| blob | 32f28b1740e87a26ae542e9d01f12b60af3db3da |
1 /*
2 +----------------------------------------------------------------------+
3 | HipHop for PHP |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 2010-present Facebook, Inc. (http://www.facebook.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 */
17 #include <algorithm>
18 #include <atomic>
19 #include <fstream>
20 #include <iostream>
21 #include <iterator>
22 #include <memory>
24 #include <folly/Demangle.h>
25 #include <folly/Format.h>
26 #include <folly/Hash.h>
27 #include <folly/Memory.h>
28 #include <folly/Singleton.h>
29 #include <folly/String.h>
30 #include <folly/container/F14Map.h>
31 #include <folly/container/F14Set.h>
33 #include <boost/program_options.hpp>
34 #include <boost/variant.hpp>
36 #include <tbb/concurrent_unordered_map.h>
37 #include <tbb/concurrent_vector.h>
45 /*
46 * Program responsible for taking the parsed debug-information from TypeParser,
47 * analyzing it (along with user-provided annotations), and generating C++ code
48 * for GC type-scanners. These type-scanners will then be compiled into a shared
49 * object which can be loaded at start-up if GC is enabled.
50 *
51 * Some general concepts:
52 *
53 * - "Scanner". A scanner is responsible for reporting pointer information about
54 * a set of types to the GC. Generally it will report a list of pointers to
55 * other potentially interesting types, as well as address ranges that should
56 * be conservatively scanned.
57 *
58 * - "Collectable". A type is collectable if MarkCollectable<> or
59 * MarkScannableCollectable<> is instantiated on it. Type-scanners are never
60 * generated for collectable types, it is assumed their scanners will be
61 * hand-written. The exception is if MarkScannableCollectable<> is used, in
62 * which case they'll be scanned if explicitly requested. The point of the
63 * type-scanners is to determine how to find pointers to collectable types
64 * from other types. Collectable types correspond to the set of types in HHVM
65 * which are explicitly managed by the GC.
66 *
67 * - "Indexed". An indexed type is a combination of a type and an action. These
68 * occur from an instantiation of Indexer<>. Any particular type can be part
69 * of multiple indexed types but with different actions. Every indexed type
70 * receives a unique type-index and will have a scanner generated for
71 * it. Belonging to an indexed type generally marks that the type is allocated
72 * on the req-heap (with one exception). The action influences the behavior of
73 * that particular scanner. They are:
74 *
75 * (*) Ignore -- Scanner is trivial.
76 * (*) Auto -- The default. Attempt to generate scanner automatically.
77 * (*) Conservative<T...> -- If any of T... is "interesting" (see below),
78 * conservative scan. Otherwise, ignore.
79 * If T... is an empty list, always
80 * conservative scan.
81 * (*) WithSuffix<T> -- Attempt to generate scanner for type as normal.
82 * However, any allocation of the type only contains
83 * one instance of that type. Any remaining
84 * allocated memory is assumed to be filled with
85 * instances of T. So, a scanner for T will be
86 * generated as well.
87 * (*) ForScan -- Similar to Auto, but this type should not be marked as
88 * "pointer followable" (see below) if this is the only
89 * indexed type for the type. (This is a marker that the
90 * type is never actually req-heap allocated).
91 *
92 * - "Interesting". A type is interesting if the scanner generated for it would
93 * be non-trivial. IE, it would have at least one action. Interesting
94 * types either contain interesting types, pointers to "pointer
95 * followable" types, or have some custom action defined on it.
96 *
97 * - "Pointer followable". A type is pointer followable if it is a collectable
98 * type, it has a collectable type as a base, or if it is a member of at least
99 * one indexed type which has an action which is not "ForScan" and is
100 * interesting. By these conditions, a pointer followable type is one which is
101 * known to be allocated out of the request heap, and transitively leads to a
102 * collectable type via some chain of pointers. Pointers to pointer followable
103 * types are enqueued inside scanners. Pointers to non-pointer followable
104 * types are ignored. All base classes of pointer followable object types are
105 * also pointer followable (to handle polymorphism).
106 *
107 * - "Layout". Abstract description of a scanner. A layout contains a list of
108 * offsets and actions to perform at those offsets. Since many types have
109 * similar structure, multiple types can share the same layout.
110 *
111 * The goal of the scanner generator is find the maximal set of pointer
112 * followable types, use those to compute the layout of each indexed type, then
113 * output those layouts in the form of C++ code.
114 *
115 * Note: this entire scheme assumes that all pointer followable types can be
116 * reached via some indexed type. If not, that pointer followable type is a
117 * root, and must be dealt with specially by the GC.
118 */
122 // fast_map/set maps to F14{Value,Vector}Map/Set depending on K+V size.
123 // Entries are moved (if possible) or copied (if necessary) on rehash & erase.
129 // node_map/set allocate K+V separately like std::unordered_map; K+V don't
130 // move during rehash. Saves memory compared to fast_map/set when when K+V
131 // is large.
137 ////////////////////////////////////////////////////////////////////////////////
147 // Action is a description of any special behavior an object type needs when
148 // generating a scanner for it. It abstracts away how this behavior is
149 // communicated within the generator.
