#include <PAGBuilder.h>

Inheritance diagram for SVF::PAGBuilder:

Public Member Functions
	PAGBuilder ()
	Constructor. More...

virtual	~PAGBuilder ()
	Destructor. More...

virtual PAG *	build (SVFModule *svfModule)
	Start building PAG here. More...

PAG *	getPAG () const
	Return PAG. More...

void	sanityCheck ()
	Sanity check for PAG. More...

void	processCE (const Value *val)
	Process constant expression. More...

bool	computeGepOffset (const User *V, LocationSet &ls)
	Compute offset of a gep instruction or gep constant expression. More...

void	handleDirectCall (CallSite cs, const SVFFunction *F)
	Handle direct call. More...

void	handleIndCall (CallSite cs)
	Handle indirect call. More...


void	initialiseNodes ()
	Initialize nodes and edges. More...

void	addEdge (NodeID src, NodeID dst, PAGEdge::PEDGEK kind, Size_t offset=0, Instruction *cs=nullptr)


NodeID	getValueNode (const Value *V)
	Get different kinds of node. More...

NodeID	getObjectNode (const Value *V)
	GetObject - Return the object node (stack/global/heap/function) according to a LLVM Value. More...

NodeID	getReturnNode (const SVFFunction *func)
	getReturnNode - Return the node representing the unique return value of a function. More...

NodeID	getVarargNode (const SVFFunction *func)
	getVarargNode - Return the node representing the unique variadic argument of a function. More...


void	visitGlobal (SVFModule *svfModule)
	Handle globals including (global variable and functions) More...

void	InitialGlobal (const GlobalVariable gvar, Constant C, u32_t offset)

NodeID	getGlobalVarField (const GlobalVariable *gvar, u32_t offset)


virtual void	handleExtCall (CallSite cs, const SVFFunction *F)
	Handle external call. More...

const Type *	getBaseTypeAndFlattenedFields (Value *v, std::vector< LocationSet > &fields)

void	addComplexConsForExt (Value D, Value S, u32_t sz=0)


virtual void	visitAllocaInst (AllocaInst &AI)
	Our visit overrides. More...

void	visitPHINode (PHINode &I)

void	visitStoreInst (StoreInst &I)

void	visitLoadInst (LoadInst &I)

void	visitGetElementPtrInst (GetElementPtrInst &I)

void	visitCallInst (CallInst &I)

void	visitInvokeInst (InvokeInst &II)

void	visitCallBrInst (CallBrInst &I)

void	visitCallSite (CallSite cs)

void	visitReturnInst (ReturnInst &I)

void	visitCastInst (CastInst &I)

void	visitSelectInst (SelectInst &I)

void	visitExtractValueInst (ExtractValueInst &EVI)

void	visitBranchInst (BranchInst &I)

void	visitSwitchInst (SwitchInst &I)

void	visitInsertValueInst (InsertValueInst &I)

void	visitBinaryOperator (BinaryOperator &I)

void	visitUnaryOperator (UnaryOperator &I)

void	visitCmpInst (CmpInst &I)

void	visitVAArgInst (VAArgInst &)

void	visitVACopyInst (VACopyInst &I)

void	visitVAEndInst (VAEndInst &I)

void	visitVAStartInst (VAStartInst &I)

void	visitFreezeInst (FreezeInst &I)

void	visitExtractElementInst (ExtractElementInst &I)

void	visitInsertElementInst (InsertElementInst &I)

void	visitShuffleVectorInst (ShuffleVectorInst &I)

void	visitLandingPadInst (LandingPadInst &I)

void	visitResumeInst (ResumeInst &)
	Instruction not that often. More...

void	visitUnreachableInst (UnreachableInst &)

void	visitFenceInst (FenceInst &I)

void	visitAtomicCmpXchgInst (AtomicCmpXchgInst &I)

void	visitAtomicRMWInst (AtomicRMWInst &I)

void	visitInstruction (Instruction &)
	Provide base case for our instruction visit. More...

void	setCurrentLocation (const Value val, const BasicBlock bb)
	Set current basic block in order to keep track of control flow information. More...

const Value *	getCurrentValue () const

const BasicBlock *	getCurrentBB () const

void	addGlobalBlackHoleAddrEdge (NodeID node, const ConstantExpr *int2Ptrce)
	Add global black hole Address edge. More...

NodeID	addNullPtrNode ()
	Add NullPtr PAGNode. More...

NodeID	getGepValNode (const Value val, const LocationSet &ls, const Type baseType, u32_t fieldidx)

void	setCurrentBBAndValueForPAGEdge (PAGEdge *edge)

PAGEdge *	addBlackHoleAddrEdge (NodeID node)

AddrPE *	addAddrEdge (NodeID src, NodeID dst)
	Add Address edge. More...

CopyPE *	addCopyEdge (NodeID src, NodeID dst)
	Add Copy edge. More...

CmpPE *	addCmpEdge (NodeID src, NodeID dst)
	Add Copy edge. More...

BinaryOPPE *	addBinaryOPEdge (NodeID src, NodeID dst)
	Add Copy edge. More...

UnaryOPPE *	addUnaryOPEdge (NodeID src, NodeID dst)
	Add Unary edge. More...

LoadPE *	addLoadEdge (NodeID src, NodeID dst)
	Add Load edge. More...

StorePE *	addStoreEdge (NodeID src, NodeID dst)
	Add Store edge. More...

CallPE *	addCallEdge (NodeID src, NodeID dst, const CallBlockNode *cs)
	Add Call edge. More...

RetPE *	addRetEdge (NodeID src, NodeID dst, const CallBlockNode *cs)
	Add Return edge. More...

GepPE *	addGepEdge (NodeID src, NodeID dst, const LocationSet &ls, bool constGep)
	Add Gep edge. More...

NormalGepPE *	addNormalGepEdge (NodeID src, NodeID dst, const LocationSet &ls)
	Add Offset(Gep) edge. More...

VariantGepPE *	addVariantGepEdge (NodeID src, NodeID dst)
	Add Variant(Gep) edge. More...

TDForkPE *	addThreadForkEdge (NodeID src, NodeID dst, const CallBlockNode *cs)
	Add Thread fork edge for parameter passing. More...

TDJoinPE *	addThreadJoinEdge (NodeID src, NodeID dst, const CallBlockNode *cs)
	Add Thread join edge for parameter passing. More...

Private Attributes
PAG *	pag

SVFModule *	svfMod

const BasicBlock *	curBB
	Current basic block during PAG construction when visiting the module. More...

const Value *	curVal
	Current Value during PAG construction when visiting the module. More...

Detailed Description

PAG Builder

Definition at line 44 of file PAGBuilder.h.

Constructor & Destructor Documentation

◆ PAGBuilder()

SVF::PAGBuilder::PAGBuilder ( )

inline

Constructor.

Definition at line 55 of file PAGBuilder.h.

                 : pag(PAG::getPAG()), svfMod(nullptr), curBB(nullptr),curVal(nullptr)
     {
     }

◆ ~PAGBuilder()

virtual SVF::PAGBuilder::~PAGBuilder ( )

inlinevirtual

Destructor.

Definition at line 59 of file PAGBuilder.h.

60 {

61 }

Member Function Documentation

◆ addAddrEdge()

AddrPE* SVF::PAGBuilder::addAddrEdge	(	NodeID	src,
		NodeID	dst
	)

inline

Add Address edge.

Definition at line 282 of file PAGBuilder.h.

     {
         AddrPE *edge = pag->addAddrPE(src, dst);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addBinaryOPEdge()

BinaryOPPE* SVF::PAGBuilder::addBinaryOPEdge	(	NodeID	src,
		NodeID	dst
	)

inline

Add Copy edge.

Definition at line 303 of file PAGBuilder.h.

     {
         BinaryOPPE *edge = pag->addBinaryOPPE(src, dst);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addBlackHoleAddrEdge()

PAGEdge* SVF::PAGBuilder::addBlackHoleAddrEdge ( NodeID node )

inline

Definition at line 274 of file PAGBuilder.h.

     {
         PAGEdge *edge = pag->addBlackHoleAddrPE(node);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addCallEdge()

CallPE* SVF::PAGBuilder::addCallEdge	(	NodeID	src,
		NodeID	dst,
		const CallBlockNode *	cs
	)

inline

Add Call edge.

Definition at line 336 of file PAGBuilder.h.

     {
         CallPE *edge = pag->addCallPE(src, dst, cs);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addCmpEdge()

CmpPE* SVF::PAGBuilder::addCmpEdge	(	NodeID	src,
		NodeID	dst
	)

inline

Add Copy edge.

Definition at line 296 of file PAGBuilder.h.

     {
         CmpPE *edge = pag->addCmpPE(src, dst);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addComplexConsForExt()

void PAGBuilder::addComplexConsForExt	(	Value *	D,
		Value *	S,
		u32_t	sz = `0`
	)

Add the load/store constraints and temp. nodes for the complex constraint *D = *S (where D/S may point to structs).

If sz is 0, we will add edges for all fields.

Definition at line 912 of file PAGBuilder.cpp.

 {
     assert(D && S);
     NodeID vnD= getValueNode(D), vnS= getValueNode(S);
     if(!vnD || !vnS)
         return;
 
     std::vector<LocationSet> fields;
 
     //Get the max possible size of the copy, unless it was provided.
     std::vector<LocationSet> srcFields;
     std::vector<LocationSet> dstFields;
     const Type *stype = getBaseTypeAndFlattenedFields(S, srcFields);
     const Type *dtype = getBaseTypeAndFlattenedFields(D, dstFields);
     if(srcFields.size() > dstFields.size())
         fields = dstFields;
     else
         fields = srcFields;
 
     if (sz == 0)
         sz = fields.size();
 
     assert(fields.size() >= sz && "the number of flattened fields is smaller than size");
 
     //For each field (i), add (Ti = *S + i) and (*D + i = Ti).
     for (u32_t index = 0; index < sz; index++)
     {
         NodeID dField = getGepValNode(D,fields[index],dtype,index);
         NodeID sField = getGepValNode(S,fields[index],stype,index);
         NodeID dummy = pag->addDummyValNode();
         addLoadEdge(sField,dummy);
         addStoreEdge(dummy,dField);
     }
 }

◆ addCopyEdge()

CopyPE* SVF::PAGBuilder::addCopyEdge	(	NodeID	src,
		NodeID	dst
	)

inline

Add Copy edge.

