svf-tools 1.0.1029 → 1.0.1031

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "svf-tools",
-  "version": "1.0.1029",
+  "version": "1.0.1031",
   "description": "* <b>[TypeClone](https://github.com/SVF-tools/SVF/wiki/TypeClone) published in our [ECOOP paper](https://yuleisui.github.io/publications/ecoop20.pdf) is now available in SVF </b> * <b>SVF now uses a single script for its build. Just type [`source ./build.sh`](https://github.com/SVF-tools/SVF/blob/master/build.sh) in your terminal, that's it!</b> * <b>SVF now supports LLVM-10.0.0! </b> * <b>We thank [bsauce](https://github.com/bsauce) for writing a user manual of SVF ([link1](https://www.jianshu.com/p/068a08ec749c) and [link2](https://www.jianshu.com/p/777c30d4240e)) in Chinese </b> * <b>SVF now supports LLVM-9.0.0 (Thank [Byoungyoung Lee](https://github.com/SVF-tools/SVF/issues/142) for his help!). </b> * <b>SVF now supports a set of [field-sensitive pointer analyses](https://yuleisui.github.io/publications/sas2019a.pdf). </b> * <b>[Use SVF as an external lib](https://github.com/SVF-tools/SVF/wiki/Using-SVF-as-a-lib-in-your-own-tool) for your own project (Contributed by [Hongxu Chen](https://github.com/HongxuChen)). </b> * <b>SVF now supports LLVM-7.0.0. </b> * <b>SVF now supports Docker. [Try SVF in Docker](https://github.com/SVF-tools/SVF/wiki/Try-SVF-in-Docker)! </b> * <b>SVF now supports [LLVM-6.0.0](https://github.com/svf-tools/SVF/pull/38) (Contributed by [Jack Anthony](https://github.com/jackanth)). </b> * <b>SVF now supports [LLVM-4.0.0](https://github.com/svf-tools/SVF/pull/23) (Contributed by Jared Carlson. Thank [Jared](https://github.com/jcarlson23) and [Will](https://github.com/dtzWill) for their in-depth [discussions](https://github.com/svf-tools/SVF/pull/18) about updating SVF!) </b> * <b>SVF now supports analysis for C++ programs.</b> <br />",
   "main": "index.js",
   "scripts": {

package/svf/include/Graphs/CHG.h

@@ -42,8 +42,9 @@ namespace SVF
 
 class SVFModule;
 class CHNode;
+class GlobalObjVar;
 
-typedef Set<const SVFGlobalValue*> VTableSet;
+typedef Set<const GlobalObjVar*> VTableSet;
 typedef Set<const SVFFunction*> VFunSet;
 
 /// Common base for class hierarchy graph. Only implements what PointerAnalysis needs.
@@ -127,7 +128,7 @@ public:
     ~CHNode()
     {
     }
-    std::string getName() const
+    virtual const std::string& getName() const
     {
         return className;
     }
@@ -181,12 +182,12 @@ public:
     }
     void getVirtualFunctions(u32_t idx, FuncVector &virtualFunctions) const;
 
-    const SVFGlobalValue *getVTable() const
+    const GlobalObjVar *getVTable() const
     {
         return vtable;
     }
 
-    void setVTable(const SVFGlobalValue *vtbl)
+    void setVTable(const GlobalObjVar *vtbl)
     {
         vtable = vtbl;
     }
@@ -210,7 +211,7 @@ public:
     //@}
 
 private:
-    const SVFGlobalValue* vtable;
+    const GlobalObjVar* vtable;
     std::string className;
     size_t flags;
     /*

