-
Notifications
You must be signed in to change notification settings - Fork 2
/
analyze.go
294 lines (256 loc) · 7.37 KB
/
analyze.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
package cautiouspancake
import (
"fmt"
"go/token"
"go/types"
"golang.org/x/tools/go/callgraph"
"golang.org/x/tools/go/callgraph/cha"
"golang.org/x/tools/go/loader"
"golang.org/x/tools/go/ssa"
"golang.org/x/tools/go/ssa/ssautil"
)
// CallGraph keeps track of 'pure' and function
type CallGraph struct {
Prog *loader.Program
CallGraph *callgraph.Graph
Mapping map[*ssa.Function]*Node
IgnoreCall map[string][]string
IgnoreRead map[string][]string
}
// Node contains details on why a function is marked as not pure
type Node struct {
CallGraph *CallGraph
RuleBasic *token.Pos
RuleInterface *token.Pos
RuleCallee *ssa.Function
}
var (
// DefaultIgnoreCall lists functions that should be ignored when
// determining if a function is pure. These calls may technically access
// or modify global state, but the side effects are rarely important.
DefaultIgnoreCall = map[string][]string{
"log": {"Print", "Printf", "Println"},
"fmt": {"Print", "Printf", "Println", "Errorf"},
}
// DefaultIgnoreRead lists global variables that should be ignored
// when determining if a function is pure. These variables may
// change values between function calls, but in practice are most
// often used as constants.
DefaultIgnoreRead = map[string][]string{
"encoding/binary": {"BigEndian", "LittleEndian"},
}
)
// NewCallGraph creates a CallGraph by performing ssa analysis
func NewCallGraph(iprog *loader.Program) *CallGraph {
// Create and build SSA-form program representation
prog := ssautil.CreateProgram(iprog, 0)
prog.Build()
// cha to find dynamic calls
cgo := cha.CallGraph(prog)
cgo.DeleteSyntheticNodes()
return &CallGraph{
Prog: iprog,
CallGraph: cgo,
Mapping: make(map[*ssa.Function]*Node),
IgnoreCall: DefaultIgnoreCall,
IgnoreRead: DefaultIgnoreRead,
}
}
// Pure returns whether an analyzed node is pure.
func (n *Node) Pure() bool {
return (n.RuleBasic == nil && n.RuleInterface == nil && n.RuleCallee == nil)
}
// Reason returns descriptive strings for why a node is not pure.
func (n *Node) Reason() (string, string) {
if n.RuleBasic != nil {
return "basic", fmt.Sprintf("%s", n.CallGraph.Prog.Fset.Position(*n.RuleBasic))
}
if n.RuleInterface != nil {
return "iface", fmt.Sprintf("%s", n.CallGraph.Prog.Fset.Position(*n.RuleInterface))
}
if n.RuleCallee != nil {
return "calls", fmt.Sprintf("%s", n.RuleCallee)
}
return "", ""
}
func (n *Node) String() string {
if n.RuleBasic != nil {
return fmt.Sprintf("Impure - basic - %s", n.CallGraph.Prog.Fset.Position(*n.RuleBasic))
}
if n.RuleInterface != nil {
return fmt.Sprintf("Impure - iface - %s", n.CallGraph.Prog.Fset.Position(*n.RuleInterface))
}
if n.RuleCallee != nil {
return fmt.Sprintf("Impure - calls - %s", n.RuleCallee)
}
return "Pure"
}
// Analyze examines the callgraph looking for functions that modify global
// state or call functions that modify global state.
