This is an archive of the discontinued LLVM Phabricator instance.

Differential D39525

[cfi-verify] Add blacklist parsing for result filtering.
ClosedPublic

Authored by hctim on Nov 1 2017, 6:24 PM.

Details

Reviewers
vlad.tsyrklevich
Commits
rGc15bdf559815: [cfi-verify] Add blacklist parsing for result filtering.
rL317364: [cfi-verify] Add blacklist parsing for result filtering.
Summary

Adds blacklist parsing behaviour for filtering results into four categories:

  • Expected Protected: Things that are not in the blacklist and are protected.
  • Unexpected Protected: Things that are in the blacklist and are protected.
  • Expected Unprotected: Things that are in the blacklist and are unprotected.
  • Unexpected Unprotected: Things that are not in the blacklist and are unprotected.

llvm-cfi-verify now can optionally be invoked with a second command line argument, which specifies the blacklist file that the binary was built with.

Current -fsanitize=cfi-vcall,cfi-icall statistics for chromium:

Expected Protected: 100375 (69.00%)
Unexpected Protected: 12171 (8.37%)
Expected Unprotected: 16207 (11.14%)
Unexpected Unprotected (BAD): 16726 (11.50%)

Diff Detail

Event Timeline

hctim created this revision.Nov 1 2017, 6:24 PM
Herald added a subscriber: mgorny. · View Herald TranscriptNov 1 2017, 6:24 PM
hctim added a parent revision: D38658: [cfi-verify] Add an interesting unit test where undef search length changes result..Nov 1 2017, 6:24 PM
vlad.tsyrklevich edited edge metadata.Nov 2 2017, 12:52 PM

I think there are some mistakes in the (Un)?expected (Un)?protected summary description that should be fixed as well.

tools/llvm-cfi-verify/lib/FileAnalysis.cpp
383

Will this do what we expect when !LineInfo?

tools/llvm-cfi-verify/llvm-cfi-verify.cpp
109

vcall?

unittests/tools/llvm-cfi-verify/GraphBuilder.cpp
129

Could we rename this to IgnoreDwarfFlag? Would make it a little clearer what was happening here.

hctim updated this revision to Diff 121357.Nov 2 2017, 1:25 PM
hctim marked 3 inline comments as done.
hctim edited the summary of this revision. (Show Details)

Updated with Vlad's comments, and rebased against master.

Harbormaster completed remote builds in B11775: Diff 121357.Nov 2 2017, 1:25 PM
vlad.tsyrklevich accepted this revision.Nov 3 2017, 10:37 AM
vlad.tsyrklevich added inline comments.
tools/llvm-cfi-verify/llvm-cfi-verify.cpp
54

bool CFIProtected = Analysis.isIndirect... is a little clearer.

59

No braces here.

This revision is now accepted and ready to land.Nov 3 2017, 10:37 AM
hctim updated this revision to Diff 121544.Nov 3 2017, 1:52 PM
hctim marked 2 inline comments as done.

Updated with Vlad's comments and merged in master in preparation for submission.

Harbormaster completed remote builds in B11818: Diff 121544.Nov 3 2017, 1:52 PM
Closed by commit rL317364: [cfi-verify] Add blacklist parsing for result filtering. (authored by hctim). · Explain WhyNov 3 2017, 1:55 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

Diff 121357

test/tools/llvm-cfi-verify/X86/Inputs/protected-lineinfo.s

  • This file was added.
# Source (tiny.cc):
# void a() {}
# void b() {}
# int main(int argc, char** argv) {
# void(*ptr)();
# if (argc == 1)
# ptr = &a;
# else
# ptr = &b;
# ptr();
# }
# Compile with (output is in tiny.s.0):
# clang++ -flto -fsanitize=cfi -fvisibility=hidden -c tiny.cc -o tiny.o -gmlt
# clang++ tiny.o -o tiny -flto -fuse-ld=gold -Wl,-plugin-opt,save-temps
# clang++ -fsanitize=cfi -flto -fvisibility=hidden -c tiny.cc -o tiny.o -gmlt
# llvm-lto2 run @tiny.resolution.txt -o tiny.s -filetype=asm
.text
.file "ld-temp.o"
.p2align 4, 0x90
.type _Z1av.cfi,@function
_Z1av.cfi:
.Lfunc_begin0:
.file 1 "tiny.cc"
.loc 1 1 0
.cfi_startproc
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp0:
.loc 1 1 11 prologue_end
popq %rbp
retq
.Ltmp1:
.Lfunc_end0:
.size _Z1av.cfi, .Lfunc_end0-_Z1av.cfi
.cfi_endproc
.p2align 4, 0x90
.type _Z1bv.cfi,@function
_Z1bv.cfi:
.Lfunc_begin1:
.loc 1 2 0
.cfi_startproc
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp2:
.loc 1 2 11 prologue_end
popq %rbp
retq
.Ltmp3:
.Lfunc_end1:
.size _Z1bv.cfi, .Lfunc_end1-_Z1bv.cfi
.cfi_endproc
.hidden main
.globl main
.p2align 4, 0x90
.type main,@function
main:
.Lfunc_begin2:
.loc 1 4 0
.cfi_startproc
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
subq $32, %rsp
movl $0, -8(%rbp)
movl %edi, -4(%rbp)
movq %rsi, -24(%rbp)
.Ltmp4:
.loc 1 6 12 prologue_end
cmpl $1, -4(%rbp)
.loc 1 6 7 is_stmt 0
jne .LBB2_2
.loc 1 0 7
leaq _Z1av(%rip), %rax
.loc 1 7 9 is_stmt 1
movq %rax, -16(%rbp)
.loc 1 7 5 is_stmt 0
jmp .LBB2_3
.LBB2_2:
.loc 1 0 5
leaq _Z1bv(%rip), %rax
.loc 1 9 9 is_stmt 1
movq %rax, -16(%rbp)
.LBB2_3:
.loc 1 0 9 is_stmt 0
leaq .L.cfi.jumptable(%rip), %rcx
.loc 1 11 3 is_stmt 1
movq -16(%rbp), %rax
movq %rax, %rdx
subq %rcx, %rdx
movq %rdx, %rcx
shrq $3, %rcx
shlq $61, %rdx
orq %rcx, %rdx
cmpq $1, %rdx
jbe .LBB2_5
ud2
.LBB2_5:
callq *%rax
.loc 1 12 1
movl -8(%rbp), %eax
addq $32, %rsp
popq %rbp
retq
.Ltmp5:
.Lfunc_end2:
.size main, .Lfunc_end2-main
.cfi_endproc
.p2align 3, 0x90
.type .L.cfi.jumptable,@function
.L.cfi.jumptable:
.Lfunc_begin3:
.cfi_startproc
#APP
jmp _Z1av.cfi@PLT
int3
int3
int3
jmp _Z1bv.cfi@PLT
int3
int3
int3
#NO_APP
.Lfunc_end3:
.size .L.cfi.jumptable, .Lfunc_end3-.L.cfi.jumptable
.cfi_endproc
.section .debug_str,"MS",@progbits,1
.Linfo_string0:
.asciz "clang version 6.0.0 (trunk 316774)"
.Linfo_string1:
.asciz "tiny.cc"
.Linfo_string2:
.asciz ""
.section .debug_abbrev,"",@progbits
.byte 1
.byte 17
.byte 0
.byte 37
.byte 14
.byte 19
.byte 5
.byte 3
.byte 14
.byte 16
.byte 23
.byte 27
.byte 14
.byte 17
.byte 1
.byte 18
.byte 6
.byte 0
.byte 0
.byte 0
.section .debug_info,"",@progbits
.Lcu_begin0:
.long 38
.short 4
.long .debug_abbrev
.byte 8
.byte 1
.long .Linfo_string0
.short 4
.long .Linfo_string1
.long .Lline_table_start0
.long .Linfo_string2
.quad .Lfunc_begin0
.long .Lfunc_end2-.Lfunc_begin0
.section .debug_ranges,"",@progbits
.section .debug_macinfo,"",@progbits
.Lcu_macro_begin0:
.byte 0
.type _Z1av,@function
_Z1av = .L.cfi.jumptable
.type _Z1bv,@function
_Z1bv = .L.cfi.jumptable+8
.ident "clang version 6.0.0 (trunk 316774)"
.section ".note.GNU-stack","",@progbits
.section .debug_line,"",@progbits
.Lline_table_start0:

