SVF-all.patch

From 12ede5e903bd806c984217b0fc37f873f9718248 Mon Sep 17 00:00:00 2001
From: Pietro Borrello <borrello@diag.uniroma1.it>
Date: Fri, 28 May 2021 13:44:45 +0200
Subject: Fix handling of padded vtables (common in asan builds)

---
 lib/SVF-FE/CHG.cpp | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/lib/SVF-FE/CHG.cpp b/lib/SVF-FE/CHG.cpp
index 00bfbcf..fef1902 100644
--- a/lib/SVF-FE/CHG.cpp
+++ b/lib/SVF-FE/CHG.cpp
@@ -128,7 +128,19 @@ void CHGraph::buildCHGNodes(const GlobalValue *globalvalue)
 
         for (unsigned int ei = 0; ei < vtblStruct->getNumOperands(); ++ei)
         {
-            const ConstantArray *vtbl = SVFUtil::dyn_cast<ConstantArray>(vtblStruct->getOperand(ei));
+            Constant *operand = vtblStruct->getOperand(ei);
+            // Sometimes ASAN adds padding to vtable by embedding them in structs
+            // so we should check and unpack them
+            if (!SVFUtil::isa<ConstantArray>(operand)) {
+                ConstantStruct *opStruct = SVFUtil::dyn_cast<ConstantStruct>(operand);
+                if(!opStruct) {
+                    // We should skip handling the padding, in the form of an array
+                    assert(SVFUtil::isa<ArrayType>(operand->getType()));
+                    continue;
+                }
+                operand = opStruct->getOperand(0);
+            }
+            const ConstantArray *vtbl = SVFUtil::dyn_cast<ConstantArray>(operand);
             assert(vtbl && "Element of initializer not an array?");
             for (u32_t i = 0; i < vtbl->getNumOperands(); ++i)
             {
@@ -434,8 +446,20 @@ void CHGraph::analyzeVTables(const Module &M)
 
             for (unsigned int ei = 0; ei < vtblStruct->getNumOperands(); ++ei)
             {
+                Constant *operand = vtblStruct->getOperand(ei);
+                // Sometimes ASAN adds padding to vtable by embedding them in structs
+                // so we should check and unpack them
+                if (!SVFUtil::isa<ConstantArray>(operand)) {
+                    ConstantStruct *opStruct = SVFUtil::dyn_cast<ConstantStruct>(operand);
+                    if(!opStruct) {
+                        // We should skip handling the padding, in the form of an array
+                        assert(SVFUtil::isa<ArrayType>(operand->getType()));
+                        continue;
+                    }
+                    operand = opStruct->getOperand(0);
+                }
                 const ConstantArray *vtbl =
-                    SVFUtil::dyn_cast<ConstantArray>(vtblStruct->getOperand(ei));
+                    SVFUtil::dyn_cast<ConstantArray>(operand);
                 assert(vtbl && "Element of initializer not an array?");
 
                 /*
-- 
2.17.1


From eebe3d824cb29455732e9d7dac9911bc9711efde Mon Sep 17 00:00:00 2001
From: Pietro Borrello <borrello@diag.uniroma1.it>
Date: Fri, 28 May 2021 13:49:33 +0200
Subject: contextDDA: add check on NULL refVal in isHeapCondMemObj

---
 lib/DDA/ContextDDA.cpp | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/lib/DDA/ContextDDA.cpp b/lib/DDA/ContextDDA.cpp
index 6b37821..b53d1e0 100644
--- a/lib/DDA/ContextDDA.cpp
+++ b/lib/DDA/ContextDDA.cpp
@@ -316,7 +316,17 @@ bool ContextDDA::isHeapCondMemObj(const CxtVar& var, const StoreSVFGNode*)
     assert(mem && "memory object is null??");
     if(mem->isHeap())
     {
-        if(const Instruction* mallocSite = SVFUtil::dyn_cast<Instruction>(mem->getRefVal()))
+        if (!mem->getRefVal()) {
+            PAGNode *pnode = _pag->getPAGNode(getPtrNodeID(var));
+            if(GepObjPN* gepobj = SVFUtil::dyn_cast<GepObjPN>(pnode)) {
+                assert(SVFUtil::isa<DummyObjPN>(_pag->getPAGNode(gepobj->getBaseNode())) && "emtpy refVal in a gep object whose base is a non-dummy object");
+            }
+            else {
+                assert((SVFUtil::isa<DummyObjPN>(pnode) || SVFUtil::isa<DummyValPN>(pnode)) && "empty refVal in non-dummy object");
+            }
+            return true;
+        }
+        else if(const Instruction* mallocSite = SVFUtil::dyn_cast<Instruction>(mem->getRefVal()))
         {
             const Function* fun = mallocSite->getFunction();
             const SVFFunction* svfFun = LLVMModuleSet::getLLVMModuleSet()->getSVFFunction(fun);
-- 
2.17.1


From c5be7f023f4456eaacd917df9c44f58956feb516 Mon Sep 17 00:00:00 2001
From: Pietro Borrello <borrello@diag.uniroma1.it>
Date: Fri, 28 May 2021 13:57:46 +0200
Subject: NodeIDAllocator: set Strategy::SEQ as the default

---
 lib/Util/Options.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/Util/Options.cpp b/lib/Util/Options.cpp
index ac71de5..495a317 100644
--- a/lib/Util/Options.cpp
+++ b/lib/Util/Options.cpp
@@ -14,7 +14,7 @@ namespace SVF
 
     const llvm::cl::opt<NodeIDAllocator::Strategy> Options::NodeAllocStrat(
         "node-alloc-strat",
-        llvm::cl::init(NodeIDAllocator::Strategy::DEBUG),
+        llvm::cl::init(NodeIDAllocator::Strategy::SEQ),
         llvm::cl::desc("Method of allocating (LLVM) values and memory objects as node IDs"),
         llvm::cl::values(
             clEnumValN(NodeIDAllocator::Strategy::DENSE, "dense", "allocate objects together and values together, separately (default)"),
-- 
2.17.1