Static Value-Flow Analysis
Loading...
Searching...
No Matches
CHGBuilder.cpp
Go to the documentation of this file.
1//===----- CHGBuilder.cpp -- Class hierarchy graph builder ---------------------------//
2//
3// SVF: Static Value-Flow Analysis
4//
5// Copyright (C) <2013-> <Yulei Sui>
6//
7
8// This program is free software: you can redistribute it and/or modify
9// it under the terms of the GNU Affero General Public License as published by
10// the Free Software Foundation, either version 3 of the License, or
11// (at your option) any later version.
12
13// This program is distributed in the hope that it will be useful,
14// but WITHOUT ANY WARRANTY; without even the implied warranty of
15// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16// GNU Affero General Public License for more details.
17
18// You should have received a copy of the GNU Affero General Public License
19// along with this program. If not, see <http://www.gnu.org/licenses/>.
20//
21//===----------------------------------------------------------------------===//
22
23/*
24 * CHGBuilder.cpp
25 *
26 * Created on: Jun 4, 2021
27 * Author: Yulei Sui
28 */
29
30#include <set>
31#include <vector>
32#include <map>
33#include <fstream>
34#include <iostream>
35#include <iomanip> // setw() for formatting cout
36#include <assert.h>
37#include <stack>
38
39#include "SVF-LLVM/CHGBuilder.h"
40#include "Util/Options.h"
41#include "SVF-LLVM/CppUtil.h"
42#include "SVFIR/ObjTypeInfo.h"
43#include "Util/SVFUtil.h"
44#include "SVF-LLVM/LLVMUtil.h"
45#include "Util/PTAStat.h"
46#include "SVF-LLVM/LLVMModule.h"
47#include "SVF-LLVM/ObjTypeInference.h"
48
49using namespace SVF;
50using namespace SVFUtil;
51using namespace cppUtil;
52using namespace LLVMUtil;
53using namespace std;
54
55const string pureVirtualFunName = "__cxa_pure_virtual";
56
57const string ztiLabel = "_ZTI";
58
63
64void CHGBuilder::buildCHG()
65{
66
67 double timeStart, timeEnd;
68 timeStart = PTAStat::getClk(true);
69 for (Module &M : llvmModuleSet()->getLLVMModules())
70 {
71 DBOUT(DGENERAL, outs() << SVFUtil::pasMsg("construct CHGraph From module "
72 + M.getName().str() + "...\n"));
73 readInheritanceMetadataFromModule(M);
74 for (Module::const_global_iterator I = M.global_begin(), E = M.global_end(); I != E; ++I)
75 buildCHGNodes(&(*I));
76 for (Module::const_iterator F = M.begin(), E = M.end(); F != E; ++F)
77 buildCHGNodes(&(*F));
78 for (Module::const_iterator F = M.begin(), E = M.end(); F != E; ++F)
79 buildCHGEdges(&(*F));
80
81 analyzeVTables(M);
82 }
83
84 DBOUT(DGENERAL, outs() << SVFUtil::pasMsg("build Internal Maps ...\n"));
85 buildInternalMaps();
86
87 timeEnd = PTAStat::getClk(true);
88 chg->buildingCHGTime = (timeEnd - timeStart) / TIMEINTERVAL;
89
90 if (Options::DumpCHA())
91 chg->dump("cha");
92}
93
94void CHGBuilder::buildCHGNodes(const GlobalValue *globalvalue)
95{
96 if (cppUtil::isValVtbl(globalvalue) && globalvalue->getNumOperands() > 0)
97 {
98 const ConstantStruct *vtblStruct = cppUtil::getVtblStruct(globalvalue);
99 string className = getClassNameFromVtblObj(globalvalue->getName().str());
100 if (!chg->getNode(className))
101 createNode(className);
102
103 for (unsigned int ei = 0; ei < vtblStruct->getNumOperands(); ++ei)
104 {
105 const ConstantArray *vtbl = SVFUtil::dyn_cast<ConstantArray>(vtblStruct->getOperand(ei));
106 assert(vtbl && "Element of initializer not an array?");
107 for (u32_t i = 0; i < vtbl->getNumOperands(); ++i)
108 {
109 if(const ConstantExpr *ce = isCastConstantExpr(vtbl->getOperand(i)))
110 {
111 const Value* bitcastValue = ce->getOperand(0);
112 if (const Function* func = SVFUtil::dyn_cast<Function>(bitcastValue))
113 {
114 struct DemangledName dname = demangle(func->getName().str());
115 if (!chg->getNode(dname.className))
116 createNode(dname.className);
117 }
118 }
119 }
120 }
121 }
122}
123
124void CHGBuilder::buildCHGNodes(const Function* F)
125{
126 if (isConstructor(F) || isDestructor(F))
127 {
128 struct DemangledName dname = demangle(F->getName().str());
129 DBOUT(DCHA, outs() << "\t build CHANode for class " + dname.className + "...\n");
130 if (!chg->getNode(dname.className))
