Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / clang / 8c3e7fbae6f61f87000f1edd59bb2379abf3d7e0 / . / lib / Analysis / BasicConstraintManager.cpp
blob: 2edbd803416b84a08c8c2f7566dcd4ccfc04fb32 [file] [log] [blame]
Zhongxing Xud19e21b2008-08-29 15:09:12 +0000[diff] [blame]1//== BasicConstraintManager.cpp - Manage basic constraints.------*- C++ -*--==//
2//
3// The LLVM Compiler Infrastructure
4//
5// This file is distributed under the University of Illinois Open Source
6// License. See LICENSE.TXT for details.
7//
8//===----------------------------------------------------------------------===//
9//
10// This file defines BasicConstraintManager, a class that tracks simple
11// equality and inequality constraints on symbolic values of GRState.
12//
13//===----------------------------------------------------------------------===//
14
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]15#include "clang/Analysis/PathSensitive/ConstraintManager.h"
16#include "clang/Analysis/PathSensitive/GRState.h"
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]17#include "clang/Analysis/PathSensitive/GRStateTrait.h"
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]18#include "llvm/Support/Compiler.h"
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]19#include "llvm/Support/raw_ostream.h"
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]20
21using namespace clang;
22
23namespace {
24
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]25typedef llvm::ImmutableMap<SymbolID,GRState::IntSetTy> ConstNotEqTy;
26typedef llvm::ImmutableMap<SymbolID,const llvm::APSInt*> ConstEqTy;
27
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]28// BasicConstraintManager only tracks equality and inequality constraints of
29// constants and integer variables.
30class VISIBILITY_HIDDEN BasicConstraintManager : public ConstraintManager {
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]31 GRStateManager& StateMgr;
32
33public:
34 BasicConstraintManager(GRStateManager& statemgr) : StateMgr(statemgr) {}
35
36 virtual const GRState* Assume(const GRState* St, RVal Cond,
37 bool Assumption, bool& isFeasible);
38
39 const GRState* Assume(const GRState* St, LVal Cond, bool Assumption,
40 bool& isFeasible);
41
42 const GRState* AssumeAux(const GRState* St, LVal Cond,bool Assumption,
43 bool& isFeasible);
44
45 const GRState* Assume(const GRState* St, NonLVal Cond, bool Assumption,
46 bool& isFeasible);
47
48 const GRState* AssumeAux(const GRState* St, NonLVal Cond, bool Assumption,
49 bool& isFeasible);
50
51 const GRState* AssumeSymInt(const GRState* St, bool Assumption,
52 const SymIntConstraint& C, bool& isFeasible);
53
54 const GRState* AssumeSymNE(const GRState* St, SymbolID sym,
55 const llvm::APSInt& V, bool& isFeasible);
56
57 const GRState* AssumeSymEQ(const GRState* St, SymbolID sym,
58 const llvm::APSInt& V, bool& isFeasible);
59
60 const GRState* AssumeSymLT(const GRState* St, SymbolID sym,
61 const llvm::APSInt& V, bool& isFeasible);
62
63 const GRState* AssumeSymGT(const GRState* St, SymbolID sym,
64 const llvm::APSInt& V, bool& isFeasible);
65
66 const GRState* AssumeSymGE(const GRState* St, SymbolID sym,
