ExitConditionBlock) =
*67e74705SXin Li            VisitLogicalOperator(Cond, W, BodyBlock, LoopSuccessor);
*67e74705SXin Li        break;
*67e74705SXin Li      }
*67e74705SXin Li
*67e74705SXin Li    // The default case when not handling logical operators.
*67e74705SXin Li    ExitConditionBlock = createBlock(false);
*67e74705SXin Li    ExitConditionBlock->setTerminator(W);
*67e74705SXin Li
*67e74705SXin Li    // Now add the actual condition to the condition block.
*67e74705SXin Li    // Because the condition itself may contain control-flow, new blocks may
*67e74705SXin Li    // be created.  Thus we update "Succ" after adding the condition.
*67e74705SXin Li    Block = ExitConditionBlock;
*67e74705SXin Li    Block = EntryConditionBlock = addStmt(C);
*67e74705SXin Li
*67e74705SXin Li    // If this block contains a condition variable, add both the condition
*67e74705SXin Li    // variable and initializer to the CFG.
*67e74705SXin Li    if (VarDecl *VD = W->getConditionVariable()) {
*67e74705SXin Li      if (Expr *Init = VD->getInit()) {
*67e74705SXin Li        autoCreateBlock();
*67e74705SXin Li        appendStmt(Block, W->getConditionVariableDeclStmt());
*67e74705SXin Li        EntryConditionBlock = addStmt(Init);
*67e74705SXin Li        assert(Block == EntryConditionBlock);
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    if (Block && badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li
*67e74705SXin Li    // See if this is a known constant.
*67e74705SXin Li    const TryResult& KnownVal = tryEvaluateBool(C);
*67e74705SXin Li
*67e74705SXin Li    // Add the loop body entry as a successor to the condition.
*67e74705SXin Li    addSuccessor(ExitConditionBlock, KnownVal.isFalse() ? nullptr : BodyBlock);
*67e74705SXin Li    // Link up the condition block with the code that follows the loop.  (the
*67e74705SXin Li    // false branch).
*67e74705SXin Li    addSuccessor(ExitConditionBlock,
*67e74705SXin Li                 KnownVal.isTrue() ? nullptr : LoopSuccessor);
*67e74705SXin Li
*67e74705SXin Li  } while(false);
*67e74705SXin Li
*67e74705SXin Li  // Link up the loop-back block to the entry condition block.
*67e74705SXin Li  addSuccessor(TransitionBlock, EntryConditionBlock);
*67e74705SXin Li
*67e74705SXin Li  // There can be no more statements in the condition block since we loop back
*67e74705SXin Li  // to this block.  NULL out Block to force lazy creation of another block.
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Return the condition block, which is the dominating block for the loop.
*67e74705SXin Li  Succ = EntryConditionBlock;
*67e74705SXin Li  return EntryConditionBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitObjCAtCatchStmt(ObjCAtCatchStmt *S) {
*67e74705SXin Li  // FIXME: For now we pretend that @catch and the code it contains does not
*67e74705SXin Li  //  exit.
*67e74705SXin Li  return Block;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitObjCAtThrowStmt(ObjCAtThrowStmt *S) {
*67e74705SXin Li  // FIXME: This isn't complete.  We basically treat @throw like a return
*67e74705SXin Li  //  statement.
*67e74705SXin Li
*67e74705SXin Li  // If we were in the middle of a block we stop processing that block.
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Create the new block.
*67e74705SXin Li  Block = createBlock(false);
*67e74705SXin Li
*67e74705SXin Li  // The Exit block is the only successor.
*67e74705SXin Li  addSuccessor(Block, &cfg->getExit());
*67e74705SXin Li
*67e74705SXin Li  // Add the statement to the block.  This may create new blocks if S contains
*67e74705SXin Li  // control-flow (short-circuit operations).
*67e74705SXin Li  return VisitStmt(S, AddStmtChoice::AlwaysAdd);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCXXThrowExpr(CXXThrowExpr *T) {
*67e74705SXin Li  // If we were in the middle of a block we stop processing that block.
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Create the new block.
*67e74705SXin Li  Block = createBlock(false);
*67e74705SXin Li
*67e74705SXin Li  if (TryTerminatedBlock)
*67e74705SXin Li    // The current try statement is the only successor.
*67e74705SXin Li    addSuccessor(Block, TryTerminatedBlock);
*67e74705SXin Li  else
*67e74705SXin Li    // otherwise the Exit block is the only successor.
*67e74705SXin Li    addSuccessor(Block, &cfg->getExit());
*67e74705SXin Li
*67e74705SXin Li  // Add the statement to the block.  This may create new blocks if S contains
*67e74705SXin Li  // control-flow (short-circuit operations).
*67e74705SXin Li  return VisitStmt(T, AddStmtChoice::AlwaysAdd);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitDoStmt(DoStmt *D) {
*67e74705SXin Li  CFGBlock *LoopSuccessor = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // "do...while" is a control-flow statement.  Thus we stop processing the
*67e74705SXin Li  // current block.
*67e74705SXin Li  if (Block) {
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    LoopSuccessor = Block;
*67e74705SXin Li  } else
*67e74705SXin Li    LoopSuccessor = Succ;
*67e74705SXin Li
*67e74705SXin Li  // Because of short-circuit evaluation, the condition of the loop can span
*67e74705SXin Li  // multiple basic blocks.  Thus we need the "Entry" and "Exit" blocks that
*67e74705SXin Li  // evaluate the condition.
*67e74705SXin Li  CFGBlock *ExitConditionBlock = createBlock(false);
*67e74705SXin Li  CFGBlock *EntryConditionBlock = ExitConditionBlock;
*67e74705SXin Li
*67e74705SXin Li  // Set the terminator for the "exit" condition block.
*67e74705SXin Li  ExitConditionBlock->setTerminator(D);
*67e74705SXin Li
*67e74705SXin Li  // Now add the actual condition to the condition block.  Because the condition
*67e74705SXin Li  // itself may contain control-flow, new blocks may be created.
*67e74705SXin Li  if (Stmt *C = D->getCond()) {
*67e74705SXin Li    Block = ExitConditionBlock;
*67e74705SXin Li    EntryConditionBlock = addStmt(C);
*67e74705SXin Li    if (Block) {
*67e74705SXin Li      if (badCFG)
*67e74705SXin Li        return nullptr;
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // The condition block is the implicit successor for the loop body.
*67e74705SXin Li  Succ = EntryConditionBlock;
*67e74705SXin Li
*67e74705SXin Li  // See if this is a known constant.
*67e74705SXin Li  const TryResult &KnownVal = tryEvaluateBool(D->getCond());
*67e74705SXin Li
*67e74705SXin Li  // Process the loop body.
*67e74705SXin Li  CFGBlock *BodyBlock = nullptr;
*67e74705SXin Li  {
*67e74705SXin Li    assert(D->getBody());
*67e74705SXin Li
*67e74705SXin Li    // Save the current values for Block, Succ, and continue and break targets
*67e74705SXin Li    SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ);
*67e74705SXin Li    SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget),
*67e74705SXin Li        save_break(BreakJumpTarget);
*67e74705SXin Li
*67e74705SXin Li    // All continues within this loop should go to the condition block
*67e74705SXin Li    ContinueJumpTarget = JumpTarget(EntryConditionBlock, ScopePos);
*67e74705SXin Li
*67e74705SXin Li    // All breaks should go to the code following the loop.
*67e74705SXin Li    BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos);
*67e74705SXin Li
*67e74705SXin Li    // NULL out Block to force lazy instantiation of blocks for the body.
*67e74705SXin Li    Block = nullptr;
*67e74705SXin Li
*67e74705SXin Li    // If body is not a compound statement create implicit scope
*67e74705SXin Li    // and add destructors.
*67e74705SXin Li    if (!isa<CompoundStmt>(D->getBody()))
*67e74705SXin Li      addLocalScopeAndDtors(D->getBody());
*67e74705SXin Li
*67e74705SXin Li    // Create the body.  The returned block is the entry to the loop body.
*67e74705SXin Li    BodyBlock = addStmt(D->getBody());
*67e74705SXin Li
*67e74705SXin Li    if (!BodyBlock)
*67e74705SXin Li      BodyBlock = EntryConditionBlock; // can happen for "do ; while(...)"
*67e74705SXin Li    else if (Block) {
*67e74705SXin Li      if (badCFG)
*67e74705SXin Li        return nullptr;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    if (!KnownVal.isFalse()) {
*67e74705SXin Li      // Add an intermediate block between the BodyBlock and the
*67e74705SXin Li      // ExitConditionBlock to represent the "loop back" transition.  Create an
*67e74705SXin Li      // empty block to represent the transition block for looping back to the
*67e74705SXin Li      // head of the loop.
*67e74705SXin Li      // FIXME: Can we do this more efficiently without adding another block?
*67e74705SXin Li      Block = nullptr;
*67e74705SXin Li      Succ = BodyBlock;
*67e74705SXin Li      CFGBlock *LoopBackBlock = createBlock();
*67e74705SXin Li      LoopBackBlock->setLoopTarget(D);
*67e74705SXin Li
*67e74705SXin Li      // Add the loop body entry as a successor to the condition.
*67e74705SXin Li      addSuccessor(ExitConditionBlock, LoopBackBlock);
*67e74705SXin Li    }
*67e74705SXin Li    else
*67e74705SXin Li      addSuccessor(ExitConditionBlock, nullptr);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Link up the condition block with the code that follows the loop.
*67e74705SXin Li  // (the false branch).
*67e74705SXin Li  addSuccessor(ExitConditionBlock, KnownVal.isTrue() ? nullptr : LoopSuccessor);
*67e74705SXin Li
*67e74705SXin Li  // There can be no more statements in the body block(s) since we loop back to
*67e74705SXin Li  // the body.  NULL out Block to force lazy creation of another block.
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Return the loop body, which is the dominating block for the loop.
*67e74705SXin Li  Succ = BodyBlock;
*67e74705SXin Li  return BodyBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitContinueStmt(ContinueStmt *C) {
*67e74705SXin Li  // "continue" is a control-flow statement.  Thus we stop processing the
*67e74705SXin Li  // current block.
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Now create a new block that ends with the continue statement.
*67e74705SXin Li  Block = createBlock(false);
*67e74705SXin Li  Block->setTerminator(C);
*67e74705SXin Li
*67e74705SXin Li  // If there is no target for the continue, then we are looking at an
*67e74705SXin Li  // incomplete AST.  This means the CFG cannot be constructed.
*67e74705SXin Li  if (ContinueJumpTarget.block) {
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, ContinueJumpTarget.scopePosition, C);
*67e74705SXin Li    addSuccessor(Block, ContinueJumpTarget.block);
*67e74705SXin Li  } else
*67e74705SXin Li    badCFG = true;
*67e74705SXin Li
*67e74705SXin Li  return Block;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitUnaryExprOrTypeTraitExpr(UnaryExprOrTypeTraitExpr *E,
*67e74705SXin Li                                                    AddStmtChoice asc) {
*67e74705SXin Li
*67e74705SXin Li  if (asc.alwaysAdd(*this, E)) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, E);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // VLA types have expressions that must be evaluated.
*67e74705SXin Li  CFGBlock *lastBlock = Block;
*67e74705SXin Li
*67e74705SXin Li  if (E->isArgumentType()) {
*67e74705SXin Li    for (const VariableArrayType *VA =FindVA(E->getArgumentType().getTypePtr());
*67e74705SXin Li         VA != nullptr; VA = FindVA(VA->getElementType().getTypePtr()))
*67e74705SXin Li      lastBlock = addStmt(VA->getSizeExpr());
*67e74705SXin Li  }
*67e74705SXin Li  return lastBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// VisitStmtExpr - Utility method to handle (nested) statement
*67e74705SXin Li///  expressions (a GCC extension).
*67e74705SXin LiCFGBlock *CFGBuilder::VisitStmtExpr(StmtExpr *SE, AddStmtChoice asc) {
*67e74705SXin Li  if (asc.alwaysAdd(*this, SE)) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, SE);
*67e74705SXin Li  }
*67e74705SXin Li  return VisitCompoundStmt(SE->getSubStmt());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitSwitchStmt(SwitchStmt *Terminator) {
*67e74705SXin Li  // "switch" is a control-flow statement.  Thus we stop processing the current
*67e74705SXin Li  // block.
