| blob | 1e9b517819041d677263e58fc791f14f9c3a47f8 |
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
26 #include <ctype.h>
27 #include <errno.h>
28 #include <limits.h>
29 #include <stdarg.h>
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <string.h>
34 #ifdef XP_WIN
35 # include <windows.h>
36 # include <process.h>
37 #else
38 # include <pthread.h>
39 # include <sys/types.h>
40 # include <unistd.h>
41 #endif
43 #ifdef ANDROID
44 # include <android/log.h>
45 #endif
47 // The gBernoulli value starts out as a nullptr, and only gets initialized once.
48 // It then lives for the entire lifetime of the process. It cannot be deleted
49 // without additional multi-threaded protections, since if we deleted it during
50 // profiler_stop then there could be a race between threads already in a
51 // memory hook that might try to access the value after or during deletion.
56 //---------------------------------------------------------------------------
57 // Utilities
58 //---------------------------------------------------------------------------
60 // Returns true or or false depending on whether the marker was actually added
61 // or not.
67 }
69 // Because native allocations may be intercepted anywhere, blocking while
70 // locking the profiler mutex here could end up causing a deadlock if another
71 // mutex is taken, which the profiler may indirectly need elsewhere.
72 // See bug 1642726 for such a scenario.
73 // So instead we bail out if the mutex is already locked. Native allocations
74 // are statistically sampled anyway, so missing a few because of this is
75 // acceptable.
78 }
83 }
90 // Tech note: If `ToNumber()` returns a uint64_t, the conversion to
91 // int64_t is "implementation-defined" before C++20. This is acceptable
92 // here, because this is a one-way conversion to a unique identifier
93 // that's used to visually separate data by thread on the front-end.
96 }
99 }
100 };
107 }
111 // This is only needed because of the |const void*| vs |void*| arg mismatch.
114 }
116 // The values for the Bernoulli trial are taken from DMD. According to DMD:
117 //
118 // In testing, a probability of 0.003 resulted in ~25% of heap blocks getting
119 // a stack trace and ~80% of heap bytes getting a stack trace. (This is
120 // possible because big heap blocks are more likely to get a stack trace.)
121 //
122 // The random number seeds are arbitrary and were obtained from random.org.
123 //
124 // However this value resulted in a lot of slowdown since the profiler stacks
125 // are pretty heavy to collect. The value was lowered to 10% of the original to
126 // 0.0003.
129 // This is only installed once. See the gBernoulli definition for more
130 // information.
131 gBernoulli =
133 }
134 }
136 // This class provides infallible allocations (they abort on OOM) like
137 // mozalloc's InfallibleAllocPolicy, except that memory hooks are bypassed. This
138 // policy is used by the HashSet.
143 }
144 }
151 }
153 }
158 }
164 }
166 }
173 }
180 }
187 }
192 }
196 };
198 // We can't use mozilla::Mutex because it causes re-entry into the memory hooks.
199 // Define a custom implementation here.
207 }
208 };
220 }
222 };
224 //---------------------------------------------------------------------------
225 // Tracked allocations
226 //---------------------------------------------------------------------------
228 // The allocation tracker is shared between multiple threads, and is the
229 // coordinator for knowing when allocations have been tracked. The mutable
230 // internal state is protected by a mutex, and managed by the methods.
231 //
232 // The tracker knows about all the allocations that we have added to the
233 // profiler. This way, whenever any given piece of memory is freed, we can see
234 // if it was previously tracked, and we can track its deallocation.
237 // This type tracks all of the allocations that we have captured. This way, we
238 // can see if a deallocation is inside of this set. We want to provide a
239 // balanced view into the allocations and deallocations.
241 InfallibleAllocWithoutHooksPolicy>
242 AllocationSet;
251 };
252 }
257 }
259 // Returns true when the memory address is found and removed, otherwise that
260 // memory address is not being tracked and it returns false.
266 // The memory was present. It no longer needs to be tracked.
269 }
272 }
275 AllocationSet mAllocations;
276 Mutex mMutex MOZ_UNANNOTATED;
277 };
283 // This is only installed once.
285 }
286 }
288 //---------------------------------------------------------------------------
289 // Per-thread blocking of intercepts
290 //---------------------------------------------------------------------------
292 // On MacOS, and Linux the first __thread/thread_local access calls malloc,
293 // which leads to an infinite loop. So we use pthread-based TLS instead, which
294 // doesn't have this problem as long as the TLS key is registered early.
295 //
296 // This is a little different from the TLS storage used with mozjemalloc which
297 // uses native TLS on Linux possibly because it is not only initialised but
298 // **used** early.
299 #if !defined(XP_DARWIN) && !defined(XP_LINUX)
300 # define PROFILER_THREAD_LOCAL(T) MOZ_THREAD_LOCAL(T)
301 #else
302 # define PROFILER_THREAD_LOCAL(T) \
303 ::mozilla::detail::ThreadLocal<T, ::mozilla::detail::ThreadLocalKeyStorage>
304 #endif
306 // This class is used to determine if allocations on this thread should be
307 // intercepted or not.
308 // Creating a ThreadIntercept object on the stack will implicitly block nested
309 // ones. There are other reasons to block: The feature is off, or we're inside a
310 // profiler function that is locking a mutex.