Definition at line 289 of file PAGBuilder.h.

     {
         CopyPE *edge = pag->addCopyPE(src, dst);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addEdge()

void SVF::PAGBuilder::addEdge	(	NodeID	src,
		NodeID	dst,
		PAGEdge::PEDGEK	kind,
		Size_t	offset = `0`,
		Instruction *	cs = `nullptr`
	)

◆ addGepEdge()

GepPE* SVF::PAGBuilder::addGepEdge	(	NodeID	src,
		NodeID	dst,
		const LocationSet &	ls,
		bool	constGep
	)

inline

Add Gep edge.

Definition at line 350 of file PAGBuilder.h.

     {
         GepPE *edge = pag->addGepPE(src, dst, ls, constGep);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addGlobalBlackHoleAddrEdge()

void SVF::PAGBuilder::addGlobalBlackHoleAddrEdge	(	NodeID	node,
		const ConstantExpr *	int2Ptrce
	)

inline

Add global black hole Address edge.

Definition at line 249 of file PAGBuilder.h.

     {
         const Value* cval = getCurrentValue();
         const BasicBlock* cbb = getCurrentBB();
         setCurrentLocation(int2Ptrce,nullptr);
         addBlackHoleAddrEdge(node);
         setCurrentLocation(cval,cbb);
     }

◆ addLoadEdge()

LoadPE* SVF::PAGBuilder::addLoadEdge	(	NodeID	src,
		NodeID	dst
	)

inline

Add Load edge.

Definition at line 317 of file PAGBuilder.h.

     {
         LoadPE *edge = pag->addLoadPE(src, dst);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addNormalGepEdge()

NormalGepPE* SVF::PAGBuilder::addNormalGepEdge	(	NodeID	src,
		NodeID	dst,
		const LocationSet &	ls
	)

inline

Add Offset(Gep) edge.

Definition at line 357 of file PAGBuilder.h.

     {
         NormalGepPE *edge = pag->addNormalGepPE(src, dst, ls);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addNullPtrNode()

NodeID SVF::PAGBuilder::addNullPtrNode ( )

inline

Add NullPtr PAGNode.

let all undef value or non-determined pointers points-to black hole

Definition at line 259 of file PAGBuilder.h.

     {
         NodeID nullPtr = pag->addDummyValNode(pag->getNullPtr());
         LLVMContext &cxt = LLVMModuleSet::getLLVMModuleSet()->getContext();
         ConstantPointerNull *constNull = ConstantPointerNull::get(Type::getInt8PtrTy(cxt));
         setCurrentLocation(constNull, nullptr);
         addBlackHoleAddrEdge(pag->getBlkPtr());
         return nullPtr;
     }

◆ addRetEdge()

RetPE* SVF::PAGBuilder::addRetEdge	(	NodeID	src,
		NodeID	dst,
		const CallBlockNode *	cs
	)

inline

Add Return edge.

Definition at line 343 of file PAGBuilder.h.

     {
         RetPE *edge = pag->addRetPE(src, dst, cs);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addStoreEdge()

StorePE* SVF::PAGBuilder::addStoreEdge	(	NodeID	src,
		NodeID	dst
	)

inline

Add Store edge.

Definition at line 324 of file PAGBuilder.h.

     {
         IntraBlockNode* node;
         if(const Instruction* inst = SVFUtil::dyn_cast<Instruction>(curVal))
             node = pag->getICFG()->getIntraBlockNode(inst);
         else
             node = nullptr;
         StorePE *edge = pag->addStorePE(src, dst, node);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addThreadForkEdge()

TDForkPE* SVF::PAGBuilder::addThreadForkEdge	(	NodeID	src,
		NodeID	dst,
		const CallBlockNode *	cs
	)

inline

Add Thread fork edge for parameter passing.

Definition at line 371 of file PAGBuilder.h.

     {
         TDForkPE *edge = pag->addThreadForkPE(src, dst, cs);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addThreadJoinEdge()

TDJoinPE* SVF::PAGBuilder::addThreadJoinEdge	(	NodeID	src,
		NodeID	dst,
		const CallBlockNode *	cs
	)

inline

Add Thread join edge for parameter passing.

Definition at line 378 of file PAGBuilder.h.

     {
         TDJoinPE *edge = pag->addThreadJoinPE(src, dst, cs);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addUnaryOPEdge()

UnaryOPPE* SVF::PAGBuilder::addUnaryOPEdge	(	NodeID	src,
		NodeID	dst
	)

inline

Add Unary edge.

Definition at line 310 of file PAGBuilder.h.

     {
         UnaryOPPE *edge = pag->addUnaryOPPE(src, dst);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ addVariantGepEdge()

VariantGepPE* SVF::PAGBuilder::addVariantGepEdge	(	NodeID	src,
		NodeID	dst
	)

inline

Add Variant(Gep) edge.

Definition at line 364 of file PAGBuilder.h.

     {
         VariantGepPE *edge = pag->addVariantGepPE(src, dst);
         setCurrentBBAndValueForPAGEdge(edge);
         return edge;
     }

◆ build()

PAG * PAGBuilder::build ( SVFModule * svfModule )

virtual

Start building PAG here.

Start building PAG here

initial external library information initial PAG nodes

initial PAG edges:

// handle globals

handle functions

collect return node of function fun

Return PAG node will not be created for function which can not reach the return instruction due to call to abort(), exit(), etc. In 176.gcc of SPEC 2000, function build_objc_string() from c-lang.c shows an example when fun.doesNotReturn() evaluates to TRUE because of abort().

To be noted, we do not record arguments which are in declared function without body TODO: what about external functions with PAG imported by commandline?

Definition at line 47 of file PAGBuilder.cpp.

 {
 
     // We read PAG from a user-defined txt instead of parsing PAG from LLVM IR
     if (SVFModule::pagReadFromTXT())
     {
         PAGBuilderFromFile fileBuilder(SVFModule::pagFileName());
         return fileBuilder.build();
     }
 
     // If the PAG has been built before, then we return the unique PAG of the program
     if(pag->getNodeNumAfterPAGBuild() > 1)
         return pag;
 
     svfMod = svfModule;
 
     initialiseNodes();
     visitGlobal(svfModule);
 
     ExternalPAG::initialise(svfModule);
 
     for (SVFModule::iterator fit = svfModule->begin(), efit = svfModule->end();
             fit != efit; ++fit)
     {
         const SVFFunction& fun = **fit;
         if(!SVFUtil::isExtCall(&fun))
         {
             if(fun.getLLVMFun()->doesNotReturn() == false && fun.getLLVMFun()->getReturnType()->isVoidTy() == false)
                 pag->addFunRet(&fun,pag->getPAGNode(pag->getReturnNode(&fun)));
 
             for (Function::arg_iterator I = fun.getLLVMFun()->arg_begin(), E = fun.getLLVMFun()->arg_end();
                     I != E; ++I) {
                 setCurrentLocation(&*I,&fun.getLLVMFun()->getEntryBlock());
                 NodeID argValNodeId = pag->getValueNode(&*I);
                 // if this is the function does not have caller (e.g. main)
                 // or a dead function, shall we create a black hole address edge for it?
                 // it is (1) too conservative, and (2) make FormalParmVFGNode defined at blackhole address PAGEdge.
                 // if(SVFUtil::ArgInNoCallerFunction(&*I)) {
                 //    if(I->getType()->isPointerTy())
                 //        addBlackHoleAddrEdge(argValNodeId);
                 //}
                 pag->addFunArgs(&fun,pag->getPAGNode(argValNodeId));
             }
         }
         for (Function::iterator bit = fun.getLLVMFun()->begin(), ebit = fun.getLLVMFun()->end();
                 bit != ebit; ++bit)
         {
             BasicBlock& bb = *bit;
             for (BasicBlock::iterator it = bb.begin(), eit = bb.end();
                     it != eit; ++it)
             {
                 Instruction& inst = *it;
                 setCurrentLocation(&inst,&bb);
                 visit(inst);
             }
         }
     }
 
     sanityCheck();
 
     pag->initialiseCandidatePointers();
 
     pag->setNodeNumAfterPAGBuild(pag->getTotalNodeNum());
 
     return pag;
 }

◆ computeGepOffset()

bool PAGBuilder::computeGepOffset	(	const User *	V,
		LocationSet &	ls
	)

Compute offset of a gep instruction or gep constant expression.

Return the object node offset according to GEP insn (V). Given a gep edge p = q + i, if "i" is a constant then we return its offset size otherwise if "i" is a variable determined by runtime, then it is a variant offset Return TRUE if the offset of this GEP insn is a constant.

Definition at line 208 of file PAGBuilder.cpp.

 {
     return SymbolTableInfo::SymbolInfo()->computeGepOffset(V,ls);
 }

◆ getBaseTypeAndFlattenedFields()

const Type * PAGBuilder::getBaseTypeAndFlattenedFields	(	Value *	V,
		std::vector< LocationSet > &	fields
	)

Find the base type and the max possible offset of an object pointed to by (V).

Definition at line 903 of file PAGBuilder.cpp.

 {
     return SymbolTableInfo::SymbolInfo()->getBaseTypeAndFlattenedFields(V, fields);
 }

◆ getCurrentBB()

const BasicBlock* SVF::PAGBuilder::getCurrentBB ( ) const

inline

Definition at line 243 of file PAGBuilder.h.

     {
         return curBB;
     }

◆ getCurrentValue()

const Value* SVF::PAGBuilder::getCurrentValue ( ) const

inline

Definition at line 239 of file PAGBuilder.h.

     {
         return curVal;
     }

◆ getGepValNode()

NodeID PAGBuilder::getGepValNode	(	const Value *	val,
		const LocationSet &	ls,
		const Type *	baseType,
		u32_t	fieldidx
	)

Add a temp field value node according to base value and offset this node is after the initial node method, it is out of scope of symInfo table

Definition at line 1385 of file PAGBuilder.cpp.

