arkanalyzer 1.0.40 → 1.0.42
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/config/arkanalyzer.json +1 -2
- package/lib/Scene.d.ts.map +1 -1
- package/lib/Scene.js +9 -2
- package/lib/callgraph/algorithm/ClassHierarchyAnalysis.d.ts.map +1 -1
- package/lib/callgraph/algorithm/ClassHierarchyAnalysis.js +3 -4
- package/lib/callgraph/algorithm/RapidTypeAnalysis.d.ts.map +1 -1
- package/lib/callgraph/algorithm/RapidTypeAnalysis.js +7 -8
- package/lib/callgraph/model/CallGraph.d.ts +5 -5
- package/lib/callgraph/model/CallGraph.d.ts.map +1 -1
- package/lib/callgraph/model/CallGraph.js +18 -21
- package/lib/callgraph/model/CallSite.d.ts +16 -6
- package/lib/callgraph/model/CallSite.d.ts.map +1 -1
- package/lib/callgraph/model/CallSite.js +48 -8
- package/lib/callgraph/model/builder/CallGraphBuilder.d.ts +0 -1
- package/lib/callgraph/model/builder/CallGraphBuilder.d.ts.map +1 -1
- package/lib/callgraph/model/builder/CallGraphBuilder.js +0 -8
- package/lib/callgraph/pointerAnalysis/Pag.d.ts +3 -6
- package/lib/callgraph/pointerAnalysis/Pag.d.ts.map +1 -1
- package/lib/callgraph/pointerAnalysis/Pag.js +6 -29
- package/lib/callgraph/pointerAnalysis/PagBuilder.d.ts +6 -15
- package/lib/callgraph/pointerAnalysis/PagBuilder.d.ts.map +1 -1
- package/lib/callgraph/pointerAnalysis/PagBuilder.js +63 -81
- package/lib/callgraph/pointerAnalysis/PointerAnalysis.d.ts +2 -1
- package/lib/callgraph/pointerAnalysis/PointerAnalysis.d.ts.map +1 -1
- package/lib/callgraph/pointerAnalysis/PointerAnalysis.js +12 -8
- package/lib/callgraph/pointerAnalysis/PointerAnalysisConfig.d.ts +9 -3
- package/lib/callgraph/pointerAnalysis/PointerAnalysisConfig.d.ts.map +1 -1
- package/lib/callgraph/pointerAnalysis/PointerAnalysisConfig.js +12 -5
- package/lib/callgraph/pointerAnalysis/context/Context.d.ts +69 -0
- package/lib/callgraph/pointerAnalysis/context/Context.d.ts.map +1 -0
- package/lib/callgraph/pointerAnalysis/context/Context.js +202 -0
- package/lib/callgraph/pointerAnalysis/context/ContextItem.d.ts +40 -0
- package/lib/callgraph/pointerAnalysis/context/ContextItem.d.ts.map +1 -0
- package/lib/callgraph/pointerAnalysis/context/ContextItem.js +99 -0
- package/lib/callgraph/pointerAnalysis/context/ContextSelector.d.ts +46 -0
- package/lib/callgraph/pointerAnalysis/context/ContextSelector.d.ts.map +1 -0
- package/lib/callgraph/pointerAnalysis/context/ContextSelector.js +138 -0
- package/lib/core/base/Expr.d.ts +1 -0
- package/lib/core/base/Expr.d.ts.map +1 -1
- package/lib/core/base/Expr.js +9 -0
- package/lib/core/common/ArkIRTransformer.d.ts +1 -0
- package/lib/core/common/ArkIRTransformer.d.ts.map +1 -1
- package/lib/core/common/ArkIRTransformer.js +58 -2
- package/lib/core/common/ArkValueTransformer.d.ts +1 -1
- package/lib/core/common/ArkValueTransformer.d.ts.map +1 -1
- package/lib/core/common/IRInference.d.ts +1 -1
- package/lib/core/common/IRInference.d.ts.map +1 -1
- package/lib/core/common/IRInference.js +7 -3
- package/lib/core/common/ModelUtils.js +1 -1
- package/lib/core/common/SdkUtils.d.ts +2 -1
- package/lib/core/common/SdkUtils.d.ts.map +1 -1
- package/lib/core/common/SdkUtils.js +33 -23
- package/lib/core/common/TypeInference.d.ts.map +1 -1
- package/lib/core/common/TypeInference.js +5 -3
- package/lib/core/dataflow/DataflowSolver.js +3 -3
- package/lib/core/dataflow/UndefinedVariable.js +2 -2
- package/lib/core/graph/BaseExplicitGraph.d.ts +1 -0
- package/lib/core/graph/BaseExplicitGraph.d.ts.map +1 -1
- package/lib/core/graph/BaseExplicitGraph.js +3 -0
- package/lib/core/graph/BasicBlock.d.ts.map +1 -1
- package/lib/core/graph/BasicBlock.js +9 -4
- package/lib/core/graph/Cfg.d.ts.map +1 -1
- package/lib/core/graph/Cfg.js +4 -1
- package/lib/core/graph/builder/CfgBuilder.d.ts +2 -1
- package/lib/core/graph/builder/CfgBuilder.d.ts.map +1 -1
- package/lib/core/graph/builder/CfgBuilder.js +54 -10
- package/lib/core/graph/builder/ConditionBuilder.d.ts +2 -1
- package/lib/core/graph/builder/ConditionBuilder.d.ts.map +1 -1
- package/lib/core/graph/builder/ConditionBuilder.js +7 -3
- package/lib/core/graph/builder/TrapBuilder.d.ts +19 -1
- package/lib/core/graph/builder/TrapBuilder.d.ts.map +1 -1
- package/lib/core/graph/builder/TrapBuilder.js +195 -68
- package/lib/core/model/ArkMethod.d.ts.map +1 -1
- package/lib/core/model/ArkMethod.js +3 -4
- package/lib/core/model/builder/ArkClassBuilder.d.ts.map +1 -1
- package/lib/core/model/builder/ArkClassBuilder.js +42 -21
- package/lib/core/model/builder/ArkImportBuilder.js +28 -25
- package/lib/core/model/builder/ArkMethodBuilder.d.ts.map +1 -1
- package/lib/core/model/builder/ArkMethodBuilder.js +1 -2
- package/lib/core/model/builder/builderUtils.d.ts.map +1 -1
- package/lib/core/model/builder/builderUtils.js +2 -1
- package/lib/index.d.ts +0 -1
- package/lib/index.d.ts.map +1 -1
- package/lib/index.js +2 -4
- package/lib/pass/Context.d.ts +47 -0
- package/lib/pass/Context.d.ts.map +1 -0
- package/lib/pass/Context.js +72 -0
- package/lib/pass/Dispatcher.d.ts +102 -0
- package/lib/pass/Dispatcher.d.ts.map +1 -0
- package/lib/pass/Dispatcher.js +202 -0
- package/lib/pass/Pass.d.ts +83 -0
- package/lib/pass/Pass.d.ts.map +1 -0
- package/lib/pass/Pass.js +95 -0
- package/lib/pass/ScenePassMgr.d.ts +73 -0
- package/lib/pass/ScenePassMgr.d.ts.map +1 -0
- package/lib/pass/ScenePassMgr.js +156 -0
- package/lib/pass/SceneValidator.d.ts +215 -0
- package/lib/pass/SceneValidator.d.ts.map +1 -0
- package/lib/pass/SceneValidator.js +339 -0
- package/lib/save/JsonPrinter.d.ts.map +1 -1
- package/lib/save/JsonPrinter.js +26 -102
- package/lib/save/arkir/ArkIRMethodPrinter.d.ts.map +1 -1
- package/lib/save/arkir/ArkIRMethodPrinter.js +13 -5
- package/lib/save/source/SourceStmt.d.ts +1 -0
- package/lib/save/source/SourceStmt.d.ts.map +1 -1
- package/lib/save/source/SourceStmt.js +13 -8
- package/lib/utils/FileUtils.d.ts.map +1 -1
- package/lib/utils/FileUtils.js +13 -6
- package/lib/utils/ValueAsserts.d.ts +9 -0
- package/lib/utils/ValueAsserts.d.ts.map +1 -0
- package/lib/utils/ValueAsserts.js +89 -0
- package/package.json +2 -2
- package/lib/callgraph/pointerAnalysis/Context.d.ts +0 -38
- package/lib/callgraph/pointerAnalysis/Context.d.ts.map +0 -1
