15508613237

Committed 07 Jun 2025 01:38PM UTC coverage: 93.043% (+0.07%) from 92.974%

Build # 15508613237

Build Type

push

github

Committed by

Buristan

Commit Message

Rework stack overflow handling.

Reported by pwnhacker0x18. Fixed by Peter Cawley.

(cherry picked from commit defe61a56)

In case of the Lua stack overflow error, LuaJIT restores the `L->top`
value and pushes the error message above. It is possible that the
restored value is greater than `L->maxstack`, so pushing the error
message causes dirty write out-of-bounds.

This patch prevents it by overwriting stack overflow handling machinery.
Now, in the aforementioned case, the last frame is replaced with a dummy
frame to avoid dirty writes. In some cases, there may not be enough
space on the stack to invoke the error handler. See the related changes
in the <test/LuaJIT-tests/lang/stackov.lua>.

Sergey Kaplun:
* added the description and the test for the problem

Part of tarantool/tarantool#11278

Reviewed-by: Sergey Bronnikov <sergeyb@tarantool.org>
Signed-off-by: Sergey Kaplun <skaplun@tarantool.org>
(cherry picked from commit 58dcabe69)

Coverage Stats

5710 of 6045 branches covered (94.46%)

Branch coverage included in aggregate %.

29 of 31 new or added lines in 2 files covered. (93.55%)

8 existing lines in 3 files now uncovered.

21785 of 23506 relevant lines covered (92.68%)

3959381.77 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

85.59

/src/lj_sysprof.c

/*
** Implementation of sysprof - platform and Lua profiler.
*/

#define lj_sysprof_c
#define LUA_CORE

#include "lj_arch.h"
#include "lj_sysprof.h"

#if LJ_HASSYSPROF

#include "lj_obj.h"
#include "lj_debug.h"
#include "lj_dispatch.h"
#include "lj_frame.h"

#if LJ_HASJIT
#include "lj_jit.h"
#include "lj_trace.h"
#endif

#include "lj_wbuf.h"
#include "lj_profile_timer.h"
#include "lj_symtab.h"

#include <pthread.h>
#include <errno.h>
#include <execinfo.h>

/*
** Number of profiler frames we need to omit during stack
** unwinding.
**   +------------------------+
** 0 | default_backtrace_host |
**   +------------------------+
** 1 | stream_backtrace_host  |
**   +------------------------+
** 2 |  stream_{guest/host}   |
**   +------------------------+
** 3 |      stream_event      |
**   +------------------------+
** 4 | sysprof_record_sample  |
**   +------------------------+
** 5 | sysprof_signal_handler |
**   +------------------------+
*/
#define SYSPROF_HANDLER_STACK_DEPTH 6
#define SYSPROF_BACKTRACE_FRAME_MAX 512

/* Check that vmstate fits in 4 bits (see streaming format) */
#define vmstfit4(st) ((st & ~(uint32_t)((1 << 4) - 1)) == 0)

enum sysprof_state {
  /* Profiler is not running. */
  SPS_IDLE,
  /* Profiler is running. */
  SPS_PROFILE,
  /*
  ** Stopped in case of stopped or failed stream.
  ** Saved errno is set at luaM_sysprof_stop.
  */
  SPS_HALT
};

struct sysprof {
  global_State *g; /* Profiled VM. */
  pthread_t thread; /* Profiled thread. */
  volatile sig_atomic_t state; /* Internal state. */
  struct lj_wbuf out; /* Output accumulator. */
  struct luam_Sysprof_Counters counters; /* Profiling counters. */
  struct luam_Sysprof_Options opt; /* Profiling options. */
  luam_Sysprof_writer writer; /* Writer function for profile events. */
  luam_Sysprof_on_stop on_stop; /* Callback on profiling stopping. */
  luam_Sysprof_backtracer backtracer; /* Backtracing function for the host stack. */
  lj_profile_timer timer; /* Profiling timer. */
  int saved_errno; /* Saved errno when profiler failed. */
};
/*
** XXX: Only one VM can be profiled at a time.
*/

static struct sysprof sysprof = {0};

/* --- Stream ------------------------------------------------------------- */

static const uint8_t ljp_header[] = {'l', 'j', 'p', LJP_FORMAT_VERSION,
                                      0x0, 0x0, 0x0};

static int stream_is_needed(struct sysprof *sp)
{
  return sp->opt.mode != LUAM_SYSPROF_DEFAULT;
}

static int is_unconfigured(struct sysprof *sp)
{
  return sp->backtracer == NULL || sp->on_stop == NULL || sp->writer == NULL;
}

static void stream_prologue(struct sysprof *sp)
{
  /*
  ** XXX: Must be zero for the symtab module to dump all loaded libraries.
  */
  uint32_t unused_lib_adds = 0;
  lj_symtab_dump(&sp->out, sp->g, &unused_lib_adds);
  lj_wbuf_addn(&sp->out, ljp_header, sizeof(ljp_header));
}

static void stream_epilogue(struct sysprof *sp)
{
  lj_wbuf_addbyte(&sp->out, LJP_EPILOGUE_BYTE);
}

static void stream_ffunc_impl(struct lj_wbuf *buf, uint8_t ffid)
{
  lj_wbuf_addbyte(buf, LJP_FRAME_FFUNC);
  lj_wbuf_addu64(buf, ffid);
}

static void stream_lfunc(struct lj_wbuf *buf, const GCfunc *func)
{
  lj_assertX(isluafunc(func), "bad lua function in sysprof stream");
  const GCproto *pt = funcproto(func);
  lj_assertX(pt != NULL, "bad lua function prototype in sysprof stream");
  lj_wbuf_addbyte(buf, LJP_FRAME_LFUNC);
  lj_wbuf_addu64(buf, (uintptr_t)pt);
  lj_wbuf_addu64(buf, (uint64_t)pt->firstline);
}

static void stream_cfunc(struct lj_wbuf *buf, const GCfunc *func)
{
  lj_assertX(iscfunc(func), "bad C function in sysprof stream");
  lj_wbuf_addbyte(buf, LJP_FRAME_CFUNC);
  lj_wbuf_addu64(buf, (uintptr_t)func->c.f);
}

