Static Value-Flow Analysis
Loading...
Searching...
No Matches
Public Member Functions | Protected Member Functions | Private Attributes | Friends | List of all members
SVF::SymbolTableBuilder Class Reference

#include <SymbolTableBuilder.h>

Public Member Functions

 SymbolTableBuilder (SVFIR *ir)
 Constructor.
 
void buildMemModel ()
 Start building memory model.
 
u32_t getNumOfElements (const Type *ety)
 Return size of this object based on LLVM value.
 

Protected Member Functions

void collectSVFTypeInfo (const Value *val)
 collect the syms
 
void collectSym (const Value *val)
 
void collectVal (const Value *val)
 
void collectObj (const Value *val)
 
void collectRet (const Function *val)
 
void collectVararg (const Function *val)
 
void handleGlobalCE (const GlobalVariable *G)
 Handle constant expression.
 
void handleGlobalInitializerCE (const Constant *C)
 
void handleCE (const Value *val)
 
LLVMModuleSetllvmModuleSet ()
 
ObjTypeInferencegetTypeInference ()
 
const TypeinferObjType (const Value *startValue)
 Forward collect all possible infer sites starting from a value.
 
const TypeinferTypeOfHeapObjOrStaticObj (const Instruction *inst)
 Get the reference type of heap/static object from an allocation site.
 
ObjTypeInfocreateObjTypeInfo (const Value *val)
 Create an objectInfo based on LLVM value.
 
void initTypeInfo (ObjTypeInfo *typeinfo, const Value *value, const Type *ty)
 Initialize TypeInfo based on LLVM Value.
 
void analyzeObjType (ObjTypeInfo *typeinfo, const Value *val)
 Analyse types of all flattened fields of this object.
 
u32_t analyzeHeapObjType (ObjTypeInfo *typeinfo, const Value *val)
 Analyse types of heap and static objects.
 
void analyzeStaticObjType (ObjTypeInfo *typeinfo, const Value *val)
 Analyse types of heap and static objects.
 
u32_t analyzeHeapAllocByteSize (const Value *val)
 Analyze byte size of heap alloc function (e.g. malloc/calloc/...)
 
u32_t getNumOfFlattenElements (const Type *T)
 Number of flattened elements of an array or struct.
 
StInfogetOrAddSVFTypeInfo (const Type *T)
 Get a reference to StructInfo.
 
ObjTypeInfocreateBlkObjTypeInfo (NodeID symId)
 
ObjTypeInfocreateConstantObjTypeInfo (NodeID symId)
 

Private Attributes

SVFIRsvfir
 

Friends

class SVFIRBuilder
 

Detailed Description

Definition at line 44 of file SymbolTableBuilder.h.

Constructor & Destructor Documentation

◆ SymbolTableBuilder()

SVF::SymbolTableBuilder::SymbolTableBuilder ( SVFIR ir)
inline

Constructor.

Definition at line 52 of file SymbolTableBuilder.h.

52 : svfir(ir)
53 {
54 }
SVF::IRBuilder
llvm::IRBuilder IRBuilder
Definition BasicTypes.h:74

Member Function Documentation

◆ analyzeHeapAllocByteSize()

u32_t SymbolTableBuilder::analyzeHeapAllocByteSize ( const Value val)
protected

Analyze byte size of heap alloc function (e.g. malloc/calloc/...)

Analyze byte size of heap alloc function (e.g. malloc/calloc/...) 1) attribute((annotate("ALLOC_HEAP_RET"), annotate("AllocSize:Arg0"))) void* safe_malloc(unsigned long size). Byte Size is the size(Arg0) 2)__attribute__((annotate("ALLOC_HEAP_RET"), annotate("AllocSize:Arg0*Arg1"))) char* safecalloc(int a, int b) Byte Size is a(Arg0) * b(Arg1) 3)__attribute__((annotate("ALLOC_HEAP_RET"), annotate("UNKNOWN"))) void* __sysv_signal(int a, void *b) Byte Size is Unknown If all required arg values are constant, byte Size is also constant, otherwise return ByteSize 0

Definition at line 741 of file SymbolTableBuilder.cpp.

742{
743 if(const llvm::CallInst* callInst = llvm::dyn_cast<llvm::CallInst>(val))
744 {
745 if (const llvm::Function* calledFunction =
746 callInst->getCalledFunction())
747 {
748 std::vector<const Value*> args;
749 // Heap alloc functions have annoation like "AllocSize:Arg1"
750 for (std::string annotation : llvmModuleSet()->getExtFuncAnnotations(calledFunction))
751 {
752 if (annotation.find("AllocSize:") != std::string::npos)
753 {
754 std::string allocSize = annotation.substr(10);
755 std::stringstream ss(allocSize);
756 std::string token;
757 // Analyaze annotation string and attract Arg list
758 while (std::getline(ss, token, '*'))
759 {
760 if (token.rfind("Arg", 0) == 0)
761 {
762 u32_t argIndex;
763 std::istringstream(token.substr(3)) >> argIndex;
764 if (argIndex < callInst->getNumOperands() - 1)
765 {
766 args.push_back(
767 callInst->getArgOperand(argIndex));
768 }
769 }
770 }
771 }
772 }
773 u64_t product = 1;
774 if (args.size() > 0)
775 {
776 // for annotations like "AllocSize:Arg0*Arg1"
777 for (const llvm::Value* arg : args)
778 {
779 if (const llvm::ConstantInt* constIntArg =
780 llvm::dyn_cast<llvm::ConstantInt>(arg))
781 {
782 // Multiply the constant Value if all Args are const
783 product *= LLVMUtil::getIntegerValue(constIntArg).second;
784 }
785 else
786 {
787 // if Arg list has non-const value, return 0 to indicate it is non const byte size
788 return 0;
789 }
790 }
791 // If all the Args are const, return product
792 return product;
793 }
794 else
795 {
796 // for annotations like "AllocSize:UNKNOWN"
797 return 0;
798 }
799 }
800 }
801 // if it is not CallInst or CallInst has no CalledFunction, return 0 to indicate it is non const byte size
802 return 0;
803}
u32_t
unsigned u32_t
Definition CommandLine.h:18
SVF::SymbolTableBuilder::llvmModuleSet
LLVMModuleSet * llvmModuleSet()
Definition SymbolTableBuilder.h:87
SVF::LLVMUtil::getIntegerValue
std::pair< s64_t, u64_t > getIntegerValue(const ConstantInt *intValue)
Definition LLVMUtil.h:82
SVF::u64_t
unsigned long long u64_t
Definition GeneralType.h:49

◆ analyzeHeapObjType()

u32_t SymbolTableBuilder::analyzeHeapObjType ( ObjTypeInfo typeinfo,
const Value val 
)
protected

Analyse types of heap and static objects.

Analyse types of heap and static objects

For an C++ class, it can have variant elements depending on the vtable size, Hence we only handle non-cpp-class object, the type of the cpp class is treated as default PointerType

Definition at line 808 of file SymbolTableBuilder.cpp.

