#include <CFLAlias.h>

Inheritance diagram for SVF::CFLAlias:

Public Types
typedef OrderedMap< const CallICFGNode *, NodeID >	CallSite2DummyValPN

Public Types inherited from SVF::BVDataPTAImpl
enum	PTBackingType { Mutable , Persistent }
	How the PTData used is implemented. More...

typedef PTData< NodeID, NodeSet, NodeID, PointsTo >	PTDataTy

typedef DiffPTData< NodeID, NodeSet, NodeID, PointsTo >	DiffPTDataTy

typedef DFPTData< NodeID, NodeSet, NodeID, PointsTo >	DFPTDataTy

typedef VersionedPTData< NodeID, NodeSet, NodeID, PointsTo, VersionedVar, Set< VersionedVar > >	VersionedPTDataTy

typedef MutablePTData< NodeID, NodeSet, NodeID, PointsTo >	MutPTDataTy

typedef MutableDiffPTData< NodeID, NodeSet, NodeID, PointsTo >	MutDiffPTDataTy

typedef MutableDFPTData< NodeID, NodeSet, NodeID, PointsTo >	MutDFPTDataTy

typedef MutableIncDFPTData< NodeID, NodeSet, NodeID, PointsTo >	MutIncDFPTDataTy

typedef MutableVersionedPTData< NodeID, NodeSet, NodeID, PointsTo, VersionedVar, Set< VersionedVar > >	MutVersionedPTDataTy

typedef PersistentPTData< NodeID, NodeSet, NodeID, PointsTo >	PersPTDataTy

typedef PersistentDiffPTData< NodeID, NodeSet, NodeID, PointsTo >	PersDiffPTDataTy

typedef PersistentDFPTData< NodeID, NodeSet, NodeID, PointsTo >	PersDFPTDataTy

typedef PersistentIncDFPTData< NodeID, NodeSet, NodeID, PointsTo >	PersIncDFPTDataTy

typedef PersistentVersionedPTData< NodeID, NodeSet, NodeID, PointsTo, VersionedVar, Set< VersionedVar > >	PersVersionedPTDataTy

Public Types inherited from SVF::PointerAnalysis
enum	PTATY { Andersen_BASE , Andersen_WPA , AndersenSCD_WPA , AndersenSFR_WPA , AndersenWaveDiff_WPA , Steensgaard_WPA , CSCallString_WPA , CSSummary_WPA , FSDATAFLOW_WPA , FSSPARSE_WPA , VFS_WPA , FSCS_WPA , CFLFICI_WPA , CFLFSCI_WPA , CFLFSCS_WPA , TypeCPP_WPA , FieldS_DDA , FlowS_DDA , PathS_DDA , Cxt_DDA , Default_PTA }
	Pointer analysis type list. More...

enum	PTAImplTy { BaseImpl , BVDataImpl , CondImpl }
	Implementation type: BVDataPTAImpl or CondPTAImpl. More...

typedef Set< const CallICFGNode * >	CallSiteSet
	Indirect call edges type, map a callsite to a set of callees. More...

typedef SVFIR::CallSiteToFunPtrMap	CallSiteToFunPtrMap

typedef Set< const SVFFunction * >	FunctionSet

typedef OrderedMap< const CallICFGNode *, FunctionSet >	CallEdgeMap

typedef SCCDetection< PTACallGraph * >	CallGraphSCC

typedef Set< const SVFGlobalValue * >	VTableSet

typedef Set< const SVFFunction * >	VFunSet

Public Member Functions
	CFLAlias (SVFIR *ir)

virtual void	initialize ()
	Initialize the grammar, graph, solver. More...

virtual void	initializeSolver ()
	Initialize Solver. More...

virtual void	finalize ()
	Print grammar and graph. More...

virtual void	solve ()
	Solving CFL Reachability. More...

