svf-tools 1.0.942 → 1.0.943
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "svf-tools",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.943",
|
|
4
4
|
"description": "* <b>[TypeClone](https://github.com/SVF-tools/SVF/wiki/TypeClone) published in our [ECOOP paper](https://yuleisui.github.io/publications/ecoop20.pdf) is now available in SVF </b> * <b>SVF now uses a single script for its build. Just type [`source ./build.sh`](https://github.com/SVF-tools/SVF/blob/master/build.sh) in your terminal, that's it!</b> * <b>SVF now supports LLVM-10.0.0! </b> * <b>We thank [bsauce](https://github.com/bsauce) for writing a user manual of SVF ([link1](https://www.jianshu.com/p/068a08ec749c) and [link2](https://www.jianshu.com/p/777c30d4240e)) in Chinese </b> * <b>SVF now supports LLVM-9.0.0 (Thank [Byoungyoung Lee](https://github.com/SVF-tools/SVF/issues/142) for his help!). </b> * <b>SVF now supports a set of [field-sensitive pointer analyses](https://yuleisui.github.io/publications/sas2019a.pdf). </b> * <b>[Use SVF as an external lib](https://github.com/SVF-tools/SVF/wiki/Using-SVF-as-a-lib-in-your-own-tool) for your own project (Contributed by [Hongxu Chen](https://github.com/HongxuChen)). </b> * <b>SVF now supports LLVM-7.0.0. </b> * <b>SVF now supports Docker. [Try SVF in Docker](https://github.com/SVF-tools/SVF/wiki/Try-SVF-in-Docker)! </b> * <b>SVF now supports [LLVM-6.0.0](https://github.com/svf-tools/SVF/pull/38) (Contributed by [Jack Anthony](https://github.com/jackanth)). </b> * <b>SVF now supports [LLVM-4.0.0](https://github.com/svf-tools/SVF/pull/23) (Contributed by Jared Carlson. Thank [Jared](https://github.com/jcarlson23) and [Will](https://github.com/dtzWill) for their in-depth [discussions](https://github.com/svf-tools/SVF/pull/18) about updating SVF!) </b> * <b>SVF now supports analysis for C++ programs.</b> <br />",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -96,10 +96,8 @@ public:
|
|
|
96
96
|
|
|
97
97
|
|
|
98
98
|
/// Init ObjVar
|
|
99
|
-
void initObjVar(AbstractState&
|
|
99
|
+
void initObjVar(AbstractState& as, const ObjVar* var);
|
|
100
100
|
|
|
101
|
-
/// Init SVFVar
|
|
102
|
-
void initSVFVar(AbstractState& es, u32_t varId);
|
|
103
101
|
|
|
104
102
|
inline AbstractValue &getAddrs(AbstractState& es, u32_t id)
|
|
105
103
|
{
|
|
@@ -108,35 +108,35 @@ AbstractValue SVFIR2AbsState::getRangeLimitFromType(const SVFType* type)
|
|
|
108
108
|
}
|
|
109
109
|
}
|
|
110
110
|
|
|
111
|
-
AbstractValue SVFIR2AbsState::getZExtValue(const AbstractState&
|
|
111
|
+
AbstractValue SVFIR2AbsState::getZExtValue(const AbstractState& as, const SVFVar* var)
|
|
112
112
|
{
|
|
113
113
|
const SVFType* type = var->getType();
|
|
114
114
|
if (SVFUtil::isa<SVFIntegerType>(type))
|
|
115
115
|
{
|
|
116
116
|
u32_t bits = type->getByteSize() * 8;
|
|
117
|
-
if (
|
|
117
|
+
if (as[var->getId()].getInterval().is_numeral())
|
|
118
118
|
{
|
|
119
119
|
if (bits == 8)
|
|
120
120
|
{
|
|
121
|
-
int8_t signed_i8_value =
|
|
121
|
+
int8_t signed_i8_value = as[var->getId()].getInterval().getIntNumeral();
|
|
122
122
|
u32_t unsigned_value = static_cast<uint8_t>(signed_i8_value);
|
|
123
123
|
return IntervalValue(unsigned_value, unsigned_value);
|
|
124
124
|
}
|
|
125
125
|
else if (bits == 16)
|
|
126
126
|
{
|
|
127
|
-
s16_t signed_i16_value =
|
|
127
|
+
s16_t signed_i16_value = as[var->getId()].getInterval().getIntNumeral();
|
|
128
128
|
u32_t unsigned_value = static_cast<u16_t>(signed_i16_value);
|
|
129
129
|
return IntervalValue(unsigned_value, unsigned_value);
|
|
130
130
|
}
|
|
131
131
|
else if (bits == 32)
|
|
132
132
|
{
|
|
133
|
-
s32_t signed_i32_value =
|
|
133
|
+
