ClearBlue
SymbolicExprGraph.h
1 /*
2  * Developed by Qingkai Shi, Fan Gang
3  * Copy Right by Prism Research Group, HKUST and State Key Lab for Novel
4  * Software Tech., Nanjing University.
5  */
6 
7 #ifndef SYMBOLIC_EXPR_GRAPH_H
8 #define SYMBOLIC_EXPR_GRAPH_H
9 
10 #include <llvm/IR/BasicBlock.h>
11 #include <llvm/IR/CallSite.h>
12 #include <llvm/IR/Constants.h>
13 #include <llvm/IR/Function.h>
14 #include <llvm/IR/InstIterator.h>
15 #include <llvm/IR/Instructions.h>
16 #include <llvm/IR/Value.h>
17 
18 #include <llvm/Support/Casting.h>
19 #include <llvm/Support/FileSystem.h>
20 #include <llvm/Support/Format.h>
21 #include <llvm/Support/raw_ostream.h>
22 
23 #include <map>
24 #include <set>
25 #include <unordered_map>
26 #include <unordered_set>
27 #include <vector>
28 
29 #include "Analysis/Alias/FalconPlus/ProgramVal.h"
30 #include "IR/SEG/SEGValue.h"
31 #include "Transform/ValueComparator.h"
32 #include "Utils/ADT/MapIterators.h"
33 #include "Utils/ADT/kvec.h"
34 
35 using namespace llvm;
36 
37 class SEGCallSite;
38 class SEGCallSiteOutputNode;
39 class SEGCallSitePseudoInputNode;
40 class SEGCallSitePseudoOutputNode;
41 class SEGCallSiteArgumentSummaryNode;
42 class SEGCallSiteReturnSummaryNode;
43 
44 class SEGOpcodeNode;
45 class SEGOperandNode;
46 class SEGRegionNode;
47 class SEGPhiNode;
48 class SEGLoadMemNode;
49 class SEGStoreMemNode;
50 
51 class SEGReturnNode;
52 class SEGCommonReturnNode;
53 class SEGPseudoReturnNode;
54 
55 class SEGArgumentNode;
56 class SEGCommonArgumentNode;
57 class SEGPseudoArgumentNode;
58 class SEGVarArgumentNode;
59 
60 class SEGCastNode;
61 class SEGBinaryWithIntConstNode;
62 class SEGSimpleOpcodeNode;
63 
64 class SEGSiteBase;
65 
66 class SymbolicExprGraph;
67 class SymbolicExprGraphBuilder;
68 class OCValueFlowBuilder;
69 
70 class SEGOptions {
71 public:
72  static bool EnableValueToString;
73  static bool EnableArithmeticFlow;
74 };
75 
76 class SEGObject {
77  friend class SEGSerializer;
78  friend class SEGHash;
79 
80 public:
81  enum SEGObjectKind {
82  // nodes
83  SEGOBJK_NodeBegin,
84  // operand nodes
85  SEGOBJK_OperandBegin,
86 
87  SEGOBJK_ArgumentBegin,
88  SEGOBJK_CommonArgument,
89  SEGOBJK_VarArgument,
90  SEGOBJK_PseudoArgument,
91  SEGOBJK_ArgumentEnd,
92 
93  SEGOBJK_CallSiteOutputBegin,
94  SEGOBJK_CallSiteCommonOutput,
95  SEGOBJK_CallSitePseudoOutput,
96  SEGOBJK_CallSiteOutputEnd,
97 
98  SEGOBJK_ReturnBegin,
99  SEGOBJK_CommonReturn,
100  SEGOBJK_PseudoReturn,
101  SEGOBJK_ReturnEnd,
102 
103  SEGOBJK_LoadMem,
104  SEGOBJK_StoreMem,
105  SEGOBJK_Phi,
106  SEGOBJK_Region,
107  SEGOBJK_SimpleOperand,
108  SEGOBJK_Undef,
109  SEGOBJK_CallSitePseudoInput,
110  SEGOBJK_CallSiteSummaryArgument,
111  SEGOBJK_CallSiteSummaryReturn,
112 
113  SEGOBJK_OperandEnd,
114 
115  // opcode nodes
116  SEGOBJK_OpcodeBegin,
117  SEGOBJK_BinaryWithIntConst,
118  SEGOBJK_Cast,
119  SEGOBJK_SimpleOpcode,
120  SEGOBJK_OpcodeEnd,
121 
122  SEGOBJK_NodeEnd,
123 
124  // use sites
125  SEGOBJK_SiteBegin,
126 
127  SEGOBJK_CallSite,
128  SEGOBJK_ReturnSite,
129 
130  SEGOBJK_SimpleSiteBegin,
131  SEGOBJK_GEPSite,
132  SEGOBJK_DereferenceSite,
133  SEGOBJK_DivSite,
134  SEGOBJK_CmpSite,
135  SEGOBJK_AllocSite,
136  SEGOBJK_SimpleSiteEnd,
137 
138  SEGOBJK_SiteEnd,
139  };
140 
141 private:
142  const SEGObjectKind ObjKind;
143 
145  SymbolicExprGraph *ParentGraph;
146 
148  BasicBlock *ParentBasicBlock = nullptr;
149 
150  // Index of this SEGObject
151  int64_t ObjIndex = -1;
152 
153  // Index of this SEG
154  int64_t SEGIndex = -1;
155 
156 protected:
157 public:
158  SEGObject(SEGObjectKind OK, SymbolicExprGraph *SEG, BasicBlock *BB,
159  bool fromDisk);
160 
161  virtual ~SEGObject() = 0;
162 
163  // getLLVMDbgValue and getLLVMDbgInstruction are used for printing human
164  // readable info for SEGObjects This design is to eliminate the enumerating of
165  // SEG object types to print the required corresponding info for SEGObjects We
166  // try best to collect such info, For example, for callsite output nodes, if
167  // we want to distinguish the output values, we can use getLLVMDbgValue to get
168  // the value if we want to get the line number in the source code, we can use
169  // getLLVMDbgInstruction This function returns the callsite instruction
170  // containing the output node, which can be used to get the line number to
171  // find the callsite
172  //
173  // getLLVMDbgValue and getLLVMDbgInstruction are virtual functions in
174  // SEGObject. Thus, we can use them on each node in SEG, to print human
175  // readable debug info and still eliminate enumerating SEG Object types
176 
177  // Try best to collect the llvm value corresponding to the SEGObject
178  // For printing human readable Debug info relative to values
179  // SEGOperandNode : the value of the node
180  // SEGSite : the instruction
181  // Default : null
182  virtual Value *getLLVMDbgValue() const { return nullptr; }
183 
184  // Try best to collect the llvm instruction corresponding to the SEGObject
185  // For printing human readable Debug info requiring instructions
186  // In detail,
187  // For callsite pseudo-output nodes, we return the callsite
188  // For store mem node, we return the store site
189  // Otherwise, we return the instruction for the value if value exists or
190  // otherwise return null
191  virtual Instruction *getLLVMDbgInstruction() const {
192  Value *val = getLLVMDbgValue();
193  if (val != nullptr) {
194  return dyn_cast<Instruction>(val);
195  }
196 
197  return nullptr;
198  }
199 
200  SEGObjectKind getKind() const { return ObjKind; }
201 
202  int64_t getSEGIndex() const {
203  assert(SEGIndex != -1 && "Index should not be -1");
204  return SEGIndex;
205  }
206 
207  void setObjIndex(int64_t index) { ObjIndex = index; }
208 
209  int64_t getObjIndex() const {
210  assert(ObjIndex != -1 && "Index should not be -1");
211  return ObjIndex;
212  }
213 
214  const char *getKindName() const;
