1 //===- bolt/Core/BinaryFunction.cpp - Low-level function ------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // This file implements the BinaryFunction class. 10 // 11 //===----------------------------------------------------------------------===// 12 13 #include "bolt/Core/BinaryFunction.h" 14 #include "bolt/Core/BinaryBasicBlock.h" 15 #include "bolt/Core/DynoStats.h" 16 #include "bolt/Core/HashUtilities.h" 17 #include "bolt/Core/MCPlusBuilder.h" 18 #include "bolt/Utils/NameResolver.h" 19 #include "bolt/Utils/NameShortener.h" 20 #include "bolt/Utils/Utils.h" 21 #include "llvm/ADT/STLExtras.h" 22 #include "llvm/ADT/SmallSet.h" 23 #include "llvm/ADT/StringExtras.h" 24 #include "llvm/ADT/StringRef.h" 25 #include "llvm/Demangle/Demangle.h" 26 #include "llvm/MC/MCAsmInfo.h" 27 #include "llvm/MC/MCContext.h" 28 #include "llvm/MC/MCDisassembler/MCDisassembler.h" 29 #include "llvm/MC/MCExpr.h" 30 #include "llvm/MC/MCInst.h" 31 #include "llvm/MC/MCInstPrinter.h" 32 #include "llvm/MC/MCRegisterInfo.h" 33 #include "llvm/MC/MCSymbol.h" 34 #include "llvm/Object/ObjectFile.h" 35 #include "llvm/Support/CommandLine.h" 36 #include "llvm/Support/Debug.h" 37 #include "llvm/Support/GenericDomTreeConstruction.h" 38 #include "llvm/Support/GenericLoopInfoImpl.h" 39 #include "llvm/Support/GraphWriter.h" 40 #include "llvm/Support/LEB128.h" 41 #include "llvm/Support/Regex.h" 42 #include "llvm/Support/Timer.h" 43 #include "llvm/Support/raw_ostream.h" 44 #include "llvm/Support/xxhash.h" 45 #include <functional> 46 #include <limits> 47 #include <numeric> 48 #include <stack> 49 #include <string> 50 51 #define DEBUG_TYPE "bolt" 52 53 using namespace llvm; 54 using namespace bolt; 55 56 namespace opts { 57 58 extern cl::OptionCategory BoltCategory; 59 extern cl::OptionCategory BoltOptCategory; 60 61 extern cl::opt<bool> EnableBAT; 62 extern cl::opt<bool> Instrument; 63 extern cl::opt<bool> StrictMode; 64 extern cl::opt<bool> UpdateDebugSections; 65 extern cl::opt<unsigned> Verbosity; 66 67 extern bool processAllFunctions(); 68 69 cl::opt<bool> CheckEncoding( 70 "check-encoding", 71 cl::desc("perform verification of LLVM instruction encoding/decoding. " 72 "Every instruction in the input is decoded and re-encoded. " 73 "If the resulting bytes do not match the input, a warning message " 74 "is printed."), 75 cl::Hidden, cl::cat(BoltCategory)); 76 77 static cl::opt<bool> DotToolTipCode( 78 "dot-tooltip-code", 79 cl::desc("add basic block instructions as tool tips on nodes"), cl::Hidden, 80 cl::cat(BoltCategory)); 81 82 cl::opt<JumpTableSupportLevel> 83 JumpTables("jump-tables", 84 cl::desc("jump tables support (default=basic)"), 85 cl::init(JTS_BASIC), 86 cl::values( 87 clEnumValN(JTS_NONE, "none", 88 "do not optimize functions with jump tables"), 89 clEnumValN(JTS_BASIC, "basic", 90 "optimize functions with jump tables"), 91 clEnumValN(JTS_MOVE, "move", 92 "move jump tables to a separate section"), 93 clEnumValN(JTS_SPLIT, "split", 94 "split jump tables section into hot and cold based on " 95 "function execution frequency"), 96 clEnumValN(JTS_AGGRESSIVE, "aggressive", 97 "aggressively split jump tables section based on usage " 98 "of the tables")), 99 cl::ZeroOrMore, 100 cl::cat(BoltOptCategory)); 101 102 static cl::opt<bool> NoScan( 103 "no-scan", 104 cl::desc( 105 "do not scan cold functions for external references (may result in " 106 "slower binary)"), 107 cl::Hidden, cl::cat(BoltOptCategory)); 108 109 cl::opt<bool> 110 PreserveBlocksAlignment("preserve-blocks-alignment", 111 cl::desc("try to preserve basic block alignment"), 112 cl::cat(BoltOptCategory)); 113 114 static cl::opt<bool> PrintOutputAddressRange( 115 "print-output-address-range", 116 cl::desc( 117 "print output address range for each basic block in the function when" 118 "BinaryFunction::print is called"), 119 cl::Hidden, cl::cat(BoltOptCategory)); 120 121 cl::opt<bool> 122 PrintDynoStats("dyno-stats", 123 cl::desc("print execution info based on profile"), 124 cl::cat(BoltCategory)); 125 126 static cl::opt<bool> 127 PrintDynoStatsOnly("print-dyno-stats-only", 128 cl::desc("while printing functions output dyno-stats and skip instructions"), 129 cl::init(false), 130 cl::Hidden, 131 cl::cat(BoltCategory)); 132 133 static cl::list<std::string> 134 PrintOnly("print-only", 135 cl::CommaSeparated, 136 cl::desc("list of functions to print"), 137 cl::value_desc("func1,func2,func3,..."), 138 cl::Hidden, 139 cl::cat(BoltCategory)); 140 141 cl::opt<bool> 142 TimeBuild("time-build", 143 cl::desc("print time spent constructing binary functions"), 144 cl::Hidden, cl::cat(BoltCategory)); 145 146 cl::opt<bool> 147 TrapOnAVX512("trap-avx512", 148 cl::desc("in relocation mode trap upon entry to any function that uses " 149 "AVX-512 instructions"), 150 cl::init(false), 151 cl::ZeroOrMore, 152 cl::Hidden, 153 cl::cat(BoltCategory)); 154 155 bool shouldPrint(const BinaryFunction &Function) { 156 if (Function.isIgnored()) 157 return false; 158 159 if (PrintOnly.empty()) 160 return true; 161 162 for (std::string &Name : opts::PrintOnly) { 163 if (Function.hasNameRegex(Name)) { 164 return true; 165 } 166 } 167 168 std::optional<StringRef> Origin = Function.getOriginSectionName(); 169 if (Origin && llvm::any_of(opts::PrintOnly, [&](const std::string &Name) { 170 return Name == *Origin; 171 })) 172 return true; 173 174 return false; 175 } 176 177 } // namespace opts 178 179 namespace llvm { 180 namespace bolt { 181 182 template <typename R> static bool emptyRange(const R &Range) { 183 return Range.begin() == Range.end(); 184 } 185 186 /// Gets debug line information for the instruction located at the given 187 /// address in the original binary. The SMLoc's pointer is used 188 /// to point to this information, which is represented by a 189 /// DebugLineTableRowRef. The returned pointer is null if no debug line 190 /// information for this instruction was found. 191 static SMLoc findDebugLineInformationForInstructionAt( 192 uint64_t Address, DWARFUnit *Unit, 193 const DWARFDebugLine::LineTable *LineTable) { 194 // We use the pointer in SMLoc to store an instance of DebugLineTableRowRef, 195 // which occupies 64 bits. Thus, we can only proceed if the struct fits into 196 // the pointer itself. 197 static_assert( 198 sizeof(decltype(SMLoc().getPointer())) >= sizeof(DebugLineTableRowRef), 199 "Cannot fit instruction debug line information into SMLoc's pointer"); 200 201 SMLoc NullResult = DebugLineTableRowRef::NULL_ROW.toSMLoc(); 202 uint32_t RowIndex = LineTable->lookupAddress( 203 {Address, object::SectionedAddress::UndefSection}); 204 if (RowIndex == LineTable->UnknownRowIndex) 205 return NullResult; 206 207 assert(RowIndex < LineTable->Rows.size() && 208 "Line Table lookup returned invalid index."); 209 210 decltype(SMLoc().getPointer()) Ptr; 211 DebugLineTableRowRef *InstructionLocation = 212 reinterpret_cast<DebugLineTableRowRef *>(&Ptr); 213 214 InstructionLocation->DwCompileUnitIndex = Unit->getOffset(); 215 InstructionLocation->RowIndex = RowIndex + 1; 216 217 return SMLoc::getFromPointer(Ptr); 218 } 219 220 static std::string buildSectionName(StringRef Prefix, StringRef Name, 221 const BinaryContext &BC) { 222 if (BC.isELF()) 223 return (Prefix + Name).str(); 224 static NameShortener NS; 225 return (Prefix + Twine(NS.getID(Name))).str(); 226 } 227 228 static raw_ostream &operator<<(raw_ostream &OS, 229 const BinaryFunction::State State) { 230 switch (State) { 231 case BinaryFunction::State::Empty: OS << "empty"; break; 232 case BinaryFunction::State::Disassembled: OS << "disassembled"; break; 233 case BinaryFunction::State::CFG: OS << "CFG constructed"; break; 234 case BinaryFunction::State::CFG_Finalized: OS << "CFG finalized"; break; 235 case BinaryFunction::State::EmittedCFG: OS << "emitted with CFG"; break; 236 case BinaryFunction::State::Emitted: OS << "emitted"; break; 237 } 238 239 return OS; 240 } 241 242 std::string BinaryFunction::buildCodeSectionName(StringRef Name, 243 const BinaryContext &BC) { 244 return buildSectionName(BC.isELF() ? ".local.text." : ".l.text.", Name, BC); 245 } 246 247 std::string BinaryFunction::buildColdCodeSectionName(StringRef Name, 248 const BinaryContext &BC) { 249 return buildSectionName(BC.isELF() ? ".local.cold.text." : ".l.c.text.", Name, 250 BC); 251 } 252 253 uint64_t BinaryFunction::Count = 0; 254 255 std::optional<StringRef> 256 BinaryFunction::hasNameRegex(const StringRef Name) const { 257 const std::string RegexName = (Twine("^") + StringRef(Name) + "$").str(); 258 Regex MatchName(RegexName); 259 return forEachName( 260 [&MatchName](StringRef Name) { return MatchName.match(Name); }); 261 } 262 263 std::optional<StringRef> 264 BinaryFunction::hasRestoredNameRegex(const StringRef Name) const { 265 const std::string RegexName = (Twine("^") + StringRef(Name) + "$").str(); 266 Regex MatchName(RegexName); 267 return forEachName([&MatchName](StringRef Name) { 268 return MatchName.match(NameResolver::restore(Name)); 269 }); 270 } 271 272 std::string BinaryFunction::getDemangledName() const { 273 StringRef MangledName = NameResolver::restore(getOneName()); 274 return demangle(MangledName.str()); 275 } 276 277 BinaryBasicBlock * 278 BinaryFunction::getBasicBlockContainingOffset(uint64_t Offset) { 279 if (Offset > Size) 280 return nullptr; 281 282 if (BasicBlockOffsets.empty()) 283 return nullptr; 284 285 /* 286 * This is commented out because it makes BOLT too slow. 287 * assert(std::is_sorted(BasicBlockOffsets.begin(), 288 * BasicBlockOffsets.end(), 289 * CompareBasicBlockOffsets()))); 290 */ 291 auto I = 292 llvm::upper_bound(BasicBlockOffsets, BasicBlockOffset(Offset, nullptr), 293 CompareBasicBlockOffsets()); 294 assert(I != BasicBlockOffsets.begin() && "first basic block not at offset 0"); 295 --I; 296 BinaryBasicBlock *BB = I->second; 297 return (Offset < BB->getOffset() + BB->getOriginalSize()) ? BB : nullptr; 298 } 299 300 void BinaryFunction::markUnreachableBlocks() { 301 std::stack<BinaryBasicBlock *> Stack; 302 303 for (BinaryBasicBlock &BB : blocks()) 304 BB.markValid(false); 305 306 // Add all entries and landing pads as roots. 307 for (BinaryBasicBlock *BB : BasicBlocks) { 308 if (isEntryPoint(*BB) || BB->isLandingPad()) { 309 Stack.push(BB); 310 BB->markValid(true); 311 continue; 312 } 313 // FIXME: 314 // Also mark BBs with indirect jumps as reachable, since we do not 315 // support removing unused jump tables yet (GH-issue20). 316 for (const MCInst &Inst : *BB) { 317 if (BC.MIB->getJumpTable(Inst)) { 318 Stack.push(BB); 319 BB->markValid(true); 320 break; 321 } 322 } 323 } 324 325 // Determine reachable BBs from the entry point 326 while (!Stack.empty()) { 327 BinaryBasicBlock *BB = Stack.top(); 328 Stack.pop(); 329 for (BinaryBasicBlock *Succ : BB->successors()) { 330 if (Succ->isValid()) 331 continue; 332 Succ->markValid(true); 333 Stack.push(Succ); 334 } 335 } 336 } 337 338 // Any unnecessary fallthrough jumps revealed after calling eraseInvalidBBs 339 // will be cleaned up by fixBranches(). 340 std::pair<unsigned, uint64_t> 341 BinaryFunction::eraseInvalidBBs(const MCCodeEmitter *Emitter) { 342 DenseSet<const BinaryBasicBlock *> InvalidBBs; 343 unsigned Count = 0; 344 uint64_t Bytes = 0; 345 for (BinaryBasicBlock *const BB : BasicBlocks) { 346 if (!BB->isValid()) { 347 assert(!isEntryPoint(*BB) && "all entry blocks must be valid"); 348 InvalidBBs.insert(BB); 349 ++Count; 350 Bytes += BC.computeCodeSize(BB->begin(), BB->end(), Emitter); 351 } 352 } 353 354 Layout.eraseBasicBlocks(InvalidBBs); 355 356 BasicBlockListType NewBasicBlocks; 357 for (auto I = BasicBlocks.begin(), E = BasicBlocks.end(); I != E; ++I) { 358 BinaryBasicBlock *BB = *I; 359 if (InvalidBBs.contains(BB)) { 360 // Make sure the block is removed from the list of predecessors. 361 BB->removeAllSuccessors(); 362 DeletedBasicBlocks.push_back(BB); 363 } else { 364 NewBasicBlocks.push_back(BB); 365 } 366 } 367 BasicBlocks = std::move(NewBasicBlocks); 368 369 assert(BasicBlocks.size() == Layout.block_size()); 370 371 // Update CFG state if needed 372 if (Count > 0) 373 recomputeLandingPads(); 374 375 return std::make_pair(Count, Bytes); 376 } 377 378 bool BinaryFunction::isForwardCall(const MCSymbol *CalleeSymbol) const { 379 // This function should work properly before and after function reordering. 380 // In order to accomplish this, we use the function index (if it is valid). 381 // If the function indices are not valid, we fall back to the original 382 // addresses. This should be ok because the functions without valid indices 383 // should have been ordered with a stable sort. 384 const BinaryFunction *CalleeBF = BC.getFunctionForSymbol(CalleeSymbol); 385 if (CalleeBF) { 386 if (CalleeBF->isInjected()) 387 return true; 388 return compareBinaryFunctionByIndex(this, CalleeBF); 389 } else { 390 // Absolute symbol. 391 ErrorOr<uint64_t> CalleeAddressOrError = BC.getSymbolValue(*CalleeSymbol); 392 assert(CalleeAddressOrError && "unregistered symbol found"); 393 return *CalleeAddressOrError > getAddress(); 394 } 395 } 396 397 void BinaryFunction::dump() const { 398 // getDynoStats calls FunctionLayout::updateLayoutIndices and 399 // BasicBlock::analyzeBranch. The former cannot be const, but should be 400 // removed, the latter should be made const, but seems to require refactoring. 401 // Forcing all callers to have a non-const reference to BinaryFunction to call 402 // dump non-const however is not ideal either. Adding this const_cast is right 403 // now the best solution. It is safe, because BinaryFunction itself is not 404 // modified. Only BinaryBasicBlocks are actually modified (if it all) and we 405 // have mutable pointers to those regardless whether this function is 406 // const-qualified or not. 407 const_cast<BinaryFunction &>(*this).print(dbgs(), ""); 408 } 409 410 void BinaryFunction::print(raw_ostream &OS, std::string Annotation) { 411 if (!opts::shouldPrint(*this)) 412 return; 413 414 StringRef SectionName = 415 OriginSection ? OriginSection->getName() : "<no origin section>"; 416 OS << "Binary Function \"" << *this << "\" " << Annotation << " {"; 417 std::vector<StringRef> AllNames = getNames(); 418 if (AllNames.size() > 1) { 419 OS << "\n All names : "; 420 const char *Sep = ""; 421 for (const StringRef &Name : AllNames) { 422 OS << Sep << Name; 423 Sep = "\n "; 424 } 425 } 426 OS << "\n Number : " << FunctionNumber; 427 OS << "\n State : " << CurrentState; 428 OS << "\n Address : 0x" << Twine::utohexstr(Address); 429 OS << "\n Size : 0x" << Twine::utohexstr(Size); 430 OS << "\n MaxSize : 0x" << Twine::utohexstr(MaxSize); 431 OS << "\n Offset : 0x" << Twine::utohexstr(getFileOffset()); 432 OS << "\n Section : " << SectionName; 433 OS << "\n Orc Section : " << getCodeSectionName(); 434 OS << "\n LSDA : 0x" << Twine::utohexstr(getLSDAAddress()); 435 OS << "\n IsSimple : " << IsSimple; 436 OS << "\n IsMultiEntry: " << isMultiEntry(); 437 OS << "\n IsSplit : " << isSplit(); 438 OS << "\n BB Count : " << size(); 439 440 if (HasUnknownControlFlow) 441 OS << "\n Unknown CF : true"; 442 if (getPersonalityFunction()) 443 OS << "\n Personality : " << getPersonalityFunction()->getName(); 444 if (IsFragment) 445 OS << "\n IsFragment : true"; 446 if (isFolded()) 447 OS << "\n FoldedInto : " << *getFoldedIntoFunction(); 448 for (BinaryFunction *ParentFragment : ParentFragments) 449 OS << "\n Parent : " << *ParentFragment; 450 if (!Fragments.empty()) { 451 OS << "\n Fragments : "; 452 ListSeparator LS; 453 for (BinaryFunction *Frag : Fragments) 454 OS << LS << *Frag; 455 } 456 if (hasCFG()) 457 OS << "\n Hash : " << Twine::utohexstr(computeHash()); 458 if (isMultiEntry()) { 459 OS << "\n Secondary Entry Points : "; 460 ListSeparator LS; 461 for (const auto &KV : SecondaryEntryPoints) 462 OS << LS << KV.second->getName(); 463 } 464 if (FrameInstructions.size()) 465 OS << "\n CFI Instrs : " << FrameInstructions.size(); 466 if (!Layout.block_empty()) { 467 OS << "\n BB Layout : "; 468 ListSeparator LS; 469 for (const BinaryBasicBlock *BB : Layout.blocks()) 470 OS << LS << BB->getName(); 471 } 472 if (getImageAddress()) 473 OS << "\n Image : 0x" << Twine::utohexstr(getImageAddress()); 474 if (ExecutionCount != COUNT_NO_PROFILE) { 475 OS << "\n Exec Count : " << ExecutionCount; 476 OS << "\n Branch Count: " << RawBranchCount; 477 OS << "\n Profile Acc : " << format("%.1f%%", ProfileMatchRatio * 100.0f); 478 } 479 480 if (opts::PrintDynoStats && !getLayout().block_empty()) { 481 OS << '\n'; 482 DynoStats dynoStats = getDynoStats(*this); 483 OS << dynoStats; 484 } 485 486 OS << "\n}\n"; 487 488 if (opts::PrintDynoStatsOnly || !BC.InstPrinter) 489 return; 490 491 // Offset of the instruction in function. 492 uint64_t Offset = 0; 493 494 if (BasicBlocks.empty() && !Instructions.empty()) { 495 // Print before CFG was built. 496 for (const std::pair<const uint32_t, MCInst> &II : Instructions) { 497 Offset = II.first; 498 499 // Print label if exists at this offset. 500 auto LI = Labels.find(Offset); 501 if (LI != Labels.end()) { 502 if (const MCSymbol *EntrySymbol = 503 getSecondaryEntryPointSymbol(LI->second)) 504 OS << EntrySymbol->getName() << " (Entry Point):\n"; 505 OS << LI->second->getName() << ":\n"; 506 } 507 508 BC.printInstruction(OS, II.second, Offset, this); 509 } 510 } 511 512 StringRef SplitPointMsg = ""; 513 for (const FunctionFragment &FF : Layout.fragments()) { 514 OS << SplitPointMsg; 515 SplitPointMsg = "------- HOT-COLD SPLIT POINT -------\n\n"; 516 for (const BinaryBasicBlock *BB : FF) { 517 OS << BB->getName() << " (" << BB->size() 518 << " instructions, align : " << BB->getAlignment() << ")\n"; 519 520 if (opts::PrintOutputAddressRange) 521 OS << formatv(" Output Address Range: [{0:x}, {1:x}) ({2} bytes)\n", 522 BB->getOutputAddressRange().first, 523 BB->getOutputAddressRange().second, BB->getOutputSize()); 524 525 if (isEntryPoint(*BB)) { 526 if (MCSymbol *EntrySymbol = getSecondaryEntryPointSymbol(*BB)) 527 OS << " Secondary Entry Point: " << EntrySymbol->getName() << '\n'; 528 else 529 OS << " Entry Point\n"; 530 } 531 532 if (BB->isLandingPad()) 533 OS << " Landing Pad\n"; 534 535 uint64_t BBExecCount = BB->getExecutionCount(); 536 if (hasValidProfile()) { 537 OS << " Exec Count : "; 538 if (BB->getExecutionCount() != BinaryBasicBlock::COUNT_NO_PROFILE) 539 OS << BBExecCount << '\n'; 540 else 541 OS << "<unknown>\n"; 542 } 543 if (hasCFI()) 544 OS << " CFI State : " << BB->getCFIState() << '\n'; 545 if (opts::EnableBAT) { 546 OS << " Input offset: 0x" << Twine::utohexstr(BB->getInputOffset()) 547 << "\n"; 548 } 549 if (!BB->pred_empty()) { 550 OS << " Predecessors: "; 551 ListSeparator LS; 552 for (BinaryBasicBlock *Pred : BB->predecessors()) 553 OS << LS << Pred->getName(); 554 OS << '\n'; 555 } 556 if (!BB->throw_empty()) { 557 OS << " Throwers: "; 558 ListSeparator LS; 559 for (BinaryBasicBlock *Throw : BB->throwers()) 560 OS << LS << Throw->getName(); 561 OS << '\n'; 562 } 563 564 Offset = alignTo(Offset, BB->getAlignment()); 565 566 // Note: offsets are imprecise since this is happening prior to 567 // relaxation. 568 Offset = BC.printInstructions(OS, BB->begin(), BB->end(), Offset, this); 569 570 if (!BB->succ_empty()) { 571 OS << " Successors: "; 572 // For more than 2 successors, sort them based on frequency. 573 std::vector<uint64_t> Indices(BB->succ_size()); 574 std::iota(Indices.begin(), Indices.end(), 0); 575 if (BB->succ_size() > 2 && BB->getKnownExecutionCount()) { 576 llvm::stable_sort(Indices, [&](const uint64_t A, const uint64_t B) { 577 return BB->BranchInfo[B] < BB->BranchInfo[A]; 578 }); 579 } 580 ListSeparator LS; 581 for (unsigned I = 0; I < Indices.size(); ++I) { 582 BinaryBasicBlock *Succ = BB->Successors[Indices[I]]; 583 const BinaryBasicBlock::BinaryBranchInfo &BI = 584 BB->BranchInfo[Indices[I]]; 585 OS << LS << Succ->getName(); 586 if (ExecutionCount != COUNT_NO_PROFILE && 587 BI.MispredictedCount != BinaryBasicBlock::COUNT_INFERRED) { 588 OS << " (mispreds: " << BI.MispredictedCount 589 << ", count: " << BI.Count << ")"; 590 } else if (ExecutionCount != COUNT_NO_PROFILE && 591 BI.Count != BinaryBasicBlock::COUNT_NO_PROFILE) { 592 OS << " (inferred count: " << BI.Count << ")"; 593 } 594 } 595 OS << '\n'; 596 } 597 598 if (!BB->lp_empty()) { 599 OS << " Landing Pads: "; 600 ListSeparator LS; 601 for (BinaryBasicBlock *LP : BB->landing_pads()) { 602 OS << LS << LP->getName(); 603 if (ExecutionCount != COUNT_NO_PROFILE) { 604 OS << " (count: " << LP->getExecutionCount() << ")"; 605 } 606 } 607 OS << '\n'; 608 } 609 610 // In CFG_Finalized state we can miscalculate CFI state at exit. 611 if (CurrentState == State::CFG && hasCFI()) { 612 const int32_t CFIStateAtExit = BB->getCFIStateAtExit(); 613 if (CFIStateAtExit >= 0) 614 OS << " CFI State: " << CFIStateAtExit << '\n'; 615 } 616 617 OS << '\n'; 618 } 619 } 620 621 // Dump new exception ranges for the function. 