#include <Andersen.h>
Public Member Functions | |
| Andersen (SVFIR *_pag, PTATY type=Andersen_WPA, bool alias_check=true) | |
| Constructor. More... | |
| virtual | ~Andersen () |
| Destructor. More... | |
| virtual void | initialize () |
| Initialize analysis. More... | |
| virtual void | finalize () |
| Finalize analysis. More... | |
| void | resetData () |
| Reset data. More... | |
| virtual const PointsTo & | getPts (NodeID id) |
| Operation of points-to set. More... | |
| virtual bool | unionPts (NodeID id, const PointsTo &target) |
| virtual bool | unionPts (NodeID id, NodeID ptd) |
| void | dumpTopLevelPtsTo () |
| void | setDetectPWC (bool flag) |
 Public Member Functions inherited from SVF::AndersenBase | |
| AndersenBase (SVFIR *_pag, PTATY type=Andersen_BASE, bool alias_check=true) | |
| Constructor. More... | |
| ~AndersenBase () override | |
| Destructor. More... | |
| virtual void | analyze () override |
| Andersen analysis. More... | |
| virtual void | solveAndwritePtsToFile (const std::string &filename) |
| virtual void | readPtsFromFile (const std::string &filename) |
| virtual void | solveConstraints () |
| virtual bool | updateCallGraph (const CallSiteToFunPtrMap &) override |
| Update call graph. More... | |
| virtual bool | updateThreadCallGraph (const CallSiteToFunPtrMap &, NodePairSet &) |
| Update thread call graph. More... | |
| virtual void | connectCaller2ForkedFunParams (const CallICFGNode *cs, const SVFFunction *F, NodePairSet &cpySrcNodes) |
| Connect formal and actual parameters for indirect forksites. More... | |
| virtual void | connectCaller2CalleeParams (const CallICFGNode *cs, const SVFFunction *F, NodePairSet &cpySrcNodes) |
| Connect formal and actual parameters for indirect callsites. More... | |
| ConstraintGraph * | getConstraintGraph () |
| Get constraint graph. More... | |
| NodeID | sccRepNode (NodeID id) const override |
| SCC methods. More... | |
| NodeBS & | sccSubNodes (NodeID repId) |
| void | printStat () |
| dump statistics More... | |
| virtual void | normalizePointsTo () override |
| void | cleanConsCG (NodeID id) |
| remove redundant gepnodes in constraint graph More... | |
| Public Member Functions inherited from SVF::BVDataPTAImpl | |
| BVDataPTAImpl (SVFIR *pag, PointerAnalysis::PTATY type, bool alias_check=true) | |
| Constructor. More... | |
| ~BVDataPTAImpl () override=default | |
| Destructor. More... | |
| PersistentPointsToCache< PointsTo > & | getPtCache () |
| const NodeSet & | getRevPts (NodeID nodeId) override |
| virtual void | clearPts (NodeID id, NodeID element) |
| Remove element from the points-to set of id. More... | |
| virtual void | clearFullPts (NodeID id) |
| Clear points-to set of id. More... | |
| virtual bool | addPts (NodeID id, NodeID ptd) |
| virtual void | clearAllPts () |
| Clear all data. More... | |
| virtual void | expandFIObjs (const PointsTo &pts, PointsTo &expandedPts) |
| Expand FI objects. More... | |
| virtual void | expandFIObjs (const NodeBS &pts, NodeBS &expandedPts) |
| TODO: remove repetition. More... | |
| void | remapPointsToSets (void) |
| Remap all points-to sets to use the current mapping. More... | |
| virtual void | writeToFile (const std::string &filename) |
| Interface for analysis result storage on filesystem. More... | |
| virtual void | writeObjVarToFile (const std::string &filename) |
| virtual void | writePtsResultToFile (std::fstream &f) |
| virtual void | writeGepObjVarMapToFile (std::fstream &f) |
| virtual bool | readFromFile (const std::string &filename) |
| virtual void | readPtsResultFromFile (std::ifstream &f) |
| virtual void | readGepObjVarMapFromFile (std::ifstream &f) |