215 
216  BasicBlock *getParentBasicBlock() const { return ParentBasicBlock; }
217 
218  Function *getParentFunction() const { return ParentBasicBlock->getParent(); }
219 
220  const SymbolicExprGraph *getParentGraph() const { return ParentGraph; }
221  SymbolicExprGraph *getParentGraph() { return ParentGraph; }
222 
223  friend raw_ostream &operator<<(llvm::raw_ostream &Out, const SEGObject &N);
224 };
225 
226 struct seg_cmp {
227  LLVMValueIndexer *instance;
228  seg_cmp() : instance(LLVMValueIndexer::get()) {}
229 
230  bool operator()(const SEGObject *A, const SEGObject *B) const {
231  int64_t indexSEGA = A ? A->getSEGIndex() : -1;
232  int64_t indexSEGB = B ? B->getSEGIndex() : -1;
233  if (indexSEGA != indexSEGB || (indexSEGA == -1 && indexSEGB == -1)) {
234  return indexSEGA < indexSEGB;
235  } else {
236  int64_t indexA = A ? A->getObjIndex() : -1;
237  int64_t indexB = B ? B->getObjIndex() : -1;
238  return indexA < indexB;
239  }
240  }
241 };
242 
244 class SEGNodeBase : public SEGObject {
245  friend class SEGSerializer;
246  friend class SEGHash;
247 
248 protected:
252  SEGNodeBase(SEGObjectKind K, Type *Ty, SymbolicExprGraph *SEG, BasicBlock *BB,
253  bool fromDisk);
254 
255  void setDescription(std::string &Desc) { Description = Desc; }
256 
257  friend class SymbolicExprGraph;
258 
259 private:
260  // This is useful for debugging
261  std::string Description;
262 
265  std::vector<SEGNodeBase *> Children;
266 
268  std::map<const SEGNodeBase *, float, seg_cmp> Parents;
269 
271  std::vector<SEGSiteBase *> UseSites;
272  std::set<SEGSiteBase *> UseSiteSet;
273 
275  Type *LLVMType = nullptr;
276 
278  SEGRegionNode *Region = nullptr;
279 
280 public:
281  virtual ~SEGNodeBase() {}
282 
284  Type *getLLVMType() const { return LLVMType; }
285 
286  SEGNodeBase *getChild(unsigned I) const {
287  assert(Children.size() > I &&
288  "Invalid child index when querying SEG edges");
289  return Children[I];
290  }
291 
292  float getConfidence(const SEGNodeBase *ParentNode) const {
293  auto It = Parents.find(ParentNode);
294  assert(It != Parents.end() &&
295  "Invalid parent node when querying SEG edges");
296  return It->second;
297  }
298 
299  unsigned getNumChildren() const { return Children.size(); }
300 
301  unsigned getNumParents() const { return Parents.size(); }
302 
303  void addChild(SEGNodeBase *N, float Confidence = 1.0f) {
304  Children.push_back(N);
305  N->Parents.insert(std::make_pair(this, Confidence));
306  }
307 
308  void eraseAllChildren() {
309  for (auto *Child : Children) {
310  Child->Parents.erase(this);
311  }
312  Children.clear();
313  }
314 
315  void addUseSite(SEGSiteBase *U) {
316  if (!UseSiteSet.count(U)) {
317  UseSiteSet.insert(U);
318  UseSites.push_back(U);
319  }
320  }
321 
322  virtual bool isTerminalNode() const { return Children.empty(); }
323 
324  SEGRegionNode *getRegion() const;
325 
326  bool containsParentNode(const SEGNodeBase *N) const {
327  return Parents.count(N);
328  }
329 
330  const std::string &getDescription() const { return Description; }
331 
333  virtual void dot(raw_fd_ostream &O) const = 0;
334 
335  friend raw_ostream &operator<<(llvm::raw_ostream &Out, const SEGNodeBase &N);
336 
337  /*==-------Iterators------==*/
338  class ValueFlowIterator {
339  private:
340  const SEGNodeBase *Node;
341  key_iterator<std::map<const SEGNodeBase *, float>::const_iterator> It;
342 
343  public:
344  ValueFlowIterator(const SEGNodeBase *N, bool End) : Node(N) {
345  if (End) {
346  It = N->parent_end();
347  } else {
348  It = N->parent_begin();
349  increment();
350  }
351  }
352 
353  ValueFlowIterator(const ValueFlowIterator &VFIt)
354  : Node(VFIt.Node), It(VFIt.It) {}
355 
356  ValueFlowIterator &operator=(const ValueFlowIterator &VFIt) {
357  if (this != &VFIt) {
358  this->Node = VFIt.Node;
359  this->It = VFIt.It;
360  }
361  return *this;
362  }
363 
364  ValueFlowIterator operator++(int) {
365  ValueFlowIterator Old(*this);
366  ++(*this);
367  return Old;
368  }
369 
370  ValueFlowIterator &operator++() {
371  It++;
372  increment();
373  return *this;
374  }
375 
376  const SEGNodeBase *operator*() { return *It; }
377 
378  bool operator==(const ValueFlowIterator &VFIt) { return It == VFIt.It; }
379 
380  bool operator!=(const ValueFlowIterator &VFIt) { return It != VFIt.It; }
381 
382  private:
383  void increment();
384  };
385 
386  ValueFlowIterator vflow_begin() const { return {this, false}; }
387 
388  ValueFlowIterator vflow_end() const { return {this, true}; }
389 
390  key_iterator<std::map<const SEGNodeBase *, float>::const_iterator>
391  parent_begin() const {
392  return {Parents.begin()};
393  }
394 
395  key_iterator<std::map<const SEGNodeBase *, float>::const_iterator>
396  parent_end() const {
397  return {Parents.end()};
398  }
399 
400  iterator_range<std::map<const SEGNodeBase *, float>::const_iterator>
401  parents() const {
402  return {Parents.begin(), Parents.end()};
403  }
404 
405  std::vector<SEGNodeBase *>::const_iterator child_begin() const {
406  return Children.begin();
407  }
408 
409  std::vector<SEGNodeBase *>::const_iterator child_end() const {
410  return Children.end();
411  }
412 
413  iterator_range<std::vector<SEGNodeBase *>::const_iterator> children() const {
414  return {Children.begin(), Children.end()};
415  }
416 
417  std::map<const SEGNodeBase *, float>::const_iterator
418  parent_confidence_begin() const {
419  return key_iterator<std::map<const SEGNodeBase *, float>::const_iterator>(
420  Parents.begin());
421  }
422 
423  std::map<const SEGNodeBase *, float>::const_iterator
424  parent_confidence_end() const {
425  return key_iterator<std::map<const SEGNodeBase *, float>::const_iterator>(
426  Parents.end());
427  }
428 
429  size_t child_size() const { return Children.size(); }
430 
431  size_t parent_size() const { return Parents.size(); }
432 
433  std::vector<SEGSiteBase *>::const_iterator use_site_begin() const {
