On Mon, 2021-06-28 at 20:23 +0530, Ankur Saini wrote:
>
>
> > On 28-Jun-2021, at 12:18 AM, David Malcolm <[email protected]>
> > wrote:
> > >
> > > >
> > > > >
> > > > > Q. But even if we find out which function to call, how will
> > > > > the
> > > > > analyzer know which snode does that function belong ?
> > > >
> > > > Use this method of supergraph:
> > > > supernode *get_node_for_function_entry (function *fun) const;
> > > > to get the supernode for the entrypoint of a given function.
> > > >
> > > > You can get the function * from a fndecl via
> > > > DECL_STRUCT_FUNCTION.
> > >
> > > so once we get fndecl, it should be comparatively smooth sailing
> > > from
> > > there.
> > >
> > > My attempt to get the value of function pointer from the state :
> > > -
> > >
> > > - to access the region model of the state, I tried to access
> > > “m_region_model” of that state.
> > > - now I want to access cluster for a function pointer.
> > > - but when looking at the accessible functions to region model
> > > class,
> > > I couldn’t seem to find the fitting one. ( the closest I could
> > > find
> > > was “region_model::get_reachable_svalues()” to get a set of all
> > > the
> > > svalues reachable from that model )
> >
> > In general you can use:
> > region_model::get_rvalue
> > to go from a tree to a symbolic value for what the analyzer
> > "thinks"
> > the value of that tree is at that point along the path.
> >
> > If it "knows" that it's a specific function pointer, then IIRC this
> > will return a region_svalue where region_svalue::get_pointee ()
> > will
> > (hopefully) point at the function_region representing the memory
> > holding the code of the function. function_region::get_fndecl
> > should
> > then give you the tree for the specific FUNCTION_DECL, from which
> > you
> > can find the supergraph node etc.
> >
> > It looks like
> > region_model::get_fndecl_for_call
> > might already do most of what you need, but it looks like it bails
> > out
> > for the "NULL cgraph_node" case. Maybe that needs fixing, so that
> > it
> > returns the fndecl for that case? That already gets used in some
> > places, so maybe try putting a breakpoint on that and see if fixing
> > that gets you further?
>
> shouldn’t the fn_decl should still have a cgraph_node if the function
> is declared in the program itself ? it should just not have an edge
> representing the call.
That would make sense. I'd suggest verifying that in the debugger.
> Because I was able to find the super-graph node just with the help of
> the function itself.
Great.
>
> this is how the function looks "exploded_node::on_edge()" right now.
>
> File: {$SCR_DIR}/gcc/analyzer/engine.cc
> 1305: bool
> 1306: exploded_node::on_edge (exploded_graph &eg,
> 1307: const superedge *succ,
> 1308: program_point *next_point,
> 1309: program_state *next_state,
> 1310: uncertainty_t *uncertainty)
> 1311: {
> 1312: LOG_FUNC (eg.get_logger ());
> 1313:
> 1314: if (succ->m_kind == SUPEREDGE_INTRAPROCEDURAL_CALL)
> 1315: {
> 1316: const program_point *this_point = &this->get_point();
> 1317: const program_state *this_state = &this->get_state ();
> 1318: const gcall *call = this_point->get_supernode ()-
> >get_final_call ();
> 1319:
> 1320: impl_region_model_context ctxt (eg,
> 1321: this,
> 1322: this_state,
> 1323: next_state,
> 1324: uncertainty,
> 1325: this_point->get_stmt());
> 1326:
> 1327: region_model *model = this_state->m_region_model;
> 1328: tree fn_decl = model->get_fndecl_for_call(call,&ctxt);
> 1329: if(DECL_STRUCT_FUNCTION(fn_decl))
> 1330: {
> 1331: const supergraph *sg = &eg.get_supergraph();
> 1332: supernode * sn = sg->get_node_for_function_entry
> (DECL_STRUCT_FUNCTION(fn_decl));
> 1333: // create enode and eedge ?
> 1334: }
> 1335: }
> 1336:
> 1337: if (!next_point->on_edge (eg, succ))
> 1338: return false;
> 1339:
> 1340: if (!next_state->on_edge (eg, this, succ, uncertainty))
> 1341: return false;
> 1342:
> 1343: return true;
> 1344: }
Looks promising.
>
> for now, it is also detecting calls that already have call_sedge
> connecting them, so I think I also have to filter them out.
Right, I think so too.
Dave
