This is an archive of the discontinued LLVM Phabricator instance.

Differential D130270

[clang][dataflow] Use a dedicated bool to encode which branch was taken
Needs RevisionPublic

Authored by samestep on Jul 21 2022, 7:00 AM.

Details

Reviewers
NoQ
ymandel
sgatev
gribozavr2
samestep
Summary

This is a continuation of D129289 using @sgatev's feedback.

This patch attempts to resolve a FIXME in DataflowEnvironment.cpp about merging BoolValues when the two flow conditions are not mutually exclusive. The issue here is that we are using the truth value of each flow condition as a proxy for the idea of whether or not we took that branch, which breaks down on backedges.

To try to resolve the issue, this patch creates one additional AtomicBoolValue to explicitly represent which branch we took, and uses that directly within mergeDistinctValues. As currently written, this doesn't quite seem to work: the JoinBackedge test added by this patch fails both before and after the patch is applied.

Diff Detail

Event Timeline

samestep created this revision.Jul 21 2022, 7:00 AM
Herald added a reviewer: NoQ. · View Herald TranscriptJul 21 2022, 7:00 AM
Herald added a project: Restricted Project. · View Herald Transcript
Herald added subscribers: martong, tschuett, xazax.hun. · View Herald Transcript
samestep requested review of this revision.Jul 21 2022, 7:00 AM
Herald added a project: Restricted Project. · View Herald TranscriptJul 21 2022, 7:00 AM
Herald added a subscriber: cfe-commits. · View Herald Transcript
samestep edited the summary of this revision. (Show Details)Jul 21 2022, 7:02 AM
samestep added reviewers: ymandel, sgatev, gribozavr2.
Harbormaster completed remote builds in B176755: Diff 446481.Jul 21 2022, 7:26 AM
ymandel added inline comments.Jul 22 2022, 7:11 AM
clang/unittests/Analysis/FlowSensitive/DataflowAnalysisContextTest.cpp
439–441

I'm a bit concerned by the need to update this (essentially) unrelated test. It implies the test is depending on implementation details that it shouldn't be concerned with.

Not for this patch, but if you have thoughts on how to simplify this test to do what it needs w/o being tied to the details of how joins work, that would be appreciated. At least, it seems worth a FIXME.

thanks

clang/unittests/Analysis/FlowSensitive/TypeErasedDataflowAnalysisTest.cpp
1202

should we also test the inverse?

EXPECT_FALSE(Env.flowConditionImplies(Env.makeNot(FooVal)));

That is, I would think we want to show that neither is provable.

samestep added inline comments.Jul 22 2022, 7:15 AM
clang/unittests/Analysis/FlowSensitive/DataflowAnalysisContextTest.cpp
439–441

Agreed, this test seems a bit awkward; in this patch I was just focusing on updating it instead of rethinking it.

clang/unittests/Analysis/FlowSensitive/TypeErasedDataflowAnalysisTest.cpp
1202

Sure, that makes sense; if I remember correctly, the inverse of FooVal is indeed not provable already. You're right that it would be good to test both here, though.

gribozavr2 requested changes to this revision.Jul 26 2022, 5:23 AM

Sorry, could you rebase the patch? It does not apply cleanly anymore.

This revision now requires changes to proceed.Jul 26 2022, 5:23 AM
samestep updated this revision to Diff 447656.Jul 26 2022, 5:41 AM

Rebase and add Yitzie's assertion

samestep added a comment.Jul 26 2022, 5:42 AM
In D130270#3679273, @gribozavr2 wrote:

Sorry, could you rebase the patch? It does not apply cleanly anymore.

Done; I didn't see any conflicts when I rebased, but hopefully the issue on your end is resolved now?

Harbormaster completed remote builds in B177583: Diff 447656.Jul 26 2022, 6:06 AM
samestep updated this revision to Diff 448026.Jul 27 2022, 6:30 AM

Rebase

samestep added a comment.Jul 27 2022, 6:30 AM

@gribozavr2 I rebased again, should work now.