67 const llvm::APSInt& V, bool& isFeasible);
68
69 const GRState* AssumeSymLE(const GRState* St, SymbolID sym,
70 const llvm::APSInt& V, bool& isFeasible);
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]71
72 const GRState* AddEQ(const GRState* St, SymbolID sym, const llvm::APSInt& V);
73
74 const GRState* AddNE(const GRState* St, SymbolID sym, const llvm::APSInt& V);
75
76 const llvm::APSInt* getSymVal(const GRState* St, SymbolID sym);
77 bool isNotEqual(const GRState* St, SymbolID sym, const llvm::APSInt& V) const;
78 bool isEqual(const GRState* St, SymbolID sym, const llvm::APSInt& V) const;
79
80 const GRState* RemoveDeadBindings(const GRState* St,
81 StoreManager::LiveSymbolsTy& LSymbols,
82 StoreManager::DeadSymbolsTy& DSymbols);
83
84 void print(const GRState* St, std::ostream& Out,
85 const char* nl, const char *sep);
86};
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]87
88} // end anonymous namespace
89
90ConstraintManager* clang::CreateBasicConstraintManager(GRStateManager& StateMgr)
91{
92 return new BasicConstraintManager(StateMgr);
93}
94
95const GRState* BasicConstraintManager::Assume(const GRState* St, RVal Cond,
96 bool Assumption, bool& isFeasible) {
97 if (Cond.isUnknown()) {
98 isFeasible = true;
99 return St;
100 }
101
102 if (isa<NonLVal>(Cond))
103 return Assume(St, cast<NonLVal>(Cond), Assumption, isFeasible);
104 else
105 return Assume(St, cast<LVal>(Cond), Assumption, isFeasible);
106}
107
108const GRState* BasicConstraintManager::Assume(const GRState* St, LVal Cond,
109 bool Assumption, bool& isFeasible) {
110 St = AssumeAux(St, Cond, Assumption, isFeasible);
111 // TF->EvalAssume(*this, St, Cond, Assumption, isFeasible)
112 return St;
113}
114
115const GRState* BasicConstraintManager::AssumeAux(const GRState* St, LVal Cond,
116 bool Assumption, bool& isFeasible) {
117 BasicValueFactory& BasicVals = StateMgr.getBasicVals();
118
119 switch (Cond.getSubKind()) {
120 default:
121 assert (false && "'Assume' not implemented for this LVal.");
122 return St;
123
124 case lval::SymbolValKind:
125 if (Assumption)
126 return AssumeSymNE(St, cast<lval::SymbolVal>(Cond).getSymbol(),
127 BasicVals.getZeroWithPtrWidth(), isFeasible);
128 else
129 return AssumeSymEQ(St, cast<lval::SymbolVal>(Cond).getSymbol(),
130 BasicVals.getZeroWithPtrWidth(), isFeasible);
131
132 case lval::DeclValKind:
133 case lval::FuncValKind:
134 case lval::GotoLabelKind:
135 case lval::StringLiteralValKind:
136 isFeasible = Assumption;
137 return St;
138
139 case lval::FieldOffsetKind:
140 return AssumeAux(St, cast<lval::FieldOffset>(Cond).getBase(),
141 Assumption, isFeasible);
142
143 case lval::ArrayOffsetKind:
144 return AssumeAux(St, cast<lval::ArrayOffset>(Cond).getBase(),
145 Assumption, isFeasible);
146
147 case lval::ConcreteIntKind: {
148 bool b = cast<lval::ConcreteInt>(Cond).getValue() != 0;
149 isFeasible = b ? Assumption : !Assumption;
150 return St;
151 }
152 } // end switch
153}
154
155const GRState*
156BasicConstraintManager::Assume(const GRState* St, NonLVal Cond, bool Assumption,
157 bool& isFeasible) {
158 St = AssumeAux(St, Cond, Assumption, isFeasible);
159 // TF->EvalAssume() does nothing now.
