metrics: Connect leak detector to allocator

components/metrics/leak_detector/leak_detector.cc

+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/metrics/leak_detector/leak_detector.h"
+
+#include <link.h>
+#include <stdint.h>
+#include <unistd.h>
+
+#include <algorithm>
+#include <list>
+#include <new>
+
+#include "base/allocator/allocator_extension.h"
+#include "base/logging.h"
+#include "base/synchronization/lock.h"
+#include "components/metrics/leak_detector/leak_detector_impl.h"
+
+namespace metrics {
+
+using LeakReport = LeakDetector::LeakReport;
+using leak_detector::CustomAllocator;
+using leak_detector::LeakDetectorImpl;
+using InternalLeakReport = LeakDetectorImpl::LeakReport;
+template <typename T>
+using InternalVector = LeakDetectorImpl::InternalVector<T>;
+
+namespace {
+
+// For storing the address range of the Chrome binary in memory.
+struct MappingInfo {
+  uintptr_t addr;
+  size_t size;
+} chrome_mapping;
+
+// Create an object of this class to store the current new/delete hooks and
+// then remove them. When this object goes out of scope, it will automatically
+// restore the original hooks if they existed.
+//
+// If multiple instances of this class are created and there are hooks
+// registered, only the first object will save and restore the hook functions.
+// The others will have no effect. However, all concurrent instances MUST be
+// destroyed in reverse relative to their instantiation.
+//
+// This is useful in situations such as:
+// - Calling alloc or free from within a hook function, which would otherwise
+//   result in recursive hook calls.
+// - Calling LOG() when |g_lock| is being held, as LOG will call malloc, which
+//   calls NewHook(), which then attempts to acquire the lock, resulting in it
+//   being blocked.
+class MallocHookDisabler {
+ public:
+  MallocHookDisabler()
+      : new_hook_(base::allocator::SetSingleAllocHook(nullptr)),
+        delete_hook_(base::allocator::SetSingleFreeHook(nullptr)) {}
+
+  ~MallocHookDisabler() {
+    if (new_hook_)
+      base::allocator::SetSingleAllocHook(new_hook_);
+    if (delete_hook_)
+      base::allocator::SetSingleFreeHook(delete_hook_);
+  }
+
+ private:
+  base::allocator::AllocHookFunc new_hook_;
+  base::allocator::FreeHookFunc delete_hook_;
+
+  DISALLOW_COPY_AND_ASSIGN(MallocHookDisabler);
+};
+
+// Stores all instances of class LeakDetector. See LeakDetector::LeakDetector()
+// for info about how this is used.
+std::list<LeakDetector*>* g_leak_detector_object_list;

[Will Harris, 2016/02/04 03:41:52]

Are you expecting multiple customers of leak detector i.e. multiple areas
instantiating them? which code? How do you expect this to be used?

if so, I presume you want one actual instance, typically this is done by a
singleton pattern.

you can expose the singleton via g_browser_process

maybe if you explain more how you expect this to be used, or point me at a
design, then can come up with the right pattern to use so you don't have to keep
changing it.

