summaryrefslogtreecommitdiffstats
path: root/contrib/llvm/lib/CodeGen/StackProtector.cpp
diff options
context:
space:
mode:
authordim <dim@FreeBSD.org>2014-03-21 17:53:59 +0000
committerdim <dim@FreeBSD.org>2014-03-21 17:53:59 +0000
commit9cedb8bb69b89b0f0c529937247a6a80cabdbaec (patch)
treec978f0e9ec1ab92dc8123783f30b08a7fd1e2a39 /contrib/llvm/lib/CodeGen/StackProtector.cpp
parent03fdc2934eb61c44c049a02b02aa974cfdd8a0eb (diff)
downloadFreeBSD-src-9cedb8bb69b89b0f0c529937247a6a80cabdbaec.zip
FreeBSD-src-9cedb8bb69b89b0f0c529937247a6a80cabdbaec.tar.gz
MFC 261991:
Upgrade our copy of llvm/clang to 3.4 release. This version supports all of the features in the current working draft of the upcoming C++ standard, provisionally named C++1y. The code generator's performance is greatly increased, and the loop auto-vectorizer is now enabled at -Os and -O2 in addition to -O3. The PowerPC backend has made several major improvements to code generation quality and compile time, and the X86, SPARC, ARM32, Aarch64 and SystemZ backends have all seen major feature work. Release notes for llvm and clang can be found here: <http://llvm.org/releases/3.4/docs/ReleaseNotes.html> <http://llvm.org/releases/3.4/tools/clang/docs/ReleaseNotes.html> MFC 262121 (by emaste): Update lldb for clang/llvm 3.4 import This commit largely restores the lldb source to the upstream r196259 snapshot with the addition of threaded inferior support and a few bug fixes. Specific upstream lldb revisions restored include: SVN git 181387 779e6ac 181703 7bef4e2 182099 b31044e 182650 f2dcf35 182683 0d91b80 183862 15c1774 183929 99447a6 184177 0b2934b 184948 4dc3761 184954 007e7bc 186990 eebd175 Sponsored by: DARPA, AFRL MFC 262186 (by emaste): Fix mismerge in r262121 A break statement was lost in the merge. The error had no functional impact, but restore it to reduce the diff against upstream. MFC 262303: Pull in r197521 from upstream clang trunk (by rdivacky): Use the integrated assembler by default on FreeBSD/ppc and ppc64. Requested by: jhibbits MFC 262611: Pull in r196874 from upstream llvm trunk: Fix a crash that occurs when PWD is invalid. MCJIT needs to be able to run in hostile environments, even when PWD is invalid. There's no need to crash MCJIT in this case. The obvious fix is to simply leave MCContext's CompilationDir empty when PWD can't be determined. This way, MCJIT clients, and other clients that link with LLVM don't need a valid working directory. If we do want to guarantee valid CompilationDir, that should be done only for clients of getCompilationDir(). This is as simple as checking for an empty string. The only current use of getCompilationDir is EmitGenDwarfInfo, which won't conceivably run with an invalid working dir. However, in the purely hypothetically and untestable case that this happens, the AT_comp_dir will be omitted from the compilation_unit DIE. This should help fix assertions occurring with ports-mgmt/tinderbox, when it is using jails, and sometimes invalidates clang's current working directory. Reported by: decke MFC 262809: Pull in r203007 from upstream clang trunk: Don't produce an alias between destructors with different calling conventions. Fixes pr19007. (Please note that is an LLVM PR identifier, not a FreeBSD one.) This should fix Firefox and/or libxul crashes (due to problems with regparm/stdcall calling conventions) on i386. Reported by: multiple users on freebsd-current PR: bin/187103 MFC 263048: Repair recognition of "CC" as an alias for the C++ compiler, since it was silently broken by upstream for a Windows-specific use-case. Apparently some versions of CMake still rely on this archaic feature... Reported by: rakuco MFC 263049: Garbage collect the old way of adding the libstdc++ include directories in clang's InitHeaderSearch.cpp. This has been superseded by David Chisnall's commit in r255321. Moreover, if libc++ is used, the libstdc++ include directories should not be in the search path at all. These directories are now only used if you pass -stdlib=libstdc++.
