projects / gcc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
optabs.c (expand_vec_perm): Revert one incorrect line from 2013-10-31 change.
[gcc.git] / gcc / vtable-verify.c
1 /* Copyright (C) 2013
2 Free Software Foundation, Inc.
3
4 This file is part of GCC.
5
6 GCC is free software; you can redistribute it and/or modify it under
7 the terms of the GNU General Public License as published by the Free
8 Software Foundation; either version 3, or (at your option) any later
9 version.
10
11 GCC is distributed in the hope that it will be useful, but WITHOUT ANY
12 WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with GCC; see the file COPYING3. If not see
18 <http://www.gnu.org/licenses/>. */
19
20 /* Virtual Table Pointer Security Pass - Detect corruption of vtable pointers
21 before using them for virtual method dispatches. */
22
23 /* This file is part of the vtable security feature implementation.
24 The vtable security feature is designed to detect when a virtual
25 call is about to be made through an invalid vtable pointer
26 (possibly due to data corruption or malicious attacks). The
27 compiler finds every virtual call, and inserts a verification call
28 before the virtual call. The verification call takes the actual
29 vtable pointer value in the object through which the virtual call
30 is being made, and compares the vtable pointer against a set of all
31 valid vtable pointers that the object could contain (this set is
32 based on the declared type of the object). If the pointer is in
33 the valid set, execution is allowed to continue; otherwise the
34 program is halted.
35
36 There are several pieces needed in order to make this work: 1. For
37 every virtual class in the program (i.e. a class that contains
38 virtual methods), we need to build the set of all possible valid
39 vtables that an object of that class could point to. This includes
40 vtables for any class(es) that inherit from the class under
41 consideration. 2. For every such data set we build up, we need a
42 way to find and reference the data set. This is complicated by the
43 fact that the real vtable addresses are not known until runtime,
44 when the program is loaded into memory, but we need to reference the
45 sets at compile time when we are inserting verification calls into
46 the program. 3. We need to find every virtual call in the program,
47 and insert the verification call (with the appropriate arguments)
48 before the virtual call. 4. We need some runtime library pieces:
49 the code to build up the data sets at runtime; the code to actually
50 perform the verification using the data sets; and some code to set
51 protections on the data sets, so they themselves do not become
52 hacker targets.
53
54 To find and reference the set of valid vtable pointers for any given
55 virtual class, we create a special global variable for each virtual
56 class. We refer to this as the "vtable map variable" for that
57 class. The vtable map variable has the type "void *", and is
58 initialized by the compiler to NULL. At runtime when the set of
59 valid vtable pointers for a virtual class, e.g. class Foo, is built,
60 the vtable map variable for class Foo is made to point to the set.
61 During compile time, when the compiler is inserting verification
62 calls into the program, it passes the vtable map variable for the
63 appropriate class to the verification call, so that at runtime the
64 verification call can find the appropriate data set.
65
66 The actual set of valid vtable pointers for a virtual class,
67 e.g. class Foo, cannot be built until runtime, when the vtables get
68 loaded into memory and their addresses are known. But the knowledge
69 about which vtables belong in which class' hierarchy is only known
70 at compile time. Therefore at compile time we collect class
71 hierarchy and vtable information about every virtual class, and we
72 generate calls to build up the data sets at runtime. To build the
73 data sets, we call one of the functions we add to the runtime
74 library, __VLTRegisterPair. __VLTRegisterPair takes two arguments,
75 a vtable map variable and the address of a vtable. If the vtable
76 map variable is currently NULL, it creates a new data set (hash
77 table), makes the vtable map variable point to the new data set, and
78 inserts the vtable address into the data set. If the vtable map
79 variable is not NULL, it just inserts the vtable address into the
80 data set. In order to make sure that our data sets are built before
81 any verification calls happen, we create a special constructor
82 initialization function for each compilation unit, give it a very
83 high initialization priority, and insert all of our calls to
84 __VLTRegisterPair into our special constructor initialization
85 function.