s32_t signed_i32_value = as[var->getId()].getInterval().getIntNumeral();
|
|
134
134
|
u32_t unsigned_value = static_cast<u32_t>(signed_i32_value);
|
|
135
135
|
return IntervalValue(unsigned_value, unsigned_value);
|
|
136
136
|
}
|
|
137
137
|
else if (bits == 64)
|
|
138
138
|
{
|
|
139
|
-
s64_t signed_i64_value =
|
|
139
|
+
s64_t signed_i64_value = as[var->getId()].getInterval().getIntNumeral();
|
|
140
140
|
return IntervalValue((s64_t)signed_i64_value, (s64_t)signed_i64_value);
|
|
141
141
|
// we only support i64 at most
|
|
142
142
|
}
|
|
@@ -153,18 +153,18 @@ AbstractValue SVFIR2AbsState::getZExtValue(const AbstractState& es, const SVFVar
|
|
|
153
153
|
return IntervalValue::top(); // TODO: may have better solution
|
|
154
154
|
}
|
|
155
155
|
|
|
156
|
-
AbstractValue SVFIR2AbsState::getSExtValue(const AbstractState&
|
|
156
|
+
AbstractValue SVFIR2AbsState::getSExtValue(const AbstractState& as, const SVFVar* var)
|
|
157
157
|
{
|
|
158
|
-
return
|
|
158
|
+
return as[var->getId()].getInterval();
|
|
159
159
|
}
|
|
160
160
|
|
|
161
|
-
AbstractValue SVFIR2AbsState::getFPToSIntValue(const AbstractState&
|
|
161
|
+
AbstractValue SVFIR2AbsState::getFPToSIntValue(const AbstractState& as, const SVF::SVFVar* var)
|
|
162
162
|
{
|
|
163
|
-
if (
|
|
163
|
+
if (as[var->getId()].getInterval().is_real())
|
|
164
164
|
{
|
|
165
165
|
// get the float value of ub and lb
|
|
166
|
-
double float_lb =
|
|
167
|
-
double float_ub =
|
|
166
|
+
double float_lb = as[var->getId()].getInterval().lb().getRealNumeral();
|
|
167
|
+
double float_ub = as[var->getId()].getInterval().ub().getRealNumeral();
|
|
168
168
|
// get the int value of ub and lb
|
|
169
169
|
s64_t int_lb = static_cast<s64_t>(float_lb);
|
|
170
170
|
s64_t int_ub = static_cast<s64_t>(float_ub);
|
|
@@ -172,17 +172,17 @@ AbstractValue SVFIR2AbsState::getFPToSIntValue(const AbstractState& es, const SV
|
|
|
172
172
|
}
|
|
173
173
|
else
|
|
174
174
|
{
|
|
175
|
-
return getSExtValue(
|
|
175
|
+
return getSExtValue(as, var);
|
|
176
176
|
}
|
|
177
177
|
}
|
|
178
178
|
|
|
179
|
-
AbstractValue SVFIR2AbsState::getFPToUIntValue(const AbstractState&
|
|
179
|
+
AbstractValue SVFIR2AbsState::getFPToUIntValue(const AbstractState& as, const SVF::SVFVar* var)
|
|
180
180
|
{
|
|
181
|
-
if (
|
|
181
|
+
if (as[var->getId()].getInterval().is_real())
|
|
182
182
|
{
|
|
183
183
|
// get the float value of ub and lb
|
|
184
|
-
double float_lb =
|
|
185
|
-
double float_ub =
|
|
184
|
+
double float_lb = as[var->getId()].getInterval().lb().getRealNumeral();
|
|
185
|
+
double float_ub = as[var->getId()].getInterval().ub().getRealNumeral();
|
|
186
186
|
// get the int value of ub and lb
|
|
187
187
|
u64_t int_lb = static_cast<u64_t>(float_lb);
|
|
188
188
|
u64_t int_ub = static_cast<u64_t>(float_ub);
|
|
@@ -190,37 +190,37 @@ AbstractValue SVFIR2AbsState::getFPToUIntValue(const AbstractState& es, const SV
|
|
|
190
190
|
}
|
|
191
191
|
else
|
|
192
192
|
{
|
|
193
|
-
return getZExtValue(
|
|
193
|
+
return getZExtValue(as, var);
|
|
194
194
|
}
|
|
195
195
|
}
|
|
196
196
|
|
|
197
|
-
AbstractValue SVFIR2AbsState::getSIntToFPValue(const AbstractState&
|
|
197
|
+
AbstractValue SVFIR2AbsState::getSIntToFPValue(const AbstractState& as, const SVF::SVFVar* var)
|
|
198
198
|
{
|
|
199
199
|
// get the sint value of ub and lb
|
|
200
|
-
s64_t sint_lb =
|
|
201
|
-
s64_t sint_ub =
|
|
200
|
+
s64_t sint_lb = as[var->getId()].getInterval().lb().getIntNumeral();
|
|
201
|
+
s64_t sint_ub = as[var->getId()].getInterval().ub().getIntNumeral();
|
|
202
202
|
// get the float value of ub and lb
|
|
203
203
|
double float_lb = static_cast<double>(sint_lb);
|
|
204
204
|
