clang 20.0.0git
|
Holds the state of the program (store and heap) at a given program point. More...
#include "clang/Analysis/FlowSensitive/DataflowEnvironment.h"
Classes | |
class | ValueModel |
Supplements Environment with non-standard comparison and join operations. More... | |
Public Types | |
enum | ExprJoinBehavior { DiscardExprState , KeepExprState } |
How to treat expression state (ExprToLoc and ExprToVal ) in a join. More... | |
Public Member Functions | |
Environment (DataflowAnalysisContext &DACtx) | |
Creates an environment that uses DACtx to store objects that encompass the state of a program. | |
Environment (DataflowAnalysisContext &DACtx, Stmt &S) | |
Creates an environment that uses DACtx to store objects that encompass the state of a program, with S as the statement to analyze. | |
Environment (DataflowAnalysisContext &DACtx, const FunctionDecl &FD) | |
Creates an environment that uses DACtx to store objects that encompass the state of a program, with FD as the function to analyze. | |
Environment & | operator= (const Environment &Other)=delete |
Environment (Environment &&Other)=default | |
Environment & | operator= (Environment &&Other)=default |
void | initialize () |
Assigns storage locations and values to all parameters, captures, global variables, fields and functions referenced in the Stmt or FunctionDecl passed to the constructor. | |
Environment | fork () const |
Returns a new environment that is a copy of this one. | |
Environment | pushCall (const CallExpr *Call) const |
Creates and returns an environment to use for an inline analysis of the callee. | |
Environment | pushCall (const CXXConstructExpr *Call) const |
void | popCall (const CallExpr *Call, const Environment &CalleeEnv) |
Moves gathered information back into this from a CalleeEnv created via pushCall . | |
void | popCall (const CXXConstructExpr *Call, const Environment &CalleeEnv) |
bool | equivalentTo (const Environment &Other, Environment::ValueModel &Model) const |
Returns true if and only if the environment is equivalent to Other , i.e the two environments: | |
LatticeEffect | widen (const Environment &PrevEnv, Environment::ValueModel &Model) |
Widens the environment point-wise, using PrevEnv as needed to inform the approximation. | |
StorageLocation & | createStorageLocation (QualType Type) |
Creates a storage location appropriate for Type . | |
StorageLocation & | createStorageLocation (const ValueDecl &D) |
Creates a storage location for D . | |
StorageLocation & | createStorageLocation (const Expr &E) |
Creates a storage location for E . | |
void | setStorageLocation (const ValueDecl &D, StorageLocation &Loc) |
Assigns Loc as the storage location of D in the environment. | |
StorageLocation * | getStorageLocation (const ValueDecl &D) const |
Returns the storage location assigned to D in the environment, or null if D isn't assigned a storage location in the environment. | |
void | removeDecl (const ValueDecl &D) |
Removes the location assigned to D in the environment (if any). | |
void | setStorageLocation (const Expr &E, StorageLocation &Loc) |
Assigns Loc as the storage location of the glvalue E in the environment. | |
StorageLocation * | getStorageLocation (const Expr &E) const |
Returns the storage location assigned to the glvalue E in the environment, or null if E isn't assigned a storage location in the environment. | |
template<typename T > | |
std::enable_if_t< std::is_base_of_v< StorageLocation, T >, T * > | get (const ValueDecl &D) const |
Returns the result of casting getStorageLocation(...) to a subclass of StorageLocation (using cast_or_null<T> ). | |
template<typename T > | |
std::enable_if_t< std::is_base_of_v< StorageLocation, T >, T * > | get (const Expr &E) const |
RecordStorageLocation * | getThisPointeeStorageLocation () const |
Returns the storage location assigned to the this pointee in the environment or null if the this pointee has no assigned storage location in the environment. | |
void | setThisPointeeStorageLocation (RecordStorageLocation &Loc) |
Sets the storage location assigned to the this pointee in the environment. | |
RecordStorageLocation & | getResultObjectLocation (const Expr &RecordPRValue) const |
Returns the location of the result object for a record-type prvalue. | |
Value * | getReturnValue () const |
Returns the return value of the function currently being analyzed. | |
StorageLocation * | getReturnStorageLocation () const |
Returns the storage location for the reference returned by the function currently being analyzed. | |
void | setReturnValue (Value *Val) |
Sets the return value of the function currently being analyzed. | |
void | setReturnStorageLocation (StorageLocation *Loc) |
Sets the storage location for the reference returned by the function currently being analyzed. | |
PointerValue & | getOrCreateNullPointerValue (QualType PointeeType) |
Returns a pointer value that represents a null pointer. | |
Value * | createValue (QualType Type) |
Creates a value appropriate for Type , if Type is supported, otherwise returns null. | |
