This is an archive of the discontinued LLVM Phabricator instance.

Differential D38654

Parse DWARF information to reduce false positives.
ClosedPublic

Authored by hctim on Oct 6 2017, 5:16 PM.

Details

Reviewers
pcc
Commits
rG7db6f7a34465: Parse DWARF information to reduce false positives.
rL317050: Parse DWARF information to reduce false positives.
Summary

Help differentiate code and data by parsing DWARF information. This will reduce false positive rates where data is placed in executable sections and is mistakenly parsed as code, resulting in an inflation in the number of indirect CF instructions (and hence an inflation of the number of unprotected).

Also prints the DWARF line data around the region of each indirect CF instruction.

Diff Detail

Event Timeline

hctim created this revision.Oct 6 2017, 5:16 PM
Herald added subscribers: aprantl, mgorny. · View Herald TranscriptOct 6 2017, 5:16 PM
hctim added a parent revision: D38428: Add FileVerifier::isCFIProtected()..Oct 6 2017, 5:16 PM
hctim edited the summary of this revision. (Show Details)
hctim updated this revision to Diff 118116.Oct 6 2017, 5:52 PM

backported a clang-format

hctim added a child revision: D38657: Update cl::opt<uint64_t> instances to cl::opt<unsigned long long>.Oct 6 2017, 5:57 PM
hctim updated this revision to Diff 118426.Oct 10 2017, 10:53 AM

Merged previous changes in the stack.

probinson added a subscriber: probinson.Oct 12 2017, 5:08 PM
probinson added inline comments.
tools/llvm-cfi-verify/FileAnalysis.cpp
325 ↗(On Diff #118426)

Does this tool run only on .o files, and not on executables? Because this decides line info is valid if any CU has a non-empty line table. If you are looking at a linked executable, one might have been compiled -g and another not, and this check will still succeed.

331 ↗(On Diff #118426)

Type units can have an associated line table, but that's just to provide filespecs for DW_AT_file. There should never be any Rows in a type unit's line table.

hctim updated this revision to Diff 119706.Oct 20 2017, 1:58 PM
hctim marked 2 inline comments as done.
  • Modified tool to ensure that users are aware that all statically linked libraries are required to be compiled with '-g'.
  • Removed type unit check (thanks probison)!
  • Changed opt<uint64_t> to opt<unsigned long long> (known issue with opt<uint64_t>).
  • Lexicographically sorted library names.
tools/llvm-cfi-verify/FileAnalysis.cpp
325 ↗(On Diff #118426)

The goal for this tool is to run on both.

Thanks for reminding me :) I've had discussions with people about this exact topic offline, but forgot to update the commits.

The consensus we reached was in order to do elimination-by-dwarf (i.e. having --ignore-dwarf=false), anything that is statically linked into this binary is required to be compiled with -g. I'll update the documentation for this tool soon and add a comment around this section.

331 ↗(On Diff #118426)

Thanks for the information, will remove the redundant check.

Harbormaster completed remote builds in B11340: Diff 119706.Oct 20 2017, 2:00 PM
hctim updated this revision to Diff 119937.Oct 23 2017, 2:12 PM

Patched from upstream.

pcc added inline comments.Oct 24 2017, 2:54 PM
tools/llvm-cfi-verify/lib/FileAnalysis.cpp
54

I don't think you need cl::location or the external declaration of IgnoreDWARF, because this flag is only used in this file.

unittests/tools/llvm-cfi-verify/FileAnalysis.cpp
486

Am I missing something, or should these new tests include DWARF information?

hctim updated this revision to Diff 120161.Oct 24 2017, 6:06 PM
hctim marked an inline comment as done.
  • Fixed diff to be against the correct changelist (prev in stack instead of master).
  • Removed external declaration of command line flag .
Harbormaster completed remote builds in B11458: Diff 120161.Oct 24 2017, 6:06 PM
pcc edited edge metadata.Oct 26 2017, 1:27 PM

Should this include a test case?

hctim updated this revision to Diff 120501.Oct 26 2017, 3:38 PM
  • Moved DWARF handlers into virtual functions for mocking.
  • Added unit tests for line table based instruction exclusion.
Harbormaster completed remote builds in B11546: Diff 120501.Oct 26 2017, 3:38 PM
hctim updated this revision to Diff 120688.Oct 27 2017, 1:43 PM
  • Removed dependency injection onto DWARF lookups from unit tests.
  • Added lit test suite for integration testing.
  • Added lit tests for checking line table information.
Harbormaster completed remote builds in B11582: Diff 120688.Oct 27 2017, 1:43 PM
hctim updated this revision to Diff 120689.Oct 27 2017, 1:45 PM

Fixed small formatting issue from revert of dependency injection changes.

hctim updated this revision to Diff 120899.Oct 30 2017, 3:07 PM

Removed tests that require clang with plugin/LTO support. Made the tests build from the supplied assembly instead.

Harbormaster completed remote builds in B11636: Diff 120899.Oct 30 2017, 3:07 PM
pcc added inline comments.Oct 31 2017, 10:55 AM
test/tools/llvm-cfi-verify/X86/protected-lineinfo.s
21 ↗(On Diff #120899)

I'd prefer if the output were smaller. Do you get a smaller output if you compile with -gmlt?

hctim updated this revision to Diff 121020.Oct 31 2017, 11:09 AM

Compiled integration tests with -gmlt instead of -g

Harbormaster completed remote builds in B11670: Diff 121020.Oct 31 2017, 11:10 AM
hctim marked an inline comment as done.Oct 31 2017, 11:10 AM
pcc added a comment.Oct 31 2017, 11:31 AM

I'd expect there to be a test which makes sure that a jump with no line info in a file with line info doesn't count as an unprotected jump. Can you add one?

test/tools/llvm-cfi-verify/X86/protected-nolineinfo.s
1 ↗(On Diff #121020)

I don't think you need more than one test for the line table check. I'd drop this one and keep the other one.

hctim updated this revision to Diff 121034.Oct 31 2017, 12:15 PM
hctim marked an inline comment as done.

Added test where a file contains line table information, but an indirect CF instruction is not covered by the LT information.

