Static Value-Flow Analysis
Loading...
Searching...
No Matches
ICFGBuilder.cpp
Go to the documentation of this file.
1//===- ICFGBuilder.cpp ----------------------------------------------------------------//
2//
3// SVF: Static Value-Flow Analysis
4//
5// Copyright (C) <2013-> <Yulei Sui>
6//
7
8// This program is free software: you can redistribute it and/or modify
9// it under the terms of the GNU Affero General Public License as published by
10// the Free Software Foundation, either version 3 of the License, or
11// (at your option) any later version.
12
13// This program is distributed in the hope that it will be useful,
14// but WITHOUT ANY WARRANTY; without even the implied warranty of
15// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16// GNU Affero General Public License for more details.
17
18// You should have received a copy of the GNU Affero General Public License
19// along with this program. If not, see <http://www.gnu.org/licenses/>.
20//
21//===----------------------------------------------------------------------===//
22
23
24/*
25 * ICFGBuilder.cpp
26 *
27 * Created on:
28 * Author: yulei
29 */
30
31#include "SVF-LLVM/ICFGBuilder.h"
32#include "SVF-LLVM/CppUtil.h"
33#include "SVF-LLVM/LLVMModule.h"
34#include "SVF-LLVM/LLVMUtil.h"
35
36using namespace SVF;
37using namespace SVFUtil;
38
39
43ICFG* ICFGBuilder::build()
44{
45 icfg = new ICFG();
46 DBOUT(DGENERAL, outs() << pasMsg("\t Building ICFG ...\n"));
47 // Add the unique global ICFGNode at the entry of a program (before the main method).
48 addGlobalICFGNode();
49
50 // Add function entry and exit
51 for (Module &M : llvmModuleSet()->getLLVMModules())
52 {
53 for (Module::const_iterator F = M.begin(), E = M.end(); F != E; ++F)
54 {
55 const Function *fun = &*F;
56 if (fun->isDeclaration())
57 continue;
58 addFunEntryBlock(fun);
59 addFunExitBlock(fun);
60 }
61
62 }
63
64 for (Module &M : llvmModuleSet()->getLLVMModules())
65 {
66 for (Module::const_iterator F = M.begin(), E = M.end(); F != E; ++F)
67 {
68 const Function *fun = &*F;
69 if (fun->isDeclaration())
70 continue;
71 WorkList worklist;
72 processFunEntry(fun,worklist);
73 processUnreachableFromEntry(fun, worklist);
74 processFunBody(worklist);
75 processFunExit(fun);
76
77 checkICFGNodesVisited(fun);
78 }
79
80 }
81 connectGlobalToProgEntry();
82 return icfg;
83}
84
85void ICFGBuilder::checkICFGNodesVisited(const Function* fun)
86{
87 for (const auto& bb: *fun)
88 {
89 for (const auto& inst: bb)
90 {
91 if(LLVMUtil::isIntrinsicInst(&inst))
92 continue;
93 assert(visited.count(&inst) && "inst never visited");
94 assert(hasICFGNode(&inst) && "icfgnode not created");
95 }
96 }
97}
101void ICFGBuilder::processFunEntry(const Function* fun, WorkList& worklist)
102{
103 FunEntryICFGNode* FunEntryICFGNode = getFunEntryICFGNode(fun);
104 const Instruction* entryInst = &((fun->getEntryBlock()).front());
105
106 InstVec insts;
107 if (LLVMUtil::isIntrinsicInst(entryInst))
108 LLVMUtil::getNextInsts(entryInst, insts);
109 else
110 insts.push_back(entryInst);
111 for (InstVec::const_iterator nit = insts.begin(), enit = insts.end();
112 nit != enit; ++nit)
113 {
114 visited.insert(*nit);
115 ICFGNode* instNode = addBlockICFGNode(*nit); //add interprocedural edge
116 worklist.push(*nit);
117 icfg->addIntraEdge(FunEntryICFGNode, instNode);
118 }
119
120
121
122}
123
127void ICFGBuilder::processUnreachableFromEntry(const Function* fun, WorkList& worklist)
128{
129 SVFLoopAndDomInfo* pInfo =