package/svf/include/Graphs/GenericGraph.h

@@ -160,12 +160,13 @@ public:
         RetNode,                 // ├──Represents a return value node
         VarargNode,              // ├──Represents a variadic argument node
         GlobalValNode,           // ├──Represents a global variable node
+        ConstantAggValNode,      // ├──Represents a constant aggregate value node
         ConstantDataValNode,     // ├──Represents a constant data variable
         BlackHoleNode,           // ├──Represents a black hole node
         ConstantFPValNode,       // ├──Represents a constant float-point value node
         ConstantIntValNode,      // ├── Represents a constant integer value node
         ConstantNullptrValNode,  // ├── Represents a constant nullptr value node
-        DummyValNode,            // ├──Dummy node for uninitialized values
+        DummyValNode,            // ├──Represents a dummy node for uninitialized values
         // │   └── ObjVar: Classes of object variable nodes
         ObjNode,                 // ├──Represents an object variable
         GepObjNode,              // ├──Represents a GEP object variable
@@ -175,6 +176,7 @@ public:
         HeapObjNode,             // ├──Types of heap object
         StackObjNode,            // ├──Types of stack object
         GlobalObjNode,           // ├──Types of global object
+        ConstantAggObjNode,      // ├──Types of constant aggregate object
         ConstantDataObjNode,     // ├──Types of constant data object
         ConstantFPObjNode,       // ├──Types of constant float-point object
         ConstantIntObjNode,      // ├──Types of constant integer object
@@ -250,6 +252,21 @@ public:
         return type;
     }
 
+    inline virtual void setName(const std::string& nameInfo)
+    {
+        name = nameInfo;
+    }
+
+    inline virtual void setName(std::string&& nameInfo)
+    {
+        name = std::move(nameInfo);
+    }
+
+    virtual const std::string& getName() const
+    {
+        return name;
+    }
+
     inline virtual void setSourceLoc(const std::string& sourceCodeInfo)
     {
         sourceLoc = sourceCodeInfo;
@@ -268,6 +285,7 @@ protected:
     GNodeK nodeKind;	///< Node kind
     const SVFType* type; ///< SVF type
 
+    std::string name;
     std::string sourceLoc;  ///< Source code information of this value
 
     /// Helper functions to check node kinds
@@ -290,7 +308,7 @@ protected:
 
     static inline bool isSVFVarKind(GNodeK n)
     {
-        static_assert(DummyObjNode - ValNode == 24,
+        static_assert(DummyObjNode - ValNode == 26,
                       "The number of SVFVarKinds has changed, make sure the "
                       "range is correct");
 
@@ -299,7 +317,7 @@ protected:
 
     static inline bool isValVarKinds(GNodeK n)
     {
-        static_assert(DummyValNode - ValNode == 12,
+        static_assert(DummyValNode - ValNode == 13,
                       "The number of ValVarKinds has changed, make sure the "
                       "range is correct");
         return n <= DummyValNode && n >= ValNode;
@@ -316,7 +334,7 @@ protected:
 
     static inline bool isObjVarKinds(GNodeK n)
     {
-        static_assert(DummyObjNode - ObjNode == 11,
+        static_assert(DummyObjNode - ObjNode == 12,
                       "The number of ObjVarKinds has changed, make sure the "
                       "range is correct");
         return n <= DummyObjNode && n >= ObjNode;
@@ -324,7 +342,7 @@ protected:
 
     static inline bool isBaseObjVarKinds(GNodeK n)
     {
-        static_assert(DummyObjNode - BaseObjNode == 9,
+        static_assert(DummyObjNode - BaseObjNode == 10,
                       "The number of BaseObjVarKinds has changed, make sure the "
                       "range is correct");
         return n <= DummyObjNode && n >= BaseObjNode;

package/svf/include/MemoryModel/PointerAnalysis.h

@@ -104,7 +104,7 @@ public:
     typedef Set<const SVFFunction*> FunctionSet;
     typedef OrderedMap<const CallICFGNode*, FunctionSet> CallEdgeMap;
     typedef SCCDetection<PTACallGraph*> CallGraphSCC;
-    typedef Set<const SVFGlobalValue*> VTableSet;
+    typedef Set<const GlobalObjVar*> VTableSet;
     typedef Set<const SVFFunction*> VFunSet;
     //@}
 

package/svf/include/MemoryModel/PointerAnalysisImpl.h

@@ -570,7 +570,7 @@ public:
                 }
                 else if (!SVFUtil::isa<DummyValVar>(node))
                 {
-                    SVFUtil::outs() << "##<" << node->getValue()->getName() << "> ";
+                    SVFUtil::outs() << "##<" << node->toString() << "> ";
                     //SVFUtil::outs() << "Source Loc: " << SVFUtil::getSourceLoc(node->getValue());
                 }
 

package/svf/include/SVFIR/SVFIR.h

@@ -407,8 +407,7 @@ public:
     {
         const SVFVar* node = getGNode(id);
         if(const GepValVar* gepVar = SVFUtil::dyn_cast<GepValVar>(node))
-            return SVFUtil::dyn_cast<ValVar>(
-                       getGNode(gepVar->getBaseNode()));
+            return gepVar->getBaseNode();
         else
             return SVFUtil::dyn_cast<ValVar>(node);
     }
@@ -590,6 +589,12 @@ private:
         return addNode(node);
     }
 
