This is an archive of the discontinued LLVM Phabricator instance.

Differential D130726

[clang][dataflow] Handle multiple context-sensitive calls to the same function
ClosedPublic

Authored by samestep on Jul 28 2022, 12:27 PM.

Details

Reviewers
NoQ
ymandel
gribozavr2
sgatev
li.zhe.hua
xazax.hun
Commits
rGa6ddc6848782: [clang][dataflow] Handle multiple context-sensitive calls to the same function
Summary

This patch enables context-sensitive analysis of multiple different calls to the same function (see the ContextSensitiveSetBothTrueAndFalse example in the TransferTest suite) by replacing the Environment copy-assignment with a call to the new popCall method, which std::moves some fields but specifically does not move DeclToLoc and ExprToLoc from the callee back to the caller.

To enable this, the StorageLocation for a given parameter needs to be stable across different calls to the same function, so this patch also improves the modeling of parameter initialization, using ReferenceValue when necessary (for arguments passed by reference).

This approach explicitly does not work for recursive calls, because we currently only plan to use this context-sensitive machinery to support specialized analysis models we write, not analysis of arbitrary callees.

Diff Detail

Event Timeline

samestep created this revision.Jul 28 2022, 12:27 PM
Herald added a reviewer: NoQ. · View Herald TranscriptJul 28 2022, 12:27 PM
Herald added a project: Restricted Project. · View Herald Transcript
Herald added subscribers: martong, tschuett, xazax.hun. · View Herald Transcript
samestep requested review of this revision.Jul 28 2022, 12:27 PM
Herald added a project: Restricted Project. · View Herald TranscriptJul 28 2022, 12:27 PM
Herald added a subscriber: cfe-commits. · View Herald Transcript
samestep mentioned this in D130593: [clang][dataflow] Separate context by frame.Jul 28 2022, 12:28 PM
samestep edited the summary of this revision. (Show Details)Jul 28 2022, 12:42 PM
samestep added reviewers: ymandel, gribozavr2, sgatev, li.zhe.hua.
samestep added a reviewer: xazax.hun.Jul 28 2022, 12:48 PM
Herald added a subscriber: rnkovacs. · View Herald TranscriptJul 28 2022, 12:48 PM
ymandel added a comment.Jul 28 2022, 12:57 PM

Looks great!

clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp
225

maybe mention in the patch description that it also improves the modeling of parameter initialization?

234

Add an else that calls createValue on the decl's type, and then sets it, like VisitDeclStmt?

247

Maybe add something like "Conceptually, these maps capture information from the local scope, so when popping that scope, we do not propagate the maps".

clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
3963

Are there more scenarios testable at this point? e.g

  1. 2 layers of callees
  2. more than one line of code inside the body?
  3. one than one CFG block in the body?

If so, please add tests for those that are supported.

Harbormaster completed remote builds in B178130: Diff 448415.Jul 28 2022, 1:39 PM
samestep edited the summary of this revision. (Show Details)Jul 28 2022, 2:11 PM
samestep added inline comments.
clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp
225

Good point; done.

234

Ah yes, I meant to do this before but forgot; will do that now.

clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
3963
  1. This currently isn't supported.
  2. This should work.
  3. This should work.

For (2) and (3), should I add those tests now, or do that in a followup patch?

samestep updated this revision to Diff 448438.Jul 28 2022, 2:19 PM

Address some of Yitzie's comments

ymandel added inline comments.Jul 28 2022, 2:44 PM
clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
3963
  1. This currently isn't supported.

What's limiting us here? Just curious, not asking you to update the comments, etc.

  1. This should work.
  2. This should work.

For (2) and (3), should I add those tests now, or do that in a followup patch?

may as well add them now. thx

3963
  1. This currently isn't supported.
  2. This should work.
  3. This should work.

For (2) and (3), should I add those tests now, or do that in a followup patch?

