svf-tools 1.0.1035 → 1.0.1037

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "svf-tools",
-  "version": "1.0.1035",
+  "version": "1.0.1037",
   "description": "* <b>[TypeClone](https://github.com/SVF-tools/SVF/wiki/TypeClone) published in our [ECOOP paper](https://yuleisui.github.io/publications/ecoop20.pdf) is now available in SVF </b> * <b>SVF now uses a single script for its build. Just type [`source ./build.sh`](https://github.com/SVF-tools/SVF/blob/master/build.sh) in your terminal, that's it!</b> * <b>SVF now supports LLVM-10.0.0! </b> * <b>We thank [bsauce](https://github.com/bsauce) for writing a user manual of SVF ([link1](https://www.jianshu.com/p/068a08ec749c) and [link2](https://www.jianshu.com/p/777c30d4240e)) in Chinese </b> * <b>SVF now supports LLVM-9.0.0 (Thank [Byoungyoung Lee](https://github.com/SVF-tools/SVF/issues/142) for his help!). </b> * <b>SVF now supports a set of [field-sensitive pointer analyses](https://yuleisui.github.io/publications/sas2019a.pdf). </b> * <b>[Use SVF as an external lib](https://github.com/SVF-tools/SVF/wiki/Using-SVF-as-a-lib-in-your-own-tool) for your own project (Contributed by [Hongxu Chen](https://github.com/HongxuChen)). </b> * <b>SVF now supports LLVM-7.0.0. </b> * <b>SVF now supports Docker. [Try SVF in Docker](https://github.com/SVF-tools/SVF/wiki/Try-SVF-in-Docker)! </b> * <b>SVF now supports [LLVM-6.0.0](https://github.com/svf-tools/SVF/pull/38) (Contributed by [Jack Anthony](https://github.com/jackanth)). </b> * <b>SVF now supports [LLVM-4.0.0](https://github.com/svf-tools/SVF/pull/23) (Contributed by Jared Carlson. Thank [Jared](https://github.com/jcarlson23) and [Will](https://github.com/dtzWill) for their in-depth [discussions](https://github.com/svf-tools/SVF/pull/18) about updating SVF!) </b> * <b>SVF now supports analysis for C++ programs.</b> <br />",
   "main": "index.js",
   "scripts": {

package/svf/include/Graphs/IRGraph.h

@@ -42,6 +42,8 @@ namespace SVF
 typedef SVFVar PAGNode;
 typedef SVFStmt PAGEdge;
 
+class ObjTypeInfo;
+
 /*
  * Graph representation of SVF IR.
  * It can be seen as a program assignment graph (PAG).
@@ -50,6 +52,53 @@ class IRGraph : public GenericGraph<SVFVar, SVFStmt>
 {
     friend class SVFIRWriter;
     friend class SVFIRReader;
+    friend class SymbolTableBuilder;
+
+public:
+
+    /// Symbol types
+    enum SYMTYPE
+    {
+        NullPtr,
+        BlkPtr,
+        BlackHole,
+        ConstantObj,
+        ValSymbol,
+        ObjSymbol,
+        RetSymbol,
+        VarargSymbol
+    };
+
+    /// various maps defined
+    //{@
+    /// sym id to obj type info map
+    typedef OrderedMap<NodeID, ObjTypeInfo*> IDToTypeInfoMapTy;
+
+    /// function to sym id map
+    typedef OrderedMap<const SVFFunction*, NodeID> FunToIDMapTy;
+    /// struct type to struct info map
+    typedef Set<const SVFType*> SVFTypeSet;
+    //@}
+
+private:
+    FunToIDMapTy returnSymMap; ///< return map
+    FunToIDMapTy varargSymMap; ///< vararg map
+    IDToTypeInfoMapTy objTypeInfoMap;       ///< map a memory sym id to its obj
+
+    /// (owned) All SVF Types
+    /// Every type T is mapped to StInfo
+    /// which contains size (fsize) , offset(foffset)
+    /// fsize[i] is the number of fields in the largest such struct, else fsize[i] = 1.
+    /// fsize[0] is always the size of the expanded struct.
+    SVFTypeSet svfTypes;
+
+    /// @brief (owned) All StInfo
+    Set<const StInfo*> stInfos;
+
+    /// total number of symbols
+    NodeID totalSymNum;
+
+    void destorySymTable();
 