test/tools/llvm-cfi-verify/X86/Inputs/unprotected-fullinfo.s

  • This file was added.
# Source (tiny.cc):
# void a() {}
# void b() {}
# int main(int argc, char** argv) {
# void(*ptr)();
# if (argc == 1)
# ptr = &a;
# else
# ptr = &b;
# ptr();
# }
# Compile with:
# clang++ -g tiny.cc -S -o tiny.s
.text
.file "tiny.cc"
.globl _Z1av # -- Begin function _Z1av
.p2align 4, 0x90
.type _Z1av,@function
_Z1av: # @_Z1av
.Lfunc_begin0:
.file 1 "tiny.cc"
.loc 1 1 0 # tiny.cc:1:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp0:
.loc 1 1 11 prologue_end # tiny.cc:1:11
popq %rbp
.cfi_def_cfa %rsp, 8
retq
.Ltmp1:
.Lfunc_end0:
.size _Z1av, .Lfunc_end0-_Z1av
.cfi_endproc
# -- End function
.globl _Z1bv # -- Begin function _Z1bv
.p2align 4, 0x90
.type _Z1bv,@function
_Z1bv: # @_Z1bv
.Lfunc_begin1:
.loc 1 2 0 # tiny.cc:2:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp2:
.loc 1 2 11 prologue_end # tiny.cc:2:11
popq %rbp
.cfi_def_cfa %rsp, 8
retq
.Ltmp3:
.Lfunc_end1:
.size _Z1bv, .Lfunc_end1-_Z1bv
.cfi_endproc
# -- End function
.globl main # -- Begin function main
.p2align 4, 0x90
.type main,@function
main: # @main
.Lfunc_begin2:
.loc 1 4 0 # tiny.cc:4:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
subq $32, %rsp
movl $0, -4(%rbp)
movl %edi, -8(%rbp)
movq %rsi, -16(%rbp)
.Ltmp4:
.loc 1 6 12 prologue_end # tiny.cc:6:12
cmpl $1, -8(%rbp)
.Ltmp5:
.loc 1 6 7 is_stmt 0 # tiny.cc:6:7
jne .LBB2_2
# BB#1:
.loc 1 0 7 # tiny.cc:0:7
movabsq $_Z1av, %rax
.Ltmp6:
.loc 1 7 9 is_stmt 1 # tiny.cc:7:9
movq %rax, -24(%rbp)
.loc 1 7 5 is_stmt 0 # tiny.cc:7:5
jmp .LBB2_3
.LBB2_2:
.loc 1 0 5 # tiny.cc:0:5
movabsq $_Z1bv, %rax
.loc 1 9 9 is_stmt 1 # tiny.cc:9:9
movq %rax, -24(%rbp)
.Ltmp7:
.LBB2_3:
.loc 1 11 3 # tiny.cc:11:3
callq *-24(%rbp)
.loc 1 12 1 # tiny.cc:12:1
movl -4(%rbp), %eax
addq $32, %rsp
popq %rbp
.cfi_def_cfa %rsp, 8
retq
.Ltmp8:
.Lfunc_end2:
.size main, .Lfunc_end2-main
.cfi_endproc
# -- End function
.section .debug_str,"MS",@progbits,1
.Linfo_string0:
.asciz "clang version 6.0.0 (trunk 317104)" # string offset=0
.Linfo_string1:
.asciz "tiny.cc" # string offset=35
.Linfo_string2:
.asciz "/tmp/a/b" # string offset=43
.Linfo_string3:
.asciz "_Z1av" # string offset=52
.Linfo_string4:
.asciz "a" # string offset=58
.Linfo_string5:
.asciz "_Z1bv" # string offset=60
.Linfo_string6:
.asciz "b" # string offset=66
.Linfo_string7:
.asciz "main" # string offset=68
.Linfo_string8:
.asciz "int" # string offset=73
.Linfo_string9:
.asciz "argc" # string offset=77
.Linfo_string10:
.asciz "argv" # string offset=82
.Linfo_string11:
.asciz "char" # string offset=87
.Linfo_string12:
.asciz "ptr" # string offset=92
.section .debug_abbrev,"",@progbits
.byte 1 # Abbreviation Code
.byte 17 # DW_TAG_compile_unit
.byte 1 # DW_CHILDREN_yes
.byte 37 # DW_AT_producer
.byte 14 # DW_FORM_strp
.byte 19 # DW_AT_language
.byte 5 # DW_FORM_data2
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 16 # DW_AT_stmt_list
.byte 23 # DW_FORM_sec_offset
.byte 27 # DW_AT_comp_dir
.byte 14 # DW_FORM_strp
.ascii "\264B" # DW_AT_GNU_pubnames
.byte 25 # DW_FORM_flag_present
.byte 17 # DW_AT_low_pc
.byte 1 # DW_FORM_addr
.byte 18 # DW_AT_high_pc
.byte 6 # DW_FORM_data4
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 2 # Abbreviation Code
.byte 46 # DW_TAG_subprogram
.byte 0 # DW_CHILDREN_no
.byte 17 # DW_AT_low_pc
.byte 1 # DW_FORM_addr
.byte 18 # DW_AT_high_pc
.byte 6 # DW_FORM_data4
.byte 64 # DW_AT_frame_base
.byte 24 # DW_FORM_exprloc
.byte 110 # DW_AT_linkage_name
.byte 14 # DW_FORM_strp
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 58 # DW_AT_decl_file
.byte 11 # DW_FORM_data1
.byte 59 # DW_AT_decl_line
.byte 11 # DW_FORM_data1
.byte 63 # DW_AT_external
.byte 25 # DW_FORM_flag_present
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 3 # Abbreviation Code
.byte 46 # DW_TAG_subprogram
.byte 1 # DW_CHILDREN_yes
.byte 17 # DW_AT_low_pc
.byte 1 # DW_FORM_addr
.byte 18 # DW_AT_high_pc
.byte 6 # DW_FORM_data4
.byte 64 # DW_AT_frame_base
.byte 24 # DW_FORM_exprloc
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 58 # DW_AT_decl_file
.byte 11 # DW_FORM_data1
.byte 59 # DW_AT_decl_line
.byte 11 # DW_FORM_data1
.byte 73 # DW_AT_type
.byte 19 # DW_FORM_ref4
.byte 63 # DW_AT_external
.byte 25 # DW_FORM_flag_present
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 4 # Abbreviation Code
.byte 5 # DW_TAG_formal_parameter
.byte 0 # DW_CHILDREN_no
.byte 2 # DW_AT_location
.byte 24 # DW_FORM_exprloc
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 58 # DW_AT_decl_file
.byte 11 # DW_FORM_data1
.byte 59 # DW_AT_decl_line
.byte 11 # DW_FORM_data1
.byte 73 # DW_AT_type
.byte 19 # DW_FORM_ref4
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 5 # Abbreviation Code
.byte 52 # DW_TAG_variable
.byte 0 # DW_CHILDREN_no
.byte 2 # DW_AT_location
.byte 24 # DW_FORM_exprloc
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 58 # DW_AT_decl_file
.byte 11 # DW_FORM_data1
.byte 59 # DW_AT_decl_line
.byte 11 # DW_FORM_data1
.byte 73 # DW_AT_type
.byte 19 # DW_FORM_ref4
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 6 # Abbreviation Code
.byte 36 # DW_TAG_base_type
.byte 0 # DW_CHILDREN_no
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 62 # DW_AT_encoding
.byte 11 # DW_FORM_data1
.byte 11 # DW_AT_byte_size
.byte 11 # DW_FORM_data1
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 7 # Abbreviation Code
.byte 15 # DW_TAG_pointer_type
.byte 0 # DW_CHILDREN_no
.byte 73 # DW_AT_type
.byte 19 # DW_FORM_ref4
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 8 # Abbreviation Code
.byte 21 # DW_TAG_subroutine_type
.byte 0 # DW_CHILDREN_no
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 0 # EOM(3)
.section .debug_info,"",@progbits
.Lcu_begin0:
.long 187 # Length of Unit
.short 4 # DWARF version number
.long .debug_abbrev # Offset Into Abbrev. Section
.byte 8 # Address Size (in bytes)
.byte 1 # Abbrev [1] 0xb:0xb4 DW_TAG_compile_unit
.long .Linfo_string0 # DW_AT_producer
.short 4 # DW_AT_language
.long .Linfo_string1 # DW_AT_name
.long .Lline_table_start0 # DW_AT_stmt_list
.long .Linfo_string2 # DW_AT_comp_dir
# DW_AT_GNU_pubnames
.quad .Lfunc_begin0 # DW_AT_low_pc
.long .Lfunc_end2-.Lfunc_begin0 # DW_AT_high_pc
.byte 2 # Abbrev [2] 0x2a:0x19 DW_TAG_subprogram
.quad .Lfunc_begin0 # DW_AT_low_pc
.long .Lfunc_end0-.Lfunc_begin0 # DW_AT_high_pc
.byte 1 # DW_AT_frame_base
.byte 86
.long .Linfo_string3 # DW_AT_linkage_name
.long .Linfo_string4 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 1 # DW_AT_decl_line
# DW_AT_external
.byte 2 # Abbrev [2] 0x43:0x19 DW_TAG_subprogram
.quad .Lfunc_begin1 # DW_AT_low_pc
.long .Lfunc_end1-.Lfunc_begin1 # DW_AT_high_pc
.byte 1 # DW_AT_frame_base
.byte 86
.long .Linfo_string5 # DW_AT_linkage_name
.long .Linfo_string6 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 2 # DW_AT_decl_line
# DW_AT_external
.byte 3 # Abbrev [3] 0x5c:0x44 DW_TAG_subprogram
.quad .Lfunc_begin2 # DW_AT_low_pc
.long .Lfunc_end2-.Lfunc_begin2 # DW_AT_high_pc
.byte 1 # DW_AT_frame_base
.byte 86
.long .Linfo_string7 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 4 # DW_AT_decl_line
.long 160 # DW_AT_type
# DW_AT_external
.byte 4 # Abbrev [4] 0x75:0xe DW_TAG_formal_parameter
.byte 2 # DW_AT_location
.byte 145
.byte 120
.long .Linfo_string9 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 4 # DW_AT_decl_line
.long 160 # DW_AT_type
.byte 4 # Abbrev [4] 0x83:0xe DW_TAG_formal_parameter
.byte 2 # DW_AT_location
.byte 145
.byte 112
.long .Linfo_string10 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 4 # DW_AT_decl_line
.long 167 # DW_AT_type
.byte 5 # Abbrev [5] 0x91:0xe DW_TAG_variable
.byte 2 # DW_AT_location
.byte 145
.byte 104
.long .Linfo_string12 # DW_AT_name
.byte 1 # DW_AT_decl_file
.byte 5 # DW_AT_decl_line
.long 184 # DW_AT_type
.byte 0 # End Of Children Mark
.byte 6 # Abbrev [6] 0xa0:0x7 DW_TAG_base_type
.long .Linfo_string8 # DW_AT_name
.byte 5 # DW_AT_encoding
.byte 4 # DW_AT_byte_size
.byte 7 # Abbrev [7] 0xa7:0x5 DW_TAG_pointer_type
.long 172 # DW_AT_type
.byte 7 # Abbrev [7] 0xac:0x5 DW_TAG_pointer_type
.long 177 # DW_AT_type
.byte 6 # Abbrev [6] 0xb1:0x7 DW_TAG_base_type
.long .Linfo_string11 # DW_AT_name
.byte 6 # DW_AT_encoding
.byte 1 # DW_AT_byte_size
.byte 7 # Abbrev [7] 0xb8:0x5 DW_TAG_pointer_type
.long 189 # DW_AT_type
.byte 8 # Abbrev [8] 0xbd:0x1 DW_TAG_subroutine_type
.byte 0 # End Of Children Mark
.section .debug_ranges,"",@progbits
.section .debug_macinfo,"",@progbits
.Lcu_macro_begin0:
.byte 0 # End Of Macro List Mark
.section .debug_pubnames,"",@progbits
.long .LpubNames_end0-.LpubNames_begin0 # Length of Public Names Info
.LpubNames_begin0:
.short 2 # DWARF Version
.long .Lcu_begin0 # Offset of Compilation Unit Info
.long 191 # Compilation Unit Length
.long 42 # DIE offset
.asciz "a" # External Name
.long 67 # DIE offset
.asciz "b" # External Name
.long 92 # DIE offset
.asciz "main" # External Name
.long 0 # End Mark
.LpubNames_end0:
.section .debug_pubtypes,"",@progbits
.long .LpubTypes_end0-.LpubTypes_begin0 # Length of Public Types Info
.LpubTypes_begin0:
.short 2 # DWARF Version
.long .Lcu_begin0 # Offset of Compilation Unit Info
.long 191 # Compilation Unit Length
.long 160 # DIE offset
.asciz "int" # External Name
.long 177 # DIE offset
.asciz "char" # External Name
.long 0 # End Mark
.LpubTypes_end0:
.ident "clang version 6.0.0 (trunk 317104)"
.section ".note.GNU-stack","",@progbits
.section .debug_line,"",@progbits
.Lline_table_start0:

test/tools/llvm-cfi-verify/X86/Inputs/unprotected-lineinfo.s

  • This file was added.
# Source (tiny.cc):
# void a() {}
# void b() {}
# int main(int argc, char** argv) {
# void(*ptr)();
# if (argc == 1)
# ptr = &a;
# else
# ptr = &b;
# ptr();
# }
# Compile with:
# clang++ -gmlt tiny.cc -S -o tiny.s
.text
.file "tiny.cc"
.globl _Z1av # -- Begin function _Z1av
.p2align 4, 0x90
.type _Z1av,@function
_Z1av: # @_Z1av
.Lfunc_begin0:
.file 1 "tiny.cc"
.loc 1 1 0 # tiny.cc:1:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp0:
.loc 1 1 11 prologue_end # tiny.cc:1:11
popq %rbp
retq
.Ltmp1:
.Lfunc_end0:
.size _Z1av, .Lfunc_end0-_Z1av
.cfi_endproc
# -- End function
.globl _Z1bv # -- Begin function _Z1bv
.p2align 4, 0x90
.type _Z1bv,@function
_Z1bv: # @_Z1bv
.Lfunc_begin1:
.loc 1 2 0 # tiny.cc:2:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp2:
.loc 1 2 11 prologue_end # tiny.cc:2:11
popq %rbp
retq
.Ltmp3:
.Lfunc_end1:
.size _Z1bv, .Lfunc_end1-_Z1bv
.cfi_endproc
# -- End function
.globl main # -- Begin function main
.p2align 4, 0x90
.type main,@function
main: # @main
.Lfunc_begin2:
.loc 1 4 0 # tiny.cc:4:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
subq $32, %rsp
movl $0, -4(%rbp)
movl %edi, -8(%rbp)
movq %rsi, -16(%rbp)
.Ltmp4:
.loc 1 6 12 prologue_end # tiny.cc:6:12
cmpl $1, -8(%rbp)
.loc 1 6 7 is_stmt 0 # tiny.cc:6:7
jne .LBB2_2
# BB#1:
.loc 1 0 7 # tiny.cc:0:7
movabsq $_Z1av, %rax
.loc 1 7 9 is_stmt 1 # tiny.cc:7:9
movq %rax, -24(%rbp)
.loc 1 7 5 is_stmt 0 # tiny.cc:7:5
jmp .LBB2_3
.LBB2_2:
.loc 1 0 5 # tiny.cc:0:5
movabsq $_Z1bv, %rax
.loc 1 9 9 is_stmt 1 # tiny.cc:9:9
movq %rax, -24(%rbp)
.LBB2_3:
.loc 1 11 3 # tiny.cc:11:3
callq *-24(%rbp)
.loc 1 12 1 # tiny.cc:12:1
movl -4(%rbp), %eax
addq $32, %rsp
popq %rbp
retq
.Ltmp5:
.Lfunc_end2:
.size main, .Lfunc_end2-main
.cfi_endproc
# -- End function
.section .debug_str,"MS",@progbits,1
.Linfo_string0:
.asciz "clang version 6.0.0 (trunk 316774)" # string offset=0
.Linfo_string1:
.asciz "tiny.cc" # string offset=35
.Linfo_string2:
.asciz "/tmp/a/b" # string offset=43
.section .debug_abbrev,"",@progbits
.byte 1 # Abbreviation Code
.byte 17 # DW_TAG_compile_unit
.byte 0 # DW_CHILDREN_no
.byte 37 # DW_AT_producer
.byte 14 # DW_FORM_strp
.byte 19 # DW_AT_language
.byte 5 # DW_FORM_data2
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 16 # DW_AT_stmt_list
.byte 23 # DW_FORM_sec_offset
.byte 27 # DW_AT_comp_dir
.byte 14 # DW_FORM_strp
.byte 17 # DW_AT_low_pc
.byte 1 # DW_FORM_addr
.byte 18 # DW_AT_high_pc
.byte 6 # DW_FORM_data4
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 0 # EOM(3)
.section .debug_info,"",@progbits
.Lcu_begin0:
.long 38 # Length of Unit
.short 4 # DWARF version number
.long .debug_abbrev # Offset Into Abbrev. Section
.byte 8 # Address Size (in bytes)
.byte 1 # Abbrev [1] 0xb:0x1f DW_TAG_compile_unit
.long .Linfo_string0 # DW_AT_producer
.short 4 # DW_AT_language
.long .Linfo_string1 # DW_AT_name
.long .Lline_table_start0 # DW_AT_stmt_list
.long .Linfo_string2 # DW_AT_comp_dir
.quad .Lfunc_begin0 # DW_AT_low_pc
.long .Lfunc_end2-.Lfunc_begin0 # DW_AT_high_pc
.section .debug_ranges,"",@progbits
.section .debug_macinfo,"",@progbits
.Lcu_macro_begin0:
.byte 0 # End Of Macro List Mark
.ident "clang version 6.0.0 (trunk 316774)"
.section ".note.GNU-stack","",@progbits
.section .debug_line,"",@progbits
.Lline_table_start0:

test/tools/llvm-cfi-verify/X86/Inputs/unprotected-nolineinfo.s

  • This file was added.
# Source (tiny.cc):
# void a() {}
# void b() {}
# int main(int argc, char** argv) {
# void(*ptr)();
# if (argc == 1)
# ptr = &a;
# else
# ptr = &b;
# ptr();
# }
# Compile with:
# clang++ tiny.cc -S -o tiny.s
.text
.file "tiny.cc"
.globl _Z1av # -- Begin function _Z1av
.p2align 4, 0x90
.type _Z1av,@function
_Z1av: # @_Z1av
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
popq %rbp
retq
.Lfunc_end0:
.size _Z1av, .Lfunc_end0-_Z1av
.cfi_endproc
# -- End function
.globl _Z1bv # -- Begin function _Z1bv
.p2align 4, 0x90
.type _Z1bv,@function
_Z1bv: # @_Z1bv
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
popq %rbp
retq
.Lfunc_end1:
.size _Z1bv, .Lfunc_end1-_Z1bv
.cfi_endproc
# -- End function
.globl main # -- Begin function main
.p2align 4, 0x90
.type main,@function
main: # @main
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
subq $32, %rsp
movl $0, -4(%rbp)
movl %edi, -8(%rbp)
movq %rsi, -16(%rbp)
cmpl $1, -8(%rbp)
jne .LBB2_2
# BB#1:
movabsq $_Z1av, %rax
movq %rax, -24(%rbp)
jmp .LBB2_3
.LBB2_2:
movabsq $_Z1bv, %rax
movq %rax, -24(%rbp)
.LBB2_3:
callq *-24(%rbp)
movl -4(%rbp), %eax
addq $32, %rsp
popq %rbp
retq
.Lfunc_end2:
.size main, .Lfunc_end2-main
.cfi_endproc
# -- End function
.ident "clang version 6.0.0 (trunk 316774)"
.section ".note.GNU-stack","",@progbits

test/tools/llvm-cfi-verify/X86/blacklist-expected-unprotected.s

  • This file was added.
# RUN: llvm-mc %S/Inputs/unprotected-lineinfo.s -filetype obj \
# RUN: -triple x86_64-linux-elf -o %t.o
# RUN: echo "src:*tiny*" > %t.blacklist.txt
# RUN: llvm-cfi-verify %t.o %t.blacklist.txt | FileCheck %s
# CHECK-LABEL: U
# CHECK-NEXT: tiny.cc:11
# CHECK-NEXT: BLACKLIST MATCH, 'src'
# CHECK-NEXT: ====> Expected Unprotected
# CHECK: Expected Protected: 0 (0.00%)
# CHECK: Unexpected Protected: 0 (0.00%)
# CHECK: Expected Unprotected: 1 (100.00%)
# CHECK: Unexpected Unprotected (BAD): 0 (0.00%)
# Source: (blacklist.txt):
# src:*tiny*

