Static Value-Flow Analysis
Loading...
Searching...
No Matches
Public Types | Public Member Functions | Static Public Member Functions | Public Attributes | Protected Attributes | Friends | List of all members
SVF::AbstractState Class Reference

#include <AbstractState.h>

Public Types

typedef Map< u32_t, AbstractValueVarToAbsValMap
 
typedef VarToAbsValMap AddrToAbsValMap
 

Public Member Functions

 AbstractState ()
 default constructor
 
 AbstractState (VarToAbsValMap &_varToValMap, AddrToAbsValMap &_locToValMap)
 
 AbstractState (const AbstractState &rhs)
 copy constructor
 
virtual ~AbstractState ()=default
 
AddressValue getGepObjAddrs (u32_t pointer, IntervalValue offset)
 
void initObjVar (ObjVar *objVar)
 
IntervalValue getElementIndex (const GepStmt *gep)
 
IntervalValue getByteOffset (const GepStmt *gep)
 
AbstractValue loadValue (NodeID varId)
 
void storeValue (NodeID varId, AbstractValue val)
 
u32_t getAllocaInstByteSize (const AddrStmt *addr)
 
u32_t getIDFromAddr (u32_t addr)
 Return the internal index if addr is an address otherwise return the value of idx.
 
AbstractStateoperator= (const AbstractState &rhs)
 
 AbstractState (AbstractState &&rhs)
 move constructor
 
AbstractStateoperator= (AbstractState &&rhs)
 operator= move constructor
 
AbstractState bottom () const
 Set all value bottom.
 
AbstractState top () const
 Set all value top.
 
AbstractState sliceState (Set< u32_t > &sl)
 Copy some values and return a new IntervalExeState.
 
virtual AbstractValueoperator[] (u32_t varId)
 get abstract value of variable
 
virtual const AbstractValueoperator[] (u32_t varId) const
 get abstract value of variable
 
bool inVarToAddrsTable (u32_t id) const
 whether the variable is in varToAddrs table
 
virtual bool inVarToValTable (u32_t id) const
 whether the variable is in varToVal table
 
bool inAddrToAddrsTable (u32_t id) const
 whether the memory address stores memory addresses
 
virtual bool inAddrToValTable (u32_t id) const
 whether the memory address stores abstract value
 
const VarToAbsValMapgetVarToVal () const
 get var2val map
 
const AddrToAbsValMapgetLocToVal () const
 get loc2val map
 
AbstractState widening (const AbstractState &other)
 domain widen with other, and return the widened domain
 
AbstractState narrowing (const AbstractState &other)
 domain narrow with other, and return the narrowed domain
 
void joinWith (const AbstractState &other)
 domain join with other, important! other widen this.
 
void meetWith (const AbstractState &other)
 domain meet with other, important! other widen this.
 
void addToFreedAddrs (NodeID addr)
 
bool isFreedMem (u32_t addr) const
 
const SVFTypegetPointeeElement (NodeID id)
 
u32_t hash () const
 
void store (u32_t addr, const AbstractValue &val)
 
virtual AbstractValueload (u32_t addr)
 
void printAbstractState () const
 
std::string toString () const
 
bool equals (const AbstractState &other) const
 
bool operator== (const AbstractState &rhs) const
 
bool operator!= (const AbstractState &rhs) const
 
bool operator< (const AbstractState &rhs) const
 
bool operator>= (const AbstractState &rhs) const
 
void clear ()
 

Static Public Member Functions

static u32_t getVirtualMemAddress (u32_t idx)
 The physical address starts with 0x7f...... + idx.
 
static bool isVirtualMemAddress (u32_t val)
 Check bit value of val start with 0x7F000000, filter by 0xFF000000.
 
static bool isNullMem (u32_t addr)
 
static bool isInvalidMem (u32_t addr)
 
static bool eqVarToValMap (const VarToAbsValMap &lhs, const VarToAbsValMap &rhs)
 
static bool lessThanVarToValMap (const VarToAbsValMap &lhs, const VarToAbsValMap &rhs)
 
static bool geqVarToValMap (const VarToAbsValMap &lhs, const VarToAbsValMap &rhs)
 

Public Attributes

Set< NodeID_freedAddrs
 

Protected Attributes

VarToAbsValMap _varToAbsVal
 Map a variable (symbol) to its abstract value.
 
AddrToAbsValMap _addrToAbsVal
 Map a memory address to its stored abstract value.
 

Friends

class SVFIR2AbsState
 
class RelationSolver
 

Detailed Description

Definition at line 58 of file AbstractState.h.

Member Typedef Documentation

◆ AddrToAbsValMap

typedef VarToAbsValMap SVF::AbstractState::AddrToAbsValMap

Definition at line 64 of file AbstractState.h.

◆ VarToAbsValMap

typedef Map<u32_t, AbstractValue> SVF::AbstractState::VarToAbsValMap

Definition at line 63 of file AbstractState.h.

Constructor & Destructor Documentation

◆ AbstractState() [1/4]

SVF::AbstractState::AbstractState ( )
inline

default constructor

Definition at line 70 of file AbstractState.h.

71 {
72 }

◆ AbstractState() [2/4]

SVF::AbstractState::AbstractState ( VarToAbsValMap _varToValMap,
AddrToAbsValMap _locToValMap 
)
inline

Definition at line 74 of file AbstractState.h.

74: _varToAbsVal(_varToValMap), _addrToAbsVal(_locToValMap) {}
SVF::AbstractState::_varToAbsVal
VarToAbsValMap _varToAbsVal
Map a variable (symbol) to its abstract value.
Definition AbstractState.h:197
SVF::AbstractState::_addrToAbsVal
AddrToAbsValMap _addrToAbsVal
Map a memory address to its stored abstract value.
Definition AbstractState.h:199
SVF::IRBuilder
llvm::IRBuilder IRBuilder
Definition BasicTypes.h:74

◆ AbstractState() [3/4]

SVF::AbstractState::AbstractState ( const AbstractState rhs)
inline

copy constructor

Definition at line 77 of file AbstractState.h.

