1 /*
2  * Copyright (C) 2015 The Android Open Source Project
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *  * Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  *  * Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in
12  *    the documentation and/or other materials provided with the
13  *    distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19  * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22  * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #include <cxxabi.h>
30 #include <errno.h>
31 #include <inttypes.h>
32 #include <signal.h>
33 #include <stdint.h>
34 #include <stdlib.h>
35 #include <string.h>
36 #include <sys/types.h>
37 #include <unistd.h>
38 
39 #include <functional>
40 #include <mutex>
41 #include <string>
42 #include <unordered_map>
43 #include <utility>
44 #include <vector>
45 
46 #include <android-base/stringprintf.h>
47 #include <android-base/thread_annotations.h>
48 #include <platform/bionic/macros.h>
49 
50 #include "Config.h"
51 #include "DebugData.h"
52 #include "PointerData.h"
53 #include "backtrace.h"
54 #include "debug_log.h"
55 #include "malloc_debug.h"
56 #include "UnwindBacktrace.h"
57 
58 std::atomic_uint8_t PointerData::backtrace_enabled_;
59 std::atomic_bool PointerData::backtrace_dump_;
60 
61 std::mutex PointerData::pointer_mutex_;
62 std::unordered_map<uintptr_t, PointerInfoType> PointerData::pointers_ GUARDED_BY(
63     PointerData::pointer_mutex_);
64 
65 std::mutex PointerData::frame_mutex_;
66 std::unordered_map<FrameKeyType, size_t> PointerData::key_to_index_ GUARDED_BY(
67     PointerData::frame_mutex_);
68 std::unordered_map<size_t, FrameInfoType> PointerData::frames_ GUARDED_BY(PointerData::frame_mutex_);
69 std::unordered_map<size_t, std::vector<unwindstack::FrameData>> PointerData::backtraces_info_
70     GUARDED_BY(PointerData::frame_mutex_);
71 constexpr size_t kBacktraceEmptyIndex = 1;
72 size_t PointerData::cur_hash_index_ GUARDED_BY(PointerData::frame_mutex_);
73 
74 std::mutex PointerData::free_pointer_mutex_;
75 std::deque<FreePointerInfoType> PointerData::free_pointers_ GUARDED_BY(
76     PointerData::free_pointer_mutex_);
77 
78 // Buffer to use for comparison.
79 static constexpr size_t kCompareBufferSize = 512 * 1024;
80 static std::vector<uint8_t> g_cmp_mem(0);
81 
ToggleBacktraceEnable(int,siginfo_t *,void *)82 static void ToggleBacktraceEnable(int, siginfo_t*, void*) {
83   g_debug->pointer->ToggleBacktraceEnabled();
84 }
85 
EnableDump(int,siginfo_t *,void *)86 static void EnableDump(int, siginfo_t*, void*) {
87   g_debug->pointer->EnableDumping();
88 }
89 
PointerData(DebugData * debug_data)90 PointerData::PointerData(DebugData* debug_data) : OptionData(debug_data) {}
91 
Initialize(const Config & config)92 bool PointerData::Initialize(const Config& config) NO_THREAD_SAFETY_ANALYSIS {
93   pointers_.clear();
94   key_to_index_.clear();
95   frames_.clear();
96   free_pointers_.clear();
97   // A hash index of kBacktraceEmptyIndex indicates that we tried to get
98   // a backtrace, but there was nothing recorded.
