SVF-doxygen/html/DDAClient_8cpp_source.html

 //===- DDAClient.cpp -- Clients of demand-driven analysis-------------//

 //

 //                     SVF: Static Value-Flow Analysis

 //

 // Copyright (C) <2013->  <Yulei Sui>

 //


 // This program is free software: you can redistribute it and/or modify

 // it under the terms of the GNU Affero General Public License as published by

 // the Free Software Foundation, either version 3 of the License, or

 // (at your option) any later version.


 // This program is distributed in the hope that it will be useful,

 // but WITHOUT ANY WARRANTY; without even the implied warranty of

 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 // GNU Affero General Public License for more details.


 // You should have received a copy of the GNU Affero General Public License

 // along with this program.  If not, see <http://www.gnu.org/licenses/>.

 //

 //===----------------------------------------------------------------------===//


 /*

  * @file: DDAClient.cpp

  * @author: yesen

  * @date: 16 Feb 2015

  *

  * LICENSE

  *

  */


 #include "Util/Options.h"

 #include "Util/SVFUtil.h"

 #include "MemoryModel/PointsTo.h"


 #include "DDA/DDAClient.h"

 #include "DDA/FlowDDA.h"

 #include <iostream>

 #include <iomanip>  // for std::setw


 using namespace SVF;

 using namespace SVFUtil;


 void DDAClient::answerQueries(PointerAnalysis* pta)

 {


     DDAStat* stat = static_cast<DDAStat*>(pta->getStat());

     u32_t vmrss = 0;

     u32_t vmsize = 0;

     SVFUtil::getMemoryUsageKB(&vmrss, &vmsize);

     stat->setMemUsageBefore(vmrss, vmsize);


     collectCandidateQueries(pta->getPAG());


     u32_t count = 0;

     for (OrderedNodeSet::iterator nIter = candidateQueries.begin();

             nIter != candidateQueries.end(); ++nIter,++count)

     {

         PAGNode* node = pta->getPAG()->getGNode(*nIter);

         if(pta->getPAG()->isValidTopLevelPtr(node))

         {

             DBOUT(DGENERAL,outs() << "\n@@Computing PointsTo for :" << node->getId() <<

                   " [" << count + 1<< "/" << candidateQueries.size() << "]" << " \n");

             DBOUT(DDDA,outs() << "\n@@Computing PointsTo for :" << node->getId() <<

                   " [" << count + 1<< "/" << candidateQueries.size() << "]" << " \n");

             setCurrentQueryPtr(node->getId());

             pta->computeDDAPts(node->getId());

         }

     }


     vmrss = vmsize = 0;

     SVFUtil::getMemoryUsageKB(&vmrss, &vmsize);

     stat->setMemUsageAfter(vmrss, vmsize);

 }


 OrderedNodeSet& FunptrDDAClient::collectCandidateQueries(SVFIR* p)

 {

     setPAG(p);

     for(SVFIR::CallSiteToFunPtrMap::const_iterator it = pag->getIndirectCallsites().begin(),

             eit = pag->getIndirectCallsites().end(); it!=eit; ++it)

     {

         if (it->first->isVirtualCall())

         {

             const SVFVar* vtblPtr = it->first->getVtablePtr();

             assert(vtblPtr != nullptr && "not a vtable pointer?");

             NodeID vtblId = vtblPtr->getId();

             addCandidate(vtblId);

             vtableToCallSiteMap[vtblId] = it->first;

         }

         else

         {

             addCandidate(it->second);

         }

     }

     return candidateQueries;

 }


 void FunptrDDAClient::performStat(PointerAnalysis* pta)

 {


     AndersenWaveDiff* ander = AndersenWaveDiff::createAndersenWaveDiff(pta->getPAG());

     u32_t totalCallsites = 0;

     u32_t morePreciseCallsites = 0;

     u32_t zeroTargetCallsites = 0;

     u32_t oneTargetCallsites = 0;

     u32_t twoTargetCallsites = 0;

     u32_t moreThanTwoCallsites = 0;


     for (VTablePtrToCallSiteMap::iterator nIter = vtableToCallSiteMap.begin();

             nIter != vtableToCallSiteMap.end(); ++nIter)

