Module InferIR__Sil
Programs and Types
type if_kind
=
|
Ik_bexp
boolean expressions, and exp ? exp : exp
|
Ik_dowhile
|
Ik_for
|
Ik_if
|
Ik_land_lor
obtained from translation of && or ||
|
Ik_while
|
Ik_switch
Kind of prune instruction
type instr_metadata
=
|
Abstract of InferBase.Location.t
a good place to apply abstraction, mostly used in the biabduction analysis
|
ExitScope of InferIR.Var.t list * InferBase.Location.t
remove temporaries and dead program variables
|
Nullify of InferIR.Pvar.t * InferBase.Location.t
nullify stack variable
|
Skip
no-op
|
VariableLifetimeBegins of InferIR.Pvar.t * InferIR.Typ.t * InferBase.Location.t
stack variable declared
val compare_instr_metadata : instr_metadata -> instr_metadata -> int
type instr
=
|
Load of InferIR.Ident.t * InferIR.Exp.t * InferIR.Typ.t * InferBase.Location.t
Load a value from the heap into an identifier.
x = *lexp:typ
wherelexp
is an expression denoting a heap addresstyp
is the root type oflexp
.|
Store of InferIR.Exp.t * InferIR.Typ.t * InferIR.Exp.t * InferBase.Location.t
Store the value of an expression into the heap.
*lexp1:typ = exp2
wherelexp1
is an expression denoting a heap addresstyp
is the root type oflexp1
exp2
is the expression whose value is stored.|
Prune of InferIR.Exp.t * InferBase.Location.t * bool * if_kind
prune the state based on
exp=1
, the boolean indicates whether true branch|
Call of InferIR.Ident.t * InferIR.Typ.t * InferIR.Exp.t * (InferIR.Exp.t * InferIR.Typ.t) list * InferBase.Location.t * InferIR.CallFlags.t
Call ((ret_id, ret_typ), e_fun, arg_ts, loc, call_flags)
represents an instructionret_id = e_fun(arg_ts);
|
Metadata of instr_metadata
hints about the program that are not strictly needed to understand its semantics, for instance information about its original syntactic structure
An instruction.
val equal_instr : instr -> instr -> bool
val skip_instr : instr
val instr_is_auxiliary : instr -> bool
Check if an instruction is auxiliary, or if it comes from source instructions.
type offset
=
|
Off_fld of InferIR.Typ.Fieldname.t * InferIR.Typ.t
|
Off_index of InferIR.Exp.t
Offset for an lvalue.
Components of Propositions
type atom
=
|
Aeq of InferIR.Exp.t * InferIR.Exp.t
equality
|
Aneq of InferIR.Exp.t * InferIR.Exp.t
disequality
|
Apred of InferIR.PredSymb.t * InferIR.Exp.t list
predicate symbol applied to exps
|
Anpred of InferIR.PredSymb.t * InferIR.Exp.t list
negated predicate symbol applied to exps
an atom is a pure atomic formula
type lseg_kind
=
|
Lseg_NE
nonempty (possibly circular) listseg
|
Lseg_PE
possibly empty (possibly circular) listseg
kind of lseg or dllseg predicates
type zero_flag
= bool option
The boolean is true when the pointer was dereferenced without testing for zero.
type null_case_flag
= bool
True when the value was obtained by doing case analysis on null in a procedure call.
type inst
=
|
Iabstraction
|
Iactual_precondition
|
Ialloc
|
Iformal of zero_flag * null_case_flag
|
Iinitial
|
Ilookup
|
Inone
|
Inullify
|
Irearrange of zero_flag * null_case_flag * int * InferIR.PredSymb.path_pos
|
Itaint
|
Iupdate of zero_flag * null_case_flag * int * InferIR.PredSymb.path_pos
|
Ireturn_from_call of int
instrumentation of heap values
val equal_inst : inst -> inst -> bool
val inst_actual_precondition : inst
val inst_formal : inst
val inst_initial : inst
for formal parameters and heap values at the beginning of the function
val inst_lookup : inst
for initial values
val inst_none : inst
val inst_nullify : inst
val inst_rearrange : bool -> InferBase.Location.t -> InferIR.PredSymb.path_pos -> inst
the boolean indicates whether the pointer is known nonzero
val inst_update : InferBase.Location.t -> InferIR.PredSymb.path_pos -> inst
val inst_set_null_case_flag : inst -> inst
Set the null case flag of the inst.