static void stream_ffunc(struct lj_wbuf *buf, const GCfunc *func)
{
  lj_assertX(isffunc(func), "bad fast function in sysprof stream");
  stream_ffunc_impl(buf, func->c.ffid);
}

static void stream_frame_lua(struct lj_wbuf *buf, const cTValue *frame)
{
  const GCfunc *func = frame_func(frame);
  lj_assertX(func != NULL, "bad function in sysprof stream");
  if (isluafunc(func))
    stream_lfunc(buf, func);
  else if (isffunc(func))
    stream_ffunc(buf, func);
  else if (iscfunc(func))
    stream_cfunc(buf, func);
  else
    /* Unreachable. */
    lj_assertX(0, "bad function type in sysprof stream");
}

static void stream_backtrace_lua(struct sysprof *sp, uint32_t vmstate)
{
  global_State *g = sp->g;
  struct lj_wbuf *buf = &sp->out;
  cTValue *top_frame = NULL, *frame = NULL, *bot = NULL;
  lua_State *L = NULL;

  lj_assertX(g != NULL, "uninitialized global state in sysprof state");
  L = gco2th(gcref(g->cur_L));
  lj_assertG(L != NULL, "uninitialized Lua state in sysprof state");
  /*
  ** Lua stack may be inconsistent during the execution of a
  ** fast-function, so instead of updating the `top_frame` for
  ** it, its `ffid` is set instead. The first frame on the
  ** result stack is streamed manually, and the rest of the
  ** stack is streamed based on the previous `top_frame` value.
  */
  if (vmstate == LJ_VMST_FFUNC) {
    uint8_t ffid = g->top_frame_info.ffid;
    stream_ffunc_impl(buf, ffid);
  }

  top_frame = g->top_frame_info.top_frame - 1;

  bot = tvref(L->stack) + LJ_FR2;
  /* Traverse frames backwards */
  for (frame = top_frame; frame > bot; frame = frame_prev(frame)) {
    if (frame_gc(frame) == obj2gco(L) || frame_isvarg(frame))
      continue;  /* Skip dummy frames. See lj_err_optype_call(). */
    stream_frame_lua(buf, frame);
  }

  lj_wbuf_addbyte(buf, LJP_FRAME_LUA_LAST);
}

static void *stream_frame_host(int frame_no, void *addr)
{
  struct sysprof *sp = &sysprof;
  /*
  ** We don't want the profiler stack to be streamed, as it will
  ** burden the profile with unnecessary information.
  */
  if (LJ_UNLIKELY(frame_no <= SYSPROF_HANDLER_STACK_DEPTH))
    return addr;
  else if (LJ_UNLIKELY(sp->opt.mode == LUAM_SYSPROF_LEAF &&
                         frame_no > SYSPROF_HANDLER_STACK_DEPTH))
    return NULL;

  lj_wbuf_addu64(&sp->out, (uintptr_t)addr);
  return addr;
}

static void default_backtrace_host(void *(writer)(int frame_no, void *addr))
{
  static void *backtrace_buf[SYSPROF_BACKTRACE_FRAME_MAX] = {};

  struct sysprof *sp = &sysprof;
  int max_depth = sp->opt.mode == LUAM_SYSPROF_LEAF
                  ? SYSPROF_HANDLER_STACK_DEPTH + 1
                  : SYSPROF_BACKTRACE_FRAME_MAX;
  const int depth = backtrace(backtrace_buf, max_depth);
  int level;

  lj_assertX(depth <= max_depth, "depth of C stack is too big");
  for (level = SYSPROF_HANDLER_STACK_DEPTH; level < depth; ++level) {
    if (!writer(level - SYSPROF_HANDLER_STACK_DEPTH + 1, backtrace_buf[level]))
      return;
  }
}

static void stream_backtrace_host(struct sysprof *sp)
{
  lj_assertX(sp->backtracer != NULL, "uninitialized sysprof backtracer");
  sp->backtracer(stream_frame_host);
  lj_wbuf_addu64(&sp->out, (uintptr_t)LJP_FRAME_HOST_LAST);
}

#if LJ_HASJIT
static void stream_trace(struct sysprof *sp, uint32_t vmstate)
{
  lj_wbuf_addbyte(&sp->out, (uint8_t)vmstate);
  struct lj_wbuf *out = &sp->out;
  uint32_t traceno = sp->g->vmstate;
  jit_State *J = G2J(sp->g);
  GCtrace *trace = traceref(J, traceno);

  GCproto *startpt = gco2pt(gcref(trace->startpt));

  lj_wbuf_addu64(out, traceno);
  lj_wbuf_addu64(out, (uintptr_t)startpt);
  lj_wbuf_addu64(out, startpt->firstline);
}
#endif

static void stream_guest(struct sysprof *sp, uint32_t vmstate)
{
  lj_wbuf_addbyte(&sp->out, (uint8_t)vmstate);
  stream_backtrace_lua(sp, vmstate);
  stream_backtrace_host(sp);
}

static void stream_host(struct sysprof *sp, uint32_t vmstate)
{
  lj_wbuf_addbyte(&sp->out, (uint8_t)vmstate);
  stream_backtrace_host(sp);
}

typedef void (*event_streamer)(struct sysprof *sp, uint32_t vmstate);

static event_streamer event_streamers[] = {
  /* XXX: order is important */
  stream_host,  /* LJ_VMST_INTERP */
  stream_guest, /* LJ_VMST_LFUNC */
  stream_guest, /* LJ_VMST_FFUNC */
  stream_guest, /* LJ_VMST_CFUNC */
  stream_host,  /* LJ_VMST_GC */
  stream_host,  /* LJ_VMST_EXIT */
  stream_host,  /* LJ_VMST_RECORD */
  stream_host,  /* LJ_VMST_OPT */
  stream_host,  /* LJ_VMST_ASM */
#if LJ_HASJIT
  stream_trace  /* LJ_VMST_TRACE */
#endif
};

static void stream_event(struct sysprof *sp, uint32_t vmstate)
{
  event_streamer stream = NULL;

  lj_assertX(vmstfit4(vmstate), "vmstate don't fit in 4 bits");
  stream = event_streamers[vmstate];
  lj_assertX(stream != NULL, "uninitialized sysprof stream");
  stream(sp, vmstate);
}