double float_ub = static_cast<double>(sint_ub);
|
|
205
205
|
return IntervalValue(float_lb, float_ub);
|
|
206
206
|
}
|
|
207
207
|
|
|
208
|
-
AbstractValue SVFIR2AbsState::getUIntToFPValue(const AbstractState&
|
|
208
|
+
AbstractValue SVFIR2AbsState::getUIntToFPValue(const AbstractState& as, const SVF::SVFVar* var)
|
|
209
209
|
{
|
|
210
210
|
// get the uint value of ub and lb
|
|
211
|
-
u64_t uint_lb =
|
|
212
|
-
u64_t uint_ub =
|
|
211
|
+
u64_t uint_lb = as[var->getId()].getInterval().lb().getIntNumeral();
|
|
212
|
+
u64_t uint_ub = as[var->getId()].getInterval().ub().getIntNumeral();
|
|
213
213
|
// get the float value of ub and lb
|
|
214
214
|
double float_lb = static_cast<double>(uint_lb);
|
|
215
215
|
double float_ub = static_cast<double>(uint_ub);
|
|
216
216
|
return IntervalValue(float_lb, float_ub);
|
|
217
217
|
}
|
|
218
218
|
|
|
219
|
-
AbstractValue SVFIR2AbsState::getTruncValue(const AbstractState&
|
|
219
|
+
AbstractValue SVFIR2AbsState::getTruncValue(const AbstractState& as, const SVF::SVFVar* var, const SVFType* dstType)
|
|
220
220
|
{
|
|
221
221
|
// get the value of ub and lb
|
|
222
|
-
s64_t int_lb =
|
|
223
|
-
s64_t int_ub =
|
|
222
|
+
s64_t int_lb = as[var->getId()].getInterval().lb().getIntNumeral();
|
|
223
|
+
s64_t int_ub = as[var->getId()].getInterval().ub().getIntNumeral();
|
|
224
224
|
// get dst type
|
|
225
225
|
u32_t dst_bits = dstType->getByteSize() * 8;
|
|
226
226
|
if (dst_bits == 8)
|
|
@@ -265,13 +265,13 @@ AbstractValue SVFIR2AbsState::getTruncValue(const AbstractState& es, const SVF::
|
|
|
265
265
|
}
|
|
266
266
|
}
|
|
267
267
|
|
|
268
|
-
AbstractValue SVFIR2AbsState::getFPTruncValue(const AbstractState&
|
|
268
|
+
AbstractValue SVFIR2AbsState::getFPTruncValue(const AbstractState& as, const SVF::SVFVar* var, const SVFType* dstType)
|
|
269
269
|
{
|
|
270
270
|
// TODO: now we do not really handle fptrunc
|
|
271
|
-
return
|
|
271
|
+
return as[var->getId()].getInterval();
|
|
272
272
|
}
|
|
273
273
|
|
|
274
|
-
void SVFIR2AbsState::widenAddrs(AbstractState&
|
|
274
|
+
void SVFIR2AbsState::widenAddrs(AbstractState& as, AbstractState&lhs, const AbstractState&rhs)
|
|
275
275
|
{
|
|
276
276
|
for (const auto &rhsItem: rhs._varToAbsVal)
|
|
277
277
|
{
|
|
@@ -286,7 +286,7 @@ void SVFIR2AbsState::widenAddrs(AbstractState& es, AbstractState&lhs, const Abst
|
|
|
286
286
|
{
|
|
287
287
|
for (s32_t i = 0; i < (s32_t) Options::MaxFieldLimit(); i++)
|
|
288
288
|
{
|
|
289
|
-
lhsIter->second.join_with(getGepObjAddress(
|
|
289
|
+
lhsIter->second.join_with(getGepObjAddress(as, getInternalID(addr), i));
|
|
290
290
|
}
|
|
291
291
|
}
|
|
292
292
|
}
|
|
@@ -308,7 +308,7 @@ void SVFIR2AbsState::widenAddrs(AbstractState& es, AbstractState&lhs, const Abst
|
|
|
308
308
|
i++)
|
|
309
309
|
{
|
|
310
310
|
lhsIter->second.join_with(
|
|
311
|
-
getGepObjAddress(
|
|
311
|
+
getGepObjAddress(as, getInternalID(addr), i));
|
|
312
312
|
}
|
|
313
313
|
}
|
|
314
314
|
}
|
|
@@ -317,7 +317,7 @@ void SVFIR2AbsState::widenAddrs(AbstractState& es, AbstractState&lhs, const Abst
|
|
|
317
317
|
}
|
|
318
318
|
}
|
|
319
319
|
|
|
320
|
-
void SVFIR2AbsState::narrowAddrs(AbstractState&
|
|
320
|
+
void SVFIR2AbsState::narrowAddrs(AbstractState& as, AbstractState&lhs, const AbstractState&rhs)
|
|
321
321
|
{
|
|
322
322
|
for (const auto &rhsItem: rhs._varToAbsVal)
|
|
323
323
|
{
|
|
@@ -357,17 +357,17 @@ void SVFIR2AbsState::narrowAddrs(AbstractState& es, AbstractState&lhs, const Abs
|
|
|
357
357
|
}
|
|
358
358
|
}
|
|
359
359
|
|
|
360
|
-
AbstractValue SVFIR2AbsState::getGepObjAddress(AbstractState&
|
|
360
|
+
AbstractValue SVFIR2AbsState::getGepObjAddress(AbstractState& as, u32_t pointer, APOffset offset)
