symbolic_approx.h

// This file if part of the llir-opt project.
// Licensing information can be found in the LICENSE file.
// (C) 2018 Nandor Licker. All rights reserved.
 
#pragma once
 
#include <set>
 
#include "core/inst_visitor.h"
#include "passes/pre_eval/symbolic_value.h"
 
class SymbolicContext;
class SymbolicHeap;
class ReferenceGraph;
class DAGBlock;
class SymbolicFrame;
 
 
 
bool IsAllocation(Func &func);
 
class SymbolicApprox final {
public:
  SymbolicApprox(ReferenceGraph &refs, SymbolicHeap &heap, SymbolicContext &ctx)
    : refs_(refs)
    , heap_(heap)
    , ctx_(ctx)
  {
  }
 
  bool Approximate(CallSite &call);
 
  void Approximate(
      SymbolicFrame &frame,
      const std::set<DAGBlock *> &bypassed,
      const std::set<SymbolicContext *> &contexts
  );
 
private:
  bool ApproximateCall(CallSite &call);
 
  struct Approximation {
    bool Changed;
    bool Raises;
    SymbolicValue Taint;
    SymbolicValue Tainted;
  };
 
  Approximation ApproximateNodes(
      const std::set<CallSite *> &calls,
      const std::set<CallSite *> &allocs,
      SymbolicValue &refs,
      SymbolicContext &ctx
  );
 
  bool Raise(SymbolicContext &ctx, const SymbolicValue &taint);
 
  void Resolve(SymbolicFrame &frame, MovInst &mov, const SymbolicValue &taint);
 
  bool Malloc(CallSite &call, const std::optional<APInt> &size);
 
  bool Realloc(
      CallSite &call,
      const SymbolicValue &ptr,
      const std::optional<APInt> &size
  );
 
private:
  ReferenceGraph &refs_;
  SymbolicHeap &heap_;
  SymbolicContext &ctx_;
};