| virtual void | readAndSetObjFieldSensitivity (std::ifstream &f, const std::string &delimiterStr) |
| AliasResult | alias (const SVFValue *V1, const SVFValue *V2) override |
| Interface expose to users of our pointer analysis, given Value infos. More... | |
| AliasResult | alias (NodeID node1, NodeID node2) override |
| Interface expose to users of our pointer analysis, given PAGNodeID. More... | |
| virtual AliasResult | alias (const PointsTo &pts1, const PointsTo &pts2) |
| Interface expose to users of our pointer analysis, given two pts. More... | |
| void | dumpCPts () override |
| dump and debug, print out conditional pts More... | |
| void | dumpAllPts () override |
| Public Member Functions inherited from SVF::PointerAnalysis | |
| ICFG * | getICFG () const |
| Get ICFG. More... | |
| u32_t | getNumOfResolvedIndCallEdge () const |
| Return number of resolved indirect call edges. More... | |
| PTACallGraph * | getCallGraph () const |
| Return call graph. More... | |
| CallGraphSCC * | getCallGraphSCC () const |
| Return call graph SCC. More... | |
| PointerAnalysis (SVFIR *pag, PTATY ty=Default_PTA, bool alias_check=true) | |
| Constructor. More... | |
| PTATY | getAnalysisTy () const |
| Type of pointer analysis. More... | |
| PTAImplTy | getImplTy () const |
| Return implementation type of the pointer analysis. More... | |
| bool | printStat () |
| Whether print statistics. More... | |
| void | disablePrintStat () |
| Whether print statistics. More... | |
| CallEdgeMap & | getIndCallMap () |
| Get callees from an indirect callsite. More... | |
| bool | hasIndCSCallees (const CallICFGNode *cs) const |
| const FunctionSet & | getIndCSCallees (const CallICFGNode *cs) const |
| virtual void | resolveIndCalls (const CallICFGNode *cs, const PointsTo &target, CallEdgeMap &newEdges) |
| Resolve indirect call edges. More... | |
| void | callGraphSCCDetection () |
| PTACallGraph SCC related methods. More... | |
| NodeID | getCallGraphSCCRepNode (NodeID id) const |
| Get SCC rep node of a SVFG node. More... | |
| bool | inSameCallGraphSCC (const SVFFunction *fun1, const SVFFunction *fun2) |
| Return TRUE if this edge is inside a PTACallGraph SCC, i.e., src node and dst node are in the same SCC on the SVFG. More... | |
| bool | isInRecursion (const SVFFunction *fun) const |
| bool | isLocalVarInRecursiveFun (NodeID id) const |
| Whether a local variable is in function recursions. More... | |
| CommonCHGraph * | getCHGraph () const |
| get CHGraph More... | |
| void | getVFnsFromCHA (const CallICFGNode *cs, VFunSet &vfns) |
| void | getVFnsFromPts (const CallICFGNode *cs, const PointsTo &target, VFunSet &vfns) |
| void | connectVCallToVFns (const CallICFGNode *cs, const VFunSet &vfns, CallEdgeMap &newEdges) |
| virtual void | resolveCPPIndCalls (const CallICFGNode *cs, const PointsTo &target, CallEdgeMap &newEdges) |
| Resolve cpp indirect call edges. More... | |
| SVFIR * | getPAG () const |
| PTAStat * | getStat () const |
| Get PTA stat. More... | |
| SVFModule * | getModule () const |
| Module. More... | |
| OrderedNodeSet & | getAllValidPtrs () |
| Get all Valid Pointers for resolution. More... | |
| virtual | ~PointerAnalysis () |
| Destructor. More... | |
| virtual void | computeDDAPts (NodeID) |
| Compute points-to results on-demand, overridden by derived classes. More... | |
| void | printIndCSTargets (const CallICFGNode *cs, const FunctionSet &targets) |
| Print targets of a function pointer. More... | |
| virtual void | dumpPts (NodeID ptr, const PointsTo &pts) |
| void | printIndCSTargets () |
| void | dumpAllTypes () |
| void | dumpStat () |
| Dump the statistics. More... | |
| bool | containBlackHoleNode (const PointsTo &pts) |
