Static Value-Flow Analysis
Loading...
Searching...
No Matches
Public Types | Public Member Functions | Static Public Member Functions | Protected Member Functions | Private Attributes | Static Private Attributes | List of all members
SVF::AndersenSFR Class Reference

#include <AndersenPWC.h>

Inheritance diagram for SVF::AndersenSFR:
SVF::AndersenSCD SVF::Andersen SVF::AndersenBase SVF::WPASolver< GraphType > SVF::BVDataPTAImpl SVF::PointerAnalysis

Public Types

typedef Map< NodeID, NodeBSNodeStrides
 
typedef Map< NodeID, NodeSetFieldReps
 
typedef Map< NodeID, std::pair< NodeID, NodeSet > > SFRTrait
 
- Public Types inherited from SVF::AndersenSCD
typedef Map< NodeID, NodeIDNodeToNodeMap
 
- Public Types inherited from SVF::Andersen
typedef SCCDetection< ConstraintGraph * > CGSCC
 
- Public Types inherited from SVF::AndersenBase
typedef OrderedMap< const CallICFGNode *, NodeIDCallSite2DummyValPN
 
- Public Types inherited from SVF::WPASolver< GraphType >
typedef SVF::GenericGraphTraits< GraphTypeGTraits
 Define the GTraits and node iterator for printing.
 
typedef GTraits::NodeRef GNODE
 
typedef GTraits::EdgeType GEDGE
 
typedef GTraits::ChildIteratorType child_iterator
 
typedef SCCDetection< GraphTypeSCC
 
typedef FIFOWorkList< NodeIDWorkList
 
- Public Types inherited from SVF::BVDataPTAImpl
enum  PTBackingType { Mutable , Persistent }
 How the PTData used is implemented. More...
 
typedef PTData< NodeID, NodeSet, NodeID, PointsToPTDataTy
 
typedef DiffPTData< NodeID, NodeSet, NodeID, PointsToDiffPTDataTy
 
typedef DFPTData< NodeID, NodeSet, NodeID, PointsToDFPTDataTy
 
typedef VersionedPTData< NodeID, NodeSet, NodeID, PointsTo, VersionedVar, Set< VersionedVar > > VersionedPTDataTy
 
typedef MutablePTData< NodeID, NodeSet, NodeID, PointsToMutPTDataTy
 
typedef MutableDiffPTData< NodeID, NodeSet, NodeID, PointsToMutDiffPTDataTy
 
typedef MutableDFPTData< NodeID, NodeSet, NodeID, PointsToMutDFPTDataTy
 
typedef MutableIncDFPTData< NodeID, NodeSet, NodeID, PointsToMutIncDFPTDataTy
 
typedef MutableVersionedPTData< NodeID, NodeSet, NodeID, PointsTo, VersionedVar, Set< VersionedVar > > MutVersionedPTDataTy
 
typedef PersistentPTData< NodeID, NodeSet, NodeID, PointsToPersPTDataTy
 
typedef PersistentDiffPTData< NodeID, NodeSet, NodeID, PointsToPersDiffPTDataTy
 
typedef PersistentDFPTData< NodeID, NodeSet, NodeID, PointsToPersDFPTDataTy
 
typedef PersistentIncDFPTData< NodeID, NodeSet, NodeID, PointsToPersIncDFPTDataTy
 
typedef PersistentVersionedPTData< NodeID, NodeSet, NodeID, PointsTo, VersionedVar, Set< VersionedVar > > PersVersionedPTDataTy
 
- Public Types inherited from SVF::PointerAnalysis
enum  PTATY {
  Andersen_BASE , Andersen_WPA , AndersenSCD_WPA , AndersenSFR_WPA ,
  AndersenWaveDiff_WPA , Steensgaard_WPA , CSCallString_WPA , CSSummary_WPA ,
  FSDATAFLOW_WPA , FSSPARSE_WPA , VFS_WPA , FSCS_WPA ,
  CFLFICI_WPA , CFLFSCI_WPA , CFLFSCS_WPA , TypeCPP_WPA ,
  FieldS_DDA , FlowS_DDA , PathS_DDA , Cxt_DDA ,
  Default_PTA
}
 Pointer analysis type list. More...
 
enum  PTAImplTy { BaseImpl , BVDataImpl , CondImpl }
 Implementation type: BVDataPTAImpl or CondPTAImpl. More...
 
typedef Set< const CallICFGNode * > CallSiteSet
 Indirect call edges type, map a callsite to a set of callees.
 
typedef SVFIR::CallSiteToFunPtrMap CallSiteToFunPtrMap
 
typedef Set< const FunObjVar * > FunctionSet
 
typedef OrderedMap< const CallICFGNode *, FunctionSetCallEdgeMap
 
typedef SCCDetection< CallGraph * > CallGraphSCC
 
typedef Set< const GlobalObjVar * > VTableSet
 
typedef Set< const FunObjVar * > VFunSet
 

Public Member Functions

 AndersenSFR (SVFIR *_pag, PTATY type=AndersenSFR_WPA)
 
 ~AndersenSFR ()
 
- Public Member Functions inherited from SVF::AndersenSCD
 AndersenSCD (SVFIR *_pag, PTATY type=AndersenSCD_WPA)
 
- Public Member Functions inherited from SVF::Andersen
 Andersen (SVFIR *_pag, PTATY type=Andersen_WPA, bool alias_check=true)
 Constructor.
 
virtual ~Andersen ()
 Destructor.
 
virtual void finalize ()
 Finalize analysis.
 
void resetData ()
 Reset data.
 
virtual const PointsTogetPts (NodeID id)
 Operation of points-to set.
 
virtual bool unionPts (NodeID id, const PointsTo &target)
 
virtual bool unionPts (NodeID id, NodeID ptd)
 
void dumpTopLevelPtsTo ()
 
void setDetectPWC (bool flag)
 
- Public Member Functions inherited from SVF::AndersenBase
 AndersenBase (SVFIR *_pag, PTATY type=Andersen_BASE, bool alias_check=true)
 Constructor.
 