Harbormaster completed remote builds in B178149: Diff 448438.Jul 28 2022, 3:46 PM
samestep added inline comments.Jul 29 2022, 6:32 AM
clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
3963

What's limiting us here? Just curious, not asking you to update the comments, etc.

Nothing's really limiting us; all I meant was that currently we don't turn on context-sensitivity for the sub-analysis when we analyze the callee, and I don't want to turn that on until I've added support both for limiting the depth and for selecting the set of symbols to analyze using an allowlist.

xazax.hun accepted this revision.EditedJul 29 2022, 9:54 AM

I'd love to see some comments in the source code to make sure one will not use these facilities for other purposes that would not work. Alternatively, ContextSensitive option could be renamed to NonRecursiveContextSensitive.

clang/lib/Analysis/FlowSensitive/Transfer.cpp
512–513

Since we do not support recursion (and only do inlining with the depth of one), I think we should have a check here to avoid a inlining recursive call.

This revision is now accepted and ready to land.Jul 29 2022, 9:54 AM
samestep updated this revision to Diff 448698.Jul 29 2022, 12:19 PM

Add more comments and tests

xazax.hun accepted this revision.Jul 29 2022, 12:35 PM
ymandel accepted this revision.Jul 29 2022, 12:37 PM

Nice work!

This revision was landed with ongoing or failed builds.Jul 29 2022, 12:40 PM
Closed by commit rGa6ddc6848782: [clang][dataflow] Handle multiple context-sensitive calls to the same function (authored by samestep). · Explain Why
This revision was automatically updated to reflect the committed changes.
samestep added a commit: rGa6ddc6848782: [clang][dataflow] Handle multiple context-sensitive calls to the same function.
Harbormaster completed remote builds in B178335: Diff 448698.Jul 29 2022, 12:47 PM
sgatev added inline comments.Aug 3 2022, 10:50 PM
clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp
250

Does std::move help here? CalleeEnv is a const reference.

Revision Contents

PathSize
clang/
include/
clang/
Analysis/
FlowSensitive/
4 lines
5 lines
lib/
Analysis/
FlowSensitive/
36 lines
6 lines
unittests/
Analysis/
FlowSensitive/
161 lines

Diff 448703

clang/include/clang/Analysis/FlowSensitive/DataflowEnvironment.h

Show First 20 LinesShow All 137 Lines▼ Show 20 Linespublic:
/// ///
/// The body of the callee must not reference globals. /// The body of the callee must not reference globals.
/// ///
/// The arguments of `Call` must map 1:1 to the callee's parameters. /// The arguments of `Call` must map 1:1 to the callee's parameters.
/// ///
/// Each argument of `Call` must already have a `StorageLocation`. /// Each argument of `Call` must already have a `StorageLocation`.
Environment pushCall(const CallExpr *Call) const; Environment pushCall(const CallExpr *Call) const;
/// Moves gathered information back into `this` from a `CalleeEnv` created via
/// `pushCall`.
void popCall(const Environment &CalleeEnv);
/// Returns true if and only if the environment is equivalent to `Other`, i.e /// Returns true if and only if the environment is equivalent to `Other`, i.e
/// the two environments: /// the two environments:
/// - have the same mappings from declarations to storage locations, /// - have the same mappings from declarations to storage locations,
/// - have the same mappings from expressions to storage locations, /// - have the same mappings from expressions to storage locations,
/// - have the same or equivalent (according to `Model`) values assigned to /// - have the same or equivalent (according to `Model`) values assigned to
/// the same storage locations. /// the same storage locations.
/// ///
/// Requirements: /// Requirements:
▲ Show 20 LinesShow All 234 LinesShow Last 20 Lines