/* -- Signal handler ------------------------------------------------------ */

static void sysprof_record_sample(struct sysprof *sp, siginfo_t *info)
{
  global_State *g = sp->g;
  uint32_t _vmstate = ~(uint32_t)(g->vmstate);
  uint32_t vmstate = _vmstate < LJ_VMST_TRACE ? _vmstate : LJ_VMST_TRACE;

  lj_assertX(pthread_self() == sp->thread,
             "bad thread during sysprof record sample");

  /* Caveat: order of counters must match vmstate order in <lj_obj.h>. */
  ((uint64_t *)&sp->counters)[vmstate]++;

  sp->counters.samples++;

  if (!stream_is_needed(sp))
    return;

  stream_event(sp, vmstate);
  if (LJ_UNLIKELY(lj_wbuf_test_flag(&sp->out, STREAM_ERRIO|STREAM_STOP))) {
    sp->saved_errno = lj_wbuf_errno(&sp->out);
    lj_wbuf_terminate(&sp->out);
    sp->state = SPS_HALT;
  }
}

static void sysprof_signal_handler(int sig, siginfo_t *info, void *ctx)
{
  struct sysprof *sp = &sysprof;
  UNUSED(sig);
  UNUSED(ctx);

  switch (sp->state) {
    case SPS_PROFILE:
      sysprof_record_sample(sp, info);
      break;

    case SPS_IDLE:
    case SPS_HALT:
      /* noop */
      break;

    default:
      lj_assertX(0, "bad sysprof profiler state");
      break;
  }
}

/* -- Internal ------------------------------------------------------------ */

static int sysprof_validate(struct sysprof *sp,
                            const struct luam_Sysprof_Options *opt)
{
  switch (sp->state) {
    case SPS_IDLE:
      if (opt->mode > LUAM_SYSPROF_CALLGRAPH) {
        return PROFILE_ERRUSE;
      } else if (opt->mode != LUAM_SYSPROF_DEFAULT &&
                 (opt->buf == NULL || opt->len == 0 || is_unconfigured(sp))) {
        return PROFILE_ERRUSE;
      } else if (opt->interval == 0) {
        return PROFILE_ERRUSE;
      }
      break;

    case SPS_PROFILE:
    case SPS_HALT:
      return PROFILE_ERRRUN;

    default:
      lj_assertX(0, "bad sysprof profiler state");
      break;
  }

  return PROFILE_SUCCESS;
}

static int sysprof_init(struct sysprof *sp, lua_State *L,
                        const struct luam_Sysprof_Options *opt)
{
  const int status = sysprof_validate(sp, opt);
  if (PROFILE_SUCCESS != status)
    return status;

  /* Copy validated options to sysprof state. */
  memcpy(&sp->opt, opt, sizeof(sp->opt));

  /* Init general fields. */
  sp->g = G(L);
  sp->thread = pthread_self();

  /* Reset counters. */
  memset(&sp->counters, 0, sizeof(sp->counters));

  /* Reset saved errno. */
  sp->saved_errno = 0;

  if (stream_is_needed(sp))
    lj_wbuf_init(&sp->out, sp->writer, opt->ctx, opt->buf, opt->len);

  return PROFILE_SUCCESS;
}

/* -- Public profiling API ------------------------------------------------ */

int lj_sysprof_set_writer(luam_Sysprof_writer writer) {
  struct sysprof *sp = &sysprof;

  if (sp->state != SPS_IDLE || writer == NULL)
    return PROFILE_ERRUSE;

  sp->writer = writer;
  if (!is_unconfigured(sp)) {
    sp->state = SPS_IDLE;
  }
  return PROFILE_SUCCESS;
}

int lj_sysprof_set_on_stop(luam_Sysprof_on_stop on_stop) {
  struct sysprof *sp = &sysprof;

  if (sp->state != SPS_IDLE || on_stop == NULL)
    return PROFILE_ERRUSE;

  sp->on_stop = on_stop;
  if (!is_unconfigured(sp)) {
    sp->state = SPS_IDLE;
  }
  return PROFILE_SUCCESS;
}

int lj_sysprof_set_backtracer(luam_Sysprof_backtracer backtracer) {
  struct sysprof *sp = &sysprof;

  if (sp->state != SPS_IDLE)
    return PROFILE_ERRUSE;
  if (backtracer == NULL) {
    sp->backtracer = default_backtrace_host;
    /*
    ** XXX: `backtrace` is not signal-safe, according to man,
    ** because it is lazy loaded on the first call, which triggers
    ** allocations. We need to call `backtrace` before starting profiling
    ** to avoid lazy loading.
    */
    void *dummy = NULL;
    backtrace(&dummy, 1);
  }
  else {
    sp->backtracer = backtracer;
  }
  if (!is_unconfigured(sp)) {
    sp->state = SPS_IDLE;
  }
  return PROFILE_SUCCESS;
}

int lj_sysprof_start(lua_State *L, const struct luam_Sysprof_Options *opt)
{
  struct sysprof *sp = &sysprof;

  int status = sysprof_init(sp, L, opt);
  if (PROFILE_SUCCESS != status) {
    if (NULL != sp->on_stop) {
      /*
      ** Initialization may fail in case of unconfigured sysprof,
      ** so we cannot guarantee cleaning up resources in this case.
      */
      sp->on_stop(opt->ctx, opt->buf);
    }
    return status;
  }

  sp->state = SPS_PROFILE;

