Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / bcc / 5a1106c6c62c735ebbc7396e5a2fc9843592dc79 / . / src / cc / bcc_syms.cc
blob: a52e3f43276e7c0bf6dc728ce4808ed2d90d465c [file] [log] [blame]
/*
* Copyright (c) 2016 GitHub, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <cxxabi.h>
#include <cstring>
#include <fcntl.h>
#include <linux/elf.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <cstdio>
#include "bcc_elf.h"
#include "bcc_perf_map.h"
#include "bcc_proc.h"
#include "bcc_syms.h"
#include "common.h"
#include "vendor/tinyformat.hpp"
#include "syms.h"
ino_t ProcStat::getinode_() {
struct stat s;
return (!stat(procfs_.c_str(), &s)) ? s.st_ino : -1;
}
bool ProcStat::is_stale() {
ino_t cur_inode = getinode_();
return (cur_inode > 0) && (cur_inode != inode_);
}
ProcStat::ProcStat(int pid)
: procfs_(tfm::format("/proc/%d/exe", pid)), inode_(getinode_()) {}
void KSyms::_add_symbol(const char *symname, uint64_t addr, void *p) {
KSyms *ks = static_cast<KSyms *>(p);
ks->syms_.emplace_back(symname, addr);
}
void KSyms::refresh() {
if (syms_.empty()) {
bcc_procutils_each_ksym(_add_symbol, this);
std::sort(syms_.begin(), syms_.end());
}
}
bool KSyms::resolve_addr(uint64_t addr, struct bcc_symbol *sym, bool demangle) {
refresh();
std::vector<Symbol>::iterator it;
if (syms_.empty())
goto unknown_symbol;
it = std::upper_bound(syms_.begin(), syms_.end(), Symbol("", addr));
if (it != syms_.begin()) {
it--;
sym->name = (*it).name.c_str();
if (demangle)
sym->demangle_name = sym->name;
sym->module = "kernel";
sym->offset = addr - (*it).addr;
return true;
}
unknown_symbol:
memset(sym, 0, sizeof(struct bcc_symbol));
return false;
}
bool KSyms::resolve_name(const char *_unused, const char *name,
uint64_t *addr) {
refresh();
if (syms_.size() != symnames_.size()) {
symnames_.clear();
for (Symbol &sym : syms_) {
symnames_[sym.name] = sym.addr;
}
}
auto it = symnames_.find(name);
if (it == symnames_.end())
return false;
*addr = it->second;
return true;
}
ProcSyms::ProcSyms(int pid, struct bcc_symbol_option *option)
: pid_(pid), procstat_(pid), mount_ns_instance_(new ProcMountNS(pid_)) {
if (option)
std::memcpy(&symbol_option_, option, sizeof(bcc_symbol_option));
else
symbol_option_ = {
.use_debug_file = 1,
.check_debug_file_crc = 1,
.use_symbol_type = (1 << STT_FUNC) | (1 << STT_GNU_IFUNC)
};
load_modules();
}
int ProcSyms::_add_load_sections(uint64_t v_addr, uint64_t mem_sz,
uint64_t file_offset, void *payload) {
auto module = static_cast<Module *>(payload);
module->ranges_.emplace_back(v_addr, v_addr + mem_sz, file_offset);
return 0;
}
void ProcSyms::load_exe() {
std::string exe = ebpf::get_pid_exe(pid_);
Module module(exe.c_str(), mount_ns_instance_.get(), &symbol_option_);
if (module.type_ != ModuleType::EXEC)
return;
ProcMountNSGuard g(mount_ns_instance_.get());
bcc_elf_foreach_load_section(exe.c_str(), &_add_load_sections, &module);
if (!module.ranges_.empty())
modules_.emplace_back(std::move(module));
}
void ProcSyms::load_modules() {
load_exe();
bcc_procutils_each_module(pid_, _add_module, this);
}
void ProcSyms::refresh() {
modules_.clear();
mount_ns_instance_.reset(new ProcMountNS(pid_));
load_modules();
procstat_.reset();
}
int ProcSyms::_add_module(const char *modname, uint64_t start, uint64_t end,
uint64_t offset, bool check_mount_ns, void *payload) {
ProcSyms *ps = static_cast<ProcSyms *>(payload);
auto it = std::find_if(
ps->modules_.begin(), ps->modules_.end(),
[=](const ProcSyms::Module &m) { return m.name_ == modname; });
if (it == ps->modules_.end()) {
auto module = Module(
modname, check_mount_ns ? ps->mount_ns_instance_.get() : nullptr,
&ps->symbol_option_);
// pid/maps doesn't account for file_offset of text within the ELF.