StorageLocation & | createObject (QualType Ty, const Expr *InitExpr=nullptr) |
Creates an object (i.e. | |
StorageLocation & | createObject (const VarDecl &D) |
Creates an object for the variable declaration D . | |
StorageLocation & | createObject (const ValueDecl &D, const Expr *InitExpr) |
Creates an object for the variable declaration D . | |
void | initializeFieldsWithValues (RecordStorageLocation &Loc, QualType Type) |
Initializes the fields (including synthetic fields) of Loc with values, unless values of the field type are not supported or we hit one of the limits at which we stop producing values. | |
void | initializeFieldsWithValues (RecordStorageLocation &Loc) |
void | setValue (const StorageLocation &Loc, Value &Val) |
Assigns Val as the value of Loc in the environment. | |
void | clearValue (const StorageLocation &Loc) |
Clears any association between Loc and a value in the environment. | |
void | setValue (const Expr &E, Value &Val) |
Assigns Val as the value of the prvalue E in the environment. | |
Value * | getValue (const StorageLocation &Loc) const |
Returns the value assigned to Loc in the environment or null if Loc isn't assigned a value in the environment. | |
Value * | getValue (const ValueDecl &D) const |
Equivalent to getValue(getStorageLocation(D)) if D is assigned a storage location in the environment, otherwise returns null. | |
Value * | getValue (const Expr &E) const |
Equivalent to getValue(getStorageLocation(E, SP)) if E is assigned a storage location in the environment, otherwise returns null. | |
template<typename T > | |
std::enable_if_t< std::is_base_of_v< Value, T >, T * > | get (const StorageLocation &Loc) const |
Returns the result of casting getValue(...) to a subclass of Value (using cast_or_null<T> ). | |
template<typename T > | |
std::enable_if_t< std::is_base_of_v< Value, T >, T * > | get (const ValueDecl &D) const |
template<typename T > | |
std::enable_if_t< std::is_base_of_v< Value, T >, T * > | get (const Expr &E) const |
template<typename T , typename... Args> | |
std::enable_if_t< std::is_base_of< Value, T >::value, T & > | create (Args &&...args) |
Creates a T (some subclass of Value ), forwarding args to the constructor, and returns a reference to it. | |
IntegerValue & | getIntLiteralValue (llvm::APInt Value) const |
Returns a symbolic integer value that models an integer literal equal to Value | |
BoolValue & | getBoolLiteralValue (bool Value) const |
Returns a symbolic boolean value that models a boolean literal equal to Value | |
BoolValue & | makeAtomicBoolValue () const |
Returns an atomic boolean value. | |
BoolValue & | makeTopBoolValue () const |
Returns a unique instance of boolean Top. | |
BoolValue & | makeAnd (BoolValue &LHS, BoolValue &RHS) const |
Returns a boolean value that represents the conjunction of LHS and RHS . | |
BoolValue & | makeOr (BoolValue &LHS, BoolValue &RHS) const |
Returns a boolean value that represents the disjunction of LHS and RHS . | |
BoolValue & | makeNot (BoolValue &Val) const |
Returns a boolean value that represents the negation of Val . | |
BoolValue & | makeImplication (BoolValue &LHS, BoolValue &RHS) const |
Returns a boolean value represents LHS => RHS . | |
BoolValue & | makeIff (BoolValue &LHS, BoolValue &RHS) const |
Returns a boolean value represents LHS <=> RHS . | |
Atom | getFlowConditionToken () const |
Returns a boolean variable that identifies the flow condition (FC). | |
void | assume (const Formula &) |
Record a fact that must be true if this point in the program is reached. | |
bool | proves (const Formula &) const |
Returns true if the formula is always true when this point is reached. | |
bool | allows (const Formula &) const |
Returns true if the formula may be true when this point is reached. | |
const FunctionDecl * | getCurrentFunc () const |
Returns the function currently being analyzed, or null if the code being analyzed isn't part of a function. | |
size_t | callStackSize () const |
Returns the size of the call stack, not counting the initial analysis target. | |
bool | canDescend (unsigned MaxDepth, const FunctionDecl *Callee) const |
Returns whether this Environment can be extended to analyze the given Callee (i.e. | |
DataflowAnalysisContext & | getDataflowAnalysisContext () const |
Returns the DataflowAnalysisContext used by the environment. | |
Arena & | arena () const |
LLVM_DUMP_METHOD void | dump () const |
LLVM_DUMP_METHOD void | dump (raw_ostream &OS) const |
Static Public Member Functions | |
static Environment | join (const Environment &EnvA, const Environment &EnvB, Environment::ValueModel &Model, ExprJoinBehavior ExprBehavior) |
Joins two environments by taking the intersection of storage locations and values that are stored in them. | |
static Value * | joinValues (QualType Ty, Value *Val1, const Environment &Env1, Value *Val2, const Environment &Env2, Environment &JoinedEnv, Environment::ValueModel &Model) |
Returns a value that approximates both Val1 and Val2 , or null if no such value can be produced. | |
Holds the state of the program (store and heap) at a given program point.