|
|
361
361
|
{
|
|
362
|
-
AbstractValue addrs = getAddrs(
|
|
362
|
+
AbstractValue addrs = getAddrs(as, pointer);
|
|
363
363
|
AddressValue ret = AddressValue();
|
|
364
364
|
for (const auto &addr: addrs.getAddrs())
|
|
365
365
|
{
|
|
366
366
|
s64_t baseObj = getInternalID(addr);
|
|
367
367
|
assert(SVFUtil::isa<ObjVar>(_svfir->getGNode(baseObj)) && "Fail to get the base object address!");
|
|
368
368
|
NodeID gepObj = _svfir->getGepObjVar(baseObj, offset);
|
|
369
|
-
|
|
370
|
-
ret.insert(getVirtualMemAddress(gepObj));
|
|
369
|
+
as[gepObj] = AddressValue(AbstractState::getVirtualMemAddress(gepObj));
|
|
370
|
+
ret.insert(AbstractState::getVirtualMemAddress(gepObj));
|
|
371
371
|
}
|
|
372
372
|
return ret;
|
|
373
373
|
}
|
|
@@ -394,7 +394,7 @@ AbstractValue SVFIR2AbsState::getGepObjAddress(AbstractState& es, u32_t pointer,
|
|
|
394
394
|
* Therefore the final byteoffset is [8+4*var1.lb(), 8+4*var1.ub()]
|
|
395
395
|
*
|
|
396
396
|
*/
|
|
397
|
-
IntervalValue SVFIR2AbsState::getByteOffset(const AbstractState&
|
|
397
|
+
IntervalValue SVFIR2AbsState::getByteOffset(const AbstractState& as, const GepStmt *gep)
|
|
398
398
|
{
|
|
399
399
|
if (gep->isConstantOffset())
|
|
400
400
|
return IntervalValue((s64_t)gep->accumulateConstantByteOffset());
|
|
@@ -425,7 +425,7 @@ IntervalValue SVFIR2AbsState::getByteOffset(const AbstractState& es, const GepSt
|
|
|
425
425
|
else
|
|
426
426
|
{
|
|
427
427
|
u32_t idx = _svfir->getValueNode(idxOperandVar->getValue());
|
|
428
|
-
IntervalValue idxVal =
|
|
428
|
+
IntervalValue idxVal = as[idx].getInterval();
|
|
429
429
|
if (idxVal.isBottom())
|
|
430
430
|
res = res + IntervalValue(0, 0);
|
|
431
431
|
else
|
|
@@ -464,7 +464,7 @@ IntervalValue SVFIR2AbsState::getByteOffset(const AbstractState& es, const GepSt
|
|
|
464
464
|
*
|
|
465
465
|
* @return A pair of APOffset values representing the offset range.
|
|
466
466
|
*/
|
|
467
|
-
IntervalValue SVFIR2AbsState::getElementIndex(const AbstractState&
|
|
467
|
+
IntervalValue SVFIR2AbsState::getElementIndex(const AbstractState& as, const GepStmt *gep)
|
|
468
468
|
{
|
|
469
469
|
if (gep->isConstantOffset())
|
|
470
470
|
return IntervalValue((s64_t)gep->accumulateConstantOffset());
|
|
@@ -484,7 +484,7 @@ IntervalValue SVFIR2AbsState::getElementIndex(const AbstractState& es, const Gep
|
|
|
484
484
|
idxLb = idxUb = constInt->getSExtValue();
|
|
485
485
|
else
|
|
486
486
|
{
|
|
487
|
-
IntervalValue idxItv =
|
|
487
|
+
IntervalValue idxItv = as[_svfir->getValueNode(value)].getInterval();
|
|
488
488
|
if (idxItv.isBottom())
|
|
489
489
|
idxLb = idxUb = 0;
|
|
490
490
|
else
|
|
@@ -534,81 +534,59 @@ IntervalValue SVFIR2AbsState::getElementIndex(const AbstractState& es, const Gep
|
|
|
534
534
|
}
|
|
535
535
|
|
|
536
536
|
|
|
537
|
-
|
|
538
|
-
* Init Z3Expr for ObjVar
|
|
539
|
-
* @param objVar
|
|
540
|
-
* @param valExprIdToCondValPairMap
|
|
541
|
-
*/
|
|
542
|
-
void SVFIR2AbsState::initObjVar(AbstractState& es, const ObjVar *objVar, u32_t varId)
|
|
537
|
+
void SVFIR2AbsState::initObjVar(AbstractState& as, const ObjVar* var)
|
|
543
538
|
{
|
|
544
|
-
|
|
545
|
-
if (
|
|
539
|
+
NodeID varId = var->getId();
|
|
540
|
+
if (var->hasValue())
|
|
546
541
|
{
|
|
547
|
-
const MemObj *obj =
|
|
542
|
+
const MemObj *obj = var->getMemObj();
|
|
548
543
|
/// constant data
|
|
549
544
|
if (obj->isConstDataOrConstGlobal() || obj->isConstantArray() || obj->isConstantStruct())
|
|
550
545
|
{
|
|
551
546
|
if (const SVFConstantInt *consInt = SVFUtil::dyn_cast<SVFConstantInt>(obj->getValue()))
|
|
552
547
|
{
|
|
553
548
|
s64_t numeral = consInt->getSExtValue();
|
|
554
|
-