 public:
     typedef Set<const SVFStmt*> SVFStmtSet;
@@ -60,7 +109,8 @@ protected:
     bool fromFile; ///< Whether the SVFIR is built according to user specified data from a txt file
     NodeID nodeNumAfterPAGBuild; ///< initial node number after building SVFIR, excluding later added nodes, e.g., gepobj nodes
     u32_t totalPTAPAGEdge;
-    SymbolTableInfo* symInfo;
+    u32_t valVarNum;
+    u32_t objVarNum;
 
     /// Add a node into the graph
     inline NodeID addNode(SVFVar* node)
@@ -86,74 +136,178 @@ protected:
 
 public:
     IRGraph(bool buildFromFile)
-        : fromFile(buildFromFile), nodeNumAfterPAGBuild(0), totalPTAPAGEdge(0)
+        : totalSymNum(0), fromFile(buildFromFile), nodeNumAfterPAGBuild(0), totalPTAPAGEdge(0), valVarNum(0), objVarNum(0),
+          maxStruct(nullptr), maxStSize(0)
     {
-        symInfo = SymbolTableInfo::SymbolInfo();
     }
 
     virtual ~IRGraph();
 
-    inline SymbolTableInfo* getSymbolInfo() const
-    {
-        return symInfo;
-    }
+
     /// Whether this SVFIR built from a txt file
     inline bool isBuiltFromFile()
     {
         return fromFile;
     }
 
-    /// Get SVFIR Node according to LLVM value
-    ///getNode - Return the node corresponding to the specified pointer.
-    inline NodeID getValueNode(const SVFValue* V)
+    /// special value
+    // @{
+    static inline bool isBlkPtr(NodeID id)
     {
-        return symInfo->getValSym(V);
+        return (id == BlkPtr);
     }
-    inline bool hasValueNode(const SVFValue* V)
+    static inline bool isNullPtr(NodeID id)
     {
-        return symInfo->hasValSym(V);
+        return (id == NullPtr);
     }
-    /// getObject - Return the obj node id refer to the memory object for the
-    /// specified global, heap or alloca instruction according to llvm value.
-    inline NodeID getObjectNode(const SVFValue* V)
+    static inline bool isBlkObj(NodeID id)
     {
-        return symInfo->getObjSym(V);
+        return (id == BlackHole);
     }
-    /// GetReturnNode - Return the unique node representing the return value of a function
-    inline NodeID getReturnNode(const SVFFunction* func) const
+    static inline bool isConstantSym(NodeID id)
     {
-        return symInfo->getRetSym(func);
+        return (id == ConstantObj);
     }
-    /// getVarargNode - Return the unique node representing the variadic argument of a variadic function.
-    inline NodeID getVarargNode(const SVFFunction* func) const
+    static inline bool isBlkObjOrConstantObj(NodeID id)
+    {
+        return (isBlkObj(id) || isConstantSym(id));
+    }
+
+    inline NodeID blkPtrSymID() const
+    {
+        return BlkPtr;
+    }
+
+    inline NodeID nullPtrSymID() const
+    {
+        return NullPtr;
+    }
+
+    inline NodeID constantSymID() const
+    {
+        return ConstantObj;
+    }
+
+    inline NodeID blackholeSymID() const
+    {
+        return BlackHole;
+    }
+
+    /// Statistics
+    //@{
+    inline u32_t getTotalSymNum() const
+    {
+        return totalSymNum;
+    }
+    inline u32_t getMaxStructSize() const
+    {
+        return maxStSize;
+    }
+    //@}
+
+    /// Get different kinds of syms maps
+    //@{
+    inline IDToTypeInfoMapTy& idToObjTypeInfoMap()
+    {
+        return objTypeInfoMap;
+    }
+
+    inline const IDToTypeInfoMapTy& idToObjTypeInfoMap() const
     {
-        return symInfo->getVarargSym(func);
+        return objTypeInfoMap;
     }
+
+    inline FunToIDMapTy& retSyms()
+    {
+        return returnSymMap;
+    }
+
+    inline FunToIDMapTy& varargSyms()
+    {
+        return varargSymMap;
+    }
+
+    //@}
+
+    inline ObjTypeInfo* getObjTypeInfo(NodeID id) const
+    {
+        IDToTypeInfoMapTy::const_iterator iter = objTypeInfoMap.find(id);
+        assert(iter!=objTypeInfoMap.end() && "obj type info not found");
+        return iter->second;
+    }
+
+    /// GetReturnNode - Return the unique node representing the return value of a function
+    NodeID getReturnNode(const SVFFunction* func) const;
+
+    /// getVarargNode - Return the unique node representing the variadic argument of a variadic function.
+    NodeID getVarargNode(const SVFFunction* func) const;
+
     inline NodeID getBlackHoleNode() const
     {
-        return symInfo->blackholeSymID();
+        return blackholeSymID();
     }
     inline NodeID getConstantNode() const
     {
-        return symInfo->constantSymID();
+        return constantSymID();
     }
     inline NodeID getBlkPtr() const
     {
-        return symInfo->blkPtrSymID();
+        return blkPtrSymID();
     }
     inline NodeID getNullPtr() const
     {
-        return symInfo->nullPtrSymID();
+        return nullPtrSymID();
+    }
+
+    u32_t getValueNodeNum();
+
+    u32_t getObjectNodeNum();
+
+    /// Constant reader that won't change the state of the symbol table
+    //@{
+    inline const SVFTypeSet& getSVFTypes() const
+    {
+        return svfTypes;
     }
 