131 createNode(dname.className);
132 }
133}
134
135void CHGBuilder::buildCHGEdges(const Function* F)
136{
137 if (isConstructor(F) || isDestructor(F))
138 {
139 for (Function::const_iterator B = F->begin(), E = F->end(); B != E; ++B)
140 {
141 for (BasicBlock::const_iterator I = B->begin(), E = B->end(); I != E; ++I)
142 {
143 if (LLVMUtil::isCallSite(&(*I)))
144 {
145 connectInheritEdgeViaCall(F, SVFUtil::cast<CallBase>(&(*I)));
146 }
147 else if (const StoreInst *store = SVFUtil::dyn_cast<StoreInst>(&(*I)))
148 {
149 connectInheritEdgeViaStore(F, store);
150 }
151 }
152 }
153 }
154}
155
156
163
164void CHGBuilder::connectInheritEdgeViaCall(const Function* caller, const CallBase* cs)
165{
166 if (getCallee(cs) == nullptr)
167 return;
168
169 const Function* callee = getCallee(cs);
170
171 struct DemangledName dname = demangle(caller->getName().str());
172 if ((isConstructor(caller) && isConstructor(callee)) || (isDestructor(caller) && isDestructor(callee)))
173 {
174 if (cs->arg_size() < 1 || (cs->arg_size() < 2 && cs->paramHasAttr(0, llvm::Attribute::StructRet)))
175 return;
176 if(caller->arg_size() == 0)
177 {
178 return;
179 }
180 const Value* csThisPtr = cppUtil::getVCallThisPtr(cs);
181 const Argument* consThisPtr = getConstructorThisPtr(caller);
182 bool samePtr = isSameThisPtrInConstructor(consThisPtr, csThisPtr);
183 if (csThisPtr != nullptr && samePtr)
184 {
185 struct DemangledName basename = demangle(callee->getName().str());
186 if (!LLVMUtil::isCallSite(csThisPtr) &&
187 basename.className.size() > 0)
188 {
189 chg->addEdge(dname.className, basename.className, CHEdge::INHERITANCE);
190 }
191 }
192 }
193}
194
195void CHGBuilder::connectInheritEdgeViaStore(const Function* caller, const StoreInst* storeInst)
196{
197 struct DemangledName dname = demangle(caller->getName().str());
198 if (const ConstantExpr *ce = SVFUtil::dyn_cast<ConstantExpr>(storeInst->getValueOperand()))
199 {
200 if (ce->getOpcode() == Instruction::BitCast)
201 {
202 const Value* bitcastval = ce->getOperand(0);
203 if (const ConstantExpr *bcce = SVFUtil::dyn_cast<ConstantExpr>(bitcastval))
204 {
205 if (bcce->getOpcode() == Instruction::GetElementPtr)
206 {
207 const Value* gepval = bcce->getOperand(0);
208 if (cppUtil::isValVtbl(gepval))
209 {
210 string vtblClassName = getClassNameFromVtblObj(gepval->getName().str());
211 if (vtblClassName.size() > 0 && dname.className.compare(vtblClassName) != 0)
212 {
213 chg->addEdge(dname.className, vtblClassName, CHEdge::INHERITANCE);
214 }
215 }
216 }
217 }
218 }
219 }
220}
221
222void CHGBuilder::readInheritanceMetadataFromModule(const Module &M)
223{
224 for (Module::const_named_metadata_iterator mdit = M.named_metadata_begin(),
225 mdeit = M.named_metadata_end(); mdit != mdeit; ++mdit)
226 {
227 const NamedMDNode *md = &*mdit;
228 string mdname = md->getName().str();
229 if (mdname.compare(0, 15, "__cxx_bases_of_") != 0)
230 continue;
231 string className = mdname.substr(15);
232 for (NamedMDNode::const_op_iterator opit = md->op_begin(),
233 opeit = md->op_end(); opit != opeit; ++opit)
234 {
235 const MDNode *N = *opit;
236 const MDString* mdstr = SVFUtil::cast<MDString>(N->getOperand(0).get());
237 string baseName = mdstr->getString().str();
238 chg->addEdge(className, baseName, CHEdge::INHERITANCE);
239 }
240 }
241}
242
243CHNode *CHGBuilder::createNode(const std::string& className)
244{
245 assert(!chg->getNode(className) && "this node should never be created before!");
246 CHNode * node = new CHNode(className, chg->classNum++);
247 chg->classNameToNodeMap[className] = node;
248 chg->addGNode(node->getId(), node);
249 if (className.size() > 0 && className[className.size() - 1] == '>')
250 {
251 string templateName = getBeforeBrackets(className);
252 CHNode* templateNode = chg->getNode(templateName);
253 if (!templateNode)
254 {
255 DBOUT(DCHA, outs() << "\t Create Template CHANode " + templateName + " for class " + className + "...\n");
256 templateNode = createNode(templateName);
257 templateNode->setTemplate();
258 }
259 chg->addEdge(className, templateName, CHEdge::INSTANTCE);
260 chg->addInstances(templateName,node);
