CN108132799B - Inter-process static program analysis information extraction method, device and equipment - Google Patents
Inter-process static program analysis information extraction method, device and equipment Download PDFInfo
- Publication number
- CN108132799B CN108132799B CN201711423522.2A CN201711423522A CN108132799B CN 108132799 B CN108132799 B CN 108132799B CN 201711423522 A CN201711423522 A CN 201711423522A CN 108132799 B CN108132799 B CN 108132799B
- Authority
- CN
- China
- Prior art keywords
- function
- information
- call instruction
- instruction
- call
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/75—Structural analysis for program understanding
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the invention provides a method, a device and equipment for extracting analysis information of an interprocess static program, wherein the method comprises the following steps: traversing instructions in the LLVM IR file; extracting in-process program analysis information based on the br instruction and the ret instruction; determining whether a call instruction in the LLVM IR file is a call instruction related to a function pointer; if not, extracting information of direct function call from the call instruction; if so, extracting the pointing information of the function pointer in the call instruction according to the store instruction and the load instruction before the call instruction; after traversing is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all the information of direct function calling and the pointing information of the function pointer. Therefore, the problem that the function pointer pointing information is not accurate enough in static program analysis is solved.
Description
Technical Field
The embodiment of the invention relates to the technical field of computers, in particular to a method, a device and equipment for extracting analysis information of an interprocess static program.
Background
The complexity of modern software systems is more and more prominent, and the size of programs is larger and larger, so that the coding logic structure of the programs is difficult to understand intuitively. The inter-process information and the intra-process information can reflect program coding logic in a software system, and are widely applied in the software engineering fields of understanding and analyzing programs, testing, debugging and maintaining software, compiling optimization, error positioning, program error (bug) searching, inter-process data flow analysis, backtracking test and the like, the complete inter-process information and the intra-process information better assist program verification and program debugging, and the quality of program analysis is improved.
In the prior art, Source instance is a program editor and a code browser of a project guide, has visual support for program analysis information such as a reference tree, a class inheritance graph and a call tree, and can generate a function call graph. The CodeViz is a C source code static analysis tool, generates a visual function call graph aiming at a C program, patches the GCC, generates dump function call information when compiling a source file, and extracts the function call information through a Perl script. The Cflow is a C source code program static analysis tool, which can generate two function call graphs in the forward direction and the reverse direction, directly analyze the source code and generate an external reference set of the function call information of the C program. The CallTree is a static calling tree generator of the C source code, and extracts function calling information by analyzing the C source code. The methods and the technologies can not acquire the information pointed by the function pointer, and the problem that the function calling information is not completely acquired exists: source Insight and CodeViz cannot acquire the information pointed by the function pointer; the CallTree cannot acquire the real information pointed by the function pointer; CodeViz, CallTree, and Cflow do not perfectly handle library function call information.
Disclosure of Invention
The embodiment of the invention provides a method, a device and equipment for extracting analysis information of an interprocess static program, which are used for solving the problem that the acquisition of the pointing information of a function pointer in the analysis of the static program is not accurate enough.
A first aspect of an embodiment of the present invention provides a method for extracting inter-process static program analysis information, where the method includes:
traversing instructions in the LLVM IR file;
extracting in-process program analysis information from the LLVM IR file based on br instructions and ret instructions in the LLVM IR file;
determining whether a call instruction in the LLVM IR file is a function pointer related call instruction;
if not, extracting information of direct function call from the call instruction;
if so, extracting the pointing information of the function pointer in the call instruction according to a store instruction and a load instruction before the call instruction;
after traversing is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all the information of direct function calling and the pointing information of the function pointer.
Optionally, the extracting information of the direct function call from the call instruction includes:
matching the name of the function in the call instruction with a pre-stored library function name;
if the call instruction is matched with the call instruction, extracting library functions of the call instruction to directly call information;
and if not, extracting general function direct calling information of the call instruction, wherein the general function direct calling refers to direct calling of other functions except the library function.