test/tools/llvm-cfi-verify/X86/blacklist-match-fun.s

  • This file was added.
# RUN: llvm-mc %S/Inputs/unprotected-fullinfo.s -filetype obj \
# RUN: -triple x86_64-linux-elf -o %t.o
# RUN: echo "fun:*main*" > %t.blacklist.txt
# RUN: llvm-cfi-verify %t.o %t.blacklist.txt | FileCheck %s
# CHECK-LABEL: U
# CHECK-NEXT: tiny.cc:11
# CHECK-NEXT: BLACKLIST MATCH, 'fun'
# CHECK-NEXT: ====> Expected Unprotected
# CHECK: Expected Protected: 0 (0.00%)
# CHECK: Unexpected Protected: 0 (0.00%)
# CHECK: Expected Unprotected: 1 (100.00%)
# CHECK: Unexpected Unprotected (BAD): 0 (0.00%)
# Source: (blacklist.txt):
# fun:*main*

test/tools/llvm-cfi-verify/X86/blacklist-unexpected-protected.s

  • This file was added.
# RUN: llvm-mc %S/Inputs/protected-lineinfo.s -filetype obj \
# RUN: -triple x86_64-linux-elf -o %t.o
# RUN: echo "src:*tiny*" > %t.blacklist.txt
# RUN: llvm-cfi-verify %t.o %t.blacklist.txt | FileCheck %s
# CHECK-LABEL: P
# CHECK-NEXT: tiny.cc:11
# CHECK-NEXT: BLACKLIST MATCH, 'src'
# CHECK-NEXT: ====> Unexpected Protected
# CHECK: Expected Protected: 0 (0.00%)
# CHECK: Unexpected Protected: 1 (100.00%)
# CHECK: Expected Unprotected: 0 (0.00%)
# CHECK: Unexpected Unprotected (BAD): 0 (0.00%)
# Source: (blacklist.txt):
# src:*tiny*

test/tools/llvm-cfi-verify/X86/indirect-cf-elimination.s

# RUN: llvm-mc %s -filetype obj -triple x86_64-linux-elf -o %t.o # RUN: llvm-mc %s -filetype obj -triple x86_64-linux-elf -o %t.o
# RUN: llvm-cfi-verify %t.o 2>&1 | FileCheck %s # RUN: llvm-cfi-verify %t.o 2>&1 | FileCheck %s
# This is the same file as protected-lineinfo.s, however contains a hand- # This is the same file as protected-lineinfo.s, however contains a hand-
# assembled function (fake_function) that has no line table information # assembled function (fake_function) that has no line table information
# associated with it. Because there is no LT info, the indirect call made in the # associated with it. Because there is no LT info, the indirect call made in the
# function should not be reported at all by llvm-cfi-verify. # function should not be reported at all by llvm-cfi-verify.
# We can test that this indirect call is ignored from the final statistics # We can test that this indirect call is ignored from the final statistics
# reporting of the cfi-verify program. It should only find a single indirect CF # reporting of the cfi-verify program. It should only find a single indirect CF
# instruction at `tiny.cc:11` (see protected-lineinfo.s for the source). # instruction at `tiny.cc:11` (see protected-lineinfo.s for the source).
# CHECK: Unprotected: 0 (0.00%), Protected: 1 (100.00%) # CHECK: Expected Protected: 1 (100.00%)
# CHECK: Unexpected Protected: 0 (0.00%)
# CHECK: Expected Unprotected: 0 (0.00%)
# CHECK: Unexpected Unprotected (BAD): 0 (0.00%)
.text .text
.file "ld-temp.o" .file "ld-temp.o"
.p2align 4, 0x90 .p2align 4, 0x90
.type fake_function,@function .type fake_function,@function
fake_function: fake_function:
nop nop
nop nop
▲ Show 20 LinesShow All 185 LinesShow Last 20 Lines

test/tools/llvm-cfi-verify/X86/protected-lineinfo.s

# RUN: llvm-mc %s -filetype obj -triple x86_64-linux-elf -o %t.o # RUN: llvm-mc %S/Inputs/protected-lineinfo.s -filetype obj \
# RUN: -triple x86_64-linux-elf -o %t.o
# RUN: llvm-cfi-verify %t.o | FileCheck %s # RUN: llvm-cfi-verify %t.o | FileCheck %s
# CHECK-LABEL: P # CHECK-LABEL: P
# CHECK-NEXT: tiny.cc:11 # CHECK-NEXT: tiny.cc:11
# CHECK: Unprotected: 0 (0.00%), Protected: 1 (100.00%) # CHECK: Expected Protected: 1 (100.00%)
# CHECK: Unexpected Protected: 0 (0.00%)
# Source (tiny.cc): # CHECK: Expected Unprotected: 0 (0.00%)
# void a() {} # CHECK: Unexpected Unprotected (BAD): 0 (0.00%)
# void b() {}
# int main(int argc, char** argv) {
# void(*ptr)();
# if (argc == 1)
# ptr = &a;
# else
# ptr = &b;
# ptr();
# }
# Compile with (output is in tiny.s.0):
# clang++ -flto -fsanitize=cfi -fvisibility=hidden -c tiny.cc -o tiny.o -gmlt
# clang++ tiny.o -o tiny -flto -fuse-ld=gold -Wl,-plugin-opt,save-temps
# clang++ -fsanitize=cfi -flto -fvisibility=hidden -c tiny.cc -o tiny.o -gmlt
# llvm-lto2 run @tiny.resolution.txt -o tiny.s -filetype=asm
.text
.file "ld-temp.o"
.p2align 4, 0x90
.type _Z1av.cfi,@function
_Z1av.cfi:
.Lfunc_begin0:
.file 1 "tiny.cc"
.loc 1 1 0
.cfi_startproc
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp0:
.loc 1 1 11 prologue_end
popq %rbp
retq
.Ltmp1:
.Lfunc_end0:
.size _Z1av.cfi, .Lfunc_end0-_Z1av.cfi
.cfi_endproc
.p2align 4, 0x90
.type _Z1bv.cfi,@function
_Z1bv.cfi:
.Lfunc_begin1:
.loc 1 2 0
.cfi_startproc
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp2:
.loc 1 2 11 prologue_end
popq %rbp
retq
.Ltmp3:
.Lfunc_end1:
.size _Z1bv.cfi, .Lfunc_end1-_Z1bv.cfi
.cfi_endproc
.hidden main
.globl main
.p2align 4, 0x90
.type main,@function
main:
.Lfunc_begin2:
.loc 1 4 0
.cfi_startproc
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
subq $32, %rsp
movl $0, -8(%rbp)
movl %edi, -4(%rbp)
movq %rsi, -24(%rbp)
.Ltmp4:
.loc 1 6 12 prologue_end
cmpl $1, -4(%rbp)
.loc 1 6 7 is_stmt 0
jne .LBB2_2
.loc 1 0 7
leaq _Z1av(%rip), %rax
.loc 1 7 9 is_stmt 1
movq %rax, -16(%rbp)
.loc 1 7 5 is_stmt 0
jmp .LBB2_3
.LBB2_2:
.loc 1 0 5
leaq _Z1bv(%rip), %rax
.loc 1 9 9 is_stmt 1
movq %rax, -16(%rbp)
.LBB2_3:
.loc 1 0 9 is_stmt 0
leaq .L.cfi.jumptable(%rip), %rcx
.loc 1 11 3 is_stmt 1
movq -16(%rbp), %rax
movq %rax, %rdx
subq %rcx, %rdx
movq %rdx, %rcx
shrq $3, %rcx
shlq $61, %rdx
orq %rcx, %rdx
cmpq $1, %rdx
jbe .LBB2_5
ud2
.LBB2_5:
callq *%rax
.loc 1 12 1
movl -8(%rbp), %eax
addq $32, %rsp
popq %rbp
retq
.Ltmp5:
.Lfunc_end2:
.size main, .Lfunc_end2-main
.cfi_endproc
.p2align 3, 0x90
.type .L.cfi.jumptable,@function
.L.cfi.jumptable:
.Lfunc_begin3:
.cfi_startproc
#APP
jmp _Z1av.cfi@PLT
int3
int3
int3
jmp _Z1bv.cfi@PLT
int3
int3
int3
#NO_APP
.Lfunc_end3:
.size .L.cfi.jumptable, .Lfunc_end3-.L.cfi.jumptable
.cfi_endproc
.section .debug_str,"MS",@progbits,1
.Linfo_string0:
.asciz "clang version 6.0.0 (trunk 316774)"
.Linfo_string1:
.asciz "tiny.cc"
.Linfo_string2:
.asciz ""
.section .debug_abbrev,"",@progbits
.byte 1
.byte 17
.byte 0
.byte 37
.byte 14
.byte 19
.byte 5
.byte 3
.byte 14
.byte 16
.byte 23
.byte 27
.byte 14
.byte 17
.byte 1
.byte 18
.byte 6
.byte 0
.byte 0
.byte 0
.section .debug_info,"",@progbits
.Lcu_begin0:
.long 38
.short 4
.long .debug_abbrev
.byte 8
.byte 1
.long .Linfo_string0
.short 4
.long .Linfo_string1
.long .Lline_table_start0
.long .Linfo_string2
.quad .Lfunc_begin0
.long .Lfunc_end2-.Lfunc_begin0
.section .debug_ranges,"",@progbits
.section .debug_macinfo,"",@progbits
.Lcu_macro_begin0:
.byte 0
.type _Z1av,@function
_Z1av = .L.cfi.jumptable
.type _Z1bv,@function
_Z1bv = .L.cfi.jumptable+8
.ident "clang version 6.0.0 (trunk 316774)"
.section ".note.GNU-stack","",@progbits
.section .debug_line,"",@progbits
.Lline_table_start0:

test/tools/llvm-cfi-verify/X86/unprotected-lineinfo.s

# RUN: llvm-mc %s -filetype obj -triple x86_64-linux-elf -o %t.o # RUN: llvm-mc %S/Inputs/unprotected-lineinfo.s -filetype obj \
# RUN: -triple x86_64-linux-elf -o %t.o
# RUN: llvm-cfi-verify %t.o | FileCheck %s # RUN: llvm-cfi-verify %t.o | FileCheck %s
# CHECK-LABEL: U # CHECK-LABEL: U
# CHECK-NEXT: tiny.cc:11 # CHECK-NEXT: tiny.cc:11
# CHECK: Unprotected: 1 (100.00%), Protected: 0 (0.00%) # CHECK: Expected Protected: 0 (0.00%)
# CHECK: Unexpected Protected: 0 (0.00%)
# Source (tiny.cc): # CHECK: Expected Unprotected: 0 (0.00%)
# void a() {} # CHECK: Unexpected Unprotected (BAD): 1 (100.00%)
# void b() {}
# int main(int argc, char** argv) {
# void(*ptr)();
# if (argc == 1)
# ptr = &a;
# else
# ptr = &b;
# ptr();
# }
# Compile with:
# clang++ -gmlt tiny.cc -S -o tiny.s
.text
.file "tiny.cc"
.globl _Z1av # -- Begin function _Z1av
.p2align 4, 0x90
.type _Z1av,@function
_Z1av: # @_Z1av
.Lfunc_begin0:
.file 1 "tiny.cc"
.loc 1 1 0 # tiny.cc:1:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp0:
.loc 1 1 11 prologue_end # tiny.cc:1:11
popq %rbp
retq
.Ltmp1:
.Lfunc_end0:
.size _Z1av, .Lfunc_end0-_Z1av
.cfi_endproc
# -- End function
.globl _Z1bv # -- Begin function _Z1bv
.p2align 4, 0x90
.type _Z1bv,@function
_Z1bv: # @_Z1bv
.Lfunc_begin1:
.loc 1 2 0 # tiny.cc:2:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
.Ltmp2:
.loc 1 2 11 prologue_end # tiny.cc:2:11
popq %rbp
retq
.Ltmp3:
.Lfunc_end1:
.size _Z1bv, .Lfunc_end1-_Z1bv
.cfi_endproc
# -- End function
.globl main # -- Begin function main
.p2align 4, 0x90
.type main,@function
main: # @main
.Lfunc_begin2:
.loc 1 4 0 # tiny.cc:4:0
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
subq $32, %rsp
movl $0, -4(%rbp)
movl %edi, -8(%rbp)
movq %rsi, -16(%rbp)
.Ltmp4:
.loc 1 6 12 prologue_end # tiny.cc:6:12
cmpl $1, -8(%rbp)
.loc 1 6 7 is_stmt 0 # tiny.cc:6:7
jne .LBB2_2
# BB#1:
.loc 1 0 7 # tiny.cc:0:7
movabsq $_Z1av, %rax
.loc 1 7 9 is_stmt 1 # tiny.cc:7:9
movq %rax, -24(%rbp)
.loc 1 7 5 is_stmt 0 # tiny.cc:7:5
jmp .LBB2_3
.LBB2_2:
.loc 1 0 5 # tiny.cc:0:5
movabsq $_Z1bv, %rax
.loc 1 9 9 is_stmt 1 # tiny.cc:9:9
movq %rax, -24(%rbp)
.LBB2_3:
.loc 1 11 3 # tiny.cc:11:3
callq *-24(%rbp)
.loc 1 12 1 # tiny.cc:12:1
movl -4(%rbp), %eax
addq $32, %rsp
popq %rbp
retq
.Ltmp5:
.Lfunc_end2:
.size main, .Lfunc_end2-main
.cfi_endproc
# -- End function
.section .debug_str,"MS",@progbits,1
.Linfo_string0:
.asciz "clang version 6.0.0 (trunk 316774)" # string offset=0
.Linfo_string1:
.asciz "tiny.cc" # string offset=35
.Linfo_string2:
.asciz "/tmp/a/b" # string offset=43
.section .debug_abbrev,"",@progbits
.byte 1 # Abbreviation Code
.byte 17 # DW_TAG_compile_unit
.byte 0 # DW_CHILDREN_no
.byte 37 # DW_AT_producer
.byte 14 # DW_FORM_strp
.byte 19 # DW_AT_language
.byte 5 # DW_FORM_data2
.byte 3 # DW_AT_name
.byte 14 # DW_FORM_strp
.byte 16 # DW_AT_stmt_list
.byte 23 # DW_FORM_sec_offset
.byte 27 # DW_AT_comp_dir
.byte 14 # DW_FORM_strp
.byte 17 # DW_AT_low_pc
.byte 1 # DW_FORM_addr
.byte 18 # DW_AT_high_pc
.byte 6 # DW_FORM_data4
.byte 0 # EOM(1)
.byte 0 # EOM(2)
.byte 0 # EOM(3)
.section .debug_info,"",@progbits
.Lcu_begin0:
.long 38 # Length of Unit
.short 4 # DWARF version number
.long .debug_abbrev # Offset Into Abbrev. Section
.byte 8 # Address Size (in bytes)
.byte 1 # Abbrev [1] 0xb:0x1f DW_TAG_compile_unit
.long .Linfo_string0 # DW_AT_producer
.short 4 # DW_AT_language
.long .Linfo_string1 # DW_AT_name
.long .Lline_table_start0 # DW_AT_stmt_list
.long .Linfo_string2 # DW_AT_comp_dir
.quad .Lfunc_begin0 # DW_AT_low_pc
.long .Lfunc_end2-.Lfunc_begin0 # DW_AT_high_pc
.section .debug_ranges,"",@progbits
.section .debug_macinfo,"",@progbits
.Lcu_macro_begin0:
.byte 0 # End Of Macro List Mark
.ident "clang version 6.0.0 (trunk 316774)"
.section ".note.GNU-stack","",@progbits
.section .debug_line,"",@progbits
.Lline_table_start0:

test/tools/llvm-cfi-verify/X86/unprotected-nolineinfo.s

# RUN: llvm-mc %s -filetype obj -triple x86_64-linux-elf -o %t.o # RUN: llvm-mc %S/Inputs/unprotected-nolineinfo.s -filetype obj \
# RUN: -triple x86_64-linux-elf -o %t.o
# RUN: not llvm-cfi-verify %t.o 2>&1 | FileCheck %s # RUN: not llvm-cfi-verify %t.o 2>&1 | FileCheck %s
# CHECK: DWARF line information missing. Did you compile with '-g'? # CHECK: DWARF line information missing. Did you compile with '-g'?
# Source (tiny.cc):
# void a() {}
# void b() {}
# int main(int argc, char** argv) {
# void(*ptr)();
# if (argc == 1)
# ptr = &a;
# else
# ptr = &b;
# ptr();
# }
# Compile with:
# clang++ tiny.cc -S -o tiny.s
.text
.file "tiny.cc"
.globl _Z1av # -- Begin function _Z1av
.p2align 4, 0x90
.type _Z1av,@function
_Z1av: # @_Z1av
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
popq %rbp
retq
.Lfunc_end0:
.size _Z1av, .Lfunc_end0-_Z1av
.cfi_endproc
# -- End function
.globl _Z1bv # -- Begin function _Z1bv
.p2align 4, 0x90
.type _Z1bv,@function
_Z1bv: # @_Z1bv
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
popq %rbp
retq
.Lfunc_end1:
.size _Z1bv, .Lfunc_end1-_Z1bv
.cfi_endproc
# -- End function
.globl main # -- Begin function main
.p2align 4, 0x90
.type main,@function
main: # @main
.cfi_startproc
# BB#0:
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset %rbp, -16
movq %rsp, %rbp
.cfi_def_cfa_register %rbp
subq $32, %rsp
movl $0, -4(%rbp)
movl %edi, -8(%rbp)
movq %rsi, -16(%rbp)
cmpl $1, -8(%rbp)
jne .LBB2_2
# BB#1:
movabsq $_Z1av, %rax
movq %rax, -24(%rbp)
jmp .LBB2_3
.LBB2_2:
movabsq $_Z1bv, %rax
movq %rax, -24(%rbp)
.LBB2_3:
callq *-24(%rbp)
movl -4(%rbp), %eax
addq $32, %rsp
popq %rbp
retq
.Lfunc_end2:
.size main, .Lfunc_end2-main
.cfi_endproc
# -- End function
.ident "clang version 6.0.0 (trunk 316774)"
.section ".note.GNU-stack","",@progbits

tools/llvm-cfi-verify/CMakeLists.txt

set(LLVM_LINK_COMPONENTS set(LLVM_LINK_COMPONENTS
AllTargetsAsmPrinters AllTargetsAsmPrinters
AllTargetsAsmParsers AllTargetsAsmParsers
AllTargetsDescs AllTargetsDescs
AllTargetsDisassemblers AllTargetsDisassemblers
AllTargetsInfos AllTargetsInfos
DebugInfoDWARF
MC MC
MCParser MCParser
Object Object
Support Support
Symbolize
) )
add_llvm_tool(llvm-cfi-verify add_llvm_tool(llvm-cfi-verify
llvm-cfi-verify.cpp) llvm-cfi-verify.cpp)
add_subdirectory(lib) add_subdirectory(lib)
target_link_libraries(llvm-cfi-verify LLVMCFIVerify) target_link_libraries(llvm-cfi-verify LLVMCFIVerify)

