svf-tools 1.0.932 → 1.0.934
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/svf/include/AE/Core/AbstractValue.h +19 -1
- package/svf/include/AE/Svfexe/AbstractInterpretation.h +4 -4
- package/svf/include/AE/Svfexe/SVFIR2AbsState.h +1 -1
- package/svf/lib/AE/Svfexe/AbstractInterpretation.cpp +22 -19
- package/svf/lib/AE/Svfexe/SVFIR2AbsState.cpp +3 -3
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "svf-tools",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.934",
|
|
4
4
|
"description": "* <b>[TypeClone](https://github.com/SVF-tools/SVF/wiki/TypeClone) published in our [ECOOP paper](https://yuleisui.github.io/publications/ecoop20.pdf) is now available in SVF </b> * <b>SVF now uses a single script for its build. Just type [`source ./build.sh`](https://github.com/SVF-tools/SVF/blob/master/build.sh) in your terminal, that's it!</b> * <b>SVF now supports LLVM-10.0.0! </b> * <b>We thank [bsauce](https://github.com/bsauce) for writing a user manual of SVF ([link1](https://www.jianshu.com/p/068a08ec749c) and [link2](https://www.jianshu.com/p/777c30d4240e)) in Chinese </b> * <b>SVF now supports LLVM-9.0.0 (Thank [Byoungyoung Lee](https://github.com/SVF-tools/SVF/issues/142) for his help!). </b> * <b>SVF now supports a set of [field-sensitive pointer analyses](https://yuleisui.github.io/publications/sas2019a.pdf). </b> * <b>[Use SVF as an external lib](https://github.com/SVF-tools/SVF/wiki/Using-SVF-as-a-lib-in-your-own-tool) for your own project (Contributed by [Hongxu Chen](https://github.com/HongxuChen)). </b> * <b>SVF now supports LLVM-7.0.0. </b> * <b>SVF now supports Docker. [Try SVF in Docker](https://github.com/SVF-tools/SVF/wiki/Try-SVF-in-Docker)! </b> * <b>SVF now supports [LLVM-6.0.0](https://github.com/svf-tools/SVF/pull/38) (Contributed by [Jack Anthony](https://github.com/jackanth)). </b> * <b>SVF now supports [LLVM-4.0.0](https://github.com/svf-tools/SVF/pull/23) (Contributed by Jared Carlson. Thank [Jared](https://github.com/jcarlson23) and [Will](https://github.com/dtzWill) for their in-depth [discussions](https://github.com/svf-tools/SVF/pull/18) about updating SVF!) </b> * <b>SVF now supports analysis for C++ programs.</b> <br />",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -26,8 +26,11 @@
|
|
|
26
26
|
namespace SVF
|
|
27
27
|
{
|
|
28
28
|
|
|
29
|
-
|
|
29
|
+
class AbstractValue
|
|
30
30
|
{
|
|
31
|
+
|
|
32
|
+
public:
|
|
33
|
+
|
|
31
34
|
enum DataType
|
|
32
35
|
{
|
|
33
36
|
IntervalType,
|
|
@@ -122,6 +125,21 @@ struct AbstractValue
|
|
|
122
125
|
}
|
|
123
126
|
return *this;
|
|
124
127
|
}
|
|
128
|
+
|
|
129
|
+
AbstractValue& operator=(const IntervalValue& other)
|
|
130
|
+
{
|
|
131
|
+
type = IntervalType;
|
|
132
|
+
interval = other;
|
|
133
|
+
return *this;
