diff options
| author | Xavier Leroy <xavier.leroy@inria.fr> | 2015-07-19 09:29:45 +0200 |
|---|---|---|
| committer | Xavier Leroy <xavier.leroy@inria.fr> | 2015-07-19 09:29:45 +0200 |
| commit | 2932b531ceff2cd4573714aeaeb9b4e537d36af8 (patch) | |
| tree | ed42351e245c076b8cd360d0e753e8c61090e8e5 /backend/ValueAnalysis.v | |
| parent | 74d06cfedc4a57fbb0be8772431033120b553ab2 (diff) | |
| download | compcert-kvx-2932b531ceff2cd4573714aeaeb9b4e537d36af8.tar.gz compcert-kvx-2932b531ceff2cd4573714aeaeb9b4e537d36af8.zip | |
Value analysis: keep track of pointer values that leak through arithmetic operations with undefined behaviors.
Consider (x ^ 1) ^ 1 where x is a intptr_t containing a pointer value. "x ^ 1" evaluates to Vundef in the CompCert semantics, hence the value analysis, in strict mode, gives abstract result Ifptr Pbot (= any number but not a pointer). In relaxed mode, we now give abstract result Ifptr (poffset p) where p is the abstraction of the pointer, thus keeping track of the actual leak of the pointer value.
Diffstat (limited to 'backend/ValueAnalysis.v')
| -rw-r--r-- | backend/ValueAnalysis.v | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/backend/ValueAnalysis.v b/backend/ValueAnalysis.v index 28934ce9..c559aa25 100644 --- a/backend/ValueAnalysis.v +++ b/backend/ValueAnalysis.v @@ -79,11 +79,11 @@ Definition transfer_builtin (ae: aenv) (am: amem) (rm: romem) (ef: external_func VA.State (AE.set res a ae) am | Builtin_vstore chunk aaddr av => let am' := storev chunk am aaddr av in - VA.State (AE.set res itop ae) (mlub am am') + VA.State (AE.set res ntop ae) (mlub am am') | Builtin_memcpy sz al adst asrc => let p := loadbytes am rm (aptr_of_aval asrc) in let am' := storebytes am (aptr_of_aval adst) sz p in - VA.State (AE.set res itop ae) am' + VA.State (AE.set res ntop ae) am' | Builtin_annot_val av => VA.State (AE.set res av ae) am | Builtin_default => @@ -164,9 +164,9 @@ Definition store_init_data (ab: ablock) (p: Z) (id: init_data) : ablock := | Init_int32 n => ablock_store Mint32 ab p (I n) | Init_int64 n => ablock_store Mint64 ab p (L n) | Init_float32 n => ablock_store Mfloat32 ab p - (if propagate_float_constants tt then FS n else ftop) + (if propagate_float_constants tt then FS n else ntop) | Init_float64 n => ablock_store Mfloat64 ab p - (if propagate_float_constants tt then F n else ftop) + (if propagate_float_constants tt then F n else ntop) | Init_addrof symb ofs => ablock_store Mint32 ab p (Ptr (Gl symb ofs)) | Init_space n => ab end. |