434  return UseSites.begin();
435  }
436 
437  std::vector<SEGSiteBase *>::const_iterator use_site_end() const {
438  return UseSites.end();
439  }
440 
441  iterator_range<std::vector<SEGSiteBase *>::const_iterator> use_sites() {
442  return {UseSites.begin(), UseSites.end()};
443  };
444 
445  size_t use_site_size() const { return UseSites.size(); }
446 
447 public:
448  static bool classof(const SEGObject *N) {
449  return N->getKind() >= SEGOBJK_NodeBegin && N->getKind() <= SEGOBJK_NodeEnd;
450  }
451 };
452 
456 class SEGOperandNode : public SEGNodeBase {
457 protected:
460  Value *LLVMValue = nullptr;
461 
462  SEGValue *segValue = nullptr;
463 
465  SEGOperandNode(SEGObjectKind K, Type *Ty, SymbolicExprGraph *SEG,
466  BasicBlock *BB, bool fromDisk);
467 
479  SEGOperandNode(SEGObjectKind K, Value *Val, Type *Ty, SymbolicExprGraph *SEG,
480  BasicBlock *BB, bool fromDisk);
481 
483  friend class SymbolicExprGraph;
484  friend class SEGHash;
485 
486 public:
487  virtual ~SEGOperandNode() = 0;
488 
489  Value *getLLVMValue() const { return LLVMValue; }
490 
491  SEGValue *getSEGValue() const { return segValue; }
492 
493  void dot(raw_fd_ostream &O) const override;
494 
495  friend raw_ostream &operator<<(llvm::raw_ostream &Out,
496  const SEGOperandNode &N) {
497  if (Value *Val = N.getLLVMValue()) {
498  Out << *Val;
499  } else {
500  Out << N.getDescription();
501  }
502  return Out;
503  }
504 
505  virtual Value *getLLVMDbgValue() const override { return getLLVMValue(); }
506 
507 public:
508  static bool classof(const SEGObject *N) {
509  return N->getKind() >= SEGOBJK_OperandBegin &&
510  N->getKind() <= SEGOBJK_OperandEnd;
511  }
512 
513 private:
514  void initialize(Value *Val);
515 };
516 
519 class SEGOpcodeNode : public SEGNodeBase {
520 
521 public:
522  enum CodeKind {
523  CK_BinaryBegin,
524  CK_URem = CK_BinaryBegin,
525  CK_FRem,
526  CK_SRem,
527  CK_UDiv,
528  CK_FDiv,
529  CK_SDiv,
530  CK_And,
531  CK_Or,
532  CK_Xor,
533  CK_Add,
534  CK_FAdd,
535  CK_Sub,
536  CK_FSub,
537  CK_Mul,
538  CK_FMul,
539  CK_Shl,
540  CK_LShr,
541  CK_AShr,
542  CK_BinaryEnd = CK_AShr,
543 
544  CK_CastBegin,
545  CK_AddressCast = CK_CastBegin,
546  CK_Int2Ptr,
547  CK_Ptr2Int,
548  CK_Bitcast,
549  CK_Trunc,
550  CK_FPTrunc,
551  CK_SExt,
552  CK_ZExt,
553  CK_FPExt,
554  CK_SI2FP,
555  CK_FP2SI,
556  CK_UI2FP,
557  CK_FP2UI,
558  CK_CastEnd = CK_FP2UI,
559 
560  CK_ExtractElmt,
561  CK_InsertElmt,
562 
563  CK_Select,
564 
565  CK_GetElmtPtr,
566 
567  CK_Concat,
568 
569  CK_CmpBegin,
570  // Predicates for comparing floating numbers
571  // U L G E Intuitive operation
572  CK_FFalse = CK_CmpBegin,
573  CK_FOEq,
574  CK_FOGT,
575  CK_FOGE,
576  CK_FOLT,
577  CK_FOLE,
578  CK_FONE,
579  CK_FOrd,
580  CK_FUno,
581  CK_FUEq,
582  CK_FUGT,
583  CK_FUGE,
584  CK_FULT,
585  CK_FULE,
586  CK_FUNE,
587  CK_FTrue,
588 
589  // Predicates for comparing integers
590  CK_IEq,
591  CK_INE,
592  CK_IUGT,
593  CK_IUGE,
594  CK_IULT,
595  CK_IULE,
596  CK_ISGT,
597  CK_ISGE,
598  CK_ISLT,
599  CK_ISLE,
600  CK_CmpEnd = CK_ISLE,
601 
602  CK_InvalidCode,
603  };
604 
605 protected:
606  CodeKind Opcode;
607 
609  SEGOpcodeNode(SEGObjectKind K, CodeKind Opcode, Type *Ty,
610  SymbolicExprGraph *SEG, BasicBlock *BB, bool fromDisk);
611 
613  friend class SymbolicExprGraph;
614 
615 public:
616  virtual ~SEGOpcodeNode() = 0;
617 
618  CodeKind getOpcode() const { return Opcode; }
619 
620  virtual void dot(raw_fd_ostream &O) const;
621 
622  bool isCmpNode() const {
623  return Opcode <= CK_CmpEnd && Opcode >= CK_CmpBegin;
624  }
625 
626  bool isSignedCmp() const { return Opcode <= CK_ISLE && Opcode >= CK_ISGT; }
627 
628  bool isUnSignedCmp() const { return Opcode <= CK_IULE && Opcode >= CK_IUGT; }
629 
630  bool isFloatCmp() const { return Opcode <= CK_FTrue && Opcode >= CK_FFalse; }
631 
632  bool isAddNode() const { return Opcode == CK_Add; }
633 
634  bool isSubNode() const { return Opcode == CK_Sub; }
635 
636  bool isGEPNode() const { return Opcode == CK_GetElmtPtr; }
637 
638  bool isSelectNode() const { return Opcode == CK_Select; }
639 
640  bool isCastNode() const {
641  return Opcode <= CK_CastEnd && Opcode >= CK_CastBegin;
642  }
643 
644  bool isBinaryNode() const {
645  return Opcode <= CK_BinaryEnd && Opcode >= CK_BinaryBegin;
646  }
647 
648  bool isExtractElmtNode() const { return Opcode == CK_ExtractElmt; }
649 
650  bool isInsertElmtNode() const { return Opcode == CK_InsertElmt; }
651 
652  bool isConcatNode() const { return Opcode == CK_Concat; }
653 
654 public:
655  static bool classof(const SEGObject *N) {
656  return N->getKind() >= SEGOBJK_OpcodeBegin &&
657  N->getKind() <= SEGOBJK_OpcodeEnd;
658  }
659 
660  static const char *getOpcodeName(CodeKind CK);
661 };
662 
663 class SEGSiteBase : public SEGObject {
664 
665 private:
666  Instruction *User = nullptr;
667 
668  SEGValue *segValue = nullptr;
669 
670 protected:
671  SEGSiteBase(SEGObjectKind K, Instruction *User, SymbolicExprGraph *G,
672  bool fromDisk);
673  friend class SymbolicExprGraph;
674 
675 public:
676  virtual ~SEGSiteBase() = 0;
677 
678  CallSite getLLVMCallSite() const { return CallSite(User); }
679 
680  Instruction *getInstruction() const { return User; }
681 
682  SEGValue *getSEGValue() const { return segValue; }
683 
684  virtual Value *getLLVMDbgValue() const override { return getInstruction(); }
685 
686  friend raw_ostream &operator<<(llvm::raw_ostream &Out,
687  const SEGSiteBase &US) {
688  Out << *US.User;
689  return Out;
690  }
691 
692 public:
693  static bool classof(const SEGObject *O) {
694  return O->getKind() >= SEGOBJK_SiteBegin && O->getKind() <= SEGOBJK_SiteEnd;
695  }
696 };
697 
698 namespace FalconPlus {
699 class AbstractCond;
700 class RegionCond;
701 class FreeCond;
702 class BitCondVec;
703 class IntraFalcon;
704 class AbstractCondPtr;
705 class FalconAA;
706 } // namespace FalconPlus
707 
