This is an archive of the discontinued LLVM Phabricator instance.

Differential D149721

EntryExitInstrumenter: skip naked functions
ClosedPublic

Authored by MaskRay on May 2 2023, 9:08 PM.

Details

Reviewers
hans
pcc
Commits
rG3460f727eaa3: EntryExitInstrumenter: skip naked functions
Summary

The asm in a naked function may reasonably expect the argument registers and the
return address register (if present) to be live.

When using -pg and -finstrument-functions, functions are instrumented by adding
a function call to _mcount/__cyg_profile_func_enter/__cyg_profile_func_enter_bare/etc,
which will clobber these registers. If the return address register is clobbered,
the function will be unable to return to the caller, possibly causing an
infinite loop.

__attribute__((naked)) void g() {
#if defined(__arm__)
  __asm__("bx lr");
#else
  __asm__("ret");
#endif
}

int main() { g(); }

It seems that the only one reasonable way to handle the combination is to
disable instrumenting for naked functions.

GCC PR: https://gcc.gnu.org/PR109707
Close https://github.com/llvm/llvm-project/issues/62504

Diff Detail

Event Timeline

MaskRay created this revision.May 2 2023, 9:08 PM
Herald added a project: Restricted Project. · View Herald TranscriptMay 2 2023, 9:08 PM
Herald added subscribers: hoy, hiraditya. · View Herald Transcript
MaskRay requested review of this revision.May 2 2023, 9:08 PM
Herald added a project: Restricted Project. · View Herald TranscriptMay 2 2023, 9:08 PM
Herald added a subscriber: llvm-commits. · View Herald Transcript
MaskRay updated this revision to Diff 518967.May 2 2023, 9:44 PM

add a comment

MaskRay edited the summary of this revision. (Show Details)May 2 2023, 9:53 PM
MaskRay edited the summary of this revision. (Show Details)
Herald added a subscriber: kristof.beyls. · View Herald TranscriptMay 2 2023, 9:55 PM
Harbormaster completed remote builds in B229607: Diff 518967.May 3 2023, 12:19 AM
hans added a comment.May 3 2023, 2:16 AM

Seems reasonable to me.

Would -fprofile-instr-generate and -fprofile-generate have the same issue?

Do we have any docs about the naked attribute that should be updated?

MaskRay added a comment.May 3 2023, 10:54 AM
In D149721#4314910, @hans wrote:

Seems reasonable to me.

Would -fprofile-instr-generate and -fprofile-generate have the same issue?

No. The two instrumentations don't insert calls, and are therefore unaffected.

-fsanitize-coverage= works with naked by skipping an entry block ending with an unreachable.

Do we have any docs about the naked attribute that should be updated?

I think a doc need isn't strong, and even if does, the doc need likely belongs to the individual instrumentation features.
An instrumentation may skip many functions and we don't document all of them...

For this patch, I think there isn't anything to update...

hans accepted this revision.May 4 2023, 2:19 AM

lgtm

This revision is now accepted and ready to land.May 4 2023, 2:19 AM
Closed by commit rG3460f727eaa3: EntryExitInstrumenter: skip naked functions (authored by MaskRay). · Explain WhyMay 4 2023, 9:21 AM
This revision was automatically updated to reflect the committed changes.
MaskRay added a commit: rG3460f727eaa3: EntryExitInstrumenter: skip naked functions.

Revision Contents

PathSize
llvm/
lib/
Transforms/
Utils/
7 lines
test/
Transforms/
EntryExitInstrumenter/
7 lines

