#include <AndersenPWC.h>
Static Public Member Functions | |
| static AndersenSFR * | createAndersenSFR (SVFIR *_pag) |
| Create an singleton instance directly instead of invoking llvm pass manager. | |
| static void | releaseAndersenSFR () |
 Static Public Member Functions inherited from SVF::AndersenSCD | |
| static AndersenSCD * | createAndersenSCD (SVFIR *_pag) |
| Create an singleton instance directly instead of invoking llvm pass manager. | |
| static void | releaseAndersenSCD () |
| Static Public Member Functions inherited from SVF::Andersen | |
| static bool | classof (const Andersen *) |
| Methods for support type inquiry through isa, cast, and dyn_cast: | |
| static bool | classof (const PointerAnalysis *pta) |
| Static Public Member Functions inherited from SVF::AndersenBase | |
| static bool | classof (const AndersenBase *) |
| Methods for support type inquiry through isa, cast, and dyn_cast: | |
| static bool | classof (const PointerAnalysis *pta) |
| Static Public Member Functions inherited from SVF::BVDataPTAImpl | |
| static bool | classof (const PointerAnalysis *pta) |
Protected Member Functions | |
| void | initialize () |
| Initialize analysis. | |
| void | PWCDetect () |
| void | fieldExpand (NodeSet &initials, APOffset offset, NodeBS &strides, PointsTo &expandPts) |
| bool | processGepPts (const PointsTo &pts, const GepCGEdge *edge) |
| bool | mergeSrcToTgt (NodeID nodeId, NodeID newRepId) |
| Protected Member Functions inherited from SVF::AndersenSCD | |
| void | addSccCandidate (NodeID nodeId) |
| virtual NodeStack & | SCCDetect () |
| virtual void | solveWorklist () |
| virtual void | handleLoadStore (ConstraintNode *node) |
| virtual void | processAddr (const AddrCGEdge *addr) |
| virtual bool | addCopyEdge (NodeID src, NodeID dst) |
| virtual bool | updateCallGraph (const CallSiteToFunPtrMap &callsites) |
| virtual void | processPWC (ConstraintNode *rep) |
| virtual void | handleCopyGep (ConstraintNode *node) |
| Protected Member Functions inherited from SVF::Andersen | |
| virtual void | computeDiffPts (NodeID id) |
| Handle diff points-to set. | |
| virtual const PointsTo & | getDiffPts (NodeID id) |
| void | updatePropaPts (NodeID dstId, NodeID srcId) |
| Handle propagated points-to set. | |
| void | clearPropaPts (NodeID src) |
| virtual void | initWorklist () |
| virtual void | processNode (NodeID nodeId) |
| Override WPASolver function in order to use the default solver. | |
| void | processAllAddr () |
| handling various constraints | |
| virtual bool | processLoad (NodeID node, const ConstraintEdge *load) |
| virtual bool | processStore (NodeID node, const ConstraintEdge *load) |
| virtual bool | processCopy (NodeID node, const ConstraintEdge *edge) |
| virtual bool | processGep (NodeID node, const GepCGEdge *edge) |
| virtual void | mergeNodeToRep (NodeID nodeId, NodeID newRepId) |
| Merge sub node to its rep. | |
| void | mergeSccNodes (NodeID repNodeId, const NodeBS &subNodes) |
| Merge sub node in a SCC cycle to their rep node. | |
| void | mergeSccCycle () |
| virtual void | collapsePWCNode (NodeID nodeId) |
| Collapse a field object into its base for field insensitive analysis. | |
| void | collapseFields () |
| collapse positive weight cycles of a graph | |
| bool | collapseNodePts (NodeID nodeId) |
| bool | collapseField (NodeID nodeId) |
| void | updateNodeRepAndSubs (NodeID nodeId, NodeID newRepId) |
| Updates subnodes of its rep, and rep node of its subs. | |
| void | sanitizePts () |