|
|
549
|
+
as[varId] = IntervalValue(numeral, numeral);
|
|
555
550
|
}
|
|
556
551
|
else if (const SVFConstantFP* consFP = SVFUtil::dyn_cast<SVFConstantFP>(obj->getValue()))
|
|
557
|
-
|
|
552
|
+
as[varId] = IntervalValue(consFP->getFPValue(), consFP->getFPValue());
|
|
558
553
|
else if (SVFUtil::isa<SVFConstantNullPtr>(obj->getValue()))
|
|
559
|
-
|
|
554
|
+
as[varId] = IntervalValue(0, 0);
|
|
560
555
|
else if (SVFUtil::isa<SVFGlobalValue>(obj->getValue()))
|
|
561
556
|
{
|
|
562
|
-
|
|
557
|
+
as[varId] = AddressValue(getVirtualMemAddress(varId));
|
|
563
558
|
}
|
|
564
559
|
|
|
565
560
|
else if (obj->isConstantArray() || obj->isConstantStruct())
|
|
566
|
-
|
|
561
|
+
as[varId] = IntervalValue::top();
|
|
567
562
|
else
|
|
568
|
-
|
|
563
|
+
as[varId] = IntervalValue::top();
|
|
569
564
|
}
|
|
570
565
|
else
|
|
571
|
-
|
|
566
|
+
as[varId] = AddressValue(getVirtualMemAddress(varId));
|
|
572
567
|
}
|
|
573
568
|
else
|
|
574
|
-
|
|
575
|
-
}
|
|
576
|
-
|
|
577
|
-
void SVFIR2AbsState::initSVFVar(AbstractState& es, u32_t varId)
|
|
578
|
-
{
|
|
579
|
-
if (inVarToValTable(es, varId) || es.inVarToAddrsTable(varId)) return;
|
|
580
|
-
SVFIR *svfir = PAG::getPAG();
|
|
581
|
-
SVFVar *svfVar = svfir->getGNode(varId);
|
|
582
|
-
// write objvar into cache instead of exestate
|
|
583
|
-
if (const ObjVar *objVar = dyn_cast<ObjVar>(svfVar))
|
|
584
|
-
{
|
|
585
|
-
initObjVar(es, objVar, varId);
|
|
586
|
-
return;
|
|
587
|
-
}
|
|
588
|
-
else
|
|
589
|
-
{
|
|
590
|
-
assert(false && "not an obj var?");
|
|
591
|
-
}
|
|
569
|
+
as[varId] = AddressValue(getVirtualMemAddress(varId));
|
|
592
570
|
}
|
|
593
571
|
|
|
594
572
|
|
|
595
|
-
void SVFIR2AbsState::handleAddr(AbstractState&
|
|
573
|
+
void SVFIR2AbsState::handleAddr(AbstractState& as, const AddrStmt *addr)
|
|
596
574
|
{
|
|
597
|
-
|
|
598
|
-
if (inVarToValTable(
|
|
575
|
+
initObjVar(as, SVFUtil::cast<ObjVar>(addr->getRHSVar()));
|
|
576
|
+
if (inVarToValTable(as, addr->getRHSVarID()))
|
|
599
577
|
{
|
|
600
578
|
// if addr RHS is integerType(i8 i32 etc), value should be limited.
|
|
601
579
|
if (addr->getRHSVar()->getType()->getKind() == SVFType::SVFIntegerTy)
|
|
602
580
|
{
|
|
603
|
-
|
|
581
|
+
as[addr->getRHSVarID()].meet_with(getRangeLimitFromType(addr->getRHSVar()->getType()));
|
|
604
582
|
}
|
|
605
|
-
|
|
583
|
+
as[addr->getLHSVarID()] = as[addr->getRHSVarID()];
|
|
606
584
|
|
|
607
585
|
}
|
|
608
|
-
else if (inVarToAddrsTable(
|
|
586
|
+
else if (inVarToAddrsTable(as, addr->getRHSVarID()))
|
|
609
587
|
{
|
|
610
|
-
|
|
611
|
-
|
|
588
|
+
as[addr->getLHSVarID()] =
|
|
589
|
+
as[addr->getRHSVarID()];
|
|
612
590
|
}
|
|
613
591
|
else
|
|
614
592
|
{
|
|
@@ -617,16 +595,16 @@ void SVFIR2AbsState::handleAddr(AbstractState& es, const AddrStmt *addr)
|
|
|
617
595
|
}
|
|
618
596
|
|
|
619
597
|
|
|
620
|
-
void SVFIR2AbsState::handleBinary(AbstractState&
|
|
598
|
+
void SVFIR2AbsState::handleBinary(AbstractState& as, const BinaryOPStmt *binary)
|
|
621
599
|
{
|
|
622
600
|
u32_t op0 = binary->getOpVarID(0);
|
|
623
601
|
u32_t op1 = binary->getOpVarID(1);
|
|
624
602
|
u32_t res = binary->getResID();
|
|
625
|
-
if (!inVarToValTable(
|
|
626
|
-
if (!inVarToValTable(
|
|
627
|
-
if (inVarToValTable(
|
|
603
|
+
if (!inVarToValTable(as, op0)) as[op0] = IntervalValue::top();
|
|
604
|
+
if (!inVarToValTable(as, op1)) as[op1] = IntervalValue::top();
|
|
605
|
+
if (inVarToValTable(as, op0) && inVarToValTable(as, op1))
|
|
628
606
|
{
|
|
629
|
-
IntervalValue &lhs =
|
|
607
|
+
IntervalValue &lhs = as[op0].getInterval(), &rhs = as[op1].getInterval();
|
|
630
608
|
IntervalValue resVal;
|
|
631
609
|