*67e74705SXin Li  CFGBlock *SwitchSuccessor = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Save local scope position because in case of condition variable ScopePos
*67e74705SXin Li  // won't be restored when traversing AST.
*67e74705SXin Li  SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos);
*67e74705SXin Li
*67e74705SXin Li  // Create local scope for C++17 switch init-stmt if one exists.
*67e74705SXin Li  if (Stmt *Init = Terminator->getInit()) {
*67e74705SXin Li    LocalScope::const_iterator BeginScopePos = ScopePos;
*67e74705SXin Li    addLocalScopeForStmt(Init);
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, BeginScopePos, Terminator);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Create local scope for possible condition variable.
*67e74705SXin Li  // Store scope position. Add implicit destructor.
*67e74705SXin Li  if (VarDecl *VD = Terminator->getConditionVariable()) {
*67e74705SXin Li    LocalScope::const_iterator SwitchBeginScopePos = ScopePos;
*67e74705SXin Li    addLocalScopeForVarDecl(VD);
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, SwitchBeginScopePos, Terminator);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (Block) {
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    SwitchSuccessor = Block;
*67e74705SXin Li  } else SwitchSuccessor = Succ;
*67e74705SXin Li
*67e74705SXin Li  // Save the current "switch" context.
*67e74705SXin Li  SaveAndRestore<CFGBlock*> save_switch(SwitchTerminatedBlock),
*67e74705SXin Li                            save_default(DefaultCaseBlock);
*67e74705SXin Li  SaveAndRestore<JumpTarget> save_break(BreakJumpTarget);
*67e74705SXin Li
*67e74705SXin Li  // Set the "default" case to be the block after the switch statement.  If the
*67e74705SXin Li  // switch statement contains a "default:", this value will be overwritten with
*67e74705SXin Li  // the block for that code.
*67e74705SXin Li  DefaultCaseBlock = SwitchSuccessor;
*67e74705SXin Li
*67e74705SXin Li  // Create a new block that will contain the switch statement.
*67e74705SXin Li  SwitchTerminatedBlock = createBlock(false);
*67e74705SXin Li
*67e74705SXin Li  // Now process the switch body.  The code after the switch is the implicit
*67e74705SXin Li  // successor.
*67e74705SXin Li  Succ = SwitchSuccessor;
*67e74705SXin Li  BreakJumpTarget = JumpTarget(SwitchSuccessor, ScopePos);
*67e74705SXin Li
*67e74705SXin Li  // When visiting the body, the case statements should automatically get linked
*67e74705SXin Li  // up to the switch.  We also don't keep a pointer to the body, since all
*67e74705SXin Li  // control-flow from the switch goes to case/default statements.
*67e74705SXin Li  assert(Terminator->getBody() && "switch must contain a non-NULL body");
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // For pruning unreachable case statements, save the current state
*67e74705SXin Li  // for tracking the condition value.
*67e74705SXin Li  SaveAndRestore<bool> save_switchExclusivelyCovered(switchExclusivelyCovered,
*67e74705SXin Li                                                     false);
*67e74705SXin Li
*67e74705SXin Li  // Determine if the switch condition can be explicitly evaluated.
*67e74705SXin Li  assert(Terminator->getCond() && "switch condition must be non-NULL");
*67e74705SXin Li  Expr::EvalResult result;
*67e74705SXin Li  bool b = tryEvaluate(Terminator->getCond(), result);
*67e74705SXin Li  SaveAndRestore<Expr::EvalResult*> save_switchCond(switchCond,
*67e74705SXin Li                                                    b ? &result : nullptr);
*67e74705SXin Li
*67e74705SXin Li  // If body is not a compound statement create implicit scope
*67e74705SXin Li  // and add destructors.
*67e74705SXin Li  if (!isa<CompoundStmt>(Terminator->getBody()))
*67e74705SXin Li    addLocalScopeAndDtors(Terminator->getBody());
*67e74705SXin Li
*67e74705SXin Li  addStmt(Terminator->getBody());
*67e74705SXin Li  if (Block) {
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // If we have no "default:" case, the default transition is to the code
*67e74705SXin Li  // following the switch body.  Moreover, take into account if all the
*67e74705SXin Li  // cases of a switch are covered (e.g., switching on an enum value).
*67e74705SXin Li  //
*67e74705SXin Li  // Note: We add a successor to a switch that is considered covered yet has no
*67e74705SXin Li  //       case statements if the enumeration has no enumerators.
*67e74705SXin Li  bool SwitchAlwaysHasSuccessor = false;
*67e74705SXin Li  SwitchAlwaysHasSuccessor |= switchExclusivelyCovered;
*67e74705SXin Li  SwitchAlwaysHasSuccessor |= Terminator->isAllEnumCasesCovered() &&
*67e74705SXin Li                              Terminator->getSwitchCaseList();
*67e74705SXin Li  addSuccessor(SwitchTerminatedBlock, DefaultCaseBlock,
*67e74705SXin Li               !SwitchAlwaysHasSuccessor);
*67e74705SXin Li
*67e74705SXin Li  // Add the terminator and condition in the switch block.
*67e74705SXin Li  SwitchTerminatedBlock->setTerminator(Terminator);
*67e74705SXin Li  Block = SwitchTerminatedBlock;
*67e74705SXin Li  CFGBlock *LastBlock = addStmt(Terminator->getCond());
*67e74705SXin Li
*67e74705SXin Li  // If the SwitchStmt contains a condition variable, add both the
*67e74705SXin Li  // SwitchStmt and the condition variable initialization to the CFG.
*67e74705SXin Li  if (VarDecl *VD = Terminator->getConditionVariable()) {
*67e74705SXin Li    if (Expr *Init = VD->getInit()) {
*67e74705SXin Li      autoCreateBlock();
*67e74705SXin Li      appendStmt(Block, Terminator->getConditionVariableDeclStmt());
*67e74705SXin Li      LastBlock = addStmt(Init);
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Finally, if the SwitchStmt contains a C++17 init-stmt, add it to the CFG.
*67e74705SXin Li  if (Stmt *Init = Terminator->getInit()) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    LastBlock = addStmt(Init);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return LastBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Listatic bool shouldAddCase(bool &switchExclusivelyCovered,
*67e74705SXin Li                          const Expr::EvalResult *switchCond,
*67e74705SXin Li                          const CaseStmt *CS,
*67e74705SXin Li                          ASTContext &Ctx) {
*67e74705SXin Li  if (!switchCond)
*67e74705SXin Li    return true;
*67e74705SXin Li
*67e74705SXin Li  bool addCase = false;
*67e74705SXin Li
*67e74705SXin Li  if (!switchExclusivelyCovered) {
*67e74705SXin Li    if (switchCond->Val.isInt()) {
*67e74705SXin Li      // Evaluate the LHS of the case value.
*67e74705SXin Li      const llvm::APSInt &lhsInt = CS->getLHS()->EvaluateKnownConstInt(Ctx);
*67e74705SXin Li      const llvm::APSInt &condInt = switchCond->Val.getInt();
*67e74705SXin Li
*67e74705SXin Li      if (condInt == lhsInt) {
*67e74705SXin Li        addCase = true;
*67e74705SXin Li        switchExclusivelyCovered = true;
*67e74705SXin Li      }
*67e74705SXin Li      else if (condInt > lhsInt) {
*67e74705SXin Li        if (const Expr *RHS = CS->getRHS()) {
*67e74705SXin Li          // Evaluate the RHS of the case value.
*67e74705SXin Li          const llvm::APSInt &V2 = RHS->EvaluateKnownConstInt(Ctx);
*67e74705SXin Li          if (V2 >= condInt) {
*67e74705SXin Li            addCase = true;
*67e74705SXin Li            switchExclusivelyCovered = true;
*67e74705SXin Li          }
*67e74705SXin Li        }
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li    else
*67e74705SXin Li      addCase = true;
*67e74705SXin Li  }
*67e74705SXin Li  return addCase;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCaseStmt(CaseStmt *CS) {
*67e74705SXin Li  // CaseStmts are essentially labels, so they are the first statement in a
*67e74705SXin Li  // block.
*67e74705SXin Li  CFGBlock *TopBlock = nullptr, *LastBlock = nullptr;
*67e74705SXin Li
*67e74705SXin Li  if (Stmt *Sub = CS->getSubStmt()) {
*67e74705SXin Li    // For deeply nested chains of CaseStmts, instead of doing a recursion
*67e74705SXin Li    // (which can blow out the stack), manually unroll and create blocks
*67e74705SXin Li    // along the way.
*67e74705SXin Li    while (isa<CaseStmt>(Sub)) {
*67e74705SXin Li      CFGBlock *currentBlock = createBlock(false);
*67e74705SXin Li      currentBlock->setLabel(CS);
*67e74705SXin Li
*67e74705SXin Li      if (TopBlock)
*67e74705SXin Li        addSuccessor(LastBlock, currentBlock);
*67e74705SXin Li      else
*67e74705SXin Li        TopBlock = currentBlock;
*67e74705SXin Li
*67e74705SXin Li      addSuccessor(SwitchTerminatedBlock,
*67e74705SXin Li                   shouldAddCase(switchExclusivelyCovered, switchCond,
*67e74705SXin Li                                 CS, *Context)
*67e74705SXin Li                   ? currentBlock : nullptr);
*67e74705SXin Li
*67e74705SXin Li      LastBlock = currentBlock;
*67e74705SXin Li      CS = cast<CaseStmt>(Sub);
*67e74705SXin Li      Sub = CS->getSubStmt();
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    addStmt(Sub);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *CaseBlock = Block;
*67e74705SXin Li  if (!CaseBlock)
*67e74705SXin Li    CaseBlock = createBlock();
*67e74705SXin Li
*67e74705SXin Li  // Cases statements partition blocks, so this is the top of the basic block we
*67e74705SXin Li  // were processing (the "case XXX:" is the label).
*67e74705SXin Li  CaseBlock->setLabel(CS);
*67e74705SXin Li
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Add this block to the list of successors for the block with the switch
*67e74705SXin Li  // statement.
*67e74705SXin Li  assert(SwitchTerminatedBlock);
*67e74705SXin Li  addSuccessor(SwitchTerminatedBlock, CaseBlock,
*67e74705SXin Li               shouldAddCase(switchExclusivelyCovered, switchCond,
*67e74705SXin Li                             CS, *Context));
*67e74705SXin Li
*67e74705SXin Li  // We set Block to NULL to allow lazy creation of a new block (if necessary)
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li
*67e74705SXin Li  if (TopBlock) {
*67e74705SXin Li    addSuccessor(LastBlock, CaseBlock);
*67e74705SXin Li    Succ = TopBlock;
*67e74705SXin Li  } else {
*67e74705SXin Li    // This block is now the implicit successor of other blocks.
*67e74705SXin Li    Succ = CaseBlock;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return Succ;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitDefaultStmt(DefaultStmt *Terminator) {
*67e74705SXin Li  if (Terminator->getSubStmt())
*67e74705SXin Li    addStmt(Terminator->getSubStmt());
*67e74705SXin Li
*67e74705SXin Li  DefaultCaseBlock = Block;
*67e74705SXin Li
*67e74705SXin Li  if (!DefaultCaseBlock)
*67e74705SXin Li    DefaultCaseBlock = createBlock();
*67e74705SXin Li
*67e74705SXin Li  // Default statements partition blocks, so this is the top of the basic block
*67e74705SXin Li  // we were processing (the "default:" is the label).
*67e74705SXin Li  DefaultCaseBlock->setLabel(Terminator);
*67e74705SXin Li
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  // Unlike case statements, we don't add the default block to the successors
*67e74705SXin Li  // for the switch statement immediately.  This is done when we finish
*67e74705SXin Li  // processing the switch statement.  This allows for the default case
*67e74705SXin Li  // (including a fall-through to the code after the switch statement) to always
*67e74705SXin Li  // be the last successor of a switch-terminated block.
*67e74705SXin Li
*67e74705SXin Li  // We set Block to NULL to allow lazy creation of a new block (if necessary)
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li
*67e74705SXin Li  // This block is now the implicit successor of other blocks.