Harbormaster completed remote builds in B11677: Diff 121034.Oct 31 2017, 12:15 PM
pcc accepted this revision.Oct 31 2017, 3:43 PM

LGTM

This revision is now accepted and ready to land.Oct 31 2017, 3:43 PM
Closed by commit rL317050: Parse DWARF information to reduce false positives. (authored by hctim). · Explain WhyOct 31 2017, 4:20 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
test/
tools/
llvm-cfi-verify/
X86/
2 lines
7 lines
4 lines
12 lines
385 lines
92 lines
tools/
llvm-cfi-verify/
1 line
2 lines
lib/
1 line
19 lines
54 lines
7 lines
2 lines
55 lines
unittests/
tools/
llvm-cfi-verify/
3 lines

Diff 120688

test/tools/llvm-cfi-verify/X86/lit.local.cfg

  • This file was added.
if not 'X86' in config.root.targets:
config.unsupported = True

test/tools/llvm-cfi-verify/X86/protected-lineinfo.test

  • This file was added.
RUN: clang++ -flto -fsanitize=cfi -fvisibility=hidden %S/tiny.cc -o %t -g
RUN: llvm-cfi-verify %t | FileCheck %s
# CHECK-LABEL: P
# CHECK-NEXT: = tiny.cc:11
# CHECK: Unprotected: 0 (0.00%), Protected: 1 (100.00%)

test/tools/llvm-cfi-verify/X86/protected-nolineinfo.test

  • This file was added.
RUN: clang++ -flto -fsanitize=cfi -fvisibility=hidden %S/tiny.cc -o %t
RUN: not llvm-cfi-verify %t 2>&1 | FileCheck %s
# CHECK: DWARF line information missing. Did you compile with '-g'?

test/tools/llvm-cfi-verify/X86/tiny.cc

  • This file was added.
void a() {}
void b() {}
int main(int argc, char** argv) {
void(*ptr)();
if (argc == 1)
ptr = &a;
else
ptr = &b;
ptr();
}

