該例子在註釋中這樣寫到:統計 div 指令個數, 要求是 除數必須爲2。因爲這種情況下我們可以將div 優化爲 移位。使用實時操作數值演示基於標註的分析。
本例使用了 drmgr extension ,在編寫 CMakeLists.txt 時要注意。
第一步:dr_client_main 函數
DR_EXPORT void
dr_client_main(client_id_t id, int argc, const char *argv[])
{
if (!drmgr_init())
DR_ASSERT(false);
dr_register_exit_event(exit_event);
if (!drmgr_register_bb_instrumentation_event(NULL, event_app_instruction, NULL))
DR_ASSERT(false);
count_mutex = dr_mutex_create();
}
首先使用 drmgr_init() 函數初始化了 drmgr extension。
這裏一共註冊兩個回調函數:
dr_register_exit_event(exit_event) 將 exit_event 註冊爲 進程結束的回調函數。
drmgr_register_bb_instrumentation_event(NULL, event_app_instruction, NULL 將event_app_instruction 註冊爲 basic block insert 時的回調函數。這裏用了 drmgr 擴展。
dr_mutex_create() 則是用來生成互斥鎖的,count_mutex 就是生產的鎖。
然後看 exit_event 函數
static void
exit_event(void)
{
char msg[512];
int len;
len = dr_snprintf(msg, sizeof(msg) / sizeof(msg[0]),
"Instrumentation results:\n"
" saw %d div instructions\n"
" of which %d were powers of 2\n",
div_count, div_p2_count);
DR_ASSERT(len > 0);
NULL_TERMINATE(msg);
DISPLAY_STRING(msg);
dr_mutex_destroy(count_mutex);
drmgr_exit();
}
本函數的主要作用是打印結果,這裏要先格式化字符串,然後再用 DISPLAY_STRING宏來打印。
這裏的 NULL_TERMINATE 的作用是在字符串結尾處加上空字符。
然後就是用 dr_mutex_destroy 來銷燬互斥鎖,並調用 drmgr_exit();
再然後看: event_app_instruction() 函數
static dr_emit_flags_t
event_app_instruction(void *drcontext, void *tag, instrlist_t *bb, instr_t *instr,
bool for_trace, bool translating, void *user_data)
{
/* if find div, insert a clean call to our instrumentation routine */
opnd_t opnd;
if (instr_is_div(instr, &opnd)) {
dr_insert_clean_call(drcontext, bb, instr, (void *)callback, false /*no fp save*/,
2, OPND_CREATE_INTPTR(instr_get_app_pc(instr)), opnd);
}
return DR_EMIT_DEFAULT;
}
首先是 instr_is_div 來檢測一個 instr 是不是我們要找的div 指令。
然後在 instr 之前插入了一個 clean call ,調用了 call back 函數。
下面我們就來看這兩個函數:
instr_is_div(instr_t *instr, OUT opnd_t *opnd)
static bool
instr_is_div(instr_t *instr, OUT opnd_t *opnd)
{
int opc = instr_get_opcode(instr);
#if defined(X86)
if (opc == OP_div) {
*opnd = instr_get_src(instr, 0); /* divisor is 1st src */
return true;
}
#elif defined(AARCHXX)
if (opc == OP_udiv) {
*opnd = instr_get_src(instr, 1); /* divisor is 2nd src */
return true;
}
#else
# error NYI
#endif
return false;
}
instr_get_opcode 會返回 instr 指令的操作碼,以 OP_constant 的形式。
instr_get_src 獲取instr 對應位置的操作數。
所以該函數獲取了 div 的除數並存放在 opnd 全局變量裏面。
然後再看 clean call 調用的callback 函數:
callback(app_pc addr, uint divisor)
static void
callback(app_pc addr, uint divisor)
{
/* instead of a lock could use atomic operations to
* increment the counters */
dr_mutex_lock(count_mutex);
div_count++;
/* check for power of 2 or zero */
if ((divisor & (divisor - 1)) == 0)
div_p2_count++;
dr_mutex_unlock(count_mutex);
}
dr_mutex_lock 首先將之前的互斥鎖 上鎖。
div_count++ 表示找到了一個 div 指令,計數器加1.