312 // When set to true, malloc does not intercept additional allocations. This is
313 // needed because collecting stacks creates new allocations. When blocked,
314 // these allocations are then ignored by the memory hook.
317 // This is a quick flag to check and see if the allocations feature is enabled
318 // or disabled.
321 // True if this ThreadIntercept has set tlsIsBlocked.
324 // True if interception is blocked for any reason.
330 // infallibleInit should zero-initialize, which corresponds to `false`.
332 }
335 // If the allocation interception feature is enabled, and the TLS is not
336 // blocked yet, we will block the TLS now, and unblock on destruction.
341 // Since this is the top-level ThreadIntercept, interceptions are not
342 // blocked unless the profiler itself holds a locked mutex, in which case
343 // we don't want to intercept allocations that originate from such a
344 // profiler call.
347 // The feature is off, or the TLS was already blocked, then we block this
348 // interception.
350 }
351 }
357 }
358 }
360 // Is this ThreadIntercept effectively blocked? (Feature is off, or this
361 // ThreadIntercept is nested, or we're inside a locked-Profiler function.)
367 };
374 //---------------------------------------------------------------------------
375 // malloc/free callbacks
376 //---------------------------------------------------------------------------
381 }
383 ThreadIntercept threadIntercept;
385 // Either the native allocations feature is not turned on, or we may be
386 // recursing into a memory hook, return. We'll still collect counter
387 // information about this allocation, but no stack.
389 }
395 // Perform a bernoulli trial, which will return true or false based on its
396 // configured probability. It takes into account the byte size so that
397 // larger allocations are weighted heavier than smaller allocations.
401 // First perform the Bernoulli trial.
403 // Second, attempt to add a marker if the Bernoulli trial passed.
408 "gAllocationTracker must be properly installed for the memory "
410 // Only track the memory if the allocation marker was actually added to the
411 // profiler.
413 }
415 // We're ignoring aReqSize here
416 }
421 }
423 ThreadIntercept threadIntercept;
425 // Either the native allocations feature is not turned on, or we may be
426 // recursing into a memory hook, return. We'll still collect counter
427 // information about this allocation, but no stack.
429 }
433 // Perform a bernoulli trial, which will return true or false based on its
434 // configured probability. It takes into account the byte size so that
435 // larger allocations are weighted heavier than smaller allocations.
437 gAllocationTracker,
443 // This size here is negative, indicating a deallocation.
446 }
447 }
451 //---------------------------------------------------------------------------
452 // malloc/free interception
453 //---------------------------------------------------------------------------
458 // This must be a call to malloc from outside. Intercept it.
462 }
468 }
471 // If |aOldPtr| is nullptr, the call is equivalent to |malloc(aSize)|.
474 }
481 // If realloc fails, we undo the prior operations by re-inserting the old
482 // pointer into the live block table. We don't have to do anything with the
483 // dead block list because the dead block hasn't yet been inserted. The
484 // block will end up looking like it was allocated for the first time here,
485 // which is untrue, and the slop bytes will be zero, which may be untrue.
486 // But this case is rare and doing better isn't worth the effort.
488 }
490 }
496 }
501 }
507 }
514 }
521 }
526 }
533 }
535 // we have to replace these or jemalloc will assume we don't implement any
536 // of the arena replacements!
540 }
544 }
548 }
552 }
556 }
558 // Must come after all the replace_* funcs
561 #define MALLOC_FUNCS (MALLOC_FUNCS_MALLOC_BASE | MALLOC_FUNCS_ARENA)
562 #define MALLOC_DECL(name, ...) aMallocTable->name = replace_##name;
564 }
569 //---------------------------------------------------------------------------
570 // Initialization
571 //---------------------------------------------------------------------------
576 // The bloat log tracks allocations and deallocations. This can conflict
577 // with the memory hook machinery, as the bloat log creates its own
578 // allocations. This means we can re-enter inside the bloat log machinery. At
579 // this time, the bloat log does not know about cannot handle the native
580 // allocation feature.
581 //
582 // At the time of this writing, we hit this assertion:
583 // IsIdle(oldState) || IsRead(oldState) in Checker::StartReadOp()
584 //
585 // #01: GetBloatEntry(char const*, unsigned int)
586 // #02: NS_LogCtor
587 // #03: profiler_get_backtrace()
588 // #04: profiler_add_native_allocation_marker(long long)
589 // #05: mozilla::profiler::AllocCallback(void*, unsigned long)
590 // #06: replace_calloc(unsigned long, unsigned long)
591 // #07: PLDHashTable::ChangeTable(int)
592 // #08: PLDHashTable::Add(void const*, std::nothrow_t const&)
593 // #09: nsBaseHashtable<nsDepCharHashKey, nsAutoPtr<BloatEntry>, ...
594 // #10: GetBloatEntry(char const*, unsigned int)
595 // #11: NS_LogCtor
596 // #12: profiler_get_backtrace()
597 // ...
599 "The bloat log feature is not compatible with the native "
607 }
609 // This is safe to call even if native allocations hasn't been enabled.
614 }
615 }
618 // Initialise the TLS early so that it is allocated with a lower key and on an
619 // earlier page in order to avoid allocation when setting the variable.
621 }