ValueFlow: extracted valueFlowSubFunction() into separate file (danmar#6929)

Author: firewave

Makefile

@@ -276,6 +276,7 @@ LIBOBJ =      $(libcppdir)/valueflow.o \
               $(libcppdir)/vf_sameexpressions.o \
               $(libcppdir)/vf_settokenvalue.o \
               $(libcppdir)/vf_string.o \
+              $(libcppdir)/vf_subfunction.o \
               $(libcppdir)/vf_switchvariable.o \
               $(libcppdir)/vf_symbolicinfer.o \
               $(libcppdir)/vf_symbolicoperators.o \
@@ -480,7 +481,7 @@ validateRules:
 
 ###### Build
 
-$(libcppdir)/valueflow.o: lib/valueflow.cpp lib/addoninfo.h lib/analyzer.h lib/astutils.h lib/check.h lib/checkuninitvar.h lib/color.h lib/config.h lib/errorlogger.h lib/errortypes.h lib/findtoken.h lib/forwardanalyzer.h lib/infer.h lib/library.h lib/mathlib.h lib/platform.h lib/programmemory.h lib/settings.h lib/smallvector.h lib/sourcelocation.h lib/standards.h lib/suppressions.h lib/symboldatabase.h lib/templatesimplifier.h lib/timer.h lib/token.h lib/tokenize.h lib/tokenlist.h lib/utils.h lib/valueflow.h lib/valueptr.h lib/vf_analyze.h lib/vf_analyzers.h lib/vf_array.h lib/vf_arraybool.h lib/vf_arrayelement.h lib/vf_bailout.h lib/vf_bitand.h lib/vf_common.h lib/vf_conditionexpressions.h lib/vf_debug.h lib/vf_enumvalue.h lib/vf_functionreturn.h lib/vf_globalconstvar.h lib/vf_globalstaticvar.h lib/vf_impossiblevalues.h lib/vf_infercondition.h lib/vf_iteratorinfer.h lib/vf_iterators.h lib/vf_number.h lib/vf_pointeralias.h lib/vf_reverse.h lib/vf_rightshift.h lib/vf_sameexpressions.h lib/vf_settokenvalue.h lib/vf_string.h lib/vf_switchvariable.h lib/vf_symbolicinfer.h lib/vf_symbolicoperators.h lib/vf_unknownfunctionreturn.h lib/vfvalue.h
+$(libcppdir)/valueflow.o: lib/valueflow.cpp lib/addoninfo.h lib/analyzer.h lib/astutils.h lib/color.h lib/config.h lib/errorlogger.h lib/errortypes.h lib/findtoken.h lib/forwardanalyzer.h lib/infer.h lib/library.h lib/mathlib.h lib/platform.h lib/programmemory.h lib/settings.h lib/smallvector.h lib/sourcelocation.h lib/standards.h lib/suppressions.h lib/symboldatabase.h lib/templatesimplifier.h lib/timer.h lib/token.h lib/tokenlist.h lib/utils.h lib/valueflow.h lib/valueptr.h lib/vf_analyze.h lib/vf_analyzers.h lib/vf_array.h lib/vf_arraybool.h lib/vf_arrayelement.h lib/vf_bailout.h lib/vf_bitand.h lib/vf_common.h lib/vf_conditionexpressions.h lib/vf_debug.h lib/vf_enumvalue.h lib/vf_functionreturn.h lib/vf_globalconstvar.h lib/vf_globalstaticvar.h lib/vf_impossiblevalues.h lib/vf_infercondition.h lib/vf_iteratorinfer.h lib/vf_iterators.h lib/vf_number.h lib/vf_pointeralias.h lib/vf_reverse.h lib/vf_rightshift.h lib/vf_sameexpressions.h lib/vf_settokenvalue.h lib/vf_string.h lib/vf_subfunction.h lib/vf_switchvariable.h lib/vf_symbolicinfer.h lib/vf_symbolicoperators.h lib/vf_unknownfunctionreturn.h lib/vfvalue.h
 	$(CXX) ${INCLUDE_FOR_LIB} $(CPPFLAGS) $(CXXFLAGS) -c -o $@ $(libcppdir)/valueflow.cpp
 
