1 /*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <android-base/parseint.h>
18 #include <signal.h>
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <sys/stat.h>
22 #include <sys/types.h>
23
24 #include <functional>
25 #include <map>
26 #include <optional>
27 #include <ostream>
28 #include <set>
29 #include <string>
30 #include <unordered_set>
31 #include <vector>
32
33 #include "android-base/stringprintf.h"
34 #include "art_field-inl.h"
35 #include "art_method-inl.h"
36 #include "base/array_ref.h"
37 #include "base/os.h"
38 #include "base/unix_file/fd_file.h"
39 #include "class_linker.h"
40 #include "cmdline.h"
41 #include "gc/heap.h"
42 #include "gc/space/image_space.h"
43 #include "mirror/class-inl.h"
44 #include "mirror/object-inl.h"
45 #include "mirror/object-refvisitor-inl.h"
46 #include "oat/image-inl.h"
47 #include "oat/oat.h"
48 #include "oat/oat_file.h"
49 #include "oat/oat_file_manager.h"
50 #include "page_util.h"
51 #include "procinfo/process_map.h"
52 #include "scoped_thread_state_change-inl.h"
53
54 namespace art {
55
56 using android::base::StringPrintf;
57
58 namespace {
59
60 constexpr size_t kMaxAddressPrint = 5;
61
62 enum class ProcessType {
63 kZygote,
64 kRemote
65 };
66
67 enum class RemoteProcesses {
68 kImageOnly,
69 kZygoteOnly,
70 kImageAndZygote
71 };
72
operator <<(std::ostream & os,RemoteProcesses remotes)73 std::ostream& operator<<(std::ostream& os, RemoteProcesses remotes) {
74 switch (remotes) {
75 case RemoteProcesses::kImageOnly: os << "ImageOnly"; break;
76 case RemoteProcesses::kZygoteOnly: os << "ZygoteOnly"; break;
77 case RemoteProcesses::kImageAndZygote: os << "ImageAndZygote"; break;
78 }
79 return os;
80 }
81
82 struct MappingData {
83 // The count of pages that are considered dirty by the OS.
84 size_t dirty_pages = 0;
85 // The count of pages that differ by at least one byte.
86 size_t different_pages = 0;
87 // The count of differing bytes.
88 size_t different_bytes = 0;
89 // The count of differing four-byte units.
90 size_t different_int32s = 0;
91 // The count of pages that have mapping count == 1.
92 size_t private_pages = 0;
93 // The count of private pages that are also dirty.
94 size_t private_dirty_pages = 0;
95 // The count of pages that are marked dirty but do not differ.
96 size_t false_dirty_pages = 0;
97 // Set of the local virtual page indices that are dirty.
98 std::set<size_t> dirty_page_set;
99 // Private dirty page counts for each section of the image
100 std::array<size_t, ImageHeader::kSectionCount> private_dirty_pages_for_section = {};
101 };
102
GetClassDescriptor(mirror::Class * klass)103 static std::string GetClassDescriptor(mirror::Class* klass)
104 REQUIRES_SHARED(Locks::mutator_lock_) {
105 CHECK(klass != nullptr);
106
107 std::string descriptor;
108 const char* descriptor_str = klass->GetDescriptor(&descriptor /*out*/);
109
110 return std::string(descriptor_str);
111 }
112
PrettyFieldValue(ArtField * field,mirror::Object * object)113 static std::string PrettyFieldValue(ArtField* field, mirror::Object* object)
114 REQUIRES_SHARED(Locks::mutator_lock_) {
115 std::ostringstream oss;
116 switch (field->GetTypeAsPrimitiveType()) {
117 case Primitive::kPrimNot: {
118 oss << object->GetFieldObject<mirror::Object, kVerifyNone, kWithoutReadBarrier>(
119 field->GetOffset());
120 break;
121 }
122 case Primitive::kPrimBoolean: {
123 oss << static_cast<bool>(object->GetFieldBoolean<kVerifyNone>(field->GetOffset()));
124 break;
125 }
126 case Primitive::kPrimByte: {
127 oss << static_cast<int32_t>(object->GetFieldByte<kVerifyNone>(field->GetOffset()));
128 break;
129 }
130 case Primitive::kPrimChar: {
131 oss << object->GetFieldChar<kVerifyNone>(field->GetOffset());
132 break;
133 }
134 case Primitive::kPrimShort: {
135 oss << object->GetFieldShort<kVerifyNone>(field->GetOffset());
136 break;
137 }
138 case Primitive::kPrimInt: {
139 oss << object->GetField32<kVerifyNone>(field->GetOffset());
140 break;
141 }
142 case Primitive::kPrimLong: {
143 oss << object->GetField64<kVerifyNone>(field->GetOffset());
144 break;
145 }
146 case Primitive::kPrimFloat: {
147 oss << object->GetField32<kVerifyNone>(field->GetOffset());
148 break;
149 }
150 case Primitive::kPrimDouble: {
151 oss << object->GetField64<kVerifyNone>(field->GetOffset());
152 break;
153 }
154 case Primitive::kPrimVoid: {
155 oss << "void";
156 break;
157 }
158 }
159 return oss.str();
160 }
161
162 template <typename K, typename V, typename D>
SortByValueDesc(const std::map<K,D> map,std::function<V (const D &)> value_mapper=[](const D & d){})163 static std::vector<std::pair<V, K>> SortByValueDesc(
164 const std::map<K, D> map,
165 std::function<V(const D&)> value_mapper = [](const D& d) { return static_cast<V>(d); }) {
166 // Store value->key so that we can use the default sort from pair which
167 // sorts by value first and then key
168 std::vector<std::pair<V, K>> value_key_vector;
169 value_key_vector.reserve(map.size());
170 for (const auto& kv_pair : map) {
171 value_key_vector.push_back(std::make_pair(value_mapper(kv_pair.second), kv_pair.first));
172 }
173
174 // Sort in reverse (descending order)
175 std::sort(value_key_vector.rbegin(), value_key_vector.rend());
176 return value_key_vector;
177 }
178
179 // Fixup a remote pointer that we read from a foreign boot.art to point to our own memory.
180 // Returned pointer will point to inside of remote_contents.
181 template <typename T>
FixUpRemotePointer(ObjPtr<T> remote_ptr,ArrayRef<uint8_t> remote_contents,const android::procinfo::MapInfo & boot_map)182 static ObjPtr<T> FixUpRemotePointer(ObjPtr<T> remote_ptr,
183 ArrayRef<uint8_t> remote_contents,
184 const android::procinfo::MapInfo& boot_map)
185 REQUIRES_SHARED(Locks::mutator_lock_) {
186 if (remote_ptr == nullptr) {
187 return nullptr;
188 }
189
190 uintptr_t remote = reinterpret_cast<uintptr_t>(remote_ptr.Ptr());
191
192 // In the case the remote pointer is out of range, it probably belongs to another image.
193 // Just return null for this case.
194 if (remote < boot_map.start || remote >= boot_map.end) {
195 return nullptr;
196 }
197
198 off_t boot_offset = remote - boot_map.start;
199
200 return reinterpret_cast<T*>(&remote_contents[boot_offset]);
201 }
202
203 template <typename T>
RemoteContentsPointerToLocal(ObjPtr<T> remote_ptr,ArrayRef<uint8_t> remote_contents,const ImageHeader & image_header)204 static ObjPtr<T> RemoteContentsPointerToLocal(ObjPtr<T> remote_ptr,
205 ArrayRef<uint8_t> remote_contents,
206 const ImageHeader& image_header)
207 REQUIRES_SHARED(Locks::mutator_lock_) {
208 if (remote_ptr == nullptr) {
209 return nullptr;
210 }
211
212 uint8_t* remote = reinterpret_cast<uint8_t*>(remote_ptr.Ptr());
213 ptrdiff_t boot_offset = remote - &remote_contents[0];
214
215 const uint8_t* local_ptr = reinterpret_cast<const uint8_t*>(&image_header) + boot_offset;
216
217 return reinterpret_cast<T*>(const_cast<uint8_t*>(local_ptr));
218 }
219
EntrySize(mirror::Object * object)220 size_t EntrySize(mirror::Object* object) REQUIRES_SHARED(Locks::mutator_lock_) {
221 return object->SizeOf();
222 }
EntrySize(ArtMethod * art_method)223 size_t EntrySize(ArtMethod* art_method) REQUIRES_SHARED(Locks::mutator_lock_) {
224 return sizeof(*art_method);
225 }
226
227 // Print all pages the entry belongs to
PrintEntryPages(uintptr_t entry_address,size_t entry_size,std::ostream & os)228 void PrintEntryPages(uintptr_t entry_address, size_t entry_size, std::ostream& os) {
229 const char* tabs = " ";
230 const uintptr_t first_page_idx = entry_address / MemMap::GetPageSize();
231 const uintptr_t last_page_idx = RoundUp(entry_address + entry_size,
232 kObjectAlignment) / MemMap::GetPageSize();
233 for (uintptr_t page_idx = first_page_idx; page_idx <= last_page_idx; ++page_idx) {
234 os << tabs << "page_idx=" << page_idx << "\n";
235 }
236 }
237
238 // entry1 and entry2 might be relocated, this means we must use the runtime image's entry
239 // (image_entry) to avoid crashes.
240 template <typename T>
EntriesDiffer(T * image_entry,T * entry1,T * entry2)241 static bool EntriesDiffer(T* image_entry,
242 T* entry1,
243 T* entry2) REQUIRES_SHARED(Locks::mutator_lock_) {
244 // Use the image entry since entry1 and entry2 might both be remote and relocated.
245 return memcmp(entry1, entry2, EntrySize(image_entry)) != 0;
246 }
247
248 template <typename T>
249 struct RegionCommon {
250 public:
RegionCommonart::__anon79c55f3c0111::RegionCommon251 RegionCommon(std::ostream* os,
252 ArrayRef<uint8_t> remote_contents,
253 ArrayRef<uint8_t> zygote_contents,
254 const android::procinfo::MapInfo& boot_map,
255 const ImageHeader& image_header) :
256 os_(*os),
257 remote_contents_(remote_contents),
258 zygote_contents_(zygote_contents),
259 boot_map_(boot_map),
260 image_header_(image_header),
261 different_entries_(0),
262 dirty_entry_bytes_(0),
263 false_dirty_entry_bytes_(0) {
264 CHECK(!remote_contents.empty());
265 }
266
DumpSamplesAndOffsetCountart::__anon79c55f3c0111::RegionCommon267 void DumpSamplesAndOffsetCount() {
268 os_ << " sample object addresses: ";
269 for (size_t i = 0; i < dirty_entries_.size() && i < kMaxAddressPrint; ++i) {
270 T* entry = dirty_entries_[i];
271 os_ << reinterpret_cast<void*>(entry) << ", ";
272 }
273 os_ << "\n";
274 os_ << " dirty byte +offset:count list = ";
275 std::vector<std::pair<size_t, off_t>> field_dirty_count_sorted =
276 SortByValueDesc<off_t, size_t, size_t>(field_dirty_count_);
277 for (const std::pair<size_t, off_t>& pair : field_dirty_count_sorted) {
278 off_t offset = pair.second;
279 size_t count = pair.first;
280 os_ << "+" << offset << ":" << count << ", ";
281 }
282 os_ << "\n";
283 }
284
GetDifferentEntryCountart::__anon79c55f3c0111::RegionCommon285 size_t GetDifferentEntryCount() const { return different_entries_; }
GetDirtyEntryBytesart::__anon79c55f3c0111::RegionCommon286 size_t GetDirtyEntryBytes() const { return dirty_entry_bytes_; }
GetFalseDirtyEntryCountart::__anon79c55f3c0111::RegionCommon287 size_t GetFalseDirtyEntryCount() const { return false_dirty_entries_.size(); }
GetFalseDirtyEntryBytesart::__anon79c55f3c0111::RegionCommon288 size_t GetFalseDirtyEntryBytes() const { return false_dirty_entry_bytes_; }
289
290 protected:
IsEntryOnDirtyPageart::__anon79c55f3c0111::RegionCommon291 bool IsEntryOnDirtyPage(T* entry, const std::set<size_t>& dirty_pages) const
292 REQUIRES_SHARED(Locks::mutator_lock_) {
293 size_t size = EntrySize(entry);
294 size_t page_off = 0;
295 size_t current_page_idx;
296 uintptr_t entry_address = reinterpret_cast<uintptr_t>(entry);
297 // Iterate every page this entry belongs to
298 do {
299 current_page_idx = entry_address / MemMap::GetPageSize() + page_off;
300 if (dirty_pages.find(current_page_idx) != dirty_pages.end()) {
301 // This entry is on a dirty page
302 return true;
303 }
304 page_off++;
305 } while ((current_page_idx * MemMap::GetPageSize()) < RoundUp(entry_address + size,
306 kObjectAlignment));
307 return false;
308 }
309
AddImageDirtyEntryart::__anon79c55f3c0111::RegionCommon310 void AddImageDirtyEntry(T* entry) REQUIRES_SHARED(Locks::mutator_lock_) {
311 image_dirty_entries_.insert(entry);
312 }
313
AddFalseDirtyEntryart::__anon79c55f3c0111::RegionCommon314 void AddFalseDirtyEntry(T* entry) REQUIRES_SHARED(Locks::mutator_lock_) {
315 false_dirty_entries_.push_back(entry);
316 false_dirty_entry_bytes_ += EntrySize(entry);
317 }
318
319 // The output stream to write to.
