svf-tools 1.0.913 → 1.0.914
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/SVF-doxygen/html/AbstractInterpretation_8cpp.html +6 -4
- package/SVF-doxygen/html/AbstractInterpretation_8cpp_source.html +1592 -1609
- package/SVF-doxygen/html/AbstractInterpretation_8h_source.html +157 -144
- package/SVF-doxygen/html/BufOverflowChecker_8cpp_source.html +797 -786
- package/SVF-doxygen/html/BufOverflowChecker_8h_source.html +7 -7
- package/SVF-doxygen/html/SVFIR2AbsState_8cpp_source.html +815 -826
- package/SVF-doxygen/html/SVFIR2AbsState_8h_source.html +153 -196
- package/SVF-doxygen/html/classSVF_1_1AEStat.html +116 -120
- package/SVF-doxygen/html/classSVF_1_1AbstractInterpretation-members.html +32 -32
- package/SVF-doxygen/html/classSVF_1_1AbstractInterpretation.html +1736 -1681
- package/SVF-doxygen/html/classSVF_1_1BufOverflowChecker-members.html +32 -32
- package/SVF-doxygen/html/classSVF_1_1BufOverflowChecker.html +471 -462
- package/SVF-doxygen/html/classSVF_1_1SVFIR2AbsState-members.html +35 -47
- package/SVF-doxygen/html/classSVF_1_1SVFIR2AbsState.html +1261 -1546
- package/SVF-doxygen/html/dir_9a8e7a56f4029a0d9f62b1c6d1f6e85b.html +0 -2
- package/SVF-doxygen/html/files.html +0 -1
- package/SVF-doxygen/html/functions.html +4 -7
- package/SVF-doxygen/html/functions_a.html +2 -2
- package/SVF-doxygen/html/functions_f.html +3 -3
- package/SVF-doxygen/html/functions_func.html +2 -2
- package/SVF-doxygen/html/functions_func_g.html +40 -40
- package/SVF-doxygen/html/functions_func_h.html +21 -57
- package/SVF-doxygen/html/functions_func_i.html +23 -14
- package/SVF-doxygen/html/functions_func_n.html +1 -1
- package/SVF-doxygen/html/functions_func_s.html +13 -19
- package/SVF-doxygen/html/functions_func_t.html +1 -1
- package/SVF-doxygen/html/functions_func_w.html +1 -1
- package/SVF-doxygen/html/functions_g.html +35 -35
- package/SVF-doxygen/html/functions_h.html +18 -54
- package/SVF-doxygen/html/functions_i.html +32 -23
- package/SVF-doxygen/html/functions_l.html +3 -3
- package/SVF-doxygen/html/functions_n.html +1 -1
- package/SVF-doxygen/html/functions_o.html +4 -4
- package/SVF-doxygen/html/functions_p.html +16 -14
- package/SVF-doxygen/html/functions_r.html +6 -6
- package/SVF-doxygen/html/functions_s.html +22 -26
- package/SVF-doxygen/html/functions_t.html +13 -13
- package/SVF-doxygen/html/functions_v.html +3 -3
- package/SVF-doxygen/html/functions_vars.html +4 -7
- package/SVF-doxygen/html/functions_w.html +1 -1
- package/SVF-doxygen/html/search/all_0.js +131 -132
- package/SVF-doxygen/html/search/all_1.js +504 -504
- package/SVF-doxygen/html/search/all_10.js +326 -326
- package/SVF-doxygen/html/search/all_11.js +227 -227
- package/SVF-doxygen/html/search/all_12.js +559 -562
- package/SVF-doxygen/html/search/all_13.js +186 -186
- package/SVF-doxygen/html/search/all_14.js +74 -74
- package/SVF-doxygen/html/search/all_15.js +175 -175
- package/SVF-doxygen/html/search/all_16.js +77 -77
- package/SVF-doxygen/html/search/all_17.js +1 -1
- package/SVF-doxygen/html/search/all_18.js +1 -1
- package/SVF-doxygen/html/search/all_19.js +27 -27
- package/SVF-doxygen/html/search/all_1a.js +174 -174
- package/SVF-doxygen/html/search/all_2.js +180 -180
- package/SVF-doxygen/html/search/all_3.js +635 -635
- package/SVF-doxygen/html/search/all_4.js +237 -237
- package/SVF-doxygen/html/search/all_5.js +120 -120
- package/SVF-doxygen/html/search/all_6.js +236 -236
- package/SVF-doxygen/html/search/all_7.js +1039 -1039
- package/SVF-doxygen/html/search/all_8.js +212 -224
- package/SVF-doxygen/html/search/all_9.js +630 -627
- package/SVF-doxygen/html/search/all_a.js +46 -46
- package/SVF-doxygen/html/search/all_b.js +24 -24
- package/SVF-doxygen/html/search/all_c.js +111 -111
- package/SVF-doxygen/html/search/all_d.js +204 -204
- package/SVF-doxygen/html/search/all_e.js +207 -207
- package/SVF-doxygen/html/search/all_f.js +122 -122
- package/SVF-doxygen/html/search/classes_0.js +29 -29
- package/SVF-doxygen/html/search/classes_1.js +11 -11
- package/SVF-doxygen/html/search/classes_10.js +71 -71
- package/SVF-doxygen/html/search/classes_11.js +14 -14
- package/SVF-doxygen/html/search/classes_12.js +2 -2
- package/SVF-doxygen/html/search/classes_13.js +10 -10
- package/SVF-doxygen/html/search/classes_14.js +19 -19
- package/SVF-doxygen/html/search/classes_15.js +1 -1
- package/SVF-doxygen/html/search/classes_2.js +72 -72
- package/SVF-doxygen/html/search/classes_3.js +35 -35
- package/SVF-doxygen/html/search/classes_4.js +7 -7
- package/SVF-doxygen/html/search/classes_5.js +28 -28
- package/SVF-doxygen/html/search/classes_6.js +98 -98
- package/SVF-doxygen/html/search/classes_7.js +33 -33
- package/SVF-doxygen/html/search/classes_8.js +57 -57
- package/SVF-doxygen/html/search/classes_9.js +1 -1
- package/SVF-doxygen/html/search/classes_a.js +12 -12
- package/SVF-doxygen/html/search/classes_b.js +29 -29
- package/SVF-doxygen/html/search/classes_c.js +6 -6
- package/SVF-doxygen/html/search/classes_d.js +19 -19
- package/SVF-doxygen/html/search/classes_e.js +36 -36
- package/SVF-doxygen/html/search/classes_f.js +25 -25
- package/SVF-doxygen/html/search/defines_0.js +3 -3
- package/SVF-doxygen/html/search/defines_1.js +3 -3
- package/SVF-doxygen/html/search/defines_10.js +2 -2
- package/SVF-doxygen/html/search/defines_2.js +30 -30
- package/SVF-doxygen/html/search/defines_3.js +20 -20
- package/SVF-doxygen/html/search/defines_4.js +3 -3
- package/SVF-doxygen/html/search/defines_5.js +4 -4
- package/SVF-doxygen/html/search/defines_6.js +2 -2
- package/SVF-doxygen/html/search/defines_7.js +5 -5
- package/SVF-doxygen/html/search/defines_8.js +11 -11
- package/SVF-doxygen/html/search/defines_9.js +9 -9
- package/SVF-doxygen/html/search/defines_a.js +2 -2
- package/SVF-doxygen/html/search/defines_b.js +1 -1
- package/SVF-doxygen/html/search/defines_c.js +3 -3
- package/SVF-doxygen/html/search/defines_d.js +2 -2
- package/SVF-doxygen/html/search/defines_e.js +8 -8