622 if (!CallSites.empty()) { 623 OS << "EH table:\n"; 624 for (const FunctionFragment &FF : getLayout().fragments()) { 625 for (const auto &FCSI : getCallSites(FF.getFragmentNum())) { 626 const CallSite &CSI = FCSI.second; 627 OS << " [" << *CSI.Start << ", " << *CSI.End << ") landing pad : "; 628 if (CSI.LP) 629 OS << *CSI.LP; 630 else 631 OS << "0"; 632 OS << ", action : " << CSI.Action << '\n'; 633 } 634 } 635 OS << '\n'; 636 } 637 638 // Print all jump tables. 639 for (const std::pair<const uint64_t, JumpTable *> &JTI : JumpTables) 640 JTI.second->print(OS); 641 642 OS << "DWARF CFI Instructions:\n"; 643 if (OffsetToCFI.size()) { 644 // Pre-buildCFG information 645 for (const std::pair<const uint32_t, uint32_t> &Elmt : OffsetToCFI) { 646 OS << format(" %08x:\t", Elmt.first); 647 assert(Elmt.second < FrameInstructions.size() && "Incorrect CFI offset"); 648 BinaryContext::printCFI(OS, FrameInstructions[Elmt.second]); 649 OS << "\n"; 650 } 651 } else { 652 // Post-buildCFG information 653 for (uint32_t I = 0, E = FrameInstructions.size(); I != E; ++I) { 654 const MCCFIInstruction &CFI = FrameInstructions[I]; 655 OS << format(" %d:\t", I); 656 BinaryContext::printCFI(OS, CFI); 657 OS << "\n"; 658 } 659 } 660 if (FrameInstructions.empty()) 661 OS << " <empty>\n"; 662 663 OS << "End of Function \"" << *this << "\"\n\n"; 664 } 665 666 void BinaryFunction::printRelocations(raw_ostream &OS, uint64_t Offset, 667 uint64_t Size) const { 668 const char *Sep = " # Relocs: "; 669 670 auto RI = Relocations.lower_bound(Offset); 671 while (RI != Relocations.end() && RI->first < Offset + Size) { 672 OS << Sep << "(R: " << RI->second << ")"; 673 Sep = ", "; 674 ++RI; 675 } 676 } 677 678 static std::string mutateDWARFExpressionTargetReg(const MCCFIInstruction &Instr, 679 MCPhysReg NewReg) { 680 StringRef ExprBytes = Instr.getValues(); 681 assert(ExprBytes.size() > 1 && "DWARF expression CFI is too short"); 682 uint8_t Opcode = ExprBytes[0]; 683 assert((Opcode == dwarf::DW_CFA_expression || 684 Opcode == dwarf::DW_CFA_val_expression) && 685 "invalid DWARF expression CFI"); 686 (void)Opcode; 687 const uint8_t *const Start = 688 reinterpret_cast<const uint8_t *>(ExprBytes.drop_front(1).data()); 689 const uint8_t *const End = 690 reinterpret_cast<const uint8_t *>(Start + ExprBytes.size() - 1); 691 unsigned Size = 0; 692 decodeULEB128(Start, &Size, End); 693 assert(Size > 0 && "Invalid reg encoding for DWARF expression CFI"); 694 SmallString<8> Tmp; 695 raw_svector_ostream OSE(Tmp); 696 encodeULEB128(NewReg, OSE); 697 return Twine(ExprBytes.slice(0, 1)) 698 .concat(OSE.str()) 699 .concat(ExprBytes.drop_front(1 + Size)) 700 .str(); 701 } 702 703 void BinaryFunction::mutateCFIRegisterFor(const MCInst &Instr, 704 MCPhysReg NewReg) { 705 const MCCFIInstruction *OldCFI = getCFIFor(Instr); 706 assert(OldCFI && "invalid CFI instr"); 707 switch (OldCFI->getOperation()) { 708 default: 709 llvm_unreachable("Unexpected instruction"); 710 case MCCFIInstruction::OpDefCfa: 711 setCFIFor(Instr, MCCFIInstruction::cfiDefCfa(nullptr, NewReg, 712 OldCFI->getOffset())); 713 break; 714 case MCCFIInstruction::OpDefCfaRegister: 715 setCFIFor(Instr, MCCFIInstruction::createDefCfaRegister(nullptr, NewReg)); 716 break; 717 case MCCFIInstruction::OpOffset: 718 setCFIFor(Instr, MCCFIInstruction::createOffset(nullptr, NewReg, 719 OldCFI->getOffset())); 720 break; 721 case MCCFIInstruction::OpRegister: 722 setCFIFor(Instr, MCCFIInstruction::createRegister(nullptr, NewReg, 723 OldCFI->getRegister2())); 724 break; 725 case MCCFIInstruction::OpSameValue: 726 setCFIFor(Instr, MCCFIInstruction::createSameValue(nullptr, NewReg)); 727 break; 728 case MCCFIInstruction::OpEscape: 729 setCFIFor(Instr, 730 MCCFIInstruction::createEscape( 731 nullptr, 732 StringRef(mutateDWARFExpressionTargetReg(*OldCFI, NewReg)))); 733 break; 734 case MCCFIInstruction::OpRestore: 735 setCFIFor(Instr, MCCFIInstruction::createRestore(nullptr, NewReg)); 736 break; 737 case MCCFIInstruction::OpUndefined: 738 setCFIFor(Instr, MCCFIInstruction::createUndefined(nullptr, NewReg)); 739 break; 740 } 741 } 742 743 const MCCFIInstruction *BinaryFunction::mutateCFIOffsetFor(const MCInst &Instr, 744 int64_t NewOffset) { 745 const MCCFIInstruction *OldCFI = getCFIFor(Instr); 746 assert(OldCFI && "invalid CFI instr"); 747 switch (OldCFI->getOperation()) { 748 default: 749 llvm_unreachable("Unexpected instruction"); 750 case MCCFIInstruction::OpDefCfaOffset: 751 setCFIFor(Instr, MCCFIInstruction::cfiDefCfaOffset(nullptr, NewOffset)); 752 break; 753 case MCCFIInstruction::OpAdjustCfaOffset: 754 setCFIFor(Instr, 755 MCCFIInstruction::createAdjustCfaOffset(nullptr, NewOffset)); 756 break; 757 case MCCFIInstruction::OpDefCfa: 758 setCFIFor(Instr, MCCFIInstruction::cfiDefCfa(nullptr, OldCFI->getRegister(), 759 NewOffset)); 760 break; 761 case MCCFIInstruction::OpOffset: 762 setCFIFor(Instr, MCCFIInstruction::createOffset( 763 nullptr, OldCFI->getRegister(), NewOffset)); 764 break; 765 } 766 return getCFIFor(Instr); 767 } 768 769 IndirectBranchType 770 BinaryFunction::processIndirectBranch(MCInst &Instruction, unsigned Size, 771 uint64_t Offset, 772 uint64_t &TargetAddress) { 773 const unsigned PtrSize = BC.AsmInfo->getCodePointerSize(); 774 775 // The instruction referencing memory used by the branch instruction. 776 // It could be the branch instruction itself or one of the instructions 777 // setting the value of the register used by the branch. 778 MCInst *MemLocInstr; 779 780 // The instruction loading the fixed PIC jump table entry value. 781 MCInst *FixedEntryLoadInstr; 782 783 // Address of the table referenced by MemLocInstr. Could be either an 784 // array of function pointers, or a jump table. 785 uint64_t ArrayStart = 0; 786 787 unsigned BaseRegNum, IndexRegNum; 788 int64_t DispValue; 789 const MCExpr *DispExpr; 790 791 // In AArch, identify the instruction adding the PC-relative offset to 792 // jump table entries to correctly decode it. 793 MCInst *PCRelBaseInstr; 794 uint64_t PCRelAddr = 0; 795 796 auto Begin = Instructions.begin(); 797 if (BC.isAArch64()) { 798 // Start at the last label as an approximation of the current basic block. 799 // This is a heuristic, since the full set of labels have yet to be 800 // determined 801 for (const uint32_t Offset : 802 llvm::make_first_range(llvm::reverse(Labels))) { 803 auto II = Instructions.find(Offset); 804 if (II != Instructions.end()) { 805 Begin = II; 806 break; 807 } 808 } 809 } 810 811 IndirectBranchType BranchType = BC.MIB->analyzeIndirectBranch( 812 Instruction, Begin, Instructions.end(), PtrSize, MemLocInstr, BaseRegNum, 813 IndexRegNum, DispValue, DispExpr, PCRelBaseInstr, FixedEntryLoadInstr); 814 815 if (BranchType == IndirectBranchType::UNKNOWN && !MemLocInstr) 816 return BranchType; 817 818 if (MemLocInstr != &Instruction) 819 IndexRegNum = BC.MIB->getNoRegister(); 820 821 if (BC.isAArch64()) { 822 const MCSymbol *Sym = BC.MIB->getTargetSymbol(*PCRelBaseInstr, 1); 823 assert(Sym && "Symbol extraction failed"); 824 ErrorOr<uint64_t> SymValueOrError = BC.getSymbolValue(*Sym); 825 if (SymValueOrError) { 826 PCRelAddr = *SymValueOrError; 827 } else { 828 for (std::pair<const uint32_t, MCSymbol *> &Elmt : Labels) { 829 if (Elmt.second == Sym) { 830 PCRelAddr = Elmt.first + getAddress(); 831 break; 832 } 833 } 834 } 835 uint64_t InstrAddr = 0; 836 for (auto II = Instructions.rbegin(); II != Instructions.rend(); ++II) { 837 if (&II->second == PCRelBaseInstr) { 838 InstrAddr = II->first + getAddress(); 839 break; 840 } 841 } 842 assert(InstrAddr != 0 && "instruction not found"); 843 // We do this to avoid spurious references to code locations outside this 844 // function (for example, if the indirect jump lives in the last basic 845 // block of the function, it will create a reference to the next function). 846 // This replaces a symbol reference with an immediate. 847 BC.MIB->replaceMemOperandDisp(*PCRelBaseInstr, 848 MCOperand::createImm(PCRelAddr - InstrAddr)); 849 // FIXME: Disable full jump table processing for AArch64 until we have a 850 // proper way of determining the jump table limits. 851 return IndirectBranchType::UNKNOWN; 852 } 853 854 auto getExprValue = [&](const MCExpr *Expr) { 855 const MCSymbol *TargetSym; 856 uint64_t TargetOffset; 857 std::tie(TargetSym, TargetOffset) = BC.MIB->getTargetSymbolInfo(Expr); 858 ErrorOr<uint64_t> SymValueOrError = BC.getSymbolValue(*TargetSym); 859 assert(SymValueOrError && "Global symbol needs a value"); 860 return *SymValueOrError + TargetOffset; 861 }; 862 863 // RIP-relative addressing should be converted to symbol form by now 864 // in processed instructions (but not in jump). 865 if (DispExpr) { 866 ArrayStart = getExprValue(DispExpr); 867 BaseRegNum = BC.MIB->getNoRegister(); 868 if (BC.isAArch64()) { 869 ArrayStart &= ~0xFFFULL; 870 ArrayStart += DispValue & 0xFFFULL; 871 } 872 } else { 873 ArrayStart = static_cast<uint64_t>(DispValue); 874 } 875 876 if (BaseRegNum == BC.MRI->getProgramCounter()) 877 ArrayStart += getAddress() + Offset + Size; 878 879 if (FixedEntryLoadInstr) { 880 assert(BranchType == IndirectBranchType::POSSIBLE_PIC_FIXED_BRANCH && 881 "Invalid IndirectBranch type"); 882 MCInst::iterator FixedEntryDispOperand = 883 BC.MIB->getMemOperandDisp(*FixedEntryLoadInstr); 884 assert(FixedEntryDispOperand != FixedEntryLoadInstr->end() && 885 "Invalid memory instruction"); 886 const MCExpr *FixedEntryDispExpr = FixedEntryDispOperand->getExpr(); 887 const uint64_t EntryAddress = getExprValue(FixedEntryDispExpr); 888 uint64_t EntrySize = BC.getJumpTableEntrySize(JumpTable::JTT_PIC); 889 ErrorOr<int64_t> Value = 890 BC.getSignedValueAtAddress(EntryAddress, EntrySize); 891 if (!Value) 892 return IndirectBranchType::UNKNOWN; 893 894 BC.outs() << "BOLT-INFO: fixed PIC indirect branch detected in " << *this 895 << " at 0x" << Twine::utohexstr(getAddress() + Offset) 896 << " referencing data at 0x" << Twine::utohexstr(EntryAddress) 897 << " the destination value is 0x" 898 << Twine::utohexstr(ArrayStart + *Value) << '\n'; 899 900 TargetAddress = ArrayStart + *Value; 901 902 // Remove spurious JumpTable at EntryAddress caused by PIC reference from 903 // the load instruction. 904 BC.deleteJumpTable(EntryAddress); 905 906 // Replace FixedEntryDispExpr used in target address calculation with outer 907 // jump table reference. 908 JumpTable *JT = BC.getJumpTableContainingAddress(ArrayStart); 909 assert(JT && "Must have a containing jump table for PIC fixed branch"); 910 BC.MIB->replaceMemOperandDisp(*FixedEntryLoadInstr, JT->getFirstLabel(), 911 EntryAddress - ArrayStart, &*BC.Ctx); 912 913 return BranchType; 914 } 915 916 LLVM_DEBUG(dbgs() << "BOLT-DEBUG: addressed memory is 0x" 917 << Twine::utohexstr(ArrayStart) << '\n'); 918 919 ErrorOr<BinarySection &> Section = BC.getSectionForAddress(ArrayStart); 920 if (!Section) { 921 // No section - possibly an absolute address. Since we don't allow 922 // internal function addresses to escape the function scope - we 923 // consider it a tail call. 924 if (opts::Verbosity >= 1) { 925 BC.errs() << "BOLT-WARNING: no section for address 0x" 926 << Twine::utohexstr(ArrayStart) << " referenced from function " 927 << *this << '\n'; 928 } 929 return IndirectBranchType::POSSIBLE_TAIL_CALL; 930 } 931 if (Section->isVirtual()) { 932 // The contents are filled at runtime. 933 return IndirectBranchType::POSSIBLE_TAIL_CALL; 934 } 935 936 if (BranchType == IndirectBranchType::POSSIBLE_FIXED_BRANCH) { 937 ErrorOr<uint64_t> Value = BC.getPointerAtAddress(ArrayStart); 938 if (!Value) 939 return IndirectBranchType::UNKNOWN; 940 941 if (BC.getSectionForAddress(ArrayStart)->isWritable()) 942 return IndirectBranchType::UNKNOWN; 943 944 BC.outs() << "BOLT-INFO: fixed indirect branch detected in " << *this 945 << " at 0x" << Twine::utohexstr(getAddress() + Offset) 946 << " referencing data at 0x" << Twine::utohexstr(ArrayStart) 947 << " the destination value is 0x" << Twine::utohexstr(*Value) 948 << '\n'; 949 950 TargetAddress = *Value; 951 return BranchType; 952 } 953 954 // Check if there's already a jump table registered at this address. 955 MemoryContentsType MemType; 956 if (JumpTable *JT = BC.getJumpTableContainingAddress(ArrayStart)) { 957 switch (JT->Type) { 958 case JumpTable::JTT_NORMAL: 959 MemType = MemoryContentsType::POSSIBLE_JUMP_TABLE; 960 break; 961 case JumpTable::JTT_PIC: 962 MemType = MemoryContentsType::POSSIBLE_PIC_JUMP_TABLE; 963 break; 964 } 965 } else { 966 MemType = BC.analyzeMemoryAt(ArrayStart, *this); 967 } 968 969 // Check that jump table type in instruction pattern matches memory contents. 970 JumpTable::JumpTableType JTType; 971 if (BranchType == IndirectBranchType::POSSIBLE_PIC_JUMP_TABLE) { 972 if (MemType != MemoryContentsType::POSSIBLE_PIC_JUMP_TABLE) 973 return IndirectBranchType::UNKNOWN; 974 JTType = JumpTable::JTT_PIC; 975 } else { 976 if (MemType == MemoryContentsType::POSSIBLE_PIC_JUMP_TABLE) 977 return IndirectBranchType::UNKNOWN; 978 979 if (MemType == MemoryContentsType::UNKNOWN) 980 return IndirectBranchType::POSSIBLE_TAIL_CALL; 981 982 BranchType = IndirectBranchType::POSSIBLE_JUMP_TABLE; 983 JTType = JumpTable::JTT_NORMAL; 984 } 985 986 // Convert the instruction into jump table branch. 987 const MCSymbol *JTLabel = BC.getOrCreateJumpTable(*this, ArrayStart, JTType); 988 BC.MIB->replaceMemOperandDisp(*MemLocInstr, JTLabel, BC.Ctx.get()); 989 BC.MIB->setJumpTable(Instruction, ArrayStart, IndexRegNum); 990 991 JTSites.emplace_back(Offset, ArrayStart); 992 993 return BranchType; 994 } 995 996 MCSymbol *BinaryFunction::getOrCreateLocalLabel(uint64_t Address, 997 bool CreatePastEnd) { 998 const uint64_t Offset = Address - getAddress(); 999 1000 if ((Offset == getSize()) && CreatePastEnd) 1001 return getFunctionEndLabel(); 1002 1003 auto LI = Labels.find(Offset); 1004 if (LI != Labels.end()) 1005 return LI->second; 1006 1007 // For AArch64, check if this address is part of a constant island. 1008 if (BC.isAArch64()) { 1009 if (MCSymbol *IslandSym = getOrCreateIslandAccess(Address)) 1010 return IslandSym; 1011 } 1012 1013 MCSymbol *Label = BC.Ctx->createNamedTempSymbol(); 1014 Labels[Offset] = Label; 1015 1016 return Label; 1017 } 1018 1019 ErrorOr<ArrayRef<uint8_t>> BinaryFunction::getData() const { 1020 BinarySection &Section = *getOriginSection(); 1021 assert(Section.containsRange(getAddress(), getMaxSize()) && 1022 "wrong section for function"); 1023 1024 if (!Section.isText() || Section.isVirtual() || !Section.getSize()) 1025 return std::make_error_code(std::errc::bad_address); 1026 1027 StringRef SectionContents = Section.getContents(); 1028 1029 assert(SectionContents.size() == Section.getSize() && 1030 "section size mismatch"); 1031 1032 // Function offset from the section start. 1033 uint64_t Offset = getAddress() - Section.getAddress(); 1034 auto *Bytes = reinterpret_cast<const uint8_t *>(SectionContents.data()); 1035 return ArrayRef<uint8_t>(Bytes + Offset, getMaxSize()); 1036 } 1037 1038 size_t BinaryFunction::getSizeOfDataInCodeAt(uint64_t Offset) const { 1039 if (!Islands) 1040 return 0; 1041 1042 if (!llvm::is_contained(Islands->DataOffsets, Offset)) 1043 return 0; 1044 1045 auto Iter = Islands->CodeOffsets.upper_bound(Offset); 1046 if (Iter != Islands->CodeOffsets.end()) 1047 return *Iter - Offset; 1048 return getSize() - Offset; 1049 } 1050 1051 bool BinaryFunction::isZeroPaddingAt(uint64_t Offset) const { 1052 ArrayRef<uint8_t> FunctionData = *getData(); 1053 uint64_t EndOfCode = getSize(); 1054 if (Islands) { 1055 auto Iter = Islands->DataOffsets.upper_bound(Offset); 1056 if (Iter != Islands->DataOffsets.end()) 1057 EndOfCode = *Iter; 1058 } 1059 for (uint64_t I = Offset; I < EndOfCode; ++I) 1060 if (FunctionData[I] != 0) 1061 return false; 1062 1063 return true; 1064 } 1065 1066 Error BinaryFunction::handlePCRelOperand(MCInst &Instruction, uint64_t Address, 1067 uint64_t Size) { 1068 auto &MIB = BC.MIB; 1069 uint64_t TargetAddress = 0; 1070 if (!MIB->evaluateMemOperandTarget(Instruction, TargetAddress, Address, 1071 Size)) { 1072 std::string Msg; 1073 raw_string_ostream SS(Msg); 1074 SS << "BOLT-ERROR: PC-relative operand can't be evaluated:\n"; 1075 BC.InstPrinter->printInst(&Instruction, 0, "", *BC.STI, SS); 1076 SS << '\n'; 1077 Instruction.dump_pretty(SS, BC.InstPrinter.get()); 1078 SS << '\n'; 1079 SS << "BOLT-ERROR: cannot handle PC-relative operand at 0x" 1080 << Twine::utohexstr(Address) << ". Skipping function " << *this << ".\n"; 1081 if (BC.HasRelocations) 1082 return createFatalBOLTError(Msg); 1083 IsSimple = false; 1084 return createNonFatalBOLTError(Msg); 1085 } 1086 if (TargetAddress == 0 && opts::Verbosity >= 1) { 1087 BC.outs() << "BOLT-INFO: PC-relative operand is zero in function " << *this 1088 << '\n'; 1089 } 1090 1091 const MCSymbol *TargetSymbol; 1092 uint64_t TargetOffset; 1093 std::tie(TargetSymbol, TargetOffset) = 1094 BC.handleAddressRef(TargetAddress, *this, /*IsPCRel*/ true); 1095 1096 bool ReplaceSuccess = MIB->replaceMemOperandDisp( 1097 Instruction, TargetSymbol, static_cast<int64_t>(TargetOffset), &*BC.Ctx); 1098 (void)ReplaceSuccess; 1099 assert(ReplaceSuccess && "Failed to replace mem operand with symbol+off."); 1100 return Error::success(); 1101 } 1102 1103 MCSymbol *BinaryFunction::handleExternalReference(MCInst &Instruction, 1104 uint64_t Size, 1105 uint64_t Offset, 1106 uint64_t TargetAddress, 1107 bool &IsCall) { 1108 auto &MIB = BC.MIB; 1109 1110 const uint64_t AbsoluteInstrAddr = getAddress() + Offset; 1111 BC.addInterproceduralReference(this, TargetAddress); 1112 if (opts::Verbosity >= 2 && !IsCall && Size == 2 && !BC.HasRelocations) { 1113 BC.errs() << "BOLT-WARNING: relaxed tail call detected at 0x" 1114 << Twine::utohexstr(AbsoluteInstrAddr) << " in function " << *this 1115 << ". Code size will be increased.\n"; 1116 } 1117 1118 assert(!MIB->isTailCall(Instruction) && 1119 "synthetic tail call instruction found"); 1120 1121 // This is a call regardless of the opcode. 1122 // Assign proper opcode for tail calls, so that they could be 1123 // treated as calls. 1124 if (!IsCall) { 1125 if (!MIB->convertJmpToTailCall(Instruction)) { 1126 assert(MIB->isConditionalBranch(Instruction) && 1127 "unknown tail call instruction"); 1128 if (opts::Verbosity >= 2) { 1129 BC.errs() << "BOLT-WARNING: conditional tail call detected in " 1130 << "function " << *this << " at 0x" 1131 << Twine::utohexstr(AbsoluteInstrAddr) << ".\n"; 1132 } 1133 } 1134 IsCall = true; 1135 } 1136 1137 if (opts::Verbosity >= 2 && TargetAddress == 0) { 1138 // We actually see calls to address 0 in presence of weak 1139 // symbols originating from libraries. This code is never meant 1140 // to be executed. 1141 BC.outs() << "BOLT-INFO: Function " << *this 1142 << " has a call to address zero.