77 : _freedAddrs(rhs._freedAddrs), _varToAbsVal(rhs.getVarToVal()), _addrToAbsVal(rhs.getLocToVal())
78 {
79
80 }
SVF::AbstractState::_freedAddrs
Set< NodeID > _freedAddrs
Definition AbstractState.h:65

◆ ~AbstractState()

virtual SVF::AbstractState::~AbstractState ( )
virtualdefault

◆ AbstractState() [4/4]

SVF::AbstractState::AbstractState ( AbstractState &&  rhs)
inline

move constructor

Definition at line 132 of file AbstractState.h.

132 : _varToAbsVal(std::move(rhs._varToAbsVal)),
133 _addrToAbsVal(std::move(rhs._addrToAbsVal))
134 {
135
136 }

Member Function Documentation

◆ addToFreedAddrs()

void SVF::AbstractState::addToFreedAddrs ( NodeID  addr)
inline

Definition at line 294 of file AbstractState.h.

295 {
296 _freedAddrs.insert(addr);
297 }

◆ bottom()

AbstractState SVF::AbstractState::bottom ( ) const
inline

Set all value bottom.

Definition at line 151 of file AbstractState.h.

152 {
153 AbstractState inv = *this;
154 for (auto &item: inv._varToAbsVal)
155 {
156 if (item.second.isInterval())
157 item.second.getInterval().set_to_bottom();
158 }
159 return inv;
160 }
item
cJSON * item
Definition cJSON.h:222
SVF::AbstractState::AbstractState
AbstractState()
default constructor
Definition AbstractState.h:70

◆ clear()

void SVF::AbstractState::clear ( )
inline

Definition at line 413 of file AbstractState.h.

414 {
415 _addrToAbsVal.clear();
416 _varToAbsVal.clear();
417 _freedAddrs.clear();
418 }

◆ equals()

bool AbstractState::equals ( const AbstractState other) const

Definition at line 37 of file AbstractState.cpp.

38{
39 return *this == other;
40}

◆ eqVarToValMap()

static bool SVF::AbstractState::eqVarToValMap ( const VarToAbsValMap lhs,
const VarToAbsValMap rhs 
)
inlinestatic

Definition at line 344 of file AbstractState.h.

345 {
346 if (lhs.size() != rhs.size()) return false;
347 for (const auto &item: lhs)
348 {
349 auto it = rhs.find(item.first);
350 if (it == rhs.end())
351 return false;
352 if (!item.second.equals(it->second))
353 return false;
354 else
355 {
356 }
357 }
358 return true;
359 }

◆ geqVarToValMap()

static bool SVF::AbstractState::geqVarToValMap ( const VarToAbsValMap lhs,
const VarToAbsValMap rhs 
)
inlinestatic

Definition at line 375 of file AbstractState.h.

376 {
377 if (rhs.empty()) return true;
378 for (const auto &item: rhs)
379 {
380 auto it = lhs.find(item.first);
381 if (it == lhs.end()) return false;
382 // judge from expr id
383 if (!it->second.getInterval().contain(
384 item.second.getInterval()))
385 return false;
386
387 }
388 return true;
389 }

◆ getAllocaInstByteSize()

u32_t AbstractState::getAllocaInstByteSize ( const AddrStmt addr)

Definition at line 492 of file AbstractState.cpp.

493{
494 if (const ObjVar* objvar = SVFUtil::dyn_cast<ObjVar>(addr->getRHSVar()))
495 {
496 if (PAG::getPAG()->getBaseObject(objvar->getId())->isConstantByteSize())
497 {
498 u32_t sz = PAG::getPAG()->getBaseObject(objvar->getId())->getByteSizeOfObj();
499 return sz;
500 }
501
502 else
503 {
504 const std::vector<SVFVar*>& sizes = addr->getArrSize();
505 // Default element size is set to 1.
506 u32_t elementSize = 1;
507 u64_t res = elementSize;
508 for (const SVFVar* value: sizes)
509 {
510 if (!inVarToValTable(value->getId()))
511 {
512 (*this)[value->getId()] = IntervalValue(Options::MaxFieldLimit());
513 }
514 IntervalValue itv =
515 (*this)[value->getId()].getInterval();
516 res = res * itv.ub().getIntNumeral() > Options::MaxFieldLimit()? Options::MaxFieldLimit(): res * itv.ub().getIntNumeral();
517 }
518 return (u32_t)res;
519 }
520 }
521 assert (false && "Addr rhs value is not ObjVar");
522 abort();
523}
u32_t
unsigned u32_t
Definition CommandLine.h:18
SVF::AbstractState::inVarToValTable
virtual bool inVarToValTable(u32_t id) const
whether the variable is in varToVal table
Definition AbstractState.h:230
SVF::BaseObjVar::getByteSizeOfObj
u32_t getByteSizeOfObj() const
Get the byte size of this object.
Definition SVFVariables.h:640
SVF::BoundedInt::getIntNumeral
s64_t getIntNumeral() const
Definition NumericValue.h:703
SVF::IntervalValue::ub
const BoundedInt & ub() const
Return the upper bound.
Definition IntervalValue.h:227
SVF::Options::MaxFieldLimit
static const Option< u32_t > MaxFieldLimit
Maximum number of field derivations for an object.
Definition Options.h:39
SVF::SVFIR::getBaseObject
const BaseObjVar * getBaseObject(NodeID id) const
Definition SVFIR.h:423
SVF::SVFIR::getPAG
static SVFIR * getPAG(bool buildFromFile=false)
Singleton design here to make sure we only have one instance during any analysis.
Definition SVFIR.h:116
SVF::u64_t
unsigned long long u64_t
Definition GeneralType.h:49

◆ getByteOffset()

IntervalValue AbstractState::getByteOffset ( const GepStmt gep)

Definition at line 304 of file AbstractState.cpp.

