1 //===-- XRayInstrumentation.cpp - Adds XRay instrumentation to functions. -===// 2 // 3 // The LLVM Compiler Infrastructure 4 // 5 // This file is distributed under the University of Illinois Open Source 6 // License. See LICENSE.TXT for details. 7 // 8 //===----------------------------------------------------------------------===// 9 // 10 // This file implements a MachineFunctionPass that inserts the appropriate 11 // XRay instrumentation instructions. We look for XRay-specific attributes 12 // on the function to determine whether we should insert the replacement 13 // operations. 14 // 15 //===---------------------------------------------------------------------===// 16 17 #include "llvm/CodeGen/Analysis.h" 18 #include "llvm/CodeGen/MachineFunction.h" 19 #include "llvm/CodeGen/MachineFunctionPass.h" 20 #include "llvm/CodeGen/MachineInstrBuilder.h" 21 #include "llvm/CodeGen/Passes.h" 22 #include "llvm/Support/TargetRegistry.h" 23 #include "llvm/Target/TargetInstrInfo.h" 24 #include "llvm/Target/TargetSubtargetInfo.h" 25 26 using namespace llvm; 27 28 namespace { 29 struct XRayInstrumentation : public MachineFunctionPass { 30 static char ID; 31 32 XRayInstrumentation() : MachineFunctionPass(ID) { 33 initializeXRayInstrumentationPass(*PassRegistry::getPassRegistry()); 34 } 35 36 bool runOnMachineFunction(MachineFunction &MF) override; 37 38 private: 39 // Replace the original RET instruction with the exit sled code ("patchable 40 // ret" pseudo-instruction), so that at runtime XRay can replace the sled 41 // with a code jumping to XRay trampoline, which calls the tracing handler 42 // and, in the end, issues the RET instruction. 43 // This is the approach to go on CPUs which have a single RET instruction, 44 // like x86/x86_64. 45 void replaceRetWithPatchableRet(MachineFunction &MF, 46 const TargetInstrInfo *TII); 47 // Prepend the original return instruction with the exit sled code ("patchable 48 // function exit" pseudo-instruction), preserving the original return 49 // instruction just after the exit sled code. 50 // This is the approach to go on CPUs which have multiple options for the 51 // return instruction, like ARM. For such CPUs we can't just jump into the 52 // XRay trampoline and issue a single return instruction there. We rather 53 // have to call the trampoline and return from it to the original return 54 // instruction of the function being instrumented. 55 void prependRetWithPatchableExit(MachineFunction &MF, 56 const TargetInstrInfo *TII); 57 }; 58 } // anonymous namespace 59 60 void XRayInstrumentation::replaceRetWithPatchableRet(MachineFunction &MF, 61 const TargetInstrInfo *TII) 62 { 63 // We look for *all* terminators and returns, then replace those with 64 // PATCHABLE_RET instructions. 65 SmallVector<MachineInstr *, 4> Terminators; 66 for (auto &MBB : MF) { 67 for (auto &T : MBB.terminators()) { 68 unsigned Opc = 0; 69 if (T.isReturn() && T.getOpcode() == TII->getReturnOpcode()) { 70 // Replace return instructions with: 71 // PATCHABLE_RET <Opcode>, <Operand>... 72 Opc = TargetOpcode::PATCHABLE_RET; 73 } 74 if (TII->isTailCall(T)) { 75 // Treat the tail call as a return instruction, which has a 76 // different-looking sled than the normal return case. 77 Opc = TargetOpcode::PATCHABLE_TAIL_CALL; 78 } 79 if (Opc != 0) { 80 auto MIB = BuildMI(MBB, T, T.getDebugLoc(), TII->get(Opc)) 81 .addImm(T.getOpcode()); 82 for (auto &MO : T.operands()) 83 MIB.addOperand(MO); 84 Terminators.push_back(&T); 85 } 86 } 87 } 88 89 for (auto &I : Terminators) 90 I->eraseFromParent(); 91 } 92 93 void XRayInstrumentation::prependRetWithPatchableExit(MachineFunction &MF, 94 const TargetInstrInfo *TII) 95 { 96 for (auto &MBB : MF) { 97 for (auto &T : MBB.terminators()) { 98 if (T.isReturn()) { 99 // Prepend the return instruction with PATCHABLE_FUNCTION_EXIT 100 BuildMI(MBB, T, T.getDebugLoc(), 101 TII->get(TargetOpcode::PATCHABLE_FUNCTION_EXIT)); 102 } 103 } 104 } 105 } 106 107 bool XRayInstrumentation::runOnMachineFunction(MachineFunction &MF) { 108 auto &F = *MF.getFunction(); 109 auto InstrAttr = F.getFnAttribute("function-instrument"); 110 bool AlwaysInstrument = !InstrAttr.hasAttribute(Attribute::None) && 111 InstrAttr.isStringAttribute() && 112 InstrAttr.getValueAsString() == "xray-always"; 113 Attribute Attr = F.getFnAttribute("xray-instruction-threshold"); 114 unsigned XRayThreshold = 0; 115 if (!AlwaysInstrument) { 116 if (Attr.hasAttribute(Attribute::None) || !Attr.isStringAttribute()) 117 return false; // XRay threshold attribute not found. 118 if (Attr.getValueAsString().getAsInteger(10, XRayThreshold)) 119 return false; // Invalid value for threshold. 120 if (F.size() < XRayThreshold) 121 return false; // Function is too small. 122 } 123 124 auto &FirstMBB = *MF.begin(); 125 auto &FirstMI = *FirstMBB.begin(); 126 127 if (!MF.getSubtarget().isXRaySupported()) { 128 FirstMI.emitError("An attempt to perform XRay instrumentation for an" 129 " unsupported target."); 130 return false; 131 } 132 133 // FIXME: Do the loop triviality analysis here or in an earlier pass. 134 135 // First, insert an PATCHABLE_FUNCTION_ENTER as the first instruction of the 136 // MachineFunction. 137 auto *TII = MF.getSubtarget().getInstrInfo(); 138 BuildMI(FirstMBB, FirstMI, FirstMI.getDebugLoc(), 139 TII->get(TargetOpcode::PATCHABLE_FUNCTION_ENTER)); 140 141 switch (MF.getTarget().getTargetTriple().getArch()) { 142 case Triple::ArchType::arm: 143 case Triple::ArchType::thumb: 144 // For the architectures which don't have a single return instruction 145 prependRetWithPatchableExit(MF, TII); 146 break; 147 default: 148 // For the architectures that have a single return instruction (such as 149 // RETQ on x86_64). 150 replaceRetWithPatchableRet(MF, TII); 151 break; 152 } 153 return true; 154 } 155 156 char XRayInstrumentation::ID = 0; 157 char &llvm::XRayInstrumentationID = XRayInstrumentation::ID; 158 INITIALIZE_PASS(XRayInstrumentation, "xray-instrumentation", "Insert XRay ops", 159 false, false) 160