Static Code Analysis

Rudi Breedenraedt

Rate me:

4.97/5 (34 votes)

15 Mar 2010CPOL16 min read

87.3K

1.1K

A static code analyzer building method call networks + sample applications

This article describes the operation of a method-based static code analyzer for .NET that constructs in-memory method call networks of compiled assemblies. You will also see a concrete application of static code analysis to generate a website providing easy insights on a sample application.

codeanalyzerandtodosample.zip
- CodeAnalyzer and Sample Solution.sln
- Generate.cmd
- Generator
  - bin
    - .noclean
    - Arebis.CodeAnalysis.Static.dll
    - Arebis.CodeAnalysis.Static.XML
    - Arebis.CodeGeneration.dll
    - Arebis.CodeGeneration.VisualStudio.dll
    - Arebis.CodeGenerator.dll
    - Arebis.Common.dll
    - Arebis.Common.xml
    - CGen.exe
    - CGen.exe.config
  - Content.cst
  - Content.cst.gen
  - COperation.cst
  - COperation.cst.gen
  - DocManager.cs
  - DocToHtml.xslt
  - files
    - Blank.html
    - CodeModel.css
    - CodeModel.js
  - GenerationProfile.xml
  - GenerationSettings.xml
  - GeneratorMain.cst
  - GeneratorMain.cst.gen
  - Index.cst
  - Index.cst.gen
  - IndexTop.cst
  - IndexTop.cst.gen
  - SOperation.cst
  - SOperation.cst.gen
  - StaticCodeAnalyserProfile.xsd
  - UIOperation.cst
  - UIOperation.cst.gen
  - Utils.cs
- Output
- SampleApp
  - LocalTestRun.testrunconfig
  - ToDoApplication
    - App.config
    - App.xaml
    - App.xaml.cs
    - Infrastructure
    - MainWindow.xaml
    - MainWindow.xaml.cs
    - Properties
      - AssemblyInfo.cs
    - Service References
    - ServiceProxies.cs
    - ToDoSample.Application.csproj
  - ToDoContract
    - InvalidIdException.cs
    - IToDoService.cs
    - Properties
      - AssemblyInfo.cs
    - SecurityRoles.cs
    - ToDoItem.cs
    - ToDoSample.Contract.csproj
    - User.cs
  - ToDoSample.vsmdi
  - ToDoService
    - App.config
    - Entities.cs
    - Entities.Designer.cs
    - Entities.edmx
    - Infrastructure
      - SimulatedAuthorizationPolicy.cs
    - MappingExtensionsHelpers.cs
    - Properties
      - AssemblyInfo.cs
    - ToDoComponentManager.cs
    - ToDoSample.Service.csproj
    - ToDoSample.Service.csproj.user
    - ToDoSampleDb.create.sql
    - ToDoSampleDb.mdf
    - ToDoSampleDb_log.ldf
    - ToDoServiceImplementation.cs
  - ToDoUnitTests
    - App.config
    - Properties
      - AssemblyInfo.cs
    - Testing
      - AssertExtensions.cs
    - ToDoSample.UnitTests.csproj
    - ToDoSample.UnitTests.csproj.user
    - UnitTests
      - ToDoComponentManagerTests.cs
      - ToDoServiceCodeTest.cs
- StaticCodeAnalyzer
  - Arebis.CodeAnalysis.Static
    - Arebis.CodeAnalysis.Static.csproj
    - Arebis.CodeAnalysis.Static.csproj.user
    - CodeModel.cd
    - CodeModel.cs
    - IAnalyzerFilter.cs
    - IProcessor.cs
    - MethodListExtensions.cs
    - ModelAssembly.cs
    - ModelMethod.cs
    - ModelType.cs
    - Processors
    - Properties
      - AssemblyInfo.cs
    - StaticCodeAnalyserProfile.xsd
    - StaticCodeAnalyzer.cs
    - StaticCodeAnalyzerSession.cs
  - Arebis.Common
    - Arebis.Common (Partial).csproj
    - Arebis
      - Collections
        
