1 //! Dataflow analyses are built upon some interpretation of the
2 //! bitvectors attached to each basic block, represented via a
3 //! zero-sized structure.
5 use rustc_index::bit_set::BitSet;
6 use rustc_index::vec::Idx;
7 use rustc_middle::mir::visit::{MirVisitable, Visitor};
8 use rustc_middle::mir::{self, Body, Location};
9 use rustc_middle::ty::{self, TyCtxt};
11 use crate::drop_flag_effects_for_function_entry;
12 use crate::drop_flag_effects_for_location;
13 use crate::elaborate_drops::DropFlagState;
14 use crate::framework::{CallReturnPlaces, SwitchIntEdgeEffects};
15 use crate::move_paths::{HasMoveData, InitIndex, InitKind, LookupResult, MoveData, MovePathIndex};
16 use crate::on_lookup_result_bits;
17 use crate::MoveDataParamEnv;
18 use crate::{drop_flag_effects, on_all_children_bits};
19 use crate::{lattice, AnalysisDomain, GenKill, GenKillAnalysis};
26 pub use self::borrowed_locals::MaybeBorrowedLocals;
27 pub use self::init_locals::MaybeInitializedLocals;
28 pub use self::liveness::MaybeLiveLocals;
29 pub use self::storage_liveness::{MaybeRequiresStorage, MaybeStorageLive};
31 /// `MaybeInitializedPlaces` tracks all places that might be
32 /// initialized upon reaching a particular point in the control flow
35 /// For example, in code like the following, we have corresponding
36 /// dataflow information shown in the right-hand comments.
40 /// fn foo(pred: bool) { // maybe-init:
42 /// let a = S; let b = S; let c; let d; // {a, b}
54 /// c = S; // {a, b, c, d}
58 /// To determine whether a place *must* be initialized at a
59 /// particular control-flow point, one can take the set-difference
60 /// between this data and the data from `MaybeUninitializedPlaces` at the
61 /// corresponding control-flow point.
63 /// Similarly, at a given `drop` statement, the set-intersection
64 /// between this data and `MaybeUninitializedPlaces` yields the set of
65 /// places that would require a dynamic drop-flag at that statement.
66 pub struct MaybeInitializedPlaces<'a, 'tcx> {
69 mdpe: &'a MoveDataParamEnv<'tcx>,
72 impl<'a, 'tcx> MaybeInitializedPlaces<'a, 'tcx> {
73 pub fn new(tcx: TyCtxt<'tcx>, body: &'a Body<'tcx>, mdpe: &'a MoveDataParamEnv<'tcx>) -> Self {
74 MaybeInitializedPlaces { tcx, body, mdpe }
78 impl<'a, 'tcx> HasMoveData<'tcx> for MaybeInitializedPlaces<'a, 'tcx> {
79 fn move_data(&self) -> &MoveData<'tcx> {
84 /// `MaybeUninitializedPlaces` tracks all places that might be
85 /// uninitialized upon reaching a particular point in the control flow
88 /// For example, in code like the following, we have corresponding
89 /// dataflow information shown in the right-hand comments.
93 /// fn foo(pred: bool) { // maybe-uninit:
95 /// let a = S; let b = S; let c; let d; // { c, d}
98 /// drop(a); // {a, c, d}
99 /// b = S; // {a, c, d}
102 /// drop(b); // { b, c, d}
103 /// d = S; // { b, c }
105 /// } // {a, b, c, d}
107 /// c = S; // {a, b, d}
111 /// To determine whether a place *must* be uninitialized at a
112 /// particular control-flow point, one can take the set-difference
113 /// between this data and the data from `MaybeInitializedPlaces` at the
114 /// corresponding control-flow point.
116 /// Similarly, at a given `drop` statement, the set-intersection
117 /// between this data and `MaybeInitializedPlaces` yields the set of
118 /// places that would require a dynamic drop-flag at that statement.
