From 8fb7b379904b66da0ada85c1ee16509434a85cd6 Mon Sep 17 00:00:00 2001 From: jjenista Date: Thu, 17 Jun 2010 22:20:37 +0000 Subject: [PATCH] getting parameter taints in new analysis --- Robust/src/Analysis/Disjoint/AllocSite.java | 4 ++ .../Analysis/Disjoint/DisjointAnalysis.java | 10 +--- Robust/src/Analysis/Disjoint/ReachGraph.java | 56 ++++++++----------- Robust/src/Analysis/Disjoint/ReachState.java | 2 +- Robust/src/Analysis/Disjoint/RefEdge.java | 51 +++++------------ Robust/src/Analysis/Disjoint/Taint.java | 10 +++- Robust/src/Tests/disjoint/taintTest1/makefile | 29 ++++++++++ .../src/Tests/disjoint/taintTest1/test.java | 20 +++++++ 8 files changed, 102 insertions(+), 80 deletions(-) create mode 100644 Robust/src/Tests/disjoint/taintTest1/makefile create mode 100644 Robust/src/Tests/disjoint/taintTest1/test.java diff --git a/Robust/src/Analysis/Disjoint/AllocSite.java b/Robust/src/Analysis/Disjoint/AllocSite.java index 7edca4a0..0e40e0d4 100644 --- a/Robust/src/Analysis/Disjoint/AllocSite.java +++ b/Robust/src/Analysis/Disjoint/AllocSite.java @@ -248,6 +248,10 @@ public class AllocSite extends Canonical { return "allocSite "+disjointId+" ("+id+")"; } + public String toStringBrief() { + return id.toString(); + } + public String toStringVerbose() { if( disjointId == null ) { return "allocSite"+id+" "+ diff --git a/Robust/src/Analysis/Disjoint/DisjointAnalysis.java b/Robust/src/Analysis/Disjoint/DisjointAnalysis.java index f9a23098..f150279f 100644 --- a/Robust/src/Analysis/Disjoint/DisjointAnalysis.java +++ b/Robust/src/Analysis/Disjoint/DisjointAnalysis.java @@ -1801,7 +1801,6 @@ private Set getFieldSetTobeAnalyzed(TypeDescriptor typeDesc){ fd.getSymbol(), // field name alpha, // beta ExistPredSet.factory(rg.predTrue), // predicates - null, null ); @@ -1816,7 +1815,6 @@ private Set getFieldSetTobeAnalyzed(TypeDescriptor typeDesc){ arrayElementFieldName, // field name alpha, // beta ExistPredSet.factory(rg.predTrue), // predicates - null, null ); @@ -1855,7 +1853,6 @@ private Set getFieldSetTobeAnalyzed(TypeDescriptor typeDesc){ arrayElementFieldName, // field name alpha, // beta ExistPredSet.factory(rg.predTrue), // predicates - null, null ); rg.addRefEdge(prevNode, hrnSummary, edgeToSummary); @@ -1869,7 +1866,6 @@ private Set getFieldSetTobeAnalyzed(TypeDescriptor typeDesc){ arrayElementFieldName, // field name alpha, // beta ExistPredSet.factory(rg.predTrue), // predicates - null, null ); rg.addRefEdge(prevNode, hrnSummary, edgeToSummary); @@ -1913,7 +1909,6 @@ private ReachGraph createInitialTaskReachGraph(FlatMethod fm) { null, // field name hrnNewest.getAlpha(), // beta ExistPredSet.factory(rg.predTrue), // predicates - null, null ); rg.addRefEdge(lnX, hrnNewest, edgeNew); @@ -1985,7 +1980,7 @@ private ReachGraph createInitialTaskReachGraph(FlatMethod fm) { fd.getSymbol(), // field name hrnNewest.getAlpha(), // beta ExistPredSet.factory(rg.predTrue), // predicates - null, null + null ); rg.addRefEdge(srcHRN, hrnSummary, edgeToSummary); @@ -2026,8 +2021,7 @@ private ReachGraph createInitialTaskReachGraph(FlatMethod fm) { fd.getType(), // type fd.getSymbol(), // field name srcHRN.getAlpha(), // beta - ExistPredSet.factory(rg.predTrue), // predicates - null, + ExistPredSet.factory(rg.predTrue), // predicates null ); rg.addRefEdge(srcHRN, hrnDst, edgeToSummary); diff --git a/Robust/src/Analysis/Disjoint/ReachGraph.java b/Robust/src/Analysis/Disjoint/ReachGraph.java index 46afd6f4..03c6edba 100644 --- a/Robust/src/Analysis/Disjoint/ReachGraph.java +++ b/Robust/src/Analysis/Disjoint/ReachGraph.java @@ -466,7 +466,6 @@ public class ReachGraph { null, Canonical.intersection( betaY, betaHrn ), predsTrue, - null, null ); @@ -622,7 +621,6 @@ public class ReachGraph { ) ), predsTrue, - null, null ); @@ -693,7 +691,7 @@ public class ReachGraph { null, // field name hrnNewest.getAlpha(), // beta predsTrue, // predicates - null, null + null ); addRefEdge( lnX, hrnNewest, edgeNew ); @@ -1652,12 +1650,15 @@ public class ReachGraph { ExistPredSet preds = ExistPredSet.factory( pred ); - //Taint paramTaint = - // Taint.factory( 0, null, null, ); + Taint paramTaint = + Taint.factory( index, + null, + null, + hrnDstCallee.getAllocSite() + ); - TaintSet paramTaints = - //TaintSet.factory( paramTaint ); - TaintSet.factory(); + TaintSet taints = + TaintSet.factory( paramTaint ); RefEdge reCallee = new RefEdge( vnCallee, @@ -1669,8 +1670,7 @@ public class ReachGraph { oocHrnIdOoc2callee ), preds, - paramTaints, - null + taints ); rg.addRefEdge( vnCallee, @@ -1717,7 +1717,7 @@ public class ReachGraph { oocHrnIdOoc2callee ), preds, - null, null + null ); rg.addRefEdge( hrnSrcCallee, @@ -1874,7 +1874,7 @@ public class ReachGraph { oocHrnIdOoc2callee ), preds, - null, null + null ) ); @@ -2438,7 +2438,7 @@ public class ReachGraph { toCallerContext( reCallee.getBeta(), calleeStatesSatisfied ), preds, - null, null + null ); ChangeSet cs = ChangeSet.factory(); @@ -3517,16 +3517,11 @@ public class ReachGraph { edgeA.getPreds() ) ); - edgeToMerge.setParamTaints( - Canonical.union( edgeToMerge.getParamTaints(), - edgeA.getParamTaints() - ) - ); - edgeToMerge.setRblockTaints( - Canonical.union( edgeToMerge.getRblockTaints(), - edgeA.getRblockTaints() - ) - ); + edgeToMerge.setTaints( + Canonical.union( edgeToMerge.getTaints(), + edgeA.getTaints() + ) + ); } } } @@ -3590,16 +3585,11 @@ public class ReachGraph { edgeA.getPreds() ) ); - edgeToMerge.setParamTaints( - Canonical.union( edgeToMerge.getParamTaints(), - edgeA.getParamTaints() - ) - ); - edgeToMerge.setRblockTaints( - Canonical.union( edgeToMerge.getRblockTaints(), - edgeA.getRblockTaints() - ) - ); + edgeToMerge.setTaints( + Canonical.union( edgeToMerge.getTaints(), + edgeA.getTaints() + ) + ); } } } diff --git a/Robust/src/Analysis/Disjoint/ReachState.java b/Robust/src/Analysis/Disjoint/ReachState.java index 6b8e14e4..725ed14d 100644 --- a/Robust/src/Analysis/Disjoint/ReachState.java +++ b/Robust/src/Analysis/Disjoint/ReachState.java @@ -32,7 +32,7 @@ public class ReachState extends Canonical { protected HashSet reachTuples; // existance predicates must be true in a caller - // context for this node to transfer from this + // context for this state to transfer from this // callee to that context protected ExistPredSet preds; diff --git a/Robust/src/Analysis/Disjoint/RefEdge.java b/Robust/src/Analysis/Disjoint/RefEdge.java index 92a8fbb7..46572086 100644 --- a/Robust/src/Analysis/Disjoint/RefEdge.java +++ b/Robust/src/Analysis/Disjoint/RefEdge.java @@ -29,8 +29,7 @@ public class RefEdge { // tainted this edge-->meaning which heap roots // code must have had access to in order to // read or write through this edge - protected TaintSet paramTaints; - protected TaintSet rblockTaints; + protected TaintSet taints; public RefEdge( RefSrcNode src, @@ -39,8 +38,7 @@ public class RefEdge { String field, ReachSet beta, ExistPredSet preds, - TaintSet paramTaints, - TaintSet rblockTaints ) { + TaintSet taints ) { assert src != null; assert dst != null; @@ -67,16 +65,10 @@ public class RefEdge { // is changing beta info, betaNew is always empty betaNew = ReachSet.factory(); - if( paramTaints != null ) { - this.paramTaints = paramTaints; + if( taints != null ) { + this.taints = taints; } else { - this.paramTaints = TaintSet.factory(); - } - - if( rblockTaints != null ) { - this.rblockTaints = rblockTaints; - } else { - this.rblockTaints = TaintSet.factory(); + this.taints = TaintSet.factory(); } } @@ -88,8 +80,7 @@ public class RefEdge { field, beta, preds, - paramTaints, - rblockTaints ); + taints ); return copy; } @@ -127,13 +118,12 @@ public class RefEdge { // beta and preds contribute towards reaching the // fixed point, so use this method to determine if // an edge is "equal" to some previous visit, basically - // AND EDGE TAINTS! + // and taints! public boolean equalsIncludingBetaPredsTaints( RefEdge edge ) { return equals( edge ) && beta.equals( edge.beta ) && preds.equals( edge.preds ) && - paramTaints.equals( edge.paramTaints ) && - rblockTaints.equals( edge.rblockTaints ); + taints.equals( edge.taints ); } public boolean equalsPreds( RefEdge edge ) { @@ -257,22 +247,13 @@ public class RefEdge { } - public TaintSet getParamTaints() { - return paramTaints; - } - - public void setParamTaints( TaintSet taints ) { - this.paramTaints = taints; - } - - public TaintSet getRblockTaints() { - return rblockTaints; + public TaintSet getTaints() { + return taints; } - public void setRblockTaints( TaintSet taints ) { - this.rblockTaints = taints; + public void setTaints( TaintSet taints ) { + this.taints = taints; } - public String toStringDOT( boolean hideReach, @@ -293,12 +274,8 @@ public class RefEdge { } if( !hideEdgeTaints ) { - if( !paramTaints.isEmpty() ) { - s += "\\npt: "+paramTaints.toString(); - } - - if( !rblockTaints.isEmpty() ) { - s += "\\nrt: "+rblockTaints.toString(); + if( !taints.isEmpty() ) { + s += "\\nt: "+taints.toString(); } } diff --git a/Robust/src/Analysis/Disjoint/Taint.java b/Robust/src/Analysis/Disjoint/Taint.java index 067c9e1e..71eae24e 100644 --- a/Robust/src/Analysis/Disjoint/Taint.java +++ b/Robust/src/Analysis/Disjoint/Taint.java @@ -142,6 +142,14 @@ public class Taint extends Canonical { } public String toString() { - return ""; + String s = "("; + + if( paramIndex != null ) { + s += "param"+paramIndex; + } else { + s += sese.toPrettyString()+"-"+insetVar; + } + + return s+", "+allocSite.toStringBrief()+")"; } } diff --git a/Robust/src/Tests/disjoint/taintTest1/makefile b/Robust/src/Tests/disjoint/taintTest1/makefile new file mode 100644 index 00000000..af136378 --- /dev/null +++ b/Robust/src/Tests/disjoint/taintTest1/makefile @@ -0,0 +1,29 @@ +PROGRAM=test + +SOURCE_FILES=$(PROGRAM).java + +BUILDSCRIPT=~/research/Robust/src/buildscript + + +BSFLAGS= -mainclass Test -justanalyze -disjoint -disjoint-k 2 -disjoint-write-dots final -enable-assertions + +all: $(PROGRAM).bin + +view: PNGs + eog *.png & + +PNGs: DOTs + d2p *COMPLETE*.dot + +DOTs: $(PROGRAM).bin + +$(PROGRAM).bin: $(SOURCE_FILES) + $(BUILDSCRIPT) $(BSFLAGS) $(DEBUGFLAGS) -o $(PROGRAM) $(SOURCE_FILES) + +clean: + rm -f $(PROGRAM).bin + rm -fr tmpbuilddirectory + rm -f *~ + rm -f *.dot + rm -f *.png + rm -f aliases.txt diff --git a/Robust/src/Tests/disjoint/taintTest1/test.java b/Robust/src/Tests/disjoint/taintTest1/test.java new file mode 100644 index 00000000..db695a56 --- /dev/null +++ b/Robust/src/Tests/disjoint/taintTest1/test.java @@ -0,0 +1,20 @@ +public class Foo { + public Foo() {} + public Foo f; +} + +public class Test { + + static public void main( String[] args ) { + + Foo f = new Foo(); + + Foo g = doStuff( f ); + } + + static Foo doStuff( Foo m ) { + + Foo n = new Foo(); + return n; + } +} -- 2.34.1