| blob | 69e6fb6d01026b990d5e3287798eb0c549197fd8 |
2 //--------------------------------------------------------------------//
3 //--- DHAT: a Dynamic Heap Analysis Tool dh_main.c ---//
4 //--------------------------------------------------------------------//
6 /*
7 This file is part of DHAT, a Valgrind tool for profiling the
8 heap usage of programs.
10 Copyright (C) 2010-2018 Mozilla Foundation
12 This program is free software; you can redistribute it and/or
13 modify it under the terms of the GNU General Public License as
14 published by the Free Software Foundation; either version 2 of the
15 License, or (at your option) any later version.
17 This program is distributed in the hope that it will be useful, but
18 WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 General Public License for more details.
22 You should have received a copy of the GNU General Public License
23 along with this program; if not, see <http://www.gnu.org/licenses/>.
25 The GNU General Public License is contained in the file COPYING.
26 */
28 /* Contributed by Julian Seward <jseward@acm.org> */
47 #define HISTOGRAM_SIZE_LIMIT 1024
49 //------------------------------------------------------------//
50 //--- Globals ---//
51 //------------------------------------------------------------//
53 // Values for the entire run.
57 // Current values. g_curr_blocks and g_curr_bytes are only used with
58 // clo_mode=Heap.
63 // Values at the global max, i.e. when g_curr_bytes peaks.
64 // Only used with clo_mode=Heap.
68 // Time of the global max.
71 // Values for the entire run. Updated each time a block is retired.
72 // Only used with clo_mode=Heap.
76 //------------------------------------------------------------//
77 //--- Command line args ---//
78 //------------------------------------------------------------//
87 {
96 }
99 }
102 {
106 );
107 }
110 {
113 );
114 }
116 //------------------------------------------------------------//
117 //--- an Interval Tree of live blocks ---//
118 //------------------------------------------------------------//
120 /* Tracks information about live blocks. */
121 typedef
123 Addr payload;
124 SizeT req_szB;
127 ULong reads_bytes;
128 ULong writes_bytes;
129 /* Approx histogram, one byte per payload byte. Counts latch up
130 therefore at 0xFFFF. Can be NULL if the block is resized or if
131 the block is larger than HISTOGRAM_SIZE_LIMIT. */
133 }
134 Block;
136 /* May not contain zero-sized blocks. May not contain
137 overlapping blocks. */
140 /* Here's the comparison function. Since the tree is required
141 to contain non-zero sized, non-overlapping blocks, it's good
142 enough to consider any overlap as a match. */
144 {
152 }
154 // 2-entry cache for find_Block_containing
163 {
169 // found at 0
170 stats__n_fBc_cached++;
172 }
176 // found at 1; swap 0 and 1
180 stats__n_fBc_cached++;
182 }
183 Block fake;
191 stats__n_fBc_notfound++;
193 }
198 // put at the top position
201 stats__n_fBc_uncached++;
203 }
205 // delete a block; asserts if not found. (viz, 'a' must be
206 // known to be present.)
208 {
211 Block fake;
218 }
220 //------------------------------------------------------------//
221 //--- a FM of allocation points (APs) ---//
222 //------------------------------------------------------------//
224 typedef
226 // The program point that we're summarising stats for.
229 // Total number of blocks and bytes allocated by this PP.
230 ULong total_blocks;
231 ULong total_bytes;
233 // The current number of blocks and bytes live for this PP.
234 // Only used with clo_mode=Heap.
235 ULong curr_blocks;
236 ULong curr_bytes;
238 // Values at the PP max, i.e. when this PP's curr_bytes peaks.
239 // Only used with clo_mode=Heap.
243 // Values at the global max.
244 // Only used with clo_mode=Heap.
245 ULong at_tgmax_blocks;
246 ULong at_tgmax_bytes;
248 // Total lifetimes of all blocks allocated by this PP. Includes blocks
249 // explicitly freed and blocks implicitly freed at termination.
250 // Only used with clo_mode=Heap.
