Browse Source

enhance: refactor gitignore

Shellmiao 1 month ago
parent
commit
d2b305b39e

+ 4 - 8
.gitignore

@@ -1,14 +1,10 @@
 # 输出目录
-output/
-output/**
-
-# 备份目录
-back_up/
-back_up/**
+output/*
+!output/.gitkeep
 
 # 构建目录
-build/
-build/**
+build/*
+!build/.gitkeep
 
 # Python相关
 __pycache__/

+ 368 - 0
back_up/CallGraphPass.cpp

@@ -0,0 +1,368 @@
+#include "llvm/Pass.h"
+#include "llvm/IR/Function.h"
+#include "llvm/IR/Module.h"
+#include "llvm/IR/BasicBlock.h"
+#include "llvm/IR/Instructions.h"
+#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Support/raw_ostream.h"
+#include "llvm/Analysis/CFG.h"
+#include "llvm/Analysis/CallGraph.h"
+#include "LogSystem.h"
+#include <vector>
+#include <map>
+#include <set>
+#include <queue>
+#include <algorithm>
+#include <string>
+
+using namespace llvm;
+
+namespace {
+    struct FunctionSignature {
+        unsigned inDegree;
+        unsigned outDegree;
+        unsigned depth;
+        std::vector<unsigned> callerDepths;
+        std::vector<unsigned> calleeDepths;
+
+        FunctionSignature() : inDegree(0), outDegree(0), depth(0) {}
+
+        bool operator==(const FunctionSignature& other) const {
+            return inDegree == other.inDegree &&
+                   outDegree == other.outDegree &&
+                   depth == other.depth &&
+                   callerDepths == other.callerDepths &&
+                   calleeDepths == other.calleeDepths;
+        }
+    };
+
+    // 函数调用图的节点结构
+    struct CallNode {
+        std::string name;
+        bool isTarget;
+        std::set<std::string> callers;
+        std::set<std::string> callees;
+        unsigned depth;  // 在调用树中的深度
+
+        CallNode() : name(""), isTarget(false), depth(0) {}
+        
+        CallNode(std::string n, bool target = false) 
+            : name(n), isTarget(target), depth(0) {}
+    };
+
+    struct CodeFusionPass : public ModulePass {
+    public:
+        static char ID;
+        CodeFusionPass() : ModulePass(ID) {}
+
+        bool runOnModule(Module &M) override {
+            auto& logger = logging::LogSystem::getInstance();
+            logger.setGlobalLevel(logging::LogLevel::DEBUG);
+            
+            LOG_INFO("runOnModule", "Starting analysis for module: {0}", M.getName().str());
+
+            // 识别所有目标函数
+            for (Function &F : M) {
+                if (!F.isDeclaration() && isTargetCode(F)) {
+                    targetFunctions.insert(F.getName().str());
+                }
+            }
+
+            // 构建完整的调用图
+            buildCallGraph(M);
+
+            // 计算每个函数的调用深度
+            calculateCallDepths();
+
+            // 生成调用图的可视化
+            generateCallGraphs();
+
+            // 分析相似结构
+            findSimilarStructures();
+
+            return false;
+        }
+
+    private:
+        std::map<std::string, CallNode> callGraph;
+        std::set<std::string> targetFunctions;
+        std::map<std::string, unsigned> maxCallDepths;
+
+        void buildCallGraph(Module &M) {
+            LOG_INFO("buildCallGraph", "Building complete call graph");
+
+            // 初始化所有函数节点
+            for (Function &F : M) {
+                if (!F.isDeclaration()) {
+                    std::string fname = F.getName().str();
+                    bool isTarget = targetFunctions.find(fname) != targetFunctions.end();
+                    callGraph.insert({fname, CallNode(fname, isTarget)});
+                }
+            }
+
+            // 分析函数调用关系
+            for (Function &F : M) {
+                if (!F.isDeclaration()) {
+                    std::string callerName = F.getName().str();
+                    
+                    for (BasicBlock &BB : F) {
+                        for (Instruction &I : BB) {
+                            if (CallInst *CI = dyn_cast<CallInst>(&I)) {
+                                Function *CalledF = CI->getCalledFunction();
+                                if (CalledF && !CalledF->isDeclaration()) {
+                                    std::string calleeName = CalledF->getName().str();
+                                    
+                                    // 更新调用关系
+                                    callGraph[callerName].callees.insert(calleeName);
+                                    callGraph[calleeName].callers.insert(callerName);
+                                    
+                                    LOG_DEBUG("buildCallGraph", 
+                                        "Found call: {0} -> {1}", callerName, calleeName);
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        }
+
+        void calculateCallDepths() {
+            LOG_INFO("calculateCallDepths", "Calculating call depths");
+
+            for (const std::string &targetFunc : targetFunctions) {
+                std::map<std::string, unsigned> depths;
+                std::queue<std::pair<std::string, unsigned>> queue;
+                std::set<std::string> visited;
+
+                queue.push(std::make_pair(targetFunc, 0));
+                visited.insert(targetFunc);
+
+                while (!queue.empty()) {
+                    std::string currentFunc = queue.front().first;
+                    unsigned depth = queue.front().second;
+                    queue.pop();
+
+                    depths[currentFunc] = depth;
+                    
+                    for (const std::string &caller : callGraph[currentFunc].callers) {
+                        if (visited.find(caller) == visited.end()) {
+                            queue.push(std::make_pair(caller, depth + 1));
+                            visited.insert(caller);
+                        }
+                    }
+
+                    for (const std::string &callee : callGraph[currentFunc].callees) {
+                        if (visited.find(callee) == visited.end()) {
+                            queue.push(std::make_pair(callee, depth + 1));
+                            visited.insert(callee);
+                        }
+                    }
+                }
+
+                // 更新最大深度
+                for (const auto &pair : depths) {
+                    const std::string &func = pair.first;
+                    unsigned depth = pair.second;
+                    maxCallDepths[func] = std::max(maxCallDepths[func], depth);
+                }
+            }
+        }
+
+        void generateCallGraphs() {
+            LOG_INFO("generateCallGraphs", "Generating complete call graphs");
+
+            // 分别生成目标项目和掩体项目的调用图
+            generateProjectCallGraph("Target Project Call Graph", true);
+            generateProjectCallGraph("Cover Project Call Graph", false);
+        }
+
+        void generateProjectCallGraph(const std::string &title, bool isTarget) {
+            errs() << "```mermaid\n";
+            errs() << "graph TD\n";
+            errs() << "    %% " << title << "\n";
+            
+            // 添加节点
+            for (const auto &pair : callGraph) {
+                const std::string &name = pair.first;
+                const CallNode &node = pair.second;
+                if (node.isTarget == isTarget) {
+                    std::string nodeId = sanitizeNodeId(name);
