svf-tools 1.0.941 → 1.0.942

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "svf-tools",
-  "version": "1.0.941",
+  "version": "1.0.942",
   "description": "* <b>[TypeClone](https://github.com/SVF-tools/SVF/wiki/TypeClone) published in our [ECOOP paper](https://yuleisui.github.io/publications/ecoop20.pdf) is now available in SVF </b> * <b>SVF now uses a single script for its build. Just type [`source ./build.sh`](https://github.com/SVF-tools/SVF/blob/master/build.sh) in your terminal, that's it!</b> * <b>SVF now supports LLVM-10.0.0! </b> * <b>We thank [bsauce](https://github.com/bsauce) for writing a user manual of SVF ([link1](https://www.jianshu.com/p/068a08ec749c) and [link2](https://www.jianshu.com/p/777c30d4240e)) in Chinese </b> * <b>SVF now supports LLVM-9.0.0 (Thank [Byoungyoung Lee](https://github.com/SVF-tools/SVF/issues/142) for his help!). </b> * <b>SVF now supports a set of [field-sensitive pointer analyses](https://yuleisui.github.io/publications/sas2019a.pdf). </b> * <b>[Use SVF as an external lib](https://github.com/SVF-tools/SVF/wiki/Using-SVF-as-a-lib-in-your-own-tool) for your own project (Contributed by [Hongxu Chen](https://github.com/HongxuChen)). </b> * <b>SVF now supports LLVM-7.0.0. </b> * <b>SVF now supports Docker. [Try SVF in Docker](https://github.com/SVF-tools/SVF/wiki/Try-SVF-in-Docker)! </b> * <b>SVF now supports [LLVM-6.0.0](https://github.com/svf-tools/SVF/pull/38) (Contributed by [Jack Anthony](https://github.com/jackanth)). </b> * <b>SVF now supports [LLVM-4.0.0](https://github.com/svf-tools/SVF/pull/23) (Contributed by Jared Carlson. Thank [Jared](https://github.com/jcarlson23) and [Will](https://github.com/dtzWill) for their in-depth [discussions](https://github.com/svf-tools/SVF/pull/18) about updating SVF!) </b> * <b>SVF now supports analysis for C++ programs.</b> <br />",
   "main": "index.js",
   "scripts": {

package/svf/include/AE/Core/AbstractState.h

@@ -224,7 +224,7 @@ public:
     }
 
     /// whether the memory address stores memory addresses
-    inline bool inLocToAddrsTable(u32_t id) const
+    inline bool inAddrToAddrsTable(u32_t id) const
     {
         if (_addrToAbsVal.find(id)!= _addrToAbsVal.end())
         {
@@ -237,7 +237,7 @@ public:
     }
 
     /// whether the memory address stores abstract value
-    inline virtual bool inLocToValTable(u32_t id) const
+    inline virtual bool inAddrToValTable(u32_t id) const
     {
         if (_addrToAbsVal.find(id) != _addrToAbsVal.end())
         {

package/svf/include/AE/Core/AbstractValue.h

@@ -39,7 +39,7 @@ public:
     };
     DataType type;
     IntervalValue interval;
-    AddressValue addr;
+    AddressValue addrs;
 
     AbstractValue() : type(IntervalType)
     {
@@ -53,7 +53,7 @@ public:
             interval = IntervalValue::top();
             break;
         case AddressType:
-            addr = AddressValue();
+            addrs = AddressValue();
             break;
         case UnknownType:
             break;
@@ -68,7 +68,7 @@ public:
             interval = other.interval;
             break;
         case AddressType:
-            addr = other.addr;
+            addrs = other.addrs;
             break;
         case UnknownType:
             break;
@@ -101,7 +101,7 @@ public:
             interval = other.interval;
             break;
         case AddressType:
-            addr = other.addr;
+            addrs = other.addrs;
             break;
         case UnknownType:
             break;
@@ -118,7 +118,7 @@ public:
             interval = other.interval;
             break;
         case AddressType:
-            addr = other.addr;
+            addrs = other.addrs;
             break;
         case UnknownType:
             break;
@@ -136,38 +136,13 @@ public:
     AbstractValue& operator=(const AddressValue& other)
     {
         type = AddressType;
-        addr = other;
+        addrs = other;
         return *this;
     }
 
