|
clang
17.0.0git
|
Holds the state of the program (store and heap) at a given program point. More...
#include "clang/Analysis/FlowSensitive/DataflowEnvironment.h"
Classes | |
| class | ValueModel |
Supplements Environment with non-standard comparison and join operations. More... | |
Public Member Functions | |
| Environment (DataflowAnalysisContext &DACtx) | |
Creates an environment that uses DACtx to store objects that encompass the state of a program. More... | |
| Environment (const Environment &Other) | |
| Environment & | operator= (const Environment &Other) |
| Environment (Environment &&Other)=default | |
| Environment & | operator= (Environment &&Other)=default |
| Environment (DataflowAnalysisContext &DACtx, const DeclContext &DeclCtx) | |
Creates an environment that uses DACtx to store objects that encompass the state of a program. More... | |
| const DataflowAnalysisContext::Options & | getAnalysisOptions () |
| Environment | pushCall (const CallExpr *Call) const |
| Creates and returns an environment to use for an inline analysis of the callee. More... | |
| Environment | pushCall (const CXXConstructExpr *Call) const |
| void | popCall (const Environment &CalleeEnv) |
Moves gathered information back into this from a CalleeEnv created via pushCall. More... | |
| bool | equivalentTo (const Environment &Other, Environment::ValueModel &Model) const |
Returns true if and only if the environment is equivalent to Other, i.e the two environments: More... | |
| LatticeJoinEffect | join (const Environment &Other, Environment::ValueModel &Model) |
Joins the environment with Other by taking the intersection of storage locations and values that are stored in them. More... | |
| LatticeJoinEffect | widen (const Environment &PrevEnv, Environment::ValueModel &Model) |
Widens the environment point-wise, using PrevEnv as needed to inform the approximation. More... | |
| StorageLocation & | createStorageLocation (QualType Type) |
Creates a storage location appropriate for Type. More... | |
| StorageLocation & | createStorageLocation (const VarDecl &D) |
Creates a storage location for D. More... | |
| StorageLocation & | createStorageLocation (const Expr &E) |
Creates a storage location for E. More... | |
| void | setStorageLocation (const ValueDecl &D, StorageLocation &Loc) |
Assigns Loc as the storage location of D in the environment. More... | |
| StorageLocation * | getStorageLocation (const ValueDecl &D, SkipPast SP) const |
Returns the storage location assigned to D in the environment, applying the SP policy for skipping past indirections, or null if D isn't assigned a storage location in the environment. More... | |
| void | setStorageLocation (const Expr &E, StorageLocation &Loc) |
Assigns Loc as the storage location of E in the environment. More... | |
| StorageLocation * | getStorageLocation (const Expr &E, SkipPast SP) const |
Returns the storage location assigned to E in the environment, applying the SP policy for skipping past indirections, or null if E isn't assigned a storage location in the environment. More... | |
| StorageLocation * | getThisPointeeStorageLocation () const |
Returns the storage location assigned to the this pointee in the environment or null if the this pointee has no assigned storage location in the environment. More... | |
| StorageLocation * | getReturnStorageLocation () const |
| Returns the storage location of the return value or null, if unset. More... | |
| PointerValue & | getOrCreateNullPointerValue (QualType PointeeType) |
| Returns a pointer value that represents a null pointer. More... | |
| Value * | createValue (QualType Type) |
Creates a value appropriate for Type, if Type is supported, otherwise return null. More... | |
| void | setValue (const StorageLocation &Loc, Value &Val) |
Assigns Val as the value of Loc in the environment. More... | |
| Value * | getValue (const StorageLocation &Loc) const |
Returns the value assigned to Loc in the environment or null if Loc isn't assigned a value in the environment. More... | |
| Value * | getValue (const ValueDecl &D, SkipPast SP) const |
Equivalent to getValue(getStorageLocation(D, SP), SkipPast::None) if D is assigned a storage location in the environment, otherwise returns null. More... | |
| Value * | getValue (const Expr &E, SkipPast SP) const |