Diffstat (limited to 'contrib/llvm/lib/CodeGen/StackProtector.cpp')
-rw-r--r--contrib/llvm/lib/CodeGen/StackProtector.cpp485
1 files changed, 293 insertions, 192 deletions
diff --git a/contrib/llvm/lib/CodeGen/StackProtector.cpp b/contrib/llvm/lib/CodeGen/StackProtector.cpp
index fbef347..9020449 100644
--- a/contrib/llvm/lib/CodeGen/StackProtector.cpp
+++ b/contrib/llvm/lib/CodeGen/StackProtector.cpp
@@ -15,147 +15,120 @@
//===----------------------------------------------------------------------===//
#define DEBUG_TYPE "stack-protector"
+#include "llvm/CodeGen/StackProtector.h"
+#include "llvm/CodeGen/Analysis.h"
#include "llvm/CodeGen/Passes.h"
#include "llvm/ADT/SmallPtrSet.h"
#include "llvm/ADT/Statistic.h"
-#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/Dominators.h"
+#include "llvm/Analysis/ValueTracking.h"
#include "llvm/IR/Attributes.h"
#include "llvm/IR/Constants.h"
#include "llvm/IR/DataLayout.h"
#include "llvm/IR/DerivedTypes.h"
#include "llvm/IR/Function.h"
+#include "llvm/IR/GlobalValue.h"
+#include "llvm/IR/GlobalVariable.h"
+#include "llvm/IR/IRBuilder.h"
#include "llvm/IR/Instructions.h"
+#include "llvm/IR/IntrinsicInst.h"
#include "llvm/IR/Intrinsics.h"
#include "llvm/IR/Module.h"
-#include "llvm/Pass.h"
#include "llvm/Support/CommandLine.h"
-#include "llvm/Target/TargetLowering.h"
+#include <cstdlib>
using namespace llvm;
STATISTIC(NumFunProtected, "Number of functions protected");
STATISTIC(NumAddrTaken, "Number of local variables that have their address"
" taken.");
-namespace {
- class StackProtector : public FunctionPass {
- /// TLI - Keep a pointer of a TargetLowering to consult for determining
- /// target type sizes.
- const TargetLoweringBase *TLI;
-
- Function *F;
- Module *M;
-
- DominatorTree *DT;
-
- /// VisitedPHIs - The set of PHI nodes visited when determining
- /// if a variable's reference has been taken. This set
- /// is maintained to ensure we don't visit the same PHI node multiple
- /// times.
- SmallPtrSet<const PHINode*, 16> VisitedPHIs;
-
- /// InsertStackProtectors - Insert code into the prologue and epilogue of
- /// the function.
- ///
- /// - The prologue code loads and stores the stack guard onto the stack.
- /// - The epilogue checks the value stored in the prologue against the
- /// original value. It calls __stack_chk_fail if they differ.
- bool InsertStackProtectors();
-
- /// CreateFailBB - Create a basic block to jump to when the stack protector
- /// check fails.
- BasicBlock *CreateFailBB();
-
- /// ContainsProtectableArray - Check whether the type either is an array or
- /// contains an array of sufficient size so that we need stack protectors
- /// for it.
- bool ContainsProtectableArray(Type *Ty, bool Strong = false,
- bool InStruct = false) const;
-
- /// \brief Check whether a stack allocation has its address taken.
- bool HasAddressTaken(const Instruction *AI);
-
- /// RequiresStackProtector - Check whether or not this function needs a
- /// stack protector based upon the stack protector level.
- bool RequiresStackProtector();
- public:
- static char ID; // Pass identification, replacement for typeid.