 ~AndersenBase () override
 Destructor.
 
virtual void analyze () override
 Andersen analysis.
 
virtual void solveAndwritePtsToFile (const std::string &filename)
 
virtual void readPtsFromFile (const std::string &filename)
 
virtual void solveConstraints ()
 
virtual bool updateThreadCallGraph (const CallSiteToFunPtrMap &, NodePairSet &)
 Update thread call graph.
 
virtual void connectCaller2ForkedFunParams (const CallICFGNode *cs, const FunObjVar *F, NodePairSet &cpySrcNodes)
 Connect formal and actual parameters for indirect forksites.
 
virtual void connectCaller2CalleeParams (const CallICFGNode *cs, const FunObjVar *F, NodePairSet &cpySrcNodes)
 Connect formal and actual parameters for indirect callsites.
 
ConstraintGraphgetConstraintGraph ()
 Get constraint graph.
 
NodeID sccRepNode (NodeID id) const override
 SCC methods.
 
NodeBSsccSubNodes (NodeID repId)
 
void printStat ()
 dump statistics
 
virtual void normalizePointsTo () override
 
void cleanConsCG (NodeID id)
 remove redundant gepnodes in constraint graph
 
- Public Member Functions inherited from SVF::BVDataPTAImpl
 BVDataPTAImpl (SVFIR *pag, PointerAnalysis::PTATY type, bool alias_check=true)
 Constructor.
 
 ~BVDataPTAImpl () override=default
 Destructor.
 
PersistentPointsToCache< PointsTo > & getPtCache ()
 
const PointsTogetPts (NodeID id) override
 
const NodeSetgetRevPts (NodeID nodeId) override
 
virtual void clearPts (NodeID id, NodeID element)
 Remove element from the points-to set of id.
 
virtual void clearFullPts (NodeID id)
 Clear points-to set of id.
 
virtual bool addPts (NodeID id, NodeID ptd)
 
virtual void clearAllPts ()
 Clear all data.
 
virtual void expandFIObjs (const PointsTo &pts, PointsTo &expandedPts)
 Expand FI objects.
 
virtual void expandFIObjs (const NodeBS &pts, NodeBS &expandedPts)
 TODO: remove repetition.
 
void remapPointsToSets (void)
 Remap all points-to sets to use the current mapping.
 
virtual void writeToFile (const std::string &filename)
 Interface for analysis result storage on filesystem.
 
virtual void writeObjVarToFile (const std::string &filename)
 
virtual void writePtsResultToFile (std::fstream &f)
 
virtual void writeGepObjVarMapToFile (std::fstream &f)
 
virtual bool readFromFile (const std::string &filename)
 
virtual void readPtsResultFromFile (std::ifstream &f)
 
virtual void readGepObjVarMapFromFile (std::ifstream &f)
 
virtual void readAndSetObjFieldSensitivity (std::ifstream &f, const std::string &delimiterStr)
 
AliasResult alias (const SVFVar *V1, const SVFVar *V2) override
 Interface expose to users of our pointer analysis, given Value infos.
 
AliasResult alias (NodeID node1, NodeID node2) override
 Interface expose to users of our pointer analysis, given PAGNodeID.
 
virtual AliasResult alias (const PointsTo &pts1, const PointsTo &pts2)
 Interface expose to users of our pointer analysis, given two pts.
 
void dumpCPts () override
 dump and debug, print out conditional pts
 
void dumpTopLevelPtsTo () override
 
void dumpAllPts () override
 
- Public Member Functions inherited from SVF::PointerAnalysis
ICFGgetICFG () const
 Get ICFG.
 
u32_t getNumOfResolvedIndCallEdge () const
 Return number of resolved indirect call edges.
 
CallGraphgetCallGraph () const
 Return call graph.
 
CallGraphSCCgetCallGraphSCC () const
 Return call graph SCC.
 
 PointerAnalysis (SVFIR *pag, PTATY ty=Default_PTA, bool alias_check=true)
 Constructor.
 
PTATY getAnalysisTy () const
 Type of pointer analysis.
 
PTAImplTy getImplTy () const
 Return implementation type of the pointer analysis.
 
bool printStat ()
 Whether print statistics.
 
void disablePrintStat ()
 Whether print statistics.
 
CallEdgeMapgetIndCallMap ()
 Get callees from an indirect callsite.
 
bool hasIndCSCallees (const CallICFGNode *cs) const
 
const FunctionSetgetIndCSCallees (const CallICFGNode *cs) const
 
virtual void resolveIndCalls (const CallICFGNode *cs, const PointsTo &target, CallEdgeMap &newEdges)
 Resolve indirect call edges.
 
void callGraphSCCDetection ()
 PTACallGraph SCC related methods.
 
