A weird problem when try to output operand of instruction involving function pointer in a struct

Hi all,

I just start to learn llvm. I am trying to get the operand’s name of some instruction that invokes a function field of a struct. While, I found in the result that there is a sequence number attached to the function field name. Below is an example:

/source code t2.c*/

#include <stdio.h>

void F(){printf(“F\n”);}

void E(){printf(“E\n”);}

void D(){printf(“D\n”);}

void C(){D();E();printf(“C\n”);}

void B(){C();printf(“C\n”);}

void A(){B();printf(“A\n”);}

int main(){

struct s{

int vvv;

void (*ff)();

void (*tt)();

int value ;

}sss;

void (*ppp)();

void (*kkk)();

A();

sss.tt = &A;

sss.tt();

sss.ff = &C;

sss.ff();

sss.tt = &F;

sss.tt();

kkk = &B;

ppp = &C;

(*ppp)();

(*kkk)();

}

I use the following command to generate the .bc file:

clang -O0 -c -emit-llvm t2.c -o t2.bc

Then I create a FunctionPass, inside the runOnFunction() I use the following codes to find direct and indirect function calls:

for (Function::iterator b = F.begin(), be = F.end(); b != be; ++b) {

for (BasicBlock::iterator i = b->begin(), ie = b->end(); i != ie; ++i) {

if (CallInst* callInst = dyn_cast(&*i)) {

Function *fun = callInst->getCalledFunction();

if(fun){

errs().write_escaped(fun->getName());

}

else{

errs() <<"indirect call: ";

Instruction* pinst = &*i;

for(User::op_iterator opi=pinst->op_begin(), opie=pinst->op_end(); opi!=opie; ++opi){

if (Instruction *Op = dyn_cast(*opi)){

errs() <getOperand(0)->getName() <<", ";

}else{

errs() <<“noti\n”;

}

}

}

}

}

}

The output is:

In function: main
A,
indirect call: tt1,
indirect call: ff2,
indirect call: tt4,
indirect call: ppp,
indirect call: kkk,

You can find that there is a number after tt and ff, I have no idea where they are coming from. Can anyone give some hint?

Thanks.
Robert

Hi Robert,

The output is:
In function: main
A,
indirect call: tt1,
indirect call: ff2,
indirect call: tt4,
indirect call: ppp,
indirect call: kkk,

You can find that there is a number after tt and ff, I have no idea where they
are coming from. Can anyone give some hint?

names of local variables/registers have no meaning in LLVM (in fact they aren't
required to have a name at all) they only exist to make things more readable for
developers. If you try to name something XYZ, but something called XYZ already
exists, then XYZ1 will be used instead; if the XYZ1 name is already used, then
XYZ2 will be used instead, etc. Due to the way front-ends work it is quite
common to have such name collisions, resulting in getting a name with a number
on the end.

Ciao, Duncan.