A CIL Tutorial - Department of Computer Science - ETH Zürich
A CIL Tutorial - Department of Computer Science - ETH Zürich A CIL Tutorial - Department of Computer Science - ETH Zürich
CHAPTER 4. INSTRUMENTATION 38 findOrCreateFunc : file → string → typ → varinfo. If the function is found, the varinfo for it is returned, otherwise a prototype for the function is added to the le, and the varinfo for it is returned. let initTutFunctions (f : file) : unit = let focf : string → typ → varinfo = findOrCreateFunc f in let bl type = mkFunTyp voidType ["f", charConstPtrType; "l", intType] in let el type = mkFunTyp voidType ["f", charConstPtrType; "l", intType; "c", intType; ] in tutfuns.begin loop ← focf begin loop str bl type; tutfuns.end loop ← focf end loop str el type 4.1.2 Loop instrumentation The function makeInstrStmts creates four statements that we'll add to loops. In the returned tuple, the rst statement calls the loop begin instrumentation function. The second statement initializes the iteration counter to zero. The third statement increments the iteration counter, and the fourth statement calls the loop end instrumentation function. In makeInstrStmts we use some shorthand. mkString turns an OCaml string into a Cil.exp constant expression. The integer function does the same for OCaml ints. The v2e function creates an exp out of a varinfo. The var function creates an lval from a varinfo, and the i2s function creates a stmt from an instr. All these can be found in Tututil or Cil. let makeInstrStmts (counter : varinfo) (loc : location) : stmt × stmt × stmt × stmt = let f, l = mkString loc.file, integer loc.line in i2s (Call(None, v2e tutfuns.begin loop, [f; l], loc)), i2s (Set(var counter, zero, loc)), i2s (Set(var counter, BinOp(PlusA, v2e counter, one, counter.vtype), loc)), i2s (Call(None, v2e tutfuns.end loop, [f; l; v2e counter], loc)) The class loopInstrumenterClass is a visitor that uses makeInstrStmts to instrument loops. In vstmt we update the statement s by writing to the mutable skind eld instead of rebuilding a whole new statement so that we don't have to worry about copying over all the other elds, which we'd like to remain the same. In particular, it is very easy to forget about statement labels. Further, we use ChangeDoChildrenPost because there might be nested loops. Remember: ChangeDoChildrenPost recurses into s's children before handling s. That way, we have no innite loops due to turning s into a statement that contains the original s. class loopInstrumenterClass (fd : fundec) = object(self) inherit nopCilVisitor
CHAPTER 4. INSTRUMENTATION 39 method vstmt (s : stmt) = let action s = match s.skind with | Loop(b, loc, co, bo) → let counter = makeTempVar fd intType in let ss, cis, is, es = makeInstrStmts counter loc in b.bstmts ← is :: b.bstmts; let nb = mkBlock [ss; cis; mkStmt s.skind; es] in s.skind ← Block nb; s | → s in ChangeDoChildrenPost(s, action) end The function processFunction applies the loopInstrumenterClass to a function. let processFunction (fd : fundec) (loc : location) : unit = let vis = new loopInstrumenterClass fd in ignore(visitCilFunction vis fd) The function tut4 is the entry point in the module. It applies processFunction to every function in a file. let tut4 (f : file) : unit = initTutFunctions f; iterGlobals f (onlyFunctions processFunction) Now we have added a bunch of function calls to the code. Several questions remain: • Where are these functions dened? In ciltut-lib/src/tut4.c • How does that le get built? We use cmake to congure and build the library libciltut. The build of the library can be adjusted by modifying the CMakeLists.txt les under the ciltut-lib directory. The Makefile generated by cmake is invoked from the root Makefile when ciltutcc is built. • How does that library get linked in to something that ciltutcc is building? There is a Perl script in lib/Ciltut.pm that wraps up this OCaml program to make it look like gcc (and a couple other compilers). It has a function called processArguments where we add the library to a list in @{$self → {CILTUTLIBS}}. When this Perl script detects that it is being used for the link stage of a build, it adds libciltut.a to the list of object les to link in.
- Page 1 and 2: A CIL Tutorial Using CIL for langua
- Page 3 and 4: Contents Preface 4 Introduction 5 0
- Page 5 and 6: CONTENTS 3 13 Whole-program Analysi
- Page 7 and 8: Introduction The C Intermediate Lan
- Page 9 and 10: References [1] clang: a C language
- Page 11 and 12: CHAPTER 0. OVERVIEW AND ORGANIZATIO
- Page 13 and 14: Chapter 1 The AST The Concrete Synt
- Page 15 and 16: CHAPTER 1. THE AST 13 1.2 Printing
- Page 17 and 18: References [1] Andrew W. Appel. Mod
- Page 19 and 20: CHAPTER 2. VISITING THE AST 17 open
- Page 21 and 22: CHAPTER 2. VISITING THE AST 19 $ ci
- Page 23 and 24: Chapter 3 Dataow Analysis Dataow An
- Page 25 and 26: CHAPTER 3. DATAFLOW ANALYSIS 23 Cod
- Page 27 and 28: CHAPTER 3. DATAFLOW ANALYSIS 25 let
- Page 29 and 30: CHAPTER 3. DATAFLOW ANALYSIS 27 and
- Page 31 and 32: CHAPTER 3. DATAFLOW ANALYSIS 29 let
- Page 33 and 34: CHAPTER 3. DATAFLOW ANALYSIS 31 DoC
- Page 35 and 36: CHAPTER 3. DATAFLOW ANALYSIS 33 tes
- Page 37 and 38: References [1] Aws Albarghouthi, Ra
- Page 39: CHAPTER 4. INSTRUMENTATION 37 type
- Page 43 and 44: CHAPTER 4. INSTRUMENTATION 41 $ cil
- Page 45 and 46: CHAPTER 5. INTERPRETED CONSTRUCTORS
- Page 47 and 48: CHAPTER 5. INTERPRETED CONSTRUCTORS
- Page 49 and 50: Chapter 6 Overriding Functions When
- Page 51 and 52: CHAPTER 6. OVERRIDING FUNCTIONS 49
- Page 53 and 54: References [1] Kumar Avijit, Pratee
- Page 55 and 56: CHAPTER 7. TYPE QUALIFIERS 53 let c
- Page 57 and 58: CHAPTER 7. TYPE QUALIFIERS 55 let w
- Page 59 and 60: CHAPTER 7. TYPE QUALIFIERS 57 $ cil
- Page 61 and 62: Chapter 8 Dependant Type Qualiers O
- Page 63 and 64: CHAPTER 8. DEPENDANT TYPE QUALIFIER
- Page 65 and 66: CHAPTER 8. DEPENDANT TYPE QUALIFIER
- Page 67 and 68: CHAPTER 8. DEPENDANT TYPE QUALIFIER
- Page 69 and 70: CHAPTER 8. DEPENDANT TYPE QUALIFIER
- Page 71 and 72: CHAPTER 8. DEPENDANT TYPE QUALIFIER
- Page 73 and 74: Chapter 9 Type Qualier Inference In
- Page 75 and 76: CHAPTER 9. TYPE QUALIFIER INFERENCE
- Page 77 and 78: CHAPTER 9. TYPE QUALIFIER INFERENCE
- Page 79 and 80: CHAPTER 9. TYPE QUALIFIER INFERENCE
- Page 81 and 82: CHAPTER 9. TYPE QUALIFIER INFERENCE
- Page 83 and 84: Chapter 10 Adding a New Kind of Sta
- Page 85 and 86: CHAPTER 10. ADDING A NEW KIND OF ST
- Page 87 and 88: CHAPTER 10. ADDING A NEW KIND OF ST
- Page 89 and 90: CHAPTER 10. ADDING A NEW KIND OF ST
CHAPTER 4. INSTRUMENTATION 39<br />
method vstmt (s : stmt) =<br />
let action s =<br />
match s.skind with<br />
| Loop(b, loc, co, bo) →<br />
let counter = makeTempVar fd intType in<br />
let ss, cis, is, es = makeInstrStmts counter loc in<br />
b.bstmts ← is :: b.bstmts;<br />
let nb = mkBlock [ss; cis; mkStmt s.skind; es] in<br />
s.skind ← Block nb;<br />
s<br />
| → s<br />
in<br />
ChangeDoChildrenPost(s, action)<br />
end<br />
The function processFunction applies the loopInstrumenterClass to a function.<br />
let processFunction (fd : fundec) (loc : location) : unit =<br />
let vis = new loopInstrumenterClass fd in<br />
ignore(visitCilFunction vis fd)<br />
The function tut4 is the entry point in the module. It applies processFunction to every function<br />
in a file.<br />
let tut4 (f : file) : unit =<br />
initTutFunctions f;<br />
iterGlobals f (onlyFunctions processFunction)<br />
Now we have added a bunch <strong>of</strong> function calls to the code. Several questions remain:<br />
• Where are these functions dened? In ciltut-lib/src/tut4.c<br />
• How does that le get built? We use cmake to congure and build the library libciltut.<br />
The build <strong>of</strong> the library can be adjusted by modifying the CMakeLists.txt les under the<br />
ciltut-lib directory. The Makefile generated by cmake is invoked from the root Makefile<br />
when ciltutcc is built.<br />
• How does that library get linked in to something that ciltutcc is building? There is a<br />
Perl script in lib/Ciltut.pm that wraps up this OCaml program to make it look like gcc<br />
(and a couple other compilers). It has a function called processArguments where we add the<br />
library to a list in @{$self → {<strong>CIL</strong>TUTLIBS}}. When this Perl script detects that it is being<br />
used for the link stage <strong>of</strong> a build, it adds libciltut.a to the list <strong>of</strong> object les to link in.
Change language