251 ULong total_lifetimes_instrs;
253 // Number of blocks freed by this PP. (Only used in assertions.)
254 // Only used with clo_mode=Heap.
255 ULong freed_blocks;
257 // Total number of reads and writes in all blocks allocated
258 // by this PP. Only used with clo_mode=Heap.
259 ULong reads_bytes;
260 ULong writes_bytes;
262 /* Histogram information. We maintain a histogram aggregated for
263 all retiring Blocks allocated by this PP, but only if:
264 - this PP has only ever allocated objects of one size
265 - that size is <= HISTOGRAM_SIZE_LIMIT
266 What we need therefore is a mechanism to see if this PP
267 has only ever allocated blocks of one size.
269 3 states:
270 Unknown because no retirement yet
271 Exactly xsize all retiring blocks are of this size
272 Mixed multiple different sizes seen
274 Only used with clo_mode=Heap.
275 */
277 SizeT xsize;
279 }
280 PPInfo;
282 /* maps ExeContext*'s to PPInfo*'s. Note that the keys must match the
283 .ec field in the values. */
286 // Are we at peak memory? If so, update at_tgmax_blocks and at_tgmax_bytes in
287 // all PPInfos. Note that this is moderately expensive so we avoid calling it
288 // on every allocation.
290 {
294 // It's a peak. (If there are multiple equal peaks we record the latest
295 // one.)
303 }
305 }
306 }
308 /* 'bk' is being introduced (has just been allocated). Find the
309 relevant PPInfo entry for it, or create one, based on the block's
310 allocation EC. Then, update the PPInfo to the extent that we
311 actually can, to reflect the allocation. */
313 {
333 // histo stuff
338 }
339 }
343 // Update global stats and PPInfo stats.
345 g_total_blocks++;
352 g_curr_blocks++;
358 // The use of `>=` rather than `>` means that if there are multiple equal
359 // peaks we record the latest one, like `check_for_peak` does.
367 }
368 }
369 }
371 /* 'bk' is retiring (being freed). Find the relevant PPInfo entry for
372 it, which must already exist. Then, fold info from 'bk' into that
373 entry. 'because_freed' is True if the block is retiring because
374 the client has freed it. If it is False then the block is retiring
375 because the program has finished, in which case we want to skip the
376 updates of the total blocks live etc for this PP, but still fold in
377 the access counts and histo data that have so far accumulated for
378 the block. */
380 {
394 // update stats following this free.
400 // Total bytes is coming down from a possible peak.
403 // Then update global stats.
406 g_curr_blocks--;
409 // Then update PPInfo stats.
416 }
421 // access counts
427 // histo stuff. First, do state transitions for xsize/xsize_tag.
437 // and allocate the histo
442 }
446 //tl_assert(ppi->freed_blocks > 1);
452 // deallocate the histo, if any
456 }
457 }
461 //tl_assert(ppi->freed_blocks > 1);
466 }
468 // See if we can fold the histo data from this block into
469 // the data for the PP.
472 UWord i;
474 // FIXME: do something better in case of overflow of ppi->histo[..]
475 // Right now, at least don't let it overflow/wrap around
478 }
480 }
482 #if 0
485 UWord i;
491 }
492 #endif
493 }
495 /* This handles block resizing. When a block with PP 'ec' has a
496 size change of 'delta', call here to update the PPInfo. */
498 {
516 // Total bytes might be coming down from a possible peak.
518 }
520 // Note: we treat realloc() like malloc() + free() for total counts, i.e. we
521 // increment total_blocks by 1 and increment total_bytes by new_req_szB.
522 //
523 // A reasonable alternative would be to leave total_blocks unchanged and
524 // increment total_bytes by delta (but only if delta is positive). But then
525 // calls to realloc wouldn't be counted towards the total_blocks count,
526 // which is undesirable.
528 // Update global stats and PPInfo stats.
530 g_total_blocks++;
542 // The use of `>=` rather than `>` means that if there are multiple equal
543 // peaks we record the latest one, like `check_for_peak` does.
