Petsas Athanasios
2014-Apr-28 13:10 UTC
[LLVMdev] indirect calls tracking and control flow graph
Dear all, I would like to keep track of all the indirect calls that may caused from function pointers inside a program. I need this in order to be able to construct the control flow graph of all the indirect calls, that is which function is legal to call another function. Is there a module that implements this functionality in llvm? If not, is there a way to do it? Maybe through implementing a pass. I am new to llvm. Could you suggest me a way to start doing this? Perhaps the llvm intermediate code can help me on this. Do you know where this code is being produced? or what files or passes do I have to modify for this? Until now I have used this command to produce and study the llvm bitcode for a test program: clang -S -emit-llvm fpointers.c -c -o fpointers.bc.text Thank you, -- Thanasis Petsas Distributed Computing Systems (DCS) Institute of Computer Science (ICS/FORTH) Heraklion, Crete Greece (GR) http://www.thanasispetsas.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20140428/07c9b1db/attachment.html>
Amara Emerson
2014-Apr-28 16:59 UTC
[LLVMdev] indirect calls tracking and control flow graph
Hi Thanasis, You should be able to do this easily by writing a FunctionPass (see http://llvm.org/docs/WritingAnLLVMPass.html for more info) and iterating over the instructions in the function, searching for CallInst instructions and using getCalledFunction() to check if it's indirect. Amara On 28 April 2014 14:10, Petsas Athanasios <petsas at ics.forth.gr> wrote:> Dear all, > > I would like to keep track of all the indirect calls that may caused from > function > pointers inside a program. I need this in order to be able to construct the > control > flow graph of all the indirect calls, that is which function is legal to > call another > function. > > Is there a module that implements this functionality in llvm? If not, is > there a way to > do it? Maybe through implementing a pass. I am new to llvm. Could you > suggest me > a way to start doing this? Perhaps the llvm intermediate code can help me on > this. > Do you know where this code is being produced? or what files or passes do I > have > to modify for this? > > Until now I have used this command to produce and study the llvm bitcode for > a test > program: > clang -S -emit-llvm fpointers.c -c -o fpointers.bc.text > > Thank you, > > -- > Thanasis Petsas > Distributed Computing Systems (DCS) > Institute of Computer Science (ICS/FORTH) > Heraklion, Crete > Greece (GR) > > http://www.thanasispetsas.com/ > > _______________________________________________ > LLVM Developers mailing list > LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu > http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev >
Petsas Athanasios
2014-Apr-28 18:14 UTC
[LLVMdev] indirect calls tracking and control flow graph
Thank you very much for the information! I will try it out! Thanasis On Mon, Apr 28, 2014 at 7:59 PM, Amara Emerson <amara.emerson at gmail.com>wrote:> Hi Thanasis, > > You should be able to do this easily by writing a FunctionPass (see > http://llvm.org/docs/WritingAnLLVMPass.html for more info) and > iterating over the instructions in the function, searching for > CallInst instructions and using getCalledFunction() to check if it's > indirect. > > Amara > > On 28 April 2014 14:10, Petsas Athanasios <petsas at ics.forth.gr> wrote: > > Dear all, > > > > I would like to keep track of all the indirect calls that may caused from > > function > > pointers inside a program. I need this in order to be able to construct > the > > control > > flow graph of all the indirect calls, that is which function is legal to > > call another > > function. > > > > Is there a module that implements this functionality in llvm? If not, is > > there a way to > > do it? Maybe through implementing a pass. I am new to llvm. Could you > > suggest me > > a way to start doing this? Perhaps the llvm intermediate code can help > me on > > this. > > Do you know where this code is being produced? or what files or passes > do I > > have > > to modify for this? > > > > Until now I have used this command to produce and study the llvm bitcode > for > > a test > > program: > > clang -S -emit-llvm fpointers.c -c -o fpointers.bc.text > > > > Thank you, > > > > -- > > Thanasis Petsas > > Distributed Computing Systems (DCS) > > Institute of Computer Science (ICS/FORTH) > > Heraklion, Crete > > Greece (GR) > > > > http://www.thanasispetsas.com/ > > > > _______________________________________________ > > LLVM Developers mailing list > > LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu > > http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev > > >-- Thanasis Petsas Distributed Computing Systems (DCS) Institute of Computer Science (ICS/FORTH) Heraklion, Crete Greece (GR) http://www.thanasispetsas.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20140428/ba7c8d77/attachment.html>