151 // Ignore everything, a trivial scanner
154 // Conservative scan everything (not including bases)
156 // Conservative scan all bases
159 // This type should be ignored (used for system types we can't modify). This
160 // is different from ignore_all where ignore_all will still process base
161 // classes as normal, but whitelisted will not process anything, even base
162 // classes.
165 // This type is a template which should not be instantiated on any req
166 // allocated types.
169 // Symbol of the custom scanner function which handles the entire type. If
170 // present, but empty, the scanner does not have linkage (which is an
171 // error).
174 // Symbol of the custom scanner function which handles scanning base
175 // classes. If present, but empty, the scanner does not have linkage (which
176 // is an error).
179 // If non-empty, the name of the field in the object which is a "flexible
180 // array" member (a trailing array of unbound size). Each object can only
181 // have one of these.
184 // If a custom scanner for the object type is specified, it will only be
185 // invoked if any of the types in the custom guards list is interesting. If
186 // the list is empty, the custom scanner is always invoked.
189 // List of fields in the object which should be ignored.
192 // List of fields in the object which should always be conservative scanned.
195 // Map of field names to symbols of custom scanners for that field.
198 // List of immediate base classes which should be ignored.
201 // List of immediate bases which the "forbidden template" check should not
202 // be applied to. Mainly used internally.
205 // If a custom scanner function for bases is specified, the list of
206 // immediate bases which the scanner applies to.
209 // For certain actions it can immediately be known that its associated
210 // object will always be interesting. Therefore, any indexed type with such
211 // an action can immediately be marked as pointer followable, which helps us
212 // reach a fixed point faster. This is only an optimization, so the criteria
213 // does not need to be exact.
220 }
221 };
226 }
227 };
233 }
234 };
236 // For initializing type indices, we can use either the symbol name of the
237 // Indexer<> instantiation (preferred), or its raw memory address. We have to
238 // use the raw memory address for Indexer<> instantiations which do not have
239 // external linkage.
243 // Parse out all the debug information out of the specified file and do the
244 // analysis generating the layouts.
247 // Turn the layouts into C++ code, writing to the specified ostream.
319 }
341 /*
342 * Maps manipulated by getObject(). These index the known object types in
343 * various ways to allow for the proper lookup of an object type according to
344 * its linkage. They also allow that getObject() will always return the same
345 * Object& for the same type, even if the object types' keys are different,
346 * which means we can use pointer equality to compare types.
347 *
348 * They are marked mutable so that getObject() can remain const.
349 */
352 ObjectTypeName,
354 ObjectNameHasher,
355 ObjectNameEquals
360 Object
364 CompileUnitId,
365 node_map<
367 Object
368 >
372 ObjectTypeId,
373 Object
376 // Mapping of object types to their computed actions. We could compute the
377 // action every time we needed it, but they're stored in this table for
378 // memoization. This table is mutable as well since its a cache.
381 // List of all indexed types in the debug information.
384 // Set of all types which are currently known to be pointer followable or
385 // collectable. The collectable set is set once, and should never change,
386 // while the pointer followable set can grow as more pointer followable types
387 // are discovered (it must grow monotonically, never removing anything).
392 // List of all layouts. Once computed, the indexed types will have an index
393 // into this table for its associated layout.
396 // Set of objects whose layout is currently being generated. Used to detect
397 // possible infinite recursion.
400 // Static strings used to identify certain special types in the debug info,
401 // which serve as markers for special actions. These strings should stay in
402 // sync with the types in type-scan.h.
421 };
423 /*
424 * As stated above, layout is a description of a particular scanner. It is a
425 * list of offsets, along with a certain action to perform at that
426 * offset. Computing layouts for indexed types is the purpose of the scanner
427 * generator. A layout is not inherently tied to any particular type, as many
428 * different types can share the same layout (this is especially common for
429 * templated types, like req::ptr<>).
430 *
431 * A layout can currently contain three different types of actions. The first is
432 * to report the value of a pointer at a certain offset. The second is to
433 * conservative scan a range given by a start offset and a length. The last is
434 * to invoke a custom function (with a certain symbol), passing a pointer formed
435 * by the offset as the first parameter (which serves as the this pointer).
436 *
437 * A layout can also have a suffix layout. Normally, for a given block of
438 * memory, the layout will be applied contiguously until the entire block is
439 * processed. However, if the layout has a suffix layout, the base layout is
440 * only applied once on the beginning of the block. The suffix layout will be
441 * applied contiguously on the remaining portion of the block. This is to handle
442 * object types with "flexible array members".
443 */
451 }
454 }
457 }
458 };
466 }
469 }
472 }
473 };
482 }
485 }
489 }
490 };
502 }
506 }
508 // A sub-layout is used to insert a layout into another layout N times. Used
509 // for arrays, where we compute the layout once, but want to insert it for the
510 // number of elements in the array.
516 }
517 }
521 }
528 }
530 // Is this layout made up of nothing but conservative scans?
546 // Offset where the suffix begins. This may be different than the size because
547 // of flexible array members (which sometimes start within the object).
549 };
551 /*
552 * If the generator cannot automatically create a layout, it will throw
553 * LayoutError. These LayoutErrors are gathered and reported together at the end
554 * of processing. They include context about why and where the error occurred.
