NativeStackSampler implementation for Mac.

base/profiler/native_stack_sampler_mac.cc

+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <dlfcn.h>
+#include <mach/mach.h>
+#include <mach/thread_status.h>
+#include <mach-o/swap.h>
+#include <stdlib.h>
+
+#include <map>
+
+#include "base/profiler/native_stack_sampler.h"
+#include "base/strings/string_number_conversions.h"
+
+namespace base {
+
+namespace {
+
+static const int kUUIDLengthBytes = 16;

[Mike Wittman, 2015/09/15 16:00:15]

static is unnecessary when declaring in an unnamed namespace

[sydli, 2015/09/15 18:01:05]

Done.

+
+// Copy of x86_64 thread context structure from x86_thread_state64_t type.
+// Copied struct since fields can have different names on different versions of
+// Darwin.
+struct ThreadContext {
+  uint64_t rax;
+  uint64_t rbx;
+  uint64_t rcx;
+  uint64_t rdx;
+  uint64_t rdi;
+  uint64_t rsi;
+  uint64_t rbp;
+  uint64_t rsp;
+  uint64_t r8;
+  uint64_t r9;
+  uint64_t r10;
+  uint64_t r11;
+  uint64_t r12;
+  uint64_t r13;
+  uint64_t r14;
+  uint64_t r15;
+  uint64_t rip;
+  uint64_t rflags;
+  uint64_t cs;
+  uint64_t fs;
+  uint64_t gs;
+};
+
+// Struct for stack walking (represents stack state on any function call that
+// pushes a frame pointer).
+struct StackFrame {
+  // Pointer to caller's frame (rbp).
+  uintptr_t prev;
+  // Address in caller for callee to return to.
+  uintptr_t return_addr;
+};
+
+// Overwrites |dst| with StackFrame referenced in |src|. Returns true if stack
+// jump was successful. Failure implies address in |src| is corrupt.
+bool SafeJump(uintptr_t src, StackFrame* dst) {

[Robert Sesek, 2015/09/15 13:28:19]

How is this a "jump"? This seems more like ReadStackFrame to me.

[sydli, 2015/09/15 18:01:05]

Changed function name + comments.

+  vm_size_t ignored_bytes_copied = 0;
+  return vm_read_overwrite(mach_task_self(), static_cast<vm_address_t>(src),
+                           static_cast<vm_size_t>(sizeof(StackFrame)),
+                           reinterpret_cast<vm_address_t>(dst),
+                           &ignored_bytes_copied) == KERN_SUCCESS;
+}
+
+// Functions related to retrieving Mach-O Identifer
+//
+// These functions were cannibalized from Mach-O Identifier procedures found in
+// breakpad/src/common/mac. Support for non-X86_64 architectures and MD5 IDs
+// were removed to simplify the code.
+//
+// Thus, this walker only supports modules built for x86_64 architectures.
+// There are two such types of Mach-O modules: x86_64, which is built only
+// for x86_64, and FAT64, which are built for multiple 64-bit cpu architectures.
+// Brief demonstration of the two Mach-O header formats: (more information
+// can be found in the OS X ABI Mach-O File Format Reference).
+//
+// x86_64 Mach-O                       FAT64 Mach-O

[Robert Sesek, 2015/09/15 13:28:19]

I see that another reviewer asked for it, but I'm not sure this ASCII art is
useful to an accustomed reader. I think it'd just be better to refer readers to
the ABI File Format reference as you've done above.

[sydli, 2015/09/15 18:01:04]

Done.

+// -------------                       ----------
+//  + <-- |module_addr|, X86 header     + <-- |module_addr|, fat_header
+//  |  MH_MAGIC_64 or MH_CIGAM_64       |  FAT_MAGIC or FAT_CIGAM
+//  .                                   .
+//  .                                   .
+//  .                                   | <-- X86 header
+//  .                                   |  MH_MAGIC_64 or MH_CIGAM_64
+//  .                                   .
+
+// Returns offset in bytes where the x86_64 header is located in binary
+// loaded at |module_addr|. Returns 0 if |module_addr| is not a valid FAT
+// Mach-O binary or has not been built for x86_64.
+off_t GetMach64HeaderOffset(const void* module_addr) {
+  fat_header hdr;
+  memcpy(&hdr, module_addr, sizeof(hdr));

[Robert Sesek, 2015/09/15 13:28:19]

Do you actually need to copy data in these routines when you're just performing
a search? For example, this could probably be:

auto header = reinterpret_cast<const fat_header*>(module_address);
if (header->magic != FAT_CIGAM || header->magic != FAT_MAGIC)
  return 0;

auto fat_arches = reinterpret_cast<const fat_arch*>(module_address +
sizeof(*header));
for (uint32_t i = 0; i < OSSwapBigToHostInt32(header->nfat_arch); ++i) {
  const fat_arch& arch = fat_arches[i];
  if (OSSwapBigToHostInt32(arch.cputype) == CPU_TYPE_X86_64)
    return OSSwapBigToHostInt32(arch.offset);
}

[sydli, 2015/09/15 18:01:05]

No-- not with the OSSwap procedure. Changed code to read addresses and use
OSSwap when endianness does not match.