        Generic
        
        DictionaryBag.cs
      - Reflection
        
        CsLanguageInfo.cs
        
        DefaultLanguageInfo.cs
        
        ILanguageInfo.cs
        
        ILInstruction.cs
        
        MethodBodyReader.cs
        
        VbLanguageInfo.cs
    - Properties
      - AssemblyInfo.cs
    - System
      - Collections
        
        Generic
        
        Net2
        
        HashSet.cs
      - Threading
        
        Net2
        
        Parallel.cs
      - TypeExtensions.cs

using System;
using System.Collections.Generic;
using System.Reflection;
using System.Reflection.Emit;

namespace Arebis.Reflection
{
	/// <summary>
	/// Reads and represents a method's body.
	/// </summary>
	/// <remarks>Source: http://www.codeproject.com/KB/cs/sdilreader.aspx (Sorin Serban)</remarks>
	public class MethodBodyReader
	{
		private readonly Type[] NoTypes = new Type[0];

		private static OpCode[] singleByteOpCodes;
		private static OpCode[] multiByteOpCodes;

		private MethodBase method = null;
		private ILanguageInfo language = null;
		private byte[] il = null;
		private List<ILInstruction> instructions = null;

		/// <summary>
		/// Static constructor, initializes the OpCode arrays.
		/// </summary>
		static MethodBodyReader()
		{
			singleByteOpCodes = new OpCode[0x100];
			multiByteOpCodes = new OpCode[0x100];
			foreach (FieldInfo fieldInfo in typeof(OpCodes).GetFields())
			{
				//Console.WriteLine("  {0} = {1}", (OpCode)fieldInfo.GetValue(null), ((OpCode)fieldInfo.GetValue(null)).Value);

				if (fieldInfo.FieldType == typeof(OpCode))
				{
					OpCode code1 = (OpCode)fieldInfo.GetValue(null);
					ushort num2 = unchecked((ushort)code1.Value);

					//if (num2 == -512)
					//    System.Diagnostics.Debugger.Break();

					if (num2 < 0x100)
					{
						singleByteOpCodes[num2] = code1;
					}
					else
					{
						if ((num2 & 0xff00) != 0xfe00)
						{
							throw new Exception("Invalid OpCode.");
						}
						multiByteOpCodes[num2 & 0xff] = code1;
					}
				}
			}
		}

		/// <summary>
		/// MethodBodyReader constructor
		/// </summary>
		/// <param name="method">The method to read the body from.</param>
		public MethodBodyReader(MethodBase method)
			: this(method, null)
		{
		}

		/// <summary>
		/// MethodBodyReader constructor
		/// </summary>
		/// <param name="method">The method to read the body from.</param>
		/// <param name="language">Code language to use for text representations of code.</param>
		public MethodBodyReader(MethodBase method, ILanguageInfo language)
		{
			try
			{
				this.method = method;
				this.language = language ?? new DefaultLanguageInfo();
				MethodBody body = method.GetMethodBody();
				if (body != null)
				{
					il = body.GetILAsByteArray();
					ConstructInstructions(method.Module);
				}
			}
			catch (Exception ex)
			{
				throw new InvalidOperationException(String.Format("Failed to read the body of {0}'s {1}.", method.DeclaringType, method), ex);
			}
		}

		/// <summary>
		/// IL code of the method body.
		/// </summary>
		public byte[] IL
		{
			get { return this.il; }
		}

		/// <summary>
		/// Instructions of the method body.
		/// </summary>
		public IList<ILInstruction> Instructions
		{
			get { return this.instructions; }
		}

		/// <summary>
		/// The current method.
		/// </summary>
		public MethodBase Method
		{
			get { return this.method; }
		}

		/// <summary>
		/// Returns a list of methods called.
		/// </summary>
		public IList<MethodBase> GetCalledMethods(bool includePropertyAccessors, bool includeOperators)
		{
			List<MethodBase> result = new List<MethodBase>();

			// Loop over all instructions:
			if (this.instructions != null)
			{
				foreach (ILInstruction instruction in this.instructions)
				{
					MethodBase calledMethod = (instruction.Operand as MethodBase);