 {
     NodeID base = pag->getBaseValNode(getValueNode(val));
     NodeID gepval = pag->getGepValNode(curVal, base, ls);
     if (gepval==UINT_MAX)
     {
         assert(UINT_MAX==-1 && "maximum limit of unsigned int is not -1?");
         /*
          * getGepValNode can only be called from two places:
          * 1. PAGBuilder::addComplexConsForExt to handle external calls
          * 2. PAGBuilder::getGlobalVarField to initialize global variable
          * so curVal can only be
          * 1. Instruction
          * 2. GlobalVariable
          */
         assert((SVFUtil::isa<Instruction>(curVal) || SVFUtil::isa<GlobalVariable>(curVal)) && "curVal not an instruction or a globalvariable?");
         const std::vector<FieldInfo> &fieldinfo = SymbolTableInfo::SymbolInfo()->getFlattenFieldInfoVec(baseType);
         const Type *type = fieldinfo[fieldidx].getFlattenElemTy();
 
         // We assume every GepValNode and its GepEdge to the baseNode are unique across the whole program
         // We preserve the current BB information to restore it after creating the gepNode
         const Value* cval = getCurrentValue();
         const BasicBlock* cbb = getCurrentBB();
         setCurrentLocation(curVal, nullptr);
         NodeID gepNode= pag->addGepValNode(curVal, val,ls, NodeIDAllocator::get()->allocateValueId(),type,fieldidx);
         addGepEdge(base, gepNode, ls, true);
         setCurrentLocation(cval, cbb);
         return gepNode;
     }
     else
         return gepval;
 }

◆ getGlobalVarField()

NodeID PAGBuilder::getGlobalVarField	(	const GlobalVariable *	gvar,
		u32_t	offset
	)

Get the field of the global variable node FIXME:Here we only get the field that actually used in the program We ignore the initialization of global variable field that not used in the program

if we did not find the constant expression in the program, then we need to create a gep node for this field

Definition at line 344 of file PAGBuilder.cpp.

 {
 
     // if the global variable do not have any field needs to be initialized
     if (offset == 0 && gvar->getInitializer()->getType()->isSingleValueType())
     {
         return getValueNode(gvar);
     }
     else
     {
         const Type *gvartype = gvar->getType();
         while (const PointerType *ptype = SVFUtil::dyn_cast<PointerType>(gvartype))
             gvartype = ptype->getElementType();
         return getGepValNode(gvar, LocationSet(offset), gvartype, offset);
     }
 }

◆ getObjectNode()

NodeID SVF::PAGBuilder::getObjectNode ( const Value * V )

inline

GetObject - Return the object node (stack/global/heap/function) according to a LLVM Value.

Definition at line 95 of file PAGBuilder.h.

     {
         return pag->getObjectNode(V);
     }

◆ getPAG()

PAG* SVF::PAGBuilder::getPAG ( ) const

inline

Return PAG.

Definition at line 67 of file PAGBuilder.h.

     {
         return pag;
     }

◆ getReturnNode()

NodeID SVF::PAGBuilder::getReturnNode ( const SVFFunction * func )

inline

getReturnNode - Return the node representing the unique return value of a function.

Definition at line 101 of file PAGBuilder.h.

     {
         return pag->getReturnNode(func);
     }

◆ getValueNode()

NodeID SVF::PAGBuilder::getValueNode ( const Value * V )

inline

Get different kinds of node.

Definition at line 85 of file PAGBuilder.h.

     {
         // first handle gep edge if val if a constant expression
         processCE(V);
 
         // strip off the constant cast and return the value node
         return pag->getValueNode(V);
     }

◆ getVarargNode()

NodeID SVF::PAGBuilder::getVarargNode ( const SVFFunction * func )

inline

getVarargNode - Return the node representing the unique variadic argument of a function.

Definition at line 107 of file PAGBuilder.h.

     {
         return pag->getVarargNode(func);
     }

◆ handleDirectCall()

void PAGBuilder::handleDirectCall	(	CallSite	cs,
		const SVFFunction *	F
	)

Handle direct call.

Add the constraints for a direct, non-external call.

FIXME: this assertion should be placed for correct checking except bug program like 188.ammp, 300.twolf

Definition at line 837 of file PAGBuilder.cpp.

 {
 
     assert(F);
 
     DBOUT(DPAGBuild,
           outs() << "handle direct call " << *cs.getInstruction() << " callee " << *F << "\n");
 
     //Only handle the ret.val. if it's used as a ptr.
     NodeID dstrec = getValueNode(cs.getInstruction());
     //Does it actually return a ptr?
     if (!cs.getType()->isVoidTy())
     {
         NodeID srcret = getReturnNode(F);
         CallBlockNode* icfgNode = pag->getICFG()->getCallBlockNode(cs.getInstruction());
         addRetEdge(srcret, dstrec,icfgNode);
     }
     //Iterators for the actual and formal parameters
     CallSite::arg_iterator itA = cs.arg_begin(), ieA = cs.arg_end();
     Function::const_arg_iterator itF = F->getLLVMFun()->arg_begin(), ieF = F->getLLVMFun()->arg_end();
     //Go through the fixed parameters.
     DBOUT(DPAGBuild, outs() << "      args:");
     for (; itF != ieF; ++itA, ++itF)
     {
         //Some programs (e.g. Linux kernel) leave unneeded parameters empty.
         if (itA == ieA)
         {
             DBOUT(DPAGBuild, outs() << " !! not enough args\n");
             break;
         }
         const Value *AA = *itA, *FA = &*itF; //current actual/formal arg
 
         DBOUT(DPAGBuild, outs() << "process actual parm  " << *AA << " \n");
 
         NodeID dstFA = getValueNode(FA);
         NodeID srcAA = getValueNode(AA);
         CallBlockNode* icfgNode = pag->getICFG()->getCallBlockNode(cs.getInstruction());
         addCallEdge(srcAA, dstFA, icfgNode);
     }
     //Any remaining actual args must be varargs.
     if (F->getLLVMFun()->isVarArg())
     {
         NodeID vaF = getVarargNode(F);
         DBOUT(DPAGBuild, outs() << "\n      varargs:");
         for (; itA != ieA; ++itA)
         {
             Value *AA = *itA;
             NodeID vnAA = getValueNode(AA);
             CallBlockNode* icfgNode = pag->getICFG()->getCallBlockNode(cs.getInstruction());
             addCallEdge(vnAA,vaF, icfgNode);
         }
     }
     if(itA != ieA)
     {
         writeWrnMsg("too many args to non-vararg func.");
         writeWrnMsg("(" + getSourceLoc(cs.getInstruction()) + ")");
 
     }
 }

◆ handleExtCall()

void PAGBuilder::handleExtCall	(	CallSite	cs,
		const SVFFunction *	callee
	)

virtual

Handle external call.

Handle external calls

this case is for strcpy(dst,src); to maintain its semantics we will store src to the base of dst instead of dst. dst = load base store src base

create inter-procedural PAG edges for thread forks

pthread_create has 1 arg. apr_thread_create has 2 arg.

Connect actual parameter to formal parameter of the start routine

handle indirect calls at pthread create APIs e.g., pthread_create(&t1, nullptr, fp, ...); const Value* fun = ThreadAPI::getThreadAPI()->getForkedFun(inst); if(!SVFUtil::isa<Function>(fun)) pag->addIndirectCallsites(cs,pag->getValueNode(fun));

If forkedFun does not pass to spawnee as function type but as void pointer remember to update inter-procedural callgraph/PAG/SVFG etc. when indirect call targets are resolved We don't connect the callgraph here, further investigation is need to hanle mod-ref during SVFG construction.

create inter-procedural PAG edges for hare_parallel_for calls

The task function of hare_parallel_for has 3 args.

Connect actual parameter to formal parameter of the start routine

handle indirect calls at hare_parallel_for (e.g., hare_parallel_for(..., fp, ...); const Value* fun = ThreadAPI::getThreadAPI()->getForkedFun(inst); if(!SVFUtil::isa<Function>(fun)) pag->addIndirectCallsites(cs,pag->getValueNode(fun));

TODO: inter-procedural PAG edges for thread joins

Definition at line 952 of file PAGBuilder.cpp.