305{
306 // If the GEP statement has a constant byte offset, return it directly as the interval value
307 if (gep->isConstantOffset())
308 return IntervalValue((s64_t)gep->accumulateConstantByteOffset());
309
310 IntervalValue res(0); // Initialize the result interval 'res' to 0.
311
312 // Loop through the offsetVarAndGepTypePairVec in reverse order.
313 for (int i = gep->getOffsetVarAndGepTypePairVec().size() - 1; i >= 0; i--)
314 {
315 const SVFVar* idxOperandVar = gep->getOffsetVarAndGepTypePairVec()[i].first;
316 const SVFType* idxOperandType = gep->getOffsetVarAndGepTypePairVec()[i].second;
317
318 // Calculate the byte offset for array or pointer types
319 if (SVFUtil::isa<SVFArrayType>(idxOperandType) || SVFUtil::isa<SVFPointerType>(idxOperandType))
320 {
321 u32_t elemByteSize = 1;
322 if (const SVFArrayType* arrOperandType = SVFUtil::dyn_cast<SVFArrayType>(idxOperandType))
323 elemByteSize = arrOperandType->getTypeOfElement()->getByteSize();
324 else if (SVFUtil::isa<SVFPointerType>(idxOperandType))
325 elemByteSize = gep->getAccessPath().gepSrcPointeeType()->getByteSize();
326 else
327 assert(false && "idxOperandType must be ArrType or PtrType");
328
329 if (const ConstIntValVar* op = SVFUtil::dyn_cast<ConstIntValVar>(idxOperandVar))
330 {
331 // Calculate the lower bound (lb) of the interval value
332 s64_t lb = (double)Options::MaxFieldLimit() / elemByteSize >= op->getSExtValue()
333 ? op->getSExtValue() * elemByteSize
334 : Options::MaxFieldLimit();
335 res = res + IntervalValue(lb, lb);
336 }
337 else
338 {
339 IntervalValue idxVal = (*this)[idxOperandVar->getId()].getInterval();
340
341 if (idxVal.isBottom())
342 res = res + IntervalValue(0, 0);
343 else
344 {
345 // Ensure the bounds are non-negative and within the field limit
346 s64_t ub = (idxVal.ub().getIntNumeral() < 0) ? 0
347 : (double)Options::MaxFieldLimit() / elemByteSize >= idxVal.ub().getIntNumeral()
348 ? elemByteSize * idxVal.ub().getIntNumeral()
349 : Options::MaxFieldLimit();
350 s64_t lb = (idxVal.lb().getIntNumeral() < 0) ? 0
351 : (double)Options::MaxFieldLimit() / elemByteSize >= idxVal.lb().getIntNumeral()
352 ? elemByteSize * idxVal.lb().getIntNumeral()
353 : Options::MaxFieldLimit();
354 res = res + IntervalValue(lb, ub);
355 }
356 }
357 }
358 // Process struct subtypes by calculating the byte offset from the beginning to the field of the struct
359 else if (const SVFStructType* structOperandType = SVFUtil::dyn_cast<SVFStructType>(idxOperandType))
360 {
361 res = res + IntervalValue(gep->getAccessPath().getStructFieldOffset(idxOperandVar, structOperandType));
362 }
363 else
364 {
365 assert(false && "gep type pair only support arr/ptr/struct");
366 }
367 }
368 return res; // Return the resulting byte offset as an IntervalValue.
369}
SVF::Options
Carries around command line options.
Definition Options.h:21
SVF::SVFType::getByteSize
u32_t getByteSize() const
Definition SVFType.h:244
SVF::s64_t
signed long long s64_t
Definition GeneralType.h:50

◆ getElementIndex()

IntervalValue AbstractState::getElementIndex ( const GepStmt gep)

Definition at line 231 of file AbstractState.cpp.