119 pub struct MaybeUninitializedPlaces<'a, 'tcx> {
121 body: &'a Body<'tcx>,
122 mdpe: &'a MoveDataParamEnv<'tcx>,
124 mark_inactive_variants_as_uninit: bool,
127 impl<'a, 'tcx> MaybeUninitializedPlaces<'a, 'tcx> {
128 pub fn new(tcx: TyCtxt<'tcx>, body: &'a Body<'tcx>, mdpe: &'a MoveDataParamEnv<'tcx>) -> Self {
129 MaybeUninitializedPlaces { tcx, body, mdpe, mark_inactive_variants_as_uninit: false }
132 /// Causes inactive enum variants to be marked as "maybe uninitialized" after a switch on an
133 /// enum discriminant.
135 /// This is correct in a vacuum but is not the default because it causes problems in the borrow
136 /// checker, where this information gets propagated along `FakeEdge`s.
137 pub fn mark_inactive_variants_as_uninit(mut self) -> Self {
138 self.mark_inactive_variants_as_uninit = true;
143 impl<'a, 'tcx> HasMoveData<'tcx> for MaybeUninitializedPlaces<'a, 'tcx> {
144 fn move_data(&self) -> &MoveData<'tcx> {
149 /// `DefinitelyInitializedPlaces` tracks all places that are definitely
150 /// initialized upon reaching a particular point in the control flow
153 /// For example, in code like the following, we have corresponding
154 /// dataflow information shown in the right-hand comments.
158 /// fn foo(pred: bool) { // definite-init:
160 /// let a = S; let b = S; let c; let d; // {a, b }
163 /// drop(a); // { b, }
167 /// drop(b); // {a, }
176 /// To determine whether a place *may* be uninitialized at a
177 /// particular control-flow point, one can take the set-complement
180 /// Similarly, at a given `drop` statement, the set-difference between
181 /// this data and `MaybeInitializedPlaces` yields the set of places
182 /// that would require a dynamic drop-flag at that statement.
183 pub struct DefinitelyInitializedPlaces<'a, 'tcx> {
185 body: &'a Body<'tcx>,
186 mdpe: &'a MoveDataParamEnv<'tcx>,
189 impl<'a, 'tcx> DefinitelyInitializedPlaces<'a, 'tcx> {
190 pub fn new(tcx: TyCtxt<'tcx>, body: &'a Body<'tcx>, mdpe: &'a MoveDataParamEnv<'tcx>) -> Self {
191 DefinitelyInitializedPlaces { tcx, body, mdpe }
195 impl<'a, 'tcx> HasMoveData<'tcx> for DefinitelyInitializedPlaces<'a, 'tcx> {
196 fn move_data(&self) -> &MoveData<'tcx> {
201 /// `EverInitializedPlaces` tracks all places that might have ever been
202 /// initialized upon reaching a particular point in the control flow
203 /// for a function, without an intervening `StorageDead`.
205 /// This dataflow is used to determine if an immutable local variable may
208 /// For example, in code like the following, we have corresponding
209 /// dataflow information shown in the right-hand comments.
