npm - svf-lib - Versions diffs - 1.0.2072 → 1.0.2074 - Mend

svf-lib 1.0.2072 → 1.0.2074

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/SVF-linux/Release-build/bin/ae CHANGED Viewed

Binary file

package/SVF-linux/Release-build/bin/svf-ex CHANGED Viewed

Binary file

package/SVF-linux/Release-build/include/AE/Core/AbstractState.h CHANGED Viewed

@@ -46,8 +46,9 @@
 #ifndef Z3_EXAMPLE_INTERVAL_DOMAIN_H
 #define Z3_EXAMPLE_INTERVAL_DOMAIN_H
-#include "AE/Core/IntervalValue.h"
 #include "AE/Core/AbstractValue.h"
+#include "AE/Core/IntervalValue.h"
+#include "SVFIR/SVFVariables.h"
 #include "Util/Z3Expr.h"
 #include <iomanip>
@@ -79,6 +80,21 @@ public:
     virtual ~AbstractState() = default;
+    // getGepObjAddrs
+    AddressValue getGepObjAddrs(u32_t pointer, IntervalValue offset);
+    // initObjVar
+    void initObjVar(ObjVar* objVar);
+    // getElementIndex
+    IntervalValue getElementIndex(const GepStmt* gep);
+    // getByteOffset
+    IntervalValue getByteOffset(const GepStmt* gep);
+    // printAbstractState
+    // loadValue
+    AbstractValue loadValue(NodeID varId);
+    // storeValue
+    void storeValue(NodeID varId, AbstractValue val);
     /// The physical address starts with 0x7f...... + idx
     static inline u32_t getVirtualMemAddress(u32_t idx)
@@ -258,14 +274,9 @@ public:
     /// domain narrow with other, and return the narrowed domain
     AbstractState narrowing(const AbstractState&other);
-    /// domain widen with other, important! other widen this.
-    void widenWith(const AbstractState&other);
     /// domain join with other, important! other widen this.
     void joinWith(const AbstractState&other);
-    /// domain narrow with other, important! other widen this.
-    void narrowWith(const AbstractState&other);
     /// domain meet with other, important! other widen this.
     void meetWith(const AbstractState&other);
@@ -299,8 +310,7 @@ public:
     }
-    /// Print values of all expressions
-    void printExprValues(std::ostream &oss) const;
+    void printAbstractState() const;
     std::string toString() const
     {
@@ -386,9 +396,6 @@ public:
     }
-protected:
-    void printTable(const VarToAbsValMap&table, std::ostream &oss) const;
 };
 }

package/SVF-linux/Release-build/include/AE/Svfexe/AbstractInterpretation.h CHANGED Viewed