160 return St;
161}
162
163const GRState*
164BasicConstraintManager::AssumeAux(const GRState* St,NonLVal Cond,
165 bool Assumption, bool& isFeasible) {
166 BasicValueFactory& BasicVals = StateMgr.getBasicVals();
167 SymbolManager& SymMgr = StateMgr.getSymbolManager();
168
169 switch (Cond.getSubKind()) {
170 default:
171 assert(false && "'Assume' not implemented for this NonLVal");
172
173 case nonlval::SymbolValKind: {
174 nonlval::SymbolVal& SV = cast<nonlval::SymbolVal>(Cond);
175 SymbolID sym = SV.getSymbol();
176
177 if (Assumption)
178 return AssumeSymNE(St, sym, BasicVals.getValue(0, SymMgr.getType(sym)),
179 isFeasible);
180 else
181 return AssumeSymEQ(St, sym, BasicVals.getValue(0, SymMgr.getType(sym)),
182 isFeasible);
183 }
184
185 case nonlval::SymIntConstraintValKind:
186 return
187 AssumeSymInt(St, Assumption,
188 cast<nonlval::SymIntConstraintVal>(Cond).getConstraint(),
189 isFeasible);
190
191 case nonlval::ConcreteIntKind: {
192 bool b = cast<nonlval::ConcreteInt>(Cond).getValue() != 0;
193 isFeasible = b ? Assumption : !Assumption;
194 return St;
195 }
196
197 case nonlval::LValAsIntegerKind:
198 return AssumeAux(St, cast<nonlval::LValAsInteger>(Cond).getLVal(),
199 Assumption, isFeasible);
200 } // end switch
201}
202
203const GRState*
204BasicConstraintManager::AssumeSymInt(const GRState* St, bool Assumption,
205 const SymIntConstraint& C, bool& isFeasible) {
206
207 switch (C.getOpcode()) {
208 default:
209 // No logic yet for other operators.
210 isFeasible = true;
211 return St;
212
213 case BinaryOperator::EQ:
214 if (Assumption)
215 return AssumeSymEQ(St, C.getSymbol(), C.getInt(), isFeasible);
216 else
217 return AssumeSymNE(St, C.getSymbol(), C.getInt(), isFeasible);
218
219 case BinaryOperator::NE:
220 if (Assumption)
221 return AssumeSymNE(St, C.getSymbol(), C.getInt(), isFeasible);
222 else
223 return AssumeSymEQ(St, C.getSymbol(), C.getInt(), isFeasible);
224
225 case BinaryOperator::GE:
226 if (Assumption)
227 return AssumeSymGE(St, C.getSymbol(), C.getInt(), isFeasible);
228 else
229 return AssumeSymLT(St, C.getSymbol(), C.getInt(), isFeasible);
230
Ted Kremenek8c3e7fb2008-09-16 23:24:45 +0000[diff] [blame^]231 case BinaryOperator::LT:
232 if (Assumption)
233 return AssumeSymLT(St, C.getSymbol(), C.getInt(), isFeasible);
234 else
235 return AssumeSymGE(St, C.getSymbol(), C.getInt(), isFeasible);
236
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]237 case BinaryOperator::LE:
238 if (Assumption)
239 return AssumeSymLE(St, C.getSymbol(), C.getInt(), isFeasible);
240 else
241 return AssumeSymGT(St, C.getSymbol(), C.getInt(), isFeasible);
242 } // end switch
243}
244
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]245
246
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]247const GRState*
248BasicConstraintManager::AssumeSymNE(const GRState* St, SymbolID sym,
249 const llvm::APSInt& V, bool& isFeasible) {
250 // First, determine if sym == X, where X != V.
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]251 if (const llvm::APSInt* X = getSymVal(St, sym)) {
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]252 isFeasible = (*X != V);
253 return St;
254 }
255
256 // Second, determine if sym != V.
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]257 if (isNotEqual(St, sym, V)) {
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]258 isFeasible = true;
259 return St;
260 }
261
262 // If we reach here, sym is not a constant and we don't know if it is != V.
263 // Make that assumption.
264 isFeasible = true;
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]265 return AddNE(St, sym, V);
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]266}
267
268const GRState*
269BasicConstraintManager::AssumeSymEQ(const GRState* St, SymbolID sym,
270 const llvm::APSInt& V, bool& isFeasible) {
271 // First, determine if sym == X, where X != V.
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]272 if (const llvm::APSInt* X = getSymVal(St, sym)) {
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]273 isFeasible = *X == V;
274 return St;
275 }
276
277 // Second, determine if sym != V.
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]278 if (isNotEqual(St, sym, V)) {
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]279 isFeasible = false;
280 return St;
281 }
282
283 // If we reach here, sym is not a constant and we don't know if it is == V.
284 // Make that assumption.
285
286 isFeasible = true;
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]287 return AddEQ(St, sym, V);
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]288}
289
290// These logic will be handled in another ConstraintManager.