320 std::ostream& os_;
321 // The byte contents of the remote (image) process' image.
322 ArrayRef<uint8_t> remote_contents_;
323 // The byte contents of the zygote process' image.
324 ArrayRef<uint8_t> zygote_contents_;
325 const android::procinfo::MapInfo& boot_map_;
326 const ImageHeader& image_header_;
327
328 // Count of entries that are different.
329 size_t different_entries_;
330
331 // Local entries that are dirty (differ in at least one byte).
332 size_t dirty_entry_bytes_;
333 std::vector<T*> dirty_entries_;
334
335 // Local entries that are clean, but located on dirty pages.
336 size_t false_dirty_entry_bytes_;
337 std::vector<T*> false_dirty_entries_;
338
339 // Image dirty entries
340 // If zygote_pid_only_ == true, these are shared dirty entries in the zygote.
341 // If zygote_pid_only_ == false, these are private dirty entries in the application.
342 std::set<T*> image_dirty_entries_;
343
344 std::map<off_t /* field offset */, size_t /* count */> field_dirty_count_;
345
346 private:
347 DISALLOW_COPY_AND_ASSIGN(RegionCommon);
348 };
349
350 template <typename T>
351 class RegionSpecializedBase : public RegionCommon<T> {
352 };
353
354 // Calls VisitFunc for each non-null (reference)Object/ArtField pair.
355 // Doesn't work with ObjectArray instances, because array elements don't have ArtField.
356 class ReferenceFieldVisitor {
357 public:
358 using VisitFunc = std::function<void(mirror::Object&, ArtField&)>;
359
ReferenceFieldVisitor(VisitFunc visit_func)360 explicit ReferenceFieldVisitor(VisitFunc visit_func) : visit_func_(std::move(visit_func)) {}
361
operator ()(ObjPtr<mirror::Object> obj,MemberOffset offset,bool is_static) const362 void operator()(ObjPtr<mirror::Object> obj, MemberOffset offset, bool is_static) const
363 REQUIRES_SHARED(Locks::mutator_lock_) {
364 CHECK(!obj->IsObjectArray());
365 mirror::Object* field_obj = obj->GetFieldObject<mirror::Object>(offset);
366 // Skip fields that contain null.
367 if (field_obj == nullptr) {
368 return;
369 }
370 // Skip self references.
371 if (field_obj == obj.Ptr()) {
372 return;
373 }
374
375 ArtField* field = nullptr;
376 // Don't use Object::FindFieldByOffset, because it can't find instance fields in classes.
377 // field = obj->FindFieldByOffset(offset);
378 if (is_static) {
379 CHECK(obj->IsClass());
380 field = ArtField::FindStaticFieldWithOffset(obj->AsClass(), offset.Uint32Value());
381 } else {
382 field = ArtField::FindInstanceFieldWithOffset(obj->GetClass(), offset.Uint32Value());
383 }
384 CHECK(field != nullptr);
385 visit_func_(*field_obj, *field);
386 }
387
operator ()(ObjPtr<mirror::Class> klass,ObjPtr<mirror::Reference> ref) const388 void operator()([[maybe_unused]] ObjPtr<mirror::Class> klass, ObjPtr<mirror::Reference> ref) const
389 REQUIRES_SHARED(Locks::mutator_lock_) {
390 operator()(ref, mirror::Reference::ReferentOffset(), /* is_static */ false);
391 }
392
VisitRootIfNonNull(mirror::CompressedReference<mirror::Object> * root) const393 [[noreturn]] void VisitRootIfNonNull(
394 [[maybe_unused]] mirror::CompressedReference<mirror::Object>* root) const
395 REQUIRES_SHARED(Locks::mutator_lock_) {
396 LOG(FATAL) << "Unreachable";
397 UNREACHABLE();
398 }
399
VisitRoot(mirror::CompressedReference<mirror::Object> * root) const400 [[noreturn]] void VisitRoot([[maybe_unused]] mirror::CompressedReference<mirror::Object>* root)
401 const REQUIRES_SHARED(Locks::mutator_lock_) {
402 LOG(FATAL) << "Unreachable";
403 UNREACHABLE();
404 }
405
406 private:
407 VisitFunc visit_func_;
408 };
409
410 // Region analysis for mirror::Objects
411 class ImgObjectVisitor : public ObjectVisitor {
412 public:
413 using ComputeDirtyFunc = std::function<void(mirror::Object* object)>;
ImgObjectVisitor(ComputeDirtyFunc dirty_func)414 explicit ImgObjectVisitor(ComputeDirtyFunc dirty_func) : dirty_func_(std::move(dirty_func)) {}
415
~ImgObjectVisitor()416 ~ImgObjectVisitor() override { }
417
Visit(mirror::Object * object)418 void Visit(mirror::Object* object) override REQUIRES_SHARED(Locks::mutator_lock_) {
419 // Check that we are reading a real mirror::Object
420 CHECK(object->GetClass() != nullptr) << "Image object at address "
421 << object
422 << " has null class";
423 if (kUseBakerReadBarrier) {
424 object->AssertReadBarrierState();
425 }
426 dirty_func_(object);
427 }
428
429 private:
430 const ComputeDirtyFunc dirty_func_;
431 };
432
433 struct ParentInfo {
434 mirror::Object* parent = nullptr;
435 // Field name and type of the parent object in the format: <field_name>:<field_type_descriptor>
436 // Note: <field_name> can be an integer if parent is an Array object.
437 std::string path;
438 };
439
440 using ParentMap = std::unordered_map<mirror::Object*, ParentInfo>;
441
442 // Returns the "path" from root class to an object in the format:
443 // <dex_location> <class_descriptor>(.<field_name>:<field_type_descriptor>)*
444 // <dex_location> is either a full path to the dex file where the class is
445 // defined or "primitive" if the class is a primitive array.
GetPathFromClass(mirror::Object * obj,const ParentMap & parent_map)446 std::string GetPathFromClass(mirror::Object* obj, const ParentMap& parent_map)
447 REQUIRES_SHARED(Locks::mutator_lock_) {
448 auto parent_info_it = parent_map.find(obj);
449 std::string path;
450 while (parent_info_it != parent_map.end() && parent_info_it->second.parent != nullptr) {
451 const ParentInfo& parent_info = parent_info_it->second;
452 path = ART_FORMAT(".{}{}", parent_info.path, path);
453 parent_info_it = parent_map.find(parent_info.parent);
454 }
455
456 if (parent_info_it == parent_map.end()) {
457 return "<no path from class>";
458 }
459
460 mirror::Object* class_obj = parent_info_it->first;
461 CHECK(class_obj->IsClass());
462
463 std::string temp;
464 ObjPtr<mirror::Class> klass = class_obj->AsClass();
465 path = klass->GetDescriptor(&temp) + path;
466
467 // Prepend dex location to the path.
468 // Use array value type if class is an array.
469 while (klass->IsArrayClass()) {
470 klass = klass->GetComponentType();
471 }
472 std::string dex_location = klass->IsPrimitive() ? "primitive" : klass->GetDexFile().GetLocation();
473 path = ART_FORMAT("{} {}", dex_location, path);
474
475 return path;
476 }
477
478 // Calculate a map of: object -> parent and parent field that refers to the object.
479 // Class objects are considered roots, they have entries in the parent_map, but their parent==null.
CalculateParentMap(const std::vector<const ImageHeader * > & image_headers)480 ParentMap CalculateParentMap(const std::vector<const ImageHeader*>& image_headers)
481 REQUIRES_SHARED(Locks::mutator_lock_) {
482 ParentMap parent_map;
483 std::vector<mirror::Object*> next;
484
485 // Collect all Class objects.
486 ImgObjectVisitor collect_classes_visitor(
487 [&](mirror::Object* entry) REQUIRES_SHARED(Locks::mutator_lock_) {
488 if (entry->IsClass() && parent_map.count(entry) == 0) {
489 parent_map[entry] = ParentInfo{};
490 next.push_back(entry);
491 }
492 });
493 for (const ImageHeader* image_header : image_headers) {
494 uint8_t* image_begin = image_header->GetImageBegin();
495 PointerSize pointer_size = image_header->GetPointerSize();
496 image_header->VisitObjects(&collect_classes_visitor, image_begin, pointer_size);
497 }
498
499 auto process_object_fields = [&parent_map, &next](mirror::Object* parent_obj)
500 REQUIRES_SHARED(Locks::mutator_lock_) {
501 CHECK(!parent_obj->IsObjectArray());
502 ReferenceFieldVisitor::VisitFunc visit_func =
503 [&](mirror::Object& ref_obj, ArtField& ref_field) REQUIRES_SHARED(Locks::mutator_lock_) {
504 if (parent_map.count(&ref_obj) == 0) {
505 std::string path =
506 ART_FORMAT("{}:{}", ref_field.GetName(), ref_field.GetTypeDescriptor());
507 parent_map[&ref_obj] = ParentInfo{parent_obj, path};
508 next.push_back(&ref_obj);
509 }
510 };
511 ReferenceFieldVisitor visitor(visit_func);
512 parent_obj->VisitReferences</*kVisitNativeRoots=*/false, kVerifyNone, kWithoutReadBarrier>(
513 visitor, visitor);
514 };
515 auto process_array_elements = [&parent_map, &next](mirror::Object* parent_obj)
516 REQUIRES_SHARED(Locks::mutator_lock_) {
517 CHECK(parent_obj->IsObjectArray());
518 ObjPtr<mirror::ObjectArray<mirror::Object>> array = parent_obj->AsObjectArray<mirror::Object>();
519
520 const int32_t length = array->GetLength();
521 for (int32_t i = 0; i < length; ++i) {
522 ObjPtr<mirror::Object> elem = array->Get(i);
523 if (elem != nullptr && parent_map.count(elem.Ptr()) == 0) {
524 std::string temp;
525 std::string path = ART_FORMAT("{}:{}", i, elem->GetClass()->GetDescriptor(&temp));
526 parent_map[elem.Ptr()] = ParentInfo{parent_obj, path};
527 next.push_back(elem.Ptr());
528 }
529 }
530 };
531
532 // Use DFS to traverse all objects that are reachable from classes.
533 while (!next.empty()) {
534 mirror::Object* parent_obj = next.back();
535 next.pop_back();
536
537 // Array elements don't have ArtField, handle them separately.
538 if (parent_obj->IsObjectArray()) {
539 process_array_elements(parent_obj);
540 } else {
541 process_object_fields(parent_obj);
542 }
543 }
544
545 return parent_map;
546 }
547
548 // Count non-string objects that are not reachable from classes.