809{
810 typeinfo->setFlag(ObjTypeInfo::HEAP_OBJ);
811 analyzeObjType(typeinfo, val);
812 const Type* objTy = llvmModuleSet()->getLLVMType(typeinfo->getType());
813 if(SVFUtil::isa<ArrayType>(objTy))
814 return getNumOfElements(objTy);
815 else if(const StructType* st = SVFUtil::dyn_cast<StructType>(objTy))
816 {
819 if(cppUtil::classTyHasVTable(st))
820 typeinfo->resetTypeForHeapStaticObj(llvmModuleSet()->getSVFType(
821 llvmModuleSet()->getTypeInference()->ptrType()));
822 else
823 return getNumOfElements(objTy);
824 }
825 return typeinfo->getMaxFieldOffsetLimit();
826}
SVF::LLVMModuleSet::getLLVMType
const Type * getLLVMType(const SVFType *T) const
Get LLVM Type.
Definition LLVMModule.cpp:1150
SVF::ObjTypeInfo::resetTypeForHeapStaticObj
void resetTypeForHeapStaticObj(const SVFType *t)
Definition ObjTypeInfo.h:79
SVF::ObjTypeInfo::getMaxFieldOffsetLimit
u32_t getMaxFieldOffsetLimit()
Get max field offset limit.
Definition ObjTypeInfo.h:104
SVF::ObjTypeInfo::getType
const SVFType * getType() const
Get LLVM type.
Definition ObjTypeInfo.h:98
SVF::ObjTypeInfo::setFlag
void setFlag(MEMTYPE mask)
Flag for this object type.
Definition ObjTypeInfo.h:149
SVF::SymbolTableBuilder::getTypeInference
ObjTypeInference * getTypeInference()
Definition SymbolTableBuilder.cpp:579
SVF::SymbolTableBuilder::getNumOfElements
u32_t getNumOfElements(const Type *ety)
Return size of this object based on LLVM value.
Definition SymbolTableBuilder.cpp:939
SVF::SymbolTableBuilder::analyzeObjType
void analyzeObjType(ObjTypeInfo *typeinfo, const Value *val)
Analyse types of all flattened fields of this object.
Definition SymbolTableBuilder.cpp:700
SVF::cppUtil::classTyHasVTable
bool classTyHasVTable(const StructType *ty)
Definition CppUtil.cpp:569
SVF::Type
llvm::Type Type
Definition BasicTypes.h:83
SVF::StructType
llvm::StructType StructType
LLVM types.
Definition BasicTypes.h:94

◆ analyzeObjType()

void SymbolTableBuilder::analyzeObjType ( ObjTypeInfo typeinfo,
const Value val 
)
protected

Analyse types of all flattened fields of this object.

Analyse types of all flattened fields of this object

Definition at line 700 of file SymbolTableBuilder.cpp.

701{
702 const Type *elemTy = llvmModuleSet()->getLLVMType(typeinfo->getType());
703 // Find the inter nested array element
704 while (const ArrayType* AT = SVFUtil::dyn_cast<ArrayType>(elemTy))
705 {
706 elemTy = AT->getElementType();
707 if (SVFUtil::isa<GlobalVariable>(val) &&
708 SVFUtil::cast<GlobalVariable>(val)->hasInitializer() &&
709 SVFUtil::isa<ConstantArray>(
710 SVFUtil::cast<GlobalVariable>(val)->getInitializer()))
711 typeinfo->setFlag(ObjTypeInfo::CONST_ARRAY_OBJ);
712 else
713 typeinfo->setFlag(ObjTypeInfo::VAR_ARRAY_OBJ);
714 }
715 if (SVFUtil::isa<StructType>(elemTy))
716 {
717 if (SVFUtil::isa<GlobalVariable>(val) &&
718 SVFUtil::cast<GlobalVariable>(val)->hasInitializer() &&
719 SVFUtil::isa<ConstantStruct>(
720 SVFUtil::cast<GlobalVariable>(val)->getInitializer()))
721 typeinfo->setFlag(ObjTypeInfo::CONST_STRUCT_OBJ);
722 else
723 typeinfo->setFlag(ObjTypeInfo::VAR_STRUCT_OBJ);
724 }
725}
SVF::ArrayType
llvm::ArrayType ArrayType
Definition BasicTypes.h:95

◆ analyzeStaticObjType()

void SymbolTableBuilder::analyzeStaticObjType ( ObjTypeInfo typeinfo,
const Value val 
)
protected

Analyse types of heap and static objects.

Analyse types of heap and static objects

Definition at line 831 of file SymbolTableBuilder.cpp.

832{
833 if(const Value* castUse = getFirstUseViaCastInst(val))
834 {
835 typeinfo->setFlag(ObjTypeInfo::STATIC_OBJ);
836 analyzeObjType(typeinfo,castUse);
837 }
838 else
839 {
840 typeinfo->setFlag(ObjTypeInfo::HEAP_OBJ);
841 }
842}
SVF::LLVMUtil::getFirstUseViaCastInst
const Value * getFirstUseViaCastInst(const Value *val)
Definition LLVMUtil.cpp:277
SVF::Value
llvm::Value Value
LLVM Basic classes.
Definition BasicTypes.h:82

◆ buildMemModel()

void SymbolTableBuilder::buildMemModel ( )

Start building memory model.

This method identify which is value sym and which is object sym

if (SVFUtil::isa<InlineAsm>(Callee))

Definition at line 80 of file SymbolTableBuilder.cpp.