Optionally, the extracting, according to the store instruction and the load instruction before the call instruction, the pointing information of the function pointer in the call instruction includes:
determining a function pointed by a function pointer in the call instruction according to a store instruction and a load instruction before the call instruction, and determining whether the function is a library function;
if so, extracting name information of a function pointed by a function pointer of the call instruction and information that the function is directly called by a library function;
if not, extracting name information of the function pointed by the function pointer of the call instruction and information that the function is directly called by a common function.
Optionally, the extracting in-process program analysis information from the LLVM IR file based on the br instruction and the ret instruction in the LLVM IR file includes:
and acquiring a basic block of a function in the LLVM IR file based on the br instruction and the ret instruction in the LLVM IR file, and extracting in-process program analysis information from the basic block of the function in the LLVM IR file.
A second aspect of the embodiments of the present invention provides an inter-process static program analysis information extraction device, including:
the traversing module is used for traversing the instruction in the LLVM IR file;
a first extraction module, configured to extract in-process program analysis information from the LLVM IR file based on the br instruction and the ret instruction in the LLVM IR file;
the determining module is used for determining whether a call instruction in the LLVM IR file is a call instruction related to a function pointer;
the second extraction module is used for extracting information of direct function call from the call instruction when the call instruction is not the call instruction related to the function pointer;
the third extraction module is used for extracting the pointing information of the function pointer in the call instruction according to a store instruction and a load instruction before the call instruction when the call instruction is the call instruction related to the function pointer;
and the generating module is used for generating the inter-process static program analysis information based on the extracted in-process program analysis information, all the information of direct function call and the pointing information of the function pointer after the traversal is finished.
Optionally, the second extraction module includes:
the matching submodule is used for matching the name of the function in the call instruction with the name of a pre-stored library function;
the first extraction submodule is used for extracting library function direct calling information of the call instruction during matching;
and the second extraction submodule is used for taking general function direct calling information of the call instruction when the call instruction is not matched, wherein the general function direct calling refers to direct calling of other functions except the library function.
Optionally, the third extraction module is specifically configured to
Determining a function pointed by a function pointer in the call instruction according to a store instruction and a load instruction before the call instruction, and determining whether the function is a library function;
if so, extracting name information of a function pointed by a function pointer of the call instruction and information that the function is directly called by a library function;
if not, extracting name information of the function pointed by the function pointer of the call instruction and information that the function is directly called by a common function.
Optionally, the first extraction module is specifically configured to:
and acquiring a basic block of a function in the LLVM IR file based on the br instruction and the ret instruction in the LLVM IR file, and extracting in-process program analysis information from the basic block of the function in the LLVM IR file.
A third aspect of an embodiment of the present invention provides a program analysis device, including:
a processor:
a memory for storing the processor-executable instructions;
when the processor executes the executable instructions, the following method is performed:
traversing instructions in the LLVM IR file;
extracting in-process program analysis information from the LLVM IR file based on br instructions and ret instructions in the LLVM IR file;
determining whether a call instruction in the LLVM IR file is a function pointer related call instruction;
if not, extracting information of direct function call from the call instruction;
if so, extracting the pointing information of the function pointer in the call instruction according to a store instruction and a load instruction before the call instruction;
after traversing is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all the information of direct function calling and the pointing information of the function pointer.
A fourth aspect of the embodiments of the present invention provides a computer-readable storage medium, including instructions, which when executed on a computer, the computer performs the following method:
traversing instructions in the LLVM IR file;
extracting in-process program analysis information from the LLVM IR file based on br instructions and ret instructions in the LLVM IR file;
determining whether a call instruction in the LLVM IR file is a function pointer related call instruction;
if not, extracting information of direct function call from the call instruction;
if so, extracting the pointing information of the function pointer in the call instruction according to a store instruction and a load instruction before the call instruction;
after traversing is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all the information of direct function calling and the pointing information of the function pointer.