551 }
552 }
554 //------------------------------------------------------------//
555 //--- update both Block and PPInfos after {m,re}alloc/free ---//
556 //------------------------------------------------------------//
558 static
560 Bool is_zeroed )
561 {
563 SizeT actual_szB;
569 }
571 // Allocate and zero if necessary
576 }
580 }
584 }
586 // Make new Block, add to interval_tree.
594 // Set up histogram array, if the block isn't too large.
599 }
608 }
610 static
612 {
617 }
622 }
625 // assert the block finder is behaving sanely
631 }
639 }
641 }
643 static
645 {
655 }
659 }
661 // Find the old block.
665 }
668 // Assert the block finder is behaving sanely.
674 }
676 // Keeping the histogram alive in any meaningful way across
677 // block resizing is too darn complicated. Just throw it away.
681 }
683 // Actually do the allocation, if necessary.
685 // New size is smaller or same; block not moved.
689 // Update reads/writes for the implicit copy. Even though we didn't
690 // actually do a copy, we act like we did, to match up with the fact
691 // that we treat this as an additional allocation.
698 // New size is bigger; make new block, copy shared contents, free old.
701 // Nb: if realloc fails, NULL is returned but the old block is not
702 // touched. What an awful function.
704 }
710 // Since the block has moved, we need to re-insert it into the
711 // interval tree at the new place. Do this by removing
712 // and re-adding it.
714 // Now 'bk' is no longer in the tree, but the Block itself
715 // is still alive.
717 // Update reads/writes for the copy.
721 // Update the metadata.
726 // And re-add it to the interval tree.
727 Bool present
731 }
734 }
736 //------------------------------------------------------------//
737 //--- malloc() et al replacement wrappers ---//
738 //------------------------------------------------------------//
741 {
743 }
746 {
748 }
751 {
753 }
756 {
758 }
761 {
763 }
766 {
768 }
771 {
773 }
776 {
778 }
781 {
783 }
786 {
788 }
791 {
793 }
796 {
798 }
801 {
804 }
808 }
810 }
813 {
816 }
820 }
822 //------------------------------------------------------------//
823 //--- memory references ---//
824 //------------------------------------------------------------//
826 static
828 {
835 //VG_(printf)("%lu %lu (size of block %lu)\n", offMin, offMax1, bk->req_szB);
840 }
841 }
845 {
853 }
854 }
858 {
866 }
867 }
869 // Handle reads and writes by syscalls (read == kernel
870 // reads user space, write == kernel writes user space).
871 // Assumes no such read or write spans a heap block
872 // boundary and so we can treat it just as one giant
873 // read or write.
874 static
877 {
890 }
891 }
893 static
895 Addr str)
896 {
901 }
903 static
906 {
918 }
919 }
921 //------------------------------------------------------------//
922 //--- Instrumentation ---//
923 //------------------------------------------------------------//
925 #define binop(_op, _arg1, _arg2) IRExpr_Binop((_op),(_arg1),(_arg2))
926 #define mkexpr(_tmp) IRExpr_RdTmp((_tmp))
927 #define mkU32(_n) IRExpr_Const(IRConst_U32(_n))
928 #define mkU64(_n) IRExpr_Const(IRConst_U64(_n))
929 #define assign(_t, _e) IRStmt_WrTmp((_t), (_e))
931 static
933 {
934 #if defined(VG_BIGENDIAN)
935 # define END Iend_BE
936 #elif defined(VG_LITTLEENDIAN)
937 # define END Iend_LE
938 #else
940 #endif
941 // Add code to increment 'g_curr_instrs' by 'n', like this:
942 // WrTmp(t1, Load64(&g_curr_instrs))
943 // WrTmp(t2, Add64(RdTmp(t1), Const(n)))
944 // Store(&g_curr_instrs, t2)
956 }
958 static
960 Int goff_sp)
961 {
964 }
984 }
988 /* Add the helper. */
994 argv );
996 /* Generate the guard condition: "(addr - (SP - RZ)) >u N", for
997 some arbitrary N. If that fails then addr is in the range (SP -
998 RZ .. SP + N - RZ). If N is smallish (a page?) then we can say
999 addr is within a page of SP and so can't possibly be a heap
1000 access, and so can be skipped. */
1006 sbOut,
1008 tyAddr == Ity_I32
1011 );
1015 sbOut,
1017 tyAddr == Ity_I32
1020 );
1024 sbOut,
1026 tyAddr == Ity_I32
1029 );
1033 }
1035 static
1042 {
1049 // We increment the instruction count in two places:
1050 // - just before any Ist_Exit statements;
1051 // - just before the IRSB's end.
