Refactored EVMLiSAExecutor to support owner-based executors and removed shutdown calls from various classes to avoid bugs

Author: merendamattia

src/main/java/it/unipr/EVMLiSA.java

@@ -252,7 +252,6 @@ else if (cmd.hasOption("bytecode")) {
 
 		EVMLiSA.analyzeContract(contract);
 		System.err.println(contract);
-		EVMLiSAExecutor.shutdown();
 	}
 
 	/**
@@ -261,19 +260,9 @@ else if (cmd.hasOption("bytecode")) {
 	 * @param filePath the path to the file containing contract addresses
 	 */
 	public static void analyzeSetOfContracts(Path filePath) {
-		analyzeSetOfContracts(filePath, true);
-	}
-
-	/**
-	 * Analyzes a set of smart contracts from a given file.
-	 *
-	 * @param filePath the path to the file containing contract addresses
-	 * @param shutdown whether to shut down the executor after the analysis
-	 */
-	public static void analyzeSetOfContracts(Path filePath, boolean shutdown) {
 		log.info("Building contracts.");
 		List<SmartContract> contracts = buildContractsFromFile(filePath);
-		analyzeSetOfContracts(contracts, shutdown);
+		analyzeSetOfContracts(contracts);
 	}
 
 	/**
@@ -282,22 +271,12 @@ public static void analyzeSetOfContracts(Path filePath, boolean shutdown) {
 	 * @param contracts the list of {@link SmartContract} to be analyzed
 	 */
 	public static void analyzeSetOfContracts(List<SmartContract> contracts) {
-		analyzeSetOfContracts(contracts, true);
-	}
-
-	/**
-	 * Analyzes a set of smart contracts from a list of {@link SmartContract}.
-	 *
-	 * @param contracts the list of {@link SmartContract} to be analyzed
-	 * @param shutdown  whether to shut down the executor after the analysis
-	 */
-	public static void analyzeSetOfContracts(List<SmartContract> contracts, boolean shutdown) {
 		log.info("Analyzing {} contracts.", contracts.size());
 
 		List<Future<?>> futures = new ArrayList<>();
 
 		for (SmartContract contract : contracts)
-			futures.add(EVMLiSAExecutor.submit(() -> analyzeContract(contract)));
+			futures.add(EVMLiSAExecutor.submit(EVMLiSA.class, () -> analyzeContract(contract)));
 
 		log.debug("{} contracts submitted to Thread pool with {} workers.", contracts.size(),
 				EVMLiSAExecutor.getCoresAvailable());
@@ -319,8 +298,7 @@ public static void analyzeSetOfContracts(List<SmartContract> contracts, boolean
 			System.exit(1);
 		}
 
-		if (shutdown)
-			EVMLiSAExecutor.shutdown();
+		EVMLiSAExecutor.shutdown(EVMLiSA.class);
 	}
 
 	/**

src/main/java/it/unipr/crosschain/xEVMLiSA.java

@@ -58,8 +58,6 @@ public static void runAnalysis(Path bytecodeDirectoryPath, Path abiDirectoryPath
 
 		printVulnerabilities(bridge);
 		printVulnerabilitiesPerFunction(bridge);
-
-		EVMLiSAExecutor.shutdown();
 	}
 
 	/**
@@ -72,7 +70,7 @@ public static void runAnalysis(Path bytecodeDirectoryPath, Path abiDirectoryPath
 	public static void analyzeBridge(Bridge bridge) {
 		log.info("Number of contracts to be analyzed: {}.", bridge.getSmartContracts().size());
 
-		EVMLiSA.analyzeSetOfContracts(bridge.getSmartContracts(), false);
+		EVMLiSA.analyzeSetOfContracts(bridge.getSmartContracts());
 		bridge.buildPartialXCFG();
 		bridge.addEdges(
 				getCrossChainEdgesUsingEventsAndFunctionsEntrypoint(bridge));
@@ -245,21 +243,29 @@ public static void runCrossChainCheckers(Bridge bridge) {
 
