search

secure-software-engineering / phasar

A LLVM-based static analysis framework.
Other
933 stars 140 forks source link

long time to build ICFG for big programs #675

Closed yuffon closed 11 months ago

yuffon commented 11 months ago

I am using phasar to conduct dataflow analysis for a target program "tcpdump". Basically, I use the following code to build ICFG.

std::vector<std::string> EntryPoints = {"main"};
HelperAnalyses HA(&mainModule, EntryPoints);
LLVMProjectIRDB& DB = HA.getProjectIRDB();
LLVMTypeHierarchy &H = HA.getTypeHierarchy();
LLVMBasedICFG &I = HA.getICFG();

I find the statement HA.getICFG() needs 20 minutes to build ICFG. Is there some method to accelerate this step in phasar?

fabianbs96 commented 11 months ago

Hi @yuffon, I could not reproduce your issue on my system. For me that ICFG construction took around 35 seconds.

Can you share a bit more detail about your setup? In particular I am interested in the output of phasar-cli -Sm tcpdump.bc to see whether we analyzed the same IR. Additionally, can you tell me, how you built phasar (cmake flags)?

yuffon commented 11 months ago

Hi @yuffon, I could not reproduce your issue on my system. For me that ICFG construction took around 35 seconds.

Can you share a bit more detail about your setup? In particular I am interested in the output of phasar-cli -Sm tcpdump.bc to see whether we analyzed the same IR. Additionally, can you tell me, how you built phasar (cmake flags)?

I use wllvm to compile the latest version of tcpdump and extract a big bc file. The output of llvm-dis is a big IR file containing 480K lines of code (many of them are metadata). The output of phasar-cli -Sm tcpdump.bc is 

LLVM IR instructions:   226072
Functions:  1218
Globals:    14258
Global Consts:  13760
Global Variables:   498
Alloca Instructions:    777
Call Sites: 72954
Branches:   24955
GetElementPtrs: 18116
Phi Nodes:  5817
Basic Blocks:   33368

By the way, I compile Phasar using the following steps.

export CC=clang
export CXX=clang++
cmake -DCMAKE_BUILD_TYPE=Release 
make -j12

I have tested Debug and Release versions of Phasar. Both versions need 20 minutes to build ICFG from tcpdump.bc.

MMory commented 11 months ago

Hi @yuffon ,

it is a bit suspicious that both Debug and Release builds of phasar need the same time to analyze. Could you please confirm that you are indeed executing the Release built version?

Could you please provide the bc file of tcpdump that your compilation outputs? That could help @fabianbs96 and myself to reproduce your issue.

yuffon commented 11 months ago

Sorry that I confuse the debug and release version of LLVM on one of my computers. I have used the release version of LLVM to build Phasar again. The new version spend 110 seconds to build the ICFG. By the way, the tcpdump.bc file I am analyzing is here. Sorry bother you again. I think we can close this issue.