549 // Strings are skipped because they are considered clean in dex2oat and not used for dirty
550 // object layout optimization.
CountUnreachableObjects(const std::unordered_map<mirror::Object *,ParentInfo> & parent_map,const std::vector<const ImageHeader * > & image_headers)551 size_t CountUnreachableObjects(const std::unordered_map<mirror::Object*, ParentInfo>& parent_map,
552 const std::vector<const ImageHeader*>& image_headers)
553 REQUIRES_SHARED(Locks::mutator_lock_) {
554 size_t non_reachable = 0;
555 ImgObjectVisitor count_non_reachable_visitor(
556 [&](mirror::Object* entry) REQUIRES_SHARED(Locks::mutator_lock_) {
557 if (parent_map.count(entry) == 0 && !entry->IsString()) {
558 non_reachable += 1;
559 }
560 });
561 for (const ImageHeader* image_header : image_headers) {
562 uint8_t* image_begin = image_header->GetImageBegin();
563 PointerSize pointer_size = image_header->GetPointerSize();
564 image_header->VisitObjects(&count_non_reachable_visitor, image_begin, pointer_size);
565 }
566
567 return non_reachable;
568 }
569
570 template<>
571 class RegionSpecializedBase<mirror::Object> : public RegionCommon<mirror::Object> {
572 public:
RegionSpecializedBase(std::ostream * os,ArrayRef<uint8_t> remote_contents,ArrayRef<uint8_t> zygote_contents,const android::procinfo::MapInfo & boot_map,const ImageHeader & image_header,const ParentMap & parent_map,bool dump_dirty_objects)573 RegionSpecializedBase(std::ostream* os,
574 ArrayRef<uint8_t> remote_contents,
575 ArrayRef<uint8_t> zygote_contents,
576 const android::procinfo::MapInfo& boot_map,
577 const ImageHeader& image_header,
578 const ParentMap& parent_map,
579 bool dump_dirty_objects)
580 : RegionCommon<mirror::Object>(os, remote_contents, zygote_contents, boot_map, image_header),
581 os_(*os),
582 dump_dirty_objects_(dump_dirty_objects),
583 parent_map_(parent_map) {}
584
585 // Define a common public type name for use by RegionData.
586 using VisitorClass = ImgObjectVisitor;
587
VisitEntries(VisitorClass * visitor,uint8_t * base,PointerSize pointer_size)588 void VisitEntries(VisitorClass* visitor,
589 uint8_t* base,
590 PointerSize pointer_size)
591 REQUIRES_SHARED(Locks::mutator_lock_) {
592 image_header_.VisitObjects(visitor, base, pointer_size);
593 }
594
VisitEntry(mirror::Object * entry)595 void VisitEntry(mirror::Object* entry)
596 REQUIRES_SHARED(Locks::mutator_lock_) {
597 // Unconditionally store the class descriptor in case we need it later
598 mirror::Class* klass = entry->GetClass();
599 class_data_[klass].descriptor = GetClassDescriptor(klass);
600 }
601
AddCleanEntry(mirror::Object * entry)602 void AddCleanEntry(mirror::Object* entry)
603 REQUIRES_SHARED(Locks::mutator_lock_) {
604 class_data_[entry->GetClass()].AddCleanObject();
605 }
606
AddFalseDirtyEntry(mirror::Object * entry)607 void AddFalseDirtyEntry(mirror::Object* entry)
608 REQUIRES_SHARED(Locks::mutator_lock_) {
609 RegionCommon<mirror::Object>::AddFalseDirtyEntry(entry);
610 class_data_[entry->GetClass()].AddFalseDirtyObject(entry);
611 }
612
AddDirtyEntry(mirror::Object * entry,mirror::Object * entry_remote)613 void AddDirtyEntry(mirror::Object* entry, mirror::Object* entry_remote)
614 REQUIRES_SHARED(Locks::mutator_lock_) {
615 size_t entry_size = EntrySize(entry);
616 ++different_entries_;
617 dirty_entry_bytes_ += entry_size;
618 // Log dirty count and objects for class objects only.
619 mirror::Class* klass = entry->GetClass();
620 if (klass->IsClassClass()) {
621 // Increment counts for the fields that are dirty
622 const uint8_t* current = reinterpret_cast<const uint8_t*>(entry);
623 const uint8_t* current_remote = reinterpret_cast<const uint8_t*>(entry_remote);
624 for (size_t i = 0; i < entry_size; ++i) {
625 if (current[i] != current_remote[i]) {
626 field_dirty_count_[i]++;
627 }
628 }
629 dirty_entries_.push_back(entry);
630 }
631 class_data_[klass].AddDirtyObject(entry, entry_remote);
632 }
633
DiffEntryContents(mirror::Object * entry,uint8_t * remote_bytes,const uint8_t * base_ptr,bool log_dirty_objects)634 void DiffEntryContents(mirror::Object* entry,
635 uint8_t* remote_bytes,
636 const uint8_t* base_ptr,
637 bool log_dirty_objects) REQUIRES_SHARED(Locks::mutator_lock_) {
638 const char* tabs = " ";
639 // Attempt to find fields for all dirty bytes.
640 mirror::Class* klass = entry->GetClass();
641 std::string temp;
642 if (entry->IsClass()) {
643 os_ << tabs << "Class " << mirror::Class::PrettyClass(entry->AsClass()) << " " << entry
644 << "\n";
645 } else {
646 os_ << tabs << "Instance of " << mirror::Class::PrettyClass(klass) << " " << entry << "\n";
647 }
648 std::string path_from_root = GetPathFromClass(entry, parent_map_);
649 os_ << "dirty_obj: " << path_from_root << "\n";
650 PrintEntryPages(reinterpret_cast<uintptr_t>(entry), EntrySize(entry), os_);
651
652 std::unordered_set<ArtField*> dirty_instance_fields;
653 std::unordered_set<ArtField*> dirty_static_fields;
654 // Examine the bytes comprising the Object, computing which fields are dirty
655 // and recording them for later display. If the Object is an array object,
656 // compute the dirty entries.
657 mirror::Object* remote_entry = reinterpret_cast<mirror::Object*>(remote_bytes);
658 for (size_t i = 0, count = entry->SizeOf(); i < count; ++i) {
659 if (base_ptr[i] != remote_bytes[i]) {
660 ArtField* field = ArtField::FindInstanceFieldWithOffset</*exact*/false>(klass, i);
661 if (field != nullptr) {
662 dirty_instance_fields.insert(field);
663 } else if (entry->IsClass()) {
664 field = ArtField::FindStaticFieldWithOffset</*exact*/false>(entry->AsClass(), i);
665 if (field != nullptr) {
666 dirty_static_fields.insert(field);
667 }
668 }
669 if (field == nullptr) {
670 if (klass->IsArrayClass()) {
671 ObjPtr<mirror::Class> component_type = klass->GetComponentType();
672 Primitive::Type primitive_type = component_type->GetPrimitiveType();
673 size_t component_size = Primitive::ComponentSize(primitive_type);
674 size_t data_offset = mirror::Array::DataOffset(component_size).Uint32Value();
675 DCHECK_ALIGNED_PARAM(data_offset, component_size);
676 if (i >= data_offset) {
677 os_ << tabs << "Dirty array element " << (i - data_offset) / component_size << "\n";
678 // Skip the remaining bytes of this element to prevent spam.
679 DCHECK(IsPowerOfTwo(component_size));
680 i |= component_size - 1;
681 continue;
682 }
683 }
684 os_ << tabs << "No field for byte offset " << i << "\n";
685 }
686 }
687 }
688 // Dump different fields.
689 if (!dirty_instance_fields.empty()) {
690 os_ << tabs << "Dirty instance fields " << dirty_instance_fields.size() << "\n";
691 for (ArtField* field : dirty_instance_fields) {
692 os_ << tabs << ArtField::PrettyField(field)
693 << " original=" << PrettyFieldValue(field, entry)
694 << " remote=" << PrettyFieldValue(field, remote_entry) << "\n";
695 }
696 }
697 if (!dirty_static_fields.empty()) {
698 if (dump_dirty_objects_ && log_dirty_objects) {
699 dirty_objects_.insert(entry);
700 }
701 os_ << tabs << "Dirty static fields " << dirty_static_fields.size() << "\n";
702 for (ArtField* field : dirty_static_fields) {
703 os_ << tabs << ArtField::PrettyField(field)
704 << " original=" << PrettyFieldValue(field, entry)
705 << " remote=" << PrettyFieldValue(field, remote_entry) << "\n";
706 }
707 }
708 os_ << "\n";
709 }
710
DumpDirtyObjects()711 void DumpDirtyObjects() REQUIRES_SHARED(Locks::mutator_lock_) {
712 for (mirror::Object* obj : dirty_objects_) {
713 if (obj->IsClass()) {
714 std::string temp;
715 os_ << "Private dirty object: " << obj->AsClass()->GetDescriptor(&temp) << "\n";
716 }
717 }
718 }
719
DumpDirtyEntries()720 void DumpDirtyEntries() REQUIRES_SHARED(Locks::mutator_lock_) {
721 // vector of pairs (size_t count, Class*)
722 auto dirty_object_class_values =
723 SortByValueDesc<mirror::Class*, size_t, ClassData>(
724 class_data_,
725 [](const ClassData& d) { return d.dirty_object_count; });
726 os_ << "\n" << " Dirty object count by class:\n";
727 for (const auto& vk_pair : dirty_object_class_values) {
728 size_t dirty_object_count = vk_pair.first;
729 mirror::Class* klass = vk_pair.second;
730 ClassData& class_data = class_data_[klass];
731 size_t object_sizes = class_data.dirty_object_size_in_bytes;
732 float avg_dirty_bytes_per_class =
733 class_data.dirty_object_byte_count * 1.0f / object_sizes;
734 float avg_object_size = object_sizes * 1.0f / dirty_object_count;
735 const std::string& descriptor = class_data.descriptor;
736 os_ << " " << mirror::Class::PrettyClass(klass) << " ("
737 << "objects: " << dirty_object_count << ", "
738 << "avg dirty bytes: " << avg_dirty_bytes_per_class << ", "
739 << "avg object size: " << avg_object_size << ", "
740 << "class descriptor: '" << descriptor << "'"
741 << ")\n";
742 if (strcmp(descriptor.c_str(), "Ljava/lang/Class;") == 0) {
743 DumpSamplesAndOffsetCount();
744 os_ << " field contents:\n";
745 for (mirror::Object* object : class_data.dirty_objects) {
746 // remote class object
747 ObjPtr<mirror::Class> remote_klass =
748 ObjPtr<mirror::Class>::DownCast<mirror::Object>(object);
749 // local class object
750 ObjPtr<mirror::Class> local_klass =
751 RemoteContentsPointerToLocal(remote_klass,
752 RegionCommon<mirror::Object>::remote_contents_,
753 RegionCommon<mirror::Object>::image_header_);
754 os_ << " " << reinterpret_cast<const void*>(object) << " ";
755 os_ << " class_status (remote): " << remote_klass->GetStatus() << ", ";
756 os_ << " class_status (local): " << local_klass->GetStatus();
757 os_ << "\n";
758 }
759 }
760 }
761 }
762
DumpFalseDirtyEntries()763 void DumpFalseDirtyEntries() REQUIRES_SHARED(Locks::mutator_lock_) {
764 // vector of pairs (size_t count, Class*)
765 auto false_dirty_object_class_values =
766 SortByValueDesc<mirror::Class*, size_t, ClassData>(
767 class_data_,
768 [](const ClassData& d) { return d.false_dirty_object_count; });
769 os_ << "\n" << " False-dirty object count by class:\n";
770 for (const auto& vk_pair : false_dirty_object_class_values) {
771 size_t object_count = vk_pair.first;
772 mirror::Class* klass = vk_pair.second;
773 ClassData& class_data = class_data_[klass];
774 size_t object_sizes = class_data.false_dirty_byte_count;
775 float avg_object_size = object_sizes * 1.0f / object_count;
776 const std::string& descriptor = class_data.descriptor;
777 os_ << " " << mirror::Class::PrettyClass(klass) << " ("
778 << "objects: " << object_count << ", "
779 << "avg object size: " << avg_object_size << ", "
780 << "total bytes: " << object_sizes << ", "
781 << "class descriptor: '" << descriptor << "'"
782 << ")\n";
783 }
784 }
785
DumpCleanEntries()786 void DumpCleanEntries() REQUIRES_SHARED(Locks::mutator_lock_) {
787 // vector of pairs (size_t count, Class*)
788 auto clean_object_class_values =
789 SortByValueDesc<mirror::Class*, size_t, ClassData>(
790 class_data_,
791 [](const ClassData& d) { return d.clean_object_count; });
792 os_ << "\n" << " Clean object count by class:\n";
793 for (const auto& vk_pair : clean_object_class_values) {
794 os_ << " " << mirror::Class::PrettyClass(vk_pair.second) << " (" << vk_pair.first << ")\n";
795 }
796 }
797
798 private:
799 // Aggregate and detail class data from an image diff.
