1 /*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "debugger_interface.h"
18
19 #include <android-base/logging.h>
20
21 #include "base/array_ref.h"
22 #include "base/logging.h"
23 #include "base/mutex.h"
24 #include "base/time_utils.h"
25 #include "base/utils.h"
26 #include "dex/dex_file.h"
27 #include "thread-current-inl.h"
28 #include "thread.h"
29
30 #include <atomic>
31 #include <cstddef>
32 #include <deque>
33 #include <map>
34
35 //
36 // Debug interface for native tools (gdb, lldb, libunwind, simpleperf).
37 //
38 // See http://sourceware.org/gdb/onlinedocs/gdb/Declarations.html
39 //
40 // There are two ways for native tools to access the debug data safely:
41 //
42 // 1) Synchronously, by setting a breakpoint in the __*_debug_register_code
43 // method, which is called after every modification of the linked list.
44 // GDB does this, but it is complex to set up and it stops the process.
45 //
46 // 2) Asynchronously, by monitoring the action_seqlock_.
47 // * The seqlock is a monotonically increasing counter which is incremented
48 // before and after every modification of the linked list. Odd value of
49 // the counter means the linked list is being modified (it is locked).
50 // * The tool should read the value of the seqlock both before and after
51 // copying the linked list. If the seqlock values match and are even,
52 // the copy is consistent. Otherwise, the reader should try again.
53 // * Note that using the data directly while is it being modified
54 // might crash the tool. Therefore, the only safe way is to make
55 // a copy and use the copy only after the seqlock has been checked.
56 // * Note that the process might even free and munmap the data while
57 // it is being copied, therefore the reader should either handle
58 // SEGV or use OS calls to read the memory (e.g. process_vm_readv).
59 // * The seqlock can be used to determine the number of modifications of
60 // the linked list, which can be used to intelligently cache the data.
61 // Note the possible overflow of the seqlock. It is intentionally
62 // 32-bit, since 64-bit atomics can be tricky on some architectures.
63 // * The timestamps on the entry record the time when the entry was
64 // created which is relevant if the unwinding is not live and is
65 // postponed until much later. All timestamps must be unique.
66 // * Memory barriers are used to make it possible to reason about
67 // the data even when it is being modified (e.g. the process crashed
68 // while that data was locked, and thus it will be never unlocked).
69 // * In particular, it should be possible to:
70 // 1) read the seqlock and then the linked list head pointer.
71 // 2) copy the entry and check that seqlock has not changed.
72 // 3) copy the symfile and check that seqlock has not changed.
73 // 4) go back to step 2 using the next pointer (if non-null).
74 // This safely creates copy of all symfiles, although other data
75 // might be inconsistent/unusable (e.g. prev_, action_timestamp_).
76 // * For full conformance with the C++ memory model, all seqlock
77 // protected accesses should be atomic. We currently do this in the
78 // more critical cases. The rest will have to be fixed before
79 // attempting to run TSAN on this code.
80 //
81
82 namespace art {
83
84 static Mutex g_jit_debug_lock("JIT native debug entries", kNativeDebugInterfaceLock);
85 static Mutex g_dex_debug_lock("DEX native debug entries", kNativeDebugInterfaceLock);
86
87 extern "C" {
88 enum JITAction {
89 JIT_NOACTION = 0,
90 JIT_REGISTER_FN,
91 JIT_UNREGISTER_FN
92 };
93
94 struct JITCodeEntry {
95 // Atomic to ensure the reader can always iterate over the linked list
96 // (e.g. the process could crash in the middle of writing this field).
97 std::atomic<JITCodeEntry*> next_;
98 // Non-atomic. The reader should not use it. It is only used for deletion.
99 JITCodeEntry* prev_;
100 const uint8_t* symfile_addr_;
101 uint64_t symfile_size_; // Beware of the offset (12 on x86; but 16 on ARM32).
102
103 // Android-specific fields:
104 uint64_t register_timestamp_; // CLOCK_MONOTONIC time of entry registration.
105 };
106
107 struct JITDescriptor {
108 uint32_t version_ = 1; // NB: GDB supports only version 1.