*67e74705SXin Li  Succ = DefaultCaseBlock;
*67e74705SXin Li
*67e74705SXin Li  return DefaultCaseBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCXXTryStmt(CXXTryStmt *Terminator) {
*67e74705SXin Li  // "try"/"catch" is a control-flow statement.  Thus we stop processing the
*67e74705SXin Li  // current block.
*67e74705SXin Li  CFGBlock *TrySuccessor = nullptr;
*67e74705SXin Li
*67e74705SXin Li  if (Block) {
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    TrySuccessor = Block;
*67e74705SXin Li  } else TrySuccessor = Succ;
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *PrevTryTerminatedBlock = TryTerminatedBlock;
*67e74705SXin Li
*67e74705SXin Li  // Create a new block that will contain the try statement.
*67e74705SXin Li  CFGBlock *NewTryTerminatedBlock = createBlock(false);
*67e74705SXin Li  // Add the terminator in the try block.
*67e74705SXin Li  NewTryTerminatedBlock->setTerminator(Terminator);
*67e74705SXin Li
*67e74705SXin Li  bool HasCatchAll = false;
*67e74705SXin Li  for (unsigned h = 0; h <Terminator->getNumHandlers(); ++h) {
*67e74705SXin Li    // The code after the try is the implicit successor.
*67e74705SXin Li    Succ = TrySuccessor;
*67e74705SXin Li    CXXCatchStmt *CS = Terminator->getHandler(h);
*67e74705SXin Li    if (CS->getExceptionDecl() == nullptr) {
*67e74705SXin Li      HasCatchAll = true;
*67e74705SXin Li    }
*67e74705SXin Li    Block = nullptr;
*67e74705SXin Li    CFGBlock *CatchBlock = VisitCXXCatchStmt(CS);
*67e74705SXin Li    if (!CatchBlock)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    // Add this block to the list of successors for the block with the try
*67e74705SXin Li    // statement.
*67e74705SXin Li    addSuccessor(NewTryTerminatedBlock, CatchBlock);
*67e74705SXin Li  }
*67e74705SXin Li  if (!HasCatchAll) {
*67e74705SXin Li    if (PrevTryTerminatedBlock)
*67e74705SXin Li      addSuccessor(NewTryTerminatedBlock, PrevTryTerminatedBlock);
*67e74705SXin Li    else
*67e74705SXin Li      addSuccessor(NewTryTerminatedBlock, &cfg->getExit());
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // The code after the try is the implicit successor.
*67e74705SXin Li  Succ = TrySuccessor;
*67e74705SXin Li
*67e74705SXin Li  // Save the current "try" context.
*67e74705SXin Li  SaveAndRestore<CFGBlock*> save_try(TryTerminatedBlock, NewTryTerminatedBlock);
*67e74705SXin Li  cfg->addTryDispatchBlock(TryTerminatedBlock);
*67e74705SXin Li
*67e74705SXin Li  assert(Terminator->getTryBlock() && "try must contain a non-NULL body");
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li  return addStmt(Terminator->getTryBlock());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCXXCatchStmt(CXXCatchStmt *CS) {
*67e74705SXin Li  // CXXCatchStmt are treated like labels, so they are the first statement in a
*67e74705SXin Li  // block.
*67e74705SXin Li
*67e74705SXin Li  // Save local scope position because in case of exception variable ScopePos
*67e74705SXin Li  // won't be restored when traversing AST.
*67e74705SXin Li  SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos);
*67e74705SXin Li
*67e74705SXin Li  // Create local scope for possible exception variable.
*67e74705SXin Li  // Store scope position. Add implicit destructor.
*67e74705SXin Li  if (VarDecl *VD = CS->getExceptionDecl()) {
*67e74705SXin Li    LocalScope::const_iterator BeginScopePos = ScopePos;
*67e74705SXin Li    addLocalScopeForVarDecl(VD);
*67e74705SXin Li    addAutomaticObjDtors(ScopePos, BeginScopePos, CS);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (CS->getHandlerBlock())
*67e74705SXin Li    addStmt(CS->getHandlerBlock());
*67e74705SXin Li
*67e74705SXin Li  CFGBlock *CatchBlock = Block;
*67e74705SXin Li  if (!CatchBlock)
*67e74705SXin Li    CatchBlock = createBlock();
*67e74705SXin Li
*67e74705SXin Li  // CXXCatchStmt is more than just a label.  They have semantic meaning
*67e74705SXin Li  // as well, as they implicitly "initialize" the catch variable.  Add
*67e74705SXin Li  // it to the CFG as a CFGElement so that the control-flow of these
*67e74705SXin Li  // semantics gets captured.
*67e74705SXin Li  appendStmt(CatchBlock, CS);
*67e74705SXin Li
*67e74705SXin Li  // Also add the CXXCatchStmt as a label, to mirror handling of regular
*67e74705SXin Li  // labels.
*67e74705SXin Li  CatchBlock->setLabel(CS);
*67e74705SXin Li
*67e74705SXin Li  // Bail out if the CFG is bad.
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  // We set Block to NULL to allow lazy creation of a new block (if necessary)
*67e74705SXin Li  Block = nullptr;
*67e74705SXin Li
*67e74705SXin Li  return CatchBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCXXForRangeStmt(CXXForRangeStmt *S) {
*67e74705SXin Li  // C++0x for-range statements are specified as [stmt.ranged]:
*67e74705SXin Li  //
*67e74705SXin Li  // {
*67e74705SXin Li  //   auto && __range = range-init;
*67e74705SXin Li  //   for ( auto __begin = begin-expr,
*67e74705SXin Li  //         __end = end-expr;
*67e74705SXin Li  //         __begin != __end;
*67e74705SXin Li  //         ++__begin ) {
*67e74705SXin Li  //     for-range-declaration = *__begin;
*67e74705SXin Li  //     statement
*67e74705SXin Li  //   }
*67e74705SXin Li  // }
*67e74705SXin Li
*67e74705SXin Li  // Save local scope position before the addition of the implicit variables.
*67e74705SXin Li  SaveAndRestore<LocalScope::const_iterator> save_scope_pos(ScopePos);
*67e74705SXin Li
*67e74705SXin Li  // Create local scopes and destructors for range, begin and end variables.
*67e74705SXin Li  if (Stmt *Range = S->getRangeStmt())
*67e74705SXin Li    addLocalScopeForStmt(Range);
*67e74705SXin Li  if (Stmt *Begin = S->getBeginStmt())
*67e74705SXin Li    addLocalScopeForStmt(Begin);
*67e74705SXin Li  if (Stmt *End = S->getEndStmt())
*67e74705SXin Li    addLocalScopeForStmt(End);
*67e74705SXin Li  addAutomaticObjDtors(ScopePos, save_scope_pos.get(), S);
*67e74705SXin Li
*67e74705SXin Li  LocalScope::const_iterator ContinueScopePos = ScopePos;
*67e74705SXin Li
*67e74705SXin Li  // "for" is a control-flow statement.  Thus we stop processing the current
*67e74705SXin Li  // block.
*67e74705SXin Li  CFGBlock *LoopSuccessor = nullptr;
*67e74705SXin Li  if (Block) {
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    LoopSuccessor = Block;
*67e74705SXin Li  } else
*67e74705SXin Li    LoopSuccessor = Succ;
*67e74705SXin Li
*67e74705SXin Li  // Save the current value for the break targets.
*67e74705SXin Li  // All breaks should go to the code following the loop.
*67e74705SXin Li  SaveAndRestore<JumpTarget> save_break(BreakJumpTarget);
*67e74705SXin Li  BreakJumpTarget = JumpTarget(LoopSuccessor, ScopePos);
*67e74705SXin Li
*67e74705SXin Li  // The block for the __begin != __end expression.
*67e74705SXin Li  CFGBlock *ConditionBlock = createBlock(false);
*67e74705SXin Li  ConditionBlock->setTerminator(S);
*67e74705SXin Li
*67e74705SXin Li  // Now add the actual condition to the condition block.
*67e74705SXin Li  if (Expr *C = S->getCond()) {
*67e74705SXin Li    Block = ConditionBlock;
*67e74705SXin Li    CFGBlock *BeginConditionBlock = addStmt(C);
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    assert(BeginConditionBlock == ConditionBlock &&
*67e74705SXin Li           "condition block in for-range was unexpectedly complex");
*67e74705SXin Li    (void)BeginConditionBlock;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // The condition block is the implicit successor for the loop body as well as
*67e74705SXin Li  // any code above the loop.
*67e74705SXin Li  Succ = ConditionBlock;
*67e74705SXin Li
*67e74705SXin Li  // See if this is a known constant.
*67e74705SXin Li  TryResult KnownVal(true);
*67e74705SXin Li
*67e74705SXin Li  if (S->getCond())
*67e74705SXin Li    KnownVal = tryEvaluateBool(S->getCond());
*67e74705SXin Li
*67e74705SXin Li  // Now create the loop body.
*67e74705SXin Li  {
*67e74705SXin Li    assert(S->getBody());
*67e74705SXin Li
*67e74705SXin Li    // Save the current values for Block, Succ, and continue targets.
*67e74705SXin Li    SaveAndRestore<CFGBlock*> save_Block(Block), save_Succ(Succ);
*67e74705SXin Li    SaveAndRestore<JumpTarget> save_continue(ContinueJumpTarget);
*67e74705SXin Li
*67e74705SXin Li    // Generate increment code in its own basic block.  This is the target of
*67e74705SXin Li    // continue statements.
*67e74705SXin Li    Block = nullptr;
*67e74705SXin Li    Succ = addStmt(S->getInc());
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    ContinueJumpTarget = JumpTarget(Succ, ContinueScopePos);
*67e74705SXin Li
*67e74705SXin Li    // The starting block for the loop increment is the block that should
*67e74705SXin Li    // represent the 'loop target' for looping back to the start of the loop.
*67e74705SXin Li    ContinueJumpTarget.block->setLoopTarget(S);
*67e74705SXin Li
*67e74705SXin Li    // Finish up the increment block and prepare to start the loop body.
*67e74705SXin Li    assert(Block);
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    Block = nullptr;
*67e74705SXin Li
*67e74705SXin Li    // Add implicit scope and dtors for loop variable.
*67e74705SXin Li    addLocalScopeAndDtors(S->getLoopVarStmt());
*67e74705SXin Li
*67e74705SXin Li    // Populate a new block to contain the loop body and loop variable.
*67e74705SXin Li    addStmt(S->getBody());
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li    CFGBlock *LoopVarStmtBlock = addStmt(S->getLoopVarStmt());
*67e74705SXin Li    if (badCFG)
*67e74705SXin Li      return nullptr;
*67e74705SXin Li
*67e74705SXin Li    // This new body block is a successor to our condition block.
*67e74705SXin Li    addSuccessor(ConditionBlock,
*67e74705SXin Li                 KnownVal.isFalse() ? nullptr : LoopVarStmtBlock);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Link up the condition block with the code that follows the loop (the
*67e74705SXin Li  // false branch).
*67e74705SXin Li  addSuccessor(ConditionBlock, KnownVal.isTrue() ? nullptr : LoopSuccessor);
*67e74705SXin Li
*67e74705SXin Li  // Add the initialization statements.
*67e74705SXin Li  Block = createBlock();
*67e74705SXin Li  addStmt(S->getBeginStmt());
*67e74705SXin Li  addStmt(S->getEndStmt());
*67e74705SXin Li  return addStmt(S->getRangeStmt());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitExprWithCleanups(ExprWithCleanups *E,
*67e74705SXin Li    AddStmtChoice asc) {
*67e74705SXin Li  if (BuildOpts.AddTemporaryDtors) {
*67e74705SXin Li    // If adding implicit destructors visit the full expression for adding
*67e74705SXin Li    // destructors of temporaries.
*67e74705SXin Li    TempDtorContext Context;
*67e74705SXin Li    VisitForTemporaryDtors(E->getSubExpr(), false, Context);
*67e74705SXin Li
*67e74705SXin Li    // Full expression has to be added as CFGStmt so it will be sequenced
*67e74705SXin Li    // before destructors of it's temporaries.