232{
233 // If the GEP statement has a constant offset, return it directly as the interval value
234 if (gep->isConstantOffset())
235 return IntervalValue((s64_t)gep->accumulateConstantOffset());
236
237 IntervalValue res(0);
238 // Iterate over the list of offset variable and type pairs in reverse order
239 for (int i = gep->getOffsetVarAndGepTypePairVec().size() - 1; i >= 0; i--)
240 {
241 AccessPath::IdxOperandPair IdxVarAndType = gep->getOffsetVarAndGepTypePairVec()[i];
242 const SVFVar* var = gep->getOffsetVarAndGepTypePairVec()[i].first;
243 const SVFType* type = IdxVarAndType.second;
244
245 // Variables to store the lower and upper bounds of the index value
246 s64_t idxLb;
247 s64_t idxUb;
248
249 // Determine the lower and upper bounds based on whether the value is a constant
250 if (const ConstIntValVar* constInt = SVFUtil::dyn_cast<ConstIntValVar>(var))
251 idxLb = idxUb = constInt->getSExtValue();
252 else
253 {
254 IntervalValue idxItv = (*this)[var->getId()].getInterval();
255 if (idxItv.isBottom())
256 idxLb = idxUb = 0;
257 else
258 {
259 idxLb = idxItv.lb().getIntNumeral();
260 idxUb = idxItv.ub().getIntNumeral();
261 }
262 }
263
264 // Adjust the bounds if the type is a pointer
265 if (SVFUtil::isa<SVFPointerType>(type))
266 {
267 u32_t elemNum = gep->getAccessPath().getElementNum(gep->getAccessPath().gepSrcPointeeType());
268 idxLb = (double)Options::MaxFieldLimit() / elemNum < idxLb ? Options::MaxFieldLimit() : idxLb * elemNum;
269 idxUb = (double)Options::MaxFieldLimit() / elemNum < idxUb ? Options::MaxFieldLimit() : idxUb * elemNum;
270 }
271 // Adjust the bounds for array or struct types using the symbol table info
272 else
273 {
274 if (Options::ModelArrays())
275 {
276 const std::vector<u32_t>& so = PAG::getPAG()->getTypeInfo(type)->getFlattenedElemIdxVec();
277 if (so.empty() || idxUb >= (APOffset)so.size() || idxLb < 0)
278 {
279 idxLb = idxUb = 0;
280 }
281 else
282 {
283 idxLb = PAG::getPAG()->getFlattenedElemIdx(type, idxLb);
284 idxUb = PAG::getPAG()->getFlattenedElemIdx(type, idxUb);
285 }
286 }
287 else
288 idxLb = idxUb = 0;
289 }
290
291 // Add the calculated interval to the result
292 res = res + IntervalValue(idxLb, idxUb);
293 }
294
295 // Ensure the result is within the bounds of [0, MaxFieldLimit]
296 res.meet_with(IntervalValue((s64_t)0, (s64_t)Options::MaxFieldLimit()));
297 if (res.isBottom())
298 {
299 res = IntervalValue(0);
300 }
301 return res;
302}
type
newitem type
Definition cJSON.cpp:2739
SVF::AccessPath::IdxOperandPair
std::pair< const SVFVar *, const SVFType * > IdxOperandPair
Definition AccessPath.h:63
SVF::IRGraph::getFlattenedElemIdx
u32_t getFlattenedElemIdx(const SVFType *T, u32_t origId)
Flattened element idx of an array or struct by considering stride.
Definition IRGraph.cpp:144
SVF::IRGraph::getTypeInfo
const StInfo * getTypeInfo(const SVFType *T) const
Get struct info.
Definition IRGraph.cpp:242
SVF::IntervalValue::lb
const BoundedInt & lb() const
Return the lower bound.
Definition IntervalValue.h:220
SVF::Options::ModelArrays
static Option< bool > ModelArrays
Definition Options.h:189
SVF::StInfo::getFlattenedElemIdxVec
std::vector< u32_t > & getFlattenedElemIdxVec()
Definition SVFType.h:98
SVF::APOffset
s64_t APOffset
Definition GeneralType.h:60

◆ getGepObjAddrs()

AddressValue AbstractState::getGepObjAddrs ( u32_t  pointer,
IntervalValue  offset 
)

Definition at line 162 of file AbstractState.cpp.

163{
164 AddressValue gepAddrs;
165 APOffset lb = offset.lb().getIntNumeral() < Options::MaxFieldLimit() ? offset.lb().getIntNumeral()
166 : Options::MaxFieldLimit();
167 APOffset ub = offset.ub().getIntNumeral() < Options::MaxFieldLimit() ? offset.ub().getIntNumeral()
168 : Options::MaxFieldLimit();
169 for (APOffset i = lb; i <= ub; i++)
170 {
171 AbstractValue addrs = (*this)[pointer];
172 for (const auto& addr : addrs.getAddrs())
173 {
174 s64_t baseObj = getIDFromAddr(addr);
175 assert(SVFUtil::isa<ObjVar>(PAG::getPAG()->getGNode(baseObj)) && "Fail to get the base object address!");
176 NodeID gepObj = PAG::getPAG()->getGepObjVar(baseObj, i);
177 (*this)[gepObj] = AddressValue(AbstractState::getVirtualMemAddress(gepObj));
178 gepAddrs.insert(AbstractState::getVirtualMemAddress(gepObj));
179 }
180 }
181
182 return gepAddrs;
183}
offset
buffer offset
Definition cJSON.cpp:1113
SVF::AbstractState::getIDFromAddr
u32_t getIDFromAddr(u32_t addr)
Return the internal index if addr is an address otherwise return the value of idx.
Definition AbstractState.h:115
SVF::AbstractState::getVirtualMemAddress
static u32_t getVirtualMemAddress(u32_t idx)
The physical address starts with 0x7f...... + idx.
Definition AbstractState.h:103
SVF::SVFIR::getGepObjVar
NodeID getGepObjVar(const BaseObjVar *baseObj, const APOffset &ap)
Get a field SVFIR Object node according to base mem obj and offset.
Definition SVFIR.cpp:439
SVF::NodeID
u32_t NodeID
Definition GeneralType.h:56

◆ getIDFromAddr()

u32_t SVF::AbstractState::getIDFromAddr ( u32_t  addr)
inline

Return the internal index if addr is an address otherwise return the value of idx.

Definition at line 115 of file AbstractState.h.

116 {
117 return _freedAddrs.count(addr) ? AddressValue::getInternalID(InvalidMemAddr) : AddressValue::getInternalID(addr);
118 }
InvalidMemAddr
#define InvalidMemAddr
Definition AddressValue.h:36
SVF::AddressValue::getInternalID
static u32_t getInternalID(u32_t idx)
Return the internal index if idx is an address otherwise return the value of idx.
Definition AddressValue.h:57

◆ getLocToVal()

const AddrToAbsValMap & SVF::AbstractState::getLocToVal ( ) const
inline

get loc2val map

Definition at line 275 of file AbstractState.h.

276 {
277 return _addrToAbsVal;
278 }

◆ getPointeeElement()

const SVFType * AbstractState::getPointeeElement ( NodeID  id)

if this NodeID in SVFIR is a pointer, get the pointee type e.g arr = (int*) malloc(10*sizeof(int)) getPointeeType(arr) -> return int we can set arr[0]='c', arr[1]='c', arr[2]='\0'

Parameters
callcallnode of memset like api

Definition at line 471 of file AbstractState.cpp.