86
87 The vtable verification feature is controlled by the flag
88 '-fvtable-verify='. There are three flavors of this:
89 '-fvtable-verify=std', '-fvtable-verify=preinit', and
90 '-fvtable-verify=none'. If the option '-fvtable-verfy=preinit' is
91 used, then our constructor initialization function gets put into the
92 preinit array. This is necessary if there are data sets that need
93 to be built very early in execution. If the constructor
94 initialization function gets put into the preinit array, the we also
95 add calls to __VLTChangePermission at the beginning and end of the
96 function. The call at the beginning sets the permissions on the
97 data sets and vtable map variables to read/write, and the one at the
98 end makes them read-only. If the '-fvtable-verify=std' option is
99 used, the constructor initialization functions are executed at their
100 normal time, and the __VLTChangePermission calls are handled
101 differently (see the comments in libstdc++-v3/libsupc++/vtv_rts.cc).
102 The option '-fvtable-verify=none' turns off vtable verification.
103
104 This file contains code for the tree pass that goes through all the
105 statements in each basic block, looking for virtual calls, and
106 inserting a call to __VLTVerifyVtablePointer (with appropriate
107 arguments) before each one. It also contains the hash table
108 functions for the data structures used for collecting the class
109 hierarchy data and building/maintaining the vtable map variable data
110 are defined in gcc/vtable-verify.h. These data structures are
111 shared with the code in the C++ front end that collects the class
112 hierarchy & vtable information and generates the vtable map
113 variables (see cp/vtable-class-hierarchy.c). This tree pass should
114 run just before the gimple is converted to RTL.
115
116 Some implementation details for this pass:
117
118 To find all of the virtual calls, we iterate through all the
119 gimple statements in each basic block, looking for any call
120 statement with the code "OBJ_TYPE_REF". Once we have found the
121 virtual call, we need to find the vtable pointer through which the
122 call is being made, and the type of the object containing the
123 pointer (to find the appropriate vtable map variable). We then use
124 these to build a call to __VLTVerifyVtablePointer, passing the
125 vtable map variable, and the vtable pointer. We insert the
126 verification call just after the gimple statement that gets the
127 vtable pointer out of the object, and we update the next
128 statement to depend on the result returned from
129 __VLTVerifyVtablePointer (the vtable pointer value), to ensure
130 subsequent compiler phases don't remove or reorder the call (it's no
131 good to have the verification occur after the virtual call, for
132 example). To find the vtable pointer being used (and the type of
133 the object) we search backwards through the def_stmts chain from the
134 virtual call (see verify_bb_vtables for more details). */
135
136 #include "config.h"
137 #include "system.h"
138 #include "coretypes.h"
139 #include "tree.h"
140 #include "basic-block.h"
141 #include "gimple.h"
142 #include "gimple-ssa.h"
143 #include "tree-phinodes.h"
144 #include "ssa-iterators.h"
145 #include "tree-ssanames.h"
146 #include "tree-pass.h"
147 #include "cfgloop.h"
148
149 #include "vtable-verify.h"
150
151 unsigned num_vtable_map_nodes = 0;
152 int total_num_virtual_calls = 0;
153 int total_num_verified_vcalls = 0;
154
155 extern GTY(()) tree verify_vtbl_ptr_fndecl;
156 tree verify_vtbl_ptr_fndecl = NULL_TREE;
157
158 /* Keep track of whether or not any virtual call were verified. */
159 static bool any_verification_calls_generated = false;
160
161 unsigned int vtable_verify_main (void);
162
163
164 /* The following few functions are for the vtbl pointer hash table
165 in the 'registered' field of the struct vtable_map_node. The hash
166 table keeps track of which vtable pointers have been used in