*67e74705SXin Li    asc = asc.withAlwaysAdd(true);
*67e74705SXin Li  }
*67e74705SXin Li  return Visit(E->getSubExpr(), asc);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCXXBindTemporaryExpr(CXXBindTemporaryExpr *E,
*67e74705SXin Li                                                AddStmtChoice asc) {
*67e74705SXin Li  if (asc.alwaysAdd(*this, E)) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, E);
*67e74705SXin Li
*67e74705SXin Li    // We do not want to propagate the AlwaysAdd property.
*67e74705SXin Li    asc = asc.withAlwaysAdd(false);
*67e74705SXin Li  }
*67e74705SXin Li  return Visit(E->getSubExpr(), asc);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCXXConstructExpr(CXXConstructExpr *C,
*67e74705SXin Li                                            AddStmtChoice asc) {
*67e74705SXin Li  autoCreateBlock();
*67e74705SXin Li  appendStmt(Block, C);
*67e74705SXin Li
*67e74705SXin Li  return VisitChildren(C);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCXXNewExpr(CXXNewExpr *NE,
*67e74705SXin Li                                      AddStmtChoice asc) {
*67e74705SXin Li
*67e74705SXin Li  autoCreateBlock();
*67e74705SXin Li  appendStmt(Block, NE);
*67e74705SXin Li
*67e74705SXin Li  if (NE->getInitializer())
*67e74705SXin Li    Block = Visit(NE->getInitializer());
*67e74705SXin Li  if (BuildOpts.AddCXXNewAllocator)
*67e74705SXin Li    appendNewAllocator(Block, NE);
*67e74705SXin Li  if (NE->isArray())
*67e74705SXin Li    Block = Visit(NE->getArraySize());
*67e74705SXin Li  for (CXXNewExpr::arg_iterator I = NE->placement_arg_begin(),
*67e74705SXin Li       E = NE->placement_arg_end(); I != E; ++I)
*67e74705SXin Li    Block = Visit(*I);
*67e74705SXin Li  return Block;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCXXDeleteExpr(CXXDeleteExpr *DE,
*67e74705SXin Li                                         AddStmtChoice asc) {
*67e74705SXin Li  autoCreateBlock();
*67e74705SXin Li  appendStmt(Block, DE);
*67e74705SXin Li  QualType DTy = DE->getDestroyedType();
*67e74705SXin Li  DTy = DTy.getNonReferenceType();
*67e74705SXin Li  CXXRecordDecl *RD = Context->getBaseElementType(DTy)->getAsCXXRecordDecl();
*67e74705SXin Li  if (RD) {
*67e74705SXin Li    if (RD->isCompleteDefinition() && !RD->hasTrivialDestructor())
*67e74705SXin Li      appendDeleteDtor(Block, RD, DE);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return VisitChildren(DE);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCXXFunctionalCastExpr(CXXFunctionalCastExpr *E,
*67e74705SXin Li                                                 AddStmtChoice asc) {
*67e74705SXin Li  if (asc.alwaysAdd(*this, E)) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, E);
*67e74705SXin Li    // We do not want to propagate the AlwaysAdd property.
*67e74705SXin Li    asc = asc.withAlwaysAdd(false);
*67e74705SXin Li  }
*67e74705SXin Li  return Visit(E->getSubExpr(), asc);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCXXTemporaryObjectExpr(CXXTemporaryObjectExpr *C,
*67e74705SXin Li                                                  AddStmtChoice asc) {
*67e74705SXin Li  autoCreateBlock();
*67e74705SXin Li  appendStmt(Block, C);
*67e74705SXin Li  return VisitChildren(C);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitImplicitCastExpr(ImplicitCastExpr *E,
*67e74705SXin Li                                            AddStmtChoice asc) {
*67e74705SXin Li  if (asc.alwaysAdd(*this, E)) {
*67e74705SXin Li    autoCreateBlock();
*67e74705SXin Li    appendStmt(Block, E);
*67e74705SXin Li  }
*67e74705SXin Li  return Visit(E->getSubExpr(), AddStmtChoice());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitIndirectGotoStmt(IndirectGotoStmt *I) {
*67e74705SXin Li  // Lazily create the indirect-goto dispatch block if there isn't one already.
*67e74705SXin Li  CFGBlock *IBlock = cfg->getIndirectGotoBlock();
*67e74705SXin Li
*67e74705SXin Li  if (!IBlock) {
*67e74705SXin Li    IBlock = createBlock(false);
*67e74705SXin Li    cfg->setIndirectGotoBlock(IBlock);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // IndirectGoto is a control-flow statement.  Thus we stop processing the
*67e74705SXin Li  // current block and create a new one.
*67e74705SXin Li  if (badCFG)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  Block = createBlock(false);
*67e74705SXin Li  Block->setTerminator(I);
*67e74705SXin Li  addSuccessor(Block, IBlock);
*67e74705SXin Li  return addStmt(I->getTarget());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitForTemporaryDtors(Stmt *E, bool BindToTemporary,
*67e74705SXin Li                                             TempDtorContext &Context) {
*67e74705SXin Li  assert(BuildOpts.AddImplicitDtors && BuildOpts.AddTemporaryDtors);
*67e74705SXin Li
*67e74705SXin LitryAgain:
*67e74705SXin Li  if (!E) {
*67e74705SXin Li    badCFG = true;
*67e74705SXin Li    return nullptr;
*67e74705SXin Li  }
*67e74705SXin Li  switch (E->getStmtClass()) {
*67e74705SXin Li    default:
*67e74705SXin Li      return VisitChildrenForTemporaryDtors(E, Context);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::BinaryOperatorClass:
*67e74705SXin Li      return VisitBinaryOperatorForTemporaryDtors(cast<BinaryOperator>(E),
*67e74705SXin Li                                                  Context);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXBindTemporaryExprClass:
*67e74705SXin Li      return VisitCXXBindTemporaryExprForTemporaryDtors(
*67e74705SXin Li          cast<CXXBindTemporaryExpr>(E), BindToTemporary, Context);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::BinaryConditionalOperatorClass:
*67e74705SXin Li    case Stmt::ConditionalOperatorClass:
*67e74705SXin Li      return VisitConditionalOperatorForTemporaryDtors(
*67e74705SXin Li          cast<AbstractConditionalOperator>(E), BindToTemporary, Context);
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ImplicitCastExprClass:
*67e74705SXin Li      // For implicit cast we want BindToTemporary to be passed further.
*67e74705SXin Li      E = cast<CastExpr>(E)->getSubExpr();
*67e74705SXin Li      goto tryAgain;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXFunctionalCastExprClass:
*67e74705SXin Li      // For functional cast we want BindToTemporary to be passed further.
*67e74705SXin Li      E = cast<CXXFunctionalCastExpr>(E)->getSubExpr();
*67e74705SXin Li      goto tryAgain;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ParenExprClass:
*67e74705SXin Li      E = cast<ParenExpr>(E)->getSubExpr();
*67e74705SXin Li      goto tryAgain;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::MaterializeTemporaryExprClass: {
*67e74705SXin Li      const MaterializeTemporaryExpr* MTE = cast<MaterializeTemporaryExpr>(E);
*67e74705SXin Li      BindToTemporary = (MTE->getStorageDuration() != SD_FullExpression);
*67e74705SXin Li      SmallVector<const Expr *, 2> CommaLHSs;
*67e74705SXin Li      SmallVector<SubobjectAdjustment, 2> Adjustments;
*67e74705SXin Li      // Find the expression whose lifetime needs to be extended.
*67e74705SXin Li      E = const_cast<Expr *>(
*67e74705SXin Li          cast<MaterializeTemporaryExpr>(E)
*67e74705SXin Li              ->GetTemporaryExpr()
*67e74705SXin Li              ->skipRValueSubobjectAdjustments(CommaLHSs, Adjustments));
*67e74705SXin Li      // Visit the skipped comma operator left-hand sides for other temporaries.
*67e74705SXin Li      for (const Expr *CommaLHS : CommaLHSs) {
*67e74705SXin Li        VisitForTemporaryDtors(const_cast<Expr *>(CommaLHS),
*67e74705SXin Li                               /*BindToTemporary=*/false, Context);
*67e74705SXin Li      }
*67e74705SXin Li      goto tryAgain;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    case Stmt::BlockExprClass:
*67e74705SXin Li      // Don't recurse into blocks; their subexpressions don't get evaluated
*67e74705SXin Li      // here.
*67e74705SXin Li      return Block;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::LambdaExprClass: {
*67e74705SXin Li      // For lambda expressions, only recurse into the capture initializers,
*67e74705SXin Li      // and not the body.
*67e74705SXin Li      auto *LE = cast<LambdaExpr>(E);
*67e74705SXin Li      CFGBlock *B = Block;
*67e74705SXin Li      for (Expr *Init : LE->capture_inits()) {
*67e74705SXin Li        if (CFGBlock *R = VisitForTemporaryDtors(
*67e74705SXin Li                Init, /*BindToTemporary=*/false, Context))
*67e74705SXin Li          B = R;
*67e74705SXin Li      }
*67e74705SXin Li      return B;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXDefaultArgExprClass:
*67e74705SXin Li      E = cast<CXXDefaultArgExpr>(E)->getExpr();
*67e74705SXin Li      goto tryAgain;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXDefaultInitExprClass:
*67e74705SXin Li      E = cast<CXXDefaultInitExpr>(E)->getExpr();
*67e74705SXin Li      goto tryAgain;
*67e74705SXin Li  }
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitChildrenForTemporaryDtors(Stmt *E,
*67e74705SXin Li                                                     TempDtorContext &Context) {
*67e74705SXin Li  if (isa<LambdaExpr>(E)) {
*67e74705SXin Li    // Do not visit the children of lambdas; they have their own CFGs.
*67e74705SXin Li    return Block;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // When visiting children for destructors we want to visit them in reverse
*67e74705SXin Li  // order that they will appear in the CFG.  Because the CFG is built
*67e74705SXin Li  // bottom-up, this means we visit them in their natural order, which
*67e74705SXin Li  // reverses them in the CFG.
*67e74705SXin Li  CFGBlock *B = Block;
*67e74705SXin Li  for (Stmt *Child : E->children())
*67e74705SXin Li    if (Child)
*67e74705SXin Li      if (CFGBlock *R = VisitForTemporaryDtors(Child, false, Context))
*67e74705SXin Li        B = R;
*67e74705SXin Li
*67e74705SXin Li  return B;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitBinaryOperatorForTemporaryDtors(
*67e74705SXin Li    BinaryOperator *E, TempDtorContext &Context) {
*67e74705SXin Li  if (E->isLogicalOp()) {
*67e74705SXin Li    VisitForTemporaryDtors(E->getLHS(), false, Context);
*67e74705SXin Li    TryResult RHSExecuted = tryEvaluateBool(E->getLHS());
*67e74705SXin Li    if (RHSExecuted.isKnown() && E->getOpcode() == BO_LOr)
*67e74705SXin Li      RHSExecuted.negate();
*67e74705SXin Li
*67e74705SXin Li    // We do not know at CFG-construction time whether the right-hand-side was
*67e74705SXin Li    // executed, thus we add a branch node that depends on the temporary
*67e74705SXin Li    // constructor call.
*67e74705SXin Li    TempDtorContext RHSContext(
*67e74705SXin Li        bothKnownTrue(Context.KnownExecuted, RHSExecuted));
*67e74705SXin Li    VisitForTemporaryDtors(E->getRHS(), false, RHSContext);
*67e74705SXin Li    InsertTempDtorDecisionBlock(RHSContext);
*67e74705SXin Li
*67e74705SXin Li    return Block;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (E->isAssignmentOp()) {
*67e74705SXin Li    // For assignment operator (=) LHS expression is visited
*67e74705SXin Li    // before RHS expression. For destructors visit them in reverse order.
*67e74705SXin Li    CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getRHS(), false, Context);
*67e74705SXin Li    CFGBlock *LHSBlock = VisitForTemporaryDtors(E->getLHS(), false, Context);
*67e74705SXin Li    return LHSBlock ? LHSBlock : RHSBlock;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // For any other binary operator RHS expression is visited before
*67e74705SXin Li  // LHS expression (order of children). For destructors visit them in reverse
*67e74705SXin Li  // order.