- package/lib/callgraph/pointerAnalysis/Context.js +0 -154
|
@@ -57,7 +57,6 @@ const logger = logger_1.default.getLogger(logger_1.LOG_MODULE_TYPE.ARKANALYZER,
|
|
|
57
57
|
/*
|
|
58
58
|
* Implementation of pointer-to assignment graph for pointer analysis
|
|
59
59
|
*/
|
|
60
|
-
const DUMMY_PAG_NODE_ID = -1;
|
|
61
60
|
var PagEdgeKind;
|
|
62
61
|
(function (PagEdgeKind) {
|
|
63
62
|
PagEdgeKind[PagEdgeKind["Address"] = 0] = "Address";
|
|
@@ -398,8 +397,8 @@ class PagStaticFieldNode extends PagNode {
|
|
|
398
397
|
}
|
|
399
398
|
exports.PagStaticFieldNode = PagStaticFieldNode;
|
|
400
399
|
class PagThisRefNode extends PagNode {
|
|
401
|
-
constructor(id, thisRef) {
|
|
402
|
-
super(id,
|
|
400
|
+
constructor(id, cid = undefined, thisRef) {
|
|
401
|
+
super(id, cid, thisRef, PagNodeKind.ThisRef);
|
|
403
402
|
this.pointToNode = [];
|
|
404
403
|
}
|
|
405
404
|
getThisPTNode() {
|
|
@@ -498,8 +497,8 @@ class PagFuncNode extends PagNode {
|
|
|
498
497
|
getThisPt() {
|
|
499
498
|
return this.thisPt;
|
|
500
499
|
}
|
|
501
|
-
setCS(
|
|
502
|
-
this.originCallSite =
|
|
500
|
+
setCS(callSite) {
|
|
501
|
+
this.originCallSite = callSite;
|
|
503
502
|
}
|
|
504
503
|
getCS() {
|
|
505
504
|
return this.originCallSite;
|
|
@@ -673,7 +672,7 @@ class Pag extends BaseExplicitGraph_1.BaseExplicitGraph {
|
|
|
673
672
|
pagNode = new PagParamNode(id, cid, value, stmt);
|
|
674
673
|
}
|
|
675
674
|
else if (value instanceof Ref_1.ArkThisRef) {
|
|
676
|
-
|
|
675
|
+
pagNode = new PagThisRefNode(id, cid, value);
|
|
677
676
|
}
|
|
678
677
|
else {
|
|
679
678
|
throw new Error('unsupported Value type ' + value.getType().toString());
|
|
@@ -771,29 +770,6 @@ class Pag extends BaseExplicitGraph_1.BaseExplicitGraph {
|
|
|
771
770
|
}
|
|
772
771
|
this.contextBaseToIdMap.set(base, ctxMap);
|
|
773
772
|
}
|
|
774
|
-
/*
|
|
775
|
-
* This node has no context info
|
|
776
|
-
* but point to node info
|
|
777
|
-
*/
|
|
778
|
-
addPagThisRefNode(value) {
|
|
779
|
-
let id = this.nodeNum + 1;
|
|
780
|
-
let pagNode = new PagThisRefNode(id, value);
|
|
781
|
-
this.addNode(pagNode);
|
|
782
|
-
return pagNode;
|
|
783
|
-
}
|
|
784
|
-
addPagThisLocalNode(ptNode, value) {
|
|
785
|
-
let id = this.nodeNum + 1;
|
|
786
|
-
let pagNode = new PagLocalNode(id, ptNode, value);
|
|
787
|
-
this.addNode(pagNode);
|
|
788
|
-
return pagNode;
|
|
789
|
-
}
|
|
790
|
-
getOrNewThisRefNode(thisRefNodeID, value) {
|
|
791
|
-
if (thisRefNodeID !== -1) {
|
|
792
|
-
return this.getNode(thisRefNodeID);
|
|
793
|
-
}
|
|
794
|
-
let thisRefNode = this.addPagThisRefNode(value);
|
|
795
|
-
return thisRefNode;
|
|
796
|
-
}
|
|
797
773
|
getOrNewThisLocalNode(cid, ptNode, value, s) {
|
|
798
774
|
if (ptNode !== -1) {
|
|
799
775
|
return this.getNode(ptNode);
|
|
@@ -886,6 +862,7 @@ class Pag extends BaseExplicitGraph_1.BaseExplicitGraph {
|
|
|
886
862
|
break;
|
|
887
863
|
default:
|
|
888
864
|
}
|
|
865
|
+
this.edgeNum++;
|
|
889
866
|
return true;
|
|
890
867
|
}
|
|
891
868
|
getAddrEdges() {
|
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
import { CallGraph, CallSite, DynCallSite, FuncID, ICallSite } from '../model/CallGraph';
|
|
2
2
|
import { Scene } from '../../Scene';
|
|
3
3
|
import { Stmt } from '../../core/base/Stmt';
|
|
4
|
-
import { ArkThisRef } from '../../core/base/Ref';
|
|
5
4
|
import { Value } from '../../core/base/Value';
|
|
6
5
|
import { ArkMethod } from '../../core/model/ArkMethod';
|
|
7
6
|
import { Local } from '../../core/base/Local';
|
|
8
7
|
import { NodeID } from '../../core/graph/BaseExplicitGraph';
|
|
9
|
-
import { ContextID } from './Context';
|
|
10
8
|
import { FuncPag, InterFuncPag, Pag, PagNode, PagNodeType, StorageType } from './Pag';
|
|
11
9
|
import { IPtsCollection } from './PtsDS';
|
|
12
|
-
import {
|
|
10
|
+
import { PointerAnalysisConfig } from './PointerAnalysisConfig';
|
|
11
|
+
import { ContextID } from './context/Context';
|
|
12
|
+
import { ContextSelector } from './context/ContextSelector';
|
|
13
13
|
export declare class CSFuncID {
|
|
14
14
|
cid: ContextID;
|
|
15
15
|
funcID: FuncID;
|
|
@@ -22,15 +22,12 @@ export declare class PagBuilder {
|
|
|
22
22
|
private funcPags;
|
|
23
23
|
private interFuncPags?;
|
|
24
24
|
private handledFunc;
|
|
25
|
-
private
|
|
25
|
+
private ctxSelector;
|
|
26
26
|
private scene;
|
|
27
27
|
private worklist;
|
|
28
28
|
private pagStat;
|
|
29
29
|
private staticField2UniqInstanceMap;
|
|
30
30
|
private instanceField2UniqInstanceMap;
|
|
31
|
-
private cid2ThisRefPtMap;
|
|
32
|
-
private cid2ThisRefMap;
|
|
33
|
-
private cid2ThisLocalMap;
|
|
34
31
|
private sdkMethodReturnValueMap;
|
|
35
32
|
private methodParamValueMap;
|
|
36
33
|
private fakeSdkMethodParamDeclaringStmt;
|
|
@@ -42,7 +39,7 @@ export declare class PagBuilder {
|
|
|
42
39
|
private storagePropertyMap;
|
|
43
40
|
private externalScopeVariableMap;
|
|
44
41
|
private retriggerNodesList;
|
|
45
|
-
constructor(p: Pag, cg: CallGraph, s: Scene,
|
|
42
|
+
constructor(p: Pag, cg: CallGraph, s: Scene, config: PointerAnalysisConfig);
|
|
46
43
|
private buildFuncPagAndAddToWorklist;
|
|
47
44
|
private addToFuncHandledListThisRound;
|
|
48
45
|
buildForEntries(funcIDs: FuncID[]): void;
|
|
@@ -103,14 +100,7 @@ export declare class PagBuilder {
|
|
|
103
100
|
private addSDKMethodReturnPagEdge;
|
|
104
101
|
private addSDKMethodParamPagEdge;
|
|
105
102
|
getOrNewPagNode(cid: ContextID, v: PagNodeType, s?: Stmt): PagNode;
|
|
106
|
-
/**
|
|
107
|
-
* return ThisRef PAG node according to cid, a cid has a unique ThisRef node
|
|
108
|
-
* @param cid: current contextID
|
|
109
|
-
*/
|
|
110
|
-
getOrNewThisRefNode(cid: ContextID, v: ArkThisRef): PagNode;
|
|
111
|
-
getOrNewThisLoalNode(cid: ContextID, v: Local, s?: Stmt): PagNode;
|
|
112
103
|
getOrNewGlobalThisNode(cid: ContextID): PagNode;
|
|
113
|
-
getUniqThisLocalNode(cid: ContextID): NodeID | undefined;
|
|
114
104
|
/**
|
|
115
105
|
* search the storage map to get propertyNode with given storage and propertyFieldName
|
|
116
106
|
* @param storage storage type: AppStorage, LocalStorage etc.