- package/SVF-doxygen/html/search/defines_f.js +4 -4
- package/SVF-doxygen/html/search/enums_0.js +3 -3
- package/SVF-doxygen/html/search/enums_1.js +2 -2
- package/SVF-doxygen/html/search/enums_10.js +1 -1
- package/SVF-doxygen/html/search/enums_11.js +1 -1
- package/SVF-doxygen/html/search/enums_2.js +9 -9
- package/SVF-doxygen/html/search/enums_3.js +2 -2
- package/SVF-doxygen/html/search/enums_4.js +3 -3
- package/SVF-doxygen/html/search/enums_5.js +1 -1
- package/SVF-doxygen/html/search/enums_6.js +2 -2
- package/SVF-doxygen/html/search/enums_7.js +2 -2
- package/SVF-doxygen/html/search/enums_8.js +4 -4
- package/SVF-doxygen/html/search/enums_9.js +1 -1
- package/SVF-doxygen/html/search/enums_a.js +1 -1
- package/SVF-doxygen/html/search/enums_b.js +7 -7
- package/SVF-doxygen/html/search/enums_c.js +1 -1
- package/SVF-doxygen/html/search/enums_d.js +4 -4
- package/SVF-doxygen/html/search/enums_e.js +2 -2
- package/SVF-doxygen/html/search/enums_f.js +4 -4
- package/SVF-doxygen/html/search/enumvalues_0.js +15 -15
- package/SVF-doxygen/html/search/enumvalues_1.js +16 -16
- package/SVF-doxygen/html/search/enumvalues_10.js +36 -36
- package/SVF-doxygen/html/search/enumvalues_11.js +6 -6
- package/SVF-doxygen/html/search/enumvalues_12.js +10 -10
- package/SVF-doxygen/html/search/enumvalues_13.js +1 -1
- package/SVF-doxygen/html/search/enumvalues_14.js +1 -1
- package/SVF-doxygen/html/search/enumvalues_15.js +4 -4
- package/SVF-doxygen/html/search/enumvalues_2.js +36 -36
- package/SVF-doxygen/html/search/enumvalues_3.js +13 -13
- package/SVF-doxygen/html/search/enumvalues_4.js +2 -2
- package/SVF-doxygen/html/search/enumvalues_5.js +50 -50
- package/SVF-doxygen/html/search/enumvalues_6.js +6 -6
- package/SVF-doxygen/html/search/enumvalues_7.js +8 -8
- package/SVF-doxygen/html/search/enumvalues_8.js +24 -24
- package/SVF-doxygen/html/search/enumvalues_9.js +6 -6
- package/SVF-doxygen/html/search/enumvalues_a.js +17 -17
- package/SVF-doxygen/html/search/enumvalues_b.js +11 -11
- package/SVF-doxygen/html/search/enumvalues_c.js +5 -5
- package/SVF-doxygen/html/search/enumvalues_d.js +19 -19
- package/SVF-doxygen/html/search/enumvalues_e.js +9 -9
- package/SVF-doxygen/html/search/enumvalues_f.js +48 -48
- package/SVF-doxygen/html/search/files_0.js +18 -18
- package/SVF-doxygen/html/search/files_1.js +9 -9
- package/SVF-doxygen/html/search/files_10.js +8 -8
- package/SVF-doxygen/html/search/files_11.js +8 -8
- package/SVF-doxygen/html/search/files_12.js +2 -2
- package/SVF-doxygen/html/search/files_2.js +51 -51
- package/SVF-doxygen/html/search/files_3.js +14 -14
- package/SVF-doxygen/html/search/files_4.js +3 -3
- package/SVF-doxygen/html/search/files_5.js +13 -13
- package/SVF-doxygen/html/search/files_6.js +10 -10
- package/SVF-doxygen/html/search/files_7.js +15 -15
- package/SVF-doxygen/html/search/files_8.js +13 -13
- package/SVF-doxygen/html/search/files_9.js +18 -18
- package/SVF-doxygen/html/search/files_a.js +3 -3
- package/SVF-doxygen/html/search/files_b.js +4 -4
- package/SVF-doxygen/html/search/files_c.js +20 -20
- package/SVF-doxygen/html/search/files_d.js +4 -4
- package/SVF-doxygen/html/search/files_e.js +56 -57
- package/SVF-doxygen/html/search/files_f.js +8 -8
- package/SVF-doxygen/html/search/functions_0.js +13 -13
- package/SVF-doxygen/html/search/functions_1.js +366 -366
- package/SVF-doxygen/html/search/functions_10.js +140 -140
- package/SVF-doxygen/html/search/functions_11.js +140 -140
- package/SVF-doxygen/html/search/functions_12.js +291 -293
- package/SVF-doxygen/html/search/functions_13.js +52 -52
- package/SVF-doxygen/html/search/functions_14.js +41 -41
- package/SVF-doxygen/html/search/functions_15.js +70 -70
- package/SVF-doxygen/html/search/functions_16.js +38 -38
- package/SVF-doxygen/html/search/functions_17.js +3 -3
- package/SVF-doxygen/html/search/functions_18.js +174 -174
- package/SVF-doxygen/html/search/functions_2.js +92 -92
- package/SVF-doxygen/html/search/functions_3.js +257 -257
- package/SVF-doxygen/html/search/functions_4.js +85 -85
- package/SVF-doxygen/html/search/functions_5.js +54 -54
- package/SVF-doxygen/html/search/functions_6.js +65 -65
- package/SVF-doxygen/html/search/functions_7.js +857 -857
- package/SVF-doxygen/html/search/functions_8.js +164 -176
- package/SVF-doxygen/html/search/functions_9.js +439 -436
- package/SVF-doxygen/html/search/functions_a.js +30 -30
- package/SVF-doxygen/html/search/functions_b.js +2 -2
- package/SVF-doxygen/html/search/functions_c.js +22 -22
- package/SVF-doxygen/html/search/functions_d.js +81 -81
- package/SVF-doxygen/html/search/functions_e.js +34 -34
- package/SVF-doxygen/html/search/functions_f.js +58 -58
- package/SVF-doxygen/html/search/namespaces_0.js +1 -1
- package/SVF-doxygen/html/search/namespaces_1.js +7 -7
- package/SVF-doxygen/html/search/related_0.js +4 -4
- package/SVF-doxygen/html/search/related_1.js +2 -2
- package/SVF-doxygen/html/search/related_2.js +2 -2
- package/SVF-doxygen/html/search/related_3.js +2 -2
- package/SVF-doxygen/html/search/related_4.js +2 -2
- package/SVF-doxygen/html/search/related_5.js +1 -1
- package/SVF-doxygen/html/search/related_6.js +2 -2
- package/SVF-doxygen/html/search/related_7.js +5 -5
- package/SVF-doxygen/html/search/related_8.js +2 -2
- package/SVF-doxygen/html/search/related_9.js +4 -4
- package/SVF-doxygen/html/search/related_a.js +19 -19
- package/SVF-doxygen/html/search/related_b.js +4 -4
- package/SVF-doxygen/html/search/related_c.js +2 -2
- package/SVF-doxygen/html/search/related_d.js +11 -11
- package/SVF-doxygen/html/search/related_e.js +2 -2
- package/SVF-doxygen/html/search/related_f.js +2 -2
- package/SVF-doxygen/html/search/typedefs_0.js +20 -20
- package/SVF-doxygen/html/search/typedefs_1.js +27 -27
- package/SVF-doxygen/html/search/typedefs_10.js +65 -65
- package/SVF-doxygen/html/search/typedefs_11.js +12 -12
- package/SVF-doxygen/html/search/typedefs_12.js +13 -13