555 */
561 }
565 };
567 /*
568 * An indexed type is a combination of a type and a set of actions associated
569 * with. Every indexed type is associated a layout (hence a scanner), but a
570 * given type can be part of multiple indexed types. Type-indices are handed out
571 * on a per indexed type basis.
572 *
573 * Its important to distinguish the actions that are inherent to a type
574 * (embodied in the Action class), with the actions assigned inside an indexed
575 * type. The actions inherent to the type are used when automatically generating
576 * a scanner for that type, while the actions here override those. However,
577 * since indexed types are keyed by a type index, they are only applied on
578 * specific instances of the type with that type index at runtime. So, for
579 * example, a type T can have an automatically generated scanner for some
580 * instances of T, but a conservative scanner for others depending on which type
581 * index the instance has.
582 */
588 // Underlying type
591 // List of addresses for all the associated Indexer<> instances.
594 // Marker that instances of the type with this type index do not represent
595 // actual heap allocations (we only want the scanner).
598 // Ignore instances of the type with this type index. If this is true, and
599 // conservative is true as well, it means that the conservative scan is still
600 // conditional.
603 // Conservative scan instances of the type with this type index.
606 // If conservative is true, only actually conservative scan if any of these
607 // types are interesting. If not, ignore. If the list is empty, always
608 // conservative scan.
611 // A suffix type is used as the basis for a suffix layout as described above.
614 // Generated layout. This is used when generating layouts, but after that,
615 // layout_index will index into the layout table for the actual layout to use.
616 Layout layout;
618 // Index into the layout table for the assigned layout.
621 // If there was an error while automatically generating the layout for this
622 // underlying type, it is stored here until they are all reported.
624 };
629 // Either this platform has no support for parsing debug information, or the
630 // preprocessor symbol to enable actually building scanner isn't
631 // enabled. Either way, just bail out. Everything will get a conservative
632 // scanner by default if someone actually tries to use the scanners at
633 // runtime.
642 // Iterate through all the objects the debug info parser found, storing the
643 // MarkCollectable<> markers, and the Indexer<> instances. For everything,
644 // store in the appropriate getObject() maps, which will allow us to do
645 // getObject() lookups afterwards.
646 //
647 // There can be a lot of objects to iterate over, so do it concurrently.
648 {
658 block,
667 }
669 // Incomplete types are useless for our purposes, so just ignore
670 // them.
674 }
675 );
676 }
677 };
680 // No point in creating more threads than there are blocks.
683 }
685 }
687 // Complain if it looks like we don't have any debug info enabled.
688 // (falls back to conservative scanning for everything)
691 "No collectable or indexed types found. "
693 }
695 // Extract all the types that Mark[Scannable]Collectable<> was instantiated on
696 // to obtain all the types which are collectable. Since all collectable types
697 // are automatically pointer followable, mark them as such.
699 collectable_markers,
701 );
702 m_scannable_collectable =
704 scannable_collectable_markers,
706 );
709 }
711 // Extract all the IndexedType information out of the Indexer<>
712 // instantiations.
715 // Before beginning the actual layout generation, we can speed things up a bit
716 // by marking any types which we know are always pointer followable. This will
717 // let us reach the fixed point in fewer iterations.
719 // Indexed types just for scanning are never pointer followable (because
720 // they're not actually heap allocated).
723 // If the underlying type is an object type, and its associated action is
724 // always non-trivial, or if the object type has a collectable type as a
725 // base class, then the object type is always pointer followable. Same logic
726 // for any suffix type.
732 }
733 }
741 }
742 }
743 }
745 // If this indexed type is always going to be a complete conservative scan,
746 // than we're always going to have a non-trivial action for its scanner, so
747 // it's always pointer followable.
750 }
751 }
756 }
758 // Helper function. Match a name against another name, ignoring the template
759 // parameter portion.
768 }
770 // Helper functions to check if an object type's name is that of a special
771 // marker type:
775 }
778 }
781 }
784 }
787 }
789 // Split a member function of the form "[prefix][suffix]_" into just "suffix"
790 // and return it. Returns the empty string if the input doesn't match that
791 // format.
799 }
801 // Helper function to remove any cv (and restrict) qualifiers from a type.
811 }
812 }
814 // Compare two types, return -1 if t1 < t2, 1 if t1 > t2, and 0 if they are
815 // equal. Type doesn't have a builtin comparison operator because the ordering
816 // is rather arbitrary and application dependent.
818 // First order types according to what category of type they are, using the
819 // below arbitrary ranking.
833 );
834 };
840 // At this point, both t1 and t2 are of the same type category. We can now do
841 // member-wise comparison of the types within these types.
856 // The two object types have the same linkage and same name, so now
857 // examine which linkage that actually is to determine how to check for
858 // object equality.
862 // Same name and external linkage means they're the same.
865 // Objects types with internal linkage with the same name are only the
866 // same if they're in the same compile unit.
871 // Object types with no linkage are only the same if they have
872 // identical keys.
876 );
880 );
884 }
885 }
888 },
891 },
894 },
897 },
905 },
908 },
911 },
914 },
924 }
926 },
932 },
934 );
935 }
937 // Compare two indexed types, return -1 if t1 < t2, 1 if t1 > t2, and 0 if
938 // equal. If this comparison is for the purpose of trying to merge two indexed
939 // type together (see below), skip comparing certain fields.