test/tools/llvm-cfi-verify/X86/unprotected-lineinfo.s

  • This file was added.
# RUN: llvm-mc %s -filetype obj -triple x86_64-linux-elf -o %t.o
# RUN: llvm-cfi-verify %t.o | FileCheck %s
# CHECK-LABEL: U 0x5a
# CHECK-NEXT: 0x5a = tiny.cc:11
# CHECK: Unprotected: 1 (100.00%), Protected: 0 (0.00%)
# Source (tiny.cc):
# void a() {}
# void b() {}
# int main(int argc, char** argv) {
# void(*ptr)();
# if (argc == 1)
# ptr = &a;
# else
# ptr = &b;
# ptr();
# }
# Compile with:
# clang++ -g tiny.cc -S -o tiny.s
.text
.file "tiny.cc"
.globl _Z1av # -- Begin function _Z1av
.p2align 4, 0x90
.type _Z1av,@function
_Z1av: # @_Z1av
.Lfunc_begin0:
.file 1 "tiny.cc"
.loc 1 1 0 # tiny.cc:1:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp0:
.loc 1 1 11 prologue_end # tiny.cc:1:11
popq %rbp
retq
.Ltmp1:
.Lfunc_end0:
.size _Z1av, .Lfunc_end0-_Z1av
.cfi_endproc
# -- End function
.globl _Z1bv # -- Begin function _Z1bv
.p2align 4, 0x90
.type _Z1bv,@function
_Z1bv: # @_Z1bv
.Lfunc_begin1:
.loc 1 2 0 # tiny.cc:2:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp2:
.loc 1 2 11 prologue_end # tiny.cc:2:11
popq %rbp
retq
.Ltmp3:
.Lfunc_end1:
.size _Z1bv, .Lfunc_end1-_Z1bv
.cfi_endproc
# -- End function
.globl main # -- Begin function main
.p2align 4, 0x90
.type main,@function
main: # @main
.Lfunc_begin2:
.loc 1 4 0 # tiny.cc:4:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
subq $32, %rsp
movl $0, -4(%rbp)
movl %edi, -8(%rbp)
movq %rsi, -16(%rbp)
.Ltmp4:
.loc 1 6 12 prologue_end # tiny.cc:6:12
cmpl $1, -8(%rbp)
.Ltmp5:
.loc 1 6 7 is_stmt 0 # tiny.cc:6:7
jne .LBB2_2
# BB#1:
.loc 1 0 7 # tiny.cc:0:7
movabsq $_Z1av, %rax
.Ltmp6:
.loc 1 7 9 is_stmt 1 # tiny.cc:7:9
movq %rax, -24(%rbp)
.loc 1 7 5 is_stmt 0 # tiny.cc:7:5
jmp .LBB2_3
.LBB2_2:
.loc 1 0 5 # tiny.cc:0:5
movabsq $_Z1bv, %rax
.loc 1 9 9 is_stmt 1 # tiny.cc:9:9
movq %rax, -24(%rbp)
.Ltmp7:
.LBB2_3:
.loc 1 11 3 # tiny.cc:11:3
callq *-24(%rbp)
.loc 1 12 1 # tiny.cc:12:1
movl -4(%rbp), %eax
addq $32, %rsp
popq %rbp
retq
.Ltmp8:
.Lfunc_end2:
.size main, .Lfunc_end2-main
.cfi_endproc
# -- End function
.section .debug_str,"MS",@progbits,1
.Linfo_string0:
.asciz "clang version 6.0.0 (trunk 316774)" # string offset=0
.Linfo_string1:
.asciz "tiny.cc" # string offset=35
.Linfo_string2:
.asciz "/tmp" # string offset=43
.Linfo_string3:
.asciz "_Z1av" # string offset=48
.Linfo_string4:
.asciz "a" # string offset=54
.Linfo_string5:
.asciz "_Z1bv" # string offset=56
.Linfo_string6:
.asciz "b" # string offset=62
.Linfo_string7:
.asciz "main" # string offset=64
.Linfo_string8:
.asciz "int" # string offset=69
.Linfo_string9:
.asciz "argc" # string offset=73
.Linfo_string10:
.asciz "argv" # string offset=78
.Linfo_string11:
.asciz "char" # string offset=83
.Linfo_string12:
.asciz "ptr" # string offset=88
.section .debug_abbrev,"",@progbits
.byte 1 # Abbreviation Code
.byte 17 # DW_TAG_compile_unit
.byte 1 # DW_CHILDREN_yes
.byte 37 # DW_AT_producer
.byte 14 # DW_FORM_strp
.byte 19 # DW_AT_language
.byte 5 # DW_FORM_data2
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 16 # DW_AT_stmt_list
.byte 23 # DW_FORM_sec_offset
.byte 27 # DW_AT_comp_dir
.byte 14 # DW_FORM_strp
.ascii "\264B" # DW_AT_GNU_pubnames
.byte 25 # DW_FORM_flag_present
.byte 17 # DW_AT_low_pc
.byte 1 # DW_FORM_addr
.byte 18 # DW_AT_high_pc
.byte 6 # DW_FORM_data4
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 2 # Abbreviation Code
.byte 46 # DW_TAG_subprogram
.byte 0 # DW_CHILDREN_no
.byte 17 # DW_AT_low_pc
.byte 1 # DW_FORM_addr
.byte 18 # DW_AT_high_pc
.byte 6 # DW_FORM_data4
.byte 64 # DW_AT_frame_base
.byte 24 # DW_FORM_exprloc
.byte 110 # DW_AT_linkage_name
.byte 14 # DW_FORM_strp
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 58 # DW_AT_decl_file
.byte 11 # DW_FORM_data1
.byte 59 # DW_AT_decl_line
.byte 11 # DW_FORM_data1
.byte 63 # DW_AT_external
.byte 25 # DW_FORM_flag_present
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 3 # Abbreviation Code
.byte 46 # DW_TAG_subprogram
.byte 1 # DW_CHILDREN_yes
.byte 17 # DW_AT_low_pc
.byte 1 # DW_FORM_addr
.byte 18 # DW_AT_high_pc
.byte 6 # DW_FORM_data4
.byte 64 # DW_AT_frame_base
.byte 24 # DW_FORM_exprloc
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 58 # DW_AT_decl_file
.byte 11 # DW_FORM_data1
.byte 59 # DW_AT_decl_line
.byte 11 # DW_FORM_data1
.byte 73 # DW_AT_type
.byte 19 # DW_FORM_ref4
.byte 63 # DW_AT_external
.byte 25 # DW_FORM_flag_present
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 4 # Abbreviation Code
.byte 5 # DW_TAG_formal_parameter
.byte 0 # DW_CHILDREN_no
.byte 2 # DW_AT_location
.byte 24 # DW_FORM_exprloc
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 58 # DW_AT_decl_file
.byte 11 # DW_FORM_data1
.byte 59 # DW_AT_decl_line
.byte 11 # DW_FORM_data1
.byte 73 # DW_AT_type
.byte 19 # DW_FORM_ref4
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 5 # Abbreviation Code
.byte 52 # DW_TAG_variable
.byte 0 # DW_CHILDREN_no
.byte 2 # DW_AT_location
.byte 24 # DW_FORM_exprloc
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 58 # DW_AT_decl_file
.byte 11 # DW_FORM_data1
.byte 59 # DW_AT_decl_line
.byte 11 # DW_FORM_data1
.byte 73 # DW_AT_type
.byte 19 # DW_FORM_ref4
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 6 # Abbreviation Code
.byte 36 # DW_TAG_base_type
.byte 0 # DW_CHILDREN_no
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 62 # DW_AT_encoding
.byte 11 # DW_FORM_data1
.byte 11 # DW_AT_byte_size
.byte 11 # DW_FORM_data1
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 7 # Abbreviation Code
.byte 15 # DW_TAG_pointer_type
.byte 0 # DW_CHILDREN_no
.byte 73 # DW_AT_type
.byte 19 # DW_FORM_ref4
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 8 # Abbreviation Code
.byte 21 # DW_TAG_subroutine_type
.byte 0 # DW_CHILDREN_no
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 0 # EOM(3)
.section .debug_info,"",@progbits
.Lcu_begin0:
.long 187 # Length of Unit
.short 4 # DWARF version number
.long .debug_abbrev # Offset Into Abbrev. Section
.byte 8 # Address Size (in bytes)
.byte 1 # Abbrev [1] 0xb:0xb4 DW_TAG_compile_unit
.long .Linfo_string0 # DW_AT_producer
.short 4 # DW_AT_language
.long .Linfo_string1 # DW_AT_name
.long .Lline_table_start0 # DW_AT_stmt_list
.long .Linfo_string2 # DW_AT_comp_dir
# DW_AT_GNU_pubnames
.quad .Lfunc_begin0 # DW_AT_low_pc
.long .Lfunc_end2-.Lfunc_begin0 # DW_AT_high_pc
.byte 2 # Abbrev [2] 0x2a:0x19 DW_TAG_subprogram
.quad .Lfunc_begin0 # DW_AT_low_pc
.long .Lfunc_end0-.Lfunc_begin0 # DW_AT_high_pc
.byte 1 # DW_AT_frame_base
.byte 86
.long .Linfo_string3 # DW_AT_linkage_name
.long .Linfo_string4 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 1 # DW_AT_decl_line
# DW_AT_external
.byte 2 # Abbrev [2] 0x43:0x19 DW_TAG_subprogram
.quad .Lfunc_begin1 # DW_AT_low_pc
.long .Lfunc_end1-.Lfunc_begin1 # DW_AT_high_pc
.byte 1 # DW_AT_frame_base
.byte 86
.long .Linfo_string5 # DW_AT_linkage_name
.long .Linfo_string6 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 2 # DW_AT_decl_line
# DW_AT_external
.byte 3 # Abbrev [3] 0x5c:0x44 DW_TAG_subprogram
.quad .Lfunc_begin2 # DW_AT_low_pc
.long .Lfunc_end2-.Lfunc_begin2 # DW_AT_high_pc
.byte 1 # DW_AT_frame_base
.byte 86
.long .Linfo_string7 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 4 # DW_AT_decl_line
.long 160 # DW_AT_type
# DW_AT_external
.byte 4 # Abbrev [4] 0x75:0xe DW_TAG_formal_parameter
.byte 2 # DW_AT_location
.byte 145
.byte 120
.long .Linfo_string9 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 4 # DW_AT_decl_line
.long 160 # DW_AT_type
.byte 4 # Abbrev [4] 0x83:0xe DW_TAG_formal_parameter
.byte 2 # DW_AT_location
.byte 145
.byte 112
.long .Linfo_string10 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 4 # DW_AT_decl_line
.long 167 # DW_AT_type
.byte 5 # Abbrev [5] 0x91:0xe DW_TAG_variable
.byte 2 # DW_AT_location
.byte 145
.byte 104
.long .Linfo_string12 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 5 # DW_AT_decl_line
.long 184 # DW_AT_type
.byte 0 # End Of Children Mark
.byte 6 # Abbrev [6] 0xa0:0x7 DW_TAG_base_type
.long .Linfo_string8 # DW_AT_name
.byte 5 # DW_AT_encoding
.byte 4 # DW_AT_byte_size
.byte 7 # Abbrev [7] 0xa7:0x5 DW_TAG_pointer_type
.long 172 # DW_AT_type
.byte 7 # Abbrev [7] 0xac:0x5 DW_TAG_pointer_type
.long 177 # DW_AT_type
.byte 6 # Abbrev [6] 0xb1:0x7 DW_TAG_base_type
.long .Linfo_string11 # DW_AT_name
.byte 6 # DW_AT_encoding
.byte 1 # DW_AT_byte_size
.byte 7 # Abbrev [7] 0xb8:0x5 DW_TAG_pointer_type
.long 189 # DW_AT_type
.byte 8 # Abbrev [8] 0xbd:0x1 DW_TAG_subroutine_type
.byte 0 # End Of Children Mark
.section .debug_ranges,"",@progbits
.section .debug_macinfo,"",@progbits
.Lcu_macro_begin0:
.byte 0 # End Of Macro List Mark
.section .debug_pubnames,"",@progbits
.long .LpubNames_end0-.LpubNames_begin0 # Length of Public Names Info
.LpubNames_begin0:
.short 2 # DWARF Version
.long .Lcu_begin0 # Offset of Compilation Unit Info
.long 191 # Compilation Unit Length
.long 42 # DIE offset
.asciz "a" # External Name
.long 67 # DIE offset
.asciz "b" # External Name
.long 92 # DIE offset
.asciz "main" # External Name
.long 0 # End Mark
.LpubNames_end0:
.section .debug_pubtypes,"",@progbits
.long .LpubTypes_end0-.LpubTypes_begin0 # Length of Public Types Info
.LpubTypes_begin0:
.short 2 # DWARF Version
.long .Lcu_begin0 # Offset of Compilation Unit Info
.long 191 # Compilation Unit Length
.long 160 # DIE offset
.asciz "int" # External Name
.long 177 # DIE offset
.asciz "char" # External Name
.long 0 # End Mark
.LpubTypes_end0:
.ident "clang version 6.0.0 (trunk 316774)"
.section ".note.GNU-stack","",@progbits
.section .debug_line,"",@progbits
.Lline_table_start0:

test/tools/llvm-cfi-verify/X86/unprotected-nolineinfo.s

  • This file was added.
# RUN: llvm-mc %s -filetype obj -triple x86_64-linux-elf -o %t.o
# RUN: not llvm-cfi-verify %t.o 2>&1 | FileCheck %s
# CHECK: DWARF line information missing. Did you compile with '-g'?
# Source (tiny.cc):
# void a() {}
# void b() {}
# int main(int argc, char** argv) {
# void(*ptr)();
# if (argc == 1)
# ptr = &a;
# else
# ptr = &b;
# ptr();
# }
# Compile with:
# clang++ tiny.cc -S -o tiny.s
.text
.file "tiny.cc"
.globl _Z1av # -- Begin function _Z1av
.p2align 4, 0x90
.type _Z1av,@function
_Z1av: # @_Z1av
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
popq %rbp
retq
.Lfunc_end0:
.size _Z1av, .Lfunc_end0-_Z1av
.cfi_endproc
# -- End function
.globl _Z1bv # -- Begin function _Z1bv
.p2align 4, 0x90
.type _Z1bv,@function
_Z1bv: # @_Z1bv
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
popq %rbp
retq
.Lfunc_end1:
.size _Z1bv, .Lfunc_end1-_Z1bv
.cfi_endproc
# -- End function
.globl main # -- Begin function main
.p2align 4, 0x90
.type main,@function
main: # @main
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
subq $32, %rsp
movl $0, -4(%rbp)
movl %edi, -8(%rbp)
movq %rsi, -16(%rbp)
cmpl $1, -8(%rbp)
jne .LBB2_2
# BB#1:
movabsq $_Z1av, %rax
movq %rax, -24(%rbp)
jmp .LBB2_3
.LBB2_2:
movabsq $_Z1bv, %rax
movq %rax, -24(%rbp)
.LBB2_3:
callq *-24(%rbp)
movl -4(%rbp), %eax
addq $32, %rsp
popq %rbp
retq
.Lfunc_end2:
.size main, .Lfunc_end2-main
.cfi_endproc
# -- End function
.ident "clang version 6.0.0 (trunk 316774)"
.section ".note.GNU-stack","",@progbits

tools/llvm-cfi-verify/CMakeLists.txt

set(LLVM_LINK_COMPONENTS set(LLVM_LINK_COMPONENTS
AllTargetsAsmPrinters AllTargetsAsmPrinters
AllTargetsAsmParsers AllTargetsAsmParsers
AllTargetsDescs AllTargetsDescs
AllTargetsDisassemblers AllTargetsDisassemblers
AllTargetsInfos AllTargetsInfos
DebugInfoDWARF
MC MC
MCParser MCParser
Object Object
Support Support
) )
add_llvm_tool(llvm-cfi-verify add_llvm_tool(llvm-cfi-verify
llvm-cfi-verify.cpp) llvm-cfi-verify.cpp)
add_subdirectory(lib) add_subdirectory(lib)
target_link_libraries(llvm-cfi-verify LLVMCFIVerify) target_link_libraries(llvm-cfi-verify LLVMCFIVerify)

tools/llvm-cfi-verify/LLVMBuild.txt

Show All 13 Lines
; http://llvm.org/docs/LLVMBuild.html ; http://llvm.org/docs/LLVMBuild.html
; ;
;===------------------------------------------------------------------------===; ;===------------------------------------------------------------------------===;
[component_0] [component_0]
type = Tool type = Tool
name = llvm-cfi-verify name = llvm-cfi-verify
parent = Tools parent = Tools
required_libraries = all-targets MC MCDisassembler MCParser Support required_libraries = all-targets DebugInfoDWARF MC MCDisassembler MCParser Support