109 uint32_t action_flag_ = JIT_NOACTION; // One of the JITAction enum values.
110 JITCodeEntry* relevant_entry_ = nullptr; // The entry affected by the action.
111 std::atomic<JITCodeEntry*> head_{nullptr}; // Head of link list of all entries.
112
113 // Android-specific fields:
114 uint8_t magic_[8] = {'A', 'n', 'd', 'r', 'o', 'i', 'd', '1'};
115 uint32_t flags_ = 0; // Reserved for future use. Must be 0.
116 uint32_t sizeof_descriptor = sizeof(JITDescriptor);
117 uint32_t sizeof_entry = sizeof(JITCodeEntry);
118 std::atomic_uint32_t action_seqlock_{0}; // Incremented before and after any modification.
119 uint64_t action_timestamp_ = 1; // CLOCK_MONOTONIC time of last action.
120 };
121
122 // Check that std::atomic has the expected layout.
123 static_assert(alignof(std::atomic_uint32_t) == alignof(uint32_t), "Weird alignment");
124 static_assert(sizeof(std::atomic_uint32_t) == sizeof(uint32_t), "Weird size");
125 static_assert(alignof(std::atomic<void*>) == alignof(void*), "Weird alignment");
126 static_assert(sizeof(std::atomic<void*>) == sizeof(void*), "Weird size");
127
128 // GDB may set breakpoint here. We must ensure it is not removed or deduplicated.
__jit_debug_register_code()129 void __attribute__((noinline)) __jit_debug_register_code() {
130 __asm__("");
131 }
132
133 // Alternatively, native tools may overwrite this field to execute custom handler.
134 void (*__jit_debug_register_code_ptr)() = __jit_debug_register_code;
135
136 // The root data structure describing of all JITed methods.
GUARDED_BY(g_jit_debug_lock)137 JITDescriptor __jit_debug_descriptor GUARDED_BY(g_jit_debug_lock) {};
138
139 // The following globals mirror the ones above, but are used to register dex files.
__dex_debug_register_code()140 void __attribute__((noinline)) __dex_debug_register_code() {
141 __asm__("");
142 }
143 void (*__dex_debug_register_code_ptr)() = __dex_debug_register_code;
GUARDED_BY(g_dex_debug_lock)144 JITDescriptor __dex_debug_descriptor GUARDED_BY(g_dex_debug_lock) {};
145 }
146
147 // Mark the descriptor as "locked", so native tools know the data is being modified.
ActionSeqlock(JITDescriptor & descriptor)148 static void ActionSeqlock(JITDescriptor& descriptor) {
149 DCHECK_EQ(descriptor.action_seqlock_.load() & 1, 0u) << "Already locked";
150 descriptor.action_seqlock_.fetch_add(1, std::memory_order_relaxed);
151 // Ensure that any writes within the locked section cannot be reordered before the increment.
152 std::atomic_thread_fence(std::memory_order_release);
153 }
154
155 // Mark the descriptor as "unlocked", so native tools know the data is safe to read.
ActionSequnlock(JITDescriptor & descriptor)156 static void ActionSequnlock(JITDescriptor& descriptor) {
157 DCHECK_EQ(descriptor.action_seqlock_.load() & 1, 1u) << "Already unlocked";
158 // Ensure that any writes within the locked section cannot be reordered after the increment.
159 std::atomic_thread_fence(std::memory_order_release);
160 descriptor.action_seqlock_.fetch_add(1, std::memory_order_relaxed);
161 }
162
CreateJITCodeEntryInternal(JITDescriptor & descriptor,void (* register_code_ptr)(),ArrayRef<const uint8_t> symfile,bool copy_symfile)163 static JITCodeEntry* CreateJITCodeEntryInternal(
164 JITDescriptor& descriptor,
165 void (*register_code_ptr)(),
166 ArrayRef<const uint8_t> symfile,
167 bool copy_symfile) {
168 // Make a copy of the buffer to shrink it and to pass ownership to JITCodeEntry.