 		List<Future<?>> futures = new ArrayList<>();
 		for (SmartContract contract : bridge) {
-			futures.add(EVMLiSAExecutor.submit(() -> runEventOrderChecker(bridge, contract)));
-			futures.add(EVMLiSAExecutor.submit(() -> runUncheckedExternalCallChecker(bridge, contract)));
-			futures.add(EVMLiSAExecutor.submit(() -> runUncheckedExternalInfluenceChecker(bridge, contract)));
-			futures.add(EVMLiSAExecutor.submit(() -> runMissingEventNotificationChecker(contract)));
+			futures.add(
+					EVMLiSAExecutor.submit(xEVMLiSA.class, () -> runEventOrderChecker(bridge, contract)));
+			futures.add(
+					EVMLiSAExecutor.submit(xEVMLiSA.class, () -> runUncheckedExternalCallChecker(bridge, contract)));
+			futures.add(
+					EVMLiSAExecutor.submit(xEVMLiSA.class,
+							() -> runUncheckedExternalInfluenceChecker(bridge, contract)));
+			futures.add(
+					EVMLiSAExecutor.submit(xEVMLiSA.class, () -> runMissingEventNotificationChecker(contract)));
+			futures.add(
+					EVMLiSAExecutor.submit(xEVMLiSA.class, () -> runAccessControlIncompleteness(bridge, contract)));
 		}
-		futures.add(EVMLiSAExecutor.submit(() -> runLocalDependencyCheckers(bridge)));
+		futures.add(
+				EVMLiSAExecutor.submit(xEVMLiSA.class, () -> runLocalDependencyCheckers(bridge)));
 		EVMLiSAExecutor.awaitCompletionFutures(futures);
 
 		log.info("Saving cross-chain checkers results.");
-		for (SmartContract contract : bridge) {
+		for (SmartContract contract : bridge)
 			contract.setVulnerabilities(
 					VulnerabilitiesObject.buildFromCFG(
 							contract.getCFG()));
-		}
 
+		EVMLiSAExecutor.shutdown(xEVMLiSA.class);
 		log.info("[OUT] Cross-chain checkers results saved.");
 	}
 
@@ -280,18 +286,24 @@ public static void runLocalDependencyCheckers(Bridge bridge) {
 
 		log.info("[LocalDependencyChecker] Computing vulnerable LOGs.");
 		for (SmartContract contract : bridge)
-			futures.add(EVMLiSAExecutor.submit(() -> computeVulnerablesLOGsForLocalDependencyChecker(contract)));
+			futures.add(
+					EVMLiSAExecutor.submit(xEVMLiSA.class,
+							() -> computeVulnerablesLOGsForLocalDependencyChecker(contract)));
 		EVMLiSAExecutor.awaitCompletionFutures(futures);
 		log.info("[LocalDependencyChecker] Vulnerable LOGs computed.");
 
 		log.info("[LocalDependencyChecker] Computing tainted Call Data.");
 		for (SmartContract contract : bridge)
-			futures.add(EVMLiSAExecutor.submit(() -> computeTaintedCallDataForLocalDependencyChecker(contract)));
+			futures.add(
+					EVMLiSAExecutor.submit(xEVMLiSA.class,
+							() -> computeTaintedCallDataForLocalDependencyChecker(contract)));
 		EVMLiSAExecutor.awaitCompletionFutures(futures);
 		log.info("[LocalDependencyChecker] Tainted Call Data computed.");
 
 		for (SmartContract contract : bridge)
-			futures.add(EVMLiSAExecutor.submit(() -> runLocalDependencyChecker(contract)));
+			futures.add(
+					EVMLiSAExecutor.submit(xEVMLiSA.class,
+							() -> runLocalDependencyChecker(contract)));
 		EVMLiSAExecutor.awaitCompletionFutures(futures);
 
 		log.info("[OUT] Local Dependency checker ended.");
@@ -331,6 +343,27 @@ public static void runUncheckedExternalInfluenceChecker(Bridge bridge, SmartCont
 				MyCache.getInstance().getPossibleUncheckedExternalInfluenceWarnings(contract.getCFG().hashCode()));
 	}
 
