[tracing] Add native allocation tracing mode.

base/trace_event/heap_profiler_allocation_context_tracker.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/trace_event/heap_profiler_allocation_context_tracker.h"
 
 #include <algorithm>
 #include <iterator>
 
+#include "base/allocator/features.h"
 #include "base/atomicops.h"
+#include "base/debug/stack_trace.h"
 #include "base/threading/thread_local_storage.h"
 #include "base/trace_event/heap_profiler_allocation_context.h"
 
 namespace base {
 namespace trace_event {
 
 subtle::Atomic32 AllocationContextTracker::capture_enabled_ = 0;
 
 namespace {
 
 const size_t kMaxStackDepth = 128u;
 AllocationContextTracker* const kInitializingSentinel =
     reinterpret_cast<AllocationContextTracker*>(-1);
 
 ThreadLocalStorage::StaticSlot g_tls_alloc_ctx_tracker = TLS_INITIALIZER;
 
 // This function is added to the TLS slot to clean up the instance when the
 // thread exits.
 void DestructAllocationContextTracker(void* alloc_ctx_tracker) {
   delete static_cast<AllocationContextTracker*>(alloc_ctx_tracker);
 }
 
+#if BUILDFLAG(USE_EXPERIMENTAL_ALLOCATION_TRACING) && !defined(OS_NACL)
+
+// Walks stack frames and collects a trace. Unlike base::debug::StackTrace
+// (which uses unwinding) this function uses frame pointers and is fast.
+// However, by default frame pointers are not enabled in optimized builds
+// unless -fno-omit-frame-pointer flag is specified.
+// Adapted from TCMalloc's stacktrace_x86-inl.h
+size_t WalkStackFrames(const void** trace,

[Primiano Tucci (use gerrit), 2016/04/01 15:56:28]

would be nice to make this available as a general base feature and just fix
base::debug::StackTrace somehow.
I wonder, if you could include and use GetStackFrames from tcmalloc would you
still need this function?
If so we can have some discussion with base owners.
I wonder if the right thing to do here is making a subset of tcmalloc always
avalable (only the gperftools part) so that you can use the tcmalloc code for
stack unwinding even if you are not using tcmalloc as an allocator?

[Dmitry Skiba, 2016/04/04 22:38:34]

Yes, I would prefer to make it available through StackTrace. I don't think we
need to try to bring TCMalloc though - the function is simple and TCMalloc's
version supports way more stuff than we need (and it's kinda rusty, supporting
gcc 4.1, etc).

My plan was to first have something stable here, and then move it to StackTrace.
But I can do it other way around - first figure out StackTrace interface for it,
add it there, and use here.

+                       size_t max_depth,
+                       size_t skip_count) {
+  uintptr_t sp = reinterpret_cast<uintptr_t>(
+      __builtin_frame_address(0));
+
+  size_t n = 0;
+  while (sp && n < max_depth) {
+    if (reinterpret_cast<void**>(sp)[1] == nullptr) {
+      // In 64-bit code, we often see a frame that
+      // points to itself and has a return address of 0.
+      break;
+    }
+
+    if (skip_count > 0) {
+      skip_count--;
+    } else {
+      trace[n] = reinterpret_cast<void**>(sp)[1];
+      n++;
+    }
+
+    {
+      uintptr_t next_sp = reinterpret_cast<uintptr_t*>(sp)[0];
+
+      // With the stack growing downwards, older stack frame must be
+      // at a greater address that the current one.
+      if (next_sp <= sp) break;
+
+      // Assume stack frames larger than 100,000 bytes are bogus.
+      if (next_sp - sp > 100000) break;
+
+      // Check alignment.
+      if (next_sp & (sizeof(void*) - 1)) break;
+
+#ifdef __i386__
+      // On 64-bit machines, the stack pointer can be very close to
+      // 0xffffffff, so we explicitly check for a pointer into the
+      // last two pages in the address space
+      if (next_sp >= 0xffffe000) break;
+#endif
+
+      sp = next_sp;
+    }
+  }
+
+  return n;
+}
+
+#endif  // USE_EXPERIMENTAL_ALLOCATION_TRACING
+
 }  // namespace
 
 // static
 AllocationContextTracker*
 AllocationContextTracker::GetInstanceForCurrentThread() {
   AllocationContextTracker* tracker =
       static_cast<AllocationContextTracker*>(g_tls_alloc_ctx_tracker.Get());
   if (tracker == kInitializingSentinel)
     return nullptr;  // Re-entrancy case.
 