tools/llvm-cfi-verify/LLVMBuild.txt

Show All 13 Lines
; http://llvm.org/docs/LLVMBuild.html ; http://llvm.org/docs/LLVMBuild.html
; ;
;===------------------------------------------------------------------------===; ;===------------------------------------------------------------------------===;
[component_0] [component_0]
type = Tool type = Tool
name = llvm-cfi-verify name = llvm-cfi-verify
parent = Tools parent = Tools
required_libraries = all-targets DebugInfoDWARF MC MCDisassembler MCParser Support required_libraries = all-targets MC MCDisassembler MCParser Support Symbolize

tools/llvm-cfi-verify/lib/CMakeLists.txt

add_library(LLVMCFIVerify add_library(LLVMCFIVerify
STATIC STATIC
FileAnalysis.cpp FileAnalysis.cpp
FileAnalysis.h FileAnalysis.h
GraphBuilder.cpp GraphBuilder.cpp
GraphBuilder.h) GraphBuilder.h)
llvm_update_compile_flags(LLVMCFIVerify) llvm_update_compile_flags(LLVMCFIVerify)
llvm_map_components_to_libnames(libs llvm_map_components_to_libnames(libs
DebugInfoDWARF DebugInfoDWARF
MC MC
MCParser MCParser
Object Object
Support) Support
Symbolize)
target_link_libraries(LLVMCFIVerify ${libs}) target_link_libraries(LLVMCFIVerify ${libs})

tools/llvm-cfi-verify/lib/FileAnalysis.h

//===- FileAnalysis.h -------------------------------------------*- C++ -*-===// //===- FileAnalysis.h -------------------------------------------*- C++ -*-===//
// //
// The LLVM Compiler Infrastructure // The LLVM Compiler Infrastructure
// //
// This file is distributed under the University of Illinois Open Source // This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details. // License. See LICENSE.TXT for details.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#ifndef LLVM_CFI_VERIFY_FILE_ANALYSIS_H #ifndef LLVM_CFI_VERIFY_FILE_ANALYSIS_H
#define LLVM_CFI_VERIFY_FILE_ANALYSIS_H #define LLVM_CFI_VERIFY_FILE_ANALYSIS_H
#include "llvm/ADT/DenseMap.h" #include "llvm/ADT/DenseMap.h"
#include "llvm/BinaryFormat/ELF.h" #include "llvm/BinaryFormat/ELF.h"
#include "llvm/DebugInfo/DWARF/DWARFContext.h" #include "llvm/DebugInfo/Symbolize/Symbolize.h"
#include "llvm/MC/MCAsmInfo.h" #include "llvm/MC/MCAsmInfo.h"
#include "llvm/MC/MCContext.h" #include "llvm/MC/MCContext.h"
#include "llvm/MC/MCDisassembler/MCDisassembler.h" #include "llvm/MC/MCDisassembler/MCDisassembler.h"
#include "llvm/MC/MCInst.h" #include "llvm/MC/MCInst.h"
#include "llvm/MC/MCInstPrinter.h" #include "llvm/MC/MCInstPrinter.h"
#include "llvm/MC/MCInstrAnalysis.h" #include "llvm/MC/MCInstrAnalysis.h"
#include "llvm/MC/MCInstrDesc.h" #include "llvm/MC/MCInstrDesc.h"
#include "llvm/MC/MCInstrInfo.h" #include "llvm/MC/MCInstrInfo.h"
Show All 15 Lines
#include <functional> #include <functional>
#include <set> #include <set>
#include <string> #include <string>
#include <unordered_map> #include <unordered_map>
namespace llvm { namespace llvm {
namespace cfi_verify { namespace cfi_verify {
extern bool IgnoreDWARFFlag;
// Disassembler and analysis tool for machine code files. Keeps track of non- // Disassembler and analysis tool for machine code files. Keeps track of non-
// sequential control flows, including indirect control flow instructions. // sequential control flows, including indirect control flow instructions.
class FileAnalysis { class FileAnalysis {
public: public:
// A metadata struct for an instruction. // A metadata struct for an instruction.
struct Instr { struct Instr {
uint64_t VMAddress; // Virtual memory address of this instruction. uint64_t VMAddress; // Virtual memory address of this instruction.
MCInst Instruction; // Instruction. MCInst Instruction; // Instruction.
▲ Show 20 LinesShow All 60 Lines▼ Show 20 Linespublic:
bool usesRegisterOperand(const Instr &InstrMeta) const; bool usesRegisterOperand(const Instr &InstrMeta) const;
// Returns the list of indirect instructions. // Returns the list of indirect instructions.
const std::set<uint64_t> &getIndirectInstructions() const; const std::set<uint64_t> &getIndirectInstructions() const;
const MCRegisterInfo *getRegisterInfo() const; const MCRegisterInfo *getRegisterInfo() const;
const MCInstrInfo *getMCInstrInfo() const; const MCInstrInfo *getMCInstrInfo() const;
const MCInstrAnalysis *getMCInstrAnalysis() const; const MCInstrAnalysis *getMCInstrAnalysis() const;
symbolize::LLVMSymbolizer &getSymbolizer();
// Returns true if this class is using DWARF line tables for elimination. // Returns true if this class is using DWARF line tables for elimination.
bool hasLineTableInfo() const; bool hasLineTableInfo() const;
// Returns the line table information for the range {Address +- // Returns the line table information for the range {Address +-
// DWARFSearchRange}. Returns an empty table if the address has no valid line // DWARFSearchRange}. Returns an empty table if the address has no valid line
// table information, or this analysis object has DWARF handling disabled. // table information, or this analysis object has DWARF handling disabled.
DILineInfoTable getLineInfoForAddressRange(uint64_t Address); DILineInfoTable getLineInfoForAddressRange(uint64_t Address);
Show All 39 Linesprivate:
std::unique_ptr<MCSubtargetInfo> SubtargetInfo; std::unique_ptr<MCSubtargetInfo> SubtargetInfo;
std::unique_ptr<const MCInstrInfo> MII; std::unique_ptr<const MCInstrInfo> MII;
MCObjectFileInfo MOFI; MCObjectFileInfo MOFI;
std::unique_ptr<MCContext> Context; std::unique_ptr<MCContext> Context;
std::unique_ptr<const MCDisassembler> Disassembler; std::unique_ptr<const MCDisassembler> Disassembler;
std::unique_ptr<const MCInstrAnalysis> MIA; std::unique_ptr<const MCInstrAnalysis> MIA;
std::unique_ptr<MCInstPrinter> Printer; std::unique_ptr<MCInstPrinter> Printer;
// DWARF debug information. // Symbolizer used for debug information parsing.
std::unique_ptr<DWARFContext> DWARF; std::unique_ptr<symbolize::LLVMSymbolizer> Symbolizer;
// A mapping between the virtual memory address to the instruction metadata // A mapping between the virtual memory address to the instruction metadata
// struct. TODO(hctim): Reimplement this as a sorted vector to avoid per- // struct. TODO(hctim): Reimplement this as a sorted vector to avoid per-
// insertion allocation. // insertion allocation.
std::map<uint64_t, Instr> Instructions; std::map<uint64_t, Instr> Instructions;
// Contains a mapping between a specific address, and a list of instructions // Contains a mapping between a specific address, and a list of instructions
// that use this address as a branch target (including call instructions). // that use this address as a branch target (including call instructions).
Show All 21 Lines