switch (binary->getOpcode())
|
|
632
610
|
{
|
|
@@ -675,19 +653,19 @@ void SVFIR2AbsState::handleBinary(AbstractState& es, const BinaryOPStmt *binary)
|
|
|
675
653
|
assert(false && "undefined binary: ");
|
|
676
654
|
}
|
|
677
655
|
}
|
|
678
|
-
|
|
656
|
+
as[res] = resVal;
|
|
679
657
|
}
|
|
680
658
|
}
|
|
681
659
|
|
|
682
|
-
void SVFIR2AbsState::handleCmp(AbstractState&
|
|
660
|
+
void SVFIR2AbsState::handleCmp(AbstractState& as, const CmpStmt *cmp)
|
|
683
661
|
{
|
|
684
662
|
u32_t op0 = cmp->getOpVarID(0);
|
|
685
663
|
u32_t op1 = cmp->getOpVarID(1);
|
|
686
664
|
u32_t res = cmp->getResID();
|
|
687
|
-
if (inVarToValTable(
|
|
665
|
+
if (inVarToValTable(as, op0) && inVarToValTable(as, op1))
|
|
688
666
|
{
|
|
689
667
|
IntervalValue resVal;
|
|
690
|
-
IntervalValue &lhs =
|
|
668
|
+
IntervalValue &lhs = as[op0].getInterval(), &rhs = as[op1].getInterval();
|
|
691
669
|
//AbstractValue
|
|
692
670
|
auto predicate = cmp->getPredicate();
|
|
693
671
|
switch (predicate)
|
|
@@ -738,12 +716,12 @@ void SVFIR2AbsState::handleCmp(AbstractState& es, const CmpStmt *cmp)
|
|
|
738
716
|
assert(false && "undefined compare: ");
|
|
739
717
|
}
|
|
740
718
|
}
|
|
741
|
-
|
|
719
|
+
as[res] = resVal;
|
|
742
720
|
}
|
|
743
|
-
else if (inVarToAddrsTable(
|
|
721
|
+
else if (inVarToAddrsTable(as, op0) && inVarToAddrsTable(as, op1))
|
|
744
722
|
{
|
|
745
723
|
IntervalValue resVal;
|
|
746
|
-
AbstractValue &lhs = getAddrs(
|
|
724
|
+
AbstractValue &lhs = getAddrs(as, op0), &rhs = getAddrs(as, op1);
|
|
747
725
|
auto predicate = cmp->getPredicate();
|
|
748
726
|
switch (predicate)
|
|
749
727
|
{
|
|
@@ -854,93 +832,93 @@ void SVFIR2AbsState::handleCmp(AbstractState& es, const CmpStmt *cmp)
|
|
|
854
832
|
assert(false && "undefined compare: ");
|
|
855
833
|
}
|
|
856
834
|
}
|
|
857
|
-
|
|
835
|
+
as[res] = resVal;
|
|
858
836
|
}
|
|
859
837
|
}
|
|
860
838
|
|
|
861
|
-
void SVFIR2AbsState::handleLoad(AbstractState&
|
|
839
|
+
void SVFIR2AbsState::handleLoad(AbstractState& as, const LoadStmt *load)
|
|
862
840
|
{
|
|
863
841
|
u32_t rhs = load->getRHSVarID();
|
|
864
842
|
u32_t lhs = load->getLHSVarID();
|
|
865
|
-
if (inVarToAddrsTable(
|
|
843
|
+
if (inVarToAddrsTable(as, rhs))
|
|
866
844
|
{
|
|
867
|
-
AbstractValue &addrs = getAddrs(
|
|
845
|
+
AbstractValue &addrs = getAddrs(as, rhs);
|
|
868
846
|
AbstractValue rhsVal(AbstractValue::UnknownType); // interval::bottom Address::bottom
|
|
869
847
|
// AbstractValue absRhs
|
|
870
848
|
for (const auto &addr: addrs.getAddrs())
|
|
871
849
|
{
|
|
872
850
|
// inLocToAbsVal()
|
|
873
851
|
// absRhs.join_with
|
|
874
|
-
//
|
|
852
|
+
// as.load()
|
|
875
853
|
u32_t objId = getInternalID(addr);
|
|
876
|
-
if (inAddrTable(
|
|
854
|
+
if (inAddrTable(as, objId))
|
|
877
855
|
{
|
|
878
|
-
rhsVal.join_with(
|
|
856
|
+
rhsVal.join_with(as.load(addr));
|
|
879
857
|
}
|
|
880
858
|
}
|
|
881
859
|
if (!rhsVal.isUnknown())
|
|
882
|
-
|
|
860
|
+
as[lhs] = rhsVal;
|
|
883
861
|
}
|
|
884
862
|
}
|
|
885
863
|
|
|
886
|
-
void SVFIR2AbsState::handleStore(AbstractState&
|
|
864
|
+
void SVFIR2AbsState::handleStore(AbstractState& as, const StoreStmt *store)
|
|
887
865
|
{
|
|
888
866
|
u32_t rhs = store->getRHSVarID();
|
|
889
867
|
u32_t lhs = store->getLHSVarID();
|
|
890
|
-
if (inVarToAddrsTable(
|
|
868
|
+
if (inVarToAddrsTable(as, lhs))
|
|
891
869
|
{
|
|
892
|
-
if (inVarTable(
|
|
870
|
+
if (inVarTable(as, rhs))
|
|
893
871
|
{
|
|
894
|
-
for (const auto &addr:
|
|
872
|
+
for (const auto &addr: as[lhs].getAddrs())
|
|
895
873
|
{
|
|
896
|
-
|
|
874
|
+
as.store(addr, as[rhs]);
|
|
897
875
|
}
|
|
898
876
|
}
|
|
899
877
|
}
|
|
900
878
|
}
|
|