-    inline u32_t getValueNodeNum() const
+    inline const Set<const StInfo*>& getStInfos() const
     {
-        return symInfo->valSyms().size();
+        return stInfos;
     }
-    inline u32_t getObjectNodeNum() const
+    //@}
+    /// Given an offset from a Gep Instruction, return it modulus offset by considering memory layout
+    virtual APOffset getModulusOffset(const BaseObjVar* baseObj, const APOffset& apOffset);
+    /// Get struct info
+    //@{
+    ///Get a reference to StructInfo.
+    const StInfo* getTypeInfo(const SVFType* T) const;
+    inline bool hasSVFTypeInfo(const SVFType* T)
     {
-        return symInfo->idToObjTypeInfoMap().size();
+        return svfTypes.find(T) != svfTypes.end();
     }
+
+    /// Create an objectInfo based on LLVM type (value is null, and type could be null, representing a dummy object)
+    ObjTypeInfo* createObjTypeInfo(const SVFType* type);
+
+    const ObjTypeInfo* createDummyObjTypeInfo(NodeID symId, const SVFType* type);
+
+    ///Get a reference to the components of struct_info.
+    /// Number of flattened elements of an array or struct
+    u32_t getNumOfFlattenElements(const SVFType* T);
+    /// Flattened element idx of an array or struct by considering stride
+    u32_t getFlattenedElemIdx(const SVFType* T, u32_t origId);
+    /// Return the type of a flattened element given a flattened index
+    const SVFType* getFlatternedElemType(const SVFType* baseType, u32_t flatten_idx);
+    ///  struct A { int id; int salary; }; struct B { char name[20]; struct A a;}   B b;
+    ///  OriginalElemType of b with field_idx 1 : Struct A
+    ///  FlatternedElemType of b with field_idx 1 : int
+    const SVFType* getOriginalElemType(const SVFType* baseType, u32_t origId) const;
+    //@}
+
+    /// Debug method
+    void printFlattenFields(const SVFType* type);
+
+
     inline u32_t getNodeNumAfterPAGBuild() const
     {
         return nodeNumAfterPAGBuild;
@@ -181,11 +335,38 @@ public:
         return "SVFIR";
     }
 
+    void dumpSymTable();
+
     /// Dump SVFIR
     void dump(std::string name);
 