| Determine whether a points-to contains a black hole or constant node. More... | |
| bool | containConstantNode (const PointsTo &pts) |
| virtual bool | isBlkObjOrConstantObj (NodeID ptd) const |
| bool | isHeapMemObj (NodeID id) const |
| Whether this object is heap or array. More... | |
| bool | isArrayMemObj (NodeID id) const |
| bool | isFIObjNode (NodeID id) const |
| NodeID | getBaseObjVar (NodeID id) |
| NodeID | getFIObjVar (NodeID id) |
| NodeID | getGepObjVar (NodeID id, const APOffset &ap) |
| virtual const NodeBS & | getAllFieldsObjVars (NodeID id) |
| void | setObjFieldInsensitive (NodeID id) |
| bool | isFieldInsensitive (NodeID id) const |
Static Public Member Functions | |
| static bool | classof (const Andersen *) |
| Methods for support type inquiry through isa, cast, and dyn_cast: More... | |
| static bool | classof (const PointerAnalysis *pta) |
| Static Public Member Functions inherited from SVF::AndersenBase | |
| static bool | classof (const AndersenBase *) |
| Methods for support type inquiry through isa, cast, and dyn_cast: More... | |
| static bool | classof (const PointerAnalysis *pta) |
| Static Public Member Functions inherited from SVF::BVDataPTAImpl | |
| static bool | classof (const PointerAnalysis *pta) |
Protected Member Functions | |
| virtual void | computeDiffPts (NodeID id) |
| Handle diff points-to set. More... | |
| virtual const PointsTo & | getDiffPts (NodeID id) |
| void | updatePropaPts (NodeID dstId, NodeID srcId) |
| Handle propagated points-to set. More... | |
| void | clearPropaPts (NodeID src) |
| virtual void | initWorklist () |
| virtual void | processNode (NodeID nodeId) |
| Override WPASolver function in order to use the default solver. More... | |
| void | processAllAddr () |
| handling various constraints More... | |
| virtual bool | processLoad (NodeID node, const ConstraintEdge *load) |
| virtual bool | processStore (NodeID node, const ConstraintEdge *load) |
| virtual bool | processCopy (NodeID node, const ConstraintEdge *edge) |
| virtual bool | processGep (NodeID node, const GepCGEdge *edge) |
| virtual void | handleCopyGep (ConstraintNode *node) |
| virtual void | handleLoadStore (ConstraintNode *node) |
| virtual void | processAddr (const AddrCGEdge *addr) |
| virtual bool | processGepPts (const PointsTo &pts, const GepCGEdge *edge) |
| virtual bool | addCopyEdge (NodeID src, NodeID dst) |
| Add copy edge on constraint graph. More... | |
| virtual void | mergeNodeToRep (NodeID nodeId, NodeID newRepId) |
| Merge sub node to its rep. More... | |
| virtual bool | mergeSrcToTgt (NodeID srcId, NodeID tgtId) |
| void | mergeSccNodes (NodeID repNodeId, const NodeBS &subNodes) |
| Merge sub node in a SCC cycle to their rep node. More... | |
| void | mergeSccCycle () |
| virtual void | collapsePWCNode (NodeID nodeId) |
| Collapse a field object into its base for field insensitive analysis. More... | |
| void | collapseFields () |
| collapse positive weight cycles of a graph More... | |
| bool | collapseNodePts (NodeID nodeId) |
| bool | collapseField (NodeID nodeId) |
| void | updateNodeRepAndSubs (NodeID nodeId, NodeID newRepId) |
| Updates subnodes of its rep, and rep node of its subs. More... | |
| virtual NodeStack & | SCCDetect () |
| SCC detection. More... | |
| void | sanitizePts () |
| Sanitize pts for field insensitive objects. More... | |
| virtual const std::string | PTAName () const |
| Get PTA name. More... | |
| virtual void | cluster (void) const |
| Protected Member Functions inherited from SVF::AndersenBase | |
| void | heapAllocatorViaIndCall (const CallICFGNode *cs, NodePairSet &cpySrcNodes) |