     {

         NodeID vtptr = nIter->first;

         const PointsTo& ddaPts = pta->getPts(vtptr);

         const PointsTo& anderPts = ander->getPts(vtptr);


         PTACallGraph* callgraph = ander->getCallGraph();

         const CallICFGNode* cbn = nIter->second;


         if(!callgraph->hasIndCSCallees(cbn))

         {

             //outs() << "virtual callsite has no callee" << *(nIter->second.getInstruction()) << "\n";

             continue;

         }


         const PTACallGraph::FunctionSet& callees = callgraph->getIndCSCallees(cbn);

         totalCallsites++;

         if(callees.size() == 0)

             zeroTargetCallsites++;

         else if(callees.size() == 1)

             oneTargetCallsites++;

         else if(callees.size() == 2)

             twoTargetCallsites++;

         else

             moreThanTwoCallsites++;


         if(ddaPts.count() >= anderPts.count() || ddaPts.empty())

             continue;


         Set<const SVFFunction*> ander_vfns;

         Set<const SVFFunction*> dda_vfns;

         ander->getVFnsFromPts(cbn,anderPts, ander_vfns);

         pta->getVFnsFromPts(cbn,ddaPts, dda_vfns);


         ++morePreciseCallsites;

         outs() << "============more precise callsite =================\n";

         outs() << (nIter->second)->toString() << "\n";

         outs() << (nIter->second)->getSourceLoc() << "\n";

         outs() << "\n";

         outs() << "------ander pts or vtable num---(" << anderPts.count()  << ")--\n";

         outs() << "------DDA vfn num---(" << ander_vfns.size() << ")--\n";

         //ander->dumpPts(vtptr, anderPts);

         outs() << "------DDA pts or vtable num---(" << ddaPts.count() << ")--\n";

         outs() << "------DDA vfn num---(" << dda_vfns.size() << ")--\n";

         //pta->dumpPts(vtptr, ddaPts);

         outs() << "-------------------------\n";

         outs() << "\n";

         outs() << "=================================================\n";

     }


     outs() << "=================================================\n";

     outs() << "Total virtual callsites: " << vtableToCallSiteMap.size() << "\n";

     outs() << "Total analyzed virtual callsites: " << totalCallsites << "\n";

     outs() << "Indirect call map size: " << ander->getCallGraph()->getIndCallMap().size() << "\n";

     outs() << "Precise callsites: " << morePreciseCallsites << "\n";

     outs() << "Zero target callsites: " << zeroTargetCallsites << "\n";

     outs() << "One target callsites: " << oneTargetCallsites << "\n";

     outs() << "Two target callsites: " << twoTargetCallsites << "\n";

     outs() << "More than two target callsites: " << moreThanTwoCallsites << "\n";

     outs() << "=================================================\n";

 }


 OrderedNodeSet& AliasDDAClient::collectCandidateQueries(SVFIR* pag)

 {

     setPAG(pag);

     SVFStmt::SVFStmtSetTy& loads = pag->getSVFStmtSet(SVFStmt::Load);

     for (SVFStmt::SVFStmtSetTy::iterator iter = loads.begin(), eiter =

                 loads.end(); iter != eiter; ++iter)

     {

         PAGNode* loadsrc = (*iter)->getSrcNode();

         loadSrcNodes.insert(loadsrc);

         addCandidate(loadsrc->getId());

     }


     SVFStmt::SVFStmtSetTy& stores = pag->getSVFStmtSet(SVFStmt::Store);

     for (SVFStmt::SVFStmtSetTy::iterator iter = stores.begin(), eiter =

                 stores.end(); iter != eiter; ++iter)

     {

         PAGNode* storedst = (*iter)->getDstNode();

         storeDstNodes.insert(storedst);

         addCandidate(storedst->getId());

     }

     SVFStmt::SVFStmtSetTy& geps = pag->getSVFStmtSet(SVFStmt::Gep);

     for (SVFStmt::SVFStmtSetTy::iterator iter = geps.begin(), eiter =

                 geps.end(); iter != eiter; ++iter)

     {

         PAGNode* gepsrc = (*iter)->getSrcNode();

         gepSrcNodes.insert(gepsrc);

         addCandidate(gepsrc->getId());

