package mopsa
MOPSA: A Modular and Open Platform for Static Analysis using Abstract Interpretation
Install
Dune Dependency
Authors
Maintainers
Sources
mopsa-analyzer-v1.1.tar.gz
md5=fdee20e988343751de440b4f6b67c0f4
sha512=f5cbf1328785d3f5ce40155dada2d95e5de5cce4f084ea30cfb04d1ab10cc9403a26cfb3fa55d0f9da72244482130fdb89c286a9aed0d640bba46b7c00e09500
doc/src/c_common/quantified_offset.ml.html
Source file quantified_offset.ml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175(****************************************************************************) (* *) (* This file is part of MOPSA, a Modular Open Platform for Static Analysis. *) (* *) (* Copyright (C) 2017-2019 The MOPSA Project. *) (* *) (* This program is free software: you can redistribute it and/or modify *) (* it under the terms of the GNU Lesser General Public License as published *) (* by the Free Software Foundation, either version 3 of the License, or *) (* (at your option) any later version. *) (* *) (* This program is distributed in the hope that it will be useful, *) (* but WITHOUT ANY WARRANTY; without even the implied warranty of *) (* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *) (* GNU Lesser General Public License for more details. *) (* *) (* You should have received a copy of the GNU Lesser General Public License *) (* along with this program. If not, see <http://www.gnu.org/licenses/>. *) (* *) (****************************************************************************) open Mopsa open Universal.Ast open Stubs.Ast open Ast open Top (** Compute symbolic boundaries of a quantified offset. *) (* FIXME: works only for linear expressions *) let rec bound offset quants : expr * expr = match ekind @@ get_orig_expr offset with | E_constant _ -> offset, offset | E_var (v, _) when is_forall_quantified_var v quants -> find_quantified_var_interval v quants | E_var _ -> offset, offset | E_unop (O_minus, e) -> let l, u = bound e quants in { offset with ekind = E_unop (O_minus, u)}, { offset with ekind = E_unop (O_minus, l)} | E_binop (O_plus, e1, e2) -> let l1, u1 = bound e1 quants in let l2, u2 = bound e2 quants in { offset with ekind = E_binop (O_plus, l1, l2)}, { offset with ekind = E_binop (O_plus, u1, u2)} | E_binop (O_minus, e1, e2) -> let l1, u1 = bound e1 quants in let l2, u2 = bound e2 quants in { offset with ekind = E_binop (O_minus, l1, u2)}, { offset with ekind = E_binop (O_minus, u1, l2)} | E_binop (O_mult, e, ({ ekind = E_constant (C_int c) } as const)) | E_binop (O_mult, ({ ekind = E_constant (C_int c) } as const), e) -> let l, u = bound e quants in if Z.geq c Z.zero then { offset with ekind = E_binop (O_mult, l, { const with ekind = E_constant (C_int c) })}, { offset with ekind = E_binop (O_mult, u, { const with ekind = E_constant (C_int c) })} else { offset with ekind = E_binop (O_mult, u, { const with ekind = E_constant (C_int c) })}, { offset with ekind = E_binop (O_mult, l, { const with ekind = E_constant (C_int c) })} | E_c_cast(e, xplct) -> let l, u = bound e quants in { offset with ekind = E_c_cast (l, xplct)}, { offset with ekind = E_c_cast (u, xplct)} | _ -> panic_at offset.erange "can not compute symbolic bounds of non-linear expression %a" pp_expr offset (** [is_aligned o n man flow] checks whether the value of an expression [o] is aligned w.r.t. size sz *) let is_aligned e sz man flow = (sz = Z.one) || (is_c_expr_equals_z e Z.zero flow) || (man.eval e flow ~translate:"Universal" |> Cases.for_all_result (fun ee flow -> let open Universal.Numeric.Common in let i , c = ask_and_reduce man.ask (mk_int_congr_interval_query ee) flow in match i with | Bot.Nb(I.B.Finite a, I.B.Finite b) when a = b && Z.rem a sz = Z.zero -> true | _ -> Universal.Numeric.Common.C.included_bot c (Bot.Nb (sz,Z.zero)) ) ) (** Compute symbolic boundaries of offset / den *) let bound_div (offset:expr) (den:Z.t) quants man flow : (expr * expr) with_top = let rec doit offset den = let range = erange offset in match ekind @@ get_orig_expr offset with | E_constant (C_int c) when Z.rem c den = Z.zero -> let r = if den = Z.one then offset else if c = Z.zero then offset else div offset (mk_z den range) range in r, r | E_var (v, _) when is_forall_quantified_var v quants -> if den = Z.one then find_quantified_var_interval v quants else raise Found_TOP | E_var (v,_) -> if not (is_aligned offset den man flow) then raise Found_TOP; let r = if den = Z.one then offset else div offset (mk_z den range) range in r, r | E_unop (O_minus, e) -> let l, u = doit e den in { offset with ekind = E_unop (O_minus, u)}, { offset with ekind = E_unop (O_minus, l)} | E_binop (O_plus, e1, e2) -> let l1, u1 = doit e1 den in let l2, u2 = doit e2 den in { offset with ekind = E_binop (O_plus, l1, l2)}, { offset with ekind = E_binop (O_plus, u1, u2)} | E_binop (O_minus, e1, e2) -> let l1, u1 = doit e1 den in let l2, u2 = doit e2 den in { offset with ekind = E_binop (O_minus, l1, u2)}, { offset with ekind = E_binop (O_minus, u1, l2)} | E_binop (O_mult, e1, e2) -> let e1, c, e2 = match e1, e2 with | { ekind = E_constant (C_int c) }, _ -> e1, c, e2 | _, { ekind = E_constant (C_int c) } -> e2, c, e1 | _ -> raise Found_TOP in let gcd = Z.gcd c den in let c, den = Z.div c gcd, Z.div den gcd in let l, u = doit e2 den in if c = Z.one then l, u else if c >= Z.zero then { offset with ekind = E_binop (O_mult, l, { e1 with ekind = E_constant (C_int c) })}, { offset with ekind = E_binop (O_mult, u, { e1 with ekind = E_constant (C_int c) })} else { offset with ekind = E_binop (O_mult, u, { e1 with ekind = E_constant (C_int c) })}, { offset with ekind = E_binop (O_mult, l, { e1 with ekind = E_constant (C_int c) })} | E_binop (O_div, e, ({ ekind = E_constant (C_int c) })) -> doit e (Z.mul den c) | E_c_cast(e, xplct) -> let l, u = doit e den in { offset with ekind = E_c_cast (l, xplct)}, { offset with ekind = E_c_cast (u, xplct)} | _ -> (* panic_at offset.erange "can not compute symbolic bounds of non-linear expression %a / %a" pp_expr offset Z.pp_print den *) raise Found_TOP in retop (doit offset) den (* let bound_div offset den man flow = Format.printf "bound_div %a / %a@." pp_expr offset Z.pp_print den; let l,u = bound_div offset den man flow in Format.printf " [%a,@. %a]@." pp_expr l pp_expr u; l, u *)