clang/include/clang/Analysis/FlowSensitive/Transfer.h

Show All 16 Lines
#include "clang/AST/Stmt.h" #include "clang/AST/Stmt.h"
#include "clang/Analysis/FlowSensitive/DataflowEnvironment.h" #include "clang/Analysis/FlowSensitive/DataflowEnvironment.h"
namespace clang { namespace clang {
namespace dataflow { namespace dataflow {
struct TransferOptions { struct TransferOptions {
/// Determines whether to analyze function bodies when present in the /// Determines whether to analyze function bodies when present in the
/// translation unit. /// translation unit. Note: this is currently only meant to be used for
/// inlining of specialized model code, not for context-sensitive analysis of
/// arbitrary subject code. In particular, some fundamentals such as recursion
/// are explicitly unsupported.
bool ContextSensitive = false; bool ContextSensitive = false;
}; };
/// Maps statements to the environments of basic blocks that contain them. /// Maps statements to the environments of basic blocks that contain them.
class StmtToEnvMap { class StmtToEnvMap {
public: public:
virtual ~StmtToEnvMap() = default; virtual ~StmtToEnvMap() = default;
Show All 18 Lines

clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp

Show First 20 LinesShow All 197 Lines▼ Show 20 Lines if (MethodDecl && !MethodDecl->isStatic()) {
} }
} }
} }
} }
Environment Environment::pushCall(const CallExpr *Call) const { Environment Environment::pushCall(const CallExpr *Call) const {
Environment Env(*this); Environment Env(*this);
// FIXME: Currently this only works if the callee is never a method and the
// same callee is never analyzed from multiple separate callsites. To
// generalize this, we'll need to store a "context" field (probably a stack of
// `const CallExpr *`s) in the `Environment`, and then change the
// `DataflowAnalysisContext` class to hold a map from contexts to "frames",
// where each frame stores its own version of what are currently the
// `DeclToLoc`, `ExprToLoc`, and `ThisPointeeLoc` fields.
const auto *FuncDecl = Call->getDirectCallee(); const auto *FuncDecl = Call->getDirectCallee();
assert(FuncDecl != nullptr); assert(FuncDecl != nullptr);
assert(FuncDecl->getBody() != nullptr); assert(FuncDecl->getBody() != nullptr);
// FIXME: In order to allow the callee to reference globals, we probably need // FIXME: In order to allow the callee to reference globals, we probably need
// to call `initGlobalVars` here in some way. // to call `initGlobalVars` here in some way.
auto ParamIt = FuncDecl->param_begin(); auto ParamIt = FuncDecl->param_begin();
auto ArgIt = Call->arg_begin(); auto ArgIt = Call->arg_begin();
auto ArgEnd = Call->arg_end(); auto ArgEnd = Call->arg_end();
// FIXME: Parameters don't always map to arguments 1:1; examples include // FIXME: Parameters don't always map to arguments 1:1; examples include
// overloaded operators implemented as member functions, and parameter packs. // overloaded operators implemented as member functions, and parameter packs.
for (; ArgIt != ArgEnd; ++ParamIt, ++ArgIt) { for (; ArgIt != ArgEnd; ++ParamIt, ++ArgIt) {
assert(ParamIt != FuncDecl->param_end()); assert(ParamIt != FuncDecl->param_end());
const VarDecl *Param = *ParamIt;
const Expr *Arg = *ArgIt; const Expr *Arg = *ArgIt;
auto *ArgLoc = Env.getStorageLocation(*Arg, SkipPast::Reference); auto *ArgLoc = Env.getStorageLocation(*Arg, SkipPast::Reference);
assert(ArgLoc != nullptr); assert(ArgLoc != nullptr);
Env.setStorageLocation(*Param, *ArgLoc);
const VarDecl *Param = *ParamIt;
ymandelUnsubmitted
Not Done
ReplyInline Actions

maybe mention in the patch description that it also improves the modeling of parameter initialization?

ymandel: maybe mention in the patch description that it also improves the modeling of parameter…
samestepAuthorUnsubmitted
Done
ReplyInline Actions

Good point; done.