| Sanitize pts for field insensitive objects. | |
| virtual const std::string | PTAName () const |
| Get PTA name. | |
| virtual void | cluster (void) const |
| Protected Member Functions inherited from SVF::AndersenBase | |
| void | heapAllocatorViaIndCall (const CallICFGNode *cs, NodePairSet &cpySrcNodes) |
| Protected Member Functions inherited from SVF::WPASolver< GraphType > | |
| WPASolver () | |
| Constructor. | |
| virtual | ~WPASolver ()=default |
| Destructor. | |
| SCC * | getSCCDetector () const |
| Get SCC detector. | |
| const GraphType | graph () |
| Get/Set graph methods. | |
| void | setGraph (GraphType g) |
| virtual NodeStack & | SCCDetect (NodeSet &candidates) |
| virtual void | propagate (GNODE *v) |
| virtual bool | propFromSrcToDst (GEDGE *) |
| Propagate information from source to destination node, to be implemented in the child class. | |
| NodeID | popFromWorklist () |
| Worklist operations. | |
| virtual void | pushIntoWorklist (NodeID id) |
| bool | isWorklistEmpty () |
| bool | isInWorklist (NodeID id) |
| GNODE * | Node (NodeID id) |
| Get node on the graph. | |
| NodeID | Node_Index (GNODE node) |
| Get node ID. | |
| Protected Member Functions inherited from SVF::BVDataPTAImpl | |
| PTDataTy * | getPTDataTy () const |
| Get points-to data structure. | |
| void | finalize () override |
| Finalization of pointer analysis, and normalize points-to information to Bit Vector representation. | |
| DiffPTDataTy * | getDiffPTDataTy () const |
| DFPTDataTy * | getDFPTDataTy () const |
| MutDFPTDataTy * | getMutDFPTDataTy () const |
| VersionedPTDataTy * | getVersionedPTDataTy () const |
| virtual void | onTheFlyCallGraphSolve (const CallSiteToFunPtrMap &callsites, CallEdgeMap &newEdges) |
| On the fly call graph construction. | |
| virtual void | onTheFlyThreadCallGraphSolve (const CallSiteToFunPtrMap &callsites, CallEdgeMap &newForkEdges) |
| On the fly thread call graph construction respecting forksite. | |
| Protected Member Functions inherited from SVF::PointerAnalysis | |
| const CallSiteToFunPtrMap & | getIndirectCallsites () const |
| Return all indirect callsites. | |
| NodeID | getFunPtr (const CallICFGNode *cs) const |
| Return function pointer PAGNode at a callsite cs. | |
| virtual void | validateTests () |
| Alias check functions to verify correctness of pointer analysis. | |
| virtual void | validateSuccessTests (std::string fun) |
| virtual void | validateExpectedFailureTests (std::string fun) |
| void | resetObjFieldSensitive () |
| Reset all object node as field-sensitive. | |
Private Attributes | |
| CSC * | csc |
| NodeSet | sfrObjNodes |
| FieldReps | fieldReps |
Static Private Attributes | |
| static AndersenSFR * | sfrAndersen = nullptr |
Additional Inherited Members | |
| Public Attributes inherited from SVF::AndersenBase | |
| NodeBS | redundantGepNodes |
| Public Attributes inherited from SVF::WPASolver< GraphType > | |
| u32_t | numOfIteration |
| num of iterations during constraint solving | |
| Static Public Attributes inherited from SVF::AndersenBase | |
| static u32_t | numOfProcessedAddr = 0 |
| Statistics. | |
| static u32_t | numOfProcessedCopy = 0 |
| Number of processed Addr edge. | |
| static u32_t | numOfProcessedGep = 0 |
| Number of processed Copy edge. | |
| static u32_t | numOfProcessedLoad = 0 |
| Number of processed Gep edge. | |
| static u32_t | numOfProcessedStore = 0 |
| Number of processed Load edge. | |
| static u32_t | numOfSfrs = 0 |
| Number of processed Store edge. | |