     /// View graph from the debugger
     void view();
+
+
+
+    ///The struct type with the most fields
+    const SVFType* maxStruct;
+
+    ///The number of fields in max_struct
+    u32_t maxStSize;
+
+    inline void addTypeInfo(const SVFType* ty)
+    {
+        bool inserted = svfTypes.insert(ty).second;
+        if(!inserted)
+            assert(false && "this type info has been added before");
+    }
+
+    inline void addStInfo(StInfo* stInfo)
+    {
+        stInfos.insert(stInfo);
+    }
+
+protected:
+
+    /// Return the flattened field type for struct type only
+    const std::vector<const SVFType*>& getFlattenFieldTypes(const SVFStructType *T);
 };
 
 }

package/svf/include/MemoryModel/AccessPath.h

@@ -51,7 +51,6 @@ class SVFVar;
 */
 class AccessPath
 {
-    friend class SymbolTableInfo;
     friend class SVFIRWriter;
     friend class SVFIRReader;
 

package/svf/include/SVFIR/ObjTypeInfo.h

@@ -0,0 +1,225 @@
+//===- ObjTypeInfo.h -- Object type information------------------------//
+//
+//                     SVF: Static Value-Flow Analysis
+//
+// Copyright (C) <2013->  <Yulei Sui>
+//
+
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+//===----------------------------------------------------------------------===//
+
+/*
+ * ObjTypeInfo.h
+ *
+ *  Created on: Nov 11, 2013
+ *      Author: Yulei Sui
+ */
+
+#ifndef INCLUDE_SVFIR_OBJTYPEINFO_H_
+#define INCLUDE_SVFIR_OBJTYPEINFO_H_
+
+
+#include "Util/SVFUtil.h"
+#include "MemoryModel/AccessPath.h"
+#include "SVFIR/SVFModule.h"
+namespace SVF
+{
+
+/*!
+ * Type Info of an abstract memory object
+ */
+class ObjTypeInfo
+{
+    friend class SVFIRWriter;
+    friend class SVFIRReader;
+    friend class SymbolTableBuilder;
+
+public:
+    typedef enum
+    {
+        FUNCTION_OBJ = 0x1,  // object is a function
+        GLOBVAR_OBJ = 0x2,  // object is a global variable
+        STATIC_OBJ = 0x4,  // object is a static variable allocated before main
+        STACK_OBJ = 0x8,  // object is a stack variable
+        HEAP_OBJ = 0x10,  // object is a heap variable
+        VAR_STRUCT_OBJ = 0x20,  // object contains struct
+        VAR_ARRAY_OBJ = 0x40,  // object contains array
+        CONST_STRUCT_OBJ = 0x80,  // constant struct
+        CONST_ARRAY_OBJ = 0x100,  // constant array
+        CONST_GLOBAL_OBJ = 0x200,  // global constant object
+        CONST_DATA = 0x400,  // constant object str e.g. 5, 10, 1.0
+    } MEMTYPE;
+
+private:
+    /// SVF type
+    const SVFType* type;
+    /// Type flags
+    u32_t flags;
+    /// Max offset for flexible field sensitive analysis
+    /// maximum number of field object can be created
+    /// minimum number is 0 (field insensitive analysis)
+    u32_t maxOffsetLimit;
+    /// Size of the object or number of elements
+    u32_t elemNum;
+
+    /// Byte size of object
+    u32_t byteSize;
+
+    inline void resetTypeForHeapStaticObj(const SVFType* t)
+    {
+        assert((isStaticObj() || isHeap()) && "can only reset the inferred type for heap and static objects!");
+        type = t;
+    }
+public:
+
+    /// Constructors
+    ObjTypeInfo(const SVFType* t, u32_t max) : type(t), flags(0), maxOffsetLimit(max), elemNum(max)
+    {
+        assert(t && "no type information for this object?");
+    }
+
+    /// Destructor
+    virtual ~ObjTypeInfo()
+    {
+    }
+
+    /// Get LLVM type
+    inline const SVFType* getType() const
+    {
+        return type;
+    }
+
+    /// Get max field offset limit
+    inline u32_t getMaxFieldOffsetLimit()
+    {
+        return maxOffsetLimit;
+    }
+
+    /// Get max field offset limit
+    inline void setMaxFieldOffsetLimit(u32_t limit)
+    {
+        maxOffsetLimit = limit;
+    }
+
+    /// Set the number of elements of this object
+    inline void setNumOfElements(u32_t num)
+    {
+        elemNum = num;
+        setMaxFieldOffsetLimit(num);
+    }
+
+    /// Get the number of elements of this object
+    inline u32_t getNumOfElements() const
+    {
+        return elemNum;
+    }
+
+    /// Get the byte size of this object
+    inline u32_t getByteSizeOfObj() const
+    {
+        assert(isConstantByteSize() && "This Obj's byte size is not constant.");
+        return byteSize;
+    }
+
+    /// Set the byte size of this object
+    inline void setByteSizeOfObj(u32_t size)
+    {
+        byteSize = size;
+    }
+
+    /// Check if byte size is a const value
+    inline bool isConstantByteSize() const
+    {
+        return byteSize != 0;
+    }
+
+    /// Flag for this object type
+    //@{
+    inline void setFlag(MEMTYPE mask)
+    {
+        flags |= mask;
+    }
+    inline bool hasFlag(MEMTYPE mask)
+    {
+        return (flags & mask) == mask;
+    }
+    //@}
+
+    /// Object attributes
+    //@{
+    inline bool isFunction()
+    {
+        return hasFlag(FUNCTION_OBJ);
+    }
+    inline bool isGlobalObj()
+    {
+        return hasFlag(GLOBVAR_OBJ);
+    }
+    inline bool isStaticObj()
+    {
+        return hasFlag(STATIC_OBJ);
+    }
+    inline bool isStack()
+    {
+        return hasFlag(STACK_OBJ);
+    }
+    inline bool isHeap()
+    {
+        return hasFlag(HEAP_OBJ);
+    }
+    //@}
+
+    /// Object attributes (noted that an object can be a nested compound types)
+    /// e.g. both isStruct and isArray can return true
+    //@{
+    inline bool isVarStruct()
+    {
+        return hasFlag(VAR_STRUCT_OBJ);
+    }
+    inline bool isConstantStruct()
+    {
+        return hasFlag(CONST_STRUCT_OBJ);
+    }
+    inline bool isStruct()
+    {
+        return hasFlag(VAR_STRUCT_OBJ) || hasFlag(CONST_STRUCT_OBJ);
+    }
+    inline bool isVarArray()
+    {
+        return hasFlag(VAR_ARRAY_OBJ);
+    }
+    inline bool isConstantArray()
+    {
+        return  hasFlag(CONST_ARRAY_OBJ);
+    }
+    inline bool isArray()
+    {
+        return hasFlag(VAR_ARRAY_OBJ) || hasFlag(CONST_ARRAY_OBJ);
+    }
+    inline bool isConstDataOrConstGlobal()
+    {
+        return hasFlag(CONST_GLOBAL_OBJ) || hasFlag(CONST_DATA);
+    }
+    inline bool isConstDataOrAggData()
+    {
+        return hasFlag(CONST_DATA);
+    }
+    //@}
+};
+
+
+} // End namespace SVF
+
+#endif /* INCLUDE_SVFIR_OBJTYPEINFO_H_ */

