svf-tools 1.0.1250 → 1.0.1252

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "svf-tools",
-  "version": "1.0.1250",
+  "version": "1.0.1252",
   "description": "* <b>[TypeClone](https://github.com/SVF-tools/SVF/wiki/TypeClone) published in our [ECOOP paper](https://yuleisui.github.io/publications/ecoop20.pdf) is now available in SVF </b> * <b>SVF now uses a single script for its build. Just type [`source ./build.sh`](https://github.com/SVF-tools/SVF/blob/master/build.sh) in your terminal, that's it!</b> * <b>SVF now supports LLVM-10.0.0! </b> * <b>We thank [bsauce](https://github.com/bsauce) for writing a user manual of SVF ([link1](https://www.jianshu.com/p/068a08ec749c) and [link2](https://www.jianshu.com/p/777c30d4240e)) in Chinese </b> * <b>SVF now supports LLVM-9.0.0 (Thank [Byoungyoung Lee](https://github.com/SVF-tools/SVF/issues/142) for his help!). </b> * <b>SVF now supports a set of [field-sensitive pointer analyses](https://yuleisui.github.io/publications/sas2019a.pdf). </b> * <b>[Use SVF as an external lib](https://github.com/SVF-tools/SVF/wiki/Using-SVF-as-a-lib-in-your-own-tool) for your own project (Contributed by [Hongxu Chen](https://github.com/HongxuChen)). </b> * <b>SVF now supports LLVM-7.0.0. </b> * <b>SVF now supports Docker. [Try SVF in Docker](https://github.com/SVF-tools/SVF/wiki/Try-SVF-in-Docker)! </b> * <b>SVF now supports [LLVM-6.0.0](https://github.com/svf-tools/SVF/pull/38) (Contributed by [Jack Anthony](https://github.com/jackanth)). </b> * <b>SVF now supports [LLVM-4.0.0](https://github.com/svf-tools/SVF/pull/23) (Contributed by Jared Carlson. Thank [Jared](https://github.com/jcarlson23) and [Will](https://github.com/dtzWill) for their in-depth [discussions](https://github.com/svf-tools/SVF/pull/18) about updating SVF!) </b> * <b>SVF now supports analysis for C++ programs.</b> <br />",
   "main": "index.js",
   "scripts": {

package/svf/lib/AE/Svfexe/AbstractInterpretation.cpp

@@ -76,21 +76,33 @@ AbstractInterpretation::AbstractInterpretation()
 /// Must only be called after the option parser has populated AESparsity.
 AbstractInterpretation& AbstractInterpretation::getAEInstance()
 {
-    static std::unique_ptr<AbstractInterpretation> instance = []()
-            -> std::unique_ptr<AbstractInterpretation>
+    // Leak the singleton on purpose.  AbstractInterpretation owns a
+    // Map<std::string, std::function<void(const CallICFGNode*)>> func_map
+    // whose lambda closures back-reference state owned by other globals
+    // (preAnalysis's WTO, the call graph, ...).  Letting the static
+    // unique_ptr's atexit-time destructor run hits a static-destruction-
+    // order issue: the func_map hashtable's destructor calls into
+    // std::function destroyers whose closures touch already-destroyed
+    // state, and ~_Hashtable() segfaults during normal program shutdown.
+    //
+    // Reliably reproducible from any downstream tool that drives a full
+    // AE analysis to completion and then exits normally:
+    //   - SSA's ass3 binary (Software-Security-Analysis/Assignment-3)
+    //   - pysvf via Python interpreter shutdown
+    //
+    // A process-lifetime singleton has no observable lifecycle past
+    // program exit, so leaking is benign and avoids the use-after-destroy.
+    static AbstractInterpretation* instance = []() -> AbstractInterpretation*
     {
         switch (Options::AESparsity())
         {
         case AESparsity::SemiSparse:
-            return std::unique_ptr<AbstractInterpretation>(
-                new SemiSparseAbstractInterpretation());
+            return new SemiSparseAbstractInterpretation();
         case AESparsity::Sparse:
-            return std::unique_ptr<AbstractInterpretation>(
-                new FullSparseAbstractInterpretation());
+            return new FullSparseAbstractInterpretation();
         case AESparsity::Dense:
         default:
-            return std::unique_ptr<AbstractInterpretation>(
-                new AbstractInterpretation());
+            return new AbstractInterpretation();
         }
     }();
     return *instance;