AST: restore available expressions

Author: sipma

chb/app/CHVersion.py

@@ -1 +1 @@
-chbversion: str = "0.3.0-20241003"
+chbversion: str = "0.3.0-20241005"

chb/arm/ARMCallOpcode.py

@@ -219,9 +219,18 @@ def ast_call_prov(
             else:
                 rtype = ctinfo.target_interface.signature.returntype
             asttype = rtype.convert(astree.typconverter)
-            if not (rtype.is_void or defuses[0] is None):
-                hl_lhs = XU.xvariable_to_ast_lval(
-                    lhs, xdata, iaddr, astree, ctype=asttype)
+
+            # Create a lhs even if it is not used, because the ssa value
+            # introduced may be used in the available expressions.
+            hl_lhs = XU.xvariable_to_ast_lval(
+                lhs, xdata, iaddr, astree, ctype=asttype)
+
+            if rtype.is_void or defuses[0] is None:
+                chklogger.logger.info(
+                    "Unused: introduced ssa-variable: %s for return value of %s "
+                    + "at address %s",
+                    str(hl_lhs), str(hl_tgt), iaddr)
+                hl_lhs = None
 
         # argument data
 

chb/ast/AbstractSyntaxTree.py

@@ -852,14 +852,17 @@ def mk_named_lval(
             vdescr: Optional[str] = None,
             offset: AST.ASTOffset = nooffset,
             optlvalid: Optional[int] = None,
-            storage: Optional[ASTStorage] = None) -> AST.ASTLval:
+            storage: Optional[ASTStorage] = None,
+            anonymous: bool = False) -> AST.ASTLval:
         var = self.mk_named_variable(
             vname,
             vtype=vtype,
             parameter=parameter,
             globaladdress=globaladdress,
             llref=llref,
             vdescr=vdescr)
+        if optlvalid is None and anonymous:
+            optlvalid = -1
         return self.mk_lval(
             var,
             offset,
@@ -959,7 +962,10 @@ def mk_named_lval_expression(
             offset: AST.ASTOffset = nooffset,
             optlvalid: Optional[int] = None,
             optexprid: Optional[int] = None,
-            storage: Optional[ASTStorage] = None) -> AST.ASTLvalExpr:
+            storage: Optional[ASTStorage] = None,
+            anonymous: bool = False) -> AST.ASTLvalExpr:
+        if optlvalid is None and anonymous:
+            optlvalid = -1
         lval = self.mk_named_lval(
             vname,
             vtype=vtype,

chb/astinterface/ASTInterface.py

@@ -582,13 +582,15 @@ def mk_global_variable_expr(
             vtype: Optional[AST.ASTTyp] = None,
             offset: AST.ASTOffset = nooffset,
             globaladdress: int = 0,
-            llref: bool = False) -> AST.ASTExpr:
+            llref: bool = False,
+            anonymous: bool = False) -> AST.ASTExpr:
         return self.astree.mk_named_lval_expression(
             name,
             offset=offset,
             vtype=vtype,
             globaladdress=globaladdress,
-            llref=llref)
+            llref=llref,
+            anonymous=anonymous)
 
     # ------------------------------------------------------ make statements ---
 

chb/astinterface/ASTInterfaceFunction.py

@@ -244,9 +244,6 @@ def complete_instruction_connections(self) -> None:
                         self.astinterface.add_instr_mapping(hl_instr, ll_instr)
 
     def set_invariants(self) -> None:
-        pass
-
-    '''
         invariants = self.function.invariants
         aexprs: Dict[str, Dict[str, Tuple[int, int, str]]] = {}
         for loc in sorted(invariants):
@@ -263,47 +260,72 @@ def set_invariants(self) -> None:
                         # Exclude auxiliary analysis variables
                         continue
 