708 class SymbolicExprGraph {
709 
710  friend class SEGRegionNode;
711  friend class SymbolicExprGraphBuilder;
712  friend class IntraFalcon;
713  friend class MantaIntraFalcon;
714  friend class PTGraph;
715  friend class SEGObject;
716  friend class OCValueFlowBuilder;
717  friend class SEGSerializer;
718 
719  friend class FalconPlus::AbstractCond;
720  friend class FalconPlus::RegionCond;
721  friend class FalconPlus::FreeCond;
722  friend class FalconPlus::BitCondVec;
723  friend class FalconPlus::IntraFalcon;
724  friend class FalconPlus::AbstractCondPtr;
725  friend class FalconPlus::FalconAA;
726 
727 public:
728  struct CDGCond {
729  SEGNodeBase *CondNode;
730  BasicBlock *BB;
731  bool Cond;
732 
733  public:
734  CDGCond(SEGNodeBase *CN, BasicBlock *B, bool C)
735  : CondNode(CN), BB(B), Cond(C) {}
736 
737  bool operator<(const CDGCond &RHS) const {
738  return (CondNode < RHS.CondNode) ||
739  (CondNode == RHS.CondNode && BB < RHS.BB) ||
740  (CondNode == RHS.CondNode && BB == RHS.BB && Cond < RHS.Cond);
741  }
742 
743  bool operator==(const CDGCond &RHS) const {
744  return CondNode == RHS.CondNode && BB == RHS.BB && Cond == RHS.Cond;
745  }
746 
747  BasicBlock *getBB() const { return BB; }
748  };
749 
750 private:
751  // The base function for this SEG
752  Function *BaseFunc = nullptr;
753 
754  // All the nodes in seg
755  std::vector<SEGObject *> NodesList;
756 
758  std::unordered_map<Value *, SEGOperandNode *> ValueNodesMap;
759 
763  std::vector<std::pair<Value *, SEGOperandNode *>> ValueNodePairs;
764 
767  std::set<SEGNodeBase *> NonValueNodes;
768 
770  std::map<std::pair<Instruction *, Value *>, SEGStoreMemNode *>
771  StoreMemNodesMap;
772 
774  std::map<Instruction *, SEGSiteBase *> InstSiteMap;
775  std::vector<SEGCallSite *> CallSites;
776 
784  std::map<BasicBlock *, std::set<CDGCond> *> BlockCondMap;
785 
786  int64_t SEGIndex = -1;
787 
788 public:
789  // For Swap
790  int64_t getSEGIndex() const { return SEGIndex; }
791 
792  template <class T> T *getSEGObject(int64_t index) {
793  assert(index == -1 || (index >= 0 && index < NodesList.size()));
794  if (index == -1)
795  return nullptr;
796  auto *Obj = NodesList[index];
797  assert(isa<T>(Obj));
798  return (T *)Obj;
799  }
800 
801 private:
802  /*==--------------------Structures for Inter-procedural
803  * Analysis--------------------==*/
804  SEGCommonReturnNode *CommonReturn = nullptr;
805  kvec<SEGPseudoReturnNode *> PseudoReturns;
806 
807  kvec<SEGCommonArgumentNode *> CommonArgumentNodes;
808  kvec<SEGPseudoArgumentNode *> PseudoArgumentNodes;
809  kvec<SEGVarArgumentNode *> VarArgumentNodes;
810 
811  // Summary Nodes
812  // SEGNodeBase : the node
813  // int : the corresponding ap-depth (0 means ap-depth larger than considered)
814  //
815  // For each ap-depth, there is only one return summary node with a load mem
816  // node as child,
817  // which collects all values with conditions and confidence score, that
818  // may escape to caller with the corresponding ap-depth
819  // For each ap-depth, there can be multiple arg-summary node,
820  // each has a parent to the argument node that is not inlined
821  // Each summary node has type PTGraph::DEFAULT_NON_POINTER_TYPE
822  // which is currently int64 type
823  std::unordered_map<SEGNodeBase *, int> SummaryArgNodes;
824  std::unordered_map<int, std::unordered_set<SEGNodeBase *>>
825  SummaryArgNodesCache;
826  std::unordered_map<SEGNodeBase *, int> SummaryReturnNodes;
827  std::unordered_map<int, std::unordered_set<SEGNodeBase *>>
828  SummaryReturnNodesCache;
829 
831  std::map<std::string, SEGOperandNode *> NameToPseudoArgNode;
832  std::unordered_map<std::string, SEGOperandNode *> NameToNonArgPseudoNode;
833  std::unordered_map<std::string, std::unique_ptr<FalconPlus::PseudoVal>>
834  PseudoValStorage;
835 
836  void addCommonArgumentNodes(SEGCommonArgumentNode *Node);
837 
838  void addPseudoArgumentNodes(SEGPseudoArgumentNode *Node);
839 
840  void addVarArgumentNodes(SEGVarArgumentNode *Node);
841 
842  void setCommonReturnNode(SEGCommonReturnNode *Node);
843 
844  void addPseudoReturnNode(SEGPseudoReturnNode *Node);
845 
846  void addSummaryArgNode(SEGNodeBase *Node, int APDepth);
847 
848  void addSummaryReturnNode(SEGNodeBase *Node, int APDepth);
849 
850 public:
851  size_t getNumCommonArgument() const { return CommonArgumentNodes.size(); }
852 
853  size_t getNumPseudoArgument() const { return PseudoArgumentNodes.size(); }
854 
855  size_t getNumVarArgument() const { return VarArgumentNodes.size(); }
856 
857  size_t getNumPseudoReturn() const { return PseudoReturns.size(); }
858 
859  bool hasCommonReturnNode() const {
860  if (CommonReturn)
861  return true;
862  else
863  return false;
864  }
865 
866  const SEGCommonReturnNode *getCommonReturn() const { return CommonReturn; }
867 
868  const SEGPseudoReturnNode *getPseudoReturn(size_t Index) const {
869  return PseudoReturns[Index];
870  }
871 
872  const SEGCommonArgumentNode *getCommonArgument(size_t Index) const {
873  return CommonArgumentNodes[Index];
874  }
875 
876  const SEGPseudoArgumentNode *getPseudoArgument(size_t Index) const {
877  return PseudoArgumentNodes[Index];
878  }
879 
880  const SEGVarArgumentNode *getVarArgument(size_t Index) const {
881  return VarArgumentNodes[Index];
882  }
883 
884  bool isSummaryArgument(const SEGNodeBase *Node) const;
885 
886  // Return the ap-depth of an SEGNodeBase as summary argument.
887  // If the node is not a summary argument, return -1.
888  int getSummaryArgumentAPDepth(const SEGNodeBase *Node) const;
889 
890  // Get the set of summary argument nodes given APDepth
891  // Return null if not exist
892  std::unordered_set<SEGNodeBase *> *getSummaryArgument(int APDepth) const;
893 
894  bool isSummaryReturn(const SEGNodeBase *Node) const;
895 
896  // Return the ap-depth of an SEGNodeBase as summary return node.
897  // If the node is not a summary return node, return -1.