  if (stream_is_needed(sp)) {
    stream_prologue(sp);
    if (LJ_UNLIKELY(lj_wbuf_test_flag(&sp->out, STREAM_ERRIO|STREAM_STOP))) {
      /* on_stop call may change errno value. */
      const int saved_errno = lj_wbuf_errno(&sp->out);
      /* Ignore possible errors. mp->out.buf may be NULL here. */
      sp->on_stop(opt->ctx, sp->out.buf);
      lj_wbuf_terminate(&sp->out);
      sp->state = SPS_IDLE;
      errno = saved_errno;
      return PROFILE_ERRIO;
    }
  }

  sp->timer.opt.interval_msec = opt->interval;
  sp->timer.opt.handler = sysprof_signal_handler;
  lj_profile_timer_start(&sp->timer);

  return PROFILE_SUCCESS;
}

int lj_sysprof_stop(lua_State *L)
{
  struct sysprof *sp = &sysprof;
  global_State *g = sp->g;
  struct lj_wbuf *out = &sp->out;

  if (SPS_IDLE == sp->state)
    return PROFILE_ERRRUN;
  else if (G(L) != g)
    return PROFILE_ERRUSE;

  lj_profile_timer_stop(&sp->timer);

  if (SPS_HALT == sp->state) {
    errno = sp->saved_errno;
    sp->state = SPS_IDLE;
    /* wbuf was terminated when error occurred. */
    return PROFILE_ERRIO;
  }

  sp->state = SPS_IDLE;

  if (stream_is_needed(sp)) {
    int cb_status = 0;

    stream_epilogue(sp);
    lj_wbuf_flush(out);

    cb_status = sp->on_stop(sp->opt.ctx, out->buf);
    if (LJ_UNLIKELY(lj_wbuf_test_flag(out, STREAM_ERRIO | STREAM_STOP)) ||
        cb_status != 0) {
      errno = lj_wbuf_errno(out);
      lj_wbuf_terminate(out);
      return PROFILE_ERRIO;
    }

    lj_wbuf_terminate(out);
  }

  return PROFILE_SUCCESS;
}

int lj_sysprof_report(struct luam_Sysprof_Counters *counters)
{
  const struct sysprof *sp = &sysprof;
  memcpy(counters, &sp->counters, sizeof(sp->counters));
  return PROFILE_SUCCESS;
}

void lj_sysprof_add_proto(const struct GCproto *pt)
{
  struct sysprof *sp = &sysprof;

  if (sp->state != SPS_PROFILE || sp->opt.mode == LUAM_SYSPROF_DEFAULT)
    return;

  /*
  ** XXX: Avoid sampling during the symtab extension. That shouldn't have any
  ** significant effect on profile precision, but if it does, it's better to
  ** implement an async-safe queue for the symtab events.
  */
  sp->state = SPS_IDLE;
  lj_wbuf_addbyte(&sp->out, LJP_SYMTAB_LFUNC_EVENT);
  lj_symtab_dump_proto(&sp->out, pt);
  sp->state = SPS_PROFILE;
}

#if LJ_HASJIT
void lj_sysprof_add_trace(const struct GCtrace *tr)
{
  struct sysprof *sp = &sysprof;

  if (sp->state != SPS_PROFILE || sp->opt.mode == LUAM_SYSPROF_DEFAULT)
    return;

  /* See the comment about the sysprof state above. */
  sp->state = SPS_IDLE;
  lj_wbuf_addbyte(&sp->out, LJP_SYMTAB_TRACE_EVENT);
  lj_symtab_dump_trace(&sp->out, tr);
  sp->state = SPS_PROFILE;
}
#endif /* LJ_HASJIT */

#else /* LJ_HASSYSPROF */

int lj_sysprof_set_writer(luam_Sysprof_writer writer) {
  UNUSED(writer);
  return PROFILE_ERRUSE;
}

int lj_sysprof_set_on_stop(luam_Sysprof_on_stop on_stop) {
  UNUSED(on_stop);
  return PROFILE_ERRUSE;
}

int lj_sysprof_set_backtracer(luam_Sysprof_backtracer backtracer) {
  UNUSED(backtracer);
  return PROFILE_ERRUSE;
}

int lj_sysprof_start(lua_State *L, const struct luam_Sysprof_Options *opt)
{
  UNUSED(L);
  return PROFILE_ERRUSE;
}

int lj_sysprof_stop(lua_State *L)
{
  UNUSED(L);
  return PROFILE_ERRUSE;
}

int lj_sysprof_report(struct luam_Sysprof_Counters *counters)
{
  UNUSED(counters);
  return PROFILE_ERRUSE;
}

void lj_sysprof_add_proto(const struct GCproto *pt)
{
  UNUSED(pt);
}

#if LJ_HASJIT
void lj_sysprof_add_trace(const struct GCtrace *tr)
{
  UNUSED(tr);
}
#endif /* LJ_HASJIT */