\n"; 1143 } 1144 1145 return BC.getOrCreateGlobalSymbol(TargetAddress, "FUNCat"); 1146 } 1147 1148 void BinaryFunction::handleIndirectBranch(MCInst &Instruction, uint64_t Size, 1149 uint64_t Offset) { 1150 auto &MIB = BC.MIB; 1151 uint64_t IndirectTarget = 0; 1152 IndirectBranchType Result = 1153 processIndirectBranch(Instruction, Size, Offset, IndirectTarget); 1154 switch (Result) { 1155 default: 1156 llvm_unreachable("unexpected result"); 1157 case IndirectBranchType::POSSIBLE_TAIL_CALL: { 1158 bool Result = MIB->convertJmpToTailCall(Instruction); 1159 (void)Result; 1160 assert(Result); 1161 break; 1162 } 1163 case IndirectBranchType::POSSIBLE_JUMP_TABLE: 1164 case IndirectBranchType::POSSIBLE_PIC_JUMP_TABLE: 1165 case IndirectBranchType::POSSIBLE_PIC_FIXED_BRANCH: 1166 if (opts::JumpTables == JTS_NONE) 1167 IsSimple = false; 1168 break; 1169 case IndirectBranchType::POSSIBLE_FIXED_BRANCH: { 1170 if (containsAddress(IndirectTarget)) { 1171 const MCSymbol *TargetSymbol = getOrCreateLocalLabel(IndirectTarget); 1172 Instruction.clear(); 1173 MIB->createUncondBranch(Instruction, TargetSymbol, BC.Ctx.get()); 1174 TakenBranches.emplace_back(Offset, IndirectTarget - getAddress()); 1175 addEntryPointAtOffset(IndirectTarget - getAddress()); 1176 } else { 1177 MIB->convertJmpToTailCall(Instruction); 1178 BC.addInterproceduralReference(this, IndirectTarget); 1179 } 1180 break; 1181 } 1182 case IndirectBranchType::UNKNOWN: 1183 // Keep processing. We'll do more checks and fixes in 1184 // postProcessIndirectBranches(). 1185 UnknownIndirectBranchOffsets.emplace(Offset); 1186 break; 1187 } 1188 } 1189 1190 void BinaryFunction::handleAArch64IndirectCall(MCInst &Instruction, 1191 const uint64_t Offset) { 1192 auto &MIB = BC.MIB; 1193 const uint64_t AbsoluteInstrAddr = getAddress() + Offset; 1194 MCInst *TargetHiBits, *TargetLowBits; 1195 uint64_t TargetAddress, Count; 1196 Count = MIB->matchLinkerVeneer(Instructions.begin(), Instructions.end(), 1197 AbsoluteInstrAddr, Instruction, TargetHiBits, 1198 TargetLowBits, TargetAddress); 1199 if (Count) { 1200 MIB->addAnnotation(Instruction, "AArch64Veneer", true); 1201 --Count; 1202 for (auto It = std::prev(Instructions.end()); Count != 0; 1203 It = std::prev(It), --Count) { 1204 MIB->addAnnotation(It->second, "AArch64Veneer", true); 1205 } 1206 1207 BC.addAdrpAddRelocAArch64(*this, *TargetLowBits, *TargetHiBits, 1208 TargetAddress); 1209 } 1210 } 1211 1212 std::optional<MCInst> 1213 BinaryFunction::disassembleInstructionAtOffset(uint64_t Offset) const { 1214 assert(CurrentState == State::Empty && "Function should not be disassembled"); 1215 assert(Offset < MaxSize && "Invalid offset"); 1216 ErrorOr<ArrayRef<unsigned char>> FunctionData = getData(); 1217 assert(FunctionData && "Cannot get function as data"); 1218 MCInst Instr; 1219 uint64_t InstrSize = 0; 1220 const uint64_t InstrAddress = getAddress() + Offset; 1221 if (BC.DisAsm->getInstruction(Instr, InstrSize, FunctionData->slice(Offset), 1222 InstrAddress, nulls())) 1223 return Instr; 1224 return std::nullopt; 1225 } 1226 1227 Error BinaryFunction::disassemble() { 1228 NamedRegionTimer T("disassemble", "Disassemble function", "buildfuncs", 1229 "Build Binary Functions", opts::TimeBuild); 1230 ErrorOr<ArrayRef<uint8_t>> ErrorOrFunctionData = getData(); 1231 assert(ErrorOrFunctionData && "function data is not available"); 1232 ArrayRef<uint8_t> FunctionData = *ErrorOrFunctionData; 1233 assert(FunctionData.size() == getMaxSize() && 1234 "function size does not match raw data size"); 1235 1236 auto &Ctx = BC.Ctx; 1237 auto &MIB = BC.MIB; 1238 1239 BC.SymbolicDisAsm->setSymbolizer(MIB->createTargetSymbolizer(*this)); 1240 1241 // Insert a label at the beginning of the function. This will be our first 1242 // basic block. 1243 Labels[0] = Ctx->createNamedTempSymbol("BB0"); 1244 1245 // Map offsets in the function to a label that should always point to the 1246 // corresponding instruction. This is used for labels that shouldn't point to 1247 // the start of a basic block but always to a specific instruction. This is 1248 // used, for example, on RISC-V where %pcrel_lo relocations point to the 1249 // corresponding %pcrel_hi. 1250 LabelsMapType InstructionLabels; 1251 1252 uint64_t Size = 0; // instruction size 1253 for (uint64_t Offset = 0; Offset < getSize(); Offset += Size) { 1254 MCInst Instruction; 1255 const uint64_t AbsoluteInstrAddr = getAddress() + Offset; 1256 1257 // Check for data inside code and ignore it 1258 if (const size_t DataInCodeSize = getSizeOfDataInCodeAt(Offset)) { 1259 Size = DataInCodeSize; 1260 continue; 1261 } 1262 1263 if (!BC.SymbolicDisAsm->getInstruction(Instruction, Size, 1264 FunctionData.slice(Offset), 1265 AbsoluteInstrAddr, nulls())) { 1266 // Functions with "soft" boundaries, e.g. coming from assembly source, 1267 // can have 0-byte padding at the end. 1268 if (isZeroPaddingAt(Offset)) 1269 break; 1270 1271 BC.errs() 1272 << "BOLT-WARNING: unable to disassemble instruction at offset 0x" 1273 << Twine::utohexstr(Offset) << " (address 0x" 1274 << Twine::utohexstr(AbsoluteInstrAddr) << ") in function " << *this 1275 << '\n'; 1276 // Some AVX-512 instructions could not be disassembled at all. 1277 if (BC.HasRelocations && opts::TrapOnAVX512 && BC.isX86()) { 1278 setTrapOnEntry(); 1279 BC.TrappedFunctions.push_back(this); 1280 } else { 1281 setIgnored(); 1282 } 1283 1284 break; 1285 } 1286 1287 // Check integrity of LLVM assembler/disassembler. 1288 if (opts::CheckEncoding && !BC.MIB->isBranch(Instruction) && 1289 !BC.MIB->isCall(Instruction) && !BC.MIB->isNoop(Instruction)) { 1290 if (!BC.validateInstructionEncoding(FunctionData.slice(Offset, Size))) { 1291 BC.errs() << "BOLT-WARNING: mismatching LLVM encoding detected in " 1292 << "function " << *this << " for instruction :\n"; 1293 BC.printInstruction(BC.errs(), Instruction, AbsoluteInstrAddr); 1294 BC.errs() << '\n'; 1295 } 1296 } 1297 1298 // Special handling for AVX-512 instructions. 1299 if (MIB->hasEVEXEncoding(Instruction)) { 1300 if (BC.HasRelocations && opts::TrapOnAVX512) { 1301 setTrapOnEntry(); 1302 BC.TrappedFunctions.push_back(this); 1303 break; 1304 } 1305 1306 if (!BC.validateInstructionEncoding(FunctionData.slice(Offset, Size))) { 1307 BC.errs() << "BOLT-WARNING: internal assembler/disassembler error " 1308 "detected for AVX512 instruction:\n"; 1309 BC.printInstruction(BC.errs(), Instruction, AbsoluteInstrAddr); 1310 BC.errs() << " in function " << *this << '\n'; 1311 setIgnored(); 1312 break; 1313 } 1314 } 1315 1316 bool IsUnsupported = BC.MIB->isUnsupportedInstruction(Instruction); 1317 if (IsUnsupported) 1318 setIgnored(); 1319 1320 if (MIB->isBranch(Instruction) || MIB->isCall(Instruction)) { 1321 uint64_t TargetAddress = 0; 1322 if (MIB->evaluateBranch(Instruction, AbsoluteInstrAddr, Size, 1323 TargetAddress)) { 1324 // Check if the target is within the same function. Otherwise it's 1325 // a call, possibly a tail call. 1326 // 1327 // If the target *is* the function address it could be either a branch 1328 // or a recursive call. 1329 bool IsCall = MIB->isCall(Instruction); 1330 const bool IsCondBranch = MIB->isConditionalBranch(Instruction); 1331 MCSymbol *TargetSymbol = nullptr; 1332 1333 if (IsUnsupported) 1334 if (auto *TargetFunc = 1335 BC.getBinaryFunctionContainingAddress(TargetAddress)) 1336 TargetFunc->setIgnored(); 1337 1338 if (IsCall && TargetAddress == getAddress()) { 1339 // A recursive call. Calls to internal blocks are handled by 1340 // ValidateInternalCalls pass. 1341 TargetSymbol = getSymbol(); 1342 } 1343 1344 if (!TargetSymbol) { 1345 // Create either local label or external symbol. 1346 if (containsAddress(TargetAddress)) { 1347 TargetSymbol = getOrCreateLocalLabel(TargetAddress); 1348 } else { 1349 if (TargetAddress == getAddress() + getSize() && 1350 TargetAddress < getAddress() + getMaxSize() && 1351 !(BC.isAArch64() && 1352 BC.handleAArch64Veneer(TargetAddress, /*MatchOnly*/ true))) { 1353 // Result of __builtin_unreachable(). 1354 LLVM_DEBUG(dbgs() << "BOLT-DEBUG: jump past end detected at 0x" 1355 << Twine::utohexstr(AbsoluteInstrAddr) 1356 << " in function " << *this 1357 << " : replacing with nop.\n"); 1358 BC.MIB->createNoop(Instruction); 1359 if (IsCondBranch) { 1360 // Register branch offset for profile validation. 1361 IgnoredBranches.emplace_back(Offset, Offset + Size); 1362 } 1363 goto add_instruction; 1364 } 1365 // May update Instruction and IsCall 1366 TargetSymbol = handleExternalReference(Instruction, Size, Offset, 1367 TargetAddress, IsCall); 1368 } 1369 } 1370 1371 if (!IsCall) { 1372 // Add taken branch info. 1373 TakenBranches.emplace_back(Offset, TargetAddress - getAddress()); 1374 } 1375 BC.MIB->replaceBranchTarget(Instruction, TargetSymbol, &*Ctx); 1376 1377 // Mark CTC. 1378 if (IsCondBranch && IsCall) 1379 MIB->setConditionalTailCall(Instruction, TargetAddress); 1380 } else { 1381 // Could not evaluate branch. Should be an indirect call or an 1382 // indirect branch. Bail out on the latter case. 1383 if (MIB->isIndirectBranch(Instruction)) 1384 handleIndirectBranch(Instruction, Size, Offset); 1385 // Indirect call. We only need to fix it if the operand is RIP-relative. 1386 if (IsSimple && MIB->hasPCRelOperand(Instruction)) { 1387 if (auto NewE = handleErrors( 1388 handlePCRelOperand(Instruction, AbsoluteInstrAddr, Size), 1389 [&](const BOLTError &E) -> Error { 1390 if (E.isFatal()) 1391 return Error(std::make_unique<BOLTError>(std::move(E))); 1392 if (!E.getMessage().empty()) 1393 E.log(BC.errs()); 1394 return Error::success(); 1395 })) { 1396 return Error(std::move(NewE)); 1397 } 1398 } 1399 1400 if (BC.isAArch64()) 1401 handleAArch64IndirectCall(Instruction, Offset); 1402 } 1403 } else if (BC.isAArch64() || BC.isRISCV()) { 1404 // Check if there's a relocation associated with this instruction. 1405 bool UsedReloc = false; 1406 for (auto Itr = Relocations.lower_bound(Offset), 1407 ItrE = Relocations.lower_bound(Offset + Size); 1408 Itr != ItrE; ++Itr) { 1409 const Relocation &Relocation = Itr->second; 1410 MCSymbol *Symbol = Relocation.Symbol; 1411 1412 if (Relocation::isInstructionReference(Relocation.Type)) { 1413 uint64_t RefOffset = Relocation.Value - getAddress(); 1414 LabelsMapType::iterator LI = InstructionLabels.find(RefOffset); 1415 1416 if (LI == InstructionLabels.end()) { 1417 Symbol = BC.Ctx->createNamedTempSymbol(); 1418 InstructionLabels.emplace(RefOffset, Symbol); 1419 } else { 1420 Symbol = LI->second; 1421 } 1422 } 1423 1424 int64_t Value = Relocation.Value; 1425 const bool Result = BC.MIB->replaceImmWithSymbolRef( 1426 Instruction, Symbol, Relocation.Addend, Ctx.get(), Value, 1427 Relocation.Type); 1428 (void)Result; 1429 assert(Result && "cannot replace immediate with relocation"); 1430 1431 // For aarch64, if we replaced an immediate with a symbol from a 1432 // relocation, we mark it so we do not try to further process a 1433 // pc-relative operand. All we need is the symbol. 1434 UsedReloc = true; 1435 } 1436 1437 if (!BC.isRISCV() && MIB->hasPCRelOperand(Instruction) && !UsedReloc) { 1438 if (auto NewE = handleErrors( 1439 handlePCRelOperand(Instruction, AbsoluteInstrAddr, Size), 1440 [&](const BOLTError &E) -> Error { 1441 if (E.isFatal()) 1442 return Error(std::make_unique<BOLTError>(std::move(E))); 1443 if (!E.getMessage().empty()) 1444 E.log(BC.errs()); 1445 return Error::success(); 1446 })) 1447 return Error(std::move(NewE)); 1448 } 1449 } 1450 1451 add_instruction: 1452 if (getDWARFLineTable()) { 1453 Instruction.setLoc(findDebugLineInformationForInstructionAt( 1454 AbsoluteInstrAddr, getDWARFUnit(), getDWARFLineTable())); 1455 } 1456 1457 // Record offset of the instruction for profile matching. 1458 if (BC.keepOffsetForInstruction(Instruction)) 1459 MIB->setOffset(Instruction, static_cast<uint32_t>(Offset)); 1460 1461 if (BC.isX86() && BC.MIB->isNoop(Instruction)) { 1462 // NOTE: disassembly loses the correct size information for noops on x86. 1463 // E.g. nopw 0x0(%rax,%rax,1) is 9 bytes, but re-encoded it's only 1464 // 5 bytes. Preserve the size info using annotations. 1465 MIB->setSize(Instruction, Size); 1466 } 1467 1468 addInstruction(Offset, std::move(Instruction)); 1469 } 1470 1471 for (auto [Offset, Label] : InstructionLabels) { 1472 InstrMapType::iterator II = Instructions.find(Offset); 1473 assert(II != Instructions.end() && "reference to non-existing instruction"); 1474 1475 BC.MIB->setInstLabel(II->second, Label); 1476 } 1477 1478 // Reset symbolizer for the disassembler. 1479 BC.SymbolicDisAsm->setSymbolizer(nullptr); 1480 1481 if (uint64_t Offset = getFirstInstructionOffset()) 1482 Labels[Offset] = BC.Ctx->createNamedTempSymbol(); 1483 1484 clearList(Relocations); 1485 1486 if (!IsSimple) { 1487 clearList(Instructions); 1488 return createNonFatalBOLTError(""); 1489 } 1490 1491 updateState(State::Disassembled); 1492 1493 return Error::success(); 1494 } 1495 1496 MCSymbol *BinaryFunction::registerBranch(uint64_t Src, uint64_t Dst) { 1497 assert(CurrentState == State::Disassembled && 1498 "Cannot register branch unless function is in disassembled state."); 1499 assert(containsAddress(Src) && containsAddress(Dst) && 1500 "Cannot register external branch."); 1501 MCSymbol *Target = getOrCreateLocalLabel(Dst); 1502 TakenBranches.emplace_back(Src - getAddress(), Dst - getAddress()); 1503 return Target; 1504 } 1505 1506 void BinaryFunction::analyzeInstructionForFuncReference(const MCInst &Inst) { 1507 for (const MCOperand &Op : MCPlus::primeOperands(Inst)) { 1508 if (!Op.isExpr()) 1509 continue; 1510 const MCExpr &Expr = *Op.getExpr(); 1511 if (Expr.getKind() != MCExpr::SymbolRef) 1512 continue; 1513 const MCSymbol &Symbol = cast<MCSymbolRefExpr>(Expr).getSymbol(); 1514 // Set HasAddressTaken for a function regardless of the ICF level. 1515 if (BinaryFunction *BF = BC.getFunctionForSymbol(&Symbol)) 1516 BF->setHasAddressTaken(true); 1517 } 1518 } 1519 1520 bool BinaryFunction::scanExternalRefs() { 1521 bool Success = true; 1522 bool DisassemblyFailed = false; 1523 1524 // Ignore pseudo functions. 1525 if (isPseudo()) 1526 return Success; 1527 1528 if (opts::NoScan) { 1529 clearList(Relocations); 1530 clearList(ExternallyReferencedOffsets); 1531 1532 return false; 1533 } 1534 1535 // List of external references for this function. 1536 std::vector<Relocation> FunctionRelocations; 1537 1538 static BinaryContext::IndependentCodeEmitter Emitter = 1539 BC.createIndependentMCCodeEmitter(); 1540 1541 ErrorOr<ArrayRef<uint8_t>> ErrorOrFunctionData = getData(); 1542 assert(ErrorOrFunctionData && "function data is not available"); 1543 ArrayRef<uint8_t> FunctionData = *ErrorOrFunctionData; 1544 assert(FunctionData.size() == getMaxSize() && 1545 "function size does not match raw data size"); 1546 1547 BC.SymbolicDisAsm->setSymbolizer( 1548 BC.MIB->createTargetSymbolizer(*this, /*CreateSymbols*/ false)); 1549 1550 // Disassemble contents of the function. Detect code entry points and create 1551 // relocations for references to code that will be moved. 1552 uint64_t Size = 0; // instruction size 1553 for (uint64_t Offset = 0; Offset < getSize(); Offset += Size) { 1554 // Check for data inside code and ignore it 1555 if (const size_t DataInCodeSize = getSizeOfDataInCodeAt(Offset)) { 1556 Size = DataInCodeSize; 1557 continue; 1558 } 1559 1560 const uint64_t AbsoluteInstrAddr = getAddress() + Offset; 1561 MCInst Instruction; 1562 if (!BC.SymbolicDisAsm->getInstruction(Instruction, Size, 1563 FunctionData.slice(Offset), 1564 AbsoluteInstrAddr, nulls())) { 1565 if (opts::Verbosity >= 1 && !isZeroPaddingAt(Offset)) { 1566 BC.errs() 1567 << "BOLT-WARNING: unable to disassemble instruction at offset 0x" 1568 << Twine::utohexstr(Offset) << " (address 0x" 1569 << Twine::utohexstr(AbsoluteInstrAddr) << ") in function " << *this 1570 << '\n'; 1571 } 1572 Success = false; 1573 DisassemblyFailed = true; 1574 break; 1575 } 1576 1577 // Return true if we can skip handling the Target function reference. 1578 auto ignoreFunctionRef = [&](const BinaryFunction &Target) { 1579 if (&Target == this) 1580 return true; 1581 1582 // Note that later we may decide not to emit Target function. In that 1583 // case, we conservatively create references that will be ignored or 1584 // resolved to the same function. 1585 if (!BC.shouldEmit(Target)) 1586 return true; 1587 1588 return false; 1589 }; 1590 1591 // Return true if we can ignore reference to the symbol. 1592 auto ignoreReference = [&](const MCSymbol *TargetSymbol) { 1593 if (!TargetSymbol) 1594 return true; 1595 1596 if (BC.forceSymbolRelocations(TargetSymbol->getName())) 1597 return false; 1598 1599 BinaryFunction *TargetFunction = BC.getFunctionForSymbol(TargetSymbol); 1600 if (!TargetFunction) 1601 return true; 1602 1603 return ignoreFunctionRef(*TargetFunction); 1604 }; 1605 1606 // Handle calls and branches separately as symbolization doesn't work for 1607 // them yet. 1608 MCSymbol *BranchTargetSymbol = nullptr; 1609 if (BC.MIB->isCall(Instruction) || BC.MIB->isBranch(Instruction)) { 1610 uint64_t TargetAddress = 0; 1611 BC.MIB->evaluateBranch(Instruction, AbsoluteInstrAddr, Size, 1612 TargetAddress); 1613 1614 // Create an entry point at reference address if needed. 1615 BinaryFunction *TargetFunction = 1616 BC.getBinaryFunctionContainingAddress(TargetAddress); 1617 1618 if (!TargetFunction || ignoreFunctionRef(*TargetFunction)) 1619 continue; 1620 1621 const uint64_t FunctionOffset = 1622 TargetAddress - TargetFunction->getAddress(); 1623 BranchTargetSymbol = 1624 FunctionOffset ? TargetFunction->addEntryPointAtOffset(FunctionOffset) 1625 : TargetFunction->getSymbol(); 1626 } 1627 1628 // Can't find more references. Not creating relocations since we are not 1629 // moving code. 1630 if (!BC.HasRelocations) 1631 continue; 1632 1633 if (BranchTargetSymbol) { 1634 BC.MIB->replaceBranchTarget(Instruction, BranchTargetSymbol, 1635 Emitter.LocalCtx.get()); 1636 } else if (!llvm::any_of(Instruction, 1637 [](const MCOperand &Op) { return Op.isExpr(); })) { 1638 // Skip assembly if the instruction may not have any symbolic operands. 1639 continue; 1640 } else { 1641 analyzeInstructionForFuncReference(Instruction); 1642 } 1643 1644 // Emit the instruction using temp emitter and generate relocations. 1645 SmallString<256> Code; 1646 SmallVector<MCFixup, 4> Fixups; 1647 Emitter.MCE->encodeInstruction(Instruction, Code, Fixups, *BC.STI); 1648 1649 // Create relocation for every fixup. 1650 for (const MCFixup &Fixup : Fixups) { 1651 std::optional<Relocation> Rel = BC.MIB->createRelocation(Fixup, *BC.MAB); 1652 if (!Rel) { 1653 Success = false; 1654 continue; 1655 } 1656 1657 if (ignoreReference(Rel->Symbol)) 1658 continue; 1659 1660 if (Relocation::getSizeForType(Rel->Type) < 4) { 1661 // If the instruction uses a short form, then we might not be able 1662 // to handle the rewrite without relaxation, and hence cannot reliably 1663 // create an external reference relocation. 1664 Success = false; 1665 continue; 1666 } 1667 Rel->Offset += getAddress() - getOriginSection()->getAddress() + Offset; 1668 FunctionRelocations.push_back(*Rel); 1669 } 1670 1671 if (!Success) 1672 break; 1673 } 1674 1675 // Reset symbolizer for the disassembler. 1676 BC.SymbolicDisAsm->setSymbolizer(nullptr); 1677 1678 // Add relocations unless disassembly failed for this function. 1679 if (!DisassemblyFailed) 1680 for (Relocation &Rel : FunctionRelocations) 1681 getOriginSection()->addPendingRelocation(Rel); 1682 1683 // Inform BinaryContext that this function symbols will not be defined and 1684 // relocations should not be created against them. 1685 if (BC.HasRelocations) { 1686 for (std::pair<const uint32_t, MCSymbol *> &LI : Labels) 1687 BC.UndefinedSymbols.insert(LI.second); 1688 for (MCSymbol *const EndLabel : FunctionEndLabels) 1689 if (EndLabel) 1690 BC.UndefinedSymbols.insert(EndLabel); 1691 } 1692 1693 clearList(Relocations); 1694 clearList(ExternallyReferencedOffsets); 1695 1696 if (Success && BC.HasRelocations) 1697 HasExternalRefRelocations = true; 1698 1699 if (opts::Verbosity >= 1 && !Success) 1700 BC.outs() << "BOLT-INFO: failed to scan refs for " << *this << '\n'; 1701 1702 return Success; 1703 } 1704 1705 void BinaryFunction::postProcessEntryPoints() { 1706 if (!isSimple()) 1707 return; 1708 1709 for (auto &KV : Labels) { 1710 MCSymbol *Label = KV.second; 1711 if (!getSecondaryEntryPointSymbol(Label)) 1712 continue; 1713 1714 // In non-relocation mode there's potentially an external undetectable 1715 // reference to the entry point and hence we cannot move this entry 1716 // point. Optimizing without moving could be difficult. 1717 // In BAT mode, register any known entry points for CFG construction. 1718 if (!BC.HasRelocations && !BC.HasBATSection) 1719 setSimple(false); 1720 1721 const uint32_t Offset = KV.first; 1722 1723 // If we are at Offset 0 and there is no instruction associated with it, 1724 // this means this is an empty function. Just ignore. If we find an 1725 // instruction at this offset, this entry point is valid. 