In the embodiment of the invention, instructions in LLVM IR files are traversed; extracting in-process program analysis information from the LLVM IR file based on br instructions and ret instructions in the LLVM IR file; determining whether a call instruction in the LLVM IR file is a call instruction related to a function pointer; if not, extracting information of direct function call from the call instruction; if so, extracting the pointing information of the function pointer in the call instruction according to the store instruction and the load instruction before the call instruction; after traversing is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all the information of direct function calling and the pointing information of the function pointer. Therefore, the problems that the function pointer pointing information is not accurately acquired and the library function calling information processing is incomplete in static program analysis are solved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a flowchart of an inter-process static program analysis information extraction method according to an embodiment of the present invention;
FIG. 2 is a flowchart of a method for performing step 104 according to an embodiment of the present invention;
FIG. 3 is a schematic structural diagram of an inter-process static program analysis information extraction apparatus according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of the second extraction module 14 according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "comprises" and "comprising," and any variations thereof, in the description and claims of this invention, are intended to cover non-exclusive inclusions, e.g., a process or an apparatus that comprises a list of steps is not necessarily limited to those structures or steps expressly listed but may include other steps or structures not expressly listed or inherent to such process or apparatus.
For clarity of description, the following first explains keywords related to the embodiments of the present invention:
in-process analysis: refers to an analysis in units of procedures or functions in a program;
inter-process analysis: refers to an analysis in which the whole program is taken as a scope, including all processes or functions in the program;
LLVM: english is called Low Level Virtual Machine, Chinese name is Low-Level Virtual Machine
LLVM IR: english is called LLVM Intermediate reproduction, and Chinese means middle Representation of LLVM.
Fig. 1 is a flowchart of an inter-process static program analysis information extraction method according to an embodiment of the present invention, which may be executed by an inter-process static program analysis information extraction device (hereinafter, referred to as an extraction device) installed in a computer. As shown in fig. 1, the method includes:
In this embodiment, LLVM IR is an intermediate representation of LLVM, and is an important component of LLVM compiling framework. The LLVM IR contains rich program analysis information, which is composed of information such as modules, global variables, functions, and connection types. These program information include intra-process information (information of functions and basic blocks within the functions) and inter-process information (information of pointers to intra-process information, function calls, and function pointers). The LLVM IR file consists of LLVM instructions. LLVM instructions include, but are not limited to: a terminate instruction, a br instruction, a switch instruction.
And 102, extracting in-process program analysis information from the LLVMIR file based on the br instruction and the ret instruction in the LLVM IR file.
In this embodiment, the LLVM IR file is used as an input to extract the inter-process static program analysis information. The extraction of the inter-process static program analysis information is based on the extraction of the intra-process program analysis information. The in-process refers to functions, each function is composed of one or a plurality of basic blocks, one basic block is composed of one or a plurality of sentences, and the information of the basic blocks in the process is distinguished by terminating instructions such as switch, ret, br and the like in LLVM IR.
When executing the operation of traversing the instructions in the LLVM IR file, firstly converting the basic block statements of the functions in the LLVM IR file into the instructions in the LLVM, wherein each basic block is composed of a plurality of LLVM instructions, and the basic blocks are divided by br, ret and other terminal instructions. The entry basic block (entry basic block) of the function is ended with br instruction and the number and name of the subsequent basic blocks are indicated by label instructions, in this embodiment, one label instruction corresponds to one subsequent basic block, and two label instructions exist in the br instruction of the entry basic block, that is, two subsequent basic blocks exist. The extraction of the in-process program analysis information is to obtain a terminal instruction (such as br, ret, and the like) of each basic block by traversing each function in the LLVMIR file, extract information of a subsequent basic block according to the information in the terminal instruction of the basic block, and extract the in-process program analysis information from the basic block of the function. Specifically, in this embodiment, the method for extracting the in-process program analysis information may refer to the prior art, and is not described herein in detail.