-    AbstractValue operator==(const AbstractValue& other) const
-    {
-        assert(isInterval() && other.isInterval());
-        return interval == other.interval;
-    }
-
-    AbstractValue operator==(const IntervalValue& other) const
-    {
-        assert(isInterval());
-        return interval == other;
-    }
-
-    AbstractValue operator!=(const AbstractValue& other) const
-    {
-        assert(isInterval());
-        return interval != other.interval;
-    }
-
-    AbstractValue operator!=(const IntervalValue& other) const
-    {
-        assert(isInterval());
-        return interval != other;
-    }
-
-
     AbstractValue(const IntervalValue& ival) : type(IntervalType), interval(ival) {}
 
-    AbstractValue(const AddressValue& addr) : type(AddressType), addr(addr) {}
+    AbstractValue(const AddressValue& addr) : type(AddressType), addrs(addr) {}
 
     IntervalValue& getInterval()
     {
@@ -175,26 +150,22 @@ public:
         {
             interval = IntervalValue::top();
         }
-        assert(isInterval() && "Attempting to retrieve an AbstractValue that is not an Interval!");
         return interval;
     }
 
     const IntervalValue getInterval() const
     {
-        assert(isInterval() && "Attempting to retrieve an AbstractValue that is not an Interval!");
         return interval;
     }
 
     AddressValue& getAddrs()
     {
-        assert(isAddr() && "Attempting to retrieve an AbstractValue that is not an Address!");
-        return addr;
+        return addrs;
     }
 
     const AddressValue getAddrs() const
     {
-        assert(isAddr() && "Attempting to retrieve an AbstractValue that is not an Address!");
-        return addr;
+        return addrs;
     }
 
     ~AbstractValue() {};
@@ -211,7 +182,7 @@ public:
         }
         if (isAddr())
         {
-            return addr.equals(rhs.addr);
+            return addrs.equals(rhs.addrs);
         }
         return false;
     }
@@ -233,7 +204,7 @@ public:
         }
         if (isAddr() && other.isAddr())
         {
-            addr.join_with(other.addr);
+            addrs.join_with(other.addrs);
         }
         return;
     }
@@ -250,7 +221,7 @@ public:
         }
         if (isAddr() && other.isAddr())
         {
-            addr.meet_with(other.addr);
+            addrs.meet_with(other.addrs);
         }
         return;
     }
@@ -281,7 +252,7 @@ public:
         }
         else if (isAddr())
         {
-            return addr.toString();
+            return addrs.toString();
         }
         return "";
     }

package/svf/include/AE/Core/AddressValue.h

@@ -211,13 +211,15 @@ public:
     /// The physical address starts with 0x7f...... + idx
     static inline u32_t getVirtualMemAddress(u32_t idx)
     {
+        // 0 is the null address, should not be used as a virtual address
+        assert(idx != 0 && "idx can’t be 0 because it represents a nullptr");
         return AddressMask + idx;
     }
 
     /// Check bit value of val start with 0x7F000000, filter by 0xFF000000
     static inline bool isVirtualMemAddress(u32_t val)
     {
-        return (val & 0xff000000) == AddressMask;
+        return (val & 0xff000000) == AddressMask && val != AddressMask + 0;
     }
 
     /// Return the internal index if idx is an address otherwise return the value of idx

package/svf/include/AE/Core/RelExeState.h

@@ -175,6 +175,8 @@ public:
     /// Check bit value of val start with 0x7F000000, filter by 0xFF000000
     static inline bool isVirtualMemAddress(u32_t val)
     {
+        if (val == 0)
+            assert(false && "val cannot be 0");
         return AddressValue::isVirtualMemAddress(val);
     }
 

package/svf/include/AE/Svfexe/SVFIR2AbsState.h

@@ -109,6 +109,15 @@ public:
             return globalNulladdrs;
     }
 
+    inline bool inVarTable(const AbstractState& es, u32_t id) const
+    {
+        return es.inVarToValTable(id) || es.inVarToAddrsTable(id);
+    }
+
+    inline bool inAddrTable(const AbstractState& es, u32_t id) const
+    {
+        return es.inAddrToValTable(id) || es.inAddrToAddrsTable(id);
+    }
 
     /// whether the variable is in varToVal table
     inline bool inVarToValTable(const AbstractState& es, u32_t id) const
@@ -126,13 +135,13 @@ public:
     /// whether the memory address stores a interval value
     inline bool inLocToValTable(const AbstractState& es, u32_t id) const
     {
-        return es.inLocToValTable(id);
+        return es.inAddrToValTable(id);
     }
 
