]> git.ipfire.org Git - thirdparty/gcc.git/blob - gcc/vtable-verify.c
projects / thirdparty / gcc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Factor unrelated declarations out of tree.h.
[thirdparty/gcc.git] / gcc / vtable-verify.c
1 /* Copyright (C) 2013
2 Free Software Foundation, Inc.
3
4 This file is part of GCC.
5
6 GCC is free software; you can redistribute it and/or modify it under
7 the terms of the GNU General Public License as published by the Free
8 Software Foundation; either version 3, or (at your option) any later
9 version.
10
11 GCC is distributed in the hope that it will be useful, but WITHOUT ANY
12 WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with GCC; see the file COPYING3. If not see
18 <http://www.gnu.org/licenses/>. */
19
20 /* Virtual Table Pointer Security Pass - Detect corruption of vtable pointers
21 before using them for virtual method dispatches. */
22
23 /* This file is part of the vtable security feature implementation.
24 The vtable security feature is designed to detect when a virtual
25 call is about to be made through an invalid vtable pointer
26 (possibly due to data corruption or malicious attacks). The
27 compiler finds every virtual call, and inserts a verification call
28 before the virtual call. The verification call takes the actual
29 vtable pointer value in the object through which the virtual call
30 is being made, and compares the vtable pointer against a set of all
31 valid vtable pointers that the object could contain (this set is
32 based on the declared type of the object). If the pointer is in
33 the valid set, execution is allowed to continue; otherwise the
34 program is halted.
35
36 There are several pieces needed in order to make this work: 1. For
37 every virtual class in the program (i.e. a class that contains
38 virtual methods), we need to build the set of all possible valid
39 vtables that an object of that class could point to. This includes
40 vtables for any class(es) that inherit from the class under
41 consideration. 2. For every such data set we build up, we need a
42 way to find and reference the data set. This is complicated by the
43 fact that the real vtable addresses are not known until runtime,
44 when the program is loaded into memory, but we need to reference the
45 sets at compile time when we are inserting verification calls into
46 the program. 3. We need to find every virtual call in the program,
47 and insert the verification call (with the appropriate arguments)
48 before the virtual call. 4. We need some runtime library pieces:
49 the code to build up the data sets at runtime; the code to actually
50 perform the verification using the data sets; and some code to set
51 protections on the data sets, so they themselves do not become
52 hacker targets.
53
54 To find and reference the set of valid vtable pointers for any given
55 virtual class, we create a special global variable for each virtual
56 class. We refer to this as the "vtable map variable" for that
57 class. The vtable map variable has the type "void *", and is
58 initialized by the compiler to NULL. At runtime when the set of
59 valid vtable pointers for a virtual class, e.g. class Foo, is built,
60 the vtable map variable for class Foo is made to point to the set.
61 During compile time, when the compiler is inserting verification
62 calls into the program, it passes the vtable map variable for the
63 appropriate class to the verification call, so that at runtime the
64 verification call can find the appropriate data set.
65
66 The actual set of valid vtable pointers for a virtual class,
67 e.g. class Foo, cannot be built until runtime, when the vtables get
68 loaded into memory and their addresses are known. But the knowledge
69 about which vtables belong in which class' hierarchy is only known
70 at compile time. Therefore at compile time we collect class
71 hierarchy and vtable information about every virtual class, and we
72 generate calls to build up the data sets at runtime. To build the
73 data sets, we call one of the functions we add to the runtime
74 library, __VLTRegisterPair. __VLTRegisterPair takes two arguments,
75 a vtable map variable and the address of a vtable. If the vtable
76 map variable is currently NULL, it creates a new data set (hash
77 table), makes the vtable map variable point to the new data set, and
78 inserts the vtable address into the data set. If the vtable map
79 variable is not NULL, it just inserts the vtable address into the
80 data set. In order to make sure that our data sets are built before
81 any verification calls happen, we create a special constructor
82 initialization function for each compilation unit, give it a very
83 high initialization priority, and insert all of our calls to
84 __VLTRegisterPair into our special constructor initialization
85 function.