| Protected Member Functions inherited from SVF::WPASolver< GraphType > | |
| WPASolver () | |
| Constructor. More... | |
| virtual | ~WPASolver ()=default |
| Destructor. More... | |
| SCC * | getSCCDetector () const |
| Get SCC detector. More... | |
| const GraphType | graph () |
| Get/Set graph methods. More... | |
| void | setGraph (GraphType g) |
| virtual NodeStack & | SCCDetect (NodeSet &candidates) |
| virtual void | solveWorklist () |
| virtual void | propagate (GNODE *v) |
| virtual bool | propFromSrcToDst (GEDGE *) |
| Propagate information from source to destination node, to be implemented in the child class. More... | |
| NodeID | popFromWorklist () |
| Worklist operations. More... | |
| virtual void | pushIntoWorklist (NodeID id) |
| bool | isWorklistEmpty () |
| bool | isInWorklist (NodeID id) |
| GNODE * | Node (NodeID id) |
| Get node on the graph. More... | |
| NodeID | Node_Index (GNODE node) |
| Get node ID. More... | |
| Protected Member Functions inherited from SVF::BVDataPTAImpl | |
| PTDataTy * | getPTDataTy () const |
| Get points-to data structure. More... | |
| DiffPTDataTy * | getDiffPTDataTy () const |
| DFPTDataTy * | getDFPTDataTy () const |
| MutDFPTDataTy * | getMutDFPTDataTy () const |
| VersionedPTDataTy * | getVersionedPTDataTy () const |
| virtual void | onTheFlyCallGraphSolve (const CallSiteToFunPtrMap &callsites, CallEdgeMap &newEdges) |
| On the fly call graph construction. More... | |
| virtual void | onTheFlyThreadCallGraphSolve (const CallSiteToFunPtrMap &callsites, CallEdgeMap &newForkEdges) |
| On the fly thread call graph construction respecting forksite. More... | |
| Protected Member Functions inherited from SVF::PointerAnalysis | |
| const CallSiteToFunPtrMap & | getIndirectCallsites () const |
| Return all indirect callsites. More... | |
| NodeID | getFunPtr (const CallICFGNode *cs) const |
| Return function pointer PAGNode at a callsite cs. More... | |
| virtual void | validateTests () |
| Alias check functions to verify correctness of pointer analysis. More... | |
| virtual void | validateSuccessTests (std::string fun) |
| virtual void | validateExpectedFailureTests (std::string fun) |
| void | resetObjFieldSensitive () |
| Reset all object node as field-sensitive. More... | |
Protected Attributes | |
| CallSite2DummyValPN | callsite2DummyValPN |
| Map an instruction to a dummy obj which created at an indirect callsite, which invokes a heap allocator. More... | |
| Protected Attributes inherited from SVF::AndersenBase | |
| ConstraintGraph * | consCG |
| Constraint Graph. More... | |
| CallSite2DummyValPN | callsite2DummyValPN |
| Protected Attributes inherited from SVF::WPASolver< GraphType > | |
| bool | reanalyze |
| Reanalyze if any constraint value changed. More... | |
| u32_t | iterationForPrintStat |
| print out statistics for i-th iteration More... | |
| GraphType | _graph |
| Graph. More... | |
| std::unique_ptr< SCC > | scc |
| SCC. More... | |
| WorkList | worklist |
| Worklist for resolution. More... | |
| Protected Attributes inherited from SVF::PointerAnalysis | |
| bool | print_stat |
| User input flags. More... | |
| bool | alias_validation |
| Flag for validating points-to/alias results. More... | |
| u32_t | OnTheFlyIterBudgetForStat |
| Flag for iteration budget for on-the-fly statistics. More... | |
| SVFModule * | svfMod |
| Module. More... | |
| PTATY | ptaTy |
| Pointer analysis Type. More... | |
| PTAImplTy | ptaImplTy |
| PTA implementation type. More... | |
| PTAStat * | stat |
| Statistics. More... | |
| PTACallGraph * | callgraph |
| Call graph used for pointer analysis. More... | |
| CallGraphSCC * | callGraphSCC |
| SCC for PTACallGraph. More... | |