And 103, determining whether a call instruction in the LLVM IR file is a call instruction related to a function pointer, wherein if not, executing the step 104, otherwise, executing the step 105.
Optionally, this embodiment determines whether the call instruction is a call instruction related to a function pointer according to a specific format form of the call instruction, for example, a call instruction related to a non-function pointer (i.e., a direct function call), where the format form may be generally expressed as: call name @ function name (argument table), function pointer dependent (i.e. indirect function call) call instructions, which may be generally represented in format as call% 1 (argument table), where% 1 represents a temporary variable, so that, by the specific format of the call instruction, it may be determined whether the call instruction includes a direct function call or an indirect function call. It is understood that this is by way of illustration and not by way of limitation.
And 104, extracting information of direct function call from the call instruction.
Specifically, fig. 2 is a flowchart of an execution method of step 104 according to an embodiment of the present invention, and as shown in fig. 2, step 104 includes the following sub-steps:
And step 202, if the call instruction is matched with the call instruction, extracting library function direct call information of the call instruction.
And step 203, if the call instruction is not matched with the library function, extracting general function direct call information of the call instruction, wherein the general function direct call refers to direct call of other functions except the library function.
Optionally, in the process of traversing an instruction in the LLVM IR file, if the traversed call instruction is a call instruction that is not related to a function pointer (i.e., direct function call), matching the name of the function in the call instruction with the name of a library function stored in advance, if the result of the matching is that the library function direct call is performed in the call instruction, extracting library function direct call information (such as the name of the library function, but not limited to the name of the library function) of the call instruction, and if the result of the matching is not matched, determining that the function call in the call instruction is a general function call, at this time, extracting general function direct call information (such as the name of the general function, but not limited to the name of the library function) of the call instruction, where the general function direct call is a direct call of a function other than the library function.
For example, if the format of the call instruction is call. @ function a (parameter table), where the function a is a library function, information that the call instruction directly calls the library function a is extracted. It is understood that this is by way of illustration and not by way of limitation.
And 105, extracting the pointing information of the function pointer in the call instruction according to the store instruction and the load instruction before the call instruction.
In an actual scenario, if the call instruction obtained by traversal is a call instruction related to a function pointer, a store instruction and a load instruction related to the call instruction are usually included before the call instruction, for example, the related instruction form may be represented as follows:
a store. @ actual function name B. @ function pointer name a
% 1 ═ load
call% 1 (parameter table)
Of course, the form of the instructions herein is merely exemplary and not intended to be the only limitation on the present invention. Therefore, when the call instruction obtained by traversal is a call instruction related to a function pointer, the present embodiment may determine, according to the store instruction and the load instruction obtained by lookup in an instruction before the call, a function pointed to by the function pointer in the call instruction, so as to obtain pointing information (for example, a name of the pointed function) of the function pointer in the call instruction.
Optionally, after determining the function pointed by the function pointer in the call instruction, this embodiment may further determine whether the function pointed by the function pointer is a library function or a general function, extract, when the function pointed by the function pointer is a library function, name information of the function pointed by the function pointer of the call instruction and information that the function is directly called by the library function, and when the function pointed by the function pointer is a general function, extract, name information of the function pointed by the function pointer of the call instruction and information that the function is directly called by the general function.
And 106, after the traversal is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all the information of direct function call and the pointing information of the function pointer.
In this embodiment, based on the extracted in-process program analysis information, and all information of direct function call and the pointing information of the function pointer, the method for generating the inter-process static program analysis information may refer to the prior art, and is not described herein again.
In this embodiment, by traversing the instructions in the LLVM IR file; extracting in-process program analysis information from the LLVM IR file based on br instructions and ret instructions in the LLVM IR file; determining whether a call instruction in the LLVM IR file is a call instruction related to a function pointer; if not, extracting information of direct function call from the call instruction; if so, extracting the pointing information of the function pointer in the call instruction according to the store instruction and the load instruction before the call instruction; after traversing is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all the information of direct function calling and the pointing information of the function pointer. Therefore, the problems that the function pointer pointing information is not accurately acquired and the library function calling information processing is incomplete in static program analysis are solved.