+                    std::string depth = std::to_string(maxCallDepths[name]);
+                    std::string style = node.isTarget ? ":::target" : "";
+                    
+                    errs() << "    " << nodeId << "[\"" << name 
+                        << "\\nDepth: " << depth << "\"]" << style << "\n";
+                }
+            }
+            
+            // 添加边
+            for (const auto &pair : callGraph) {
+                const std::string &name = pair.first;
+                const CallNode &node = pair.second;
+                if (node.isTarget == isTarget) {
+                    std::string callerId = sanitizeNodeId(name);
+                    
+                    for (const auto &callee : node.callees) {
+                        if (callGraph.at(callee).isTarget == isTarget) {
+                            std::string calleeId = sanitizeNodeId(callee);
+                            errs() << "    " << callerId << " --> " << calleeId << "\n";
+                        }
+                    }
+                }
+            }
+            
+            // 添加样式定义
+            errs() << "    classDef target fill:#f96,stroke:#333,stroke-width:4px\n";
+            errs() << "```\n\n";
+        }
+
+        void findSimilarStructures() {
+            LOG_INFO("findSimilarStructures", "Analyzing call graph similarities");
+
+            // 为每个函数计算特征签名
+            std::map<std::string, FunctionSignature> signatures;
+            for (const auto &pair : callGraph) {
+                const std::string &name = pair.first;
+                const CallNode &node = pair.second;
+                
+                FunctionSignature sig;
+                sig.inDegree = node.callers.size();
+                sig.outDegree = node.callees.size();
+                sig.depth = maxCallDepths[name];
+
+                // 收集调用者深度
+                for (const auto &caller : node.callers) {
+                    sig.callerDepths.push_back(maxCallDepths[caller]);
+                }
+                std::sort(sig.callerDepths.begin(), sig.callerDepths.end());
+
+                // 收集被调用者深度
+                for (const auto &callee : node.callees) {
+                    sig.calleeDepths.push_back(maxCallDepths[callee]);
+                }
+                std::sort(sig.calleeDepths.begin(), sig.calleeDepths.end());
+
+                signatures[name] = sig;
+            }
+
+            // 比较目标函数和掩体函数的相似度
+            for (const auto &targetFunc : targetFunctions) {
+                const auto &targetSig = signatures[targetFunc];
+                std::vector<std::pair<std::string, double>> similarities;
+
+                for (const auto &pair : callGraph) {
+                    const std::string &name = pair.first;
+                    const CallNode &node = pair.second;
+                    
+                    if (!node.isTarget) {
+                        const auto &coverSig = signatures[name];
+                        
+                        // 计算相似度得分
+                        double similarity = calculateSignatureSimilarity(targetSig, coverSig);
+                        
+                        if (similarity > 0.8) { // 相似度阈值
+                            similarities.emplace_back(name, similarity);
+                        }
+                    }
+                }
+
+                // 输出相似函数
+                if (!similarities.empty()) {
+                    LOG_INFO("findSimilarStructures", 
+                        "Similar functions for {0}:", targetFunc);
+                    for (const auto &pair : similarities) {
+                        const std::string &name = pair.first;
+                        double similarity = pair.second;
+                        LOG_INFO("findSimilarStructures", 
+                            "  {0} (similarity: {1:.2f})", name, similarity);
+                    }
+                }
+            }
+        }
+
+        double calculateSignatureSimilarity(
+            const FunctionSignature &sig1, 
+            const FunctionSignature &sig2) {
+            
+            double score = 0.0;
+            unsigned totalFactors = 0;
+
+            // 比较入度和出度
+            if (sig1.inDegree > 0 || sig2.inDegree > 0) {
+                score += 1.0 - std::abs(int(sig1.inDegree) - int(sig2.inDegree)) / 
+                    double(std::max(sig1.inDegree, sig2.inDegree));
+                totalFactors++;
+            }
+            
+            if (sig1.outDegree > 0 || sig2.outDegree > 0) {
+                score += 1.0 - std::abs(int(sig1.outDegree) - int(sig2.outDegree)) / 
+                    double(std::max(sig1.outDegree, sig2.outDegree));
+                totalFactors++;
+            }
+
+            // 比较深度
+            if (sig1.depth > 0 || sig2.depth > 0) {
+                score += 1.0 - std::abs(int(sig1.depth) - int(sig2.depth)) / 
+                    double(std::max(sig1.depth, sig2.depth));
+                totalFactors++;
+            }
+
+            // 比较调用者深度分布
+            if (!sig1.callerDepths.empty() && !sig2.callerDepths.empty()) {
+                score += compareDepthVectors(sig1.callerDepths, sig2.callerDepths);
+                totalFactors++;
+            }
+
+            // 比较被调用者深度分布
+            if (!sig1.calleeDepths.empty() && !sig2.calleeDepths.empty()) {
+                score += compareDepthVectors(sig1.calleeDepths, sig2.calleeDepths);
+                totalFactors++;
+            }
+
+            return totalFactors > 0 ? score / totalFactors : 0.0;
+        }
+
+        double compareDepthVectors(
+            const std::vector<unsigned> &v1, 
+            const std::vector<unsigned> &v2) {
+            
+            size_t maxSize = std::max(v1.size(), v2.size());
+            size_t minSize = std::min(v1.size(), v2.size());
+            
+            // 首先比较向量大小的相似度
+            double sizeSimilarity = double(minSize) / maxSize;
+            
+            // 然后比较实际值的相似度
+            double valueSimilarity = 0.0;
+            for (size_t i = 0; i < minSize; i++) {
+                valueSimilarity += 1.0 - std::abs(int(v1[i]) - int(v2[i])) / 
+                    double(std::max(v1[i], v2[i]));
+            }
+            valueSimilarity /= maxSize;
+
+            return (sizeSimilarity + valueSimilarity) / 2.0;
+        }
+
+        std::string sanitizeNodeId(const std::string &name) {
+            std::string id = name;
+            std::replace(id.begin(), id.end(), '.', '_');
+            std::replace(id.begin(), id.end(), ' ', '_');
+            std::replace(id.begin(), id.end(), '-', '_');
+            return id;
+        }
+
+        bool isTargetCode(Function &F) {
+            if (MDNode *MD = F.getMetadata("project_source")) {
+                if (MDString *ProjectStr = dyn_cast<MDString>(MD->getOperand(0))) {
+                    std::string projectName = ProjectStr->getString().str();
+                    return (projectName == "Target");
+                }
+            }
+            return false;
+        }
+    };
+}
+
+char CodeFusionPass::ID = 0;
+static RegisterPass<CodeFusionPass> X("codefusion", "Code Fusion Pass");