NodeID getCallGraphSCCRepNode (NodeID id) const
 Get SCC rep node of a SVFG node.
 
bool inSameCallGraphSCC (const FunObjVar *fun1, const FunObjVar *fun2)
 Return TRUE if this edge is inside a PTACallGraph SCC, i.e., src node and dst node are in the same SCC on the SVFG.
 
bool isInRecursion (const FunObjVar *fun) const
 
bool isLocalVarInRecursiveFun (NodeID id) const
 Whether a local variable is in function recursions.
 
CommonCHGraphgetCHGraph () const
 get CHGraph
 
void getVFnsFromCHA (const CallICFGNode *cs, VFunSet &vfns)
 
void getVFnsFromPts (const CallICFGNode *cs, const PointsTo &target, VFunSet &vfns)
 
void connectVCallToVFns (const CallICFGNode *cs, const VFunSet &vfns, CallEdgeMap &newEdges)
 
virtual void resolveCPPIndCalls (const CallICFGNode *cs, const PointsTo &target, CallEdgeMap &newEdges)
 Resolve cpp indirect call edges.
 
SVFIRgetPAG () const
 
PTAStatgetStat () const
 Get PTA stat.
 
OrderedNodeSetgetAllValidPtrs ()
 Get all Valid Pointers for resolution.
 
virtual void computeDDAPts (NodeID)
 Compute points-to results on-demand, overridden by derived classes.
 
void printIndCSTargets (const CallICFGNode *cs, const FunctionSet &targets)
 Print targets of a function pointer.
 
virtual void dumpPts (NodeID ptr, const PointsTo &pts)
 
void printIndCSTargets ()
 
void dumpAllTypes ()
 
void dumpStat ()
 Dump the statistics.
 
bool containBlackHoleNode (const PointsTo &pts)
 Determine whether a points-to contains a black hole or constant node.
 
bool containConstantNode (const PointsTo &pts)
 
virtual bool isBlkObjOrConstantObj (NodeID ptd) const
 
bool isHeapMemObj (NodeID id) const
 Whether this object is heap or array.
 
bool isArrayMemObj (NodeID id) const
 
bool isFIObjNode (NodeID id) const
 
NodeID getBaseObjVar (NodeID id)
 
NodeID getFIObjVar (NodeID id)
 
NodeID getGepObjVar (NodeID id, const APOffset &ap)
 
virtual const NodeBSgetAllFieldsObjVars (NodeID id)
 
void setObjFieldInsensitive (NodeID id)
 
bool isFieldInsensitive (NodeID id) const
 

Static Public Member Functions

static AndersenSFRcreateAndersenSFR (SVFIR *_pag)
 Create an singleton instance directly instead of invoking llvm pass manager.
 
static void releaseAndersenSFR ()
 
- Static Public Member Functions inherited from SVF::AndersenSCD
static AndersenSCDcreateAndersenSCD (SVFIR *_pag)
 Create an singleton instance directly instead of invoking llvm pass manager.
 
static void releaseAndersenSCD ()
 
- Static Public Member Functions inherited from SVF::Andersen
static bool classof (const Andersen *)
 Methods for support type inquiry through isa, cast, and dyn_cast:
 
static bool classof (const PointerAnalysis *pta)
 
- Static Public Member Functions inherited from SVF::AndersenBase
static bool classof (const AndersenBase *)
 Methods for support type inquiry through isa, cast, and dyn_cast:
 
static bool classof (const PointerAnalysis *pta)
 
- Static Public Member Functions inherited from SVF::BVDataPTAImpl
static bool classof (const PointerAnalysis *pta)
 

Protected Member Functions

void initialize ()
 Initialize analysis.
 
void PWCDetect ()
 
void fieldExpand (NodeSet &initials, APOffset offset, NodeBS &strides, PointsTo &expandPts)
 
bool processGepPts (const PointsTo &pts, const GepCGEdge *edge)
 
bool mergeSrcToTgt (NodeID nodeId, NodeID newRepId)
 
- Protected Member Functions inherited from SVF::AndersenSCD
void addSccCandidate (NodeID nodeId)
 
virtual NodeStackSCCDetect ()
 
virtual void solveWorklist ()
 
virtual void handleLoadStore (ConstraintNode *node)
 
virtual void processAddr (const AddrCGEdge *addr)
 
virtual bool addCopyEdge (NodeID src, NodeID dst)
 
virtual bool updateCallGraph (const CallSiteToFunPtrMap &callsites)
 
virtual void processPWC (ConstraintNode *rep)
 
virtual void handleCopyGep (ConstraintNode *node)
 
- Protected Member Functions inherited from SVF::Andersen
virtual void computeDiffPts (NodeID id)
 Handle diff points-to set.
 
virtual const PointsTogetDiffPts (NodeID id)
 
void updatePropaPts (NodeID dstId, NodeID srcId)
 Handle propagated points-to set.
 
void clearPropaPts (NodeID src)
 
virtual void initWorklist ()
 
virtual void processNode (NodeID nodeId)
 Override WPASolver function in order to use the default solver.
 
