| blob | e13d8b8e3b63fcf3e2dcbc0e49e67f401e96b112 |
2 //--------------------------------------------------------------------//
3 //--- DHAT: a Dynamic Heap Analysis Tool dh_main.c ---//
4 //--------------------------------------------------------------------//
6 /*
7 This file is part of DHAT, a Valgrind tool for profiling the
8 heap usage of programs.
10 Copyright (C) 2010-2018 Mozilla Foundation
12 This program is free software; you can redistribute it and/or
13 modify it under the terms of the GNU General Public License as
14 published by the Free Software Foundation; either version 2 of the
15 License, or (at your option) any later version.
17 This program is distributed in the hope that it will be useful, but
18 WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 General Public License for more details.
22 You should have received a copy of the GNU General Public License
23 along with this program; if not, see <http://www.gnu.org/licenses/>.
25 The GNU General Public License is contained in the file COPYING.
26 */
28 /* Contributed by Julian Seward <jseward@acm.org> */
45 #define HISTOGRAM_SIZE_LIMIT 1024
47 //------------------------------------------------------------//
48 //--- Globals ---//
49 //------------------------------------------------------------//
51 // Values for the entire run.
55 // Current values.
60 // Values at the global max, i.e. when g_curr_bytes peaks.
65 // Values for the entire run. Computed at the end.
69 //------------------------------------------------------------//
70 //--- an Interval Tree of live blocks ---//
71 //------------------------------------------------------------//
73 /* Tracks information about live blocks. */
74 typedef
76 Addr payload;
77 SizeT req_szB;
80 ULong reads_bytes;
81 ULong writes_bytes;
82 /* Approx histogram, one byte per payload byte. Counts latch up
83 therefore at 0xFFFF. Can be NULL if the block is resized or if
84 the block is larger than HISTOGRAM_SIZE_LIMIT. */
86 }
87 Block;
89 /* May not contain zero-sized blocks. May not contain
90 overlapping blocks. */
93 /* Here's the comparison function. Since the tree is required
94 to contain non-zero sized, non-overlapping blocks, it's good
95 enough to consider any overlap as a match. */
97 {
105 }
107 // 2-entry cache for find_Block_containing
116 {
120 // found at 0
121 stats__n_fBc_cached++;
123 }
127 // found at 1; swap 0 and 1
131 stats__n_fBc_cached++;
133 }
134 Block fake;
142 stats__n_fBc_notfound++;
144 }
149 // put at the top position
152 stats__n_fBc_uncached++;
154 }
156 // delete a block; asserts if not found. (viz, 'a' must be
157 // known to be present.)
159 {
160 Block fake;
167 }
170 //------------------------------------------------------------//
171 //--- a FM of allocation points (APs) ---//
172 //------------------------------------------------------------//
174 typedef
176 // The allocation point that we're summarising stats for.
179 // Total number of blocks and bytes allocated by this AP.
180 ULong total_blocks;
181 ULong total_bytes;
183 // The current number of blocks and bytes live for this AP.
184 ULong curr_blocks;
185 ULong curr_bytes;
187 // Values at the AP max, i.e. when this AP's curr_bytes peaks.
191 // Values at the global max.
192 ULong at_tgmax_blocks;
193 ULong at_tgmax_bytes;
195 // Total lifetimes of all blocks allocated by this AP. Includes blocks
196 // explicitly freed and blocks implicitly freed at termination.
197 ULong total_lifetimes_instrs;
199 // Number of blocks freed by this AP. (Only used in assertions.)
200 ULong freed_blocks;
202 // Total number of reads and writes in all blocks allocated
203 // by this AP.
204 ULong reads_bytes;
205 ULong writes_bytes;
207 /* Histogram information. We maintain a histogram aggregated for
208 all retiring Blocks allocated by this AP, but only if:
209 - this AP has only ever allocated objects of one size
210 - that size is <= HISTOGRAM_SIZE_LIMIT
211 What we need therefore is a mechanism to see if this AP
212 has only ever allocated blocks of one size.
214 3 states:
215 Unknown because no retirement yet
216 Exactly xsize all retiring blocks are of this size
217 Mixed multiple different sizes seen
218 */
220 SizeT xsize;
222 }
223 APInfo;
225 /* maps ExeContext*'s to APInfo*'s. Note that the keys must match the
226 .ap field in the values. */
230 // Are we at peak memory? If so, update at_tgmax_blocks and at_tgmax_bytes in
231 // all APInfos. Note that this is moderately expensive so we avoid calling it
232 // on every allocation.