- StackProtector() : FunctionPass(ID), TLI(0) {
- initializeStackProtectorPass(*PassRegistry::getPassRegistry());
- }
- StackProtector(const TargetLoweringBase *tli)
- : FunctionPass(ID), TLI(tli) {
- initializeStackProtectorPass(*PassRegistry::getPassRegistry());
- }
-
- virtual void getAnalysisUsage(AnalysisUsage &AU) const {
- AU.addPreserved<DominatorTree>();
- }
-
- virtual bool runOnFunction(Function &Fn);
- };
-} // end anonymous namespace
+static cl::opt<bool> EnableSelectionDAGSP("enable-selectiondag-sp",
+ cl::init(true), cl::Hidden);
char StackProtector::ID = 0;
-INITIALIZE_PASS(StackProtector, "stack-protector",
- "Insert stack protectors", false, false)
+INITIALIZE_PASS(StackProtector, "stack-protector", "Insert stack protectors",
+ false, true)
-FunctionPass *llvm::createStackProtectorPass(const TargetLoweringBase *tli) {
- return new StackProtector(tli);
+FunctionPass *llvm::createStackProtectorPass(const TargetMachine *TM) {
+ return new StackProtector(TM);
+}
+
+StackProtector::SSPLayoutKind
+StackProtector::getSSPLayout(const AllocaInst *AI) const {
+ return AI ? Layout.lookup(AI) : SSPLK_None;
}
bool StackProtector::runOnFunction(Function &Fn) {
F = &Fn;
M = F->getParent();
DT = getAnalysisIfAvailable<DominatorTree>();
+ TLI = TM->getTargetLowering();
- if (!RequiresStackProtector()) return false;
+ if (!RequiresStackProtector())
+ return false;
+
+ Attribute Attr = Fn.getAttributes().getAttribute(
+ AttributeSet::FunctionIndex, "stack-protector-buffer-size");
+ if (Attr.isStringAttribute())
+ Attr.getValueAsString().getAsInteger(10, SSPBufferSize);
++NumFunProtected;
return InsertStackProtectors();
}
-/// ContainsProtectableArray - Check whether the type either is an array or
-/// contains a char array of sufficient size so that we need stack protectors
-/// for it.
-bool StackProtector::ContainsProtectableArray(Type *Ty, bool Strong,
+/// \param [out] IsLarge is set to true if a protectable array is found and
+/// it is "large" ( >= ssp-buffer-size). In the case of a structure with
+/// multiple arrays, this gets set if any of them is large.
+bool StackProtector::ContainsProtectableArray(Type *Ty, bool &IsLarge,
+ bool Strong,
bool InStruct) const {
- if (!Ty) return false;
+ if (!Ty)
+ return false;
if (ArrayType *AT = dyn_cast<ArrayType>(Ty)) {
- // In strong mode any array, regardless of type and size, triggers a
- // protector
- if (Strong)
- return true;
- const TargetMachine &TM = TLI->getTargetMachine();
if (!AT->getElementType()->isIntegerTy(8)) {
- Triple Trip(TM.getTargetTriple());
-
// If we're on a non-Darwin platform or we're inside of a structure, don't
// add stack protectors unless the array is a character array.
- if (InStruct || !Trip.isOSDarwin())
- return false;
+ // However, in strong mode any array, regardless of type and size,
+ // triggers a protector.
+ if (!Strong && (InStruct || !Trip.isOSDarwin()))
+ return false;
}
// If an array has more than SSPBufferSize bytes of allocated space, then we
// emit stack protectors.
- if (TM.Options.SSPBufferSize <= TLI->getDataLayout()->getTypeAllocSize(AT))
+ if (SSPBufferSize <= TLI->getDataLayout()->getTypeAllocSize(AT)) {
+ IsLarge = true;
+ return true;
+ }
+
+ if (Strong)
+ // Require a protector for all arrays in strong mode
return true;
}
const StructType *ST = dyn_cast<StructType>(Ty);
- if (!ST) return false;
+ if (!ST)
+ return false;
+ bool NeedsProtector = false;
for (StructType::element_iterator I = ST->element_begin(),
- E = ST->element_end(); I != E; ++I)
- if (ContainsProtectableArray(*I, Strong, true))
- return true;
+ E = ST->element_end();
+ I != E; ++I)
+ if (ContainsProtectableArray(*I, IsLarge, Strong, true)) {
+ // If the element is a protectable array and is large (>= SSPBufferSize)
+ // then we are done. If the protectable array is not large, then
+ // keep looking in case a subsequent element is a large array.
