Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[BOLT-X86] Fix instrumentation issue with indirect calls
Summary: Indirect calls that use RSP to compute the target address would break in instrumentation mode because we were adding instructions that changed the stack pointer. Fix this. (cherry picked from FBD20883791)
- Loading branch information
1 parent
401fa5b
commit 6dbd15b
Showing
3 changed files
with
107 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
# This reproduces a bug with instrumentation when trying to count calls | ||
# when the target address is computed with a referece to the stack pointer. | ||
# Our instrumentation code uses the stack to save registers to be | ||
# transparent with the instrumented code, but we end up updating the stack | ||
# pointer while doing so, which affects this target address calculation. | ||
# The solution is to temporarily fix RSP. Check that we correctly instrument | ||
# these cases. | ||
|
||
# REQUIRES: system-linux | ||
|
||
# RUN: llvm-mc -filetype=obj -triple x86_64-unknown-unknown \ | ||
# RUN: %s -o %t.o | ||
# RUN: %host_cc %t.o -o %t.exe -Wl,-q | ||
|
||
# RUN: llvm-bolt %t.exe -instrument -instrumentation-file=%t.fdata \ | ||
# RUN: -o %t.instrumented | ||
|
||
# Instrumented program needs to finish returning zero | ||
# RUN: %t.instrumented arg1 arg2 | ||
|
||
# Test that the instrumented data makes sense | ||
# RUN: llvm-bolt %t.exe -o %t.bolted -data %t.fdata \ | ||
# RUN: -reorder-blocks=cache+ -reorder-functions=hfsort+ \ | ||
# RUN: -print-only=main -print-finalized | FileCheck %s | ||
|
||
# RUN: %t.bolted arg1 arg2 | ||
|
||
# Check that our indirect call has 1 hit recorded in the fdata file and that | ||
# this was processed correctly by BOLT | ||
# CHECK: callq *0x18(%rsp) # CallProfile: 1 (0 misses) : | ||
# CHECK-NEXT: { targetFunc: 1 (0 misses) } | ||
|
||
.text | ||
.globl main | ||
.type main, %function | ||
.p2align 4 | ||
main: | ||
pushq %rbp | ||
movq %rsp, %rbp | ||
leaq targetFunc, %rax | ||
pushq %rax # We save the target function address in the stack | ||
subq $0x18, %rsp # Set up a dummy stack frame | ||
cmpl $0x2, %edi | ||
jb .LBBerror # Add control flow so we don't have a trivial case | ||
.LBB2: | ||
callq *0x18(%rsp) # Indirect call using %rsp | ||
addq $0x20, %rsp | ||
movq %rbp, %rsp | ||
pop %rbp | ||
retq | ||
|
||
.LBBerror: | ||
addq $0x20, %rsp | ||
movq %rbp, %rsp | ||
pop %rbp | ||
movq $1, %rax # Finish with an error if we go this path | ||
retq | ||
.size main, .-main | ||
|
||
.globl targetFunc | ||
.type targetFunc, %function | ||
.p2align 4 | ||
targetFunc: | ||
xorq %rax, %rax | ||
retq | ||
.size targetFunc, .-targetFunc |