virtual AliasResult	alias (const SVFValue v1, const SVFValue v2)
	Interface exposed to users of our Alias analysis, given Value infos. More...

virtual AliasResult	alias (NodeID node1, NodeID node2)
	Interface exposed to users of our Alias analysis, given PAGNodeID. More...

virtual const PointsTo &	getCFLPts (NodeID ptr)
	Get points-to targets of a pointer. V In this context. More...

virtual bool	addCopyEdge (NodeID src, NodeID dst)
	Need Original one for virtual table. More...

virtual const NodeSet &	getRevPts (NodeID nodeId)
	Given an object, get all the nodes having whose pointsto contains the object. More...

virtual bool	updateCallGraph (const CallSiteToFunPtrMap &callsites)
	Update call graph for the input indirect callsites. More...

virtual void	onTheFlyCallGraphSolve (const CallSiteToFunPtrMap &callsites, CallEdgeMap &newEdges)
	On the fly call graph construction. More...

void	connectCaller2CalleeParams (const CallICFGNode cs, const SVFFunction F)
	Connect formal and actual parameters for indirect callsites. More...

void	heapAllocatorViaIndCall (const CallICFGNode *cs)

Public Member Functions inherited from SVF::CFLBase
	CFLBase (SVFIR *ir, PointerAnalysis::PTATY pty)

virtual	~CFLBase ()
	Destructor. More...

virtual void	checkParameter ()
	Parameter Checking. More...

virtual void	buildCFLGrammar ()
	Build Grammar from text file. More...

virtual void	buildCFLGraph ()
	Build CFLGraph based on Option. More...

virtual void	normalizeCFLGrammar ()
	Normalize grammar. More...

CFLGraph *	getCFLGraph ()
	Get CFL graph. More...

virtual void	countSumEdges ()
	Count the num of Nonterminal Edges. More...

virtual void	analyze ()
	Perform analyze (main part of CFLR Analysis) More...

Public Member Functions inherited from SVF::BVDataPTAImpl
	BVDataPTAImpl (SVFIR *pag, PointerAnalysis::PTATY type, bool alias_check=true)
	Constructor. More...

	~BVDataPTAImpl () override=default
	Destructor. More...

PersistentPointsToCache< PointsTo > &	getPtCache ()

const PointsTo &	getPts (NodeID id) override

const NodeSet &	getRevPts (NodeID nodeId) override

virtual void	clearPts (NodeID id, NodeID element)
	Remove element from the points-to set of id. More...

virtual void	clearFullPts (NodeID id)
	Clear points-to set of id. More...

virtual bool	unionPts (NodeID id, const PointsTo &target)

virtual bool	unionPts (NodeID id, NodeID ptd)

virtual bool	addPts (NodeID id, NodeID ptd)

virtual void	clearAllPts ()
	Clear all data. More...

virtual void	expandFIObjs (const PointsTo &pts, PointsTo &expandedPts)
	Expand FI objects. More...

virtual void	expandFIObjs (const NodeBS &pts, NodeBS &expandedPts)
	TODO: remove repetition. More...

void	remapPointsToSets (void)
	Remap all points-to sets to use the current mapping. More...

virtual void	writeToFile (const std::string &filename)
	Interface for analysis result storage on filesystem. More...

virtual void	writeObjVarToFile (const std::string &filename)

virtual void	writePtsResultToFile (std::fstream &f)

virtual void	writeGepObjVarMapToFile (std::fstream &f)

virtual bool	readFromFile (const std::string &filename)

virtual void	readPtsResultFromFile (std::ifstream &f)

virtual void	readGepObjVarMapFromFile (std::ifstream &f)

virtual void	readAndSetObjFieldSensitivity (std::ifstream &f, const std::string &delimiterStr)

AliasResult	alias (const SVFValue V1, const SVFValue V2) override
	Interface expose to users of our pointer analysis, given Value infos. More...

