Hi:
During your handling, if calledFunction is nullptr, you need to call
calledValue->stripPointerCasts() and check if the stripped value is a
function because these are direct calls in the generated assembly as well. For
example Objective-C’s objc_msgSend call is usually bitcasted and needs to be
handled this way
Zhang
> 在 2018年8月6日,15:37,Muhui Jiang via llvm-dev <llvm-dev at
lists.llvm.org> 写道:
>
> Hi
>
> I am working on a project related to the indirect calls in a binary.
>
> I know it would be rather hard to know the called functions statically.
>
> However, is it able to know how many possibilities in total for every
indirect call?
>
> Further more. I write a LLVM pass to help me to first locate all the
indirect calls.
>
> First, I use CallInst * callInst = dyn_cast<CallInst>(&I) to help
me to check whether this is a callinst.
>
> Then, I use
>
> if(Function *calledFunction = callInst->getCalledFunction()){
> direct call
> }
> else{
> indirect call
> }
>
> I am not sure whether this is a good way to locate all the indirect alls.
>
> As you can see, below is a piece of code in libxml2.
> if (uqname != NULL) {
> cur = xmlHashLookup3(table, uqname, prefix, elem);
> 3285: if (prefix != NULL) xmlFree(prefix);
> 3286: if (uqname != NULL) xmlFree(uqname);
> } else
> cur = xmlHashLookup3(table, name, NULL, elem);
> return(cur);
>
> The LLVM pass will think that are indirect calls. I don't understand
why.
> if (prefix != NULL) xmlFree(prefix);
> if (uqname != NULL) xmlFree(uqname);
> Some IR is below:
>
> Source Line:3285|Column:22|File:valid.c|IR: %9 = load void (i8*)*, void
(i8*)** @xmlFree, align 8, !dbg !12809, !tbaa !12786
> Source Line:3285|Column:22|File:valid.c|IR: call void %9(i8* nonnull %8)
#4, !dbg !12809
> Source Line:3285|Column:22|File:valid.c|IR: br label
%"valid.c:3286:", !dbg !12809
>
>
> If you need more information, please tell me. Many Thanks
>
> Regards
> Muhui
>
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.llvm.org/pipermail/llvm-dev/attachments/20180806/544a95fe/attachment.html>