+ if (IsLarge)
+ return true;
+ NeedsProtector = true;
+ }
- return false;
+ return NeedsProtector;
}
bool StackProtector::HasAddressTaken(const Instruction *AI) {
for (Value::const_use_iterator UI = AI->use_begin(), UE = AI->use_end();
- UI != UE; ++UI) {
+ UI != UE; ++UI) {
const User *U = *UI;
if (const StoreInst *SI = dyn_cast<StoreInst>(U)) {
if (AI == SI->getValueOperand())
@@ -202,11 +175,13 @@ bool StackProtector::HasAddressTaken(const Instruction *AI) {
/// address taken.
bool StackProtector::RequiresStackProtector() {
bool Strong = false;
+ bool NeedsProtector = false;
if (F->getAttributes().hasAttribute(AttributeSet::FunctionIndex,
- Attribute::StackProtectReq))
- return true;
- else if (F->getAttributes().hasAttribute(AttributeSet::FunctionIndex,
- Attribute::StackProtectStrong))
+ Attribute::StackProtectReq)) {
+ NeedsProtector = true;
+ Strong = true; // Use the same heuristic as strong to determine SSPLayout
+ } else if (F->getAttributes().hasAttribute(AttributeSet::FunctionIndex,
+ Attribute::StackProtectStrong))
Strong = true;
else if (!F->getAttributes().hasAttribute(AttributeSet::FunctionIndex,
Attribute::StackProtect))
@@ -215,38 +190,156 @@ bool StackProtector::RequiresStackProtector() {
for (Function::iterator I = F->begin(), E = F->end(); I != E; ++I) {
BasicBlock *BB = I;
- for (BasicBlock::iterator
- II = BB->begin(), IE = BB->end(); II != IE; ++II) {
+ for (BasicBlock::iterator II = BB->begin(), IE = BB->end(); II != IE;
+ ++II) {
if (AllocaInst *AI = dyn_cast<AllocaInst>(II)) {
if (AI->isArrayAllocation()) {
// SSP-Strong: Enable protectors for any call to alloca, regardless
// of size.
if (Strong)
return true;
-
+
if (const ConstantInt *CI =
- dyn_cast<ConstantInt>(AI->getArraySize())) {
- unsigned BufferSize = TLI->getTargetMachine().Options.SSPBufferSize;
- if (CI->getLimitedValue(BufferSize) >= BufferSize)
+ dyn_cast<ConstantInt>(AI->getArraySize())) {
+ if (CI->getLimitedValue(SSPBufferSize) >= SSPBufferSize) {
// A call to alloca with size >= SSPBufferSize requires
// stack protectors.
- return true;
- } else // A call to alloca with a variable size requires protectors.
- return true;
+ Layout.insert(std::make_pair(AI, SSPLK_LargeArray));
+ NeedsProtector = true;
+ } else if (Strong) {
+ // Require protectors for all alloca calls in strong mode.
+ Layout.insert(std::make_pair(AI, SSPLK_SmallArray));
+ NeedsProtector = true;
+ }
+ } else {
+ // A call to alloca with a variable size requires protectors.
+ Layout.insert(std::make_pair(AI, SSPLK_LargeArray));
+ NeedsProtector = true;
+ }
+ continue;
}
- if (ContainsProtectableArray(AI->getAllocatedType(), Strong))
- return true;
+ bool IsLarge = false;
+ if (ContainsProtectableArray(AI->getAllocatedType(), IsLarge, Strong)) {
+ Layout.insert(std::make_pair(AI, IsLarge ? SSPLK_LargeArray
+ : SSPLK_SmallArray));
+ NeedsProtector = true;
+ continue;
+ }
if (Strong && HasAddressTaken(AI)) {
- ++NumAddrTaken;
- return true;
+ ++NumAddrTaken;
+ Layout.insert(std::make_pair(AI, SSPLK_AddrOf));
+ NeedsProtector = true;
}
}
}
}
- return false;
+ return NeedsProtector;
+}
+
+static bool InstructionWillNotHaveChain(const Instruction *I) {
+ return !I->mayHaveSideEffects() && !I->mayReadFromMemory() &&
+ isSafeToSpeculativelyExecute(I);
+}
+
+/// Identify if RI has a previous instruction in the "Tail Position" and return
+/// it. Otherwise return 0.
+///
+/// This is based off of the code in llvm::isInTailCallPosition. The difference
+/// is that it inverts the first part of llvm::isInTailCallPosition since
+/// isInTailCallPosition is checking if a call is in a tail call position, and
+/// we are searching for an unknown tail call that might be in the tail call
+/// position. Once we find the call though, the code uses the same refactored
+/// code, returnTypeIsEligibleForTailCall.