@@ -29,9 +29,9 @@
 //
 #include "AE/Core/ICFGWTO.h"
-#include "AE/Svfexe/SVFIR2AbsState.h"
 #include "Util/SVFBugReport.h"
 #include "WPA/Andersen.h"
+#include "AE/Core/AbstractState.h"
 namespace SVF
 {
@@ -137,8 +137,8 @@ protected:
     /// Global ICFGNode is handled at the entry of the program,
     virtual void handleGlobalNode();
-    /// mark recursive functions by detecting SCC in callgraph
-    void markRecursiveFuns();
+    /// Mark recursive functions in the call graph
+    void initWTO();
     /**
      * Check if execution state exist by merging states of predecessor nodes
@@ -146,7 +146,7 @@ protected:
      * @param curNode The ICFGNode to analyse
      * @return if this node has preceding execution state
      */
-    bool propagateStateIfFeasible(const ICFGNode* curNode);
+    bool mergeStatesFromPredecessors(const ICFGNode* curNode);
     /**
      * Check if execution state exist at the branch edge
@@ -161,14 +161,7 @@ protected:
      *
      * @param block basic block that has one instruction or a series of instructions
      */
-    virtual void handleWTONode(const ICFGSingletonWTO *icfgSingletonWto);
-    /**
-     * handle one instruction in ICFGNode
-     *
-     * @param node ICFGNode which has a single instruction
-     */
-    virtual void handleICFGNode(const ICFGNode* node);
+    virtual void handleSingletonWTO(const ICFGSingletonWTO *icfgSingletonWto);
     /**
      * handle call node in ICFGNode
@@ -182,14 +175,10 @@ protected:
      *
      * @param cycle WTOCycle which has weak topo order of basic blocks and nested cycles
      */
-    virtual void handleCycle(const ICFGCycleWTO* cycle);
+    virtual void handleCycleWTO(const ICFGCycleWTO* cycle);
+    void handleWTOComponents(const std::list<const ICFGWTOComp*>& wtoComps);
-    /**
-     * handle user defined function, ext function is not included.
-     *
-     * @param func SVFFunction which has a series of basic blocks
-     */
-    virtual void handleFunc(const SVFFunction* func);
     /**
      * handle SVF Statement like CmpStmt, CallStmt, GepStmt, LoadStmt, StoreStmt, etc.
@@ -332,11 +321,34 @@ protected:
     void AccessMemoryViaCallArgs(const SVF::SVFArgument *arg, SVF::FILOWorkList<const SVFValue *>& worklist, Set<const SVFValue *>& visited);
+    void updateStateOnAddr(const AddrStmt *addr);
+    void updateStateOnBinary(const BinaryOPStmt *binary);
+    void updateStateOnCmp(const CmpStmt *cmp);
+    void updateStateOnLoad(const LoadStmt *load);
+    void updateStateOnStore(const StoreStmt *store);
+    void updateStateOnCopy(const CopyStmt *copy);
+    void updateStateOnCall(const CallPE *callPE);
+    void updateStateOnRet(const RetPE *retPE);
+    void updateStateOnGep(const GepStmt *gep);
+    void updateStateOnSelect(const SelectStmt *select);
+    void updateStateOnPhi(const PhiStmt *phi);
+    IntervalValue getRangeLimitFromType(const SVFType* type);
     /// protected data members, also used in subclasses
     SVFIR* _svfir;
-    PTACallGraph* _callgraph;
     /// Execution State, used to store the Interval Value of every SVF variable
-    SVFIR2AbsState* _svfir2AbsState;
     AEAPI* _api{nullptr};
     ICFG* _icfg;
@@ -347,7 +359,6 @@ protected:
     SVFBugReport _recoder;
     std::vector<const CallICFGNode*> _callSiteStack;
     Map<const ICFGNode*, std::string> _nodeToBugInfo;
-    AndersenWaveDiff* _ander;
     Map<const SVFFunction*, ICFGWTO*> _funcToWTO;
     Set<const SVFFunction*> _recursiveFuns;
@@ -363,13 +374,8 @@ private:
     virtual void indirectCallFunPass(const CallICFGNode* callNode);
 protected:
-    // helper functions in handleCycle
-    bool isFixPointAfterWidening(const ICFGNode* cycle_head,
-                                 AbstractState& pre_as);
-    bool isFixPointAfterNarrowing(const SVF::ICFGNode* cycle_head,
-                                  SVF::AbstractState& pre_as);
-    AbstractState& getAbsState(const ICFGNode* node)
+    AbstractState& getAbsStateFromTrace(const ICFGNode* node)
     {
         const ICFGNode* repNode = _icfg->getRepNode(node);
         if (_postAbsTrace.count(repNode) == 0)
@@ -382,6 +388,12 @@ protected:
         }
     }
+    bool hasAbsStateFromTrace(const ICFGNode* node)
+    {
+        const ICFGNode* repNode = _icfg->getRepNode(node);
+        return _postAbsTrace.count(repNode) != 0;
+    }
 protected:
     // there data should be shared with subclasses
     Map<std::string, std::function<void(const CallSite &)>> _func_map;

package/SVF-linux/Release-build/include/AE/Svfexe/BufOverflowChecker.h CHANGED Viewed

@@ -174,12 +174,23 @@ private:
     */
     virtual void handleSVFStatement(const SVFStmt *stmt) override;
-    /**
-    * handle ICFGNode regarding buffer overflow checking
-    *
-    * @param node ICFGNode
-    */
-    virtual void handleICFGNode(const SVF::ICFGNode *node) override;
+    // TODO: will delete later
+    virtual void handleSingletonWTO(const ICFGSingletonWTO *icfgSingletonWto) override
+    {
+        AbstractInterpretation::handleSingletonWTO(icfgSingletonWto);
+        const ICFGNode* repNode = _icfg->getRepNode(icfgSingletonWto->node());
+        if (_postAbsTrace.count(repNode) == 0)
+        {
+            return;
+        }
+        const std::vector<const ICFGNode*>& worklist_vec = _icfg->getSubNodes(icfgSingletonWto->node());
+        for (auto it = worklist_vec.begin(); it != worklist_vec.end(); ++it)
+        {
+            const ICFGNode* curNode = *it;
+            detectBufOverflow(curNode);
+        }
+    }
     /**
     * check buffer overflow at ICFGNode which is a checkpoint

package/SVF-linux/Release-build/include/AE/Svfexe/ICFGSimplification.h CHANGED Viewed

