SVF-doxygen/html/DDAClient_8cpp_source.html

//===- DDAClient.cpp -- Clients of demand-driven analysis-------------//

//

//                     SVF: Static Value-Flow Analysis

//

// Copyright (C) <2013->  <Yulei Sui>

//


// This program is free software: you can redistribute it and/or modify

// it under the terms of the GNU Affero General Public License as published by

// the Free Software Foundation, either version 3 of the License, or

// (at your option) any later version.


// This program is distributed in the hope that it will be useful,

// but WITHOUT ANY WARRANTY; without even the implied warranty of

// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

// GNU Affero General Public License for more details.


// You should have received a copy of the GNU Affero General Public License

// along with this program.  If not, see <http://www.gnu.org/licenses/>.

//

//===----------------------------------------------------------------------===//


/*

 * @file: DDAClient.cpp

 * @author: yesen

 * @date: 16 Feb 2015

 *

 * LICENSE

 *

 */


#include "Util/Options.h"

#include "Util/SVFUtil.h"

#include "MemoryModel/PointsTo.h"


#include "DDA/DDAClient.h"

#include "DDA/FlowDDA.h"

#include <iostream>

#include <iomanip>  // for std::setw


using namespace SVF;

using namespace SVFUtil;


void DDAClient::answerQueries(PointerAnalysis* pta)

{


    DDAStat* stat = static_cast<DDAStat*>(pta->getStat());

    u32_t vmrss = 0;

    u32_t vmsize = 0;

    SVFUtil::getMemoryUsageKB(&vmrss, &vmsize);

    stat->setMemUsageBefore(vmrss, vmsize);


    collectCandidateQueries(pta->getPAG());


    u32_t count = 0;

    for (OrderedNodeSet::iterator nIter = candidateQueries.begin();

            nIter != candidateQueries.end(); ++nIter,++count)

    {

        PAGNode* node = pta->getPAG()->getGNode(*nIter);

        if(pta->getPAG()->isValidTopLevelPtr(node))

        {

            DBOUT(DGENERAL,outs() << "\n@@Computing PointsTo for :" << node->getId() <<

                  " [" << count + 1<< "/" << candidateQueries.size() << "]" << " \n");

            DBOUT(DDDA,outs() << "\n@@Computing PointsTo for :" << node->getId() <<

                  " [" << count + 1<< "/" << candidateQueries.size() << "]" << " \n");

            setCurrentQueryPtr(node->getId());

            pta->computeDDAPts(node->getId());

        }

    }


    vmrss = vmsize = 0;

    SVFUtil::getMemoryUsageKB(&vmrss, &vmsize);

    stat->setMemUsageAfter(vmrss, vmsize);

}


OrderedNodeSet& FunptrDDAClient::collectCandidateQueries(SVFIR* p)

{

    setPAG(p);

    for(SVFIR::CallSiteToFunPtrMap::const_iterator it = pag->getIndirectCallsites().begin(),

            eit = pag->getIndirectCallsites().end(); it!=eit; ++it)

    {

        if (it->first->isVirtualCall())

        {

            const SVFVar* vtblPtr = it->first->getVtablePtr();

            assert(vtblPtr != nullptr && "not a vtable pointer?");

            NodeID vtblId = vtblPtr->getId();

            addCandidate(vtblId);

            vtableToCallSiteMap[vtblId] = it->first;

        }

        else

        {

            addCandidate(it->second);

        }

    }

    return candidateQueries;

}


void FunptrDDAClient::performStat(PointerAnalysis* pta)

{


    AndersenWaveDiff* ander = AndersenWaveDiff::createAndersenWaveDiff(pta->getPAG());

    u32_t totalCallsites = 0;

    u32_t morePreciseCallsites = 0;

    u32_t zeroTargetCallsites = 0;

    u32_t oneTargetCallsites = 0;

    u32_t twoTargetCallsites = 0;

    u32_t moreThanTwoCallsites = 0;


    for (VTablePtrToCallSiteMap::iterator nIter = vtableToCallSiteMap.begin();

            nIter != vtableToCallSiteMap.end(); ++nIter)

    {

        NodeID vtptr = nIter->first;

        const PointsTo& ddaPts = pta->getPts(vtptr);

        const PointsTo& anderPts = ander->getPts(vtptr);