void processAllAddr ()
 handling various constraints
 
virtual bool processLoad (NodeID node, const ConstraintEdge *load)
 
virtual bool processStore (NodeID node, const ConstraintEdge *load)
 
virtual bool processCopy (NodeID node, const ConstraintEdge *edge)
 
virtual bool processGep (NodeID node, const GepCGEdge *edge)
 
virtual void mergeNodeToRep (NodeID nodeId, NodeID newRepId)
 Merge sub node to its rep.
 
void mergeSccNodes (NodeID repNodeId, const NodeBS &subNodes)
 Merge sub node in a SCC cycle to their rep node.
 
void mergeSccCycle ()
 
virtual void collapsePWCNode (NodeID nodeId)
 Collapse a field object into its base for field insensitive analysis.
 
void collapseFields ()
 collapse positive weight cycles of a graph
 
bool collapseNodePts (NodeID nodeId)
 
bool collapseField (NodeID nodeId)
 
void updateNodeRepAndSubs (NodeID nodeId, NodeID newRepId)
 Updates subnodes of its rep, and rep node of its subs.
 
void sanitizePts ()
 Sanitize pts for field insensitive objects.
 
virtual const std::string PTAName () const
 Get PTA name.
 
virtual void cluster (void) const
 
- Protected Member Functions inherited from SVF::AndersenBase
void heapAllocatorViaIndCall (const CallICFGNode *cs, NodePairSet &cpySrcNodes)
 
- Protected Member Functions inherited from SVF::WPASolver< GraphType >
 WPASolver ()
 Constructor.
 
virtual ~WPASolver ()=default
 Destructor.
 
SCCgetSCCDetector () const
 Get SCC detector.
 
const GraphType graph ()
 Get/Set graph methods.
 
void setGraph (GraphType g)
 
virtual NodeStackSCCDetect (NodeSet &candidates)
 
virtual void propagate (GNODE *v)
 
virtual bool propFromSrcToDst (GEDGE *)
 Propagate information from source to destination node, to be implemented in the child class.
 
NodeID popFromWorklist ()
 Worklist operations.
 
virtual void pushIntoWorklist (NodeID id)
 
bool isWorklistEmpty ()
 
bool isInWorklist (NodeID id)
 
GNODENode (NodeID id)
 Get node on the graph.
 
NodeID Node_Index (GNODE node)
 Get node ID.
 
- Protected Member Functions inherited from SVF::BVDataPTAImpl
PTDataTygetPTDataTy () const
 Get points-to data structure.
 
void finalize () override
 Finalization of pointer analysis, and normalize points-to information to Bit Vector representation.
 
DiffPTDataTygetDiffPTDataTy () const
 
DFPTDataTygetDFPTDataTy () const
 
MutDFPTDataTygetMutDFPTDataTy () const
 
VersionedPTDataTygetVersionedPTDataTy () const
 
virtual void onTheFlyCallGraphSolve (const CallSiteToFunPtrMap &callsites, CallEdgeMap &newEdges)
 On the fly call graph construction.
 
virtual void onTheFlyThreadCallGraphSolve (const CallSiteToFunPtrMap &callsites, CallEdgeMap &newForkEdges)
 On the fly thread call graph construction respecting forksite.
 
- Protected Member Functions inherited from SVF::PointerAnalysis
const CallSiteToFunPtrMapgetIndirectCallsites () const
 Return all indirect callsites.
 
NodeID getFunPtr (const CallICFGNode *cs) const
 Return function pointer PAGNode at a callsite cs.
 
virtual void validateTests ()
 Alias check functions to verify correctness of pointer analysis.
 
virtual void validateSuccessTests (std::string fun)
 
virtual void validateExpectedFailureTests (std::string fun)
 
void resetObjFieldSensitive ()
 Reset all object node as field-sensitive.
 

Private Attributes

CSCcsc
 
NodeSet sfrObjNodes
 
FieldReps fieldReps
 

Static Private Attributes

static AndersenSFRsfrAndersen = nullptr
 

Additional Inherited Members

- Public Attributes inherited from SVF::AndersenBase
NodeBS redundantGepNodes
 
- Public Attributes inherited from SVF::WPASolver< GraphType >
u32_t numOfIteration
 num of iterations during constraint solving
 
- Static Public Attributes inherited from SVF::AndersenBase
static u32_t numOfProcessedAddr = 0
 Statistics.
 
static u32_t numOfProcessedCopy = 0
 Number of processed Addr edge.
 
static u32_t numOfProcessedGep = 0
 Number of processed Copy edge.
 
static u32_t numOfProcessedLoad = 0
 Number of processed Gep edge.
 
static u32_t numOfProcessedStore = 0
 Number of processed Load edge.
 
static u32_t numOfSfrs = 0
 Number of processed Store edge.
 