 {
     const Instruction* inst = cs.getInstruction();
     if (isHeapAllocOrStaticExtCall(cs))
     {
         // case 1: ret = new obj
         if (isHeapAllocExtCallViaRet(cs) || isStaticExtCall(cs))
         {
             NodeID val = getValueNode(inst);
             NodeID obj = getObjectNode(inst);
             addAddrEdge(obj, val);
         }
         // case 2: *arg = new obj
         else
         {
             assert(isHeapAllocExtCallViaArg(cs) && "Must be heap alloc call via arg.");
             int arg_pos = getHeapAllocHoldingArgPosition(callee);
             const Value *arg = cs.getArgument(arg_pos);
             if (arg->getType()->isPointerTy())
             {
                 NodeID vnArg = getValueNode(arg);
                 NodeID dummy = pag->addDummyValNode();
                 NodeID obj = pag->addDummyObjNode();
                 if (vnArg && dummy && obj)
                 {
                     addAddrEdge(obj, dummy);
                     addStoreEdge(dummy, vnArg);
                 }
             }
             else
             {
                 writeWrnMsg("Arg receiving new object must be pointer type");
             }
         }
     }
     else
     {
         if(isExtCall(callee))
         {
             ExtAPI::extf_t tF= extCallTy(callee);
             switch(tF)
             {
             case ExtAPI::EFT_REALLOC:
             {
                 if(!SVFUtil::isa<PointerType>(inst->getType()))
                     break;
                 // e.g. void *realloc(void *ptr, size_t size)
                 // if ptr is null then we will treat it as a malloc
                 // if ptr is not null, then we assume a new data memory will be attached to
                 // the tail of old allocated memory block.
                 if(SVFUtil::isa<ConstantPointerNull>(cs.getArgument(0)))
                 {
                     NodeID val = getValueNode(inst);
                     NodeID obj = getObjectNode(inst);
                     addAddrEdge(obj, val);
                 }
                 break;
             }
             case ExtAPI::EFT_L_A0:
             case ExtAPI::EFT_L_A1:
             case ExtAPI::EFT_L_A2:
             case ExtAPI::EFT_L_A8:
             {
                 if(!SVFUtil::isa<PointerType>(inst->getType()))
                     break;
                 NodeID dstNode = getValueNode(inst);
                 Size_t arg_pos;
                 switch(tF)
                 {
                 case ExtAPI::EFT_L_A1:
                     arg_pos= 1;
                     break;
                 case ExtAPI::EFT_L_A2:
                     arg_pos= 2;
                     break;
                 case ExtAPI::EFT_L_A8:
                     arg_pos= 8;
                     break;
                 default:
                     arg_pos= 0;
                 }
                 Value *src= cs.getArgument(arg_pos);
                 if(SVFUtil::isa<PointerType>(src->getType()))
                 {
                     NodeID srcNode = getValueNode(src);
                     addCopyEdge(srcNode, dstNode);
                 }
                 else
                     addBlackHoleAddrEdge(dstNode);
                 break;
                 break;
             }
             case ExtAPI::EFT_L_A0__A0R_A1:
             {
                 // this is only for memset(void *str, int c, size_t n)
                 // which copies the character c (an unsigned char) to the first n characters of the string pointed to, by the argument str
                 // However, the second argument is non-pointer, thus we can not use addComplexConsForExt
                 // addComplexConsForExt(cs.getArgument(0), cs.getArgument(1));
                 if(SVFUtil::isa<PointerType>(inst->getType()))
                     addCopyEdge(getValueNode(cs.getArgument(0)), getValueNode(inst));
                 break;
             }
             case ExtAPI::EFT_L_A0__A0R_A1R:
             {
                 addComplexConsForExt(cs.getArgument(0), cs.getArgument(1));
                 //memcpy returns the dest.
                 if(SVFUtil::isa<PointerType>(inst->getType()))
                 {
                     addCopyEdge(getValueNode(cs.getArgument(0)), getValueNode(inst));
                 }
                 break;
             }
             case ExtAPI::EFT_A1R_A0R:
                 addComplexConsForExt(cs.getArgument(1), cs.getArgument(0));
                 break;
             case ExtAPI::EFT_A3R_A1R_NS:
                 //These func. are never used to copy structs, so the size is 1.
                 addComplexConsForExt(cs.getArgument(3), cs.getArgument(1), 1);
                 break;
             case ExtAPI::EFT_A1R_A0:
             {
                 NodeID vnD= getValueNode(cs.getArgument(1));
                 NodeID vnS= getValueNode(cs.getArgument(0));
                 if(vnD && vnS)
                     addStoreEdge(vnS,vnD);
                 break;
             }
             case ExtAPI::EFT_A2R_A1:
             {
                 NodeID vnD= getValueNode(cs.getArgument(2));
                 NodeID vnS= getValueNode(cs.getArgument(1));
                 if(vnD && vnS)
                     addStoreEdge(vnS,vnD);
                 break;
             }
             case ExtAPI::EFT_A4R_A1:
             {
                 NodeID vnD= getValueNode(cs.getArgument(4));
                 NodeID vnS= getValueNode(cs.getArgument(1));
                 if(vnD && vnS)
                     addStoreEdge(vnS,vnD);
                 break;
             }
             case ExtAPI::EFT_L_A0__A1_A0:
             {
                 if (const LoadInst *load = SVFUtil::dyn_cast<LoadInst>(cs.getArgument(0))) {
                     addStoreEdge(getValueNode(cs.getArgument(1)), getValueNode(load->getPointerOperand()));
                     if (SVFUtil::isa<PointerType>(inst->getType()))
                         addLoadEdge(getValueNode(load->getPointerOperand()), getValueNode(inst));
                 }
 //              else if (const GetElementPtrInst *gep = SVFUtil::dyn_cast<GetElementPtrInst>(cs.getArgument(0))) {
 //                  addStoreEdge(getValueNode(cs.getArgument(1)), getValueNode(cs.getArgument(0)));
 //                  if (SVFUtil::isa<PointerType>(inst->getType()))
 //                      addCopyEdge(getValueNode(cs.getArgument(0)), getValueNode(inst));
 //              }
                 break;
             }
             case ExtAPI::EFT_L_A0__A2R_A0:
             {
                 if(SVFUtil::isa<PointerType>(inst->getType()))
                 {
                     //Do the L_A0 part if the retval is used.
                     NodeID vnD= getValueNode(inst);
                     Value *src= cs.getArgument(0);
                     if(SVFUtil::isa<PointerType>(src->getType()))
                     {
                         NodeID vnS= getValueNode(src);
                         if(vnS)
                             addCopyEdge(vnS,vnD);
                     }
                     else
                         addBlackHoleAddrEdge(vnD);
                 }
                 //Do the A2R_A0 part.
                 NodeID vnD= getValueNode(cs.getArgument(2));
                 NodeID vnS= getValueNode(cs.getArgument(0));
                 if(vnD && vnS)
                     addStoreEdge(vnS,vnD);
                 break;
             }
             case ExtAPI::EFT_A0R_NEW:
             case ExtAPI::EFT_A1R_NEW:
             case ExtAPI::EFT_A2R_NEW:
             case ExtAPI::EFT_A4R_NEW:
             case ExtAPI::EFT_A11R_NEW:
             {
                 assert(!"Alloc via arg cases are not handled here.");
                 break;
             }
             case ExtAPI::EFT_ALLOC:
             case ExtAPI::EFT_NOSTRUCT_ALLOC:
             case ExtAPI::EFT_STAT:
             case ExtAPI::EFT_STAT2:
                 if(SVFUtil::isa<PointerType>(inst->getType()))
                     assert(!"alloc type func. are not handled here");
                 else
                 {
                     // fdopen will return an integer in LLVM IR.
                     writeWrnMsg("alloc type func do not return pointer type");
                 }
                 break;
             case ExtAPI::EFT_NOOP:
             case ExtAPI::EFT_FREE:
                 break;
             case ExtAPI::EFT_STD_RB_TREE_INSERT_AND_REBALANCE:
             {
                 Value *vArg1 = cs.getArgument(1);
                 Value *vArg3 = cs.getArgument(3);
 
                 // We have vArg3 points to the entry of _Rb_tree_node_base { color; parent; left; right; }.
                 // Now we calculate the offset from base to vArg3
                 NodeID vnArg3 = pag->getValueNode(vArg3);
                 Size_t offset = pag->getLocationSetFromBaseNode(vnArg3).getOffset();
 
                 // We get all flattened fields of base
                 vector<LocationSet> fields;
                 const Type *type = getBaseTypeAndFlattenedFields(vArg3, fields);
                 assert(fields.size() >= 4 && "_Rb_tree_node_base should have at least 4 fields.\n");
 
                 // We summarize the side effects: arg3->parent = arg1, arg3->left = arg1, arg3->right = arg1
                 // Note that arg0 is aligned with "offset".
                 for (int i = offset + 1; i <= offset + 3; ++i)
                 {
                     NodeID vnD = getGepValNode(vArg3, fields[i], type, i);
                     NodeID vnS = getValueNode(vArg1);
                     if(vnD && vnS)
                         addStoreEdge(vnS,vnD);
                 }
                 break;
             }
             case ExtAPI::EFT_STD_RB_TREE_INCREMENT:
             {
                 NodeID vnD = pag->getValueNode(inst);
 
                 Value *vArg = cs.getArgument(0);
                 NodeID vnArg = pag->getValueNode(vArg);
                 Size_t offset = pag->getLocationSetFromBaseNode(vnArg).getOffset();
 
                 // We get all fields
                 vector<LocationSet> fields;
                 const Type *type = getBaseTypeAndFlattenedFields(vArg,fields);
                 assert(fields.size() >= 4 && "_Rb_tree_node_base should have at least 4 fields.\n");
 
                 // We summarize the side effects: ret = arg->parent, ret = arg->left, ret = arg->right
                 // Note that arg0 is aligned with "offset".
                 for (int i = offset + 1; i <= offset + 3; ++i)
                 {
                     NodeID vnS = getGepValNode(vArg, fields[i], type, i);
                     if(vnD && vnS)
                         addStoreEdge(vnS,vnD);
                 }
                 break;
             }
             case ExtAPI::EFT_STD_LIST_HOOK:
             {
                 Value *vSrc = cs.getArgument(0);
                 Value *vDst = cs.getArgument(1);
                 NodeID src = pag->getValueNode(vSrc);
                 NodeID dst = pag->getValueNode(vDst);
                 addStoreEdge(src, dst);
                 break;
             }
             case ExtAPI::CPP_EFT_A0R_A1:
             {
                 SymbolTableInfo* symTable = SymbolTableInfo::SymbolInfo();
                 if (symTable->getModelConstants())
                 {
                     NodeID vnD = pag->getValueNode(cs.getArgument(0));
                     NodeID vnS = pag->getValueNode(cs.getArgument(1));
                     addStoreEdge(vnS, vnD);
                 }
                 break;
             }
             case ExtAPI::CPP_EFT_A0R_A1R:
             {
                 SymbolTableInfo* symTable = SymbolTableInfo::SymbolInfo();
                 if (symTable->getModelConstants())
                 {
                     NodeID vnD = getValueNode(cs.getArgument(0));
                     NodeID vnS = getValueNode(cs.getArgument(1));
                     assert(vnD && vnS && "dst or src not exist?");
                     NodeID dummy = pag->addDummyValNode();
                     addLoadEdge(vnS,dummy);
                     addStoreEdge(dummy,vnD);
                 }
                 break;
             }
             case ExtAPI::CPP_EFT_A1R:
             {
                 SymbolTableInfo* symTable = SymbolTableInfo::SymbolInfo();
                 if (symTable->getModelConstants())
                 {
                     NodeID vnS = getValueNode(cs.getArgument(1));
                     assert(vnS && "src not exist?");
                     NodeID dummy = pag->addDummyValNode();
                     addLoadEdge(vnS,dummy);
                 }
                 break;
             }
             case ExtAPI::CPP_EFT_DYNAMIC_CAST:
             {
                 Value *vArg0 = cs.getArgument(0);
                 Value *retVal = cs.getInstruction();
                 NodeID src = getValueNode(vArg0);
                 assert(src && "src not exist?");
                 NodeID dst = getValueNode(retVal);
                 assert(dst && "dst not exist?");
                 addCopyEdge(src, dst);
                 break;
             }
             case ExtAPI::EFT_CXA_BEGIN_CATCH:
             {
                 break;
             }
             //default:
             case ExtAPI::EFT_OTHER:
             {
                 if(SVFUtil::isa<PointerType>(inst->getType()))
                 {
                     std::string str;
                     raw_string_ostream rawstr(str);
                     rawstr << "function " << callee->getName() << " not in the external function summary list";
                     writeWrnMsg(rawstr.str());
                     //assert("unknown ext.func type");
                 }
             }
             }
         }
 