167 calls to __VLTRegisterPair with that particular vtable map variable. */
168
169 /* This function checks to see if a particular VTABLE_DECL and OFFSET are
170 already in the 'registered' hash table for NODE. */
171
172 bool
173 vtbl_map_node_registration_find (struct vtbl_map_node *node,
174 tree vtable_decl,
175 unsigned offset)
176 {
177 struct vtable_registration key;
178 struct vtable_registration **slot;
179
180 gcc_assert (node && node->registered.is_created ());
181
182 key.vtable_decl = vtable_decl;
183 slot = (struct vtable_registration **) node->registered.find_slot (&key,
184 NO_INSERT);
185
186 if (slot && (*slot))
187 {
188 unsigned i;
189 for (i = 0; i < ((*slot)->offsets).length (); ++i)
190 if ((*slot)->offsets[i] == offset)
191 return true;
192 }
193
194 return false;
195 }
196
197 /* This function inserts VTABLE_DECL and OFFSET into the 'registered'
198 hash table for NODE. It returns a boolean indicating whether or not
199 it actually inserted anything. */
200
201 bool
202 vtbl_map_node_registration_insert (struct vtbl_map_node *node,
203 tree vtable_decl,
204 unsigned offset)
205 {
206 struct vtable_registration key;
207 struct vtable_registration **slot;
208 bool inserted_something = false;
209
210 if (!node || !node->registered.is_created ())
211 return false;
212
213 key.vtable_decl = vtable_decl;
214 slot = (struct vtable_registration **) node->registered.find_slot (&key,
215 INSERT);
216
217 if (! *slot)
218 {
219 struct vtable_registration *node;
220 node = XNEW (struct vtable_registration);
221 node->vtable_decl = vtable_decl;
222
223 (node->offsets).create (10);
224 (node->offsets).safe_push (offset);
225 *slot = node;
226 inserted_something = true;
227 }
228 else
229 {
230 /* We found the vtable_decl slot; we need to see if it already
231 contains the offset. If not, we need to add the offset. */
232 unsigned i;
233 bool found = false;
234 for (i = 0; i < ((*slot)->offsets).length () && !found; ++i)
235 if ((*slot)->offsets[i] == offset)
236 found = true;
237
238 if (!found)
239 {
240 ((*slot)->offsets).safe_push (offset);
241 inserted_something = true;
242 }
243 }
244 return inserted_something;
245 }
246
247 /* Hashtable functions for vtable_registration hashtables. */
248
249 inline hashval_t
250 registration_hasher::hash (const value_type *p)
251 {
252 const struct vtable_registration *n = (const struct vtable_registration *) p;
253 return (hashval_t) (DECL_UID (n->vtable_decl));
254 }
255
256 inline bool
257 registration_hasher::equal (const value_type *p1, const compare_type *p2)
258 {
259 const struct vtable_registration *n1 =
260 (const struct vtable_registration *) p1;
261 const struct vtable_registration *n2 =
262 (const struct vtable_registration *) p2;
263 return (DECL_UID (n1->vtable_decl) == DECL_UID (n2->vtable_decl));
264 }
265
266 /* End of hashtable functions for "registered" hashtables. */
267
268
269
270 /* Hashtable definition and functions for vtbl_map_hash. */
271
272 struct vtbl_map_hasher : typed_noop_remove <struct vtbl_map_node>
273 {
274 typedef struct vtbl_map_node value_type;
275 typedef struct vtbl_map_node compare_type;
276 static inline hashval_t hash (const value_type *);
277 static inline bool equal (const value_type *, const compare_type *);
278 };
279
280 /* Returns a hash code for P. */
281
282 inline hashval_t
283 vtbl_map_hasher::hash (const value_type *p)
284 {
285 const struct vtbl_map_node n = *((const struct vtbl_map_node *) p);
286 return (hashval_t) IDENTIFIER_HASH_VALUE (n.class_name);
287 }
288
289 /* Returns nonzero if P1 and P2 are equal. */
290
291 inline bool
292 vtbl_map_hasher::equal (const value_type *p1, const compare_type *p2)
293 {
294 const struct vtbl_map_node n1 = *((const struct vtbl_map_node *) p1);
295 const struct vtbl_map_node n2 = *((const struct vtbl_map_node *) p2);
296 return (IDENTIFIER_HASH_VALUE (n1.class_name) ==
297 IDENTIFIER_HASH_VALUE (n2.class_name));
298 }
299
300 /* Here are the two structures into which we insert vtable map nodes.