+    inline NodeID addConstantAggValNode(const SVFValue* curInst, const NodeID i, const ICFGNode* icfgNode)
+    {
+        SVFVar* node = new ConstantAggValVar(curInst, i, icfgNode);
+        return addNode(node);
+    }
+
     inline NodeID addConstantDataValNode(const SVFValue* curInst, const NodeID i, const ICFGNode* icfgNode)
     {
         SVFVar* node = new ConstantDataValVar(curInst, i, icfgNode);
@@ -661,7 +666,13 @@ private:
         GlobalObjVar* gObj = new GlobalObjVar(curInst, i, ti);
         return addObjNode(curInst, gObj);
     }
-
+    inline NodeID addConstantAggObjNode(const SVFValue* curInst,
+                                        const NodeID i, ObjTypeInfo* ti)
+    {
+        memToFieldsMap[i].set(i);
+        ConstantAggObjVar* conObj = new ConstantAggObjVar(curInst, i, ti);
+        return addObjNode(curInst, conObj);
+    }
     inline NodeID addConstantDataObjNode(const SVFValue* curInst, const NodeID i, ObjTypeInfo* ti)
     {
         memToFieldsMap[i].set(i);

package/svf/include/SVFIR/SVFValue.h

@@ -244,10 +244,7 @@ public:
     {
         return name;
     }
-    inline void setName(const std::string& n)
-    {
-        name = n;
-    }
+
     inline void setName(std::string&& n)
     {
         name = std::move(n);

package/svf/include/SVFIR/SVFVariables.h

@@ -46,6 +46,7 @@ class SVFVar : public GenericPAGNodeTy
 {
     friend class SVFIRWriter;
     friend class SVFIRReader;
+    friend class SVFIRBuilder;
     friend class IRGraph;
     friend class SVFIR;
     friend class VFG;
@@ -68,11 +69,13 @@ protected:
     SVFStmt::KindToSVFStmtMapTy InEdgeKindToSetMap;
     SVFStmt::KindToSVFStmtMapTy OutEdgeKindToSetMap;
     bool isPtr;	/// whether it is a pointer (top-level or address-taken)
+
     const SVFFunction* func; /// function containing this variable
 
     /// Constructor to create an empty object (for deserialization)
     SVFVar(NodeID i, PNODEK k) : GenericPAGNodeTy(i, k), value{} {}
 
+
 public:
     /// Constructor
     SVFVar(const SVFValue* val, NodeID i, PNODEK k);
@@ -109,7 +112,10 @@ public:
     }
     /// Whether it is constant data, i.e., "0", "1.001", "str"
     /// or llvm's metadata, i.e., metadata !4087
-    bool isConstDataOrAggDataButNotNullPtr() const;
+    virtual bool isConstDataOrAggDataButNotNullPtr() const
+    {
+        return false;
+    }
 
     /// Whether this is an isolated node on the SVFIR graph
     virtual bool isIsolatedNode() const;
@@ -216,6 +222,24 @@ public:
         return isSVFVarKind(node->getNodeKind());
     }
 
+    inline virtual bool ptrInUncalledFunction() const
+    {
+        if (const SVFFunction* fun = getFunction())
+        {
+            return fun->isUncalledFunction();
+        }
+        else
+        {
+            return false;
+        }
+    }
+
+    virtual bool isConstDataOrAggData() const
+    {
+        return false;
+    }
+
+
 private:
     ///  add methods of the components
     //@{
@@ -465,7 +489,7 @@ class GepValVar: public ValVar
 
 private:
     AccessPath ap;	// AccessPath
-    NodeID base;	// base node id
+    ValVar* base;	// base node
     const SVFType* gepValType;
 
     /// Constructor to create empty GeValVar (for SVFIRReader/deserialization)
@@ -490,14 +514,15 @@ public:
     {
         return node->getNodeKind() == SVFVar::GepValNode;
     }
+    static inline bool classof(const SVFBaseNode* node)
+    {
+        return node->getNodeKind() == SVFVar::GepValNode;
+    }
     //@}
 