86
87 The vtable verification feature is controlled by the flag
88 '-fvtable-verify='. There are three flavors of this:
89 '-fvtable-verify=std', '-fvtable-verify=preinit', and
90 '-fvtable-verify=none'. If the option '-fvtable-verfy=preinit' is
91 used, then our constructor initialization function gets put into the
92 preinit array. This is necessary if there are data sets that need
93 to be built very early in execution. If the constructor
94 initialization function gets put into the preinit array, the we also
95 add calls to __VLTChangePermission at the beginning and end of the
96 function. The call at the beginning sets the permissions on the
97 data sets and vtable map variables to read/write, and the one at the
98 end makes them read-only. If the '-fvtable-verify=std' option is
99 used, the constructor initialization functions are executed at their
100 normal time, and the __VLTChangePermission calls are handled
101 differently (see the comments in libstdc++-v3/libsupc++/vtv_rts.cc).
102 The option '-fvtable-verify=none' turns off vtable verification.
103
104 This file contains code for the tree pass that goes through all the
105 statements in each basic block, looking for virtual calls, and
106 inserting a call to __VLTVerifyVtablePointer (with appropriate
107 arguments) before each one. It also contains the hash table
108 functions for the data structures used for collecting the class
109 hierarchy data and building/maintaining the vtable map variable data
110 are defined in gcc/vtable-verify.h. These data structures are
111 shared with the code in the C++ front end that collects the class
112 hierarchy & vtable information and generates the vtable map
113 variables (see cp/vtable-class-hierarchy.c). This tree pass should
114 run just before the gimple is converted to RTL.
115
116 Some implementation details for this pass:
117
118 To find all of the virtual calls, we iterate through all the
119 gimple statements in each basic block, looking for any call
120 statement with the code "OBJ_TYPE_REF". Once we have found the
121 virtual call, we need to find the vtable pointer through which the
122 call is being made, and the type of the object containing the
123 pointer (to find the appropriate vtable map variable). We then use
124 these to build a call to __VLTVerifyVtablePointer, passing the
125 vtable map variable, and the vtable pointer. We insert the
126 verification call just after the gimple statement that gets the
127 vtable pointer out of the object, and we update the next
128 statement to depend on the result returned from
129 __VLTVerifyVtablePointer (the vtable pointer value), to ensure
130 subsequent compiler phases don't remove or reorder the call (it's no
131 good to have the verification occur after the virtual call, for
132 example). To find the vtable pointer being used (and the type of
133 the object) we search backwards through the def_stmts chain from the
134 virtual call (see verify_bb_vtables for more details). */
135
136 #include "config.h"
137 #include "system.h"
138 #include "coretypes.h"
139 #include "tree.h"
140 #include "basic-block.h"
141 #include "gimple.h"
142 #include "gimple-iterator.h"
143 #include "gimple-ssa.h"
144 #include "tree-phinodes.h"
145 #include "ssa-iterators.h"
146 #include "stringpool.h"
147 #include "tree-ssanames.h"
148 #include "tree-pass.h"
149 #include "cfgloop.h"
150
151 #include "vtable-verify.h"
152
153 unsigned num_vtable_map_nodes = 0;
154 int total_num_virtual_calls = 0;
155 int total_num_verified_vcalls = 0;
156
157 extern GTY(()) tree verify_vtbl_ptr_fndecl;
158 tree verify_vtbl_ptr_fndecl = NULL_TREE;
159
160 /* Keep track of whether or not any virtual call were verified. */
161 static bool any_verification_calls_generated = false;
162
163 unsigned int vtable_verify_main (void);
164
165
166 /* The following few functions are for the vtbl pointer hash table
167 in the 'registered' field of the struct vtable_map_node. The hash
168 table keeps track of which vtable pointers have been used in