301 We use two data structures because of the vastly different ways we need
302 to find the nodes for various tasks (see comments in vtable-verify.h
303 for more details. */
304
305 typedef hash_table <vtbl_map_hasher> vtbl_map_table_type;
306 typedef vtbl_map_table_type::iterator vtbl_map_iterator_type;
307
308 /* Vtable map variable nodes stored in a hash table. */
309 static vtbl_map_table_type vtbl_map_hash;
310
311 /* Vtable map variable nodes stored in a vector. */
312 vec<struct vtbl_map_node *> vtbl_map_nodes_vec;
313
314 /* Return vtbl_map node for CLASS_NAME without creating a new one. */
315
316 struct vtbl_map_node *
317 vtbl_map_get_node (tree class_type)
318 {
319 struct vtbl_map_node key;
320 struct vtbl_map_node **slot;
321
322 tree class_type_decl;
323 tree class_name;
324 unsigned int type_quals;
325
326 if (!vtbl_map_hash.is_created ())
327 return NULL;
328
329 gcc_assert (TREE_CODE (class_type) == RECORD_TYPE);
330
331
332 /* Find the TYPE_DECL for the class. */
333 class_type_decl = TYPE_NAME (class_type);
334
335 /* Verify that there aren't any qualifiers on the type. */
336 type_quals = TYPE_QUALS (TREE_TYPE (class_type_decl));
337 gcc_assert (type_quals == TYPE_UNQUALIFIED);
338
339 /* Get the mangled name for the unqualified type. */
340 gcc_assert (HAS_DECL_ASSEMBLER_NAME_P (class_type_decl));
341 class_name = DECL_ASSEMBLER_NAME (class_type_decl);
342
343 key.class_name = class_name;
344 slot = (struct vtbl_map_node **) vtbl_map_hash.find_slot (&key,
345 NO_INSERT);
346 if (!slot)
347 return NULL;
348 return *slot;
349 }
350
351 /* Return vtbl_map node assigned to BASE_CLASS_TYPE. Create new one
352 when needed. */
353
354 struct vtbl_map_node *
355 find_or_create_vtbl_map_node (tree base_class_type)
356 {
357 struct vtbl_map_node key;
358 struct vtbl_map_node *node;
359 struct vtbl_map_node **slot;
360 tree class_type_decl;
361 unsigned int type_quals;
362
363 if (!vtbl_map_hash.is_created ())
364 vtbl_map_hash.create (10);
365
366 /* Find the TYPE_DECL for the class. */
367 class_type_decl = TYPE_NAME (base_class_type);
368
369 /* Verify that there aren't any type qualifiers on type. */
370 type_quals = TYPE_QUALS (TREE_TYPE (class_type_decl));
371 gcc_assert (type_quals == TYPE_UNQUALIFIED);
372
373 gcc_assert (HAS_DECL_ASSEMBLER_NAME_P (class_type_decl));
374 key.class_name = DECL_ASSEMBLER_NAME (class_type_decl);
375 slot = (struct vtbl_map_node **) vtbl_map_hash.find_slot (&key,
376 INSERT);
377
378 if (*slot)
379 return *slot;
380
381 node = XNEW (struct vtbl_map_node);
382 node->vtbl_map_decl = NULL_TREE;
383 node->class_name = key.class_name;
384 node->uid = num_vtable_map_nodes++;
385
386 node->class_info = XNEW (struct vtv_graph_node);
387 node->class_info->class_type = base_class_type;
388 node->class_info->class_uid = node->uid;
389 node->class_info->num_processed_children = 0;
390
391 (node->class_info->parents).create (4);
392 (node->class_info->children).create (4);
393
394 node->registered.create (16);
395
396 node->is_used = false;
397
398 vtbl_map_nodes_vec.safe_push (node);
399 gcc_assert (vtbl_map_nodes_vec[node->uid] == node);
400
401 *slot = node;
402 return node;
403 }
404
405 /* End of hashtable functions for vtable_map variables hash table. */
406
407 /* Given a gimple STMT, this function checks to see if the statement
408 is an assignment, the rhs of which is getting the vtable pointer
409 value out of an object. (i.e. it's the value we need to verify
410 because its the vtable pointer that will be used for a virtual
411 call). */
412
413 static bool
