svf-tools 1.0.991 → 1.0.993

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "svf-tools",
-  "version": "1.0.991",
+  "version": "1.0.993",
   "description": "* <b>[TypeClone](https://github.com/SVF-tools/SVF/wiki/TypeClone) published in our [ECOOP paper](https://yuleisui.github.io/publications/ecoop20.pdf) is now available in SVF </b> * <b>SVF now uses a single script for its build. Just type [`source ./build.sh`](https://github.com/SVF-tools/SVF/blob/master/build.sh) in your terminal, that's it!</b> * <b>SVF now supports LLVM-10.0.0! </b> * <b>We thank [bsauce](https://github.com/bsauce) for writing a user manual of SVF ([link1](https://www.jianshu.com/p/068a08ec749c) and [link2](https://www.jianshu.com/p/777c30d4240e)) in Chinese </b> * <b>SVF now supports LLVM-9.0.0 (Thank [Byoungyoung Lee](https://github.com/SVF-tools/SVF/issues/142) for his help!). </b> * <b>SVF now supports a set of [field-sensitive pointer analyses](https://yuleisui.github.io/publications/sas2019a.pdf). </b> * <b>[Use SVF as an external lib](https://github.com/SVF-tools/SVF/wiki/Using-SVF-as-a-lib-in-your-own-tool) for your own project (Contributed by [Hongxu Chen](https://github.com/HongxuChen)). </b> * <b>SVF now supports LLVM-7.0.0. </b> * <b>SVF now supports Docker. [Try SVF in Docker](https://github.com/SVF-tools/SVF/wiki/Try-SVF-in-Docker)! </b> * <b>SVF now supports [LLVM-6.0.0](https://github.com/svf-tools/SVF/pull/38) (Contributed by [Jack Anthony](https://github.com/jackanth)). </b> * <b>SVF now supports [LLVM-4.0.0](https://github.com/svf-tools/SVF/pull/23) (Contributed by Jared Carlson. Thank [Jared](https://github.com/jcarlson23) and [Will](https://github.com/dtzWill) for their in-depth [discussions](https://github.com/svf-tools/SVF/pull/18) about updating SVF!) </b> * <b>SVF now supports analysis for C++ programs.</b> <br />",
   "main": "index.js",
   "scripts": {

package/svf/include/Graphs/CDG.h

@@ -42,7 +42,7 @@ typedef GenericEdge<CDGNode> GenericCDGEdgeTy;
 class CDGEdge : public GenericCDGEdgeTy
 {
 public:
-    typedef std::pair<const SVFValue *, s32_t> BranchCondition;
+    typedef std::pair<const SVFVar *, s32_t> BranchCondition;
 
     /// Constructor
     CDGEdge(CDGNode *s, CDGNode *d) : GenericCDGEdgeTy(s, d, 0)
@@ -73,7 +73,7 @@ public:
         return brConditions;
     }
 
-    void insertBranchCondition(const SVFValue *pNode, s32_t branchID)
+    void insertBranchCondition(const SVFVar *pNode, s32_t branchID)
     {
         brConditions.insert(std::make_pair(pNode, branchID));
     }
@@ -288,7 +288,7 @@ public:
     }
 
     /// Add CDG edges from nodeid pair
-    void addCDGEdgeFromSrcDst(const ICFGNode *src, const ICFGNode *dst, const SVFValue *pNode, s32_t branchID);
+    void addCDGEdgeFromSrcDst(const ICFGNode *src, const ICFGNode *dst, const SVFVar *pNode, s32_t branchID);
 
 };
 } // end namespace SVF

package/svf/lib/Graphs/CDG.cpp

@@ -32,7 +32,7 @@ using namespace SVF;
 
 CDG *CDG::controlDg = nullptr;
 
-void CDG::addCDGEdgeFromSrcDst(const ICFGNode *src, const ICFGNode *dst, const SVFValue *pNode, s32_t branchID)
+void CDG::addCDGEdgeFromSrcDst(const ICFGNode *src, const ICFGNode *dst, const SVFVar *pNode, s32_t branchID)
 {
     if (!hasCDGNode(src->getId()))
     {