898  int getSummaryReturnAPDepth(const SEGNodeBase *Node) const;
899 
900  // Get the set of summary return nodes given APDepth
901  // Return null if not exist
902  std::unordered_set<SEGNodeBase *> *getSummaryReturn(int APDepth) const;
903 
904  // Return if the value represented by the Node is directly passed to/from
905  // caller A node is directly passed to/from caller if either it is a common or
906  // pseudo return/argument node or a summary return/argument node. A node is
907  // indirectly passed to/from caller if one of it's ancestor/descendant is
908  // directly passed to/from caller
909  bool isDirectlyPassedToCaller(const SEGNodeBase *Node) const;
910  bool isDirectlyPassedFromCaller(const SEGNodeBase *Node) const;
911 
912 private:
913  // Cache of region nodes to avoid multiple creation of same regions
914  // Positive regions: Value of SEGNodeBase is true
915  // Negative regions: Value of SEGNodeBase is false
916  // compond_regions_cache_and: SEGRegionNode(3) is SEGRegionNode(1) and
917  // SEGRegionNode(2) compond_regions_cache_or: SEGRegionNode(3) is
918  // SEGRegionNode(1) or SEGRegionNode(2) Note, for compound regions, we assume
919  // (pointer) value SEGRegionNode*(1) < SEGRegionNode*(2)
920  std::unordered_map<SEGNodeBase *, SEGRegionNode *> positive_regions_cache;
921  std::unordered_map<SEGNodeBase *, SEGRegionNode *> negative_regions_cache;
922  std::unordered_map<SEGRegionNode *,
923  std::unordered_map<SEGRegionNode *, SEGRegionNode *>>
924  compound_regions_cache_and;
925  std::unordered_map<SEGRegionNode *,
926  std::unordered_map<SEGRegionNode *, SEGRegionNode *>>
927  compound_regions_cache_or;
928 
929  // cache the corresponding region nodes for basic blocks
930  std::unordered_map<BasicBlock *, SEGRegionNode *> bb_region_cache;
931 
932 public:
933  void clearRegionNodeCache();
934 
935 private:
936  // All the functions that may change the SEG (i.e. have side-effects on the
937  // SEG) are private) Meaning that the SEG cannot be changed once created. Only
938  // friend class of SEG can modify the SEG, which is used to protect the SEG
939  // from modified by checkers
940 
951  SEGOperandNode *findOrCreateNode(Value *Val, Type *Ty, BasicBlock *BB);
952 
955  template <class OperandNodeTy>
956  OperandNodeTy *findOrCreateOperandNode(Value *Val, Type *Ty, BasicBlock *BB,
957  bool fromDisk = false) {
958  assert(Ty && BB);
959  assert(Val && !Val->getType()->isVoidTy());
960  assert((!(dyn_cast<Instruction>(Val)) ||
961  BB == ((Instruction *)Val)->getParent()) &&
962  "Incorrect BasicBlock detected");
963 
964  auto It = ValueNodesMap.find(Val);
965  if (It != ValueNodesMap.end()) {
966  assert(isa<OperandNodeTy>(It->second));
967  return (OperandNodeTy *)It->second;
968  } else {
969  auto *N = new OperandNodeTy(Val, Ty, this, BB, fromDisk);
970  ValueNodePairs.push_back({Val, N});
971  ValueNodesMap[Val] = N;
972  return N;
973  }
974  }
975 
977 
978  template <class OperandNodeTy>
979  OperandNodeTy *clonePseudoVal(
980  const FalconPlus::PseudoVal *Arg,
981  std::function<OperandNodeTy *(const FalconPlus::PseudoVal *)> Proc) {
982  const std::string &ArgName = Arg->getName();
983  auto ClonedArg = std::unique_ptr<FalconPlus::PseudoVal>(Arg->clone());
984  auto *ArgNode = Proc(ClonedArg.get());
985 
986  if (std::is_same<OperandNodeTy, SEGPseudoArgumentNode>::value) {
987  NameToPseudoArgNode.insert(std::make_pair(ArgName, ArgNode));
988  } else {
989  NameToNonArgPseudoNode.insert(std::make_pair(ArgName, ArgNode));
990  }
991 
992  assert(!PseudoValStorage.count(ArgName));
993  PseudoValStorage.insert({ArgName, std::move(ClonedArg)});
994  return ArgNode;
995  }
996 
997  template <class OperandNodeTy>
998  OperandNodeTy *findOrClonePseudoVal(
999  const FalconPlus::PseudoVal *Arg,
1000  std::function<OperandNodeTy *(const FalconPlus::PseudoVal *)> Proc) {
1001  const std::string &ArgName = Arg->getName();
1002  if (std::is_same<OperandNodeTy, SEGPseudoArgumentNode>::value) {
1003  if (NameToPseudoArgNode.count(ArgName)) {
1004  return cast<OperandNodeTy>(NameToPseudoArgNode.at(ArgName));
1005  }
1006  } else {
1007  if (NameToNonArgPseudoNode.count(ArgName)) {
1008  static_assert(
1009  std::is_base_of<SEGOperandNode, OperandNodeTy>::value,
1010  "OperandNodeTy must be a derived class of SEGOperandNode.");
1011  return cast<OperandNodeTy>(NameToNonArgPseudoNode.at(ArgName));
1012  }
1013  }
1014 
1015  return clonePseudoVal<OperandNodeTy>(Arg, Proc);
1016  }
1017 
1018  SEGPseudoArgumentNode *
1019  findOrCreatePseudoArgumentNode(const FalconPlus::PseudoVal *Arg,
1020  BasicBlock *BB);
1021  // Call this after all pseudo args have been created.
1022  void finalizePseudoArgumentNodes();
1023  SEGOperandNode *
1024  findOrCreateSimpleOperandFromPseudoVal(const FalconPlus::PseudoVal *Arg,
1025  BasicBlock *BB);
1026  SEGPseudoReturnNode *createPseudoReturnNode(const FalconPlus::PseudoVal *Arg,
1027  BasicBlock *BB);
1028  SEGCallSitePseudoInputNode *
1029  createPseudoInputNode(const FalconPlus::PseudoVal *Arg, BasicBlock *BB,
1030  CallSite CS, Function *Callee);
1031  SEGCallSitePseudoOutputNode *
1032  createPseudoOutputNode(const FalconPlus::PseudoVal *Arg, BasicBlock *BB,
1033  CallInst *Call, Function *Callee);
1034 
1035  template <class OperandNodeTy>
1036  OperandNodeTy *CreateUniqueOperandNode(Value *Val, Type *Ty, BasicBlock *BB,
1037  bool fromDisk = false) {
1038  assert(Ty && BB);
1039  assert(Val && !Val->getType()->isVoidTy());
1040  assert((!(dyn_cast<Instruction>(Val)) ||
1041  BB == ((Instruction *)Val)->getParent()) &&
1042  "Incorrect BasicBlock detected");
1043 
1044  auto *N = new OperandNodeTy(Val, Ty, this, BB, fromDisk);
1045  ValueNodesMap[Val] = N;
1046  ValueNodePairs.push_back({Val, N});
1047  return N;
1048  }
1049 
1050  template <class OperandNodeTy>
1051  OperandNodeTy *createOperandNode(Type *Ty, BasicBlock *BB,
1052  bool fromDisk = false) {
1053  assert(Ty);
1054  assert(BB);
1055  auto *Ret = new OperandNodeTy(Ty, this, BB, fromDisk);
1056  NonValueNodes.insert(Ret);
1057  return Ret;
1058  }
1059 
1062  template <class SiteTy>
1063  SiteTy *findOrCreateSite(Instruction *I, bool fromDisk = false) {
1064  assert(I);
1065 
1066  auto It = InstSiteMap.find(I);
1067  if (It != InstSiteMap.end()) {
1068  assert(isa<SiteTy>(It->second));