81{
82 SVFUtil::increaseStackSize();
83
84 // Pointer #0 always represents the null pointer.
85 assert(svfir->totalSymNum++ == IRGraph::NullPtr && "Something changed!");
86
87 // Pointer #1 always represents the pointer points-to black hole.
88 assert(svfir->totalSymNum++ == IRGraph::BlkPtr && "Something changed!");
89
90 // Object #2 is black hole the object that may point to any object
91 assert(svfir->totalSymNum++ == IRGraph::BlackHole && "Something changed!");
92 createBlkObjTypeInfo(IRGraph::BlackHole);
93
94 // Object #3 always represents the unique constant of a program (merging all constants if Options::ModelConsts is disabled)
95 assert(svfir->totalSymNum++ == IRGraph::ConstantObj && "Something changed!");
96 createConstantObjTypeInfo(IRGraph::ConstantObj);
97
98 for (Module &M : llvmModuleSet()->getLLVMModules())
99 {
100 // Add symbols for all the globals .
101 for (const GlobalVariable& gv : M.globals())
102 {
103 collectSym(&gv);
104 }
105
106 // Add symbols for all the global aliases
107 for (const GlobalAlias& ga : M.aliases())
108 {
109 collectSym(&ga);
110 collectSym(ga.getAliasee());
111 }
112
113 // Add symbols for all of the functions and the instructions in them.
114 for (const Function& fun : M.functions())
115 {
116 collectSym(&fun);
117 collectRet(&fun);
118 if (fun.getFunctionType()->isVarArg())
119 collectVararg(&fun);
120
121 // Add symbols for all formal parameters.
122 for (const Argument& arg : fun.args())
123 {
124 collectSym(&arg);
125 }
126
127 // collect and create symbols inside the function body
128 for (const Instruction& inst : instructions(fun))
129 {
130 collectSym(&inst);
131
132 // initialization for some special instructions
133 //{@
134 if (const StoreInst* st = SVFUtil::dyn_cast<StoreInst>(&inst))
135 {
136 collectSym(st->getPointerOperand());
137 collectSym(st->getValueOperand());
138 }
139 else if (const LoadInst* ld =
140 SVFUtil::dyn_cast<LoadInst>(&inst))
141 {
142 collectSym(ld->getPointerOperand());
143 }
144 else if (const AllocaInst* alloc =
145 SVFUtil::dyn_cast<AllocaInst>(&inst))
146 {
147 collectSym(alloc->getArraySize());
148 }
149 else if (const PHINode* phi = SVFUtil::dyn_cast<PHINode>(&inst))
150 {
151 for (u32_t i = 0; i < phi->getNumIncomingValues(); ++i)
152 {
153 collectSym(phi->getIncomingValue(i));
154 }
155 }
156 else if (const GetElementPtrInst* gep =
157 SVFUtil::dyn_cast<GetElementPtrInst>(&inst))
158 {
159 collectSym(gep->getPointerOperand());
160 for (u32_t i = 0; i < gep->getNumOperands(); ++i)
161 {
162 collectSym(gep->getOperand(i));
163 }
164 }
165 else if (const SelectInst* sel =
166 SVFUtil::dyn_cast<SelectInst>(&inst))
167 {
168 collectSym(sel->getTrueValue());
169 collectSym(sel->getFalseValue());
170 collectSym(sel->getCondition());
171 }
172 else if (const BinaryOperator* binary =
173 SVFUtil::dyn_cast<BinaryOperator>(&inst))
174 {
175 for (u32_t i = 0; i < binary->getNumOperands(); i++)
176 collectSym(binary->getOperand(i));
177 }
178 else if (const UnaryOperator* unary =
179 SVFUtil::dyn_cast<UnaryOperator>(&inst))
180 {
181 for (u32_t i = 0; i < unary->getNumOperands(); i++)
182 collectSym(unary->getOperand(i));
183 }
184 else if (const CmpInst* cmp = SVFUtil::dyn_cast<CmpInst>(&inst))
185 {
186 for (u32_t i = 0; i < cmp->getNumOperands(); i++)
187 collectSym(cmp->getOperand(i));
188 }
189 else if (const CastInst* cast =
190 SVFUtil::dyn_cast<CastInst>(&inst))
191 {
192 collectSym(cast->getOperand(0));
193 }
194 else if (const ReturnInst* ret =
195 SVFUtil::dyn_cast<ReturnInst>(&inst))
196 {
197 if (ret->getReturnValue())
198 collectSym(ret->getReturnValue());
199 }
200 else if (const BranchInst* br =
201 SVFUtil::dyn_cast<BranchInst>(&inst))
202 {
203 Value* opnd = br->isConditional() ? br->getCondition() : br->getOperand(0);
204 collectSym(opnd);
205 }
206 else if (const SwitchInst* sw =
207 SVFUtil::dyn_cast<SwitchInst>(&inst))
208 {
209 collectSym(sw->getCondition());
210 }
211 else if (const FreezeInst* fz = SVFUtil::dyn_cast<FreezeInst>(&inst))
212 {
213
214 for (u32_t i = 0; i < fz->getNumOperands(); i++)
215 {
216 Value* opnd = inst.getOperand(i);
217 collectSym(opnd);
218 }
219 }
220 else if (isNonInstricCallSite(&inst))
221 {
222
223 const CallBase* cs = LLVMUtil::getLLVMCallSite(&inst);
224 for (u32_t i = 0; i < cs->arg_size(); i++)
225 {
226 collectSym(cs->getArgOperand(i));
227 }
228 // Calls to inline asm need to be added as well because the
229 // callee isn't referenced anywhere else.
230 const Value* Callee = cs->getCalledOperand();
231 collectSym(Callee);
232
233 // TODO handle inlineAsm
235 if (Options::EnableTypeCheck())
236 {
237 getTypeInference()->validateTypeCheck(cs);
238 }
239 }
241 }
242 }
243 }
244
245 svfir->totalSymNum = NodeIDAllocator::get()->endSymbolAllocation();
246 if (Options::SymTabPrint())
247 {
248 llvmModuleSet()->dumpSymTable();
249 }
250}
SVF::IRGraph::totalSymNum
NodeID totalSymNum
total number of symbols
Definition IRGraph.h:101
SVF::NodeIDAllocator::get
static NodeIDAllocator * get(void)
Return (singleton) allocator.
Definition NodeIDAllocator.cpp:26
SVF::NodeIDAllocator::endSymbolAllocation
NodeID endSymbolAllocation(void)
Notify the allocator that all symbols have had IDs allocated.
Definition NodeIDAllocator.cpp:163
SVF::ObjTypeInference::validateTypeCheck
void validateTypeCheck(const CallBase *cs)
validate type inference
Definition ObjTypeInference.cpp:660
SVF::Options::EnableTypeCheck
static const Option< bool > EnableTypeCheck
Definition Options.h:132
SVF::Options::SymTabPrint
static const Option< bool > SymTabPrint
Definition Options.h:191
SVF::SymbolTableBuilder::collectRet
void collectRet(const Function *val)
Definition SymbolTableBuilder.cpp:360
SVF::SymbolTableBuilder::createBlkObjTypeInfo
ObjTypeInfo * createBlkObjTypeInfo(NodeID symId)
Definition SymbolTableBuilder.cpp:46
SVF::SymbolTableBuilder::createConstantObjTypeInfo
ObjTypeInfo * createConstantObjTypeInfo(NodeID symId)
Definition SymbolTableBuilder.cpp:61
SVF::SymbolTableBuilder::collectSym
void collectSym(const Value *val)
Definition SymbolTableBuilder.cpp:272
SVF::SymbolTableBuilder::collectVararg
void collectVararg(const Function *val)
Definition SymbolTableBuilder.cpp:376
SVF::LLVMUtil::getLLVMCallSite
const CallBase * getLLVMCallSite(const Value *value)
Return LLVM callsite given a value.
Definition LLVMUtil.h:91
SVF::LLVMUtil::isNonInstricCallSite
bool isNonInstricCallSite(const Instruction *inst)
Whether an instruction is a callsite in the application code, excluding llvm intrinsic calls.
Definition LLVMUtil.cpp:720
SVF::SVFUtil::increaseStackSize
void increaseStackSize()
Increase the stack size limit.
Definition SVFUtil.cpp:229
SVF::SVFUtil::cast
std::enable_if_t<!is_simple_type< Y >::value, typename cast_retty< X, const Y >::ret_type > cast(const Y &Val)
Definition Casting.h:360
SVF::GlobalVariable
llvm::GlobalVariable GlobalVariable
Definition BasicTypes.h:130
SVF::GlobalAlias
llvm::GlobalAlias GlobalAlias
Definition BasicTypes.h:128
SVF::CallBase
llvm::CallBase CallBase
Definition BasicTypes.h:146
SVF::UnaryOperator
llvm::UnaryOperator UnaryOperator
Definition BasicTypes.h:180
SVF::AllocaInst
llvm::AllocaInst AllocaInst
Definition BasicTypes.h:150
SVF::SwitchInst
llvm::SwitchInst SwitchInst
Definition BasicTypes.h:155
SVF::Argument
llvm::Argument Argument
Definition BasicTypes.h:145
SVF::LoadInst
llvm::LoadInst LoadInst
Definition BasicTypes.h:149
SVF::CmpInst
llvm::CmpInst CmpInst
Definition BasicTypes.h:159
SVF::Function
llvm::Function Function
Definition BasicTypes.h:85
SVF::Instruction
llvm::Instruction Instruction
Definition BasicTypes.h:87
SVF::CastInst
llvm::CastInst CastInst
Definition BasicTypes.h:158
SVF::FreezeInst
llvm::FreezeInst FreezeInst
Definition BasicTypes.h:169
SVF::Module
llvm::Module Module
Definition BasicTypes.h:84
SVF::BinaryOperator
llvm::BinaryOperator BinaryOperator
Definition BasicTypes.h:179
SVF::StoreInst
llvm::StoreInst StoreInst
Definition BasicTypes.h:148
SVF::SelectInst
llvm::SelectInst SelectInst
Definition BasicTypes.h:174
SVF::GetElementPtrInst
llvm::GetElementPtrInst GetElementPtrInst
Definition BasicTypes.h:162
SVF::ReturnInst
llvm::ReturnInst ReturnInst
Definition BasicTypes.h:157
SVF::PHINode
llvm::PHINode PHINode
Definition BasicTypes.h:165
SVF::BranchInst
llvm::BranchInst BranchInst
Definition BasicTypes.h:154

◆ collectObj()

void SymbolTableBuilder::collectObj ( const Value val)
protected

Get memory object sym, if not available create a new one

Definition at line 328 of file SymbolTableBuilder.cpp.