+	public static void runAccessControlIncompleteness(Bridge bridge, SmartContract contract) {
+		log.info("[IN] Running Access Control Incompleteness checker on {}.", contract.getName());
+
+		// Setup configuration
+		Program program = new Program(new EVMLiSAFeatures(), new EVMLiSATypeSystem());
+		program.addCodeMember(contract.getCFG());
+		LiSAConfiguration conf = LiSAConfigurationManager.createConfiguration(contract);
+		LiSA lisa = new LiSA(conf);
+
+		AccessControlIncompletenessChecker checker = new AccessControlIncompletenessChecker();
+		conf.semanticChecks.add(checker);
+		conf.abstractState = new SimpleAbstractState<>(new MonolithicHeap(),
+				new AccessControlIncompletenessAbstractDomain(),
+				new TypeEnvironment<>(new InferredTypes()));
+		lisa.run(program);
+
+		log.info("[OUT] Access Control Incompleteness checker ended on {}, with {} vulnerabilities found.",
+				contract.getName(),
+				MyCache.getInstance().getUncheckedExternalCallWarnings(contract.getCFG().hashCode()));
+	}
+
 	/**
 	 * Runs the Unchecked External Call Checker on a single contract. This
 	 * configures and invokes LiSA with the UncheckedExternalCallChecker to

src/main/java/it/unipr/utils/EVMLiSAExecutor.java

@@ -11,74 +11,12 @@ public class EVMLiSAExecutor {
 	private static int CORES = (Runtime.getRuntime().availableProcessors() > 1)
 			? Runtime.getRuntime().availableProcessors() - 1
 			: 1;
-	private static ExecutorService _executor = Executors.newFixedThreadPool(CORES);
+	private static final ConcurrentMap<Class<?>, ExecutorService> ownerExecutors = new ConcurrentHashMap<>();
 
 	private static long tasksInQueue = 0;
-	@SuppressWarnings("unused")
 	private static long tasksExecuted = 0;
 	private static long tasksTimedOut = 0;
 
-	/**
-	 * Submits a task for execution in the thread pool.
-	 *
-	 * @param task the task to be executed
-	 * 
-	 * @return a Future representing the pending result of the task
-	 */
-	public static Future<?> submit(Runnable task) {
-		return _executor.submit(new EVMLiSAExecutorTask(task));
-	}
-
-	/**
-	 * Submits a list of tasks for execution in the thread pool.
-	 *
-	 * @param tasks the list of tasks to be executed
-	 * 
-	 * @return a list of Future objects representing the pending results of the
-	 *             tasks
-	 */
-	public static List<Future<?>> submitAll(List<Runnable> tasks) {
-		List<Future<?>> futures = new ArrayList<>();
-
-		for (Runnable task : tasks)
-			futures.add(submit(new EVMLiSAExecutorTask(task)));
-
-		return futures;
-	}
-
-	/**
-	 * Executes a main task asynchronously and schedules additional tasks upon
-	 * its completion.
-	 *
-	 * @param mainTask       the main task to execute
-	 * @param secondaryTasks additional tasks to execute after the main task
-	 * 
-	 * @return a CompletableFuture that completes when all tasks are finished
-	 */
-	public static CompletableFuture<Void> runAsync(Runnable mainTask, Runnable... secondaryTasks) {
-		return runAsync(mainTask, Set.of(secondaryTasks));
-	}
-
-	/**
-	 * Executes a main task asynchronously and schedules additional tasks upon
-	 * its completion.
-	 *
-	 * @param mainTask       the main task to execute
-	 * @param secondaryTasks additional tasks to execute after the main task
-	 * 
-	 * @return a CompletableFuture that completes when all tasks are finished
-	 */
-	public static CompletableFuture<Void> runAsync(Runnable mainTask, Set<Runnable> secondaryTasks) {
-		return CompletableFuture.runAsync(new EVMLiSAExecutorTask(mainTask), _executor)
-				.thenCompose(ignored -> {
-					List<CompletableFuture<Void>> checkerFutures = new ArrayList<>();
-					for (Runnable secondaryTask : secondaryTasks)
-						checkerFutures
-								.add(CompletableFuture.runAsync(new EVMLiSAExecutorTask(secondaryTask), _executor));
-					return CompletableFuture.allOf(checkerFutures.toArray(new CompletableFuture[0]));
-				});
-	}
-
 	/**
 	 * Waits for the completion of all provided CompletableFutures.
 	 *
@@ -124,7 +62,6 @@ public static void awaitCompletionFutures(List<Future<?>> futures) {
 				future.get();
 			} catch (ExecutionException e) {
 				System.err.println(JSONManager.throwNewError("Error during task execution: " + e.getMessage()));
-				e.printStackTrace();
 				System.exit(1);
 			} catch (InterruptedException ie) {
 				System.err.println(JSONManager.throwNewError("Interrupted during task execution: " + ie.getMessage()));
@@ -159,25 +96,108 @@ public static void awaitCompletionFutures(List<Future<?>> futures, long timeout,
 	}
 