#endif /* LJ_HASSYSPROF */

1	/*
2	** Implementation of sysprof - platform and Lua profiler.
3	*/
4
5	#define lj_sysprof_c
6	#define LUA_CORE
7
8	#include "lj_arch.h"
9	#include "lj_sysprof.h"
10
11	#if LJ_HASSYSPROF
12
13	#include "lj_obj.h"
14	#include "lj_debug.h"
15	#include "lj_dispatch.h"
16	#include "lj_frame.h"
17
18	#if LJ_HASJIT
19	#include "lj_jit.h"
20	#include "lj_trace.h"
21	#endif
22
23	#include "lj_wbuf.h"
24	#include "lj_profile_timer.h"
25	#include "lj_symtab.h"
26
27	#include <pthread.h>
28	#include <errno.h>
29	#include <execinfo.h>
30
31	/*
32	** Number of profiler frames we need to omit during stack
33	** unwinding.
34	** +------------------------+
35	** 0 \| default_backtrace_host \|
36	** +------------------------+
37	** 1 \| stream_backtrace_host \|
38	** +------------------------+
39	** 2 \| stream_{guest/host} \|
40	** +------------------------+
41	** 3 \| stream_event \|
42	** +------------------------+
43	** 4 \| sysprof_record_sample \|
44	** +------------------------+
45	** 5 \| sysprof_signal_handler \|
46	** +------------------------+
47	*/
48	#define SYSPROF_HANDLER_STACK_DEPTH 6
49	#define SYSPROF_BACKTRACE_FRAME_MAX 512
50
51	/* Check that vmstate fits in 4 bits (see streaming format) */
52	#define vmstfit4(st) ((st & ~(uint32_t)((1 << 4) - 1)) == 0)
53
54	enum sysprof_state {
55	/* Profiler is not running. */
56	SPS_IDLE,
57	/* Profiler is running. */
58	SPS_PROFILE,
59	/*
60	** Stopped in case of stopped or failed stream.
61	** Saved errno is set at luaM_sysprof_stop.
62	*/
63	SPS_HALT
64	};
65
66	struct sysprof {
67	global_State g; / Profiled VM. */
68	pthread_t thread; /* Profiled thread. */
69	volatile sig_atomic_t state; /* Internal state. */
70	struct lj_wbuf out; /* Output accumulator. */
71	struct luam_Sysprof_Counters counters; /* Profiling counters. */
72	struct luam_Sysprof_Options opt; /* Profiling options. */
73	luam_Sysprof_writer writer; /* Writer function for profile events. */
74	luam_Sysprof_on_stop on_stop; /* Callback on profiling stopping. */
75	luam_Sysprof_backtracer backtracer; /* Backtracing function for the host stack. */
76	lj_profile_timer timer; /* Profiling timer. */
77	int saved_errno; /* Saved errno when profiler failed. */
78	};
79	/*
80	** XXX: Only one VM can be profiled at a time.
81	*/
82
83	static struct sysprof sysprof = {0};
84
85	/* --- Stream ------------------------------------------------------------- */
86
87	static const uint8_t ljp_header[] = {'l', 'j', 'p', LJP_FORMAT_VERSION,
88	0x0, 0x0, 0x0};
89
90	static int stream_is_needed(struct sysprof *sp)	26✔
91	{
92	return sp->opt.mode != LUAM_SYSPROF_DEFAULT;	26✔
93	}
94
95	static int is_unconfigured(struct sysprof *sp)	1,144✔
96	{
97	return sp->backtracer == NULL \|\| sp->on_stop == NULL \|\| sp->writer == NULL;	386✔
98	}
99
100	static void stream_prologue(struct sysprof *sp)	5✔
101	{
102	/*
103	** XXX: Must be zero for the symtab module to dump all loaded libraries.
104	*/
105	uint32_t unused_lib_adds = 0;	5✔
106	lj_symtab_dump(&sp->out, sp->g, &unused_lib_adds);	5✔
107	lj_wbuf_addn(&sp->out, ljp_header, sizeof(ljp_header));	5✔
108	}	5✔
109
110	static void stream_epilogue(struct sysprof *sp)	5✔
111	{
112	lj_wbuf_addbyte(&sp->out, LJP_EPILOGUE_BYTE);	5✔
113	}
114
115	static void stream_ffunc_impl(struct lj_wbuf *buf, uint8_t ffid)	1✔
116	{
117	lj_wbuf_addbyte(buf, LJP_FRAME_FFUNC);	1✔
118	lj_wbuf_addu64(buf, ffid);	1✔
119	}	1✔
120
121	static void stream_lfunc(struct lj_wbuf buf, const GCfunc func)
122	{
123	lj_assertX(isluafunc(func), "bad lua function in sysprof stream");
124	const GCproto *pt = funcproto(func);
125	lj_assertX(pt != NULL, "bad lua function prototype in sysprof stream");
126	lj_wbuf_addbyte(buf, LJP_FRAME_LFUNC);
127	lj_wbuf_addu64(buf, (uintptr_t)pt);
128	lj_wbuf_addu64(buf, (uint64_t)pt->firstline);
129	}
130
131	static void stream_cfunc(struct lj_wbuf buf, const GCfunc func)	8✔
132	{
133	lj_assertX(iscfunc(func), "bad C function in sysprof stream");	8✔
134	lj_wbuf_addbyte(buf, LJP_FRAME_CFUNC);	8✔
135	lj_wbuf_addu64(buf, (uintptr_t)func->c.f);	8✔
136	}	8✔
137
UNCOV 138	static void stream_ffunc(struct lj_wbuf buf, const GCfunc func)	×
139	{
UNCOV 140	lj_assertX(isffunc(func), "bad fast function in sysprof stream");	×
UNCOV 141	stream_ffunc_impl(buf, func->c.ffid);	×
UNCOV 142	}	×
143
144	static void stream_frame_lua(struct lj_wbuf buf, const cTValue frame)	197✔
145	{
146	const GCfunc *func = frame_func(frame);	197✔
147	lj_assertX(func != NULL, "bad function in sysprof stream");	197✔
148	if (isluafunc(func))	197✔
149	stream_lfunc(buf, func);	189✔
