lisa-analyzer / go-lisa Goto Github PK
View Code? Open in Web Editor NEWGolang frontend for LiSA
License: MIT License
Golang frontend for LiSA
License: MIT License
On branch master (commit 5bec887), in InterproceduralTest
, the interproc5 test is failing due to a problem on the toString
method of GoKeyedLiteral
.
A type assertion in Go provides access to an interface value's underlying concrete value. Consider the example taken from the Go Tour
t := i.(T)
This statement asserts that the interface value i
holds the concrete type T
and assigns the underlying T
value to the variable t
. If i
does not hold a T
, the statement will trigger a panic.
Go allows defining labeled statements, that are not currently supported by the Go front-end.
Currently, GoLiSA does not support anonymous functions (https://golang.org/ref/spec#Function_literals). We should be able to both support its parsing and its semantics.
Currently, GoLiSA does not support/parse the Go channel statement (https://tour.golang.org/concurrency/2)
In commit 432526b, support for the anonymous functions has been added. Nevertheless, a bug concerning the scoped variables, when the anonymous function is invoked, is still present.
Let's consider the following function
func main() {
a := 2
b := func(f int) int {
return a * f
}(5)
}
The current scoping rules hide the variable a
to the anonymous function, while it should be visible to it. Currently, when the anonymous function is invoked, any variable visible before the invocation is hidden to it.
At 82cad83, tests testCpuUse
and testCpuUseNI
are ignored and do not pass due to missing support for global variable with initialization. For example, in go-lisa/go-testcases/cc/cpu-use.go
:
package main
import (
"bytes"
"encoding/json"
"fmt"
"time"
"github.com/hyperledger/fabric-chaincode-go/shim"
pb "github.com/hyperledger/fabric-protos-go/peer"
)
//SimpleChaincode is the artifact of teh chaincode
type SimpleChaincode struct {
}
var nameSpace string = "org.cpu-use.Usage" // global variable with initializaiton
...
Go has built-in support for multiple return values, for example
func f(a, b int)(int, int, int ){
return a + b, a - q, a * q
}
x, y, z := f(1,2)
GoLiSA should provide multiple return values and types, for example adding GoTupleType
, GoTupleExpression
, and GoTupleValues
classes.
Currently, the type switch statement is not supported (https://tour.golang.org/methods/16). We could easily handle it treating it similarly to the standard type switch.
Go bitwise operations (AND, OR, XOR,...) are currently parsed by the frontend but their semantics is not implemented yet.
GoFrontEnd.java needs some refactoring activities. The idea of frontend is to handle at high level other components such as lexer, parser and so on. However, the logic of "visit" methods (that build CFGs) is all within this class. I suggest to create ad-hoc class to manage the visit and CFG construction phase, as already happens in IMPFrontEnd.java of LiSa where the IMP methods are visited by IMPCodeMemberVisitor.java. This allows to separate the logic of the components, uniforming the frontend structures.
Looking at the "visit" methods of GoFrontEnd, the reasoning seems to follow the same reasoning of IMPCodeMemberVisitor (except for small language differences), that is starting from the method/function declaration (a new currentCFG is assigned only in these cases) to create new CFGs by visiting the various components more and more in depth such as blocks, statements, expressions, etc.
Currently, GoLiSA does not support the select
statement (https://golang.org/ref/spec#Select_statements). We should be able at least to support its parsing.
On commit 5bec887, if a Go function or method body has been parsed and does not contain any exit point (i.e., does not contain any return statement), an instrumented return is added at the end of the corresponding control-flow graph. While the generated control-flow graph is correct, the set of the visible identifiers at the instrumented return statement is always empty.
Let's consider the following function and let's suppose to analyze it with Interval
and MonolithicHeap
.
func main() {
x := 1
}
The resulting dot file corresponding to the analysis results is
The analysis concerning the return node should be the same as the one for the x := 1
.
Currently, GoLiSA does not support/parse the goroutines statement (https://tour.golang.org/concurrency/1)
Go provides interfaces, that are named collections of methods signatures. Currently, they are not supported by GoLiSA: the Go frontend should correctly parse them and should be able to infer which types defined in the source code program implements each declared interface (i.e., inferring the superunits of each declared type).
Currently, GoLiSA does not support the for range iteration statement, e.g., for i, num := range nums {...}
. We should create an ad-hoc cfg node for it in order to support it.
Top and bottom elements do not correctly work in RelTarsis
. In particular, an element of RelTarsis
is top (bottom) when tarsis
and rsubs
are top (bottom). Instead, currently top and bottom elements of RelTarsis
are treated as static elements. We should redefine top and bottom elements, together with the isTop
and isBottom
methods.
On branch master (commit 5bec887), the black identifier is treated as any other normal variable, and in turn, is also assigned. For instance, let's consider the following fragment and let's analyze it with the Interval
and FieldSensitivePointBasedHeap
abstract domains.
package main
func f() (int,int) {
return 1,2
}
func main() {
x, _ := f()
}
The analysis result for the main
function is
where also the variable _
is assigned. This should not happen. Moreover, @olivieriluca I would ask you if you can check (and write some tests about that) if the black identifier wrongly follows the same scoping logic of the other variables you have implemented. In particular, I think the anonymous variable should be never scoped, that is:
func main() {
x, _ := f()
_, y := f()
}
should be a legal function.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.