99   cur_hash_index_ = kBacktraceEmptyIndex + 1;
100 
101   backtrace_enabled_ = config.backtrace_enabled();
102   if (config.backtrace_enable_on_signal()) {
103     struct sigaction64 enable_act = {};
104     enable_act.sa_sigaction = ToggleBacktraceEnable;
105     enable_act.sa_flags = SA_RESTART | SA_SIGINFO | SA_ONSTACK;
106     if (sigaction64(config.backtrace_signal(), &enable_act, nullptr) != 0) {
107       error_log("Unable to set up backtrace signal enable function: %s", strerror(errno));
108       return false;
109     }
110     if (config.options() & VERBOSE) {
111       info_log("%s: Run: 'kill -%d %d' to enable backtracing.", getprogname(),
112                config.backtrace_signal(), getpid());
113     }
114   }
115 
116   if (config.options() & BACKTRACE) {
117     struct sigaction64 act = {};
118     act.sa_sigaction = EnableDump;
119     act.sa_flags = SA_RESTART | SA_SIGINFO | SA_ONSTACK;
120     if (sigaction64(config.backtrace_dump_signal(), &act, nullptr) != 0) {
121       error_log("Unable to set up backtrace dump signal function: %s", strerror(errno));
122       return false;
123     }
124     if (config.options() & VERBOSE) {
125       info_log("%s: Run: 'kill -%d %d' to dump the backtrace.", getprogname(),
126                config.backtrace_dump_signal(), getpid());
127     }
128   }
129 
130   backtrace_dump_ = false;
131 
132   if (config.options() & FREE_TRACK) {
133     g_cmp_mem.resize(kCompareBufferSize, config.fill_free_value());
134   }
135   return true;
136 }
137 
ShouldBacktraceAllocSize(size_t size_bytes)138 static inline bool ShouldBacktraceAllocSize(size_t size_bytes) {
139   static bool only_backtrace_specific_sizes =
140       g_debug->config().options() & BACKTRACE_SPECIFIC_SIZES;
141   if (!only_backtrace_specific_sizes) {
142     return true;
143   }
144   static size_t min_size_bytes = g_debug->config().backtrace_min_size_bytes();
145   static size_t max_size_bytes = g_debug->config().backtrace_max_size_bytes();
146   return size_bytes >= min_size_bytes && size_bytes <= max_size_bytes;
147 }
148 
AddBacktrace(size_t num_frames,size_t size_bytes)149 size_t PointerData::AddBacktrace(size_t num_frames, size_t size_bytes) {
150   if (!ShouldBacktraceAllocSize(size_bytes)) {
151     return kBacktraceEmptyIndex;
152   }
153 
154   std::vector<uintptr_t> frames;
155   std::vector<unwindstack::FrameData> frames_info;
156   if (g_debug->config().options() & BACKTRACE_FULL) {
157     if (!Unwind(&frames, &frames_info, num_frames)) {
158       return kBacktraceEmptyIndex;
159     }
160   } else {
161     frames.resize(num_frames);
162     num_frames = backtrace_get(frames.data(), frames.size());
163     if (num_frames == 0) {
164       return kBacktraceEmptyIndex;
165     }
166     frames.resize(num_frames);
167   }
168 
169   FrameKeyType key{.num_frames = frames.size(), .frames = frames.data()};
170   size_t hash_index;
171   std::lock_guard<std::mutex> frame_guard(frame_mutex_);
172   auto entry = key_to_index_.find(key);
173   if (entry == key_to_index_.end()) {
174     hash_index = cur_hash_index_++;
175     key.frames = frames.data();
176     key_to_index_.emplace(key, hash_index);
177 
178     frames_.emplace(hash_index, FrameInfoType{.references = 1, .frames = std::move(frames)});
179     if (g_debug->config().options() & BACKTRACE_FULL) {
180       backtraces_info_.emplace(hash_index, std::move(frames_info));
181     }
182   } else {
183     hash_index = entry->second;
184     FrameInfoType* frame_info = &frames_[hash_index];
185     frame_info->references++;
186   }
187   return hash_index;
188 }
189 
RemoveBacktrace(size_t hash_index)190 void PointerData::RemoveBacktrace(size_t hash_index) {
191   if (hash_index <= kBacktraceEmptyIndex) {
192     return;
193   }
194 
195   std::lock_guard<std::mutex> frame_guard(frame_mutex_);
196   auto frame_entry = frames_.find(hash_index);
197   if (frame_entry == frames_.end()) {
198     error_log("hash_index %zu does not have matching frame data.", hash_index);
199     return;
200   }
201   FrameInfoType* frame_info = &frame_entry->second;
202   if (--frame_info->references == 0) {
203     FrameKeyType key{.num_frames = frame_info->frames.size(), .frames = frame_info->frames.data()};
204     key_to_index_.erase(key);
205     frames_.erase(hash_index);
206     if (g_debug->config().options() & BACKTRACE_FULL) {