414 is_vtable_assignment_stmt (gimple stmt)
415 {
416
417 if (gimple_code (stmt) != GIMPLE_ASSIGN)
418 return false;
419 else
420 {
421 tree lhs = gimple_assign_lhs (stmt);
422 tree rhs = gimple_assign_rhs1 (stmt);
423
424 if (TREE_CODE (lhs) != SSA_NAME)
425 return false;
426
427 if (TREE_CODE (rhs) != COMPONENT_REF)
428 return false;
429
430 if (! (TREE_OPERAND (rhs, 1))
431 || (TREE_CODE (TREE_OPERAND (rhs, 1)) != FIELD_DECL))
432 return false;
433
434 if (! DECL_VIRTUAL_P (TREE_OPERAND (rhs, 1)))
435 return false;
436 }
437
438 return true;
439 }
440
441 /* This function attempts to recover the declared class of an object
442 that is used in making a virtual call. We try to get the type from
443 the type cast in the gimple assignment statement that extracts the
444 vtable pointer from the object (DEF_STMT). The gimple statement
445 usually looks something like this:
446
447 D.2201_4 = MEM[(struct Event *)this_1(D)]._vptr.Event */
448
449 static tree
450 extract_object_class_type (tree rhs)
451 {
452 tree result = NULL_TREE;
453
454 /* Try to find and extract the type cast from that stmt. */
455 if (TREE_CODE (rhs) == COMPONENT_REF)
456 {
457 tree op0 = TREE_OPERAND (rhs, 0);
458 tree op1 = TREE_OPERAND (rhs, 1);
459
460 if (TREE_CODE (op1) == FIELD_DECL
461 && DECL_VIRTUAL_P (op1))
462 {
463 if (TREE_CODE (op0) == COMPONENT_REF
464 && TREE_CODE (TREE_OPERAND (op0, 0)) == MEM_REF
465 && TREE_CODE (TREE_TYPE (TREE_OPERAND (op0, 0)))== RECORD_TYPE)
466 result = TREE_TYPE (TREE_OPERAND (op0, 0));
467 else
468 result = TREE_TYPE (op0);
469 }
470 else if (TREE_CODE (op0) == COMPONENT_REF)
471 {
472 result = extract_object_class_type (op0);
473 if (result == NULL_TREE
474 && TREE_CODE (op1) == COMPONENT_REF)
475 result = extract_object_class_type (op1);
476 }
477 }
478
479 return result;
480 }
481
482 /* This function traces forward through the def-use chain of an SSA
483 variable to see if it ever gets used in a virtual function call. It
484 returns a boolean indicating whether or not it found a virtual call in
485 the use chain. */
486
487 static bool
488 var_is_used_for_virtual_call_p (tree lhs, int *mem_ref_depth)
489 {
490 imm_use_iterator imm_iter;
491 bool found_vcall = false;
492 use_operand_p use_p;
493
494 if (TREE_CODE (lhs) != SSA_NAME)
495 return false;
496
497 if (*mem_ref_depth > 2)
498 return false;
499
500 /* Iterate through the immediate uses of the current variable. If
501 it's a virtual function call, we're done. Otherwise, if there's
502 an LHS for the use stmt, add the ssa var to the work list
503 (assuming it's not already in the list and is not a variable
504 we've already examined. */
505
506 FOR_EACH_IMM_USE_FAST (use_p, imm_iter, lhs)
507 {
508 gimple stmt2 = USE_STMT (use_p);
509
510 if (gimple_code (stmt2) == GIMPLE_CALL)
511 {
512 tree fncall = gimple_call_fn (stmt2);
513 if (TREE_CODE (fncall) == OBJ_TYPE_REF)
514 found_vcall = true;
515 else
516 return false;
517 }
518 else if (gimple_code (stmt2) == GIMPLE_PHI)
519 {
520 found_vcall = var_is_used_for_virtual_call_p
521 (gimple_phi_result (stmt2),
522 mem_ref_depth);
523 }
524 else if (gimple_code (stmt2) == GIMPLE_ASSIGN)
525 {
526 tree rhs = gimple_assign_rhs1 (stmt2);
527 if (TREE_CODE (rhs) == ADDR_EXPR
528 || TREE_CODE (rhs) == MEM_REF)
529 *mem_ref_depth = *mem_ref_depth + 1;
530
531 if (TREE_CODE (rhs) == COMPONENT_REF)
532 {
533 while (TREE_CODE (TREE_OPERAND (rhs, 0)) == COMPONENT_REF)
534 rhs = TREE_OPERAND (rhs, 0);
535
536 if (TREE_CODE (TREE_OPERAND (rhs, 0)) == ADDR_EXPR
537 || TREE_CODE (TREE_OPERAND (rhs, 0)) == MEM_REF)
538 *mem_ref_depth = *mem_ref_depth + 1;