John Criswell
2014-Apr-28 19:30 UTC
[LLVMdev] indirect calls tracking and control flow graph
Dear Petsas, For analyzing indirect function calls, your best bet is probably to use the CallGraph analysis pass that is part of DSA. DSA is included in the poolalloc code; you can get directions on downloading poolalloc from the SVA web page: http://sva.cs.illinois.edu/docs/Install.html. The release_32 branch works with LLVM 3.2. I think mainline poolalloc was recently updated to work with LLVM 3.4. Regards, John Criswell On 4/28/14 8:10 AM, Petsas Athanasios wrote:> Dear all, > > I would like to keep track of all the indirect calls that may caused > from function > pointers inside a program. I need this in order to be able to > construct the control > flow graph of all the indirect calls, that is which function is legal > to call another > function. > > Is there a module that implements this functionality in llvm? If not, > is there a way to > do it? Maybe through implementing a pass. I am new to llvm. Could you > suggest me > a way to start doing this? Perhaps the llvm intermediate code can help > me on this. > Do you know where this code is being produced? or what files or passes > do I have > to modify for this? > > Until now I have used this command to produce and study the llvm > bitcode for a test > program: > clang -S -emit-llvm fpointers.c -c -o fpointers.bc.text > > Thank you, > > -- > Thanasis Petsas > Distributed Computing Systems (DCS) > Institute of Computer Science (ICS/FORTH) > Heraklion, Crete > Greece (GR) > > http://www.thanasispetsas.com/ > > > _______________________________________________ > LLVM Developers mailing list > LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu > http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20140428/480e8692/attachment.html>
Petsas Athanasios
2014-Apr-28 20:41 UTC
[LLVMdev] indirect calls tracking and control flow graph
Thank you! I 'll check this out too. On Mon, Apr 28, 2014 at 10:30 PM, John Criswell <criswell at illinois.edu>wrote:> Dear Petsas, > > For analyzing indirect function calls, your best bet is probably to use > the CallGraph analysis pass that is part of DSA. DSA is included in the > poolalloc code; you can get directions on downloading poolalloc from the > SVA web page: http://sva.cs.illinois.edu/docs/Install.html. > > The release_32 branch works with LLVM 3.2. I think mainline poolalloc was > recently updated to work with LLVM 3.4. > > Regards, > > John Criswell > > > > On 4/28/14 8:10 AM, Petsas Athanasios wrote: > > Dear all, > > I would like to keep track of all the indirect calls that may caused from > function > pointers inside a program. I need this in order to be able to construct > the control > flow graph of all the indirect calls, that is which function is legal to > call another > function. > > Is there a module that implements this functionality in llvm? If not, is > there a way to > do it? Maybe through implementing a pass. I am new to llvm. Could you > suggest me > a way to start doing this? Perhaps the llvm intermediate code can help > me on this. > Do you know where this code is being produced? or what files or passes > do I have > to modify for this? > > Until now I have used this command to produce and study the llvm bitcode > for a test > program: > clang -S -emit-llvm fpointers.c -c -o fpointers.bc.text > > Thank you, > > -- > Thanasis Petsas > Distributed Computing Systems (DCS) > Institute of Computer Science (ICS/FORTH) > Heraklion, Crete > Greece (GR) > > http://www.thanasispetsas.com/ > > > _______________________________________________ > LLVM Developers mailing listLLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.eduhttp://lists.cs.uiuc.edu/mailman/listinfo/llvmdev > > >-- Thanasis Petsas Distributed Computing Systems (DCS) Institute of Computer Science (ICS/FORTH) Heraklion, Crete Greece (GR) http://www.thanasispetsas.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20140428/3dfddf32/attachment.html>
John Criswell
2014-Apr-28 20:44 UTC
[LLVMdev] indirect calls tracking and control flow graph