207       backtraces_info_.erase(hash_index);
208     }
209   }
210 }
211 
Add(const void * ptr,size_t pointer_size)212 void PointerData::Add(const void* ptr, size_t pointer_size) {
213   size_t hash_index = 0;
214   if (backtrace_enabled_) {
215     hash_index = AddBacktrace(g_debug->config().backtrace_frames(), pointer_size);
216   }
217 
218   std::lock_guard<std::mutex> pointer_guard(pointer_mutex_);
219   uintptr_t mangled_ptr = ManglePointer(reinterpret_cast<uintptr_t>(ptr));
220   pointers_[mangled_ptr] =
221       PointerInfoType{PointerInfoType::GetEncodedSize(pointer_size), hash_index};
222 }
223 
Remove(const void * ptr)224 void PointerData::Remove(const void* ptr) {
225   size_t hash_index;
226   {
227     std::lock_guard<std::mutex> pointer_guard(pointer_mutex_);
228     uintptr_t mangled_ptr = ManglePointer(reinterpret_cast<uintptr_t>(ptr));
229     auto entry = pointers_.find(mangled_ptr);
230     if (entry == pointers_.end()) {
231       // Attempt to remove unknown pointer.
232       error_log("No tracked pointer found for 0x%" PRIxPTR, DemanglePointer(mangled_ptr));
233       return;
234     }
235     hash_index = entry->second.hash_index;
236     pointers_.erase(mangled_ptr);
237   }
238 
239   RemoveBacktrace(hash_index);
240 }
241 
GetFrames(const void * ptr,uintptr_t * frames,size_t max_frames)242 size_t PointerData::GetFrames(const void* ptr, uintptr_t* frames, size_t max_frames) {
243   size_t hash_index;
244   {
245     std::lock_guard<std::mutex> pointer_guard(pointer_mutex_);
246     uintptr_t mangled_ptr = ManglePointer(reinterpret_cast<uintptr_t>(ptr));
247     auto entry = pointers_.find(mangled_ptr);
248     if (entry == pointers_.end()) {
249       return 0;
250     }
251     hash_index = entry->second.hash_index;
252   }
253 
254   if (hash_index <= kBacktraceEmptyIndex) {
255     return 0;
256   }
257 
258   std::lock_guard<std::mutex> frame_guard(frame_mutex_);
259   auto frame_entry = frames_.find(hash_index);
260   if (frame_entry == frames_.end()) {
261     return 0;
262   }
263   FrameInfoType* frame_info = &frame_entry->second;
264   if (max_frames > frame_info->frames.size()) {
265     max_frames = frame_info->frames.size();
266   }
267   memcpy(frames, &frame_info->frames[0], max_frames * sizeof(uintptr_t));
268 
269   return max_frames;
270 }
271 
LogBacktrace(size_t hash_index)272 void PointerData::LogBacktrace(size_t hash_index) {
273   std::lock_guard<std::mutex> frame_guard(frame_mutex_);
274   if (g_debug->config().options() & BACKTRACE_FULL) {
275     auto backtrace_info_entry = backtraces_info_.find(hash_index);
276     if (backtrace_info_entry != backtraces_info_.end()) {
277       UnwindLog(backtrace_info_entry->second);
278       return;
279     }
280   } else {
281     auto frame_entry = frames_.find(hash_index);
282     if (frame_entry != frames_.end()) {
283       FrameInfoType* frame_info = &frame_entry->second;
284       backtrace_log(frame_info->frames.data(), frame_info->frames.size());
285       return;
286     }
287   }
288   error_log("  hash_index %zu does not have matching frame data.", hash_index);
289 }
290 
LogFreeError(const FreePointerInfoType & info,size_t max_cmp_bytes)291 void PointerData::LogFreeError(const FreePointerInfoType& info, size_t max_cmp_bytes) {
292   error_log(LOG_DIVIDER);
293   uintptr_t pointer = DemanglePointer(info.mangled_ptr);
294   uint8_t* memory = reinterpret_cast<uint8_t*>(pointer);
295   error_log("+++ ALLOCATION %p USED AFTER FREE", memory);
296   uint8_t fill_free_value = g_debug->config().fill_free_value();
297   for (size_t i = 0; i < max_cmp_bytes; i++) {
298     if (memory[i] != fill_free_value) {
299       error_log("  allocation[%zu] = 0x%02x (expected 0x%02x)", i, memory[i], fill_free_value);
300     }
301   }
302 
303   if (info.hash_index > kBacktraceEmptyIndex) {
304     error_log("Backtrace at time of free:");
305     LogBacktrace(info.hash_index);
306   }
307 
308   error_log(LOG_DIVIDER);
309   if (g_debug->config().options() & ABORT_ON_ERROR) {
310     abort();
311   }
312 }
313 
VerifyFreedPointer(const FreePointerInfoType & info)314 void PointerData::VerifyFreedPointer(const FreePointerInfoType& info) {
315   size_t usable_size;
316   uintptr_t pointer = DemanglePointer(info.mangled_ptr);
317   if (g_debug->HeaderEnabled()) {
318     // Check to see if the tag data has been damaged.