 $(libcppdir)/tokenize.o: lib/tokenize.cpp externals/simplecpp/simplecpp.h lib/addoninfo.h lib/astutils.h lib/color.h lib/config.h lib/errorlogger.h lib/errortypes.h lib/library.h lib/mathlib.h lib/path.h lib/platform.h lib/preprocessor.h lib/settings.h lib/smallvector.h lib/sourcelocation.h lib/standards.h lib/summaries.h lib/suppressions.h lib/symboldatabase.h lib/templatesimplifier.h lib/timer.h lib/token.h lib/tokenize.h lib/tokenlist.h lib/utils.h lib/valueflow.h lib/vfvalue.h
@@ -738,6 +739,9 @@ $(libcppdir)/vf_settokenvalue.o: lib/vf_settokenvalue.cpp lib/addoninfo.h lib/as
 $(libcppdir)/vf_string.o: lib/vf_string.cpp lib/config.h lib/errortypes.h lib/mathlib.h lib/sourcelocation.h lib/standards.h lib/templatesimplifier.h lib/token.h lib/tokenlist.h lib/utils.h lib/vf_settokenvalue.h lib/vf_string.h lib/vfvalue.h
 	$(CXX) ${INCLUDE_FOR_LIB} $(CPPFLAGS) $(CXXFLAGS) -c -o $@ $(libcppdir)/vf_string.cpp
 
+$(libcppdir)/vf_subfunction.o: lib/vf_subfunction.cpp lib/addoninfo.h lib/analyzer.h lib/astutils.h lib/check.h lib/checkuninitvar.h lib/config.h lib/errortypes.h lib/forwardanalyzer.h lib/library.h lib/mathlib.h lib/platform.h lib/programmemory.h lib/settings.h lib/smallvector.h lib/sourcelocation.h lib/standards.h lib/suppressions.h lib/symboldatabase.h lib/templatesimplifier.h lib/token.h lib/tokenize.h lib/tokenlist.h lib/utils.h lib/valueptr.h lib/vf_analyzers.h lib/vf_bailout.h lib/vf_common.h lib/vf_settokenvalue.h lib/vf_subfunction.h lib/vfvalue.h
+	$(CXX) ${INCLUDE_FOR_LIB} $(CPPFLAGS) $(CXXFLAGS) -c -o $@ $(libcppdir)/vf_subfunction.cpp
+
 $(libcppdir)/vf_switchvariable.o: lib/vf_switchvariable.cpp lib/addoninfo.h lib/config.h lib/errortypes.h lib/library.h lib/mathlib.h lib/platform.h lib/settings.h lib/sourcelocation.h lib/standards.h lib/suppressions.h lib/symboldatabase.h lib/templatesimplifier.h lib/token.h lib/utils.h lib/vf_bailout.h lib/vf_reverse.h lib/vf_switchvariable.h lib/vfvalue.h
 	$(CXX) ${INCLUDE_FOR_LIB} $(CPPFLAGS) $(CXXFLAGS) -c -o $@ $(libcppdir)/vf_switchvariable.cpp
 

lib/cppcheck.vcxproj

@@ -111,6 +111,7 @@
     <ClCompile Include="vf_sameexpressions.cpp" />
     <ClCompile Include="vf_settokenvalue.cpp" />
     <ClCompile Include="vf_string.cpp" />
+    <ClCompile Include="vf_subfunction.cpp" />
     <ClCompile Include="vf_switchvariable.cpp" />
     <ClCompile Include="vf_symbolicinfer.cpp" />
     <ClCompile Include="vf_symbolicoperators.cpp" />
@@ -221,6 +222,7 @@
     <ClInclude Include="vf_sameexpressions.h" />
     <ClInclude Include="vf_settokenvalue.h" />
     <ClInclude Include="vf_string.h" />
+    <ClInclude Include="vf_subfunction.h" />
     <ClInclude Include="vf_switchvariable.h" />
     <ClInclude Include="vf_symbolicinfer.h" />
     <ClInclude Include="vf_symbolicoperators.h" />

lib/lib.pri

@@ -104,6 +104,7 @@ HEADERS += $${PWD}/addoninfo.h \
            $${PWD}/vf_sameexpressions.h \
            $${PWD}/vf_settokenvalue.h \
            $${PWD}/vf_string.h \
+           $${PWD}/vf_subfunction.h \
            $${PWD}/vf_switchvariable.h \
            $${PWD}/vf_symbolicinfer.h \
            $${PWD}/vf_symbolicoperators.h \
@@ -197,6 +198,7 @@ SOURCES += $${PWD}/valueflow.cpp \
            $${PWD}/vf_sameexpressions.cpp \
            $${PWD}/vf_settokenvalue.cpp \
            $${PWD}/vf_string.cpp \
+           $${PWD}/vf_subfunction.cpp \
            $${PWD}/vf_switchvariable.cpp \
            $${PWD}/vf_symbolicinfer.cpp \
            $${PWD}/vf_symbolicoperators.cpp \