169 if (copy_symfile) {
170 uint8_t* copy = new uint8_t[symfile.size()];
171 CHECK(copy != nullptr);
172 memcpy(copy, symfile.data(), symfile.size());
173 symfile = ArrayRef<const uint8_t>(copy, symfile.size());
174 }
175
176 // Ensure the timestamp is monotonically increasing even in presence of low
177 // granularity system timer. This ensures each entry has unique timestamp.
178 uint64_t timestamp = std::max(descriptor.action_timestamp_ + 1, NanoTime());
179
180 JITCodeEntry* head = descriptor.head_.load(std::memory_order_relaxed);
181 JITCodeEntry* entry = new JITCodeEntry;
182 CHECK(entry != nullptr);
183 entry->symfile_addr_ = symfile.data();
184 entry->symfile_size_ = symfile.size();
185 entry->prev_ = nullptr;
186 entry->next_.store(head, std::memory_order_relaxed);
187 entry->register_timestamp_ = timestamp;
188
189 // We are going to modify the linked list, so take the seqlock.
190 ActionSeqlock(descriptor);
191 if (head != nullptr) {
192 head->prev_ = entry;
193 }
194 descriptor.head_.store(entry, std::memory_order_relaxed);
195 descriptor.relevant_entry_ = entry;
196 descriptor.action_flag_ = JIT_REGISTER_FN;
197 descriptor.action_timestamp_ = timestamp;
198 ActionSequnlock(descriptor);
199
200 (*register_code_ptr)();
201 return entry;
202 }
203
DeleteJITCodeEntryInternal(JITDescriptor & descriptor,void (* register_code_ptr)(),JITCodeEntry * entry,bool free_symfile)204 static void DeleteJITCodeEntryInternal(
205 JITDescriptor& descriptor,
206 void (*register_code_ptr)(),
207 JITCodeEntry* entry,
208 bool free_symfile) {
209 CHECK(entry != nullptr);
210 const uint8_t* symfile = entry->symfile_addr_;
211
212 // Ensure the timestamp is monotonically increasing even in presence of low
213 // granularity system timer. This ensures each entry has unique timestamp.
214 uint64_t timestamp = std::max(descriptor.action_timestamp_ + 1, NanoTime());
215
216 // We are going to modify the linked list, so take the seqlock.
217 ActionSeqlock(descriptor);
218 JITCodeEntry* next = entry->next_.load(std::memory_order_relaxed);
219 if (entry->prev_ != nullptr) {
220 entry->prev_->next_.store(next, std::memory_order_relaxed);
221 } else {
222 descriptor.head_.store(next, std::memory_order_relaxed);
223 }
224 if (next != nullptr) {
225 next->prev_ = entry->prev_;
226 }
227 descriptor.relevant_entry_ = entry;
228 descriptor.action_flag_ = JIT_UNREGISTER_FN;
229 descriptor.action_timestamp_ = timestamp;
230 ActionSequnlock(descriptor);
231
232 (*register_code_ptr)();
233
234 // Ensure that clear below can not be reordered above the unlock above.
235 std::atomic_thread_fence(std::memory_order_release);
236
237 // Aggressively clear the entry as an extra check of the synchronisation.
238 memset(entry, 0, sizeof(*entry));
239
240 delete entry;
241 if (free_symfile) {
242 delete[] symfile;
243 }
244 }
245
246 static std::map<const DexFile*, JITCodeEntry*> g_dex_debug_entries GUARDED_BY(g_dex_debug_lock);
247
AddNativeDebugInfoForDex(Thread * self,const DexFile * dexfile)248 void AddNativeDebugInfoForDex(Thread* self, const DexFile* dexfile) {
249 MutexLock mu(self, g_dex_debug_lock);
250 DCHECK(dexfile != nullptr);
251 // This is just defensive check. The class linker should not register the dex file twice.