800 struct ClassData {
801 size_t dirty_object_count = 0;
802 // Track only the byte-per-byte dirtiness (in bytes)
803 size_t dirty_object_byte_count = 0;
804 // Track the object-by-object dirtiness (in bytes)
805 size_t dirty_object_size_in_bytes = 0;
806 size_t clean_object_count = 0;
807 std::string descriptor;
808 size_t false_dirty_byte_count = 0;
809 size_t false_dirty_object_count = 0;
810 std::vector<mirror::Object*> false_dirty_objects;
811 // Remote pointers to dirty objects
812 std::vector<mirror::Object*> dirty_objects;
813
AddCleanObjectart::__anon79c55f3c0111::RegionSpecializedBase::ClassData814 void AddCleanObject() REQUIRES_SHARED(Locks::mutator_lock_) {
815 ++clean_object_count;
816 }
817
AddDirtyObjectart::__anon79c55f3c0111::RegionSpecializedBase::ClassData818 void AddDirtyObject(mirror::Object* object, mirror::Object* object_remote)
819 REQUIRES_SHARED(Locks::mutator_lock_) {
820 ++dirty_object_count;
821 dirty_object_byte_count += CountDirtyBytes(object, object_remote);
822 dirty_object_size_in_bytes += EntrySize(object);
823 dirty_objects.push_back(object_remote);
824 }
825
AddFalseDirtyObjectart::__anon79c55f3c0111::RegionSpecializedBase::ClassData826 void AddFalseDirtyObject(mirror::Object* object) REQUIRES_SHARED(Locks::mutator_lock_) {
827 ++false_dirty_object_count;
828 false_dirty_objects.push_back(object);
829 false_dirty_byte_count += EntrySize(object);
830 }
831
832 private:
833 // Go byte-by-byte and figure out what exactly got dirtied
CountDirtyBytesart::__anon79c55f3c0111::RegionSpecializedBase::ClassData834 static size_t CountDirtyBytes(mirror::Object* object1, mirror::Object* object2)
835 REQUIRES_SHARED(Locks::mutator_lock_) {
836 const uint8_t* cur1 = reinterpret_cast<const uint8_t*>(object1);
837 const uint8_t* cur2 = reinterpret_cast<const uint8_t*>(object2);
838 size_t dirty_bytes = 0;
839 size_t object_size = EntrySize(object1);
840 for (size_t i = 0; i < object_size; ++i) {
841 if (cur1[i] != cur2[i]) {
842 dirty_bytes++;
843 }
844 }
845 return dirty_bytes;
846 }
847 };
848
849 std::ostream& os_;
850 bool dump_dirty_objects_;
851 std::unordered_set<mirror::Object*> dirty_objects_;
852 std::map<mirror::Class*, ClassData> class_data_;
853 const ParentMap& parent_map_;
854
855 DISALLOW_COPY_AND_ASSIGN(RegionSpecializedBase);
856 };
857
858 // Region analysis for ArtMethods.
859 class ImgArtMethodVisitor {
860 public:
861 using ComputeDirtyFunc = std::function<void(ArtMethod*)>;
ImgArtMethodVisitor(ComputeDirtyFunc dirty_func)862 explicit ImgArtMethodVisitor(ComputeDirtyFunc dirty_func) : dirty_func_(std::move(dirty_func)) {}
operator ()(ArtMethod & method) const863 void operator()(ArtMethod& method) const { dirty_func_(&method); }
864
865 private:
866 const ComputeDirtyFunc dirty_func_;
867 };
868
869 // Struct and functor for computing offsets of members of ArtMethods.
870 // template <typename RegionType>
871 struct MemberInfo {
872 template <typename T>
operator ()art::__anon79c55f3c0111::MemberInfo873 void operator() (const ArtMethod* method, const T* member_address, const std::string& name) {
874 // Check that member_address is a pointer inside *method.
875 DCHECK(reinterpret_cast<uintptr_t>(method) <= reinterpret_cast<uintptr_t>(member_address));
876 DCHECK(reinterpret_cast<uintptr_t>(member_address) + sizeof(T) <=
877 reinterpret_cast<uintptr_t>(method) + sizeof(ArtMethod));
878 size_t offset =
879 reinterpret_cast<uintptr_t>(member_address) - reinterpret_cast<uintptr_t>(method);
880 offset_to_name_size_.insert({offset, NameAndSize(sizeof(T), name)});
881 }
882
883 struct NameAndSize {
884 size_t size_;
885 std::string name_;
NameAndSizeart::__anon79c55f3c0111::MemberInfo::NameAndSize886 NameAndSize(size_t size, const std::string& name) : size_(size), name_(name) { }
NameAndSizeart::__anon79c55f3c0111::MemberInfo::NameAndSize887 NameAndSize() : size_(0), name_("INVALID") { }
888 };
889
890 std::map<size_t, NameAndSize> offset_to_name_size_;
891 };
892
893 template<>
894 class RegionSpecializedBase<ArtMethod> : public RegionCommon<ArtMethod> {
895 public:
RegionSpecializedBase(std::ostream * os,ArrayRef<uint8_t> remote_contents,ArrayRef<uint8_t> zygote_contents,const android::procinfo::MapInfo & boot_map,const ImageHeader & image_header,const ParentMap & parent_map,bool dump_dirty_objects)896 RegionSpecializedBase(std::ostream* os,
897 ArrayRef<uint8_t> remote_contents,
898 ArrayRef<uint8_t> zygote_contents,
899 const android::procinfo::MapInfo& boot_map,
900 const ImageHeader& image_header,
901 [[maybe_unused]] const ParentMap& parent_map,
902 [[maybe_unused]] bool dump_dirty_objects)
903 : RegionCommon<ArtMethod>(os, remote_contents, zygote_contents, boot_map, image_header),
904 os_(*os) {
905 // Prepare the table for offset to member lookups.
906 ArtMethod* art_method = reinterpret_cast<ArtMethod*>(&remote_contents[0]);
907 art_method->VisitMembers(member_info_);
908 // Prepare the table for address to symbolic entry point names.
909 BuildEntryPointNames();
910 class_linker_ = Runtime::Current()->GetClassLinker();
911 }
912
913 // Define a common public type name for use by RegionData.
914 using VisitorClass = ImgArtMethodVisitor;
915
VisitEntries(VisitorClass * visitor,uint8_t * base,PointerSize pointer_size)916 void VisitEntries(VisitorClass* visitor,
917 uint8_t* base,
918 PointerSize pointer_size)
919 REQUIRES_SHARED(Locks::mutator_lock_) {
920 RegionCommon<ArtMethod>::image_header_.VisitPackedArtMethods(*visitor, base, pointer_size);
921 }
922
VisitEntry(ArtMethod * method)923 void VisitEntry([[maybe_unused]] ArtMethod* method) REQUIRES_SHARED(Locks::mutator_lock_) {}
924
AddCleanEntry(ArtMethod * method)925 void AddCleanEntry([[maybe_unused]] ArtMethod* method) {}
926
AddFalseDirtyEntry(ArtMethod * method)927 void AddFalseDirtyEntry(ArtMethod* method)
928 REQUIRES_SHARED(Locks::mutator_lock_) {
929 RegionCommon<ArtMethod>::AddFalseDirtyEntry(method);
930 }
931
AddDirtyEntry(ArtMethod * method,ArtMethod * method_remote)932 void AddDirtyEntry(ArtMethod* method, ArtMethod* method_remote)
933 REQUIRES_SHARED(Locks::mutator_lock_) {
934 size_t entry_size = EntrySize(method);
935 ++different_entries_;
936 dirty_entry_bytes_ += entry_size;
937 // Increment counts for the fields that are dirty
938 const uint8_t* current = reinterpret_cast<const uint8_t*>(method);
939 const uint8_t* current_remote = reinterpret_cast<const uint8_t*>(method_remote);
940 // ArtMethods always log their dirty count and entries.
941 for (size_t i = 0; i < entry_size; ++i) {
942 if (current[i] != current_remote[i]) {
943 field_dirty_count_[i]++;
944 }
945 }
946 dirty_entries_.push_back(method);
947 }
948
DiffEntryContents(ArtMethod * method,uint8_t * remote_bytes,const uint8_t * base_ptr,bool log_dirty_objects)949 void DiffEntryContents(ArtMethod* method,
950 uint8_t* remote_bytes,
951 const uint8_t* base_ptr,
952 [[maybe_unused]] bool log_dirty_objects)
953 REQUIRES_SHARED(Locks::mutator_lock_) {
954 const char* tabs = " ";
955 os_ << tabs << "ArtMethod " << ArtMethod::PrettyMethod(method) << "\n";
956 PrintEntryPages(reinterpret_cast<uintptr_t>(method), EntrySize(method), os_);
957
958 std::unordered_set<size_t> dirty_members;
959 // Examine the members comprising the ArtMethod, computing which members are dirty.
960 for (const std::pair<const size_t,
961 MemberInfo::NameAndSize>& p : member_info_.offset_to_name_size_) {
962 const size_t offset = p.first;
963 if (memcmp(base_ptr + offset, remote_bytes + offset, p.second.size_) != 0) {
964 dirty_members.insert(p.first);
965 }
966 }
967 // Dump different fields.
968 if (!dirty_members.empty()) {
969 os_ << tabs << "Dirty members " << dirty_members.size() << "\n";
970 for (size_t offset : dirty_members) {
971 const MemberInfo::NameAndSize& member_info = member_info_.offset_to_name_size_[offset];
972 os_ << tabs << member_info.name_
973 << " original=" << StringFromBytes(base_ptr + offset, member_info.size_)
974 << " remote=" << StringFromBytes(remote_bytes + offset, member_info.size_)
975 << "\n";
976 }
977 }
978 os_ << "\n";
979 }
980
DumpDirtyObjects()981 void DumpDirtyObjects() REQUIRES_SHARED(Locks::mutator_lock_) {
982 }
983
DumpDirtyEntries()984 void DumpDirtyEntries() REQUIRES_SHARED(Locks::mutator_lock_) {
985 DumpSamplesAndOffsetCount();
986 os_ << " offset to field map:\n";
987 for (const std::pair<const size_t,
988 MemberInfo::NameAndSize>& p : member_info_.offset_to_name_size_) {
989 const size_t offset = p.first;
990 const size_t size = p.second.size_;
991 os_ << StringPrintf(" %zu-%zu: ", offset, offset + size - 1)
992 << p.second.name_
993 << std::endl;
994 }
995
996 os_ << " field contents:\n";
997 for (ArtMethod* method : dirty_entries_) {
998 // remote method
999 auto art_method = reinterpret_cast<ArtMethod*>(method);
1000 // remote class
1001 ObjPtr<mirror::Class> remote_declaring_class =
1002 FixUpRemotePointer(art_method->GetDeclaringClass(),
1003 RegionCommon<ArtMethod>::remote_contents_,
1004 RegionCommon<ArtMethod>::boot_map_);
1005 // local class
1006 ObjPtr<mirror::Class> declaring_class =
1007 RemoteContentsPointerToLocal(remote_declaring_class,
1008 RegionCommon<ArtMethod>::remote_contents_,
1009 RegionCommon<ArtMethod>::image_header_);
1010 DumpOneArtMethod(art_method, declaring_class, remote_declaring_class);
1011 }
1012 }
1013
DumpFalseDirtyEntries()1014 void DumpFalseDirtyEntries() REQUIRES_SHARED(Locks::mutator_lock_) {
1015 os_ << "\n" << " False-dirty ArtMethods\n";
1016 os_ << " field contents:\n";
1017 for (ArtMethod* method : false_dirty_entries_) {
1018 // local class
1019 ObjPtr<mirror::Class> declaring_class = method->GetDeclaringClass();
1020 DumpOneArtMethod(method, declaring_class, nullptr);
1021 }
1022 }
1023
DumpCleanEntries()1024 void DumpCleanEntries() REQUIRES_SHARED(Locks::mutator_lock_) {
1025 }
1026
1027 private:
1028 std::ostream& os_;
1029 MemberInfo member_info_;
1030 std::map<const void*, std::string> entry_point_names_;
1031 ClassLinker* class_linker_;
1032
1033 // Compute a map of addresses to names in the boot OAT file(s).