Fig. 3 is a schematic structural diagram of an inter-process static program analysis information extraction apparatus according to an embodiment of the present invention, as shown in fig. 3, the apparatus includes:
the traversing module 11 is used for traversing the instructions in the LLVM IR file;
a first extracting module 12, configured to extract in-process program analysis information from the LLVM IR file based on the br instruction and the ret instruction in the LLVM IR file;
a determining module 13, configured to determine whether a call instruction in the LLVM IR file is a call instruction related to a function pointer;
the second extraction module 14 is configured to, when the call instruction is not a call instruction related to a function pointer, extract information of a direct function call from the call instruction;
the third extracting module 15 is configured to, when the call instruction is a call instruction related to a function pointer, extract, according to a store instruction and a load instruction before the call instruction, pointing information of the function pointer in the call instruction;
and the generating module 16 is configured to generate inter-process static program analysis information based on the extracted in-process program analysis information, and all information of direct function call and the pointing information of the function pointer after the traversal is completed.
Optionally, the third extraction module 15 is specifically configured to
Determining a function pointed by a function pointer in the call instruction according to a store instruction and a load instruction before the call instruction, and determining whether the function is a library function;
if so, extracting name information of a function pointed by a function pointer of the call instruction and information that the function is directly called by a library function;
if not, extracting name information of the function pointed by the function pointer of the call instruction and information that the function is directly called by a common function.
Optionally, the first extraction module 12 is specifically configured to:
and acquiring a basic block of a function in the LLVM IR file based on the br instruction and the ret instruction in the LLVM IR file, and extracting in-process program analysis information from the basic block of the function in the LLVM IR file.
The inter-process static program analysis information extraction apparatus provided in this embodiment can be used to execute the method in the embodiment in fig. 1, and the specific execution manner and the beneficial effects thereof are similar and will not be described again here.
Fig. 4 is a schematic structural diagram of the second extraction module 14 according to an embodiment of the present invention, and as shown in fig. 4, on the basis of the embodiment of fig. 3, the second extraction module 14 includes:
the matching submodule 141 is configured to match the name of the function in the call instruction with a prestored library function name;
the first extraction submodule 142 is configured to extract library function direct call information of the call instruction during matching;
and the second extraction submodule 143 is configured to, when the call instruction does not match, fetch general function direct call information of the call instruction, where the general function direct call refers to a direct call of a function other than the library function.
The inter-process static program analysis information extraction apparatus provided in this embodiment can be used to execute the method in the embodiment in fig. 2, and the specific execution manner and the beneficial effects thereof are similar and will not be described again here.
An embodiment of the present invention further provides a program analysis device, including:
a processor:
a memory for storing the processor-executable instructions;
when the processor executes the executable instructions, the following method is performed:
traversing instructions in the LLVM IR file;
extracting in-process program analysis information from the LLVM IR file based on br instructions and ret instructions in the LLVM IR file;
determining whether a call instruction in the LLVM IR file is a function pointer related call instruction;
if not, extracting information of direct function call from the call instruction;
if so, extracting the pointing information of the function pointer in the call instruction according to a store instruction and a load instruction before the call instruction;
after traversing is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all the information of direct function calling and the pointing information of the function pointer.
An embodiment of the present invention provides a computer-readable storage medium, which includes instructions, and when the instructions are run on the computer, the computer executes the following method:
traversing instructions in the LLVM IR file;
extracting in-process program analysis information from the LLVM IR file based on br instructions and ret instructions in the LLVM IR file;
determining whether a call instruction in the LLVM IR file is a function pointer related call instruction;
if not, extracting information of direct function call from the call instruction;
if so, extracting the pointing information of the function pointer in the call instruction according to a store instruction and a load instruction before the call instruction;
after traversing is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all the information of direct function calling and the pointing information of the function pointer.