- package/SVF-doxygen/html/search/typedefs_13.js +40 -40
- package/SVF-doxygen/html/search/typedefs_14.js +11 -11
- package/SVF-doxygen/html/search/typedefs_2.js +125 -125
- package/SVF-doxygen/html/search/typedefs_3.js +39 -39
- package/SVF-doxygen/html/search/typedefs_4.js +17 -17
- package/SVF-doxygen/html/search/typedefs_5.js +42 -42
- package/SVF-doxygen/html/search/typedefs_6.js +54 -54
- package/SVF-doxygen/html/search/typedefs_7.js +47 -47
- package/SVF-doxygen/html/search/typedefs_8.js +1 -1
- package/SVF-doxygen/html/search/typedefs_9.js +4 -4
- package/SVF-doxygen/html/search/typedefs_a.js +28 -28
- package/SVF-doxygen/html/search/typedefs_b.js +29 -29
- package/SVF-doxygen/html/search/typedefs_c.js +41 -41
- package/SVF-doxygen/html/search/typedefs_d.js +15 -15
- package/SVF-doxygen/html/search/typedefs_e.js +52 -52
- package/SVF-doxygen/html/search/typedefs_f.js +14 -14
- package/SVF-doxygen/html/search/variables_0.js +169 -170
- package/SVF-doxygen/html/search/variables_1.js +78 -78
- package/SVF-doxygen/html/search/variables_10.js +98 -98
- package/SVF-doxygen/html/search/variables_11.js +47 -47
- package/SVF-doxygen/html/search/variables_12.js +93 -93
- package/SVF-doxygen/html/search/variables_13.js +76 -76
- package/SVF-doxygen/html/search/variables_14.js +14 -14
- package/SVF-doxygen/html/search/variables_15.js +49 -49
- package/SVF-doxygen/html/search/variables_16.js +11 -11
- package/SVF-doxygen/html/search/variables_17.js +1 -1
- package/SVF-doxygen/html/search/variables_18.js +17 -17
- package/SVF-doxygen/html/search/variables_2.js +40 -40
- package/SVF-doxygen/html/search/variables_3.js +143 -143
- package/SVF-doxygen/html/search/variables_4.js +51 -51
- package/SVF-doxygen/html/search/variables_5.js +39 -39
- package/SVF-doxygen/html/search/variables_6.js +66 -66
- package/SVF-doxygen/html/search/variables_7.js +32 -32
- package/SVF-doxygen/html/search/variables_8.js +8 -8
- package/SVF-doxygen/html/search/variables_9.js +80 -80
- package/SVF-doxygen/html/search/variables_a.js +4 -4
- package/SVF-doxygen/html/search/variables_b.js +10 -10
- package/SVF-doxygen/html/search/variables_c.js +44 -44
- package/SVF-doxygen/html/search/variables_d.js +58 -58
- package/SVF-doxygen/html/search/variables_e.js +123 -123
- package/SVF-doxygen/html/search/variables_f.js +31 -31
- package/SVF-doxygen/html/svf-ex_8cpp.html +199 -197
- package/SVF-doxygen/html/svf-ex_8cpp_source.html +204 -202
- package/package.json +1 -1
- package/svf/include/AE/Svfexe/AbstractInterpretation.h +28 -21
- package/svf/include/AE/Svfexe/SVFIR2AbsState.h +37 -67
- package/svf/lib/AE/Svfexe/AbstractInterpretation.cpp +123 -139
- package/svf/lib/AE/Svfexe/BufOverflowChecker.cpp +52 -42
- package/svf/lib/AE/Svfexe/SVFIR2AbsState.cpp +134 -146
- package/svf-llvm/tools/Example/svf-ex.cpp +13 -12
- package/svf/lib/AE/Core/SVFIR2Relation.cpp +0 -193
|
@@ -108,35 +108,35 @@ AbstractValue SVFIR2AbsState::getRangeLimitFromType(const SVFType* type)
|
|
|
108
108
|
}
|
|
109
109
|
}
|
|
110
110
|
|
|
111
|
-
AbstractValue SVFIR2AbsState::getZExtValue(const SVFVar* var)
|
|
111
|
+
AbstractValue SVFIR2AbsState::getZExtValue(AbstractState& es, const SVFVar* var)
|
|
112
112
|
{
|
|
113
113
|
const SVFType* type = var->getType();
|
|
114
114
|
if (SVFUtil::isa<SVFIntegerType>(type))
|
|
115
115
|
{
|
|
116
116
|
u32_t bits = type->getByteSize() * 8;
|
|
117
|
-
if (
|
|
117
|
+
if (es[var->getId()].getInterval().is_numeral())
|
|
118
118
|
{
|
|
119
119
|
if (bits == 8)
|
|
120
120
|
{
|
|
121
|
-
int8_t signed_i8_value =
|
|
121
|
+
int8_t signed_i8_value = es[var->getId()].getInterval().getIntNumeral();
|
|
122
122
|
u32_t unsigned_value = static_cast<uint8_t>(signed_i8_value);
|
|
123
123
|
return IntervalValue(unsigned_value, unsigned_value);
|
|
124
124
|
}
|
|
125
125
|
else if (bits == 16)
|
|
126
126
|
{
|
|
127
|
-
s16_t signed_i16_value =
|
|
127
|
+
s16_t signed_i16_value = es[var->getId()].getInterval().getIntNumeral();
|
|
128
128
|
u32_t unsigned_value = static_cast<u16_t>(signed_i16_value);
|
|
129
129
|
return IntervalValue(unsigned_value, unsigned_value);
|
|
130
130
|
}
|
|
131
131
|
else if (bits == 32)
|
|
132
132
|
{
|
|
133
|
-
s32_t signed_i32_value =
|
|
133
|
+
s32_t signed_i32_value = es[var->getId()].getInterval().getIntNumeral();
|
|
134
134
|
u32_t unsigned_value = static_cast<u32_t>(signed_i32_value);
|
|
135
135
|
return IntervalValue(unsigned_value, unsigned_value);
|
|
136
136
|
}
|
|
137
137
|
else if (bits == 64)
|
|
138
138
|
{
|
|
139
|
-
s64_t signed_i64_value =
|
|
139
|
+
s64_t signed_i64_value = es[var->getId()].getInterval().getIntNumeral();
|
|
140
140
|
return IntervalValue((s64_t)signed_i64_value, (s64_t)signed_i64_value);
|
|
141
141
|
// we only support i64 at most
|
|
142
142
|
}
|
|
@@ -153,18 +153,18 @@ AbstractValue SVFIR2AbsState::getZExtValue(const SVFVar* var)
|
|
|
153
153
|
assert(false && "cannot support non-integer type");
|
|
154
154
|
}
|
|
155
155
|
|
|
156
|
-
AbstractValue SVFIR2AbsState::getSExtValue(const SVFVar* var)
|
|
156
|
+
AbstractValue SVFIR2AbsState::getSExtValue(AbstractState& es, const SVFVar* var)
|
|
157
157
|
{
|
|
158
|
-
return
|
|
158
|
+
return es[var->getId()].getInterval();
|
|
159
159
|
}
|
|
160
160
|
|
|
161
|
-
AbstractValue SVFIR2AbsState::getFPToSIntValue(const SVF::SVFVar* var)
|
|
161
|
+
AbstractValue SVFIR2AbsState::getFPToSIntValue(AbstractState& es, const SVF::SVFVar* var)
|
|
162
162
|
{
|
|
163
|
-
if (
|
|
163
|
+
if (es[var->getId()].getInterval().is_real())
|
|
164
164
|
{
|
|
165
165
|
// get the float value of ub and lb
|
|
166
|
-
double float_lb =
|
|
167
|
-
double float_ub =
|
|
166
|
+
double float_lb = es[var->getId()].getInterval().lb().getRealNumeral();
|
|
167
|
+
double float_ub = es[var->getId()].getInterval().ub().getRealNumeral();
|
|
168
168
|
// get the int value of ub and lb
|
|
169
169
|
s64_t int_lb = static_cast<s64_t>(float_lb);
|
|
170
170
|