+static CallInst *FindPotentialTailCall(BasicBlock *BB, ReturnInst *RI,
+ const TargetLoweringBase *TLI) {
+ // Establish a reasonable upper bound on the maximum amount of instructions we
+ // will look through to find a tail call.
+ unsigned SearchCounter = 0;
+ const unsigned MaxSearch = 4;
+ bool NoInterposingChain = true;
+
+ for (BasicBlock::reverse_iterator I = llvm::next(BB->rbegin()),
+ E = BB->rend();
+ I != E && SearchCounter < MaxSearch; ++I) {
+ Instruction *Inst = &*I;
+
+ // Skip over debug intrinsics and do not allow them to affect our MaxSearch
+ // counter.
+ if (isa<DbgInfoIntrinsic>(Inst))
+ continue;
+
+ // If we find a call and the following conditions are satisifed, then we
+ // have found a tail call that satisfies at least the target independent
+ // requirements of a tail call:
+ //
+ // 1. The call site has the tail marker.
+ //
+ // 2. The call site either will not cause the creation of a chain or if a
+ // chain is necessary there are no instructions in between the callsite and
+ // the call which would create an interposing chain.
+ //
+ // 3. The return type of the function does not impede tail call
+ // optimization.
+ if (CallInst *CI = dyn_cast<CallInst>(Inst)) {
+ if (CI->isTailCall() &&
+ (InstructionWillNotHaveChain(CI) || NoInterposingChain) &&
+ returnTypeIsEligibleForTailCall(BB->getParent(), CI, RI, *TLI))
+ return CI;
+ }
+
+ // If we did not find a call see if we have an instruction that may create
+ // an interposing chain.
+ NoInterposingChain =
+ NoInterposingChain && InstructionWillNotHaveChain(Inst);
+
+ // Increment max search.
+ SearchCounter++;
+ }
+
+ return 0;
+}
+
+/// Insert code into the entry block that stores the __stack_chk_guard
+/// variable onto the stack:
+///
+/// entry:
+/// StackGuardSlot = alloca i8*
+/// StackGuard = load __stack_chk_guard
+/// call void @llvm.stackprotect.create(StackGuard, StackGuardSlot)
+///
+/// Returns true if the platform/triple supports the stackprotectorcreate pseudo
+/// node.
+static bool CreatePrologue(Function *F, Module *M, ReturnInst *RI,
+ const TargetLoweringBase *TLI, const Triple &Trip,
+ AllocaInst *&AI, Value *&StackGuardVar) {
+ bool SupportsSelectionDAGSP = false;
+ PointerType *PtrTy = Type::getInt8PtrTy(RI->getContext());
+ unsigned AddressSpace, Offset;
+ if (TLI->getStackCookieLocation(AddressSpace, Offset)) {
+ Constant *OffsetVal =
+ ConstantInt::get(Type::getInt32Ty(RI->getContext()), Offset);
+
+ StackGuardVar = ConstantExpr::getIntToPtr(
+ OffsetVal, PointerType::get(PtrTy, AddressSpace));
+ } else if (Trip.getOS() == llvm::Triple::OpenBSD) {
+ StackGuardVar = M->getOrInsertGlobal("__guard_local", PtrTy);
+ cast<GlobalValue>(StackGuardVar)
+ ->setVisibility(GlobalValue::HiddenVisibility);
+ } else {
+ SupportsSelectionDAGSP = true;
+ StackGuardVar = M->getOrInsertGlobal("__stack_chk_guard", PtrTy);
+ }
+
+ IRBuilder<> B(&F->getEntryBlock().front());
+ AI = B.CreateAlloca(PtrTy, 0, "StackGuardSlot");
+ LoadInst *LI = B.CreateLoad(StackGuardVar, "StackGuard");
+ B.CreateCall2(Intrinsic::getDeclaration(M, Intrinsic::stackprotector), LI,
+ AI);
+
+ return SupportsSelectionDAGSP;
}
/// InsertStackProtectors - Insert code into the prologue and epilogue of the
@@ -256,102 +349,102 @@ bool StackProtector::RequiresStackProtector() {
/// - The epilogue checks the value stored in the prologue against the original
/// value. It calls __stack_chk_fail if they differ.
bool StackProtector::InsertStackProtectors() {
- BasicBlock *FailBB = 0; // The basic block to jump to if check fails.