| ICFG * | icfg |
| Interprocedural control-flow graph. More... | |
| CommonCHGraph * | chgraph |
| CHGraph. More... | |
Additional Inherited Members | |
| Public Attributes inherited from SVF::AndersenBase | |
| NodeBS | redundantGepNodes |
| Public Attributes inherited from SVF::WPASolver< GraphType > | |
| u32_t | numOfIteration |
| num of iterations during constraint solving More... | |
| Static Public Attributes inherited from SVF::AndersenBase | |
| static u32_t | numOfProcessedAddr = 0 |
| Statistics. More... | |
| static u32_t | numOfProcessedCopy = 0 |
| Number of processed Addr edge. More... | |
| static u32_t | numOfProcessedGep = 0 |
| Number of processed Copy edge. More... | |
| static u32_t | numOfProcessedLoad = 0 |
| Number of processed Gep edge. More... | |
| static u32_t | numOfProcessedStore = 0 |
| Number of processed Load edge. More... | |
| static u32_t | numOfSfrs = 0 |
| Number of processed Store edge. More... | |
| static u32_t | numOfFieldExpand = 0 |
| static u32_t | numOfSCCDetection = 0 |
| static double | timeOfSCCDetection = 0 |
| static double | timeOfSCCMerges = 0 |
| static double | timeOfCollapse = 0 |
| static u32_t | AveragePointsToSetSize = 0 |
| static u32_t | MaxPointsToSetSize = 0 |
| static double | timeOfProcessCopyGep = 0 |
| static double | timeOfProcessLoadStore = 0 |
| static double | timeOfUpdateCallGraph = 0 |
| Static Public Attributes inherited from SVF::PointerAnalysis | |
| static const std::string | aliasTestMayAlias = "MAYALIAS" |
| static const std::string | aliasTestMayAliasMangled = "_Z8MAYALIASPvS_" |
| static const std::string | aliasTestNoAlias = "NOALIAS" |
| static const std::string | aliasTestNoAliasMangled = "_Z7NOALIASPvS_" |
| static const std::string | aliasTestPartialAlias = "PARTIALALIAS" |
| static const std::string | aliasTestPartialAliasMangled = "_Z12PARTIALALIASPvS_" |
| static const std::string | aliasTestMustAlias = "MUSTALIAS" |
| static const std::string | aliasTestMustAliasMangled = "_Z9MUSTALIASPvS_" |
| static const std::string | aliasTestFailMayAlias = "EXPECTEDFAIL_MAYALIAS" |
| static const std::string | aliasTestFailMayAliasMangled = "_Z21EXPECTEDFAIL_MAYALIASPvS_" |
| static const std::string | aliasTestFailNoAlias = "EXPECTEDFAIL_NOALIAS" |
| static const std::string | aliasTestFailNoAliasMangled = "_Z20EXPECTEDFAIL_NOALIASPvS_" |
| Static Protected Attributes inherited from SVF::PointerAnalysis | |
| static SVFIR * | pag = nullptr |
| SVFIR. More... | |
Detailed Description
Inclusion-based Pointer Analysis
Definition at line 189 of file Andersen.h.
Member Typedef Documentation
◆ CGSCC
| typedef SCCDetection<ConstraintGraph*> SVF::Andersen::CGSCC |
Definition at line 194 of file Andersen.h.
Constructor & Destructor Documentation
◆ Andersen()
|
inline |
Constructor.
Definition at line 197 of file Andersen.h.
◆ ~Andersen()
|
inlinevirtual |
Member Function Documentation
◆ addCopyEdge()
Add copy edge on constraint graph.
Implements SVF::AndersenBase.
Reimplemented in SVF::AndersenSCD.
Definition at line 323 of file Andersen.h.
◆ classof() [1/2]
|
inlinestatic |
Methods for support type inquiry through isa, cast, and dyn_cast:
Definition at line 225 of file Andersen.h.
◆ classof() [2/2]
|
inlinestatic |
Definition at line 229 of file Andersen.h.
◆ clearPropaPts()
|
inlineprotected |
Definition at line 294 of file Andersen.h.
◆ cluster()
|
protectedvirtual |
Runs a Steensgaard analysis and performs clustering based on those results set the global best mapping.
Definition at line 917 of file Andersen.cpp.
◆ collapseField()
|
protected |
Collapse field. make struct with the same base as nodeId become field-insensitive.