然乎就要看 div 的除數是否是 2 的冪了。注意這裏判斷的方法,利用了二進制的一些特點。
dr_mutex_unlock() 然後解鎖。
在這個例子裏,我們沒有對指令進行優化,只是根據 操作碼,操作數來找到 目標指令,並統計其個數,並最終打印出來。
完整代碼如下:
/* Counts the number of dynamic div instruction for which the
* divisor is a power of 2 (these are cases where div could be
* strength reduced to a simple shift). Demonstrates callout
* based profiling with live operand values. */
#include "dr_api.h"
#include "drmgr.h"
#ifdef WINDOWS
# define DISPLAY_STRING(msg) dr_messagebox(msg)
#else
# define DISPLAY_STRING(msg) dr_printf("%s\n", msg);
#endif
#define NULL_TERMINATE(buf) buf[(sizeof(buf) / sizeof(buf[0])) - 1] = '\0'
static dr_emit_flags_t
event_app_instruction(void *drcontext, void *tag, instrlist_t *bb, instr_t *instr,
bool for_trace, bool translating, void *user_data);
static void
exit_event(void);
static int div_count = 0, div_p2_count = 0;
static void *count_mutex; /* for multithread support */
DR_EXPORT void
dr_client_main(client_id_t id, int argc, const char *argv[])
{
// dr_set_client_name("DynamoRIO Sample Client 'div'", "http://dynamorio.org/issues");
if (!drmgr_init())
DR_ASSERT(false);
dr_register_exit_event(exit_event);
if (!drmgr_register_bb_instrumentation_event(NULL, event_app_instruction, NULL))
DR_ASSERT(false);
count_mutex = dr_mutex_create();
}
static void
exit_event(void)
{
char msg[512];
int len;
len = dr_snprintf(msg, sizeof(msg) / sizeof(msg[0]),
"Instrumentation results:\n"
" saw %d div instructions\n"
" of which %d were powers of 2\n",
div_count, div_p2_count);
DR_ASSERT(len > 0);
NULL_TERMINATE(msg);
DISPLAY_STRING(msg);
dr_mutex_destroy(count_mutex);
drmgr_exit();
}
static void
callback(app_pc addr, uint divisor)
{
/* instead of a lock could use atomic operations to
* increment the counters */
dr_mutex_lock(count_mutex);
div_count++;
/* check for power of 2 or zero */
if ((divisor & (divisor - 1)) == 0)
div_p2_count++;
dr_mutex_unlock(count_mutex);
}
/* If instr is unsigned division, return true and set *opnd to divisor. */
static bool
instr_is_div(instr_t *instr, OUT opnd_t *opnd)
{
int opc = instr_get_opcode(instr);
#if defined(X86)
if (opc == OP_div) {
*opnd = instr_get_src(instr, 0); /* divisor is 1st src */
return true;
}
#elif defined(AARCHXX)
if (opc == OP_udiv) {
*opnd = instr_get_src(instr, 1); /* divisor is 2nd src */
return true;
}
#else
# error NYI
#endif
return false;
}
static dr_emit_flags_t
event_app_instruction(void *drcontext, void *tag, instrlist_t *bb, instr_t *instr,
bool for_trace, bool translating, void *user_data)
{
/* if find div, insert a clean call to our instrumentation routine */
opnd_t opnd;
if (instr_is_div(instr, &opnd)) {
dr_insert_clean_call(drcontext, bb, instr, (void *)callback, false /*no fp save*/,
2, OPND_CREATE_INTPTR(instr_get_app_pc(instr)), opnd);
}
return DR_EMIT_DEFAULT;
}