261 }
262 return node;
263}
264
265/*
266 * build the following two maps:
267 * classNameToDescendantsMap
268 * chg->classNameToAncestorsMap
269 */
270void CHGBuilder::buildClassNameToAncestorsDescendantsMap()
271{
272
273 for (CHGraph::const_iterator it = chg->begin(), eit = chg->end();
274 it != eit; ++it)
275 {
276 const CHNode *node = it->second;
277 WorkList worklist;
278 CHNodeSetTy visitedNodes;
279 worklist.push(node);
280 while (!worklist.empty())
281 {
282 const CHNode *curnode = worklist.pop();
283 if (visitedNodes.find(curnode) == visitedNodes.end())
284 {
285 for (CHEdge::CHEdgeSetTy::const_iterator it =
286 curnode->getOutEdges().begin(), eit =
287 curnode->getOutEdges().end(); it != eit; ++it)
288 {
289 if ((*it)->getEdgeType() == CHEdge::INHERITANCE)
290 {
291 CHNode *succnode = (*it)->getDstNode();
292 chg->classNameToAncestorsMap[node->getName()].insert(succnode);
293 chg->classNameToDescendantsMap[succnode->getName()].insert(node);
294 worklist.push(succnode);
295 }
296 }
297 visitedNodes.insert(curnode);
298 }
299 }
300 }
301}
302
303const CHGraph::CHNodeSetTy& CHGBuilder::getInstancesAndDescendants(
304 const string& className)
305{
306
307 CHGraph::NameToCHNodesMap::const_iterator it = chg->classNameToInstAndDescsMap.find(className);
308 if (it != chg->classNameToInstAndDescsMap.end())
309 {
310 return it->second;
311 }
312 else
313 {
314 chg->classNameToInstAndDescsMap[className] = chg->getDescendants(className);
315 if (chg->getNode(className)->isTemplate())
316 {
317 const CHNodeSetTy& instances = chg->getInstances(className);
318 for (CHNodeSetTy::const_iterator it = instances.begin(), eit = instances.end(); it != eit; ++it)
319 {
320 const CHNode *node = *it;
321 chg->classNameToInstAndDescsMap[className].insert(node);
322 const CHNodeSetTy& instance_descendants = chg->getDescendants(node->getName());
323 for (CHNodeSetTy::const_iterator dit =
324 instance_descendants.begin(), deit =
325 instance_descendants.end(); dit != deit; ++dit)
326 {
327 chg->classNameToInstAndDescsMap[className].insert(*dit);
328 }
329 }
330 }
331 return chg->classNameToInstAndDescsMap[className];
332 }
333}
334
335
336
337
338/*
339 * do the following things:
340 * 1. initialize virtualFunctions for each class
341 * 2. mark multi-inheritance classes
342 * 3. mark pure abstract classes
343 *
344 * Layout of VTables:
345 *
346 * 1. single inheritance
347 * class A {...};
348 * class B: public A {...};
349 * B's vtable: {i8 *null, _ZTI1B, ...}
350 *
351 * 2. normal multiple inheritance
352 * class A {...};
353 * class B {...};
354 * class C: public A, public B {...};
355 * C's vtable: {i8 *null, _ZTI1C, ..., inttoptr xxx, _ZTI1C, ...}
356 * "inttoptr xxx" servers as a delimiter for dividing virtual methods inherited
357 * from "class A" and "class B"
358 *
359 * 3. virtual diamond inheritance
360 * class A {...};
361 * class B: public virtual A {...};
362 * class C: public virtual A {...};
363 * class D: public B, public C {...};
364 * D's vtable: {i8 *null, _ZTI1C, ..., inttoptr xxx, _ZTI1C, i8 *null, ...}
365 * there will several "i8 *null" following "inttoptr xxx, _ZTI1C,", and the
366 * number of "i8 *null" is the same as the number of virtual methods in
367 * "class A"
368 */
369void CHGBuilder::analyzeVTables(const Module &M)
370{
371 for (Module::const_global_iterator I = M.global_begin(),
372 E = M.global_end(); I != E; ++I)
373 {
374 const GlobalValue *globalvalue = SVFUtil::dyn_cast<const GlobalValue>(&(*I));
375 if (cppUtil::isValVtbl(globalvalue) && globalvalue->getNumOperands() > 0)
376 {
377 const ConstantStruct *vtblStruct = cppUtil::getVtblStruct(globalvalue);
378
379 string vtblClassName = getClassNameFromVtblObj(globalvalue->getName().str());
380 CHNode *node = chg->getNode(vtblClassName);
381 assert(node && "node not found?");
382 NodeID i = llvmModuleSet()->getObjectNode(globalvalue);
383 SVFVar* pVar = PAG::getPAG()->getGNode(i);
384 GlobalObjVar* globalObjVar = SVFUtil::cast<GlobalObjVar>(pVar);
385 globalObjVar->setName(vtblClassName);
386 node->setVTable(globalObjVar);
387
388 for (unsigned int ei = 0; ei < vtblStruct->getNumOperands(); ++ei)