150	else if (isffunc(func))	8✔
UNCOV 151	stream_ffunc(buf, func);	×
152	else if (iscfunc(func))	8✔
153	stream_cfunc(buf, func);	8✔
154	else
155	/* Unreachable. */
156	lj_assertX(0, "bad function type in sysprof stream");	197✔
157	}	197✔
158
159	static void stream_backtrace_lua(struct sysprof *sp, uint32_t vmstate)	9✔
160	{
161	global_State *g = sp->g;	9✔
162	struct lj_wbuf *buf = &sp->out;	9✔
163	cTValue top_frame = NULL, frame = NULL, *bot = NULL;	9✔
164	lua_State *L = NULL;	9✔
165
166	lj_assertX(g != NULL, "uninitialized global state in sysprof state");	9✔
167	L = gco2th(gcref(g->cur_L));	9✔
168	lj_assertG(L != NULL, "uninitialized Lua state in sysprof state");	9✔
169	/*
170	** Lua stack may be inconsistent during the execution of a
171	** fast-function, so instead of updating the `top_frame` for
172	** it, its `ffid` is set instead. The first frame on the
173	** result stack is streamed manually, and the rest of the
174	** stack is streamed based on the previous `top_frame` value.
175	*/
176	if (vmstate == LJ_VMST_FFUNC) {	9✔
177	uint8_t ffid = g->top_frame_info.ffid;	1✔
178	stream_ffunc_impl(buf, ffid);	1✔
179	}
180
181	top_frame = g->top_frame_info.top_frame - 1;	9✔
182
183	bot = tvref(L->stack) + LJ_FR2;	9✔
184	/* Traverse frames backwards */
185	for (frame = top_frame; frame > bot; frame = frame_prev(frame)) {	419✔
186	if (frame_gc(frame) == obj2gco(L) \|\| frame_isvarg(frame))	205✔
187	continue; /* Skip dummy frames. See lj_err_optype_call(). */	8✔
188	stream_frame_lua(buf, frame);	197✔
189	}
190
191	lj_wbuf_addbyte(buf, LJP_FRAME_LUA_LAST);	9✔
192	}	9✔
193
194	static void stream_frame_host(int frame_no, void addr)	112✔
195	{
196	struct sysprof *sp = &sysprof;	112✔
197	/*
198	** We don't want the profiler stack to be streamed, as it will
199	** burden the profile with unnecessary information.
200	*/
201	if (LJ_UNLIKELY(frame_no <= SYSPROF_HANDLER_STACK_DEPTH))	112✔
202	return addr;
203	else if (LJ_UNLIKELY(sp->opt.mode == LUAM_SYSPROF_LEAF &&	15✔
204	frame_no > SYSPROF_HANDLER_STACK_DEPTH))
205	return NULL;
206
207	lj_wbuf_addu64(&sp->out, (uintptr_t)addr);	15✔
208	return addr;	15✔
209	}
210
211	static void default_backtrace_host(void (writer)(int frame_no, void addr))	17✔
212	{
213	static void *backtrace_buf[SYSPROF_BACKTRACE_FRAME_MAX] = {};	17✔
214
215	struct sysprof *sp = &sysprof;	17✔
216	int max_depth = sp->opt.mode == LUAM_SYSPROF_LEAF	34✔
217	? SYSPROF_HANDLER_STACK_DEPTH + 1
218	: SYSPROF_BACKTRACE_FRAME_MAX;	17✔
219	const int depth = backtrace(backtrace_buf, max_depth);	17✔
220	int level;	17✔
221
222	lj_assertX(depth <= max_depth, "depth of C stack is too big");	17✔
223	for (level = SYSPROF_HANDLER_STACK_DEPTH; level < depth; ++level) {	146✔
224	if (!writer(level - SYSPROF_HANDLER_STACK_DEPTH + 1, backtrace_buf[level]))	112✔
225	return;
226	}
227	}
228
229	static void stream_backtrace_host(struct sysprof *sp)	17✔
230	{
231	lj_assertX(sp->backtracer != NULL, "uninitialized sysprof backtracer");	17✔
232	sp->backtracer(stream_frame_host);	17✔
233	lj_wbuf_addu64(&sp->out, (uintptr_t)LJP_FRAME_HOST_LAST);	17✔
234	}
235
236	#if LJ_HASJIT
237	static void stream_trace(struct sysprof *sp, uint32_t vmstate)	×
238	{
239	lj_wbuf_addbyte(&sp->out, (uint8_t)vmstate);	×
240	struct lj_wbuf *out = &sp->out;	×
241	uint32_t traceno = sp->g->vmstate;	×
242	jit_State *J = G2J(sp->g);	×
243	GCtrace *trace = traceref(J, traceno);	×
244
245	GCproto *startpt = gco2pt(gcref(trace->startpt));	×
246
247	lj_wbuf_addu64(out, traceno);	×
248	lj_wbuf_addu64(out, (uintptr_t)startpt);	×
249	lj_wbuf_addu64(out, startpt->firstline);	×
250	}	×
251	#endif
252
253	static void stream_guest(struct sysprof *sp, uint32_t vmstate)	9✔
254	{
255	lj_wbuf_addbyte(&sp->out, (uint8_t)vmstate);	9✔
256	stream_backtrace_lua(sp, vmstate);	9✔
257	stream_backtrace_host(sp);	9✔
258	}	9✔
259
260	static void stream_host(struct sysprof *sp, uint32_t vmstate)	8✔
261	{
262	lj_wbuf_addbyte(&sp->out, (uint8_t)vmstate);	8✔
263	stream_backtrace_host(sp);	8✔
264	}	8✔
265
266	typedef void (event_streamer)(struct sysprof sp, uint32_t vmstate);
267
268	static event_streamer event_streamers[] = {
269	/* XXX: order is important */
270	stream_host, /* LJ_VMST_INTERP */
271	stream_guest, /* LJ_VMST_LFUNC */
272	stream_guest, /* LJ_VMST_FFUNC */
273	stream_guest, /* LJ_VMST_CFUNC */
274	stream_host, /* LJ_VMST_GC */
275	stream_host, /* LJ_VMST_EXIT */
276	stream_host, /* LJ_VMST_RECORD */
277	stream_host, /* LJ_VMST_OPT */
278	stream_host, /* LJ_VMST_ASM */
279	#if LJ_HASJIT
280	stream_trace /* LJ_VMST_TRACE */
281	#endif
282	};
283
284	static void stream_event(struct sysprof *sp, uint32_t vmstate)
