[all-commits] [llvm/llvm-project] 66892f: [FuzzMutate] Skip EHPad during mutation and avoid ...
Henry Yu via All-commits
all-commits at lists.llvm.org
Wed Apr 26 16:46:03 PDT 2023
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 66892f25af005e42adf55f9615d4919b0cd3ac7d
https://github.com/llvm/llvm-project/commit/66892f25af005e42adf55f9615d4919b0cd3ac7d
Author: Henry Yu <hnryu at ucdavis.edu>
Date: 2023-04-26 (Wed, 26 Apr 2023)
Changed paths:
M llvm/include/llvm/FuzzMutate/IRMutator.h
M llvm/lib/FuzzMutate/IRMutator.cpp
M llvm/lib/FuzzMutate/RandomIRBuilder.cpp
M llvm/unittests/FuzzMutate/RandomIRBuilderTest.cpp
M llvm/unittests/FuzzMutate/StrategiesTest.cpp
Log Message:
-----------
[FuzzMutate] Skip EHPad during mutation and avoid replacing callee with pointer when sinking
This patch addresses 2 problems:
- In `ShuffleBlockStrategy`, when `BB` is an EHPad, `BB.getFirstInsertionPt()` will return `BB.end()`, which cannot be dereferenced and will cause crash in following loop.
- In `isCompatibleReplacement`, a call instruction's callee might be replaced by a pointer, causing 2 subproblems:
- we cannot guarantee that the pointer is a function pointer (even if it is, we cannot guarantee it matches the signature).
- after such a replacement, `getCalledFunction` will from then on return `nullptr` (since it's indirect call) which causes Segmentation Fault in the lines below.
This patch fixes the first problem by checking if a block to be mutated is an EHPad in base class `IRMutationStrategy` and skipping mutating it if so.
This patch fixes the second problem by avoiding replacing callee with pointer and adding a null check for indirect calls.
Reviewed By: Peter
Differential Revision: https://reviews.llvm.org/D148853
More information about the All-commits
mailing list