     /// whether the memory address stores memory addresses
     inline bool inLocToAddrsTable(const AbstractState& es, u32_t id) const
     {
-        return es.inLocToAddrsTable(id);
+        return es.inAddrToAddrsTable(id);
     }
 
     void handleAddr(AbstractState& es, const AddrStmt *addr);

package/svf/lib/AE/Svfexe/AbstractInterpretation.cpp

@@ -166,6 +166,7 @@ void AbstractInterpretation::handleGlobalNode()
     AbstractState as;
     const ICFGNode* node = _icfg->getGlobalICFGNode();
     _postAbsTrace[node] = _preAbsTrace[node];
+    _postAbsTrace[node][SymbolTableInfo::NullPtr] = AddressValue();
     // Global Node, we just need to handle addr, load, store, copy and gep
     for (const SVFStmt *stmt: node->getSVFStmts())
     {
@@ -345,7 +346,7 @@ bool AbstractInterpretation::isCmpBranchFeasible(const CmpStmt* cmpStmt, s64_t s
         for (const auto &addr: addrs)
         {
             NodeID objId = new_es.getInternalID(addr);
-            if (new_es.inLocToValTable(objId))
+            if (new_es.inAddrToValTable(objId))
             {
                 new_es.load(addr).meet_with(rhs);
             }
@@ -367,7 +368,7 @@ bool AbstractInterpretation::isCmpBranchFeasible(const CmpStmt* cmpStmt, s64_t s
         for (const auto &addr: addrs)
         {
             NodeID objId = new_es.getInternalID(addr);
-            if (new_es.inLocToValTable(objId))
+            if (new_es.inAddrToValTable(objId))
             {
                 new_es.load(addr).meet_with(
                     IntervalValue(rhs.lb() + 1, IntervalValue::plus_infinity()));
@@ -385,7 +386,7 @@ bool AbstractInterpretation::isCmpBranchFeasible(const CmpStmt* cmpStmt, s64_t s
         for (const auto &addr: addrs)
         {
             NodeID objId = new_es.getInternalID(addr);
-            if (new_es.inLocToValTable(objId))
+            if (new_es.inAddrToValTable(objId))
             {
                 new_es.load(addr).meet_with(
                     IntervalValue(rhs.lb(), IntervalValue::plus_infinity()));
@@ -404,7 +405,7 @@ bool AbstractInterpretation::isCmpBranchFeasible(const CmpStmt* cmpStmt, s64_t s
         for (const auto &addr: addrs)
         {
             NodeID objId = new_es.getInternalID(addr);
-            if (new_es.inLocToValTable(objId))
+            if (new_es.inAddrToValTable(objId))
             {
                 new_es.load(addr).meet_with(
                     IntervalValue(IntervalValue::minus_infinity(), rhs.ub() - 1));
@@ -423,7 +424,7 @@ bool AbstractInterpretation::isCmpBranchFeasible(const CmpStmt* cmpStmt, s64_t s
         for (const auto &addr: addrs)
         {
             NodeID objId = new_es.getInternalID(addr);
-            if (new_es.inLocToValTable(objId))
+            if (new_es.inAddrToValTable(objId))
             {
                 new_es.load(addr).meet_with(
                     IntervalValue(IntervalValue::minus_infinity(), rhs.ub()));
@@ -475,7 +476,7 @@ bool AbstractInterpretation::isSwitchBranchFeasible(const SVFVar* var, s64_t suc
                 for (const auto &addr: addrs)
                 {
                     NodeID objId = new_es.getInternalID(addr);
-                    if (new_es.inLocToValTable(objId))
+                    if (new_es.inAddrToValTable(objId))
                     {
                         new_es.load(addr).meet_with(switch_cond);
                     }
@@ -1591,11 +1592,11 @@ void AbstractInterpretation::handleMemcpy(AbstractState& as, const SVF::SVFValue
                 for (const auto &src: expr_src.getAddrs())
                 {
                     u32_t objId = AbstractState::getInternalID(src);
-                    if (as.inLocToValTable(objId))
+                    if (as.inAddrToValTable(objId))
                     {
                         as.store(dst, as.load(src));
                     }
-                    else if (as.inLocToAddrsTable(objId))
+                    else if (as.inAddrToAddrsTable(objId))
                     {
                         as.store(dst, as.load(src));
                     }
@@ -1661,7 +1662,7 @@ void AbstractInterpretation::handleMemset(AbstractState& as, const SVF::SVFValue
             for (const auto &addr: lhs_gep.getAddrs())
             {
                 u32_t objId = AbstractState::getInternalID(addr);
-                if (as.inLocToValTable(objId))
+                if (as.inAddrToValTable(objId))
                 {
                     AbstractValue tmp = as.load(addr);
                     tmp.join_with(elem);

