Exploded Supergraph in Interprocedural Analysis

exercise 18 review interprocedural analysis write n.w
1 / 24
Embed
Share

Learn about exploded supergraphs in interprocedural analysis and how to address limitations with lightweight approximations. Explore the complexities of function calls and their effects in large programs.

  • Interprocedural Analysis
  • Supergraphs
  • Function Calls
  • Limitations
  • Lightweight Approximations
rayaanacharya
stela Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. EXERCISE #18 REVIEW INTERPROCEDURAL ANALYSIS Write your name and answer the following on a piece of paper Draw the exploded supergraph for the following program: 1

  2. EXERCISE #18: SOLUTION REVIEW INTERPROCEDURAL ANALYSIS 2

  3. ADMINISTRIVIA AND ANNOUNCEMENTS

  4. SUMMARY FUNCTIONS EECS 677: Software Security Evaluation Drew Davidson

  5. 5 LAST TIME: INTERPROCEDURAL ANALYSIS REVIEW: LAST LECTURE CONSIDERTHEEFFECTOFMULTIPLE FUNCTIONS Simplistic Function call overturns all global / aliased facts Supergraph / Context String 1-CFA (use a call-chain of 1)

  6. EXPLODING SUPERGRAPHS SUPERGRAPHS 6 THE EXPLODED SUPERGRAPH EXPLODES For large programs, the supergraph may be too large (and exploding the supergraph certainly will not help) WHATCANWEDOINTHEPRESENCE OFSUCHLIMITATIONS? Gather a lightweight, over-approxmation of the effect of a function call

  7. LECTURE OUTLINE Intuition MOD/REF analysis Global only Globals, Locals and args Abstract Summaries

  8. INTUITION SUMMARY FUNCTIONS 8 TRACKINGCONTEXTISEXPENSIVE Maybe our analysis can get by without it COARSE-GRAINEDANALYSISNEED ONLYCAPTURECOARSE-GRAINED FUNCTIONINFORMATION Summarize the information we need to know Function summary

  9. INTUITION SUMMARY FUNCTIONS 9 TRACKINGCONTEXTISEXPENSIVE Maybe our analysis can get by without it global1 = SOURCE(); foo(); COARSE-GRAINEDANALYSISNEED ONLYCAPTURECOARSE-GRAINED FUNCTIONINFORMATION SINK(global2); Summarize the information we need to know Does foo reference (i.e. read) global1? Modify (i.e. write) global2? Function summary

  10. LECTURE OUTLINE Intuition MOD/REF analysis Global only Globals, Locals and args Abstract Summaries

  11. INTERPROCEDURAL MOD/REF ANALYSIS SUMMARY FUNCTIONS 11 int globalA; int globalB; int globalC; void bar(){ globalB = 2; cout << (globalC); } void foo(){ globalA = 1; bar(); } int main(){ foo(); } LETUSATTEMPTTOCOMPUTE 2 SETS GMOD(P) The set of variables that might be modified as a result of calling P Also includes variables mod/ref ed by P s callees! GREF(P) The set of variables that might be referenced as a result of calling P BASICIDEA (LET SIGNOREPARAMETERS, POINTERS, AND LOCALSFORNOW) Build IMOD(P) and IREF(P) the variables immediately modified in P (ignoring callees) Build the simple call graph Repurpose the call graph for dataflow algorithm! Run the dataflow algorithm to saturation

  12. INTERPROCEDURAL MOD/REF ANALYSIS SUMMARY FUNCTIONS 12 BASICIDEA (LET SIGNOREPARAMETERS, POINTERS, AND LOCALSFORNOW) int globalA; int globalB; int globalC; void bar(){ globalB = 2; cout << (globalC); } void foo(){ globalA = 1; bar(); } int main(){ foo(); } Build IMOD(P) and IREF(P) the variables immediately modified in P (ignoring callees) Build the simple call graph Repurpose the call graph for dataflow algorithm! Run the dataflow algorithm to saturation Good enough initial approximation: Simple statement scan IMOD(main) = { } IREF(main) = { } IMOD(foo) = { A } IMOD(bar) = { B } IMOD(baz) = { D } IREF(foo) = { } IREF(bar) = { C } IREF(baz) = { B }

