CHB: incorporate more type info in constructing memory offsets

Author: sipma

CodeHawk/CHB/bchlib/bCHFloc.ml

@@ -1499,7 +1499,7 @@ object (self)
        | XConst (IntConst n)
             when n#equal (mkNumerical 0xffffffff) && is_int t ->
           Ok (int_constant_expr (-1))
-       | _ -> self#convert_xpr_offsets ~size x
+       | _ -> self#convert_xpr_offsets ~xtype ~size x
 
   method convert_addr_to_c_pointed_to_expr
            ?(size=None) ?(xtype=None) (a: xpr_t): xpr_t traceresult =
@@ -1656,12 +1656,13 @@ object (self)
 
 
   method convert_variable_offsets
-           ?(size=None) (v: variable_t): variable_t traceresult =
+           ?(vtype=None) ?(size=None) (v: variable_t): variable_t traceresult =
     if self#env#is_basevar_memory_variable v then
       let basevar_r = self#env#get_memvar_basevar v in
       let offset_r = self#env#get_memvar_offset v in
       let cbasevar_r = TR.tbind self#convert_value_offsets basevar_r in
       let basetype_r = TR.tbind self#get_variable_type cbasevar_r in
+      let optvtype = match vtype with Some t -> t | _ -> t_unknown in
       let tgttype_r =
         TR.tbind
           ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
@@ -1682,8 +1683,18 @@ object (self)
                  ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
                  (fun tgttype ->
                    address_memory_offset
-                     ~tgtsize:size tgttype (num_constant_expr n)) tgttype_r
+                     ~tgtbtype:optvtype ~tgtsize:size tgttype (num_constant_expr n))
+                 tgttype_r
             | _ -> Ok offset) offset_r in
+      let _ =
+        log_diagnostics_result
+          ~msg:(p2s self#l#toPretty)
+          ~tag:"convert-variable-offsets"
+          __FILE__ __LINE__
+          ["tgttype: " ^ (TR.tfold_default btype_to_string "?" tgttype_r);
+           "tgtbtype: " ^ (btype_to_string optvtype);
+           "offset : " ^ (TR.tfold_default memory_offset_to_string "?" offset_r);
+           "coffset: " ^ (TR.tfold_default memory_offset_to_string "?" coffset_r)] in
       TR.tbind
         ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__) ^ ": " ^ (p2s v#toPretty))
         (fun cbasevar ->
@@ -1776,7 +1787,8 @@ object (self)
           ["v: " ^ (p2s v#toPretty)] in
       Ok v
 
-  method convert_xpr_offsets ?(size=None) (x: xpr_t): xpr_t traceresult =
+  method convert_xpr_offsets
+           ?(xtype=None) ?(size=None) (x: xpr_t): xpr_t traceresult =
     let rec aux exp =
       match exp with
       | XVar v when self#env#is_basevar_memory_value v ->
@@ -1789,10 +1801,16 @@ object (self)
            ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
            (fun v -> XVar v) (self#convert_variable_offsets ~size v)
       | XOp ((Xf "addressofvar"), [XVar v]) ->
+         let derefty =
+           match xtype with
+           | None -> None
+           | Some (TPtr (ty, _)) -> Some ty
+           | _ -> None in
          let newx_r =
            TR.tmap
              ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
-             (fun v -> XVar v) (self#convert_variable_offsets ~size v) in
+             (fun v ->
+               XVar v) (self#convert_variable_offsets ~vtype:derefty ~size v) in
          TR.tmap
            (fun newx ->
              match newx with

CodeHawk/CHB/bchlib/bCHFunctionInfo.ml

@@ -1718,6 +1718,11 @@ object (self)
   method add_reaching_def
            (iaddr: string) (v: variable_t) (deflocs: symbol_t list) =
     begin
+      let deflocs =
+        if fndata#has_function_annotation then
+          fndata#filter_deflocs iaddr v deflocs
+        else
+          deflocs in
       self#fvarinv#add_reaching_def iaddr v deflocs;
       List.iter (fun s ->
           if (List.length s#getAttributes) = 0 then

CodeHawk/CHB/bchlib/bCHGlobalMemoryMap.ml

@@ -198,6 +198,18 @@ object (self)
                    ~(tgtbtype: btype_t option)
                    (c: bcompinfo_t)
                    (xoffset: xpr_t): memory_offset_t traceresult =
+    let _ =
+      log_diagnostics_result
+        ~tag:"global:get-field-memory-offset-at"
+        __FILE__ __LINE__
+        ["tgtsize: "
+         ^ (if Option.is_some tgtsize then
+              string_of_int (Option.get tgtsize) else "?");
+         "tgtbtype: "
+         ^ (if Option.is_some tgtbtype then
+              btype_to_string (Option.get tgtbtype) else "?");
+         "compinfo: " ^ c.bcname;
+         "xoffset: " ^ (x2s xoffset)] in
     let is_void_tgtbtype =
       match tgtbtype with
       | Some (TVoid _) -> true
@@ -368,6 +380,20 @@ object (self)
                    ~(tgtbtype: btype_t option)
                    (btype: btype_t)
                    (xoffset: xpr_t): memory_offset_t traceresult =
+    let _ =
+      log_diagnostics_result
+        ~tag:"global:arrayvar-memory-offset"
+        __FILE__ __LINE__
+        ["tgtsize: " ^ (if (Option.is_some tgtsize) then
+                          string_of_int (Option.get tgtsize)
+                        else
+                          "?");
+         "tgtbtype: " ^ (if (Option.is_some tgtbtype) then
+                           btype_to_string (Option.get tgtbtype)
+                         else
+                           "?");
+         "btype: " ^ (btype_to_string btype);
+         "xoffset: " ^ (x2s xoffset)] in
     let iszero x =
       match x with
       | XConst (IntConst n) -> n#equal CHNumerical.numerical_zero