1069  return (SiteTy *)It->second;
1070  } else {
1071  SiteTy *N = new SiteTy(I, this, fromDisk);
1072  InstSiteMap[I] = N;
1073 
1074  if (SEGCallSite *CS = dyn_cast<SEGCallSite>(N)) {
1075  CallSites.push_back(CS);
1076  }
1077 
1078  return N;
1079  }
1080  }
1081 
1082  // Create callSite argument summary node as operandNode(Type* Ty,
1083  // SymbolicExprGraph* SEG, BasicBlock* BB) for call site Callsite with
1084  // ap-depth APDepth
1085  SEGCallSiteArgumentSummaryNode *
1086  createCallSiteArgumentSummaryNode(Type *Ty, BasicBlock *BB,
1087  Instruction *Callsite, int APDepth,
1088  bool fromDisk = false);
1089 
1090  // Create callSite return summary node as operandNode(Type* Ty,
1091  // SymbolicExprGraph* SEG, BasicBlock* BB) for call site Callsite, with value
1092  // confidence Confidence
1093  SEGCallSiteReturnSummaryNode *
1094  createCallSiteReturnSummaryNode(Type *Ty, BasicBlock *BB,
1095  Instruction *Callsite, float Confidence,
1096  bool fromDisk = false);
1097 
1098  // find or create a call site output node
1099  SEGCallSiteOutputNode *
1100  findOrCreateCallSiteOutputNode(Value *Val, Type *Ty, BasicBlock *BB,
1101  CallSite CS, Function *Callee, bool IsCommon);
1102 
1103  SEGCallSiteOutputNode *createCallSiteOutputNode(Value *Val, Type *Ty,
1104  BasicBlock *BB, CallSite CS,
1105  Function *Callee,
1106  bool IsCommon,
1107  bool fromDisk = false);
1108 
1109  // find or create a call site pseudo input node
1110  SEGCallSitePseudoInputNode *
1111  findOrCreateCallSitePseudoInputNode(Value *Val, Type *Ty, BasicBlock *BB,
1112  CallSite CS, Function *Callee,
1113  bool fromDisk = false);
1114 
1116  SEGStoreMemNode *findOrCreateStoreMemNode(Type *Ty, Instruction *StoreSite,
1117  Value *StoreVal, BasicBlock *BB,
1118  bool fromDisk = false);
1119 
1120  // Create a region node
1121  SEGRegionNode *createRegionNode(SEGNodeBase *cond_node = nullptr,
1122  bool cond = false, bool fromDisk = false);
1123 
1124  // Find or create a Region node from a region unit (with boolean value
1125  // cond_node == cond)
1126  SEGRegionNode *findOrCreateUnitRegion(SEGNodeBase *cond_node, bool cond);
1127 
1128  // Find or create a Region node "region1 and region2"
1129  SEGRegionNode *findOrCreateAndRegion(SEGRegionNode *region1,
1130  SEGRegionNode *region2);
1131 
1132  // Find or create a Region node "region1 or region2"
1133  SEGRegionNode *findOrCreateOrRegion(SEGRegionNode *region1,
1134  SEGRegionNode *region2);
1135 
1136  // Find or create a Region node "not region1"
1137  SEGRegionNode *findOrCreateNotRegion(SEGRegionNode *region1);
1138 
1139  // Find or create a node representing a constant bool value : Constant True or
1140  // Constant False
1141  SEGOperandNode *findOrCreateConstantBoolNode(bool bool_val);
1142 
1146  SEGSimpleOpcodeNode *createExpr(SEGOpcodeNode::CodeKind Opcode, Type *Ty,
1147  BasicBlock *BB, SEGNodeBase *FirstOperand,
1148  ...);
1149 
1153  SEGSimpleOpcodeNode *createExpr(SEGOpcodeNode::CodeKind Opcode, Type *Ty,
1154  BasicBlock *BB, const kvec<SEGNodeBase *> &,
1155  bool fromDisk = false);
1156 
1158  SEGCastNode *createCastExpr(SEGOpcodeNode::CodeKind Opcode, Type *Ty,
1159  BasicBlock *BB, SEGNodeBase *Op, uint64_t OSz,
1160  uint64_t TSz, bool fromDisk = false);
1161 
1163  SEGBinaryWithIntConstNode *
1164  createBinaryWithIntConstExpr(SEGOpcodeNode::CodeKind Opcode, Type *Ty,
1165  BasicBlock *BB, SEGNodeBase *Op, uint64_t TSz,
1166  bool fromDisk = false);
1167 
1169  void addBlockCond(BasicBlock *CurrBB, SEGNodeBase *BrNode, BasicBlock *DepBB,
1170  bool Label);
1171 
1172 public:
1173  SymbolicExprGraph(Function *);
1174  ~SymbolicExprGraph();
1175 
1176  Function *getBaseFunc() const { return BaseFunc; }
1177 
1180  template <class SiteTy> SiteTy *findSite(Instruction *I) const {
1181  assert(I);
1182 
1183  auto It = InstSiteMap.find(I);
1184  if (It != InstSiteMap.end()) {
1185  // assert(isa<SiteTy>(It->second));
1186  return dyn_cast<SiteTy>(It->second);
1187  } else {
1188  return nullptr;
1189  }
1190  }
1191 
1198  template <class SiteTy> SiteTy *findSite(SEGValue *sValue) const {
1199  Instruction *I = dyn_cast<Instruction>(sValue->getValue());
1200  assert(I);
1201 
1202  auto It = InstSiteMap.find(I);
1203  if (It != InstSiteMap.end()) {
1204  // assert(isa<SiteTy>(It->second));
1205  return dyn_cast<SiteTy>(It->second);
1206  } else {
1207  return nullptr;
1208  }
1209  }
1210 
1213  SEGOperandNode *findNode(Value *) const;
1214 
1215  SEGOperandNode *findNode(SEGValue *) const;
1216 
1217  // Find the Region node from a region unit (with boolean value cond_node ==
1218  // cond)
1220  SEGRegionNode *findUnitRegion(SEGNodeBase *cond_node, bool cond) const;
1221 
1222  // Find the Region node "region1 and region2"
1224  SEGRegionNode *findAndRegion(SEGRegionNode *region1,
1225  SEGRegionNode *region2) const;
1226 
1227  // Find the Region node "region1 or region2"
1229  SEGRegionNode *findOrRegion(SEGRegionNode *region1,
1230  SEGRegionNode *region2) const;
1231 
1232  // Find the Region node "not region1"
1234  SEGRegionNode *findNotRegion(SEGRegionNode *region1) const;
1235 
1239  const std::set<CDGCond> *getBlockCond(BasicBlock *BB) const {
1240  auto It = BlockCondMap.find(BB);
1241  if (It != BlockCondMap.end()) {
1242  return It->second;
1243  }
1244  return nullptr;
1245  }
1246 
1248  void dot(const char *FileName) const;
1249 
1251  void dot(std::vector<const SEGNodeBase *> Srcs, const char *FileName) const;
1252 
1254  void validate();
1255 
1256  // Return the region node for the corresponding basicblock, if not computed,
1257  // we compute and generate a new region
1258  SEGRegionNode *findOrCreateRegionForBB(BasicBlock *BB);
1259 
1260  // Find the region for BB. If the region is not computed, we return null
1261  SEGRegionNode *findRegionForBB(BasicBlock *BB) const;
1262 
1263  /*==------------------------Iterators--------------------==*/
1264 
1265  std::unordered_map<Value *, SEGOperandNode *>::const_iterator
1266  value_node_begin() const {
1267  return ValueNodesMap.begin();
1268  }
1269 
1270  std::unordered_map<Value *, SEGOperandNode *>::const_iterator
1271  value_node_end() const {
1272  return ValueNodesMap.end();
1273  }
1274 
1275  std::vector<std::pair<Value *, SEGOperandNode *>>::const_iterator
1276  value_node_pair_begin() const {