291const GRState*
292BasicConstraintManager::AssumeSymLT(const GRState* St, SymbolID sym,
293 const llvm::APSInt& V, bool& isFeasible) {
294
295 // FIXME: For now have assuming x < y be the same as assuming sym != V;
296 return AssumeSymNE(St, sym, V, isFeasible);
297}
298
299const GRState*
300BasicConstraintManager::AssumeSymGT(const GRState* St, SymbolID sym,
301 const llvm::APSInt& V, bool& isFeasible) {
302
303 // FIXME: For now have assuming x > y be the same as assuming sym != V;
304 return AssumeSymNE(St, sym, V, isFeasible);
305}
306
307const GRState*
308BasicConstraintManager::AssumeSymGE(const GRState* St, SymbolID sym,
309 const llvm::APSInt& V, bool& isFeasible) {
310
Ted Kremenek8c3e7fb2008-09-16 23:24:45 +0000[diff] [blame^]311 // Reject a path if the value of sym is a constant X and !(X >= V).
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]312 if (const llvm::APSInt* X = getSymVal(St, sym)) {
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]313 isFeasible = *X >= V;
314 return St;
315 }
316
Ted Kremenek8c3e7fb2008-09-16 23:24:45 +0000[diff] [blame^]317 // sym is not a constant, but it might be not-equal to a constant.
318 // Observe: V >= sym is the same as sym <= V.
319 // check: is sym != V?
320 // check: is sym > V?
321 // if both are true, the path is infeasible.
322
323 if (isNotEqual(St, sym, V)) {
324 // Is sym > V?
325 //
326 // We're not doing heavy range analysis yet, so all we can accurately
327 // reason about are the edge cases.
328 //
329 // If V == 0, since we know that sym != V, we also know that sym > V.
330 isFeasible = V != 0;
331 }
332 else
333 isFeasible = true;
334
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]335 return St;
336}
337
338const GRState*
339BasicConstraintManager::AssumeSymLE(const GRState* St, SymbolID sym,
340 const llvm::APSInt& V, bool& isFeasible) {
341
342 // FIXME: Primitive logic for now. Only reject a path if the value of
343 // sym is a constant X and !(X <= V).
344
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]345 if (const llvm::APSInt* X = getSymVal(St, sym)) {
Zhongxing Xu30ad1672008-08-27 14:03:33 +0000[diff] [blame]346 isFeasible = *X <= V;
347 return St;
348 }
349
350 isFeasible = true;
351 return St;
352}
Zhongxing Xu39cfed32008-08-29 14:52:36 +0000[diff] [blame]353
354static int ConstEqTyIndex = 0;
355static int ConstNotEqTyIndex = 0;
356
357namespace clang {
358 template<>
359 struct GRStateTrait<ConstNotEqTy> : public GRStatePartialTrait<ConstNotEqTy> {
360 static inline void* GDMIndex() { return &ConstNotEqTyIndex; }
361 };
362
363 template<>
364 struct GRStateTrait<ConstEqTy> : public GRStatePartialTrait<ConstEqTy> {
365 static inline void* GDMIndex() { return &ConstEqTyIndex; }
366 };
367}
368
369const GRState* BasicConstraintManager::AddEQ(const GRState* St, SymbolID sym,
370 const llvm::APSInt& V) {
371 // Create a new state with the old binding replaced.
372 GRStateRef state(St, StateMgr);
373 return state.set<ConstEqTy>(sym, &V);
374}
375
376const GRState* BasicConstraintManager::AddNE(const GRState* St, SymbolID sym,
377 const llvm::APSInt& V) {
378 GRState::IntSetTy::Factory ISetFactory(StateMgr.getAllocator());
379 GRStateRef state(St, StateMgr);
380
381 // First, retrieve the NE-set associated with the given symbol.
382 ConstNotEqTy::data_type* T = state.get<ConstNotEqTy>(sym);
383 GRState::IntSetTy S = T ? *T : ISetFactory.GetEmptySet();
384
385
386 // Now add V to the NE set.