// It only gives the mmap offset. We need the real offset for symbol
// lookup.
if (module.type_ == ModuleType::SO) {
if (bcc_elf_get_text_scn_info(modname, &module.elf_so_addr_,
&module.elf_so_offset_) < 0) {
fprintf(stderr, "WARNING: Couldn't find .text section in %s\n", modname);
fprintf(stderr, "WARNING: BCC can't handle sym look ups for %s", modname);
}
}
if (!bcc_is_perf_map(modname) || module.type_ != ModuleType::UNKNOWN)
// Always add the module even if we can't read it, so that we could
// report correct module name. Unless it's a perf map that we only
// add readable ones.
it = ps->modules_.insert(ps->modules_.end(), std::move(module));
else
return 0;
}
it->ranges_.emplace_back(start, end, offset);
// perf-PID map is added last. We try both inside the Process's mount
// namespace + chroot, and in global /tmp. Make sure we only add one.
if (it->type_ == ModuleType::PERF_MAP)
return -1;
return 0;
}
bool ProcSyms::resolve_addr(uint64_t addr, struct bcc_symbol *sym,
bool demangle) {
if (procstat_.is_stale())
refresh();
memset(sym, 0, sizeof(struct bcc_symbol));
const char *original_module = nullptr;
uint64_t offset;
bool only_perf_map = false;
for (Module &mod : modules_) {
if (only_perf_map && (mod.type_ != ModuleType::PERF_MAP))
continue;
if (mod.contains(addr, offset)) {
if (mod.find_addr(offset, sym)) {
if (demangle) {
if (sym->name && (!strncmp(sym->name, "_Z", 2) || !strncmp(sym->name, "___Z", 4)))
sym->demangle_name =
abi::__cxa_demangle(sym->name, nullptr, nullptr, nullptr);
if (!sym->demangle_name)
sym->demangle_name = sym->name;
}
return true;
} else if (mod.type_ != ModuleType::PERF_MAP) {
// In this case, we found the address in the range of a module, but
// not able to find a symbol of that address in the module.
// Thus, we would try to find the address in perf map, and
// save the module's name in case we will need it later.
original_module = mod.name_.c_str();
only_perf_map = true;
}
}
}
// If we didn't find the symbol anywhere, the module name is probably
// set to be the perf map's name as it would be the last we tried.
// In this case, if we have found the address previously in a module,
// report the saved original module name instead.
if (original_module)
sym->module = original_module;
return false;
}
bool ProcSyms::resolve_name(const char *module, const char *name,
uint64_t *addr) {
if (procstat_.is_stale())
refresh();
for (Module &mod : modules_) {
if (mod.name_ == module)
return mod.find_name(name, addr);
}
return false;
}
ProcSyms::Module::Module(const char *name, ProcMountNS *mount_ns,
struct bcc_symbol_option *option)
: name_(name),
loaded_(false),
mount_ns_(mount_ns),
symbol_option_(option),
type_(ModuleType::UNKNOWN) {
ProcMountNSGuard g(mount_ns_);
int elf_type = bcc_elf_get_type(name_.c_str());
// The Module is an ELF file
if (elf_type >= 0) {
if (elf_type == ET_EXEC)
type_ = ModuleType::EXEC;
else if (elf_type == ET_DYN)
type_ = ModuleType::SO;
return;
}
// Other symbol files
if (bcc_is_valid_perf_map(name_.c_str()) == 1)
type_ = ModuleType::PERF_MAP;
else if (bcc_elf_is_vdso(name_.c_str()) == 1)
type_ = ModuleType::VDSO;
// Will be stored later
elf_so_offset_ = 0;