169 calls to __VLTRegisterPair with that particular vtable map variable. */
170
171 /* This function checks to see if a particular VTABLE_DECL and OFFSET are
172 already in the 'registered' hash table for NODE. */
173
174 bool
175 vtbl_map_node_registration_find (struct vtbl_map_node *node,
176 tree vtable_decl,
177 unsigned offset)
178 {
179 struct vtable_registration key;
180 struct vtable_registration **slot;
181
182 gcc_assert (node && node->registered.is_created ());
183
184 key.vtable_decl = vtable_decl;
185 slot = (struct vtable_registration **) node->registered.find_slot (&key,
186 NO_INSERT);
187
188 if (slot && (*slot))
189 {
190 unsigned i;
191 for (i = 0; i < ((*slot)->offsets).length (); ++i)
192 if ((*slot)->offsets[i] == offset)
193 return true;
194 }
195
196 return false;
197 }
198
199 /* This function inserts VTABLE_DECL and OFFSET into the 'registered'
200 hash table for NODE. It returns a boolean indicating whether or not
201 it actually inserted anything. */
202
203 bool
204 vtbl_map_node_registration_insert (struct vtbl_map_node *node,
205 tree vtable_decl,
206 unsigned offset)
207 {
208 struct vtable_registration key;
209 struct vtable_registration **slot;
210 bool inserted_something = false;
211
212 if (!node || !node->registered.is_created ())
213 return false;
214
215 key.vtable_decl = vtable_decl;
216 slot = (struct vtable_registration **) node->registered.find_slot (&key,
217 INSERT);
218
219 if (! *slot)
220 {
221 struct vtable_registration *node;
222 node = XNEW (struct vtable_registration);
223 node->vtable_decl = vtable_decl;
224
225 (node->offsets).create (10);
226 (node->offsets).safe_push (offset);
227 *slot = node;
228 inserted_something = true;
229 }
230 else
231 {
232 /* We found the vtable_decl slot; we need to see if it already
233 contains the offset. If not, we need to add the offset. */
234 unsigned i;
235 bool found = false;
236 for (i = 0; i < ((*slot)->offsets).length () && !found; ++i)
237 if ((*slot)->offsets[i] == offset)
238 found = true;
239
240 if (!found)
241 {
242 ((*slot)->offsets).safe_push (offset);
243 inserted_something = true;
244 }
245 }
246 return inserted_something;
247 }
248
249 /* Hashtable functions for vtable_registration hashtables. */
250
251 inline hashval_t
252 registration_hasher::hash (const value_type *p)
253 {
254 const struct vtable_registration *n = (const struct vtable_registration *) p;
255 return (hashval_t) (DECL_UID (n->vtable_decl));
256 }
257
258 inline bool
259 registration_hasher::equal (const value_type *p1, const compare_type *p2)
260 {
261 const struct vtable_registration *n1 =
262 (const struct vtable_registration *) p1;
263 const struct vtable_registration *n2 =
264 (const struct vtable_registration *) p2;
265 return (DECL_UID (n1->vtable_decl) == DECL_UID (n2->vtable_decl));
266 }
267
268 /* End of hashtable functions for "registered" hashtables. */
269
270
271
272 /* Hashtable definition and functions for vtbl_map_hash. */
273
274 struct vtbl_map_hasher : typed_noop_remove <struct vtbl_map_node>
275 {
276 typedef struct vtbl_map_node value_type;
277 typedef struct vtbl_map_node compare_type;
278 static inline hashval_t hash (const value_type *);
279 static inline bool equal (const value_type *, const compare_type *);
280 };
281
282 /* Returns a hash code for P. */
283
284 inline hashval_t
285 vtbl_map_hasher::hash (const value_type *p)
286 {
287 const struct vtbl_map_node n = *((const struct vtbl_map_node *) p);
288 return (hashval_t) IDENTIFIER_HASH_VALUE (n.class_name);
289 }
290
291 /* Returns nonzero if P1 and P2 are equal. */
292
293 inline bool
294 vtbl_map_hasher::equal (const value_type *p1, const compare_type *p2)
295 {
296 const struct vtbl_map_node n1 = *((const struct vtbl_map_node *) p1);
297 const struct vtbl_map_node n2 = *((const struct vtbl_map_node *) p2);
298 return (IDENTIFIER_HASH_VALUE (n1.class_name) ==
299 IDENTIFIER_HASH_VALUE (n2.class_name));
300 }
301
302 /* Here are the two structures into which we insert vtable map nodes.
