Package it.unive.lisa.analysis

Class AnalysisState<A extends AbstractState<A>>

    • Constructor Detail

      • AnalysisState

        public AnalysisState​(A state,
                     SymbolicExpression computedExpression)
        Builds a new state.
        Parameters:
        state - the AbstractState to embed in this analysis state
        computedExpression - the expression that has been computed

      • AnalysisState

        public AnalysisState​(A state,
                     ExpressionSet computedExpressions)
        Builds a new state.
        Parameters:
        state - the AbstractState to embed in this analysis state
        computedExpressions - the expressions that have been computed

      • AnalysisState

        public AnalysisState​(A state,
                     SymbolicExpression computedExpression,
                     FixpointInfo info)
        Builds a new state.
        Parameters:
        state - the AbstractState to embed in this analysis state
        computedExpression - the expression that has been computed
        info - the additional information to be computed during fixpoint computations

      • AnalysisState

        public AnalysisState​(A state,
                     ExpressionSet computedExpressions,
                     FixpointInfo info)
        Builds a new state.
        Parameters:
        state - the AbstractState to embed in this analysis state
        computedExpressions - the expressions that have been computed
        info - the additional information to be computed during fixpoint computations

    • Method Detail

      • getState

        public A getState()
        Yields the AbstractState embedded into this analysis state, containing abstract values for program variables and memory locations.
        Returns:
        the abstract state

      • getFixpointInformation

        public FixpointInfo getFixpointInformation()
        Yields the additional information that must be computed during fixpoint computations. This is a generic key-value mapping that users of the library can use for ad-hoc purposes.
        Returns:
        the additional information (can be null)

      • getInfo

        public Lattice<?> getInfo​(java.lang.String key)
        Yields the Additional information associated to the given key, as defined in this instance's getFixpointInformation().
        Parameters:
        key - the key
        Returns:
        the mapped information

      • getInfo

        public <T> T getInfo​(java.lang.String key,
                     java.lang.Class<T> type)
        Yields the additional information associated to the given key, casted to the given type, as defined in this instance's getFixpointInformation().
        Type Parameters:
        T - the type to cast the return value of this method to
        Parameters:
        key - the key
        type - the type to cast the retrieved information to
        Returns:
        the mapped information

      • storeInfo

        public AnalysisState<A> storeInfo​(java.lang.String key,
                                  Lattice<?> info)
        Yields a copy of this state where the additional fixpoint information (getFixpointInformation()) has been updated by mapping the given key to info. This is a strong update, meaning that the information previously mapped to the same key, if any, is lost. For a weak update, use weakStoreInfo(String, Lattice).
        Parameters:
        key - the key
        info - the information to store
        Returns:
        a new instance with the updated mapping

      • weakStoreInfo

        public AnalysisState<A> weakStoreInfo​(java.lang.String key,
                                      Lattice<?> info)
                               throws SemanticException
        Yields a copy of this state where the additional fixpoint information (getFixpointInformation()) has been updated by mapping the given key to info. This is a weak update, meaning that the information previously mapped to the same key, if any, is lubbed together with the given one, and the result is stored inside the mapping instead. For a strong update, use storeInfo(String, Lattice).
        Parameters:
        key - the key
        info - the information to store
        Returns:
        a new instance with the updated mapping
        Throws:
        SemanticException - if something goes wrong during the lub

      • getComputedExpressions

        public ExpressionSet getComputedExpressions()
        Yields the last computed expression. This is an instance of SymbolicExpression that will contain markers for all abstract values that would be present on the stack, as well as variable identifiers for values that should be read from the state. These are tied together in a form of expression that abstract domains are able to interpret. The collection returned by this method usually contains one expression, but instances created through lattice operations (e.g., lub) might contain more.
        Returns:
        the last computed expression

      • assign

        public AnalysisState<A> assign​(Identifier id,
                               SymbolicExpression value,
                               ProgramPoint pp)
                        throws SemanticException
        Yields a copy of this state, where id has been assigned to value.
        Parameters:
        id - the identifier to assign the value to
        value - the expression to assign
        pp - the program point that where this operation is being evaluated
        Returns:
        a copy of this domain, modified by the assignment
        Throws:
        SemanticException - if an error occurs during the computation

      • assign

        public AnalysisState<A> assign​(SymbolicExpression id,
                               SymbolicExpression expression,
                               ProgramPoint pp)
                        throws SemanticException
        Yields a copy of this analysis state, where the symbolic expression id has been assigned to value: if id is not an Identifier, then it is rewritten before performing the assignment.
        Parameters:
        id - the symbolic expression to be assigned
        expression - the expression to assign
        pp - the program point that where this operation is being evaluated
        Returns:
        a copy of this analysis state, modified by the assignment
        Throws:
        SemanticException - if an error occurs during the computation

