[LLVMdev] How to detect all free() calls

Dmitry Mikushin dmitry at kernelgen.org
Mon Mar 11 06:58:37 PDT 2013 

Hi Jane,

On your bitcast case: you can easily strip them using:

Function* callee =
dyn_cast<Function>(call->getCalledValue()->stripPointerCasts());

- D.

2013/3/11 Xi Wang <xi.wang at gmail.com>

> if you don't include stdlib.h, where free() is declared, you'll simply
> get a default C function signature:
>
> int free(...);
>
> On Mon, Mar 11, 2013 at 1:56 AM, Jane <270611649 at qq.com> wrote:
> > Thanks. isFreeCall() works well but for
> > %call2 = call i32 bitcast (i32 (...)* @free to i32 (i8*)*)(i8* %call1)
> > nounwind, !dbg !16
> > So I tried to figure out when the above instruction occurred.
> > When <stdlib.h> is included,   free(buf2R1); turn into  call void
> @free(i8*
> > %call1) nounwind, !dbg !16
> > when I forget to include <stdlib.h>, free(buf2R1); turn into  %call2 =
> call
> > i32 bitcast (i32 (...)* @free to i32 (i8*)*)(i8* %call1) nounwind, !dbg
> !16
> > I don't understand why this is happen. Could you explain it for me?
> >
> > ------------------ Original ------------------
> > From:  "Xi Wang"<xi.wang at gmail.com>;
> > Date:  Mon, Mar 11, 2013 12:24 PM
> > To:  "Jane"<270611649 at qq.com>;
> > Cc:  "llvmdev"<llvmdev at cs.uiuc.edu>;
> > Subject:  Re: [LLVMdev] How to detect all free() calls
> >
> > Try isFreeCall() defined in "llvm/Analysis/MemoryBuiltins.h".
> >
> > On Mon, Mar 11, 2013 at 12:17 AM, Jane <270611649 at qq.com> wrote:
> >>
> >> Hi,
> >>     I'm trying to write a pass to detect all free()/delete() call
> >> instructions in LLVM IR.The method is as follows.
> >>     First I find Call Instructions: CallInst
> *CI=dyn_cast<CallInst>(&*i);
> >>     then see if the Function name matches:
> >>                         name=CI->getCalledFunction()->getName();
> >> if(name=="_ZdlPv"||name=="_ZdaPv"||name=="free")
> >>     It worked but when  something like this occurs
> >>     %call2 = call i32 bitcast (i32 (...)* @free to i32 (i8*)*)(i8*
> %call1)
> >> nounwind, !dbg !16
> >>     It seems like a indirect function call and I don't know how to
> detect
> >> free() in such situation.
> >>     By the way, is there any way that is more convenient to detect all
> >> free()/delete() call instructions in a module except by matching the
> >> function name?
> >>
> >> _______________________________________________
> >> LLVM Developers mailing list
> >> LLVMdev at cs.uiuc.edu         http://llvm.cs.uiuc.edu
> >> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
> >>
> _______________________________________________
> LLVM Developers mailing list
> LLVMdev at cs.uiuc.edu         http://llvm.cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20130311/1134a84c/attachment.html>

More information about the llvm-dev mailing list