i#7050: Remove preempted and faulting instruction from the drmemtrace…

…s. (#7058) Change the implementation to remove preempted and faulting instructions from drmemtraces. The objective of the change is to remove non-retired instructions and the corresponding memrefs from drmemtraces. When an instruction is removed, a new marker TRACE_MARKER_TYPE_UNCOMPLETED_INSTRUCTION will be added. Its value is the encoding of the removed instruction up to the size of a pointer. Renamed handle_kernel_interrupt_and_markers() to handle_rseq_abort_marker() since the function has been modified to handle rseq abort. In oder to remove preempted instructions and memrefs, a new function preempted_by_kernel_event() is added to look for KERNEL EVENT marker which may be preceded by memrefs. If a KERNEL EVENT marker is found with the same PC, the instruction and any following memrefs are removed. Add unit tests to cover instruction and memref removed caused by a KERNEL EVENT. Update offline-legacy-int-offs.templatex, offline-burst_aarch64_sys.templatex and signal_invariants.c to account for removed instructions. Fixes #7050
DynamoRIO · Nov 14, 2024 · 77b7b2b · 77b7b2b
1 parent 1977651
commit 77b7b2b
Show file tree

Hide file tree

Showing 11 changed files with 519 additions and 131 deletions.
diff --git a/api/docs/release.dox b/api/docs/release.dox
@@ -126,11 +126,18 @@ clients.
 
 The changes between version \DR_VERSION and 11.0.0 include the following compatibility
 changes:
- - Added X64 Linux support to dr_create_memory_dump(). This API has the same
-   restriction as dr_suspend_all_other_threads_ex().
+ - Removed uncompleted instructions and the corresponding memrefs from drmemtraces.
+   Instructions which are fetched but not completed due to asynchronous signal or
+   fault are removed. A new marker
+   #dynamorio::drmemtrace::TRACE_MARKER_TYPE_UNCOMPLETED_INSTRUCTION was added
+   to indicate an uncompleted instruction was removed. The value of the marker
+   is the encoding of the removed instruction up to a pointer's length. Added
+   #OFFLINE_FILE_VERSION_RETIRED_INSTRUCTIONS_ONLY to increase the trace version
+   for drmemtraces with uncompleted instructions removed.
 
 Further non-compatibility-affecting changes include:
- - No changes yet.
+ - Added X64 Linux support to dr_create_memory_dump(). This API has the same
+   restriction as dr_suspend_all_other_threads_ex().
 
 **************************************************
 <hr>

diff --git a/clients/drcachesim/common/trace_entry.h b/clients/drcachesim/common/trace_entry.h
@@ -692,6 +692,21 @@ typedef enum {
      */
     TRACE_MARKER_TYPE_SIGNAL_NUMBER,
 
+    /**
+     * This marker is used to indicate an instruction started to execute but
+     * didn't retire. The instruction was either preempted by an asynchronous
+     * signal or caused a fault. The instruction and corresponding memrefs
+     * are removed from the trace.
+     *
+     * The marker value is the raw encoding bytes of the instruction up to the
+     * length of a pointer. The encoding will be incomplete for instructions
+     * with long encodings. It is best-effort to help understand the sequence of
+     * generated code where encodings are not available offline. The PC of this
+     * instruction is available in a subsequent
+     * #dynamorio::drmemtrace::TRACE_MARKER_TYPE_KERNEL_EVENT marker.
+     */
+    TRACE_MARKER_TYPE_UNCOMPLETED_INSTRUCTION,
+
     // ...
     // These values are reserved for future built-in marker types.
     // ...
@@ -946,8 +961,11 @@ typedef enum {
 #define OFFLINE_FILE_VERSION_KERNEL_INT_PC 4
 #define OFFLINE_FILE_VERSION_HEADER_FIELDS_SWAP 5
 #define OFFLINE_FILE_VERSION_ENCODINGS 6
-#define OFFLINE_FILE_VERSION_XFER_ABS_PC 7
-#define OFFLINE_FILE_VERSION OFFLINE_FILE_VERSION_XFER_ABS_PC
+#define OFFLINE_FILE_VERSION_XFER_ABS_PC \
+    7 /**< Use the absolute PC for kernel interruption PC for 64-bit mode.*/
+#define OFFLINE_FILE_VERSION_RETIRED_INSTRUCTIONS_ONLY \
+    8 /**< Trace version which has only retired instructions in drmemtraces.*/
+#define OFFLINE_FILE_VERSION OFFLINE_FILE_VERSION_RETIRED_INSTRUCTIONS_ONLY
 