BuildEntryPointNames()1034 void BuildEntryPointNames() {
1035 OatFileManager& oat_file_manager = Runtime::Current()->GetOatFileManager();
1036 std::vector<const OatFile*> boot_oat_files = oat_file_manager.GetBootOatFiles();
1037 for (const OatFile* oat_file : boot_oat_files) {
1038 const OatHeader& oat_header = oat_file->GetOatHeader();
1039 const void* jdl = oat_header.GetJniDlsymLookupTrampoline();
1040 if (jdl != nullptr) {
1041 entry_point_names_[jdl] = "JniDlsymLookupTrampoline (from boot oat file)";
1042 }
1043 const void* jdlc = oat_header.GetJniDlsymLookupCriticalTrampoline();
1044 if (jdlc != nullptr) {
1045 entry_point_names_[jdlc] = "JniDlsymLookupCriticalTrampoline (from boot oat file)";
1046 }
1047 const void* qgjt = oat_header.GetQuickGenericJniTrampoline();
1048 if (qgjt != nullptr) {
1049 entry_point_names_[qgjt] = "QuickGenericJniTrampoline (from boot oat file)";
1050 }
1051 const void* qrt = oat_header.GetQuickResolutionTrampoline();
1052 if (qrt != nullptr) {
1053 entry_point_names_[qrt] = "QuickResolutionTrampoline (from boot oat file)";
1054 }
1055 const void* qict = oat_header.GetQuickImtConflictTrampoline();
1056 if (qict != nullptr) {
1057 entry_point_names_[qict] = "QuickImtConflictTrampoline (from boot oat file)";
1058 }
1059 const void* q2ib = oat_header.GetQuickToInterpreterBridge();
1060 if (q2ib != nullptr) {
1061 entry_point_names_[q2ib] = "QuickToInterpreterBridge (from boot oat file)";
1062 }
1063 }
1064 }
1065
StringFromBytes(const uint8_t * bytes,size_t size)1066 std::string StringFromBytes(const uint8_t* bytes, size_t size) {
1067 switch (size) {
1068 case 1:
1069 return StringPrintf("%" PRIx8, *bytes);
1070 case 2:
1071 return StringPrintf("%" PRIx16, *reinterpret_cast<const uint16_t*>(bytes));
1072 case 4:
1073 case 8: {
1074 // Compute an address if the bytes might contain one.
1075 uint64_t intval;
1076 if (size == 4) {
1077 intval = *reinterpret_cast<const uint32_t*>(bytes);
1078 } else {
1079 intval = *reinterpret_cast<const uint64_t*>(bytes);
1080 }
1081 const void* addr = reinterpret_cast<const void*>(intval);
1082 // Match the address against those that have Is* methods in the ClassLinker.
1083 if (class_linker_->IsQuickToInterpreterBridge(addr)) {
1084 return "QuickToInterpreterBridge";
1085 } else if (class_linker_->IsQuickGenericJniStub(addr)) {
1086 return "QuickGenericJniStub";
1087 } else if (class_linker_->IsQuickResolutionStub(addr)) {
1088 return "QuickResolutionStub";
1089 } else if (class_linker_->IsJniDlsymLookupStub(addr)) {
1090 return "JniDlsymLookupStub";
1091 } else if (class_linker_->IsJniDlsymLookupCriticalStub(addr)) {
1092 return "JniDlsymLookupCriticalStub";
1093 }
1094 // Match the address against those that we saved from the boot OAT files.
1095 if (entry_point_names_.find(addr) != entry_point_names_.end()) {
1096 return entry_point_names_[addr];
1097 }
1098 return StringPrintf("%" PRIx64, intval);
1099 }
1100 default:
1101 LOG(WARNING) << "Don't know how to convert " << size << " bytes to integer";
1102 return "<UNKNOWN>";
1103 }
1104 }
1105
DumpOneArtMethod(ArtMethod * art_method,ObjPtr<mirror::Class> declaring_class,ObjPtr<mirror::Class> remote_declaring_class)1106 void DumpOneArtMethod(ArtMethod* art_method,
1107 ObjPtr<mirror::Class> declaring_class,
1108 ObjPtr<mirror::Class> remote_declaring_class)
1109 REQUIRES_SHARED(Locks::mutator_lock_) {
1110 PointerSize pointer_size = InstructionSetPointerSize(Runtime::Current()->GetInstructionSet());
1111 os_ << " " << reinterpret_cast<const void*>(art_method) << " ";
1112 os_ << " entryPointFromJni: "
1113 << reinterpret_cast<const void*>(art_method->GetDataPtrSize(pointer_size)) << ", ";
1114 os_ << " entryPointFromQuickCompiledCode: "
1115 << reinterpret_cast<const void*>(
1116 art_method->GetEntryPointFromQuickCompiledCodePtrSize(pointer_size))
1117 << ", ";
1118 os_ << " isNative? " << (art_method->IsNative() ? "yes" : "no") << ", ";
1119 // Null for runtime metionds.
1120 if (declaring_class != nullptr) {
1121 os_ << " class_status (local): " << declaring_class->GetStatus();
1122 }
1123 if (remote_declaring_class != nullptr) {
1124 os_ << ", class_status (remote): " << remote_declaring_class->GetStatus();
1125 }
1126 os_ << "\n";
1127 }
1128
1129 DISALLOW_COPY_AND_ASSIGN(RegionSpecializedBase);
1130 };
1131
1132 template <typename T>
1133 class RegionData : public RegionSpecializedBase<T> {
1134 public:
RegionData(std::ostream * os,ArrayRef<uint8_t> remote_contents,ArrayRef<uint8_t> zygote_contents,const android::procinfo::MapInfo & boot_map,const ImageHeader & image_header,const ParentMap & parent_map,bool dump_dirty_objects)1135 RegionData(std::ostream* os,
1136 ArrayRef<uint8_t> remote_contents,
1137 ArrayRef<uint8_t> zygote_contents,
1138 const android::procinfo::MapInfo& boot_map,
1139 const ImageHeader& image_header,
1140 const ParentMap& parent_map,
1141 bool dump_dirty_objects)
1142 : RegionSpecializedBase<T>(os,
1143 remote_contents,
1144 zygote_contents,
1145 boot_map,
1146 image_header,
1147 parent_map,
1148 dump_dirty_objects),
1149 os_(*os) {
1150 CHECK(!remote_contents.empty());
1151 }
1152
1153 // Walk over the type T entries in theregion between begin_image_ptr and end_image_ptr,
1154 // collecting and reporting data regarding dirty, difference, etc.
ProcessRegion(const MappingData & mapping_data,RemoteProcesses remotes,const uint8_t * begin_image_ptr)1155 void ProcessRegion(const MappingData& mapping_data,
1156 RemoteProcesses remotes,
1157 const uint8_t* begin_image_ptr)
1158 REQUIRES_SHARED(Locks::mutator_lock_) {
1159 typename RegionSpecializedBase<T>::VisitorClass visitor(
1160 [this, begin_image_ptr, &mapping_data](T* entry) REQUIRES_SHARED(Locks::mutator_lock_) {
1161 this->ComputeEntryDirty(entry, begin_image_ptr, mapping_data.dirty_page_set);
1162 });
1163 PointerSize pointer_size = InstructionSetPointerSize(Runtime::Current()->GetInstructionSet());
1164 RegionSpecializedBase<T>::VisitEntries(&visitor,
1165 const_cast<uint8_t*>(begin_image_ptr),
1166 pointer_size);
1167
1168 // Looking at only dirty pages, figure out how many of those bytes belong to dirty entries.
1169 // TODO: fix this now that there are multiple regions in a mapping.
1170 float true_dirtied_percent =
1171 (RegionCommon<T>::GetDirtyEntryBytes() * 1.0f) /
1172 (mapping_data.dirty_pages * MemMap::GetPageSize());
1173
1174 // Entry specific statistics.
1175 os_ << RegionCommon<T>::GetDifferentEntryCount() << " different entries, \n "
1176 << RegionCommon<T>::GetDirtyEntryBytes() << " different entry [bytes], \n "
1177 << RegionCommon<T>::GetFalseDirtyEntryCount() << " false dirty entries,\n "
1178 << RegionCommon<T>::GetFalseDirtyEntryBytes() << " false dirty entry [bytes], \n "
1179 << true_dirtied_percent << " different entries-vs-total in a dirty page;\n "
1180 << "\n";
1181
1182 const uint8_t* base_ptr = begin_image_ptr;
1183 switch (remotes) {
1184 case RemoteProcesses::kZygoteOnly:
1185 os_ << " Zygote shared dirty entries: ";
1186 break;
1187 case RemoteProcesses::kImageAndZygote:
1188 os_ << " Application dirty entries (private dirty): ";
1189 // If we are dumping private dirty, diff against the zygote map to make it clearer what
1190 // fields caused the page to be private dirty.
1191 base_ptr = RegionCommon<T>::zygote_contents_.data();
1192 break;
1193 case RemoteProcesses::kImageOnly:
1194 os_ << " Application dirty entries (unknown whether private or shared dirty): ";
1195 break;
1196 }
1197 DiffDirtyEntries(RegionCommon<T>::image_dirty_entries_,
1198 begin_image_ptr,
1199 RegionCommon<T>::remote_contents_,
1200 base_ptr,
1201 /*log_dirty_objects=*/true);
1202 RegionSpecializedBase<T>::DumpDirtyObjects();
1203 RegionSpecializedBase<T>::DumpDirtyEntries();
1204 RegionSpecializedBase<T>::DumpFalseDirtyEntries();
1205 RegionSpecializedBase<T>::DumpCleanEntries();
1206 }
1207
1208 private:
1209 std::ostream& os_;
1210
DiffDirtyEntries(const std::set<T * > & entries,const uint8_t * begin_image_ptr,ArrayRef<uint8_t> contents,const uint8_t * base_ptr,bool log_dirty_objects)1211 void DiffDirtyEntries(const std::set<T*>& entries,
1212 const uint8_t* begin_image_ptr,
1213 ArrayRef<uint8_t> contents,
1214 const uint8_t* base_ptr,
1215 bool log_dirty_objects)
1216 REQUIRES_SHARED(Locks::mutator_lock_) {
1217 os_ << RegionCommon<T>::dirty_entries_.size() << "\n";
1218 for (T* entry : entries) {
1219 uint8_t* entry_bytes = reinterpret_cast<uint8_t*>(entry);
1220 ptrdiff_t offset = entry_bytes - begin_image_ptr;
1221 uint8_t* remote_bytes = &contents[offset];
1222 RegionSpecializedBase<T>::DiffEntryContents(
1223 entry, remote_bytes, &base_ptr[offset], log_dirty_objects);
1224 }
1225 }
1226
ComputeEntryDirty(T * entry,const uint8_t * begin_image_ptr,const std::set<size_t> & dirty_pages)1227 void ComputeEntryDirty(T* entry,
1228 const uint8_t* begin_image_ptr,
1229 const std::set<size_t>& dirty_pages)
1230 REQUIRES_SHARED(Locks::mutator_lock_) {
1231 // Set up pointers in the remote and the zygote for comparison.