BIN
back_up/CallGraphPass.so


+ 7 - 0
back_up/CallGraphPassScript.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+# 获取脚本所在目录
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+# 切换到项目根目录
+cd "$SCRIPT_DIR/.."
+
+opt -load ./build/CallGraphPass.so -codefusion < proprocess_output/combined_tagged.ll > output/graph.ll 2> output/log_graph.txt

+ 7 - 0
back_up/CompileCallGraphScript.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+# 获取脚本所在目录
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+# 切换到项目根目录
+cd "$SCRIPT_DIR/.."
+
+clang++ -fPIC -shared src/CallGraphPass.cpp `llvm-config --cxxflags --ldflags` -o build/CallGraphPass.so

+ 7 - 0
back_up/CompileSliceScript.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+# 获取脚本所在目录
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+# 切换到项目根目录
+cd "$SCRIPT_DIR/.."
+
+clang++ -fPIC -shared src/SliceFusionPass.cpp `llvm-config --cxxflags --ldflags` -o build/SliceFusionPass.so

+ 409 - 0
back_up/SliceFusionPass.cpp

@@ -0,0 +1,409 @@
+#include "llvm/Pass.h"
+#include "llvm/IR/Function.h"
+#include "llvm/IR/BasicBlock.h"
+#include "llvm/IR/Instructions.h"
+#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Support/raw_ostream.h"
+#include "llvm/Analysis/CFG.h"
+#include "LogSystem.h"
+#include <vector>
+#include <map>
+#include <set>
+#include <queue>
+#include <algorithm>
+#include <string>
+
+using namespace llvm;
+
+namespace
+{
+    struct CodeFusionPass : public FunctionPass
+    {
+    public:
+        static char ID;
+        CodeFusionPass() : FunctionPass(ID) {}
+
+        bool runOnFunction(Function &F) override
+        {
+            // 配置日志系统
+            auto& logger = logging::LogSystem::getInstance();
+            logger.setGlobalLevel(logging::LogLevel::DEBUG);
+            logger.setContextFunction(F.getName().str());
+            // 配置Function输出权限
+            logger.enableFunction("checkCriticalPoint");
+            // logger.enableFunction("dumpControlFlowGraph");
+            // logger.enableFunction("isTargetCode");
+            LOG_INFO("runOnFunction", "Starting analysis for function: {0}", F.getName().str());
+
+            if(isTargetCode(F)){
+                for (BasicBlock &BB : F) {
+                    if(checkCriticalPoint(&BB)){
+                        criticalPoints.insert(&BB);
+                    }
+                }
+            }
+
+            // 绘制控制流图
+            // dumpControlFlowGraph(F);
+            
+            // 主要的混淆逻辑在这里实现
+            // analyzeFunction(F);
+            // selectFusionPoints(F);
+            // sliceTargetCode(F);
+            // fuseCode(F);
+            return true;
+        }
+
+    private:
+        std::set<BasicBlock*> criticalPoints;
+        std::vector<BasicBlock *> fusionPoints;
+        std::vector<std::vector<BasicBlock *>> targetSlices;
+
+        bool isTargetCode(Function &Func) {
+            LOG_INFO("isTargetCode", "Checking if function '{0}' is target code", Func.getName().str());
+            if (MDNode *MD = Func.getMetadata("project_source")) {
+                if (MDString *ProjectStr = dyn_cast<MDString>(MD->getOperand(0))) {
+                    std::string projectName = ProjectStr->getString().str();
+                    bool isTarget = (projectName == "Target");
+                    
+                    LOG_INFO("isTargetCode", "Function '{0}' project: {1}, isTarget: {2}", 
+                        Func.getName().str(), projectName, isTarget ? "true" : "false");
+                    
+                    return isTarget;
+                }
+            } 
+            if (!Func.isDeclaration()) {
+                LOG_WARNING("isTargetCode", "Function '{0}' has no project metadata, considering as non-target", 
+                    Func.getName().str());
+            }
+            return false;
+        }
+
+        std::string getNodeId(BasicBlock *BB){
+            std::string nodeId;
+            raw_string_ostream idOS(nodeId);
+            BB->printAsOperand(idOS, false);
+            idOS.flush();
+            return nodeId;
+        }
+
+        bool checkCriticalPoint(BasicBlock *BB) {
+            LOG_DEBUG("checkCriticalPoint", "Starting critical point check: {0}", getNodeId(BB));
+            if (!BB) {
+                LOG_ERROR("checkCriticalPoint", "Null basic block provided");
+                return false;
+            }
+            
+            Function *F = BB->getParent();
+            if (!F) {
+                LOG_ERROR("checkCriticalPoint", "Cannot get parent function for block");
+                return false;
+            }
+
+            // 获取起始和终止基本块
+            BasicBlock *Entry = &F->getEntryBlock();
+            BasicBlock *Exit = nullptr;
+            for (BasicBlock &B : *F) {
+                if (isa<ReturnInst>(B.getTerminator()) || 
+                    isa<UnreachableInst>(B.getTerminator())) {
+                    Exit = &B;
+                    break;
+                }
+            }
+            if (!Exit) {
+                LOG_WARNING("checkCriticalPoint", "No exit block found in function");
+                return false;
+            }
+
+            // 存储已访问的节点
+            std::set<BasicBlock*> visitedWithoutCurrent;
+            
+            // 不经过当前基本块的遍历函数
+            std::function<bool(BasicBlock*, BasicBlock*)> canReachExitWithout;
+            canReachExitWithout = [&canReachExitWithout, &visitedWithoutCurrent, BB]
+                (BasicBlock *Start, BasicBlock *Target) -> bool {
+                    if (Start == BB) return false;
+                    if (Start == Target) return true;
+                    
+                    if (visitedWithoutCurrent.count(Start)) return false;
+                    visitedWithoutCurrent.insert(Start);
+
+                    for (BasicBlock *Succ : successors(Start)) {