WARNING: Symbolic values that are created by the environment for static local and global variables are not currently invalidated on function calls. This is unsound and should be taken into account when designing dataflow analyses.
Definition at line 65 of file DataflowEnvironment.h.
How to treat expression state (ExprToLoc
and ExprToVal
) in a join.
If the join happens within a full expression, expression state should be kept; otherwise, we can discard it.
Enumerator | |
---|---|
DiscardExprState | |
KeepExprState |
Definition at line 242 of file DataflowEnvironment.h.
|
inlineexplicit |
Creates an environment that uses DACtx
to store objects that encompass the state of a program.
Definition at line 161 of file DataflowEnvironment.h.
|
inline |
Creates an environment that uses DACtx
to store objects that encompass the state of a program, with S
as the statement to analyze.
Definition at line 167 of file DataflowEnvironment.h.
|
inline |
Creates an environment that uses DACtx
to store objects that encompass the state of a program, with FD
as the function to analyze.
Requirements:
The function must have a body, i.e. FunctionDecl::doesThisDecalarationHaveABody()
must be true.
Definition at line 178 of file DataflowEnvironment.h.
References clang::FunctionDecl::doesThisDeclarationHaveABody().
|
default |
Returns true if the formula may be true when this point is reached.
Returns false if the formula is always false when this point is reached (or the flow condition is overly constraining) or if the solver times out.
Definition at line 1144 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::flowConditionAllows().
|
inline |
Definition at line 679 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::arena().
Referenced by create(), getBoolLiteralValue(), getIntLiteralValue(), clang::dataflow::joinDistinctValues(), makeAnd(), makeAtomicBoolValue(), makeIff(), makeImplication(), makeNot(), makeOr(), makeTopBoolValue(), and clang::dataflow::widenDistinctValues().
void clang::dataflow::Environment::assume | ( | const Formula & | F | ) |
Record a fact that must be true if this point in the program is reached.
Definition at line 1136 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::addFlowConditionConstraint().
Referenced by clang::dataflow::joinDistinctValues().
|
inline |
Returns the size of the call stack, not counting the initial analysis target.
Definition at line 668 of file DataflowEnvironment.h.
Referenced by clang::dataflow::runTypeErasedDataflowAnalysis().
bool clang::dataflow::Environment::canDescend | ( | unsigned | MaxDepth, |
const FunctionDecl * | Callee | ||
) | const |
Returns whether this Environment
can be extended to analyze the given Callee
(i.e.
if pushCall
can be used). Recursion is not allowed. MaxDepth
is the maximum size of the call stack (i.e. the maximum value that callStackSize()
may assume after the call).
Definition at line 599 of file DataflowEnvironment.cpp.
|
inline |
Clears any association between Loc
and a value in the environment.
Definition at line 498 of file DataflowEnvironment.h.
References Loc.
Referenced by clang::dataflow::copyField(), and clang::dataflow::copySyntheticField().
|
inline |
Creates a T
(some subclass of Value
), forwarding args
to the constructor, and returns a reference to it.
The analysis context takes ownership of the created object. The object will be destroyed when the analysis context is destroyed.