303 We use two data structures because of the vastly different ways we need
304 to find the nodes for various tasks (see comments in vtable-verify.h
305 for more details. */
306
307 typedef hash_table <vtbl_map_hasher> vtbl_map_table_type;
308 typedef vtbl_map_table_type::iterator vtbl_map_iterator_type;
309
310 /* Vtable map variable nodes stored in a hash table. */
311 static vtbl_map_table_type vtbl_map_hash;
312
313 /* Vtable map variable nodes stored in a vector. */
314 vec<struct vtbl_map_node *> vtbl_map_nodes_vec;
315
316 /* Return vtbl_map node for CLASS_NAME without creating a new one. */
317
318 struct vtbl_map_node *
319 vtbl_map_get_node (tree class_type)
320 {
321 struct vtbl_map_node key;
322 struct vtbl_map_node **slot;
323
324 tree class_type_decl;
325 tree class_name;
326 unsigned int type_quals;
327
328 if (!vtbl_map_hash.is_created ())
329 return NULL;
330
331 gcc_assert (TREE_CODE (class_type) == RECORD_TYPE);
332
333
334 /* Find the TYPE_DECL for the class. */
335 class_type_decl = TYPE_NAME (class_type);
336
337 /* Verify that there aren't any qualifiers on the type. */
338 type_quals = TYPE_QUALS (TREE_TYPE (class_type_decl));
339 gcc_assert (type_quals == TYPE_UNQUALIFIED);
340
341 /* Get the mangled name for the unqualified type. */
342 gcc_assert (HAS_DECL_ASSEMBLER_NAME_P (class_type_decl));
343 class_name = DECL_ASSEMBLER_NAME (class_type_decl);
344
345 key.class_name = class_name;
346 slot = (struct vtbl_map_node **) vtbl_map_hash.find_slot (&key,
347 NO_INSERT);
348 if (!slot)
349 return NULL;
350 return *slot;
351 }
352
353 /* Return vtbl_map node assigned to BASE_CLASS_TYPE. Create new one
354 when needed. */
355
356 struct vtbl_map_node *
357 find_or_create_vtbl_map_node (tree base_class_type)
358 {
359 struct vtbl_map_node key;
360 struct vtbl_map_node *node;
361 struct vtbl_map_node **slot;
362 tree class_type_decl;
363 unsigned int type_quals;
364
365 if (!vtbl_map_hash.is_created ())
366 vtbl_map_hash.create (10);
367
368 /* Find the TYPE_DECL for the class. */
369 class_type_decl = TYPE_NAME (base_class_type);
370
371 /* Verify that there aren't any type qualifiers on type. */
372 type_quals = TYPE_QUALS (TREE_TYPE (class_type_decl));
373 gcc_assert (type_quals == TYPE_UNQUALIFIED);
374
375 gcc_assert (HAS_DECL_ASSEMBLER_NAME_P (class_type_decl));
376 key.class_name = DECL_ASSEMBLER_NAME (class_type_decl);
377 slot = (struct vtbl_map_node **) vtbl_map_hash.find_slot (&key,
378 INSERT);
379
380 if (*slot)
381 return *slot;
382
383 node = XNEW (struct vtbl_map_node);
384 node->vtbl_map_decl = NULL_TREE;
385 node->class_name = key.class_name;
386 node->uid = num_vtable_map_nodes++;
387
388 node->class_info = XNEW (struct vtv_graph_node);
389 node->class_info->class_type = base_class_type;
390 node->class_info->class_uid = node->uid;
391 node->class_info->num_processed_children = 0;
392
393 (node->class_info->parents).create (4);
394 (node->class_info->children).create (4);
395
396 node->registered.create (16);
397
398 node->is_used = false;
399
400 vtbl_map_nodes_vec.safe_push (node);
401 gcc_assert (vtbl_map_nodes_vec[node->uid] == node);
402
403 *slot = node;
404 return node;
405 }
406
407 /* End of hashtable functions for vtable_map variables hash table. */
408
409 /* Given a gimple STMT, this function checks to see if the statement
410 is an assignment, the rhs of which is getting the vtable pointer
411 value out of an object. (i.e. it's the value we need to verify
412 because its the vtable pointer that will be used for a virtual
413 call). */
414
415 static bool
416 is_vtable_assignment_stmt (gimple stmt)