389 {
390 const ConstantArray *vtbl =
391 SVFUtil::dyn_cast<ConstantArray>(vtblStruct->getOperand(ei));
392 assert(vtbl && "Element of initializer not an array?");
393
394 /*
395 * items in vtables can be classified into 3 categories:
396 * 1. i8* null
397 * 2. i8* inttoptr xxx
398 * 3. i8* bitcast xxx
399 */
400 bool pure_abstract = true;
401 u32_t i = 0;
402 while (i < vtbl->getNumOperands())
403 {
404 CHNode::FuncVector virtualFunctions;
405 bool is_virtual = false; // virtual inheritance
406 int null_ptr_num = 0;
407 for (; i < vtbl->getNumOperands(); ++i)
408 {
409 Constant* operand = vtbl->getOperand(i);
410 if (SVFUtil::isa<ConstantPointerNull>(operand))
411 {
412 if (i > 0 && !SVFUtil::isa<ConstantPointerNull>(vtbl->getOperand(i-1)))
413 {
414 auto foo = [&is_virtual, &null_ptr_num, &vtbl, &i](const Value* val)
415 {
416 if (val->getName().str().compare(0, ztiLabel.size(), ztiLabel) == 0)
417 {
418 is_virtual = true;
419 null_ptr_num = 1;
420 while (i+null_ptr_num < vtbl->getNumOperands())
421 {
422 if (SVFUtil::isa<ConstantPointerNull>(vtbl->getOperand(i+null_ptr_num)))
423 null_ptr_num++;
424 else
425 break;
426 }
427 }
428 };
429 if (const ConstantExpr *ce =
430 SVFUtil::dyn_cast<ConstantExpr>(vtbl->getOperand(i-1)))
431 {
432 if(ce->getOpcode() == Instruction::BitCast)
433 foo(ce->getOperand(0));
434 }
435 else
436 {
437 // opaque pointer mode
438 foo(vtbl->getOperand(i - 1));
439 }
440 }
441 continue;
442 }
443
444 auto foo = [this, &virtualFunctions, &pure_abstract, &vtblClassName](const Value* operand)
445 {
446 if (const Function* f = SVFUtil::dyn_cast<Function>(operand))
447 {
448 addFuncToFuncVector(virtualFunctions, f);
449 if (f->getName().str().compare(pureVirtualFunName) == 0)
450 {
451 pure_abstract &= true;
452 }
453 else
454 {
455 pure_abstract &= false;
456 }
457 struct DemangledName dname = demangle(f->getName().str());
458 if (dname.className.size() > 0 &&
459 vtblClassName.compare(dname.className) != 0)
460 {
461 if(!chg->getNode(dname.className)) createNode(dname.className);
462 chg->addEdge(vtblClassName, dname.className, CHEdge::INHERITANCE);
463 }
464 }
465 else
466 {
467 if (const GlobalAlias *alias =
468 SVFUtil::dyn_cast<GlobalAlias>(operand))
469 {
470 const Constant *aliasValue = alias->getAliasee();
471 if (const Function* aliasFunc =
472 SVFUtil::dyn_cast<Function>(aliasValue))
473 {
474 addFuncToFuncVector(virtualFunctions, aliasFunc);
475 }
476 else if (const ConstantExpr *aliasconst =
477 SVFUtil::dyn_cast<ConstantExpr>(aliasValue))
478 {
479 (void)aliasconst; // Suppress warning of unused variable under release build
480 assert(aliasconst->getOpcode() == Instruction::BitCast &&
481 "aliased constantexpr in vtable not a bitcast");
482 const Function* aliasbitcastfunc =
483 SVFUtil::dyn_cast<Function>(aliasconst->getOperand(0));
484 assert(aliasbitcastfunc &&
485 "aliased bitcast in vtable not a function");
486 addFuncToFuncVector(virtualFunctions, aliasbitcastfunc);
487 }
488 else
489 {
490 assert(false && "alias not function or bitcast");
491 }
492
493 pure_abstract &= false;
494 }
495 else if (operand->getName().str().compare(0, ztiLabel.size(),
496 ztiLabel) == 0)
497 {
498 }
499 else
500 {
501 assert("what else can be in bitcast of a vtable?");
502 }
503 }
504 };
505
521 if (const ConstantExpr *ce =
522 SVFUtil::dyn_cast<ConstantExpr>(operand))
523 {
524 u32_t opcode = ce->getOpcode();
525 assert(opcode == Instruction::IntToPtr);
526 assert(ce->getNumOperands() == 1 &&
527 "inttptr operand num not 1");
528 if (opcode == Instruction::IntToPtr)
529 {
530 node->setMultiInheritance();
531 ++i;
532 break;
533 }
534 }
535 else
536 {
537 foo(operand);
538 }
539 }
540 if (is_virtual && virtualFunctions.size() > 0)
541 {
542 for (int i = 0; i < null_ptr_num; ++i)
543 {
544 const FunObjVar* fun = virtualFunctions[i];
545 virtualFunctions.insert(virtualFunctions.begin(), fun);
546 }
547 }
548 if (virtualFunctions.size() > 0)
549 node->addVirtualFunctionVector(virtualFunctions);
550 }
551 if (pure_abstract == true)
552 {
553 node->setPureAbstract();
554 }
555 }
556 }
557 }
558}
559
560