1726 if (!Offset || getInstructionAtOffset(Offset)) 1727 continue; 1728 1729 // On AArch64 there are legitimate reasons to have references past the 1730 // end of the function, e.g. jump tables. 1731 if (BC.isAArch64() && Offset == getSize()) 1732 continue; 1733 1734 BC.errs() << "BOLT-WARNING: reference in the middle of instruction " 1735 "detected in function " 1736 << *this << " at offset 0x" << Twine::utohexstr(Offset) << '\n'; 1737 if (BC.HasRelocations) 1738 setIgnored(); 1739 setSimple(false); 1740 return; 1741 } 1742 } 1743 1744 void BinaryFunction::postProcessJumpTables() { 1745 // Create labels for all entries. 1746 for (auto &JTI : JumpTables) { 1747 JumpTable &JT = *JTI.second; 1748 if (JT.Type == JumpTable::JTT_PIC && opts::JumpTables == JTS_BASIC) { 1749 opts::JumpTables = JTS_MOVE; 1750 BC.outs() << "BOLT-INFO: forcing -jump-tables=move as PIC jump table was " 1751 "detected in function " 1752 << *this << '\n'; 1753 } 1754 const uint64_t BDSize = 1755 BC.getBinaryDataAtAddress(JT.getAddress())->getSize(); 1756 if (!BDSize) { 1757 BC.setBinaryDataSize(JT.getAddress(), JT.getSize()); 1758 } else { 1759 assert(BDSize >= JT.getSize() && 1760 "jump table cannot be larger than the containing object"); 1761 } 1762 if (!JT.Entries.empty()) 1763 continue; 1764 1765 bool HasOneParent = (JT.Parents.size() == 1); 1766 for (uint64_t EntryAddress : JT.EntriesAsAddress) { 1767 // builtin_unreachable does not belong to any function 1768 // Need to handle separately 1769 bool IsBuiltinUnreachable = 1770 llvm::any_of(JT.Parents, [&](const BinaryFunction *Parent) { 1771 return EntryAddress == Parent->getAddress() + Parent->getSize(); 1772 }); 1773 if (IsBuiltinUnreachable) { 1774 MCSymbol *Label = getOrCreateLocalLabel(EntryAddress, true); 1775 JT.Entries.push_back(Label); 1776 continue; 1777 } 1778 // Create a local label for targets that cannot be reached by other 1779 // fragments. Otherwise, create a secondary entry point in the target 1780 // function. 1781 BinaryFunction *TargetBF = 1782 BC.getBinaryFunctionContainingAddress(EntryAddress); 1783 MCSymbol *Label; 1784 if (HasOneParent && TargetBF == this) { 1785 Label = getOrCreateLocalLabel(EntryAddress, true); 1786 } else { 1787 const uint64_t Offset = EntryAddress - TargetBF->getAddress(); 1788 Label = Offset ? TargetBF->addEntryPointAtOffset(Offset) 1789 : TargetBF->getSymbol(); 1790 } 1791 JT.Entries.push_back(Label); 1792 } 1793 } 1794 1795 // Add TakenBranches from JumpTables. 1796 // 1797 // We want to do it after initial processing since we don't know jump tables' 1798 // boundaries until we process them all. 1799 for (auto &JTSite : JTSites) { 1800 const uint64_t JTSiteOffset = JTSite.first; 1801 const uint64_t JTAddress = JTSite.second; 1802 const JumpTable *JT = getJumpTableContainingAddress(JTAddress); 1803 assert(JT && "cannot find jump table for address"); 1804 1805 uint64_t EntryOffset = JTAddress - JT->getAddress(); 1806 while (EntryOffset < JT->getSize()) { 1807 uint64_t EntryAddress = JT->EntriesAsAddress[EntryOffset / JT->EntrySize]; 1808 uint64_t TargetOffset = EntryAddress - getAddress(); 1809 if (TargetOffset < getSize()) { 1810 TakenBranches.emplace_back(JTSiteOffset, TargetOffset); 1811 1812 if (opts::StrictMode) 1813 registerReferencedOffset(TargetOffset); 1814 } 1815 1816 EntryOffset += JT->EntrySize; 1817 1818 // A label at the next entry means the end of this jump table. 1819 if (JT->Labels.count(EntryOffset)) 1820 break; 1821 } 1822 } 1823 clearList(JTSites); 1824 1825 // Conservatively populate all possible destinations for unknown indirect 1826 // branches. 1827 if (opts::StrictMode && hasInternalReference()) { 1828 for (uint64_t Offset : UnknownIndirectBranchOffsets) { 1829 for (uint64_t PossibleDestination : ExternallyReferencedOffsets) { 1830 // Ignore __builtin_unreachable(). 1831 if (PossibleDestination == getSize()) 1832 continue; 1833 TakenBranches.emplace_back(Offset, PossibleDestination); 1834 } 1835 } 1836 } 1837 } 1838 1839 bool BinaryFunction::validateExternallyReferencedOffsets() { 1840 SmallPtrSet<MCSymbol *, 4> JTTargets; 1841 for (const JumpTable *JT : llvm::make_second_range(JumpTables)) 1842 JTTargets.insert(JT->Entries.begin(), JT->Entries.end()); 1843 1844 bool HasUnclaimedReference = false; 1845 for (uint64_t Destination : ExternallyReferencedOffsets) { 1846 // Ignore __builtin_unreachable(). 1847 if (Destination == getSize()) 1848 continue; 1849 // Ignore constant islands 1850 if (isInConstantIsland(Destination + getAddress())) 1851 continue; 1852 1853 if (BinaryBasicBlock *BB = getBasicBlockAtOffset(Destination)) { 1854 // Check if the externally referenced offset is a recognized jump table 1855 // target. 1856 if (JTTargets.contains(BB->getLabel())) 1857 continue; 1858 1859 if (opts::Verbosity >= 1) { 1860 BC.errs() << "BOLT-WARNING: unclaimed data to code reference (possibly " 1861 << "an unrecognized jump table entry) to " << BB->getName() 1862 << " in " << *this << "\n"; 1863 } 1864 auto L = BC.scopeLock(); 1865 addEntryPoint(*BB); 1866 } else { 1867 BC.errs() << "BOLT-WARNING: unknown data to code reference to offset " 1868 << Twine::utohexstr(Destination) << " in " << *this << "\n"; 1869 setIgnored(); 1870 } 1871 HasUnclaimedReference = true; 1872 } 1873 return !HasUnclaimedReference; 1874 } 1875 1876 bool BinaryFunction::postProcessIndirectBranches( 1877 MCPlusBuilder::AllocatorIdTy AllocId) { 1878 auto addUnknownControlFlow = [&](BinaryBasicBlock &BB) { 1879 LLVM_DEBUG(dbgs() << "BOLT-DEBUG: adding unknown control flow in " << *this 1880 << " for " << BB.getName() << "\n"); 1881 HasUnknownControlFlow = true; 1882 BB.removeAllSuccessors(); 1883 for (uint64_t PossibleDestination : ExternallyReferencedOffsets) 1884 if (BinaryBasicBlock *SuccBB = getBasicBlockAtOffset(PossibleDestination)) 1885 BB.addSuccessor(SuccBB); 1886 }; 1887 1888 uint64_t NumIndirectJumps = 0; 1889 MCInst *LastIndirectJump = nullptr; 1890 BinaryBasicBlock *LastIndirectJumpBB = nullptr; 1891 uint64_t LastJT = 0; 1892 uint16_t LastJTIndexReg = BC.MIB->getNoRegister(); 1893 for (BinaryBasicBlock &BB : blocks()) { 1894 for (BinaryBasicBlock::iterator II = BB.begin(); II != BB.end(); ++II) { 1895 MCInst &Instr = *II; 1896 if (!BC.MIB->isIndirectBranch(Instr)) 1897 continue; 1898 1899 // If there's an indirect branch in a single-block function - 1900 // it must be a tail call. 1901 if (BasicBlocks.size() == 1) { 1902 BC.MIB->convertJmpToTailCall(Instr); 1903 return true; 1904 } 1905 1906 ++NumIndirectJumps; 1907 1908 if (opts::StrictMode && !hasInternalReference()) { 1909 BC.MIB->convertJmpToTailCall(Instr); 1910 break; 1911 } 1912 1913 // Validate the tail call or jump table assumptions now that we know 1914 // basic block boundaries. 1915 if (BC.MIB->isTailCall(Instr) || BC.MIB->getJumpTable(Instr)) { 1916 const unsigned PtrSize = BC.AsmInfo->getCodePointerSize(); 1917 MCInst *MemLocInstr; 1918 unsigned BaseRegNum, IndexRegNum; 1919 int64_t DispValue; 1920 const MCExpr *DispExpr; 1921 MCInst *PCRelBaseInstr; 1922 MCInst *FixedEntryLoadInstr; 1923 IndirectBranchType Type = BC.MIB->analyzeIndirectBranch( 1924 Instr, BB.begin(), II, PtrSize, MemLocInstr, BaseRegNum, 1925 IndexRegNum, DispValue, DispExpr, PCRelBaseInstr, 1926 FixedEntryLoadInstr); 1927 if (Type != IndirectBranchType::UNKNOWN || MemLocInstr != nullptr) 1928 continue; 1929 1930 if (!opts::StrictMode) 1931 return false; 1932 1933 if (BC.MIB->isTailCall(Instr)) { 1934 BC.MIB->convertTailCallToJmp(Instr); 1935 } else { 1936 LastIndirectJump = &Instr; 1937 LastIndirectJumpBB = &BB; 1938 LastJT = BC.MIB->getJumpTable(Instr); 1939 LastJTIndexReg = BC.MIB->getJumpTableIndexReg(Instr); 1940 BC.MIB->unsetJumpTable(Instr); 1941 1942 JumpTable *JT = BC.getJumpTableContainingAddress(LastJT); 1943 if (JT->Type == JumpTable::JTT_NORMAL) { 1944 // Invalidating the jump table may also invalidate other jump table 1945 // boundaries. Until we have/need a support for this, mark the 1946 // function as non-simple. 1947 LLVM_DEBUG(dbgs() << "BOLT-DEBUG: rejected jump table reference" 1948 << JT->getName() << " in " << *this << '\n'); 1949 return false; 1950 } 1951 } 1952 1953 addUnknownControlFlow(BB); 1954 continue; 1955 } 1956 1957 // If this block contains an epilogue code and has an indirect branch, 1958 // then most likely it's a tail call. Otherwise, we cannot tell for sure 1959 // what it is and conservatively reject the function's CFG. 1960 bool IsEpilogue = llvm::any_of(BB, [&](const MCInst &Instr) { 1961 return BC.MIB->isLeave(Instr) || BC.MIB->isPop(Instr); 1962 }); 1963 if (IsEpilogue) { 1964 BC.MIB->convertJmpToTailCall(Instr); 1965 BB.removeAllSuccessors(); 1966 continue; 1967 } 1968 1969 if (opts::Verbosity >= 2) { 1970 BC.outs() << "BOLT-INFO: rejected potential indirect tail call in " 1971 << "function " << *this << " in basic block " << BB.getName() 1972 << ".\n"; 1973 LLVM_DEBUG(BC.printInstructions(dbgs(), BB.begin(), BB.end(), 1974 BB.getOffset(), this, true)); 1975 } 1976 1977 if (!opts::StrictMode) 1978 return false; 1979 1980 addUnknownControlFlow(BB); 1981 } 1982 } 1983 1984 if (HasInternalLabelReference) 1985 return false; 1986 1987 // If there's only one jump table, and one indirect jump, and no other 1988 // references, then we should be able to derive the jump table even if we 1989 // fail to match the pattern. 1990 if (HasUnknownControlFlow && NumIndirectJumps == 1 && 1991 JumpTables.size() == 1 && LastIndirectJump && 1992 !BC.getJumpTableContainingAddress(LastJT)->IsSplit) { 1993 LLVM_DEBUG(dbgs() << "BOLT-DEBUG: unsetting unknown control flow in " 1994 << *this << '\n'); 1995 BC.MIB->setJumpTable(*LastIndirectJump, LastJT, LastJTIndexReg, AllocId); 1996 HasUnknownControlFlow = false; 1997 1998 LastIndirectJumpBB->updateJumpTableSuccessors(); 1999 } 2000 2001 // Validate that all data references to function offsets are claimed by 2002 // recognized jump tables. Register externally referenced blocks as entry 2003 // points. 2004 if (!opts::StrictMode && hasInternalReference()) { 2005 if (!validateExternallyReferencedOffsets()) 2006 return false; 2007 } 2008 2009 if (HasUnknownControlFlow && !BC.HasRelocations) 2010 return false; 2011 2012 return true; 2013 } 2014 2015 void BinaryFunction::recomputeLandingPads() { 2016 updateBBIndices(0); 2017 2018 for (BinaryBasicBlock *BB : BasicBlocks) { 2019 BB->LandingPads.clear(); 2020 BB->Throwers.clear(); 2021 } 2022 2023 for (BinaryBasicBlock *BB : BasicBlocks) { 2024 std::unordered_set<const BinaryBasicBlock *> BBLandingPads; 2025 for (MCInst &Instr : *BB) { 2026 if (!BC.MIB->isInvoke(Instr)) 2027 continue; 2028 2029 const std::optional<MCPlus::MCLandingPad> EHInfo = 2030 BC.MIB->getEHInfo(Instr); 2031 if (!EHInfo || !EHInfo->first) 2032 continue; 2033 2034 BinaryBasicBlock *LPBlock = getBasicBlockForLabel(EHInfo->first); 2035 if (!BBLandingPads.count(LPBlock)) { 2036 BBLandingPads.insert(LPBlock); 2037 BB->LandingPads.emplace_back(LPBlock); 2038 LPBlock->Throwers.emplace_back(BB); 2039 } 2040 } 2041 } 2042 } 2043 2044 Error BinaryFunction::buildCFG(MCPlusBuilder::AllocatorIdTy AllocatorId) { 2045 auto &MIB = BC.MIB; 2046 2047 if (!isSimple()) { 2048 assert(!BC.HasRelocations && 2049 "cannot process file with non-simple function in relocs mode"); 2050 return createNonFatalBOLTError(""); 2051 } 2052 2053 if (CurrentState != State::Disassembled) 2054 return createNonFatalBOLTError(""); 2055 2056 assert(BasicBlocks.empty() && "basic block list should be empty"); 2057 assert((Labels.find(getFirstInstructionOffset()) != Labels.end()) && 2058 "first instruction should always have a label"); 2059 2060 // Create basic blocks in the original layout order: 2061 // 2062 // * Every instruction with associated label marks 2063 // the beginning of a basic block. 2064 // * Conditional instruction marks the end of a basic block, 2065 // except when the following instruction is an 2066 // unconditional branch, and the unconditional branch is not 2067 // a destination of another branch. In the latter case, the 2068 // basic block will consist of a single unconditional branch 2069 // (missed "double-jump" optimization). 2070 // 2071 // Created basic blocks are sorted in layout order since they are 2072 // created in the same order as instructions, and instructions are 2073 // sorted by offsets. 2074 BinaryBasicBlock *InsertBB = nullptr; 2075 BinaryBasicBlock *PrevBB = nullptr; 2076 bool IsLastInstrNop = false; 2077 // Offset of the last non-nop instruction. 2078 uint64_t LastInstrOffset = 0; 2079 2080 auto addCFIPlaceholders = [this](uint64_t CFIOffset, 2081 BinaryBasicBlock *InsertBB) { 2082 for (auto FI = OffsetToCFI.lower_bound(CFIOffset), 2083 FE = OffsetToCFI.upper_bound(CFIOffset); 2084 FI != FE; ++FI) { 2085 addCFIPseudo(InsertBB, InsertBB->end(), FI->second); 2086 } 2087 }; 2088 2089 // For profiling purposes we need to save the offset of the last instruction 2090 // in the basic block. 2091 // NOTE: nops always have an Offset annotation. Annotate the last non-nop as 2092 // older profiles ignored nops. 2093 auto updateOffset = [&](uint64_t Offset) { 2094 assert(PrevBB && PrevBB != InsertBB && "invalid previous block"); 2095 MCInst *LastNonNop = nullptr; 2096 for (BinaryBasicBlock::reverse_iterator RII = PrevBB->getLastNonPseudo(), 2097 E = PrevBB->rend(); 2098 RII != E; ++RII) { 2099 if (!BC.MIB->isPseudo(*RII) && !BC.MIB->isNoop(*RII)) { 2100 LastNonNop = &*RII; 2101 break; 2102 } 2103 } 2104 if (LastNonNop && !MIB->getOffset(*LastNonNop)) 2105 MIB->setOffset(*LastNonNop, static_cast<uint32_t>(Offset)); 2106 }; 2107 2108 for (auto I = Instructions.begin(), E = Instructions.end(); I != E; ++I) { 2109 const uint32_t Offset = I->first; 2110 MCInst &Instr = I->second; 2111 2112 auto LI = Labels.find(Offset); 2113 if (LI != Labels.end()) { 2114 // Always create new BB at branch destination. 2115 PrevBB = InsertBB ? InsertBB : PrevBB; 2116 InsertBB = addBasicBlockAt(LI->first, LI->second); 2117 if (opts::PreserveBlocksAlignment && IsLastInstrNop) 2118 InsertBB->setDerivedAlignment(); 2119 2120 if (PrevBB) 2121 updateOffset(LastInstrOffset); 2122 } 2123 2124 // Mark all nops with Offset for profile tracking purposes. 2125 if (MIB->isNoop(Instr) && !MIB->getOffset(Instr)) { 2126 // If "Offset" annotation is not present, set it and mark the nop for 2127 // deletion. 2128 MIB->setOffset(Instr, static_cast<uint32_t>(Offset)); 2129 // Annotate ordinary nops, so we can safely delete them if required. 2130 MIB->addAnnotation(Instr, "NOP", static_cast<uint32_t>(1), AllocatorId); 2131 } 2132 2133 if (!InsertBB) { 2134 // It must be a fallthrough or unreachable code. Create a new block unless 2135 // we see an unconditional branch following a conditional one. The latter 2136 // should not be a conditional tail call. 2137 assert(PrevBB && "no previous basic block for a fall through"); 2138 MCInst *PrevInstr = PrevBB->getLastNonPseudoInstr(); 2139 assert(PrevInstr && "no previous instruction for a fall through"); 2140 if (MIB->isUnconditionalBranch(Instr) && 2141 !MIB->isIndirectBranch(*PrevInstr) && 2142 !MIB->isUnconditionalBranch(*PrevInstr) && 2143 !MIB->getConditionalTailCall(*PrevInstr) && 2144 !MIB->isReturn(*PrevInstr)) { 2145 // Temporarily restore inserter basic block. 2146 InsertBB = PrevBB; 2147 } else { 2148 MCSymbol *Label; 2149 { 2150 auto L = BC.scopeLock(); 2151 Label = BC.Ctx->createNamedTempSymbol("FT"); 2152 } 2153 InsertBB = addBasicBlockAt(Offset, Label); 2154 if (opts::PreserveBlocksAlignment && IsLastInstrNop) 2155 InsertBB->setDerivedAlignment(); 2156 updateOffset(LastInstrOffset); 2157 } 2158 } 2159 if (Offset == getFirstInstructionOffset()) { 2160 // Add associated CFI pseudos in the first offset 2161 addCFIPlaceholders(Offset, InsertBB); 2162 } 2163 2164 const bool IsBlockEnd = MIB->isTerminator(Instr); 2165 IsLastInstrNop = MIB->isNoop(Instr); 2166 if (!IsLastInstrNop) 2167 LastInstrOffset = Offset; 2168 InsertBB->addInstruction(std::move(Instr)); 2169 2170 // Add associated CFI instrs. We always add the CFI instruction that is 2171 // located immediately after this instruction, since the next CFI 2172 // instruction reflects the change in state caused by this instruction. 2173 auto NextInstr = std::next(I); 2174 uint64_t CFIOffset; 2175 if (NextInstr != E) 2176 CFIOffset = NextInstr->first; 2177 else 2178 CFIOffset = getSize(); 2179 2180 // Note: this potentially invalidates instruction pointers/iterators. 2181 addCFIPlaceholders(CFIOffset, InsertBB); 2182 2183 if (IsBlockEnd) { 2184 PrevBB = InsertBB; 2185 InsertBB = nullptr; 2186 } 2187 } 2188 2189 if (BasicBlocks.empty()) { 2190 setSimple(false); 2191 return createNonFatalBOLTError(""); 2192 } 2193 2194 // Intermediate dump. 2195 LLVM_DEBUG(print(dbgs(), "after creating basic blocks")); 2196 2197 // TODO: handle properly calls to no-return functions, 2198 // e.g. exit(3), etc. Otherwise we'll see a false fall-through 2199 // blocks. 2200 2201 // Remove duplicates branches. We can get a bunch of them from jump tables. 2202 // Without doing jump table value profiling we don't have a use for extra 2203 // (duplicate) branches. 2204 llvm::sort(TakenBranches); 2205 auto NewEnd = std::unique(TakenBranches.begin(), TakenBranches.end()); 2206 TakenBranches.erase(NewEnd, TakenBranches.end()); 2207 2208 for (std::pair<uint32_t, uint32_t> &Branch : TakenBranches) { 2209 LLVM_DEBUG(dbgs() << "registering branch [0x" 2210 << Twine::utohexstr(Branch.first) << "] -> [0x" 2211 << Twine::utohexstr(Branch.second) << "]\n"); 2212 BinaryBasicBlock *FromBB = getBasicBlockContainingOffset(Branch.first); 2213 BinaryBasicBlock *ToBB = getBasicBlockAtOffset(Branch.second); 2214 if (!FromBB || !ToBB) { 2215 if (!FromBB) 2216 BC.errs() << "BOLT-ERROR: cannot find BB containing the branch.\n"; 2217 if (!ToBB) 2218 BC.errs() 2219 << "BOLT-ERROR: cannot find BB containing branch destination.\n"; 2220 return createFatalBOLTError(BC.generateBugReportMessage( 2221 "disassembly failed - inconsistent branch found.", *this)); 2222 } 2223 2224 FromBB->addSuccessor(ToBB); 2225 } 2226 2227 // Add fall-through branches. 2228 PrevBB = nullptr; 2229 bool IsPrevFT = false; // Is previous block a fall-through. 2230 for (BinaryBasicBlock *BB : BasicBlocks) { 2231 if (IsPrevFT) 2232 PrevBB->addSuccessor(BB); 2233 2234 if (BB->empty()) { 2235 IsPrevFT = true; 2236 PrevBB = BB; 2237 continue; 2238 } 2239 2240 MCInst *LastInstr = BB->getLastNonPseudoInstr(); 2241 assert(LastInstr && 2242 "should have non-pseudo instruction in non-empty block"); 2243 2244 if (BB->succ_size() == 0) { 2245 // Since there's no existing successors, we know the last instruction is 2246 // not a conditional branch. Thus if it's a terminator, it shouldn't be a 2247 // fall-through. 2248 // 2249 // Conditional tail call is a special case since we don't add a taken 2250 // branch successor for it. 2251 IsPrevFT = !MIB->isTerminator(*LastInstr) || 2252 MIB->getConditionalTailCall(*LastInstr); 2253 } else if (BB->succ_size() == 1) { 2254 IsPrevFT = MIB->isConditionalBranch(*LastInstr); 2255 } else { 2256 IsPrevFT = false; 2257 } 2258 2259 PrevBB = BB; 2260 } 2261 2262 // Assign landing pads and throwers info. 2263 recomputeLandingPads(); 2264 2265 // Assign CFI information to each BB entry. 2266 annotateCFIState(); 2267 2268 // Annotate invoke instructions with GNU_args_size data. 2269 propagateGnuArgsSizeInfo(AllocatorId); 2270 2271 // Set the basic block layout to the original order and set end offsets. 2272 PrevBB = nullptr; 2273 for (BinaryBasicBlock *BB : BasicBlocks) { 2274 Layout.addBasicBlock(BB); 2275 if (PrevBB) 2276 PrevBB->setEndOffset(BB->getOffset()); 2277 PrevBB = BB; 2278 } 2279 PrevBB->setEndOffset(getSize()); 2280 2281 Layout.updateLayoutIndices(); 2282 2283 normalizeCFIState(); 2284 2285 // Clean-up memory taken by intermediate structures. 2286 // 2287 // NB: don't clear Labels list as we may need them if we mark the function 2288 // as non-simple later in the process of discovering extra entry points. 