     /// Constructor
-    GepValVar(NodeID baseID, const SVFValue* val, NodeID i, const AccessPath& ap,
-              const SVFType* ty)
-        : ValVar(val, i, GepValNode), ap(ap), base(baseID), gepValType(ty)
-    {
-    }
+    GepValVar(ValVar* baseNode, const SVFValue* val, NodeID i, const AccessPath& ap,
+              const SVFType* ty);
 
     /// offset of the base value variable
     inline APOffset getConstantFieldIdx() const
@@ -506,7 +531,7 @@ public:
     }
 
     /// Return the base object from which this GEP node came from.
-    inline NodeID getBaseNode(void) const
+    inline ValVar* getBaseNode(void) const
     {
         return base;
     }
@@ -526,11 +551,24 @@ public:
     }
 
     virtual const std::string toString() const;
+
+    virtual bool isConstDataOrAggDataButNotNullPtr() const
+    {
+        return base->isConstDataOrAggDataButNotNullPtr();
+    }
+    virtual inline bool ptrInUncalledFunction() const
+    {
+        return base->ptrInUncalledFunction();
+    }
+
+    virtual inline bool isConstDataOrAggData() const
+    {
+        return base->isConstDataOrAggData();
+    }
 };
 
 /*
- * Field-insensitive Gep Obj variable, this is dynamic generated for field sensitive analysis
- * Each field-insensitive gep obj node represents all fields of a MemObj (base)
+ * Base memory object variable (address-taken variables in LLVM-based languages)
  */
 class BaseObjVar : public ObjVar
 {
@@ -540,7 +578,7 @@ class BaseObjVar : public ObjVar
 private:
     ObjTypeInfo* typeInfo;
 
-    const SVFBaseNode* gNode;
+    const ICFGNode* icfgNode; /// ICFGNode related to the creation of this object
 
 protected:
     /// Constructor to create empty ObjVar (for SVFIRReader/deserialization)
@@ -571,7 +609,7 @@ public:
     }
     //@}
 
-    /// Constructorx
+    /// Constructor
     BaseObjVar(const SVFValue* val, NodeID i, ObjTypeInfo* ti, PNODEK ty = BaseObjNode)
         :  ObjVar(val, i, ty), typeInfo(ti)
     {
@@ -582,10 +620,10 @@ public:
         return this;
     }
 
-    /// Get the reference value to this object
-    inline const SVFBaseNode* getGNode() const
+    /// Get the ICFGNode related to the creation of this object
+    inline const ICFGNode* getICFGNode() const
     {
-        return gNode;
+        return icfgNode;
     }
 
     /// Return name of a LLVM value
@@ -717,7 +755,7 @@ public:
     {
         return typeInfo->isConstDataOrConstGlobal();
     }
-    bool isConstDataOrAggData() const
+    virtual inline bool isConstDataOrAggData() const
     {
         return typeInfo->isConstDataOrAggData();
     }
@@ -782,7 +820,6 @@ public:
               const APOffset& apOffset, PNODEK ty = GepObjNode)
         : ObjVar(baseObj->hasValue()? baseObj->getValue(): nullptr, i, ty), apOffset(apOffset), base(baseObj)
     {
-
     }
 
     /// offset of the mem object
@@ -817,6 +854,21 @@ public:
     }
 
     virtual const std::string toString() const;
+
+    virtual inline bool ptrInUncalledFunction() const
+    {
+        return base->ptrInUncalledFunction();
+    }
+
+    virtual inline bool isConstDataOrAggData() const
+    {
+        return base->isConstDataOrAggData();
+    }
+
+    virtual bool isConstDataOrAggDataButNotNullPtr() const
+    {
+        return base->isConstDataOrAggDataButNotNullPtr();
+    }
 };
 
 
@@ -1094,6 +1146,58 @@ public:
     virtual const std::string toString() const;
 };
 