961 }
962 );
963 };
974 }
976 // The whole point of merging two indexed types together are to coalesce
977 // Indexer<> addresses and to combine a "scan-only" one with a non-scan-only
978 // one, so don't compare these fields when checking for equality.
980 // This ordering is important! We want indexed types with scan set to false
981 // to come first. We always merge right into left, so scan-only should be
982 // merged into no-scan-only.
988 }
991 }
993 // Helper function to extract types that markers are instantiated on from the
994 // markers. Given a list of a specific marker object type, apply the given
995 // callable f to it (which should extract the marked type out of it), sort and
996 // uniquify the resultant list, and return it.
1005 );
1008 T out;
1019 }
1020 }
1021 );
1024 }
1026 // Given a list of Indexer<> instantiation types, extract the marked types, and
1027 // create the appropriate IndexedType struct for them, merging duplicates
1028 // together.
1034 indexers,
1036 );
1038 }
1040 // Merge "duplicate" indexed types together using some definition of duplicate,
1041 // returning the merged types.
1046 // First sort the types. The ordering has been set up so that indexed types
1047 // that are identical except for the "scan" field will have the indexed types
1048 // with scan set to false first.
1054 );
1056 // Only insert an indexed type into the unique vector if its not equal (for
1057 // the purposes of merging) as the last indexed type in the vector. If they
1058 // are equal, merge their addresses and their scan field anded together. Since
1059 // indexed types with scan set to false come first, this will ensure that
1060 // false is kept over true.
1072 );
1073 }
1074 }
1077 }
1079 /*
1080 * Certain compilers (usually Clang) will emit debug information for template
1081 * instantiations, but fail to emit information about the template
1082 * parameters. This usually happens if it thinks the template isn't "used". This
1083 * is bad for marker types like Conservative<...> because it will be interpreted
1084 * as an empty type list (which implies always conservative scan). Unfortunately
1085 * we cannot always detect this, but we can for certain cases.
1086 *
1087 * If we know a-priori that an object-type is a template, and the debug
1088 * information indicates the object type has no template parameters, do a hacky
1089 * check on the object type's name. Look for the name to end with "<>",
1090 * indicating an empty parameter list. If not, the template actually has
1091 * parameters but is failing to emit them.
1092 *
1093 * Unfortunately there's not much that can be done about this, but we want to
1094 * catch it quickly so that we can try to work around it.
1095 */
1104 "Object type '{}' at ({},{}) is reported as having "
1105 "no template parameters, but its name indicates "
1106 "otherwise. This usually indicates the compiler "
1111 )
1112 };
1113 }
1114 }
1116 // Given a Mark[Scannable]Collectable<> marker instantiation, extract
1117 // the object-type its marking. Actually very simple, but do a lot of sanity
1118 // checking on the result.
1127 )
1128 };
1129 }
1138 )
1139 };
1140 }
1149 )
1150 };
1151 }
1160 )
1161 };
1162 }
1171 )
1172 };
1173 }
1178 "Collectable marker '{}' at ({},{}) does not have exactly "
1183 )
1184 };
1185 }
1193 "Collectable marker '{}' at ({},{}) is instantiated on type '{}', "
1199 )
1200 };
1201 }
1206 "Collectable marker '{}' at ({},{}) is instantiated on object type '{}'"
1214 )
1215 };
1216 }
1222 "Collectable marker '{}' at ({},{}) is instantiated on object type '{}'"
1230 )
1231 };
1232 }
1236 "Collectable marker '{}' at ({},{}) is instantiated on object type '{}'"
1244 )
1245 };
1246 }
1249 }
1251 // Given an Indexer<> marker instantiation, extract the type and action the
1252 // marker refers to, returning the appropriate IndexedType instance. Do a lot of
1253 // sanity checking on the result.
1262 )
1263 };
1264 }
1273 )
1274 };
1275 }
1284 )
1285 };
1286 }
1296 )
1297 };
1298 }
1303 "Indexer '{}' at ({},{}) does not have exactly two "
1309 )
1310 };
1311 }
1317 );
1325 )
1326 };
1327 }
1337 )
1338 };
1339 }
1341 // Since we want to put the assigned type index into Indexer<>::s_index, it
1342 // had better either have a symbol (preferred), or an absolute address.
1346 "Indexer '{}' at ({},{}) has a s_index member which "
1351 )
1352 };
1353 }
1355 // Extract the underlying type from the Indexer<>, doing sanity checking on
1356 // the type.
1358 /*
1359 * The type we want is just the first template parameter of Indexer<>, but
1360 * we want to do sanity checking on it, which involves walking the type
1361 * chain.
1362 *
1363 * To avoid recursion, use a loop instead. Each invocation of the match
1364 * method returns the next type to check, returning nullptr if there's no
1365 * more types to check. This works because each type category only has at
1366 * most one sub-type to check.