AliasResult	alias (NodeID node1, NodeID node2) override
	Interface expose to users of our pointer analysis, given PAGNodeID. More...

virtual AliasResult	alias (const PointsTo &pts1, const PointsTo &pts2)
	Interface expose to users of our pointer analysis, given two pts. More...

void	dumpCPts () override
	dump and debug, print out conditional pts More...

void	dumpTopLevelPtsTo () override

void	dumpAllPts () override

Public Member Functions inherited from SVF::PointerAnalysis
ICFG *	getICFG () const
	Get ICFG. More...

u32_t	getNumOfResolvedIndCallEdge () const
	Return number of resolved indirect call edges. More...

PTACallGraph *	getCallGraph () const
	Return call graph. More...

CallGraphSCC *	getCallGraphSCC () const
	Return call graph SCC. More...

	PointerAnalysis (SVFIR *pag, PTATY ty=Default_PTA, bool alias_check=true)
	Constructor. More...

PTATY	getAnalysisTy () const
	Type of pointer analysis. More...

PTAImplTy	getImplTy () const
	Return implementation type of the pointer analysis. More...

bool	printStat ()
	Whether print statistics. More...

void	disablePrintStat ()
	Whether print statistics. More...

CallEdgeMap &	getIndCallMap ()
	Get callees from an indirect callsite. More...

bool	hasIndCSCallees (const CallICFGNode *cs) const

const FunctionSet &	getIndCSCallees (const CallICFGNode *cs) const

virtual void	resolveIndCalls (const CallICFGNode *cs, const PointsTo &target, CallEdgeMap &newEdges)
	Resolve indirect call edges. More...

void	callGraphSCCDetection ()
	PTACallGraph SCC related methods. More...

NodeID	getCallGraphSCCRepNode (NodeID id) const
	Get SCC rep node of a SVFG node. More...

bool	inSameCallGraphSCC (const SVFFunction fun1, const SVFFunction fun2)
	Return TRUE if this edge is inside a PTACallGraph SCC, i.e., src node and dst node are in the same SCC on the SVFG. More...

bool	isInRecursion (const SVFFunction *fun) const

bool	isLocalVarInRecursiveFun (NodeID id) const
	Whether a local variable is in function recursions. More...

virtual const std::string	PTAName () const
	Return PTA name. More...

CommonCHGraph *	getCHGraph () const
	get CHGraph More...

void	getVFnsFromCHA (const CallICFGNode *cs, VFunSet &vfns)

void	getVFnsFromPts (const CallICFGNode *cs, const PointsTo &target, VFunSet &vfns)

void	connectVCallToVFns (const CallICFGNode *cs, const VFunSet &vfns, CallEdgeMap &newEdges)

virtual void	resolveCPPIndCalls (const CallICFGNode *cs, const PointsTo &target, CallEdgeMap &newEdges)
	Resolve cpp indirect call edges. More...

SVFIR *	getPAG () const

PTAStat *	getStat () const
	Get PTA stat. More...

SVFModule *	getModule () const
	Module. More...

OrderedNodeSet &	getAllValidPtrs ()
	Get all Valid Pointers for resolution. More...

virtual	~PointerAnalysis ()
	Destructor. More...

virtual void	computeDDAPts (NodeID)
	Compute points-to results on-demand, overridden by derived classes. More...

void	printIndCSTargets (const CallICFGNode *cs, const FunctionSet &targets)
	Print targets of a function pointer. More...

virtual void	dumpPts (NodeID ptr, const PointsTo &pts)

void	printIndCSTargets ()

void	dumpAllTypes ()

void	dumpStat ()
	Dump the statistics. More...

bool	containBlackHoleNode (const PointsTo &pts)
	Determine whether a points-to contains a black hole or constant node. More...

bool	containConstantNode (const PointsTo &pts)

virtual bool	isBlkObjOrConstantObj (NodeID ptd) const

bool	isHeapMemObj (NodeID id) const
	Whether this object is heap or array. More...