285	{
286	event_streamer stream = NULL;
287
288	lj_assertX(vmstfit4(vmstate), "vmstate don't fit in 4 bits");
289	stream = event_streamers[vmstate];
290	lj_assertX(stream != NULL, "uninitialized sysprof stream");
291	stream(sp, vmstate);
292	}
293
294	/* -- Signal handler ------------------------------------------------------ */
295
296	static void sysprof_record_sample(struct sysprof sp, siginfo_t info)
297	{
298	global_State *g = sp->g;
299	uint32_t _vmstate = ~(uint32_t)(g->vmstate);
300	uint32_t vmstate = _vmstate < LJ_VMST_TRACE ? _vmstate : LJ_VMST_TRACE;
301
302	lj_assertX(pthread_self() == sp->thread,
303	"bad thread during sysprof record sample");
304
305	/* Caveat: order of counters must match vmstate order in <lj_obj.h>. */
306	((uint64_t *)&sp->counters)[vmstate]++;
307
308	sp->counters.samples++;
309
310	if (!stream_is_needed(sp))
311	return;
312
313	stream_event(sp, vmstate);
314	if (LJ_UNLIKELY(lj_wbuf_test_flag(&sp->out, STREAM_ERRIO\|STREAM_STOP))) {
315	sp->saved_errno = lj_wbuf_errno(&sp->out);
316	lj_wbuf_terminate(&sp->out);
317	sp->state = SPS_HALT;
318	}
319	}
320
321	static void sysprof_signal_handler(int sig, siginfo_t info, void ctx)	54✔
322	{
323	struct sysprof *sp = &sysprof;	54✔
324	UNUSED(sig);	54✔
325	UNUSED(ctx);	54✔
326
327	switch (sp->state) {	54✔
328	case SPS_PROFILE:	54✔
329	sysprof_record_sample(sp, info);	54✔
330	break;	54✔
331
332	case SPS_IDLE:
333	case SPS_HALT:
334	/* noop */
335	break;
336
337	default:
338	lj_assertX(0, "bad sysprof profiler state");
339	break;
340	}
341	}	54✔
342
343	/* -- Internal ------------------------------------------------------------ */
344
345	static int sysprof_validate(struct sysprof *sp,	18✔
346	const struct luam_Sysprof_Options *opt)
347	{
348	switch (sp->state) {	18✔
349	case SPS_IDLE:	16✔
350	if (opt->mode > LUAM_SYSPROF_CALLGRAPH) {	16✔
351	return PROFILE_ERRUSE;
352	} else if (opt->mode != LUAM_SYSPROF_DEFAULT &&	15✔
353	(opt->buf == NULL \|\| opt->len == 0 \|\| is_unconfigured(sp))) {	6✔
354	return PROFILE_ERRUSE;
355	} else if (opt->interval == 0) {	14✔
356	return PROFILE_ERRUSE;	1✔
357	}
358	break;
359
360	case SPS_PROFILE:
361	case SPS_HALT:
362	return PROFILE_ERRRUN;
363
364	default:
365	lj_assertX(0, "bad sysprof profiler state");
366	break;
367	}
368
369	return PROFILE_SUCCESS;
370	}
371
372	static int sysprof_init(struct sysprof sp, lua_State L,
373	const struct luam_Sysprof_Options *opt)
374	{
375	const int status = sysprof_validate(sp, opt);
376	if (PROFILE_SUCCESS != status)
377	return status;
378
379	/* Copy validated options to sysprof state. */
380	memcpy(&sp->opt, opt, sizeof(sp->opt));
381
382	/* Init general fields. */
383	sp->g = G(L);
384	sp->thread = pthread_self();
385
386	/* Reset counters. */
387	memset(&sp->counters, 0, sizeof(sp->counters));
388
389	/* Reset saved errno. */
390	sp->saved_errno = 0;
391
392	if (stream_is_needed(sp))
393	lj_wbuf_init(&sp->out, sp->writer, opt->ctx, opt->buf, opt->len);
394
395	return PROFILE_SUCCESS;
396	}
397
398	/* -- Public profiling API ------------------------------------------------ */
399
400	int lj_sysprof_set_writer(luam_Sysprof_writer writer) {	380✔
401	struct sysprof *sp = &sysprof;	380✔
402
403	if (sp->state != SPS_IDLE \|\| writer == NULL)	380✔
404	return PROFILE_ERRUSE;
405
406	sp->writer = writer;	380✔
407	if (!is_unconfigured(sp)) {	380✔
408	sp->state = SPS_IDLE;	1✔
409	}
410	return PROFILE_SUCCESS;
411	}
412
413	int lj_sysprof_set_on_stop(luam_Sysprof_on_stop on_stop) {	380✔
414	struct sysprof *sp = &sysprof;	380✔
415
416	if (sp->state != SPS_IDLE \|\| on_stop == NULL)	380✔
417	return PROFILE_ERRUSE;
418
419	sp->on_stop = on_stop;	380✔
420	if (!is_unconfigured(sp)) {	380✔
421	sp->state = SPS_IDLE;	1✔
422	}
423	return PROFILE_SUCCESS;
424	}
425
426	int lj_sysprof_set_backtracer(luam_Sysprof_backtracer backtracer) {	379✔
427	struct sysprof *sp = &sysprof;	379✔
428
429	if (sp->state != SPS_IDLE)	379✔
430	return PROFILE_ERRUSE;
431	if (backtracer == NULL) {	379✔
432	sp->backtracer = default_backtrace_host;	379✔
433	/*
434	** XXX: `backtrace` is not signal-safe, according to man,
435	** because it is lazy loaded on the first call, which triggers
436	** allocations. We need to call `backtrace` before starting profiling
437	** to avoid lazy loading.
438	*/
439	void *dummy = NULL;	379✔
440	backtrace(&dummy, 1);	379✔
441	}
442	else {
443	sp->backtracer = backtracer;	×
444	}
445	if (!is_unconfigured(sp)) {	379✔
446	sp->state = SPS_IDLE;	379✔
447	}
448	return PROFILE_SUCCESS;
449	}
450
451	int lj_sysprof_start(lua_State L, const struct luam_Sysprof_Options opt)	18✔