					// Skip non-methodcalls:
					if (calledMethod == null)
						continue;

					// Filter methods:
					if (calledMethod.IsSpecialName)
					{
						// Skip property accessors:
						if ((includePropertyAccessors == false) && ((calledMethod.Name.StartsWith("get_")) || (calledMethod.Name.StartsWith("set_"))))
							continue;

						// Skip operators:
						if ((includeOperators == false) && (calledMethod.Name.StartsWith("op_")))
							continue;
					}

					// Add methodcall to result:
					result.Add(calledMethod);
				}
			}

			// Return result:
			return result;
		}

		/// <summary>
		/// Gets the IL code of the method
		/// </summary>
		public string GetBodyCode()
		{
			string result = "";
			if (instructions != null)
			{
				for (int i = 0; i < instructions.Count; i++)
				{
					result += instructions[i].GetCode() + Environment.NewLine;
				}
			}
			return result;
		}

		/// <summary>
		/// Constructs the array of ILInstructions according to the IL byte code.
		/// </summary>
		private void ConstructInstructions(Module module)
		{
			byte[] il = this.il;
			int position = 0;
			instructions = new List<ILInstruction>();
			while (position < il.Length)
			{
				ILInstruction instruction = new ILInstruction(this.language);

				// get the operation code of the current instruction
				OpCode code = OpCodes.Nop;
				ushort value = il[position++];
				if (value != 0xfe)
				{
					code = singleByteOpCodes[(int)value];
				}
				else
				{
					value = il[position++];
					code = multiByteOpCodes[(int)value];
					value = (ushort)(value | 0xfe00);
				}
				instruction.Code = code;
				instruction.Offset = position - 1;
				int metadataToken = 0;
				// get the operand of the current operation
				switch (code.OperandType)
				{
					case OperandType.InlineBrTarget:
						metadataToken = ReadInt32(il, ref position);
						metadataToken += position;
						instruction.Operand = metadataToken;
						break;
					case OperandType.InlineField:
						metadataToken = ReadInt32(il, ref position);
                        if (this.method.GetType().Name == "RuntimeConstructorInfo")
							instruction.Operand = module.ResolveField(metadataToken, this.method.DeclaringType.GetGenericArguments(), NoTypes);
						else
							instruction.Operand = module.ResolveField(metadataToken, this.method.DeclaringType.GetGenericArguments(), this.method.GetGenericArguments());
						break;
					case OperandType.InlineMethod:
						metadataToken = ReadInt32(il, ref position);
						try
						{
							if (this.method.GetType().Name == "RuntimeConstructorInfo")
								instruction.Operand = module.ResolveMethod(metadataToken, this.method.DeclaringType.GetGenericArguments(), NoTypes);
							else
								instruction.Operand = module.ResolveMethod(metadataToken, this.method.DeclaringType.GetGenericArguments(), this.method.GetGenericArguments());
						}
						catch
						{
                            if (this.method.GetType().Name == "RuntimeConstructorInfo")
								instruction.Operand = module.ResolveMember(metadataToken, this.method.DeclaringType.GetGenericArguments(), NoTypes);
							else
								instruction.Operand = module.ResolveMember(metadataToken, this.method.DeclaringType.GetGenericArguments(), this.method.GetGenericArguments());
						}
						break;
					case OperandType.InlineSig:
						metadataToken = ReadInt32(il, ref position);
						instruction.Operand = module.ResolveSignature(metadataToken);
						break;
					case OperandType.InlineTok:
						metadataToken = ReadInt32(il, ref position);
						try
						{
                            if (this.method.GetType().Name == "RuntimeConstructorInfo")
								instruction.Operand = module.ResolveType(metadataToken, this.method.DeclaringType.GetGenericArguments(), NoTypes);
							else
								instruction.Operand = module.ResolveType(metadataToken, this.method.DeclaringType.GetGenericArguments(), this.method.GetGenericArguments());
						}
						catch
						{

						}
						// SSS : see what to do here
						break;
					case OperandType.InlineType:
						metadataToken = ReadInt32(il, ref position);
						// now we call the ResolveType always using the generic attributes type in order
						// to support decompilation of generic methods and classes