387 S = ISetFactory.Add(S, &V);
388
389 // Create a new state with the old binding replaced.
390 return state.set<ConstNotEqTy>(sym, S);
391}
392
393const llvm::APSInt* BasicConstraintManager::getSymVal(const GRState* St,
394 SymbolID sym) {
395 const ConstEqTy::data_type* T = St->get<ConstEqTy>(sym);
396 return T ? *T : NULL;
397}
398
399bool BasicConstraintManager::isNotEqual(const GRState* St, SymbolID sym,
400 const llvm::APSInt& V) const {
401
402 // Retrieve the NE-set associated with the given symbol.
403 const ConstNotEqTy::data_type* T = St->get<ConstNotEqTy>(sym);
404
405 // See if V is present in the NE-set.
406 return T ? T->contains(&V) : false;
407}
408
409bool BasicConstraintManager::isEqual(const GRState* St, SymbolID sym,
410 const llvm::APSInt& V) const {
411 // Retrieve the EQ-set associated with the given symbol.
412 const ConstEqTy::data_type* T = St->get<ConstEqTy>(sym);
413 // See if V is present in the EQ-set.
414 return T ? **T == V : false;
415}
416
417const GRState* BasicConstraintManager::RemoveDeadBindings(const GRState* St,
418 StoreManager::LiveSymbolsTy& LSymbols,
419 StoreManager::DeadSymbolsTy& DSymbols) {
420 GRStateRef state(St, StateMgr);
421 ConstEqTy CE = state.get<ConstEqTy>();
422 ConstEqTy::Factory& CEFactory = state.get_context<ConstEqTy>();
423
424 for (ConstEqTy::iterator I = CE.begin(), E = CE.end(); I!=E; ++I) {
425 SymbolID sym = I.getKey();
426 if (!LSymbols.count(sym)) {
427 DSymbols.insert(sym);
428 CE = CEFactory.Remove(CE, sym);
429 }
430 }
431 state = state.set<ConstEqTy>(CE);
432
433 ConstNotEqTy CNE = state.get<ConstNotEqTy>();
434 ConstNotEqTy::Factory& CNEFactory = state.get_context<ConstNotEqTy>();
435
436 for (ConstNotEqTy::iterator I = CNE.begin(), E = CNE.end(); I != E; ++I) {
437 SymbolID sym = I.getKey();
438 if (!LSymbols.count(sym)) {
439 DSymbols.insert(sym);
440 CNE = CNEFactory.Remove(CNE, sym);
441 }
442 }
443
444 return state.set<ConstNotEqTy>(CNE);
445}
446
447void BasicConstraintManager::print(const GRState* St, std::ostream& Out,
448 const char* nl, const char *sep) {
449 // Print equality constraints.
450
451 ConstEqTy CE = St->get<ConstEqTy>();
452
453 if (!CE.isEmpty()) {
454 Out << nl << sep << "'==' constraints:";
455
456 for (ConstEqTy::iterator I = CE.begin(), E = CE.end(); I!=E; ++I) {
457 Out << nl << " $" << I.getKey();
458 llvm::raw_os_ostream OS(Out);
459 OS << " : " << *I.getData();
460 }
461 }
462
463 // Print != constraints.
464
465 ConstNotEqTy CNE = St->get<ConstNotEqTy>();
466
467 if (!CNE.isEmpty()) {
468 Out << nl << sep << "'!=' constraints:";
469
470 for (ConstNotEqTy::iterator I = CNE.begin(), EI = CNE.end(); I!=EI; ++I) {
471 Out << nl << " $" << I.getKey() << " : ";
472 bool isFirst = true;
473
474 GRState::IntSetTy::iterator J = I.getData().begin(),
475 EJ = I.getData().end();
476
477 for ( ; J != EJ; ++J) {
478 if (isFirst) isFirst = false;
479 else Out << ", ";
480
481 Out << *J;
482 }
483 }
484 }
Daniel Dunbar0e194dd2008-08-30 02:06:22 +0000[diff] [blame]485}