tools/llvm-cfi-verify/lib/FileAnalysis.cpp

Show All 33 Lines
#include "llvm/Support/MemoryBuffer.h" #include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/TargetRegistry.h" #include "llvm/Support/TargetRegistry.h"
#include "llvm/Support/TargetSelect.h" #include "llvm/Support/TargetSelect.h"
#include "llvm/Support/raw_ostream.h" #include "llvm/Support/raw_ostream.h"
#include <functional> #include <functional>
using Instr = llvm::cfi_verify::FileAnalysis::Instr; using Instr = llvm::cfi_verify::FileAnalysis::Instr;
using LLVMSymbolizer = llvm::symbolize::LLVMSymbolizer;
namespace llvm { namespace llvm {
namespace cfi_verify { namespace cfi_verify {
static cl::opt<bool> IgnoreDWARF( bool IgnoreDWARFFlag;
static cl::opt<bool, true> IgnoreDWARFArg(
"ignore-dwarf", "ignore-dwarf",
cl::desc( cl::desc(
"Ignore all DWARF data. This relaxes the requirements for all " "Ignore all DWARF data. This relaxes the requirements for all "
"statically linked libraries to have been compiled with '-g', but " "statically linked libraries to have been compiled with '-g', but "
"will result in false positives for 'CFI unprotected' instructions."), "will result in false positives for 'CFI unprotected' instructions."),
cl::init(false)); cl::location(IgnoreDWARFFlag), cl::init(false));
cl::opt<unsigned long long> DWARFSearchRange(
"dwarf-search-range",
cl::desc("Address search range used to determine if instruction is valid."),
cl::init(0x10));
Expected<FileAnalysis> FileAnalysis::Create(StringRef Filename) { Expected<FileAnalysis> FileAnalysis::Create(StringRef Filename) {
// Open the filename provided. // Open the filename provided.
Expected<object::OwningBinary<object::Binary>> BinaryOrErr = Expected<object::OwningBinary<object::Binary>> BinaryOrErr =
object::createBinary(Filename); object::createBinary(Filename);
if (!BinaryOrErr) if (!BinaryOrErr)
return BinaryOrErr.takeError(); return BinaryOrErr.takeError();
▲ Show 20 LinesShow All 185 Lines▼ Show 20 Lines
} }
const MCInstrInfo *FileAnalysis::getMCInstrInfo() const { return MII.get(); } const MCInstrInfo *FileAnalysis::getMCInstrInfo() const { return MII.get(); }
const MCInstrAnalysis *FileAnalysis::getMCInstrAnalysis() const { const MCInstrAnalysis *FileAnalysis::getMCInstrAnalysis() const {
return MIA.get(); return MIA.get();
} }
LLVMSymbolizer &FileAnalysis::getSymbolizer() { return *Symbolizer; }
Error FileAnalysis::initialiseDisassemblyMembers() { Error FileAnalysis::initialiseDisassemblyMembers() {
std::string TripleName = ObjectTriple.getTriple(); std::string TripleName = ObjectTriple.getTriple();
ArchName = ""; ArchName = "";
MCPU = ""; MCPU = "";
std::string ErrorString; std::string ErrorString;
Symbolizer.reset(new LLVMSymbolizer());
ObjectTarget = ObjectTarget =
TargetRegistry::lookupTarget(ArchName, ObjectTriple, ErrorString); TargetRegistry::lookupTarget(ArchName, ObjectTriple, ErrorString);
if (!ObjectTarget) if (!ObjectTarget)
return make_error<UnsupportedDisassembly>( return make_error<UnsupportedDisassembly>(
(Twine("Couldn't find target \"") + ObjectTriple.getTriple() + (Twine("Couldn't find target \"") + ObjectTriple.getTriple() +
"\", failed with error: " + ErrorString) "\", failed with error: " + ErrorString)
.str()); .str());
Show All 30 LinesError FileAnalysis::initialiseDisassemblyMembers() {
Printer.reset(ObjectTarget->createMCInstPrinter( Printer.reset(ObjectTarget->createMCInstPrinter(
ObjectTriple, AsmInfo->getAssemblerDialect(), *AsmInfo, *MII, ObjectTriple, AsmInfo->getAssemblerDialect(), *AsmInfo, *MII,
*RegisterInfo)); *RegisterInfo));
return Error::success(); return Error::success();
} }
Error FileAnalysis::parseCodeSections() { Error FileAnalysis::parseCodeSections() {
if (!IgnoreDWARF) { if (!IgnoreDWARFFlag) {
DWARF.reset(DWARFContext::create(*Object).release()); std::unique_ptr<DWARFContext> DWARF = DWARFContext::create(*Object);
if (!DWARF) if (!DWARF)
return make_error<StringError>("Could not create DWARF information.", return make_error<StringError>("Could not create DWARF information.",
inconvertibleErrorCode()); inconvertibleErrorCode());
bool LineInfoValid = false; bool LineInfoValid = false;
for (auto &Unit : DWARF->compile_units()) { for (auto &Unit : DWARF->compile_units()) {
const auto &LineTable = DWARF->getLineTableForUnit(Unit.get()); const auto &LineTable = DWARF->getLineTableForUnit(Unit.get());
Show All 21 Lines for (const object::SectionRef &Section : Object->sections()) {
ArrayRef<uint8_t> SectionBytes((const uint8_t *)SectionContents.data(), ArrayRef<uint8_t> SectionBytes((const uint8_t *)SectionContents.data(),
Section.getSize()); Section.getSize());
parseSectionContents(SectionBytes, Section.getAddress()); parseSectionContents(SectionBytes, Section.getAddress());
} }
return Error::success(); return Error::success();
} }
DILineInfoTable FileAnalysis::getLineInfoForAddressRange(uint64_t Address) {
if (!hasLineTableInfo())
return DILineInfoTable();
return DWARF->getLineInfoForAddressRange(Address, DWARFSearchRange);
}
bool FileAnalysis::hasValidLineInfoForAddressRange(uint64_t Address) {
return !getLineInfoForAddressRange(Address).empty();
}
bool FileAnalysis::hasLineTableInfo() const { return DWARF != nullptr; }
void FileAnalysis::parseSectionContents(ArrayRef<uint8_t> SectionBytes, void FileAnalysis::parseSectionContents(ArrayRef<uint8_t> SectionBytes,
uint64_t SectionAddress) { uint64_t SectionAddress) {
assert(Symbolizer && "Symbolizer is uninitialised.");
MCInst Instruction; MCInst Instruction;
Instr InstrMeta; Instr InstrMeta;
uint64_t InstructionSize; uint64_t InstructionSize;
for (uint64_t Byte = 0; Byte < SectionBytes.size();) { for (uint64_t Byte = 0; Byte < SectionBytes.size();) {
bool ValidInstruction = bool ValidInstruction =
Disassembler->getInstruction(Instruction, InstructionSize, Disassembler->getInstruction(Instruction, InstructionSize,
SectionBytes.drop_front(Byte), 0, nulls(), SectionBytes.drop_front(Byte), 0, nulls(),
outs()) == MCDisassembler::Success; outs()) == MCDisassembler::Success;
Byte += InstructionSize; Byte += InstructionSize;
uint64_t VMAddress = SectionAddress + Byte - InstructionSize; uint64_t VMAddress = SectionAddress + Byte - InstructionSize;
InstrMeta.Instruction = Instruction; InstrMeta.Instruction = Instruction;
InstrMeta.VMAddress = VMAddress; InstrMeta.VMAddress = VMAddress;
InstrMeta.InstructionSize = InstructionSize; InstrMeta.InstructionSize = InstructionSize;
InstrMeta.Valid = ValidInstruction; InstrMeta.Valid = ValidInstruction;
// Check if this instruction exists in the range of the DWARF metadata. // Check if this instruction exists in the range of the DWARF metadata.
if (hasLineTableInfo() && !hasValidLineInfoForAddressRange(VMAddress)) if (!IgnoreDWARFFlag) {
auto LineInfo =
Symbolizer->symbolizeCode(Object->getFileName(), VMAddress);
if (!LineInfo) {
handleAllErrors(LineInfo.takeError(), [](const ErrorInfoBase &E) {
errs() << "Symbolizer failed to get line: " << E.message() << "\n";
});
continue; continue;
}
vlad.tsyrklevichUnsubmitted
Done
ReplyInline Actions

Will this do what we expect when !LineInfo?

vlad.tsyrklevich: Will this do what we expect when !LineInfo?
if (LineInfo->FileName == "<invalid>")
continue;
}
addInstruction(InstrMeta); addInstruction(InstrMeta);
if (!ValidInstruction) if (!ValidInstruction)
continue; continue;
// Skip additional parsing for instructions that do not affect the control // Skip additional parsing for instructions that do not affect the control
// flow. // flow.
▲ Show 20 LinesShow All 42 LinesShow Last 20 Lines

tools/llvm-cfi-verify/lib/LLVMBuild.txt

Show All 13 Lines
; http://llvm.org/docs/LLVMBuild.html ; http://llvm.org/docs/LLVMBuild.html
; ;
;===------------------------------------------------------------------------===; ;===------------------------------------------------------------------------===;
[component_0] [component_0]
type = Library type = Library
name = CFIVerify name = CFIVerify
parent = Libraries parent = Libraries
required_libraries = DebugInfoDWARF MC MCDisassembler MCParser Support required_libraries = DebugInfoDWARF MC MCDisassembler MCParser Support Symbolize

tools/llvm-cfi-verify/llvm-cfi-verify.cpp

Show All 17 Lines
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "lib/FileAnalysis.h" #include "lib/FileAnalysis.h"
#include "llvm/BinaryFormat/ELF.h" #include "llvm/BinaryFormat/ELF.h"
#include "llvm/Support/CommandLine.h" #include "llvm/Support/CommandLine.h"
#include "llvm/Support/Error.h" #include "llvm/Support/Error.h"
#include "llvm/Support/FormatVariadic.h" #include "llvm/Support/FormatVariadic.h"
#include "llvm/Support/SpecialCaseList.h"
#include <cstdlib> #include <cstdlib>
using namespace llvm; using namespace llvm;
using namespace llvm::object; using namespace llvm::object;
using namespace llvm::cfi_verify; using namespace llvm::cfi_verify;
cl::opt<std::string> InputFilename(cl::Positional, cl::desc("<input file>"), cl::opt<std::string> InputFilename(cl::Positional, cl::desc("<input file>"),
cl::Required); cl::Required);
cl::opt<std::string> BlacklistFilename(cl::Positional,
cl::desc("[blacklist file]"),
cl::init("-"));
ExitOnError ExitOnErr; ExitOnError ExitOnErr;
void printIndirectCFInstructions(FileAnalysis &Analysis) { void printIndirectCFInstructions(FileAnalysis &Analysis,
uint64_t ProtectedCount = 0; const SpecialCaseList *SpecialCaseList) {
uint64_t UnprotectedCount = 0; uint64_t ExpectedProtected = 0;
uint64_t UnexpectedProtected = 0;
uint64_t ExpectedUnprotected = 0;
uint64_t UnexpectedUnprotected = 0;
symbolize::LLVMSymbolizer &Symbolizer = Analysis.getSymbolizer();
for (uint64_t Address : Analysis.getIndirectInstructions()) { for (uint64_t Address : Analysis.getIndirectInstructions()) {
const auto &InstrMeta = Analysis.getInstructionOrDie(Address); const auto &InstrMeta = Analysis.getInstructionOrDie(Address);
bool CFIProtected = false;
vlad.tsyrklevichUnsubmitted
Done
ReplyInline Actions

bool CFIProtected = Analysis.isIndirect... is a little clearer.

vlad.tsyrklevich: `bool CFIProtected = Analysis.isIndirect...` is a little clearer.
if (Analysis.isIndirectInstructionCFIProtected(Address)) { if (Analysis.isIndirectInstructionCFIProtected(Address)) {
outs() << "P "; outs() << "P ";
ProtectedCount++; CFIProtected = true;
} else { } else {
vlad.tsyrklevichUnsubmitted
Done
ReplyInline Actions

No braces here.