|
|
@@ -194,5 +184,6 @@ export declare class PagBuilder {
|
|
|
194
184
|
getUpdatedNodes(): Map<number, IPtsCollection<number>>;
|
|
195
185
|
resetUpdatedNodes(): void;
|
|
196
186
|
private transferArrayValues;
|
|
187
|
+
getContextSelector(): ContextSelector;
|
|
197
188
|
}
|
|
198
189
|
//# sourceMappingURL=PagBuilder.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PagBuilder.d.ts","sourceRoot":"","sources":["../../../src/callgraph/pointerAnalysis/PagBuilder.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,SAAS,EAAoC,QAAQ,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC3H,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACpC,OAAO,EAA+C,IAAI,EAAE,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"PagBuilder.d.ts","sourceRoot":"","sources":["../../../src/callgraph/pointerAnalysis/PagBuilder.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,SAAS,EAAoC,QAAQ,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC3H,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACpC,OAAO,EAA+C,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAWzF,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AAEvD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,oCAAoC,CAAC;AAM5D,OAAO,EACH,OAAO,EACP,YAAY,EAGZ,GAAG,EAMH,OAAO,EACP,WAAW,EAGX,WAAW,EACd,MAAM,OAAO,CAAC;AAEf,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAEzC,OAAO,EAAe,qBAAqB,EAAoB,MAAM,yBAAyB,CAAC;AAC/F,OAAO,EAAE,SAAS,EAAa,MAAM,mBAAmB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAgF,MAAM,2BAA2B,CAAC;AAI1I,qBAAa,QAAQ;IACV,GAAG,EAAE,SAAS,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;gBAEV,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,MAAM;CAI1C;AAED,qBAAa,UAAU;IACnB,OAAO,CAAC,GAAG,CAAM;IACjB,OAAO,CAAC,EAAE,CAAY;IACtB,OAAO,CAAC,KAAK,CAAmB;IAChC,OAAO,CAAC,QAAQ,CAAuB;IACvC,OAAO,CAAC,aAAa,CAAC,CAA4B;IAClD,OAAO,CAAC,WAAW,CAA0B;IAC7C,OAAO,CAAC,WAAW,CAAkB;IACrC,OAAO,CAAC,KAAK,CAAQ;IACrB,OAAO,CAAC,QAAQ,CAAkB;IAClC,OAAO,CAAC,OAAO,CAAU;IAEzB,OAAO,CAAC,2BAA2B,CAAiC;IACpE,OAAO,CAAC,6BAA6B,CAAiC;IACtE,OAAO,CAAC,uBAAuB,CAAyD;IAExF,OAAO,CAAC,mBAAmB,CAA8C;IACzE,OAAO,CAAC,+BAA+B,CAAyD;IAChG,OAAO,CAAC,oBAAoB,CAA0B;IACtD,OAAO,CAAC,qBAAqB,CAAkD;IAC/E,OAAO,CAAC,gBAAgB,CAAmC;IAC3D,OAAO,CAAC,eAAe,CAAsC;IAC7D,OAAO,CAAC,iBAAiB,CAAC,CAAoB;IAC9C,OAAO,CAAC,kBAAkB,CAAmD;IAC7E,OAAO,CAAC,wBAAwB,CAAkC;IAClE,OAAO,CAAC,kBAAkB,CAA0B;gBAExC,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,qBAAqB;IAyB1E,OAAO,CAAC,4BAA4B;IAcpC,OAAO,CAAC,6BAA6B;IAQ9B,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,IAAI;IAaxC,eAAe,IAAI,OAAO;IAe1B,KAAK,IAAI,IAAI;IAUb,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IA4C5C,OAAO,CAAC,qBAAqB;IA2B7B,OAAO,CAAC,yBAAyB;IAejC;;OAEG;IACH,OAAO,CAAC,eAAe;IAWvB,OAAO,CAAC,qBAAqB;IAqC7B,OAAO,CAAC,wBAAwB;IAezB,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,GAAG,IAAI;IAsBzD,mBAAmB,CAAC,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO;IAqC9E,wBAAwB,CAAC,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,SAAS,GAAG,OAAO;IA4CnE,kBAAkB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,GAAG,IAAI;IA+C1E,kBAAkB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,IAAI;IAgC1D,kBAAkB,CAAC,EAAE,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,GAAG,MAAM,EAAE;IA8C3F;;;OAGG;IACH,OAAO,CAAC,gBAAgB;IAyDjB,8BAA8B,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,GAAG,MAAM,EAAE;IAiClI;;OAEG;IACI,+BAA+B,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,GAAG,MAAM,EAAE;IAmDnI,OAAO,CAAC,2BAA2B;IAiCnC,OAAO,CAAC,kBAAkB;IAa1B,OAAO,CAAC,mBAAmB;IAkB3B,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,WAAW;IAUnB,OAAO,CAAC,iBAAiB;IAclB,uBAAuB,CAAC,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,SAAS,GAAG,MAAM,EAAE;IAsDlE,0BAA0B,CAAC,kBAAkB,EAAE,GAAG,CAAC,WAAW,CAAC,GAAG,MAAM,EAAE;IAmCjF,OAAO,CAAC,kBAAkB;IAiC1B,OAAO,CAAC,iBAAiB;IAwBlB,oBAAoB,CAAC,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,MAAM,EAAE;IA2ClH;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA6C3B;;;;OAIG;IACH,OAAO,CAAC,sBAAsB;IA6B9B;;OAEG;IACI,oBAAoB,CAAC,YAAY,EAAE,SAAS,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,GAAG,MAAM,EAAE;IA4BnH,0BAA0B,CAAC,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,GAAG,MAAM,EAAE;IAkBrG,OAAO,CAAC,uBAAuB;IAwB/B,OAAO,CAAC,yBAAyB;IA6BjC,OAAO,CAAC,wBAAwB;IAwDzB,eAAe,CAAC,GAAG,EAAE,SAAS,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,EAAE,IAAI,GAAG,OAAO;IAclE,sBAAsB,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO;IAItD;;;;;OAKG;IACI,oBAAoB,CAAC,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO;IAerF,eAAe,CAAC,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,GAAG,SAAS;IAmBnG;;;;;OAKG;IACI,mBAAmB,CAAC,YAAY,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IA6BpH,kBAAkB,CAAC,CAAC,EAAE,KAAK,GAAG,KAAK;IAkC1C;;;OAGG;IACI,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IA6BnD,OAAO,CAAC,gBAAgB;IA2CxB,OAAO,CAAC,UAAU;IAyBX,kBAAkB,IAAI,KAAK;IAIlC,OAAO,CAAC,wBAAwB;IAoBhC;;;OAGG;IACH,OAAO,CAAC,cAAc;IA4BtB,OAAO,CAAC,yBAAyB;IAajC,OAAO,CAAC,kBAAkB;IAkB1B,OAAO,CAAC,kBAAkB;IAiB1B,OAAO,CAAC,iBAAiB;IAgBzB,OAAO,CAAC,iBAAiB;IA2BzB,OAAO,CAAC,eAAe;IAavB;;;;;;;;;;;OAWG;IACH,OAAO,CAAC,cAAc;IAmBtB;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAmB9B,OAAO,CAAC,cAAc;IAetB,OAAO,CAAC,eAAe;IAUvB,OAAO,CAAC,cAAc;IAUf,oBAAoB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,WAAW,GAAG,IAAI;IAO7D,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,cAAc,CAAC,MAAM,CAAC,GAAG,SAAS,GAAG,IAAI;IAQzE,gBAAgB,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,GAAG,KAAK;IAqBrD,MAAM,IAAI,IAAI;IAId,SAAS,IAAI,IAAI;IAIjB,OAAO,IAAI,MAAM;IAIjB,iBAAiB,IAAI,MAAM,EAAE;IAQ7B,eAAe,IAAI,MAAM,EAAE;IAIlC;;;;;OAKG;IACH,OAAO,CAAC,4BAA4B;IAyBpC,OAAO,CAAC,gBAAgB;IA8BxB,OAAO,CAAC,+BAA+B;IAWvC,OAAO,CAAC,2BAA2B;IA2BnC,OAAO,CAAC,oBAAoB;IAwB5B,OAAO,CAAC,oBAAoB;IAQrB,oBAAoB,CAAC,GAAG,EAAE,KAAK,GAAG,KAAK,EAAE;IAKzC,wBAAwB,CAAC,YAAY,EAAE,YAAY,EAAE,GAAG,EAAE,SAAS,GAAG,OAAO;IAsB7E,iBAAiB,IAAI,MAAM,EAAE;IAM7B,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI;IAOpE,eAAe,IAAI,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IAItD,iBAAiB,IAAI,IAAI;IAIhC,OAAO,CAAC,mBAAmB;IAsBpB,kBAAkB,IAAI,eAAe;CAG/C"}
|
|
@@ -47,11 +47,12 @@ const Local_1 = require("../../core/base/Local");
|
|
|
47
47
|
const Type_1 = require("../../core/base/Type");
|
|
48
48
|
const Constant_1 = require("../../core/base/Constant");
|
|
49
49
|
const Statistics_1 = require("../common/Statistics");
|
|
50
|
-
const Context_1 = require("./Context");
|
|
51
50
|
const Pag_1 = require("./Pag");
|
|
52
51
|
const TSConst_1 = require("../../core/common/TSConst");
|
|
53
52
|
const PTAUtils_1 = require("./PTAUtils");
|
|
54
53
|
const PointerAnalysisConfig_1 = require("./PointerAnalysisConfig");
|
|
54
|
+
const Context_1 = require("./context/Context");
|
|
55
|
+
const ContextSelector_1 = require("./context/ContextSelector");
|
|
55
56
|
const logger = logger_1.default.getLogger(logger_1.LOG_MODULE_TYPE.ARKANALYZER, 'PTA');
|
|
56
57
|
class CSFuncID {
|
|
57
58
|
constructor(cid, fid) {
|
|
@@ -61,15 +62,12 @@ class CSFuncID {
|
|
|
61
62
|
}
|
|
62
63
|
exports.CSFuncID = CSFuncID;
|
|
63
64
|
class PagBuilder {
|
|
64
|
-
constructor(p, cg, s,
|
|
65
|
+
constructor(p, cg, s, config) {
|
|
65
66
|
this.handledFunc = new Set();
|
|
66
67
|
this.worklist = [];
|
|
67
68
|
// TODO: change string to hash value
|
|
68
69
|
this.staticField2UniqInstanceMap = new Map();
|
|
69
70
|
this.instanceField2UniqInstanceMap = new Map();
|
|
70
|
-
this.cid2ThisRefPtMap = new Map();
|
|
71
|
-
this.cid2ThisRefMap = new Map();
|
|
72
|
-
this.cid2ThisLocalMap = new Map();
|
|
73
71
|
this.sdkMethodReturnValueMap = new Map();
|
|
74
72
|
// record the SDK API param, and create fake Values
|
|
75
73
|
this.methodParamValueMap = new Map();
|
|
@@ -83,11 +81,25 @@ class PagBuilder {
|
|
|
83
81
|
this.retriggerNodesList = new Set();
|
|
84
82
|
this.pag = p;
|
|
85
83
|
this.cg = cg;
|
|
86
|
-
this.scale =
|
|
84
|
+
this.scale = config.analysisScale;
|
|
87
85
|
this.funcPags = new Map();
|
|
88
|
-
this.ctx = new Context_1.KLimitedContextSensitive(kLimit);
|
|
89
86
|
this.scene = s;
|
|
90
87
|
this.pagStat = new Statistics_1.PAGStat();
|
|
88
|
+
let kLimit = config.kLimit;
|
|
89
|
+
switch (config.contextType) {
|
|
90
|
+
case PointerAnalysisConfig_1.ContextType.CallSite:
|
|
91
|
+
this.ctxSelector = new ContextSelector_1.KCallSiteContextSelector(kLimit);
|
|
92
|
+
break;
|
|
93
|
+
case PointerAnalysisConfig_1.ContextType.Obj:
|
|
94
|
+
this.ctxSelector = new ContextSelector_1.KObjContextSelector(kLimit);
|
|
95
|
+
break;
|
|
96
|
+
case PointerAnalysisConfig_1.ContextType.Func:
|
|
97
|
+
this.ctxSelector = new ContextSelector_1.KFuncContextSelector(kLimit);
|
|
98
|
+
break;
|
|
99
|
+
default:
|
|
100
|
+
this.ctxSelector = new ContextSelector_1.KCallSiteContextSelector(kLimit);
|
|
101
|
+
break;
|
|
102
|
+
}
|
|
91
103
|
}
|
|
92
104
|
buildFuncPagAndAddToWorklist(cs) {
|
|
93
105
|
if (this.worklist.includes(cs)) {
|
|
@@ -109,12 +121,12 @@ class PagBuilder {
|
|
|
109
121
|
buildForEntries(funcIDs) {
|
|
110
122
|
this.worklist = [];
|
|
111
123
|
funcIDs.forEach(funcID => {
|
|
112
|
-
let cid = this.
|
|
124
|
+
let cid = this.ctxSelector.emptyContext(funcID);
|
|
113
125
|
let csFuncID = new CSFuncID(cid, funcID);
|
|
114
126
|
this.buildFuncPagAndAddToWorklist(csFuncID);
|
|
115
127
|
});
|
|
116
128
|
this.handleReachable();
|
|
117
|
-
this.globalThisPagNode = this.getOrNewGlobalThisNode(
|
|
129
|
+
this.globalThisPagNode = this.getOrNewGlobalThisNode(ContextSelector_1.emptyID);
|
|
118
130
|
this.pag.addPagEdge(this.globalThisPagNode, this.globalThisPagNode, Pag_1.PagEdgeKind.Copy);
|
|
119
131
|
}
|
|
120
132
|
handleReachable() {
|
|
@@ -131,7 +143,7 @@ class PagBuilder {
|
|
|
131
143
|
}
|
|
132
144
|
build() {
|
|
133
145
|
for (let funcID of this.cg.getEntries()) {
|
|
134
|
-
let cid = this.
|
|
146
|
+
let cid = this.ctxSelector.emptyContext(funcID);
|
|
135
147
|
let csFuncID = new CSFuncID(cid, funcID);
|
|
136
148
|
this.buildFuncPagAndAddToWorklist(csFuncID);
|
|
137
149
|
this.handleReachable();
|
|
@@ -193,12 +205,12 @@ class PagBuilder {
|
|
|
193
205
|
});
|
|
194
206
|
return;
|
|
195
207
|
}
|
|
196
|
-
let dycs = this.cg.