Harbormaster completed remote builds in B177851: Diff 448026.Jul 27 2022, 7:16 AM
sgatev accepted this revision.Jul 28 2022, 7:39 AM
sgatev added inline comments.
clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp
103

We should probably pass TookSecondBranch here so that models can also use it in the implementation of merge. Could be in a follow up, but let's leave a FIXME.

samestep updated this revision to Diff 448405.Jul 28 2022, 11:53 AM

Add FIXME about passing TookSecondBranch to merge

clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp
103

FIXME added; thanks!

Harbormaster completed remote builds in B178124: Diff 448405.Jul 28 2022, 1:22 PM
ymandel requested changes to this revision.Sep 9 2022, 10:19 AM

It turns out that this change wasn't necessary. I've deleted the relevant FIXME in https://reviews.llvm.org/rGabc16c7a5b0a63d14172262153608b3d24de957f.

AFAICT, the reason that the new test JoinBackedge fails at HEAD is because we discard the results of analyzing the function body, so the update Foo = false is simply ignored. This hypothesis rests on observing that each block is visited only once during analysis of the test. It's also consistent with the known (broken) behavior of our comparison operator. Interestingly, this is a nicely stark illustration of the unsoundness of our current approach. :( So, this test will be useful in the future when add proper widening.

This revision now requires changes to proceed.Sep 9 2022, 10:19 AM
samestep accepted this revision.Sep 9 2022, 10:21 AM

@ymandel Huh, interesting! I'll go ahead and abandon this patch, then?

ymandel added a comment.Sep 9 2022, 10:37 AM
In D130270#3780705, @samestep wrote:

@ymandel Huh, interesting! I'll go ahead and abandon this patch, then?

Please. Sorry I didn't catch this earlier!

Revision Contents

PathSize
clang/
include/
clang/
Analysis/
FlowSensitive/
10 lines
lib/
Analysis/
FlowSensitive/
10 lines
19 lines
unittests/
Analysis/
FlowSensitive/
48 lines
29 lines

Diff 447656

clang/include/clang/Analysis/FlowSensitive/DataflowAnalysisContext.h

Show First 20 LinesShow All 206 Lines▼ Show 20 Linespublic:
/// Adds `Constraint` to the flow condition identified by `Token`. /// Adds `Constraint` to the flow condition identified by `Token`.
void addFlowConditionConstraint(AtomicBoolValue &Token, void addFlowConditionConstraint(AtomicBoolValue &Token,
BoolValue &Constraint); BoolValue &Constraint);
/// Creates a new flow condition with the same constraints as the flow /// Creates a new flow condition with the same constraints as the flow
/// condition identified by `Token` and returns its token. /// condition identified by `Token` and returns its token.
AtomicBoolValue &forkFlowCondition(AtomicBoolValue &Token); AtomicBoolValue &forkFlowCondition(AtomicBoolValue &Token);
/// Creates a new flow condition that represents the disjunction of the flow /// Creates and returns a token for a new flow condition asserting that if
/// conditions identified by `FirstToken` and `SecondToken`, and returns its /// `TookSecondBranch` is false then the flow condition identified by
/// token. /// `FirstToken` is true, and if `TookSecondBranch` is true then the flow
/// condition identified by `SecondToken` is true.
AtomicBoolValue &joinFlowConditions(AtomicBoolValue &FirstToken, AtomicBoolValue &joinFlowConditions(AtomicBoolValue &FirstToken,
AtomicBoolValue &SecondToken); AtomicBoolValue &SecondToken,
AtomicBoolValue &TookSecondBranch);
// FIXME: This function returns the flow condition expressed directly as its // FIXME: This function returns the flow condition expressed directly as its
// constraints: (C1 AND C2 AND ...). This differs from the general approach in // constraints: (C1 AND C2 AND ...). This differs from the general approach in
// the framework where a flow condition is represented as a token (an atomic // the framework where a flow condition is represented as a token (an atomic
// boolean) with dependencies and constraints tracked in `FlowConditionDeps` // boolean) with dependencies and constraints tracked in `FlowConditionDeps`
// and `FlowConditionConstraints`: (FC <=> C1 AND C2 AND ...). // and `FlowConditionConstraints`: (FC <=> C1 AND C2 AND ...).
// Consider if we should make the representation of flow condition consistent, // Consider if we should make the representation of flow condition consistent,
// returning an atomic boolean token with separate constraints instead. // returning an atomic boolean token with separate constraints instead.
▲ Show 20 LinesShow All 137 LinesShow Last 20 Lines