package/svf/lib/Graphs/ConsG.cpp

@@ -149,6 +149,15 @@ void ConstraintGraph::buildCG()
  */
 void ConstraintGraph::clearSolitaries()
 {
+    /// We don't remove return SVFVar from an indirect callsite
+    NodeSet retFromIndCalls;
+    for(auto cs_pair : pag->getIndirectCallsites())
+    {
+        const RetICFGNode* retBlockNode = cs_pair.first->getRetICFGNode();
+        if(pag->callsiteHasRet(retBlockNode))
+            retFromIndCalls.insert(pag->getCallSiteRet(retBlockNode)->getId());
+    }
+
     Set<ConstraintNode*> nodesToRemove;
     for (auto it = this->begin(); it != this->end(); ++it)
     {
@@ -156,6 +165,8 @@ void ConstraintGraph::clearSolitaries()
             continue;
         if (pag->getGNode(it->first)->isPointer())
             continue;
+        if (retFromIndCalls.find(it->first)!=retFromIndCalls.end())
+            continue;
         nodesToRemove.insert(it->second);
     }
 

package/svf/lib/Util/CDGBuilder.cpp

@@ -88,15 +88,14 @@ s64_t CDGBuilder::getBBSuccessorBranchID(const SVFBasicBlock *BB, const SVFBasic
     ICFG *icfg = PAG::getPAG()->getICFG();
     assert(!BB->getICFGNodeList().empty() && "empty bb?");
     const ICFGNode *pred = BB->back();
-    const ICFGEdge *edge = nullptr;
-    for (const auto &node: Succ->getICFGNodeList())
+    if (const CallICFGNode* callNode = dyn_cast<CallICFGNode>(pred))
     {
-        if (const ICFGEdge *e = icfg->getICFGEdge(pred, node, ICFGEdge::ICFGEdgeK::IntraCF))
-        {
-            edge = e;
-            break;
-        }
+        // not a branch statement:
+        //  invoke void %3(ptr noundef nonnull align 8 dereferenceable(8) %1, ptr noundef %2)
+        //          to label %invoke.cont1 unwind label %lpad
+        pred = callNode->getRetICFGNode();
     }
+    const ICFGEdge *edge = icfg->getICFGEdge(pred, Succ->front(), ICFGEdge::ICFGEdgeK::IntraCF);
     if (const IntraCFGEdge *intraEdge = SVFUtil::dyn_cast<IntraCFGEdge>(edge))
     {
         if(intraEdge->getCondition())
@@ -190,9 +189,15 @@ void CDGBuilder::buildICFGNodeControlMap()
         for (const auto &it2: it.second)
         {
             const SVFBasicBlock *controllingBB = it2.first;
-            //            const ICFGNode *controlNode = _bbToNode[it.first].first;
-            //            if(!controlNode) continue;
             const ICFGNode *controlNode = it.first->getICFGNodeList().back();
+            if (const CallICFGNode* callNode =
+                        SVFUtil::dyn_cast<CallICFGNode>(controlNode))
+            {
+                // not a branch statement:
+                //  invoke void %3(ptr noundef nonnull align 8 dereferenceable(8) %1, ptr noundef %2)
+                //          to label %invoke.cont1 unwind label %lpad
+                controlNode = callNode->getRetICFGNode();
+            }
             if (!controlNode) continue;
             // controlNode control at pos
             for (const auto &controllee: controllingBB->getICFGNodeList())
@@ -201,9 +206,30 @@ void CDGBuilder::buildICFGNodeControlMap()
                 _nodeDependentOnMap[controllee][controlNode].insert(it2.second.begin(), it2.second.end());
                 for (s32_t pos: it2.second)
                 {
-                    _controlDG->addCDGEdgeFromSrcDst(controlNode, controllee,
-                                                     SVFUtil::dyn_cast<IntraICFGNode>(controlNode)->getInst(),
-                                                     pos);
+                    if (const IntraICFGNode* intraNode =
+                                dyn_cast<IntraICFGNode>(controlNode))
+                    {
+                        assert(intraNode->getSVFStmts().size() == 1 &&
+                               "not a branch stmt?");
+                        const SVFVar* condition =
+                            SVFUtil::cast<BranchStmt>(
+                                intraNode->getSVFStmts().front())
+                            ->getCondition();
+                        _controlDG->addCDGEdgeFromSrcDst(controlNode, controllee,
+                                                         condition,
+                                                         pos);
+                    }
+                    else
+                    {
+                        // not a branch statement:
+                        //  invoke void %3(ptr noundef nonnull align 8 dereferenceable(8) %1, ptr noundef %2)
+                        //          to label %invoke.cont1 unwind label %lpad
+                        SVFIR* pag = PAG::getPAG();
+                        _controlDG->addCDGEdgeFromSrcDst(
+                            controlNode, controllee,
+                            pag->getGNode(pag->getNullPtr()), pos);
+                    }
+
                 }
             }
         }