472{
473 SVFIR* svfir = PAG::getPAG();
474 if (inVarToAddrsTable(id))
475 {
476 const AbstractValue& addrs = (*this)[id];
477 for (auto addr: addrs.getAddrs())
478 {
479 NodeID addr_id = getIDFromAddr(addr);
480 if (addr_id == 0) // nullptr skip
481 continue;
482 return svfir->getBaseObject(addr_id)->getType();
483 }
484 }
485 else
486 {
487 // do nothing if no record in addrs table.
488 }
489 return nullptr;
490}
SVF::AbstractState::inVarToAddrsTable
bool inVarToAddrsTable(u32_t id) const
whether the variable is in varToAddrs table
Definition AbstractState.h:217
SVF::BaseObjVar::getType
const SVFType * getType() const
Get obj type.
Definition SVFVariables.h:593

◆ getVarToVal()

const VarToAbsValMap & SVF::AbstractState::getVarToVal ( ) const
inline

get var2val map

Definition at line 269 of file AbstractState.h.

270 {
271 return _varToAbsVal;
272 }

◆ getVirtualMemAddress()

static u32_t SVF::AbstractState::getVirtualMemAddress ( u32_t  idx)
inlinestatic

The physical address starts with 0x7f...... + idx.

Definition at line 103 of file AbstractState.h.

104 {
105 return AddressValue::getVirtualMemAddress(idx);
106 }
SVF::AddressValue::getVirtualMemAddress
static u32_t getVirtualMemAddress(u32_t idx)
The physical address starts with 0x7f...... + idx.
Definition AddressValue.h:210

◆ hash()

u32_t AbstractState::hash ( ) const

Definition at line 42 of file AbstractState.cpp.

43{
44 size_t h = getVarToVal().size() * 2;
45 Hash<u32_t> hf;
46 for (const auto &t: getVarToVal())
47 {
48 h ^= hf(t.first) + 0x9e3779b9 + (h << 6) + (h >> 2);
49 }
50 size_t h2 = getLocToVal().size() * 2;
51 for (const auto &t: getLocToVal())
52 {
53 h2 ^= hf(t.first) + 0x9e3779b9 + (h2 << 6) + (h2 >> 2);
54 }
55 Hash<std::pair<u32_t, u32_t>> pairH;
56 return pairH({h, h2});
57}
SVF::AbstractState::getLocToVal
const AddrToAbsValMap & getLocToVal() const
get loc2val map
Definition AbstractState.h:275
SVF::AbstractState::getVarToVal
const VarToAbsValMap & getVarToVal() const
get var2val map
Definition AbstractState.h:269

◆ inAddrToAddrsTable()

bool SVF::AbstractState::inAddrToAddrsTable ( u32_t  id) const
inline

whether the memory address stores memory addresses

Definition at line 243 of file AbstractState.h.

244 {
245 if (_addrToAbsVal.find(id)!= _addrToAbsVal.end())
246 {
247 if (_addrToAbsVal.at(id).isAddr())
248 {
249 return true;
250 }
251 }
252 return false;
253 }

◆ inAddrToValTable()

virtual bool SVF::AbstractState::inAddrToValTable ( u32_t  id) const
inlinevirtual

whether the memory address stores abstract value

Definition at line 256 of file AbstractState.h.

257 {
258 if (_addrToAbsVal.find(id) != _addrToAbsVal.end())
259 {
260 if (_addrToAbsVal.at(id).isInterval())
261 {
262 return true;
263 }
264 }
265 return false;
266 }

◆ initObjVar()

void AbstractState::initObjVar ( ObjVar objVar)

Definition at line 185 of file AbstractState.cpp.

186{
187 NodeID varId = objVar->getId();
188
189 // Check if the object variable has an associated value
190
191 const BaseObjVar* obj = PAG::getPAG()->getBaseObject(objVar->getId());
192
193 // Handle constant data, arrays, and structures
194 if (obj->isConstDataOrConstGlobal() || obj->isConstantArray() || obj->isConstantStruct())
195 {
196 if (const ConstIntObjVar* consInt = SVFUtil::dyn_cast<ConstIntObjVar>(objVar))
197 {
198 s64_t numeral = consInt->getSExtValue();
199 (*this)[varId] = IntervalValue(numeral, numeral);
200 }
201 else if (const ConstFPObjVar* consFP = SVFUtil::dyn_cast<ConstFPObjVar>(objVar))
202 {
203 (*this)[varId] = IntervalValue(consFP->getFPValue(), consFP->getFPValue());
204 }
205 else if (SVFUtil::isa<ConstNullPtrObjVar>(objVar))
206 {
207 (*this)[varId] = IntervalValue(0, 0);
208 }
209 else if (SVFUtil::isa<GlobalObjVar>(objVar))
210 {
211 (*this)[varId] = AddressValue(AbstractState::getVirtualMemAddress(varId));
212 }
213 else if (obj->isConstantArray() || obj->isConstantStruct())
214 {
215 (*this)[varId] = IntervalValue::top();
216 }
217 else
218 {
219 (*this)[varId] = IntervalValue::top();
220 }
221 }
222 // Handle non-constant memory objects
223 else
224 {
225 (*this)[varId] = AddressValue(AbstractState::getVirtualMemAddress(varId));
226 }
227 return;
228}
SVF::IntervalValue::top
static IntervalValue top()
Create the IntervalValue [-inf, +inf].
Definition IntervalValue.h:94

◆ inVarToAddrsTable()

bool SVF::AbstractState::inVarToAddrsTable ( u32_t  id) const
inline

whether the variable is in varToAddrs table

Definition at line 217 of file AbstractState.h.