| static u32_t | numOfFieldExpand = 0 |
| static u32_t | numOfSCCDetection = 0 |
| static double | timeOfSCCDetection = 0 |
| static double | timeOfSCCMerges = 0 |
| static double | timeOfCollapse = 0 |
| static u32_t | AveragePointsToSetSize = 0 |
| static u32_t | MaxPointsToSetSize = 0 |
| static double | timeOfProcessCopyGep = 0 |
| static double | timeOfProcessLoadStore = 0 |
| static double | timeOfUpdateCallGraph = 0 |
| Static Public Attributes inherited from SVF::PointerAnalysis | |
| static const std::string | aliasTestMayAlias = "MAYALIAS" |
| static const std::string | aliasTestMayAliasMangled = "_Z8MAYALIASPvS_" |
| static const std::string | aliasTestNoAlias = "NOALIAS" |
| static const std::string | aliasTestNoAliasMangled = "_Z7NOALIASPvS_" |
| static const std::string | aliasTestPartialAlias = "PARTIALALIAS" |
| static const std::string | aliasTestPartialAliasMangled = "_Z12PARTIALALIASPvS_" |
| static const std::string | aliasTestMustAlias = "MUSTALIAS" |
| static const std::string | aliasTestMustAliasMangled = "_Z9MUSTALIASPvS_" |
| static const std::string | aliasTestFailMayAlias = "EXPECTEDFAIL_MAYALIAS" |
| static const std::string | aliasTestFailMayAliasMangled = "_Z21EXPECTEDFAIL_MAYALIASPvS_" |
| static const std::string | aliasTestFailNoAlias = "EXPECTEDFAIL_NOALIAS" |
| static const std::string | aliasTestFailNoAliasMangled = "_Z20EXPECTEDFAIL_NOALIASPvS_" |
| Protected Attributes inherited from SVF::AndersenSCD | |
| NodeSet | sccCandidates |
| NodeToNodeMap | pwcReps |
| Protected Attributes inherited from SVF::Andersen | |
| CallSite2DummyValPN | callsite2DummyValPN |
| Map an instruction to a dummy obj which created at an indirect callsite, which invokes a heap allocator. | |
| Protected Attributes inherited from SVF::AndersenBase | |
| ConstraintGraph * | consCG |
| Constraint Graph. | |
| CallSite2DummyValPN | callsite2DummyValPN |
| Protected Attributes inherited from SVF::WPASolver< GraphType > | |
| bool | reanalyze |
| Reanalyze if any constraint value changed. | |
| u32_t | iterationForPrintStat |
| print out statistics for i-th iteration | |
| GraphType | _graph |
| Graph. | |
| std::unique_ptr< SCC > | scc |
| SCC. | |
| WorkList | worklist |
| Worklist for resolution. | |
| Protected Attributes inherited from SVF::PointerAnalysis | |
| bool | print_stat |
| User input flags. | |
| bool | alias_validation |
| Flag for validating points-to/alias results. | |
| u32_t | OnTheFlyIterBudgetForStat |
| Flag for iteration budget for on-the-fly statistics. | |
| SVFModule * | svfMod |
| Module. | |
| PTATY | ptaTy |
| Pointer analysis Type. | |
| PTAImplTy | ptaImplTy |
| PTA implementation type. | |
| PTAStat * | stat |
| Statistics. | |
| PTACallGraph * | callgraph |
| Call graph used for pointer analysis. | |
| CallGraphSCC * | callGraphSCC |
| SCC for PTACallGraph. | |
| ICFG * | icfg |
| Interprocedural control-flow graph. | |
| CommonCHGraph * | chgraph |
| CHGraph. | |
| Static Protected Attributes inherited from SVF::AndersenSCD | |
| static AndersenSCD * | scdAndersen = nullptr |
| Static Protected Attributes inherited from SVF::PointerAnalysis | |
| static SVFIR * | pag = nullptr |
| SVFIR. | |
Detailed Description
Selective Cycle Detection with Stride-based Field Representation
Definition at line 102 of file AndersenPWC.h.
Member Typedef Documentation
◆ FieldReps
Definition at line 106 of file AndersenPWC.h.
◆ NodeStrides
Definition at line 105 of file AndersenPWC.h.