213 /// fn foo(pred: bool) { // ever-init:
215 /// let a = S; let b = S; let c; let d; // {a, b }
218 /// drop(a); // {a, b, }
219 /// b = S; // {a, b, }
222 /// drop(b); // {a, b, }
223 /// d = S; // {a, b, d }
227 /// c = S; // {a, b, c, d }
230 pub struct EverInitializedPlaces<'a, 'tcx> {
233 body: &'a Body<'tcx>,
234 mdpe: &'a MoveDataParamEnv<'tcx>,
237 impl<'a, 'tcx> EverInitializedPlaces<'a, 'tcx> {
238 pub fn new(tcx: TyCtxt<'tcx>, body: &'a Body<'tcx>, mdpe: &'a MoveDataParamEnv<'tcx>) -> Self {
239 EverInitializedPlaces { tcx, body, mdpe }
243 impl<'a, 'tcx> HasMoveData<'tcx> for EverInitializedPlaces<'a, 'tcx> {
244 fn move_data(&self) -> &MoveData<'tcx> {
249 impl<'a, 'tcx> MaybeInitializedPlaces<'a, 'tcx> {
251 trans: &mut impl GenKill<MovePathIndex>,
253 state: DropFlagState,
256 DropFlagState::Absent => trans.kill(path),
257 DropFlagState::Present => trans.gen(path),
262 impl<'a, 'tcx> MaybeUninitializedPlaces<'a, 'tcx> {
264 trans: &mut impl GenKill<MovePathIndex>,
266 state: DropFlagState,
269 DropFlagState::Absent => trans.gen(path),
270 DropFlagState::Present => trans.kill(path),
275 impl<'a, 'tcx> DefinitelyInitializedPlaces<'a, 'tcx> {
277 trans: &mut impl GenKill<MovePathIndex>,
279 state: DropFlagState,
282 DropFlagState::Absent => trans.kill(path),
283 DropFlagState::Present => trans.gen(path),
288 impl<'tcx> AnalysisDomain<'tcx> for MaybeInitializedPlaces<'_, 'tcx> {
289 type Domain = BitSet<MovePathIndex>;
290 const NAME: &'static str = "maybe_init";
292 fn bottom_value(&self, _: &mir::Body<'tcx>) -> Self::Domain {
293 // bottom = uninitialized
294 BitSet::new_empty(self.move_data().move_paths.len())
297 fn initialize_start_block(&self, _: &mir::Body<'tcx>, state: &mut Self::Domain) {
298 drop_flag_effects_for_function_entry(self.tcx, self.body, self.mdpe, |path, s| {
299 assert!(s == DropFlagState::Present);
305 impl<'tcx> GenKillAnalysis<'tcx> for MaybeInitializedPlaces<'_, 'tcx> {
306 type Idx = MovePathIndex;
310 trans: &mut impl GenKill<Self::Idx>,
311 statement: &mir::Statement<'tcx>,
314 drop_flag_effects_for_location(self.tcx, self.body, self.mdpe, location, |path, s| {
315 Self::update_bits(trans, path, s)
318 if !self.tcx.sess.opts.debugging_opts.precise_enum_drop_elaboration {
322 // Mark all places as "maybe init" if they are mutably borrowed. See #90752.
323 for_each_mut_borrow(statement, location, |place| {
324 let LookupResult::Exact(mpi) = self.move_data().rev_lookup.find(place.as_ref()) else { return };
325 on_all_children_bits(self.tcx, self.body, self.move_data(), mpi, |child| {
331 fn terminator_effect(
333 trans: &mut impl GenKill<Self::Idx>,
334 terminator: &mir::Terminator<'tcx>,
337 drop_flag_effects_for_location(self.tcx, self.body, self.mdpe, location, |path, s| {
338 Self::update_bits(trans, path, s)
341 if !self.tcx.sess.opts.debugging_opts.precise_enum_drop_elaboration {
345 for_each_mut_borrow(terminator, location, |place| {
346 let LookupResult::Exact(mpi) = self.move_data().rev_lookup.find(place.as_ref()) else { return };
347 on_all_children_bits(self.tcx, self.body, self.move_data(), mpi, |child| {
353 fn call_return_effect(
355 trans: &mut impl GenKill<Self::Idx>,
356 _block: mir::BasicBlock,
357 return_places: CallReturnPlaces<'_, 'tcx>,
359 return_places.for_each(|place| {
360 // when a call returns successfully, that means we need to set
361 // the bits for that dest_place to 1 (initialized).