2289 clearList(Instructions); 2290 clearList(OffsetToCFI); 2291 clearList(TakenBranches); 2292 2293 // Update the state. 2294 CurrentState = State::CFG; 2295 2296 // Make any necessary adjustments for indirect branches. 2297 if (!postProcessIndirectBranches(AllocatorId)) { 2298 if (opts::Verbosity) { 2299 BC.errs() << "BOLT-WARNING: failed to post-process indirect branches for " 2300 << *this << '\n'; 2301 } 2302 2303 if (BC.isAArch64()) 2304 PreserveNops = BC.HasRelocations; 2305 2306 // In relocation mode we want to keep processing the function but avoid 2307 // optimizing it. 2308 setSimple(false); 2309 } 2310 2311 clearList(ExternallyReferencedOffsets); 2312 clearList(UnknownIndirectBranchOffsets); 2313 2314 return Error::success(); 2315 } 2316 2317 void BinaryFunction::postProcessCFG() { 2318 if (isSimple() && !BasicBlocks.empty()) { 2319 // Convert conditional tail call branches to conditional branches that jump 2320 // to a tail call. 2321 removeConditionalTailCalls(); 2322 2323 postProcessProfile(); 2324 2325 // Eliminate inconsistencies between branch instructions and CFG. 2326 postProcessBranches(); 2327 } 2328 2329 // The final cleanup of intermediate structures. 2330 clearList(IgnoredBranches); 2331 2332 // Remove "Offset" annotations, unless we need an address-translation table 2333 // later. This has no cost, since annotations are allocated by a bumpptr 2334 // allocator and won't be released anyway until late in the pipeline. 2335 if (!requiresAddressTranslation() && !opts::Instrument) { 2336 for (BinaryBasicBlock &BB : blocks()) 2337 for (MCInst &Inst : BB) 2338 BC.MIB->clearOffset(Inst); 2339 } 2340 2341 assert((!isSimple() || validateCFG()) && 2342 "invalid CFG detected after post-processing"); 2343 } 2344 2345 void BinaryFunction::removeTagsFromProfile() { 2346 for (BinaryBasicBlock *BB : BasicBlocks) { 2347 if (BB->ExecutionCount == BinaryBasicBlock::COUNT_NO_PROFILE) 2348 BB->ExecutionCount = 0; 2349 for (BinaryBasicBlock::BinaryBranchInfo &BI : BB->branch_info()) { 2350 if (BI.Count != BinaryBasicBlock::COUNT_NO_PROFILE && 2351 BI.MispredictedCount != BinaryBasicBlock::COUNT_NO_PROFILE) 2352 continue; 2353 BI.Count = 0; 2354 BI.MispredictedCount = 0; 2355 } 2356 } 2357 } 2358 2359 void BinaryFunction::removeConditionalTailCalls() { 2360 // Blocks to be appended at the end. 2361 std::vector<std::unique_ptr<BinaryBasicBlock>> NewBlocks; 2362 2363 for (auto BBI = begin(); BBI != end(); ++BBI) { 2364 BinaryBasicBlock &BB = *BBI; 2365 MCInst *CTCInstr = BB.getLastNonPseudoInstr(); 2366 if (!CTCInstr) 2367 continue; 2368 2369 std::optional<uint64_t> TargetAddressOrNone = 2370 BC.MIB->getConditionalTailCall(*CTCInstr); 2371 if (!TargetAddressOrNone) 2372 continue; 2373 2374 // Gather all necessary information about CTC instruction before 2375 // annotations are destroyed. 2376 const int32_t CFIStateBeforeCTC = BB.getCFIStateAtInstr(CTCInstr); 2377 uint64_t CTCTakenCount = BinaryBasicBlock::COUNT_NO_PROFILE; 2378 uint64_t CTCMispredCount = BinaryBasicBlock::COUNT_NO_PROFILE; 2379 if (hasValidProfile()) { 2380 CTCTakenCount = BC.MIB->getAnnotationWithDefault<uint64_t>( 2381 *CTCInstr, "CTCTakenCount"); 2382 CTCMispredCount = BC.MIB->getAnnotationWithDefault<uint64_t>( 2383 *CTCInstr, "CTCMispredCount"); 2384 } 2385 2386 // Assert that the tail call does not throw. 2387 assert(!BC.MIB->getEHInfo(*CTCInstr) && 2388 "found tail call with associated landing pad"); 2389 2390 // Create a basic block with an unconditional tail call instruction using 2391 // the same destination. 2392 const MCSymbol *CTCTargetLabel = BC.MIB->getTargetSymbol(*CTCInstr); 2393 assert(CTCTargetLabel && "symbol expected for conditional tail call"); 2394 MCInst TailCallInstr; 2395 BC.MIB->createTailCall(TailCallInstr, CTCTargetLabel, BC.Ctx.get()); 2396 2397 // Move offset from CTCInstr to TailCallInstr. 2398 if (const std::optional<uint32_t> Offset = BC.MIB->getOffset(*CTCInstr)) { 2399 BC.MIB->setOffset(TailCallInstr, *Offset); 2400 BC.MIB->clearOffset(*CTCInstr); 2401 } 2402 2403 // Link new BBs to the original input offset of the BB where the CTC 2404 // is, so we can map samples recorded in new BBs back to the original BB 2405 // seem in the input binary (if using BAT) 2406 std::unique_ptr<BinaryBasicBlock> TailCallBB = 2407 createBasicBlock(BC.Ctx->createNamedTempSymbol("TC")); 2408 TailCallBB->setOffset(BB.getInputOffset()); 2409 TailCallBB->addInstruction(TailCallInstr); 2410 TailCallBB->setCFIState(CFIStateBeforeCTC); 2411 2412 // Add CFG edge with profile info from BB to TailCallBB. 2413 BB.addSuccessor(TailCallBB.get(), CTCTakenCount, CTCMispredCount); 2414 2415 // Add execution count for the block. 2416 TailCallBB->setExecutionCount(CTCTakenCount); 2417 2418 BC.MIB->convertTailCallToJmp(*CTCInstr); 2419 2420 BC.MIB->replaceBranchTarget(*CTCInstr, TailCallBB->getLabel(), 2421 BC.Ctx.get()); 2422 2423 // Add basic block to the list that will be added to the end. 2424 NewBlocks.emplace_back(std::move(TailCallBB)); 2425 2426 // Swap edges as the TailCallBB corresponds to the taken branch. 2427 BB.swapConditionalSuccessors(); 2428 2429 // This branch is no longer a conditional tail call. 2430 BC.MIB->unsetConditionalTailCall(*CTCInstr); 2431 } 2432 2433 insertBasicBlocks(std::prev(end()), std::move(NewBlocks), 2434 /* UpdateLayout */ true, 2435 /* UpdateCFIState */ false); 2436 } 2437 2438 uint64_t BinaryFunction::getFunctionScore() const { 2439 if (FunctionScore != -1) 2440 return FunctionScore; 2441 2442 if (!isSimple() || !hasValidProfile()) { 2443 FunctionScore = 0; 2444 return FunctionScore; 2445 } 2446 2447 uint64_t TotalScore = 0ULL; 2448 for (const BinaryBasicBlock &BB : blocks()) { 2449 uint64_t BBExecCount = BB.getExecutionCount(); 2450 if (BBExecCount == BinaryBasicBlock::COUNT_NO_PROFILE) 2451 continue; 2452 TotalScore += BBExecCount * BB.getNumNonPseudos(); 2453 } 2454 FunctionScore = TotalScore; 2455 return FunctionScore; 2456 } 2457 2458 void BinaryFunction::annotateCFIState() { 2459 assert(CurrentState == State::Disassembled && "unexpected function state"); 2460 assert(!BasicBlocks.empty() && "basic block list should not be empty"); 2461 2462 // This is an index of the last processed CFI in FDE CFI program. 2463 uint32_t State = 0; 2464 2465 // This is an index of RememberState CFI reflecting effective state right 2466 // after execution of RestoreState CFI. 2467 // 2468 // It differs from State iff the CFI at (State-1) 2469 // was RestoreState (modulo GNU_args_size CFIs, which are ignored). 2470 // 2471 // This allows us to generate shorter replay sequences when producing new 2472 // CFI programs. 2473 uint32_t EffectiveState = 0; 2474 2475 // For tracking RememberState/RestoreState sequences. 2476 std::stack<uint32_t> StateStack; 2477 2478 for (BinaryBasicBlock *BB : BasicBlocks) { 2479 BB->setCFIState(EffectiveState); 2480 2481 for (const MCInst &Instr : *BB) { 2482 const MCCFIInstruction *CFI = getCFIFor(Instr); 2483 if (!CFI) 2484 continue; 2485 2486 ++State; 2487 2488 switch (CFI->getOperation()) { 2489 case MCCFIInstruction::OpRememberState: 2490 StateStack.push(EffectiveState); 2491 EffectiveState = State; 2492 break; 2493 case MCCFIInstruction::OpRestoreState: 2494 assert(!StateStack.empty() && "corrupt CFI stack"); 2495 EffectiveState = StateStack.top(); 2496 StateStack.pop(); 2497 break; 2498 case MCCFIInstruction::OpGnuArgsSize: 2499 // OpGnuArgsSize CFIs do not affect the CFI state. 2500 break; 2501 default: 2502 // Any other CFI updates the state. 2503 EffectiveState = State; 2504 break; 2505 } 2506 } 2507 } 2508 2509 if (opts::Verbosity >= 1 && !StateStack.empty()) { 2510 BC.errs() << "BOLT-WARNING: non-empty CFI stack at the end of " << *this 2511 << '\n'; 2512 } 2513 } 2514 2515 namespace { 2516 2517 /// Our full interpretation of a DWARF CFI machine state at a given point 2518 struct CFISnapshot { 2519 /// CFA register number and offset defining the canonical frame at this 2520 /// point, or the number of a rule (CFI state) that computes it with a 2521 /// DWARF expression. This number will be negative if it refers to a CFI 2522 /// located in the CIE instead of the FDE. 2523 uint32_t CFAReg; 2524 int32_t CFAOffset; 2525 int32_t CFARule; 2526 /// Mapping of rules (CFI states) that define the location of each 2527 /// register. If absent, no rule defining the location of such register 2528 /// was ever read. This number will be negative if it refers to a CFI 2529 /// located in the CIE instead of the FDE. 2530 DenseMap<int32_t, int32_t> RegRule; 2531 2532 /// References to CIE, FDE and expanded instructions after a restore state 2533 const BinaryFunction::CFIInstrMapType &CIE; 2534 const BinaryFunction::CFIInstrMapType &FDE; 2535 const DenseMap<int32_t, SmallVector<int32_t, 4>> &FrameRestoreEquivalents; 2536 2537 /// Current FDE CFI number representing the state where the snapshot is at 2538 int32_t CurState; 2539 2540 /// Used when we don't have information about which state/rule to apply 2541 /// to recover the location of either the CFA or a specific register 2542 constexpr static int32_t UNKNOWN = std::numeric_limits<int32_t>::min(); 2543 2544 private: 2545 /// Update our snapshot by executing a single CFI 2546 void update(const MCCFIInstruction &Instr, int32_t RuleNumber) { 2547 switch (Instr.getOperation()) { 2548 case MCCFIInstruction::OpSameValue: 2549 case MCCFIInstruction::OpRelOffset: 2550 case MCCFIInstruction::OpOffset: 2551 case MCCFIInstruction::OpRestore: 2552 case MCCFIInstruction::OpUndefined: 2553 case MCCFIInstruction::OpRegister: 2554 RegRule[Instr.getRegister()] = RuleNumber; 2555 break; 2556 case MCCFIInstruction::OpDefCfaRegister: 2557 CFAReg = Instr.getRegister(); 2558 CFARule = UNKNOWN; 2559 2560 // This shouldn't happen according to the spec but GNU binutils on RISC-V 2561 // emits a DW_CFA_def_cfa_register in CIE's which leaves the offset 2562 // unspecified. Both readelf and llvm-dwarfdump interpret the offset as 0 2563 // in this case so let's do the same. 2564 if (CFAOffset == UNKNOWN) 2565 CFAOffset = 0; 2566 break; 2567 case MCCFIInstruction::OpDefCfaOffset: 2568 CFAOffset = Instr.getOffset(); 2569 CFARule = UNKNOWN; 2570 break; 2571 case MCCFIInstruction::OpDefCfa: 2572 CFAReg = Instr.getRegister(); 2573 CFAOffset = Instr.getOffset(); 2574 CFARule = UNKNOWN; 2575 break; 2576 case MCCFIInstruction::OpEscape: { 2577 std::optional<uint8_t> Reg = 2578 readDWARFExpressionTargetReg(Instr.getValues()); 2579 // Handle DW_CFA_def_cfa_expression 2580 if (!Reg) { 2581 CFARule = RuleNumber; 2582 break; 2583 } 2584 RegRule[*Reg] = RuleNumber; 2585 break; 2586 } 2587 case MCCFIInstruction::OpAdjustCfaOffset: 2588 case MCCFIInstruction::OpWindowSave: 2589 case MCCFIInstruction::OpNegateRAState: 2590 case MCCFIInstruction::OpNegateRAStateWithPC: 2591 case MCCFIInstruction::OpLLVMDefAspaceCfa: 2592 case MCCFIInstruction::OpLabel: 2593 case MCCFIInstruction::OpValOffset: 2594 llvm_unreachable("unsupported CFI opcode"); 2595 break; 2596 case MCCFIInstruction::OpRememberState: 2597 case MCCFIInstruction::OpRestoreState: 2598 case MCCFIInstruction::OpGnuArgsSize: 2599 // do not affect CFI state 2600 break; 2601 } 2602 } 2603 2604 public: 2605 /// Advance state reading FDE CFI instructions up to State number 2606 void advanceTo(int32_t State) { 2607 for (int32_t I = CurState, E = State; I != E; ++I) { 2608 const MCCFIInstruction &Instr = FDE[I]; 2609 if (Instr.getOperation() != MCCFIInstruction::OpRestoreState) { 2610 update(Instr, I); 2611 continue; 2612 } 2613 // If restore state instruction, fetch the equivalent CFIs that have 2614 // the same effect of this restore. This is used to ensure remember- 2615 // restore pairs are completely removed. 2616 auto Iter = FrameRestoreEquivalents.find(I); 2617 if (Iter == FrameRestoreEquivalents.end()) 2618 continue; 2619 for (int32_t RuleNumber : Iter->second) 2620 update(FDE[RuleNumber], RuleNumber); 2621 } 2622 2623 assert(((CFAReg != (uint32_t)UNKNOWN && CFAOffset != UNKNOWN) || 2624 CFARule != UNKNOWN) && 2625 "CIE did not define default CFA?"); 2626 2627 CurState = State; 2628 } 2629 2630 /// Interpret all CIE and FDE instructions up until CFI State number and 2631 /// populate this snapshot 2632 CFISnapshot( 2633 const BinaryFunction::CFIInstrMapType &CIE, 2634 const BinaryFunction::CFIInstrMapType &FDE, 2635 const DenseMap<int32_t, SmallVector<int32_t, 4>> &FrameRestoreEquivalents, 2636 int32_t State) 2637 : CIE(CIE), FDE(FDE), FrameRestoreEquivalents(FrameRestoreEquivalents) { 2638 CFAReg = UNKNOWN; 2639 CFAOffset = UNKNOWN; 2640 CFARule = UNKNOWN; 2641 CurState = 0; 2642 2643 for (int32_t I = 0, E = CIE.size(); I != E; ++I) { 2644 const MCCFIInstruction &Instr = CIE[I]; 2645 update(Instr, -I); 2646 } 2647 2648 advanceTo(State); 2649 } 2650 }; 2651 2652 /// A CFI snapshot with the capability of checking if incremental additions to 2653 /// it are redundant. This is used to ensure we do not emit two CFI instructions 2654 /// back-to-back that are doing the same state change, or to avoid emitting a 2655 /// CFI at all when the state at that point would not be modified after that CFI 2656 struct CFISnapshotDiff : public CFISnapshot { 2657 bool RestoredCFAReg{false}; 2658 bool RestoredCFAOffset{false}; 2659 DenseMap<int32_t, bool> RestoredRegs; 2660 2661 CFISnapshotDiff(const CFISnapshot &S) : CFISnapshot(S) {} 2662 2663 CFISnapshotDiff( 2664 const BinaryFunction::CFIInstrMapType &CIE, 2665 const BinaryFunction::CFIInstrMapType &FDE, 2666 const DenseMap<int32_t, SmallVector<int32_t, 4>> &FrameRestoreEquivalents, 2667 int32_t State) 2668 : CFISnapshot(CIE, FDE, FrameRestoreEquivalents, State) {} 2669 2670 /// Return true if applying Instr to this state is redundant and can be 2671 /// dismissed. 2672 bool isRedundant(const MCCFIInstruction &Instr) { 2673 switch (Instr.getOperation()) { 2674 case MCCFIInstruction::OpSameValue: 2675 case MCCFIInstruction::OpRelOffset: 2676 case MCCFIInstruction::OpOffset: 2677 case MCCFIInstruction::OpRestore: 2678 case MCCFIInstruction::OpUndefined: 2679 case MCCFIInstruction::OpRegister: 2680 case MCCFIInstruction::OpEscape: { 2681 uint32_t Reg; 2682 if (Instr.getOperation() != MCCFIInstruction::OpEscape) { 2683 Reg = Instr.getRegister(); 2684 } else { 2685 std::optional<uint8_t> R = 2686 readDWARFExpressionTargetReg(Instr.getValues()); 2687 // Handle DW_CFA_def_cfa_expression 2688 if (!R) { 2689 if (RestoredCFAReg && RestoredCFAOffset) 2690 return true; 2691 RestoredCFAReg = true; 2692 RestoredCFAOffset = true; 2693 return false; 2694 } 2695 Reg = *R; 2696 } 2697 if (RestoredRegs[Reg]) 2698 return true; 2699 RestoredRegs[Reg] = true; 2700 const int32_t CurRegRule = RegRule.contains(Reg) ? RegRule[Reg] : UNKNOWN; 2701 if (CurRegRule == UNKNOWN) { 2702 if (Instr.getOperation() == MCCFIInstruction::OpRestore || 2703 Instr.getOperation() == MCCFIInstruction::OpSameValue) 2704 return true; 2705 return false; 2706 } 2707 const MCCFIInstruction &LastDef = 2708 CurRegRule < 0 ? CIE[-CurRegRule] : FDE[CurRegRule]; 2709 return LastDef == Instr; 2710 } 2711 case MCCFIInstruction::OpDefCfaRegister: 2712 if (RestoredCFAReg) 2713 return true; 2714 RestoredCFAReg = true; 2715 return CFAReg == Instr.getRegister(); 2716 case MCCFIInstruction::OpDefCfaOffset: 2717 if (RestoredCFAOffset) 2718 return true; 2719 RestoredCFAOffset = true; 2720 return CFAOffset == Instr.getOffset(); 2721 case MCCFIInstruction::OpDefCfa: 2722 if (RestoredCFAReg && RestoredCFAOffset) 2723 return true; 2724 RestoredCFAReg = true; 2725 RestoredCFAOffset = true; 2726 return CFAReg == Instr.getRegister() && CFAOffset == Instr.getOffset(); 2727 case MCCFIInstruction::OpAdjustCfaOffset: 2728 case MCCFIInstruction::OpWindowSave: 2729 case MCCFIInstruction::OpNegateRAState: 2730 case MCCFIInstruction::OpNegateRAStateWithPC: 2731 case MCCFIInstruction::OpLLVMDefAspaceCfa: 2732 case MCCFIInstruction::OpLabel: 2733 case MCCFIInstruction::OpValOffset: 2734 llvm_unreachable("unsupported CFI opcode"); 2735 return false; 2736 case MCCFIInstruction::OpRememberState: 2737 case MCCFIInstruction::OpRestoreState: 2738 case MCCFIInstruction::OpGnuArgsSize: 2739 // do not affect CFI state 2740 return true; 2741 } 2742 return false; 2743 } 2744 }; 2745 2746 } // end anonymous namespace 2747 2748 bool BinaryFunction::replayCFIInstrs(int32_t FromState, int32_t ToState, 2749 BinaryBasicBlock *InBB, 2750 BinaryBasicBlock::iterator InsertIt) { 2751 if (FromState == ToState) 2752 return true; 2753 assert(FromState < ToState && "can only replay CFIs forward"); 2754 2755 CFISnapshotDiff CFIDiff(CIEFrameInstructions, FrameInstructions, 2756 FrameRestoreEquivalents, FromState); 2757 2758 std::vector<uint32_t> NewCFIs; 2759 for (int32_t CurState = FromState; CurState < ToState; ++CurState) { 2760 MCCFIInstruction *Instr = &FrameInstructions[CurState]; 2761 if (Instr->getOperation() == MCCFIInstruction::OpRestoreState) { 2762 auto Iter = FrameRestoreEquivalents.find(CurState); 2763 assert(Iter != FrameRestoreEquivalents.end()); 2764 NewCFIs.insert(NewCFIs.end(), Iter->second.begin(), Iter->second.end()); 2765 // RestoreState / Remember will be filtered out later by CFISnapshotDiff, 2766 // so we might as well fall-through here. 2767 } 2768 NewCFIs.push_back(CurState); 2769 } 2770 2771 // Replay instructions while avoiding duplicates 2772 for (int32_t State : llvm::reverse(NewCFIs)) { 2773 if (CFIDiff.isRedundant(FrameInstructions[State])) 2774 continue; 2775 InsertIt = addCFIPseudo(InBB, InsertIt, State); 2776 } 2777 2778 return true; 2779 } 2780 2781 SmallVector<int32_t, 4> 2782 BinaryFunction::unwindCFIState(int32_t FromState, int32_t ToState, 2783 BinaryBasicBlock *InBB, 2784 BinaryBasicBlock::iterator &InsertIt) { 2785 SmallVector<int32_t, 4> NewStates; 2786 2787 CFISnapshot ToCFITable(CIEFrameInstructions, FrameInstructions, 2788 FrameRestoreEquivalents, ToState); 2789 CFISnapshotDiff FromCFITable(ToCFITable); 2790 FromCFITable.advanceTo(FromState); 2791 2792 auto undoStateDefCfa = [&]() { 2793 if (ToCFITable.CFARule == CFISnapshot::UNKNOWN) { 2794 FrameInstructions.emplace_back(MCCFIInstruction::cfiDefCfa( 2795 nullptr, ToCFITable.CFAReg, ToCFITable.CFAOffset)); 2796 if (FromCFITable.isRedundant(FrameInstructions.back())) { 2797 FrameInstructions.pop_back(); 2798 return; 2799 } 2800 NewStates.push_back(FrameInstructions.size() - 1); 2801 InsertIt = addCFIPseudo(InBB, InsertIt, FrameInstructions.size() - 1); 2802 ++InsertIt; 2803 } else if (ToCFITable.CFARule < 0) { 2804 if (FromCFITable.isRedundant(CIEFrameInstructions[-ToCFITable.CFARule])) 2805 return; 2806 NewStates.push_back(FrameInstructions.size()); 2807 InsertIt = addCFIPseudo(InBB, InsertIt, FrameInstructions.size()); 2808 ++InsertIt; 2809 FrameInstructions.emplace_back(CIEFrameInstructions[-ToCFITable.CFARule]); 2810 } else if (!FromCFITable.isRedundant( 2811 FrameInstructions[ToCFITable.CFARule])) { 2812 NewStates.push_back(ToCFITable.CFARule); 2813 InsertIt = addCFIPseudo(InBB, InsertIt, ToCFITable.CFARule); 2814 ++InsertIt; 2815 } 2816 }; 2817 2818 auto undoState = [&](const MCCFIInstruction &Instr) { 2819 switch (Instr.getOperation()) { 2820 case MCCFIInstruction::OpRememberState: 2821 case MCCFIInstruction::OpRestoreState: 2822 break; 2823 case MCCFIInstruction::OpSameValue: 2824 case MCCFIInstruction::OpRelOffset: 2825 case MCCFIInstruction::OpOffset: 2826 case MCCFIInstruction::OpRestore: 2827 case MCCFIInstruction::OpUndefined: 2828 case MCCFIInstruction::OpEscape: 2829 case MCCFIInstruction::OpRegister: { 2830 uint32_t Reg; 2831 if (Instr.getOperation() != MCCFIInstruction::OpEscape) { 2832 Reg = Instr.getRegister(); 2833 } else { 2834 std::optional<uint8_t> R = 2835 readDWARFExpressionTargetReg(Instr.getValues()); 2836 // Handle DW_CFA_def_cfa_expression 2837 if (!R) { 2838 undoStateDefCfa(); 2839 return; 2840 } 2841 Reg = *R; 2842 } 2843 2844 if (!ToCFITable.RegRule.contains(Reg)) { 2845 FrameInstructions.emplace_back( 2846 MCCFIInstruction::createRestore(nullptr, Reg)); 2847 if (FromCFITable.isRedundant(FrameInstructions.back())) { 2848 FrameInstructions.pop_back(); 2849 break; 2850 } 2851 NewStates.push_back(FrameInstructions.size() - 1); 2852 InsertIt = addCFIPseudo(InBB, InsertIt, FrameInstructions.size() - 1); 2853 ++InsertIt; 2854 break; 2855 } 2856 const int32_t Rule = ToCFITable.RegRule[Reg]; 2857 if (Rule < 0) { 2858 if (FromCFITable.isRedundant(CIEFrameInstructions[-Rule])) 2859 break; 2860 NewStates.push_back(FrameInstructions.size()); 2861 InsertIt = addCFIPseudo(InBB, InsertIt, FrameInstructions.size()); 2862 ++InsertIt; 2863 FrameInstructions.emplace_back(CIEFrameInstructions[-Rule]); 2864 break; 2865 } 2866 if (FromCFITable.isRedundant(FrameInstructions[Rule])) 2867 break; 2868 NewStates.push_back(Rule); 2869 InsertIt = addCFIPseudo(InBB, InsertIt, Rule); 2870 ++InsertIt; 2871 break; 2872 } 2873 case MCCFIInstruction::OpDefCfaRegister: 2874 case MCCFIInstruction::OpDefCfaOffset: 2875 case MCCFIInstruction::OpDefCfa: 2876 undoStateDefCfa(); 2877 break; 2878 case MCCFIInstruction::OpAdjustCfaOffset: 2879 case MCCFIInstruction::OpWindowSave: 2880 case MCCFIInstruction::OpNegateRAState: 2881 case MCCFIInstruction::OpNegateRAStateWithPC: 2882 case MCCFIInstruction::OpLLVMDefAspaceCfa: 2883 case MCCFIInstruction::OpLabel: 2884 case MCCFIInstruction::OpValOffset: 2885 llvm_unreachable("unsupported CFI opcode"); 2886 break; 2887 case MCCFIInstruction::OpGnuArgsSize: 2888 // do not affect CFI state 2889 break; 2890 } 2891 }; 2892 2893 // Undo all modifications from ToState to FromState 2894 for (int32_t I = ToState, E = FromState; I != E; ++I) { 2895 const MCCFIInstruction &Instr = FrameInstructions[I]; 2896 if (Instr.getOperation() != MCCFIInstruction::OpRestoreState) { 2897 undoState(Instr); 2898 continue; 2899 } 2900 auto Iter = FrameRestoreEquivalents.find(I); 2901 if (Iter == FrameRestoreEquivalents.end()) 2902 continue; 2903 for (int32_t State : Iter->second) 2904 undoState(FrameInstructions[State]); 2905 } 2906 2907 return NewStates; 2908 } 2909 2910 void BinaryFunction::normalizeCFIState() { 2911 // Reordering blocks with remember-restore state instructions can be specially 2912 // tricky. When rewriting the CFI, we omit remember-restore state instructions 2913 // entirely. For restore state, we build a map expanding each restore to the 2914 // equivalent unwindCFIState sequence required at that point to achieve the 2915 // same effect of the restore. All remember state are then just ignored. 