- BasicBlock *FailBBDom = 0; // FailBB's dominator.
- AllocaInst *AI = 0; // Place on stack that stores the stack guard.
- Value *StackGuardVar = 0; // The stack guard variable.
+ bool HasPrologue = false;
+ bool SupportsSelectionDAGSP =
+ EnableSelectionDAGSP && !TM->Options.EnableFastISel;
+ AllocaInst *AI = 0; // Place on stack that stores the stack guard.
+ Value *StackGuardVar = 0; // The stack guard variable.
- for (Function::iterator I = F->begin(), E = F->end(); I != E; ) {
+ for (Function::iterator I = F->begin(), E = F->end(); I != E;) {
BasicBlock *BB = I++;
ReturnInst *RI = dyn_cast<ReturnInst>(BB->getTerminator());
- if (!RI) continue;
+ if (!RI)
+ continue;
- if (!FailBB) {
- // Insert code into the entry block that stores the __stack_chk_guard
- // variable onto the stack:
- //
- // entry:
- // StackGuardSlot = alloca i8*
- // StackGuard = load __stack_chk_guard
- // call void @llvm.stackprotect.create(StackGuard, StackGuardSlot)
- //
- PointerType *PtrTy = Type::getInt8PtrTy(RI->getContext());
- unsigned AddressSpace, Offset;
- if (TLI->getStackCookieLocation(AddressSpace, Offset)) {
- Constant *OffsetVal =
- ConstantInt::get(Type::getInt32Ty(RI->getContext()), Offset);
-
- StackGuardVar = ConstantExpr::getIntToPtr(OffsetVal,
- PointerType::get(PtrTy, AddressSpace));
+ if (!HasPrologue) {
+ HasPrologue = true;
+ SupportsSelectionDAGSP &=
+ CreatePrologue(F, M, RI, TLI, Trip, AI, StackGuardVar);
+ }
+
+ if (SupportsSelectionDAGSP) {
+ // Since we have a potential tail call, insert the special stack check
+ // intrinsic.
+ Instruction *InsertionPt = 0;
+ if (CallInst *CI = FindPotentialTailCall(BB, RI, TLI)) {
+ InsertionPt = CI;
} else {
- StackGuardVar = M->getOrInsertGlobal("__stack_chk_guard", PtrTy);
+ InsertionPt = RI;
+ // At this point we know that BB has a return statement so it *DOES*
+ // have a terminator.
+ assert(InsertionPt != 0 && "BB must have a terminator instruction at "
+ "this point.");
}
- BasicBlock &Entry = F->getEntryBlock();
- Instruction *InsPt = &Entry.front();
-
- AI = new AllocaInst(PtrTy, "StackGuardSlot", InsPt);
- LoadInst *LI = new LoadInst(StackGuardVar, "StackGuard", false, InsPt);
+ Function *Intrinsic =
+ Intrinsic::getDeclaration(M, Intrinsic::stackprotectorcheck);
+ CallInst::Create(Intrinsic, StackGuardVar, "", InsertionPt);
- Value *Args[] = { LI, AI };
- CallInst::
- Create(Intrinsic::getDeclaration(M, Intrinsic::stackprotector),
- Args, "", InsPt);
-
- // Create the basic block to jump to when the guard check fails.
- FailBB = CreateFailBB();
- }
+ } else {
+ // If we do not support SelectionDAG based tail calls, generate IR level
+ // tail calls.
+ //
+ // For each block with a return instruction, convert this:
+ //
+ // return:
+ // ...
+ // ret ...
+ //
+ // into this:
+ //
+ // return:
+ // ...
+ // %1 = load __stack_chk_guard
+ // %2 = load StackGuardSlot
+ // %3 = cmp i1 %1, %2
+ // br i1 %3, label %SP_return, label %CallStackCheckFailBlk
+ //
+ // SP_return:
+ // ret ...
+ //
+ // CallStackCheckFailBlk:
+ // call void @__stack_chk_fail()
+ // unreachable
+
+ // Create the FailBB. We duplicate the BB every time since the MI tail
+ // merge pass will merge together all of the various BB into one including
+ // fail BB generated by the stack protector pseudo instruction.
+ BasicBlock *FailBB = CreateFailBB();
+
+ // Split the basic block before the return instruction.
