1f22ef01cSRoman Divacky //===-- StackProtector.cpp - Stack Protector Insertion --------------------===// 2f22ef01cSRoman Divacky // 3f22ef01cSRoman Divacky // The LLVM Compiler Infrastructure 4f22ef01cSRoman Divacky // 5f22ef01cSRoman Divacky // This file is distributed under the University of Illinois Open Source 6f22ef01cSRoman Divacky // License. See LICENSE.TXT for details. 7f22ef01cSRoman Divacky // 8f22ef01cSRoman Divacky //===----------------------------------------------------------------------===// 9f22ef01cSRoman Divacky // 10f22ef01cSRoman Divacky // This pass inserts stack protectors into functions which need them. A variable 11f22ef01cSRoman Divacky // with a random value in it is stored onto the stack before the local variables 12f22ef01cSRoman Divacky // are allocated. Upon exiting the block, the stored value is checked. If it's 13f22ef01cSRoman Divacky // changed, then there was some sort of violation and the program aborts. 14f22ef01cSRoman Divacky // 15f22ef01cSRoman Divacky //===----------------------------------------------------------------------===// 16f22ef01cSRoman Divacky 17f22ef01cSRoman Divacky #define DEBUG_TYPE "stack-protector" 18f22ef01cSRoman Divacky #include "llvm/CodeGen/Passes.h" 19139f7f9bSDimitry Andric #include "llvm/ADT/SmallPtrSet.h" 20139f7f9bSDimitry Andric #include "llvm/ADT/Statistic.h" 21139f7f9bSDimitry Andric #include "llvm/ADT/Triple.h" 222754fe60SDimitry Andric #include "llvm/Analysis/Dominators.h" 23139f7f9bSDimitry Andric #include "llvm/IR/Attributes.h" 24139f7f9bSDimitry Andric #include "llvm/IR/Constants.h" 25139f7f9bSDimitry Andric #include "llvm/IR/DataLayout.h" 26139f7f9bSDimitry Andric #include "llvm/IR/DerivedTypes.h" 27139f7f9bSDimitry Andric #include "llvm/IR/Function.h" 28139f7f9bSDimitry Andric #include "llvm/IR/Instructions.h" 29139f7f9bSDimitry Andric #include "llvm/IR/Intrinsics.h" 30139f7f9bSDimitry Andric #include "llvm/IR/Module.h" 31f22ef01cSRoman Divacky #include "llvm/Pass.h" 32f22ef01cSRoman Divacky #include "llvm/Support/CommandLine.h" 33f22ef01cSRoman Divacky #include "llvm/Target/TargetLowering.h" 34f22ef01cSRoman Divacky using namespace llvm; 35f22ef01cSRoman Divacky 36139f7f9bSDimitry Andric STATISTIC(NumFunProtected, "Number of functions protected"); 37139f7f9bSDimitry Andric STATISTIC(NumAddrTaken, "Number of local variables that have their address" 38139f7f9bSDimitry Andric " taken."); 39139f7f9bSDimitry Andric 40f22ef01cSRoman Divacky namespace { 41f22ef01cSRoman Divacky class StackProtector : public FunctionPass { 42f22ef01cSRoman Divacky /// TLI - Keep a pointer of a TargetLowering to consult for determining 43f22ef01cSRoman Divacky /// target type sizes. 44139f7f9bSDimitry Andric const TargetLoweringBase *TLI; 45f22ef01cSRoman Divacky 46f22ef01cSRoman Divacky Function *F; 47f22ef01cSRoman Divacky Module *M; 48f22ef01cSRoman Divacky 492754fe60SDimitry Andric DominatorTree *DT; 502754fe60SDimitry Andric 51139f7f9bSDimitry Andric /// VisitedPHIs - The set of PHI nodes visited when determining 52139f7f9bSDimitry Andric /// if a variable's reference has been taken. This set 53139f7f9bSDimitry Andric /// is maintained to ensure we don't visit the same PHI node multiple 54139f7f9bSDimitry Andric /// times. 