218 {
219 if (_varToAbsVal.find(id)!= _varToAbsVal.end())
220 {
221 if (_varToAbsVal.at(id).isAddr())
222 {
223 return true;
224 }
225 }
226 return false;
227 }

◆ inVarToValTable()

virtual bool SVF::AbstractState::inVarToValTable ( u32_t  id) const
inlinevirtual

whether the variable is in varToVal table

Definition at line 230 of file AbstractState.h.

231 {
232 if (_varToAbsVal.find(id) != _varToAbsVal.end())
233 {
234 if (_varToAbsVal.at(id).isInterval())
235 {
236 return true;
237 }
238 }
239 return false;
240 }

◆ isFreedMem()

bool SVF::AbstractState::isFreedMem ( u32_t  addr) const
inline

Definition at line 299 of file AbstractState.h.

300 {
301 return _freedAddrs.find(addr) != _freedAddrs.end();
302 }

◆ isInvalidMem()

static bool SVF::AbstractState::isInvalidMem ( u32_t  addr)
inlinestatic

Definition at line 190 of file AbstractState.h.

191 {
192 return AddressValue::getInternalID(addr) == InvalidMemAddr;
193 }

◆ isNullMem()

static bool SVF::AbstractState::isNullMem ( u32_t  addr)
inlinestatic

Definition at line 185 of file AbstractState.h.

186 {
187 return AddressValue::getInternalID(addr) == NullMemAddr;
188 }
NullMemAddr
#define NullMemAddr
Definition AddressValue.h:38

◆ isVirtualMemAddress()

static bool SVF::AbstractState::isVirtualMemAddress ( u32_t  val)
inlinestatic

Check bit value of val start with 0x7F000000, filter by 0xFF000000.

Definition at line 109 of file AbstractState.h.

110 {
111 return AddressValue::isVirtualMemAddress(val);
112 }
SVF::AddressValue::isVirtualMemAddress
static bool isVirtualMemAddress(u32_t val)
Check bit value of val start with 0x7F000000, filter by 0xFF000000.
Definition AddressValue.h:218

◆ joinWith()

void AbstractState::joinWith ( const AbstractState other)

domain join with other, important! other widen this.

Definition at line 102 of file AbstractState.cpp.

103{
104 for (auto it = other._varToAbsVal.begin(); it != other._varToAbsVal.end(); ++it)
105 {
106 auto key = it->first;
107 auto oit = _varToAbsVal.find(key);
108 if (oit != _varToAbsVal.end())
109 {
110 oit->second.join_with(it->second);
111 }
112 else
113 {
114 _varToAbsVal.emplace(key, it->second);
115 }
116 }
117 for (auto it = other._addrToAbsVal.begin(); it != other._addrToAbsVal.end(); ++it)
118 {
119 auto key = it->first;
120 auto oit = _addrToAbsVal.find(key);
121 if (oit != _addrToAbsVal.end())
122 {
123 oit->second.join_with(it->second);
124 }
125 else
126 {
127 _addrToAbsVal.emplace(key, it->second);
128 }
129 }
130 _freedAddrs.insert(other._freedAddrs.begin(), other._freedAddrs.end());
131}

◆ lessThanVarToValMap()

static bool SVF::AbstractState::lessThanVarToValMap ( const VarToAbsValMap lhs,
const VarToAbsValMap rhs 
)
inlinestatic

Definition at line 361 of file AbstractState.h.

362 {
363 if (lhs.empty()) return !rhs.empty();
364 for (const auto &item: lhs)
365 {
366 auto it = rhs.find(item.first);
367 if (it == rhs.end()) return false;
368 // judge from expr id
369 if (item.second.getInterval().contain(it->second.getInterval())) return false;
370 }
371 return true;
372 }

◆ load()

virtual AbstractValue & SVF::AbstractState::load ( u32_t  addr)
inlinevirtual

Definition at line 326 of file AbstractState.h.

327 {
328 assert(isVirtualMemAddress(addr) && "not virtual address?");
329 u32_t objId = getIDFromAddr(addr);
330 return _addrToAbsVal[objId];
331
332 }
SVF::AbstractState::isVirtualMemAddress
static bool isVirtualMemAddress(u32_t val)
Check bit value of val start with 0x7F000000, filter by 0xFF000000.
Definition AbstractState.h:109

◆ loadValue()

AbstractValue AbstractState::loadValue ( NodeID  varId)

Definition at line 371 of file AbstractState.cpp.

372{
373 AbstractValue res;
374 for (auto addr : (*this)[varId].getAddrs())
375 {
376 res.join_with(load(addr)); // q = *p
377 }
378 return res;
379}
SVF::AbstractState::load
virtual AbstractValue & load(u32_t addr)
Definition AbstractState.h:326
SVF::AbstractValue::join_with
void join_with(const AbstractValue &other)
Definition AbstractValue.h:128

◆ meetWith()

void AbstractState::meetWith ( const AbstractState other)

domain meet with other, important! other widen this.

Definition at line 134 of file AbstractState.cpp.

135{
136 for (auto it = other._varToAbsVal.begin(); it != other._varToAbsVal.end(); ++it)
137 {
138 auto key = it->first;
139 auto oit = _varToAbsVal.find(key);
140 if (oit != _varToAbsVal.end())
141 {
142 oit->second.meet_with(it->second);
143 }
144 }
145 for (auto it = other._addrToAbsVal.begin(); it != other._addrToAbsVal.end(); ++it)
146 {
147 auto key = it->first;
148 auto oit = _addrToAbsVal.find(key);
149 if (oit != _addrToAbsVal.end())
150 {
151 oit->second.meet_with(it->second);
152 }
153 }
154 Set<NodeID> intersection;
155 std::set_intersection(_freedAddrs.begin(), _freedAddrs.end(),
156 other._freedAddrs.begin(), other._freedAddrs.end(),
157 std::inserter(intersection, intersection.begin()));
158 _freedAddrs = std::move(intersection);
159}

◆ narrowing()

AbstractState AbstractState::narrowing ( const AbstractState other)

domain narrow with other, and return the narrowed domain

Definition at line 80 of file AbstractState.cpp.