319     Header* header = g_debug->GetHeader(reinterpret_cast<const void*>(pointer));
320     if (header->tag != DEBUG_FREE_TAG) {
321       error_log(LOG_DIVIDER);
322       error_log("+++ ALLOCATION 0x%" PRIxPTR " HAS CORRUPTED HEADER TAG 0x%x AFTER FREE", pointer,
323                 header->tag);
324       error_log(LOG_DIVIDER);
325       if (g_debug->config().options() & ABORT_ON_ERROR) {
326         abort();
327       }
328 
329       // Stop processing here, it is impossible to tell how the header
330       // may have been damaged.
331       return;
332     }
333     usable_size = header->usable_size;
334   } else {
335     usable_size = g_dispatch->malloc_usable_size(reinterpret_cast<const void*>(pointer));
336   }
337 
338   size_t bytes = (usable_size < g_debug->config().fill_on_free_bytes())
339                      ? usable_size
340                      : g_debug->config().fill_on_free_bytes();
341   size_t max_cmp_bytes = bytes;
342   const uint8_t* memory = reinterpret_cast<const uint8_t*>(pointer);
343   while (bytes > 0) {
344     size_t bytes_to_cmp = (bytes < g_cmp_mem.size()) ? bytes : g_cmp_mem.size();
345     if (memcmp(memory, g_cmp_mem.data(), bytes_to_cmp) != 0) {
346       LogFreeError(info, max_cmp_bytes);
347     }
348     bytes -= bytes_to_cmp;
349     memory = &memory[bytes_to_cmp];
350   }
351 }
352 
AddFreed(const void * ptr,size_t size_bytes)353 void* PointerData::AddFreed(const void* ptr, size_t size_bytes) {
354   size_t hash_index = 0;
355   size_t num_frames = g_debug->config().free_track_backtrace_num_frames();
356   if (num_frames) {
357     hash_index = AddBacktrace(num_frames, size_bytes);
358   }
359 
360   void* last = nullptr;
361   std::lock_guard<std::mutex> freed_guard(free_pointer_mutex_);
362   if (free_pointers_.size() == g_debug->config().free_track_allocations()) {
363     FreePointerInfoType info(free_pointers_.front());
364     free_pointers_.pop_front();
365     VerifyFreedPointer(info);
366     RemoveBacktrace(info.hash_index);
367     last = reinterpret_cast<void*>(DemanglePointer(info.mangled_ptr));
368   }
369 
370   uintptr_t mangled_ptr = ManglePointer(reinterpret_cast<uintptr_t>(ptr));
371   free_pointers_.emplace_back(FreePointerInfoType{mangled_ptr, hash_index});
372   return last;
373 }
374 
LogFreeBacktrace(const void * ptr)375 void PointerData::LogFreeBacktrace(const void* ptr) {
376   size_t hash_index = 0;
377   {
378     uintptr_t pointer = reinterpret_cast<uintptr_t>(ptr);
379     std::lock_guard<std::mutex> freed_guard(free_pointer_mutex_);
380     for (const auto& info : free_pointers_) {
381       if (DemanglePointer(info.mangled_ptr) == pointer) {
382         hash_index = info.hash_index;
383         break;
384       }
385     }
386   }
387 
388   if (hash_index <= kBacktraceEmptyIndex) {
389     return;
390   }
391 
392   error_log("Backtrace of original free:");
393   LogBacktrace(hash_index);
394 }
395 
VerifyAllFreed()396 void PointerData::VerifyAllFreed() {
397   std::lock_guard<std::mutex> freed_guard(free_pointer_mutex_);
398   for (auto& free_info : free_pointers_) {
399     VerifyFreedPointer(free_info);
400   }
401 }
402 
GetList(std::vector<ListInfoType> * list,bool only_with_backtrace)403 void PointerData::GetList(std::vector<ListInfoType>* list, bool only_with_backtrace)