tools/llvm-cfi-verify/lib/CMakeLists.txt

add_library(LLVMCFIVerify add_library(LLVMCFIVerify
STATIC STATIC
FileAnalysis.cpp FileAnalysis.cpp
FileAnalysis.h FileAnalysis.h
GraphBuilder.cpp GraphBuilder.cpp
GraphBuilder.h) GraphBuilder.h)
llvm_update_compile_flags(LLVMCFIVerify) llvm_update_compile_flags(LLVMCFIVerify)
llvm_map_components_to_libnames(libs llvm_map_components_to_libnames(libs
DebugInfoDWARF
MC MC
MCParser MCParser
Object Object
Support) Support)
target_link_libraries(LLVMCFIVerify ${libs}) target_link_libraries(LLVMCFIVerify ${libs})

tools/llvm-cfi-verify/lib/FileAnalysis.h

//===- FileAnalysis.h -------------------------------------------*- C++ -*-===// //===- FileAnalysis.h -------------------------------------------*- C++ -*-===//
// //
// The LLVM Compiler Infrastructure // The LLVM Compiler Infrastructure
// //
// This file is distributed under the University of Illinois Open Source // This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details. // License. See LICENSE.TXT for details.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#ifndef LLVM_CFI_VERIFY_FILE_ANALYSIS_H #ifndef LLVM_CFI_VERIFY_FILE_ANALYSIS_H
#define LLVM_CFI_VERIFY_FILE_ANALYSIS_H #define LLVM_CFI_VERIFY_FILE_ANALYSIS_H
#include "llvm/ADT/DenseMap.h" #include "llvm/ADT/DenseMap.h"
#include "llvm/BinaryFormat/ELF.h" #include "llvm/BinaryFormat/ELF.h"
#include "llvm/DebugInfo/DWARF/DWARFContext.h"
#include "llvm/MC/MCAsmInfo.h" #include "llvm/MC/MCAsmInfo.h"
#include "llvm/MC/MCContext.h" #include "llvm/MC/MCContext.h"
#include "llvm/MC/MCDisassembler/MCDisassembler.h" #include "llvm/MC/MCDisassembler/MCDisassembler.h"
#include "llvm/MC/MCInst.h" #include "llvm/MC/MCInst.h"
#include "llvm/MC/MCInstPrinter.h" #include "llvm/MC/MCInstPrinter.h"
#include "llvm/MC/MCInstrAnalysis.h" #include "llvm/MC/MCInstrAnalysis.h"
#include "llvm/MC/MCInstrDesc.h" #include "llvm/MC/MCInstrDesc.h"
#include "llvm/MC/MCInstrInfo.h" #include "llvm/MC/MCInstrInfo.h"
▲ Show 20 LinesShow All 92 Lines▼ Show 20 Linespublic:
// Returns the list of indirect instructions. // Returns the list of indirect instructions.
const std::set<uint64_t> &getIndirectInstructions() const; const std::set<uint64_t> &getIndirectInstructions() const;
const MCRegisterInfo *getRegisterInfo() const; const MCRegisterInfo *getRegisterInfo() const;
const MCInstrInfo *getMCInstrInfo() const; const MCInstrInfo *getMCInstrInfo() const;
const MCInstrAnalysis *getMCInstrAnalysis() const; const MCInstrAnalysis *getMCInstrAnalysis() const;
// Returns true if this class is using DWARF line tables for elimination.
bool hasLineTableInfo() const;
// Returns the line table information for the range {Address +-
// DWARFSearchRange}. Returns an empty table if the address has no valid line
// table information, or this analysis object has DWARF handling disabled.
DILineInfoTable getLineInfoForAddressRange(uint64_t Address);
// Returns whether the provided address has valid line information for
// instructions in the range of Address +- DWARFSearchRange.
bool hasValidLineInfoForAddressRange(uint64_t Address);
protected: protected:
// Construct a blank object with the provided triple and features. Used in // Construct a blank object with the provided triple and features. Used in
// testing, where a sub class will dependency inject protected methods to // testing, where a sub class will dependency inject protected methods to
// allow analysis of raw binary, without requiring a fully valid ELF file. // allow analysis of raw binary, without requiring a fully valid ELF file.
FileAnalysis(const Triple &ObjectTriple, const SubtargetFeatures &Features); FileAnalysis(const Triple &ObjectTriple, const SubtargetFeatures &Features);
// Add an instruction to this object. // Add an instruction to this object.
void addInstruction(const Instr &Instruction); void addInstruction(const Instr &Instruction);
Show All 26 Linesprivate:
std::unique_ptr<MCSubtargetInfo> SubtargetInfo; std::unique_ptr<MCSubtargetInfo> SubtargetInfo;
std::unique_ptr<const MCInstrInfo> MII; std::unique_ptr<const MCInstrInfo> MII;
MCObjectFileInfo MOFI; MCObjectFileInfo MOFI;
std::unique_ptr<MCContext> Context; std::unique_ptr<MCContext> Context;
std::unique_ptr<const MCDisassembler> Disassembler; std::unique_ptr<const MCDisassembler> Disassembler;
std::unique_ptr<const MCInstrAnalysis> MIA; std::unique_ptr<const MCInstrAnalysis> MIA;
std::unique_ptr<MCInstPrinter> Printer; std::unique_ptr<MCInstPrinter> Printer;
// DWARF debug information.
std::unique_ptr<DWARFContext> DWARF;
// A mapping between the virtual memory address to the instruction metadata // A mapping between the virtual memory address to the instruction metadata
// struct. // struct. TODO(hctim): Reimplement this as a sorted vector to avoid per-
// insertion allocation.
std::map<uint64_t, Instr> Instructions; std::map<uint64_t, Instr> Instructions;
// Contains a mapping between a specific address, and a list of instructions // Contains a mapping between a specific address, and a list of instructions
// that use this address as a branch target (including call instructions). // that use this address as a branch target (including call instructions).
DenseMap<uint64_t, std::vector<uint64_t>> StaticBranchTargetings; DenseMap<uint64_t, std::vector<uint64_t>> StaticBranchTargetings;
// A list of addresses of indirect control flow instructions. // A list of addresses of indirect control flow instructions.
std::set<uint64_t> IndirectInstructions; std::set<uint64_t> IndirectInstructions;
Show All 17 Lines