package/svf/lib/AE/Svfexe/SVFIR2AbsState.cpp

@@ -359,17 +359,11 @@ void SVFIR2AbsState::narrowAddrs(AbstractState& es, AbstractState&lhs, const Abs
 
 AbstractValue SVFIR2AbsState::getGepObjAddress(AbstractState& es, u32_t pointer, APOffset offset)
 {
-    assert(!getAddrs(es, pointer).getAddrs().empty());
     AbstractValue addrs = getAddrs(es, pointer);
     AddressValue ret = AddressValue();
     for (const auto &addr: addrs.getAddrs())
     {
         s64_t baseObj = getInternalID(addr);
-        if (baseObj == 0)
-        {
-            ret.insert(getVirtualMemAddress(0));
-            continue;
-        }
         assert(SVFUtil::isa<ObjVar>(_svfir->getGNode(baseObj)) && "Fail to get the base object address!");
         NodeID gepObj = _svfir->getGepObjVar(baseObj, offset);
         initSVFVar(es, gepObj);
@@ -750,7 +744,6 @@ void SVFIR2AbsState::handleCmp(AbstractState& es, const CmpStmt *cmp)
     {
         IntervalValue resVal;
         AbstractValue &lhs = getAddrs(es, op0), &rhs = getAddrs(es, op1);
-        assert(!lhs.getAddrs().empty() && !rhs.getAddrs().empty() && "empty address?");
         auto predicate = cmp->getPredicate();
         switch (predicate)
         {
@@ -758,20 +751,17 @@ void SVFIR2AbsState::handleCmp(AbstractState& es, const CmpStmt *cmp)
         case CmpStmt::FCMP_OEQ:
         case CmpStmt::FCMP_UEQ:
         {
-            if (lhs.getAddrs().size() == 1 && rhs.getAddrs().size() == 1)
+            if (lhs.getAddrs().hasIntersect(rhs.getAddrs()))
             {
-                resVal = IntervalValue(lhs.equals(rhs));
+                resVal = IntervalValue(0, 1);
+            }
+            else if (lhs.getAddrs().empty() && rhs.getAddrs().empty())
+            {
+                resVal = IntervalValue(1, 1);
             }
             else
             {
-                if (lhs.getAddrs().hasIntersect(rhs.getAddrs()))
-                {
-                    resVal = IntervalValue::top();
-                }
-                else
-                {
-                    resVal = IntervalValue(0);
-                }
+                resVal = IntervalValue(0, 0);
             }
             break;
         }
@@ -779,20 +769,17 @@ void SVFIR2AbsState::handleCmp(AbstractState& es, const CmpStmt *cmp)
         case CmpStmt::FCMP_ONE:
         case CmpStmt::FCMP_UNE:
         {
-            if (lhs.getAddrs().size() == 1 && rhs.getAddrs().size() == 1)
+            if (lhs.getAddrs().hasIntersect(rhs.getAddrs()))
             {
-                resVal = IntervalValue(!lhs.equals(rhs));
+                resVal = IntervalValue(0, 1);
+            }
+            else if (lhs.getAddrs().empty() && rhs.getAddrs().empty())
+            {
+                resVal = IntervalValue(0, 0);
             }
             else
             {
-                if (lhs.getAddrs().hasIntersect(rhs.getAddrs()))
-                {
-                    resVal = IntervalValue::top();
-                }
-                else
-                {
-                    resVal = IntervalValue(1);
-                }
+                resVal = IntervalValue(1, 1);
             }
             break;
         }
@@ -807,7 +794,7 @@ void SVFIR2AbsState::handleCmp(AbstractState& es, const CmpStmt *cmp)
             }
             else
             {
-                resVal = IntervalValue::top();
+                resVal = IntervalValue(0, 1);
             }
             break;
         }
@@ -822,7 +809,7 @@ void SVFIR2AbsState::handleCmp(AbstractState& es, const CmpStmt *cmp)
             }
             else
             {
-                resVal = IntervalValue::top();
+                resVal = IntervalValue(0, 1);
             }
             break;
         }
