StackProtector.cpp revision dfd85c142f184ba3ce5562f0eed32a908c59c076
1736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov//===-- StackProtector.cpp - Stack Protector Insertion --------------------===// 2736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// 3736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// The LLVM Compiler Infrastructure 4736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// 5736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// This file is distributed under the University of Illinois Open Source 6736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// License. See LICENSE.TXT for details. 7736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// 8736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov//===----------------------------------------------------------------------===// 9736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// 10736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// This pass inserts stack protectors into functions which need them. A variable 11736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// with a random value in it is stored onto the stack before the local variables 12736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// are allocated. Upon exiting the block, the stored value is checked. If it's 13736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// changed, then there was some sort of violation and the program aborts. 14736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov// 15736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov//===----------------------------------------------------------------------===// 16736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov 17736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov#define DEBUG_TYPE "stack-protector" 18736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov#include "llvm/CodeGen/Passes.h" 19736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov#include "llvm/Attributes.h" 204213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov#include "llvm/Constants.h" 214213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov#include "llvm/DerivedTypes.h" 224213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov#include "llvm/Function.h" 234213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov#include "llvm/Instructions.h" 24ea6fbc0981564f7bbf4c6fbb63af0175415121ceCasey Burkhardt#include "llvm/Intrinsics.h" 254213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov#include "llvm/Module.h" 264213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov#include "llvm/Pass.h" 27e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov#include "llvm/Support/CommandLine.h" 28736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov#include "llvm/Target/TargetData.h" 29e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov#include "llvm/Target/TargetLowering.h" 30736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganovusing namespace llvm; 31736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov 32e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov// SSPBufferSize - The lower bound for a buffer to be considered for stack 33e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov// smashing protection. 344213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganovstatic cl::opt<unsigned> 35f5a07905a3e025f95472a3f8d9935263e49ad6d3Svetoslav GanovSSPBufferSize("stack-protector-buffer-size", cl::init(8), 36f5a07905a3e025f95472a3f8d9935263e49ad6d3Svetoslav Ganov cl::desc("Lower bound for a buffer to be considered for " 3786783474fdec98a22bc22e224462767eab13e273Svetoslav Ganov "stack protection")); 3877276b60851a158ad3e142cb3b091d57ae5ceffbSvetoslav Ganov 39736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganovnamespace { 404213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov class VISIBILITY_HIDDEN StackProtector : public FunctionPass { 41f5a07905a3e025f95472a3f8d9935263e49ad6d3Svetoslav Ganov /// TLI - Keep a pointer of a TargetLowering to consult for determining 424213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov /// target type sizes. 43736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov const TargetLowering *TLI; 44736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov 45736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov Function *F; 46736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov Module *M; 47736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov 48736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov /// InsertStackProtectors - Insert code into the prologue and epilogue of 49736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov /// the function. 50736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov /// 51e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov /// - The prologue code loads and stores the stack guard onto the stack. 52e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov /// - The epilogue checks the value stored in the prologue against the 53e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov /// original value. It calls __stack_chk_fail if they differ. 54e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov bool InsertStackProtectors(); 55e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov 56736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov /// CreateFailBB - Create a basic block to jump to when the stack protector 57e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov /// check fails. 58e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov BasicBlock *CreateFailBB(); 59e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov 60e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov /// RequiresStackProtector - Check whether or not this function needs a 61e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov /// stack protector based upon the stack protector level. 62e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov bool RequiresStackProtector() const; 63736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov public: 64736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov static char ID; // Pass identification, replacement for typeid. 