        CallGraph* callgraph = ander->getCallGraph();

        const CallICFGNode* cbn = nIter->second;


        if(!callgraph->hasIndCSCallees(cbn))

        {

            //outs() << "virtual callsite has no callee" << *(nIter->second.getInstruction()) << "\n";

            continue;

        }


        const CallGraph::FunctionSet& callees = callgraph->getIndCSCallees(cbn);

        totalCallsites++;

        if(callees.size() == 0)

            zeroTargetCallsites++;

        else if(callees.size() == 1)

            oneTargetCallsites++;

        else if(callees.size() == 2)

            twoTargetCallsites++;

        else

            moreThanTwoCallsites++;


        if(ddaPts.count() >= anderPts.count() || ddaPts.empty())

            continue;


        Set<const FunObjVar*> ander_vfns;

        Set<const FunObjVar*> dda_vfns;

        ander->getVFnsFromPts(cbn,anderPts, ander_vfns);

        pta->getVFnsFromPts(cbn,ddaPts, dda_vfns);


        ++morePreciseCallsites;

        outs() << "============more precise callsite =================\n";

        outs() << (nIter->second)->toString() << "\n";

        outs() << (nIter->second)->getSourceLoc() << "\n";

        outs() << "\n";

        outs() << "------ander pts or vtable num---(" << anderPts.count()  << ")--\n";

        outs() << "------DDA vfn num---(" << ander_vfns.size() << ")--\n";

        //ander->dumpPts(vtptr, anderPts);

        outs() << "------DDA pts or vtable num---(" << ddaPts.count() << ")--\n";

        outs() << "------DDA vfn num---(" << dda_vfns.size() << ")--\n";

        //pta->dumpPts(vtptr, ddaPts);

        outs() << "-------------------------\n";

        outs() << "\n";

        outs() << "=================================================\n";

    }


    outs() << "=================================================\n";

    outs() << "Total virtual callsites: " << vtableToCallSiteMap.size() << "\n";

    outs() << "Total analyzed virtual callsites: " << totalCallsites << "\n";

    outs() << "Indirect call map size: " << ander->getCallGraph()->getIndCallMap().size() << "\n";

    outs() << "Precise callsites: " << morePreciseCallsites << "\n";

    outs() << "Zero target callsites: " << zeroTargetCallsites << "\n";

    outs() << "One target callsites: " << oneTargetCallsites << "\n";

    outs() << "Two target callsites: " << twoTargetCallsites << "\n";

    outs() << "More than two target callsites: " << moreThanTwoCallsites << "\n";

    outs() << "=================================================\n";

}


OrderedNodeSet& AliasDDAClient::collectCandidateQueries(SVFIR* pag)

{

    setPAG(pag);

    SVFStmt::SVFStmtSetTy& loads = pag->getSVFStmtSet(SVFStmt::Load);

    for (SVFStmt::SVFStmtSetTy::iterator iter = loads.begin(), eiter =

                loads.end(); iter != eiter; ++iter)

    {

        PAGNode* loadsrc = (*iter)->getSrcNode();

        loadSrcNodes.insert(loadsrc);

        addCandidate(loadsrc->getId());

    }


    SVFStmt::SVFStmtSetTy& stores = pag->getSVFStmtSet(SVFStmt::Store);

    for (SVFStmt::SVFStmtSetTy::iterator iter = stores.begin(), eiter =

                stores.end(); iter != eiter; ++iter)

    {

        PAGNode* storedst = (*iter)->getDstNode();

        storeDstNodes.insert(storedst);

        addCandidate(storedst->getId());

    }

    SVFStmt::SVFStmtSetTy& geps = pag->getSVFStmtSet(SVFStmt::Gep);

    for (SVFStmt::SVFStmtSetTy::iterator iter = geps.begin(), eiter =

                geps.end(); iter != eiter; ++iter)

    {

        PAGNode* gepsrc = (*iter)->getSrcNode();

        gepSrcNodes.insert(gepsrc);

        addCandidate(gepsrc->getId());

    }

    return candidateQueries;

}


void AliasDDAClient::performStat(PointerAnalysis* pta)

{


    for(PAGNodeSet::const_iterator lit = loadSrcNodes.begin(); lit!=loadSrcNodes.end(); lit++)