234 {
236 // It's a peak. (If there are multiple equal peaks we record the latest
237 // one.)
245 }
247 }
248 }
250 /* 'bk' is being introduced (has just been allocated). Find the
251 relevant APInfo entry for it, or create one, based on the block's
252 allocation EC. Then, update the APInfo to the extent that we
253 actually can, to reflect the allocation. */
255 {
274 // histo stuff
279 }
283 // Update global stats first.
285 g_total_blocks++;
288 g_curr_blocks++;
294 }
296 // Now update APInfo stats.
306 }
307 }
309 /* 'bk' is retiring (being freed). Find the relevant APInfo entry for
310 it, which must already exist. Then, fold info from 'bk' into that
311 entry. 'because_freed' is True if the block is retiring because
312 the client has freed it. If it is False then the block is retiring
313 because the program has finished, in which case we want to skip the
314 updates of the total blocks live etc for this AP, but still fold in
315 the access counts and histo data that have so far accumulated for
316 the block. */
318 {
332 // update stats following this free.
338 // Total bytes is coming down from a possible peak.
341 // Then update global stats.
344 g_curr_blocks--;
347 // Then update APInfo stats.
354 }
359 // access counts
365 // histo stuff. First, do state transitions for xsize/xsize_tag.
375 // and allocate the histo
380 }
384 //tl_assert(api->freed_blocks > 1);
390 // deallocate the histo, if any
394 }
395 }
399 //tl_assert(api->freed_blocks > 1);
404 }
406 // See if we can fold the histo data from this block into
407 // the data for the AP
410 UWord i;
412 // FIXME: do something better in case of overflow of api->histo[..]
413 // Right now, at least don't let it overflow/wrap around
416 }
418 }
420 #if 0
423 UWord i;
429 }
430 #endif
431 }
433 /* This handles block resizing. When a block with AP 'ec' has a
434 size change of 'delta', call here to update the APInfo. */
436 {
451 }
453 // Total bytes might be coming down from a possible peak.
457 // Note: we treat realloc() like malloc() + free() for total counts, i.e. we
458 // increment total_blocks by 1 and increment total_bytes by new_req_szB.
459 //
460 // A reasonable alternative would be to leave total_blocks unchanged and
461 // increment total_bytes by delta (but only if delta is positive). But then
462 // calls to realloc wouldn't be counted towards the total_blocks count,
463 // which is undesirable.
465 // Update global stats first.
467 g_total_blocks++;
476 }
478 // Now update APInfo stats.
488 }
489 }
492 //------------------------------------------------------------//
493 //--- update both Block and APInfos after {m,re}alloc/free ---//
494 //------------------------------------------------------------//
496 static
498 Bool is_zeroed )
499 {
508 // Allocate and zero if necessary
513 }
517 /* slop_szB = actual_szB - req_szB; */
519 /* slop_szB = 0; */
520 }
522 // Make new Block, add to interval_tree.
530 // set up histogram array, if the block isn't too large
535 }
546 }
548 static
550 {
557 }
560 // assert the block finder is behaving sanely
566 }
578 }
580 }
583 static
585 {
591 // Find the old block.
595 }
598 // assert the block finder is behaving sanely
604 }
606 // Keeping the histogram alive in any meaningful way across
607 // block resizing is too darn complicated. Just throw it away.
611 }
613 // Actually do the allocation, if necessary.
616 // New size is smaller or same; block not moved.
623 // New size is bigger; make new block, copy shared contents, free old.
626 // Nb: if realloc fails, NULL is returned but the old block is not
627 // touched. What an awful function.
629 }
635 // Since the block has moved, we need to re-insert it into the
636 // interval tree at the new place. Do this by removing
637 // and re-adding it.
639 // now 'bk' is no longer in the tree, but the Block itself
640 // is still alive
642 // Update the metadata.
647 // and re-add
648 Bool present
654 }
655 /*NOTREACHED*/
657 }
660 //------------------------------------------------------------//
661 //--- malloc() et al replacement wrappers ---//
662 //------------------------------------------------------------//
665 {
667 }
670 {
672 }
675 {
677 }
680 {
682 }
685 {
687 }
690 {
692 }
695 {
697 }
700 {
702 }
705 {
708 }
712 }
714 }
717 {
720 }
723 //------------------------------------------------------------//
724 //--- memory references ---//
725 //------------------------------------------------------------//
727 static
729 {
736 //VG_(printf)("%lu %lu (size of block %lu)\n", offMin, offMax1, bk->req_szB);
741 }
742 }
746 {
752 }
753 }
757 {
763 }
764 }
767 // Handle reads and writes by syscalls (read == kernel
768 // reads user space, write == kernel writes user space).