561void CHGBuilder::buildVirtualFunctionToIDMap()
562{
563 /*
564 * 1. Divide classes into groups
565 * 2. Get all virtual functions in a group
566 * 3. Assign consecutive IDs to virtual functions that have
567 * the same name (after demangling) in a group
568 */
569 CHGraph::CHNodeSetTy visitedNodes;
570 for (CHGraph::const_iterator nit = chg->begin(),
571 neit = chg->end(); nit != neit; ++nit)
572 {
573 CHNode *node = nit->second;
574 if (visitedNodes.find(node) != visitedNodes.end())
575 continue;
576
577 string className = node->getName();
578
579 /*
580 * get all the classes in a specific group
581 */
582 CHGraph::CHNodeSetTy group;
583 stack<const CHNode*> nodeStack;
584 nodeStack.push(node);
585 while (!nodeStack.empty())
586 {
587 const CHNode *curnode = nodeStack.top();
588 nodeStack.pop();
589 group.insert(curnode);
590 if (visitedNodes.find(curnode) != visitedNodes.end())
591 continue;
592 for (CHEdge::CHEdgeSetTy::const_iterator it = curnode->getOutEdges().begin(),
593 eit = curnode->getOutEdges().end(); it != eit; ++it)
594 {
595 CHNode *tmpnode = (*it)->getDstNode();
596 nodeStack.push(tmpnode);
597 group.insert(tmpnode);
598 }
599 for (CHEdge::CHEdgeSetTy::const_iterator it = curnode->getInEdges().begin(),
600 eit = curnode->getInEdges().end(); it != eit; ++it)
601 {
602 CHNode *tmpnode = (*it)->getSrcNode();
603 nodeStack.push(tmpnode);
604 group.insert(tmpnode);
605 }
606 visitedNodes.insert(curnode);
607 }
608
609 /*
610 * get all virtual functions in a specific group
611 */
612 set<const FunObjVar*> virtualFunctions;
613 for (CHGraph::CHNodeSetTy::iterator it = group.begin(),
614 eit = group.end(); it != eit; ++it)
615 {
616 const vector<CHNode::FuncVector> &vecs = (*it)->getVirtualFunctionVectors();
617 for (vector<CHNode::FuncVector>::const_iterator vit = vecs.begin(),
618 veit = vecs.end(); vit != veit; ++vit)
619 {
620 for (vector<const FunObjVar*>::const_iterator fit = (*vit).begin(),
621 feit = (*vit).end(); fit != feit; ++fit)
622 {
623 virtualFunctions.insert(*fit);
624 }
625 }
626 }
627
628 /*
629 * build a set of pairs of demangled function name and function in a
630 * specific group, items in the set will be sort by the first item of the
631 * pair, so all the virtual functions in a group will be sorted by the
632 * demangled function name
633 * <f, A::f>
634 * <f, B::f>
635 * <g, A::g>
636 * <g, B::g>
637 * <g, C::g>
638 * <~A, A::~A>
639 * <~B, B::~B>
640 * <~C, C::~C>
641 * ...
642 */
643 set<pair<string, const FunObjVar*> > fNameSet;
644 for (set<const FunObjVar*>::iterator fit = virtualFunctions.begin(),
645 feit = virtualFunctions.end(); fit != feit; ++fit)
646 {
647 const FunObjVar* f = *fit;
648 struct DemangledName dname = demangle(f->getName());
649 fNameSet.insert(pair<string, const FunObjVar*>(dname.funcName, f));
650 }
651 for (set<pair<string, const FunObjVar*>>::iterator it = fNameSet.begin(),
652 eit = fNameSet.end(); it != eit; ++it)
653 {
654 chg->virtualFunctionToIDMap[it->second] = chg->vfID++;
655 }
656 }
657}
658
659
660void CHGBuilder::buildCSToCHAVtblsAndVfnsMap()
661{
662
663 for (Module &M : llvmModuleSet()->getLLVMModules())
664 {
665 for (Module::const_iterator F = M.begin(), E = M.end(); F != E; ++F)
666 {
667 for (const_inst_iterator II = inst_begin(*F), E = inst_end(*F); II != E; ++II)
668 {
669 if(const CallBase* callInst = SVFUtil::dyn_cast<CallBase>(&*II))
670 {
671 if (cppUtil::isVirtualCallSite(callInst) == false)
672 continue;
673
674 VTableSet vtbls;
675 const CHNodeSetTy& chClasses = getCSClasses(callInst);
676 for (CHNodeSetTy::const_iterator it = chClasses.begin(), eit = chClasses.end(); it != eit; ++it)
677 {
678 const CHNode *child = *it;
679 const GlobalObjVar *vtbl = child->getVTable();
680 if (vtbl != nullptr)
681 {
682 vtbls.insert(vtbl);
683 }
684 }
685 if (vtbls.size() > 0)
686 {
687 ICFGNode* icfgNode =
688 llvmModuleSet()->getICFGNode(callInst);
689 chg->callNodeToCHAVtblsMap[icfgNode] = vtbls;
690 VFunSet virtualFunctions;
691 chg->getVFnsFromVtbls(SVFUtil::cast<CallICFGNode>(icfgNode), vtbls, virtualFunctions);
692 if (virtualFunctions.size() > 0)
693 chg->callNodeToCHAVFnsMap[icfgNode] = virtualFunctions;