901
879
|
|
|
902
|
-
void SVFIR2AbsState::handleCopy(AbstractState&
|
|
880
|
+
void SVFIR2AbsState::handleCopy(AbstractState& as, const CopyStmt *copy)
|
|
903
881
|
{
|
|
904
882
|
u32_t lhs = copy->getLHSVarID();
|
|
905
883
|
u32_t rhs = copy->getRHSVarID();
|
|
906
884
|
|
|
907
|
-
if (inVarToValTable(
|
|
885
|
+
if (inVarToValTable(as, rhs))
|
|
908
886
|
{
|
|
909
887
|
if (copy->getCopyKind() == CopyStmt::COPYVAL)
|
|
910
888
|
{
|
|
911
|
-
|
|
889
|
+
as[lhs] = as[rhs];
|
|
912
890
|
}
|
|
913
891
|
else if (copy->getCopyKind() == CopyStmt::ZEXT)
|
|
914
892
|
{
|
|
915
|
-
|
|
893
|
+
as[lhs] = getZExtValue(as, copy->getRHSVar());
|
|
916
894
|
}
|
|
917
895
|
else if (copy->getCopyKind() == CopyStmt::SEXT)
|
|
918
896
|
{
|
|
919
|
-
|
|
897
|
+
as[lhs] = getSExtValue(as, copy->getRHSVar());
|
|
920
898
|
}
|
|
921
899
|
else if (copy->getCopyKind() == CopyStmt::FPTOSI)
|
|
922
900
|
{
|
|
923
|
-
|
|
901
|
+
as[lhs] = getFPToSIntValue(as, copy->getRHSVar());
|
|
924
902
|
}
|
|
925
903
|
else if (copy->getCopyKind() == CopyStmt::FPTOUI)
|
|
926
904
|
{
|
|
927
|
-
|
|
905
|
+
as[lhs] = getFPToUIntValue(as, copy->getRHSVar());
|
|
928
906
|
}
|
|
929
907
|
else if (copy->getCopyKind() == CopyStmt::SITOFP)
|
|
930
908
|
{
|
|
931
|
-
|
|
909
|
+
as[lhs] = getSIntToFPValue(as, copy->getRHSVar());
|
|
932
910
|
}
|
|
933
911
|
else if (copy->getCopyKind() == CopyStmt::UITOFP)
|
|
934
912
|
{
|
|
935
|
-
|
|
913
|
+
as[lhs] = getUIntToFPValue(as, copy->getRHSVar());
|
|
936
914
|
}
|
|
937
915
|
else if (copy->getCopyKind() == CopyStmt::TRUNC)
|
|
938
916
|
{
|
|
939
|
-
|
|
917
|
+
as[lhs] = getTruncValue(as, copy->getRHSVar(), copy->getLHSVar()->getType());
|
|
940
918
|
}
|
|
941
919
|
else if (copy->getCopyKind() == CopyStmt::FPTRUNC)
|
|
942
920
|
{
|
|
943
|
-
|
|
921
|
+
as[lhs] = getFPTruncValue(as, copy->getRHSVar(), copy->getLHSVar()->getType());
|
|
944
922
|
}
|
|
945
923
|
else if (copy->getCopyKind() == CopyStmt::INTTOPTR)
|
|
946
924
|
{
|
|
@@ -948,13 +926,13 @@ void SVFIR2AbsState::handleCopy(AbstractState& es, const CopyStmt *copy)
|
|
|
948
926
|
}
|
|
949
927
|
else if (copy->getCopyKind() == CopyStmt::PTRTOINT)
|
|
950
928
|
{
|
|
951
|
-
|
|
929
|
+
as[lhs] = IntervalValue::top();
|
|
952
930
|
}
|
|
953
931
|
else if (copy->getCopyKind() == CopyStmt::BITCAST)
|
|
954
932
|
{
|
|
955
|
-
if (
|
|
933
|
+
if (as[rhs].isAddr())
|
|
956
934
|
{
|
|
957
|
-
|
|
935
|
+
as[lhs] = as[rhs];
|
|
958
936
|
}
|
|
959
937
|
else
|
|
960
938
|
{
|
|
@@ -967,19 +945,19 @@ void SVFIR2AbsState::handleCopy(AbstractState& es, const CopyStmt *copy)
|
|
|
967
945
|
abort();
|
|
968
946
|
}
|
|
969
947
|
}
|
|
970
|
-
else if (inVarToAddrsTable(
|
|
948
|
+
else if (inVarToAddrsTable(as, rhs))
|
|
971
949
|
{
|
|
972
|
-
|
|
950
|
+
as[lhs] = as[rhs];
|
|
973
951
|
}
|
|
974
952
|
}
|
|
975
953
|
|
|
976
|
-
void SVFIR2AbsState::handleGep(AbstractState&
|
|
954
|
+
void SVFIR2AbsState::handleGep(AbstractState& as, const GepStmt *gep)
|
|
977
955
|
{
|
|
978
956
|
u32_t rhs = gep->getRHSVarID();
|
|
979
957
|
u32_t lhs = gep->getLHSVarID();
|
|
980
|
-
if (!inVarToAddrsTable(
|
|
981
|
-
AbstractValue &rhsVal =
|
|
982
|
-
IntervalValue offsetPair = getElementIndex(
|
|
958
|
+
if (!inVarToAddrsTable(as, rhs)) return;
|
|
959
|
+
AbstractValue &rhsVal = as[rhs];
|
|
960
|
+
IntervalValue offsetPair = getElementIndex(as, gep);
|
|
983
961
|
if (!isVirtualMemAddress(*rhsVal.getAddrs().begin()))
|
|
984
962
|
return;
|
|
985
963
|
else
|
|
@@ -990,40 +968,40 @@ void SVFIR2AbsState::handleGep(AbstractState& es, const GepStmt *gep)
|
|
|
990
968
|
APOffset ub = offsetPair.ub().getIntNumeral() < Options::MaxFieldLimit()?