clang/lib/Analysis/FlowSensitive/DataflowAnalysisContext.cpp

Show First 20 LinesShow All 141 Lines▼ Show 20 LinesDataflowAnalysisContext::forkFlowCondition(AtomicBoolValue &Token) {
auto &ForkToken = makeFlowConditionToken(); auto &ForkToken = makeFlowConditionToken();
FlowConditionDeps[&ForkToken].insert(&Token); FlowConditionDeps[&ForkToken].insert(&Token);
addFlowConditionConstraint(ForkToken, Token); addFlowConditionConstraint(ForkToken, Token);
return ForkToken; return ForkToken;
} }
AtomicBoolValue & AtomicBoolValue &
DataflowAnalysisContext::joinFlowConditions(AtomicBoolValue &FirstToken, DataflowAnalysisContext::joinFlowConditions(AtomicBoolValue &FirstToken,
AtomicBoolValue &SecondToken) { AtomicBoolValue &SecondToken,
AtomicBoolValue &TookSecondBranch) {
auto &Token = makeFlowConditionToken(); auto &Token = makeFlowConditionToken();
FlowConditionDeps[&Token].insert(&FirstToken); FlowConditionDeps[&Token].insert(&FirstToken);
FlowConditionDeps[&Token].insert(&SecondToken); FlowConditionDeps[&Token].insert(&SecondToken);
addFlowConditionConstraint(Token, addFlowConditionConstraint(
getOrCreateDisjunction(FirstToken, SecondToken)); Token, getOrCreateDisjunction(
getOrCreateConjunction(getOrCreateNegation(TookSecondBranch),
FirstToken),
getOrCreateConjunction(TookSecondBranch, SecondToken)));
return Token; return Token;
} }
Solver::Result Solver::Result
DataflowAnalysisContext::querySolver(llvm::DenseSet<BoolValue *> Constraints) { DataflowAnalysisContext::querySolver(llvm::DenseSet<BoolValue *> Constraints) {
Constraints.insert(&getBoolLiteralValue(true)); Constraints.insert(&getBoolLiteralValue(true));
Constraints.insert(&getOrCreateNegation(getBoolLiteralValue(false))); Constraints.insert(&getOrCreateNegation(getBoolLiteralValue(false)));
return S->solve(std::move(Constraints)); return S->solve(std::move(Constraints));
▲ Show 20 LinesShow All 190 LinesShow Last 20 Lines

clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp

Show First 20 LinesShow All 71 Lines▼ Show 20 Lines
/// Attempts to merge distinct values `Val1` and `Val2` in `Env1` and `Env2`, /// Attempts to merge distinct values `Val1` and `Val2` in `Env1` and `Env2`,
/// respectively, of the same type `Type`. Merging generally produces a single /// respectively, of the same type `Type`. Merging generally produces a single
/// value that (soundly) approximates the two inputs, although the actual /// value that (soundly) approximates the two inputs, although the actual
/// meaning depends on `Model`. /// meaning depends on `Model`.
static Value *mergeDistinctValues(QualType Type, Value *Val1, static Value *mergeDistinctValues(QualType Type, Value *Val1,
const Environment &Env1, Value *Val2, const Environment &Env1, Value *Val2,
const Environment &Env2, const Environment &Env2,
Environment &MergedEnv, Environment &MergedEnv,
Environment::ValueModel &Model) { Environment::ValueModel &Model,
AtomicBoolValue &TookSecondBranch) {
// Join distinct boolean values preserving information about the constraints // Join distinct boolean values preserving information about the constraints
// in the respective path conditions. // in the respective path conditions.
//
// FIXME: Does not work for backedges, since the two (or more) paths will not
// have mutually exclusive conditions.
if (auto *Expr1 = dyn_cast<BoolValue>(Val1)) { if (auto *Expr1 = dyn_cast<BoolValue>(Val1)) {
auto *Expr2 = cast<BoolValue>(Val2); auto *Expr2 = cast<BoolValue>(Val2);
auto &MergedVal = MergedEnv.makeAtomicBoolValue(); auto &MergedVal = MergedEnv.makeAtomicBoolValue();
MergedEnv.addToFlowCondition(MergedEnv.makeOr( MergedEnv.addToFlowCondition(MergedEnv.makeOr(
MergedEnv.makeAnd(Env1.getFlowConditionToken(), MergedEnv.makeAnd(MergedEnv.makeNot(TookSecondBranch),
MergedEnv.makeIff(MergedVal, *Expr1)), MergedEnv.makeIff(MergedVal, *Expr1)),
MergedEnv.makeAnd(Env2.getFlowConditionToken(), MergedEnv.makeAnd(TookSecondBranch,
MergedEnv.makeIff(MergedVal, *Expr2)))); MergedEnv.makeIff(MergedVal, *Expr2))));
return &MergedVal; return &MergedVal;
} }
// FIXME: add unit tests that cover this statement. // FIXME: add unit tests that cover this statement.
if (areEquivalentIndirectionValues(Val1, Val2)) { if (areEquivalentIndirectionValues(Val1, Val2)) {
return Val1; return Val1;
} }
// FIXME: Consider destroying `MergedValue` immediately if `ValueModel::merge` // FIXME: Consider destroying `MergedValue` immediately if `ValueModel::merge`
// returns false to avoid storing unneeded values in `DACtx`. // returns false to avoid storing unneeded values in `DACtx`.
if (Value *MergedVal = MergedEnv.createValue(Type)) if (Value *MergedVal = MergedEnv.createValue(Type))
if (Model.merge(Type, *Val1, Env1, *Val2, Env2, *MergedVal, MergedEnv)) if (Model.merge(Type, *Val1, Env1, *Val2, Env2, *MergedVal, MergedEnv))
sgatevUnsubmitted
Not Done
ReplyInline Actions

We should probably pass TookSecondBranch here so that models can also use it in the implementation of merge. Could be in a follow up, but let's leave a FIXME.

sgatev: We should probably pass `TookSecondBranch` here so that models can also use it in the…
samestepAuthorUnsubmitted
Done
ReplyInline Actions

FIXME added; thanks!

samestep: FIXME added; thanks!
return MergedVal; return MergedVal;
return nullptr; return nullptr;
} }
/// Initializes a global storage value. /// Initializes a global storage value.
static void initGlobalVar(const VarDecl &D, Environment &Env) { static void initGlobalVar(const VarDecl &D, Environment &Env) {
if (!D.hasGlobalStorage() || if (!D.hasGlobalStorage() ||
▲ Show 20 LinesShow All 132 Lines▼ Show 20 LinesLatticeJoinEffect Environment::join(const Environment &Other,
if (ExprToLoc.size() != JoinedEnv.ExprToLoc.size()) if (ExprToLoc.size() != JoinedEnv.ExprToLoc.size())
Effect = LatticeJoinEffect::Changed; Effect = LatticeJoinEffect::Changed;
JoinedEnv.MemberLocToStruct = JoinedEnv.MemberLocToStruct =
intersectDenseMaps(MemberLocToStruct, Other.MemberLocToStruct); intersectDenseMaps(MemberLocToStruct, Other.MemberLocToStruct);
if (MemberLocToStruct.size() != JoinedEnv.MemberLocToStruct.size()) if (MemberLocToStruct.size() != JoinedEnv.MemberLocToStruct.size())
Effect = LatticeJoinEffect::Changed; Effect = LatticeJoinEffect::Changed;
auto &TookSecondBranch = DACtx->createAtomicBoolValue();
// FIXME: set `Effect` as needed. // FIXME: set `Effect` as needed.
JoinedEnv.FlowConditionToken = &DACtx->joinFlowConditions( JoinedEnv.FlowConditionToken = &DACtx->joinFlowConditions(
*FlowConditionToken, *Other.FlowConditionToken); *FlowConditionToken, *Other.FlowConditionToken, TookSecondBranch);
for (auto &Entry : LocToVal) { for (auto &Entry : LocToVal) {
const StorageLocation *Loc = Entry.first; const StorageLocation *Loc = Entry.first;
assert(Loc != nullptr); assert(Loc != nullptr);
Value *Val = Entry.second; Value *Val = Entry.second;
assert(Val != nullptr); assert(Val != nullptr);
auto It = Other.LocToVal.find(Loc); auto It = Other.LocToVal.find(Loc);
if (It == Other.LocToVal.end()) if (It == Other.LocToVal.end())
continue; continue;
assert(It->second != nullptr); assert(It->second != nullptr);
if (Val == It->second) { if (Val == It->second) {
JoinedEnv.LocToVal.insert({Loc, Val}); JoinedEnv.LocToVal.insert({Loc, Val});
continue; continue;
} }
if (Value *MergedVal = mergeDistinctValues( if (Value *MergedVal =
Loc->getType(), Val, *this, It->second, Other, JoinedEnv, Model)) mergeDistinctValues(Loc->getType(), Val, *this, It->second, Other,
JoinedEnv, Model, TookSecondBranch))
JoinedEnv.LocToVal.insert({Loc, MergedVal}); JoinedEnv.LocToVal.insert({Loc, MergedVal});
} }
if (LocToVal.size() != JoinedEnv.LocToVal.size()) if (LocToVal.size() != JoinedEnv.LocToVal.size())
Effect = LatticeJoinEffect::Changed; Effect = LatticeJoinEffect::Changed;
*this = std::move(JoinedEnv); *this = std::move(JoinedEnv);
return Effect; return Effect;
▲ Show 20 LinesShow All 234 LinesShow Last 20 Lines