     }

     return candidateQueries;

 }


 void AliasDDAClient::performStat(PointerAnalysis* pta)

 {


     for(PAGNodeSet::const_iterator lit = loadSrcNodes.begin(); lit!=loadSrcNodes.end(); lit++)

     {

         for(PAGNodeSet::const_iterator sit = storeDstNodes.begin(); sit!=storeDstNodes.end(); sit++)

         {

             const PAGNode* node1 = *lit;

             const PAGNode* node2 = *sit;

             if(node1->hasValue() && node2->hasValue())

             {

                 AliasResult result = pta->alias(node1->getId(),node2->getId());


                 outs() << "\n=================================================\n";

                 outs() << "Alias Query for (" << node1->getValue()->toString() << ",";

                 outs() << node2->getValue()->toString() << ") \n";

                 outs() << "[NodeID:" << node1->getId() <<  ", NodeID:" << node2->getId() << " " << result << "]\n";

                 outs() << "=================================================\n";


             }

         }

     }

 }


DDAClient.h

FlowDDA.h

Options.h

PointsTo.h

DBOUT
#define DBOUT(TYPE, X)
LLVM debug macros, define type of your DBUG model of each pass.
Definition: SVFType.h:484

DGENERAL
#define DGENERAL
Definition: SVFType.h:490

DDDA
#define DDDA
Definition: SVFType.h:496

SVFUtil.h

p
cJSON * p
Definition: cJSON.cpp:2559

count
int count
Definition: cJSON.h:216

SVF::AliasDDAClient::collectCandidateQueries
virtual OrderedNodeSet & collectCandidateQueries(SVFIR *pag)
Only collect function pointers as query candidates.
Definition: DDAClient.cpp:176

SVF::AliasDDAClient::performStat
virtual void performStat(PointerAnalysis *pta)
Definition: DDAClient.cpp:207

SVF::AndersenWaveDiff
Definition: Andersen.h:398

SVF::AndersenWaveDiff::createAndersenWaveDiff
static AndersenWaveDiff * createAndersenWaveDiff(SVFIR *_pag)
Create an singleton instance directly instead of invoking llvm pass manager.
Definition: Andersen.h:408

SVF::Andersen::getPts
virtual const PointsTo & getPts(NodeID id)
Operation of points-to set.
Definition: Andersen.h:239

SVF::CallICFGNode
Definition: ICFGNode.h:423

SVF::DDAClient::answerQueries
virtual void answerQueries(PointerAnalysis *pta)
Definition: DDAClient.cpp:46

SVF::DDAStat
Definition: DDAStat.h:48

SVF::FunptrDDAClient::collectCandidateQueries
virtual OrderedNodeSet & collectCandidateQueries(SVFIR *p)
Only collect function pointers as query candidates.
Definition: DDAClient.cpp:78

SVF::FunptrDDAClient::performStat
virtual void performStat(PointerAnalysis *pta)
Definition: DDAClient.cpp:100

SVF::GenericGraph::getGNode
NodeType * getGNode(NodeID id) const
Get a node.
Definition: GenericGraph.h:653

SVF::PTACallGraph
Definition: PTACallGraph.h:242

SVF::PTACallGraph::FunctionSet
Set< const SVFFunction * > FunctionSet
Definition: PTACallGraph.h:251

SVF::PTACallGraph::hasIndCSCallees
bool hasIndCSCallees(const CallICFGNode *cs) const
Definition: PTACallGraph.h:308

SVF::PTACallGraph::getIndCSCallees
const FunctionSet & getIndCSCallees(const CallICFGNode *cs) const
Definition: PTACallGraph.h:312

SVF::PTACallGraph::getIndCallMap
CallEdgeMap & getIndCallMap()
Get callees from an indirect callsite.
Definition: PTACallGraph.h:304

SVF::PTAStat::setMemUsageBefore
void setMemUsageBefore(u32_t vmrss, u32_t vmsize)
Definition: PTAStat.h:56

SVF::PTAStat::setMemUsageAfter
void setMemUsageAfter(u32_t vmrss, u32_t vmsize)
Definition: PTAStat.h:62