55139f7f9bSDimitry Andric SmallPtrSet<const PHINode*, 16> VisitedPHIs; 56139f7f9bSDimitry Andric 57f22ef01cSRoman Divacky /// InsertStackProtectors - Insert code into the prologue and epilogue of 58f22ef01cSRoman Divacky /// the function. 59f22ef01cSRoman Divacky /// 60f22ef01cSRoman Divacky /// - The prologue code loads and stores the stack guard onto the stack. 61f22ef01cSRoman Divacky /// - The epilogue checks the value stored in the prologue against the 62f22ef01cSRoman Divacky /// original value. It calls __stack_chk_fail if they differ. 63f22ef01cSRoman Divacky bool InsertStackProtectors(); 64f22ef01cSRoman Divacky 65f22ef01cSRoman Divacky /// CreateFailBB - Create a basic block to jump to when the stack protector 66f22ef01cSRoman Divacky /// check fails. 67f22ef01cSRoman Divacky BasicBlock *CreateFailBB(); 68f22ef01cSRoman Divacky 693861d79fSDimitry Andric /// ContainsProtectableArray - Check whether the type either is an array or 703861d79fSDimitry Andric /// contains an array of sufficient size so that we need stack protectors 713861d79fSDimitry Andric /// for it. 72139f7f9bSDimitry Andric bool ContainsProtectableArray(Type *Ty, bool Strong = false, 73139f7f9bSDimitry Andric bool InStruct = false) const; 74139f7f9bSDimitry Andric 75139f7f9bSDimitry Andric /// \brief Check whether a stack allocation has its address taken. 76139f7f9bSDimitry Andric bool HasAddressTaken(const Instruction *AI); 773861d79fSDimitry Andric 78f22ef01cSRoman Divacky /// RequiresStackProtector - Check whether or not this function needs a 79f22ef01cSRoman Divacky /// stack protector based upon the stack protector level. 80139f7f9bSDimitry Andric bool RequiresStackProtector(); 81f22ef01cSRoman Divacky public: 82f22ef01cSRoman Divacky static char ID; // Pass identification, replacement for typeid. 832754fe60SDimitry Andric StackProtector() : FunctionPass(ID), TLI(0) { 842754fe60SDimitry Andric initializeStackProtectorPass(*PassRegistry::getPassRegistry()); 852754fe60SDimitry Andric } 86139f7f9bSDimitry Andric StackProtector(const TargetLoweringBase *tli) 872754fe60SDimitry Andric : FunctionPass(ID), TLI(tli) { 882754fe60SDimitry Andric initializeStackProtectorPass(*PassRegistry::getPassRegistry()); 892754fe60SDimitry Andric } 902754fe60SDimitry Andric 912754fe60SDimitry Andric virtual void getAnalysisUsage(AnalysisUsage &AU) const { 922754fe60SDimitry Andric AU.addPreserved<DominatorTree>(); 932754fe60SDimitry Andric } 94f22ef01cSRoman Divacky 95f22ef01cSRoman Divacky virtual bool runOnFunction(Function &Fn); 96f22ef01cSRoman Divacky }; 97f22ef01cSRoman Divacky } // end anonymous namespace 98f22ef01cSRoman Divacky 99f22ef01cSRoman Divacky char StackProtector::ID = 0; 100e580952dSDimitry Andric INITIALIZE_PASS(StackProtector, "stack-protector", 1012754fe60SDimitry Andric "Insert stack protectors", false, false) 102f22ef01cSRoman Divacky 103139f7f9bSDimitry Andric FunctionPass *llvm::createStackProtectorPass(const TargetLoweringBase *tli) { 104f22ef01cSRoman Divacky return new StackProtector(tli); 105f22ef01cSRoman Divacky } 106f22ef01cSRoman Divacky 107f22ef01cSRoman Divacky bool StackProtector::runOnFunction(Function &Fn) { 108f22ef01cSRoman Divacky F = &Fn; 109f22ef01cSRoman Divacky M = F->getParent(); 1102754fe60SDimitry Andric DT = getAnalysisIfAvailable<DominatorTree>(); 111f22ef01cSRoman Divacky 112f22ef01cSRoman Divacky if (!RequiresStackProtector()) return false; 113f22ef01cSRoman Divacky 114139f7f9bSDimitry Andric ++NumFunProtected; 115f22ef01cSRoman Divacky return InsertStackProtectors(); 116f22ef01cSRoman Divacky } 117f22ef01cSRoman Divacky 1183861d79fSDimitry Andric /// ContainsProtectableArray - Check whether the type either is an array or 1193861d79fSDimitry Andric /// contains a char array of sufficient size so that we need stack protectors 1203861d79fSDimitry Andric /// for it. 121139f7f9bSDimitry Andric bool StackProtector::ContainsProtectableArray(Type *Ty, bool Strong, 122139f7f9bSDimitry Andric bool InStruct) const { 1233861d79fSDimitry Andric if (!Ty) return false; 1243861d79fSDimitry Andric if (ArrayType *AT = dyn_cast<ArrayType>(Ty)) { 125139f7f9bSDimitry Andric // In strong mode any array, regardless of type and size, triggers a 126139f7f9bSDimitry Andric // protector 127139f7f9bSDimitry Andric if (Strong) 128139f7f9bSDimitry Andric return true; 1293861d79fSDimitry Andric const TargetMachine &TM = TLI->getTargetMachine(); 1303861d79fSDimitry Andric if (!AT->getElementType()->isIntegerTy(8)) { 1313861d79fSDimitry Andric Triple Trip(TM.getTargetTriple()); 1323861d79fSDimitry Andric 1333861d79fSDimitry Andric // If we're on a non-Darwin platform or we're inside of a structure, don't 1343861d79fSDimitry Andric // add stack protectors unless the array is a character array. 1353861d79fSDimitry Andric if (InStruct || !Trip.isOSDarwin()) 1363861d79fSDimitry Andric return false; 1373861d79fSDimitry Andric } 1383861d79fSDimitry Andric 1393861d79fSDimitry Andric // If an array has more than SSPBufferSize bytes of allocated space, then we 1403861d79fSDimitry Andric // emit stack protectors. 1413861d79fSDimitry Andric if (TM.Options.SSPBufferSize <= TLI->getDataLayout()->getTypeAllocSize(AT)) 1423861d79fSDimitry Andric return true; 1433861d79fSDimitry Andric } 1443861d79fSDimitry Andric 1453861d79fSDimitry Andric const StructType *ST = dyn_cast<StructType>(Ty); 1463861d79fSDimitry Andric if (!ST) return false; 1473861d79fSDimitry Andric 1483861d79fSDimitry Andric for (StructType::element_iterator I = ST->element_begin(), 1493861d79fSDimitry Andric E = ST->element_end(); I != E; ++I) 150139f7f9bSDimitry Andric if (ContainsProtectableArray(*I, Strong, true)) 1513861d79fSDimitry Andric return true; 1523861d79fSDimitry Andric 1533861d79fSDimitry Andric return false; 1543861d79fSDimitry Andric } 1553861d79fSDimitry Andric 156139f7f9bSDimitry Andric bool StackProtector::HasAddressTaken(const Instruction *AI) { 157139f7f9bSDimitry Andric for (Value::const_use_iterator UI = AI->use_begin(), UE = AI->use_end(); 158139f7f9bSDimitry Andric UI != UE; ++UI) { 159139f7f9bSDimitry Andric const User *U = *UI; 160139f7f9bSDimitry Andric if (const StoreInst *SI = dyn_cast<StoreInst>(U)) { 161139f7f9bSDimitry Andric if (AI == SI->getValueOperand()) 162f22ef01cSRoman Divacky return true; 163139f7f9bSDimitry Andric } else if (const PtrToIntInst *SI = dyn_cast<PtrToIntInst>(U)) { 164139f7f9bSDimitry Andric if (AI == SI->getOperand(0)) 165139f7f9bSDimitry Andric return true; 166139f7f9bSDimitry Andric } else if (isa<CallInst>(U)) { 167139f7f9bSDimitry Andric return true; 168139f7f9bSDimitry Andric } else if (isa<InvokeInst>(U)) { 169139f7f9bSDimitry Andric return true; 170139f7f9bSDimitry Andric } else if (const SelectInst *SI = dyn_cast<SelectInst>(U)) { 171139f7f9bSDimitry Andric if (HasAddressTaken(SI)) 172139f7f9bSDimitry Andric return true; 173139f7f9bSDimitry Andric } else if (const PHINode *PN = dyn_cast<PHINode>(U)) { 174139f7f9bSDimitry Andric // Keep track of what PHI nodes we have already visited to ensure 175139f7f9bSDimitry Andric // they are only visited once. 176139f7f9bSDimitry Andric if (VisitedPHIs.insert(PN)) 177139f7f9bSDimitry Andric if (HasAddressTaken(PN)) 178139f7f9bSDimitry Andric return true; 179139f7f9bSDimitry Andric } else if (const GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(U)) { 180139f7f9bSDimitry Andric if (HasAddressTaken(GEP)) 181139f7f9bSDimitry Andric return true; 182139f7f9bSDimitry Andric } else if (const BitCastInst *BI = dyn_cast<BitCastInst>(U)) { 183139f7f9bSDimitry Andric if (HasAddressTaken(BI)) 184139f7f9bSDimitry Andric return true; 185139f7f9bSDimitry Andric } 186139f7f9bSDimitry Andric } 187139f7f9bSDimitry Andric return false; 188139f7f9bSDimitry Andric } 189f22ef01cSRoman Divacky 190139f7f9bSDimitry Andric /// \brief Check whether or not this function needs a stack protector based 191139f7f9bSDimitry Andric /// upon the stack protector level. 192139f7f9bSDimitry Andric /// 193139f7f9bSDimitry Andric /// We use two heuristics: a standard (ssp) and strong (sspstrong). 194139f7f9bSDimitry Andric /// The standard heuristic which will add a guard variable to functions that 195139f7f9bSDimitry Andric /// call alloca with a either a variable size or a size >= SSPBufferSize, 196139f7f9bSDimitry Andric /// functions with character buffers larger than SSPBufferSize, and functions 197139f7f9bSDimitry Andric /// with aggregates containing character buffers larger than SSPBufferSize. The 198139f7f9bSDimitry Andric /// strong heuristic will add a guard variables to functions that call alloca 199139f7f9bSDimitry Andric /// regardless of size, functions with any buffer regardless of type and size, 200139f7f9bSDimitry Andric /// functions with aggregates that contain any buffer regardless of type and 201139f7f9bSDimitry Andric /// size, and functions that contain stack-based variables that have had their 202139f7f9bSDimitry Andric /// address taken. 