s64_t int_ub = static_cast<s64_t>(float_ub);
|
|
@@ -172,17 +172,17 @@ AbstractValue SVFIR2AbsState::getFPToSIntValue(const SVF::SVFVar* var)
|
|
|
172
172
|
}
|
|
173
173
|
else
|
|
174
174
|
{
|
|
175
|
-
return getSExtValue(var);
|
|
175
|
+
return getSExtValue(es, var);
|
|
176
176
|
}
|
|
177
177
|
}
|
|
178
178
|
|
|
179
|
-
AbstractValue SVFIR2AbsState::getFPToUIntValue(const SVF::SVFVar* var)
|
|
179
|
+
AbstractValue SVFIR2AbsState::getFPToUIntValue(AbstractState& es, const SVF::SVFVar* var)
|
|
180
180
|
{
|
|
181
|
-
if (
|
|
181
|
+
if (es[var->getId()].getInterval().is_real())
|
|
182
182
|
{
|
|
183
183
|
// get the float value of ub and lb
|
|
184
|
-
double float_lb =
|
|
185
|
-
double float_ub =
|
|
184
|
+
double float_lb = es[var->getId()].getInterval().lb().getRealNumeral();
|
|
185
|
+
double float_ub = es[var->getId()].getInterval().ub().getRealNumeral();
|
|
186
186
|
// get the int value of ub and lb
|
|
187
187
|
u64_t int_lb = static_cast<u64_t>(float_lb);
|
|
188
188
|
u64_t int_ub = static_cast<u64_t>(float_ub);
|
|
@@ -190,37 +190,37 @@ AbstractValue SVFIR2AbsState::getFPToUIntValue(const SVF::SVFVar* var)
|
|
|
190
190
|
}
|
|
191
191
|
else
|
|
192
192
|
{
|
|
193
|
-
return getZExtValue(var);
|
|
193
|
+
return getZExtValue(es, var);
|
|
194
194
|
}
|
|
195
195
|
}
|
|
196
196
|
|
|
197
|
-
AbstractValue SVFIR2AbsState::getSIntToFPValue(const SVF::SVFVar* var)
|
|
197
|
+
AbstractValue SVFIR2AbsState::getSIntToFPValue(AbstractState& es, const SVF::SVFVar* var)
|
|
198
198
|
{
|
|
199
199
|
// get the sint value of ub and lb
|
|
200
|
-
s64_t sint_lb =
|
|
201
|
-
s64_t sint_ub =
|
|
200
|
+
s64_t sint_lb = es[var->getId()].getInterval().lb().getIntNumeral();
|
|
201
|
+
s64_t sint_ub = es[var->getId()].getInterval().ub().getIntNumeral();
|
|
202
202
|
// get the float value of ub and lb
|
|
203
203
|
double float_lb = static_cast<double>(sint_lb);
|
|
204
204
|
double float_ub = static_cast<double>(sint_ub);
|
|
205
205
|
return IntervalValue(float_lb, float_ub);
|
|
206
206
|
}
|
|
207
207
|
|
|
208
|
-
AbstractValue SVFIR2AbsState::getUIntToFPValue(const SVF::SVFVar* var)
|
|
208
|
+
AbstractValue SVFIR2AbsState::getUIntToFPValue(AbstractState& es, const SVF::SVFVar* var)
|
|
209
209
|
{
|
|
210
210
|
// get the uint value of ub and lb
|
|
211
|
-
u64_t uint_lb =
|
|
212
|
-
u64_t uint_ub =
|
|
211
|
+
u64_t uint_lb = es[var->getId()].getInterval().lb().getIntNumeral();
|
|
212
|
+
u64_t uint_ub = es[var->getId()].getInterval().ub().getIntNumeral();
|
|
213
213
|
// get the float value of ub and lb
|
|
214
214
|
double float_lb = static_cast<double>(uint_lb);
|
|
215
215
|
double float_ub = static_cast<double>(uint_ub);
|
|
216
216
|
return IntervalValue(float_lb, float_ub);
|
|
217
217
|
}
|
|
218
218
|
|
|
219
|
-
AbstractValue SVFIR2AbsState::getTruncValue(const SVF::SVFVar* var, const SVFType* dstType)
|
|
219
|
+
AbstractValue SVFIR2AbsState::getTruncValue(AbstractState& es, const SVF::SVFVar* var, const SVFType* dstType)
|
|
220
220
|
{
|
|
221
221
|
// get the value of ub and lb
|
|
222
|
-
s64_t int_lb =
|
|
223
|
-
s64_t int_ub =
|
|
222
|
+
s64_t int_lb = es[var->getId()].getInterval().lb().getIntNumeral();
|
|
223
|
+
s64_t int_ub = es[var->getId()].getInterval().ub().getIntNumeral();
|
|
224
224
|
// get dst type
|
|
225
225
|
u32_t dst_bits = dstType->getByteSize() * 8;
|
|
226
226
|
if (dst_bits == 8)
|
|
@@ -265,25 +265,13 @@ AbstractValue SVFIR2AbsState::getTruncValue(const SVF::SVFVar* var, const SVFTyp
|
|
|
265
265
|
}
|
|
266
266
|
}
|
|
267
267
|
|
|
268
|
-
AbstractValue SVFIR2AbsState::getFPTruncValue(const SVF::SVFVar* var, const SVFType* dstType)
|
|
268
|
+
AbstractValue SVFIR2AbsState::getFPTruncValue(AbstractState& es, const SVF::SVFVar* var, const SVFType* dstType)
|
|
269
269
|
{
|
|
270
270
|
// TODO: now we do not really handle fptrunc
|
|
271
|
-
return
|
|
271
|
+
return es[var->getId()].getInterval();
|
|
272
272
|
}
|
|
273
273
|
|
|
274
|
-
void SVFIR2AbsState::
|
|
275
|
-
{
|
|
276
|
-
for (const auto &item: es._varToAbsVal)
|
|
277
|
-
{
|
|
278
|
-
_es._varToAbsVal[item.first] = item.second;
|
|
279
|
-
}
|
|
280
|
-
for (const auto &item: es._addrToAbsVal)
|
|
281
|
-
{
|
|
282
|
-
_es._addrToAbsVal[item.first] = item.second;
|
|
283
|
-
}
|
|
284
|
-
}
|
|
285
|
-
|
|
286
|
-
void SVFIR2AbsState::widenAddrs(AbstractState&lhs, const AbstractState&rhs)
|
|
274
|
+
void SVFIR2AbsState::widenAddrs(AbstractState& es, AbstractState&lhs, const AbstractState&rhs)
|
|
287
275
|
{
|
|
288
276
|
for (const auto &rhsItem: rhs._varToAbsVal)
|
|
289
277
|
{
|
|
@@ -298,7 +286,7 @@ void SVFIR2AbsState::widenAddrs(AbstractState&lhs, const AbstractState&rhs)
|
|
|
298
286
|
{
|
|
299
287
|
for (s32_t i = 0; i < (s32_t) Options::MaxFieldLimit(); i++)
|
|
300
288
|
{
|
|
301
|
-
lhsIter->second.join_with(getGepObjAddress(getInternalID(addr), i));
|
|
289
|
+
lhsIter->second.join_with(getGepObjAddress(es, getInternalID(addr), i));
|
|
302
290
|
}
|
|
303
291
|
}
|
|
304
292
|
}
|
|
@@ -320,7 +308,7 @@ void SVFIR2AbsState::widenAddrs(AbstractState&lhs, const AbstractState&rhs)
|
|
|
320
308
|
i++)
|
|
321
309
|
{
|
|
322
310
|
lhsIter->second.join_with(
|
|
323
|
-
getGepObjAddress(getInternalID(addr), i));
|
|
311
|
+
getGepObjAddress(es, getInternalID(addr), i));
|
|
324
312
|
}
|
|
325
313
|
}
|
|
326
314
|
}
|
|
@@ -329,7 +317,7 @@ void SVFIR2AbsState::widenAddrs(AbstractState&lhs, const AbstractState&rhs)
|
|
|
329
317
|
}
|
|
330
318
|
}
|
|
331
319
|
|
|
332
|
-
void SVFIR2AbsState::narrowAddrs(AbstractState&lhs, const AbstractState&rhs)
|
|
320
|
+
void SVFIR2AbsState::narrowAddrs(AbstractState& es, AbstractState&lhs, const AbstractState&rhs)
|
|
333
321
|
{
|
|
334
322
|
for (const auto &rhsItem: rhs._varToAbsVal)
|
|
335
323
|
{
|
|
@@ -369,10 +357,10 @@ void SVFIR2AbsState::narrowAddrs(AbstractState&lhs, const AbstractState&rhs)
|
|
|
369
357
|
}
|
|
370
358
|
}
|
|
371