1277  return ValueNodePairs.begin();
1278  }
1279 
1280  std::vector<std::pair<Value *, SEGOperandNode *>>::const_iterator
1281  value_node_pair_end() const {
1282  return ValueNodePairs.end();
1283  }
1284 
1285  std::set<SEGNodeBase *>::const_iterator non_value_node_begin() const {
1286  return NonValueNodes.begin();
1287  }
1288 
1289  std::set<SEGNodeBase *>::const_iterator non_value_node_end() const {
1290  return NonValueNodes.end();
1291  }
1292 
1293  std::map<Instruction *, SEGSiteBase *>::const_iterator
1294  inst_site_begin() const {
1295  return InstSiteMap.begin();
1296  }
1297 
1298  std::map<Instruction *, SEGSiteBase *>::const_iterator inst_site_end() const {
1299  return InstSiteMap.end();
1300  }
1301 
1302  std::map<std::pair<Instruction *, Value *>, SEGStoreMemNode *>::const_iterator
1303  store_mem_node_begin() const {
1304  return StoreMemNodesMap.begin();
1305  }
1306 
1307  std::map<std::pair<Instruction *, Value *>, SEGStoreMemNode *>::const_iterator
1308  store_mem_node_end() const {
1309  return StoreMemNodesMap.end();
1310  }
1311 
1312  std::map<Instruction *, SEGSiteBase *>::const_iterator site_begin() const {
1313  return InstSiteMap.begin();
1314  }
1315 
1316  std::map<Instruction *, SEGSiteBase *>::const_iterator site_end() const {
1317  return InstSiteMap.end();
1318  }
1319 
1320  std::vector<SEGObject *>::const_iterator node_begin() const {
1321  return NodesList.begin();
1322  }
1323 
1324  std::vector<SEGObject *>::const_iterator node_end() const {
1325  return NodesList.end();
1326  }
1327 
1328  class ReturnIterator {
1329  private:
1330  size_t I;
1331  SEGCommonReturnNode *CommonRet;
1332  const kvec<SEGPseudoReturnNode *> &PseudoRets;
1333 
1334  public:
1335  ReturnIterator(size_t Id, SEGCommonReturnNode *CR,
1336  const kvec<SEGPseudoReturnNode *> &PRs)
1337  : I(Id), CommonRet(CR), PseudoRets(PRs) {}
1338 
1339  ReturnIterator(const ReturnIterator &It)
1340  : I(It.I), CommonRet(It.CommonRet), PseudoRets(It.PseudoRets) {}
1341 
1342  ReturnIterator &operator++() {
1343  I++;
1344  return *this;
1345  }
1346 
1347  ReturnIterator operator++(int) {
1348  ReturnIterator Old(*this);
1349  ++(*this);
1350  return Old;
1351  }
1352 
1353  const SEGReturnNode *operator*() {
1354  if (CommonRet) {
1355  if (I == 0) {
1356  return (const SEGReturnNode *)CommonRet;
1357  } else {
1358  return (const SEGReturnNode *)PseudoRets[I - 1];
1359  }
1360  } else {
1361  return (const SEGReturnNode *)PseudoRets[I];
1362  }
1363  }
1364 
1365  bool operator==(const ReturnIterator &It) { return I == It.I; }
1366 
1367  bool operator!=(const ReturnIterator &It) { return I != It.I; }
1368  };
1369 
1370  ReturnIterator return_begin() const {
1371  return ReturnIterator(0, CommonReturn, PseudoReturns);
1372  }
1373 
1374  ReturnIterator return_end() const {
1375  return ReturnIterator(getNumPseudoReturn() + (getCommonReturn() ? 1 : 0),
1376  CommonReturn, PseudoReturns);
1377  }
1378 
1379  ReturnIterator pseudo_return_begin() const {
1380  size_t StartIndex = getCommonReturn() ? 1 : 0;
1381  return ReturnIterator(StartIndex, CommonReturn, PseudoReturns);
1382  }
1383 
1384  ReturnIterator pseudo_return_end() const { return return_end(); }
1385 
1386  class ArgumentIterator {
1387  private:
1388  size_t I;
1389  const kvec<SEGCommonArgumentNode *> &CommonArgs;
1390  const kvec<SEGPseudoArgumentNode *> &PseudoArgs;
1391  const kvec<SEGVarArgumentNode *> &VarArgs;
1392 
1393  public:
1394  ArgumentIterator(size_t Id, const kvec<SEGCommonArgumentNode *> &CA,
1395  const kvec<SEGPseudoArgumentNode *> &PA,
1396  const kvec<SEGVarArgumentNode *> &VA)
1397  : I(Id), CommonArgs(CA), PseudoArgs(PA), VarArgs(VA) {}
1398 
1399  ArgumentIterator(const ArgumentIterator &It)
1400  : I(It.I), CommonArgs(It.CommonArgs), PseudoArgs(It.PseudoArgs),
1401  VarArgs(It.VarArgs) {}
1402 
1403  ArgumentIterator &operator++() {
1404  I++;
1405  return *this;
1406  }
1407 
1408  ArgumentIterator operator++(int) {
1409  ArgumentIterator Old(*this);
1410  ++(*this);
1411  return Old;
1412  }
1413 
1414  const SEGArgumentNode *operator*() {
1415  if (I < (size_t)CommonArgs.size()) {
1416  return (const SEGArgumentNode *)CommonArgs[I];
1417  }
1418 
1419  if (I < (size_t)(CommonArgs.size() + PseudoArgs.size())) {
1420  return (const SEGArgumentNode *)PseudoArgs[I - CommonArgs.size()];
1421  }
1422 
1423  assert(I <
1424  (size_t)(CommonArgs.size() + PseudoArgs.size() + VarArgs.size()));
1425  return (const SEGArgumentNode *)
1426  VarArgs[I - (CommonArgs.size() + PseudoArgs.size())];
1427  }
1428 
1429  bool operator==(const ArgumentIterator &It) { return I == It.I; }
1430 
1431  bool operator!=(const ArgumentIterator &It) { return I != It.I; }
1432  };
1433 
1434  ArgumentIterator arg_begin() const {
1435  return ArgumentIterator(0, CommonArgumentNodes, PseudoArgumentNodes,
1436  VarArgumentNodes);
1437  }
1438 
1439  ArgumentIterator arg_end() const {
1440  size_t NumArgs =
1441  getNumCommonArgument() + getNumPseudoArgument() + getNumVarArgument();
1442  return ArgumentIterator(NumArgs, CommonArgumentNodes, PseudoArgumentNodes,
1443  VarArgumentNodes);
1444  }
1445 
1446  ArgumentIterator common_arg_begin() const { return arg_begin(); }
1447 
1448  ArgumentIterator common_arg_end() const {
1449  size_t NumArgs = getNumCommonArgument();
1450  return ArgumentIterator(NumArgs, CommonArgumentNodes, PseudoArgumentNodes,
1451  VarArgumentNodes);
1452  }
1453 
1454  ArgumentIterator pseudo_arg_begin() const { return common_arg_end(); }
1455 
1456  ArgumentIterator pseudo_arg_end() const {
1457  size_t EndId = getNumCommonArgument() + getNumPseudoArgument();
1458  return ArgumentIterator(EndId, CommonArgumentNodes, PseudoArgumentNodes,
1459  VarArgumentNodes);
1460  }
1461 
1462  ArgumentIterator var_arg_begin() const { return pseudo_arg_end(); }
1463 
1464  ArgumentIterator var_arg_end() const { return arg_end(); }
1465 
1466  typedef std::vector<SEGCallSite *>::const_iterator SEGCallSiteIterator;
1467  SEGCallSiteIterator seg_callsite_begin() const { return CallSites.begin(); }
1468 
1469  SEGCallSiteIterator seg_callsite_end() const { return CallSites.end(); }
1470 };
1471 
1472 #endif
SEGStoreMemNode
Definition: SEGStoreMemNode.h:23
SymbolicExprGraph::dot
void dot(const char *FileName) const
Dot this graph to a file with filename.