static u32_t numOfFieldExpand = 0
 
static u32_t numOfSCCDetection = 0
 
static double timeOfSCCDetection = 0
 
static double timeOfSCCMerges = 0
 
static double timeOfCollapse = 0
 
static u32_t AveragePointsToSetSize = 0
 
static u32_t MaxPointsToSetSize = 0
 
static double timeOfProcessCopyGep = 0
 
static double timeOfProcessLoadStore = 0
 
static double timeOfUpdateCallGraph = 0
 
- Static Public Attributes inherited from SVF::PointerAnalysis
static const std::string aliasTestMayAlias = "MAYALIAS"
 
static const std::string aliasTestMayAliasMangled = "_Z8MAYALIASPvS_"
 
static const std::string aliasTestNoAlias = "NOALIAS"
 
static const std::string aliasTestNoAliasMangled = "_Z7NOALIASPvS_"
 
static const std::string aliasTestPartialAlias = "PARTIALALIAS"
 
static const std::string aliasTestPartialAliasMangled = "_Z12PARTIALALIASPvS_"
 
static const std::string aliasTestMustAlias = "MUSTALIAS"
 
static const std::string aliasTestMustAliasMangled = "_Z9MUSTALIASPvS_"
 
static const std::string aliasTestFailMayAlias = "EXPECTEDFAIL_MAYALIAS"
 
static const std::string aliasTestFailMayAliasMangled = "_Z21EXPECTEDFAIL_MAYALIASPvS_"
 
static const std::string aliasTestFailNoAlias = "EXPECTEDFAIL_NOALIAS"
 
static const std::string aliasTestFailNoAliasMangled = "_Z20EXPECTEDFAIL_NOALIASPvS_"
 
- Protected Attributes inherited from SVF::AndersenSCD
NodeSet sccCandidates
 
NodeToNodeMap pwcReps
 
- Protected Attributes inherited from SVF::Andersen
CallSite2DummyValPN callsite2DummyValPN
 Map an instruction to a dummy obj which created at an indirect callsite, which invokes a heap allocator.
 
- Protected Attributes inherited from SVF::AndersenBase
ConstraintGraphconsCG
 Constraint Graph.
 
CallSite2DummyValPN callsite2DummyValPN
 
- Protected Attributes inherited from SVF::WPASolver< GraphType >
bool reanalyze
 Reanalyze if any constraint value changed.
 
u32_t iterationForPrintStat
 print out statistics for i-th iteration
 
GraphType _graph
 Graph.
 
std::unique_ptr< SCCscc
 SCC.
 
WorkList worklist
 Worklist for resolution.
 
- Protected Attributes inherited from SVF::PointerAnalysis
bool print_stat
 User input flags.
 
bool alias_validation
 Flag for validating points-to/alias results.
 
u32_t OnTheFlyIterBudgetForStat
 Flag for iteration budget for on-the-fly statistics.
 
PTATY ptaTy
 Pointer analysis Type.
 
PTAImplTy ptaImplTy
 PTA implementation type.
 
PTAStatstat
 Statistics.
 
CallGraphcallgraph
 Call graph used for pointer analysis.
 
CallGraphSCCcallGraphSCC
 SCC for PTACallGraph.
 
ICFGicfg
 Interprocedural control-flow graph.
 
CommonCHGraphchgraph
 CHGraph.
 
- Static Protected Attributes inherited from SVF::AndersenSCD
static AndersenSCDscdAndersen = nullptr
 
- Static Protected Attributes inherited from SVF::PointerAnalysis
static SVFIRpag = nullptr
 SVFIR.
 

Detailed Description

Selective Cycle Detection with Stride-based Field Representation

Definition at line 102 of file AndersenPWC.h.

Member Typedef Documentation

◆ FieldReps

typedef Map<NodeID, NodeSet> SVF::AndersenSFR::FieldReps

Definition at line 106 of file AndersenPWC.h.

◆ NodeStrides

typedef Map<NodeID, NodeBS> SVF::AndersenSFR::NodeStrides

Definition at line 105 of file AndersenPWC.h.

◆ SFRTrait

typedef Map<NodeID, std::pair<NodeID, NodeSet> > SVF::AndersenSFR::SFRTrait

Definition at line 107 of file AndersenPWC.h.

Constructor & Destructor Documentation

◆ AndersenSFR()

SVF::AndersenSFR::AndersenSFR ( SVFIR _pag,
PTATY  type = AndersenSFR_WPA 
)
inline

Definition at line 117 of file AndersenPWC.h.

117 :
118 AndersenSCD(_pag, type), csc(nullptr)
119 {
120 }
type
newitem type
Definition cJSON.cpp:2739
SVF::AndersenSCD::AndersenSCD
AndersenSCD(SVFIR *_pag, PTATY type=AndersenSCD_WPA)
Definition AndersenPWC.h:55

◆ ~AndersenSFR()

SVF::AndersenSFR::~AndersenSFR ( )
inline

Definition at line 140 of file AndersenPWC.h.

141 {
142 if (csc != nullptr)
143 {
144 delete(csc);
145 csc = nullptr;
146 }
147 }

Member Function Documentation

◆ createAndersenSFR()

static AndersenSFR * SVF::AndersenSFR::createAndersenSFR ( SVFIR _pag)
inlinestatic

Create an singleton instance directly instead of invoking llvm pass manager.

Definition at line 123 of file AndersenPWC.h.

124 {
125 if (sfrAndersen == nullptr)
126 {
127 sfrAndersen = new AndersenSFR(_pag);
128 sfrAndersen->analyze();
129 return sfrAndersen;
130 }
131 return sfrAndersen;
132 }
SVF::AndersenBase::analyze
virtual void analyze() override
Andersen analysis.
Definition Andersen.cpp:133
SVF::AndersenSFR::AndersenSFR
AndersenSFR(SVFIR *_pag, PTATY type=AndersenSFR_WPA)
Definition AndersenPWC.h:117
SVF::AndersenSFR::sfrAndersen
static AndersenSFR * sfrAndersen
Definition AndersenPWC.h:110

◆ fieldExpand()

void AndersenSFR::fieldExpand ( NodeSet initials,
APOffset  offset,
NodeBS strides,
PointsTo expandPts 
)
protected

Expand field IDs in target pts based on the initials and offsets

Definition at line 120 of file AndersenSFR.cpp.