359
|
|
|
372
|
-
AbstractValue SVFIR2AbsState::getGepObjAddress(u32_t pointer, APOffset offset)
|
|
360
|
+
AbstractValue SVFIR2AbsState::getGepObjAddress(AbstractState& es, u32_t pointer, APOffset offset)
|
|
373
361
|
{
|
|
374
|
-
assert(!getAddrs(pointer).getAddrs().empty());
|
|
375
|
-
AbstractValue addrs = getAddrs(pointer);
|
|
362
|
+
assert(!getAddrs(es, pointer).getAddrs().empty());
|
|
363
|
+
AbstractValue addrs = getAddrs(es, pointer);
|
|
376
364
|
AbstractValue ret = AddressValue();
|
|
377
365
|
for (const auto &addr: addrs.getAddrs())
|
|
378
366
|
{
|
|
@@ -384,7 +372,7 @@ AbstractValue SVFIR2AbsState::getGepObjAddress(u32_t pointer, APOffset offset)
|
|
|
384
372
|
}
|
|
385
373
|
assert(SVFUtil::isa<ObjVar>(_svfir->getGNode(baseObj)) && "Fail to get the base object address!");
|
|
386
374
|
NodeID gepObj = _svfir->getGepObjVar(baseObj, offset);
|
|
387
|
-
initSVFVar(gepObj);
|
|
375
|
+
initSVFVar(es, gepObj);
|
|
388
376
|
ret.insertAddr(getVirtualMemAddress(gepObj));
|
|
389
377
|
}
|
|
390
378
|
return ret;
|
|
@@ -412,7 +400,7 @@ AbstractValue SVFIR2AbsState::getGepObjAddress(u32_t pointer, APOffset offset)
|
|
|
412
400
|
* Therefore the final byteoffset is [8+4*var1.lb(), 8+4*var1.ub()]
|
|
413
401
|
*
|
|
414
402
|
*/
|
|
415
|
-
AbstractValue SVFIR2AbsState::getByteOffset(const GepStmt *gep)
|
|
403
|
+
AbstractValue SVFIR2AbsState::getByteOffset(AbstractState& es, const GepStmt *gep)
|
|
416
404
|
{
|
|
417
405
|
if (gep->isConstantOffset())
|
|
418
406
|
return IntervalValue((s64_t)gep->accumulateConstantByteOffset());
|
|
@@ -443,7 +431,7 @@ AbstractValue SVFIR2AbsState::getByteOffset(const GepStmt *gep)
|
|
|
443
431
|
else
|
|
444
432
|
{
|
|
445
433
|
u32_t idx = _svfir->getValueNode(idxOperandVar->getValue());
|
|
446
|
-
IntervalValue idxVal =
|
|
434
|
+
IntervalValue idxVal = es[idx].getInterval();
|
|
447
435
|
if (idxVal.isBottom())
|
|
448
436
|
res = res + IntervalValue(0, 0);
|
|
449
437
|
else
|
|
@@ -482,7 +470,7 @@ AbstractValue SVFIR2AbsState::getByteOffset(const GepStmt *gep)
|
|
|
482
470
|
*
|
|
483
471
|
* @return A pair of APOffset values representing the offset range.
|
|
484
472
|
*/
|
|
485
|
-
AbstractValue SVFIR2AbsState::getItvOfFlattenedElemIndex(const GepStmt *gep)
|
|
473
|
+
AbstractValue SVFIR2AbsState::getItvOfFlattenedElemIndex(AbstractState& es, const GepStmt *gep)
|
|
486
474
|
{
|
|
487
475
|
if (gep->isConstantOffset())
|
|
488
476
|
return IntervalValue((s64_t)gep->accumulateConstantOffset());
|
|
@@ -502,7 +490,7 @@ AbstractValue SVFIR2AbsState::getItvOfFlattenedElemIndex(const GepStmt *gep)
|
|
|
502
490
|
idxLb = idxUb = constInt->getSExtValue();
|
|
503
491
|
else
|
|
504
492
|
{
|
|
505
|
-
IntervalValue idxItv =
|
|
493
|
+
IntervalValue idxItv = es[_svfir->getValueNode(value)].getInterval();
|
|
506
494
|
if (idxItv.isBottom())
|
|
507
495
|
idxLb = idxUb = 0;
|
|
508
496
|
else
|
|
@@ -557,7 +545,7 @@ AbstractValue SVFIR2AbsState::getItvOfFlattenedElemIndex(const GepStmt *gep)
|
|
|
557
545
|
* @param objVar
|
|
558
546
|
* @param valExprIdToCondValPairMap
|
|
559
547
|
*/
|
|
560
|
-
void SVFIR2AbsState::initObjVar(const ObjVar *objVar, u32_t varId)
|
|
548
|
+
void SVFIR2AbsState::initObjVar(AbstractState& es, const ObjVar *objVar, u32_t varId)
|
|
561
549
|
{
|
|
562
550
|
|
|
563
551
|
if (objVar->hasValue())
|
|
@@ -569,38 +557,38 @@ void SVFIR2AbsState::initObjVar(const ObjVar *objVar, u32_t varId)
|
|
|
569
557
|
if (const SVFConstantInt *consInt = SVFUtil::dyn_cast<SVFConstantInt>(obj->getValue()))
|
|
570
558
|
{
|
|
571
559
|
s64_t numeral = consInt->getSExtValue();
|
|
572
|
-
|
|
560
|
+
es[varId] = IntervalValue(numeral, numeral);
|
|
573
561
|
}
|
|
574
562
|
else if (const SVFConstantFP* consFP = SVFUtil::dyn_cast<SVFConstantFP>(obj->getValue()))
|
|
575
|
-
|
|
563
|
+
es[varId] = IntervalValue(consFP->getFPValue(), consFP->getFPValue());
|
|
576
564
|
else if (SVFUtil::isa<SVFConstantNullPtr>(obj->getValue()))
|
|
577
|
-
|
|
565
|
+
es[varId] = IntervalValue(0, 0);
|
|
578
566
|
else if (SVFUtil::isa<SVFGlobalValue>(obj->getValue()))
|
|
579
567
|
{
|
|
580
|
-
|
|
568
|
+
es[varId] = AddressValue(getVirtualMemAddress(varId));
|
|
581
569
|
}
|
|
582
570
|
|
|
583
571
|
else if (obj->isConstantArray() || obj->isConstantStruct())
|
|
584
|
-
|
|
572
|
+
es[varId] = IntervalValue::top();
|
|
585
573
|
else
|
|
586
|
-
|
|
574
|
+
es[varId] = IntervalValue::top();
|
|
587
575
|
}
|
|
588
576
|
else
|
|
589
|
-
|
|
577
|
+
es[varId] = AddressValue(getVirtualMemAddress(varId));
|
|
590
578
|
}
|
|
591
579
|
else
|
|
592
|
-
|
|
580
|
+
es[varId] = AddressValue(getVirtualMemAddress(varId));
|
|
593
581
|
}
|
|
594
582
|
|
|
595
|
-
void SVFIR2AbsState::initSVFVar(u32_t varId)
|
|
583
|
+
void SVFIR2AbsState::initSVFVar(AbstractState& es, u32_t varId)
|
|
596
584
|
{
|
|
597
|
-
if (inVarToValTable(varId) ||
|
|
585
|
+
if (inVarToValTable(es, varId) || es.inVarToAddrsTable(varId)) return;
|
|
598
586
|
SVFIR *svfir = PAG::getPAG();
|
|
599
587
|
SVFVar *svfVar = svfir->getGNode(varId);
|
|
600
588
|
// write objvar into cache instead of exestate
|
|
601
589
|
if (const ObjVar *objVar = dyn_cast<ObjVar>(svfVar))
|
|
602
590
|
{
|
|
603
|
-
initObjVar(objVar, varId);
|
|
591
|
+
initObjVar(es, objVar, varId);
|
|
604
592
|
return;
|
|
605
593
|
}
|
|
606
594
|
else
|
|
@@ -610,23 +598,23 @@ void SVFIR2AbsState::initSVFVar(u32_t varId)
|
|
|
610
598
|
}
|
|
611
599
|
|
|
612
600
|
|
|
613
|
-
void SVFIR2AbsState::handleAddr(const AddrStmt *addr)
|
|
601
|
+
void SVFIR2AbsState::handleAddr(AbstractState& es, const AddrStmt *addr)
|
|
614
602
|
{
|
|
615
|
-
initSVFVar(addr->getRHSVarID());
|
|
616
|
-
if (inVarToValTable(addr->getRHSVarID()))
|
|
603
|
+
initSVFVar(es, addr->getRHSVarID());
|
|
604
|
+
if (inVarToValTable(es, addr->getRHSVarID()))
|
|
617
605
|
{
|
|
618
606
|
// if addr RHS is integerType(i8 i32 etc), value should be limited.
