CFL Field Sensitivity (#814)

* Add alloc-sites-aware default problem + start adding IDEDroid-like formulation of field-sensitive IFDS

* Continue with CFL implementation (WIP)

* Fully compiling CFL-field-sens IFDS implementation

* Add some simple unittests (WIP)

* Add a hack to make the alias information partially field sensitive

* Change alias handling

* Add more (passing) XTaint tests

* Add sanitizer-customization-point + fix bug in combine() with EdgeIdentity

* Fix minor compilation issue

* Out-comment unnecessary stuff

* Convert CFLFieldSensTest to testingSrcLocation + add logger to FieldSensAllocSitesAwareIFDSProblem

* Optimize CFLFieldSensEdgeValue::applyTransforms

* Some cleanup + optimize creation of CFLFieldSensEdgeFunction

* minor

* Some optimizations

* Add corner case tests

* Fix edge-cases in CFL-Fieldsens analysis + make corresponding tests (xtaint 22,23) pass

* Small tweak in CFLFieldSensTest + minor

* Add structural sharing for Store- and Load sequences

* Some cleanup + small enhancement to LatticeDomain-join

* Add some comment

* Fix errors after merge

* minor

* Integrate CFL-fieldsens analysis into phasar-cli for IFDSTaintAnalysis

* Rename cfl fieldsens analysis problem + introduce own namespace for it

* Add generic mechanism to filter IFDS analysis results field-sensitively

* Properly handling non-existing value

* Add some comments + minor

* pre-commit

* Fix stack-use-after-return in IdBasedSolverResults

* small optimization based on alltop

---------

Co-authored-by: Fabian Schiebel <fabian.schiebel@uni-paderborn.de>

Author: fabianbs96

include/phasar/DataFlow/IfdsIde/EdgeFunctionUtils.h

@@ -39,6 +39,10 @@ template <typename L> struct EdgeIdentity final {
   [[nodiscard]] static EdgeFunction<l_t>
   join(EdgeFunctionRef<EdgeIdentity> This,
        const EdgeFunction<l_t> &OtherFunction);
+
+  friend llvm::raw_ostream &operator<<(llvm::raw_ostream &OS, EdgeIdentity) {
+    return OS << "EdgeIdentity";
+  }
 };
 
 template <typename L> struct ConstantEdgeFunction {
@@ -164,6 +168,10 @@ template <typename L> struct AllBottom final {
   {
     return LHS.BottomValue == RHS.BottomValue;
   }
+
+  friend llvm::raw_ostream &operator<<(llvm::raw_ostream &OS, AllBottom) {
+    return OS << "AllBottom";
+  }
 };
 
 template <typename L> struct AllTop final {
@@ -202,10 +210,14 @@ template <typename L> struct AllTop final {
   {
     return LHS.TopValue == RHS.TopValue;
   }
+
+  friend llvm::raw_ostream &operator<<(llvm::raw_ostream &OS, AllTop) {
+    return OS << "AllTop";
+  }
 };
 
 template <typename L, typename ConcreteEF>
-EdgeFunction<L>
+inline EdgeFunction<L>
 defaultComposeOrNull(EdgeFunctionRef<ConcreteEF> This,
                      const EdgeFunction<L> &SecondFunction) noexcept {
   if (llvm::isa<EdgeIdentity<L>>(SecondFunction)) {
@@ -218,7 +230,7 @@ defaultComposeOrNull(EdgeFunctionRef<ConcreteEF> This,
 }
 
 template <typename L>
-EdgeFunction<L>
+inline EdgeFunction<L>
 defaultComposeOrNull(const EdgeFunction<L> &This,
                      const EdgeFunction<L> &SecondFunction) noexcept {
   if (llvm::isa<EdgeIdentity<L>>(SecondFunction)) {
@@ -409,8 +421,8 @@ template <typename L, uint8_t N> struct JoinEdgeFunction {
 /// Joining with EdgeIdentity will overapproximate to (AllBottom if N==0, else
 /// JoinEdgeFunction).
 template <typename L, uint8_t N = 0, typename ConcreteEF>
-EdgeFunction<L> defaultJoinOrNull(EdgeFunctionRef<ConcreteEF> This,
-                                  const EdgeFunction<L> &OtherFunction) {
+inline EdgeFunction<L> defaultJoinOrNull(EdgeFunctionRef<ConcreteEF> This,
+                                         const EdgeFunction<L> &OtherFunction) {
   if (llvm::isa<AllBottom<L>>(OtherFunction)) {
     return OtherFunction;
   }
@@ -428,8 +440,8 @@ EdgeFunction<L> defaultJoinOrNull(EdgeFunctionRef<ConcreteEF> This,
 }
 
 template <typename L, uint8_t N = 0>
-EdgeFunction<L> defaultJoinOrNull(const EdgeFunction<L> &This,
-                                  const EdgeFunction<L> &OtherFunction) {
+inline EdgeFunction<L> defaultJoinOrNull(const EdgeFunction<L> &This,
+                                         const EdgeFunction<L> &OtherFunction) {
   if (llvm::isa<AllBottom<L>>(OtherFunction) || llvm::isa<AllTop<L>>(This)) {
     return OtherFunction;
   }
@@ -447,6 +459,23 @@ EdgeFunction<L> defaultJoinOrNull(const EdgeFunction<L> &This,
   return nullptr;
 }
 