SVF::PointerAnalysis
Definition: PointerAnalysis.h:58

SVF::PointerAnalysis::getVFnsFromPts
void getVFnsFromPts(const CallICFGNode *cs, const PointsTo &target, VFunSet &vfns)
Definition: PointerAnalysis.cpp:436

SVF::PointerAnalysis::computeDDAPts
virtual void computeDDAPts(NodeID)
Compute points-to results on-demand, overridden by derived classes.
Definition: PointerAnalysis.h:233

SVF::PointerAnalysis::getStat
PTAStat * getStat() const
Get PTA stat.
Definition: PointerAnalysis.h:205

SVF::PointerAnalysis::getPAG
SVFIR * getPAG() const
Definition: PointerAnalysis.h:198

SVF::PointerAnalysis::getPts
virtual const PointsTo & getPts(NodeID ptr)=0
Get points-to targets of a pointer. It needs to be implemented in child class.

SVF::PointerAnalysis::getCallGraph
PTACallGraph * getCallGraph() const
Return call graph.
Definition: PointerAnalysis.h:171

SVF::PointerAnalysis::alias
virtual AliasResult alias(const SVFValue *V1, const SVFValue *V2)=0
Interface exposed to users of our pointer analysis, given Value infos.

SVF::PointsTo
Definition: PointsTo.h:29

SVF::PointsTo::empty
bool empty() const
Returns true if set is empty.
Definition: PointsTo.cpp:98

SVF::PointsTo::count
u32_t count() const
Returns number of elements.
Definition: PointsTo.cpp:111

SVF::SVFBaseNode::getId
NodeID getId() const
Get ID.
Definition: GenericGraph.h:260

SVF::SVFIR
Definition: SVFIR.h:44

SVF::SVFIR::isValidTopLevelPtr
bool isValidTopLevelPtr(const SVFVar *node)
Definition: SVFIR.cpp:673

SVF::SVFIR::getSVFStmtSet
SVFStmt::SVFStmtSetTy & getSVFStmtSet(SVFStmt::PEDGEK kind)
Get/set methods to get SVFStmts based on their kinds and ICFGNodes.
Definition: SVFIR.h:201

SVF::SVFStmt::Gep
@ Gep
Definition: SVFStatements.h:69

SVF::SVFStmt::Load
@ Load
Definition: SVFStatements.h:66

SVF::SVFStmt::Store
@ Store
Definition: SVFStatements.h:65

SVF::SVFStmt::SVFStmtSetTy
GenericNode< SVFVar, SVFStmt >::GEdgeSetTy SVFStmtSetTy
Definition: SVFStatements.h:217

SVF::SVFValue::toString
std::string toString() const
Needs to be implemented by a SVF front end.
Definition: LLVMUtil.cpp:663

SVF::SVFVar
Definition: SVFVariables.h:46

SVF::SVFVar::hasValue
bool hasValue() const
Definition: SVFVariables.h:101

SVF::SVFVar::getValue
const SVFValue * getValue() const
Get/has methods of the components.
Definition: SVFVariables.h:83

SVF::LLVMUtil::getSourceLoc
const std::string getSourceLoc(const Value *val)
Definition: LLVMUtil.cpp:430

SVF::SVFUtil::getMemoryUsageKB
bool getMemoryUsageKB(u32_t *vmrss_kb, u32_t *vmsize_kb)
Get memory usage from system file. Return TRUE if succeed.
Definition: SVFUtil.cpp:177

SVF::SVFUtil::outs
std::ostream & outs()
Overwrite llvm::outs()
Definition: SVFUtil.h:50

SVF
for isBitcode
Definition: BasicTypes.h:68

SVF::OrderedNodeSet
OrderedSet< NodeID > OrderedNodeSet
Definition: GeneralType.h:112

SVF::NodeID
u32_t NodeID
Definition: GeneralType.h:55

SVF::AliasResult
AliasResult
Definition: SVFType.h:527

SVF::u32_t
unsigned u32_t
Definition: GeneralType.h:46

SVF::Set
std::unordered_set< Key, Hash, KeyEqual, Allocator > Set
Definition: GeneralType.h:96