@@ -837,7 +824,7 @@ void SVFIR2AbsState::handleCmp(AbstractState& es, const CmpStmt *cmp)
             }
             else
             {
-                resVal = IntervalValue::top();
+                resVal = IntervalValue(0, 1);
             }
             break;
         }
@@ -852,7 +839,7 @@ void SVFIR2AbsState::handleCmp(AbstractState& es, const CmpStmt *cmp)
             }
             else
             {
-                resVal = IntervalValue::top();
+                resVal = IntervalValue(0, 1);
             }
             break;
         }
@@ -878,7 +865,6 @@ void SVFIR2AbsState::handleLoad(AbstractState& es, const LoadStmt *load)
     if (inVarToAddrsTable(es, rhs))
     {
         AbstractValue &addrs = getAddrs(es, rhs);
-        assert(!addrs.getAddrs().empty());
         AbstractValue rhsVal(AbstractValue::UnknownType); // interval::bottom Address::bottom
         // AbstractValue absRhs
         for (const auto &addr: addrs.getAddrs())
@@ -887,7 +873,7 @@ void SVFIR2AbsState::handleLoad(AbstractState& es, const LoadStmt *load)
             // absRhs.join_with
             // es.load()
             u32_t objId = getInternalID(addr);
-            if (inLocToValTable(es, objId) || inLocToAddrsTable(es, objId))
+            if (inAddrTable(es, objId))
             {
                 rhsVal.join_with(es.load(addr));
             }
@@ -903,17 +889,8 @@ void SVFIR2AbsState::handleStore(AbstractState& es, const StoreStmt *store)
     u32_t lhs = store->getLHSVarID();
     if (inVarToAddrsTable(es, lhs))
     {
-        //es.store()
-        assert(!getAddrs(es, lhs).getAddrs().empty());
-        AbstractValue &addrs = es[lhs];
-        for (const auto &addr: addrs.getAddrs())
+        if (inVarTable(es, rhs))
         {
-            es.store(addr, es[rhs]);
-        }
-
-        if (inVarToValTable(es, rhs) || inVarToAddrsTable(es, rhs))
-        {
-            assert(!getAddrs(es, lhs).getAddrs().empty());
             for (const auto &addr: es[lhs].getAddrs())
             {
                 es.store(addr, es[rhs]);
@@ -926,81 +903,74 @@ void SVFIR2AbsState::handleCopy(AbstractState& es, const CopyStmt *copy)
 {
     u32_t lhs = copy->getLHSVarID();
     u32_t rhs = copy->getRHSVarID();
-    if (PAG::getPAG()->isBlkPtr(lhs))
-    {
-        es[lhs] = IntervalValue::top();
-    }
-    else
+
+    if (inVarToValTable(es, rhs))
     {
-        if (inVarToValTable(es, rhs))
+        if (copy->getCopyKind() == CopyStmt::COPYVAL)
+        {
+            es[lhs] = es[rhs];
+        }
+        else if (copy->getCopyKind() == CopyStmt::ZEXT)
+        {
+            es[lhs] = getZExtValue(es, copy->getRHSVar());
+        }
+        else if (copy->getCopyKind() == CopyStmt::SEXT)
+        {
+            es[lhs] = getSExtValue(es, copy->getRHSVar());
+        }
+        else if (copy->getCopyKind() == CopyStmt::FPTOSI)
+        {
+            es[lhs] = getFPToSIntValue(es, copy->getRHSVar());
+        }
+        else if (copy->getCopyKind() == CopyStmt::FPTOUI)
+        {
+            es[lhs] = getFPToUIntValue(es, copy->getRHSVar());
+        }
+        else if (copy->getCopyKind() == CopyStmt::SITOFP)
+        {
+            es[lhs] = getSIntToFPValue(es, copy->getRHSVar());
+        }
+        else if (copy->getCopyKind() == CopyStmt::UITOFP)
+        {
+            es[lhs] = getUIntToFPValue(es, copy->getRHSVar());
+        }
+        else if (copy->getCopyKind() == CopyStmt::TRUNC)
         {
-            if (copy->getCopyKind() == CopyStmt::COPYVAL)
+            es[lhs] = getTruncValue(es, copy->getRHSVar(), copy->getLHSVar()->getType());
+        }
+        else if (copy->getCopyKind() == CopyStmt::FPTRUNC)
+        {
+            es[lhs] = getFPTruncValue(es, copy->getRHSVar(), copy->getLHSVar()->getType());
+        }