362 on_lookup_result_bits(
366 self.move_data().rev_lookup.find(place.as_ref()),
374 fn switch_int_edge_effects<G: GenKill<Self::Idx>>(
376 block: mir::BasicBlock,
377 discr: &mir::Operand<'tcx>,
378 edge_effects: &mut impl SwitchIntEdgeEffects<G>,
380 if !self.tcx.sess.opts.debugging_opts.precise_enum_drop_elaboration {
384 let enum_ = discr.place().and_then(|discr| {
385 switch_on_enum_discriminant(self.tcx, &self.body, &self.body[block], discr)
388 let (enum_place, enum_def) = match enum_ {
393 let mut discriminants = enum_def.discriminants(self.tcx);
394 edge_effects.apply(|trans, edge| {
395 let value = match edge.value {
400 // MIR building adds discriminants to the `values` array in the same order as they
401 // are yielded by `AdtDef::discriminants`. We rely on this to match each
402 // discriminant in `values` to its corresponding variant in linear time.
403 let (variant, _) = discriminants
404 .find(|&(_, discr)| discr.val == value)
405 .expect("Order of `AdtDef::discriminants` differed from `SwitchInt::values`");
407 // Kill all move paths that correspond to variants we know to be inactive along this
408 // particular outgoing edge of a `SwitchInt`.
409 drop_flag_effects::on_all_inactive_variants(
415 |mpi| trans.kill(mpi),
421 impl<'tcx> AnalysisDomain<'tcx> for MaybeUninitializedPlaces<'_, 'tcx> {
422 type Domain = BitSet<MovePathIndex>;
424 const NAME: &'static str = "maybe_uninit";
426 fn bottom_value(&self, _: &mir::Body<'tcx>) -> Self::Domain {
427 // bottom = initialized (start_block_effect counters this at outset)
428 BitSet::new_empty(self.move_data().move_paths.len())
431 // sets on_entry bits for Arg places
432 fn initialize_start_block(&self, _: &mir::Body<'tcx>, state: &mut Self::Domain) {
433 // set all bits to 1 (uninit) before gathering counterevidence
436 drop_flag_effects_for_function_entry(self.tcx, self.body, self.mdpe, |path, s| {
437 assert!(s == DropFlagState::Present);
443 impl<'tcx> GenKillAnalysis<'tcx> for MaybeUninitializedPlaces<'_, 'tcx> {
444 type Idx = MovePathIndex;
448 trans: &mut impl GenKill<Self::Idx>,
449 _statement: &mir::Statement<'tcx>,
452 drop_flag_effects_for_location(self.tcx, self.body, self.mdpe, location, |path, s| {
453 Self::update_bits(trans, path, s)
456 // Unlike in `MaybeInitializedPlaces` above, we don't need to change the state when a
457 // mutable borrow occurs. Places cannot become uninitialized through a mutable reference.
460 fn terminator_effect(
462 trans: &mut impl GenKill<Self::Idx>,
463 _terminator: &mir::Terminator<'tcx>,
466 drop_flag_effects_for_location(self.tcx, self.body, self.mdpe, location, |path, s| {
467 Self::update_bits(trans, path, s)
471 fn call_return_effect(
473 trans: &mut impl GenKill<Self::Idx>,
474 _block: mir::BasicBlock,
475 return_places: CallReturnPlaces<'_, 'tcx>,
477 return_places.for_each(|place| {
478 // when a call returns successfully, that means we need to set
479 // the bits for that dest_place to 0 (initialized).
480 on_lookup_result_bits(
484 self.move_data().rev_lookup.find(place.as_ref()),
492 fn switch_int_edge_effects<G: GenKill<Self::Idx>>(
494 block: mir::BasicBlock,
495 discr: &mir::Operand<'tcx>,
496 edge_effects: &mut impl SwitchIntEdgeEffects<G>,
498 if !self.tcx.sess.opts.debugging_opts.precise_enum_drop_elaboration {
502 if !self.mark_inactive_variants_as_uninit {
506 let enum_ = discr.place().and_then(|discr| {
507 switch_on_enum_discriminant(self.tcx, &self.body, &self.body[block], discr)
510 let (enum_place, enum_def) = match enum_ {
515 let mut discriminants = enum_def.discriminants(self.tcx);
516 edge_effects.apply(|trans, edge| {
517 let value = match edge.value {
522 // MIR building adds discriminants to the `values` array in the same order as they
523 // are yielded by `AdtDef::discriminants`. We rely on this to match each
524 // discriminant in `values` to its corresponding variant in linear time.