Diff 519524

llvm/lib/Transforms/Utils/EntryExitInstrumenter.cpp

Show First 20 LinesShow All 74 Lines▼ Show 20 Linesstatic void insertCall(Function &CurFn, StringRef Func,
} }
// We only know how to call a fixed set of instrumentation functions, because // We only know how to call a fixed set of instrumentation functions, because
// they all expect different arguments, etc. // they all expect different arguments, etc.
report_fatal_error(Twine("Unknown instrumentation function: '") + Func + "'"); report_fatal_error(Twine("Unknown instrumentation function: '") + Func + "'");
} }
static bool runOnFunction(Function &F, bool PostInlining) { static bool runOnFunction(Function &F, bool PostInlining) {
// The asm in a naked function may reasonably expect the argument registers
// and the return address register (if present) to be live. An inserted
// function call will clobber these registers. Simply skip naked functions for
// all targets.
if (F.hasFnAttribute(Attribute::Naked))
return false;
StringRef EntryAttr = PostInlining ? "instrument-function-entry-inlined" StringRef EntryAttr = PostInlining ? "instrument-function-entry-inlined"
: "instrument-function-entry"; : "instrument-function-entry";
StringRef ExitAttr = PostInlining ? "instrument-function-exit-inlined" StringRef ExitAttr = PostInlining ? "instrument-function-exit-inlined"
: "instrument-function-exit"; : "instrument-function-exit";
StringRef EntryFunc = F.getFnAttribute(EntryAttr).getValueAsString(); StringRef EntryFunc = F.getFnAttribute(EntryAttr).getValueAsString();
StringRef ExitFunc = F.getFnAttribute(ExitAttr).getValueAsString(); StringRef ExitFunc = F.getFnAttribute(ExitAttr).getValueAsString();
▲ Show 20 LinesShow All 59 LinesShow Last 20 Lines

llvm/test/Transforms/EntryExitInstrumenter/mcount.ll

Show First 20 LinesShow All 93 Lines▼ Show 20 Linesdefine ptr @tailcaller2() #8 {
ret ptr %2 ret ptr %2
; CHECK-LABEL: define ptr @tailcaller2 ; CHECK-LABEL: define ptr @tailcaller2
; CHECK: call void @__cyg_profile_func_exit ; CHECK: call void @__cyg_profile_func_exit
; CHECK: musttail call ptr @tailcallee ; CHECK: musttail call ptr @tailcallee
; CHECK: bitcast ; CHECK: bitcast
; CHECK: ret ; CHECK: ret
} }
;; naked functions are not instrumented, otherwise the argument registers
;; and the return address register (if present) would be clobbered.
define void @naked() naked { entry: ret void }
; CHECK-LABEL: define void @naked(
; CHECK-LABEL-NEXT: entry:
; CHECK-LABEL-NEXT: ret void
; The attributes are "consumed" when the instrumentation is inserted. ; The attributes are "consumed" when the instrumentation is inserted.
; CHECK: attributes ; CHECK: attributes
; CHECK-NOT: instrument-function ; CHECK-NOT: instrument-function
attributes #0 = { "instrument-function-entry-inlined"="mcount" "instrument-function-entry"="__cyg_profile_func_enter" "instrument-function-exit"="__cyg_profile_func_exit" } attributes #0 = { "instrument-function-entry-inlined"="mcount" "instrument-function-entry"="__cyg_profile_func_enter" "instrument-function-exit"="__cyg_profile_func_exit" }
attributes #1 = { "instrument-function-entry-inlined"=".mcount" } attributes #1 = { "instrument-function-entry-inlined"=".mcount" }
attributes #2 = { "instrument-function-entry-inlined"="llvm.arm.gnu.eabi.mcount" } attributes #2 = { "instrument-function-entry-inlined"="llvm.arm.gnu.eabi.mcount" }
attributes #3 = { "instrument-function-entry-inlined"="\01_mcount" } attributes #3 = { "instrument-function-entry-inlined"="\01_mcount" }
attributes #4 = { "instrument-function-entry-inlined"="\01mcount" } attributes #4 = { "instrument-function-entry-inlined"="\01mcount" }
attributes #5 = { "instrument-function-entry-inlined"="__mcount" } attributes #5 = { "instrument-function-entry-inlined"="__mcount" }
attributes #6 = { "instrument-function-entry-inlined"="_mcount" } attributes #6 = { "instrument-function-entry-inlined"="_mcount" }
attributes #7 = { "instrument-function-entry-inlined"="__cyg_profile_func_enter_bare" } attributes #7 = { "instrument-function-entry-inlined"="__cyg_profile_func_enter_bare" }
attributes #8 = { "instrument-function-exit"="__cyg_profile_func_exit" } attributes #8 = { "instrument-function-exit"="__cyg_profile_func_exit" }