*67e74705SXin Li  CFGBlock *LHSBlock = VisitForTemporaryDtors(E->getLHS(), false, Context);
*67e74705SXin Li  CFGBlock *RHSBlock = VisitForTemporaryDtors(E->getRHS(), false, Context);
*67e74705SXin Li  return RHSBlock ? RHSBlock : LHSBlock;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitCXXBindTemporaryExprForTemporaryDtors(
*67e74705SXin Li    CXXBindTemporaryExpr *E, bool BindToTemporary, TempDtorContext &Context) {
*67e74705SXin Li  // First add destructors for temporaries in subexpression.
*67e74705SXin Li  CFGBlock *B = VisitForTemporaryDtors(E->getSubExpr(), false, Context);
*67e74705SXin Li  if (!BindToTemporary) {
*67e74705SXin Li    // If lifetime of temporary is not prolonged (by assigning to constant
*67e74705SXin Li    // reference) add destructor for it.
*67e74705SXin Li
*67e74705SXin Li    const CXXDestructorDecl *Dtor = E->getTemporary()->getDestructor();
*67e74705SXin Li
*67e74705SXin Li    if (Dtor->getParent()->isAnyDestructorNoReturn()) {
*67e74705SXin Li      // If the destructor is marked as a no-return destructor, we need to
*67e74705SXin Li      // create a new block for the destructor which does not have as a
*67e74705SXin Li      // successor anything built thus far. Control won't flow out of this
*67e74705SXin Li      // block.
*67e74705SXin Li      if (B) Succ = B;
*67e74705SXin Li      Block = createNoReturnBlock();
*67e74705SXin Li    } else if (Context.needsTempDtorBranch()) {
*67e74705SXin Li      // If we need to introduce a branch, we add a new block that we will hook
*67e74705SXin Li      // up to a decision block later.
*67e74705SXin Li      if (B) Succ = B;
*67e74705SXin Li      Block = createBlock();
*67e74705SXin Li    } else {
*67e74705SXin Li      autoCreateBlock();
*67e74705SXin Li    }
*67e74705SXin Li    if (Context.needsTempDtorBranch()) {
*67e74705SXin Li      Context.setDecisionPoint(Succ, E);
*67e74705SXin Li    }
*67e74705SXin Li    appendTemporaryDtor(Block, E);
*67e74705SXin Li
*67e74705SXin Li    B = Block;
*67e74705SXin Li  }
*67e74705SXin Li  return B;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Livoid CFGBuilder::InsertTempDtorDecisionBlock(const TempDtorContext &Context,
*67e74705SXin Li                                             CFGBlock *FalseSucc) {
*67e74705SXin Li  if (!Context.TerminatorExpr) {
*67e74705SXin Li    // If no temporary was found, we do not need to insert a decision point.
*67e74705SXin Li    return;
*67e74705SXin Li  }
*67e74705SXin Li  assert(Context.TerminatorExpr);
*67e74705SXin Li  CFGBlock *Decision = createBlock(false);
*67e74705SXin Li  Decision->setTerminator(CFGTerminator(Context.TerminatorExpr, true));
*67e74705SXin Li  addSuccessor(Decision, Block, !Context.KnownExecuted.isFalse());
*67e74705SXin Li  addSuccessor(Decision, FalseSucc ? FalseSucc : Context.Succ,
*67e74705SXin Li               !Context.KnownExecuted.isTrue());
*67e74705SXin Li  Block = Decision;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiCFGBlock *CFGBuilder::VisitConditionalOperatorForTemporaryDtors(
*67e74705SXin Li    AbstractConditionalOperator *E, bool BindToTemporary,
*67e74705SXin Li    TempDtorContext &Context) {
*67e74705SXin Li  VisitForTemporaryDtors(E->getCond(), false, Context);
*67e74705SXin Li  CFGBlock *ConditionBlock = Block;
*67e74705SXin Li  CFGBlock *ConditionSucc = Succ;
*67e74705SXin Li  TryResult ConditionVal = tryEvaluateBool(E->getCond());
*67e74705SXin Li  TryResult NegatedVal = ConditionVal;
*67e74705SXin Li  if (NegatedVal.isKnown()) NegatedVal.negate();
*67e74705SXin Li
*67e74705SXin Li  TempDtorContext TrueContext(
*67e74705SXin Li      bothKnownTrue(Context.KnownExecuted, ConditionVal));
*67e74705SXin Li  VisitForTemporaryDtors(E->getTrueExpr(), BindToTemporary, TrueContext);
*67e74705SXin Li  CFGBlock *TrueBlock = Block;
*67e74705SXin Li
*67e74705SXin Li  Block = ConditionBlock;
*67e74705SXin Li  Succ = ConditionSucc;
*67e74705SXin Li  TempDtorContext FalseContext(
*67e74705SXin Li      bothKnownTrue(Context.KnownExecuted, NegatedVal));
*67e74705SXin Li  VisitForTemporaryDtors(E->getFalseExpr(), BindToTemporary, FalseContext);
*67e74705SXin Li
*67e74705SXin Li  if (TrueContext.TerminatorExpr && FalseContext.TerminatorExpr) {
*67e74705SXin Li    InsertTempDtorDecisionBlock(FalseContext, TrueBlock);
*67e74705SXin Li  } else if (TrueContext.TerminatorExpr) {
*67e74705SXin Li    Block = TrueBlock;
*67e74705SXin Li    InsertTempDtorDecisionBlock(TrueContext);
*67e74705SXin Li  } else {
*67e74705SXin Li    InsertTempDtorDecisionBlock(FalseContext);
*67e74705SXin Li  }
*67e74705SXin Li  return Block;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li} // end anonymous namespace
*67e74705SXin Li
*67e74705SXin Li/// createBlock - Constructs and adds a new CFGBlock to the CFG.  The block has
*67e74705SXin Li///  no successors or predecessors.  If this is the first block created in the
*67e74705SXin Li///  CFG, it is automatically set to be the Entry and Exit of the CFG.
*67e74705SXin LiCFGBlock *CFG::createBlock() {
*67e74705SXin Li  bool first_block = begin() == end();
*67e74705SXin Li
*67e74705SXin Li  // Create the block.
*67e74705SXin Li  CFGBlock *Mem = getAllocator().Allocate<CFGBlock>();
*67e74705SXin Li  new (Mem) CFGBlock(NumBlockIDs++, BlkBVC, this);
*67e74705SXin Li  Blocks.push_back(Mem, BlkBVC);
*67e74705SXin Li
*67e74705SXin Li  // If this is the first block, set it as the Entry and Exit.
*67e74705SXin Li  if (first_block)
*67e74705SXin Li    Entry = Exit = &back();
*67e74705SXin Li
*67e74705SXin Li  // Return the block.
*67e74705SXin Li  return &back();
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// buildCFG - Constructs a CFG from an AST.
*67e74705SXin Listd::unique_ptr<CFG> CFG::buildCFG(const Decl *D, Stmt *Statement,
*67e74705SXin Li                                   ASTContext *C, const BuildOptions &BO) {
*67e74705SXin Li  CFGBuilder Builder(C, BO);
*67e74705SXin Li  return Builder.buildCFG(D, Statement);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Liconst CXXDestructorDecl *
*67e74705SXin LiCFGImplicitDtor::getDestructorDecl(ASTContext &astContext) const {
*67e74705SXin Li  switch (getKind()) {
*67e74705SXin Li    case CFGElement::Statement:
*67e74705SXin Li    case CFGElement::Initializer:
*67e74705SXin Li    case CFGElement::NewAllocator:
*67e74705SXin Li      llvm_unreachable("getDestructorDecl should only be used with "
*67e74705SXin Li                       "ImplicitDtors");
*67e74705SXin Li    case CFGElement::AutomaticObjectDtor: {
*67e74705SXin Li      const VarDecl *var = castAs<CFGAutomaticObjDtor>().getVarDecl();
*67e74705SXin Li      QualType ty = var->getType();
*67e74705SXin Li      ty = ty.getNonReferenceType();
*67e74705SXin Li      while (const ArrayType *arrayType = astContext.getAsArrayType(ty)) {
*67e74705SXin Li        ty = arrayType->getElementType();
*67e74705SXin Li      }
*67e74705SXin Li      const RecordType *recordType = ty->getAs<RecordType>();
*67e74705SXin Li      const CXXRecordDecl *classDecl =
*67e74705SXin Li      cast<CXXRecordDecl>(recordType->getDecl());
*67e74705SXin Li      return classDecl->getDestructor();
*67e74705SXin Li    }
*67e74705SXin Li    case CFGElement::DeleteDtor: {
*67e74705SXin Li      const CXXDeleteExpr *DE = castAs<CFGDeleteDtor>().getDeleteExpr();
*67e74705SXin Li      QualType DTy = DE->getDestroyedType();
*67e74705SXin Li      DTy = DTy.getNonReferenceType();
*67e74705SXin Li      const CXXRecordDecl *classDecl =
*67e74705SXin Li          astContext.getBaseElementType(DTy)->getAsCXXRecordDecl();
*67e74705SXin Li      return classDecl->getDestructor();
*67e74705SXin Li    }
*67e74705SXin Li    case CFGElement::TemporaryDtor: {
*67e74705SXin Li      const CXXBindTemporaryExpr *bindExpr =
*67e74705SXin Li        castAs<CFGTemporaryDtor>().getBindTemporaryExpr();
*67e74705SXin Li      const CXXTemporary *temp = bindExpr->getTemporary();
*67e74705SXin Li      return temp->getDestructor();
*67e74705SXin Li    }
*67e74705SXin Li    case CFGElement::BaseDtor:
*67e74705SXin Li    case CFGElement::MemberDtor:
*67e74705SXin Li
*67e74705SXin Li      // Not yet supported.
*67e74705SXin Li      return nullptr;
*67e74705SXin Li  }
*67e74705SXin Li  llvm_unreachable("getKind() returned bogus value");
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Libool CFGImplicitDtor::isNoReturn(ASTContext &astContext) const {
*67e74705SXin Li  if (const CXXDestructorDecl *DD = getDestructorDecl(astContext))
*67e74705SXin Li    return DD->isNoReturn();
*67e74705SXin Li  return false;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li//===----------------------------------------------------------------------===//
*67e74705SXin Li// CFGBlock operations.
*67e74705SXin Li//===----------------------------------------------------------------------===//
*67e74705SXin Li
*67e74705SXin LiCFGBlock::AdjacentBlock::AdjacentBlock(CFGBlock *B, bool IsReachable)
*67e74705SXin Li  : ReachableBlock(IsReachable ? B : nullptr),
*67e74705SXin Li    UnreachableBlock(!IsReachable ? B : nullptr,
*67e74705SXin Li                     B && IsReachable ? AB_Normal : AB_Unreachable) {}
*67e74705SXin Li
*67e74705SXin LiCFGBlock::AdjacentBlock::AdjacentBlock(CFGBlock *B, CFGBlock *AlternateBlock)
*67e74705SXin Li  : ReachableBlock(B),
*67e74705SXin Li    UnreachableBlock(B == AlternateBlock ? nullptr : AlternateBlock,
*67e74705SXin Li                     B == AlternateBlock ? AB_Alternate : AB_Normal) {}
*67e74705SXin Li
*67e74705SXin Livoid CFGBlock::addSuccessor(AdjacentBlock Succ,
*67e74705SXin Li                            BumpVectorContext &C) {
*67e74705SXin Li  if (CFGBlock *B = Succ.getReachableBlock())
*67e74705SXin Li    B->Preds.push_back(AdjacentBlock(this, Succ.isReachable()), C);
*67e74705SXin Li
*67e74705SXin Li  if (CFGBlock *UnreachableB = Succ.getPossiblyUnreachableBlock())
*67e74705SXin Li    UnreachableB->Preds.push_back(AdjacentBlock(this, false), C);
*67e74705SXin Li
*67e74705SXin Li  Succs.push_back(Succ, C);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Libool CFGBlock::FilterEdge(const CFGBlock::FilterOptions &F,
*67e74705SXin Li        const CFGBlock *From, const CFGBlock *To) {
*67e74705SXin Li
*67e74705SXin Li  if (F.IgnoreNullPredecessors && !From)
*67e74705SXin Li    return true;
*67e74705SXin Li
*67e74705SXin Li  if (To && From && F.IgnoreDefaultsWithCoveredEnums) {
*67e74705SXin Li    // If the 'To' has no label or is labeled but the label isn't a
*67e74705SXin Li    // CaseStmt then filter this edge.