func (cg *CallGraph) Analyze() error {
// basic analysis
for fn := range cg.CallGraph.Nodes {
n := &Node{
CallGraph: cg,
}
if pos := accessGlobal(fn, cg.IgnoreRead); pos != nil {
n.RuleBasic = pos
}
if pos := usesInterface(fn); pos != nil {
n.RuleInterface = pos
}
cg.Mapping[fn] = n
}
// sub function analysis, if a func calls an func that is not pure then it
// needs to be marked as such
if err := callgraph.GraphVisitEdges(cg.CallGraph, func(edge *callgraph.Edge) error {
// analyze callee (ssa.Function)
callee := edge.Callee.Func
caller := edge.Caller.Func
if isWhitelisted(callee, cg.IgnoreCall) {
return nil
}
// callee modifies state, mark static callers bad as well
if !cg.Mapping[callee].Pure() {
if dynamic(edge) {
if !includes(edge.Site.Common().Value, caller.Params) {
cg.Mapping[edge.Caller.Func].RuleCallee = callee
}
} else {
cg.Mapping[edge.Caller.Func].RuleCallee = callee
}
}
return nil
}); err != nil {
return err
}
return nil
}
// Pure returns a slice of the ssa representations of the pure functions in the
// analyzed package
func (cg *CallGraph) Pure() []*ssa.Function {
// filter output to only include functions imported by the program
var filtered []*ssa.Function
for k, v := range cg.Mapping {
if k == nil {
continue
}
_, ok := cg.Prog.Imported[k.Package().Pkg.Path()]
if ok && v.Pure() {
filtered = append(filtered, k)
}
}
return filtered
}
// Impure returns a slice of the ssa representations of the impure functions
// in the analyzed package
func (cg *CallGraph) Impure() []*ssa.Function {
// filter output to only include functions imported by the program
var filtered []*ssa.Function
for k, v := range cg.Mapping {
if k == nil {
continue
}
_, ok := cg.Prog.Imported[k.Package().Pkg.Path()]
if ok && !v.Pure() {
filtered = append(filtered, k)
}
}
return filtered
}
// Lookup lookup a function in the CallGraph by name and return whether it is
// pure.
func (cg *CallGraph) Lookup(name string) (*ssa.Function, bool) {
for k, v := range cg.Mapping {
if k == nil {
continue
}
if k.RelString(k.Package().Pkg) == name {
return k, v.Pure()
}
}
return nil, false
}
// isWhitelisted returns whether the ssa.Member (function or variable
// reference) is in the whitelist. The whitlelist is a map of package paths to
// a slice of names. Additionally, all error types are considered whitelisted
// since they are commonly used as return values from parsers and I would
// rather not enumerate all errors in the whitelist.
func isWhitelisted(n ssa.Member, whitelist map[string][]string) bool {
if v, ok := n.Type().(*types.Pointer); ok {
if v.String() == "*error" {
return true
}
}
pkg := n.Package().Pkg.Path()
f := n.Name()
if list, ok := whitelist[pkg]; ok {
for _, v := range list {
if f == v {
return true
}
}
}
return false
}
// accessGlobal does a simple analysis of the ssa representation of a function
// to detect whether a global variable is read or modified
func accessGlobal(f *ssa.Function, whitelist map[string][]string) *token.Pos {
if f == nil {
// nil functions probably do not modify state?
return nil
}
for _, b := range f.Blocks {
for _, i := range b.Instrs {
switch v := i.(type) {
case *ssa.Store:
if _, ok := v.Addr.(*ssa.Global); ok {
return tokenPtr(v.Pos())
}
case *ssa.UnOp:
if j, ok := v.X.(*ssa.Global); ok {
if !isWhitelisted(j, whitelist) {
return tokenPtr(v.Pos())
}
}
}
}
}
return nil
}
// usesInterface eliminates functions that accept an interface as a parameter
// since it is difficult to resolve whether the interface's implementation will
// modify global state
func usesInterface(f *ssa.Function) *token.Pos {
if f == nil {
return nil
}
for _, v := range f.Params {
// TODO: check structs for iface parameters
if types.IsInterface(v.Type()) {
return tokenPtr(v.Pos())
}
}
return nil
}
// dynamic checks whether the callgraph edge is a dynamic call
func dynamic(edge *callgraph.Edge) bool {
return edge.Site != nil && edge.Site.Common().StaticCallee() == nil
}
// includes checks whether the value (needle) is a function's parameters (hay)
func includes(needle ssa.Value, hay []*ssa.Parameter) bool {
n, ok := needle.(*ssa.Parameter)
if !ok {
return false
}
for _, val := range hay {
if n == val {
return true
}
}
return false
}
// tokenPtr helps convert a function return value into a pointer
func tokenPtr(in token.Pos) *token.Pos {
return &in
}