|
|
134
|
+
}
|
|
135
|
+
|
|
136
|
+
AbstractValue& operator=(const AddressValue& other)
|
|
137
|
+
{
|
|
138
|
+
type = AddressType;
|
|
139
|
+
addr = other;
|
|
140
|
+
return *this;
|
|
141
|
+
}
|
|
142
|
+
|
|
125
143
|
AbstractValue operator==(const AbstractValue& other) const
|
|
126
144
|
{
|
|
127
145
|
assert(isInterval() && other.isInterval());
|
|
@@ -364,10 +364,10 @@ private:
|
|
|
364
364
|
|
|
365
365
|
protected:
|
|
366
366
|
// helper functions in handleCycle
|
|
367
|
-
bool
|
|
368
|
-
|
|
369
|
-
bool
|
|
370
|
-
|
|
367
|
+
bool isFixPointAfterWidening(const ICFGNode* cycle_head,
|
|
368
|
+
AbstractState& pre_as);
|
|
369
|
+
bool isFixPointAfterNarrowing(const SVF::ICFGNode* cycle_head,
|
|
370
|
+
SVF::AbstractState& pre_as);
|
|
371
371
|
|
|
372
372
|
AbstractState& getAbsState(const ICFGNode* node)
|
|
373
373
|
{
|
|
@@ -84,7 +84,7 @@ public:
|
|
|
84
84
|
AbstractValue getByteOffset(const AbstractState& es, const GepStmt *gep);
|
|
85
85
|
|
|
86
86
|
/// Return the offset expression of a GepStmt
|
|
87
|
-
AbstractValue
|
|
87
|
+
AbstractValue getElementIndex(const AbstractState& es, const GepStmt *gep);
|
|
88
88
|
|
|
89
89
|
|
|
90
90
|
static z3::context &getContext()
|
|
@@ -720,7 +720,8 @@ void AbstractInterpretation::handleCycle(const ICFGWTOCycle *cycle)
|
|
|
720
720
|
{
|
|
721
721
|
if (incresing)
|
|
722
722
|
{
|
|
723
|
-
bool is_fixpoint =
|
|
723
|
+
bool is_fixpoint =
|
|
724
|
+
isFixPointAfterWidening(cycle_head, pre_es);
|
|
724
725
|
if (is_fixpoint)
|
|
725
726
|
{
|
|
726
727
|
incresing = false;
|
|
@@ -729,7 +730,8 @@ void AbstractInterpretation::handleCycle(const ICFGWTOCycle *cycle)
|
|
|
729
730
|
}
|
|
730
731
|
else if (!incresing)
|
|
731
732
|
{
|
|
732
|
-
bool is_fixpoint =
|
|
733
|
+
bool is_fixpoint =
|
|
734
|
+
isFixPointAfterNarrowing(cycle_head, pre_es);
|
|
733
735
|
if (is_fixpoint)
|
|
734
736
|
break;
|
|
735
737
|
}
|
|
@@ -754,46 +756,47 @@ void AbstractInterpretation::handleCycle(const ICFGWTOCycle *cycle)
|
|
|
754
756
|
}
|
|
755
757
|
}
|
|
756
758
|
|
|
757
|
-
bool AbstractInterpretation::
|
|
758
|
-
AbstractState&
|
|
759
|
+
bool AbstractInterpretation::isFixPointAfterWidening(const ICFGNode* cycle_head,
|
|
760
|
+
AbstractState& pre_as)
|
|
759
761
|
{
|
|
760
762
|
// increasing iterations
|
|
761
|
-
AbstractState
|
|
762
|
-
AbstractState
|
|
763
|
+
AbstractState new_pre_as = pre_as.widening(_postAbsTrace[cycle_head]);
|
|
764
|
+
AbstractState new_pre_vaddr_as = new_pre_as;
|
|
763
765
|
//_svfir2AbsState->widenAddrs(getCurState(), new_pre_es, _postAbsTrace[cycle_head]);
|
|
764
766
|
|
|
765
|
-
if (
|
|
767
|
+
if (pre_as >= new_pre_as)
|
|
766
768
|
{
|
|
767
769
|
// increasing iterations - fixpoint reached
|
|
768
|