65736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov StackProtector() : FunctionPass(&ID), TLI(0) {} 66736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov StackProtector(const TargetLowering *tli) 671cf70bbf96930662cab0e699d70b62865766ff52Svetoslav Ganov : FunctionPass(&ID), TLI(tli) {} 684213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov 69736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov virtual bool runOnFunction(Function &Fn); 70736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov }; 71736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov} // end anonymous namespace 724213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov 73736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganovchar StackProtector::ID = 0; 74736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganovstatic RegisterPass<StackProtector> 75736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav GanovX("stack-protector", "Insert stack protectors"); 76736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov 77736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav GanovFunctionPass *llvm::createStackProtectorPass(const TargetLowering *tli) { 784213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov return new StackProtector(tli); 79736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov} 80736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov 81736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganovbool StackProtector::runOnFunction(Function &Fn) { 8212a024ca681d877fe16b7e087356f7aff175a218Svetoslav Ganov F = &Fn; 83736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov M = F->getParent(); 84f804420d6e37748b75478406e989c69303756980Svetoslav Ganov 85f804420d6e37748b75478406e989c69303756980Svetoslav Ganov if (!RequiresStackProtector()) return false; 86736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov 874213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov return InsertStackProtectors(); 884213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov} 894213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov 90e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov/// RequiresStackProtector - Check whether or not this function needs a stack 914213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov/// protector based upon the stack protector level. The heuristic we use is to 924213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov/// add a guard variable to functions that call alloca, and functions with 93e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov/// buffers larger than SSPBufferSize bytes. 94e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganovbool StackProtector::RequiresStackProtector() const { 95e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov if (F->hasFnAttr(Attribute::StackProtectReq)) 96e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov return true; 97e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov 98e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov if (!F->hasFnAttr(Attribute::StackProtect)) 99e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov return false; 100e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov 1014213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov const TargetData *TD = TLI->getTargetData(); 10295068e5d1bea47091e97955f271c789264994550Svetoslav Ganov 10395068e5d1bea47091e97955f271c789264994550Svetoslav Ganov for (Function::iterator I = F->begin(), E = F->end(); I != E; ++I) { 10495068e5d1bea47091e97955f271c789264994550Svetoslav Ganov BasicBlock *BB = I; 105736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov 106736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov for (BasicBlock::iterator 107736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov II = BB->begin(), IE = BB->end(); II != IE; ++II) 108e47957a0bbe2164467ff6e7a566b0c9e4689cdc9Svetoslav Ganov if (AllocaInst *AI = dyn_cast<AllocaInst>(II)) { 109e47957a0bbe2164467ff6e7a566b0c9e4689cdc9Svetoslav Ganov if (AI->isArrayAllocation()) 110e47957a0bbe2164467ff6e7a566b0c9e4689cdc9Svetoslav Ganov // This is a call to alloca with a variable size. Emit stack 111e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // protectors. 112e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov return true; 113e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov 114e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov if (const ArrayType *AT = dyn_cast<ArrayType>(AI->getAllocatedType())) { 115e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // We apparently only care about character arrays. 116e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov if (AT->getElementType() != Type::getInt8Ty(AT->getContext())) 117e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov continue; 118e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov 119e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // If an array has more than SSPBufferSize bytes of allocated space, 120e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // then we emit stack protectors. 121e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov if (SSPBufferSize <= TD->getTypeAllocSize(AT)) 122736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov return true; 123736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov } 124736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov } 125736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov } 126736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov 127736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov return false; 128736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov} 129736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov 130736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov/// InsertStackProtectors - Insert code into the prologue and epilogue of the 131736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov/// function. 132e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov/// 133e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov/// - The prologue code loads and stores the stack guard onto the stack. 134e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov/// - The epilogue checks the value stored in the prologue against the original 135e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov/// value. It calls __stack_chk_fail if they differ. 136e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganovbool StackProtector::InsertStackProtectors() { 137736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov BasicBlock *FailBB = 0; // The basic block to jump to if check fails. 138f068fed6c4c3fc2003aec19b6e7e892358179b02Svetoslav Ganov AllocaInst *AI = 0; // Place on stack that stores the stack guard. 139f068fed6c4c3fc2003aec19b6e7e892358179b02Svetoslav Ganov Constant *StackGuardVar = 0; // The stack guard variable. 140f068fed6c4c3fc2003aec19b6e7e892358179b02Svetoslav Ganov 141f068fed6c4c3fc2003aec19b6e7e892358179b02Svetoslav Ganov for (Function::iterator I = F->begin(), E = F->end(); I != E; ) { 142f068fed6c4c3fc2003aec19b6e7e892358179b02Svetoslav Ganov BasicBlock *BB = I++; 143fe304b893968887323b93764caafa66ee8ad44deSvetoslav Ganov 144f5a07905a3e025f95472a3f8d9935263e49ad6d3Svetoslav Ganov ReturnInst *RI = dyn_cast<ReturnInst>(BB->getTerminator()); 145f5a07905a3e025f95472a3f8d9935263e49ad6d3Svetoslav Ganov if (!RI) continue; 146f5a07905a3e025f95472a3f8d9935263e49ad6d3Svetoslav Ganov 14795068e5d1bea47091e97955f271c789264994550Svetoslav Ganov if (!FailBB) { 14895068e5d1bea47091e97955f271c789264994550Svetoslav Ganov // Insert code into the entry block that stores the __stack_chk_guard 14995068e5d1bea47091e97955f271c789264994550Svetoslav Ganov // variable onto the stack: 150e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // 151e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // entry: 152e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // StackGuardSlot = alloca i8* 