@@ skipping 14 matching lines @@
 // static
 void AllocationContextTracker::SetCaptureEnabled(bool enabled) {
   // When enabling capturing, also initialize the TLS slot. This does not create
   // a TLS instance yet.
   if (enabled && !g_tls_alloc_ctx_tracker.initialized())
     g_tls_alloc_ctx_tracker.Initialize(DestructAllocationContextTracker);
 
   // Release ordering ensures that when a thread observes |capture_enabled_| to
   // be true through an acquire load, the TLS slot has been initialized.
   subtle::Release_Store(&capture_enabled_, enabled);
+
+#if BUILDFLAG(USE_EXPERIMENTAL_ALLOCATION_TRACING) && !defined(OS_NACL)
+  if (enabled) {
+    // Dummy StackTrace usage, just in case stack trace machinery needs to
+    // allocate memory during initialization (e.g. backtrace() does that).

[Primiano Tucci (use gerrit), 2016/04/01 15:56:28]

where is backtrace() called from?

[Dmitry Skiba, 2016/04/04 22:38:34]

From StackTrace constructor. StackTrace is actually warmed up (there are special
functions for that), but too late in case of startup tracing.

+    debug::StackTrace warmup;
+  }
+#endif
 }
 
 void AllocationContextTracker::PushPseudoStackFrame(StackFrame frame) {
   // Impose a limit on the height to verify that every push is popped, because
   // in practice the pseudo stack never grows higher than ~20 frames.
   if (pseudo_stack_.size() < kMaxStackDepth)
     pseudo_stack_.push_back(frame);
   else
     NOTREACHED();
 }
 
-// static
 void AllocationContextTracker::PopPseudoStackFrame(StackFrame frame) {
   // Guard for stack underflow. If tracing was started with a TRACE_EVENT in
   // scope, the frame was never pushed, so it is possible that pop is called
   // on an empty stack.
   if (pseudo_stack_.empty())
     return;
 
   // Assert that pushes and pops are nested correctly. This DCHECK can be
   // hit if some TRACE_EVENT macro is unbalanced (a TRACE_EVENT_END* call
   // without a corresponding TRACE_EVENT_BEGIN).
   DCHECK_EQ(frame, pseudo_stack_.back())
       << "Encountered an unmatched TRACE_EVENT_END";
 
   pseudo_stack_.pop_back();
 }
 
-// static
 AllocationContext AllocationContextTracker::GetContextSnapshot() {
   AllocationContext ctx;
 
-  // Fill the backtrace.
+#if BUILDFLAG(USE_EXPERIMENTAL_ALLOCATION_TRACING) && !defined(OS_NACL)
+  // Ignore pseudo stack and return the real thing
+
+  // base::debug::StackTrace::StackTrace()
+  // base::trace_event::AllocationContextTracker::GetContextSnapshot()
+  // base::trace_event::MallocDumpProvider::InsertAllocation(...)
+  // base::trace_event::(anonymous namespace)::HookXXX(...)
+  // ShimXXX
+  const size_t known_frame_count = 5;
+
+  const size_t max_backtrace_count = arraysize(ctx.backtrace.frames);
+  size_t backtrace_count = WalkStackFrames(ctx.backtrace.frames,
+                                           max_backtrace_count,
+                                           known_frame_count + 1);
+
+  std::reverse(ctx.backtrace.frames,

[Primiano Tucci (use gerrit), 2016/04/01 15:56:28]

I wonder if we could avoid this reverse and just walk backwards in
heap_profiler_stack_frame_deduplicator.cc when #ifdef BLA, to avoid this reverse
oepration on each malloc() (Could do in a separate CL, maybe just add a todo w/
a crbug)

[Dmitry Skiba, 2016/04/04 22:38:34]

OK

+               ctx.backtrace.frames + backtrace_count);
+
+  std::fill(ctx.backtrace.frames + backtrace_count,
+            ctx.backtrace.frames + max_backtrace_count,
+            nullptr);
+
+  ctx.backtrace.frame_type = STACK_FRAME_TYPE_PC;
+
+#else
+  // Return pseudo stack trace
+
   {
     auto src = pseudo_stack_.begin();
     auto dst = std::begin(ctx.backtrace.frames);
     auto src_end = pseudo_stack_.end();
     auto dst_end = std::end(ctx.backtrace.frames);
 
     // Copy as much of the bottom of the pseudo stack into the backtrace as
     // possible.
     for (; src != src_end && dst != dst_end; src++, dst++)
       *dst = *src;
 
     // If there is room for more, fill the remaining slots with empty frames.
     std::fill(dst, dst_end, nullptr);
   }
 
+  ctx.backtrace.frame_type = STACK_FRAME_TYPE_SYMBOL;
+
+#endif  // USE_EXPERIMENTAL_ALLOCATION_TRACING
+
   ctx.type_name = nullptr;
 
   return ctx;
 }
 
 }  // namespace trace_event
 }  // namespace base