clang/unittests/Analysis/FlowSensitive/DataflowAnalysisContextTest.cpp

Show First 20 LinesShow All 173 Lines▼ Show 20 LinesTEST_F(DataflowAnalysisContextTest, JoinFlowConditions) {
auto &FC1 = Context.makeFlowConditionToken(); auto &FC1 = Context.makeFlowConditionToken();
Context.addFlowConditionConstraint(FC1, C1); Context.addFlowConditionConstraint(FC1, C1);
Context.addFlowConditionConstraint(FC1, C3); Context.addFlowConditionConstraint(FC1, C3);
auto &FC2 = Context.makeFlowConditionToken(); auto &FC2 = Context.makeFlowConditionToken();
Context.addFlowConditionConstraint(FC2, C2); Context.addFlowConditionConstraint(FC2, C2);
Context.addFlowConditionConstraint(FC2, C3); Context.addFlowConditionConstraint(FC2, C3);
auto &FC3 = Context.joinFlowConditions(FC1, FC2); auto &B = Context.createAtomicBoolValue();
auto &FC3 = Context.joinFlowConditions(FC1, FC2, B);
EXPECT_FALSE(Context.flowConditionImplies(FC3, C1)); EXPECT_FALSE(Context.flowConditionImplies(FC3, C1));
EXPECT_FALSE(Context.flowConditionImplies(FC3, C2)); EXPECT_FALSE(Context.flowConditionImplies(FC3, C2));
EXPECT_TRUE(Context.flowConditionImplies(FC3, C3)); EXPECT_TRUE(Context.flowConditionImplies(FC3, C3));
} }
TEST_F(DataflowAnalysisContextTest, FlowConditionTautologies) { TEST_F(DataflowAnalysisContextTest, FlowConditionTautologies) {
// Fresh flow condition with empty/no constraints is always true. // Fresh flow condition with empty/no constraints is always true.
auto &FC1 = Context.makeFlowConditionToken(); auto &FC1 = Context.makeFlowConditionToken();
▲ Show 20 LinesShow All 239 Lines▼ Show 20 LinesTEST_F(DataflowAnalysisContextTest, SubstituteFlowConditionsJoinedFC) {
auto &False = Context.getBoolLiteralValue(false); auto &False = Context.getBoolLiteralValue(false);
// FC1 = X // FC1 = X
auto &FC1 = Context.makeFlowConditionToken(); auto &FC1 = Context.makeFlowConditionToken();
Context.addFlowConditionConstraint(FC1, X); Context.addFlowConditionConstraint(FC1, X);
// FC2 = Y // FC2 = Y
auto &FC2 = Context.makeFlowConditionToken(); auto &FC2 = Context.makeFlowConditionToken();
Context.addFlowConditionConstraint(FC2, Y); Context.addFlowConditionConstraint(FC2, Y);
// JoinedFC = (FC1 || FC2) && Z = (X || Y) && Z // JoinedFC = ((!B && FC1) || (B && FC2)) && Z = ((!B && X) || (B && Y)) && Z
auto &JoinedFC = Context.joinFlowConditions(FC1, FC2); auto &B = Context.createAtomicBoolValue();
auto &JoinedFC = Context.joinFlowConditions(FC1, FC2, B);
ymandelUnsubmitted
Not Done
ReplyInline Actions