Equivalent to getValue(getStorageLocation(E, SP), SkipPast::None) if E is assigned a storage location in the environment, otherwise returns null. More... | |
| template<typename T > | |
| std::enable_if_t< std::is_base_of< StorageLocation, T >::value, T & > | takeOwnership (std::unique_ptr< T > Loc) |
Transfers ownership of Loc to the analysis context and returns a reference to it. More... | |
| template<typename T > | |
| std::enable_if_t< std::is_base_of< Value, T >::value, T & > | takeOwnership (std::unique_ptr< T > Val) |
Transfers ownership of Val to the analysis context and returns a reference to it. More... | |
| AtomicBoolValue & | getBoolLiteralValue (bool Value) const |
Returns a symbolic boolean value that models a boolean literal equal to Value More... | |
| BoolValue & | makeAtomicBoolValue () const |
| Returns an atomic boolean value. More... | |
| BoolValue & | makeTopBoolValue () const |
| Returns a unique instance of boolean Top. More... | |
| BoolValue & | makeAnd (BoolValue &LHS, BoolValue &RHS) const |
Returns a boolean value that represents the conjunction of LHS and RHS. More... | |
| BoolValue & | makeOr (BoolValue &LHS, BoolValue &RHS) const |
Returns a boolean value that represents the disjunction of LHS and RHS. More... | |
| BoolValue & | makeNot (BoolValue &Val) const |
Returns a boolean value that represents the negation of Val. More... | |
| BoolValue & | makeImplication (BoolValue &LHS, BoolValue &RHS) const |
Returns a boolean value represents LHS => RHS. More... | |
| BoolValue & | makeIff (BoolValue &LHS, BoolValue &RHS) const |
Returns a boolean value represents LHS <=> RHS. More... | |
| AtomicBoolValue & | getFlowConditionToken () const |
| Returns the token that identifies the flow condition of the environment. More... | |
| BoolValue & | buildAndSubstituteFlowCondition (AtomicBoolValue &Token, llvm::DenseMap< AtomicBoolValue *, BoolValue * > Substitutions) |
Builds and returns the logical formula defining the flow condition identified by Token. More... | |
| void | addToFlowCondition (BoolValue &Val) |
Adds Val to the set of clauses that constitute the flow condition. More... | |
| bool | flowConditionImplies (BoolValue &Val) const |
Returns true if and only if the clauses that constitute the flow condition imply that Val is true. More... | |
| const DeclContext * | getDeclCtx () const |
Returns the DeclContext of the block being analysed, if any. More... | |
| bool | canDescend (unsigned MaxDepth, const DeclContext *Callee) const |
Returns whether this Environment can be extended to analyze the given Callee (i.e. More... | |
| const ControlFlowContext * | getControlFlowContext (const FunctionDecl *F) |
Returns the ControlFlowContext registered for F, if any. More... | |
| LLVM_DUMP_METHOD void | dump () const |
| LLVM_DUMP_METHOD void | dump (raw_ostream &OS) const |
Holds the state of the program (store and heap) at a given program point.
WARNING: Symbolic values that are created by the environment for static local and global variables are not currently invalidated on function calls. This is unsound and should be taken into account when designing dataflow analyses.
Definition at line 65 of file DataflowEnvironment.h.
|
explicit |
Creates an environment that uses DACtx to store objects that encompass the state of a program.
Definition at line 217 of file DataflowEnvironment.cpp.
| clang::dataflow::Environment::Environment | ( | const Environment & | Other | ) |
Definition at line 220 of file DataflowEnvironment.cpp.
|
default |
| clang::dataflow::Environment::Environment | ( | DataflowAnalysisContext & | DACtx, |
| const DeclContext & | DeclCtx | ||
| ) |
Creates an environment that uses DACtx to store objects that encompass the state of a program.
If DeclCtx is a function, initializes the environment with symbolic representations of the function parameters.
If DeclCtx is a non-static member function, initializes the environment with a symbolic representation of the this pointee.
Definition at line 234 of file DataflowEnvironment.cpp.
References createStorageLocation(), createValue(), clang::dataflow::getFieldsAndGlobalVars(), Parent, setStorageLocation(), and setValue().
| void clang::dataflow::Environment::addToFlowCondition | ( | BoolValue & | Val | ) |
Adds Val to the set of clauses that constitute the flow condition.
Definition at line 785 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::addFlowConditionConstraint().