329{
330 val = LLVMUtil::getGlobalRep(val);
331 LLVMModuleSet::ValueToIDMapTy::iterator iter = llvmModuleSet()->objSymMap.find(val);
332 if (iter == llvmModuleSet()->objSymMap.end())
333 {
334 // if the object pointed by the pointer is a constant data (e.g., i32 0) or a global constant object (e.g. string)
335 // then we treat them as one ConstantObj
336 if (isConstantObjSym(val) && !Options::ModelConsts())
337 {
338 llvmModuleSet()->objSymMap.insert(std::make_pair(val, svfir->constantSymID()));
339 }
340 // otherwise, we will create an object for each abstract memory location
341 else
342 {
343 // create obj sym and sym type
344 NodeID id = NodeIDAllocator::get()->allocateObjectId();
345 llvmModuleSet()->objSymMap.insert(std::make_pair(val, id));
346 DBOUT(DMemModel,
347 outs() << "create a new obj sym " << id << "\n");
348
349 // create a memory object
350 ObjTypeInfo* ti = createObjTypeInfo(val);
351 assert(svfir->objTypeInfoMap.find(id) == svfir->objTypeInfoMap.end());
352 svfir->objTypeInfoMap[id] = ti;
353 }
354 }
355}
DBOUT
#define DBOUT(TYPE, X)
LLVM debug macros, define type of your DBUG model of each pass.
Definition SVFType.h:498
DMemModel
#define DMemModel
Definition SVFType.h:507
SVF::IRGraph::constantSymID
NodeID constantSymID() const
Definition IRGraph.h:188
SVF::IRGraph::objTypeInfoMap
IDToTypeInfoMapTy objTypeInfoMap
map a memory sym id to its obj
Definition IRGraph.h:88
SVF::LLVMModuleSet::objSymMap
ValueToIDMapTy objSymMap
map a obj reference to its sym id
Definition LLVMModule.h:113
SVF::NodeIDAllocator::allocateObjectId
NodeID allocateObjectId(void)
Allocate an object ID as determined by the strategy.
Definition NodeIDAllocator.cpp:50
SVF::Options::ModelConsts
static Option< bool > ModelConsts
Definition Options.h:188
SVF::SymbolTableBuilder::createObjTypeInfo
ObjTypeInfo * createObjTypeInfo(const Value *val)
Create an objectInfo based on LLVM value.
Definition SymbolTableBuilder.cpp:631
SVF::LLVMUtil::isConstantObjSym
bool isConstantObjSym(const Value *val)
Check whether this value points-to a constant object.
Definition CppUtil.cpp:672
SVF::LLVMUtil::getGlobalRep
const Value * getGlobalRep(const Value *val)
find the unique defined global across multiple modules
Definition LLVMUtil.cpp:439
SVF::SVFUtil::outs
std::ostream & outs()
Overwrite llvm::outs()
Definition SVFUtil.h:52
SVF::NodeID
u32_t NodeID
Definition GeneralType.h:56

◆ collectRet()

void SymbolTableBuilder::collectRet ( const Function val)
protected

Create unique return sym, if not available create a new one

Definition at line 360 of file SymbolTableBuilder.cpp.

361{
362
363 LLVMModuleSet::FunToIDMapTy::iterator iter =
364 llvmModuleSet()->returnSymMap.find(val);
365 if (iter == llvmModuleSet()->returnSymMap.end())
366 {
367 NodeID id = NodeIDAllocator::get()->allocateValueId();
368 llvmModuleSet()->returnSymMap.insert(std::make_pair(val, id));
369 DBOUT(DMemModel, outs() << "create a return sym " << id << "\n");
370 }
371}
SVF::LLVMModuleSet::returnSymMap
FunToIDMapTy returnSymMap
return map
Definition LLVMModule.h:114
SVF::NodeIDAllocator::allocateValueId
NodeID allocateValueId(void)
Allocate a value ID as determined by the strategy.
Definition NodeIDAllocator.cpp:128

◆ collectSVFTypeInfo()

void SymbolTableBuilder::collectSVFTypeInfo ( const Value val)
protected

collect the syms

Definition at line 252 of file SymbolTableBuilder.cpp.

253{
254 Type *valType = val->getType();
255 (void)getOrAddSVFTypeInfo(valType);
256 if(isGepConstantExpr(val) || SVFUtil::isa<GetElementPtrInst>(val))
257 {
258 for (bridge_gep_iterator
259 gi = bridge_gep_begin(SVFUtil::cast<User>(val)),
260 ge = bridge_gep_end(SVFUtil::cast<User>(val));
261 gi != ge; ++gi)
262 {
263 const Type* gepTy = *gi;
264 (void)getOrAddSVFTypeInfo(gepTy);
265 }
266 }
267}
SVF::SymbolTableBuilder::getOrAddSVFTypeInfo
StInfo * getOrAddSVFTypeInfo(const Type *T)
Get a reference to StructInfo.
Definition SymbolTableBuilder.cpp:959
llvm::generic_bridge_gep_type_iterator
Definition GEPTypeBridgeIterator.h:18
SVF::LLVMUtil::isGepConstantExpr
const ConstantExpr * isGepConstantExpr(const Value *val)
Return corresponding constant expression, otherwise return nullptr.
Definition LLVMUtil.h:215
llvm::bridge_gep_end
bridge_gep_iterator bridge_gep_end(const User *GEP)
Definition GEPTypeBridgeIterator.h:157
llvm::bridge_gep_begin
bridge_gep_iterator bridge_gep_begin(const User *GEP)
Definition GEPTypeBridgeIterator.h:149

◆ collectSym()

void SymbolTableBuilder::collectSym ( const Value val)
protected

Collect symbols, including value and object syms

Definition at line 272 of file SymbolTableBuilder.cpp.

273{
274
275 //TODO: filter the non-pointer type // if (!SVFUtil::isa<PointerType>(val->getType())) return;
276
277 DBOUT(DMemModel,
278 outs()
279 << "collect sym from ##"
280 << llvmModuleSet()->getSVFValue(val)->toString()
281 << " \n");
282 //TODO handle constant expression value here??
283 handleCE(val);
284
285 // create a value sym
286 collectVal(val);
287
288 collectSVFTypeInfo(val);
289 collectSVFTypeInfo(LLVMUtil::getGlobalRep(val));
290
291 // create an object If it is a heap, stack, global, function.
292 if (isObject(val))
293 {
294 collectObj(val);
295 }
296}
SVF::SymbolTableBuilder::collectSVFTypeInfo
void collectSVFTypeInfo(const Value *val)
collect the syms
Definition SymbolTableBuilder.cpp:252
SVF::SymbolTableBuilder::collectObj
void collectObj(const Value *val)
Definition SymbolTableBuilder.cpp:328
SVF::SymbolTableBuilder::collectVal
void collectVal(const Value *val)
Definition SymbolTableBuilder.cpp:301
SVF::SymbolTableBuilder::handleCE
void handleCE(const Value *val)
Definition SymbolTableBuilder.cpp:391
SVF::LLVMUtil::isObject
bool isObject(const Value *ref)
Return true if this value refers to a object.
Definition LLVMUtil.cpp:59

◆ collectVal()

void SymbolTableBuilder::collectVal ( const Value val)
protected

Get value sym, if not available create a new one

handle global constant expression here

Definition at line 301 of file SymbolTableBuilder.cpp.

