[PATCH] D40840: [FuzzMutate] Correctly insert sinks and sources around invoke instructions
Phabricator via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Dec 8 00:54:05 PST 2017
This revision was automatically updated to reflect the committed changes.
Closed by commit rL320136: [FuzzMutate] Correctly insert sinks and sources around invoke instructions (authored by igor.laevsky).
Changed prior to commit:
https://reviews.llvm.org/D40840?vs=125686&id=126096#toc
Repository:
rL LLVM
https://reviews.llvm.org/D40840
Files:
llvm/trunk/lib/FuzzMutate/RandomIRBuilder.cpp
llvm/trunk/unittests/FuzzMutate/RandomIRBuilderTest.cpp
Index: llvm/trunk/lib/FuzzMutate/RandomIRBuilder.cpp
===================================================================
--- llvm/trunk/lib/FuzzMutate/RandomIRBuilder.cpp
+++ llvm/trunk/lib/FuzzMutate/RandomIRBuilder.cpp
@@ -51,8 +51,10 @@
if (Ptr) {
// Create load from the chosen pointer
auto IP = BB.getFirstInsertionPt();
- if (auto *I = dyn_cast<Instruction>(Ptr))
+ if (auto *I = dyn_cast<Instruction>(Ptr)) {
IP = ++I->getIterator();
+ assert(IP != BB.end() && "guaranteed by the findPointer");
+ }
auto *NewLoad = new LoadInst(Ptr, "L", &*IP);
// Only sample this load if it really matches the descriptor
@@ -133,6 +135,11 @@
ArrayRef<Instruction *> Insts,
ArrayRef<Value *> Srcs, SourcePred Pred) {
auto IsMatchingPtr = [&Srcs, &Pred](Instruction *Inst) {
+ // Invoke instructions sometimes produce valid pointers but currently
+ // we can't insert loads or stores from them
+ if (isa<TerminatorInst>(Inst))
+ return false;
+
if (auto PtrTy = dyn_cast<PointerType>(Inst->getType()))
// TODO: Check if this is horribly expensive.
return Pred.matches(Srcs, UndefValue::get(PtrTy->getElementType()));
Index: llvm/trunk/unittests/FuzzMutate/RandomIRBuilderTest.cpp
===================================================================
--- llvm/trunk/unittests/FuzzMutate/RandomIRBuilderTest.cpp
+++ llvm/trunk/unittests/FuzzMutate/RandomIRBuilderTest.cpp
@@ -200,4 +200,40 @@
}
}
+TEST(RandomIRBuilderTest, Invokes) {
+ // Check that we never generate load or store after invoke instruction
+
+ LLVMContext Ctx;
+ const char *SourceCode =
+ "declare i32* @f()"
+ "declare i32 @personality_function()"
+ "define i32* @test() personality i32 ()* @personality_function {\n"
+ "entry:\n"
+ " %val = invoke i32* @f()\n"
+ " to label %normal unwind label %exceptional\n"
+ "normal:\n"
+ " ret i32* %val\n"
+ "exceptional:\n"
+ " %landing_pad4 = landingpad token cleanup\n"
+ " ret i32* undef\n"
+ "}";
+ auto M = parseAssembly(SourceCode, Ctx);
+
+
+ std::vector<Type *> Types = {Type::getInt8Ty(Ctx)};
+ RandomIRBuilder IB(Seed, Types);
+
+ // Get first basic block of the test function
+ Function &F = *M->getFunction("test");
+ BasicBlock &BB = *F.begin();
+
+ Instruction *Invoke = &*BB.begin();
+
+ // Find source but never insert new load after invoke
+ for (int i = 0; i < 10; ++i) {
+ (void)IB.findOrCreateSource(BB, {Invoke}, {}, fuzzerop::anyIntType());
+ ASSERT_TRUE(!verifyModule(*M, &errs()));
+ }
+}
+
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D40840.126096.patch
Type: text/x-patch
Size: 2670 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20171208/1bf514a8/attachment.bin>
More information about the llvm-commits
mailing list