      • smallStepSemantics

        public AnalysisState<A> smallStepSemantics​(SymbolicExpression expression,
                                           ProgramPoint pp)
                                    throws SemanticException
        Yields a copy of this state, that has been modified accordingly to the semantics of the given expression.
        Parameters:
        expression - the expression whose semantics need to be computed
        pp - the program point that where this operation is being evaluated
        Returns:
        a copy of this domain, modified accordingly to the semantics of expression
        Throws:
        SemanticException - if an error occurs during the computation

      • assume

        public AnalysisState<A> assume​(SymbolicExpression expression,
                               ProgramPoint src,
                               ProgramPoint dest)
                        throws SemanticException
        Yields a copy of this state, modified by assuming that the given expression holds. It is required that the returned domain is in relation with this one. A safe (but imprecise) implementation of this method can always return this.
        Parameters:
        expression - the expression to assume to hold.
        src - the program point that where this operation is being evaluated, corresponding to the one that generated the given expression
        dest - the program point where the execution will move after the expression has been assumed
        Returns:
        the (optionally) modified copy of this domain
        Throws:
        SemanticException - if an error occurs during the computation

      • popScope

        public AnalysisState<A> popScope​(ScopeToken scope)
                          throws SemanticException
        Description copied from interface: ScopedObject
        Pops the scope identified by the given token from this object. This causes all the visible variables (i.e. that are not mapped to a scope) to be removed, while the local variables that were associated to the given scope token (and thus hidden) will become visible again.
        Specified by:
        popScope in interface ScopedObject<A extends AbstractState<A>>
        Parameters:
        scope - the token of the scope to be restored
        Returns:
        a copy of this object where the local variables have been removed, while the variables mapped to the given scope are visible again
        Throws:
        SemanticException - if an error occurs during the computation

      • lubAux

        public AnalysisState<A> lubAux​(AnalysisState<A> other)
                        throws SemanticException
        Description copied from interface: BaseLattice
        Performs the least upper bound operation between this lattice element and the given one, assuming that base cases have already been handled. In particular, it is guaranteed that:
        • other is not null
        • other is neither top nor bottom
        • this is neither top nor bottom
        • this and other are not the same object (according both to == and to Object.equals(Object))
        Specified by:
        lubAux in interface BaseLattice<A extends AbstractState<A>>
        Parameters:
        other - the other lattice element
        Returns:
        the least upper bound between this and other
        Throws:
        SemanticException - if an error occurs during the computation

      • glbAux

        public AnalysisState<A> glbAux​(AnalysisState<A> other)
                        throws SemanticException
        Description copied from interface: BaseLattice
        Performs the greatest lower bound operation between this lattice element and the given one, assuming that base cases have already been handled. In particular, it is guaranteed that:
        • other is not null
        • other is neither top nor bottom
        • this is neither top nor bottom
        • this and other are not the same object (according both to == and to Object.equals(Object))
        Specified by:
        glbAux in interface BaseLattice<A extends AbstractState<A>>
        Parameters:
        other - the other lattice element
        Returns:
        the greatest lower bound between this and other
        Throws:
        SemanticException - if an error occurs during the computation

      • wideningAux

        public AnalysisState<A> wideningAux​(AnalysisState<A> other)
                             throws SemanticException
        Description copied from interface: BaseLattice
        Performs the widening operation between this lattice element and the given one, assuming that base cases have already been handled. In particular, it is guaranteed that:
        • other is not null
        • other is neither top nor bottom
        • this is neither top nor bottom
        • this and other are not the same object (according both to == and to Object.equals(Object))
        The default implementation of this method delegates to BaseLattice.lubAux(BaseLattice), and is thus safe for finite lattices and ACC ones.
        Specified by:
        wideningAux in interface BaseLattice<A extends AbstractState<A>>
        Parameters:
        other - the other lattice element
        Returns:
        the widening between this and other
        Throws:
        SemanticException - if an error occurs during the computation

      • narrowingAux

        public AnalysisState<A> narrowingAux​(AnalysisState<A> other)
                              throws SemanticException
        Description copied from interface: BaseLattice
        Performs the narrowing operation between this lattice element and the given one, assuming that base cases have already been handled. In particular, it is guaranteed that:
        • other is not null
        • other is neither top nor bottom
        • this is neither top nor bottom
        • this and other are not the same object (according both to == and to Object.equals(Object))
        The default implementation of this method delegates to BaseLattice.glbAux(BaseLattice), and is thus safe for finite lattices and DCC ones.
        Specified by:
        narrowingAux in interface BaseLattice<A extends AbstractState<A>>
        Parameters:
        other - the other lattice element
        Returns:
        the narrowing between this and other
        Throws:
        SemanticException - if an error occurs during the computation