samestep: Good point; done.
auto &Loc = Env.createStorageLocation(*Param);
Env.setStorageLocation(*Param, Loc);
QualType ParamType = Param->getType();
if (ParamType->isReferenceType()) {
auto &Val = Env.takeOwnership(std::make_unique<ReferenceValue>(*ArgLoc));
Env.setValue(Loc, Val);
} else if (auto *ArgVal = Env.getValue(*ArgLoc)) {
Env.setValue(Loc, *ArgVal);
ymandelUnsubmitted
Not Done
ReplyInline Actions

Add an else that calls createValue on the decl's type, and then sets it, like VisitDeclStmt?

ymandel: Add an `else` that calls `createValue` on the decl's type, and then sets it, like…
samestepAuthorUnsubmitted
Done
ReplyInline Actions

Ah yes, I meant to do this before but forgot; will do that now.

samestep: Ah yes, I meant to do this before but forgot; will do that now.
} else if (Value *Val = Env.createValue(ParamType)) {
Env.setValue(Loc, *Val);
}
} }
return Env; return Env;
} }
void Environment::popCall(const Environment &CalleeEnv) {
// We ignore `DACtx` because it's already the same in both. We don't bring
// back `DeclToLoc` and `ExprToLoc` because we want to be able to later
// analyze the same callee in a different context, and `setStorageLocation`
// requires there to not already be a storage location assigned. Conceptually,
ymandelUnsubmitted
Not Done
ReplyInline Actions

Maybe add something like "Conceptually, these maps capture information from the local scope, so when popping that scope, we do not propagate the maps".

ymandel: Maybe add something like "Conceptually, these maps capture information from the local scope, so…
// these maps capture information from the local scope, so when popping that
// scope, we do not propagate the maps.
this->LocToVal = std::move(CalleeEnv.LocToVal);
sgatevUnsubmitted
Not Done
ReplyInline Actions

Does std::move help here? CalleeEnv is a const reference.

sgatev: Does `std::move` help here? `CalleeEnv` is a const reference.
this->MemberLocToStruct = std::move(CalleeEnv.MemberLocToStruct);
this->FlowConditionToken = std::move(CalleeEnv.FlowConditionToken);
}
bool Environment::equivalentTo(const Environment &Other, bool Environment::equivalentTo(const Environment &Other,
Environment::ValueModel &Model) const { Environment::ValueModel &Model) const {
assert(DACtx == Other.DACtx); assert(DACtx == Other.DACtx);
if (DeclToLoc != Other.DeclToLoc) if (DeclToLoc != Other.DeclToLoc)
return false; return false;
if (ExprToLoc != Other.ExprToLoc) if (ExprToLoc != Other.ExprToLoc)
▲ Show 20 LinesShow All 308 LinesShow Last 20 Lines

clang/lib/Analysis/FlowSensitive/Transfer.cpp

Show First 20 LinesShow All 503 Lines▼ Show 20 Lines if (S->isCallToStdMove()) {
// references in the argument. // references in the argument.
auto *ArgLoc = Env.getStorageLocation(*S->getArg(0), SkipPast::Reference); auto *ArgLoc = Env.getStorageLocation(*S->getArg(0), SkipPast::Reference);
if (ArgLoc == nullptr) if (ArgLoc == nullptr)
return; return;
Env.setStorageLocation(*S, *ArgLoc); Env.setStorageLocation(*S, *ArgLoc);
} else if (const FunctionDecl *F = S->getDirectCallee()) { } else if (const FunctionDecl *F = S->getDirectCallee()) {
// This case is for context-sensitive analysis, which we only do if we // This case is for context-sensitive analysis, which we only do if we
// have the callee body available in the translation unit. // have the callee body available in the translation unit.
if (!Options.ContextSensitive || F->getBody() == nullptr) if (!Options.ContextSensitive || F->getBody() == nullptr)
return; return;
xazax.hunUnsubmitted
Not Done
ReplyInline Actions