302{
303 // collect and record special sym here
304 if (LLVMUtil::isNullPtrSym(val) || LLVMUtil::isBlackholeSym(val))
305 {
306 return;
307 }
308 LLVMModuleSet::ValueToIDMapTy::iterator iter = llvmModuleSet()->valSymMap.find(val);
309 if (iter == llvmModuleSet()->valSymMap.end())
310 {
311 // create val sym and sym type
312 NodeID id = NodeIDAllocator::get()->allocateValueId();
313 llvmModuleSet()->valSymMap.insert(std::make_pair(val, id));
314 DBOUT(DMemModel,
315 outs() << "create a new value sym " << id << "\n");
317 if (const GlobalVariable* globalVar = SVFUtil::dyn_cast<GlobalVariable>(val))
318 handleGlobalCE(globalVar);
319 }
320
321 if (isConstantObjSym(val))
322 collectObj(val);
323}
SVF::LLVMModuleSet::valSymMap
ValueToIDMapTy valSymMap
map a value to its sym id
Definition LLVMModule.h:112
SVF::SymbolTableBuilder::handleGlobalCE
void handleGlobalCE(const GlobalVariable *G)
Handle constant expression.
Definition SymbolTableBuilder.cpp:485
SVF::LLVMUtil::isNullPtrSym
bool isNullPtrSym(const Value *val)
Check whether this value is a black hole.
Definition LLVMUtil.h:125
SVF::LLVMUtil::isBlackholeSym
bool isBlackholeSym(const Value *val)
Check whether this value is a black hole.
Definition LLVMUtil.h:119

◆ collectVararg()

void SymbolTableBuilder::collectVararg ( const Function val)
protected

Create vararg sym, if not available create a new one

Definition at line 376 of file SymbolTableBuilder.cpp.

377{
378 LLVMModuleSet::FunToIDMapTy::iterator iter =
379 llvmModuleSet()->varargSymMap.find(val);
380 if (iter == llvmModuleSet()->varargSymMap.end())
381 {
382 NodeID id = NodeIDAllocator::get()->allocateValueId();
383 llvmModuleSet()->varargSymMap.insert(std::make_pair(val, id));
384 DBOUT(DMemModel, outs() << "create a vararg sym " << id << "\n");
385 }
386}
SVF::LLVMModuleSet::varargSymMap
FunToIDMapTy varargSymMap
vararg map
Definition LLVMModule.h:115

◆ createBlkObjTypeInfo()

ObjTypeInfo * SymbolTableBuilder::createBlkObjTypeInfo ( NodeID  symId)
protected

Definition at line 46 of file SymbolTableBuilder.cpp.

47{
48 assert(svfir->isBlkObj(symId));
49 LLVMModuleSet* llvmset = llvmModuleSet();
50 if (svfir->objTypeInfoMap.find(symId)==svfir->objTypeInfoMap.end())
51 {
52 ObjTypeInfo* ti =svfir->createObjTypeInfo(llvmset->getSVFType(
53 IntegerType::get(llvmset->getContext(), 32)));
54 ti->setNumOfElements(0);
55 svfir->objTypeInfoMap[symId] = ti;
56 }
57 ObjTypeInfo* ti = svfir->objTypeInfoMap[symId];
58 return ti;
59}
SVF::IRGraph::createObjTypeInfo
ObjTypeInfo * createObjTypeInfo(const SVFType *type)
Create an objectInfo based on LLVM type (value is null, and type could be null, representing a dummy ...
Definition IRGraph.cpp:231
SVF::IRGraph::isBlkObj
static bool isBlkObj(NodeID id)
Definition IRGraph.h:165
SVF::ObjTypeInfo::setNumOfElements
void setNumOfElements(u32_t num)
Set the number of elements of this object.
Definition ObjTypeInfo.h:116

◆ createConstantObjTypeInfo()

ObjTypeInfo * SymbolTableBuilder::createConstantObjTypeInfo ( NodeID  symId)
protected

Definition at line 61 of file SymbolTableBuilder.cpp.

62{
63 assert(IRGraph::isConstantSym(symId));
64 LLVMModuleSet* llvmset = llvmModuleSet();
65 if (svfir->objTypeInfoMap.find(symId)==svfir->objTypeInfoMap.end())
66 {
67 ObjTypeInfo* ti = svfir->createObjTypeInfo(
68 llvmset->getSVFType(IntegerType::get(llvmset->getContext(), 32)));
69 ti->setNumOfElements(0);
70 svfir->objTypeInfoMap[symId] = ti;
71 }
72 ObjTypeInfo* ti = svfir->objTypeInfoMap[symId];
73 return ti;
74}
SVF::IRGraph::isConstantSym
static bool isConstantSym(NodeID id)
Definition IRGraph.h:169

◆ createObjTypeInfo()

ObjTypeInfo * SymbolTableBuilder::createObjTypeInfo ( const Value val)
protected

Create an objectInfo based on LLVM value.

Definition at line 631 of file SymbolTableBuilder.cpp.

632{
633 const Type* objTy = nullptr;
634
635 const Instruction* I = SVFUtil::dyn_cast<Instruction>(val);
636
637 // We consider two types of objects:
638 // (1) A heap/static object from a callsite
639 if (I && isNonInstricCallSite(I))
640 {
641 objTy = inferTypeOfHeapObjOrStaticObj(I);
642 }
643 // (2) Other objects (e.g., alloca, global, etc.)
644 else
645 {
646 if (SVFUtil::isa<PointerType>(val->getType()))
647 {
648 if (const AllocaInst *allocaInst = SVFUtil::dyn_cast<AllocaInst>(val))
649 {
650 // get the type of the allocated memory
651 // e.g., for `%retval = alloca i64, align 4`, we return i64
652 objTy = allocaInst->getAllocatedType();
653 }
654 else if (const GlobalValue *global = SVFUtil::dyn_cast<GlobalValue>(val))
655 {
656 // get the pointee type of the global pointer (begins with @ symbol in llvm)
657 objTy = global->getValueType();
658 }
659 else
660 {
661 SVFUtil::errs() << dumpValueAndDbgInfo(val) << "\n";
662 assert(false && "not an allocation or global?");
663 }
664 }
665 }
666
667 if (objTy)
668 {
669 (void) getOrAddSVFTypeInfo(objTy);
670 ObjTypeInfo* typeInfo = new ObjTypeInfo(
671 llvmModuleSet()->getSVFType(objTy),
672 Options::MaxFieldLimit());
673 initTypeInfo(typeInfo,val, objTy);
674 return typeInfo;
675 }
676 else
677 {
678 writeWrnMsg("try to create an object with a non-pointer type.");
679 writeWrnMsg(val->getName().str());
680 writeWrnMsg("(" + getSourceLoc(val) + ")");
681 if (isConstantObjSym(val))
682 {
683 ObjTypeInfo* typeInfo = new ObjTypeInfo(
684 llvmModuleSet()->getSVFType(val->getType()),
685 0);
686 initTypeInfo(typeInfo,val, val->getType());
687 return typeInfo;
688 }
689 else
690 {
691 assert(false && "Memory object must be either (1) held by a pointer-typed ref value or (2) a constant value (e.g., 10).");
692 abort();
693 }
694 }
695}
SVF::Options::MaxFieldLimit
static const Option< u32_t > MaxFieldLimit
Maximum number of field derivations for an object.
Definition Options.h:39
SVF::SymbolTableBuilder::inferTypeOfHeapObjOrStaticObj
const Type * inferTypeOfHeapObjOrStaticObj(const Instruction *inst)
Get the reference type of heap/static object from an allocation site.
Definition SymbolTableBuilder.cpp:593
SVF::SymbolTableBuilder::initTypeInfo
void initTypeInfo(ObjTypeInfo *typeinfo, const Value *value, const Type *ty)
Initialize TypeInfo based on LLVM Value.
Definition SymbolTableBuilder.cpp:847
SVF::LLVMUtil::dumpValueAndDbgInfo
std::string dumpValueAndDbgInfo(const Value *val)
Definition LLVMUtil.cpp:622
SVF::LLVMUtil::getSourceLoc
const std::string getSourceLoc(const Value *val)
Definition LLVMUtil.cpp:452
SVF::SVFUtil::errs
std::ostream & errs()
Overwrite llvm::errs()
Definition SVFUtil.h:58
SVF::SVFUtil::writeWrnMsg
void writeWrnMsg(const std::string &msg)
Writes a message run through wrnMsg.
Definition SVFUtil.cpp:68
SVF::GlobalValue
llvm::GlobalValue GlobalValue
Definition BasicTypes.h:88