81{
82 AbstractState es = *this;
83 for (auto it = es._varToAbsVal.begin(); it != es._varToAbsVal.end(); ++it)
84 {
85 auto key = it->first;
86 if (other._varToAbsVal.find(key) != other._varToAbsVal.end())
87 if (it->second.isInterval() && other._varToAbsVal.at(key).isInterval())
88 it->second.getInterval().narrow_with(other._varToAbsVal.at(key).getInterval());
89 }
90 for (auto it = es._addrToAbsVal.begin(); it != es._addrToAbsVal.end(); ++it)
91 {
92 auto key = it->first;
93 if (other._addrToAbsVal.find(key) != other._addrToAbsVal.end())
94 if (it->second.isInterval() && other._addrToAbsVal.at(key).isInterval())
95 it->second.getInterval().narrow_with(other._addrToAbsVal.at(key).getInterval());
96 }
97 return es;
98
99}

◆ operator!=()

bool SVF::AbstractState::operator!= ( const AbstractState rhs) const
inline

Definition at line 397 of file AbstractState.h.

398 {
399 return !(*this == rhs);
400 }

◆ operator<()

bool SVF::AbstractState::operator< ( const AbstractState rhs) const
inline

Definition at line 402 of file AbstractState.h.

403 {
404 return !(*this >= rhs);
405 }

◆ operator=() [1/2]

AbstractState & SVF::AbstractState::operator= ( AbstractState &&  rhs)
inline

operator= move constructor

Definition at line 139 of file AbstractState.h.

140 {
141 if (&rhs != this)
142 {
143 _varToAbsVal = std::move(rhs._varToAbsVal);
144 _addrToAbsVal = std::move(rhs._addrToAbsVal);
145 _freedAddrs = std::move(rhs._freedAddrs);
146 }
147 return *this;
148 }

◆ operator=() [2/2]

AbstractState & SVF::AbstractState::operator= ( const AbstractState rhs)
inline

Definition at line 120 of file AbstractState.h.

121 {
122 if (rhs != *this)
123 {
124 _varToAbsVal = rhs._varToAbsVal;
125 _addrToAbsVal = rhs._addrToAbsVal;
126 _freedAddrs = rhs._freedAddrs;
127 }
128 return *this;
129 }

◆ operator==()

bool SVF::AbstractState::operator== ( const AbstractState rhs) const
inline

Definition at line 391 of file AbstractState.h.

392 {
393 return eqVarToValMap(_varToAbsVal, rhs.getVarToVal()) &&
394 eqVarToValMap(_addrToAbsVal, rhs.getLocToVal());
395 }
SVF::AbstractState::eqVarToValMap
static bool eqVarToValMap(const VarToAbsValMap &lhs, const VarToAbsValMap &rhs)
Definition AbstractState.h:344

◆ operator>=()

bool SVF::AbstractState::operator>= ( const AbstractState rhs) const
inline

Definition at line 408 of file AbstractState.h.

409 {
410 return geqVarToValMap(_varToAbsVal, rhs.getVarToVal()) && geqVarToValMap(_addrToAbsVal, rhs.getLocToVal());
411 }
SVF::AbstractState::geqVarToValMap
static bool geqVarToValMap(const VarToAbsValMap &lhs, const VarToAbsValMap &rhs)
Definition AbstractState.h:375

◆ operator[]() [1/2]

virtual AbstractValue & SVF::AbstractState::operator[] ( u32_t  varId)
inlinevirtual

get abstract value of variable

Definition at line 205 of file AbstractState.h.

206 {
207 return _varToAbsVal[varId];
208 }

◆ operator[]() [2/2]

virtual const AbstractValue & SVF::AbstractState::operator[] ( u32_t  varId) const
inlinevirtual

get abstract value of variable

Definition at line 211 of file AbstractState.h.

212 {
213 return _varToAbsVal.at(varId);
214 }

◆ printAbstractState()

void AbstractState::printAbstractState ( ) const

Definition at line 389 of file AbstractState.cpp.