bool	isArrayMemObj (NodeID id) const

bool	isFIObjNode (NodeID id) const

NodeID	getBaseObjVar (NodeID id)

NodeID	getFIObjVar (NodeID id)

NodeID	getGepObjVar (NodeID id, const APOffset &ap)

virtual const NodeBS &	getAllFieldsObjVars (NodeID id)

void	setObjFieldInsensitive (NodeID id)

bool	isFieldInsensitive (NodeID id) const

Private Attributes
CallSite2DummyValPN	callsite2DummyValPN
	Map an instruction to a dummy obj which created at an indirect callsite, which invokes a heap allocator. More...

Additional Inherited Members
Static Public Member Functions inherited from SVF::BVDataPTAImpl
static bool	classof (const PointerAnalysis *pta)

Static Public Attributes inherited from SVF::CFLBase
static double	timeOfBuildCFLGrammar = 0
	Statistics. More...

static double	timeOfNormalizeGrammar = 0

static double	timeOfBuildCFLGraph = 0

static double	numOfTerminalEdges = 0

static double	numOfTemporaryNonterminalEdges = 0

static double	numOfNonterminalEdges = 0

static double	numOfStartEdges = 0

static double	numOfIteration = 1

static double	numOfChecks = 1

static double	timeOfSolving = 0

Static Public Attributes inherited from SVF::PointerAnalysis
static const std::string	aliasTestMayAlias = "MAYALIAS"

static const std::string	aliasTestMayAliasMangled = "_Z8MAYALIASPvS_"

static const std::string	aliasTestNoAlias = "NOALIAS"

static const std::string	aliasTestNoAliasMangled = "_Z7NOALIASPvS_"

static const std::string	aliasTestPartialAlias = "PARTIALALIAS"

static const std::string	aliasTestPartialAliasMangled = "_Z12PARTIALALIASPvS_"

static const std::string	aliasTestMustAlias = "MUSTALIAS"

static const std::string	aliasTestMustAliasMangled = "_Z9MUSTALIASPvS_"

static const std::string	aliasTestFailMayAlias = "EXPECTEDFAIL_MAYALIAS"

static const std::string	aliasTestFailMayAliasMangled = "_Z21EXPECTEDFAIL_MAYALIASPvS_"

static const std::string	aliasTestFailNoAlias = "EXPECTEDFAIL_NOALIAS"

static const std::string	aliasTestFailNoAliasMangled = "_Z20EXPECTEDFAIL_NOALIASPvS_"

Protected Member Functions inherited from SVF::BVDataPTAImpl
PTDataTy *	getPTDataTy () const
	Get points-to data structure. More...

void	finalize () override
	Finalization of pointer analysis, and normalize points-to information to Bit Vector representation. More...

DiffPTDataTy *	getDiffPTDataTy () const

DFPTDataTy *	getDFPTDataTy () const

MutDFPTDataTy *	getMutDFPTDataTy () const

VersionedPTDataTy *	getVersionedPTDataTy () const

virtual void	onTheFlyThreadCallGraphSolve (const CallSiteToFunPtrMap &callsites, CallEdgeMap &newForkEdges)
	On the fly thread call graph construction respecting forksite. More...

virtual void	normalizePointsTo ()

Protected Member Functions inherited from SVF::PointerAnalysis
const CallSiteToFunPtrMap &	getIndirectCallsites () const
	Return all indirect callsites. More...

NodeID	getFunPtr (const CallICFGNode *cs) const
	Return function pointer PAGNode at a callsite cs. More...

virtual void	validateTests ()
	Alias check functions to verify correctness of pointer analysis. More...

virtual void	validateSuccessTests (std::string fun)

virtual void	validateExpectedFailureTests (std::string fun)

void	resetObjFieldSensitive ()
	Reset all object node as field-sensitive. More...