package/svf/include/SVFIR/SVFIR.h

@@ -39,7 +39,6 @@ class CallGraph;
 /*!
  * SVF Intermediate representation, representing variables and statements as a Program Assignment Graph (PAG)
  * Variables as nodes and statements as edges.
- * SymID and NodeID are equal here (same numbering).
  */
 class SVFIR : public IRGraph
 {
@@ -63,6 +62,7 @@ public:
     typedef Map<const CallICFGNode*,SVFVarList> CSToArgsListMap;
     typedef Map<const RetICFGNode*,const SVFVar*> CSToRetMap;
     typedef Map<const SVFFunction*,const SVFVar*> FunToRetMap;
+    typedef Map<const CallGraphNode*,const FunObjVar *> FunToFunObjVarMap;
     typedef Map<const SVFFunction*,SVFStmtSet> FunToPAGEdgeSetMap;
     typedef Map<const ICFGNode*,SVFStmtList> ICFGNode2SVFStmtsMap;
     typedef Map<NodeID, NodeID> NodeToNodeMap;
@@ -90,6 +90,7 @@ private:
     CSToArgsListMap callSiteArgsListMap;	///< Map a callsite to a list of all its actual parameters
     CSToRetMap callSiteRetMap;	///< Map a callsite to its callsite returns PAGNodes
     FunToRetMap funRetMap;	///< Map a function to its unique function return PAGNodes
+    FunToFunObjVarMap funToFunObjvarMap;    ///< Map a function to its unique function object PAGNodes
     CallSiteToFunPtrMap indCallSiteToFunPtrMap; ///< Map an indirect callsite to its function pointer
     FunPtrToCallSitesMap funPtrToCallSitesMap;	///< Map a function pointer to the callsites where it is used
     /// Valid pointers for pointer analysis resolution connected by SVFIR edges (constraints)
@@ -330,6 +331,12 @@ public:
     }
     //@}
 