vlad.tsyrklevich: No braces here.
outs() << "U "; outs() << "U ";
UnprotectedCount++;
} }
outs() << format_hex(Address, 2) << " | " outs() << format_hex(Address, 2) << " | "
<< Analysis.getMCInstrInfo()->getName( << Analysis.getMCInstrInfo()->getName(
InstrMeta.Instruction.getOpcode()) InstrMeta.Instruction.getOpcode())
<< " "; << " \n";
outs() << "\n";
if (Analysis.hasLineTableInfo()) { if (IgnoreDWARFFlag) {
for (const auto &LineKV : Analysis.getLineInfoForAddressRange(Address)) { if (CFIProtected)
outs() << " " << format_hex(LineKV.first, 2) << " = " ExpectedProtected++;
<< LineKV.second.FileName << ":" << LineKV.second.Line << ":" else
<< LineKV.second.Column << " (" << LineKV.second.FunctionName UnexpectedUnprotected++;
<< ")\n"; continue;
} }
auto InliningInfo = Symbolizer.symbolizeInlinedCode(InputFilename, Address);
if (!InliningInfo || InliningInfo->getNumberOfFrames() == 0) {
errs() << "Failed to symbolise " << format_hex(Address, 2)
<< " with line tables from " << InputFilename << "\n";
exit(EXIT_FAILURE);
} }
const auto &LineInfo =
InliningInfo->getFrame(InliningInfo->getNumberOfFrames() - 1);
// Print the inlining symbolisation of this instruction.
for (uint32_t i = 0; i < InliningInfo->getNumberOfFrames(); ++i) {
const auto &Line = InliningInfo->getFrame(i);
outs() << " " << format_hex(Address, 2) << " = " << Line.FileName << ":"
<< Line.Line << ":" << Line.Column << " (" << Line.FunctionName
<< ")\n";
} }
if (ProtectedCount || UnprotectedCount) if (!SpecialCaseList) {
outs() << formatv( if (CFIProtected)
"Unprotected: {0} ({1:P}), Protected: {2} ({3:P})\n", UnprotectedCount, ExpectedProtected++;
(((double)UnprotectedCount) / (UnprotectedCount + ProtectedCount)),
ProtectedCount,
(((double)ProtectedCount) / (UnprotectedCount + ProtectedCount)));
else else
UnexpectedUnprotected++;
continue;
}
bool MatchesBlacklistRule = false;
if (SpecialCaseList->inSection("cfi-icall", "src", LineInfo.FileName) ||
SpecialCaseList->inSection("cfi-vcall", "src", LineInfo.FileName)) {
outs() << "BLACKLIST MATCH, 'src'\n";
MatchesBlacklistRule = true;
}
if (SpecialCaseList->inSection("cfi-icall", "fun", LineInfo.FunctionName) ||
vlad.tsyrklevichUnsubmitted
Done
ReplyInline Actions

vcall?

vlad.tsyrklevich: vcall?
SpecialCaseList->inSection("cfi-vcall", "fun", LineInfo.FunctionName)) {
outs() << "BLACKLIST MATCH, 'fun'\n";
MatchesBlacklistRule = true;
}
if (MatchesBlacklistRule) {
if (CFIProtected) {
UnexpectedProtected++;
outs() << "====> Unexpected Protected\n";
} else {
ExpectedUnprotected++;
outs() << "====> Expected Unprotected\n";
}
} else {
if (CFIProtected) {
ExpectedProtected++;
outs() << "====> Expected Protected\n";
} else {
UnexpectedUnprotected++;
outs() << "====> Unexpected Unprotected\n";
}
}
}
uint64_t IndirectCFInstructions = ExpectedProtected + UnexpectedProtected +
ExpectedUnprotected + UnexpectedUnprotected;
if (IndirectCFInstructions == 0)
outs() << "No indirect CF instructions found.\n"; outs() << "No indirect CF instructions found.\n";
outs() << formatv("Expected Protected: {0} ({1:P})\n"
"Unexpected Protected: {2} ({3:P})\n"
"Expected Unprotected: {4} ({5:P})\n"
"Unexpected Unprotected (BAD): {6} ({7:P})\n",
ExpectedProtected,
((double)ExpectedProtected) / IndirectCFInstructions,
UnexpectedProtected,
((double)UnexpectedProtected) / IndirectCFInstructions,
ExpectedUnprotected,
((double)ExpectedUnprotected) / IndirectCFInstructions,
UnexpectedUnprotected,
((double)UnexpectedUnprotected) / IndirectCFInstructions);
} }
int main(int argc, char **argv) { int main(int argc, char **argv) {
cl::ParseCommandLineOptions( cl::ParseCommandLineOptions(
argc, argv, argc, argv,
"Identifies whether Control Flow Integrity protects all indirect control " "Identifies whether Control Flow Integrity protects all indirect control "
"flow instructions in the provided object file, DSO or binary.\nNote: " "flow instructions in the provided object file, DSO or binary.\nNote: "
"Anything statically linked into the provided file *must* be compiled " "Anything statically linked into the provided file *must* be compiled "
"with '-g'. This can be relaxed through the '--ignore-dwarf' flag."); "with '-g'. This can be relaxed through the '--ignore-dwarf' flag.");
InitializeAllTargetInfos(); InitializeAllTargetInfos();
InitializeAllTargetMCs(); InitializeAllTargetMCs();
InitializeAllAsmParsers(); InitializeAllAsmParsers();
InitializeAllDisassemblers(); InitializeAllDisassemblers();
std::unique_ptr<SpecialCaseList> SpecialCaseList;
if (BlacklistFilename != "-") {
std::string Error;
SpecialCaseList = SpecialCaseList::create({BlacklistFilename}, Error);
if (!SpecialCaseList) {
errs() << "Failed to get blacklist: " << Error << "\n";
exit(EXIT_FAILURE);
}
}
FileAnalysis Analysis = ExitOnErr(FileAnalysis::Create(InputFilename)); FileAnalysis Analysis = ExitOnErr(FileAnalysis::Create(InputFilename));
printIndirectCFInstructions(Analysis); printIndirectCFInstructions(Analysis, SpecialCaseList.get());
return EXIT_SUCCESS; return EXIT_SUCCESS;
} }

unittests/tools/llvm-cfi-verify/CMakeLists.txt

set(LLVM_LINK_COMPONENTS set(LLVM_LINK_COMPONENTS
AllTargetsAsmPrinters AllTargetsAsmPrinters
AllTargetsAsmParsers AllTargetsAsmParsers
AllTargetsDescs AllTargetsDescs
AllTargetsDisassemblers AllTargetsDisassemblers
AllTargetsInfos AllTargetsInfos
MC MC
MCParser MCParser
Object Object
Support Support
Symbolize
) )
add_llvm_unittest(CFIVerifyTests add_llvm_unittest(CFIVerifyTests
FileAnalysis.cpp FileAnalysis.cpp
GraphBuilder.cpp) GraphBuilder.cpp)
target_link_libraries(CFIVerifyTests LLVMCFIVerify) target_link_libraries(CFIVerifyTests LLVMCFIVerify)

unittests/tools/llvm-cfi-verify/FileAnalysis.cpp

Show First 20 LinesShow All 58 Lines▼ Show 20 Linespublic:
Error initialiseDisassemblyMembers() { Error initialiseDisassemblyMembers() {
return FileAnalysis::initialiseDisassemblyMembers(); return FileAnalysis::initialiseDisassemblyMembers();
} }
}; };
class BasicFileAnalysisTest : public ::testing::Test { class BasicFileAnalysisTest : public ::testing::Test {
protected: protected:
virtual void SetUp() { virtual void SetUp() {
IgnoreDWARFFlag = true;
SuccessfullyInitialised = true; SuccessfullyInitialised = true;
if (auto Err = Analysis.initialiseDisassemblyMembers()) { if (auto Err = Analysis.initialiseDisassemblyMembers()) {
handleAllErrors(std::move(Err), [&](const UnsupportedDisassembly &E) { handleAllErrors(std::move(Err), [&](const UnsupportedDisassembly &E) {
SuccessfullyInitialised = false; SuccessfullyInitialised = false;
outs() outs()
<< "Note: CFIVerifyTests are disabled due to lack of x86 support " << "Note: CFIVerifyTests are disabled due to lack of x86 support "
"on this build.\n"; "on this build.\n";
}); });
▲ Show 20 LinesShow All 649 LinesShow Last 20 Lines

unittests/tools/llvm-cfi-verify/GraphBuilder.cpp

Show First 20 LinesShow All 120 Lines▼ Show 20 Linespublic:
Error initialiseDisassemblyMembers() { Error initialiseDisassemblyMembers() {
return FileAnalysis::initialiseDisassemblyMembers(); return FileAnalysis::initialiseDisassemblyMembers();
} }
}; };
class BasicGraphBuilderTest : public ::testing::Test { class BasicGraphBuilderTest : public ::testing::Test {
protected: protected:
virtual void SetUp() { virtual void SetUp() {
IgnoreDWARFFlag = true;
vlad.tsyrklevichUnsubmitted
Done
ReplyInline Actions

Could we rename this to IgnoreDwarfFlag? Would make it a little clearer what was happening here.

vlad.tsyrklevich: Could we rename this to IgnoreDwarfFlag? Would make it a little clearer what was happening here.
SuccessfullyInitialised = true; SuccessfullyInitialised = true;
if (auto Err = Analysis.initialiseDisassemblyMembers()) { if (auto Err = Analysis.initialiseDisassemblyMembers()) {
handleAllErrors(std::move(Err), [&](const UnsupportedDisassembly &E) { handleAllErrors(std::move(Err), [&](const UnsupportedDisassembly &E) {
SuccessfullyInitialised = false; SuccessfullyInitialised = false;
outs() outs()
<< "Note: CFIVerifyTests are disabled due to lack of x86 support " << "Note: CFIVerifyTests are disabled due to lack of x86 support "
"on this build.\n"; "on this build.\n";
}); });
▲ Show 20 LinesShow All 449 LinesShow Last 20 Lines