|
|
619
607
|
if (addr->getRHSVar()->getType()->getKind() == SVFType::SVFIntegerTy)
|
|
620
608
|
{
|
|
621
|
-
|
|
609
|
+
es[addr->getRHSVarID()].meet_with(getRangeLimitFromType(addr->getRHSVar()->getType()));
|
|
622
610
|
}
|
|
623
|
-
|
|
611
|
+
es[addr->getLHSVarID()] = es[addr->getRHSVarID()];
|
|
624
612
|
|
|
625
613
|
}
|
|
626
|
-
else if (inVarToAddrsTable(addr->getRHSVarID()))
|
|
614
|
+
else if (inVarToAddrsTable(es, addr->getRHSVarID()))
|
|
627
615
|
{
|
|
628
|
-
|
|
629
|
-
|
|
616
|
+
es[addr->getLHSVarID()] =
|
|
617
|
+
es[addr->getRHSVarID()];
|
|
630
618
|
}
|
|
631
619
|
else
|
|
632
620
|
{
|
|
@@ -635,16 +623,16 @@ void SVFIR2AbsState::handleAddr(const AddrStmt *addr)
|
|
|
635
623
|
}
|
|
636
624
|
|
|
637
625
|
|
|
638
|
-
void SVFIR2AbsState::handleBinary(const BinaryOPStmt *binary)
|
|
626
|
+
void SVFIR2AbsState::handleBinary(AbstractState& es, const BinaryOPStmt *binary)
|
|
639
627
|
{
|
|
640
628
|
u32_t op0 = binary->getOpVarID(0);
|
|
641
629
|
u32_t op1 = binary->getOpVarID(1);
|
|
642
630
|
u32_t res = binary->getResID();
|
|
643
|
-
if (!inVarToValTable(op0))
|
|
644
|
-
if (!inVarToValTable(op1))
|
|
645
|
-
if (inVarToValTable(op0) && inVarToValTable(op1))
|
|
631
|
+
if (!inVarToValTable(es, op0)) es[op0] = IntervalValue::top();
|
|
632
|
+
if (!inVarToValTable(es, op1)) es[op1] = IntervalValue::top();
|
|
633
|
+
if (inVarToValTable(es, op0) && inVarToValTable(es, op1))
|
|
646
634
|
{
|
|
647
|
-
AbstractValue &lhs =
|
|
635
|
+
AbstractValue &lhs = es[op0], &rhs = es[op1];
|
|
648
636
|
AbstractValue resVal;
|
|
649
637
|
switch (binary->getOpcode())
|
|
650
638
|
{
|
|
@@ -693,19 +681,19 @@ void SVFIR2AbsState::handleBinary(const BinaryOPStmt *binary)
|
|
|
693
681
|
assert(false && "undefined binary: ");
|
|
694
682
|
}
|
|
695
683
|
}
|
|
696
|
-
|
|
684
|
+
es[res] = resVal;
|
|
697
685
|
}
|
|
698
686
|
}
|
|
699
687
|
|
|
700
|
-
void SVFIR2AbsState::handleCmp(const CmpStmt *cmp)
|
|
688
|
+
void SVFIR2AbsState::handleCmp(AbstractState& es, const CmpStmt *cmp)
|
|
701
689
|
{
|
|
702
690
|
u32_t op0 = cmp->getOpVarID(0);
|
|
703
691
|
u32_t op1 = cmp->getOpVarID(1);
|
|
704
692
|
u32_t res = cmp->getResID();
|
|
705
|
-
if (inVarToValTable(op0) && inVarToValTable(op1))
|
|
693
|
+
if (inVarToValTable(es, op0) && inVarToValTable(es, op1))
|
|
706
694
|
{
|
|
707
695
|
AbstractValue resVal;
|
|
708
|
-
AbstractValue &lhs =
|
|
696
|
+
AbstractValue &lhs = es[op0], &rhs = es[op1];
|
|
709
697
|
//AbstractValue
|
|
710
698
|
auto predicate = cmp->getPredicate();
|
|
711
699
|
switch (predicate)
|
|
@@ -756,12 +744,12 @@ void SVFIR2AbsState::handleCmp(const CmpStmt *cmp)
|
|
|
756
744
|
assert(false && "undefined compare: ");
|
|
757
745
|
}
|
|
758
746
|
}
|
|
759
|
-
|
|
747
|
+
es[res] = resVal;
|
|
760
748
|
}
|
|
761
|
-
else if (inVarToAddrsTable(op0) && inVarToAddrsTable(op1))
|
|
749
|
+
else if (inVarToAddrsTable(es, op0) && inVarToAddrsTable(es, op1))
|
|
762
750
|
{
|
|
763
751
|
IntervalValue resVal;
|
|
764
|
-
AbstractValue &lhs = getAddrs(op0), &rhs = getAddrs(op1);
|
|
752
|
+
AbstractValue &lhs = getAddrs(es, op0), &rhs = getAddrs(es, op1);
|
|
765
753
|
assert(!lhs.getAddrs().empty() && !rhs.getAddrs().empty() && "empty address?");
|
|
766
754
|
auto predicate = cmp->getPredicate();
|
|
767
755
|
switch (predicate)
|
|
@@ -879,17 +867,17 @@ void SVFIR2AbsState::handleCmp(const CmpStmt *cmp)
|
|
|
879
867
|
assert(false && "undefined compare: ");
|
|
880
868
|
}
|
|
881
869
|
}
|
|
882
|
-
|
|
870
|
+
es[res] = resVal;
|
|
883
871
|
}
|
|
884
872
|
}
|
|
885
873
|
|
|
886
|
-
void SVFIR2AbsState::handleLoad(const LoadStmt *load)
|
|
874
|
+
void SVFIR2AbsState::handleLoad(AbstractState& es, const LoadStmt *load)
|
|
887
875
|
{
|
|
888
876
|
u32_t rhs = load->getRHSVarID();
|
|
889
877
|
u32_t lhs = load->getLHSVarID();
|
|
890
|
-
if (inVarToAddrsTable(rhs))
|
|
878
|
+
if (inVarToAddrsTable(es, rhs))
|
|
891
879
|
{
|
|
892
|
-
AbstractValue &addrs = getAddrs(rhs);
|
|
880
|
+
AbstractValue &addrs = getAddrs(es, rhs);
|
|
893
881
|
assert(!addrs.getAddrs().empty());
|
|
894
882
|
AbstractValue rhsVal(AbstractValue::UnknownType); // interval::bottom Address::bottom
|
|
895
883
|
// AbstractValue absRhs
|
|
@@ -899,102 +887,102 @@ void SVFIR2AbsState::handleLoad(const LoadStmt *load)
|
|
|
899
887
|
// absRhs.join_with
|
|
900
888
|
// es.load()
|
|
901
889
|
u32_t objId = getInternalID(addr);
|
|
902
|
-
if (inLocToValTable(objId) || inLocToAddrsTable(objId))
|
|
890
|
+
if (inLocToValTable(es, objId) || inLocToAddrsTable(es, objId))
|
|
903
891
|
{
|
|
904
|
-
rhsVal.join_with(
|
|
892
|
+
rhsVal.join_with(es.load(addr));
|
|
905
893
|
}
|
|
906
894
|
}
|
|
907
895
|
if (!rhsVal.isUnknown())
|
|
908
|
-
|
|
896
|
+
es[lhs] = rhsVal;
|
|
909
897
|
}
|
|
910
898
|
}
|
|
911
899
|
|
|
912
|
-
void SVFIR2AbsState::handleStore(const StoreStmt *store)
|
|
900
|
+
void SVFIR2AbsState::handleStore(AbstractState& es, const StoreStmt *store)
|
|
913
901
|
{
|
|
914
902
|
u32_t rhs = store->getRHSVarID();
|
|
915
903
|