lib/valueflow.cpp

@@ -79,7 +79,6 @@
 
 #include "analyzer.h"
 #include "astutils.h"
-#include "checkuninitvar.h"
 #include "config.h"
 #include "errorlogger.h"
 #include "errortypes.h"
@@ -129,30 +128,6 @@
 #include <unordered_set>
 #include <vector>
 
-static void changeKnownToPossible(std::list<ValueFlow::Value> &values, int indirect=-1)
-{
-    for (ValueFlow::Value& v: values) {
-        if (indirect >= 0 && v.indirect != indirect)
-            continue;
-        v.changeKnownToPossible();
-    }
-}
-
-static void removeImpossible(std::list<ValueFlow::Value>& values, int indirect = -1)
-{
-    values.remove_if([&](const ValueFlow::Value& v) {
-        if (indirect >= 0 && v.indirect != indirect)
-            return false;
-        return v.isImpossible();
-    });
-}
-
-static void lowerToPossible(std::list<ValueFlow::Value>& values, int indirect = -1)
-{
-    changeKnownToPossible(values, indirect);
-    removeImpossible(values, indirect);
-}
-
 static void changePossibleToKnown(std::list<ValueFlow::Value>& values, int indirect = -1)
 {
     for (ValueFlow::Value& v : values) {
@@ -4081,85 +4056,6 @@ static void valueFlowForLoop(TokenList &tokenlist, const SymbolDatabase& symbold
     }
 }
 
-template<class Key, class F>
-static bool productParams(const Settings& settings, const std::unordered_map<Key, std::list<ValueFlow::Value>>& vars, F f)
-{
-    using Args = std::vector<std::unordered_map<Key, ValueFlow::Value>>;
-    Args args(1);
-    // Compute cartesian product of all arguments
-    for (const auto& p:vars) {
-        if (p.second.empty())
-            continue;
-        args.back()[p.first] = p.second.front();
-    }
-    bool bail = false;
-    int max = settings.vfOptions.maxSubFunctionArgs;
-    for (const auto& p:vars) {
-        if (args.size() > max) {
-            bail = true;
-            break;
-        }
-        if (p.second.empty())
-            continue;
-        std::for_each(std::next(p.second.begin()), p.second.end(), [&](const ValueFlow::Value& value) {
-            Args new_args;
-            for (auto arg:args) {
-                if (value.path != 0) {
-                    for (const auto& q:arg) {
-                        if (q.first == p.first)
-                            continue;
-                        if (q.second.path == 0)
-                            continue;
-                        if (q.second.path != value.path)
-                            return;
-                    }
-                }
-                arg[p.first] = value;
-                new_args.push_back(std::move(arg));
-            }
-            std::copy(new_args.cbegin(), new_args.cend(), std::back_inserter(args));
-        });
-    }
-
-    if (args.size() > max) {
-        bail = true;
-        args.resize(max);
-        // TODO: add bailout message
-    }
-
-    for (const auto& arg:args) {
-        if (arg.empty())
-            continue;
-        // Make sure all arguments are the same path
-        const MathLib::bigint path = arg.cbegin()->second.path;
-        if (std::any_of(arg.cbegin(), arg.cend(), [&](const std::pair<Key, ValueFlow::Value>& p) {
-            return p.second.path != path;
-        }))
-            continue;
-        f(arg);
-    }
-    return !bail;
-}
-
-static void valueFlowInjectParameter(const TokenList& tokenlist,
-                                     ErrorLogger& errorLogger,
-                                     const Settings& settings,
-                                     const Scope* functionScope,
-                                     const std::unordered_map<const Variable*, std::list<ValueFlow::Value>>& vars)
-{
-    const bool r = productParams(settings, vars, [&](const std::unordered_map<const Variable*, ValueFlow::Value>& arg) {
-        auto a = makeMultiValueFlowAnalyzer(arg, settings);
-        valueFlowGenericForward(const_cast<Token*>(functionScope->bodyStart), functionScope->bodyEnd, a, tokenlist, errorLogger, settings);
-    });
-    if (!r) {
-        std::string fname = "<unknown>";
-        if (const Function* f = functionScope->function)
-            fname = f->name();
-        if (settings.debugwarnings)
-            bailout(tokenlist, errorLogger, functionScope->bodyStart, "Too many argument passed to " + fname);
-    }
-}
-
 static void valueFlowInjectParameter(const TokenList& tokenlist,
                                      ErrorLogger& errorLogger,
                                      const Settings& settings,
@@ -4185,131 +4081,6 @@ static void valueFlowInjectParameter(const TokenList& tokenlist,
                      settings);
 }
 