Black hole doesn't have structures, no collapse is needed. In later versions, instead of using base node to represent the struct, we'll create new field-insensitive node. To avoid creating a new "black hole" node, do not collapse field for black hole node.
Definition at line 773 of file Andersen.cpp.
◆ collapseFields()
|
inlineprotectedvirtual |
collapse positive weight cycles of a graph
Reimplemented from SVF::WPASolver< GraphType >.
Definition at line 695 of file Andersen.cpp.
◆ collapseNodePts()
|
protected |
Collapse node's points-to set. Change all points-to elements into field-insensitive.
Points to set may be changed during collapse, so use a clone instead.
Definition at line 753 of file Andersen.cpp.
◆ collapsePWCNode()
|
inlineprotectedvirtual |
Collapse a field object into its base for field insensitive analysis.
Detect and collapse PWC nodes produced by processing gep edges, under the constraint of field limit.
Definition at line 686 of file Andersen.cpp.
◆ computeDiffPts()
|
inlineprotectedvirtual |
Handle diff points-to set.
Definition at line 268 of file Andersen.h.
◆ dumpTopLevelPtsTo()
|
virtual |
Print pag nodes' pts by an ascending order
Reimplemented from SVF::BVDataPTAImpl.
Definition at line 939 of file Andersen.cpp.
◆ finalize()
|
virtual |
Finalize analysis.
Finalize analysis
sanitize field insensitive obj TODO: Fields has been collapsed during Andersen::collapseField().
Reimplemented from SVF::AndersenBase.
Definition at line 432 of file Andersen.cpp.
◆ getDiffPts()
Definition at line 276 of file Andersen.h.
◆ getPts()
Operation of points-to set.
Reimplemented from SVF::BVDataPTAImpl.
Definition at line 239 of file Andersen.h.
◆ handleCopyGep()
|
protectedvirtual |
Process copy and gep edges
Reimplemented in SVF::AndersenSCD.
Definition at line 476 of file Andersen.cpp.
◆ handleLoadStore()
|
protectedvirtual |
Process load and store edges
Reimplemented in SVF::AndersenSCD.
Definition at line 496 of file Andersen.cpp.
◆ initialize()
|
virtual |
Initialize analysis.
Connect formal and actual parameters for indirect callsites ‍/
void AndersenBase::connectCaller2CalleeParams(const CallICFGNode* cs, const SVFFunction* F, NodePairSet &cpySrcNodes) { assert(F);
DBOUT(DAndersen, outs() << "connect parameters from indirect callsite " << cs->valueOnlyToString() << " to callee " << *F << "\n");
const CallICFGNode* callBlockNode = cs; const RetICFGNode* retBlockNode = cs->getRetICFGNode();
if(SVFUtil::isHeapAllocExtFunViaRet(F) && pag->callsiteHasRet(retBlockNode)) { heapAllocatorViaIndCall(cs,cpySrcNodes); }
if (pag->funHasRet(F) && pag->callsiteHasRet(retBlockNode)) { const PAGNode* cs_return = pag->getCallSiteRet(retBlockNode); const PAGNode* fun_return = pag->getFunRet(F); if (cs_return->isPointer() && fun_return->isPointer()) { NodeID dstrec = sccRepNode(cs_return->getId()); NodeID srcret = sccRepNode(fun_return->getId()); if(addCopyEdge(srcret, dstrec)) { cpySrcNodes.insert(std::make_pair(srcret,dstrec)); } } else { DBOUT(DAndersen, outs() << "not a pointer ignored\n"); } }
if (pag->hasCallSiteArgsMap(callBlockNode) && pag->hasFunArgsList(F)) {