+        else if (copy->getCopyKind() == CopyStmt::INTTOPTR)
+        {
+            //insert nullptr
+        }
+        else if (copy->getCopyKind() == CopyStmt::PTRTOINT)
+        {
+            es[lhs] = IntervalValue::top();
+        }
+        else if (copy->getCopyKind() == CopyStmt::BITCAST)
+        {
+            if (es[rhs].isAddr())
             {
                 es[lhs] = es[rhs];
             }
-            else if (copy->getCopyKind() == CopyStmt::ZEXT)
-            {
-                es[lhs] = getZExtValue(es, copy->getRHSVar());
-            }
-            else if (copy->getCopyKind() == CopyStmt::SEXT)
-            {
-                es[lhs] = getSExtValue(es, copy->getRHSVar());
-            }
-            else if (copy->getCopyKind() == CopyStmt::FPTOSI)
-            {
-                es[lhs] = getFPToSIntValue(es, copy->getRHSVar());
-            }
-            else if (copy->getCopyKind() == CopyStmt::FPTOUI)
-            {
-                es[lhs] = getFPToUIntValue(es, copy->getRHSVar());
-            }
-            else if (copy->getCopyKind() == CopyStmt::SITOFP)
-            {
-                es[lhs] = getSIntToFPValue(es, copy->getRHSVar());
-            }
-            else if (copy->getCopyKind() == CopyStmt::UITOFP)
-            {
-                es[lhs] = getUIntToFPValue(es, copy->getRHSVar());
-            }
-            else if (copy->getCopyKind() == CopyStmt::TRUNC)
-            {
-                es[lhs] = getTruncValue(es, copy->getRHSVar(), copy->getLHSVar()->getType());
-            }
-            else if (copy->getCopyKind() == CopyStmt::FPTRUNC)
-            {
-                es[lhs] = getFPTruncValue(es, copy->getRHSVar(), copy->getLHSVar()->getType());
-            }
-            else if (copy->getCopyKind() == CopyStmt::INTTOPTR)
-            {
-                es.getAddrs(lhs).getAddrs().insert(getVirtualMemAddress(0)); //insert nullptr
-            }
-            else if (copy->getCopyKind() == CopyStmt::PTRTOINT)
-            {
-                es[lhs] = IntervalValue::top();
-            }
-            else if (copy->getCopyKind() == CopyStmt::BITCAST)
-            {
-                if (es[rhs].isAddr())
-                {
-                    es[lhs] = es[rhs];
-                }
-                else
-                {
-                    // do nothing
-                }
-            }
             else
             {
-                assert(false && "undefined copy kind");
-                abort();
+                // do nothing
             }
         }
-        else if (inVarToAddrsTable(es, rhs))
+        else
         {
-            assert(!getAddrs(es, rhs).getAddrs().empty());
-            es[lhs] = es[rhs];
+            assert(false && "undefined copy kind");
+            abort();
         }
     }
+    else if (inVarToAddrsTable(es, rhs))
+    {
+        es[lhs] = es[rhs];
+    }
 }
 
 void SVFIR2AbsState::handleGep(AbstractState& es, const GepStmt *gep)
@@ -1009,7 +979,6 @@ void SVFIR2AbsState::handleGep(AbstractState& es, const GepStmt *gep)
     u32_t lhs = gep->getLHSVarID();
     if (!inVarToAddrsTable(es, rhs)) return;
     AbstractValue &rhsVal = es[rhs];
-    assert(!rhsVal.getAddrs().empty());
     IntervalValue offsetPair = getElementIndex(es, gep);
     if (!isVirtualMemAddress(*rhsVal.getAddrs().begin()))
         return;
@@ -1049,8 +1018,6 @@ void SVFIR2AbsState::handleSelect(AbstractState& es, const SelectStmt *select)
     {
         if (es[cond].getInterval().is_numeral())
         {
-            assert(!getAddrs(es, fval).getAddrs().empty());
-            assert(!getAddrs(es, tval).getAddrs().empty());
             es.getAddrs(res) = es[cond].getInterval().is_zero() ? getAddrs(es, fval) : getAddrs(es, tval);
         }
     }