+                        if (canReachExitWithout(Succ, Target)) {
+                            return true;
+                        }
+                    }
+                    return false;
+                };
+
+            // 输出块的基本信息
+            LOG_TRACE("checkCriticalPoint", "Analyzing block: {0}", getNodeId(BB));
+            LOG_TRACE("checkCriticalPoint", "  Predecessors: {0}, Successors: {1}", 
+                pred_size(BB), succ_size(BB));
+
+            // 列出前驱基本块
+            LOG_TRACE("checkCriticalPoint", "Predecessor blocks:");
+            for (BasicBlock *Pred : predecessors(BB)) {
+                LOG_TRACE("checkCriticalPoint", "    {0}", getNodeId(Pred));
+            }
+
+            // 列出后继基本块
+            LOG_TRACE("checkCriticalPoint", "Successor blocks:");
+            for (BasicBlock *Succ : successors(BB)) {
+                LOG_TRACE("checkCriticalPoint", "    {0}", getNodeId(Succ));
+            }
+
+            // 清空访问集合
+            visitedWithoutCurrent.clear();
+            
+            // 判断从入口到出口是否必须经过当前基本块
+            bool isCritical = !canReachExitWithout(Entry, Exit);
+            
+            LOG_DEBUG("checkCriticalPoint", "Block {0} critical status: {1}", 
+                BB->getName().str(), isCritical ? "yes" : "no");
+            
+            return isCritical;
+        }
+
+        void dumpControlFlowGraph(Function &F) {
+            LOG_INFO("dumpControlFlowGraph", "Generating control flow graph for function: {0}", 
+                F.getName().str());
+            
+            if (F.empty()) {
+                LOG_WARNING("dumpControlFlowGraph", "Function is empty!");
+                return;
+            }
+
+            LOG_INFO("dumpControlFlowGraph", "Starting Mermaid graph generation");
+            errs() << "```mermaid\n";
+            errs() << "graph TD\n";
+            
+            // 为所有基本块创建节点
+            for (BasicBlock &BB : F) {
+                // 获取基本块的ID
+                std::string nodeId = getNodeId(&BB);
+                
+                if (!nodeId.empty() && nodeId[0] == '%') {
+                    nodeId = nodeId.substr(1);
+                }
+                
+                // 清理节点ID中的特殊字符
+                std::replace(nodeId.begin(), nodeId.end(), '.', '_');
+                std::replace(nodeId.begin(), nodeId.end(), ' ', '_');
+                std::replace(nodeId.begin(), nodeId.end(), '%', '_');
+                std::replace(nodeId.begin(), nodeId.end(), '-', '_');
+
+                LOG_TRACE("dumpControlFlowGraph", "Processing block with ID: {0}", nodeId);
+
+                // 构建基本块内容字符串
+                std::string blockContent;
+                raw_string_ostream contentOS(blockContent);
+                
+                // 添加基本块标签
+                contentOS << "Block " << nodeId << ":\\n";
+                
+                // 添加基本块中的每条指令
+                for (Instruction &I : BB) {
+                    std::string instStr;
+                    raw_string_ostream instOS(instStr);
+                    I.print(instOS);
+                    instOS.flush();
+                    
+                    // 清理指令字符串
+                    std::replace(instStr.begin(), instStr.end(), '"', '\'');
+                    std::replace(instStr.begin(), instStr.end(), '\n', ' ');
+                    
+                    // 如果指令太长,截断它
+                    if (instStr.length() > 50) {
+                        LOG_TRACE("dumpControlFlowGraph", "Truncating long instruction in block {0}", nodeId);
+                        instStr = instStr.substr(0, 47) + "...";
+                    }
+                    
+                    contentOS << instStr << "\\n";
+                }
+                contentOS.flush();
+
+                // 生成节点
+                if (criticalPoints.count(&BB)) {
+                    LOG_TRACE("dumpControlFlowGraph", "Marking block {0} as critical", nodeId);
+                    errs() << "    " << nodeId << "[\"" << blockContent << "\"]:::critical\n";
+                } else {
+                    errs() << "    " << nodeId << "[\"" << blockContent << "\"]\n";
+                }
+
+                // 处理边
+                for (BasicBlock *Succ : successors(&BB)) {
+                    std::string succId;
+                    raw_string_ostream succOS(succId);
+                    Succ->printAsOperand(succOS, false);
+                    succOS.flush();
+                    
+                    if (!succId.empty() && succId[0] == '%') {
+                        succId = succId.substr(1);
+                    }
+                    
+                    std::replace(succId.begin(), succId.end(), '.', '_');
+                    std::replace(succId.begin(), succId.end(), ' ', '_');
+                    std::replace(succId.begin(), succId.end(), '%', '_');
+                    std::replace(succId.begin(), succId.end(), '-', '_');
+
+                    LOG_TRACE("dumpControlFlowGraph", "Processing edge from {0} to {1}", nodeId, succId);
+
+                    // 检查分支类型并添加边
+                    if (BranchInst *BI = dyn_cast<BranchInst>(BB.getTerminator())) {
+                        if (BI->isConditional()) {
+                            // 获取条件表达式
+                            std::string condStr;
+                            raw_string_ostream condOS(condStr);
+                            BI->getCondition()->print(condOS);
+                            condOS.flush();
+                            
+                            bool isTrue = BI->getSuccessor(0) == Succ;
+                            LOG_TRACE("dumpControlFlowGraph", "Adding conditional branch edge: {0}", 
+                                isTrue ? "true" : "false");
+                            errs() << "    " << nodeId << " -->|" 
