Struct cwe_checker_lib::analysis::pointer_inference::object::AbstractObject

source · 
pub struct AbstractObject { /* private fields */ }
Expand description

An abstract object contains all knowledge tracked about a particular memory object.

In some cases one abstract object can represent more than one actual memory object. This happens for e.g. several memory objects allocated into an array, since we cannot represent every object separately without knowing the exact number of objects (which may be runtime dependent).

To allow cheap cloning of abstract objects, the actual data is wrapped in an Arc.

Examples of memory objects:

  • The stack frame of a function
  • A memory object allocated on the heap

Implementations§

source§

impl AbstractObject

source

pub fn get_referenced_ids_overapproximation( &self ) -> &BTreeSet<AbstractIdentifier>

Get all abstract IDs that the object may contain pointers to. This yields an overapproximation of possible pointer targets.

source

pub fn get_referenced_ids_underapproximation( &self ) -> BTreeSet<AbstractIdentifier>

Get all abstract IDs for which the object contains pointers to. This yields an underapproximation of pointer targets, since the object may contain pointers that could not be tracked by the analysis.

source

pub fn remove_ids(&mut self, ids_to_remove: &BTreeSet<AbstractIdentifier>)

Remove the provided IDs from the target lists of all pointers in the memory object. Also remove them from the pointer_targets list.

If this operation would produce an empty value, it replaces it with a Top value instead.

source

pub fn replace_ids( &mut self, replacement_map: &BTreeMap<AbstractIdentifier, Data> )

Replace all abstract IDs in self with the values given by the replacement map. IDs not contained as keys in the replacement map are replaced by Top values.

source§

impl AbstractObject

source

pub fn get_value(&self, offset: Bitvector, bytesize: ByteSize) -> Data

Read the value at the given offset of the given size inside the memory region.

source

pub fn set_value( &mut self, value: Data, offset: &ValueDomain ) -> Result<(), Error>

Write a value at the given offset to the memory region.

If the abstract object is not unique (i.e. may represent more than one actual object), merge the old value at the given offset with the new value.

source

pub fn merge_value(&mut self, value: Data, offset: &ValueDomain)

Merge value at position offset with the value currently saved at that position.

source

pub fn assume_arbitrary_writes( &mut self, additional_targets: &BTreeSet<AbstractIdentifier> )

Marks all memory as Top and adds the additional_targets to the pointer targets. Represents the effect of unknown write instructions to the object which may include writing pointers to targets from the additional_targets set to the object.

source§

impl AbstractObject

source

pub fn new( type_: Option<ObjectType>, address_bytesize: ByteSize ) -> AbstractObject

Create a new abstract object with given object type and address bytesize.

source

pub fn is_unique(&self) -> bool

Returns false if the abstract object may represent more than one object, e.g. for arrays of objects.

source

pub fn mark_as_not_unique(&mut self)

Mark the abstract object as possibly representing more than one actual memory object.

source

pub fn mark_as_unique(&mut self)

Mark the abstract object as unique, i.e. it represents exactly one memory object.

source

pub fn get_object_type(&self) -> Option<ObjectType>

Get the type of the memory object.

source

pub fn set_object_type(&mut self, object_type: Option<ObjectType>)

Set the type of the memory object.

source

pub fn overwrite_with( &mut self, other: &AbstractObject, offset_other: &ValueDomain )

Overwrite the values in self with those in other under the assumption that the zero offset in other corresponds to the offset offset_other in self.

If self is not a unique memory object or if offset_other is not a precisely known offset, then the function tries to merge self and other, since we do not exactly know which values of self were overwritten by other.

All values of self are marked as possibly overwritten, i.e. Top, but they are only deleted if they intersect a non-Top value of other. This approximates the fact that we currently do not track exactly which indices in other were overwritten with a Top element and which indices simply were not accessed at all in other.

source

pub fn add_offset_to_all_indices(&mut self, offset: &ValueDomain)

Add an offset to all values contained in the abstract object.

source

pub fn get_mem_region(&self) -> &MemRegion<Data>

Get the memory region abstract domain associated to the memory object.

source

pub fn overwrite_mem_region(&mut self, new_memory_region: MemRegion<Data>)

Overwrite the memory region abstract domain associated to the memory object. Note that this function does not update the list of known pointer targets accordingly!

source

pub fn add_ids_to_pointer_targets( &mut self, ids_to_add: BTreeSet<AbstractIdentifier> )

Add IDs to the list of pointer targets for the memory object.

source§

impl AbstractObject

source

pub fn to_json_compact(&self) -> Value

Get a more compact json-representation of the abstract object. Intended for pretty printing, not useable for serialization/deserialization.

Trait Implementations§

source§

impl AbstractDomain for AbstractObject

source§

fn merge(&self, other: &Self) -> Self

Merge two abstract objects

source§

fn is_top(&self) -> bool

The domain has no Top element, thus this function always returns false.

source§

fn merge_with(&mut self, other: &Self) -> &mut Self

Returns an upper bound (with respect to the partial order on the domain) for the two inputs self and other. Read more
source§

impl Clone for AbstractObject

source§

fn clone(&self) -> AbstractObject

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for AbstractObject

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<'de> Deserialize<'de> for AbstractObject

source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
source§

impl PartialEq for AbstractObject

source§

fn eq(&self, other: &AbstractObject) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl Serialize for AbstractObject

source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
source§

impl Eq for AbstractObject

source§

impl StructuralEq for AbstractObject

source§

impl StructuralPartialEq for AbstractObject

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,