1052 // In the former case, we zero 'n' and then continue instrumenting.
1056 // Copy verbatim any IR preamble preceding the first IMark
1060 i++;
1061 }
1071 n++;
1073 }
1077 // Add an increment before the Exit statement, then reset 'n'.
1080 }
1082 }
1088 // Note also, endianness info is ignored. I guess
1089 // that's not interesting.
1093 }
1095 }
1104 }
1107 Int dataSize;
1110 /* This dirty helper accesses memory. Collect the details. */
1114 // Large (eg. 28B, 108B, 512B on x86) data-sized
1115 // instructions will be done inaccurately, but they're
1116 // very rare and this avoids errors from hitting more
1117 // than two cache lines in the simulation.
1127 }
1129 }
1132 /* We treat it as a read and a write of the location. I
1133 think that is the same behaviour as it was before IRCAS
1134 was introduced, since prior to that point, the Vex
1135 front ends would translate a lock-prefixed instruction
1136 into a (normal) read followed by a (normal) write. */
1137 Int dataSize;
1149 }
1152 IRType dataTy;
1154 /* LL */
1160 /* SC */
1165 }
1167 }
1171 }
1174 }
1177 // Add an increment before the SB end.
1179 }
1181 }
1183 #undef binop
1184 #undef mkexpr
1185 #undef mkU32
1186 #undef mkU64
1187 #undef assign
1189 //------------------------------------------------------------//
1190 //--- Client requests ---//
1191 //------------------------------------------------------------//
1194 {
1199 }
1203 // Only the ec and req_szB fields are used by intro_Block().
1204 Block bk;
1212 }
1219 }
1221 // Only the ec and req_szB fields are used by intro_Block().
1222 Block bk;
1230 }
1234 Vg_UserMsg,
1237 );
1239 }
1240 }
1242 //------------------------------------------------------------//
1243 //--- Finalisation ---//
1244 //------------------------------------------------------------//
1246 // File format notes.
1247 //
1248 // - The files are JSON, because it's a widely-used format and saves us having
1249 // to write a parser in dh_view.js.
1250 //
1251 // - We use a comma-first style for the generated JSON. Comma-first style
1252 // moves the special case for arrays/objects from the last item to the
1253 // first. This helps in cases where you can't easily tell in advance the
1254 // size of arrays/objects, such as iterating over a WordFM (because
1255 // VG_(sizeFM) is O(n) rather than O(1)), and iterating over stack frames
1256 // using VG_(apply_ExeContext) in combination with an InlIpCursor.
1257 //
1258 // - We use short field names and minimal whitespace to minimize file sizes.
1259 //
1260 // Sample output:
1261 //
1262 // {
1263 // // Version number of the format. Incremented on each
1264 // // backwards-incompatible change. A mandatory integer.
1265 // "dhatFileVersion": 2,
1266 //
1267 // // The invocation mode. A mandatory, free-form string.
1268 // "mode": "heap",
1269 //
1270 // // The verb used before above stack frames, i.e. "<verb> at {". A
1271 // // mandatory string.
1272 // "verb": "Allocated",
1273 //
1274 // // Are block lifetimes recorded? Affects whether some other fields are
1275 // // present. A mandatory boolean.