+                                << (isTrue ? "true" : "false") << "| " 
+                                << succId << "\n";
+                        } else {
+                            errs() << "    " << nodeId << " --> " << succId << "\n";
+                        }
+                    } else if (SwitchInst *SI = dyn_cast<SwitchInst>(BB.getTerminator())) {
+                        // 处理switch指令
+                        if (Succ == SI->getDefaultDest()) {
+                            LOG_TRACE("dumpControlFlowGraph", "Adding switch default edge");
+                            errs() << "    " << nodeId << " -->|default| " << succId << "\n";
+                        } else {
+                            for (auto Case : SI->cases()) {
+                                if (Case.getCaseSuccessor() == Succ) {
+                                    std::string caseStr;
+                                    raw_string_ostream caseOS(caseStr);
+                                    Case.getCaseValue()->print(caseOS);
+                                    LOG_TRACE("dumpControlFlowGraph", "Adding switch case edge: {0}", 
+                                        caseStr);
+                                    errs() << "    " << nodeId << " -->|case " 
+                                        << caseStr << "| " << succId << "\n";
+                                }
+                            }
+                        }
+                    } else {
+                        errs() << "    " << nodeId << " --> " << succId << "\n";
+                    }
+                }
+            }
+            
+            errs() << "    classDef critical fill:#f96,stroke:#333,stroke-width:4px\n";
+            errs() << "```\n";
+            LOG_INFO("dumpControlFlowGraph", "Completed graph generation");
+        }
+
+        void analyzeFunction(Function &F)
+        {
+            for (BasicBlock &BB : F)
+            {
+                for (Instruction &I : BB)
+                {
+                    if (CallInst *CI = dyn_cast<CallInst>(&I))
+                    {
+                        // 分析函数调用
+                        Function *CalledF = CI->getCalledFunction();
+                        if (CalledF && CalledF->isDeclaration())
+                        {
+                            errs() << "External function call: " << CalledF->getName() << "\n";
+                            // 这里可以添加区分变量
+                        }
+                    }
+                    // 可以添加更多的分析,如全局变量访问等
+                }
+            }
+        }
+
+        void selectFusionPoints(Function &F) {
+            errs() << "\n=== Starting Fusion Points Selection for function: " 
+                << F.getName() << " ===\n";
+            
+            fusionPoints.clear();
+            criticalPoints.clear();
+            
+            std::set<BasicBlock*> visited;
+            
+            // 首先收集所有可能的关键点
+            for (BasicBlock &BB : F) {
+                if (checkCriticalPoint(&BB)) {
+                    criticalPoints.insert(&BB);
+                }
+            }
+            
+            errs() << "\nIdentified " << criticalPoints.size() << " potential critical points\n";
+            
+            // 按照支配关系排序关键点
+            std::vector<BasicBlock*> orderedPoints;
+            BasicBlock *entryBlock = &F.getEntryBlock();
+            std::vector<BasicBlock*> workList;
+            workList.push_back(entryBlock);
+            
+            while (!workList.empty()) {
+                BasicBlock *current = workList.back();
+                workList.pop_back();
+                
+                if (visited.count(current))
+                    continue;
+                    
+                visited.insert(current);
+                
+                if (criticalPoints.count(current)) {
+                    orderedPoints.push_back(current);
+                    errs() << "Adding ordered critical point: " << current->getName() << "\n";
+                }
+                
+                for (BasicBlock *succ : successors(current)) {
+                    if (!visited.count(succ)) {
+                        workList.push_back(succ);
+                    }
+                }
+            }
+            
+            fusionPoints = orderedPoints;
+            
+            errs() << "\nSelected " << fusionPoints.size() << " fusion points in order:\n";
+            for (BasicBlock *BB : fusionPoints) {
+                errs() << "  " << BB->getName() << "\n";
+            }
+            
+            errs() << "\nValidating fusion points:\n";
+            for (size_t i = 0; i < fusionPoints.size(); ++i) {
+                BasicBlock *current = fusionPoints[i];
+                errs() << "Fusion point " << i << ": " << current->getName() << "\n";
+                
+                errs() << "Instructions in this fusion point:\n";
+                for (Instruction &I : *current) {
+                    errs() << "  " << I << "\n";
+                }
+                
+                if (i < fusionPoints.size() - 1) {
+                    BasicBlock *next = fusionPoints[i + 1];
+                    errs() << "Distance to next fusion point: " 
+                        << std::distance(current->getIterator(), next->getIterator()) 
+                        << " blocks\n";
+                }
+            }
+            
+            errs() << "=== Finished Fusion Points Selection ===\n\n";
+        }
+
+        void sliceTargetCode(Function &F)
+        {
+            errs() << "Slicing target code\n";
+            // 目标代码分片逻辑
+        }
+
+        void fuseCode(Function &F)
+        {
+            errs() << "Fusing code\n";
+            // 代码融合逻辑
+        }
+    };
+}
+
+char CodeFusionPass::ID = 0;
+static RegisterPass<CodeFusionPass> X("codefusion", "Code Fusion Pass");