Finally, it should be noted that, as one of ordinary skill in the art will appreciate, all or part of the processes of the methods of the embodiments described above may be implemented by hardware related to instructions of a computer program, where the computer program may be stored in a computer-readable storage medium, and when executed, the computer program may include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), a Random Access Memory (RAM), or the like.
Each functional unit in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a separate product, may also be stored in a computer readable storage medium. The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
The above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (6)
1. An inter-process static program analysis information extraction method is characterized by comprising the following steps:
traversing instructions in the LLVM IR file;
extracting in-process program analysis information from the LLVM IR file based on br instructions and ret instructions in the LLVM IR file;
determining whether a call instruction in the LLVM IR file is a function pointer related call instruction;
if not, extracting information of direct function call from the call instruction;
if so, extracting the pointing information of the function pointer in the call instruction according to a store instruction and a load instruction before the call instruction;
after traversing is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all information of direct function calling and the pointing information of the function pointer;
wherein, the extracting the information of the direct function call from the call instruction comprises:
matching the name of the function in the call instruction with a pre-stored library function name; if the call instruction is matched with the call instruction, extracting library functions of the call instruction to directly call information; if not, extracting general function direct calling information of the call instruction, wherein the general function direct calling refers to direct calling of other functions except the library function;
correspondingly, the extracting the pointing information of the function pointer in the call instruction according to the store instruction and the load instruction before the call instruction includes:
determining a function pointed by a function pointer in the call instruction according to a store instruction and a load instruction before the call instruction, and determining whether the function is a library function; if so, extracting name information of a function pointed by a function pointer of the call instruction and information that the function is directly called by a library function; if not, extracting name information of the function pointed by the function pointer of the call instruction and information that the function is directly called by a common function.
2. The method of claim 1, wherein extracting in-process program analysis information from the LLVM IR file based on br instructions and ret instructions in the LLVM IR file comprises:
and acquiring a basic block of a function in the LLVM IR file based on the br instruction and the ret instruction in the LLVM IR file, and extracting in-process program analysis information from the basic block of the function in the LLVM IR file.
3. An inter-process static program analysis information extraction apparatus, comprising:
the traversing module is used for traversing the instruction in the LLVM IR file;
a first extraction module, configured to extract in-process program analysis information from the LLVM IR file based on the br instruction and the ret instruction in the LLVM IR file;
the determining module is used for determining whether a call instruction in the LLVM IR file is a call instruction related to a function pointer;
the second extraction module is used for extracting information of direct function call from the call instruction when the call instruction is not the call instruction related to the function pointer;
the third extraction module is used for extracting the pointing information of the function pointer in the call instruction according to a store instruction and a load instruction before the call instruction when the call instruction is the call instruction related to the function pointer;
the generating module is used for generating inter-process static program analysis information based on the extracted in-process program analysis information, all the information of direct function call and the pointing information of the function pointer after the traversal is finished;
wherein the second extraction module comprises:
the matching submodule is used for matching the name of the function in the call instruction with the name of a pre-stored library function;
the first extraction submodule is used for extracting library function direct calling information of the call instruction during matching;
the second extraction submodule is used for extracting general function direct calling information of the call instruction when the call instruction is not matched, wherein the general function direct calling refers to the direct calling of other functions except the library function;
correspondingly, the third extraction module is specifically configured to determine, according to a store instruction and a load instruction before the call instruction, a function pointed by a function pointer in the call instruction, and determine whether the function is a library function; if so, extracting name information of a function pointed by a function pointer of the call instruction and information that the function is directly called by a library function; if not, extracting name information of the function pointed by the function pointer of the call instruction and information that the function is directly called by a common function.