2916 std::stack<int32_t> Stack; 2917 for (BinaryBasicBlock *CurBB : Layout.blocks()) { 2918 for (auto II = CurBB->begin(); II != CurBB->end(); ++II) { 2919 if (const MCCFIInstruction *CFI = getCFIFor(*II)) { 2920 if (CFI->getOperation() == MCCFIInstruction::OpRememberState) { 2921 Stack.push(II->getOperand(0).getImm()); 2922 continue; 2923 } 2924 if (CFI->getOperation() == MCCFIInstruction::OpRestoreState) { 2925 const int32_t RememberState = Stack.top(); 2926 const int32_t CurState = II->getOperand(0).getImm(); 2927 FrameRestoreEquivalents[CurState] = 2928 unwindCFIState(CurState, RememberState, CurBB, II); 2929 Stack.pop(); 2930 } 2931 } 2932 } 2933 } 2934 } 2935 2936 bool BinaryFunction::finalizeCFIState() { 2937 LLVM_DEBUG( 2938 dbgs() << "Trying to fix CFI states for each BB after reordering.\n"); 2939 LLVM_DEBUG(dbgs() << "This is the list of CFI states for each BB of " << *this 2940 << ": "); 2941 2942 const char *Sep = ""; 2943 (void)Sep; 2944 for (FunctionFragment &FF : Layout.fragments()) { 2945 // Hot-cold border: at start of each region (with a different FDE) we need 2946 // to reset the CFI state. 2947 int32_t State = 0; 2948 2949 for (BinaryBasicBlock *BB : FF) { 2950 const int32_t CFIStateAtExit = BB->getCFIStateAtExit(); 2951 2952 // We need to recover the correct state if it doesn't match expected 2953 // state at BB entry point. 2954 if (BB->getCFIState() < State) { 2955 // In this case, State is currently higher than what this BB expect it 2956 // to be. To solve this, we need to insert CFI instructions to undo 2957 // the effect of all CFI from BB's state to current State. 2958 auto InsertIt = BB->begin(); 2959 unwindCFIState(State, BB->getCFIState(), BB, InsertIt); 2960 } else if (BB->getCFIState() > State) { 2961 // If BB's CFI state is greater than State, it means we are behind in 2962 // the state. Just emit all instructions to reach this state at the 2963 // beginning of this BB. If this sequence of instructions involve 2964 // remember state or restore state, bail out. 2965 if (!replayCFIInstrs(State, BB->getCFIState(), BB, BB->begin())) 2966 return false; 2967 } 2968 2969 State = CFIStateAtExit; 2970 LLVM_DEBUG(dbgs() << Sep << State; Sep = ", "); 2971 } 2972 } 2973 LLVM_DEBUG(dbgs() << "\n"); 2974 2975 for (BinaryBasicBlock &BB : blocks()) { 2976 for (auto II = BB.begin(); II != BB.end();) { 2977 const MCCFIInstruction *CFI = getCFIFor(*II); 2978 if (CFI && (CFI->getOperation() == MCCFIInstruction::OpRememberState || 2979 CFI->getOperation() == MCCFIInstruction::OpRestoreState)) { 2980 II = BB.eraseInstruction(II); 2981 } else { 2982 ++II; 2983 } 2984 } 2985 } 2986 2987 return true; 2988 } 2989 2990 bool BinaryFunction::requiresAddressTranslation() const { 2991 return opts::EnableBAT || hasSDTMarker() || hasPseudoProbe(); 2992 } 2993 2994 bool BinaryFunction::requiresAddressMap() const { 2995 if (isInjected()) 2996 return false; 2997 2998 return opts::UpdateDebugSections || isMultiEntry() || 2999 requiresAddressTranslation(); 3000 } 3001 3002 uint64_t BinaryFunction::getInstructionCount() const { 3003 uint64_t Count = 0; 3004 for (const BinaryBasicBlock &BB : blocks()) 3005 Count += BB.getNumNonPseudos(); 3006 return Count; 3007 } 3008 3009 void BinaryFunction::clearDisasmState() { 3010 clearList(Instructions); 3011 clearList(IgnoredBranches); 3012 clearList(TakenBranches); 3013 3014 if (BC.HasRelocations) { 3015 for (std::pair<const uint32_t, MCSymbol *> &LI : Labels) 3016 BC.UndefinedSymbols.insert(LI.second); 3017 for (MCSymbol *const EndLabel : FunctionEndLabels) 3018 if (EndLabel) 3019 BC.UndefinedSymbols.insert(EndLabel); 3020 } 3021 } 3022 3023 void BinaryFunction::setTrapOnEntry() { 3024 clearDisasmState(); 3025 3026 forEachEntryPoint([&](uint64_t Offset, const MCSymbol *Label) -> bool { 3027 MCInst TrapInstr; 3028 BC.MIB->createTrap(TrapInstr); 3029 addInstruction(Offset, std::move(TrapInstr)); 3030 return true; 3031 }); 3032 3033 TrapsOnEntry = true; 3034 } 3035 3036 void BinaryFunction::setIgnored() { 3037 if (opts::processAllFunctions()) { 3038 // We can accept ignored functions before they've been disassembled. 3039 // In that case, they would still get disassembled and emited, but not 3040 // optimized. 3041 assert(CurrentState == State::Empty && 3042 "cannot ignore non-empty functions in current mode"); 3043 IsIgnored = true; 3044 return; 3045 } 3046 3047 clearDisasmState(); 3048 3049 // Clear CFG state too. 3050 if (hasCFG()) { 3051 releaseCFG(); 3052 3053 for (BinaryBasicBlock *BB : BasicBlocks) 3054 delete BB; 3055 clearList(BasicBlocks); 3056 3057 for (BinaryBasicBlock *BB : DeletedBasicBlocks) 3058 delete BB; 3059 clearList(DeletedBasicBlocks); 3060 3061 Layout.clear(); 3062 } 3063 3064 CurrentState = State::Empty; 3065 3066 IsIgnored = true; 3067 IsSimple = false; 3068 LLVM_DEBUG(dbgs() << "Ignoring " << getPrintName() << '\n'); 3069 } 3070 3071 void BinaryFunction::duplicateConstantIslands() { 3072 assert(Islands && "function expected to have constant islands"); 3073 3074 for (BinaryBasicBlock *BB : getLayout().blocks()) { 3075 if (!BB->isCold()) 3076 continue; 3077 3078 for (MCInst &Inst : *BB) { 3079 int OpNum = 0; 3080 for (MCOperand &Operand : Inst) { 3081 if (!Operand.isExpr()) { 3082 ++OpNum; 3083 continue; 3084 } 3085 const MCSymbol *Symbol = BC.MIB->getTargetSymbol(Inst, OpNum); 3086 // Check if this is an island symbol 3087 if (!Islands->Symbols.count(Symbol) && 3088 !Islands->ProxySymbols.count(Symbol)) 3089 continue; 3090 3091 // Create cold symbol, if missing 3092 auto ISym = Islands->ColdSymbols.find(Symbol); 3093 MCSymbol *ColdSymbol; 3094 if (ISym != Islands->ColdSymbols.end()) { 3095 ColdSymbol = ISym->second; 3096 } else { 3097 ColdSymbol = BC.Ctx->getOrCreateSymbol(Symbol->getName() + ".cold"); 3098 Islands->ColdSymbols[Symbol] = ColdSymbol; 3099 // Check if this is a proxy island symbol and update owner proxy map 3100 if (Islands->ProxySymbols.count(Symbol)) { 3101 BinaryFunction *Owner = Islands->ProxySymbols[Symbol]; 3102 auto IProxiedSym = Owner->Islands->Proxies[this].find(Symbol); 3103 Owner->Islands->ColdProxies[this][IProxiedSym->second] = ColdSymbol; 3104 } 3105 } 3106 3107 // Update instruction reference 3108 Operand = MCOperand::createExpr(BC.MIB->getTargetExprFor( 3109 Inst, 3110 MCSymbolRefExpr::create(ColdSymbol, MCSymbolRefExpr::VK_None, 3111 *BC.Ctx), 3112 *BC.Ctx, 0)); 3113 ++OpNum; 3114 } 3115 } 3116 } 3117 } 3118 3119 #ifndef MAX_PATH 3120 #define MAX_PATH 255 3121 #endif 3122 3123 static std::string constructFilename(std::string Filename, 3124 std::string Annotation, 3125 std::string Suffix) { 3126 std::replace(Filename.begin(), Filename.end(), '/', '-'); 3127 if (!Annotation.empty()) 3128 Annotation.insert(0, "-"); 3129 if (Filename.size() + Annotation.size() + Suffix.size() > MAX_PATH) { 3130 assert(Suffix.size() + Annotation.size() <= MAX_PATH); 3131 Filename.resize(MAX_PATH - (Suffix.size() + Annotation.size())); 3132 } 3133 Filename += Annotation; 3134 Filename += Suffix; 3135 return Filename; 3136 } 3137 3138 static std::string formatEscapes(const std::string &Str) { 3139 std::string Result; 3140 for (unsigned I = 0; I < Str.size(); ++I) { 3141 char C = Str[I]; 3142 switch (C) { 3143 case '\n': 3144 Result += " "; 3145 break; 3146 case '"': 3147 break; 3148 default: 3149 Result += C; 3150 break; 3151 } 3152 } 3153 return Result; 3154 } 3155 3156 void BinaryFunction::dumpGraph(raw_ostream &OS) const { 3157 OS << "digraph \"" << getPrintName() << "\" {\n" 3158 << "node [fontname=courier, shape=box, style=filled, colorscheme=brbg9]\n"; 3159 uint64_t Offset = Address; 3160 for (BinaryBasicBlock *BB : BasicBlocks) { 3161 auto LayoutPos = find(Layout.blocks(), BB); 3162 unsigned LayoutIndex = LayoutPos - Layout.block_begin(); 3163 const char *ColdStr = BB->isCold() ? " (cold)" : ""; 3164 std::vector<std::string> Attrs; 3165 // Bold box for entry points 3166 if (isEntryPoint(*BB)) 3167 Attrs.push_back("penwidth=2"); 3168 if (BLI && BLI->getLoopFor(BB)) { 3169 // Distinguish innermost loops 3170 const BinaryLoop *Loop = BLI->getLoopFor(BB); 3171 if (Loop->isInnermost()) 3172 Attrs.push_back("fillcolor=6"); 3173 else // some outer loop 3174 Attrs.push_back("fillcolor=4"); 3175 } else { // non-loopy code 3176 Attrs.push_back("fillcolor=5"); 3177 } 3178 ListSeparator LS; 3179 OS << "\"" << BB->getName() << "\" ["; 3180 for (StringRef Attr : Attrs) 3181 OS << LS << Attr; 3182 OS << "]\n"; 3183 OS << format("\"%s\" [label=\"%s%s\\n(C:%lu,O:%lu,I:%u,L:%u,CFI:%u)\\n", 3184 BB->getName().data(), BB->getName().data(), ColdStr, 3185 BB->getKnownExecutionCount(), BB->getOffset(), getIndex(BB), 3186 LayoutIndex, BB->getCFIState()); 3187 3188 if (opts::DotToolTipCode) { 3189 std::string Str; 3190 raw_string_ostream CS(Str); 3191 Offset = BC.printInstructions(CS, BB->begin(), BB->end(), Offset, this, 3192 /* PrintMCInst = */ false, 3193 /* PrintMemData = */ false, 3194 /* PrintRelocations = */ false, 3195 /* Endl = */ R"(\\l)"); 3196 OS << formatEscapes(CS.str()) << '\n'; 3197 } 3198 OS << "\"]\n"; 3199 3200 // analyzeBranch is just used to get the names of the branch 3201 // opcodes. 3202 const MCSymbol *TBB = nullptr; 3203 const MCSymbol *FBB = nullptr; 3204 MCInst *CondBranch = nullptr; 3205 MCInst *UncondBranch = nullptr; 3206 const bool Success = BB->analyzeBranch(TBB, FBB, CondBranch, UncondBranch); 3207 3208 const MCInst *LastInstr = BB->getLastNonPseudoInstr(); 3209 const bool IsJumpTable = LastInstr && BC.MIB->getJumpTable(*LastInstr); 3210 3211 auto BI = BB->branch_info_begin(); 3212 for (BinaryBasicBlock *Succ : BB->successors()) { 3213 std::string Branch; 3214 if (Success) { 3215 if (Succ == BB->getConditionalSuccessor(true)) { 3216 Branch = CondBranch ? std::string(BC.InstPrinter->getOpcodeName( 3217 CondBranch->getOpcode())) 3218 : "TB"; 3219 } else if (Succ == BB->getConditionalSuccessor(false)) { 3220 Branch = UncondBranch ? std::string(BC.InstPrinter->getOpcodeName( 3221 UncondBranch->getOpcode())) 3222 : "FB"; 3223 } else { 3224 Branch = "FT"; 3225 } 3226 } 3227 if (IsJumpTable) 3228 Branch = "JT"; 3229 OS << format("\"%s\" -> \"%s\" [label=\"%s", BB->getName().data(), 3230 Succ->getName().data(), Branch.c_str()); 3231 3232 if (BB->getExecutionCount() != COUNT_NO_PROFILE && 3233 BI->MispredictedCount != BinaryBasicBlock::COUNT_INFERRED) { 3234 OS << "\\n(C:" << BI->Count << ",M:" << BI->MispredictedCount << ")"; 3235 } else if (ExecutionCount != COUNT_NO_PROFILE && 3236 BI->Count != BinaryBasicBlock::COUNT_NO_PROFILE) { 3237 OS << "\\n(IC:" << BI->Count << ")"; 3238 } 3239 OS << "\"]\n"; 3240 3241 ++BI; 3242 } 3243 for (BinaryBasicBlock *LP : BB->landing_pads()) { 3244 OS << format("\"%s\" -> \"%s\" [constraint=false style=dashed]\n", 3245 BB->getName().data(), LP->getName().data()); 3246 } 3247 } 3248 OS << "}\n"; 3249 } 3250 3251 void BinaryFunction::viewGraph() const { 3252 SmallString<MAX_PATH> Filename; 3253 if (std::error_code EC = 3254 sys::fs::createTemporaryFile("bolt-cfg", "dot", Filename)) { 3255 BC.errs() << "BOLT-ERROR: " << EC.message() << ", unable to create " 3256 << " bolt-cfg-XXXXX.dot temporary file.\n"; 3257 return; 3258 } 3259 dumpGraphToFile(std::string(Filename)); 3260 if (DisplayGraph(Filename)) 3261 BC.errs() << "BOLT-ERROR: Can't display " << Filename 3262 << " with graphviz.\n"; 3263 if (std::error_code EC = sys::fs::remove(Filename)) { 3264 BC.errs() << "BOLT-WARNING: " << EC.message() << ", failed to remove " 3265 << Filename << "\n"; 3266 } 3267 } 3268 3269 void BinaryFunction::dumpGraphForPass(std::string Annotation) const { 3270 if (!opts::shouldPrint(*this)) 3271 return; 3272 3273 std::string Filename = constructFilename(getPrintName(), Annotation, ".dot"); 3274 if (opts::Verbosity >= 1) 3275 BC.outs() << "BOLT-INFO: dumping CFG to " << Filename << "\n"; 3276 dumpGraphToFile(Filename); 3277 } 3278 3279 void BinaryFunction::dumpGraphToFile(std::string Filename) const { 3280 std::error_code EC; 3281 raw_fd_ostream of(Filename, EC, sys::fs::OF_None); 3282 if (EC) { 3283 if (opts::Verbosity >= 1) { 3284 BC.errs() << "BOLT-WARNING: " << EC.message() << ", unable to open " 3285 << Filename << " for output.\n"; 3286 } 3287 return; 3288 } 3289 dumpGraph(of); 3290 } 3291 3292 bool BinaryFunction::validateCFG() const { 3293 // Skip the validation of CFG after it is finalized 3294 if (CurrentState == State::CFG_Finalized) 3295 return true; 3296 3297 for (BinaryBasicBlock *BB : BasicBlocks) 3298 if (!BB->validateSuccessorInvariants()) 3299 return false; 3300 3301 // Make sure all blocks in CFG are valid. 3302 auto validateBlock = [this](const BinaryBasicBlock *BB, StringRef Desc) { 3303 if (!BB->isValid()) { 3304 BC.errs() << "BOLT-ERROR: deleted " << Desc << " " << BB->getName() 3305 << " detected in:\n"; 3306 this->dump(); 3307 return false; 3308 } 3309 return true; 3310 }; 3311 for (const BinaryBasicBlock *BB : BasicBlocks) { 3312 if (!validateBlock(BB, "block")) 3313 return false; 3314 for (const BinaryBasicBlock *PredBB : BB->predecessors()) 3315 if (!validateBlock(PredBB, "predecessor")) 3316 return false; 3317 for (const BinaryBasicBlock *SuccBB : BB->successors()) 3318 if (!validateBlock(SuccBB, "successor")) 3319 return false; 3320 for (const BinaryBasicBlock *LP : BB->landing_pads()) 3321 if (!validateBlock(LP, "landing pad")) 3322 return false; 3323 for (const BinaryBasicBlock *Thrower : BB->throwers()) 3324 if (!validateBlock(Thrower, "thrower")) 3325 return false; 3326 } 3327 3328 for (const BinaryBasicBlock *BB : BasicBlocks) { 3329 std::unordered_set<const BinaryBasicBlock *> BBLandingPads; 3330 for (const BinaryBasicBlock *LP : BB->landing_pads()) { 3331 if (BBLandingPads.count(LP)) { 3332 BC.errs() << "BOLT-ERROR: duplicate landing pad detected in" 3333 << BB->getName() << " in function " << *this << '\n'; 3334 return false; 3335 } 3336 BBLandingPads.insert(LP); 3337 } 3338 3339 std::unordered_set<const BinaryBasicBlock *> BBThrowers; 3340 for (const BinaryBasicBlock *Thrower : BB->throwers()) { 3341 if (BBThrowers.count(Thrower)) { 3342 BC.errs() << "BOLT-ERROR: duplicate thrower detected in" 3343 << BB->getName() << " in function " << *this << '\n'; 3344 return false; 3345 } 3346 BBThrowers.insert(Thrower); 3347 } 3348 3349 for (const BinaryBasicBlock *LPBlock : BB->landing_pads()) { 3350 if (!llvm::is_contained(LPBlock->throwers(), BB)) { 3351 BC.errs() << "BOLT-ERROR: inconsistent landing pad detected in " 3352 << *this << ": " << BB->getName() 3353 << " is in LandingPads but not in " << LPBlock->getName() 3354 << " Throwers\n"; 3355 return false; 3356 } 3357 } 3358 for (const BinaryBasicBlock *Thrower : BB->throwers()) { 3359 if (!llvm::is_contained(Thrower->landing_pads(), BB)) { 3360 BC.errs() << "BOLT-ERROR: inconsistent thrower detected in " << *this 3361 << ": " << BB->getName() << " is in Throwers list but not in " 3362 << Thrower->getName() << " LandingPads\n"; 3363 return false; 3364 } 3365 } 3366 } 3367 3368 return true; 3369 } 3370 3371 void BinaryFunction::fixBranches() { 3372 auto &MIB = BC.MIB; 3373 MCContext *Ctx = BC.Ctx.get(); 3374 3375 for (BinaryBasicBlock *BB : BasicBlocks) { 3376 const MCSymbol *TBB = nullptr; 3377 const MCSymbol *FBB = nullptr; 3378 MCInst *CondBranch = nullptr; 3379 MCInst *UncondBranch = nullptr; 3380 if (!BB->analyzeBranch(TBB, FBB, CondBranch, UncondBranch)) 3381 continue; 3382 3383 // We will create unconditional branch with correct destination if needed. 3384 if (UncondBranch) 3385 BB->eraseInstruction(BB->findInstruction(UncondBranch)); 3386 3387 // Basic block that follows the current one in the final layout. 3388 const BinaryBasicBlock *const NextBB = 3389 Layout.getBasicBlockAfter(BB, /*IgnoreSplits=*/false); 3390 3391 if (BB->succ_size() == 1) { 3392 // __builtin_unreachable() could create a conditional branch that 3393 // falls-through into the next function - hence the block will have only 3394 // one valid successor. Since behaviour is undefined - we replace 3395 // the conditional branch with an unconditional if required. 3396 if (CondBranch) 3397 BB->eraseInstruction(BB->findInstruction(CondBranch)); 3398 if (BB->getSuccessor() == NextBB) 3399 continue; 3400 BB->addBranchInstruction(BB->getSuccessor()); 3401 } else if (BB->succ_size() == 2) { 3402 assert(CondBranch && "conditional branch expected"); 3403 const BinaryBasicBlock *TSuccessor = BB->getConditionalSuccessor(true); 3404 const BinaryBasicBlock *FSuccessor = BB->getConditionalSuccessor(false); 3405 3406 // Eliminate unnecessary conditional branch. 3407 if (TSuccessor == FSuccessor) { 3408 // FIXME: at the moment, we cannot safely remove static key branches. 3409 if (MIB->isDynamicBranch(*CondBranch)) { 3410 if (opts::Verbosity) { 3411 BC.outs() 3412 << "BOLT-INFO: unable to remove redundant dynamic branch in " 3413 << *this << '\n'; 3414 } 3415 continue; 3416 } 3417 3418 BB->removeDuplicateConditionalSuccessor(CondBranch); 3419 if (TSuccessor != NextBB) 3420 BB->addBranchInstruction(TSuccessor); 3421 continue; 3422 } 3423 3424 // Reverse branch condition and swap successors. 3425 auto swapSuccessors = [&]() { 3426 if (!MIB->isReversibleBranch(*CondBranch)) { 3427 if (opts::Verbosity) { 3428 BC.outs() << "BOLT-INFO: unable to swap successors in " << *this 3429 << '\n'; 3430 } 3431 return false; 3432 } 3433 std::swap(TSuccessor, FSuccessor); 3434 BB->swapConditionalSuccessors(); 3435 auto L = BC.scopeLock(); 3436 MIB->reverseBranchCondition(*CondBranch, TSuccessor->getLabel(), Ctx); 3437 return true; 3438 }; 3439 3440 // Check whether the next block is a "taken" target and try to swap it 3441 // with a "fall-through" target. 3442 if (TSuccessor == NextBB && swapSuccessors()) 3443 continue; 3444 3445 // Update conditional branch destination if needed. 3446 if (MIB->getTargetSymbol(*CondBranch) != TSuccessor->getLabel()) { 3447 auto L = BC.scopeLock(); 3448 MIB->replaceBranchTarget(*CondBranch, TSuccessor->getLabel(), Ctx); 3449 } 3450 3451 // No need for the unconditional branch. 