+ BasicBlock *NewBB = BB->splitBasicBlock(RI, "SP_return");
+
+ // Update the dominator tree if we need to.
+ if (DT && DT->isReachableFromEntry(BB)) {
+ DT->addNewBlock(NewBB, BB);
+ DT->addNewBlock(FailBB, BB);
+ }
- // For each block with a return instruction, convert this:
- //
- // return:
- // ...
- // ret ...
- //
- // into this:
- //
- // return:
- // ...
- // %1 = load __stack_chk_guard
- // %2 = load StackGuardSlot
- // %3 = cmp i1 %1, %2
- // br i1 %3, label %SP_return, label %CallStackCheckFailBlk
- //
- // SP_return:
- // ret ...
- //
- // CallStackCheckFailBlk:
- // call void @__stack_chk_fail()
- // unreachable
+ // Remove default branch instruction to the new BB.
+ BB->getTerminator()->eraseFromParent();
- // Split the basic block before the return instruction.
- BasicBlock *NewBB = BB->splitBasicBlock(RI, "SP_return");
+ // Move the newly created basic block to the point right after the old
+ // basic block so that it's in the "fall through" position.
+ NewBB->moveAfter(BB);
- if (DT && DT->isReachableFromEntry(BB)) {
- DT->addNewBlock(NewBB, BB);
- FailBBDom = FailBBDom ? DT->findNearestCommonDominator(FailBBDom, BB) :BB;
+ // Generate the stack protector instructions in the old basic block.
+ IRBuilder<> B(BB);
+ LoadInst *LI1 = B.CreateLoad(StackGuardVar);
+ LoadInst *LI2 = B.CreateLoad(AI);
+ Value *Cmp = B.CreateICmpEQ(LI1, LI2);
+ B.CreateCondBr(Cmp, NewBB, FailBB);
}
-
- // Remove default branch instruction to the new BB.
- BB->getTerminator()->eraseFromParent();
-
- // Move the newly created basic block to the point right after the old basic
- // block so that it's in the "fall through" position.
- NewBB->moveAfter(BB);
-
- // Generate the stack protector instructions in the old basic block.
- LoadInst *LI1 = new LoadInst(StackGuardVar, "", false, BB);
- LoadInst *LI2 = new LoadInst(AI, "", true, BB);
- ICmpInst *Cmp = new ICmpInst(*BB, CmpInst::ICMP_EQ, LI1, LI2, "");
- BranchInst::Create(NewBB, FailBB, Cmp, BB);
}
// Return if we didn't modify any basic blocks. I.e., there are no return
// statements in the function.
- if (!FailBB) return false;
-
- if (DT && FailBBDom)
- DT->addNewBlock(FailBB, FailBBDom);
+ if (!HasPrologue)
+ return false;
return true;
}
@@ -359,12 +452,20 @@ bool StackProtector::InsertStackProtectors() {
/// CreateFailBB - Create a basic block to jump to when the stack protector
/// check fails.
BasicBlock *StackProtector::CreateFailBB() {
- BasicBlock *FailBB = BasicBlock::Create(F->getContext(),
- "CallStackCheckFailBlk", F);
- Constant *StackChkFail =
- M->getOrInsertFunction("__stack_chk_fail",
- Type::getVoidTy(F->getContext()), NULL);
- CallInst::Create(StackChkFail, "", FailBB);
- new UnreachableInst(F->getContext(), FailBB);
+ LLVMContext &Context = F->getContext();
+ BasicBlock *FailBB = BasicBlock::Create(Context, "CallStackCheckFailBlk", F);
+ IRBuilder<> B(FailBB);
+ if (Trip.getOS() == llvm::Triple::OpenBSD) {
+ Constant *StackChkFail = M->getOrInsertFunction(
+ "__stack_smash_handler", Type::getVoidTy(Context),
+ Type::getInt8PtrTy(Context), NULL);
+
+ B.CreateCall(StackChkFail, B.CreateGlobalStringPtr(F->getName(), "SSH"));
+ } else {
+ Constant *StackChkFail = M->getOrInsertFunction(
+ "__stack_chk_fail", Type::getVoidTy(Context), NULL);
+ B.CreateCall(StackChkFail);
+ }
+ B.CreateUnreachable();
return FailBB;
}
OpenPOWER on IntegriCloud