769 // Assumes no such read or write spans a heap block
770 // boundary and so we can treat it just as one giant
771 // read or write.
772 static
775 {
786 }
787 }
789 static
792 {
802 }
803 }
806 //------------------------------------------------------------//
807 //--- Instrumentation ---//
808 //------------------------------------------------------------//
810 #define binop(_op, _arg1, _arg2) IRExpr_Binop((_op),(_arg1),(_arg2))
811 #define mkexpr(_tmp) IRExpr_RdTmp((_tmp))
812 #define mkU32(_n) IRExpr_Const(IRConst_U32(_n))
813 #define mkU64(_n) IRExpr_Const(IRConst_U64(_n))
814 #define assign(_t, _e) IRStmt_WrTmp((_t), (_e))
816 static
818 {
819 #if defined(VG_BIGENDIAN)
820 # define END Iend_BE
821 #elif defined(VG_LITTLEENDIAN)
822 # define END Iend_LE
823 #else
825 #endif
826 // Add code to increment 'g_curr_instrs' by 'n', like this:
827 // WrTmp(t1, Load64(&g_curr_instrs))
828 // WrTmp(t2, Add64(RdTmp(t1), Const(n)))
829 // Store(&g_curr_instrs, t2)
841 }
843 static
845 Int goff_sp)
846 {
865 }
869 /* Add the helper. */
875 argv );
877 /* Generate the guard condition: "(addr - (SP - RZ)) >u N", for
878 some arbitrary N. If that fails then addr is in the range (SP -
879 RZ .. SP + N - RZ). If N is smallish (a page?) then we can say
880 addr is within a page of SP and so can't possibly be a heap
881 access, and so can be skipped. */
887 sbOut,
889 tyAddr == Ity_I32
892 );
896 sbOut,
898 tyAddr == Ity_I32
901 );
905 sbOut,
907 tyAddr == Ity_I32
910 );
914 }
916 static
923 {
930 // We increment the instruction count in two places:
931 // - just before any Ist_Exit statements;
932 // - just before the IRSB's end.
933 // In the former case, we zero 'n' and then continue instrumenting.
937 // Copy verbatim any IR preamble preceding the first IMark
941 i++;
942 }
952 n++;
954 }
958 // Add an increment before the Exit statement, then reset 'n'.
961 }
963 }
969 // Note also, endianness info is ignored. I guess
970 // that's not interesting.
974 }
976 }
985 }
988 Int dataSize;
991 /* This dirty helper accesses memory. Collect the details. */
995 // Large (eg. 28B, 108B, 512B on x86) data-sized
996 // instructions will be done inaccurately, but they're
997 // very rare and this avoids errors from hitting more
998 // than two cache lines in the simulation.
1008 }
1010 }
1013 /* We treat it as a read and a write of the location. I
1014 think that is the same behaviour as it was before IRCAS
1015 was introduced, since prior to that point, the Vex
1016 front ends would translate a lock-prefixed instruction
1017 into a (normal) read followed by a (normal) write. */
1018 Int dataSize;
1030 }
1033 IRType dataTy;
1035 /* LL */
1041 /* SC */
1046 }
1048 }
1052 }
1055 }
1058 // Add an increment before the SB end.
1060 }
1062 }
1064 #undef binop
1065 #undef mkexpr
1066 #undef mkU32
1067 #undef mkU64
1068 #undef assign
1071 //------------------------------------------------------------//
1072 //--- Command line args ---//
1073 //------------------------------------------------------------//
1078 {
1081 else
1085 }
1088 {
1091 );
1092 }
1095 {
1098 );
1099 }
1102 //------------------------------------------------------------//
1103 //--- Finalisation ---//
1104 //------------------------------------------------------------//
1106 // File format notes.
1107 //
1108 // - The files are JSON, because it's a widely-used format and saves us having
1109 // to write a parser in dh_view.js.
1110 //
1111 // - We use a comma-first style for the generated JSON. Comma-first style
1112 // moves the special case for arrays/objects from the last item to the
1113 // first. This helps in cases where you can't easily tell in advance the
1114 // size of arrays/objects, such as iterating over a WordFM (because
1115 // VG_(sizeFM) is O(n) rather than O(1)), and iterating over stack frames
1116 // using VG_(apply_ExeContext) in combination with an InlIpCursor.