130 llvmModuleSet()->getFunObjVar(fun)->getLoopAndDomInfo();
131 for (const auto& bb : *fun)
132 {
133 if (pInfo->isUnreachable(llvmModuleSet()->getSVFBasicBlock(&bb)) &&
134 !visited.count(&bb.front()))
135 {
136 visited.insert(&bb.front());
137 (void)addBlockICFGNode(&bb.front());
138 worklist.push(&bb.front());
139 }
140 }
141}
142
146void ICFGBuilder::processFunBody(WorkList& worklist)
147{
149 while (!worklist.empty())
150 {
151 const Instruction* inst = worklist.pop();
152 ICFGNode* srcNode = getICFGNode(inst);
153 if (SVFUtil::isa<ReturnInst>(inst))
154 {
155 FunExitICFGNode* FunExitICFGNode = getFunExitICFGNode(inst->getFunction());
156 icfg->addIntraEdge(srcNode, FunExitICFGNode);
157 }
158 InstVec nextInsts;
159 LLVMUtil::getNextInsts(inst, nextInsts);
160 s64_t branchID = 0;
161 for (InstVec::const_iterator nit = nextInsts.begin(), enit =
162 nextInsts.end(); nit != enit; ++nit)
163 {
164 const Instruction* succ = *nit;
165 ICFGNode* dstNode;
166 if (visited.find(succ) != visited.end())
167 {
168 dstNode = getICFGNode(succ);
169 }
170 else
171 {
172 visited.insert(succ);
173 dstNode = addBlockICFGNode(succ);
174 worklist.push(succ);
175 }
176
177
178 if (LLVMUtil::isNonInstricCallSite(inst))
179 {
180 RetICFGNode* retICFGNode = getRetICFGNode(inst);
181 srcNode = retICFGNode;
182 }
183
184 if (const BranchInst* br = SVFUtil::dyn_cast<BranchInst>(inst))
185 {
186 assert(branchID <= 1 && "if/else has more than two branches?");
187 if(br->isConditional())
188 icfg->addConditionalIntraEdge(srcNode, dstNode, 1 - branchID);
189 else
190 icfg->addIntraEdge(srcNode, dstNode);
191 }
192 else if (const SwitchInst* si = SVFUtil::dyn_cast<SwitchInst>(inst))
193 {
195 const ConstantInt* condVal = const_cast<SwitchInst*>(si)->findCaseDest(const_cast<BasicBlock*>(succ->getParent()));
197 s64_t val = -1;
198 if (condVal && condVal->getBitWidth() <= 64)
199 val = LLVMUtil::getIntegerValue(condVal).first;
200 icfg->addConditionalIntraEdge(srcNode, dstNode,val);
201 }
202 else
203 icfg->addIntraEdge(srcNode, dstNode);
204 branchID++;
205 }
206 }
207}
208
214void ICFGBuilder::processFunExit(const Function* f)
215{
216 FunExitICFGNode* FunExitICFGNode = getFunExitICFGNode(f);
217
218 for (const auto& bb : *f)
219 {
220 for (const auto& inst : bb)
221 {
222 if (SVFUtil::isa<ReturnInst>(&inst))
223 {
224 icfg->addIntraEdge(getICFGNode(&inst), FunExitICFGNode);
225 }
226 }
227 }
228}
229
230
231
232
237InterICFGNode* ICFGBuilder::addInterBlockICFGNode(const Instruction* inst)
238{
239 assert(LLVMUtil::isCallSite(inst) && "not a call instruction?");
240 assert(LLVMUtil::isNonInstricCallSite(inst) && "associating an intrinsic debug instruction with an ICFGNode!");
241 assert(llvmModuleSet()->getCallBlock(inst)==nullptr && "duplicate CallICFGNode");
242 const CallBase* cb = SVFUtil::dyn_cast<CallBase>(inst);
243 bool isvcall = cppUtil::isVirtualCallSite(cb);
244 const FunObjVar* calledFunc = nullptr;
245 auto called_llvmval = cb->getCalledOperand()->stripPointerCasts();
246 if (const Function* called_llvmfunc = SVFUtil::dyn_cast<Function>(called_llvmval))
247 {
248 calledFunc = llvmModuleSet()->getFunObjVar(called_llvmfunc);
249 }
250 else
251 {
252 assert(SVFUtil::dyn_cast<Function>(called_llvmval) == nullptr && "must be nullptr");
253 }
254
255 SVFBasicBlock* bb = llvmModuleSet()->getSVFBasicBlock(inst->getParent());
256
257 CallICFGNode* callICFGNode = icfg->addCallICFGNode(
258 bb, llvmModuleSet()->getSVFType(inst->getType()),
259 calledFunc, cb->getFunctionType()->isVarArg(), isvcall,
260 isvcall ? cppUtil::getVCallIdx(cb) : 0,
261 isvcall ? cppUtil::getFunNameOfVCallSite(cb) : "");
262 llvmModuleSet()->addInstructionMap(inst, callICFGNode);
263
264 assert(llvmModuleSet()->getRetBlock(inst)==nullptr && "duplicate RetICFGNode");
265 RetICFGNode* retICFGNode = icfg->addRetICFGNode(callICFGNode);
266 llvmModuleSet()->addInstructionMap(inst, retICFGNode);
267
268 addICFGInterEdges(inst, LLVMUtil::getCallee(SVFUtil::cast<CallBase>(inst))); //creating interprocedural edges
269 return callICFGNode;
270}
271
306/*
307* Add the global initialization statements immediately after the function entry of main
308*/
309void ICFGBuilder::connectGlobalToProgEntry()
310{
311 for (Module &M : llvmModuleSet()->getLLVMModules())
312 {
313 if (const Function* mainFunc = LLVMUtil::getProgEntryFunction(M))
314 {
315 // main function
316 FunEntryICFGNode* entryNode = getFunEntryICFGNode(mainFunc);
317 GlobalICFGNode* globalNode = getGlobalICFGNode();
318 IntraCFGEdge* intraEdge = new IntraCFGEdge(globalNode, entryNode);
319 icfg->addICFGEdge(intraEdge);
320 }
321 else
322 {
323 // not main function
324 }
325 }
326}
327
328inline ICFGNode* ICFGBuilder::addBlockICFGNode(const Instruction* inst)
329{
330 ICFGNode* node;
331 if(LLVMUtil::isNonInstricCallSite(inst))
332 node = addInterBlockICFGNode(inst);
333 else
334 node = addIntraBlockICFGNode(inst);
335 const_cast<SVFBasicBlock*>(
336 llvmModuleSet()->getSVFBasicBlock(inst->getParent()))
337 ->addICFGNode(node);
338 return node;
339}
340
341IntraICFGNode* ICFGBuilder::addIntraBlockICFGNode(const Instruction* inst)
342{
343 IntraICFGNode* node = llvmModuleSet()->getIntraBlock(inst);
344 assert (node==nullptr && "no IntraICFGNode for this instruction?");
345 IntraICFGNode* sNode = icfg->addIntraICFGNode(
346 llvmModuleSet()->getSVFBasicBlock(inst->getParent()), SVFUtil::isa<ReturnInst>(inst));
347 llvmModuleSet()->addInstructionMap(inst, sNode);
348 return sNode;
349}
350
356
357inline FunExitICFGNode* ICFGBuilder::addFunExitBlock(const Function* fun)
358{
359 return llvmModuleSet()->FunToFunExitNodeMap[fun] =
360 icfg->addFunExitICFGNode(llvmModuleSet()->getFunObjVar(fun));
361}
DBOUT
#define DBOUT(TYPE, X)
LLVM debug macros, define type of your DBUG model of each pass.
Definition SVFType.h:512
DGENERAL
#define DGENERAL
Definition SVFType.h:518
SVF::FIFOWorkList::push
bool push(const Data &data)
Definition WorkList.h:165
SVF::FIFOWorkList::empty
bool empty() const
Definition WorkList.h:146
SVF::FunObjVar::getFunctionType
const SVFFunctionType * getFunctionType() const
Returns the FunctionType.
Definition SVFVariables.h:1072
SVF::FunObjVar::getLoopAndDomInfo
SVFLoopAndDomInfo * getLoopAndDomInfo() const
Definition SVFVariables.h:1083
SVF::ICFGBuilder::getICFGNode
ICFGNode * getICFGNode(const Instruction *inst)
Definition ICFGBuilder.h:93
SVF::ICFGBuilder::addFunEntryBlock
FunEntryICFGNode * addFunEntryBlock(const Function *fun)
Definition ICFGBuilder.cpp:351
SVF::ICFGBuilder::connectGlobalToProgEntry
void connectGlobalToProgEntry()
Definition ICFGBuilder.cpp:309
SVF::ICFGBuilder::getFunEntryICFGNode
FunEntryICFGNode * getFunEntryICFGNode(const Function *fun)
get a function entry node
Definition ICFGBuilder.h:120
SVF::ICFGBuilder::getFunExitICFGNode
FunExitICFGNode * getFunExitICFGNode(const Function *fun)
get a function exit node
Definition ICFGBuilder.h:125
SVF::ICFGBuilder::addIntraBlockICFGNode
IntraICFGNode * addIntraBlockICFGNode(const Instruction *inst)
Add and get IntraBlock ICFGNode.
Definition ICFGBuilder.cpp:341
SVF::ICFGBuilder::getCallICFGNode
CallICFGNode * getCallICFGNode(const Instruction *cs)
get a call node
Definition ICFGBuilder.h:104
SVF::ICFGBuilder::InstVec
std::vector< const Instruction * > InstVec
Definition ICFGBuilder.h:46
SVF::ICFGBuilder::llvmModuleSet
LLVMModuleSet * llvmModuleSet()
Definition ICFGBuilder.h:67
SVF::ICFGBuilder::addGlobalICFGNode
void addGlobalICFGNode()
Definition ICFGBuilder.h:148
SVF::ICFGBuilder::processUnreachableFromEntry
void processUnreachableFromEntry(const Function *fun, WorkList &worklist)
Definition ICFGBuilder.cpp:127
SVF::ICFGBuilder::addInterBlockICFGNode
InterICFGNode * addInterBlockICFGNode(const Instruction *inst)
Add/Get an inter block ICFGNode.
Definition ICFGBuilder.cpp:237
SVF::ICFGBuilder::hasICFGNode
bool hasICFGNode(const Instruction *inst)
Definition ICFGBuilder.h:98
SVF::ICFGBuilder::processFunBody
void processFunBody(WorkList &worklist)
Definition ICFGBuilder.cpp:146
SVF::ICFGBuilder::getGlobalICFGNode
GlobalICFGNode * getGlobalICFGNode() const
Definition ICFGBuilder.h:130
SVF::ICFGBuilder::checkICFGNodesVisited
void checkICFGNodesVisited(const Function *fun)
Definition ICFGBuilder.cpp:85
SVF::ICFGBuilder::processFunEntry
void processFunEntry(const Function *fun, WorkList &worklist)
Definition ICFGBuilder.cpp:101
SVF::ICFGBuilder::addFunExitBlock
FunExitICFGNode * addFunExitBlock(const Function *fun)
Definition ICFGBuilder.cpp:357
SVF::ICFGBuilder::addBlockICFGNode
ICFGNode * addBlockICFGNode(const Instruction *inst)
Add/Get a basic block ICFGNode.
Definition ICFGBuilder.cpp:328
SVF::ICFGBuilder::getRetICFGNode
RetICFGNode * getRetICFGNode(const Instruction *cs)
get a return node
Definition ICFGBuilder.h:109
SVF::ICFGBuilder::addICFGInterEdges
void addICFGInterEdges(const Instruction *cs, const Function *callee)
Create edges between ICFG nodes across functions.
Definition ICFGBuilder.cpp:275
SVF::ICFGBuilder::processFunExit
void processFunExit(const Function *fun)
Definition ICFGBuilder.cpp:214
SVF::ICFG::addFunEntryICFGNode
virtual FunEntryICFGNode * addFunEntryICFGNode(const FunObjVar *svfFunc)
Definition ICFG.h:200
SVF::ICFG::addCallICFGNode
virtual CallICFGNode * addCallICFGNode(const SVFBasicBlock *bb, const SVFType *ty, const FunObjVar *calledFunc, bool isVararg, bool isvcall, s32_t vcallIdx, const std::string &funNameOfVcall)
Definition ICFG.h:179
SVF::ICFG::addICFGEdge
bool addICFGEdge(ICFGEdge *edge)
Add ICFG edge, only used by addIntraEdge, addCallEdge, addRetEdge etc.
Definition ICFG.h:238
SVF::ICFG::addRetICFGNode
virtual RetICFGNode * addRetICFGNode(CallICFGNode *call)
Definition ICFG.h:192
SVF::ICFG::addIntraICFGNode
virtual IntraICFGNode * addIntraICFGNode(const SVFBasicBlock *bb, bool isRet)
Definition ICFG.h:171
SVF::ICFG::addCallEdge
ICFGEdge * addCallEdge(ICFGNode *srcNode, ICFGNode *dstNode)
Definition ICFG.cpp:374
SVF::ICFG::addFunExitICFGNode
virtual FunExitICFGNode * addFunExitICFGNode(const FunObjVar *svfFunc)
Definition ICFG.h:207
SVF::ICFG::addRetEdge
ICFGEdge * addRetEdge(ICFGNode *srcNode, ICFGNode *dstNode)
Definition ICFG.cpp:392
SVF::ICFG::addConditionalIntraEdge
ICFGEdge * addConditionalIntraEdge(ICFGNode *srcNode, ICFGNode *dstNode, s64_t branchCondVal)
Definition ICFG.cpp:352
SVF::ICFG::addIntraEdge
ICFGEdge * addIntraEdge(ICFGNode *srcNode, ICFGNode *dstNode)
Add intraprocedural and interprocedural control-flow edges.
Definition ICFG.cpp:333
SVF::LLVMModuleSet::getIntraBlock
IntraICFGNode * getIntraBlock(const Instruction *inst)
Definition LLVMModule.h:498
SVF::LLVMModuleSet::getFunObjVar
const FunObjVar * getFunObjVar(const Function *fun) const
Definition LLVMModule.h:265
SVF::LLVMModuleSet::getSVFBasicBlock
SVFBasicBlock * getSVFBasicBlock(const BasicBlock *bb)
Definition LLVMModule.h:296
SVF::LLVMModuleSet::addInstructionMap
void addInstructionMap(const Instruction *inst, CallICFGNode *svfInst)
Definition LLVMModule.h:237
SVF::LLVMModuleSet::getLLVMModules
const std::vector< std::reference_wrapper< Module > > & getLLVMModules() const
Definition LLVMModule.h:155
SVF::LLVMModuleSet::FunToFunEntryNodeMap
FunToFunEntryNodeMapTy FunToFunEntryNodeMap
map a function to its FunExitICFGNode
Definition LLVMModule.h:107
SVF::LLVMModuleSet::FunToFunExitNodeMap
FunToFunExitNodeMapTy FunToFunExitNodeMap
map a function to its FunEntryICFGNode
Definition LLVMModule.h:108
SVF::SVFFunctionType::isVarArg
bool isVarArg() const
Definition SVFType.h:355
SVF::LLVMUtil::isIntrinsicInst
bool isIntrinsicInst(const Instruction *inst)
Return true if it is an intrinsic instruction.
Definition LLVMUtil.cpp:202
SVF::LLVMUtil::isCallSite
bool isCallSite(const Instruction *inst)
Whether an instruction is a call or invoke instruction.
Definition LLVMUtil.h:44
SVF::LLVMUtil::getIntegerValue
std::pair< s64_t, u64_t > getIntegerValue(const ConstantInt *intValue)
Definition LLVMUtil.h:82
SVF::LLVMUtil::getNextInsts
void getNextInsts(const Instruction *curInst, std::vector< const Instruction * > &instList)
Get the next instructions following control flow.
Definition LLVMUtil.cpp:573
SVF::LLVMUtil::getProgEntryFunction
const Function * getProgEntryFunction(Module &module)
Get program entry function from module.
Definition LLVMUtil.h:418
SVF::LLVMUtil::getCallee
const Function * getCallee(const CallBase *cs)
Definition LLVMUtil.h:97
SVF::LLVMUtil::isNonInstricCallSite
bool isNonInstricCallSite(const Instruction *inst)
Whether an instruction is a callsite in the application code, excluding llvm intrinsic calls.
Definition LLVMUtil.cpp:720
SVF::SVFUtil::pasMsg
std::string pasMsg(const std::string &msg)
Print each pass/phase message by converting a string into blue string output.
Definition SVFUtil.cpp:101
SVF::SVFUtil::isExtCall
bool isExtCall(const FunObjVar *fun)
Definition SVFUtil.cpp:437
SVF::SVFUtil::outs
std::ostream & outs()
Overwrite llvm::outs()
Definition SVFUtil.h:52
SVF::cppUtil::getFunNameOfVCallSite
std::string getFunNameOfVCallSite(const CallBase *cs)
Definition CppUtil.cpp:635
SVF::cppUtil::getVCallIdx
s32_t getVCallIdx(const CallBase *cs)
Definition CppUtil.cpp:646
SVF::cppUtil::isVirtualCallSite
bool isVirtualCallSite(const CallBase *cs)
Definition CppUtil.cpp:352
SVF
for isBitcode
Definition BasicTypes.h:68
SVF::CallBase
llvm::CallBase CallBase
Definition BasicTypes.h:146
SVF::BasicBlock
llvm::BasicBlock BasicBlock
Definition BasicTypes.h:86
SVF::SwitchInst
llvm::SwitchInst SwitchInst
Definition BasicTypes.h:155
SVF::Function
llvm::Function Function
Definition BasicTypes.h:85
SVF::Instruction
llvm::Instruction Instruction
Definition BasicTypes.h:87
SVF::IRBuilder
llvm::IRBuilder IRBuilder
Definition BasicTypes.h:74
SVF::Module
llvm::Module Module
Definition BasicTypes.h:84
SVF::BranchInst
llvm::BranchInst BranchInst
Definition BasicTypes.h:154
SVF::s64_t
signed long long s64_t
Definition GeneralType.h:50
SVF::ConstantInt
llvm::ConstantInt ConstantInt
Definition BasicTypes.h:125
Generated by doxygen 1.9.8