◆ SFRTrait
Definition at line 107 of file AndersenPWC.h.
Constructor & Destructor Documentation
◆ AndersenSFR()
|
inline |
Definition at line 117 of file AndersenPWC.h.
◆ ~AndersenSFR()
|
inline |
Definition at line 140 of file AndersenPWC.h.
Member Function Documentation
◆ createAndersenSFR()
|
inlinestatic |
Create an singleton instance directly instead of invoking llvm pass manager.
Definition at line 123 of file AndersenPWC.h.
◆ fieldExpand()
|
protected |
Expand field IDs in target pts based on the initials and offsets
Definition at line 120 of file AndersenSFR.cpp.
◆ initialize()
|
protectedvirtual |
Initialize analysis.
Connect formal and actual parameters for indirect callsites ‍/
void AndersenBase::connectCaller2CalleeParams(const CallICFGNode* cs, const SVFFunction* F, NodePairSet &cpySrcNodes) { assert(F);
DBOUT(DAndersen, outs() << "connect parameters from indirect callsite " << cs->valueOnlyToString() << " to callee " << *F << "\n");
const CallICFGNode* callBlockNode = cs; const RetICFGNode* retBlockNode = cs->getRetICFGNode();
if(SVFUtil::isHeapAllocExtFunViaRet(F) && pag->callsiteHasRet(retBlockNode)) { heapAllocatorViaIndCall(cs,cpySrcNodes); }
if (pag->funHasRet(F) && pag->callsiteHasRet(retBlockNode)) { const PAGNode* cs_return = pag->getCallSiteRet(retBlockNode); const PAGNode* fun_return = pag->getFunRet(F); if (cs_return->isPointer() && fun_return->isPointer()) { NodeID dstrec = sccRepNode(cs_return->getId()); NodeID srcret = sccRepNode(fun_return->getId()); if(addCopyEdge(srcret, dstrec)) { cpySrcNodes.insert(std::make_pair(srcret,dstrec)); } } else { DBOUT(DAndersen, outs() << "not a pointer ignored\n"); } }
if (pag->hasCallSiteArgsMap(callBlockNode) && pag->hasFunArgsList(F)) {
connect actual and formal param const SVFIR::SVFVarList& csArgList = pag->getCallSiteArgsList(callBlockNode); const SVFIR::SVFVarList& funArgList = pag->getFunArgsList(F); Go through the fixed parameters. DBOUT(DPAGBuild, outs() << " args:"); SVFIR::SVFVarList::const_iterator funArgIt = funArgList.begin(), funArgEit = funArgList.end(); SVFIR::SVFVarList::const_iterator csArgIt = csArgList.begin(), csArgEit = csArgList.end(); for (; funArgIt != funArgEit; ++csArgIt, ++funArgIt) { Some programs (e.g. Linux kernel) leave unneeded parameters empty. if (csArgIt == csArgEit) { DBOUT(DAndersen, outs() << " !! not enough args\n"); break; } const PAGNode *cs_arg = *csArgIt ; const PAGNode *fun_arg = *funArgIt;
if (cs_arg->isPointer() && fun_arg->isPointer()) { DBOUT(DAndersen, outs() << "process actual parm " << cs_arg->toString() << " \n"); NodeID srcAA = sccRepNode(cs_arg->getId()); NodeID dstFA = sccRepNode(fun_arg->getId()); if(addCopyEdge(srcAA, dstFA)) { cpySrcNodes.insert(std::make_pair(srcAA,dstFA)); } } }
Any remaining actual args must be varargs. if (F->isVarArg()) { NodeID vaF = sccRepNode(pag->getVarargNode(F)); DBOUT(DPAGBuild, outs() << "\n varargs:"); for (; csArgIt != csArgEit; ++csArgIt) { const PAGNode *cs_arg = *csArgIt; if (cs_arg->isPointer()) { NodeID vnAA = sccRepNode(cs_arg->getId()); if (addCopyEdge(vnAA,vaF)) { cpySrcNodes.insert(std::make_pair(vnAA,vaF)); } } } } if(csArgIt != csArgEit) { writeWrnMsg("too many args to non-vararg func."); writeWrnMsg("(" + cs->getSourceLoc() + ")"); } } }