404     REQUIRES(pointer_mutex_, frame_mutex_) {
405   for (const auto& entry : pointers_) {
406     FrameInfoType* frame_info = nullptr;
407     std::vector<unwindstack::FrameData>* backtrace_info = nullptr;
408     uintptr_t pointer = DemanglePointer(entry.first);
409     size_t hash_index = entry.second.hash_index;
410     if (hash_index > kBacktraceEmptyIndex) {
411       auto frame_entry = frames_.find(hash_index);
412       if (frame_entry == frames_.end()) {
413         // Somehow wound up with a pointer with a valid hash_index, but
414         // no frame data. This should not be possible since adding a pointer
415         // occurs after the hash_index and frame data have been added.
416         // When removing a pointer, the pointer is deleted before the frame
417         // data.
418         error_log("Pointer 0x%" PRIxPTR " hash_index %zu does not exist.", pointer, hash_index);
419       } else {
420         frame_info = &frame_entry->second;
421       }
422 
423       if (g_debug->config().options() & BACKTRACE_FULL) {
424         auto backtrace_entry = backtraces_info_.find(hash_index);
425         if (backtrace_entry == backtraces_info_.end()) {
426           error_log("Pointer 0x%" PRIxPTR " hash_index %zu does not exist.", pointer, hash_index);
427         } else {
428           backtrace_info = &backtrace_entry->second;
429         }
430       }
431     }
432     if (hash_index == 0 && only_with_backtrace) {
433       continue;
434     }
435 
436     list->emplace_back(ListInfoType{pointer, 1, entry.second.RealSize(),
437                                     entry.second.ZygoteChildAlloc(), frame_info, backtrace_info});
438   }
439 
440   // Sort by the size of the allocation.
441   std::sort(list->begin(), list->end(), [](const ListInfoType& a, const ListInfoType& b) {
442     // Put zygote child allocations first.
443     bool a_zygote_child_alloc = a.zygote_child_alloc;
444     bool b_zygote_child_alloc = b.zygote_child_alloc;
445     if (a_zygote_child_alloc && !b_zygote_child_alloc) {
446       return false;
447     }
448     if (!a_zygote_child_alloc && b_zygote_child_alloc) {
449       return true;
450     }
451 
452     // Sort by size, descending order.
453     if (a.size != b.size) return a.size > b.size;
454 
455     // Put pointers with no backtrace last.
456     FrameInfoType* a_frame = a.frame_info;
457     FrameInfoType* b_frame = b.frame_info;
458     if (a_frame == nullptr && b_frame != nullptr) {
459       return false;
460     } else if (a_frame != nullptr && b_frame == nullptr) {
461       return true;
462     } else if (a_frame == nullptr && b_frame == nullptr) {
463       return a.pointer < b.pointer;
464     }
465 
466     // Put the pointers with longest backtrace first.
467     if (a_frame->frames.size() != b_frame->frames.size()) {
468       return a_frame->frames.size() > b_frame->frames.size();
469     }
470 
471     // Last sort by pointer.
472     return a.pointer < b.pointer;
473   });
474 }
475 
GetUniqueList(std::vector<ListInfoType> * list,bool only_with_backtrace)476 void PointerData::GetUniqueList(std::vector<ListInfoType>* list, bool only_with_backtrace)
477     REQUIRES(pointer_mutex_, frame_mutex_) {
478   GetList(list, only_with_backtrace);
479 
480   // Remove duplicates of size/backtraces.