Protected Attributes inherited from SVF::CFLBase
SVFIR *	svfir

CFLGraph *	graph

GrammarBase *	grammarBase

CFGrammar *	grammar

CFLSolver *	solver

Protected Attributes inherited from SVF::PointerAnalysis
bool	print_stat
	User input flags. More...

bool	alias_validation
	Flag for validating points-to/alias results. More...

u32_t	OnTheFlyIterBudgetForStat
	Flag for iteration budget for on-the-fly statistics. More...

SVFModule *	svfMod
	Module. More...

PTATY	ptaTy
	Pointer analysis Type. More...

PTAImplTy	ptaImplTy
	PTA implementation type. More...

PTAStat *	stat
	Statistics. More...

PTACallGraph *	callgraph
	Call graph used for pointer analysis. More...

CallGraphSCC *	callGraphSCC
	SCC for PTACallGraph. More...

ICFG *	icfg
	Interprocedural control-flow graph. More...

CommonCHGraph *	chgraph
	CHGraph. More...

Static Protected Attributes inherited from SVF::PointerAnalysis
static SVFIR *	pag = nullptr
	SVFIR. More...

Detailed Description

Definition at line 41 of file CFLAlias.h.

Member Typedef Documentation

◆ CallSite2DummyValPN

typedef OrderedMap<const CallICFGNode*, NodeID> SVF::CFLAlias::CallSite2DummyValPN

Definition at line 45 of file CFLAlias.h.

Constructor & Destructor Documentation

◆ CFLAlias()

SVF::CFLAlias::CFLAlias ( SVFIR * ir )

inline

Definition at line 47 of file CFLAlias.h.

                         : CFLBase(ir, PointerAnalysis::CFLFICI_WPA)
     {
     }

Member Function Documentation

◆ addCopyEdge()

virtual bool SVF::CFLAlias::addCopyEdge	(	NodeID	src,
		NodeID	dst
	)

inlinevirtual

Need Original one for virtual table.

Add copy edge on constraint graph

Definition at line 118 of file CFLAlias.h.

     {
         const CFLEdge *edge = graph->hasEdge(graph->getGNode(src),graph->getGNode(dst), 1);
         if (edge != nullptr )
         {
             return false;
         }
         CFGrammar::Kind copyKind = grammar->strToKind("copy");
         CFGrammar::Kind copybarKind = grammar->strToKind("copybar");
         solver->pushIntoWorklist(graph->addCFLEdge(graph->getGNode(src),graph->getGNode(dst), copyKind));
         solver->pushIntoWorklist(graph->addCFLEdge(graph->getGNode(dst),graph->getGNode(src), copybarKind));
         return true;
     }

◆ alias() [1/2]

virtual AliasResult SVF::CFLAlias::alias	(	const SVFValue *	v1,
		const SVFValue *	v2
	)

inlinevirtual

Interface exposed to users of our Alias analysis, given Value infos.

Implements SVF::PointerAnalysis.

Definition at line 65 of file CFLAlias.h.

     {
         NodeID n1 = svfir->getValueNode(v1);
         NodeID n2 = svfir->getValueNode(v2);
         return alias(n1,n2);
     }

◆ alias() [2/2]

virtual AliasResult SVF::CFLAlias::alias	(	NodeID	node1,
		NodeID	node2
	)

inlinevirtual

Interface exposed to users of our Alias analysis, given PAGNodeID.

Implements SVF::PointerAnalysis.

Definition at line 73 of file CFLAlias.h.

     {
         if(graph->hasEdge(graph->getGNode(node1), graph->getGNode(node2), graph->startKind))
             return AliasResult::MayAlias;
         else
             return AliasResult::NoAlias;
     }

◆ connectCaller2CalleeParams()

void CFLAlias::connectCaller2CalleeParams	(	const CallICFGNode *	cs,
		const SVFFunction *	F
	)

Connect formal and actual parameters for indirect callsites.