Since we do not support recursion (and only do inlining with the depth of one), I think we should have a check here to avoid a inlining recursive call.

xazax.hun: Since we do not support recursion (and only do inlining with the depth of one), I think we…
// FIXME: We don't support context-sensitive analysis of recursion, so
// we should return early here if `F` is the same as the `FunctionDecl`
// holding `S` itself.
auto &ASTCtx = F->getASTContext(); auto &ASTCtx = F->getASTContext();
// FIXME: Cache these CFGs. // FIXME: Cache these CFGs.
auto CFCtx = ControlFlowContext::build(F, F->getBody(), &ASTCtx); auto CFCtx = ControlFlowContext::build(F, F->getBody(), &ASTCtx);
// FIXME: Handle errors here and below. // FIXME: Handle errors here and below.
assert(CFCtx); assert(CFCtx);
auto ExitBlock = CFCtx->getCFG().getExit().getBlockID(); auto ExitBlock = CFCtx->getCFG().getExit().getBlockID();
auto CalleeEnv = Env.pushCall(S); auto CalleeEnv = Env.pushCall(S);
// FIXME: Use the same analysis as the caller for the callee. // FIXME: Use the same analysis as the caller for the callee.
DataflowAnalysisOptions Options; DataflowAnalysisOptions Options;
auto Analysis = NoopAnalysis(ASTCtx, Options); auto Analysis = NoopAnalysis(ASTCtx, Options);
auto BlockToOutputState = auto BlockToOutputState =
dataflow::runDataflowAnalysis(*CFCtx, Analysis, CalleeEnv); dataflow::runDataflowAnalysis(*CFCtx, Analysis, CalleeEnv);
assert(BlockToOutputState); assert(BlockToOutputState);
assert(ExitBlock < BlockToOutputState->size()); assert(ExitBlock < BlockToOutputState->size());
auto ExitState = (*BlockToOutputState)[ExitBlock]; auto ExitState = (*BlockToOutputState)[ExitBlock];
assert(ExitState); assert(ExitState);
Env = ExitState->Env; Env.popCall(ExitState->Env);
} }
} }
void VisitMaterializeTemporaryExpr(const MaterializeTemporaryExpr *S) { void VisitMaterializeTemporaryExpr(const MaterializeTemporaryExpr *S) {
const Expr *SubExpr = S->getSubExpr(); const Expr *SubExpr = S->getSubExpr();
assert(SubExpr != nullptr); assert(SubExpr != nullptr);
auto *SubExprLoc = Env.getStorageLocation(*SubExpr, SkipPast::None); auto *SubExprLoc = Env.getStorageLocation(*SubExpr, SkipPast::None);
▲ Show 20 LinesShow All 132 LinesShow Last 20 Lines

clang/unittests/Analysis/FlowSensitive/TransferTest.cpp

Show First 20 LinesShow All 3,954 Lines▼ Show 20 Lines runDataflow(Code,
auto &FooVal = auto &FooVal =
*cast<BoolValue>(Env.getValue(*FooDecl, SkipPast::None)); *cast<BoolValue>(Env.getValue(*FooDecl, SkipPast::None));
EXPECT_TRUE(Env.flowConditionImplies(Env.makeNot(FooVal))); EXPECT_TRUE(Env.flowConditionImplies(Env.makeNot(FooVal)));
}, },
{/*.ApplyBuiltinTransfer=*/true, {/*.ApplyBuiltinTransfer=*/true,
/*.BuiltinTransferOptions=*/{/*.ContextSensitive=*/true}}); /*.BuiltinTransferOptions=*/{/*.ContextSensitive=*/true}});
} }
TEST(TransferTest, ContextSensitiveSetBothTrueAndFalse) {
ymandelUnsubmitted
Not Done
ReplyInline Actions

Are there more scenarios testable at this point? e.g

  1. 2 layers of callees
  2. more than one line of code inside the body?
  3. one than one CFG block in the body?