+    inline const FunObjVar* getFunObjVar(const CallGraphNode*  node) const
+    {
+        FunToFunObjVarMap::const_iterator it = funToFunObjvarMap.find(node);
+        assert(it != funToFunObjvarMap.end() && "this function doesn't have funobjvar");
+        return it->second;
+    }
     /// Node and edge statistics
     //@{
     inline u32_t getFieldValNodeNum() const
@@ -431,27 +438,17 @@ public:
 
     /// Get black hole and constant id
     //@{
-    inline bool isBlkPtr(NodeID id) const
-    {
-        return (SymbolTableInfo::isBlkPtr(id));
-    }
-    inline bool isNullPtr(NodeID id) const
-    {
-        return (SymbolTableInfo::isNullPtr(id));
-    }
+
     inline bool isBlkObjOrConstantObj(NodeID id) const
     {
         return (isBlkObj(id) || isConstantObj(id));
     }
-    inline bool isBlkObj(NodeID id) const
-    {
-        return SymbolTableInfo::isBlkObj(id);
-    }
+
     inline bool isConstantObj(NodeID id) const
     {
         const BaseObjVar* obj = getBaseObject(id);
         assert(obj && "not an object node?");
-        return SymbolTableInfo::isConstantObj(id) ||
+        return isConstantSym(id) ||
                obj->isConstDataOrConstGlobal();
     }
     //@}
@@ -632,6 +629,7 @@ private:
     {
         memToFieldsMap[id].set(id);
         FunObjVar* funObj = new FunObjVar(id, ti, callGraphNode, type, node);
+        funToFunObjvarMap[callGraphNode] = funObj;
         return addObjNode(funObj);
     }
 
@@ -715,25 +713,25 @@ private:
     }
     inline NodeID addDummyObjNode(NodeID i, const SVFType* type)
     {
-        if (symInfo->idToObjTypeInfoMap().find(i) == symInfo->idToObjTypeInfoMap().end())
+        if (idToObjTypeInfoMap().find(i) == idToObjTypeInfoMap().end())
         {
-            ObjTypeInfo* ti = symInfo->createObjTypeInfo(type);
-            symInfo->idToObjTypeInfoMap()[i] = ti;
+            ObjTypeInfo* ti = createObjTypeInfo(type);
+            idToObjTypeInfoMap()[i] = ti;
             return addObjNode(new DummyObjVar(i, ti, nullptr, type));
         }
         else
         {
-            return addObjNode(new DummyObjVar(i, symInfo->getObjTypeInfo(i), nullptr, type));
+            return addObjNode(new DummyObjVar(i, getObjTypeInfo(i), nullptr, type));
         }
     }
 
     inline NodeID addBlackholeObjNode()
     {
-        return addObjNode(new DummyObjVar(getBlackHoleNode(), symInfo->getObjTypeInfo(getBlackHoleNode()), nullptr));
+        return addObjNode(new DummyObjVar(getBlackHoleNode(), getObjTypeInfo(getBlackHoleNode()), nullptr));
     }
     inline NodeID addConstantObjNode()
     {
-        return addObjNode(new DummyObjVar(getConstantNode(), symInfo->getObjTypeInfo(getConstantNode()), nullptr));
+        return addObjNode(new DummyObjVar(getConstantNode(), getObjTypeInfo(getConstantNode()), nullptr));
     }
     inline NodeID addBlackholePtrNode()
     {