1276 // "bklt": true,
1277 //
1278 // // Are block accesses recorded? Affects whether some other fields are
1279 // // present. A mandatory boolean.
1280 // "bkacc": true,
1281 //
1282 // // Byte/bytes/blocks-position units. Optional strings. "byte", "bytes",
1283 // // and "blocks" are the values used if these fields are omitted.
1284 // "bu": "byte", "bsu": "bytes", "bksu": "blocks",
1285 //
1286 // // Time units (individual and 1,000,000x). Mandatory strings.
1287 // "tu": "instrs", "Mtu": "Minstr"
1288 //
1289 // // The "short-lived" time threshold, measures in "tu"s.
1290 // // - bklt=true: a mandatory integer.
1291 // // - bklt=false: omitted.
1292 // "tuth": 500,
1293 //
1294 // // The executed command. A mandatory string.
1295 // "cmd": "date",
1296 //
1297 // // The process ID. A mandatory integer.
1298 // "pid": 61129
1299 //
1300 // // The time at the end of execution (t-end). A mandatory integer.
1301 // "te": 350682
1302 //
1303 // // The time of the global max (t-gmax).
1304 // // - bklt=true: a mandatory integer.
1305 // // - bklt=false: omitted.
1306 // "tg": 331312,
1307 //
1308 // // The program points. A mandatory array.
1309 // "pps": [
1310 // {
1311 // // Total bytes and blocks. Mandatory integers.
1312 // "tb": 5, "tbk": 1,
1313 //
1314 // // Total lifetimes of all blocks allocated at this PP.
1315 // // - bklt=true: a mandatory integer.
1316 // // - bklt=false: omitted.
1317 // "tl": 274,
1318 //
1319 // // The maximum bytes and blocks for this PP.
1320 // // - bklt=true: mandatory integers.
1321 // // - bklt=false: omitted.
1322 // "mb": 5, "mbk": 1,
1323 //
1324 // // The bytes and blocks at t-gmax for this PP.
1325 // // - bklt=true: mandatory integers.
1326 // // - bklt=false: omitted.
1327 // "gb": 0, "gbk": 0,
1328 //
1329 // // The bytes and blocks at t-end for this PP.
1330 // // - bklt=true: mandatory integers.
1331 // // - bklt=false: omitted.
1332 // "eb": 0, "ebk": 0,
1333 //
1334 // // The reads and writes of blocks for this PP.
1335 // // - bkacc=true: mandatory integers.
1336 // // - bkacc=false: omitted.
1337 // "rb": 41, "wb": 5,
1338 //
1339 // // The exact accesses of blocks for this PP. Only used when all
1340 // // allocations are the same size and sufficiently small. A negative
1341 // // element indicates run-length encoding of the following integer.
1342 // // E.g. `-3, 4` means "three 4s in a row".
1343 // // - bkacc=true: an optional array of integers.
1344 // // - bkacc=false: omitted.
1345 // "acc": [5, -3, 4, 2],
1346 //
1347 // // Frames. Each element is an index into the "ftbl" array below.
1348 // // - All modes: A mandatory array of integers.
1349 // "fs": [1, 2, 3]
1350 // }
1351 // ],
1352 //
1353 // // Frame table. A mandatory array of strings.
1354 // "ftbl": [
1355 // "[root]",
1356 // "0x4AA1D9F: _nl_normalize_codeset (l10nflist.c:332)",
1357 // "0x4A9B414: _nl_load_locale_from_archive (loadarchive.c:173)",
1358 // "0x4A9A2BE: _nl_find_locale (findlocale.c:153)"
1359 // ]
1360 // }
1364 #define FP(format, args...) ({ VG_(fprintf)(fp, format, ##args); })
1366 // The frame table holds unique frames.
1371 {
1373 }
1376 {
1379 }
1381 // For JSON, we must escape double quote, backslash, and 0x00..0x1f.
1382 //
1383 // Returns the original string if no escaping was required. Returns a pointer
1384 // to a static buffer if escaping was required. Therefore, the return value is
1385 // only valid until the next call to this function.