3452 if (FSuccessor == NextBB) 3453 continue; 3454 3455 if (BC.isX86()) { 3456 // We are going to generate two branches. Check if their targets are in 3457 // the same fragment as this block. If only one target is in the same 3458 // fragment, make it the destination of the conditional branch. There 3459 // is a chance it will be a short branch which takes 4 bytes fewer than 3460 // a long conditional branch. For unconditional branch, the difference 3461 // is 3 bytes. 3462 if (BB->getFragmentNum() != TSuccessor->getFragmentNum() && 3463 BB->getFragmentNum() == FSuccessor->getFragmentNum()) 3464 swapSuccessors(); 3465 } 3466 3467 BB->addBranchInstruction(FSuccessor); 3468 } 3469 // Cases where the number of successors is 0 (block ends with a 3470 // terminator) or more than 2 (switch table) don't require branch 3471 // instruction adjustments. 3472 } 3473 assert((!isSimple() || validateCFG()) && 3474 "Invalid CFG detected after fixing branches"); 3475 } 3476 3477 void BinaryFunction::propagateGnuArgsSizeInfo( 3478 MCPlusBuilder::AllocatorIdTy AllocId) { 3479 assert(CurrentState == State::Disassembled && "unexpected function state"); 3480 3481 if (!hasEHRanges() || !usesGnuArgsSize()) 3482 return; 3483 3484 // The current value of DW_CFA_GNU_args_size affects all following 3485 // invoke instructions until the next CFI overrides it. 3486 // It is important to iterate basic blocks in the original order when 3487 // assigning the value. 3488 uint64_t CurrentGnuArgsSize = 0; 3489 for (BinaryBasicBlock *BB : BasicBlocks) { 3490 for (auto II = BB->begin(); II != BB->end();) { 3491 MCInst &Instr = *II; 3492 if (BC.MIB->isCFI(Instr)) { 3493 const MCCFIInstruction *CFI = getCFIFor(Instr); 3494 if (CFI->getOperation() == MCCFIInstruction::OpGnuArgsSize) { 3495 CurrentGnuArgsSize = CFI->getOffset(); 3496 // Delete DW_CFA_GNU_args_size instructions and only regenerate 3497 // during the final code emission. The information is embedded 3498 // inside call instructions. 3499 II = BB->erasePseudoInstruction(II); 3500 continue; 3501 } 3502 } else if (BC.MIB->isInvoke(Instr)) { 3503 // Add the value of GNU_args_size as an extra operand to invokes. 3504 BC.MIB->addGnuArgsSize(Instr, CurrentGnuArgsSize); 3505 } 3506 ++II; 3507 } 3508 } 3509 } 3510 3511 void BinaryFunction::postProcessBranches() { 3512 if (!isSimple()) 3513 return; 3514 for (BinaryBasicBlock &BB : blocks()) { 3515 auto LastInstrRI = BB.getLastNonPseudo(); 3516 if (BB.succ_size() == 1) { 3517 if (LastInstrRI != BB.rend() && 3518 BC.MIB->isConditionalBranch(*LastInstrRI)) { 3519 // __builtin_unreachable() could create a conditional branch that 3520 // falls-through into the next function - hence the block will have only 3521 // one valid successor. Such behaviour is undefined and thus we remove 3522 // the conditional branch while leaving a valid successor. 3523 BB.eraseInstruction(std::prev(LastInstrRI.base())); 3524 LLVM_DEBUG(dbgs() << "BOLT-DEBUG: erasing conditional branch in " 3525 << BB.getName() << " in function " << *this << '\n'); 3526 } 3527 } else if (BB.succ_size() == 0) { 3528 // Ignore unreachable basic blocks. 3529 if (BB.pred_size() == 0 || BB.isLandingPad()) 3530 continue; 3531 3532 // If it's the basic block that does not end up with a terminator - we 3533 // insert a return instruction unless it's a call instruction. 3534 if (LastInstrRI == BB.rend()) { 3535 LLVM_DEBUG( 3536 dbgs() << "BOLT-DEBUG: at least one instruction expected in BB " 3537 << BB.getName() << " in function " << *this << '\n'); 3538 continue; 3539 } 3540 if (!BC.MIB->isTerminator(*LastInstrRI) && 3541 !BC.MIB->isCall(*LastInstrRI)) { 3542 LLVM_DEBUG(dbgs() << "BOLT-DEBUG: adding return to basic block " 3543 << BB.getName() << " in function " << *this << '\n'); 3544 MCInst ReturnInstr; 3545 BC.MIB->createReturn(ReturnInstr); 3546 BB.addInstruction(ReturnInstr); 3547 } 3548 } 3549 } 3550 assert(validateCFG() && "invalid CFG"); 3551 } 3552 3553 MCSymbol *BinaryFunction::addEntryPointAtOffset(uint64_t Offset) { 3554 assert(Offset && "cannot add primary entry point"); 3555 assert(CurrentState == State::Empty || CurrentState == State::Disassembled); 3556 3557 const uint64_t EntryPointAddress = getAddress() + Offset; 3558 MCSymbol *LocalSymbol = getOrCreateLocalLabel(EntryPointAddress); 3559 3560 MCSymbol *EntrySymbol = getSecondaryEntryPointSymbol(LocalSymbol); 3561 if (EntrySymbol) 3562 return EntrySymbol; 3563 3564 if (BinaryData *EntryBD = BC.getBinaryDataAtAddress(EntryPointAddress)) { 3565 EntrySymbol = EntryBD->getSymbol(); 3566 } else { 3567 EntrySymbol = BC.getOrCreateGlobalSymbol( 3568 EntryPointAddress, Twine("__ENTRY_") + getOneName() + "@"); 3569 } 3570 SecondaryEntryPoints[LocalSymbol] = EntrySymbol; 3571 3572 BC.setSymbolToFunctionMap(EntrySymbol, this); 3573 3574 return EntrySymbol; 3575 } 3576 3577 MCSymbol *BinaryFunction::addEntryPoint(const BinaryBasicBlock &BB) { 3578 assert(CurrentState == State::CFG && 3579 "basic block can be added as an entry only in a function with CFG"); 3580 3581 if (&BB == BasicBlocks.front()) 3582 return getSymbol(); 3583 3584 MCSymbol *EntrySymbol = getSecondaryEntryPointSymbol(BB); 3585 if (EntrySymbol) 3586 return EntrySymbol; 3587 3588 EntrySymbol = 3589 BC.Ctx->getOrCreateSymbol("__ENTRY_" + BB.getLabel()->getName()); 3590 3591 SecondaryEntryPoints[BB.getLabel()] = EntrySymbol; 3592 3593 BC.setSymbolToFunctionMap(EntrySymbol, this); 3594 3595 return EntrySymbol; 3596 } 3597 3598 MCSymbol *BinaryFunction::getSymbolForEntryID(uint64_t EntryID) { 3599 if (EntryID == 0) 3600 return getSymbol(); 3601 3602 if (!isMultiEntry()) 3603 return nullptr; 3604 3605 uint64_t NumEntries = 1; 3606 if (hasCFG()) { 3607 for (BinaryBasicBlock *BB : BasicBlocks) { 3608 MCSymbol *EntrySymbol = getSecondaryEntryPointSymbol(*BB); 3609 if (!EntrySymbol) 3610 continue; 3611 if (NumEntries == EntryID) 3612 return EntrySymbol; 3613 ++NumEntries; 3614 } 3615 } else { 3616 for (std::pair<const uint32_t, MCSymbol *> &KV : Labels) { 3617 MCSymbol *EntrySymbol = getSecondaryEntryPointSymbol(KV.second); 3618 if (!EntrySymbol) 3619 continue; 3620 if (NumEntries == EntryID) 3621 return EntrySymbol; 3622 ++NumEntries; 3623 } 3624 } 3625 3626 return nullptr; 3627 } 3628 3629 uint64_t BinaryFunction::getEntryIDForSymbol(const MCSymbol *Symbol) const { 3630 if (!isMultiEntry()) 3631 return 0; 3632 3633 for (const MCSymbol *FunctionSymbol : getSymbols()) 3634 if (FunctionSymbol == Symbol) 3635 return 0; 3636 3637 // Check all secondary entries available as either basic blocks or lables. 3638 uint64_t NumEntries = 1; 3639 for (const BinaryBasicBlock *BB : BasicBlocks) { 3640 MCSymbol *EntrySymbol = getSecondaryEntryPointSymbol(*BB); 3641 if (!EntrySymbol) 3642 continue; 3643 if (EntrySymbol == Symbol) 3644 return NumEntries; 3645 ++NumEntries; 3646 } 3647 NumEntries = 1; 3648 for (const std::pair<const uint32_t, MCSymbol *> &KV : Labels) { 3649 MCSymbol *EntrySymbol = getSecondaryEntryPointSymbol(KV.second); 3650 if (!EntrySymbol) 3651 continue; 3652 if (EntrySymbol == Symbol) 3653 return NumEntries; 3654 ++NumEntries; 3655 } 3656 3657 llvm_unreachable("symbol not found"); 3658 } 3659 3660 bool BinaryFunction::forEachEntryPoint(EntryPointCallbackTy Callback) const { 3661 bool Status = Callback(0, getSymbol()); 3662 if (!isMultiEntry()) 3663 return Status; 3664 3665 for (const std::pair<const uint32_t, MCSymbol *> &KV : Labels) { 3666 if (!Status) 3667 break; 3668 3669 MCSymbol *EntrySymbol = getSecondaryEntryPointSymbol(KV.second); 3670 if (!EntrySymbol) 3671 continue; 3672 3673 Status = Callback(KV.first, EntrySymbol); 3674 } 3675 3676 return Status; 3677 } 3678 3679 BinaryFunction::BasicBlockListType BinaryFunction::dfs() const { 3680 BasicBlockListType DFS; 3681 std::stack<BinaryBasicBlock *> Stack; 3682 std::set<BinaryBasicBlock *> Visited; 3683 3684 // Push entry points to the stack in reverse order. 3685 // 3686 // NB: we rely on the original order of entries to match. 3687 SmallVector<BinaryBasicBlock *> EntryPoints; 3688 llvm::copy_if(BasicBlocks, std::back_inserter(EntryPoints), 3689 [&](const BinaryBasicBlock *const BB) { return isEntryPoint(*BB); }); 3690 // Sort entry points by their offset to make sure we got them in the right 3691 // order. 3692 llvm::stable_sort(EntryPoints, [](const BinaryBasicBlock *const A, 3693 const BinaryBasicBlock *const B) { 3694 return A->getOffset() < B->getOffset(); 3695 }); 3696 for (BinaryBasicBlock *const BB : reverse(EntryPoints)) 3697 Stack.push(BB); 3698 3699 while (!Stack.empty()) { 3700 BinaryBasicBlock *BB = Stack.top(); 3701 Stack.pop(); 3702 3703 if (!Visited.insert(BB).second) 3704 continue; 3705 DFS.push_back(BB); 3706 3707 for (BinaryBasicBlock *SuccBB : BB->landing_pads()) { 3708 Stack.push(SuccBB); 3709 } 3710 3711 const MCSymbol *TBB = nullptr; 3712 const MCSymbol *FBB = nullptr; 3713 MCInst *CondBranch = nullptr; 3714 MCInst *UncondBranch = nullptr; 3715 if (BB->analyzeBranch(TBB, FBB, CondBranch, UncondBranch) && CondBranch && 3716 BB->succ_size() == 2) { 3717 if (BC.MIB->getCanonicalBranchCondCode(BC.MIB->getCondCode( 3718 *CondBranch)) == BC.MIB->getCondCode(*CondBranch)) { 3719 Stack.push(BB->getConditionalSuccessor(true)); 3720 Stack.push(BB->getConditionalSuccessor(false)); 3721 } else { 3722 Stack.push(BB->getConditionalSuccessor(false)); 3723 Stack.push(BB->getConditionalSuccessor(true)); 3724 } 3725 } else { 3726 for (BinaryBasicBlock *SuccBB : BB->successors()) { 3727 Stack.push(SuccBB); 3728 } 3729 } 3730 } 3731 3732 return DFS; 3733 } 3734 3735 size_t BinaryFunction::computeHash(bool UseDFS, HashFunction HashFunction, 3736 OperandHashFuncTy OperandHashFunc) const { 3737 LLVM_DEBUG({ 3738 dbgs() << "BOLT-DEBUG: computeHash " << getPrintName() << ' ' 3739 << (UseDFS ? "dfs" : "bin") << " order " 3740 << (HashFunction == HashFunction::StdHash ? "std::hash" : "xxh3") 3741 << '\n'; 3742 }); 3743 3744 if (size() == 0) 3745 return 0; 3746 3747 assert(hasCFG() && "function is expected to have CFG"); 3748 3749 SmallVector<const BinaryBasicBlock *, 0> Order; 3750 if (UseDFS) 3751 llvm::copy(dfs(), std::back_inserter(Order)); 3752 else 3753 llvm::copy(Layout.blocks(), std::back_inserter(Order)); 3754 3755 // The hash is computed by creating a string of all instruction opcodes and 3756 // possibly their operands and then hashing that string with std::hash. 3757 std::string HashString; 3758 for (const BinaryBasicBlock *BB : Order) 3759 HashString.append(hashBlock(BC, *BB, OperandHashFunc)); 3760 3761 switch (HashFunction) { 3762 case HashFunction::StdHash: 3763 return Hash = std::hash<std::string>{}(HashString); 3764 case HashFunction::XXH3: 3765 return Hash = llvm::xxh3_64bits(HashString); 3766 } 3767 llvm_unreachable("Unhandled HashFunction"); 3768 } 3769 3770 void BinaryFunction::insertBasicBlocks( 3771 BinaryBasicBlock *Start, 3772 std::vector<std::unique_ptr<BinaryBasicBlock>> &&NewBBs, 3773 const bool UpdateLayout, const bool UpdateCFIState, 3774 const bool RecomputeLandingPads) { 3775 const int64_t StartIndex = Start ? getIndex(Start) : -1LL; 3776 const size_t NumNewBlocks = NewBBs.size(); 3777 3778 BasicBlocks.insert(BasicBlocks.begin() + (StartIndex + 1), NumNewBlocks, 3779 nullptr); 3780 3781 int64_t I = StartIndex + 1; 3782 for (std::unique_ptr<BinaryBasicBlock> &BB : NewBBs) { 3783 assert(!BasicBlocks[I]); 3784 BasicBlocks[I++] = BB.release(); 3785 } 3786 3787 if (RecomputeLandingPads) 3788 recomputeLandingPads(); 3789 else 3790 updateBBIndices(0); 3791 3792 if (UpdateLayout) 3793 updateLayout(Start, NumNewBlocks); 3794 3795 if (UpdateCFIState) 3796 updateCFIState(Start, NumNewBlocks); 3797 } 3798 3799 BinaryFunction::iterator BinaryFunction::insertBasicBlocks( 3800 BinaryFunction::iterator StartBB, 3801 std::vector<std::unique_ptr<BinaryBasicBlock>> &&NewBBs, 3802 const bool UpdateLayout, const bool UpdateCFIState, 3803 const bool RecomputeLandingPads) { 3804 const unsigned StartIndex = getIndex(&*StartBB); 3805 const size_t NumNewBlocks = NewBBs.size(); 3806 3807 BasicBlocks.insert(BasicBlocks.begin() + StartIndex + 1, NumNewBlocks, 3808 nullptr); 3809 auto RetIter = BasicBlocks.begin() + StartIndex + 1; 3810 3811 unsigned I = StartIndex + 1; 3812 for (std::unique_ptr<BinaryBasicBlock> &BB : NewBBs) { 3813 assert(!BasicBlocks[I]); 3814 BasicBlocks[I++] = BB.release(); 3815 } 3816 3817 if (RecomputeLandingPads) 3818 recomputeLandingPads(); 3819 else 3820 updateBBIndices(0); 3821 3822 if (UpdateLayout) 3823 updateLayout(*std::prev(RetIter), NumNewBlocks); 3824 3825 if (UpdateCFIState) 3826 updateCFIState(*std::prev(RetIter), NumNewBlocks); 3827 3828 return RetIter; 3829 } 3830 3831 void BinaryFunction::updateBBIndices(const unsigned StartIndex) { 3832 for (unsigned I = StartIndex; I < BasicBlocks.size(); ++I) 3833 BasicBlocks[I]->Index = I; 3834 } 3835 3836 void BinaryFunction::updateCFIState(BinaryBasicBlock *Start, 3837 const unsigned NumNewBlocks) { 3838 const int32_t CFIState = Start->getCFIStateAtExit(); 3839 const unsigned StartIndex = getIndex(Start) + 1; 3840 for (unsigned I = 0; I < NumNewBlocks; ++I) 3841 BasicBlocks[StartIndex + I]->setCFIState(CFIState); 3842 } 3843 3844 void BinaryFunction::updateLayout(BinaryBasicBlock *Start, 3845 const unsigned NumNewBlocks) { 3846 BasicBlockListType::iterator Begin; 3847 BasicBlockListType::iterator End; 3848 3849 // If start not provided copy new blocks from the beginning of BasicBlocks 3850 if (!Start) { 3851 Begin = BasicBlocks.begin(); 3852 End = BasicBlocks.begin() + NumNewBlocks; 3853 } else { 3854 unsigned StartIndex = getIndex(Start); 3855 Begin = std::next(BasicBlocks.begin(), StartIndex + 1); 3856 End = std::next(BasicBlocks.begin(), StartIndex + NumNewBlocks + 1); 3857 } 3858 3859 // Insert new blocks in the layout immediately after Start. 3860 Layout.insertBasicBlocks(Start, {Begin, End}); 3861 Layout.updateLayoutIndices(); 3862 } 3863 3864 bool BinaryFunction::checkForAmbiguousJumpTables() { 3865 SmallSet<uint64_t, 4> JumpTables; 3866 for (BinaryBasicBlock *&BB : BasicBlocks) { 3867 for (MCInst &Inst : *BB) { 3868 if (!BC.MIB->isIndirectBranch(Inst)) 3869 continue; 3870 uint64_t JTAddress = BC.MIB->getJumpTable(Inst); 3871 if (!JTAddress) 3872 continue; 3873 // This address can be inside another jump table, but we only consider 3874 // it ambiguous when the same start address is used, not the same JT 3875 // object. 3876 if (!JumpTables.count(JTAddress)) { 3877 JumpTables.insert(JTAddress); 3878 continue; 3879 } 3880 return true; 3881 } 3882 } 3883 return false; 3884 } 3885 3886 void BinaryFunction::disambiguateJumpTables( 3887 MCPlusBuilder::AllocatorIdTy AllocId) { 3888 assert((opts::JumpTables != JTS_BASIC && isSimple()) || !BC.HasRelocations); 3889 SmallPtrSet<JumpTable *, 4> JumpTables; 3890 for (BinaryBasicBlock *&BB : BasicBlocks) { 3891 for (MCInst &Inst : *BB) { 3892 if (!BC.MIB->isIndirectBranch(Inst)) 3893 continue; 3894 JumpTable *JT = getJumpTable(Inst); 3895 if (!JT) 3896 continue; 3897 if (JumpTables.insert(JT).second) 3898 continue; 3899 // This instruction is an indirect jump using a jump table, but it is 3900 // using the same jump table of another jump. Try all our tricks to 3901 // extract the jump table symbol and make it point to a new, duplicated JT 3902 MCPhysReg BaseReg1; 3903 uint64_t Scale; 3904 const MCSymbol *Target; 3905 // In case we match if our first matcher, first instruction is the one to 3906 // patch 3907 MCInst *JTLoadInst = &Inst; 3908 // Try a standard indirect jump matcher, scale 8 3909 std::unique_ptr<MCPlusBuilder::MCInstMatcher> IndJmpMatcher = 3910 BC.MIB->matchIndJmp(BC.MIB->matchReg(BaseReg1), 3911 BC.MIB->matchImm(Scale), BC.MIB->matchReg(), 3912 /*Offset=*/BC.MIB->matchSymbol(Target)); 3913 if (!IndJmpMatcher->match( 3914 *BC.MRI, *BC.MIB, 3915 MutableArrayRef<MCInst>(&*BB->begin(), &Inst + 1), -1) || 3916 BaseReg1 != BC.MIB->getNoRegister() || Scale != 8) { 3917 MCPhysReg BaseReg2; 3918 uint64_t Offset; 3919 // Standard JT matching failed. Trying now: 3920 // movq "jt.2397/1"(,%rax,8), %rax 3921 // jmpq *%rax 3922 std::unique_ptr<MCPlusBuilder::MCInstMatcher> LoadMatcherOwner = 3923 BC.MIB->matchLoad(BC.MIB->matchReg(BaseReg1), 3924 BC.MIB->matchImm(Scale), BC.MIB->matchReg(), 3925 /*Offset=*/BC.MIB->matchSymbol(Target)); 3926 MCPlusBuilder::MCInstMatcher *LoadMatcher = LoadMatcherOwner.get(); 3927 std::unique_ptr<MCPlusBuilder::MCInstMatcher> IndJmpMatcher2 = 3928 BC.MIB->matchIndJmp(std::move(LoadMatcherOwner)); 3929 if (!IndJmpMatcher2->match( 3930 *BC.MRI, *BC.MIB, 3931 MutableArrayRef<MCInst>(&*BB->begin(), &Inst + 1), -1) || 3932 BaseReg1 != BC.MIB->getNoRegister() || Scale != 8) { 3933 // JT matching failed. Trying now: 3934 // PIC-style matcher, scale 4 3935 // addq %rdx, %rsi 3936 // addq %rdx, %rdi 3937 // leaq DATAat0x402450(%rip), %r11 3938 // movslq (%r11,%rdx,4), %rcx 3939 // addq %r11, %rcx 3940 // jmpq *%rcx # JUMPTABLE @0x402450 3941 std::unique_ptr<MCPlusBuilder::MCInstMatcher> PICIndJmpMatcher = 3942 BC.MIB->matchIndJmp(BC.MIB->matchAdd( 3943 BC.MIB->matchReg(BaseReg1), 3944 BC.MIB->matchLoad(BC.MIB->matchReg(BaseReg2), 3945 BC.MIB->matchImm(Scale), BC.MIB->matchReg(), 3946 BC.MIB->matchImm(Offset)))); 3947 std::unique_ptr<MCPlusBuilder::MCInstMatcher> LEAMatcherOwner = 3948 BC.MIB->matchLoadAddr(BC.MIB->matchSymbol(Target)); 3949 MCPlusBuilder::MCInstMatcher *LEAMatcher = LEAMatcherOwner.get(); 3950 std::unique_ptr<MCPlusBuilder::MCInstMatcher> PICBaseAddrMatcher = 3951 BC.MIB->matchIndJmp(BC.MIB->matchAdd(std::move(LEAMatcherOwner), 3952 BC.MIB->matchAnyOperand())); 3953 if (!PICIndJmpMatcher->match( 3954 *BC.MRI, *BC.MIB, 3955 MutableArrayRef<MCInst>(&*BB->begin(), &Inst + 1), -1) || 3956 Scale != 4 || BaseReg1 != BaseReg2 || Offset != 0 || 3957 !PICBaseAddrMatcher->match( 3958 *BC.MRI, *BC.MIB, 3959 MutableArrayRef<MCInst>(&*BB->begin(), &Inst + 1), -1)) { 3960 llvm_unreachable("Failed to extract jump table base"); 3961 continue; 3962 } 3963 // Matched PIC, identify the instruction with the reference to the JT 3964 JTLoadInst = LEAMatcher->CurInst; 3965 } else { 3966 // Matched non-PIC 3967 JTLoadInst = LoadMatcher->CurInst; 3968 } 3969 } 3970 3971 uint64_t NewJumpTableID = 0; 3972 const MCSymbol *NewJTLabel; 3973 std::tie(NewJumpTableID, NewJTLabel) = 3974 BC.duplicateJumpTable(*this, JT, Target); 3975 { 3976 auto L = BC.scopeLock(); 3977 BC.MIB->replaceMemOperandDisp(*JTLoadInst, NewJTLabel, BC.Ctx.get()); 3978 } 3979 // We use a unique ID with the high bit set as address for this "injected" 3980 // jump table (not originally in the input binary). 3981 BC.MIB->setJumpTable(Inst, NewJumpTableID, 0, AllocId); 3982 } 3983 } 3984 } 3985 3986 bool BinaryFunction::replaceJumpTableEntryIn(BinaryBasicBlock *BB, 3987 BinaryBasicBlock *OldDest, 3988 BinaryBasicBlock *NewDest) { 3989 MCInst *Instr = BB->getLastNonPseudoInstr(); 3990 if (!Instr || !BC.MIB->isIndirectBranch(*Instr)) 3991 return false; 3992 uint64_t JTAddress = BC.MIB->getJumpTable(*Instr); 3993 assert(JTAddress && "Invalid jump table address"); 3994 JumpTable *JT = getJumpTableContainingAddress(JTAddress); 3995 assert(JT && "No jump table structure for this indirect branch"); 3996 bool Patched = JT->replaceDestination(JTAddress, OldDest->getLabel(), 3997 NewDest->getLabel()); 3998 (void)Patched; 3999 assert(Patched && "Invalid entry to be replaced in jump table"); 4000 return true; 4001 } 4002 4003 BinaryBasicBlock *BinaryFunction::splitEdge(BinaryBasicBlock *From, 4004 BinaryBasicBlock *To) { 4005 // Create intermediate BB 4006 MCSymbol *Tmp; 4007 { 4008 auto L = BC.scopeLock(); 4009 Tmp = BC.Ctx->createNamedTempSymbol("SplitEdge"); 4010 } 4011 // Link new BBs to the original input offset of the From BB, so we can map 4012 // samples recorded in new BBs back to the original BB seem in the input 4013 // binary (if using BAT) 4014 std::unique_ptr<BinaryBasicBlock> NewBB = createBasicBlock(Tmp); 4015 NewBB->setOffset(From->getInputOffset()); 4016 BinaryBasicBlock *NewBBPtr = NewBB.get(); 4017 4018 // Update "From" BB 4019 auto I = From->succ_begin(); 4020 auto BI = From->branch_info_begin(); 4021 for (; I != From->succ_end(); ++I) { 4022 if (*I == To) 4023 break; 4024 ++BI; 4025 } 4026 assert(I != From->succ_end() && "Invalid CFG edge in splitEdge!"); 4027 uint64_t OrigCount = BI->Count; 4028 uint64_t OrigMispreds = BI->MispredictedCount; 4029 replaceJumpTableEntryIn(From, To, NewBBPtr); 4030 From->replaceSuccessor(To, NewBBPtr, OrigCount, OrigMispreds); 4031 4032 NewBB->addSuccessor(To, OrigCount, OrigMispreds); 4033 NewBB->setExecutionCount(OrigCount); 4034 NewBB->setIsCold(From->isCold()); 4035 4036 // Update CFI and BB layout with new intermediate BB 4037 std::vector<std::unique_ptr<BinaryBasicBlock>> NewBBs; 4038 NewBBs.emplace_back(std::move(NewBB)); 4039 insertBasicBlocks(From, std::move(NewBBs), true, true, 4040 /*RecomputeLandingPads=*/false); 4041 return NewBBPtr; 4042 } 4043 4044 void BinaryFunction::deleteConservativeEdges() { 4045 // Our goal is to aggressively remove edges from the CFG that we believe are 4046 // wrong. This is used for instrumentation, where it is safe to remove 4047 // fallthrough edges because we won't reorder blocks. 