4. The apparatus of claim 3, wherein the first extraction module is specifically configured to:
and acquiring a basic block of a function in the LLVM IR file based on the br instruction and the ret instruction in the LLVM IR file, and extracting in-process program analysis information from the basic block of the function in the LLVM IR file.
5. A program analysis apparatus, comprising:
a processor:
a memory for storing the processor-executable instructions;
when the processor executes the executable instructions, the following method is performed:
traversing instructions in the LLVM IR file;
extracting in-process program analysis information from the LLVM IR file based on br instructions and ret instructions in the LLVM IR file;
determining whether a call instruction in the LLVM IR file is a function pointer related call instruction;
if not, extracting information of direct function call from the call instruction;
if so, extracting the pointing information of the function pointer in the call instruction according to a store instruction and a load instruction before the call instruction;
after traversing is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all information of direct function calling and the pointing information of the function pointer;
wherein, the extracting the information of the direct function call from the call instruction comprises:
matching the name of the function in the call instruction with a pre-stored library function name; if the call instruction is matched with the call instruction, extracting library functions of the call instruction to directly call information; if not, extracting general function direct calling information of the call instruction, wherein the general function direct calling refers to direct calling of other functions except the library function;
correspondingly, the extracting the pointing information of the function pointer in the call instruction according to the store instruction and the load instruction before the call instruction includes:
determining a function pointed by a function pointer in the call instruction according to a store instruction and a load instruction before the call instruction, and determining whether the function is a library function; if so, extracting name information of a function pointed by a function pointer of the call instruction and information that the function is directly called by a library function; if not, extracting name information of the function pointed by the function pointer of the call instruction and information that the function is directly called by a common function.
6. A computer-readable storage medium comprising instructions which, when executed on the computer, the computer performs a method comprising:
traversing instructions in the LLVM IR file;
extracting in-process program analysis information from the LLVM IR file based on br instructions and ret instructions in the LLVM IR file;
determining whether a call instruction in the LLVM IR file is a function pointer related call instruction;
if not, extracting information of direct function call from the call instruction;
if so, extracting the pointing information of the function pointer in the call instruction according to a store instruction and a load instruction before the call instruction;
after traversing is finished, generating inter-process static program analysis information based on the extracted in-process program analysis information, all information of direct function calling and the pointing information of the function pointer;
wherein, the extracting the information of the direct function call from the call instruction comprises:
matching the name of the function in the call instruction with a pre-stored library function name; if the call instruction is matched with the call instruction, extracting library functions of the call instruction to directly call information; if not, extracting general function direct calling information of the call instruction, wherein the general function direct calling refers to direct calling of other functions except the library function;
correspondingly, the extracting the pointing information of the function pointer in the call instruction according to the store instruction and the load instruction before the call instruction includes:
determining a function pointed by a function pointer in the call instruction according to a store instruction and a load instruction before the call instruction, and determining whether the function is a library function; if so, extracting name information of a function pointed by a function pointer of the call instruction and information that the function is directly called by a library function; if not, extracting name information of the function pointed by the function pointer of the call instruction and information that the function is directly called by a common function.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711423522.2A CN108132799B (en) | 2017-12-25 | 2017-12-25 | Inter-process static program analysis information extraction method, device and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711423522.2A CN108132799B (en) | 2017-12-25 | 2017-12-25 | Inter-process static program analysis information extraction method, device and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108132799A CN108132799A (en) | 2018-06-08 |