-static std::list<ValueFlow::Value> getFunctionArgumentValues(const Token *argtok)
-{
-    std::list<ValueFlow::Value> argvalues(argtok->values());
-    removeImpossible(argvalues);
-    if (argvalues.empty() && Token::Match(argtok, "%comp%|%oror%|&&|!")) {
-        argvalues.emplace_back(0);
-        argvalues.emplace_back(1);
-    }
-    return argvalues;
-}
-
-static void valueFlowLibraryFunction(Token *tok, const std::string &returnValue, const Settings &settings)
-{
-    std::unordered_map<nonneg int, std::list<ValueFlow::Value>> argValues;
-    int argn = 1;
-    for (const Token *argtok : getArguments(tok->previous())) {
-        argValues[argn] = getFunctionArgumentValues(argtok);
-        argn++;
-    }
-    if (returnValue.find("arg") != std::string::npos && argValues.empty())
-        return;
-    productParams(settings, argValues, [&](const std::unordered_map<nonneg int, ValueFlow::Value>& arg) {
-        ValueFlow::Value value = evaluateLibraryFunction(arg, returnValue, settings, tok->isCpp());
-        if (value.isUninitValue())
-            return;
-        ValueFlow::Value::ValueKind kind = ValueFlow::Value::ValueKind::Known;
-        for (auto&& p : arg) {
-            if (p.second.isPossible())
-                kind = p.second.valueKind;
-            if (p.second.isInconclusive()) {
-                kind = p.second.valueKind;
-                break;
-            }
-        }
-        if (value.isImpossible() && kind != ValueFlow::Value::ValueKind::Known)
-            return;
-        if (!value.isImpossible())
-            value.valueKind = kind;
-        setTokenValue(tok, std::move(value), settings);
-    });
-}
-
-static void valueFlowSubFunction(const TokenList& tokenlist, SymbolDatabase& symboldatabase,  ErrorLogger& errorLogger, const Settings& settings)
-{
-    int id = 0;
-    for (auto it = symboldatabase.functionScopes.crbegin(); it != symboldatabase.functionScopes.crend(); ++it) {
-        const Scope* scope = *it;
-        const Function* function = scope->function;
-        if (!function)
-            continue;
-        for (auto* tok = const_cast<Token*>(scope->bodyStart); tok != scope->bodyEnd; tok = tok->next()) {
-            if (tok->isKeyword() || !Token::Match(tok, "%name% ("))
-                continue;
-
-            const Function * const calledFunction = tok->function();
-            if (!calledFunction) {
-                // library function?
-                const std::string& returnValue(settings.library.returnValue(tok));
-                if (!returnValue.empty())
-                    valueFlowLibraryFunction(tok->next(), returnValue, settings);
-                continue;
-            }
-
-            const Scope * const calledFunctionScope = calledFunction->functionScope;
-            if (!calledFunctionScope)
-                continue;
-
-            id++;
-            std::unordered_map<const Variable*, std::list<ValueFlow::Value>> argvars;
-            // TODO: Rewrite this. It does not work well to inject 1 argument at a time.
-            const std::vector<const Token *> &callArguments = getArguments(tok);
-            for (int argnr = 0U; argnr < callArguments.size(); ++argnr) {
-                const Token *argtok = callArguments[argnr];
-                // Get function argument
-                const Variable * const argvar = calledFunction->getArgumentVar(argnr);
-                if (!argvar)
-                    break;
-
-                // passing value(s) to function
-                std::list<ValueFlow::Value> argvalues(getFunctionArgumentValues(argtok));
-
-                // Remove non-local lifetimes
-                argvalues.remove_if([](const ValueFlow::Value& v) {
-                    if (v.isLifetimeValue())
-                        return !v.isLocalLifetimeValue() && !v.isSubFunctionLifetimeValue();
-                    return false;
-                });
-                // Remove uninit values if argument is passed by value
-                if (argtok->variable() && !argtok->variable()->isPointer() && argvalues.size() == 1 && argvalues.front().isUninitValue()) {
-                    if (CheckUninitVar::isVariableUsage(argtok, settings.library, false, CheckUninitVar::Alloc::NO_ALLOC, 0))
-                        continue;
-                }
-
-                if (argvalues.empty())
-                    continue;
-
-                // Error path..
-                for (ValueFlow::Value &v : argvalues) {
-                    const std::string nr = std::to_string(argnr + 1) + getOrdinalText(argnr + 1);
-
-                    v.errorPath.emplace_back(argtok,
-                                             "Calling function '" +
-                                             calledFunction->name() +
-                                             "', " +
-                                             nr +
-                                             " argument '" +
-                                             argtok->expressionString() +
-                                             "' value is " +
-                                             v.infoString());
-                    v.path = 256 * v.path + id % 256;
-                    // Change scope of lifetime values
-                    if (v.isLifetimeValue())
-                        v.lifetimeScope = ValueFlow::Value::LifetimeScope::SubFunction;
-                }
-
-                // passed values are not "known"..
-                lowerToPossible(argvalues);
-
-                argvars[argvar] = std::move(argvalues);
-            }
-            valueFlowInjectParameter(tokenlist, errorLogger, settings, calledFunctionScope, argvars);
-        }
-    }
-}
-
 static void valueFlowFunctionDefaultParameter(const TokenList& tokenlist, const SymbolDatabase& symboldatabase, ErrorLogger& errorLogger, const Settings& settings)
 {
     if (!tokenlist.isCPP())
@@ -5687,7 +5458,7 @@ void ValueFlow::setValues(TokenList& tokenlist,
         VFA(analyzeInferCondition(tokenlist, settings)),
         VFA(analyzeSwitchVariable(tokenlist, symboldatabase, errorLogger, settings)),
         VFA(valueFlowForLoop(tokenlist, symboldatabase, errorLogger, settings)),
-        VFA(valueFlowSubFunction(tokenlist, symboldatabase, errorLogger, settings)),
+        VFA(analyzeSubFunction(tokenlist, symboldatabase, errorLogger, settings)),
         VFA(analyzeFunctionReturn(tokenlist, errorLogger, settings)),
         VFA(valueFlowLifetime(tokenlist, errorLogger, settings)),
         VFA(valueFlowFunctionDefaultParameter(tokenlist, symboldatabase, errorLogger, settings)),

