/*--------------------------------------------------------------------*/ /*--- Callgrind ---*/ /*--- ct_fn.c ---*/ /*--------------------------------------------------------------------*/ /* This file is part of Callgrind, a Valgrind tool for call tracing. Copyright (C) 2002-2017, Josef Weidendorfer (Josef.Weidendorfer@gmx.de) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. The GNU General Public License is contained in the file COPYING. */ #include "global.h" #define N_INITIAL_FN_ARRAY_SIZE 10071 static fn_array current_fn_active; static Addr runtime_resolve_addr = 0; static int runtime_resolve_length = 0; // a code pattern is a list of tuples (start offset, length) struct chunk_t { int start, len; }; struct pattern { const HChar* name; int len; struct chunk_t chunk[]; }; /* Scan for a pattern in the code of an ELF object. * If found, return true and set runtime_resolve_{addr,length} */ __attribute__((unused)) // Possibly; depends on the platform. static Bool check_code(obj_node* obj, UChar code[], struct pattern* pat) { Bool found; Addr addr, end; int chunk, start, len; /* first chunk of pattern should always start at offset 0 and * have at least 3 bytes */ CLG_ASSERT((pat->chunk[0].start == 0) && (pat->chunk[0].len >2)); CLG_DEBUG(1, "check_code: %s, pattern %s, check %d bytes of [%x %x %x...]\n", obj->name, pat->name, pat->chunk[0].len, code[0], code[1], code[2]); end = obj->start + obj->size - pat->len; addr = obj->start; while(addr < end) { found = (VG_(memcmp)( (void*)addr, code, pat->chunk[0].len) == 0); if (found) { chunk = 1; while(1) { start = pat->chunk[chunk].start; len = pat->chunk[chunk].len; if (len == 0) break; CLG_ASSERT(len >2); CLG_DEBUG(1, " found chunk %d at %#lx, checking %d bytes " "of [%x %x %x...]\n", chunk-1, addr - obj->start, len, code[start], code[start+1], code[start+2]); if (VG_(memcmp)( (void*)(addr+start), code+start, len) != 0) { found = False; break; } chunk++; } if (found) { CLG_DEBUG(1, "found at offset %#lx.\n", addr - obj->start); if (VG_(clo_verbosity) > 1) VG_(message)(Vg_DebugMsg, "Found runtime_resolve (%s): " "%s +%#lx=%#lx, length %d\n", pat->name, obj->name + obj->last_slash_pos, addr - obj->start, addr, pat->len); runtime_resolve_addr = addr; runtime_resolve_length = pat->len; return True; } } addr++; } CLG_DEBUG(1, " found nothing.\n"); return False; } /* _ld_runtime_resolve, located in ld.so, needs special handling: * The jump at end into the resolved function should not be * represented as a call (as usually done in callgrind with jumps), * but as a return + call. Otherwise, the repeated existence of * _ld_runtime_resolve in call chains will lead to huge cycles, * making the profile almost worthless. * * If ld.so is stripped, the symbol will not appear. But as this * function is handcrafted assembler, we search for it. * * We stop if the ELF object name does not seem to be the runtime linker */ static Bool search_runtime_resolve(obj_node* obj) { #if