connect actual and formal param const SVFIR::SVFVarList& csArgList = pag->getCallSiteArgsList(callBlockNode); const SVFIR::SVFVarList& funArgList = pag->getFunArgsList(F); Go through the fixed parameters. DBOUT(DPAGBuild, outs() << " args:"); SVFIR::SVFVarList::const_iterator funArgIt = funArgList.begin(), funArgEit = funArgList.end(); SVFIR::SVFVarList::const_iterator csArgIt = csArgList.begin(), csArgEit = csArgList.end(); for (; funArgIt != funArgEit; ++csArgIt, ++funArgIt) { Some programs (e.g. Linux kernel) leave unneeded parameters empty. if (csArgIt == csArgEit) { DBOUT(DAndersen, outs() << " !! not enough args\n"); break; } const PAGNode *cs_arg = *csArgIt ; const PAGNode *fun_arg = *funArgIt;
if (cs_arg->isPointer() && fun_arg->isPointer()) { DBOUT(DAndersen, outs() << "process actual parm " << cs_arg->toString() << " \n"); NodeID srcAA = sccRepNode(cs_arg->getId()); NodeID dstFA = sccRepNode(fun_arg->getId()); if(addCopyEdge(srcAA, dstFA)) { cpySrcNodes.insert(std::make_pair(srcAA,dstFA)); } } }
Any remaining actual args must be varargs. if (F->isVarArg()) { NodeID vaF = sccRepNode(pag->getVarargNode(F)); DBOUT(DPAGBuild, outs() << "\n varargs:"); for (; csArgIt != csArgEit; ++csArgIt) { const PAGNode *cs_arg = *csArgIt; if (cs_arg->isPointer()) { NodeID vnAA = sccRepNode(cs_arg->getId()); if (addCopyEdge(vnAA,vaF)) { cpySrcNodes.insert(std::make_pair(vnAA,vaF)); } } } } if(csArgIt != csArgEit) { writeWrnMsg("too many args to non-vararg func."); writeWrnMsg("(" + cs->getSourceLoc() + ")"); } } }
void AndersenBase::heapAllocatorViaIndCall(const CallICFGNode* cs, NodePairSet &cpySrcNodes) { assert(cs->getCalledFunction() == nullptr && "not an indirect callsite?"); const RetICFGNode* retBlockNode = cs->getRetICFGNode(); const PAGNode* cs_return = pag->getCallSiteRet(retBlockNode); NodeID srcret; CallSite2DummyValPN::const_iterator it = callsite2DummyValPN.find(cs); if(it != callsite2DummyValPN.end()) { srcret = sccRepNode(it->second); } else { NodeID valNode = pag->addDummyValNode(); NodeID objNode = pag->addDummyObjNode(cs->getType()); addPts(valNode,objNode); callsite2DummyValPN.insert(std::make_pair(cs,valNode)); consCG->addConstraintNode(new ConstraintNode(valNode),valNode); consCG->addConstraintNode(new ConstraintNode(objNode),objNode); srcret = valNode; }
NodeID dstrec = sccRepNode(cs_return->getId()); if(addCopyEdge(srcret, dstrec)) cpySrcNodes.insert(std::make_pair(srcret,dstrec)); }
void AndersenBase::normalizePointsTo() { SVFIR::MemObjToFieldsMap &memToFieldsMap = pag->getMemToFieldsMap(); SVFIR::NodeOffsetMap &GepObjVarMap = pag->getGepObjNodeMap();
clear GepObjVarMap/memToFieldsMap/nodeToSubsMap/nodeToRepMap for redundant gepnodes and remove those nodes from pag for (NodeID n: redundantGepNodes) { NodeID base = pag->getBaseObjVar(n); GepObjVar *gepNode = SVFUtil::dyn_cast<GepObjVar>(pag->getGNode(n)); assert(gepNode && "Not a gep node in redundantGepNodes set"); const APOffset apOffset = gepNode->getConstantFieldIdx(); GepObjVarMap.erase(std::make_pair(base, apOffset)); memToFieldsMap[base].reset(n); cleanConsCG(n);
pag->removeGNode(gepNode); } }
/*! Initialize analysis
Initialize worklist
Reimplemented from SVF::AndersenBase.
Reimplemented in SVF::AndersenSFR, and SVF::AndersenWaveDiff.
Definition at line 418 of file Andersen.cpp.
◆ initWorklist()
|
inlineprotectedvirtual |
◆ mergeNodeToRep()
Merge sub node to its rep.
Definition at line 889 of file Andersen.cpp.
◆ mergeSccCycle()
|
protected |
Definition at line 710 of file Andersen.cpp.