1117 //
1118 // - We use short field names and minimal whitespace to minimize file sizes.
1122 #define FP(format, args...) ({ VG_(fprintf)(fp, format, ##args); })
1124 // The frame table holds unique frames.
1129 {
1131 }
1134 {
1137 }
1139 // For JSON, we must escape double quote, backslash, and 0x00..0x1f.
1140 //
1141 // Returns the original string if no escaping was required. Returns a pointer
1142 // to a static buffer if escaping was required. Therefore, the return value is
1143 // only valid until the next call to this function.
1145 {
1149 // Do we need any escaping?
1158 }
1159 p++;
1160 }
1164 // No escaping needed.
1166 }
1168 // Escaping needed. (The +1 is for the NUL terminator.) Enlarge buf if
1169 // necessary.
1174 }
1195 }
1196 p++;
1197 }
1201 }
1204 {
1211 // Skip entries in vg_replace_malloc.c (e.g. `malloc`, `calloc`,
1212 // `realloc`, `operator new`) because they're boring and clog up the
1213 // output.
1216 }
1218 // If this description has been seen before, get its number. Otherwise,
1219 // give it a new number and put it in the table.
1224 //const HChar* str = (const HChar*)keyW;
1225 //tl_assert(0 == VG_(strcmp)(buf, str));
1228 // `buf` is a static buffer, we must copy it.
1233 }
1241 };
1244 {
1263 // Simple run-length encoding: when N entries in a row have the same
1264 // value M, we print "-N,M". If there is just one in a row, we just
1265 // print "M". This reduces file size significantly.
1271 // Continue current run.
1272 reps++;
1274 // End of run; print it.
1279 }
1282 }
1283 }
1284 // Print the final run.
1289 }
1292 }
1300 }
1303 {
1315 }
1319 // We didn't print any elements. This happens if apinfo is empty.
1321 }
1324 }
1327 {
1328 // This function does lots of allocations that it doesn't bother to free,
1329 // because execution is almost over anyway.
1331 // Total bytes might be at a possible peak.
1334 // Before printing statistics, we must harvest various stats (such as
1335 // lifetimes and accesses) for all the blocks that are still alive.
1343 }
1346 // Stats.
1351 stats__n_fBc_cached,
1352 stats__n_fBc_uncached);
1355 }
1357 // Create the frame table, and insert the special "[root]" node at index 0.
1361 frame_cmp);
1367 // Setup output filename. Nb: it's important to do this now, i.e. as late
1368 // as possible. If we do it at start-up and the program forks and the
1369 // output file format string contains a %p (pid) specifier, both the parent
1370 // and child will incorrectly write to the same file; this happened in
1371 // 3.3.0.
1381 }
1383 // Write to data file.
1386 // The command.
1392 }
1395 // The PID.
1398 // Times.
1401 // APs.
1404 // Frame table.
1407 // The frame table maps strings to numbers. We want to print it ordered by
1408 // numbers. So we create an array and fill it in from the frame table, then
1409 // print that.
1418 }
1423 }
1434 }
1436 // Print brief global stats.
1446 // Print a how-to-view-the-profile hint.
1457 }
1459 //------------------------------------------------------------//
1460 //--- Initialisation ---//
1461 //------------------------------------------------------------//
1464 {
1465 }
1468 {
1476 // Basic functions.
1478 dh_instrument,
1479 dh_fini);
1480 //zz
1481 // Needs.
1485 dh_print_usage,
1486 dh_print_debug_usage);
1487 //zz VG_(needs_client_requests) (dh_handle_client_request);
1488 //zz VG_(needs_sanity_checks) (dh_cheap_sanity_check,
1489 //zz dh_expensive_sanity_check);
1491 dh___builtin_new,
1492 dh___builtin_vec_new,
1493 dh_memalign,
1494 dh_calloc,
1495 dh_free,
1496 dh___builtin_delete,
1497 dh___builtin_vec_delete,
1498 dh_realloc,
1499 dh_malloc_usable_size,
1503 //VG_(track_pre_mem_read_asciiz) ( check_mem_is_defined_asciiz );
1513 interval_tree_Cmp );
1519 }
1523 //--------------------------------------------------------------------//
1524 //--- end dh_main.c ---//
1525 //--------------------------------------------------------------------//