Referenced by clang::dataflow::UncheckedOptionalAccessModel::merge(), clang::dataflow::mergeDistinctValues(), and clang::dataflow::ChromiumCheckModel::transfer().
|
inline |
Builds and returns the logical formula defining the flow condition identified by Token.
If a value in the formula is present as a key in Substitutions, it will be substituted with the value it maps to.
Definition at line 403 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::buildAndSubstituteFlowCondition().
| bool clang::dataflow::Environment::canDescend | ( | unsigned | MaxDepth, |
| const DeclContext * | Callee | ||
| ) | const |
Returns whether this Environment can be extended to analyze the given Callee (i.e.
if pushCall can be used), with recursion disallowed and a given MaxDepth.
Definition at line 291 of file DataflowEnvironment.cpp.
| StorageLocation & clang::dataflow::Environment::createStorageLocation | ( | const Expr & | E | ) |
Creates a storage location for E.
Does not assign the returned storage location to E in the environment. Does not assign a value to the returned storage location in the environment.
Definition at line 573 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::getStableStorageLocation().
| StorageLocation & clang::dataflow::Environment::createStorageLocation | ( | const VarDecl & | D | ) |
Creates a storage location for D.
Does not assign the returned storage location to D in the environment. Does not assign a value to the returned storage location in the environment.
Definition at line 566 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::getStableStorageLocation().
| StorageLocation & clang::dataflow::Environment::createStorageLocation | ( | QualType | Type | ) |
Creates a storage location appropriate for Type.
Does not assign a value to the returned storage location in the environment.
Requirements:
Type must not be null.
Definition at line 562 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::createStorageLocation().
Referenced by Environment().
Creates a value appropriate for Type, if Type is supported, otherwise return null.
If Type is a pointer or reference type, creates all the necessary storage locations and values for indirections until it finds a non-pointer/non-reference type.
Requirements:
Type must not be null.
Definition at line 668 of file DataflowEnvironment.cpp.
References clang::dataflow::MaxCompositeValueSize.
Referenced by Environment(), and clang::dataflow::mergeDistinctValues().
| void clang::dataflow::Environment::dump | ( | ) | const |
Definition at line 813 of file DataflowEnvironment.cpp.
Referenced by clang::dataflow::runTypeErasedDataflowAnalysis().
| void clang::dataflow::Environment::dump | ( | raw_ostream & | OS | ) | const |
Definition at line 793 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::dumpFlowCondition(), and V.
| bool clang::dataflow::Environment::equivalentTo | ( | const Environment & | Other, |
| Environment::ValueModel & | Model | ||
| ) | const |
Returns true if and only if the environment is equivalent to Other, i.e the two environments:
Model) values assigned to the same storage locations.Requirements:
Other and this must use the same DataflowAnalysisContext.
Definition at line 397 of file DataflowEnvironment.cpp.
References clang::dataflow::areEquivalentValues(), clang::dataflow::compareDistinctValues(), and clang::dataflow::StorageLocation::getType().
Returns true if and only if the clauses that constitute the flow condition imply that Val is true.
Definition at line 789 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::flowConditionImplies().
|
inline |
Definition at line 180 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::getOptions().
|
inline |
Returns a symbolic boolean value that models a boolean literal equal to Value
Definition at line 345 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::getBoolLiteralValue().
Referenced by clang::dataflow::ChromiumCheckModel::transfer().
|
inline |
Returns the ControlFlowContext registered for F, if any.
Otherwise, returns null.
Definition at line 428 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::getControlFlowContext().
|
inline |
Returns the DeclContext of the block being analysed, if any.
Otherwise, returns null.
Definition at line 419 of file DataflowEnvironment.h.
|
inline |
Returns the token that identifies the flow condition of the environment.
Definition at line 398 of file DataflowEnvironment.h.
Referenced by clang::dataflow::mergeDistinctValues().
| PointerValue & clang::dataflow::Environment::getOrCreateNullPointerValue | ( | QualType | PointeeType | ) |
Returns a pointer value that represents a null pointer.
Calls with PointeeType that are canonically equivalent will return the same result.
Definition at line 612 of file DataflowEnvironment.cpp.
References clang::dataflow::DataflowAnalysisContext::getOrCreateNullPointerValue().
| StorageLocation * clang::dataflow::Environment::getReturnStorageLocation | ( | ) | const |
Returns the storage location of the return value or null, if unset.