lib/vf_analyze.h

@@ -38,6 +38,7 @@
 #include "vf_rightshift.h" // IWYU pragma: export
 #include "vf_sameexpressions.h" // IWYU pragma: export
 #include "vf_string.h" // IWYU pragma: export
+#include "vf_subfunction.h" // IWYU pragma: export
 #include "vf_switchvariable.h" // IWYU pragma: export
 #include "vf_symbolicinfer.h" // IWYU pragma: export
 #include "vf_symbolicoperators.h" // IWYU pragma: export

lib/vf_common.cpp

@@ -454,4 +454,28 @@ namespace ValueFlow
         value.intvalue = delta;
         return value;
     }
+
+    void removeImpossible(std::list<Value>& values, int indirect)
+    {
+        values.remove_if([&](const Value& v) {
+            if (indirect >= 0 && v.indirect != indirect)
+                return false;
+            return v.isImpossible();
+        });
+    }
+
+    void changeKnownToPossible(std::list<Value> &values, int indirect)
+    {
+        for (Value& v: values) {
+            if (indirect >= 0 && v.indirect != indirect)
+                continue;
+            v.changeKnownToPossible();
+        }
+    }
+
+    void lowerToPossible(std::list<Value>& values, int indirect)
+    {
+        changeKnownToPossible(values, indirect);
+        removeImpossible(values, indirect);
+    }
 }

lib/vf_common.h

@@ -63,6 +63,12 @@ namespace ValueFlow
     void setSymbolic(Value& value, const Token* tok);
 
     Value makeSymbolic(const Token* tok, MathLib::bigint delta = 0);
+
+    void removeImpossible(std::list<Value>& values, int indirect = -1);
+
+    void changeKnownToPossible(std::list<Value> &values, int indirect=-1);
+
+    void lowerToPossible(std::list<Value>& values, int indirect = -1);
 }
 
 #endif // vfCommonH