Definition at line 557 of file DataflowEnvironment.h.
References arena(), clang::dataflow::Arena::create(), and clang::T.
|
inline |
Creates an object for the variable declaration D
.
If InitExpr
is non-null and has a value associated with it, initializes the object with this value. Otherwise, initializes the object with a value created using createValue()
. Uses the storage location returned by DataflowAnalysisContext::getStableStorageLocation(D)
.
Definition at line 474 of file DataflowEnvironment.h.
References D.
|
inline |
Creates an object for the variable declaration D
.
If D
has an initializer and this initializer is associated with a value, initializes the object with this value. Otherwise, initializes the object with a value created using createValue()
. Uses the storage location returned by DataflowAnalysisContext::getStableStorageLocation(D)
.
Definition at line 465 of file DataflowEnvironment.h.
References D.
|
inline |
Creates an object (i.e.
a storage location with an associated value) of type Ty
. If InitExpr
is non-null and has a value associated with it, initializes the object with this value. Otherwise, initializes the object with a value created using createValue()
.
Definition at line 456 of file DataflowEnvironment.h.
Referenced by initialize().
StorageLocation & clang::dataflow::Environment::createStorageLocation | ( | const Expr & | E | ) |
Creates a storage location for E
.
Does not assign the returned storage location to E
in the environment. Does not assign a value to the returned storage location in the environment.
Definition at line 842 of file DataflowEnvironment.cpp.
References E, and clang::dataflow::DataflowAnalysisContext::getStableStorageLocation().
StorageLocation & clang::dataflow::Environment::createStorageLocation | ( | const ValueDecl & | D | ) |
Creates a storage location for D
.
Does not assign the returned storage location to D
in the environment. Does not assign a value to the returned storage location in the environment.
Definition at line 835 of file DataflowEnvironment.cpp.
References D, and clang::dataflow::DataflowAnalysisContext::getStableStorageLocation().
StorageLocation & clang::dataflow::Environment::createStorageLocation | ( | QualType | Type | ) |
Creates a storage location appropriate for Type
.
Does not assign a value to the returned storage location in the environment.
Requirements:
Type
must not be null.
Definition at line 831 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::createStorageLocation().
Referenced by initialize(), and setStorageLocation().
Creates a value appropriate for Type
, if Type
is supported, otherwise returns null.
If Type
is a pointer or reference type, creates all the necessary storage locations and values for indirections until it finds a non-pointer/non-reference type.
If Type
is one of the following types, this function will always return a non-null pointer:
bool
Requirements:
Definition at line 965 of file DataflowEnvironment.cpp.
References clang::dataflow::MaxCompositeValueSize, and Visited.
Referenced by clang::dataflow::joinDistinctValues().
void clang::dataflow::Environment::dump | ( | ) | const |
Definition at line 1201 of file DataflowEnvironment.cpp.
References dump().
Referenced by dump(), and clang::dataflow::runTypeErasedDataflowAnalysis().
void clang::dataflow::Environment::dump | ( | raw_ostream & | OS | ) | const |
Definition at line 1148 of file DataflowEnvironment.cpp.
References D, clang::dataflow::DataflowAnalysisContext::dumpFlowCondition(), E, clang::Func, getCurrentFunc(), Iter, and V.
bool clang::dataflow::Environment::equivalentTo | ( | const Environment & | Other, |
Environment::ValueModel & | Model | ||
) | const |
Returns true if and only if the environment is equivalent to Other
, i.e the two environments:
Model
) values assigned to the same storage locations.Requirements:
Other
and this
must use the same DataflowAnalysisContext
.
Definition at line 692 of file DataflowEnvironment.cpp.
References clang::dataflow::compareKeyToValueMaps(), and clang::Other.
Environment clang::dataflow::Environment::fork | ( | ) | const |
Returns a new environment that is a copy of this one.
The state of the program is initially the same, but can be mutated without affecting the original.
However the original should not be further mutated, as this may interfere with the fork. (In practice, values are stored independently, but the forked flow condition references the original).
Definition at line 593 of file DataflowEnvironment.cpp.
References clang::Copy, and clang::dataflow::DataflowAnalysisContext::forkFlowCondition().