    {

        for(PAGNodeSet::const_iterator sit = storeDstNodes.begin(); sit!=storeDstNodes.end(); sit++)

        {

            const PAGNode* node1 = *lit;

            const PAGNode* node2 = *sit;

            AliasResult result = pta->alias(node1->getId(), node2->getId());

            outs() << "\n=================================================\n";

            outs() << "Alias Query for (" << node1->valueOnlyToString() << ",";

            outs() << node2->valueOnlyToString() << ") \n";

            outs() << "[NodeID:" << node1->getId() << ", NodeID:" << node2->getId() << " " << result << "]\n";

            outs() << "=================================================\n";

        }

    }

}


DDAClient.h

FlowDDA.h

Options.h

PointsTo.h

DBOUT
#define DBOUT(TYPE, X)
LLVM debug macros, define type of your DBUG model of each pass.
Definition SVFType.h:498

DGENERAL
#define DGENERAL
Definition SVFType.h:504

DDDA
#define DDDA
Definition SVFType.h:510

SVFUtil.h

p
cJSON * p
Definition cJSON.cpp:2559

count
int count
Definition cJSON.h:216

SVF::AliasDDAClient::collectCandidateQueries
virtual OrderedNodeSet & collectCandidateQueries(SVFIR *pag)
Only collect function pointers as query candidates.
Definition DDAClient.cpp:176

SVF::AliasDDAClient::loadSrcNodes
PAGNodeSet loadSrcNodes
Definition DDAClient.h:156

SVF::AliasDDAClient::performStat
virtual void performStat(PointerAnalysis *pta)
Definition DDAClient.cpp:207

SVF::AliasDDAClient::storeDstNodes
PAGNodeSet storeDstNodes
Definition DDAClient.h:157

SVF::AliasDDAClient::gepSrcNodes
PAGNodeSet gepSrcNodes
Definition DDAClient.h:158

SVF::AndersenWaveDiff
Definition Andersen.h:397

SVF::AndersenWaveDiff::createAndersenWaveDiff
static AndersenWaveDiff * createAndersenWaveDiff(SVFIR *_pag)
Create an singleton instance directly instead of invoking llvm pass manager.
Definition Andersen.h:407

SVF::Andersen::getPts
virtual const PointsTo & getPts(NodeID id)
Operation of points-to set.
Definition Andersen.h:238

SVF::CallGraph
Definition CallGraph.h:235

SVF::CallGraph::hasIndCSCallees
bool hasIndCSCallees(const CallICFGNode *cs) const
Definition CallGraph.h:323

SVF::CallGraph::getIndCSCallees
const FunctionSet & getIndCSCallees(const CallICFGNode *cs) const
Definition CallGraph.h:327

SVF::CallGraph::getIndCallMap
CallEdgeMap & getIndCallMap()
Get callees from an indirect callsite.
Definition CallGraph.h:319

SVF::CallGraph::FunctionSet
Set< const FunObjVar * > FunctionSet
Definition CallGraph.h:244

SVF::CallICFGNode
Definition ICFGNode.h:417

SVF::DDAClient::setPAG
void setPAG(SVFIR *g)
Set SVFIR graph.
Definition DDAClient.h:79

SVF::DDAClient::answerQueries
virtual void answerQueries(PointerAnalysis *pta)
Definition DDAClient.cpp:46

SVF::DDAClient::setCurrentQueryPtr
void setCurrentQueryPtr(NodeID ptr)
Set the pointer being queried.
Definition DDAClient.h:84

SVF::DDAClient::pag
SVFIR * pag
SVFIR graph used by current DDA analysis.
Definition DDAClient.h:107

SVF::DDAClient::addCandidate
void addCandidate(NodeID id)
Definition DDAClient.h:101

SVF::DDAClient::candidateQueries
OrderedNodeSet candidateQueries
store all candidate pointers to be queried
Definition DDAClient.h:109

SVF::DDAClient::collectCandidateQueries
virtual OrderedNodeSet & collectCandidateQueries(SVFIR *p)
Collect candidate pointers for query.
Definition DDAClient.h:58

SVF::DDAStat
Definition DDAStat.h:48

SVF::FunptrDDAClient::vtableToCallSiteMap
VTablePtrToCallSiteMap vtableToCallSiteMap
Definition DDAClient.h:124

SVF::FunptrDDAClient::collectCandidateQueries
virtual OrderedNodeSet & collectCandidateQueries(SVFIR *p)
Only collect function pointers as query candidates.
Definition DDAClient.cpp:78

SVF::FunptrDDAClient::performStat
virtual void performStat(PointerAnalysis *pta)
Definition DDAClient.cpp:100

SVF::GenericGraph::getGNode
NodeType * getGNode(NodeID id) const
Get a node.
Definition GenericGraph.h:403

SVF::PTAStat::setMemUsageBefore
void setMemUsageBefore(u32_t vmrss, u32_t vmsize)
Definition PTAStat.h:56

SVF::PTAStat::setMemUsageAfter
void setMemUsageAfter(u32_t vmrss, u32_t vmsize)
Definition PTAStat.h:62

SVF::PointerAnalysis
Definition PointerAnalysis.h:57

SVF::PointerAnalysis::getVFnsFromPts
void getVFnsFromPts(const CallICFGNode *cs, const PointsTo &target, VFunSet &vfns)
Definition PointerAnalysis.cpp:430

SVF::PointerAnalysis::getPts
virtual const PointsTo & getPts(NodeID ptr)=0
Get points-to targets of a pointer. It needs to be implemented in child class.

SVF::PointerAnalysis::computeDDAPts
virtual void computeDDAPts(NodeID)
Compute points-to results on-demand, overridden by derived classes.
Definition PointerAnalysis.h:226

SVF::PointerAnalysis::getPAG
SVFIR * getPAG() const
Definition PointerAnalysis.h:195

SVF::PointerAnalysis::getCallGraph
CallGraph * getCallGraph() const
Return call graph.
Definition PointerAnalysis.h:168

SVF::PointerAnalysis::alias
virtual AliasResult alias(const SVFVar *V1, const SVFVar *V2)=0
Interface exposed to users of our pointer analysis, given Value infos.

SVF::PointerAnalysis::getStat
PTAStat * getStat() const
Get PTA stat.
Definition PointerAnalysis.h:202

SVF::PointsTo
Definition PointsTo.h:29

SVF::SVFIR
Definition SVFIR.h:43

SVF::SVFIR::getSVFStmtSet
SVFStmt::SVFStmtSetTy & getSVFStmtSet(SVFStmt::PEDGEK kind)
Get/set methods to get SVFStmts based on their kinds and ICFGNodes.
Definition SVFIR.h:229

SVF::SVFIR::isValidTopLevelPtr
bool isValidTopLevelPtr(const SVFVar *node)
Definition SVFIR.cpp:673

SVF::SVFIR::getIndirectCallsites
const CallSiteToFunPtrMap & getIndirectCallsites() const
Add/get indirect callsites.
Definition SVFIR.h:378

SVF::SVFStmt::Gep
@ Gep
Definition SVFStatements.h:70

SVF::SVFStmt::Load
@ Load
Definition SVFStatements.h:67

SVF::SVFStmt::Store
@ Store
Definition SVFStatements.h:66

SVF::SVFStmt::SVFStmtSetTy
GenericNode< SVFVar, SVFStmt >::GEdgeSetTy SVFStmtSetTy
Definition SVFStatements.h:214

SVF::SVFValue::getId
NodeID getId() const
Get ID.
Definition SVFValue.h:158

SVF::SVFVar
Definition SVFVariables.h:47

SVF::SVFUtil::getMemoryUsageKB
bool getMemoryUsageKB(u32_t *vmrss_kb, u32_t *vmsize_kb)
Get memory usage from system file. Return TRUE if succeed.
Definition SVFUtil.cpp:179

SVF::SVFUtil::outs
std::ostream & outs()
Overwrite llvm::outs()
Definition SVFUtil.h:52

SVF
for isBitcode
Definition BasicTypes.h:68

SVF::OrderedNodeSet
OrderedSet< NodeID > OrderedNodeSet
Definition GeneralType.h:112

SVF::NodeID
u32_t NodeID
Definition GeneralType.h:56

SVF::AliasResult
AliasResult
Definition SVFType.h:541

SVF::IRBuilder
llvm::IRBuilder IRBuilder
Definition BasicTypes.h:74

SVF::u32_t
unsigned u32_t
Definition GeneralType.h:47