@@ -27,7 +27,6 @@
 // The implementation is based on
 // Xiao Cheng, Jiawei Wang and Yulei Sui. Precise Sparse Abstract Execution via Cross-Domain Interaction.
 // 46th International Conference on Software Engineering. (ICSE24)
-#include "AE/Svfexe/SVFIR2AbsState.h"
 #include "Graphs/ICFG.h"
 namespace SVF

package/SVF-linux/Release-build/lib/libSvfCore.a CHANGED Viewed

Binary file

package/SVF-osx/Release-build/bin/ae CHANGED Viewed

Binary file

package/SVF-osx/Release-build/include/AE/Svfexe/AbstractInterpretation.h CHANGED Viewed

@@ -143,10 +143,10 @@ protected:
     /**
      * Check if execution state exist by merging states of predecessor nodes
      *
-     * @param curNode The ICFGNode to analyse
+     * @param icfgNode The icfg node to analyse
      * @return if this node has preceding execution state
      */
-    bool mergeStatesFromPredecessors(const ICFGNode* curNode);
+    bool mergeStatesFromPredecessors(const ICFGNode * icfgNode);
     /**
      * Check if execution state exist at the branch edge
@@ -179,6 +179,8 @@ protected:
     void handleWTOComponents(const std::list<const ICFGWTOComp*>& wtoComps);
+    void handleWTOComponent(const ICFGWTOComp* wtoComp);
     /**
      * handle SVF Statement like CmpStmt, CallStmt, GepStmt, LoadStmt, StoreStmt, etc.
@@ -378,20 +380,20 @@ protected:
     AbstractState& getAbsStateFromTrace(const ICFGNode* node)
     {
         const ICFGNode* repNode = _icfg->getRepNode(node);
-        if (_postAbsTrace.count(repNode) == 0)
+        if (_abstractTrace.count(repNode) == 0)
         {
             assert(0 && "No preAbsTrace for this node");
         }
         else
         {
-            return _postAbsTrace[repNode];
+            return _abstractTrace[repNode];
         }
     }
     bool hasAbsStateFromTrace(const ICFGNode* node)
     {
         const ICFGNode* repNode = _icfg->getRepNode(node);
-        return _postAbsTrace.count(repNode) != 0;
+        return _abstractTrace.count(repNode) != 0;
     }
 protected:
@@ -399,8 +401,7 @@ protected:
     Map<std::string, std::function<void(const CallSite &)>> _func_map;
     Set<const CallICFGNode*> _checkpoints;
     Set<std::string> _checkpoint_names;
-    Map<const ICFGNode*, AbstractState> _preAbsTrace;
-    Map<const ICFGNode*, AbstractState> _postAbsTrace;
+    Map<const ICFGNode*, AbstractState> _abstractTrace; // abstract states immediately after nodes
     std::string _moduleName;
 };
 }

package/SVF-osx/Release-build/include/AE/Svfexe/BufOverflowChecker.h CHANGED Viewed

@@ -178,12 +178,12 @@ private:
     virtual void handleSingletonWTO(const ICFGSingletonWTO *icfgSingletonWto) override
     {
         AbstractInterpretation::handleSingletonWTO(icfgSingletonWto);
-        const ICFGNode* repNode = _icfg->getRepNode(icfgSingletonWto->node());
-        if (_postAbsTrace.count(repNode) == 0)
+        const ICFGNode* repNode = _icfg->getRepNode(icfgSingletonWto->getICFGNode());
+        if (_abstractTrace.count(repNode) == 0)
         {
             return;
         }
-        const std::vector<const ICFGNode*>& worklist_vec = _icfg->getSubNodes(icfgSingletonWto->node());
+        const std::vector<const ICFGNode*>& worklist_vec = _icfg->getSubNodes(icfgSingletonWto->getICFGNode());
         for (auto it = worklist_vec.begin(); it != worklist_vec.end(); ++it)
         {