         if(isThreadForkCall(inst))
         {
             if(const Function* forkedFun = getLLVMFunction(getForkedFun(inst)) )
             {
                 forkedFun = getDefFunForMultipleModule(forkedFun)->getLLVMFun();
                 const Value* actualParm = getActualParmAtForkSite(inst);
                 assert((forkedFun->arg_size() <= 2) && "Size of formal parameter of start routine should be one");
                 if(forkedFun->arg_size() <= 2 && forkedFun->arg_size() >= 1)
                 {
                     const Argument* formalParm = &(*forkedFun->arg_begin());
                     if(SVFUtil::isa<PointerType>(actualParm->getType()) && SVFUtil::isa<PointerType>(formalParm->getType()) )
                     {
                         CallBlockNode* icfgNode = pag->getICFG()->getCallBlockNode(inst);
                         addThreadForkEdge(pag->getValueNode(actualParm), pag->getValueNode(formalParm),icfgNode);
                     }
                 }
             }
             else
             {
             }
         }
 
         else if(isHareParForCall(inst))
         {
             if(const Function* taskFunc = getLLVMFunction(getTaskFuncAtHareParForSite(inst)) )
             {
                 assert((taskFunc->arg_size() == 3) && "Size of formal parameter of hare_parallel_for's task routine should be 3");
                 const Value* actualParm = getTaskDataAtHareParForSite(inst);
                 const Argument* formalParm = &(*taskFunc->arg_begin());
                 if(SVFUtil::isa<PointerType>(actualParm->getType()) && SVFUtil::isa<PointerType>(formalParm->getType()) )
                 {
                     CallBlockNode* icfgNode = pag->getICFG()->getCallBlockNode(inst);
                     addThreadForkEdge(pag->getValueNode(actualParm), pag->getValueNode(formalParm),icfgNode);
                 }
             }
             else
             {
             }
         }
 
     }
 }

◆ handleIndCall()

void PAGBuilder::handleIndCall ( CallSite cs )

Handle indirect call.

Indirect call is resolved on-the-fly during pointer analysis

Definition at line 1350 of file PAGBuilder.cpp.

 {
     const CallBlockNode* cbn = pag->getICFG()->getCallBlockNode(cs.getInstruction());
     pag->addIndirectCallsites(cbn,pag->getValueNode(cs.getCalledValue()));
 }

◆ InitialGlobal()

void PAGBuilder::InitialGlobal	(	const GlobalVariable *	gvar,
		Constant *	C,
		u32_t	offset
	)

src should not point to anything yet

Definition at line 374 of file PAGBuilder.cpp.

 {
     DBOUT(DPAGBuild,
           outs() << "global " << *gvar << " constant initializer: " << *C
           << "\n");
 
     if (C->getType()->isSingleValueType())
     {
         NodeID src = getValueNode(C);
         // get the field value if it is avaiable, otherwise we create a dummy field node.
         setCurrentLocation(gvar, nullptr);
         NodeID field = getGlobalVarField(gvar, offset);
 
         if (SVFUtil::isa<GlobalVariable>(C) || SVFUtil::isa<Function>(C))
         {
             setCurrentLocation(C, nullptr);
             addStoreEdge(src, field);
         }
         else if (SVFUtil::isa<ConstantExpr>(C))
         {
             // add gep edge of C1 itself is a constant expression
             processCE(C);
             setCurrentLocation(C, nullptr);
             addStoreEdge(src, field);
         }
         else if (SVFUtil::isa<BlockAddress>(C))
         {
             // blockaddress instruction (e.g. i8* blockaddress(@run_vm, %182))
             // is treated as constant data object for now, see LLVMUtil.h:397, SymbolTableInfo.cpp:674 and PAGBuilder.cpp:183-194
             processCE(C);
             setCurrentLocation(C, nullptr);
             addAddrEdge(pag->getConstantNode(), src);
         }
         else
         {
             setCurrentLocation(C, nullptr);
             addStoreEdge(src, field);
             if (C->getType()->isPtrOrPtrVectorTy() && src != pag->getNullPtr())
                 addCopyEdge(pag->getNullPtr(), src);
         }
     }
     else if (SVFUtil::isa<ConstantArray>(C))
     {
         if (cppUtil::isValVtbl(gvar) == false)
             for (u32_t i = 0, e = C->getNumOperands(); i != e; i++)
                 InitialGlobal(gvar, SVFUtil::cast<Constant>(C->getOperand(i)), offset);
 
     }
     else if (SVFUtil::isa<ConstantStruct>(C))
     {
         const StructType *sty = SVFUtil::cast<StructType>(C->getType());
         const std::vector<u32_t>& offsetvect =
             SymbolTableInfo::SymbolInfo()->getFattenFieldIdxVec(sty);
         for (u32_t i = 0, e = C->getNumOperands(); i != e; i++)
         {
             u32_t off = offsetvect[i];
             InitialGlobal(gvar, SVFUtil::cast<Constant>(C->getOperand(i)), offset + off);
         }
 
     }
     else
     {
         //TODO:assert(false,"what else do we have");
     }
 }

◆ initialiseNodes()

void PAGBuilder::initialiseNodes ( )

Initialize nodes and edges.

add address edges for constant nodes.

Definition at line 131 of file PAGBuilder.cpp.

 {
     DBOUT(DPAGBuild, outs() << "Initialise PAG Nodes ...\n");
 
     SymbolTableInfo* symTable = SymbolTableInfo::SymbolInfo();
 
     pag->addBlackholeObjNode();
     pag->addConstantObjNode();
     pag->addBlackholePtrNode();
     addNullPtrNode();
 
     for (SymbolTableInfo::ValueToIDMapTy::iterator iter =
                 symTable->valSyms().begin(); iter != symTable->valSyms().end();
             ++iter)
     {
         DBOUT(DPAGBuild, outs() << "add val node " << iter->second << "\n");
         if(iter->second == symTable->blkPtrSymID() || iter->second == symTable->nullPtrSymID())
             continue;
         pag->addValNode(iter->first, iter->second);
     }
 
     for (SymbolTableInfo::ValueToIDMapTy::iterator iter =
                 symTable->objSyms().begin(); iter != symTable->objSyms().end();
             ++iter)
     {
         DBOUT(DPAGBuild, outs() << "add obj node " << iter->second << "\n");
         if(iter->second == symTable->blackholeSymID() || iter->second == symTable->constantSymID())
             continue;
         pag->addObjNode(iter->first, iter->second);
     }
 
     for (SymbolTableInfo::FunToIDMapTy::iterator iter =
                 symTable->retSyms().begin(); iter != symTable->retSyms().end();
             ++iter)
     {
         DBOUT(DPAGBuild, outs() << "add ret node " << iter->second << "\n");
         const SVFFunction* fun = LLVMModuleSet::getLLVMModuleSet()->getSVFFunction(iter->first);
         pag->addRetNode(fun, iter->second);
     }
 
     for (SymbolTableInfo::FunToIDMapTy::iterator iter =
                 symTable->varargSyms().begin();
             iter != symTable->varargSyms().end(); ++iter)
     {
         DBOUT(DPAGBuild, outs() << "add vararg node " << iter->second << "\n");
         const SVFFunction* fun = LLVMModuleSet::getLLVMModuleSet()->getSVFFunction(iter->first);
         pag->addVarargNode(fun, iter->second);
     }
 
     for (SymbolTableInfo::ValueToIDMapTy::iterator iter =
                 symTable->objSyms().begin(); iter != symTable->objSyms().end(); ++iter)
     {
         DBOUT(DPAGBuild, outs() << "add address edges for constant node " << iter->second << "\n");
         const Value* val = iter->first;
         if (symTable->isConstantObjSym(val))
         {
             NodeID ptr = pag->getValueNode(val);
             if(ptr!= pag->getBlkPtr() && ptr!= pag->getNullPtr())
             {
                 setCurrentLocation(val, nullptr);
                 addAddrEdge(iter->second, ptr);
             }
         }
     }
 
     assert(pag->getTotalNodeNum() >= symTable->getTotalSymNum()
            && "not all node been inititalize!!!");
 
 }

◆ processCE()

void PAGBuilder::processCE ( const Value * val )

Process constant expression.

Handle constant expression, and connect the gep edge

Definition at line 216 of file PAGBuilder.cpp.