BIN
back_up/SliceFusionPass.so


+ 7 - 0
back_up/SliceFusionScript.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+# 获取脚本所在目录
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+# 切换到项目根目录
+cd "$SCRIPT_DIR/.."
+
+opt -load ./build/SliceFusionPass.so -codefusion < proprocess_output/combined_tagged.ll > output/fused.ll 2> output/log.txt

BIN
back_up/fused.ll


BIN
back_up/graph.ll


+ 168 - 0
back_up/log.txt

@@ -0,0 +1,168 @@
+[INFO][factorial][isTargetCode] Checking if function 'factorial' is target code
+[INFO][factorial][isTargetCode] Function 'factorial' project: Bunker, isTarget: false
+[INFO][bubbleSort][isTargetCode] Checking if function 'bubbleSort' is target code
+[INFO][bubbleSort][isTargetCode] Function 'bubbleSort' project: Bunker, isTarget: false
+[INFO][calculateDistance][isTargetCode] Checking if function 'calculateDistance' is target code
+[INFO][calculateDistance][isTargetCode] Function 'calculateDistance' project: Bunker, isTarget: false
+[INFO][fibonacci][isTargetCode] Checking if function 'fibonacci' is target code
+[INFO][fibonacci][isTargetCode] Function 'fibonacci' project: Bunker, isTarget: false
+[INFO][projectA_main][isTargetCode] Checking if function 'projectA_main' is target code
+[INFO][projectA_main][isTargetCode] Function 'projectA_main' project: Bunker, isTarget: false
+[INFO][reverseString][isTargetCode] Checking if function 'reverseString' is target code
+[INFO][reverseString][isTargetCode] Function 'reverseString' project: Target, isTarget: true
+[DEBUG][reverseString][checkCriticalPoint] Starting critical point check: %1
+[DEBUG][reverseString][checkCriticalPoint] Block  critical status: yes
+[DEBUG][reverseString][checkCriticalPoint] Starting critical point check: %9
+[DEBUG][reverseString][checkCriticalPoint] Block  critical status: yes
+[DEBUG][reverseString][checkCriticalPoint] Starting critical point check: %14
+[DEBUG][reverseString][checkCriticalPoint] Block  critical status: no
+[DEBUG][reverseString][checkCriticalPoint] Starting critical point check: %40
+[DEBUG][reverseString][checkCriticalPoint] Block  critical status: no
+[DEBUG][reverseString][checkCriticalPoint] Starting critical point check: %43
+[DEBUG][reverseString][checkCriticalPoint] Block  critical status: yes
+[INFO][longestIncreasingSubsequence][isTargetCode] Checking if function 'longestIncreasingSubsequence' is target code
+[INFO][longestIncreasingSubsequence][isTargetCode] Function 'longestIncreasingSubsequence' project: Target, isTarget: true
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %2
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: yes
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %11
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: yes
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %15
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %19
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %22
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: yes
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %23
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: yes
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %27
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %28
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %32
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %44
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %55
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %64
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %65
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %68
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %69
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %72
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: yes
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %73
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: yes
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %77
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %84
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %89
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %90
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: no
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Starting critical point check: %93
+[DEBUG][longestIncreasingSubsequence][checkCriticalPoint] Block  critical status: yes
+[INFO][testPoints][isTargetCode] Checking if function 'testPoints' is target code
+[INFO][testPoints][isTargetCode] Function 'testPoints' project: Target, isTarget: true
+[DEBUG][testPoints][checkCriticalPoint] Starting critical point check: %1
+[DEBUG][testPoints][checkCriticalPoint] Block  critical status: yes
+[DEBUG][testPoints][checkCriticalPoint] Starting critical point check: %6
+[DEBUG][testPoints][checkCriticalPoint] Block  critical status: yes
+[DEBUG][testPoints][checkCriticalPoint] Starting critical point check: %9
+[DEBUG][testPoints][checkCriticalPoint] Block  critical status: no
+[DEBUG][testPoints][checkCriticalPoint] Starting critical point check: %14
+[DEBUG][testPoints][checkCriticalPoint] Block  critical status: no
+[DEBUG][testPoints][checkCriticalPoint] Starting critical point check: %15
+[DEBUG][testPoints][checkCriticalPoint] Block  critical status: no
+[DEBUG][testPoints][checkCriticalPoint] Starting critical point check: %16