1232 uint8_t* current = reinterpret_cast<uint8_t*>(entry);
1233 ptrdiff_t offset = current - begin_image_ptr;
1234 T* entry_remote =
1235 reinterpret_cast<T*>(const_cast<uint8_t*>(&RegionCommon<T>::remote_contents_[offset]));
1236 const bool have_zygote = !RegionCommon<T>::zygote_contents_.empty();
1237 const uint8_t* current_zygote =
1238 have_zygote ? &RegionCommon<T>::zygote_contents_[offset] : nullptr;
1239 T* entry_zygote = reinterpret_cast<T*>(const_cast<uint8_t*>(current_zygote));
1240 // Visit and classify entries at the current location.
1241 RegionSpecializedBase<T>::VisitEntry(entry);
1242
1243 // Test private dirty first.
1244 bool is_dirty = false;
1245 if (have_zygote) {
1246 if (EntriesDiffer(entry, entry_zygote, entry_remote)) {
1247 // Private dirty, app vs zygote.
1248 is_dirty = true;
1249 RegionCommon<T>::AddImageDirtyEntry(entry);
1250 }
1251 } else if (EntriesDiffer(entry, entry_remote, entry)) {
1252 // Shared or private dirty, app vs image.
1253 is_dirty = true;
1254 RegionCommon<T>::AddImageDirtyEntry(entry);
1255 }
1256 if (is_dirty) {
1257 // TODO: Add support dirty entries in zygote and image.
1258 RegionSpecializedBase<T>::AddDirtyEntry(entry, entry_remote);
1259 } else {
1260 RegionSpecializedBase<T>::AddCleanEntry(entry);
1261 if (RegionCommon<T>::IsEntryOnDirtyPage(entry, dirty_pages)) {
1262 // This entry was either never mutated or got mutated back to the same value.
1263 // TODO: Do I want to distinguish a "different" vs a "dirty" page here?
1264 RegionSpecializedBase<T>::AddFalseDirtyEntry(entry);
1265 }
1266 }
1267 }
1268
1269 DISALLOW_COPY_AND_ASSIGN(RegionData);
1270 };
1271
1272 } // namespace
1273
1274
1275 class ImgDiagDumper {
1276 public:
ImgDiagDumper(std::ostream * os,pid_t image_diff_pid,pid_t zygote_diff_pid,bool dump_dirty_objects)1277 explicit ImgDiagDumper(std::ostream* os,
1278 pid_t image_diff_pid,
1279 pid_t zygote_diff_pid,
1280 bool dump_dirty_objects)
1281 : os_(os),
1282 image_diff_pid_(image_diff_pid),
1283 zygote_diff_pid_(zygote_diff_pid),
1284 dump_dirty_objects_(dump_dirty_objects),
1285 zygote_pid_only_(false) {}
1286
Init()1287 bool Init() {
1288 std::ostream& os = *os_;
1289
1290 if (image_diff_pid_ < 0 || zygote_diff_pid_ < 0) {
1291 // TODO: ComputeDirtyBytes must be modified
1292 // to support single app/zygote to bootimage comparison
1293 os << "Both --image-diff-pid and --zygote-diff-pid must be specified.\n";
1294 return false;
1295 }
1296
1297 // To avoid the combinations of command-line argument use cases:
1298 // If the user invoked with only --zygote-diff-pid, shuffle that to
1299 // image_diff_pid_, invalidate zygote_diff_pid_, and remember that
1300 // image_diff_pid_ is now special.
1301 if (image_diff_pid_ < 0) {
1302 image_diff_pid_ = zygote_diff_pid_;
1303 zygote_diff_pid_ = -1;
1304 zygote_pid_only_ = true;
1305 }
1306
1307 {
1308 struct stat sts;
1309 std::string proc_pid_str =
1310 StringPrintf("/proc/%ld", static_cast<long>(image_diff_pid_)); // NOLINT [runtime/int]
1311 if (stat(proc_pid_str.c_str(), &sts) == -1) {
1312 os << "Process does not exist";
1313 return false;
1314 }
1315 }
1316
1317 auto open_proc_maps = [&os](pid_t pid,
1318 /*out*/ std::vector<android::procinfo::MapInfo>* proc_maps) {
1319 if (!android::procinfo::ReadProcessMaps(pid, proc_maps)) {
1320 os << "Could not read process maps for " << pid;
1321 return false;
1322 }
1323 return true;
1324 };
1325 auto open_file = [&os] (const char* file_name, /*out*/ std::unique_ptr<File>* file) {
1326 file->reset(OS::OpenFileForReading(file_name));
1327 if (*file == nullptr) {
1328 os << "Failed to open " << file_name << " for reading";
1329 return false;
1330 }
1331 return true;
1332 };
1333 auto open_mem_file = [&open_file](pid_t pid, /*out*/ std::unique_ptr<File>* mem_file) {
1334 // Open /proc/<pid>/mem and for reading remote contents.
1335 std::string mem_file_name =
1336 StringPrintf("/proc/%ld/mem", static_cast<long>(pid)); // NOLINT [runtime/int]
1337 return open_file(mem_file_name.c_str(), mem_file);
1338 };
1339 auto open_pagemap_file = [&open_file](pid_t pid, /*out*/ std::unique_ptr<File>* pagemap_file) {
1340 // Open /proc/<pid>/pagemap.
1341 std::string pagemap_file_name = StringPrintf(
1342 "/proc/%ld/pagemap", static_cast<long>(pid)); // NOLINT [runtime/int]
1343 return open_file(pagemap_file_name.c_str(), pagemap_file);
1344 };
1345
1346 // Open files for inspecting image memory.
1347 std::vector<android::procinfo::MapInfo> image_proc_maps;
1348 std::unique_ptr<File> image_mem_file;
1349 std::unique_ptr<File> image_pagemap_file;
1350 if (!open_proc_maps(image_diff_pid_, &image_proc_maps) ||
1351 !open_mem_file(image_diff_pid_, &image_mem_file) ||
1352 !open_pagemap_file(image_diff_pid_, &image_pagemap_file)) {
1353 return false;
1354 }
1355
1356 // If zygote_diff_pid_ != -1, open files for inspecting zygote memory.
1357 std::vector<android::procinfo::MapInfo> zygote_proc_maps;
1358 std::unique_ptr<File> zygote_mem_file;
1359 std::unique_ptr<File> zygote_pagemap_file;
1360 if (zygote_diff_pid_ != -1) {
1361 if (!open_proc_maps(zygote_diff_pid_, &zygote_proc_maps) ||
1362 !open_mem_file(zygote_diff_pid_, &zygote_mem_file) ||
1363 !open_pagemap_file(zygote_diff_pid_, &zygote_pagemap_file)) {
1364 return false;
1365 }
1366 }
1367
1368 std::unique_ptr<File> kpageflags_file;
1369 std::unique_ptr<File> kpagecount_file;
1370 if (!open_file("/proc/kpageflags", &kpageflags_file) ||
1371 !open_file("/proc/kpagecount", &kpagecount_file)) {
1372 return false;
1373 }
1374
1375 // TODO: Rewrite imgdiag to load boot image without creating a runtime.
1376
1377 // Commit the mappings and files.
1378 image_proc_maps_ = std::move(image_proc_maps);
1379 image_mem_file_ = std::move(*image_mem_file);
1380 image_pagemap_file_ = std::move(*image_pagemap_file);
1381 if (zygote_diff_pid_ != -1) {
1382 zygote_proc_maps_ = std::move(zygote_proc_maps);
1383 zygote_mem_file_ = std::move(*zygote_mem_file);
1384 zygote_pagemap_file_ = std::move(*zygote_pagemap_file);
1385 }
1386 kpageflags_file_ = std::move(*kpageflags_file);
1387 kpagecount_file_ = std::move(*kpagecount_file);
1388
1389 return true;
1390 }
1391
Dump(const ImageHeader & image_header,const std::string & image_location,const ParentMap & parent_map)1392 bool Dump(const ImageHeader& image_header,
1393 const std::string& image_location,
1394 const ParentMap& parent_map) REQUIRES_SHARED(Locks::mutator_lock_) {
1395 std::ostream& os = *os_;
1396 os << "IMAGE LOCATION: " << image_location << "\n\n";
1397
1398 os << "MAGIC: " << image_header.GetMagic() << "\n\n";
1399
1400 os << "IMAGE BEGIN: " << reinterpret_cast<void*>(image_header.GetImageBegin()) << "\n\n";
1401
1402 PrintPidLine("IMAGE", image_diff_pid_);
1403 os << "\n\n";
1404 PrintPidLine("ZYGOTE", zygote_diff_pid_);
1405 bool ret = true;
1406 if (image_diff_pid_ >= 0 || zygote_diff_pid_ >= 0) {
1407 ret = DumpImageDiff(image_header, image_location, parent_map);
1408 os << "\n\n";
1409 }
1410
1411 os << std::flush;
1412
1413 return ret;
1414 }
1415
1416 private:
DumpImageDiff(const ImageHeader & image_header,const std::string & image_location,const ParentMap & parent_map)1417 bool DumpImageDiff(const ImageHeader& image_header,
1418 const std::string& image_location,
1419 const ParentMap& parent_map) REQUIRES_SHARED(Locks::mutator_lock_) {
1420 return DumpImageDiffMap(image_header, image_location, parent_map);
1421 }
1422
ComputeDirtyBytes(const ImageHeader & image_header,const android::procinfo::MapInfo & boot_map,ArrayRef<uint8_t> remote_contents,ArrayRef<uint8_t> zygote_contents,MappingData * mapping_data,std::string * error_msg)1423 bool ComputeDirtyBytes(const ImageHeader& image_header,
1424 const android::procinfo::MapInfo& boot_map,
1425 ArrayRef<uint8_t> remote_contents,
1426 ArrayRef<uint8_t> zygote_contents,
1427 MappingData* mapping_data /*out*/,
1428 std::string* error_msg /*out*/) {
1429 // Iterate through one page at a time. Boot map begin/end already implicitly aligned.
1430 for (uintptr_t begin = boot_map.start; begin != boot_map.end; begin += MemMap::GetPageSize()) {
1431 const ptrdiff_t offset = begin - boot_map.start;
1432
1433 // We treat the image header as part of the memory map for now
1434 // If we wanted to change this, we could pass base=start+sizeof(ImageHeader)
1435 // But it might still be interesting to see if any of the ImageHeader data mutated
1436 const uint8_t* zygote_ptr = &zygote_contents[offset];
1437 const uint8_t* remote_ptr = &remote_contents[offset];
1438
1439 if (memcmp(zygote_ptr, remote_ptr, MemMap::GetPageSize()) != 0) {
1440 mapping_data->different_pages++;
1441
1442 // Count the number of 32-bit integers that are different.
1443 for (size_t i = 0; i < MemMap::GetPageSize() / sizeof(uint32_t); ++i) {
1444 const uint32_t* remote_ptr_int32 = reinterpret_cast<const uint32_t*>(remote_ptr);
1445 const uint32_t* zygote_ptr_int32 = reinterpret_cast<const uint32_t*>(zygote_ptr);
1446
1447 if (remote_ptr_int32[i] != zygote_ptr_int32[i]) {
1448 mapping_data->different_int32s++;
1449 }
1450 }
1451 // Count the number of bytes that are different.