void AndersenBase::heapAllocatorViaIndCall(const CallICFGNode* cs, NodePairSet &cpySrcNodes) { assert(cs->getCalledFunction() == nullptr && "not an indirect callsite?"); const RetICFGNode* retBlockNode = cs->getRetICFGNode(); const PAGNode* cs_return = pag->getCallSiteRet(retBlockNode); NodeID srcret; CallSite2DummyValPN::const_iterator it = callsite2DummyValPN.find(cs); if(it != callsite2DummyValPN.end()) { srcret = sccRepNode(it->second); } else { NodeID valNode = pag->addDummyValNode(); NodeID objNode = pag->addDummyObjNode(cs->getType()); addPts(valNode,objNode); callsite2DummyValPN.insert(std::make_pair(cs,valNode)); consCG->addConstraintNode(new ConstraintNode(valNode),valNode); consCG->addConstraintNode(new ConstraintNode(objNode),objNode); srcret = valNode; }
NodeID dstrec = sccRepNode(cs_return->getId()); if(addCopyEdge(srcret, dstrec)) cpySrcNodes.insert(std::make_pair(srcret,dstrec)); }
void AndersenBase::normalizePointsTo() { SVFIR::MemObjToFieldsMap &memToFieldsMap = pag->getMemToFieldsMap(); SVFIR::NodeOffsetMap &GepObjVarMap = pag->getGepObjNodeMap();
clear GepObjVarMap/memToFieldsMap/nodeToSubsMap/nodeToRepMap for redundant gepnodes and remove those nodes from pag for (NodeID n: redundantGepNodes) { NodeID base = pag->getBaseObjVar(n); GepObjVar *gepNode = SVFUtil::dyn_cast<GepObjVar>(pag->getGNode(n)); assert(gepNode && "Not a gep node in redundantGepNodes set"); const APOffset apOffset = gepNode->getConstantFieldIdx(); GepObjVarMap.erase(std::make_pair(base, apOffset)); memToFieldsMap[base].reset(n); cleanConsCG(n);
pag->removeGNode(gepNode); } }
/*! Initialize analysis
Detect and collapse cycles consisting of only copy edges
Initialize worklist
Reimplemented from SVF::Andersen.
Definition at line 42 of file AndersenSFR.cpp.
◆ mergeSrcToTgt()
merge nodeId to newRepId. Return true if the newRepId is a PWC node
union pts of node to rep
move the edges from node to rep, and remove the node
- if find gep edges inside SCC cycle, the rep node will become a PWC node and its pts should be collapsed later.
- if the node to be merged is already a PWC node, the rep node will also become a PWC node as it will have a self-cycle gep edge.
set rep and sub relations
Reimplemented from SVF::Andersen.
Definition at line 69 of file AndersenSFR.cpp.
◆ processGepPts()
Propagate point-to set via a gep edge, using SFR
Reimplemented from SVF::Andersen.
Definition at line 84 of file AndersenSFR.cpp.
◆ PWCDetect()
|
protectedvirtual |
Call the PWC stride calculation method of class CSC.
Reimplemented from SVF::AndersenSCD.
Definition at line 59 of file AndersenSFR.cpp.
◆ releaseAndersenSFR()
|
inlinestatic |
Definition at line 134 of file AndersenPWC.h.
Member Data Documentation
◆ csc
|
private |
Definition at line 112 of file AndersenPWC.h.
◆ fieldReps
|
private |
Definition at line 114 of file AndersenPWC.h.
◆ sfrAndersen
|
staticprivate |
Definition at line 110 of file AndersenPWC.h.
◆ sfrObjNodes
|
private |
Definition at line 113 of file AndersenPWC.h.
The documentation for this class was generated from the following files:
- /home/runner/work/SVF/SVF/svf/include/WPA/AndersenPWC.h
- /home/runner/work/SVF/SVF/svf/lib/WPA/AndersenSFR.cpp