|
|
208
|
+
let dycs = this.cg.getDynCallSiteByStmt(stmt);
|
|
197
209
|
if (dycs) {
|
|
198
210
|
this.addToDynamicCallSite(fpag, dycs);
|
|
199
211
|
}
|
|
200
212
|
else {
|
|
201
|
-
logger.error(`can not find
|
|
213
|
+
logger.error(`can not find callSite by stmt: ${stmt.toString()}`);
|
|
202
214
|
}
|
|
203
215
|
}
|
|
204
216
|
processExternalScopeValue(value, funcID) {
|
|
@@ -324,8 +336,9 @@ class PagBuilder {
|
|
|
324
336
|
addCallsEdgesFromFuncPag(funcPag, cid) {
|
|
325
337
|
for (let cs of funcPag.getNormalCallSites()) {
|
|
326
338
|
let ivkExpr = cs.callStmt.getInvokeExpr();
|
|
327
|
-
|
|
328
|
-
let
|
|
339
|
+
const calleeFuncID = cs.getCalleeFuncID();
|
|
340
|
+
let calleeCid = this.ctxSelector.selectContext(cid, cs, ContextSelector_1.emptyID, calleeFuncID);
|
|
341
|
+
let calleeCGNode = this.cg.getNode(calleeFuncID);
|
|
329
342
|
if (this.scale === PointerAnalysisConfig_1.PtaAnalysisScale.MethodLevel) {
|
|
330
343
|
this.addStaticPagCallReturnEdge(cs, cid, calleeCid);
|
|
331
344
|
}
|
|
@@ -338,19 +351,24 @@ class PagBuilder {
|
|
|
338
351
|
if (calleeCGNode.getKind() === CallGraph_1.CallGraphNodeKind.constructor || calleeCGNode.getKind() === CallGraph_1.CallGraphNodeKind.intrinsic) {
|
|
339
352
|
let callee = this.scene.getMethod(this.cg.getMethodByFuncID(cs.calleeFuncID));
|
|
340
353
|
if (ivkExpr instanceof Expr_1.ArkInstanceInvokeExpr) {
|
|
341
|
-
|
|
342
|
-
let baseNodeID = baseNode.getID();
|
|
343
|
-
this.addThisRefCallEdge(baseNodeID, cid, ivkExpr.getBase(), callee, calleeCid, cs.callerFuncID);
|
|
354
|
+
this.addThisRefCallEdge(cid, ivkExpr.getBase(), callee, calleeCid, cs.callerFuncID);
|
|
344
355
|
}
|
|
345
356
|
else {
|
|
346
357
|
logger.error(`constructor or intrinsic func is static ${ivkExpr.toString()}`);
|
|
347
358
|
}
|
|
348
359
|
}
|
|
360
|
+
const callerMethod = this.cg.getArkMethodByFuncID(cs.callerFuncID);
|
|
361
|
+
const calleeMethod = this.cg.getArkMethodByFuncID(calleeFuncID);
|
|
362
|
+
if (!callerMethod || !calleeMethod) {
|
|
363
|
+
logger.error(`can not find caller or callee method by funcID ${cs.callerFuncID} ${calleeFuncID}`);
|
|
364
|
+
return false;
|
|
365
|
+
}
|
|
366
|
+
this.cg.addDirectOrSpecialCallEdge(callerMethod.getSignature(), calleeMethod.getSignature(), cs.callStmt);
|
|
349
367
|
}
|
|
350
368
|
return true;
|
|
351
369
|
}
|
|
352
370
|
addDynamicCallSite(funcPag, funcID, cid) {
|
|
353
|
-
// add dyn
|
|
371
|
+
// add dyn callSite in funcpag to base node
|
|
354
372
|
for (let cs of funcPag.getDynamicCallSites()) {
|
|
355
373
|
let invokeExpr = cs.callStmt.getInvokeExpr();
|
|
356
374
|
let base;
|
|
@@ -443,8 +461,8 @@ class PagBuilder {
|
|
|
443
461
|
if (this.cg.detectReachable(dstCGNode.getID(), callerNode.getID())) {
|
|
444
462
|
return srcNodes;
|
|
445
463
|
}
|
|
446
|
-
let
|
|
447
|
-
let
|
|
464
|
+
let staticCS = this.cg.getCallSiteManager().cloneCallSiteFromDyn(cs, dstCGNode.getID());
|
|
465
|
+
let calleeCid = this.ctxSelector.selectContext(cid, staticCS, baseClassPTNode, dstCGNode.getID());
|
|
448
466
|
if (this.scale === PointerAnalysisConfig_1.PtaAnalysisScale.MethodLevel) {
|
|
449
467
|
srcNodes.push(...this.addStaticPagCallReturnEdge(staticCS, baseClassPTNode, calleeCid));
|
|
450
468
|
continue;
|
|
@@ -522,7 +540,7 @@ class PagBuilder {
|
|
|
522
540
|
srcNodes.push(...this.addStaticPagCallEdge(staticCS, cid, calleeCid, ptNode));
|
|
523
541
|
// Pass base's pts to callee's this pointer
|
|
524
542
|
if (!dstCGNode.isSdkMethod() && ivkExpr instanceof Expr_1.ArkInstanceInvokeExpr) {
|
|
525
|
-
let srcBaseNode = this.addThisRefCallEdge(
|
|
543
|
+
let srcBaseNode = this.addThisRefCallEdge(cid, ivkExpr.getBase(), callee, calleeCid, staticCS.callerFuncID);
|
|
526
544
|
if (srcBaseNode !== -1) {
|
|
527
545
|
srcNodes.push(srcBaseNode);
|
|
528
546
|
}
|
|
@@ -536,7 +554,7 @@ class PagBuilder {
|
|
|
536
554
|
if (!(thisValue instanceof Local_1.Local)) {
|
|
537
555
|
return srcNodes;
|
|
538
556
|
}
|
|
539
|
-
this.addThisRefCallEdge(
|
|
557
|
+
this.addThisRefCallEdge(ptNode.getOriginCid(), thisValue, callee, calleeCid, staticCS.callerFuncID);
|
|
540
558
|
}
|
|
541
559
|
return srcNodes;
|
|
542
560
|
}
|
|
@@ -576,7 +594,7 @@ class PagBuilder {
|
|
|
576
594
|
break;
|
|
577
595
|
case PTAUtils_1.BuiltApiType.FunctionBind:
|
|
578
596
|
/**
|
|
579
|
-
* clone the function node and add the this pointer, origin
|
|
597
|
+
* clone the function node and add the this pointer, origin callSite, args offset to it
|
|
580
598
|
* let f = function.bind(thisArg, arg1, arg2, ...)
|
|
581
599
|
* f();
|
|
582
600
|
*/
|
|
@@ -616,7 +634,7 @@ class PagBuilder {
|
|
|
616
634
|
handleFunctionCall(staticCS, cid, calleeCid, realCallee, srcNodes, baseClassPTNode) {
|
|
617
635
|
this.buildFuncPagAndAddToWorklist(new CSFuncID(calleeCid, staticCS.calleeFuncID));
|
|
618
636
|
srcNodes.push(...this.addCallParamPagEdge(realCallee, staticCS.args, staticCS.callStmt, cid, calleeCid, 1));
|
|
619
|
-
this.addThisEdge(staticCS, cid, realCallee, srcNodes,
|
|
637
|
+
this.addThisEdge(staticCS, cid, realCallee, srcNodes, calleeCid);
|
|
620
638
|
}
|
|
621
639
|
handleFunctionApply(staticCS, cid, calleeCid, realCallee, srcNodes, baseClassPTNode) {
|
|
622
640
|
this.buildFuncPagAndAddToWorklist(new CSFuncID(calleeCid, staticCS.calleeFuncID));
|
|
@@ -626,7 +644,7 @@ class PagBuilder {
|
|
|
626
644
|
}
|
|
627
645
|
let argsRealValues = this.transferArrayValues(callerMethod, staticCS.args[1]);
|
|
628
646
|
srcNodes.push(...this.addCallParamPagEdge(realCallee, argsRealValues, staticCS.callStmt, cid, calleeCid, 0));
|
|
629
|
-
this.addThisEdge(staticCS, cid, realCallee, srcNodes,
|
|
647
|
+
this.addThisEdge(staticCS, cid, realCallee, srcNodes, calleeCid);
|
|
630
648
|
}
|
|
631
649
|
handleFunctionBind(staticCS, cid, baseClassPTNode, srcNodes) {
|
|
632
650
|
let srcNode = this.pag.getOrClonePagFuncNode(baseClassPTNode);
|
|
@@ -641,9 +659,9 @@ class PagBuilder {
|
|
|
641
659
|
srcNode.setArgsOffset(1);
|
|
642
660
|
srcNode.setOriginCid(cid);
|
|
643
661
|
}
|
|
644
|
-
addThisEdge(staticCS, cid, realCallee, srcNodes,
|
|
662
|
+
addThisEdge(staticCS, cid, realCallee, srcNodes, calleeCid) {
|
|
645
663
|
if (!(staticCS.args[0] instanceof Constant_1.NullConstant) && !realCallee.isStatic()) {
|
|
646
|
-
let srcNodeID = this.addThisRefCallEdge(
|
|
664
|
+
let srcNodeID = this.addThisRefCallEdge(cid, staticCS.args[0], realCallee, calleeCid, staticCS.callerFuncID);