Definition at line 608 of file DataflowEnvironment.cpp.
| StorageLocation * clang::dataflow::Environment::getStorageLocation | ( | const Expr & | E, |
| SkipPast | SP | ||
| ) | const |
Returns the storage location assigned to E in the environment, applying the SP policy for skipping past indirections, or null if E isn't assigned a storage location in the environment.
Definition at line 597 of file DataflowEnvironment.cpp.
References clang::dataflow::ignoreCFGOmittedNodes().
| StorageLocation * clang::dataflow::Environment::getStorageLocation | ( | const ValueDecl & | D, |
| SkipPast | SP | ||
| ) | const |
Returns the storage location assigned to D in the environment, applying the SP policy for skipping past indirections, or null if D isn't assigned a storage location in the environment.
Definition at line 585 of file DataflowEnvironment.cpp.
Referenced by getValue(), clang::dataflow::maybeUnpackLValueExpr(), and pushCall().
| StorageLocation * clang::dataflow::Environment::getThisPointeeStorageLocation | ( | ) | const |
Returns the storage location assigned to the this pointee in the environment or null if the this pointee has no assigned storage location in the environment.
Definition at line 604 of file DataflowEnvironment.cpp.
Equivalent to getValue(getStorageLocation(E, SP), SkipPast::None) if E is assigned a storage location in the environment, otherwise returns null.
Definition at line 661 of file DataflowEnvironment.cpp.
References getStorageLocation(), and getValue().
| Value * clang::dataflow::Environment::getValue | ( | const StorageLocation & | Loc | ) | const |
Returns the value assigned to Loc in the environment or null if Loc isn't assigned a value in the environment.
Definition at line 649 of file DataflowEnvironment.cpp.
Referenced by clang::dataflow::evaluateBooleanEquality(), getValue(), and clang::dataflow::maybeUnpackLValueExpr().
Equivalent to getValue(getStorageLocation(D, SP), SkipPast::None) if D is assigned a storage location in the environment, otherwise returns null.
Definition at line 654 of file DataflowEnvironment.cpp.
References getStorageLocation(), and getValue().
| LatticeJoinEffect clang::dataflow::Environment::join | ( | const Environment & | Other, |
| Environment::ValueModel & | Model | ||
| ) |
Joins the environment with Other by taking the intersection of storage locations and values that are stored in them.
Distinct values that are assigned to the same storage locations in the environment and Other are merged using Model.
Requirements:
Other and this must use the same DataflowAnalysisContext.
Definition at line 496 of file DataflowEnvironment.cpp.
References clang::dataflow::areEquivalentValues(), clang::dataflow::Changed, clang::dataflow::StorageLocation::getType(), clang::dataflow::intersectDenseMaps(), clang::dataflow::DataflowAnalysisContext::joinFlowConditions(), clang::dataflow::mergeDistinctValues(), and clang::dataflow::Unchanged.
Returns a boolean value that represents the conjunction of LHS and RHS.
Subsequent calls with the same arguments, regardless of their order, will return the same result. If the given boolean values represent the same value, the result will be the value itself.
Definition at line 363 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::getOrCreateConjunction().
Referenced by clang::dataflow::mergeDistinctValues(), and clang::dataflow::unpackValue().
|
inline |
Returns an atomic boolean value.
Definition at line 350 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::createAtomicBoolValue().
Referenced by clang::dataflow::evaluateBooleanEquality(), clang::dataflow::UncheckedOptionalAccessModel::merge(), clang::dataflow::mergeDistinctValues(), and clang::dataflow::unpackValue().
Returns a boolean value represents LHS <=> RHS.
Subsequent calls with the same arguments, regardless of their order, will return the same result. If the given boolean values represent the same value, the result will be a value that represents the true boolean literal.
Definition at line 393 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::getOrCreateIff().
Referenced by clang::dataflow::evaluateBooleanEquality(), clang::dataflow::mergeDistinctValues(), and clang::dataflow::unpackValue().
|
inline |
Returns a boolean value represents LHS => RHS.
Subsequent calls with the same arguments, will return the same result. If the given boolean values represent the same value, the result will be a value that represents the true boolean literal.
Definition at line 385 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::getOrCreateImplication().
Referenced by clang::dataflow::unpackValue().