1367 */
1375 "Indexer '{}' at ({},{}) is instantiated on "
1381 )
1382 };
1383 }
1389 "Indexer '{}' at ({},{}) is instantiated on "
1395 )
1396 };
1397 }
1402 "Indexer '{}' at ({},{}) is instantiated on "
1408 )
1409 };
1410 }
1413 },
1421 "Indexer '{}' at ({},{}) is instantiated on "
1427 )
1428 };
1429 }
1431 },
1443 )
1444 };
1446 },
1455 )
1456 };
1458 },
1466 )
1467 };
1469 }
1470 );
1471 }
1474 }();
1476 IndexedType indexed_type{
1482 };
1484 // Now examine the action component:
1496 )
1497 };
1498 }
1511 )
1512 };
1513 }
1515 // Use the name of the action to determine what it is:
1517 // Nothing
1525 // Conservative<> is a variadic template, so we'd better sanity check the
1526 // template parameters.
1530 // If it has template parameters, the conservative scan is
1531 // conditional. Indicate this fact by setting ignore to true as well. Once
1532 // the guards have been evaluated, ignore will either be cleared (if any
1533 // guards pass), or conservative will be cleared (if none pass).
1538 );
1539 }
1540 }
1545 "Indexer '{}' at ({},{}) action type '{}' at ({},{}) does not "
1553 )
1554 };
1555 }
1567 )
1568 };
1569 }
1572 }
1574 // Retrieve the action associated with the given object type, computing a new
1575 // one if it isn't already present.
1584 }
1596 }
1597 }
1599 }
1600 );
1601 }
1603 // Given an object type, examine it to infer all the needed actions for that
1604 // type. The actions are inferred by looking for member functions with special
1605 // names, and static members with special names.
1611 "Trying to infer actions on object type '{}' at ({},{}) "
1616 )
1617 };
1618 }
1620 Action action;
1626 }
1628 // White-listing and forbidden templates are determined by just checking the
1629 // name against explicit lists.
1633 }
1639 }
1646 }
1650 };
1657 );
1658 };
1661 // Sanity check special member function. All the functions should take a
1662 // const pointer to the contained object type as the first parameter (the
1663 // this pointer), and a non-const reference to HPHP::type_scan::Scanner as
1664 // the second (and nothing else). The return type should be void.
1669 "Object type '{}' at ({},{}) contains scanner func '{}' "
1674 func.name
1675 )
1676 };
1677 }
1682 "Object type '{}' at ({},{}) contains scanner func '{}' "
1687 func.name
1688 )
1689 };
1690 }
1695 "Object type '{}' at ({},{}) contains scanner func '{}' "
1702 )
1703 };
1704 }
1711 "Object type '{}' at ({},{}) contains scanner func '{}' "
1718 )
1719 };
1720 }
1726 "Object type '{}' at ({},{}) contains scanner func '{}' "
1733 )
1734 };
1735 }
1741 "Object type '{}' at ({},{}) contains scanner func '{}' "
1748 )
1749 };
1750 }
1755 "Object type '{}' at ({},{}) contains scanner func '{}' "
1762 )
1763 };
1764 }
1771 "Object type '{}' at ({},{}) contains scanner func '{}' "
1778 )
1779 };
1780 }
1786 "Object type '{}' at ({},{}) contains scanner func '{}' "
1793 )
1794 };
1795 }
1801 "Object type '{}' at ({},{}) contains scanner func '{}' "
1802 "whose second parameter isn't a reference to "
1810 )
1811 };
1812 }
1813 };
1815 // Custom scanner for particular field.
1819 );
1826 "Object type '{}' at ({},{}) contains custom field marker "
1831 custom_field
1832 )
1833 };
1834 }
1838 fun.linkage_name
1839 );
1840 }
1842 // Custom scanner for entire object.
1847 }
1849 // Custom scanner for base classes.
1854 }
1855 }
1858 // All special member markers should be static, so ignore anything that's
1859 // not.
1862 // Ignore a field.
1866 );
1871 "Object type '{}' at ({},{}) contains ignore field marker "
1876 ignore_field
1877 )
1878 };
1879 }
1883 }
1885 // Scan field conservatively.
1889 );
1894 "Object type '{}' at ({},{}) contains conservative field marker "
1899 conservative_field
1900 )
1901 };
1902 }
1906 }
1908 // Marks flexible array field. There can only be one of these per object
1909 // type.
1913 );
1918 "Object type '{}' at ({},{}) contains more than one flexible "
1923 )
1924 };
1925 }
1930 "Object type '{}' at ({},{}) contains flexible array field marker "
1935 flexible_array_field
1936 )
1937 };
1938 }
1941 }
1943 // Ignore entire object.
1947 }
1949 // Conservative scan entire object.
1953 }
1955 // Ignore specific base.
1961 "Object type '{}' at ({},{}) contains an ignore base marker "
1967 )
1968 };
1969 }
1972 // This is a variadic template, so sanity check it.
1979 "Object type '{}' at ({},{}) contains an ignore base marker "
1985 )
1986 };
1987 }
1993 "Object type '{}' at ({},{}) contains an ignore base marker "
1999 )
2000 };
2001 }
2003 }
2005 }
2007 // Don't complain about a particular base class violating a forbidden
2008 // template check.
2014 "Object type '{}' at ({},{}) contains a silence base marker "
2020 )
2021 };
2022 }
2025 // This is a variadic template, so sanity check it.