|
|
647
665
|
if (srcNodeID !== -1) {
|
|
648
666
|
srcNodes.push(srcNodeID);
|
|
649
667
|
}
|
|
@@ -701,8 +719,8 @@ class PagBuilder {
|
|
|
701
719
|
logger.warn(`\tAdd call edge of unknown call ${callee.getSignature().toString()}`);
|
|
702
720
|
this.cg.addDynamicCallEdge(callerNode.getID(), dstCGNode.getID(), cs.callStmt);
|
|
703
721
|
if (!this.cg.detectReachable(dstCGNode.getID(), callerNode.getID())) {
|
|
704
|
-
let
|
|
705
|
-
let
|
|
722
|
+
let staticCS = this.cg.getCallSiteManager().cloneCallSiteFromDyn(cs, dstCGNode.getID());
|
|
723
|
+
let calleeCid = this.ctxSelector.selectContext(cid, staticCS, ContextSelector_1.emptyID, staticCS.calleeFuncID);
|
|
706
724
|
let staticSrcNodes = this.addStaticPagCallEdge(staticCS, cid, calleeCid);
|
|
707
725
|
srcNodes.push(...staticSrcNodes);
|
|
708
726
|
}
|
|
@@ -740,8 +758,8 @@ class PagBuilder {
|
|
|
740
758
|
}
|
|
741
759
|
return reAnalyzeNodes;
|
|
742
760
|
}
|
|
743
|
-
addThisRefCallEdge(
|
|
744
|
-
let thisRefNodeID = this.recordThisRefNode(
|
|
761
|
+
addThisRefCallEdge(cid, baseLocal, callee, calleeCid, callerFunID) {
|
|
762
|
+
let thisRefNodeID = this.recordThisRefNode(callee, calleeCid);
|
|
745
763
|
if (thisRefNodeID === -1) {
|
|
746
764
|
return -1;
|
|
747
765
|
}
|
|
@@ -763,7 +781,7 @@ class PagBuilder {
|
|
|
763
781
|
this.pag.addPagEdge(this.pag.getNode(srcNodeId), thisRefNode, Pag_1.PagEdgeKind.This);
|
|
764
782
|
return srcNodeId;
|
|
765
783
|
}
|
|
766
|
-
recordThisRefNode(
|
|
784
|
+
recordThisRefNode(callee, calleeCid) {
|
|
767
785
|
var _a;
|
|
768
786
|
if (!callee || !callee.getCfg()) {
|
|
769
787
|
logger.error(`callee is null`);
|
|
@@ -775,21 +793,18 @@ class PagBuilder {
|
|
|
775
793
|
if (!thisPtr) {
|
|
776
794
|
throw new Error('Can not get this ptr');
|
|
777
795
|
}
|
|
778
|
-
|
|
779
|
-
this.cid2ThisRefPtMap.set(calleeCid, baseClassPTNode);
|
|
780
|
-
let thisRefNode = this.getOrNewThisRefNode(calleeCid, thisPtr);
|
|
781
|
-
thisRefNode.addPTNode(baseClassPTNode);
|
|
796
|
+
let thisRefNode = this.getOrNewPagNode(calleeCid, thisPtr);
|
|
782
797
|
return thisRefNode.getID();
|
|
783
798
|
}
|
|
784
799
|
/*
|
|
785
800
|
* Add copy edges from arguments to parameters
|
|
786
|
-
* ret edges from return values to
|
|
801
|
+
* ret edges from return values to callSite
|
|
787
802
|
* Return src node
|
|
788
803
|
*/
|
|
789
804
|
addStaticPagCallEdge(cs, callerCid, calleeCid, ptNode) {
|
|
790
805
|
var _a, _b, _c, _d;
|
|
791
806
|
if (!calleeCid) {
|
|
792
|
-
calleeCid = this.
|
|
807
|
+
calleeCid = this.ctxSelector.selectContext(callerCid, cs, ptNode ? ptNode.getID() : ContextSelector_1.emptyID, cs.calleeFuncID);
|
|
793
808
|
}
|
|
794
809
|
let srcNodes = [];
|
|
795
810
|
// Add reachable
|
|
@@ -924,7 +939,7 @@ class PagBuilder {
|
|
|
924
939
|
}
|
|
925
940
|
addStaticPagCallReturnEdge(cs, callerCid, calleeCid) {
|
|
926
941
|
if (!calleeCid) {
|
|
927
|
-
calleeCid = this.
|
|
942
|
+
calleeCid = this.ctxSelector.selectContext(callerCid, cs, ContextSelector_1.emptyID, cs.calleeFuncID);
|
|
928
943
|
}
|
|
929
944
|
let srcNodes = [];
|
|
930
945
|
// Add reachable
|
|
@@ -1019,7 +1034,7 @@ class PagBuilder {
|
|
|
1019
1034
|
dstPagNode.setSdkParam();
|
|
1020
1035
|
let sdkParamInvokeStmt = new Stmt_1.ArkInvokeStmt(new Expr_1.ArkPtrInvokeExpr(arg.getType().getMethodSignature(), paramValue, []));
|
|
1021
1036
|
// create new DynCallSite
|
|
1022
|
-
let sdkParamCallSite =
|
|
1037
|
+
let sdkParamCallSite = this.cg.getCallSiteManager().newDynCallSite(sdkParamInvokeStmt, undefined, undefined, funcID);
|
|
1023
1038
|
dstPagNode.addRelatedDynCallSite(sdkParamCallSite);
|
|
1024
1039
|
}
|
|
1025
1040
|
this.pag.addPagEdge(srcPagNode, dstPagNode, Pag_1.PagEdgeKind.Copy, cs.callStmt);
|
|
@@ -1028,55 +1043,19 @@ class PagBuilder {
|
|
|
1028
1043
|
return srcNodes;
|
|
1029
1044
|
}
|
|
1030
1045
|
getOrNewPagNode(cid, v, s) {
|
|
1031
|
-
if (v instanceof Ref_1.ArkThisRef) {
|
|
1032
|
-
return this.getOrNewThisRefNode(cid, v);
|
|
1033
|
-
}
|
|
1034
|
-
// this local is also not uniq!!!
|
|
1035
|
-
// remove below block once this issue fixed
|
|
1036
1046
|
// globalThis process can not be removed while all `globalThis` ref is the same Value
|
|
1037
|
-
if (v instanceof Local_1.Local) {
|
|
1038
|
-
|
|
1039
|
-
|
|
1040
|
-
}
|
|
1041
|
-
else if (v.getName() === TSConst_1.GLOBAL_THIS_NAME && v.getDeclaringStmt() == null) {
|
|
1042
|
-
// globalThis node has no cid
|
|
1043
|
-
return this.getOrNewGlobalThisNode(-1);
|
|
1044
|
-
}
|
|
1047
|
+
if (v instanceof Local_1.Local && v.getName() === TSConst_1.GLOBAL_THIS_NAME && v.getDeclaringStmt() == null) {
|
|
1048
|
+
// globalThis node has no cid
|
|
1049
|
+
return this.getOrNewGlobalThisNode(-1);
|
|
1045
1050
|
}
|
|
1046
1051
|
if (v instanceof Ref_1.ArkInstanceFieldRef || v instanceof Ref_1.ArkStaticFieldRef) {
|
|
1047
1052
|
v = this.getRealInstanceRef(v);
|
|
1048
1053
|
}
|
|
1049
1054
|
return this.pag.getOrNewNode(cid, v, s);
|
|
1050
1055
|
}
|
|
1051
|
-
/**
|
|
1052
|
-
* return ThisRef PAG node according to cid, a cid has a unique ThisRef node
|
|
1053
|
-
* @param cid: current contextID
|
|
1054
|
-
*/
|
|
1055
|
-
getOrNewThisRefNode(cid, v) {
|
|
1056
|
-
let thisRefNodeID = this.cid2ThisRefMap.get(cid);
|
|
1057
|
-
if (!thisRefNodeID) {
|
|
1058
|
-
thisRefNodeID = -1;
|
|
1059
|
-
}
|
|
1060
|
-
let thisRefNode = this.pag.getOrNewThisRefNode(thisRefNodeID, v);
|
|
1061
|
-
this.cid2ThisRefMap.set(cid, thisRefNode.getID());
|
|
1062
|
-
return thisRefNode;
|
|
1063
|
-
}
|
|
1064
|
-
// TODO: remove it once this local not uniq issue is fixed
|
|
1065
|
-
getOrNewThisLoalNode(cid, v, s) {
|
|
1066
|
-
let thisLocalNodeID = this.cid2ThisLocalMap.get(cid);
|
|
1067
|
-
if (thisLocalNodeID) {
|
|
1068
|
-
return this.pag.getNode(thisLocalNodeID);
|
|
1069
|
-
}
|
|
1070
|
-
let thisNode = this.pag.getOrNewNode(cid, v, s);
|
|
1071
|
-
this.cid2ThisLocalMap.set(cid, thisNode.getID());
|
|
1072
|
-
return thisNode;
|
|
1073
|
-
}
|
|
1074
1056
|
getOrNewGlobalThisNode(cid) {
|
|
1075
1057
|
return this.pag.getOrNewNode(cid, this.getGlobalThisValue());
|
|
1076
1058
|
}
|
|
1077
|
-
getUniqThisLocalNode(cid) {
|
|
1078
|
-
return this.cid2ThisLocalMap.get(cid);
|
|
1079
|
-
}
|
|
1080
1059
|
/**
|
|
1081
1060
|
* search the storage map to get propertyNode with given storage and propertyFieldName
|
|
1082
1061
|
* @param storage storage type: AppStorage, LocalStorage etc.