694 }
695 }
696 }
697 }
698 }
699}
700
701
702const CHGraph::CHNodeSetTy& CHGBuilder::getCSClasses(const CallBase* cs)
703{
704 assert(cppUtil::isVirtualCallSite(cs) && "not virtual callsite!");
705
706 ICFGNode* icfgNode = llvmModuleSet()->getICFGNode(cs);
707
708 CHGraph::CallNodeToCHNodesMap::const_iterator it = chg->callNodeToClassesMap.find(icfgNode);
709 if (it != chg->callNodeToClassesMap.end())
710 {
711 return it->second;
712 }
713 else
714 {
715 Set<string> thisPtrClassNames = getClassNameOfThisPtr(cs);
716
717 if(thisPtrClassNames.empty())
718 {
719 // if we cannot infer classname, conservatively push all class nodes
720 for (const auto &node: *chg)
721 {
722 chg->callNodeToClassesMap[icfgNode].insert(node.second);
723 }
724 return chg->callNodeToClassesMap[icfgNode];
725 }
726
727 for (const auto &thisPtrClassName: thisPtrClassNames)
728 {
729 if (const CHNode* thisNode = chg->getNode(thisPtrClassName))
730 {
731 const CHGraph::CHNodeSetTy& instAndDesces = getInstancesAndDescendants(thisPtrClassName);
732 chg->callNodeToClassesMap[icfgNode].insert(thisNode);
733 for (CHGraph::CHNodeSetTy::const_iterator it2 = instAndDesces.begin(), eit = instAndDesces.end(); it2 != eit; ++it2)
734 chg->callNodeToClassesMap[icfgNode].insert(*it2);
735 }
736 }
737 return chg->callNodeToClassesMap[icfgNode];
738 }
739}
740
741void CHGBuilder::addFuncToFuncVector(CHNode::FuncVector &v, const Function *lf)
742{
743 if (cppUtil::isCPPThunkFunction(lf))
744 {
745 const auto* tf = cppUtil::getThunkTarget(lf);
746 const FunObjVar* pFunction =
747 llvmModuleSet()->getFunObjVar(tf ? tf : lf);
748 v.push_back(pFunction);
749 }
750 else
751 {
752 const FunObjVar* pFunction =
753 llvmModuleSet()->getFunObjVar(lf);
754 v.push_back(pFunction);
755 }
756}
ztiLabel
const string ztiLabel
Definition CHGBuilder.cpp:57
pureVirtualFunName
const string pureVirtualFunName
Definition CHGBuilder.cpp:55
DBOUT
#define DBOUT(TYPE, X)
LLVM debug macros, define type of your DBUG model of each pass.
Definition SVFType.h:593
TIMEINTERVAL
#define TIMEINTERVAL
Definition SVFType.h:621
DCHA
#define DCHA
Definition SVFType.h:615
DGENERAL
#define DGENERAL
Definition SVFType.h:599
child
cJSON * child
Definition cJSON.cpp:2723
SVF::CHEdge::INHERITANCE
@ INHERITANCE
Definition CHG.h:84
SVF::CHEdge::INSTANTCE
@ INSTANTCE
Definition CHG.h:85
SVF::CHGBuilder::analyzeVTables
void analyzeVTables(const Module &M)
Definition CHGBuilder.cpp:369
SVF::CHGBuilder::connectInheritEdgeViaStore
void connectInheritEdgeViaStore(const Function *caller, const StoreInst *store)
Definition CHGBuilder.cpp:195
SVF::CHGBuilder::llvmModuleSet
LLVMModuleSet * llvmModuleSet()
Definition CHGBuilder.cpp:59
SVF::CHGBuilder::readInheritanceMetadataFromModule
void readInheritanceMetadataFromModule(const Module &M)
Definition CHGBuilder.cpp:222
SVF::CHGBuilder::buildCHGNodes
void buildCHGNodes(const GlobalValue *V)
Definition CHGBuilder.cpp:94
SVF::CHGBuilder::getInstancesAndDescendants
const CHGraph::CHNodeSetTy & getInstancesAndDescendants(const std::string &className)
Definition CHGBuilder.cpp:303
SVF::CHGBuilder::WorkList
CHGraph::WorkList WorkList
Definition CHGBuilder.h:46
SVF::CHGBuilder::addFuncToFuncVector
void addFuncToFuncVector(CHNode::FuncVector &v, const Function *f)
Definition CHGBuilder.cpp:741
SVF::CHGBuilder::buildCHGEdges
void buildCHGEdges(const Function *F)
Definition CHGBuilder.cpp:135
SVF::CHGBuilder::buildVirtualFunctionToIDMap
void buildVirtualFunctionToIDMap()
Definition CHGBuilder.cpp:561
SVF::CHGBuilder::chg
CHGraph * chg
Definition CHGBuilder.h:42
SVF::CHGBuilder::buildCSToCHAVtblsAndVfnsMap
void buildCSToCHAVtblsAndVfnsMap()
Definition CHGBuilder.cpp:660
SVF::CHGBuilder::buildInternalMaps
void buildInternalMaps()
Definition CHGBuilder.cpp:157
SVF::CHGBuilder::CHNodeSetTy
CHGraph::CHNodeSetTy CHNodeSetTy
Definition CHGBuilder.h:45
SVF::CHGBuilder::getCSClasses
const CHNodeSetTy & getCSClasses(const CallBase *cs)
Definition CHGBuilder.cpp:702
SVF::CHGBuilder::createNode
CHNode * createNode(const std::string &name)
Definition CHGBuilder.cpp:243
SVF::CHGBuilder::connectInheritEdgeViaCall