      • lessOrEqualAux

        public boolean lessOrEqualAux​(AnalysisState<A> other)
                       throws SemanticException
        Description copied from interface: BaseLattice
        Yields true if and only if this lattice element is in relation with (usually represented through ≤) the given one, assuming that base cases have already been handled. In particular, it is guaranteed that:
        • other is not null
        • other is neither top nor bottom
        • this is neither top nor bottom
        • this and other are not the same object (according both to == and to Object.equals(Object))
        Specified by:
        lessOrEqualAux in interface BaseLattice<A extends AbstractState<A>>
        Parameters:
        other - the other lattice element
        Returns:
        true if and only if that condition holds
        Throws:
        SemanticException - if an error occurs during the computation

      • top

        public AnalysisState<A> top()
        Description copied from interface: Lattice
        Yields the top element of this lattice. The returned element should be unique across different calls to this method, since Lattice.isTop() uses reference equality by default. If the value returned by this method is not a singleton, override Lattice.isTop() accordingly to provide a coherent test.
        Specified by:
        top in interface Lattice<A extends AbstractState<A>>
        Returns:
        the top element

      • bottom

        public AnalysisState<A> bottom()
        Description copied from interface: Lattice
        Yields the bottom element of this lattice. The returned element should be unique across different calls to this method, since Lattice.isBottom() uses reference equality by default. If the value returned by this method is not a singleton, override Lattice.isBottom() accordingly to provide a coherent test.
        Specified by:
        bottom in interface Lattice<A extends AbstractState<A>>
        Returns:
        the bottom element

      • isTop

        public boolean isTop()
        Description copied from interface: Lattice
        Yields true if and only if this object represents the top of the lattice. The default implementation of this method uses reference equality between this and the value returned by Lattice.top(), thus assuming that the top element is a singleton. If this is not the case, override this method accordingly to provide a coherent test.
        Specified by:
        isTop in interface Lattice<A extends AbstractState<A>>
        Returns:
        true if this is the top of the lattice

      • isBottom

        public boolean isBottom()
        Description copied from interface: Lattice
        Yields true if and only if this object represents the bottom of the lattice. The default implementation of this method uses reference equality between this and the value returned by Lattice.bottom(), thus assuming that the bottom element is a singleton. If this is not the case, override this method accordingly to provide a coherent test.
        Specified by:
        isBottom in interface Lattice<A extends AbstractState<A>>
        Returns:
        true if this is the bottom of the lattice

      • forgetIdentifier

        public AnalysisState<A> forgetIdentifier​(Identifier id)
                                  throws SemanticException
        Forgets an Identifier. This means that all information regarding the given id will be lost. This method should be invoked whenever an identifier gets out of scope.
        Parameters:
        id - the identifier to forget
        Returns:
        the analysis state without information about the given id
        Throws:
        SemanticException - if an error occurs during the computation

      • forgetIdentifiersIf

        public AnalysisState<A> forgetIdentifiersIf​(java.util.function.Predicate<Identifier> test)
                                     throws SemanticException
        Forgets all Identifiers that match the given predicate. This means that all information regarding the those identifiers will be lost. This method should be invoked whenever an identifier gets out of scope.
        Parameters:
        test - the test to identify the targets of the removal
        Returns:
        the analysis state in without information about the ids
        Throws:
        SemanticException - if an error occurs during the computation

      • equals

        public boolean equals​(java.lang.Object obj)
        Specified by:
        equals in interface BaseLattice<A extends AbstractState<A>>
        Overrides:
        equals in class java.lang.Object

      • toString

        public java.lang.String toString()
        Specified by:
        toString in interface BaseLattice<A extends AbstractState<A>>
        Overrides:
        toString in class java.lang.Object

      • withTopMemory

        public AnalysisState<A> withTopMemory()
        Yields a copy of this state, but with the AbstractState's inner memory abstraction set to top. This is useful to represent effects of unknown calls that arbitrarily manipulate the memory.
        Returns:
        the copy with top memory

      • withTopValues

        public AnalysisState<A> withTopValues()
        Yields a copy of this state, but with the AbstractState's inner value abstraction set to top. This is useful to represent effects of unknown calls that arbitrarily manipulate the values of variables.
        Returns:
        the copy with top value

      • withTopTypes

        public AnalysisState<A> withTopTypes()
        Yields a copy of this state, but with the AbstractState's inner type abstraction set to top. This is useful to represent effects of unknown calls that arbitrarily manipulate the values of variables (and their type accordingly).
        Returns:
        the copy with top type