val inst_new_loc : InferBase.Location.t -> inst -> inst
update the location of the instrumentation
type 'inst strexp0
=
|
Eexp of InferIR.Exp.t * 'inst
Base case: expression with instrumentation
|
Estruct of (InferIR.Typ.Fieldname.t * 'inst strexp0) list * 'inst
C structure
|
Earray of InferIR.Exp.t * (InferIR.Exp.t * 'inst strexp0) list * 'inst
Array of given length There are two conditions imposed / used in the array case. First, if some index and value pair appears inside an array in a strexp, then the index is less than the length of the array. For instance, x |->
10 | e1: v1
implies that e1 <= 9. Second, if two indices appear in an array, they should be different. For instance, x |->10 | e1: v1, e2: v2
implies that e1 != e2.structured expressions represent a value of structured type, such as an array or a struct.
val compare_strexp : ?inst:bool -> strexp -> strexp -> int
Comparison function for strexp. The inst:: parameter specifies whether instumentations should also be considered (false by default).
val equal_strexp : ?inst:bool -> strexp -> strexp -> bool
Equality function for strexp. The inst:: parameter specifies whether instumentations should also be considered (false by default).
type 'inst hpred0
=
|
Hpointsto of InferIR.Exp.t * 'inst strexp0 * InferIR.Exp.t
represents
exp|->strexp:typexp
wheretypexp
is an expression representing a type, e.h.sizeof(t)
.|
Hlseg of lseg_kind * 'inst hpara0 * InferIR.Exp.t * InferIR.Exp.t * InferIR.Exp.t list
higher - order predicate for singly - linked lists. Should ensure that exp1!= exp2 implies that exp1 is allocated. This assumption is used in the rearrangement. The last
exp list
parameter is used to denote the shared links by all the nodes in the list.|
Hdllseg of lseg_kind * 'inst hpara_dll0 * InferIR.Exp.t * InferIR.Exp.t * InferIR.Exp.t * InferIR.Exp.t * InferIR.Exp.t list
higher-order predicate for doubly-linked lists. Parameter for the higher-order singly-linked list predicate. Means "lambda (root,next,svars). Exists evars. body". Assume that root, next, svars, evars are disjoint sets of primed identifiers, and include all the free primed identifiers in body. body should not contain any non - primed identifiers or program variables (i.e. pvars).
an atomic heap predicate
and 'inst hpara0
=
{
root : InferIR.Ident.t;
next : InferIR.Ident.t;
svars : InferIR.Ident.t list;
evars : InferIR.Ident.t list;
body : 'inst hpred0 list;
}
and 'inst hpara_dll0
=
{
cell : InferIR.Ident.t;
address cell
blink : InferIR.Ident.t;
backward link
flink : InferIR.Ident.t;
forward link
svars_dll : InferIR.Ident.t list;
evars_dll : InferIR.Ident.t list;
body_dll : 'inst hpred0 list;
}
parameter for the higher-order doubly-linked list predicates. Assume that all the free identifiers in body_dll should belong to cell, blink, flink, svars_dll, evars_dll.