390{
391 SVFUtil::outs() << "-----------Var and Value-----------\n";
392 u32_t fieldWidth = 20;
393 SVFUtil::outs().flags(std::ios::left);
394 std::vector<std::pair<u32_t, AbstractValue>> varToAbsValVec(_varToAbsVal.begin(), _varToAbsVal.end());
395 std::sort(varToAbsValVec.begin(), varToAbsValVec.end(), [](const auto &a, const auto &b)
396 {
397 return a.first < b.first;
398 });
399 for (const auto &item: varToAbsValVec)
400 {
401 SVFUtil::outs() << std::left << std::setw(fieldWidth) << ("Var" + std::to_string(item.first));
402 if (item.second.isInterval())
403 {
404 SVFUtil::outs() << " Value: " << item.second.getInterval().toString() << "\n";
405 }
406 else if (item.second.isAddr())
407 {
408 SVFUtil::outs() << " Value: {";
409 u32_t i = 0;
410 for (const auto& addr: item.second.getAddrs())
411 {
412 ++i;
413 if (i < item.second.getAddrs().size())
414 {
415 SVFUtil::outs() << "0x" << std::hex << addr << ", ";
416 }
417 else
418 {
419 SVFUtil::outs() << "0x" << std::hex << addr;
420 }
421 }
422 SVFUtil::outs() << "}\n";
423 }
424 else
425 {
426 SVFUtil::outs() << " Value: ⊥\n";
427 }
428 }
429
430 std::vector<std::pair<u32_t, AbstractValue>> addrToAbsValVec(_addrToAbsVal.begin(), _addrToAbsVal.end());
431 std::sort(addrToAbsValVec.begin(), addrToAbsValVec.end(), [](const auto &a, const auto &b)
432 {
433 return a.first < b.first;
434 });
435
436 for (const auto& item: addrToAbsValVec)
437 {
438 std::ostringstream oss;
439 oss << "0x" << std::hex << AbstractState::getVirtualMemAddress(item.first);
440 SVFUtil::outs() << std::left << std::setw(fieldWidth) << oss.str();
441 if (item.second.isInterval())
442 {
443 SVFUtil::outs() << " Value: " << item.second.getInterval().toString() << "\n";
444 }
445 else if (item.second.isAddr())
446 {
447 SVFUtil::outs() << " Value: {";
448 u32_t i = 0;
449 for (const auto& addr: item.second.getAddrs())
450 {
451 ++i;
452 if (i < item.second.getAddrs().size())
453 {
454 SVFUtil::outs() << "0x" << std::hex << addr << ", ";
455 }
456 else
457 {
458 SVFUtil::outs() << "0x" << std::hex << addr;
459 }
460 }
461 SVFUtil::outs() << "}\n";
462 }
463 else
464 {
465 SVFUtil::outs() << " Value: ⊥\n";
466 }
467 }
468 SVFUtil::outs() << "-----------------------------------------\n";
469}
a
cJSON * a
Definition cJSON.cpp:2560
b
const cJSON *const b
Definition cJSON.h:255
SVF::SVFUtil::outs
std::ostream & outs()
Overwrite llvm::outs()
Definition SVFUtil.h:52

◆ sliceState()

AbstractState SVF::AbstractState::sliceState ( Set< u32_t > &  sl)
inline

Copy some values and return a new IntervalExeState.

Definition at line 175 of file AbstractState.h.

176 {
177 AbstractState inv;
178 for (u32_t id: sl)
179 {
180 inv._varToAbsVal[id] = _varToAbsVal[id];
181 }
182 return inv;
183 }

◆ store()

void SVF::AbstractState::store ( u32_t  addr,
const AbstractValue val 
)
inline

Definition at line 318 of file AbstractState.h.

319 {
320 assert(isVirtualMemAddress(addr) && "not virtual address?");
321 u32_t objId = getIDFromAddr(addr);
322 if (isNullMem(addr)) return;
323 _addrToAbsVal[objId] = val;
324 }
SVF::AbstractState::isNullMem
static bool isNullMem(u32_t addr)
Definition AbstractState.h:185

◆ storeValue()

void AbstractState::storeValue ( NodeID  varId,
AbstractValue  val 
)

Definition at line 381 of file AbstractState.cpp.

382{
383 for (auto addr : (*this)[varId].getAddrs())
384 {
385 store(addr, val); // *p = q
386 }
387}
SVF::AbstractState::store
void store(u32_t addr, const AbstractValue &val)
Definition AbstractState.h:318

◆ top()

AbstractState SVF::AbstractState::top ( ) const
inline

Set all value top.

Definition at line 163 of file AbstractState.h.

164 {
165 AbstractState inv = *this;
166 for (auto &item: inv._varToAbsVal)
167 {
168 if (item.second.isInterval())
169 item.second.getInterval().set_to_top();
170 }
171 return inv;
172 }

◆ toString()

std::string SVF::AbstractState::toString ( ) const
inline

Definition at line 336 of file AbstractState.h.

337 {
338 return "";
339 }

◆ widening()

AbstractState AbstractState::widening ( const AbstractState other)

domain widen with other, and return the widened domain

Definition at line 59 of file AbstractState.cpp.

60{
61 // widen interval
62 AbstractState es = *this;
63 for (auto it = es._varToAbsVal.begin(); it != es._varToAbsVal.end(); ++it)
64 {
65 auto key = it->first;
66 if (other._varToAbsVal.find(key) != other._varToAbsVal.end())
67 if (it->second.isInterval() && other._varToAbsVal.at(key).isInterval())
68 it->second.getInterval().widen_with(other._varToAbsVal.at(key).getInterval());
69 }
70 for (auto it = es._addrToAbsVal.begin(); it != es._addrToAbsVal.end(); ++it)
71 {
72 auto key = it->first;
73 if (other._addrToAbsVal.find(key) != other._addrToAbsVal.end())
74 if (it->second.isInterval() && other._addrToAbsVal.at(key).isInterval())
75 it->second.getInterval().widen_with(other._addrToAbsVal.at(key).getInterval());
76 }
77 return es;
78}

Friends And Related Symbol Documentation

◆ RelationSolver

friend class RelationSolver
friend

Definition at line 61 of file AbstractState.h.

◆ SVFIR2AbsState

friend class SVFIR2AbsState
friend

Definition at line 60 of file AbstractState.h.

Member Data Documentation

◆ _addrToAbsVal

AddrToAbsValMap SVF::AbstractState::_addrToAbsVal
protected

Map a memory address to its stored abstract value.

Definition at line 199 of file AbstractState.h.

◆ _freedAddrs

Set<NodeID> SVF::AbstractState::_freedAddrs

Definition at line 65 of file AbstractState.h.

◆ _varToAbsVal

VarToAbsValMap SVF::AbstractState::_varToAbsVal
protected

Map a variable (symbol) to its abstract value.

Definition at line 197 of file AbstractState.h.

The documentation for this class was generated from the following files:
Generated by doxygen 1.9.8