525 let (variant, _) = discriminants
526 .find(|&(_, discr)| discr.val == value)
527 .expect("Order of `AdtDef::discriminants` differed from `SwitchInt::values`");
529 // Mark all move paths that correspond to variants other than this one as maybe
530 // uninitialized (in reality, they are *definitely* uninitialized).
531 drop_flag_effects::on_all_inactive_variants(
537 |mpi| trans.gen(mpi),
543 impl<'a, 'tcx> AnalysisDomain<'tcx> for DefinitelyInitializedPlaces<'a, 'tcx> {
544 /// Use set intersection as the join operator.
545 type Domain = lattice::Dual<BitSet<MovePathIndex>>;
547 const NAME: &'static str = "definite_init";
549 fn bottom_value(&self, _: &mir::Body<'tcx>) -> Self::Domain {
550 // bottom = initialized (start_block_effect counters this at outset)
551 lattice::Dual(BitSet::new_filled(self.move_data().move_paths.len()))
554 // sets on_entry bits for Arg places
555 fn initialize_start_block(&self, _: &mir::Body<'tcx>, state: &mut Self::Domain) {
558 drop_flag_effects_for_function_entry(self.tcx, self.body, self.mdpe, |path, s| {
559 assert!(s == DropFlagState::Present);
560 state.0.insert(path);
565 impl<'tcx> GenKillAnalysis<'tcx> for DefinitelyInitializedPlaces<'_, 'tcx> {
566 type Idx = MovePathIndex;
570 trans: &mut impl GenKill<Self::Idx>,
571 _statement: &mir::Statement<'tcx>,
574 drop_flag_effects_for_location(self.tcx, self.body, self.mdpe, location, |path, s| {
575 Self::update_bits(trans, path, s)
579 fn terminator_effect(
581 trans: &mut impl GenKill<Self::Idx>,
582 _terminator: &mir::Terminator<'tcx>,
585 drop_flag_effects_for_location(self.tcx, self.body, self.mdpe, location, |path, s| {
586 Self::update_bits(trans, path, s)
590 fn call_return_effect(
592 trans: &mut impl GenKill<Self::Idx>,
593 _block: mir::BasicBlock,
594 return_places: CallReturnPlaces<'_, 'tcx>,
596 return_places.for_each(|place| {
597 // when a call returns successfully, that means we need to set
598 // the bits for that dest_place to 1 (initialized).
599 on_lookup_result_bits(
603 self.move_data().rev_lookup.find(place.as_ref()),
612 impl<'tcx> AnalysisDomain<'tcx> for EverInitializedPlaces<'_, 'tcx> {
613 type Domain = BitSet<InitIndex>;
615 const NAME: &'static str = "ever_init";
617 fn bottom_value(&self, _: &mir::Body<'tcx>) -> Self::Domain {
618 // bottom = no initialized variables by default
619 BitSet::new_empty(self.move_data().inits.len())
622 fn initialize_start_block(&self, body: &mir::Body<'tcx>, state: &mut Self::Domain) {
623 for arg_init in 0..body.arg_count {
624 state.insert(InitIndex::new(arg_init));
629 impl<'tcx> GenKillAnalysis<'tcx> for EverInitializedPlaces<'_, 'tcx> {
630 type Idx = InitIndex;
632 #[instrument(skip(self, trans), level = "debug")]
635 trans: &mut impl GenKill<Self::Idx>,
636 stmt: &mir::Statement<'tcx>,
639 let move_data = self.move_data();
640 let init_path_map = &move_data.init_path_map;
641 let init_loc_map = &move_data.init_loc_map;
642 let rev_lookup = &move_data.rev_lookup;
644 debug!("initializes move_indexes {:?}", &init_loc_map[location]);
645 trans.gen_all(init_loc_map[location].iter().copied());
647 if let mir::StatementKind::StorageDead(local) = stmt.kind {
648 // End inits for StorageDead, so that an immutable variable can
649 // be reinitialized on the next iteration of the loop.