+[DEBUG][testPoints][checkCriticalPoint] Block  critical status: no
+[DEBUG][testPoints][checkCriticalPoint] Starting critical point check: %19
+[DEBUG][testPoints][checkCriticalPoint] Block  critical status: no
+[DEBUG][testPoints][checkCriticalPoint] Starting critical point check: %21
+[DEBUG][testPoints][checkCriticalPoint] Block  critical status: yes
+[INFO][countSetBits][isTargetCode] Checking if function 'countSetBits' is target code
+[INFO][countSetBits][isTargetCode] Function 'countSetBits' project: Target, isTarget: true
+[DEBUG][countSetBits][checkCriticalPoint] Starting critical point check: %1
+[DEBUG][countSetBits][checkCriticalPoint] Block  critical status: yes
+[DEBUG][countSetBits][checkCriticalPoint] Starting critical point check: %4
+[DEBUG][countSetBits][checkCriticalPoint] Block  critical status: yes
+[DEBUG][countSetBits][checkCriticalPoint] Starting critical point check: %7
+[DEBUG][countSetBits][checkCriticalPoint] Block  critical status: no
+[DEBUG][countSetBits][checkCriticalPoint] Starting critical point check: %14
+[DEBUG][countSetBits][checkCriticalPoint] Block  critical status: yes
+[INFO][memoizedFib][isTargetCode] Checking if function 'memoizedFib' is target code
+[INFO][memoizedFib][isTargetCode] Function 'memoizedFib' project: Target, isTarget: true
+[DEBUG][memoizedFib][checkCriticalPoint] Starting critical point check: %1
+[DEBUG][memoizedFib][checkCriticalPoint] Block  critical status: yes
+[DEBUG][memoizedFib][checkCriticalPoint] Starting critical point check: %9
+[DEBUG][memoizedFib][checkCriticalPoint] Block  critical status: no
+[DEBUG][memoizedFib][checkCriticalPoint] Starting critical point check: %14
+[DEBUG][memoizedFib][checkCriticalPoint] Block  critical status: no
+[DEBUG][memoizedFib][checkCriticalPoint] Starting critical point check: %17
+[DEBUG][memoizedFib][checkCriticalPoint] Block  critical status: no
+[DEBUG][memoizedFib][checkCriticalPoint] Starting critical point check: %19
+[DEBUG][memoizedFib][checkCriticalPoint] Block  critical status: no
+[DEBUG][memoizedFib][checkCriticalPoint] Starting critical point check: %34
+[DEBUG][memoizedFib][checkCriticalPoint] Block  critical status: yes
+[INFO][processMatrix][isTargetCode] Checking if function 'processMatrix' is target code
+[INFO][processMatrix][isTargetCode] Function 'processMatrix' project: Target, isTarget: true
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %2
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: yes
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %8
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: yes
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %12
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %13
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %17
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %21
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %32
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %43
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %54
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %55
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %59
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %71
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %72
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %73
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %76
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %77
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: no
+[DEBUG][processMatrix][checkCriticalPoint] Starting critical point check: %80
+[DEBUG][processMatrix][checkCriticalPoint] Block  critical status: yes
+[INFO][projectB_main][isTargetCode] Checking if function 'projectB_main' is target code
+[INFO][projectB_main][isTargetCode] Function 'projectB_main' project: Target, isTarget: true
+[DEBUG][projectB_main][checkCriticalPoint] Starting critical point check: %0
+[DEBUG][projectB_main][checkCriticalPoint] Block  critical status: yes
+[DEBUG][projectB_main][checkCriticalPoint] Starting critical point check: %19
+[DEBUG][projectB_main][checkCriticalPoint] Block  critical status: yes
+[DEBUG][projectB_main][checkCriticalPoint] Starting critical point check: %24
+[DEBUG][projectB_main][checkCriticalPoint] Block  critical status: yes
+[DEBUG][projectB_main][checkCriticalPoint] Starting critical point check: %27
+[DEBUG][projectB_main][checkCriticalPoint] Block  critical status: yes
+[DEBUG][projectB_main][checkCriticalPoint] Starting critical point check: %30
+[DEBUG][projectB_main][checkCriticalPoint] Block  critical status: no
+[DEBUG][projectB_main][checkCriticalPoint] Starting critical point check: %33
+[DEBUG][projectB_main][checkCriticalPoint] Block  critical status: no
+[DEBUG][projectB_main][checkCriticalPoint] Starting critical point check: %36
+[DEBUG][projectB_main][checkCriticalPoint] Block  critical status: no
+[DEBUG][projectB_main][checkCriticalPoint] Starting critical point check: %39
+[DEBUG][projectB_main][checkCriticalPoint] Block  critical status: no
+[DEBUG][projectB_main][checkCriticalPoint] Starting critical point check: %40
+[DEBUG][projectB_main][checkCriticalPoint] Block  critical status: no
+[DEBUG][projectB_main][checkCriticalPoint] Starting critical point check: %47
+[DEBUG][projectB_main][checkCriticalPoint] Block  critical status: yes