*67e74705SXin Li    if (const SwitchStmt *S =
*67e74705SXin Li        dyn_cast_or_null<SwitchStmt>(From->getTerminator().getStmt())) {
*67e74705SXin Li      if (S->isAllEnumCasesCovered()) {
*67e74705SXin Li        const Stmt *L = To->getLabel();
*67e74705SXin Li        if (!L || !isa<CaseStmt>(L))
*67e74705SXin Li          return true;
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  return false;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li//===----------------------------------------------------------------------===//
*67e74705SXin Li// CFG pretty printing
*67e74705SXin Li//===----------------------------------------------------------------------===//
*67e74705SXin Li
*67e74705SXin Linamespace {
*67e74705SXin Li
*67e74705SXin Liclass StmtPrinterHelper : public PrinterHelper  {
*67e74705SXin Li  typedef llvm::DenseMap<const Stmt*,std::pair<unsigned,unsigned> > StmtMapTy;
*67e74705SXin Li  typedef llvm::DenseMap<const Decl*,std::pair<unsigned,unsigned> > DeclMapTy;
*67e74705SXin Li  StmtMapTy StmtMap;
*67e74705SXin Li  DeclMapTy DeclMap;
*67e74705SXin Li  signed currentBlock;
*67e74705SXin Li  unsigned currStmt;
*67e74705SXin Li  const LangOptions &LangOpts;
*67e74705SXin Lipublic:
*67e74705SXin Li
*67e74705SXin Li  StmtPrinterHelper(const CFG* cfg, const LangOptions &LO)
*67e74705SXin Li    : currentBlock(0), currStmt(0), LangOpts(LO)
*67e74705SXin Li  {
*67e74705SXin Li    for (CFG::const_iterator I = cfg->begin(), E = cfg->end(); I != E; ++I ) {
*67e74705SXin Li      unsigned j = 1;
*67e74705SXin Li      for (CFGBlock::const_iterator BI = (*I)->begin(), BEnd = (*I)->end() ;
*67e74705SXin Li           BI != BEnd; ++BI, ++j ) {
*67e74705SXin Li        if (Optional<CFGStmt> SE = BI->getAs<CFGStmt>()) {
*67e74705SXin Li          const Stmt *stmt= SE->getStmt();
*67e74705SXin Li          std::pair<unsigned, unsigned> P((*I)->getBlockID(), j);
*67e74705SXin Li          StmtMap[stmt] = P;
*67e74705SXin Li
*67e74705SXin Li          switch (stmt->getStmtClass()) {
*67e74705SXin Li            case Stmt::DeclStmtClass:
*67e74705SXin Li                DeclMap[cast<DeclStmt>(stmt)->getSingleDecl()] = P;
*67e74705SXin Li                break;
*67e74705SXin Li            case Stmt::IfStmtClass: {
*67e74705SXin Li              const VarDecl *var = cast<IfStmt>(stmt)->getConditionVariable();
*67e74705SXin Li              if (var)
*67e74705SXin Li                DeclMap[var] = P;
*67e74705SXin Li              break;
*67e74705SXin Li            }
*67e74705SXin Li            case Stmt::ForStmtClass: {
*67e74705SXin Li              const VarDecl *var = cast<ForStmt>(stmt)->getConditionVariable();
*67e74705SXin Li              if (var)
*67e74705SXin Li                DeclMap[var] = P;
*67e74705SXin Li              break;
*67e74705SXin Li            }
*67e74705SXin Li            case Stmt::WhileStmtClass: {
*67e74705SXin Li              const VarDecl *var =
*67e74705SXin Li                cast<WhileStmt>(stmt)->getConditionVariable();
*67e74705SXin Li              if (var)
*67e74705SXin Li                DeclMap[var] = P;
*67e74705SXin Li              break;
*67e74705SXin Li            }
*67e74705SXin Li            case Stmt::SwitchStmtClass: {
*67e74705SXin Li              const VarDecl *var =
*67e74705SXin Li                cast<SwitchStmt>(stmt)->getConditionVariable();
*67e74705SXin Li              if (var)
*67e74705SXin Li                DeclMap[var] = P;
*67e74705SXin Li              break;
*67e74705SXin Li            }
*67e74705SXin Li            case Stmt::CXXCatchStmtClass: {
*67e74705SXin Li              const VarDecl *var =
*67e74705SXin Li                cast<CXXCatchStmt>(stmt)->getExceptionDecl();
*67e74705SXin Li              if (var)
*67e74705SXin Li                DeclMap[var] = P;
*67e74705SXin Li              break;
*67e74705SXin Li            }
*67e74705SXin Li            default:
*67e74705SXin Li              break;
*67e74705SXin Li          }
*67e74705SXin Li        }
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  ~StmtPrinterHelper() override {}
*67e74705SXin Li
*67e74705SXin Li  const LangOptions &getLangOpts() const { return LangOpts; }
*67e74705SXin Li  void setBlockID(signed i) { currentBlock = i; }
*67e74705SXin Li  void setStmtID(unsigned i) { currStmt = i; }
*67e74705SXin Li
*67e74705SXin Li  bool handledStmt(Stmt *S, raw_ostream &OS) override {
*67e74705SXin Li    StmtMapTy::iterator I = StmtMap.find(S);
*67e74705SXin Li
*67e74705SXin Li    if (I == StmtMap.end())
*67e74705SXin Li      return false;
*67e74705SXin Li
*67e74705SXin Li    if (currentBlock >= 0 && I->second.first == (unsigned) currentBlock
*67e74705SXin Li                          && I->second.second == currStmt) {
*67e74705SXin Li      return false;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    OS << "[B" << I->second.first << "." << I->second.second << "]";
*67e74705SXin Li    return true;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  bool handleDecl(const Decl *D, raw_ostream &OS) {
*67e74705SXin Li    DeclMapTy::iterator I = DeclMap.find(D);
*67e74705SXin Li
*67e74705SXin Li    if (I == DeclMap.end())
*67e74705SXin Li      return false;
*67e74705SXin Li
*67e74705SXin Li    if (currentBlock >= 0 && I->second.first == (unsigned) currentBlock
*67e74705SXin Li                          && I->second.second == currStmt) {
*67e74705SXin Li      return false;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    OS << "[B" << I->second.first << "." << I->second.second << "]";
*67e74705SXin Li    return true;
*67e74705SXin Li  }
*67e74705SXin Li};
*67e74705SXin Li} // end anonymous namespace
*67e74705SXin Li
*67e74705SXin Li
*67e74705SXin Linamespace {
*67e74705SXin Liclass CFGBlockTerminatorPrint
*67e74705SXin Li  : public StmtVisitor<CFGBlockTerminatorPrint,void> {
*67e74705SXin Li
*67e74705SXin Li  raw_ostream &OS;
*67e74705SXin Li  StmtPrinterHelper* Helper;
*67e74705SXin Li  PrintingPolicy Policy;
*67e74705SXin Lipublic:
*67e74705SXin Li  CFGBlockTerminatorPrint(raw_ostream &os, StmtPrinterHelper* helper,
*67e74705SXin Li                          const PrintingPolicy &Policy)
*67e74705SXin Li    : OS(os), Helper(helper), Policy(Policy) {
*67e74705SXin Li    this->Policy.IncludeNewlines = false;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitIfStmt(IfStmt *I) {
*67e74705SXin Li    OS << "if ";
*67e74705SXin Li    if (Stmt *C = I->getCond())
*67e74705SXin Li      C->printPretty(OS, Helper, Policy);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Default case.
*67e74705SXin Li  void VisitStmt(Stmt *Terminator) {
*67e74705SXin Li    Terminator->printPretty(OS, Helper, Policy);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitDeclStmt(DeclStmt *DS) {
*67e74705SXin Li    VarDecl *VD = cast<VarDecl>(DS->getSingleDecl());
*67e74705SXin Li    OS << "static init " << VD->getName();
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitForStmt(ForStmt *F) {
*67e74705SXin Li    OS << "for (" ;
*67e74705SXin Li    if (F->getInit())
*67e74705SXin Li      OS << "...";
*67e74705SXin Li    OS << "; ";
*67e74705SXin Li    if (Stmt *C = F->getCond())
*67e74705SXin Li      C->printPretty(OS, Helper, Policy);
*67e74705SXin Li    OS << "; ";
*67e74705SXin Li    if (F->getInc())
*67e74705SXin Li      OS << "...";
*67e74705SXin Li    OS << ")";
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitWhileStmt(WhileStmt *W) {
*67e74705SXin Li    OS << "while " ;
*67e74705SXin Li    if (Stmt *C = W->getCond())
*67e74705SXin Li      C->printPretty(OS, Helper, Policy);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitDoStmt(DoStmt *D) {
*67e74705SXin Li    OS << "do ... while ";
*67e74705SXin Li    if (Stmt *C = D->getCond())
*67e74705SXin Li      C->printPretty(OS, Helper, Policy);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitSwitchStmt(SwitchStmt *Terminator) {
*67e74705SXin Li    OS << "switch ";
*67e74705SXin Li    Terminator->getCond()->printPretty(OS, Helper, Policy);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitCXXTryStmt(CXXTryStmt *CS) {
*67e74705SXin Li    OS << "try ...";
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitAbstractConditionalOperator(AbstractConditionalOperator* C) {
*67e74705SXin Li    if (Stmt *Cond = C->getCond())
*67e74705SXin Li      Cond->printPretty(OS, Helper, Policy);
*67e74705SXin Li    OS << " ? ... : ...";
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitChooseExpr(ChooseExpr *C) {
*67e74705SXin Li    OS << "__builtin_choose_expr( ";
*67e74705SXin Li    if (Stmt *Cond = C->getCond())
*67e74705SXin Li      Cond->printPretty(OS, Helper, Policy);
*67e74705SXin Li    OS << " )";
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitIndirectGotoStmt(IndirectGotoStmt *I) {
*67e74705SXin Li    OS << "goto *";
*67e74705SXin Li    if (Stmt *T = I->getTarget())
*67e74705SXin Li      T->printPretty(OS, Helper, Policy);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitBinaryOperator(BinaryOperator* B) {
*67e74705SXin Li    if (!B->isLogicalOp()) {
*67e74705SXin Li      VisitExpr(B);
*67e74705SXin Li      return;
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    if (B->getLHS())
*67e74705SXin Li      B->getLHS()->printPretty(OS, Helper, Policy);
*67e74705SXin Li
*67e74705SXin Li    switch (B->getOpcode()) {
*67e74705SXin Li      case BO_LOr:
*67e74705SXin Li        OS << " || ...";
*67e74705SXin Li        return;
*67e74705SXin Li      case BO_LAnd:
*67e74705SXin Li        OS << " && ...";
*67e74705SXin Li        return;
*67e74705SXin Li      default:
*67e74705SXin Li        llvm_unreachable("Invalid logical operator.");
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  void VisitExpr(Expr *E) {
*67e74705SXin Li    E->printPretty(OS, Helper, Policy);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Lipublic:
*67e74705SXin Li  void print(CFGTerminator T) {
*67e74705SXin Li    if (T.isTemporaryDtorsBranch())
*67e74705SXin Li      OS << "(Temp Dtor) ";
*67e74705SXin Li    Visit(T.getStmt());
*67e74705SXin Li  }
*67e74705SXin Li};
*67e74705SXin Li} // end anonymous namespace
*67e74705SXin Li
*67e74705SXin Listatic void print_elem(raw_ostream &OS, StmtPrinterHelper &Helper,
*67e74705SXin Li                       const CFGElement &E) {
*67e74705SXin Li  if (Optional<CFGStmt> CS = E.getAs<CFGStmt>()) {
*67e74705SXin Li    const Stmt *S = CS->getStmt();
*67e74705SXin Li    assert(S != nullptr && "Expecting non-null Stmt");
*67e74705SXin Li
*67e74705SXin Li    // special printing for statement-expressions.