Referenced by clang::dataflow::TypeErasedDataflowAnalysisState::fork(), and clang::dataflow::runTypeErasedDataflowAnalysis().
|
inline |
Definition at line 347 of file DataflowEnvironment.h.
References E, and getStorageLocation().
|
inline |
Definition at line 544 of file DataflowEnvironment.h.
References E, and getValue().
|
inline |
Returns the result of casting getValue(...)
to a subclass of Value
(using cast_or_null<T>
).
This assert-fails if the result of getValue(...)
is not of type T *
; if the value is not guaranteed to have type T *
, consider using dyn_cast_or_null<T>(getValue(...))
instead.
Definition at line 535 of file DataflowEnvironment.h.
References getValue(), and Loc.
|
inline |
Returns the result of casting getStorageLocation(...)
to a subclass of StorageLocation
(using cast_or_null<T>
).
This assert-fails if the result of getStorageLocation(...)
is not of type T *
; if the storage location is not guaranteed to have type T *
, consider using dyn_cast_or_null<T>(getStorageLocation(...))
instead.
Definition at line 342 of file DataflowEnvironment.h.
References D, and getStorageLocation().
Referenced by clang::dataflow::getBaseObjectLocation(), and clang::dataflow::getImplicitObjectLocation().
|
inline |
Definition at line 540 of file DataflowEnvironment.h.
References D, and getValue().
Returns a symbolic boolean value that models a boolean literal equal to Value
Definition at line 569 of file DataflowEnvironment.h.
References arena(), and clang::dataflow::Arena::makeBoolValue().
Referenced by clang::dataflow::evaluateBooleanEquality(), and clang::dataflow::widenDistinctValues().
|
inline |
Returns the function currently being analyzed, or null if the code being analyzed isn't part of a function.
Definition at line 662 of file DataflowEnvironment.h.
Referenced by dump(), getReturnStorageLocation(), getReturnValue(), join(), setReturnStorageLocation(), and setReturnValue().
|
inline |
Returns the DataflowAnalysisContext
used by the environment.
Definition at line 677 of file DataflowEnvironment.h.
Referenced by clang::dataflow::unpackValue().
|
inline |
Returns a boolean variable that identifies the flow condition (FC).
The flow condition is a set of facts that are necessarily true when the program reaches the current point, expressed as boolean formulas. The flow condition token is equivalent to the AND of these facts.
These may e.g. constrain the value of certain variables. A pointer variable may have a consistent modeled PointerValue throughout, but at a given point the Environment may tell us that the value must be non-null.
The FC is necessary but not sufficient for this point to be reachable. In particular, where the FC token appears in flow conditions of successor environments, it means "point X may have been reached", not "point X was reached".
Definition at line 639 of file DataflowEnvironment.h.
Referenced by clang::dataflow::joinDistinctValues().
|
inline |
Returns a symbolic integer value that models an integer literal equal to Value
Definition at line 563 of file DataflowEnvironment.h.
References arena(), and clang::dataflow::Arena::makeIntLiteral().
PointerValue & clang::dataflow::Environment::getOrCreateNullPointerValue | ( | QualType | PointeeType | ) |
Returns a pointer value that represents a null pointer.
Calls with PointeeType
that are canonically equivalent will return the same result.
Definition at line 907 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::getOrCreateNullPointerValue().
RecordStorageLocation & clang::dataflow::Environment::getResultObjectLocation | ( | const Expr & | RecordPRValue | ) | const |
Returns the location of the result object for a record-type prvalue.
In C++, prvalues of record type serve only a limited purpose: They can only be used to initialize a result object (e.g. a variable or a temporary). This function returns the location of that result object.
When creating a prvalue of record type, we already need the storage location of the result object to pass in this
, even though prvalues are otherwise not associated with storage locations.
Requirements: E
must be a prvalue of record type.
Definition at line 892 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::getStableStorageLocation(), clang::Expr::getType(), clang::Expr::isPRValue(), clang::Type::isRecordType(), and Loc.
|
inline |
Returns the storage location for the reference returned by the function currently being analyzed.
This can be null if the function doesn't return a single consistent reference.
Requirements: The current analysis target must be a function and must have a reference return type.
Definition at line 401 of file DataflowEnvironment.h.
References getCurrentFunc().
|
inline |
Returns the return value of the function currently being analyzed.
This can be null if:
Requirements: The current analysis target must be a function and must have a non-reference return type.