 /**
  * Bitfields used to describe the high-level characteristics of both an

diff --git a/clients/drcachesim/docs/drcachesim.dox.in b/clients/drcachesim/docs/drcachesim.dox.in
@@ -193,6 +193,8 @@ Some of the more important markers are:
 
 - #dynamorio::drmemtrace::TRACE_MARKER_TYPE_CORE_WAIT - This is inserted by the trace scheduler (see \ref sec_drcachesim_sched) during replay of a previously recorded schedule when one core gets too far ahead of another according to the recorded timestamps.  This is an artificial wait to keep the replay on track, as opposed to the natural idle time of #dynamorio::drmemtrace::TRACE_MARKER_TYPE_CORE_IDLE.
 
+- #dynamorio::drmemtrace::TRACE_MARKER_TYPE_UNCOMPLETED_INSTRUCTION - This is inserted when an uncompleted instruction and its corresponding memory records are removed. The marker value contains the encoding of the removed instruction up to the length of a pointer. The encoding will be incomplete for instructions with long encodings. It is best-effort to help understand the sequence for generated code where encodings are not available offline. The PC of this instruction is available in a subsequent #dynamorio::drmemtrace::TRACE_MARKER_TYPE_KERNEL_EVENT marker.
+
 The full set of markers is listed under the enum #dynamorio::drmemtrace::trace_marker_type_t.
 
 ****************************************************************************
@@ -792,6 +794,46 @@ untaken conditional branch:
       801377      601843:     1159769 ifetch       4 byte(s) @ 0x00007fc2c3aa5c72 48 83 c4 48          add    $0x48, %rsp
 \endcode
 
+Here is an illustration of what a trace would look like when an uncompleted
+instruction (mov) is interrupted by an asynchronous signal and the instruction
+is not removed (The following trace is for demonstration purpose only):
+
+\code
+
+    46914793    33950158:     3767811 ifetch       5 byte(s) @ 0x000055f52911b75e c4 42 f8 f5 e8       bzhi   %r8, %rax, %r13
+    46914794    33950159:     3767811 ifetch       5 byte(s) @ 0x000055f52911b763 c4 62 f8 f5 c3       bzhi   %rbx, %rax, %r8
+    46914795    33950160:     3767811 ifetch       4 byte(s) @ 0x000055f52911b768 48 c1 eb 33          shr    $0x33, %rbx
+    46914796    33950161:     3767811 ifetch       3 byte(s) @ 0x000055f52911b76c 48 01 f3             add    %rsi, %rbx
+    46914797    33950162:     3767811 ifetch       5 byte(s) @ 0x000055f52911b76f b8 04 00 00 00       mov    $0x00000004, %eax
+    (The line below is for demonstration purpose only and will not appear in a real drmemtrace.)
+    46914798    33950163:     3767811 ifetch       6 byte(s) @ 0x000055f52911b774 89 85 68 ff ff ff    mov    %eax, -0x98(%rbp)
+    46914799    33950163:     3767811 <marker: kernel xfer from 0x55f52911b774 to handler>
+    46914800    33950163:     3767811 <marker: signal #27>
+    46914801    33950163:     3767811 <marker: timestamp 13373506292215933>
+    46914802    33950163:     3767811 <marker: tid 3767811 on core 4139>
+    46914803    33950164:     3767811 ifetch       1 byte(s) @ 0x000055f5298f7500 55                   push   %rbp
+    46914804    33950164:     3767811 write        8 byte(s) @ 0x00007fd98bd2f210 by PC 0x000055f5298f7500
+\endcode
+
+When the uncompleted mov instruction is removed, a
+#dynamorio::drmemtrace::TRACE_MARKER_TYPE_UNCOMPLETED_INSTRUCTION marker is placed to indicate an
+instruction has been removed:
+
+\code
+    46914793    33950158:     3767811 ifetch       5 byte(s) @ 0x000055f52911b75e c4 42 f8 f5 e8       bzhi   %r8, %rax, %r13
+    46914794    33950159:     3767811 ifetch       5 byte(s) @ 0x000055f52911b763 c4 62 f8 f5 c3       bzhi   %rbx, %rax, %r8
+    46914795    33950160:     3767811 ifetch       4 byte(s) @ 0x000055f52911b768 48 c1 eb 33          shr    $0x33, %rbx
+    46914796    33950161:     3767811 ifetch       3 byte(s) @ 0x000055f52911b76c 48 01 f3             add    %rsi, %rbx
+    46914797    33950162:     3767811 ifetch       5 byte(s) @ 0x000055f52911b76f b8 04 00 00 00       mov    $0x00000004, %eax
+    46914798    33950163:     3767811 <marker: uncompleted instruction, encoding 0x898568ff>
+    46914799    33950163:     3767811 <marker: kernel xfer from 0x55f52911b774 to handler>
+    46914800    33950163:     3767811 <marker: signal #27>
+    46914801    33950163:     3767811 <marker: timestamp 13373506292215933>
+    46914802    33950163:     3767811 <marker: tid 3767811 on core 4139>
+    46914803    33950164:     3767811 ifetch       1 byte(s) @ 0x000055f5298f7500 55                   push   %rbp
+    46914804    33950164:     3767811 write        8 byte(s) @ 0x00007fd98bd2f210 by PC 0x000055f5298f7500
+\endcode
+
 \section sec_tool_func_view View Function Calls
 