val compare_hpred0 : ('inst -> 'inst -> int) -> 'inst hpred0 -> 'inst hpred0 -> int
val compare_hpara0 : ('inst -> 'inst -> int) -> 'inst hpara0 -> 'inst hpara0 -> int
val compare_hpara_dll0 : ('inst -> 'inst -> int) -> 'inst hpara_dll0 -> 'inst hpara_dll0 -> int
val compare_hpred0 : ('inst -> 'inst -> int) -> 'inst hpred0 -> 'inst hpred0 -> int
val compare_hpara0 : ('inst -> 'inst -> int) -> 'inst hpara0 -> 'inst hpara0 -> int
val compare_hpara_dll0 : ('inst -> 'inst -> int) -> 'inst hpara_dll0 -> 'inst hpara_dll0 -> int
val compare_hpred0 : ('inst -> 'inst -> int) -> 'inst hpred0 -> 'inst hpred0 -> int
val compare_hpara0 : ('inst -> 'inst -> int) -> 'inst hpara0 -> 'inst hpara0 -> int
val compare_hpara_dll0 : ('inst -> 'inst -> int) -> 'inst hpara_dll0 -> 'inst hpara_dll0 -> int
val compare_hpred : ?inst:bool -> hpred -> hpred -> int
Comparison function for hpred. The inst:: parameter specifies whether instumentations should also be considered (false by default).
val equal_hpred : ?inst:bool -> hpred -> hpred -> bool
Equality function for hpred. The inst:: parameter specifies whether instumentations should also be considered (false by default).
module HpredSet : InferStdlib.IStd.Caml.Set.S with type HpredSet.elt = hpred
Sets of heap predicates
Compaction
val create_sharing_env : unit -> sharing_env
Create a sharing env to store canonical representations
val hpred_compact : sharing_env -> hpred -> hpred
Return a compact representation of the exp
val is_objc_object : hpred -> bool
Comparision And Inspection Functions
val is_static_local_name : string -> InferIR.Pvar.t -> bool
Check if a pvar is a local static in objc
val is_block_pvar : InferIR.Pvar.t -> bool
Check if a pvar is a local pointing to a block in objc
Pretty Printing
val color_wrapper : InferStdlib.Pp.env -> F.formatter -> 'a -> f:(InferStdlib.Pp.env -> F.formatter -> 'a -> unit) -> unit
Wraps a printing function with an updated printenv when using diff printing
val pp_exp_printenv : ?print_types:bool -> InferStdlib.Pp.env -> F.formatter -> InferIR.Exp.t -> unit
Pretty print an expression.
val d_exp : InferIR.Exp.t -> unit
dump an expression.
val pp_texp : InferStdlib.Pp.env -> F.formatter -> InferIR.Exp.t -> unit
Pretty print a type.
val pp_texp_full : InferStdlib.Pp.env -> F.formatter -> InferIR.Exp.t -> unit
Pretty print a type with all the details.
val d_texp_full : InferIR.Exp.t -> unit
Dump a type expression with all the details.
val d_exp_list : InferIR.Exp.t list -> unit
Dump a list of expressions.
val pp_offset : InferStdlib.Pp.env -> F.formatter -> offset -> unit
val d_offset_list : offset list -> unit
Dump a list of offsets
val location_of_instr : instr -> InferBase.Location.t
Get the location of the instruction
val exps_of_instr : instr -> InferIR.Exp.t list
get the expressions occurring in the instruction
val if_kind_to_string : if_kind -> string
Pretty print an if_kind
val pp_instr_metadata : InferStdlib.Pp.env -> F.formatter -> instr_metadata -> unit
val pp_instr : print_types:bool -> InferStdlib.Pp.env -> F.formatter -> instr -> unit
Pretty print an instruction.
val d_instr : instr -> unit
Dump an instruction.
val pp_atom : InferStdlib.Pp.env -> F.formatter -> atom -> unit
Pretty print an atom.
val d_atom : atom -> unit
Dump an atom.
val pp_sexp : InferStdlib.Pp.env -> F.formatter -> strexp -> unit
Pretty print a strexp.
val d_sexp : strexp -> unit
Dump a strexp.
val pp_hpred : InferStdlib.Pp.env -> F.formatter -> hpred -> unit
Pretty print a hpred.