tools/llvm-cfi-verify/lib/FileAnalysis.cpp

//===- FileAnalysis.cpp -----------------------------------------*- C++ -*-===// //===- FileAnalysis.cpp -----------------------------------------*- C++ -*-===//
// //
// The LLVM Compiler Infrastructure // The LLVM Compiler Infrastructure
// //
// This file is distributed under the University of Illinois Open Source // This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details. // License. See LICENSE.TXT for details.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "FileAnalysis.h" #include "FileAnalysis.h"
#include "GraphBuilder.h" #include "GraphBuilder.h"
#include "llvm/BinaryFormat/ELF.h" #include "llvm/BinaryFormat/ELF.h"
#include "llvm/DebugInfo/DWARF/DWARFContext.h"
#include "llvm/MC/MCAsmInfo.h" #include "llvm/MC/MCAsmInfo.h"
#include "llvm/MC/MCContext.h" #include "llvm/MC/MCContext.h"
#include "llvm/MC/MCDisassembler/MCDisassembler.h" #include "llvm/MC/MCDisassembler/MCDisassembler.h"
#include "llvm/MC/MCInst.h" #include "llvm/MC/MCInst.h"
#include "llvm/MC/MCInstPrinter.h" #include "llvm/MC/MCInstPrinter.h"
#include "llvm/MC/MCInstrAnalysis.h" #include "llvm/MC/MCInstrAnalysis.h"
#include "llvm/MC/MCInstrDesc.h" #include "llvm/MC/MCInstrDesc.h"
#include "llvm/MC/MCInstrInfo.h" #include "llvm/MC/MCInstrInfo.h"
Show All 15 Lines
#include <functional> #include <functional>
using Instr = llvm::cfi_verify::FileAnalysis::Instr; using Instr = llvm::cfi_verify::FileAnalysis::Instr;
namespace llvm { namespace llvm {
namespace cfi_verify { namespace cfi_verify {
static cl::opt<bool> IgnoreDWARF(
"ignore-dwarf",
cl::desc(
"Ignore all DWARF data. This relaxes the requirements for all "
"statically linked libraries to have been compiled with '-g', but "
"will result in false positives for 'CFI unprotected' instructions."),
cl::init(false));
cl::opt<unsigned long long> DWARFSearchRange(
pccUnsubmitted
Done
ReplyInline Actions

I don't think you need cl::location or the external declaration of IgnoreDWARF, because this flag is only used in this file.

pcc: I don't think you need `cl::location` or the external declaration of `IgnoreDWARF`, because…
"dwarf-search-range",
cl::desc("Address search range used to determine if instruction is valid."),
cl::init(0x10));
Expected<FileAnalysis> FileAnalysis::Create(StringRef Filename) { Expected<FileAnalysis> FileAnalysis::Create(StringRef Filename) {
// Open the filename provided. // Open the filename provided.
Expected<object::OwningBinary<object::Binary>> BinaryOrErr = Expected<object::OwningBinary<object::Binary>> BinaryOrErr =
object::createBinary(Filename); object::createBinary(Filename);
if (!BinaryOrErr) if (!BinaryOrErr)
return BinaryOrErr.takeError(); return BinaryOrErr.takeError();
// Construct the object and allow it to take ownership of the binary. // Construct the object and allow it to take ownership of the binary.
▲ Show 20 LinesShow All 236 Lines▼ Show 20 LinesError FileAnalysis::initialiseDisassemblyMembers() {
Printer.reset(ObjectTarget->createMCInstPrinter( Printer.reset(ObjectTarget->createMCInstPrinter(
ObjectTriple, AsmInfo->getAssemblerDialect(), *AsmInfo, *MII, ObjectTriple, AsmInfo->getAssemblerDialect(), *AsmInfo, *MII,
*RegisterInfo)); *RegisterInfo));
return Error::success(); return Error::success();
} }
Error FileAnalysis::parseCodeSections() { Error FileAnalysis::parseCodeSections() {
if (!IgnoreDWARF) {
DWARF.reset(DWARFContext::create(*Object).release());
if (!DWARF)
return make_error<StringError>("Could not create DWARF information.",
inconvertibleErrorCode());
bool LineInfoValid = false;
for (auto &Unit : DWARF->compile_units()) {
const auto &LineTable = DWARF->getLineTableForUnit(Unit.get());
if (LineTable && !LineTable->Rows.empty()) {
LineInfoValid = true;
break;
}
}
if (!LineInfoValid)
return make_error<StringError>(
"DWARF line information missing. Did you compile with '-g'?",
inconvertibleErrorCode());
}
for (const object::SectionRef &Section : Object->sections()) { for (const object::SectionRef &Section : Object->sections()) {
// Ensure only executable sections get analysed. // Ensure only executable sections get analysed.
if (!(object::ELFSectionRef(Section).getFlags() & ELF::SHF_EXECINSTR)) if (!(object::ELFSectionRef(Section).getFlags() & ELF::SHF_EXECINSTR))
continue; continue;
StringRef SectionContents; StringRef SectionContents;
if (Section.getContents(SectionContents)) if (Section.getContents(SectionContents))
return make_error<StringError>("Failed to retrieve section contents", return make_error<StringError>("Failed to retrieve section contents",
inconvertibleErrorCode()); inconvertibleErrorCode());
ArrayRef<uint8_t> SectionBytes((const uint8_t *)SectionContents.data(), ArrayRef<uint8_t> SectionBytes((const uint8_t *)SectionContents.data(),
Section.getSize()); Section.getSize());
parseSectionContents(SectionBytes, Section.getAddress()); parseSectionContents(SectionBytes, Section.getAddress());
} }
return Error::success(); return Error::success();
} }
DILineInfoTable FileAnalysis::getLineInfoForAddressRange(uint64_t Address) {
if (!hasLineTableInfo())
return DILineInfoTable();
return DWARF->getLineInfoForAddressRange(Address, DWARFSearchRange);
}
bool FileAnalysis::hasValidLineInfoForAddressRange(uint64_t Address) {
return !getLineInfoForAddressRange(Address).empty();
}
bool FileAnalysis::hasLineTableInfo() const { return DWARF != nullptr; }
void FileAnalysis::parseSectionContents(ArrayRef<uint8_t> SectionBytes, void FileAnalysis::parseSectionContents(ArrayRef<uint8_t> SectionBytes,
uint64_t SectionAddress) { uint64_t SectionAddress) {
MCInst Instruction; MCInst Instruction;
Instr InstrMeta; Instr InstrMeta;
uint64_t InstructionSize; uint64_t InstructionSize;
for (uint64_t Byte = 0; Byte < SectionBytes.size();) { for (uint64_t Byte = 0; Byte < SectionBytes.size();) {
bool ValidInstruction = bool ValidInstruction =
Disassembler->getInstruction(Instruction, InstructionSize, Disassembler->getInstruction(Instruction, InstructionSize,
SectionBytes.drop_front(Byte), 0, nulls(), SectionBytes.drop_front(Byte), 0, nulls(),
outs()) == MCDisassembler::Success; outs()) == MCDisassembler::Success;
Byte += InstructionSize; Byte += InstructionSize;
uint64_t VMAddress = SectionAddress + Byte - InstructionSize; uint64_t VMAddress = SectionAddress + Byte - InstructionSize;
InstrMeta.Instruction = Instruction; InstrMeta.Instruction = Instruction;
InstrMeta.VMAddress = VMAddress; InstrMeta.VMAddress = VMAddress;
InstrMeta.InstructionSize = InstructionSize; InstrMeta.InstructionSize = InstructionSize;
InstrMeta.Valid = ValidInstruction; InstrMeta.Valid = ValidInstruction;
// Check if this instruction exists in the range of the DWARF metadata.
if (hasLineTableInfo() && !hasValidLineInfoForAddressRange(VMAddress))
continue;
addInstruction(InstrMeta); addInstruction(InstrMeta);
if (!ValidInstruction) if (!ValidInstruction)
continue; continue;
// Skip additional parsing for instructions that do not affect the control // Skip additional parsing for instructions that do not affect the control
// flow. // flow.
const auto &InstrDesc = MII->get(Instruction.getOpcode()); const auto &InstrDesc = MII->get(Instruction.getOpcode());
▲ Show 20 LinesShow All 41 LinesShow Last 20 Lines