Connect formal and actual parameters for indirect callsites

Definition at line 62 of file CFLAlias.cpp.

 {
     assert(F);
  
     DBOUT(DAndersen, outs() << "connect parameters from indirect callsite " << cs->toString() << " to callee " << *F << "\n");
  
     const CallICFGNode* callBlockNode = cs;
     const RetICFGNode* retBlockNode = cs->getRetICFGNode();
  
     if(SVFUtil::isHeapAllocExtFunViaRet(F) && svfir->callsiteHasRet(retBlockNode))
     {
         heapAllocatorViaIndCall(cs);
     }
  
     if (svfir->funHasRet(F) && svfir->callsiteHasRet(retBlockNode))
     {
         const PAGNode* cs_return = svfir->getCallSiteRet(retBlockNode);
         const PAGNode* fun_return = svfir->getFunRet(F);
         if (cs_return->isPointer() && fun_return->isPointer())
         {
             NodeID dstrec = cs_return->getId();
             NodeID srcret = fun_return->getId();
             addCopyEdge(srcret, dstrec);
         }
         else
         {
             DBOUT(DAndersen, outs() << "not a pointer ignored\n");
         }
     }
  
     if (svfir->hasCallSiteArgsMap(callBlockNode) && svfir->hasFunArgsList(F))
     {
  
         // connect actual and formal param
         const SVFIR::SVFVarList& csArgList = svfir->getCallSiteArgsList(callBlockNode);
         const SVFIR::SVFVarList& funArgList = svfir->getFunArgsList(F);
         //Go through the fixed parameters.
         DBOUT(DPAGBuild, outs() << "      args:");
         SVFIR::SVFVarList::const_iterator funArgIt = funArgList.begin(), funArgEit = funArgList.end();
         SVFIR::SVFVarList::const_iterator csArgIt  = csArgList.begin(), csArgEit = csArgList.end();
         for (; funArgIt != funArgEit; ++csArgIt, ++funArgIt)
         {
             //Some programs (e.g. Linux kernel) leave unneeded parameters empty.
             if (csArgIt  == csArgEit)
             {
                 DBOUT(DAndersen, outs() << " !! not enough args\n");
                 break;
             }
             const PAGNode *cs_arg = *csArgIt ;
             const PAGNode *fun_arg = *funArgIt;
  
             if (cs_arg->isPointer() && fun_arg->isPointer())
             {
                 DBOUT(DAndersen, outs() << "process actual parm  " << cs_arg->toString() << " \n");
                 NodeID srcAA = cs_arg->getId();
                 NodeID dstFA = fun_arg->getId();
                 addCopyEdge(srcAA, dstFA);
             }
         }
  
         //Any remaining actual args must be varargs.
         if (F->isVarArg())
         {
             NodeID vaF = svfir->getVarargNode(F);
             DBOUT(DPAGBuild, outs() << "\n      varargs:");
             for (; csArgIt != csArgEit; ++csArgIt)
             {
                 const PAGNode *cs_arg = *csArgIt;
                 if (cs_arg->isPointer())
                 {
                     NodeID vnAA = cs_arg->getId();
                     addCopyEdge(vnAA,vaF);
                 }
             }
         }
         if(csArgIt != csArgEit)
         {
             writeWrnMsg("too many args to non-vararg func.");
             writeWrnMsg("(" + cs->getSourceLoc() + ")");
         }
     }
 }

◆ finalize()

void CFLAlias::finalize ( )

virtual

Print grammar and graph.

Reimplemented from SVF::CFLBase.

Definition at line 213 of file CFLAlias.cpp.

 {
     numOfChecks = solver->numOfChecks;
  
     if(Options::PrintCFL() == true)
     {
         if (Options::CFLGraph().empty())
             svfir->dump("IR");
         grammar->dump("Grammar");
         graph->dump("CFLGraph");
     }
     if (Options::CFLGraph().empty())
         PointerAnalysis::finalize();
 }

◆ getCFLPts()

virtual const PointsTo& SVF::CFLAlias::getCFLPts ( NodeID ptr )

inlinevirtual

Get points-to targets of a pointer. V In this context.