u32_t lhs = store->getLHSVarID();
|
|
916
|
-
if (inVarToAddrsTable(lhs))
|
|
904
|
+
if (inVarToAddrsTable(es, lhs))
|
|
917
905
|
{
|
|
918
906
|
//es.store()
|
|
919
|
-
assert(!getAddrs(lhs).getAddrs().empty());
|
|
920
|
-
AbstractValue &addrs =
|
|
907
|
+
assert(!getAddrs(es, lhs).getAddrs().empty());
|
|
908
|
+
AbstractValue &addrs = es[lhs];
|
|
921
909
|
for (const auto &addr: addrs.getAddrs())
|
|
922
910
|
{
|
|
923
|
-
|
|
911
|
+
es.store(addr, es[rhs]);
|
|
924
912
|
}
|
|
925
913
|
|
|
926
|
-
if (inVarToValTable(rhs) || inVarToAddrsTable(rhs))
|
|
914
|
+
if (inVarToValTable(es, rhs) || inVarToAddrsTable(es, rhs))
|
|
927
915
|
{
|
|
928
|
-
assert(!getAddrs(lhs).getAddrs().empty());
|
|
929
|
-
for (const auto &addr:
|
|
916
|
+
assert(!getAddrs(es, lhs).getAddrs().empty());
|
|
917
|
+
for (const auto &addr: es[lhs].getAddrs())
|
|
930
918
|
{
|
|
931
|
-
|
|
919
|
+
es.store(addr, es[rhs]);
|
|
932
920
|
}
|
|
933
921
|
}
|
|
934
922
|
}
|
|
935
923
|
}
|
|
936
924
|
|
|
937
|
-
void SVFIR2AbsState::handleCopy(const CopyStmt *copy)
|
|
925
|
+
void SVFIR2AbsState::handleCopy(AbstractState& es, const CopyStmt *copy)
|
|
938
926
|
{
|
|
939
927
|
u32_t lhs = copy->getLHSVarID();
|
|
940
928
|
u32_t rhs = copy->getRHSVarID();
|
|
941
929
|
if (PAG::getPAG()->isBlkPtr(lhs))
|
|
942
930
|
{
|
|
943
|
-
|
|
931
|
+
es[lhs] = IntervalValue::top();
|
|
944
932
|
}
|
|
945
933
|
else
|
|
946
934
|
{
|
|
947
|
-
if (inVarToValTable(rhs))
|
|
935
|
+
if (inVarToValTable(es, rhs))
|
|
948
936
|
{
|
|
949
937
|
if (copy->getCopyKind() == CopyStmt::COPYVAL)
|
|
950
938
|
{
|
|
951
|
-
|
|
939
|
+
es[lhs] = es[rhs];
|
|
952
940
|
}
|
|
953
941
|
else if (copy->getCopyKind() == CopyStmt::ZEXT)
|
|
954
942
|
{
|
|
955
|
-
|
|
943
|
+
es[lhs] = getZExtValue(es, copy->getRHSVar());
|
|
956
944
|
}
|
|
957
945
|
else if (copy->getCopyKind() == CopyStmt::SEXT)
|
|
958
946
|
{
|
|
959
|
-
|
|
947
|
+
es[lhs] = getSExtValue(es, copy->getRHSVar());
|
|
960
948
|
}
|
|
961
949
|
else if (copy->getCopyKind() == CopyStmt::FPTOSI)
|
|
962
950
|
{
|
|
963
|
-
|
|
951
|
+
es[lhs] = getFPToSIntValue(es, copy->getRHSVar());
|
|
964
952
|
}
|
|
965
953
|
else if (copy->getCopyKind() == CopyStmt::FPTOUI)
|
|
966
954
|
{
|
|
967
|
-
|
|
955
|
+
es[lhs] = getFPToUIntValue(es, copy->getRHSVar());
|
|
968
956
|
}
|
|
969
957
|
else if (copy->getCopyKind() == CopyStmt::SITOFP)
|
|
970
958
|
{
|
|
971
|
-
|
|
959
|
+
es[lhs] = getSIntToFPValue(es, copy->getRHSVar());
|
|
972
960
|
}
|
|
973
961
|
else if (copy->getCopyKind() == CopyStmt::UITOFP)
|
|
974
962
|
{
|
|
975
|
-
|
|
963
|
+
es[lhs] = getUIntToFPValue(es, copy->getRHSVar());
|
|
976
964
|
}
|
|
977
965
|
else if (copy->getCopyKind() == CopyStmt::TRUNC)
|
|
978
966
|
{
|
|
979
|
-
|
|
967
|
+
es[lhs] = getTruncValue(es, copy->getRHSVar(), copy->getLHSVar()->getType());
|
|
980
968
|
}
|
|
981
969
|
else if (copy->getCopyKind() == CopyStmt::FPTRUNC)
|
|
982
970
|
{
|
|
983
|
-
|
|
971
|
+
es[lhs] = getFPTruncValue(es, copy->getRHSVar(), copy->getLHSVar()->getType());
|
|
984
972
|
}
|
|
985
973
|
else if (copy->getCopyKind() == CopyStmt::INTTOPTR)
|
|
986
974
|
{
|
|
987
|
-
|
|
975
|
+
es.getAddrs(lhs).getAddrs().insert(getVirtualMemAddress(0)); //insert nullptr
|
|
988
976
|
}
|
|
989
977
|
else if (copy->getCopyKind() == CopyStmt::PTRTOINT)
|
|
990
978
|
{
|
|
991
|
-
|
|
979
|
+
es[lhs] = IntervalValue::top();
|
|
992
980
|
}
|
|
993
981
|
else if (copy->getCopyKind() == CopyStmt::BITCAST)
|
|
994
982
|
{
|
|
995
|
-
if (
|
|
983
|
+
if (es[rhs].isAddr())
|
|
996
984
|
{
|
|
997
|
-
|
|
985
|
+
es[lhs] = es[rhs];
|
|
998
986
|
}
|
|
999
987
|
else
|
|
1000
988
|
{
|
|
@@ -1007,22 +995,22 @@ void SVFIR2AbsState::handleCopy(const CopyStmt *copy)
|
|
|
1007
995
|
abort();
|
|
1008
996
|
}
|
|
1009
997
|
}
|
|
1010
|
-
else if (inVarToAddrsTable(rhs))
|
|
998
|
+
else if (inVarToAddrsTable(es, rhs))
|
|
1011
999
|
{
|
|
1012
|
-
assert(!getAddrs(rhs).getAddrs().empty());
|
|
1013
|
-
|
|
1000
|
+
assert(!getAddrs(es, rhs).getAddrs().empty());
|
|
1001
|
+
es[lhs] = es[rhs];
|
|
1014
1002
|
}
|
|
1015
1003
|
}
|
|
1016
1004
|
}
|
|
1017
1005
|
|
|
1018
|
-
void SVFIR2AbsState::handleGep(const GepStmt *gep)
|
|
1006
|
+
void SVFIR2AbsState::handleGep(AbstractState& es, const GepStmt *gep)
|
|
1019
1007
|
{
|
|
1020
1008
|
u32_t rhs = gep->getRHSVarID();
|
|
1021
1009
|
u32_t lhs = gep->getLHSVarID();
|
|
1022
|
-
if (!inVarToAddrsTable(rhs)) return;
|
|
1023
|
-
AbstractValue &rhsVal =
|
|
1010
|
+
if (!inVarToAddrsTable(es, rhs)) return;
|
|
1011
|
+
AbstractValue &rhsVal = es[rhs];
|
|
1024
1012
|
assert(!rhsVal.getAddrs().empty());
|
|
1025
|
-
AbstractValue offsetPair = getItvOfFlattenedElemIndex(gep);
|
|
1013
|
+
AbstractValue offsetPair = getItvOfFlattenedElemIndex(es, gep);
|
|
1026
1014
|
if (!isVirtualMemAddress(*rhsVal.getAddrs().begin()))
|
|
1027
1015
|
return;
|
|
1028
1016
|
else
|
|
@@ -1033,42 +1021,42 @@ void SVFIR2AbsState::handleGep(const GepStmt *gep)
|
|
|
1033
1021
|
APOffset ub = offsetPair.ub().getIntNumeral() < Options::MaxFieldLimit()?