package/SVF-osx/Release-build/include/Graphs/WTO.h CHANGED Viewed

@@ -341,7 +341,7 @@ public:
     }
     /// Return the graph node
-    const NodeT* node() const
+    const NodeT* getICFGNode() const
     {
         return _node;
     }
@@ -457,7 +457,7 @@ public:
         std::string str;
         std::stringstream rawstr(str);
         rawstr << "(";
-        rawstr << _head->node()->getId() << ", ";
+        rawstr << _head->getICFGNode()->getId() << ", ";
         for (auto it = begin(), et = end(); it != et;)
         {
             rawstr << (*it)->toString();
@@ -698,7 +698,7 @@ protected:
         void visit(const WTOCycleT& cycle) override
         {
-            const NodeT* head = cycle.head()->node();
+            const NodeT* head = cycle.head()->getICFGNode();
             WTOCycleDepthPtr previous_cycleDepth = _wtoCycleDepth;
             _nodeToWTOCycleDepth.insert(std::make_pair(head, _wtoCycleDepth));
             _wtoCycleDepth =
@@ -714,7 +714,7 @@ protected:
         void visit(const WTONodeT& node) override
         {
             _nodeToWTOCycleDepth.insert(
-                                    std::make_pair(node.node(), _wtoCycleDepth));
+                                    std::make_pair(node.getICFGNode(), _wtoCycleDepth));
         }
     }; // end class WTOCycleDepthBuilder

package/SVF-osx/Release-build/lib/libSvfCore.a CHANGED Viewed

Binary file

package/SVF-osx/Release-build/lib/libSvfLLVM.a CHANGED Viewed

Binary file

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "svf-lib",
-  "version": "1.0.2072",
+  "version": "1.0.2074",
   "description": "SVF's npm support",
   "main": "index.js",
   "scripts": {

package/SVF-linux/Release-build/include/AE/Svfexe/SVFIR2AbsState.h DELETED Viewed