Check V Dst of ptr.

Definition at line 82 of file CFLAlias.h.

     {
         CFLNode *funNode = graph->getGNode(ptr);
         for(auto outedge = funNode->getOutEdges().begin(); outedge!=funNode->getOutEdges().end(); outedge++)
         {
             if((*outedge)->getEdgeKind() == graph->getStartKind())
             {
                 // Need to Find dst addr src
                 SVFVar *vNode = svfir->getGNode((*outedge)->getDstID());
                 NodeID basevNodeID;
                 // Remove svfir->getBaseValVar, SVF IR api change
                 if (vNode->hasIncomingEdges(SVFStmt::Gep))
                 {
                     SVFStmt::SVFStmtSetTy& geps = vNode->getIncomingEdges(SVFStmt::Gep);
                     SVFVar::iterator it = geps.begin();
                     basevNodeID = (*it)->getSrcID();
                 }
                 else
                     basevNodeID = vNode->getId();
                 addPts(ptr, basevNodeID);
                 for(auto inEdge = vNode->getInEdges().begin(); inEdge!=vNode->getInEdges().end(); inEdge++)
                 {
                     if((*inEdge)->getEdgeKind() == 0)
                     {
                         addPts(ptr, (*inEdge)->getSrcID());
                     }
                 }
             }
         }
         return getPts(ptr);
     }

◆ getRevPts()

virtual const NodeSet& SVF::CFLAlias::getRevPts ( NodeID nodeId )

inlinevirtual

Given an object, get all the nodes having whose pointsto contains the object.

Check Outgoing flowtobar edge dst of ptr

Implements SVF::PointerAnalysis.

Definition at line 133 of file CFLAlias.h.

     {
         abort(); // to be implemented
     }

◆ heapAllocatorViaIndCall()

void CFLAlias::heapAllocatorViaIndCall ( const CallICFGNode * cs )

Definition at line 145 of file CFLAlias.cpp.

 {
     assert(cs->getCalledFunction() == nullptr && "not an indirect callsite?");
     const RetICFGNode* retBlockNode = cs->getRetICFGNode();
     const PAGNode* cs_return = svfir->getCallSiteRet(retBlockNode);
     NodeID srcret;
     CallSite2DummyValPN::const_iterator it = callsite2DummyValPN.find(cs);
     if(it != callsite2DummyValPN.end())
     {
         srcret = it->second;
     }
     else
     {
         NodeID valNode = svfir->addDummyValNode();
         NodeID objNode = svfir->addDummyObjNode(cs->getType());
         callsite2DummyValPN.insert(std::make_pair(cs,valNode));
         graph->addCFLNode(valNode, new CFLNode(valNode));
         graph->addCFLNode(objNode, new CFLNode(objNode));
         srcret = valNode;
     }
  
     NodeID dstrec = cs_return->getId();
     addCopyEdge(srcret, dstrec);
 }

◆ initialize()

void CFLAlias::initialize ( )

virtual

Initialize the grammar, graph, solver.

Reimplemented from SVF::PointerAnalysis.

Definition at line 188 of file CFLAlias.cpp.

 {
     stat = new CFLStat(this);
  
     // Parameter Checking
     checkParameter();
  
     // Build CFL Grammar
     buildCFLGrammar();
  
     // Build CFL Graph
     buildCFLGraph();
  
     // Normalize CFL Grammar
     normalizeCFLGrammar();
  
     // Initialize solver
     initializeSolver();
 }

◆ initializeSolver()

void CFLAlias::initializeSolver ( )

virtual

Initialize Solver.

Reimplemented in SVF::POCRHybrid, and SVF::POCRAlias.