 The func_view tool records function argument and return values for

diff --git a/clients/drcachesim/tests/offline-burst_aarch64_sys.templatex b/clients/drcachesim/tests/offline-burst_aarch64_sys.templatex
@@ -13,7 +13,7 @@ Total counts:
      .* total data loads
      .* total data stores
            1 total icache flushes
-           4 total dcache flushes
+           3 total dcache flushes
            1 total threads
      .* total timestamp \+ cpuid markers
 .*
@@ -25,6 +25,6 @@ Thread .* counts:
      .* data loads
      .* data stores
            1 icache flushes
-           4 dcache flushes
+           3 dcache flushes
      .* timestamp \+ cpuid markers
 .*
diff --git a/clients/drcachesim/tests/offline-legacy-int-offs.templatex b/clients/drcachesim/tests/offline-legacy-int-offs.templatex
@@ -3,12 +3,12 @@ ERROR: failed to initialize analyzer: Directory setup failed: Failed sanity chec
 #elif defined(X86) && defined(X64)
 Basic counts tool results:
 Total counts:
-      109205 total \(fetched\) instructions
-        6768 total unique \(fetched\) instructions
+      109201 total \(fetched\) instructions
+        6765 total unique \(fetched\) instructions
           93 total non-fetched instructions
           11 total prefetches
-       23974 total data loads
-        5544 total data stores
+       23972 total data loads
+        5543 total data stores
            0 total icache flushes
            0 total dcache flushes
            3 total threads
@@ -24,15 +24,15 @@ Total counts:
            0 total physical address unavailable markers
            0 total system call number markers
            0 total blocking system call markers
-          12 total other markers
-        8429 total encodings
+          16 total other markers
+        8426 total encodings
 Thread 552306 counts:
-      101049 \(fetched\) instructions
-        6393 unique \(fetched\) instructions
+      101045 \(fetched\) instructions
+        6390 unique \(fetched\) instructions
           93 non-fetched instructions
           11 prefetches
-       21712 data loads
-        4442 data stores
+       21710 data loads
+        4441 data stores
            0 icache flushes
            0 dcache flushes
          110 timestamp \+ cpuid markers
@@ -47,8 +47,8 @@ Thread 552306 counts:
            0 physical address unavailable markers
            0 system call number markers
            0 blocking system call markers
-           4 other markers
-        6393 encodings
+           8 other markers
+        6390 encodings
 Thread 552323 counts:
         4674 \(fetched\) instructions
         1028 unique \(fetched\) instructions