Example 36 with VarNode
use of soot.jimple.spark.pag.VarNode in project soot by Sable.
the class EvalResults method checkAliasAnalysis.
/**
* Count how many aliased base pointers appeared in all user's functions.
*/
public void checkAliasAnalysis() {
Set<IVarAbstraction> access_expr = new HashSet<IVarAbstraction>();
ArrayList<IVarAbstraction> al = new ArrayList<IVarAbstraction>();
Value[] values = new Value[2];
for (SootMethod sm : ptsProvider.getAllReachableMethods()) {
if (sm.isJavaLibraryMethod())
continue;
if (!sm.isConcrete())
continue;
if (!sm.hasActiveBody()) {
sm.retrieveActiveBody();
}
if (!ptsProvider.isValidMethod(sm))
continue;
// access_expr.clear();
for (Iterator<Unit> stmts = sm.getActiveBody().getUnits().iterator(); stmts.hasNext(); ) {
Stmt st = (Stmt) stmts.next();
if (st instanceof AssignStmt) {
AssignStmt a = (AssignStmt) st;
values[0] = a.getLeftOp();
values[1] = a.getRightOp();
for (Value v : values) {
// expression: p.f
if (v instanceof InstanceFieldRef) {
InstanceFieldRef ifr = (InstanceFieldRef) v;
final SootField field = ifr.getField();
if (!(field.getType() instanceof RefType))
continue;
LocalVarNode vn = ptsProvider.findLocalVarNode((Local) ifr.getBase());
if (vn == null)
continue;
if (ptsProvider.isExceptionPointer(vn))
continue;
IVarAbstraction pn = ptsProvider.findInternalNode(vn);
if (pn == null)
continue;
pn = pn.getRepresentative();
if (pn.hasPTResult())
access_expr.add(pn);
}
}
}
}
}
access_expr.remove(null);
al.addAll(access_expr);
access_expr = null;
// Next, we pair up all the pointers
Date begin = new Date();
int size = al.size();
for (int i = 0; i < size; ++i) {
IVarAbstraction pn = al.get(i);
VarNode n1 = (VarNode) pn.getWrappedNode();
for (int j = i + 1; j < size; ++j) {
IVarAbstraction qn = al.get(j);
VarNode n2 = (VarNode) qn.getWrappedNode();
if (pn.heap_sensitive_intersection(qn))
evalRes.n_hs_alias++;
// We directly use the SPARK points-to sets
if (n1.getP2Set().hasNonEmptyIntersection(n2.getP2Set()))
evalRes.n_hi_alias++;
}
}
evalRes.n_alias_pairs = size * (size - 1) / 2;
Date end = new Date();
ptsProvider.ps.println();
ptsProvider.ps.println("--------> Alias Pairs Evaluation <---------");
ptsProvider.ps.println("Number of pointer pairs in app code: " + evalRes.n_alias_pairs);
ptsProvider.ps.printf("Heap sensitive alias pairs (by Geom): %d, Percentage = %.3f%%\n", evalRes.n_hs_alias, (double) evalRes.n_hs_alias / evalRes.n_alias_pairs * 100);
ptsProvider.ps.printf("Heap insensitive alias pairs (by SPARK): %d, Percentage = %.3f%%\n", evalRes.n_hi_alias, (double) evalRes.n_hi_alias / evalRes.n_alias_pairs * 100);
ptsProvider.ps.printf("Using time: %dms \n", end.getTime() - begin.getTime());
ptsProvider.ps.println();
}
Also used :
LocalVarNode(soot.jimple.spark.pag.LocalVarNode)
VarNode(soot.jimple.spark.pag.VarNode)
AssignStmt(soot.jimple.AssignStmt)
ArrayList(java.util.ArrayList)
Unit(soot.Unit)
Date(java.util.Date)
Stmt(soot.jimple.Stmt)
AssignStmt(soot.jimple.AssignStmt)
RefType(soot.RefType)
IVarAbstraction(soot.jimple.spark.geom.geomPA.IVarAbstraction)
Value(soot.Value)
InstanceFieldRef(soot.jimple.InstanceFieldRef)
SootMethod(soot.SootMethod)
SootField(soot.SootField)
LocalVarNode(soot.jimple.spark.pag.LocalVarNode)
HashSet(java.util.HashSet)
Example 37 with VarNode
use of soot.jimple.spark.pag.VarNode in project soot by Sable.
the class EvalResults method checkCastsSafety.