417 {
418
419 if (gimple_code (stmt) != GIMPLE_ASSIGN)
420 return false;
421 else
422 {
423 tree lhs = gimple_assign_lhs (stmt);
424 tree rhs = gimple_assign_rhs1 (stmt);
425
426 if (TREE_CODE (lhs) != SSA_NAME)
427 return false;
428
429 if (TREE_CODE (rhs) != COMPONENT_REF)
430 return false;
431
432 if (! (TREE_OPERAND (rhs, 1))
433 || (TREE_CODE (TREE_OPERAND (rhs, 1)) != FIELD_DECL))
434 return false;
435
436 if (! DECL_VIRTUAL_P (TREE_OPERAND (rhs, 1)))
437 return false;
438 }
439
440 return true;
441 }
442
443 /* This function attempts to recover the declared class of an object
444 that is used in making a virtual call. We try to get the type from
445 the type cast in the gimple assignment statement that extracts the
446 vtable pointer from the object (DEF_STMT). The gimple statement
447 usually looks something like this:
448
449 D.2201_4 = MEM[(struct Event *)this_1(D)]._vptr.Event */
450
451 static tree
452 extract_object_class_type (tree rhs)
453 {
454 tree result = NULL_TREE;
455
456 /* Try to find and extract the type cast from that stmt. */
457 if (TREE_CODE (rhs) == COMPONENT_REF)
458 {
459 tree op0 = TREE_OPERAND (rhs, 0);
460 tree op1 = TREE_OPERAND (rhs, 1);
461
462 if (TREE_CODE (op1) == FIELD_DECL
463 && DECL_VIRTUAL_P (op1))
464 {
465 if (TREE_CODE (op0) == COMPONENT_REF
466 && TREE_CODE (TREE_OPERAND (op0, 0)) == MEM_REF
467 && TREE_CODE (TREE_TYPE (TREE_OPERAND (op0, 0)))== RECORD_TYPE)
468 result = TREE_TYPE (TREE_OPERAND (op0, 0));
469 else
470 result = TREE_TYPE (op0);
471 }
472 else if (TREE_CODE (op0) == COMPONENT_REF)
473 {
474 result = extract_object_class_type (op0);
475 if (result == NULL_TREE
476 && TREE_CODE (op1) == COMPONENT_REF)
477 result = extract_object_class_type (op1);
478 }
479 }
480
481 return result;
482 }
483
484 /* This function traces forward through the def-use chain of an SSA
485 variable to see if it ever gets used in a virtual function call. It
486 returns a boolean indicating whether or not it found a virtual call in
487 the use chain. */
488
489 static bool
490 var_is_used_for_virtual_call_p (tree lhs, int *mem_ref_depth)
491 {
492 imm_use_iterator imm_iter;
493 bool found_vcall = false;
494 use_operand_p use_p;
495
496 if (TREE_CODE (lhs) != SSA_NAME)
497 return false;
498
499 if (*mem_ref_depth > 2)
500 return false;
501
502 /* Iterate through the immediate uses of the current variable. If
503 it's a virtual function call, we're done. Otherwise, if there's
504 an LHS for the use stmt, add the ssa var to the work list
505 (assuming it's not already in the list and is not a variable
506 we've already examined. */
507
508 FOR_EACH_IMM_USE_FAST (use_p, imm_iter, lhs)
509 {
510 gimple stmt2 = USE_STMT (use_p);
511
512 if (gimple_code (stmt2) == GIMPLE_CALL)
513 {
514 tree fncall = gimple_call_fn (stmt2);
515 if (TREE_CODE (fncall) == OBJ_TYPE_REF)
516 found_vcall = true;
517 else
518 return false;
519 }
520 else if (gimple_code (stmt2) == GIMPLE_PHI)
521 {
522 found_vcall = var_is_used_for_virtual_call_p
523 (gimple_phi_result (stmt2),
524 mem_ref_depth);
525 }
526 else if (gimple_code (stmt2) == GIMPLE_ASSIGN)
527 {
528 tree rhs = gimple_assign_rhs1 (stmt2);
529 if (TREE_CODE (rhs) == ADDR_EXPR
530 || TREE_CODE (rhs) == MEM_REF)
531 *mem_ref_depth = *mem_ref_depth + 1;
532
533 if (TREE_CODE (rhs) == COMPONENT_REF)
534 {
535 while (TREE_CODE (TREE_OPERAND (rhs, 0)) == COMPONENT_REF)
536 rhs = TREE_OPERAND (rhs, 0);
537
538 if (TREE_CODE (TREE_OPERAND (rhs, 0)) == ADDR_EXPR
539 || TREE_CODE (TREE_OPERAND (rhs, 0)) == MEM_REF)
540 *mem_ref_depth = *mem_ref_depth + 1;