121{
122 numOfFieldExpand++;
123
124 while (!initials.empty())
125 {
126 NodeID init = *initials.begin();
127 initials.erase(init);
128
129 if (consCG->isBlkObjOrConstantObj(init))
130 expandPts.set(init);
131 else
132 {
133 PAGNode* initPN = pag->getGNode(init);
134 // ABTest
135 const BaseObjVar* baseObj = pag->getBaseObject(init);
136
137 const u32_t maxLimit = baseObj->getMaxFieldOffsetLimit();
138 APOffset initOffset;
139 if (GepObjVar *gepNode = SVFUtil::dyn_cast<GepObjVar>(initPN))
140 initOffset = gepNode->getConstantFieldIdx();
141 else if (SVFUtil::isa<BaseObjVar, DummyObjVar>(initPN))
142 initOffset = 0;
143 else
144 {
145 assert(false && "Not an object node!!");
146 abort();
147 }
148
149 Set<APOffset> offsets;
150 offsets.insert(offset);
151
152 // calculate offsets
153 bool loopFlag = true;
154 while (loopFlag)
155 {
156 loopFlag = false;
157 for (auto _f : offsets)
158 for (auto _s : strides)
159 {
160 APOffset _f1 = _f + _s;
161 loopFlag = (offsets.find(_f1) == offsets.end()) && ( (u32_t)(initOffset + _f1) < maxLimit);
162 if (loopFlag)
163 offsets.insert(_f1);
164 }
165 }
166
167 // get gep objs
168 for (APOffset _f : offsets)
169 {
170 NodeID gepId = consCG->getGepObjVar(init, _f);
171 initials.erase(gepId); // gep id in initials should be removed to avoid redundant derivation
172 expandPts.set(gepId);
173 }
174 }
175 }
176}
u32_t
unsigned u32_t
Definition CommandLine.h:18
for
for(i=0;a &&(i<(size_t) count);i++)
Definition cJSON.cpp:2569
offset
buffer offset
Definition cJSON.cpp:1113
SVF::AndersenBase::numOfFieldExpand
static u32_t numOfFieldExpand
Definition Andersen.h:162
SVF::AndersenBase::consCG
ConstraintGraph * consCG
Constraint Graph.
Definition Andersen.h:177
SVF::BaseObjVar::getMaxFieldOffsetLimit
u32_t getMaxFieldOffsetLimit() const
Get max field offset limit.
Definition SVFVariables.h:611
SVF::ConstraintGraph::getGepObjVar
NodeID getGepObjVar(NodeID id, const APOffset &apOffset)
Get a field of a memory object.
Definition ConsG.h:325
SVF::ConstraintGraph::isBlkObjOrConstantObj
bool isBlkObjOrConstantObj(NodeID id)
Definition ConsG.h:307
SVF::GenericGraph::getGNode
NodeType * getGNode(NodeID id) const
Get a node.
Definition GenericGraph.h:403
SVF::PointerAnalysis::pag
static SVFIR * pag
SVFIR.
Definition PointerAnalysis.h:140
SVF::SVFIR::getBaseObject
const BaseObjVar * getBaseObject(NodeID id) const
Definition SVFIR.h:423
SVF::NodeID
u32_t NodeID
Definition GeneralType.h:56
SVF::APOffset
s64_t APOffset
Definition GeneralType.h:60
SVF::IRBuilder
llvm::IRBuilder IRBuilder
Definition BasicTypes.h:74

◆ initialize()

void AndersenSFR::initialize ( )
protectedvirtual

Initialize analysis. 

 Connect formal and actual parameters for indirect callsites
&zwj;/

void AndersenBase::connectCaller2CalleeParams(const CallICFGNode* cs, const FunObjVar* F, NodePairSet &cpySrcNodes) { assert(F);

DBOUT(DAndersen, outs() << "connect parameters from indirect callsite " << cs->valueOnlyToString() << " to callee " << *F << "\n");

const CallICFGNode* callBlockNode = cs; const RetICFGNode* retBlockNode = cs->getRetICFGNode();

if(SVFUtil::isHeapAllocExtFunViaRet(F) && pag->callsiteHasRet(retBlockNode)) { heapAllocatorViaIndCall(cs,cpySrcNodes); }

if (pag->funHasRet(F) && pag->callsiteHasRet(retBlockNode)) { const PAGNode* cs_return = pag->getCallSiteRet(retBlockNode); const PAGNode* fun_return = pag->getFunRet(F); if (cs_return->isPointer() && fun_return->isPointer()) { NodeID dstrec = sccRepNode(cs_return->getId()); NodeID srcret = sccRepNode(fun_return->getId()); if(addCopyEdge(srcret, dstrec)) { cpySrcNodes.insert(std::make_pair(srcret,dstrec)); } } else { DBOUT(DAndersen, outs() << "not a pointer ignored\n"); } }