|
|
991
969
|
offsetPair.ub().getIntNumeral(): Options::MaxFieldLimit();
|
|
992
970
|
for (APOffset i = lb; i <= ub; i++)
|
|
993
|
-
gepAddrs.join_with(getGepObjAddress(
|
|
971
|
+
gepAddrs.join_with(getGepObjAddress(as, rhs, i));
|
|
994
972
|
if (!rhsVal.isUnknown())
|
|
995
|
-
|
|
973
|
+
as[lhs] = gepAddrs;
|
|
996
974
|
return;
|
|
997
975
|
}
|
|
998
976
|
}
|
|
999
977
|
|
|
1000
|
-
void SVFIR2AbsState::handleSelect(AbstractState&
|
|
978
|
+
void SVFIR2AbsState::handleSelect(AbstractState& as, const SelectStmt *select)
|
|
1001
979
|
{
|
|
1002
980
|
u32_t res = select->getResID();
|
|
1003
981
|
u32_t tval = select->getTrueValue()->getId();
|
|
1004
982
|
u32_t fval = select->getFalseValue()->getId();
|
|
1005
983
|
u32_t cond = select->getCondition()->getId();
|
|
1006
|
-
if (inVarToValTable(
|
|
984
|
+
if (inVarToValTable(as, tval) && inVarToValTable(as, fval) && inVarToValTable(as, cond))
|
|
1007
985
|
{
|
|
1008
|
-
if (
|
|
986
|
+
if (as[cond].getInterval().is_numeral())
|
|
1009
987
|
{
|
|
1010
|
-
|
|
988
|
+
as[res] = as[cond].getInterval().is_zero() ? as[fval] : as[tval];
|
|
1011
989
|
}
|
|
1012
990
|
else
|
|
1013
991
|
{
|
|
1014
|
-
|
|
992
|
+
as[res] = as[cond];
|
|
1015
993
|
}
|
|
1016
994
|
}
|
|
1017
|
-
else if (inVarToAddrsTable(
|
|
995
|
+
else if (inVarToAddrsTable(as, tval) && inVarToAddrsTable(as, fval) && inVarToValTable(as, cond))
|
|
1018
996
|
{
|
|
1019
|
-
if (
|
|
997
|
+
if (as[cond].getInterval().is_numeral())
|
|
1020
998
|
{
|
|
1021
|
-
|
|
999
|
+
as.getAddrs(res) = as[cond].getInterval().is_zero() ? getAddrs(as, fval) : getAddrs(as, tval);
|
|
1022
1000
|
}
|
|
1023
1001
|
}
|
|
1024
1002
|
}
|
|
1025
1003
|
|
|
1026
|
-
void SVFIR2AbsState::handlePhi(AbstractState&
|
|
1004
|
+
void SVFIR2AbsState::handlePhi(AbstractState& as, const PhiStmt *phi)
|
|
1027
1005
|
{
|
|
1028
1006
|
u32_t res = phi->getResID();
|
|
1029
1007
|
AbstractValue rhs(AbstractValue::UnknownType);
|
|
@@ -1031,32 +1009,32 @@ void SVFIR2AbsState::handlePhi(AbstractState& es, const PhiStmt *phi)
|
|
|
1031
1009
|
{
|
|
1032
1010
|
NodeID curId = phi->getOpVarID(i);
|
|
1033
1011
|
|
|
1034
|
-
if (inVarToValTable(
|
|
1012
|
+
if (inVarToValTable(as, curId) || inVarToAddrsTable(as, curId))
|
|
1035
1013
|
{
|
|
1036
|
-
rhs.join_with(
|
|
1014
|
+
rhs.join_with(as[curId]);
|
|
1037
1015
|
}
|
|
1038
1016
|
}
|
|
1039
1017
|
if (!rhs.isUnknown())
|
|
1040
|
-
|
|
1018
|
+
as[res] = rhs;
|
|
1041
1019
|
}
|
|
1042
1020
|
|
|
1043
1021
|
|
|
1044
|
-
void SVFIR2AbsState::handleCall(AbstractState&
|
|
1022
|
+
void SVFIR2AbsState::handleCall(AbstractState& as, const CallPE *callPE)
|
|
1045
1023
|
{
|
|
1046
1024
|
NodeID lhs = callPE->getLHSVarID();
|
|
1047
1025
|
NodeID rhs = callPE->getRHSVarID();
|
|
1048
|
-
if (inVarToValTable(
|
|
1026
|
+
if (inVarToValTable(as, rhs) || inVarToAddrsTable(as, rhs))
|
|
1049
1027
|
{
|
|
1050
|
-
|
|
1028
|
+
as[lhs] = as[rhs];
|
|
1051
1029
|
}
|
|
1052
1030
|
}
|
|
1053
1031
|
|
|
1054
|
-
void SVFIR2AbsState::handleRet(AbstractState&
|
|
1032
|
+
void SVFIR2AbsState::handleRet(AbstractState& as, const RetPE *retPE)
|
|
1055
1033
|
{
|
|
1056
1034
|
NodeID lhs = retPE->getLHSVarID();
|
|
1057
1035
|
NodeID rhs = retPE->getRHSVarID();
|
|
1058
|
-
if (inVarToValTable(
|
|
1036
|
+
if (inVarToValTable(as, rhs) || inVarToAddrsTable(as, rhs))
|
|
1059
1037
|
{
|
|
1060
|
-
|
|
1038
|
+
as[lhs] = as[rhs];
|
|
1061
1039
|
}
|
|
1062
1040
|
}
|