541 }
542
543 if (*mem_ref_depth < 3)
544 found_vcall = var_is_used_for_virtual_call_p
545 (gimple_assign_lhs (stmt2),
546 mem_ref_depth);
547 }
548
549 else
550 break;
551
552 if (found_vcall)
553 return true;
554 }
555
556 return false;
557 }
558
559 /* Search through all the statements in a basic block (BB), searching
560 for virtual method calls. For each virtual method dispatch, find
561 the vptr value used, and the statically declared type of the
562 object; retrieve the vtable map variable for the type of the
563 object; generate a call to __VLTVerifyVtablePointer; and insert the
564 generated call into the basic block, after the point where the vptr
565 value is gotten out of the object and before the virtual method
566 dispatch. Make the virtual method dispatch depend on the return
567 value from the verification call, so that subsequent optimizations
568 cannot reorder the two calls. */
569
570 static void
571 verify_bb_vtables (basic_block bb)
572 {
573 gimple_seq stmts;
574 gimple stmt = NULL;
575 gimple_stmt_iterator gsi_vtbl_assign;
576 gimple_stmt_iterator gsi_virtual_call;
577
578 stmts = bb_seq (bb);
579 gsi_virtual_call = gsi_start (stmts);
580 for (; !gsi_end_p (gsi_virtual_call); gsi_next (&gsi_virtual_call))
581 {
582 stmt = gsi_stmt (gsi_virtual_call);
583
584 /* Count virtual calls. */
585 if (gimple_code (stmt) == GIMPLE_CALL)
586 {
587 tree fncall = gimple_call_fn (stmt);
588 if (TREE_CODE (fncall) == OBJ_TYPE_REF)
589 total_num_virtual_calls++;
590 }
591
592 if (is_vtable_assignment_stmt (stmt))
593 {
594 tree lhs = gimple_assign_lhs (stmt);
595 tree vtbl_var_decl = NULL_TREE;
596 struct vtbl_map_node *vtable_map_node;
597 tree vtbl_decl = NULL_TREE;
598 gimple call_stmt;
599 const char *vtable_name = "<unknown>";
600 tree tmp0;
601 bool found;
602 int mem_ref_depth = 0;
603
604 /* Make sure this vptr field access is for a virtual call. */
605 if (!var_is_used_for_virtual_call_p (lhs, &mem_ref_depth))
606 continue;
607
608 /* Now we have found the virtual method dispatch and
609 the preceding access of the _vptr.* field... Next
610 we need to find the statically declared type of
611 the object, so we can find and use the right
612 vtable map variable in the verification call. */
613 tree class_type = extract_object_class_type
614 (gimple_assign_rhs1 (stmt));
615
616 gsi_vtbl_assign = gsi_for_stmt (stmt);
617
618 if (class_type
619 && (TREE_CODE (class_type) == RECORD_TYPE)
620 && TYPE_BINFO (class_type))
621 {
622 /* Get the vtable VAR_DECL for the type. */
623 vtbl_var_decl = BINFO_VTABLE (TYPE_BINFO (class_type));
624
625 if (TREE_CODE (vtbl_var_decl) == POINTER_PLUS_EXPR)
626 vtbl_var_decl = TREE_OPERAND (TREE_OPERAND (vtbl_var_decl, 0),
627 0);
628
629 gcc_assert (vtbl_var_decl);
630
631 vtbl_decl = vtbl_var_decl;
632 vtable_map_node = vtbl_map_get_node
633 (TYPE_MAIN_VARIANT (class_type));
634
635 gcc_assert (verify_vtbl_ptr_fndecl);
636
637 /* Given the vtable pointer for the base class of the
638 object, build the call to __VLTVerifyVtablePointer to
639 verify that the object's vtable pointer (contained in
640 lhs) is in the set of valid vtable pointers for the
641 base class. */
642
643 if (vtable_map_node && vtable_map_node->vtbl_map_decl)
644 {
645 use_operand_p use_p;
646 ssa_op_iter iter;
647
648 vtable_map_node->is_used = true;
649 vtbl_var_decl = vtable_map_node->vtbl_map_decl;
650
651 if (TREE_CODE (vtbl_decl) == VAR_DECL)
652 vtable_name = IDENTIFIER_POINTER (DECL_NAME (vtbl_decl));
653
654 /* Call different routines if we are interested in
655 trace information to debug problems. */