I'm a bit concerned by the need to update this (essentially) unrelated test. It implies the test is depending on implementation details that it shouldn't be concerned with.

Not for this patch, but if you have thoughts on how to simplify this test to do what it needs w/o being tied to the details of how joins work, that would be appreciated. At least, it seems worth a FIXME.

thanks

ymandel: I'm a bit concerned by the need to update this (essentially) unrelated test. It implies the…
samestepAuthorUnsubmitted
Done
ReplyInline Actions

Agreed, this test seems a bit awkward; in this patch I was just focusing on updating it instead of rethinking it.

samestep: Agreed, this test seems a bit awkward; in this patch I was just focusing on updating it instead…
Context.addFlowConditionConstraint(JoinedFC, Z); Context.addFlowConditionConstraint(JoinedFC, Z);
// If any of X, Y is true in JoinedFC, JoinedFC = (X || Y) && Z is equivalent // If any of (!B && X), (B && Y) is true in JoinedFC,
// to evaluating the remaining Z // JoinedFC = ((!B && X) || (B && Y)) && Z is equivalent to evaluating the
auto &JoinedFCWithXTrue = // remaining Z
Context.buildAndSubstituteFlowCondition(JoinedFC, {{&X, &True}}); auto &JoinedFCWithXTrue = Context.buildAndSubstituteFlowCondition(
auto &JoinedFCWithYTrue = JoinedFC, {{&B, &False}, {&X, &True}});
Context.buildAndSubstituteFlowCondition(JoinedFC, {{&Y, &True}}); auto &JoinedFCWithYTrue = Context.buildAndSubstituteFlowCondition(
JoinedFC, {{&B, &True}, {&Y, &True}});
EXPECT_TRUE(Context.equivalentBoolValues(JoinedFCWithXTrue, Z)); EXPECT_TRUE(Context.equivalentBoolValues(JoinedFCWithXTrue, Z));
EXPECT_TRUE(Context.equivalentBoolValues(JoinedFCWithYTrue, Z)); EXPECT_TRUE(Context.equivalentBoolValues(JoinedFCWithYTrue, Z));
// If Z is true in JoinedFC, JoinedFC = (X || Y) && Z is equivalent to // If Z is true in JoinedFC, JoinedFC = ((!B && X) || (B && Y)) && Z is
// evaluating the remaining disjunction (X || Y) // equivalent to evaluating the remaining disjunction ((!B && X) || (B && Y))
auto &JoinedFCWithZTrue = auto &JoinedFCWithZTrue =
Context.buildAndSubstituteFlowCondition(JoinedFC, {{&Z, &True}}); Context.buildAndSubstituteFlowCondition(JoinedFC, {{&Z, &True}});
EXPECT_TRUE(Context.equivalentBoolValues( EXPECT_TRUE(Context.equivalentBoolValues(
JoinedFCWithZTrue, Context.getOrCreateDisjunction(X, Y))); JoinedFCWithZTrue,
Context.getOrCreateDisjunction(
// If any of X, Y is false in JoinedFC, JoinedFC = (X || Y) && Z is equivalent Context.getOrCreateConjunction(Context.getOrCreateNegation(B), X),
// to evaluating the conjunction of the other value and Z Context.getOrCreateConjunction(B, Y))));
// If any of X, Y is false in JoinedFC,
// JoinedFC = ((!B && X) || (B && Y)) && Z is equivalent to evaluating the
// conjunction of the other disjunct and Z
auto &JoinedFCWithXFalse = auto &JoinedFCWithXFalse =
Context.buildAndSubstituteFlowCondition(JoinedFC, {{&X, &False}}); Context.buildAndSubstituteFlowCondition(JoinedFC, {{&X, &False}});
auto &JoinedFCWithYFalse = auto &JoinedFCWithYFalse =
Context.buildAndSubstituteFlowCondition(JoinedFC, {{&Y, &False}}); Context.buildAndSubstituteFlowCondition(JoinedFC, {{&Y, &False}});
EXPECT_TRUE(Context.equivalentBoolValues( EXPECT_TRUE(Context.equivalentBoolValues(
JoinedFCWithXFalse, Context.getOrCreateConjunction(Y, Z))); JoinedFCWithXFalse,
Context.getOrCreateConjunction(Context.getOrCreateConjunction(B, Y), Z)));
EXPECT_TRUE(Context.equivalentBoolValues( EXPECT_TRUE(Context.equivalentBoolValues(
JoinedFCWithYFalse, Context.getOrCreateConjunction(X, Z))); JoinedFCWithYFalse,
Context.getOrCreateConjunction(
Context.getOrCreateConjunction(Context.getOrCreateNegation(B), X),
Z)));
// If Z is false in JoinedFC, JoinedFC = (X || Y) && Z must be false // If Z is false in JoinedFC, JoinedFC = ((!B && X) || (B && Y)) && Z must be
// false
auto &JoinedFCWithZFalse = auto &JoinedFCWithZFalse =
Context.buildAndSubstituteFlowCondition(JoinedFC, {{&Z, &False}}); Context.buildAndSubstituteFlowCondition(JoinedFC, {{&Z, &False}});
EXPECT_TRUE(Context.equivalentBoolValues(JoinedFCWithZFalse, False)); EXPECT_TRUE(Context.equivalentBoolValues(JoinedFCWithZFalse, False));
} }
} // namespace } // namespace