|
|
@@ -1475,7 +1454,7 @@ class PagBuilder {
|
|
|
1475
1454
|
var _a;
|
|
1476
1455
|
funcPag.addDynamicCallSite(cs);
|
|
1477
1456
|
this.pagStat.numDynamicCall++;
|
|
1478
|
-
logger.trace('[add dynamic
|
|
1457
|
+
logger.trace('[add dynamic callSite] ' + cs.callStmt.toString() + ': ' + ((_a = cs.callStmt.getCfg()) === null || _a === void 0 ? void 0 : _a.getDeclaringMethod().getSignature().toString()));
|
|
1479
1458
|
}
|
|
1480
1459
|
setPtForNode(node, pts) {
|
|
1481
1460
|
if (!pts) {
|
|
@@ -1571,7 +1550,7 @@ class PagBuilder {
|
|
|
1571
1550
|
let srcFunc = (_c = src.getDeclaringStmt()) === null || _c === void 0 ? void 0 : _c.getCfg().getDeclaringMethod();
|
|
1572
1551
|
if (srcFunc) {
|
|
1573
1552
|
let srcFuncID = this.cg.getCallGraphNodeByMethod(srcFunc.getSignature()).getID();
|
|
1574
|
-
let cid = this.
|
|
1553
|
+
let cid = this.ctxSelector.emptyContext(funcID);
|
|
1575
1554
|
let csFuncID = new CSFuncID(cid, srcFuncID);
|
|
1576
1555
|
this.buildFuncPagAndAddToWorklist(csFuncID);
|
|
1577
1556
|
}
|
|
@@ -1696,5 +1675,8 @@ class PagBuilder {
|
|
|
1696
1675
|
});
|
|
1697
1676
|
return usedValuesInArray;
|
|
1698
1677
|
}
|
|
1678
|
+
getContextSelector() {
|
|
1679
|
+
return this.ctxSelector;
|
|
1680
|
+
}
|
|
1699
1681
|
}
|
|
1700
1682
|
exports.PagBuilder = PagBuilder;
|
|
@@ -25,6 +25,7 @@ export declare class PointerAnalysis extends AbstractAnalysis {
|
|
|
25
25
|
start(): void;
|
|
26
26
|
private postProcess;
|
|
27
27
|
getPTD(): DiffPTData<NodeID, NodeID, IPtsCollection<NodeID>>;
|
|
28
|
+
getPag(): Pag;
|
|
28
29
|
getStat(): string;
|
|
29
30
|
protected preProcessMethod(funcID: FuncID): CallSite[];
|
|
30
31
|
setEntries(fIds: FuncID[]): void;
|
|
@@ -47,7 +48,7 @@ export declare class PointerAnalysis extends AbstractAnalysis {
|
|
|
47
48
|
private propagate;
|
|
48
49
|
/**
|
|
49
50
|
* 1. 记录被更新的节点(记录cid, nodeid)
|
|
50
|
-
* 2. ( PAGLocalNode记录
|
|
51
|
+
* 2. ( PAGLocalNode记录callSite(cid, value唯一)),通过1种的nodeID查询Node,拿到CallSite
|
|
51
52
|
* 3. 在addDynamicCall里对传入指针过滤(已处理指针和未处理指针)
|
|
52
53
|
*/
|
|
53
54
|
private onTheFlyDynamicCallSolve;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PointerAnalysis.d.ts","sourceRoot":"","sources":["../../../src/callgraph/pointerAnalysis/PointerAnalysis.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,oCAAoC,CAAC;AAG5D,OAAO,EAAE,SAAS,EAAiB,QAAQ,EAAe,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC7F,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAa,IAAI,EAAe,MAAM,sBAAsB,CAAC;AAEpE,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAI5C,OAAO,EAAE,GAAG,EAAgF,MAAM,OAAO,CAAC;AAE1G,OAAO,EAAE,qBAAqB,EAAoB,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAErD,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AAIvD,qBAAa,eAAgB,SAAQ,gBAAgB;IACjD,OAAO,CAAC,GAAG,CAAM;IACjB,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,GAAG,CAAqD;IAChE,OAAO,CAAC,OAAO,CAAY;IAC3B,OAAO,CAAC,QAAQ,CAAY;IAE5B,OAAO,CAAC,OAAO,CAAU;IACzB,OAAO,CAAC,WAAW,CAAyB;IAC5C,OAAO,CAAC,MAAM,CAAwB;gBAE1B,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,qBAAqB;IAU1E,MAAM,CAAC,8BAA8B,CAAC,YAAY,EAAE,KAAK,EAAE,MAAM,CAAC,EAAE,qBAAqB,GAAG,eAAe;IAuB3G,MAAM,CAAC,wBAAwB,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,EAAE,qBAAqB,GAAG,eAAe;IAgB7G,SAAS,CAAC,IAAI,IAAI,IAAI;IAYf,KAAK,IAAI,IAAI;IAMpB,OAAO,CAAC,WAAW;
|
|
1
|
+
{"version":3,"file":"PointerAnalysis.d.ts","sourceRoot":"","sources":["../../../src/callgraph/pointerAnalysis/PointerAnalysis.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,oCAAoC,CAAC;AAG5D,OAAO,EAAE,SAAS,EAAiB,QAAQ,EAAe,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC7F,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAa,IAAI,EAAe,MAAM,sBAAsB,CAAC;AAEpE,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAI5C,OAAO,EAAE,GAAG,EAAgF,MAAM,OAAO,CAAC;AAE1G,OAAO,EAAE,qBAAqB,EAAoB,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAErD,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AAIvD,qBAAa,eAAgB,SAAQ,gBAAgB;IACjD,OAAO,CAAC,GAAG,CAAM;IACjB,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,GAAG,CAAqD;IAChE,OAAO,CAAC,OAAO,CAAY;IAC3B,OAAO,CAAC,QAAQ,CAAY;IAE5B,OAAO,CAAC,OAAO,CAAU;IACzB,OAAO,CAAC,WAAW,CAAyB;IAC5C,OAAO,CAAC,MAAM,CAAwB;gBAE1B,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,qBAAqB;IAU1E,MAAM,CAAC,8BAA8B,CAAC,YAAY,EAAE,KAAK,EAAE,MAAM,CAAC,EAAE,qBAAqB,GAAG,eAAe;IAuB3G,MAAM,CAAC,wBAAwB,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,EAAE,qBAAqB,GAAG,eAAe;IAgB7G,SAAS,CAAC,IAAI,IAAI,IAAI;IAYf,KAAK,IAAI,IAAI;IAMpB,OAAO,CAAC,WAAW;IAiBZ,MAAM,IAAI,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IAI5D,MAAM,IAAI,GAAG;IAIb,OAAO,IAAI,MAAM;IAQxB,SAAS,CAAC,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,QAAQ,EAAE;IAK/C,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI;IAIvC,OAAO,CAAC,eAAe;IAwBvB;;OAEG;IACH,OAAO,CAAC,YAAY;IAqBpB,OAAO,CAAC,aAAa;IASrB,OAAO,CAAC,WAAW;IAUnB,OAAO,CAAC,UAAU;IAUlB,OAAO,CAAC,eAAe;IAkDvB,OAAO,CAAC,kBAAkB;IA6B1B,OAAO,CAAC,mBAAmB;IA4B3B;;OAEG;IACH,OAAO,CAAC,UAAU;IAUlB,OAAO,CAAC,QAAQ;IAWhB,OAAO,CAAC,SAAS;IAoBjB;;;;OAIG;IACH,OAAO,CAAC,wBAAwB;IAuBhC,OAAO,CAAC,kBAAkB;IAqB1B,OAAO,CAAC,sBAAsB;IAoB9B,OAAO,CAAC,cAAc;IAWtB;;OAEG;IACI,OAAO,CAAC,SAAS,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,GAAG,OAAO;IAmCrD,QAAQ,CAAC,SAAS,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,GAAG,OAAO;IAItD,eAAe,CAAC,KAAK,EAAE,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC;IA6BhD,OAAO,CAAC,kBAAkB;IAS1B,OAAO,CAAC,0BAA0B;IAclC,OAAO,CAAC,0BAA0B;IAclC,OAAO,CAAC,cAAc;IA2Cf,cAAc,IAAI,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;IAI9C,SAAS,CAAC,WAAW,CAAC,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,GAAG,QAAQ,EAAE;IAIlE,iBAAiB,IAAI,MAAM,EAAE;IAI7B,eAAe,IAAI,MAAM,EAAE;IAI3B,YAAY,IAAI,qBAAqB;IAI5C,OAAO,CAAC,sBAAsB;IA8BvB,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC;CAU9G"}