elf_so_addr_ = 0;
}
int ProcSyms::Module::_add_symbol(const char *symname, uint64_t start,
uint64_t size, void *p) {
Module *m = static_cast<Module *>(p);
auto res = m->symnames_.emplace(symname);
m->syms_.emplace_back(&*(res.first), start, size);
return 0;
}
void ProcSyms::Module::load_sym_table() {
if (loaded_)
return;
loaded_ = true;
if (type_ == ModuleType::UNKNOWN)
return;
ProcMountNSGuard g(mount_ns_);
if (type_ == ModuleType::PERF_MAP)
bcc_perf_map_foreach_sym(name_.c_str(), _add_symbol, this);
if (type_ == ModuleType::EXEC || type_ == ModuleType::SO)
bcc_elf_foreach_sym(name_.c_str(), _add_symbol, symbol_option_, this);
if (type_ == ModuleType::VDSO)
bcc_elf_foreach_vdso_sym(_add_symbol, this);
std::sort(syms_.begin(), syms_.end());
}
bool ProcSyms::Module::contains(uint64_t addr, uint64_t &offset) const {
for (const auto &range : ranges_) {
if (addr >= range.start && addr < range.end) {
if (type_ == ModuleType::SO || type_ == ModuleType::VDSO) {
// Offset within the mmap
offset = addr - range.start + range.file_offset;
// Offset within the ELF for SO symbol lookup
offset += (elf_so_addr_ - elf_so_offset_);
} else {
offset = addr;
}
return true;
}
}
return false;
}
bool ProcSyms::Module::find_name(const char *symname, uint64_t *addr) {
load_sym_table();
for (Symbol &s : syms_) {
if (*(s.name) == symname) {
*addr = type_ == ModuleType::SO ? start() + s.start : s.start;
return true;
}
}
return false;
}
bool ProcSyms::Module::find_addr(uint64_t offset, struct bcc_symbol *sym) {
load_sym_table();
sym->module = name_.c_str();
sym->offset = offset;
auto it = std::upper_bound(syms_.begin(), syms_.end(), Symbol(nullptr, offset, 0));
if (it == syms_.begin())
return false;
// 'it' points to the symbol whose start address is strictly greater than
// the address we're looking for. Start stepping backwards as long as the
// current symbol is still below the desired address, and see if the end
// of the current symbol (start + size) is above the desired address. Once
// we have a matching symbol, return it. Note that simply looking at '--it'
// is not enough, because symbols can be nested. For example, we could be
// looking for offset 0x12 with the following symbols available:
// SYMBOL START SIZE END
// goo 0x0 0x6 0x0 + 0x6 = 0x6
// foo 0x6 0x10 0x6 + 0x10 = 0x16
// bar 0x8 0x4 0x8 + 0x4 = 0xc
// baz 0x16 0x10 0x16 + 0x10 = 0x26
// The upper_bound lookup will return baz, and then going one symbol back
// brings us to bar, which does not contain offset 0x12 and is nested inside
// foo. Going back one more symbol brings us to foo, which contains 0x12
// and is a match.
// However, we also don't want to walk through the entire symbol list for
// unknown / missing symbols. So we will break if we reach a function that
// doesn't cover the function immediately before 'it', which means it is
// not possibly a nested function containing the address we're looking for.
--it;
uint64_t limit = it->start;
for (; offset >= it->start; --it) {
if (offset < it->start + it->size) {
sym->name = it->name->c_str();
sym->offset = (offset - it->start);
return true;
}
if (limit > it->start + it->size)
break;
// But don't step beyond begin()!