val d_hpred : hpred -> unit
Dump a hpred.
val pp_hpara : InferStdlib.Pp.env -> F.formatter -> hpara -> unit
Pretty print a hpara.
val pp_hpara_dll : InferStdlib.Pp.env -> F.formatter -> hpara_dll -> unit
Pretty print a hpara_dll.
module Predicates : sig ... end
Module Predicates records the occurrences of predicates as parameters of (doubly -)linked lists and Epara. Provides unique numbering for predicates and an iterator.
val pp_hpred_env : InferStdlib.Pp.env -> Predicates.env option -> F.formatter -> hpred -> unit
Pretty print a hpred with optional predicate env
Functions for traversing SIL data types
val strexp_expmap : ((InferIR.Exp.t * inst option) -> InferIR.Exp.t * inst option) -> strexp -> strexp
Change exps in strexp using
f
. WARNING: the result might not be normalized.
val hpred_expmap : ((InferIR.Exp.t * inst option) -> InferIR.Exp.t * inst option) -> hpred -> hpred
Change exps in hpred by
f
. WARNING: the result might not be normalized.
val hpred_list_expmap : ((InferIR.Exp.t * inst option) -> InferIR.Exp.t * inst option) -> hpred list -> hpred list
Change exps in hpred list by
f
. WARNING: the result might not be normalized.
val atom_expmap : (InferIR.Exp.t -> InferIR.Exp.t) -> atom -> atom
Change exps in atom by
f
. WARNING: the result might not be normalized.
val hpred_list_get_lexps : (InferIR.Exp.t -> bool) -> hpred list -> InferIR.Exp.t list
val hpred_entries : hpred -> InferIR.Exp.t list
val atom_free_vars : atom -> InferIR.Ident.t InferStdlib.IStd.Sequence.t
val atom_gen_free_vars : atom -> (unit, InferIR.Ident.t) InferStdlib.IStd.Sequence.Generator.t
val hpred_free_vars : hpred -> InferIR.Ident.t InferStdlib.IStd.Sequence.t
val hpred_gen_free_vars : hpred -> (unit, InferIR.Ident.t) InferStdlib.IStd.Sequence.Generator.t
val hpara_shallow_free_vars : hpara -> InferIR.Ident.t InferStdlib.IStd.Sequence.t
val hpara_dll_shallow_free_vars : hpara_dll -> InferIR.Ident.t InferStdlib.IStd.Sequence.t
Variables in hpara_dll, excluding bound vars in the body
Substitution
type subst
= private (InferIR.Ident.t * InferIR.Exp.t) list
val subst_of_list : (InferIR.Ident.t * InferIR.Exp.t) list -> subst
Create a substitution from a list of pairs. For all (id1, e1), (id2, e2) in the input list, if id1 = id2, then e1 = e2.
val subst_of_list_duplicates : (InferIR.Ident.t * InferIR.Exp.t) list -> subst
like subst_of_list, but allow duplicate ids and only keep the first occurrence
val sub_to_list : subst -> (InferIR.Ident.t * InferIR.Exp.t) list
Convert a subst to a list of pairs.
val sub_empty : subst
The empty substitution.
val is_sub_empty : subst -> bool
val sub_join : subst -> subst -> subst
Compute the common id-exp part of two inputs
subst1
andsubst2
. The first component of the output is this common part. The second and third components are the remainder ofsubst1
andsubst2
, respectively.
val sub_symmetric_difference : subst -> subst -> subst * subst * subst
Compute the common id-exp part of two inputs
subst1
andsubst2
. The first component of the output is this common part. The second and third components are the remainder ofsubst1
andsubst2
, respectively.
val sub_find : (InferIR.Ident.t -> bool) -> subst -> InferIR.Exp.t
sub_find filter sub
returns the expression associated to the first identifier that satisfiesfilter
. RaiseNot_found
if there isn't one.