1452 for (size_t i = 0; i < MemMap::GetPageSize(); ++i) {
1453 if (remote_ptr[i] != zygote_ptr[i]) {
1454 mapping_data->different_bytes++;
1455 }
1456 }
1457 }
1458 }
1459
1460 for (uintptr_t begin = boot_map.start; begin != boot_map.end; begin += MemMap::GetPageSize()) {
1461 ptrdiff_t offset = begin - boot_map.start;
1462
1463 // Virtual page number (for an absolute memory address)
1464 size_t virtual_page_idx = begin / MemMap::GetPageSize();
1465
1466 uint64_t page_count = 0xC0FFEE;
1467 // TODO: virtual_page_idx needs to be from the same process
1468 int dirtiness = (IsPageDirty(image_pagemap_file_, // Image-diff-pid procmap
1469 zygote_pagemap_file_, // Zygote procmap
1470 kpageflags_file_,
1471 kpagecount_file_,
1472 virtual_page_idx, // compare same page in image
1473 virtual_page_idx, // and zygote
1474 /*out*/ page_count,
1475 /*out*/ *error_msg));
1476 if (dirtiness < 0) {
1477 return false;
1478 } else if (dirtiness > 0) {
1479 mapping_data->dirty_pages++;
1480 mapping_data->dirty_page_set.insert(mapping_data->dirty_page_set.end(), virtual_page_idx);
1481 }
1482
1483 const bool is_dirty = dirtiness > 0;
1484 const bool is_private = page_count == 1;
1485
1486 if (is_private) {
1487 mapping_data->private_pages++;
1488 }
1489
1490 if (is_dirty && is_private) {
1491 mapping_data->private_dirty_pages++;
1492 for (size_t i = 0; i < ImageHeader::kSectionCount; ++i) {
1493 const ImageHeader::ImageSections section = static_cast<ImageHeader::ImageSections>(i);
1494 if (image_header.GetImageSection(section).Contains(offset)) {
1495 mapping_data->private_dirty_pages_for_section[i] += 1;
1496 }
1497 }
1498 }
1499 }
1500 mapping_data->false_dirty_pages = mapping_data->dirty_pages - mapping_data->different_pages;
1501
1502 return true;
1503 }
1504
PrintMappingData(const MappingData & mapping_data,const ImageHeader & image_header)1505 void PrintMappingData(const MappingData& mapping_data, const ImageHeader& image_header) {
1506 std::ostream& os = *os_;
1507 // Print low-level (bytes, int32s, pages) statistics.
1508 os << mapping_data.different_bytes << " differing bytes,\n "
1509 << mapping_data.different_int32s << " differing int32s,\n "
1510 << mapping_data.different_pages << " differing pages,\n "
1511 << mapping_data.dirty_pages << " pages are dirty;\n "
1512 << mapping_data.false_dirty_pages << " pages are false dirty;\n "
1513 << mapping_data.private_pages << " pages are private;\n "
1514 << mapping_data.private_dirty_pages << " pages are Private_Dirty\n "
1515 << "\n";
1516
1517 size_t total_private_dirty_pages = std::accumulate(
1518 mapping_data.private_dirty_pages_for_section.begin(),
1519 mapping_data.private_dirty_pages_for_section.end(),
1520 0u);
1521 os << "Image sections (total private dirty pages " << total_private_dirty_pages << ")\n";
1522 for (size_t i = 0; i < ImageHeader::kSectionCount; ++i) {
1523 const ImageHeader::ImageSections section = static_cast<ImageHeader::ImageSections>(i);
1524 os << section << " " << image_header.GetImageSection(section)
1525 << " private dirty pages=" << mapping_data.private_dirty_pages_for_section[i] << "\n";
1526 }
1527 os << "\n";
1528 }
1529
1530 // Look at /proc/$pid/mem and only diff the things from there
DumpImageDiffMap(const ImageHeader & image_header,const std::string & image_location,const ParentMap & parent_map)1531 bool DumpImageDiffMap(const ImageHeader& image_header,
1532 const std::string& image_location,
1533 const ParentMap& parent_map) REQUIRES_SHARED(Locks::mutator_lock_) {
1534 std::ostream& os = *os_;
1535 std::string error_msg;
1536
1537 std::string image_location_base_name = GetImageLocationBaseName(image_location);
1538 auto find_boot_map = [&os, &image_location_base_name](
1539 const std::vector<android::procinfo::MapInfo>& maps,
1540 const char* tag) -> std::optional<android::procinfo::MapInfo> {
1541 // Find the memory map for the current boot image component.
1542 for (const android::procinfo::MapInfo& map_info : maps) {
1543 // The map name ends with ']' if it's an anonymous memmap. We need to special case that
1544 // to find the boot image map in some cases.
1545 if (map_info.name.ends_with(image_location_base_name) ||
1546 map_info.name.ends_with(image_location_base_name + "]")) {
1547 if ((map_info.flags & PROT_WRITE) != 0) {
1548 return map_info;
1549 }
1550 // In actuality there's more than 1 map, but the second one is read-only.
1551 // The one we care about is the write-able map.
1552 // The readonly maps are guaranteed to be identical, so its not interesting to compare
1553 // them.
1554 }
1555 }
1556 os << "Could not find map for " << image_location_base_name << " in " << tag;
1557 return std::nullopt;
1558 };
1559
1560 // Find the current boot image mapping.
1561 std::optional<android::procinfo::MapInfo> maybe_boot_map =
1562 find_boot_map(image_proc_maps_, "image");
1563 if (!maybe_boot_map) {
1564 return false;
1565 }
1566 android::procinfo::MapInfo& boot_map = *maybe_boot_map;
1567 // Check the validity of the boot_map_.
1568 CHECK(boot_map.end >= boot_map.start);
1569
1570 // Adjust the `end` of the mapping. Some other mappings may have been
1571 // inserted within the image.
1572 boot_map.end = RoundUp(boot_map.start + image_header.GetImageSize(), MemMap::GetPageSize());
1573 // The size of the boot image mapping.
1574 size_t boot_map_size = boot_map.end - boot_map.start;
1575
1576 // If zygote_diff_pid_ != -1, check that the zygote boot map is the same.
1577 if (zygote_diff_pid_ != -1) {
1578 std::optional<android::procinfo::MapInfo> maybe_zygote_boot_map =
1579 find_boot_map(zygote_proc_maps_, "zygote");
1580 if (!maybe_zygote_boot_map) {
1581 return false;
1582 }
1583 android::procinfo::MapInfo& zygote_boot_map = *maybe_zygote_boot_map;
1584 // Adjust the `end` of the mapping. Some other mappings may have been
1585 // inserted within the image.
1586 zygote_boot_map.end = RoundUp(zygote_boot_map.start + image_header.GetImageSize(),
1587 MemMap::GetPageSize());
1588 if (zygote_boot_map.start != boot_map.start) {
1589 os << "Zygote boot map does not match image boot map: "
1590 << "zygote begin " << reinterpret_cast<const void*>(zygote_boot_map.start)
1591 << ", zygote end " << reinterpret_cast<const void*>(zygote_boot_map.end)
1592 << ", image begin " << reinterpret_cast<const void*>(boot_map.start)
1593 << ", image end " << reinterpret_cast<const void*>(boot_map.end);
1594 return false;
1595 }
1596 }
1597
1598 // Walk the bytes and diff against our boot image
1599 os << "\nObserving boot image header at address "
1600 << reinterpret_cast<const void*>(&image_header)
1601 << "\n\n";
1602
1603 const uint8_t* image_begin_unaligned = image_header.GetImageBegin();
1604 const uint8_t* image_end_unaligned = image_begin_unaligned + image_header.GetImageSize();
1605
1606 // Adjust range to nearest page
1607 const uint8_t* image_begin = AlignDown(image_begin_unaligned, MemMap::GetPageSize());
1608 const uint8_t* image_end = AlignUp(image_end_unaligned, MemMap::GetPageSize());
1609
1610 size_t image_size = image_end - image_begin;
1611 if (image_size != boot_map_size) {
1612 os << "Remote boot map size does not match local boot map size: "
1613 << "local size " << image_size
1614 << ", remote size " << boot_map_size;
1615 return false;
1616 }
1617
1618 auto read_contents = [&](File* mem_file,
1619 /*out*/ MemMap* map,
1620 /*out*/ ArrayRef<uint8_t>* contents) {
1621 DCHECK_ALIGNED_PARAM(boot_map.start, MemMap::GetPageSize());
1622 DCHECK_ALIGNED_PARAM(boot_map_size, MemMap::GetPageSize());
1623 std::string name = "Contents of " + mem_file->GetPath();
1624 std::string local_error_msg;
1625 // We need to use low 4 GiB memory so that we can walk the objects using standard
1626 // functions that use ObjPtr<> which is checking that it fits into lower 4 GiB.
1627 *map = MemMap::MapAnonymous(name.c_str(),
1628 boot_map_size,
1629 PROT_READ | PROT_WRITE,
1630 /* low_4gb= */ true,
1631 &local_error_msg);
1632 if (!map->IsValid()) {
1633 os << "Failed to allocate anonymous mapping for " << boot_map_size << " bytes.\n";
1634 return false;
1635 }
1636 if (!mem_file->PreadFully(map->Begin(), boot_map_size, boot_map.start)) {
1637 os << "Could not fully read file " << image_mem_file_.GetPath();
1638 return false;
1639 }
1640 *contents = ArrayRef<uint8_t>(map->Begin(), boot_map_size);
1641 return true;
1642 };
1643 // The contents of /proc/<image_diff_pid_>/mem.
1644 MemMap remote_contents_map;
1645 ArrayRef<uint8_t> remote_contents;
1646 if (!read_contents(&image_mem_file_, &remote_contents_map, &remote_contents)) {
1647 return false;
1648 }
1649 // The contents of /proc/<zygote_diff_pid_>/mem.
1650 MemMap zygote_contents_map;
1651 ArrayRef<uint8_t> zygote_contents;
1652 if (zygote_diff_pid_ != -1) {
1653 if (!read_contents(&zygote_mem_file_, &zygote_contents_map, &zygote_contents)) {
1654 return false;
1655 }
1656 }
1657
1658 // TODO: We need to update the entire diff to work with the ASLR. b/77856493
1659 // Since the images may be relocated, just check the sizes.
1660 if (static_cast<uintptr_t>(image_end - image_begin) != boot_map.end - boot_map.start) {
1661 os << "Remote boot map is a different size than local boot map: " <<
1662 "local begin " << reinterpret_cast<const void*>(image_begin) <<
1663 ", local end " << reinterpret_cast<const void*>(image_end) <<
1664 ", remote begin " << reinterpret_cast<const void*>(boot_map.start) <<
1665 ", remote end " << reinterpret_cast<const void*>(boot_map.end);
1666 return false;
1667 // For more validation should also check the ImageHeader from the file
1668 }
1669
1670
1671 RemoteProcesses remotes;
1672 if (zygote_pid_only_) {
1673 remotes = RemoteProcesses::kZygoteOnly;
1674 } else if (zygote_diff_pid_ > 0) {
1675 remotes = RemoteProcesses::kImageAndZygote;
1676 } else {
1677 remotes = RemoteProcesses::kImageOnly;
1678 }
1679
1680 // Only app vs zygote is supported at the moment
1681 CHECK_EQ(remotes, RemoteProcesses::kImageAndZygote);
1682
1683 MappingData mapping_data;
1684 if (!ComputeDirtyBytes(image_header,
1685 boot_map,
1686 remote_contents,
1687 zygote_contents,
1688 &mapping_data,
1689 &error_msg)) {
1690 os << error_msg;
1691 return false;
1692 }
1693 os << "Mapping at [" << reinterpret_cast<void*>(boot_map.start) << ", "
1694 << reinterpret_cast<void*>(boot_map.end) << ") had:\n ";
1695 PrintMappingData(mapping_data, image_header);
1696
1697 // Check all the mirror::Object entries in the image.
1698 RegionData<mirror::Object> object_region_data(os_,
1699 remote_contents,
1700 zygote_contents,
1701 boot_map,
1702 image_header,
1703 parent_map,
1704 dump_dirty_objects_);
1705 object_region_data.ProcessRegion(mapping_data,
1706 remotes,
1707 image_begin_unaligned);
1708
1709 // Check all the ArtMethod entries in the image.