+  if (hdr.magic != FAT_MAGIC && hdr.magic != FAT_CIGAM)
+    return 0;
+
+  if (hdr.magic == FAT_CIGAM)
+    swap_fat_header(&hdr, NXHostByteOrder());
+
+  // Search all FAT architectures for x86_64.
+  off_t offset = sizeof(hdr);
+  fat_arch arch;
+  for (uint32_t i = 0; i < hdr.nfat_arch; ++i) {
+    memcpy(&arch, reinterpret_cast<const char*>(module_addr) + offset,
+           sizeof(arch));
+
+    if (NXHostByteOrder() != NX_BigEndian)
+      swap_fat_arch(&arch, 1, NXHostByteOrder());
+
+    if (arch.cputype == CPU_TYPE_X86_64)
+      return arch.offset;
+    offset += sizeof(arch);
+  }
+  return 0;
+}
+
+// Returns true if Mach-O binary at |module_addr| was built specifically for
+// x86_64 cpu architecture.
+bool IsX64Header(const void* module_addr) {
+  mach_header_64 hdr;
+  memcpy(&hdr, module_addr, sizeof(hdr));
+  if (hdr.magic != MH_MAGIC_64 && hdr.magic != MH_CIGAM_64)
+    return false;
+  if (hdr.magic == MH_CIGAM_64)
+    swap_mach_header_64(&hdr, NXHostByteOrder());
+
+  return hdr.cputype == CPU_TYPE_X86_64;
+}
+
+// Fills |id| with the UUID of the x86_64 Mach-O binary loaded at |module_addr|.
+// |offset| is the offset in bytes into |module_addr| where the x86_64 header
+// is located. |offset| is only relevant if binary is FAT and contains
+// multiple architecture headers.  Returns false if header is malformed or the
+// header does not specify the UUID load command.
+bool GetX64UUIDAt(const void* module_addr, unsigned char* id, off_t offset) {
+  mach_header_64 hdr;
+  if (!memcpy(&hdr, reinterpret_cast<const char*>(module_addr) + offset,
+              sizeof(hdr)) ||
+      (hdr.magic != MH_MAGIC_64 && hdr.magic != MH_CIGAM_64)) {
+    return false;
+  }
+
+  bool swap = hdr.magic == MH_CIGAM_64;
+  if (swap)
+    swap_mach_header_64(&hdr, NXHostByteOrder());
+
+  // Search all load commands for UUID command.
+  offset += sizeof(hdr);
+  load_command cmd;
+  for (uint32_t i = 0; i < hdr.ncmds; ++i) {
+    const void* command_loc =
+        reinterpret_cast<const char*>(module_addr) + offset;
+    memcpy(&cmd, command_loc, sizeof(cmd));
+
+    if (swap)
+      swap_load_command(&cmd, NXHostByteOrder());
+    if (cmd.cmd == LC_UUID) {
+      uuid_command uuid_cmd;
+      memcpy(&uuid_cmd, command_loc, sizeof(uuid_cmd));
+      if (swap)
+        swap_uuid_command(&uuid_cmd, NXHostByteOrder());
+
+      static_assert(sizeof(uuid_cmd.uuid) == kUUIDLengthBytes,
+                    "UUID field of UUID command should be 16 bytes.");
+      memcpy(id, &uuid_cmd.uuid, kUUIDLengthBytes);
+      return true;
+    }
+    offset += cmd.cmdsize;
+  }
+  return false;
+}
+
+// Fills |id| with Mach-O UUID retrieved from Mach-O binary loaded at
+// |module_addr|. This function returns false if the binary was not built for
+// X86_64 or if UUID cannot be found.
+bool GetUUID(const void* module_addr, unsigned char* id) {
+  off_t offset = 0;
+  // If module is not x86_64 exclusive, it could be a module that supports
+  // multiple architectures. In this case, the appropriate header will be at
+  // some non-zero offset.
+  if (!IsX64Header(module_addr) &&
+      !(offset = GetMach64HeaderOffset(module_addr)))
+    return false;
+  return GetX64UUIDAt(module_addr, id, offset);
+}
+
+// Returns hex encoding of a 16-byte ID for binary loaded at |module_addr|.
+// Returns empty string if UUID cannot be found at |module_addr|.
+std::string GetUniqueId(const void* module_addr) {
+  unsigned char id[kUUIDLengthBytes];
+  if (!GetUUID(module_addr, id))
+    return "";
+  return HexEncode(id, kUUIDLengthBytes);
+}
+
+// Functions related to grabbing a stack trace --------------------------------
+
+// Fills |state| with |target_thread|'s context.
+bool GetThreadContext(thread_act_t target_thread, ThreadContext* state) {
+  mach_msg_type_number_t count =
+      static_cast<mach_msg_type_number_t>(MACHINE_THREAD_STATE_COUNT);
+  return thread_get_state(target_thread, x86_THREAD_STATE64,
+                          reinterpret_cast<thread_state_t>(state),
+                          &count) == KERN_SUCCESS;
+}
+
+// Walks |thread_handle|'s stack and fills |instruction_pointers|.
+// Returns number of frames in stack, unless there's a corrupt frame pointer
+// (likely if module compiled with -fno_omit_frame_pointer), in which this
+// function will return the number of frames up until the frame with a corrupt
+// frame pointer. This procedure occurs while thread is suspended, so it should
+// take as little time as possible.
+int RecordStack(mach_port_t thread_handle,
+                int max_stack_size,
+                uintptr_t instruction_pointers[]) {
+  ThreadContext state;
+  if (!GetThreadContext(thread_handle, &state))
+    return 0;
+
+  StackFrame frame;
+  frame.prev = state.rbp;
+  int i = 0;
+  for (; i < max_stack_size; i++) {
+    // Three cases for end-of-stack condition:
+    //   1) We tried to jump off the stack.