4048 for (auto I = BasicBlocks.begin(), E = BasicBlocks.end(); I != E; ++I) { 4049 BinaryBasicBlock *BB = *I; 4050 if (BB->succ_size() != 1 || BB->size() == 0) 4051 continue; 4052 4053 auto NextBB = std::next(I); 4054 MCInst *Last = BB->getLastNonPseudoInstr(); 4055 // Fallthrough is a landing pad? Delete this edge (as long as we don't 4056 // have a direct jump to it) 4057 if ((*BB->succ_begin())->isLandingPad() && NextBB != E && 4058 *BB->succ_begin() == *NextBB && Last && !BC.MIB->isBranch(*Last)) { 4059 BB->removeAllSuccessors(); 4060 continue; 4061 } 4062 4063 // Look for suspicious calls at the end of BB where gcc may optimize it and 4064 // remove the jump to the epilogue when it knows the call won't return. 4065 if (!Last || !BC.MIB->isCall(*Last)) 4066 continue; 4067 4068 const MCSymbol *CalleeSymbol = BC.MIB->getTargetSymbol(*Last); 4069 if (!CalleeSymbol) 4070 continue; 4071 4072 StringRef CalleeName = CalleeSymbol->getName(); 4073 if (CalleeName != "__cxa_throw@PLT" && CalleeName != "_Unwind_Resume@PLT" && 4074 CalleeName != "__cxa_rethrow@PLT" && CalleeName != "exit@PLT" && 4075 CalleeName != "abort@PLT") 4076 continue; 4077 4078 BB->removeAllSuccessors(); 4079 } 4080 } 4081 4082 bool BinaryFunction::isSymbolValidInScope(const SymbolRef &Symbol, 4083 uint64_t SymbolSize) const { 4084 // If this symbol is in a different section from the one where the 4085 // function symbol is, don't consider it as valid. 4086 if (!getOriginSection()->containsAddress( 4087 cantFail(Symbol.getAddress(), "cannot get symbol address"))) 4088 return false; 4089 4090 // Some symbols are tolerated inside function bodies, others are not. 4091 // The real function boundaries may not be known at this point. 4092 if (BC.isMarker(Symbol)) 4093 return true; 4094 4095 // It's okay to have a zero-sized symbol in the middle of non-zero-sized 4096 // function. 4097 if (SymbolSize == 0 && containsAddress(cantFail(Symbol.getAddress()))) 4098 return true; 4099 4100 if (cantFail(Symbol.getType()) != SymbolRef::ST_Unknown) 4101 return false; 4102 4103 if (cantFail(Symbol.getFlags()) & SymbolRef::SF_Global) 4104 return false; 4105 4106 return true; 4107 } 4108 4109 void BinaryFunction::adjustExecutionCount(uint64_t Count) { 4110 if (getKnownExecutionCount() == 0 || Count == 0) 4111 return; 4112 4113 if (ExecutionCount < Count) 4114 Count = ExecutionCount; 4115 4116 double AdjustmentRatio = ((double)ExecutionCount - Count) / ExecutionCount; 4117 if (AdjustmentRatio < 0.0) 4118 AdjustmentRatio = 0.0; 4119 4120 for (BinaryBasicBlock &BB : blocks()) 4121 BB.adjustExecutionCount(AdjustmentRatio); 4122 4123 ExecutionCount -= Count; 4124 } 4125 4126 BinaryFunction::~BinaryFunction() { 4127 for (BinaryBasicBlock *BB : BasicBlocks) 4128 delete BB; 4129 for (BinaryBasicBlock *BB : DeletedBasicBlocks) 4130 delete BB; 4131 } 4132 4133 void BinaryFunction::constructDomTree() { 4134 BDT.reset(new BinaryDominatorTree); 4135 BDT->recalculate(*this); 4136 } 4137 4138 void BinaryFunction::calculateLoopInfo() { 4139 if (!hasDomTree()) 4140 constructDomTree(); 4141 // Discover loops. 4142 BLI.reset(new BinaryLoopInfo()); 4143 BLI->analyze(getDomTree()); 4144 4145 // Traverse discovered loops and add depth and profile information. 4146 std::stack<BinaryLoop *> St; 4147 for (auto I = BLI->begin(), E = BLI->end(); I != E; ++I) { 4148 St.push(*I); 4149 ++BLI->OuterLoops; 4150 } 4151 4152 while (!St.empty()) { 4153 BinaryLoop *L = St.top(); 4154 St.pop(); 4155 ++BLI->TotalLoops; 4156 BLI->MaximumDepth = std::max(L->getLoopDepth(), BLI->MaximumDepth); 4157 4158 // Add nested loops in the stack. 4159 for (BinaryLoop::iterator I = L->begin(), E = L->end(); I != E; ++I) 4160 St.push(*I); 4161 4162 // Skip if no valid profile is found. 4163 if (!hasValidProfile()) { 4164 L->EntryCount = COUNT_NO_PROFILE; 4165 L->ExitCount = COUNT_NO_PROFILE; 4166 L->TotalBackEdgeCount = COUNT_NO_PROFILE; 4167 continue; 4168 } 4169 4170 // Compute back edge count. 4171 SmallVector<BinaryBasicBlock *, 1> Latches; 4172 L->getLoopLatches(Latches); 4173 4174 for (BinaryBasicBlock *Latch : Latches) { 4175 auto BI = Latch->branch_info_begin(); 4176 for (BinaryBasicBlock *Succ : Latch->successors()) { 4177 if (Succ == L->getHeader()) { 4178 assert(BI->Count != BinaryBasicBlock::COUNT_NO_PROFILE && 4179 "profile data not found"); 4180 L->TotalBackEdgeCount += BI->Count; 4181 } 4182 ++BI; 4183 } 4184 } 4185 4186 // Compute entry count. 4187 L->EntryCount = L->getHeader()->getExecutionCount() - L->TotalBackEdgeCount; 4188 4189 // Compute exit count. 4190 SmallVector<BinaryLoop::Edge, 1> ExitEdges; 4191 L->getExitEdges(ExitEdges); 4192 for (BinaryLoop::Edge &Exit : ExitEdges) { 4193 const BinaryBasicBlock *Exiting = Exit.first; 4194 const BinaryBasicBlock *ExitTarget = Exit.second; 4195 auto BI = Exiting->branch_info_begin(); 4196 for (BinaryBasicBlock *Succ : Exiting->successors()) { 4197 if (Succ == ExitTarget) { 4198 assert(BI->Count != BinaryBasicBlock::COUNT_NO_PROFILE && 4199 "profile data not found"); 4200 L->ExitCount += BI->Count; 4201 } 4202 ++BI; 4203 } 4204 } 4205 } 4206 } 4207 4208 void BinaryFunction::updateOutputValues(const BOLTLinker &Linker) { 4209 if (!isEmitted()) { 4210 assert(!isInjected() && "injected function should be emitted"); 4211 setOutputAddress(getAddress()); 4212 setOutputSize(getSize()); 4213 return; 4214 } 4215 4216 const auto SymbolInfo = Linker.lookupSymbolInfo(getSymbol()->getName()); 4217 assert(SymbolInfo && "Cannot find function entry symbol"); 4218 setOutputAddress(SymbolInfo->Address); 4219 setOutputSize(SymbolInfo->Size); 4220 4221 if (BC.HasRelocations || isInjected()) { 4222 if (hasConstantIsland()) { 4223 const auto DataAddress = 4224 Linker.lookupSymbol(getFunctionConstantIslandLabel()->getName()); 4225 assert(DataAddress && "Cannot find function CI symbol"); 4226 setOutputDataAddress(*DataAddress); 4227 for (auto It : Islands->Offsets) { 4228 const uint64_t OldOffset = It.first; 4229 BinaryData *BD = BC.getBinaryDataAtAddress(getAddress() + OldOffset); 4230 if (!BD) 4231 continue; 4232 4233 MCSymbol *Symbol = It.second; 4234 const auto NewAddress = Linker.lookupSymbol(Symbol->getName()); 4235 assert(NewAddress && "Cannot find CI symbol"); 4236 auto &Section = *getCodeSection(); 4237 const auto NewOffset = *NewAddress - Section.getOutputAddress(); 4238 BD->setOutputLocation(Section, NewOffset); 4239 } 4240 } 4241 if (isSplit()) { 4242 for (FunctionFragment &FF : getLayout().getSplitFragments()) { 4243 ErrorOr<BinarySection &> ColdSection = 4244 getCodeSection(FF.getFragmentNum()); 4245 // If fragment is empty, cold section might not exist 4246 if (FF.empty() && ColdSection.getError()) 4247 continue; 4248 4249 const MCSymbol *ColdStartSymbol = getSymbol(FF.getFragmentNum()); 4250 // If fragment is empty, symbol might have not been emitted 4251 if (FF.empty() && (!ColdStartSymbol || !ColdStartSymbol->isDefined()) && 4252 !hasConstantIsland()) 4253 continue; 4254 assert(ColdStartSymbol && ColdStartSymbol->isDefined() && 4255 "split function should have defined cold symbol"); 4256 const auto ColdStartSymbolInfo = 4257 Linker.lookupSymbolInfo(ColdStartSymbol->getName()); 4258 assert(ColdStartSymbolInfo && "Cannot find cold start symbol"); 4259 FF.setAddress(ColdStartSymbolInfo->Address); 4260 FF.setImageSize(ColdStartSymbolInfo->Size); 4261 if (hasConstantIsland()) { 4262 const auto DataAddress = Linker.lookupSymbol( 4263 getFunctionColdConstantIslandLabel()->getName()); 4264 assert(DataAddress && "Cannot find cold CI symbol"); 4265 setOutputColdDataAddress(*DataAddress); 4266 } 4267 } 4268 } 4269 } 4270 4271 // Update basic block output ranges for the debug info, if we have 4272 // secondary entry points in the symbol table to update or if writing BAT. 4273 if (!requiresAddressMap()) 4274 return; 4275 4276 // AArch64 may have functions that only contains a constant island (no code). 4277 if (getLayout().block_empty()) 4278 return; 4279 4280 for (FunctionFragment &FF : getLayout().fragments()) { 4281 if (FF.empty()) 4282 continue; 4283 4284 const uint64_t FragmentBaseAddress = 4285 getCodeSection(isSimple() ? FF.getFragmentNum() : FragmentNum::main()) 4286 ->getOutputAddress(); 4287 4288 BinaryBasicBlock *PrevBB = nullptr; 4289 for (BinaryBasicBlock *const BB : FF) { 4290 assert(BB->getLabel()->isDefined() && "symbol should be defined"); 4291 if (!BC.HasRelocations) { 4292 if (BB->isSplit()) 4293 assert(FragmentBaseAddress == FF.getAddress()); 4294 else 4295 assert(FragmentBaseAddress == getOutputAddress()); 4296 (void)FragmentBaseAddress; 4297 } 4298 4299 // Injected functions likely will fail lookup, as they have no 4300 // input range. Just assign the BB the output address of the 4301 // function. 4302 auto MaybeBBAddress = BC.getIOAddressMap().lookup(BB->getLabel()); 4303 const uint64_t BBAddress = MaybeBBAddress ? *MaybeBBAddress 4304 : BB->isSplit() ? FF.getAddress() 4305 : getOutputAddress(); 4306 BB->setOutputStartAddress(BBAddress); 4307 4308 if (PrevBB) { 4309 assert(PrevBB->getOutputAddressRange().first <= BBAddress && 4310 "Bad output address for basic block."); 4311 assert((PrevBB->getOutputAddressRange().first != BBAddress || 4312 !hasInstructions() || !PrevBB->getNumNonPseudos()) && 4313 "Bad output address for basic block."); 4314 PrevBB->setOutputEndAddress(BBAddress); 4315 } 4316 PrevBB = BB; 4317 } 4318 4319 PrevBB->setOutputEndAddress(PrevBB->isSplit() 4320 ? FF.getAddress() + FF.getImageSize() 4321 : getOutputAddress() + getOutputSize()); 4322 } 4323 4324 // Reset output addresses for deleted blocks. 4325 for (BinaryBasicBlock *BB : DeletedBasicBlocks) { 4326 BB->setOutputStartAddress(0); 4327 BB->setOutputEndAddress(0); 4328 } 4329 } 4330 4331 DebugAddressRangesVector BinaryFunction::getOutputAddressRanges() const { 4332 DebugAddressRangesVector OutputRanges; 4333 4334 if (isFolded()) 4335 return OutputRanges; 4336 4337 if (IsFragment) 4338 return OutputRanges; 4339 4340 OutputRanges.emplace_back(getOutputAddress(), 4341 getOutputAddress() + getOutputSize()); 4342 if (isSplit()) { 4343 assert(isEmitted() && "split function should be emitted"); 4344 for (const FunctionFragment &FF : getLayout().getSplitFragments()) 4345 OutputRanges.emplace_back(FF.getAddress(), 4346 FF.getAddress() + FF.getImageSize()); 4347 } 4348 4349 if (isSimple()) 4350 return OutputRanges; 4351 4352 for (BinaryFunction *Frag : Fragments) { 4353 assert(!Frag->isSimple() && 4354 "fragment of non-simple function should also be non-simple"); 4355 OutputRanges.emplace_back(Frag->getOutputAddress(), 4356 Frag->getOutputAddress() + Frag->getOutputSize()); 4357 } 4358 4359 return OutputRanges; 4360 } 4361 4362 uint64_t BinaryFunction::translateInputToOutputAddress(uint64_t Address) const { 4363 if (isFolded()) 4364 return 0; 4365 4366 // If the function hasn't changed return the same address. 4367 if (!isEmitted()) 4368 return Address; 4369 4370 if (Address < getAddress()) 4371 return 0; 4372 4373 // Check if the address is associated with an instruction that is tracked 4374 // by address translation. 4375 if (auto OutputAddress = BC.getIOAddressMap().lookup(Address)) 4376 return *OutputAddress; 4377 4378 // FIXME: #18950828 - we rely on relative offsets inside basic blocks to stay 4379 // intact. Instead we can use pseudo instructions and/or annotations. 4380 const uint64_t Offset = Address - getAddress(); 4381 const BinaryBasicBlock *BB = getBasicBlockContainingOffset(Offset); 4382 if (!BB) { 4383 // Special case for address immediately past the end of the function. 4384 if (Offset == getSize()) 4385 return getOutputAddress() + getOutputSize(); 4386 4387 return 0; 4388 } 4389 4390 return std::min(BB->getOutputAddressRange().first + Offset - BB->getOffset(), 4391 BB->getOutputAddressRange().second); 4392 } 4393 4394 DebugAddressRangesVector 4395 BinaryFunction::translateInputToOutputRange(DebugAddressRange InRange) const { 4396 DebugAddressRangesVector OutRanges; 4397 4398 // The function was removed from the output. Return an empty range. 4399 if (isFolded()) 4400 return OutRanges; 4401 4402 // If the function hasn't changed return the same range. 4403 if (!isEmitted()) { 4404 OutRanges.emplace_back(InRange); 4405 return OutRanges; 4406 } 4407 4408 if (!containsAddress(InRange.LowPC)) 4409 return OutRanges; 4410 4411 // Special case of an empty range [X, X). Some tools expect X to be updated. 4412 if (InRange.LowPC == InRange.HighPC) { 4413 if (uint64_t NewPC = translateInputToOutputAddress(InRange.LowPC)) 4414 OutRanges.push_back(DebugAddressRange{NewPC, NewPC}); 4415 return OutRanges; 4416 } 4417 4418 uint64_t InputOffset = InRange.LowPC - getAddress(); 4419 const uint64_t InputEndOffset = 4420 std::min(InRange.HighPC - getAddress(), getSize()); 4421 4422 auto BBI = llvm::upper_bound(BasicBlockOffsets, 4423 BasicBlockOffset(InputOffset, nullptr), 4424 CompareBasicBlockOffsets()); 4425 assert(BBI != BasicBlockOffsets.begin()); 4426 4427 // Iterate over blocks in the input order using BasicBlockOffsets. 4428 for (--BBI; InputOffset < InputEndOffset && BBI != BasicBlockOffsets.end(); 4429 InputOffset = BBI->second->getEndOffset(), ++BBI) { 4430 const BinaryBasicBlock &BB = *BBI->second; 4431 if (InputOffset < BB.getOffset() || InputOffset >= BB.getEndOffset()) { 4432 LLVM_DEBUG( 4433 dbgs() << "BOLT-DEBUG: invalid debug address range detected for " 4434 << *this << " : [0x" << Twine::utohexstr(InRange.LowPC) 4435 << ", 0x" << Twine::utohexstr(InRange.HighPC) << "]\n"); 4436 break; 4437 } 4438 4439 // Skip the block if it wasn't emitted. 4440 if (!BB.getOutputAddressRange().first) 4441 continue; 4442 4443 // Find output address for an instruction with an offset greater or equal 4444 // to /p Offset. The output address should fall within the same basic 4445 // block boundaries. 4446 auto translateBlockOffset = [&](const uint64_t Offset) { 4447 const uint64_t OutAddress = BB.getOutputAddressRange().first + Offset; 4448 return std::min(OutAddress, BB.getOutputAddressRange().second); 4449 }; 4450 4451 uint64_t OutLowPC = BB.getOutputAddressRange().first; 4452 if (InputOffset > BB.getOffset()) 4453 OutLowPC = translateBlockOffset(InputOffset - BB.getOffset()); 4454 4455 uint64_t OutHighPC = BB.getOutputAddressRange().second; 4456 if (InputEndOffset < BB.getEndOffset()) { 4457 assert(InputEndOffset >= BB.getOffset()); 4458 OutHighPC = translateBlockOffset(InputEndOffset - BB.getOffset()); 4459 } 4460 4461 // Check if we can expand the last translated range. 4462 if (!OutRanges.empty() && OutRanges.back().HighPC == OutLowPC) 4463 OutRanges.back().HighPC = std::max(OutRanges.back().HighPC, OutHighPC); 4464 else 4465 OutRanges.emplace_back(OutLowPC, std::max(OutLowPC, OutHighPC)); 4466 } 4467 4468 LLVM_DEBUG({ 4469 dbgs() << "BOLT-DEBUG: translated address range " << InRange << " -> "; 4470 for (const DebugAddressRange &R : OutRanges) 4471 dbgs() << R << ' '; 4472 dbgs() << '\n'; 4473 }); 4474 4475 return OutRanges; 4476 } 4477 4478 MCInst *BinaryFunction::getInstructionAtOffset(uint64_t Offset) { 4479 if (CurrentState == State::Disassembled) { 4480 auto II = Instructions.find(Offset); 4481 return (II == Instructions.end()) ? nullptr : &II->second; 4482 } else if (CurrentState == State::CFG) { 4483 BinaryBasicBlock *BB = getBasicBlockContainingOffset(Offset); 4484 if (!BB) 4485 return nullptr; 4486 4487 for (MCInst &Inst : *BB) { 4488 constexpr uint32_t InvalidOffset = std::numeric_limits<uint32_t>::max(); 4489 if (Offset == BC.MIB->getOffsetWithDefault(Inst, InvalidOffset)) 4490 return &Inst; 4491 } 4492 4493 if (MCInst *LastInstr = BB->getLastNonPseudoInstr()) { 4494 if (std::optional<uint32_t> Size = BC.MIB->getSize(*LastInstr)) { 4495 if (BB->getEndOffset() - Offset == Size) { 4496 return LastInstr; 4497 } 4498 } 4499 } 4500 4501 return nullptr; 4502 } else { 4503 llvm_unreachable("invalid CFG state to use getInstructionAtOffset()"); 4504 } 4505 } 4506 4507 MCInst *BinaryFunction::getInstructionContainingOffset(uint64_t Offset) { 4508 assert(CurrentState == State::Disassembled && "Wrong function state"); 4509 4510 if (Offset > Size) 4511 return nullptr; 4512 4513 auto II = Instructions.upper_bound(Offset); 4514 assert(II != Instructions.begin() && "First instruction not at offset 0"); 4515 --II; 4516 return &II->second; 4517 } 4518 4519 void BinaryFunction::printLoopInfo(raw_ostream &OS) const { 4520 if (!opts::shouldPrint(*this)) 4521 return; 4522 4523 OS << "Loop Info for Function \"" << *this << "\""; 4524 if (hasValidProfile()) 4525 OS << " (count: " << getExecutionCount() << ")"; 4526 OS << "\n"; 4527 4528 std::stack<BinaryLoop *> St; 4529 for (BinaryLoop *L : *BLI) 4530 St.push(L); 4531 while (!St.empty()) { 4532 BinaryLoop *L = St.top(); 4533 St.pop(); 4534 4535 for (BinaryLoop *Inner : *L) 4536 St.push(Inner); 4537 4538 if (!hasValidProfile()) 4539 continue; 4540 4541 OS << (L->getLoopDepth() > 1 ? "Nested" : "Outer") 4542 << " loop header: " << L->getHeader()->getName(); 4543 OS << "\n"; 4544 OS << "Loop basic blocks: "; 4545 ListSeparator LS; 4546 for (BinaryBasicBlock *BB : L->blocks()) 4547 OS << LS << BB->getName(); 4548 OS << "\n"; 4549 if (hasValidProfile()) { 4550 OS << "Total back edge count: " << L->TotalBackEdgeCount << "\n"; 4551 OS << "Loop entry count: " << L->EntryCount << "\n"; 4552 OS << "Loop exit count: " << L->ExitCount << "\n"; 4553 if (L->EntryCount > 0) { 4554 OS << "Average iters per entry: " 4555 << format("%.4lf", (double)L->TotalBackEdgeCount / L->EntryCount) 4556 << "\n"; 4557 } 4558 } 4559 OS << "----\n"; 4560 } 4561 4562 OS << "Total number of loops: " << BLI->TotalLoops << "\n"; 4563 OS << "Number of outer loops: " << BLI->OuterLoops << "\n"; 4564 OS << "Maximum nested loop depth: " << BLI->MaximumDepth << "\n\n"; 4565 } 4566 4567 bool BinaryFunction::isAArch64Veneer() const { 4568 if (empty() || hasIslandsInfo()) 4569 return false; 4570 4571 BinaryBasicBlock &BB = **BasicBlocks.begin(); 4572 for (MCInst &Inst : BB) 4573 if (!BC.MIB->hasAnnotation(Inst, "AArch64Veneer")) 4574 return false; 4575 4576 for (auto I = BasicBlocks.begin() + 1, E = BasicBlocks.end(); I != E; ++I) { 4577 for (MCInst &Inst : **I) 4578 if (!BC.MIB->isNoop(Inst)) 4579 return false; 4580 } 4581 4582 return true; 4583 } 4584 4585 void BinaryFunction::addRelocation(uint64_t Address, MCSymbol *Symbol, 4586 uint64_t RelType, uint64_t Addend, 4587 uint64_t Value) { 4588 assert(Address >= getAddress() && Address < getAddress() + getMaxSize() && 4589 "address is outside of the function"); 4590 uint64_t Offset = Address - getAddress(); 4591 LLVM_DEBUG(dbgs() << "BOLT-DEBUG: addRelocation in " 4592 << formatv("{0}@{1:x} against {2}\n", *this, Offset, 4593 (Symbol ? Symbol->getName() : "<undef>"))); 4594 bool IsCI = BC.isAArch64() && isInConstantIsland(Address); 4595 std::map<uint64_t, Relocation> &Rels = 4596 IsCI ? Islands->Relocations : Relocations; 4597 if (BC.MIB->shouldRecordCodeRelocation(RelType)) 4598 Rels[Offset] = Relocation{Offset, Symbol, RelType, Addend, Value}; 4599 } 4600 4601 } // namespace bolt 4602 } // namespace llvm 4603