◆ mergeSccNodes()
Merge sub node in a SCC cycle to their rep node.
Union points-to of subscc nodes into its rep nodes Move incoming/outgoing direct edges of sub node to rep node
Definition at line 738 of file Andersen.cpp.
◆ mergeSrcToTgt()
merge nodeId to newRepId. Return true if the newRepId is a PWC node
union pts of node to rep
move the edges from node to rep, and remove the node
- if find gep edges inside SCC cycle, the rep node will become a PWC node and its pts should be collapsed later.
- if the node to be merged is already a PWC node, the rep node will also become a PWC node as it will have a self-cycle gep edge.
set rep and sub relations
Reimplemented in SVF::AndersenSFR.
Definition at line 858 of file Andersen.cpp.
◆ processAddr()
|
protectedvirtual |
Process address edges
Reimplemented in SVF::AndersenSCD.
Definition at line 538 of file Andersen.cpp.
◆ processAllAddr()
|
protected |
handling various constraints
Process address edges
Definition at line 524 of file Andersen.cpp.
◆ processCopy()
|
protectedvirtual |
Process copy edges src –copy--> dst, union pts(dst) with pts(src)
Definition at line 593 of file Andersen.cpp.
◆ processGep()
Process gep edges src –gep--> dst, for each srcPtdNode \in pts(src) ==> add fieldSrcPtdNode into tmpDstPts union pts(dst) with tmpDstPts
Definition at line 613 of file Andersen.cpp.
◆ processGepPts()
Compute points-to for gep edges
Reimplemented in SVF::AndersenSFR.
Definition at line 622 of file Andersen.cpp.
◆ processLoad()
|
protectedvirtual |
Process load edges src –load--> dst, node \in pts(src) ==> node–copy-->dst
TODO: New copy edges are also added for black hole obj node to make gcc in spec 2000 pass the flow-sensitive analysis. Try to handle black hole obj in an appropriate way.
Definition at line 553 of file Andersen.cpp.
◆ processNode()
|
protectedvirtual |
Override WPASolver function in order to use the default solver.
Start constraint solving
Reimplemented from SVF::WPASolver< GraphType >.
Reimplemented in SVF::AndersenWaveDiff.
Definition at line 455 of file Andersen.cpp.
◆ processStore()
|
protectedvirtual |
Process store edges src –store--> dst, node \in pts(dst) ==> src–copy-->node
TODO: New copy edges are also added for black hole obj node to make gcc in spec 2000 pass the flow-sensitive analysis. Try to handle black hole obj in an appropriate way
Definition at line 573 of file Andersen.cpp.
◆ PTAName()
|
inlineprotectedvirtual |
◆ resetData()
|
inline |
Reset data.
Definition at line 215 of file Andersen.h.
◆ sanitizePts()
|
inlineprotected |
◆ SCCDetect()
|
protectedvirtual |
SCC detection.
SCC detection on constraint graph
Reimplemented from SVF::WPASolver< GraphType >.
Reimplemented in SVF::AndersenSCD.
Definition at line 834 of file Andersen.cpp.
◆ setDetectPWC()
|
inline |
Definition at line 258 of file Andersen.h.
◆ unionPts() [1/2]
Union/add points-to. Add the reverse points-to for node collapse purpose To be noted that adding reverse pts might incur 10% total overhead during solving
Reimplemented from SVF::BVDataPTAImpl.
Definition at line 243 of file Andersen.h.
◆ unionPts() [2/2]
◆ updateNodeRepAndSubs()
Updates subnodes of its rep, and rep node of its subs.
update nodeToRepMap, for each subs of current node updates its rep to newRepId
Definition at line 899 of file Andersen.cpp.
◆ updatePropaPts()
Handle propagated points-to set.
Definition at line 286 of file Andersen.h.
Member Data Documentation
◆ callsite2DummyValPN
|
protected |
Map an instruction to a dummy obj which created at an indirect callsite, which invokes a heap allocator.
Definition at line 265 of file Andersen.h.
The documentation for this class was generated from the following files:
- /home/runner/work/SVF/SVF/svf/include/WPA/Andersen.h
- /home/runner/work/SVF/SVF/svf/lib/WPA/Andersen.cpp