Returns a boolean value that represents the negation of Val.
Subsequent calls with the same argument will return the same result.
Definition at line 377 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::getOrCreateNegation().
Referenced by clang::dataflow::UncheckedOptionalAccessModel::merge(), and clang::dataflow::unpackValue().
Returns a boolean value that represents the disjunction of LHS and RHS.
Subsequent calls with the same arguments, regardless of their order, will return the same result. If the given boolean values represent the same value, the result will be the value itself.
Definition at line 371 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::getOrCreateDisjunction().
Referenced by clang::dataflow::mergeDistinctValues(), and clang::dataflow::unpackValue().
|
inline |
Returns a unique instance of boolean Top.
Definition at line 355 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::createTopBoolValue().
| Environment & clang::dataflow::Environment::operator= | ( | const Environment & | Other | ) |
Definition at line 228 of file DataflowEnvironment.cpp.
|
default |
| void clang::dataflow::Environment::popCall | ( | const Environment & | CalleeEnv | ) |
Moves gathered information back into this from a CalleeEnv created via pushCall.
Definition at line 384 of file DataflowEnvironment.cpp.
| Environment clang::dataflow::Environment::pushCall | ( | const CallExpr * | Call | ) | const |
Creates and returns an environment to use for an inline analysis of the callee.
Uses the storage location from each argument in the Call as the storage location for the corresponding parameter in the callee.
Requirements:
The callee of Call must be a FunctionDecl.
The body of the callee must not reference globals.
The arguments of Call must map 1:1 to the callee's parameters.
Definition at line 296 of file DataflowEnvironment.cpp.
References getStorageLocation(), and clang::dataflow::Reference.
| Environment clang::dataflow::Environment::pushCall | ( | const CXXConstructExpr * | Call | ) | const |
Definition at line 317 of file DataflowEnvironment.cpp.
References getStorageLocation(), and clang::dataflow::Reference.
| void clang::dataflow::Environment::setStorageLocation | ( | const Expr & | E, |
| StorageLocation & | Loc | ||
| ) |
Assigns Loc as the storage location of E in the environment.
Requirements:
E must not be assigned a storage location in the environment.
Definition at line 591 of file DataflowEnvironment.cpp.
References clang::dataflow::ignoreCFGOmittedNodes().
| void clang::dataflow::Environment::setStorageLocation | ( | const ValueDecl & | D, |
| StorageLocation & | Loc | ||
| ) |
Assigns Loc as the storage location of D in the environment.
Requirements:
D must not be assigned a storage location in the environment.
Definition at line 580 of file DataflowEnvironment.cpp.
Referenced by Environment().
| void clang::dataflow::Environment::setValue | ( | const StorageLocation & | Loc, |
| Value & | Val | ||
| ) |
Assigns Val as the value of Loc in the environment.
Definition at line 616 of file DataflowEnvironment.cpp.
References clang::Type::isStructureOrClassType(), clang::Type::isUnionType(), clang::Member, and clang::dataflow::StructValue::setChild().
Referenced by Environment(), and clang::dataflow::maybeUnpackLValueExpr().
|
inline |
Transfers ownership of Loc to the analysis context and returns a reference to it.
Requirements:
Loc must not be null.
Definition at line 327 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::takeOwnership().
|
inline |
Transfers ownership of Val to the analysis context and returns a reference to it.
Requirements:
Val must not be null.
Definition at line 339 of file DataflowEnvironment.h.
References clang::dataflow::DataflowAnalysisContext::takeOwnership().
| LatticeJoinEffect clang::dataflow::Environment::widen | ( | const Environment & | PrevEnv, |
| Environment::ValueModel & | Model | ||
| ) |
Widens the environment point-wise, using PrevEnv as needed to inform the approximation.
Requirements:
PrevEnv must be the immediate previous version of the environment. PrevEnv and this must use the same DataflowAnalysisContext.
Definition at line 435 of file DataflowEnvironment.cpp.
References clang::dataflow::areEquivalentValues(), clang::dataflow::Changed, clang::dataflow::StorageLocation::getType(), clang::dataflow::Unchanged, and clang::dataflow::widenDistinctValues().
Referenced by clang::dataflow::runTypeErasedDataflowAnalysis().
1.8.17