MC Helpers for llvm-cfi-verify.
Add instruction analysis and machinecode traversal helpers in
preparation for control flow graph generation implementation.
Reviewers: vlad.tsyrklevich
Reviewed By: vlad.tsyrklevich
Subscribers: mgorny, llvm-commits, pcc, kcc
Differential Revision: https://reviews.llvm.org/D38424
llvm-svn: 315528
diff --git a/llvm/tools/llvm-cfi-verify/lib/FileAnalysis.cpp b/llvm/tools/llvm-cfi-verify/lib/FileAnalysis.cpp
index 6a275ce..8439a06 100644
--- a/llvm/tools/llvm-cfi-verify/lib/FileAnalysis.cpp
+++ b/llvm/tools/llvm-cfi-verify/lib/FileAnalysis.cpp
@@ -124,6 +124,83 @@
return InstrKV->second;
}
+bool FileAnalysis::isCFITrap(const Instr &InstrMeta) const {
+ return MII->getName(InstrMeta.Instruction.getOpcode()) == "TRAP";
+}
+
+bool FileAnalysis::canFallThrough(const Instr &InstrMeta) const {
+ if (!InstrMeta.Valid)
+ return false;
+
+ if (isCFITrap(InstrMeta))
+ return false;
+
+ const auto &InstrDesc = MII->get(InstrMeta.Instruction.getOpcode());
+ if (InstrDesc.mayAffectControlFlow(InstrMeta.Instruction, *RegisterInfo))
+ return InstrDesc.isConditionalBranch();
+
+ return true;
+}
+
+const Instr *
+FileAnalysis::getDefiniteNextInstruction(const Instr &InstrMeta) const {
+ if (!InstrMeta.Valid)
+ return nullptr;
+
+ if (isCFITrap(InstrMeta))
+ return nullptr;
+
+ const auto &InstrDesc = MII->get(InstrMeta.Instruction.getOpcode());
+ const Instr *NextMetaPtr;
+ if (InstrDesc.mayAffectControlFlow(InstrMeta.Instruction, *RegisterInfo)) {
+ if (InstrDesc.isConditionalBranch())
+ return nullptr;
+
+ uint64_t Target;
+ if (!MIA->evaluateBranch(InstrMeta.Instruction, InstrMeta.VMAddress,
+ InstrMeta.InstructionSize, Target))
+ return nullptr;
+
+ NextMetaPtr = getInstruction(Target);
+ } else {
+ NextMetaPtr =
+ getInstruction(InstrMeta.VMAddress + InstrMeta.InstructionSize);
+ }
+
+ if (!NextMetaPtr || !NextMetaPtr->Valid)
+ return nullptr;
+
+ return NextMetaPtr;
+}
+
+std::set<const Instr *>
+FileAnalysis::getDirectControlFlowXRefs(const Instr &InstrMeta) const {
+ std::set<const Instr *> CFCrossReferences;
+ const Instr *PrevInstruction = getPrevInstructionSequential(InstrMeta);
+
+ if (PrevInstruction && canFallThrough(*PrevInstruction))
+ CFCrossReferences.insert(PrevInstruction);
+
+ const auto &TargetRefsKV = StaticBranchTargetings.find(InstrMeta.VMAddress);
+ if (TargetRefsKV == StaticBranchTargetings.end())
+ return CFCrossReferences;
+
+ for (uint64_t SourceInstrAddress : TargetRefsKV->second) {
+ const auto &SourceInstrKV = Instructions.find(SourceInstrAddress);
+ if (SourceInstrKV == Instructions.end()) {
+ errs() << "Failed to find source instruction at address "
+ << format_hex(SourceInstrAddress, 2)
+ << " for the cross-reference to instruction at address "
+ << format_hex(InstrMeta.VMAddress, 2) << ".\n";
+ continue;
+ }
+
+ CFCrossReferences.insert(&SourceInstrKV->second);
+ }
+
+ return CFCrossReferences;
+}
+
const std::set<uint64_t> &FileAnalysis::getIndirectInstructions() const {
return IndirectInstructions;
}
diff --git a/llvm/tools/llvm-cfi-verify/lib/FileAnalysis.h b/llvm/tools/llvm-cfi-verify/lib/FileAnalysis.h
index 80e3256..df1ad60 100644
--- a/llvm/tools/llvm-cfi-verify/lib/FileAnalysis.h
+++ b/llvm/tools/llvm-cfi-verify/lib/FileAnalysis.h
@@ -79,6 +79,30 @@
const Instr *getPrevInstructionSequential(const Instr &InstrMeta) const;
const Instr *getNextInstructionSequential(const Instr &InstrMeta) const;
+ // Returns whether this instruction is used by CFI to trap the program.
+ bool isCFITrap(const Instr &InstrMeta) const;
+
+ // Returns whether this function can fall through to the next instruction.
+ // Undefined (and bad) instructions cannot fall through, and instruction that
+ // modify the control flow can only fall through if they are conditional
+ // branches or calls.
+ bool canFallThrough(const Instr &InstrMeta) const;
+
+ // Returns the definitive next instruction. This is different from the next
+ // instruction sequentially as it will follow unconditional branches (assuming
+ // they can be resolved at compile time, i.e. not indirect). This method
+ // returns nullptr if the provided instruction does not transfer control flow
+ // to exactly one instruction that is known deterministically at compile time.
+ // Also returns nullptr if the deterministic target does not exist in this
+ // file.
+ const Instr *getDefiniteNextInstruction(const Instr &InstrMeta) const;
+
+ // Get a list of deterministic control flows that lead to the provided
+ // instruction. This list includes all static control flow cross-references as
+ // well as the previous instruction if it can fall through.
+ std::set<const Instr *>
+ getDirectControlFlowXRefs(const Instr &InstrMeta) const;
+
// Returns whether this instruction uses a register operand.
bool usesRegisterOperand(const Instr &InstrMeta) const;