  13. INTERPROCEDURAL MOD/REF ANALYSIS SUMMARY FUNCTIONS 13 BASICIDEA (LET SIGNOREPARAMETERS, POINTERS, AND LOCALSFORNOW) int globalA; int globalB; int globalC; void bar(){ globalB = 2; cout << (globalC); } void foo(){ globalA = 1; bar(); } int main(){ foo(); } main Build IMOD(P) and IREF(P) the variables immediately modified in P (ignoring callees) Build the simple call graph foo Repurpose the call graph for dataflow algorithm! Run the dataflow algorithm to saturation bar IMOD(main) = { } IREF(main) = { } baz IMOD(foo) = { A } IMOD(bar) = { B } IMOD(baz) = { D } IREF(foo) = { } IREF(bar) = { C } IREF(baz) = { B }

  14. INTERPROCEDURAL MOD/REF ANALYSIS SUMMARY FUNCTIONS 14 BASICIDEA (LET SIGNOREPARAMETERS, POINTERS, AND LOCALSFORNOW) main main Build IMOD(P) and IREF(P) the variables immediately modified in P (ignoring callees) Build the simple call graph foo foo Repurpose the call graph for dataflow algorithm! (optimization) collapse cycles Run the dataflow algorithm to saturation bar/ baz bar IMOD(main) = { } IREF(main) = { } baz IMOD(foo) = { A } IMOD(bar) = { B } IMOD(baz) = { D } IREF(foo) = { } IREF(bar) = { C } IREF(baz) = { B }

  15. INTERPROCEDURAL MOD/REF ANALYSIS SUMMARY FUNCTIONS 15 GMOD: fP(S) = S U IMOD(P) GREF: fP(S) = S U IREF(P) BASICIDEA (LET SIGNOREPARAMETERS, POINTERS, AND LOCALSFORNOW) Init GMOD: {} Init GREF: {} Join = Union Build IMOD(P) and IREF(P) the variables immediately modified in P (ignoring callees) main Build the simple call graph (optimization) collapse cycles Repurpose the call graph for dataflow algorithm! foo Add a dummy exit node targeted by all leaves Run the dataflow algorithm to saturation bar/ baz IMOD(main) = { } IREF(main) = { } Exit IMOD(foo) = { A } IMOD(bar) = { B } IMOD(baz) = { D } IREF(foo) = { } IREF(bar) = { C } IREF(baz) = { B }

  16. INTERPROCEDURAL MOD/REF ANALYSIS SUMMARY FUNCTIONS 16 GMOD: fP(S) = S U IMOD(P) GREF: fP(S) = S U IREF(P) BASICIDEA (LET SIGNOREPARAMETERS, POINTERS, AND LOCALSFORNOW) Init GMOD: {} Init GREF: {} Join = Union Build IMOD(P) and IREF(P) the variables immediately modified in P (ignoring callees) main Build the simple call graph Repurpose the call graph for dataflow algorithm! foo Run the dataflow algorithm to saturation bar/ baz IMOD(main) = { } IREF(main) = { } Exit IMOD(foo) = { A } IMOD(bar) = { B } IMOD(baz) = { D } IREF(foo) = { } IREF(bar) = { C } IREF(baz) = { B }

  17. INTERPROCEDURAL MOD/REF ANALYSIS SUMMARY FUNCTIONS 17 BASICIDEA (LET SIGNOREPARAMETERS, POINTERS, AND LOCALSFORNOW) This is a pretty big restriction, we should remove it Build IMOD(P) and IREF(P) the variables immediately modified in P (ignoring callees) Good news: GMOD computation is the same Build the simple call graph Repurpose the call graph for dataflow algorithm! Bad news: We ll need to use the compound call graph More elaborate IMOD computation Can t collapse cycles Run the dataflow algorithm to saturation

  18. LECTURE OUTLINE Intuition MOD/REF analysis Global only Globals, Locals and args Abstract Summaries

  19. INTERPROCEDURAL MOD/REF ANALYSIS SUMMARY FUNCTIONS 19 FULL IDEA Build IMOD(P) and IREF(P) the variables immediately modified in P (ignoring callees) main L3 Build the compound call graph Repurpose the call graph for dataflow algorithm! a L9 L10 Run the dataflow algorithm to saturation b L15 IMOD(main) = { } IREF(main) = { } IMOD(foo) = { A } IMOD(bar) = { B } IMOD(baz) = { D } IREF(foo) = { } IREF(bar) = { C } IREF(baz) = { B }