539 }
540
541 if (*mem_ref_depth < 3)
542 found_vcall = var_is_used_for_virtual_call_p
543 (gimple_assign_lhs (stmt2),
544 mem_ref_depth);
545 }
546
547 else
548 break;
549
550 if (found_vcall)
551 return true;
552 }
553
554 return false;
555 }
556
557 /* Search through all the statements in a basic block (BB), searching
558 for virtual method calls. For each virtual method dispatch, find
559 the vptr value used, and the statically declared type of the
560 object; retrieve the vtable map variable for the type of the
561 object; generate a call to __VLTVerifyVtablePointer; and insert the
562 generated call into the basic block, after the point where the vptr
563 value is gotten out of the object and before the virtual method
564 dispatch. Make the virtual method dispatch depend on the return
565 value from the verification call, so that subsequent optimizations
566 cannot reorder the two calls. */
567
568 static void
569 verify_bb_vtables (basic_block bb)
570 {
571 gimple_seq stmts;
572 gimple stmt = NULL;
573 gimple_stmt_iterator gsi_vtbl_assign;
574 gimple_stmt_iterator gsi_virtual_call;
575
576 stmts = bb_seq (bb);
577 gsi_virtual_call = gsi_start (stmts);
578 for (; !gsi_end_p (gsi_virtual_call); gsi_next (&gsi_virtual_call))
579 {
580 stmt = gsi_stmt (gsi_virtual_call);
581
582 /* Count virtual calls. */
583 if (gimple_code (stmt) == GIMPLE_CALL)
584 {
585 tree fncall = gimple_call_fn (stmt);
586 if (TREE_CODE (fncall) == OBJ_TYPE_REF)
587 total_num_virtual_calls++;
588 }
589
590 if (is_vtable_assignment_stmt (stmt))
591 {
592 tree lhs = gimple_assign_lhs (stmt);
593 tree vtbl_var_decl = NULL_TREE;
594 struct vtbl_map_node *vtable_map_node;
595 tree vtbl_decl = NULL_TREE;
596 gimple call_stmt;
597 const char *vtable_name = "<unknown>";
598 tree tmp0;
599 bool found;
600 int mem_ref_depth = 0;
601
602 /* Make sure this vptr field access is for a virtual call. */
603 if (!var_is_used_for_virtual_call_p (lhs, &mem_ref_depth))
604 continue;
605
606 /* Now we have found the virtual method dispatch and
607 the preceding access of the _vptr.* field... Next
608 we need to find the statically declared type of
609 the object, so we can find and use the right
610 vtable map variable in the verification call. */
611 tree class_type = extract_object_class_type
612 (gimple_assign_rhs1 (stmt));
613
614 gsi_vtbl_assign = gsi_for_stmt (stmt);
615
616 if (class_type
617 && (TREE_CODE (class_type) == RECORD_TYPE)
618 && TYPE_BINFO (class_type))
619 {
620 /* Get the vtable VAR_DECL for the type. */
621 vtbl_var_decl = BINFO_VTABLE (TYPE_BINFO (class_type));
622
623 if (TREE_CODE (vtbl_var_decl) == POINTER_PLUS_EXPR)
624 vtbl_var_decl = TREE_OPERAND (TREE_OPERAND (vtbl_var_decl, 0),
625 0);
626
627 gcc_assert (vtbl_var_decl);
628
629 vtbl_decl = vtbl_var_decl;
630 vtable_map_node = vtbl_map_get_node
631 (TYPE_MAIN_VARIANT (class_type));
632
633 gcc_assert (verify_vtbl_ptr_fndecl);
634
635 /* Given the vtable pointer for the base class of the
636 object, build the call to __VLTVerifyVtablePointer to
637 verify that the object's vtable pointer (contained in
638 lhs) is in the set of valid vtable pointers for the
639 base class. */
640
641 if (vtable_map_node && vtable_map_node->vtbl_map_decl)
642 {
643 use_operand_p use_p;
644 ssa_op_iter iter;
645
646 vtable_map_node->is_used = true;
647 vtbl_var_decl = vtable_map_node->vtbl_map_decl;
648
649 if (TREE_CODE (vtbl_decl) == VAR_DECL)
650 vtable_name = IDENTIFIER_POINTER (DECL_NAME (vtbl_decl));
651
652 /* Call different routines if we are interested in