void connectInheritEdgeViaCall(const Function *caller, const CallBase *cs)
Definition CHGBuilder.cpp:164
SVF::CHGBuilder::buildClassNameToAncestorsDescendantsMap
void buildClassNameToAncestorsDescendantsMap()
Definition CHGBuilder.cpp:270
SVF::CHGraph::classNameToAncestorsMap
NameToCHNodesMap classNameToAncestorsMap
Definition CHG.h:331
SVF::CHGraph::callNodeToClassesMap
CallNodeToCHNodesMap callNodeToClassesMap
Definition CHG.h:334
SVF::CHGraph::callNodeToCHAVFnsMap
CallNodeToVFunSetMap callNodeToCHAVFnsMap
Definition CHG.h:339
SVF::CHGraph::dump
void dump(const std::string &filename)
Definition CHG.cpp:242
SVF::CHGraph::getInstances
const CHNodeSetTy & getInstances(const std::string className)
Definition CHG.h:309
SVF::CHGraph::addEdge
void addEdge(const std::string className, const std::string baseClassName, CHEdge::CHEDGETYPE edgeType)
Definition CHG.cpp:97
SVF::CHGraph::virtualFunctionToIDMap
Map< const FunObjVar *, u32_t > virtualFunctionToIDMap
Definition CHG.h:336
SVF::CHGraph::addInstances
void addInstances(const std::string templateName, CHNode *node)
Definition CHG.h:296
SVF::CHGraph::getVFnsFromVtbls
void getVFnsFromVtbls(const CallICFGNode *cs, const VTableSet &vtbls, VFunSet &virtualFunctions) override
Definition CHG.cpp:124
SVF::CHGraph::getNode
CHNode * getNode(const std::string name) const
Definition CHG.cpp:112
SVF::CHGraph::classNameToInstAndDescsMap
NameToCHNodesMap classNameToInstAndDescsMap
Definition CHG.h:332
SVF::CHGraph::vfID
u32_t vfID
Definition CHG.h:327
SVF::CHGraph::buildingCHGTime
double buildingCHGTime
Definition CHG.h:328
SVF::CHGraph::classNameToDescendantsMap
NameToCHNodesMap classNameToDescendantsMap
Definition CHG.h:330
SVF::CHGraph::CHNodeSetTy
Set< const CHNode * > CHNodeSetTy
Definition CHG.h:246
SVF::CHGraph::classNum
u32_t classNum
Definition CHG.h:326
SVF::CHGraph::classNameToNodeMap
Map< std::string, CHNode * > classNameToNodeMap
Definition CHG.h:329
SVF::CHGraph::callNodeToCHAVtblsMap
CallNodeToVTableSetMap callNodeToCHAVtblsMap
Definition CHG.h:338
SVF::CHGraph::getDescendants
const CHNodeSetTy & getDescendants(const std::string className)
Definition CHG.h:305
SVF::CHNode::getName
virtual const std::string & getName() const
Definition CHG.h:127
SVF::CHNode::setVTable
void setVTable(const GlobalObjVar *vtbl)
Definition CHG.h:186
SVF::CHNode::setMultiInheritance
void setMultiInheritance()
Definition CHG.h:149
SVF::CHNode::addVirtualFunctionVector
void addVirtualFunctionVector(FuncVector vfuncvec)
Definition CHG.h:171
SVF::CHNode::getVirtualFunctionVectors
const std::vector< FuncVector > & getVirtualFunctionVectors() const
Definition CHG.h:175
SVF::CHNode::setPureAbstract
void setPureAbstract()
Attribute.
Definition CHG.h:145
SVF::CHNode::FuncVector
std::vector< const FunObjVar * > FuncVector
Definition CHG.h:118
SVF::CHNode::isTemplate
bool isTemplate() const
Definition CHG.h:165
SVF::GenericGraph::addGNode
void addGNode(NodeID id, NodeType *node)
Add a Node.
Definition GenericGraph.h:390
SVF::GenericGraph::begin
iterator begin()
Iterators.
Definition GenericGraph.h:371
SVF::GenericGraph::const_iterator
IDToNodeMapTy::const_iterator const_iterator
Definition GenericGraph.h:351
SVF::GenericGraph::getGNode
NodeType * getGNode(NodeID id) const
Get a node.
Definition GenericGraph.h:397
SVF::LLVMModuleSet::getFunObjVar
const FunObjVar * getFunObjVar(const Function *fun) const
Definition LLVMModule.h:267
SVF::LLVMModuleSet::getLLVMModuleSet
static LLVMModuleSet * getLLVMModuleSet()
Definition LLVMModule.h:131
SVF::LLVMModuleSet::getICFGNode
ICFGNode * getICFGNode(const Instruction *inst)
Get a basic block ICFGNode.
Definition LLVMModule.cpp:1201
SVF::LLVMModuleSet::getObjectNode
NodeID getObjectNode(const Value *V)
Definition LLVMModule.cpp:1090
SVF::LLVMModuleSet::getLLVMModules
const std::vector< std::reference_wrapper< Module > > & getLLVMModules() const
Definition LLVMModule.h:157
SVF::Options::DumpCHA
static const Option< bool > DumpCHA
Definition Options.h:173
SVF::SVFIR::getPAG
static SVFIR * getPAG(bool buildFromFile=false)
Singleton design here to make sure we only have one instance during any analysis.