+class ConstantAggValVar: public ValVar
+{
+    friend class SVFIRWriter;
+    friend class SVFIRReader;
+
+public:
+    ///  Methods for support type inquiry through isa, cast, and dyn_cast:
+    //@{
+    static inline bool classof(const ConstantAggValVar*)
+    {
+        return true;
+    }
+    static inline bool classof(const ValVar* node)
+    {
+        return node->getNodeKind() == ConstantAggValNode;
+    }
+    static inline bool classof(const SVFVar* node)
+    {
+        return node->getNodeKind() == ConstantAggValNode;
+    }
+    static inline bool classof(const GenericPAGNodeTy* node)
+    {
+        return node->getNodeKind() == ConstantAggValNode;
+    }
+    static inline bool classof(const SVFBaseNode* node)
+    {
+        return node->getNodeKind() == ConstantAggValNode;
+    }
+    //@}
+
+    /// Constructor
+    ConstantAggValVar(const SVFValue* val, NodeID i, const ICFGNode* icn,
+                      PNODEK ty = ConstantAggValNode)
+        : ValVar(val, i,  ty,  icn)
+    {
+
+    }
+
+    virtual bool isConstDataOrAggData() const
+    {
+        return true;
+    }
+
+    virtual bool isConstDataOrAggDataButNotNullPtr() const
+    {
+        return true;
+    }
+
+    virtual const std::string toString() const;
+};
+
+
 class ConstantDataValVar: public ValVar
 {
     friend class SVFIRWriter;
@@ -1132,6 +1236,16 @@ public:
 
     }
 
+    virtual bool isConstDataOrAggData() const
+    {
+        return true;
+    }
+
+    virtual bool isConstDataOrAggDataButNotNullPtr() const
+    {
+        return true;
+    }
+
     virtual const std::string toString() const;
 };
 
@@ -1176,6 +1290,11 @@ public:
 
     }
 
+    virtual bool isConstDataOrAggDataButNotNullPtr() const
+    {
+        return false;
+    }
+
     virtual const std::string toString() const
     {
         return "BlackHoleVar";
@@ -1334,6 +1453,11 @@ public:
 
     }
 
+    virtual bool isConstDataOrAggDataButNotNullPtr() const
+    {
+        return false;
+    }
+
     virtual const std::string toString() const;
 };
 
@@ -1386,6 +1510,62 @@ public:
     virtual const std::string toString() const;
 };
 
+class ConstantAggObjVar: public BaseObjVar
+{
+    friend class SVFIRWriter;
+    friend class SVFIRReader;
+
+public:
+    ///  Methods for support type inquiry through isa, cast, and dyn_cast:
+    //@{
+    static inline bool classof(const ConstantAggObjVar*)
+    {
+        return true;
+    }
+    static inline bool classof(const BaseObjVar* node)
+    {
+        return node->getNodeKind() == ConstantAggObjNode;
+    }
+
+    static inline bool classof(const ObjVar* node)
+    {
+        return node->getNodeKind() == ConstantAggObjNode;
+    }
+    static inline bool classof(const SVFVar* node)
+    {
+        return node->getNodeKind() == ConstantAggObjNode;
+    }
+    static inline bool classof(const GenericPAGNodeTy* node)
+    {
+        return node->getNodeKind() == ConstantAggObjNode;
+    }
+    static inline bool classof(const SVFBaseNode* node)
+    {
+        return node->getNodeKind() == ConstantAggObjNode;
+    }
+    //@}
+
+    /// Constructor
+    ConstantAggObjVar(const SVFValue* val, NodeID i, ObjTypeInfo* ti,
+                      PNODEK ty = ConstantAggObjNode)
+        : BaseObjVar(val, i,  ti, ty)
+    {
+
+    }
+
+    virtual bool isConstDataOrAggData() const
+    {
+        return true;
+    }
+
+    virtual bool isConstDataOrAggDataButNotNullPtr() const
+    {
+        return true;
+    }
+
+    virtual const std::string toString() const;
+};
+
 class ConstantDataObjVar: public BaseObjVar
 {
     friend class SVFIRWriter;
@@ -1430,6 +1610,16 @@ public:
     {
     }
 
+    virtual bool isConstDataOrAggData() const
+    {
+        return true;
+    }
+
+    virtual bool isConstDataOrAggDataButNotNullPtr() const
+    {
+        return true;
+    }
+
     virtual const std::string toString() const;
 };
 