1710 RegionData<ArtMethod> artmethod_region_data(os_,
1711 remote_contents,
1712 zygote_contents,
1713 boot_map,
1714 image_header,
1715 parent_map,
1716 dump_dirty_objects_);
1717 artmethod_region_data.ProcessRegion(mapping_data,
1718 remotes,
1719 image_begin_unaligned);
1720 return true;
1721 }
1722
IsPageDirty(File & page_map_file,File & clean_pagemap_file,File & kpageflags_file,File & kpagecount_file,size_t virtual_page_idx,size_t clean_virtual_page_idx,uint64_t & page_count,std::string & error_msg)1723 static int IsPageDirty(File& page_map_file,
1724 File& clean_pagemap_file,
1725 File& kpageflags_file,
1726 File& kpagecount_file,
1727 size_t virtual_page_idx,
1728 size_t clean_virtual_page_idx,
1729 // Out parameters:
1730 uint64_t& page_count,
1731 std::string& error_msg) {
1732 // Check that files are not the same. Note that actual file paths can be equal, such as in
1733 // ImgDiagTest.ImageDiffPidSelf, where imgdiag compares memory pages against itself.
1734 // CHECK_NE(page_map_file.GetPath(), clean_pagemap_file.GetPath());
1735 CHECK_NE(&page_map_file, &clean_pagemap_file);
1736
1737 // Constants are from https://www.kernel.org/doc/Documentation/vm/pagemap.txt
1738
1739 uint64_t page_frame_number = 0;
1740 if (!GetPageFrameNumber(page_map_file, virtual_page_idx, page_frame_number, error_msg)) {
1741 return -1;
1742 }
1743
1744 uint64_t page_frame_number_clean = 0;
1745 if (!GetPageFrameNumber(
1746 clean_pagemap_file, clean_virtual_page_idx, page_frame_number_clean, error_msg)) {
1747 return -1;
1748 }
1749
1750 // Read 64-bit entry from /proc/kpageflags to get the dirty bit for a page
1751 uint64_t kpage_flags_entry = 0;
1752 if (!GetPageFlagsOrCount(
1753 kpageflags_file, page_frame_number, /*out*/ kpage_flags_entry, error_msg)) {
1754 return -1;
1755 }
1756
1757 // Read 64-bit entyry from /proc/kpagecount to get mapping counts for a page
1758 if (!GetPageFlagsOrCount(kpagecount_file, page_frame_number, /*out*/ page_count, error_msg)) {
1759 return -1;
1760 }
1761
1762 // There must be a page frame at the requested address.
1763 CHECK_EQ(kpage_flags_entry & kPageFlagsNoPageMask, 0u);
1764 // The page frame must be memory mapped
1765 CHECK_NE(kpage_flags_entry & kPageFlagsMmapMask, 0u);
1766
1767 return (page_frame_number != page_frame_number_clean) ? 1 : 0;
1768 }
1769
PrintPidLine(const std::string & kind,pid_t pid)1770 void PrintPidLine(const std::string& kind, pid_t pid) {
1771 if (pid < 0) {
1772 *os_ << kind << " DIFF PID: disabled\n\n";
1773 } else {
1774 *os_ << kind << " DIFF PID (" << pid << "): ";
1775 }
1776 }
1777
1778 // Return suffix of the file path after the last /. (e.g. /foo/bar -> bar, bar -> bar)
BaseName(const std::string & str)1779 static std::string BaseName(const std::string& str) {
1780 size_t idx = str.rfind('/');
1781 if (idx == std::string::npos) {
1782 return str;
1783 }
1784
1785 return str.substr(idx + 1);
1786 }
1787
1788 // Return the image location, stripped of any directories, e.g. "boot.art"
GetImageLocationBaseName(const std::string & image_location)1789 static std::string GetImageLocationBaseName(const std::string& image_location) {
1790 return BaseName(std::string(image_location));
1791 }
1792
1793 std::ostream* os_;
1794 pid_t image_diff_pid_; // Dump image diff against boot.art if pid is non-negative
1795 pid_t zygote_diff_pid_; // Dump image diff against zygote boot.art if pid is non-negative
1796 bool dump_dirty_objects_; // Adds dumping of objects that are dirty.
1797 bool zygote_pid_only_; // The user only specified a pid for the zygote.
1798
1799 // Used for finding the memory mapping of the image file.
1800 std::vector<android::procinfo::MapInfo> image_proc_maps_;
1801 // A File for reading /proc/<image_diff_pid_>/mem.
1802 File image_mem_file_;
1803 // A File for reading /proc/<image_diff_pid_>/pagemap.
1804 File image_pagemap_file_;
1805
1806 // Used for finding the memory mapping of the zygote image file.
1807 std::vector<android::procinfo::MapInfo> zygote_proc_maps_;
1808 // A File for reading /proc/<zygote_diff_pid_>/mem.
1809 File zygote_mem_file_;
1810 // A File for reading /proc/<zygote_diff_pid_>/pagemap.
1811 File zygote_pagemap_file_;
1812
1813 // A File for reading /proc/kpageflags.
1814 File kpageflags_file_;
1815 // A File for reading /proc/kpagecount.
1816 File kpagecount_file_;
1817
1818 DISALLOW_COPY_AND_ASSIGN(ImgDiagDumper);
1819 };
1820
DumpImage(Runtime * runtime,std::ostream * os,pid_t image_diff_pid,pid_t zygote_diff_pid,bool dump_dirty_objects)1821 static int DumpImage(Runtime* runtime,
1822 std::ostream* os,
1823 pid_t image_diff_pid,
1824 pid_t zygote_diff_pid,
1825 bool dump_dirty_objects) {
1826 ScopedObjectAccess soa(Thread::Current());
1827 gc::Heap* heap = runtime->GetHeap();
1828 const std::vector<gc::space::ImageSpace*>& image_spaces = heap->GetBootImageSpaces();
1829 CHECK(!image_spaces.empty());
1830 ImgDiagDumper img_diag_dumper(os,
1831 image_diff_pid,
1832 zygote_diff_pid,
1833 dump_dirty_objects);
1834 if (!img_diag_dumper.Init()) {
1835 return EXIT_FAILURE;
1836 }
1837
1838 std::vector<const ImageHeader*> image_headers;
1839 for (gc::space::ImageSpace* image_space : image_spaces) {
1840 const ImageHeader& image_header = image_space->GetImageHeader();
1841 if (!image_header.IsValid()) {
1842 continue;
1843 }
1844 image_headers.push_back(&image_header);
1845 }
1846 ParentMap parent_map = CalculateParentMap(image_headers);
1847 size_t unreachable_objects = CountUnreachableObjects(parent_map, image_headers);
1848 *os << "Number of non-string objects not reached from classes: " << unreachable_objects << "\n";
1849
1850 for (gc::space::ImageSpace* image_space : image_spaces) {
1851 const ImageHeader& image_header = image_space->GetImageHeader();
1852 if (!image_header.IsValid()) {
1853 fprintf(stderr, "Invalid image header %s\n", image_space->GetImageLocation().c_str());
1854 return EXIT_FAILURE;
1855 }
1856
1857 if (!img_diag_dumper.Dump(image_header, image_space->GetImageLocation(), parent_map)) {
1858 return EXIT_FAILURE;
1859 }
1860 }
1861 return EXIT_SUCCESS;
1862 }
1863
1864 struct ImgDiagArgs : public CmdlineArgs {
1865 protected:
1866 using Base = CmdlineArgs;
1867
ParseCustomart::ImgDiagArgs1868 ParseStatus ParseCustom(const char* raw_option,
1869 size_t raw_option_length,
1870 std::string* error_msg) override {
1871 DCHECK_EQ(strlen(raw_option), raw_option_length);
1872 {
1873 ParseStatus base_parse = Base::ParseCustom(raw_option, raw_option_length, error_msg);
1874 if (base_parse != kParseUnknownArgument) {
1875 return base_parse;
1876 }
1877 }
1878
1879 std::string_view option(raw_option, raw_option_length);
1880 if (option.starts_with("--image-diff-pid=")) {
1881 const char* image_diff_pid = raw_option + strlen("--image-diff-pid=");
1882
1883 if (!android::base::ParseInt(image_diff_pid, &image_diff_pid_)) {
1884 *error_msg = "Image diff pid out of range";
1885 return kParseError;
1886 }
1887 } else if (option.starts_with("--zygote-diff-pid=")) {
1888 const char* zygote_diff_pid = raw_option + strlen("--zygote-diff-pid=");
1889
1890 if (!android::base::ParseInt(zygote_diff_pid, &zygote_diff_pid_)) {
1891 *error_msg = "Zygote diff pid out of range";
1892 return kParseError;
1893 }
1894 } else if (option == "--dump-dirty-objects") {
1895 dump_dirty_objects_ = true;
1896 } else {
1897 return kParseUnknownArgument;
1898 }
1899
1900 return kParseOk;
1901 }
1902
ParseChecksart::ImgDiagArgs1903 ParseStatus ParseChecks(std::string* error_msg) override {
1904 // Perform the parent checks.
1905 ParseStatus parent_checks = Base::ParseChecks(error_msg);
1906 if (parent_checks != kParseOk) {
1907 return parent_checks;
1908 }
1909
1910 // Perform our own checks.
1911
1912 if (kill(image_diff_pid_,
1913 /*sig*/0) != 0) { // No signal is sent, perform error-checking only.
1914 // Check if the pid exists before proceeding.
1915 if (errno == ESRCH) {
1916 *error_msg = "Process specified does not exist";
1917 } else {
1918 *error_msg = StringPrintf("Failed to check process status: %s", strerror(errno));
1919 }
1920 return kParseError;
1921 } else if (instruction_set_ != InstructionSet::kNone && instruction_set_ != kRuntimeISA) {
1922 // Don't allow different ISAs since the images are ISA-specific.
1923 // Right now the code assumes both the runtime ISA and the remote ISA are identical.
1924 *error_msg = "Must use the default runtime ISA; changing ISA is not supported.";
1925 return kParseError;
1926 }
1927
1928 return kParseOk;
1929 }
1930
GetUsageart::ImgDiagArgs1931 std::string GetUsage() const override {
1932 std::string usage;
1933
1934 usage +=
1935 "Usage: imgdiag [options] ...\n"
1936 " Example: imgdiag --image-diff-pid=$(pidof dex2oat)\n"
1937 " Example: adb shell imgdiag --image-diff-pid=$(pid zygote)\n"
1938 "\n";
1939
1940 usage += Base::GetUsage();
1941
1942 usage += // Optional.
1943 " --image-diff-pid=<pid>: provide the PID of a process whose boot.art you want to diff.\n"
1944 " Example: --image-diff-pid=$(pid zygote)\n"
1945 " --zygote-diff-pid=<pid>: provide the PID of the zygote whose boot.art you want to diff "
1946 "against.\n"
1947 " Example: --zygote-diff-pid=$(pid zygote)\n"
1948 " --dump-dirty-objects: additionally output dirty objects of interest.\n"
1949 "\n";
1950
1951 return usage;
1952 }
1953
1954 public:
1955 pid_t image_diff_pid_ = -1;
1956 pid_t zygote_diff_pid_ = -1;
1957 bool dump_dirty_objects_ = false;
1958 };
1959
1960 struct ImgDiagMain : public CmdlineMain<ImgDiagArgs> {
ExecuteWithRuntimeart::ImgDiagMain1961 bool ExecuteWithRuntime(Runtime* runtime) override {
1962 CHECK(args_ != nullptr);
1963
1964 return DumpImage(runtime,
1965 args_->os_,
1966 args_->image_diff_pid_,
1967 args_->zygote_diff_pid_,
1968 args_->dump_dirty_objects_) == EXIT_SUCCESS;
1969 }
1970 };
1971
1972 } // namespace art
1973
main(int argc,char ** argv)1974 int main(int argc, char** argv) {
1975 art::ImgDiagMain main;
1976 return main.Main(argc, argv);
1977 }
1978