| CN108132799B true CN108132799B (en) | 2021-03-16 |
Family
ID=62392404
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711423522.2A Active CN108132799B (en) | 2017-12-25 | 2017-12-25 | Inter-process static program analysis information extraction method, device and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108132799B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109933365B (en) * | 2018-12-28 | 2022-08-19 | 蜂巢能源科技有限公司 | Method and device for generating function call tree |
| CN112100059B (en) * | 2020-08-20 | 2021-09-14 | 浙江大学 | C language pointer type analysis method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104331368A (en) * | 2014-11-18 | 2015-02-04 | 合肥康捷信息科技有限公司 | Method for performing static analysis on C++ virtual function call upon cfg (configuration) files |
| US9390260B2 (en) * | 2014-06-09 | 2016-07-12 | Lehigh University | Methods for enforcing control flow of a computer program |
| CN106599516A (en) * | 2016-12-30 | 2017-04-26 | 北京航天测控技术有限公司 | Method and device for automatically generating test vectors based on circuit board |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7921418B2 (en) * | 2006-08-15 | 2011-04-05 | International Business Machines Corporation | Compile time evaluation of library functions |
-
2017
- 2017-12-25 CN CN201711423522.2A patent/CN108132799B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9390260B2 (en) * | 2014-06-09 | 2016-07-12 | Lehigh University | Methods for enforcing control flow of a computer program |
| CN104331368A (en) * | 2014-11-18 | 2015-02-04 | 合肥康捷信息科技有限公司 | Method for performing static analysis on C++ virtual function call upon cfg (configuration) files |
| CN106599516A (en) * | 2016-12-30 | 2017-04-26 | 北京航天测控技术有限公司 | Method and device for automatically generating test vectors based on circuit board |
Non-Patent Citations (3)
| Title |
|---|
| 可执行程序的反编译;雷涛;《中国优秀硕士学位论文全文数据库(电子期刊)信息科技辑》;20050715(第03期);I138-108 * |
| 基于编译器的内核控制流程图获取方法研究;王维明;《中国优秀硕士学位论文全文数据库(电子期刊)信息科技辑》;20160415(第04期);I138-75 * |
| 王维明.基于编译器的内核控制流程图获取方法研究.《中国优秀硕士学位论文全文数据库(电子期刊)信息科技辑》.2016,(第04期),I138-75. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108132799A (en) | 2018-06-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9389849B2 (en) | Test case pattern matching | |
| US10108536B2 (en) | Integrated automated test case generation for safety-critical software | |
| US20170228309A1 (en) | System and method for equivalence class analysis-based automated requirements-based test case generation | |
| US20130275946A1 (en) | Systems and methods for test development process automation for a test harness | |
| US8719797B2 (en) | System and method for debugging dynamically generated code of an application | |
| US9274930B2 (en) | Debugging system using static analysis | |
| CN111209185B (en) | Keyword-based automated testing method and computer-readable storage medium | |
| US20180025162A1 (en) | Application program analysis apparatus and method | |
| KR102013657B1 (en) | Apparatus for statically analyzing assembly code including assoxiated multi files | |
| CN108132799B (en) | Inter-process static program analysis information extraction method, device and equipment | |
| CN108874649B (en) | Method and device for generating automatic test script and computer equipment thereof | |
| EP3570173B1 (en) | Equivalence verification apparatus and equivalence verification program | |
| CN116069334B (en) | Cloud-protogenesis-based online development and code hosting method and system | |
| CN111488275A (en) | UI automation test method and device, storage medium and electronic equipment | |
| CN115033434B (en) | Method and device for calculating kernel performance theoretical value and storage medium | |
| CN112861138A (en) | Software security analysis method and analysis device, electronic device, and storage medium | |
| US9489284B2 (en) | Debugging method and computer program product | |
| US20120227029A1 (en) | Method for code transformation supporting temporal abstraction of parameters | |
| EP2782005A1 (en) | Verifying state reachability in a statechart model having computer program code embedded therein | |
| EP1868099A1 (en) | Bug management tool | |
| US20110191395A1 (en) | Reducing Image Footprints | |
| US11886328B2 (en) | Test information extraction apparatus, test information extraction method and program | |
| CN116185883A (en) | Test case generation method, test system, device, equipment and medium | |
| CN105589904A (en) | Bytecode comparison based influence backtracking analysis method and backtracking analysis device | |
| CN117056211A (en) | Low-code automatic test method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |