package frama-c

  1. Overview
  2. Docs
Legend:
Library
Module
Module type
Parameter
Class
Class type

Internals types

Internals type definitions should be hidden to the outside world, but it is not really possible to have abstract types since Slicing has to use Db.Slicing functions...

About options

type level_option =
  1. | DontSlice
    (*

    don't build slice for the function : ie. always call the source function.

    *)
  2. | DontSliceButComputeMarks
    (*

    don't slice the called functions, * but compute the marks for them

    *)
  3. | MinNbSlice
    (*

    try to use existing slices, create at most one

    *)
  4. | MaxNbSlice
    (*

    most precise slices (but merge slices with the same visibility, even if they don't have the same marks)

    *)

associate a level to each function in order to control how it will be * specialized. This is only a hint used when the tool has to make a choice, * but it doesn't forbid to the user to do whatever he wants * (like building slices for a DontSlice function).

About function slice

type mark =
  1. | Cav of Pdg_types.PdgTypes.Dpd.t
  2. | Spare

Kinds of elementary marks.

val compare_mark : mark -> mark -> int
type pdg_mark = {
  1. m1 : mark;
  2. m2 : mark;
}

Each PDG element has 2 marks to deal with interprocedural propagation

val pdg_mark_packed_descr : Frama_c_kernel.Structural_descr.pack
val compare_pdg_mark : pdg_mark -> pdg_mark -> int
type fct_info = {
  1. fi_kf : Frama_c_kernel.Cil_types.kernel_function;
  2. fi_def : Frama_c_kernel.Cil_types.fundec option;
  3. mutable fi_top : pdg_mark option;
    (*

    indicates if the function is marked top (=> src visible)

    *)
  4. mutable fi_level_option : level_option;
    (*

    level of specialisation for this function

    *)
  5. mutable fi_init_marks : ff_marks option;
    (*

    the marks that must be in every slices of that function

    *)
  6. mutable fi_slices : fct_slice list;
    (*

    the list of the slices already computed for this function.

    *)
  7. mutable fi_next_ff_num : int;
    (*

    the number to assign to the next slice.

    *)
  8. mutable f_called_by : called_by;
    (*

    calls in slices that call source fct

    *)
}

Type for all the informations related to any function, * even if we don't have its definition.

and called_by = (fct_slice * Frama_c_kernel.Cil_types.stmt) list

to represent where a function is called.

and fct_slice = {
  1. ff_fct : fct_info;
  2. ff_id : int;
  3. mutable ff_marks : ff_marks;
  4. mutable ff_called_by : called_by;
}

Function slice : created as soon as there is a criterion to compute it, even if the slice itself hasn't been computed yet.

and fct_id =
  1. | FctSrc of fct_info
    (*

    source function

    *)
  2. | FctSliced of fct_slice
    (*

    sliced function

    *)

fct_id is used to identify either a source function or a sliced one.

and called_fct =
  1. | CallSrc of fct_info option
    (*

    call the source function (might be unknown if the call uses pointer)

    *)
  2. | CallSlice of fct_slice
and call_info = called_fct option

information about a call in a slice which gives the function to call

main part of a slice = mapping between the function elements and information about them in the slice.

and project = {
  1. functions : fct_info Frama_c_kernel.Cil_datatype.Varinfo.Hashtbl.t;
  2. mutable actions : criterion list;
}
and appli_criterion =
  1. | CaGlobalData of Frama_c_kernel.Locations.Zone.t
    (*

    select all that is necessary to compute the given location.

    *)
  2. | CaCall of fct_info
    (*

    select all that is necessary to call the given function. * Its application generates requests to add persistent selection * to all the function callers.

    *)
  3. | CaOther

Slicing criterion at the application level. When applied, they are translated into fct_criterion

and fct_base_criterion = pdg_mark Pdg_types.PdgMarks.select

Base criterion for the functions. These are the only one that can really generate function slices. All the other criteria are translated in more basic ones. Note that to build such a base criterion, the PDG has to be already computed.

Used to identify a location (zone) at a given program point. * The boolean tell if the point is before (true) or after the statement

and node_or_dpds =
  1. | CwNode
  2. | CwAddrDpds
  3. | CwDataDpds
  4. | CwCtrlDpds

node_or_dpds tells how we want to select nodes, or some of their dependencies (see fct_user_crit).

and fct_user_crit =
  1. | CuSelect of pdg_mark Pdg_types.PdgMarks.select
  2. | CuTop of pdg_mark
    (*

    the function has probably no PDG, but we nonetheless give a mark to propagate

    *)

Tells which marks we want to put in the slice of a function

and fct_crit =
  1. | CcUserMark of fct_user_crit
    (*

    add marks to a slice

    *)
  2. | CcChooseCall of Frama_c_kernel.Cil_types.stmt
    (*

    have to choose what function to call here.

    *)
  3. | CcChangeCall of Frama_c_kernel.Cil_types.stmt * called_fct
    (*

    call the called_fct for the given call Cil_types.stmt

    *)
  4. | CcMissingOutputs of Frama_c_kernel.Cil_types.stmt * pdg_mark Pdg_types.PdgMarks.select * bool
    (*

    this call is affected to a function that doesn't compute enough * outputs : we will have to choose between adding outputs to that slice, * or call another one. The boolean tells if the modifications would * change the visibility of some outputs.

    *)
  5. | CcMissingInputs of Frama_c_kernel.Cil_types.stmt * pdg_mark Pdg_types.PdgMarks.select * bool
    (*

    the function calls a slice that has been modified : * and doesn't compute not enough inputs. * We will have to choose between adding marks to this function, * and call another slice. * The boolean tells if the modifications would * change the visibility of some inputs.

    *)
  6. | CcPropagate of pdg_mark Pdg_types.PdgMarks.select
    (*

    simply propagate the given marks

    *)
  7. | CcExamineCalls of pdg_mark Pdg_types.PdgMarks.info_called_outputs

kinds of actions that can be apply to a function

and fct_criterion = {
  1. cf_fct : fct_id;
    (*

    Identification of the RESULT of this filter. * When it a a slice, it might be an existing slice that will be modified, * or a new one will be created during application. * When it is the source function, it means what the criterion has to be * applied on each existing slice, and stored into the initial marks of * the function.

    *)
  2. cf_info : fct_crit;
}

Slicing criterion for a function.

and criterion =
  1. | CrAppli of appli_criterion
  2. | CrFct of fct_criterion

A slicing criterion is either an application level criterion, or a function level one.

Internals values

For the datatypes of these internals types

val dummy_pdg_mark : pdg_mark
val dummy_fct_info : fct_info
val dummy_fct_slice : fct_slice
val dummy_fct_user_crit : fct_user_crit
val dummy_project : project

The whole project.

OCaml

Innovation. Community. Security.