Skip to content

Commit b621f7d

Browse files
sipmasipma
committed
CHB:ARM: add typing rule for BX LR
1 parent 9292a28 commit b621f7d

File tree

1 file changed

+61
-2
lines changed

1 file changed

+61
-2
lines changed

CodeHawk/CHB/bchlibarm32/bCHFnARMTypeConstraints.ml

Lines changed: 61 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -280,6 +280,16 @@ object (self)
280280
linenumber
281281
[(p2s floc#l#toPretty) ^ ": " ^ (type_constraint_to_string tc)] in
282282

283+
let operand_is_stackpointer (op: arm_operand_int): bool =
284+
TR.tfold_default
285+
(fun v ->
286+
match v with
287+
| XVar v when finfo#env#is_initial_stackpointer_value v -> true
288+
| XOp (XMinus, [XVar v; _]) -> finfo#env#is_initial_stackpointer_value v
289+
| _ -> false)
290+
false
291+
(TR.tmap rewrite_expr (op#to_expr floc)) in
292+
283293
let operand_is_zero (op: arm_operand_int): bool =
284294
(* Returns true if the value of the operand is known to be zero at
285295
this location. This result is primarily intended to avoid spurious
@@ -508,10 +518,9 @@ object (self)
508518
end
509519

510520
| BitwiseNot(_, _, rd, rm, _) when rm#is_immediate ->
511-
let rmval = rm#to_numerical#toInt in
512521
let rdreg = rd#to_register in
513522
let lhstypevar = mk_reglhs_typevar rdreg faddr iaddr in
514-
let tyc = get_intvalue_type_constant rmval in
523+
let tyc = mk_int_type_constant Signed 32 in
515524
begin
516525
(regvar_type_introduction "MVN" rd);
517526
(regvar_linked_to_exit "MVN" rd);
@@ -583,6 +592,53 @@ object (self)
583592
(* no type information gained *)
584593
()
585594

595+
| BranchExchange (ACCAlways, op)
596+
when op#is_register && op#get_register = ARLR ->
597+
let returntype = finfo#get_summary#get_returntype in
598+
(match returntype with
599+
| TVoid _ -> ()
600+
| _ ->
601+
let reg = register_of_arm_register AR0 in
602+
let typevar = mk_reglhs_typevar reg faddr iaddr in
603+
begin
604+
(* use function return type *)
605+
(let opttc = mk_btype_constraint typevar returntype in
606+
let rule = "BXLR-sig-rv" in
607+
match opttc with
608+
| Some tc ->
609+
if fndata#is_typing_rule_enabled iaddr rule then
610+
begin
611+
log_type_constraint __LINE__ rule tc;
612+
store#add_constraint faddr iaddr rule tc
613+
end
614+
else
615+
log_type_constraint_rule_disabled __LINE__ rule tc
616+
| _ ->
617+
begin
618+
log_no_type_constraint __LINE__ rule returntype;
619+
()
620+
end);
621+
622+
(* propagate via reaching defs *)
623+
(let r0var = floc#env#mk_arm_register_variable AR0 in
624+
let r0defs = get_variable_rdefs r0var in
625+
let rule = "BXLR-rdef" in
626+
List.iter (fun r0def ->
627+
let r0addr = r0def#getBaseName in
628+
let r0typevar = mk_reglhs_typevar reg faddr r0addr in
629+
let r0typeterm = mk_vty_term r0typevar in
630+
let lhstypeterm = mk_vty_term typevar in
631+
if fndata#is_typing_rule_enabled ~rdef:(Some r0addr) iaddr rule then
632+
begin
633+
log_subtype_constraint __LINE__ rule r0typeterm lhstypeterm;
634+
store#add_subtype_constraint
635+
faddr iaddr rule r0typeterm lhstypeterm
636+
end
637+
else
638+
log_subtype_rule_disabled __LINE__ rule r0typeterm lhstypeterm
639+
) r0defs)
640+
end)
641+
586642
| BranchLink _ | BranchLinkExchange _
587643
when floc#has_call_target && floc#get_call_target#is_signature_valid ->
588644
let log_error (msg: string) =
@@ -1598,6 +1654,9 @@ object (self)
15981654
else if rd#is_sp_register && rn#is_sp_register then
15991655
(* no type information to be gained from stackpointer manipulations *)
16001656
()
1657+
else if operand_is_stackpointer rn then
1658+
(* idem for pointers to the stack in other registers *)
1659+
()
16011660
else
16021661
let rule = "SUB-rdef" in
16031662
List.iter (fun rnsym ->

0 commit comments

Comments
 (0)