Definition: SymbolicExprGraph.cpp:895
SEGVarArgumentNode
Definition: SEGArgumentNode.h:89
SymbolicExprGraph::getBlockCond
const std::set< CDGCond > * getBlockCond(BasicBlock *BB) const
Definition: SymbolicExprGraph.h:1239
SymbolicExprGraph::ReturnIterator
Definition: SymbolicExprGraph.h:1328
SEGOpcodeNode::CK_FUGE
@ CK_FUGE
1 0 1 1 True if unordered, greater than, or equal
Definition: SymbolicExprGraph.h:583
SEGOperandNode
Definition: SymbolicExprGraph.h:456
SEGPseudoArgumentNode
Definition: SEGArgumentNode.h:121
SEGOpcodeNode::CK_FOGE
@ CK_FOGE
0 0 1 1 True if ordered and greater than or equal
Definition: SymbolicExprGraph.h:575
SEGOpcodeNode::CK_ISGT
@ CK_ISGT
signed greater than
Definition: SymbolicExprGraph.h:596
SEGOpcodeNode::CK_FOEq
@ CK_FOEq
0 0 0 1 True if ordered and equal
Definition: SymbolicExprGraph.h:573
SEGCallSiteOutputNode
Definition: SEGCallSiteOutputNode.h:19
SEGSimpleOpcodeNode
Definition: SEGSimpleOpcodeNode.h:18
SEGCallSite
Definition: SEGCallSite.h:51
SEGOpcodeNode::CK_FOrd
@ CK_FOrd
0 1 1 1 True if ordered (no nans)
Definition: SymbolicExprGraph.h:579
SEGOpcodeNode::CK_FONE
@ CK_FONE
0 1 1 0 True if ordered and operands are unequal
Definition: SymbolicExprGraph.h:578
SEGOpcodeNode::CodeKind
CodeKind
Definition: SymbolicExprGraph.h:522
SEGOpcodeNode::CK_FOLE
@ CK_FOLE
0 1 0 1 True if ordered and less than or equal
Definition: SymbolicExprGraph.h:577
SEGCallSiteArgumentSummaryNode
Definition: SEGCallSiteArgumentSummaryNode.h:17
SEGCastNode
Definition: SEGCastNode.h:18
SEGCommonArgumentNode
Definition: SEGArgumentNode.h:42
SEGOpcodeNode::CK_FULT
@ CK_FULT
1 1 0 0 True if unordered or less than
Definition: SymbolicExprGraph.h:584
SymbolicExprGraph
Definition: SymbolicExprGraph.h:708
SEGNodeBase::ValueFlowIterator
Definition: SymbolicExprGraph.h:338
SEGOpcodeNode::CK_ISLE
@ CK_ISLE
signed less or equal
Definition: SymbolicExprGraph.h:599
SEGOpcodeNode::CK_IULT
@ CK_IULT
unsigned less than
Definition: SymbolicExprGraph.h:594
SEGOpcodeNode::CK_IULE
@ CK_IULE
unsigned less or equal
Definition: SymbolicExprGraph.h:595
SEGOpcodeNode::CK_IEq
@ CK_IEq
equal
Definition: SymbolicExprGraph.h:590
SymbolicExprGraph::ArgumentIterator
Definition: SymbolicExprGraph.h:1386
SEGArgumentNode
Definition: SEGArgumentNode.h:18
SEGCallSiteReturnSummaryNode
Definition: SEGCallSiteReturnSummaryNode.h:20
SymbolicExprGraph::CDGCond
Definition: SymbolicExprGraph.h:728
SEGOpcodeNode::CK_IUGT
@ CK_IUGT
unsigned greater than
Definition: SymbolicExprGraph.h:592
SEGValue::getValue
Value * getValue()
Get Value.
Definition: SEGValue.h:66
SEGCommonReturnNode
Definition: SEGReturnNode.h:56
SEGOpcodeNode::CK_FUno
@ CK_FUno
1 0 0 0 True if unordered: isnan(X) | isnan(Y)
Definition: SymbolicExprGraph.h:580
SEGOptions
Definition: SymbolicExprGraph.h:70
SymbolicExprGraphBuilder
Definition: SymbolicExprGraphBuilder.h:40
SEGOpcodeNode::CK_ISGE
@ CK_ISGE
signed greater or equal
Definition: SymbolicExprGraph.h:597
SEGObject
Definition: SymbolicExprGraph.h:76
SEGOpcodeNode::CK_IUGE
@ CK_IUGE
unsigned greater or equal
Definition: SymbolicExprGraph.h:593
SEGCallSitePseudoInputNode
Definition: SEGCallSitePseudoInputNode.h:29
OCValueFlowBuilder
Definition: OCValueFlowBuilder.h:25
SEGValue
Definition: SEGValue.h:38
SEGPhiNode
Definition: SEGPhiNode.h:28
SEGOpcodeNode::CK_FOGT
@ CK_FOGT
0 0 1 0 True if ordered and greater than
Definition: SymbolicExprGraph.h:574
SEGOpcodeNode::CK_FUEq
@ CK_FUEq
1 0 0 1 True if unordered or equal
Definition: SymbolicExprGraph.h:581
SEGRegionNode
Definition: SEGRegionNode.h:34
SEGNodeBase::getLLVMType
Type * getLLVMType() const
get the type size of the node
Definition: SymbolicExprGraph.h:284
SEGOpcodeNode::CK_ISLT
@ CK_ISLT
signed less than
Definition: SymbolicExprGraph.h:598
SEGOpcodeNode::CK_FULE
@ CK_FULE
1 1 0 1 True if unordered, less than, or equal
Definition: SymbolicExprGraph.h:585
SEGOpcodeNode::CK_FUGT
@ CK_FUGT
1 0 1 0 True if unordered or greater than
Definition: SymbolicExprGraph.h:582
SEGCallSitePseudoOutputNode
Definition: SEGCallSiteOutputNode.h:76
SEGOpcodeNode::CK_FTrue
@ CK_FTrue
1 1 1 1 Always true (always folded)
Definition: SymbolicExprGraph.h:587
SEGOpcodeNode::CK_FUNE
@ CK_FUNE
1 1 1 0 True if unordered or not equal
Definition: SymbolicExprGraph.h:586
SEGPseudoReturnNode
Definition: SEGReturnNode.h:76
SEGOpcodeNode
Definition: SymbolicExprGraph.h:519
SymbolicExprGraph::findSite
SiteTy * findSite(SEGValue *sValue) const
Get site node based on Value and specific comparison method.
Definition: SymbolicExprGraph.h:1198
SymbolicExprGraph::findSite
SiteTy * findSite(Instruction *I) const
Definition: SymbolicExprGraph.h:1180
SEGSiteBase
Definition: SymbolicExprGraph.h:663
SEGReturnNode
The return node.
Definition: SEGReturnNode.h:25
seg_cmp
Definition: SymbolicExprGraph.h:226
SEGOpcodeNode::CK_INE
@ CK_INE
not equal
Definition: SymbolicExprGraph.h:591
SEGLoadMemNode
Definition: SEGLoadMemNode.h:21
SEGNodeBase
The node base of symbolic expression graph.
Definition: SymbolicExprGraph.h:244
SEGBinaryWithIntConstNode
Definition: SEGBinaryWithIntConstNode.h:19
SEGOpcodeNode::CK_FOLT
@ CK_FOLT
0 1 0 0 True if ordered and less than
Definition: SymbolicExprGraph.h:576
Generated by   doxygen 1.8.17