On 4/28/14 11:59 AM, Amara Emerson wrote:> Hi Thanasis, > > You should be able to do this easily by writing a FunctionPass (see > http://llvm.org/docs/WritingAnLLVMPass.html for more info) and > iterating over the instructions in the function, searching for > CallInst instructions and using getCalledFunction() to check if it's > indirect.This will allow you to determine whether a call is an indirect function call, but it won't give you the targets of the indirect function calls. To get the targets, you need to use a CallGraph analysis (like the one in DSA). Regards, John Criswell> > Amara > > On 28 April 2014 14:10, Petsas Athanasios <petsas at ics.forth.gr> wrote: >> Dear all, >> >> I would like to keep track of all the indirect calls that may caused from >> function >> pointers inside a program. I need this in order to be able to construct the >> control >> flow graph of all the indirect calls, that is which function is legal to >> call another >> function. >> >> Is there a module that implements this functionality in llvm? If not, is >> there a way to >> do it? Maybe through implementing a pass. I am new to llvm. Could you >> suggest me >> a way to start doing this? Perhaps the llvm intermediate code can help me on >> this. >> Do you know where this code is being produced? or what files or passes do I >> have >> to modify for this? >> >> Until now I have used this command to produce and study the llvm bitcode for >> a test >> program: >> clang -S -emit-llvm fpointers.c -c -o fpointers.bc.text >> >> Thank you, >> >> -- >> Thanasis Petsas >> Distributed Computing Systems (DCS) >> Institute of Computer Science (ICS/FORTH) >> Heraklion, Crete >> Greece (GR) >> >> http://www.thanasispetsas.com/ >> >> _______________________________________________ >> LLVM Developers mailing list >> LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu >> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev >> > _______________________________________________ > LLVM Developers mailing list > LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu > http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
Petsas Athanasios
2014-May-02 14:49 UTC
[LLVMdev] indirect calls tracking and control flow graph
On Mon, Apr 28, 2014 at 10:30 PM, John Criswell <criswell at illinois.edu>wrote:> Dear Petsas, > > For analyzing indirect function calls, your best bet is probably to use > the CallGraph analysis pass that is part of DSA. DSA is included in the > poolalloc code; you can get directions on downloading poolalloc from the > SVA web page: http://sva.cs.illinois.edu/docs/Install.html. > > The release_32 branch works with LLVM 3.2. I think mainline poolalloc was > recently updated to work with LLVM 3.4. >Do you know where I can find mainline poolalloc so as I can compile it with LLVM 3.4 ?> > Regards, > > John Criswell > > > > On 4/28/14 8:10 AM, Petsas Athanasios wrote: > > Dear all, > > I would like to keep track of all the indirect calls that may caused from > function > pointers inside a program. I need this in order to be able to construct > the control > flow graph of all the indirect calls, that is which function is legal to > call another > function. > > Is there a module that implements this functionality in llvm? If not, is > there a way to > do it? Maybe through implementing a pass. I am new to llvm. Could you > suggest me > a way to start doing this? Perhaps the llvm intermediate code can help > me on this. > Do you know where this code is being produced? or what files or passes > do I have > to modify for this? > > Until now I have used this command to produce and study the llvm bitcode > for a test > program: > clang -S -emit-llvm fpointers.c -c -o fpointers.bc.text > > Thank you, > > -- > Thanasis Petsas > Distributed Computing Systems (DCS) > Institute of Computer Science (ICS/FORTH) > Heraklion, Crete > Greece (GR) > > http://www.thanasispetsas.com/ > > > _______________________________________________ > LLVM Developers mailing listLLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.eduhttp://lists.cs.uiuc.edu/mailman/listinfo/llvmdev > > >-- Thanasis Petsas Distributed Computing Systems (DCS) Institute of Computer Science (ICS/FORTH) Heraklion, Crete Greece (GR) http://www.thanasispetsas.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20140502/f3e23737/attachment.html>
Maybe Matching Threads
- [LLVMdev] indirect calls tracking and control flow graph
- [LLVMdev] indirect calls tracking and control flow graph
- [LLVMdev] How to extract the starting address of each basic block with llvm?
- Doveadm field for message body without attachments
- ANCOVA post-hoc test