*67e74705SXin Li    if (const StmtExpr *SE = dyn_cast<StmtExpr>(S)) {
*67e74705SXin Li      const CompoundStmt *Sub = SE->getSubStmt();
*67e74705SXin Li
*67e74705SXin Li      auto Children = Sub->children();
*67e74705SXin Li      if (Children.begin() != Children.end()) {
*67e74705SXin Li        OS << "({ ... ; ";
*67e74705SXin Li        Helper.handledStmt(*SE->getSubStmt()->body_rbegin(),OS);
*67e74705SXin Li        OS << " })\n";
*67e74705SXin Li        return;
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li    // special printing for comma expressions.
*67e74705SXin Li    if (const BinaryOperator* B = dyn_cast<BinaryOperator>(S)) {
*67e74705SXin Li      if (B->getOpcode() == BO_Comma) {
*67e74705SXin Li        OS << "... , ";
*67e74705SXin Li        Helper.handledStmt(B->getRHS(),OS);
*67e74705SXin Li        OS << '\n';
*67e74705SXin Li        return;
*67e74705SXin Li      }
*67e74705SXin Li    }
*67e74705SXin Li    S->printPretty(OS, &Helper, PrintingPolicy(Helper.getLangOpts()));
*67e74705SXin Li
*67e74705SXin Li    if (isa<CXXOperatorCallExpr>(S)) {
*67e74705SXin Li      OS << " (OperatorCall)";
*67e74705SXin Li    }
*67e74705SXin Li    else if (isa<CXXBindTemporaryExpr>(S)) {
*67e74705SXin Li      OS << " (BindTemporary)";
*67e74705SXin Li    }
*67e74705SXin Li    else if (const CXXConstructExpr *CCE = dyn_cast<CXXConstructExpr>(S)) {
*67e74705SXin Li      OS << " (CXXConstructExpr, " << CCE->getType().getAsString() << ")";
*67e74705SXin Li    }
*67e74705SXin Li    else if (const CastExpr *CE = dyn_cast<CastExpr>(S)) {
*67e74705SXin Li      OS << " (" << CE->getStmtClassName() << ", "
*67e74705SXin Li         << CE->getCastKindName()
*67e74705SXin Li         << ", " << CE->getType().getAsString()
*67e74705SXin Li         << ")";
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    // Expressions need a newline.
*67e74705SXin Li    if (isa<Expr>(S))
*67e74705SXin Li      OS << '\n';
*67e74705SXin Li
*67e74705SXin Li  } else if (Optional<CFGInitializer> IE = E.getAs<CFGInitializer>()) {
*67e74705SXin Li    const CXXCtorInitializer *I = IE->getInitializer();
*67e74705SXin Li    if (I->isBaseInitializer())
*67e74705SXin Li      OS << I->getBaseClass()->getAsCXXRecordDecl()->getName();
*67e74705SXin Li    else if (I->isDelegatingInitializer())
*67e74705SXin Li      OS << I->getTypeSourceInfo()->getType()->getAsCXXRecordDecl()->getName();
*67e74705SXin Li    else OS << I->getAnyMember()->getName();
*67e74705SXin Li
*67e74705SXin Li    OS << "(";
*67e74705SXin Li    if (Expr *IE = I->getInit())
*67e74705SXin Li      IE->printPretty(OS, &Helper, PrintingPolicy(Helper.getLangOpts()));
*67e74705SXin Li    OS << ")";
*67e74705SXin Li
*67e74705SXin Li    if (I->isBaseInitializer())
*67e74705SXin Li      OS << " (Base initializer)\n";
*67e74705SXin Li    else if (I->isDelegatingInitializer())
*67e74705SXin Li      OS << " (Delegating initializer)\n";
*67e74705SXin Li    else OS << " (Member initializer)\n";
*67e74705SXin Li
*67e74705SXin Li  } else if (Optional<CFGAutomaticObjDtor> DE =
*67e74705SXin Li                 E.getAs<CFGAutomaticObjDtor>()) {
*67e74705SXin Li    const VarDecl *VD = DE->getVarDecl();
*67e74705SXin Li    Helper.handleDecl(VD, OS);
*67e74705SXin Li
*67e74705SXin Li    const Type* T = VD->getType().getTypePtr();
*67e74705SXin Li    if (const ReferenceType* RT = T->getAs<ReferenceType>())
*67e74705SXin Li      T = RT->getPointeeType().getTypePtr();
*67e74705SXin Li    T = T->getBaseElementTypeUnsafe();
*67e74705SXin Li
*67e74705SXin Li    OS << ".~" << T->getAsCXXRecordDecl()->getName().str() << "()";
*67e74705SXin Li    OS << " (Implicit destructor)\n";
*67e74705SXin Li
*67e74705SXin Li  } else if (Optional<CFGNewAllocator> NE = E.getAs<CFGNewAllocator>()) {
*67e74705SXin Li    OS << "CFGNewAllocator(";
*67e74705SXin Li    if (const CXXNewExpr *AllocExpr = NE->getAllocatorExpr())
*67e74705SXin Li      AllocExpr->getType().print(OS, PrintingPolicy(Helper.getLangOpts()));
*67e74705SXin Li    OS << ")\n";
*67e74705SXin Li  } else if (Optional<CFGDeleteDtor> DE = E.getAs<CFGDeleteDtor>()) {
*67e74705SXin Li    const CXXRecordDecl *RD = DE->getCXXRecordDecl();
*67e74705SXin Li    if (!RD)
*67e74705SXin Li      return;
*67e74705SXin Li    CXXDeleteExpr *DelExpr =
*67e74705SXin Li        const_cast<CXXDeleteExpr*>(DE->getDeleteExpr());
*67e74705SXin Li    Helper.handledStmt(cast<Stmt>(DelExpr->getArgument()), OS);
*67e74705SXin Li    OS << "->~" << RD->getName().str() << "()";
*67e74705SXin Li    OS << " (Implicit destructor)\n";
*67e74705SXin Li  } else if (Optional<CFGBaseDtor> BE = E.getAs<CFGBaseDtor>()) {
*67e74705SXin Li    const CXXBaseSpecifier *BS = BE->getBaseSpecifier();
*67e74705SXin Li    OS << "~" << BS->getType()->getAsCXXRecordDecl()->getName() << "()";
*67e74705SXin Li    OS << " (Base object destructor)\n";
*67e74705SXin Li
*67e74705SXin Li  } else if (Optional<CFGMemberDtor> ME = E.getAs<CFGMemberDtor>()) {
*67e74705SXin Li    const FieldDecl *FD = ME->getFieldDecl();
*67e74705SXin Li    const Type *T = FD->getType()->getBaseElementTypeUnsafe();
*67e74705SXin Li    OS << "this->" << FD->getName();
*67e74705SXin Li    OS << ".~" << T->getAsCXXRecordDecl()->getName() << "()";
*67e74705SXin Li    OS << " (Member object destructor)\n";
*67e74705SXin Li
*67e74705SXin Li  } else if (Optional<CFGTemporaryDtor> TE = E.getAs<CFGTemporaryDtor>()) {
*67e74705SXin Li    const CXXBindTemporaryExpr *BT = TE->getBindTemporaryExpr();
*67e74705SXin Li    OS << "~";
*67e74705SXin Li    BT->getType().print(OS, PrintingPolicy(Helper.getLangOpts()));
*67e74705SXin Li    OS << "() (Temporary object destructor)\n";
*67e74705SXin Li  }
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Listatic void print_block(raw_ostream &OS, const CFG* cfg,
*67e74705SXin Li                        const CFGBlock &B,
*67e74705SXin Li                        StmtPrinterHelper &Helper, bool print_edges,
*67e74705SXin Li                        bool ShowColors) {
*67e74705SXin Li
*67e74705SXin Li  Helper.setBlockID(B.getBlockID());
*67e74705SXin Li
*67e74705SXin Li  // Print the header.
*67e74705SXin Li  if (ShowColors)
*67e74705SXin Li    OS.changeColor(raw_ostream::YELLOW, true);
*67e74705SXin Li
*67e74705SXin Li  OS << "\n [B" << B.getBlockID();
*67e74705SXin Li
*67e74705SXin Li  if (&B == &cfg->getEntry())
*67e74705SXin Li    OS << " (ENTRY)]\n";
*67e74705SXin Li  else if (&B == &cfg->getExit())
*67e74705SXin Li    OS << " (EXIT)]\n";
*67e74705SXin Li  else if (&B == cfg->getIndirectGotoBlock())
*67e74705SXin Li    OS << " (INDIRECT GOTO DISPATCH)]\n";
*67e74705SXin Li  else if (B.hasNoReturnElement())
*67e74705SXin Li    OS << " (NORETURN)]\n";
*67e74705SXin Li  else
*67e74705SXin Li    OS << "]\n";
*67e74705SXin Li
*67e74705SXin Li  if (ShowColors)
*67e74705SXin Li    OS.resetColor();
*67e74705SXin Li
*67e74705SXin Li  // Print the label of this block.
*67e74705SXin Li  if (Stmt *Label = const_cast<Stmt*>(B.getLabel())) {
*67e74705SXin Li
*67e74705SXin Li    if (print_edges)
*67e74705SXin Li      OS << "  ";
*67e74705SXin Li
*67e74705SXin Li    if (LabelStmt *L = dyn_cast<LabelStmt>(Label))
*67e74705SXin Li      OS << L->getName();
*67e74705SXin Li    else if (CaseStmt *C = dyn_cast<CaseStmt>(Label)) {
*67e74705SXin Li      OS << "case ";
*67e74705SXin Li      if (C->getLHS())
*67e74705SXin Li        C->getLHS()->printPretty(OS, &Helper,
*67e74705SXin Li                                 PrintingPolicy(Helper.getLangOpts()));
*67e74705SXin Li      if (C->getRHS()) {
*67e74705SXin Li        OS << " ... ";
*67e74705SXin Li        C->getRHS()->printPretty(OS, &Helper,
*67e74705SXin Li                                 PrintingPolicy(Helper.getLangOpts()));
*67e74705SXin Li      }
*67e74705SXin Li    } else if (isa<DefaultStmt>(Label))
*67e74705SXin Li      OS << "default";
*67e74705SXin Li    else if (CXXCatchStmt *CS = dyn_cast<CXXCatchStmt>(Label)) {
*67e74705SXin Li      OS << "catch (";
*67e74705SXin Li      if (CS->getExceptionDecl())
*67e74705SXin Li        CS->getExceptionDecl()->print(OS, PrintingPolicy(Helper.getLangOpts()),
*67e74705SXin Li                                      0);
*67e74705SXin Li      else
*67e74705SXin Li        OS << "...";
*67e74705SXin Li      OS << ")";
*67e74705SXin Li
*67e74705SXin Li    } else
*67e74705SXin Li      llvm_unreachable("Invalid label statement in CFGBlock.");
*67e74705SXin Li
*67e74705SXin Li    OS << ":\n";
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Iterate through the statements in the block and print them.
*67e74705SXin Li  unsigned j = 1;
*67e74705SXin Li
*67e74705SXin Li  for (CFGBlock::const_iterator I = B.begin(), E = B.end() ;
*67e74705SXin Li       I != E ; ++I, ++j ) {
*67e74705SXin Li
*67e74705SXin Li    // Print the statement # in the basic block and the statement itself.
*67e74705SXin Li    if (print_edges)
*67e74705SXin Li      OS << " ";
*67e74705SXin Li
*67e74705SXin Li    OS << llvm::format("%3d", j) << ": ";
*67e74705SXin Li
*67e74705SXin Li    Helper.setStmtID(j);
*67e74705SXin Li
*67e74705SXin Li    print_elem(OS, Helper, *I);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Print the terminator of this block.
*67e74705SXin Li  if (B.getTerminator()) {
*67e74705SXin Li    if (ShowColors)
*67e74705SXin Li      OS.changeColor(raw_ostream::GREEN);
*67e74705SXin Li
*67e74705SXin Li    OS << "   T: ";
*67e74705SXin Li
*67e74705SXin Li    Helper.setBlockID(-1);
*67e74705SXin Li
*67e74705SXin Li    PrintingPolicy PP(Helper.getLangOpts());
*67e74705SXin Li    CFGBlockTerminatorPrint TPrinter(OS, &Helper, PP);
*67e74705SXin Li    TPrinter.print(B.getTerminator());
*67e74705SXin Li    OS << '\n';
*67e74705SXin Li
*67e74705SXin Li    if (ShowColors)
*67e74705SXin Li      OS.resetColor();
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (print_edges) {
*67e74705SXin Li    // Print the predecessors of this block.