|
|
1034
1022
|
offsetPair.ub().getIntNumeral(): Options::MaxFieldLimit();
|
|
1035
1023
|
for (APOffset i = lb; i <= ub; i++)
|
|
1036
|
-
gepAddrs.join_with(getGepObjAddress(rhs, i));
|
|
1024
|
+
gepAddrs.join_with(getGepObjAddress(es, rhs, i));
|
|
1037
1025
|
if (!rhsVal.isUnknown())
|
|
1038
|
-
|
|
1026
|
+
es[lhs] = gepAddrs;
|
|
1039
1027
|
return;
|
|
1040
1028
|
}
|
|
1041
1029
|
}
|
|
1042
1030
|
|
|
1043
|
-
void SVFIR2AbsState::handleSelect(const SelectStmt *select)
|
|
1031
|
+
void SVFIR2AbsState::handleSelect(AbstractState& es, const SelectStmt *select)
|
|
1044
1032
|
{
|
|
1045
1033
|
u32_t res = select->getResID();
|
|
1046
1034
|
u32_t tval = select->getTrueValue()->getId();
|
|
1047
1035
|
u32_t fval = select->getFalseValue()->getId();
|
|
1048
1036
|
u32_t cond = select->getCondition()->getId();
|
|
1049
|
-
if (inVarToValTable(tval) && inVarToValTable(fval) && inVarToValTable(cond))
|
|
1037
|
+
if (inVarToValTable(es, tval) && inVarToValTable(es, fval) && inVarToValTable(es, cond))
|
|
1050
1038
|
{
|
|
1051
|
-
if (
|
|
1039
|
+
if (es[cond].getInterval().is_numeral())
|
|
1052
1040
|
{
|
|
1053
|
-
|
|
1041
|
+
es[res] = es[cond].getInterval().is_zero() ? es[fval] : es[tval];
|
|
1054
1042
|
}
|
|
1055
1043
|
else
|
|
1056
1044
|
{
|
|
1057
|
-
|
|
1045
|
+
es[res] = es[cond];
|
|
1058
1046
|
}
|
|
1059
1047
|
}
|
|
1060
|
-
else if (inVarToAddrsTable(tval) && inVarToAddrsTable(fval) && inVarToValTable(cond))
|
|
1048
|
+
else if (inVarToAddrsTable(es, tval) && inVarToAddrsTable(es, fval) && inVarToValTable(es, cond))
|
|
1061
1049
|
{
|
|
1062
|
-
if (
|
|
1050
|
+
if (es[cond].getInterval().is_numeral())
|
|
1063
1051
|
{
|
|
1064
|
-
assert(!getAddrs(fval).getAddrs().empty());
|
|
1065
|
-
assert(!getAddrs(tval).getAddrs().empty());
|
|
1066
|
-
|
|
1052
|
+
assert(!getAddrs(es, fval).getAddrs().empty());
|
|
1053
|
+
assert(!getAddrs(es, tval).getAddrs().empty());
|
|
1054
|
+
es.getAddrs(res) = es[cond].getInterval().is_zero() ? getAddrs(es, fval) : getAddrs(es, tval);
|
|
1067
1055
|
}
|
|
1068
1056
|
}
|
|
1069
1057
|
}
|
|
1070
1058
|
|
|
1071
|
-
void SVFIR2AbsState::handlePhi(const PhiStmt *phi)
|
|
1059
|
+
void SVFIR2AbsState::handlePhi(AbstractState& es, const PhiStmt *phi)
|
|
1072
1060
|
{
|
|
1073
1061
|
u32_t res = phi->getResID();
|
|
1074
1062
|
AbstractValue rhs(AbstractValue::UnknownType);
|
|
@@ -1076,32 +1064,32 @@ void SVFIR2AbsState::handlePhi(const PhiStmt *phi)
|
|
|
1076
1064
|
{
|
|
1077
1065
|
NodeID curId = phi->getOpVarID(i);
|
|
1078
1066
|
|
|
1079
|
-
if (inVarToValTable(curId) || inVarToAddrsTable(curId))
|
|
1067
|
+
if (inVarToValTable(es, curId) || inVarToAddrsTable(es, curId))
|
|
1080
1068
|
{
|
|
1081
|
-
rhs.join_with(
|
|
1069
|
+
rhs.join_with(es[curId]);
|
|
1082
1070
|
}
|
|
1083
1071
|
}
|
|
1084
1072
|
if (!rhs.isUnknown())
|
|
1085
|
-
|
|
1073
|
+
es[res] = rhs;
|
|
1086
1074
|
}
|
|
1087
1075
|
|
|
1088
1076
|
|
|
1089
|
-
void SVFIR2AbsState::handleCall(const CallPE *callPE)
|
|
1077
|
+
void SVFIR2AbsState::handleCall(AbstractState& es, const CallPE *callPE)
|
|
1090
1078
|
{
|
|
1091
1079
|
NodeID lhs = callPE->getLHSVarID();
|
|
1092
1080
|
NodeID rhs = callPE->getRHSVarID();
|
|
1093
|
-
if (inVarToValTable(rhs) || inVarToAddrsTable(rhs))
|
|
1081
|
+
if (inVarToValTable(es, rhs) || inVarToAddrsTable(es, rhs))
|
|
1094
1082
|
{
|
|
1095
|
-
|
|
1083
|
+
es[lhs] = es[rhs];
|
|
1096
1084
|
}
|
|
1097
1085
|
}
|
|
1098
1086
|
|
|
1099
|
-
void SVFIR2AbsState::handleRet(const RetPE *retPE)
|
|
1087
|
+
void SVFIR2AbsState::handleRet(AbstractState& es, const RetPE *retPE)
|
|
1100
1088
|
{
|
|
1101
1089
|
NodeID lhs = retPE->getLHSVarID();
|
|
1102
1090
|
NodeID rhs = retPE->getRHSVarID();
|
|
1103
|
-
if (inVarToValTable(rhs) || inVarToAddrsTable(rhs))
|
|
1091
|
+
if (inVarToValTable(es, rhs) || inVarToAddrsTable(es, rhs))
|
|
1104
1092
|
{
|
|
1105
|
-
|
|
1093
|
+
es[lhs] = es[rhs];
|
|
1106
1094
|
}
|
|
1107
1095
|
}
|