252 if (g_dex_debug_entries.count(dexfile) == 0) {
253 const ArrayRef<const uint8_t> symfile(dexfile->Begin(), dexfile->Size());
254 JITCodeEntry* entry = CreateJITCodeEntryInternal(__dex_debug_descriptor,
255 __dex_debug_register_code_ptr,
256 symfile,
257 /*copy_symfile=*/ false);
258 g_dex_debug_entries.emplace(dexfile, entry);
259 }
260 }
261
RemoveNativeDebugInfoForDex(Thread * self,const DexFile * dexfile)262 void RemoveNativeDebugInfoForDex(Thread* self, const DexFile* dexfile) {
263 MutexLock mu(self, g_dex_debug_lock);
264 auto it = g_dex_debug_entries.find(dexfile);
265 // We register dex files in the class linker and free them in DexFile_closeDexFile, but
266 // there might be cases where we load the dex file without using it in the class linker.
267 if (it != g_dex_debug_entries.end()) {
268 DeleteJITCodeEntryInternal(__dex_debug_descriptor,
269 __dex_debug_register_code_ptr,
270 /*entry=*/ it->second,
271 /*free_symfile=*/ false);
272 g_dex_debug_entries.erase(it);
273 }
274 }
275
276 // Mapping from handle to entry. Used to manage life-time of the entries.
277 static std::multimap<const void*, JITCodeEntry*> g_jit_debug_entries GUARDED_BY(g_jit_debug_lock);
278
279 // Number of entries added since last packing. Used to pack entries in bulk.
280 static size_t g_jit_num_unpacked_entries GUARDED_BY(g_jit_debug_lock) = 0;
281
282 // We postpone removal so that it is done in bulk.
283 static std::deque<const void*> g_jit_removed_entries GUARDED_BY(g_jit_debug_lock);
284
285 // Split the JIT code cache into groups of fixed size and create singe JITCodeEntry for each group.
286 // The start address of method's code determines which group it belongs to. The end is irrelevant.
287 // As a consequnce, newly added mini debug infos will be merged and old ones (GCed) will be pruned.
MaybePackJitMiniDebugInfo(PackElfFileForJITFunction pack,InstructionSet isa,const InstructionSetFeatures * features)288 static void MaybePackJitMiniDebugInfo(PackElfFileForJITFunction pack,
289 InstructionSet isa,
290 const InstructionSetFeatures* features)
291 REQUIRES(g_jit_debug_lock) {
292 // Size of memory range covered by each JITCodeEntry.
293 // The number of methods per entry is variable (depending on how many fit in that range).
294 constexpr uint32_t kGroupSize = 64 * KB;
295 // Even if there are no removed entries, we want to pack new entries on regular basis.
296 constexpr uint32_t kPackFrequency = 64;
297
298 std::deque<const void*>& removed_entries = g_jit_removed_entries;
299 std::sort(removed_entries.begin(), removed_entries.end());
300 if (removed_entries.empty() && g_jit_num_unpacked_entries < kPackFrequency) {
301 return; // Nothing to do.
302 }
303
304 std::vector<ArrayRef<const uint8_t>> added_elf_files;
305 std::vector<const void*> removed_symbols;
306 auto added_it = g_jit_debug_entries.begin();
307 auto removed_it = removed_entries.begin();
308 while (added_it != g_jit_debug_entries.end()) {
309 // Collect all entries that have been added or removed within our memory range.
310 const void* group_ptr = AlignDown(added_it->first, kGroupSize);
311 added_elf_files.clear();
312 auto added_begin = added_it;
313 while (added_it != g_jit_debug_entries.end() &&
314 AlignDown(added_it->first, kGroupSize) == group_ptr) {
315 JITCodeEntry* entry = (added_it++)->second;
316 added_elf_files.emplace_back(entry->symfile_addr_, entry->symfile_size_);
317 }
318 removed_symbols.clear();
319 while (removed_it != removed_entries.end() &&
320 AlignDown(*removed_it, kGroupSize) == group_ptr) {
321 removed_symbols.push_back(*(removed_it++));
322 }
323
324 // Create new singe JITCodeEntry that covers this memory range.
325 if (added_elf_files.size() == 1 && removed_symbols.size() == 0) {
326 continue; // Nothing changed in this memory range.