@@ -1617,6 +1807,10 @@ public:
     {
     }
 
+    virtual bool isConstDataOrAggDataButNotNullPtr() const
+    {
+        return false;
+    }
 
     virtual const std::string toString() const;
 };

package/svf/lib/AE/Svfexe/AEDetector.cpp

@@ -70,8 +70,7 @@ void BufOverflowDetector::detect(AbstractState& as, const ICFGNode* node)
                     }
                     else
                     {
-                        const ICFGNode* addrNode = SVFUtil::cast<ICFGNode>(
-                                                       svfir->getBaseObject(objId)->getGNode());
+                        const ICFGNode* addrNode = svfir->getBaseObject(objId)->getICFGNode();
                         for (const SVFStmt* stmt2 : addrNode->getSVFStmts())
                         {
                             if (const AddrStmt* addrStmt = SVFUtil::dyn_cast<AddrStmt>(stmt2))
@@ -472,8 +471,7 @@ bool BufOverflowDetector::canSafelyAccessMemory(AbstractState& as, const SVF::SV
         else
         {
             // if the object is not a constant size object, get the size from the addrStmt
-            const ICFGNode* addrNode = SVFUtil::cast<ICFGNode>(
-                                           svfir->getBaseObject(objId)->getGNode());
+            const ICFGNode* addrNode = svfir->getBaseObject(objId)->getICFGNode();
             for (const SVFStmt* stmt2 : addrNode->getSVFStmts())
             {
                 if (const AddrStmt* addrStmt = SVFUtil::dyn_cast<AddrStmt>(stmt2))

package/svf/lib/AE/Svfexe/AbsExtAPI.cpp

@@ -284,7 +284,7 @@ void AbsExtAPI::initExtFunMap()
             }
             else
             {
-                const ICFGNode* addrNode = SVFUtil::cast<ICFGNode>(svfir->getBaseObject(objId)->getGNode());
+                const ICFGNode* addrNode = svfir->getBaseObject(objId)->getICFGNode();
                 for (const SVFStmt* stmt2: addrNode->getSVFStmts())
                 {
                     if (const AddrStmt* addrStmt = SVFUtil::dyn_cast<AddrStmt>(stmt2))
@@ -478,7 +478,7 @@ IntervalValue AbsExtAPI::getStrlen(AbstractState& as, const SVF::SVFVar *strValu
         }
         else
         {
-            const ICFGNode* icfgNode = SVFUtil::cast<ICFGNode>( svfir->getBaseObject(objId)->getGNode());
+            const ICFGNode* icfgNode = svfir->getBaseObject(objId)->getICFGNode();
             for (const SVFStmt* stmt2: icfgNode->getSVFStmts())
             {
                 if (const AddrStmt* addrStmt = SVFUtil::dyn_cast<AddrStmt>(stmt2))

package/svf/lib/DDA/ContextDDA.cpp

@@ -340,7 +340,7 @@ bool ContextDDA::isHeapCondMemObj(const CxtVar& var, const StoreSVFGNode*)
     assert(baseVar && "base object is null??");
     if (SVFUtil::isa<HeapObjVar, DummyObjVar>(baseVar))
     {
-        if (!obj->getValue())
+        if (!isa<DummyObjVar>(baseVar))
         {
             PAGNode *pnode = _pag->getGNode(getPtrNodeID(var));
             GepObjVar* gepobj = SVFUtil::dyn_cast<GepObjVar>(pnode);
@@ -356,19 +356,15 @@ bool ContextDDA::isHeapCondMemObj(const CxtVar& var, const StoreSVFGNode*)
             }
             return true;
         }
-        else if(const SVFBaseNode* gNode = obj->getGNode())
+        else if(const ICFGNode* node = obj->getICFGNode())
         {
-            if (const auto& node =
-                        SVFUtil::dyn_cast<ICFGNode>(gNode))
-            {
-                const SVFFunction* svfFun = node->getFun();
-                if(_ander->isInRecursion(svfFun))
-                    return true;
-                if(var.get_cond().isConcreteCxt() == false)
-                    return true;
-                if(_pag->getICFG()->isInLoop(node))
-                    return true;
-            }
+            const SVFFunction* svfFun = node->getFun();
+            if(_ander->isInRecursion(svfFun))
+                return true;
+            if(var.get_cond().isConcreteCxt() == false)
+                return true;
+            if(_pag->getICFG()->isInLoop(node))
+                return true;
         }
     }
     return false;