/**
* Count how many static casts can be determined safe.
*/
public void checkCastsSafety() {
for (SootMethod sm : ptsProvider.getAllReachableMethods()) {
if (sm.isJavaLibraryMethod())
continue;
if (!sm.isConcrete())
continue;
if (!sm.hasActiveBody()) {
sm.retrieveActiveBody();
}
if (!ptsProvider.isValidMethod(sm))
continue;
// All the statements in the method
for (Iterator<Unit> stmts = sm.getActiveBody().getUnits().iterator(); stmts.hasNext(); ) {
Stmt st = (Stmt) stmts.next();
if (st instanceof AssignStmt) {
Value rhs = ((AssignStmt) st).getRightOp();
Value lhs = ((AssignStmt) st).getLeftOp();
if (rhs instanceof CastExpr && lhs.getType() instanceof RefLikeType) {
Value v = ((CastExpr) rhs).getOp();
VarNode node = ptsProvider.findLocalVarNode(v);
if (node == null)
continue;
IVarAbstraction pn = ptsProvider.findInternalNode(node);
if (pn == null)
continue;
pn = pn.getRepresentative();
if (!pn.hasPTResult())
continue;
evalRes.total_casts++;
final Type targetType = (RefLikeType) ((CastExpr) rhs).getCastType();
// We first use the geometric points-to result to
// evaluate
solved = true;
Set<AllocNode> set = pn.get_all_points_to_objects();
for (AllocNode obj : set) {
solved = ptsProvider.castNeverFails(obj.getType(), targetType);
if (solved == false)
break;
}
if (solved)
evalRes.geom_solved_casts++;
// Second is the SPARK result
solved = true;
node.getP2Set().forall(new P2SetVisitor() {
public void visit(Node arg0) {
if (solved == false)
return;
solved = ptsProvider.castNeverFails(arg0.getType(), targetType);
}
});
if (solved)
evalRes.spark_solved_casts++;
}
}
}
}
ptsProvider.ps.println();
ptsProvider.ps.println("-----------> Static Casts Safety Evaluation <------------");
ptsProvider.ps.println("Total casts (app code): " + evalRes.total_casts);
ptsProvider.ps.println("Safe casts: Geom = " + evalRes.geom_solved_casts + ", SPARK = " + evalRes.spark_solved_casts);
}
Also used :
LocalVarNode(soot.jimple.spark.pag.LocalVarNode)
VarNode(soot.jimple.spark.pag.VarNode)
AssignStmt(soot.jimple.AssignStmt)
LocalVarNode(soot.jimple.spark.pag.LocalVarNode)
Node(soot.jimple.spark.pag.Node)
VarNode(soot.jimple.spark.pag.VarNode)
AllocNode(soot.jimple.spark.pag.AllocNode)
Unit(soot.Unit)
Stmt(soot.jimple.Stmt)
AssignStmt(soot.jimple.AssignStmt)
RefLikeType(soot.RefLikeType)
RefType(soot.RefType)
AnySubType(soot.AnySubType)
RefLikeType(soot.RefLikeType)
ArrayType(soot.ArrayType)
Type(soot.Type)
AllocNode(soot.jimple.spark.pag.AllocNode)
IVarAbstraction(soot.jimple.spark.geom.geomPA.IVarAbstraction)
Value(soot.Value)
CastExpr(soot.jimple.CastExpr)
SootMethod(soot.SootMethod)
P2SetVisitor(soot.jimple.spark.sets.P2SetVisitor)
Example 38 with VarNode
use of soot.jimple.spark.pag.VarNode in project soot by Sable.
the class MethodNodeFactory method caseClassConstant.
@Override
public final void caseClassConstant(ClassConstant cc) {
AllocNode classConstant = pag.makeClassConstantNode(cc);
VarNode classConstantLocal = pag.makeGlobalVarNode(classConstant, RefType.v("java.lang.Class"));
pag.addEdge(classConstant, classConstantLocal);
setResult(classConstantLocal);
}Example 39 with VarNode
use of soot.jimple.spark.pag.VarNode in project soot by Sable.
the class MethodNodeFactory method caseNewMultiArrayExpr.