tools/llvm-cfi-verify/lib/GraphBuilder.cpp

Show First 20 LinesShow All 215 Lines▼ Show 20 Lines if (!ParentDesc.mayAffectControlFlow(ParentMeta.Instruction,
// If this cross reference doesn't affect CF, continue the graph. // If this cross reference doesn't affect CF, continue the graph.
buildFlowGraphImpl(Analysis, OpenedNodes, Result, ParentMeta.VMAddress, buildFlowGraphImpl(Analysis, OpenedNodes, Result, ParentMeta.VMAddress,
Depth + 1); Depth + 1);
Result.IntermediateNodes[ParentMeta.VMAddress] = Address; Result.IntermediateNodes[ParentMeta.VMAddress] = Address;
HasValidCrossRef = true; HasValidCrossRef = true;
continue; continue;
} }
// Call instructions are not valid in the upwards traversal.
if (ParentDesc.isCall()) {
Result.IntermediateNodes[ParentMeta.VMAddress] = Address;
Result.OrphanedNodes.push_back(ParentMeta.VMAddress);
continue;
}
// Evaluate the branch target to ascertain whether this XRef is the result // Evaluate the branch target to ascertain whether this XRef is the result
// of a fallthrough or the target of a branch. // of a fallthrough or the target of a branch.
uint64_t BranchTarget; uint64_t BranchTarget;
if (!Analysis.getMCInstrAnalysis()->evaluateBranch( if (!Analysis.getMCInstrAnalysis()->evaluateBranch(
ParentMeta.Instruction, ParentMeta.VMAddress, ParentMeta.Instruction, ParentMeta.VMAddress,
ParentMeta.InstructionSize, BranchTarget)) { ParentMeta.InstructionSize, BranchTarget)) {
errs() << "Failed to evaluate branch target for instruction at address " errs() << "Failed to evaluate branch target for instruction at address "
<< format_hex(ParentMeta.VMAddress, 2) << ".\n"; << format_hex(ParentMeta.VMAddress, 2) << ".\n";
▲ Show 20 LinesShow All 60 LinesShow Last 20 Lines

tools/llvm-cfi-verify/lib/LLVMBuild.txt

Show All 13 Lines
; http://llvm.org/docs/LLVMBuild.html ; http://llvm.org/docs/LLVMBuild.html
; ;
;===------------------------------------------------------------------------===; ;===------------------------------------------------------------------------===;
[component_0] [component_0]
type = Library type = Library
name = CFIVerify name = CFIVerify
parent = Libraries parent = Libraries
required_libraries = MC MCDisassembler MCParser Support required_libraries = DebugInfoDWARF MC MCDisassembler MCParser Support