clang/unittests/Analysis/FlowSensitive/TypeErasedDataflowAnalysisTest.cpp

Show First 20 LinesShow All 1,169 Lines▼ Show 20 Lines runDataflow(
const Environment &Env2 = Results[0].second.Env; const Environment &Env2 = Results[0].second.Env;
auto &FooVal2 = auto &FooVal2 =
*cast<BoolValue>(Env2.getValue(*FooDecl, SkipPast::Reference)); *cast<BoolValue>(Env2.getValue(*FooDecl, SkipPast::Reference));
EXPECT_FALSE(Env2.flowConditionImplies(FooVal2)); EXPECT_FALSE(Env2.flowConditionImplies(FooVal2));
}); });
} }
TEST_F(FlowConditionTest, JoinBackedge) {
std::string Code = R"(
void target(bool Cond) {
bool Foo = true;
while (true) {
(void)0;
// [[p]]
Foo = false;
}
}
)";
runDataflow(
Code, [](llvm::ArrayRef<
std::pair<std::string, DataflowAnalysisState<NoopLattice>>>
Results,
ASTContext &ASTCtx) {
ASSERT_THAT(Results, ElementsAre(Pair("p", _)));
const Environment &Env = Results[0].second.Env;
const ValueDecl *FooDecl = findValueDecl(ASTCtx, "Foo");
ASSERT_THAT(FooDecl, NotNull());
auto &FooVal = *cast<BoolValue>(Env.getValue(*FooDecl, SkipPast::None));
EXPECT_FALSE(Env.flowConditionImplies(FooVal));
ymandelUnsubmitted
Not Done
ReplyInline Actions

should we also test the inverse?

EXPECT_FALSE(Env.flowConditionImplies(Env.makeNot(FooVal)));

That is, I would think we want to show that neither is provable.

ymandel: should we also test the inverse? ``` EXPECT_FALSE(Env.flowConditionImplies(Env.makeNot…
samestepAuthorUnsubmitted
Done
ReplyInline Actions

Sure, that makes sense; if I remember correctly, the inverse of FooVal is indeed not provable already. You're right that it would be good to test both here, though.

samestep: Sure, that makes sense; if I remember correctly, the inverse of `FooVal` is indeed not provable…
EXPECT_FALSE(Env.flowConditionImplies(Env.makeNot(FooVal)));
});
}
} // namespace } // namespace