defined(VGP_x86_linux) static UChar code[] = { /* 0*/ 0x50, 0x51, 0x52, 0x8b, 0x54, 0x24, 0x10, 0x8b, /* 8*/ 0x44, 0x24, 0x0c, 0xe8, 0x70, 0x01, 0x00, 0x00, /*16*/ 0x5a, 0x59, 0x87, 0x04, 0x24, 0xc2, 0x08, 0x00 }; /* Check ranges [0-11] and [16-23] ([12-15] is an absolute address) */ static struct pattern pat = { "x86-def", 24, {{ 0,12 }, { 16,8 }, { 24,0}} }; /* Pattern for glibc-2.8 on OpenSuse11.0 */ static UChar code_28[] = { /* 0*/ 0x50, 0x51, 0x52, 0x8b, 0x54, 0x24, 0x10, 0x8b, /* 8*/ 0x44, 0x24, 0x0c, 0xe8, 0x70, 0x01, 0x00, 0x00, /*16*/ 0x5a, 0x8b, 0x0c, 0x24, 0x89, 0x04, 0x24, 0x8b, /*24*/ 0x44, 0x24, 0x04, 0xc2, 0x0c, 0x00 }; static struct pattern pat_28 = { "x86-glibc2.8", 30, {{ 0,12 }, { 16,14 }, { 30,0}} }; if (VG_(strncmp)(obj->name, "/lib/ld", 7) != 0) return False; if (check_code(obj, code, &pat)) return True; if (check_code(obj, code_28, &pat_28)) return True; return False; #endif #if defined(VGP_ppc32_linux) static UChar code[] = { /* 0*/ 0x94, 0x21, 0xff, 0xc0, 0x90, 0x01, 0x00, 0x0c, /* 8*/ 0x90, 0x61, 0x00, 0x10, 0x90, 0x81, 0x00, 0x14, /*16*/ 0x7d, 0x83, 0x63, 0x78, 0x90, 0xa1, 0x00, 0x18, /*24*/ 0x7d, 0x64, 0x5b, 0x78, 0x90, 0xc1, 0x00, 0x1c, /*32*/ 0x7c, 0x08, 0x02, 0xa6, 0x90, 0xe1, 0x00, 0x20, /*40*/ 0x90, 0x01, 0x00, 0x30, 0x91, 0x01, 0x00, 0x24, /*48*/ 0x7c, 0x00, 0x00, 0x26, 0x91, 0x21, 0x00, 0x28, /*56*/ 0x91, 0x41, 0x00, 0x2c, 0x90, 0x01, 0x00, 0x08, /*64*/ 0x48, 0x00, 0x02, 0x91, 0x7c, 0x69, 0x03, 0xa6, /* at 64: bl aff0 <fixup> */ /*72*/ 0x80, 0x01, 0x00, 0x30, 0x81, 0x41, 0x00, 0x2c, /*80*/ 0x81, 0x21, 0x00, 0x28, 0x7c, 0x08, 0x03, 0xa6, /*88*/ 0x81, 0x01, 0x00, 0x24, 0x80, 0x01, 0x00, 0x08, /*96*/ 0x80, 0xe1, 0x00, 0x20, 0x80, 0xc1, 0x00, 0x1c, /*104*/0x7c, 0x0f, 0xf1, 0x20, 0x80, 0xa1, 0x00, 0x18, /*112*/0x80, 0x81, 0x00, 0x14, 0x80, 0x61, 0x00, 0x10, /*120*/0x80, 0x01, 0x00, 0x0c, 0x38, 0x21, 0x00, 0x40, /*128*/0x4e, 0x80, 0x04, 0x20 }; static struct pattern pat = { "ppc32-def", 132, {{ 0,65 }, { 68,64 }, { 132,0 }} }; if (VG_(strncmp)(obj->name, "/lib/ld", 7) != 0) return False; return check_code(obj, code, &pat); #endif #if defined(VGP_amd64_linux) static UChar code[] = { /* 0*/ 0x48, 0x83, 0xec, 0x38, 0x48, 0x89, 0x04, 0x24, /* 8*/ 0x48, 0x89, 0x4c, 0x24, 0x08, 0x48, 0x89, 0x54, 0x24, 0x10, /*18*/ 0x48, 0x89, 0x74, 0x24, 0x18, 0x48, 0x89, 0x7c, 0x24, 0x20, /*28*/ 0x4c, 0x89, 0x44, 0x24, 0x28, 0x4c, 0x89, 0x4c, 0x24, 0x30, /*38*/ 0x48, 0x8b, 0x74, 0x24, 0x40, 0x49, 0x89, 0xf3, /*46*/ 0x4c, 0x01, 0xde, 0x4c, 0x01, 0xde, 0x48, 0xc1, 0xe6, 0x03, /*56*/ 0x48, 0x8b, 0x7c, 0x24, 0x38, 0xe8, 0xee, 0x01, 0x00, 0x00, /*66*/ 0x49, 0x89, 0xc3, 0x4c, 0x8b, 0x4c, 0x24, 0x30, /*74*/ 0x4c, 0x8b, 0x44, 0x24, 0x28, 0x48, 0x8b, 0x7c, 0x24, 0x20, /*84*/ 0x48, 0x8b, 0x74, 0x24, 0x18, 0x48, 0x8b, 0x54, 0x24, 0x10, /*94*/ 0x48, 0x8b, 0x4c, 0x24, 0x08, 0x48, 0x8b, 0x04, 0x24, /*103*/0x48, 0x83, 0xc4, 0x48, 0x41, 0xff, 0xe3 }; static struct pattern pat = { "amd64-def", 110, {{ 