+/// Similar to defaultJoinOrNull(), but does not handle This==OtherFunction and
+/// EdgeIdentity.
+template <typename L>
+inline EdgeFunction<L>
+defaultJoinOrNullNoId(const EdgeFunction<L> &This,
+                      const EdgeFunction<L> &OtherFunction) {
+  if (llvm::isa<AllBottom<L>>(OtherFunction) || llvm::isa<AllTop<L>>(This)) {
+    return OtherFunction;
+  }
+  if (llvm::isa<AllTop<L>>(OtherFunction) || llvm::isa<AllBottom<L>>(This) ||
+      OtherFunction.referenceEquals(This)) {
+    return This;
+  }
+
+  return nullptr;
+}
+
 template <typename L>
 EdgeFunction<L> EdgeIdentity<L>::join(EdgeFunctionRef<EdgeIdentity> This,
                                       const EdgeFunction<L> &OtherFunction) {

include/phasar/DataFlow/IfdsIde/IDETabulationProblem.h

@@ -34,6 +34,7 @@
 #include <set>
 #include <string>
 #include <type_traits>
+#include <utility>
 
 namespace psr {
 
@@ -122,6 +123,19 @@ class IDETabulationProblem : public FlowFunctions<AnalysisDomainTy, Container>,
     }
   }
 
+  [[nodiscard]] constexpr AnalysisPrinterBase<AnalysisDomainTy> &
+  printer() noexcept {
+    assert(Printer != nullptr);
+    return *Printer;
+  }
+
+  [[nodiscard]] constexpr MaybeUniquePtr<AnalysisPrinterBase<AnalysisDomainTy>>
+  consumePrinter() noexcept {
+    assert(Printer != nullptr);
+    return std::exchange(Printer,
+                         NullAnalysisPrinter<AnalysisDomainTy>::getInstance());
+  }
+
   /// Checks if the given data-flow fact is the special tautological lambda (or
   /// zero) fact.
   [[nodiscard]] virtual bool isZeroValue(d_t FlowFact) const noexcept {
@@ -177,6 +191,10 @@ class IDETabulationProblem : public FlowFunctions<AnalysisDomainTy, Container>,
 
   [[nodiscard]] const db_t *getProjectIRDB() const noexcept { return IRDB; }
 
+  [[nodiscard]] llvm::ArrayRef<std::string> getEntryPoints() const noexcept {
+    return EntryPoints;
+  }
+
 protected:
   typename FlowFunctions<AnalysisDomainTy, Container>::FlowFunctionPtrType
   generateFromZero(d_t FactToGenerate) {

include/phasar/DataFlow/IfdsIde/Solver/IdBasedSolverResults.h

@@ -28,13 +28,13 @@ class IdBasedSolverResultsBase {
   class RowView {
     struct Transformator {
       const detail::IterativeIDESolverResults<n_t, d_t, l_t> *Results{};
-      mutable std::optional<std::pair<d_t, l_t>> Cache{};
 
-      const std::pair<d_t, l_t> &
+      // --v Needed for llvm::mapped_iterator
+      // NOLINTNEXTLINE(readability-const-return-type)
+      const std::pair<const d_t &, const l_t &>
       operator()(ByConstRef<typename row_map_t::value_type> Entry) const {
-        Cache = std::make_pair(Results->FactCompressor[Entry.first],
-                               Results->ValCompressor[Entry.second]);
-        return *Cache;
+        return {Results->FactCompressor[Entry.first],
+                Results->ValCompressor[Entry.second]};
       }
     };
 
@@ -44,6 +44,10 @@ class IdBasedSolverResultsBase {
     using const_iterator = iterator;
     using difference_type = ptrdiff_t;
 
+    using key_type = d_t;
+    using mapped_type = l_t;
+    using value_type = std::pair<d_t, l_t>;
+
     explicit RowView(
         const detail::IterativeIDESolverResults<n_t, d_t, l_t> *Results,
         const row_map_t *Row) noexcept

include/phasar/Domain/LatticeDomain.h

@@ -13,6 +13,7 @@
 #include "phasar/Utils/ByRef.h"
 #include "phasar/Utils/DebugOutput.h"
 #include "phasar/Utils/JoinLattice.h"
+#include "phasar/Utils/Macros.h"
 #include "phasar/Utils/TypeTraits.h"
 
 #include "llvm/ADT/Hashing.h"
@@ -22,6 +23,7 @@
 #include "llvm/Support/raw_ostream.h"
 
 #include <cstdint>
+#include <functional>
 #include <ostream>
 #include <variant>
 
@@ -99,6 +101,13 @@ struct LatticeDomain : public std::variant<Top, L, Bottom> {
     assert(std::holds_alternative<L>(*this));
     return std::get<L>(*this);
   }
+
+  template <typename TransformFn, typename... ArgsT>
+  void onValue(TransformFn Transform, ArgsT &&...Args) {
+    if (auto *Val = getValueOrNull()) {
+      std::invoke(std::move(Transform), *Val, PSR_FWD(Args)...);
+    }
+  }
 };
 
 template <typename L>
@@ -213,6 +222,14 @@ template <typename L> struct JoinLatticeTraits<LatticeDomain<L>> {
       return LHS;
     }
 
+    if constexpr (has_adl_join<l_t>) {
+      if (auto LhsPtr = LHS.getValueOrNull()) {
+        if (auto RhsPtr = RHS.getValueOrNull()) {
+          return psr::adl_join(*LhsPtr, *RhsPtr);
+        }
+      }
+    }
+
     return Bottom{};
   }
 };
@@ -243,7 +260,12 @@ template <typename L> struct hash<psr::LatticeDomain<L>> {
       return SIZE_MAX - 1;
     }
     assert(LD.getValueOrNull() != nullptr);
-    return std::hash<L>{}(*LD.getValueOrNull());
+    if constexpr (psr::is_std_hashable_v<L>) {
+      return std::hash<L>{}(*LD.getValueOrNull());
+    } else {
+      using llvm::hash_value;
+      return hash_value(*LD.getValueOrNull());
+    }
   }
 };
 } // namespace std