◆ getNumOfElements()

u32_t SymbolTableBuilder::getNumOfElements ( const Type ety)

Return size of this object based on LLVM value.

Return size of this Object

Definition at line 939 of file SymbolTableBuilder.cpp.

940{
941 assert(ety && "type is null?");
942 u32_t numOfFields = 1;
943 if (SVFUtil::isa<StructType, ArrayType>(ety))
944 {
945 numOfFields = getNumOfFlattenElements(ety);
946 }
947 return numOfFields;
948}
SVF::SymbolTableBuilder::getNumOfFlattenElements
u32_t getNumOfFlattenElements(const Type *T)
Number of flattened elements of an array or struct.
Definition SymbolTableBuilder.cpp:951

◆ getNumOfFlattenElements()

u32_t SymbolTableBuilder::getNumOfFlattenElements ( const Type T)
protected

Number of flattened elements of an array or struct.

Get a reference to the components of struct_info. Number of flattened elements of an array or struct

Definition at line 951 of file SymbolTableBuilder.cpp.

952{
953 if(Options::ModelArrays())
954 return getOrAddSVFTypeInfo(T)->getNumOfFlattenElements();
955 else
956 return getOrAddSVFTypeInfo(T)->getNumOfFlattenFields();
957}
SVF::Options::ModelArrays
static Option< bool > ModelArrays
Definition Options.h:189
SVF::StInfo::getNumOfFlattenElements
u32_t getNumOfFlattenElements() const
Return number of elements after flattening (including array elements)
Definition SVFType.h:139
SVF::StInfo::getNumOfFlattenFields
u32_t getNumOfFlattenFields() const
Return the number of fields after flattening (ignoring array elements)
Definition SVFType.h:145

◆ getOrAddSVFTypeInfo()

StInfo * SymbolTableBuilder::getOrAddSVFTypeInfo ( const Type T)
protected

Get a reference to StructInfo.

Definition at line 959 of file SymbolTableBuilder.cpp.

960{
961 return llvmModuleSet()->getSVFType(T)->getTypeInfo();
962}
SVF::LLVMModuleSet::getSVFType
SVFType * getSVFType(const Type *T)
Get or create SVFType and typeinfo.
Definition LLVMModule.cpp:1164
SVF::SVFType::getTypeInfo
StInfo * getTypeInfo()
Definition SVFType.h:230

◆ getTypeInference()

ObjTypeInference * SymbolTableBuilder::getTypeInference ( )
protected

Definition at line 579 of file SymbolTableBuilder.cpp.

580{
581 return llvmModuleSet()->getTypeInference();
582}
SVF::LLVMModuleSet::getTypeInference
ObjTypeInference * getTypeInference()
Definition LLVMModule.cpp:92

◆ handleCE()

void SymbolTableBuilder::handleCE ( const Value val)
protected

Handle constant expression

Definition at line 391 of file SymbolTableBuilder.cpp.

392{
393 if (const Constant* ref = SVFUtil::dyn_cast<Constant>(val))
394 {
395 if (const ConstantExpr* ce = isGepConstantExpr(ref))
396 {
397 DBOUT(DMemModelCE, outs() << "handle constant expression "
398 << llvmModuleSet()
399 ->getSVFValue(ref)
400 ->toString()
401 << "\n");
402 collectVal(ce);
403
404 // handle the recursive constant express case
405 // like (gep (bitcast (gep X 1)) 1); the inner gep is ce->getOperand(0)
406 for (u32_t i = 0; i < ce->getNumOperands(); ++i)
407 {
408 collectVal(ce->getOperand(i));
409 handleCE(ce->getOperand(i));
410 }
411 }
412 else if (const ConstantExpr* ce = isCastConstantExpr(ref))
413 {
414 DBOUT(DMemModelCE, outs() << "handle constant expression "
415 << llvmModuleSet()
416 ->getSVFValue(ref)
417 ->toString()
418 << "\n");
419 collectVal(ce);
420 collectVal(ce->getOperand(0));
421 // handle the recursive constant express case
422 // like (gep (bitcast (gep X 1)) 1); the inner gep is ce->getOperand(0)
423 handleCE(ce->getOperand(0));
424 }
425 else if (const ConstantExpr* ce = isSelectConstantExpr(ref))
426 {
427 DBOUT(DMemModelCE, outs() << "handle constant expression "
428 << llvmModuleSet()
429 ->getSVFValue(ref)
430 ->toString()
431 << "\n");
432 collectVal(ce);
433 collectVal(ce->getOperand(0));
434 collectVal(ce->getOperand(1));
435 collectVal(ce->getOperand(2));
436 // handle the recursive constant express case
437 // like (gep (bitcast (gep X 1)) 1); the inner gep is ce->getOperand(0)
438 handleCE(ce->getOperand(0));
439 handleCE(ce->getOperand(1));
440 handleCE(ce->getOperand(2));
441 }
442 // if we meet a int2ptr, then it points-to black hole
443 else if (const ConstantExpr* int2Ptrce = isInt2PtrConstantExpr(ref))
444 {
445 collectVal(int2Ptrce);
446 const Constant* opnd = int2Ptrce->getOperand(0);
447 handleCE(opnd);
448 }
449 else if (const ConstantExpr* ptr2Intce = isPtr2IntConstantExpr(ref))
450 {
451 collectVal(ptr2Intce);
452 const Constant* opnd = ptr2Intce->getOperand(0);
453 handleCE(opnd);
454 }
455 else if (isTruncConstantExpr(ref) || isCmpConstantExpr(ref))
456 {
457 collectVal(ref);
458 }
459 else if (isBinaryConstantExpr(ref))
460 {
461 collectVal(ref);
462 }
463 else if (isUnaryConstantExpr(ref))
464 {
465 // we don't handle unary constant expression like fneg(x) now
466 collectVal(ref);
467 }
468 else if (SVFUtil::isa<ConstantAggregate>(ref))
469 {
470 // we don't handle constant aggregate like constant vectors
471 collectVal(ref);
472 }
473 else
474 {
475 assert(!SVFUtil::isa<ConstantExpr>(val) &&
476 "we don't handle all other constant expression for now!");
477 collectVal(ref);
478 }
479 }
480}
DMemModelCE
#define DMemModelCE
Definition SVFType.h:508
SVF::LLVMUtil::isBinaryConstantExpr
const ConstantExpr * isBinaryConstantExpr(const Value *val)
Definition LLVMUtil.h:290
SVF::LLVMUtil::isInt2PtrConstantExpr
const ConstantExpr * isInt2PtrConstantExpr(const Value *val)
Definition LLVMUtil.h:225
SVF::LLVMUtil::isSelectConstantExpr
const ConstantExpr * isSelectConstantExpr(const Value *val)
Definition LLVMUtil.h:255
SVF::LLVMUtil::isTruncConstantExpr
const ConstantExpr * isTruncConstantExpr(const Value *val)
Definition LLVMUtil.h:265
SVF::LLVMUtil::isPtr2IntConstantExpr
const ConstantExpr * isPtr2IntConstantExpr(const Value *val)
Definition LLVMUtil.h:235
SVF::LLVMUtil::isUnaryConstantExpr
const ConstantExpr * isUnaryConstantExpr(const Value *val)
Definition LLVMUtil.h:301
SVF::LLVMUtil::isCastConstantExpr
const ConstantExpr * isCastConstantExpr(const Value *val)
Definition LLVMUtil.h:245
SVF::LLVMUtil::isCmpConstantExpr
const ConstantExpr * isCmpConstantExpr(const Value *val)
Definition LLVMUtil.h:279
SVF::Constant
llvm::Constant Constant
Definition BasicTypes.h:124
SVF::ConstantExpr
llvm::ConstantExpr ConstantExpr
Definition BasicTypes.h:120