481   for (auto iter = list->begin(); iter != list->end();) {
482     auto dup_iter = iter + 1;
483     bool zygote_child_alloc = iter->zygote_child_alloc;
484     size_t size = iter->size;
485     FrameInfoType* frame_info = iter->frame_info;
486     for (; dup_iter != list->end(); ++dup_iter) {
487       if (zygote_child_alloc != dup_iter->zygote_child_alloc || size != dup_iter->size ||
488           frame_info != dup_iter->frame_info) {
489         break;
490       }
491       iter->num_allocations++;
492     }
493     iter = list->erase(iter + 1, dup_iter);
494   }
495 }
496 
LogLeaks()497 void PointerData::LogLeaks() {
498   std::vector<ListInfoType> list;
499 
500   std::lock_guard<std::mutex> pointer_guard(pointer_mutex_);
501   std::lock_guard<std::mutex> frame_guard(frame_mutex_);
502   GetList(&list, false);
503 
504   size_t track_count = 0;
505   for (const auto& list_info : list) {
506     error_log("+++ %s leaked block of size %zu at 0x%" PRIxPTR " (leak %zu of %zu)", getprogname(),
507               list_info.size, list_info.pointer, ++track_count, list.size());
508     if (list_info.backtrace_info != nullptr) {
509       error_log("Backtrace at time of allocation:");
510       UnwindLog(*list_info.backtrace_info);
511     } else if (list_info.frame_info != nullptr) {
512       error_log("Backtrace at time of allocation:");
513       backtrace_log(list_info.frame_info->frames.data(), list_info.frame_info->frames.size());
514     }
515     // Do not bother to free the pointers, we are about to exit any way.
516   }
517 }
518 
GetAllocList(std::vector<ListInfoType> * list)519 void PointerData::GetAllocList(std::vector<ListInfoType>* list) {
520   std::lock_guard<std::mutex> pointer_guard(pointer_mutex_);
521   std::lock_guard<std::mutex> frame_guard(frame_mutex_);
522 
523   if (pointers_.empty()) {
524     return;
525   }
526 
527   GetList(list, false);
528 }
529 
GetInfo(uint8_t ** info,size_t * overall_size,size_t * info_size,size_t * total_memory,size_t * backtrace_size)530 void PointerData::GetInfo(uint8_t** info, size_t* overall_size, size_t* info_size,
531                           size_t* total_memory, size_t* backtrace_size) {
532   std::lock_guard<std::mutex> pointer_guard(pointer_mutex_);
533   std::lock_guard<std::mutex> frame_guard(frame_mutex_);
534 
535   if (pointers_.empty()) {
536     return;
537   }
538 
539   std::vector<ListInfoType> list;
540   GetUniqueList(&list, true);
541   if (list.empty()) {
542     return;
543   }
544 
545   *backtrace_size = g_debug->config().backtrace_frames();
546   *info_size = sizeof(size_t) * 2 + sizeof(uintptr_t) * *backtrace_size;
547   *overall_size = *info_size * list.size();
548   *info = reinterpret_cast<uint8_t*>(g_dispatch->calloc(*info_size, list.size()));
549   if (*info == nullptr) {
550     return;
551   }
552 
553   uint8_t* data = *info;
554   *total_memory = 0;
555   for (const auto& list_info : list) {
556     FrameInfoType* frame_info = list_info.frame_info;
557     *total_memory += list_info.size * list_info.num_allocations;
558     size_t allocation_size =
559         PointerInfoType::GetEncodedSize(list_info.zygote_child_alloc, list_info.size);
560     memcpy(data, &allocation_size, sizeof(size_t));
561     memcpy(&data[sizeof(size_t)], &list_info.num_allocations, sizeof(size_t));
562     if (frame_info != nullptr) {
563       memcpy(&data[2 * sizeof(size_t)], frame_info->frames.data(),
564              frame_info->frames.size() * sizeof(uintptr_t));
565     }
566     data += *info_size;
567   }
568 }
569 
Exists(const void * ptr)570 bool PointerData::Exists(const void* ptr) {