						// thanks to the guys from code project who commented on this missing feature

						if (this.method.GetType().Name == "RuntimeConstructorInfo")
							instruction.Operand = module.ResolveType(metadataToken, this.method.DeclaringType.GetGenericArguments(), NoTypes);
						else
							instruction.Operand = module.ResolveType(metadataToken, this.method.DeclaringType.GetGenericArguments(), this.method.GetGenericArguments());
						break;
					case OperandType.InlineI:
						{
							instruction.Operand = ReadInt32(il, ref position);
							break;
						}
					case OperandType.InlineI8:
						{
							instruction.Operand = ReadInt64(il, ref position);
							break;
						}
					case OperandType.InlineNone:
						{
							instruction.Operand = null;
							break;
						}
					case OperandType.InlineR:
						{
							instruction.Operand = ReadDouble(il, ref position);
							break;
						}
					case OperandType.InlineString:
						{
							metadataToken = ReadInt32(il, ref position);
							instruction.Operand = module.ResolveString(metadataToken);
							break;
						}
					case OperandType.InlineSwitch:
						{
							int count = ReadInt32(il, ref position);
							int[] casesAddresses = new int[count];
							for (int i = 0; i < count; i++)
							{
								casesAddresses[i] = ReadInt32(il, ref position);
							}
							int[] cases = new int[count];
							for (int i = 0; i < count; i++)
							{
								cases[i] = position + casesAddresses[i];
							}
							break;
						}
					case OperandType.InlineVar:
						{
							instruction.Operand = ReadUInt16(il, ref position);
							break;
						}
					case OperandType.ShortInlineBrTarget:
						{
							instruction.Operand = ReadSByte(il, ref position) + position;
							break;
						}
					case OperandType.ShortInlineI:
						{
							instruction.Operand = ReadSByte(il, ref position);
							break;
						}
					case OperandType.ShortInlineR:
						{
							instruction.Operand = ReadSingle(il, ref position);
							break;
						}
					case OperandType.ShortInlineVar:
						{
							instruction.Operand = ReadByte(il, ref position);
							break;
						}
					default:
						{
							throw new Exception("Unknown operand type.");
						}
				}
				instructions.Add(instruction);
			}
		}

		#region Private IL Read Methods

		private int ReadInt16(byte[] _il, ref int position)
		{
			return ((il[position++] | (il[position++] << 8)));
		}

		private ushort ReadUInt16(byte[] _il, ref int position)
		{
			return (ushort)((il[position++] | (il[position++] << 8)));
		}

		private int ReadInt32(byte[] _il, ref int position)
		{
			return (((il[position++] | (il[position++] << 8)) | (il[position++] << 0x10)) | (il[position++] << 0x18));
		}

		private ulong ReadInt64(byte[] _il, ref int position)
		{
			return (ulong)(((il[position++] | (il[position++] << 8)) | (il[position++] << 0x10)) | (il[position++] << 0x18) | (il[position++] << 0x20) | (il[position++] << 0x28) | (il[position++] << 0x30) | (il[position++] << 0x38));
		}

		private double ReadDouble(byte[] _il, ref int position)
		{
			return (((il[position++] | (il[position++] << 8)) | (il[position++] << 0x10)) | (il[position++] << 0x18) | (il[position++] << 0x20) | (il[position++] << 0x28) | (il[position++] << 0x30) | (il[position++] << 0x38));
		}

		private sbyte ReadSByte(byte[] _il, ref int position)
		{
			return (sbyte)il[position++];
		}

		private byte ReadByte(byte[] _il, ref int position)
		{
			return (byte)il[position++];
		}

		private Single ReadSingle(byte[] _il, ref int position)
		{
			return (Single)(((il[position++] | (il[position++] << 8)) | (il[position++] << 0x10)) | (il[position++] << 0x18));
		}

		#endregion
	}
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Written By

Rudi Breedenraedt

Architect AREBIS

Belgium

Senior Software Architect and independent consultant.

Static Code Analysis

License

Comments and Discussions