+
+// Use a lock for controlling access to shared resources.
+base::Lock* g_lock;
+
+// Points to the active instance of the leak detector.
+// Modify this only when locked.
+LeakDetectorImpl* g_leak_detector;
+
+// Keeps track of the total number of bytes allocated, computed before sampling.
+uint64_t g_total_alloc_size;
+
+// The value of |g_total_alloc_size| the last time there was a leak analysis,
+// rounded down to the nearest multiple of |g_analysis_interval_bytes|.
+uint64_t g_last_analysis_alloc_size;
+
+// The sampling of allocs and frees is handled internally using integer values,
+// not floating point values. This is the integer value that represents a 100%
+// sampling rate. See |g_sampling_factor|.
+const int kMaxSamplingFactor = 256;
+
+// Pseudorandomly sample a fraction of the incoming allocations and frees, about
+// |g_sampling_factor| / |kMaxSamplingFactor|. Setting to 0 means no
+// allocs/frees are sampled. Setting to 256 or more means all allocs/frees are
+// sampled.
+int g_sampling_factor;
+
+// The max number of call stack frames to unwind.
+int g_max_stack_depth;
+
+// Perform a leak analysis each time this many bytes have been allocated since
+// the previous analysis.
+uint64_t g_analysis_interval_bytes;
+
+// A possible leak should be suspected this many times to take action on it.
+// For size analysis, the action is to start profiling by call stack.
+// For call stack analysis, the action is to generate a leak report.
+int g_size_suspicion_threshold;
+int g_call_stack_suspicion_threshold;
+
+// Callback for dl_iterate_phdr() to find the Chrome binary mapping.
+int IterateLoadedObjects(struct dl_phdr_info* shared_object,
+                         size_t /* size */,
+                         void* data) {
+  for (int i = 0; i < shared_object->dlpi_phnum; i++) {
+    // Find the ELF segment header that contains the actual code of the Chrome
+    // binary.
+    const ElfW(Phdr)& segment_header = shared_object->dlpi_phdr[i];
+    if (segment_header.p_type == SHT_PROGBITS && segment_header.p_offset == 0 &&
+        data) {
+      MappingInfo* mapping = static_cast<MappingInfo*>(data);
+
+      // Make sure the fields in the ELF header and MappingInfo have the
+      // same size.
+      static_assert(sizeof(mapping->addr) == sizeof(shared_object->dlpi_addr),
+                    "Integer size mismatch between MappingInfo::addr and "
+                    "dl_phdr_info::dlpi_addr.");
+      static_assert(sizeof(mapping->size) == sizeof(segment_header.p_offset),
+                    "Integer size mismatch between MappingInfo::size and "
+                    "ElfW(Phdr)::p_memsz.");
+
+      mapping->addr = shared_object->dlpi_addr + segment_header.p_offset;
+      mapping->size = segment_header.p_memsz;
+      return 1;
+    }
+  }
+  return 0;
+}
+
+// Convert a pointer to a hash value. Returns only the upper eight bits.
+inline uint64_t PointerToHash(const void* ptr) {
+  // The input data is the pointer address, not the location in memory pointed
+  // to by the pointer.
+  // The multiplier is taken from Farmhash code:
+  //   https://github.com/google/farmhash/blob/master/src/farmhash.cc
+  const uint64_t kMultiplier = 0x9ddfea08eb382d69ULL;
+  uint64_t value = reinterpret_cast<uint64_t>(ptr) * kMultiplier;
+  return value >> 56;
+}
+
+// Uses PointerToHash() to pseudorandomly sample |ptr|.
+inline bool ShouldSample(const void* ptr) {
+  return PointerToHash(ptr) < static_cast<uint64_t>(g_sampling_factor);
+}
+
+// Disables hooks before calling new.
+void* InternalAlloc(size_t size) {
+  MallocHookDisabler disabler;
+  return new char[size];
+}
+
+// Disables hooks before calling delete.
+void InternalFree(void* ptr, size_t /* size */) {
+  MallocHookDisabler disabler;
+  delete[] reinterpret_cast<char*>(ptr);
+}
+
+// Callback for allocator allocations.
+void NewHook(const void* ptr, size_t size) {
+  // Must be modified under lock, although the data stored in the internal
+  // allocated memory needn't be.
+  InternalVector<void*> stack;
+
+  {
+    base::AutoLock lock(*g_lock);
+    g_total_alloc_size += size;
+
+    if (!ShouldSample(ptr) || !ptr || !g_leak_detector)
+      return;
+
+    stack.resize(g_max_stack_depth, nullptr);
+  }
+
+  // Take the stack trace outside the critical section.
+  // |g_leak_detector->ShouldGetStackTraceForSize()| is const; there is no need
+  // for a lock.
+  int depth = 0;
+  if (g_leak_detector->ShouldGetStackTraceForSize(size)) {
+    depth = base::allocator::GetCallStack(stack.data(), g_max_stack_depth, 0);
+  }
+
+  // This should be modified only with a lock because it uses the shared
+  // resources in CustomAllocator.