If so, please add tests for those that are supported.

ymandel: Are there more scenarios testable at this point? e.g 1. 2 layers of callees 2. more than one…
samestepAuthorUnsubmitted
Done
ReplyInline Actions
  1. This currently isn't supported.
  2. This should work.
  3. This should work.

For (2) and (3), should I add those tests now, or do that in a followup patch?

samestep: 1. This currently isn't supported. 2. This should work. 3. This should work. For (2) and (3)…
ymandelUnsubmitted
Not Done
ReplyInline Actions
  1. This currently isn't supported.

What's limiting us here? Just curious, not asking you to update the comments, etc.

  1. This should work.
  2. This should work.

For (2) and (3), should I add those tests now, or do that in a followup patch?

may as well add them now. thx

ymandel: > 1. This currently isn't supported. What's limiting us here? Just curious, not asking you to…
samestepAuthorUnsubmitted
Done
ReplyInline Actions

What's limiting us here? Just curious, not asking you to update the comments, etc.

Nothing's really limiting us; all I meant was that currently we don't turn on context-sensitivity for the sub-analysis when we analyze the callee, and I don't want to turn that on until I've added support both for limiting the depth and for selecting the set of symbols to analyze using an allowlist.

samestep: > What's limiting us here? Just curious, not asking you to update the comments, etc. Nothing's…
ymandelUnsubmitted
Not Done
ReplyInline Actions
  1. This currently isn't supported.
  2. This should work.
  3. This should work.

For (2) and (3), should I add those tests now, or do that in a followup patch?