if (pag->hasCallSiteArgsMap(callBlockNode) && pag->hasFunArgsList(F)) {

connect actual and formal param const SVFIR::SVFVarList& csArgList = pag->getCallSiteArgsList(callBlockNode); const SVFIR::SVFVarList& funArgList = pag->getFunArgsList(F); Go through the fixed parameters. DBOUT(DPAGBuild, outs() << " args:"); SVFIR::SVFVarList::const_iterator funArgIt = funArgList.begin(), funArgEit = funArgList.end(); SVFIR::SVFVarList::const_iterator csArgIt = csArgList.begin(), csArgEit = csArgList.end(); for (; funArgIt != funArgEit; ++csArgIt, ++funArgIt) { Some programs (e.g. Linux kernel) leave unneeded parameters empty. if (csArgIt == csArgEit) { DBOUT(DAndersen, outs() << " !! not enough args\n"); break; } const PAGNode *cs_arg = *csArgIt ; const PAGNode *fun_arg = *funArgIt;

if (cs_arg->isPointer() && fun_arg->isPointer()) { DBOUT(DAndersen, outs() << "process actual parm " << cs_arg->toString() << " \n"); NodeID srcAA = sccRepNode(cs_arg->getId()); NodeID dstFA = sccRepNode(fun_arg->getId()); if(addCopyEdge(srcAA, dstFA)) { cpySrcNodes.insert(std::make_pair(srcAA,dstFA)); } } }

Any remaining actual args must be varargs. if (F->isVarArg()) { NodeID vaF = sccRepNode(pag->getVarargNode(F)); DBOUT(DPAGBuild, outs() << "\n varargs:"); for (; csArgIt != csArgEit; ++csArgIt) { const PAGNode *cs_arg = *csArgIt; if (cs_arg->isPointer()) { NodeID vnAA = sccRepNode(cs_arg->getId()); if (addCopyEdge(vnAA,vaF)) { cpySrcNodes.insert(std::make_pair(vnAA,vaF)); } } } } if(csArgIt != csArgEit) { writeWrnMsg("too many args to non-vararg func."); writeWrnMsg("(" + cs->getSourceLoc() + ")"); } } }

void AndersenBase::heapAllocatorViaIndCall(const CallICFGNode* cs, NodePairSet &cpySrcNodes) { assert(cs->getCalledFunction() == nullptr && "not an indirect callsite?"); const RetICFGNode* retBlockNode = cs->getRetICFGNode(); const PAGNode* cs_return = pag->getCallSiteRet(retBlockNode); NodeID srcret; CallSite2DummyValPN::const_iterator it = callsite2DummyValPN.find(cs); if(it != callsite2DummyValPN.end()) { srcret = sccRepNode(it->second); } else { NodeID valNode = pag->addDummyValNode(); NodeID objNode = pag->addDummyObjNode(cs->getType()); addPts(valNode,objNode); callsite2DummyValPN.insert(std::make_pair(cs,valNode)); consCG->addConstraintNode(new ConstraintNode(valNode),valNode); consCG->addConstraintNode(new ConstraintNode(objNode),objNode); srcret = valNode; }

NodeID dstrec = sccRepNode(cs_return->getId()); if(addCopyEdge(srcret, dstrec)) cpySrcNodes.insert(std::make_pair(srcret,dstrec)); }

void AndersenBase::normalizePointsTo() { SVFIR::MemObjToFieldsMap &memToFieldsMap = pag->getMemToFieldsMap(); SVFIR::NodeOffsetMap &GepObjVarMap = pag->getGepObjNodeMap();

clear GepObjVarMap/memToFieldsMap/nodeToSubsMap/nodeToRepMap for redundant gepnodes and remove those nodes from pag for (NodeID n: redundantGepNodes) { NodeID base = pag->getBaseObjVar(n); GepObjVar *gepNode = SVFUtil::dyn_cast<GepObjVar>(pag->getGNode(n)); assert(gepNode && "Not a gep node in redundantGepNodes set"); const APOffset apOffset = gepNode->getConstantFieldIdx(); GepObjVarMap.erase(std::make_pair(base, apOffset)); memToFieldsMap[base].reset(n); cleanConsCG(n);

pag->removeGNode(gepNode); } }

/*! Initialize analysis

Detect and collapse cycles consisting of only copy edges

Initialize worklist

Reimplemented from SVF::Andersen.

Definition at line 42 of file AndersenSFR.cpp.

43{
44 AndersenSCD::initialize();
45 setDetectPWC(false); // SCC will detect only copy edges
46
47 if (!csc)
48 csc = new CSC(_graph, scc.get());
49
51 getSCCDetector()->find();
52 mergeSccCycle();
53}
SVF::Andersen::setDetectPWC
void setDetectPWC(bool flag)
Definition Andersen.h:257
SVF::Andersen::mergeSccCycle
void mergeSccCycle()
Definition Andersen.cpp:710
SVF::CSC
Definition CSC.h:50
SVF::PointerAnalysis::initialize
virtual void initialize()
Initialization of a pointer analysis, including building symbol table and SVFIR etc.
Definition PointerAnalysis.cpp:105
SVF::WPASolver::scc
std::unique_ptr< SCC > scc
SCC.
Definition WPASolver.h:193
SVF::WPASolver::getSCCDetector
SCC * getSCCDetector() const
Get SCC detector.
Definition WPASolver.h:67
SVF::WPASolver::_graph
GraphType _graph
Graph.
Definition WPASolver.h:190

◆ mergeSrcToTgt()

bool AndersenSFR::mergeSrcToTgt ( NodeID  nodeId,
NodeID  newRepId 
)
protectedvirtual

merge nodeId to newRepId. Return true if the newRepId is a PWC node

union pts of node to rep

move the edges from node to rep, and remove the node

  1. if find gep edges inside SCC cycle, the rep node will become a PWC node and its pts should be collapsed later.
  2. if the node to be merged is already a PWC node, the rep node will also become a PWC node as it will have a self-cycle gep edge.

set rep and sub relations

Reimplemented from SVF::Andersen.