 {
     if (const Constant* ref = SVFUtil::dyn_cast<Constant>(val))
     {
         if (const ConstantExpr* gepce = isGepConstantExpr(ref))
         {
             DBOUT(DPAGBuild,
                   outs() << "handle gep constant expression " << *ref << "\n");
             const Constant* opnd = gepce->getOperand(0);
             // handle recursive constant express case (gep (bitcast (gep X 1)) 1)
             processCE(opnd);
             LocationSet ls;
             bool constGep = computeGepOffset(gepce, ls);
             // must invoke pag methods here, otherwise it will be a dead recursion cycle
             const Value* cval = getCurrentValue();
             const BasicBlock* cbb = getCurrentBB();
             setCurrentLocation(gepce, nullptr);
             /*
              * The gep edge created are like constexpr (same edge may appear at multiple callsites)
              * so bb/inst of this edge may be rewritten several times, we treat it as global here.
              */
             addGepEdge(pag->getValueNode(opnd), pag->getValueNode(gepce), ls, constGep);
             setCurrentLocation(cval, cbb);
         }
         else if (const ConstantExpr* castce = isCastConstantExpr(ref))
         {
             DBOUT(DPAGBuild,
                   outs() << "handle cast constant expression " << *ref << "\n");
             const Constant* opnd = castce->getOperand(0);
             processCE(opnd);
             const Value* cval = getCurrentValue();
             const BasicBlock* cbb = getCurrentBB();
             setCurrentLocation(castce, nullptr);
             addCopyEdge(pag->getValueNode(opnd), pag->getValueNode(castce));
             setCurrentLocation(cval, cbb);
         }
         else if (const ConstantExpr* selectce = isSelectConstantExpr(ref))
         {
             DBOUT(DPAGBuild,
                   outs() << "handle select constant expression " << *ref << "\n");
             const Constant* src1 = selectce->getOperand(1);
             const Constant* src2 = selectce->getOperand(2);
             processCE(src1);
             processCE(src2);
             const Value* cval = getCurrentValue();
             const BasicBlock* cbb = getCurrentBB();
             setCurrentLocation(selectce, nullptr);
             NodeID nsrc1 = pag->getValueNode(src1);
             NodeID nsrc2 = pag->getValueNode(src2);
             NodeID nres = pag->getValueNode(selectce);
             const CopyPE* cpy1 = addCopyEdge(nsrc1, nres);
             const CopyPE* cpy2 = addCopyEdge(nsrc2, nres);
             pag->addPhiNode(pag->getPAGNode(nres),cpy1);
             pag->addPhiNode(pag->getPAGNode(nres),cpy2);
             setCurrentLocation(cval, cbb);
         }
         // if we meet a int2ptr, then it points-to black hole
         else if (const ConstantExpr* int2Ptrce = isInt2PtrConstantExpr(ref))
         {
             addGlobalBlackHoleAddrEdge(pag->getValueNode(int2Ptrce), int2Ptrce);
         }
         else if (const ConstantExpr* ptr2Intce = isPtr2IntConstantExpr(ref))
         {
             const Constant* opnd = ptr2Intce->getOperand(0);
             processCE(opnd);
             const BasicBlock* cbb = getCurrentBB();
             const Value* cval = getCurrentValue();
             setCurrentLocation(ptr2Intce, nullptr);
             addCopyEdge(pag->getValueNode(opnd), pag->getValueNode(ptr2Intce));
             setCurrentLocation(cval, cbb);
         }
         else if(isTruncConstantExpr(ref) || isCmpConstantExpr(ref))
         {
             // we don't handle trunc and cmp instruction for now
             const Value* cval = getCurrentValue();
             const BasicBlock* cbb = getCurrentBB();
             setCurrentLocation(ref, nullptr);
             NodeID dst = pag->getValueNode(ref);
             addBlackHoleAddrEdge(dst);
             setCurrentLocation(cval, cbb);
         }
         else if (isBinaryConstantExpr(ref))
         {
             // we don't handle binary constant expression like add(x,y) now
             const Value* cval = getCurrentValue();
             const BasicBlock* cbb = getCurrentBB();
             setCurrentLocation(ref, nullptr);
             NodeID dst = pag->getValueNode(ref);
             addBlackHoleAddrEdge(dst);
             setCurrentLocation(cval, cbb);
         }
         else if (isUnaryConstantExpr(ref))
         {
             // we don't handle unary constant expression like fneg(x) now
             const Value* cval = getCurrentValue();
             const BasicBlock* cbb = getCurrentBB();
             setCurrentLocation(ref, nullptr);
             NodeID dst = pag->getValueNode(ref);
             addBlackHoleAddrEdge(dst);
             setCurrentLocation(cval, cbb);
         }
         else if (SVFUtil::isa<ConstantAggregate>(ref))
         {
             // we don't handle constant agrgregate like constant vectors
         }
         else if (SVFUtil::isa<BlockAddress>(ref))
         {
             // blockaddress instruction (e.g. i8* blockaddress(@run_vm, %182))
             // is treated as constant data object for now, see LLVMUtil.h:397, SymbolTableInfo.cpp:674 and PAGBuilder.cpp:183-194
             const Value *cval = getCurrentValue();
             const BasicBlock *cbb = getCurrentBB();
             setCurrentLocation(ref, nullptr);
             NodeID dst = pag->getValueNode(ref);
             addAddrEdge(pag->getConstantNode(), dst);
             setCurrentLocation(cval, cbb);
         }
         else
         {
             if(SVFUtil::isa<ConstantExpr>(val))
                 assert(false && "we don't handle all other constant expression for now!");
         }
     }
 }

◆ sanityCheck()

void PAGBuilder::sanityCheck ( )

Sanity check for PAG.

Definition at line 1359 of file PAGBuilder.cpp.

 {
     for (PAG::iterator nIter = pag->begin(); nIter != pag->end(); ++nIter)
     {
         (void) pag->getPAGNode(nIter->first);
         //TODO::
         // (1)  every source(root) node of a pag tree should be object node
         //       if a node has no incoming edge, but has outgoing edges
         //       then it has to be an object node.
         // (2)  make sure every variable should be initialized
         //      otherwise it causes the a null pointer, the aliasing relation may not be captured
         //      when loading a pointer value should make sure
         //      some value has been store into this pointer before
         //      q = load p, some value should stored into p first like store w p;
         // (3)  make sure PAGNode should not have a const expr value (pointer should have unique def)
         // (4)  look closely into addComplexConsForExt, make sure program locations(e.g.,inst bb)
         //      are set correctly for dummy gepval node
         // (5)  reduce unnecessary copy edge (const casts) and ensure correctness.
     }
 }

◆ setCurrentBBAndValueForPAGEdge()

void PAGBuilder::setCurrentBBAndValueForPAGEdge ( PAGEdge * edge )

We assume every GepValPN and its GepPE are unique across whole program

Definition at line 1432 of file PAGBuilder.cpp.

 {
     if (SVFModule::pagReadFromTXT())
         return;
 
     assert(curVal && "current Val is nullptr?");
     edge->setBB(curBB);
     edge->setValue(curVal);
     ICFGNode* icfgNode = pag->getICFG()->getGlobalBlockNode();
     if (const Instruction *curInst = SVFUtil::dyn_cast<Instruction>(curVal))
     {
         const Function* srcFun = edge->getSrcNode()->getFunction();
         const Function* dstFun = edge->getDstNode()->getFunction();
         if(srcFun!=nullptr && !SVFUtil::isa<RetPE>(edge) && !SVFUtil::isa<Function>(edge->getSrcNode()->getValue())) {
             assert(srcFun==curInst->getFunction() && "SrcNode of the PAGEdge not in the same function?");
         }
         if(dstFun!=nullptr && !SVFUtil::isa<CallPE>(edge) && !SVFUtil::isa<Function>(edge->getDstNode()->getValue())) {
             assert(dstFun==curInst->getFunction() && "DstNode of the PAGEdge not in the same function?");
         }
 
         if (!(SVFUtil::isa<GepPE>(edge) && SVFUtil::isa<GepValPN>(edge->getDstNode())))
             assert(curBB && "instruction does not have a basic block??");
 
         icfgNode = pag->getICFG()->getBlockICFGNode(curInst);
     }
     else if (const Argument* arg = SVFUtil::dyn_cast<Argument>(curVal))
     {
         assert(curBB && (&curBB->getParent()->getEntryBlock() == curBB));
         const SVFFunction* fun = LLVMModuleSet::getLLVMModuleSet()->getSVFFunction(arg->getParent());
         icfgNode = pag->getICFG()->getFunEntryBlockNode(fun);
     }
     else if (SVFUtil::isa<ConstantExpr>(curVal))
     {
         if (!curBB)
             pag->addGlobalPAGEdge(edge);
         else
             icfgNode = pag->getICFG()->getBlockICFGNode(&curBB->front());
     }
     else if (SVFUtil::isa<GlobalVariable>(curVal) ||
              SVFUtil::isa<Function>(curVal) ||
              SVFUtil::isa<Constant>(curVal) ||
              SVFUtil::isa<MetadataAsValue>(curVal))
     {
         pag->addGlobalPAGEdge(edge);
     }
     else
     {
         assert(false && "what else value can we have?");
     }
 
     pag->addToInstPAGEdgeList(icfgNode,edge);
     icfgNode->addPAGEdge(edge);
 }

◆ setCurrentLocation()

void SVF::PAGBuilder::setCurrentLocation	(	const Value *	val,
		const BasicBlock *	bb
	)

inline

Set current basic block in order to keep track of control flow information.

Definition at line 234 of file PAGBuilder.h.

     {
         curBB = bb;
         curVal = val;
     }

◆ visitAllocaInst()

void PAGBuilder::visitAllocaInst ( AllocaInst & inst )

virtual

Our visit overrides.

Visit alloca instructions Add edge V (dst) <– O (src), V here is a value node on PAG, O is object node on PAG

Definition at line 495 of file PAGBuilder.cpp.

 {
 
     // AllocaInst should always be a pointer type
     assert(SVFUtil::isa<PointerType>(inst.getType()));
 
     DBOUT(DPAGBuild, outs() << "process alloca  " << inst << " \n");
     NodeID dst = getValueNode(&inst);
 
     NodeID src = getObjectNode(&inst);
 
     addAddrEdge(src, dst);
 
 }

◆ visitAtomicCmpXchgInst()

void SVF::PAGBuilder::visitAtomicCmpXchgInst ( AtomicCmpXchgInst & I )

inline

Definition at line 216 of file PAGBuilder.h.

     {
         addBlackHoleAddrEdge(getValueNode(&I));
     }

◆ visitAtomicRMWInst()

void SVF::PAGBuilder::visitAtomicRMWInst ( AtomicRMWInst & I )

inline

Definition at line 220 of file PAGBuilder.h.

     {
         addBlackHoleAddrEdge(getValueNode(&I));
     }

◆ visitBinaryOperator()

void PAGBuilder::visitBinaryOperator ( BinaryOperator & inst )

Visit Binary Operator

Definition at line 617 of file PAGBuilder.cpp.

 {
     NodeID dst = getValueNode(&inst);
     for (u32_t i = 0; i < inst.getNumOperands(); i++)
     {
         Value* opnd = inst.getOperand(i);
         NodeID src = getValueNode(opnd);
         const BinaryOPPE* binayPE = addBinaryOPEdge(src, dst);
         pag->addBinaryNode(pag->getPAGNode(dst),binayPE);
     }
 }

◆ visitBranchInst()

void PAGBuilder::visitBranchInst ( BranchInst & inst )

Branch and switch instructions are treated as UnaryOP br cmp label if.then, label if.else

Definition at line 788 of file PAGBuilder.cpp.