CodeHawk/CHB/bchlib/bCHLibTypes.mli

@@ -1518,11 +1518,18 @@ type typing_rule_t = {
     tra_locations: string list
   }
 
+type reachingdef_spec_t = {
+    rds_variable: string;
+    rds_uselocs: string list;
+    rds_rdeflocs: string list
+  }
+
 
 type function_annotation_t = {
     regvarintros: regvar_intro_t list;
     stackvarintros: stackvar_intro_t list;
-    typingrules: typing_rule_t list
+    typingrules: typing_rule_t list;
+    reachingdefspecs: reachingdef_spec_t list
   }
 
 class type function_data_int =
@@ -1575,6 +1582,7 @@ class type function_data_int =
     method has_regvar_type_cast: doubleword_int -> bool
     method has_stackvar_type_annotation: int -> bool
     method has_stackvar_type_cast: int -> bool
+    method filter_deflocs: string -> variable_t -> symbol_t list -> symbol_t list
     method is_typing_rule_enabled: ?rdef:string option -> string -> string -> bool
     method has_class_info: bool
     method has_callsites: bool
@@ -6102,9 +6110,13 @@ class type floc_int =
              ?size:int option -> variable_t -> variable_t traceresult
 
     method convert_variable_offsets:
-             ?size:int option -> variable_t -> variable_t traceresult
+             ?vtype:btype_t option
+             -> ?size:int option
+             -> variable_t
+             -> variable_t traceresult
 
-    method convert_xpr_offsets: ?size:int option -> xpr_t -> xpr_t traceresult
+    method convert_xpr_offsets:
+             ?xtype:btype_t option -> ?size:int option -> xpr_t -> xpr_t traceresult
 
     (* returns the variable associated with the address expression *)
     method get_lhs_from_address: xpr_t -> variable_t

CodeHawk/CHB/bchlib/bCHMemoryReference.ml

@@ -256,7 +256,23 @@ and structvar_memory_offset
 ~(tgtbtype: btype_t option)
 (btype: btype_t)
 (xoffset: xpr_t): memory_offset_t traceresult =
+  let _ =
+    log_diagnostics_result
+      ~tag:"structvar-memory-offset"
+      __FILE__ __LINE__
+      ["tgtsize: "
+       ^ (if Option.is_some tgtsize then (string_of_int (Option.get tgtsize)) else "?");
+       "tgtbtype: "
+       ^ (if Option.is_some tgtbtype then (btype_to_string (Option.get tgtbtype))
+          else "?");
+       "btype: " ^ (btype_to_string btype);
+       "xoffset: " ^ (x2s xoffset)] in
   match xoffset with
+  | XConst (IntConst n)
+       when n#equal numerical_zero
+            && (Option.is_some tgtbtype)
+            && (btype_equal (Option.get tgtbtype) btype) ->
+     Ok NoOffset
   | XConst (IntConst _) ->
      if is_struct_type btype then
        let compinfo = get_struct_type_compinfo btype in

CodeHawk/CHB/bchlib/bCHSystemSettings.ml

@@ -59,6 +59,7 @@ let _ =
       ("ADD-c", "enable");
       ("AND-rdef", "enable");      
       ("ASR-rdef", "enable");
+      ("BXLR-rdef", "enable");
       ("CMP-rdef", "enable");
       ("LSL_rdef", "enable");
       ("LSR_rdef", "enable");
@@ -111,6 +112,7 @@ let _ =
       ("BL-sig-regarg", "enable");
       ("BL-sig-stackarg", "enable");
       ("BL-sig-rv", "enable");
+      ("BXLR-sig-rv", "enable");
       ("LDR-array", "enable");
       ("LDR-memop-tc", "enable");
       ("LDR-stack-addr", "enable");

CodeHawk/CHB/bchlib/bCHVersion.ml

@@ -95,8 +95,8 @@ end
 
 
 let version = new version_info_t 
-  ~version:"0.6.0_20250805"
-  ~date:"2025-08-05"
+  ~version:"0.6.0_20250810"
+  ~date:"2025-08-10"
   ~licensee: None
   ~maxfilesize: None
   ()

CodeHawk/CHB/bchlibarm32/bCHARMInstructionAggregate.ml

@@ -50,6 +50,8 @@ open BCHThumbITSequence
 
 module TR = CHTraceResult
 
+let p2s = CHPrettyUtil.pretty_to_string
+
 
 let arm_aggregate_kind_to_string (k: arm_aggregate_kind_t) =
   match k with
@@ -180,7 +182,11 @@ let make_arm_instruction_aggregate
   let agg =
     new arm_instruction_aggregate_t ~kind ~instrs ~entry ~exitinstr ~anchor in
   begin
-    chlog#add "aggregate instruction" agg#toPretty;
+    log_diagnostics_result
+      ~msg:(anchor#get_address#to_hex_string)
+      ~tag:"aggregate instruction"
+      __FILE__ __LINE__
+      [(p2s agg#toPretty)];
     agg
   end