-
|
|
769
|
-
_postAbsTrace[cycle_head] =
|
|
770
|
+
pre_as = new_pre_as;
|
|
771
|
+
_postAbsTrace[cycle_head] = pre_as;
|
|
770
772
|
return true;
|
|
771
773
|
}
|
|
772
774
|
else
|
|
773
775
|
{
|
|
774
|
-
|
|
775
|
-
_postAbsTrace[cycle_head] =
|
|
776
|
+
pre_as = new_pre_as;
|
|
777
|
+
_postAbsTrace[cycle_head] = pre_as;
|
|
776
778
|
return false;
|
|
777
779
|
}
|
|
778
780
|
}
|
|
779
781
|
|
|
780
|
-
bool AbstractInterpretation::
|
|
782
|
+
bool AbstractInterpretation::isFixPointAfterNarrowing(
|
|
783
|
+
const SVF::ICFGNode* cycle_head, SVF::AbstractState& pre_as)
|
|
781
784
|
{
|
|
782
785
|
// decreasing iterations
|
|
783
|
-
AbstractState
|
|
784
|
-
AbstractState
|
|
786
|
+
AbstractState new_pre_as = pre_as.narrowing(_postAbsTrace[cycle_head]);
|
|
787
|
+
AbstractState new_pre_vaddr_as = new_pre_as;
|
|
785
788
|
//_svfir2AbsState->narrowAddrs(getCurState(), new_pre_es, _postAbsTrace[cycle_head]);
|
|
786
|
-
if (
|
|
789
|
+
if (new_pre_as >= pre_as)
|
|
787
790
|
{
|
|
788
791
|
// decreasing iterations - fixpoint reached
|
|
789
|
-
|
|
790
|
-
_postAbsTrace[cycle_head] =
|
|
792
|
+
pre_as = new_pre_as;
|
|
793
|
+
_postAbsTrace[cycle_head] = pre_as;
|
|
791
794
|
return true;
|
|
792
795
|
}
|
|
793
796
|
else
|
|
794
797
|
{
|
|
795
|
-
|
|
796
|
-
_postAbsTrace[cycle_head] =
|
|
798
|
+
pre_as = new_pre_as;
|
|
799
|
+
_postAbsTrace[cycle_head] = pre_as;
|
|
797
800
|
return false;
|
|
798
801
|
}
|
|
799
802
|
}
|
|
@@ -463,14 +463,14 @@ AbstractValue SVFIR2AbsState::getByteOffset(const AbstractState& es, const GepSt
|
|
|
463
463
|
}
|
|
464
464
|
|
|
465
465
|
/**
|
|
466
|
-
* This function,
|
|
466
|
+
* This function, getElementIndex, calculates the offset range as a pair
|
|
467
467
|
* of APOffset values for a given GepStmt.
|
|
468
468
|
*
|
|
469
469
|
* @param gep The GepStmt representing the GetElementPtr instruction.
|
|
470
470
|
*
|
|
471
471
|
* @return A pair of APOffset values representing the offset range.
|
|
472
472
|
*/
|
|
473
|
-
AbstractValue SVFIR2AbsState::
|
|
473
|
+
AbstractValue SVFIR2AbsState::getElementIndex(const AbstractState& es, const GepStmt *gep)
|
|
474
474
|
{
|
|
475
475
|
if (gep->isConstantOffset())
|
|
476
476
|
return IntervalValue((s64_t)gep->accumulateConstantOffset());
|
|
@@ -1010,7 +1010,7 @@ void SVFIR2AbsState::handleGep(AbstractState& es, const GepStmt *gep)
|
|
|
1010
1010
|
if (!inVarToAddrsTable(es, rhs)) return;
|
|
1011
1011
|
AbstractValue &rhsVal = es[rhs];
|
|
1012
1012
|
assert(!rhsVal.getAddrs().empty());
|
|
1013
|
-
AbstractValue offsetPair =
|
|
1013
|
+
AbstractValue offsetPair = getElementIndex(es, gep);
|
|
1014
1014
|
if (!isVirtualMemAddress(*rhsVal.getAddrs().begin()))
|
|
1015
1015
|
return;
|
|
1016
1016
|
else
|