@Override
public final void caseNewMultiArrayExpr(NewMultiArrayExpr nmae) {
ArrayType type = (ArrayType) nmae.getType();
AllocNode prevAn = pag.makeAllocNode(new Pair<Expr, Integer>(nmae, new Integer(type.numDimensions)), type, method);
VarNode prevVn = pag.makeLocalVarNode(prevAn, prevAn.getType(), method);
mpag.addInternalEdge(prevAn, prevVn);
setResult(prevAn);
while (true) {
Type t = type.getElementType();
if (!(t instanceof ArrayType))
break;
type = (ArrayType) t;
AllocNode an = pag.makeAllocNode(new Pair<Expr, Integer>(nmae, new Integer(type.numDimensions)), type, method);
VarNode vn = pag.makeLocalVarNode(an, an.getType(), method);
mpag.addInternalEdge(an, vn);
mpag.addInternalEdge(vn, pag.makeFieldRefNode(prevVn, ArrayElement.v()));
prevAn = an;
prevVn = vn;
}
}
Also used :
ArrayType(soot.ArrayType)
VarNode(soot.jimple.spark.pag.VarNode)
RefType(soot.RefType)
Type(soot.Type)
RefLikeType(soot.RefLikeType)
ArrayType(soot.ArrayType)
NewArrayExpr(soot.jimple.NewArrayExpr)
VirtualInvokeExpr(soot.jimple.VirtualInvokeExpr)
PhiExpr(soot.shimple.PhiExpr)
NewMultiArrayExpr(soot.jimple.NewMultiArrayExpr)
CastExpr(soot.jimple.CastExpr)
InvokeExpr(soot.jimple.InvokeExpr)
NewExpr(soot.jimple.NewExpr)
Expr(soot.jimple.Expr)
StaticInvokeExpr(soot.jimple.StaticInvokeExpr)
AllocNode(soot.jimple.spark.pag.AllocNode)
Example 40 with VarNode
use of soot.jimple.spark.pag.VarNode in project soot by Sable.
the class DemandCSPointsTo method processIncomingEdges.
protected void processIncomingEdges(IncomingEdgeHandler h, Stack<VarAndContext> worklist) {
while (!worklist.isEmpty()) {
incrementNodesTraversed();
VarAndContext varAndContext = worklist.pop();
if (DEBUG) {
debugPrint("looking at " + varAndContext);
}
VarNode v = varAndContext.var;
ImmutableStack<Integer> callingContext = varAndContext.context;
Node[] newEdges = pag.allocInvLookup(v);
for (int i = 0; i < newEdges.length; i++) {
AllocNode allocNode = (AllocNode) newEdges[i];
h.handleAlloc(allocNode, varAndContext);
if (h.terminate()) {
return;
}
}
Collection<AssignEdge> assigns = filterAssigns(v, callingContext, true, true);
for (AssignEdge assignEdge : assigns) {
VarNode src = assignEdge.getSrc();
// }
if (h.shouldHandleSrc(src)) {
ImmutableStack<Integer> newContext = callingContext;
if (assignEdge.isParamEdge()) {
if (!callingContext.isEmpty()) {
if (!callEdgeInSCC(assignEdge)) {
assert assignEdge.getCallSite().equals(callingContext.peek()) : assignEdge + " " + callingContext;
newContext = callingContext.pop();
} else {
newContext = popRecursiveCallSites(callingContext);
}
}
// } else if (refiningCallSite) {
// if (!fieldCheckHeuristic.aggressiveVirtCallRefine())
// {
// // throw new CallSiteException();
// }
// }
} else if (assignEdge.isReturnEdge()) {
if (DEBUG)
debugPrint("entering call site " + assignEdge.getCallSite());
// if (!isRecursive(callingContext, assignEdge)) {
// newContext = callingContext.push(assignEdge
// .getCallSite());
// }
newContext = pushWithRecursionCheck(callingContext, assignEdge);
}
if (assignEdge.isParamEdge()) {
Integer callSite = assignEdge.getCallSite();
if (csInfo.isVirtCall(callSite) && !weirdCall(callSite)) {
Set<SootMethod> targets = refineCallSite(callSite, newContext);
if (DEBUG) {
debugPrint(targets.toString());
}
SootMethod targetMethod = ((LocalVarNode) assignEdge.getDst()).getMethod();
if (!targets.contains(targetMethod)) {
if (DEBUG) {
debugPrint("skipping call because of call graph");
}
continue;
}
}
}
if (src instanceof GlobalVarNode) {
newContext = EMPTY_CALLSTACK;
}
h.handleAssignSrc(new VarAndContext(src, newContext), varAndContext, assignEdge);
if (h.terminate()) {
return;
}
}
}
Set<VarNode> matchSources = vMatches.vMatchInvLookup(v);
Node[] loads = pag.loadInvLookup(v);
for (int i = 0; i < loads.length; i++) {
FieldRefNode frNode = (FieldRefNode) loads[i];
final VarNode loadBase = frNode.getBase();
SparkField field = frNode.getField();
// FieldRefNode>(v, frNode);
for (Pair<VarNode, VarNode> store : fieldToStores.get(field)) {
final VarNode storeBase = store.getO2();
final PointsToSetInternal storeBaseP2Set = storeBase.getP2Set();
final PointsToSetInternal loadBaseP2Set = loadBase.getP2Set();
final VarNode matchSrc = store.getO1();
if (matchSources.contains(matchSrc)) {
if (h.shouldHandleSrc(matchSrc)) {
if (DEBUG) {
debugPrint("match source " + matchSrc);
}
PointsToSetInternal intersection = SootUtil.constructIntersection(storeBaseP2Set, loadBaseP2Set, pag);
boolean checkGetfield = fieldCheckHeuristic.validateMatchesForField(field);
h.handleMatchSrc(matchSrc, intersection, loadBase, storeBase, varAndContext, field, checkGetfield);
if (h.terminate())
return;
}
}
}
}
}
}
Also used :
GlobalVarNode(soot.jimple.spark.pag.GlobalVarNode)
LocalVarNode(soot.jimple.spark.pag.LocalVarNode)
VarNode(soot.jimple.spark.pag.VarNode)
GlobalVarNode(soot.jimple.spark.pag.GlobalVarNode)
PointsToSetInternal(soot.jimple.spark.sets.PointsToSetInternal)
FieldRefNode(soot.jimple.spark.pag.FieldRefNode)
GlobalVarNode(soot.jimple.spark.pag.GlobalVarNode)
LocalVarNode(soot.jimple.spark.pag.LocalVarNode)
Node(soot.jimple.spark.pag.Node)
VarNode(soot.jimple.spark.pag.VarNode)
AllocNode(soot.jimple.spark.pag.AllocNode)
AssignEdge(soot.jimple.spark.ondemand.pautil.AssignEdge)
SparkField(soot.jimple.spark.pag.SparkField)
FieldRefNode(soot.jimple.spark.pag.FieldRefNode)
AllocNode(soot.jimple.spark.pag.AllocNode)
SootMethod(soot.SootMethod)
LocalVarNode(soot.jimple.spark.pag.LocalVarNode)
Aggregations
VarNode (soot.jimple.spark.pag.VarNode)47
AllocNode (soot.jimple.spark.pag.AllocNode)37
Node (soot.jimple.spark.pag.Node)29
FieldRefNode (soot.jimple.spark.pag.FieldRefNode)24
LocalVarNode (soot.jimple.spark.pag.LocalVarNode)23
PointsToSetInternal (soot.jimple.spark.sets.PointsToSetInternal)22
GlobalVarNode (soot.jimple.spark.pag.GlobalVarNode)17
SparkField (soot.jimple.spark.pag.SparkField)15
HashSet (java.util.HashSet)11
NewInstanceNode (soot.jimple.spark.pag.NewInstanceNode)11
SootMethod (soot.SootMethod)10
ClassConstantNode (soot.jimple.spark.pag.ClassConstantNode)10
RefType (soot.RefType)8
Type (soot.Type)8
P2SetVisitor (soot.jimple.spark.sets.P2SetVisitor)8
AssignEdge (soot.jimple.spark.ondemand.pautil.AssignEdge)7
Iterator (java.util.Iterator)6
ImmutableStack (soot.jimple.spark.ondemand.genericutil.ImmutableStack)6
Stack (soot.jimple.spark.ondemand.genericutil.Stack)6
AllocDotField (soot.jimple.spark.pag.AllocDotField)6