◆ handleGlobalCE()

void SymbolTableBuilder::handleGlobalCE ( const GlobalVariable G)
protected

Handle constant expression.

Handle global constant expression

Definition at line 485 of file SymbolTableBuilder.cpp.

486{
487 assert(G);
488
489 //The type this global points to
490 const Type* T = G->getValueType();
491 bool is_array = 0;
492 //An array is considered a single variable of its type.
493 while (const ArrayType* AT = SVFUtil::dyn_cast<ArrayType>(T))
494 {
495 T = AT->getElementType();
496 is_array = true;
497 }
498
499 if (SVFUtil::isa<StructType>(T))
500 {
501 //A struct may be used in constant GEP expr.
502 for (const User* user : G->users())
503 {
504 handleCE(user);
505 }
506 }
507 else if (is_array)
508 {
509 for (const User* user : G->users())
510 {
511 handleCE(user);
512 }
513 }
514
515 if (G->hasInitializer())
516 {
517 handleGlobalInitializerCE(G->getInitializer());
518 }
519}
SVF::SymbolTableBuilder::handleGlobalInitializerCE
void handleGlobalInitializerCE(const Constant *C)
Definition SymbolTableBuilder.cpp:524
SVF::User
llvm::User User
Definition BasicTypes.h:142

◆ handleGlobalInitializerCE()

void SymbolTableBuilder::handleGlobalInitializerCE ( const Constant C)
protected

Handle global variable initialization

Definition at line 524 of file SymbolTableBuilder.cpp.

525{
526
527 if (C->getType()->isSingleValueType())
528 {
529 if (const ConstantExpr* E = SVFUtil::dyn_cast<ConstantExpr>(C))
530 {
531 handleCE(E);
532 }
533 else
534 {
535 collectVal(C);
536 }
537 }
538 else if (SVFUtil::isa<ConstantArray>(C))
539 {
540 for (u32_t i = 0, e = C->getNumOperands(); i != e; i++)
541 {
542 handleGlobalInitializerCE(SVFUtil::cast<Constant>(C->getOperand(i)));
543 }
544 }
545 else if (SVFUtil::isa<ConstantStruct>(C))
546 {
547 for (u32_t i = 0, e = C->getNumOperands(); i != e; i++)
548 {
549 handleGlobalInitializerCE(SVFUtil::cast<Constant>(C->getOperand(i)));
550 }
551 }
552 else if(const ConstantData* data = SVFUtil::dyn_cast<ConstantData>(C))
553 {
554 if (Options::ModelConsts())
555 {
556 if (const ConstantDataSequential* seq =
557 SVFUtil::dyn_cast<ConstantDataSequential>(data))
558 {
559 for(u32_t i = 0; i < seq->getNumElements(); i++)
560 {
561 const Constant* ct = seq->getElementAsConstant(i);
562 handleGlobalInitializerCE(ct);
563 }
564 }
565 else
566 {
567 assert(
568 (SVFUtil::isa<ConstantAggregateZero, UndefValue>(data)) &&
569 "Single value type data should have been handled!");
570 }
571 }
572 }
573 else
574 {
575 //TODO:assert(SVFUtil::isa<ConstantVector>(C),"what else do we have");
576 }
577}
SVF::ConstantData
llvm::ConstantData ConstantData
Definition BasicTypes.h:116
SVF::ConstantDataSequential
llvm::ConstantDataSequential ConstantDataSequential
Definition BasicTypes.h:119

◆ inferObjType()

const Type * SymbolTableBuilder::inferObjType ( const Value startValue)
protected

Forward collect all possible infer sites starting from a value.

Definition at line 585 of file SymbolTableBuilder.cpp.

586{
587 return getTypeInference()->inferObjType(startValue);
588}
SVF::ObjTypeInference::inferObjType
const Type * inferObjType(const Value *var)
get or infer the type of the object pointed by the value
Definition ObjTypeInference.cpp:136

◆ inferTypeOfHeapObjOrStaticObj()

const Type * SymbolTableBuilder::inferTypeOfHeapObjOrStaticObj ( const Instruction inst)
protected

Get the reference type of heap/static object from an allocation site.

Return the type of the object from a heap allocation

Definition at line 593 of file SymbolTableBuilder.cpp.

594{
595 const Value* startValue = inst;
596 const PointerType *originalPType = SVFUtil::dyn_cast<PointerType>(inst->getType());
597 const Type* inferedType = nullptr;
598 assert(originalPType && "empty type?");
599 if(LLVMUtil::isHeapAllocExtCallViaRet(inst))
600 {
601 if(const Value* v = getFirstUseViaCastInst(inst))
602 {
603 if (const PointerType *newTy = SVFUtil::dyn_cast<PointerType>(v->getType()))
604 {
605 originalPType = newTy;
606 }
607 }
608 inferedType = inferObjType(startValue);
609 }
610 else if(LLVMUtil::isHeapAllocExtCallViaArg(inst))
611 {
612 const CallBase* cs = LLVMUtil::getLLVMCallSite(inst);
613 u32_t arg_pos = LLVMUtil::getHeapAllocHoldingArgPosition(cs->getCalledFunction());
614 const Value* arg = cs->getArgOperand(arg_pos);
615 originalPType = SVFUtil::dyn_cast<PointerType>(arg->getType());
616 inferedType = inferObjType(startValue = arg);
617 }
618 else
619 {
620 assert( false && "not a heap allocation instruction?");
621 }
622
623 getTypeInference()->typeSizeDiffTest(originalPType, inferedType, startValue);
624
625 return inferedType;
626}
SVF::ObjTypeInference::typeSizeDiffTest
void typeSizeDiffTest(const PointerType *oPTy, const Type *iTy, const Value *val)
Definition ObjTypeInference.cpp:685
SVF::SymbolTableBuilder::inferObjType
const Type * inferObjType(const Value *startValue)
Forward collect all possible infer sites starting from a value.
Definition SymbolTableBuilder.cpp:585
SVF::LLVMUtil::isHeapAllocExtCallViaRet
bool isHeapAllocExtCallViaRet(const Instruction *inst)
Definition LLVMUtil.cpp:633
SVF::LLVMUtil::isHeapAllocExtCallViaArg
bool isHeapAllocExtCallViaArg(const Instruction *inst)
Definition LLVMUtil.cpp:648
SVF::LLVMUtil::getHeapAllocHoldingArgPosition
u32_t getHeapAllocHoldingArgPosition(const Function *fun)
Definition LLVMUtil.cpp:400
SVF::PointerType
llvm::PointerType PointerType
Definition BasicTypes.h:96

◆ initTypeInfo()

void SymbolTableBuilder::initTypeInfo ( ObjTypeInfo typeinfo,
const Value val,
const Type objTy 
)
protected

Initialize TypeInfo based on LLVM Value.