+ 38 - 0
back_up/log_graph.txt

@@ -0,0 +1,38 @@
+```mermaid
+graph TD
+    %% Target Project Call Graph
+    countSetBits["countSetBits\nDepth: 2"]:::target
+    longestIncreasingSubsequence["longestIncreasingSubsequence\nDepth: 2"]:::target
+    memoizedFib["memoizedFib\nDepth: 2"]:::target
+    processMatrix["processMatrix\nDepth: 2"]:::target
+    projectB_main["projectB_main\nDepth: 1"]:::target
+    reverseString["reverseString\nDepth: 2"]:::target
+    testPoints["testPoints\nDepth: 2"]:::target
+    memoizedFib --> memoizedFib
+    processMatrix --> countSetBits
+    projectB_main --> countSetBits
+    projectB_main --> longestIncreasingSubsequence
+    projectB_main --> memoizedFib
+    projectB_main --> processMatrix
+    projectB_main --> reverseString
+    projectB_main --> testPoints
+    classDef target fill:#f96,stroke:#333,stroke-width:4px
+```
+
+```mermaid
+graph TD
+    %% Cover Project Call Graph
+    bubbleSort["bubbleSort\nDepth: 0"]
+    calculateDistance["calculateDistance\nDepth: 0"]
+    factorial["factorial\nDepth: 0"]
+    fibonacci["fibonacci\nDepth: 0"]
+    projectA_main["projectA_main\nDepth: 0"]
+    factorial --> factorial
+    fibonacci --> fibonacci
+    projectA_main --> bubbleSort
+    projectA_main --> calculateDistance
+    projectA_main --> factorial
+    projectA_main --> fibonacci
+    classDef target fill:#f96,stroke:#333,stroke-width:4px
+```
+

File diff suppressed because it is too large
+ 475 - 0
back_up/module_fusion_text.cbe_bak.c


+ 0 - 0
build/.gitkeep


+ 0 - 0
output/.gitkeep


Some files were not shown because too many files changed in this diff