2032 "Object type '{}' at ({},{}) contains a silence base marker "
2038 )
2039 };
2040 }
2046 "Object type '{}' at ({},{}) contains a silence base marker "
2052 )
2053 };
2054 }
2056 }
2058 }
2060 // List of base classes to apply the custom bases scan to.
2067 "Object type '{}' at ({},{}) contains a custom base marker "
2073 )
2074 };
2075 }
2078 // This is a variadic template, so sanity check it.
2085 "Object type '{}' at ({},{}) contains a custom base marker "
2091 )
2092 };
2093 }
2099 "Object type '{}' at ({},{}) contains a custom base marker "
2105 )
2106 };
2107 }
2109 }
2111 }
2113 // If there's a custom scanner for the entire object, list of types to guard
2114 // on.
2121 "Object type '{}' at ({},{}) contains a custom guard marker "
2127 )
2128 };
2129 }
2132 // This is a variadic template, so sanity check it.
2136 }
2138 }
2139 }
2142 }
2144 // Given an object type, return the matching Object representation. Even for
2145 // object types with different keys, if the underlying object type is the "same"
2146 // (according to the linkage rules), the same Object representation will be
2147 // returned. This means that one can then use pointer equality to check for
2148 // equality between two object types.
2150 // First attempt to lookup the Object in our internal maps. Use the
2151 // appropriate map according to the object type's linkage. This ensures that
2152 // object types that represent the same underlying object always returns the
2153 // same Object&.
2159 }
2165 }
2167 }
2173 }
2174 }
2183 }
2189 }
2196 }
2197 }
2199 };
2201 // Check if the object is a valid indexer. LLVM for clang 15/16 will sometimes
2202 // produce a DW_TAG_structure_type for the same Indexer<...> type in a
2203 // compile_unit without a corresponding DW_TAG_variable. This check will skip
2204 // such cases and end up pick a different type.
2211 );
2215 }
2220 }
2221 }
2224 };
2226 // No direct matches in our internal maps, so we need to retrieve it from the
2227 // type parser. If the type is complete we can just retrieve it and use it
2228 // directly. If this type has no linkage or pseudo-linkage, it matches nothing
2229 // else, so just retrieve it. Store it in our maps for later lookup.
2234 }
2236 // The object type is incomplete, but has internal or external linkage. We
2237 // only want to return an incomplete object as a last resort, so let's look
2238 // for any possible definitions of this type elsewhere.
2243 // First look for a type with the same name in the same compilation unit. If
2244 // there's one that's a complete definition, use that.
2252 }
2253 // Otherwise if the type has external linkage, look for any type in any
2254 // compilation unit (with external linkage) with the same name and having a
2255 // complete definition.
2257 // Newer clang seems to split some types into different units,
2258 // or at least we are not able to tell that they are the same.
2263 }
2270 }
2271 }
2273 // There doesn't appear to be a complete definition of this type anywhere, so
2274 // just return the incomplete object representation. This will probably error
2275 // elsewhere, but there's nothing we can do.
2277 }
2279 // Given a type, fill the given layout (starting at the specified offset)
2280 // appropriate for that type. LayoutError will be thrown if an ambiguous
2281 // construct is encountered.
2289 },
2291 // Don't care about pointers to non-pointer followable types.
2295 "Generic pointer to void. Add annotation to disambiguate."
2296 };
2297 }
2299 },
2301 // Don't care about pointers to non-pointer followable types.
2305 "Generic pointer to void. Add annotation to disambiguate."
2306 };
2307 }
2309 },
2311 // Don't care about pointers to non-pointer followable types.
2315 "Generic pointer to void. Add annotation to disambiguate."
2316 };
2317 }
2319 },
2323 "Array of indeterminate size. Add annotation to disambiguate."
2324 };
2325 }
2329 offset,
2331 sublayout
2332 );
2333 },
2336 },
2339 },
2342 },
2346 );
2347 }
2349 // Check if the given object member is associated with a special action,
2350 // recording it into the given Layout as needed. Unnamed unions are recursed
2351 // into with their members being treated as members of the enclosing
2352 // object. Returns true if the layout was modified, false otherwise.
2361 // Treat members of an unnamed union as members
2362 // of the enclosing struct.
2366 // Recurse: the unions themselves might contain unnamed unions.
2371 }
2372 }
2373 }
2374 }
2376 // The sole purpose of marking the flexible array member is so we know
2377 // where the suffix begins. The suffix usually begins at the end of the
2378 // object, but sometimes within it.
2382 }
2389 }
2396 "'{}' needs to have external linkage (not in unnamed namespace)"
2397 " to use custom field scanner. If a template, template parameters"
2400 )
2401 };
2402 }
2405 }
2408 }
2410 // Given an object type representation, fill the given Layout (starting at
2411 // specified offset) with the appropriate layout for that object
2412 // type. LayoutError will be thrown if an ambiguous construct is encountered.
2418 // Never generate layout for collectable types, unless it was marked as
2419 // scannable.
2423 }
2428 "'{}' is contained within a recursive definition. "
2429 "This can only happen with invalid debug information "
2432 )
2433 };
2434 }
2439 // A whitelisted type should be ignored entirely.
2442 // If this is a forbidden template (and forbidden template checking has been
2443 // enabled), check if any of the template's type parameters are
2444 // interesting. If so, this is an error, as the user shouldn't be using such
2445 // types in this template.
2451 "'{}' shouldn't be used with potentially req-heap "
2452 "allocated objects. Use req:: equivalents instead or add "
2455 )
2456 };
2457 }
2459 // Process the base classes first to maintain rough offset ordering.
2465 // Any base which has been included with the custom base scanner should be
2466 // ignored here, as we'll do one call to the custom scanner.
2469 }
2471 // Virtual inheritance. The generator doesn't know how to get the base
2472 // class from the derived (though in theory this could be inferred from
2473 // the debug information), so punt and make the user specify a custom base
2474 // scanner.
2477 "Base is inherited virtually. "
2478 "Add annotations to convert manually."
2479 };
2480 }
2482 // Recursively generate layout for the base.
2484 obj,
2485 layout,
2488 action.conservative_all_bases
2489 );
2495 )
2496 );
2498 }
2499 }
2501 // Do the single call to the custom bases scanner if there is one.
2506 "'{}' needs to have external linkage (not in unnamed namespace)"
2507 " to use custom base scanner. If a template, template parameters"
2510 )
2511 };
2512 }
2514 }
2519 // We'll use the custom scanner if there's no guards, or if at least one of
2520 // the guards is interesting.
2526 )
2527 ) {
2529 // Ooops, the custom scanner function doesn't have a symbol, which
2530 // probably means it doesn't have external linkage. We can't reliably call
2531 // such things, so error out.
2535 "'{}' needs to have external linkage (not in unnamed namespace)"
2536 " to use custom scanner. If a template, template parameters must"
2539 )
2540 };
2541 }
2543 }
2545 }
2548 // Determine the begin and end offsets of this type and set up a
2549 // conservative scan for that range. We can't simply use (0, object size)
2550 // because we do not want to include base classes, nor padding which we know
2551 // can't contain any fields.
2558 }
2561 }
2563 }
2565 // Unions are special. If all the members of the union have the same layout,
2566 // we can just use that. If not, its a LayoutError, as a custom scanner is
2567 // needed to disambiguate it.
2583 "'{}' is a union containing potentially req-heap allocated "
2584 "objects with different layouts. Add annotation to disambiguate "
2588 member.name
2589 )
2590 };
2591 }
2592 }
2593 }
2597 }
2600 // Only non-static members.
2603 // Check if this member has a special action. If it does, we're done
2604 // processing it.
2609 }
2611 // Otherwise generate its layout recursively.
2615 layout,
2617 conservative_everything
2618 );
2625 )
2626 );
2628 }
2629 }
2630 }
2632 // Given a type, determine if it is pointer followable. Only object types (which
2633 // are recorded as being pointer followable) pass, as do void pointers (though
2634 // we cannot generate layout for them).
2641 },
2645 },
2649 },
2657 );
2658 }
2660 // Make a given type pointer followable. This just walks the type hierarchy,
2661 // marking the contained object type (if any) as being pointer followable.
2675 );
2676 }
2678 // Mark a given object type pointer followable. If an object type is marked
2679 // pointer followable, all its bases must be as well (because a pointer to a
2680 // base could be pointing towards this object type).
2685 }
2686 }
2688 // Recursive function to check if a given object has a collectable base
2689 // somewhere in its type hierarchy.
2697 }
2698 );
2699 }
2701 // Given a type, check if this is an object type with any template parameters
2702 // being a pointer followable type.
2710 },
2715 },
2718 },
2722 );
2723 }
2725 // Given an object type, check if any template parameters are a pointer
2726 // followable type.
2731 }
2733 }
2735 // Given a type, determine if it is non-interesting, IE, its generated layout is
2736 // empty.
2744 }
2745 }
2747 // Given an object type, determine if it is non-interesting, IE, its generated
2748 // layout is empty.
2756 }
2757 }
2759 // Given a type, determine how many bytes an instance of that type occupies.
2763 // This is valid because we run on architectures where all pointers are the
2764 // same size, and we always generate the heap scanners at the same time
2765 // we're building everything else.
2772 },
2776 // These are somewhat dubious, and shouldn't really occur:
2780 );
2781 }
2783 /*
2784 * Generate layouts for all indexed types. This is an iterative method since the
2785 * layout depends on which types are pointer followable, and what types are
2786 * pointer followable depends on which types are interesting, and what types are
2787 * interesting depends on their layout.
2788 *
2789 * For every indexed type, we generate its layout. If the type was previously
2790 * uninteresting, but the new layout makes it interesting, mark it as pointer
2791 * followable. Continue this process until we take a full pass through the
2792 * indexed type list without computing a different layout for all types.
2793 */
2800 // No point in continuing with this one if we already have a
2801 // LayoutError.
2804 // If this indexed type's action is conservative, examine guards (if
2805 // any) to see if we want to ignore or conservative scan it.
2807 // If ignore isn't set, the issue has already been decided
2808 // (conservative scan).
2810 // Otherwise, iterate over all the conservative guards, seeing if any
2811 // are interesting.
2818 }
2819 }
2821 }
2825 // Generate the new layout for this type, including any suffix.
2832 }
2835 // This new layout is different. If this isn't a "scan-only" indexed
2836 // type (which can't be pointer followable), and the type was
2837 // previously un-interesting, make this pointer followable.