Definition SVFIR.h:116
SVF::SVFStat::getClk
static double getClk(bool mark=false)
Definition SVFStat.cpp:48
SVF::SVFValue::getId
NodeID getId() const
Get ID.
Definition SVFValue.h:160
SVF::LLVMUtil::isCallSite
bool isCallSite(const Instruction *inst)
Whether an instruction is a call or invoke instruction.
Definition LLVMUtil.h:44
SVF::LLVMUtil::isCastConstantExpr
const ConstantExpr * isCastConstantExpr(const Value *val)
Definition LLVMUtil.h:245
SVF::LLVMUtil::getCallee
const Function * getCallee(const CallBase *cs)
Definition LLVMUtil.h:97
SVF::SVFUtil::pasMsg
std::string pasMsg(const std::string &msg)
Print each pass/phase message by converting a string into blue string output.
Definition SVFUtil.cpp:101
SVF::SVFUtil::outs
std::ostream & outs()
Overwrite llvm::outs()
Definition SVFUtil.h:52
SVF::cppUtil::getBeforeBrackets
std::string getBeforeBrackets(const std::string &name)
Definition CppUtil.cpp:127
SVF::cppUtil::getConstructorThisPtr
const Argument * getConstructorThisPtr(const Function *fun)
Definition CppUtil.cpp:528
SVF::cppUtil::isSameThisPtrInConstructor
bool isSameThisPtrInConstructor(const Argument *thisPtr1, const Value *thisPtr2)
Definition CppUtil.cpp:484
SVF::cppUtil::getVCallThisPtr
const Value * getVCallThisPtr(const CallBase *cs)
Definition CppUtil.cpp:411
SVF::cppUtil::demangle
struct DemangledName demangle(const std::string &name)
Definition CppUtil.cpp:195
SVF::cppUtil::getClassNameOfThisPtr
Set< std::string > getClassNameOfThisPtr(const CallBase *cs)
Definition CppUtil.cpp:676
SVF::cppUtil::isCPPThunkFunction
bool isCPPThunkFunction(const Function *F)
Definition CppUtil.cpp:383
SVF::cppUtil::isVirtualCallSite
bool isVirtualCallSite(const CallBase *cs)
Definition CppUtil.cpp:352
SVF::cppUtil::getThunkTarget
const Function * getThunkTarget(const Function *F)
Definition CppUtil.cpp:389
SVF::cppUtil::getVtblStruct
const ConstantStruct * getVtblStruct(const GlobalValue *vtbl)
Definition CppUtil.cpp:323
SVF::cppUtil::isConstructor
bool isConstructor(const Function *F)
Definition CppUtil.cpp:564
SVF::cppUtil::getClassNameFromVtblObj
std::string getClassNameFromVtblObj(const std::string &vtblName)
Definition CppUtil.cpp:304
SVF::cppUtil::isValVtbl
bool isValVtbl(const Value *val)
Definition CppUtil.cpp:336
SVF::cppUtil::isDestructor
bool isDestructor(const Function *F)
Definition CppUtil.cpp:584
SVF
for isBitcode
Definition BasicTypes.h:68
SVF::const_inst_iterator
llvm::const_inst_iterator const_inst_iterator
Definition BasicTypes.h:252
SVF::GlobalAlias
llvm::GlobalAlias GlobalAlias
Definition BasicTypes.h:130
SVF::CallBase
llvm::CallBase CallBase
Definition BasicTypes.h:148
SVF::MDString
llvm::MDString MDString
Definition BasicTypes.h:103
SVF::ConstantStruct
llvm::ConstantStruct ConstantStruct
Definition BasicTypes.h:108
SVF::NamedMDNode
llvm::NamedMDNode NamedMDNode
LLVM metadata and debug information.
Definition BasicTypes.h:113
SVF::NodeID
u32_t NodeID
Definition GeneralType.h:56
SVF::VTableSet
Set< const GlobalObjVar * > VTableSet
Definition CHG.h:46
SVF::Argument
llvm::Argument Argument
Definition BasicTypes.h:147
SVF::ConstantArray
llvm::ConstantArray ConstantArray
Definition BasicTypes.h:125
SVF::Function
llvm::Function Function
Definition BasicTypes.h:87
SVF::GlobalValue
llvm::GlobalValue GlobalValue
Definition BasicTypes.h:90
SVF::Constant
llvm::Constant Constant
Definition BasicTypes.h:126
SVF::Value
llvm::Value Value
LLVM Basic classes.
Definition BasicTypes.h:84
SVF::ConstantExpr
llvm::ConstantExpr ConstantExpr
Definition BasicTypes.h:122
SVF::IRBuilder
llvm::IRBuilder IRBuilder
Definition BasicTypes.h:74
SVF::Module
llvm::Module Module
Definition BasicTypes.h:86
SVF::StoreInst
llvm::StoreInst StoreInst
Definition BasicTypes.h:150
SVF::MDNode
llvm::MDNode MDNode
Definition BasicTypes.h:114
SVF::u32_t
unsigned u32_t
Definition GeneralType.h:47
SVF::VFunSet
Set< const FunObjVar * > VFunSet
Definition CHG.h:47
Generated by doxygen 1.9.8