tools/llvm-cfi-verify/llvm-cfi-verify.cpp

Show All 16 Lines
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "lib/FileAnalysis.h" #include "lib/FileAnalysis.h"
#include "llvm/BinaryFormat/ELF.h" #include "llvm/BinaryFormat/ELF.h"
#include "llvm/Support/CommandLine.h" #include "llvm/Support/CommandLine.h"
#include "llvm/Support/Error.h" #include "llvm/Support/Error.h"
#include "llvm/Support/FormatVariadic.h"
#include <cstdlib> #include <cstdlib>
using namespace llvm; using namespace llvm;
using namespace llvm::object; using namespace llvm::object;
using namespace llvm::cfi_verify; using namespace llvm::cfi_verify;
cl::opt<std::string> InputFilename(cl::Positional, cl::desc("<input file>"), cl::opt<std::string> InputFilename(cl::Positional, cl::desc("<input file>"),
cl::Required); cl::Required);
ExitOnError ExitOnErr; ExitOnError ExitOnErr;
void printIndirectCFInstructions(const FileAnalysis &Verifier) { void printIndirectCFInstructions(FileAnalysis &Analysis) {
for (uint64_t Address : Verifier.getIndirectInstructions()) { uint64_t ProtectedCount = 0;
const auto &InstrMeta = Verifier.getInstructionOrDie(Address); uint64_t UnprotectedCount = 0;
for (uint64_t Address : Analysis.getIndirectInstructions()) {
const auto &InstrMeta = Analysis.getInstructionOrDie(Address);
if (Analysis.isIndirectInstructionCFIProtected(Address)) {
outs() << "P ";
ProtectedCount++;
} else {
outs() << "U ";
UnprotectedCount++;
}
outs() << format_hex(Address, 2) << " |" outs() << format_hex(Address, 2) << " | "
<< Verifier.getMCInstrInfo()->getName( << Analysis.getMCInstrInfo()->getName(
InstrMeta.Instruction.getOpcode()) InstrMeta.Instruction.getOpcode())
<< " "; << " ";
InstrMeta.Instruction.print(outs());
outs() << "\n"; outs() << "\n";
outs() << " Protected? "
<< Verifier.isIndirectInstructionCFIProtected(Address) << "\n"; if (Analysis.hasLineTableInfo()) {
for (const auto &LineKV : Analysis.getLineInfoForAddressRange(Address)) {
outs() << " " << format_hex(LineKV.first, 2) << " = "
<< LineKV.second.FileName << ":" << LineKV.second.Line << ":"
<< LineKV.second.Column << " (" << LineKV.second.FunctionName
<< ")\n";
} }
} }
}
if (ProtectedCount || UnprotectedCount)
outs() << formatv(
"Unprotected: {0} ({1:P}), Protected: {2} ({3:P})\n", UnprotectedCount,
(((double)UnprotectedCount) / (UnprotectedCount + ProtectedCount)),
ProtectedCount,
(((double)ProtectedCount) / (UnprotectedCount + ProtectedCount)));
else
outs() << "No indirect CF instructions found.\n";
}
int main(int argc, char **argv) { int main(int argc, char **argv) {
cl::ParseCommandLineOptions(argc, argv); cl::ParseCommandLineOptions(
argc, argv,
"Identifies whether Control Flow Integrity protects all indirect control "
"flow instructions in the provided object file, DSO or binary.\nNote: "
"Anything statically linked into the provided file *must* be compiled "
"with '-g'. This can be relaxed through the '--ignore-dwarf' flag.");
InitializeAllTargetInfos(); InitializeAllTargetInfos();
InitializeAllTargetMCs(); InitializeAllTargetMCs();
InitializeAllAsmParsers(); InitializeAllAsmParsers();
InitializeAllDisassemblers(); InitializeAllDisassemblers();
FileAnalysis Verifier = ExitOnErr(FileAnalysis::Create(InputFilename)); FileAnalysis Analysis = ExitOnErr(FileAnalysis::Create(InputFilename));
printIndirectCFInstructions(Verifier); printIndirectCFInstructions(Analysis);
return EXIT_SUCCESS; return EXIT_SUCCESS;
} }

unittests/tools/llvm-cfi-verify/FileAnalysis.cpp

Show First 20 LinesShow All 100 Lines▼ Show 20 LinesTEST_F(BasicFileAnalysisTest, BasicDisassemblyTraversalTest) {
// 0xDEADBEEF: nop // 0xDEADBEEF: nop
const auto *InstrMeta = Analysis.getInstruction(0xDEADBEEF); const auto *InstrMeta = Analysis.getInstruction(0xDEADBEEF);
EXPECT_NE(nullptr, InstrMeta); EXPECT_NE(nullptr, InstrMeta);
EXPECT_EQ(0xDEADBEEF, InstrMeta->VMAddress); EXPECT_EQ(0xDEADBEEF, InstrMeta->VMAddress);
EXPECT_EQ(1u, InstrMeta->InstructionSize); EXPECT_EQ(1u, InstrMeta->InstructionSize);
EXPECT_TRUE(InstrMeta->Valid); EXPECT_TRUE(InstrMeta->Valid);
const auto *NextInstrMeta = Analysis.getNextInstructionSequential(*InstrMeta); const auto *NextInstrMeta =
Analysis.getNextInstructionSequential(*InstrMeta);
EXPECT_EQ(nullptr, Analysis.getPrevInstructionSequential(*InstrMeta)); EXPECT_EQ(nullptr, Analysis.getPrevInstructionSequential(*InstrMeta));
const auto *PrevInstrMeta = InstrMeta; const auto *PrevInstrMeta = InstrMeta;
// 0xDEADBEEF + 1: mov $0x0, %al // 0xDEADBEEF + 1: mov $0x0, %al
InstrMeta = Analysis.getInstruction(0xDEADBEEF + 1); InstrMeta = Analysis.getInstruction(0xDEADBEEF + 1);
EXPECT_NE(nullptr, InstrMeta); EXPECT_NE(nullptr, InstrMeta);
EXPECT_EQ(NextInstrMeta, InstrMeta); EXPECT_EQ(NextInstrMeta, InstrMeta);
EXPECT_EQ(0xDEADBEEF + 1, InstrMeta->VMAddress); EXPECT_EQ(0xDEADBEEF + 1, InstrMeta->VMAddress);
▲ Show 20 LinesShow All 359 Lines▼ Show 20 LinesTEST_F(BasicFileAnalysisTest, ControlFlowXRefsTest) {
XRefs = Analysis.getDirectControlFlowXRefs(*InstrMetaPtr); XRefs = Analysis.getDirectControlFlowXRefs(*InstrMetaPtr);
EXPECT_TRUE(Analysis.getDirectControlFlowXRefs(*InstrMetaPtr).empty()); EXPECT_TRUE(Analysis.getDirectControlFlowXRefs(*InstrMetaPtr).empty());
InstrMetaPtr = &Analysis.getInstructionOrDie(0xDEADBEEF + 38); InstrMetaPtr = &Analysis.getInstructionOrDie(0xDEADBEEF + 38);
XRefs = Analysis.getDirectControlFlowXRefs(*InstrMetaPtr); XRefs = Analysis.getDirectControlFlowXRefs(*InstrMetaPtr);
EXPECT_TRUE(Analysis.getDirectControlFlowXRefs(*InstrMetaPtr).empty()); EXPECT_TRUE(Analysis.getDirectControlFlowXRefs(*InstrMetaPtr).empty());
} }
TEST_F(BasicFileAnalysisTest, CFIProtectionInvalidTargets) { TEST_F(BasicFileAnalysisTest, CFIProtectionInvalidTargets) {
pccUnsubmitted
Not Done
ReplyInline Actions

Am I missing something, or should these new tests include DWARF information?

pcc: Am I missing something, or should these new tests include DWARF information?
if (!SuccessfullyInitialised) if (!SuccessfullyInitialised)
return; return;
Analysis.parseSectionContents( Analysis.parseSectionContents(
{ {
0x90, // 0: nop 0x90, // 0: nop
0x0f, 0x0b, // 1: ud2 0x0f, 0x0b, // 1: ud2
0x75, 0x00, // 3: jne 5 [+0] 0x75, 0x00, // 3: jne 5 [+0]
}, },
▲ Show 20 LinesShow All 177 LinesShow Last 20 Lines