                                                 {
     NodeID dst = getValueNode(&inst);
     NodeID src;
     if (inst.isConditional())
         src = getValueNode(inst.getCondition());
     else
         src = pag->getNullPtr();
     const UnaryOPPE *unaryPE = addUnaryOPEdge(src, dst);
     pag->addUnaryNode(pag->getPAGNode(dst),unaryPE);
 }

◆ visitCallBrInst()

void SVF::PAGBuilder::visitCallBrInst ( CallBrInst & I )

inline

Definition at line 156 of file PAGBuilder.h.

                                         {
       return visitCallSite(&I);
     }

◆ visitCallInst()

void SVF::PAGBuilder::visitCallInst ( CallInst & I )

inline

Definition at line 148 of file PAGBuilder.h.

     {
         visitCallSite(&I);
     }

◆ visitCallSite()

void PAGBuilder::visitCallSite ( CallSite cs )

Collect callsite arguments and returns

Definition at line 682 of file PAGBuilder.cpp.

 {
 
     // skip llvm intrinsics
     if(isIntrinsicInst(cs.getInstruction()))
         return;
 
     DBOUT(DPAGBuild,
           outs() << "process callsite " << *cs.getInstruction() << "\n");
 
     CallBlockNode* callBlockNode = pag->getICFG()->getCallBlockNode(cs.getInstruction());
     RetBlockNode* retBlockNode = pag->getICFG()->getRetBlockNode(cs.getInstruction());
 
     pag->addCallSite(callBlockNode);
 
     for(CallSite::arg_iterator itA = cs.arg_begin(), ieA = cs.arg_end(); itA!=ieA; ++itA)
         pag->addCallSiteArgs(callBlockNode,pag->getPAGNode(getValueNode(*itA)));
 
     if(!cs.getType()->isVoidTy())
         pag->addCallSiteRets(retBlockNode,pag->getPAGNode(getValueNode(cs.getInstruction())));
 
     const SVFFunction *callee = getCallee(cs);
 
     if (callee)
     {
         if (isExtCall(callee))
         {
             if (ExternalPAG::hasExternalPAG(callee))
             {
                 ExternalPAG::connectCallsiteToExternalPAG(&cs);
             }
             else
             {
                 // There is no extpag for the function, use the old method.
                 handleExtCall(cs, callee);
             }
         }
         else
         {
             handleDirectCall(cs, callee);
         }
     }
     else
     {
         //If the callee was not identified as a function (null F), this is indirect.
         handleIndCall(cs);
     }
 }

◆ visitCastInst()

void PAGBuilder::visitCastInst ( CastInst & I )

Definition at line 593 of file PAGBuilder.cpp.

 {
 
     DBOUT(DPAGBuild, outs() << "process cast  " << inst << " \n");
     NodeID dst = getValueNode(&inst);
 
     if (SVFUtil::isa<IntToPtrInst>(&inst))
     {
         addBlackHoleAddrEdge(dst);
     }
     else
     {
         Value * opnd = inst.getOperand(0);
         if (!SVFUtil::isa<PointerType>(opnd->getType()))
             opnd = stripAllCasts(opnd);
 
         NodeID src = getValueNode(opnd);
         addCopyEdge(src, dst);
     }
 }

◆ visitCmpInst()

void PAGBuilder::visitCmpInst ( CmpInst & inst )

Visit compare instruction

Definition at line 647 of file PAGBuilder.cpp.

 {
     NodeID dst = getValueNode(&inst);
     for (u32_t i = 0; i < inst.getNumOperands(); i++)
     {
         Value* opnd = inst.getOperand(i);
         NodeID src = getValueNode(opnd);
         const CmpPE* cmpPE = addCmpEdge(src, dst);
         pag->addCmpNode(pag->getPAGNode(dst),cmpPE);
     }
 }

◆ visitExtractElementInst()

void PAGBuilder::visitExtractElementInst ( ExtractElementInst & inst )

The �extractelement� instruction extracts a single scalar element from a vector at a specified index. TODO: for now we just assume the pointer after extraction points to blackhole The first operand of an �extractelement� instruction is a value of vector type. The second operand is an index indicating the position from which to extract the element.

<result> = extractelement <4 x i32> vec, i32 0 ; yields i32

Definition at line 778 of file PAGBuilder.cpp.

 {
     NodeID dst = getValueNode(&inst);
     addBlackHoleAddrEdge(dst);
 }

◆ visitExtractValueInst()

void PAGBuilder::visitExtractValueInst ( ExtractValueInst & inst )

visit extract value instructions for structures in registers TODO: for now we just assume the pointer after extraction points to blackhole for example %24 = extractvalue { i32, struct.s_hash* } call34, 0 %24 is a pointer points to first field of a register value call34 however we can not create call34 as an memory object, as it is register value. Is that necessary treat extract value as getelementptr instruction later to get more precise results?

Definition at line 764 of file PAGBuilder.cpp.

 {
     NodeID dst = getValueNode(&inst);
     addBlackHoleAddrEdge(dst);
 }

◆ visitFenceInst()

void SVF::PAGBuilder::visitFenceInst ( FenceInst & I )

inline

Definition at line 212 of file PAGBuilder.h.

     {
         addBlackHoleAddrEdge(getValueNode(&I));
     }

◆ visitFreezeInst()

void PAGBuilder::visitFreezeInst ( FreezeInst & inst )

<result> = freeze ty <val> If <val> is undef or poison, ‘freeze’ returns an arbitrary, but fixed value of type ty Otherwise, this instruction is a no-op and returns the input <val>

<result> = freeze ty <val> If <val> is undef or poison, ‘freeze’ returns an arbitrary, but fixed value of type ty Otherwise, this instruction is a no-op and returns the input <val> For now, we assume <val> is never a posion or undef.

Definition at line 823 of file PAGBuilder.cpp.

                                                 {
     NodeID dst = getValueNode(&inst);
     for (u32_t i = 0; i < inst.getNumOperands(); i++)
     {
         Value* opnd = inst.getOperand(i);
         NodeID src = getValueNode(opnd);
         addCopyEdge(src,dst);
     }
 }

◆ visitGetElementPtrInst()

void PAGBuilder::visitGetElementPtrInst ( GetElementPtrInst & inst )

Visit getelementptr instructions

Definition at line 567 of file PAGBuilder.cpp.

 {
 
     NodeID dst = getValueNode(&inst);
     // GetElementPtrInst should always be a pointer or a vector contains pointers
     // for now we don't handle vector type here
     if(SVFUtil::isa<VectorType>(inst.getType()))
     {
         addBlackHoleAddrEdge(dst);
         return;
     }
 
     assert(SVFUtil::isa<PointerType>(inst.getType()));
 
     DBOUT(DPAGBuild, outs() << "process gep  " << inst << " \n");
 
     NodeID src = getValueNode(inst.getPointerOperand());
 
     LocationSet ls;
     bool constGep = computeGepOffset(&inst, ls);
     addGepEdge(src, dst, ls, constGep);
 }

◆ visitGlobal()

void PAGBuilder::visitGlobal ( SVFModule * svfModule )

Handle globals including (global variable and functions)

Visit global variables for building PAG

initialize global variable

initialize global functions

Definition at line 445 of file PAGBuilder.cpp.

 {
 
     for (SVFModule::global_iterator I = svfModule->global_begin(), E =
                 svfModule->global_end(); I != E; ++I)
     {
         GlobalVariable *gvar = *I;
         NodeID idx = getValueNode(gvar);
         NodeID obj = getObjectNode(gvar);
 
         setCurrentLocation(gvar, nullptr);
         addAddrEdge(obj, idx);
 
         if (gvar->hasInitializer())
         {
             Constant *C = gvar->getInitializer();
             DBOUT(DPAGBuild, outs() << "add global var node " << *gvar << "\n");
             InitialGlobal(gvar, C, 0);
         }
     }
 
     for (SVFModule::llvm_const_iterator I = svfModule->llvmFunBegin(), E =
                 svfModule->llvmFunEnd(); I != E; ++I)
     {
         const Function *fun = *I;
         NodeID idx = getValueNode(fun);
         NodeID obj = getObjectNode(fun);
 
         DBOUT(DPAGBuild, outs() << "add global function node " << fun->getName() << "\n");
         setCurrentLocation(fun, nullptr);
         addAddrEdge(obj, idx);
     }
 
     // Handle global aliases (due to linkage of multiple bc files), e.g., @x = internal alias @y. We need to add a copy from y to x.
     for (SVFModule::alias_iterator I = svfModule->alias_begin(), E = svfModule->alias_end(); I != E; I++)
     {
         NodeID dst = pag->getValueNode(*I);
         NodeID src = pag->getValueNode((*I)->getAliasee());
         processCE((*I)->getAliasee());
         setCurrentLocation(*I, nullptr);
         addCopyEdge(src,dst);
     }
 }

◆ visitInsertElementInst()

void SVF::PAGBuilder::visitInsertElementInst ( InsertElementInst & I )

inline

Definition at line 192 of file PAGBuilder.h.

     {
         addBlackHoleAddrEdge(getValueNode(&I));
     }

◆ visitInsertValueInst()

void SVF::PAGBuilder::visitInsertValueInst ( InsertValueInst & I )

inline

Definition at line 166 of file PAGBuilder.h.

     {
         addBlackHoleAddrEdge(getValueNode(&I));
     }

◆ visitInstruction()

void SVF::PAGBuilder::visitInstruction ( Instruction & )

inline

Provide base case for our instruction visit.

Definition at line 226 of file PAGBuilder.h.

     {
         // If a new instruction is added to LLVM that we don't handle.
         // TODO: ignore here:
     }

◆ visitInvokeInst()

void SVF::PAGBuilder::visitInvokeInst ( InvokeInst & II )

inline

Definition at line 152 of file PAGBuilder.h.