2840 }
2843 }
2846 }
2847 }
2849 }
2851 // At this point, the layouts in the indexed types are correct. However, some of
2852 // the indexed types may have the same layout. Put all the unique and sorted
2853 // layouts into the m_layouts list. Assign each indexed type its appropriate
2854 // index into the list.
2856 // First fix up some of the indexed types so that they're in a consistent
2857 // state. These transformations are safe to perform as we know the layouts at
2858 // maximal.
2860 // At this point, we definitely know which types will be conservative
2861 // scanned or not, so we do not need the guards anymore. Clearing these lets
2862 // us merge together more duplicates.
2866 // If the indexed type is still marked as ignored, it cannot be
2867 // conservative scanned.
2870 }
2872 // Likewise, if the indexed type is still marked for conservative
2873 // scanning, it cannot be ignored.
2876 }
2878 // If this type isn't interesting, mark it as if it was explicitly
2879 // ignored.
2883 }
2885 // If the layout contains nothing but conservative scans, mark it as if it
2886 // was explicitly marked for conservative scans.
2890 }
2891 // Finally, if there's a suffix layout, and the suffix begins at offset 0,
2892 // than the suffix layout can completely subsume the original layout.
2894 // avoid indeterminate evaluation order by moving indexed.layout.suffix
2895 // to a temp before overwriting indexed.layout
2898 }
2899 }
2901 // Now that the indexed types are fixed up to be more consistent, merge
2902 // duplicates together.
2905 // Record all generated layouts in m_layouts (ignoring ignored or conservative
2906 // ones since those have hard-coded scanners).
2910 }
2911 // Sort them and make them unique.
2916 );
2918 // Record the appropriate offset into m_layouts for each indexed type to refer
2919 // to its layout.
2925 indexed.layout
2926 );
2929 }
2930 }
2932 // Check for any errors while generating layouts. We don't want to report these
2933 // errors immediately, as we want to gather them up and report them all at the
2934 // end. This is helpful when there's several things wrong at once.
2940 // Don't go overboard....
2946 }
2950 }
2951 // Error if an indexed type had internal linkage.
2959 }
2960 );
2961 }
2962 }
2964 }
2966 /*
2967 * C++ code generation functions:
2968 */
2970 /*
2971 * Output all the needed C++ forward declarations. Any called custom scanners
2972 * need to forward declared, as well as any Indexer<>::s_index static instances
2973 * which have a symbol. Normally to forward declare these, we would have to
2974 * forward declare a lot of other types, but we employ a dirty trick to avoid
2975 * this. We forward declare the mangled names, wrapped in an extern C block.
2976 */
2983 }
2987 }
2988 }
2989 }
2994 }
3002 }
3003 }
3004 }
3009 }
3011 }
3013 // Output the initialization of the metadata table mapping the type indices to
3014 // the type name and scanner.
3024 };
3027 }
3029 }
3031 // Output the initialization function which inserts the type indices to the
3032 // appropriate Indexer<>::s_index static instances.
3042 },
3046 });
3047 }
3049 }
3054 }
3064 }
3072 }
3078 }
3083 }
3084 }
3086 // For a given layout, output the matching C++ code to implement the scanner.
3090 // Assert that the size passed into the scanner is a multiple of the type
3091 // size.
3098 }
3099 }
3101 // If there's no suffix, the scanner is wrapped within a for loop which loops
3102 // over the entire allocation given by the size parameter.
3107 }
3109 // Ident appropriately depending on whether we're inside a for loop or not.
3114 }
3116 };
3118 // If we're in a for loop, the offsets need to be biased by the loop
3119 // iteration.
3122 // First generate calls to the scanner to record all the pointers. We use the
3123 // version of insert() which takes an initializer list because it is more
3124 // efficient.
3137 }
3139 }
3141 // In a similar manner, insert conservative ranges.
3158 }
3160 }
3162 // Finally generate calls to all custom functions. Use the current offset to
3163 // form the this pointer for the method call.
3167 }
3172 // If we have a suffix, we didn't generate a for loop, just straightline
3173 // code. Now generate code for the suffix portion.
3175 }
3176 }
3205 // count custom guards?
3210 }
3224 }
3226 // Generate the entire C++ file.
3255 }
3264 {
3265 }
3275 }
3279 // Eagerly coalesce adjacent conservative ranges.
3285 }
3286 }
3288 }
3296 }
3304 }
3311 }
3316 }
3319 }
3322 }
3323 }
3331 }
3335 }
3337 // Arbitrary ordering of layouts. This ordering was chosen to satisfy my
3338 // aesthetics of having "simpler" scanners come first.
3346 }
3349 }
3352 }
3357 }
3368 }
3369 }
3374 ////////////////////////////////////////////////////////////////////////////////
3376 }
3399 ;
3409 }
3411 #if defined(__clang__) && !defined(CLANG_STANDALONE_DEBUG)
3412 // Doesn't work with older Clang that don't support attribute used
3413 // in member functions of template classes.
3414 // Fixed in https://reviews.llvm.org/D56928
3415 // Doesn't work with Clang without -fstandalone-debug
3417 #else
3419 #endif
3431 ) :
3441 }
3442 }
3449 }
3457 }
3463 }
3466 }