 	/**
-	 * Shuts down the executor service, preventing new tasks from being
-	 * submitted.
+	 * Creates (if absent) and returns an ExecutorService associated with the
+	 * given owner class. The created executor will have {@code threads} worker
+	 * threads. If an executor is already present for the owner, it is returned
+	 * unchanged.
+	 *
+	 * @param owner   the class that will own the executor
+	 * @param threads number of threads for the executor (min 1)
+	 *
+	 * @return the ExecutorService associated with the owner
+	 */
+	public static ExecutorService createExecutorFor(Class<?> owner, int threads) {
+		int t = Math.max(1, threads);
+		return ownerExecutors.computeIfAbsent(owner, k -> Executors.newFixedThreadPool(t));
+	}
+
+	/**
+	 * Returns the ExecutorService associated with the owner class, creating a
+	 * default single-threaded executor if none exists.
+	 *
+	 * @param owner the class that will own the executor
+	 *
+	 * @return the ExecutorService associated with the owner
+	 */
+	public static ExecutorService getExecutorFor(Class<?> owner) {
+		return ownerExecutors.computeIfAbsent(owner, k -> Executors.newFixedThreadPool(CORES));
+	}
+
+	/**
+	 * Submits a task to the executor associated with the given owner class. If
+	 * no executor exists for the owner, a default one is created.
+	 *
+	 * @param owner the class owning the executor
+	 * @param task  the runnable task to submit
+	 *
+	 * @return a Future representing pending completion of the task
+	 */
+	public static Future<?> submit(Class<?> owner, Runnable task) {
+		ExecutorService ex = getExecutorFor(owner);
+		return ex.submit(new EVMLiSAExecutorTask(task));
+	}
+
+	/**
+	 * Shuts down the executor associated with the given owner class. This
+	 * removes the executor from the internal map and calls shutdown on it. If
+	 * no executor is present, this is a no-op.
+	 *
+	 * @param owner the class whose executor should be shutdown
+	 */
+	public static void shutdown(Class<?> owner) {
+		ExecutorService ex = ownerExecutors.remove(owner);
+		if (ex != null)
+			ex.shutdown();
+	}
+
+	/**
+	 * Shuts down all owner-bound executors.
+	 */
+	public static void shutdownAllOwners() {
+		for (Map.Entry<Class<?>, ExecutorService> e : ownerExecutors.entrySet()) {
+			executorShutdownQuiet(e.getValue());
+		}
+		ownerExecutors.clear();
+	}
+
+	/**
+	 * Attempts to shut down the provided executor quietly, ignoring any
+	 * exceptions. This is a private helper used when shutting down multiple
+	 * executors.
+	 *
+	 * @param ex the executor service to shut down
 	 */
-	public static void shutdown() {
-		_executor.shutdown();
+	private static void executorShutdownQuiet(ExecutorService ex) {
+		try {
+			ex.shutdown();
+		} catch (Exception ignored) {
+		}
 	}
 
+	/**
+	 * Updates the number of cores available for per-owner executors. If the
+	 * provided value differs from the current configuration, all owner-bound
+	 * executors are shutdown and the internal core count is updated.
+	 *
+	 * @param cores desired number of cores (will be clamped to a minimum of 1
+	 *                  and at most the number of available processors - 1)
+	 */
 	public static void setCoresAvailable(int cores) {
 		if (cores > Runtime.getRuntime().availableProcessors())
 			cores = Runtime.getRuntime().availableProcessors() - 1;
 
 		if (CORES == cores)
 			return;
 
-		shutdown();
+		shutdownAllOwners();
 		CORES = Math.max(cores, 1);
-		_executor = Executors.newFixedThreadPool(CORES);
 	}
 
+	/**
+	 * Gets the current number of cores configured for owner executors.
+	 *
+	 * @return the configured core count
+	 */
 	public static int getCoresAvailable() {
 		return CORES;
 	}