  20. 20 LAST TIME: GMOD & GREF COMPUTATION REVIEW: LAST LECTURE GLOBALS, LOCALS & VALUE-PASSING GREF will change, GMOD doesn t need to change Init all node GREF sets to their IREF sets Init all call site GREF sets to empty Put all nodes and call sites on a worklist Iterate until the worklist is empty. main IREF = { } s1 node or call site main a b s1 s2 s3 s4 GREF set g2 g2, v3, v5 f3, g2 g2 v3, g2 v5, g2 g2 void main() { S1: call a(v1) } void a( f1 ) { S2: call b(v2, v3) S3: call b(v4, v5) } void b( f2, f3 ) { print f3; S4: call b(g1, g2) } a Each time a node n is removed from the worklist, its current GREF set is computed. If that set doesn't match its previous value, then add all call sites to n to the worklist (if not present). Each time a call site s is removed from the worklist, its current GREF set is computed. If that set doesn't match its previous value, then the node that contains s is added to the worklist (if not present). IREF = { } s2 s3 b IREF = {f3} s4

  21. LECTURE OUTLINE Intuition MOD/REF analysis Global only Globals, Locals and args Abstract Summaries

  22. ABSTRACT SUMMARIES SUMMARY FUNCTIONS 22 LET S RECALLTHEPROBLEMTHATGOTUSINTOTHISMESS Summarize callee analysis (rather than include it in the analysis) int main(){ g = -1; inc(); void inc(){ g++; inc(); return 2 / g;

  23. ABSTRACT SUMMARIES SUMMARY FUNCTIONS 23 WHATIFTHECALLEEISN TSOTRICKY Summarize callee analysis (rather than include it in the analysis) int main(){ g = -1; inc(); void inc(){ g++; inc(); return 2 / g;

  24. WRAP-UP

Related


Rashford's Exclusion Raises Questions as Southgate Navigates Delicate Balance Euro 2024

Rashford's Exclusion Raises Questions as Southgate Navigates Delicate Balance Euro 2024

WorldWide
Predicting Spain's Lineup for UEFA Euro 2024

Predicting Spain's Lineup for UEFA Euro 2024

WorldWide
Roland Sallai Primed for Success at Euro 2024

Roland Sallai Primed for Success at Euro 2024

WorldWide
Fernandes Thriving in United's Resurgent Attack^J Euro 2024 Success

Fernandes Thriving in United's Resurgent Attack^J Euro 2024 Success

WorldWide
No Clear Plan Beyond Euro 2024, Says England Manager

No Clear Plan Beyond Euro 2024, Says England Manager

WorldWide
Christoph Baumgartner Expectations and Preparations for Euro 2024

Christoph Baumgartner Expectations and Preparations for Euro 2024

WorldWide
Christoph Baumgartner Expectations and Preparations for Euro 2024

Christoph Baumgartner Expectations and Preparations for Euro 2024

WorldWide
Building England's Euro 2024 Team around Phil Foden

Building England's Euro 2024 Team around Phil Foden

WorldWide
Scotland Superfan since 1974 Robbie Jenkins Prepares for Euro 2024

Scotland Superfan since 1974 Robbie Jenkins Prepares for Euro 2024

WorldWide
Albania Vs Spain National Team Embarks on Euro Cup 2024 Qualifiers Journey

Albania Vs Spain National Team Embarks on Euro Cup 2024 Qualifiers Journey

WorldWide
Best Question Bank for Class 9 CBSE 2024 Maths with Live Videos

Best Question Bank for Class 9 CBSE 2024 Maths with Live Videos

Rachna
Best Question Bank for Class 9 CBSE 2024 Maths with Live Videos

Best Question Bank for Class 9 CBSE 2024 Maths with Live Videos

Rachna
Pausslot Mantra88 Tergacor dan Terpercaya 2024

Pausslot Mantra88 Tergacor dan Terpercaya 2024

Man
Hospital Price Transparency Regulations and Updates for 2024

Hospital Price Transparency Regulations and Updates for 2024

cove
Essential Information About Upcoming MRCOG Exam

Essential Information About Upcoming MRCOG Exam

rhodes
Pregnancy Horoscope 2024

Pregnancy Horoscope 2024

Jyotishi
Euro 2024 Predictions

Euro 2024 Predictions

Simon1
Institutions' Logos and Authors' Affiliations at MECO 2024 and CPSIoT 2024

Institutions' Logos and Authors' Affiliations at MECO 2024 and CPSIoT 2024

cara
Notifications & Circulars - In light of 53rd GST Council Meeting Recommendation

Notifications & Circulars - In light of 53rd GST Council Meeting Recommendation

Connect
Paris Olympics 2024 - Opening Ceremony

Paris Olympics 2024 - Opening Ceremony

vinu
Mondays for Future: Updates and Plans for 2023-2024

Mondays for Future: Updates and Plans for 2023-2024

aranza
NJSDC Kickoff Meeting 2024 Highlights

NJSDC Kickoff Meeting 2024 Highlights

bhud

More Related Content