203139f7f9bSDimitry Andric bool StackProtector::RequiresStackProtector() { 204139f7f9bSDimitry Andric bool Strong = false; 205139f7f9bSDimitry Andric if (F->getAttributes().hasAttribute(AttributeSet::FunctionIndex, 206139f7f9bSDimitry Andric Attribute::StackProtectReq)) 207139f7f9bSDimitry Andric return true; 208139f7f9bSDimitry Andric else if (F->getAttributes().hasAttribute(AttributeSet::FunctionIndex, 209139f7f9bSDimitry Andric Attribute::StackProtectStrong)) 210139f7f9bSDimitry Andric Strong = true; 211139f7f9bSDimitry Andric else if (!F->getAttributes().hasAttribute(AttributeSet::FunctionIndex, 212139f7f9bSDimitry Andric Attribute::StackProtect)) 213f22ef01cSRoman Divacky return false; 214f22ef01cSRoman Divacky 215f22ef01cSRoman Divacky for (Function::iterator I = F->begin(), E = F->end(); I != E; ++I) { 216f22ef01cSRoman Divacky BasicBlock *BB = I; 217f22ef01cSRoman Divacky 218f22ef01cSRoman Divacky for (BasicBlock::iterator 219139f7f9bSDimitry Andric II = BB->begin(), IE = BB->end(); II != IE; ++II) { 220f22ef01cSRoman Divacky if (AllocaInst *AI = dyn_cast<AllocaInst>(II)) { 221139f7f9bSDimitry Andric if (AI->isArrayAllocation()) { 222139f7f9bSDimitry Andric // SSP-Strong: Enable protectors for any call to alloca, regardless 223139f7f9bSDimitry Andric // of size. 224139f7f9bSDimitry Andric if (Strong) 225f22ef01cSRoman Divacky return true; 226f22ef01cSRoman Divacky 227139f7f9bSDimitry Andric if (const ConstantInt *CI = 228139f7f9bSDimitry Andric dyn_cast<ConstantInt>(AI->getArraySize())) { 229139f7f9bSDimitry Andric unsigned BufferSize = TLI->getTargetMachine().Options.SSPBufferSize; 230139f7f9bSDimitry Andric if (CI->getLimitedValue(BufferSize) >= BufferSize) 231139f7f9bSDimitry Andric // A call to alloca with size >= SSPBufferSize requires 232139f7f9bSDimitry Andric // stack protectors. 233f22ef01cSRoman Divacky return true; 234139f7f9bSDimitry Andric } else // A call to alloca with a variable size requires protectors. 235139f7f9bSDimitry Andric return true; 236139f7f9bSDimitry Andric } 237139f7f9bSDimitry Andric 238139f7f9bSDimitry Andric if (ContainsProtectableArray(AI->getAllocatedType(), Strong)) 239139f7f9bSDimitry Andric return true; 240139f7f9bSDimitry Andric 241139f7f9bSDimitry Andric if (Strong && HasAddressTaken(AI)) { 242139f7f9bSDimitry Andric ++NumAddrTaken; 243139f7f9bSDimitry Andric return true; 244139f7f9bSDimitry Andric } 245139f7f9bSDimitry Andric } 246f22ef01cSRoman Divacky } 247f22ef01cSRoman Divacky } 248f22ef01cSRoman Divacky 249f22ef01cSRoman Divacky return false; 250f22ef01cSRoman Divacky } 251f22ef01cSRoman Divacky 252f22ef01cSRoman Divacky /// InsertStackProtectors - Insert code into the prologue and epilogue of the 253f22ef01cSRoman Divacky /// function. 254f22ef01cSRoman Divacky /// 255f22ef01cSRoman Divacky /// - The prologue code loads and stores the stack guard onto the stack. 256f22ef01cSRoman Divacky /// - The epilogue checks the value stored in the prologue against the original 257f22ef01cSRoman Divacky /// value. It calls __stack_chk_fail if they differ. 258f22ef01cSRoman Divacky bool StackProtector::InsertStackProtectors() { 259f22ef01cSRoman Divacky BasicBlock *FailBB = 0; // The basic block to jump to if check fails. 