Initialize the type info of an object

if val is AllocaInst, byteSize is Type's LLVM ByteSize * ArraySize e.g. alloc i32, 10. byteSize is 4 (i32's size) * 10 (ArraySize) = 40

This is for alloca <ty> <NumElements>. For example, alloca i64 3 allocates 3 i64 on the stack (objSize=3) In most cases, NumElements is not specified in the instruction, which means there is only one element (objSize=1).

if ArraySize is not constant, byteSize is not static determined.

if val is GlobalVar, byteSize is Type's LLVM ByteSize All GlobalVariable must have constant size

if val is heap alloc

Definition at line 847 of file SymbolTableBuilder.cpp.

849{
850
851 u32_t elemNum = 1;
852 // init byteSize = 0, If byteSize is changed in the following process,
853 // it means that ObjTypeInfo has a Constant Byte Size
854 u32_t byteSize = 0;
855 // Global variable
856 // if val is Function Obj, byteSize is not set
857 if (SVFUtil::isa<Function>(val))
858 {
859 typeinfo->setFlag(ObjTypeInfo::FUNCTION_OBJ);
860 analyzeObjType(typeinfo,val);
861 elemNum = 0;
862 }
865 else if(const AllocaInst* allocaInst = SVFUtil::dyn_cast<AllocaInst>(val))
866 {
867 typeinfo->setFlag(ObjTypeInfo::STACK_OBJ);
868 analyzeObjType(typeinfo,val);
871 if(const ConstantInt* sz = SVFUtil::dyn_cast<ConstantInt>(allocaInst->getArraySize()))
872 {
873 elemNum = LLVMUtil::getIntegerValue(sz).second * getNumOfElements(objTy);
874 byteSize = LLVMUtil::getIntegerValue(sz).second * typeinfo->getType()->getByteSize();
875 }
877 else
878 {
879 elemNum = getNumOfElements(objTy);
880 byteSize = 0;
881 }
882 }
885 else if(SVFUtil::isa<GlobalVariable>(val))
886 {
887 typeinfo->setFlag(ObjTypeInfo::GLOBVAR_OBJ);
888 if(isConstantObjSym(val))
889 typeinfo->setFlag(ObjTypeInfo::CONST_GLOBAL_OBJ);
890 analyzeObjType(typeinfo,val);
891 elemNum = getNumOfElements(objTy);
892 byteSize = typeinfo->getType()->getByteSize();
893 }
895 else if (SVFUtil::isa<Instruction>(val) &&
896 LLVMUtil::isHeapAllocExtCall(
897 SVFUtil::cast<Instruction>(val)))
898 {
899 elemNum = analyzeHeapObjType(typeinfo,val);
900 // analyze heap alloc like (malloc/calloc/...), the alloc functions have
901 // annotation like "AllocSize:Arg1". Please refer to extapi.c.
902 // e.g. calloc(4, 10), annotation is "AllocSize:Arg0*Arg1",
903 // it means byteSize = 4 (Arg0) * 10 (Arg1) = 40
904 byteSize = analyzeHeapAllocByteSize(val);
905 }
906 else if(ArgInProgEntryFunction(val))
907 {
908 analyzeStaticObjType(typeinfo,val);
909 // user input data, label its field as infinite here
910 elemNum = typeinfo->getMaxFieldOffsetLimit();
911 byteSize = typeinfo->getType()->getByteSize();
912 }
913 else if(LLVMUtil::isConstDataOrAggData(val))
914 {
915 typeinfo->setFlag(ObjTypeInfo::CONST_DATA);
916 elemNum = getNumOfFlattenElements(val->getType());
917 byteSize = typeinfo->getType()->getByteSize();
918 }
919 else
920 {
921 assert("what other object do we have??");
922 abort();
923 }
924
925 // Reset maxOffsetLimit if it is over the total fieldNum of this object
926 if(typeinfo->getMaxFieldOffsetLimit() > elemNum)
927 typeinfo->setNumOfElements(elemNum);
928
929 // set ByteSize. If ByteSize > 0, this typeinfo has constant type.
930 // If ByteSize == 0, this typeinfo has 1) zero byte 2) non-const byte size
931 // If ByteSize>MaxFieldLimit, set MaxFieldLimit to the byteSize;
932 byteSize = Options::MaxFieldLimit() > byteSize? byteSize: Options::MaxFieldLimit();
933 typeinfo->setByteSizeOfObj(byteSize);
934}
SVF::ObjTypeInfo::setByteSizeOfObj
void setByteSizeOfObj(u32_t size)
Set the byte size of this object.
Definition ObjTypeInfo.h:136
SVF::SVFType::getByteSize
u32_t getByteSize() const
Definition SVFType.h:244
SVF::SymbolTableBuilder::analyzeHeapObjType
u32_t analyzeHeapObjType(ObjTypeInfo *typeinfo, const Value *val)
Analyse types of heap and static objects.
Definition SymbolTableBuilder.cpp:808
SVF::SymbolTableBuilder::analyzeHeapAllocByteSize
u32_t analyzeHeapAllocByteSize(const Value *val)
Analyze byte size of heap alloc function (e.g. malloc/calloc/...)
Definition SymbolTableBuilder.cpp:741
SVF::SymbolTableBuilder::analyzeStaticObjType
void analyzeStaticObjType(ObjTypeInfo *typeinfo, const Value *val)
Analyse types of heap and static objects.
Definition SymbolTableBuilder.cpp:831
SVF::LLVMUtil::isHeapAllocExtCall
bool isHeapAllocExtCall(const Instruction *inst)
Definition LLVMUtil.h:396
SVF::LLVMUtil::isConstDataOrAggData
bool isConstDataOrAggData(const Value *val)
Return true if the value refers to constant data, e.g., i32 0.
Definition LLVMUtil.h:368
SVF::LLVMUtil::ArgInProgEntryFunction
bool ArgInProgEntryFunction(const Value *val)
Return true if this is an argument of a program entry function (e.g. main)
Definition LLVMUtil.h:164
SVF::ConstantInt
llvm::ConstantInt ConstantInt
Definition BasicTypes.h:125

◆ llvmModuleSet()

LLVMModuleSet * SVF::SymbolTableBuilder::llvmModuleSet ( )
inlineprotected

Definition at line 87 of file SymbolTableBuilder.h.

88 {
89 return LLVMModuleSet::getLLVMModuleSet();
90 }
SVF::LLVMModuleSet::getLLVMModuleSet
static LLVMModuleSet * getLLVMModuleSet()
Definition LLVMModule.h:129

Friends And Related Symbol Documentation

◆ SVFIRBuilder

friend class SVFIRBuilder
friend

Definition at line 46 of file SymbolTableBuilder.h.

Member Data Documentation

◆ svfir

SVFIR* SVF::SymbolTableBuilder::svfir
private

Definition at line 48 of file SymbolTableBuilder.h.

The documentation for this class was generated from the following files:
Generated by doxygen 1.9.8