Definition at line 388 of file DataflowEnvironment.h.
References getCurrentFunc().
StorageLocation * clang::dataflow::Environment::getStorageLocation | ( | const Expr & | E | ) | const |
Returns the storage location assigned to the glvalue E
in the environment, or null if E
isn't assigned a storage location in the environment.
Requirements: E
must be a glvalue or a BuiltinType::BuiltinFn
Definition at line 883 of file DataflowEnvironment.cpp.
References E, and clang::dataflow::ignoreCFGOmittedNodes().
StorageLocation * clang::dataflow::Environment::getStorageLocation | ( | const ValueDecl & | D | ) | const |
Returns the storage location assigned to D
in the environment, or null if D
isn't assigned a storage location in the environment.
Definition at line 860 of file DataflowEnvironment.cpp.
Referenced by clang::dataflow::builtinTransferInitializer(), get(), clang::dataflow::getImplicitObjectLocation(), getValue(), clang::dataflow::maybeUnpackLValueExpr(), clang::dataflow::propagateStorageLocation(), and pushCall().
|
inline |
Returns the storage location assigned to the this
pointee in the environment or null if the this
pointee has no assigned storage location in the environment.
Definition at line 354 of file DataflowEnvironment.h.
Referenced by clang::dataflow::builtinTransferInitializer(), and initialize().
Equivalent to getValue(getStorageLocation(E, SP))
if E
is assigned a storage location in the environment, otherwise returns null.
Definition at line 950 of file DataflowEnvironment.cpp.
References E, getValue(), and clang::dataflow::ignoreCFGOmittedNodes().
Value * clang::dataflow::Environment::getValue | ( | const StorageLocation & | Loc | ) | const |
Returns the value assigned to Loc
in the environment or null if Loc
isn't assigned a value in the environment.
Requirements:
Loc
must not be a RecordStorageLocation
.
Definition at line 937 of file DataflowEnvironment.cpp.
References Loc.
Referenced by clang::dataflow::builtinTransferInitializer(), clang::dataflow::copyField(), clang::dataflow::copySyntheticField(), clang::dataflow::evaluateBooleanEquality(), get(), getValue(), clang::dataflow::maybeUnpackLValueExpr(), clang::dataflow::propagateValue(), and clang::dataflow::recordsEqual().
Equivalent to getValue(getStorageLocation(D))
if D
is assigned a storage location in the environment, otherwise returns null.
Requirements:
D
must not have record type.
Definition at line 943 of file DataflowEnvironment.cpp.
References D, getStorageLocation(), getValue(), and Loc.
void clang::dataflow::Environment::initialize | ( | ) |
Assigns storage locations and values to all parameters, captures, global variables, fields and functions referenced in the Stmt
or FunctionDecl
passed to the constructor.
If no Stmt
or FunctionDecl
was supplied, this function does nothing.
Definition at line 492 of file DataflowEnvironment.cpp.
References createObject(), createStorageLocation(), clang::DeclContext::getNonClosureAncestor(), clang::dataflow::getReferencedDecls(), clang::FunctionDecl::getReturnType(), getThisPointeeStorageLocation(), initializeFieldsWithValues(), clang::Type::isRecordType(), clang::FunctionDecl::parameters(), Parent, setStorageLocation(), and setThisPointeeStorageLocation().
Referenced by clang::dataflow::runTypeErasedDataflowAnalysis().
|
inline |
Definition at line 486 of file DataflowEnvironment.h.
References initializeFieldsWithValues(), and Loc.
void clang::dataflow::Environment::initializeFieldsWithValues | ( | RecordStorageLocation & | Loc, |
QualType | Type | ||
) |
Initializes the fields (including synthetic fields) of Loc
with values, unless values of the field type are not supported or we hit one of the limits at which we stop producing values.
If a field already has a value, that value is preserved. If Type
is provided, initializes only those fields that are modeled for Type
; this is intended for use in cases where Loc
is a derived type and we only want to initialize the fields of a base type.
Definition at line 911 of file DataflowEnvironment.cpp.
References initializeFieldsWithValues(), Loc, clang::dataflow::MaxCompositeValueSize, and Visited.
Referenced by initialize(), and initializeFieldsWithValues().
|
static |
Joins two environments by taking the intersection of storage locations and values that are stored in them.