+  InternalVector<InternalLeakReport> leak_reports;
+
+  {
+    base::AutoLock lock(*g_lock);
+    g_leak_detector->RecordAlloc(ptr, size, depth, stack.data());
+
+    // Check for leaks after |g_analysis_interval_bytes| bytes have been
+    // allocated since the last time that was done. Should be called with a lock
+    // since it:
+    // - Modifies the global variable |g_last_analysis_alloc_size|.
+    // - Updates internals of |g_leak_detector|.
+    // - Possibly generates a vector of LeakReports using CustomAllocator.
+    if (g_total_alloc_size >
+        g_last_analysis_alloc_size + g_analysis_interval_bytes) {
+      // Try to maintain regular intervals of size |g_analysis_interval_bytes|.
+      g_last_analysis_alloc_size =
+          g_total_alloc_size - g_total_alloc_size % g_analysis_interval_bytes;
+      g_leak_detector->TestForLeaks(&leak_reports);
+    }
+  }
+
+  std::vector<LeakReport> leak_reports_for_observers;
+  leak_reports_for_observers.reserve(leak_reports.size());
+  for (const InternalLeakReport& report : leak_reports) {
+    leak_reports_for_observers.resize(leak_reports_for_observers.size() + 1);
+    LeakReport* new_report = &leak_reports_for_observers.back();
+    new_report->alloc_size_bytes = report.alloc_size_bytes();
+    if (!report.call_stack().empty()) {
+      new_report->call_stack.resize(report.call_stack().size());
+      memcpy(new_report->call_stack.data(), report.call_stack().data(),
+             report.call_stack().size() * sizeof(report.call_stack()[0]));
+    }
+  }
+
+  {
+    base::AutoLock lock(*g_lock);
+
+    // InternalVectors must be cleaned up under lock, so we can't wait for them
+    // to go out of scope.
+    // std::vector::clear() still leaves reserved memory inside that will be
+    // cleaned up by the destructor when it goes out of scope. And
+    // vector::shrink_to_fit() is not allowed to be used yet. Instead swap
+    // out the contents to a local container that is cleaned up when it goes
+    // out of scope.
+    InternalVector<InternalLeakReport> dummy_leak_reports;
+    leak_reports.swap(dummy_leak_reports);
+
+    InternalVector<void*> dummy_stack;
+    stack.swap(dummy_stack);
+  }
+
+  // Pass leak reports to all observers. The observers must be called outside of
+  // the locked area to avoid slowdown.
+  for (LeakDetector* leak_detector_object : *g_leak_detector_object_list)
+    leak_detector_object->NotifyObservers(leak_reports_for_observers);
+}
+
+// Callback for allocator frees.
+void DeleteHook(const void* ptr) {
+  if (!ShouldSample(ptr) || !ptr || !g_leak_detector)
+    return;
+
+  base::AutoLock lock(*g_lock);
+  g_leak_detector->RecordFree(ptr);
+}
+
+}  // namespace
+
+namespace internal {
+
+bool Shutdown();
+
+// Returns true if the internal leak detector has been initialized.
+bool IsInitialized() {
+  return g_leak_detector;
+}
+
+// Initialize internal leak detector with the current stored parameters. Returns
+// true upon success. The internal leak detector can only be initialized once.
+bool Initialize() {
+  if (IsInitialized()) {
+    MallocHookDisabler disabler;
+    LOG(ERROR) << "Leak detector is already initialized!";
+    return false;
+  }
+
+  // Locate the Chrome binary mapping info.
+  dl_iterate_phdr(IterateLoadedObjects, &chrome_mapping);
+
+  // Create a new object list and lock.
+  g_leak_detector_object_list = new std::list<LeakDetector*>;
+  g_lock = new base::Lock;
+
+  bool success = true;
+  {
+    // Limit the lock to a local scope because Shutdown() must be run with it
+    // unlocked.
+    base::AutoLock lock(*g_lock);
+
+    if (CustomAllocator::IsInitialized()) {
+      LOG(ERROR) << "Custom allocator can only be initialized once!";
+      return false;
+    }
+    g_total_alloc_size = 0;
+    CustomAllocator::Initialize(&InternalAlloc, &InternalFree);
+
+    g_leak_detector = new (CustomAllocator::Allocate(sizeof(LeakDetectorImpl)))
+        LeakDetectorImpl(chrome_mapping.addr, chrome_mapping.size,
+                         g_size_suspicion_threshold,
+                         g_call_stack_suspicion_threshold);
+
+    if (base::allocator::SetSingleAllocHook(&NewHook) != nullptr ||
+        base::allocator::SetSingleFreeHook(&DeleteHook) != nullptr) {
+      MallocHookDisabler disabler;
+      LOG(ERROR) << "Overwrote existing callback.";
+      success = false;
+    } else if (base::allocator::GetSingleAllocHook() != &NewHook ||
+               base::allocator::GetSingleFreeHook() != &DeleteHook) {
+      MallocHookDisabler disabler;
+      LOG(ERROR) << "Failed to register free callback.";
+      success = false;
+    }
+  }
+
+  if (!success)