327 }
328 uint64_t start_time = MilliTime();
329 size_t symbols;
330 std::vector<uint8_t> packed = pack(isa, features, added_elf_files, removed_symbols, &symbols);
331 VLOG(jit)
332 << "JIT mini-debug-info packed"
333 << " for " << group_ptr
334 << " in " << MilliTime() - start_time << "ms"
335 << " files=" << added_elf_files.size()
336 << " removed=" << removed_symbols.size()
337 << " symbols=" << symbols
338 << " size=" << PrettySize(packed.size());
339
340 // Replace the old entries with the new one (with their lifetime temporally overlapping).
341 JITCodeEntry* packed_entry = CreateJITCodeEntryInternal(
342 __jit_debug_descriptor,
343 __jit_debug_register_code_ptr,
344 ArrayRef<const uint8_t>(packed),
345 /*copy_symfile=*/ true);
346 for (auto it = added_begin; it != added_it; ++it) {
347 DeleteJITCodeEntryInternal(__jit_debug_descriptor,
348 __jit_debug_register_code_ptr,
349 /*entry=*/ it->second,
350 /*free_symfile=*/ true);
351 }
352 g_jit_debug_entries.erase(added_begin, added_it);
353 g_jit_debug_entries.emplace(group_ptr, packed_entry);
354 }
355 CHECK(added_it == g_jit_debug_entries.end());
356 CHECK(removed_it == removed_entries.end());
357 removed_entries.clear();
358 g_jit_num_unpacked_entries = 0;
359 }
360
AddNativeDebugInfoForJit(Thread * self,const void * code_ptr,const std::vector<uint8_t> & symfile,PackElfFileForJITFunction pack,InstructionSet isa,const InstructionSetFeatures * features)361 void AddNativeDebugInfoForJit(Thread* self,
362 const void* code_ptr,
363 const std::vector<uint8_t>& symfile,
364 PackElfFileForJITFunction pack,
365 InstructionSet isa,
366 const InstructionSetFeatures* features) {
367 MutexLock mu(self, g_jit_debug_lock);
368 DCHECK_NE(symfile.size(), 0u);
369
370 MaybePackJitMiniDebugInfo(pack, isa, features);
371
372 JITCodeEntry* entry = CreateJITCodeEntryInternal(
373 __jit_debug_descriptor,
374 __jit_debug_register_code_ptr,
375 ArrayRef<const uint8_t>(symfile),
376 /*copy_symfile=*/ true);
377
378 VLOG(jit)
379 << "JIT mini-debug-info added"
380 << " for " << code_ptr
381 << " size=" << PrettySize(symfile.size());
382
383 // We don't provide code_ptr for type debug info, which means we cannot free it later.
384 // (this only happens when --generate-debug-info flag is enabled for the purpose
385 // of being debugged with gdb; it does not happen for debuggable apps by default).
386 if (code_ptr != nullptr) {
387 g_jit_debug_entries.emplace(code_ptr, entry);
388 // Count how many entries we have added since the last mini-debug-info packing.
389 // We avoid g_jit_debug_entries.size() here because it can shrink during packing.
390 g_jit_num_unpacked_entries++;
391 }
392 }
393
RemoveNativeDebugInfoForJit(Thread * self,const void * code_ptr)394 void RemoveNativeDebugInfoForJit(Thread* self, const void* code_ptr) {
395 MutexLock mu(self, g_jit_debug_lock);
396 // We generate JIT native debug info only if the right runtime flags are enabled,
397 // but we try to remove it unconditionally whenever code is freed from JIT cache.
398 if (!g_jit_debug_entries.empty()) {
399 g_jit_removed_entries.push_back(code_ptr);
400 }
401 }
402
GetJitMiniDebugInfoMemUsage()403 size_t GetJitMiniDebugInfoMemUsage() {
404 MutexLock mu(Thread::Current(), g_jit_debug_lock);
405 size_t size = 0;
406 for (auto entry : g_jit_debug_entries) {
407 size += sizeof(JITCodeEntry) + entry.second->symfile_size_ + /*map entry*/ 4 * sizeof(void*);
408 }
409 return size;
410 }
411
412 } // namespace art
413