|
|
@@ -61,7 +61,7 @@ class PointerAnalysis extends AbstractAnalysis_1.AbstractAnalysis {
|
|
|
61
61
|
super(s, cg);
|
|
62
62
|
this.pag = p;
|
|
63
63
|
this.ptd = new PtsDS_1.DiffPTData(config.ptsCollectionCtor);
|
|
64
|
-
this.pagBuilder = new PagBuilder_1.PagBuilder(this.pag, this.cg, s, config
|
|
64
|
+
this.pagBuilder = new PagBuilder_1.PagBuilder(this.pag, this.cg, s, config);
|
|
65
65
|
this.cgBuilder = new CallGraphBuilder_1.CallGraphBuilder(this.cg, s);
|
|
66
66
|
this.ptaStat = new Statistics_1.PTAStat(this);
|
|
67
67
|
this.config = config;
|
|
@@ -125,13 +125,17 @@ class PointerAnalysis extends AbstractAnalysis_1.AbstractAnalysis {
|
|
|
125
125
|
this.pag.dump(path_1.default.join(this.config.outputDirectory, 'ptaEnd_pag.dot'));
|
|
126
126
|
this.cg.dump(path_1.default.join(this.config.outputDirectory, 'cgEnd.dot'));
|
|
127
127
|
}
|
|
128
|
-
if (this.config.
|
|
128
|
+
if (this.config.debug) {
|
|
129
129
|
this.dumpUnhandledFunctions();
|
|
130
|
+
this.pagBuilder.getContextSelector().dump(this.config.outputDirectory, this.cg);
|
|
130
131
|
}
|
|
131
132
|
}
|
|
132
133
|
getPTD() {
|
|
133
134
|
return this.ptd;
|
|
134
135
|
}
|
|
136
|
+
getPag() {
|
|
137
|
+
return this.pag;
|
|
138
|
+
}
|
|
135
139
|
getStat() {
|
|
136
140
|
let ret = this.cg.getStat();
|
|
137
141
|
ret += '\n' + this.pagBuilder.getStat();
|
|
@@ -348,7 +352,7 @@ class PointerAnalysis extends AbstractAnalysis_1.AbstractAnalysis {
|
|
|
348
352
|
}
|
|
349
353
|
/**
|
|
350
354
|
* 1. 记录被更新的节点(记录cid, nodeid)
|
|
351
|
-
* 2. ( PAGLocalNode记录
|
|
355
|
+
* 2. ( PAGLocalNode记录callSite(cid, value唯一)),通过1种的nodeID查询Node,拿到CallSite
|
|
352
356
|
* 3. 在addDynamicCall里对传入指针过滤(已处理指针和未处理指针)
|
|
353
357
|
*/
|
|
354
358
|
onTheFlyDynamicCallSolve() {
|
|
@@ -377,13 +381,13 @@ class PointerAnalysis extends AbstractAnalysis_1.AbstractAnalysis {
|
|
|
377
381
|
logger.warn(`node ${node.getID()} has no related dynamic call site`);
|
|
378
382
|
return changed;
|
|
379
383
|
}
|
|
380
|
-
logger.info(`[process dynamic
|
|
381
|
-
dynCallSites.forEach(
|
|
384
|
+
logger.info(`[process dynamic callSite] node ${node.getID()}`);
|
|
385
|
+
dynCallSites.forEach(dynCallSite => {
|
|
382
386
|
for (let pt of pts) {
|
|
383
|
-
let srcNodes = this.pagBuilder.addDynamicCallEdge(
|
|
387
|
+
let srcNodes = this.pagBuilder.addDynamicCallEdge(dynCallSite, pt, node.getCid());
|
|
384
388
|
changed = this.addToReanalyze(srcNodes) || changed;
|
|
385
389
|
}
|
|
386
|
-
processedCallSites.add(
|
|
390
|
+
processedCallSites.add(dynCallSite);
|
|
387
391
|
});
|
|
388
392
|
return changed;
|
|
389
393
|
}
|
|
@@ -394,7 +398,7 @@ class PointerAnalysis extends AbstractAnalysis_1.AbstractAnalysis {
|
|
|
394
398
|
logger.warn(`node ${node.getID()} has no related unknown call site`);
|
|
395
399
|
return changed;
|
|
396
400
|
}
|
|
397
|
-
logger.info(`[process unknown
|
|
401
|
+
logger.info(`[process unknown callSite] node ${node.getID()}`);
|
|
398
402
|
unknownCallSites.forEach(unknownCallSite => {
|
|
399
403
|
for (let pt of pts) {
|
|
400
404
|
let srcNodes = this.pagBuilder.addDynamicCallEdge(unknownCallSite, pt, node.getCid());
|
|
@@ -4,19 +4,25 @@ export declare enum PtaAnalysisScale {
|
|
|
4
4
|
WholeProgram = 0,
|
|
5
5
|
MethodLevel = 1
|
|
6
6
|
}
|
|
7
|
+
export declare enum ContextType {
|
|
8
|
+
CallSite = 0,
|
|
9
|
+
Obj = 1,
|
|
10
|
+
Func = 2
|
|
11
|
+
}
|
|
7
12
|
export declare class PointerAnalysisConfig {
|
|
8
13
|
private static instance;
|
|
9
14
|
kLimit: number;
|
|
15
|
+
contextType: ContextType;
|
|
10
16
|
outputDirectory: string;
|
|
11
17
|
detectTypeDiff: boolean;
|
|
12
18
|
dotDump: boolean;
|
|
13
|
-
|
|
19
|
+
debug: boolean;
|
|
14
20
|
analysisScale: PtaAnalysisScale;
|
|
15
21
|
ptsCollectionType: PtsCollectionType;
|
|
16
22
|
ptsCollectionCtor: new () => IPtsCollection<NodeID>;
|
|
17
|
-
constructor(kLimit: number, outputDirectory: string, detectTypeDiff?: boolean, dotDump?: boolean,
|
|
23
|
+
constructor(kLimit: number, contextType: ContextType, outputDirectory: string, detectTypeDiff?: boolean, dotDump?: boolean, debug?: boolean, analysisScale?: PtaAnalysisScale, ptsCoType?: PtsCollectionType);
|
|
18
24
|
static dispose(): void;
|
|
19
|
-
static create(kLimit: number, outputDirectory: string, detectTypeDiff?: boolean, dotDump?: boolean,
|
|
25
|
+
static create(kLimit: number, outputDirectory: string, detectTypeDiff?: boolean, dotDump?: boolean, debug?: boolean, analysisScale?: PtaAnalysisScale, ptsCoType?: PtsCollectionType, contextType?: ContextType): PointerAnalysisConfig;
|
|
20
26
|
static getInstance(): PointerAnalysisConfig;
|
|
21
27
|
}
|
|
22
28
|
//# sourceMappingURL=PointerAnalysisConfig.d.ts.map
|