@@ -1,191 +0,0 @@
-//===- SVFIR2AbsState.h -- SVF IR Translation to Interval Domain-----//
-//
-//                     SVF: Static Value-Flow Analysis
-//
-// Copyright (C) <2013-2022>  <Yulei Sui>
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-//===----------------------------------------------------------------------===//
-/*
- * SVFIR2AbsState.h
- *
- *  Created on: Aug 7, 2022
- *      Author: Jiawei Wang, Xiao Cheng
- *
- */
-// The implementation is based on
-// Xiao Cheng, Jiawei Wang and Yulei Sui. Precise Sparse Abstract Execution via Cross-Domain Interaction.
-// 46th International Conference on Software Engineering. (ICSE24)
-#ifndef Z3_EXAMPLE_SVFIR2ITVEXESTATE_H
-#define Z3_EXAMPLE_SVFIR2ITVEXESTATE_H
-#include "AE/Core/AbstractState.h"
-#include "AE/Core/RelExeState.h"
-#include "SVFIR/SVFIR.h"
-namespace SVF
-{
-class SVFIR2AbsState
-{
-public:
-    static AbstractValue globalNulladdrs;
-public:
-    SVFIR2AbsState(SVFIR *ir) : _svfir(ir) {}
-    void setRelEs(const RelExeState &relEs)
-    {
-        _relEs = relEs;
-    }
-    RelExeState &getRelEs()
-    {
-        return _relEs;
-    }
-    void widenAddrs(AbstractState& es, AbstractState&lhs, const AbstractState&rhs);
-    void narrowAddrs(AbstractState& es, AbstractState&lhs, const AbstractState&rhs);
-    /// Return the field address given a pointer points to a struct object and an offset
-    AddressValue getGepObjAddress(AbstractState& es, u32_t pointer, APOffset offset);
-    /// Return the value range of Integer SVF Type, e.g. unsigned i8 Type->[0, 255], signed i8 Type->[-128, 127]
-    IntervalValue getRangeLimitFromType(const SVFType* type);
-    IntervalValue getZExtValue(const AbstractState& es, const SVFVar* var);
-    IntervalValue getSExtValue(const AbstractState& es, const SVFVar* var);
-    IntervalValue getFPToSIntValue(const AbstractState& es, const SVFVar* var);
-    IntervalValue getFPToUIntValue(const AbstractState& es, const SVFVar* var);
-    IntervalValue getSIntToFPValue(const AbstractState& es, const SVFVar* var);
-    IntervalValue getUIntToFPValue(const AbstractState& es, const SVFVar* var);
-    IntervalValue getTruncValue(const AbstractState& es, const SVFVar* var, const SVFType* dstType);
-    IntervalValue getFPTruncValue(const AbstractState& es, const SVFVar* var, const SVFType* dstType);
-    /// Return the byte offset expression of a GepStmt
-    /// elemBytesize is the element byte size of an static alloc or heap alloc array
-    /// e.g. GepStmt* gep = [i32*10], x, and x is [0,3]
-    /// std::pair<s32_t, s32_t> byteOffset = getByteOffset(gep);
-    /// byteOffset should be [0, 12] since i32 is 4 bytes.
-    IntervalValue getByteOffset(const AbstractState& es, const GepStmt *gep);
-    /// Return the offset expression of a GepStmt
-    IntervalValue getElementIndex(const AbstractState& es, const GepStmt *gep);
-    static z3::context &getContext()
-    {
-        return Z3Expr::getContext();
-    }
-    void applySummary(AbstractState&es);
-    /// Init ObjVar
-    void initObjVar(AbstractState& as, const ObjVar* var);
-    inline AbstractValue &getAddrs(AbstractState& es, u32_t id)
-    {
-        if (inVarToAddrsTable(es, id))
-            return es[id];
-        else
-            return globalNulladdrs;
-    }
-    inline bool inVarTable(const AbstractState& es, u32_t id) const
-    {
-        return es.inVarToValTable(id) || es.inVarToAddrsTable(id);
-    }
-    inline bool inAddrTable(const AbstractState& es, u32_t id) const
-    {
-        return es.inAddrToValTable(id) || es.inAddrToAddrsTable(id);
-    }
-    /// whether the variable is in varToVal table
-    inline bool inVarToValTable(const AbstractState& es, u32_t id) const
-    {
-        return es.inVarToValTable(id);
-    }
-    /// whether the variable is in varToAddrs table
-    inline bool inVarToAddrsTable(const AbstractState& es, u32_t id) const
-    {
-        return es.inVarToAddrsTable(id);
-    }
-    /// whether the memory address stores a interval value
-    inline bool inLocToValTable(const AbstractState& es, u32_t id) const
-    {
-        return es.inAddrToValTable(id);
-    }
-    /// whether the memory address stores memory addresses
-    inline bool inLocToAddrsTable(const AbstractState& es, u32_t id) const
-    {
-        return es.inAddrToAddrsTable(id);
-    }
-    void handleAddr(AbstractState& es, const AddrStmt *addr);
-    void handleBinary(AbstractState& es, const BinaryOPStmt *binary);
-    void handleCmp(AbstractState& es, const CmpStmt *cmp);
-    void handleLoad(AbstractState& es, const LoadStmt *load);
-    void handleStore(AbstractState& es, const StoreStmt *store);
-    void handleCopy(AbstractState& es, const CopyStmt *copy);
-    void handleCall(AbstractState& es, const CallPE *callPE);
-    void handleRet(AbstractState& es, const RetPE *retPE);
-    void handleGep(AbstractState& es, const GepStmt *gep);
-    void handleSelect(AbstractState& es, const SelectStmt *select);
-    void handlePhi(AbstractState& es, const PhiStmt *phi);
-    /// Return the internal index if idx is an address otherwise return the value of idx
-    static inline u32_t getInternalID(u32_t idx)
-    {
-        return AbstractState::getInternalID(idx);
-    }
-    /// The physical address starts with 0x7f...... + idx
-    static inline u32_t getVirtualMemAddress(u32_t idx)
-    {
-        return AbstractState::getVirtualMemAddress(idx);
-    }
-    /// Check bit value of val start with 0x7F000000, filter by 0xFF000000
-    static inline bool isVirtualMemAddress(u32_t val)
-    {
-        return AbstractState::isVirtualMemAddress(val);
-    }
-private:
-    SVFIR *_svfir;
-    RelExeState _relEs;
-};
-}
-#endif //Z3_EXAMPLE_SVFIR2ITVEXESTATE_H