+    Shutdown();
+
+  return success;
+}
+
+// Initialize internal leak detector with the given parameters, which are first
+// stored in the internal parameter variables.
+bool Initialize(int sampling_factor,
+                int max_stack_depth,
+                uint64_t analysis_interval_bytes,
+                int size_suspicion_threshold,
+                int call_stack_suspicion_threshold) {
+  if (IsInitialized()) {
+    MallocHookDisabler disabler;
+    LOG(ERROR) << "Leak detector is already initialized!";
+    return false;
+  }
+
+  // Override default values.
+  g_sampling_factor = sampling_factor;
+  g_max_stack_depth = max_stack_depth;
+  g_analysis_interval_bytes = analysis_interval_bytes;
+  g_size_suspicion_threshold = size_suspicion_threshold;
+  g_call_stack_suspicion_threshold = call_stack_suspicion_threshold;
+
+  return Initialize();
+}
+
+// Shut down the internal leak detector.
+bool Shutdown() {
+  if (!IsInitialized()) {
+    LOG(ERROR) << "Leak detector is not initialized!";
+    return false;
+  }
+
+  {
+    base::AutoLock lock(*g_lock);
+
+    if (base::allocator::GetSingleAllocHook() == &NewHook)
+      base::allocator::SetSingleAllocHook(nullptr);
+    if (base::allocator::GetSingleFreeHook() == &DeleteHook)
+      base::allocator::SetSingleFreeHook(nullptr);
+
+    g_leak_detector->~LeakDetectorImpl();
+    CustomAllocator::Free(g_leak_detector, sizeof(LeakDetectorImpl));
+    g_leak_detector = nullptr;
+
+    if (!CustomAllocator::Shutdown()) {
+      LOG(ERROR) << "Memory leak in leak detector, allocated objects remain.";
+      return false;
+    }
+  }
+
+  // Deallocate the lock and object list.
+  delete g_lock;
+  delete g_leak_detector_object_list;
+
+  return true;
+}
+
+}  // namespace internal
+
+LeakDetector::LeakReport::LeakReport() {}
+
+LeakDetector::LeakReport::~LeakReport() {}
+
+LeakDetector::LeakDetector() : LeakDetector(1.0f, 4, 32 * 1024 * 1024, 4, 4) {}
+
+LeakDetector::LeakDetector(double sampling_ratio,
+                           int max_stack_depth,
+                           uint64_t analysis_interval_bytes,
+                           int size_suspicion_threshold,
+                           int call_stack_suspicion_threshold) {
+  init_success_ = false;
+
+  int sampling_factor =
+      static_cast<double>(kMaxSamplingFactor) * sampling_ratio;
+
+  // Since the internal leak detector can only be initialized once, initialize
+  // it from the first instantiation of this class. All subsequent
+  // instantiations must check that the parameters are the same. If the
+  // parameters match, the new instance is stored (along with the original
+  // instance) in |*g_leak_detector_object_list|. Otherwise, the instance is
+  // marked as an unsuccessful instantiation.
+  //
+  // |*g_leak_detector_object_list| is used to determine when all successful
+  // instances of this class have been destroyed. When the last one is removed
+  // from the list, the internal leak detector is deactivated.
+  if ((!internal::IsInitialized() &&
+       internal::Initialize(sampling_factor, max_stack_depth,
+                            analysis_interval_bytes, size_suspicion_threshold,
+                            call_stack_suspicion_threshold)) ||
+      (internal::IsInitialized() && g_sampling_factor == sampling_factor &&
+       g_max_stack_depth == max_stack_depth &&
+       g_analysis_interval_bytes == analysis_interval_bytes &&
+       g_size_suspicion_threshold == size_suspicion_threshold &&
+       g_call_stack_suspicion_threshold == call_stack_suspicion_threshold)) {
+    CHECK(g_leak_detector_object_list);
+    g_leak_detector_object_list->push_back(this);
+    init_success_ = true;
+  }
+}
+
+LeakDetector::~LeakDetector() {
+  if (!init_success_)
+    return;
+
+  auto& objects = *g_leak_detector_object_list;
+  auto iter = std::find(objects.begin(), objects.end(), this);
+  if (iter == objects.end())
+    LOG(FATAL) << "Could not find registered LeakDetector object.";
+  objects.erase(iter);
+
+  if (objects.empty())
+    internal::Shutdown();
+}
+
+bool LeakDetector::AddObserver(Observer* observer) {
+  observers_.push_back(observer);
+  return true;
+}
+
+bool LeakDetector::RemoveObserver(Observer* observer) {
+  auto iter = std::find(observers_.begin(), observers_.end(), observer);
+  if (iter == observers_.end())
+    return false;
+  observers_.erase(iter);
+  return true;
+}
+
+void LeakDetector::NotifyObservers(const std::vector<LeakReport>& reports) {
+  for (LeakDetector::Observer* observer : observers_) {
+    for (const LeakReport& report : reports) {
+      observer->OnLeakFound(report);
+    }
+  }
+}
+
+}  // namespace metrics