Distinct values that are assigned to the same storage locations in EnvA
and EnvB
are merged using Model
.
Requirements:
EnvA
and EnvB
must use the same DataflowAnalysisContext
.
Definition at line 761 of file DataflowEnvironment.cpp.
References clang::Func, getCurrentFunc(), clang::dataflow::intersectDeclToLoc(), clang::dataflow::joinExprMaps(), clang::dataflow::DataflowAnalysisContext::joinFlowConditions(), clang::dataflow::joinLocToVal(), joinValues(), and KeepExprState.
|
static |
Returns a value that approximates both Val1
and Val2
, or null if no such value can be produced.
Env1
and Env2
can be used to query child values and path condition implications of Val1
and Val2
respectively. The joined value will be produced in JoinedEnv
.
Requirements:
Val1
and Val2
must model values of type Type
.
Definition at line 813 of file DataflowEnvironment.cpp.
References clang::dataflow::areEquivalentValues(), and clang::dataflow::joinDistinctValues().
Referenced by join(), and clang::dataflow::joinLocToVal().
Returns a boolean value that represents the conjunction of LHS
and RHS
.
Subsequent calls with the same arguments, regardless of their order, will return the same result. If the given boolean values represent the same value, the result will be the value itself.
Definition at line 587 of file DataflowEnvironment.h.
References arena(), clang::dataflow::BoolValue::formula(), makeAnd(), and clang::dataflow::Arena::makeBoolValue().
Referenced by makeAnd().
|
inline |
Returns an atomic boolean value.
Definition at line 574 of file DataflowEnvironment.h.
References arena(), and clang::dataflow::Arena::makeAtomValue().
Referenced by clang::dataflow::evaluateBooleanEquality().
Returns a boolean value represents LHS
<=> RHS
.
Subsequent calls with the same arguments, regardless of their order, will return the same result. If the given boolean values represent the same value, the result will be a value that represents the true boolean literal.
Definition at line 620 of file DataflowEnvironment.h.
References arena(), clang::dataflow::BoolValue::formula(), and clang::dataflow::Arena::makeBoolValue().
Referenced by clang::dataflow::evaluateBooleanEquality().
|
inline |
Returns a boolean value represents LHS
=> RHS
.
Subsequent calls with the same arguments, will return the same result. If the given boolean values represent the same value, the result will be a value that represents the true boolean literal.
Definition at line 611 of file DataflowEnvironment.h.
References arena(), clang::dataflow::BoolValue::formula(), and clang::dataflow::Arena::makeBoolValue().
Returns a boolean value that represents the negation of Val
.
Subsequent calls with the same argument will return the same result.
Definition at line 603 of file DataflowEnvironment.h.
References arena(), clang::dataflow::BoolValue::formula(), clang::dataflow::Arena::makeBoolValue(), and makeNot().
Referenced by makeNot().
Returns a boolean value that represents the disjunction of LHS
and RHS
.
Subsequent calls with the same arguments, regardless of their order, will return the same result. If the given boolean values represent the same value, the result will be the value itself.
Definition at line 596 of file DataflowEnvironment.h.
References arena(), clang::dataflow::BoolValue::formula(), clang::dataflow::Arena::makeBoolValue(), and makeOr().
Referenced by makeOr().
|
inline |
Returns a unique instance of boolean Top.
Definition at line 579 of file DataflowEnvironment.h.
References arena(), and clang::dataflow::Arena::makeTopValue().
Referenced by clang::dataflow::widenDistinctValues().
|
delete |
|
default |
void clang::dataflow::Environment::popCall | ( | const CallExpr * | Call, |
const Environment & | CalleeEnv | ||
) |
Moves gathered information back into this
from a CalleeEnv
created via pushCall
.
Definition at line 665 of file DataflowEnvironment.cpp.
References clang::Call, setStorageLocation(), and setValue().
void clang::dataflow::Environment::popCall | ( | const CXXConstructExpr * | Call, |
const Environment & | CalleeEnv | ||
) |
Definition at line 685 of file DataflowEnvironment.cpp.
Returns true if the formula is always true when this point is reached.
Returns false if the formula may be false (or the flow condition isn't sufficiently precise to prove that it is true) or if the solver times out.