val sub_filter : (InferIR.Ident.t -> bool) -> subst -> subst
sub_filter filter sub
restricts the domain ofsub
to the identifiers satisfyingfilter
.
val sub_filter_pair : subst -> f:((InferIR.Ident.t * InferIR.Exp.t) -> bool) -> subst
sub_filter_exp filter sub
restricts the domain ofsub
to the identifiers satisfyingfilter(id, sub(id))
.
val sub_range_partition : (InferIR.Exp.t -> bool) -> subst -> subst * subst
sub_range_partition filter sub
partitionssub
according to whether range expressions satisfyfilter
.
val sub_domain_partition : (InferIR.Ident.t -> bool) -> subst -> subst * subst
sub_domain_partition filter sub
partitionssub
according to whether domain identifiers satisfyfilter
.
val sub_domain : subst -> InferIR.Ident.t list
Return the list of identifiers in the domain of the substitution.
val sub_range : subst -> InferIR.Exp.t list
Return the list of expressions in the range of the substitution.
val sub_range_map : (InferIR.Exp.t -> InferIR.Exp.t) -> subst -> subst
sub_range_map f sub
appliesf
to the expressions in the range ofsub
.
val sub_map : (InferIR.Ident.t -> InferIR.Ident.t) -> (InferIR.Exp.t -> InferIR.Exp.t) -> subst -> subst
sub_map f g sub
applies the renamingf
to identifiers in the domain ofsub
and the substitutiong
to the expressions in the range ofsub
.
val extend_sub : subst -> InferIR.Ident.t -> InferIR.Exp.t -> subst option
Extend substitution and return
None
if not possible.
val subst_free_vars : subst -> InferIR.Ident.t InferStdlib.IStd.Sequence.t
val subst_gen_free_vars : subst -> (unit, InferIR.Ident.t) InferStdlib.IStd.Sequence.Generator.t
val exp_sub : subst -> InferIR.Exp.t -> InferIR.Exp.t
val atom_sub : subst -> atom -> atom
val instr_sub : subst -> instr -> instr
apply
subst
to all id's ininstr
, including LHS id's
Functions for replacing occurrences of expressions.
val exp_replace_exp : (InferIR.Exp.t * InferIR.Exp.t) list -> InferIR.Exp.t -> InferIR.Exp.t
val atom_replace_exp : (InferIR.Exp.t * InferIR.Exp.t) list -> atom -> atom
val hpred_replace_exp : (InferIR.Exp.t * InferIR.Exp.t) list -> hpred -> hpred
Functions for constructing or destructing entities in this module
val exp_get_offsets : InferIR.Exp.t -> offset list
Compute the offset list of an expression
val exp_add_offsets : InferIR.Exp.t -> offset list -> InferIR.Exp.t
Add the offset list to an expression
val sigma_to_sigma_ne : hpred list -> (atom list * hpred list) list
val hpara_instantiate : hpara -> InferIR.Exp.t -> InferIR.Exp.t -> InferIR.Exp.t list -> InferIR.Ident.t list * hpred list
hpara_instantiate para e1 e2 elist
instantiatespara
withe1
,e2
andelist
. Ifpara = lambda (x, y, xs). exists zs. b
, then the result of the instantiation isb[e1 / x, e2 / y, elist / xs, _zs'/ zs]
for some fresh_zs'
.
val hpara_dll_instantiate : hpara_dll -> InferIR.Exp.t -> InferIR.Exp.t -> InferIR.Exp.t -> InferIR.Exp.t list -> InferIR.Ident.t list * hpred list
hpara_dll_instantiate para cell blink flink elist
instantiatespara
withcell
,blink
,flink
, andelist
. Ifpara = lambda (x, y, z, xs). exists zs. b
, then the result of the instantiation isb[cell / x, blink / y, flink / z, elist / xs, _zs'/ zs]
for some fresh_zs'
.
val custom_error : InferIR.Pvar.t