0,62 }, { 66,44 }, { 110,0 }} }; if ((VG_(strncmp)(obj->name, "/lib/ld", 7) != 0) && (VG_(strncmp)(obj->name, "/lib64/ld", 9) != 0)) return False; return check_code(obj, code, &pat); #endif /* For other platforms, no patterns known */ return False; } /*------------------------------------------------------------*/ /*--- Object/File/Function hash entry operations ---*/ /*------------------------------------------------------------*/ /* Object hash table, fixed */ static obj_node* obj_table[N_OBJ_ENTRIES]; void CLG_(init_obj_table)() { Int i; for (i = 0; i < N_OBJ_ENTRIES; i++) obj_table[i] = 0; } #define HASH_CONSTANT 256 static UInt str_hash(const HChar *s, UInt table_size) { int hash_value = 0; for ( ; *s; s++) hash_value = (HASH_CONSTANT * hash_value + *s) % table_size; return hash_value; } static const HChar* anonymous_obj = "???"; static __inline__ obj_node* new_obj_node(DebugInfo* di, obj_node* next) { Int i; obj_node* obj; obj = (obj_node*) CLG_MALLOC("cl.fn.non.1", sizeof(obj_node)); obj->name = di ? VG_(strdup)( "cl.fn.non.2", VG_(DebugInfo_get_filename)(di) ) : anonymous_obj; for (i = 0; i < N_FILE_ENTRIES; i++) { obj->files[i] = NULL; } CLG_(stat).distinct_objs ++; obj->number = CLG_(stat).distinct_objs; /* JRS 2008 Feb 19: maybe rename .start/.size/.offset to .text_avma/.text_size/.test_bias to make it clearer what these fields really mean */ obj->start = di ? VG_(DebugInfo_get_text_avma)(di) : 0; obj->size = di ? VG_(DebugInfo_get_text_size)(di) : 0; obj->offset = di ? VG_(DebugInfo_get_text_bias)(di) : 0; obj->next = next; // not only used for debug output (see static.c) obj->last_slash_pos = 0; i = 0; while(obj->name[i]) { if (obj->name[i]=='/') obj->last_slash_pos = i+1; i++; } if (runtime_resolve_addr == 0) search_runtime_resolve(obj); return obj; } obj_node* CLG_(get_obj_node)(DebugInfo* di) { obj_node* curr_obj_node; UInt objname_hash; const HChar* obj_name; obj_name = di ? VG_(DebugInfo_get_filename)(di) : anonymous_obj; /* lookup in obj hash */ objname_hash = str_hash(obj_name, N_OBJ_ENTRIES); curr_obj_node = obj_table[objname_hash]; while (NULL != curr_obj_node && VG_(strcmp)(obj_name, curr_obj_node->name) != 0) { curr_obj_node = curr_obj_node->next; } if (NULL == curr_obj_node) { obj_table[objname_hash] = curr_obj_node = new_obj_node(di, obj_table[objname_hash]); } return curr_obj_node; } static __inline__ file_node* new_file_node(const HChar *filename, obj_node* obj, file_node* next) { Int i; file_node* file = (file_node*) CLG_MALLOC("cl.fn.nfn.1", sizeof(file_node)); file->name = VG_(strdup)("cl.fn.nfn.2", filename); for (i = 0; i < N_FN_ENTRIES; i++) { file->fns[i] = NULL; } CLG_(stat).distinct_files++; file->number = CLG_(stat).distinct_files; file->obj = obj; file->next = next; return file; } file_node* CLG_(get_file_node)(obj_node* curr_obj_node, const HChar *dir, const HChar *file) { file_node* curr_file_node; UInt filename_hash; /* Build up an absolute pathname, if there