Note that there is an asymmetry between this function and allows()
in that they both return false if the solver times out. The assumption is that if proves()
or allows()
returns true, this will result in a diagnostic, and we want to bias towards false negatives in the case where the solver times out.
Definition at line 1140 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::flowConditionImplies().
Referenced by clang::dataflow::widenDistinctValues().
Environment clang::dataflow::Environment::pushCall | ( | const CallExpr * | Call | ) | const |
Creates and returns an environment to use for an inline analysis of the callee.
Uses the storage location from each argument in the Call
as the storage location for the corresponding parameter in the callee.
Requirements:
The callee of Call
must be a FunctionDecl
.
The body of the callee must not reference globals.
The arguments of Call
must map 1:1 to the callee's parameters.
Definition at line 604 of file DataflowEnvironment.cpp.
References clang::Call, Env, and getStorageLocation().
Environment clang::dataflow::Environment::pushCall | ( | const CXXConstructExpr * | Call | ) | const |
Definition at line 626 of file DataflowEnvironment.cpp.
References clang::Call, and Env.
void clang::dataflow::Environment::removeDecl | ( | const ValueDecl & | D | ) |
Removes the location assigned to D
in the environment (if any).
Definition at line 870 of file DataflowEnvironment.cpp.
References D.
|
inline |
Sets the storage location for the reference returned by the function currently being analyzed.
Requirements: The current analysis target must be a function and must have a reference return type.
Definition at line 424 of file DataflowEnvironment.h.
References getCurrentFunc(), and Loc.
|
inline |
Sets the return value of the function currently being analyzed.
Requirements: The current analysis target must be a function and must have a non-reference return type.
Definition at line 412 of file DataflowEnvironment.h.
References getCurrentFunc().
void clang::dataflow::Environment::setStorageLocation | ( | const Expr & | E, |
StorageLocation & | Loc | ||
) |
Assigns Loc
as the storage location of the glvalue E
in the environment.
Requirements:
E
must not be assigned a storage location in the environment. E
must be a glvalue or a BuiltinType::BuiltinFn
Definition at line 872 of file DataflowEnvironment.cpp.
References E, clang::dataflow::ignoreCFGOmittedNodes(), and Loc.
void clang::dataflow::Environment::setStorageLocation | ( | const ValueDecl & | D, |
StorageLocation & | Loc | ||
) |
Assigns Loc
as the storage location of D
in the environment.
Requirements:
D
must not already have a storage location in the environment.
Definition at line 849 of file DataflowEnvironment.cpp.
References createStorageLocation(), D, and Loc.
Referenced by initialize(), popCall(), and clang::dataflow::propagateStorageLocation().
|
inline |
Sets the storage location assigned to the this
pointee in the environment.
Definition at line 360 of file DataflowEnvironment.h.
References Loc.
Referenced by initialize().
Assigns Val
as the value of the prvalue E
in the environment.
Requirements:
E
must be a prvalue.E
must not have record type. Definition at line 928 of file DataflowEnvironment.cpp.
References E, clang::Expr::getType(), clang::dataflow::ignoreCFGOmittedNodes(), clang::Expr::isPRValue(), and clang::Type::isRecordType().
void clang::dataflow::Environment::setValue | ( | const StorageLocation & | Loc, |
Value & | Val | ||
) |
Assigns Val
as the value of Loc
in the environment.
Requirements:
Loc
must not be a RecordStorageLocation
.
Definition at line 922 of file DataflowEnvironment.cpp.
References Loc.
Referenced by clang::dataflow::builtinTransferInitializer(), clang::dataflow::copyField(), clang::dataflow::copySyntheticField(), clang::dataflow::maybeUnpackLValueExpr(), popCall(), and clang::dataflow::propagateValue().
LatticeEffect clang::dataflow::Environment::widen | ( | const Environment & | PrevEnv, |
Environment::ValueModel & | Model | ||
) |
Widens the environment point-wise, using PrevEnv
as needed to inform the approximation.
Requirements:
PrevEnv
must be the immediate previous version of the environment. PrevEnv
and this
must use the same DataflowAnalysisContext
.
Definition at line 723 of file DataflowEnvironment.cpp.
References clang::dataflow::Changed, clang::dataflow::Unchanged, and clang::dataflow::widenKeyToValueMap().
Referenced by clang::dataflow::runTypeErasedDataflowAnalysis().