452	{
453	struct sysprof *sp = &sysprof;	18✔
454
455	int status = sysprof_init(sp, L, opt);	18✔
456	if (PROFILE_SUCCESS != status) {	18✔
457	if (NULL != sp->on_stop) {	5✔
458	/*
459	** Initialization may fail in case of unconfigured sysprof,
460	** so we cannot guarantee cleaning up resources in this case.
461	*/
462	sp->on_stop(opt->ctx, opt->buf);	5✔
463	}
464	return status;	5✔
465	}
466
467	sp->state = SPS_PROFILE;	13✔
468
469	if (stream_is_needed(sp)) {	13✔
470	stream_prologue(sp);	5✔
471	if (LJ_UNLIKELY(lj_wbuf_test_flag(&sp->out, STREAM_ERRIO\|STREAM_STOP))) {	5✔
472	/* on_stop call may change errno value. */
473	const int saved_errno = lj_wbuf_errno(&sp->out);	×
474	/* Ignore possible errors. mp->out.buf may be NULL here. */
475	sp->on_stop(opt->ctx, sp->out.buf);	×
476	lj_wbuf_terminate(&sp->out);	×
477	sp->state = SPS_IDLE;	×
478	errno = saved_errno;	×
479	return PROFILE_ERRIO;	×
480	}
481	}
482
483	sp->timer.opt.interval_msec = opt->interval;	13✔
484	sp->timer.opt.handler = sysprof_signal_handler;	13✔
485	lj_profile_timer_start(&sp->timer);	13✔
486
487	return PROFILE_SUCCESS;	13✔
488	}
489
490	int lj_sysprof_stop(lua_State *L)	391✔
491	{
492	struct sysprof *sp = &sysprof;	391✔
493	global_State *g = sp->g;	391✔
494	struct lj_wbuf *out = &sp->out;	391✔
495
496	if (SPS_IDLE == sp->state)	391✔
497	return PROFILE_ERRRUN;
498	else if (G(L) != g)	13✔
499	return PROFILE_ERRUSE;
500
501	lj_profile_timer_stop(&sp->timer);	13✔
502
503	if (SPS_HALT == sp->state) {	13✔
504	errno = sp->saved_errno;	×
505	sp->state = SPS_IDLE;	×
506	/* wbuf was terminated when error occurred. */
507	return PROFILE_ERRIO;	×
508	}
509
510	sp->state = SPS_IDLE;	13✔
511
512	if (stream_is_needed(sp)) {	13✔
513	int cb_status = 0;	5✔
514
515	stream_epilogue(sp);	5✔
516	lj_wbuf_flush(out);	5✔
517
518	cb_status = sp->on_stop(sp->opt.ctx, out->buf);	5✔
519	if (LJ_UNLIKELY(lj_wbuf_test_flag(out, STREAM_ERRIO \| STREAM_STOP)) \|\|	5✔
520	cb_status != 0) {
521	errno = lj_wbuf_errno(out);	×
522	lj_wbuf_terminate(out);	×
523	return PROFILE_ERRIO;	×
524	}
525
526	lj_wbuf_terminate(out);	5✔
527	}
528
529	return PROFILE_SUCCESS;
530	}
531
532	int lj_sysprof_report(struct luam_Sysprof_Counters *counters)	5✔
533	{
534	const struct sysprof *sp = &sysprof;	5✔
535	memcpy(counters, &sp->counters, sizeof(sp->counters));	5✔
536	return PROFILE_SUCCESS;	5✔
537	}
538
539	void lj_sysprof_add_proto(const struct GCproto *pt)	64,235✔
540	{
541	struct sysprof *sp = &sysprof;	64,235✔
542
543	if (sp->state != SPS_PROFILE \|\| sp->opt.mode == LUAM_SYSPROF_DEFAULT)	64,235✔
544	return;
545
546	/*
547	** XXX: Avoid sampling during the symtab extension. That shouldn't have any
548	** significant effect on profile precision, but if it does, it's better to
549	** implement an async-safe queue for the symtab events.
550	*/
551	sp->state = SPS_IDLE;	1✔
552	lj_wbuf_addbyte(&sp->out, LJP_SYMTAB_LFUNC_EVENT);	1✔
553	lj_symtab_dump_proto(&sp->out, pt);	1✔
554	sp->state = SPS_PROFILE;	1✔
555	}
556
557	#if LJ_HASJIT
558	void lj_sysprof_add_trace(const struct GCtrace *tr)	15,726✔
559	{
560	struct sysprof *sp = &sysprof;	15,726✔
561
562	if (sp->state != SPS_PROFILE \|\| sp->opt.mode == LUAM_SYSPROF_DEFAULT)	15,726✔
563	return;
564
565	/* See the comment about the sysprof state above. */
566	sp->state = SPS_IDLE;	×
567	lj_wbuf_addbyte(&sp->out, LJP_SYMTAB_TRACE_EVENT);	×
568	lj_symtab_dump_trace(&sp->out, tr);	×
569	sp->state = SPS_PROFILE;	×
570	}
571	#endif /* LJ_HASJIT */
572
573	#else /* LJ_HASSYSPROF */
574
575	int lj_sysprof_set_writer(luam_Sysprof_writer writer) {
576	UNUSED(writer);
577	return PROFILE_ERRUSE;
578	}
579
580	int lj_sysprof_set_on_stop(luam_Sysprof_on_stop on_stop) {
581	UNUSED(on_stop);
582	return PROFILE_ERRUSE;
583	}
584
585	int lj_sysprof_set_backtracer(luam_Sysprof_backtracer backtracer) {
586	UNUSED(backtracer);
587	return PROFILE_ERRUSE;
588	}
589
590	int lj_sysprof_start(lua_State L, const struct luam_Sysprof_Options opt)
591	{
592	UNUSED(L);
593	return PROFILE_ERRUSE;
594	}
595
596	int lj_sysprof_stop(lua_State *L)
597	{
598	UNUSED(L);
599	return PROFILE_ERRUSE;
600	}
601
602	int lj_sysprof_report(struct luam_Sysprof_Counters *counters)
603	{
604	UNUSED(counters);
605	return PROFILE_ERRUSE;
606	}
607
608	void lj_sysprof_add_proto(const struct GCproto *pt)
609	{
610	UNUSED(pt);
611	}
612
613	#if LJ_HASJIT
614	void lj_sysprof_add_trace(const struct GCtrace *tr)
615	{
616	UNUSED(tr);
617	}
618	#endif /* LJ_HASJIT */
619
620	#endif /* LJ_HASSYSPROF */

tarantool / luajit / 15508613237

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous