Static Value-Flow Analysis
Loading...
Searching...
No Matches
SVFIRBuilder.cpp
Go to the documentation of this file.
1//===- SVFIRBuilder.cpp -- SVFIR builder-----------------------------------------//
2//
3// SVF: Static Value-Flow Analysis
4//
5// Copyright (C) <2013-2017> <Yulei Sui>
6//
7
8// This program is free software: you can redistribute it and/or modify
9// it under the terms of the GNU Affero General Public License as published by
10// the Free Software Foundation, either version 3 of the License, or
11// (at your option) any later version.
12
13// This program is distributed in the hope that it will be useful,
14// but WITHOUT ANY WARRANTY; without even the implied warranty of
15// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16// GNU Affero General Public License for more details.
17
18// You should have received a copy of the GNU Affero General Public License
19// along with this program. If not, see <http://www.gnu.org/licenses/>.
20//
21//===----------------------------------------------------------------------===//
22
23/*
24 * SVFIRBuilder.cpp
25 *
26 * Created on: Nov 1, 2013
27 * Author: Yulei Sui
28 */
29
30#include "SVF-LLVM/SVFIRBuilder.h"
31#include "SVF-LLVM/BasicTypes.h"
32#include "SVF-LLVM/CHGBuilder.h"
33#include "SVF-LLVM/CppUtil.h"
34#include "SVF-LLVM/LLVMLoopAnalysis.h"
35#include "SVF-LLVM/LLVMUtil.h"
36#include "SVF-LLVM/SymbolTableBuilder.h"
37#include "SVFIR/PAGBuilderFromFile.h"
38#include "Util/CallGraphBuilder.h"
39#include "Graphs/CallGraph.h"
40#include "Util/Options.h"
41#include "Util/SVFUtil.h"
42
43using namespace std;
44using namespace SVF;
45using namespace SVFUtil;
46using namespace LLVMUtil;
47
48
52SVFIR* SVFIRBuilder::build()
53{
54 double startTime = SVFStat::getClk(true);
55
56 DBOUT(DGENERAL, outs() << pasMsg("\t Building SVFIR ...\n"));
57
58 // We read SVFIR from a user-defined txt instead of parsing SVFIR from LLVM IR
59 if (SVFIR::pagReadFromTXT())
60 {
61 PAGBuilderFromFile fileBuilder(SVFIR::pagFileName());
62 return fileBuilder.build();
63 }
64
65 // If the SVFIR has been built before, then we return the unique SVFIR of the program
66 if(pag->getNodeNumAfterPAGBuild() > 1)
67 return pag;
68
69
70 createFunObjVars();
71
73 ICFGBuilder icfgbuilder;
74 pag->icfg = icfgbuilder.build();
75
78 initialiseNodes();
81 visitGlobal();
83
84
85
87 CallGraphBuilder callGraphBuilder;
88 std::vector<const FunObjVar*> funset;
89 for (const auto& item: llvmModuleSet()->getFunctionSet())
90 {
91 funset.push_back(llvmModuleSet()->getFunObjVar(item));
92 }
93 pag->callGraph = callGraphBuilder.buildSVFIRCallGraph(funset);
94
95 CHGraph* chg = new CHGraph();
96 CHGBuilder chgbuilder(chg);
97 chgbuilder.buildCHG();
98 pag->setCHG(chg);
99
101 for (Module& M : llvmModuleSet()->getLLVMModules())
102 {
103 for (Module::const_iterator F = M.begin(), E = M.end(); F != E; ++F)
104 {
105 const Function& fun = *F;
106 const FunObjVar* svffun = llvmModuleSet()->getFunObjVar(&fun);
108 if(!fun.isDeclaration())
109 {
115 if (fun.doesNotReturn() == false &&
116 fun.getReturnType()->isVoidTy() == false)
117 {
118 pag->addFunRet(svffun,
119 pag->getGNode(pag->getReturnNode(svffun)));
120 }
121
124 for (Function::const_arg_iterator I = fun.arg_begin(), E = fun.arg_end();
125 I != E; ++I)
126 {
127 setCurrentLocation(&*I,&fun.getEntryBlock());
128 NodeID argValNodeId = llvmModuleSet()->getValueNode(&*I);
129 // if this is the function does not have caller (e.g. main)
130 // or a dead function, shall we create a black hole address edge for it?
131 // it is (1) too conservative, and (2) make FormalParmVFGNode defined at blackhole address PAGEdge.
132 // if(SVFUtil::ArgInNoCallerFunction(&*I)) {
133 // if(I->getType()->isPointerTy())
134 // addBlackHoleAddrEdge(argValNodeId);
135 //}
136 pag->addFunArgs(svffun,pag->getGNode(argValNodeId));
137 }
138 }
139 for (Function::const_iterator bit = fun.begin(), ebit = fun.end();
140 bit != ebit; ++bit)
141 {
142 const BasicBlock& bb = *bit;
143 for (BasicBlock::const_iterator it = bb.begin(), eit = bb.end();
144 it != eit; ++it)
145 {
146 const Instruction& inst = *it;
147 setCurrentLocation(&inst,&bb);
148 visit(const_cast<Instruction&>(inst));
149 }
150 }
151 }
152 }
153
154 sanityCheck();
155
156 pag->initialiseCandidatePointers();
157
158 pag->setNodeNumAfterPAGBuild(pag->getTotalNodeNum());
159
160 // dump SVFIR
161 if (Options::PAGDotGraph())
162 pag->dump("svfir_initial");
163
164 // print to command line of the SVFIR graph
165 if (Options::PAGPrint())
166 pag->print();
167
168 // dump ICFG
169 if (Options::DumpICFG())
170 pag->getICFG()->dump("icfg_initial");
171
172 if (Options::LoopAnalysis())
173 {
174 LLVMLoopAnalysis loopAnalysis;
175 loopAnalysis.build(pag->getICFG());
176 }
177
178 // dump SVFIR as JSON
179 if (!Options::DumpJson().empty())
180 {
181 assert(false && "please implement SVFIRWriter::writeJsonToPath");
182 }
183
184 double endTime = SVFStat::getClk(true);
185 SVFStat::timeOfBuildingSVFIR = (endTime - startTime) / TIMEINTERVAL;
186
187 return pag;
188}
189
190void SVFIRBuilder::initFunObjVar()
191{
192 for (Module& mod : llvmModuleSet()->getLLVMModules())
193 {
195 for (const Function& f : mod.functions())
196 {
197 FunObjVar* svffun = const_cast<FunObjVar*>(llvmModuleSet()->getFunObjVar(&f));
198 initSVFBasicBlock(&f);
199
200 if (!LLVMUtil::isExtCall(&f))
201 {
202 initDomTree(svffun, &f);
203 }
205 const Function *realfun = llvmModuleSet()->getRealDefFun(&f);
206 svffun->setRelDefFun(realfun == nullptr ? nullptr : llvmModuleSet()->getFunObjVar(realfun));
207 }
208 }
209
210 // Store annotations of functions in extapi.bc
211 for (const auto& pair : llvmModuleSet()->ExtFun2Annotations)
212 {
213 ExtAPI::getExtAPI()->setExtFuncAnnotations(llvmModuleSet()->getFunObjVar(pair.first), pair.second);
214 }
215
216}
217
218void SVFIRBuilder::initSVFBasicBlock(const Function* func)
219{
220 FunObjVar *svfFun = const_cast<FunObjVar *>(llvmModuleSet()->getFunObjVar(func));
221 for (Function::const_iterator bit = func->begin(), ebit = func->end(); bit != ebit; ++bit)
222 {
223 const BasicBlock* bb = &*bit;
224 SVFBasicBlock* svfbb = llvmModuleSet()->getSVFBasicBlock(bb);
225 for (succ_const_iterator succ_it = succ_begin(bb); succ_it != succ_end(bb); succ_it++)
226 {
227 const SVFBasicBlock* svf_scc_bb = llvmModuleSet()->getSVFBasicBlock(*succ_it);
228 svfbb->addSuccBasicBlock(svf_scc_bb);
229 }
230 for (const_pred_iterator pred_it = pred_begin(bb); pred_it != pred_end(bb); pred_it++)
231 {
232 const SVFBasicBlock* svf_pred_bb = llvmModuleSet()->getSVFBasicBlock(*pred_it);
233 svfbb->addPredBasicBlock(svf_pred_bb);
234 }
235
237 if (svfbb->getSuccessors().empty())
238 {
239 if (LLVMUtil::basicBlockHasRetInst(bb))
240 {
241 assert((LLVMUtil::functionDoesNotRet(func) ||
242 SVFUtil::isa<ReturnInst>(bb->back())) &&
243 "last inst must be return inst");
244 svfFun->setExitBlock(svfbb);
245 }
246 }
247 }
248 // For no return functions, we set the last block as exit BB
249 // This ensures that each function that has definition must have an exit BB
250 if (svfFun->hasBasicBlock() && svfFun->exitBlock == nullptr)
251 {
252 SVFBasicBlock* retBB = const_cast<SVFBasicBlock*>(svfFun->back());
253 assert((LLVMUtil::functionDoesNotRet(func) ||
254 SVFUtil::isa<ReturnInst>(&func->back().back())) &&
255 "last inst must be return inst");
256 svfFun->setExitBlock(retBB);
257 }
258}
259
260
261void SVFIRBuilder::initDomTree(FunObjVar* svffun, const Function* fun)
262{
263 if (fun->isDeclaration())
264 return;
265 //process and stored dt & df
266 DominanceFrontier df;
267 DominatorTree& dt = llvmModuleSet()->getDomTree(fun);
268 df.analyze(dt);
269 LoopInfo loopInfo = LoopInfo(dt);
270 PostDominatorTree pdt = PostDominatorTree(const_cast<Function&>(*fun));
271 SVFLoopAndDomInfo* ld = svffun->getLoopAndDomInfo();
272
273 Map<const SVFBasicBlock*,Set<const SVFBasicBlock*>> & dfBBsMap = ld->getDomFrontierMap();
274 for (DominanceFrontierBase::const_iterator dfIter = df.begin(), eDfIter = df.end(); dfIter != eDfIter; dfIter++)
275 {
276 const BasicBlock* keyBB = dfIter->first;
277 const std::set<BasicBlock* >& domSet = dfIter->second;
278 Set<const SVFBasicBlock*>& valueBasicBlocks = dfBBsMap[llvmModuleSet()->getSVFBasicBlock(keyBB)];
279 for (const BasicBlock* bbValue:domSet)
280 {
281 valueBasicBlocks.insert(llvmModuleSet()->getSVFBasicBlock(bbValue));
282 }
283 }
284 std::vector<const SVFBasicBlock*> reachableBBs;
285 LLVMUtil::getFunReachableBBs(fun, reachableBBs);
286 ld->setReachableBBs(reachableBBs);
287
288 for (Function::const_iterator bit = fun->begin(), beit = fun->end(); bit!=beit; ++bit)
289 {
290 const BasicBlock &bb = *bit;
291 SVFBasicBlock* svfBB = llvmModuleSet()->getSVFBasicBlock(&bb);
292 if (DomTreeNode* dtNode = dt.getNode(&bb))
293 {
294 SVFLoopAndDomInfo::BBSet& bbSet = ld->getDomTreeMap()[svfBB];
295 for (const auto domBB : *dtNode)
296 {
297 const auto* domSVFBB = llvmModuleSet()->getSVFBasicBlock(domBB->getBlock());
298 bbSet.insert(domSVFBB);
299 }
300 }
301
302 if (DomTreeNode* pdtNode = pdt.getNode(&bb))
303 {
304 u32_t level = pdtNode->getLevel();
305 ld->getBBPDomLevel()[svfBB] = level;
306 BasicBlock* idomBB = pdtNode->getIDom()->getBlock();
307 const SVFBasicBlock* idom = idomBB == NULL ? NULL: llvmModuleSet()->getSVFBasicBlock(idomBB);
308 ld->getBB2PIdom()[svfBB] = idom;
309
310 SVFLoopAndDomInfo::BBSet& bbSet = ld->getPostDomTreeMap()[svfBB];
311 for (const auto domBB : *pdtNode)
312 {
313 const auto* domSVFBB = llvmModuleSet()->getSVFBasicBlock(domBB->getBlock());
314 bbSet.insert(domSVFBB);
315 }
316 }
317
318 if (const Loop* loop = loopInfo.getLoopFor(&bb))
319 {
320 for (const BasicBlock* loopBlock : loop->getBlocks())
321 {
322 const SVFBasicBlock* loopbb = llvmModuleSet()->getSVFBasicBlock(loopBlock);
323 ld->addToBB2LoopMap(svfBB, loopbb);
324 }
325 }
326 }
327}
328
329void SVFIRBuilder::createFunObjVars()
330{
331 std::vector<FunObjVar*> funset;
332 // Iterate over all object symbols in the symbol table
333 for (const auto* fun: llvmModuleSet()->getFunctionSet())
334 {
335 u32_t id = llvmModuleSet()->objSyms()[fun];
336 // Debug output for adding object node
337 DBOUT(DPAGBuild, outs() << "add obj node " << id << "\n");
338
339 // Check if the value is a function and add a function object node
340 pag->addFunObjNode(id, pag->getObjTypeInfo(id), llvmModuleSet()->getSVFType(fun->getType()), nullptr);
341 llvmModuleSet()->LLVMFun2FunObjVar[fun] = cast<FunObjVar>(pag->getGNode(id));
342
343 FunObjVar *funObjVar = SVFUtil::cast<FunObjVar>(pag->getGNode(id));
344 funset.push_back(funObjVar);
345
346 funObjVar->initFunObjVar(fun->isDeclaration(), LLVMUtil::isIntrinsicFun(fun), fun->hasAddressTaken(),
347 LLVMUtil::isUncalledFunction(fun), LLVMUtil::functionDoesNotRet(fun), fun->isVarArg(),
348 SVFUtil::cast<SVFFunctionType>(llvmModuleSet()->getSVFType(fun->getFunctionType())),
349 new SVFLoopAndDomInfo, nullptr, nullptr,
350 {}, nullptr);
351 BasicBlockGraph* bbGraph = new BasicBlockGraph();
352 funObjVar->setBasicBlockGraph(bbGraph);
353
354
355 for (const BasicBlock& bb : *fun)
356 {
357 llvmModuleSet()->addBasicBlock(funObjVar, &bb);
358 }
359
361 for (auto& bb: *funObjVar->bbGraph)
362 {
363 bb.second->setFun(funObjVar);
364 }
365 llvmModuleSet()->addToSVFVar2LLVMValueMap(fun, pag->getGNode(id));
366 }
367
368 initFunObjVar();
369}
370
371void SVFIRBuilder::initialiseBaseObjVars()
372{
373 // Iterate over all object symbols in the symbol table
374 for (LLVMModuleSet::ValueToIDMapTy::iterator iter =
375 llvmModuleSet()->objSyms().begin(); iter != llvmModuleSet()->objSyms().end();
376 ++iter)
377 {
378 // Debug output for adding object node
379 DBOUT(DPAGBuild, outs() << "add obj node " << iter->second << "\n");
380
381 // Skip blackhole and constant symbols
382 if(iter->second == pag->blackholeSymID() || iter->second == pag->constantSymID())
383 continue;
384
385 // Get the LLVM value corresponding to the symbol
386 const Value* llvmValue = iter->first;
387
388 const ICFGNode* icfgNode = nullptr;
389 if (const Instruction* inst = SVFUtil::dyn_cast<Instruction>(llvmValue))
390 {
391 if(llvmModuleSet()->hasICFGNode(inst))
392 icfgNode = llvmModuleSet()->getICFGNode(inst);
393 }
394
395 // Check if the value is a function and add a function object node
396 if (SVFUtil::dyn_cast<Function>(llvmValue))
397 {
398 // already one
399 }
400 // Check if the value is a heap object and add a heap object node
401 else if (LLVMUtil::isHeapObj(llvmValue))
402 {
403 NodeID id = llvmModuleSet()->getObjectNode(iter->first);
404 pag->addHeapObjNode(iter->second, pag->getObjTypeInfo(id), llvmModuleSet()->getSVFType(llvmValue->getType()), icfgNode);
405 }
406 // Check if the value is an alloca instruction and add a stack object node
407 else if (LLVMUtil::isStackObj(llvmValue))
408 {
409 NodeID id = llvmModuleSet()->getObjectNode(iter->first);
410 pag->addStackObjNode(iter->second, pag->getObjTypeInfo(id), llvmModuleSet()->getSVFType(llvmValue->getType()), icfgNode);
411 }
412 else if (auto fpValue = SVFUtil::dyn_cast<ConstantFP>(llvmValue))
413 {
414 NodeID id = llvmModuleSet()->getObjectNode(iter->first);
415 pag->addConstantFPObjNode(iter->second, pag->getObjTypeInfo(id), LLVMUtil::getDoubleValue(fpValue), llvmModuleSet()->getSVFType(llvmValue->getType()), icfgNode);
416 }
417 else if (auto intValue = SVFUtil::dyn_cast<ConstantInt>(llvmValue))
418 {
419 NodeID id = llvmModuleSet()->getObjectNode(iter->first);
420 pag->addConstantIntObjNode(iter->second, pag->getObjTypeInfo(id), LLVMUtil::getIntegerValue(intValue), llvmModuleSet()->getSVFType(llvmValue->getType()), icfgNode);
421 }
422 else if (SVFUtil::isa<ConstantPointerNull>(llvmValue))
423 {
424 NodeID id = llvmModuleSet()->getObjectNode(iter->first);
425 pag->addConstantNullPtrObjNode(iter->second, pag->getObjTypeInfo(id), llvmModuleSet()->getSVFType(llvmValue->getType()), icfgNode);
426 }
427 else if (SVFUtil::isa<GlobalValue>(llvmValue))
428 {
429 NodeID id = llvmModuleSet()->getObjectNode(iter->first);
430 pag->addGlobalObjNode(iter->second,
431 pag->getObjTypeInfo(id),
432 llvmModuleSet()->getSVFType(llvmValue->getType()), icfgNode);
433 }
434 else if (SVFUtil::isa<ConstantData, MetadataAsValue, BlockAddress>(llvmValue))
435 {
436 NodeID id = llvmModuleSet()->getObjectNode(iter->first);
437 pag->addConstantDataObjNode(iter->second, pag->getObjTypeInfo(id), llvmModuleSet()->getSVFType(llvmValue->getType()), icfgNode);
438 }
439 else if (SVFUtil::isa<ConstantAggregate>(llvmValue))
440 {
441 NodeID id = llvmModuleSet()->getObjectNode(iter->first);
442 pag->addConstantAggObjNode(iter->second, pag->getObjTypeInfo(id), llvmModuleSet()->getSVFType(llvmValue->getType()), icfgNode);
443 }
444 // Add a generic object node for other types of values
445 else
446 {
447 NodeID id = llvmModuleSet()->getObjectNode(iter->first);
448 pag->addObjNode(iter->second,
449 pag->getObjTypeInfo(id), llvmModuleSet()->getSVFType(llvmValue->getType()), icfgNode);
450 }
451 llvmModuleSet()->addToSVFVar2LLVMValueMap(llvmValue, pag->getGNode(iter->second));
452 }
453
454}
455
456void SVFIRBuilder::initialiseValVars()
457{
458 // Iterate over all value symbols in the symbol table
459 for (LLVMModuleSet::ValueToIDMapTy::iterator iter =
460 llvmModuleSet()->valSyms().begin(); iter != llvmModuleSet()->valSyms().end();
461 ++iter)
462 {
463 // Debug output for adding value node
464 DBOUT(DPAGBuild, outs() << "add val node " << iter->second << "\n");
465
466 // Skip blackhole and null pointer symbols
467 if(iter->second == pag->blkPtrSymID() || iter->second == pag->nullPtrSymID())
468 continue;
469
470 const ICFGNode* icfgNode = nullptr;
471 auto llvmValue = iter->first;
472 if (const Instruction* inst =
473 SVFUtil::dyn_cast<Instruction>(llvmValue))
474 {
475 if (llvmModuleSet()->hasICFGNode(inst))
476 {
477 icfgNode = llvmModuleSet()->getICFGNode(inst);
478 }
479 }
480
481 // Check if the value is a function and get its call graph node
482 if (const Function* func = SVFUtil::dyn_cast<Function>(llvmValue))
483 {
484 // add value node representing the function
485 pag->addFunValNode(iter->second, icfgNode, llvmModuleSet()->getFunObjVar(func), llvmModuleSet()->getSVFType(llvmValue->getType()));
486 }
487 else if (auto argval = SVFUtil::dyn_cast<Argument>(llvmValue))
488 {
489 pag->addArgValNode(
490 iter->second, argval->getArgNo(), icfgNode,
491 llvmModuleSet()->getFunObjVar(argval->getParent()),llvmModuleSet()->getSVFType(llvmValue->getType()));
492 if (!argval->hasName())
493 pag->getGNode(iter->second)->setName("arg_" + std::to_string(argval->getArgNo()));
494 }
495 else if (auto fpValue = SVFUtil::dyn_cast<ConstantFP>(llvmValue))
496 {
497 pag->addConstantFPValNode(iter->second, LLVMUtil::getDoubleValue(fpValue), icfgNode, llvmModuleSet()->getSVFType(llvmValue->getType()));
498 }
499 else if (auto intValue = SVFUtil::dyn_cast<ConstantInt>(llvmValue))
500 {
501 pag->addConstantIntValNode(iter->second, LLVMUtil::getIntegerValue(intValue), icfgNode, llvmModuleSet()->getSVFType(llvmValue->getType()));
502 }
503 else if (SVFUtil::isa<ConstantPointerNull>(llvmValue))
504 {
505 pag->addConstantNullPtrValNode(iter->second, icfgNode, llvmModuleSet()->getSVFType(llvmValue->getType()));
506 }
507 else if (SVFUtil::isa<GlobalValue>(llvmValue))
508 {
509 pag->addGlobalValNode(iter->second, icfgNode,
510 llvmModuleSet()->getSVFType(llvmValue->getType()));
511 }
512 else if (SVFUtil::isa<ConstantData, MetadataAsValue, BlockAddress>(llvmValue))
513 {
514 pag->addConstantDataValNode(iter->second, icfgNode, llvmModuleSet()->getSVFType(llvmValue->getType()));
515 }
516 else if (SVFUtil::isa<ConstantAggregate>(llvmValue))
517 {
518 pag->addConstantAggValNode(iter->second, icfgNode, llvmModuleSet()->getSVFType(llvmValue->getType()));
519 }
520 else
521 {
522 // Add value node to PAG
523 pag->addValNode(iter->second, llvmModuleSet()->getSVFType(llvmValue->getType()), icfgNode);
524 }
525 llvmModuleSet()->addToSVFVar2LLVMValueMap(llvmValue,
526 pag->getGNode(iter->second));
527 }
528}
529
530
531/*
532 * Initial all the nodes from symbol table
533 */
534void SVFIRBuilder::initialiseNodes()
535{
536 DBOUT(DPAGBuild, outs() << "Initialise SVFIR Nodes ...\n");
537
538
539 pag->addBlackholeObjNode();
540 pag->addConstantObjNode();
541 pag->addBlackholePtrNode();
542 addNullPtrNode();
543
544 initialiseBaseObjVars();
545 initialiseValVars();
546
547 for (LLVMModuleSet::FunToIDMapTy::iterator iter =
548 llvmModuleSet()->retSyms().begin(); iter != llvmModuleSet()->retSyms().end();
549 ++iter)
550 {
551 const Value* llvmValue = iter->first;
552 const ICFGNode* icfgNode = nullptr;
553 if (const Instruction* inst = SVFUtil::dyn_cast<Instruction>(llvmValue))
554 {
555 if(llvmModuleSet()->hasICFGNode(inst))
556 icfgNode = llvmModuleSet()->getICFGNode(inst);
557 }
558 DBOUT(DPAGBuild, outs() << "add ret node " << iter->second << "\n");
559 pag->addRetNode(iter->second,
560 llvmModuleSet()->getFunObjVar(SVFUtil::cast<Function>(llvmValue)),
561 llvmModuleSet()->getSVFType(iter->first->getType()), icfgNode);
562 llvmModuleSet()->addToSVFVar2LLVMValueMap(llvmValue, pag->getGNode(iter->second));
563 const FunObjVar* funObjVar = llvmModuleSet()->getFunObjVar(SVFUtil::cast<Function>(llvmValue));
564 pag->returnFunObjSymMap[funObjVar] = iter->second;
565 }
566
567 for (LLVMModuleSet::FunToIDMapTy::iterator iter =
568 llvmModuleSet()->varargSyms().begin();
569 iter != llvmModuleSet()->varargSyms().end(); ++iter)
570 {
571 const Value* llvmValue = iter->first;
572
573 const ICFGNode *icfgNode = nullptr;
574 if (const Instruction *inst = SVFUtil::dyn_cast<Instruction>(llvmValue))
575 {
576 if (llvmModuleSet()->hasICFGNode(inst))
577 icfgNode = llvmModuleSet()->getICFGNode(inst);
578 }
579 DBOUT(DPAGBuild, outs() << "add vararg node " << iter->second << "\n");
580 pag->addVarargNode(iter->second,
581 llvmModuleSet()->getFunObjVar(SVFUtil::cast<Function>(llvmValue)),
582 llvmModuleSet()->getSVFType(iter->first->getType()), icfgNode);
583 llvmModuleSet()->addToSVFVar2LLVMValueMap(llvmValue, pag->getGNode(iter->second));
584 const FunObjVar* funObjVar = llvmModuleSet()->getFunObjVar(SVFUtil::cast<Function>(llvmValue));
585 pag->varargFunObjSymMap[funObjVar] = iter->second;
586 }
587
589 for (LLVMModuleSet::ValueToIDMapTy::iterator iter =
590 llvmModuleSet()->objSyms().begin(); iter != llvmModuleSet()->objSyms().end(); ++iter)
591 {
592 DBOUT(DPAGBuild, outs() << "add address edges for constant node " << iter->second << "\n");
593 const Value* val = iter->first;
594 if (isConstantObjSym(val))
595 {
596 NodeID ptr = llvmModuleSet()->getValueNode(val);
597 if(ptr!= pag->getBlkPtr() && ptr!= pag->getNullPtr())
598 {
599 setCurrentLocation(val, (SVFBasicBlock*) nullptr);
600 addAddrEdge(iter->second, ptr);
601 }
602 }
603 }
604
605 assert(pag->getTotalNodeNum() >= pag->getTotalSymNum()
606 && "not all node have been initialized!!!");
607
609 for (auto& fun: llvmModuleSet()->getFunctionSet())
610 {
611 for (const Argument& arg : fun->args())
612 {
613 const_cast<FunObjVar*>(llvmModuleSet()->getFunObjVar(fun))->addArgument(SVFUtil::cast<ArgValVar>(
614 pag->getGNode(llvmModuleSet()->getValueNode(&arg))));
615 }
616 }
617
618}
619
620/*
621 https://github.com/SVF-tools/SVF/issues/524
622 Handling single value types, for constant index, including pointer, integer, etc
623 e.g. field_idx = getelementptr i8, %i8* %p, i64 -4
624 We can obtain the field index by inferring the byteoffset if %p is casted from a pointer to a struct
625 For another example, the following can be an array access.
626 e.g. field_idx = getelementptr i8, %struct_type %p, i64 1
627
628*/
629u32_t SVFIRBuilder::inferFieldIdxFromByteOffset(const llvm::GEPOperator* gepOp, DataLayout *dl, AccessPath& ap, APOffset idx)
630{
631 return 0;
632}
633
640bool SVFIRBuilder::computeGepOffset(const User *V, AccessPath& ap)
641{
642 assert(V);
643
644 const llvm::GEPOperator *gepOp = SVFUtil::dyn_cast<const llvm::GEPOperator>(V);
645 DataLayout * dataLayout = getDataLayout(llvmModuleSet()->getMainLLVMModule());
646 llvm::APInt byteOffset(dataLayout->getIndexSizeInBits(gepOp->getPointerAddressSpace()),0,true);
647 if(gepOp && dataLayout && gepOp->accumulateConstantOffset(*dataLayout,byteOffset))
648 {
649 //s32_t bo = byteOffset.getSExtValue();
650 }
651
652 bool isConst = true;
653
654 bool prevPtrOperand = false;
655 for (bridge_gep_iterator gi = bridge_gep_begin(*V), ge = bridge_gep_end(*V);
656 gi != ge; ++gi)
657 {
658 const Type* gepTy = *gi;
659 const SVFType* svfGepTy = llvmModuleSet()->getSVFType(gepTy);
660
661 assert((prevPtrOperand && svfGepTy->isPointerTy()) == false &&
662 "Expect no more than one gep operand to be of a pointer type");
663 if(!prevPtrOperand && svfGepTy->isPointerTy()) prevPtrOperand = true;
664 const Value* offsetVal = gi.getOperand();
665 assert(gepTy != offsetVal->getType() && "iteration and operand have the same type?");
666 ap.addOffsetVarAndGepTypePair(getPAG()->getGNode(llvmModuleSet()->getValueNode(offsetVal)), svfGepTy);
667
668 //The int value of the current index operand
669 const ConstantInt* op = SVFUtil::dyn_cast<ConstantInt>(offsetVal);
670
671 // if Options::ModelConsts() is disabled. We will treat whole array as one,
672 // but we can distinguish different field of an array of struct, e.g. s[1].f1 is different from s[0].f2
673 if(const ArrayType* arrTy = SVFUtil::dyn_cast<ArrayType>(gepTy))
674 {
675 if(!op || (arrTy->getArrayNumElements() <= (u32_t)LLVMUtil::getIntegerValue(op).first))
676 continue;
677 APOffset idx = (u32_t)LLVMUtil::getIntegerValue(op).first;
678 u32_t offset = pag->getFlattenedElemIdx(llvmModuleSet()->getSVFType(arrTy), idx);
679 ap.setFldIdx(ap.getConstantStructFldIdx() + offset);
680 }
681 else if (const StructType *ST = SVFUtil::dyn_cast<StructType>(gepTy))
682 {
683 assert(op && "non-const offset accessing a struct");
684 //The actual index
685 APOffset idx = (u32_t)LLVMUtil::getIntegerValue(op).first;
686 u32_t offset = pag->getFlattenedElemIdx(llvmModuleSet()->getSVFType(ST), idx);
687 ap.setFldIdx(ap.getConstantStructFldIdx() + offset);
688 }
689 else if (gepTy->isSingleValueType())
690 {
691 // If it's a non-constant offset access
692 // If its point-to target is struct or array, it's likely an array accessing (%result = gep %struct.A* %a, i32 %non-const-index)
693 // If its point-to target is single value (pointer arithmetic), then it's a variant gep (%result = gep i8* %p, i32 %non-const-index)
694 if(!op && gepTy->isPointerTy() && gepOp->getSourceElementType()->isSingleValueType())
695 {
696 isConst = false;
697 }
698
699 // The actual index
700 //s32_t idx = op->getSExtValue();
701
702 // For pointer arithmetic we ignore the byte offset
703 // consider using inferFieldIdxFromByteOffset(geopOp,dataLayout,ap,idx)?
704 // ap.setFldIdx(ap.getConstantFieldIdx() + inferFieldIdxFromByteOffset(geopOp,idx));
705 }
706 }
707 return isConst;
708}
709
713void SVFIRBuilder::processCE(const Value* val)
714{
715 if (const Constant* ref = SVFUtil::dyn_cast<Constant>(val))
716 {
717 if (const ConstantExpr* gepce = isGepConstantExpr(ref))
718 {
719 DBOUT(DPAGBuild, outs() << "handle gep constant expression " << llvmModuleSet()->getSVFValue(ref)->toString() << "\n");
720 const Constant* opnd = gepce->getOperand(0);
721 // handle recursive constant express case (gep (bitcast (gep X 1)) 1)
722 processCE(opnd);
723 auto &GEPOp = llvm::cast<llvm::GEPOperator>(*gepce);
724 Type *pType = GEPOp.getSourceElementType();
725 AccessPath ap(0, llvmModuleSet()->getSVFType(pType));
726 bool constGep = computeGepOffset(gepce, ap);
727 // must invoke pag methods here, otherwise it will be a dead recursion cycle
728 const Value* cval = getCurrentValue();
729 const SVFBasicBlock* cbb = getCurrentBB();
730 setCurrentLocation(gepce, (SVFBasicBlock*) nullptr);
731 /*
732 * The gep edge created are like constexpr (same edge may appear at multiple callsites)
733 * so bb/inst of this edge may be rewritten several times, we treat it as global here.
734 */
735 addGepEdge(llvmModuleSet()->getValueNode(opnd), llvmModuleSet()->getValueNode(gepce), ap, constGep);
736 setCurrentLocation(cval, cbb);
737 }
738 else if (const ConstantExpr* castce = isCastConstantExpr(ref))
739 {
740 DBOUT(DPAGBuild, outs() << "handle cast constant expression " << llvmModuleSet()->getSVFValue(ref)->toString() << "\n");
741 const Constant* opnd = castce->getOperand(0);
742 processCE(opnd);
743 const Value* cval = getCurrentValue();
744 const SVFBasicBlock* cbb = getCurrentBB();
745 setCurrentLocation(castce, (SVFBasicBlock*) nullptr);
746 addCopyEdge(llvmModuleSet()->getValueNode(opnd), llvmModuleSet()->getValueNode(castce), CopyStmt::BITCAST);
747 setCurrentLocation(cval, cbb);
748 }
749 else if (const ConstantExpr* selectce = isSelectConstantExpr(ref))
750 {
751 DBOUT(DPAGBuild, outs() << "handle select constant expression " << llvmModuleSet()->getSVFValue(ref)->toString() << "\n");
752 const Constant* src1 = selectce->getOperand(1);
753 const Constant* src2 = selectce->getOperand(2);
754 processCE(src1);
755 processCE(src2);
756 const Value* cval = getCurrentValue();
757 const SVFBasicBlock* cbb = getCurrentBB();
758 setCurrentLocation(selectce, (SVFBasicBlock*) nullptr);
759 NodeID cond = llvmModuleSet()->getValueNode(selectce->getOperand(0));
760 NodeID nsrc1 = llvmModuleSet()->getValueNode(src1);
761 NodeID nsrc2 = llvmModuleSet()->getValueNode(src2);
762 NodeID nres = llvmModuleSet()->getValueNode(selectce);
763 addSelectStmt(nres,nsrc1, nsrc2, cond);
764 setCurrentLocation(cval, cbb);
765 }
766 // if we meet a int2ptr, then it points-to black hole
767 else if (const ConstantExpr* int2Ptrce = isInt2PtrConstantExpr(ref))
768 {
769 const Constant* opnd = int2Ptrce->getOperand(0);
770 processCE(opnd);
771 const SVFBasicBlock* cbb = getCurrentBB();
772 const Value* cval = getCurrentValue();
773 setCurrentLocation(int2Ptrce, (SVFBasicBlock*) nullptr);
774 addCopyEdge(llvmModuleSet()->getValueNode(opnd), llvmModuleSet()->getValueNode(int2Ptrce), CopyStmt::INTTOPTR);
775 setCurrentLocation(cval, cbb);
776 }
777 else if (const ConstantExpr* ptr2Intce = isPtr2IntConstantExpr(ref))
778 {
779 const Constant* opnd = ptr2Intce->getOperand(0);
780 processCE(opnd);
781 const SVFBasicBlock* cbb = getCurrentBB();
782 const Value* cval = getCurrentValue();
783 setCurrentLocation(ptr2Intce, (SVFBasicBlock*) nullptr);
784 addCopyEdge(llvmModuleSet()->getValueNode(opnd), llvmModuleSet()->getValueNode(ptr2Intce), CopyStmt::PTRTOINT);
785 setCurrentLocation(cval, cbb);
786 }
787 else if(isTruncConstantExpr(ref) || isCmpConstantExpr(ref))
788 {
789 // we don't handle trunc and cmp instruction for now
790 const Value* cval = getCurrentValue();
791 const SVFBasicBlock* cbb = getCurrentBB();
792 setCurrentLocation(ref, (SVFBasicBlock*) nullptr);
793 NodeID dst = llvmModuleSet()->getValueNode(ref);
794 addBlackHoleAddrEdge(dst);
795 setCurrentLocation(cval, cbb);
796 }
797 else if (isBinaryConstantExpr(ref))
798 {
799 // we don't handle binary constant expression like add(x,y) now
800 const Value* cval = getCurrentValue();
801 const SVFBasicBlock* cbb = getCurrentBB();
802 setCurrentLocation(ref, (SVFBasicBlock*) nullptr);
803 NodeID dst = llvmModuleSet()->getValueNode(ref);
804 addBlackHoleAddrEdge(dst);
805 setCurrentLocation(cval, cbb);
806 }
807 else if (isUnaryConstantExpr(ref))
808 {
809 // we don't handle unary constant expression like fneg(x) now
810 const Value* cval = getCurrentValue();
811 const SVFBasicBlock* cbb = getCurrentBB();
812 setCurrentLocation(ref, (SVFBasicBlock*) nullptr);
813 NodeID dst = llvmModuleSet()->getValueNode(ref);
814 addBlackHoleAddrEdge(dst);
815 setCurrentLocation(cval, cbb);
816 }
817 else if (SVFUtil::isa<ConstantAggregate>(ref))
818 {
819 // we don't handle constant aggregate like constant vectors
820 }
821 else if (SVFUtil::isa<BlockAddress>(ref))
822 {
823 // blockaddress instruction (e.g. i8* blockaddress(@run_vm, %182))
824 // is treated as constant data object for now, see LLVMUtil.h:397, SymbolTableInfo.cpp:674 and SVFIRBuilder.cpp:183-194
825 const Value* cval = getCurrentValue();
826 const SVFBasicBlock* cbb = getCurrentBB();
827 setCurrentLocation(ref, (SVFBasicBlock*) nullptr);
828 NodeID dst = llvmModuleSet()->getValueNode(ref);
829 addAddrEdge(pag->getConstantNode(), dst);
830 setCurrentLocation(cval, cbb);
831 }
832 else
833 {
834 if(SVFUtil::isa<ConstantExpr>(val))
835 assert(false && "we don't handle all other constant expression for now!");
836 }
837 }
838}
844NodeID SVFIRBuilder::getGlobalVarField(const GlobalVariable *gvar, u32_t offset, SVFType* tpy)
845{
846
847 // if the global variable do not have any field needs to be initialized
848 if (offset == 0 && gvar->getInitializer()->getType()->isSingleValueType())
849 {
850 return getValueNode(gvar);
851 }
854 else
855 {
856 return getGepValVar(gvar, AccessPath(offset), tpy);
857 }
858}
859
860/*For global variable initialization
861 * Give a simple global variable
862 * int x = 10; // store 10 x (constant, non pointer) |
863 * int *y = &x; // store x y (pointer type)
864 * Given a struct
865 * struct Z { int s; int *t;};
866 * Global initialization:
867 * struct Z z = {10,&x}; // store x z.t (struct type)
868 * struct Z *m = &z; // store z m (pointer type)
869 * struct Z n = {10,&z.s}; // store z.s n , &z.s constant expression (constant expression)
870 */
871void SVFIRBuilder::InitialGlobal(const GlobalVariable *gvar, Constant *C,
872 u32_t offset)
873{
874 DBOUT(DPAGBuild, outs() << "global " << llvmModuleSet()->getSVFValue(gvar)->toString() << " constant initializer: " << llvmModuleSet()->getSVFValue(C)->toString() << "\n");
875 if (C->getType()->isSingleValueType())
876 {
877 NodeID src = getValueNode(C);
878 // get the field value if it is available, otherwise we create a dummy field node.
879 setCurrentLocation(gvar, (SVFBasicBlock*) nullptr);
880 NodeID field = getGlobalVarField(gvar, offset, llvmModuleSet()->getSVFType(C->getType()));
881
882 if (SVFUtil::isa<GlobalVariable, Function>(C))
883 {
884 setCurrentLocation(C, (SVFBasicBlock*) nullptr);
885 addStoreEdge(src, field);
886 }
887 else if (SVFUtil::isa<ConstantExpr>(C))
888 {
889 // add gep edge of C1 itself is a constant expression
890 processCE(C);
891 setCurrentLocation(C, (SVFBasicBlock*) nullptr);
892 addStoreEdge(src, field);
893 }
894 else if (SVFUtil::isa<BlockAddress>(C))
895 {
896 // blockaddress instruction (e.g. i8* blockaddress(@run_vm, %182))
897 // is treated as constant data object for now, see LLVMUtil.h:397, SymbolTableInfo.cpp:674 and SVFIRBuilder.cpp:183-194
898 processCE(C);
899 setCurrentLocation(C, (SVFBasicBlock*) nullptr);
900 addAddrEdge(pag->getConstantNode(), src);
901 }
902 else
903 {
904 setCurrentLocation(C, (SVFBasicBlock*) nullptr);
905 addStoreEdge(src, field);
907 if (C->getType()->isPtrOrPtrVectorTy() && src != pag->getNullPtr())
908 addCopyEdge(pag->getNullPtr(), src, CopyStmt::COPYVAL);
909 }
910 }
911 else if (SVFUtil::isa<ConstantArray, ConstantStruct>(C))
912 {
913 if(cppUtil::isValVtbl(gvar) && !Options::VtableInSVFIR())
914 return;
915 for (u32_t i = 0, e = C->getNumOperands(); i != e; i++)
916 {
917 u32_t off = pag->getFlattenedElemIdx(llvmModuleSet()->getSVFType(C->getType()), i);
918 InitialGlobal(gvar, SVFUtil::cast<Constant>(C->getOperand(i)), offset + off);
919 }
920 }
921 else if(ConstantData* data = SVFUtil::dyn_cast<ConstantData>(C))
922 {
923 if(Options::ModelConsts())
924 {
925 if(ConstantDataSequential* seq = SVFUtil::dyn_cast<ConstantDataSequential>(data))
926 {
927 for(u32_t i = 0; i < seq->getNumElements(); i++)
928 {
929 u32_t off = pag->getFlattenedElemIdx(llvmModuleSet()->getSVFType(C->getType()), i);
930 Constant* ct = seq->getElementAsConstant(i);
931 InitialGlobal(gvar, ct, offset + off);
932 }
933 }
934 else
935 {
936 assert((SVFUtil::isa<ConstantAggregateZero, UndefValue>(data)) && "Single value type data should have been handled!");
937 }
938 }
939 }
940 else
941 {
942 //TODO:assert(SVFUtil::isa<ConstantVector>(C),"what else do we have");
943 }
944}
945
949void SVFIRBuilder::visitGlobal()
950{
951
953 for (Module &M : llvmModuleSet()->getLLVMModules())
954 {
955 for (Module::global_iterator I = M.global_begin(), E = M.global_end(); I != E; ++I)
956 {
957 GlobalVariable *gvar = &*I;
958 NodeID idx = getValueNode(gvar);
959 NodeID obj = getObjectNode(gvar);
960
961 setCurrentLocation(gvar, (SVFBasicBlock*) nullptr);
962 addAddrEdge(obj, idx);
963
964 if (gvar->hasInitializer())
965 {
966 Constant *C = gvar->getInitializer();
967 DBOUT(DPAGBuild, outs() << "add global var node " << llvmModuleSet()->getSVFValue(gvar)->toString() << "\n");
968 InitialGlobal(gvar, C, 0);
969 }
970 }
971
972
974 for (Module::const_iterator I = M.begin(), E = M.end(); I != E; ++I)
975 {
976 const Function* fun = &*I;
977 NodeID idx = getValueNode(fun);
978 NodeID obj = getObjectNode(fun);
979
980 DBOUT(DPAGBuild, outs() << "add global function node " << fun->getName().str() << "\n");
981 setCurrentLocation(fun, (SVFBasicBlock*) nullptr);
982 addAddrEdge(obj, idx);
983 }
984
985 // Handle global aliases (due to linkage of multiple bc files), e.g., @x = internal alias @y. We need to add a copy from y to x.
986 for (Module::alias_iterator I = M.alias_begin(), E = M.alias_end(); I != E; I++)
987 {
988 const GlobalAlias* alias = &*I;
989 NodeID dst = llvmModuleSet()->getValueNode(alias);
990 NodeID src = llvmModuleSet()->getValueNode(alias->getAliasee());
991 processCE(alias->getAliasee());
992 setCurrentLocation(alias, (SVFBasicBlock*) nullptr);
993 addCopyEdge(src, dst, CopyStmt::COPYVAL);
994 }
995 }
996}
997
1002void SVFIRBuilder::visitAllocaInst(AllocaInst &inst)
1003{
1004
1005 // AllocaInst should always be a pointer type
1006 assert(SVFUtil::isa<PointerType>(inst.getType()));
1007
1008 DBOUT(DPAGBuild, outs() << "process alloca " << llvmModuleSet()->getSVFValue(&inst)->toString() << " \n");
1009 NodeID dst = getValueNode(&inst);
1010
1011 NodeID src = getObjectNode(&inst);
1012
1013 addAddrWithStackArraySz(src, dst, inst);
1014
1015}
1016
1020void SVFIRBuilder::visitPHINode(PHINode &inst)
1021{
1022
1023 DBOUT(DPAGBuild, outs() << "process phi " << llvmModuleSet()->getSVFValue(&inst)->toString() << " \n");
1024
1025 NodeID dst = getValueNode(&inst);
1026
1027 for (u32_t i = 0; i < inst.getNumIncomingValues(); ++i)
1028 {
1029 const Value* val = inst.getIncomingValue(i);
1030 const Instruction* incomingInst = SVFUtil::dyn_cast<Instruction>(val);
1031 bool matched = (incomingInst == nullptr ||
1032 incomingInst->getFunction() == inst.getFunction());
1033 (void) matched; // Suppress warning of unused variable under release build
1034 assert(matched && "incomingInst's Function incorrect");
1035 const Instruction* predInst = &inst.getIncomingBlock(i)->back();
1036 const ICFGNode* icfgNode = llvmModuleSet()->getICFGNode(predInst);
1037 NodeID src = getValueNode(val);
1038 addPhiStmt(dst,src,icfgNode);
1039 }
1040}
1041
1042/*
1043 * Visit load instructions
1044 */
1045void SVFIRBuilder::visitLoadInst(LoadInst &inst)
1046{
1047 DBOUT(DPAGBuild, outs() << "process load " << llvmModuleSet()->getSVFValue(&inst)->toString() << " \n");
1048
1049 NodeID dst = getValueNode(&inst);
1050
1051 NodeID src = getValueNode(inst.getPointerOperand());
1052
1053 addLoadEdge(src, dst);
1054}
1055
1059void SVFIRBuilder::visitStoreInst(StoreInst &inst)
1060{
1061 // StoreInst itself should always not be a pointer type
1062 assert(!SVFUtil::isa<PointerType>(inst.getType()));
1063
1064 DBOUT(DPAGBuild, outs() << "process store " << llvmModuleSet()->getSVFValue(&inst)->toString() << " \n");
1065
1066 NodeID dst = getValueNode(inst.getPointerOperand());
1067
1068 NodeID src = getValueNode(inst.getValueOperand());
1069
1070 addStoreEdge(src, dst);
1071
1072}
1073
1077void SVFIRBuilder::visitGetElementPtrInst(GetElementPtrInst &inst)
1078{
1079
1080 NodeID dst = getValueNode(&inst);
1081 // GetElementPtrInst should always be a pointer or a vector contains pointers
1082 // for now we don't handle vector type here
1083 if(SVFUtil::isa<VectorType>(inst.getType()))
1084 {
1085 addBlackHoleAddrEdge(dst);
1086 return;
1087 }
1088
1089 assert(SVFUtil::isa<PointerType>(inst.getType()));
1090
1091 DBOUT(DPAGBuild, outs() << "process gep " << llvmModuleSet()->getSVFValue(&inst)->toString() << " \n");
1092
1093 NodeID src = getValueNode(inst.getPointerOperand());
1094
1095 AccessPath ap(0, llvmModuleSet()->getSVFType(inst.getSourceElementType()));
1096 bool constGep = computeGepOffset(&inst, ap);
1097 addGepEdge(src, dst, ap, constGep);
1098}
1099
1100/*
1101 * Visit cast instructions
1102 */
1103void SVFIRBuilder::visitCastInst(CastInst &inst)
1104{
1105
1106 DBOUT(DPAGBuild, outs() << "process cast " << llvmModuleSet()->getSVFValue(&inst)->toString() << " \n");
1107 NodeID dst = getValueNode(&inst);
1108
1109 const Value* opnd = inst.getOperand(0);
1110 NodeID src = getValueNode(opnd);
1111 addCopyEdge(src, dst, getCopyKind(&inst));
1112}
1113
1117void SVFIRBuilder::visitBinaryOperator(BinaryOperator &inst)
1118{
1119 NodeID dst = getValueNode(&inst);
1120 assert(inst.getNumOperands() == 2 && "not two operands for BinaryOperator?");
1121 Value* op1 = inst.getOperand(0);
1122 NodeID op1Node = getValueNode(op1);
1123 Value* op2 = inst.getOperand(1);
1124 NodeID op2Node = getValueNode(op2);
1125 u32_t opcode = inst.getOpcode();
1126 addBinaryOPEdge(op1Node, op2Node, dst, opcode);
1127}
1128
1132void SVFIRBuilder::visitUnaryOperator(UnaryOperator &inst)
1133{
1134 NodeID dst = getValueNode(&inst);
1135 assert(inst.getNumOperands() == 1 && "not one operand for Unary instruction?");
1136 Value* opnd = inst.getOperand(0);
1137 NodeID src = getValueNode(opnd);
1138 u32_t opcode = inst.getOpcode();
1139 addUnaryOPEdge(src, dst, opcode);
1140}
1141
1145void SVFIRBuilder::visitCmpInst(CmpInst &inst)
1146{
1147 NodeID dst = getValueNode(&inst);
1148 assert(inst.getNumOperands() == 2 && "not two operands for compare instruction?");
1149 Value* op1 = inst.getOperand(0);
1150 NodeID op1Node = getValueNode(op1);
1151 Value* op2 = inst.getOperand(1);
1152 NodeID op2Node = getValueNode(op2);
1153 u32_t predicate = inst.getPredicate();
1154 addCmpEdge(op1Node, op2Node, dst, predicate);
1155}
1156
1157
1161void SVFIRBuilder::visitSelectInst(SelectInst &inst)
1162{
1163
1164 DBOUT(DPAGBuild, outs() << "process select " << llvmModuleSet()->getSVFValue(&inst)->toString() << " \n");
1165
1166 NodeID dst = getValueNode(&inst);
1167 NodeID src1 = getValueNode(inst.getTrueValue());
1168 NodeID src2 = getValueNode(inst.getFalseValue());
1169 NodeID cond = getValueNode(inst.getCondition());
1171 addSelectStmt(dst,src1,src2, cond);
1172}
1173
1178
1183
1188
1189/*
1190 * Visit callsites
1191 */
1192void SVFIRBuilder::visitCallSite(CallBase* cs)
1193{
1194
1195 // skip llvm intrinsics
1196 if(isIntrinsicInst(cs))
1197 return;
1198
1199 DBOUT(DPAGBuild,
1200 outs() << "process callsite " << svfcall->valueOnlyToString() << "\n");
1201
1202
1203 CallICFGNode* callBlockNode = llvmModuleSet()->getCallICFGNode(cs);
1204 RetICFGNode* retBlockNode = llvmModuleSet()->getRetICFGNode(cs);
1205
1206 pag->addCallSite(callBlockNode);
1207
1209 for (u32_t i = 0; i < cs->arg_size(); i++)
1210 pag->addCallSiteArgs(
1211 callBlockNode,
1212 SVFUtil::cast<ValVar>(pag->getGNode(getValueNode(cs->getArgOperand(i)))));
1213
1214 if(!cs->getType()->isVoidTy())
1215 pag->addCallSiteRets(retBlockNode,pag->getGNode(getValueNode(cs)));
1216
1217 if (callBlockNode->isVirtualCall())
1218 {
1219 const Value* value = cppUtil::getVCallVtblPtr(cs);
1220 callBlockNode->setVtablePtr(pag->getGNode(getValueNode(value)));
1221 }
1222 if (const Function *callee = LLVMUtil::getCallee(cs))
1223 {
1224 if (LLVMUtil::isExtCall(callee))
1225 {
1226 handleExtCall(cs, callee);
1227 }
1228 else
1229 {
1230 handleDirectCall(cs, callee);
1231 }
1232 }
1233 else
1234 {
1235 //If the callee was not identified as a function (null F), this is indirect.
1236 handleIndCall(cs);
1237 }
1238}
1239
1243void SVFIRBuilder::visitReturnInst(ReturnInst &inst)
1244{
1245
1246 // ReturnInst itself should always not be a pointer type
1247 assert(!SVFUtil::isa<PointerType>(inst.getType()));
1248
1249 DBOUT(DPAGBuild, outs() << "process return " << llvmModuleSet()->getSVFValue(&inst)->toString() << " \n");
1250
1251 if(Value* src = inst.getReturnValue())
1252 {
1253 const FunObjVar *F = llvmModuleSet()->getFunObjVar(inst.getParent()->getParent());
1254
1255 NodeID rnF = getReturnNode(F);
1256 NodeID vnS = getValueNode(src);
1257 const ICFGNode* icfgNode = llvmModuleSet()->getICFGNode(&inst);
1258 //vnS may be null if src is a null ptr
1259 addPhiStmt(rnF,vnS,icfgNode);
1260 }
1261}
1262
1263
1277
1291
1296void SVFIRBuilder::visitBranchInst(BranchInst &inst)
1297{
1298 NodeID brinst = getValueNode(&inst);
1299 NodeID cond;
1300 if (inst.isConditional())
1301 cond = getValueNode(inst.getCondition());
1302 else
1303 cond = pag->getNullPtr();
1304
1305 assert(inst.getNumSuccessors() <= 2 && "if/else has more than two branches?");
1306
1307 BranchStmt::SuccAndCondPairVec successors;
1308 std::vector<const Instruction*> nextInsts;
1309 LLVMUtil::getNextInsts(&inst, nextInsts);
1310 u32_t branchID = 0;
1311 for (const Instruction* succInst : nextInsts)
1312 {
1313 assert(branchID <= 1 && "if/else has more than two branches?");
1314 const ICFGNode* icfgNode = llvmModuleSet()->getICFGNode(succInst);
1315 successors.push_back(std::make_pair(icfgNode, 1-branchID));
1316 branchID++;
1317 }
1318 addBranchStmt(brinst, cond, successors);
1320 if (inst.isConditional())
1321 {
1322 for (auto& edge : llvmModuleSet()->getICFGNode(&inst)->getOutEdges())
1323 {
1324 if (IntraCFGEdge* intraEdge = SVFUtil::dyn_cast<IntraCFGEdge>(edge))
1325 {
1326 intraEdge->setConditionVar(pag->getGNode(cond));
1327 }
1328 }
1329 }
1330}
1331
1332
1376
1378void SVFIRBuilder::visitSwitchInst(SwitchInst &inst)
1379{
1380 NodeID brinst = getValueNode(&inst);
1381 NodeID cond = getValueNode(inst.getCondition());
1382
1383 BranchStmt::SuccAndCondPairVec successors;
1384 std::vector<const Instruction*> nextInsts;
1385 LLVMUtil::getNextInsts(&inst, nextInsts);
1386 for (const Instruction* succInst : nextInsts)
1387 {
1389 const ConstantInt* condVal = inst.findCaseDest(const_cast<BasicBlock*>(succInst->getParent()));
1391 s64_t val = -1;
1392 if (condVal && condVal->getBitWidth() <= 64)
1393 val = (u32_t)LLVMUtil::getIntegerValue(condVal).first;
1394 const ICFGNode* icfgNode = llvmModuleSet()->getICFGNode(succInst);
1395 successors.push_back(std::make_pair(icfgNode, val));
1396 }
1397 addBranchStmt(brinst, cond, successors);
1399 for (auto& edge : llvmModuleSet()->getICFGNode(&inst)->getOutEdges())
1400 {
1401 if (IntraCFGEdge* intraEdge = SVFUtil::dyn_cast<IntraCFGEdge>(edge))
1402 {
1403 intraEdge->setConditionVar(pag->getGNode(cond));
1404 }
1405 }
1406}
1407
1408
1414void SVFIRBuilder::visitVAArgInst(VAArgInst &inst)
1415{
1416 NodeID dst = getValueNode(&inst);
1417 Value* opnd = inst.getPointerOperand();
1418 NodeID src = getValueNode(opnd);
1419 addCopyEdge(src, dst, CopyStmt::COPYVAL);
1420}
1421
1426void SVFIRBuilder::visitFreezeInst(FreezeInst &inst)
1427{
1428 NodeID dst = getValueNode(&inst);
1429 for (u32_t i = 0; i < inst.getNumOperands(); i++)
1430 {
1431 Value* opnd = inst.getOperand(i);
1432 NodeID src = getValueNode(opnd);
1433 addCopyEdge(src, dst, CopyStmt::COPYVAL);
1434 }
1435}
1436
1437
1441void SVFIRBuilder::handleDirectCall(CallBase* cs, const Function *F)
1442{
1443
1444 assert(F);
1445 CallICFGNode* callICFGNode = llvmModuleSet()->getCallICFGNode(cs);
1446 const FunObjVar* svffun = llvmModuleSet()->getFunObjVar(F);
1447 DBOUT(DPAGBuild,
1448 outs() << "handle direct call " << LLVMUtil::dumpValue(cs) << " callee " << F->getName().str() << "\n");
1449
1450 //Only handle the ret.val. if it's used as a ptr.
1451 NodeID dstrec = getValueNode(cs);
1452 //Does it actually return a ptr?
1453 if (!cs->getType()->isVoidTy())
1454 {
1455 NodeID srcret = getReturnNode(svffun);
1456 FunExitICFGNode* exitICFGNode = pag->getICFG()->getFunExitICFGNode(svffun);
1457 addRetEdge(srcret, dstrec,callICFGNode, exitICFGNode);
1458 }
1459 //Iterators for the actual and formal parameters
1460 u32_t itA = 0, ieA = cs->arg_size();
1461 Function::const_arg_iterator itF = F->arg_begin(), ieF = F->arg_end();
1462 //Go through the fixed parameters.
1463 DBOUT(DPAGBuild, outs() << " args:");
1464 for (; itF != ieF; ++itA, ++itF)
1465 {
1466 //Some programs (e.g. Linux kernel) leave unneeded parameters empty.
1467 if (itA == ieA)
1468 {
1469 DBOUT(DPAGBuild, outs() << " !! not enough args\n");
1470 break;
1471 }
1472 const Value* AA = cs->getArgOperand(itA), *FA = &*itF; //current actual/formal arg
1473
1474 DBOUT(DPAGBuild, outs() << "process actual parm " << llvmModuleSet()->getSVFValue(AA)->toString() << " \n");
1475
1476 NodeID dstFA = getValueNode(FA);
1477 NodeID srcAA = getValueNode(AA);
1478 FunEntryICFGNode* entry = pag->getICFG()->getFunEntryICFGNode(svffun);
1479 addCallEdge(srcAA, dstFA, callICFGNode, entry);
1480 }
1481 //Any remaining actual args must be varargs.
1482 if (F->isVarArg())
1483 {
1484 NodeID vaF = getVarargNode(svffun);
1485 DBOUT(DPAGBuild, outs() << "\n varargs:");
1486 for (; itA != ieA; ++itA)
1487 {
1488 const Value* AA = cs->getArgOperand(itA);
1489 NodeID vnAA = getValueNode(AA);
1490 FunEntryICFGNode* entry = pag->getICFG()->getFunEntryICFGNode(svffun);
1491 addCallEdge(vnAA,vaF, callICFGNode,entry);
1492 }
1493 }
1494 if(itA != ieA)
1495 {
1498 writeWrnMsg("too many args to non-vararg func.");
1499 writeWrnMsg("(" + callICFGNode->getSourceLoc() + ")");
1500
1501 }
1502}
1503
1535const Value* SVFIRBuilder::getBaseValueForExtArg(const Value* V)
1536{
1537 const Value* value = stripAllCasts(V);
1538 assert(value && "null ptr?");
1539 if(const GetElementPtrInst* gep = SVFUtil::dyn_cast<GetElementPtrInst>(value))
1540 {
1541 APOffset totalidx = 0;
1542 for (bridge_gep_iterator gi = bridge_gep_begin(gep), ge = bridge_gep_end(gep); gi != ge; ++gi)
1543 {
1544 if(const ConstantInt* op = SVFUtil::dyn_cast<ConstantInt>(gi.getOperand()))
1545 totalidx += LLVMUtil::getIntegerValue(op).first;
1546 }
1547 if(totalidx == 0 && !SVFUtil::isa<StructType>(value->getType()))
1548 value = gep->getPointerOperand();
1549 }
1550 else if (const LoadInst* load = SVFUtil::dyn_cast<LoadInst>(value))
1551 {
1552 const Value* loadP = load->getPointerOperand();
1553 if (const GetElementPtrInst* gep = SVFUtil::dyn_cast<GetElementPtrInst>(loadP))
1554 {
1555 APOffset totalidx = 0;
1556 for (bridge_gep_iterator gi = bridge_gep_begin(gep), ge = bridge_gep_end(gep); gi != ge; ++gi)
1557 {
1558 if(const ConstantInt* op = SVFUtil::dyn_cast<ConstantInt>(gi.getOperand()))
1559 totalidx += LLVMUtil::getIntegerValue(op).first;
1560 }
1561 const Value * pointer_operand = gep->getPointerOperand();
1562 if (auto *glob = SVFUtil::dyn_cast<GlobalVariable>(pointer_operand))
1563 {
1564 if (glob->hasInitializer())
1565 {
1566 if (auto *initializer = SVFUtil::dyn_cast<
1567 ConstantStruct>(glob->getInitializer()))
1568 {
1569 /*
1570 *@conststruct = internal global <{ [40 x i8], [4 x i8], [4 x i8], [2512 x i8] }>
1571 <{ [40 x i8] undef, [4 x i8] zeroinitializer, [4 x i8] undef, [2512 x i8] zeroinitializer }>, align 8
1572
1573 %0 = load ptr, ptr getelementptr inbounds (<{ [40 x i8], [4 x i8], [4 x i8], [2512 x i8] }>,
1574 ptr @conststruct, i64 0, i32 0, i64 16)
1575 in this case, totalidx is 16 while initializer->getNumOperands() is 4, so we return value as the base
1576 */
1577 if (totalidx >= initializer->getNumOperands()) return value;
1578 auto *ptrField = initializer->getOperand(totalidx);
1579 if (auto *ptrValue = SVFUtil::dyn_cast<llvm::GlobalVariable>(ptrField))
1580 {
1581 return ptrValue;
1582 }
1583 }
1584 }
1585 }
1586 }
1587 }
1588
1589 return value;
1590}
1591
1595void SVFIRBuilder::handleIndCall(CallBase* cs)
1596{
1597 const CallICFGNode* cbn = llvmModuleSet()->getCallICFGNode(cs);
1598 pag->addIndirectCallsites(cbn,llvmModuleSet()->getValueNode(cs->getCalledOperand()));
1599}
1600
1601void SVFIRBuilder::updateCallGraph(CallGraph* callgraph)
1602{
1603 CallGraph::CallEdgeMap::const_iterator iter = callgraph->getIndCallMap().begin();
1604 CallGraph::CallEdgeMap::const_iterator eiter = callgraph->getIndCallMap().end();
1605 for (; iter != eiter; iter++)
1606 {
1607 const CallICFGNode* callBlock = iter->first;
1608 const CallBase* callbase = SVFUtil::cast<CallBase>(llvmModuleSet()->getLLVMValue(callBlock));
1609 assert(callBlock->isIndirectCall() && "this is not an indirect call?");
1610 const CallGraph::FunctionSet& functions = iter->second;
1611 for (CallGraph::FunctionSet::const_iterator func_iter = functions.begin(); func_iter != functions.end(); func_iter++)
1612 {
1613 const Function* callee = SVFUtil::cast<Function>(llvmModuleSet()->getLLVMValue(*func_iter));
1614
1615 if (isExtCall(*func_iter))
1616 {
1617 setCurrentLocation(callee, callee->empty() ? nullptr : &callee->getEntryBlock());
1618 handleExtCall(callbase, callee);
1619 }
1620 else
1621 {
1622 setCurrentLocation(llvmModuleSet()->getLLVMValue(callBlock), callBlock->getBB());
1623 handleDirectCall(const_cast<CallBase*>(callbase), callee);
1624 }
1625 }
1626 }
1627
1628 // dump SVFIR
1629 if (Options::PAGDotGraph())
1630 pag->dump("svfir_final");
1631}
1632
1633/*
1634 * TODO: more sanity checks might be needed here
1635 */
1636void SVFIRBuilder::sanityCheck()
1637{
1638 for (SVFIR::iterator nIter = pag->begin(); nIter != pag->end(); ++nIter)
1639 {
1640 (void) pag->getGNode(nIter->first);
1641 //TODO::
1642 // (1) every source(root) node of a pag tree should be object node
1643 // if a node has no incoming edge, but has outgoing edges
1644 // then it has to be an object node.
1645 // (2) make sure every variable should be initialized
1646 // otherwise it causes the a null pointer, the aliasing relation may not be captured
1647 // when loading a pointer value should make sure
1648 // some value has been store into this pointer before
1649 // q = load p, some value should stored into p first like store w p;
1650 // (3) make sure PAGNode should not have a const expr value (pointer should have unique def)
1651 // (4) look closely into addComplexConsForExt, make sure program locations(e.g.,inst bb)
1652 // are set correctly for dummy gepval node
1653 // (5) reduce unnecessary copy edge (const casts) and ensure correctness.
1654 }
1655}
1656
1657
1662NodeID SVFIRBuilder::getGepValVar(const Value* val, const AccessPath& ap, const SVFType* elementType)
1663{
1664 NodeID base = getValueNode(val);
1665 NodeID gepval = pag->getGepValVar(llvmModuleSet()->getValueNode(curVal), base, ap);
1666 if (gepval==UINT_MAX)
1667 {
1668 assert(((int) UINT_MAX)==-1 && "maximum limit of unsigned int is not -1?");
1669 /*
1670 * getGepValVar can only be called from two places:
1671 * 1. SVFIRBuilder::addComplexConsForExt to handle external calls
1672 * 2. SVFIRBuilder::getGlobalVarField to initialize global variable
1673 * so curVal can only be
1674 * 1. Instruction
1675 * 2. GlobalVariable
1676 */
1677 assert(
1678 (SVFUtil::isa<Instruction>(curVal) || SVFUtil::isa<GlobalVariable>(curVal)) && "curVal not an instruction or a globalvariable?");
1679
1680 // We assume every GepValNode and its GepEdge to the baseNode are unique across the whole program
1681 // We preserve the current BB information to restore it after creating the gepNode
1682 const Value* cval = getCurrentValue();
1683 const SVFBasicBlock* cbb = getCurrentBB();
1684 setCurrentLocation(curVal, (SVFBasicBlock*) nullptr);
1685 LLVMModuleSet* llvmmodule = llvmModuleSet();
1686 const ICFGNode* node = nullptr;
1687 if (const Instruction* inst = SVFUtil::dyn_cast<Instruction>(curVal))
1688 if (llvmmodule->hasICFGNode(inst))
1689 {
1690 node = llvmmodule->getICFGNode(inst);
1691 }
1692 NodeID gepNode = pag->addGepValNode(llvmModuleSet()->getValueNode(curVal), cast<ValVar>(pag->getGNode(getValueNode(val))), ap,
1693 NodeIDAllocator::get()->allocateValueId(),
1694 llvmmodule->getSVFType(PointerType::getUnqual(llvmmodule->getContext())), node);
1695 addGepEdge(base, gepNode, ap, true);
1696 setCurrentLocation(cval, cbb);
1697 return gepNode;
1698 }
1699 else
1700 return gepval;
1701}
1702
1703
1704/*
1705 * curVal <--------> PAGEdge
1706 * Instruction Any Edge
1707 * Argument CopyEdge (SVFIR::addFormalParamBlackHoleAddrEdge)
1708 * ConstantExpr CopyEdge (Int2PtrConstantExpr CastConstantExpr SVFIRBuilder::processCE)
1709 * GepEdge (GepConstantExpr SVFIRBuilder::processCE)
1710 * ConstantPointerNull CopyEdge (3-->2 NullPtr-->BlkPtr SVFIR::addNullPtrNode)
1711 * AddrEdge (0-->2 BlkObj-->BlkPtr SVFIR::addNullPtrNode)
1712 * GlobalVariable AddrEdge (SVFIRBuilder::visitGlobal)
1713 * GepEdge (SVFIRBuilder::getGlobalVarField)
1714 * Function AddrEdge (SVFIRBuilder::visitGlobal)
1715 * Constant StoreEdge (SVFIRBuilder::InitialGlobal)
1716 */
1717void SVFIRBuilder::setCurrentBBAndValueForPAGEdge(PAGEdge* edge)
1718{
1719 if (SVFIR::pagReadFromTXT())
1720 return;
1721
1722 assert(curVal && "current Val is nullptr?");
1723 edge->setBB(curBB!=nullptr ? curBB : nullptr);
1724 edge->setValue(pag->getGNode(llvmModuleSet()->getValueNode(curVal)));
1725 ICFGNode* icfgNode = pag->getICFG()->getGlobalICFGNode();
1726 LLVMModuleSet* llvmMS = llvmModuleSet();
1727 if (const Instruction* curInst = SVFUtil::dyn_cast<Instruction>(curVal))
1728 {
1729 const FunObjVar* srcFun = edge->getSrcNode()->getFunction();
1730 const FunObjVar* dstFun = edge->getDstNode()->getFunction();
1731 if(srcFun!=nullptr && !SVFUtil::isa<RetPE>(edge) && !SVFUtil::isa<FunValVar>(edge->getSrcNode()) && !SVFUtil::isa<FunObjVar>(edge->getSrcNode()))
1732 {
1733 assert(srcFun==llvmMS->getFunObjVar(curInst->getFunction()) && "SrcNode of the PAGEdge not in the same function?");
1734 }
1735 if(dstFun!=nullptr && !SVFUtil::isa<CallPE>(edge) && !SVFUtil::isa<RetValPN>(edge->getDstNode()))
1736 {
1737 assert(dstFun==llvmMS->getFunObjVar(curInst->getFunction()) && "DstNode of the PAGEdge not in the same function?");
1738 }
1739
1741 if (!(SVFUtil::isa<GepStmt>(edge) && SVFUtil::isa<GepValVar>(edge->getDstNode())))
1742 assert(curBB && "instruction does not have a basic block??");
1743
1745 if(SVFUtil::isa<ReturnInst>(curInst))
1746 {
1747 icfgNode = pag->getICFG()->getFunExitICFGNode(llvmMS->getFunObjVar(curInst->getFunction()));
1748 }
1749 else
1750 {
1751 if(SVFUtil::isa<RetPE>(edge))
1752 icfgNode = llvmMS->getRetICFGNode(SVFUtil::cast<Instruction>(curInst));
1753 else
1754 icfgNode = llvmMS->getICFGNode(SVFUtil::cast<Instruction>(curInst));
1755 }
1756 }
1757 else if (const Argument* arg = SVFUtil::dyn_cast<Argument>(curVal))
1758 {
1759 assert(curBB && (curBB->getParent()->getEntryBlock() == curBB));
1760 icfgNode = pag->getICFG()->getFunEntryICFGNode(
1761 llvmModuleSet()->getFunObjVar(SVFUtil::cast<Function>(arg->getParent())));
1762 }
1763 else if (SVFUtil::isa<Constant>(curVal) ||
1764 SVFUtil::isa<Function>(curVal) ||
1765 SVFUtil::isa<MetadataAsValue>(curVal))
1766 {
1767 if (!curBB)
1768 pag->addGlobalPAGEdge(edge);
1769 else
1770 {
1771 icfgNode = const_cast<ICFGNode*>(curBB->front());
1772 }
1773 }
1774 else
1775 {
1776 assert(false && "what else value can we have?");
1777 }
1778
1779 pag->addToSVFStmtList(icfgNode,edge);
1780 icfgNode->addSVFStmt(edge);
1781 if(const CallPE* callPE = SVFUtil::dyn_cast<CallPE>(edge))
1782 {
1783 CallICFGNode* callNode = const_cast<CallICFGNode*>(callPE->getCallSite());
1784 FunEntryICFGNode* entryNode = const_cast<FunEntryICFGNode*>(callPE->getFunEntryICFGNode());
1785 if(ICFGEdge* edge = pag->getICFG()->hasInterICFGEdge(callNode,entryNode, ICFGEdge::CallCF))
1786 SVFUtil::cast<CallCFGEdge>(edge)->addCallPE(callPE);
1787 }
1788 else if(const RetPE* retPE = SVFUtil::dyn_cast<RetPE>(edge))
1789 {
1790 RetICFGNode* retNode = const_cast<RetICFGNode*>(retPE->getCallSite()->getRetICFGNode());
1791 FunExitICFGNode* exitNode = const_cast<FunExitICFGNode*>(retPE->getFunExitICFGNode());
1792 if(ICFGEdge* edge = pag->getICFG()->hasInterICFGEdge(exitNode, retNode, ICFGEdge::RetCF))
1793 SVFUtil::cast<RetCFGEdge>(edge)->addRetPE(retPE);
1794 }
1795}
1796
1797
1804AccessPath SVFIRBuilder::getAccessPathFromBaseNode(NodeID nodeId)
1805{
1806 SVFVar* node = pag->getGNode(nodeId);
1807 SVFStmt::SVFStmtSetTy& geps = node->getIncomingEdges(SVFStmt::Gep);
1809 if(geps.empty())
1810 return AccessPath(0);
1811
1812 assert(geps.size()==1 && "one node can only be connected by at most one gep edge!");
1813 SVFVar::iterator it = geps.begin();
1814 const GepStmt* gepEdge = SVFUtil::cast<GepStmt>(*it);
1815 if(gepEdge->isVariantFieldGep())
1816 return AccessPath(0);
1817 else
1818 return gepEdge->getAccessPath();
1819}
DBOUT
#define DBOUT(TYPE, X)
LLVM debug macros, define type of your DBUG model of each pass.
Definition SVFType.h:498
TIMEINTERVAL
#define TIMEINTERVAL
Definition SVFType.h:526
DGENERAL
#define DGENERAL
Definition SVFType.h:504
DPAGBuild
#define DPAGBuild
Definition SVFType.h:506
offset
buffer offset
Definition cJSON.cpp:1113
item
cJSON * item
Definition cJSON.h:222
SVF::AccessPath::addOffsetVarAndGepTypePair
bool addOffsetVarAndGepTypePair(const SVFVar *var, const SVFType *gepIterType)
Definition AccessPath.cpp:42
SVF::AccessPath::getConstantStructFldIdx
APOffset getConstantStructFldIdx() const
Get methods.
Definition AccessPath.h:99
SVF::AccessPath::setFldIdx
void setFldIdx(APOffset idx)
Definition AccessPath.h:103
SVF::BranchStmt::SuccAndCondPairVec
std::vector< std::pair< const ICFGNode *, s32_t > > SuccAndCondPairVec
Definition SVFStatements.h:1163
SVF::CallGraph::getIndCallMap
CallEdgeMap & getIndCallMap()
Get callees from an indirect callsite.
Definition CallGraph.h:319
SVF::CallGraph::FunctionSet
Set< const FunObjVar * > FunctionSet
Definition CallGraph.h:244
SVF::CallICFGNode::isVirtualCall
bool isVirtualCall() const
Definition ICFGNode.h:521
SVF::CallICFGNode::setVtablePtr
void setVtablePtr(SVFVar *v)
Definition ICFGNode.h:526
SVF::ExtAPI::getExtAPI
static ExtAPI * getExtAPI()
Definition ExtAPI.cpp:43
SVF::ExtAPI::setExtFuncAnnotations
void setExtFuncAnnotations(const FunObjVar *fun, const std::vector< std::string > &funcAnnotations)
Definition ExtAPI.cpp:166
SVF::FunObjVar::getFunction
virtual const FunObjVar * getFunction() const
Get containing function, or null for globals/constants.
Definition SVFVariables.cpp:470
SVF::FunObjVar::getEntryBlock
const SVFBasicBlock * getEntryBlock() const
Definition SVFVariables.h:1170
SVF::FunObjVar::setBasicBlockGraph
void setBasicBlockGraph(BasicBlockGraph *graph)
Definition SVFVariables.h:1150
SVF::FunObjVar::initFunObjVar
void initFunObjVar(bool decl, bool intrinc, bool addr, bool uncalled, bool notret, bool vararg, const SVFFunctionType *ft, SVFLoopAndDomInfo *ld, const FunObjVar *real, BasicBlockGraph *bbg, const std::vector< const ArgValVar * > &allarg, const SVFBasicBlock *exit)
Definition SVFVariables.cpp:446
SVF::FunObjVar::bbGraph
BasicBlockGraph * bbGraph
the definition of a function across multiple modules
Definition SVFVariables.h:978
SVF::GenericGraph::begin
iterator begin()
Iterators.
Definition GenericGraph.h:377
SVF::GenericGraph::getTotalNodeNum
u32_t getTotalNodeNum() const
Get total number of node/edge.
Definition GenericGraph.h:430
SVF::GenericGraph< SVFVar, SVFStmt >::iterator
IDToNodeMapTy::iterator iterator
Node Iterators.
Definition GenericGraph.h:356
SVF::GenericGraph::getGNode
NodeType * getGNode(NodeID id) const
Get a node.
Definition GenericGraph.h:403
SVF::GenericNode::iterator
GEdgeSetTy::iterator iterator
Definition GenericGraph.h:155
SVF::GenericNode::getOutEdges
const GEdgeSetTy & getOutEdges() const
Definition GenericGraph.h:180
SVF::ICFGNode::addSVFStmt
void addSVFStmt(const SVFStmt *edge)
Definition ICFGNode.h:112
SVF::ICFG::getFunExitICFGNode
FunExitICFGNode * getFunExitICFGNode(const FunObjVar *fun)
Add a function exit node.
Definition ICFG.cpp:249
SVF::ICFG::hasInterICFGEdge
ICFGEdge * hasInterICFGEdge(ICFGNode *src, ICFGNode *dst, ICFGEdge::ICFGEdgeK kind)
Definition ICFG.cpp:276
SVF::ICFG::dump
void dump(const std::string &file, bool simple=false)
Dump graph into dot file.
Definition ICFG.cpp:411
SVF::ICFG::getFunEntryICFGNode
FunEntryICFGNode * getFunEntryICFGNode(const FunObjVar *fun)
Add a function entry node.
Definition ICFG.cpp:242
SVF::ICFG::getGlobalICFGNode
GlobalICFGNode * getGlobalICFGNode() const
Definition ICFG.h:236
SVF::IRGraph::constantSymID
NodeID constantSymID() const
Definition IRGraph.h:188
SVF::IRGraph::getFlattenedElemIdx
u32_t getFlattenedElemIdx(const SVFType *T, u32_t origId)
Flattened element idx of an array or struct by considering stride.
Definition IRGraph.cpp:144
SVF::IRGraph::getNodeNumAfterPAGBuild
u32_t getNodeNumAfterPAGBuild() const
Definition IRGraph.h:313
SVF::IRGraph::dump
void dump(std::string name)
Dump SVFIR.
Definition IRGraph.cpp:310
SVF::IRGraph::getBlkPtr
NodeID getBlkPtr() const
Definition IRGraph.h:255
SVF::IRGraph::blkPtrSymID
NodeID blkPtrSymID() const
Definition IRGraph.h:178
SVF::IRGraph::getNullPtr
NodeID getNullPtr() const
Definition IRGraph.h:259
SVF::IRGraph::nullPtrSymID
NodeID nullPtrSymID() const
Definition IRGraph.h:183
SVF::IRGraph::getTotalSymNum
u32_t getTotalSymNum() const
Statistics.
Definition IRGraph.h:200
SVF::IRGraph::varargFunObjSymMap
FunObjVarToIDMapTy varargFunObjSymMap
vararg map
Definition IRGraph.h:87
SVF::IRGraph::getReturnNode
NodeID getReturnNode(const FunObjVar *func) const
GetReturnNode - Return the unique node representing the return value of a function.
Definition IRGraph.cpp:60
SVF::IRGraph::setNodeNumAfterPAGBuild
void setNodeNumAfterPAGBuild(u32_t num)
Definition IRGraph.h:317
SVF::IRGraph::blackholeSymID
NodeID blackholeSymID() const
Definition IRGraph.h:193
SVF::IRGraph::getObjTypeInfo
ObjTypeInfo * getObjTypeInfo(NodeID id) const
Definition IRGraph.h:234
SVF::IRGraph::getConstantNode
NodeID getConstantNode() const
Definition IRGraph.h:251
SVF::IRGraph::returnFunObjSymMap
FunObjVarToIDMapTy returnFunObjSymMap
return map
Definition IRGraph.h:86
SVF::LLVMLoopAnalysis::build
virtual void build(ICFG *icfg)
Start from here.
Definition LLVMLoopAnalysis.cpp:89
SVF::LLVMModuleSet::getValueNode
NodeID getValueNode(const Value *V)
Definition LLVMModule.cpp:986
SVF::LLVMModuleSet::valSyms
ValueToIDMapTy & valSyms()
Definition LLVMModule.h:205
SVF::LLVMModuleSet::retSyms
FunToIDMapTy & retSyms()
Definition LLVMModule.h:267
SVF::LLVMModuleSet::getFunObjVar
const FunObjVar * getFunObjVar(const Function *fun) const
Definition LLVMModule.h:260
SVF::LLVMModuleSet::getSVFBasicBlock
SVFBasicBlock * getSVFBasicBlock(const BasicBlock *bb)
Definition LLVMModule.h:291
SVF::LLVMModuleSet::getDomTree
DominatorTree & getDomTree(const Function *fun)
Definition LLVMModule.cpp:97
SVF::LLVMModuleSet::addToSVFVar2LLVMValueMap
void addToSVFVar2LLVMValueMap(const Value *val, SVFValue *svfBaseNode)
Definition LLVMModule.cpp:1064
SVF::LLVMModuleSet::LLVMFun2FunObjVar
LLVMFun2FunObjVarMap LLVMFun2FunObjVar
Map an LLVM Function to an SVF Funobjvar.
Definition LLVMModule.h:97
SVF::LLVMModuleSet::getSVFType
SVFType * getSVFType(const Type *T)
Get or create SVFType and typeinfo.
Definition LLVMModule.cpp:1103
SVF::LLVMModuleSet::hasICFGNode
bool hasICFGNode(const Instruction *inst)
Definition LLVMModule.cpp:1132
SVF::LLVMModuleSet::getICFGNode
ICFGNode * getICFGNode(const Instruction *inst)
Get a basic block ICFGNode.
Definition LLVMModule.cpp:1118
SVF::LLVMModuleSet::getCallICFGNode
CallICFGNode * getCallICFGNode(const Instruction *cs)
get a call node
Definition LLVMModule.cpp:1145
SVF::LLVMModuleSet::ExtFun2Annotations
Fun2AnnoMap ExtFun2Annotations
Record annotations of function in extapi.bc.
Definition LLVMModule.h:89
SVF::LLVMModuleSet::getObjectNode
NodeID getObjectNode(const Value *V)
Definition LLVMModule.cpp:1007
SVF::LLVMModuleSet::getRetICFGNode
RetICFGNode * getRetICFGNode(const Instruction *cs)
get a return node
Definition LLVMModule.cpp:1154
SVF::LLVMModuleSet::getLLVMModules
const std::vector< std::reference_wrapper< Module > > & getLLVMModules() const
Definition LLVMModule.h:155
SVF::LLVMModuleSet::getRealDefFun
const Function * getRealDefFun(const Function *fun) const
Definition LLVMModule.h:183
SVF::LLVMModuleSet::objSyms
ValueToIDMapTy & objSyms()
Definition LLVMModule.h:210
SVF::LLVMModuleSet::addBasicBlock
void addBasicBlock(FunObjVar *fun, const BasicBlock *bb)
Definition LLVMModule.h:230
SVF::LLVMModuleSet::varargSyms
FunToIDMapTy & varargSyms()
Definition LLVMModule.h:272
SVF::LLVMModuleSet::getFunctionSet
const FunctionSet & getFunctionSet() const
Definition LLVMModule.h:190
SVF::NodeIDAllocator::get
static NodeIDAllocator * get(void)
Return (singleton) allocator.
Definition NodeIDAllocator.cpp:26
SVF::Options::PAGDotGraph
static const Option< bool > PAGDotGraph
Definition Options.h:121
SVF::Options::DumpJson
static const Option< std::string > DumpJson
Definition Options.h:124
SVF::Options::ModelConsts
static Option< bool > ModelConsts
Definition Options.h:187
SVF::Options::PAGPrint
static const Option< bool > PAGPrint
Definition Options.h:127
SVF::Options::VtableInSVFIR
static const Option< bool > VtableInSVFIR
Definition Options.h:217
SVF::Options::LoopAnalysis
static const Option< bool > LoopAnalysis
Definition Options.h:242
SVF::Options::DumpICFG
static const Option< bool > DumpICFG
Definition Options.h:123
SVF::SVFBasicBlock::getParent
const FunObjVar * getParent() const
Definition BasicBlockG.h:191
SVF::SVFBasicBlock::addPredBasicBlock
void addPredBasicBlock(const SVFBasicBlock *pred2)
Definition BasicBlockG.h:175
SVF::SVFBasicBlock::addSuccBasicBlock
void addSuccBasicBlock(const SVFBasicBlock *succ2)
Definition BasicBlockG.h:158
SVF::SVFBasicBlock::front
const ICFGNode * front() const
Definition BasicBlockG.h:203
SVF::SVFIRBuilder::inferFieldIdxFromByteOffset
u32_t inferFieldIdxFromByteOffset(const llvm::GEPOperator *gepOp, DataLayout *dl, AccessPath &ap, APOffset idx)
Infer field index from byteoffset.
Definition SVFIRBuilder.cpp:629
SVF::SVFIRBuilder::getCopyKind
CopyStmt::CopyKind getCopyKind(const Value *val)
Definition SVFIRBuilder.h:377
SVF::SVFIRBuilder::sanityCheck
void sanityCheck()
Sanity check for SVFIR.
Definition SVFIRBuilder.cpp:1636
SVF::SVFIRBuilder::getPAG
SVFIR * getPAG() const
Return SVFIR.
Definition SVFIRBuilder.h:67
SVF::SVFIRBuilder::setCurrentLocation
void setCurrentLocation(const Value *val, const BasicBlock *bb)
Set current basic block in order to keep track of control flow information.
Definition SVFIRBuilder.h:247
SVF::SVFIRBuilder::addNullPtrNode
NodeID addNullPtrNode()
Add NullPtr PAGNode.
Definition SVFIRBuilder.h:277
SVF::SVFIRBuilder::visitLoadInst
void visitLoadInst(LoadInst &I)
Definition SVFIRBuilder.cpp:1045
SVF::SVFIRBuilder::getVarargNode
NodeID getVarargNode(const FunObjVar *func)
getVarargNode - Return the node representing the unique variadic argument of a function.
Definition SVFIRBuilder.h:117
SVF::SVFIRBuilder::addPhiStmt
void addPhiStmt(NodeID res, NodeID opnd, const ICFGNode *pred)
Add Copy edge.
Definition SVFIRBuilder.h:414
SVF::SVFIRBuilder::updateCallGraph
void updateCallGraph(CallGraph *callgraph)
connect PAG edges based on callgraph
Definition SVFIRBuilder.cpp:1601
SVF::SVFIRBuilder::initSVFBasicBlock
void initSVFBasicBlock(const Function *func)
Definition SVFIRBuilder.cpp:218
SVF::SVFIRBuilder::addStoreEdge
void addStoreEdge(NodeID src, NodeID dst)
Add Store edge.
Definition SVFIRBuilder.h:457
SVF::SVFIRBuilder::addAddrEdge
AddrStmt * addAddrEdge(NodeID src, NodeID dst)
Add Address edge.
Definition SVFIRBuilder.h:299
SVF::SVFIRBuilder::visitInvokeInst
void visitInvokeInst(InvokeInst &II)
Definition SVFIRBuilder.cpp:1179
SVF::SVFIRBuilder::handleDirectCall
void handleDirectCall(CallBase *cs, const Function *F)
Handle direct call.
Definition SVFIRBuilder.cpp:1441
SVF::SVFIRBuilder::addBinaryOPEdge
void addBinaryOPEdge(NodeID op1, NodeID op2, NodeID dst, u32_t opcode)
Add Copy edge.
Definition SVFIRBuilder.h:433
SVF::SVFIRBuilder::visitCallInst
void visitCallInst(CallInst &I)
Definition SVFIRBuilder.cpp:1174
SVF::SVFIRBuilder::addLoadEdge
void addLoadEdge(NodeID src, NodeID dst)
Add Load edge.
Definition SVFIRBuilder.h:451
SVF::SVFIRBuilder::handleExtCall
virtual void handleExtCall(const CallBase *cs, const Function *callee)
Definition SVFIRExtAPI.cpp:128
SVF::SVFIRBuilder::visitGetElementPtrInst
void visitGetElementPtrInst(GetElementPtrInst &I)
Definition SVFIRBuilder.cpp:1077
SVF::SVFIRBuilder::visitBranchInst
void visitBranchInst(BranchInst &I)
Definition SVFIRBuilder.cpp:1296
SVF::SVFIRBuilder::visitAllocaInst
virtual void visitAllocaInst(AllocaInst &AI)
Our visit overrides.
Definition SVFIRBuilder.cpp:1002
SVF::SVFIRBuilder::addGepEdge
void addGepEdge(NodeID src, NodeID dst, const AccessPath &ap, bool constGep)
Add Gep edge.
Definition SVFIRBuilder.h:481
SVF::SVFIRBuilder::addCmpEdge
void addCmpEdge(NodeID op1, NodeID op2, NodeID dst, u32_t predict)
Add Copy edge.
Definition SVFIRBuilder.h:427
SVF::SVFIRBuilder::llvmModuleSet
LLVMModuleSet * llvmModuleSet()
Definition SVFIRBuilder.h:515
SVF::SVFIRBuilder::visitStoreInst
void visitStoreInst(StoreInst &I)
Definition SVFIRBuilder.cpp:1059
SVF::SVFIRBuilder::getReturnNode
NodeID getReturnNode(const FunObjVar *func)
getReturnNode - Return the node representing the unique return value of a function.
Definition SVFIRBuilder.h:111
SVF::SVFIRBuilder::getObjectNode
NodeID getObjectNode(const Value *V)
GetObject - Return the object node (stack/global/heap/function) according to a LLVM Value.
Definition SVFIRBuilder.h:105
SVF::SVFIRBuilder::visitCallSite
void visitCallSite(CallBase *cs)
Definition SVFIRBuilder.cpp:1192
SVF::SVFIRBuilder::processCE
void processCE(const Value *val)
Process constant expression.
Definition SVFIRBuilder.cpp:713
SVF::SVFIRBuilder::handleIndCall
void handleIndCall(CallBase *cs)
Handle indirect call.
Definition SVFIRBuilder.cpp:1595
SVF::SVFIRBuilder::curVal
const Value * curVal
Current Value during SVFIR construction when visiting the module.
Definition SVFIRBuilder.h:51
SVF::SVFIRBuilder::addSelectStmt
void addSelectStmt(NodeID res, NodeID op1, NodeID op2, NodeID cond)
Add SelectStmt.
Definition SVFIRBuilder.h:421
SVF::SVFIRBuilder::addBranchStmt
void addBranchStmt(NodeID br, NodeID cond, const BranchStmt::SuccAndCondPairVec &succs)
Add Branch statement.
Definition SVFIRBuilder.h:445
SVF::SVFIRBuilder::build
virtual SVFIR * build()
Start building SVFIR here.
Definition SVFIRBuilder.cpp:52
SVF::SVFIRBuilder::visitCallBrInst
void visitCallBrInst(CallBrInst &I)
Definition SVFIRBuilder.cpp:1184
SVF::SVFIRBuilder::visitExtractValueInst
void visitExtractValueInst(ExtractValueInst &EVI)
Definition SVFIRBuilder.cpp:1272
SVF::SVFIRBuilder::getAccessPathFromBaseNode
AccessPath getAccessPathFromBaseNode(NodeID nodeId)
Definition SVFIRBuilder.cpp:1804
SVF::SVFIRBuilder::curBB
const SVFBasicBlock * curBB
Current basic block during SVFIR construction when visiting the module.
Definition SVFIRBuilder.h:50
SVF::SVFIRBuilder::visitSwitchInst
void visitSwitchInst(SwitchInst &I)
The following implementation follows ICFGBuilder::processFunBody.
Definition SVFIRBuilder.cpp:1378
SVF::SVFIRBuilder::visitFreezeInst
void visitFreezeInst(FreezeInst &I)
Definition SVFIRBuilder.cpp:1426
SVF::SVFIRBuilder::getBaseValueForExtArg
const Value * getBaseValueForExtArg(const Value *V)
Get the base value of (i8* src and i8* dst) for external argument (e.g. memcpy(i8* dst,...
Definition SVFIRBuilder.cpp:1535
SVF::SVFIRBuilder::initDomTree
void initDomTree(FunObjVar *func, const Function *f)
Definition SVFIRBuilder.cpp:261
SVF::SVFIRBuilder::addRetEdge
void addRetEdge(NodeID src, NodeID dst, const CallICFGNode *cs, const FunExitICFGNode *exit)
Add Return edge.
Definition SVFIRBuilder.h:475
SVF::SVFIRBuilder::addBlackHoleAddrEdge
void addBlackHoleAddrEdge(NodeID node)
Definition SVFIRBuilder.h:292
SVF::SVFIRBuilder::visitGlobal
void visitGlobal()
Handle globals including (global variable and functions)
Definition SVFIRBuilder.cpp:949
SVF::SVFIRBuilder::addUnaryOPEdge
void addUnaryOPEdge(NodeID src, NodeID dst, u32_t opcode)
Add Unary edge.
Definition SVFIRBuilder.h:439
SVF::SVFIRBuilder::getCurrentBB
const SVFBasicBlock * getCurrentBB() const
Definition SVFIRBuilder.h:261
SVF::SVFIRBuilder::visitPHINode
void visitPHINode(PHINode &I)
Definition SVFIRBuilder.cpp:1020
SVF::SVFIRBuilder::addCopyEdge
CopyStmt * addCopyEdge(NodeID src, NodeID dst, CopyStmt::CopyKind kind)
Definition SVFIRBuilder.h:367
SVF::SVFIRBuilder::addCallEdge
void addCallEdge(NodeID src, NodeID dst, const CallICFGNode *cs, const FunEntryICFGNode *entry)
Add Call edge.
Definition SVFIRBuilder.h:469
SVF::SVFIRBuilder::setCurrentBBAndValueForPAGEdge
void setCurrentBBAndValueForPAGEdge(PAGEdge *edge)
Definition SVFIRBuilder.cpp:1717
SVF::SVFIRBuilder::visitSelectInst
void visitSelectInst(SelectInst &I)
Definition SVFIRBuilder.cpp:1161
SVF::SVFIRBuilder::visitVAArgInst
void visitVAArgInst(VAArgInst &)
Definition SVFIRBuilder.cpp:1414
SVF::SVFIRBuilder::visitCmpInst
void visitCmpInst(CmpInst &I)
Definition SVFIRBuilder.cpp:1145
SVF::SVFIRBuilder::visitExtractElementInst
void visitExtractElementInst(ExtractElementInst &I)
Definition SVFIRBuilder.cpp:1286
SVF::SVFIRBuilder::computeGepOffset
bool computeGepOffset(const User *V, AccessPath &ap)
Compute offset of a gep instruction or gep constant expression.
Definition SVFIRBuilder.cpp:640
SVF::SVFIRBuilder::visitReturnInst
void visitReturnInst(ReturnInst &I)
Definition SVFIRBuilder.cpp:1243
SVF::SVFIRBuilder::getCurrentValue
const Value * getCurrentValue() const
Definition SVFIRBuilder.h:257
SVF::SVFIRBuilder::getValueNode
NodeID getValueNode(const Value *V)
Get different kinds of node.
Definition SVFIRBuilder.h:95
SVF::SVFIRBuilder::visitCastInst
void visitCastInst(CastInst &I)
Definition SVFIRBuilder.cpp:1103
SVF::SVFIRBuilder::addAddrWithStackArraySz
AddrStmt * addAddrWithStackArraySz(NodeID src, NodeID dst, llvm::AllocaInst &inst)
Add Address edge from allocinst with arraysize like "%4 = alloca i8, i64 3".
Definition SVFIRBuilder.h:310
SVF::SVFIRBuilder::getGepValVar
NodeID getGepValVar(const Value *val, const AccessPath &ap, const SVFType *elementType)
Definition SVFIRBuilder.cpp:1662
SVF::SVFIRBuilder::InitialGlobal
void InitialGlobal(const GlobalVariable *gvar, Constant *C, u32_t offset)
Definition SVFIRBuilder.cpp:871
SVF::SVFIRBuilder::visitUnaryOperator
void visitUnaryOperator(UnaryOperator &I)
Definition SVFIRBuilder.cpp:1132
SVF::SVFIRBuilder::visitBinaryOperator
void visitBinaryOperator(BinaryOperator &I)
Definition SVFIRBuilder.cpp:1117
SVF::SVFIRBuilder::initialiseNodes
void initialiseNodes()
Initialize nodes and edges.
Definition SVFIRBuilder.cpp:534
SVF::SVFIRBuilder::getGlobalVarField
NodeID getGlobalVarField(const GlobalVariable *gvar, u32_t offset, SVFType *tpy)
Definition SVFIRBuilder.cpp:844
SVF::SVFIR::addObjNode
NodeID addObjNode(NodeID i, ObjTypeInfo *ti, const SVFType *type, const ICFGNode *node)
Add a memory obj node.
Definition SVFIR.h:623
SVF::SVFIR::addGlobalValNode
NodeID addGlobalValNode(const NodeID i, const ICFGNode *icfgNode, const SVFType *svfType)
Definition SVFIR.h:603
SVF::SVFIR::getGepValVar
NodeID getGepValVar(NodeID curInst, NodeID base, const AccessPath &ap) const
Due to constraint expression, curInst is used to distinguish different instructions (e....
Definition SVFIR.cpp:522
SVF::SVFIR::addGlobalObjNode
NodeID addGlobalObjNode(const NodeID i, ObjTypeInfo *ti, const SVFType *type, const ICFGNode *node)
Definition SVFIR.h:680
SVF::SVFIR::print
void print()
Print SVFIR.
Definition SVFIR.cpp:557
SVF::SVFIR::addConstantFPObjNode
NodeID addConstantFPObjNode(NodeID i, ObjTypeInfo *ti, double dval, const SVFType *type, const ICFGNode *node)
Definition SVFIR.h:656
SVF::SVFIR::addBlackholePtrNode
NodeID addBlackholePtrNode()
Definition SVFIR.h:755
SVF::SVFIR::addBlackholeObjNode
NodeID addBlackholeObjNode()
Definition SVFIR.h:747
SVF::SVFIR::addFunArgs
void addFunArgs(const FunObjVar *fun, const SVFVar *arg)
Get/set method for function/callsite arguments and returns.
Definition SVFIR.h:527
SVF::SVFIR::addHeapObjNode
NodeID addHeapObjNode(NodeID i, ObjTypeInfo *ti, const SVFType *type, const ICFGNode *node)
Definition SVFIR.h:631
SVF::SVFIR::addGepValNode
NodeID addGepValNode(NodeID curInst, const ValVar *base, const AccessPath &ap, NodeID i, const SVFType *type, const ICFGNode *node)
Add a temp field value node, this method can only invoked by getGepValVar.
Definition SVFIR.cpp:403
SVF::SVFIR::addFunRet
void addFunRet(const FunObjVar *fun, const SVFVar *ret)
Add function returns.
Definition SVFIR.h:534
SVF::SVFIR::addFunObjNode
NodeID addFunObjNode(NodeID id, ObjTypeInfo *ti, const SVFType *type, const ICFGNode *node)
Definition SVFIR.h:648
SVF::SVFIR::addStackObjNode
NodeID addStackObjNode(NodeID i, ObjTypeInfo *ti, const SVFType *type, const ICFGNode *node)
Definition SVFIR.h:641
SVF::SVFIR::pagFileName
static std::string pagFileName()
Definition SVFIR.h:206
SVF::SVFIR::addConstantNullPtrValNode
NodeID addConstantNullPtrValNode(const NodeID i, const ICFGNode *icfgNode, const SVFType *type)
Definition SVFIR.h:597
SVF::SVFIR::pagReadFromTXT
static bool pagReadFromTXT()
Definition SVFIR.h:211
SVF::SVFIR::callGraph
CallGraph * callGraph
all the callsites of a program
Definition SVFIR.h:99
SVF::SVFIR::addConstantDataObjNode
NodeID addConstantDataObjNode(const NodeID i, ObjTypeInfo *ti, const SVFType *type, const ICFGNode *node)
Definition SVFIR.h:692
SVF::SVFIR::addToSVFStmtList
void addToSVFStmtList(ICFGNode *inst, SVFStmt *edge)
Add a SVFStmt into instruction map.
Definition SVFIR.h:259
SVF::SVFIR::addCallSiteRets
void addCallSiteRets(RetICFGNode *retBlockNode, const SVFVar *arg)
Add callsite returns.
Definition SVFIR.h:547
SVF::SVFIR::addConstantDataValNode
NodeID addConstantDataValNode(const NodeID i, const ICFGNode *icfgNode, const SVFType *type)
Definition SVFIR.h:615
SVF::SVFIR::addCallSiteArgs
void addCallSiteArgs(CallICFGNode *callBlockNode, const ValVar *arg)
Add callsite arguments.
Definition SVFIR.h:541
SVF::SVFIR::addConstantAggObjNode
NodeID addConstantAggObjNode(const NodeID i, ObjTypeInfo *ti, const SVFType *type, const ICFGNode *node)
Definition SVFIR.h:686
SVF::SVFIR::addConstantIntValNode
NodeID addConstantIntValNode(NodeID i, const std::pair< s64_t, u64_t > &intValue, const ICFGNode *icfgNode, const SVFType *type)
Definition SVFIR.h:590
SVF::SVFIR::getICFG
ICFG * getICFG() const
Definition SVFIR.h:163
SVF::SVFIR::addFunValNode
NodeID addFunValNode(NodeID i, const ICFGNode *icfgNode, const FunObjVar *funObjVar, const SVFType *type)
Definition SVFIR.h:570
SVF::SVFIR::addConstantFPValNode
NodeID addConstantFPValNode(const NodeID i, double dval, const ICFGNode *icfgNode, const SVFType *type)
Definition SVFIR.h:583
SVF::SVFIR::addConstantAggValNode
NodeID addConstantAggValNode(const NodeID i, const ICFGNode *icfgNode, const SVFType *svfType)
Definition SVFIR.h:609
SVF::SVFIR::addConstantNullPtrObjNode
NodeID addConstantNullPtrObjNode(const NodeID i, ObjTypeInfo *ti, const SVFType *type, const ICFGNode *node)
Definition SVFIR.h:673
SVF::SVFIR::addCallSite
void addCallSite(const CallICFGNode *call)
Add callsites.
Definition SVFIR.h:796
SVF::SVFIR::addValNode
NodeID addValNode(NodeID i, const SVFType *type, const ICFGNode *icfgNode)
add node into SVFIR
Definition SVFIR.h:564
SVF::SVFIR::addVarargNode
NodeID addVarargNode(NodeID i, const FunObjVar *val, const SVFType *type, const ICFGNode *n)
Add a unique vararg node for a procedure.
Definition SVFIR.h:706
SVF::SVFIR::setCHG
void setCHG(CommonCHGraph *c)
Set/Get CHG.
Definition SVFIR.h:169
SVF::SVFIR::icfg
ICFG * icfg
Definition SVFIR.h:96
SVF::SVFIR::addConstantIntObjNode
NodeID addConstantIntObjNode(NodeID i, ObjTypeInfo *ti, const std::pair< s64_t, u64_t > &intValue, const SVFType *type, const ICFGNode *node)
Definition SVFIR.h:664
SVF::SVFIR::addGlobalPAGEdge
void addGlobalPAGEdge(const SVFStmt *edge)
Add global PAGEdges (not in a procedure)
Definition SVFIR.h:791
SVF::SVFIR::addIndirectCallsites
void addIndirectCallsites(const CallICFGNode *cs, NodeID funPtr)
Add indirect callsites.
Definition SVFIR.h:553
SVF::SVFIR::initialiseCandidatePointers
void initialiseCandidatePointers()
Initialize candidate pointers.
Definition SVFIR.cpp:642
SVF::SVFIR::addRetNode
NodeID addRetNode(NodeID i, const FunObjVar *callGraphNode, const SVFType *type, const ICFGNode *icn)
Add a unique return node for a procedure.
Definition SVFIR.h:700
SVF::SVFIR::addArgValNode
NodeID addArgValNode(NodeID i, u32_t argNo, const ICFGNode *icfgNode, const FunObjVar *callGraphNode, const SVFType *type)
Definition SVFIR.h:576
SVF::SVFIR::addConstantObjNode
NodeID addConstantObjNode()
Definition SVFIR.h:751
SVF::SVFLoopAndDomInfo::getDomFrontierMap
const Map< const SVFBasicBlock *, BBSet > & getDomFrontierMap() const
Definition SVFLoopAndDomInfo.h:66
SVF::SVFLoopAndDomInfo::BBSet
Set< const SVFBasicBlock * > BBSet
Definition SVFLoopAndDomInfo.h:46
SVF::SVFStat::getClk
static double getClk(bool mark=false)
Definition SVFStat.cpp:48
SVF::SVFStat::timeOfBuildingSVFIR
static double timeOfBuildingSVFIR
Definition SVFStat.h:95
SVF::SVFStmt::SVFStmtSetTy
GenericNode< SVFVar, SVFStmt >::GEdgeSetTy SVFStmtSetTy
Definition SVFStatements.h:214
SVF::SVFValue::setName
virtual void setName(const std::string &nameInfo)
Definition SVFValue.h:174
SVF::SVFVar::getIncomingEdges
SVFStmt::SVFStmtSetTy & getIncomingEdges(SVFStmt::PEDGEK kind)
Edge accessors and checkers.
Definition SVFVariables.h:111
llvm::generic_bridge_gep_type_iterator
Definition GEPTypeBridgeIterator.h:18
NULL
#define NULL
Definition extapi.c:2
SVF::LLVMUtil::isIntrinsicInst
bool isIntrinsicInst(const Instruction *inst)
Return true if it is an intrinsic instruction.
Definition LLVMUtil.cpp:202
SVF::LLVMUtil::isBinaryConstantExpr
const ConstantExpr * isBinaryConstantExpr(const Value *val)
Definition LLVMUtil.h:290
SVF::LLVMUtil::isUncalledFunction
bool isUncalledFunction(const Function *fun)
whether this is a function without any possible caller?
Definition LLVMUtil.cpp:157
SVF::LLVMUtil::getDoubleValue
double getDoubleValue(const ConstantFP *fpValue)
Definition LLVMUtil.h:54
SVF::LLVMUtil::isConstantObjSym
bool isConstantObjSym(const Value *val)
Check whether this value points-to a constant object.
Definition CppUtil.cpp:672
SVF::LLVMUtil::stripAllCasts
const Value * stripAllCasts(const Value *val)
Strip off the all casts.
Definition LLVMUtil.cpp:249
SVF::LLVMUtil::isInt2PtrConstantExpr
const ConstantExpr * isInt2PtrConstantExpr(const Value *val)
Definition LLVMUtil.h:225
SVF::LLVMUtil::isSelectConstantExpr
const ConstantExpr * isSelectConstantExpr(const Value *val)
Definition LLVMUtil.h:255
SVF::LLVMUtil::isIntrinsicFun
bool isIntrinsicFun(const Function *func)
Definition LLVMUtil.cpp:189
SVF::LLVMUtil::functionDoesNotRet
bool functionDoesNotRet(const Function *fun)
Definition LLVMUtil.cpp:122
SVF::LLVMUtil::isTruncConstantExpr
const ConstantExpr * isTruncConstantExpr(const Value *val)
Definition LLVMUtil.h:265
SVF::LLVMUtil::getIntegerValue
std::pair< s64_t, u64_t > getIntegerValue(const ConstantInt *intValue)
Definition LLVMUtil.h:82
SVF::LLVMUtil::getNextInsts
void getNextInsts(const Instruction *curInst, std::vector< const Instruction * > &instList)
Get the next instructions following control flow.
Definition LLVMUtil.cpp:573
SVF::LLVMUtil::isPtr2IntConstantExpr
const ConstantExpr * isPtr2IntConstantExpr(const Value *val)
Definition LLVMUtil.h:235
SVF::LLVMUtil::isHeapObj
bool isHeapObj(const Value *val)
Definition LLVMUtil.cpp:682
SVF::LLVMUtil::isUnaryConstantExpr
const ConstantExpr * isUnaryConstantExpr(const Value *val)
Definition LLVMUtil.h:301
SVF::LLVMUtil::getFunReachableBBs
void getFunReachableBBs(const Function *svfFun, std::vector< const SVFBasicBlock * > &bbs)
Get reachable basic block from function entry.
Definition LLVMUtil.cpp:74
SVF::LLVMUtil::isCastConstantExpr
const ConstantExpr * isCastConstantExpr(const Value *val)
Definition LLVMUtil.h:245
SVF::LLVMUtil::isExtCall
bool isExtCall(const Function *fun)
Definition LLVMUtil.cpp:383
SVF::LLVMUtil::basicBlockHasRetInst
bool basicBlockHasRetInst(const BasicBlock *bb)
Return true if the function has a return instruction.
Definition LLVMUtil.cpp:108
SVF::LLVMUtil::isStackObj
bool isStackObj(const Value *val)
Definition LLVMUtil.cpp:704
SVF::LLVMUtil::isGepConstantExpr
const ConstantExpr * isGepConstantExpr(const Value *val)
Return corresponding constant expression, otherwise return nullptr.
Definition LLVMUtil.h:215
SVF::LLVMUtil::getDataLayout
static DataLayout * getDataLayout(Module *mod)
Definition LLVMUtil.h:313
SVF::LLVMUtil::getCallee
const Function * getCallee(const CallBase *cs)
Definition LLVMUtil.h:97
SVF::LLVMUtil::getFunObjVar
const FunObjVar * getFunObjVar(const std::string &name)
Definition LLVMUtil.cpp:435
SVF::LLVMUtil::dumpValue
std::string dumpValue(const Value *val)
Definition LLVMUtil.cpp:600
SVF::LLVMUtil::isCmpConstantExpr
const ConstantExpr * isCmpConstantExpr(const Value *val)
Definition LLVMUtil.h:279
SVF::SVFUtil::pasMsg
std::string pasMsg(const std::string &msg)
Print each pass/phase message by converting a string into blue string output.
Definition SVFUtil.cpp:101
SVF::SVFUtil::writeWrnMsg
void writeWrnMsg(const std::string &msg)
Writes a message run through wrnMsg.
Definition SVFUtil.cpp:68
SVF::SVFUtil::outs
std::ostream & outs()
Overwrite llvm::outs()
Definition SVFUtil.h:52
SVF::SVFUtil::dyn_cast
LLVM_NODISCARD std::enable_if_t<!is_simple_type< Y >::value, typename cast_retty< X, const Y >::ret_type > dyn_cast(const Y &Val)
Definition Casting.h:405
SVF::cppUtil::getVCallVtblPtr
const Value * getVCallVtblPtr(const CallBase *cs)
Definition CppUtil.cpp:537
SVF::cppUtil::isValVtbl
bool isValVtbl(const Value *val)
Definition CppUtil.cpp:336
SVF
for isBitcode
Definition BasicTypes.h:68
SVF::DataLayout
llvm::DataLayout DataLayout
Definition BasicTypes.h:108
SVF::GlobalVariable
llvm::GlobalVariable GlobalVariable
Definition BasicTypes.h:130
SVF::GlobalAlias
llvm::GlobalAlias GlobalAlias
Definition BasicTypes.h:128
SVF::ArrayType
llvm::ArrayType ArrayType
Definition BasicTypes.h:95
SVF::Type
llvm::Type Type
Definition BasicTypes.h:83
SVF::CallBase
llvm::CallBase CallBase
Definition BasicTypes.h:146
SVF::BasicBlock
llvm::BasicBlock BasicBlock
Definition BasicTypes.h:86
SVF::UnaryOperator
llvm::UnaryOperator UnaryOperator
Definition BasicTypes.h:180
SVF::ConstantStruct
llvm::ConstantStruct ConstantStruct
Definition BasicTypes.h:106
SVF::StructType
llvm::StructType StructType
LLVM types.
Definition BasicTypes.h:94
SVF::succ_const_iterator
llvm::succ_const_iterator succ_const_iterator
LLVM Iterators.
Definition BasicTypes.h:276
SVF::AllocaInst
llvm::AllocaInst AllocaInst
Definition BasicTypes.h:150
SVF::SwitchInst
llvm::SwitchInst SwitchInst
Definition BasicTypes.h:155
SVF::NodeID
u32_t NodeID
Definition GeneralType.h:56
SVF::InvokeInst
llvm::InvokeInst InvokeInst
Definition BasicTypes.h:163
SVF::Argument
llvm::Argument Argument
Definition BasicTypes.h:145
SVF::LoadInst
llvm::LoadInst LoadInst
Definition BasicTypes.h:149
SVF::APOffset
s64_t APOffset
Definition GeneralType.h:60
SVF::const_pred_iterator
llvm::const_pred_iterator const_pred_iterator
Definition BasicTypes.h:254
SVF::CmpInst
llvm::CmpInst CmpInst
Definition BasicTypes.h:159
SVF::Function
llvm::Function Function
Definition BasicTypes.h:85
SVF::ConstantData
llvm::ConstantData ConstantData
Definition BasicTypes.h:116
SVF::LoopInfo
llvm::LoopInfo LoopInfo
Definition BasicTypes.h:141
SVF::Instruction
llvm::Instruction Instruction
Definition BasicTypes.h:87
SVF::Constant
llvm::Constant Constant
Definition BasicTypes.h:124
SVF::DomTreeNode
llvm::DomTreeNode DomTreeNode
Definition BasicTypes.h:134
SVF::ConstantDataSequential
llvm::ConstantDataSequential ConstantDataSequential
Definition BasicTypes.h:119
SVF::Value
llvm::Value Value
LLVM Basic classes.
Definition BasicTypes.h:82
SVF::ConstantExpr
llvm::ConstantExpr ConstantExpr
Definition BasicTypes.h:120
SVF::IRBuilder
llvm::IRBuilder IRBuilder
Definition BasicTypes.h:74
SVF::CastInst
llvm::CastInst CastInst
Definition BasicTypes.h:158
SVF::FreezeInst
llvm::FreezeInst FreezeInst
Definition BasicTypes.h:169
SVF::Module
llvm::Module Module
Definition BasicTypes.h:84
SVF::BinaryOperator
llvm::BinaryOperator BinaryOperator
Definition BasicTypes.h:179
SVF::PostDominatorTree
llvm::PostDominatorTree PostDominatorTree
Definition BasicTypes.h:136
SVF::DominanceFrontier
llvm::DominanceFrontier DominanceFrontier
Definition BasicTypes.h:135
SVF::StoreInst
llvm::StoreInst StoreInst
Definition BasicTypes.h:148
SVF::SelectInst
llvm::SelectInst SelectInst
Definition BasicTypes.h:174
SVF::VAArgInst
llvm::VAArgInst VAArgInst
Definition BasicTypes.h:175
SVF::Loop
llvm::Loop Loop
LLVM Loop.
Definition BasicTypes.h:140
SVF::GetElementPtrInst
llvm::GetElementPtrInst GetElementPtrInst
Definition BasicTypes.h:162
SVF::CallBrInst
llvm::CallBrInst CallBrInst
Definition BasicTypes.h:156
SVF::ReturnInst
llvm::ReturnInst ReturnInst
Definition BasicTypes.h:157
SVF::PHINode
llvm::PHINode PHINode
Definition BasicTypes.h:165
SVF::BranchInst
llvm::BranchInst BranchInst
Definition BasicTypes.h:154
SVF::ExtractValueInst
llvm::ExtractValueInst ExtractValueInst
Definition BasicTypes.h:160
SVF::u32_t
unsigned u32_t
Definition GeneralType.h:47
SVF::s64_t
signed long long s64_t
Definition GeneralType.h:50
SVF::CallInst
llvm::CallInst CallInst
Definition BasicTypes.h:147
SVF::ConstantInt
llvm::ConstantInt ConstantInt
Definition BasicTypes.h:125
SVF::DominatorTree
llvm::DominatorTree DominatorTree
LLVM Dominators.
Definition BasicTypes.h:133
SVF::ExtractElementInst
llvm::ExtractElementInst ExtractElementInst
Definition BasicTypes.h:161
SVF::User
llvm::User User
Definition BasicTypes.h:142
Generated by doxygen 1.9.8