-                    var = XU.xvariable_to_ast_lvals(
+                    if fact.variable.is_constant_value_variable:
+                        # Exclude invariants that equate symbolic constants
+                        # with constant values
+                        continue
+
+                    var = XU.xvariable_to_ast_lval(
                         fact.variable,
                         instr.xdata,
+                        instr.iaddr,
                         self.astinterface,
-                        anonymous=True)[0]
+                        anonymous=True)
+
                     varindex = var.index(self.astinterface.serializer)
                     value = fact.value
                     if value.is_singleton_value:
                         aexpr: ASTExpr = self.astinterface.mk_integer_constant(
                             value.singleton_value)
                         aexprindex = aexpr.index(self.astinterface.serializer)
+
                     elif value.is_symbolic_expression:
-                        aexpr = XU.xxpr_to_ast_exprs(
+                        aexpr = XU.xxpr_to_ast_def_expr(
                             fact.value.expr,
                             instr.xdata,
                             instr.iaddr,
                             self.astinterface,
-                            anonymous=True)[0]
+                            anonymous=True)
                         aexprindex = aexpr.index(self.astinterface.serializer)
                     else:
                         continue
                     aexprs.setdefault(loc, {})
                     aexprs[loc][str(var)] = (varindex, aexprindex, str(aexpr))
+
                 if fact.is_initial_var_equality:
                     fact = cast("InitialVarEqualityFact", fact)
-                    var = XU.xvariable_to_ast_lvals(
+
+                    if fact.variable.is_constant_value_variable:
+                        continue
+
+                    if fact.variable.is_global_variable:
+                        continue
+
+                    # Filter out initial-value equalities on return values
+                    if "rtn_" in str(fact.variable):
+                        continue
+
+                    var = XU.xvariable_to_ast_lval(
                         fact.variable,
                         instr.xdata,
+                        instr.iaddr,
                         self.astinterface,
-                        anonymous=True)[0]
+                        anonymous=True)
+
                     varindex = var.index(self.astinterface.serializer)
-                    aelval = XU.xvariable_to_ast_lvals(
+                    aexpr = XU.xvariable_to_ast_def_lval_expression(
                         fact.initial_value,
                         instr.xdata,
-                        self.astinterface)[0]
-                    aexpr = self.astinterface.mk_lval_expr(aelval)
+                        instr.iaddr,
+                        self.astinterface)
+
                     aexprindex = aexpr.index(self.astinterface.serializer)
                     aexprs.setdefault(loc, {})
                     aexprs[loc][str(var)] = (varindex, aexprindex, str(aexpr))
+
+        num_aexprs = sum(len(aexprs[a]) for a in aexprs)
+        chklogger.logger.info("Set %d available expressions", num_aexprs)
         self.astinterface.set_available_expressions(aexprs)
-    '''
 
     def set_return_sequences(self) -> None:
         """Currently only supports Thumb-2 stack-adjustment, pop return sequence."""

chb/cmdline/astcmds.py

@@ -142,6 +142,7 @@ def buildast(args: argparse.Namespace) -> NoReturn:
     functions: List[str] = args.functions
     hints: List[str] = args.hints  # names of json files
     xpatchresultsfile = args.patch_results_file
+    hide_globals: bool = args.hide_globals
     remove_edges: List[str] = args.remove_edges
     add_edges: List[str] = args.add_edges
     verbose: bool = args.verbose
@@ -354,7 +355,7 @@ def buildast(args: argparse.Namespace) -> NoReturn:
                 print("// --------------------------------------------------")
                 prettyprinter = ASTCPrettyPrinter(
                     localsymboltable, annotations=astinterface.annotations)
-                print(prettyprinter.to_c(asts[0], include_globals=True))
+                print(prettyprinter.to_c(asts[0], include_globals=(not hide_globals)))
                 functions_lifted += 1
 
             else:

chb/cmdline/chkx

@@ -670,6 +670,10 @@ def parse() -> argparse.Namespace:
     buildast.add_argument(
         "--patch_results_file",
         help="name of patch results file (required if there are trampolines)")
+    buildast.add_argument(
+        "--hide_globals",
+        help="do not include global declarations and definitions in printed output",
+        action="store_true")
     buildast.add_argument(
         "--remove_edges",
         nargs="*",