     {
         visitCallSite(&II);
     }

◆ visitLandingPadInst()

void SVF::PAGBuilder::visitLandingPadInst ( LandingPadInst & I )

inline

Definition at line 200 of file PAGBuilder.h.

     {
         addBlackHoleAddrEdge(getValueNode(&I));
     }

◆ visitLoadInst()

void PAGBuilder::visitLoadInst ( LoadInst & I )

Definition at line 535 of file PAGBuilder.cpp.

 {
     DBOUT(DPAGBuild, outs() << "process load  " << inst << " \n");
 
     NodeID dst = getValueNode(&inst);
 
     NodeID src = getValueNode(inst.getPointerOperand());
 
     addLoadEdge(src, dst);
 }

◆ visitPHINode()

void PAGBuilder::visitPHINode ( PHINode & inst )

Visit phi instructions

Definition at line 513 of file PAGBuilder.cpp.

 {
 
     DBOUT(DPAGBuild, outs() << "process phi " << inst << "  \n");
 
     NodeID dst = getValueNode(&inst);
 
     for (Size_t i = 0; i < inst.getNumIncomingValues(); ++i)
     {
         const Value* val = inst.getIncomingValue(i);
         const Instruction* incomingInst = SVFUtil::dyn_cast<Instruction>(val);
         assert((incomingInst==nullptr) || (incomingInst->getFunction() == inst.getFunction()));
 
         NodeID src = getValueNode(val);
         const CopyPE* copy = addCopyEdge(src, dst);
         pag->addPhiNode(pag->getPAGNode(dst), copy);
     }
 }

◆ visitResumeInst()

void SVF::PAGBuilder::visitResumeInst ( ResumeInst & )

inline

Instruction not that often.

Definition at line 206 of file PAGBuilder.h.

207 {

208 }

◆ visitReturnInst()

void PAGBuilder::visitReturnInst ( ReturnInst & inst )

Visit return instructions of a function

Definition at line 735 of file PAGBuilder.cpp.

 {
 
     // ReturnInst itself should always not be a pointer type
     assert(!SVFUtil::isa<PointerType>(inst.getType()));
 
     DBOUT(DPAGBuild, outs() << "process return  " << inst << " \n");
 
     if(Value *src = inst.getReturnValue())
     {
         const SVFFunction *F = LLVMModuleSet::getLLVMModuleSet()->getSVFFunction(inst.getParent()->getParent());
 
         NodeID rnF = getReturnNode(F);
         NodeID vnS = getValueNode(src);
         //vnS may be null if src is a null ptr
         const CopyPE* copy = addCopyEdge(vnS, rnF);
         pag->addPhiNode(pag->getPAGNode(rnF), copy);
     }
 }

◆ visitSelectInst()

void PAGBuilder::visitSelectInst ( SelectInst & inst )

Visit select instructions

Two operands have same incoming basic block, both are the current BB

Definition at line 663 of file PAGBuilder.cpp.

 {
 
     DBOUT(DPAGBuild, outs() << "process select  " << inst << " \n");
 
     NodeID dst = getValueNode(&inst);
     NodeID src1 = getValueNode(inst.getTrueValue());
     NodeID src2 = getValueNode(inst.getFalseValue());
     const CopyPE* cpy1 = addCopyEdge(src1, dst);
     const CopyPE* cpy2 = addCopyEdge(src2, dst);
 
     pag->addPhiNode(pag->getPAGNode(dst), cpy1);
     pag->addPhiNode(pag->getPAGNode(dst), cpy2);
 }

◆ visitShuffleVectorInst()

void SVF::PAGBuilder::visitShuffleVectorInst ( ShuffleVectorInst & I )

inline

Definition at line 196 of file PAGBuilder.h.

     {
         addBlackHoleAddrEdge(getValueNode(&I));
     }

◆ visitStoreInst()

void PAGBuilder::visitStoreInst ( StoreInst & inst )

Visit store instructions

Definition at line 549 of file PAGBuilder.cpp.

 {
     // StoreInst itself should always not be a pointer type
     assert(!SVFUtil::isa<PointerType>(inst.getType()));
 
     DBOUT(DPAGBuild, outs() << "process store " << inst << " \n");
 
     NodeID dst = getValueNode(inst.getPointerOperand());
 
     NodeID src = getValueNode(inst.getValueOperand());
 
     addStoreEdge(src, dst);
 
 }

◆ visitSwitchInst()

void PAGBuilder::visitSwitchInst ( SwitchInst & I )

Definition at line 799 of file PAGBuilder.cpp.

                                                 {
     NodeID dst = getValueNode(&inst);
     Value* opnd = inst.getCondition();
     NodeID src = getValueNode(opnd);
     const UnaryOPPE* unaryPE = addUnaryOPEdge(src, dst);
     pag->addUnaryNode(pag->getPAGNode(dst),unaryPE);
 }

◆ visitUnaryOperator()

void PAGBuilder::visitUnaryOperator ( UnaryOperator & inst )

Visit Unary Operator

Definition at line 632 of file PAGBuilder.cpp.

 {
     NodeID dst = getValueNode(&inst);
     for (u32_t i = 0; i < inst.getNumOperands(); i++)
     {
         Value* opnd = inst.getOperand(i);
         NodeID src = getValueNode(opnd);
         const UnaryOPPE* unaryPE = addUnaryOPEdge(src, dst);
         pag->addUnaryNode(pag->getPAGNode(dst),unaryPE);
     }
 }

◆ visitUnreachableInst()

void SVF::PAGBuilder::visitUnreachableInst ( UnreachableInst & )

inline

Definition at line 209 of file PAGBuilder.h.

210 {

211 }

◆ visitVAArgInst()

void PAGBuilder::visitVAArgInst ( VAArgInst & inst )

TODO: var arguments need to be handled. https://llvm.org/docs/LangRef.html#id1911

ap = alloca struct.va_list ap2 = bitcast struct.va_list* ap to i8* ; Read a single integer argument from ap2 tmp = va_arg i8* ap2, i32 (VAArgInst) TODO: for now, create a copy edge from ap2 to tmp, we assume here tmp should point to the n-th argument of the var_args

Definition at line 812 of file PAGBuilder.cpp.

                                               {
     NodeID dst = getValueNode(&inst);
     Value* opnd = inst.getPointerOperand();
     NodeID src = getValueNode(opnd);
     addCopyEdge(src,dst);
 }

◆ visitVACopyInst()

void SVF::PAGBuilder::visitVACopyInst ( VACopyInst & I )

inline

Definition at line 181 of file PAGBuilder.h.

181 {}

◆ visitVAEndInst()

void SVF::PAGBuilder::visitVAEndInst ( VAEndInst & I )

inline

Definition at line 182 of file PAGBuilder.h.

182 {}

◆ visitVAStartInst()

void SVF::PAGBuilder::visitVAStartInst ( VAStartInst & I )

inline

Definition at line 183 of file PAGBuilder.h.

183 {}

Member Data Documentation

◆ curBB

const BasicBlock* SVF::PAGBuilder::curBB

private

Current basic block during PAG construction when visiting the module.

Definition at line 50 of file PAGBuilder.h.

◆ curVal

const Value* SVF::PAGBuilder::curVal

private

Current Value during PAG construction when visiting the module.

Definition at line 51 of file PAGBuilder.h.

◆ pag

PAG* SVF::PAGBuilder::pag

private

Definition at line 48 of file PAGBuilder.h.

◆ svfMod

SVFModule* SVF::PAGBuilder::svfMod

private

Definition at line 49 of file PAGBuilder.h.

The documentation for this class was generated from the following files:

/home/runner/work/SVF-1/SVF-1/include/SVF-FE/PAGBuilder.h
/home/runner/work/SVF-1/SVF-1/lib/SVF-FE/PAGBuilder.cpp

Public Member Functions

Private Attributes

Detailed Description

Constructor & Destructor Documentation

◆ PAGBuilder()

◆ ~PAGBuilder()

Member Function Documentation

◆ addAddrEdge()

◆ addBinaryOPEdge()

◆ addBlackHoleAddrEdge()

◆ addCallEdge()

◆ addCmpEdge()

◆ addComplexConsForExt()

◆ addCopyEdge()

◆ addEdge()

◆ addGepEdge()

◆ addGlobalBlackHoleAddrEdge()

◆ addLoadEdge()

◆ addNormalGepEdge()

◆ addNullPtrNode()

◆ addRetEdge()

◆ addStoreEdge()

◆ addThreadForkEdge()

◆ addThreadJoinEdge()

◆ addUnaryOPEdge()

◆ addVariantGepEdge()

◆ build()

◆ computeGepOffset()

◆ getBaseTypeAndFlattenedFields()

◆ getCurrentBB()

◆ getCurrentValue()

◆ getGepValNode()

◆ getGlobalVarField()

◆ getObjectNode()

◆ getPAG()

◆ getReturnNode()

◆ getValueNode()

◆ getVarargNode()

◆ handleDirectCall()

◆ handleExtCall()

◆ handleIndCall()

◆ InitialGlobal()

◆ initialiseNodes()

◆ processCE()

◆ sanityCheck()

◆ setCurrentBBAndValueForPAGEdge()

◆ setCurrentLocation()

◆ visitAllocaInst()

◆ visitAtomicCmpXchgInst()

◆ visitAtomicRMWInst()

◆ visitBinaryOperator()

◆ visitBranchInst()

◆ visitCallBrInst()

◆ visitCallInst()

◆ visitCallSite()

◆ visitCastInst()

◆ visitCmpInst()

◆ visitExtractElementInst()

◆ visitExtractValueInst()

◆ visitFenceInst()

◆ visitFreezeInst()

◆ visitGetElementPtrInst()

◆ visitGlobal()

◆ visitInsertElementInst()

◆ visitInsertValueInst()

◆ visitInstruction()

◆ visitInvokeInst()

◆ visitLandingPadInst()

◆ visitLoadInst()

◆ visitPHINode()

◆ visitResumeInst()

◆ visitReturnInst()

◆ visitSelectInst()

◆ visitShuffleVectorInst()

◆ visitStoreInst()

◆ visitSwitchInst()

◆ visitUnaryOperator()

◆ visitUnreachableInst()

◆ visitVAArgInst()

◆ visitVACopyInst()