if (it == syms_.begin())
break;
}
return false;
}
extern "C" {
void *bcc_symcache_new(int pid, struct bcc_symbol_option *option) {
if (pid < 0)
return static_cast<void *>(new KSyms());
return static_cast<void *>(new ProcSyms(pid, option));
}
void bcc_free_symcache(void *symcache, int pid) {
if (pid < 0)
delete static_cast<KSyms*>(symcache);
else
delete static_cast<ProcSyms*>(symcache);
}
void bcc_symbol_free_demangle_name(struct bcc_symbol *sym) {
if (sym->demangle_name && (sym->demangle_name != sym->name))
free(const_cast<char*>(sym->demangle_name));
}
int bcc_symcache_resolve(void *resolver, uint64_t addr,
struct bcc_symbol *sym) {
SymbolCache *cache = static_cast<SymbolCache *>(resolver);
return cache->resolve_addr(addr, sym) ? 0 : -1;
}
int bcc_symcache_resolve_no_demangle(void *resolver, uint64_t addr,
struct bcc_symbol *sym) {
SymbolCache *cache = static_cast<SymbolCache *>(resolver);
return cache->resolve_addr(addr, sym, false) ? 0 : -1;
}
int bcc_symcache_resolve_name(void *resolver, const char *module,
const char *name, uint64_t *addr) {
SymbolCache *cache = static_cast<SymbolCache *>(resolver);
return cache->resolve_name(module, name, addr) ? 0 : -1;
}
void bcc_symcache_refresh(void *resolver) {
SymbolCache *cache = static_cast<SymbolCache *>(resolver);
cache->refresh();
}
struct mod_st {
const char *name;
uint64_t start;
uint64_t file_offset;
};
static int _find_module(const char *modname, uint64_t start, uint64_t end,
uint64_t offset, bool, void *p) {
struct mod_st *mod = (struct mod_st *)p;
if (!strcmp(modname, mod->name)) {
mod->start = start;
mod->file_offset = offset;
return -1;
}
return 0;
}
int bcc_resolve_global_addr(int pid, const char *module, const uint64_t address,
uint64_t *global) {
struct mod_st mod = {module, 0x0};
if (bcc_procutils_each_module(pid, _find_module, &mod) < 0 ||
mod.start == 0x0)
return -1;
*global = mod.start + mod.file_offset + address;
return 0;
}
static int _sym_cb_wrapper(const char *symname, uint64_t addr, uint64_t,
void *payload) {
SYM_CB cb = (SYM_CB) payload;
return cb(symname, addr);
}
int bcc_foreach_function_symbol(const char *module, SYM_CB cb) {
if (module == 0 || cb == 0)
return -1;
static struct bcc_symbol_option default_option = {
.use_debug_file = 1,
.check_debug_file_crc = 1,
.use_symbol_type = (1 << STT_FUNC) | (1 << STT_GNU_IFUNC)
};
return bcc_elf_foreach_sym(
module, _sym_cb_wrapper, &default_option, (void *)cb);
}
static int _find_sym(const char *symname, uint64_t addr, uint64_t,
void *payload) {
struct bcc_symbol *sym = (struct bcc_symbol *)payload;
if (!strcmp(sym->name, symname)) {
sym->offset = addr;
return -1;
}
return 0;
}
struct load_addr_t {
uint64_t target_addr;
uint64_t binary_addr;
};
int _find_load(uint64_t v_addr, uint64_t mem_sz, uint64_t file_offset,
void *payload) {
struct load_addr_t *addr = static_cast<load_addr_t *>(payload);
if (addr->target_addr >= v_addr && addr->target_addr < (v_addr + mem_sz)) {
addr->binary_addr = addr->target_addr - v_addr + file_offset;
return -1;
}
return 0;
}
int bcc_resolve_symname(const char *module, const char *symname,
const uint64_t addr, int pid,
struct bcc_symbol_option *option,
struct bcc_symbol *sym) {
static struct bcc_symbol_option default_option = {
.use_debug_file = 1,
.check_debug_file_crc = 1,
.use_symbol_type = BCC_SYM_ALL_TYPES,
};
if (module == NULL)
return -1;
memset(sym, 0, sizeof(bcc_symbol));
if (strchr(module, '/')) {
sym->module = strdup(module);
} else {
sym->module = bcc_procutils_which_so(module, pid);
}
if (sym->module == NULL)
return -1;
ProcMountNSGuard g(pid);
sym->name = symname;
sym->offset = addr;
if (option == NULL)
option = &default_option;
if (sym->name && sym->offset == 0x0)
if (bcc_elf_foreach_sym(sym->module, _find_sym, option, sym) < 0)
goto invalid_module;
if (sym->offset == 0x0)
goto invalid_module;
// For executable (ET_EXEC) binaries, translate the virtual address
// to physical address in the binary file.
// For shared object binaries (ET_DYN), the address from symbol table should
// already be physical address in the binary file.
if (bcc_elf_get_type(sym->module) == ET_EXEC) {
struct load_addr_t addr = {
.target_addr = sym->offset,
.binary_addr = 0x0,
};
if (bcc_elf_foreach_load_section(sym->module, &_find_load, &addr) < 0)
goto invalid_module;
if (!addr.binary_addr)
goto invalid_module;
sym->offset = addr.binary_addr;
}
return 0;
invalid_module:
if (sym->module) {
::free(const_cast<char*>(sym->module));
sym->module = NULL;
}
return -1;
}
}