153e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // StackGuard = load __stack_chk_guard 154e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // call void @llvm.stackprotect.create(StackGuard, StackGuardSlot) 155e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // 156e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov PointerType *PtrTy = PointerType::getUnqual( 157e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov Type::getInt8Ty(RI->getContext())); 158e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov StackGuardVar = M->getOrInsertGlobal("__stack_chk_guard", PtrTy); 159e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov 1601cf70bbf96930662cab0e699d70b62865766ff52Svetoslav Ganov BasicBlock &Entry = F->getEntryBlock(); 1611cf70bbf96930662cab0e699d70b62865766ff52Svetoslav Ganov Instruction *InsPt = &Entry.front(); 1621cf70bbf96930662cab0e699d70b62865766ff52Svetoslav Ganov 163e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov AI = new AllocaInst(PtrTy, "StackGuardSlot", InsPt); 16445af84a483165f06c04d74baba67f90da29c6ad2Svetoslav Ganov LoadInst *LI = new LoadInst(StackGuardVar, "StackGuard", false, InsPt); 1654213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov 166e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov Value *Args[] = { LI, AI }; 1674213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov CallInst:: 1684213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov Create(Intrinsic::getDeclaration(M, Intrinsic::stackprotector), 169e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov &Args[0], array_endof(Args), "", InsPt); 1704213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov 1714213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov // Create the basic block to jump to when the guard check fails. 172e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov FailBB = CreateFailBB(); 173e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov } 1744213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov 175e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // For each block with a return instruction, convert this: 176e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // 1774213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov // return: 17877276b60851a158ad3e142cb3b091d57ae5ceffbSvetoslav Ganov // ... 17977276b60851a158ad3e142cb3b091d57ae5ceffbSvetoslav Ganov // ret ... 18077276b60851a158ad3e142cb3b091d57ae5ceffbSvetoslav Ganov // 181e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // into this: 182e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // 183e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // return: 184e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // ... 185e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // %1 = load __stack_chk_guard 186e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // %2 = load StackGuardSlot 187e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // %3 = cmp i1 %1, %2 188e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // br i1 %3, label %SP_return, label %CallStackCheckFailBlk 189e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // 190e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // SP_return: 191e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // ret ... 192e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // 193e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // CallStackCheckFailBlk: 194e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // call void @__stack_chk_fail() 195e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // unreachable 196e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov 197e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // Split the basic block before the return instruction. 198e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov BasicBlock *NewBB = BB->splitBasicBlock(RI, "SP_return"); 199e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov 200aeb8d0ed0d98d398a66a092c418f4f2bca8719e0Svetoslav Ganov // Remove default branch instruction to the new BB. 201e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov BB->getTerminator()->eraseFromParent(); 202e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov 203e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // Move the newly created basic block to the point right after the old basic 204e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov // block so that it's in the "fall through" position. 205e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov NewBB->moveAfter(BB); 206e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov 2074213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov // Generate the stack protector instructions in the old basic block. 208385d9f24b5ce2acb86c0dc192ce702718ab01c39Svetoslav Ganov LoadInst *LI1 = new LoadInst(StackGuardVar, "", false, BB); 209385d9f24b5ce2acb86c0dc192ce702718ab01c39Svetoslav Ganov LoadInst *LI2 = new LoadInst(AI, "", true, BB); 210385d9f24b5ce2acb86c0dc192ce702718ab01c39Svetoslav Ganov ICmpInst *Cmp = new ICmpInst(*BB, CmpInst::ICMP_EQ, LI1, LI2, ""); 211f068fed6c4c3fc2003aec19b6e7e892358179b02Svetoslav Ganov BranchInst::Create(NewBB, FailBB, Cmp, BB); 212f068fed6c4c3fc2003aec19b6e7e892358179b02Svetoslav Ganov } 21377276b60851a158ad3e142cb3b091d57ae5ceffbSvetoslav Ganov 214736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov // Return if we didn't modify any basic blocks. I.e., there are no return 215736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov // statements in the function. 216736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov if (!FailBB) return false; 217736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov 218736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov return true; 219736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov} 2201cf70bbf96930662cab0e699d70b62865766ff52Svetoslav Ganov 22177276b60851a158ad3e142cb3b091d57ae5ceffbSvetoslav Ganov/// CreateFailBB - Create a basic block to jump to when the stack protector 222e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov/// check fails. 2234213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav GanovBasicBlock *StackProtector::CreateFailBB() { 2244213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov BasicBlock *FailBB = BasicBlock::Create(F->getContext(), 225e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov "CallStackCheckFailBlk", F); 22677276b60851a158ad3e142cb3b091d57ae5ceffbSvetoslav Ganov Constant *StackChkFail = 227e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov M->getOrInsertFunction("__stack_chk_fail", 228e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov Type::getVoidTy(F->getContext()), NULL); 229e15ccb93add99ebb9cd7aec03a04faa37f45b39dSvetoslav Ganov CallInst::Create(StackChkFail, "", FailBB); 230736c2756bf3c14ae9fef7255c119057f7a2be1edSvetoslav Ganov new UnreachableInst(F->getContext(), FailBB); 231f5a07905a3e025f95472a3f8d9935263e49ad6d3Svetoslav Ganov return FailBB; 23295068e5d1bea47091e97955f271c789264994550Svetoslav Ganov} 2334213804541a8b05cd0587b138a2fd9a3b7fd9350Svetoslav Ganov