571   std::lock_guard<std::mutex> pointer_guard(pointer_mutex_);
572   uintptr_t mangled_ptr = ManglePointer(reinterpret_cast<uintptr_t>(ptr));
573   return pointers_.count(mangled_ptr) != 0;
574 }
575 
DumpLiveToFile(int fd)576 void PointerData::DumpLiveToFile(int fd) {
577   std::vector<ListInfoType> list;
578 
579   std::lock_guard<std::mutex> pointer_guard(pointer_mutex_);
580   std::lock_guard<std::mutex> frame_guard(frame_mutex_);
581   GetUniqueList(&list, false);
582 
583   size_t total_memory = 0;
584   for (const auto& info : list) {
585     total_memory += info.size * info.num_allocations;
586   }
587 
588   dprintf(fd, "Total memory: %zu\n", total_memory);
589   dprintf(fd, "Allocation records: %zd\n", list.size());
590   dprintf(fd, "Backtrace size: %zu\n", g_debug->config().backtrace_frames());
591   dprintf(fd, "\n");
592 
593   for (const auto& info : list) {
594     dprintf(fd, "z %d  sz %8zu  num    %zu  bt", (info.zygote_child_alloc) ? 1 : 0, info.size,
595             info.num_allocations);
596     FrameInfoType* frame_info = info.frame_info;
597     if (frame_info != nullptr) {
598       for (size_t i = 0; i < frame_info->frames.size(); i++) {
599         if (frame_info->frames[i] == 0) {
600           break;
601         }
602         dprintf(fd, " %" PRIxPTR, frame_info->frames[i]);
603       }
604     }
605     dprintf(fd, "\n");
606     if (info.backtrace_info != nullptr) {
607       dprintf(fd, "  bt_info");
608       for (const auto& frame : *info.backtrace_info) {
609         dprintf(fd, " {");
610         if (frame.map_info != nullptr && !frame.map_info->name().empty()) {
611           dprintf(fd, "\"%s\"", frame.map_info->name().c_str());
612         } else {
613           dprintf(fd, "\"\"");
614         }
615         dprintf(fd, " %" PRIx64, frame.rel_pc);
616         if (frame.function_name.empty()) {
617           dprintf(fd, " \"\" 0}");
618         } else {
619           char* demangled_name =
620               abi::__cxa_demangle(frame.function_name.c_str(), nullptr, nullptr, nullptr);
621           const char* name;
622           if (demangled_name != nullptr) {
623             name = demangled_name;
624           } else {
625             name = frame.function_name.c_str();
626           }
627           dprintf(fd, " \"%s\" %" PRIx64 "}", name, frame.function_offset);
628           free(demangled_name);
629         }
630       }
631       dprintf(fd, "\n");
632     }
633   }
634 }
635 
PrepareFork()636 void PointerData::PrepareFork() NO_THREAD_SAFETY_ANALYSIS {
637   free_pointer_mutex_.lock();
638   pointer_mutex_.lock();
639   frame_mutex_.lock();
640 }
641 
PostForkParent()642 void PointerData::PostForkParent() NO_THREAD_SAFETY_ANALYSIS {
643   frame_mutex_.unlock();
644   pointer_mutex_.unlock();
645   free_pointer_mutex_.unlock();
646 }
647 
PostForkChild()648 void PointerData::PostForkChild() __attribute__((no_thread_safety_analysis)) {
649   // Make sure that any potential mutexes have been released and are back
650   // to an initial state.
651   frame_mutex_.try_lock();
652   frame_mutex_.unlock();
653   pointer_mutex_.try_lock();
654   pointer_mutex_.unlock();
655   free_pointer_mutex_.try_lock();
656   free_pointer_mutex_.unlock();
657 }
658 
IteratePointers(std::function<void (uintptr_t pointer)> fn)659 void PointerData::IteratePointers(std::function<void(uintptr_t pointer)> fn) {
660   std::lock_guard<std::mutex> pointer_guard(pointer_mutex_);
661   for (const auto entry : pointers_) {
662     fn(DemanglePointer(entry.first));
663   }
664 }
665