Definition at line 208 of file CFLAlias.cpp.

 {
     solver = new CFLSolver(graph, grammar);
 }

◆ onTheFlyCallGraphSolve()

void CFLAlias::onTheFlyCallGraphSolve	(	const CallSiteToFunPtrMap &	callsites,
		CallEdgeMap &	newEdges
	)

virtual

On the fly call graph construction.

On the fly call graph construction callsites is candidate indirect callsites need to be analyzed based on points-to results newEdges is the new indirect call edges discovered

Reimplemented from SVF::BVDataPTAImpl.

Definition at line 39 of file CFLAlias.cpp.

 {
     for(CallSiteToFunPtrMap::const_iterator iter = callsites.begin(), eiter = callsites.end(); iter!=eiter; ++iter)
     {
         const CallICFGNode* cs = iter->first;
  
         if (cs->isVirtualCall())
         {
             const SVFVar* vtbl = cs->getVtablePtr();
  
             assert(vtbl != nullptr);
             NodeID vtblId = vtbl->getId();
             resolveCPPIndCalls(cs, getCFLPts(vtblId), newEdges);
         }
         else
             resolveIndCalls(iter->first,getCFLPts(iter->second),newEdges);
     }
 }

◆ solve()

void CFLAlias::solve ( )

virtual

Solving CFL Reachability.

Reimplemented from SVF::CFLBase.

Definition at line 228 of file CFLAlias.cpp.

 {
     // Start solving
     double start = stat->getClk(true);
  
     solver->solve();
     if (Options::CFLGraph().empty())
     {
         while (updateCallGraph(svfir->getIndirectCallsites()))
         {
             numOfIteration++;
             solver->solve();
         }
     } // Only cflgraph built from bc could reanalyze by update call graph
  
     double end = stat->getClk(true);
     timeOfSolving += (end - start) / TIMEINTERVAL;
 }

◆ updateCallGraph()

bool CFLAlias::updateCallGraph ( const CallSiteToFunPtrMap & callsites )

virtual

Update call graph for the input indirect callsites.

Update call graph for the input indirect callsites

Reimplemented from SVF::BVDataPTAImpl.

Definition at line 173 of file CFLAlias.cpp.

 {
     CallEdgeMap newEdges;
     onTheFlyCallGraphSolve(callsites,newEdges);
     for(CallEdgeMap::iterator it = newEdges.begin(), eit = newEdges.end(); it!=eit; ++it )
     {
         for(FunctionSet::iterator cit = it->second.begin(), ecit = it->second.end(); cit!=ecit; ++cit)
         {
             connectCaller2CalleeParams(it->first,*cit);
         }
     }
  
     return (!solver->isWorklistEmpty());
 }

Member Data Documentation

◆ callsite2DummyValPN

CallSite2DummyValPN SVF::CFLAlias::callsite2DummyValPN

private

Map an instruction to a dummy obj which created at an indirect callsite, which invokes a heap allocator.

Definition at line 151 of file CFLAlias.h.

The documentation for this class was generated from the following files:

/home/runner/work/SVF/SVF/svf/include/CFL/CFLAlias.h
/home/runner/work/SVF/SVF/svf/lib/CFL/CFLAlias.cpp

Public Types

Public Member Functions

Private Attributes

Additional Inherited Members

Detailed Description

Member Typedef Documentation

◆ CallSite2DummyValPN

Constructor & Destructor Documentation

◆ CFLAlias()

Member Function Documentation

◆ addCopyEdge()

◆ alias() [1/2]

◆ alias() [2/2]

◆ connectCaller2CalleeParams()

◆ finalize()

◆ getCFLPts()

◆ getRevPts()

◆ heapAllocatorViaIndCall()

◆ initialize()

◆ initializeSolver()

◆ onTheFlyCallGraphSolve()

◆ solve()

◆ updateCallGraph()

Member Data Documentation

◆ callsite2DummyValPN