2602754fe60SDimitry Andric BasicBlock *FailBBDom = 0; // FailBB's dominator. 261f22ef01cSRoman Divacky AllocaInst *AI = 0; // Place on stack that stores the stack guard. 262ffd1746dSEd Schouten Value *StackGuardVar = 0; // The stack guard variable. 263f22ef01cSRoman Divacky 264f22ef01cSRoman Divacky for (Function::iterator I = F->begin(), E = F->end(); I != E; ) { 265f22ef01cSRoman Divacky BasicBlock *BB = I++; 266f22ef01cSRoman Divacky ReturnInst *RI = dyn_cast<ReturnInst>(BB->getTerminator()); 267f22ef01cSRoman Divacky if (!RI) continue; 268f22ef01cSRoman Divacky 269f22ef01cSRoman Divacky if (!FailBB) { 270f22ef01cSRoman Divacky // Insert code into the entry block that stores the __stack_chk_guard 271f22ef01cSRoman Divacky // variable onto the stack: 272f22ef01cSRoman Divacky // 273f22ef01cSRoman Divacky // entry: 274f22ef01cSRoman Divacky // StackGuardSlot = alloca i8* 275f22ef01cSRoman Divacky // StackGuard = load __stack_chk_guard 276f22ef01cSRoman Divacky // call void @llvm.stackprotect.create(StackGuard, StackGuardSlot) 277f22ef01cSRoman Divacky // 2786122f3e6SDimitry Andric PointerType *PtrTy = Type::getInt8PtrTy(RI->getContext()); 279ffd1746dSEd Schouten unsigned AddressSpace, Offset; 280ffd1746dSEd Schouten if (TLI->getStackCookieLocation(AddressSpace, Offset)) { 281ffd1746dSEd Schouten Constant *OffsetVal = 282ffd1746dSEd Schouten ConstantInt::get(Type::getInt32Ty(RI->getContext()), Offset); 283ffd1746dSEd Schouten 284ffd1746dSEd Schouten StackGuardVar = ConstantExpr::getIntToPtr(OffsetVal, 285ffd1746dSEd Schouten PointerType::get(PtrTy, AddressSpace)); 286ffd1746dSEd Schouten } else { 287f22ef01cSRoman Divacky StackGuardVar = M->getOrInsertGlobal("__stack_chk_guard", PtrTy); 288ffd1746dSEd Schouten } 289f22ef01cSRoman Divacky 290f22ef01cSRoman Divacky BasicBlock &Entry = F->getEntryBlock(); 291f22ef01cSRoman Divacky Instruction *InsPt = &Entry.front(); 292f22ef01cSRoman Divacky 293f22ef01cSRoman Divacky AI = new AllocaInst(PtrTy, "StackGuardSlot", InsPt); 294f22ef01cSRoman Divacky LoadInst *LI = new LoadInst(StackGuardVar, "StackGuard", false, InsPt); 295f22ef01cSRoman Divacky 296f22ef01cSRoman Divacky Value *Args[] = { LI, AI }; 297f22ef01cSRoman Divacky CallInst:: 298f22ef01cSRoman Divacky Create(Intrinsic::getDeclaration(M, Intrinsic::stackprotector), 29917a519f9SDimitry Andric Args, "", InsPt); 300f22ef01cSRoman Divacky 301f22ef01cSRoman Divacky // Create the basic block to jump to when the guard check fails. 302f22ef01cSRoman Divacky FailBB = CreateFailBB(); 303f22ef01cSRoman Divacky } 304f22ef01cSRoman Divacky 305f22ef01cSRoman Divacky // For each block with a return instruction, convert this: 306f22ef01cSRoman Divacky // 307f22ef01cSRoman Divacky // return: 308f22ef01cSRoman Divacky // ... 309f22ef01cSRoman Divacky // ret ... 310f22ef01cSRoman Divacky // 311f22ef01cSRoman Divacky // into this: 312f22ef01cSRoman Divacky // 313f22ef01cSRoman Divacky // return: 314f22ef01cSRoman Divacky // ... 