[Robert Sesek, 2015/09/15 13:28:19]

Avoid using "we" and other personal pronouns in comments. What does "jump off
the stack" mean?

[sydli, 2015/09/15 18:01:05]

SafeReadFrame should only allow us to read from a valid frame ptr. Changed
wording to indicate this.

+    //   2) We jumped to a lower address.

[Robert Sesek, 2015/09/15 13:28:19]

"The next recovered rsp is not lower than the previously recovered one,
indicating the stack is not growing down."

[sydli, 2015/09/15 18:01:05]

Done.

+    //   3) We reached a return (instruction) address of 0.
+    uintptr_t old_esp = frame.prev;

[Robert Sesek, 2015/09/15 13:28:19]

Since this is x86_64, this isn't esp, it's rsp.

[sydli, 2015/09/15 18:01:05]

Oops-- my bad. Updated name.

+    if (!SafeJump(frame.prev, &frame) || frame.prev < old_esp ||
+        !frame.return_addr) {
+      return i;
+    }
+    instruction_pointers[i] = frame.return_addr;
+  }
+  return i;
+}
+
+// NativeStackSamplerMac ------------------------------------------------------
+
+class NativeStackSamplerMac : public NativeStackSampler {
+ public:
+  explicit NativeStackSamplerMac(pid_t thread_handle);
+  ~NativeStackSamplerMac() override;
+
+  // StackSamplingProfiler::NativeStackSampler:
+  void ProfileRecordingStarting(
+      std::vector<StackSamplingProfiler::Module>* modules) override;
+  void RecordStackSample(StackSamplingProfiler::Sample* sample) override;
+  void ProfileRecordingStopped() override;
+
+ private:
+  // Adds module represented by |instruction_pointer| into
+  // |sample| and |modules|.
+  void AddModule(StackSamplingProfiler::Sample* sample,
+                 std::vector<StackSamplingProfiler::Module>* modules,
+                 const uintptr_t instruction_pointer);

[Mike Wittman, 2015/09/15 16:00:15]

input arguments should appear before output arguments

[sydli, 2015/09/15 18:01:05]

Done.

+
+  // Copies the stack information represented by |instruction_pointers| into
+  // |sample| and |modules|.
+  void FillSample(const uintptr_t instruction_pointers[],
+                  int stack_depth,
+                  std::vector<StackSamplingProfiler::Module>* modules,
+                  StackSamplingProfiler::Sample* sample);

[Mike Wittman, 2015/09/15 16:00:15]

|sample| can go before |modules|, to be consistent with the Windows code and the
previous function

[sydli, 2015/09/15 18:01:05]

Done.

+
+  // Mach handle for thread being profiled.

[Robert Sesek, 2015/09/15 13:28:19]

Weak or strong right reference, here?

[sydli, 2015/09/15 18:01:05]

Weak. updated comment.