ymandel: > 1. This currently isn't supported. > 2. This should work. > 3. This should work. > > For (2)…
std::string Code = R"(
bool GiveBool();
void SetBool(bool &Var, bool Val) { Var = Val; }
void target() {
bool Foo = GiveBool();
bool Bar = GiveBool();
SetBool(Foo, true);
SetBool(Bar, false);
// [[p]]
}
)";
runDataflow(Code,
[](llvm::ArrayRef<
std::pair<std::string, DataflowAnalysisState<NoopLattice>>>
Results,
ASTContext &ASTCtx) {
ASSERT_THAT(Results, ElementsAre(Pair("p", _)));
const Environment &Env = Results[0].second.Env;
const ValueDecl *FooDecl = findValueDecl(ASTCtx, "Foo");
ASSERT_THAT(FooDecl, NotNull());
const ValueDecl *BarDecl = findValueDecl(ASTCtx, "Bar");
ASSERT_THAT(BarDecl, NotNull());
auto &FooVal =
*cast<BoolValue>(Env.getValue(*FooDecl, SkipPast::None));
EXPECT_TRUE(Env.flowConditionImplies(FooVal));
EXPECT_FALSE(Env.flowConditionImplies(Env.makeNot(FooVal)));
auto &BarVal =
*cast<BoolValue>(Env.getValue(*BarDecl, SkipPast::None));
EXPECT_FALSE(Env.flowConditionImplies(BarVal));
EXPECT_TRUE(Env.flowConditionImplies(Env.makeNot(BarVal)));
},
{/*.ApplyBuiltinTransfer=*/true,
/*.BuiltinTransferOptions=*/{/*.ContextSensitive=*/true}});
}
TEST(TransferTest, ContextSensitiveSetTwoLayers) {
std::string Code = R"(
bool GiveBool();
void SetBool1(bool &Var) { Var = true; }
void SetBool2(bool &Var) { SetBool1(Var); }
void target() {
bool Foo = GiveBool();
SetBool2(Foo);
// [[p]]
}
)";
runDataflow(Code,
[](llvm::ArrayRef<
std::pair<std::string, DataflowAnalysisState<NoopLattice>>>
Results,
ASTContext &ASTCtx) {
ASSERT_THAT(Results, ElementsAre(Pair("p", _)));
const Environment &Env = Results[0].second.Env;
const ValueDecl *FooDecl = findValueDecl(ASTCtx, "Foo");
ASSERT_THAT(FooDecl, NotNull());
auto &FooVal =
*cast<BoolValue>(Env.getValue(*FooDecl, SkipPast::None));
EXPECT_FALSE(Env.flowConditionImplies(FooVal));
EXPECT_FALSE(Env.flowConditionImplies(Env.makeNot(FooVal)));
},
{/*.ApplyBuiltinTransfer=*/true,
/*.BuiltinTransferOptions=*/{/*.ContextSensitive=*/true}});
}
TEST(TransferTest, ContextSensitiveSetMultipleLines) {
std::string Code = R"(
void SetBools(bool &Var1, bool &Var2) {
Var1 = true;
Var2 = false;
}
void target() {
bool Foo = false;
bool Bar = true;
SetBools(Foo, Bar);
// [[p]]
}
)";
runDataflow(Code,
[](llvm::ArrayRef<
std::pair<std::string, DataflowAnalysisState<NoopLattice>>>
Results,
ASTContext &ASTCtx) {
ASSERT_THAT(Results, ElementsAre(Pair("p", _)));
const Environment &Env = Results[0].second.Env;
const ValueDecl *FooDecl = findValueDecl(ASTCtx, "Foo");
ASSERT_THAT(FooDecl, NotNull());
const ValueDecl *BarDecl = findValueDecl(ASTCtx, "Bar");
ASSERT_THAT(BarDecl, NotNull());
auto &FooVal =
*cast<BoolValue>(Env.getValue(*FooDecl, SkipPast::None));
EXPECT_TRUE(Env.flowConditionImplies(FooVal));
EXPECT_FALSE(Env.flowConditionImplies(Env.makeNot(FooVal)));
auto &BarVal =
*cast<BoolValue>(Env.getValue(*BarDecl, SkipPast::None));
EXPECT_FALSE(Env.flowConditionImplies(BarVal));
EXPECT_TRUE(Env.flowConditionImplies(Env.makeNot(BarVal)));
},
{/*.ApplyBuiltinTransfer=*/true,
/*.BuiltinTransferOptions=*/{/*.ContextSensitive=*/true}});
}
TEST(TransferTest, ContextSensitiveSetMultipleBlocks) {
std::string Code = R"(
void IfCond(bool Cond, bool &Then, bool &Else) {
if (Cond) {
Then = true;
} else {
Else = true;
}
}
void target() {
bool Foo = false;
bool Bar = false;
bool Baz = false;
IfCond(Foo, Bar, Baz);
// [[p]]
}
)";
runDataflow(Code,
[](llvm::ArrayRef<
std::pair<std::string, DataflowAnalysisState<NoopLattice>>>
Results,
ASTContext &ASTCtx) {
ASSERT_THAT(Results, ElementsAre(Pair("p", _)));
const Environment &Env = Results[0].second.Env;
const ValueDecl *BarDecl = findValueDecl(ASTCtx, "Bar");
ASSERT_THAT(BarDecl, NotNull());
const ValueDecl *BazDecl = findValueDecl(ASTCtx, "Baz");
ASSERT_THAT(BazDecl, NotNull());
auto &BarVal =
*cast<BoolValue>(Env.getValue(*BarDecl, SkipPast::None));
EXPECT_FALSE(Env.flowConditionImplies(BarVal));
EXPECT_TRUE(Env.flowConditionImplies(Env.makeNot(BarVal)));
auto &BazVal =
*cast<BoolValue>(Env.getValue(*BazDecl, SkipPast::None));
EXPECT_TRUE(Env.flowConditionImplies(BazVal));
EXPECT_FALSE(Env.flowConditionImplies(Env.makeNot(BazVal)));
},
{/*.ApplyBuiltinTransfer=*/true,
/*.BuiltinTransferOptions=*/{/*.ContextSensitive=*/true}});
}
} // namespace } // namespace