[LLVMdev] Indirect function call
Nai Xia
nelson.xia at gmail.com
Mon May 22 22:32:16 PDT 2006
On Monday 22 May 2006 22:22, Andrew Lenharth wrote:
> On Mon, 2006-05-22 at 15:33 +0800, 澶忎竴姘� wrote:
> > But my code does not always works: if the arguments are not pointer,
> > CompleteBUDataStructures not records it. So, if you want to find all indirect
> > calls, you maybe have to repair CompleteBUDataStructures. :)
>
> Not surprising, CBU is trying to do something entirely different that
> what you are.
>
> > If you do not use BUDataStructures, you can do it yourself: find all load/store
> > instructions with its destination is function type.
>
> You may want to look at how the call graph builder works. It finds all
> indirect call sites, and also finds all functions whose address escapes
> (this is, may be called indirectly).
The BasicCallGraph class only lines out the indirect calls(makes the caller point to external node),
but do not resolves them using alias analysis such as DSA.
I think DSA solve this problem for interested call sites by finding the corresponding globals(i.e. the functions)
for the callsite DSnode. Maybe 夏一民 just wanted to point out that DSA does not take all callsite into count.
But just as suggested in callgraph.h, "As an extension in the future, there may be multiple nodes with a null
function. These will be used when we can prove (through pointer analysis) that an indirect call site can
call only a specific set of functions."
Maybe Chris can us give more helpful comments.
>
> Finding indirect calls is actually easy, just check if the Op(0) of the
> call (or invoke) instruction !isa<Function>.
>
> Andrew
>
>
> _______________________________________________
> LLVM Developers mailing list
> LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
>
--
Regards,
Nai
More information about the llvm-dev
mailing list