On Thu, 2021-06-24 at 19:59 +0530, Ankur Saini wrote: > CURRENT STATUS : > > analyzer is now splitting nodes even at call sites which doesn’t have > a cgraph_edge. But as now the call and return nodes are not > connected, the part of the function after such calls becomes > unreachable making them impossible to properly analyse. > > AIM for today : > > - try to create an intra-procedural link between the calls the > calling and returning snodes > - find the place where the exploded nodes and edges are being formed > - figure out the program point where exploded graph would know about > the function calls > > — > > PROGRESS : > > - I initially tried to connect the calling and returning snodes with > an intraprocedural sedge but looks like for that only nodes which > have a cgraph_edge or a CFG edge are connected in the supergraph. I > tried a few ways to connect them but at the end thought I would be > better off leaving them like this and connecting them during the > creation of exploded graph itself. > > - As the exploded graph is created during building and processing of > the worklist, "build_initial_worklist ()” and “process_worklist()” > should be the interesting areas to analyse, especially the processing > part. > > - “build_initial_worklist()” is just creating enodes for functions > that can be called explicitly ( possible entry points ) so I guess > the better place to investigate is “process_worklist ()” function.
Yes. Have a look at exploded_graph::process_node (which is called by process_worklist). The eedges for calls with supergraph edges happens there in the "case PK_AFTER_SUPERNODE:", which looks at the outgoing superedges from that supernode and calls node->on_edge on them, creating a exploded nodes/exploded edge for each outgoing-superedge. So you'll need to make some changes there, I think. > > — > > STATUS AT THE END OF THE DAY :- > > - try to create an intra-procedural link between the calls the > calling and returning snodes ( Abandoned ) You may find the above useful if you're going to do it based on the code I mentioned above. > - find the place where the exploded nodes and edges are being formed > ( Done ) > - figure out the program point where exploded graph knows about the > function call ( Pending ) > Thanks for the update. Hope the above is helpful. Dave