653 trace information to debug problems. */
654 if (flag_vtv_debug)
655 {
656 int len1 = IDENTIFIER_LENGTH
657 (DECL_NAME (vtbl_var_decl));
658 int len2 = strlen (vtable_name);
659
660 call_stmt = gimple_build_call
661 (verify_vtbl_ptr_fndecl, 4,
662 build1 (ADDR_EXPR,
663 TYPE_POINTER_TO
664 (TREE_TYPE (vtbl_var_decl)),
665 vtbl_var_decl),
666 lhs,
667 build_string_literal
668 (len1 + 1,
669 IDENTIFIER_POINTER
670 (DECL_NAME
671 (vtbl_var_decl))),
672 build_string_literal (len2 + 1,
673 vtable_name));
674 }
675 else
676 call_stmt = gimple_build_call
677 (verify_vtbl_ptr_fndecl, 2,
678 build1 (ADDR_EXPR,
679 TYPE_POINTER_TO
680 (TREE_TYPE (vtbl_var_decl)),
681 vtbl_var_decl),
682 lhs);
683
684
685 /* Create a new SSA_NAME var to hold the call's
686 return value, and make the call_stmt use the
687 variable for that purpose. */
688 tmp0 = make_temp_ssa_name (TREE_TYPE (lhs), NULL, "VTV");
689 gimple_call_set_lhs (call_stmt, tmp0);
690 update_stmt (call_stmt);
691
692 /* Find the next stmt, after the vptr assignment
693 statememt, which should use the result of the
694 vptr assignment statement value. */
695 gsi_next (&gsi_vtbl_assign);
696 gimple next_stmt = gsi_stmt (gsi_vtbl_assign);
697
698 if (!next_stmt)
699 return;
700
701 /* Find any/all uses of 'lhs' in next_stmt, and
702 replace them with 'tmp0'. */
703 found = false;
704 FOR_EACH_PHI_OR_STMT_USE (use_p, next_stmt, iter,
705 SSA_OP_ALL_USES)
706 {
707 tree op = USE_FROM_PTR (use_p);
708 if (op == lhs)
709 {
710 SET_USE (use_p, tmp0);
711 found = true;
712 }
713 }
714 update_stmt (next_stmt);
715 gcc_assert (found);
716
717 /* Insert the new verification call just after the
718 statement that gets the vtable pointer out of the
719 object. */
720 gsi_vtbl_assign = gsi_for_stmt (stmt);
721 gsi_insert_after (&gsi_vtbl_assign, call_stmt,
722 GSI_NEW_STMT);
723
724 any_verification_calls_generated = true;
725 total_num_verified_vcalls++;
726 }
727 }
728 }
729 }
730 }
731
732 /* Main function, called from pass->excute(). Loop through all the
733 basic blocks in the current function, passing them to
734 verify_bb_vtables, which searches for virtual calls, and inserts
735 calls to __VLTVerifyVtablePointer. */
736
737 unsigned int
738 vtable_verify_main (void)
739 {
740 unsigned int ret = 1;
741 basic_block bb;
742
743 FOR_ALL_BB (bb)
744 verify_bb_vtables (bb);
745
746 return ret;
747 }
748
749 /* Gate function for the pass. */
750
751 static bool
752 gate_tree_vtable_verify (void)
753 {
754 return (flag_vtable_verify);
755 }
756
757 /* Definition of this optimization pass. */
758
759 namespace {
760
761 const pass_data pass_data_vtable_verify =
762 {
763 GIMPLE_PASS, /* type */
764 "vtable-verify", /* name */
765 OPTGROUP_NONE, /* optinfo_flags */
766 true, /* has_gate */
767 true, /* has_execute */
768 TV_VTABLE_VERIFICATION, /* tv_id */
769 ( PROP_cfg | PROP_ssa ), /* properties_required */
770 0, /* properties_provided */
771 0, /* properties_destroyed */
772 0, /* todo_flags_start */
773 TODO_update_ssa, /* todo_flags_finish */
774 };
775
776 class pass_vtable_verify : public gimple_opt_pass
777 {
778 public:
779 pass_vtable_verify (gcc::context *ctxt)
780 : gimple_opt_pass (pass_data_vtable_verify, ctxt)
781 {}
782
783 /* opt_pass methods: */
784 bool gate () { return gate_tree_vtable_verify (); }
785 unsigned int execute () { return vtable_verify_main (); }
786
787 }; // class pass_vtable_verify
788
789 } // anon namespace
790
791 gimple_opt_pass *
792 make_pass_vtable_verify (gcc::context *ctxt)
793 {
794 return new pass_vtable_verify (ctxt);
795 }
796
797 #include "gt-vtable-verify.h"