*67e74705SXin Li    if (!B.pred_empty()) {
*67e74705SXin Li      const raw_ostream::Colors Color = raw_ostream::BLUE;
*67e74705SXin Li      if (ShowColors)
*67e74705SXin Li        OS.changeColor(Color);
*67e74705SXin Li      OS << "   Preds " ;
*67e74705SXin Li      if (ShowColors)
*67e74705SXin Li        OS.resetColor();
*67e74705SXin Li      OS << '(' << B.pred_size() << "):";
*67e74705SXin Li      unsigned i = 0;
*67e74705SXin Li
*67e74705SXin Li      if (ShowColors)
*67e74705SXin Li        OS.changeColor(Color);
*67e74705SXin Li
*67e74705SXin Li      for (CFGBlock::const_pred_iterator I = B.pred_begin(), E = B.pred_end();
*67e74705SXin Li           I != E; ++I, ++i) {
*67e74705SXin Li
*67e74705SXin Li        if (i % 10 == 8)
*67e74705SXin Li          OS << "\n     ";
*67e74705SXin Li
*67e74705SXin Li        CFGBlock *B = *I;
*67e74705SXin Li        bool Reachable = true;
*67e74705SXin Li        if (!B) {
*67e74705SXin Li          Reachable = false;
*67e74705SXin Li          B = I->getPossiblyUnreachableBlock();
*67e74705SXin Li        }
*67e74705SXin Li
*67e74705SXin Li        OS << " B" << B->getBlockID();
*67e74705SXin Li        if (!Reachable)
*67e74705SXin Li          OS << "(Unreachable)";
*67e74705SXin Li      }
*67e74705SXin Li
*67e74705SXin Li      if (ShowColors)
*67e74705SXin Li        OS.resetColor();
*67e74705SXin Li
*67e74705SXin Li      OS << '\n';
*67e74705SXin Li    }
*67e74705SXin Li
*67e74705SXin Li    // Print the successors of this block.
*67e74705SXin Li    if (!B.succ_empty()) {
*67e74705SXin Li      const raw_ostream::Colors Color = raw_ostream::MAGENTA;
*67e74705SXin Li      if (ShowColors)
*67e74705SXin Li        OS.changeColor(Color);
*67e74705SXin Li      OS << "   Succs ";
*67e74705SXin Li      if (ShowColors)
*67e74705SXin Li        OS.resetColor();
*67e74705SXin Li      OS << '(' << B.succ_size() << "):";
*67e74705SXin Li      unsigned i = 0;
*67e74705SXin Li
*67e74705SXin Li      if (ShowColors)
*67e74705SXin Li        OS.changeColor(Color);
*67e74705SXin Li
*67e74705SXin Li      for (CFGBlock::const_succ_iterator I = B.succ_begin(), E = B.succ_end();
*67e74705SXin Li           I != E; ++I, ++i) {
*67e74705SXin Li
*67e74705SXin Li        if (i % 10 == 8)
*67e74705SXin Li          OS << "\n    ";
*67e74705SXin Li
*67e74705SXin Li        CFGBlock *B = *I;
*67e74705SXin Li
*67e74705SXin Li        bool Reachable = true;
*67e74705SXin Li        if (!B) {
*67e74705SXin Li          Reachable = false;
*67e74705SXin Li          B = I->getPossiblyUnreachableBlock();
*67e74705SXin Li        }
*67e74705SXin Li
*67e74705SXin Li        if (B) {
*67e74705SXin Li          OS << " B" << B->getBlockID();
*67e74705SXin Li          if (!Reachable)
*67e74705SXin Li            OS << "(Unreachable)";
*67e74705SXin Li        }
*67e74705SXin Li        else {
*67e74705SXin Li          OS << " NULL";
*67e74705SXin Li        }
*67e74705SXin Li      }
*67e74705SXin Li
*67e74705SXin Li      if (ShowColors)
*67e74705SXin Li        OS.resetColor();
*67e74705SXin Li      OS << '\n';
*67e74705SXin Li    }
*67e74705SXin Li  }
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li
*67e74705SXin Li/// dump - A simple pretty printer of a CFG that outputs to stderr.
*67e74705SXin Livoid CFG::dump(const LangOptions &LO, bool ShowColors) const {
*67e74705SXin Li  print(llvm::errs(), LO, ShowColors);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// print - A simple pretty printer of a CFG that outputs to an ostream.
*67e74705SXin Livoid CFG::print(raw_ostream &OS, const LangOptions &LO, bool ShowColors) const {
*67e74705SXin Li  StmtPrinterHelper Helper(this, LO);
*67e74705SXin Li
*67e74705SXin Li  // Print the entry block.
*67e74705SXin Li  print_block(OS, this, getEntry(), Helper, true, ShowColors);
*67e74705SXin Li
*67e74705SXin Li  // Iterate through the CFGBlocks and print them one by one.
*67e74705SXin Li  for (const_iterator I = Blocks.begin(), E = Blocks.end() ; I != E ; ++I) {
*67e74705SXin Li    // Skip the entry block, because we already printed it.
*67e74705SXin Li    if (&(**I) == &getEntry() || &(**I) == &getExit())
*67e74705SXin Li      continue;
*67e74705SXin Li
*67e74705SXin Li    print_block(OS, this, **I, Helper, true, ShowColors);
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  // Print the exit block.
*67e74705SXin Li  print_block(OS, this, getExit(), Helper, true, ShowColors);
*67e74705SXin Li  OS << '\n';
*67e74705SXin Li  OS.flush();
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// dump - A simply pretty printer of a CFGBlock that outputs to stderr.
*67e74705SXin Livoid CFGBlock::dump(const CFG* cfg, const LangOptions &LO,
*67e74705SXin Li                    bool ShowColors) const {
*67e74705SXin Li  print(llvm::errs(), cfg, LO, ShowColors);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiLLVM_DUMP_METHOD void CFGBlock::dump() const {
*67e74705SXin Li  dump(getParent(), LangOptions(), false);
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// print - A simple pretty printer of a CFGBlock that outputs to an ostream.
*67e74705SXin Li///   Generally this will only be called from CFG::print.
*67e74705SXin Livoid CFGBlock::print(raw_ostream &OS, const CFG* cfg,
*67e74705SXin Li                     const LangOptions &LO, bool ShowColors) const {
*67e74705SXin Li  StmtPrinterHelper Helper(cfg, LO);
*67e74705SXin Li  print_block(OS, cfg, *this, Helper, true, ShowColors);
*67e74705SXin Li  OS << '\n';
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li/// printTerminator - A simple pretty printer of the terminator of a CFGBlock.
*67e74705SXin Livoid CFGBlock::printTerminator(raw_ostream &OS,
*67e74705SXin Li                               const LangOptions &LO) const {
*67e74705SXin Li  CFGBlockTerminatorPrint TPrinter(OS, nullptr, PrintingPolicy(LO));
*67e74705SXin Li  TPrinter.print(getTerminator());
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin LiStmt *CFGBlock::getTerminatorCondition(bool StripParens) {
*67e74705SXin Li  Stmt *Terminator = this->Terminator;
*67e74705SXin Li  if (!Terminator)
*67e74705SXin Li    return nullptr;
*67e74705SXin Li
*67e74705SXin Li  Expr *E = nullptr;
*67e74705SXin Li
*67e74705SXin Li  switch (Terminator->getStmtClass()) {
*67e74705SXin Li    default:
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::CXXForRangeStmtClass:
*67e74705SXin Li      E = cast<CXXForRangeStmt>(Terminator)->getCond();
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ForStmtClass:
*67e74705SXin Li      E = cast<ForStmt>(Terminator)->getCond();
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::WhileStmtClass:
*67e74705SXin Li      E = cast<WhileStmt>(Terminator)->getCond();
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::DoStmtClass:
*67e74705SXin Li      E = cast<DoStmt>(Terminator)->getCond();
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::IfStmtClass:
*67e74705SXin Li      E = cast<IfStmt>(Terminator)->getCond();
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ChooseExprClass:
*67e74705SXin Li      E = cast<ChooseExpr>(Terminator)->getCond();
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::IndirectGotoStmtClass:
*67e74705SXin Li      E = cast<IndirectGotoStmt>(Terminator)->getTarget();
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::SwitchStmtClass:
*67e74705SXin Li      E = cast<SwitchStmt>(Terminator)->getCond();
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::BinaryConditionalOperatorClass:
*67e74705SXin Li      E = cast<BinaryConditionalOperator>(Terminator)->getCond();
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ConditionalOperatorClass:
*67e74705SXin Li      E = cast<ConditionalOperator>(Terminator)->getCond();
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::BinaryOperatorClass: // '&&' and '||'
*67e74705SXin Li      E = cast<BinaryOperator>(Terminator)->getLHS();
*67e74705SXin Li      break;
*67e74705SXin Li
*67e74705SXin Li    case Stmt::ObjCForCollectionStmtClass:
*67e74705SXin Li      return Terminator;
*67e74705SXin Li  }
*67e74705SXin Li
*67e74705SXin Li  if (!StripParens)
*67e74705SXin Li    return E;
*67e74705SXin Li
*67e74705SXin Li  return E ? E->IgnoreParens() : nullptr;
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Li//===----------------------------------------------------------------------===//
*67e74705SXin Li// CFG Graphviz Visualization
*67e74705SXin Li//===----------------------------------------------------------------------===//
*67e74705SXin Li
*67e74705SXin Li
*67e74705SXin Li#ifndef NDEBUG
*67e74705SXin Listatic StmtPrinterHelper* GraphHelper;
*67e74705SXin Li#endif
*67e74705SXin Li
*67e74705SXin Livoid CFG::viewCFG(const LangOptions &LO) const {
*67e74705SXin Li#ifndef NDEBUG
*67e74705SXin Li  StmtPrinterHelper H(this, LO);
*67e74705SXin Li  GraphHelper = &H;
*67e74705SXin Li  llvm::ViewGraph(this,"CFG");
*67e74705SXin Li  GraphHelper = nullptr;
*67e74705SXin Li#endif
*67e74705SXin Li}
*67e74705SXin Li
*67e74705SXin Linamespace llvm {
*67e74705SXin Litemplate<>
*67e74705SXin Listruct DOTGraphTraits<const CFG*> : public DefaultDOTGraphTraits {
*67e74705SXin Li
*67e74705SXin Li  DOTGraphTraits (bool isSimple=false) : DefaultDOTGraphTraits(isSimple) {}
*67e74705SXin Li
*67e74705SXin Li  static std::string getNodeLabel(const CFGBlock *Node, const CFG* Graph) {
*67e74705SXin Li
*67e74705SXin Li#ifndef NDEBUG
*67e74705SXin Li    std::string OutSStr;
*67e74705SXin Li    llvm::raw_string_ostream Out(OutSStr);
*67e74705SXin Li    print_block(Out,Graph, *Node, *GraphHelper, false, false);
*67e74705SXin Li    std::string& OutStr = Out.str();
*67e74705SXin Li
*67e74705SXin Li    if (OutStr[0] == '\n') OutStr.erase(OutStr.begin());
*67e74705SXin Li
*67e74705SXin Li    // Process string output to make it nicer...
*67e74705SXin Li    for (unsigned i = 0; i != OutStr.length(); ++i)
*67e74705SXin Li      if (OutStr[i] == '\n') {                            // Left justify
*67e74705SXin Li        OutStr[i] = '\\';
*67e74705SXin Li        OutStr.insert(OutStr.begin()+i+1, 'l');
*67e74705SXin Li      }
*67e74705SXin Li
*67e74705SXin Li    return OutStr;
*67e74705SXin Li#else
*67e74705SXin Li    return "";
*67e74705SXin Li#endif
*67e74705SXin Li  }
*67e74705SXin Li};
*67e74705SXin Li} // end namespace llvm