sorry for lack of updates recently, most of the time was consumed in exploring
GCC's devirtualiser and experimenting with some approaches, and didn’t got
enough content out everyday for a daily-report.
AIM:
- get the analyzer figure out which function to call when a vritual function is
called.
---
PROGRESS :
The plan is to use functions GCC's devirtualiser to directly find out possible
targets functions that can be called when a virtual function is called and then
let analyzer analyzer every single one of them by creating enodes and eedges.
- I expanded upon my last update ( detecting calls via function pointers ), and
figured out that in case of a vfunc call, the regional model would not be able
to find a fn_decl for the given gcall. ( i.e.
model->get_fndecl_for_call(call,&ctxt) would return NULL ).
- The only function I want to use from the ipa-devirt was
possible_polymorphic_call_targets () { declared in ipa-utils.h:114, this
function basically returns a vector of cgraph_nodes representing the possible
callee's of an indirect polymorphic call (represented by a cgraph_edge) }, and
to use that I needed the cgraph_edge representing the call.
- In case of a vfunc call, we would have an indirect call edge ( an edge where
callee is not known as compiletime ) which I obtained from the gimple call of
the stmt.
- After that I confirmed if it is a polymorphic call or not (condition:
edge->indirect_info->polymorphic should be exist )
- Once made sure that it's a vfunc call the analyzer is looking at, I simplay
used the possible_polymorphic_call_targets () function to get a vector for all
the possible targets it can call.
- The results were amazing, not only the analyzer was now able to figure out
which functions can be called for simple cases, but the fact that ipa-devirt
also uses it's inheritance graph to search for possible calls was making it
possible for analyzer(who doesn't understand inheritance yet) to even correctly
detect calls that were happening via a base class pointer. :)
- Now all that is left is to make the analyzer speculate those calls by
creating enodes and eedges for the calls ( similar to how it does in case for
function pointers ).
---
STATUS AT THE END OF THE DAY :-
- get the analyzer figure out which function to call when a vritual function is
called. ( done )
Thank you
- Ankur
