Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SeaM implementation #473

Open
wants to merge 44 commits into
base: dev14
Choose a base branch
from
Open

SeaM implementation #473

wants to merge 44 commits into from

Conversation

danblitzhou
Copy link
Collaborator

Implementation for MSc thesis SeaM memory representation:

  • Theory of Memory: in lib/seahorn/BvOpSem2RawMemMgr.hh, add m_spObjName:="sea.obj" to represent pointer objects base in the form of sea.obj.N; during translation of allocation, use function mkBasedPtr(base, offset) to create object bases -- base:=m_spObjName, offset is the end address of StaticOpSemAllocator::salloc(Expr bytes, uint32_t align = 0);
  • handling of memcpy and memset: defined new intermediate Expr node types MEMSET_WORDS, MEMCPY_WORDS in include/seahorn/Expr/ExprOpMem.hh
  • ARM: defined in include/seahorn/Expr/ExprAddrRangeMap.hh and lib/seahorn/Smt/ExprAddrRangeMap.cc; unit tests in units/units_arm.cpp
  • StoreMap: defined new Expr node type STORE_MAP and accompanying operations in include/seahorn/Expr/ExprOpArray.hh; added cons list like node type CONS in include/seahorn/Expr/ExprOpMisc.hh; unit tests in units/units_store_map.cpp
  • rewriter: include/seahorn/Expr/ExprRewriter.hh and lib/seahorn/Smt/ExprRewriter.cc; rewrite rules defined in include/seahorn/Expr/ExprRewriteRule.hh
    replaces draft PR Hybrid memory representation #400

@danblitzhou
feat(mem-repr): created new array/ite hybrid mem repr
ef0f32e 
(to sqaush): use rewriter to apply pattern recursively

feat(ExprVisitor): set selected kids to visit instead of always visit all

(tsquash): use more restrained vistor to only visit first arg of store

(tsquash): rename, cleanup

use simple custom rewriter for array store; revert m_selectedKids
@danblitzhou
test(mem-repr): add hybrid repr tests to opsem
5e039b9
@danblitzhou
feat(mem-repr): use iterative pattern for array-store rewritter
da19fd9
@danblitzhou
feat(mem-repr): add simple ite simplifier together with z3 simp
9dfd33a
@danblitzhou
feat(mem-repr): properly implement cross load caching
1d1effe
@danblitzhou
feat(mem-repr): iterative rewriter for ITE expr
30ea2fd 
in house version is gud

feat(mem-repr): iterative rewriter for ITE expr
@danblitzhou
feat(mem-repr): refactored generic rewriter with multi-lvl revisit
34e51dc 
(intrim): cached visit; stateless rules

(intrim): OOP design
@danblitzhou
feat(mem-repr): revamp into z3-like rewriter algo with result stack
7a330f1
@danblitzhou
feat(mem-repr): remove z3 ctx from base rule; smaller optmztns
8caf473
@danblitzhou
feat(mem-repr): use native impl for simple arith compare
aa0ceeb
@danblitzhou
feat(mem-repr): add boolOp rule with double neg simplification
49505ea
@danblitzhou
feat(mem-repr): add ITE rule for if condition is true or false
29e3eec
@danblitzhou
feat(mem-repr): add array rules for select-over-store
21294ea
@danblitzhou
feat(mem-repr): add bvadd commutative rule
59114d3
@danblitzhou
feat(mem-repr): iterative push select; generalized bvadd
6f5a0df 
(to-squash): handle ites as well

feat(to-squash): bvadd rules finalized
@danblitzhou
feat(mem-repr): remove unused helper
77b59d4
@danblitzhou
feat(mem-repr): cover else branch during pushdown
c533811
@danblitzhou
feat(mem-repr): more rules for negation
409fa26
@danblitzhou
feat(mem-repr): fix *changed* iteration
6b3d702
@danblitzhou
feat(mem-repr): rewrite new comps when push sel
7e8b7fb
@danblitzhou
feat(mem-repr): skip out of range stores
73d31a2 
draft(nmr): present stack ptr expr with based obj type

draft(nmr): low precision but sound addr filtering

draft(hybrid): push down bvadd; better addrs range

draft(hybrid): AddrRange data struc to keep track of isTop
@danblitzhou
feat(mem-repr): AddrRangeMap for over-approx ptr access range
f9528af
@danblitzhou
feat(mem-repr): handle pointer alignment
2024598
@danblitzhou
feat(mem-repr): use zero bits semantics
7f55d2c
@danblitzhou
feat(mem-repr): rw value read from written mem
c674133
@danblitzhou
feat(mem-repr): cache during ARM building
ea48775
@danblitzhou
feat(memrepr): memset memcpy
d81ddcf
@danblitzhou
fix(memRepr): do not rely on ARM for memset/cpy
42a237b
@danblitzhou
feat(memRepr): memwords op Expr
c2f75e8
@danblitzhou
feat(memRepr): caching during RW; skip simp
8c18b63
@danblitzhou danblitzhou mentioned this pull request Nov 29, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@agurfinkel agurfinkel Awaiting requested review from agurfinkel

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@danblitzhou