+  mach_port_t thread_handle_;
+
+  // Weak. Points to the modules associated with the profile being recorded
+  // between ProfileRecordingStarting() and ProfileRecordingStopped().
+  std::vector<StackSamplingProfiler::Module>* current_modules_;
+
+  // Maps a module handle to the corresponding Module's index within
+  // current_modules_.
+  std::map<const void*, size_t> profile_module_index_;
+
+  DISALLOW_COPY_AND_ASSIGN(NativeStackSamplerMac);
+};
+
+// The PlatformThreadId of the given thread is actually a typedef of
+// mach_port_t.
+// (base/threading/platform_thread_posix.cc:128)
+NativeStackSamplerMac::NativeStackSamplerMac(pid_t thread_handle)
+    : thread_handle_(static_cast<mach_port_t>(thread_handle)),
+      current_modules_(nullptr) {}
+
+NativeStackSamplerMac::~NativeStackSamplerMac() {}
+
+void NativeStackSamplerMac::ProfileRecordingStarting(
+    std::vector<StackSamplingProfiler::Module>* modules) {
+  current_modules_ = modules;
+  profile_module_index_.clear();
+}
+
+void NativeStackSamplerMac::RecordStackSample(
+    StackSamplingProfiler::Sample* sample) {
+  DCHECK(current_modules_);
+
+  const int max_stack_size = 64;
+  uintptr_t instruction_pointers[max_stack_size] = {0};
+
+  thread_suspend(thread_handle_);
+  int stack_depth =
+      RecordStack(thread_handle_, max_stack_size, instruction_pointers);
+  thread_resume(thread_handle_);
+  FillSample(instruction_pointers, stack_depth, current_modules_, sample);
+}
+
+void NativeStackSamplerMac::ProfileRecordingStopped() {
+  current_modules_ = nullptr;
+}
+
+// Adds library referenced by |instruction_pointer| to |sample| and |modules|.
+// Records library's (1) filepath, (2) base address, and (3) unique ID.
+void NativeStackSamplerMac::AddModule(

[Mike Wittman, 2015/09/15 16:00:15]

This function feels like it's doing too many things. Is there a reason we can't
use the same functional split as in the Windows code: CopyToSample,
GetModuleIndex, GetModuleForHandle (maybe GetModuleForInstructionPointer here)?

[sydli, 2015/09/15 18:01:05]

Split the function into CopyToSample and GetmoduleIndex. GetModuleFor* is
strange since retrieving the module key into profile_module_index_ is done
simultaneously with retrieving the module itself (using dladdr).

+    StackSamplingProfiler::Sample* sample,
+    std::vector<StackSamplingProfiler::Module>* modules,
+    const uintptr_t instruction_pointer) {
+  char filepath[PATH_MAX + 1];
+  Dl_info inf;
+  if (!dladdr(reinterpret_cast<const void*>(instruction_pointer), &inf)) {
+    sample->push_back(StackSamplingProfiler::Frame(
+        reinterpret_cast<const void*>(instruction_pointer),
+        StackSamplingProfiler::Frame::kUnknownModuleIndex));
+    return;
+  }
+  auto module_index = profile_module_index_.find(inf.dli_fbase);
+  if (module_index == profile_module_index_.end()) {
+    realpath(inf.dli_fname, filepath);

[Robert Sesek, 2015/09/15 13:28:19]

realpath will still touch disk. Is this necessary?

[sydli, 2015/09/15 18:01:05]

Suppose not; this just means ./ or ../ won't necessarily be resolved in
inf.dli_fname. Removed and updated tests to reflect change.

+    StackSamplingProfiler::Module module(
+        inf.dli_fbase, GetUniqueId(inf.dli_fbase), base::FilePath(filepath));
+    modules->push_back(module);
+    module_index = profile_module_index_.insert(
+        std::make_pair(inf.dli_fbase, modules->size() - 1)) .first;
+  }
+  sample->push_back(StackSamplingProfiler::Frame(
+      reinterpret_cast<const void*>(instruction_pointer),
+      module_index->second));
+}
+
+// Fills |sample| with Frames and Modules referenced by |instruction_pointers|.
+void NativeStackSamplerMac::FillSample(
+    const uintptr_t instruction_pointers[],
+    int stack_depth,
+    std::vector<StackSamplingProfiler::Module>* modules,
+    StackSamplingProfiler::Sample* sample) {
+  for (int i = 0; i < stack_depth; i++) {

[Mike Wittman, 2015/09/15 16:00:15]

nit: no braces

[sydli, 2015/09/15 18:01:05]

Done.

+    AddModule(sample, modules, instruction_pointers[i]);
+  }
+}
+
+}  // namespace
+
+scoped_ptr<NativeStackSampler> NativeStackSampler::Create(
+    PlatformThreadId thread_id) {

[Robert Sesek, 2015/09/15 13:28:19]

#if defined(__i386__)
NOTIMPLEMENTED() << "This class only has support for x86_64 sampling.
return nullptr;
#else
…
#endif

[Mike Wittman, 2015/09/15 16:00:15]

Just returning the null pointer is sufficient. The code that uses the
NativeStackSampler interprets that as being unsupported.

[sydli, 2015/09/15 18:01:05]

Done.

+  return scoped_ptr<NativeStackSampler>(new NativeStackSamplerMac(thread_id));
+}
+
+}  // namespace base