315f22ef01cSRoman Divacky // %1 = load __stack_chk_guard 316f22ef01cSRoman Divacky // %2 = load StackGuardSlot 317f22ef01cSRoman Divacky // %3 = cmp i1 %1, %2 318f22ef01cSRoman Divacky // br i1 %3, label %SP_return, label %CallStackCheckFailBlk 319f22ef01cSRoman Divacky // 320f22ef01cSRoman Divacky // SP_return: 321f22ef01cSRoman Divacky // ret ... 322f22ef01cSRoman Divacky // 323f22ef01cSRoman Divacky // CallStackCheckFailBlk: 324f22ef01cSRoman Divacky // call void @__stack_chk_fail() 325f22ef01cSRoman Divacky // unreachable 326f22ef01cSRoman Divacky 327f22ef01cSRoman Divacky // Split the basic block before the return instruction. 328f22ef01cSRoman Divacky BasicBlock *NewBB = BB->splitBasicBlock(RI, "SP_return"); 3293b0f4066SDimitry Andric 3303b0f4066SDimitry Andric if (DT && DT->isReachableFromEntry(BB)) { 3313b0f4066SDimitry Andric DT->addNewBlock(NewBB, BB); 3323b0f4066SDimitry Andric FailBBDom = FailBBDom ? DT->findNearestCommonDominator(FailBBDom, BB) :BB; 3332754fe60SDimitry Andric } 334f22ef01cSRoman Divacky 335f22ef01cSRoman Divacky // Remove default branch instruction to the new BB. 336f22ef01cSRoman Divacky BB->getTerminator()->eraseFromParent(); 337f22ef01cSRoman Divacky 338f22ef01cSRoman Divacky // Move the newly created basic block to the point right after the old basic 339f22ef01cSRoman Divacky // block so that it's in the "fall through" position. 340f22ef01cSRoman Divacky NewBB->moveAfter(BB); 341f22ef01cSRoman Divacky 342f22ef01cSRoman Divacky // Generate the stack protector instructions in the old basic block. 343f22ef01cSRoman Divacky LoadInst *LI1 = new LoadInst(StackGuardVar, "", false, BB); 344f22ef01cSRoman Divacky LoadInst *LI2 = new LoadInst(AI, "", true, BB); 345f22ef01cSRoman Divacky ICmpInst *Cmp = new ICmpInst(*BB, CmpInst::ICMP_EQ, LI1, LI2, ""); 346f22ef01cSRoman Divacky BranchInst::Create(NewBB, FailBB, Cmp, BB); 347f22ef01cSRoman Divacky } 348f22ef01cSRoman Divacky 349f22ef01cSRoman Divacky // Return if we didn't modify any basic blocks. I.e., there are no return 350f22ef01cSRoman Divacky // statements in the function. 351f22ef01cSRoman Divacky if (!FailBB) return false; 352f22ef01cSRoman Divacky 3533b0f4066SDimitry Andric if (DT && FailBBDom) 3542754fe60SDimitry Andric DT->addNewBlock(FailBB, FailBBDom); 3552754fe60SDimitry Andric 356f22ef01cSRoman Divacky return true; 357f22ef01cSRoman Divacky } 358f22ef01cSRoman Divacky 359f22ef01cSRoman Divacky /// CreateFailBB - Create a basic block to jump to when the stack protector 360f22ef01cSRoman Divacky /// check fails. 361f22ef01cSRoman Divacky BasicBlock *StackProtector::CreateFailBB() { 362f22ef01cSRoman Divacky BasicBlock *FailBB = BasicBlock::Create(F->getContext(), 363f22ef01cSRoman Divacky "CallStackCheckFailBlk", F); 364f22ef01cSRoman Divacky Constant *StackChkFail = 365f22ef01cSRoman Divacky M->getOrInsertFunction("__stack_chk_fail", 366f22ef01cSRoman Divacky Type::getVoidTy(F->getContext()), NULL); 367f22ef01cSRoman Divacky CallInst::Create(StackChkFail, "", FailBB); 368f22ef01cSRoman Divacky new UnreachableInst(F->getContext(), FailBB); 369f22ef01cSRoman Divacky return FailBB; 370f22ef01cSRoman Divacky } 371