650 let move_path_index = rev_lookup.find_local(local);
651 debug!("clears the ever initialized status of {:?}", init_path_map[move_path_index]);
652 trans.kill_all(init_path_map[move_path_index].iter().copied());
656 #[instrument(skip(self, trans, _terminator), level = "debug")]
657 fn terminator_effect(
659 trans: &mut impl GenKill<Self::Idx>,
660 _terminator: &mir::Terminator<'tcx>,
663 let (body, move_data) = (self.body, self.move_data());
664 let term = body[location.block].terminator();
665 let init_loc_map = &move_data.init_loc_map;
667 debug!("initializes move_indexes {:?}", init_loc_map[location]);
669 init_loc_map[location]
671 .filter(|init_index| {
672 move_data.inits[**init_index].kind != InitKind::NonPanicPathOnly
678 fn call_return_effect(
680 trans: &mut impl GenKill<Self::Idx>,
681 block: mir::BasicBlock,
682 _return_places: CallReturnPlaces<'_, 'tcx>,
684 let move_data = self.move_data();
685 let init_loc_map = &move_data.init_loc_map;
687 let call_loc = self.body.terminator_loc(block);
688 for init_index in &init_loc_map[call_loc] {
689 trans.gen(*init_index);
694 /// Inspect a `SwitchInt`-terminated basic block to see if the condition of that `SwitchInt` is
695 /// an enum discriminant.
697 /// We expect such blocks to have a call to `discriminant` as their last statement like so:
701 /// _42 = discriminant(_1)
702 /// SwitchInt(_42, ..)
705 /// If the basic block matches this pattern, this function returns the place corresponding to the
706 /// enum (`_1` in the example above) as well as the `AdtDef` of that enum.
707 fn switch_on_enum_discriminant(
709 body: &'mir mir::Body<'tcx>,
710 block: &'mir mir::BasicBlockData<'tcx>,
711 switch_on: mir::Place<'tcx>,
712 ) -> Option<(mir::Place<'tcx>, &'tcx ty::AdtDef)> {
713 match block.statements.last().map(|stmt| &stmt.kind) {
714 Some(mir::StatementKind::Assign(box (lhs, mir::Rvalue::Discriminant(discriminated))))
715 if *lhs == switch_on =>
717 match &discriminated.ty(body, tcx).ty.kind() {
718 ty::Adt(def, _) => Some((*discriminated, def)),
720 // `Rvalue::Discriminant` is also used to get the active yield point for a
721 // generator, but we do not need edge-specific effects in that case. This may
722 // change in the future.
723 ty::Generator(..) => None,
725 t => bug!("`discriminant` called on unexpected type {:?}", t),
733 struct OnMutBorrow<F>(F);
735 impl<F> Visitor<'_> for OnMutBorrow<F>
737 F: FnMut(&mir::Place<'_>),
739 fn visit_rvalue(&mut self, rvalue: &mir::Rvalue<'_>, location: Location) {
740 // FIXME: Does `&raw const foo` allow mutation? See #90413.
742 mir::Rvalue::Ref(_, mir::BorrowKind::Mut { .. }, place)
743 | mir::Rvalue::AddressOf(_, place) => (self.0)(place),
748 self.super_rvalue(rvalue, location)
752 /// Calls `f` for each mutable borrow or raw reference in the program.
754 /// This DOES NOT call `f` for a shared borrow of a type with interior mutability. That's okay for
755 /// initializedness, because we cannot move from an `UnsafeCell` (outside of `core::cell`), but
756 /// other analyses will likely need to check for `!Freeze`.
757 fn for_each_mut_borrow<'tcx>(
758 mir: &impl MirVisitable<'tcx>,
760 f: impl FnMut(&mir::Place<'_>),
762 let mut vis = OnMutBorrow(f);
764 mir.apply(location, &mut vis);
projects / rust.git / blob