656 if (flag_vtv_debug)
657 {
658 int len1 = IDENTIFIER_LENGTH
659 (DECL_NAME (vtbl_var_decl));
660 int len2 = strlen (vtable_name);
661
662 call_stmt = gimple_build_call
663 (verify_vtbl_ptr_fndecl, 4,
664 build1 (ADDR_EXPR,
665 TYPE_POINTER_TO
666 (TREE_TYPE (vtbl_var_decl)),
667 vtbl_var_decl),
668 lhs,
669 build_string_literal
670 (len1 + 1,
671 IDENTIFIER_POINTER
672 (DECL_NAME
673 (vtbl_var_decl))),
674 build_string_literal (len2 + 1,
675 vtable_name));
676 }
677 else
678 call_stmt = gimple_build_call
679 (verify_vtbl_ptr_fndecl, 2,
680 build1 (ADDR_EXPR,
681 TYPE_POINTER_TO
682 (TREE_TYPE (vtbl_var_decl)),
683 vtbl_var_decl),
684 lhs);
685
686
687 /* Create a new SSA_NAME var to hold the call's
688 return value, and make the call_stmt use the
689 variable for that purpose. */
690 tmp0 = make_temp_ssa_name (TREE_TYPE (lhs), NULL, "VTV");
691 gimple_call_set_lhs (call_stmt, tmp0);
692 update_stmt (call_stmt);
693
694 /* Find the next stmt, after the vptr assignment
695 statememt, which should use the result of the
696 vptr assignment statement value. */
697 gsi_next (&gsi_vtbl_assign);
698 gimple next_stmt = gsi_stmt (gsi_vtbl_assign);
699
700 if (!next_stmt)
701 return;
702
703 /* Find any/all uses of 'lhs' in next_stmt, and
704 replace them with 'tmp0'. */
705 found = false;
706 FOR_EACH_PHI_OR_STMT_USE (use_p, next_stmt, iter,
707 SSA_OP_ALL_USES)
708 {
709 tree op = USE_FROM_PTR (use_p);
710 if (op == lhs)
711 {
712 SET_USE (use_p, tmp0);
713 found = true;
714 }
715 }
716 update_stmt (next_stmt);
717 gcc_assert (found);
718
719 /* Insert the new verification call just after the
720 statement that gets the vtable pointer out of the
721 object. */
722 gsi_vtbl_assign = gsi_for_stmt (stmt);
723 gsi_insert_after (&gsi_vtbl_assign, call_stmt,
724 GSI_NEW_STMT);
725
726 any_verification_calls_generated = true;
727 total_num_verified_vcalls++;
728 }
729 }
730 }
731 }
732 }
733
734 /* Main function, called from pass->excute(). Loop through all the
735 basic blocks in the current function, passing them to
736 verify_bb_vtables, which searches for virtual calls, and inserts
737 calls to __VLTVerifyVtablePointer. */
738
739 unsigned int
740 vtable_verify_main (void)
741 {
742 unsigned int ret = 1;
743 basic_block bb;
744
745 FOR_ALL_BB (bb)
746 verify_bb_vtables (bb);
747
748 return ret;
749 }
750
751 /* Gate function for the pass. */
752
753 static bool
754 gate_tree_vtable_verify (void)
755 {
756 return (flag_vtable_verify);
757 }
758
759 /* Definition of this optimization pass. */
760
761 namespace {
762
763 const pass_data pass_data_vtable_verify =
764 {
765 GIMPLE_PASS, /* type */
766 "vtable-verify", /* name */
767 OPTGROUP_NONE, /* optinfo_flags */
768 true, /* has_gate */
769 true, /* has_execute */
770 TV_VTABLE_VERIFICATION, /* tv_id */
771 ( PROP_cfg | PROP_ssa ), /* properties_required */
772 0, /* properties_provided */
773 0, /* properties_destroyed */
774 0, /* todo_flags_start */
775 TODO_update_ssa, /* todo_flags_finish */
776 };
777
778 class pass_vtable_verify : public gimple_opt_pass
779 {
780 public:
781 pass_vtable_verify (gcc::context *ctxt)
782 : gimple_opt_pass (pass_data_vtable_verify, ctxt)
783 {}
784
785 /* opt_pass methods: */
786 bool gate () { return gate_tree_vtable_verify (); }
787 unsigned int execute () { return vtable_verify_main (); }
788
789 }; // class pass_vtable_verify
790
791 } // anon namespace
792
793 gimple_opt_pass *
794 make_pass_vtable_verify (gcc::context *ctxt)
795 {
796 return new pass_vtable_verify (ctxt);
797 }
798
799 #include "gt-vtable-verify.h"
Mirror of https://gcc.gnu.org/git/gcc.git