1387 {
1391 // Do we need any escaping?
1400 }
1401 p++;
1402 }
1406 // No escaping needed.
1408 }
1410 // Escaping needed. (The +1 is for the NUL terminator.) Enlarge buf if
1411 // necessary.
1416 }
1437 }
1438 p++;
1439 }
1443 }
1446 {
1453 // Skip entries in vg_replace_malloc.c (e.g. `malloc`, `calloc`,
1454 // `realloc`, `operator new`) because they're boring and clog up the
1455 // output.
1458 }
1460 // If this description has been seen before, get its number. Otherwise,
1461 // give it a new number and put it in the table.
1466 //const HChar* str = (const HChar*)keyW;
1467 //tl_assert(0 == VG_(strcmp)(buf, str));
1470 // `buf` is a static buffer, we must copy it.
1475 }
1483 };
1486 {
1509 // Simple run-length encoding: when N entries in a row have the same
1510 // value M, we print "-N,M". If there is just one in a row, we just
1511 // print "M". This reduces file size significantly.
1517 // Continue current run.
1518 reps++;
1520 // End of run; print it.
1525 }
1528 }
1529 }
1530 // Print the final run.
1535 }
1538 }
1553 }
1561 }
1564 {
1576 }
1580 // We didn't print any elements. This happens if ppinfo is empty.
1582 }
1585 }
1588 {
1589 // This function does lots of allocations that it doesn't bother to free,
1590 // because execution is almost over anyway.
1594 // Total bytes might be at a possible peak.
1598 // Before printing statistics, we must harvest various stats (such as
1599 // lifetimes and accesses) for all the blocks that are still alive.
1606 }
1609 // Stats.
1614 stats__n_fBc_cached,
1615 stats__n_fBc_uncached);
1618 }
1619 }
1621 // Create the frame table, and insert the special "[root]" node at index 0.
1625 frame_cmp);
1631 // Setup output filename. Nb: it's important to do this now, i.e. as late
1632 // as possible. If we do it at start-up and the program forks and the
1633 // output file format string contains a %p (pid) specifier, both the parent
1634 // and child will incorrectly write to the same file; this happened in
1635 // 3.3.0.
1645 }
1647 // Write to data file.
1650 // The output mode, block booleans, and byte/block units.
1663 }
1665 // The time units.
1669 }
1671 // The command.
1677 }
1680 // The PID.
1683 // Times.
1689 }
1691 // APs.
1694 // Frame table.
1697 // The frame table maps strings to numbers. We want to print it ordered by
1698 // numbers. So we create an array and fill it in from the frame table, then
1699 // print that.
1708 }
1713 }
1724 }
1726 // Print brief global stats.
1744 }
1746 // Print a how-to-view-the-profile hint.
1757 }
1759 //------------------------------------------------------------//
1760 //--- Initialisation ---//
1761 //------------------------------------------------------------//
1764 {
1769 }
1770 }
1773 {
1781 // Basic functions.
1783 dh_instrument,
1784 dh_fini);
1786 // Needs.
1790 dh_print_usage,
1791 dh_print_debug_usage);
1793 // VG_(needs_sanity_checks) (dh_cheap_sanity_check,
1794 // dh_expensive_sanity_check);
1796 dh___builtin_new,
1797 dh___builtin_new_aligned,
1798 dh___builtin_vec_new,
1799 dh___builtin_vec_new_aligned,
1800 dh_memalign,
1801 dh_calloc,
1802 dh_free,
1803 dh___builtin_delete,
1804 dh___builtin_delete_aligned,
1805 dh___builtin_vec_delete,
1806 dh___builtin_vec_delete_aligned,
1807 dh_realloc,
1808 dh_malloc_usable_size,
1818 interval_tree_Cmp );
1824 }
1828 //--------------------------------------------------------------------//
1829 //--- end dh_main.c ---//
1830 //--------------------------------------------------------------------//