is a directory available */ HChar filename[VG_(strlen)(dir) + 1 + VG_(strlen)(file) + 1]; VG_(strcpy)(filename, dir); if (filename[0] != '\0') { VG_(strcat)(filename, "/"); } VG_(strcat)(filename, file); /* lookup in file hash */ filename_hash = str_hash(filename, N_FILE_ENTRIES); curr_file_node = curr_obj_node->files[filename_hash]; while (NULL != curr_file_node && VG_(strcmp)(filename, curr_file_node->name) != 0) { curr_file_node = curr_file_node->next; } if (NULL == curr_file_node) { curr_obj_node->files[filename_hash] = curr_file_node = new_file_node(filename, curr_obj_node, curr_obj_node->files[filename_hash]); } return curr_file_node; } /* forward decl. */ static void resize_fn_array(void); static __inline__ fn_node* new_fn_node(const HChar *fnname, file_node* file, fn_node* next) { fn_node* fn = (fn_node*) CLG_MALLOC("cl.fn.nfnnd.1", sizeof(fn_node)); fn->name = VG_(strdup)("cl.fn.nfnnd.2", fnname); CLG_(stat).distinct_fns++; fn->number = CLG_(stat).distinct_fns; fn->last_cxt = 0; fn->pure_cxt = 0; fn->file = file; fn->next = next; fn->dump_before = False; fn->dump_after = False; fn->zero_before = False; fn->toggle_collect = False; fn->skip = False; fn->pop_on_jump = CLG_(clo).pop_on_jump; fn->is_malloc = False; fn->is_realloc = False; fn->is_free = False; fn->group = 0; fn->separate_callers = CLG_(clo).separate_callers; fn->separate_recursions = CLG_(clo).separate_recursions; #if CLG_ENABLE_DEBUG fn->verbosity = -1; #endif if (CLG_(stat).distinct_fns >= current_fn_active.size) resize_fn_array(); return fn; } /* Get a function node in hash2 with known file node. * hash nodes are created if needed */ static fn_node* get_fn_node_infile(file_node* curr_file_node, const HChar *fnname) { fn_node* curr_fn_node; UInt fnname_hash; CLG_ASSERT(curr_file_node != 0); /* lookup in function hash */ fnname_hash = str_hash(fnname, N_FN_ENTRIES); curr_fn_node = curr_file_node->fns[fnname_hash]; while (NULL != curr_fn_node && VG_(strcmp)(fnname, curr_fn_node->name) != 0) { curr_fn_node = curr_fn_node->next; } if (NULL == curr_fn_node) { curr_file_node->fns[fnname_hash] = curr_fn_node = new_fn_node(fnname, curr_file_node, curr_file_node->fns[fnname_hash]); } return curr_fn_node; } /* Get a function node in a Segment. * Hash nodes are created if needed. */ static __inline__ fn_node* get_fn_node_inseg(DebugInfo* di, const HChar *dirname, const HChar *filename, const HChar *fnname) { obj_node *obj = CLG_(get_obj_node)(di); file_node *file = CLG_(get_file_node)(obj, dirname, filename); fn_node *fn = get_fn_node_infile(file, fnname); return fn; } Bool CLG_(get_debug_info)(Addr instr_addr, const HChar **dir, const HChar **file, const HChar **fn_name, UInt* line_num, DebugInfo** pDebugInfo) { Bool found_file_line, found_fn, result = True; UInt line; CLG_DEBUG(6, " + get_debug_info(%#lx)\n", instr_addr); if (pDebugInfo) { *pDebugInfo = VG_(find_DebugInfo)(instr_addr); // for generated code in anonymous space, pSegInfo is 