Definition at line 69 of file AndersenSFR.cpp.

70{
71 ConstraintNode* node = consCG->getConstraintNode(nodeId);
72 if (!node->strides.empty())
73 {
74 ConstraintNode* newRepNode = consCG->getConstraintNode(newRepId);
75 newRepNode->strides |= node->strides;
76 }
77 return Andersen::mergeSrcToTgt(nodeId, newRepId);
78}
SVF::Andersen::mergeSrcToTgt
virtual bool mergeSrcToTgt(NodeID srcId, NodeID tgtId)
Definition Andersen.cpp:849
SVF::ConstraintGraph::getConstraintNode
ConstraintNode * getConstraintNode(NodeID id) const
Get/add/remove constraint node.
Definition ConsG.h:104
SVF::ConstraintNode::strides
NodeBS strides
For stride-based field representation.
Definition ConsGNode.h:71

◆ processGepPts()

bool AndersenSFR::processGepPts ( const PointsTo pts,
const GepCGEdge edge 
)
protectedvirtual

Propagate point-to set via a gep edge, using SFR

Reimplemented from SVF::Andersen.

Definition at line 84 of file AndersenSFR.cpp.

85{
86 ConstraintNode* dst = edge->getDstNode();
87 NodeID dstId = dst->getId();
88
89 if (!dst->strides.empty() && SVFUtil::isa<NormalGepCGEdge>(edge)) // dst is in pwc
90 {
91 PointsTo tmpDstPts;
92 PointsTo srcInits = pts - getPts(dstId);
93
94 if (!srcInits.empty())
95 {
96 NodeSet sortSrcInits;
97 for (NodeID ptd : srcInits)
98 sortSrcInits.insert(ptd);
99
100 APOffset offset = SVFUtil::dyn_cast<NormalGepCGEdge>(edge)->getConstantFieldIdx();
101 fieldExpand(sortSrcInits, offset, dst->strides, tmpDstPts);
102 }
103
104 if (unionPts(dstId, tmpDstPts))
105 {
106 pushIntoWorklist(dstId);
107 return true;
108 }
109 else
110 return false;
111 }
112 else
113 return Andersen::processGepPts(pts, edge);
114}
SVF::AndersenSFR::fieldExpand
void fieldExpand(NodeSet &initials, APOffset offset, NodeBS &strides, PointsTo &expandPts)
Definition AndersenSFR.cpp:120
SVF::Andersen::unionPts
virtual bool unionPts(NodeID id, const PointsTo &target)
Definition Andersen.h:242
SVF::Andersen::getPts
virtual const PointsTo & getPts(NodeID id)
Operation of points-to set.
Definition Andersen.h:238
SVF::Andersen::processGepPts
virtual bool processGepPts(const PointsTo &pts, const GepCGEdge *edge)
Definition Andersen.cpp:622
SVF::SVFValue::getId
NodeID getId() const
Get ID.
Definition SVFValue.h:158
SVF::WPASolver::pushIntoWorklist
virtual void pushIntoWorklist(NodeID id)
Definition WPASolver.h:156
SVF::NodeSet
Set< NodeID > NodeSet
Definition GeneralType.h:113

◆ PWCDetect()

void AndersenSFR::PWCDetect ( )
protectedvirtual

Call the PWC stride calculation method of class CSC.

Reimplemented from SVF::AndersenSCD.

Definition at line 59 of file AndersenSFR.cpp.

60{
61 AndersenSCD::PWCDetect();
62 csc->find(getSCCDetector()->topoNodeStack());
63}
SVF::AndersenSCD::PWCDetect
virtual void PWCDetect()
Definition AndersenSCD.cpp:126
SVF::CSC::find
void find(NodeStack &candidates)
Definition CSC.cpp:49

◆ releaseAndersenSFR()

static void SVF::AndersenSFR::releaseAndersenSFR ( )
inlinestatic

Definition at line 134 of file AndersenPWC.h.

135 {
136 if (sfrAndersen)
137 delete sfrAndersen;
138 }

Member Data Documentation

◆ csc

CSC* SVF::AndersenSFR::csc
private

Definition at line 112 of file AndersenPWC.h.

◆ fieldReps

FieldReps SVF::AndersenSFR::fieldReps
private

Definition at line 114 of file AndersenPWC.h.

◆ sfrAndersen

AndersenSFR * AndersenSFR::sfrAndersen = nullptr
staticprivate

Definition at line 110 of file AndersenPWC.h.

◆ sfrObjNodes

NodeSet SVF::AndersenSFR::sfrObjNodes
private

Definition at line 113 of file AndersenPWC.h.

The documentation for this class was generated from the following files:
Generated by doxygen 1.9.8