0 } found_file_line = VG_(get_filename_linenum)(instr_addr, file, dir, &line); found_fn = VG_(get_fnname)(instr_addr, fn_name); if (!found_file_line && !found_fn) { CLG_(stat).no_debug_BBs++; *file = "???"; *fn_name = "???"; if (line_num) *line_num=0; result = False; } else if ( found_file_line && found_fn) { CLG_(stat).full_debug_BBs++; if (line_num) *line_num=line; } else if ( found_file_line && !found_fn) { CLG_(stat).file_line_debug_BBs++; *fn_name = "???"; if (line_num) *line_num=line; } else /*(!found_file_line && found_fn)*/ { CLG_(stat).fn_name_debug_BBs++; *file = "???"; if (line_num) *line_num=0; } CLG_DEBUG(6, " - get_debug_info(%#lx): seg '%s', fn %s\n", instr_addr, !pDebugInfo ? "-" : (*pDebugInfo) ? VG_(DebugInfo_get_filename)(*pDebugInfo) : "(None)", *fn_name); return result; } /* for _libc_freeres_wrapper => _exit renaming */ static BB* exit_bb = 0; /* * Attach function struct to a BB from debug info. */ fn_node* CLG_(get_fn_node)(BB* bb) { const HChar *fnname, *filename, *dirname; DebugInfo* di; UInt line_num; fn_node* fn; /* fn from debug info is idempotent for a BB */ if (bb->fn) return bb->fn; CLG_DEBUG(3,"+ get_fn_node(BB %#lx)\n", bb_addr(bb)); /* get function/file name, line number and object of * the BB according to debug information */ CLG_(get_debug_info)(bb_addr(bb), &dirname, &filename, &fnname, &line_num, &di); if (0 == VG_(strcmp)(fnname, "???")) { int p; static HChar buf[32]; // for sure large enough /* Use address as found in library */ if (sizeof(Addr) == 4) p = VG_(sprintf)(buf, "%#08lx", (UWord)bb->offset); else // 64bit address p = VG_(sprintf)(buf, "%#016lx", (UWord)bb->offset); VG_(sprintf)(buf + p, "%s", (bb->sect_kind == Vg_SectData) ? " [Data]" : (bb->sect_kind == Vg_SectBSS) ? " [BSS]" : (bb->sect_kind == Vg_SectGOT) ? " [GOT]" : (bb->sect_kind == Vg_SectPLT) ? " [PLT]" : ""); fnname = buf; } else { if (VG_(get_fnname_if_entry)(bb_addr(bb), &fnname)) bb->is_entry = 1; } /* HACK for correct _exit: * _exit is redirected to VG_(__libc_freeres_wrapper) by valgrind, * so we rename it back again :-) */ if (0 == VG_(strcmp)(fnname, "vgPlain___libc_freeres_wrapper") && exit_bb) { CLG_(get_debug_info)(bb_addr(exit_bb), &dirname, &filename, &fnname, &line_num, &di); CLG_DEBUG(1, "__libc_freeres_wrapper renamed to _exit\n"); } if (0 == VG_(strcmp)(fnname, "_exit") && !exit_bb) exit_bb = bb; if (runtime_resolve_addr && (bb_addr(bb) >= runtime_resolve_addr) && (bb_addr(bb) < runtime_resolve_addr + runtime_resolve_length)) { /* BB in runtime_resolve found by code check; use this name */ fnname = "_dl_runtime_resolve"; } /* get fn_node struct for this function */ fn = get_fn_node_inseg( di, dirname, filename, fnname); /* if this is the 1st time the function is seen, * some attributes are set */ if (fn->pure_cxt == 0) { /* Every function gets a "pure" context, i.e. a context with stack * depth 1 only with this function. This is for compression of mangled * names */ fn_node* pure[2]; pure[0] = 0; pure[1] = fn; fn->pure_cxt = CLG_(get_cxt)(pure+1); if (bb->sect_kind == Vg_SectPLT) fn->skip = CLG_(clo).skip_plt; if (VG_(strcmp)(fn->name, "_dl_runtime_resolve")==0) { fn->pop_on_jump = True; if (VG_(clo_verbosity) > 1) VG_(message)(Vg_DebugMsg, "Symbol match: found runtime_resolve:" " %s +%#lx=%#lx\n", bb->obj->name + bb->obj->last_slash_pos, (UWord)bb->offset, bb_addr(bb)); } fn->is_malloc = (VG_(strcmp)(fn->name, "malloc")==0); fn->is_realloc = (VG_(strcmp)(fn->name, "realloc")==0); fn->is_free = (VG_(strcmp)(fn->name, "free")==0); /* apply config options from function name patterns * given on command line */ CLG_(update_fn_config)(fn); } bb->fn = fn; bb->line = line_num; if (dirname[0]) { CLG_DEBUG(3,"- get_fn_node(BB %#lx): %s (in %s:%u)\n", bb_addr(bb), fnname, filename, line_num); } else CLG_DEBUG(3,"- get_fn_node(BB %#lx): %s (in %s/%s:%u)\n", bb_addr(bb), fnname, dirname, filename, line_num); return fn; } /*------------------------------------------------------------*/ /*--- Active function array operations ---*/ /*------------------------------------------------------------*/ /* The active function array is a thread-specific array * of UInts, mapping function numbers to the active count of * functions. * The active count is the number of times a function appears * in the current call stack, and is used when costs for recursion * levels should be separated. */ UInt* CLG_(get_fn_entry)(Int n) { CLG_ASSERT(n < current_fn_active.size); return current_fn_active.array + n; } void CLG_(init_fn_array)(fn_array* a) { Int i; CLG_ASSERT(a != 0); a->size = N_INITIAL_FN_ARRAY_SIZE; if (a->size <= CLG_(stat).distinct_fns) a->size = CLG_(stat).distinct_fns+1; a->array = (UInt*) CLG_MALLOC("cl.fn.gfe.1", a->size * sizeof(UInt)); for(i=0;i<a->size;i++) a->array[i] = 0; } void CLG_(copy_current_fn_array)(fn_array* dst) { CLG_ASSERT(dst != 0); dst->size = current_fn_active.size; dst->array = current_fn_active.array; } fn_array* CLG_(get_current_fn_array)() { return ¤t_fn_active; } void CLG_(set_current_fn_array)(fn_array* a) { CLG_ASSERT(a != 0); current_fn_active.size = a->size; current_fn_active.array = a->array; if (current_fn_active.size <= CLG_(stat).distinct_fns) resize_fn_array(); } /* ensure that active_array is big enough: * <distinct_fns> is the highest index, so <fn_active_array_size> * has to be bigger than that. */ static void resize_fn_array(void) { UInt* new_array; Int i; UInt newsize = current_fn_active.size; while (newsize <= CLG_(stat).distinct_fns) newsize *=2; CLG_DEBUG(0, "Resize fn_active_array: %u => %u\n", current_fn_active.size, newsize); new_array = (UInt*) CLG_MALLOC("cl.fn.rfa.1", newsize * sizeof(UInt)); for(i=0;i<current_fn_active.size;i++) new_array[i] = current_fn_active.array[i]; while(i<newsize) new_array[i++] = 0; VG_(free)(current_fn_active.array); current_fn_active.size = newsize; current_fn_active.array = new_array; CLG_(stat).fn_array_resizes++; }